last executing test programs: 17.662559256s ago: executing program 0 (id=1249): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="e37b34000000100001080c0900000000003e2785a3f071e4cca57d3089e0b98d1f79339b86fccf636befe1073bad4869e447c45f6d2f235d25cf885206cb5fa511048ef92f3946", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b0000000000"], 0x30}}, 0x0) 17.48929022s ago: executing program 0 (id=1251): r0 = socket$netlink(0x10, 0x3, 0x0) (async) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000140)={r0, 0x3, 0xfdb, 0x7}) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r3 = socket$inet(0xa, 0x801, 0x84) connect$inet(r3, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r3, 0x8) (async) r4 = accept4(r3, 0x0, 0x0, 0x0) connect$inet(r4, &(0x7f0000000100)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x11}}, 0x10) r5 = socket$xdp(0x2c, 0x3, 0x0) getsockopt$SO_TIMESTAMP(r5, 0x1, 0x23, &(0x7f00000003c0), &(0x7f0000000400)=0x4) (async) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000500)=@ipv4_newroute={0x34, 0x18, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x2}, @RTA_ENCAP={0x10, 0x16, 0x0, 0x1, @LWTUNNEL_IP6_ID={0xc}}]}, 0x34}}, 0x0) (async) r7 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000540), r2) (async) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(r8, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000007c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="01000000000000000000010000002c0004800500030080ff00000500030005080000050003000600faff05000300000000000500030000f3000008000100ffffffff0800020002"], 0x50}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="480000001000010000000000020000007e584123e8040e00000000", @ANYRES32, @ANYBLOB="408f010008200200280012800e000100697036677265746170000000742e29f1c5d4cf72b82859140002800800e90ab4da4497be9851cec1b2daf039ac53c6dbf819d1040000802c00060500004e240000"], 0x48}}, 0x40010) writev(r0, &(0x7f0000000000)=[{&(0x7f00000000c0)="390000001300090468fe0700000000000000ff3f04000080d139d3f70c5274f682fab900480100100000000004002b000a00010014a4ee1ee438d2fd000000000000007208", 0x45}], 0x1) syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), r8) (async) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'wpan3\x00'}) (async) r9 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000380), r2) sendmsg$NL802154_CMD_GET_WPAN_PHY(r2, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="409e0000", @ANYRES16=r9, @ANYBLOB="00022dbd7004ffdbdf250100000008000300", @ANYRES32=r0, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x8080}, 0x0) 17.456916644s ago: executing program 2 (id=1252): syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000100), r0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r1) syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r1) r2 = socket$inet_udp(0x2, 0x2, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r2) r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x56, 0x56, 0xb, [@datasec={0xb, 0x6, 0x0, 0xf, 0x2, [{0x1, 0x6, 0x2}, {0x1, 0x5}, {0x5, 0x3, 0x1}, {0x5, 0x100, 0x9}, {0x4, 0x8, 0x8}, {0x5, 0x7c1, 0xffff}], "5bcc"}]}, {0x0, [0x2e, 0x0, 0x5f, 0x2e, 0x0, 0x61, 0x2afc5d57856c7159, 0x0, 0x30]}}, &(0x7f0000000000)=""/26, 0x7b, 0x1a, 0x1, 0x2}, 0x28) bpf$TOKEN_CREATE(0x24, &(0x7f00000003c0), 0x8) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x12, 0xe, &(0x7f00000003c0)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @cgroup_sock_addr=0x33, r3}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r4, 0x18000000000002a0, 0xe80, 0x0, &(0x7f0000000100)="06ff03076844268cb89e14f008004ee0ffff00febabec41177fb86dd1402e000030c62079f4b4d2f87e5feca6aab055013f2325f1a3901050b038da1880b25181aa59d943be30043d50ea5a6b868", 0x0, 0xfe, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50) 17.337366159s ago: executing program 0 (id=1254): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000600)=ANY=[@ANYBLOB="200000006a0028562cbd7000fddbdf25000000000000000008000a0002000000"], 0x20}, 0x1, 0x0, 0x0, 0x4000000}, 0x10000000) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xc0041, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) ioctl$TUNSETVNETHDRSZ(r1, 0x400454d8, &(0x7f0000000140)=0x90) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f00000002c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw(serpent)\x00'}, 0x58) r3 = socket$inet_icmp(0x2, 0x2, 0x1) ioctl$FS_IOC_SETFLAGS(r3, 0x8919, &(0x7f0000000000)=0x10) socket$inet6(0xa, 0x80003, 0x0) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef", 0x11) r4 = accept4(r2, 0x0, 0x0, 0x80800) sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[], 0x90}, 0x1, 0x0, 0x0, 0x44004}, 0x0) write$tun(r1, &(0x7f0000000080)=ANY=[], 0xfdef) 17.333889842s ago: executing program 2 (id=1256): bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xd, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000007112bc000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2a, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = socket$kcm(0x10, 0x400000002, 0x0) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="1c0000005e0007"], 0xfe33) 17.194364254s ago: executing program 2 (id=1258): r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000280)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x86, 0x86, 0x4, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x4, 0x2, 0x2}}, @const={0xd, 0x0, 0x0, 0xa, 0x5}, @typedef={0x9, 0x0, 0x0, 0x8, 0x1}, @datasec={0x2, 0x6, 0x0, 0xf, 0x2, [{0x3, 0x81, 0x4}, {0x5, 0x0, 0xa9}, {0x5, 0x2a98, 0x4}, {0x5, 0x9, 0xfffffffe}, {0x3, 0x10, 0x5}, {0x4, 0x1, 0x7}], "d34d"}]}, {0x0, [0x0, 0x2e]}}, &(0x7f0000000340)=""/173, 0xa4, 0xad, 0x1, 0x3}, 0x28) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0xe, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="1802000080100000000000c04fa48c8a000400000085000000", @ANYRES16=r0, @ANYRES32=0x0], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r0}, 0x94) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000040)=@assoc_value={0x0}, 0x0) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000240)={r3, 0x0, 0x10}, 0xc) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000001c0)={r3, @in={{0x2, 0x4e21, @loopback}}, 0xffffffff, 0x0, 0x1000, 0x9, 0x5, 0x3ff, 0x80}, 0x9c) 16.923248091s ago: executing program 1 (id=1260): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="8c00000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000400012800b000100697036677265000030000280140007002001000000000000000000000000000014000600fc020000000000000000000000000000040012000800280070cf00000c0019800500060014000000080004"], 0x8c}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 16.918562642s ago: executing program 2 (id=1261): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x7f) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x55) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r2, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_int(r2, 0x0, 0x1, &(0x7f00000009c0)=0x1234, 0x4) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r1, 0x10e, 0x2, &(0x7f0000000000)=0x1f, 0x4) 16.75340209s ago: executing program 0 (id=1265): r0 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket(0x400000000010, 0x3, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newtfilter={0x4c, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r4, {0xffff, 0xfff1}, {}, {0x8, 0x6}}, [@filter_kind_options=@f_flow={{0x9}, {0x1c, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x7ffffffe}, @TCA_FLOW_KEYS={0x8, 0x1, 0x12032}, @TCA_FLOW_PERTURB={0x8, 0xc, 0x1}]}}]}, 0x4c}}, 0x0) 16.665347686s ago: executing program 1 (id=1266): r0 = socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000063060000bca30000000000002403000020fef6ff720af0fff8ffffff71a4f0ff000000001f030000000000002e100200000000002604fdffffff000014010000630000001d130000000000007a0a00fe0000001f0f14000000000000b503f7fff80000009500000000000000093bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98dde20358d1148272abd23da767f8c549ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb46ffffffffffffff7f1569b33d21dae356e5c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d22891202d0f5ad94b081fcd507acc9b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb9439901fb39f1d78aa60ead1883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10880fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1b9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa2000000000000000906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0900000000fbff00ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554b15dca5f77a08a83431a87881fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f783e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bcb0addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43737a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab7493c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a44434600e64a6a274000000000088b3e63a000000000000000000000000000009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e727bf10d6335332f45b8e87383930f1a4724434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc946acfb3d1a56e9ec13ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdce1f7ffffffffffffcf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b338a59c0c0247bc9412e19204caaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af11210200000000000000484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea170ab651a039d7102923e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b187ab8e0d179e6ad0dc758975e9cf77f703e742b77521149d8fdeae4b92d5edc232ca356fb86784b865adda7c921dc475276837b2619922de4d96850172602fac7d165e32419a622bdef7c91385c87c30b8a144d9b01784a8060670455f76b207517f66cf32fa0772975e0963b7373dba424beadf60d5bd08ea73e2b5620a5754455006934679b10e596821e2bd380d472c9096ca4c55d6106d0b88e38f6c54abc952c81617a06f93465241070fea3d9fc786e2625572ff2068ff84361b3883cc2c8b9a0a2f70119db13b47c924c73216bb12d1e68a03a08aa682ede113691db07b50f5e6fde6252f1520c"], &(0x7f00000001c0)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f00000000c0), 0x10}, 0x94) (async) socket$nl_route(0x10, 0x3, 0x0) (async) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4080000400000006110540000000000a6000000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x0, 0x10, &(0x7f0000000080), 0xffffffffffffffb2}, 0x48) r2 = socket(0x10, 0x803, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000400)=r1, 0x4) (async) sendmsg$nl_generic(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000005200010000000000000000080a00000008000100", @ANYRES64], 0x1c}}, 0x0) (async) getsockopt$PNPIPE_IFINDEX(r2, 0x113, 0x2, &(0x7f0000001000)=0x0, &(0x7f0000001040)=0x4) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x40d, 0x70bd29, 0x0, {0x0, 0x0, 0x0, r3, 0x9c9, 0x27059}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x4}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4}, 0x200500bc) 16.600326791s ago: executing program 1 (id=1267): sendmsg$kcm(0xffffffffffffffff, 0x0, 0x20000040) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x3, 0xe, &(0x7f0000000f40)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c03406910927c6b0b55b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfe79578e51bc53099e90f4580d760551b5b342f7cbdb9cd38bdb2209c676b2ac2deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f132020000002cbe7bc04b82d2789cb1b2b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c41146dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a42b359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780c70014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e506d1387b63112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece08ac772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2ef0ae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a3f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099bdae7ed04935c2c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adeb988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ffa3c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe4a3ced846891180604b6dd2499d16d7d9158ffffff069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb0814040000007874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dbae3428d2129ecfce1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296c6a298c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f050000000000000026049fe86e09623524f390bf79b441b75fc790c58e273cd905deb28c13c1ed1c0d9cae846b03008cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc48f97496079654f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b4749c28eb5167e9936ed327fb237a56224e49d9ea956d1798571b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecf743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be182724d95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd0403a099f32468f1561f058960d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b656dc0e32384f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bbe3e8ef76f57a2d0e69115d33394e86e4b83c0f3c2a34635f3eee4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cd082027c641ec4355eb4acff90756d1a1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8cc3fe28bc3586844f5fecb92aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a5906002fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128ab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0afd9ae134400f70b5e6aefb7eee403502732df858a2ea033b6c91c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80ffb8f386bb79f5589829b6b0679b5d65a00000000000000e6ff00000000000000000000faff0000bab50bc8508a9644d3e7c328b0ff22035c8073f8c1f0e3da7339fc81d4ab3ef2857ef70a81d8a1628da28c942571880e22df7cabae56d5ff5e483c9c1f5a258b8f1f34cc300312f76a374a6e9b3f9dbd7f538a80b00f97e47895b3201c5126feca0888956a7d768198d9c2109ac508a47ebb99c539ef45af7d87b308117a9e321a3861bc42cf41942c31268a4020221d7b1622585094eddd83c7f4acdd7f5c23d8b730bf03118261edada8b8487a3b1b7548a4687a91f12bf70bb1df3bfe7d4b92ad6fcbf401efd6eb004cf20016ad8d1dad136dd856ffca238b39482811f9c8524bf182f1956a3d044423927df28880bbd11c06407220df8e1d1d483d947d990dc175803d765ca14a915a0040b641959ad3e776b4bb4852fea12983dc18b7404914a6137dc4a78f1e0d331c60a9019c21698cd18753491df962f496f2395563e9c3d7b1228d0e488cf7e50a29541aa757f2e2ee9ff4433d65db0de5a123d569e39dce481156cbec584c9a32a8e3b032fa003192c891d83119bc950abac9147b9fcb0acd9a207b5ceb7e8ed1d91c000000000000000000000000000000141258373281153fa27e586ea82650f070d8851ac9e7ac07b37a6479d4017b5b5af3ff4c91235df4f657d77e386a329aec4d766369c86b62b01ceb028c6fcf206883633cb143016b9f5351a45a8cb4ea110ba700000000000000883416b6eff6a793c71deb7d780c4f51d86ece127c0714144916f397d398ad2fe72b710b932c15c2369cb5d2d2f6ae420672c4a626195a891ac51825077fbc286aa3866bbf18a4a8b836ea8c90af0d5f0aff55b50bc18c27875ed2628b91224b7fa9fd10ccd7c1b1a92bac529df981a6d30100e68555553625c0e91a51000000000000000000fe030f85b294f3ea1fce314a9dcefbe3b64e83c35c5e95734786ca78315793cc0e6e776d2ec07c55cd89541ec25e074e840287011cab538d79e1569df321282071d49a4dc5fb2d7da1d05249d0e153fd04aca2", @ANYRES8], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x16, 0x0, 0xffffffffffffffff, 0xffffffffffffffc9}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x13e, 0x0, &(0x7f0000000000)="06ff03076844268cb89e14f008004ee0ffff00febabec41177fb86dd1402e000030c62079f4b4d2f87e5feca6aab055013f2325f1a3901050b038da1880b25181aa59d943be30043d50ea5a6b868", 0x0, 0xfe, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50) 16.511936274s ago: executing program 3 (id=1269): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="5800000010004b0400000000000000007a000000a5eac200000036d067e5dea2850cd870c9e90acf2d32c33bca718421b5f86bb92080570e996972c560d6143db84808136b696165a2e807f3040067aeb2085d0d16d43fb4510d05a09d8d6dae29c5779abb5365893ed87678457d33ff62c44aa7a0", @ANYBLOB="3132aa9f185783f1f639f0756da3f3f52c91d34ee80edbff57509a5f07cc58ac7e37f0f422159f3c043f411831f940f703da0b92cbbf0a0b49fe16ffedd1b5e7375a514bdf76e63fe11d4228d5f1d653ef6c2b5b325ca578526c021e3945e48a3d0222d084fa8cf32c3e99c2514fbb26b0f622be58002153d7b2467e65939035a33bdae111acbb0ffa7703f9", @ANYBLOB="3c840300000000002c0012800e000100697036677265746170000000180002801400070000000000000000000000ffffffffffff0a000100aaaaaaaaaa000000"], 0x58}, 0x1, 0x0, 0x0, 0x4000810}, 0x80) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000003e000701fcfffff7fddbdff6037c0000040036800c000180060006008847"], 0x24}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000) 16.511409691s ago: executing program 1 (id=1270): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_route(0x10, 0x3, 0x0) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_REGISTER_FRAME(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x20, r1, 0x1, 0x0, 0x0, {{}, {@void, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x40}]}, 0x20}}, 0x0) r3 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0x600, &(0x7f0000000840)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0) 16.464780516s ago: executing program 4 (id=1271): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r0) r2 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000004500)=@req={0xf3b, 0x8, 0x3, 0x7fffffff}, 0x10) recvfrom(r2, &(0x7f0000000140)=""/104, 0x68, 0x12020, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000008c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f00000002c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000700000008000300", @ANYRES32=r3, @ANYBLOB="1400040070696d36726567300000000000000000081e0500060000000800178004000600"], 0x40}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00'}) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a68000000060a0b040000380000000000020000003c0004803800018007000100637400002c000280080002400000000f08000240000000060800014000000014080001400000000d05000300000000000900010073797a30000000000900020073797a32"], 0x90}}, 0x0) write(r0, &(0x7f0000000000)="b0e08f9fab7277d89be5316ef69f78408a3297c05540d28977f1c9c60a63a814d2f9a0101a5b12ef3f8de4ab07a38d23a9d50033363634f5f314a3ad7ac5f3bc921639130f174b412baa139bf93417ad56fdc0a1321f5be5b93d2184ac72f0d08d1b50145060116cd372d316e8f4e248b17382a16e9d0634b030eae3c82145ffe95c8c14895aeb4bf202cd77f55e320ac352045e9d87898fe2f1370dcb5d3d63826eff135f5bd2666ce5206937985a7e865bcfb61666287d95bf9e69cd03eccff845ed2fec69e1fa7fdeb1b1da8b396740404a424d", 0xd5) 16.464276804s ago: executing program 0 (id=1272): sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2481000}, 0xc, &(0x7f0000000480)={0x0, 0xb4}, 0x1, 0x0, 0x0, 0x40010}, 0x4008000) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000001c0)={'wpan0\x00', 0x0}) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r4 = socket$igmp6(0xa, 0x3, 0x2) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r4, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00'}) ioctl$TUNSETLINK(r3, 0x400454cd, 0x304) sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="3f9d00000000000000001700000008000300", @ANYRES32=r2, @ANYBLOB="60003080050002000000000014000400403a050c5bae9c544ef2b6d713459a7a1c00018005000200000000000800040005000000080001"], 0x7c}}, 0x0) r5 = socket(0x10, 0x803, 0x0) sendto(r5, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_TDLS_OPER(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)={0x30, r8, 0x1, 0x70bd29, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x3}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000004}, 0xc000) sendmsg$NL80211_CMD_GET_STATION(r5, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x14, r8, 0x100, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x4008001) recvmmsg(r5, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000000)=""/105, 0x69}, {&(0x7f0000000280)=""/81, 0x51}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000580)=""/106, 0x6a}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/141, 0x8d}, {&(0x7f00000001c0)=""/17, 0x11}, {&(0x7f0000000080)=""/6, 0x6}], 0x9, &(0x7f0000000600)=""/191, 0xbf}, 0x5}], 0x1, 0x2000, &(0x7f0000003700)={0x77359400}) 16.379333604s ago: executing program 4 (id=1273): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000480), r0) sendmsg$NLBL_MGMT_C_PROTOCOLS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="210326bd7000ffcbdf2507"], 0x1c}}, 0x880) syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), r0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_AUTHENTICATE(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)={0x44, r3, 0x1, 0x20000002, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x14b4}], @key_params=[@NL80211_ATTR_MAC={0xa, 0x6, @device_b}], @NL80211_ATTR_AUTH_TYPE={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 16.378520217s ago: executing program 3 (id=1274): r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f00000003c0)=[@in={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0x10) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40000000}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x9, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x3}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x64}}, 0x0) setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f00000008c0)=0x576, 0x4) r2 = socket$netlink(0x10, 0x3, 0x0) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) writev(r2, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1) 16.29164575s ago: executing program 1 (id=1275): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = epoll_create1(0x0) socket$inet_udplite(0x2, 0x2, 0x88) (async) r2 = socket$inet_udplite(0x2, 0x2, 0x88) socket$inet_icmp_raw(0x2, 0x3, 0x1) (async) socket$inet_icmp_raw(0x2, 0x3, 0x1) epoll_create1(0x0) epoll_create1(0x0) (async) epoll_create1(0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) socket$inet(0x2, 0x4000000000000001, 0x0) (async) socket$inet(0x2, 0x4000000000000001, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x9323, 0xfffffffffffffffe, 0x0, 0x2}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x7dc48146, 0x7fffffff, 0x5539e0cf}, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) (async) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_DELETE(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000000)=ANY=[@ANYBLOB="3800000002020101000000000000000002000000240002800c000280040001ff00000000140001800800010000000000080002"], 0x38}}, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000)) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, &(0x7f0000000040)={0x80000017}) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="0127d9", @ANYRES16], 0x28}}, 0x0) r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) (async) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_REGISTER_BEACONS(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000e00)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="070000000000000000000800000008000300", @ANYRES32=r6], 0x1c}, 0x1, 0x0, 0x0, 0x404c081}, 0x0) 16.217468779s ago: executing program 4 (id=1276): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r0, &(0x7f0000000280)="ca", &(0x7f0000000000)=""/3, 0x2}, 0x20) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r0, &(0x7f0000000140), &(0x7f0000000000)=""/6, 0x2}, 0x20) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000100)=@generic={&(0x7f0000000080)='./file0\x00', 0x0, 0x8}, 0x18) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000000c0)={r0, &(0x7f0000000100), &(0x7f0000000000), 0x2}, 0x20) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETSET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000500)={0x20, 0xa, 0xa, 0x101, 0x0, 0x0, {0x3, 0x0, 0xfffd}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x80) 16.190082501s ago: executing program 0 (id=1277): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000280)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000000000000000007000000080001006e00000008000300", @ANYRES32=r5, @ANYBLOB="0c0099000000000000000000050053000100000014000400776c616e310000000000000000000000140006"], 0x60}}, 0x0) r6 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NBD_CMD_CONNECT(r1, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000400)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000fddbdf25010041000c00050025000000000000000c0002000000000000000000100007800c"], 0x3c}}, 0x0) r7 = socket$alg(0x26, 0x5, 0x0) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$nfc(&(0x7f0000000200), r1) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000240)=0x0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000280)=0x0) sendmsg$NFC_CMD_LLC_SDREQ(r8, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000002c0)={&(0x7f00000007c0)={0x120, r9, 0x100, 0x70bd2d, 0x25dfdbfe, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r10}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r11}, @NFC_ATTR_LLC_SDP={0xfc, 0x13, 0x0, 0x1, [{0x58, 0x0, 0x0, 0x1, [{0xf, 0x1, '/)/#*+%{[$}'}, {0xd, 0x1, 'skcipher\x00'}, {0x14, 0x1, 'cbc-serpent-avx\x00'}, {0x5, 0x1, '\x00'}, {0xd, 0x1, 'skcipher\x00'}, {0x8, 0x1, '*\\@,'}]}, {0x24, 0x0, 0x0, 0x1, [{0xd, 0x1, 'skcipher\x00'}, {0x8, 0x1, 'nbd\x00'}, {0x5, 0x1, '\x00'}]}, {0x50, 0x0, 0x0, 0x1, [{0x9, 0x1, ']/\'}['}, {0x8, 0x1, 'GPL\x00'}, {0x8, 0x1, 'nbd\x00'}, {0xd, 0x1, 'skcipher\x00'}, {0x8, 0x1, 'GPL\x00'}, {0x9, 0x1, 'team\x00'}, {0x9, 0x1, 'team\x00'}]}, {0x2c, 0x0, 0x0, 0x1, [{0x9, 0x1, '(-@]!'}, {0x8, 0x1, '+-^%'}, {0x9, 0x1, 'team\x00'}, {0x5, 0x1, '^'}]}]}]}, 0x120}, 0x1, 0x0, 0x0, 0x10}, 0x4) bind$alg(r7, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, 0x0, 0x0) r12 = accept4(r7, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$team(&(0x7f00000001c0), r12) sendmsg$NFT_MSG_GETSETELEM(r12, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f000000e740)=ANY=[], 0x6ae8}, 0x1, 0x0, 0x0, 0x1}, 0x10) sendmsg$NBD_CMD_RECONFIGURE(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, r6, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r12}}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x1000}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x4}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x10) r13 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0xe) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0xb, 0x10, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000020000006b8a00fe00000000c7080000010000007b8af0ff00000000bda100000000000007000000f8ffffffbfa400000000000007040000f0ffffffb7020000080000fa18230000", @ANYRES32=r13, @ANYBLOB="0000000000000000b704000008000000850000001a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 16.165341344s ago: executing program 4 (id=1278): write$cgroup_subtree(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[@ANYBLOB='+pids +'], 0x1b) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newtaction={0x48, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x34, 0x1, [@m_sample={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x4, {0x3}}}}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)=@RTM_NEWMDB={0x38, 0x54, 0x1, 0x1, 0x0, {}, [@MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x1, 0x0, 0x3, {@ip4=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x86dd}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x0) write(0xffffffffffffffff, &(0x7f00000000c0)="842a0a65bd8c2b", 0x7) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000b05d25a806c8c6394f90324fc60100002000a000300053582c137153e3704020180fc0b09000c00", 0x33fe0}], 0x1}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x5, 0x0, 0x5, 0x5}]}, 0x10) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_MULTI_BOOLOPT={0xc, 0x2e, {0x3, 0x3}}]}}}]}, 0x40}}, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'geneve1\x00'}) 15.953354696s ago: executing program 2 (id=1279): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x5}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x48, 0x6, 0xa, 0x401, 0x0, 0x0, {0x5}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @tunnel={{0xb}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_TUNNEL_KEY={0x8, 0x1, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xbc}}, 0x0) 15.937119534s ago: executing program 2 (id=1280): r0 = socket$inet(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xc, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000091108c000000000095"], &(0x7f0000000600)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) (async, rerun: 32) r2 = socket$nl_route(0x10, 0x3, 0x0) (rerun: 32) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=ANY=[@ANYBLOB="48000000100001140000000000000800000000008c8fc03ed1c0ef0a80cc1627cea459e162bd5e5fee0213d4ec868e3a56514715600000000000000000000000168c1a9751baa88a6e9df42a9f806d60c156943cd40dde1a9e8eca730799cf698edbfd32eab892f55c0000000000002712777ec2aac58b1f4487312ca17a64954578dfe3c3c310ea87672d463c4be7455cede8306b6cd21274b5677ec0940be5d97d7b97c968321bbfb7abc57e183cc5db651085d486efbb802373ed971499eb22bbec22e9a3b55ee4bfa94fd8c88f2a8f609a5c0461db8d94eb3f197524b17e04d7b8d26c0c891363bfa74668a1923e", @ANYRES32=0x0, @ANYBLOB="2825020000080000200012800c0001006d6163766c616e00100002800a000900000000000000000008000500", @ANYRES32=r1], 0x48}}, 0x0) socket$unix(0x1, 0x1, 0x0) (async, rerun: 32) r3 = socket$netlink(0x10, 0x3, 0x0) (rerun: 32) sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x939e02dc105d5baa, 0x2}, {0xe}, {0x8, 0xfff1}}}, 0x24}}, 0x40004) (async, rerun: 64) close(0x3) (async, rerun: 64) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x6, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp}, 0x94) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[], 0x7c}}, 0x0) (async) sendmsg$IPVS_CMD_GET_INFO(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000600)=ANY=[@ANYBLOB="e420381fc693a1f0f399260eb26118af0bc0920d845d6847295e8d35f0454228e87316601325b2cfa74333bdb00000"], 0xcc}, 0x1, 0x0, 0x0, 0x24008000}, 0x200008c0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000e40)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000240)="957bc3871f54da01138019ebbb3587e39b0af28eea1dc1c5b6b0f27c1111d0f8b71e196a9bb19b466172df083b602f37901653c0b41e9ea3218f6680923cb44fcde97805fe3eaf057d955a0de7c0d5", 0x4f}, {0x0}, {&(0x7f0000000440)}, {&(0x7f0000000300)="d4eb0cb9b5afe8a92397fd6083599c6c", 0x10}], 0x4, &(0x7f0000000880)=ANY=[@ANYBLOB="1400000000000000290000004387f5bdca01005a3f25343f"], 0x18}}], 0x1, 0x40004) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x13, 0x11, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000d0ff0000000000", @ANYRES32, @ANYBLOB="0000000000000004180000000000001000000000000200009500000000000000180100002020782500000000002020207b1af8ff00000000bfa100200000ffffb702000008000000b50a00000000000085"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x8}, 0x94) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000340), r4) (async) r5 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r5, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4) (async) sendmsg$netlink(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000004c0)=ANY=[@ANYBLOB="280000005f00013caf23b8000000000008003b"], 0x28}], 0x1}, 0x0) (async, rerun: 32) r6 = socket$alg(0x26, 0x5, 0x0) (rerun: 32) bind$alg(r6, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r7 = accept4(r6, 0x0, 0x0, 0x800) sendmmsg$alg(r7, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) (async) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r8, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r9, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) (async) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct={0x0, 0x0, 0x0, 0xf, 0x1, 0x5}]}}, &(0x7f0000000040)=""/249, 0x26, 0xf9, 0x6}, 0x20) 15.936886375s ago: executing program 4 (id=1281): r0 = socket(0x10, 0x2, 0x0) sendto$inet6(r0, &(0x7f00000004c0)="7800000018002507b9199b02ffff48000203be04020406050a02040c5c000900580006020a0000000d0085a168d0bf46d32345653600648d07000b000a00070849935ade4a460c89b6ec0cff3959547f509058ba86c902007a00004a32000407160012000a0000000000e000e218d1dd3b6ed538f6523250", 0x78, 0xc090, 0x0, 0x0) r1 = syz_init_net_socket$x25(0x9, 0x5, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r3 = openat$cgroup_ro(r2, &(0x7f0000000040)='pids.events\x00', 0x275a, 0x0) write$cgroup_subtree(r3, &(0x7f00000000c0)={[{0x2d, 'cpu'}]}, 0x5) ioctl$SIOCX25SDTEFACILITIES(r1, 0x89eb, &(0x7f0000000000)={0x0, 0xdec, 0x0, 0x1, 0x0, 0x8c, 0x2b, "839bf939b57362abfaad537bda3067fc22f51ecb", "b6f6c857a33c218fa92e44589f8115fc47110400"}) r4 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) setsockopt$packet_add_memb(r4, 0x107, 0x1, &(0x7f0000000080)={r5, 0x1, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, 0x10) 15.793264562s ago: executing program 4 (id=1282): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000040), r1) sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x38, r2, 0x1, 0x0, 0x0, {0x4}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @multicast1}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth1_to_team\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @multicast1}]}, 0x38}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)=ANY=[@ANYBLOB="200000002d00091327bd70000000000006"], 0x20}}, 0x84) r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000240)=ANY=[@ANYBLOB="1c0000002d002100000000000000000004"], 0x1c}], 0x1}, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), r3) 15.445403001s ago: executing program 3 (id=1283): r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$sock_int(r0, 0x1, 0x10, 0x0, &(0x7f0000000240)) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000b80)=@newtaction={0xa8, 0x30, 0x1, 0x0, 0x0, {}, [{0x94, 0x1, [@m_tunnel_key={0x60, 0x1, 0x0, 0x0, {{0xf}, {0x30, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @initdev={0xac, 0x1e, 0x0, 0x0}}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @initdev={0xac, 0x1e, 0x0, 0x0}}, @TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}, @m_gact={0x30, 0x2, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa8}}, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0xfffffffffffffe71, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYRES16=r0, @ANYRES64=r1, @ANYRESHEX=r2], 0x28}}, 0xc000) 15.440803995s ago: executing program 3 (id=1284): r0 = socket$pppl2tp(0x18, 0x1, 0x1) ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000080)={'rose0\x00', 0x7fff}) ioctl$SIOCGIFMTU(r0, 0x8921, &(0x7f0000000000)={'ipvlan1\x00'}) ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000180)={'team0\x00', 0x44}) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xb, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0xffffffdd, 0xa}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1, 0x0, 0x74}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x19, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x800000}, 0x10}, 0x94) 15.368162814s ago: executing program 1 (id=1285): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000003c0)={'batadv_slave_1\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=@delchain={0x24, 0x5f, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0x5, 0xf}, {0xffe0, 0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x4040850) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) write(r3, &(0x7f0000000340), 0x11000) vmsplice(r3, &(0x7f0000000280)=[{&(0x7f0000000680)="85", 0x1}], 0x1, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r4 = socket$netlink(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_NEW(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)={0x34, r5, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x8000) 15.261387626s ago: executing program 3 (id=1286): syz_emit_ethernet(0x165, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaa33aaaaaaaaaabb88a825008100120086dd630d551501272f00fc010000000000000000000000000001fe8000000000000000000000000000aa2b02000000000000c910fc01000000000000000000000000000000000000000000060403f730fffffc01000000000000000000000000000100000000000000000000000000000000fc0200000000000000000000000000017302040100100600fe8000000000000000000000000000bb1920880b000000000100df00090086dd080088be000000011d07550401000000fffffffe080022eb0000000321084a5a02000000000000070002170a08006558000000041e35af1e23be8ca949ecc3e35f2b432e67ea0900000000000000b7ea026f21cfd787f8a484821011a6e0e79a88c5438b8e62271dfef316e4589039f55dee30103f311fa4858f0bdc0b35bd04ffd43b3071727c665980235357f6ad86917654ec53d1c0c749b6df7e3dc0e8d817da167bb333d16c9a9aa79d523b1b9cfd75ac5ac12e1ec967780225e9d1e2c0b035f4f32804756b010fcf4a27bcbcebfeae7881b2c2e2cb0c6ce11194263f60d331f957697cfd5a780b96d74e2f8645a783d49f9f97868821d9da33165e213da628adc9881b3b54105221080b3734e8378c40de2eae1193fc8eb3de0913eec5f2be62dad963a76a61827404557822781253724b1a6c3eb33e107940bb33d0ab35140d5b3c8ead6b4333823265"], 0x0) (async) syz_emit_ethernet(0x165, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaa33aaaaaaaaaabb88a825008100120086dd630d551501272f00fc010000000000000000000000000001fe8000000000000000000000000000aa2b02000000000000c910fc01000000000000000000000000000000000000000000060403f730fffffc01000000000000000000000000000100000000000000000000000000000000fc0200000000000000000000000000017302040100100600fe8000000000000000000000000000bb1920880b000000000100df00090086dd080088be000000011d07550401000000fffffffe080022eb0000000321084a5a02000000000000070002170a08006558000000041e35af1e23be8ca949ecc3e35f2b432e67ea0900000000000000b7ea026f21cfd787f8a484821011a6e0e79a88c5438b8e62271dfef316e4589039f55dee30103f311fa4858f0bdc0b35bd04ffd43b3071727c665980235357f6ad86917654ec53d1c0c749b6df7e3dc0e8d817da167bb333d16c9a9aa79d523b1b9cfd75ac5ac12e1ec967780225e9d1e2c0b035f4f32804756b010fcf4a27bcbcebfeae7881b2c2e2cb0c6ce11194263f60d331f957697cfd5a780b96d74e2f8645a783d49f9f97868821d9da33165e213da628adc9881b3b54105221080b3734e8378c40de2eae1193fc8eb3de0913eec5f2be62dad963a76a61827404557822781253724b1a6c3eb33e107940bb33d0ab35140d5b3c8ead6b4333823265"], 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="450a000000ff03ffc311a400100100001800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x94) 15.260841764s ago: executing program 3 (id=1287): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001440)={0x1c, r3, 0x1, 0x0, 0x0, {{0x8}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x2000c000) sendmsg$NL80211_CMD_GET_MESH_CONFIG(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000040)={0x14, r3, 0x200, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x40) r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0) ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f0000000100)) ioctl$PPPIOCSACTIVE(r4, 0x40107446, &(0x7f0000000080)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x8eb6}]}) close(0x3) 226.548949ms ago: executing program 32 (id=1277): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000280)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000000000000000007000000080001006e00000008000300", @ANYRES32=r5, @ANYBLOB="0c0099000000000000000000050053000100000014000400776c616e310000000000000000000000140006"], 0x60}}, 0x0) r6 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NBD_CMD_CONNECT(r1, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000400)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000fddbdf25010041000c00050025000000000000000c0002000000000000000000100007800c"], 0x3c}}, 0x0) r7 = socket$alg(0x26, 0x5, 0x0) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$nfc(&(0x7f0000000200), r1) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000240)=0x0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000280)=0x0) sendmsg$NFC_CMD_LLC_SDREQ(r8, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000002c0)={&(0x7f00000007c0)={0x120, r9, 0x100, 0x70bd2d, 0x25dfdbfe, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r10}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r11}, @NFC_ATTR_LLC_SDP={0xfc, 0x13, 0x0, 0x1, [{0x58, 0x0, 0x0, 0x1, [{0xf, 0x1, '/)/#*+%{[$}'}, {0xd, 0x1, 'skcipher\x00'}, {0x14, 0x1, 'cbc-serpent-avx\x00'}, {0x5, 0x1, '\x00'}, {0xd, 0x1, 'skcipher\x00'}, {0x8, 0x1, '*\\@,'}]}, {0x24, 0x0, 0x0, 0x1, [{0xd, 0x1, 'skcipher\x00'}, {0x8, 0x1, 'nbd\x00'}, {0x5, 0x1, '\x00'}]}, {0x50, 0x0, 0x0, 0x1, [{0x9, 0x1, ']/\'}['}, {0x8, 0x1, 'GPL\x00'}, {0x8, 0x1, 'nbd\x00'}, {0xd, 0x1, 'skcipher\x00'}, {0x8, 0x1, 'GPL\x00'}, {0x9, 0x1, 'team\x00'}, {0x9, 0x1, 'team\x00'}]}, {0x2c, 0x0, 0x0, 0x1, [{0x9, 0x1, '(-@]!'}, {0x8, 0x1, '+-^%'}, {0x9, 0x1, 'team\x00'}, {0x5, 0x1, '^'}]}]}]}, 0x120}, 0x1, 0x0, 0x0, 0x10}, 0x4) bind$alg(r7, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, 0x0, 0x0) r12 = accept4(r7, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$team(&(0x7f00000001c0), r12) sendmsg$NFT_MSG_GETSETELEM(r12, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f000000e740)=ANY=[], 0x6ae8}, 0x1, 0x0, 0x0, 0x1}, 0x10) sendmsg$NBD_CMD_RECONFIGURE(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, r6, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r12}}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x1000}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x4}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x10) r13 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0xe) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0xb, 0x10, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000020000006b8a00fe00000000c7080000010000007b8af0ff00000000bda100000000000007000000f8ffffffbfa400000000000007040000f0ffffffb7020000080000fa18230000", @ANYRES32=r13, @ANYBLOB="0000000000000000b704000008000000850000001a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 194.166565ms ago: executing program 33 (id=1285): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000003c0)={'batadv_slave_1\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=@delchain={0x24, 0x5f, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0x5, 0xf}, {0xffe0, 0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x4040850) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) write(r3, &(0x7f0000000340), 0x11000) vmsplice(r3, &(0x7f0000000280)=[{&(0x7f0000000680)="85", 0x1}], 0x1, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r4 = socket$netlink(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_NEW(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)={0x34, r5, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x8000) 137.319451ms ago: executing program 34 (id=1280): r0 = socket$inet(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xc, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000091108c000000000095"], &(0x7f0000000600)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) (async, rerun: 32) r2 = socket$nl_route(0x10, 0x3, 0x0) (rerun: 32) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=ANY=[@ANYBLOB="48000000100001140000000000000800000000008c8fc03ed1c0ef0a80cc1627cea459e162bd5e5fee0213d4ec868e3a56514715600000000000000000000000168c1a9751baa88a6e9df42a9f806d60c156943cd40dde1a9e8eca730799cf698edbfd32eab892f55c0000000000002712777ec2aac58b1f4487312ca17a64954578dfe3c3c310ea87672d463c4be7455cede8306b6cd21274b5677ec0940be5d97d7b97c968321bbfb7abc57e183cc5db651085d486efbb802373ed971499eb22bbec22e9a3b55ee4bfa94fd8c88f2a8f609a5c0461db8d94eb3f197524b17e04d7b8d26c0c891363bfa74668a1923e", @ANYRES32=0x0, @ANYBLOB="2825020000080000200012800c0001006d6163766c616e00100002800a000900000000000000000008000500", @ANYRES32=r1], 0x48}}, 0x0) socket$unix(0x1, 0x1, 0x0) (async, rerun: 32) r3 = socket$netlink(0x10, 0x3, 0x0) (rerun: 32) sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x939e02dc105d5baa, 0x2}, {0xe}, {0x8, 0xfff1}}}, 0x24}}, 0x40004) (async, rerun: 64) close(0x3) (async, rerun: 64) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x6, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp}, 0x94) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[], 0x7c}}, 0x0) (async) sendmsg$IPVS_CMD_GET_INFO(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000600)=ANY=[@ANYBLOB="e420381fc693a1f0f399260eb26118af0bc0920d845d6847295e8d35f0454228e87316601325b2cfa74333bdb00000"], 0xcc}, 0x1, 0x0, 0x0, 0x24008000}, 0x200008c0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000e40)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000240)="957bc3871f54da01138019ebbb3587e39b0af28eea1dc1c5b6b0f27c1111d0f8b71e196a9bb19b466172df083b602f37901653c0b41e9ea3218f6680923cb44fcde97805fe3eaf057d955a0de7c0d5", 0x4f}, {0x0}, {&(0x7f0000000440)}, {&(0x7f0000000300)="d4eb0cb9b5afe8a92397fd6083599c6c", 0x10}], 0x4, &(0x7f0000000880)=ANY=[@ANYBLOB="1400000000000000290000004387f5bdca01005a3f25343f"], 0x18}}], 0x1, 0x40004) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x13, 0x11, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000d0ff0000000000", @ANYRES32, @ANYBLOB="0000000000000004180000000000001000000000000200009500000000000000180100002020782500000000002020207b1af8ff00000000bfa100200000ffffb702000008000000b50a00000000000085"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x8}, 0x94) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ipvs(&(0x7f0000000340), r4) (async) r5 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r5, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4) (async) sendmsg$netlink(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000004c0)=ANY=[@ANYBLOB="280000005f00013caf23b8000000000008003b"], 0x28}], 0x1}, 0x0) (async, rerun: 32) r6 = socket$alg(0x26, 0x5, 0x0) (rerun: 32) bind$alg(r6, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r7 = accept4(r6, 0x0, 0x0, 0x800) sendmmsg$alg(r7, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) (async) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r8, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r9, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) (async) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct={0x0, 0x0, 0x0, 0xf, 0x1, 0x5}]}}, &(0x7f0000000040)=""/249, 0x26, 0xf9, 0x6}, 0x20) 73.324965ms ago: executing program 35 (id=1287): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001440)={0x1c, r3, 0x1, 0x0, 0x0, {{0x8}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x2000c000) sendmsg$NL80211_CMD_GET_MESH_CONFIG(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000040)={0x14, r3, 0x200, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x40) r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0) ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f0000000100)) ioctl$PPPIOCSACTIVE(r4, 0x40107446, &(0x7f0000000080)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x8eb6}]}) close(0x3) 0s ago: executing program 36 (id=1282): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000040), r1) sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x38, r2, 0x1, 0x0, 0x0, {0x4}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @multicast1}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth1_to_team\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @multicast1}]}, 0x38}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)=ANY=[@ANYBLOB="200000002d00091327bd70000000000006"], 0x20}}, 0x84) r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000240)=ANY=[@ANYBLOB="1c0000002d002100000000000000000004"], 0x1c}], 0x1}, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), r3) kernel console output (not intermixed with test programs): blocking state [ 95.185568][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.195980][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.203107][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.223124][ T5850] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.253015][ T5836] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 95.263755][ T5836] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 95.387153][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.405892][ T5850] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.442648][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.449861][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.518293][ T5835] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.546430][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.553737][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.590664][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.597928][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.669037][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.676292][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.697215][ T5842] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.772789][ T5842] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.808948][ T5836] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 95.878963][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.886307][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.922221][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.929501][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.071296][ T5843] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.136192][ T5842] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 96.386595][ T5843] veth0_vlan: entered promiscuous mode [ 96.442673][ T5843] veth1_vlan: entered promiscuous mode [ 96.599373][ T5843] veth0_macvtap: entered promiscuous mode [ 96.627578][ T5843] veth1_macvtap: entered promiscuous mode [ 96.680966][ T5856] Bluetooth: hci0: command tx timeout [ 96.681259][ T5844] Bluetooth: hci4: command tx timeout [ 96.686750][ T5856] Bluetooth: hci1: command tx timeout [ 96.706902][ T5850] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.735614][ T5836] veth0_vlan: entered promiscuous mode [ 96.751808][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.758875][ T5856] Bluetooth: hci3: command tx timeout [ 96.764994][ T5856] Bluetooth: hci2: command tx timeout [ 96.785811][ T5836] veth1_vlan: entered promiscuous mode [ 96.800253][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.816203][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 96.828189][ T5842] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.878103][ T35] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.888942][ T35] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.914653][ T35] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.924773][ T49] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.976051][ T5836] veth0_macvtap: entered promiscuous mode [ 97.005220][ T5850] veth0_vlan: entered promiscuous mode [ 97.028785][ T5836] veth1_macvtap: entered promiscuous mode [ 97.065570][ T5850] veth1_vlan: entered promiscuous mode [ 97.103785][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.118396][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 97.126594][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.197159][ T5835] veth0_vlan: entered promiscuous mode [ 97.216131][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 97.226446][ T5842] veth0_vlan: entered promiscuous mode [ 97.235830][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.249082][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.251165][ T5835] veth1_vlan: entered promiscuous mode [ 97.281599][ T13] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.294988][ T13] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.304576][ T13] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.340436][ T13] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.361825][ T5850] veth0_macvtap: entered promiscuous mode [ 97.377578][ T5843] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 97.406737][ T5842] veth1_vlan: entered promiscuous mode [ 97.421412][ T5835] veth0_macvtap: entered promiscuous mode [ 97.435693][ T5835] veth1_macvtap: entered promiscuous mode [ 97.449131][ T5850] veth1_macvtap: entered promiscuous mode [ 97.547739][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 97.598345][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 97.611963][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 97.648455][ T5842] veth0_macvtap: entered promiscuous mode [ 97.659207][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 97.697516][ T1071] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.707928][ T5842] veth1_macvtap: entered promiscuous mode [ 97.714472][ T1071] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.736334][ T49] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.745277][ T49] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.796224][ T49] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.816293][ T49] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.839718][ T49] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.875705][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 97.891002][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 97.912403][ T49] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.929893][ T49] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.978581][ T49] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.994678][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.003208][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.038988][ T49] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.127023][ T49] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.144647][ T49] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.209809][ T49] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.297027][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.325661][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.402609][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.423603][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.483473][ T5973] syz.4.9 uses obsolete (PF_INET,SOCK_PACKET) [ 98.547219][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.560360][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.705086][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.713072][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.753987][ T5856] Bluetooth: hci1: command tx timeout [ 98.754403][ T5844] Bluetooth: hci4: command tx timeout [ 98.759446][ T5856] Bluetooth: hci0: command tx timeout [ 98.786141][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.807386][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.837678][ T5856] Bluetooth: hci2: command tx timeout [ 98.837699][ T5844] Bluetooth: hci3: command tx timeout [ 98.976213][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.992026][ T5982] netdevsim netdevsim2 netdevsim0: entered promiscuous mode [ 99.004008][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.061344][ T5981] netlink: 4 bytes leftover after parsing attributes in process `syz.4.12'. [ 99.214404][ T5990] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 99.321949][ T5990] netlink: 36 bytes leftover after parsing attributes in process `syz.3.14'. [ 99.437985][ T5997] netlink: 96 bytes leftover after parsing attributes in process `syz.1.2'. [ 99.497344][ T5997] 8021q: VLANs not supported on sit0 [ 99.617272][ T6002] tipc: Started in network mode [ 99.622480][ T6002] tipc: Node identity 9a41a51088c9, cluster identity 4711 [ 99.637463][ T6002] tipc: Enabled bearer , priority 0 [ 99.659334][ T6002] syzkaller0: entered promiscuous mode [ 99.666053][ T6002] syzkaller0: entered allmulticast mode [ 99.726711][ T6002] tipc: Resetting bearer [ 99.750893][ T6002] netlink: 232 bytes leftover after parsing attributes in process `syz.0.16'. [ 99.805559][ T6006] netdevsim netdevsim2: Direct firmware load for failed with error -2 [ 99.816397][ T6002] trusted_key: syz.0.16 sent an empty control message without MSG_MORE. [ 99.832705][ T6006] netdevsim netdevsim2: Falling back to sysfs fallback for: [ 99.852799][ T6000] tipc: Resetting bearer [ 99.890897][ T6000] tipc: Disabling bearer [ 100.132552][ T6023] netdevsim netdevsim0: Direct firmware load for /.€ failed with error -2 [ 100.142074][ T6023] netdevsim netdevsim0: Falling back to sysfs fallback for: /.€ [ 100.174776][ T6029] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 100.193410][ T6029] warning: `syz.0.23' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 100.417706][ T6036] netlink: 'syz.1.26': attribute type 21 has an invalid length. [ 100.430879][ T6036] netlink: 128 bytes leftover after parsing attributes in process `syz.1.26'. [ 100.442762][ T6036] netlink: 'syz.1.26': attribute type 4 has an invalid length. [ 100.450734][ T6036] netlink: 'syz.1.26': attribute type 5 has an invalid length. [ 100.458698][ T6036] netlink: 3 bytes leftover after parsing attributes in process `syz.1.26'. [ 100.469770][ T6037] netlink: 'syz.1.26': attribute type 21 has an invalid length. [ 100.477572][ T6037] netlink: 128 bytes leftover after parsing attributes in process `syz.1.26'. [ 100.490872][ T6037] netlink: 'syz.1.26': attribute type 4 has an invalid length. [ 100.498701][ T6037] netlink: 'syz.1.26': attribute type 5 has an invalid length. [ 100.508315][ T6037] netlink: 3 bytes leftover after parsing attributes in process `syz.1.26'. [ 100.518645][ T6037] Zero length message leads to an empty skb [ 100.972035][ T6057] syzkaller0: entered promiscuous mode [ 100.995074][ T6057] syzkaller0: entered allmulticast mode [ 101.152680][ T6059] netlink: 'syz.3.32': attribute type 3 has an invalid length. [ 101.199560][ T6071] netlink: 4 bytes leftover after parsing attributes in process `syz.4.35'. [ 101.217276][ T6072] netlink: 12 bytes leftover after parsing attributes in process `syz.4.35'. [ 101.306479][ T6062] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 101.510148][ T30] audit: type=1800 audit(1754383586.963:2): pid=6048 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.28" name="memory.events" dev="tmpfs" ino=38 res=0 errno=0 [ 101.675552][ T6090] netlink: 'syz.0.38': attribute type 21 has an invalid length. [ 102.780035][ T6093] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 103.439426][ T6113] IPv6: sit1: Disabled Multicast RS [ 103.648563][ T6128] bridge_slave_0: left allmulticast mode [ 103.679099][ T6128] bridge_slave_0: left promiscuous mode [ 103.686953][ T6136] netlink: 'syz.2.49': attribute type 14 has an invalid length. [ 103.712229][ T6128] bridge0: port 1(bridge_slave_0) entered disabled state [ 103.791707][ T6128] bridge_slave_1: left allmulticast mode [ 103.834381][ T6128] bridge_slave_1: left promiscuous mode [ 103.866698][ T6128] bridge0: port 2(bridge_slave_1) entered disabled state [ 103.951517][ T6128] bond0: (slave bond_slave_0): Releasing backup interface [ 103.998960][ T6128] bond0: (slave bond_slave_1): Releasing backup interface [ 104.023093][ T6128] team0: Port device team_slave_0 removed [ 104.037973][ T6128] team0: Port device team_slave_1 removed [ 104.045568][ T6128] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 104.053727][ T6128] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 104.063055][ T6128] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 104.081728][ T6128] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 104.112323][ T6143] team0: Mode changed to "loadbalance" [ 104.161584][ T6154] syz_tun: entered allmulticast mode [ 104.171986][ T6149] syz_tun: left allmulticast mode [ 104.360028][ T6160] __nla_validate_parse: 6 callbacks suppressed [ 104.360048][ T6160] netlink: 4 bytes leftover after parsing attributes in process `syz.0.54'. [ 104.364756][ T6166] netlink: 12 bytes leftover after parsing attributes in process `syz.1.57'. [ 104.385014][ T6160] netlink: 340 bytes leftover after parsing attributes in process `syz.0.54'. [ 104.486768][ T6171] netlink: 20 bytes leftover after parsing attributes in process `syz.1.57'. [ 104.541077][ T6172] netlink: 12 bytes leftover after parsing attributes in process `syz.1.57'. [ 104.612063][ T6166] xfrm1: entered promiscuous mode [ 104.642619][ T6166] xfrm1: entered allmulticast mode [ 104.675187][ T6178] tipc: Enabling of bearer rejected, failed to enable media [ 104.689898][ T6160] netlink: 16 bytes leftover after parsing attributes in process `syz.0.54'. [ 104.825387][ T6185] dvmrp0: entered allmulticast mode [ 104.881061][ T6188] netlink: 28 bytes leftover after parsing attributes in process `syz.3.62'. [ 104.912624][ T6189] netlink: 'syz.4.63': attribute type 1 has an invalid length. [ 104.917766][ T6188] netlink: 4 bytes leftover after parsing attributes in process `syz.3.62'. [ 104.958956][ T6188] netlink: 28 bytes leftover after parsing attributes in process `syz.3.62'. [ 104.968135][ T6188] netlink: 4 bytes leftover after parsing attributes in process `syz.3.62'. [ 104.976358][ T6189] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 105.149450][ T6195] (unnamed net_device) (uninitialized): option mode: invalid value (133) [ 105.541849][ T6210] tipc: Started in network mode [ 105.583873][ T6210] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711 [ 105.610076][ T6210] tipc: Enabled bearer , priority 10 [ 105.788627][ T6226] openvswitch: netlink: IPv4 tun info is not correct [ 105.967296][ T6235] Bluetooth: MGMT ver 1.23 [ 106.057431][ T6198] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 106.064466][ T6239] tipc: Started in network mode [ 106.069451][ T6239] tipc: Node identity fab76d4d0e84, cluster identity 4711 [ 106.098417][ T6239] tipc: Enabled bearer , priority 0 [ 106.190665][ T6237] tipc: Disabling bearer [ 106.546462][ T6259] validate_nla: 4 callbacks suppressed [ 106.546484][ T6259] netlink: 'syz.3.86': attribute type 21 has an invalid length. [ 106.589371][ T6259] (unnamed net_device) (uninitialized): option lacp_rate: mode dependency failed, not supported in mode broadcast(3) [ 106.734614][ T5906] tipc: Node number set to 4269801488 [ 107.144495][ T6275] openvswitch: netlink: Actions may not be safe on all matching packets [ 107.237163][ T6275] tipc: Started in network mode [ 107.265248][ T6275] tipc: Node identity aaaaaaaaaa1f, cluster identity 4711 [ 107.275736][ T6275] tipc: Enabled bearer , priority 0 [ 107.500508][ T6287] netlink: 'syz.4.96': attribute type 10 has an invalid length. [ 107.544808][ T6295] netlink: 'syz.1.98': attribute type 10 has an invalid length. [ 107.643284][ T6295] team0: Port device geneve0 added [ 108.148586][ T6321] macvlan2: entered promiscuous mode [ 108.173723][ T6321] macvlan2: entered allmulticast mode [ 108.222588][ T6321] syz_tun: entered promiscuous mode [ 108.252845][ T6321] syz_tun: entered allmulticast mode [ 108.280057][ T6321] team0: Port device macvlan2 added [ 108.403571][ T5906] tipc: Node number set to 11905706 [ 108.589644][ T6341] veth3: entered promiscuous mode [ 108.609337][ T6341] veth3: entered allmulticast mode [ 108.621982][ T6338] tipc: Enabled bearer , priority 0 [ 108.728934][ T6344] tipc: Disabling bearer [ 109.074966][ T6364] netlink: 'syz.3.117': attribute type 7 has an invalid length. [ 109.083033][ T6364] netlink: 'syz.3.117': attribute type 8 has an invalid length. [ 109.881813][ T6383] __nla_validate_parse: 9 callbacks suppressed [ 109.881832][ T6383] netlink: 24 bytes leftover after parsing attributes in process `syz.1.121'. [ 109.911502][ T6383] ksmbd: Unknown IPC event: 3, ignore. [ 109.938764][ T6377] sctp: failed to load transform for md5: -2 [ 110.524984][ T6393] netlink: 12 bytes leftover after parsing attributes in process `syz.1.124'. [ 110.665631][ T6401] netlink: 32 bytes leftover after parsing attributes in process `syz.4.128'. [ 110.759020][ T6409] netlink: 152064 bytes leftover after parsing attributes in process `syz.1.129'. [ 110.811598][ T6409] netlink: zone id is out of range [ 110.839303][ T6409] netlink: zone id is out of range [ 110.865299][ T6409] netlink: zone id is out of range [ 110.870504][ T6409] netlink: zone id is out of range [ 110.913441][ T5856] Bluetooth: hci4: command tx timeout [ 110.935595][ T6409] netlink: zone id is out of range [ 110.940790][ T6409] netlink: zone id is out of range [ 111.017365][ T6409] netlink: zone id is out of range [ 111.022548][ T6409] netlink: zone id is out of range [ 111.043609][ T6409] netlink: zone id is out of range [ 111.125115][ T6409] netlink: zone id is out of range [ 111.182386][ T6429] netlink: 24 bytes leftover after parsing attributes in process `syz.2.135'. [ 111.789218][ T6440] tipc: Started in network mode [ 111.814966][ T6440] tipc: Node identity b686f0152c62, cluster identity 4711 [ 111.846890][ T6440] tipc: Enabled bearer , priority 0 [ 112.028101][ T6447] syzkaller0: entered promiscuous mode [ 112.035685][ T6447] syzkaller0: entered allmulticast mode [ 112.043079][ T6447] tipc: Resetting bearer [ 112.065871][ T6454] bridge_slave_0: left allmulticast mode [ 112.076189][ T6454] bridge_slave_0: left promiscuous mode [ 112.082978][ T6454] bridge0: port 1(bridge_slave_0) entered disabled state [ 112.130648][ T6454] bridge_slave_1: left allmulticast mode [ 112.139113][ T6454] bridge_slave_1: left promiscuous mode [ 112.169557][ T6454] bridge0: port 2(bridge_slave_1) entered disabled state [ 112.187026][ T6454] bond0: (slave bond_slave_0): Releasing backup interface [ 112.222342][ T6454] bond0: (slave bond_slave_1): Releasing backup interface [ 112.276803][ T6454] team0: Port device team_slave_0 removed [ 112.308670][ T6454] team0: Port device team_slave_1 removed [ 112.327004][ T6454] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 112.341860][ T6454] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 112.358416][ T6454] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 112.368180][ T6475] netlink: 8 bytes leftover after parsing attributes in process `syz.4.143'. [ 112.372127][ T6454] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 112.432137][ T6456] team0: Mode changed to "loadbalance" [ 112.442092][ T6462] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22 [ 112.451474][ T6462] netdevsim netdevsim1: Direct firmware load for . failed with error -22 [ 112.461030][ T6447] tipc: Resetting bearer [ 112.473960][ T6462] netdevsim netdevsim1: Falling back to sysfs fallback for: . [ 112.686079][ T6480] netlink: 24 bytes leftover after parsing attributes in process `syz.3.145'. [ 112.884140][ T5955] tipc: Node number set to 2598694933 [ 113.676372][ T6447] tipc: Disabling bearer [ 114.118134][ T6503] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 114.336038][ T6516] netlink: 8 bytes leftover after parsing attributes in process `syz.0.154'. [ 114.370535][ T6503] 8021q: adding VLAN 0 to HW filter on device bond1 [ 115.107618][ T6564] netlink: 10 bytes leftover after parsing attributes in process `syz.4.169'. [ 115.494104][ T6583] tipc: Enabled bearer , priority 0 [ 115.539224][ T6583] syzkaller0: entered promiscuous mode [ 115.595711][ T6583] syzkaller0: entered allmulticast mode [ 115.676538][ T6582] netlink: 'syz.2.174': attribute type 1 has an invalid length. [ 115.742271][ T6597] netlink: 28 bytes leftover after parsing attributes in process `syz.0.178'. [ 115.758763][ T6582] bond1 (unregistering): Released all slaves [ 115.827685][ T6593] tipc: Resetting bearer [ 115.857854][ T6593] tipc: Disabling bearer [ 115.888080][ T6586] ip6tnl2: entered promiscuous mode [ 115.895549][ T6586] ip6tnl2: entered allmulticast mode [ 116.120975][ T6613] netlink: 32 bytes leftover after parsing attributes in process `syz.4.183'. [ 116.153419][ T6613] netlink: 12 bytes leftover after parsing attributes in process `syz.4.183'. [ 116.347337][ T6624] netlink: 44 bytes leftover after parsing attributes in process `syz.0.186'. [ 116.392557][ T6621] pim6reg1: entered promiscuous mode [ 116.398898][ T6621] pim6reg1: entered allmulticast mode [ 116.437036][ T6624] bridge0: port 2(bridge_slave_1) entered disabled state [ 116.445906][ T6624] bridge0: port 1(bridge_slave_0) entered disabled state [ 116.954128][ T6661] netlink: 12 bytes leftover after parsing attributes in process `syz.1.195'. [ 117.246715][ T6674] netlink: 24 bytes leftover after parsing attributes in process `syz.0.199'. [ 117.397181][ T6682] IPVS: Unknown mcast interface: dvmrp0 [ 117.678520][ T6693] netlink: 64 bytes leftover after parsing attributes in process `syz.1.205'. [ 117.708136][ T6694] netlink: 24 bytes leftover after parsing attributes in process `syz.3.206'. [ 117.737345][ T6693] netlink: 'syz.1.205': attribute type 4 has an invalid length. [ 117.915272][ T6706] netlink: 32 bytes leftover after parsing attributes in process `syz.3.209'. [ 118.294929][ T6718] netlink: 'syz.1.215': attribute type 1 has an invalid length. [ 118.511546][ T6732] 8021q: adding VLAN 0 to HW filter on device bond3 [ 118.524799][ T6732] bond2: (slave bond3): making interface the new active one [ 118.533076][ T6732] bond2: (slave bond3): Enslaving as an active interface with an up link [ 118.569175][ T6734] 8021q: adding VLAN 0 to HW filter on device bond2 [ 118.951955][ T6743] veth3: entered allmulticast mode [ 119.163078][ T6764] netlink: 'syz.0.225': attribute type 14 has an invalid length. [ 119.177374][ T6764] netlink: 'syz.0.225': attribute type 13 has an invalid length. [ 120.138891][ T6808] __nla_validate_parse: 11 callbacks suppressed [ 120.138912][ T6808] netlink: 12 bytes leftover after parsing attributes in process `syz.4.235'. [ 120.664787][ T6834] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 120.672279][ T6834] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 120.742905][ T6834] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 120.777451][ T6834] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 120.811428][ T6844] netlink: 'syz.0.244': attribute type 11 has an invalid length. [ 120.866581][ T6836] netlink: 8 bytes leftover after parsing attributes in process `syz.0.244'. [ 121.182155][ T6857] netlink: 256 bytes leftover after parsing attributes in process `syz.4.250'. [ 121.234267][ T6857] unsupported nlmsg_type 40 [ 121.397415][ T6863] tipc: Enabled bearer , priority 0 [ 121.427616][ T6870] syzkaller0: entered promiscuous mode [ 121.428063][ T6861] netlink: 13 bytes leftover after parsing attributes in process `syz.1.252'. [ 121.470198][ T6870] syzkaller0: entered allmulticast mode [ 121.575846][ T6863] tipc: Resetting bearer [ 121.595704][ T6858] tipc: Resetting bearer [ 121.694041][ T6858] tipc: Disabling bearer [ 121.804102][ T6884] netlink: 32 bytes leftover after parsing attributes in process `syz.4.260'. [ 121.847765][ T6887] netlink: 8 bytes leftover after parsing attributes in process `syz.0.261'. [ 121.857991][ T6887] net_ratelimit: 220 callbacks suppressed [ 121.858011][ T6887] openvswitch: netlink: nsh attribute has 2338 unknown bytes. [ 121.876392][ T6887] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 122.004607][ T6890] netlink: 4 bytes leftover after parsing attributes in process `syz.1.262'. [ 122.145521][ T6902] tipc: Enabled bearer , priority 0 [ 122.175482][ T6902] syzkaller0: entered promiscuous mode [ 122.193150][ T6902] syzkaller0: entered allmulticast mode [ 122.254489][ T6902] tipc: Resetting bearer [ 122.485877][ T6918] netlink: 12 bytes leftover after parsing attributes in process `syz.1.270'. [ 122.893836][ T6895] tipc: Resetting bearer [ 122.936743][ T6895] tipc: Disabling bearer [ 122.992938][ T6933] netlink: 20 bytes leftover after parsing attributes in process `syz.3.275'. [ 123.003318][ T6933] netlink: 12 bytes leftover after parsing attributes in process `syz.3.275'. [ 123.020327][ T6935] syzkaller0: entered promiscuous mode [ 123.031216][ T6935] syzkaller0: entered allmulticast mode [ 123.479336][ T6960] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 123.582990][ T6960] bridge0: port 2(bridge_slave_1) entered disabled state [ 123.590993][ T6960] bridge0: port 1(bridge_slave_0) entered disabled state [ 123.684237][ T6970] netlink: 'syz.0.286': attribute type 2 has an invalid length. [ 123.970272][ T6990] netlink: 'syz.1.290': attribute type 1 has an invalid length. [ 124.171642][ T6990] 8021q: adding VLAN 0 to HW filter on device bond4 [ 124.631267][ T7016] netlink: 'syz.0.297': attribute type 1 has an invalid length. [ 124.725697][ T7024] bond1: entered promiscuous mode [ 124.763495][ T7024] bond1: entered allmulticast mode [ 124.774213][ T7024] 8021q: adding VLAN 0 to HW filter on device bond1 [ 124.837344][ T7016] team0: Device wireguard0 is of different type [ 124.962454][ T7034] (unnamed net_device) (uninitialized): Unable to set peer notification delay as MII monitoring is disabled [ 125.151936][ T7040] __nla_validate_parse: 11 callbacks suppressed [ 125.151958][ T7040] netlink: 72 bytes leftover after parsing attributes in process `syz.1.300'. [ 125.501419][ T7055] netlink: 'syz.3.306': attribute type 1 has an invalid length. [ 125.774140][ T7068] netlink: 32 bytes leftover after parsing attributes in process `syz.3.310'. [ 125.818593][ T7068] netlink: 16 bytes leftover after parsing attributes in process `syz.3.310'. [ 126.424753][ T7077] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 126.597548][ C0] Illegal XDP return value 16128 on prog (id 59) dev bond0, expect packet loss! [ 126.966053][ T7127] netlink: 12 bytes leftover after parsing attributes in process `syz.1.321'. [ 127.101601][ T7133] netlink: 'syz.3.323': attribute type 13 has an invalid length. [ 127.188783][ T7133] veth0_macvtap: left promiscuous mode [ 127.256412][ T7133] macvtap0: entered allmulticast mode [ 127.267690][ T7140] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 127.274449][ T7140] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 127.333928][ T7133] macvtap0: refused to change device tx_queue_len [ 127.790470][ T7162] netlink: 4100 bytes leftover after parsing attributes in process `syz.0.329'. [ 128.211182][ T7172] netlink: 'syz.3.332': attribute type 11 has an invalid length. [ 128.241124][ T7173] netlink: 'syz.3.332': attribute type 11 has an invalid length. [ 128.263559][ T7172] netlink: 64 bytes leftover after parsing attributes in process `syz.3.332'. [ 128.272328][ T7173] netlink: 64 bytes leftover after parsing attributes in process `syz.3.332'. [ 128.576198][ T7185] netlink: 'syz.0.337': attribute type 21 has an invalid length. [ 128.607628][ T7185] netlink: 156 bytes leftover after parsing attributes in process `syz.0.337'. [ 128.788467][ T7196] netlink: 72 bytes leftover after parsing attributes in process `syz.4.342'. [ 129.077009][ T7208] netlink: 40 bytes leftover after parsing attributes in process `syz.0.347'. [ 129.127305][ T7208] bridge_slave_0: left allmulticast mode [ 129.133023][ T7208] bridge_slave_0: left promiscuous mode [ 129.171749][ T7208] bridge0: port 1(bridge_slave_0) entered disabled state [ 129.239058][ T7208] bridge_slave_1: left allmulticast mode [ 129.285672][ T7208] bridge_slave_1: left promiscuous mode [ 129.310674][ T7208] bridge0: port 2(bridge_slave_1) entered disabled state [ 129.367971][ T7208] bond0: (slave bond_slave_0): Releasing backup interface [ 129.429040][ T7208] bond0: (slave bond_slave_1): Releasing backup interface [ 129.463908][ T7208] team0: Port device team_slave_0 removed [ 129.517563][ T7208] team0: Port device team_slave_1 removed [ 129.539469][ T7208] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 129.567446][ T7208] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 129.591966][ T7208] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 129.611709][ T7208] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 129.699259][ T7236] tipc: Enabled bearer , priority 0 [ 129.708237][ T7235] syzkaller0: entered promiscuous mode [ 129.721520][ T7235] syzkaller0: entered allmulticast mode [ 129.797467][ T7235] tipc: Resetting bearer [ 129.902566][ T7233] tipc: Resetting bearer [ 129.939662][ T7233] tipc: Disabling bearer [ 129.960752][ T7244] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22 [ 129.970544][ T7244] netdevsim netdevsim2: Direct firmware load for . failed with error -22 [ 129.985571][ T7244] netdevsim netdevsim2: Falling back to sysfs fallback for: . [ 130.339686][ T7257] __nla_validate_parse: 1 callbacks suppressed [ 130.339707][ T7257] netlink: 16 bytes leftover after parsing attributes in process `syz.0.364'. [ 130.458000][ T7264] netlink: 'syz.1.366': attribute type 1 has an invalid length. [ 130.475339][ T7260] netlink: 232 bytes leftover after parsing attributes in process `syz.3.365'. [ 130.490057][ T7264] workqueue: Failed to create a rescuer kthread for wq "bond5": -EINTR [ 130.536685][ T7261] netlink: 232 bytes leftover after parsing attributes in process `syz.3.365'. [ 130.650931][ T7271] bridge_slave_0: invalid flags given to default FDB implementation [ 130.879561][ T7289] netlink: 28 bytes leftover after parsing attributes in process `syz.4.371'. [ 130.988130][ T7293] sctp: [Deprecated]: syz.2.373 (pid 7293) Use of int in maxseg socket option. [ 130.988130][ T7293] Use struct sctp_assoc_value instead [ 131.030517][ T7293] IPVS: length: 50 != 24 [ 131.481661][ T7313] netlink: 24 bytes leftover after parsing attributes in process `syz.2.377'. [ 131.523898][ T7318] netlink: 20 bytes leftover after parsing attributes in process `syz.0.379'. [ 131.852837][ T7335] netlink: 'syz.3.384': attribute type 1 has an invalid length. [ 132.038286][ T7348] openvswitch: netlink: Message has 4 unknown bytes. [ 132.087365][ T7335] 8021q: adding VLAN 0 to HW filter on device bond1 [ 132.432841][ T7341] 8021q: adding VLAN 0 to HW filter on device bond1 [ 132.453139][ T7341] bond1: (slave vxcan1): The slave device specified does not support setting the MAC address [ 132.491511][ T7341] bond1: (slave vxcan1): Error -95 calling set_mac_address [ 132.570199][ T7344] gretap1: entered promiscuous mode [ 132.581880][ T7344] bond1: (slave gretap1): making interface the new active one [ 132.590627][ T7344] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 132.616990][ T7335] macvlan2: entered promiscuous mode [ 132.622640][ T7335] macvlan2: entered allmulticast mode [ 132.634322][ T7335] bond1: entered promiscuous mode [ 132.650997][ T7335] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 132.698550][ T7335] bond1: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap1 [ 132.716493][ T7335] bond1: left promiscuous mode [ 132.808617][ T7353] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1 [ 133.008966][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.023471][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.130840][ T7372] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 133.202313][ T7382] netlink: 284 bytes leftover after parsing attributes in process `syz.1.393'. [ 133.288811][ T7372] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 133.333530][ T7381] netlink: 'syz.4.395': attribute type 5 has an invalid length. [ 133.413175][ T7394] netlink: 28 bytes leftover after parsing attributes in process `syz.2.396'. [ 133.470758][ T7400] netlink: 8 bytes leftover after parsing attributes in process `syz.1.397'. [ 133.473478][ T7394] netlink: 28 bytes leftover after parsing attributes in process `syz.2.396'. [ 133.992265][ T7420] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 134.383993][ T7446] netlink: 'syz.1.410': attribute type 178 has an invalid length. [ 134.553189][ T5837] IPVS: starting estimator thread 0... [ 134.579939][ T7449] IPVS: dh: SCTP 172.20.20.187:0 - no destination available [ 134.662981][ T7456] openvswitch: netlink: Tunnel attr 0 has unexpected len 16 expected 8 [ 134.675405][ T7451] IPVS: using max 26 ests per chain, 62400 per kthread [ 135.696496][ T7507] netlink: 'syz.3.430': attribute type 2 has an invalid length. [ 135.734720][ T7507] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 135.805639][ T7507] veth0: entered promiscuous mode [ 135.834396][ T7506] veth0: left promiscuous mode [ 135.877938][ T7513] __nla_validate_parse: 8 callbacks suppressed [ 135.877958][ T7513] netlink: 48 bytes leftover after parsing attributes in process `syz.1.433'. [ 135.916701][ T7514] netlink: 48 bytes leftover after parsing attributes in process `syz.1.433'. [ 136.097118][ T7520] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 136.199754][ T7520] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 136.298203][ T7530] bond0: option mode: unable to set because the bond device has slaves [ 136.456695][ T7542] syz_tun: entered allmulticast mode [ 136.526867][ T7542] syz_tun: left allmulticast mode [ 136.661359][ T7550] netlink: 'syz.3.443': attribute type 11 has an invalid length. [ 136.690579][ T7550] netlink: 8 bytes leftover after parsing attributes in process `syz.3.443'. [ 136.743152][ T7555] netlink: 'syz.3.443': attribute type 11 has an invalid length. [ 137.744411][ T7590] syzkaller1: entered promiscuous mode [ 137.757274][ T7590] syzkaller1: entered allmulticast mode [ 137.889798][ T7610] netlink: 'syz.0.459': attribute type 33 has an invalid length. [ 137.897797][ T7610] netlink: 152 bytes leftover after parsing attributes in process `syz.0.459'. [ 137.909320][ T7610] netlink: 4 bytes leftover after parsing attributes in process `syz.0.459'. [ 138.119864][ T7623] netlink: 4 bytes leftover after parsing attributes in process `syz.4.460'. [ 138.276382][ T7623] hsr_slave_1 (unregistering): left promiscuous mode [ 138.837623][ T7651] netlink: 52 bytes leftover after parsing attributes in process `syz.1.468'. [ 139.062734][ T7663] netdevsim netdevsim0 netdevsim0: entered promiscuous mode [ 139.305734][ T7672] nbd0: detected capacity change from 0 to 127 [ 139.495968][ T5856] block nbd0: Receive control failed (result -104) [ 139.512126][ T7689] netlink: 4 bytes leftover after parsing attributes in process `syz.0.478'. [ 139.940473][ T7707] netlink: 4 bytes leftover after parsing attributes in process `syz.1.484'. [ 139.959953][ T7707] netlink: 5 bytes leftover after parsing attributes in process `syz.1.484'. [ 140.333829][ T7734] delete_channel: no stack [ 140.994314][ T7761] netlink: 4 bytes leftover after parsing attributes in process `syz.1.498'. [ 141.014559][ T7764] netlink: 20 bytes leftover after parsing attributes in process `syz.0.499'. [ 141.068667][ T7764] netlink: 4 bytes leftover after parsing attributes in process `syz.0.499'. [ 141.212876][ T7764] veth5: entered allmulticast mode [ 141.527996][ T7778] netlink: 28 bytes leftover after parsing attributes in process `syz.4.504'. [ 141.799888][ T7794] netlink: 12 bytes leftover after parsing attributes in process `syz.1.510'. [ 141.829222][ T7796] netlink: 16 bytes leftover after parsing attributes in process `syz.4.511'. [ 141.843152][ T7794] netlink: 12 bytes leftover after parsing attributes in process `syz.1.510'. [ 142.041826][ T7812] bridge3: entered allmulticast mode [ 142.248742][ T7822] netlink: 12 bytes leftover after parsing attributes in process `syz.3.518'. [ 142.262217][ T7822] netlink: 104 bytes leftover after parsing attributes in process `syz.3.518'. [ 142.290265][ T7825] netlink: 9 bytes leftover after parsing attributes in process `syz.2.517'. [ 142.930025][ T7861] macvtap0: left allmulticast mode [ 142.947142][ T7861] gretap1: left promiscuous mode [ 142.969470][ T5955] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 143.043757][ T5955] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 143.719203][ T7902] netlink: 'syz.0.539': attribute type 1 has an invalid length. [ 143.992583][ T7913] netlink: 'syz.4.543': attribute type 1 has an invalid length. [ 144.001274][ T7913] netlink: 'syz.4.543': attribute type 2 has an invalid length. [ 144.009339][ T7913] netlink: 'syz.4.543': attribute type 1 has an invalid length. [ 144.034838][ T7916] netlink: 'syz.0.544': attribute type 5 has an invalid length. [ 144.184680][ T7918] openvswitch: netlink: Tunnel attr 0 has unexpected len 16 expected 8 [ 144.456996][ T7935] tipc: Enabled bearer , priority 0 [ 144.558825][ T7935] syzkaller0: entered promiscuous mode [ 144.574430][ T7935] syzkaller0: entered allmulticast mode [ 144.645271][ T7941] netlink: 'syz.2.552': attribute type 1 has an invalid length. [ 144.807672][ T7933] tipc: Resetting bearer [ 144.854976][ T7933] tipc: Disabling bearer [ 145.127364][ T7950] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.316018][ T7950] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.464548][ T7950] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.561492][ T7950] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.599410][ T7978] netdevsim netdevsim4 netdevsim0: entered promiscuous mode [ 145.662293][ T7984] netlink: 'syz.3.566': attribute type 8 has an invalid length. [ 145.769194][ T7028] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.827752][ T7154] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.886925][ T59] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.930834][ T59] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 146.256872][ T8009] __nla_validate_parse: 10 callbacks suppressed [ 146.256895][ T8009] netlink: 72 bytes leftover after parsing attributes in process `syz.1.576'. [ 146.317859][ T8007] tipc: Enabled bearer , priority 0 [ 146.337593][ T8007] syzkaller0: entered promiscuous mode [ 146.337778][ T8017] netlink: 64 bytes leftover after parsing attributes in process `syz.0.577'. [ 146.354033][ T8007] syzkaller0: entered allmulticast mode [ 146.367360][ T8015] A link change request failed with some changes committed already. Interface gre1 may have been left with an inconsistent configuration, please check. [ 146.416045][ T8021] A link change request failed with some changes committed already. Interface gre1 may have been left with an inconsistent configuration, please check. [ 146.524126][ T8007] tipc: Resetting bearer [ 146.791032][ T8006] tipc: Resetting bearer [ 146.829271][ T8006] tipc: Disabling bearer [ 146.858473][ T8039] netlink: 12 bytes leftover after parsing attributes in process `syz.0.587'. [ 146.940570][ T8058] netlink: 36 bytes leftover after parsing attributes in process `syz.1.592'. [ 146.970619][ T8060] openvswitch: netlink: Message has 8 unknown bytes. [ 147.337135][ T8087] tipc: Enabling of bearer rejected, failed to enable media [ 147.518674][ T8089] tipc: New replicast peer: 255.255.255.255 [ 147.534478][ T8089] tipc: Enabled bearer , priority 10 [ 147.597383][ T8103] netlink: 260 bytes leftover after parsing attributes in process `syz.0.607'. [ 147.611715][ T8103] netlink: 260 bytes leftover after parsing attributes in process `syz.0.607'. [ 149.358764][ T8179] netlink: 'syz.0.639': attribute type 5 has an invalid length. [ 149.842464][ T8205] netlink: 8 bytes leftover after parsing attributes in process `syz.4.652'. [ 150.470051][ T8236] netlink: 'syz.4.667': attribute type 1 has an invalid length. [ 150.581299][ T8236] bond3: entered promiscuous mode [ 150.626158][ T8236] 8021q: adding VLAN 0 to HW filter on device bond3 [ 150.703121][ T8244] 8021q: adding VLAN 0 to HW filter on device bond3 [ 150.721698][ T8244] bond3: (slave vcan1): The slave device specified does not support setting the MAC address [ 150.735269][ T8244] bond3: (slave vcan1): Setting fail_over_mac to active for active-backup mode [ 150.749525][ T8244] bond3: (slave vcan1): making interface the new active one [ 150.766370][ T8244] vcan1: entered promiscuous mode [ 150.774003][ T8244] bond3: (slave vcan1): Enslaving as an active interface with an up link [ 150.820924][ T8258] netlink: 12 bytes leftover after parsing attributes in process `syz.2.676'. [ 150.916823][ T8258] 8021q: adding VLAN 0 to HW filter on device bond1 [ 151.011532][ T8262] 8021q: adding VLAN 0 to HW filter on device bond1 [ 151.022339][ T8262] bond1: (slave vti0): The slave device specified does not support setting the MAC address [ 151.036644][ T8262] bond1: (slave vti0): Error -95 calling set_mac_address [ 151.310027][ T8286] netlink: 52 bytes leftover after parsing attributes in process `syz.2.687'. [ 151.642047][ T8304] netdevsim netdevsim2 netdevsim0: left promiscuous mode [ 151.651898][ T8304] netdevsim netdevsim2 netdevsim0: entered allmulticast mode [ 151.961533][ T8323] netlink: 'syz.3.704': attribute type 10 has an invalid length. [ 152.017139][ T8323] 8021q: adding VLAN 0 to HW filter on device team0 [ 152.050093][ T8323] bond0: (slave team0): Enslaving as an active interface with an up link [ 152.189184][ T8333] netlink: 8 bytes leftover after parsing attributes in process `syz.2.709'. [ 152.312682][ T8342] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 152.325866][ T8340] IPVS: stopping master sync thread 8342 ... [ 152.335019][ T8336] netlink: 'syz.3.708': attribute type 10 has an invalid length. [ 152.352981][ T8336] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 152.929718][ T8366] netlink: 4 bytes leftover after parsing attributes in process `syz.0.723'. [ 153.069630][ T8373] netlink: 'syz.4.726': attribute type 29 has an invalid length. [ 153.081148][ T8373] netlink: 8 bytes leftover after parsing attributes in process `syz.4.726'. [ 153.444958][ T8396] netlink: 'syz.1.731': attribute type 1 has an invalid length. [ 153.497209][ T8396] netlink: 'syz.1.731': attribute type 1 has an invalid length. [ 153.662764][ T8409] netlink: 12 bytes leftover after parsing attributes in process `syz.2.734'. [ 153.779245][ T8415] netlink: 20 bytes leftover after parsing attributes in process `syz.1.735'. [ 153.854547][ T8417] netlink: 12 bytes leftover after parsing attributes in process `syz.2.737'. [ 153.882589][ T8419] sctp: [Deprecated]: syz.4.739 (pid 8419) Use of struct sctp_assoc_value in delayed_ack socket option. [ 153.882589][ T8419] Use struct sctp_sack_info instead [ 153.899541][ T8417] netlink: 12 bytes leftover after parsing attributes in process `syz.2.737'. [ 153.956404][ T8417] bridge0: port 3(vlan2) entered blocking state [ 153.962909][ T8417] bridge0: port 3(vlan2) entered disabled state [ 153.969647][ T8417] vlan2: entered allmulticast mode [ 153.974934][ T8417] bridge0: entered allmulticast mode [ 154.001473][ T8417] vlan2: left allmulticast mode [ 154.007138][ T8417] bridge0: left allmulticast mode [ 154.155788][ T8432] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 154.753548][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 154.858056][ T8462] netlink: 36 bytes leftover after parsing attributes in process `syz.3.752'. [ 154.880305][ T8462] netlink: 8 bytes leftover after parsing attributes in process `syz.3.752'. [ 155.155303][ T8478] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0x5 [ 155.323087][ T8482] netlink: 'syz.1.759': attribute type 8 has an invalid length. [ 156.071218][ T8521] netlink: 'syz.1.770': attribute type 1 has an invalid length. [ 156.094547][ T8522] netlink: 'syz.1.770': attribute type 1 has an invalid length. [ 156.131834][ T8521] openvswitch: netlink: Key 9 has unexpected len 0 expected 4 [ 156.171899][ T8523] netlink: 'syz.2.769': attribute type 1 has an invalid length. [ 156.193008][ T8522] syzkaller1: entered promiscuous mode [ 156.220908][ T8522] syzkaller1: entered allmulticast mode [ 156.321813][ T8535] netlink: 'syz.4.774': attribute type 3 has an invalid length. [ 156.467908][ T8539] can: request_module (can-proto-3) failed. [ 156.520209][ T8546] __nla_validate_parse: 6 callbacks suppressed [ 156.520246][ T8546] netlink: 12 bytes leftover after parsing attributes in process `syz.4.777'. [ 156.560238][ T8549] netlink: 'syz.3.779': attribute type 1 has an invalid length. [ 156.567501][ T8546] netlink: 12 bytes leftover after parsing attributes in process `syz.4.777'. [ 156.591907][ T8549] netlink: 'syz.3.779': attribute type 2 has an invalid length. [ 156.880412][ T8566] netlink: 'syz.1.782': attribute type 1 has an invalid length. [ 156.889561][ T8560] netlink: 4 bytes leftover after parsing attributes in process `syz.0.781'. [ 156.920641][ T8566] netlink: 224 bytes leftover after parsing attributes in process `syz.1.782'. [ 156.990363][ T8573] Bluetooth: MGMT ver 1.23 [ 157.070542][ T8573] netlink: 'syz.3.785': attribute type 1 has an invalid length. [ 157.078434][ T8573] netlink: 220 bytes leftover after parsing attributes in process `syz.3.785'. [ 157.100339][ T8573] netlink: 'syz.3.785': attribute type 1 has an invalid length. [ 157.132518][ T8578] netdevsim netdevsim2 netdevsim0: entered promiscuous mode [ 157.141878][ T8578] netdevsim netdevsim2 netdevsim0: left allmulticast mode [ 157.149944][ T8578] netlink: 8 bytes leftover after parsing attributes in process `syz.2.786'. [ 157.449042][ T8596] tipc: Enabled bearer , priority 10 [ 157.587525][ T8600] FAULT_INJECTION: forcing a failure. [ 157.587525][ T8600] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 157.615885][ T8600] CPU: 1 UID: 0 PID: 8600 Comm: syz.0.795 Not tainted 6.16.0-syzkaller-06610-g4eabe4cc0958 #0 PREEMPT(full) [ 157.615923][ T8600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 157.615944][ T8600] Call Trace: [ 157.615953][ T8600] [ 157.615967][ T8600] dump_stack_lvl+0x189/0x250 [ 157.615995][ T8600] ? __pfx____ratelimit+0x10/0x10 [ 157.616027][ T8600] ? __pfx_dump_stack_lvl+0x10/0x10 [ 157.616050][ T8600] ? __pfx__printk+0x10/0x10 [ 157.616081][ T8600] ? __might_fault+0xb0/0x130 [ 157.616124][ T8600] should_fail_ex+0x414/0x560 [ 157.616164][ T8600] _copy_from_user+0x2d/0xb0 [ 157.616207][ T8600] ___sys_sendmsg+0x158/0x2a0 [ 157.616234][ T8600] ? __pfx____sys_sendmsg+0x10/0x10 [ 157.616298][ T8600] ? __fget_files+0x2a/0x420 [ 157.616317][ T8600] ? __fget_files+0x3a0/0x420 [ 157.616350][ T8600] __x64_sys_sendmsg+0x19b/0x260 [ 157.616376][ T8600] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 157.616411][ T8600] ? __pfx_ksys_write+0x10/0x10 [ 157.616439][ T8600] ? rcu_is_watching+0x15/0xb0 [ 157.616478][ T8600] ? do_syscall_64+0xbe/0x3b0 [ 157.616514][ T8600] do_syscall_64+0xfa/0x3b0 [ 157.616544][ T8600] ? lockdep_hardirqs_on+0x9c/0x150 [ 157.616574][ T8600] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 157.616595][ T8600] ? clear_bhb_loop+0x60/0xb0 [ 157.616622][ T8600] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 157.616643][ T8600] RIP: 0033:0x7f269718eb69 [ 157.616667][ T8600] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 157.616684][ T8600] RSP: 002b:00007f2697fdf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 157.616713][ T8600] RAX: ffffffffffffffda RBX: 00007f26973b5fa0 RCX: 00007f269718eb69 [ 157.616729][ T8600] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000005 [ 157.616742][ T8600] RBP: 00007f2697fdf090 R08: 0000000000000000 R09: 0000000000000000 [ 157.616755][ T8600] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 157.616767][ T8600] R13: 0000000000000000 R14: 00007f26973b5fa0 R15: 00007ffd7f279cc8 [ 157.616801][ T8600] [ 157.625305][ T8604] netlink: 12 bytes leftover after parsing attributes in process `syz.2.798'. [ 157.832631][ T8610] netlink: 16 bytes leftover after parsing attributes in process `syz.4.800'. [ 158.406594][ T8643] netlink: 20 bytes leftover after parsing attributes in process `syz.4.812'. [ 158.440334][ T8649] FAULT_INJECTION: forcing a failure. [ 158.440334][ T8649] name failslab, interval 1, probability 0, space 0, times 1 [ 158.465643][ T8643] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0 [ 158.483503][ T8649] CPU: 1 UID: 0 PID: 8649 Comm: syz.0.813 Not tainted 6.16.0-syzkaller-06610-g4eabe4cc0958 #0 PREEMPT(full) [ 158.483539][ T8649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 158.483552][ T8649] Call Trace: [ 158.483560][ T8649] [ 158.483569][ T8649] dump_stack_lvl+0x189/0x250 [ 158.483597][ T8649] ? __pfx____ratelimit+0x10/0x10 [ 158.483628][ T8649] ? __pfx_dump_stack_lvl+0x10/0x10 [ 158.483650][ T8649] ? __pfx__printk+0x10/0x10 [ 158.483683][ T8649] ? __pfx___might_resched+0x10/0x10 [ 158.483722][ T8649] should_fail_ex+0x414/0x560 [ 158.483762][ T8649] should_failslab+0xa8/0x100 [ 158.483785][ T8649] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 158.483819][ T8649] ? __alloc_skb+0x112/0x2d0 [ 158.483857][ T8649] __alloc_skb+0x112/0x2d0 [ 158.483894][ T8649] netlink_sendmsg+0x5c6/0xb30 [ 158.483937][ T8649] ? __pfx_netlink_sendmsg+0x10/0x10 [ 158.483974][ T8649] ? aa_sock_msg_perm+0x94/0x160 [ 158.484005][ T8649] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 158.484029][ T8649] ? __pfx_netlink_sendmsg+0x10/0x10 [ 158.484063][ T8649] __sock_sendmsg+0x21c/0x270 [ 158.484095][ T8649] ____sys_sendmsg+0x505/0x830 [ 158.484124][ T8649] ? __pfx_____sys_sendmsg+0x10/0x10 [ 158.484157][ T8649] ? import_iovec+0x74/0xa0 [ 158.484192][ T8649] ___sys_sendmsg+0x21f/0x2a0 [ 158.484217][ T8649] ? __pfx____sys_sendmsg+0x10/0x10 [ 158.484282][ T8649] ? __fget_files+0x2a/0x420 [ 158.484301][ T8649] ? __fget_files+0x3a0/0x420 [ 158.484334][ T8649] __x64_sys_sendmsg+0x19b/0x260 [ 158.484360][ T8649] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 158.484394][ T8649] ? __pfx_ksys_write+0x10/0x10 [ 158.484422][ T8649] ? rcu_is_watching+0x15/0xb0 [ 158.484461][ T8649] ? do_syscall_64+0xbe/0x3b0 [ 158.484497][ T8649] do_syscall_64+0xfa/0x3b0 [ 158.484539][ T8649] ? lockdep_hardirqs_on+0x9c/0x150 [ 158.484569][ T8649] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 158.484590][ T8649] ? clear_bhb_loop+0x60/0xb0 [ 158.484616][ T8649] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 158.484636][ T8649] RIP: 0033:0x7f269718eb69 [ 158.484655][ T8649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 158.484673][ T8649] RSP: 002b:00007f2697fdf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 158.484696][ T8649] RAX: ffffffffffffffda RBX: 00007f26973b5fa0 RCX: 00007f269718eb69 [ 158.484712][ T8649] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000005 [ 158.484725][ T8649] RBP: 00007f2697fdf090 R08: 0000000000000000 R09: 0000000000000000 [ 158.484737][ T8649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 158.484749][ T8649] R13: 0000000000000000 R14: 00007f26973b5fa0 R15: 00007ffd7f279cc8 [ 158.484785][ T8649] [ 159.052973][ T8668] netlink: 8 bytes leftover after parsing attributes in process `syz.3.823'. [ 159.603116][ T8714] vlan0: entered promiscuous mode [ 159.620323][ T8714] team0: Port device vlan0 added [ 160.384694][ T8748] validate_nla: 5 callbacks suppressed [ 160.384713][ T8748] netlink: 'syz.2.839': attribute type 3 has an invalid length. [ 160.529641][ T8757] netlink: 'syz.0.846': attribute type 75 has an invalid length. [ 160.627262][ T8764] FAULT_INJECTION: forcing a failure. [ 160.627262][ T8764] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 160.641823][ T8764] CPU: 0 UID: 0 PID: 8764 Comm: syz.1.848 Not tainted 6.16.0-syzkaller-06610-g4eabe4cc0958 #0 PREEMPT(full) [ 160.641855][ T8764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 160.641869][ T8764] Call Trace: [ 160.641877][ T8764] [ 160.641886][ T8764] dump_stack_lvl+0x189/0x250 [ 160.641914][ T8764] ? __pfx____ratelimit+0x10/0x10 [ 160.641945][ T8764] ? __pfx_dump_stack_lvl+0x10/0x10 [ 160.641967][ T8764] ? __pfx__printk+0x10/0x10 [ 160.641995][ T8764] ? __might_fault+0xb0/0x130 [ 160.642040][ T8764] should_fail_ex+0x414/0x560 [ 160.642079][ T8764] _copy_from_iter+0x1db/0x16f0 [ 160.642111][ T8764] ? rcu_is_watching+0x15/0xb0 [ 160.642147][ T8764] ? kmem_cache_alloc_node_noprof+0x217/0x3c0 [ 160.642182][ T8764] ? __pfx__copy_from_iter+0x10/0x10 [ 160.642211][ T8764] ? __build_skb_around+0x257/0x3e0 [ 160.642254][ T8764] ? netlink_sendmsg+0x642/0xb30 [ 160.642284][ T8764] ? skb_put+0x11b/0x210 [ 160.642308][ T8764] netlink_sendmsg+0x6b2/0xb30 [ 160.642354][ T8764] ? __pfx_netlink_sendmsg+0x10/0x10 [ 160.642380][ T8764] ? aa_sock_msg_perm+0x94/0x160 [ 160.642402][ T8764] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 160.642420][ T8764] ? __pfx_netlink_sendmsg+0x10/0x10 [ 160.642444][ T8764] __sock_sendmsg+0x21c/0x270 [ 160.642466][ T8764] ____sys_sendmsg+0x505/0x830 [ 160.642487][ T8764] ? __pfx_____sys_sendmsg+0x10/0x10 [ 160.642510][ T8764] ? import_iovec+0x74/0xa0 [ 160.642533][ T8764] ___sys_sendmsg+0x21f/0x2a0 [ 160.642551][ T8764] ? __pfx____sys_sendmsg+0x10/0x10 [ 160.642596][ T8764] ? __fget_files+0x2a/0x420 [ 160.642611][ T8764] ? __fget_files+0x3a0/0x420 [ 160.642633][ T8764] __x64_sys_sendmsg+0x19b/0x260 [ 160.642651][ T8764] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 160.642675][ T8764] ? __pfx_ksys_write+0x10/0x10 [ 160.642695][ T8764] ? rcu_is_watching+0x15/0xb0 [ 160.642722][ T8764] ? do_syscall_64+0xbe/0x3b0 [ 160.642747][ T8764] do_syscall_64+0xfa/0x3b0 [ 160.642768][ T8764] ? lockdep_hardirqs_on+0x9c/0x150 [ 160.642789][ T8764] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 160.642804][ T8764] ? clear_bhb_loop+0x60/0xb0 [ 160.642822][ T8764] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 160.642836][ T8764] RIP: 0033:0x7fec8038eb69 [ 160.642850][ T8764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 160.642863][ T8764] RSP: 002b:00007fec812ac038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 160.642881][ T8764] RAX: ffffffffffffffda RBX: 00007fec805b5fa0 RCX: 00007fec8038eb69 [ 160.642892][ T8764] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000005 [ 160.642901][ T8764] RBP: 00007fec812ac090 R08: 0000000000000000 R09: 0000000000000000 [ 160.642910][ T8764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 160.642919][ T8764] R13: 0000000000000000 R14: 00007fec805b5fa0 R15: 00007ffe2e15f928 [ 160.642942][ T8764] [ 161.268197][ T8777] netlink: 'syz.2.852': attribute type 33 has an invalid length. [ 161.591374][ T8801] FAULT_INJECTION: forcing a failure. [ 161.591374][ T8801] name failslab, interval 1, probability 0, space 0, times 0 [ 161.608116][ T8801] CPU: 1 UID: 0 PID: 8801 Comm: syz.4.859 Not tainted 6.16.0-syzkaller-06610-g4eabe4cc0958 #0 PREEMPT(full) [ 161.608147][ T8801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 161.608159][ T8801] Call Trace: [ 161.608167][ T8801] [ 161.608176][ T8801] dump_stack_lvl+0x189/0x250 [ 161.608204][ T8801] ? __pfx____ratelimit+0x10/0x10 [ 161.608235][ T8801] ? __pfx_dump_stack_lvl+0x10/0x10 [ 161.608257][ T8801] ? __pfx__printk+0x10/0x10 [ 161.608286][ T8801] ? __lock_acquire+0xab9/0xd20 [ 161.608326][ T8801] should_fail_ex+0x414/0x560 [ 161.608365][ T8801] should_failslab+0xa8/0x100 [ 161.608387][ T8801] kmem_cache_alloc_noprof+0x73/0x3c0 [ 161.608417][ T8801] ? skb_clone+0x212/0x3a0 [ 161.608445][ T8801] skb_clone+0x212/0x3a0 [ 161.608473][ T8801] __netlink_deliver_tap+0x404/0x850 [ 161.608519][ T8801] ? netlink_deliver_tap+0x2e/0x1b0 [ 161.608562][ T8801] netlink_deliver_tap+0x19c/0x1b0 [ 161.608596][ T8801] netlink_unicast+0x7fa/0x9e0 [ 161.608634][ T8801] ? __pfx_netlink_unicast+0x10/0x10 [ 161.608665][ T8801] ? netlink_sendmsg+0x642/0xb30 [ 161.608695][ T8801] ? skb_put+0x11b/0x210 [ 161.608719][ T8801] netlink_sendmsg+0x805/0xb30 [ 161.608762][ T8801] ? __pfx_netlink_sendmsg+0x10/0x10 [ 161.608799][ T8801] ? aa_sock_msg_perm+0x94/0x160 [ 161.608830][ T8801] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 161.608854][ T8801] ? __pfx_netlink_sendmsg+0x10/0x10 [ 161.608885][ T8801] __sock_sendmsg+0x21c/0x270 [ 161.608920][ T8801] ____sys_sendmsg+0x505/0x830 [ 161.608947][ T8801] ? __pfx_____sys_sendmsg+0x10/0x10 [ 161.608980][ T8801] ? import_iovec+0x74/0xa0 [ 161.609014][ T8801] ___sys_sendmsg+0x21f/0x2a0 [ 161.609038][ T8801] ? __pfx____sys_sendmsg+0x10/0x10 [ 161.609103][ T8801] ? __fget_files+0x2a/0x420 [ 161.609123][ T8801] ? __fget_files+0x3a0/0x420 [ 161.609157][ T8801] __x64_sys_sendmsg+0x19b/0x260 [ 161.609183][ T8801] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 161.609218][ T8801] ? __pfx_ksys_write+0x10/0x10 [ 161.609246][ T8801] ? rcu_is_watching+0x15/0xb0 [ 161.609286][ T8801] ? do_syscall_64+0xbe/0x3b0 [ 161.609324][ T8801] do_syscall_64+0xfa/0x3b0 [ 161.609354][ T8801] ? lockdep_hardirqs_on+0x9c/0x150 [ 161.609383][ T8801] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.609404][ T8801] ? clear_bhb_loop+0x60/0xb0 [ 161.609431][ T8801] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.609452][ T8801] RIP: 0033:0x7fac0e98eb69 [ 161.609471][ T8801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 161.609489][ T8801] RSP: 002b:00007fac0f7b9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 161.609512][ T8801] RAX: ffffffffffffffda RBX: 00007fac0ebb5fa0 RCX: 00007fac0e98eb69 [ 161.609534][ T8801] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000005 [ 161.609547][ T8801] RBP: 00007fac0f7b9090 R08: 0000000000000000 R09: 0000000000000000 [ 161.609560][ T8801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 161.609573][ T8801] R13: 0000000000000000 R14: 00007fac0ebb5fa0 R15: 00007ffca263e6f8 [ 161.609606][ T8801] [ 162.046213][ T8806] __nla_validate_parse: 11 callbacks suppressed [ 162.046234][ T8806] netlink: 4 bytes leftover after parsing attributes in process `syz.1.861'. [ 162.335719][ T8822] netlink: 348 bytes leftover after parsing attributes in process `syz.2.865'. [ 162.485058][ T8835] netlink: 'syz.0.867': attribute type 10 has an invalid length. [ 162.511448][ T8835] netlink: 'syz.0.867': attribute type 10 has an invalid length. [ 162.737921][ T8842] veth1_macvtap: left promiscuous mode [ 162.743818][ T8842] macsec0: entered promiscuous mode [ 162.749194][ T8842] macsec0: entered allmulticast mode [ 162.762849][ T8842] veth1_macvtap: entered promiscuous mode [ 162.769333][ T8842] veth1_macvtap: entered allmulticast mode [ 162.779420][ T8842] macsec0: left promiscuous mode [ 162.785455][ T8842] macsec0: left allmulticast mode [ 162.797803][ T8842] veth1_macvtap: left allmulticast mode [ 162.820789][ T8844] FAULT_INJECTION: forcing a failure. [ 162.820789][ T8844] name failslab, interval 1, probability 0, space 0, times 0 [ 162.842209][ T8844] CPU: 1 UID: 0 PID: 8844 Comm: syz.3.872 Not tainted 6.16.0-syzkaller-06610-g4eabe4cc0958 #0 PREEMPT(full) [ 162.842241][ T8844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 162.842254][ T8844] Call Trace: [ 162.842263][ T8844] [ 162.842272][ T8844] dump_stack_lvl+0x189/0x250 [ 162.842302][ T8844] ? __pfx____ratelimit+0x10/0x10 [ 162.842334][ T8844] ? __pfx_dump_stack_lvl+0x10/0x10 [ 162.842354][ T8844] ? __pfx__printk+0x10/0x10 [ 162.842384][ T8844] ? __pfx___might_resched+0x10/0x10 [ 162.842417][ T8844] ? fs_reclaim_acquire+0x7d/0x100 [ 162.842446][ T8844] should_fail_ex+0x414/0x560 [ 162.842486][ T8844] should_failslab+0xa8/0x100 [ 162.842510][ T8844] __kmalloc_cache_noprof+0x70/0x3d0 [ 162.842543][ T8844] ? tcf_chain_create+0xb0/0x310 [ 162.842569][ T8844] tcf_chain_create+0xb0/0x310 [ 162.842595][ T8844] __tcf_chain_get+0x111/0x3c0 [ 162.842629][ T8844] tc_new_tfilter+0x753/0x15b0 [ 162.842662][ T8844] ? __local_bh_enable_ip+0x12d/0x1c0 [ 162.842711][ T8844] ? __pfx_tc_new_tfilter+0x10/0x10 [ 162.842773][ T8844] ? __pfx_tc_new_tfilter+0x10/0x10 [ 162.842795][ T8844] rtnetlink_rcv_msg+0x7cf/0xb70 [ 162.842833][ T8844] ? rtnetlink_rcv_msg+0x1ab/0xb70 [ 162.842864][ T8844] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 162.842893][ T8844] ? ref_tracker_free+0x63a/0x7d0 [ 162.842915][ T8844] ? __asan_memcpy+0x40/0x70 [ 162.842941][ T8844] ? __pfx_ref_tracker_free+0x10/0x10 [ 162.842977][ T8844] netlink_rcv_skb+0x205/0x470 [ 162.843011][ T8844] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 162.843046][ T8844] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 162.843091][ T8844] ? netlink_deliver_tap+0x2e/0x1b0 [ 162.843133][ T8844] netlink_unicast+0x82c/0x9e0 [ 162.843201][ T8844] ? __pfx_netlink_unicast+0x10/0x10 [ 162.843235][ T8844] ? netlink_sendmsg+0x642/0xb30 [ 162.843265][ T8844] ? skb_put+0x11b/0x210 [ 162.843290][ T8844] netlink_sendmsg+0x805/0xb30 [ 162.843332][ T8844] ? __pfx_netlink_sendmsg+0x10/0x10 [ 162.843367][ T8844] ? aa_sock_msg_perm+0x94/0x160 [ 162.843398][ T8844] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 162.843422][ T8844] ? __pfx_netlink_sendmsg+0x10/0x10 [ 162.843456][ T8844] __sock_sendmsg+0x21c/0x270 [ 162.843489][ T8844] ____sys_sendmsg+0x505/0x830 [ 162.843519][ T8844] ? __pfx_____sys_sendmsg+0x10/0x10 [ 162.843553][ T8844] ? import_iovec+0x74/0xa0 [ 162.843588][ T8844] ___sys_sendmsg+0x21f/0x2a0 [ 162.843614][ T8844] ? __pfx____sys_sendmsg+0x10/0x10 [ 162.843677][ T8844] ? __fget_files+0x2a/0x420 [ 162.843698][ T8844] ? __fget_files+0x3a0/0x420 [ 162.843730][ T8844] __x64_sys_sendmsg+0x19b/0x260 [ 162.843756][ T8844] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 162.843790][ T8844] ? __pfx_ksys_write+0x10/0x10 [ 162.843817][ T8844] ? rcu_is_watching+0x15/0xb0 [ 162.843857][ T8844] ? do_syscall_64+0xbe/0x3b0 [ 162.843894][ T8844] do_syscall_64+0xfa/0x3b0 [ 162.843925][ T8844] ? lockdep_hardirqs_on+0x9c/0x150 [ 162.843955][ T8844] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 162.843976][ T8844] ? clear_bhb_loop+0x60/0xb0 [ 162.844002][ T8844] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 162.844022][ T8844] RIP: 0033:0x7f4488b8eb69 [ 162.844042][ T8844] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 162.844059][ T8844] RSP: 002b:00007f44889f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 162.844083][ T8844] RAX: ffffffffffffffda RBX: 00007f4488db5fa0 RCX: 00007f4488b8eb69 [ 162.844099][ T8844] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000005 [ 162.844112][ T8844] RBP: 00007f44889f7090 R08: 0000000000000000 R09: 0000000000000000 [ 162.844125][ T8844] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 162.844137][ T8844] R13: 0000000000000000 R14: 00007f4488db5fa0 R15: 00007ffdaf06a078 [ 162.844181][ T8844] [ 163.278587][ T8848] team0: Port device vlan0 removed [ 163.375466][ T8831] netlink: 'syz.1.868': attribute type 10 has an invalid length. [ 163.440636][ T8850] team0: Mode changed to "activebackup" [ 163.450929][ T8852] netlink: 40 bytes leftover after parsing attributes in process `syz.4.874'. [ 163.690102][ T8864] tipc: Enabled bearer , priority 0 [ 163.704442][ T8865] syzkaller0: entered promiscuous mode [ 163.717651][ T8865] syzkaller0: entered allmulticast mode [ 163.820955][ T8865] tipc: Resetting bearer [ 163.860959][ T8877] netlink: 'syz.4.882': attribute type 11 has an invalid length. [ 163.872349][ T8877] netlink: 224 bytes leftover after parsing attributes in process `syz.4.882'. [ 163.906672][ T8880] netlink: 60 bytes leftover after parsing attributes in process `syz.2.884'. [ 163.907628][ T8865] tipc: Disabling bearer [ 164.075704][ T8893] (unnamed net_device) (uninitialized): peer notification delay (1164) is not a multiple of miimon (100), value rounded to 1100 ms [ 164.137008][ T8893] bond2: entered promiscuous mode [ 164.142246][ T8893] bond2: entered allmulticast mode [ 164.151967][ T8893] 8021q: adding VLAN 0 to HW filter on device bond2 [ 164.161127][ T8894] netlink: 'syz.1.887': attribute type 33 has an invalid length. [ 164.319303][ T8906] netlink: 'syz.4.890': attribute type 1 has an invalid length. [ 164.343682][ T8906] netlink: 12 bytes leftover after parsing attributes in process `syz.4.890'. [ 164.638675][ T8926] netlink: 'syz.0.897': attribute type 12 has an invalid length. [ 164.646928][ T8926] netlink: 132 bytes leftover after parsing attributes in process `syz.0.897'. [ 165.108110][ T8954] xt_limit: Overflow, try lower: 604147548/4200216962 [ 165.139766][ T8956] netlink: 'syz.1.908': attribute type 1 has an invalid length. [ 165.250894][ T8958] bond5: (slave gretap1): making interface the new active one [ 165.262282][ T8958] bond5: (slave gretap1): Enslaving as an active interface with an up link [ 165.272626][ T8962] C: renamed from lo (while UP) [ 165.296052][ T8962] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input5 [ 165.492215][ T8966] validate_nla: 1 callbacks suppressed [ 165.492234][ T8966] netlink: 'syz.2.912': attribute type 7 has an invalid length. [ 165.508196][ T8966] netlink: 28 bytes leftover after parsing attributes in process `syz.2.912'. [ 165.520929][ T8966] 8021q: adding VLAN 0 to HW filter on device bond2 [ 165.543235][ T8972] pim6reg: entered allmulticast mode [ 165.832198][ T8989] netlink: 'syz.2.921': attribute type 29 has an invalid length. [ 165.854411][ T8992] netlink: 'syz.2.921': attribute type 29 has an invalid length. [ 165.966815][ T8998] netlink: 'syz.3.926': attribute type 1 has an invalid length. [ 165.977370][ T8998] netlink: 'syz.3.926': attribute type 3 has an invalid length. [ 165.986040][ T8998] netlink: 224 bytes leftover after parsing attributes in process `syz.3.926'. [ 165.998913][ T8998] bond0: Error: Cannot enslave bond to itself. [ 166.015118][ T8996] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 166.136645][ T9003] netlink: 8 bytes leftover after parsing attributes in process `syz.0.927'. [ 166.145686][ T9003] netlink: 'syz.0.927': attribute type 12 has an invalid length. [ 166.157239][ T9003] netlink: 'syz.0.927': attribute type 11 has an invalid length. [ 166.206915][ T9008] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 166.469542][ T9010] vlan2: entered allmulticast mode [ 166.496853][ T9010] mac80211_hwsim hwsim6 wlan0: entered allmulticast mode [ 166.930848][ T9047] sctp: [Deprecated]: syz.1.944 (pid 9047) Use of int in max_burst socket option. [ 166.930848][ T9047] Use struct sctp_assoc_value instead [ 167.034895][ T9052] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 167.100907][ T9060] __nla_validate_parse: 5 callbacks suppressed [ 167.100929][ T9060] netlink: 68 bytes leftover after parsing attributes in process `syz.2.948'. [ 167.491895][ T9083] netlink: 4 bytes leftover after parsing attributes in process `syz.0.955'. [ 167.717436][ T9096] netlink: 'syz.1.958': attribute type 23 has an invalid length. [ 167.771100][ T9096] netlink: 8 bytes leftover after parsing attributes in process `syz.1.958'. [ 167.850978][ T9102] netlink: 8 bytes leftover after parsing attributes in process `syz.0.959'. [ 167.872116][ T9102] netlink: 5 bytes leftover after parsing attributes in process `syz.0.959'. [ 168.079951][ T9111] 8021q: adding VLAN 0 to HW filter on device bond6 [ 168.339234][ T9132] netlink: 'syz.0.968': attribute type 1 has an invalid length. [ 168.351306][ T9132] netlink: 224 bytes leftover after parsing attributes in process `syz.0.968'. [ 168.410415][ T9137] netlink: 'syz.1.969': attribute type 29 has an invalid length. [ 168.529036][ T9148] bond0: option mode: unable to set because the bond device has slaves [ 168.651699][ T9153] team0: Port device dummy0 added [ 168.692055][ T9157] netlink: 16 bytes leftover after parsing attributes in process `syz.1.973'. [ 168.715118][ T9155] netlink: 16 bytes leftover after parsing attributes in process `syz.1.973'. [ 168.729746][ T9153] team0: Port device dummy0 removed [ 168.737332][ T9160] netlink: 20 bytes leftover after parsing attributes in process `syz.4.975'. [ 168.756792][ T9153] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 168.876949][ T9173] netlink: 5 bytes leftover after parsing attributes in process `syz.0.977'. [ 169.060272][ T9160] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 169.064224][ T5955] syzkaller0: tun_net_xmit 76 [ 169.085248][ T9160] syzkaller0: Linktype set failed because interface is up [ 169.175706][ T5955] syzkaller0: tun_net_xmit 76 [ 169.391297][ T9208] delete_channel: no stack [ 169.497534][ T94] block nbd0: Possible stuck request ffff88802596e000: control (read@0,1024B). Runtime 30 seconds [ 169.510149][ T94] block nbd0: Possible stuck request ffff88802596e1c0: control (read@1024,1024B). Runtime 30 seconds [ 169.522086][ T94] block nbd0: Possible stuck request ffff88802596e380: control (read@2048,1024B). Runtime 30 seconds [ 169.533192][ T94] block nbd0: Possible stuck request ffff88802596e540: control (read@3072,1024B). Runtime 30 seconds [ 170.839545][ T9237] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes. [ 171.254876][ T9262] tipc: Enabled bearer , priority 0 [ 171.289706][ T9262] syzkaller0: entered promiscuous mode [ 171.310098][ T9262] syzkaller0: entered allmulticast mode [ 171.442003][ T9262] tipc: Resetting bearer [ 171.450530][ T9259] tipc: Resetting bearer [ 171.522220][ T9259] tipc: Disabling bearer [ 171.666671][ T9280] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 171.722873][ T9284] validate_nla: 3 callbacks suppressed [ 171.722893][ T9284] netlink: 'syz.1.1009': attribute type 3 has an invalid length. [ 171.825638][ T9291] netlink: 'syz.2.1010': attribute type 33 has an invalid length. [ 171.986740][ T9298] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 172.207596][ T9312] tipc: Enabled bearer , priority 0 [ 172.268384][ T9311] tipc: Disabling bearer [ 172.296273][ T9321] __nla_validate_parse: 16 callbacks suppressed [ 172.296807][ T9321] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1023'. [ 172.579546][ T9335] netlink: 'syz.4.1025': attribute type 10 has an invalid length. [ 172.621709][ T9335] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 172.633905][ T9339] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1028'. [ 172.648063][ T9343] netlink: 128 bytes leftover after parsing attributes in process `syz.3.1029'. [ 172.704358][ T9343] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1029'. [ 172.747951][ T9343] netlink: 'syz.3.1029': attribute type 39 has an invalid length. [ 172.888287][ T9355] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1031'. [ 172.947602][ T9358] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1033'. [ 173.127454][ T9379] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1036'. [ 173.160998][ T9379] 8021q: VLANs not supported on gre0 [ 173.186813][ T9384] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1035'. [ 173.314800][ T9391] vlan3: entered allmulticast mode [ 173.319998][ T9391] veth1: entered allmulticast mode [ 173.350897][ T9394] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1038'. [ 173.477392][ T9387] netlink: 228 bytes leftover after parsing attributes in process `syz.3.1038'. [ 173.937291][ T9433] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 174.375779][ T9462] netlink: 'syz.3.1060': attribute type 7 has an invalid length. [ 174.393159][ T9462] netlink: 'syz.3.1060': attribute type 8 has an invalid length. [ 174.657477][ T9468] netlink: 'syz.3.1063': attribute type 2 has an invalid length. [ 174.866502][ T9483] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR [ 175.494104][ T9518] vlan2: entered allmulticast mode [ 175.514601][ T9518] mac80211_hwsim hwsim4 wlan0: entered allmulticast mode [ 175.525363][ T9521] netlink: 'syz.1.1078': attribute type 5 has an invalid length. [ 175.580518][ T9530] netlink: 'syz.3.1081': attribute type 7 has an invalid length. [ 175.751407][ T9538] netlink: 'syz.3.1085': attribute type 1 has an invalid length. [ 176.421623][ T9585] syz.3.1099 uses old SIOCAX25GETINFO [ 176.514412][ T9585] veth1_to_bond: entered allmulticast mode [ 176.537740][ T9591] IPVS: set_ctl: invalid protocol: 0 10.1.1.2:20004 [ 176.614681][ T9585] veth1_to_bond (unregistering): left allmulticast mode [ 176.755366][ T9599] veth0: entered promiscuous mode [ 177.347736][ T9633] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 177.371729][ T9633] af_packet: tpacket_rcv: packet too big, clamped from 103 to 4294967272. macoff=96 [ 177.766304][ T9659] validate_nla: 2 callbacks suppressed [ 177.766324][ T9659] netlink: 'syz.2.1119': attribute type 10 has an invalid length. [ 177.801371][ T9659] bridge0: port 2(bridge_slave_1) entered disabled state [ 177.812658][ T9657] __nla_validate_parse: 17 callbacks suppressed [ 177.812680][ T9657] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1118'. [ 177.827295][ T9659] bridge_slave_1: left allmulticast mode [ 177.845751][ T9659] bridge_slave_1: left promiscuous mode [ 177.852093][ T9659] bridge0: port 2(bridge_slave_1) entered disabled state [ 177.868039][ T9659] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link [ 178.098503][ T9676] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1124'. [ 178.179741][ T9681] netlink: 'syz.2.1126': attribute type 6 has an invalid length. [ 178.331285][ T9693] netlink: 'syz.2.1130': attribute type 6 has an invalid length. [ 178.806159][ T1103] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 178.818133][ T1103] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 178.829536][ T1103] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 178.850533][ T1103] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 178.890845][ T9727] netlink: 'syz.0.1142': attribute type 1 has an invalid length. [ 178.933780][ T9727] 8021q: adding VLAN 0 to HW filter on device bond1 [ 178.941898][ T9727] netlink: 696 bytes leftover after parsing attributes in process `syz.0.1142'. [ 178.944210][ T9728] netlink: 'syz.2.1143': attribute type 1 has an invalid length. [ 178.993744][ T9728] nbd: error processing sock list [ 179.017064][ T9728] block nbd1: shutting down sockets [ 179.188462][ T9745] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1147'. [ 179.427209][ T9758] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1152'. [ 180.129898][ T9775] gtp0: entered promiscuous mode [ 180.140132][ T9778] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1156'. [ 180.196897][ T9784] netdevsim netdevsim2: Direct firmware load for failed with error -2 [ 180.216142][ T9784] netdevsim netdevsim2: Falling back to sysfs fallback for: [ 180.521856][ T9804] batadv_slave_1: entered promiscuous mode [ 180.555525][ T9804] netlink: 'syz.3.1163': attribute type 11 has an invalid length. [ 180.585234][ T9807] macvtap1: entered allmulticast mode [ 180.590688][ T9807] veth0_macvtap: entered allmulticast mode [ 180.593857][ T9804] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1163'. [ 180.648398][ T9800] batadv_slave_1: left promiscuous mode [ 180.667877][ T9813] mac80211_hwsim hwsim7 syzkaller0: entered promiscuous mode [ 180.694218][ T9813] mac80211_hwsim hwsim7 syzkaller0: entered allmulticast mode [ 180.740706][ T9813] syzkaller0: mtu less than device minimum [ 180.782203][ T9813] tipc: Enabled bearer , priority 0 [ 181.002776][ T9831] netlink: 168 bytes leftover after parsing attributes in process `syz.2.1174'. [ 181.086510][ T9840] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1177'. [ 181.121322][ T9842] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1175'. [ 181.451727][ T9863] netlink: 'syz.2.1182': attribute type 1 has an invalid length. [ 181.471849][ T9863] netlink: 'syz.2.1182': attribute type 1 has an invalid length. [ 181.488850][ T9863] netlink: 'syz.2.1182': attribute type 2 has an invalid length. [ 181.848851][ T9881] ip6gretap0: entered promiscuous mode [ 181.872402][ T9881] netlink: 'syz.3.1189': attribute type 1 has an invalid length. [ 181.921199][ T9881] bond4: entered promiscuous mode [ 181.927906][ T9881] 8021q: adding VLAN 0 to HW filter on device bond4 [ 182.053648][ T9883] 8021q: adding VLAN 0 to HW filter on device bond5 [ 182.096706][ T9883] bond4: (slave bond5): making interface the new active one [ 182.115747][ T9883] bond5: entered promiscuous mode [ 182.122092][ T9883] bond4: (slave bond5): Enslaving as an active interface with an up link [ 182.211009][ T9896] tipc: Enabling of bearer rejected, already enabled [ 182.223167][ T9896] tipc: New replicast peer: 127.0.0.1 [ 182.262414][ T9898] geneve2: entered promiscuous mode [ 182.288692][ T9898] netlink: 'syz.1.1195': attribute type 32 has an invalid length. [ 182.414340][ T9908] netdevsim netdevsim4 ÿÿÿÿÿÿ€: renamed from netdevsim0 [ 182.768240][ T9931] (unnamed net_device) (uninitialized): option xmit_hash_policy: invalid value (64) [ 182.884808][ T9923] __nla_validate_parse: 8 callbacks suppressed [ 182.884829][ T9923] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1203'. [ 182.962455][ T9923] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1203'. [ 183.054077][ T9963] syzkaller0: entered promiscuous mode [ 183.075361][ T9963] syzkaller0: entered allmulticast mode [ 183.349210][ T9972] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 183.717064][ T9990] tipc: Enabled bearer , priority 0 [ 183.738946][ T9991] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1221'. [ 183.750054][ T9990] tipc: Resetting bearer [ 183.816380][ T9995] IPVS: set_ctl: invalid protocol: 50 224.0.0.1:260 [ 184.236105][T10013] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1229'. [ 184.268636][ T9988] tipc: Disabling bearer [ 184.885310][T10054] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1244'. [ 184.908138][T10054] openvswitch: netlink: nsh attr 8196 is out of range max 3 [ 184.928688][T10054] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 184.948176][T10060] validate_nla: 1 callbacks suppressed [ 184.948197][T10060] netlink: 'syz.3.1247': attribute type 11 has an invalid length. [ 184.969235][T10060] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1247'. [ 185.036157][ T9378] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 185.045495][T10060] netlink: 'syz.3.1247': attribute type 11 has an invalid length. [ 185.070739][ T9378] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 185.093657][T10060] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1247'. [ 185.126242][ T9378] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 185.302875][T10069] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1251'. [ 185.337362][T10069] netlink: 25 bytes leftover after parsing attributes in process `syz.0.1251'. [ 185.492235][T10082] netlink: 92 bytes leftover after parsing attributes in process `syz.3.1255'. [ 186.322992][T10135] openvswitch: netlink: Missing key (keys=40, expected=200000) [ 186.347891][T10139] netlink: 'syz.1.1270': attribute type 10 has an invalid length. [ 186.424506][T10139] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 186.508771][T10147] netlink: 'syz.3.1274': attribute type 4 has an invalid length. [ 186.546320][T10147] netlink: 'syz.3.1274': attribute type 4 has an invalid length. [ 186.626243][T10154] netlink: 'syz.0.1277': attribute type 11 has an invalid length. [ 186.644673][T10154] nbd: socks must be embedded in a SOCK_ITEM attr [ 194.437158][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.554525][ T94] block nbd0: Possible stuck request ffff88802596e000: control (read@0,1024B). Runtime 60 seconds [ 199.565433][ T94] block nbd0: Possible stuck request ffff88802596e1c0: control (read@1024,1024B). Runtime 60 seconds [ 199.576416][ T94] block nbd0: Possible stuck request ffff88802596e380: control (read@2048,1024B). Runtime 60 seconds [ 199.587440][ T94] block nbd0: Possible stuck request ffff88802596e540: control (read@3072,1024B). Runtime 60 seconds [ 203.372869][ T5844] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 203.388109][ T5838] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 203.397944][ T5838] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 203.405471][ T5156] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 203.415211][ T5156] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 203.422354][ T5838] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 203.435629][ T5838] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 203.444092][ T5838] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 203.451432][ T5156] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 203.467439][ T5156] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 203.576193][ T5844] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 203.587311][ T5156] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 203.597913][ T5156] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 203.606470][ T5844] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 203.614168][ T5156] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 203.624513][ T5844] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 203.632717][ T5156] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 203.640605][ T5844] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 203.651200][ T5856] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 203.661642][ T5856] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 203.681862][ T5838] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 203.699085][ T5838] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 203.708959][ T5838] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 203.726207][ T5838] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 203.737671][ T5838] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 203.931772][T10199] chnl_net:caif_netlink_parms(): no params data found [ 204.141305][T10199] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.149716][T10199] bridge0: port 1(bridge_slave_0) entered disabled state [ 204.159293][T10199] bridge_slave_0: entered allmulticast mode [ 204.167301][T10199] bridge_slave_0: entered promiscuous mode [ 204.221969][T10199] bridge0: port 2(bridge_slave_1) entered blocking state [ 204.229396][T10199] bridge0: port 2(bridge_slave_1) entered disabled state [ 204.236935][T10199] bridge_slave_1: entered allmulticast mode [ 204.244573][T10199] bridge_slave_1: entered promiscuous mode [ 204.347234][T10199] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 204.367541][T10199] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 204.485638][T10199] team0: Port device team_slave_0 added [ 204.492490][T10200] chnl_net:caif_netlink_parms(): no params data found [ 204.539875][T10199] team0: Port device team_slave_1 added [ 204.634597][T10203] chnl_net:caif_netlink_parms(): no params data found [ 204.654911][T10199] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 204.661891][T10199] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 204.690761][T10199] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 204.751827][T10199] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 204.759074][T10199] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 204.787350][T10199] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 205.004723][T10200] bridge0: port 1(bridge_slave_0) entered blocking state [ 205.011902][T10200] bridge0: port 1(bridge_slave_0) entered disabled state [ 205.019696][T10200] bridge_slave_0: entered allmulticast mode [ 205.029875][T10200] bridge_slave_0: entered promiscuous mode [ 205.065389][T10204] chnl_net:caif_netlink_parms(): no params data found [ 205.086279][T10200] bridge0: port 2(bridge_slave_1) entered blocking state [ 205.094244][T10200] bridge0: port 2(bridge_slave_1) entered disabled state [ 205.101485][T10200] bridge_slave_1: entered allmulticast mode [ 205.109380][T10200] bridge_slave_1: entered promiscuous mode [ 205.146011][T10199] hsr_slave_0: entered promiscuous mode [ 205.152732][T10199] hsr_slave_1: entered promiscuous mode [ 205.159684][T10199] debugfs: 'hsr0' already exists in 'hsr' [ 205.165565][T10199] Cannot create hsr debugfs directory [ 205.171430][T10208] chnl_net:caif_netlink_parms(): no params data found [ 205.249592][T10200] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 205.264269][T10200] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 205.336173][T10203] bridge0: port 1(bridge_slave_0) entered blocking state [ 205.343560][T10203] bridge0: port 1(bridge_slave_0) entered disabled state [ 205.350856][T10203] bridge_slave_0: entered allmulticast mode [ 205.358764][T10203] bridge_slave_0: entered promiscuous mode [ 205.410235][T10203] bridge0: port 2(bridge_slave_1) entered blocking state [ 205.418011][T10203] bridge0: port 2(bridge_slave_1) entered disabled state [ 205.425740][T10203] bridge_slave_1: entered allmulticast mode [ 205.433105][T10203] bridge_slave_1: entered promiscuous mode [ 205.480481][T10200] team0: Port device team_slave_0 added [ 205.535358][T10200] team0: Port device team_slave_1 added [ 205.554420][ T5856] Bluetooth: hci5: command tx timeout [ 205.564060][ T5856] Bluetooth: hci6: command tx timeout [ 205.622677][T10204] bridge0: port 1(bridge_slave_0) entered blocking state [ 205.630673][T10204] bridge0: port 1(bridge_slave_0) entered disabled state [ 205.638805][T10204] bridge_slave_0: entered allmulticast mode [ 205.647040][T10204] bridge_slave_0: entered promiscuous mode [ 205.657633][T10203] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 205.670973][T10203] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 205.713710][ T5856] Bluetooth: hci7: command tx timeout [ 205.714640][ T5838] Bluetooth: hci8: command tx timeout [ 205.727914][T10204] bridge0: port 2(bridge_slave_1) entered blocking state [ 205.735330][T10204] bridge0: port 2(bridge_slave_1) entered disabled state [ 205.742602][T10204] bridge_slave_1: entered allmulticast mode [ 205.750088][T10204] bridge_slave_1: entered promiscuous mode [ 205.778973][T10200] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 205.786471][T10200] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 205.793765][ T5838] Bluetooth: hci9: command tx timeout [ 205.813690][T10200] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 205.831814][T10200] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 205.840001][T10200] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 205.867705][T10200] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 205.879605][T10208] bridge0: port 1(bridge_slave_0) entered blocking state [ 205.887417][T10208] bridge0: port 1(bridge_slave_0) entered disabled state [ 205.894895][T10208] bridge_slave_0: entered allmulticast mode [ 205.902574][T10208] bridge_slave_0: entered promiscuous mode [ 205.972594][T10208] bridge0: port 2(bridge_slave_1) entered blocking state [ 205.980041][T10208] bridge0: port 2(bridge_slave_1) entered disabled state [ 205.988006][T10208] bridge_slave_1: entered allmulticast mode [ 205.996169][T10208] bridge_slave_1: entered promiscuous mode [ 206.007153][T10204] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 206.026033][T10203] team0: Port device team_slave_0 added [ 206.080241][T10204] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 206.110329][T10203] team0: Port device team_slave_1 added [ 206.197545][T10200] hsr_slave_0: entered promiscuous mode [ 206.205292][T10200] hsr_slave_1: entered promiscuous mode [ 206.211981][T10200] debugfs: 'hsr0' already exists in 'hsr' [ 206.217893][T10200] Cannot create hsr debugfs directory [ 206.243942][T10208] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 206.256169][T10204] team0: Port device team_slave_0 added [ 206.305175][T10208] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 206.335210][T10204] team0: Port device team_slave_1 added [ 206.358901][T10203] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 206.366518][T10203] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 206.392821][T10203] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 206.406309][T10203] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 206.414307][T10203] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 206.440635][T10203] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 206.511978][T10208] team0: Port device team_slave_0 added [ 206.549014][T10204] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 206.556238][T10204] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 206.583446][T10204] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 206.597890][T10208] team0: Port device team_slave_1 added [ 206.637237][T10204] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 206.645617][T10204] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 206.671893][T10204] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 206.760523][T10203] hsr_slave_0: entered promiscuous mode [ 206.768017][T10203] hsr_slave_1: entered promiscuous mode [ 206.774576][T10203] debugfs: 'hsr0' already exists in 'hsr' [ 206.780318][T10203] Cannot create hsr debugfs directory [ 206.810099][T10208] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 206.817436][T10208] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 206.844442][T10208] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 206.858265][T10208] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 206.865565][T10208] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 206.891696][T10208] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 207.016605][T10204] hsr_slave_0: entered promiscuous mode [ 207.023168][T10204] hsr_slave_1: entered promiscuous mode [ 207.030528][T10204] debugfs: 'hsr0' already exists in 'hsr' [ 207.036463][T10204] Cannot create hsr debugfs directory [ 207.155550][T10208] hsr_slave_0: entered promiscuous mode [ 207.162277][T10208] hsr_slave_1: entered promiscuous mode [ 207.169484][T10208] debugfs: 'hsr0' already exists in 'hsr' [ 207.175403][T10208] Cannot create hsr debugfs directory [ 207.644300][ T5838] Bluetooth: hci6: command tx timeout [ 207.644309][ T5856] Bluetooth: hci5: command tx timeout [ 207.793510][ T5856] Bluetooth: hci7: command tx timeout [ 207.793886][ T5838] Bluetooth: hci8: command tx timeout [ 207.873652][ T5838] Bluetooth: hci9: command tx timeout [ 209.713616][ T5838] Bluetooth: hci6: command tx timeout [ 209.719094][ T5838] Bluetooth: hci5: command tx timeout [ 209.873528][ T5838] Bluetooth: hci7: command tx timeout [ 209.873540][ T5856] Bluetooth: hci8: command tx timeout [ 209.961363][ T5838] Bluetooth: hci9: command tx timeout [ 211.793537][ T5838] Bluetooth: hci5: command tx timeout [ 211.804214][ T5838] Bluetooth: hci6: command tx timeout [ 211.953565][ T5838] Bluetooth: hci7: command tx timeout [ 211.953770][ T5856] Bluetooth: hci8: command tx timeout [ 212.033679][ T5856] Bluetooth: hci9: command tx timeout [ 214.914648][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 216.993539][ T5856] Bluetooth: hci2: command 0x0406 tx timeout [ 217.003751][ T5838] Bluetooth: hci1: command 0x0406 tx timeout [ 217.003916][ T5856] Bluetooth: hci3: command 0x0406 tx timeout [ 229.634595][ T94] block nbd0: Possible stuck request ffff88802596e000: control (read@0,1024B). Runtime 90 seconds [ 229.645632][ T94] block nbd0: Possible stuck request ffff88802596e1c0: control (read@1024,1024B). Runtime 90 seconds [ 229.657185][ T94] block nbd0: Possible stuck request ffff88802596e380: control (read@2048,1024B). Runtime 90 seconds [ 229.669314][ T94] block nbd0: Possible stuck request ffff88802596e540: control (read@3072,1024B). Runtime 90 seconds [ 255.877285][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 259.718366][ T94] block nbd0: Possible stuck request ffff88802596e000: control (read@0,1024B). Runtime 120 seconds [ 259.729483][ T94] block nbd0: Possible stuck request ffff88802596e1c0: control (read@1024,1024B). Runtime 120 seconds [ 259.740578][ T94] block nbd0: Possible stuck request ffff88802596e380: control (read@2048,1024B). Runtime 120 seconds [ 259.751632][ T94] block nbd0: Possible stuck request ffff88802596e540: control (read@3072,1024B). Runtime 120 seconds [ 263.934077][ T5844] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 263.944663][ T5844] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 263.955681][ T5856] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 263.967111][ T5856] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 263.976553][ T5838] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 263.977170][ T5856] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 263.993233][ T5838] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 263.994461][ T5856] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 264.015105][ T5856] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 264.023512][ T5856] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 264.122238][ T5156] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 264.131817][ T5156] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 264.139453][ T5838] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 264.150011][ T5156] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 264.158081][ T5838] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 264.167483][ T5838] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 264.175199][ T5838] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 264.188195][ T5838] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 264.215665][ T5844] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 264.226541][ T5844] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 264.270045][ T5856] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 264.280360][ T5856] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 264.289591][ T5856] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 264.301840][ T5856] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 264.314009][ T5856] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 264.774264][T10245] chnl_net:caif_netlink_parms(): no params data found [ 264.852049][T10248] chnl_net:caif_netlink_parms(): no params data found [ 264.988798][T10244] chnl_net:caif_netlink_parms(): no params data found [ 265.247811][T10245] bridge0: port 1(bridge_slave_0) entered blocking state [ 265.255318][T10245] bridge0: port 1(bridge_slave_0) entered disabled state [ 265.262596][T10245] bridge_slave_0: entered allmulticast mode [ 265.270508][T10245] bridge_slave_0: entered promiscuous mode [ 265.296861][T10248] bridge0: port 1(bridge_slave_0) entered blocking state [ 265.306735][T10248] bridge0: port 1(bridge_slave_0) entered disabled state [ 265.314481][T10248] bridge_slave_0: entered allmulticast mode [ 265.322024][T10248] bridge_slave_0: entered promiscuous mode [ 265.385607][T10245] bridge0: port 2(bridge_slave_1) entered blocking state [ 265.393825][T10245] bridge0: port 2(bridge_slave_1) entered disabled state [ 265.401112][T10245] bridge_slave_1: entered allmulticast mode [ 265.410072][T10245] bridge_slave_1: entered promiscuous mode [ 265.435092][T10248] bridge0: port 2(bridge_slave_1) entered blocking state [ 265.442321][T10248] bridge0: port 2(bridge_slave_1) entered disabled state [ 265.450380][T10248] bridge_slave_1: entered allmulticast mode [ 265.458873][T10248] bridge_slave_1: entered promiscuous mode [ 265.523018][T10244] bridge0: port 1(bridge_slave_0) entered blocking state [ 265.540530][T10244] bridge0: port 1(bridge_slave_0) entered disabled state [ 265.548110][T10244] bridge_slave_0: entered allmulticast mode [ 265.567024][T10244] bridge_slave_0: entered promiscuous mode [ 265.628486][T10244] bridge0: port 2(bridge_slave_1) entered blocking state [ 265.636576][T10244] bridge0: port 2(bridge_slave_1) entered disabled state [ 265.645012][T10244] bridge_slave_1: entered allmulticast mode [ 265.653112][T10244] bridge_slave_1: entered promiscuous mode [ 265.672120][T10245] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 265.688117][T10252] chnl_net:caif_netlink_parms(): no params data found [ 265.717142][T10248] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 265.758947][T10245] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 265.784392][T10248] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 265.852197][T10249] chnl_net:caif_netlink_parms(): no params data found [ 265.885642][T10244] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 265.933912][T10248] team0: Port device team_slave_0 added [ 265.944711][T10244] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 265.956625][T10245] team0: Port device team_slave_0 added [ 265.987816][T10248] team0: Port device team_slave_1 added [ 266.033559][ T5856] Bluetooth: hci10: command tx timeout [ 266.048157][T10245] team0: Port device team_slave_1 added [ 266.098089][T10244] team0: Port device team_slave_0 added [ 266.108031][T10244] team0: Port device team_slave_1 added [ 266.115368][ T5856] Bluetooth: hci11: command tx timeout [ 266.151464][T10248] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 266.158832][T10248] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 266.185698][T10248] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 266.199889][T10248] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 266.207173][T10248] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 266.233647][T10248] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 266.273614][ T5856] Bluetooth: hci12: command tx timeout [ 266.283547][ T5856] Bluetooth: hci13: command tx timeout [ 266.346650][T10245] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 266.353706][ T5856] Bluetooth: hci14: command tx timeout [ 266.361020][T10245] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 266.387338][T10245] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 266.418918][T10252] bridge0: port 1(bridge_slave_0) entered blocking state [ 266.426392][T10252] bridge0: port 1(bridge_slave_0) entered disabled state [ 266.434649][T10252] bridge_slave_0: entered allmulticast mode [ 266.442109][T10252] bridge_slave_0: entered promiscuous mode [ 266.466453][T10244] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 266.474040][T10244] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 266.500120][T10244] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 266.513175][T10244] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 266.520715][T10244] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 266.548169][T10244] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 266.560197][T10245] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 266.567821][T10245] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 266.594142][T10245] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 266.624108][T10252] bridge0: port 2(bridge_slave_1) entered blocking state [ 266.631391][T10252] bridge0: port 2(bridge_slave_1) entered disabled state [ 266.639035][T10252] bridge_slave_1: entered allmulticast mode [ 266.647725][T10252] bridge_slave_1: entered promiscuous mode [ 266.747285][T10248] hsr_slave_0: entered promiscuous mode [ 266.754894][T10248] hsr_slave_1: entered promiscuous mode [ 266.761633][T10248] debugfs: 'hsr0' already exists in 'hsr' [ 266.767642][T10248] Cannot create hsr debugfs directory [ 266.798827][T10249] bridge0: port 1(bridge_slave_0) entered blocking state [ 266.806337][T10249] bridge0: port 1(bridge_slave_0) entered disabled state [ 266.814719][T10249] bridge_slave_0: entered allmulticast mode [ 266.822692][T10249] bridge_slave_0: entered promiscuous mode [ 266.832677][T10249] bridge0: port 2(bridge_slave_1) entered blocking state [ 266.840698][T10249] bridge0: port 2(bridge_slave_1) entered disabled state [ 266.848446][T10249] bridge_slave_1: entered allmulticast mode [ 266.858590][T10249] bridge_slave_1: entered promiscuous mode [ 266.889979][T10244] hsr_slave_0: entered promiscuous mode [ 266.897013][T10244] hsr_slave_1: entered promiscuous mode [ 266.904421][T10244] debugfs: 'hsr0' already exists in 'hsr' [ 266.910204][T10244] Cannot create hsr debugfs directory [ 266.941691][T10252] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 267.015236][T10252] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 267.045326][T10249] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 267.059203][T10249] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 267.191107][T10245] hsr_slave_0: entered promiscuous mode [ 267.198907][T10245] hsr_slave_1: entered promiscuous mode [ 267.205637][T10245] debugfs: 'hsr0' already exists in 'hsr' [ 267.211425][T10245] Cannot create hsr debugfs directory [ 267.230528][T10249] team0: Port device team_slave_0 added [ 267.240514][T10249] team0: Port device team_slave_1 added [ 267.257961][T10252] team0: Port device team_slave_0 added [ 267.267377][T10252] team0: Port device team_slave_1 added [ 267.434365][T10249] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 267.441972][T10249] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 267.469300][T10249] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 267.482916][T10249] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 267.490133][T10249] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 267.516950][T10249] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 267.561840][T10252] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 267.569010][T10252] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 267.595530][T10252] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 267.608806][T10252] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 267.615987][T10252] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 267.643448][T10252] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 267.874799][T10252] hsr_slave_0: entered promiscuous mode [ 267.881427][T10252] hsr_slave_1: entered promiscuous mode [ 267.889621][T10252] debugfs: 'hsr0' already exists in 'hsr' [ 267.895502][T10252] Cannot create hsr debugfs directory [ 267.909389][T10249] hsr_slave_0: entered promiscuous mode [ 267.916081][T10249] hsr_slave_1: entered promiscuous mode [ 267.922344][T10249] debugfs: 'hsr0' already exists in 'hsr' [ 267.929210][T10249] Cannot create hsr debugfs directory [ 268.114042][ T5856] Bluetooth: hci10: command tx timeout [ 268.193437][ T5856] Bluetooth: hci11: command tx timeout [ 268.354098][ T5856] Bluetooth: hci13: command tx timeout [ 268.354248][ T5844] Bluetooth: hci12: command tx timeout [ 268.433889][ T5844] Bluetooth: hci14: command tx timeout [ 270.193473][ T5844] Bluetooth: hci10: command tx timeout [ 270.273621][ T5844] Bluetooth: hci11: command tx timeout [ 270.433665][ T5844] Bluetooth: hci12: command tx timeout [ 270.433752][ T5856] Bluetooth: hci13: command tx timeout [ 270.514500][ T5856] Bluetooth: hci14: command tx timeout [ 272.273473][ T5856] Bluetooth: hci10: command tx timeout [ 272.353778][ T5856] Bluetooth: hci11: command tx timeout [ 272.513871][ T5856] Bluetooth: hci13: command tx timeout [ 272.519444][ T5856] Bluetooth: hci12: command tx timeout [ 272.593517][ T5856] Bluetooth: hci14: command tx timeout [ 289.794062][ T94] block nbd0: Possible stuck request ffff88802596e000: control (read@0,1024B). Runtime 150 seconds [ 289.805180][ T94] block nbd0: Possible stuck request ffff88802596e1c0: control (read@1024,1024B). Runtime 150 seconds [ 289.816352][ T94] block nbd0: Possible stuck request ffff88802596e380: control (read@2048,1024B). Runtime 150 seconds [ 289.827416][ T94] block nbd0: Possible stuck request ffff88802596e540: control (read@3072,1024B). Runtime 150 seconds [ 309.153566][ T5856] Bluetooth: hci4: command 0x0406 tx timeout [ 317.318301][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 319.876503][ T94] block nbd0: Possible stuck request ffff88802596e000: control (read@0,1024B). Runtime 180 seconds [ 319.887638][ T94] block nbd0: Possible stuck request ffff88802596e1c0: control (read@1024,1024B). Runtime 180 seconds [ 319.898760][ T94] block nbd0: Possible stuck request ffff88802596e380: control (read@2048,1024B). Runtime 180 seconds [ 319.909825][ T94] block nbd0: Possible stuck request ffff88802596e540: control (read@3072,1024B). Runtime 180 seconds [ 324.184586][ T5856] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 324.205349][ T5856] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 324.213892][ T5856] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 324.222299][ T5856] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 324.231217][ T5856] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2 [ 324.312207][ T5856] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1 [ 324.325941][ T5856] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9 [ 324.352736][ T5856] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9 [ 324.362781][ T5856] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4 [ 324.393606][ T5856] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2 [ 324.443648][ T5856] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1 [ 324.455450][ T5856] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9 [ 324.468727][ T5856] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9 [ 324.479535][ T5856] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4 [ 324.489158][ T5856] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2 [ 324.542846][ T5838] Bluetooth: hci18: unexpected cc 0x0c03 length: 249 > 1 [ 324.542965][ T5156] Bluetooth: hci19: unexpected cc 0x0c03 length: 249 > 1 [ 324.562270][ T5838] Bluetooth: hci18: unexpected cc 0x1003 length: 249 > 9 [ 324.570552][ T5838] Bluetooth: hci19: unexpected cc 0x1003 length: 249 > 9 [ 324.579605][ T5838] Bluetooth: hci18: unexpected cc 0x1001 length: 249 > 9 [ 324.583673][ T5156] Bluetooth: hci19: unexpected cc 0x1001 length: 249 > 9 [ 324.596931][ T5838] Bluetooth: hci19: unexpected cc 0x0c23 length: 249 > 4 [ 324.597033][ T5156] Bluetooth: hci18: unexpected cc 0x0c23 length: 249 > 4 [ 324.612210][ T5156] Bluetooth: hci18: unexpected cc 0x0c38 length: 249 > 2 [ 324.639951][ T5156] Bluetooth: hci19: unexpected cc 0x0c38 length: 249 > 2 [ 325.195759][T10289] chnl_net:caif_netlink_parms(): no params data found [ 325.390546][T10291] chnl_net:caif_netlink_parms(): no params data found [ 325.534190][T10295] chnl_net:caif_netlink_parms(): no params data found [ 325.585375][T10293] chnl_net:caif_netlink_parms(): no params data found [ 325.698795][T10289] bridge0: port 1(bridge_slave_0) entered blocking state [ 325.707204][T10289] bridge0: port 1(bridge_slave_0) entered disabled state [ 325.715998][T10289] bridge_slave_0: entered allmulticast mode [ 325.724532][T10289] bridge_slave_0: entered promiscuous mode [ 325.837973][T10289] bridge0: port 2(bridge_slave_1) entered blocking state [ 325.845358][T10289] bridge0: port 2(bridge_slave_1) entered disabled state [ 325.852630][T10289] bridge_slave_1: entered allmulticast mode [ 325.861328][T10289] bridge_slave_1: entered promiscuous mode [ 325.893823][T10291] bridge0: port 1(bridge_slave_0) entered blocking state [ 325.901122][T10291] bridge0: port 1(bridge_slave_0) entered disabled state [ 325.908621][T10291] bridge_slave_0: entered allmulticast mode [ 325.918385][T10291] bridge_slave_0: entered promiscuous mode [ 325.927585][T10291] bridge0: port 2(bridge_slave_1) entered blocking state [ 325.934903][T10291] bridge0: port 2(bridge_slave_1) entered disabled state [ 325.942241][T10291] bridge_slave_1: entered allmulticast mode [ 325.950795][T10291] bridge_slave_1: entered promiscuous mode [ 326.009194][T10296] chnl_net:caif_netlink_parms(): no params data found [ 326.076497][T10289] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 326.138628][T10295] bridge0: port 1(bridge_slave_0) entered blocking state [ 326.145981][T10295] bridge0: port 1(bridge_slave_0) entered disabled state [ 326.154577][T10295] bridge_slave_0: entered allmulticast mode [ 326.162696][T10295] bridge_slave_0: entered promiscuous mode [ 326.174375][T10289] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 326.221508][T10291] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 326.231182][T10295] bridge0: port 2(bridge_slave_1) entered blocking state [ 326.241241][T10295] bridge0: port 2(bridge_slave_1) entered disabled state [ 326.248980][T10295] bridge_slave_1: entered allmulticast mode [ 326.257703][T10295] bridge_slave_1: entered promiscuous mode [ 326.274714][ T5856] Bluetooth: hci15: command tx timeout [ 326.322602][T10291] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 326.368582][T10289] team0: Port device team_slave_0 added [ 326.377636][T10289] team0: Port device team_slave_1 added [ 326.431596][T10291] team0: Port device team_slave_0 added [ 326.437398][ T5856] Bluetooth: hci16: command tx timeout [ 326.481015][T10293] bridge0: port 1(bridge_slave_0) entered blocking state [ 326.488794][T10293] bridge0: port 1(bridge_slave_0) entered disabled state [ 326.496943][T10293] bridge_slave_0: entered allmulticast mode [ 326.506484][T10293] bridge_slave_0: entered promiscuous mode [ 326.513941][ T5856] Bluetooth: hci17: command tx timeout [ 326.515666][T10293] bridge0: port 2(bridge_slave_1) entered blocking state [ 326.528875][T10293] bridge0: port 2(bridge_slave_1) entered disabled state [ 326.536747][T10293] bridge_slave_1: entered allmulticast mode [ 326.545537][T10293] bridge_slave_1: entered promiscuous mode [ 326.554867][T10291] team0: Port device team_slave_1 added [ 326.564349][T10295] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 326.578057][T10295] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 326.606920][T10289] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 326.615157][T10289] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 326.642929][T10289] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 326.674146][ T5156] Bluetooth: hci19: command tx timeout [ 326.680388][ T5856] Bluetooth: hci18: command tx timeout [ 326.749959][T10289] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 326.758337][T10289] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 326.785914][T10289] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 326.878836][T10295] team0: Port device team_slave_0 added [ 326.888446][T10295] team0: Port device team_slave_1 added [ 326.895937][T10296] bridge0: port 1(bridge_slave_0) entered blocking state [ 326.903065][T10296] bridge0: port 1(bridge_slave_0) entered disabled state [ 326.911679][T10296] bridge_slave_0: entered allmulticast mode [ 326.919347][T10296] bridge_slave_0: entered promiscuous mode [ 326.931342][T10293] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 326.946470][T10293] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 326.956727][T10291] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 326.963860][T10291] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 326.989995][T10291] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 327.003781][T10291] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 327.010901][T10291] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 327.038376][T10291] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 327.069168][T10296] bridge0: port 2(bridge_slave_1) entered blocking state [ 327.076751][T10296] bridge0: port 2(bridge_slave_1) entered disabled state [ 327.085927][T10296] bridge_slave_1: entered allmulticast mode [ 327.094198][T10296] bridge_slave_1: entered promiscuous mode [ 327.215694][T10295] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 327.222710][T10295] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 327.249619][T10295] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 327.308155][T10293] team0: Port device team_slave_0 added [ 327.334833][T10295] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 327.341819][T10295] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 327.369137][T10295] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 327.397702][T10289] hsr_slave_0: entered promiscuous mode [ 327.404733][T10289] hsr_slave_1: entered promiscuous mode [ 327.411180][T10289] debugfs: 'hsr0' already exists in 'hsr' [ 327.417608][T10289] Cannot create hsr debugfs directory [ 327.427123][T10296] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 327.439025][T10293] team0: Port device team_slave_1 added [ 327.470855][T10291] hsr_slave_0: entered promiscuous mode [ 327.478444][T10291] hsr_slave_1: entered promiscuous mode [ 327.486403][T10291] debugfs: 'hsr0' already exists in 'hsr' [ 327.492164][T10291] Cannot create hsr debugfs directory [ 327.508668][T10296] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 327.561386][T10293] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 327.569052][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 327.582903][T10293] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 327.609662][T10293] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 327.677678][T10293] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 327.686677][T10293] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 327.713076][T10293] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 327.763115][T10296] team0: Port device team_slave_0 added [ 327.802261][T10295] hsr_slave_0: entered promiscuous mode [ 327.810272][T10295] hsr_slave_1: entered promiscuous mode [ 327.817043][T10295] debugfs: 'hsr0' already exists in 'hsr' [ 327.822809][T10295] Cannot create hsr debugfs directory [ 327.832654][T10296] team0: Port device team_slave_1 added [ 328.075867][T10296] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 328.082860][T10296] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 328.109372][T10296] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 328.123059][T10296] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 328.130525][T10296] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 328.158360][T10296] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 328.178475][T10293] hsr_slave_0: entered promiscuous mode [ 328.185728][T10293] hsr_slave_1: entered promiscuous mode [ 328.192154][T10293] debugfs: 'hsr0' already exists in 'hsr' [ 328.198728][T10293] Cannot create hsr debugfs directory [ 328.354194][ T51] Bluetooth: hci15: command tx timeout [ 328.469834][T10296] hsr_slave_0: entered promiscuous mode [ 328.477650][T10296] hsr_slave_1: entered promiscuous mode [ 328.485776][T10296] debugfs: 'hsr0' already exists in 'hsr' [ 328.491562][T10296] Cannot create hsr debugfs directory [ 328.514841][ T51] Bluetooth: hci16: command tx timeout [ 328.599726][ T51] Bluetooth: hci17: command tx timeout [ 328.753679][ T5846] Bluetooth: hci19: command tx timeout [ 328.759300][ T51] Bluetooth: hci18: command tx timeout [ 329.633846][ T5846] Bluetooth: hci9: command 0x0406 tx timeout [ 329.640676][ T51] Bluetooth: hci8: command 0x0406 tx timeout [ 329.647506][ T5853] Bluetooth: hci6: command 0x0406 tx timeout [ 329.647554][ T5853] Bluetooth: hci5: command 0x0406 tx timeout [ 329.647605][ T5853] Bluetooth: hci7: command 0x0406 tx timeout [ 330.433681][ T5838] Bluetooth: hci15: command tx timeout [ 330.594089][ T5838] Bluetooth: hci16: command tx timeout [ 330.674777][ T5838] Bluetooth: hci17: command tx timeout [ 330.833709][ T5838] Bluetooth: hci18: command tx timeout [ 330.833726][ T5856] Bluetooth: hci19: command tx timeout [ 331.404052][ T31] INFO: task syz.0.1277:10154 blocked for more than 143 seconds. [ 331.411840][ T31] Not tainted 6.16.0-syzkaller-06610-g4eabe4cc0958 #0 [ 331.419335][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 331.428078][ T31] task:syz.0.1277 state:D stack:25976 pid:10154 tgid:10153 ppid:5835 task_flags:0x480140 flags:0x00004004 [ 331.440395][ T31] Call Trace: [ 331.444475][ T31] [ 331.447635][ T31] __schedule+0x1737/0x4d30 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 331.452185][ T31] ? __lock_acquire+0xab9/0xd20 [ 331.457890][ T31] ? __lock_acquire+0xab9/0xd20 [ 331.462810][ T31] ? schedule+0x165/0x360 [ 331.468093][ T31] ? __lock_acquire+0xab9/0xd20 [ 331.473104][ T31] ? __pfx___schedule+0x10/0x10 [ 331.479455][ T31] ? schedule+0x91/0x360 [ 331.484110][ T31] schedule+0x165/0x360 [ 331.488330][ T31] blk_mq_freeze_queue_wait+0xf4/0x170 [ 331.494410][ T31] ? __pfx_blk_mq_freeze_queue_wait+0x10/0x10 [ 331.500542][ T31] ? __pfx_autoremove_wake_function+0x10/0x10 [ 331.507364][ T31] ? percpu_ref_kill_and_confirm+0xa3/0x130 [ 331.513715][ T31] queue_limits_commit_update_frozen+0x5e/0x360 [ 331.520003][ T31] ? nbd_set_size+0x2ab/0x6a0 [ 331.573428][ T31] nbd_set_size+0x47e/0x6a0 [ 331.578059][ T31] ? __pfx_nbd_set_size+0x10/0x10 [ 331.583161][ T31] ? nla_memcpy+0x5b/0xc0 [ 331.613304][ T31] nbd_genl_size_set+0x2eb/0x3c0 [ 331.618331][ T31] ? __pfx_nbd_genl_size_set+0x10/0x10 [ 331.624108][ T31] ? __pfx_nbd_get_config_unlocked+0x10/0x10 [ 331.630166][ T31] ? bpf_lsm_capable+0x9/0x20 [ 331.635545][ T31] ? security_capable+0x7e/0x2e0 [ 331.640556][ T31] ? radix_tree_lookup+0x240/0x290 [ 331.646683][ T31] nbd_genl_reconfigure+0x409/0x1870 [ 331.652052][ T31] ? __pfx_nbd_genl_reconfigure+0x10/0x10 [ 331.658034][ T31] ? __nla_parse+0x40/0x60 [ 331.662496][ T31] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 331.669028][ T31] genl_family_rcv_msg_doit+0x215/0x300 [ 331.674711][ T31] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 331.680833][ T31] ? stack_trace_save+0x9c/0xe0 [ 331.686014][ T31] genl_rcv_msg+0x60e/0x790 [ 331.690572][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 331.696077][ T31] ? __pfx_nbd_genl_reconfigure+0x10/0x10 [ 331.701853][ T31] netlink_rcv_skb+0x205/0x470 [ 331.706810][ T31] ? __lock_acquire+0xab9/0xd20 [ 331.711708][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 331.717690][ T31] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 331.723064][ T31] ? down_read+0x1ad/0x2e0 [ 331.727584][ T31] genl_rcv+0x28/0x40 [ 331.731602][ T31] netlink_unicast+0x82c/0x9e0 [ 331.736545][ T31] ? __pfx_netlink_unicast+0x10/0x10 [ 331.741876][ T31] ? netlink_sendmsg+0x642/0xb30 [ 331.746978][ T31] netlink_sendmsg+0x805/0xb30 [ 331.752313][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 331.757884][ T31] ? __lock_acquire+0xab9/0xd20 [ 331.762791][ T31] ? aa_sock_msg_perm+0x94/0x160 [ 331.767853][ T31] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 331.773168][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 331.778602][ T31] __sock_sendmsg+0x21c/0x270 [ 331.783743][ T31] ____sys_sendmsg+0x505/0x830 [ 331.788558][ T31] ? __pfx_____sys_sendmsg+0x10/0x10 [ 331.794264][ T31] ? import_iovec+0x74/0xa0 [ 331.799097][ T31] ___sys_sendmsg+0x21f/0x2a0 [ 331.805839][ T31] ? __pfx____sys_sendmsg+0x10/0x10 [ 331.811130][ T31] ? __fget_files+0x2a/0x420 [ 331.816388][ T31] ? __fget_files+0x3a0/0x420 [ 331.821235][ T31] __x64_sys_sendmsg+0x19b/0x260 [ 331.826779][ T31] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 331.832287][ T31] ? rcu_is_watching+0x15/0xb0 [ 331.837601][ T31] ? do_syscall_64+0xbe/0x3b0 [ 331.842351][ T31] do_syscall_64+0xfa/0x3b0 [ 331.847356][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 331.853152][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 331.859749][ T31] ? clear_bhb_loop+0x60/0xb0 [ 331.864711][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 331.870633][ T31] RIP: 0033:0x7f269718eb69 [ 331.875425][ T31] RSP: 002b:00007f2697fdf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 331.884053][ T31] RAX: ffffffffffffffda RBX: 00007f26973b5fa0 RCX: 00007f269718eb69 [ 331.892053][ T31] RDX: 0000000000000010 RSI: 0000200000000140 RDI: 0000000000000004 [ 331.900333][ T31] RBP: 00007f2697211df1 R08: 0000000000000000 R09: 0000000000000000 [ 331.908446][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 331.916549][ T31] R13: 0000000000000000 R14: 00007f26973b5fa0 R15: 00007ffd7f279cc8 [ 331.925077][ T31] [ 331.928168][ T31] INFO: task syz.2.1280:10165 blocked for more than 143 seconds. [ 331.936287][ T31] Not tainted 6.16.0-syzkaller-06610-g4eabe4cc0958 #0 [ 331.943678][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 331.952378][ T31] task:syz.2.1280 state:D stack:25208 pid:10165 tgid:10163 ppid:5850 task_flags:0x400140 flags:0x00004004 [ 331.965184][ T31] Call Trace: [ 331.968507][ T31] [ 331.971446][ T31] __schedule+0x1737/0x4d30 [ 331.976119][ T31] ? __lock_acquire+0xab9/0xd20 [ 331.981026][ T31] ? schedule+0x165/0x360 [ 331.985504][ T31] ? __lock_acquire+0xab9/0xd20 [ 331.990400][ T31] ? __pfx___schedule+0x10/0x10 [ 331.995342][ T31] ? schedule+0x91/0x360 [ 331.999631][ T31] schedule+0x165/0x360 [ 332.004053][ T31] schedule_preempt_disabled+0x13/0x30 [ 332.009563][ T31] __mutex_lock+0x7e3/0x1340 [ 332.014347][ T31] ? __dev_queue_xmit+0x27b/0x3b50 [ 332.019606][ T31] ? __mutex_lock+0x5b6/0x1340 [ 332.024496][ T31] ? genl_rcv_msg+0x10d/0x790 [ 332.029208][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 332.034776][ T31] ? __dev_queue_xmit+0x27b/0x3b50 [ 332.039962][ T31] ? radix_tree_lookup+0x240/0x290 [ 332.045264][ T31] genl_rcv_msg+0x10d/0x790 [ 332.049820][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 332.054959][ T31] ? ref_tracker_free+0x63a/0x7d0 [ 332.060518][ T31] ? __asan_memcpy+0x40/0x70 [ 332.065234][ T31] ? __pfx_ref_tracker_free+0x10/0x10 [ 332.070646][ T31] netlink_rcv_skb+0x205/0x470 [ 332.075515][ T31] ? __lock_acquire+0xab9/0xd20 [ 332.080679][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 332.086220][ T31] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 332.091599][ T31] ? down_read+0x1ad/0x2e0 [ 332.096395][ T31] genl_rcv+0x28/0x40 [ 332.100421][ T31] netlink_unicast+0x82c/0x9e0 [ 332.105305][ T31] ? __pfx_netlink_unicast+0x10/0x10 [ 332.110633][ T31] ? netlink_sendmsg+0x642/0xb30 [ 332.116109][ T31] ? skb_put+0x11b/0x210 [ 332.120507][ T31] netlink_sendmsg+0x805/0xb30 [ 332.125471][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 332.130813][ T31] ? aa_sock_msg_perm+0x94/0x160 [ 332.135868][ T31] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 332.141185][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 332.146637][ T31] __sock_sendmsg+0x21c/0x270 [ 332.151351][ T31] __sys_sendto+0x3bd/0x520 [ 332.155999][ T31] ? __pfx___sys_sendto+0x10/0x10 [ 332.161533][ T31] ? count_memcg_event_mm+0x21/0x260 [ 332.167030][ T31] ? exc_page_fault+0x76/0xf0 [ 332.171768][ T31] ? do_user_addr_fault+0xc8a/0x1390 [ 332.178040][ T31] __x64_sys_sendto+0xde/0x100 [ 332.182870][ T31] do_syscall_64+0xfa/0x3b0 [ 332.187524][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 332.192764][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 332.199699][ T31] ? clear_bhb_loop+0x60/0xb0 [ 332.204513][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 332.210627][ T31] RIP: 0033:0x7fa04e9909fc [ 332.215180][ T31] RSP: 002b:00007fa04f86bec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 332.223714][ T31] RAX: ffffffffffffffda RBX: 00007fa04f86bfc0 RCX: 00007fa04e9909fc [ 332.231713][ T31] RDX: 0000000000000020 RSI: 00007fa04f86c010 RDI: 0000000000000003 [ 332.240040][ T31] RBP: 0000000000000000 R08: 00007fa04f86bf14 R09: 000000000000000c [ 332.248104][ T31] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 332.256179][ T31] R13: 00007fa04f86bf68 R14: 00007fa04f86c010 R15: 0000000000000000 [ 332.265043][ T31] [ 332.268123][ T31] INFO: task syz.2.1280:10168 blocked for more than 144 seconds. [ 332.276120][ T31] Not tainted 6.16.0-syzkaller-06610-g4eabe4cc0958 #0 [ 332.283716][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 332.292443][ T31] task:syz.2.1280 state:D stack:25720 pid:10168 tgid:10163 ppid:5850 task_flags:0x400140 flags:0x00004004 [ 332.305385][ T31] Call Trace: [ 332.308702][ T31] [ 332.311640][ T31] __schedule+0x1737/0x4d30 [ 332.316355][ T31] ? __lock_acquire+0xab9/0xd20 [ 332.321262][ T31] ? schedule+0x165/0x360 [ 332.326245][ T31] ? __lock_acquire+0xab9/0xd20 [ 332.331182][ T31] ? __pfx___schedule+0x10/0x10 [ 332.337064][ T31] ? schedule+0x91/0x360 [ 332.341390][ T31] schedule+0x165/0x360 [ 332.345728][ T31] schedule_preempt_disabled+0x13/0x30 [ 332.351231][ T31] __mutex_lock+0x7e3/0x1340 [ 332.355981][ T31] ? __dev_queue_xmit+0x27b/0x3b50 [ 332.361136][ T31] ? __mutex_lock+0x5b6/0x1340 [ 332.367101][ T31] ? genl_rcv_msg+0x10d/0x790 [ 332.371872][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 332.378006][ T31] ? __dev_queue_xmit+0x27b/0x3b50 [ 332.383177][ T31] ? radix_tree_lookup+0x240/0x290 [ 332.388426][ T31] genl_rcv_msg+0x10d/0x790 [ 332.392967][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 332.399709][ T31] ? ref_tracker_free+0x63a/0x7d0 [ 332.405152][ T31] ? __asan_memcpy+0x40/0x70 [ 332.409785][ T31] ? __pfx_ref_tracker_free+0x10/0x10 [ 332.415437][ T31] netlink_rcv_skb+0x205/0x470 [ 332.420252][ T31] ? __lock_acquire+0xab9/0xd20 [ 332.425251][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 332.430309][ T31] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 332.435732][ T31] ? down_read+0x1ad/0x2e0 [ 332.440184][ T31] genl_rcv+0x28/0x40 [ 332.444301][ T31] netlink_unicast+0x82c/0x9e0 [ 332.449313][ T31] ? __pfx_netlink_unicast+0x10/0x10 [ 332.454788][ T31] ? netlink_sendmsg+0x642/0xb30 [ 332.459804][ T31] ? skb_put+0x11b/0x210 [ 332.464258][ T31] netlink_sendmsg+0x805/0xb30 [ 332.469509][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 332.474955][ T31] ? aa_sock_msg_perm+0x94/0x160 [ 332.479962][ T31] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 332.485369][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 332.490728][ T31] __sock_sendmsg+0x21c/0x270 [ 332.495826][ T31] __sys_sendto+0x3bd/0x520 [ 332.500403][ T31] ? __pfx___sys_sendto+0x10/0x10 [ 332.507029][ T31] ? fd_install+0x97/0x540 [ 332.511499][ T31] ? fd_install+0x30d/0x540 [ 332.516400][ T5856] Bluetooth: hci15: command tx timeout [ 332.521599][ T31] __x64_sys_sendto+0xde/0x100 [ 332.527011][ T31] do_syscall_64+0xfa/0x3b0 [ 332.531568][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 332.537127][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 332.543401][ T31] ? clear_bhb_loop+0x60/0xb0 [ 332.548119][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 332.554188][ T31] RIP: 0033:0x7fa04e9909fc [ 332.558629][ T31] RSP: 002b:00007fa04f829ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 332.568034][ T31] RAX: ffffffffffffffda RBX: 00007fa04f829fc0 RCX: 00007fa04e9909fc [ 332.576424][ T31] RDX: 0000000000000020 RSI: 00007fa04f82a010 RDI: 000000000000008a [ 332.584628][ T31] RBP: 0000000000000000 R08: 00007fa04f829f14 R09: 000000000000000c [ 332.592630][ T31] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000000008a [ 332.600827][ T31] R13: 00007fa04f829f68 R14: 00007fa04f82a010 R15: 0000000000000000 [ 332.609031][ T31] [ 332.612290][ T31] INFO: task syz.4.1282:10173 blocked for more than 144 seconds. [ 332.620376][ T31] Not tainted 6.16.0-syzkaller-06610-g4eabe4cc0958 #0 [ 332.627963][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 332.637230][ T31] task:syz.4.1282 state:D stack:28328 pid:10173 tgid:10172 ppid:5836 task_flags:0x400140 flags:0x00004004 [ 332.649353][ T31] Call Trace: [ 332.652669][ T31] [ 332.655705][ T31] __schedule+0x1737/0x4d30 [ 332.660241][ T31] ? arch_stack_walk+0xfc/0x150 [ 332.665579][ T31] ? __lock_acquire+0xab9/0xd20 [ 332.671264][ T31] ? schedule+0x165/0x360 [ 332.677663][ T5856] Bluetooth: hci16: command tx timeout [ 332.683405][ T31] ? __lock_acquire+0xab9/0xd20 [ 332.688346][ T31] ? __pfx___schedule+0x10/0x10 [ 332.693377][ T31] ? schedule+0x91/0x360 [ 332.697756][ T31] schedule+0x165/0x360 [ 332.701958][ T31] schedule_preempt_disabled+0x13/0x30 [ 332.707613][ T31] __mutex_lock+0x7e3/0x1340 [ 332.712335][ T31] ? __mutex_lock+0x5b6/0x1340 [ 332.717292][ T31] ? genl_rcv_msg+0x10d/0x790 [ 332.722023][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 332.727465][ T31] ? stack_trace_save+0x9c/0xe0 [ 332.732364][ T31] ? radix_tree_lookup+0x240/0x290 [ 332.737591][ T31] genl_rcv_msg+0x10d/0x790 [ 332.742139][ T31] ? __lock_acquire+0xab9/0xd20 [ 332.747353][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 332.752458][ T31] netlink_rcv_skb+0x205/0x470 [ 332.758248][ T5856] Bluetooth: hci17: command tx timeout [ 332.764693][ T31] ? __lock_acquire+0xab9/0xd20 [ 332.769612][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 332.775884][ T31] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 332.781266][ T31] ? down_read+0x1ad/0x2e0 [ 332.786080][ T31] genl_rcv+0x28/0x40 [ 332.790103][ T31] netlink_unicast+0x82c/0x9e0 [ 332.794984][ T31] ? __pfx_netlink_unicast+0x10/0x10 [ 332.800315][ T31] ? netlink_sendmsg+0x642/0xb30 [ 332.805488][ T31] ? skb_put+0x11b/0x210 [ 332.809774][ T31] netlink_sendmsg+0x805/0xb30 [ 332.814647][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 332.820059][ T31] ? aa_sock_msg_perm+0x94/0x160 [ 332.825198][ T31] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 332.830529][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 332.836190][ T31] __sock_sendmsg+0x21c/0x270 [ 332.840931][ T31] __sys_sendto+0x3bd/0x520 [ 332.845666][ T31] ? __pfx___sys_sendto+0x10/0x10 [ 332.850756][ T31] ? count_memcg_event_mm+0x21/0x260 [ 332.856246][ T31] ? exc_page_fault+0x76/0xf0 [ 332.860982][ T31] ? do_user_addr_fault+0xc8a/0x1390 [ 332.866507][ T31] __x64_sys_sendto+0xde/0x100 [ 332.871415][ T31] do_syscall_64+0xfa/0x3b0 [ 332.876664][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 332.881916][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 332.888795][ T31] ? clear_bhb_loop+0x60/0xb0 [ 332.893847][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 332.899785][ T31] RIP: 0033:0x7fac0e9909fc [ 332.904809][ T31] RSP: 002b:00007fac0f7b7ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 332.913652][ T5856] Bluetooth: hci18: command tx timeout [ 332.919220][ T5856] Bluetooth: hci19: command tx timeout [ 332.926101][ T31] RAX: ffffffffffffffda RBX: 00007fac0f7b7fc0 RCX: 00007fac0e9909fc [ 332.934535][ T31] RDX: 0000000000000024 RSI: 00007fac0f7b8010 RDI: 0000000000000005 [ 332.942549][ T31] RBP: 0000000000000000 R08: 00007fac0f7b7f14 R09: 000000000000000c [ 332.951565][ T31] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000005 [ 332.960059][ T31] R13: 00007fac0f7b7f68 R14: 00007fac0f7b8010 R15: 0000000000000000 [ 332.968721][ T31] [ 332.971852][ T31] INFO: task syz.4.1282:10174 blocked for more than 144 seconds. [ 332.980770][ T31] Not tainted 6.16.0-syzkaller-06610-g4eabe4cc0958 #0 [ 332.988480][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 332.998196][ T31] task:syz.4.1282 state:D stack:27320 pid:10174 tgid:10172 ppid:5836 task_flags:0x400040 flags:0x00004004 [ 333.010942][ T31] Call Trace: [ 333.014573][ T31] [ 333.017545][ T31] __schedule+0x1737/0x4d30 [ 333.022118][ T31] ? __lock_acquire+0xab9/0xd20 [ 333.027672][ T31] ? schedule+0x165/0x360 [ 333.032056][ T31] ? __lock_acquire+0xab9/0xd20 [ 333.037534][ T31] ? __pfx___schedule+0x10/0x10 [ 333.042472][ T31] ? schedule+0x91/0x360 [ 333.047241][ T31] schedule+0x165/0x360 [ 333.051453][ T31] schedule_preempt_disabled+0x13/0x30 [ 333.057597][ T31] __mutex_lock+0x7e3/0x1340 [ 333.062236][ T31] ? __dev_queue_xmit+0x27b/0x3b50 [ 333.067873][ T31] ? __mutex_lock+0x5b6/0x1340 [ 333.072698][ T31] ? genl_rcv_msg+0x10d/0x790 [ 333.078212][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 333.084338][ T31] ? __dev_queue_xmit+0x27b/0x3b50 [ 333.089527][ T31] ? radix_tree_lookup+0x240/0x290 [ 333.095685][ T31] genl_rcv_msg+0x10d/0x790 [ 333.100245][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 333.105958][ T31] ? ref_tracker_free+0x63a/0x7d0 [ 333.111021][ T31] ? __asan_memcpy+0x40/0x70 [ 333.116170][ T31] ? __pfx_ref_tracker_free+0x10/0x10 [ 333.121588][ T31] netlink_rcv_skb+0x205/0x470 [ 333.126841][ T31] ? __lock_acquire+0xab9/0xd20 [ 333.131743][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 333.137591][ T31] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 333.142963][ T31] ? down_read+0x1ad/0x2e0 [ 333.148002][ T31] genl_rcv+0x28/0x40 [ 333.152034][ T31] netlink_unicast+0x82c/0x9e0 [ 333.157513][ T31] ? __pfx_netlink_unicast+0x10/0x10 [ 333.162853][ T31] ? netlink_sendmsg+0x642/0xb30 [ 333.168981][ T31] ? skb_put+0x11b/0x210 [ 333.173604][ T31] netlink_sendmsg+0x805/0xb30 [ 333.178435][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 333.198858][ T31] ? aa_sock_msg_perm+0x94/0x160 [ 333.212854][ T31] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 333.219213][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 333.225889][ T31] __sock_sendmsg+0x21c/0x270 [ 333.230639][ T31] ____sys_sendmsg+0x505/0x830 [ 333.236189][ T31] ? __pfx_____sys_sendmsg+0x10/0x10 [ 333.241530][ T31] ? import_iovec+0x74/0xa0 [ 333.246609][ T31] ___sys_sendmsg+0x21f/0x2a0 [ 333.251336][ T31] ? __pfx____sys_sendmsg+0x10/0x10 [ 333.257178][ T31] ? __fget_files+0x2a/0x420 [ 333.261804][ T31] ? __fget_files+0x3a0/0x420 [ 333.266989][ T31] __x64_sys_sendmsg+0x19b/0x260 [ 333.271986][ T31] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 333.280212][ T31] ? do_syscall_64+0xbe/0x3b0 [ 333.285859][ T31] do_syscall_64+0xfa/0x3b0 [ 333.290451][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 333.296231][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 333.302381][ T31] ? clear_bhb_loop+0x60/0xb0 [ 333.307676][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 333.315283][ T31] RIP: 0033:0x7fac0e98eb69 [ 333.319739][ T31] RSP: 002b:00007fac0f798038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 333.328884][ T31] RAX: ffffffffffffffda RBX: 00007fac0ebb6080 RCX: 00007fac0e98eb69 [ 333.337301][ T31] RDX: 0000000000000084 RSI: 0000200000000100 RDI: 0000000000000003 [ 333.345662][ T31] RBP: 00007fac0ea11df1 R08: 0000000000000000 R09: 0000000000000000 [ 333.354136][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 333.362142][ T31] R13: 0000000000000000 R14: 00007fac0ebb6080 R15: 00007ffca263e6f8 [ 333.370672][ T31] [ 333.383513][ T31] INFO: task syz.4.1282:10175 blocked for more than 145 seconds. [ 333.394141][ T31] Not tainted 6.16.0-syzkaller-06610-g4eabe4cc0958 #0 [ 333.401466][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 333.426177][ T31] task:syz.4.1282 state:D stack:27320 pid:10175 tgid:10172 ppid:5836 task_flags:0x400140 flags:0x00004004 [ 333.438437][ T31] Call Trace: [ 333.441983][ T31] [ 333.445468][ T31] __schedule+0x1737/0x4d30 [ 333.450096][ T31] ? __lock_acquire+0xab9/0xd20 [ 333.455619][ T31] ? schedule+0x165/0x360 [ 333.459995][ T31] ? __lock_acquire+0xab9/0xd20 [ 333.465430][ T31] ? __pfx___schedule+0x10/0x10 [ 333.470346][ T31] ? schedule+0x91/0x360 [ 333.475236][ T31] schedule+0x165/0x360 [ 333.479443][ T31] schedule_preempt_disabled+0x13/0x30 [ 333.485207][ T31] __mutex_lock+0x7e3/0x1340 [ 333.490875][ T31] ? __mutex_lock+0x5b6/0x1340 [ 333.495948][ T31] ? genl_rcv_msg+0x10d/0x790 [ 333.500690][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 333.507464][ T31] ? stack_trace_save+0x9c/0xe0 [ 333.512382][ T31] ? radix_tree_lookup+0x240/0x290 [ 333.518089][ T31] genl_rcv_msg+0x10d/0x790 [ 333.522648][ T31] ? __lock_acquire+0xab9/0xd20 [ 333.527635][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 333.532735][ T31] netlink_rcv_skb+0x205/0x470 [ 333.537580][ T31] ? __lock_acquire+0xab9/0xd20 [ 333.542552][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 333.547729][ T31] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 333.553070][ T31] ? down_read+0x1ad/0x2e0 [ 333.558454][ T31] genl_rcv+0x28/0x40 [ 333.562494][ T31] netlink_unicast+0x82c/0x9e0 [ 333.567625][ T31] ? __pfx_netlink_unicast+0x10/0x10 [ 333.572959][ T31] ? netlink_sendmsg+0x642/0xb30 [ 333.578267][ T31] ? skb_put+0x11b/0x210 [ 333.582570][ T31] netlink_sendmsg+0x805/0xb30 [ 333.587667][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 333.593546][ T31] ? aa_sock_msg_perm+0x94/0x160 [ 333.598575][ T31] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 333.604036][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 333.609373][ T31] __sock_sendmsg+0x21c/0x270 [ 333.614191][ T31] ____sys_sendmsg+0x505/0x830 [ 333.619007][ T31] ? __pfx_____sys_sendmsg+0x10/0x10 [ 333.624518][ T31] ? import_iovec+0x74/0xa0 [ 333.629078][ T31] ___sys_sendmsg+0x21f/0x2a0 [ 333.633879][ T31] ? __pfx____sys_sendmsg+0x10/0x10 [ 333.639250][ T31] ? __fget_files+0x2a/0x420 [ 333.643970][ T31] ? __fget_files+0x3a0/0x420 [ 333.648696][ T31] __x64_sys_sendmsg+0x19b/0x260 [ 333.653743][ T31] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 333.659248][ T31] ? rcu_is_watching+0x15/0xb0 [ 333.664378][ T31] ? do_syscall_64+0xbe/0x3b0 [ 333.669112][ T31] do_syscall_64+0xfa/0x3b0 [ 333.673766][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 333.679002][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 333.685251][ T31] ? clear_bhb_loop+0x60/0xb0 [ 333.689965][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 333.696861][ T31] RIP: 0033:0x7fac0e98eb69 [ 333.701330][ T31] RSP: 002b:00007fac0f777038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 333.709939][ T31] RAX: ffffffffffffffda RBX: 00007fac0ebb6160 RCX: 00007fac0e98eb69 [ 333.718227][ T31] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000007 [ 333.726363][ T31] RBP: 00007fac0ea11df1 R08: 0000000000000000 R09: 0000000000000000 [ 333.735268][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 333.743412][ T31] R13: 0000000000000000 R14: 00007fac0ebb6160 R15: 00007ffca263e6f8 [ 333.751451][ T31] [ 333.754688][ T31] INFO: task syz.4.1282:10176 blocked for more than 145 seconds. [ 333.762430][ T31] Not tainted 6.16.0-syzkaller-06610-g4eabe4cc0958 #0 [ 333.769928][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 333.778931][ T31] task:syz.4.1282 state:D stack:27992 pid:10176 tgid:10172 ppid:5836 task_flags:0x400040 flags:0x00004004 [ 333.791051][ T31] Call Trace: [ 333.795284][ T31] [ 333.798809][ T31] __schedule+0x1737/0x4d30 [ 333.803464][ T31] ? __lock_acquire+0xab9/0xd20 [ 333.808371][ T31] ? schedule+0x165/0x360 [ 333.812786][ T31] ? __lock_acquire+0xab9/0xd20 [ 333.817864][ T31] ? __pfx___schedule+0x10/0x10 [ 333.822779][ T31] ? schedule+0x91/0x360 [ 333.827181][ T31] schedule+0x165/0x360 [ 333.831637][ T31] schedule_preempt_disabled+0x13/0x30 [ 333.837208][ T31] __mutex_lock+0x7e3/0x1340 [ 333.841851][ T31] ? __dev_queue_xmit+0x27b/0x3b50 [ 333.847973][ T31] ? __mutex_lock+0x5b6/0x1340 [ 333.852793][ T31] ? genl_rcv_msg+0x10d/0x790 [ 333.857551][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 333.862611][ T31] ? __dev_queue_xmit+0x27b/0x3b50 [ 333.867975][ T31] ? radix_tree_lookup+0x240/0x290 [ 333.873128][ T31] genl_rcv_msg+0x10d/0x790 [ 333.877752][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 333.882841][ T31] ? ref_tracker_free+0x63a/0x7d0 [ 333.888211][ T31] ? __asan_memcpy+0x40/0x70 [ 333.892852][ T31] ? __pfx_ref_tracker_free+0x10/0x10 [ 333.899136][ T31] netlink_rcv_skb+0x205/0x470 [ 333.904178][ T31] ? __lock_acquire+0xab9/0xd20 [ 333.909087][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 333.914285][ T31] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 333.919656][ T31] ? down_read+0x1ad/0x2e0 [ 333.924461][ T31] genl_rcv+0x28/0x40 [ 333.928501][ T31] netlink_unicast+0x82c/0x9e0 [ 333.934896][ T31] ? __pfx_netlink_unicast+0x10/0x10 [ 333.940261][ T31] ? netlink_sendmsg+0x642/0xb30 [ 333.946488][ T31] ? skb_put+0x11b/0x210 [ 333.950784][ T31] netlink_sendmsg+0x805/0xb30 [ 333.964916][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 333.970346][ T31] ? aa_sock_msg_perm+0x94/0x160 [ 333.975632][ T31] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 333.980959][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 333.986767][ T31] __sock_sendmsg+0x21c/0x270 [ 333.991525][ T31] __sys_sendto+0x3bd/0x520 [ 333.996639][ T31] ? __pfx___sys_sendto+0x10/0x10 [ 334.002313][ T31] ? count_memcg_event_mm+0x21/0x260 [ 334.008088][ T31] ? exc_page_fault+0x76/0xf0 [ 334.012824][ T31] ? do_user_addr_fault+0xc8a/0x1390 [ 334.018470][ T31] __x64_sys_sendto+0xde/0x100 [ 334.023415][ T31] do_syscall_64+0xfa/0x3b0 [ 334.027962][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 334.033207][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 334.039926][ T31] ? clear_bhb_loop+0x60/0xb0 [ 334.045089][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 334.051118][ T31] RIP: 0033:0x7fac0e9909fc [ 334.055940][ T31] RSP: 002b:00007fac0f754ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 334.064723][ T31] RAX: ffffffffffffffda RBX: 00007fac0f754fc0 RCX: 00007fac0e9909fc [ 334.072731][ T31] RDX: 0000000000000020 RSI: 00007fac0f755010 RDI: 0000000000000003 [ 334.080874][ T31] RBP: 0000000000000000 R08: 00007fac0f754f14 R09: 000000000000000c [ 334.088983][ T31] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 334.097199][ T31] R13: 00007fac0f754f68 R14: 00007fac0f755010 R15: 0000000000000000 [ 334.105645][ T31] [ 334.108767][ T31] INFO: task syz.1.1285:10185 blocked for more than 146 seconds. [ 334.117037][ T31] Not tainted 6.16.0-syzkaller-06610-g4eabe4cc0958 #0 [ 334.124481][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 334.133176][ T31] task:syz.1.1285 state:D stack:27016 pid:10185 tgid:10184 ppid:5842 task_flags:0x400140 flags:0x00004004 [ 334.145374][ T31] Call Trace: [ 334.148686][ T31] [ 334.151622][ T31] __schedule+0x1737/0x4d30 [ 334.156327][ T31] ? __lock_acquire+0xab9/0xd20 [ 334.161226][ T31] ? schedule+0x165/0x360 [ 334.165703][ T31] ? __lock_acquire+0xab9/0xd20 [ 334.170610][ T31] ? __pfx___schedule+0x10/0x10 [ 334.175772][ T31] ? schedule+0x91/0x360 [ 334.180093][ T31] schedule+0x165/0x360 [ 334.185306][ T31] schedule_preempt_disabled+0x13/0x30 [ 334.190897][ T31] __mutex_lock+0x7e3/0x1340 [ 334.195933][ T31] ? __dev_queue_xmit+0x27b/0x3b50 [ 334.201095][ T31] ? __mutex_lock+0x5b6/0x1340 [ 334.206301][ T31] ? genl_rcv_msg+0x10d/0x790 [ 334.211040][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 334.216158][ T31] ? __dev_queue_xmit+0x27b/0x3b50 [ 334.221325][ T31] ? radix_tree_lookup+0x240/0x290 [ 334.226620][ T31] genl_rcv_msg+0x10d/0x790 [ 334.231159][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 334.236334][ T31] ? ref_tracker_free+0x63a/0x7d0 [ 334.241392][ T31] ? __asan_memcpy+0x40/0x70 [ 334.246096][ T31] ? __pfx_ref_tracker_free+0x10/0x10 [ 334.251510][ T31] netlink_rcv_skb+0x205/0x470 [ 334.256416][ T31] ? __lock_acquire+0xab9/0xd20 [ 334.261307][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 334.266436][ T31] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 334.271861][ T31] ? down_read+0x1ad/0x2e0 [ 334.276553][ T31] genl_rcv+0x28/0x40 [ 334.280577][ T31] netlink_unicast+0x82c/0x9e0 [ 334.285552][ T31] ? __pfx_netlink_unicast+0x10/0x10 [ 334.290886][ T31] ? netlink_sendmsg+0x642/0xb30 [ 334.296798][ T31] ? skb_put+0x11b/0x210 [ 334.301097][ T31] netlink_sendmsg+0x805/0xb30 [ 334.306689][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 334.312724][ T31] ? aa_sock_msg_perm+0x94/0x160 [ 334.318363][ T31] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 334.324121][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 334.329509][ T31] __sock_sendmsg+0x21c/0x270 [ 334.334471][ T31] __sys_sendto+0x3bd/0x520 [ 334.339132][ T31] ? __pfx___sys_sendto+0x10/0x10 [ 334.344425][ T31] ? count_memcg_event_mm+0x21/0x260 [ 334.349772][ T31] ? exc_page_fault+0x76/0xf0 [ 334.354738][ T31] ? do_user_addr_fault+0xc8a/0x1390 [ 334.360173][ T31] __x64_sys_sendto+0xde/0x100 [ 334.365100][ T31] do_syscall_64+0xfa/0x3b0 [ 334.369652][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 334.374974][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 334.381072][ T31] ? clear_bhb_loop+0x60/0xb0 [ 334.385853][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 334.391813][ T31] RIP: 0033:0x7fec803909fc [ 334.396449][ T31] RSP: 002b:00007fec812aaec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 334.405837][ T31] RAX: ffffffffffffffda RBX: 00007fec812aafc0 RCX: 00007fec803909fc [ 334.414301][ T31] RDX: 0000000000000020 RSI: 00007fec812ab010 RDI: 0000000000000007 [ 334.422318][ T31] RBP: 0000000000000000 R08: 00007fec812aaf14 R09: 000000000000000c [ 334.430510][ T31] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000007 [ 334.438685][ T31] R13: 00007fec812aaf68 R14: 00007fec812ab010 R15: 0000000000000000 [ 334.447041][ T31] [ 334.450124][ T31] INFO: task syz.3.1287:10191 blocked for more than 146 seconds. [ 334.458009][ T31] Not tainted 6.16.0-syzkaller-06610-g4eabe4cc0958 #0 [ 334.465463][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 334.474244][ T31] task:syz.3.1287 state:D stack:28360 pid:10191 tgid:10190 ppid:5843 task_flags:0x400040 flags:0x00004004 [ 334.486323][ T31] Call Trace: [ 334.489629][ T31] [ 334.492566][ T31] __schedule+0x1737/0x4d30 [ 334.497205][ T31] ? __lock_acquire+0xab9/0xd20 [ 334.502104][ T31] ? schedule+0x165/0x360 [ 334.506629][ T31] ? __lock_acquire+0xab9/0xd20 [ 334.511531][ T31] ? __pfx___schedule+0x10/0x10 [ 334.517060][ T31] ? schedule+0x91/0x360 [ 334.521374][ T31] schedule+0x165/0x360 [ 334.525657][ T31] schedule_preempt_disabled+0x13/0x30 [ 334.531159][ T31] __mutex_lock+0x7e3/0x1340 [ 334.535873][ T31] ? __dev_queue_xmit+0x27b/0x3b50 [ 334.541030][ T31] ? __mutex_lock+0x5b6/0x1340 [ 334.545968][ T31] ? genl_rcv_msg+0x10d/0x790 [ 334.550719][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 334.555872][ T31] ? __dev_queue_xmit+0x27b/0x3b50 [ 334.561036][ T31] ? radix_tree_lookup+0x240/0x290 [ 334.566294][ T31] genl_rcv_msg+0x10d/0x790 [ 334.570902][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 334.576117][ T31] ? ref_tracker_free+0x63a/0x7d0 [ 334.581199][ T31] ? __asan_memcpy+0x40/0x70 [ 334.586171][ T31] ? __pfx_ref_tracker_free+0x10/0x10 [ 334.591590][ T31] netlink_rcv_skb+0x205/0x470 [ 334.597327][ T31] ? __lock_acquire+0xab9/0xd20 [ 334.602237][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 334.607416][ T31] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 334.612780][ T31] ? down_read+0x1ad/0x2e0 [ 334.617794][ T31] genl_rcv+0x28/0x40 [ 334.622003][ T31] netlink_unicast+0x82c/0x9e0 [ 334.626894][ T31] ? __pfx_netlink_unicast+0x10/0x10 [ 334.632203][ T31] ? netlink_sendmsg+0x642/0xb30 [ 334.637276][ T31] ? skb_put+0x11b/0x210 [ 334.641751][ T31] netlink_sendmsg+0x805/0xb30 [ 334.646682][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 334.652031][ T31] ? aa_sock_msg_perm+0x94/0x160 [ 334.657201][ T31] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 334.662532][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 334.667969][ T31] __sock_sendmsg+0x21c/0x270 [ 334.672784][ T31] __sys_sendto+0x3bd/0x520 [ 334.677614][ T31] ? __pfx___sys_sendto+0x10/0x10 [ 334.682718][ T31] ? count_memcg_event_mm+0x21/0x260 [ 334.688174][ T31] ? exc_page_fault+0x76/0xf0 [ 334.692911][ T31] ? do_user_addr_fault+0xc8a/0x1390 [ 334.698403][ T31] __x64_sys_sendto+0xde/0x100 [ 334.703303][ T31] do_syscall_64+0xfa/0x3b0 [ 334.707863][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 334.713098][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 334.719659][ T31] ? clear_bhb_loop+0x60/0xb0 [ 334.724565][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 334.730511][ T31] RIP: 0033:0x7f4488b909fc [ 334.735065][ T31] RSP: 002b:00007f44889f5ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 334.743599][ T31] RAX: ffffffffffffffda RBX: 00007f44889f5fc0 RCX: 00007f4488b909fc [ 334.751609][ T31] RDX: 0000000000000020 RSI: 00007f44889f6010 RDI: 0000000000000005 [ 334.761242][ T31] RBP: 0000000000000000 R08: 00007f44889f5f14 R09: 000000000000000c [ 334.769595][ T31] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000005 [ 334.777742][ T31] R13: 00007f44889f5f68 R14: 00007f44889f6010 R15: 0000000000000000 [ 334.786036][ T31] [ 334.789173][ T31] [ 334.789173][ T31] Showing all locks held in the system: [ 334.799255][ T31] 1 lock held by khungtaskd/31: [ 334.804645][ T31] #0: ffffffff8e13c4e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 334.814708][ T31] 2 locks held by kworker/u8:6/1103: [ 334.820752][ T31] #0: ffff8880b8639f58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 334.831131][ T31] #1: ffff8880b8624008 (per_cpu_ptr(&psi_seq, cpu)){-.-.}-{0:0}, at: psi_task_switch+0x53/0x880 [ 334.843187][ T31] 4 locks held by kworker/u8:7/1106: [ 334.848601][ T31] 2 locks held by getty/5599: [ 334.853418][ T31] #0: ffff88814cf7b0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 334.863380][ T31] #1: ffffc900036c32f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400 [ 334.873717][ T31] 1 lock held by udevd/5849: [ 334.878338][ T31] #0: ffff888142f59358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xd30 [ 334.887780][ T31] 6 locks held by syz.0.1277/10154: [ 334.893012][ T31] #0: ffffffff8f56e570 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 334.901821][ T31] #1: ffffffff8f56e388 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790 [ 334.910973][ T31] #2: ffff8880258c2a30 (&nbd->config_lock){+.+.}-{4:4}, at: nbd_genl_reconfigure+0x36f/0x1870 [ 334.928108][ T31] #3: ffff888142f3fcc8 (&q->limits_lock){+.+.}-{4:4}, at: nbd_set_size+0x292/0x6a0 [ 334.938290][ T31] #4: ffff888142f3f668 (&q->q_usage_counter(io)#49){++++}-{0:0}, at: queue_limits_commit_update_frozen+0x5e/0x360 [ 334.950978][ T31] #5: ffff888142f3f6a0 (&q->q_usage_counter(queue)){+.+.}-{0:0}, at: queue_limits_commit_update_frozen+0x5e/0x360 [ 334.963366][ T31] 2 locks held by syz.2.1280/10165: [ 334.968680][ T31] #0: ffffffff8f56e570 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 334.977455][ T31] #1: ffffffff8f56e388 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790 [ 334.987082][ T31] 2 locks held by syz.2.1280/10168: [ 334.992431][ T31] #0: ffffffff8f56e570 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 335.001498][ T31] #1: ffffffff8f56e388 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790 [ 335.010605][ T31] 2 locks held by syz.4.1282/10173: [ 335.016379][ T31] #0: ffffffff8f56e570 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 335.025877][ T31] #1: ffffffff8f56e388 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790 [ 335.035125][ T31] 2 locks held by syz.4.1282/10174: [ 335.040380][ T31] #0: ffffffff8f56e570 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 335.048821][ T31] #1: ffffffff8f56e388 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790 [ 335.058038][ T31] 2 locks held by syz.4.1282/10175: [ 335.063358][ T31] #0: ffffffff8f56e570 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 335.071607][ T31] #1: ffffffff8f56e388 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790 [ 335.082527][ T31] 2 locks held by syz.4.1282/10176: [ 335.089386][ T31] #0: ffffffff8f56e570 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 335.097988][ T31] #1: ffffffff8f56e388 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790 [ 335.107292][ T31] 2 locks held by syz.1.1285/10185: [ 335.112513][ T31] #0: ffffffff8f56e570 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 335.120838][ T31] #1: ffffffff8f56e388 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790 [ 335.130487][ T31] 2 locks held by syz.3.1287/10191: [ 335.135831][ T31] #0: ffffffff8f56e570 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 335.144171][ T31] #1: ffffffff8f56e388 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790 [ 335.153194][ T31] 2 locks held by syz-executor/10199: [ 335.158870][ T31] #0: ffffffff8f56e570 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 335.167366][ T31] #1: ffffffff8f56e388 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790 [ 335.176514][ T31] 2 locks held by syz-executor/10200: [ 335.181915][ T31] #0: ffffffff8f56e570 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 335.190502][ T31] #1: ffffffff8f56e388 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790 [ 335.199741][ T31] 2 locks held by syz-executor/10203: [ 335.205221][ T31] #0: ffffffff8f56e570 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 335.214316][ T31] #1: ffffffff8f56e388 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790 [ 335.223444][ T31] 2 locks held by syz-executor/10204: [ 335.228860][ T31] #0: ffffffff8f56e570 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 335.237723][ T31] #1: ffffffff8f56e388 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790 [ 335.246884][ T31] 2 locks held by syz-executor/10208: [ 335.252288][ T31] #0: ffffffff8f56e570 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 335.260648][ T31] #1: ffffffff8f56e388 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790 [ 335.269852][ T31] 2 locks held by syz-executor/10244: [ 335.275421][ T31] #0: ffffffff8f56e570 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 335.283747][ T31] #1: ffffffff8f56e388 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790 [ 335.292774][ T31] 2 locks held by syz-executor/10245: [ 335.298267][ T31] #0: ffffffff8f56e570 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 335.306587][ T31] #1: ffffffff8f56e388 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790 [ 335.315731][ T31] 2 locks held by syz-executor/10248: [ 335.321129][ T31] #0: ffffffff8f56e570 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 335.329677][ T31] #1: ffffffff8f56e388 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790 [ 335.339302][ T31] 2 locks held by syz-executor/10249: [ 335.344922][ T31] #0: ffffffff8f56e570 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 335.353190][ T31] #1: ffffffff8f56e388 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790 [ 335.362413][ T31] 2 locks held by syz-executor/10252: [ 335.367915][ T31] #0: ffffffff8f56e570 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 335.376414][ T31] #1: ffffffff8f56e388 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790 [ 335.385643][ T31] 2 locks held by syz-executor/10289: [ 335.391046][ T31] #0: ffffffff8f56e570 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 335.399474][ T31] #1: ffffffff8f56e388 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790 [ 335.408810][ T31] 2 locks held by syz-executor/10291: [ 335.414301][ T31] #0: ffffffff8f56e570 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 335.422566][ T31] #1: ffffffff8f56e388 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790 [ 335.431706][ T31] 2 locks held by syz-executor/10293: [ 335.437502][ T31] #0: ffffffff8f56e570 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 335.447093][ T31] #1: ffffffff8f56e388 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790 [ 335.456407][ T31] 2 locks held by syz-executor/10295: [ 335.461802][ T31] #0: ffffffff8f56e570 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 335.470150][ T31] #1: ffffffff8f56e388 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790 [ 335.479335][ T31] 2 locks held by syz-executor/10296: [ 335.484826][ T31] #0: ffffffff8f56e570 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 335.493091][ T31] #1: ffffffff8f56e388 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790 [ 335.502309][ T31] [ 335.504792][ T31] ============================================= [ 335.504792][ T31] [ 335.513329][ T31] NMI backtrace for cpu 0 [ 335.513349][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-syzkaller-06610-g4eabe4cc0958 #0 PREEMPT(full) [ 335.513375][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 335.513387][ T31] Call Trace: [ 335.513396][ T31] [ 335.513406][ T31] dump_stack_lvl+0x189/0x250 [ 335.513438][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 335.513461][ T31] ? __pfx__printk+0x10/0x10 [ 335.513502][ T31] nmi_cpu_backtrace+0x39e/0x3d0 [ 335.513533][ T31] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 335.513562][ T31] ? __pfx__printk+0x10/0x10 [ 335.513595][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 335.513629][ T31] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 335.513659][ T31] watchdog+0xf93/0xfe0 [ 335.513694][ T31] ? watchdog+0x1de/0xfe0 [ 335.513729][ T31] kthread+0x70e/0x8a0 [ 335.513757][ T31] ? __pfx_watchdog+0x10/0x10 [ 335.513786][ T31] ? __pfx_kthread+0x10/0x10 [ 335.513812][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 335.513840][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 335.513868][ T31] ? __pfx_kthread+0x10/0x10 [ 335.513893][ T31] ret_from_fork+0x3fc/0x770 [ 335.513928][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 335.513974][ T31] ? __switch_to_asm+0x39/0x70 [ 335.514004][ T31] ? __switch_to_asm+0x33/0x70 [ 335.514026][ T31] ? __pfx_kthread+0x10/0x10 [ 335.514052][ T31] ret_from_fork_asm+0x1a/0x30 [ 335.514096][ T31] [ 335.514106][ T31] Sending NMI from CPU 0 to CPUs 1: [ 335.664675][ C1] NMI backtrace for cpu 1 [ 335.664694][ C1] CPU: 1 UID: 0 PID: 9376 Comm: kworker/u8:24 Not tainted 6.16.0-syzkaller-06610-g4eabe4cc0958 #0 PREEMPT(full) [ 335.664717][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 335.664729][ C1] Workqueue: bat_events batadv_nc_worker [ 335.664758][ C1] RIP: 0010:batadv_nc_worker+0xa7/0x610 [ 335.664783][ C1] Code: 31 ff 89 ee e8 aa 46 82 f6 85 ed 0f 84 55 02 00 00 45 31 ff 48 89 d8 48 c1 e8 03 48 89 44 24 18 48 89 5c 24 08 4c 89 6c 24 10 <48> 8b 44 24 18 42 80 3c 20 00 74 08 48 89 df e8 25 65 e5 f6 4a 8d [ 335.664800][ C1] RSP: 0018:ffffc9001cd07a20 EFLAGS: 00000293 [ 335.664815][ C1] RAX: ffffffff8b3d7075 RBX: ffff88803350bec0 RCX: ffff888026fd9e00 [ 335.664829][ C1] RDX: 0000000000000000 RSI: ffffffff8db66072 RDI: ffff888026fd9e00 [ 335.664842][ C1] RBP: fffffffffffffe38 R08: 0000000000000000 R09: ffffffff8b3d6e92 [ 335.664854][ C1] R10: dffffc0000000000 R11: ffffffff8b3d6dc0 R12: dffffc0000000000 [ 335.664867][ C1] R13: ffff88803350bed0 R14: ffff888032e54d80 R15: 0000000000000166 [ 335.664880][ C1] FS: 0000000000000000(0000) GS:ffff888125d80000(0000) knlGS:0000000000000000 [ 335.664895][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 335.664907][ C1] CR2: 00005633ee51c000 CR3: 000000000df38000 CR4: 00000000003526f0 [ 335.664924][ C1] Call Trace: [ 335.664932][ C1] [ 335.664942][ C1] ? process_scheduled_works+0x9ef/0x17b0 [ 335.664973][ C1] process_scheduled_works+0xae1/0x17b0 [ 335.665018][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 335.665055][ C1] worker_thread+0x8a0/0xda0 [ 335.665092][ C1] ? __kthread_parkme+0x7b/0x200 [ 335.665115][ C1] kthread+0x70e/0x8a0 [ 335.665137][ C1] ? __pfx_worker_thread+0x10/0x10 [ 335.665165][ C1] ? __pfx_kthread+0x10/0x10 [ 335.665191][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 335.665215][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 335.665239][ C1] ? __pfx_kthread+0x10/0x10 [ 335.665260][ C1] ret_from_fork+0x3fc/0x770 [ 335.665289][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 335.665321][ C1] ? __switch_to_asm+0x39/0x70 [ 335.665341][ C1] ? __switch_to_asm+0x33/0x70 [ 335.665361][ C1] ? __pfx_kthread+0x10/0x10 [ 335.665381][ C1] ret_from_fork_asm+0x1a/0x30 [ 335.665411][ C1] [ 335.665772][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 335.892521][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-syzkaller-06610-g4eabe4cc0958 #0 PREEMPT(full) [ 335.903998][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 335.914101][ T31] Call Trace: [ 335.917392][ T31] [ 335.920336][ T31] dump_stack_lvl+0x99/0x250 [ 335.924968][ T31] ? __asan_memcpy+0x40/0x70 [ 335.929594][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 335.934802][ T31] ? __pfx__printk+0x10/0x10 [ 335.939454][ T31] panic+0x2db/0x790 [ 335.943366][ T31] ? __pfx_panic+0x10/0x10 [ 335.947830][ T31] ? __pfx___x2apic_send_IPI_mask+0x10/0x10 [ 335.953749][ T31] ? nmi_trigger_cpumask_backtrace+0x2b6/0x300 [ 335.959929][ T31] watchdog+0xfd2/0xfe0 [ 335.964209][ T31] ? watchdog+0x1de/0xfe0 [ 335.968562][ T31] kthread+0x70e/0x8a0 [ 335.972680][ T31] ? __pfx_watchdog+0x10/0x10 [ 335.977396][ T31] ? __pfx_kthread+0x10/0x10 [ 335.982021][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 335.987257][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 335.992487][ T31] ? __pfx_kthread+0x10/0x10 [ 335.997100][ T31] ret_from_fork+0x3fc/0x770 [ 336.001714][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 336.006940][ T31] ? __switch_to_asm+0x39/0x70 [ 336.011734][ T31] ? __switch_to_asm+0x33/0x70 [ 336.016508][ T31] ? __pfx_kthread+0x10/0x10 [ 336.021145][ T31] ret_from_fork_asm+0x1a/0x30 [ 336.025958][ T31] [ 336.029343][ T31] Kernel Offset: disabled [ 336.033704][ T31] Rebooting in 86400 seconds..