last executing test programs: 1m12.114936339s ago: executing program 1 (id=1672): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000580), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_WPAN_PHY(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)={0x1c, r1, 0x307, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}}, 0x0) 1m10.637370538s ago: executing program 1 (id=1675): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_PORT_GET(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="20000000021401000000000000000400080001"], 0x20}}, 0x0) 1m10.601414043s ago: executing program 0 (id=1678): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x2}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r1, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000580)={r2, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) socket$kcm(0x2, 0x0, 0x84) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) 1m10.46046933s ago: executing program 4 (id=1679): r0 = syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)=ANY=[@ANYBLOB="18000000", @ANYRES16=r0, @ANYBLOB="b98700000000000000000b"], 0x18}}, 0x0) 1m10.426735153s ago: executing program 1 (id=1680): r0 = syz_genetlink_get_family_id$fou(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0x10, 0x3, 0x0) getsockname$packet(r2, &(0x7f00000007c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) sendmsg$FOU_CMD_ADD(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000000000000100000008000800e000000006000a004e"], 0x34}}, 0x0) 1m10.194948678s ago: executing program 4 (id=1682): r0 = socket$kcm(0x10, 0x2, 0x0) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000560013f16ff28e036afc004a07"], 0xfe33) 1m9.92669555s ago: executing program 1 (id=1684): r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="44000000030801"], 0x44}}, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) socket$packet(0x11, 0x0, 0x300) socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f00000000c0)={'syz_tun\x00', &(0x7f0000000500)=@ethtool_link_settings={0x8}}) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) 1m7.693927789s ago: executing program 0 (id=1687): r0 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f00000001c0)) sendmsg$nl_route(r0, 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r2) sendmsg$IEEE802154_DISASSOCIATE_REQ(0xffffffffffffffff, 0x0, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=@delchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r3}}, 0x24}}, 0x0) 1m7.244653755s ago: executing program 4 (id=1689): r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0) sendmsg$nl_route(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="580000005500010028bd7000fcdbdf2507000000", @ANYRES32, @ANYBLOB="20000100c8199d57dd081342ffe674e85d7a83a4e760cc90e8f89b77e6"], 0x58}}, 0x0) 1m7.244407579s ago: executing program 1 (id=1690): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x20000010) 1m7.2442392s ago: executing program 2 (id=1691): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r0, 0x8930, &(0x7f0000000900)={'bridge0\x00', @random='\x00\x00\x00 \x00'}) 1m5.634599121s ago: executing program 3 (id=1692): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000000)=0x810a, 0x4) 1m5.047517809s ago: executing program 4 (id=1693): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e0", 0x1}], 0x1}, 0x0) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa2c"], 0xfdef) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 1m5.024973221s ago: executing program 0 (id=1694): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000)={'team0\x00', 0x0}) socket$nl_route(0x10, 0x3, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2002}, [@IFLA_IFNAME={0x14, 0x3, 'wlan1\x00'}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x3c}}, 0x0) 1m4.193279475s ago: executing program 2 (id=1695): r0 = socket$inet_smc(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e22, @multicast2}, 0x10) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000040)=@gcm_256={{}, "e67663b91689cfa8", "0dbc44d199b41babd780bfc2af299693d3ba2746d0caacd224f1186a83c47940", "6a2232dd", "e6fb43ee937f6281"}, 0x38) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) 1m3.169918043s ago: executing program 3 (id=1696): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="580000005500010028bd7000fcdbdf2507000000", @ANYRES32, @ANYBLOB="20000100c8199d57dd081342ff"], 0x58}}, 0x0) 1m3.13863996s ago: executing program 2 (id=1697): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 1m2.194233987s ago: executing program 2 (id=1698): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000008c0)=@newlink={0x50, 0x10, 0x49920d862a92153b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x80300, 0x20010}}}}}}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x1}]}, 0x50}}, 0x0) 1m2.193490748s ago: executing program 4 (id=1699): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f00000000c0)={'wg0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="340000001000110400"/20, @ANYRES32=r1, @ANYBLOB="000000000000000008000400000000000c001a80080002"], 0x34}}, 0x0) 1m0.619394419s ago: executing program 3 (id=1700): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) bind$packet(r0, &(0x7f0000000100)={0x11, 0x4, r1}, 0x14) syz_emit_ethernet(0x16, &(0x7f00000005c0)=ANY=[], 0x0) 1m0.479463687s ago: executing program 2 (id=1701): bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff}) close(r0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) close(r0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r2, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r3}, 0x10) r4 = socket$inet_tcp(0x2, 0x1, 0x0) connect$inet(r4, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10) 57.366017144s ago: executing program 4 (id=1702): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000004c0)=ANY=[@ANYBLOB="34ffffff1700dd8d0000000000000000020000000000000600000000060015000a000000100016800c0001000008010000000000bb1d9c77966303caff7661d76445ad111bdae34e32cf6a1a4ab7590d504ea2b16a82fd15fddf85fe5edef2d40feb9ed5f8bf2c2ecaea0cbb5210ddccfcd819c00801996baaa08f5bc5f4c20a558d1f4c3c53d402590e2c9bd55074a2f22990f7a802b4e0de5ac5479279c7f073490a56d87818"], 0x34}}, 0x0) sendmsg$NFT_MSG_GETSET(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a40)=ANY=[@ANYBLOB="1c0000000a0a000000200000000000000000000008000a4000080000"], 0x1c}}, 0x40) r1 = socket(0xf, 0x800, 0x0) sendmsg$AUDIT_MAKE_EQUIV(r1, &(0x7f0000000a00)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000009c0)={&(0x7f0000000980)={0x28, 0x3f7, 0x126, 0x70bd2a, 0x3, {0x7, 0x7, './file0', './file0'}, ["", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x11}, 0x4840) sendto(r1, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) r2 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000100)=@o_path={&(0x7f00000000c0)='./file0\x00', 0x0, 0x4020}, 0x18) bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x12, 0x4, 0x4, 0x12, 0x8, r2, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xfffffffc, 0x80002}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000800000000000000000000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$MAP_CREATE(0x0, 0x0, 0x0) r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={r4, 0xe0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000f8ffffff85000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10) r6 = openat$tun(0xffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000002280)={'pim6reg0\x00', 0x2102}) ioctl$TUNSETQUEUE(r6, 0x400454d9, &(0x7f0000000080)={'nicvf0\x00', 0x400}) ioctl$TUNSETTXFILTER(r6, 0x401054d5, &(0x7f0000000380)=ANY=[@ANYBLOB="4504"]) openat$tun(0xffffff9c, &(0x7f0000000040), 0x0, 0x0) sendmsg$IPSET_CMD_SAVE(r3, &(0x7f0000000240)={0x0, 0x8, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000080603000000000000000000020000000500010007"], 0x1c}}, 0x0) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x301) recvfrom(r3, 0x0, 0x7000000, 0x0, 0x0, 0x0) 57.305163203s ago: executing program 0 (id=1704): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x1a, &(0x7f0000000340)=@framed={{}, [@exit, @map_fd={0x18, 0x4}, @alu={0x0, 0x1, 0xc, 0x0, 0x0, 0xffffffffffffffe4}, @func={0x85, 0x0, 0x1, 0x0, 0x8}, @ringbuf_query, @ringbuf_query, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7ff}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @exit]}, &(0x7f0000000000)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f0000000440), r0) socket$inet_tcp(0x2, 0x1, 0x0) socket$netlink(0x10, 0x3, 0x0) bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8922, &(0x7f0000002280)={'veth1_macvtap\x00', @random="2b1c00004ec6"}) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) sendmsg$IPVS_CMD_GET_INFO(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000780)={0x14, 0x0, 0x603}, 0x14}}, 0x0) r3 = accept4(r2, 0x0, 0x0, 0x0) getsockopt$IPT_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x0, 0x43, 0x0, 0x0) socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000200)="ad00"/16, 0x10) sendmsg$can_raw(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x20008000) read$alg(r3, &(0x7f0000000080)=""/16, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0) recvmmsg(r3, &(0x7f0000002440), 0x3ffffffffffff67, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket(0x1, 0x803, 0x0) r4 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r4, &(0x7f0000000180)={0xa, 0x0, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, 0x4}, 0x1c) ioctl$int_in(r4, 0x5452, &(0x7f0000000040)=0x5) 54.550671262s ago: executing program 3 (id=1705): r0 = socket$kcm(0x2, 0x3, 0x2) sendmsg$inet(r0, &(0x7f0000000500)={&(0x7f0000000080)={0x2, 0x0, @local}, 0x10, &(0x7f0000000000)=[{0x0}], 0x1}, 0x0) 54.519205395s ago: executing program 3 (id=1706): bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x7, 0x0, &(0x7f0000000100)="e0b9547ed387db", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB='<\x00', @ANYRES16=r1, @ANYBLOB="050000000000000000002e00000008000300", @ANYRES32=r2, @ANYBLOB="0a00340002020202020200000400cc0004001e01090049"], 0x3c}}, 0x0) r3 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_STAT_GET(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2000000011140100000700000000000008"], 0x20}}, 0x0) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r4, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) socket$inet6_mptcp(0xa, 0x1, 0x106) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f00000000c0)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r5}, 0x10) r6 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8100000}, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r6, 0x89e2, &(0x7f0000000900)={r3}) syz_genetlink_get_family_id$tipc(&(0x7f00000008c0), r7) write$binfmt_misc(r4, &(0x7f0000000000)=ANY=[@ANYBLOB="15"], 0x6) r8 = socket$tipc(0x1e, 0x2, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000500)={0x11, 0x0, 0x0}, &(0x7f0000000540)=0x14) r10 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000600)={&(0x7f0000000580)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0xb, [@func={0x4, 0x0, 0x0, 0xc, 0x3}, @ptr={0x5}]}, {0x0, [0x30, 0x2e, 0x61, 0x30, 0x30, 0x5f, 0x0, 0x61, 0x5f]}}, &(0x7f00000005c0)=""/26, 0x3b, 0x1a, 0x1, 0x2}, 0x20) r11 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000006c0)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x4, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xa, &(0x7f0000000340)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x6}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r8}}, @generic={0x65, 0x5, 0xe, 0xe8, 0xc67}, @initr0={0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x2}]}, &(0x7f00000001c0)='syzkaller\x00', 0x200, 0xef, &(0x7f00000003c0)=""/239, 0x40f00, 0x4b, '\x00', r9, 0x17, r10, 0x8, &(0x7f0000000640)={0x9, 0x3}, 0x8, 0x10, &(0x7f0000000680)={0x4, 0x0, 0x793, 0x4}, 0x10, 0x0, r5, 0x5, &(0x7f0000000740)=[r11, 0x1], &(0x7f0000000780)=[{0x0, 0x5}, {0x3, 0x4, 0xd, 0x2}, {0x2, 0x5, 0x3, 0x9ea30fa75653a0be}, {0x4, 0x1, 0xa, 0x7}, {0x5, 0x3, 0x9, 0x4}], 0x10, 0x7}, 0x90) getsockopt$TIPC_IMPORTANCE(r8, 0x10f, 0x7f, &(0x7f0000000080), &(0x7f0000000180)=0x4) 48.763436833s ago: executing program 0 (id=1707): r0 = socket$inet_smc(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e22, @multicast2}, 0x10) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000040)=@gcm_256={{}, "e67663b91689cfa8", "0dbc44d199b41babd780bfc2af299693d3ba2746d0caacd224f1186a83c47940", "6a2232dd", "e6fb43ee937f6281"}, 0x38) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) 48.762614258s ago: executing program 2 (id=1708): getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, 0x0, 0x0) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan1\x00'}) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x0, 0x305}, 0x14}}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendto$packet(0xffffffffffffffff, &(0x7f0000000080)="e7feeeb53d72", 0x6, 0x0, 0x0, 0x0) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58) r4 = accept4(r3, 0x0, 0x0, 0x0) r5 = socket$packet(0x11, 0x2, 0x300) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r6 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(0xffffffffffffffff, &(0x7f0000000100)={@val={0xa}, @void, @eth={@broadcast, @remote, @val, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}}, 0x46) recvmmsg(r4, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), r4) sendmsg$ETHTOOL_MSG_DEBUG_SET(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x24048050) sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="48040000", @ANYRES16=r1, @ANYRES32, @ANYRESHEX=r5, @ANYRES8=r3], 0x448}, 0x1, 0x0, 0x0, 0x448a4}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r9 = syz_genetlink_get_family_id$devlink(&(0x7f0000000180), r7) sendmsg$DEVLINK_CMD_PORT_UNSPLIT(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000840)=ANY=[@ANYBLOB="00010000", @ANYRES16=r9, @ANYBLOB="000125bd7000fbdbdf250a0000000e0001006e657464657673696d0000000f0002006e657464657673696d3000003ba0f2563edea96e0e0001006e657464657673696d0000000f0002006e657464657673696d3000000800030000000000080001007063690011000200303030303a30303a31302e30000000000800030002001e000e0001006e65746465877673696d0000000f0002006e657464757673696d30000008000300000000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008000300010000000e0001006e657464657673696d0000004f0002006e657464657673696d3000000800030000000000"], 0x100}, 0x1, 0x0, 0x0, 0x4080}, 0x80) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000400)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=ANY=[@ANYBLOB, @ANYRES16=r8, @ANYBLOB="05000000000000000000060000000800", @ANYRES32=r10, @ANYBLOB="08000500020000008c879ebf6463558ab37a2b695d3de0f0ea40e4d12bed52146767c1c8e27fb75584ba43517aec67cd34b5162ec309745a6976b933b93791f8a39b8372837abce2237d6f7de038133a8078cdb7a8604cf2098d4d3039b88a8145292afc9cfedcd7f342137217b2000000008a35927dabe2fb08905ffca585e46daa7c327a783da9610b8d4d5b665442899d490114ea0abc0148c0c791f9eaa9dbcb93eb0cbc7ba19739"], 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x40, r8, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_USE_MFP={0x8}, @NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x2}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x40}}, 0x0) 45.336579s ago: executing program 3 (id=1710): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x6, &(0x7f00000006c0)=ANY=[@ANYBLOB="b40800000000000073114100000000008510000002000000b7000000000000009500c2000000000095000012000000000e09b9445761db3ed82f7be4b9f1628b9a5c40384cb45e62e827e611f21a01a76f66f616553959b478ad3c46bb20e558783b21dd5307760617deec8b1b75c00853ee69e33ba2c01c28950365dd46fcc9f2ac6d20197fd68292e8445824f49b6fba41a316e13e462e31ca00d2622d56318d78e271d364329e7ae732bf8dade587bb30d67e23f78662621b74aabfd8eaf399893bab50fed33101f5a1085f991877907bd6117db675155932860499977f7384a8d94e810492c284fc7cc784ed942bf11d72897a7896f5f8c957984312e9d39eaa478a3065afd52404cb058b"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195}, 0x70) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90) r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r3}, 0x10) bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r4}, 0x8) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) bpf$BPF_GET_PROG_INFO(0x1c, &(0x7f00000003c0)={r2, 0x0, 0x0}, 0x10) listen(r1, 0x0) syz_emit_ethernet(0x42, &(0x7f0000000080)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x8, 0xc2, 0x0, 0x0, 0x0, {[@mptcp=@mp_fclose={0x1e, 0xc, 0x81}]}}}}}}}, 0x0) 33.231158814s ago: executing program 0 (id=1711): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000020240), 0x10010) socket$kcm(0x2, 0x0, 0x2) socket$packet(0x11, 0x0, 0x300) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r1, &(0x7f0000000040)="05000000030001", 0x7) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x7, 0x10012, r0, 0x0) r2 = socket(0x15, 0x5, 0x0) getsockopt(r2, 0x200000000114, 0x271f, &(0x7f0000000580)=""/102393, &(0x7f0000000040)=0x18ff9) socket$nl_route(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48) socket$nl_route(0x10, 0x3, 0x0) socket$inet6_mptcp(0xa, 0x1, 0x106) socket$inet_tcp(0x2, 0x1, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, 0x0, 0x0) socket(0x10, 0x3, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)) socket$nl_route(0x10, 0x3, 0x0) syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff) pipe(&(0x7f0000000100)) r3 = socket(0x1, 0x803, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)) r5 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="440000001000030400e4ffffffffff", @ANYRES32=0x0, @ANYRES32=r4, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x44}}, 0x0) syz_emit_ethernet(0x3a, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaa0000000000e008004600002c0000000000019078ac3d02"], 0x0) accept4$inet(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040)=0x10, 0x0) 0s ago: executing program 1 (id=1703): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000ed000095"], &(0x7f00000000c0)='syzkaller\x00'}, 0x80) sendmsg$unix(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000000140)="c6e600ce52d27e7daf14a973c72c9bbda23d65018c12a1d1deb74fba1a1d831066ff38d228", 0x25}, {0x0}], 0x2, &(0x7f0000000240)=ANY=[@ANYBLOB="1c002000"/16, @ANYRES32, @ANYRES32, @ANYRES32=0x0, @ANYBLOB="000000001c00000000000000010000004bd9810e3373533f840fb48d6c84f9679ce5597124a7eef1e0d8d5151309af7e7aeae01a6020b10daa798cff6abb910372c216c165c8758440d368c46a0700000061702e7aed3517a4a83df106e200"/106, @ANYRES32, @ANYRES32, @ANYRES64, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000002834504c982519a2337171d360a88975b7a47182276f67000000000000000000000000000000000000000000000000008000000000000000000000c987bcfbed771227317f156c2c7cba58fcbceb9919", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32], 0x90}, 0x40) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000003c0), &(0x7f0000000400)=0xc) r0 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0}, 0x0) sendmsg$netlink(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000700)={0x24, 0x2e, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @uid=r1}, @nested={0x5, 0x0, 0x0, 0x1, [@generic="97"]}, @nested={0x4}]}, 0x24}], 0x1}, 0x0) kernel console output (not intermixed with test programs): cklog [ 146.645266][ T7507] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 147.020706][ T7526] veth1_macvtap: left promiscuous mode [ 147.031519][ T7526] macsec0: entered promiscuous mode [ 147.051716][ T7526] macsec0: entered allmulticast mode [ 148.168519][ T7567] __nla_validate_parse: 19 callbacks suppressed [ 148.168539][ T7567] netlink: 12 bytes leftover after parsing attributes in process `syz.4.786'. [ 148.242856][ T7569] netlink: 16 bytes leftover after parsing attributes in process `syz.1.792'. [ 148.265997][ T7569] netlink: 96 bytes leftover after parsing attributes in process `syz.1.792'. [ 148.320603][ T7567] netlink: 8 bytes leftover after parsing attributes in process `syz.4.786'. [ 148.479119][ T7578] netlink: 4 bytes leftover after parsing attributes in process `syz.1.795'. [ 148.529134][ T7579] tun0: tun_chr_ioctl cmd 1074025692 [ 148.552509][ T7578] netlink: 228 bytes leftover after parsing attributes in process `syz.1.795'. [ 148.614341][ T7578] €Â: renamed from vlan0 (while UP) [ 148.747003][ T7589] netlink: 20 bytes leftover after parsing attributes in process `syz.2.798'. [ 149.387044][ T7605] netlink: 16 bytes leftover after parsing attributes in process `syz.3.806'. [ 149.418970][ T7605] netlink: 96 bytes leftover after parsing attributes in process `syz.3.806'. [ 149.510727][ T7610] netlink: 20 bytes leftover after parsing attributes in process `syz.4.807'. [ 149.644535][ T7613] bridge0: entered allmulticast mode [ 150.136761][ T5142] net_ratelimit: 22 callbacks suppressed [ 150.136780][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 150.412519][ T7649] netlink: 'syz.4.823': attribute type 11 has an invalid length. [ 150.455580][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 150.544596][ T7655] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 150.569758][ T7655] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 150.594850][ T7655] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 150.617485][ T5143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 150.630905][ T7654] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 150.646396][ T7654] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 150.701674][ T5143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 150.839427][ T7668] syz.1.831[7668] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 150.839589][ T7668] syz.1.831[7668] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 151.011424][ T7674] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 151.846613][ T7702] erspan0: entered promiscuous mode [ 151.891711][ T7702] bond0: entered promiscuous mode [ 151.913412][ T7702] bond_slave_0: entered promiscuous mode [ 151.927941][ T7702] bond_slave_1: entered promiscuous mode [ 151.944852][ T7702] macvlan0: entered promiscuous mode [ 153.204115][ T7758] vlan2: entered promiscuous mode [ 153.219617][ T7758] netdevsim netdevsim0 netdevsim1: entered promiscuous mode [ 153.230525][ T7758] vlan2: entered allmulticast mode [ 153.247524][ T7758] netdevsim netdevsim0 netdevsim1: entered allmulticast mode [ 153.401431][ T7768] __nla_validate_parse: 17 callbacks suppressed [ 153.401456][ T7768] netlink: 4 bytes leftover after parsing attributes in process `syz.1.863'. [ 153.465268][ T7769] macvlan2: entered allmulticast mode [ 153.577415][ T7768] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 153.584766][ T7768] IPv6: NLM_F_CREATE should be set when creating new route [ 153.627273][ T7773] netlink: 'syz.2.864': attribute type 25 has an invalid length. [ 153.644258][ T7773] netlink: 'syz.2.864': attribute type 7 has an invalid length. [ 153.653666][ T7777] netlink: 20 bytes leftover after parsing attributes in process `syz.3.866'. [ 153.804064][ T7781] FAULT_INJECTION: forcing a failure. [ 153.804064][ T7781] name failslab, interval 1, probability 0, space 0, times 0 [ 153.826165][ T7781] CPU: 0 PID: 7781 Comm: syz.1.867 Not tainted 6.10.0-rc6-syzkaller-00170-g0913ec336a6c #0 [ 153.836554][ T7781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 153.846636][ T7781] Call Trace: [ 153.849932][ T7781] [ 153.852877][ T7781] dump_stack_lvl+0x241/0x360 [ 153.857592][ T7781] ? __pfx_dump_stack_lvl+0x10/0x10 [ 153.862817][ T7781] ? __pfx__printk+0x10/0x10 [ 153.867439][ T7781] ? netlink_insert+0x10b7/0x14b0 [ 153.872483][ T7781] should_fail_ex+0x3b0/0x4e0 [ 153.877274][ T7781] ? __alloc_skb+0x1c3/0x440 [ 153.881883][ T7781] should_failslab+0x9/0x20 [ 153.886409][ T7781] kmem_cache_alloc_node_noprof+0x71/0x320 [ 153.892346][ T7781] __alloc_skb+0x1c3/0x440 [ 153.896795][ T7781] ? __pfx___alloc_skb+0x10/0x10 [ 153.901752][ T7781] ? netlink_autobind+0xd6/0x2f0 [ 153.906709][ T7781] ? netlink_autobind+0x2b0/0x2f0 [ 153.911764][ T7781] netlink_sendmsg+0x631/0xcb0 [ 153.916660][ T7781] ? __pfx_netlink_sendmsg+0x10/0x10 [ 153.921971][ T7781] ? __import_iovec+0x536/0x820 [ 153.927049][ T7781] ? aa_sock_msg_perm+0x91/0x160 [ 153.932019][ T7781] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 153.937313][ T7781] ? security_socket_sendmsg+0x87/0xb0 [ 153.942792][ T7781] ? __pfx_netlink_sendmsg+0x10/0x10 [ 153.948095][ T7781] __sock_sendmsg+0x221/0x270 [ 153.953243][ T7781] ____sys_sendmsg+0x525/0x7d0 [ 153.958047][ T7781] ? __pfx_____sys_sendmsg+0x10/0x10 [ 153.963365][ T7781] __sys_sendmsg+0x2b0/0x3a0 [ 153.967980][ T7781] ? __pfx___sys_sendmsg+0x10/0x10 [ 153.973116][ T7781] ? vfs_write+0x7c4/0xc90 [ 153.977595][ T7781] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 153.983944][ T7781] ? do_syscall_64+0x100/0x230 [ 153.988744][ T7781] ? do_syscall_64+0xb6/0x230 [ 153.993451][ T7781] do_syscall_64+0xf3/0x230 [ 153.997981][ T7781] ? clear_bhb_loop+0x35/0x90 [ 154.002695][ T7781] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 154.008616][ T7781] RIP: 0033:0x7f2f50b75bd9 [ 154.013094][ T7781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 154.032727][ T7781] RSP: 002b:00007f2f518e3048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 154.041176][ T7781] RAX: ffffffffffffffda RBX: 00007f2f50d03f60 RCX: 00007f2f50b75bd9 [ 154.049186][ T7781] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 154.057351][ T7781] RBP: 00007f2f518e30a0 R08: 0000000000000000 R09: 0000000000000000 [ 154.065423][ T7781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 154.073412][ T7781] R13: 000000000000000b R14: 00007f2f50d03f60 R15: 00007ffdf30be408 [ 154.081508][ T7781] [ 154.236742][ T7787] netlink: 4 bytes leftover after parsing attributes in process `syz.1.871'. [ 154.286414][ T7787] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 154.293691][ T7787] IPv6: NLM_F_CREATE should be set when creating new route [ 154.880715][ T7808] netlink: 32 bytes leftover after parsing attributes in process `syz.0.877'. [ 154.935863][ T7812] netlink: 32 bytes leftover after parsing attributes in process `syz.0.877'. [ 154.987096][ T7811] netlink: 44 bytes leftover after parsing attributes in process `syz.3.878'. [ 155.073471][ T7811] bridge0: entered promiscuous mode [ 155.124161][ T7811] bridge0: left promiscuous mode [ 155.204176][ T7818] netlink: 12 bytes leftover after parsing attributes in process `syz.0.880'. [ 155.334263][ T7818] netlink: 8 bytes leftover after parsing attributes in process `syz.0.880'. [ 155.337688][ T5313] net_ratelimit: 20 callbacks suppressed [ 155.337708][ T5313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 155.483970][ T7824] netlink: 4 bytes leftover after parsing attributes in process `syz.1.883'. [ 155.577876][ T7826] netlink: 32 bytes leftover after parsing attributes in process `syz.1.883'. [ 155.599968][ T7824] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 155.607323][ T7824] IPv6: NLM_F_CREATE should be set when creating new route [ 155.736371][ T5313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 156.392238][ T2527] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 156.776674][ T2527] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 156.784894][ T2527] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 156.860459][ T7849] erspan0: entered promiscuous mode [ 156.886929][ T7849] bond0: entered promiscuous mode [ 156.912998][ T7849] bond_slave_0: entered promiscuous mode [ 156.930815][ T7849] bond_slave_1: entered promiscuous mode [ 156.975251][ T7849] debugfs: Directory 'hsr1' with parent 'hsr' already present! [ 156.983002][ T7849] Cannot create hsr debugfs directory [ 157.202205][ T7860] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 157.209550][ T7860] IPv6: NLM_F_CREATE should be set when creating new route [ 157.415340][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 157.815749][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 157.979796][ T5143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 158.022780][ T7891] FAULT_INJECTION: forcing a failure. [ 158.022780][ T7891] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 158.055397][ T7891] CPU: 1 PID: 7891 Comm: syz.0.905 Not tainted 6.10.0-rc6-syzkaller-00170-g0913ec336a6c #0 [ 158.065444][ T7891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 158.075522][ T7891] Call Trace: [ 158.078816][ T7891] [ 158.081761][ T7891] dump_stack_lvl+0x241/0x360 [ 158.086496][ T7891] ? __pfx_dump_stack_lvl+0x10/0x10 [ 158.091808][ T7891] ? __pfx__printk+0x10/0x10 [ 158.096451][ T7891] should_fail_ex+0x3b0/0x4e0 [ 158.101168][ T7891] _copy_to_iter+0x43a/0x1960 [ 158.105881][ T7891] ? __virt_addr_valid+0x183/0x520 [ 158.111030][ T7891] ? __pfx__copy_to_iter+0x10/0x10 [ 158.116227][ T7891] ? __virt_addr_valid+0x183/0x520 [ 158.121371][ T7891] ? __virt_addr_valid+0x183/0x520 [ 158.126702][ T7891] ? __virt_addr_valid+0x44e/0x520 [ 158.131850][ T7891] ? __check_object_size+0x49c/0x900 [ 158.137171][ T7891] __skb_datagram_iter+0x110/0x8c0 [ 158.142315][ T7891] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 158.147992][ T7891] skb_copy_datagram_iter+0xd1/0x250 [ 158.153318][ T7891] netlink_recvmsg+0x2d0/0x11d0 [ 158.158538][ T7891] ? __pfx_netlink_recvmsg+0x10/0x10 [ 158.163865][ T7891] ? iovec_from_user+0x87/0x240 [ 158.168748][ T7891] ? iovec_from_user+0x87/0x240 [ 158.173715][ T7891] ? __pfx_aa_sk_perm+0x10/0x10 [ 158.178589][ T7891] ? aa_sock_msg_perm+0x91/0x160 [ 158.183624][ T7891] ? bpf_lsm_socket_recvmsg+0x9/0x10 [ 158.188912][ T7891] ? security_socket_recvmsg+0x90/0xb0 [ 158.194380][ T7891] ? __pfx_netlink_recvmsg+0x10/0x10 [ 158.199771][ T7891] sock_recvmsg+0x22f/0x280 [ 158.204287][ T7891] ____sys_recvmsg+0x1db/0x470 [ 158.209057][ T7891] ? __pfx_____sys_recvmsg+0x10/0x10 [ 158.214359][ T7891] do_recvmmsg+0x474/0xae0 [ 158.218791][ T7891] ? mark_lock+0x9a/0x350 [ 158.223141][ T7891] ? __pfx_do_recvmmsg+0x10/0x10 [ 158.228111][ T7891] ? __pfx___might_resched+0x10/0x10 [ 158.233418][ T7891] ? __might_fault+0xaa/0x120 [ 158.238113][ T7891] ? __pfx_lock_release+0x10/0x10 [ 158.243139][ T7891] ? vfs_write+0x7c4/0xc90 [ 158.247571][ T7891] ? get_timespec64+0x19c/0x280 [ 158.252454][ T7891] __x64_sys_recvmmsg+0x1b8/0x250 [ 158.257505][ T7891] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 158.263056][ T7891] ? do_syscall_64+0x100/0x230 [ 158.267910][ T7891] ? do_syscall_64+0xb6/0x230 [ 158.272589][ T7891] do_syscall_64+0xf3/0x230 [ 158.277113][ T7891] ? clear_bhb_loop+0x35/0x90 [ 158.281809][ T7891] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 158.287710][ T7891] RIP: 0033:0x7f7adc775bd9 [ 158.292125][ T7891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 158.311758][ T7891] RSP: 002b:00007f7add621048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 158.320189][ T7891] RAX: ffffffffffffffda RBX: 00007f7adc903f60 RCX: 00007f7adc775bd9 [ 158.328160][ T7891] RDX: 04000000000003b4 RSI: 00000000200037c0 RDI: 0000000000000004 [ 158.336569][ T7891] RBP: 00007f7add6210a0 R08: 0000000020003700 R09: 0000000000000000 [ 158.344572][ T7891] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 158.352561][ T7891] R13: 000000000000000b R14: 00007f7adc903f60 R15: 00007ffea49ee388 [ 158.360581][ T7891] [ 158.455856][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 158.574690][ T7895] __nla_validate_parse: 13 callbacks suppressed [ 158.574712][ T7895] netlink: 4 bytes leftover after parsing attributes in process `syz.0.907'. [ 158.649740][ T7899] netlink: 16 bytes leftover after parsing attributes in process `syz.1.909'. [ 158.671182][ T7899] netlink: 96 bytes leftover after parsing attributes in process `syz.1.909'. [ 158.692445][ T7900] netlink: 32 bytes leftover after parsing attributes in process `syz.0.907'. [ 158.717398][ T7895] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 158.724836][ T7895] IPv6: NLM_F_CREATE should be set when creating new route [ 158.855547][ T5313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 159.922705][ T7921] netlink: 32 bytes leftover after parsing attributes in process `syz.4.914'. [ 159.972450][ T7932] netlink: 12 bytes leftover after parsing attributes in process `syz.1.916'. [ 160.052963][ T7921] netlink: 32 bytes leftover after parsing attributes in process `syz.4.914'. [ 160.145790][ T7932] netlink: 8 bytes leftover after parsing attributes in process `syz.1.916'. [ 160.240398][ T7942] netlink: 16 bytes leftover after parsing attributes in process `syz.4.921'. [ 160.257011][ T7942] netlink: 96 bytes leftover after parsing attributes in process `syz.4.921'. [ 160.535568][ T5142] net_ratelimit: 4 callbacks suppressed [ 160.535596][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 160.855909][ T5143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 160.935969][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 161.033186][ T784] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 161.577444][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 161.981427][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 162.618997][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 162.875277][ T784] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 163.015349][ T5313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 163.655596][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 163.746675][ T7997] __nla_validate_parse: 7 callbacks suppressed [ 163.746695][ T7997] netlink: 12 bytes leftover after parsing attributes in process `syz.3.938'. [ 163.916216][ T7997] netlink: 8 bytes leftover after parsing attributes in process `syz.3.938'. [ 164.079695][ T8003] netlink: 20 bytes leftover after parsing attributes in process `syz.2.940'. [ 164.942840][ T8013] netlink: 8 bytes leftover after parsing attributes in process `syz.2.943'. [ 165.036627][ T8016] netlink: 20 bytes leftover after parsing attributes in process `syz.3.942'. [ 165.311309][ T8020] netlink: 32 bytes leftover after parsing attributes in process `syz.2.944'. [ 165.695201][ T8024] netlink: 16 bytes leftover after parsing attributes in process `syz.2.946'. [ 165.714617][ T8024] netlink: 96 bytes leftover after parsing attributes in process `syz.2.946'. [ 165.737038][ T5142] net_ratelimit: 8 callbacks suppressed [ 165.737058][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 166.107626][ T5143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 166.135985][ T5313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 166.775376][ T5313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 166.802694][ T8042] netlink: 12 bytes leftover after parsing attributes in process `syz.3.951'. [ 166.877408][ T8043] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 166.886308][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 166.960317][ T8042] netlink: 8 bytes leftover after parsing attributes in process `syz.3.951'. [ 167.098725][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 167.175425][ T5313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 167.715489][ T8045] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 167.724010][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 168.894041][ T8055] __nla_validate_parse: 1 callbacks suppressed [ 168.894071][ T8055] netlink: 8 bytes leftover after parsing attributes in process `syz.3.955'. [ 169.267750][ T8058] netlink: 32 bytes leftover after parsing attributes in process `syz.2.956'. [ 169.468971][ T8063] netlink: 16 bytes leftover after parsing attributes in process `syz.4.959'. [ 169.515114][ T8063] netlink: 96 bytes leftover after parsing attributes in process `syz.4.959'. [ 169.602674][ T8068] netlink: 20 bytes leftover after parsing attributes in process `syz.2.958'. [ 169.789460][ T8075] netlink: 12 bytes leftover after parsing attributes in process `syz.4.962'. [ 169.899839][ T8075] netlink: 8 bytes leftover after parsing attributes in process `syz.4.962'. [ 170.617713][ T8088] netlink: 20 bytes leftover after parsing attributes in process `syz.1.966'. [ 170.665299][ T8090] netlink: 8 bytes leftover after parsing attributes in process `syz.3.967'. [ 170.744669][ T8094] netlink: 32 bytes leftover after parsing attributes in process `syz.4.968'. [ 170.935352][ T5142] net_ratelimit: 12 callbacks suppressed [ 170.935373][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 171.335937][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 171.980820][ T5313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 172.221122][ T784] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 172.386071][ T5313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 173.015780][ T5313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 173.175322][ T5146] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 173.415728][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 174.055534][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 174.458571][ T5313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 175.415696][ T8154] __nla_validate_parse: 8 callbacks suppressed [ 175.415720][ T8154] netlink: 8 bytes leftover after parsing attributes in process `syz.0.990'. [ 175.738137][ T8157] netlink: 32 bytes leftover after parsing attributes in process `syz.0.991'. [ 175.966039][ T8161] netlink: 8 bytes leftover after parsing attributes in process `syz.0.993'. [ 175.989443][ T8162] netlink: 12 bytes leftover after parsing attributes in process `syz.2.992'. [ 176.136194][ T25] net_ratelimit: 3 callbacks suppressed [ 176.136214][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 176.188561][ T8165] netlink: 8 bytes leftover after parsing attributes in process `syz.2.992'. [ 176.217394][ T5146] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 176.537220][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 177.005765][ T8176] netlink: 16 bytes leftover after parsing attributes in process `syz.2.998'. [ 177.035095][ T8176] netlink: 96 bytes leftover after parsing attributes in process `syz.2.998'. [ 177.178881][ T5313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 177.420071][ T8180] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1000'. [ 177.460369][ T8180] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1000'. [ 177.493838][ T8180] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1000'. [ 177.575764][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 178.235314][ T2527] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 178.298952][ T784] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 178.312791][ T8201] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 178.335474][ T8201] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 178.355420][ T8201] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 180.687250][ T8245] __nla_validate_parse: 33 callbacks suppressed [ 180.687274][ T8245] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1022'. [ 180.725174][ T8245] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1022'. [ 181.335504][ T2527] net_ratelimit: 18 callbacks suppressed [ 181.335523][ T2527] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 181.336215][ T784] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 181.738259][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 181.796375][ T8273] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1033'. [ 182.075151][ T8278] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1034'. [ 182.256027][ T8281] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 182.287268][ T8281] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 182.305417][ T5143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 182.375784][ T5313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 182.386185][ T8281] netlink: 'syz.4.1036': attribute type 1 has an invalid length. [ 182.409730][ T8281] netlink: 'syz.4.1036': attribute type 2 has an invalid length. [ 182.467152][ T8283] macvlan0: entered promiscuous mode [ 182.776265][ T5313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 183.415307][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 183.822059][ T5313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 184.787398][ T8279] macvlan0: left promiscuous mode [ 185.064208][ T8300] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1039'. [ 185.212161][ T8306] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1044'. [ 185.531669][ T8322] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1047'. [ 185.673494][ T8322] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1047'. [ 186.535889][ T25] net_ratelimit: 11 callbacks suppressed [ 186.535917][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 186.619064][ T5095] Bluetooth: hci2: command 0x0406 tx timeout [ 186.625521][ T5101] Bluetooth: hci3: command 0x0406 tx timeout [ 186.629699][ T5108] Bluetooth: hci1: command 0x0406 tx timeout [ 186.631742][ T4491] Bluetooth: hci0: command 0x0406 tx timeout [ 186.900764][ T8343] bridge0: entered allmulticast mode [ 186.940172][ T5313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 187.118162][ T8351] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1057'. [ 187.228243][ T8353] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 187.236827][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 187.417334][ T5143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 187.576434][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 187.978506][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 188.376578][ T5146] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 188.621439][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 189.017001][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 189.183976][ T8381] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1069'. [ 191.744702][ T5313] net_ratelimit: 15 callbacks suppressed [ 191.744722][ T5313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 192.142828][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 192.476937][ T8459] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0xf [ 192.688634][ T8466] netlink: 'syz.1.1100': attribute type 2 has an invalid length. [ 192.705490][ T784] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 192.775620][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 192.855272][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 193.180305][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 193.218321][ T8484] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1109'. [ 193.219466][ T8485] dccp_invalid_packet: P.Data Offset(0) too small [ 193.261995][ T8484] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1109'. [ 193.434421][ T8492] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0xf [ 193.608167][ T8501] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1114'. [ 193.713626][ T8503] netlink: 'syz.4.1115': attribute type 2 has an invalid length. [ 193.753818][ T8505] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 193.761263][ T8505] IPv6: NLM_F_CREATE should be set when creating new route [ 193.815679][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 194.355945][ T8534] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1123'. [ 194.395672][ T8534] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1123'. [ 194.606677][ T8541] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1128'. [ 194.700369][ T8545] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 194.707732][ T8545] IPv6: NLM_F_CREATE should be set when creating new route [ 194.797013][ T1246] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.803554][ T1246] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.155808][ T8564] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1139'. [ 195.165394][ T8564] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1139'. [ 196.191137][ T8598] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1153'. [ 196.222963][ T8598] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1153'. [ 196.592499][ T8611] netlink: 'syz.1.1160': attribute type 2 has an invalid length. [ 196.937315][ T5142] net_ratelimit: 55 callbacks suppressed [ 196.937341][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 197.335924][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 197.512805][ T784] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 197.886873][ T8648] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 197.932137][ T8648] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 197.962858][ T8648] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 197.981206][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 198.009714][ T8647] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 198.045359][ T8647] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 198.230193][ T8659] FAULT_INJECTION: forcing a failure. [ 198.230193][ T8659] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 198.264059][ T8659] CPU: 0 PID: 8659 Comm: syz.2.1177 Not tainted 6.10.0-rc6-syzkaller-00170-g0913ec336a6c #0 [ 198.274320][ T8659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 198.284403][ T8659] Call Trace: [ 198.287703][ T8659] [ 198.290647][ T8659] dump_stack_lvl+0x241/0x360 [ 198.295384][ T8659] ? __pfx_dump_stack_lvl+0x10/0x10 [ 198.300661][ T8659] ? __pfx__printk+0x10/0x10 [ 198.305453][ T8659] ? __pfx_lock_release+0x10/0x10 [ 198.310587][ T8659] should_fail_ex+0x3b0/0x4e0 [ 198.315297][ T8659] _copy_from_user+0x2f/0xe0 [ 198.319909][ T8659] copy_msghdr_from_user+0xae/0x680 [ 198.325143][ T8659] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 198.330999][ T8659] __sys_sendmsg+0x23d/0x3a0 [ 198.335759][ T8659] ? __pfx___sys_sendmsg+0x10/0x10 [ 198.340983][ T8659] ? vfs_write+0x7c4/0xc90 [ 198.345440][ T8659] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 198.351777][ T8659] ? do_syscall_64+0x100/0x230 [ 198.356548][ T8659] ? do_syscall_64+0xb6/0x230 [ 198.361222][ T8659] do_syscall_64+0xf3/0x230 [ 198.366161][ T8659] ? clear_bhb_loop+0x35/0x90 [ 198.370909][ T8659] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 198.377615][ T8659] RIP: 0033:0x7f6657d75bd9 [ 198.382141][ T8659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 198.401783][ T8659] RSP: 002b:00007f6658bd6048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 198.410211][ T8659] RAX: ffffffffffffffda RBX: 00007f6657f03f60 RCX: 00007f6657d75bd9 [ 198.418179][ T8659] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000003 [ 198.426158][ T8659] RBP: 00007f6658bd60a0 R08: 0000000000000000 R09: 0000000000000000 [ 198.434131][ T8659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 198.442104][ T8659] R13: 000000000000000b R14: 00007f6657f03f60 R15: 00007ffe253961e8 [ 198.450444][ T8659] [ 198.459417][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 198.747135][ T8672] __nla_validate_parse: 2 callbacks suppressed [ 198.747159][ T8672] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1180'. [ 198.776546][ T8672] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1180'. [ 200.108170][ T8707] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1191'. [ 200.194871][ T8708] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1192'. [ 200.272659][ T8711] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 200.280011][ T8711] IPv6: NLM_F_CREATE should be set when creating new route [ 200.326317][ T8712] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1191'. [ 200.445509][ T8718] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1194'. [ 200.454525][ T8718] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1194'. [ 200.571722][ T8724] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1196'. [ 200.925561][ T8736] sctp: [Deprecated]: syz.0.1200 (pid 8736) Use of struct sctp_assoc_value in delayed_ack socket option. [ 200.925561][ T8736] Use struct sctp_sack_info instead [ 201.004438][ T8740] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1199'. [ 201.510918][ T8756] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1205'. [ 201.563280][ T8756] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 201.570615][ T8756] IPv6: NLM_F_CREATE should be set when creating new route [ 202.215467][ T5142] net_ratelimit: 26 callbacks suppressed [ 202.215488][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 202.376448][ T8785] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 202.399178][ T8785] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 202.417659][ T8785] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 202.470135][ T8783] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 202.489612][ T8783] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 202.615537][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 202.645568][ T8793] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 202.652862][ T8793] IPv6: NLM_F_CREATE should be set when creating new route [ 202.847484][ T8802] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 202.856717][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 202.877667][ T8802] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 203.627750][ C0] Unknown status report in ack skb [ 203.798041][ T8827] delete_channel: no stack [ 204.104381][ T8854] __nla_validate_parse: 7 callbacks suppressed [ 204.104400][ T8854] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1232'. [ 204.256947][ T8854] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1232'. [ 205.155347][ T8876] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1237'. [ 205.244046][ T8879] netlink: 128 bytes leftover after parsing attributes in process `syz.2.1238'. [ 205.738455][ T8887] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1241'. [ 205.796611][ T8888] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 205.804108][ T8888] IPv6: NLM_F_CREATE should be set when creating new route [ 206.691024][ T8916] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1252'. [ 206.780203][ T8916] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 206.787565][ T8916] IPv6: NLM_F_CREATE should be set when creating new route [ 206.839483][ T8920] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1253'. [ 207.415168][ T5313] net_ratelimit: 38 callbacks suppressed [ 207.415190][ T5313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 207.816682][ T5313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 208.235017][ T8946] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1264'. [ 208.274377][ T8948] FAULT_INJECTION: forcing a failure. [ 208.274377][ T8948] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 208.304056][ T8949] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 208.311396][ T8949] IPv6: NLM_F_CREATE should be set when creating new route [ 208.315059][ T8948] CPU: 0 PID: 8948 Comm: syz.0.1265 Not tainted 6.10.0-rc6-syzkaller-00170-g0913ec336a6c #0 [ 208.328846][ T8948] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 208.338924][ T8948] Call Trace: [ 208.342303][ T8948] [ 208.345556][ T8948] dump_stack_lvl+0x241/0x360 [ 208.350268][ T8948] ? __pfx_dump_stack_lvl+0x10/0x10 [ 208.355507][ T8948] ? __pfx__printk+0x10/0x10 [ 208.360138][ T8948] ? __pfx_lock_release+0x10/0x10 [ 208.365205][ T8948] ? vfs_write+0x7c4/0xc90 [ 208.369669][ T8948] should_fail_ex+0x3b0/0x4e0 [ 208.374483][ T8948] _copy_from_user+0x2f/0xe0 [ 208.379114][ T8948] get_timespec64+0x97/0x280 [ 208.383824][ T8948] ? __pfx_get_timespec64+0x10/0x10 [ 208.389055][ T8948] __x64_sys_recvmmsg+0x140/0x250 [ 208.394106][ T8948] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 208.399677][ T8948] ? do_syscall_64+0x100/0x230 [ 208.404557][ T8948] ? do_syscall_64+0xb6/0x230 [ 208.409359][ T8948] do_syscall_64+0xf3/0x230 [ 208.413985][ T8948] ? clear_bhb_loop+0x35/0x90 [ 208.418702][ T8948] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 208.424622][ T8948] RIP: 0033:0x7f7adc775bd9 [ 208.429073][ T8948] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 208.448796][ T8948] RSP: 002b:00007f7add621048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 208.455246][ T5313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 208.457312][ T8948] RAX: ffffffffffffffda RBX: 00007f7adc903f60 RCX: 00007f7adc775bd9 [ 208.457331][ T8948] RDX: 04000000000003b4 RSI: 00000000200037c0 RDI: 0000000000000003 [ 208.457343][ T8948] RBP: 00007f7add6210a0 R08: 0000000020003700 R09: 0000000000000000 [ 208.457355][ T8948] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 208.497486][ T8948] R13: 000000000000000b R14: 00007f7adc903f60 R15: 00007ffea49ee388 [ 208.505498][ T8948] [ 208.582031][ T8954] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 208.600257][ T8954] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 208.622539][ T8954] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 208.679447][ T8960] wg2: entered promiscuous mode [ 208.679983][ T8954] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 208.693342][ T61] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 208.699019][ T8960] wg2: entered allmulticast mode [ 208.710343][ T5146] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 208.718968][ T2860] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 208.872234][ T8966] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1269'. [ 209.660062][ T8986] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1277'. [ 209.738595][ T8986] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 209.746058][ T8986] IPv6: NLM_F_CREATE should be set when creating new route [ 209.879752][ T8992] FAULT_INJECTION: forcing a failure. [ 209.879752][ T8992] name failslab, interval 1, probability 0, space 0, times 0 [ 209.894196][ T8992] CPU: 0 PID: 8992 Comm: syz.0.1279 Not tainted 6.10.0-rc6-syzkaller-00170-g0913ec336a6c #0 [ 209.904314][ T8992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 209.914516][ T8992] Call Trace: [ 209.917825][ T8992] [ 209.920786][ T8992] dump_stack_lvl+0x241/0x360 [ 209.925511][ T8992] ? __pfx_dump_stack_lvl+0x10/0x10 [ 209.930760][ T8992] ? __pfx__printk+0x10/0x10 [ 209.935497][ T8992] should_fail_ex+0x3b0/0x4e0 [ 209.940228][ T8992] ? fib6_info_alloc+0x2e/0xf0 [ 209.945130][ T8992] should_failslab+0x9/0x20 [ 209.949765][ T8992] __kmalloc_noprof+0xd8/0x400 [ 209.954571][ T8992] fib6_info_alloc+0x2e/0xf0 [ 209.959189][ T8992] ip6_route_info_create+0x445/0x12b0 [ 209.964601][ T8992] ? security_capable+0x90/0xb0 [ 209.969527][ T8992] ip6_route_add+0x28/0x160 [ 209.974162][ T8992] ipv6_route_ioctl+0x588/0x870 [ 209.979045][ T8992] ? __pfx_ipv6_route_ioctl+0x10/0x10 [ 209.982882][ T8994] netlink: 'syz.2.1280': attribute type 1 has an invalid length. [ 209.984524][ T8992] ? __might_fault+0xc6/0x120 [ 209.984563][ T8992] inet6_ioctl+0x21a/0x280 [ 210.001468][ T8992] ? __pfx_inet6_ioctl+0x10/0x10 [ 210.005315][ T8994] netlink: 168 bytes leftover after parsing attributes in process `syz.2.1280'. [ 210.006521][ T8992] sock_do_ioctl+0x158/0x460 [ 210.020220][ T8992] ? __pfx_sock_do_ioctl+0x10/0x10 [ 210.025475][ T8992] sock_ioctl+0x629/0x8e0 [ 210.029835][ T8992] ? __pfx_sock_ioctl+0x10/0x10 [ 210.030963][ T8994] netlink: 'syz.2.1280': attribute type 1 has an invalid length. [ 210.034690][ T8992] ? __fget_files+0x29/0x470 [ 210.034722][ T8992] ? __fget_files+0x3f6/0x470 [ 210.051838][ T8992] ? __fget_files+0x29/0x470 [ 210.056459][ T8992] ? bpf_lsm_file_ioctl+0x9/0x10 [ 210.061420][ T8992] ? security_file_ioctl+0x87/0xb0 [ 210.066550][ T8992] ? __pfx_sock_ioctl+0x10/0x10 [ 210.071432][ T8992] __se_sys_ioctl+0xfc/0x170 [ 210.076047][ T8992] do_syscall_64+0xf3/0x230 [ 210.078081][ T8994] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1280'. [ 210.080553][ T8992] ? clear_bhb_loop+0x35/0x90 [ 210.080586][ T8992] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 210.100339][ T8992] RIP: 0033:0x7f7adc775bd9 [ 210.104787][ T8992] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 210.124419][ T8992] RSP: 002b:00007f7add621048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 210.133037][ T8992] RAX: ffffffffffffffda RBX: 00007f7adc903f60 RCX: 00007f7adc775bd9 [ 210.141122][ T8992] RDX: 0000000020000140 RSI: 000000000000890b RDI: 0000000000000004 [ 210.149127][ T8992] RBP: 00007f7add6210a0 R08: 0000000000000000 R09: 0000000000000000 [ 210.157117][ T8992] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 210.165107][ T8992] R13: 000000000000000b R14: 00007f7adc903f60 R15: 00007ffea49ee388 [ 210.173118][ T8992] [ 210.914281][ T9023] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1288'. [ 211.055284][ T9027] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1289'. [ 211.118510][ T9023] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 211.118947][ T5099] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 211.125842][ T9023] IPv6: NLM_F_CREATE should be set when creating new route [ 211.157144][ T5099] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 211.168222][ T5099] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 211.196084][ T5099] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 211.211405][ T5099] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 211.221198][ T5099] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 211.250562][ T9034] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1290'. [ 211.308506][ T5105] syz-executor (5105) used greatest stack depth: 18448 bytes left [ 211.373432][ T9035] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 211.380979][ T9035] IPv6: NLM_F_CREATE should be set when creating new route [ 211.520895][ T2860] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 211.562690][ T2860] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 211.727960][ T2860] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 211.771182][ T2860] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 213.015324][ T25] net_ratelimit: 20 callbacks suppressed [ 213.015349][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 213.249174][ T2860] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 213.291329][ T2860] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 213.345360][ T53] Bluetooth: hci4: command tx timeout [ 213.471465][ T9048] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1295'. [ 213.520443][ T9048] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1295'. [ 213.546459][ T9048] (unnamed net_device) (uninitialized): option lacp_active: mode dependency failed, not supported in mode balance-rr(0) [ 213.569077][ T9053] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 213.578970][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 213.609107][ T2860] netdevsim netdevsim3 netdevsim0: left allmulticast mode [ 213.636052][ T2860] netdevsim netdevsim3 netdevsim0: left promiscuous mode [ 213.721786][ T2860] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 213.746306][ T2860] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 213.781898][ T9052] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1296'. [ 213.816532][ T2802] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 213.825778][ T5313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 213.854263][ T9048] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1295'. [ 213.863816][ T5143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 214.055548][ T2527] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 214.202098][ T2860] bridge_slave_1: left allmulticast mode [ 214.222743][ T2860] bridge_slave_1: left promiscuous mode [ 214.244738][ T2860] bridge0: port 2(bridge_slave_1) entered disabled state [ 214.367607][ T2860] bridge_slave_0: left allmulticast mode [ 214.373318][ T2860] bridge_slave_0: left promiscuous mode [ 214.430164][ T2860] bridge0: port 1(bridge_slave_0) entered disabled state [ 214.616068][ T2802] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 214.626803][ T2527] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 214.637714][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 215.230282][ T2860] bond1 (unregistering): (slave ip6gretap1): Releasing backup interface [ 215.273614][ T2860] ip6gretap1 (unregistering): left promiscuous mode [ 215.285564][ T2860] ip6gretap1 (unregistering): left allmulticast mode [ 215.415402][ T5099] Bluetooth: hci4: command tx timeout [ 215.463980][ T2860] erspan0 (unregistering): left promiscuous mode [ 215.608279][ T2860] bridge0 (unregistering): left allmulticast mode [ 215.777015][ T2860] team0: Port device bridge3 removed [ 216.558649][ T2860] team0: Port device bridge15 removed [ 216.577769][ T9093] __nla_validate_parse: 1 callbacks suppressed [ 216.577790][ T9093] netlink: 83992 bytes leftover after parsing attributes in process `syz.1.1302'. [ 217.457386][ T2860] bond0 (unregistering): left promiscuous mode [ 217.463710][ T2860] bond_slave_0: left promiscuous mode [ 217.470610][ T2860] bond_slave_1: left promiscuous mode [ 217.495882][ T5099] Bluetooth: hci4: command tx timeout [ 217.521198][ T2860] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 217.539890][ T2860] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 217.552253][ T2860] bond0 (unregistering): Released all slaves [ 217.717782][ T2860] bond1 (unregistering): Released all slaves [ 217.732581][ T9028] chnl_net:caif_netlink_parms(): no params data found [ 217.761761][ T9067] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1299'. [ 217.834625][ T9069] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 217.841964][ T9069] IPv6: NLM_F_CREATE should be set when creating new route [ 217.860396][ T9073] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1300'. [ 217.893783][ T9075] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 217.901183][ T9075] IPv6: NLM_F_CREATE should be set when creating new route [ 218.192451][ T9110] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1308'. [ 218.220892][ T25] net_ratelimit: 5 callbacks suppressed [ 218.220910][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 218.316781][ T9115] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1311'. [ 218.335528][ T9110] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1308'. [ 218.690461][ T9136] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1315'. [ 218.728466][ T2860] hsr_slave_0: left promiscuous mode [ 218.734727][ T2860] hsr_slave_1: left promiscuous mode [ 218.746949][ T9137] netlink: 83992 bytes leftover after parsing attributes in process `syz.0.1313'. [ 218.756801][ T2860] batman_adv: batadv0: Removing interface: team0 [ 218.771257][ T2860] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 218.803728][ T2860] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 218.829123][ T2860] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 218.837295][ T2860] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 218.902414][ T2860] veth0_macvtap: left promiscuous mode [ 218.939606][ T2860] veth1_vlan: left promiscuous mode [ 218.968863][ T2860] veth0_vlan: left promiscuous mode [ 219.106774][ T2918] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 219.116317][ T5146] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 219.129142][ T784] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 219.255263][ T2527] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 219.556375][ T9164] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 219.575222][ T5099] Bluetooth: hci4: command tx timeout [ 219.620885][ T9164] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 219.677262][ T9164] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 219.728388][ T9162] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 219.752273][ T9162] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 219.903057][ T9176] netlink: 'syz.1.1324': attribute type 29 has an invalid length. [ 220.261786][ T2860] team0 (unregistering): Port device team_slave_1 removed [ 220.310693][ T2860] team0 (unregistering): Port device team_slave_0 removed [ 220.713641][ T9028] bridge0: port 1(bridge_slave_0) entered blocking state [ 220.721392][ T9028] bridge0: port 1(bridge_slave_0) entered disabled state [ 220.729670][ T9028] bridge_slave_0: entered allmulticast mode [ 220.738650][ T9028] bridge_slave_0: entered promiscuous mode [ 220.752271][ T9028] bridge0: port 2(bridge_slave_1) entered blocking state [ 220.767668][ T9028] bridge0: port 2(bridge_slave_1) entered disabled state [ 220.780237][ T9028] bridge_slave_1: entered allmulticast mode [ 220.788191][ T9028] bridge_slave_1: entered promiscuous mode [ 220.795250][ T9160] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1320'. [ 220.811260][ T9161] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 220.818678][ T9161] IPv6: NLM_F_CREATE should be set when creating new route [ 220.841711][ T9176] netlink: 'syz.1.1324': attribute type 29 has an invalid length. [ 220.996275][ T9185] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1327'. [ 221.128568][ T9028] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 221.159589][ T9028] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 221.356673][ T9028] team0: Port device team_slave_0 added [ 221.386967][ T9028] team0: Port device team_slave_1 added [ 221.529583][ T9028] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 221.554221][ T9028] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 221.616840][ T9028] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 221.630615][ T9028] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 221.639323][ T9028] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 221.719877][ T9028] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 221.851781][ T9223] __nla_validate_parse: 2 callbacks suppressed [ 221.851801][ T9223] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1335'. [ 222.052705][ T9028] hsr_slave_0: entered promiscuous mode [ 222.092253][ T9028] hsr_slave_1: entered promiscuous mode [ 222.129723][ T9028] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 222.159752][ T9028] Cannot create hsr debugfs directory [ 222.184334][ T9229] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 222.191751][ T9229] IPv6: NLM_F_CREATE should be set when creating new route [ 222.214549][ T9244] netlink: 83992 bytes leftover after parsing attributes in process `syz.4.1334'. [ 222.382282][ T9248] ieee802154 phy0 wpan0: encryption failed: -90 [ 222.704312][ T9259] bridge_slave_0: left allmulticast mode [ 222.725077][ T9259] bridge_slave_0: left promiscuous mode [ 222.748498][ T9259] bridge0: port 1(bridge_slave_0) entered disabled state [ 222.810741][ T9263] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1345'. [ 223.020056][ T9263] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1345'. [ 223.425214][ T5142] net_ratelimit: 9 callbacks suppressed [ 223.425236][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 223.439407][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 223.772999][ T9288] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1349'. [ 223.882848][ T9295] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 223.890228][ T9295] IPv6: NLM_F_CREATE should be set when creating new route [ 224.010116][ T9028] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 224.069751][ T9028] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 224.140707][ T9028] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 224.213836][ T9028] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 224.227827][ T2860] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 224.245855][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 224.259350][ T5146] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 224.362979][ T9316] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1358'. [ 224.455370][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 224.524829][ T9316] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1358'. [ 224.707114][ T9028] 8021q: adding VLAN 0 to HW filter on device bond0 [ 224.843321][ T9028] 8021q: adding VLAN 0 to HW filter on device team0 [ 224.884390][ T784] bridge0: port 1(bridge_slave_0) entered blocking state [ 224.891644][ T784] bridge0: port 1(bridge_slave_0) entered forwarding state [ 224.966855][ T5141] bridge0: port 2(bridge_slave_1) entered blocking state [ 224.975734][ T5141] bridge0: port 2(bridge_slave_1) entered forwarding state [ 225.159736][ T9028] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 225.363164][ T9352] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1364'. [ 225.431199][ T9356] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 225.438529][ T9356] IPv6: NLM_F_CREATE should be set when creating new route [ 225.500882][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 225.745489][ T9028] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 225.920116][ T9028] veth0_vlan: entered promiscuous mode [ 225.948786][ T9028] veth1_vlan: entered promiscuous mode [ 226.059362][ T9028] veth0_macvtap: entered promiscuous mode [ 226.099423][ T9028] veth1_macvtap: entered promiscuous mode [ 226.193539][ T9028] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 226.234740][ T9028] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.260350][ T9028] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 226.281247][ T9028] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.307529][ T9028] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 226.333245][ T9387] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1372'. [ 226.411497][ T9028] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 226.435513][ T9387] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 226.444526][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 226.455932][ T784] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 226.456036][ T9028] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.511056][ T9028] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 226.536372][ T9028] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.563649][ T9028] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 226.583235][ T9028] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.600838][ T9028] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 226.636185][ T9387] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1372'. [ 226.646047][ T9397] FAULT_INJECTION: forcing a failure. [ 226.646047][ T9397] name failslab, interval 1, probability 0, space 0, times 0 [ 226.661125][ T9397] CPU: 0 PID: 9397 Comm: syz.2.1374 Not tainted 6.10.0-rc6-syzkaller-00170-g0913ec336a6c #0 [ 226.671236][ T9397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 226.681322][ T9397] Call Trace: [ 226.684620][ T9397] [ 226.687576][ T9397] dump_stack_lvl+0x241/0x360 [ 226.692294][ T9397] ? __pfx_dump_stack_lvl+0x10/0x10 [ 226.697530][ T9397] ? __pfx__printk+0x10/0x10 [ 226.702157][ T9397] ? __mutex_unlock_slowpath+0x21d/0x750 [ 226.707831][ T9397] should_fail_ex+0x3b0/0x4e0 [ 226.712633][ T9397] ? __alloc_skb+0x1c3/0x440 [ 226.717336][ T9397] should_failslab+0x9/0x20 [ 226.721933][ T9397] kmem_cache_alloc_node_noprof+0x71/0x320 [ 226.728131][ T9397] ? nft_pernet+0x1ef/0x240 [ 226.732671][ T9397] __alloc_skb+0x1c3/0x440 [ 226.737128][ T9397] ? __pfx___alloc_skb+0x10/0x10 [ 226.742101][ T9397] ? netlink_ack_tlv_len+0x6e/0x200 [ 226.747340][ T9397] netlink_ack+0x13f/0xa30 [ 226.751965][ T9397] ? __pfx_nf_tables_abort+0x10/0x10 [ 226.757279][ T9397] ? nfnetlink_rcv+0x11b8/0x2a80 [ 226.762243][ T9397] ? nfnetlink_rcv+0x1219/0x2a80 [ 226.767214][ T9397] nfnetlink_rcv+0x24f9/0x2a80 [ 226.772014][ T9397] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 226.778491][ T9397] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 226.783652][ T9397] ? __dev_queue_xmit+0x2d2/0x3d30 [ 226.789257][ T9397] ? netlink_deliver_tap+0x2e/0x1b0 [ 226.789621][ T9028] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.794632][ T9397] ? skb_clone+0x240/0x390 [ 226.794660][ T9397] ? __pfx_lock_release+0x10/0x10 [ 226.794691][ T9397] ? netlink_deliver_tap+0x2e/0x1b0 [ 226.794716][ T9397] netlink_unicast+0x7ea/0x980 [ 226.794747][ T9397] ? __pfx_netlink_unicast+0x10/0x10 [ 226.794766][ T9397] ? __virt_addr_valid+0x183/0x520 [ 226.794803][ T9397] ? __check_object_size+0x49c/0x900 [ 226.794830][ T9397] ? bpf_lsm_netlink_send+0x9/0x10 [ 226.794859][ T9397] netlink_sendmsg+0x8db/0xcb0 [ 226.794894][ T9397] ? __pfx_netlink_sendmsg+0x10/0x10 [ 226.794916][ T9397] ? __import_iovec+0x536/0x820 [ 226.794933][ T9397] ? aa_sock_msg_perm+0x91/0x160 [ 226.794961][ T9397] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 226.794977][ T9397] ? security_socket_sendmsg+0x87/0xb0 [ 226.795001][ T9397] ? __pfx_netlink_sendmsg+0x10/0x10 [ 226.795023][ T9397] __sock_sendmsg+0x221/0x270 [ 226.795052][ T9397] ____sys_sendmsg+0x525/0x7d0 [ 226.795082][ T9397] ? __pfx_____sys_sendmsg+0x10/0x10 [ 226.795122][ T9397] __sys_sendmsg+0x2b0/0x3a0 [ 226.795147][ T9397] ? __pfx___sys_sendmsg+0x10/0x10 [ 226.795168][ T9397] ? vfs_write+0x7c4/0xc90 [ 226.795230][ T9397] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 226.795253][ T9397] ? do_syscall_64+0x100/0x230 [ 226.795281][ T9397] ? do_syscall_64+0xb6/0x230 [ 226.795307][ T9397] do_syscall_64+0xf3/0x230 [ 226.795332][ T9397] ? clear_bhb_loop+0x35/0x90 [ 226.795359][ T9397] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 226.809223][ T9028] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.813793][ T9397] RIP: 0033:0x7f6657d75bd9 [ 226.835071][ T9028] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.839821][ T9397] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 226.850354][ T9028] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.854941][ T9397] RSP: 002b:00007f6658bd6048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 226.854966][ T9397] RAX: ffffffffffffffda RBX: 00007f6657f03f60 RCX: 00007f6657d75bd9 [ 226.854979][ T9397] RDX: 0000000000000000 RSI: 0000000020000380 RDI: 0000000000000003 [ 226.854990][ T9397] RBP: 00007f6658bd60a0 R08: 0000000000000000 R09: 0000000000000000 [ 226.855001][ T9397] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 226.855012][ T9397] R13: 000000000000000b R14: 00007f6657f03f60 R15: 00007ffe253961e8 [ 226.855039][ T9397] [ 227.299204][ T9417] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1379'. [ 227.473137][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 227.488051][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 227.586914][ T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 227.594825][ T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 227.690491][ T9436] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1383'. [ 227.957745][ T9436] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1383'. [ 228.044168][ T9453] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1389'. [ 228.102779][ T9457] FAULT_INJECTION: forcing a failure. [ 228.102779][ T9457] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 228.103039][ T9455] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1387'. [ 228.185786][ T9457] CPU: 1 PID: 9457 Comm: syz.4.1389 Not tainted 6.10.0-rc6-syzkaller-00170-g0913ec336a6c #0 [ 228.195916][ T9457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 228.206002][ T9457] Call Trace: [ 228.209308][ T9457] [ 228.212256][ T9457] dump_stack_lvl+0x241/0x360 [ 228.216970][ T9457] ? __pfx_dump_stack_lvl+0x10/0x10 [ 228.222202][ T9457] ? __pfx__printk+0x10/0x10 [ 228.226827][ T9457] ? __pfx_lock_release+0x10/0x10 [ 228.231889][ T9457] should_fail_ex+0x3b0/0x4e0 [ 228.236606][ T9457] _copy_from_user+0x2f/0xe0 [ 228.241228][ T9457] copy_msghdr_from_user+0xae/0x680 [ 228.246475][ T9457] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 228.252360][ T9457] __sys_sendmsg+0x23d/0x3a0 [ 228.257073][ T9457] ? __pfx___sys_sendmsg+0x10/0x10 [ 228.262306][ T9457] ? vfs_write+0x7c4/0xc90 [ 228.266786][ T9457] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 228.273144][ T9457] ? do_syscall_64+0x100/0x230 [ 228.278035][ T9457] ? do_syscall_64+0xb6/0x230 [ 228.282780][ T9457] do_syscall_64+0xf3/0x230 [ 228.287316][ T9457] ? clear_bhb_loop+0x35/0x90 [ 228.292022][ T9457] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 228.297947][ T9457] RIP: 0033:0x7f68b0575bd9 [ 228.302384][ T9457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 228.322192][ T9457] RSP: 002b:00007f68b139b048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 228.330815][ T9457] RAX: ffffffffffffffda RBX: 00007f68b0704038 RCX: 00007f68b0575bd9 [ 228.338904][ T9457] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000004 [ 228.346995][ T9457] RBP: 00007f68b139b0a0 R08: 0000000000000000 R09: 0000000000000000 [ 228.355093][ T9457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 228.363091][ T9457] R13: 000000000000006e R14: 00007f68b0704038 R15: 00007fff921ed718 [ 228.371108][ T9457] [ 228.391237][ T9455] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1387'. [ 228.453760][ T9455] vlan0: entered promiscuous mode [ 228.476018][ T9455] bridge32: entered promiscuous mode [ 228.500703][ T9455] vlan0: entered allmulticast mode [ 228.525204][ T9455] bridge32: entered allmulticast mode [ 228.580815][ T9475] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1392'. [ 228.589904][ T9473] ip6tnl1: entered promiscuous mode [ 228.598718][ T9473] ip6tnl1: entered allmulticast mode [ 228.615471][ T25] net_ratelimit: 2 callbacks suppressed [ 228.615491][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 229.067033][ T9506] warning: `syz.0.1399' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 229.175571][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 229.184291][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 229.213135][ T9510] xt_l2tp: invalid flags combination: 0 [ 229.243120][ T9513] FAULT_INJECTION: forcing a failure. [ 229.243120][ T9513] name failslab, interval 1, probability 0, space 0, times 0 [ 229.288375][ T9513] CPU: 1 PID: 9513 Comm: syz.1.1403 Not tainted 6.10.0-rc6-syzkaller-00170-g0913ec336a6c #0 [ 229.298504][ T9513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 229.308693][ T9513] Call Trace: [ 229.311998][ T9513] [ 229.314949][ T9513] dump_stack_lvl+0x241/0x360 [ 229.319754][ T9513] ? __pfx_dump_stack_lvl+0x10/0x10 [ 229.325164][ T9513] ? __pfx__printk+0x10/0x10 [ 229.329878][ T9513] ? __pfx___might_resched+0x10/0x10 [ 229.335207][ T9513] should_fail_ex+0x3b0/0x4e0 [ 229.340017][ T9513] ? tomoyo_realpath_from_path+0xcf/0x5e0 [ 229.345849][ T9513] should_failslab+0x9/0x20 [ 229.350385][ T9513] __kmalloc_noprof+0xd8/0x400 [ 229.355186][ T9513] ? kfree+0x4e/0x360 [ 229.359206][ T9513] tomoyo_realpath_from_path+0xcf/0x5e0 [ 229.364799][ T9513] tomoyo_path_number_perm+0x23a/0x880 [ 229.370296][ T9513] ? tomoyo_path_number_perm+0x208/0x880 [ 229.375961][ T9513] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 229.382015][ T9513] ? __fget_files+0x29/0x470 [ 229.386646][ T9513] ? __fget_files+0x3f6/0x470 [ 229.391452][ T9513] ? __fget_files+0x29/0x470 [ 229.396084][ T9513] security_file_ioctl+0x75/0xb0 [ 229.401059][ T9513] __se_sys_ioctl+0x47/0x170 [ 229.405686][ T9513] do_syscall_64+0xf3/0x230 [ 229.410219][ T9513] ? clear_bhb_loop+0x35/0x90 [ 229.414932][ T9513] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 229.420860][ T9513] RIP: 0033:0x7f2f50b75bd9 [ 229.425303][ T9513] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 229.445026][ T9513] RSP: 002b:00007f2f518e3048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 229.453481][ T9513] RAX: ffffffffffffffda RBX: 00007f2f50d03f60 RCX: 00007f2f50b75bd9 [ 229.461493][ T9513] RDX: 0000000020000000 RSI: 0000000040107446 RDI: 0000000000000003 [ 229.469517][ T9513] RBP: 00007f2f518e30a0 R08: 0000000000000000 R09: 0000000000000000 [ 229.477533][ T9513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 229.485550][ T9513] R13: 000000000000000b R14: 00007f2f50d03f60 R15: 00007ffdf30be408 [ 229.493714][ T9513] [ 229.499418][ T35] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 229.513141][ T9513] ERROR: Out of memory at tomoyo_realpath_from_path. [ 229.521305][ T5141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 229.612641][ T784] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 229.624265][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 229.655694][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 229.816777][ T9534] netlink: 'syz.2.1405': attribute type 33 has an invalid length. [ 229.849966][ T9537] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1406'. [ 229.859690][ T9534] netlink: 'syz.2.1405': attribute type 21 has an invalid length. [ 229.885258][ T9534] netlink: 'syz.2.1405': attribute type 4 has an invalid length. [ 230.244699][ T9562] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1411'. [ 230.461433][ T9570] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1411'. [ 230.696633][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 230.901844][ T9595] netlink: 'syz.3.1423': attribute type 72 has an invalid length. [ 231.119613][ T9606] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0x3 [ 231.264294][ T9614] FAULT_INJECTION: forcing a failure. [ 231.264294][ T9614] name failslab, interval 1, probability 0, space 0, times 0 [ 231.295605][ T9614] CPU: 0 PID: 9614 Comm: syz.2.1429 Not tainted 6.10.0-rc6-syzkaller-00170-g0913ec336a6c #0 [ 231.304966][ T9615] tipc: Started in network mode [ 231.305717][ T9614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 231.310587][ T9615] tipc: Node identity 22eb183f99d8, cluster identity 4711 [ 231.320622][ T9614] Call Trace: [ 231.320645][ T9614] [ 231.320655][ T9614] dump_stack_lvl+0x241/0x360 [ 231.320690][ T9614] ? __pfx_dump_stack_lvl+0x10/0x10 [ 231.320713][ T9614] ? __pfx__printk+0x10/0x10 [ 231.320748][ T9614] should_fail_ex+0x3b0/0x4e0 [ 231.320780][ T9614] ? sctp_add_bind_addr+0x89/0x3a0 [ 231.320804][ T9614] should_failslab+0x9/0x20 [ 231.320826][ T9614] kmalloc_trace_noprof+0x6c/0x2c0 [ 231.320856][ T9614] sctp_add_bind_addr+0x89/0x3a0 [ 231.320882][ T9614] sctp_copy_local_addr_list+0x311/0x500 [ 231.379557][ T9614] ? sctp_copy_local_addr_list+0xab/0x500 [ 231.383388][ T9615] tipc: Enabled bearer , priority 0 [ 231.385304][ T9614] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 231.385341][ T9614] ? sctp_v4_is_any+0x35/0x60 [ 231.385371][ T9614] sctp_bind_addr_copy+0xad/0x3b0 [ 231.385397][ T9614] ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190 [ 231.385424][ T9614] sctp_connect_new_asoc+0x2f3/0x6c0 [ 231.385449][ T9614] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 231.385473][ T9614] ? sctp_endpoint_lookup_assoc+0xc9/0x250 [ 231.385494][ T9614] __sctp_connect+0x66d/0xe30 [ 231.385522][ T9614] ? __pfx___sctp_connect+0x10/0x10 [ 231.385542][ T9614] ? __might_fault+0xc6/0x120 [ 231.446557][ T9614] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 231.452119][ T9614] ? security_sctp_bind_connect+0x90/0xb0 [ 231.457864][ T9614] sctp_getsockopt_connectx3+0x46f/0x730 [ 231.463512][ T9614] ? __local_bh_enable_ip+0x168/0x200 [ 231.468887][ T9614] ? __pfx_sctp_getsockopt_connectx3+0x10/0x10 [ 231.475049][ T9614] ? __local_bh_enable_ip+0x168/0x200 [ 231.480427][ T9614] ? sctp_getsockopt+0x13a/0xbb0 [ 231.485363][ T9614] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 231.491086][ T9614] sctp_getsockopt+0x8de/0xbb0 [ 231.495936][ T9614] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 231.501836][ T9614] do_sock_getsockopt+0x373/0x850 [ 231.506871][ T9614] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 231.512623][ T9614] ? __fget_files+0x3f6/0x470 [ 231.517350][ T9614] __sys_getsockopt+0x271/0x330 [ 231.522231][ T9614] ? __pfx___sys_getsockopt+0x10/0x10 [ 231.527611][ T9614] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 231.533958][ T9614] ? do_syscall_64+0x100/0x230 [ 231.538729][ T9614] __x64_sys_getsockopt+0xb5/0xd0 [ 231.543767][ T9614] do_syscall_64+0xf3/0x230 [ 231.548311][ T9614] ? clear_bhb_loop+0x35/0x90 [ 231.553085][ T9614] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 231.559053][ T9614] RIP: 0033:0x7f6657d75bd9 [ 231.563468][ T9614] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 231.583276][ T9614] RSP: 002b:00007f6658bd6048 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 231.591782][ T9614] RAX: ffffffffffffffda RBX: 00007f6657f03f60 RCX: 00007f6657d75bd9 [ 231.599775][ T9614] RDX: 000000000000006f RSI: 0000000000000084 RDI: 0000000000000003 [ 231.607775][ T9614] RBP: 00007f6658bd60a0 R08: 0000000020000100 R09: 0000000000000000 [ 231.615764][ T9614] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000002 [ 231.623737][ T9614] R13: 000000000000000b R14: 00007f6657f03f60 R15: 00007ffe253961e8 [ 231.631749][ T9614] [ 231.785431][ T9620] tipc: Resetting bearer [ 231.803545][ T9626] vcan0: tx drop: invalid da for name 0x0000000000000008 [ 231.870397][ T9615] netlink: 'syz.3.1426': attribute type 27 has an invalid length. [ 231.892389][ T9628] netlink: 'syz.2.1433': attribute type 33 has an invalid length. [ 231.970029][ T9634] netlink: 'syz.4.1436': attribute type 72 has an invalid length. [ 232.011553][ T9615] tipc: Resetting bearer [ 232.317784][ T25] tipc: Resetting bearer [ 232.343955][ T9605] tipc: Resetting bearer [ 232.497213][ T25] tipc: Node number set to 3140687935 [ 232.646133][ T9657] __nla_validate_parse: 6 callbacks suppressed [ 232.646152][ T9657] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1442'. [ 233.817825][ T25] net_ratelimit: 3 callbacks suppressed [ 233.817851][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 234.203737][ T9605] tipc: Disabling bearer [ 234.213200][ T9643] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1437'. [ 234.233200][ T9650] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1437'. [ 234.429534][ T9678] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 234.439263][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 234.454483][ T9679] netlink: 'syz.2.1451': attribute type 72 has an invalid length. [ 234.462747][ T9678] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 234.466826][ T9673] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 234.508471][ T9673] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 234.527614][ T9679] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1451'. [ 234.718171][ T9669] infiniband syz2: set down [ 234.765059][ T9669] infiniband syz2: added bond_slave_0 [ 234.793536][ T9669] syz2: rxe_create_cq: returned err = -12 [ 234.823254][ T9669] infiniband syz2: Couldn't create ib_mad CQ [ 234.847958][ T9669] infiniband syz2: Couldn't open port 1 [ 234.857819][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 235.039669][ T9669] RDS/IB: syz2: added [ 235.055507][ T9669] smc: adding ib device syz2 with port count 1 [ 235.096574][ T35] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 235.109454][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 235.118905][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 235.129672][ T9669] smc: ib device syz2 port 1 has pnetid [ 235.373884][ T9707] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1461'. [ 235.464610][ T9707] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1461'. [ 235.502851][ T9707] vlan2: entered promiscuous mode [ 235.529190][ T9707] netdevsim netdevsim3 netdevsim0: entered promiscuous mode [ 235.565289][ T9707] vlan2: entered allmulticast mode [ 235.592081][ T9707] netdevsim netdevsim3 netdevsim0: entered allmulticast mode [ 235.699057][ T53] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 235.711600][ T53] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 235.721297][ T53] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 235.738691][ T53] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 235.748156][ T53] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 235.757284][ T53] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 235.764040][ T9709] FAULT_INJECTION: forcing a failure. [ 235.764040][ T9709] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 235.809774][ T9709] CPU: 0 PID: 9709 Comm: syz.4.1463 Not tainted 6.10.0-rc6-syzkaller-00170-g0913ec336a6c #0 [ 235.819904][ T9709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 235.829981][ T9709] Call Trace: [ 235.833284][ T9709] [ 235.836236][ T9709] dump_stack_lvl+0x241/0x360 [ 235.840946][ T9709] ? __pfx_dump_stack_lvl+0x10/0x10 [ 235.846176][ T9709] ? __pfx__printk+0x10/0x10 [ 235.850793][ T9709] ? __pfx_lock_release+0x10/0x10 [ 235.855845][ T9709] should_fail_ex+0x3b0/0x4e0 [ 235.860555][ T9709] _copy_from_user+0x2f/0xe0 [ 235.865161][ T9709] copy_msghdr_from_user+0xae/0x680 [ 235.870387][ T9709] ? __pfx___might_resched+0x10/0x10 [ 235.875702][ T9709] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 235.881545][ T9709] ? __might_fault+0xaa/0x120 [ 235.886259][ T9709] do_recvmmsg+0x40f/0xae0 [ 235.890712][ T9709] ? __pfx_lock_release+0x10/0x10 [ 235.895769][ T9709] ? __pfx_do_recvmmsg+0x10/0x10 [ 235.900754][ T9709] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 235.906677][ T9709] ? ksys_write+0x23e/0x2c0 [ 235.911209][ T9709] ? __pfx_lock_release+0x10/0x10 [ 235.916266][ T9709] ? vfs_write+0x7c4/0xc90 [ 235.920710][ T9709] ? __mutex_unlock_slowpath+0x21d/0x750 [ 235.926386][ T9709] ? __fget_files+0x3f6/0x470 [ 235.931099][ T9709] __x64_sys_recvmmsg+0x199/0x250 [ 235.936210][ T9709] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 235.941790][ T9709] ? do_syscall_64+0x100/0x230 [ 235.946592][ T9709] ? do_syscall_64+0xb6/0x230 [ 235.951299][ T9709] do_syscall_64+0xf3/0x230 [ 235.955829][ T9709] ? clear_bhb_loop+0x35/0x90 [ 235.960533][ T9709] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 235.966450][ T9709] RIP: 0033:0x7f68b0575bd9 [ 235.970889][ T9709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 235.990618][ T9709] RSP: 002b:00007f68b13bc048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 235.999039][ T9709] RAX: ffffffffffffffda RBX: 00007f68b0703f60 RCX: 00007f68b0575bd9 [ 236.007016][ T9709] RDX: 0000000000000f00 RSI: 0000000020000400 RDI: 0000000000000003 [ 236.015077][ T9709] RBP: 00007f68b13bc0a0 R08: 0000000000000000 R09: 0000000000000000 [ 236.023138][ T9709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 236.031108][ T9709] R13: 000000000000000b R14: 00007f68b0703f60 R15: 00007fff921ed718 [ 236.039092][ T9709] [ 236.201397][ T9714] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1465'. [ 236.358344][ T2860] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 236.399723][ T2860] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 236.664724][ T2860] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 236.700971][ T2860] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 236.799824][ T9730] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1470'. [ 236.876400][ T2860] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 236.899536][ T2860] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 236.948421][ T9730] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1470'. [ 237.012804][ T2860] netdevsim netdevsim2 netdevsim0: left allmulticast mode [ 237.030180][ T2860] netdevsim netdevsim2 netdevsim0: left promiscuous mode [ 237.122311][ T2860] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 237.132753][ T2860] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 237.156410][ T9742] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1474'. [ 237.392129][ T2860] bridge_slave_1: left allmulticast mode [ 237.415258][ T2860] bridge_slave_1: left promiscuous mode [ 237.421076][ T2860] bridge0: port 2(bridge_slave_1) entered disabled state [ 237.473376][ T2860] bridge_slave_0: left allmulticast mode [ 237.490580][ T2860] bridge_slave_0: left promiscuous mode [ 237.500971][ T2860] bridge0: port 1(bridge_slave_0) entered disabled state [ 237.815907][ T53] Bluetooth: hci3: command tx timeout [ 237.970311][ T2860] bridge32: left allmulticast mode [ 237.973491][ T9757] __nla_validate_parse: 2 callbacks suppressed [ 237.973511][ T9757] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1477'. [ 237.984994][ T2860] bridge32: left promiscuous mode [ 238.131690][ T2860] erspan0 (unregistering): left promiscuous mode [ 239.015403][ T5173] net_ratelimit: 9 callbacks suppressed [ 239.015424][ T5173] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 239.030228][ T2918] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 239.042590][ T5173] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 239.053701][ T5173] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 239.895118][ T53] Bluetooth: hci3: command tx timeout [ 240.067680][ T2860] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 240.076738][ T2860] bond_slave_0: left promiscuous mode [ 240.086061][ T2860] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 240.095776][ T2860] bond_slave_1: left promiscuous mode [ 240.103793][ T2860] bond0 (unregistering): (slave macvlan0): Releasing backup interface [ 240.115247][ T2860] macvlan0: left promiscuous mode [ 240.123555][ T2860] bond0 (unregistering): Released all slaves [ 240.141506][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 240.208343][ T9762] bridge0: port 1(team0) entered blocking state [ 240.225357][ T9762] bridge0: port 1(team0) entered disabled state [ 240.255692][ T9762] team0: entered allmulticast mode [ 240.265057][ T9762] team_slave_0: entered allmulticast mode [ 240.299685][ T9762] team0: entered promiscuous mode [ 240.328465][ T9762] team_slave_0: entered promiscuous mode [ 240.347595][ T9762] bridge0: port 1(team0) entered blocking state [ 240.354420][ T9762] bridge0: port 1(team0) entered forwarding state [ 240.699596][ T9788] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 240.856629][ T51] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 240.867295][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 240.879932][ T5141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 240.918519][ T9801] nbd: must specify at least one socket [ 240.929033][ T9802] nbd: must specify at least one socket [ 241.062102][ T9804] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1486'. [ 241.090917][ T9809] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1488'. [ 241.175348][ T2527] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 241.584531][ T9804] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1486'. [ 241.662180][ T2860] hsr_slave_0: left promiscuous mode [ 241.706151][ T2860] hsr_slave_1: left promiscuous mode [ 241.736488][ T2860] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 241.754303][ T2860] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 241.787191][ T2860] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 241.813319][ T2860] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 241.878442][ T2860] veth1_macvtap: left promiscuous mode [ 241.896592][ T2860] veth0_macvtap: left promiscuous mode [ 241.914077][ T2860] veth1_vlan: left promiscuous mode [ 241.926582][ T2860] veth0_vlan: left promiscuous mode [ 241.952823][ T9844] rdma_rxe: rxe_newlink: failed to add bond_slave_0 [ 241.975908][ T53] Bluetooth: hci3: command tx timeout [ 242.149825][ T9853] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1501'. [ 242.720155][ T2860] team0 (unregistering): Port device team_slave_1 removed [ 242.773831][ T2860] team0 (unregistering): Port device team_slave_0 removed [ 243.220892][ T9852] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1502'. [ 243.239169][ T9857] netlink: 'syz.0.1503': attribute type 5 has an invalid length. [ 243.387682][ T9868] FAULT_INJECTION: forcing a failure. [ 243.387682][ T9868] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 243.423408][ T9868] CPU: 1 PID: 9868 Comm: syz.4.1505 Not tainted 6.10.0-rc6-syzkaller-00170-g0913ec336a6c #0 [ 243.433552][ T9868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 243.443671][ T9868] Call Trace: [ 243.446997][ T9868] [ 243.450029][ T9868] dump_stack_lvl+0x241/0x360 [ 243.454752][ T9868] ? __pfx_dump_stack_lvl+0x10/0x10 [ 243.459986][ T9868] ? __pfx__printk+0x10/0x10 [ 243.464593][ T9868] ? __pfx_lock_release+0x10/0x10 [ 243.469618][ T9868] should_fail_ex+0x3b0/0x4e0 [ 243.474331][ T9868] _copy_from_iter+0x1f6/0x1960 [ 243.479216][ T9868] ? __virt_addr_valid+0x183/0x520 [ 243.484390][ T9868] ? __pfx_lock_release+0x10/0x10 [ 243.489512][ T9868] ? __alloc_skb+0x28f/0x440 [ 243.494104][ T9868] ? __pfx__copy_from_iter+0x10/0x10 [ 243.499404][ T9868] ? __virt_addr_valid+0x183/0x520 [ 243.504533][ T9868] ? __virt_addr_valid+0x183/0x520 [ 243.509654][ T9868] ? __virt_addr_valid+0x44e/0x520 [ 243.514786][ T9868] ? __check_object_size+0x49c/0x900 [ 243.520370][ T9868] netlink_sendmsg+0x743/0xcb0 [ 243.525164][ T9868] ? __pfx_netlink_sendmsg+0x10/0x10 [ 243.530499][ T9868] ? __import_iovec+0x536/0x820 [ 243.535544][ T9868] ? aa_sock_msg_perm+0x91/0x160 [ 243.540483][ T9868] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 243.545829][ T9868] ? security_socket_sendmsg+0x87/0xb0 [ 243.551571][ T9868] ? __pfx_netlink_sendmsg+0x10/0x10 [ 243.556872][ T9868] __sock_sendmsg+0x221/0x270 [ 243.561729][ T9868] ____sys_sendmsg+0x525/0x7d0 [ 243.566613][ T9868] ? __pfx_____sys_sendmsg+0x10/0x10 [ 243.572085][ T9868] __sys_sendmsg+0x2b0/0x3a0 [ 243.576777][ T9868] ? __pfx___sys_sendmsg+0x10/0x10 [ 243.581920][ T9868] ? vfs_write+0x7c4/0xc90 [ 243.586379][ T9868] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 243.592741][ T9868] ? do_syscall_64+0x100/0x230 [ 243.597534][ T9868] ? do_syscall_64+0xb6/0x230 [ 243.602320][ T9868] do_syscall_64+0xf3/0x230 [ 243.606835][ T9868] ? clear_bhb_loop+0x35/0x90 [ 243.611532][ T9868] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 243.617437][ T9868] RIP: 0033:0x7f68b0575bd9 [ 243.621885][ T9868] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 243.641624][ T9868] RSP: 002b:00007f68b13bc048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 243.650166][ T9868] RAX: ffffffffffffffda RBX: 00007f68b0703f60 RCX: 00007f68b0575bd9 [ 243.658230][ T9868] RDX: 0000000000000000 RSI: 0000000020000800 RDI: 0000000000000003 [ 243.666237][ T9868] RBP: 00007f68b13bc0a0 R08: 0000000000000000 R09: 0000000000000000 [ 243.674306][ T9868] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 243.682568][ T9868] R13: 000000000000000b R14: 00007f68b0703f60 R15: 00007fff921ed718 [ 243.690595][ T9868] [ 243.790308][ T9865] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1504'. [ 243.909141][ T9710] chnl_net:caif_netlink_parms(): no params data found [ 243.930024][ T9873] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1507'. [ 244.017232][ T9880] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1507'. [ 244.055313][ T53] Bluetooth: hci3: command tx timeout [ 244.186237][ T9884] net_ratelimit: 14 callbacks suppressed [ 244.186259][ T9884] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 244.298087][ T2527] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 244.326532][ T9892] rdma_rxe: rxe_newlink: failed to add bond_slave_0 [ 244.455825][ T9710] bridge0: port 1(bridge_slave_0) entered blocking state [ 244.491737][ T9710] bridge0: port 1(bridge_slave_0) entered disabled state [ 244.536397][ T9710] bridge_slave_0: entered allmulticast mode [ 244.565496][ T9710] bridge_slave_0: entered promiscuous mode [ 244.578225][ T9904] FAULT_INJECTION: forcing a failure. [ 244.578225][ T9904] name failslab, interval 1, probability 0, space 0, times 0 [ 244.622979][ T9710] bridge0: port 2(bridge_slave_1) entered blocking state [ 244.647212][ T9904] CPU: 0 PID: 9904 Comm: syz.1.1515 Not tainted 6.10.0-rc6-syzkaller-00170-g0913ec336a6c #0 [ 244.657343][ T9904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 244.667441][ T9904] Call Trace: [ 244.670782][ T9904] [ 244.673858][ T9904] dump_stack_lvl+0x241/0x360 [ 244.678593][ T9904] ? __pfx_dump_stack_lvl+0x10/0x10 [ 244.683931][ T9904] ? __pfx__printk+0x10/0x10 [ 244.688655][ T9904] ? ref_tracker_alloc+0x332/0x490 [ 244.693913][ T9904] should_fail_ex+0x3b0/0x4e0 [ 244.698642][ T9904] ? skb_clone+0x20c/0x390 [ 244.703100][ T9904] should_failslab+0x9/0x20 [ 244.707733][ T9904] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 244.713256][ T9904] skb_clone+0x20c/0x390 [ 244.717518][ T9904] __netlink_deliver_tap+0x3cc/0x7c0 [ 244.722849][ T9904] ? netlink_deliver_tap+0x2e/0x1b0 [ 244.728062][ T9904] netlink_deliver_tap+0x19d/0x1b0 [ 244.733221][ T9904] netlink_unicast+0x7b8/0x980 [ 244.738012][ T9904] ? __pfx_netlink_unicast+0x10/0x10 [ 244.743509][ T9904] ? __check_object_size+0x1b8/0x900 [ 244.748869][ T9904] ? __check_object_size+0x49c/0x900 [ 244.754167][ T9904] ? bpf_lsm_netlink_send+0x9/0x10 [ 244.759317][ T9904] netlink_sendmsg+0x8db/0xcb0 [ 244.764129][ T9904] ? __pfx_netlink_sendmsg+0x10/0x10 [ 244.769464][ T9904] ? aa_sock_msg_perm+0x91/0x160 [ 244.774418][ T9904] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 244.779705][ T9904] ? security_socket_sendmsg+0x87/0xb0 [ 244.785276][ T9904] ? __pfx_netlink_sendmsg+0x10/0x10 [ 244.790590][ T9904] __sock_sendmsg+0x221/0x270 [ 244.795306][ T9904] sock_write_iter+0x2dd/0x400 [ 244.800091][ T9904] ? __pfx_sock_write_iter+0x10/0x10 [ 244.805395][ T9904] ? bpf_lsm_file_permission+0x9/0x10 [ 244.810774][ T9904] ? security_file_permission+0x7f/0xa0 [ 244.816327][ T9904] vfs_write+0xa72/0xc90 [ 244.820574][ T9904] ? __pfx_sock_write_iter+0x10/0x10 [ 244.825866][ T9904] ? __pfx_vfs_write+0x10/0x10 [ 244.830644][ T9904] ksys_write+0x1a0/0x2c0 [ 244.834972][ T9904] ? __pfx_ksys_write+0x10/0x10 [ 244.839816][ T9904] ? do_syscall_64+0x100/0x230 [ 244.844585][ T9904] ? do_syscall_64+0xb6/0x230 [ 244.849265][ T9904] do_syscall_64+0xf3/0x230 [ 244.853767][ T9904] ? clear_bhb_loop+0x35/0x90 [ 244.858451][ T9904] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 244.864431][ T9904] RIP: 0033:0x7f2f50b75bd9 [ 244.868844][ T9904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 244.888455][ T9904] RSP: 002b:00007f2f518e3048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 244.899113][ T9904] RAX: ffffffffffffffda RBX: 00007f2f50d03f60 RCX: 00007f2f50b75bd9 [ 244.907189][ T9904] RDX: 0000000000000026 RSI: 0000000020000140 RDI: 0000000000000004 [ 244.915256][ T9904] RBP: 00007f2f518e30a0 R08: 0000000000000000 R09: 0000000000000000 [ 244.923316][ T9904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 244.931288][ T9904] R13: 000000000000000b R14: 00007f2f50d03f60 R15: 00007ffdf30be408 [ 244.939289][ T9904] [ 244.965174][ T9710] bridge0: port 2(bridge_slave_1) entered disabled state [ 244.972742][ T9710] bridge_slave_1: entered allmulticast mode [ 244.981978][ T784] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 245.002713][ T9710] bridge_slave_1: entered promiscuous mode [ 245.070229][ T9913] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 245.096814][ T9913] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 245.137281][ T9904] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1515'. [ 245.152158][ T9913] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 245.166197][ T9919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 245.175000][ T9919] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 245.204510][ T9710] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 245.274747][ T9913] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 245.289071][ T9710] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 245.306188][ T9913] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 245.401160][ T9913] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1519'. [ 245.491932][ T9710] team0: Port device team_slave_0 added [ 245.513856][ T9710] team0: Port device team_slave_1 added [ 245.627430][ T9710] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 245.639250][ T9710] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 245.669201][ T9710] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 245.706790][ T9710] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 245.726320][ T9710] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 245.755402][ T9710] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 245.971897][ T9710] hsr_slave_0: entered promiscuous mode [ 245.996690][ T9710] hsr_slave_1: entered promiscuous mode [ 246.024666][ T9710] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 246.041254][ T9710] Cannot create hsr debugfs directory [ 246.051030][ T9946] rdma_rxe: rxe_newlink: failed to add bond_slave_0 [ 246.062501][ T9947] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1527'. [ 246.452790][ T9965] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1533'. [ 246.910172][ T9987] vlan0: entered promiscuous mode [ 246.935807][ T9987] xfrm0: entered promiscuous mode [ 247.009463][ T9987] vlan0: entered allmulticast mode [ 247.035032][ T9987] xfrm0: entered allmulticast mode [ 247.064431][ T9987] team0: Port device vlan0 added [ 247.166783][ T9996] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1541'. [ 247.282144][ T9996] netlink: 'syz.3.1541': attribute type 8 has an invalid length. [ 247.315343][ T9996] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1541'. [ 248.056572][T10033] FAULT_INJECTION: forcing a failure. [ 248.056572][T10033] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 248.090560][T10033] CPU: 1 PID: 10033 Comm: syz.3.1554 Not tainted 6.10.0-rc6-syzkaller-00170-g0913ec336a6c #0 [ 248.100791][T10033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 248.110873][T10033] Call Trace: [ 248.114278][T10033] [ 248.117235][T10033] dump_stack_lvl+0x241/0x360 [ 248.121949][T10033] ? __pfx_dump_stack_lvl+0x10/0x10 [ 248.127177][T10033] ? __pfx__printk+0x10/0x10 [ 248.131803][T10033] should_fail_ex+0x3b0/0x4e0 [ 248.136516][T10033] _copy_from_user+0x2f/0xe0 [ 248.141222][T10033] move_addr_to_kernel+0x82/0x150 [ 248.146295][T10033] __sys_sendto+0x2a3/0x4f0 [ 248.150840][T10033] ? __pfx___sys_sendto+0x10/0x10 [ 248.155921][T10033] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 248.162023][T10033] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 248.168380][T10033] __x64_sys_sendto+0xde/0x100 [ 248.173183][T10033] do_syscall_64+0xf3/0x230 [ 248.177709][T10033] ? clear_bhb_loop+0x35/0x90 [ 248.182424][T10033] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 248.188433][T10033] RIP: 0033:0x7f8e1a375bd9 [ 248.193006][T10033] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 248.212736][T10033] RSP: 002b:00007f8e19dff048 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 248.221194][T10033] RAX: ffffffffffffffda RBX: 00007f8e1a503f60 RCX: 00007f8e1a375bd9 [ 248.229281][T10033] RDX: 00000000000005dc RSI: 0000000020000100 RDI: 0000000000000003 [ 248.237286][T10033] RBP: 00007f8e19dff0a0 R08: 0000000020000000 R09: 0000000000000014 [ 248.245377][T10033] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 248.249333][ T9710] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 248.253449][T10033] R13: 000000000000000b R14: 00007f8e1a503f60 R15: 00007fff1a6f34b8 [ 248.268160][T10033] [ 248.321334][T10037] netlink: 'syz.1.1555': attribute type 29 has an invalid length. [ 248.354412][T10037] netlink: 'syz.1.1555': attribute type 29 has an invalid length. [ 248.376821][ T9710] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 248.409800][ T9710] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 248.476800][T10037] netlink: 'syz.1.1555': attribute type 29 has an invalid length. [ 248.502949][T10044] netlink: 'syz.1.1555': attribute type 29 has an invalid length. [ 248.542106][ T9710] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 248.585028][T10037] netlink: 'syz.1.1555': attribute type 29 has an invalid length. [ 248.606628][T10051] __nla_validate_parse: 1 callbacks suppressed [ 248.606646][T10051] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1558'. [ 248.683936][T10051] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 248.691324][T10051] IPv6: NLM_F_CREATE should be set when creating new route [ 249.034337][ T9710] 8021q: adding VLAN 0 to HW filter on device bond0 [ 249.159921][ T9710] 8021q: adding VLAN 0 to HW filter on device team0 [ 249.249729][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 249.257114][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 249.344610][T10081] FAULT_INJECTION: forcing a failure. [ 249.344610][T10081] name failslab, interval 1, probability 0, space 0, times 0 [ 249.366086][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 249.373317][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 249.390092][T10081] CPU: 0 PID: 10081 Comm: syz.0.1569 Not tainted 6.10.0-rc6-syzkaller-00170-g0913ec336a6c #0 [ 249.400486][T10081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 249.410571][T10081] Call Trace: [ 249.413875][T10081] [ 249.416835][T10081] dump_stack_lvl+0x241/0x360 [ 249.421565][T10081] ? __pfx_dump_stack_lvl+0x10/0x10 [ 249.426975][T10081] ? __pfx__printk+0x10/0x10 [ 249.431695][T10081] should_fail_ex+0x3b0/0x4e0 [ 249.436422][T10081] should_failslab+0x9/0x20 [ 249.441148][T10081] kmalloc_node_track_caller_noprof+0xda/0x440 [ 249.447425][T10081] ? __feat_register_sp+0x3c3/0x640 [ 249.452666][T10081] kmemdup_noprof+0x2a/0x60 [ 249.457198][T10081] __feat_register_sp+0x3c3/0x640 [ 249.462232][T10081] dccp_setsockopt+0xf5f/0x12c0 [ 249.467086][T10081] ? __pfx_dccp_setsockopt+0x10/0x10 [ 249.472472][T10081] ? aa_sock_opt_perm+0x79/0x120 [ 249.477412][T10081] ? sock_common_setsockopt+0x37/0xc0 [ 249.482866][T10081] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 249.488809][T10081] do_sock_setsockopt+0x3af/0x720 [ 249.493833][T10081] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 249.499374][T10081] ? __fget_files+0x29/0x470 [ 249.504174][T10081] ? __fget_files+0x3f6/0x470 [ 249.508976][T10081] __sys_setsockopt+0x1ae/0x250 [ 249.513950][T10081] __x64_sys_setsockopt+0xb5/0xd0 [ 249.519012][T10081] do_syscall_64+0xf3/0x230 [ 249.523604][T10081] ? clear_bhb_loop+0x35/0x90 [ 249.528313][T10081] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 249.534211][T10081] RIP: 0033:0x7f7adc775bd9 [ 249.538646][T10081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 249.558423][T10081] RSP: 002b:00007f7add621048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 249.566838][T10081] RAX: ffffffffffffffda RBX: 00007f7adc903f60 RCX: 00007f7adc775bd9 [ 249.574813][T10081] RDX: 000000000000000a RSI: 000000000000010d RDI: 0000000000000003 [ 249.582955][T10081] RBP: 00007f7add6210a0 R08: 0000000000000019 R09: 0000000000000000 [ 249.591010][T10081] R10: 00000000201c9fff R11: 0000000000000246 R12: 0000000000000001 [ 249.598972][T10081] R13: 000000000000000b R14: 00007f7adc903f60 R15: 00007ffea49ee388 [ 249.606952][T10081] [ 249.634304][ T25] net_ratelimit: 23 callbacks suppressed [ 249.634326][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 249.680376][T10078] batadv1: entered allmulticast mode [ 249.885924][T10098] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1572'. [ 250.005597][T10101] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 250.012970][T10101] IPv6: NLM_F_CREATE should be set when creating new route [ 250.463515][ T9710] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 250.507252][T10120] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 250.651817][ T9710] veth0_vlan: entered promiscuous mode [ 250.696187][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 250.719169][T10129] FAULT_INJECTION: forcing a failure. [ 250.719169][T10129] name failslab, interval 1, probability 0, space 0, times 0 [ 250.814679][T10129] CPU: 0 PID: 10129 Comm: syz.0.1580 Not tainted 6.10.0-rc6-syzkaller-00170-g0913ec336a6c #0 [ 250.824909][T10129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 250.835007][T10129] Call Trace: [ 250.838312][T10129] [ 250.841263][T10129] dump_stack_lvl+0x241/0x360 [ 250.845988][T10129] ? __pfx_dump_stack_lvl+0x10/0x10 [ 250.851298][T10129] ? __pfx__printk+0x10/0x10 [ 250.855990][T10129] should_fail_ex+0x3b0/0x4e0 [ 250.860744][T10129] ? ip_tun_build_state+0x165/0x850 [ 250.865988][T10129] should_failslab+0x9/0x20 [ 250.870527][T10129] __kmalloc_noprof+0xd8/0x400 [ 250.875359][T10129] ip_tun_build_state+0x165/0x850 [ 250.880525][T10129] ? __pfx_ip_tun_build_state+0x10/0x10 [ 250.886117][T10129] ? __pfx_lock_acquire+0x10/0x10 [ 250.891384][T10129] lwtunnel_build_state+0x36c/0x4d0 [ 250.896670][T10129] ? lwtunnel_build_state+0xdc/0x4d0 [ 250.902090][T10129] fib_nh_common_init+0x15b/0x460 [ 250.907160][T10129] ? __pfx_lock_acquire+0x10/0x10 [ 250.912228][T10129] ? __pfx_fib_nh_common_init+0x10/0x10 [ 250.917839][T10129] fib_nh_init+0x9f/0x420 [ 250.922217][T10129] rtm_new_nexthop+0x4332/0x9f90 [ 250.927226][T10129] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 250.933691][T10129] ? __pfx_rtm_new_nexthop+0x10/0x10 [ 250.939049][T10129] ? mark_lock+0x9a/0x350 [ 250.943445][T10129] ? __lock_acquire+0x1346/0x1fd0 [ 250.948573][T10129] ? __mutex_lock+0x527/0xd70 [ 250.953331][T10129] ? __pfx_rtm_new_nexthop+0x10/0x10 [ 250.958930][T10129] rtnetlink_rcv_msg+0x89b/0x1180 [ 250.964227][T10129] ? rtnetlink_rcv_msg+0x208/0x1180 [ 250.969559][T10129] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 250.975169][T10129] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 250.981374][T10129] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 250.987841][T10129] ? __local_bh_enable_ip+0x168/0x200 [ 250.993612][T10129] ? lockdep_hardirqs_on+0x99/0x150 [ 250.998858][T10129] ? __local_bh_enable_ip+0x168/0x200 [ 251.004262][T10129] ? dev_hard_start_xmit+0x773/0x7e0 [ 251.009584][T10129] ? __dev_queue_xmit+0x2d2/0x3d30 [ 251.014732][T10129] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 251.020489][T10129] ? __dev_queue_xmit+0x2d2/0x3d30 [ 251.025737][T10129] ? __dev_queue_xmit+0x16c9/0x3d30 [ 251.031002][T10129] ? __dev_queue_xmit+0x2d2/0x3d30 [ 251.036168][T10129] ? ref_tracker_free+0x643/0x7e0 [ 251.041267][T10129] netlink_rcv_skb+0x1e3/0x430 [ 251.046167][T10129] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 251.051677][T10129] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 251.057196][T10129] ? netlink_deliver_tap+0x2e/0x1b0 [ 251.062433][T10129] netlink_unicast+0x7ea/0x980 [ 251.067249][T10129] ? __pfx_netlink_unicast+0x10/0x10 [ 251.072564][T10129] ? __virt_addr_valid+0x183/0x520 [ 251.077725][T10129] ? __check_object_size+0x49c/0x900 [ 251.083048][T10129] ? bpf_lsm_netlink_send+0x9/0x10 [ 251.088197][T10129] netlink_sendmsg+0x8db/0xcb0 [ 251.093010][T10129] ? __pfx_netlink_sendmsg+0x10/0x10 [ 251.098330][T10129] ? __import_iovec+0x536/0x820 [ 251.103343][T10129] ? aa_sock_msg_perm+0x91/0x160 [ 251.108403][T10129] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 251.113809][T10129] ? security_socket_sendmsg+0x87/0xb0 [ 251.119306][T10129] ? __pfx_netlink_sendmsg+0x10/0x10 [ 251.124627][T10129] __sock_sendmsg+0x221/0x270 [ 251.129346][T10129] ____sys_sendmsg+0x525/0x7d0 [ 251.134150][T10129] ? __pfx_____sys_sendmsg+0x10/0x10 [ 251.139487][T10129] __sys_sendmsg+0x2b0/0x3a0 [ 251.144109][T10129] ? __pfx___sys_sendmsg+0x10/0x10 [ 251.149257][T10129] ? vfs_write+0x7c4/0xc90 [ 251.153760][T10129] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 251.160123][T10129] ? do_syscall_64+0x100/0x230 [ 251.164926][T10129] ? do_syscall_64+0xb6/0x230 [ 251.169736][T10129] do_syscall_64+0xf3/0x230 [ 251.174272][T10129] ? clear_bhb_loop+0x35/0x90 [ 251.178990][T10129] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 251.184949][T10129] RIP: 0033:0x7f7adc775bd9 [ 251.189389][T10129] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 251.209119][T10129] RSP: 002b:00007f7add621048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 251.217567][T10129] RAX: ffffffffffffffda RBX: 00007f7adc903f60 RCX: 00007f7adc775bd9 [ 251.225566][T10129] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003 [ 251.233562][T10129] RBP: 00007f7add6210a0 R08: 0000000000000000 R09: 0000000000000000 [ 251.241593][T10129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 251.249676][T10129] R13: 000000000000000b R14: 00007f7adc903f60 R15: 00007ffea49ee388 [ 251.257707][T10129] [ 251.312877][ T5143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 251.377287][ T9710] veth1_vlan: entered promiscuous mode [ 251.466854][T10134] netlink: 'syz.3.1581': attribute type 1 has an invalid length. [ 251.633920][ T9710] veth0_macvtap: entered promiscuous mode [ 251.695071][T10149] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1584'. [ 251.743320][ T5173] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 251.826883][ T9710] veth1_macvtap: entered promiscuous mode [ 251.873644][T10145] batadv1: entered allmulticast mode [ 251.918689][T10153] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 251.926135][T10153] IPv6: NLM_F_CREATE should be set when creating new route [ 252.032839][ T9710] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 252.094488][ T9710] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 252.138523][ T9710] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 252.175704][ T9710] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 252.218310][ T9710] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 252.259705][ T9710] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 252.289256][ T9710] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 252.341099][ T4547] udevd[4547]: worker [5254] terminated by signal 33 (Unknown signal 33) [ 252.343783][ T9710] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 252.413419][ T9710] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 252.460624][ T9710] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 252.480584][ T9710] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 252.518843][ T9710] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 252.585897][ T9710] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 252.608505][ T9710] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 252.622332][ T9710] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 252.644817][ T9710] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 252.677624][T10185] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1 [ 252.689905][T10185] gretap1: entered promiscuous mode [ 252.695896][T10185] gretap1: entered allmulticast mode [ 252.724190][T10187] FAULT_INJECTION: forcing a failure. [ 252.724190][T10187] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 252.752639][T10187] CPU: 0 PID: 10187 Comm: syz.3.1593 Not tainted 6.10.0-rc6-syzkaller-00170-g0913ec336a6c #0 [ 252.762862][T10187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 252.772956][T10187] Call Trace: [ 252.776349][T10187] [ 252.779292][T10187] dump_stack_lvl+0x241/0x360 [ 252.784082][T10187] ? __pfx_dump_stack_lvl+0x10/0x10 [ 252.789308][T10187] ? __pfx__printk+0x10/0x10 [ 252.793920][T10187] ? __pfx_lock_release+0x10/0x10 [ 252.798967][T10187] ? vfs_write+0x7c4/0xc90 [ 252.803411][T10187] should_fail_ex+0x3b0/0x4e0 [ 252.808125][T10187] _copy_from_user+0x2f/0xe0 [ 252.813776][T10187] get_timespec64+0x97/0x280 [ 252.818422][T10187] ? __pfx_get_timespec64+0x10/0x10 [ 252.823745][T10187] __x64_sys_recvmmsg+0x140/0x250 [ 252.828892][T10187] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 252.834468][T10187] ? do_syscall_64+0x100/0x230 [ 252.839352][T10187] ? do_syscall_64+0xb6/0x230 [ 252.844059][T10187] do_syscall_64+0xf3/0x230 [ 252.848593][T10187] ? clear_bhb_loop+0x35/0x90 [ 252.853512][T10187] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 252.859411][T10187] RIP: 0033:0x7f8e1a375bd9 [ 252.863825][T10187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 252.883431][T10187] RSP: 002b:00007f8e19dff048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 252.891846][T10187] RAX: ffffffffffffffda RBX: 00007f8e1a503f60 RCX: 00007f8e1a375bd9 [ 252.899898][T10187] RDX: 04000000000003b4 RSI: 00000000200037c0 RDI: 0000000000000003 [ 252.907864][T10187] RBP: 00007f8e19dff0a0 R08: 0000000020003700 R09: 0000000000000000 [ 252.915959][T10187] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 252.923948][T10187] R13: 000000000000000b R14: 00007f8e1a503f60 R15: 00007fff1a6f34b8 [ 252.932013][T10187] [ 252.945432][ T5173] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 253.041326][ T2918] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 253.070589][ T2918] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 253.130192][T10196] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1596'. [ 253.200851][T10196] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 253.208198][T10196] IPv6: NLM_F_CREATE should be set when creating new route [ 253.241533][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 253.274321][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 253.469810][T10204] batadv1: entered allmulticast mode [ 253.570742][T10209] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 253.815895][T10214] netlink: 'syz.2.1603': attribute type 4 has an invalid length. [ 253.849222][T10213] netlink: 'syz.2.1603': attribute type 4 has an invalid length. [ 253.975483][ T2527] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 254.378785][ T5143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 254.444094][T10233] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1609'. [ 254.483041][T10233] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 254.490595][T10233] IPv6: NLM_F_CREATE should be set when creating new route [ 254.559151][T10239] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1612'. [ 254.663482][T10239] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1612'. [ 254.696475][T10243] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1615'. [ 254.729595][T10243] Bluetooth: MGMT ver 1.22 [ 254.740912][T10243] Bluetooth: hci3: invalid len left 7, exp >= 143 [ 255.015739][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 255.035414][T10258] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 255.270855][T10265] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1621'. [ 255.472865][T10270] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1624'. [ 255.545851][T10270] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 255.553144][T10270] IPv6: NLM_F_CREATE should be set when creating new route [ 255.781992][T10278] geneve2: entered promiscuous mode [ 255.814552][T10278] geneve2: entered allmulticast mode [ 256.057003][ T2527] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 256.125943][T10287] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1631'. [ 256.218222][ T5143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 256.218605][ T1246] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.234359][ T1246] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.393318][T10291] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 256.583796][T10300] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 256.618287][T10303] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1635'. [ 256.668922][T10302] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1637'. [ 256.709794][T10304] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 256.717123][T10304] IPv6: NLM_F_CREATE should be set when creating new route [ 256.779185][T10303] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1635'. [ 257.095330][ T2527] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 257.417058][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 257.457376][T10325] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 258.137234][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 260.215435][ T5173] net_ratelimit: 1 callbacks suppressed [ 260.215458][ T5173] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 260.460866][ T5141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 261.258825][ T2527] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 261.928486][ T5143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 262.076794][ C0] hrtimer: interrupt took 10135295 ns [ 262.082925][T10390] __nla_validate_parse: 2 callbacks suppressed [ 262.082944][T10390] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1675'. [ 262.178379][T10392] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1677'. [ 262.211046][T10398] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1679'. [ 262.252704][T10399] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1680'. [ 262.652487][ T2527] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 263.593979][ T5143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 263.661020][ T5173] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 264.866333][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 264.874752][ T5173] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 266.121975][ T2527] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 267.551784][ T2527] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 267.560039][ T5141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 267.585017][T10427] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1687'. [ 267.616075][T10429] sock: sock_timestamping_bind_phc: sock not bind to device [ 269.498881][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 269.511184][ T5141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 269.637819][T10431] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 271.983866][ T2527] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 271.995736][ T5143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 272.008809][T10433] team0: Port device wlan1 added [ 272.059584][T10443] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1699'. [ 272.086395][T10443] A link change request failed with some changes committed already. Interface wg0 may have been left with an inconsistent configuration, please check. [ 275.297148][ T5141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 275.366474][ T2527] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 278.075409][ T5143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 278.115156][ T2527] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 280.838610][ T5141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 280.848400][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 283.889367][ T2527] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 287.276225][ T5143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 287.346060][ T2527] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 291.226230][ T5141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 291.248099][ T5141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 291.330275][ T5173] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 297.175630][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 297.437910][ T53] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 297.446557][ T5173] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 297.454707][ T5173] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 303.917766][ T5173] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 303.926085][ T5141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 303.934725][ T5141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 303.942947][ T5141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 303.953106][ T5109] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 310.930882][ T5143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 310.941563][ T5313] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 318.265722][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 318.274037][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 318.285533][ T1246] ieee802154 phy0 wpan0: encryption failed: -22 [ 318.291999][ T1246] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.308565][ T5143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 318.316851][ T5143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 318.325477][ T5143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 318.334709][T10468] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 318.345128][ T53] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 325.139975][ T5143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 325.153196][ T2931] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 325.176533][ T5143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 325.192138][ T53] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 325.326218][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 325.336428][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 325.415211][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 326.034324][ T53] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 326.104765][ T53] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 332.642845][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 332.651040][ T5141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 332.670352][ T5141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 332.690247][ T5098] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 332.701908][ T5099] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 332.712332][ T5099] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 332.720932][ T5099] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 332.772450][ T5108] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 332.781943][ T5108] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 332.791409][ T5108] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 332.808000][ T5108] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 332.816106][ T5108] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 332.831641][ T5108] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 332.839017][ T5108] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 332.846398][ T5108] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 340.724481][ T5141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 340.732984][ T5141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 340.764250][ T5145] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 340.773850][ T5101] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 340.791302][ T5145] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 350.710279][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 350.718918][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 350.800546][ T5173] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 350.815691][ T5145] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 350.855215][ T5101] Bluetooth: hci4: command 0x0406 tx timeout [ 362.498242][ T5101] Bluetooth: hci0: command 0x0c39 tx timeout [ 362.515759][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 362.524783][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 362.588906][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 362.626067][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 362.645047][ T5109] Bluetooth: hci0: Opcode 0x0c39 failed: -110 [ 362.651938][ T5098] Bluetooth: hci5: Opcode 0x0c25 failed: -110 [ 362.658699][ T53] Bluetooth: hci1: Opcode 0x0c23 failed: -110 [ 362.738935][ T2931] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 375.805029][ T5101] Bluetooth: hci6: command 0x1005 tx timeout [ 375.812066][T10476] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 375.824129][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 375.856728][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 375.864965][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 375.873126][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 375.881423][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 375.889630][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 375.897839][ T5099] Bluetooth: hci6: Opcode 0x1005 failed: -110 [ 391.076604][ T5143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 391.088470][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 391.096846][ T5143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 391.105014][ T5143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 391.125208][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 391.571140][ T5099] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 391.581049][ T5099] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 391.588449][ T5099] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 391.598298][ T1246] ieee802154 phy0 wpan0: encryption failed: -22 [ 391.604686][ T1246] ieee802154 phy1 wpan1: encryption failed: -22 [ 391.612798][T10483] Bluetooth: hci5: Opcode 0x0c03 failed: -4 [ 391.710400][ T2918] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 391.741940][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 409.405237][T10480] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 409.407183][ T5143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 409.420481][ T5143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 409.428783][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 409.438574][T10484] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 409.459552][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 409.484272][ T2931] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 409.494148][ T5142] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 430.263936][ T5143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 430.273273][ T5143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 430.283582][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 430.293917][ T5143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 430.302577][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 430.311868][ T5143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 430.320551][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 430.328883][ T5143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 459.016287][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 459.025770][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 459.034692][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 459.076254][ T1246] ieee802154 phy0 wpan0: encryption failed: -22 [ 459.085316][ T1246] ieee802154 phy1 wpan1: encryption failed: -22 [ 459.185099][ T30] INFO: task kworker/u8:6:2802 blocked for more than 140 seconds. [ 459.193362][ T30] Not tainted 6.10.0-rc6-syzkaller-00170-g0913ec336a6c #0 [ 459.215095][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 459.224257][ T30] task:kworker/u8:6 state:D stack:19824 pid:2802 tgid:2802 ppid:2 flags:0x00004000 [ 459.255263][ T30] Workqueue: ipv6_addrconf addrconf_verify_work [ 459.262083][ T30] Call Trace: [ 459.285003][ T30] [ 459.288271][ T30] __schedule+0x17e8/0x4a20 [ 459.293573][ T30] ? __pfx___schedule+0x10/0x10 [ 459.304864][ T30] ? __pfx_lock_release+0x10/0x10 [ 459.310367][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 459.335312][ T30] ? kthread_data+0x52/0xd0 [ 459.340319][ T30] ? schedule+0x90/0x320 [ 459.344613][ T30] ? wq_worker_sleeping+0x66/0x240 [ 459.365082][ T30] ? schedule+0x90/0x320 [ 459.369436][ T30] schedule+0x14b/0x320 [ 459.374158][ T30] schedule_preempt_disabled+0x13/0x30 [ 459.395080][ T30] __mutex_lock+0x6a4/0xd70 [ 459.399833][ T30] ? __mutex_lock+0x527/0xd70 [ 459.415066][ T30] ? addrconf_verify_work+0x19/0x30 [ 459.420582][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 459.435008][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 459.441411][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 459.465141][ T30] ? process_scheduled_works+0x945/0x1830 [ 459.471054][ T30] addrconf_verify_work+0x19/0x30 [ 459.485042][ T30] process_scheduled_works+0xa2c/0x1830 [ 459.491415][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 459.515120][ T30] ? assign_work+0x364/0x3d0 [ 459.520717][ T30] worker_thread+0x86d/0xd50 [ 459.545092][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 459.552927][ T30] ? __kthread_parkme+0x169/0x1d0 [ 459.575151][ T30] ? __pfx_worker_thread+0x10/0x10 [ 459.581870][ T30] kthread+0x2f0/0x390 [ 459.594997][ T30] ? __pfx_worker_thread+0x10/0x10 [ 459.600485][ T30] ? __pfx_kthread+0x10/0x10 [ 459.615033][ T30] ret_from_fork+0x4b/0x80 [ 459.619899][ T30] ? __pfx_kthread+0x10/0x10 [ 459.634980][ T30] ret_from_fork_asm+0x1a/0x30 [ 459.640021][ T30] [ 459.644010][ T30] INFO: task kworker/1:6:5313 blocked for more than 141 seconds. [ 459.675004][ T30] Not tainted 6.10.0-rc6-syzkaller-00170-g0913ec336a6c #0 [ 459.683983][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 459.715045][ T30] task:kworker/1:6 state:D stack:24184 pid:5313 tgid:5313 ppid:2 flags:0x00004000 [ 459.805066][ T30] Workqueue: events_power_efficient reg_check_chans_work [ 459.812668][ T30] Call Trace: