last executing test programs: 28.320019683s ago: executing program 4 (id=2992): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) openat$cgroup_type(r1, 0x0, 0x2, 0x0) r2 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_DONE(r2, 0x0, 0xc9, 0x0, 0x0) mkdirat$cgroup(r1, &(0x7f0000000080)='syz0\x00', 0x1ff) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000001480)='./cgroup/syz1\x00', 0x200002, 0x0) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f00000003c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r5 = accept4(r4, 0x0, 0x0, 0x80800) sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, 0x0}], 0x1, 0x40800) recvmsg$unix(r5, &(0x7f0000000980)={0x0, 0x0, &(0x7f00000029c0)=[{&(0x7f0000000300)=""/115, 0x73}], 0x1}, 0x40) r6 = openat$cgroup(r1, &(0x7f00000002c0)='syz0\x00', 0x200002, 0x0) r7 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0) getsockname$packet(r7, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) ioctl$SIOCGETSGCNT_IN6(r7, 0x89e1, &(0x7f00000001c0)={@private2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}) mkdirat$cgroup(r6, 0x0, 0x1ff) mkdirat$cgroup(r3, &(0x7f00000000c0)='syz1\x00', 0x1ff) r8 = openat$cgroup_ro(r3, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0) r9 = socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r9, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x9, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}, @NFT_MSG_DELOBJ={0x34, 0x14, 0xa, 0x5, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x2}]}], {0x14, 0x14}}, 0x98}}, 0x0) write$cgroup_int(r8, &(0x7f0000000200)=0x1, 0x12) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101080000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff08000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x101, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @range={{0xa}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_RANGE_SREG={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x74}}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xb, &(0x7f0000000140)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa1000000000000070100b70300000000000085000000170000009500"/88], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) 28.073350652s ago: executing program 4 (id=2994): socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000001880)={'wg1\x00'}) syz_genetlink_get_family_id$wireguard(&(0x7f0000000fc0), 0xffffffffffffffff) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_buf(r2, 0x0, 0x2a, &(0x7f0000003080)="28410f027a06a5ec90280f53f23a7f83e89ae02572e77804255d41ae923840199f820b50b7a8200fe36c04a7f9846e98d94c6d400af60a16e7858f350311a523d8f8627a3bf6f76b65a3d9aef34055bccc9ed63f4a635bca3586318901a0a3dcced16905b57d8506273df696dfbee4936517a58c1a1555a17179675619f980e8e434a813b4bb5e41b26f71", 0x8b) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) socket(0x400000000010, 0x3, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r4 = socket$nl_generic(0x10, 0x3, 0x10) pipe(&(0x7f0000000600)={0xffffffffffffffff}) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r4) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r7, @ANYBLOB="1f003300d00000000802110000010802110000005050505050500000", @ANYRES8=r5], 0x3c}, 0x1, 0x0, 0x0, 0x4010}, 0x10) 27.626902988s ago: executing program 4 (id=2998): bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000140)=ANY=[@ANYRES16], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge0\x00', 0x0}) r3 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r2, @ANYBLOB="00000000000000001c001a800800058008000200080000003e"], 0x44}}, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) ioctl$TUNSETPERSIST(r5, 0x400454cb, 0x1) ioctl$TUNSETPERSIST(r5, 0x400454cb, 0x0) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000002140)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="000226bd0000000000000100000008c30000", @ANYRES32=r8, @ANYBLOB="0c0023800600100007000000"], 0x28}}, 0x40000) sendmsg$NL80211_CMD_REGISTER_FRAME(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x48, r4, 0x100, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r8}, @val={0xc, 0x99, {0x401, 0x75}}}}, [@NL80211_ATTR_FRAME_MATCH={0x1d, 0x5b, "8f0eee326f43137ca606fb10d019c97d057259cac79409bfcf"}]}, 0x48}, 0x1, 0x0, 0x0, 0x1}, 0x4000080) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000001300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x98) 27.096608612s ago: executing program 4 (id=3003): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000004dc0), &(0x7f0000004e00)=0x8) ioctl$sock_SIOCGIFVLAN_SET_VLAN_NAME_TYPE_CMD(r1, 0x8982, &(0x7f0000000140)={0x6, 'rose0\x00', {0xffffffff}, 0x6}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x6, 0xe, &(0x7f0000002380)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0a00fe1100000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000000000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd844a954b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b4090a79507df79f298129da487130d5f24b46001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad379e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4b9535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024a0041b1df65b3e1b9bf115646d14ce53d13d0ccacda1efc5f9094fa737c28b994a8512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4fdc4b4861004eefbc17f54f82a804d4a69bf9bc5fa77ee293fbd165a5a68488a010030166565a097b103b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f940b6f0e8c7db4bf23242a18159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c2d7962b0d22772c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac2bba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f407000000000000006d294d366501753a7ac7fedb8d34f5bc381604fcd46105c457e7dd13cab669ab377e4c2422a47e9ffe2d4a2d32f7528751313694bf57704400b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c9585638c2153a6eee01738b0c10671f4f559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670100be05e7de0940313c5870786554df26236ebced9390cb6940b8375d936a7d2120eca291963eb2d537d8ee4de5c183c160119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d30902208d300e4d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d0000002000000001c8000000000000003a48cea769470424d28804c024ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef40662d7836d252c566f5ee934c679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da2022f23daec61854f640f701db0276652f6c031578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada209bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6155e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2f085185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bcdb7c89739f5d81e750d50517a59a3ad09e8802e8f4f000000000facd5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f296115d4a31838eeb20c20bb82aa31771cd379ec83554cea5b473332f2011e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d3fcd116bce9c764c714c9402c21d181aae59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755367fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc05000000000000006c25b96174327d82761c26e329555f9290af4100000000000000749e1338636555009edf66be445d6975d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab0043ebf7c79a953e023f74afad591821610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c1960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000000000027c9a4619a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd5c17d5486b0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dff7aa46e820a74f9530bdcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fdca4e9eda0072f6df342f3e7071e28ef6806b90cc39c49b91c76b0d3958f7f05b47d3e519f1634e8fbd8d3133319e069f9648a2ff93060ff073b3a113e47e447c030931651dd315003b7a6a47c912853826c4c65433a2bb560ae99ec4b227eda2e63a1cb1a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7194d1eb3de6a5f99f301f89c2ee627e949cdd22000026a9960503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640000cd9e5f2e236ef5f1e3a94b108eb9750b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a2050000c375c705c798e0e208e4a5259d0bda526b462af45a6e9a84aebe025c8a7f65819f397574db7ab01bd2b3e3cd28c5aec90f8edfe39a00bafd688a7eea04efdeed96f67012bc3f795edb68b5dec80ad31a858eb756c815e7695d00000000000000000000000000000000000000000000000000007ccf0ce549d97510f7f8765408bb702f0000006d4754c68b7064cf31a681421994e1f307f0ab4ff2e33d3c88fea5d218a276b77adfee7c8fb145783ee1f8adbd2c2604eab3a62a28611da1dae5ce60003111ce5c96a1d6e45ee144ffa3dcca32a33f8f0ce2995b7b7aa0bce228cbf37412cbbdebae06edb51a134301d2627d4927287daf9dcae6720334862d3a18094f1edd9e350337cbb804004d1755cfe7d7fa01872fb99815dcfbbc8141f6e1bbb0901ae91357677fd9d2bb00d4f17fb441c2dfa2b424bf46ae299d68ac27792cdac2b63a6038ab5546ba1e5ad6a329f2c627100e0442f865fc6c179ad3edcb6b000000000000000b0000000000000000ac192d48d76e2a8cae83ae850f73fdfbaca81b6b7b1a0d7b517f41fbd46aa24b0f4b8e0202e3a580947f1925ba4de097e8dcb6bd7f686322b45d4a544ca1e83b592d4a6d46d0a0dc39634550bc77d4cabba01b283082e66778de7c61a1a36838d36c2f8e58cef603770ee3d6a9625be0bc21d2be2da69ac9e9c5e88278d39239501b465102ad16d651ea8bb8cee35527c1ad42ac6a565e449929ccb4469bdd6824b64e13579b7188566e735200000000000000000094e05bcda1e96e4c33ccf6d74046e45bafe9d512c43a3e485dedad9a38b34f7fcd00fafcc25dc36716f0e21e0632425b7a1c1a6bc15c3fc07d914c88103411d8d2b77b72a796fd3aaa7ea493c7bc43e63b2b0d05ad5682121682096b224933fa20255d58a680cc2ec200"/3002], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000040), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x39) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r3, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000540)="d2ffdd934517f3e145fa02e086dd", 0x0, 0xd5b4, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000002940)={0x1c, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}}, 0x1c}}, 0x0) 26.612215363s ago: executing program 4 (id=3007): socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000001880)={'wg1\x00'}) syz_genetlink_get_family_id$wireguard(&(0x7f0000000fc0), 0xffffffffffffffff) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_buf(r2, 0x0, 0x2a, &(0x7f0000003080)="28410f027a06a5ec90280f53f23a7f83e89ae02572e77804255d41ae923840199f820b50b7a8200fe36c04a7f9846e98d94c6d400af60a16e7858f350311a523d8f8627a3bf6f76b65a3d9aef34055bccc9ed63f4a635bca3586318901a0a3dcced16905b57d8506273df696dfbee4936517a58c1a1555a17179675619f980e8e434a813b4bb5e41b26f71", 0x8b) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) socket(0x400000000010, 0x3, 0x0) socket$unix(0x1, 0x1, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = socket$nl_generic(0x10, 0x3, 0x10) pipe(&(0x7f0000000600)={0xffffffffffffffff}) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r3) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r6, @ANYBLOB="1f003300d00000000802110000010802110000005050505050500000", @ANYRES8=r4], 0x3c}, 0x1, 0x0, 0x0, 0x4010}, 0x10) 26.241836144s ago: executing program 4 (id=3010): bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0x8, 0x3, &(0x7f0000000080)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x61, 0x54}}, &(0x7f0000281ffc)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000005c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0xb, 0x0, 0x0, 0x0, 0x520e854a, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000007c0)={0x3, 0x3, 0x7, 0x9}, 0x10, 0x0, 0xffffffffffffffff, 0x3, &(0x7f0000000800)=[r0], &(0x7f0000000840)=[{0x0, 0x2, 0x1, 0x1}, {0x5, 0x1, 0xd, 0x9}, {0x5, 0x4, 0x5, 0x9}], 0x10, 0x7, @void, @value}, 0x94) bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000002c0)=ANY=[@ANYRES32=0x0, @ANYBLOB='/\x00\x00\x002 \x00\x00', @ANYBLOB="1eb67d00000045d77cab0f6b00005ea914"], 0x20) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r3 = accept4(r2, 0x0, 0x0, 0x800) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 19.04131475s ago: executing program 1 (id=3044): syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) socket$packet(0x11, 0x2, 0x300) socket$tipc(0x1e, 0x5, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x1}, 0x0, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x2, 0x0) 19.005775179s ago: executing program 0 (id=3045): socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000001880)={'wg1\x00'}) syz_genetlink_get_family_id$wireguard(&(0x7f0000000fc0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) close(0x3) pipe(&(0x7f0000000600)={0xffffffffffffffff}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r4, @ANYBLOB="1f003300d00000000802110000010802110000005050505050500000", @ANYRES8=r2], 0x3c}, 0x1, 0x0, 0x0, 0x4010}, 0x10) 18.820019237s ago: executing program 3 (id=3046): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f00000002c0)="9e", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback, 0xe}, 0x1c) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000300)={0x0, 0x200002, 0x30}, 0xc) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000340)={0x0, 0x3}, 0x8) r1 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000004c0)={0x0, 0x0, 0x10, 0x0, 0x2}, &(0x7f0000000500)=0x18) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x3, &(0x7f0000000000)=@framed={{0x6a, 0xa, 0x0, 0xffc4, 0x0, 0x69, 0x10, 0x16}}, &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x4, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x8, 0x0, 0x0, 0x0, 0x73, 0x11, 0x32}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0xb7}, @exit={0x95, 0x0, 0xc2}], {0x95, 0x0, 0x1200}}, &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan0\x00'}) r2 = socket$inet6(0xa, 0x805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000080)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @private1}]}, &(0x7f00000002c0)=0x10) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x54, &(0x7f0000000280)=[@in6={0xa, 0x4e21, 0x7ff, @private2, 0xeb2}, @in6={0xa, 0x4e21, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x9}, @in6={0xa, 0x4e21, 0x9, @loopback, 0x7ab}]}, &(0x7f0000000180)=0x10) r4 = socket$netlink(0x10, 0x3, 0x4) writev(r4, &(0x7f0000000080)=[{&(0x7f0000000340)="480000001400190d09034beafd0d36020a841a000000230f00000000a2bc5603ca00000f7f89004e00200000000101ff00c00e03000200000000000000000300005839c900910000", 0x48}], 0x1) 18.535056273s ago: executing program 0 (id=3047): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2000004, 0x3b071, 0xffffffffffffffff, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10) r1 = accept4(r0, 0x0, 0x0, 0x80000) sendmsg$nl_route_sched_retired(r1, &(0x7f000001be80)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24040081}, 0x5) recvmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001680)=""/4084, 0xff4}], 0x1}, 0x12041) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000440)={0x0, 0x1005}, 0x4) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x9, 0x4, 0x4, 0x9, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) 18.182049118s ago: executing program 2 (id=3049): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000540)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000400)={0x44, 0x0, 0x801, 0x400, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_KEY={0x28, 0x50, 0x0, 0x1, [@NL80211_KEY_DATA_WEP104={0x11, 0x1, "4abe725c86ec8ce9c3a8f66b00"}, @NL80211_KEY_IDX={0x5, 0x2, 0x2}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac02}]}]}, 0x44}}, 0x0) 17.991838705s ago: executing program 1 (id=3050): r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='inode_switch_wbs\x00', 0xffffffffffffffff, 0x0, 0x9}, 0x18) preadv(r0, &(0x7f0000000380)=[{&(0x7f0000000080)=""/19, 0x13}, {&(0x7f00000000c0)}, {&(0x7f0000000100)=""/254, 0xfe}, {&(0x7f0000000200)=""/51, 0x33}, {&(0x7f0000000240)=""/231, 0xe7}, {&(0x7f0000000340)=""/62, 0x3e}], 0x6, 0x40, 0x7f) r1 = accept4$tipc(0xffffffffffffffff, 0x0, &(0x7f0000000400), 0x80000) sendmsg$tipc(r1, &(0x7f00000006c0)={&(0x7f0000000440)=@name={0x1e, 0x2, 0x1, {{0x40, 0x4}}}, 0x10, &(0x7f0000000640)=[{&(0x7f0000000480)="4414565372be3bcb8e02df2597268a63bb75a1f6a664f71cd33701815de6596354e0427fe363aff995ba380b4734ad7d7430e2f747296690e8d8bcfc8329317c14d15a18758b6eb6b6805d4b399055b68f2cc457dc41ca0429a1054adfa76a6f206e5e73975373275decb6ad594ac5b26d01e4f8cf7885d9c75076be94d8a462121aad8fa1a54aea93c4ba5399a8b34d565df763806bedc946b7b84d3cbbeef65c7ff2371163561870a4b467668082", 0xaf}, {&(0x7f0000000540)="26189432c336e32b6df3031047dfd0b94338ccfdd693742d631ceb34232eaf670589c64dd886a62725ae", 0x2a}, {&(0x7f0000000580)="cf16d62081f9ca011625c9c3c19ca43aaafcfde30fd28fe8a219fb9c70e07ec94ba4db0373293daa8e7e248e3b9ad22624a87a68fbc13c6a2908a272ed46caaa17", 0x41}, {&(0x7f0000000600)="83f5b04e297e81dfaf7747974a9d5ca11105863d6b2ed8a9", 0x18}], 0x4, &(0x7f0000000680)="60bd46be0eb4bef37dad5ee4c19522bc", 0x10, 0x4040}, 0x85) accept4$packet(0xffffffffffffffff, &(0x7f0000000700)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000740)=0x14, 0x80000) (async) r2 = accept4$packet(0xffffffffffffffff, &(0x7f0000000700)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000740)=0x14, 0x80000) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000780)={'geneve1\x00', 0x0}) bind$packet(r2, &(0x7f00000007c0)={0x11, 0x1a, r4, 0x1, 0x16, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x28}}, 0x14) socket$tipc(0x1e, 0x5, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000800)={0x0, 0x800, 0x20}, &(0x7f0000000840)=0xc) setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000880)={r5, @in6={{0xa, 0x4e22, 0xff, @private0, 0x489}}}, 0x84) socket$nl_generic(0x10, 0x3, 0x10) (async) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_WIPHY(r6, &(0x7f0000000a00)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000009c0)={&(0x7f0000000980)={0x1c, 0x0, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@NL80211_ATTR_WIPHY_TX_POWER_SETTING={0x8, 0x61, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48011}, 0x0) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000a40)='hugetlb.1GB.usage_in_bytes\x00', 0x0, 0x0) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r7, 0x28, 0x2, &(0x7f0000000a80)=0x1, 0x8) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000ac0)='./cgroup/syz1\x00', 0x200002, 0x0) (async) r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000ac0)='./cgroup/syz1\x00', 0x200002, 0x0) sendto$l2tp(r7, &(0x7f0000000b00)="641e51538768adb0d95a2006517dee25faeebc14c6bf2b56808ee2342c315a16c3f2eeeed808f59c552f1585bdf4ee59b5b55f92e8792a5147338e9bbd243aef17ef8c6957656ca0183015459abbb13a83f51886f8a18d4aa44a2dcf0699be4baeaac3f11d98b4e76ff3e225c05a735127d1110c2491a56724ef46b0bd075633a8c9be8f81d103bf5afa00ba30534aecf090c38e501cf01ccea2932136ac004882057ec4089a8796eefb0b5db8fe7aeedfaa146dda198661b0c7004a5ba0655f27afc3a2", 0xc4, 0x20000011, &(0x7f0000000c00)={0x2, 0x0, @remote, 0x2}, 0x10) (async) sendto$l2tp(r7, &(0x7f0000000b00)="641e51538768adb0d95a2006517dee25faeebc14c6bf2b56808ee2342c315a16c3f2eeeed808f59c552f1585bdf4ee59b5b55f92e8792a5147338e9bbd243aef17ef8c6957656ca0183015459abbb13a83f51886f8a18d4aa44a2dcf0699be4baeaac3f11d98b4e76ff3e225c05a735127d1110c2491a56724ef46b0bd075633a8c9be8f81d103bf5afa00ba30534aecf090c38e501cf01ccea2932136ac004882057ec4089a8796eefb0b5db8fe7aeedfaa146dda198661b0c7004a5ba0655f27afc3a2", 0xc4, 0x20000011, &(0x7f0000000c00)={0x2, 0x0, @remote, 0x2}, 0x10) writev(r7, &(0x7f0000000f40)=[{&(0x7f0000000c40)="3d7ab267669232800504977a7b00781f5371750faba8bea146794da6bf66ac04afabb265b8af809575c1c162c1bf62580da518deb10393184e8d4fe240adcac885b2a903de72a3ca4eeedd3ecd97370013832a8e8a14be31fd1cc6dfce0e5723b2ddc321e304d2b81f3478fdeb9391680ea90b8813395e8641416f13a074ae4bbd394370dcf335f8a048dfdf840d4078033764a0a97746be6380fdeb62de496d71af37f075cdc3803dfed7629f8ad188f98c461ef23a70a6b8693e217eb9eb96c1f8ebd3df14543b1f", 0xc9}, {&(0x7f0000000d40)="e482712e0675b6bec023bd1dbccfee07894e3a2679f7beef13494cb298edb02b7f1f324f83d6c91bd2b0b28eae4f5e4aa387fb089a29624d7fe38ef0761f66fe5a2f5254ccb7485ba8335c8a3f3547a65f8ecb27fb5d1151abe359e23158", 0x5e}, {&(0x7f0000000dc0)="a2881ebd09c9ce6ad12d3e98a78fef2da26e65de455a6ea6def2e49179a50113e0ad9bec6ef4adfbc4a4813e21ef74bb2bae3f4c1a8c605fe6908d68a2001407dd0db4ad981493f20132fc2fe398964f3e1bf915be8366a8198adb75663b5ecfb43b6e7713bad15311206752b70bd2cd72e6496ea08c94b52f343aadbd36b24af4c6c297c2f76b7e108be7bb2c15c6ef09e137f49aa5763437d42b57f2ed343a05b18d240c9d3601af1aedfa6bf53a22d6a00ae3ede5a9a0e5e417910df6c0189672cbcce01cae", 0xc7}, {&(0x7f0000000ec0)="5308cc957aea", 0x6}, {&(0x7f0000000f00)='RB1', 0x3}], 0x5) getsockopt$EBT_SO_GET_INIT_ENTRIES(r7, 0x0, 0x83, &(0x7f0000001040)={'broute\x00', 0x0, 0x3, 0x3e, [0x5, 0x4, 0x8, 0x9, 0x8, 0x6], 0x3, &(0x7f0000000fc0)=[{}, {}, {}], &(0x7f0000001000)=""/62}, &(0x7f00000010c0)=0x78) (async) getsockopt$EBT_SO_GET_INIT_ENTRIES(r7, 0x0, 0x83, &(0x7f0000001040)={'broute\x00', 0x0, 0x3, 0x3e, [0x5, 0x4, 0x8, 0x9, 0x8, 0x6], 0x3, &(0x7f0000000fc0)=[{}, {}, {}], &(0x7f0000001000)=""/62}, &(0x7f00000010c0)=0x78) setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r7, 0x84, 0x18, &(0x7f0000001100)={r5, 0x5}, 0x8) (async) setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r7, 0x84, 0x18, &(0x7f0000001100)={r5, 0x5}, 0x8) ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000001140)) (async) ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000001140)={'team0\x00', 0x0}) openat$cgroup_procs(r7, &(0x7f0000001180)='cgroup.procs\x00', 0x2, 0x0) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r7, 0x84, 0xa, &(0x7f00000011c0)={0x2, 0x4, 0x4, 0x546d4e97, 0x7, 0x3ff, 0x2, 0xfffffffa, r5}, 0x20) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000001200)=0x0) ioctl$sock_FIOSETOWN(0xffffffffffffffff, 0x8901, &(0x7f0000001240)=r10) (async) ioctl$sock_FIOSETOWN(0xffffffffffffffff, 0x8901, &(0x7f0000001240)=r10) bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000001280)={0x3}, 0x8) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000001300)=@o_path={&(0x7f00000012c0)='./file0\x00', r7, 0x4000, r8}, 0x18) (async) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000001300)=@o_path={&(0x7f00000012c0)='./file0\x00', r7, 0x4000, r8}, 0x18) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r7, 0x84, 0x70, &(0x7f0000001340)={r5, @in={{0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}}, [0x7ff, 0x0, 0xe, 0x0, 0x1ff, 0x6, 0x3, 0x100, 0x8, 0x5, 0xbe4, 0xfff, 0x5, 0xe, 0x3]}, &(0x7f0000001440)=0x100) openat$tun(0xffffffffffffff9c, &(0x7f0000001480), 0x2200, 0x0) (async) openat$tun(0xffffffffffffff9c, &(0x7f0000001480), 0x2200, 0x0) sendmsg$NL80211_CMD_SET_MCAST_RATE(r6, &(0x7f0000001580)={&(0x7f00000014c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000001540)={&(0x7f0000001500)={0x24, 0x0, 0x200, 0x70bd2c, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xf0}]}, 0x24}, 0x1, 0x0, 0x0, 0x84}, 0x40080) sendmsg$TEAM_CMD_OPTIONS_SET(r6, &(0x7f0000001dc0)={&(0x7f00000015c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000001d80)={&(0x7f0000001740)={0x628, 0x0, 0x200, 0x70bd29, 0x25dfdbff, {}, [{{0x8, 0x1, r9}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r9}}}]}}, {{0x8, 0x1, r9}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}]}}, {{0x8, 0x1, r9}, {0x150, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x5c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x2c, 0x4, [{0x0, 0x9, 0x88, 0xd8}, {0x3, 0x81, 0x0, 0x400}, {0x80, 0x80, 0xf4, 0x1ff}, {0x3, 0x80, 0x3c, 0x1ff}, {0x9, 0x7, 0xf5, 0x6}]}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8, 0x6, r9}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}]}}, {{0x8, 0x1, r3}, {0x40, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r4}}}]}}, {{0x8}, {0xf8, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r9}}}]}}, {{0x8, 0x1, r3}, {0x1a8, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x80000000}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r9}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xc334}}, {0x8, 0x6, r3}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x44, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x14, 0x4, [{0x2, 0x7, 0xf5, 0x3}, {0x7, 0x8, 0x4}]}}}]}}, {{0x8, 0x1, r3}, {0x134, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x80000}}, {0x8, 0x6, r4}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r9}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x4}}, {0x8, 0x6, r3}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r4}}}]}}]}, 0x628}, 0x1, 0x0, 0x0, 0x4004811}, 0x800) 17.97160092s ago: executing program 2 (id=3051): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendmmsg$inet(r0, &(0x7f00000010c0)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000c80)="93bffce623851797a8dc79018d7716840ffc6946a067f6d345b18bc896d8f016f5f206bb2b0eb2fe32d2f0048678cd35ef833c35225ff95a94770a6845b091e69f243dea0d601c54e9c93ee3568b89a3427c84262ff67b679ccac305b5cea1dcd151d7bb5754603b6b0e362d8041bdc61529260e6c4046d55927c96dcce1609b9c4f8424b9da760270a470f95b99ebb688db8aee2963a9a5c8b454270e3c084fd5232dd1e17566d440d9f479034f26806b25dcfc18c50ee6f365a1bd150cc423678f1ef69b0667c83d", 0xc9}, {&(0x7f00000007c0)="02999344565d9c61d3bb8cf353fd63", 0xf}], 0x2}}], 0x1, 0xc0) 17.783840755s ago: executing program 1 (id=3052): syz_emit_ethernet(0x36, &(0x7f0000000040)={@local, @random, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr=0x64010100, @multicast1}, @timestamp={0xd, 0x0, 0x0, 0x4, 0x1, 0x4, 0xbb, 0x8}}}}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000000bfa300000000000007030000f1feffff720af0fff8ffffff71a4f0ff0000000071108500000000001d400500000000004704000001ed00000f030000000000006f44000000000000730a00fe000000007203000000000006b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f18564a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccc99069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad24b89b6a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c87852730a3bd7ac923fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca4856ff03b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec860cde7c79f7b4d4e24c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b450100000001000000393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00400000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd599c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb80610eb37bd2d40ebdfed687f0b093e68f10b72146a0b749ee2105e2da94a288146abbbaf7c0b24fe0000000000000000f1a4f4de6a8d12dc9e71a20cbd412898586843b534d36e21379a8a06133c1babde9e5bd5b6afc5f684aada43ee560e800f58cb33b8483f6518abde7c86bd5d389c1b3c40fdd4bebe4adf87b1025ff57eb50984cc5bad9ea1c15484ea627c3c1501d612ed65939266e7332966f03e0376076e7c5dfe25f367dda7f69db89829b360dd2f59cbaad10f13e269eca792725bbacb96aa0a5c426ca76f84322661"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffa3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x47}], {0x95, 0x0, 0x700}}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x22, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) 17.620214539s ago: executing program 2 (id=3053): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r1, &(0x7f0000000140)={0xa, 0x0, 0x0, @empty, 0x8}, 0x1c) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x408, 0xd0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x338, 0xffffffff, 0xffffffff, 0x338, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'dvmrp0\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x0, 0x0, 0x0, 0x30}, 0x0, 0x238, 0x268, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@rt={{0x138}, {0xf, [0xd, 0x4], 0x0, 0x4, 0x6, [@empty, @private0, @loopback, @ipv4={'\x00', '\xff\xff', @loopback}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @empty, @mcast2, @empty, @dev={0xfe, 0x80, '\x00', 0x2d}, @mcast2, @mcast2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast1, @loopback, @loopback, @mcast2], 0xa}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x0, 0x200}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x468) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) sendmsg(r1, &(0x7f00000000c0)={0x0, 0x9511, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0xffd8}], 0x1, 0x0, 0x0, 0x2c}, 0x44004) 17.591252386s ago: executing program 1 (id=3054): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x5c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x3}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x23}, @NFTA_SET_EXPR={0x20, 0x11, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8}]}}}]}], {0x14, 0x10}}, 0xa4}}, 0x4) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000440)=ANY=[@ANYBLOB="9c0000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000006c00128009000100766c616e000000005c00028006000100000000004c0003800c15010000000000010000000c00010065000000000000000c00010003000000000000000c00010005000000000000000c00010000000000000000000c000100000000000000000004000480080005"], 0x9c}, 0x1, 0xba01}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="280500003d0007010000000000000000017c0000040000000c0003"], 0x528}}, 0xc000) r2 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000800)=ANY=[@ANYBLOB="88000000", @ANYRES16=r2, @ANYBLOB="01000000000000000000010000001400020077673000000000000000000000000000600008805c00008008000300020000002c00098028000080060001000a1c000014000200ff020000000000000000000000000001050003000300000024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b"], 0x88}, 0x1, 0x0, 0x0, 0x24000855}, 0x0) 17.568759827s ago: executing program 3 (id=3055): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000) recvmmsg(r0, &(0x7f0000001740)=[{{0x0, 0x0, 0x0}, 0x101}, {{0x0, 0x0, 0x0}, 0x7}, {{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, &(0x7f0000001600)=[{&(0x7f0000000fc0)=""/225, 0xe1}, {&(0x7f0000004080)=""/4103, 0x1007}, {&(0x7f00000010c0)=""/234, 0xea}], 0x3}, 0x80000000}], 0x4, 0x20, 0x0) 17.484434564s ago: executing program 0 (id=3056): socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000001880)={'wg1\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) close(0x3) pipe(&(0x7f0000000600)={0xffffffffffffffff}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r4, @ANYBLOB="1f003300d00000000802110000010802110000005050505050500000", @ANYRES8=r2], 0x3c}, 0x1, 0x0, 0x0, 0x4010}, 0x10) 17.259255816s ago: executing program 2 (id=3057): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000001340)=@mangle={'mangle\x00', 0x10, 0x6, 0x948, 0xf0, 0x0, 0x0, 0xf0, 0xf0, 0x878, 0x878, 0x878, 0x878, 0x878, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xf0, 0x0, {0x7a00000000000000}}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv6=@private0, @ipv4=@empty, 0xe}}}, {{@ipv6={@dev, @loopback, [], [], 'pimreg0\x00', 'veth1_macvtap\x00'}, 0x0, 0x118, 0x140, 0x0, {}, [@common=@unspec=@devgroup={{0x38}}, @common=@unspec=@connbytes={{0x38}}]}, @common=@unspec=@AUDIT={0x28}}, {{@uncond, 0x0, 0x1e0, 0x208, 0x0, {}, [@common=@rt={{0x138}, {0x0, [], 0x0, 0x0, 0x0, [@empty, @private2, @loopback, @mcast2, @local, @private1, @local, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, @dev, @private1, @private1, @loopback, @loopback]}}]}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0x2d8, 0x300, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0xfffd}}]}, @common=@unspec=@MARK={0x28}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private0, [], [], 'bridge_slave_1\x00', 'gretap0\x00'}, 0x0, 0xf8, 0x140, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}}]}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv4, @ipv6=@empty}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x9a8) getsockopt$inet6_int(r2, 0x29, 0x42, &(0x7f0000000040), &(0x7f0000000080)=0x4) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) sendmsg$nl_route(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="240000001800090400000000000040937078b207985e0ea123777a230900000a00000000"], 0x24}}, 0x0) 17.107432313s ago: executing program 3 (id=3058): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000002c0)=ANY=[@ANYRES32=0x0, @ANYRES32, @ANYBLOB='/\x00\x00\x002 \x00\x00', @ANYRES32, @ANYBLOB="1eb67d00000045d77cab0f6b00005ea914"], 0x20) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r2 = accept4(r1, 0x0, 0x0, 0x800) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x2, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 17.091020612s ago: executing program 0 (id=3059): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r1, &(0x7f0000000140)={0xa, 0x0, 0x0, @empty, 0x8}, 0x1c) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x408, 0xd0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x338, 0xffffffff, 0xffffffff, 0x338, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'dvmrp0\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x0, 0x0, 0x0, 0x30}, 0x0, 0x238, 0x268, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@rt={{0x138}, {0xf, [0xd, 0x4], 0x0, 0x4, 0x6, [@empty, @private0, @loopback, @ipv4={'\x00', '\xff\xff', @loopback}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @empty, @mcast2, @empty, @dev={0xfe, 0x80, '\x00', 0x2d}, @mcast2, @mcast2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast1, @loopback, @loopback, @mcast2], 0xa}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x0, 0x200}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x468) sendmsg(r1, &(0x7f00000000c0)={0x0, 0x9584, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0xffd8}], 0x1, 0x0, 0x0, 0x2c}, 0x44004) 17.090856552s ago: executing program 1 (id=3060): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000540)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000400)={0x44, 0x0, 0x801, 0x400, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_KEY={0x28, 0x50, 0x0, 0x1, [@NL80211_KEY_DATA_WEP104={0x11, 0x1, "4abe725c86ec8ce9c3a8f66b00"}, @NL80211_KEY_IDX={0x5, 0x2, 0x2}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac02}]}]}, 0x44}}, 0x0) 16.804181046s ago: executing program 2 (id=3061): bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000800261104c000000000062000000000800009500000c00000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc6, &(0x7f0000000180)=""/198, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000080)='syz0\x00', 0x200002, 0x0) openat$cgroup_devices(r0, &(0x7f00000000c0)='devices.deny\x00', 0x2, 0x0) 16.782604871s ago: executing program 1 (id=3062): bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0x8, 0x3, &(0x7f0000000080)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x61, 0x54}}, &(0x7f0000281ffc)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000005c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x2c}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0xb, 0x0, 0x0, 0x0, 0x520e854a, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000007c0)={0x3, 0x3, 0x7, 0x9}, 0x10, 0x0, 0xffffffffffffffff, 0x3, &(0x7f0000000800)=[r0], &(0x7f0000000840)=[{0x0, 0x2, 0x1, 0x1}, {0x5, 0x1, 0xd, 0x9}, {0x5, 0x4, 0x5, 0x9}], 0x10, 0x7, @void, @value}, 0x94) bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000002c0)=ANY=[@ANYRES32=0x0, @ANYBLOB='/\x00\x00\x002 \x00\x00', @ANYBLOB="1eb67d00000045d77cab0f6b00005ea914"], 0x20) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r3 = accept4(r2, 0x0, 0x0, 0x800) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 16.590222107s ago: executing program 3 (id=3063): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETSETELEM(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000009c0)={0x2c, 0xd, 0xa, 0xe01, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}]}, 0x2c}}, 0x0) 16.561072894s ago: executing program 0 (id=3064): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f00000002c0)="9e", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback, 0xe}, 0x1c) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000300)={0x0, 0x200002, 0x30}, 0xc) sendmsg$inet6(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000380)='d', 0x1}], 0x1}, 0x8000) r1 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000004c0)={0x0, 0x0, 0x10, 0x0, 0x2}, &(0x7f0000000500)=0x18) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x3, &(0x7f0000000000)=@framed={{0x6a, 0xa, 0x0, 0xffc4, 0x0, 0x69, 0x10, 0x16}}, &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x4, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x8, 0x0, 0x0, 0x0, 0x73, 0x11, 0x32}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0xb7}, @exit={0x95, 0x0, 0xc2}], {0x95, 0x0, 0x1200}}, &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan0\x00'}) r2 = socket$inet6(0xa, 0x805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000080)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @private1}]}, &(0x7f00000002c0)=0x10) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x54, &(0x7f0000000280)=[@in6={0xa, 0x4e21, 0x7ff, @private2, 0xeb2}, @in6={0xa, 0x4e21, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x9}, @in6={0xa, 0x4e21, 0x9, @loopback, 0x7ab}]}, &(0x7f0000000180)=0x10) r4 = socket$netlink(0x10, 0x3, 0x4) writev(r4, &(0x7f0000000080)=[{&(0x7f0000000340)="480000001400190d09034beafd0d36020a841a000000230f00000000a2bc5603ca00000f7f89004e00200000000101ff00c00e03000200000000000000000300005839c900910000", 0x48}], 0x1) 16.468232257s ago: executing program 2 (id=3065): r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0xc, &(0x7f0000000cc0)=@framed={{}, [@func={0x85, 0x0, 0x1, 0x0, 0x3}, @map_val, @exit, @tail_call]}, &(0x7f0000000280)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x200000000000011, 0x2, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newqdisc={0x24, 0x29, 0xa19702d202eff97b, 0x1004001, 0xfffffdfc, {0x0, 0x0, 0x0, r4, {0x0, 0xf}, {0xffff, 0xffff}, {0x0, 0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x400dc}, 0x4000080) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@RTM_NEWMDB={0x38, 0x54, 0x100, 0x7000000, 0x0, {0x7, r5}, [@MDBA_SET_ENTRY={0x20, 0x1, {r7, 0x1, 0x0, 0xffe, {@ip4=@local, 0x86dd}}}]}, 0x38}, 0x1, 0xffe, 0x0, 0x8040}, 0x0) 16.349725766s ago: executing program 3 (id=3066): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r1, &(0x7f0000000140)={0xa, 0x0, 0x0, @empty, 0x8}, 0x1c) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x408, 0xd0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x338, 0xffffffff, 0xffffffff, 0x338, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'dvmrp0\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x0, 0x0, 0x0, 0x30}, 0x0, 0x238, 0x268, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@rt={{0x138}, {0xf, [0xd, 0x4], 0x0, 0x4, 0x6, [@empty, @private0, @loopback, @ipv4={'\x00', '\xff\xff', @loopback}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @empty, @mcast2, @empty, @dev={0xfe, 0x80, '\x00', 0x2d}, @mcast2, @mcast2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast1, @loopback, @loopback, @mcast2], 0xa}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x0, 0x200}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x468) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) sendmsg(r1, &(0x7f00000000c0)={0x0, 0x9511, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0xffd8}], 0x1, 0x0, 0x0, 0x2c}, 0x44004) 16.052067746s ago: executing program 3 (id=3067): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0xb, 0x0, 0x0, &(0x7f0000000540)='syzkaller\x00', 0x520e854a, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x7, @void, @value}, 0x94) bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000002c0)=ANY=[@ANYRES32=0x0, @ANYRES32, @ANYBLOB='/\x00\x00\x002 \x00', @ANYRES32, @ANYBLOB="1eb67d00000045d77cab0f6b00005ea914ed69"], 0x20) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r2 = accept4(r1, 0x0, 0x0, 0x800) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="a800000000010904000500000000000002000000240001801400018008000100e0000001080002"], 0xa8}}, 0x0) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b", 0x44}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 15.52564645s ago: executing program 0 (id=3068): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000) recvmmsg(r0, &(0x7f0000001740)=[{{0x0, 0x0, 0x0}, 0x101}, {{0x0, 0x0, 0x0}, 0x7}, {{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, &(0x7f0000001600)=[{&(0x7f0000000fc0)=""/225, 0xe1}, {&(0x7f0000004080)=""/4103, 0x1007}, {&(0x7f00000010c0)=""/234, 0xea}, {0x0}], 0x4}, 0x80000000}], 0x4, 0x20, 0x0) 1.246149999s ago: executing program 32 (id=3062): bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0x8, 0x3, &(0x7f0000000080)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x61, 0x54}}, &(0x7f0000281ffc)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000005c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x2c}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0xb, 0x0, 0x0, 0x0, 0x520e854a, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000007c0)={0x3, 0x3, 0x7, 0x9}, 0x10, 0x0, 0xffffffffffffffff, 0x3, &(0x7f0000000800)=[r0], &(0x7f0000000840)=[{0x0, 0x2, 0x1, 0x1}, {0x5, 0x1, 0xd, 0x9}, {0x5, 0x4, 0x5, 0x9}], 0x10, 0x7, @void, @value}, 0x94) bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000002c0)=ANY=[@ANYRES32=0x0, @ANYBLOB='/\x00\x00\x002 \x00\x00', @ANYBLOB="1eb67d00000045d77cab0f6b00005ea914"], 0x20) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r3 = accept4(r2, 0x0, 0x0, 0x800) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 1.123412232s ago: executing program 33 (id=3065): r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0xc, &(0x7f0000000cc0)=@framed={{}, [@func={0x85, 0x0, 0x1, 0x0, 0x3}, @map_val, @exit, @tail_call]}, &(0x7f0000000280)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x200000000000011, 0x2, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newqdisc={0x24, 0x29, 0xa19702d202eff97b, 0x1004001, 0xfffffdfc, {0x0, 0x0, 0x0, r4, {0x0, 0xf}, {0xffff, 0xffff}, {0x0, 0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x400dc}, 0x4000080) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@RTM_NEWMDB={0x38, 0x54, 0x100, 0x7000000, 0x0, {0x7, r5}, [@MDBA_SET_ENTRY={0x20, 0x1, {r7, 0x1, 0x0, 0xffe, {@ip4=@local, 0x86dd}}}]}, 0x38}, 0x1, 0xffe, 0x0, 0x8040}, 0x0) 71.597407ms ago: executing program 34 (id=3068): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000) recvmmsg(r0, &(0x7f0000001740)=[{{0x0, 0x0, 0x0}, 0x101}, {{0x0, 0x0, 0x0}, 0x7}, {{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, &(0x7f0000001600)=[{&(0x7f0000000fc0)=""/225, 0xe1}, {&(0x7f0000004080)=""/4103, 0x1007}, {&(0x7f00000010c0)=""/234, 0xea}, {0x0}], 0x4}, 0x80000000}], 0x4, 0x20, 0x0) 0s ago: executing program 35 (id=3067): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0xb, 0x0, 0x0, &(0x7f0000000540)='syzkaller\x00', 0x520e854a, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x7, @void, @value}, 0x94) bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000002c0)=ANY=[@ANYRES32=0x0, @ANYRES32, @ANYBLOB='/\x00\x00\x002 \x00', @ANYRES32, @ANYBLOB="1eb67d00000045d77cab0f6b00005ea914ed69"], 0x20) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r2 = accept4(r1, 0x0, 0x0, 0x800) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="a800000000010904000500000000000002000000240001801400018008000100e0000001080002"], 0xa8}}, 0x0) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b", 0x44}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) kernel console output (not intermixed with test programs): 11346] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 236.920258][T11346] RSP: 002b:00007f522c98a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 236.920281][T11346] RAX: ffffffffffffffda RBX: 00007f522bdb5fa0 RCX: 00007f522bb8d37c [ 236.920298][T11346] RDX: 000000000000000f RSI: 00007f522c98a0a0 RDI: 0000000000000005 [ 236.920311][T11346] RBP: 00007f522c98a090 R08: 0000000000000000 R09: 0000000000000000 [ 236.920325][T11346] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 236.920338][T11346] R13: 0000000000000000 R14: 00007f522bdb5fa0 R15: 00007ffd54adfe28 [ 236.920371][T11346] [ 237.271998][T11352] FAULT_INJECTION: forcing a failure. [ 237.271998][T11352] name failslab, interval 1, probability 0, space 0, times 0 [ 237.294174][T11352] CPU: 1 UID: 0 PID: 11352 Comm: syz.4.2323 Not tainted 6.15.0-syzkaller-07809-g408da3a0f89d #0 PREEMPT(full) [ 237.294206][T11352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 237.294220][T11352] Call Trace: [ 237.294228][T11352] [ 237.294237][T11352] dump_stack_lvl+0x189/0x250 [ 237.294277][T11352] ? __pfx____ratelimit+0x10/0x10 [ 237.294302][T11352] ? __pfx_dump_stack_lvl+0x10/0x10 [ 237.294335][T11352] ? __pfx__printk+0x10/0x10 [ 237.294360][T11352] ? __pfx___might_resched+0x10/0x10 [ 237.294389][T11352] ? fs_reclaim_acquire+0x7d/0x100 [ 237.294416][T11352] should_fail_ex+0x414/0x560 [ 237.294448][T11352] should_failslab+0xa8/0x100 [ 237.294481][T11352] __kmalloc_noprof+0xcb/0x4f0 [ 237.294508][T11352] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 237.294538][T11352] ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0 [ 237.294593][T11352] genl_family_rcv_msg_attrs_parse+0xa3/0x2a0 [ 237.294625][T11352] genl_family_rcv_msg_doit+0xb8/0x300 [ 237.294655][T11352] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 237.294682][T11352] ? rcu_is_watching+0x15/0xb0 [ 237.294712][T11352] ? apparmor_capable+0x137/0x1b0 [ 237.294745][T11352] ? bpf_lsm_capable+0x9/0x20 [ 237.294773][T11352] ? security_capable+0x7e/0x2e0 [ 237.294803][T11352] genl_rcv_msg+0x60e/0x790 [ 237.294833][T11352] ? __pfx_genl_rcv_msg+0x10/0x10 [ 237.294873][T11352] ? ref_tracker_free+0x63a/0x7d0 [ 237.294898][T11352] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 237.294921][T11352] ? __pfx_nl80211_new_key+0x10/0x10 [ 237.294943][T11352] ? __pfx_nl80211_post_doit+0x10/0x10 [ 237.294967][T11352] ? __pfx_ref_tracker_free+0x10/0x10 [ 237.295006][T11352] netlink_rcv_skb+0x205/0x470 [ 237.295040][T11352] ? __pfx_genl_rcv_msg+0x10/0x10 [ 237.295066][T11352] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 237.295115][T11352] ? down_read+0x1ad/0x2e0 [ 237.295146][T11352] genl_rcv+0x28/0x40 [ 237.295168][T11352] netlink_unicast+0x758/0x8d0 [ 237.295208][T11352] netlink_sendmsg+0x805/0xb30 [ 237.295238][T11352] ? __pfx_netlink_sendmsg+0x10/0x10 [ 237.295262][T11352] ? aa_sock_msg_perm+0x94/0x160 [ 237.295289][T11352] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 237.295321][T11352] ? __pfx_netlink_sendmsg+0x10/0x10 [ 237.295343][T11352] __sock_sendmsg+0x21c/0x270 [ 237.295373][T11352] ____sys_sendmsg+0x505/0x830 [ 237.295401][T11352] ? __pfx_____sys_sendmsg+0x10/0x10 [ 237.295432][T11352] ? import_iovec+0x74/0xa0 [ 237.295456][T11352] ___sys_sendmsg+0x21f/0x2a0 [ 237.295480][T11352] ? __pfx____sys_sendmsg+0x10/0x10 [ 237.295540][T11352] ? __fget_files+0x2a/0x420 [ 237.295577][T11352] ? __fget_files+0x3a0/0x420 [ 237.295620][T11352] __x64_sys_sendmsg+0x19b/0x260 [ 237.295644][T11352] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 237.295676][T11352] ? __pfx_ksys_write+0x10/0x10 [ 237.295702][T11352] ? rcu_is_watching+0x15/0xb0 [ 237.295737][T11352] ? do_syscall_64+0xbe/0x3b0 [ 237.295768][T11352] do_syscall_64+0xfa/0x3b0 [ 237.295793][T11352] ? lockdep_hardirqs_on+0x9c/0x150 [ 237.295817][T11352] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 237.295839][T11352] ? clear_bhb_loop+0x60/0xb0 [ 237.295865][T11352] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 237.295885][T11352] RIP: 0033:0x7fb43d98e969 [ 237.295903][T11352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 237.295922][T11352] RSP: 002b:00007fb43e7b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 237.295943][T11352] RAX: ffffffffffffffda RBX: 00007fb43dbb5fa0 RCX: 00007fb43d98e969 [ 237.295959][T11352] RDX: 0000000000000000 RSI: 00002000000006c0 RDI: 0000000000000003 [ 237.295972][T11352] RBP: 00007fb43e7b7090 R08: 0000000000000000 R09: 0000000000000000 [ 237.295985][T11352] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 237.295997][T11352] R13: 0000000000000000 R14: 00007fb43dbb5fa0 R15: 00007ffcf4915218 [ 237.296029][T11352] [ 238.407423][T11383] x_tables: duplicate entry at hook 1 [ 239.032377][T11394] block nbd3: NBD_DISCONNECT [ 239.055255][T11394] block nbd3: Disconnected due to user request. [ 239.064076][T11394] block nbd3: shutting down sockets [ 239.099557][T11399] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2341'. [ 240.170083][T11451] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2358'. [ 240.547099][T11466] netlink: 'syz.0.2366': attribute type 1 has an invalid length. [ 240.626325][T11470] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2366'. [ 240.666233][T11470] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2366'. [ 240.666637][T11466] 8021q: adding VLAN 0 to HW filter on device bond2 [ 241.049577][T11483] FAULT_INJECTION: forcing a failure. [ 241.049577][T11483] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 241.106258][T11486] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2373'. [ 241.129194][T11483] CPU: 1 UID: 0 PID: 11483 Comm: syz.3.2371 Not tainted 6.15.0-syzkaller-07809-g408da3a0f89d #0 PREEMPT(full) [ 241.129229][T11483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 241.129244][T11483] Call Trace: [ 241.129252][T11483] [ 241.129262][T11483] dump_stack_lvl+0x189/0x250 [ 241.129299][T11483] ? __pfx____ratelimit+0x10/0x10 [ 241.129325][T11483] ? __pfx_dump_stack_lvl+0x10/0x10 [ 241.129364][T11483] ? __pfx__printk+0x10/0x10 [ 241.129399][T11483] should_fail_ex+0x414/0x560 [ 241.129431][T11483] _copy_to_user+0x31/0xb0 [ 241.129454][T11483] simple_read_from_buffer+0xe1/0x170 [ 241.129489][T11483] proc_fail_nth_read+0x1df/0x250 [ 241.129514][T11483] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 241.129538][T11483] ? rw_verify_area+0x258/0x650 [ 241.129563][T11483] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 241.129585][T11483] vfs_read+0x200/0x980 [ 241.129617][T11483] ? __pfx___mutex_lock+0x10/0x10 [ 241.129646][T11483] ? __pfx_vfs_read+0x10/0x10 [ 241.129673][T11483] ? __fget_files+0x2a/0x420 [ 241.129709][T11483] ? __fget_files+0x3a0/0x420 [ 241.129738][T11483] ? __fget_files+0x2a/0x420 [ 241.129778][T11483] ksys_read+0x145/0x250 [ 241.129807][T11483] ? __pfx_ksys_read+0x10/0x10 [ 241.129831][T11483] ? rcu_is_watching+0x15/0xb0 [ 241.129866][T11483] ? do_syscall_64+0xbe/0x3b0 [ 241.129897][T11483] do_syscall_64+0xfa/0x3b0 [ 241.129921][T11483] ? lockdep_hardirqs_on+0x9c/0x150 [ 241.129945][T11483] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 241.129966][T11483] ? clear_bhb_loop+0x60/0xb0 [ 241.129991][T11483] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 241.130010][T11483] RIP: 0033:0x7fc25b78d37c [ 241.130029][T11483] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 241.130046][T11483] RSP: 002b:00007fc25c53d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 241.130068][T11483] RAX: ffffffffffffffda RBX: 00007fc25b9b5fa0 RCX: 00007fc25b78d37c [ 241.130084][T11483] RDX: 000000000000000f RSI: 00007fc25c53d0a0 RDI: 0000000000000004 [ 241.130097][T11483] RBP: 00007fc25c53d090 R08: 0000000000000000 R09: 0000000000000000 [ 241.130110][T11483] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 241.130122][T11483] R13: 0000000000000000 R14: 00007fc25b9b5fa0 R15: 00007ffd9a9fdb28 [ 241.130154][T11483] [ 241.964329][T11509] FAULT_INJECTION: forcing a failure. [ 241.964329][T11509] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 242.024249][T11509] CPU: 0 UID: 0 PID: 11509 Comm: syz.1.2382 Not tainted 6.15.0-syzkaller-07809-g408da3a0f89d #0 PREEMPT(full) [ 242.024280][T11509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 242.024293][T11509] Call Trace: [ 242.024300][T11509] [ 242.024309][T11509] dump_stack_lvl+0x189/0x250 [ 242.024345][T11509] ? __pfx____ratelimit+0x10/0x10 [ 242.024369][T11509] ? __pfx_dump_stack_lvl+0x10/0x10 [ 242.024401][T11509] ? __pfx__printk+0x10/0x10 [ 242.024434][T11509] should_fail_ex+0x414/0x560 [ 242.024464][T11509] _copy_to_user+0x31/0xb0 [ 242.024493][T11509] simple_read_from_buffer+0xe1/0x170 [ 242.024526][T11509] proc_fail_nth_read+0x1df/0x250 [ 242.024549][T11509] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 242.024571][T11509] ? rw_verify_area+0x258/0x650 [ 242.024596][T11509] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 242.024617][T11509] vfs_read+0x200/0x980 [ 242.024646][T11509] ? __pfx___mutex_lock+0x10/0x10 [ 242.024672][T11509] ? __pfx_vfs_read+0x10/0x10 [ 242.024698][T11509] ? __fget_files+0x2a/0x420 [ 242.024732][T11509] ? __fget_files+0x3a0/0x420 [ 242.024759][T11509] ? __fget_files+0x2a/0x420 [ 242.024798][T11509] ksys_read+0x145/0x250 [ 242.024825][T11509] ? __pfx_ksys_read+0x10/0x10 [ 242.024865][T11509] ? rcu_is_watching+0x15/0xb0 [ 242.024918][T11509] ? do_syscall_64+0xbe/0x3b0 [ 242.024950][T11509] do_syscall_64+0xfa/0x3b0 [ 242.024979][T11509] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 242.024999][T11509] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 242.025021][T11509] ? clear_bhb_loop+0x60/0xb0 [ 242.025047][T11509] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 242.025068][T11509] RIP: 0033:0x7f7000f8d37c [ 242.025087][T11509] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 242.025106][T11509] RSP: 002b:00007f7001e13030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 242.025130][T11509] RAX: ffffffffffffffda RBX: 00007f70011b5fa0 RCX: 00007f7000f8d37c [ 242.025146][T11509] RDX: 000000000000000f RSI: 00007f7001e130a0 RDI: 0000000000000004 [ 242.025160][T11509] RBP: 00007f7001e13090 R08: 0000000000000000 R09: 0000000000000000 [ 242.025174][T11509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 242.025187][T11509] R13: 0000000000000000 R14: 00007f70011b5fa0 R15: 00007ffff5f943b8 [ 242.025219][T11509] [ 242.335960][T11520] Illegal XDP return value 4294967274 on prog (id 468) dev N/A, expect packet loss! [ 242.436526][T11523] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2388'. [ 242.890074][T11542] vlan3: entered promiscuous mode [ 242.934578][T11542] bond0: entered promiscuous mode [ 243.494564][T11562] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2403'. [ 243.800248][T11574] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2407'. [ 243.960799][T11578] ICMPv6: NA: 00:00:00:00:00:00 advertised our address fe80::aa on syz_tun! [ 244.014942][T11578] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2409'. [ 244.288830][T11587] FAULT_INJECTION: forcing a failure. [ 244.288830][T11587] name failslab, interval 1, probability 0, space 0, times 0 [ 244.324829][T11587] CPU: 1 UID: 0 PID: 11587 Comm: syz.4.2414 Not tainted 6.15.0-syzkaller-07809-g408da3a0f89d #0 PREEMPT(full) [ 244.324862][T11587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 244.324887][T11587] Call Trace: [ 244.324895][T11587] [ 244.324904][T11587] dump_stack_lvl+0x189/0x250 [ 244.324959][T11587] ? __pfx____ratelimit+0x10/0x10 [ 244.324986][T11587] ? __pfx_dump_stack_lvl+0x10/0x10 [ 244.325018][T11587] ? __pfx__printk+0x10/0x10 [ 244.325048][T11587] ? __pfx___might_resched+0x10/0x10 [ 244.325077][T11587] ? fs_reclaim_acquire+0x7d/0x100 [ 244.325104][T11587] should_fail_ex+0x414/0x560 [ 244.325136][T11587] ? page_pool_create_percpu+0x32a/0xbe0 [ 244.325159][T11587] should_failslab+0xa8/0x100 [ 244.325192][T11587] __kvmalloc_node_noprof+0x168/0x600 [ 244.325225][T11587] ? page_pool_create_percpu+0x32a/0xbe0 [ 244.325254][T11587] page_pool_create_percpu+0x32a/0xbe0 [ 244.325295][T11587] __veth_napi_enable_range+0x16c/0x6f0 [ 244.325338][T11587] ? __pfx___veth_napi_enable_range+0x10/0x10 [ 244.325386][T11587] ? netif_napi_set_irq_locked+0x20b/0x720 [ 244.325420][T11587] veth_napi_enable_range+0xff/0x200 [ 244.325460][T11587] veth_set_features+0x1c8/0x2a0 [ 244.325492][T11587] __netdev_update_features+0xa43/0x1a20 [ 244.325534][T11587] ? __pfx___netdev_update_features+0x10/0x10 [ 244.325558][T11587] ? __lock_acquire+0xab9/0xd20 [ 244.325596][T11587] ? __might_fault+0xb0/0x130 [ 244.325651][T11587] ethtool_set_one_feature+0x2b4/0x300 [ 244.325680][T11587] ? __pfx_ethtool_set_one_feature+0x10/0x10 [ 244.325707][T11587] ? bpf_lsm_capable+0x9/0x20 [ 244.325737][T11587] ? security_capable+0x7e/0x2e0 [ 244.325771][T11587] dev_ethtool+0x1077/0x1990 [ 244.325808][T11587] ? __pfx_dev_ethtool+0x10/0x10 [ 244.325850][T11587] ? dev_load+0x21/0x1f0 [ 244.325880][T11587] dev_ioctl+0x392/0x1150 [ 244.325912][T11587] sock_do_ioctl+0x22c/0x300 [ 244.325941][T11587] ? __pfx_sock_do_ioctl+0x10/0x10 [ 244.325964][T11587] ? __lock_acquire+0xab9/0xd20 [ 244.326008][T11587] sock_ioctl+0x576/0x790 [ 244.326035][T11587] ? __pfx_sock_ioctl+0x10/0x10 [ 244.326060][T11587] ? __fget_files+0x2a/0x420 [ 244.326090][T11587] ? __fget_files+0x3a0/0x420 [ 244.326130][T11587] ? __fget_files+0x2a/0x420 [ 244.326162][T11587] ? bpf_lsm_file_ioctl+0x9/0x20 [ 244.326188][T11587] ? __pfx_sock_ioctl+0x10/0x10 [ 244.326210][T11587] __se_sys_ioctl+0xf9/0x170 [ 244.326238][T11587] do_syscall_64+0xfa/0x3b0 [ 244.326261][T11587] ? lockdep_hardirqs_on+0x9c/0x150 [ 244.326292][T11587] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 244.326311][T11587] ? clear_bhb_loop+0x60/0xb0 [ 244.326335][T11587] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 244.326354][T11587] RIP: 0033:0x7fb43d98e969 [ 244.326370][T11587] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 244.326387][T11587] RSP: 002b:00007fb43e7b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 244.326410][T11587] RAX: ffffffffffffffda RBX: 00007fb43dbb5fa0 RCX: 00007fb43d98e969 [ 244.326424][T11587] RDX: 00002000000002c0 RSI: 0000000000008946 RDI: 0000000000000003 [ 244.326436][T11587] RBP: 00007fb43e7b7090 R08: 0000000000000000 R09: 0000000000000000 [ 244.326448][T11587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 244.326460][T11587] R13: 0000000000000000 R14: 00007fb43dbb5fa0 R15: 00007ffcf4915218 [ 244.326491][T11587] [ 244.427308][T11574] infiniband syz0: set down [ 244.438061][T11587] page_pool_create_percpu() gave up with errno -12 [ 244.449706][T11574] infiniband syz0: added bond_slave_1 [ 244.531073][ T5840] Bluetooth: hci0: command 0x0406 tx timeout [ 244.564815][T11587] veth0_to_team: set_features() failed (-12); wanted 0x0000612e4fdd49e9, left 0x0000612e4fdd09e9 [ 244.611530][T11574] RDS/IB: syz0: added [ 244.612373][T11574] smc: adding ib device syz0 with port count 1 [ 244.756596][T11574] smc: ib device syz0 port 1 has pnetid [ 244.793422][T11598] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2415'. [ 245.001507][T11602] nft_compat: unsupported protocol 0 [ 245.932216][T11630] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2429'. [ 246.257566][T11630] openvswitch: netlink: Port 10289156 exceeds max allowable 65535 [ 246.587500][ T5840] Bluetooth: hci0: command 0x0406 tx timeout [ 248.237083][T11708] trusted_key: syz.2.2453 sent an empty control message without MSG_MORE. [ 248.595757][T11723] FAULT_INJECTION: forcing a failure. [ 248.595757][T11723] name failslab, interval 1, probability 0, space 0, times 0 [ 248.704168][T11723] CPU: 0 UID: 0 PID: 11723 Comm: syz.0.2458 Not tainted 6.15.0-syzkaller-07809-g408da3a0f89d #0 PREEMPT(full) [ 248.704233][T11723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 248.704248][T11723] Call Trace: [ 248.704256][T11723] [ 248.704265][T11723] dump_stack_lvl+0x189/0x250 [ 248.704305][T11723] ? __pfx____ratelimit+0x10/0x10 [ 248.704332][T11723] ? __pfx_dump_stack_lvl+0x10/0x10 [ 248.704366][T11723] ? __pfx__printk+0x10/0x10 [ 248.704392][T11723] ? irqentry_exit+0x74/0x90 [ 248.704430][T11723] should_fail_ex+0x414/0x560 [ 248.704462][T11723] should_failslab+0xa8/0x100 [ 248.704497][T11723] kmem_cache_alloc_noprof+0x73/0x3c0 [ 248.704527][T11723] ? skb_clone+0x212/0x3a0 [ 248.704556][T11723] skb_clone+0x212/0x3a0 [ 248.704584][T11723] __netlink_deliver_tap+0x404/0x850 [ 248.704632][T11723] ? netlink_deliver_tap+0x2e/0x1b0 [ 248.704667][T11723] netlink_deliver_tap+0x19c/0x1b0 [ 248.704702][T11723] netlink_sendskb+0x68/0x140 [ 248.704735][T11723] netlink_rcv_skb+0x28c/0x470 [ 248.704776][T11723] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 248.704810][T11723] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 248.704858][T11723] ? netlink_deliver_tap+0x2e/0x1b0 [ 248.704891][T11723] ? netlink_deliver_tap+0x2e/0x1b0 [ 248.704929][T11723] netlink_unicast+0x758/0x8d0 [ 248.704973][T11723] netlink_sendmsg+0x805/0xb30 [ 248.705004][T11723] ? __pfx_netlink_sendmsg+0x10/0x10 [ 248.705028][T11723] ? aa_sock_msg_perm+0x94/0x160 [ 248.705058][T11723] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 248.705083][T11723] ? __pfx_netlink_sendmsg+0x10/0x10 [ 248.705104][T11723] __sock_sendmsg+0x21c/0x270 [ 248.705136][T11723] ____sys_sendmsg+0x505/0x830 [ 248.705164][T11723] ? __pfx_____sys_sendmsg+0x10/0x10 [ 248.705197][T11723] ? import_iovec+0x74/0xa0 [ 248.705223][T11723] ___sys_sendmsg+0x21f/0x2a0 [ 248.705247][T11723] ? __pfx____sys_sendmsg+0x10/0x10 [ 248.705273][T11723] ? irqentry_exit+0x74/0x90 [ 248.705298][T11723] ? lockdep_hardirqs_on+0x9c/0x150 [ 248.705355][T11723] ? __fget_files+0x2a/0x420 [ 248.705397][T11723] ? __fget_files+0x3a0/0x420 [ 248.705440][T11723] __x64_sys_sendmsg+0x19b/0x260 [ 248.705464][T11723] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 248.705495][T11723] ? __pfx_ksys_write+0x10/0x10 [ 248.705531][T11723] ? rcu_is_watching+0x15/0xb0 [ 248.705563][T11723] ? do_syscall_64+0xbe/0x3b0 [ 248.705591][T11723] do_syscall_64+0xfa/0x3b0 [ 248.705614][T11723] ? lockdep_hardirqs_on+0x9c/0x150 [ 248.705635][T11723] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 248.705655][T11723] ? clear_bhb_loop+0x60/0xb0 [ 248.705679][T11723] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 248.705696][T11723] RIP: 0033:0x7f2f9e18e969 [ 248.705714][T11723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 248.705732][T11723] RSP: 002b:00007f2f9f010038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 248.705759][T11723] RAX: ffffffffffffffda RBX: 00007f2f9e3b5fa0 RCX: 00007f2f9e18e969 [ 248.705774][T11723] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000004 [ 248.705786][T11723] RBP: 00007f2f9f010090 R08: 0000000000000000 R09: 0000000000000000 [ 248.705798][T11723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 248.705809][T11723] R13: 0000000000000000 R14: 00007f2f9e3b5fa0 R15: 00007ffce9609d58 [ 248.705839][T11723] [ 249.635752][T11747] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2467'. [ 249.731403][T11752] FAULT_INJECTION: forcing a failure. [ 249.731403][T11752] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 249.793058][T11752] CPU: 0 UID: 0 PID: 11752 Comm: syz.2.2468 Not tainted 6.15.0-syzkaller-07809-g408da3a0f89d #0 PREEMPT(full) [ 249.793094][T11752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 249.793106][T11752] Call Trace: [ 249.793114][T11752] [ 249.793122][T11752] dump_stack_lvl+0x189/0x250 [ 249.793161][T11752] ? __pfx____ratelimit+0x10/0x10 [ 249.793186][T11752] ? __pfx_dump_stack_lvl+0x10/0x10 [ 249.793219][T11752] ? __pfx__printk+0x10/0x10 [ 249.793254][T11752] should_fail_ex+0x414/0x560 [ 249.793297][T11752] _copy_to_user+0x31/0xb0 [ 249.793319][T11752] simple_read_from_buffer+0xe1/0x170 [ 249.793353][T11752] proc_fail_nth_read+0x1df/0x250 [ 249.793375][T11752] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 249.793398][T11752] ? rw_verify_area+0x258/0x650 [ 249.793422][T11752] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 249.793442][T11752] vfs_read+0x200/0x980 [ 249.793471][T11752] ? __pfx___mutex_lock+0x10/0x10 [ 249.793497][T11752] ? __pfx_vfs_read+0x10/0x10 [ 249.793523][T11752] ? __fget_files+0x2a/0x420 [ 249.793556][T11752] ? __fget_files+0x3a0/0x420 [ 249.793583][T11752] ? __fget_files+0x2a/0x420 [ 249.793621][T11752] ksys_read+0x145/0x250 [ 249.793657][T11752] ? __pfx_ksys_read+0x10/0x10 [ 249.793678][T11752] ? rcu_is_watching+0x15/0xb0 [ 249.793712][T11752] ? do_syscall_64+0xbe/0x3b0 [ 249.793740][T11752] do_syscall_64+0xfa/0x3b0 [ 249.793762][T11752] ? lockdep_hardirqs_on+0x9c/0x150 [ 249.793785][T11752] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 249.793804][T11752] ? clear_bhb_loop+0x60/0xb0 [ 249.793827][T11752] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 249.793845][T11752] RIP: 0033:0x7f522bb8d37c [ 249.793862][T11752] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 249.793879][T11752] RSP: 002b:00007f522c98a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 249.793899][T11752] RAX: ffffffffffffffda RBX: 00007f522bdb5fa0 RCX: 00007f522bb8d37c [ 249.793913][T11752] RDX: 000000000000000f RSI: 00007f522c98a0a0 RDI: 0000000000000005 [ 249.793925][T11752] RBP: 00007f522c98a090 R08: 0000000000000000 R09: 0000000000000000 [ 249.793937][T11752] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 249.793948][T11752] R13: 0000000000000000 R14: 00007f522bdb5fa0 R15: 00007ffd54adfe28 [ 249.793977][T11752] [ 250.477253][T11771] FAULT_INJECTION: forcing a failure. [ 250.477253][T11771] name failslab, interval 1, probability 0, space 0, times 0 [ 250.513028][T11775] netlink: 84 bytes leftover after parsing attributes in process `syz.0.2480'. [ 250.524681][T11771] CPU: 1 UID: 0 PID: 11771 Comm: syz.2.2478 Not tainted 6.15.0-syzkaller-07809-g408da3a0f89d #0 PREEMPT(full) [ 250.524710][T11771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 250.524725][T11771] Call Trace: [ 250.524734][T11771] [ 250.524742][T11771] dump_stack_lvl+0x189/0x250 [ 250.524778][T11771] ? __pfx____ratelimit+0x10/0x10 [ 250.524803][T11771] ? __pfx_dump_stack_lvl+0x10/0x10 [ 250.524833][T11771] ? __pfx__printk+0x10/0x10 [ 250.524864][T11771] ? __pfx___might_resched+0x10/0x10 [ 250.524893][T11771] ? fs_reclaim_acquire+0x7d/0x100 [ 250.524918][T11771] should_fail_ex+0x414/0x560 [ 250.524950][T11771] should_failslab+0xa8/0x100 [ 250.524981][T11771] __kmalloc_cache_noprof+0x70/0x3d0 [ 250.525010][T11771] ? alloc_netdev_mqs+0xbd5/0x11e0 [ 250.525032][T11771] ? __xdp_rxq_info_reg+0x189/0x2a0 [ 250.525068][T11771] alloc_netdev_mqs+0xbd5/0x11e0 [ 250.525099][T11771] rtnl_create_link+0x31f/0xd10 [ 250.525129][T11771] rtnl_newlink_create+0x25c/0xb00 [ 250.525167][T11771] ? __pfx_aa_get_newest_label+0x10/0x10 [ 250.525197][T11771] ? __pfx_rtnl_newlink_create+0x10/0x10 [ 250.525225][T11771] ? rtnl_newlink+0x8db/0x1c70 [ 250.525256][T11771] ? __pfx___mutex_lock+0x10/0x10 [ 250.525292][T11771] ? ns_capable+0x8a/0xf0 [ 250.525324][T11771] rtnl_newlink+0x16d6/0x1c70 [ 250.525354][T11771] ? netlink_sendmsg+0x805/0xb30 [ 250.525385][T11771] ? __pfx_rtnl_newlink+0x10/0x10 [ 250.525437][T11771] ? kasan_quarantine_put+0xdd/0x220 [ 250.525462][T11771] ? lockdep_hardirqs_on+0x9c/0x150 [ 250.525502][T11771] ? __pfx_do_softirq+0x10/0x10 [ 250.525536][T11771] ? __local_bh_enable_ip+0x12d/0x1c0 [ 250.525562][T11771] ? lockdep_hardirqs_on+0x9c/0x150 [ 250.525584][T11771] ? __local_bh_enable_ip+0x12d/0x1c0 [ 250.525609][T11771] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 250.525639][T11771] ? __dev_queue_xmit+0x27e/0x3a70 [ 250.525672][T11771] ? __lock_acquire+0xab9/0xd20 [ 250.525720][T11771] ? __pfx_rtnl_newlink+0x10/0x10 [ 250.525745][T11771] rtnetlink_rcv_msg+0x7cf/0xb70 [ 250.525773][T11771] ? rtnetlink_rcv_msg+0x1ab/0xb70 [ 250.525798][T11771] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 250.525821][T11771] ? ref_tracker_free+0x63a/0x7d0 [ 250.525850][T11771] ? __copy_skb_header+0xa7/0x550 [ 250.525872][T11771] ? __pfx_ref_tracker_free+0x10/0x10 [ 250.525895][T11771] ? __skb_clone+0x63/0x7a0 [ 250.525922][T11771] netlink_rcv_skb+0x205/0x470 [ 250.525950][T11771] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 250.525978][T11771] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 250.526019][T11771] ? netlink_deliver_tap+0x2e/0x1b0 [ 250.526046][T11771] ? netlink_deliver_tap+0x2e/0x1b0 [ 250.526079][T11771] netlink_unicast+0x758/0x8d0 [ 250.526115][T11771] netlink_sendmsg+0x805/0xb30 [ 250.526142][T11771] ? __pfx_netlink_sendmsg+0x10/0x10 [ 250.526162][T11771] ? aa_sock_msg_perm+0x94/0x160 [ 250.526187][T11771] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 250.526207][T11771] ? __pfx_netlink_sendmsg+0x10/0x10 [ 250.526225][T11771] __sock_sendmsg+0x21c/0x270 [ 250.526252][T11771] ____sys_sendmsg+0x505/0x830 [ 250.526275][T11771] ? __pfx_____sys_sendmsg+0x10/0x10 [ 250.526303][T11771] ? import_iovec+0x74/0xa0 [ 250.526325][T11771] ___sys_sendmsg+0x21f/0x2a0 [ 250.526346][T11771] ? __pfx____sys_sendmsg+0x10/0x10 [ 250.526400][T11771] ? __fget_files+0x2a/0x420 [ 250.526427][T11771] ? __fget_files+0x3a0/0x420 [ 250.526487][T11771] __x64_sys_sendmsg+0x19b/0x260 [ 250.526510][T11771] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 250.526540][T11771] ? __pfx_ksys_write+0x10/0x10 [ 250.526562][T11771] ? rcu_is_watching+0x15/0xb0 [ 250.526597][T11771] ? do_syscall_64+0xbe/0x3b0 [ 250.526626][T11771] do_syscall_64+0xfa/0x3b0 [ 250.526649][T11771] ? lockdep_hardirqs_on+0x9c/0x150 [ 250.526671][T11771] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 250.526690][T11771] ? clear_bhb_loop+0x60/0xb0 [ 250.526714][T11771] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 250.526733][T11771] RIP: 0033:0x7f522bb8e969 [ 250.526751][T11771] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 250.526769][T11771] RSP: 002b:00007f522c98a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 250.526789][T11771] RAX: ffffffffffffffda RBX: 00007f522bdb5fa0 RCX: 00007f522bb8e969 [ 250.526803][T11771] RDX: 0000000000048094 RSI: 0000200000000100 RDI: 0000000000000004 [ 250.526815][T11771] RBP: 00007f522c98a090 R08: 0000000000000000 R09: 0000000000000000 [ 250.526828][T11771] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 250.526845][T11771] R13: 0000000000000000 R14: 00007f522bdb5fa0 R15: 00007ffd54adfe28 [ 250.526877][T11771] [ 251.020319][T11777] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2481'. [ 251.321836][T11788] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2486'. [ 251.415154][T11788] netlink: 'syz.2.2486': attribute type 2 has an invalid length. [ 251.670922][T11802] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2494'. [ 251.745048][T11808] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2493'. [ 251.812604][T11809] bond3: entered promiscuous mode [ 251.830410][T11811] sock: sock_set_timeout: `syz.4.2496' (pid 11811) tries to set negative timeout [ 251.896314][T11817] FAULT_INJECTION: forcing a failure. [ 251.896314][T11817] name failslab, interval 1, probability 0, space 0, times 0 [ 251.911964][T11817] CPU: 0 UID: 0 PID: 11817 Comm: syz.2.2498 Not tainted 6.15.0-syzkaller-07809-g408da3a0f89d #0 PREEMPT(full) [ 251.911994][T11817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 251.912009][T11817] Call Trace: [ 251.912016][T11817] [ 251.912025][T11817] dump_stack_lvl+0x189/0x250 [ 251.912061][T11817] ? __pfx____ratelimit+0x10/0x10 [ 251.912086][T11817] ? __pfx_dump_stack_lvl+0x10/0x10 [ 251.912134][T11817] ? __pfx__printk+0x10/0x10 [ 251.912163][T11817] ? __pfx___might_resched+0x10/0x10 [ 251.912193][T11817] ? fs_reclaim_acquire+0x7d/0x100 [ 251.912220][T11817] should_fail_ex+0x414/0x560 [ 251.912251][T11817] should_failslab+0xa8/0x100 [ 251.912285][T11817] __kmalloc_noprof+0xcb/0x4f0 [ 251.912313][T11817] ? nft_set_elem_expr_alloc+0x16f/0x590 [ 251.912347][T11817] nft_set_elem_expr_alloc+0x16f/0x590 [ 251.912379][T11817] ? __pfx_nft_set_elem_expr_alloc+0x10/0x10 [ 251.912430][T11817] ? nft_pernet+0x23/0x240 [ 251.912461][T11817] nft_set_expr_alloc+0x68/0x760 [ 251.912497][T11817] nf_tables_newset+0xed8/0x2530 [ 251.912534][T11817] ? __pfx_nf_tables_newset+0x10/0x10 [ 251.912581][T11817] ? __nla_parse+0x40/0x60 [ 251.912616][T11817] nfnetlink_rcv+0x112f/0x2520 [ 251.912675][T11817] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 251.912720][T11817] ? ref_tracker_free+0x63a/0x7d0 [ 251.912790][T11817] ? __netlink_deliver_tap+0x807/0x850 [ 251.912834][T11817] ? netlink_deliver_tap+0x2e/0x1b0 [ 251.912864][T11817] ? netlink_deliver_tap+0x2e/0x1b0 [ 251.912900][T11817] netlink_unicast+0x758/0x8d0 [ 251.912940][T11817] netlink_sendmsg+0x805/0xb30 [ 251.912969][T11817] ? __pfx_netlink_sendmsg+0x10/0x10 [ 251.912991][T11817] ? aa_sock_msg_perm+0x94/0x160 [ 251.913020][T11817] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 251.913043][T11817] ? __pfx_netlink_sendmsg+0x10/0x10 [ 251.913064][T11817] __sock_sendmsg+0x21c/0x270 [ 251.913093][T11817] ____sys_sendmsg+0x505/0x830 [ 251.913121][T11817] ? __pfx_____sys_sendmsg+0x10/0x10 [ 251.913150][T11817] ? import_iovec+0x74/0xa0 [ 251.913175][T11817] ___sys_sendmsg+0x21f/0x2a0 [ 251.913199][T11817] ? __pfx____sys_sendmsg+0x10/0x10 [ 251.913259][T11817] ? __fget_files+0x2a/0x420 [ 251.913290][T11817] ? __fget_files+0x3a0/0x420 [ 251.913334][T11817] __x64_sys_sendmsg+0x19b/0x260 [ 251.913357][T11817] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 251.913389][T11817] ? __pfx_ksys_write+0x10/0x10 [ 251.913414][T11817] ? rcu_is_watching+0x15/0xb0 [ 251.913459][T11817] ? do_syscall_64+0xbe/0x3b0 [ 251.913488][T11817] do_syscall_64+0xfa/0x3b0 [ 251.913513][T11817] ? lockdep_hardirqs_on+0x9c/0x150 [ 251.913535][T11817] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 251.913554][T11817] ? clear_bhb_loop+0x60/0xb0 [ 251.913579][T11817] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 251.913598][T11817] RIP: 0033:0x7f522bb8e969 [ 251.913615][T11817] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 251.913633][T11817] RSP: 002b:00007f522c98a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 251.913655][T11817] RAX: ffffffffffffffda RBX: 00007f522bdb5fa0 RCX: 00007f522bb8e969 [ 251.913670][T11817] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003 [ 251.913682][T11817] RBP: 00007f522c98a090 R08: 0000000000000000 R09: 0000000000000000 [ 251.913694][T11817] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 251.913706][T11817] R13: 0000000000000000 R14: 00007f522bdb5fa0 R15: 00007ffd54adfe28 [ 251.913744][T11817] [ 252.279246][T11802] veth7: entered promiscuous mode [ 252.289986][T11802] bond3: (slave veth7): Enslaving as an active interface with an up link [ 252.304405][T11800] bond3: left promiscuous mode [ 252.326929][T11818] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2496'. [ 252.351058][T11821] FAULT_INJECTION: forcing a failure. [ 252.351058][T11821] name failslab, interval 1, probability 0, space 0, times 0 [ 252.397933][T11821] CPU: 0 UID: 0 PID: 11821 Comm: syz.1.2499 Not tainted 6.15.0-syzkaller-07809-g408da3a0f89d #0 PREEMPT(full) [ 252.397967][T11821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 252.397979][T11821] Call Trace: [ 252.397986][T11821] [ 252.397995][T11821] dump_stack_lvl+0x189/0x250 [ 252.398040][T11821] ? __pfx____ratelimit+0x10/0x10 [ 252.398063][T11821] ? __pfx_dump_stack_lvl+0x10/0x10 [ 252.398091][T11821] ? __pfx__printk+0x10/0x10 [ 252.398115][T11821] ? __pfx___might_resched+0x10/0x10 [ 252.398142][T11821] ? fs_reclaim_acquire+0x7d/0x100 [ 252.398166][T11821] should_fail_ex+0x414/0x560 [ 252.398194][T11821] should_failslab+0xa8/0x100 [ 252.398224][T11821] kmem_cache_alloc_noprof+0x73/0x3c0 [ 252.398248][T11821] ? __kernfs_new_node+0xd7/0x7f0 [ 252.398273][T11821] __kernfs_new_node+0xd7/0x7f0 [ 252.398291][T11821] ? __lock_acquire+0xab9/0xd20 [ 252.398322][T11821] ? __pfx___kernfs_new_node+0x10/0x10 [ 252.398341][T11821] ? kernfs_root+0x1c/0x230 [ 252.398365][T11821] ? kernfs_root+0x1c/0x230 [ 252.398382][T11821] ? kernfs_root+0x1c/0x230 [ 252.398397][T11821] ? kernfs_root+0x1c/0x230 [ 252.398419][T11821] kernfs_new_node+0x102/0x210 [ 252.398443][T11821] __kernfs_create_file+0x4b/0x2e0 [ 252.398473][T11821] sysfs_add_file_mode_ns+0x238/0x300 [ 252.398507][T11821] internal_create_group+0x66d/0x1110 [ 252.398554][T11821] ? kobject_init_and_add+0x125/0x190 [ 252.398579][T11821] ? net_rx_queue_update_kobjects+0x1a6/0x720 [ 252.398599][T11821] ? veth_set_channels+0x3af/0xa60 [ 252.398628][T11821] ? ethtool_set_channels+0x4d5/0x570 [ 252.398654][T11821] ? __pfx_internal_create_group+0x10/0x10 [ 252.398687][T11821] sysfs_create_groups+0x59/0x120 [ 252.398716][T11821] net_rx_queue_update_kobjects+0x283/0x720 [ 252.398752][T11821] netif_set_real_num_rx_queues+0x244/0x3b0 [ 252.398776][T11821] veth_set_channels+0x3af/0xa60 [ 252.398820][T11821] ethtool_set_channels+0x4d5/0x570 [ 252.398850][T11821] ? __pfx_ethtool_set_channels+0x10/0x10 [ 252.398889][T11821] ? bpf_lsm_capable+0x9/0x20 [ 252.398917][T11821] ? security_capable+0x7e/0x2e0 [ 252.398950][T11821] dev_ethtool+0x182d/0x1990 [ 252.398985][T11821] ? __pfx_dev_ethtool+0x10/0x10 [ 252.399022][T11821] ? dev_load+0x21/0x1f0 [ 252.399051][T11821] dev_ioctl+0x392/0x1150 [ 252.399082][T11821] sock_do_ioctl+0x22c/0x300 [ 252.399108][T11821] ? __pfx_sock_do_ioctl+0x10/0x10 [ 252.399130][T11821] ? __lock_acquire+0xab9/0xd20 [ 252.399171][T11821] sock_ioctl+0x576/0x790 [ 252.399197][T11821] ? __pfx_sock_ioctl+0x10/0x10 [ 252.399220][T11821] ? __fget_files+0x2a/0x420 [ 252.399248][T11821] ? __fget_files+0x3a0/0x420 [ 252.399276][T11821] ? __fget_files+0x2a/0x420 [ 252.399309][T11821] ? bpf_lsm_file_ioctl+0x9/0x20 [ 252.399335][T11821] ? __pfx_sock_ioctl+0x10/0x10 [ 252.399357][T11821] __se_sys_ioctl+0xf9/0x170 [ 252.399383][T11821] do_syscall_64+0xfa/0x3b0 [ 252.399407][T11821] ? lockdep_hardirqs_on+0x9c/0x150 [ 252.399429][T11821] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 252.399448][T11821] ? clear_bhb_loop+0x60/0xb0 [ 252.399473][T11821] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 252.399491][T11821] RIP: 0033:0x7f7000f8e969 [ 252.399509][T11821] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 252.399526][T11821] RSP: 002b:00007f7001e13038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 252.399547][T11821] RAX: ffffffffffffffda RBX: 00007f70011b5fa0 RCX: 00007f7000f8e969 [ 252.399561][T11821] RDX: 0000200000000140 RSI: 0000000000008946 RDI: 0000000000000003 [ 252.399574][T11821] RBP: 00007f7001e13090 R08: 0000000000000000 R09: 0000000000000000 [ 252.399586][T11821] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 252.399598][T11821] R13: 0000000000000000 R14: 00007f70011b5fa0 R15: 00007ffff5f943b8 [ 252.399627][T11821] [ 253.317254][T11850] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2509'. [ 253.570211][T11855] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2511'. [ 253.804565][T11866] ieee802154 phy0 wpan0: encryption failed: -90 [ 254.103492][T11875] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2520'. [ 254.414921][T11889] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 254.675633][T11900] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 254.683788][T11900] IPv6: NLM_F_CREATE should be set when creating new route [ 254.910706][T11909] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2533'. [ 255.007862][T11912] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2537'. [ 255.705188][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.712283][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.058888][T11948] __nla_validate_parse: 2 callbacks suppressed [ 256.058930][T11948] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2554'. [ 256.455057][T11967] netlink: 52 bytes leftover after parsing attributes in process `syz.3.2558'. [ 256.476997][T11967] netlink: 52 bytes leftover after parsing attributes in process `syz.3.2558'. [ 256.496091][T11970] FAULT_INJECTION: forcing a failure. [ 256.496091][T11970] name failslab, interval 1, probability 0, space 0, times 0 [ 256.518265][T11967] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 256.564873][T11970] CPU: 0 UID: 0 PID: 11970 Comm: syz.0.2561 Not tainted 6.15.0-syzkaller-07809-g408da3a0f89d #0 PREEMPT(full) [ 256.564905][T11970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 256.564923][T11970] Call Trace: [ 256.564931][T11970] [ 256.564940][T11970] dump_stack_lvl+0x189/0x250 [ 256.564977][T11970] ? __pfx____ratelimit+0x10/0x10 [ 256.565004][T11970] ? __pfx_dump_stack_lvl+0x10/0x10 [ 256.565046][T11970] ? __pfx__printk+0x10/0x10 [ 256.565073][T11970] ? __pfx___might_resched+0x10/0x10 [ 256.565101][T11970] ? fs_reclaim_acquire+0x7d/0x100 [ 256.565126][T11970] should_fail_ex+0x414/0x560 [ 256.565157][T11970] should_failslab+0xa8/0x100 [ 256.565198][T11970] __kmalloc_cache_noprof+0x70/0x3d0 [ 256.565225][T11970] ? nf_tables_newflowtable+0x90e/0x20d0 [ 256.565253][T11970] nf_tables_newflowtable+0x90e/0x20d0 [ 256.565286][T11970] ? __lock_acquire+0xa11/0xd20 [ 256.565314][T11970] ? __pfx_nf_tables_newflowtable+0x10/0x10 [ 256.565357][T11970] ? __nla_parse+0x40/0x60 [ 256.565390][T11970] nfnetlink_rcv+0x112f/0x2520 [ 256.565446][T11970] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 256.565486][T11970] ? ref_tracker_free+0x63a/0x7d0 [ 256.565543][T11970] ? __netlink_deliver_tap+0x807/0x850 [ 256.565584][T11970] ? netlink_deliver_tap+0x2e/0x1b0 [ 256.565613][T11970] ? netlink_deliver_tap+0x2e/0x1b0 [ 256.565648][T11970] netlink_unicast+0x758/0x8d0 [ 256.565687][T11970] netlink_sendmsg+0x805/0xb30 [ 256.565715][T11970] ? __pfx_netlink_sendmsg+0x10/0x10 [ 256.565737][T11970] ? aa_sock_msg_perm+0x94/0x160 [ 256.565764][T11970] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 256.565787][T11970] ? __pfx_netlink_sendmsg+0x10/0x10 [ 256.565806][T11970] __sock_sendmsg+0x21c/0x270 [ 256.565856][T11970] ____sys_sendmsg+0x505/0x830 [ 256.565884][T11970] ? __pfx_____sys_sendmsg+0x10/0x10 [ 256.565915][T11970] ? import_iovec+0x74/0xa0 [ 256.565940][T11970] ___sys_sendmsg+0x21f/0x2a0 [ 256.565965][T11970] ? __pfx____sys_sendmsg+0x10/0x10 [ 256.566025][T11970] ? __fget_files+0x2a/0x420 [ 256.566057][T11970] ? __fget_files+0x3a0/0x420 [ 256.566099][T11970] __x64_sys_sendmsg+0x19b/0x260 [ 256.566124][T11970] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 256.566157][T11970] ? __pfx_ksys_write+0x10/0x10 [ 256.566189][T11970] ? rcu_is_watching+0x15/0xb0 [ 256.566224][T11970] ? do_syscall_64+0xbe/0x3b0 [ 256.566256][T11970] do_syscall_64+0xfa/0x3b0 [ 256.566281][T11970] ? lockdep_hardirqs_on+0x9c/0x150 [ 256.566306][T11970] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 256.566328][T11970] ? clear_bhb_loop+0x60/0xb0 [ 256.566353][T11970] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 256.566374][T11970] RIP: 0033:0x7f2f9e18e969 [ 256.566392][T11970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 256.566410][T11970] RSP: 002b:00007f2f9f010038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 256.566433][T11970] RAX: ffffffffffffffda RBX: 00007f2f9e3b5fa0 RCX: 00007f2f9e18e969 [ 256.566448][T11970] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003 [ 256.566461][T11970] RBP: 00007f2f9f010090 R08: 0000000000000000 R09: 0000000000000000 [ 256.566474][T11970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 256.566485][T11970] R13: 0000000000000000 R14: 00007f2f9e3b5fa0 R15: 00007ffce9609d58 [ 256.566517][T11970] [ 257.202100][T11983] FAULT_INJECTION: forcing a failure. [ 257.202100][T11983] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 257.216427][T11983] CPU: 0 UID: 0 PID: 11983 Comm: syz.1.2565 Not tainted 6.15.0-syzkaller-07809-g408da3a0f89d #0 PREEMPT(full) [ 257.216456][T11983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 257.216471][T11983] Call Trace: [ 257.216480][T11983] [ 257.216489][T11983] dump_stack_lvl+0x189/0x250 [ 257.216527][T11983] ? __pfx____ratelimit+0x10/0x10 [ 257.216554][T11983] ? __pfx_dump_stack_lvl+0x10/0x10 [ 257.216586][T11983] ? __pfx__printk+0x10/0x10 [ 257.216609][T11983] ? __might_fault+0xb0/0x130 [ 257.216651][T11983] should_fail_ex+0x414/0x560 [ 257.216693][T11983] _copy_from_user+0x2d/0xb0 [ 257.216713][T11983] ___sys_sendmsg+0x158/0x2a0 [ 257.216736][T11983] ? __pfx____sys_sendmsg+0x10/0x10 [ 257.216790][T11983] ? __fget_files+0x2a/0x420 [ 257.216819][T11983] ? __fget_files+0x3a0/0x420 [ 257.216859][T11983] __x64_sys_sendmsg+0x19b/0x260 [ 257.216882][T11983] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 257.216911][T11983] ? __pfx_ksys_write+0x10/0x10 [ 257.216933][T11983] ? rcu_is_watching+0x15/0xb0 [ 257.216967][T11983] ? do_syscall_64+0xbe/0x3b0 [ 257.216995][T11983] do_syscall_64+0xfa/0x3b0 [ 257.217021][T11983] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 257.217040][T11983] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 257.217059][T11983] ? clear_bhb_loop+0x60/0xb0 [ 257.217083][T11983] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 257.217102][T11983] RIP: 0033:0x7f7000f8e969 [ 257.217120][T11983] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 257.217145][T11983] RSP: 002b:00007f7001e13038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 257.217167][T11983] RAX: ffffffffffffffda RBX: 00007f70011b5fa0 RCX: 00007f7000f8e969 [ 257.217181][T11983] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003 [ 257.217194][T11983] RBP: 00007f7001e13090 R08: 0000000000000000 R09: 0000000000000000 [ 257.217207][T11983] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 257.217219][T11983] R13: 0000000000000000 R14: 00007f70011b5fa0 R15: 00007ffff5f943b8 [ 257.217249][T11983] [ 257.452179][T11985] FAULT_INJECTION: forcing a failure. [ 257.452179][T11985] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 257.465365][T11985] CPU: 0 UID: 0 PID: 11985 Comm: syz.4.2567 Not tainted 6.15.0-syzkaller-07809-g408da3a0f89d #0 PREEMPT(full) [ 257.465392][T11985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 257.465403][T11985] Call Trace: [ 257.465410][T11985] [ 257.465418][T11985] dump_stack_lvl+0x189/0x250 [ 257.465454][T11985] ? __pfx____ratelimit+0x10/0x10 [ 257.465478][T11985] ? __pfx_dump_stack_lvl+0x10/0x10 [ 257.465507][T11985] ? __pfx__printk+0x10/0x10 [ 257.465528][T11985] ? __might_fault+0xb0/0x130 [ 257.465565][T11985] should_fail_ex+0x414/0x560 [ 257.465595][T11985] _copy_from_user+0x2d/0xb0 [ 257.465615][T11985] __sys_connect+0x123/0x440 [ 257.465643][T11985] ? __fget_files+0x3a0/0x420 [ 257.465672][T11985] ? __pfx___sys_connect+0x10/0x10 [ 257.465711][T11985] ? __pfx_ksys_write+0x10/0x10 [ 257.465733][T11985] ? rcu_is_watching+0x15/0xb0 [ 257.465768][T11985] __x64_sys_connect+0x7a/0x90 [ 257.465797][T11985] do_syscall_64+0xfa/0x3b0 [ 257.465821][T11985] ? lockdep_hardirqs_on+0x9c/0x150 [ 257.465844][T11985] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 257.465863][T11985] ? clear_bhb_loop+0x60/0xb0 [ 257.465885][T11985] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 257.465904][T11985] RIP: 0033:0x7fb43d98e969 [ 257.465921][T11985] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 257.465938][T11985] RSP: 002b:00007fb43e7b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 257.465958][T11985] RAX: ffffffffffffffda RBX: 00007fb43dbb5fa0 RCX: 00007fb43d98e969 [ 257.465973][T11985] RDX: 000000000000006e RSI: 0000200000000000 RDI: 0000000000000005 [ 257.465985][T11985] RBP: 00007fb43e7b7090 R08: 0000000000000000 R09: 0000000000000000 [ 257.465997][T11985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 257.466008][T11985] R13: 0000000000000000 R14: 00007fb43dbb5fa0 R15: 00007ffcf4915218 [ 257.466037][T11985] [ 257.491153][T11988] No such timeout policy "syz0" [ 258.478870][T12017] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2579'. [ 258.863545][T12036] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2586'. [ 258.979601][ T5840] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 258.987419][ T5840] Bluetooth: hci0: command 0x0406 tx timeout [ 259.695685][T12065] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2597'. [ 260.207826][T12084] FAULT_INJECTION: forcing a failure. [ 260.207826][T12084] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 260.243715][T12084] CPU: 1 UID: 0 PID: 12084 Comm: syz.2.2605 Not tainted 6.15.0-syzkaller-07809-g408da3a0f89d #0 PREEMPT(full) [ 260.243747][T12084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 260.243760][T12084] Call Trace: [ 260.243769][T12084] [ 260.243778][T12084] dump_stack_lvl+0x189/0x250 [ 260.243816][T12084] ? __pfx____ratelimit+0x10/0x10 [ 260.243842][T12084] ? __pfx_dump_stack_lvl+0x10/0x10 [ 260.243873][T12084] ? __pfx__printk+0x10/0x10 [ 260.243895][T12084] ? __might_fault+0xb0/0x130 [ 260.243945][T12084] should_fail_ex+0x414/0x560 [ 260.243976][T12084] _copy_from_user+0x2d/0xb0 [ 260.243998][T12084] ___sys_sendmsg+0x158/0x2a0 [ 260.244022][T12084] ? __pfx____sys_sendmsg+0x10/0x10 [ 260.244082][T12084] ? __fget_files+0x2a/0x420 [ 260.244112][T12084] ? __fget_files+0x3a0/0x420 [ 260.244153][T12084] __x64_sys_sendmsg+0x19b/0x260 [ 260.244177][T12084] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 260.244209][T12084] ? __pfx_ksys_write+0x10/0x10 [ 260.244233][T12084] ? rcu_is_watching+0x15/0xb0 [ 260.244269][T12084] ? do_syscall_64+0xbe/0x3b0 [ 260.244298][T12084] do_syscall_64+0xfa/0x3b0 [ 260.244324][T12084] ? lockdep_hardirqs_on+0x9c/0x150 [ 260.244347][T12084] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 260.244368][T12084] ? clear_bhb_loop+0x60/0xb0 [ 260.244394][T12084] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 260.244413][T12084] RIP: 0033:0x7f522bb8e969 [ 260.244431][T12084] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 260.244449][T12084] RSP: 002b:00007f522c98a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 260.244471][T12084] RAX: ffffffffffffffda RBX: 00007f522bdb5fa0 RCX: 00007f522bb8e969 [ 260.244486][T12084] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000004 [ 260.244498][T12084] RBP: 00007f522c98a090 R08: 0000000000000000 R09: 0000000000000000 [ 260.244511][T12084] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 260.244523][T12084] R13: 0000000000000000 R14: 00007f522bdb5fa0 R15: 00007ffd54adfe28 [ 260.244555][T12084] [ 260.587683][T12095] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2607'. [ 260.676861][T12098] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2611'. [ 262.208109][T12152] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2626'. [ 263.046200][T12179] FAULT_INJECTION: forcing a failure. [ 263.046200][T12179] name failslab, interval 1, probability 0, space 0, times 0 [ 263.075388][T12179] CPU: 0 UID: 0 PID: 12179 Comm: syz.3.2640 Not tainted 6.15.0-syzkaller-07809-g408da3a0f89d #0 PREEMPT(full) [ 263.075424][T12179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 263.075438][T12179] Call Trace: [ 263.075446][T12179] [ 263.075456][T12179] dump_stack_lvl+0x189/0x250 [ 263.075494][T12179] ? __pfx____ratelimit+0x10/0x10 [ 263.075521][T12179] ? __pfx_dump_stack_lvl+0x10/0x10 [ 263.075554][T12179] ? __pfx__printk+0x10/0x10 [ 263.075580][T12179] ? __pfx___might_resched+0x10/0x10 [ 263.075611][T12179] ? fs_reclaim_acquire+0x7d/0x100 [ 263.075638][T12179] should_fail_ex+0x414/0x560 [ 263.075671][T12179] should_failslab+0xa8/0x100 [ 263.075704][T12179] __kmalloc_cache_noprof+0x70/0x3d0 [ 263.075734][T12179] ? alloc_netdev_mqs+0xc36/0x11e0 [ 263.075765][T12179] alloc_netdev_mqs+0xc36/0x11e0 [ 263.075797][T12179] rtnl_create_link+0x31f/0xd10 [ 263.075829][T12179] rtnl_newlink_create+0x25c/0xb00 [ 263.075870][T12179] ? __pfx_aa_get_newest_label+0x10/0x10 [ 263.075900][T12179] ? __pfx_rtnl_newlink_create+0x10/0x10 [ 263.075931][T12179] ? rtnl_newlink+0x8db/0x1c70 [ 263.075971][T12179] ? __pfx___mutex_lock+0x10/0x10 [ 263.076011][T12179] ? ns_capable+0x8a/0xf0 [ 263.076045][T12179] rtnl_newlink+0x16d6/0x1c70 [ 263.076077][T12179] ? netlink_sendmsg+0x805/0xb30 [ 263.076109][T12179] ? __pfx_rtnl_newlink+0x10/0x10 [ 263.076165][T12179] ? kasan_quarantine_put+0xdd/0x220 [ 263.076192][T12179] ? lockdep_hardirqs_on+0x9c/0x150 [ 263.076224][T12179] ? nlmon_xmit+0xb0/0x100 [ 263.076253][T12179] ? kmem_cache_free+0x18f/0x400 [ 263.076291][T12179] ? __local_bh_enable_ip+0x12d/0x1c0 [ 263.076322][T12179] ? lockdep_hardirqs_on+0x9c/0x150 [ 263.076348][T12179] ? __local_bh_enable_ip+0x12d/0x1c0 [ 263.076377][T12179] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 263.076412][T12179] ? __dev_queue_xmit+0x27e/0x3a70 [ 263.076450][T12179] ? __lock_acquire+0xab9/0xd20 [ 263.076505][T12179] ? __pfx_rtnl_newlink+0x10/0x10 [ 263.076534][T12179] rtnetlink_rcv_msg+0x7cf/0xb70 [ 263.076567][T12179] ? rtnetlink_rcv_msg+0x1ab/0xb70 [ 263.076595][T12179] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 263.076632][T12179] ? ref_tracker_free+0x63a/0x7d0 [ 263.076657][T12179] ? __copy_skb_header+0xa7/0x550 [ 263.076680][T12179] ? __pfx_ref_tracker_free+0x10/0x10 [ 263.076706][T12179] ? __skb_clone+0x63/0x7a0 [ 263.076735][T12179] netlink_rcv_skb+0x205/0x470 [ 263.076765][T12179] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 263.076795][T12179] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 263.076839][T12179] ? netlink_deliver_tap+0x2e/0x1b0 [ 263.076868][T12179] ? netlink_deliver_tap+0x2e/0x1b0 [ 263.076905][T12179] netlink_unicast+0x758/0x8d0 [ 263.076944][T12179] netlink_sendmsg+0x805/0xb30 [ 263.076978][T12179] ? __pfx_netlink_sendmsg+0x10/0x10 [ 263.077000][T12179] ? aa_sock_msg_perm+0x94/0x160 [ 263.077025][T12179] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 263.077049][T12179] ? __pfx_netlink_sendmsg+0x10/0x10 [ 263.077068][T12179] __sock_sendmsg+0x21c/0x270 [ 263.077096][T12179] ____sys_sendmsg+0x505/0x830 [ 263.077122][T12179] ? __pfx_____sys_sendmsg+0x10/0x10 [ 263.077151][T12179] ? import_iovec+0x74/0xa0 [ 263.077174][T12179] ___sys_sendmsg+0x21f/0x2a0 [ 263.077196][T12179] ? __pfx____sys_sendmsg+0x10/0x10 [ 263.077252][T12179] ? __fget_files+0x2a/0x420 [ 263.077281][T12179] ? __fget_files+0x3a0/0x420 [ 263.077321][T12179] __x64_sys_sendmsg+0x19b/0x260 [ 263.077344][T12179] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 263.077374][T12179] ? __pfx_ksys_write+0x10/0x10 [ 263.077397][T12179] ? rcu_is_watching+0x15/0xb0 [ 263.077430][T12179] ? do_syscall_64+0xbe/0x3b0 [ 263.077460][T12179] do_syscall_64+0xfa/0x3b0 [ 263.077486][T12179] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 263.077504][T12179] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 263.077524][T12179] ? clear_bhb_loop+0x60/0xb0 [ 263.077548][T12179] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 263.077567][T12179] RIP: 0033:0x7fc25b78e969 [ 263.077584][T12179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 263.077600][T12179] RSP: 002b:00007fc25c53d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 263.077622][T12179] RAX: ffffffffffffffda RBX: 00007fc25b9b5fa0 RCX: 00007fc25b78e969 [ 263.077636][T12179] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003 [ 263.077648][T12179] RBP: 00007fc25c53d090 R08: 0000000000000000 R09: 0000000000000000 [ 263.077660][T12179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 263.077672][T12179] R13: 0000000000000000 R14: 00007fc25b9b5fa0 R15: 00007ffd9a9fdb28 [ 263.077704][T12179] [ 263.749714][T12189] FAULT_INJECTION: forcing a failure. [ 263.749714][T12189] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 263.840348][T12189] CPU: 1 UID: 0 PID: 12189 Comm: syz.4.2643 Not tainted 6.15.0-syzkaller-07809-g408da3a0f89d #0 PREEMPT(full) [ 263.840381][T12189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 263.840399][T12189] Call Trace: [ 263.840408][T12189] [ 263.840418][T12189] dump_stack_lvl+0x189/0x250 [ 263.840457][T12189] ? __pfx____ratelimit+0x10/0x10 [ 263.840485][T12189] ? __pfx_dump_stack_lvl+0x10/0x10 [ 263.840518][T12189] ? __pfx__printk+0x10/0x10 [ 263.840554][T12189] should_fail_ex+0x414/0x560 [ 263.840588][T12189] _copy_to_user+0x31/0xb0 [ 263.840613][T12189] simple_read_from_buffer+0xe1/0x170 [ 263.840650][T12189] proc_fail_nth_read+0x1df/0x250 [ 263.840676][T12189] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 263.840701][T12189] ? rw_verify_area+0x258/0x650 [ 263.840728][T12189] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 263.840752][T12189] vfs_read+0x200/0x980 [ 263.840785][T12189] ? __pfx___mutex_lock+0x10/0x10 [ 263.840813][T12189] ? __pfx_vfs_read+0x10/0x10 [ 263.840841][T12189] ? __fget_files+0x2a/0x420 [ 263.840879][T12189] ? __fget_files+0x3a0/0x420 [ 263.840917][T12189] ? __fget_files+0x2a/0x420 [ 263.840960][T12189] ksys_read+0x145/0x250 [ 263.840991][T12189] ? __pfx_ksys_read+0x10/0x10 [ 263.841016][T12189] ? rcu_is_watching+0x15/0xb0 [ 263.841053][T12189] ? do_syscall_64+0xbe/0x3b0 [ 263.841084][T12189] do_syscall_64+0xfa/0x3b0 [ 263.841110][T12189] ? lockdep_hardirqs_on+0x9c/0x150 [ 263.841135][T12189] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 263.841157][T12189] ? clear_bhb_loop+0x60/0xb0 [ 263.841182][T12189] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 263.841203][T12189] RIP: 0033:0x7fb43d98d37c [ 263.841222][T12189] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 263.841241][T12189] RSP: 002b:00007fb43e7b7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 263.841263][T12189] RAX: ffffffffffffffda RBX: 00007fb43dbb5fa0 RCX: 00007fb43d98d37c [ 263.841279][T12189] RDX: 000000000000000f RSI: 00007fb43e7b70a0 RDI: 0000000000000006 [ 263.841293][T12189] RBP: 00007fb43e7b7090 R08: 0000000000000000 R09: 0000000000000000 [ 263.841306][T12189] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 263.841319][T12189] R13: 0000000000000000 R14: 00007fb43dbb5fa0 R15: 00007ffcf4915218 [ 263.841351][T12189] [ 264.177170][T12203] FAULT_INJECTION: forcing a failure. [ 264.177170][T12203] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 264.191466][T12203] CPU: 0 UID: 0 PID: 12203 Comm: syz.3.2650 Not tainted 6.15.0-syzkaller-07809-g408da3a0f89d #0 PREEMPT(full) [ 264.191497][T12203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 264.191511][T12203] Call Trace: [ 264.191519][T12203] [ 264.191528][T12203] dump_stack_lvl+0x189/0x250 [ 264.191566][T12203] ? __pfx____ratelimit+0x10/0x10 [ 264.191593][T12203] ? __pfx_dump_stack_lvl+0x10/0x10 [ 264.191633][T12203] ? __pfx__printk+0x10/0x10 [ 264.191671][T12203] should_fail_ex+0x414/0x560 [ 264.191703][T12203] _copy_to_user+0x31/0xb0 [ 264.191728][T12203] simple_read_from_buffer+0xe1/0x170 [ 264.191764][T12203] proc_fail_nth_read+0x1df/0x250 [ 264.191790][T12203] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 264.191815][T12203] ? rw_verify_area+0x258/0x650 [ 264.191842][T12203] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 264.191865][T12203] vfs_read+0x200/0x980 [ 264.191910][T12203] ? __pfx___mutex_lock+0x10/0x10 [ 264.191938][T12203] ? __pfx_vfs_read+0x10/0x10 [ 264.191966][T12203] ? __fget_files+0x2a/0x420 [ 264.192002][T12203] ? __fget_files+0x3a0/0x420 [ 264.192042][T12203] ? __fget_files+0x2a/0x420 [ 264.192080][T12203] ksys_read+0x145/0x250 [ 264.192108][T12203] ? __pfx_ksys_read+0x10/0x10 [ 264.192130][T12203] ? rcu_is_watching+0x15/0xb0 [ 264.192164][T12203] ? do_syscall_64+0xbe/0x3b0 [ 264.192193][T12203] do_syscall_64+0xfa/0x3b0 [ 264.192216][T12203] ? lockdep_hardirqs_on+0x9c/0x150 [ 264.192238][T12203] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 264.192257][T12203] ? clear_bhb_loop+0x60/0xb0 [ 264.192282][T12203] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 264.192300][T12203] RIP: 0033:0x7fc25b78d37c [ 264.192317][T12203] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 264.192335][T12203] RSP: 002b:00007fc25c53d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 264.192355][T12203] RAX: ffffffffffffffda RBX: 00007fc25b9b5fa0 RCX: 00007fc25b78d37c [ 264.192369][T12203] RDX: 000000000000000f RSI: 00007fc25c53d0a0 RDI: 0000000000000005 [ 264.192381][T12203] RBP: 00007fc25c53d090 R08: 0000000000000000 R09: 0000000000000000 [ 264.192393][T12203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 264.192404][T12203] R13: 0000000000000000 R14: 00007fc25b9b5fa0 R15: 00007ffd9a9fdb28 [ 264.192435][T12203] [ 265.073007][T12229] netlink: 'syz.3.2657': attribute type 1 has an invalid length. [ 265.083660][T12229] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 265.108105][T12231] netlink: 'syz.1.2658': attribute type 10 has an invalid length. [ 265.110368][T12229] ipt_REJECT: TCP_RESET invalid for non-tcp [ 265.135891][T12231] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 265.159641][T12229] xt_l2tp: invalid flags combination: c [ 265.243923][T12231] vlan3: entered promiscuous mode [ 265.250761][T12231] bridge0: entered promiscuous mode [ 265.277073][T12236] FAULT_INJECTION: forcing a failure. [ 265.277073][T12236] name failslab, interval 1, probability 0, space 0, times 0 [ 265.291750][T12236] CPU: 1 UID: 0 PID: 12236 Comm: syz.2.2660 Not tainted 6.15.0-syzkaller-07809-g408da3a0f89d #0 PREEMPT(full) [ 265.291781][T12236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 265.291795][T12236] Call Trace: [ 265.291804][T12236] [ 265.291813][T12236] dump_stack_lvl+0x189/0x250 [ 265.291852][T12236] ? __pfx____ratelimit+0x10/0x10 [ 265.291879][T12236] ? __pfx_dump_stack_lvl+0x10/0x10 [ 265.291912][T12236] ? __pfx__printk+0x10/0x10 [ 265.291943][T12236] ? __mutex_unlock_slowpath+0x1cd/0x700 [ 265.291986][T12236] should_fail_ex+0x414/0x560 [ 265.292020][T12236] should_failslab+0xa8/0x100 [ 265.292053][T12236] kmem_cache_alloc_noprof+0x73/0x3c0 [ 265.292081][T12236] ? skb_clone+0x212/0x3a0 [ 265.292109][T12236] skb_clone+0x212/0x3a0 [ 265.292135][T12236] __netlink_deliver_tap+0x404/0x850 [ 265.292182][T12236] ? netlink_deliver_tap+0x2e/0x1b0 [ 265.292217][T12236] netlink_deliver_tap+0x19c/0x1b0 [ 265.292250][T12236] netlink_dump+0x8e4/0xe20 [ 265.292294][T12236] ? __pfx_netlink_dump+0x10/0x10 [ 265.292342][T12236] ? kmem_cache_free+0x18f/0x400 [ 265.292389][T12236] netlink_recvmsg+0x676/0xa30 [ 265.292417][T12236] ? __pfx_netlink_recvmsg+0x10/0x10 [ 265.292441][T12236] ? aa_sock_msg_perm+0x94/0x160 [ 265.292467][T12236] ? bpf_lsm_socket_recvmsg+0x9/0x20 [ 265.292489][T12236] ? security_socket_recvmsg+0x7e/0x2e0 [ 265.292520][T12236] ? __pfx_netlink_recvmsg+0x10/0x10 [ 265.292538][T12236] sock_recvmsg+0x22c/0x270 [ 265.292574][T12236] ____sys_recvmsg+0x1c9/0x460 [ 265.292603][T12236] ? __pfx_____sys_recvmsg+0x10/0x10 [ 265.292641][T12236] ? import_iovec+0x74/0xa0 [ 265.292665][T12236] ___sys_recvmsg+0x1b5/0x510 [ 265.292691][T12236] ? __pfx____sys_recvmsg+0x10/0x10 [ 265.292737][T12236] ? __fget_files+0x3a0/0x420 [ 265.292778][T12236] do_recvmmsg+0x307/0x770 [ 265.292807][T12236] ? __pfx_do_recvmmsg+0x10/0x10 [ 265.292841][T12236] ? _copy_from_user+0x94/0xb0 [ 265.292877][T12236] __x64_sys_recvmmsg+0x1af/0x240 [ 265.292902][T12236] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 265.292921][T12236] ? rcu_is_watching+0x15/0xb0 [ 265.292954][T12236] ? do_syscall_64+0xbe/0x3b0 [ 265.292982][T12236] do_syscall_64+0xfa/0x3b0 [ 265.293008][T12236] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 265.293027][T12236] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 265.293046][T12236] ? clear_bhb_loop+0x60/0xb0 [ 265.293070][T12236] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 265.293090][T12236] RIP: 0033:0x7f522bb8e969 [ 265.293106][T12236] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 265.293123][T12236] RSP: 002b:00007f522c98a038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 265.293144][T12236] RAX: ffffffffffffffda RBX: 00007f522bdb5fa0 RCX: 00007f522bb8e969 [ 265.293159][T12236] RDX: 04000000000003b4 RSI: 00002000000037c0 RDI: 0000000000000003 [ 265.293172][T12236] RBP: 00007f522c98a090 R08: 0000200000003700 R09: 0000000000000000 [ 265.293185][T12236] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 265.293196][T12236] R13: 0000000000000000 R14: 00007f522bdb5fa0 R15: 00007ffd54adfe28 [ 265.293227][T12236] [ 265.644960][T12239] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2659'. [ 265.654803][T12234] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2659'. [ 265.830148][T12245] openvswitch: netlink: Actions may not be safe on all matching packets [ 265.941310][T12252] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2664'. [ 265.951527][T12252] openvswitch: netlink: Invalid MD length 0 for MD type 0 [ 265.959583][T12252] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 266.144353][T12257] FAULT_INJECTION: forcing a failure. [ 266.144353][T12257] name failslab, interval 1, probability 0, space 0, times 0 [ 266.162884][T12257] CPU: 1 UID: 0 PID: 12257 Comm: syz.0.2667 Not tainted 6.15.0-syzkaller-07809-g408da3a0f89d #0 PREEMPT(full) [ 266.162917][T12257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 266.162931][T12257] Call Trace: [ 266.162938][T12257] [ 266.162947][T12257] dump_stack_lvl+0x189/0x250 [ 266.162982][T12257] ? __pfx____ratelimit+0x10/0x10 [ 266.163007][T12257] ? __pfx_dump_stack_lvl+0x10/0x10 [ 266.163057][T12257] ? __pfx__printk+0x10/0x10 [ 266.163083][T12257] ? __pfx___might_resched+0x10/0x10 [ 266.163118][T12257] ? fs_reclaim_acquire+0x7d/0x100 [ 266.163146][T12257] should_fail_ex+0x414/0x560 [ 266.163178][T12257] should_failslab+0xa8/0x100 [ 266.163212][T12257] __kmalloc_cache_noprof+0x70/0x3d0 [ 266.163242][T12257] ? alloc_netdev_mqs+0xc36/0x11e0 [ 266.163273][T12257] alloc_netdev_mqs+0xc36/0x11e0 [ 266.163306][T12257] rtnl_create_link+0x31f/0xd10 [ 266.163338][T12257] rtnl_newlink_create+0x25c/0xb00 [ 266.163378][T12257] ? __pfx_aa_get_newest_label+0x10/0x10 [ 266.163409][T12257] ? __pfx_rtnl_newlink_create+0x10/0x10 [ 266.163439][T12257] ? rtnl_newlink+0x8db/0x1c70 [ 266.163478][T12257] ? __pfx___mutex_lock+0x10/0x10 [ 266.163517][T12257] ? ns_capable+0x8a/0xf0 [ 266.163552][T12257] rtnl_newlink+0x16d6/0x1c70 [ 266.163585][T12257] ? netlink_sendmsg+0x805/0xb30 [ 266.163618][T12257] ? __pfx_rtnl_newlink+0x10/0x10 [ 266.163674][T12257] ? kasan_quarantine_put+0xdd/0x220 [ 266.163702][T12257] ? lockdep_hardirqs_on+0x9c/0x150 [ 266.163735][T12257] ? __pfx_do_softirq+0x10/0x10 [ 266.163773][T12257] ? __local_bh_enable_ip+0x12d/0x1c0 [ 266.163803][T12257] ? lockdep_hardirqs_on+0x9c/0x150 [ 266.163828][T12257] ? __local_bh_enable_ip+0x12d/0x1c0 [ 266.163858][T12257] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 266.163892][T12257] ? __dev_queue_xmit+0x27e/0x3a70 [ 266.163931][T12257] ? __lock_acquire+0xab9/0xd20 [ 266.163986][T12257] ? __pfx_rtnl_newlink+0x10/0x10 [ 266.164015][T12257] rtnetlink_rcv_msg+0x7cf/0xb70 [ 266.164050][T12257] ? rtnetlink_rcv_msg+0x1ab/0xb70 [ 266.164078][T12257] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 266.164105][T12257] ? ref_tracker_free+0x63a/0x7d0 [ 266.164132][T12257] ? __copy_skb_header+0xa7/0x550 [ 266.164156][T12257] ? __pfx_ref_tracker_free+0x10/0x10 [ 266.164184][T12257] ? __skb_clone+0x63/0x7a0 [ 266.164214][T12257] netlink_rcv_skb+0x205/0x470 [ 266.164248][T12257] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 266.164278][T12257] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 266.164336][T12257] ? netlink_deliver_tap+0x2e/0x1b0 [ 266.164365][T12257] ? netlink_deliver_tap+0x2e/0x1b0 [ 266.164402][T12257] netlink_unicast+0x758/0x8d0 [ 266.164441][T12257] netlink_sendmsg+0x805/0xb30 [ 266.164478][T12257] ? __pfx_netlink_sendmsg+0x10/0x10 [ 266.164501][T12257] ? aa_sock_msg_perm+0x94/0x160 [ 266.164528][T12257] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 266.164550][T12257] ? __pfx_netlink_sendmsg+0x10/0x10 [ 266.164569][T12257] __sock_sendmsg+0x21c/0x270 [ 266.164598][T12257] ____sys_sendmsg+0x505/0x830 [ 266.164624][T12257] ? __pfx_____sys_sendmsg+0x10/0x10 [ 266.164654][T12257] ? import_iovec+0x74/0xa0 [ 266.164678][T12257] ___sys_sendmsg+0x21f/0x2a0 [ 266.164702][T12257] ? __pfx____sys_sendmsg+0x10/0x10 [ 266.164761][T12257] ? __fget_files+0x2a/0x420 [ 266.164790][T12257] ? __fget_files+0x3a0/0x420 [ 266.164831][T12257] __x64_sys_sendmsg+0x19b/0x260 [ 266.164854][T12257] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 266.164884][T12257] ? __pfx_ksys_write+0x10/0x10 [ 266.164906][T12257] ? rcu_is_watching+0x15/0xb0 [ 266.164939][T12257] ? do_syscall_64+0xbe/0x3b0 [ 266.164969][T12257] do_syscall_64+0xfa/0x3b0 [ 266.164992][T12257] ? lockdep_hardirqs_on+0x9c/0x150 [ 266.165014][T12257] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 266.165033][T12257] ? clear_bhb_loop+0x60/0xb0 [ 266.165057][T12257] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 266.165076][T12257] RIP: 0033:0x7f2f9e18e969 [ 266.165094][T12257] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 266.165111][T12257] RSP: 002b:00007f2f9f010038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 266.165132][T12257] RAX: ffffffffffffffda RBX: 00007f2f9e3b5fa0 RCX: 00007f2f9e18e969 [ 266.165146][T12257] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000004 [ 266.165159][T12257] RBP: 00007f2f9f010090 R08: 0000000000000000 R09: 0000000000000000 [ 266.165171][T12257] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 266.165183][T12257] R13: 0000000000000000 R14: 00007f2f9e3b5fa0 R15: 00007ffce9609d58 [ 266.165215][T12257] [ 266.936607][T12268] dvmrp1: entered allmulticast mode [ 267.599783][T12297] netlink: 'syz.3.2681': attribute type 4 has an invalid length. [ 267.652522][T12297] netlink: 'syz.3.2681': attribute type 4 has an invalid length. [ 267.888196][T12304] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2684'. [ 267.952877][T12310] netlink: 52 bytes leftover after parsing attributes in process `syz.4.2687'. [ 268.272079][T12322] netlink: 'syz.4.2691': attribute type 16 has an invalid length. [ 268.306121][T12322] netlink: 'syz.4.2691': attribute type 3 has an invalid length. [ 268.318050][T12322] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2691'. [ 268.736558][T12341] netlink: 11 bytes leftover after parsing attributes in process `syz.4.2697'. [ 268.769455][T12341] netlink: 11 bytes leftover after parsing attributes in process `syz.4.2697'. [ 269.498662][T12370] netlink: 100 bytes leftover after parsing attributes in process `syz.3.2708'. [ 269.927272][T12388] tipc: Started in network mode [ 269.939577][T12388] tipc: Node identity e0000002, cluster identity 4711 [ 269.975843][T12388] tipc: Enabling of bearer rejected, failed to enable media [ 270.004224][T12390] netlink: 'syz.1.2714': attribute type 4 has an invalid length. [ 270.272842][T12401] netlink: 256 bytes leftover after parsing attributes in process `syz.4.2720'. [ 271.594973][T12449] FAULT_INJECTION: forcing a failure. [ 271.594973][T12449] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 271.650303][T12449] CPU: 0 UID: 0 PID: 12449 Comm: syz.1.2735 Not tainted 6.15.0-syzkaller-07809-g408da3a0f89d #0 PREEMPT(full) [ 271.650342][T12449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 271.650354][T12449] Call Trace: [ 271.650362][T12449] [ 271.650371][T12449] dump_stack_lvl+0x189/0x250 [ 271.650407][T12449] ? __pfx____ratelimit+0x10/0x10 [ 271.650431][T12449] ? __pfx_dump_stack_lvl+0x10/0x10 [ 271.650461][T12449] ? __pfx__printk+0x10/0x10 [ 271.650482][T12449] ? __might_fault+0xb0/0x130 [ 271.650522][T12449] should_fail_ex+0x414/0x560 [ 271.650552][T12449] _copy_from_user+0x2d/0xb0 [ 271.650573][T12449] ___sys_recvmsg+0x12e/0x510 [ 271.650601][T12449] ? __pfx____sys_recvmsg+0x10/0x10 [ 271.650647][T12449] ? __fget_files+0x3a0/0x420 [ 271.650687][T12449] do_recvmmsg+0x307/0x770 [ 271.650737][T12449] ? __pfx_do_recvmmsg+0x10/0x10 [ 271.650774][T12449] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 271.650824][T12449] __x64_sys_recvmmsg+0x190/0x240 [ 271.650852][T12449] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 271.650872][T12449] ? rcu_is_watching+0x15/0xb0 [ 271.650909][T12449] ? do_syscall_64+0xbe/0x3b0 [ 271.650941][T12449] do_syscall_64+0xfa/0x3b0 [ 271.650966][T12449] ? lockdep_hardirqs_on+0x9c/0x150 [ 271.650992][T12449] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 271.651013][T12449] ? clear_bhb_loop+0x60/0xb0 [ 271.651040][T12449] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 271.651062][T12449] RIP: 0033:0x7f7000f8e969 [ 271.651081][T12449] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 271.651100][T12449] RSP: 002b:00007f7001e13038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 271.651124][T12449] RAX: ffffffffffffffda RBX: 00007f70011b5fa0 RCX: 00007f7000f8e969 [ 271.651140][T12449] RDX: 0000000000000008 RSI: 0000200000002c00 RDI: 0000000000000003 [ 271.651153][T12449] RBP: 00007f7001e13090 R08: 0000000000000000 R09: 0000000000000000 [ 271.651167][T12449] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000001 [ 271.651180][T12449] R13: 0000000000000000 R14: 00007f70011b5fa0 R15: 00007ffff5f943b8 [ 271.651215][T12449] [ 272.330894][T12467] netlink: 'syz.4.2745': attribute type 1 has an invalid length. [ 272.341686][T12467] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2745'. [ 272.353632][T12467] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2745'. [ 272.460524][T12471] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2747'. [ 273.311641][T12493] FAULT_INJECTION: forcing a failure. [ 273.311641][T12493] name failslab, interval 1, probability 0, space 0, times 0 [ 273.369179][T12493] CPU: 0 UID: 0 PID: 12493 Comm: syz.3.2757 Not tainted 6.15.0-syzkaller-07809-g408da3a0f89d #0 PREEMPT(full) [ 273.369214][T12493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 273.369227][T12493] Call Trace: [ 273.369235][T12493] [ 273.369245][T12493] dump_stack_lvl+0x189/0x250 [ 273.369283][T12493] ? __pfx____ratelimit+0x10/0x10 [ 273.369308][T12493] ? __pfx_dump_stack_lvl+0x10/0x10 [ 273.369341][T12493] ? __pfx__printk+0x10/0x10 [ 273.369369][T12493] ? __pfx___might_resched+0x10/0x10 [ 273.369404][T12493] should_fail_ex+0x414/0x560 [ 273.369435][T12493] should_failslab+0xa8/0x100 [ 273.369468][T12493] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 273.369499][T12493] ? __alloc_skb+0x112/0x2d0 [ 273.369527][T12493] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 273.369555][T12493] __alloc_skb+0x112/0x2d0 [ 273.369589][T12493] pfkey_sendmsg+0x1dd/0x1090 [ 273.369627][T12493] ? __pfx___might_resched+0x10/0x10 [ 273.369654][T12493] ? __lock_acquire+0xab9/0xd20 [ 273.369687][T12493] ? __pfx_pfkey_sendmsg+0x10/0x10 [ 273.369725][T12493] ? aa_sk_perm+0x81e/0x950 [ 273.369749][T12493] ? is_bpf_text_address+0x26/0x2b0 [ 273.369781][T12493] ? __pfx_aa_sk_perm+0x10/0x10 [ 273.369803][T12493] ? tomoyo_socket_sendmsg_permission+0x1e1/0x300 [ 273.369849][T12493] ? aa_sock_msg_perm+0x94/0x160 [ 273.369877][T12493] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 273.369900][T12493] ? __pfx_pfkey_sendmsg+0x10/0x10 [ 273.369929][T12493] __sock_sendmsg+0x21c/0x270 [ 273.369957][T12493] ____sys_sendmsg+0x505/0x830 [ 273.369989][T12493] ? __pfx_____sys_sendmsg+0x10/0x10 [ 273.370018][T12493] ? import_iovec+0x74/0xa0 [ 273.370042][T12493] ___sys_sendmsg+0x21f/0x2a0 [ 273.370064][T12493] ? __pfx____sys_sendmsg+0x10/0x10 [ 273.370120][T12493] ? __fget_files+0x2a/0x420 [ 273.370148][T12493] ? __fget_files+0x3a0/0x420 [ 273.370188][T12493] __x64_sys_sendmsg+0x19b/0x260 [ 273.370211][T12493] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 273.370240][T12493] ? __pfx_ksys_write+0x10/0x10 [ 273.370265][T12493] ? rcu_is_watching+0x15/0xb0 [ 273.370297][T12493] ? do_syscall_64+0xbe/0x3b0 [ 273.370327][T12493] do_syscall_64+0xfa/0x3b0 [ 273.370369][T12493] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.370389][T12493] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 273.370423][T12493] ? clear_bhb_loop+0x60/0xb0 [ 273.370447][T12493] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.370466][T12493] RIP: 0033:0x7fc25b78e969 [ 273.370484][T12493] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 273.370503][T12493] RSP: 002b:00007fc25c53d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 273.370525][T12493] RAX: ffffffffffffffda RBX: 00007fc25b9b5fa0 RCX: 00007fc25b78e969 [ 273.370540][T12493] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000004 [ 273.370552][T12493] RBP: 00007fc25c53d090 R08: 0000000000000000 R09: 0000000000000000 [ 273.370565][T12493] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 273.370578][T12493] R13: 0000000000000000 R14: 00007fc25b9b5fa0 R15: 00007ffd9a9fdb28 [ 273.370626][T12493] [ 273.864873][T12498] C: entered promiscuous mode [ 273.870166][T12498] team_slave_1: entered promiscuous mode [ 274.133654][T12506] netlink: 'syz.3.2762': attribute type 4 has an invalid length. [ 274.193213][T12506] netlink: 'syz.3.2762': attribute type 4 has an invalid length. [ 274.933893][T12533] pimreg: entered allmulticast mode [ 274.982175][T12534] pimreg: left allmulticast mode [ 275.283289][T12547] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2781'. [ 275.304686][T12548] netlink: 'syz.0.2780': attribute type 4 has an invalid length. [ 275.332172][T12548] netlink: 'syz.0.2780': attribute type 4 has an invalid length. [ 275.463362][T12555] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2783'. [ 275.612581][T12562] FAULT_INJECTION: forcing a failure. [ 275.612581][T12562] name failslab, interval 1, probability 0, space 0, times 0 [ 275.641155][T12562] CPU: 1 UID: 0 PID: 12562 Comm: syz.1.2785 Not tainted 6.15.0-syzkaller-07809-g408da3a0f89d #0 PREEMPT(full) [ 275.641188][T12562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 275.641207][T12562] Call Trace: [ 275.641217][T12562] [ 275.641226][T12562] dump_stack_lvl+0x189/0x250 [ 275.641268][T12562] ? __pfx____ratelimit+0x10/0x10 [ 275.641295][T12562] ? __pfx_dump_stack_lvl+0x10/0x10 [ 275.641330][T12562] ? __pfx__printk+0x10/0x10 [ 275.641361][T12562] ? __pfx___might_resched+0x10/0x10 [ 275.641391][T12562] ? fs_reclaim_acquire+0x7d/0x100 [ 275.641421][T12562] should_fail_ex+0x414/0x560 [ 275.641454][T12562] ? alloc_netdev_mqs+0xc9e/0x11e0 [ 275.641479][T12562] should_failslab+0xa8/0x100 [ 275.641513][T12562] __kvmalloc_node_noprof+0x168/0x600 [ 275.641547][T12562] ? alloc_netdev_mqs+0xc9e/0x11e0 [ 275.641570][T12562] ? alloc_netdev_mqs+0xc36/0x11e0 [ 275.641601][T12562] alloc_netdev_mqs+0xc9e/0x11e0 [ 275.641635][T12562] rtnl_create_link+0x31f/0xd10 [ 275.641669][T12562] rtnl_newlink_create+0x25c/0xb00 [ 275.641711][T12562] ? __pfx_aa_get_newest_label+0x10/0x10 [ 275.641744][T12562] ? __pfx_rtnl_newlink_create+0x10/0x10 [ 275.641776][T12562] ? rtnl_newlink+0x8db/0x1c70 [ 275.641810][T12562] ? __pfx___mutex_lock+0x10/0x10 [ 275.641851][T12562] ? ns_capable+0x8a/0xf0 [ 275.641889][T12562] rtnl_newlink+0x16d6/0x1c70 [ 275.641934][T12562] ? netlink_sendmsg+0x805/0xb30 [ 275.641967][T12562] ? __pfx_rtnl_newlink+0x10/0x10 [ 275.642024][T12562] ? kasan_quarantine_put+0xdd/0x220 [ 275.642051][T12562] ? lockdep_hardirqs_on+0x9c/0x150 [ 275.642085][T12562] ? __pfx_do_softirq+0x10/0x10 [ 275.642124][T12562] ? __local_bh_enable_ip+0x12d/0x1c0 [ 275.642162][T12562] ? lockdep_hardirqs_on+0x9c/0x150 [ 275.642190][T12562] ? __local_bh_enable_ip+0x12d/0x1c0 [ 275.642220][T12562] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 275.642254][T12562] ? __dev_queue_xmit+0x27e/0x3a70 [ 275.642293][T12562] ? __lock_acquire+0xab9/0xd20 [ 275.642347][T12562] ? __pfx_rtnl_newlink+0x10/0x10 [ 275.642377][T12562] rtnetlink_rcv_msg+0x7cf/0xb70 [ 275.642412][T12562] ? rtnetlink_rcv_msg+0x1ab/0xb70 [ 275.642442][T12562] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 275.642469][T12562] ? ref_tracker_free+0x63a/0x7d0 [ 275.642513][T12562] ? __copy_skb_header+0xa7/0x550 [ 275.642539][T12562] ? __pfx_ref_tracker_free+0x10/0x10 [ 275.642569][T12562] ? __skb_clone+0x63/0x7a0 [ 275.642601][T12562] netlink_rcv_skb+0x205/0x470 [ 275.642636][T12562] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 275.642669][T12562] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 275.642719][T12562] ? netlink_deliver_tap+0x2e/0x1b0 [ 275.642753][T12562] ? netlink_deliver_tap+0x2e/0x1b0 [ 275.642794][T12562] netlink_unicast+0x758/0x8d0 [ 275.642839][T12562] netlink_sendmsg+0x805/0xb30 [ 275.642871][T12562] ? __pfx_netlink_sendmsg+0x10/0x10 [ 275.642897][T12562] ? aa_sock_msg_perm+0x94/0x160 [ 275.642927][T12562] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 275.642954][T12562] ? __pfx_netlink_sendmsg+0x10/0x10 [ 275.642977][T12562] __sock_sendmsg+0x21c/0x270 [ 275.643009][T12562] ____sys_sendmsg+0x505/0x830 [ 275.643039][T12562] ? __pfx_____sys_sendmsg+0x10/0x10 [ 275.643073][T12562] ? import_iovec+0x74/0xa0 [ 275.643100][T12562] ___sys_sendmsg+0x21f/0x2a0 [ 275.643127][T12562] ? __pfx____sys_sendmsg+0x10/0x10 [ 275.643199][T12562] ? __fget_files+0x2a/0x420 [ 275.643232][T12562] ? __fget_files+0x3a0/0x420 [ 275.643277][T12562] __x64_sys_sendmsg+0x19b/0x260 [ 275.643303][T12562] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 275.643338][T12562] ? __pfx_ksys_write+0x10/0x10 [ 275.643364][T12562] ? rcu_is_watching+0x15/0xb0 [ 275.643403][T12562] ? do_syscall_64+0xbe/0x3b0 [ 275.643436][T12562] do_syscall_64+0xfa/0x3b0 [ 275.643462][T12562] ? lockdep_hardirqs_on+0x9c/0x150 [ 275.643488][T12562] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 275.643511][T12562] ? clear_bhb_loop+0x60/0xb0 [ 275.643538][T12562] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 275.643571][T12562] RIP: 0033:0x7f7000f8e969 [ 275.643591][T12562] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 275.643610][T12562] RSP: 002b:00007f7001e13038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 275.643634][T12562] RAX: ffffffffffffffda RBX: 00007f70011b5fa0 RCX: 00007f7000f8e969 [ 275.643650][T12562] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003 [ 275.643664][T12562] RBP: 00007f7001e13090 R08: 0000000000000000 R09: 0000000000000000 [ 275.643677][T12562] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 275.643691][T12562] R13: 0000000000000000 R14: 00007f70011b5fa0 R15: 00007ffff5f943b8 [ 275.643724][T12562] [ 276.498462][T12581] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2792'. [ 276.514286][T12580] x_tables: duplicate underflow at hook 1 [ 276.546262][T12581] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2792'. [ 277.567914][T12633] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2815'. [ 277.600861][T12633] macvtap2: entered allmulticast mode [ 277.614926][T12633] veth0_macvtap: entered allmulticast mode [ 277.812955][T12643] FAULT_INJECTION: forcing a failure. [ 277.812955][T12643] name failslab, interval 1, probability 0, space 0, times 0 [ 277.854230][T12643] CPU: 0 UID: 0 PID: 12643 Comm: syz.1.2817 Not tainted 6.15.0-syzkaller-07809-g408da3a0f89d #0 PREEMPT(full) [ 277.854280][T12643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 277.854299][T12643] Call Trace: [ 277.854308][T12643] [ 277.854316][T12643] dump_stack_lvl+0x189/0x250 [ 277.854355][T12643] ? lockdep_hardirqs_on+0x9c/0x150 [ 277.854382][T12643] ? __pfx_dump_stack_lvl+0x10/0x10 [ 277.854424][T12643] ? dump_stack+0x9/0x20 [ 277.854461][T12643] should_fail_ex+0x414/0x560 [ 277.854494][T12643] should_failslab+0xa8/0x100 [ 277.854527][T12643] __kmalloc_cache_noprof+0x70/0x3d0 [ 277.854559][T12643] ? alloc_netdev_mqs+0xbd5/0x11e0 [ 277.854582][T12643] ? __xdp_rxq_info_reg+0x189/0x2a0 [ 277.854620][T12643] alloc_netdev_mqs+0xbd5/0x11e0 [ 277.854653][T12643] rtnl_create_link+0x31f/0xd10 [ 277.854694][T12643] rtnl_newlink_create+0x25c/0xb00 [ 277.854733][T12643] ? rcu_read_unlock_special+0x3fe/0x4c0 [ 277.854758][T12643] ? __pfx_aa_get_newest_label+0x10/0x10 [ 277.854789][T12643] ? __pfx_rtnl_newlink_create+0x10/0x10 [ 277.854821][T12643] ? rtnl_newlink+0x8db/0x1c70 [ 277.854872][T12643] ? __pfx___mutex_lock+0x10/0x10 [ 277.854917][T12643] ? ns_capable+0x8a/0xf0 [ 277.854955][T12643] rtnl_newlink+0x16d6/0x1c70 [ 277.854988][T12643] ? netlink_sendmsg+0x805/0xb30 [ 277.855024][T12643] ? __pfx_rtnl_newlink+0x10/0x10 [ 277.855084][T12643] ? kasan_quarantine_put+0xdd/0x220 [ 277.855113][T12643] ? lockdep_hardirqs_on+0x9c/0x150 [ 277.855148][T12643] ? __pfx_do_softirq+0x10/0x10 [ 277.855188][T12643] ? __local_bh_enable_ip+0x12d/0x1c0 [ 277.855220][T12643] ? lockdep_hardirqs_on+0x9c/0x150 [ 277.855248][T12643] ? __local_bh_enable_ip+0x12d/0x1c0 [ 277.855280][T12643] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 277.855317][T12643] ? __dev_queue_xmit+0x27e/0x3a70 [ 277.855357][T12643] ? __lock_acquire+0xab9/0xd20 [ 277.855428][T12643] ? __pfx_rtnl_newlink+0x10/0x10 [ 277.855477][T12643] rtnetlink_rcv_msg+0x7cf/0xb70 [ 277.855514][T12643] ? rtnetlink_rcv_msg+0x1ab/0xb70 [ 277.855555][T12643] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 277.855584][T12643] ? ref_tracker_free+0x63a/0x7d0 [ 277.855612][T12643] ? __copy_skb_header+0xa7/0x550 [ 277.855637][T12643] ? __pfx_ref_tracker_free+0x10/0x10 [ 277.855673][T12643] ? __skb_clone+0x63/0x7a0 [ 277.855705][T12643] netlink_rcv_skb+0x205/0x470 [ 277.855740][T12643] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 277.855773][T12643] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 277.855822][T12643] ? netlink_deliver_tap+0x2e/0x1b0 [ 277.855855][T12643] ? netlink_deliver_tap+0x2e/0x1b0 [ 277.855893][T12643] netlink_unicast+0x758/0x8d0 [ 277.855936][T12643] netlink_sendmsg+0x805/0xb30 [ 277.855967][T12643] ? __pfx_netlink_sendmsg+0x10/0x10 [ 277.855992][T12643] ? aa_sock_msg_perm+0x94/0x160 [ 277.856021][T12643] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 277.856047][T12643] ? __pfx_netlink_sendmsg+0x10/0x10 [ 277.856068][T12643] __sock_sendmsg+0x21c/0x270 [ 277.856099][T12643] ____sys_sendmsg+0x505/0x830 [ 277.856137][T12643] ? __pfx_____sys_sendmsg+0x10/0x10 [ 277.856167][T12643] ? import_iovec+0x74/0xa0 [ 277.856192][T12643] ___sys_sendmsg+0x21f/0x2a0 [ 277.856216][T12643] ? __pfx____sys_sendmsg+0x10/0x10 [ 277.856276][T12643] ? __fget_files+0x2a/0x420 [ 277.856306][T12643] ? __fget_files+0x3a0/0x420 [ 277.856348][T12643] __x64_sys_sendmsg+0x19b/0x260 [ 277.856372][T12643] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 277.856404][T12643] ? __pfx_ksys_write+0x10/0x10 [ 277.856428][T12643] ? rcu_is_watching+0x15/0xb0 [ 277.856463][T12643] ? do_syscall_64+0xbe/0x3b0 [ 277.856492][T12643] do_syscall_64+0xfa/0x3b0 [ 277.856516][T12643] ? lockdep_hardirqs_on+0x9c/0x150 [ 277.856539][T12643] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 277.856560][T12643] ? clear_bhb_loop+0x60/0xb0 [ 277.856586][T12643] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 277.856605][T12643] RIP: 0033:0x7f7000f8e969 [ 277.856624][T12643] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 277.856643][T12643] RSP: 002b:00007f7001e13038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 277.856671][T12643] RAX: ffffffffffffffda RBX: 00007f70011b5fa0 RCX: 00007f7000f8e969 [ 277.856687][T12643] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000004 [ 277.856700][T12643] RBP: 00007f7001e13090 R08: 0000000000000000 R09: 0000000000000000 [ 277.856714][T12643] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 277.856726][T12643] R13: 0000000000000000 R14: 00007f70011b5fa0 R15: 00007ffff5f943b8 [ 277.856758][T12643] [ 279.005252][T12669] vlan3: entered allmulticast mode [ 279.025180][T12669] bridge_slave_0: entered allmulticast mode [ 279.121754][T12675] tipc: Enabling of bearer rejected, failed to enable media [ 279.144660][T12675] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2833'. [ 279.213765][T12682] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2834'. [ 279.590895][T12694] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2837'. [ 279.983562][T12706] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2842'. [ 280.232746][T12716] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2844'. [ 281.210222][T12744] macvtap1: entered promiscuous mode [ 281.215983][T12744] vlan0: entered promiscuous mode [ 281.244826][T12744] macvtap1: entered allmulticast mode [ 281.264561][T12744] vlan0: entered allmulticast mode [ 281.294091][T12744] veth0_vlan: entered allmulticast mode [ 281.340433][T12744] vlan0: left allmulticast mode [ 281.345827][T12744] veth0_vlan: left allmulticast mode [ 281.356832][T12744] vlan0: left promiscuous mode [ 282.705128][T12799] netlink: 9272 bytes leftover after parsing attributes in process `syz.2.2870'. [ 282.875542][T12807] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2871'. [ 282.885312][T12807] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2871'. [ 282.954398][T12809] xt_hashlimit: size too large, truncated to 1048576 [ 283.571082][T12824] netlink: 'syz.2.2876': attribute type 4 has an invalid length. [ 283.631166][T12826] FAULT_INJECTION: forcing a failure. [ 283.631166][T12826] name failslab, interval 1, probability 0, space 0, times 0 [ 283.631317][T12824] netlink: 'syz.2.2876': attribute type 4 has an invalid length. [ 283.689771][T12826] CPU: 1 UID: 0 PID: 12826 Comm: syz.0.2877 Not tainted 6.15.0-syzkaller-07809-g408da3a0f89d #0 PREEMPT(full) [ 283.689807][T12826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 283.689822][T12826] Call Trace: [ 283.689830][T12826] [ 283.689840][T12826] dump_stack_lvl+0x189/0x250 [ 283.689878][T12826] ? __pfx____ratelimit+0x10/0x10 [ 283.689905][T12826] ? __pfx_dump_stack_lvl+0x10/0x10 [ 283.689938][T12826] ? __pfx__printk+0x10/0x10 [ 283.689967][T12826] ? __pfx___might_resched+0x10/0x10 [ 283.690003][T12826] should_fail_ex+0x414/0x560 [ 283.690036][T12826] should_failslab+0xa8/0x100 [ 283.690070][T12826] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 283.690102][T12826] ? __alloc_skb+0x112/0x2d0 [ 283.690138][T12826] __alloc_skb+0x112/0x2d0 [ 283.690174][T12826] netlink_dump+0x22b/0xe20 [ 283.690205][T12826] ? __skb_try_recv_from_queue+0x58f/0x730 [ 283.690249][T12826] ? __pfx_netlink_dump+0x10/0x10 [ 283.690306][T12826] netlink_recvmsg+0x676/0xa30 [ 283.690337][T12826] ? __pfx_netlink_recvmsg+0x10/0x10 [ 283.690355][T12826] ? irqentry_exit+0x74/0x90 [ 283.690385][T12826] ? aa_sock_msg_perm+0x94/0x160 [ 283.690414][T12826] ? bpf_lsm_socket_recvmsg+0x9/0x20 [ 283.690439][T12826] ? security_socket_recvmsg+0x7e/0x2e0 [ 283.690471][T12826] ? __pfx_netlink_recvmsg+0x10/0x10 [ 283.690491][T12826] sock_recvmsg+0x22c/0x270 [ 283.690524][T12826] ____sys_recvmsg+0x1c9/0x460 [ 283.690557][T12826] ? __pfx_____sys_recvmsg+0x10/0x10 [ 283.690597][T12826] ? import_iovec+0x74/0xa0 [ 283.690622][T12826] ___sys_recvmsg+0x1b5/0x510 [ 283.690650][T12826] ? __pfx____sys_recvmsg+0x10/0x10 [ 283.690722][T12826] ? __fget_files+0x3a0/0x420 [ 283.690769][T12826] do_recvmmsg+0x307/0x770 [ 283.690804][T12826] ? __pfx_do_recvmmsg+0x10/0x10 [ 283.690841][T12826] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 283.690891][T12826] __x64_sys_recvmmsg+0x190/0x240 [ 283.690920][T12826] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 283.690950][T12826] ? do_syscall_64+0xbe/0x3b0 [ 283.690984][T12826] do_syscall_64+0xfa/0x3b0 [ 283.691013][T12826] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 283.691035][T12826] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 283.691057][T12826] ? clear_bhb_loop+0x60/0xb0 [ 283.691084][T12826] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 283.691106][T12826] RIP: 0033:0x7f2f9e18e969 [ 283.691126][T12826] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 283.691147][T12826] RSP: 002b:00007f2f9f010038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 283.691171][T12826] RAX: ffffffffffffffda RBX: 00007f2f9e3b5fa0 RCX: 00007f2f9e18e969 [ 283.691187][T12826] RDX: 0000000000000008 RSI: 0000200000002c00 RDI: 0000000000000003 [ 283.691202][T12826] RBP: 00007f2f9f010090 R08: 0000000000000000 R09: 0000000000000000 [ 283.691217][T12826] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000001 [ 283.691231][T12826] R13: 0000000000000000 R14: 00007f2f9e3b5fa0 R15: 00007ffce9609d58 [ 283.691273][T12826] [ 284.485559][T12843] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes. [ 285.152859][T12862] netlink: 'syz.2.2890': attribute type 4 has an invalid length. [ 285.206138][T12862] netlink: 'syz.2.2890': attribute type 4 has an invalid length. [ 285.857613][T12886] FAULT_INJECTION: forcing a failure. [ 285.857613][T12886] name failslab, interval 1, probability 0, space 0, times 0 [ 285.904883][T12886] CPU: 1 UID: 0 PID: 12886 Comm: syz.3.2897 Not tainted 6.15.0-syzkaller-07809-g408da3a0f89d #0 PREEMPT(full) [ 285.904920][T12886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 285.904934][T12886] Call Trace: [ 285.904944][T12886] [ 285.904955][T12886] dump_stack_lvl+0x189/0x250 [ 285.904993][T12886] ? __pfx____ratelimit+0x10/0x10 [ 285.905020][T12886] ? __pfx_dump_stack_lvl+0x10/0x10 [ 285.905053][T12886] ? __pfx__printk+0x10/0x10 [ 285.905084][T12886] ? __pfx___might_resched+0x10/0x10 [ 285.905120][T12886] should_fail_ex+0x414/0x560 [ 285.905154][T12886] should_failslab+0xa8/0x100 [ 285.905189][T12886] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 285.905221][T12886] ? __alloc_skb+0x112/0x2d0 [ 285.905257][T12886] __alloc_skb+0x112/0x2d0 [ 285.905299][T12886] netlink_sendmsg+0x5c6/0xb30 [ 285.905331][T12886] ? __pfx_netlink_sendmsg+0x10/0x10 [ 285.905356][T12886] ? aa_sock_msg_perm+0x94/0x160 [ 285.905385][T12886] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 285.905410][T12886] ? __pfx_netlink_sendmsg+0x10/0x10 [ 285.905431][T12886] __sock_sendmsg+0x21c/0x270 [ 285.905463][T12886] ____sys_sendmsg+0x505/0x830 [ 285.905491][T12886] ? __pfx_____sys_sendmsg+0x10/0x10 [ 285.905524][T12886] ? import_iovec+0x74/0xa0 [ 285.905550][T12886] ___sys_sendmsg+0x21f/0x2a0 [ 285.905575][T12886] ? __pfx____sys_sendmsg+0x10/0x10 [ 285.905634][T12886] ? __fget_files+0x2a/0x420 [ 285.905683][T12886] ? __fget_files+0x3a0/0x420 [ 285.905729][T12886] __x64_sys_sendmsg+0x19b/0x260 [ 285.905756][T12886] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 285.905790][T12886] ? __pfx_ksys_write+0x10/0x10 [ 285.905826][T12886] ? do_syscall_64+0xbe/0x3b0 [ 285.905859][T12886] do_syscall_64+0xfa/0x3b0 [ 285.905889][T12886] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 285.905911][T12886] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 285.905933][T12886] ? clear_bhb_loop+0x60/0xb0 [ 285.905961][T12886] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 285.905983][T12886] RIP: 0033:0x7fc25b78e969 [ 285.906004][T12886] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 285.906024][T12886] RSP: 002b:00007fc25c53d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 285.906050][T12886] RAX: ffffffffffffffda RBX: 00007fc25b9b5fa0 RCX: 00007fc25b78e969 [ 285.906066][T12886] RDX: 0000000024002840 RSI: 00002000000003c0 RDI: 0000000000000003 [ 285.906081][T12886] RBP: 00007fc25c53d090 R08: 0000000000000000 R09: 0000000000000000 [ 285.906097][T12886] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 285.906111][T12886] R13: 0000000000000000 R14: 00007fc25b9b5fa0 R15: 00007ffd9a9fdb28 [ 285.906146][T12886] [ 286.797441][T12914] bond_slave_0: mtu greater than device maximum [ 288.452734][T12963] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 288.603529][T12967] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2927'. [ 289.689209][T12976] netlink: 'syz.2.2932': attribute type 1 has an invalid length. [ 289.697630][T12976] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 289.746249][ T5848] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 289.756156][ T5848] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 289.765268][ T5848] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 289.775024][ T5848] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 289.783566][ T5848] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 289.867696][T12976] xt_l2tp: invalid flags combination: c [ 291.580321][T12981] chnl_net:caif_netlink_parms(): no params data found [ 291.614224][T13032] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2951'. [ 291.708772][T13035] x_tables: duplicate underflow at hook 3 [ 291.728594][T13032] 8021q: adding VLAN 0 to HW filter on device bond2 [ 291.859477][ T5840] Bluetooth: hci3: command tx timeout [ 291.935494][T13046] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2953'. [ 292.109569][T12981] bridge0: port 1(bridge_slave_0) entered blocking state [ 292.117520][T12981] bridge0: port 1(bridge_slave_0) entered disabled state [ 292.126322][T12981] bridge_slave_0: entered allmulticast mode [ 292.135507][T12981] bridge_slave_0: entered promiscuous mode [ 292.147127][T12981] bridge0: port 2(bridge_slave_1) entered blocking state [ 292.155125][T12981] bridge0: port 2(bridge_slave_1) entered disabled state [ 292.162929][T12981] bridge_slave_1: entered allmulticast mode [ 292.172291][T12981] bridge_slave_1: entered promiscuous mode [ 292.331385][T12981] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 292.365532][T12981] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 292.555093][T12981] team0: Port device team_slave_0 added [ 292.580629][T12981] team0: Port device team_slave_1 added [ 292.704060][T12981] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 292.735482][T12981] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 292.768922][T12981] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 292.803660][T12981] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 292.812193][T12981] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 292.873850][T12981] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 293.103483][T13064] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input9 [ 293.226119][T12981] hsr_slave_0: entered promiscuous mode [ 293.280545][T12981] hsr_slave_1: entered promiscuous mode [ 293.306505][T12981] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 293.316028][T12981] Cannot create hsr debugfs directory [ 293.658028][T13080] veth5: entered allmulticast mode [ 293.701845][T13080] netlink: 71 bytes leftover after parsing attributes in process `syz.1.2968'. [ 293.939480][ T5840] Bluetooth: hci3: command tx timeout [ 293.963058][T12981] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 294.094014][T12981] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 294.212435][T12981] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 294.364597][T12981] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 294.806899][T12981] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 294.881559][T12981] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 294.924586][T12981] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 294.973366][T12981] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 295.456572][T12981] 8021q: adding VLAN 0 to HW filter on device bond0 [ 295.537738][T12981] 8021q: adding VLAN 0 to HW filter on device team0 [ 295.611899][ T1318] bridge0: port 1(bridge_slave_0) entered blocking state [ 295.619662][ T1318] bridge0: port 1(bridge_slave_0) entered forwarding state [ 295.655523][ T1318] bridge0: port 2(bridge_slave_1) entered blocking state [ 295.663237][ T1318] bridge0: port 2(bridge_slave_1) entered forwarding state [ 295.698187][T13129] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2988'. [ 295.785463][T13129] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2988'. [ 295.809202][T13129] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2988'. [ 295.865447][T13134] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2991'. [ 295.947408][T13136] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2992'. [ 296.021141][ T5840] Bluetooth: hci3: command tx timeout [ 296.593422][T12981] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 296.655718][T13158] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2998'. [ 296.908360][T12981] veth0_vlan: entered promiscuous mode [ 296.976848][T12981] veth1_vlan: entered promiscuous mode [ 297.122262][T13171] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3002'. [ 297.169899][T12981] veth0_macvtap: entered promiscuous mode [ 297.193371][T12981] veth1_macvtap: entered promiscuous mode [ 297.274973][T12981] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 297.324802][T12981] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 297.365538][T12981] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 297.407211][T12981] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 297.438542][T12981] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 297.460006][T12981] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 297.842905][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 297.902878][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 298.026922][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 298.049345][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 298.100029][ T5840] Bluetooth: hci3: command tx timeout [ 298.388165][T13199] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 298.438119][T13203] FAULT_INJECTION: forcing a failure. [ 298.438119][T13203] name failslab, interval 1, probability 0, space 0, times 0 [ 298.504401][T13203] CPU: 1 UID: 0 PID: 13203 Comm: syz.3.3014 Not tainted 6.15.0-syzkaller-07809-g408da3a0f89d #0 PREEMPT(full) [ 298.504434][T13203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 298.504447][T13203] Call Trace: [ 298.504456][T13203] [ 298.504466][T13203] dump_stack_lvl+0x189/0x250 [ 298.504502][T13203] ? __pfx____ratelimit+0x10/0x10 [ 298.504529][T13203] ? __pfx_dump_stack_lvl+0x10/0x10 [ 298.504560][T13203] ? __pfx__printk+0x10/0x10 [ 298.504589][T13203] ? __pfx___might_resched+0x10/0x10 [ 298.504635][T13203] ? fs_reclaim_acquire+0x7d/0x100 [ 298.504663][T13203] should_fail_ex+0x414/0x560 [ 298.504698][T13203] should_failslab+0xa8/0x100 [ 298.504742][T13203] __kmalloc_cache_noprof+0x70/0x3d0 [ 298.504771][T13203] ? nft_trans_elem_alloc+0x55/0x320 [ 298.504798][T13203] ? nft_set_elem_expr_setup+0xab/0x830 [ 298.504830][T13203] nft_trans_elem_alloc+0x55/0x320 [ 298.504857][T13203] ? nf_tables_newsetelem+0x24bc/0x4340 [ 298.504882][T13203] nf_tables_newsetelem+0x24db/0x4340 [ 298.504949][T13203] ? __pfx_nf_tables_newsetelem+0x10/0x10 [ 298.504971][T13203] ? __lock_acquire+0xab9/0xd20 [ 298.505019][T13203] ? nla_validate_array+0xfc/0x260 [ 298.505069][T13203] ? __pfx___nla_validate_parse+0x10/0x10 [ 298.505105][T13203] ? __lock_acquire+0xab9/0xd20 [ 298.505141][T13203] ? nfnl_pernet+0x23/0x240 [ 298.505176][T13203] ? __nla_parse+0x40/0x60 [ 298.505211][T13203] nfnetlink_rcv+0x112f/0x2520 [ 298.505269][T13203] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 298.505313][T13203] ? ref_tracker_free+0x63a/0x7d0 [ 298.505372][T13203] ? __netlink_deliver_tap+0x807/0x850 [ 298.505421][T13203] ? netlink_deliver_tap+0x2e/0x1b0 [ 298.505451][T13203] ? netlink_deliver_tap+0x2e/0x1b0 [ 298.505488][T13203] netlink_unicast+0x758/0x8d0 [ 298.505528][T13203] netlink_sendmsg+0x805/0xb30 [ 298.505557][T13203] ? __pfx_netlink_sendmsg+0x10/0x10 [ 298.505580][T13203] ? aa_sock_msg_perm+0x94/0x160 [ 298.505607][T13203] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 298.505631][T13203] ? __pfx_netlink_sendmsg+0x10/0x10 [ 298.505651][T13203] __sock_sendmsg+0x21c/0x270 [ 298.505681][T13203] ____sys_sendmsg+0x505/0x830 [ 298.505707][T13203] ? __pfx_____sys_sendmsg+0x10/0x10 [ 298.505737][T13203] ? import_iovec+0x74/0xa0 [ 298.505781][T13203] ___sys_sendmsg+0x21f/0x2a0 [ 298.505807][T13203] ? __pfx____sys_sendmsg+0x10/0x10 [ 298.505869][T13203] ? __fget_files+0x2a/0x420 [ 298.505900][T13203] ? __fget_files+0x3a0/0x420 [ 298.505953][T13203] __x64_sys_sendmsg+0x19b/0x260 [ 298.505976][T13203] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 298.506008][T13203] ? __pfx_ksys_write+0x10/0x10 [ 298.506031][T13203] ? rcu_is_watching+0x15/0xb0 [ 298.506066][T13203] ? do_syscall_64+0xbe/0x3b0 [ 298.506095][T13203] do_syscall_64+0xfa/0x3b0 [ 298.506121][T13203] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 298.506140][T13203] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 298.506160][T13203] ? clear_bhb_loop+0x60/0xb0 [ 298.506185][T13203] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 298.506204][T13203] RIP: 0033:0x7fc25b78e969 [ 298.506221][T13203] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 298.506241][T13203] RSP: 002b:00007fc25c53d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 298.506262][T13203] RAX: ffffffffffffffda RBX: 00007fc25b9b5fa0 RCX: 00007fc25b78e969 [ 298.506277][T13203] RDX: 0000000000008040 RSI: 0000200000000180 RDI: 0000000000000004 [ 298.506290][T13203] RBP: 00007fc25c53d090 R08: 0000000000000000 R09: 0000000000000000 [ 298.506303][T13203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 298.506316][T13203] R13: 0000000000000000 R14: 00007fc25b9b5fa0 R15: 00007ffd9a9fdb28 [ 298.506347][T13203] [ 299.326431][ T5848] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 299.349695][ T5848] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 299.369632][ T5848] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 299.380971][ T5848] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 299.400357][ T5848] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 300.131507][T13229] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3024'. [ 300.472942][ T1164] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 300.548827][T13239] FAULT_INJECTION: forcing a failure. [ 300.548827][T13239] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 300.601887][T13239] CPU: 1 UID: 0 PID: 13239 Comm: syz.3.3027 Not tainted 6.15.0-syzkaller-07809-g408da3a0f89d #0 PREEMPT(full) [ 300.601922][T13239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 300.601936][T13239] Call Trace: [ 300.601955][T13239] [ 300.601965][T13239] dump_stack_lvl+0x189/0x250 [ 300.602001][T13239] ? __pfx____ratelimit+0x10/0x10 [ 300.602028][T13239] ? __pfx_dump_stack_lvl+0x10/0x10 [ 300.602058][T13239] ? __pfx__printk+0x10/0x10 [ 300.602081][T13239] ? __might_fault+0xb0/0x130 [ 300.602121][T13239] should_fail_ex+0x414/0x560 [ 300.602152][T13239] _copy_from_user+0x2d/0xb0 [ 300.602173][T13239] kstrtouint_from_user+0xc4/0x170 [ 300.602203][T13239] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 300.602250][T13239] proc_fail_nth_write+0x88/0x240 [ 300.602278][T13239] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 300.602305][T13239] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 300.602327][T13239] vfs_write+0x27e/0xa90 [ 300.602364][T13239] ? __pfx_vfs_write+0x10/0x10 [ 300.602392][T13239] ? __fget_files+0x2a/0x420 [ 300.602426][T13239] ? __fget_files+0x3a0/0x420 [ 300.602453][T13239] ? __fget_files+0x2a/0x420 [ 300.602493][T13239] ksys_write+0x145/0x250 [ 300.602521][T13239] ? __pfx_ksys_write+0x10/0x10 [ 300.602544][T13239] ? rcu_is_watching+0x15/0xb0 [ 300.602578][T13239] ? do_syscall_64+0xbe/0x3b0 [ 300.602608][T13239] do_syscall_64+0xfa/0x3b0 [ 300.602631][T13239] ? lockdep_hardirqs_on+0x9c/0x150 [ 300.602652][T13239] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 300.602672][T13239] ? clear_bhb_loop+0x60/0xb0 [ 300.602695][T13239] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 300.602712][T13239] RIP: 0033:0x7fc25b78d41f [ 300.602728][T13239] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 300.602746][T13239] RSP: 002b:00007fc25c53d030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 300.602766][T13239] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc25b78d41f [ 300.602780][T13239] RDX: 0000000000000001 RSI: 00007fc25c53d0a0 RDI: 000000000000000f [ 300.602792][T13239] RBP: 00007fc25c53d090 R08: 0000000000000000 R09: 0000000000000000 [ 300.602804][T13239] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 300.602815][T13239] R13: 0000000000000000 R14: 00007fc25b9b5fa0 R15: 00007ffd9a9fdb28 [ 300.602847][T13239] [ 300.897462][ T1164] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 301.085684][ T1164] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 301.176841][T13249] tipc: Enabled bearer , priority 0 [ 301.215593][T13249] syzkaller0: entered promiscuous mode [ 301.226148][T13249] syzkaller0: entered allmulticast mode [ 301.267753][ T1164] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 301.357430][T13254] tipc: Resetting bearer [ 301.434556][T13247] tipc: Resetting bearer [ 301.462276][T13247] tipc: Disabling bearer [ 301.549251][ T5848] Bluetooth: hci5: command tx timeout [ 301.724816][T13264] sctp: [Deprecated]: syz.3.3035 (pid 13264) Use of int in maxseg socket option. [ 301.724816][T13264] Use struct sctp_assoc_value instead [ 301.792394][T13264] sctp: [Deprecated]: syz.3.3035 (pid 13264) Use of int in maxseg socket option. [ 301.792394][T13264] Use struct sctp_assoc_value instead [ 301.887877][T13209] chnl_net:caif_netlink_parms(): no params data found [ 301.991920][T13271] xt_TCPMSS: Only works on TCP SYN packets [ 302.108341][T13269] syzkaller0: entered promiscuous mode [ 302.118591][T13269] syzkaller0: entered allmulticast mode [ 302.157346][ T1164] bridge_slave_1: left allmulticast mode [ 302.164480][ T1164] bridge_slave_1: left promiscuous mode [ 302.181433][ T1164] bridge0: port 2(bridge_slave_1) entered disabled state [ 302.212573][ T1164] bridge_slave_0: left allmulticast mode [ 302.220995][ T1164] bridge_slave_0: left promiscuous mode [ 302.227378][ T1164] bridge0: port 1(bridge_slave_0) entered disabled state [ 302.492863][T13283] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3040'. [ 302.820741][ T1164] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 302.836350][ T1164] bond_slave_0: left promiscuous mode [ 302.865899][ T1164] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 302.886803][ T1164] bond_slave_1: left promiscuous mode [ 302.893789][ T1164] bond0 (unregistering): Released all slaves [ 303.053507][ T1164] bond1 (unregistering): Released all slaves [ 303.262487][T13289] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3042'. [ 303.629157][ T5848] Bluetooth: hci5: command tx timeout [ 304.958822][T13286] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 305.145306][ T1164] : left promiscuous mode [ 305.155813][T13292] FAULT_INJECTION: forcing a failure. [ 305.155813][T13292] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 305.214459][T13292] CPU: 0 UID: 0 PID: 13292 Comm: syz.2.3043 Not tainted 6.15.0-syzkaller-07809-g408da3a0f89d #0 PREEMPT(full) [ 305.214496][T13292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 305.214523][T13292] Call Trace: [ 305.214532][T13292] [ 305.214543][T13292] dump_stack_lvl+0x189/0x250 [ 305.214583][T13292] ? __pfx____ratelimit+0x10/0x10 [ 305.214610][T13292] ? __pfx_dump_stack_lvl+0x10/0x10 [ 305.214643][T13292] ? __pfx__printk+0x10/0x10 [ 305.214666][T13292] ? __might_fault+0xb0/0x130 [ 305.214717][T13292] should_fail_ex+0x414/0x560 [ 305.214751][T13292] _copy_from_iter+0x1db/0x16f0 [ 305.214788][T13292] ? rcu_is_watching+0x15/0xb0 [ 305.214819][T13292] ? kmem_cache_alloc_node_noprof+0x217/0x3c0 [ 305.214854][T13292] ? __pfx__copy_from_iter+0x10/0x10 [ 305.214887][T13292] ? __build_skb_around+0x257/0x3e0 [ 305.214924][T13292] ? netlink_sendmsg+0x642/0xb30 [ 305.214942][T13292] ? skb_put+0x11b/0x210 [ 305.214979][T13292] netlink_sendmsg+0x6b2/0xb30 [ 305.215009][T13292] ? __pfx_netlink_sendmsg+0x10/0x10 [ 305.215033][T13292] ? aa_sock_msg_perm+0x94/0x160 [ 305.215062][T13292] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 305.215088][T13292] ? __pfx_netlink_sendmsg+0x10/0x10 [ 305.215109][T13292] __sock_sendmsg+0x21c/0x270 [ 305.215140][T13292] ____sys_sendmsg+0x505/0x830 [ 305.215168][T13292] ? __pfx_____sys_sendmsg+0x10/0x10 [ 305.215200][T13292] ? import_iovec+0x74/0xa0 [ 305.215226][T13292] ___sys_sendmsg+0x21f/0x2a0 [ 305.215251][T13292] ? __pfx____sys_sendmsg+0x10/0x10 [ 305.215311][T13292] ? __fget_files+0x2a/0x420 [ 305.215342][T13292] ? __fget_files+0x3a0/0x420 [ 305.215385][T13292] __x64_sys_sendmsg+0x19b/0x260 [ 305.215410][T13292] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 305.215443][T13292] ? __pfx_ksys_write+0x10/0x10 [ 305.215467][T13292] ? rcu_is_watching+0x15/0xb0 [ 305.215503][T13292] ? do_syscall_64+0xbe/0x3b0 [ 305.215535][T13292] do_syscall_64+0xfa/0x3b0 [ 305.215560][T13292] ? lockdep_hardirqs_on+0x9c/0x150 [ 305.215585][T13292] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 305.215606][T13292] ? clear_bhb_loop+0x60/0xb0 [ 305.215632][T13292] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 305.215653][T13292] RIP: 0033:0x7f522bb8e969 [ 305.215679][T13292] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 305.215698][T13292] RSP: 002b:00007f522c98a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 305.215721][T13292] RAX: ffffffffffffffda RBX: 00007f522bdb5fa0 RCX: 00007f522bb8e969 [ 305.215738][T13292] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000004 [ 305.215752][T13292] RBP: 00007f522c98a090 R08: 0000000000000000 R09: 0000000000000000 [ 305.215766][T13292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 305.215779][T13292] R13: 0000000000000000 R14: 00007f522bdb5fa0 R15: 00007ffd54adfe28 [ 305.215811][T13292] [ 305.703629][ T5848] Bluetooth: hci5: command tx timeout [ 305.795155][ T1164] tipc: Left network mode [ 305.810772][T13209] bridge0: port 1(bridge_slave_0) entered blocking state [ 305.875285][T13209] bridge0: port 1(bridge_slave_0) entered disabled state [ 305.919517][T13209] bridge_slave_0: entered allmulticast mode [ 305.928550][T13209] bridge_slave_0: entered promiscuous mode [ 305.940810][T13209] bridge0: port 2(bridge_slave_1) entered blocking state [ 305.948592][T13209] bridge0: port 2(bridge_slave_1) entered disabled state [ 305.956473][T13209] bridge_slave_1: entered allmulticast mode [ 305.965707][T13209] bridge_slave_1: entered promiscuous mode [ 306.504988][T13209] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 306.602463][T13209] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 306.634519][T13323] netlink: 'syz.1.3054': attribute type 1 has an invalid length. [ 306.665956][T13323] netlink: 'syz.1.3054': attribute type 2 has an invalid length. [ 306.731306][T13323] netlink: 'syz.1.3054': attribute type 1 has an invalid length. [ 306.793565][T13323] netlink: 1156 bytes leftover after parsing attributes in process `syz.1.3054'. [ 306.865717][T13209] team0: Port device team_slave_0 added [ 306.921951][T13209] team0: Port device team_slave_1 added [ 307.110963][T13333] xt_connbytes: Forcing CT accounting to be enabled [ 307.544556][ T1164] hsr_slave_0: left promiscuous mode [ 307.570537][ T1164] hsr_slave_1: left promiscuous mode [ 307.577609][ T1164] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 307.587190][ T1164] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 307.671128][ T1164] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 307.692851][ T1164] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 307.782827][ T5848] Bluetooth: hci5: command tx timeout [ 307.828287][ T1164] veth1_macvtap: left promiscuous mode [ 307.858962][ T1164] veth0_macvtap: left promiscuous mode [ 307.869513][ T1164] veth1_vlan: left promiscuous mode [ 307.875747][ T1164] veth0_vlan: left promiscuous mode [ 317.146735][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.153596][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 323.527263][ T5840] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 323.536990][ T5840] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 323.545848][ T5840] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 323.555218][ T5840] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 323.566940][ T5840] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 323.616972][ T5848] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 323.627975][ T5848] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 323.637179][ T5848] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 323.648031][ T5848] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 323.656632][ T5848] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 324.623290][ T5848] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 324.632767][ T5848] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 324.653505][ T5848] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 324.669819][ T5848] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 324.678267][ T5848] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 324.759349][ T5848] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 324.767965][ T5848] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 324.776995][ T5848] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 324.787571][ T5848] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 324.798315][ T5848] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 325.619342][ T5840] Bluetooth: hci2: command tx timeout [ 325.699168][ T5840] Bluetooth: hci6: command tx timeout [ 326.740688][ T5840] Bluetooth: hci7: command tx timeout [ 326.899414][ T5840] Bluetooth: hci8: command tx timeout [ 327.699212][ T5840] Bluetooth: hci2: command tx timeout [ 327.779217][ T5840] Bluetooth: hci6: command tx timeout [ 328.819283][ T5840] Bluetooth: hci7: command tx timeout [ 328.980964][ T5840] Bluetooth: hci8: command tx timeout [ 329.779235][ T5840] Bluetooth: hci2: command tx timeout [ 329.859139][ T5840] Bluetooth: hci6: command tx timeout [ 330.899203][ T5840] Bluetooth: hci7: command tx timeout [ 331.059176][ T5840] Bluetooth: hci8: command tx timeout [ 331.859709][ T5840] Bluetooth: hci2: command tx timeout [ 331.939062][ T5840] Bluetooth: hci6: command tx timeout [ 332.979227][ T5840] Bluetooth: hci7: command tx timeout [ 333.139266][ T5840] Bluetooth: hci8: command tx timeout [ 355.059990][ T5840] Bluetooth: hci4: command 0x0405 tx timeout [ 359.474196][ T5840] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 359.486914][ T5840] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 359.495503][ T5840] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 359.505756][ T5840] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 359.515216][ T5840] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 361.539242][ T5840] Bluetooth: hci9: command tx timeout [ 363.619150][ T5840] Bluetooth: hci9: command tx timeout [ 365.699186][ T5840] Bluetooth: hci9: command tx timeout [ 367.779052][ T5840] Bluetooth: hci9: command tx timeout [ 378.585457][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.592449][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 384.009424][ T5848] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 384.018150][ T5848] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 384.027295][ T5848] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 384.039936][ T5849] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 384.049140][ T5848] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 384.058086][ T5848] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 384.059416][ T5849] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 384.068144][ T5848] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 384.074225][ T5849] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 384.087977][ T5849] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 385.435211][ T5840] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 385.444907][ T5840] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 385.458663][ T5840] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 385.470082][ T5840] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 385.479990][ T5840] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 385.499982][ T5849] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 385.509470][ T5849] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 385.517656][ T5849] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 385.527182][ T5849] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 385.536842][ T5849] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 386.099224][ T5840] Bluetooth: hci10: command tx timeout [ 386.179186][ T5840] Bluetooth: hci11: command tx timeout [ 387.539238][ T5849] Bluetooth: hci12: command tx timeout [ 387.620030][ T5849] Bluetooth: hci13: command tx timeout [ 388.179997][ T5849] Bluetooth: hci10: command tx timeout [ 388.259148][ T5849] Bluetooth: hci11: command tx timeout [ 389.619047][ T5849] Bluetooth: hci12: command tx timeout [ 389.699265][ T5849] Bluetooth: hci13: command tx timeout [ 390.259035][ T5849] Bluetooth: hci10: command tx timeout [ 390.339095][ T5849] Bluetooth: hci11: command tx timeout [ 391.699129][ T5849] Bluetooth: hci12: command tx timeout [ 391.789119][ T5849] Bluetooth: hci13: command tx timeout [ 392.350816][ T5849] Bluetooth: hci10: command tx timeout [ 392.419588][ T5849] Bluetooth: hci11: command tx timeout [ 393.779127][ T5849] Bluetooth: hci12: command tx timeout [ 393.859345][ T5849] Bluetooth: hci13: command tx timeout [ 420.483268][ T5151] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 420.500297][ T5151] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 420.509690][ T5151] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 420.524340][ T5151] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 420.534690][ T5151] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 421.619211][ T5849] Bluetooth: hci5: command 0x0406 tx timeout [ 422.579748][ T5840] Bluetooth: hci14: command tx timeout [ 424.661429][ T5840] Bluetooth: hci14: command tx timeout [ 426.739129][ T5151] Bluetooth: hci14: command tx timeout [ 426.745010][ T5840] Bluetooth: hci3: command 0x0406 tx timeout [ 428.829209][ T5849] Bluetooth: hci14: command tx timeout [ 440.034930][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.041867][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 445.077081][ T5840] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 445.085745][ T5840] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 445.094262][ T5840] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 445.104203][ T5840] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 445.112730][ T5840] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1 [ 445.117381][ T5848] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2 [ 445.129390][ T5848] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9 [ 445.140842][ T5840] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9 [ 445.160552][T13419] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4 [ 445.176772][T13419] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2 [ 446.113053][T13419] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1 [ 446.122975][T13419] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9 [ 446.132987][T13419] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9 [ 446.142044][T13419] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4 [ 446.151607][T13419] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2 [ 446.297297][T13419] Bluetooth: hci18: unexpected cc 0x0c03 length: 249 > 1 [ 446.305956][T13419] Bluetooth: hci18: unexpected cc 0x1003 length: 249 > 9 [ 446.315663][T13419] Bluetooth: hci18: unexpected cc 0x1001 length: 249 > 9 [ 446.325985][T13419] Bluetooth: hci18: unexpected cc 0x0c23 length: 249 > 4 [ 446.334596][T13419] Bluetooth: hci18: unexpected cc 0x0c38 length: 249 > 2 [ 447.225396][ T5151] Bluetooth: hci2: command 0x0406 tx timeout [ 447.226393][T13419] Bluetooth: hci7: command 0x0406 tx timeout [ 447.232698][ T5834] Bluetooth: hci16: command tx timeout [ 447.238241][T13419] Bluetooth: hci6: command 0x0406 tx timeout [ 447.244329][ T5151] Bluetooth: hci15: command tx timeout [ 447.256335][T13419] Bluetooth: hci8: command 0x0406 tx timeout [ 448.179095][ T5849] Bluetooth: hci17: command tx timeout [ 448.429299][ T5849] Bluetooth: hci18: command tx timeout [ 449.299226][ T5849] Bluetooth: hci15: command tx timeout [ 449.299246][ T5840] Bluetooth: hci16: command tx timeout [ 450.259222][ T5840] Bluetooth: hci17: command tx timeout [ 450.499040][ T5840] Bluetooth: hci18: command tx timeout [ 451.379190][ T5840] Bluetooth: hci15: command tx timeout [ 451.379196][ T5849] Bluetooth: hci16: command tx timeout [ 452.339242][ T5840] Bluetooth: hci17: command tx timeout [ 452.579165][ T5840] Bluetooth: hci18: command tx timeout [ 453.459253][ T5840] Bluetooth: hci15: command tx timeout [ 453.459262][ T5849] Bluetooth: hci16: command tx timeout [ 454.419104][ T5840] Bluetooth: hci17: command tx timeout [ 454.659146][ T5840] Bluetooth: hci18: command tx timeout [ 464.339205][ T31] INFO: task kworker/u8:1:13 blocked for more than 143 seconds. [ 464.347326][ T31] Not tainted 6.15.0-syzkaller-07809-g408da3a0f89d #0 [ 464.355081][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 464.364485][ T31] task:kworker/u8:1 state:D stack:21368 pid:13 tgid:13 ppid:2 task_flags:0x4208160 flags:0x00004000 [ 464.377226][ T31] Workqueue: events_unbound linkwatch_event [ 464.383566][ T31] Call Trace: SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 464.387055][ T31] [ 464.409015][ T31] __schedule+0x16f5/0x4d00 [ 464.413872][ T31] ? __lock_acquire+0xab9/0xd20 [ 464.428403][ T31] ? schedule+0x165/0x360 [ 464.459024][ T31] ? __pfx___schedule+0x10/0x10 [ 464.464266][ T31] ? schedule+0x91/0x360 [ 464.468781][ T31] schedule+0x165/0x360 [ 464.535215][ T31] schedule_preempt_disabled+0x13/0x30 [ 464.543345][ T31] __mutex_lock+0x724/0xe80 [ 464.548232][ T31] ? __mutex_lock+0x51b/0xe80 [ 464.558280][ T31] ? linkwatch_event+0xe/0x60 [ 464.563350][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 464.576737][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 464.584136][ T31] ? process_scheduled_works+0x9ef/0x17b0 [ 464.595248][ T31] ? process_scheduled_works+0x9ef/0x17b0 [ 464.601548][ T31] linkwatch_event+0xe/0x60 [ 464.606499][ T31] process_scheduled_works+0xae1/0x17b0 [ 464.615523][ T31] ? __pfx_process_scheduled_works+0x10/0x10 [ 464.622128][ T31] worker_thread+0x8a0/0xda0 [ 464.628553][ T31] kthread+0x70e/0x8a0 [ 464.632994][ T31] ? __pfx_worker_thread+0x10/0x10 [ 464.638522][ T31] ? __pfx_kthread+0x10/0x10 [ 464.643564][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 464.649137][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 464.654697][ T31] ? __pfx_kthread+0x10/0x10 [ 464.660575][ T31] ret_from_fork+0x3fc/0x770 [ 464.665582][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 464.671303][ T31] ? __switch_to_asm+0x39/0x70 [ 464.676410][ T31] ? __switch_to_asm+0x33/0x70 [ 464.681720][ T31] ? __pfx_kthread+0x10/0x10 [ 464.686635][ T31] ret_from_fork_asm+0x1a/0x30 [ 464.691809][ T31] [ 464.695276][ T31] INFO: task syz-executor:13209 blocked for more than 143 seconds. [ 464.705246][ T31] Not tainted 6.15.0-syzkaller-07809-g408da3a0f89d #0 [ 464.713139][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 464.746533][ T31] task:syz-executor state:D stack:21960 pid:13209 tgid:13209 ppid:1 task_flags:0x400140 flags:0x00004004 [ 464.759484][ T31] Call Trace: [ 464.763020][ T31] [ 464.766186][ T31] __schedule+0x16f5/0x4d00 [ 464.771238][ T31] ? __lock_acquire+0xab9/0xd20 [ 464.776516][ T31] ? schedule+0x165/0x360 [ 464.781238][ T31] ? __pfx___schedule+0x10/0x10 [ 464.786509][ T31] ? schedule+0x91/0x360 [ 464.791197][ T31] schedule+0x165/0x360 [ 464.795668][ T31] schedule_preempt_disabled+0x13/0x30 [ 464.801584][ T31] __mutex_lock+0x724/0xe80 [ 464.806481][ T31] ? __mutex_lock+0x51b/0xe80 [ 464.811538][ T31] ? rtnl_newlink+0x8db/0x1c70 [ 464.816686][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 464.822131][ T31] ? ns_capable+0x8a/0xf0 [ 464.826780][ T31] ? rtnl_link_get_net_capable+0x16a/0x350 [ 464.835728][ T31] rtnl_newlink+0x8db/0x1c70 [ 464.840695][ T31] ? __pfx_rtnl_newlink+0x10/0x10 [ 464.846137][ T31] ? __lock_acquire+0xab9/0xd20 [ 464.851461][ T31] ? __lock_acquire+0xab9/0xd20 [ 464.856680][ T31] ? is_bpf_text_address+0x26/0x2b0 [ 464.862392][ T31] ? is_bpf_text_address+0x292/0x2b0 [ 464.868027][ T31] ? is_bpf_text_address+0x26/0x2b0 [ 464.873787][ T31] ? kernel_text_address+0xa5/0xe0 [ 464.882321][ T31] ? __kernel_text_address+0xd/0x40 [ 464.887889][ T31] ? unwind_get_return_address+0x4d/0x90 [ 464.893979][ T31] ? __lock_acquire+0xab9/0xd20 [ 464.901244][ T31] ? __pfx_rtnl_newlink+0x10/0x10 [ 464.906676][ T31] rtnetlink_rcv_msg+0x7cf/0xb70 [ 464.912303][ T31] ? rtnetlink_rcv_msg+0x1ab/0xb70 [ 464.917767][ T31] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 464.923650][ T31] netlink_rcv_skb+0x205/0x470 [ 464.928763][ T31] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 464.935998][ T31] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 464.941792][ T31] ? netlink_deliver_tap+0x2e/0x1b0 [ 464.947385][ T31] ? netlink_deliver_tap+0x2e/0x1b0 [ 464.954072][ T31] netlink_unicast+0x758/0x8d0 [ 464.962453][ T31] netlink_sendmsg+0x805/0xb30 [ 464.967653][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 464.975300][ T31] ? aa_sock_msg_perm+0x94/0x160 [ 464.984428][ T31] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 464.990268][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 464.995937][ T31] __sock_sendmsg+0x21c/0x270 [ 465.001116][ T31] __sys_sendto+0x3bd/0x520 [ 465.005974][ T31] ? __pfx___sys_sendto+0x10/0x10 [ 465.011437][ T31] ? fput_close_sync+0x119/0x200 [ 465.016742][ T31] ? __pfx_fput_close_sync+0x10/0x10 [ 465.022467][ T31] __x64_sys_sendto+0xde/0x100 [ 465.027543][ T31] do_syscall_64+0xfa/0x3b0 [ 465.032396][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 465.039936][ T31] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 465.046544][ T31] ? clear_bhb_loop+0x60/0xb0 [ 465.051608][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 465.057935][ T31] RIP: 0033:0x7f38e67907fc [ 465.062653][ T31] RSP: 002b:00007ffdfe5b2d00 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 465.071696][ T31] RAX: ffffffffffffffda RBX: 00007f38e74e4620 RCX: 00007f38e67907fc [ 465.080155][ T31] RDX: 0000000000000028 RSI: 00007f38e74e4670 RDI: 0000000000000003 [ 465.088599][ T31] RBP: 0000000000000000 R08: 00007ffdfe5b2d54 R09: 000000000000000c [ 465.097022][ T31] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 465.105577][ T31] R13: 0000000000000000 R14: 00007f38e74e4670 R15: 0000000000000000 [ 465.114166][ T31] [ 465.117399][ T31] INFO: task syz.1.3062:13350 blocked for more than 144 seconds. [ 465.125781][ T31] Not tainted 6.15.0-syzkaller-07809-g408da3a0f89d #0 [ 465.133645][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 465.143878][ T31] task:syz.1.3062 state:D stack:27624 pid:13350 tgid:13344 ppid:5828 task_flags:0x400140 flags:0x00004004 [ 465.156679][ T31] Call Trace: [ 465.160362][ T31] [ 465.163544][ T31] __schedule+0x16f5/0x4d00 [ 465.168386][ T31] ? __lock_acquire+0xab9/0xd20 [ 465.173612][ T31] ? schedule+0x165/0x360 [ 465.178273][ T31] ? __pfx___schedule+0x10/0x10 [ 465.183569][ T31] ? schedule+0x91/0x360 [ 465.188100][ T31] schedule+0x165/0x360 [ 465.192577][ T31] schedule_preempt_disabled+0x13/0x30 [ 465.198410][ T31] __mutex_lock+0x724/0xe80 [ 465.203311][ T31] ? __mutex_lock+0x51b/0xe80 [ 465.208282][ T31] ? nl80211_pre_doit+0x5f/0x930 [ 465.213590][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 465.219033][ T31] ? __nla_parse+0x40/0x60 [ 465.223925][ T31] nl80211_pre_doit+0x5f/0x930 [ 465.229054][ T31] ? genl_family_rcv_msg_attrs_parse+0x212/0x2a0 [ 465.235787][ T31] genl_family_rcv_msg_doit+0x1bb/0x300 [ 465.242903][ T31] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 465.249486][ T31] ? bpf_lsm_capable+0x9/0x20 [ 465.254494][ T31] ? security_capable+0x7e/0x2e0 [ 465.259814][ T31] genl_rcv_msg+0x60e/0x790 [ 465.264637][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 465.270045][ T31] ? ref_tracker_free+0x63a/0x7d0 [ 465.275408][ T31] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 465.281359][ T31] ? __pfx_nl80211_tx_mgmt+0x10/0x10 [ 465.286985][ T31] ? __pfx_nl80211_post_doit+0x10/0x10 [ 465.292845][ T31] ? __pfx_ref_tracker_free+0x10/0x10 [ 465.298574][ T31] netlink_rcv_skb+0x205/0x470 [ 465.303770][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 465.309198][ T31] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 465.314841][ T31] ? down_read+0x1ad/0x2e0 [ 465.319683][ T31] genl_rcv+0x28/0x40 [ 465.323934][ T31] netlink_unicast+0x758/0x8d0 [ 465.329086][ T31] netlink_sendmsg+0x805/0xb30 [ 465.334240][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 465.343158][ T31] ? aa_sock_msg_perm+0x94/0x160 [ 465.348465][ T31] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 465.354166][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 465.363847][ T31] __sock_sendmsg+0x21c/0x270 [ 465.368857][ T31] ____sys_sendmsg+0x505/0x830 [ 465.375215][ T31] ? __pfx_____sys_sendmsg+0x10/0x10 [ 465.385410][ T31] ? import_iovec+0x74/0xa0 [ 465.390330][ T31] ___sys_sendmsg+0x21f/0x2a0 [ 465.395371][ T31] ? __pfx____sys_sendmsg+0x10/0x10 [ 465.401168][ T31] ? __fget_files+0x2a/0x420 [ 465.406139][ T31] ? __fget_files+0x3a0/0x420 [ 465.411245][ T31] __x64_sys_sendmsg+0x19b/0x260 [ 465.416493][ T31] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 465.422406][ T31] ? do_user_addr_fault+0xc8a/0x1390 [ 465.428024][ T31] ? do_syscall_64+0xbe/0x3b0 [ 465.433133][ T31] do_syscall_64+0xfa/0x3b0 [ 465.437934][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 465.444457][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 465.451034][ T31] ? clear_bhb_loop+0x60/0xb0 [ 465.456052][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 465.462436][ T31] RIP: 0033:0x7f7000f8e969 [ 465.467169][ T31] RSP: 002b:00007f7001df2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 465.476149][ T31] RAX: ffffffffffffffda RBX: 00007f70011b6080 RCX: 00007f7000f8e969 [ 465.484594][ T31] RDX: 0000000000000000 RSI: 0000200000001380 RDI: 0000000000000006 [ 465.493249][ T31] RBP: 00007f7001010ab1 R08: 0000000000000000 R09: 0000000000000000 [ 465.501813][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 465.510358][ T31] R13: 0000000000000001 R14: 00007f70011b6080 R15: 00007ffff5f943b8 [ 465.518815][ T31] [ 465.522317][ T31] INFO: task syz.2.3065:13353 blocked for more than 144 seconds. [ 465.530727][ T31] Not tainted 6.15.0-syzkaller-07809-g408da3a0f89d #0 [ 465.538529][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 465.548711][ T31] task:syz.2.3065 state:D stack:25960 pid:13353 tgid:13351 ppid:5831 task_flags:0x400140 flags:0x00004004 [ 465.561541][ T31] Call Trace: [ 465.565073][ T31] [ 465.568258][ T31] __schedule+0x16f5/0x4d00 [ 465.573113][ T31] ? __lock_acquire+0xab9/0xd20 [ 465.578364][ T31] ? schedule+0x165/0x360 [ 465.583027][ T31] ? __pfx___schedule+0x10/0x10 [ 465.588247][ T31] ? schedule+0x91/0x360 [ 465.592810][ T31] schedule+0x165/0x360 [ 465.597235][ T31] schedule_preempt_disabled+0x13/0x30 [ 465.603080][ T31] __mutex_lock+0x724/0xe80 [ 465.607867][ T31] ? __mutex_lock+0x51b/0xe80 [ 465.612906][ T31] ? rtnetlink_rcv_msg+0x71c/0xb70 [ 465.618340][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 465.623827][ T31] rtnetlink_rcv_msg+0x71c/0xb70 [ 465.629102][ T31] ? rtnetlink_rcv_msg+0x1ab/0xb70 [ 465.634546][ T31] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 465.640406][ T31] ? ref_tracker_free+0x63a/0x7d0 [ 465.645787][ T31] ? __copy_skb_header+0xa7/0x550 [ 465.652548][ T31] ? __pfx_ref_tracker_free+0x10/0x10 [ 465.658255][ T31] ? __skb_clone+0x63/0x7a0 [ 465.663097][ T31] netlink_rcv_skb+0x205/0x470 [ 465.668236][ T31] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 465.674110][ T31] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 465.681071][ T31] ? netlink_deliver_tap+0x2e/0x1b0 [ 465.686634][ T31] ? netlink_deliver_tap+0x2e/0x1b0 [ 465.692260][ T31] netlink_unicast+0x758/0x8d0 [ 465.697394][ T31] netlink_sendmsg+0x805/0xb30 [ 465.703364][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 465.709130][ T31] ? aa_sock_msg_perm+0x94/0x160 [ 465.714474][ T31] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 465.720199][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 465.725878][ T31] __sock_sendmsg+0x21c/0x270 [ 465.731009][ T31] ____sys_sendmsg+0x505/0x830 [ 465.736123][ T31] ? __pfx_____sys_sendmsg+0x10/0x10 [ 465.742084][ T31] ? import_iovec+0x74/0xa0 [ 465.746943][ T31] ___sys_sendmsg+0x21f/0x2a0 [ 465.753148][ T31] ? __pfx____sys_sendmsg+0x10/0x10 [ 465.758764][ T31] ? __fget_files+0x2a/0x420 [ 465.763636][ T31] ? __fget_files+0x3a0/0x420 [ 465.768679][ T31] __x64_sys_sendmsg+0x19b/0x260 [ 465.774110][ T31] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 465.781349][ T31] ? rcu_is_watching+0x15/0xb0 [ 465.786506][ T31] ? do_syscall_64+0xbe/0x3b0 [ 465.792953][ T31] do_syscall_64+0xfa/0x3b0 [ 465.797785][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 465.804278][ T31] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 465.810937][ T31] ? clear_bhb_loop+0x60/0xb0 [ 465.815923][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 465.822235][ T31] RIP: 0033:0x7f522bb8e969 [ 465.826926][ T31] RSP: 002b:00007f522c98a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 465.835804][ T31] RAX: ffffffffffffffda RBX: 00007f522bdb5fa0 RCX: 00007f522bb8e969 [ 465.844289][ T31] RDX: 0000000004000080 RSI: 0000200000001200 RDI: 0000000000000006 [ 465.854444][ T31] RBP: 00007f522bc10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 465.863064][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 465.871652][ T31] R13: 0000000000000000 R14: 00007f522bdb5fa0 R15: 00007ffd54adfe28 [ 465.880261][ T31] [ 465.883508][ T31] INFO: task syz.3.3067:13362 blocked for more than 144 seconds. [ 465.892033][ T31] Not tainted 6.15.0-syzkaller-07809-g408da3a0f89d #0 [ 465.899818][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 465.908978][ T31] task:syz.3.3067 state:D stack:26840 pid:13362 tgid:13361 ppid:5842 task_flags:0x400140 flags:0x00004004 [ 465.922109][ T31] Call Trace: [ 465.925707][ T31] [ 465.929028][ T31] __schedule+0x16f5/0x4d00 [ 465.933978][ T31] ? __lock_acquire+0xab9/0xd20 [ 465.939482][ T31] ? schedule+0x165/0x360 [ 465.944197][ T31] ? __pfx___schedule+0x10/0x10 [ 465.949540][ T31] ? schedule+0x91/0x360 [ 465.954163][ T31] schedule+0x165/0x360 [ 465.960029][ T31] schedule_preempt_disabled+0x13/0x30 [ 465.965883][ T31] __mutex_lock+0x724/0xe80 [ 465.970776][ T31] ? __mutex_lock+0x51b/0xe80 [ 465.975782][ T31] ? nl80211_pre_doit+0x5f/0x930 [ 465.981205][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 465.986606][ T31] ? __nla_parse+0x40/0x60 [ 465.991392][ T31] nl80211_pre_doit+0x5f/0x930 [ 465.996531][ T31] ? genl_family_rcv_msg_attrs_parse+0x212/0x2a0 [ 466.003435][ T31] genl_family_rcv_msg_doit+0x1bb/0x300 [ 466.010838][ T31] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 466.017400][ T31] ? bpf_lsm_capable+0x9/0x20 [ 466.022505][ T31] ? security_capable+0x7e/0x2e0 [ 466.027832][ T31] genl_rcv_msg+0x60e/0x790 [ 466.032853][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 466.038273][ T31] ? ref_tracker_free+0x63a/0x7d0 [ 466.043663][ T31] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 466.049437][ T31] ? __pfx_nl80211_tx_mgmt+0x10/0x10 [ 466.055066][ T31] ? __pfx_nl80211_post_doit+0x10/0x10 [ 466.062228][ T31] ? __pfx_ref_tracker_free+0x10/0x10 [ 466.067983][ T31] netlink_rcv_skb+0x205/0x470 [ 466.073116][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 466.078477][ T31] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 466.084160][ T31] ? down_read+0x1ad/0x2e0 [ 466.088889][ T31] genl_rcv+0x28/0x40 [ 466.093164][ T31] netlink_unicast+0x758/0x8d0 [ 466.098272][ T31] netlink_sendmsg+0x805/0xb30 [ 466.103387][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 466.109021][ T31] ? aa_sock_msg_perm+0x94/0x160 [ 466.114294][ T31] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 466.120024][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 466.125699][ T31] __sock_sendmsg+0x21c/0x270 [ 466.130766][ T31] ____sys_sendmsg+0x505/0x830 [ 466.135886][ T31] ? __pfx_____sys_sendmsg+0x10/0x10 [ 466.141637][ T31] ? import_iovec+0x74/0xa0 [ 466.146477][ T31] ___sys_sendmsg+0x21f/0x2a0 [ 466.151526][ T31] ? __pfx____sys_sendmsg+0x10/0x10 [ 466.157175][ T31] ? __fget_files+0x2a/0x420 [ 466.163266][ T31] ? __fget_files+0x3a0/0x420 [ 466.168299][ T31] __x64_sys_sendmsg+0x19b/0x260 [ 466.173570][ T31] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 466.179996][ T31] ? do_syscall_64+0xbe/0x3b0 [ 466.185046][ T31] do_syscall_64+0xfa/0x3b0 [ 466.190085][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 466.196698][ T31] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 466.203330][ T31] ? clear_bhb_loop+0x60/0xb0 [ 466.208376][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 466.214765][ T31] RIP: 0033:0x7fc25b78e969 [ 466.219575][ T31] RSP: 002b:00007fc25c53d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 466.228576][ T31] RAX: ffffffffffffffda RBX: 00007fc25b9b5fa0 RCX: 00007fc25b78e969 [ 466.237178][ T31] RDX: 0000000000000000 RSI: 0000200000001380 RDI: 0000000000000004 [ 466.245720][ T31] RBP: 00007fc25b810ab1 R08: 0000000000000000 R09: 0000000000000000 [ 466.254323][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 466.264915][ T31] R13: 0000000000000000 R14: 00007fc25b9b5fa0 R15: 00007ffd9a9fdb28 [ 466.273564][ T31] [ 466.276921][ T31] INFO: task syz.0.3068:13364 blocked for more than 145 seconds. [ 466.285287][ T31] Not tainted 6.15.0-syzkaller-07809-g408da3a0f89d #0 [ 466.293175][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 466.305040][ T31] task:syz.0.3068 state:D stack:26552 pid:13364 tgid:13363 ppid:12981 task_flags:0x400040 flags:0x00004004 [ 466.317895][ T31] Call Trace: [ 466.321560][ T31] [ 466.324710][ T31] __schedule+0x16f5/0x4d00 [ 466.329678][ T31] ? arch_stack_walk+0xfc/0x150 [ 466.334856][ T31] ? __lock_acquire+0xab9/0xd20 [ 466.340177][ T31] ? schedule+0x165/0x360 [ 466.344810][ T31] ? __pfx___schedule+0x10/0x10 [ 466.350055][ T31] ? schedule+0x91/0x360 [ 466.354634][ T31] schedule+0x165/0x360 [ 466.359076][ T31] schedule_preempt_disabled+0x13/0x30 [ 466.365966][ T31] __mutex_lock+0x724/0xe80 [ 466.370874][ T31] ? __mutex_lock+0x51b/0xe80 [ 466.375848][ T31] ? nl80211_dump_wiphy+0x49/0x6f0 [ 466.381392][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 466.386750][ T31] ? __alloc_skb+0x142/0x2d0 [ 466.391739][ T31] ? trace_kmalloc+0x1f/0xd0 [ 466.396640][ T31] nl80211_dump_wiphy+0x49/0x6f0 [ 466.402048][ T31] ? __build_skb_around+0x257/0x3e0 [ 466.407591][ T31] genl_dumpit+0x108/0x1b0 [ 466.412330][ T31] netlink_dump+0x62a/0xe20 [ 466.417240][ T31] ? __pfx_netlink_dump+0x10/0x10 [ 466.422728][ T31] ? genl_start+0x499/0x6c0 [ 466.427531][ T31] __netlink_dump_start+0x5cb/0x7e0 [ 466.433202][ T31] genl_family_rcv_msg_dumpit+0x1e7/0x2c0 [ 466.439372][ T31] ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10 [ 466.446051][ T31] ? genl_get_cmd+0x7d9/0x910 [ 466.451153][ T31] ? __pfx_genl_start+0x10/0x10 [ 466.456331][ T31] ? __pfx_genl_dumpit+0x10/0x10 [ 466.461673][ T31] ? __pfx_genl_done+0x10/0x10 [ 466.466780][ T31] genl_rcv_msg+0x5da/0x790 [ 466.472785][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 466.478117][ T31] ? ref_tracker_free+0x63a/0x7d0 [ 466.483506][ T31] ? __pfx_nl80211_dump_wiphy+0x10/0x10 [ 466.489464][ T31] ? __pfx_nl80211_dump_wiphy_done+0x10/0x10 [ 466.495796][ T31] ? __pfx_ref_tracker_free+0x10/0x10 [ 466.501592][ T31] netlink_rcv_skb+0x205/0x470 [ 466.506732][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 466.512184][ T31] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 466.517872][ T31] ? down_read+0x1ad/0x2e0 [ 466.522634][ T31] genl_rcv+0x28/0x40 [ 466.526874][ T31] netlink_unicast+0x758/0x8d0 [ 466.532090][ T31] netlink_sendmsg+0x805/0xb30 [ 466.537162][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 466.542841][ T31] ? irqentry_exit+0x74/0x90 [ 466.547699][ T31] ? aa_sock_msg_perm+0x94/0x160 [ 466.553035][ T31] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 466.558704][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 466.564341][ T31] __sock_sendmsg+0x21c/0x270 [ 466.569394][ T31] ____sys_sendmsg+0x505/0x830 [ 466.575572][ T31] ? __pfx_____sys_sendmsg+0x10/0x10 [ 466.581345][ T31] ? import_iovec+0x74/0xa0 [ 466.586189][ T31] ___sys_sendmsg+0x21f/0x2a0 [ 466.591291][ T31] ? __pfx____sys_sendmsg+0x10/0x10 [ 466.596928][ T31] ? __fget_files+0x2a/0x420 [ 466.601908][ T31] ? __fget_files+0x3a0/0x420 [ 466.606942][ T31] __x64_sys_sendmsg+0x19b/0x260 [ 466.612341][ T31] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 466.618222][ T31] ? rcu_is_watching+0x15/0xb0 [ 466.623449][ T31] ? do_syscall_64+0xbe/0x3b0 [ 466.628496][ T31] do_syscall_64+0xfa/0x3b0 [ 466.633447][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 466.639254][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 466.645747][ T31] ? clear_bhb_loop+0x60/0xb0 [ 466.650927][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 466.657341][ T31] RIP: 0033:0x7f3901b8e969 [ 466.662176][ T31] RSP: 002b:00007f3902a94038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 466.671256][ T31] RAX: ffffffffffffffda RBX: 00007f3901db5fa0 RCX: 00007f3901b8e969 [ 466.682101][ T31] RDX: 0000000000004000 RSI: 0000200000000180 RDI: 0000000000000003 [ 466.690633][ T31] RBP: 00007f3901c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 466.699164][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 466.707635][ T31] R13: 0000000000000000 R14: 00007f3901db5fa0 R15: 00007ffc7a0312c8 [ 466.722707][ T31] [ 466.726153][ T31] [ 466.726153][ T31] Showing all locks held in the system: [ 466.734543][ T31] 3 locks held by kworker/u8:1/13: [ 466.741111][ T31] #0: ffff88801a489148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 466.753707][ T31] #1: ffffc90000127bc0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 466.765593][ T31] #2: ffffffff8f50a808 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60 [ 466.776616][ T31] 1 lock held by khungtaskd/31: [ 466.781884][ T31] #0: ffffffff8e13ccc0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 466.792551][ T31] 3 locks held by kworker/u8:2/36: [ 466.797998][ T31] #0: ffff8880b873b9d8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 466.808658][ T31] #1: ffff8880b8723f08 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x39a/0x6d0 [ 466.821530][ T31] #2: ffff8880b8725958 (&base->lock){-.-.}-{2:2}, at: __mod_timer+0x1ae/0xf30 [ 466.831285][ T31] 3 locks held by kworker/1:2/920: [ 466.836777][ T31] #0: ffff88801a481d48 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 466.849969][ T31] #1: ffffc90003617bc0 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 466.861905][ T31] #2: ffffffff8f50a808 (rtnl_mutex){+.+.}-{4:4}, at: reg_check_chans_work+0x95/0xf00 [ 466.872311][ T31] 6 locks held by kworker/u8:5/1164: [ 466.883585][ T31] #0: ffff88801b2fe148 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 466.895257][ T31] #1: ffffc90003cdfbc0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 466.906907][ T31] #2: ffffffff8f4fdc10 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x8a0 [ 466.917280][ T31] #3: ffffffff8f50a808 (rtnl_mutex){+.+.}-{4:4}, at: default_device_exit_batch+0xdc/0x890 [ 466.928032][ T31] #4: ffff88805d722d30 (&dev_instance_lock_key#14){+.+.}-{4:4}, at: napi_disable+0x4e/0x80 [ 466.938876][ T31] #5: ffff8880b873b9d8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 466.949602][ T31] 5 locks held by kworker/u8:8/2991: [ 466.955270][ T31] #0: ffff8880b873b9d8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 466.965912][ T31] #1: ffff8880b8723f08 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x39a/0x6d0 [ 466.978212][ T31] #2: ffffffff8e13ccc0 (rcu_read_lock){....}-{1:3}, at: net_tx_action+0x634/0x980 [ 466.989610][ T31] #3: ffff8880278b8168 (&rdev->bss_lock){+.-.}-{3:3}, at: net_tx_action+0x634/0x980 [ 466.999830][ T31] #4: ffffffff8dfe8928 (text_mutex){+.+.}-{4:4}, at: arch_jump_label_transform_apply+0x17/0x30 [ 467.010915][ T31] 3 locks held by kworker/u8:9/3475: [ 467.016490][ T31] #0: ffff8880303cc948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 467.028873][ T31] #1: ffffc9000bc67bc0 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 467.043419][ T31] #2: ffffffff8f50a808 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30 [ 467.053644][ T31] 2 locks held by getty/5590: [ 467.058642][ T31] #0: ffff8880310db0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 467.069135][ T31] #1: ffffc900036bb2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400 [ 467.084915][ T31] 3 locks held by kworker/0:5/5920: [ 467.090610][ T31] #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 467.102471][ T31] #1: ffffc90004e6fbc0 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 467.114261][ T31] #2: ffffffff8f50a808 (rtnl_mutex){+.+.}-{4:4}, at: switchdev_deferred_process_work+0xe/0x20 [ 467.125458][ T31] 1 lock held by syz-executor/13209: [ 467.131099][ T31] #0: ffffffff8f50a808 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70 [ 467.140925][ T31] 2 locks held by syz.1.3062/13350: [ 467.146489][ T31] #0: ffffffff8f570970 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 467.155358][ T31] #1: ffffffff8f50a808 (rtnl_mutex){+.+.}-{4:4}, at: nl80211_pre_doit+0x5f/0x930 [ 467.165320][ T31] 1 lock held by syz.2.3065/13353: [ 467.170838][ T31] #0: ffffffff8f50a808 (rtnl_mutex){+.+.}-{4:4}, at: rtnetlink_rcv_msg+0x71c/0xb70 [ 467.181042][ T31] 2 locks held by syz.3.3067/13362: [ 467.188042][ T31] #0: ffffffff8f570970 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 467.196894][ T31] #1: ffffffff8f50a808 (rtnl_mutex){+.+.}-{4:4}, at: nl80211_pre_doit+0x5f/0x930 [ 467.206822][ T31] 3 locks held by syz.0.3068/13364: [ 467.212486][ T31] #0: ffffffff8f570970 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 467.221430][ T31] #1: ffff88807eca56d0 (nlk_cb_mutex-GENERIC){+.+.}-{4:4}, at: __netlink_dump_start+0xfe/0x7e0 [ 467.232679][ T31] #2: ffffffff8f50a808 (rtnl_mutex){+.+.}-{4:4}, at: nl80211_dump_wiphy+0x49/0x6f0 [ 467.242809][ T31] 1 lock held by syz-executor/13373: [ 467.248500][ T31] #0: ffffffff8f50a808 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 467.258619][ T31] 1 lock held by syz-executor/13375: [ 467.264292][ T31] #0: ffffffff8f50a808 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 467.274393][ T31] 1 lock held by syz-executor/13379: [ 467.280075][ T31] #0: ffffffff8f50a808 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 467.291356][ T31] 1 lock held by syz-executor/13381: [ 467.297028][ T31] #0: ffffffff8f50a808 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 467.307078][ T31] 1 lock held by syz-executor/13384: [ 467.312949][ T31] #0: ffffffff8f50a808 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 467.323242][ T31] 1 lock held by syz-executor/13393: [ 467.328883][ T31] #0: ffffffff8f50a808 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 467.339066][ T31] 1 lock held by syz-executor/13395: [ 467.344750][ T31] #0: ffffffff8f50a808 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 467.354847][ T31] 1 lock held by syz-executor/13399: [ 467.360503][ T31] #0: ffffffff8f50a808 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 467.370641][ T31] 1 lock held by syz-executor/13401: [ 467.376300][ T31] #0: ffffffff8f50a808 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 467.386501][ T31] 1 lock held by syz-executor/13404: [ 467.393312][ T31] #0: ffffffff8f50a808 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 467.403399][ T31] 1 lock held by syz-executor/13414: [ 467.409066][ T31] #0: ffffffff8f50a808 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 467.419193][ T31] 1 lock held by syz-executor/13415: [ 467.424836][ T31] #0: ffffffff8f50a808 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 467.435200][ T31] 1 lock held by syz-executor/13422: [ 467.444826][ T31] #0: ffffffff8f50a808 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 467.455035][ T31] 1 lock held by syz-executor/13424: [ 467.460877][ T31] #0: ffffffff8f50a808 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0 [ 467.470957][ T31] [ 467.473476][ T31] ============================================= [ 467.473476][ T31] [ 467.482633][ T31] NMI backtrace for cpu 0 [ 467.482655][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-syzkaller-07809-g408da3a0f89d #0 PREEMPT(full) [ 467.482682][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 467.482696][ T31] Call Trace: [ 467.482704][ T31] [ 467.482714][ T31] dump_stack_lvl+0x189/0x250 [ 467.482748][ T31] ? __wake_up_klogd+0xd9/0x110 [ 467.482772][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 467.482801][ T31] ? __pfx__printk+0x10/0x10 [ 467.482821][ T31] ? vprintk_default+0x12/0x30 [ 467.482862][ T31] nmi_cpu_backtrace+0x39e/0x3d0 [ 467.482886][ T31] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 467.482903][ T31] ? irqentry_exit+0x74/0x90 [ 467.482927][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 467.482960][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 467.482986][ T31] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 467.483010][ T31] watchdog+0xfee/0x1030 [ 467.483036][ T31] ? watchdog+0x1de/0x1030 [ 467.483067][ T31] kthread+0x70e/0x8a0 [ 467.483091][ T31] ? __pfx_watchdog+0x10/0x10 [ 467.483115][ T31] ? __pfx_kthread+0x10/0x10 [ 467.483138][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 467.483161][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 467.483181][ T31] ? __pfx_kthread+0x10/0x10 [ 467.483202][ T31] ret_from_fork+0x3fc/0x770 [ 467.483232][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 467.483262][ T31] ? __switch_to_asm+0x39/0x70 [ 467.483281][ T31] ? __switch_to_asm+0x33/0x70 [ 467.483301][ T31] ? __pfx_kthread+0x10/0x10 [ 467.483323][ T31] ret_from_fork_asm+0x1a/0x30 [ 467.483365][ T31] [ 467.483425][ T31] Sending NMI from CPU 0 to CPUs 1: [ 467.658005][ C1] NMI backtrace for cpu 1 [ 467.658023][ C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.15.0-syzkaller-07809-g408da3a0f89d #0 PREEMPT(full) [ 467.658057][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 467.658069][ C1] RIP: 0010:__sanitizer_cov_trace_const_cmp8+0x37/0x90 [ 467.658096][ C1] Code: 08 a0 9b 92 65 8b 15 48 a0 db 10 81 e2 00 01 ff 00 74 11 81 fa 00 01 00 00 75 57 83 b9 3c 16 00 00 00 74 4e 8b 91 18 16 00 00 <83> fa 03 75 43 48 8b 91 20 16 00 00 44 8b 89 1c 16 00 00 49 c1 e1 [ 467.658111][ C1] RSP: 0018:ffffc90000a08f30 EFLAGS: 00000046 [ 467.658128][ C1] RAX: ffffffff81b1dc6b RBX: ffff8880b8728400 RCX: ffff88801d695a00 [ 467.658142][ C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 467.658152][ C1] RBP: 0000000000000001 R08: ffffffff8fa0b1b7 R09: 1ffffffff1f41636 [ 467.658164][ C1] R10: dffffc0000000000 R11: fffffbfff1f41637 R12: 0000000000000000 [ 467.658176][ C1] R13: 0000000000000000 R14: 0000000000000031 R15: dffffc0000000000 [ 467.658190][ C1] FS: 0000000000000000(0000) GS:ffff888125d66000(0000) knlGS:0000000000000000 [ 467.658203][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 467.658215][ C1] CR2: 00007fe62ac2c98f CR3: 000000000df36000 CR4: 00000000003526f0 [ 467.658230][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 467.658241][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 467.658253][ C1] Call Trace: [ 467.658260][ C1] [ 467.658267][ C1] tick_nohz_irq_exit+0x8b/0xd0 [ 467.658296][ C1] __irq_exit_rcu+0x10e/0x1f0 [ 467.658323][ C1] ? __pfx___irq_exit_rcu+0x10/0x10 [ 467.658351][ C1] irq_exit_rcu+0x9/0x30 [ 467.658373][ C1] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 467.658394][ C1] [ 467.658400][ C1] [ 467.658407][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 467.658425][ C1] RIP: 0010:pv_native_safe_halt+0x13/0x20 [ 467.658445][ C1] Code: 43 d5 02 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d a3 a2 24 00 f3 0f 1e fa fb f4 18 d5 02 00 cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 [ 467.658461][ C1] RSP: 0018:ffffc90000197de0 EFLAGS: 000002c6 [ 467.658474][ C1] RAX: cad522f268035f00 RBX: ffffffff819710c8 RCX: cad522f268035f00 [ 467.658487][ C1] RDX: 0000000000000001 RSI: ffffffff8d96be21 RDI: ffffffff8be26400 [ 467.658499][ C1] RBP: ffffc90000197f20 R08: ffff8880b8732f5b R09: 1ffff110170e65eb [ 467.658514][ C1] R10: dffffc0000000000 R11: ffffed10170e65ec R12: ffffffff8fa0b1b0 [ 467.658527][ C1] R13: 0000000000000001 R14: 0000000000000001 R15: 1ffff11003ad2b40 [ 467.658540][ C1] ? do_idle+0x1e8/0x510 [ 467.658568][ C1] default_idle+0x13/0x20 [ 467.658591][ C1] default_idle_call+0x74/0xb0 [ 467.658613][ C1] do_idle+0x1e8/0x510 [ 467.658640][ C1] ? __pfx_do_idle+0x10/0x10 [ 467.658673][ C1] cpu_startup_entry+0x44/0x60 [ 467.658696][ C1] start_secondary+0x101/0x110 [ 467.658719][ C1] common_startup_64+0x13e/0x147 [ 467.658744][ C1] [ 467.659051][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 467.659069][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-syzkaller-07809-g408da3a0f89d #0 PREEMPT(full) [ 467.659099][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 467.659114][ T31] Call Trace: [ 467.659124][ T31] [ 467.659134][ T31] dump_stack_lvl+0x99/0x250 [ 467.659171][ T31] ? __asan_memcpy+0x40/0x70 [ 467.659199][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 467.659233][ T31] ? __pfx__printk+0x10/0x10 [ 467.659271][ T31] panic+0x2db/0x790 [ 467.659314][ T31] ? __pfx_panic+0x10/0x10 [ 467.659357][ T31] ? watchdog+0x101c/0x1030 [ 467.659390][ T31] watchdog+0x102d/0x1030 [ 467.659419][ T31] ? watchdog+0x1de/0x1030 [ 467.659455][ T31] kthread+0x70e/0x8a0 [ 467.659482][ T31] ? __pfx_watchdog+0x10/0x10 [ 467.659507][ T31] ? __pfx_kthread+0x10/0x10 [ 467.659533][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 467.659558][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 467.659582][ T31] ? __pfx_kthread+0x10/0x10 [ 467.659608][ T31] ret_from_fork+0x3fc/0x770 [ 467.659640][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 467.659676][ T31] ? __switch_to_asm+0x39/0x70 [ 467.659697][ T31] ? __switch_to_asm+0x33/0x70 [ 467.659730][ T31] ? __pfx_kthread+0x10/0x10 [ 467.659753][ T31] ret_from_fork_asm+0x1a/0x30 [ 467.659789][ T31] [ 468.085137][ T31] Kernel Offset: disabled [ 468.089458][ T31] Rebooting in 86400 seconds..