last executing test programs: 1.915450822s ago: executing program 1 (id=517): syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nbd(&(0x7f0000000180), 0xffffffffffffffff) r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r1) socket$inet6_mptcp(0xa, 0x1, 0x106) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), r2) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r3, @ANYBLOB="010000020c00fbdbdf2501000000080002000000000005000500000000000800030001000000480001800500020020"], 0x84}}, 0x0) sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r0, &(0x7f0000000480)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x2c, r3, 0x4, 0x70bd29, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x3}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0xcb}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40c1}, 0x68040) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) unshare(0x22020600) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x9, 0x6, &(0x7f0000000500)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x5}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffc}, @ldst={0x0, 0x1, 0x5, 0x7, 0x9, 0x0, 0xfffffffffffffff0}]}, &(0x7f0000000580)='GPL\x00', 0x5, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @cgroup_sock=0x9e7abe5a9356f2cf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000600)={0x5, 0x9, 0x39c, 0x9}, 0x10, 0x0, r4, 0x8, &(0x7f0000000640)=[r4, r4, r4, r4, r4, r4, r4, r4, r4], &(0x7f0000000680)=[{0x0, 0x4, 0x6, 0x7}, {0x0, 0x5, 0xe}, {0x3, 0x1, 0x4, 0x9}, {0x2, 0x3, 0x1, 0x1}, {0x1, 0x5, 0x7, 0x3}, {0x5, 0x5, 0x6, 0x6}, {0x0, 0x3, 0xe, 0xc}, {0x2, 0x0, 0xb}], 0x10, 0x5, @void, @value}, 0x94) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000b80)=@bpf_lsm={0x1d, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000200)='GPL\x00', 0x5, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, 0x1b, r4, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000740)={0x1, 0xa, 0x7, 0x401}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fffffff, @void, @value}, 0x94) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r1, 0x0) r5 = socket$inet_mptcp(0x2, 0x1, 0x106) socket$nl_xfrm(0x10, 0x3, 0x6) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0) connect$inet(r5, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = socket(0x1e, 0x1, 0x0) setsockopt$sock_timeval(r7, 0x1, 0x14, &(0x7f0000454ff0)={0x0, 0x2710}, 0x10) syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_DEL_ADDR(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0) 1.824396847s ago: executing program 3 (id=519): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000008000000000000000000000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r0}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$kcm(0x29, 0x2, 0x0) write$cgroup_pressure(r3, &(0x7f0000000140)={'full'}, 0xfffffdef) r4 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000000)=0x1, 0xfef2) connect$inet(r4, &(0x7f0000000480)={0x2, 0x4e23, @remote}, 0x10) setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x9, &(0x7f0000000100), 0x4) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007b000000850000002300000095"], &(0x7f0000000000)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x5452, &(0x7f0000000000)) ioctl$int_in(r3, 0x5452, &(0x7f0000000040)=0x6) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x52, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000180000018110000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000009500000000000000185400000f00000000000000000000009500000000000000bf91000000000000b7020000020000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000240)='syzkaller\x00', 0x7, 0x16, &(0x7f0000000280)=""/12, 0x40f00, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x6, 0x2}, 0x8, 0x10, &(0x7f0000000300)={0x4, 0x6, 0x2, 0x7}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000340)=[0xffffffffffffffff, 0x1], &(0x7f00000000c0)=[{0x0, 0x1, 0x0, 0x2}, {0x4, 0x5, 0xd, 0xb}, {0x3, 0x3, 0x10, 0xa}], 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000080)={@cgroup, 0xffffffffffffffff, 0x1e, 0x0, 0xffffffffffffffff, @void, @value=r6}, 0x20) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r1, 0x0, r7, 0x0, 0x7, 0x0) shutdown(r2, 0x1) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) r9 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r9, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a05000000000000000000020000000900020073797a310008000008000440000000000900010073797a30000000000800034000000009"], 0x64}, 0x1, 0x0, 0x0, 0x20048800}, 0x0) sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="14006b87e9ce033f54a60000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000000900020073797a31000000000900010073797a30000000006800038064000080080003400000000258000b80200001800a00010071756f7461000000100002800c0001400000000000000000340001800a0001006c696d69740000002400028008000440000000010c00024000000000000000000c0001400000000000000003140000001000010000000000000000000084000a"], 0x118}}, 0x0) 1.64025827s ago: executing program 0 (id=522): r0 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newqdisc={0x24, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r2, {0xffe0}, {0xffff, 0xffff}, {0xfff1, 0xfff2}}}, 0x24}, 0x1, 0x0, 0xf00, 0x80d1}, 0x0) 1.626575307s ago: executing program 1 (id=524): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a4fc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b87f7c40a1702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f600e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e92604"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xf, 0x0, &(0x7f0000000480)="b9ffb2ed6844268cb89e14f086dd11", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.480573104s ago: executing program 0 (id=526): unshare(0x400) socket$kcm(0x11, 0x200000000000002, 0x300) r0 = socket$can_j1939(0x1d, 0x2, 0x7) setsockopt$SO_J1939_FILTER(r0, 0x6b, 0x1, &(0x7f0000000080)=[{}], 0x2f) 1.449608371s ago: executing program 2 (id=527): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002ec0)={0x28, r0, 0x10ada85e65c25359, 0xfffffffd, 0x25dfdbfd, {{0x6b}, {@val={0x8}, @val={0xc, 0x99, {0x2, 0x72}}}}}, 0x28}, 0x1, 0x0, 0x400000000000000}, 0x0) 1.319108318s ago: executing program 1 (id=528): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) r1 = socket(0x2, 0x800, 0x6af798db) r2 = socket(0x400000000010, 0x3, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r5 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r5, &(0x7f0000000100)={0x18, 0x0, {0x1, @empty, 'gre0\x00'}}, 0x1e) sendmmsg$sock(r5, &(0x7f0000001dc0), 0x213, 0x0) getsockname(r5, &(0x7f0000000000)=@nfc_llcp, &(0x7f0000000080)=0x80) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x88, 0x2c, 0xd27, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0x7}, {}, {0x7, 0xe}}, [@filter_kind_options=@f_fw={{0x7}, {0x54, 0x2, [@TCA_FW_ACT={0x50, 0x4, [@m_vlan={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{0x3513, 0x6, 0xffffffffffffffff, 0xb6b9, 0x3}, 0x1}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x0, 0x1}}]}, 0x88}, 0x1, 0x0, 0x0, 0x80}, 0x24000880) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000000c0)={'ip6tnl0\x00', &(0x7f0000000000)={'syztnl0\x00', 0x0, 0x2f, 0xda, 0xb, 0x0, 0x54, @loopback, @empty, 0x8007, 0x8, 0x934, 0x17}}) sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=@setlink={0x54, 0x13, 0x400, 0x70bd29, 0x25dfdbff, {0x0, 0x0, 0x0, r4, 0x1020, 0x20b88}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @ipip={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_TOS={0x5, 0x5, 0x6}, @IFLA_IPTUN_ENCAP_SPORT={0x6, 0x11, 0x4e22}]}}}, @IFLA_MASTER={0x8, 0xa, r6}, @IFLA_EVENT={0x8, 0x2c, 0x5}]}, 0x54}, 0x1, 0x0, 0x0, 0x10}, 0x0) connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10) r7 = socket$can_raw(0x1d, 0x3, 0x1) getsockopt$CAN_RAW_FILTER(r7, 0x65, 0x1, 0xfffffffffffffffe, &(0x7f0000000080)=0x43) r8 = socket$inet_sctp(0x2, 0x5, 0x84) listen(r8, 0xbabc) recvfrom$inet(r8, 0x0, 0x0, 0x1, 0x0, 0x0) recvmmsg(r0, &(0x7f00000004c0)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000001c0)=""/47, 0x2f}], 0x1}, 0x3ff}], 0x1, 0x123, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0xf, 0x0, &(0x7f0000000480)="b9ffb2ed6844268cb89e14f086dd11", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.318879858s ago: executing program 0 (id=529): r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) r1 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$IP_VS_SO_SET_ZERO(r1, 0x0, 0x48f, &(0x7f0000009040)={0x6, @empty, 0x4e23, 0x0, 'wlc\x00', 0x5, 0x1, 0x26}, 0x2c) r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) close(r2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r6 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f00000004000000040000001200000000000000", @ANYRES32, @ANYRES8=r7, @ANYRES32=0x0, @ANYRESDEC=r4, @ANYBLOB='\x00'/28], 0x48) syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_POWER_SAVE(r9, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, r10, 0x2, 0x70bd25, 0xd9, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_PS_STATE={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x44080}, 0x20040000) r11 = accept4$nfc_llcp(r6, &(0x7f0000000300), &(0x7f0000000380)=0x60, 0x80000) ioctl$ifreq_SIOCGIFINDEX_team(r11, 0x8933, 0x0) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000007c0)=ANY=[@ANYRES32=r8, @ANYRES32=r5, @ANYBLOB='&'], 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r8}, &(0x7f0000000000), &(0x7f00000002c0)=r2}, 0x20) sendmsg$inet(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x118e2}], 0x1}, 0x0) recvmsg$unix(r3, &(0x7f0000000480)={0x0, 0x44, &(0x7f0000000440)=[{&(0x7f00000006c0)=""/244, 0xf21}], 0x12}, 0x0) sendmmsg$inet(r0, &(0x7f00000020c0)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000004c0)='\f', 0x1}], 0x1, 0x0, 0x0, 0x2000000}}], 0xfdef, 0x0) 1.31869217s ago: executing program 2 (id=530): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x7, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}, 'macvlan1\x00'}}, 0x1e) sendmmsg(r0, &(0x7f00000006c0), 0x0, 0x40884) recvmmsg(r0, &(0x7f0000000900)=[{{0x0, 0xfffffffffffffe1f, 0x0}, 0x1}], 0x3fffffffffffd3c, 0x40018003, 0x0) 1.186475147s ago: executing program 3 (id=531): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000030000001400000008000a00fc00000018000180140002006e657464657673696d300000000000000800050000fcffff08000900fc000000080011000700000008000e00800000000800", @ANYRES64=r0], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 1.113409462s ago: executing program 0 (id=533): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$SEG6(0x0, r0) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000040)={0x28, r1, 0x1, 0x70bd28, 0x25dfdc00, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}]}, 0x28}, 0x1, 0x0, 0x0, 0x810}, 0x4000) 1.023918718s ago: executing program 3 (id=534): syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nbd(&(0x7f0000000180), 0xffffffffffffffff) r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r1) socket$inet6_mptcp(0xa, 0x1, 0x106) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), r2) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r3, @ANYBLOB="010000020c00fbdbdf2501000000080002000000000005000500000000000800030001000000480001800500020020"], 0x84}}, 0x0) sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r0, &(0x7f0000000480)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x2c, r3, 0x4, 0x70bd29, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x3}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0xcb}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40c1}, 0x68040) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) unshare(0x22020600) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x9, 0x6, &(0x7f0000000500)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x5}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffc}, @ldst={0x0, 0x1, 0x5, 0x7, 0x9, 0x0, 0xfffffffffffffff0}]}, &(0x7f0000000580)='GPL\x00', 0x5, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @cgroup_sock=0x9e7abe5a9356f2cf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000600)={0x5, 0x9, 0x39c, 0x9}, 0x10, 0x0, r4, 0x8, &(0x7f0000000640)=[r4, r4, r4, r4, r4, r4, r4, r4, r4], &(0x7f0000000680)=[{0x0, 0x4, 0x6, 0x7}, {0x0, 0x5, 0xe}, {0x3, 0x1, 0x4, 0x9}, {0x2, 0x3, 0x1, 0x1}, {0x1, 0x5, 0x7, 0x3}, {0x5, 0x5, 0x6, 0x6}, {0x0, 0x3, 0xe, 0xc}, {0x2, 0x0, 0xb}], 0x10, 0x5, @void, @value}, 0x94) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000b80)=@bpf_lsm={0x1d, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000200)='GPL\x00', 0x5, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, 0x1b, r4, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000740)={0x1, 0xa, 0x7, 0x401}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fffffff, @void, @value}, 0x94) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r1, 0x0) r5 = socket$inet_mptcp(0x2, 0x1, 0x106) socket$nl_xfrm(0x10, 0x3, 0x6) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0) connect$inet(r5, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = socket(0x1e, 0x1, 0x0) setsockopt$sock_timeval(r7, 0x1, 0x14, &(0x7f0000454ff0)={0x0, 0x2710}, 0x10) syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_DEL_ADDR(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0) 1.005761349s ago: executing program 0 (id=536): bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x3, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_lookup=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) close(0xffffffffffffffff) socket$nl_route(0x10, 0x3, 0x0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000280)=0xc9, 0x4) readv(r1, &(0x7f0000000200)=[{&(0x7f0000000300)=""/136, 0x88}], 0x1) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000b40)=ANY=[@ANYBLOB="2800000010005fba00"/20, @ANYRES32=0x0, @ANYBLOB="80000200e180000008001b"], 0x28}}, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup.net/syz1\x00', 0x200002, 0x0) r3 = socket$pppl2tp(0x18, 0x1, 0x1) r4 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r3, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r4, {0x2, 0x0, @dev}, 0x2}}, 0x2e) r5 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_DELETE(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000005c0)=ANY=[@ANYBLOB="54000000fa53b723dd28f64ef83cd0bb37860b4f9db79612b246c33ead90548e6195f28fd1f7c6d3afa6c77471434b37c0607806ec9b6756095cebf59a86fd5e4f2a55298520a570ed7e64861bd0257997b145c3e215281243e630cc30a6eaa70868c206c6622b337eb1423969c208b202692a9e5f0b0c1ac740aa3a76645fb93e90a9dfd70c4acedb003b029a71e5932fa77081030850b7f7410c2ee42763307e27ef0dba1f12c6beebec1607b03f06879f4f6604256f687cdaf5db3ec124ca", @ANYRES16=r5, @ANYBLOB="010027bd7000040000000500000008000c00a80a000014000800767863616e31000000000000000000000c001000ff07"], 0x54}}, 0x0) ppoll(0x0, 0x0, &(0x7f0000000440), &(0x7f0000000480)={[0x8]}, 0x8) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'bridge0\x00'}) sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=@newlink={0x34, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x215}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}]}, 0x34}, 0x1, 0xba01}, 0x0) sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x4000, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="280000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="010000000000000008001b00"], 0x28}}, 0x0) 872.396767ms ago: executing program 3 (id=537): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) (async) pread64(r0, 0x0, 0x0, 0x2) (async) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180200000500000000000000000000008500000041000000850000000700000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="6daa000000000000711015000000000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xfeab, 0x0, &(0x7f0000000240)="354da925f340a56cd9bd738d605596e3d582a1c9322827787f4befc77fb80946a5bfccb7f13ed319ab96cbe2ff25f4a5efa691026d5ebd147fcd4a69476e1f2decbb48b2d7fe", 0x0, 0x501, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) (async) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000ec0)=ANY=[@ANYBLOB="0e00000004000000040000000300000000000000", @ANYRES32, @ANYBLOB="0000000000000000437bf9d2d29bbec982136c1449a80400085158e37072a9fdc70000000000000000000000008d0f17eed9333ee2fe58437d6e069dff08d294bb3a13ac307233", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) (async) r3 = socket(0x2, 0x80805, 0x0) (async) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'macvlan0\x00', 0x0}) sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x215}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r5}]}, 0x3c}, 0x1, 0xba01}, 0x0) (async) getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x18, 0x0, &(0x7f0000000040)) (async) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x35, &(0x7f0000000e80)=0x4, 0x4) bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000d40)=r2, 0x4) (async) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000009feffff720a00fef8ffffff71a400fe0000000071106c00000000001d300200000000004704000001ed030407000000c00000001d440000000000006b0a00fe0000000072030000000a0000e500f9ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616276fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a26048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdec86f9b1eb93d491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f806694d461b76a58d88cf0f520310a1e80dc18cde9ad662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a090f3b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xb, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bf0900000000000035090100000000009500000000070000b7080000000000007b9a00fe000000006609ffff00000000dbaaf0ff50000000bf8600000000000007080000f8ffffffbfa400000000000007040000f0ffffff550000000800000018220000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7050000080000004608f0ff760000005d9800000000000056080000000000008500000007000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x10000, 0x36, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r3, 0x84, 0xf, &(0x7f0000000c40)={0x0, @in={{0x2, 0x4e23, @remote}}, 0xfffffff3, 0x5, 0x9, 0x7}, &(0x7f0000000140)=0x98) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r3, 0x84, 0x10, &(0x7f0000000180)=@sack_info={r7, 0x0, 0x9}, &(0x7f0000000d00)=0xc) ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'nr0\x00', 0x20}) 792.064311ms ago: executing program 4 (id=538): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a4fc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b87f7c40a1702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f600e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e92604"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xf, 0x0, &(0x7f0000000480)="b9ffb2ed6844268cb89e14f086dd11", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 783.982898ms ago: executing program 3 (id=539): r0 = socket$rxrpc(0x21, 0x2, 0xa) sendmsg$inet(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[@ip_tos_int={{0x14, 0x110, 0x2}}], 0x18, 0x4c00}, 0x400a0) socket$inet6(0xa, 0x5, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) bind$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x800, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x8000}, 0x4) syz_emit_ethernet(0x6a, &(0x7f0000000000)=ANY=[@ANYRES16], 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffff0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xf5, 0x0, &(0x7f00000006c0)="88222f849f60d3114de91441b232169b9239917d498daf394a0d2ad051a66adbbb80a940ca9c65b8996d0a5baa387953cb561248287ca5a486ef231a41af2e6b5961cb3f3a6ffd31409205ead909f3d57c3912aa4fb5b17af95cc65e4b1fe69fbce847533c6b0e6b2650f36f4f23b49310900a786458bcdfcaf8c6c63e56d3d9de42930994d0e04acf95218a974a463197e68bf8d379804ec8cd6cbd82197e40c6f9570c9cffc26b6c402f32f7691e41951b1e6ed5d2bfefe2a2cf42b5692dc94d487b184c0c176cf0110f40b21a443e7525d748398119c97b021d6dc4eb37400da95a6f95730a26b33c595b79ed8d15c5aee3181e", 0x0, 0xd01, 0xbe02, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x2, 0x2ff7afedf}, 0xc) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_LISTALL(r2, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1fffe}, 0xc, &(0x7f00000001c0)={&(0x7f0000000500)={0x14, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x20000810) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000000)="8a", 0x440) r4 = accept4(r3, 0x0, 0x0, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x7bff, &(0x7f0000000180)={&(0x7f0000000140)=@delqdisc={0xfffffffffffffc9b}, 0x49d32d254ae22f79}}, 0x0) getsockopt$sock_buf(r4, 0x1, 0x1a, 0x0, &(0x7f0000000340)) sendmsg$NL80211_CMD_UPDATE_OWE_INFO(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x4040004) r5 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r5, &(0x7f0000000940)={0x0, 0xfdde, &(0x7f0000000300)=[{&(0x7f00000001c0)="d8000000180081054e81f782db44b904021d005c06007c09e8fe55a10a0015400100142603600e1208000f0000000401a800160008000140090011", 0x3b}, {&(0x7f0000000a80)="a8e97cb1dfd5f0137dd8f10a1aab92eee4ed291d6908d5efd16a0270f3b39b38f7852b63b01ca5c0908b65a61128c911e4fe279efcf91f0e7ddd287ecd3407b1dc1d6a169a39c77420aca50c0cf3ec80cf4cb16b27d5893cd7acaef29a6bf231b5987b0d61778521dfa07c73ba5060b750c254beb23884af33e3bb1a3d29a6d9a42b0286ea1406ac6415300252c6e42d889f60ebd3ef56c3d54c6d9744", 0x9d}], 0x2}, 0x0) 640.579126ms ago: executing program 4 (id=540): unshare(0x400) r0 = socket$can_j1939(0x1d, 0x2, 0x7) setsockopt$SO_J1939_FILTER(r0, 0x6b, 0x1, &(0x7f0000000080)=[{}], 0x2f) 524.596383ms ago: executing program 4 (id=541): socket$nl_route(0x10, 0x3, 0x0) socket(0x10, 0x3, 0x0) unshare(0x26020480) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000072000000850000000f00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r0}, 0x18) r1 = socket(0x10, 0x803, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) 427.29944ms ago: executing program 4 (id=542): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r2) sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r1, &(0x7f0000000080)={0x0, 0x12, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01000000000000000000037400062c000700737b7352656d5f753a6f626a6563745f723a756465765f68656c7065725f657865635f743a7330000800020000000000080007002609090914000600626f6ee4300000000001000000000000080003"], 0x78}, 0x1, 0xffffffff00000003}, 0x0) socket(0x10, 0x803, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000001c0)='syz_tun\x00', 0x10) syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="bb9abbbbcabb0180c200000086dd6002adf700303a00fe880000000000000000000000000001ff02000000000000000000000000000102"], 0x0) 377.338744ms ago: executing program 2 (id=543): r0 = socket(0x200000000000011, 0x2, 0xd) bind$packet(r0, &(0x7f0000000080)={0x11, 0x800, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x8000}, 0x4) syz_emit_ethernet(0x2a, &(0x7f0000002380)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x2, 0x0, 0x11, 0x0, @empty, @empty}, {0x4e22, 0x4e23, 0x8}}}}}, 0x0) socket$packet(0x11, 0x2, 0x300) syz_emit_ethernet(0x32, &(0x7f0000000300)=ANY=[@ANYBLOB="e90c630faca20180c20000000800450000240000e0000011"], 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$xdp(0x2c, 0x3, 0x0) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000001c0)={'erspan0\x00', &(0x7f0000000080)={'gretap0\x00', 0x0, 0x40, 0x8000, 0x1c0, 0x4, {{0x20, 0x4, 0x3, 0x9, 0x80, 0x68, 0x0, 0x81, 0x29, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @empty, {[@rr={0x7, 0xb, 0xd1, [@multicast1, @broadcast]}, @ra={0x94, 0x4}, @noop, @end, @timestamp_prespec={0x44, 0x1c, 0xe9, 0x3, 0x2, [{@broadcast, 0x7}, {@empty, 0x7fff}, {@private=0xa010101, 0x8}]}, @ssrr={0x89, 0x7, 0x6, [@broadcast]}, @noop, @cipso={0x86, 0x1b, 0x3, [{0x2, 0x8, "a1c8ea7f736f"}, {0x0, 0x6, "44fe085f"}, {0x1, 0x7, "5eac66a96a"}]}, @timestamp_prespec={0x44, 0x1c, 0x6b, 0x3, 0x4, [{@rand_addr=0x64010102, 0x3}, {@private=0xa010100, 0x6}, {@loopback, 0x50}]}]}}}}}) r4 = accept4(0xffffffffffffffff, &(0x7f0000000200)=@pppoe={0x18, 0x0, {0x0, @multicast}}, &(0x7f0000000280)=0x80, 0x80800) bind$xdp(r2, &(0x7f00000002c0)={0x2c, 0xb, r3, 0x2b, r4}, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000380)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)={0x28, r5, 0x1, 0x70bd28, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_GATE_ANNOUNCEMENTS={0x5, 0x11, 0xfe}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000003e000701fcfffffffddbdf25047c0000100036800c00020007001500000000000c0001800600060008"], 0x30}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000) ioctl$sock_SIOCSIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r1, 0x8983, &(0x7f0000000040)) getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x1c, &(0x7f0000000580)=""/213, &(0x7f0000000340)=0xd5) r8 = socket(0x10, 0x3, 0x0) r9 = socket(0x10, 0x3, 0x0) getsockopt$IP_VS_SO_GET_INFO(r9, 0x0, 0x481, &(0x7f0000000400), &(0x7f0000000440)=0xc) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000180)={0xffffff}, 0x10) write(r8, &(0x7f0000000000)="240000001a005f0214f9f407000904001f000007fe000000000000000800040001000000", 0x24) r10 = socket(0x22, 0x6, 0x1) ioctl$AUTOFS_IOC_FAIL(r10, 0x9361, 0x3) 376.503811ms ago: executing program 1 (id=544): r0 = socket(0x200000000000011, 0x2, 0xd) bind$packet(r0, &(0x7f0000000080)={0x11, 0x800, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x8000}, 0x4) syz_emit_ethernet(0x2a, &(0x7f0000002380)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x2, 0x0, 0x11, 0x0, @empty, @empty}, {0x4e22, 0x4e23, 0x8}}}}}, 0x0) socket$packet(0x11, 0x2, 0x300) syz_emit_ethernet(0x32, &(0x7f0000000300)=ANY=[@ANYBLOB="e90c630faca20180c20000000800450000240000e0000011"], 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$xdp(0x2c, 0x3, 0x0) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000001c0)={'erspan0\x00', &(0x7f0000000080)={'gretap0\x00', 0x0, 0x40, 0x8000, 0x1c0, 0x4, {{0x29, 0x4, 0x3, 0x9, 0xa4, 0x68, 0x0, 0x81, 0x29, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @empty, {[@rr={0x7, 0xb, 0xd1, [@multicast1, @broadcast]}, @ra={0x94, 0x4}, @noop, @end, @timestamp_prespec={0x44, 0x1c, 0xe9, 0x3, 0x2, [{@broadcast, 0x7}, {@empty, 0x7fff}, {@private=0xa010101, 0x8}]}, @ssrr={0x89, 0x7, 0x6, [@broadcast]}, @ssrr={0x89, 0x23, 0xe, [@initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, @private=0xa010100, @empty, @loopback, @empty]}, @noop, @cipso={0x86, 0x1a, 0x3, [{0x2, 0x7, "a1c8ea7f73"}, {0x0, 0x6, "44fe085f"}, {0x1, 0x7, "5eac66a96a"}]}, @timestamp_prespec={0x44, 0x1c, 0x6b, 0x3, 0x4, [{@rand_addr=0x64010102, 0x3}, {@private=0xa010100, 0x6}, {@loopback, 0x50}]}]}}}}}) r4 = accept4(0xffffffffffffffff, &(0x7f0000000200)=@pppoe={0x18, 0x0, {0x0, @multicast}}, &(0x7f0000000280)=0x80, 0x80800) bind$xdp(r2, &(0x7f00000002c0)={0x2c, 0xb, r3, 0x2b, r4}, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000380)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)={0x28, r5, 0x1, 0x70bd28, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_GATE_ANNOUNCEMENTS={0x5, 0x11, 0xfe}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000003e000701fcfffffffddbdf25047c0000100036800c00020007001500000000000c0001800600060008"], 0x30}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000) ioctl$sock_SIOCSIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r1, 0x8983, &(0x7f0000000040)) getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x1c, &(0x7f0000000580)=""/213, &(0x7f0000000340)=0xd5) r8 = socket(0x10, 0x3, 0x0) r9 = socket(0x10, 0x3, 0x0) getsockopt$IP_VS_SO_GET_INFO(r9, 0x0, 0x481, &(0x7f0000000400), &(0x7f0000000440)=0xc) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000180)={0xffffff}, 0x10) write(r8, &(0x7f0000000000)="240000001a005f0214f9f407000904001f000007fe000000000000000800040001000000", 0x24) r10 = socket(0x22, 0x6, 0x1) ioctl$AUTOFS_IOC_FAIL(r10, 0x9361, 0x3) 250.851649ms ago: executing program 4 (id=545): socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003e00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48) r3 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="400000006800010000000000000000000a00000000000000060007000800000008000500", @ANYRES32, @ANYBLOB="180008"], 0x40}}, 0x0) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000540)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='\a'], 0x10) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r2, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r0}, 0x20) sendmmsg$inet6(r0, &(0x7f0000002440)=[{{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000600)="e2", 0x1}], 0x1}}, {{0x0, 0x1, &(0x7f0000000480), 0x14}}], 0x400, 0x10) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r4 = socket$nl_route(0x10, 0x3, 0x0) connect$netlink(r4, &(0x7f0000000280)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc) sendmsg$nl_route(r4, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c00000020000f005faeb8591a16fade81"], 0x1c}, 0x1, 0x0, 0x0, 0x801}, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$MRT6(r3, 0x29, 0x182, &(0x7f0000000040), &(0x7f0000000080)=0x4) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0) syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="bb9abbbbcabb0180c200000086dd6002adf700303a00fe880000000000000000000000000001ff02000000000000000000000000000102"], 0x0) 248.815636ms ago: executing program 2 (id=546): socket$kcm(0xa, 0x5, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x0, @empty}], 0x10) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0xc, &(0x7f0000000000)={0x0, @in6={{0xa, 0x4e24, 0xfffffffe, @dev={0xfe, 0x80, '\x00', 0x15}, 0x2}}}, 0x88) getsockname(r0, 0x0, &(0x7f0000000180)) sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000040)={&(0x7f0000000000)={0xa, 0x4e20, 0x0, @dev={0xfe, 0x80, '\x00', 0x2f}, 0x7f}, 0x1c, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1400000000000000290000004985313bff7f000000000000"], 0x18}, 0x8050) r1 = socket(0x2b, 0x1, 0x0) sendmsg$inet(r1, &(0x7f0000000680)={0x0, 0x0, 0x0}, 0x40041) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000002500)=@base={0x12, 0x4, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r4}, &(0x7f0000000040), &(0x7f0000000140)=r3}, 0x20) r5 = socket$kcm(0x10, 0x2, 0x4) r6 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_NO_ENOBUFS(r6, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4) sendmsg$nl_route(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="240000001a001fffffffff7f0000000080000000", @ANYBLOB], 0x24}}, 0x0) r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000007d00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000015c0)=ANY=[@ANYRES32, @ANYRES32=r7, @ANYBLOB="05"], 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{}, &(0x7f00000006c0), &(0x7f0000000700)}, 0x20) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3) syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), r2) sendmsg$ETHTOOL_MSG_WOL_GET(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[], 0x9c}, 0x1, 0x0, 0x0, 0x24004000}, 0x60488d4) close(r5) sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)="c5", 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e21, 0xffffff00, @local, 0x13}, 0x1c) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x3c, 0x0, 0x0) socket$kcm(0x10, 0x2, 0x0) 215.60617ms ago: executing program 1 (id=547): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$SEG6(0x0, r0) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000040)={0x28, r1, 0x1, 0x70bd28, 0x25dfdc00, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}]}, 0x28}, 0x1, 0x0, 0x0, 0x810}, 0x4000) 145.190895ms ago: executing program 3 (id=548): r0 = socket$l2tp(0x2, 0x2, 0x73) bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10) sendmmsg$inet(r0, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0) bind$inet(r0, &(0x7f00000005c0)={0x2, 0x4e22, @multicast1}, 0x10) ioctl$sock_inet_SIOCGIFNETMASK(r0, 0x891b, &(0x7f0000000080)={'pim6reg1\x00', {0x2, 0x0, @empty}}) 129.214713ms ago: executing program 1 (id=549): unshare(0x24020400) pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x7fffffffffffffff) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x680000b, 0x3032, 0xffffffffffffffff, 0x52972000) accept4(r1, &(0x7f0000000180)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private1}}}, &(0x7f00000000c0)=0x80, 0x80000) 114.269457ms ago: executing program 2 (id=550): syz_emit_ethernet(0x430, &(0x7f0000000400)={@multicast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x3fa, 0x3a, 0xff, @local, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, [{0x0, 0xa, "a78ce54006598080a8030003004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "000000050000000026000400"}, {0x0, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee4df24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000"}, {0x0, 0xb, "17dcea46c56aa00148c356de6b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f003"}, {0x18, 0x7, "b8a3e10000a3e1100000006f00ff12164039d0ebab140888c235c0fffe00000000600000ff0bc0fe0000000000000000fe20e23f6541c3"}, {0x0, 0x22, "5e14f0e74d2d36cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb1d18061c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3be0800c5fd97622c676d8800871a6aa54155de489abaa522c9924e0ad38c6967052cc7786d779b8353aac33a57d79b05613a12328f61129017fb632dbf04542188b196e213408c872d3126a3913336064fd440198947cb61124c665548344da863da2dfcd578ed9b048c76415994fc6c83db3be26b6328cb52bf265ae2f1e3da6fe8f39a1ca6d9d4e6ddc17dca63ccb904a23f32ea0a16dbfd2c84d9253d3cfc6400297b0f596bd4cd93f292043fff5a50aad2c4a9871bb6f215421d960fbf5f12"}, {0x3, 0x6, "41489859faad6b7894fe1137424008d432183a0113681c77fc82aec87a233d898a11c5cd98182e0722cd47409df61e0b"}]}}}}}}, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) ioctl$sock_SIOCBRDELBR(r0, 0x89a2, &(0x7f0000000000)='bridge0\x00') ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'syz_tun\x00'}) 28.484765ms ago: executing program 4 (id=551): socket$kcm(0x10, 0x2, 0x10) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="18002000ffffffff000000000000180000"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x4, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r2 = socket$nl_rdma(0x10, 0x3, 0x14) accept(r2, &(0x7f0000000800)=@pppoe, &(0x7f0000000500)=0x80) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000730000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r3}, 0xc) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r0}, 0x10) socket$kcm(0x2b, 0x1, 0x0) r4 = socket$inet6_sctp(0xa, 0x5, 0x84) r5 = socket$can_bcm(0x1d, 0x2, 0x2) pipe(&(0x7f00000000c0)={0xffffffffffffffff}) write$cgroup_subtree(r6, &(0x7f0000000480)={[{0x2b, 'pids'}, {0x6, 'perf_event'}, {0x2d, 'net'}]}, 0x17) connect$can_bcm(r5, &(0x7f0000000080), 0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000540)={'vxcan0\x00', 0x0}) sendmsg$can_bcm(r5, &(0x7f00000001c0)={&(0x7f0000000040)={0x1d, r7}, 0x10, &(0x7f0000000180)={&(0x7f0000000100)={0x5, 0x0, 0x0, {}, {0x0, 0x2710}, {}, 0x1, @can={{}, 0x3, 0x2, 0x0, 0x0, "b68c52d2be3c0d90"}}, 0x48}}, 0x0) r8 = socket$nl_route(0x10, 0x3, 0x0) r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nbd(&(0x7f0000000580), 0xffffffffffffffff) sendmsg$NBD_CMD_STATUS(r9, &(0x7f0000000900)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x38, 0x0, 0x8, 0x70bd2a, 0x25dfdbff, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x8}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x1000}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x2e}]}, 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x800) sendmsg$nl_route_sched(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=@newtfilter={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, r7, {0x10, 0xb}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0) r10 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000240)={0x38, 0x2d, 0x1, 0x0, 0x0, "", [@nested={0x4, 0x800}, @nested={0x24, 0x11, 0x0, 0x1, [@generic="2fe5afbf24fbcccc554cd9761e79b8dad8a2018544a3f855448c77987d9d7a52"]}]}, 0x38}], 0x1}, 0x0) 21.256926ms ago: executing program 0 (id=552): unshare(0x400) r0 = socket$can_j1939(0x1d, 0x2, 0x7) setsockopt$SO_J1939_FILTER(r0, 0x6b, 0x1, 0x0, 0x0) 0s ago: executing program 2 (id=553): r0 = socket$rxrpc(0x21, 0x2, 0xa) sendmsg$inet(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[@ip_tos_int={{0x14, 0x110, 0x2}}], 0x18, 0x4c00}, 0x400a0) socket$inet6(0xa, 0x5, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) bind$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x800, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x8000}, 0x4) syz_emit_ethernet(0x6a, &(0x7f0000000000)=ANY=[@ANYRES16], 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffff0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xf5, 0x0, &(0x7f00000006c0)="88222f849f60d3114de91441b232169b9239917d498daf394a0d2ad051a66adbbb80a940ca9c65b8996d0a5baa387953cb561248287ca5a486ef231a41af2e6b5961cb3f3a6ffd31409205ead909f3d57c3912aa4fb5b17af95cc65e4b1fe69fbce847533c6b0e6b2650f36f4f23b49310900a786458bcdfcaf8c6c63e56d3d9de42930994d0e04acf95218a974a463197e68bf8d379804ec8cd6cbd82197e40c6f9570c9cffc26b6c402f32f7691e41951b1e6ed5d2bfefe2a2cf42b5692dc94d487b184c0c176cf0110f40b21a443e7525d748398119c97b021d6dc4eb37400da95a6f95730a26b33c595b79ed8d15c5aee3181e", 0x0, 0xd01, 0xbe02, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x2, 0x2ff7afedf}, 0xc) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_LISTALL(r2, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1fffe}, 0xc, &(0x7f00000001c0)={&(0x7f0000000500)={0x14, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x20000810) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000000)="8a", 0x440) r4 = accept4(r3, 0x0, 0x0, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x7bff, &(0x7f0000000180)={&(0x7f0000000140)=@delqdisc={0xfffffffffffffc9b}, 0x49d32d254ae22f79}}, 0x0) getsockopt$sock_buf(r4, 0x1, 0x1a, 0x0, &(0x7f0000000340)) sendmsg$NL80211_CMD_UPDATE_OWE_INFO(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x4040004) r5 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r5, &(0x7f0000000940)={0x0, 0xfdde, &(0x7f0000000300)=[{&(0x7f00000001c0)="d8000000180081054e81f782db44b904021d005c06007c09e8fe55a10a0015400100142603600e1208000f0000000401a800160008000140090011", 0x3b}, {&(0x7f0000000a80)="a8e97cb1dfd5f0137dd8f10a1aab92eee4ed291d6908d5efd16a0270f3b39b38f7852b63b01ca5c0908b65a61128c911e4fe279efcf91f0e7ddd287ecd3407b1dc1d6a169a39c77420aca50c0cf3ec80cf4cb16b27d5893cd7acaef29a6bf231b5987b0d61778521dfa07c73ba5060b750c254beb23884af33e3bb1a3d29a6d9a42b0286ea1406ac6415300252c6e42d889f60ebd3ef56c3d54c6d9744", 0x9d}], 0x2}, 0x0) kernel console output (not intermixed with test programs): 0x10/0x10 [ 116.436433][ T6604] ? __pfx__printk+0x10/0x10 [ 116.436455][ T6604] ? __pfx___might_resched+0x10/0x10 [ 116.436475][ T6604] should_fail_ex+0x414/0x560 [ 116.436504][ T6604] ? bpf_test_run_xdp_live+0x191/0x1aa0 [ 116.436531][ T6604] should_failslab+0xa8/0x100 [ 116.436557][ T6604] __kvmalloc_node_noprof+0x168/0x5e0 [ 116.436580][ T6604] ? bpf_test_run_xdp_live+0x191/0x1aa0 [ 116.436611][ T6604] bpf_test_run_xdp_live+0x191/0x1aa0 [ 116.436644][ T6604] ? __mutex_unlock_slowpath+0x1cd/0x700 [ 116.436675][ T6604] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 116.436697][ T6604] ? synchronize_rcu+0x11a/0x310 [ 116.436714][ T6604] ? __pfx_synchronize_rcu+0x10/0x10 [ 116.436736][ T6604] ? __pfx_bpf_test_run_xdp_live+0x10/0x10 [ 116.436769][ T6604] ? 0xffffffffa0003b40 [ 116.436813][ T6604] ? 0xffffffffa0000948 [ 116.436858][ T6604] ? __pfx_xdp_test_run_init_page+0x10/0x10 [ 116.436889][ T6604] ? _copy_from_user+0x94/0xb0 [ 116.436915][ T6604] ? bpf_test_init+0x133/0x170 [ 116.436942][ T6604] ? xdp_convert_md_to_buff+0x5b/0x330 [ 116.436976][ T6604] bpf_prog_test_run_xdp+0x713/0xf90 [ 116.437024][ T6604] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 116.437059][ T6604] ? __fget_files+0x2a/0x420 [ 116.437090][ T6604] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 116.437122][ T6604] bpf_prog_test_run+0x2a9/0x340 [ 116.437153][ T6604] __sys_bpf+0x4a4/0x860 [ 116.437179][ T6604] ? __pfx___sys_bpf+0x10/0x10 [ 116.437217][ T6604] ? ksys_write+0x1f0/0x250 [ 116.437238][ T6604] ? rcu_is_watching+0x15/0xb0 [ 116.437289][ T6604] __x64_sys_bpf+0x7c/0x90 [ 116.437311][ T6604] do_syscall_64+0xf6/0x210 [ 116.437343][ T6604] ? clear_bhb_loop+0x45/0xa0 [ 116.437367][ T6604] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 116.437386][ T6604] RIP: 0033:0x7f3dc498e969 [ 116.437402][ T6604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 116.437418][ T6604] RSP: 002b:00007f3dc573e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 116.437438][ T6604] RAX: ffffffffffffffda RBX: 00007f3dc4bb5fa0 RCX: 00007f3dc498e969 [ 116.437450][ T6604] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a [ 116.437462][ T6604] RBP: 00007f3dc573e090 R08: 0000000000000000 R09: 0000000000000000 [ 116.437473][ T6604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 116.437484][ T6604] R13: 0000000000000000 R14: 00007f3dc4bb5fa0 R15: 00007ffec296b358 [ 116.437515][ T6604] [ 116.699669][ T6608] netlink: 8 bytes leftover after parsing attributes in process `syz.0.176'. [ 116.823134][ T6607] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input5 [ 116.932836][ T6607] netlink: 'syz.0.176': attribute type 1 has an invalid length. [ 116.945326][ T6607] netlink: 3 bytes leftover after parsing attributes in process `syz.0.176'. [ 117.068097][ T6246] IPVS: starting estimator thread 0... [ 117.232359][ T6246] IPVS: starting estimator thread 0... [ 117.238131][ T6619] IPVS: using max 27 ests per chain, 64800 per kthread [ 117.260623][ T6625] FAULT_INJECTION: forcing a failure. [ 117.260623][ T6625] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 117.296704][ T6627] warning: `syz.1.181' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 117.317043][ T6625] CPU: 1 UID: 0 PID: 6625 Comm: syz.0.180 Not tainted 6.15.0-rc3-syzkaller-00614-g0d15a26b247d #0 PREEMPT(full) [ 117.317072][ T6625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 117.317084][ T6625] Call Trace: [ 117.317091][ T6625] [ 117.317100][ T6625] dump_stack_lvl+0x189/0x250 [ 117.317133][ T6625] ? __lock_acquire+0xaac/0xd20 [ 117.317164][ T6625] ? __pfx_dump_stack_lvl+0x10/0x10 [ 117.317193][ T6625] ? __pfx__printk+0x10/0x10 [ 117.317213][ T6625] ? __might_fault+0xb0/0x130 [ 117.317251][ T6625] should_fail_ex+0x414/0x560 [ 117.317288][ T6625] _copy_from_user+0x2d/0xb0 [ 117.317315][ T6625] __sys_sendto+0x25c/0x520 [ 117.317338][ T6625] ? __pfx___sys_sendto+0x10/0x10 [ 117.317354][ T6625] ? __mutex_unlock_slowpath+0x1cd/0x700 [ 117.317394][ T6625] ? __fget_files+0x3a0/0x420 [ 117.317433][ T6625] ? ksys_write+0x1f0/0x250 [ 117.317453][ T6625] ? rcu_is_watching+0x15/0xb0 [ 117.317493][ T6625] __x64_sys_sendto+0xde/0x100 [ 117.317517][ T6625] do_syscall_64+0xf6/0x210 [ 117.317545][ T6625] ? clear_bhb_loop+0x45/0xa0 [ 117.317575][ T6625] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 117.317594][ T6625] RIP: 0033:0x7fc08d38e969 [ 117.317611][ T6625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 117.317627][ T6625] RSP: 002b:00007fc08e282038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 117.317647][ T6625] RAX: ffffffffffffffda RBX: 00007fc08d5b5fa0 RCX: 00007fc08d38e969 [ 117.317661][ T6625] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 117.317672][ T6625] RBP: 00007fc08e282090 R08: 0000200000000180 R09: 0000000000000010 [ 117.317684][ T6625] R10: 00000000200007fd R11: 0000000000000246 R12: 0000000000000001 [ 117.317695][ T6625] R13: 0000000000000000 R14: 00007fc08d5b5fa0 R15: 00007fffde19f728 [ 117.317725][ T6625] [ 117.704816][ T6629] lo speed is unknown, defaulting to 1000 [ 117.741122][ T6246] IPVS: starting estimator thread 0... [ 117.772643][ T6628] IPVS: using max 26 ests per chain, 62400 per kthread [ 117.826775][ T6639] netlink: 'syz.4.183': attribute type 4 has an invalid length. [ 117.847706][ T6635] IPVS: using max 33 ests per chain, 79200 per kthread [ 118.355553][ T6658] netlink: 1 bytes leftover after parsing attributes in process `syz.4.187'. [ 118.377893][ T6658] netlink: 1 bytes leftover after parsing attributes in process `syz.4.187'. [ 118.408599][ T6658] netlink: 56 bytes leftover after parsing attributes in process `syz.4.187'. [ 118.586634][ T6663] FAULT_INJECTION: forcing a failure. [ 118.586634][ T6663] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 118.648405][ T6663] CPU: 0 UID: 0 PID: 6663 Comm: syz.0.189 Not tainted 6.15.0-rc3-syzkaller-00614-g0d15a26b247d #0 PREEMPT(full) [ 118.648433][ T6663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 118.648445][ T6663] Call Trace: [ 118.648452][ T6663] [ 118.648461][ T6663] dump_stack_lvl+0x189/0x250 [ 118.648491][ T6663] ? __lock_acquire+0xaac/0xd20 [ 118.648521][ T6663] ? __pfx_dump_stack_lvl+0x10/0x10 [ 118.648549][ T6663] ? __pfx__printk+0x10/0x10 [ 118.648568][ T6663] ? __might_fault+0xb0/0x130 [ 118.648604][ T6663] should_fail_ex+0x414/0x560 [ 118.648639][ T6663] _copy_from_iter+0x1db/0x15a0 [ 118.648686][ T6663] ? trace_kmem_cache_alloc+0x1f/0xc0 [ 118.648708][ T6663] ? kmem_cache_alloc_node_noprof+0x217/0x3c0 [ 118.648734][ T6663] ? __pfx__copy_from_iter+0x10/0x10 [ 118.648759][ T6663] ? __build_skb_around+0x257/0x3e0 [ 118.648782][ T6663] ? netlink_sendmsg+0x642/0xb30 [ 118.648800][ T6663] ? skb_put+0x11b/0x210 [ 118.648823][ T6663] netlink_sendmsg+0x6b2/0xb30 [ 118.648852][ T6663] ? __pfx_netlink_sendmsg+0x10/0x10 [ 118.648885][ T6663] ? aa_sock_msg_perm+0x94/0x160 [ 118.648907][ T6663] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 118.648929][ T6663] ? __pfx_netlink_sendmsg+0x10/0x10 [ 118.648949][ T6663] __sock_sendmsg+0x219/0x270 [ 118.648980][ T6663] ____sys_sendmsg+0x505/0x830 [ 118.649007][ T6663] ? __pfx_____sys_sendmsg+0x10/0x10 [ 118.649039][ T6663] ? import_iovec+0x74/0xa0 [ 118.649068][ T6663] ___sys_sendmsg+0x21f/0x2a0 [ 118.649092][ T6663] ? __pfx____sys_sendmsg+0x10/0x10 [ 118.649152][ T6663] ? __fget_files+0x2a/0x420 [ 118.649175][ T6663] ? __fget_files+0x3a0/0x420 [ 118.649210][ T6663] __x64_sys_sendmsg+0x19b/0x260 [ 118.649235][ T6663] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 118.649274][ T6663] ? do_syscall_64+0xba/0x210 [ 118.649304][ T6663] do_syscall_64+0xf6/0x210 [ 118.649330][ T6663] ? clear_bhb_loop+0x45/0xa0 [ 118.649354][ T6663] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 118.649372][ T6663] RIP: 0033:0x7fc08d38e969 [ 118.649390][ T6663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 118.649406][ T6663] RSP: 002b:00007fc08e282038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 118.649427][ T6663] RAX: ffffffffffffffda RBX: 00007fc08d5b5fa0 RCX: 00007fc08d38e969 [ 118.649441][ T6663] RDX: 0000000000040010 RSI: 0000200000000980 RDI: 0000000000000004 [ 118.649453][ T6663] RBP: 00007fc08e282090 R08: 0000000000000000 R09: 0000000000000000 [ 118.649462][ T6663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 118.649471][ T6663] R13: 0000000000000000 R14: 00007fc08d5b5fa0 R15: 00007fffde19f728 [ 118.649494][ T6663] [ 119.131676][ T6670] netlink: 260 bytes leftover after parsing attributes in process `syz.0.193'. [ 119.271942][ T6678] netlink: 4 bytes leftover after parsing attributes in process `syz.4.192'. [ 119.357296][ T6683] sysfs: cannot create duplicate filename '/class/ieee80211/!寿$ULvyآDUDw}zR' [ 119.374653][ T6683] CPU: 1 UID: 0 PID: 6683 Comm: syz.4.192 Not tainted 6.15.0-rc3-syzkaller-00614-g0d15a26b247d #0 PREEMPT(full) [ 119.374683][ T6683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 119.374696][ T6683] Call Trace: [ 119.374706][ T6683] [ 119.374716][ T6683] dump_stack_lvl+0x189/0x250 [ 119.374752][ T6683] ? lockdep_hardirqs_on+0x9c/0x150 [ 119.374782][ T6683] ? __pfx_dump_stack_lvl+0x10/0x10 [ 119.374812][ T6683] ? __pfx__printk+0x10/0x10 [ 119.374847][ T6683] ? kernfs_path_from_node+0x2b/0x260 [ 119.374880][ T6683] ? kernfs_path_from_node+0x216/0x260 [ 119.374913][ T6683] sysfs_warn_dup+0x8e/0xa0 [ 119.374939][ T6683] sysfs_do_create_link_sd+0xc0/0x110 [ 119.374968][ T6683] device_add_class_symlinks+0x1cf/0x240 [ 119.374995][ T6683] device_add+0x475/0xb50 [ 119.375021][ T6683] wiphy_register+0x199a/0x26b0 [ 119.375071][ T6683] ? __pfx_wiphy_register+0x10/0x10 [ 119.375099][ T6683] ? minstrel_ht_alloc+0x893/0x990 [ 119.375141][ T6683] ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0 [ 119.375179][ T6683] ieee80211_register_hw+0x334b/0x4060 [ 119.375219][ T6683] ? ieee80211_register_hw+0x1471/0x4060 [ 119.375253][ T6683] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 119.375280][ T6683] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 119.375314][ T6683] ? __hrtimer_setup+0x187/0x210 [ 119.375343][ T6683] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 119.375380][ T6683] mac80211_hwsim_new_radio+0x2f0e/0x5340 [ 119.375445][ T6683] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 119.375474][ T6683] ? trace_kmalloc+0x1f/0xd0 [ 119.375502][ T6683] ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0 [ 119.375529][ T6683] ? kstrndup+0xbf/0x160 [ 119.375561][ T6683] hwsim_new_radio_nl+0xea4/0x1b10 [ 119.375595][ T6683] ? __pfx___nla_validate_parse+0x10/0x10 [ 119.375635][ T6683] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 119.375668][ T6683] ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0 [ 119.375704][ T6683] ? __nla_parse+0x40/0x60 [ 119.375730][ T6683] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 119.375766][ T6683] genl_family_rcv_msg_doit+0x212/0x300 [ 119.375798][ T6683] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 119.375848][ T6683] ? bpf_lsm_capable+0x9/0x20 [ 119.375884][ T6683] ? security_capable+0x7e/0x2e0 [ 119.375913][ T6683] genl_rcv_msg+0x60e/0x790 [ 119.375946][ T6683] ? __pfx_genl_rcv_msg+0x10/0x10 [ 119.375970][ T6683] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 119.376022][ T6683] netlink_rcv_skb+0x219/0x490 [ 119.376056][ T6683] ? __pfx_genl_rcv_msg+0x10/0x10 [ 119.376082][ T6683] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 119.376141][ T6683] ? down_read+0x1ad/0x2e0 [ 119.376171][ T6683] genl_rcv+0x28/0x40 [ 119.376193][ T6683] netlink_unicast+0x758/0x8d0 [ 119.376236][ T6683] netlink_sendmsg+0x805/0xb30 [ 119.376267][ T6683] ? __pfx_netlink_sendmsg+0x10/0x10 [ 119.376290][ T6683] ? aa_sock_msg_perm+0x94/0x160 [ 119.376313][ T6683] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 119.376335][ T6683] ? __pfx_netlink_sendmsg+0x10/0x10 [ 119.376355][ T6683] __sock_sendmsg+0x219/0x270 [ 119.376388][ T6683] ____sys_sendmsg+0x505/0x830 [ 119.376417][ T6683] ? __pfx_____sys_sendmsg+0x10/0x10 [ 119.376451][ T6683] ? import_iovec+0x74/0xa0 [ 119.376483][ T6683] ___sys_sendmsg+0x21f/0x2a0 [ 119.376508][ T6683] ? __pfx____sys_sendmsg+0x10/0x10 [ 119.376574][ T6683] ? __fget_files+0x2a/0x420 [ 119.376601][ T6683] ? __fget_files+0x3a0/0x420 [ 119.376639][ T6683] __x64_sys_sendmsg+0x19b/0x260 [ 119.376666][ T6683] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 119.376708][ T6683] ? do_syscall_64+0xba/0x210 [ 119.376739][ T6683] do_syscall_64+0xf6/0x210 [ 119.376767][ T6683] ? clear_bhb_loop+0x45/0xa0 [ 119.376793][ T6683] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 119.376812][ T6683] RIP: 0033:0x7f3dc498e969 [ 119.376841][ T6683] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 119.376858][ T6683] RSP: 002b:00007f3dc571d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 119.376880][ T6683] RAX: ffffffffffffffda RBX: 00007f3dc4bb6080 RCX: 00007f3dc498e969 [ 119.376894][ T6683] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 000000000000000f [ 119.376906][ T6683] RBP: 00007f3dc4a10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 119.376918][ T6683] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 119.376930][ T6683] R13: 0000000000000000 R14: 00007f3dc4bb6080 R15: 00007ffec296b358 [ 119.376964][ T6683] [ 120.473182][ T6715] syz.4.200 uses old SIOCAX25GETINFO [ 120.484731][ T6717] netlink: 8 bytes leftover after parsing attributes in process `syz.2.203'. [ 120.488490][ T6718] netlink: 8 bytes leftover after parsing attributes in process `syz.3.204'. [ 120.734661][ T6730] netlink: 8 bytes leftover after parsing attributes in process `syz.0.207'. [ 120.817468][ T6732] netlink: 'syz.1.209': attribute type 10 has an invalid length. [ 120.877207][ T6732] bond0: (slave hsr0): The slave device specified does not support setting the MAC address [ 120.923633][ T6732] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 120.966030][ T6732] bond0: (slave hsr0): Error -22 calling dev_set_mtu [ 120.983348][ T6742] IPVS: sync thread started: state = BACKUP, mcast_ifn = wg0, syncid = 4, id = 0 [ 121.010827][ T6743] sysfs: cannot create duplicate filename '/class/ieee80211/!寿$ULvyآDUDw}zR' [ 121.041391][ T6743] CPU: 1 UID: 0 PID: 6743 Comm: syz.0.211 Not tainted 6.15.0-rc3-syzkaller-00614-g0d15a26b247d #0 PREEMPT(full) [ 121.041422][ T6743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 121.041439][ T6743] Call Trace: [ 121.041447][ T6743] [ 121.041456][ T6743] dump_stack_lvl+0x189/0x250 [ 121.041492][ T6743] ? lockdep_hardirqs_on+0x9c/0x150 [ 121.041523][ T6743] ? __pfx_dump_stack_lvl+0x10/0x10 [ 121.041553][ T6743] ? __pfx__printk+0x10/0x10 [ 121.041577][ T6743] ? kernfs_path_from_node+0x2b/0x260 [ 121.041607][ T6743] ? kernfs_path_from_node+0x216/0x260 [ 121.041639][ T6743] sysfs_warn_dup+0x8e/0xa0 [ 121.041672][ T6743] sysfs_do_create_link_sd+0xc0/0x110 [ 121.041702][ T6743] device_add_class_symlinks+0x1cf/0x240 [ 121.041730][ T6743] device_add+0x475/0xb50 [ 121.041758][ T6743] wiphy_register+0x199a/0x26b0 [ 121.041806][ T6743] ? __pfx_wiphy_register+0x10/0x10 [ 121.041833][ T6743] ? minstrel_ht_alloc+0x893/0x990 [ 121.041876][ T6743] ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0 [ 121.041915][ T6743] ieee80211_register_hw+0x334b/0x4060 [ 121.041953][ T6743] ? ieee80211_register_hw+0x1471/0x4060 [ 121.041987][ T6743] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 121.042015][ T6743] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 121.042048][ T6743] ? __hrtimer_setup+0x187/0x210 [ 121.042078][ T6743] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 121.042115][ T6743] mac80211_hwsim_new_radio+0x2f0e/0x5340 [ 121.042180][ T6743] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 121.042208][ T6743] ? trace_kmalloc+0x1f/0xd0 [ 121.042240][ T6743] ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0 [ 121.042266][ T6743] ? kstrndup+0xbf/0x160 [ 121.042298][ T6743] hwsim_new_radio_nl+0xea4/0x1b10 [ 121.042332][ T6743] ? __pfx___nla_validate_parse+0x10/0x10 [ 121.042372][ T6743] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 121.042419][ T6743] ? __nla_parse+0x40/0x60 [ 121.042446][ T6743] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 121.042484][ T6743] genl_family_rcv_msg_doit+0x212/0x300 [ 121.042524][ T6743] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 121.042566][ T6743] ? bpf_lsm_capable+0x9/0x20 [ 121.042594][ T6743] ? security_capable+0x7e/0x2e0 [ 121.042623][ T6743] genl_rcv_msg+0x60e/0x790 [ 121.042663][ T6743] ? __pfx_genl_rcv_msg+0x10/0x10 [ 121.042687][ T6743] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 121.042736][ T6743] netlink_rcv_skb+0x219/0x490 [ 121.042770][ T6743] ? __pfx_genl_rcv_msg+0x10/0x10 [ 121.042798][ T6743] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 121.042856][ T6743] ? down_read+0x1ad/0x2e0 [ 121.042888][ T6743] genl_rcv+0x28/0x40 [ 121.042910][ T6743] netlink_unicast+0x758/0x8d0 [ 121.042954][ T6743] netlink_sendmsg+0x805/0xb30 [ 121.042985][ T6743] ? __pfx_netlink_sendmsg+0x10/0x10 [ 121.043008][ T6743] ? aa_sock_msg_perm+0x94/0x160 [ 121.043030][ T6743] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 121.043051][ T6743] ? __pfx_netlink_sendmsg+0x10/0x10 [ 121.043070][ T6743] __sock_sendmsg+0x219/0x270 [ 121.043100][ T6743] ____sys_sendmsg+0x505/0x830 [ 121.043128][ T6743] ? __pfx_____sys_sendmsg+0x10/0x10 [ 121.043160][ T6743] ? import_iovec+0x74/0xa0 [ 121.043191][ T6743] ___sys_sendmsg+0x21f/0x2a0 [ 121.043216][ T6743] ? __pfx____sys_sendmsg+0x10/0x10 [ 121.043278][ T6743] ? __fget_files+0x2a/0x420 [ 121.043302][ T6743] ? __fget_files+0x3a0/0x420 [ 121.043341][ T6743] __x64_sys_sendmsg+0x19b/0x260 [ 121.043367][ T6743] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 121.043409][ T6743] ? do_syscall_64+0xba/0x210 [ 121.043446][ T6743] do_syscall_64+0xf6/0x210 [ 121.043474][ T6743] ? clear_bhb_loop+0x45/0xa0 [ 121.043500][ T6743] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.043519][ T6743] RIP: 0033:0x7fc08d38e969 [ 121.043538][ T6743] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 121.043555][ T6743] RSP: 002b:00007fc08e261038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 121.043577][ T6743] RAX: ffffffffffffffda RBX: 00007fc08d5b6080 RCX: 00007fc08d38e969 [ 121.043592][ T6743] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 000000000000000f [ 121.043605][ T6743] RBP: 00007fc08d410ab1 R08: 0000000000000000 R09: 0000000000000000 [ 121.043618][ T6743] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 121.043629][ T6743] R13: 0000000000000000 R14: 00007fc08d5b6080 R15: 00007fffde19f728 [ 121.043669][ T6743] [ 121.558971][ T6746] pim6reg: entered allmulticast mode [ 121.567554][ T6746] pim6reg: left allmulticast mode [ 121.766202][ T6750] bond0: entered promiscuous mode [ 121.775241][ T6750] bond_slave_0: entered promiscuous mode [ 121.783499][ T6750] bond_slave_1: entered promiscuous mode [ 121.791374][ T6750] bridge0: entered promiscuous mode [ 121.804022][ T6753] sysfs: cannot create duplicate filename '/class/ieee80211/!寿$ULvyآDU' [ 121.850001][ T6753] CPU: 0 UID: 0 PID: 6753 Comm: syz.2.216 Not tainted 6.15.0-rc3-syzkaller-00614-g0d15a26b247d #0 PREEMPT(full) [ 121.850034][ T6753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 121.850047][ T6753] Call Trace: [ 121.850055][ T6753] [ 121.850064][ T6753] dump_stack_lvl+0x189/0x250 [ 121.850102][ T6753] ? lockdep_hardirqs_on+0x9c/0x150 [ 121.850131][ T6753] ? __pfx_dump_stack_lvl+0x10/0x10 [ 121.850161][ T6753] ? __pfx__printk+0x10/0x10 [ 121.850204][ T6753] ? kernfs_path_from_node+0x2b/0x260 [ 121.850238][ T6753] ? kernfs_path_from_node+0x216/0x260 [ 121.850271][ T6753] sysfs_warn_dup+0x8e/0xa0 [ 121.850299][ T6753] sysfs_do_create_link_sd+0xc0/0x110 [ 121.850336][ T6753] device_add_class_symlinks+0x1cf/0x240 [ 121.850365][ T6753] device_add+0x475/0xb50 [ 121.850392][ T6753] wiphy_register+0x199a/0x26b0 [ 121.850443][ T6753] ? __pfx_wiphy_register+0x10/0x10 [ 121.850484][ T6753] ? ieee80211_register_hw+0x2d71/0x4060 [ 121.850505][ T6753] ? ieee80211_register_hw+0x2e9d/0x4060 [ 121.850534][ T6753] ieee80211_register_hw+0x334b/0x4060 [ 121.850572][ T6753] ? ieee80211_register_hw+0x1471/0x4060 [ 121.850607][ T6753] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 121.850634][ T6753] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 121.850667][ T6753] ? __hrtimer_setup+0x187/0x210 [ 121.850696][ T6753] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 121.850733][ T6753] mac80211_hwsim_new_radio+0x2f0e/0x5340 [ 121.850797][ T6753] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 121.850830][ T6753] ? trace_kmalloc+0x1f/0xd0 [ 121.850852][ T6753] ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0 [ 121.850878][ T6753] ? kstrndup+0xbf/0x160 [ 121.850910][ T6753] hwsim_new_radio_nl+0xea4/0x1b10 [ 121.850943][ T6753] ? __pfx___nla_validate_parse+0x10/0x10 [ 121.850984][ T6753] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 121.851028][ T6753] ? __nla_parse+0x40/0x60 [ 121.851055][ T6753] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 121.851093][ T6753] genl_family_rcv_msg_doit+0x212/0x300 [ 121.851127][ T6753] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 121.851169][ T6753] ? bpf_lsm_capable+0x9/0x20 [ 121.851197][ T6753] ? security_capable+0x7e/0x2e0 [ 121.851225][ T6753] genl_rcv_msg+0x60e/0x790 [ 121.851258][ T6753] ? __pfx_genl_rcv_msg+0x10/0x10 [ 121.851283][ T6753] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 121.851336][ T6753] netlink_rcv_skb+0x219/0x490 [ 121.851369][ T6753] ? __pfx_genl_rcv_msg+0x10/0x10 [ 121.851396][ T6753] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 121.851457][ T6753] ? down_read+0x1ad/0x2e0 [ 121.851490][ T6753] genl_rcv+0x28/0x40 [ 121.851513][ T6753] netlink_unicast+0x758/0x8d0 [ 121.851557][ T6753] netlink_sendmsg+0x805/0xb30 [ 121.851588][ T6753] ? __pfx_netlink_sendmsg+0x10/0x10 [ 121.851612][ T6753] ? aa_sock_msg_perm+0x94/0x160 [ 121.851636][ T6753] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 121.851657][ T6753] ? __pfx_netlink_sendmsg+0x10/0x10 [ 121.851678][ T6753] __sock_sendmsg+0x219/0x270 [ 121.851710][ T6753] ____sys_sendmsg+0x505/0x830 [ 121.851740][ T6753] ? __pfx_____sys_sendmsg+0x10/0x10 [ 121.851774][ T6753] ? import_iovec+0x74/0xa0 [ 121.851804][ T6753] ___sys_sendmsg+0x21f/0x2a0 [ 121.851830][ T6753] ? __pfx____sys_sendmsg+0x10/0x10 [ 121.851895][ T6753] ? __fget_files+0x2a/0x420 [ 121.851920][ T6753] ? __fget_files+0x3a0/0x420 [ 121.851959][ T6753] __x64_sys_sendmsg+0x19b/0x260 [ 121.851985][ T6753] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 121.852028][ T6753] ? do_syscall_64+0xba/0x210 [ 121.852059][ T6753] do_syscall_64+0xf6/0x210 [ 121.852087][ T6753] ? clear_bhb_loop+0x45/0xa0 [ 121.852113][ T6753] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.852133][ T6753] RIP: 0033:0x7f9194d8e969 [ 121.852152][ T6753] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 121.852170][ T6753] RSP: 002b:00007f9195c24038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 121.852192][ T6753] RAX: ffffffffffffffda RBX: 00007f9194fb5fa0 RCX: 00007f9194d8e969 [ 121.852207][ T6753] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000004 [ 121.852220][ T6753] RBP: 00007f9194e10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 121.852232][ T6753] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 121.852244][ T6753] R13: 0000000000000000 R14: 00007f9194fb5fa0 R15: 00007fffb11c35e8 [ 121.852277][ T6753] [ 122.966557][ T6783] lo speed is unknown, defaulting to 1000 [ 123.412677][ T6809] __nla_validate_parse: 4 callbacks suppressed [ 123.412696][ T6809] netlink: 4 bytes leftover after parsing attributes in process `syz.4.228'. [ 123.519133][ T6809] sysfs: cannot create duplicate filename '/class/ieee80211/!寿$ULvyآDUDw}zR' [ 123.561068][ T6809] CPU: 1 UID: 0 PID: 6809 Comm: syz.4.228 Not tainted 6.15.0-rc3-syzkaller-00614-g0d15a26b247d #0 PREEMPT(full) [ 123.561100][ T6809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 123.561113][ T6809] Call Trace: [ 123.561121][ T6809] [ 123.561130][ T6809] dump_stack_lvl+0x189/0x250 [ 123.561167][ T6809] ? lockdep_hardirqs_on+0x9c/0x150 [ 123.561195][ T6809] ? __pfx_dump_stack_lvl+0x10/0x10 [ 123.561226][ T6809] ? __pfx__printk+0x10/0x10 [ 123.561252][ T6809] ? kernfs_path_from_node+0x2b/0x260 [ 123.561283][ T6809] ? kernfs_path_from_node+0x216/0x260 [ 123.561314][ T6809] sysfs_warn_dup+0x8e/0xa0 [ 123.561341][ T6809] sysfs_do_create_link_sd+0xc0/0x110 [ 123.561372][ T6809] device_add_class_symlinks+0x1cf/0x240 [ 123.561401][ T6809] device_add+0x475/0xb50 [ 123.561429][ T6809] wiphy_register+0x199a/0x26b0 [ 123.561488][ T6809] ? __pfx_wiphy_register+0x10/0x10 [ 123.561516][ T6809] ? minstrel_ht_alloc+0x893/0x990 [ 123.561559][ T6809] ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0 [ 123.561598][ T6809] ieee80211_register_hw+0x334b/0x4060 [ 123.561638][ T6809] ? ieee80211_register_hw+0x1471/0x4060 [ 123.561673][ T6809] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 123.561701][ T6809] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 123.561734][ T6809] ? __hrtimer_setup+0x187/0x210 [ 123.561763][ T6809] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 123.561800][ T6809] mac80211_hwsim_new_radio+0x2f0e/0x5340 [ 123.561866][ T6809] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 123.561894][ T6809] ? trace_kmalloc+0x1f/0xd0 [ 123.561916][ T6809] ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0 [ 123.561942][ T6809] ? kstrndup+0xbf/0x160 [ 123.561974][ T6809] hwsim_new_radio_nl+0xea4/0x1b10 [ 123.562010][ T6809] ? __pfx___nla_validate_parse+0x10/0x10 [ 123.562048][ T6809] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 123.562094][ T6809] ? __nla_parse+0x40/0x60 [ 123.562121][ T6809] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 123.562158][ T6809] genl_family_rcv_msg_doit+0x212/0x300 [ 123.562192][ T6809] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 123.562235][ T6809] ? bpf_lsm_capable+0x9/0x20 [ 123.562263][ T6809] ? security_capable+0x7e/0x2e0 [ 123.562290][ T6809] genl_rcv_msg+0x60e/0x790 [ 123.562323][ T6809] ? __pfx_genl_rcv_msg+0x10/0x10 [ 123.562347][ T6809] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 123.562395][ T6809] netlink_rcv_skb+0x219/0x490 [ 123.562428][ T6809] ? __pfx_genl_rcv_msg+0x10/0x10 [ 123.562461][ T6809] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 123.562522][ T6809] ? down_read+0x1ad/0x2e0 [ 123.562555][ T6809] genl_rcv+0x28/0x40 [ 123.562578][ T6809] netlink_unicast+0x758/0x8d0 [ 123.562621][ T6809] netlink_sendmsg+0x805/0xb30 [ 123.562652][ T6809] ? __pfx_netlink_sendmsg+0x10/0x10 [ 123.562676][ T6809] ? aa_sock_msg_perm+0x94/0x160 [ 123.562699][ T6809] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 123.562721][ T6809] ? __pfx_netlink_sendmsg+0x10/0x10 [ 123.562742][ T6809] __sock_sendmsg+0x219/0x270 [ 123.562775][ T6809] ____sys_sendmsg+0x505/0x830 [ 123.562805][ T6809] ? __pfx_____sys_sendmsg+0x10/0x10 [ 123.562839][ T6809] ? import_iovec+0x74/0xa0 [ 123.562870][ T6809] ___sys_sendmsg+0x21f/0x2a0 [ 123.562896][ T6809] ? __pfx____sys_sendmsg+0x10/0x10 [ 123.562964][ T6809] ? __fget_files+0x2a/0x420 [ 123.562989][ T6809] ? __fget_files+0x3a0/0x420 [ 123.563029][ T6809] __x64_sys_sendmsg+0x19b/0x260 [ 123.563055][ T6809] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 123.563099][ T6809] ? do_syscall_64+0xba/0x210 [ 123.563130][ T6809] do_syscall_64+0xf6/0x210 [ 123.563158][ T6809] ? clear_bhb_loop+0x45/0xa0 [ 123.563181][ T6809] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.563201][ T6809] RIP: 0033:0x7f3dc498e969 [ 123.563220][ T6809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 123.563237][ T6809] RSP: 002b:00007f3dc571d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 123.563258][ T6809] RAX: ffffffffffffffda RBX: 00007f3dc4bb6080 RCX: 00007f3dc498e969 [ 123.563273][ T6809] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 000000000000000f [ 123.563285][ T6809] RBP: 00007f3dc4a10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 123.563297][ T6809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 123.563309][ T6809] R13: 0000000000000000 R14: 00007f3dc4bb6080 R15: 00007ffec296b358 [ 123.563343][ T6809] [ 123.591912][ T6815] netlink: 4 bytes leftover after parsing attributes in process `syz.2.230'. [ 123.630559][ T6801] lo speed is unknown, defaulting to 1000 [ 123.725201][ T6818] FAULT_INJECTION: forcing a failure. [ 123.725201][ T6818] name failslab, interval 1, probability 0, space 0, times 0 [ 123.836773][ T6818] CPU: 0 UID: 0 PID: 6818 Comm: syz.0.232 Not tainted 6.15.0-rc3-syzkaller-00614-g0d15a26b247d #0 PREEMPT(full) [ 123.836798][ T6818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 123.836811][ T6818] Call Trace: [ 123.836820][ T6818] [ 123.836829][ T6818] dump_stack_lvl+0x189/0x250 [ 123.836872][ T6818] ? __pfx_dump_stack_lvl+0x10/0x10 [ 123.836904][ T6818] ? __pfx__printk+0x10/0x10 [ 123.836942][ T6818] should_fail_ex+0x414/0x560 [ 123.836982][ T6818] should_failslab+0xa8/0x100 [ 123.837013][ T6818] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 123.837041][ T6818] ? __alloc_skb+0x112/0x2d0 [ 123.837067][ T6818] __alloc_skb+0x112/0x2d0 [ 123.837094][ T6818] __pskb_copy_fclone+0xab/0xf90 [ 123.837120][ T6818] ? __lock_acquire+0xaac/0xd20 [ 123.837170][ T6818] hwsim_hw_xmit+0x412/0x14d0 [ 123.837210][ T6818] ? hwsim_hw_xmit+0xe3/0x14d0 [ 123.837253][ T6818] ? __pfx_hwsim_hw_xmit+0x10/0x10 [ 123.837287][ T6818] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 123.837312][ T6818] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 123.837334][ T6818] ? ieee802154_hold_queue+0xd1/0x3a0 [ 123.837372][ T6818] ? ieee802154_hold_queue+0xd1/0x3a0 [ 123.837411][ T6818] ieee802154_tx+0x26a/0x510 [ 123.837444][ T6818] ieee802154_subif_start_xmit+0x110/0x190 [ 123.837475][ T6818] dev_hard_start_xmit+0x2d4/0x830 [ 123.837522][ T6818] sch_direct_xmit+0x241/0x4b0 [ 123.837566][ T6818] ? __pfx_sch_direct_xmit+0x10/0x10 [ 123.837610][ T6818] __dev_queue_xmit+0x17b6/0x3a70 [ 123.837642][ T6818] ? __lock_acquire+0xaac/0xd20 [ 123.837675][ T6818] ? __dev_queue_xmit+0x27e/0x3a70 [ 123.837705][ T6818] ? __might_fault+0xb0/0x130 [ 123.837743][ T6818] ? __pfx___dev_queue_xmit+0x10/0x10 [ 123.837770][ T6818] ? __might_fault+0xb0/0x130 [ 123.837802][ T6818] ? _copy_from_iter+0x308/0x15a0 [ 123.837829][ T6818] ? __pfx_ieee802154_header_create+0x10/0x10 [ 123.837869][ T6818] ? __pfx__copy_from_iter+0x10/0x10 [ 123.837902][ T6818] ? dev_getfirstbyhwtype+0x24/0x280 [ 123.837931][ T6818] ? dev_getfirstbyhwtype+0x24/0x280 [ 123.837958][ T6818] ? dev_getfirstbyhwtype+0x24/0x280 [ 123.837996][ T6818] dgram_sendmsg+0x73a/0xd80 [ 123.838035][ T6818] ? __pfx_dgram_sendmsg+0x10/0x10 [ 123.838064][ T6818] ? tomoyo_socket_sendmsg_permission+0x1e1/0x300 [ 123.838097][ T6818] ? aa_sock_msg_perm+0x94/0x160 [ 123.838120][ T6818] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 123.838144][ T6818] ? __pfx_ieee802154_sock_sendmsg+0x10/0x10 [ 123.838177][ T6818] __sock_sendmsg+0x219/0x270 [ 123.838211][ T6818] ____sys_sendmsg+0x505/0x830 [ 123.838244][ T6818] ? __pfx_____sys_sendmsg+0x10/0x10 [ 123.838281][ T6818] ? import_iovec+0x74/0xa0 [ 123.838314][ T6818] ___sys_sendmsg+0x21f/0x2a0 [ 123.838341][ T6818] ? __pfx____sys_sendmsg+0x10/0x10 [ 123.838410][ T6818] ? __fget_files+0x2a/0x420 [ 123.838436][ T6818] ? __fget_files+0x3a0/0x420 [ 123.838476][ T6818] __x64_sys_sendmsg+0x19b/0x260 [ 123.838504][ T6818] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 123.838549][ T6818] ? do_syscall_64+0xba/0x210 [ 123.838582][ T6818] do_syscall_64+0xf6/0x210 [ 123.838611][ T6818] ? clear_bhb_loop+0x45/0xa0 [ 123.838637][ T6818] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.838658][ T6818] RIP: 0033:0x7fc08d38e969 [ 123.838677][ T6818] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 123.838695][ T6818] RSP: 002b:00007fc08e282038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 123.838717][ T6818] RAX: ffffffffffffffda RBX: 00007fc08d5b5fa0 RCX: 00007fc08d38e969 [ 123.838732][ T6818] RDX: 0000000004008024 RSI: 00002000000003c0 RDI: 0000000000000004 [ 123.838745][ T6818] RBP: 00007fc08e282090 R08: 0000000000000000 R09: 0000000000000000 [ 123.838758][ T6818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 123.838770][ T6818] R13: 0000000000000000 R14: 00007fc08d5b5fa0 R15: 00007fffde19f728 [ 123.838806][ T6818] [ 124.592892][ T6810] sysfs: cannot create duplicate filename '/class/ieee80211/!寿$ULvyآDUDw}zR' [ 124.641241][ T6810] CPU: 0 UID: 0 PID: 6810 Comm: syz.2.230 Not tainted 6.15.0-rc3-syzkaller-00614-g0d15a26b247d #0 PREEMPT(full) [ 124.641269][ T6810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 124.641280][ T6810] Call Trace: [ 124.641288][ T6810] [ 124.641297][ T6810] dump_stack_lvl+0x189/0x250 [ 124.641329][ T6810] ? lockdep_hardirqs_on+0x9c/0x150 [ 124.641355][ T6810] ? __pfx_dump_stack_lvl+0x10/0x10 [ 124.641382][ T6810] ? __pfx__printk+0x10/0x10 [ 124.641405][ T6810] ? kernfs_path_from_node+0x2b/0x260 [ 124.641434][ T6810] ? kernfs_path_from_node+0x216/0x260 [ 124.641463][ T6810] sysfs_warn_dup+0x8e/0xa0 [ 124.641488][ T6810] sysfs_do_create_link_sd+0xc0/0x110 [ 124.641516][ T6810] device_add_class_symlinks+0x1cf/0x240 [ 124.641542][ T6810] device_add+0x475/0xb50 [ 124.641567][ T6810] wiphy_register+0x199a/0x26b0 [ 124.641635][ T6810] ? __pfx_wiphy_register+0x10/0x10 [ 124.641660][ T6810] ? minstrel_ht_alloc+0x893/0x990 [ 124.641699][ T6810] ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0 [ 124.641735][ T6810] ieee80211_register_hw+0x334b/0x4060 [ 124.641772][ T6810] ? ieee80211_register_hw+0x1471/0x4060 [ 124.641804][ T6810] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 124.641829][ T6810] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 124.641860][ T6810] ? __hrtimer_setup+0x187/0x210 [ 124.641887][ T6810] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 124.641921][ T6810] mac80211_hwsim_new_radio+0x2f0e/0x5340 [ 124.641983][ T6810] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 124.642008][ T6810] ? trace_kmalloc+0x1f/0xd0 [ 124.642029][ T6810] ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0 [ 124.642053][ T6810] ? kstrndup+0xbf/0x160 [ 124.642083][ T6810] hwsim_new_radio_nl+0xea4/0x1b10 [ 124.642114][ T6810] ? __pfx___nla_validate_parse+0x10/0x10 [ 124.642161][ T6810] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 124.642204][ T6810] ? __nla_parse+0x40/0x60 [ 124.642229][ T6810] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 124.642263][ T6810] genl_family_rcv_msg_doit+0x212/0x300 [ 124.642295][ T6810] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 124.642333][ T6810] ? bpf_lsm_capable+0x9/0x20 [ 124.642364][ T6810] ? security_capable+0x7e/0x2e0 [ 124.642391][ T6810] genl_rcv_msg+0x60e/0x790 [ 124.642423][ T6810] ? __pfx_genl_rcv_msg+0x10/0x10 [ 124.642445][ T6810] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 124.642489][ T6810] netlink_rcv_skb+0x219/0x490 [ 124.642521][ T6810] ? __pfx_genl_rcv_msg+0x10/0x10 [ 124.642546][ T6810] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 124.642603][ T6810] ? down_read+0x1ad/0x2e0 [ 124.642634][ T6810] genl_rcv+0x28/0x40 [ 124.642655][ T6810] netlink_unicast+0x758/0x8d0 [ 124.642695][ T6810] netlink_sendmsg+0x805/0xb30 [ 124.642725][ T6810] ? __pfx_netlink_sendmsg+0x10/0x10 [ 124.642747][ T6810] ? aa_sock_msg_perm+0x94/0x160 [ 124.642769][ T6810] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 124.642791][ T6810] ? __pfx_netlink_sendmsg+0x10/0x10 [ 124.642810][ T6810] __sock_sendmsg+0x219/0x270 [ 124.642841][ T6810] ____sys_sendmsg+0x505/0x830 [ 124.642869][ T6810] ? __pfx_____sys_sendmsg+0x10/0x10 [ 124.642902][ T6810] ? import_iovec+0x74/0xa0 [ 124.642932][ T6810] ___sys_sendmsg+0x21f/0x2a0 [ 124.642956][ T6810] ? __pfx____sys_sendmsg+0x10/0x10 [ 124.643019][ T6810] ? __fget_files+0x2a/0x420 [ 124.643044][ T6810] ? __fget_files+0x3a0/0x420 [ 124.643082][ T6810] __x64_sys_sendmsg+0x19b/0x260 [ 124.643107][ T6810] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 124.643156][ T6810] ? do_syscall_64+0xba/0x210 [ 124.643187][ T6810] do_syscall_64+0xf6/0x210 [ 124.643215][ T6810] ? clear_bhb_loop+0x45/0xa0 [ 124.643239][ T6810] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.643258][ T6810] RIP: 0033:0x7f9194d8e969 [ 124.643276][ T6810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 124.643292][ T6810] RSP: 002b:00007f9195c24038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 124.643313][ T6810] RAX: ffffffffffffffda RBX: 00007f9194fb5fa0 RCX: 00007f9194d8e969 [ 124.643327][ T6810] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 000000000000000f [ 124.643339][ T6810] RBP: 00007f9194e10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 124.643351][ T6810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 124.643362][ T6810] R13: 0000000000000000 R14: 00007f9194fb5fa0 R15: 00007fffb11c35e8 [ 124.643394][ T6810] [ 125.293497][ T6843] netlink: 4 bytes leftover after parsing attributes in process `syz.0.238'. [ 125.586912][ T6850] syzkaller0: entered promiscuous mode [ 125.597711][ T6850] syzkaller0: entered allmulticast mode [ 126.035792][ T6877] FAULT_INJECTION: forcing a failure. [ 126.035792][ T6877] name failslab, interval 1, probability 0, space 0, times 0 [ 126.058231][ T6876] netlink: 28 bytes leftover after parsing attributes in process `syz.3.248'. [ 126.081298][ T6876] netlink: 8 bytes leftover after parsing attributes in process `syz.3.248'. [ 126.107699][ T6877] CPU: 1 UID: 0 PID: 6877 Comm: syz.0.247 Not tainted 6.15.0-rc3-syzkaller-00614-g0d15a26b247d #0 PREEMPT(full) [ 126.107727][ T6877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 126.107738][ T6877] Call Trace: [ 126.107746][ T6877] [ 126.107754][ T6877] dump_stack_lvl+0x189/0x250 [ 126.107790][ T6877] ? __pfx_dump_stack_lvl+0x10/0x10 [ 126.107818][ T6877] ? __pfx__printk+0x10/0x10 [ 126.107843][ T6877] ? __pfx___might_resched+0x10/0x10 [ 126.107865][ T6877] should_fail_ex+0x414/0x560 [ 126.107900][ T6877] should_failslab+0xa8/0x100 [ 126.107927][ T6877] __kmalloc_cache_noprof+0x70/0x3d0 [ 126.107951][ T6877] ? ovs_nla_get_identifier+0x72/0xd0 [ 126.107984][ T6877] ovs_nla_get_identifier+0x72/0xd0 [ 126.108015][ T6877] ovs_flow_cmd_new+0x436/0xd80 [ 126.108057][ T6877] ? __pfx_ovs_flow_cmd_new+0x10/0x10 [ 126.108140][ T6877] ? __nla_parse+0x40/0x60 [ 126.108165][ T6877] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 126.108205][ T6877] genl_family_rcv_msg_doit+0x212/0x300 [ 126.108236][ T6877] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 126.108274][ T6877] ? bpf_lsm_capable+0x9/0x20 [ 126.108301][ T6877] ? security_capable+0x7e/0x2e0 [ 126.108327][ T6877] genl_rcv_msg+0x60e/0x790 [ 126.108357][ T6877] ? __pfx_genl_rcv_msg+0x10/0x10 [ 126.108379][ T6877] ? __pfx_ovs_flow_cmd_new+0x10/0x10 [ 126.108416][ T6877] netlink_rcv_skb+0x219/0x490 [ 126.108447][ T6877] ? __pfx_genl_rcv_msg+0x10/0x10 [ 126.108473][ T6877] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 126.108525][ T6877] ? down_read+0x1ad/0x2e0 [ 126.108554][ T6877] genl_rcv+0x28/0x40 [ 126.108574][ T6877] netlink_unicast+0x758/0x8d0 [ 126.108613][ T6877] netlink_sendmsg+0x805/0xb30 [ 126.108641][ T6877] ? __pfx_netlink_sendmsg+0x10/0x10 [ 126.108664][ T6877] ? aa_sock_msg_perm+0x94/0x160 [ 126.108685][ T6877] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 126.108706][ T6877] ? __pfx_netlink_sendmsg+0x10/0x10 [ 126.108725][ T6877] __sock_sendmsg+0x219/0x270 [ 126.108755][ T6877] ____sys_sendmsg+0x505/0x830 [ 126.108782][ T6877] ? __pfx_____sys_sendmsg+0x10/0x10 [ 126.108813][ T6877] ? import_iovec+0x74/0xa0 [ 126.108841][ T6877] ___sys_sendmsg+0x21f/0x2a0 [ 126.108865][ T6877] ? __pfx____sys_sendmsg+0x10/0x10 [ 126.108924][ T6877] ? __fget_files+0x2a/0x420 [ 126.108949][ T6877] ? __fget_files+0x3a0/0x420 [ 126.109003][ T6877] __x64_sys_sendmsg+0x19b/0x260 [ 126.109071][ T6877] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 126.109113][ T6877] ? do_syscall_64+0xba/0x210 [ 126.109144][ T6877] do_syscall_64+0xf6/0x210 [ 126.109170][ T6877] ? clear_bhb_loop+0x45/0xa0 [ 126.109195][ T6877] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.109215][ T6877] RIP: 0033:0x7fc08d38e969 [ 126.109234][ T6877] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 126.109250][ T6877] RSP: 002b:00007fc08e282038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 126.109271][ T6877] RAX: ffffffffffffffda RBX: 00007fc08d5b5fa0 RCX: 00007fc08d38e969 [ 126.109283][ T6877] RDX: 000000000000c000 RSI: 0000200000000000 RDI: 0000000000000004 [ 126.109295][ T6877] RBP: 00007fc08e282090 R08: 0000000000000000 R09: 0000000000000000 [ 126.109307][ T6877] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 126.109318][ T6877] R13: 0000000000000000 R14: 00007fc08d5b5fa0 R15: 00007fffde19f728 [ 126.109350][ T6877] [ 126.672252][ T6892] netlink: 4 bytes leftover after parsing attributes in process `syz.4.252'. [ 126.784026][ T6900] openvswitch: netlink: Message has 24 unknown bytes. [ 126.791100][ T6900] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 126.815016][ T6900] netlink: 4 bytes leftover after parsing attributes in process `syz.3.253'. [ 127.161088][ T6916] netlink: 'syz.4.256': attribute type 21 has an invalid length. [ 127.250095][ T6916] netlink: 156 bytes leftover after parsing attributes in process `syz.4.256'. [ 127.691052][ T6937] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 127.836589][ T6943] netlink: 8 bytes leftover after parsing attributes in process `syz.0.264'. [ 127.948713][ T6937] netlink: 248 bytes leftover after parsing attributes in process `syz.0.264'. [ 128.356085][ T6959] netlink: 'syz.2.267': attribute type 15 has an invalid length. [ 128.439861][ T6929] veth0_to_bridge: entered promiscuous mode [ 128.464141][ T6929] __nla_validate_parse: 1 callbacks suppressed [ 128.464160][ T6929] netlink: 212364 bytes leftover after parsing attributes in process `syz.3.263'. [ 128.534444][ T6929] openvswitch: netlink: Message has 5 unknown bytes. [ 128.631065][ T6929] veth0_to_bridge: left promiscuous mode [ 129.002658][ T6980] netlink: 24 bytes leftover after parsing attributes in process `syz.2.272'. [ 129.206033][ T6924] syz.1.260: vmalloc error: size 536870912, failed to allocated page array size 1048576, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 129.275418][ T6924] CPU: 1 UID: 0 PID: 6924 Comm: syz.1.260 Not tainted 6.15.0-rc3-syzkaller-00614-g0d15a26b247d #0 PREEMPT(full) [ 129.275449][ T6924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 129.275461][ T6924] Call Trace: [ 129.275470][ T6924] [ 129.275479][ T6924] dump_stack_lvl+0x189/0x250 [ 129.275518][ T6924] ? __pfx_dump_stack_lvl+0x10/0x10 [ 129.275549][ T6924] ? __pfx__printk+0x10/0x10 [ 129.275570][ T6924] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 129.275605][ T6924] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 129.275642][ T6924] ? cpuset_print_current_mems_allowed+0x2ee/0x360 [ 129.275679][ T6924] warn_alloc+0x214/0x310 [ 129.275724][ T6924] ? __pfx_warn_alloc+0x10/0x10 [ 129.275762][ T6924] ? __get_vm_area_node+0x1c5/0x2d0 [ 129.275787][ T6924] ? __get_vm_area_node+0x25a/0x2d0 [ 129.275822][ T6924] __vmalloc_node_range_noprof+0x5f2/0x12c0 [ 129.275861][ T6924] ? __asan_memset+0x22/0x50 [ 129.275884][ T6924] ? __kernel_text_address+0xd/0x40 [ 129.275934][ T6924] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 129.275964][ T6924] ? __kasan_kmalloc_large+0x1a/0xa0 [ 129.275993][ T6924] ? rcu_is_watching+0x15/0xb0 [ 129.276027][ T6924] ? translate_table+0x198/0x2000 [ 129.276059][ T6924] ? translate_table+0x198/0x2000 [ 129.276087][ T6924] __kvmalloc_node_noprof+0x3a0/0x5e0 [ 129.276116][ T6924] ? translate_table+0x198/0x2000 [ 129.276145][ T6924] ? xt_alloc_table_info+0x3b/0xa0 [ 129.276176][ T6924] translate_table+0x198/0x2000 [ 129.276231][ T6924] ? __pfx_translate_table+0x10/0x10 [ 129.276266][ T6924] ? __might_fault+0xb0/0x130 [ 129.276314][ T6924] ? _copy_from_user+0x94/0xb0 [ 129.276347][ T6924] do_ipt_set_ctl+0x967/0xcd0 [ 129.276387][ T6924] ? rcu_is_watching+0x15/0xb0 [ 129.276418][ T6924] ? __pfx_do_ipt_set_ctl+0x10/0x10 [ 129.276471][ T6924] ? __pfx___mutex_lock+0x10/0x10 [ 129.276499][ T6924] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 129.276524][ T6924] ? aa_sk_perm+0x81e/0x950 [ 129.276559][ T6924] ? file_init_path+0x3b/0x590 [ 129.276590][ T6924] ? __pfx_aa_sk_perm+0x10/0x10 [ 129.276630][ T6924] nf_setsockopt+0x26c/0x290 [ 129.276654][ T6924] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 129.276688][ T6924] do_sock_setsockopt+0x257/0x3e0 [ 129.276718][ T6924] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 129.276738][ T6924] ? __fget_files+0x2a/0x420 [ 129.276770][ T6924] ? __fget_files+0x3a0/0x420 [ 129.276796][ T6924] ? __fget_files+0x2a/0x420 [ 129.276831][ T6924] __x64_sys_setsockopt+0x18b/0x220 [ 129.276859][ T6924] do_syscall_64+0xf6/0x210 [ 129.276889][ T6924] ? clear_bhb_loop+0x45/0xa0 [ 129.276915][ T6924] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 129.276935][ T6924] RIP: 0033:0x7f11e298e969 [ 129.276954][ T6924] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 129.276970][ T6924] RSP: 002b:00007f11e3882038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 129.276993][ T6924] RAX: ffffffffffffffda RBX: 00007f11e2bb5fa0 RCX: 00007f11e298e969 [ 129.277008][ T6924] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000008 [ 129.277020][ T6924] RBP: 00007f11e2a10ab1 R08: 0000000000000330 R09: 0000000000000000 [ 129.277033][ T6924] R10: 0000200000000340 R11: 0000000000000246 R12: 0000000000000000 [ 129.277046][ T6924] R13: 0000000000000000 R14: 00007f11e2bb5fa0 R15: 00007ffcfdf13c98 [ 129.277079][ T6924] [ 129.277099][ T6924] Mem-Info: [ 129.464905][ T6924] active_anon:8415 inactive_anon:0 isolated_anon:0 [ 129.464905][ T6924] active_file:1386 inactive_file:38324 isolated_file:0 [ 129.464905][ T6924] unevictable:768 dirty:253 writeback:0 [ 129.464905][ T6924] slab_reclaimable:9893 slab_unreclaimable:100922 [ 129.464905][ T6924] mapped:28873 shmem:1431 pagetables:1149 [ 129.464905][ T6924] sec_pagetables:0 bounce:0 [ 129.464905][ T6924] kernel_misc_reclaimable:0 [ 129.464905][ T6924] free:1326175 free_pcp:425 free_cma:0 [ 129.617279][ T6989] sysfs: cannot create duplicate filename '/class/ieee80211/!寿$ULvyآDUDw' [ 129.620173][ T6924] Node 0 active_anon:33660kB inactive_anon:0kB active_file:5544kB inactive_file:153224kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:115492kB dirty:1008kB writeback:0kB shmem:4188kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12044kB pagetables:4696kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 129.710976][ T6989] CPU: 0 UID: 0 PID: 6989 Comm: syz.0.276 Not tainted 6.15.0-rc3-syzkaller-00614-g0d15a26b247d #0 PREEMPT(full) [ 129.711008][ T6989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 129.711022][ T6989] Call Trace: [ 129.711032][ T6989] [ 129.711042][ T6989] dump_stack_lvl+0x189/0x250 [ 129.711079][ T6989] ? lockdep_hardirqs_on+0x9c/0x150 [ 129.711108][ T6989] ? __pfx_dump_stack_lvl+0x10/0x10 [ 129.711139][ T6989] ? __pfx__printk+0x10/0x10 [ 129.711164][ T6989] ? kernfs_path_from_node+0x2b/0x260 [ 129.711196][ T6989] ? kernfs_path_from_node+0x216/0x260 [ 129.711229][ T6989] sysfs_warn_dup+0x8e/0xa0 [ 129.711256][ T6989] sysfs_do_create_link_sd+0xc0/0x110 [ 129.711287][ T6989] device_add_class_symlinks+0x1cf/0x240 [ 129.711315][ T6989] device_add+0x475/0xb50 [ 129.711344][ T6989] wiphy_register+0x199a/0x26b0 [ 129.711396][ T6989] ? __pfx_wiphy_register+0x10/0x10 [ 129.711423][ T6989] ? minstrel_ht_alloc+0x893/0x990 [ 129.711466][ T6989] ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0 [ 129.711506][ T6989] ieee80211_register_hw+0x334b/0x4060 [ 129.711547][ T6989] ? ieee80211_register_hw+0x1471/0x4060 [ 129.711584][ T6989] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 129.711612][ T6989] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 129.711646][ T6989] ? __hrtimer_setup+0x187/0x210 [ 129.711679][ T6989] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 129.711721][ T6989] mac80211_hwsim_new_radio+0x2f0e/0x5340 [ 129.711800][ T6989] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 129.711827][ T6989] ? trace_kmalloc+0x1f/0xd0 [ 129.711847][ T6989] ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0 [ 129.711873][ T6989] ? kstrndup+0xbf/0x160 [ 129.711905][ T6989] hwsim_new_radio_nl+0xea4/0x1b10 [ 129.711936][ T6989] ? __pfx___nla_validate_parse+0x10/0x10 [ 129.711976][ T6989] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 129.712016][ T6989] ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0 [ 129.712059][ T6989] ? __nla_parse+0x40/0x60 [ 129.712089][ T6989] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 129.712127][ T6989] genl_family_rcv_msg_doit+0x212/0x300 [ 129.712162][ T6989] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 129.712205][ T6989] ? bpf_lsm_capable+0x9/0x20 [ 129.712232][ T6989] ? security_capable+0x7e/0x2e0 [ 129.712262][ T6989] genl_rcv_msg+0x60e/0x790 [ 129.712296][ T6989] ? __pfx_genl_rcv_msg+0x10/0x10 [ 129.712320][ T6989] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 129.712368][ T6989] netlink_rcv_skb+0x219/0x490 [ 129.712402][ T6989] ? __pfx_genl_rcv_msg+0x10/0x10 [ 129.712429][ T6989] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 129.712491][ T6989] ? down_read+0x1ad/0x2e0 [ 129.712524][ T6989] genl_rcv+0x28/0x40 [ 129.712547][ T6989] netlink_unicast+0x758/0x8d0 [ 129.712591][ T6989] netlink_sendmsg+0x805/0xb30 [ 129.712623][ T6989] ? __pfx_netlink_sendmsg+0x10/0x10 [ 129.712648][ T6989] ? aa_sock_msg_perm+0x94/0x160 [ 129.712671][ T6989] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 129.712694][ T6989] ? __pfx_netlink_sendmsg+0x10/0x10 [ 129.712724][ T6989] __sock_sendmsg+0x219/0x270 [ 129.712763][ T6989] ____sys_sendmsg+0x505/0x830 [ 129.712789][ T6989] ? __pfx_____sys_sendmsg+0x10/0x10 [ 129.712819][ T6989] ? import_iovec+0x74/0xa0 [ 129.712846][ T6989] ___sys_sendmsg+0x21f/0x2a0 [ 129.712868][ T6989] ? __pfx____sys_sendmsg+0x10/0x10 [ 129.712927][ T6989] ? __fget_files+0x2a/0x420 [ 129.712948][ T6989] ? __fget_files+0x3a0/0x420 [ 129.712983][ T6989] __x64_sys_sendmsg+0x19b/0x260 [ 129.713008][ T6989] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 129.713049][ T6989] ? do_syscall_64+0xba/0x210 [ 129.713078][ T6989] do_syscall_64+0xf6/0x210 [ 129.713103][ T6989] ? clear_bhb_loop+0x45/0xa0 [ 129.713127][ T6989] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 129.713146][ T6989] RIP: 0033:0x7fc08d38e969 [ 129.713164][ T6989] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 129.713181][ T6989] RSP: 002b:00007fc08e282038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 129.713201][ T6989] RAX: ffffffffffffffda RBX: 00007fc08d5b5fa0 RCX: 00007fc08d38e969 [ 129.713216][ T6989] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000004 [ 129.713228][ T6989] RBP: 00007fc08d410ab1 R08: 0000000000000000 R09: 0000000000000000 [ 129.713239][ T6989] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 129.713250][ T6989] R13: 0000000000000000 R14: 00007fc08d5b5fa0 R15: 00007fffde19f728 [ 129.713283][ T6989] [ 129.759224][ T6924] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 130.158466][ T7001] netlink: 65047 bytes leftover after parsing attributes in process `syz.4.279'. [ 130.199445][ T6924] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 130.199528][ T6924] lowmem_reserve[]: 0 2504 2504 2504 2504 [ 130.199578][ T6924] Node 0 DMA32 free:1375852kB boost:0kB min:34304kB low:42880kB high:51456kB reserved_highatomic:0KB active_anon:33536kB inactive_anon:0kB active_file:5544kB inactive_file:153132kB unevictable:1536kB writepending:1012kB present:3129332kB managed:2564128kB mlocked:0kB bounce:0kB free_pcp:2128kB local_pcp:1412kB free_cma:0kB [ 130.199648][ T6924] lowmem_reserve[]: 0 0 0 0 0 [ 130.199704][ T6924] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:8kB inactive_anon:0kB active_file:0kB inactive_file:92kB unevictable:0kB writepending:0kB present:1048580kB managed:108kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB [ 130.199759][ T6924] lowmem_reserve[]: 0 0 0 0 0 [ 130.199804][ T6924] Node 1 Normal free:3912260kB boost:0kB min:55592kB low:69488kB high:83384kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:96kB local_pcp:0kB free_cma:0kB [ 130.199859][ T6924] lowmem_reserve[]: 0 0 0 0 0 [ 130.199903][ T6924] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 130.200048][ T6924] Node 0 DMA32: 25*4kB (M) 53*8kB (UME) 46*16kB (ME) 52*32kB (UME) 26*64kB (UME) 21*128kB (UME) 10*256kB (M) 6*512kB (ME) 1*1024kB (M) 1*2048kB (M) 332*4096kB (M) = 1375852kB [ 130.200251][ T6924] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 130.200373][ T6924] Node 1 Normal: 223*4kB (UME) 53*8kB (UME) 36*16kB (UME) 191*32kB (UME) 86*64kB (UME) 33*128kB (UME) 15*256kB (UM) 11*512kB (UME) 4*1024kB (UME) 3*2048kB (UE) 946*4096kB (M) = 3912260kB [ 130.200575][ T6924] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 130.200594][ T6924] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 130.200612][ T6924] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 130.200631][ T6924] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 130.200650][ T6924] 41144 total pagecache pages [ 130.200666][ T6924] 0 pages in swap cache [ 130.200675][ T6924] Free swap = 124996kB [ 130.200684][ T6924] Total swap = 124996kB [ 130.200694][ T6924] 2097051 pages RAM [ 130.200703][ T6924] 0 pages HighMem/MovableOnly [ 130.200712][ T6924] 424361 pages reserved [ 130.200721][ T6924] 0 pages cma reserved [ 130.820780][ T7015] netlink: 'syz.2.283': attribute type 10 has an invalid length. [ 130.828671][ T7015] netlink: 40 bytes leftover after parsing attributes in process `syz.2.283'. [ 130.881865][ T7016] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw [ 130.943687][ T7015] team0: Port device geneve0 added [ 131.058869][ T7021] sctp: [Deprecated]: syz.3.285 (pid 7021) Use of struct sctp_assoc_value in delayed_ack socket option. [ 131.058869][ T7021] Use struct sctp_sack_info instead [ 131.336154][ T5496] dhcpcd (5496) used greatest stack depth: 19992 bytes left [ 131.404003][ T7027] netlink: 28 bytes leftover after parsing attributes in process `syz.0.287'. [ 131.436579][ T7027] netlink: 28 bytes leftover after parsing attributes in process `syz.0.287'. [ 131.673342][ T7041] FAULT_INJECTION: forcing a failure. [ 131.673342][ T7041] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 131.732075][ T7041] CPU: 0 UID: 0 PID: 7041 Comm: syz.3.290 Not tainted 6.15.0-rc3-syzkaller-00614-g0d15a26b247d #0 PREEMPT(full) [ 131.732100][ T7041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 131.732110][ T7041] Call Trace: [ 131.732117][ T7041] [ 131.732124][ T7041] dump_stack_lvl+0x189/0x250 [ 131.732151][ T7041] ? __lock_acquire+0xaac/0xd20 [ 131.732179][ T7041] ? __pfx_dump_stack_lvl+0x10/0x10 [ 131.732201][ T7041] ? __pfx__printk+0x10/0x10 [ 131.732218][ T7041] ? __might_fault+0xb0/0x130 [ 131.732247][ T7041] should_fail_ex+0x414/0x560 [ 131.732276][ T7041] _copy_from_iter+0x1db/0x15a0 [ 131.732300][ T7041] ? trace_kmem_cache_alloc+0x1f/0xc0 [ 131.732318][ T7041] ? kmem_cache_alloc_node_noprof+0x217/0x3c0 [ 131.732341][ T7041] ? __pfx__copy_from_iter+0x10/0x10 [ 131.732363][ T7041] ? __build_skb_around+0x257/0x3e0 [ 131.732384][ T7041] ? netlink_sendmsg+0x642/0xb30 [ 131.732398][ T7041] ? skb_put+0x11b/0x210 [ 131.732415][ T7041] netlink_sendmsg+0x6b2/0xb30 [ 131.732439][ T7041] ? __pfx_netlink_sendmsg+0x10/0x10 [ 131.732458][ T7041] ? aa_sock_msg_perm+0x94/0x160 [ 131.732477][ T7041] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 131.732494][ T7041] ? __pfx_netlink_sendmsg+0x10/0x10 [ 131.732512][ T7041] __sock_sendmsg+0x219/0x270 [ 131.732537][ T7041] ____sys_sendmsg+0x505/0x830 [ 131.732561][ T7041] ? __pfx_____sys_sendmsg+0x10/0x10 [ 131.732587][ T7041] ? import_iovec+0x74/0xa0 [ 131.732614][ T7041] ___sys_sendmsg+0x21f/0x2a0 [ 131.732639][ T7041] ? __pfx____sys_sendmsg+0x10/0x10 [ 131.732667][ T7041] ? rcu_read_lock_any_held+0xb3/0x120 [ 131.732700][ T7041] ? sb_end_write+0xe9/0x1c0 [ 131.732741][ T7041] ? __pfx_vfs_write+0x10/0x10 [ 131.732782][ T7041] __x64_sys_sendmsg+0x19b/0x260 [ 131.732807][ T7041] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 131.732847][ T7041] ? do_syscall_64+0xba/0x210 [ 131.732877][ T7041] do_syscall_64+0xf6/0x210 [ 131.732904][ T7041] ? clear_bhb_loop+0x45/0xa0 [ 131.732929][ T7041] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 131.732949][ T7041] RIP: 0033:0x7fd54238e969 [ 131.732968][ T7041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 131.732985][ T7041] RSP: 002b:00007fd543182038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 131.733006][ T7041] RAX: ffffffffffffffda RBX: 00007fd5425b5fa0 RCX: 00007fd54238e969 [ 131.733021][ T7041] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000008 [ 131.733033][ T7041] RBP: 00007fd543182090 R08: 0000000000000000 R09: 0000000000000000 [ 131.733045][ T7041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 131.733057][ T7041] R13: 0000000000000000 R14: 00007fd5425b5fa0 R15: 00007fff6a3e08b8 [ 131.733087][ T7041] [ 132.043680][ T7035] syzkaller0: entered promiscuous mode [ 132.049262][ T7035] syzkaller0: entered allmulticast mode [ 132.521742][ T7059] netlink: 4 bytes leftover after parsing attributes in process `syz.1.295'. [ 132.541820][ T7058] netlink: 8 bytes leftover after parsing attributes in process `syz.2.294'. [ 132.586160][ T7060] netlink: 12 bytes leftover after parsing attributes in process `syz.1.295'. [ 132.923957][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.930879][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.578754][ T7053] veth3: entered allmulticast mode [ 133.649429][ T7055] 8021q: adding VLAN 0 to HW filter on device bond0 [ 133.664365][ T7055] 8021q: adding VLAN 0 to HW filter on device team0 [ 133.675632][ T7055] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 133.916630][ T7073] lo speed is unknown, defaulting to 1000 [ 134.022560][ T7084] netlink: 8 bytes leftover after parsing attributes in process `syz.0.300'. [ 134.083502][ T7090] netlink: 28 bytes leftover after parsing attributes in process `syz.3.302'. [ 134.313730][ T7101] netlink: 'syz.0.307': attribute type 101 has an invalid length. [ 134.351442][ T7101] netlink: 'syz.0.307': attribute type 39 has an invalid length. [ 134.892542][ T7129] FAULT_INJECTION: forcing a failure. [ 134.892542][ T7129] name failslab, interval 1, probability 0, space 0, times 0 [ 134.931586][ T7129] CPU: 1 UID: 0 PID: 7129 Comm: syz.1.315 Not tainted 6.15.0-rc3-syzkaller-00614-g0d15a26b247d #0 PREEMPT(full) [ 134.931616][ T7129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 134.931628][ T7129] Call Trace: [ 134.931636][ T7129] [ 134.931645][ T7129] dump_stack_lvl+0x189/0x250 [ 134.931683][ T7129] ? __pfx_dump_stack_lvl+0x10/0x10 [ 134.931712][ T7129] ? __pfx__printk+0x10/0x10 [ 134.931740][ T7129] ? __ip_dev_find+0x444/0x4e0 [ 134.931765][ T7129] should_fail_ex+0x414/0x560 [ 134.931802][ T7129] should_failslab+0xa8/0x100 [ 134.931831][ T7129] kmem_cache_alloc_noprof+0x73/0x3c0 [ 134.931854][ T7129] ? dst_alloc+0x105/0x170 [ 134.931886][ T7129] dst_alloc+0x105/0x170 [ 134.931907][ T7129] ? ip_check_mc_rcu+0x4c7/0x680 [ 134.931931][ T7129] ip_route_output_key_hash_rcu+0x1482/0x23a0 [ 134.931966][ T7129] ? ip_route_output_key_hash+0xde/0x2e0 [ 134.931992][ T7129] ip_route_output_key_hash+0x1b9/0x2e0 [ 134.932020][ T7129] ? __pfx_ip_route_output_key_hash+0x10/0x10 [ 134.932063][ T7129] ip_route_output_flow+0x2a/0x150 [ 134.932082][ T7129] ? security_sk_classify_flow+0x70/0x180 [ 134.932112][ T7129] udp_sendmsg+0x13dd/0x22e0 [ 134.932138][ T7129] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 134.932184][ T7129] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 134.932208][ T7129] ? __pfx_udp_sendmsg+0x10/0x10 [ 134.932248][ T7129] ? count_memcg_event_mm+0x92/0x3b0 [ 134.932270][ T7129] ? __pfx_count_memcg_event_mm+0x10/0x10 [ 134.932313][ T7129] ? __pfx_aa_sk_perm+0x10/0x10 [ 134.932340][ T7129] ? tomoyo_socket_sendmsg_permission+0x1e1/0x300 [ 134.932367][ T7129] ? sock_rps_record_flow+0x19/0x410 [ 134.932396][ T7129] ? inet_sendmsg+0x29c/0x370 [ 134.932417][ T7129] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 134.932444][ T7129] __sock_sendmsg+0x19c/0x270 [ 134.932474][ T7129] ____sys_sendmsg+0x52d/0x830 [ 134.932504][ T7129] ? __pfx_____sys_sendmsg+0x10/0x10 [ 134.932536][ T7129] ? import_iovec+0x74/0xa0 [ 134.932572][ T7129] ___sys_sendmsg+0x21f/0x2a0 [ 134.932597][ T7129] ? __pfx____sys_sendmsg+0x10/0x10 [ 134.932660][ T7129] ? __fget_files+0x2a/0x420 [ 134.932685][ T7129] ? __fget_files+0x3a0/0x420 [ 134.932722][ T7129] __sys_sendmmsg+0x227/0x430 [ 134.932751][ T7129] ? __pfx___sys_sendmmsg+0x10/0x10 [ 134.932784][ T7129] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 134.932830][ T7129] ? ksys_write+0x1f0/0x250 [ 134.932851][ T7129] ? rcu_is_watching+0x15/0xb0 [ 134.932892][ T7129] __x64_sys_sendmmsg+0xa0/0xc0 [ 134.932918][ T7129] do_syscall_64+0xf6/0x210 [ 134.932945][ T7129] ? clear_bhb_loop+0x45/0xa0 [ 134.932971][ T7129] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 134.932990][ T7129] RIP: 0033:0x7f11e298e969 [ 134.933009][ T7129] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 134.933027][ T7129] RSP: 002b:00007f11e3882038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 134.933048][ T7129] RAX: ffffffffffffffda RBX: 00007f11e2bb5fa0 RCX: 00007f11e298e969 [ 134.933063][ T7129] RDX: 000000000800001d RSI: 0000200000007fc0 RDI: 0000000000000003 [ 134.933076][ T7129] RBP: 00007f11e3882090 R08: 0000000000000000 R09: 0000000000000000 [ 134.933088][ T7129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 134.933100][ T7129] R13: 0000000000000000 R14: 00007f11e2bb5fa0 R15: 00007ffcfdf13c98 [ 134.933133][ T7129] [ 135.362249][ T7129] netlink: 4 bytes leftover after parsing attributes in process `syz.1.315'. [ 135.426259][ T7136] netlink: 8 bytes leftover after parsing attributes in process `syz.2.316'. [ 135.461170][ T7134] FAULT_INJECTION: forcing a failure. [ 135.461170][ T7134] name failslab, interval 1, probability 0, space 0, times 0 [ 135.515201][ T7134] CPU: 0 UID: 0 PID: 7134 Comm: syz.3.318 Not tainted 6.15.0-rc3-syzkaller-00614-g0d15a26b247d #0 PREEMPT(full) [ 135.515232][ T7134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 135.515245][ T7134] Call Trace: [ 135.515253][ T7134] [ 135.515262][ T7134] dump_stack_lvl+0x189/0x250 [ 135.515300][ T7134] ? __pfx_dump_stack_lvl+0x10/0x10 [ 135.515329][ T7134] ? __pfx__printk+0x10/0x10 [ 135.515349][ T7134] ? __lock_acquire+0xaac/0xd20 [ 135.515391][ T7134] should_fail_ex+0x414/0x560 [ 135.515428][ T7134] should_failslab+0xa8/0x100 [ 135.515458][ T7134] __kmalloc_cache_noprof+0x70/0x3d0 [ 135.515484][ T7134] ? sctp_inet6addr_event+0x37f/0x740 [ 135.515516][ T7134] sctp_inet6addr_event+0x37f/0x740 [ 135.515544][ T7134] notifier_call_chain+0x1b3/0x3e0 [ 135.515567][ T7134] ? atomic_notifier_call_chain+0x26/0x180 [ 135.515590][ T7134] atomic_notifier_call_chain+0xda/0x180 [ 135.515612][ T7134] ipv6_add_addr+0xda9/0x1090 [ 135.515644][ T7134] ? __pfx_ipv6_add_addr+0x10/0x10 [ 135.515674][ T7134] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 135.515713][ T7134] add_addr+0x8b/0x2d0 [ 135.515744][ T7134] addrconf_init_auto_addrs+0x431/0xb80 [ 135.515768][ T7134] ? __pfx_addrconf_init_auto_addrs+0x10/0x10 [ 135.515791][ T7134] ? __pfx___mutex_trylock_common+0x10/0x10 [ 135.515818][ T7134] ? rcu_is_watching+0x15/0xb0 [ 135.515860][ T7134] ? tee_netdev_event+0x436/0x450 [ 135.515893][ T7134] ? __mutex_unlock_slowpath+0x1cd/0x700 [ 135.515923][ T7134] ? __pfx___mutex_lock+0x10/0x10 [ 135.515949][ T7134] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 135.515974][ T7134] ? tls_dev_event+0x717/0xec0 [ 135.516018][ T7134] ? addrconf_link_ready+0x112/0x170 [ 135.516044][ T7134] addrconf_notify+0xacc/0x1010 [ 135.516071][ T7134] notifier_call_chain+0x1b3/0x3e0 [ 135.516099][ T7134] netif_state_change+0x284/0x3a0 [ 135.516128][ T7134] ? lockdep_hardirqs_on+0x9c/0x150 [ 135.516153][ T7134] ? __pfx_netif_state_change+0x10/0x10 [ 135.516189][ T7134] ? __nla_parse+0x40/0x60 [ 135.516217][ T7134] do_setlink+0x2eb6/0x40d0 [ 135.516254][ T7134] ? __pfx_do_setlink+0x10/0x10 [ 135.516271][ T7134] ? do_raw_spin_lock+0x121/0x290 [ 135.516306][ T7134] ? lockdep_hardirqs_on+0x9c/0x150 [ 135.516332][ T7134] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 135.516356][ T7134] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 135.516384][ T7134] ? rcu_is_watching+0x15/0xb0 [ 135.516417][ T7134] ? __mutex_lock+0xa6d/0xe80 [ 135.516444][ T7134] ? __mutex_lock+0x51b/0xe80 [ 135.516476][ T7134] ? rtnl_newlink+0x8db/0x1c70 [ 135.516515][ T7134] ? __pfx___mutex_lock+0x10/0x10 [ 135.516553][ T7134] ? ns_capable+0x8a/0xf0 [ 135.516574][ T7134] ? rtnl_link_get_net_capable+0x16a/0x350 [ 135.516597][ T7134] rtnl_newlink+0x149f/0x1c70 [ 135.516627][ T7134] ? __kasan_slab_free+0x62/0x70 [ 135.516665][ T7134] ? __pfx_rtnl_newlink+0x10/0x10 [ 135.516725][ T7134] ? kasan_quarantine_put+0xdd/0x220 [ 135.516746][ T7134] ? lockdep_hardirqs_on+0x9c/0x150 [ 135.516776][ T7134] ? nlmon_xmit+0xb0/0x100 [ 135.516800][ T7134] ? kmem_cache_free+0x192/0x3f0 [ 135.516833][ T7134] ? __local_bh_enable_ip+0x12d/0x1c0 [ 135.516864][ T7134] ? lockdep_hardirqs_on+0x9c/0x150 [ 135.516890][ T7134] ? __local_bh_enable_ip+0x12d/0x1c0 [ 135.516921][ T7134] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 135.516961][ T7134] ? aa_get_newest_label+0xf7/0x5d0 [ 135.516986][ T7134] ? __lock_acquire+0xaac/0xd20 [ 135.517040][ T7134] ? __pfx_rtnl_newlink+0x10/0x10 [ 135.517069][ T7134] rtnetlink_rcv_msg+0x7cc/0xb70 [ 135.517102][ T7134] ? rtnetlink_rcv_msg+0x1ab/0xb70 [ 135.517130][ T7134] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 135.517164][ T7134] ? ref_tracker_free+0x63a/0x7d0 [ 135.517182][ T7134] ? __copy_skb_header+0xa7/0x550 [ 135.517215][ T7134] netlink_rcv_skb+0x219/0x490 [ 135.517247][ T7134] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 135.517278][ T7134] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 135.517330][ T7134] ? netlink_deliver_tap+0x2e/0x1b0 [ 135.517360][ T7134] ? netlink_deliver_tap+0x2e/0x1b0 [ 135.517397][ T7134] netlink_unicast+0x758/0x8d0 [ 135.517438][ T7134] netlink_sendmsg+0x805/0xb30 [ 135.517468][ T7134] ? __pfx_netlink_sendmsg+0x10/0x10 [ 135.517498][ T7134] ? aa_sock_msg_perm+0x94/0x160 [ 135.517521][ T7134] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 135.517542][ T7134] ? __pfx_netlink_sendmsg+0x10/0x10 [ 135.517566][ T7134] __sock_sendmsg+0x219/0x270 [ 135.517599][ T7134] ____sys_sendmsg+0x505/0x830 [ 135.517628][ T7134] ? __pfx_____sys_sendmsg+0x10/0x10 [ 135.517660][ T7134] ? import_iovec+0x74/0xa0 [ 135.517690][ T7134] ___sys_sendmsg+0x21f/0x2a0 [ 135.517714][ T7134] ? __pfx____sys_sendmsg+0x10/0x10 [ 135.517777][ T7134] ? __fget_files+0x2a/0x420 [ 135.517802][ T7134] ? __fget_files+0x3a0/0x420 [ 135.517840][ T7134] __x64_sys_sendmsg+0x19b/0x260 [ 135.517866][ T7134] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 135.517908][ T7134] ? do_syscall_64+0xba/0x210 [ 135.517940][ T7134] do_syscall_64+0xf6/0x210 [ 135.517968][ T7134] ? clear_bhb_loop+0x45/0xa0 [ 135.517994][ T7134] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 135.518014][ T7134] RIP: 0033:0x7fd54238e969 [ 135.518031][ T7134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 135.518049][ T7134] RSP: 002b:00007fd543182038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 135.518070][ T7134] RAX: ffffffffffffffda RBX: 00007fd5425b5fa0 RCX: 00007fd54238e969 [ 135.518085][ T7134] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003 [ 135.518098][ T7134] RBP: 00007fd543182090 R08: 0000000000000000 R09: 0000000000000000 [ 135.518111][ T7134] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 135.518123][ T7134] R13: 0000000000000000 R14: 00007fd5425b5fa0 R15: 00007fff6a3e08b8 [ 135.518155][ T7134] [ 136.095875][ T7130] lo speed is unknown, defaulting to 1000 [ 136.272997][ T7153] syzkaller1: entered allmulticast mode [ 136.325187][ T7153] lo speed is unknown, defaulting to 1000 [ 136.565527][ T5881] lo speed is unknown, defaulting to 1000 [ 136.695591][ T7170] netlink: 'syz.3.329': attribute type 10 has an invalid length. [ 136.728229][ T7170] netlink: 40 bytes leftover after parsing attributes in process `syz.3.329'. [ 136.789712][ T7170] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 136.819201][ T7170] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 136.831178][ T7175] FAULT_INJECTION: forcing a failure. [ 136.831178][ T7175] name failslab, interval 1, probability 0, space 0, times 0 [ 136.853111][ T7175] CPU: 1 UID: 0 PID: 7175 Comm: syz.2.333 Not tainted 6.15.0-rc3-syzkaller-00614-g0d15a26b247d #0 PREEMPT(full) [ 136.853146][ T7175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 136.853158][ T7175] Call Trace: [ 136.853166][ T7175] [ 136.853173][ T7175] dump_stack_lvl+0x189/0x250 [ 136.853210][ T7175] ? __pfx_dump_stack_lvl+0x10/0x10 [ 136.853238][ T7175] ? __pfx__printk+0x10/0x10 [ 136.853263][ T7175] ? __pfx___might_resched+0x10/0x10 [ 136.853286][ T7175] should_fail_ex+0x414/0x560 [ 136.853321][ T7175] should_failslab+0xa8/0x100 [ 136.853349][ T7175] __kmalloc_cache_noprof+0x70/0x3d0 [ 136.853373][ T7175] ? subflow_ulp_init+0xd0/0x5c0 [ 136.853397][ T7175] subflow_ulp_init+0xd0/0x5c0 [ 136.853415][ T7175] ? tcp_set_ulp+0xb1/0x5f0 [ 136.853438][ T7175] tcp_set_ulp+0x539/0x5f0 [ 136.853459][ T7175] mptcp_subflow_create_socket+0x5c5/0xb40 [ 136.853500][ T7175] ? __pfx_mptcp_subflow_create_socket+0x10/0x10 [ 136.853532][ T7175] ? aa_label_sk_perm+0x413/0x560 [ 136.853572][ T7175] __mptcp_nmpc_sk+0x148/0x750 [ 136.853605][ T7175] ? __pfx___mptcp_nmpc_sk+0x10/0x10 [ 136.853641][ T7175] ? look_up_lock_class+0x74/0x170 [ 136.853670][ T7175] mptcp_connect+0x70/0xc10 [ 136.853701][ T7175] __inet_stream_connect+0x295/0xf10 [ 136.853739][ T7175] ? __local_bh_enable_ip+0x12d/0x1c0 [ 136.853769][ T7175] ? __pfx___inet_stream_connect+0x10/0x10 [ 136.853795][ T7175] ? __local_bh_enable_ip+0x12d/0x1c0 [ 136.853824][ T7175] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 136.853865][ T7175] inet_stream_connect+0x66/0xa0 [ 136.853894][ T7175] __sys_connect+0x313/0x440 [ 136.853925][ T7175] ? do_sys_openat2+0x154/0x1c0 [ 136.853953][ T7175] ? __pfx___sys_connect+0x10/0x10 [ 136.853997][ T7175] __x64_sys_connect+0x7a/0x90 [ 136.854021][ T7175] do_syscall_64+0xf6/0x210 [ 136.854042][ T7175] ? clear_bhb_loop+0x45/0xa0 [ 136.854061][ T7175] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 136.854076][ T7175] RIP: 0033:0x7f9194d8e969 [ 136.854090][ T7175] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 136.854103][ T7175] RSP: 002b:00007f9195c24038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 136.854119][ T7175] RAX: ffffffffffffffda RBX: 00007f9194fb5fa0 RCX: 00007f9194d8e969 [ 136.854136][ T7175] RDX: 0000000000000010 RSI: 0000200000000000 RDI: 0000000000000008 [ 136.854146][ T7175] RBP: 00007f9195c24090 R08: 0000000000000000 R09: 0000000000000000 [ 136.854156][ T7175] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 136.854166][ T7175] R13: 0000000000000000 R14: 00007f9194fb5fa0 R15: 00007fffb11c35e8 [ 136.854191][ T7175] [ 136.855112][ T7170] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 136.896295][ T7182] netlink: 'syz.4.335': attribute type 4 has an invalid length. [ 136.904556][ T7170] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.174857][ T7170] team0: Port device geneve0 added [ 137.572530][ T7206] netlink: 20 bytes leftover after parsing attributes in process `syz.2.340'. [ 137.598026][ T7212] netlink: 'syz.4.342': attribute type 1 has an invalid length. [ 137.606241][ T7212] netlink: 'syz.4.342': attribute type 2 has an invalid length. [ 137.636958][ T7206] sch_tbf: burst 1 is lower than device ip6tnl0 mtu (1452) ! [ 137.767296][ T7206] netlink: 28 bytes leftover after parsing attributes in process `syz.2.340'. [ 137.846213][ T7219] dvmrp1: entered allmulticast mode [ 137.903747][ T7219] IPVS: set_ctl: invalid protocol: 135 127.0.0.1:20002 [ 138.222430][ T7242] netlink: 4 bytes leftover after parsing attributes in process `syz.0.353'. [ 138.233675][ T7239] netlink: 24 bytes leftover after parsing attributes in process `syz.3.355'. [ 138.272986][ T7242] sysfs: cannot create duplicate filename '/class/ieee80211/!寿$ULvyآDUDw}zR' [ 138.290455][ T7246] x_tables: ip6_tables: tcpmss match: only valid for protocol 6 [ 138.346283][ T7242] CPU: 0 UID: 0 PID: 7242 Comm: syz.0.353 Not tainted 6.15.0-rc3-syzkaller-00614-g0d15a26b247d #0 PREEMPT(full) [ 138.346316][ T7242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 138.346330][ T7242] Call Trace: [ 138.346339][ T7242] [ 138.346348][ T7242] dump_stack_lvl+0x189/0x250 [ 138.346385][ T7242] ? lockdep_hardirqs_on+0x9c/0x150 [ 138.346413][ T7242] ? __pfx_dump_stack_lvl+0x10/0x10 [ 138.346444][ T7242] ? __pfx__printk+0x10/0x10 [ 138.346469][ T7242] ? kernfs_path_from_node+0x2b/0x260 [ 138.346503][ T7242] ? kernfs_path_from_node+0x216/0x260 [ 138.346535][ T7242] sysfs_warn_dup+0x8e/0xa0 [ 138.346563][ T7242] sysfs_do_create_link_sd+0xc0/0x110 [ 138.346595][ T7242] device_add_class_symlinks+0x1cf/0x240 [ 138.346624][ T7242] device_add+0x475/0xb50 [ 138.346652][ T7242] wiphy_register+0x199a/0x26b0 [ 138.346703][ T7242] ? __pfx_wiphy_register+0x10/0x10 [ 138.346731][ T7242] ? minstrel_ht_alloc+0x893/0x990 [ 138.346774][ T7242] ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0 [ 138.346813][ T7242] ieee80211_register_hw+0x334b/0x4060 [ 138.346853][ T7242] ? ieee80211_register_hw+0x1471/0x4060 [ 138.346889][ T7242] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 138.346917][ T7242] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 138.346950][ T7242] ? __hrtimer_setup+0x187/0x210 [ 138.346997][ T7242] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 138.347034][ T7242] mac80211_hwsim_new_radio+0x2f0e/0x5340 [ 138.347098][ T7242] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 138.347127][ T7242] ? trace_kmalloc+0x1f/0xd0 [ 138.347149][ T7242] ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0 [ 138.347176][ T7242] ? kstrndup+0xbf/0x160 [ 138.347207][ T7242] hwsim_new_radio_nl+0xea4/0x1b10 [ 138.347241][ T7242] ? __pfx___nla_validate_parse+0x10/0x10 [ 138.347280][ T7242] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 138.347318][ T7242] ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0 [ 138.347356][ T7242] ? __nla_parse+0x40/0x60 [ 138.347383][ T7242] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 138.347419][ T7242] genl_family_rcv_msg_doit+0x212/0x300 [ 138.347454][ T7242] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 138.347494][ T7242] ? bpf_lsm_capable+0x9/0x20 [ 138.347521][ T7242] ? security_capable+0x7e/0x2e0 [ 138.347548][ T7242] genl_rcv_msg+0x60e/0x790 [ 138.347580][ T7242] ? __pfx_genl_rcv_msg+0x10/0x10 [ 138.347603][ T7242] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 138.347647][ T7242] netlink_rcv_skb+0x219/0x490 [ 138.347681][ T7242] ? __pfx_genl_rcv_msg+0x10/0x10 [ 138.347708][ T7242] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 138.347767][ T7242] ? down_read+0x1ad/0x2e0 [ 138.347799][ T7242] genl_rcv+0x28/0x40 [ 138.347822][ T7242] netlink_unicast+0x758/0x8d0 [ 138.347864][ T7242] netlink_sendmsg+0x805/0xb30 [ 138.347894][ T7242] ? __pfx_netlink_sendmsg+0x10/0x10 [ 138.347919][ T7242] ? aa_sock_msg_perm+0x94/0x160 [ 138.347942][ T7242] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 138.347976][ T7242] ? __pfx_netlink_sendmsg+0x10/0x10 [ 138.347996][ T7242] __sock_sendmsg+0x219/0x270 [ 138.348030][ T7242] ____sys_sendmsg+0x505/0x830 [ 138.348060][ T7242] ? __pfx_____sys_sendmsg+0x10/0x10 [ 138.348092][ T7242] ? import_iovec+0x74/0xa0 [ 138.348124][ T7242] ___sys_sendmsg+0x21f/0x2a0 [ 138.348149][ T7242] ? __pfx____sys_sendmsg+0x10/0x10 [ 138.348214][ T7242] ? __fget_files+0x2a/0x420 [ 138.348239][ T7242] ? __fget_files+0x3a0/0x420 [ 138.348279][ T7242] __x64_sys_sendmsg+0x19b/0x260 [ 138.348307][ T7242] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 138.348350][ T7242] ? do_syscall_64+0xba/0x210 [ 138.348382][ T7242] do_syscall_64+0xf6/0x210 [ 138.348411][ T7242] ? clear_bhb_loop+0x45/0xa0 [ 138.348438][ T7242] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 138.348458][ T7242] RIP: 0033:0x7fc08d38e969 [ 138.348478][ T7242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 138.348496][ T7242] RSP: 002b:00007fc08e261038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 138.348518][ T7242] RAX: ffffffffffffffda RBX: 00007fc08d5b6080 RCX: 00007fc08d38e969 [ 138.348534][ T7242] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 000000000000000f [ 138.348548][ T7242] RBP: 00007fc08d410ab1 R08: 0000000000000000 R09: 0000000000000000 [ 138.348561][ T7242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 138.348573][ T7242] R13: 0000000000000000 R14: 00007fc08d5b6080 R15: 00007fffde19f728 [ 138.348607][ T7242] [ 138.920599][ T7239] bond1: entered promiscuous mode [ 138.944312][ T7239] 8021q: adding VLAN 0 to HW filter on device bond1 [ 139.156559][ T7273] netlink: 52 bytes leftover after parsing attributes in process `syz.2.363'. [ 139.223082][ T7239] bond1 (unregistering): Released all slaves [ 139.260682][ T7251] bridge0: port 3(hsr0) entered blocking state [ 139.267005][ T7251] bridge0: port 3(hsr0) entered disabled state [ 139.284128][ T7251] hsr0: entered allmulticast mode [ 139.292524][ T7251] hsr_slave_0: entered allmulticast mode [ 139.303185][ T7251] hsr_slave_1: entered allmulticast mode [ 139.340024][ T7251] hsr0: entered promiscuous mode [ 139.357400][ T7251] bridge0: port 3(hsr0) entered blocking state [ 139.363749][ T7251] bridge0: port 3(hsr0) entered forwarding state [ 139.760820][ T7301] netlink: 'syz.2.374': attribute type 1 has an invalid length. [ 139.904410][ T7301] 8021q: adding VLAN 0 to HW filter on device bond1 [ 140.007240][ T7303] 8021q: adding VLAN 0 to HW filter on device bond1 [ 140.015686][ T7303] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address [ 140.028226][ T7303] bond1: (slave vxcan3): Error -95 calling set_mac_address [ 140.133601][ T7301] ip6erspan0: entered promiscuous mode [ 140.176196][ T7301] bond1: (slave ip6erspan0): making interface the new active one [ 140.219599][ T7301] bond1: (slave ip6erspan0): Enslaving as an active interface with an up link [ 140.273107][ T7307] vlan2: entered allmulticast mode [ 140.296754][ T7307] bond1: entered allmulticast mode [ 140.312588][ T7307] ip6erspan0: entered allmulticast mode [ 140.333778][ T7307] bond1: (slave vlan2): the slave hw address is in use by the bond; giving it the hw address of ip6erspan0 [ 140.533842][ T7333] netlink: 24 bytes leftover after parsing attributes in process `syz.0.386'. [ 140.547745][ T7331] netlink: 256 bytes leftover after parsing attributes in process `syz.4.384'. [ 140.557151][ T7331] netlink: 80 bytes leftover after parsing attributes in process `syz.4.384'. [ 140.565830][ T7336] netlink: 12 bytes leftover after parsing attributes in process `syz.2.385'. [ 140.604970][ T7338] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 140.674521][ T7333] bond2: entered promiscuous mode [ 140.706717][ T7333] 8021q: adding VLAN 0 to HW filter on device bond2 [ 140.757241][ T7338] FAULT_INJECTION: forcing a failure. [ 140.757241][ T7338] name failslab, interval 1, probability 0, space 0, times 0 [ 140.811300][ T7338] CPU: 0 UID: 0 PID: 7338 Comm: syz.0.386 Not tainted 6.15.0-rc3-syzkaller-00614-g0d15a26b247d #0 PREEMPT(full) [ 140.811330][ T7338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 140.811343][ T7338] Call Trace: [ 140.811352][ T7338] [ 140.811361][ T7338] dump_stack_lvl+0x189/0x250 [ 140.811399][ T7338] ? __pfx_dump_stack_lvl+0x10/0x10 [ 140.811429][ T7338] ? __pfx__printk+0x10/0x10 [ 140.811456][ T7338] ? __pfx___might_resched+0x10/0x10 [ 140.811474][ T7338] ? fs_reclaim_acquire+0x7d/0x100 [ 140.811509][ T7338] should_fail_ex+0x414/0x560 [ 140.811545][ T7338] ? __nf_hook_entries_try_shrink+0x316/0x6e0 [ 140.811576][ T7338] should_failslab+0xa8/0x100 [ 140.811604][ T7338] __kvmalloc_node_noprof+0x168/0x5e0 [ 140.811631][ T7338] ? __nf_hook_entries_try_shrink+0x316/0x6e0 [ 140.811669][ T7338] __nf_hook_entries_try_shrink+0x316/0x6e0 [ 140.811714][ T7338] __nf_unregister_net_hook+0x4f6/0x700 [ 140.811756][ T7338] nf_unregister_net_hooks+0xcb/0x140 [ 140.811791][ T7338] nf_ct_netns_put+0x36d/0x520 [ 140.811822][ T7338] ? __pfx_connsecmark_tg_destroy+0x10/0x10 [ 140.811843][ T7338] cleanup_entry+0x262/0x320 [ 140.811867][ T7338] ? __pfx_cleanup_entry+0x10/0x10 [ 140.811903][ T7338] ? xt_find_target+0x1fa/0x240 [ 140.811933][ T7338] translate_table+0x1e5f/0x2040 [ 140.811979][ T7338] ? __pfx_translate_table+0x10/0x10 [ 140.812009][ T7338] ? __might_fault+0xb0/0x130 [ 140.812057][ T7338] ? _copy_from_user+0x94/0xb0 [ 140.812090][ T7338] do_ip6t_set_ctl+0x970/0xce0 [ 140.812120][ T7338] ? rcu_is_watching+0x15/0xb0 [ 140.812151][ T7338] ? __pfx_do_ip6t_set_ctl+0x10/0x10 [ 140.812195][ T7338] ? __pfx___mutex_lock+0x10/0x10 [ 140.812222][ T7338] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 140.812255][ T7338] ? rcu_read_lock_any_held+0xb3/0x120 [ 140.812275][ T7338] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 140.812305][ T7338] nf_setsockopt+0x26c/0x290 [ 140.812334][ T7338] rawv6_setsockopt+0x23b/0x5b0 [ 140.812362][ T7338] ? __pfx_rawv6_setsockopt+0x10/0x10 [ 140.812387][ T7338] ? aa_sock_opt_perm+0x74/0x110 [ 140.812408][ T7338] ? sock_common_setsockopt+0x36/0xc0 [ 140.812437][ T7338] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 140.812469][ T7338] do_sock_setsockopt+0x257/0x3e0 [ 140.812494][ T7338] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 140.812513][ T7338] ? __fget_files+0x2a/0x420 [ 140.812544][ T7338] ? __fget_files+0x3a0/0x420 [ 140.812568][ T7338] ? __fget_files+0x2a/0x420 [ 140.812604][ T7338] __x64_sys_setsockopt+0x18b/0x220 [ 140.812632][ T7338] do_syscall_64+0xf6/0x210 [ 140.812661][ T7338] ? clear_bhb_loop+0x45/0xa0 [ 140.812686][ T7338] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 140.812706][ T7338] RIP: 0033:0x7fc08d38e969 [ 140.812724][ T7338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 140.812741][ T7338] RSP: 002b:00007fc08e261038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 140.812763][ T7338] RAX: ffffffffffffffda RBX: 00007fc08d5b6080 RCX: 00007fc08d38e969 [ 140.812778][ T7338] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003 [ 140.812790][ T7338] RBP: 00007fc08e261090 R08: 0000000000000540 R09: 0000000000000000 [ 140.812802][ T7338] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000002 [ 140.812815][ T7338] R13: 0000000000000001 R14: 00007fc08d5b6080 R15: 00007fffde19f728 [ 140.812849][ T7338] [ 141.265952][ T7333] bond2 (unregistering): Released all slaves [ 141.458164][ T7365] netlink: 4 bytes leftover after parsing attributes in process `syz.4.397'. [ 141.506688][ T7362] lo speed is unknown, defaulting to 1000 [ 141.589687][ T7372] netlink: 12 bytes leftover after parsing attributes in process `syz.0.398'. [ 141.643164][ T7372] 8021q: adding VLAN 0 to HW filter on device bond2 [ 141.682563][ T7377] vlan2: entered allmulticast mode [ 141.697498][ T7377] bond2: entered allmulticast mode [ 141.778958][ T7384] netlink: 4 bytes leftover after parsing attributes in process `syz.1.403'. [ 141.980295][ T7388] sysfs: cannot create duplicate filename '/class/ieee80211/!寿$ULvyآDUDw}zR' [ 142.000843][ T7388] CPU: 0 UID: 0 PID: 7388 Comm: syz.1.403 Not tainted 6.15.0-rc3-syzkaller-00614-g0d15a26b247d #0 PREEMPT(full) [ 142.000875][ T7388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 142.000889][ T7388] Call Trace: [ 142.000898][ T7388] [ 142.000907][ T7388] dump_stack_lvl+0x189/0x250 [ 142.000943][ T7388] ? lockdep_hardirqs_on+0x9c/0x150 [ 142.000972][ T7388] ? __pfx_dump_stack_lvl+0x10/0x10 [ 142.001003][ T7388] ? __pfx__printk+0x10/0x10 [ 142.001028][ T7388] ? kernfs_path_from_node+0x2b/0x260 [ 142.001060][ T7388] ? kernfs_path_from_node+0x216/0x260 [ 142.001092][ T7388] sysfs_warn_dup+0x8e/0xa0 [ 142.001119][ T7388] sysfs_do_create_link_sd+0xc0/0x110 [ 142.001151][ T7388] device_add_class_symlinks+0x1cf/0x240 [ 142.001180][ T7388] device_add+0x475/0xb50 [ 142.001207][ T7388] wiphy_register+0x199a/0x26b0 [ 142.001258][ T7388] ? __pfx_wiphy_register+0x10/0x10 [ 142.001286][ T7388] ? minstrel_ht_alloc+0x893/0x990 [ 142.001341][ T7388] ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0 [ 142.001382][ T7388] ieee80211_register_hw+0x334b/0x4060 [ 142.001420][ T7388] ? ieee80211_register_hw+0x1471/0x4060 [ 142.001454][ T7388] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 142.001481][ T7388] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 142.001513][ T7388] ? __hrtimer_setup+0x187/0x210 [ 142.001541][ T7388] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 142.001578][ T7388] mac80211_hwsim_new_radio+0x2f0e/0x5340 [ 142.001639][ T7388] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 142.001667][ T7388] ? trace_kmalloc+0x1f/0xd0 [ 142.001688][ T7388] ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0 [ 142.001720][ T7388] ? kstrndup+0xbf/0x160 [ 142.001751][ T7388] hwsim_new_radio_nl+0xea4/0x1b10 [ 142.001783][ T7388] ? __pfx___nla_validate_parse+0x10/0x10 [ 142.001823][ T7388] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 142.001867][ T7388] ? __nla_parse+0x40/0x60 [ 142.001892][ T7388] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 142.001927][ T7388] genl_family_rcv_msg_doit+0x212/0x300 [ 142.001961][ T7388] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 142.002002][ T7388] ? bpf_lsm_capable+0x9/0x20 [ 142.002029][ T7388] ? security_capable+0x7e/0x2e0 [ 142.002056][ T7388] genl_rcv_msg+0x60e/0x790 [ 142.002089][ T7388] ? __pfx_genl_rcv_msg+0x10/0x10 [ 142.002112][ T7388] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 142.002157][ T7388] netlink_rcv_skb+0x219/0x490 [ 142.002189][ T7388] ? __pfx_genl_rcv_msg+0x10/0x10 [ 142.002216][ T7388] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 142.002274][ T7388] ? down_read+0x1ad/0x2e0 [ 142.002305][ T7388] genl_rcv+0x28/0x40 [ 142.002326][ T7388] netlink_unicast+0x758/0x8d0 [ 142.002367][ T7388] netlink_sendmsg+0x805/0xb30 [ 142.002397][ T7388] ? __pfx_netlink_sendmsg+0x10/0x10 [ 142.002420][ T7388] ? aa_sock_msg_perm+0x94/0x160 [ 142.002443][ T7388] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 142.002464][ T7388] ? __pfx_netlink_sendmsg+0x10/0x10 [ 142.002485][ T7388] __sock_sendmsg+0x219/0x270 [ 142.002516][ T7388] ____sys_sendmsg+0x505/0x830 [ 142.002545][ T7388] ? __pfx_____sys_sendmsg+0x10/0x10 [ 142.002579][ T7388] ? import_iovec+0x74/0xa0 [ 142.002608][ T7388] ___sys_sendmsg+0x21f/0x2a0 [ 142.002633][ T7388] ? __pfx____sys_sendmsg+0x10/0x10 [ 142.002703][ T7388] ? __fget_files+0x2a/0x420 [ 142.002728][ T7388] ? __fget_files+0x3a0/0x420 [ 142.002767][ T7388] __x64_sys_sendmsg+0x19b/0x260 [ 142.002792][ T7388] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 142.002834][ T7388] ? do_syscall_64+0xba/0x210 [ 142.002865][ T7388] do_syscall_64+0xf6/0x210 [ 142.002913][ T7388] ? clear_bhb_loop+0x45/0xa0 [ 142.002939][ T7388] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 142.002959][ T7388] RIP: 0033:0x7f11e298e969 [ 142.002977][ T7388] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 142.002995][ T7388] RSP: 002b:00007f11e3861038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 142.003017][ T7388] RAX: ffffffffffffffda RBX: 00007f11e2bb6080 RCX: 00007f11e298e969 [ 142.003032][ T7388] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 000000000000000e [ 142.003045][ T7388] RBP: 00007f11e2a10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 142.003057][ T7388] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 142.003069][ T7388] R13: 0000000000000000 R14: 00007f11e2bb6080 R15: 00007ffcfdf13c98 [ 142.003102][ T7388] [ 142.561486][ T7400] netlink: 248 bytes leftover after parsing attributes in process `syz.1.409'. [ 142.648405][ T7401] netlink: 'syz.1.409': attribute type 10 has an invalid length. [ 142.656238][ T7401] netlink: 40 bytes leftover after parsing attributes in process `syz.1.409'. [ 142.748385][ T7401] dummy0: entered promiscuous mode [ 142.753608][ T7401] dummy0: entered allmulticast mode [ 142.762199][ T7401] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check. [ 142.775862][ T7407] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input6 [ 142.894795][ T7403] lo speed is unknown, defaulting to 1000 [ 143.005050][ T7422] FAULT_INJECTION: forcing a failure. [ 143.005050][ T7422] name failslab, interval 1, probability 0, space 0, times 0 [ 143.030734][ T7422] CPU: 1 UID: 0 PID: 7422 Comm: syz.3.418 Not tainted 6.15.0-rc3-syzkaller-00614-g0d15a26b247d #0 PREEMPT(full) [ 143.030763][ T7422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 143.030775][ T7422] Call Trace: [ 143.030783][ T7422] [ 143.030791][ T7422] dump_stack_lvl+0x189/0x250 [ 143.030836][ T7422] ? __pfx_dump_stack_lvl+0x10/0x10 [ 143.030864][ T7422] ? __pfx__printk+0x10/0x10 [ 143.030889][ T7422] ? __pfx___might_resched+0x10/0x10 [ 143.030906][ T7422] ? fs_reclaim_acquire+0x7d/0x100 [ 143.030939][ T7422] should_fail_ex+0x414/0x560 [ 143.030975][ T7422] should_failslab+0xa8/0x100 [ 143.031003][ T7422] __kmalloc_noprof+0xcb/0x4f0 [ 143.031025][ T7422] ? iter_file_splice_write+0x1cb/0x1000 [ 143.031054][ T7422] iter_file_splice_write+0x1cb/0x1000 [ 143.031077][ T7422] ? __pfx_current_time+0x10/0x10 [ 143.031130][ T7422] ? __pfx_iter_file_splice_write+0x10/0x10 [ 143.031157][ T7422] ? rcu_read_lock_any_held+0xb3/0x120 [ 143.031176][ T7422] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 143.031206][ T7422] ? __pfx_iter_file_splice_write+0x10/0x10 [ 143.031230][ T7422] direct_splice_actor+0xfe/0x160 [ 143.031258][ T7422] splice_direct_to_actor+0x5a5/0xcc0 [ 143.031303][ T7422] ? __pfx_direct_splice_actor+0x10/0x10 [ 143.031326][ T7422] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 143.031350][ T7422] ? __pfx_aa_file_perm+0x10/0x10 [ 143.031379][ T7422] do_splice_direct+0x181/0x270 [ 143.031405][ T7422] ? __pfx_do_splice_direct+0x10/0x10 [ 143.031430][ T7422] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 143.031458][ T7422] ? rw_verify_area+0x258/0x650 [ 143.031481][ T7422] do_sendfile+0x4da/0x7d0 [ 143.031505][ T7422] ? __pfx_vfs_write+0x10/0x10 [ 143.031531][ T7422] ? __pfx_do_sendfile+0x10/0x10 [ 143.031556][ T7422] ? __fget_files+0x3a0/0x420 [ 143.031589][ T7422] __se_sys_sendfile64+0x13e/0x190 [ 143.031614][ T7422] ? rcu_is_watching+0x15/0xb0 [ 143.031642][ T7422] ? __pfx___se_sys_sendfile64+0x10/0x10 [ 143.031672][ T7422] ? do_syscall_64+0xba/0x210 [ 143.031703][ T7422] do_syscall_64+0xf6/0x210 [ 143.031729][ T7422] ? clear_bhb_loop+0x45/0xa0 [ 143.031753][ T7422] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 143.031772][ T7422] RIP: 0033:0x7fd54238e969 [ 143.031790][ T7422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 143.031814][ T7422] RSP: 002b:00007fd543182038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 143.031834][ T7422] RAX: ffffffffffffffda RBX: 00007fd5425b5fa0 RCX: 00007fd54238e969 [ 143.031848][ T7422] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000007 [ 143.031859][ T7422] RBP: 00007fd543182090 R08: 0000000000000000 R09: 0000000000000000 [ 143.031871][ T7422] R10: 00000000f03a0005 R11: 0000000000000246 R12: 0000000000000002 [ 143.031882][ T7422] R13: 0000000000000000 R14: 00007fd5425b5fa0 R15: 00007fff6a3e08b8 [ 143.031913][ T7422] [ 143.040197][ T7426] tipc: Started in network mode [ 143.336459][ T7426] tipc: Node identity ac14140f, cluster identity 4711 [ 143.344420][ T7426] tipc: New replicast peer: 255.255.255.255 [ 143.352880][ T7426] tipc: Enabled bearer , priority 10 [ 143.431816][ T7426] vxcan1: entered allmulticast mode [ 143.456724][ T7436] FAULT_INJECTION: forcing a failure. [ 143.456724][ T7436] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 143.498069][ T7432] tipc: Disabling bearer [ 143.543141][ T7436] CPU: 0 UID: 0 PID: 7436 Comm: syz.2.421 Not tainted 6.15.0-rc3-syzkaller-00614-g0d15a26b247d #0 PREEMPT(full) [ 143.543172][ T7436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 143.543185][ T7436] Call Trace: [ 143.543193][ T7436] [ 143.543202][ T7436] dump_stack_lvl+0x189/0x250 [ 143.543234][ T7436] ? __lock_acquire+0xaac/0xd20 [ 143.543265][ T7436] ? __pfx_dump_stack_lvl+0x10/0x10 [ 143.543294][ T7436] ? __pfx__printk+0x10/0x10 [ 143.543314][ T7436] ? __might_fault+0xb0/0x130 [ 143.543351][ T7436] should_fail_ex+0x414/0x560 [ 143.543392][ T7436] _copy_from_iter+0x3f5/0x15a0 [ 143.543429][ T7436] ? __pfx__copy_from_iter+0x10/0x10 [ 143.543454][ T7436] ? do_user_addr_fault+0xbc1/0x1390 [ 143.543485][ T7436] bcm_sendmsg+0x15b/0x6a0 [ 143.543515][ T7436] ? __pfx_bcm_sendmsg+0x10/0x10 [ 143.543545][ T7436] ? aa_sock_msg_perm+0x94/0x160 [ 143.543575][ T7436] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 143.543598][ T7436] ? __pfx_bcm_sendmsg+0x10/0x10 [ 143.543622][ T7436] __sock_sendmsg+0x219/0x270 [ 143.543653][ T7436] ____sys_sendmsg+0x505/0x830 [ 143.543681][ T7436] ? __pfx_____sys_sendmsg+0x10/0x10 [ 143.543713][ T7436] ? import_iovec+0x74/0xa0 [ 143.543742][ T7436] ___sys_sendmsg+0x21f/0x2a0 [ 143.543767][ T7436] ? __pfx____sys_sendmsg+0x10/0x10 [ 143.543795][ T7436] ? rcu_read_lock_any_held+0xb3/0x120 [ 143.543829][ T7436] ? sb_end_write+0xe9/0x1c0 [ 143.543871][ T7436] ? __pfx_vfs_write+0x10/0x10 [ 143.543903][ T7436] __x64_sys_sendmsg+0x19b/0x260 [ 143.543928][ T7436] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 143.543969][ T7436] ? do_syscall_64+0xba/0x210 [ 143.543999][ T7436] do_syscall_64+0xf6/0x210 [ 143.544027][ T7436] ? clear_bhb_loop+0x45/0xa0 [ 143.544051][ T7436] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 143.544071][ T7436] RIP: 0033:0x7f9194d8e969 [ 143.544089][ T7436] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 143.544106][ T7436] RSP: 002b:00007f9195c24038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 143.544128][ T7436] RAX: ffffffffffffffda RBX: 00007f9194fb5fa0 RCX: 00007f9194d8e969 [ 143.544143][ T7436] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003 [ 143.544156][ T7436] RBP: 00007f9195c24090 R08: 0000000000000000 R09: 0000000000000000 [ 143.544168][ T7436] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 143.544180][ T7436] R13: 0000000000000000 R14: 00007f9194fb5fa0 R15: 00007fffb11c35e8 [ 143.544211][ T7436] [ 144.436104][ T7472] FAULT_INJECTION: forcing a failure. [ 144.436104][ T7472] name failslab, interval 1, probability 0, space 0, times 0 [ 144.457431][ T7472] CPU: 1 UID: 0 PID: 7472 Comm: syz.2.434 Not tainted 6.15.0-rc3-syzkaller-00614-g0d15a26b247d #0 PREEMPT(full) [ 144.457462][ T7472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 144.457475][ T7472] Call Trace: [ 144.457484][ T7472] [ 144.457492][ T7472] dump_stack_lvl+0x189/0x250 [ 144.457538][ T7472] ? __pfx_dump_stack_lvl+0x10/0x10 [ 144.457571][ T7472] ? __pfx__printk+0x10/0x10 [ 144.457599][ T7472] ? ref_tracker_alloc+0x318/0x460 [ 144.457623][ T7472] should_fail_ex+0x414/0x560 [ 144.457658][ T7472] should_failslab+0xa8/0x100 [ 144.457686][ T7472] kmem_cache_alloc_noprof+0x73/0x3c0 [ 144.457711][ T7472] ? skb_clone+0x212/0x3a0 [ 144.457740][ T7472] skb_clone+0x212/0x3a0 [ 144.457768][ T7472] __netlink_deliver_tap+0x404/0x850 [ 144.457814][ T7472] ? netlink_deliver_tap+0x2e/0x1b0 [ 144.457847][ T7472] netlink_deliver_tap+0x19c/0x1b0 [ 144.457880][ T7472] netlink_unicast+0x72f/0x8d0 [ 144.457921][ T7472] netlink_sendmsg+0x805/0xb30 [ 144.457952][ T7472] ? __pfx_netlink_sendmsg+0x10/0x10 [ 144.457975][ T7472] ? aa_sock_msg_perm+0x94/0x160 [ 144.457998][ T7472] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 144.458020][ T7472] ? __pfx_netlink_sendmsg+0x10/0x10 [ 144.458041][ T7472] __sock_sendmsg+0x219/0x270 [ 144.458073][ T7472] ____sys_sendmsg+0x505/0x830 [ 144.458102][ T7472] ? __pfx_____sys_sendmsg+0x10/0x10 [ 144.458135][ T7472] ? import_iovec+0x74/0xa0 [ 144.458165][ T7472] ___sys_sendmsg+0x21f/0x2a0 [ 144.458190][ T7472] ? __pfx____sys_sendmsg+0x10/0x10 [ 144.458254][ T7472] ? __fget_files+0x2a/0x420 [ 144.458280][ T7472] ? __fget_files+0x3a0/0x420 [ 144.458317][ T7472] __x64_sys_sendmsg+0x19b/0x260 [ 144.458343][ T7472] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 144.458385][ T7472] ? do_syscall_64+0xba/0x210 [ 144.458416][ T7472] do_syscall_64+0xf6/0x210 [ 144.458443][ T7472] ? clear_bhb_loop+0x45/0xa0 [ 144.458469][ T7472] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.458488][ T7472] RIP: 0033:0x7f9194d8e969 [ 144.458513][ T7472] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 144.458531][ T7472] RSP: 002b:00007f9195c24038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 144.458552][ T7472] RAX: ffffffffffffffda RBX: 00007f9194fb5fa0 RCX: 00007f9194d8e969 [ 144.458567][ T7472] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000004 [ 144.458580][ T7472] RBP: 00007f9195c24090 R08: 0000000000000000 R09: 0000000000000000 [ 144.458592][ T7472] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 144.458604][ T7472] R13: 0000000000000000 R14: 00007f9194fb5fa0 R15: 00007fffb11c35e8 [ 144.458637][ T7472] [ 144.789835][ T7472] vlan2: entered allmulticast mode [ 144.859006][ T7484] FAULT_INJECTION: forcing a failure. [ 144.859006][ T7484] name failslab, interval 1, probability 0, space 0, times 0 [ 144.898411][ T7484] CPU: 0 UID: 0 PID: 7484 Comm: syz.4.439 Not tainted 6.15.0-rc3-syzkaller-00614-g0d15a26b247d #0 PREEMPT(full) [ 144.898441][ T7484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 144.898454][ T7484] Call Trace: [ 144.898462][ T7484] [ 144.898470][ T7484] dump_stack_lvl+0x189/0x250 [ 144.898508][ T7484] ? __pfx_dump_stack_lvl+0x10/0x10 [ 144.898537][ T7484] ? __pfx__printk+0x10/0x10 [ 144.898563][ T7484] ? __pfx___might_resched+0x10/0x10 [ 144.898582][ T7484] ? fs_reclaim_acquire+0x7d/0x100 [ 144.898617][ T7484] should_fail_ex+0x414/0x560 [ 144.898654][ T7484] should_failslab+0xa8/0x100 [ 144.898682][ T7484] __kmalloc_cache_noprof+0x70/0x3d0 [ 144.898706][ T7484] ? tcp_sendmsg_fastopen+0x1de/0x5e0 [ 144.898748][ T7484] tcp_sendmsg_fastopen+0x1de/0x5e0 [ 144.898781][ T7484] tcp_sendmsg_locked+0x491a/0x5010 [ 144.898818][ T7484] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 144.898882][ T7484] ? __lock_acquire+0xaac/0xd20 [ 144.898921][ T7484] ? __pfx_tcp_sendmsg_locked+0x10/0x10 [ 144.898946][ T7484] ? __local_bh_enable_ip+0x12d/0x1c0 [ 144.898983][ T7484] ? __local_bh_enable_ip+0x12d/0x1c0 [ 144.899027][ T7484] tcp_sendmsg+0x2f/0x50 [ 144.899055][ T7484] __sock_sendmsg+0x19c/0x270 [ 144.899086][ T7484] __sys_sendto+0x3bd/0x520 [ 144.899109][ T7484] ? __pfx___sys_sendto+0x10/0x10 [ 144.899126][ T7484] ? __mutex_unlock_slowpath+0x1cd/0x700 [ 144.899167][ T7484] ? __fget_files+0x3a0/0x420 [ 144.899204][ T7484] ? ksys_write+0x1f0/0x250 [ 144.899225][ T7484] ? rcu_is_watching+0x15/0xb0 [ 144.899265][ T7484] __x64_sys_sendto+0xde/0x100 [ 144.899289][ T7484] do_syscall_64+0xf6/0x210 [ 144.899317][ T7484] ? clear_bhb_loop+0x45/0xa0 [ 144.899341][ T7484] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.899359][ T7484] RIP: 0033:0x7f3dc498e969 [ 144.899378][ T7484] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 144.899395][ T7484] RSP: 002b:00007f3dc573e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 144.899416][ T7484] RAX: ffffffffffffffda RBX: 00007f3dc4bb5fa0 RCX: 00007f3dc498e969 [ 144.899431][ T7484] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 144.899442][ T7484] RBP: 00007f3dc573e090 R08: 0000200000000180 R09: 0000000000000010 [ 144.899455][ T7484] R10: 00000000200007fd R11: 0000000000000246 R12: 0000000000000001 [ 144.899468][ T7484] R13: 0000000000000000 R14: 00007f3dc4bb5fa0 R15: 00007ffec296b358 [ 144.899500][ T7484] [ 145.253335][ T7490] __nla_validate_parse: 3 callbacks suppressed [ 145.253355][ T7490] netlink: 28 bytes leftover after parsing attributes in process `syz.0.442'. [ 145.277691][ T6250] IPVS: starting estimator thread 0... [ 145.310177][ T7490] netlink: 28 bytes leftover after parsing attributes in process `syz.0.442'. [ 145.335984][ T7490] bond0: entered promiscuous mode [ 145.341356][ T7490] bond_slave_0: entered promiscuous mode [ 145.347240][ T7490] bond_slave_1: entered promiscuous mode [ 145.354790][ T7490] bridge0: entered promiscuous mode [ 145.361597][ T7490] debugfs: Directory 'hsr1' with parent 'hsr' already present! [ 145.369315][ T7490] Cannot create hsr debugfs directory [ 145.375037][ T7490] hsr1: Slave A (bond0) is not up; please bring it up to get a fully working HSR network [ 145.385293][ T7488] IPVS: using max 32 ests per chain, 76800 per kthread [ 145.392621][ T7490] hsr1: Slave B (bridge0) is not up; please bring it up to get a fully working HSR network [ 145.470146][ T7496] dummy0: left promiscuous mode [ 145.479203][ T7496] dummy0: left allmulticast mode [ 145.498603][ T7496] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 145.713930][ T7519] netlink: 'syz.0.452': attribute type 4 has an invalid length. [ 145.859591][ T7518] openvswitch: netlink: Message has 24 unknown bytes. [ 145.874107][ T7518] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 146.594187][ T7557] netlink: 176 bytes leftover after parsing attributes in process `syz.0.461'. [ 146.662805][ T7562] netlink: 12 bytes leftover after parsing attributes in process `syz.0.461'. [ 146.735390][ T7557] bridge3: entered promiscuous mode [ 146.746817][ T7565] FAULT_INJECTION: forcing a failure. [ 146.746817][ T7565] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 146.752531][ T7557] bridge3: entered allmulticast mode [ 146.771018][ T7565] CPU: 0 UID: 0 PID: 7565 Comm: syz.3.463 Not tainted 6.15.0-rc3-syzkaller-00614-g0d15a26b247d #0 PREEMPT(full) [ 146.771063][ T7565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 146.771084][ T7565] Call Trace: [ 146.771096][ T7565] [ 146.771105][ T7565] dump_stack_lvl+0x189/0x250 [ 146.771137][ T7565] ? __lock_acquire+0xaac/0xd20 [ 146.771167][ T7565] ? __pfx_dump_stack_lvl+0x10/0x10 [ 146.771195][ T7565] ? __pfx__printk+0x10/0x10 [ 146.771216][ T7565] ? __might_fault+0xb0/0x130 [ 146.771252][ T7565] should_fail_ex+0x414/0x560 [ 146.771290][ T7565] _copy_from_user+0x2d/0xb0 [ 146.771318][ T7565] ___sys_sendmsg+0x158/0x2a0 [ 146.771342][ T7565] ? __pfx____sys_sendmsg+0x10/0x10 [ 146.771411][ T7565] ? __might_fault+0xb0/0x130 [ 146.771440][ T7565] __sys_sendmmsg+0x227/0x430 [ 146.771468][ T7565] ? __pfx___sys_sendmmsg+0x10/0x10 [ 146.771517][ T7565] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 146.771563][ T7565] ? ksys_write+0x1f0/0x250 [ 146.771583][ T7565] ? rcu_is_watching+0x15/0xb0 [ 146.771623][ T7565] __x64_sys_sendmmsg+0xa0/0xc0 [ 146.771647][ T7565] do_syscall_64+0xf6/0x210 [ 146.771676][ T7565] ? clear_bhb_loop+0x45/0xa0 [ 146.771700][ T7565] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.771719][ T7565] RIP: 0033:0x7fd54238e969 [ 146.771736][ T7565] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 146.771754][ T7565] RSP: 002b:00007fd543182038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 146.771775][ T7565] RAX: ffffffffffffffda RBX: 00007fd5425b5fa0 RCX: 00007fd54238e969 [ 146.771790][ T7565] RDX: 0000000004000190 RSI: 0000200000000180 RDI: 0000000000000003 [ 146.771803][ T7565] RBP: 00007fd543182090 R08: 0000000000000000 R09: 0000000000000000 [ 146.771815][ T7565] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 146.771827][ T7565] R13: 0000000000000000 R14: 00007fd5425b5fa0 R15: 00007fff6a3e08b8 [ 146.771858][ T7565] [ 146.817267][ T7557] team0: Port device bridge3 added [ 146.932541][ T7570] netlink: 'syz.4.466': attribute type 4 has an invalid length. [ 147.026404][ T7573] netlink: 32 bytes leftover after parsing attributes in process `syz.2.464'. [ 147.127351][ T7577] FAULT_INJECTION: forcing a failure. [ 147.127351][ T7577] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 147.179398][ T7577] CPU: 0 UID: 0 PID: 7577 Comm: syz.0.469 Not tainted 6.15.0-rc3-syzkaller-00614-g0d15a26b247d #0 PREEMPT(full) [ 147.179429][ T7577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 147.179442][ T7577] Call Trace: [ 147.179449][ T7577] [ 147.179465][ T7577] dump_stack_lvl+0x189/0x250 [ 147.179498][ T7577] ? __lock_acquire+0xaac/0xd20 [ 147.179529][ T7577] ? __pfx_dump_stack_lvl+0x10/0x10 [ 147.179558][ T7577] ? __pfx__printk+0x10/0x10 [ 147.179579][ T7577] ? __might_fault+0xb0/0x130 [ 147.179616][ T7577] should_fail_ex+0x414/0x560 [ 147.179652][ T7577] _copy_from_iter+0x1db/0x15a0 [ 147.179683][ T7577] ? trace_kmem_cache_alloc+0x1f/0xc0 [ 147.179705][ T7577] ? kmem_cache_alloc_node_noprof+0x217/0x3c0 [ 147.179731][ T7577] ? __pfx__copy_from_iter+0x10/0x10 [ 147.179757][ T7577] ? __build_skb_around+0x257/0x3e0 [ 147.179781][ T7577] ? netlink_sendmsg+0x642/0xb30 [ 147.179798][ T7577] ? skb_put+0x11b/0x210 [ 147.179822][ T7577] netlink_sendmsg+0x6b2/0xb30 [ 147.179851][ T7577] ? __pfx_netlink_sendmsg+0x10/0x10 [ 147.179874][ T7577] ? aa_sock_msg_perm+0x94/0x160 [ 147.179896][ T7577] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 147.179919][ T7577] ? __pfx_netlink_sendmsg+0x10/0x10 [ 147.179938][ T7577] __sock_sendmsg+0x219/0x270 [ 147.179969][ T7577] ____sys_sendmsg+0x505/0x830 [ 147.179997][ T7577] ? __pfx_____sys_sendmsg+0x10/0x10 [ 147.180029][ T7577] ? import_iovec+0x74/0xa0 [ 147.180058][ T7577] ___sys_sendmsg+0x21f/0x2a0 [ 147.180083][ T7577] ? __pfx____sys_sendmsg+0x10/0x10 [ 147.180142][ T7577] ? __fget_files+0x2a/0x420 [ 147.180167][ T7577] ? __fget_files+0x3a0/0x420 [ 147.180202][ T7577] __x64_sys_sendmsg+0x19b/0x260 [ 147.180227][ T7577] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 147.180268][ T7577] ? do_syscall_64+0xba/0x210 [ 147.180298][ T7577] do_syscall_64+0xf6/0x210 [ 147.180325][ T7577] ? clear_bhb_loop+0x45/0xa0 [ 147.180350][ T7577] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 147.180370][ T7577] RIP: 0033:0x7fc08d38e969 [ 147.180387][ T7577] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 147.180405][ T7577] RSP: 002b:00007fc08e282038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 147.180425][ T7577] RAX: ffffffffffffffda RBX: 00007fc08d5b5fa0 RCX: 00007fc08d38e969 [ 147.180439][ T7577] RDX: 0000000000000000 RSI: 0000200000000a80 RDI: 0000000000000003 [ 147.180459][ T7577] RBP: 00007fc08e282090 R08: 0000000000000000 R09: 0000000000000000 [ 147.180471][ T7577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 147.180483][ T7577] R13: 0000000000000000 R14: 00007fc08d5b5fa0 R15: 00007fffde19f728 [ 147.180514][ T7577] [ 147.602765][ T7591] netlink: 8 bytes leftover after parsing attributes in process `syz.0.472'. [ 147.866008][ T7608] netlink: 12 bytes leftover after parsing attributes in process `syz.0.476'. [ 148.113256][ T7616] netlink: 60 bytes leftover after parsing attributes in process `syz.4.479'. [ 148.129919][ T7616] netlink: 16 bytes leftover after parsing attributes in process `syz.4.479'. [ 148.146827][ T7616] netlink: 60 bytes leftover after parsing attributes in process `syz.4.479'. [ 148.222715][ T7618] netlink: 'syz.2.480': attribute type 4 has an invalid length. [ 148.248812][ T7620] FAULT_INJECTION: forcing a failure. [ 148.248812][ T7620] name failslab, interval 1, probability 0, space 0, times 0 [ 148.254885][ T7622] FAULT_INJECTION: forcing a failure. [ 148.254885][ T7622] name failslab, interval 1, probability 0, space 0, times 0 [ 148.262181][ T7620] CPU: 0 UID: 0 PID: 7620 Comm: syz.0.481 Not tainted 6.15.0-rc3-syzkaller-00614-g0d15a26b247d #0 PREEMPT(full) [ 148.262211][ T7620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 148.262224][ T7620] Call Trace: [ 148.262234][ T7620] [ 148.262243][ T7620] dump_stack_lvl+0x189/0x250 [ 148.262284][ T7620] ? __pfx_dump_stack_lvl+0x10/0x10 [ 148.262315][ T7620] ? __pfx__printk+0x10/0x10 [ 148.262351][ T7620] ? __pfx___might_resched+0x10/0x10 [ 148.262371][ T7620] ? fs_reclaim_acquire+0x7d/0x100 [ 148.262409][ T7620] should_fail_ex+0x414/0x560 [ 148.262449][ T7620] should_failslab+0xa8/0x100 [ 148.262486][ T7620] __kmalloc_noprof+0xcb/0x4f0 [ 148.262512][ T7620] ? unregister_netdevice_many_notify+0x909/0x2320 [ 148.262549][ T7620] unregister_netdevice_many_notify+0x909/0x2320 [ 148.262584][ T7620] ? __mutex_lock+0xa6d/0xe80 [ 148.262614][ T7620] ? __mutex_lock+0x51b/0xe80 [ 148.262642][ T7620] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 148.262674][ T7620] ? rtnl_dellink+0x331/0x710 [ 148.262715][ T7620] ? unregister_netdevice_queue+0x1b3/0x380 [ 148.262751][ T7620] ? __nla_parse+0x40/0x60 [ 148.262778][ T7620] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 148.262804][ T7620] rtnl_dellink+0x488/0x710 [ 148.262834][ T7620] ? is_bpf_text_address+0x26/0x2b0 [ 148.262870][ T7620] ? __pfx_rtnl_dellink+0x10/0x10 [ 148.262906][ T7620] ? __lock_acquire+0xaac/0xd20 [ 148.263035][ T7620] ? __pfx_rtnl_dellink+0x10/0x10 [ 148.263068][ T7620] rtnetlink_rcv_msg+0x7cc/0xb70 [ 148.263105][ T7620] ? rtnetlink_rcv_msg+0x1ab/0xb70 [ 148.263136][ T7620] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 148.263175][ T7620] ? __lock_acquire+0xaac/0xd20 [ 148.263218][ T7620] netlink_rcv_skb+0x219/0x490 [ 148.263254][ T7620] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 148.263289][ T7620] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 148.263345][ T7620] ? netlink_deliver_tap+0x2e/0x1b0 [ 148.263377][ T7620] ? netlink_deliver_tap+0x2e/0x1b0 [ 148.263417][ T7620] netlink_unicast+0x758/0x8d0 [ 148.263467][ T7620] netlink_sendmsg+0x805/0xb30 [ 148.263499][ T7620] ? __pfx_netlink_sendmsg+0x10/0x10 [ 148.263524][ T7620] ? aa_sock_msg_perm+0x94/0x160 [ 148.263548][ T7620] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 148.263571][ T7620] ? __pfx_netlink_sendmsg+0x10/0x10 [ 148.263594][ T7620] __sock_sendmsg+0x219/0x270 [ 148.263627][ T7620] ____sys_sendmsg+0x505/0x830 [ 148.263658][ T7620] ? __pfx_____sys_sendmsg+0x10/0x10 [ 148.263694][ T7620] ? import_iovec+0x74/0xa0 [ 148.263726][ T7620] ___sys_sendmsg+0x21f/0x2a0 [ 148.263753][ T7620] ? __pfx____sys_sendmsg+0x10/0x10 [ 148.263820][ T7620] ? __fget_files+0x2a/0x420 [ 148.263846][ T7620] ? __fget_files+0x3a0/0x420 [ 148.263887][ T7620] __x64_sys_sendmsg+0x19b/0x260 [ 148.263913][ T7620] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 148.263958][ T7620] ? do_syscall_64+0xba/0x210 [ 148.263991][ T7620] do_syscall_64+0xf6/0x210 [ 148.264020][ T7620] ? clear_bhb_loop+0x45/0xa0 [ 148.264047][ T7620] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 148.264068][ T7620] RIP: 0033:0x7fc08d38e969 [ 148.264087][ T7620] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 148.264107][ T7620] RSP: 002b:00007fc08e282038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 148.264130][ T7620] RAX: ffffffffffffffda RBX: 00007fc08d5b5fa0 RCX: 00007fc08d38e969 [ 148.264146][ T7620] RDX: 0000000000000010 RSI: 00002000000003c0 RDI: 0000000000000008 [ 148.264160][ T7620] RBP: 00007fc08e282090 R08: 0000000000000000 R09: 0000000000000000 [ 148.264172][ T7620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 148.264185][ T7620] R13: 0000000000000000 R14: 00007fc08d5b5fa0 R15: 00007fffde19f728 [ 148.264219][ T7620] [ 148.638033][ T7622] CPU: 1 UID: 0 PID: 7622 Comm: syz.4.482 Not tainted 6.15.0-rc3-syzkaller-00614-g0d15a26b247d #0 PREEMPT(full) [ 148.638060][ T7622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 148.638073][ T7622] Call Trace: [ 148.638081][ T7622] [ 148.638089][ T7622] dump_stack_lvl+0x189/0x250 [ 148.638124][ T7622] ? __pfx_dump_stack_lvl+0x10/0x10 [ 148.638154][ T7622] ? __pfx__printk+0x10/0x10 [ 148.638202][ T7622] should_fail_ex+0x414/0x560 [ 148.638238][ T7622] should_failslab+0xa8/0x100 [ 148.638266][ T7622] kmem_cache_alloc_noprof+0x73/0x3c0 [ 148.638290][ T7622] ? skb_clone+0x212/0x3a0 [ 148.638320][ T7622] skb_clone+0x212/0x3a0 [ 148.638347][ T7622] bpf_clone_redirect+0xad/0x3d0 [ 148.638384][ T7622] bpf_prog_76b644e67229c872+0x5f/0x64 [ 148.638411][ T7622] ? ktime_get+0x3e/0x1f0 [ 148.638439][ T7622] ? seqcount_lockdep_reader_access+0x123/0x1c0 [ 148.638460][ T7622] ? lockdep_hardirqs_on+0x9c/0x150 [ 148.638484][ T7622] ? ktime_get+0x3e/0x1f0 [ 148.638502][ T7622] ? seqcount_lockdep_reader_access+0x175/0x1c0 [ 148.638524][ T7622] ? __pfx_seqcount_lockdep_reader_access+0x10/0x10 [ 148.638551][ T7622] ? __local_bh_disable_ip+0xf1/0x190 [ 148.638581][ T7622] ? __pfx___cant_migrate+0x10/0x10 [ 148.638604][ T7622] ? read_tsc+0x9/0x20 [ 148.638620][ T7622] ? ktime_get+0x1cb/0x1f0 [ 148.638646][ T7622] bpf_test_run+0x38b/0x830 [ 148.638688][ T7622] ? bpf_test_run+0x205/0x830 [ 148.638726][ T7622] ? __pfx_bpf_test_run+0x10/0x10 [ 148.638784][ T7622] ? slab_build_skb+0x273/0x3e0 [ 148.638803][ T7622] ? convert___skb_to_skb+0x3d/0x590 [ 148.638836][ T7622] bpf_prog_test_run_skb+0xb30/0x1560 [ 148.638884][ T7622] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 148.638916][ T7622] bpf_prog_test_run+0x2a9/0x340 [ 148.638947][ T7622] __sys_bpf+0x4a4/0x860 [ 148.638974][ T7622] ? __pfx___sys_bpf+0x10/0x10 [ 148.639014][ T7622] ? ksys_write+0x1f0/0x250 [ 148.639035][ T7622] ? rcu_is_watching+0x15/0xb0 [ 148.639077][ T7622] __x64_sys_bpf+0x7c/0x90 [ 148.639100][ T7622] do_syscall_64+0xf6/0x210 [ 148.639127][ T7622] ? clear_bhb_loop+0x45/0xa0 [ 148.639152][ T7622] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 148.639172][ T7622] RIP: 0033:0x7f3dc498e969 [ 148.639199][ T7622] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 148.639216][ T7622] RSP: 002b:00007f3dc573e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 148.639237][ T7622] RAX: ffffffffffffffda RBX: 00007f3dc4bb5fa0 RCX: 00007f3dc498e969 [ 148.639252][ T7622] RDX: 0000000000000050 RSI: 0000200000000080 RDI: 000000000000000a [ 148.639265][ T7622] RBP: 00007f3dc573e090 R08: 0000000000000000 R09: 0000000000000000 [ 148.639277][ T7622] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 148.639288][ T7622] R13: 0000000000000000 R14: 00007f3dc4bb5fa0 R15: 00007ffec296b358 [ 148.639320][ T7622] [ 149.220612][ T5830] lo speed is unknown, defaulting to 1000 [ 149.249398][ T5830] syz1: Port: 1 Link DOWN [ 149.255340][ T7624] lo speed is unknown, defaulting to 1000 [ 149.600845][ T7636] gretap0: entered promiscuous mode [ 149.616067][ T7636] gretap0: left promiscuous mode [ 149.721564][ T7652] netlink: 'syz.3.492': attribute type 27 has an invalid length. [ 149.809471][ T7656] netlink: 'syz.4.494': attribute type 4 has an invalid length. [ 150.314034][ T7686] lo speed is unknown, defaulting to 1000 [ 150.374663][ T7692] __nla_validate_parse: 6 callbacks suppressed [ 150.374682][ T7692] netlink: 60 bytes leftover after parsing attributes in process `syz.4.506'. [ 150.406671][ T7692] netlink: 16 bytes leftover after parsing attributes in process `syz.4.506'. [ 150.426971][ T7692] netlink: 60 bytes leftover after parsing attributes in process `syz.4.506'. [ 150.968091][ T7718] netlink: 60 bytes leftover after parsing attributes in process `syz.1.517'. [ 150.974375][ T7715] netlink: 24 bytes leftover after parsing attributes in process `syz.4.515'. [ 150.996488][ T7718] netlink: 16 bytes leftover after parsing attributes in process `syz.1.517'. [ 151.025629][ T7718] netlink: 60 bytes leftover after parsing attributes in process `syz.1.517'. [ 151.054929][ T7715] (unnamed net_device) (uninitialized): option tlb_dynamic_lb: invalid value (18) [ 151.342524][ T7739] netlink: 4 bytes leftover after parsing attributes in process `syz.4.525'. [ 151.373589][ T7739] batadv0: entered promiscuous mode [ 151.392822][ T7739] macvtap1: entered promiscuous mode [ 151.426775][ T7739] macvtap1: entered allmulticast mode [ 151.435218][ T7739] batadv0: entered allmulticast mode [ 151.446153][ T7739] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 151.462872][ T7723] netlink: 4 bytes leftover after parsing attributes in process `syz.3.519'. [ 151.494018][ T7744] batadv0: left allmulticast mode [ 151.504127][ T7744] batadv0: left promiscuous mode [ 151.563767][ T7750] ieee802154 phy0 wpan0: encryption failed: -22 [ 151.687227][ T7757] netlink: 8 bytes leftover after parsing attributes in process `syz.4.532'. [ 151.868099][ T7766] batadv0: entered promiscuous mode [ 151.873711][ T7766] macvtap2: entered promiscuous mode [ 151.879703][ T7766] macvtap2: entered allmulticast mode [ 151.886349][ T7766] batadv0: entered allmulticast mode [ 151.894868][ T7766] 8021q: adding VLAN 0 to HW filter on device macvtap2 [ 151.917219][ T7772] batadv0: left allmulticast mode [ 151.929636][ T7772] batadv0: left promiscuous mode [ 152.018633][ T7774] veth3: entered allmulticast mode [ 152.150254][ T7773] 8021q: adding VLAN 0 to HW filter on device bond0 [ 152.181306][ T7773] 8021q: adding VLAN 0 to HW filter on device team0 [ 152.232810][ T7773] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 152.329532][ T7786] netlink: 'syz.3.539': attribute type 21 has an invalid length. [ 152.454522][ T7788] openvswitch: netlink: Missing key (keys=40, expected=80) [ 152.490086][ T7792] openvswitch: netlink: Missing key (keys=40, expected=80) [ 152.878940][ T7814] sysfs: cannot create duplicate filename '/class/ieee80211/!寿$ULvyآDUDw}zR' [ 152.912412][ T7814] CPU: 0 UID: 0 PID: 7814 Comm: syz.4.551 Not tainted 6.15.0-rc3-syzkaller-00614-g0d15a26b247d #0 PREEMPT(full) [ 152.912451][ T7814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 152.912466][ T7814] Call Trace: [ 152.912474][ T7814] [ 152.912483][ T7814] dump_stack_lvl+0x189/0x250 [ 152.912521][ T7814] ? lockdep_hardirqs_on+0x9c/0x150 [ 152.912550][ T7814] ? __pfx_dump_stack_lvl+0x10/0x10 [ 152.912580][ T7814] ? __pfx__printk+0x10/0x10 [ 152.912605][ T7814] ? kernfs_path_from_node+0x2b/0x260 [ 152.912638][ T7814] ? kernfs_path_from_node+0x216/0x260 [ 152.912671][ T7814] sysfs_warn_dup+0x8e/0xa0 [ 152.912698][ T7814] sysfs_do_create_link_sd+0xc0/0x110 [ 152.912730][ T7814] device_add_class_symlinks+0x1cf/0x240 [ 152.912766][ T7814] device_add+0x475/0xb50 [ 152.912795][ T7814] wiphy_register+0x199a/0x26b0 [ 152.912848][ T7814] ? __pfx_wiphy_register+0x10/0x10 [ 152.912876][ T7814] ? minstrel_ht_alloc+0x893/0x990 [ 152.912920][ T7814] ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0 [ 152.912958][ T7814] ieee80211_register_hw+0x334b/0x4060 [ 152.912998][ T7814] ? ieee80211_register_hw+0x1471/0x4060 [ 152.913035][ T7814] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 152.913064][ T7814] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 152.913098][ T7814] ? __hrtimer_setup+0x187/0x210 [ 152.913128][ T7814] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 152.913166][ T7814] mac80211_hwsim_new_radio+0x2f0e/0x5340 [ 152.913233][ T7814] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 152.913262][ T7814] ? trace_kmalloc+0x1f/0xd0 [ 152.913283][ T7814] ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0 [ 152.913311][ T7814] ? kstrndup+0xbf/0x160 [ 152.913343][ T7814] hwsim_new_radio_nl+0xea4/0x1b10 [ 152.913377][ T7814] ? __pfx___nla_validate_parse+0x10/0x10 [ 152.913418][ T7814] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 152.913463][ T7814] ? __nla_parse+0x40/0x60 [ 152.913492][ T7814] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 152.913528][ T7814] genl_family_rcv_msg_doit+0x212/0x300 [ 152.913564][ T7814] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 152.913605][ T7814] ? bpf_lsm_capable+0x9/0x20 [ 152.913634][ T7814] ? security_capable+0x7e/0x2e0 [ 152.913661][ T7814] genl_rcv_msg+0x60e/0x790 [ 152.913694][ T7814] ? __pfx_genl_rcv_msg+0x10/0x10 [ 152.913719][ T7814] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 152.913796][ T7814] netlink_rcv_skb+0x219/0x490 [ 152.913831][ T7814] ? __pfx_genl_rcv_msg+0x10/0x10 [ 152.913858][ T7814] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 152.913920][ T7814] ? down_read+0x1ad/0x2e0 [ 152.913953][ T7814] genl_rcv+0x28/0x40 [ 152.913975][ T7814] netlink_unicast+0x758/0x8d0 [ 152.914019][ T7814] netlink_sendmsg+0x805/0xb30 [ 152.914052][ T7814] ? __pfx_netlink_sendmsg+0x10/0x10 [ 152.914076][ T7814] ? aa_sock_msg_perm+0x94/0x160 [ 152.914100][ T7814] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 152.914122][ T7814] ? __pfx_netlink_sendmsg+0x10/0x10 [ 152.914144][ T7814] __sock_sendmsg+0x219/0x270 [ 152.914177][ T7814] ____sys_sendmsg+0x505/0x830 [ 152.914208][ T7814] ? __pfx_____sys_sendmsg+0x10/0x10 [ 152.914243][ T7814] ? import_iovec+0x74/0xa0 [ 152.914274][ T7814] ___sys_sendmsg+0x21f/0x2a0 [ 152.914299][ T7814] ? __pfx____sys_sendmsg+0x10/0x10 [ 152.914367][ T7814] ? __fget_files+0x2a/0x420 [ 152.914394][ T7814] ? __fget_files+0x3a0/0x420 [ 152.914433][ T7814] __x64_sys_sendmsg+0x19b/0x260 [ 152.914460][ T7814] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 152.914504][ T7814] ? do_syscall_64+0xba/0x210 [ 152.914537][ T7814] do_syscall_64+0xf6/0x210 [ 152.914566][ T7814] ? clear_bhb_loop+0x45/0xa0 [ 152.914592][ T7814] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 152.914613][ T7814] RIP: 0033:0x7f3dc498e969 [ 152.914633][ T7814] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 152.914651][ T7814] RSP: 002b:00007f3dc571d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 152.914674][ T7814] RAX: ffffffffffffffda RBX: 00007f3dc4bb6080 RCX: 00007f3dc498e969 [ 152.914691][ T7814] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 000000000000000f [ 152.914705][ T7814] RBP: 00007f3dc4a10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 152.914718][ T7814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 152.914730][ T7814] R13: 0000000000000000 R14: 00007f3dc4bb6080 R15: 00007ffec296b358 [ 152.914772][ T7814] [ 153.398059][ C1] [ 153.400439][ C1] ============================================ [ 153.406598][ C1] WARNING: possible recursive locking detected [ 153.412775][ C1] 6.15.0-rc3-syzkaller-00614-g0d15a26b247d #0 Not tainted [ 153.419902][ C1] -------------------------------------------- [ 153.426067][ C1] syz.3.548/7799 is trying to acquire lock: [ 153.431973][ C1] ffff88807f216f30 (&hsr->seqnr_lock){+.-.}-{3:3}, at: hsr_dev_xmit+0x19a/0x220 [ 153.441067][ C1] [ 153.441067][ C1] but task is already holding lock: [ 153.448439][ C1] ffff88807c858f30 (&hsr->seqnr_lock){+.-.}-{3:3}, at: hsr_dev_xmit+0x19a/0x220 [ 153.457523][ C1] [ 153.457523][ C1] other info that might help us debug this: [ 153.465599][ C1] Possible unsafe locking scenario: [ 153.465599][ C1] [ 153.473064][ C1] CPU0 [ 153.476357][ C1] ---- [ 153.479649][ C1] lock(&hsr->seqnr_lock); [ 153.484176][ C1] lock(&hsr->seqnr_lock); [ 153.488702][ C1] [ 153.488702][ C1] *** DEADLOCK *** [ 153.488702][ C1] [ 153.496861][ C1] May be due to missing lock nesting notation [ 153.496861][ C1] [ 153.505196][ C1] 11 locks held by syz.3.548/7799: [ 153.510328][ C1] #0: ffff888022358be0 (&mm->mmap_lock){++++}-{4:4}, at: exit_mmap+0x28b/0xba0 [ 153.519448][ C1] #1: ffffffff8df3b860 (rcu_read_lock){....}-{1:3}, at: is_bpf_text_address+0x26/0x2b0 [ 153.529258][ C1] #2: ffffc90000a08be0 ((&ndev->rs_timer)){+.-.}-{0:0}, at: call_timer_fn+0xbe/0x5f0 [ 153.538847][ C1] #3: ffffffff8df3b860 (rcu_read_lock){....}-{1:3}, at: ndisc_send_skb+0x208/0x1400 [ 153.548346][ C1] #4: ffffffff8df3b860 (rcu_read_lock){....}-{1:3}, at: ip6_finish_output2+0x701/0x16a0 [ 153.558187][ C1] #5: ffffffff8df3b8c0 (rcu_read_lock_bh){....}-{1:3}, at: __dev_queue_xmit+0x27e/0x3a70 [ 153.568116][ C1] #6: ffff88807c858f30 (&hsr->seqnr_lock){+.-.}-{3:3}, at: hsr_dev_xmit+0x19a/0x220 [ 153.577612][ C1] #7: ffffffff8df3b860 (rcu_read_lock){....}-{1:3}, at: hsr_forward_skb+0x9e/0x2860 [ 153.587134][ C1] #8: ffffffff8df3b8c0 (rcu_read_lock_bh){....}-{1:3}, at: __dev_queue_xmit+0x27e/0x3a70 [ 153.597065][ C1] #9: ffffffff8df3b860 (rcu_read_lock){....}-{1:3}, at: br_dev_xmit+0x185/0x1840 [ 153.606299][ C1] #10: ffffffff8df3b8c0 (rcu_read_lock_bh){....}-{1:3}, at: __dev_queue_xmit+0x27e/0x3a70 [ 153.616316][ C1] [ 153.616316][ C1] stack backtrace: [ 153.622216][ C1] CPU: 1 UID: 0 PID: 7799 Comm: syz.3.548 Not tainted 6.15.0-rc3-syzkaller-00614-g0d15a26b247d #0 PREEMPT(full) [ 153.622238][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 153.622249][ C1] Call Trace: [ 153.622256][ C1] [ 153.622263][ C1] dump_stack_lvl+0x189/0x250 [ 153.622290][ C1] ? __pfx_dump_stack_lvl+0x10/0x10 [ 153.622312][ C1] ? __pfx__printk+0x10/0x10 [ 153.622329][ C1] ? print_lock_name+0xde/0x100 [ 153.622357][ C1] print_deadlock_bug+0x28b/0x2a0 [ 153.622373][ C1] validate_chain+0x1a3f/0x2140 [ 153.622390][ C1] ? vring_map_one_sg+0x65d/0x7c0 [ 153.622405][ C1] ? vring_map_one_sg+0x30b/0x7c0 [ 153.622421][ C1] ? sg_next+0x84/0xb0 [ 153.622444][ C1] ? virtqueue_add+0x2fa7/0x4030 [ 153.622470][ C1] __lock_acquire+0xaac/0xd20 [ 153.622494][ C1] ? hsr_dev_xmit+0x19a/0x220 [ 153.622509][ C1] lock_acquire+0x120/0x360 [ 153.622529][ C1] ? hsr_dev_xmit+0x19a/0x220 [ 153.622549][ C1] ? hsr_dev_xmit+0x19a/0x220 [ 153.622564][ C1] _raw_spin_lock_bh+0x36/0x50 [ 153.622581][ C1] ? hsr_dev_xmit+0x19a/0x220 [ 153.622596][ C1] hsr_dev_xmit+0x19a/0x220 [ 153.622612][ C1] dev_hard_start_xmit+0x2d4/0x830 [ 153.622632][ C1] ? rcu_read_lock_bh_held+0x79/0xe0 [ 153.622653][ C1] __dev_queue_xmit+0x1adf/0x3a70 [ 153.622676][ C1] ? __dev_queue_xmit+0x27e/0x3a70 [ 153.622698][ C1] ? __local_bh_enable_ip+0x12d/0x1c0 [ 153.622724][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 153.622745][ C1] ? __pfx___dev_queue_xmit+0x10/0x10 [ 153.622767][ C1] ? do_raw_read_unlock+0x3d/0x80 [ 153.622786][ C1] ? ebt_do_table+0x265b/0x2820 [ 153.622816][ C1] br_dev_queue_push_xmit+0x6c5/0x890 [ 153.622841][ C1] ? __pfx_br_dev_queue_push_xmit+0x10/0x10 [ 153.622865][ C1] ? NF_HOOK+0x9e/0x3c0 [ 153.622886][ C1] ? __pfx_br_dev_queue_push_xmit+0x10/0x10 [ 153.622907][ C1] ? __pfx_br_dev_queue_push_xmit+0x10/0x10 [ 153.622927][ C1] NF_HOOK+0x31d/0x3c0 [ 153.622949][ C1] ? NF_HOOK+0x9e/0x3c0 [ 153.622969][ C1] ? __pfx_NF_HOOK+0x10/0x10 [ 153.622990][ C1] ? __pfx_br_dev_queue_push_xmit+0x10/0x10 [ 153.623021][ C1] br_forward_finish+0xd3/0x130 [ 153.623042][ C1] ? __pfx_br_dev_queue_push_xmit+0x10/0x10 [ 153.623063][ C1] ? __pfx_br_forward_finish+0x10/0x10 [ 153.623083][ C1] ? __pfx_br_forward_finish+0x10/0x10 [ 153.623104][ C1] NF_HOOK+0x31d/0x3c0 [ 153.623123][ C1] ? kasan_save_stack+0x3e/0x60 [ 153.623140][ C1] ? kasan_record_aux_stack+0xbc/0xd0 [ 153.623165][ C1] ? NF_HOOK+0x9e/0x3c0 [ 153.623184][ C1] ? __pfx_NF_HOOK+0x10/0x10 [ 153.623203][ C1] ? do_syscall_64+0xf6/0x210 [ 153.623225][ C1] ? __pfx_br_forward_finish+0x10/0x10 [ 153.623251][ C1] __br_forward+0x41e/0x600 [ 153.623270][ C1] ? __pfx_br_forward_finish+0x10/0x10 [ 153.623294][ C1] ? __pfx___br_forward+0x10/0x10 [ 153.623316][ C1] ? skb_clone+0x246/0x3a0 [ 153.623336][ C1] maybe_deliver+0xb5/0x160 [ 153.623359][ C1] br_flood+0x31a/0x6a0 [ 153.623382][ C1] ? br_dev_xmit+0x185/0x1840 [ 153.623397][ C1] br_dev_xmit+0x11b3/0x1840 [ 153.623412][ C1] ? arch_stack_walk+0xfc/0x150 [ 153.623433][ C1] ? br_dev_xmit+0x185/0x1840 [ 153.623451][ C1] ? __pfx_br_dev_xmit+0x10/0x10 [ 153.623466][ C1] ? __pfx_skb_network_protocol+0x10/0x10 [ 153.623485][ C1] ? __pfx_validate_xmit_xfrm+0x10/0x10 [ 153.623507][ C1] ? __pfx_passthru_features_check+0x10/0x10 [ 153.623531][ C1] dev_hard_start_xmit+0x2d4/0x830 [ 153.623550][ C1] ? rcu_read_lock_bh_held+0x79/0xe0 [ 153.623570][ C1] __dev_queue_xmit+0x1adf/0x3a70 [ 153.623593][ C1] ? __dev_queue_xmit+0x27e/0x3a70 [ 153.623614][ C1] ? rcu_is_watching+0x15/0xb0 [ 153.623638][ C1] ? trace_kmem_cache_alloc+0x1f/0xc0 [ 153.623656][ C1] ? kmem_cache_alloc_node_noprof+0x217/0x3c0 [ 153.623677][ C1] ? __pfx___dev_queue_xmit+0x10/0x10 [ 153.623696][ C1] ? __copy_skb_header+0xa7/0x550 [ 153.623714][ C1] ? __asan_memcpy+0x40/0x70 [ 153.623729][ C1] ? __pskb_copy_fclone+0x960/0xf90 [ 153.623749][ C1] ? __asan_memcpy+0x40/0x70 [ 153.623766][ C1] ? __pskb_copy_fclone+0x960/0xf90 [ 153.623787][ C1] ? hsr_create_tagged_frame+0x449/0xc30 [ 153.623807][ C1] ? __asan_memmove+0x40/0x70 [ 153.623822][ C1] ? hsr_addr_subst_dest+0x307/0xac0 [ 153.623842][ C1] hsr_forward_skb+0x158b/0x2860 [ 153.623860][ C1] ? do_exit+0x859/0x2550 [ 153.623878][ C1] ? do_group_exit+0x21c/0x2d0 [ 153.623900][ C1] ? hsr_forward_skb+0x9e/0x2860 [ 153.623920][ C1] ? __pfx_hsr_forward_skb+0x10/0x10 [ 153.623937][ C1] ? do_raw_spin_lock+0x121/0x290 [ 153.623956][ C1] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 153.623976][ C1] ? hsr_dev_xmit+0x19a/0x220 [ 153.623991][ C1] hsr_dev_xmit+0x1a5/0x220 [ 153.624013][ C1] dev_hard_start_xmit+0x2d4/0x830 [ 153.624031][ C1] ? rcu_read_lock_bh_held+0x79/0xe0 [ 153.624052][ C1] __dev_queue_xmit+0x1adf/0x3a70 [ 153.624074][ C1] ? __dev_queue_xmit+0x27e/0x3a70 [ 153.624098][ C1] ? neigh_connected_output+0x1ea/0x460 [ 153.624123][ C1] ? __pfx___dev_queue_xmit+0x10/0x10 [ 153.624142][ C1] ? read_seqbegin+0x122/0x250 [ 153.624163][ C1] ? neigh_connected_output+0x1ea/0x460 [ 153.624186][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 153.624206][ C1] ? read_seqbegin+0x1ac/0x250 [ 153.624227][ C1] ? __pfx_read_seqbegin+0x10/0x10 [ 153.624249][ C1] ? eth_header+0x11b/0x200 [ 153.624265][ C1] ? __asan_memcpy+0x40/0x70 [ 153.624281][ C1] ? eth_header+0x11b/0x200 [ 153.624296][ C1] ? __pfx_eth_header+0x10/0x10 [ 153.624313][ C1] ? neigh_connected_output+0x3b6/0x460 [ 153.624343][ C1] ip6_finish_output2+0x11fb/0x16a0 [ 153.624362][ C1] ? ip6_finish_output2+0x701/0x16a0 [ 153.624381][ C1] ? __pfx_ip6_finish_output2+0x10/0x10 [ 153.624399][ C1] ? ip6_mtu+0x7d/0x3f0 [ 153.624413][ C1] ? ip6_mtu+0x7d/0x3f0 [ 153.624428][ C1] ip6_finish_output+0x234/0x7d0 [ 153.624454][ C1] ndisc_send_skb+0xb47/0x1400 [ 153.624474][ C1] ? ndisc_send_skb+0x208/0x1400 [ 153.624498][ C1] ? __pfx_ndisc_send_skb+0x10/0x10 [ 153.624519][ C1] ? __pfx_dst_output+0x10/0x10 [ 153.624547][ C1] addrconf_rs_timer+0x369/0x670 [ 153.624568][ C1] ? __pfx_addrconf_rs_timer+0x10/0x10 [ 153.624589][ C1] call_timer_fn+0x17b/0x5f0 [ 153.624611][ C1] ? __pfx_addrconf_rs_timer+0x10/0x10 [ 153.624627][ C1] ? call_timer_fn+0xbe/0x5f0 [ 153.624648][ C1] ? __pfx_call_timer_fn+0x10/0x10 [ 153.624672][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 153.624689][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 153.624707][ C1] ? __pfx_addrconf_rs_timer+0x10/0x10 [ 153.624725][ C1] __run_timer_base+0x61a/0x860 [ 153.624743][ C1] ? ktime_get+0x3e/0x1f0 [ 153.624765][ C1] ? __pfx___run_timer_base+0x10/0x10 [ 153.624782][ C1] ? seqcount_lockdep_reader_access+0x15f/0x1c0 [ 153.624806][ C1] run_timer_softirq+0xb7/0x180 [ 153.624826][ C1] handle_softirqs+0x283/0x870 [ 153.624852][ C1] ? __irq_exit_rcu+0xca/0x1f0 [ 153.624868][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 153.624897][ C1] __irq_exit_rcu+0xca/0x1f0 [ 153.624910][ C1] ? __pfx___irq_exit_rcu+0x10/0x10 [ 153.624928][ C1] irq_exit_rcu+0x9/0x30 [ 153.624941][ C1] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 153.624959][ C1] [ 153.624964][ C1] [ 153.624970][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 153.624987][ C1] RIP: 0010:lock_acquire+0x175/0x360 [ 153.625015][ C1] Code: 00 00 00 00 9c 8f 44 24 30 f7 44 24 30 00 02 00 00 0f 85 cd 00 00 00 f7 44 24 08 00 02 00 00 74 01 fb 65 48 8b 05 1b b3 d7 10 <48> 3b 44 24 58 0f 85 f2 00 00 00 48 83 c4 60 5b 41 5c 41 5d 41 5e [ 153.625030][ C1] RSP: 0018:ffffc9001ad37410 EFLAGS: 00000206 [ 153.625045][ C1] RAX: 7b7d0b50867def00 RBX: 0000000000000000 RCX: 7b7d0b50867def00 [ 153.625057][ C1] RDX: 0000000000000000 RSI: ffffffff8d93903a RDI: ffffffff8bc1ca60 [ 153.625068][ C1] RBP: ffffffff81ce81b6 R08: 0000000000000000 R09: 0000000000000000 [ 153.625078][ C1] R10: 0000000000000000 R11: ffffffff81ce81b6 R12: 0000000000000002 [ 153.625089][ C1] R13: ffffffff8df3b860 R14: 0000000000000000 R15: 0000000000000246 [ 153.625101][ C1] ? is_bpf_text_address+0x26/0x2b0 [ 153.625123][ C1] ? is_bpf_text_address+0x26/0x2b0 [ 153.625155][ C1] is_bpf_text_address+0x47/0x2b0 [ 153.625176][ C1] ? is_bpf_text_address+0x26/0x2b0 [ 153.625197][ C1] ? is_bpf_text_address+0x26/0x2b0 [ 153.625219][ C1] kernel_text_address+0xa5/0xe0 [ 153.625241][ C1] __kernel_text_address+0xd/0x40 [ 153.625262][ C1] unwind_get_return_address+0x4d/0x90 [ 153.625281][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 153.625299][ C1] arch_stack_walk+0xfc/0x150 [ 153.625324][ C1] stack_trace_save+0x9c/0xe0 [ 153.625340][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 153.625355][ C1] ? is_bpf_text_address+0x26/0x2b0 [ 153.625378][ C1] ? kernel_text_address+0xa5/0xe0 [ 153.625399][ C1] ? __kernel_text_address+0xd/0x40 [ 153.625421][ C1] kasan_save_stack+0x3e/0x60 [ 153.625437][ C1] ? kasan_save_stack+0x3e/0x60 [ 153.625452][ C1] ? kasan_record_aux_stack+0xbc/0xd0 [ 153.625476][ C1] ? call_rcu+0x142/0x990 [ 153.625488][ C1] ? kmem_cache_free+0x301/0x3f0 [ 153.625507][ C1] ? exit_mmap+0x593/0xba0 [ 153.625527][ C1] ? __mmput+0x118/0x420 [ 153.625550][ C1] ? exit_mm+0x1da/0x2c0 [ 153.625567][ C1] ? do_exit+0x859/0x2550 [ 153.625584][ C1] ? do_group_exit+0x21c/0x2d0 [ 153.625602][ C1] ? __x64_sys_exit_group+0x3f/0x40 [ 153.625621][ C1] ? x64_sys_call+0x21ba/0x21c0 [ 153.625636][ C1] ? do_syscall_64+0xf6/0x210 [ 153.625656][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 153.625687][ C1] ? __phys_addr+0xba/0x170 [ 153.625708][ C1] kasan_record_aux_stack+0xbc/0xd0 [ 153.625733][ C1] ? __pfx_slab_free_after_rcu_debug+0x10/0x10 [ 153.625748][ C1] call_rcu+0x142/0x990 [ 153.625767][ C1] ? __pfx_call_rcu+0x10/0x10 [ 153.625784][ C1] ? __phys_addr+0xba/0x170 [ 153.625805][ C1] ? exit_mmap+0x593/0xba0 [ 153.625824][ C1] kmem_cache_free+0x301/0x3f0 [ 153.625846][ C1] exit_mmap+0x593/0xba0 [ 153.625867][ C1] ? __pfx_exit_mmap+0x10/0x10 [ 153.625886][ C1] ? __mutex_unlock_slowpath+0x1cd/0x700 [ 153.625912][ C1] ? __pfx_exit_aio+0x10/0x10 [ 153.625932][ C1] ? uprobe_clear_state+0x274/0x290 [ 153.625952][ C1] __mmput+0x118/0x420 [ 153.625976][ C1] exit_mm+0x1da/0x2c0 [ 153.625996][ C1] ? __pfx_exit_mm+0x10/0x10 [ 153.626024][ C1] ? taskstats_exit+0x43c/0xa30 [ 153.626043][ C1] ? tty_audit_exit+0x153/0x200 [ 153.626069][ C1] do_exit+0x859/0x2550 [ 153.626091][ C1] ? preempt_schedule_common+0x83/0xd0 [ 153.626110][ C1] ? preempt_schedule+0xae/0xc0 [ 153.626127][ C1] ? __pfx_do_exit+0x10/0x10 [ 153.626149][ C1] ? preempt_schedule_thunk+0x16/0x30 [ 153.626169][ C1] do_group_exit+0x21c/0x2d0 [ 153.626191][ C1] __x64_sys_exit_group+0x3f/0x40 [ 153.626211][ C1] x64_sys_call+0x21ba/0x21c0 [ 153.626226][ C1] do_syscall_64+0xf6/0x210 [ 153.626246][ C1] ? clear_bhb_loop+0x45/0xa0 [ 153.626264][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 153.626279][ C1] RIP: 0033:0x7fd54238e969 [ 153.626292][ C1] Code: Unable to access opcode bytes at 0x7fd54238e93f. [ 153.626301][ C1] RSP: 002b:00007fff6a3e0c18 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 153.626316][ C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd54238e969 [ 153.626328][ C1] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000 [ 153.626337][ C1] RBP: 00007fff6a3e0c7c R08: 000000056a3e0d0f R09: 00000000000927c0 [ 153.626348][ C1] R10: 0000000000000c8c R11: 0000000000000246 R12: 0000000000000064 [ 153.626358][ C1] R13: 00000000000927c0 R14: 00000000000253b5 R15: 00007fff6a3e0cd0 [ 153.626376][ C1] [ 154.863189][ T7816] netlink: 'syz.2.553': attribute type 21 has an invalid length.