last executing test programs: 19.376391631s ago: executing program 1 (id=1170): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000340)=ANY=[@ANYRESHEX=r0], &(0x7f0000000140)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x90) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10) socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8922, &(0x7f0000002280)={'veth1_macvtap\x00', @random="2b1c00004ec6"}) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000002afb89b505ea0f510640f951fa98fc0018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000004c0)="c8f41c288d409ef0e169a340295f36d4b4", &(0x7f0000000280), 0x5, r5}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES16=r2], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x22, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r6}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x0, 0x0, 0x0, &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r7 = socket$alg(0x26, 0x5, 0x0) bind$alg(r7, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) sendmsg$IPVS_CMD_GET_INFO(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x8800}, 0x0) r8 = accept4(r7, 0x0, 0x0, 0x0) getsockopt$IPT_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x0, 0x43, 0x0, 0x0) r9 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000000200)="ad00"/16, 0x10) sendmsg$can_raw(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x20008000) read$alg(r8, &(0x7f0000000080)=""/16, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0) recvmmsg(r8, &(0x7f0000002440), 0x3ffffffffffff67, 0x0, 0x0) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240), 0x4) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x7ff, 0x405, 0x2000fff, 0x14a0, r9, 0x101, '\x00', 0x0, r3, 0x4, 0x4, 0x3, 0xd}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) 18.398362127s ago: executing program 3 (id=1179): syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x0, 0x0, 0x0) r1 = socket(0x15, 0x3, 0x5) r2 = socket(0x200000100000011, 0x803, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x2, 0x1, 0x10}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90) r3 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendto$packet(r2, &(0x7f0000000100)="4dcdc7d96a76000000060005000000", 0xf, 0x0, &(0x7f0000000000)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @link_local}, 0x14) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000340)=ANY=[@ANYBLOB="18020000e7ffffff0000000000000000850000005300000085000000230000009500000000000000a94be0c51261be6a99e5e06bb0a232d5e1f59f18f845f82e9a7cde9e8f1b547edf613a03f1737d951d7a617558b674e1c4fdfd771ebe7c33af3e4917be59ac67f0bbabcb8f41c23ba8d91633a8b9c70e804744dc081ac69cfea08e4e5a06f70c6792f2888d6fd95f202028070000003771bc3f325a6386a9d49e3c13b32461acf0be4b31638c29187d748841f439547bcdac15e52a4b6a2981eb4afadbbdf9157fa588f475c4cd2e44e2129dc6b93993909613e8d95f5610c067d9b97c524c210af077707d71e8512e"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc0, &(0x7f0000000140)=""/192}, 0x80) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r5, 0x0, 0xe, 0x0, &(0x7f0000000040)="5f8f9ca681265d6cd1b08e2b5ede", 0x0, 0xffbfffff, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000200)='K'}, 0x50) r6 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r0) getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f00000000c0)={0x0, @empty, @remote}, &(0x7f0000000100)=0xc) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000140)) r7 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r7, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000300)={'wlan0\x00'}) bind$inet(r7, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) setsockopt$inet_int(r7, 0x0, 0xc, &(0x7f0000000000)=0xb, 0x4) connect$inet(r7, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r7, &(0x7f0000007fc0), 0x2d, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=@dellink={0x20, 0x10}, 0x20}}, 0x0) setsockopt$inet_int(r7, 0x0, 0xd, &(0x7f0000000040)=0x8000, 0x4) r8 = socket$alg(0x26, 0x5, 0x0) bind$alg(r8, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(serpent)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r8, 0x117, 0x1, 0x0, 0x0) r9 = accept$alg(r8, 0x0, 0x0) recvmmsg(r9, &(0x7f0000001900)=[{{0x0, 0x0, &(0x7f0000000c40)=[{&(0x7f0000000200)=""/153, 0x99}, {&(0x7f0000002080)=""/4096, 0x1000}], 0x2}}], 0x1, 0x0, 0x0) sendmsg$alg(r9, &(0x7f0000002040)={0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000004d40)="cf", 0xfdfa}], 0x1, &(0x7f00000000c0)=[@assoc={0x18}], 0x18}, 0x0) recvmmsg(r7, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0) 17.366411982s ago: executing program 3 (id=1190): unshare(0x0) (async) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x8, 0x0, 0x0, 0x0, 0x69, 0x11, 0x34}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0xb7}, @exit={0x95, 0x0, 0xc2}], {0x95, 0x0, 0x1200}}, &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195}, 0x70) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)={0x14, 0x0, 0x4}, 0x14}}, 0x0) (async) syz_genetlink_get_family_id$nfc(&(0x7f00000003c0), r1) (async) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000fc0), r1) sendmsg$NL802154_CMD_SET_TX_POWER(r1, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, r2, 0x926fdb2c68a18847, 0x0, 0x0, {0x12}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}}, 0x0) (async) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={r0, 0x2, 0x0}, 0x10) (async) r3 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) (async) setsockopt$inet_tcp_int(r3, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) (async) read(r0, &(0x7f0000000140)=""/13, 0xd) (async) connect$inet(r3, &(0x7f0000000340)={0x2, 0x4e21, @local}, 0xfffffffffffffcba) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) (async) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r4, &(0x7f0000000100), 0xfecc) (async) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r4, 0x0) (async) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000300)=[@window, @mss, @window, @sack_perm, @sack_perm, @window, @timestamp, @sack_perm], 0x8) r5 = socket$phonet(0x23, 0x2, 0x1) (async) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000001a80)={"be9835aaf33d3254499792a24fdddc7a", 0x0, 0x0, {0xe00, 0x8000}, {0xffffffffffffffff, 0xd32}, 0x8, [0x7, 0x8, 0x7f4ecb03, 0x80, 0x5, 0xffffffffffffdfff, 0xfffffffffffffffd, 0x80000000000033d4, 0x8, 0x6, 0xdd6, 0x8, 0x1, 0x6, 0x8100000000000001, 0x31]}) (async) ioctl$BTRFS_IOC_SCRUB(0xffffffffffffffff, 0xc400941b, &(0x7f0000000680)={0x0, 0x10, 0x5, 0x1}) ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r5, 0x50009418, &(0x7f0000000a80)={{r0}, r6, 0x12, @unused=[0x0, 0x3, 0xfffffffffffffff9], @devid=r7}) (async) setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f00000001c0), 0x4) (async) sendto$inet(r3, &(0x7f00000004c0)="3ce2de4d8d957a8de4e490b6cd14b988d4edef164bd3377aa381b5f50b7ca414516489f78cd7208982e9bde22b2b7c1c7606d565477f3db9d2b077283644c0f27ab52a863a42863e06944e40a0b3c5d21c8cbe102e7f726263f28aef1bc12a069063d4c30e8f329fdb36859be727fbef4314161e5fb5f01ae00a2634d5cdecca2089c62e32f4c919886b2b88d237e287318739bec0364caf15889f38a312ef6621c0f21709a4bf2b16274cf933f6ad8fcc9c2024bc1b4713f650e860f93ae93b2361956b3e80c38c5fd29b5c1b5d7ce67edc856a8dc0ba54cee53de9a48c131389426bd06ec7c695add357934fc0321f0d3d7982e4fe5a0039decc491a663afd02facb08dd9695f854c7b031d9af8bd7350897996b5208b23030cc0feb84570730eaf24b9f2ac05d0feb3be07a29f887095f36f3c8f0e77e45509acd14a5be4a1572dd4cd1231087b830fa03e071571d4abd694710ef140469cf6df8a59839aafe046a5bffb97e5247be901789eafd726ba090337a2c49207e6b900c7e982472e6aac70e5d52ca2c1bab47b1f6d00f9601e2281686c21f770ae96e0ffec4b30496d012fa00958f794cdbd721bd155cae87", 0x109e8, 0x805, 0x0, 0x6) 17.279593049s ago: executing program 3 (id=1192): bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000180)={0x1, 0xffffffffffffffff}, 0x4) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x8, 0x4, 0x8, 0x8, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0xfffffffd}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_xfrm(0x10, 0x3, 0x6) socket$packet(0x11, 0x3, 0x300) r2 = socket$kcm(0x29, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x89e2, &(0x7f0000000040)) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_route(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="4000000010003b15000000000000000000004888", @ANYRES32=0x0, @ANYBLOB="d530d995212cf95a2000128008000100687372001400028008000200", @ANYRES32=r4, @ANYBLOB="08000100", @ANYRES64=r1], 0x40}}, 0x0) 16.953619696s ago: executing program 3 (id=1194): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x0, &(0x7f0000000080)}, 0x10) r1 = socket(0x0, 0x0, 0x0) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) socket$packet(0x11, 0x2, 0x300) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005800000095"], 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socket(0x0, 0x0, 0x1) bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r3, 0x300, 0x0}, 0x10) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x38, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x10, 0x4, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, @fwd={{0x8}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xac}}, 0x0) 16.450249398s ago: executing program 3 (id=1200): syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x0, 0x0, 0x0) r1 = socket(0x15, 0x3, 0x5) r2 = socket(0x200000100000011, 0x803, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x2, 0x1, 0x10}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90) r3 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendto$packet(r2, &(0x7f0000000100)="4dcdc7d96a76000000060005000000", 0xf, 0x0, &(0x7f0000000000)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @link_local}, 0x14) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000340)=ANY=[@ANYBLOB="18020000e7ffffff0000000000000000850000005300000085000000230000009500000000000000a94be0c51261be6a99e5e06bb0a232d5e1f59f18f845f82e9a7cde9e8f1b547edf613a03f1737d951d7a617558b674e1c4fdfd771ebe7c33af3e4917be59ac67f0bbabcb8f41c23ba8d91633a8b9c70e804744dc081ac69cfea08e4e5a06f70c6792f2888d6fd95f202028070000003771bc3f325a6386a9d49e3c13b32461acf0be4b31638c29187d748841f439547bcdac15e52a4b6a2981eb4afadbbdf9157fa588f475c4cd2e44e2129dc6b93993909613e8d95f5610c067d9b97c524c210af077707d71e8512e"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc0, &(0x7f0000000140)=""/192}, 0x80) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r5, 0x0, 0xe, 0x0, &(0x7f0000000040)="5f8f9ca681265d6cd1b08e2b5ede", 0x0, 0xffbfffff, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000200)='K'}, 0x50) r6 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r0) getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f00000000c0)={0x0, @empty, @remote}, &(0x7f0000000100)=0xc) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000140)) r7 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r7, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000300)={'wlan0\x00'}) bind$inet(r7, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) setsockopt$inet_int(r7, 0x0, 0xc, &(0x7f0000000000)=0xb, 0x4) connect$inet(r7, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r7, &(0x7f0000007fc0), 0x2d, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=@dellink={0x20, 0x10}, 0x20}}, 0x0) setsockopt$inet_int(r7, 0x0, 0xd, &(0x7f0000000040)=0x8000, 0x4) r8 = socket$alg(0x26, 0x5, 0x0) bind$alg(r8, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(serpent)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r8, 0x117, 0x1, 0x0, 0x0) r9 = accept$alg(r8, 0x0, 0x0) recvmmsg(r9, &(0x7f0000001900)=[{{0x0, 0x0, &(0x7f0000000c40)=[{&(0x7f0000000200)=""/153, 0x99}, {&(0x7f0000002080)=""/4096, 0x1000}], 0x2}}], 0x1, 0x0, 0x0) sendmsg$alg(r9, &(0x7f0000002040)={0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000004d40)="cf", 0xfdfa}], 0x1, &(0x7f00000000c0)=[@assoc={0x18}], 0x18}, 0x0) recvmmsg(r7, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0) 15.473748231s ago: executing program 3 (id=1208): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000038000000000000000000000095"], &(0x7f00000003c0)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x2, &(0x7f0000000000)={&(0x7f00000001c0)={0x14, 0x24, 0x9, 0x7a00, 0x0, {0x6}}, 0x14}}, 0x0) 14.286512039s ago: executing program 0 (id=1216): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuset.effective_cpus\x00', 0x275a, 0x0) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0x43400) sendmsg$nl_xfrm(r0, 0x0, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff8847604dd30800140600fe8000000000000000000000000000aafe800000000000ed"], 0x0) 14.181783296s ago: executing program 0 (id=1217): syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x0, 0x0, 0x0) r1 = socket(0x15, 0x3, 0x5) r2 = socket(0x200000100000011, 0x803, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x2, 0x1, 0x10}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90) r3 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendto$packet(r2, &(0x7f0000000100)="4dcdc7d96a76000000060005000000", 0xf, 0x0, &(0x7f0000000000)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @link_local}, 0x14) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000340)=ANY=[@ANYBLOB="18020000e7ffffff0000000000000000850000005300000085000000230000009500000000000000a94be0c51261be6a99e5e06bb0a232d5e1f59f18f845f82e9a7cde9e8f1b547edf613a03f1737d951d7a617558b674e1c4fdfd771ebe7c33af3e4917be59ac67f0bbabcb8f41c23ba8d91633a8b9c70e804744dc081ac69cfea08e4e5a06f70c6792f2888d6fd95f202028070000003771bc3f325a6386a9d49e3c13b32461acf0be4b31638c29187d748841f439547bcdac15e52a4b6a2981eb4afadbbdf9157fa588f475c4cd2e44e2129dc6b93993909613e8d95f5610c067d9b97c524c210af077707d71e8512e"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc0, &(0x7f0000000140)=""/192}, 0x80) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r5, 0x0, 0xe, 0x0, &(0x7f0000000040)="5f8f9ca681265d6cd1b08e2b5ede", 0x0, 0xffbfffff, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000200)='K'}, 0x50) r6 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r0) getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f00000000c0)={0x0, @empty, @remote}, &(0x7f0000000100)=0xc) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000140)) r7 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r7, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000300)={'wlan0\x00'}) bind$inet(r7, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) setsockopt$inet_int(r7, 0x0, 0xc, &(0x7f0000000000)=0xb, 0x4) connect$inet(r7, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r7, &(0x7f0000007fc0), 0x2d, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=@dellink={0x2c, 0x10, 0x0, 0x0, 0x0, {}, [@IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x2c}}, 0x0) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0xd, &(0x7f0000000040)=0x8000, 0x4) r8 = socket$alg(0x26, 0x5, 0x0) bind$alg(r8, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(serpent)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r8, 0x117, 0x1, 0x0, 0x0) r9 = accept$alg(r8, 0x0, 0x0) recvmmsg(r9, &(0x7f0000001900)=[{{0x0, 0x0, &(0x7f0000000c40)=[{&(0x7f0000000200)=""/153, 0x99}, {&(0x7f0000002080)=""/4096, 0x1000}], 0x2}}], 0x1, 0x0, 0x0) sendmsg$alg(r9, &(0x7f0000002040)={0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000004d40)="cf", 0xfdfa}], 0x1, &(0x7f00000000c0)=[@assoc={0x18}], 0x18}, 0x0) recvmmsg(r7, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0) 13.176812503s ago: executing program 0 (id=1222): r0 = socket$l2tp6(0xa, 0x2, 0x73) r1 = socket$rds(0x15, 0x5, 0x0) syz_emit_ethernet(0x72, &(0x7f0000000000)={@broadcast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x3c, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], @pkt_toobig={0x8, 0x2, 0x0, 0x0, {0x0, 0x6, "000810", 0x0, 0x11, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @empty, [], "fb36eeca6ead50b375a22a58"}}}}}}}, 0x0) bind$rds(0xffffffffffffffff, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10) r2 = socket$packet(0x11, 0x3, 0x300) getpeername$packet(r2, 0x0, 0x0) sendmsg$rds(r1, &(0x7f0000000740)={&(0x7f0000000040)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@cswp={0x58, 0x114, 0x7, {{}, &(0x7f0000000080), 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7}}], 0x58}, 0x0) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000540)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0x1c) r3 = socket$packet(0x11, 0x3, 0x300) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000180)={'wlan0\x00', 0x0}) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000002c0)=ANY=[@ANYBLOB="2c010000", @ANYRES16=r8, @ANYBLOB="010065bd7000fcdbdf254f00000008000300", @ANYRES32=r7, @ANYBLOB="48007a8014000100c396d979a8f802a09c5d7bfaeb3575f21c0002002c8b2ddcc0a3a020196b852ff1e5776edd2fed6a243a33220c000300b38b3e2d8514cc07080004000500000030007a800800040007000000240001006b367eca9776d5c92ac3b99cce28c8dbdebd62217f9c5f46d4b1a11c682b40d61c007a800c000300e028aa46e44ee6830c0003009cf7debf7cdf5a207c007a80080004003465e91c0c0003004a159160a275d9fa08000400ff0f00000800040007000000140001006fde61d99aa98d55b507315489e6cd79140002"], 0x12c}}, 0x0) sendmsg$NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x30, r5, 0x400, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x34}, @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x60}, @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x40040) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000480)={0x0, 0x0, 0x71}, 0x20) r10 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_TEST(r10, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="380000000b060101000000000000000000000000100007800c00018008000140e0000002050001"], 0x38}}, 0x0) bpf$ITER_CREATE(0x21, &(0x7f0000000340), 0x8) sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16=r5, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r9, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0) r11 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r11, 0x107, 0xd, &(0x7f0000000180)=@req3={0x3, 0xc, 0x63, 0xfffffcbc, 0x9, 0x4, 0x7}, 0x1c) r12 = socket(0x2, 0x80805, 0x0) sendmmsg$inet_sctp(r12, &(0x7f00000032c0)=[{&(0x7f0000002e40)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)="03", 0x1}], 0x1}], 0x1, 0x0) sendmmsg$inet_sctp(r12, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)='a', 0xdd02}], 0xc, &(0x7f0000000000)=[@sndrcv={0x30, 0x84, 0x1, {0x0, 0x0, 0xc}}], 0x30}], 0x1, 0x0) sendmmsg$inet6(r0, &(0x7f0000000000), 0x0, 0x4008814) 12.695614434s ago: executing program 0 (id=1224): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r0) sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="004685137e7580c632df1e8e78ca993b43ffdb6d70e1544e84c2c6900e10f098e6cbe6244cf85839e73d8462095584b44eb6e6905499efc3d51c3863793d6025b977161086e2c3104ba5742c93a23ac450e6c77a2a46ff57c20d9c8162856fb6770a31897d2daec9814813e1328672118427c942d8aef7"], 0x14}}, 0x0) (async) r2 = socket$inet6(0xa, 0x40000080806, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan3\x00'}) (async) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r3, 0x10e, 0x2, &(0x7f0000000000)=0x1, 0x4) (async) bind$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @empty}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64) syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff) (async, rerun: 64) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', 0x0}) (async, rerun: 32) r6 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32) r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_SET(r6, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="43fffff480a683b4b6943572dfc4ac41e10b2cac93e88fd956c928f429ccae0a3633e8d8130c4b87fe7c8366cd9a7981c52226cc217fa06fd3a15ae177c4bf4d12909d54704eb145cc524d1c6ca468d286dfc5f2d408a31c7dea850e35bfccfd0ac4428475dd0ddfde816827f76906", @ANYRES16=r7, @ANYBLOB="010000000000000000001400000020000180140002006e657464657673696d3000000000000008000100", @ANYRES32=r5, @ANYBLOB="08001200000000000800060006000000"], 0x44}}, 0x40) r8 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IPT_SO_SET_REPLACE(r8, 0x0, 0x40, &(0x7f0000000a00)=@filter={'filter\x00', 0x42, 0x4, 0x3f0, 0xffffffff, 0x2c0, 0x0, 0x2c0, 0xffffffff, 0xffffffff, 0x358, 0x358, 0x358, 0xffffffff, 0x5, 0x0, {[{{@uncond, 0x74000002, 0xb8, 0x100, 0x1ba, {0x46010000, 0x2c000000000000}, [@common=@inet=@ecn={{0x28}, {0x30}}, @common=@socket0={{0x20}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00'}}}, {{@ip={@empty, @loopback, 0x0, 0x0, 'veth0_virt_wifi\x00', 'vlan0\x00'}, 0x287, 0x198, 0x1c0, 0x0, {}, [@common=@unspec=@physdev={{0x68}, {'wg0\x00', {}, 'pimreg1\x00'}}, @common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "d94bb7f59c598d9f1acbffba0306e652249ebd4c284339861090822a582985e420d2f56f22eed0e6ad428f79183743e98da50140eb4b971a16ca49b05c505a650c7ffb1c46ea87df29fb1ae7c78146fa04fcdf47ed440557993550fb70f5842a27e3795da4585b0aef0b38b06a0e20f25b3972b0db56ce8961849176146ee4b7"}}]}, @REJECT={0x28}}, {{@ip={@loopback, @private, 0x0, 0x0, 'wlan1\x00', 'dvmrp0\x00'}, 0x0, 0x70, 0x98}, @REJECT={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x450) r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48) (async, rerun: 32) r10 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) (rerun: 32) r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f0000000000)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r10}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r9}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r11}, 0x10) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) (async) bind$inet6(r2, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast2, 0x1}, 0x1c) (async, rerun: 64) connect$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x0, @remote}, 0x1c) (rerun: 64) 12.448999743s ago: executing program 0 (id=1225): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc2(&(0x7f0000000700), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_GET(r0, 0x0, 0x0) r1 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), r1) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xc}, 0x90) r2 = socket$nl_route(0x10, 0x3, 0x0) socket(0x1, 0x803, 0x0) ioctl$SIOCPNADDRESOURCE(0xffffffffffffffff, 0x89e0, 0x0) r3 = socket(0x1, 0x803, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000600)=ANY=[@ANYBLOB="640000006c00010001000000fedbdf2500000000", @ANYRES32=r4, @ANYBLOB="742000002620000008002300040000002c0034801400350070696d72656730000000000000000800140035006e7230000000000000000002000000000800280093532d00050021"], 0x64}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000740)={0x0, 0x0, 0x0}, 0x0) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=@newlink={0x20}, 0x20}}, 0x0) 12.372944876s ago: executing program 0 (id=1227): r0 = socket$inet6(0xa, 0x0, 0x0) bind$inet6(r0, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) accept4$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = socket$inet6(0x10, 0x3, 0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000180)={'wlan0\x00'}) sendmsg(r2, &(0x7f0000000000)={0x0, 0xe00, &(0x7f0000000280)=[{&(0x7f0000001500)="5500000020007fafb72d13b2a4a2719302000000", 0x14}, {&(0x7f0000000580)="3e4ffc05b9b8d20b64d1212daf7183885ab684076c1e84a04d7ceaad1d620fcbab13688451ac6b655710ff9bab877c6b0008671e7eb0f7960ea8c8219e883ec2acc2a941fcdb2349a8449be864614d7c2ff0faba43bcaeda1ea3249c8e2b8779296c662670d42e24b4cb01bca704651ed5185d3b99f543f1bb33213a0563d8764a57df67", 0x84}], 0x2}, 0x0) write(r2, 0x0, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8916, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, 0x0, 0x0) 6.183158428s ago: executing program 4 (id=1241): bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0x4, 0x0, 0x0, 0x0, 0x1000, &(0x7f0000000300)=""/4096}, 0x90) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000000c0)=ANY=[], 0x5c}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="6400000010000305160000000000000000008847", @ANYRES32=0x0, @ANYBLOB="00000000000000004400128009000100626f6e6400000000340002800500010004000000050016000000000008001c000000000005000c00000000000a001a"], 0xc3}, 0x1, 0x100000000000000}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[], 0xa0}}, 0x0) r0 = socket(0x10, 0x3, 0x0) sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0) r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@rose={'rose', 0x0}, 0x10) ioctl$sock_netdev_private(r1, 0x89fa, &(0x7f0000000000)) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="18fe43000000000000004ee031beb4fea762000000000000f5551653095fb2abcbf0b1fac9e6f01fe022ffcfe510a313fc2c68a529d0405fe878cc7fd15c6b72b2f72fe8a6fffe8dde14763c95a6b9fff3cd070c2e7ced7de83ee05b23d42f7c7f8c19b0615e76c9f4be6ab6fdb52146c0b03e2065c253ce3234793f78fd3d3594e712ce355cec3274c047f1d6abeac0a49076068eb4166177cd1649dcf1a0fe5a6eabba72957b4f74f264a51eb66c5831c9916e6c6ae9347606c68646e9f5868e7ea5be8f4b9294805aeb"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) r3 = syz_init_net_socket$rose(0xb, 0x5, 0x0) setsockopt$rose(r3, 0x104, 0x5, &(0x7f0000000000), 0x4) r4 = bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r5, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x18, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {}, {0x4, 0x1, 0xb, 0x9, 0xa}}}, &(0x7f0000000200)='syzkaller\x00', 0x9, 0x1003, &(0x7f0000001e40)=""/4099}, 0x90) getsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000040), &(0x7f0000000080)=0x8) 5.99036848s ago: executing program 4 (id=1242): socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000040)={'veth1\x00', &(0x7f0000000000)=@ethtool_ringparam={0x1}}) epoll_pwait(0xffffffffffffffff, &(0x7f0000000240)=[{}], 0x1, 0xbddd, 0x0, 0x0) r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) r1 = socket$inet_dccp(0x2, 0x6, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000d80)=@nat={'nat\x00', 0x670, 0x5, 0x398, 0x300, 0xa8, 0xfbffffff, 0x0, 0xa8, 0x300, 0x300, 0xffffffff, 0x300, 0x300, 0x5, 0x0, {[{{@ip={@broadcast, @local, 0x0, 0x0, 'geneve1\x00', 'geneve0\x00'}, 0x0, 0x70, 0xa8}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x2, {0x0, @empty, @local, @gre_key, @icmp_id}}}}, {{@uncond, 0x0, 0x98, 0xc0, 0x0, {0x0, 0x7}, [@common=@icmp={{0x28}, {0x0, "ea0c"}}]}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x210}}, {{@uncond, 0x0, 0x70, 0xa8}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1, {0x0, @local, @multicast2, @gre_key, @gre_key}}}}, {{@uncond, 0x0, 0xc8, 0xf0, 0x0, {}, [@common=@inet=@dscp={{0x28}}, @common=@addrtype={{0x30}}]}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffc}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3f8) listen(r0, 0x3) connect$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10) sendto$inet(r1, &(0x7f0000000080)='!', 0xffc3, 0x0, 0x0, 0x0) sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x700) 5.953226508s ago: executing program 4 (id=1243): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x4, 0xc}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000001080)={r1, &(0x7f0000000400), &(0x7f0000000200)=""/166}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000200)='tlb_flush\x00', r2}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000500)=ANY=[@ANYBLOB="b601ffff80000000bd110000000000008510000002000000850000009a00000095000000000000009500a5050000000077d8f3b4000000002be16ad10a48b243ccc40806d25dfd73a015e0ca7fc2506a0f68a7d06d75357f21699cdc6751dfb265a0e3ccae669e173a649c1cfd6587d472d64e7cc955d77578f4c35235138d5421f9453559c35da860e8ef14142b2a3e314422b854421eed734ceb1efeecb9c66854c3b3ffe1b4ce25d7c983c005c03b1d1ca4cb3e26e7a23129d6606fd28a697a9d552af6d9a9df2c3af333e2008e11bbec0727cb3f647535deb6277f5696833a71011a7d06602e2fd5234712596b696418f163d1a13ed38a682f87925bfa753f631cd027edd68149ee99eebc6f7d6dd4ae59af7588c8e1f4efab57644ccb1973d7879b70a70001040000000000000000d7900a820b63278f4e9a217b98ef7042ad2a923132f208fd8289eaf8cd00000000000009d27d753a300800000000000000a5686f2fccc33e3e34c3969c5ad781302d40e97a8ad10ce0cbe17366d5ac6af2fca2360a15b80400d52040ef7b28d300747877e176fe4c4b8e40dbf260f5a9f7eee30293c1b163b795d0aef4deb851a30000f569dc8f39943f889008e1ec914faa9e6cd0b3b4b3b5db666ebeb49d6a62019d76459e70b459543c4ac42e53b4ad4c77cff373ebd95848f01864e456969cd28000170996016aceb583df5ee4dd722e8c350af489f9a900000000a0dcc391a65c674a9cce0439f832a20d7cbdcda5dff3ba92dd66afb9dcd3e7784dbea1e51a15b0f1a040cc63177f8fafa3192fc8e5552da1a982ab8dfe31ad1a0968faa47c2069d6bf09c3aa4f0fc128cb578d99b08a150b4cc4b22f6a464c6398c952519818a44a1b450ff502df87865c276588ea478e328e8277e811b99ce1acfecaf8e2c55ccc4b8eae0a61635514e99ffd438784060f23ba74c0b30b1180d935832deb686d789ba1d436d116394534e88492a42b8bcab12fcc661a2dc50b3a1dcfbc871e5c27e3d7260f6fa589e40000b89db451ff994845f6b49c12e89291398bcb3c06ef1289f74e0b0e2cab592d35f82a69e7284223a171c616b1f0fee6c4711d7aecb69746064d2c096554975d605ebe646302bf3d5cf32a9a09915ae3f3d4eb96615d7b237da56cd5e9904a19e145f25b6d98eb2c019967f553b61d0e80d6913cee9f8d18469a654a239a84a85debbc0284c5a5d51f0e115ab159e3b513a68284d2efc30587e433431b2896a3bd48020af67e9ac071b2dd6dc3b9efae4ff03558fa619aea909c7f2416e7e7da1c51ccc7e6ac27412f728dc6d80da8adf317ca863ed683897321f8c8bb5a5d953d6783b7a06353ee496bbdff418de3e53234df87756eb99e330253cf5da4aa1a9648a38f07e2d302b4165983db4f7b8972923fffa8c03c288512a3a38fbd7c816a44634f7a03fab30811b7b93257bea4369ba46024dee5e9b0b2c3d3324e9b7c1f99ab9bb3f498b1485373b79ec84a67dad4e37575dab87ce55a9a69ed856a4c4410d1242ac1bd1539094a641cc086c2c53e363beafc74ab4e9ff320373705cbf5644586ffe60d293944fa2d9dc18b55f1af5c42f27747bef1ffd0c1766f062d47d61bf9f64e6ee288fa7fc12d48da526527b9f5c318c93ec447cb8b5eee7aa8a1e85696af3dfef96657c0545c8ebd96528d9c28828e5befd80d684b03b6d153da3e3cbd3bfbf4a9375b8ad04a1d241bcb775505cb6cc7a44e2e24bd0b1ca4879caaff59d0ce39dc7f3fea447f4e46967855208e63ec988bd2692afefbed2b001205e4b30ee8fe417defa566a73ace8f01f7181de0ef25f1744896a3c38859e6148c42454949cd64b1a888e7fe9c2d86bb01023b6dde4ab67f5eb038af3e460c771518a4126c338b0390d459361e03adf6e6b558b3651a0e33d101b5febfff82794203da18db6fcf89715c2d338f78d8b9220171b418528f857a7cb79ca990de1208777e13faaa9b9cb9e67797b07d9eb9e909410b50c5d981d9a72aa36498b630519d1530ef0000000000000000000037fcffffffffffffff8db8379bd2044c652dff399a9f8bfa4e9c507f049d18837464276830461ee203ba51f6102d262fc9a26bc3638ecce24e65c55da6efaa462f03e0d36c62785f32ecc294a8c7a522b59f5a7b44d018cb2648383073d9e032492cae44350bc0a85697f431392eb22cae093e85954af97d6d7b2e6e8f43353062275ad1578a431594243452a2bfb89f91d8eaac00000000000080014573789425c4c22da528d89356aa6d2ae6da082e756c80cf39053431080ea6cbf9997a5a0ddad0b9d12bc3f880476ab32f0feaac5f16e61f7b72b8c9082eec423c6b3eaecfdcc9ec72795e7696421c83b76c2d6bac19bc875d009679778d8ef97d7e05329649d97b0dc54bea9b650873de2d3d702690176e0b23ee5cb5e469a8d1612d611722e6200e3a297d92f8e1de98326c5ef2b89d4e2d47767c0700783e5d865e373338e96ceb8399f296c59b2d70ca27735ecaff62982616d3ac1ab041733bce119d8002a6c8a2b08b32551b2313b1a2ff41b3f04af61c69c85cb2da48215727271bac2ffdeb62d9f5dc4845f1c3f63dc806e615ee8d28d6d7f181e30807afa27f41d0364c746a65a47464db68f3c433d88dd625db35fded2c86d75af88efaf20c8b37c644b6c4e773a9589200faa553bc92f916b75ddbfa18ab73979f46947b35914286d2499a0b8c970000000000000000f4fe74e0c26ab52329bd600627b256ca44dd121ffc8dbb6e5f70cbe03efccac70375b30cc927574d254d1b46c607e8b1ca7d1511568c4d885723734a3ef4b6b885f4582bdcef74e5e010627fc8e4fe00000000000000000000869d9640f06b11df2971909b90133983308ea4f033de613763f32d913bcbe9dd082a6fff197a20730269e6cfd31275395833f1c2b8a50a94c30cceae2a11fe9b9b835d0da73891c0b3ce22dea6bf31e7f51808cf72f44b4455b77a778440795e152dc1b7bb0a5636aa4742ce4d331a47de5836539cdf289176527277b70c8162aaf6f9475418b478329f3565450acfaf07000000eab8cabfa97e35081967bb92a264b07e8003d2f15537e72a1e4ca5ec1e2aaaf8236ecdefbaf512c75e636b6b6f518ad20521f909b12e9bc97e408e0dc82f950d12705f35708bc862196abb27e8d7991b5273987f38c4706289ff4f6130cee76465d487a07a74452f87da2029bd3debd9870335d58d3fe1ac809c227aa25842f75981bc6f569ffdb10ba3f20a86d95128d13e0c778998d3b3114bfb07bd61e4bff8a5e2ce4aa572c63e09b44ca4a181bcfe4eec3ce843c65c4948169fe639a186acc2b4a96c6b8d4d2e6d53ab97bea01eab953e6e89e3af34d4ada217bc6fda0fb2095c49195d0d6f365ca80a955b9ec81240a84ef672afa369fcd097728955cf04fec692b01fadfc8e3d444ba35d0f51a0065a3b982d09dfc6874fc0d8079b185447cb8a695e132d4d613a529d9c77e2a8f7320ecf698e8a2b170fd601dc1a9767a38b10788e92d1356f6a6c1bcfb2d31b46e735db13f1be80bac1b6be04fd98610000000000000000000000000000139af5493f74751c5e2501a4936bc4a0fa516117f4ccadc692003adee0a080eba2f1059660c0ee0e9aec72d4d0fe095632e4f641b0e34c611c5b3e0ba05fa36542d40837dda323910672a9097d68398fd3539686e4288db0d6bf7cb8a1835f46dfe11865a66ef47e736dada06677a5bca133d6cbc8fe5c4557e51b006bdccd7c5f32ff1d9e8b130f77df09236870fb3de5b87b4f8acc13df534eba329b86670000000000000000b27a2616c03cdf6c009447a652bca9b325e73c0737d5b717945e4fe7a169c5e2c54fc71a4104aa7cf0f5d30e2fcd9503650edbd8a5971a9a1fde5e5df37469ae204a6e899eacc1e63034cbabc5604739881cb82604bed3e53696a0606b26b879ef232a1a038291389593d1575cb79aa8284cf01a7e1a456acab9d8d608ad69d4c4b56492af7004e7ed9d47c5db3d76a00bea7c804f3a3638408bc1636f1009b7f185f51606918eaa0ab61a19"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x70) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000071120700000000009500c001000000005ea15c942959482e07695a246283e3d1ca150fbd8d2254b9a6aa84edf49294460c6522c76b791b3130cb13e2eb3cd38b78c57f4a5c0f76d024107a16bef3f66064f10d1a1321e212eabceee4350a6186e40682f12fd7f65c2ea0780f1e0b19b8ec7304804757d0ae0d9116439dd8a2f8f5964df063a912cf1eb04e11143fd6463bfdf7d5a858feee20f8"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x80) 5.867184567s ago: executing program 4 (id=1244): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="18020000000000000000000000000000850000003d00000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90) socket$tipc(0x1e, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) recvfrom(0xffffffffffffffff, &(0x7f0000000a40)=""/4078, 0xfee, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0x0, 0x0, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) sendmsg$key(0xffffffffffffffff, 0x0, 0x8000) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x2}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r2}, 0xc) 5.746380327s ago: executing program 4 (id=1245): pipe(&(0x7f0000000080)={0xffffffffffffffff}) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @payload={{0xc}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_OFFSET={0x8}, @NFTA_PAYLOAD_BASE={0x8}, @NFTA_PAYLOAD_DREG={0x8}, @NFTA_PAYLOAD_LEN={0x8, 0x4, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x8c}}, 0x0) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) tee(r0, r2, 0xaf5, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000002a00)=ANY=[@ANYBLOB="b7000000026d0300bfa30000000000000703000000feffff620af0fff8ffffff71a4f0ff000000002704000000ffffffdd0a05000000000014000000016d030063030000000000001d44010000000000620a00fe00ffffffdb03000000000000b5000000000000009500000000000000023bc065b70300c6dfa041b63af4a3912435b1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e5f58b7382a8b7e8177168001815548000000000000000275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7f300c095199fe3ff3128e599b0eaebbdbd732c9cc20eec363e4a8f6456e5ccae25ea21714ee18cf5d803e04d83b46e21557c0afc646cb7790b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845b9f75dd08d123deda8ebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987af1714e72ba7616536fd9aa58f2477184b6a89adaf17b0baf587aef370a2d426a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a277c7a775d55dfc28abbe9b5ea62d84f3a10746443d64364f56e24e6d2105bd901128c7e0ec82770c8206b1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee7d26b34381fcb59b854e9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67051d355d84ce97bb0c6b4a595e487efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599ddd71063be9261eee52216d009df5daf87068a608628efc56c752af4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d96c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9610f0000d36f38df9ba60248d9a0d61282dfb15eb6841bb64a1b3045024a982f3c48153baae2c4e7bf37548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c3560811ea6c3560a43364d402ccdd9069bd50b994fd6a34ee18022a579dfc0229cc0dc9881610270928eeeb883418f562ae00003ea96d10f172c0374d6eed82640700dfffffffffff499c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c64a403ade624d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca5f1380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f254a9bf93f04bf072f0bc2d38092909ef3613861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf82807773e534015ea52acb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d2a9441eb315209d199e029e9135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d8516800ef3f9a6a8906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe3907000000466f4ca2195234648e0a1ca50db6f3d9436a7d55a9ad382400000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b45eb6dc5f6a9257d2283c42efc54fa84323a3304f41ff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f928ba7554ba51dd5ab2b7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f80724a5bfc1e8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f068840a754c02181561542c2571f983e96735600000554f327a353511ccedde99493c31ac05a7b57f03ca91a01ba2c60ca99e8ebc15ec3d59901da21afd6400000000832503969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d40460780000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120968308c31db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98c2c73e1661261173f359e93d2c80000000998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebccbaf1ea4a003fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91cda6b52a373803a9e0600f86909bc90addb7b9aee813df534aac4b32fc7741c7e3f426b9ed20debd883593ff5d691b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa000000000000006acc19808d7cf29bc974b0ea92499a419aa095e203c1bafbb9b9a7c2bca3f0a18ee4952f2d325a56390578f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa84feda91f3edb32231ec75300000000000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579c23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b88b5e7885e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d0f086b3f03b20d546fa66a72e38207c9d20035ab63de71a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db1829f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2744c46570e8f46da1ab990ca053cbfe801000000000000000000000000000000d55d7182af2ea5f8d0ad495e3eb9421963a5a683c3dcb2d300aa3b2cfe946d2348c35f5d67d68ac07c8f84b3679e77c2e629ecec7c12c35d6b6971b8ae13cc0095f5a3bfdcffffffffffffffff61ed2b3ecfb16d19037c8c88c91dda1f904fbbc864e95ad43d6dd6d5eadbcea25682ba4b91e14c3fbfdfd1d480e7f13a65dbaa1af102d97681656bf56ff0cf36518f674237ce097d39008cc3257778de878bcd37467386f993be6d20c93a7791e7f2a155ce379b4cda2500108052aeb9bd03ffbda9ff485d6576a492d436d52edcd420e7deaa4343a0add3941ceb3a805e46beef9dca77a4edcbb42aa0caf0bbd6cec72d85540293cb4849b0610800000000000000000000000000000000f9814d5f6c8673c143ff2f901e71b8818665b56f7a03afe3d900007656659db4cb06aaaf9f02cfab5b9e61cc00e8e194299219a3f4c4c53bddea4cc48737842952ff08aeac15685df194ca89da8cf6d29a2be9779181fd5d105af5786094d9130f5826b18b9667b971a994f3fd06961912052f441e96884fcdc91f4a974242aabfc8adbadc9ca27955b5c90f1ed9a46ed044272383d3768871a9c8cfd7948aea445c55684351002ed4a4af45341de8e5e1f33624bd2ec1591dd00bbe05000000f89a928662e9b9449db34394fc5e946fadaee576e28ac0feab4e3585ed43d206218f524083840a78b723621f3b706bb7f5e42b5376642f8ad4028d4ead407240e7467d1b37a7e20690d7672c7e926fded95cf805516ad836eb730619a05af36fb28329d6feb33219cc9164461a8ba3afd5949b9a6046c53663df30a149414089c1ae8f3476236b05dde8dda4843a62c591f8d2b1a62d0db8dc826219bd87398b33e13e3a7a1511573cb1a8cdce3a8fea40792297d023ef52de2e75b9dbbfb8713178e2409b8d3b981bc2ae74621e536b9d3f09a15dada1561a8192d65cc59d7ed5a6bd610000000000000000000000000000000000000000000000b41248c570c4223a471b755ce6956908e2b0e5dbc5e71ff2373d3ed89c2e2eafac81c21ac2436d2ffacffe2fc0d601a50221c88a47b264c5129004f350963b52702c5a360000000000000000000000000000000b4077dc8a1801a8bf833350d302c5439ea3dd0f3b8eb1dc93af1fbf863d33a38a53a02ec1e5b90cb673d6b0cfe7f35b20e438653e0f73ddfc78e3e1d1cc9798af0eb9b61bb4fc72454a57237b68ea614ad898374e952784a18ffb9dc4447acd7ad28a63f88007ad8cba31a6fdd9982c97a913dffe69654d3a00b98c45ead9b9619f946c82f5789379d0d942020652ccfac45e1ef5e93e72b7d5381a3c61fbabc1286285110540075bc7aee3e595f9850b9e96887d53404add0021b198be851d9f797d964fe7501997524d28ce7b1d5f8203d9f756efd5676c5d85052030c27e2a99ee39007d9b3c305b1c7d14899b42149d6c437d863651d30426e36ff66bafa93ce3f76c18b8c91ac65b7ab49f03b7c0d0687e1ee0369e88d674f51fe69423000000000000596444d8a7bf983d6f0342b2987e520100000000000000f37cda7868234eeefbd472c7b396c182f2b9a8bf2f85ad1a7b18681784c8fcf0cf5e34baebc594de0d6c9244a834b82a162739619b5f2e3c24378417f71f855b7958fbae631a8aa30b2120a9e23d8711f529b0cd7ce6ee2b0841a4d9e82e6ef54089b64175338ed7effe440c97c663a1000000000033f9ee8bc74fb676198caf54f9a07461c30b4b65890f2b64e68eb2a265f641e68af046fb8751055c6dba7e49068656dbf01c26b3812cec4204084e4c3f5abb86121a3eddd10720d3b66a3a8033aab499cf56b7e5b01d37c1d7b4f5968040cd727efc9a1d69fa550313969508472efa833327d1bcae9167e3316f272ba2efdebf91f15b4a2bc27ea303834692d92961d3dcff0e4f55d9e3e7c66e8d3324216c4c77b95c000c5f30d56da969b1ce3a3e1a8ce5a632b3c404e7b455cac15273ce31a57dc7bed120f5396671eb7f8670ddc26ecc7461b1badfc98076c95aa811954827767c023c51e183cf1de0230912617f72169a3f9bda12d14667855757ca543b524491e213929a9d095abb9e57f33ad7e5301e5995e65246bc06f931d983596a4979d403f1b3984123633e9af67a0972612b5874f2000000009a8c3199c30dd0c416da1c22e346958bda493b297fcb98181ac449ca17a08e27ae81320e316e018fc9c77e7434079bc06ca1d315a94d177a888cc189fa5649bf5b9ab787118c29d735cc6dfaa965ea9ebbbaff83a06292aff2e3ed23750786136f113cdb04b881f721d02bd3c99b9dd3fa2713cda74eb3dd3422c736dc5c7bd3d1d008b5af391dac38341744dc38e8620fd4b35974ef1d93a907f37a84e1d630dd93fcde4aaf59e0e1f64ba3eec9da0b3d3b241fa52d9db1b137140b27434e74b783f9b62cc516f99e425ed603c5e65c0c3b08815a4aac7c1db4e47261148fa3a54359a2157b9a0fcecd54abbfaaee20f9a6dcc5380f01f22b8fd02b340118a65cef1597f5ce8d8a602120a3b2bb8ccc199dc36b2110a2200a2d3eaff9bc85ff68cd233fb2c8198682bd1c99fd7d66f3554439db4145028bc69579e516fd32253f641b0bffebc32cd3e90d67c77017ae323d8d31bd9f061d270d89737acea845067d8fd36fcce1ae9cd64beeae55d4c8159262240837b2854e5e08c58551453f1b9e46c6a7aaa972255fe7ad8f653168ce260000000000000000008b816f1b5e51781fa92c8b2c886bd992507715f8554276f56e3498156ca6d639de489096f49f2e1850d7399b1fe3801d3b2c0f65abcb67ac3ded74b099f76fee439abfb20c23864280855f395e3449859040832ea50df150deb14fc420a8e91ec84ccd338ada3c5778cbd52bcc2ac93b00e64959286b99231afa239dbefc90a21180f12a03c370980c8101d8a014f6139e998c938bccc92bfc987af6f02ec667c9597c19cc4193c09d152093013629b93e5104447e54ba7bc95ed2b3532421d6a0424c1e000000000000c1af53b85ab7060d6797a18cac2bf246a16f503e09832de7f7aa523d2325b4e3b651b1883ab9a3012f2b5b91e2782250a650d2dddca42a671f083b4a3739a651feb7c1c6903f50ce2cb6501fa22cf55230792a1e2fc902c9115a3b912dcef392b050c9a2870e7da0ca2ce908ff7bc5c72b591004ec3034b189a580e7f6ef153c04bb5599ab22686c5520a02e14a53f105d7b6a097e86b61500bdd7e6e133a9870ec9c0bb77c90702910cc39a0f3a419f12ba636b5837a5ecb110c89fb8d14da2d04175b18a14b2618d05fb58e9a832a4993472e5d068fe44e92676e484662a656d93a0f368c0cfc70c68459b61f194aac3"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000400)={r3, 0x58, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000800)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', r4}, 0x48) r5 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r5, &(0x7f0000000040), 0xc) r6 = socket$qrtr(0x2a, 0x2, 0x0) recvmmsg(r5, &(0x7f0000000ac0)=[{{0x0, 0x48, 0x0}, 0x7}], 0x1, 0x0, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r5, 0xc020f509, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000f5dfe4), 0x1c) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x409c884, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c) sendto$inet6(0xffffffffffffffff, &(0x7f0000000780)="0d0ad7c36d6617110e434332d6ac582208222cfb7c37ce1148f448455bc37f5f70c92774dcb201629979039d7c8943b207e5bdf9ab8eed9ace110469c51f4f211dd9fad815eb5b273ac04e1edc679bcdf0a0d24482de5454be9003cb80714a95e136bb704ee58e707d1e69b3c3a1c2c37f9c0402e14abdeb32086a49aff25e5c0f0131d59b4783316b9fa2c71c51ce76942d5f519145c9e3bf0d4182b4a62970b2ce81d35a7afc8384b387b8e21f2051d90d92323a710cabe5275d335b64453e759251a140de480541d8dd7662a14296a59eba99b95bfdf5b22992c323865b471d13ad79867e2692fd4eece299a81e2b33336b6801f51c2ae8d73e4df90c9bd70cd535b72cbdf67754acdc44b3780450308d9c5527", 0xfe87, 0x6d91fb6102d8d9cc, 0x0, 0x0) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) recvfrom(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) connect$qrtr(r6, &(0x7f0000000040)={0x2a, 0x0, 0x4000}, 0xc) ioctl$sock_qrtr_TIOCINQ(r5, 0x890c, 0x0) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x4c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_HOOK={0x20, 0x4, 0x0, 0x1, [@NFTA_HOOK_HOOKNUM={0x8}, @NFTA_HOOK_DEV={0x14, 0x3, 'veth0\x00'}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0x94}}, 0x0) writev(r6, &(0x7f0000000340)=[{&(0x7f0000000080)='~', 0x1}], 0x1) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00'}, 0x10) r8 = socket(0x2000000000000021, 0x2, 0x10000000000002) connect$rxrpc(r8, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10}, 0x24) sendmmsg(r8, &(0x7f0000000080)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18, 0xe000}, 0x5}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000000000000100100000a"], 0x14}}], 0x2, 0x0) 4.847275777s ago: executing program 4 (id=1247): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="2e00000010008188040f80ec59acbc0413a1f848100000005e0c00f0ffffff180e000a001400000002801687121f", 0x2e}], 0x1}, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x2c00, &(0x7f0000001340)=[{&(0x7f0000000040)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb010511000b000a000d000000ba8000001201", 0x2e}], 0x1, 0x0, 0x0, 0xc9e}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r1}, 0x10) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r2, 0x400448cb, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) epoll_create1(0x0) sendmsg$TIPC_NL_NAME_TABLE_GET(0xffffffffffffffff, &(0x7f0000000f00)={&(0x7f0000000e40)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000ec0)={&(0x7f0000000e80)={0x14, 0x0, 0x1, 0x70bd2a, 0x25dfdbfe}, 0x14}}, 0x0) socket$packet(0x11, 0x0, 0x300) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_SET(r3, &(0x7f0000000300)={&(0x7f00000001c0), 0xc, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="5800005000a4634c33246bced483b21ce3b1ad6d3b37061c6a96ff269559c28c64365a581a728d59a4eb741049dbd9d02a418ad26777ad0ed39828742164fc3ff034281400ccc20a1404507f51c6560ac002562372c77f17b6a2e2bc4a0b02fe7cdd53b23c1f5a1986048e17e5f9a10000e8c5d09336f0920350bf04f8a6fc3210a460633042d4825cadef04f77dadef18ba521cfa24ebcc95058a1b52dbeedae4cee4733cd37359f2345928c29839b551ab596cc2d763f6908e6937b78d4fdd00", @ANYRES16=r4, @ANYBLOB="010000000000fedbdf253e0000000e0001006e657464657673696d0000000f0002006e657464657673696d3000001c008200736f757263655f6d61635f69735f6d756c746963617374000500830000000000"], 0x58}}, 0x110) r5 = socket$pppl2tp(0x18, 0x1, 0x1) r6 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r5, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r6, {0x2, 0x0, @dev}, 0x2}}, 0x2e) r7 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r7, &(0x7f0000000040)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x2, 0x1, 0x0, 0x0, {0xa, 0x0, 0x0, @remote}}}, 0x32) ioctl$PPPIOCGL2TPSTATS(r7, 0x80047453, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), r3) r8 = socket$nl_sock_diag(0x10, 0x3, 0x4) setsockopt$netlink_NETLINK_NO_ENOBUFS(r8, 0x10e, 0x5, &(0x7f0000000700)=0x1, 0x4) socket$inet_tcp(0x2, 0x1, 0x0) 2.015372498s ago: executing program 2 (id=1261): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='io.stat\x00', 0x26e1, 0x0) close(r0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r1}, 0x10) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000340)={@cgroup=r0, 0x11, 0x0, 0xfffffffd, &(0x7f0000000100)=[0x0, 0x0, 0x0], 0x3, 0x0, &(0x7f0000000140)=[0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0}, 0x40) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000380)={@map=r0, r1, 0x1a, 0x2020, 0x0, @link_fd=r0, r2}, 0x20) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_ADD(0xffffffffffffffff, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x30, 0x0, 0x0, 0x0, 0x0, {}, [@NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @loopback}, @NLBL_MGMT_A_CV4DOI={0x8}]}, 0x30}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000040)=ANY=[@ANYBLOB="280000001800000000000000000000000200000000000000000000000c0016800804040089"], 0x28}}, 0x0) sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00000000000000000000090000000c000180080001"], 0x20}}, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x8b1a, &(0x7f0000000000)={'wlan1\x00', @random="02000d2000"}) 1.92758301s ago: executing program 1 (id=1221): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) recvmsg$kcm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000340)=""/66, 0x42}], 0x1}, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB="400000fffffffffffffeff0000000000000080", @ANYRES32=0x0, @ANYBLOB="0000000000000000200012800b0001006272696467650000100002800c002e000300000003000000"], 0x40}}, 0x0) 1.848769207s ago: executing program 2 (id=1262): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000300)={@val={0xa, 0xd00}, @void, @eth={@broadcast, @multicast, @val, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x11, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}}, 0x46) 1.686345301s ago: executing program 1 (id=1263): r0 = socket$l2tp6(0xa, 0x2, 0x73) r1 = socket$rds(0x15, 0x5, 0x0) syz_emit_ethernet(0x72, &(0x7f0000000000)={@broadcast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x3c, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], @pkt_toobig={0x8, 0x2, 0x0, 0x0, {0x0, 0x6, "000810", 0x0, 0x11, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @empty, [], "fb36eeca6ead50b375a22a58"}}}}}}}, 0x0) bind$rds(r1, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10) r2 = socket$packet(0x11, 0x0, 0x300) getpeername$packet(r2, 0x0, 0x0) sendmsg$rds(r1, &(0x7f0000000740)={&(0x7f0000000040)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@cswp={0x58, 0x114, 0x7, {{}, &(0x7f0000000080), 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7}}], 0x58}, 0x0) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000540)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0x1c) r3 = socket$packet(0x11, 0x3, 0x300) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000180)={'wlan0\x00', 0x0}) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000002c0)=ANY=[@ANYBLOB="2c010000", @ANYRES16=r8, @ANYBLOB="010065bd7000fcdbdf254f00000008000300", @ANYRES32=r7, @ANYBLOB="48007a8014000100c396d979a8f802a09c5d7bfaeb3575f21c0002002c8b2ddcc0a3a020196b852ff1e5776edd2fed6a243a33220c000300b38b3e2d8514cc07080004000500000030007a800800040007000000240001006b367eca9776d5c92ac3b99cce28c8dbdebd62217f9c5f46d4b1a11c682b40d61c007a800c000300e028aa46e44ee6830c0003009cf7debf7cdf5a207c007a80080004003465e91c0c0003004a159160a275d9fa08000400ff0f00000800040007000000140001006fde61d99aa98d55b507315489e6cd79140002"], 0x12c}}, 0x0) sendmsg$NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x30, r5, 0x400, 0x70bd29, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x34}, @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x60}, @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x40040) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000480)={0x0, 0x0, 0x71}, 0x20) r10 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_TEST(r10, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="380000000b060101000000000000000000000000100007800c00018008000140e0000002050001"], 0x38}}, 0x0) bpf$ITER_CREATE(0x21, &(0x7f0000000340), 0x8) sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16=r5, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r9, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0) r11 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r11, 0x107, 0xd, &(0x7f0000000180)=@req3={0x3, 0xc, 0x63, 0xfffffcbc, 0x9, 0x4, 0x7}, 0x1c) r12 = socket(0x2, 0x80805, 0x0) sendmmsg$inet_sctp(r12, &(0x7f00000032c0)=[{&(0x7f0000002e40)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)="03", 0x1}], 0x1}], 0x1, 0x0) sendmmsg$inet_sctp(r12, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)='a', 0xdd02}], 0xc, &(0x7f0000000000)=[@sndrcv={0x30, 0x84, 0x1, {0x0, 0x0, 0xc}}], 0x30}], 0x1, 0x0) sendmmsg$inet6(r0, &(0x7f0000000000), 0x0, 0x4008814) 836.773469ms ago: executing program 1 (id=1264): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$team(&(0x7f00000001c0), r1) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c00000010000104000004821178f459c0b7a600", @ANYRES32=r2, @ANYBLOB="00000000000000001c0012000b000100627269646765"], 0x3c}}, 0x0) socket(0x1, 0x803, 0x0) r3 = socket(0x10, 0x0, 0x0) sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB, @ANYBLOB="00000000000000002800128009000100766c616e000000001800028006000100000000", @ANYRES32], 0x50}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket$packet(0x11, 0x2, 0x300) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)) sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0xffffffff, &(0x7f0000000040)={&(0x7f00000000c0)=@newlink={0x28, 0x10, 0x825, 0x500, 0x0, {0xa, 0x0, 0x8, r6}, [@IFLA_PROTO_DOWN={0x8, 0xa, 0x10}]}, 0x28}}, 0x0) 750.587431ms ago: executing program 2 (id=1265): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="18020000000000000000000000000000850000003d00000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90) socket$tipc(0x1e, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) recvfrom(0xffffffffffffffff, &(0x7f0000000a40)=""/4078, 0xfee, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0x0, 0x0, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) sendmsg$key(0xffffffffffffffff, 0x0, 0x8000) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x2}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r2, @ANYBLOB], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r3}, 0xc) 634.554643ms ago: executing program 2 (id=1266): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in={0x2, 0xfffc, @empty}], 0x10) sendmmsg$inet6(r0, &(0x7f000000cf00)=[{{&(0x7f00000084c0)={0xa, 0xfffc, 0x0, @loopback}, 0x1c, &(0x7f0000000040)=[{&(0x7f0000000080)="88", 0x1c}], 0x1}}], 0x1, 0x0) getsockopt$sock_buf(r0, 0x1, 0x4a, 0x0, &(0x7f0000000100)) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, 0x0, &(0x7f0000000280)) 484.224891ms ago: executing program 1 (id=1267): r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000280)={@val={0x4, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x3d}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x2, 0xb, 0x0, 0x0, 0x0, 0x4, {[@window={0xe, 0x3}, @timestamp={0x5, 0x2}, @generic={0x0, 0x2, "d58838068b91"}]}}}}}}, 0x4e) 425.293495ms ago: executing program 2 (id=1268): getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f0000000000)={0x0, 0x77, "4ca3a04479a055905e6264e09f557d417a90f22909020386191eb77ee583c753fbeeb98d75680e6564aff65eae180ef319c52e69bb480164b3163b96f57414e18988add639ea334af0a2e003c327295e87b803e832c71871e5e872c7da07e25f9ca91847f65676a7c853c7846dd9126fa3ca342e52bc98"}, &(0x7f0000000080)=0x7f) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f00000000c0)={0x800, 0x1, 0x201, 0x5ba7, 0x5f4, 0x1, 0x9, 0xad, r0}, 0x20) bpf$ENABLE_STATS(0x20, &(0x7f0000000100), 0x4) bpf$ENABLE_STATS(0x20, &(0x7f0000000140), 0x4) r1 = socket$vsock_stream(0x28, 0x1, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000180)={r1, 0xe4f, 0x10000, 0x2}) sendmsg$rds(r2, &(0x7f0000004680)={&(0x7f00000001c0)={0x2, 0x4e21, @multicast1}, 0x10, &(0x7f00000045c0)=[{&(0x7f0000000200)=""/250, 0xfa}, {&(0x7f0000000300)=""/28, 0x1c}, {&(0x7f0000000340)=""/4096, 0x1000}, {&(0x7f0000001340)=""/108, 0x6c}, {&(0x7f00000013c0)=""/4096, 0x1000}, {&(0x7f00000023c0)=""/4096, 0x1000}, {&(0x7f00000033c0)=""/242, 0xf2}, {&(0x7f00000034c0)=""/135, 0x87}, {&(0x7f0000003580)=""/63, 0x3f}, {&(0x7f00000035c0)=""/4096, 0x1000}], 0xa, 0x0, 0x0, 0x20000000}, 0xbc60dac8b69074f7) ioctl$sock_inet6_tcp_SIOCOUTQNSD(r1, 0x894b, &(0x7f00000046c0)) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) bpf$ENABLE_STATS(0x20, &(0x7f0000004700), 0x4) sendto$inet6(r3, &(0x7f0000004740), 0x0, 0xc0, &(0x7f0000004780)={0xa, 0x4e24, 0x10001, @remote}, 0x1c) bpf$ENABLE_STATS(0x20, &(0x7f00000047c0), 0x4) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r2, 0x6, 0x21, &(0x7f0000004800)="75300ce1e5408e7a48814c742a414524", 0x10) r4 = socket$kcm(0x29, 0x7, 0x0) bpf$ENABLE_STATS(0x20, &(0x7f0000004840), 0x4) ioctl$FIGETBSZ(r2, 0x2, &(0x7f0000004880)) bpf$ENABLE_STATS(0x20, &(0x7f00000048c0), 0x4) sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r2, &(0x7f00000049c0)={&(0x7f0000004900)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000004980)={&(0x7f0000004940)={0x20, 0x140f, 0x200, 0x70bd27, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x4}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x20}, 0x1, 0x0, 0x0, 0x20040042}, 0x4000080) bpf$ENABLE_STATS(0x20, &(0x7f0000004a00), 0x4) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000004a80), r2) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000004ac0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f0000004d80)={&(0x7f0000004a40)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000004d40)={&(0x7f0000004b00)={0x240, r5, 0x8, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_SCHED_SCAN_MULTI={0x4}, @NL80211_ATTR_SCAN_SUPP_RATES={0x220, 0x7d, 0x0, 0x1, [@NL80211_BAND_6GHZ={0xfb, 0x3, "878c36fb6f33461550b7eb17f1e4e47badd1c33434a6c29fcfd3211c26015d2f2ff4b7c300d7bdfc226149407016d9ef8e889de7b681599285e509174f610b0f30b43f176ab4220d134b9731585b258046ba7ef66dc49db5677426b5c43dc4ec7ca37297ce36a586c8b594000b7ffd83001b36f04c9c6cf60e4f17e3fd8a7074c3a27e28253300d561e5beb431b2f7aaab7e011dcb2cfbbaa519b19e855dab7f77b8842d60eeab700615808e957263fc93939eb612779397c0dc3069b6d2fc5df9823b4a0dd36dca284adcde5daf791e1fda99d42671e925b87451c5e3e553dacdad0832eb0afae2ebc7ddc57734d04b2d187d78a97f5b"}, @NL80211_BAND_2GHZ={0xd0, 0x0, "c6273aa71ddb78378126b879274ce4cb997787b2107eaa43f76067555d65316566c043c3aff9bbfd0e1935c52bce243335a9578ae891722c295670d5201eb561f6160789b5d44de1b6dfce3642d576c77eb54ba0e8fe3469f8d1d1b0d9718dab110efa682abcf549e988dfdb03903163396dd1cd62e3001116b7f1fbf2f7da24c2ac05fb40cd3396969b359ab56218339d49b4ad1eaafb44cb4209f54599789538585c98428861dae13ef29fe04cfc3968d84c6bf5680353003399b10b3246fea40a6fcc1f3043c55a6cd4bb"}, @NL80211_BAND_2GHZ={0x50, 0x0, "9d776e9133b3edc03ea753f3e1ffcd70c3d44c02e4cc1defd878d041ab883095f3ed15258416810a2c04ddb437e17d71ed411bd72d86d46626402f39e1a7d70311e7cbe6f327e6475d6c008c"}]}]}, 0x240}, 0x1, 0x0, 0x0, 0x20008040}, 0x20000080) ioctl$int_in(r2, 0x5421, &(0x7f0000004dc0)=0xfffffffffffffffd) sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(r2, &(0x7f0000004ec0)={&(0x7f0000004e00)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000004e80)={&(0x7f0000004e40)={0x28, 0x140c, 0x300, 0x70bd2b, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_RES_CQN={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x28}, 0x1, 0x0, 0x0, 0xc080}, 0x4004) write$cgroup_devices(r2, &(0x7f0000004f00)={'c', ' *:* ', 'w\x00'}, 0x8) syz_genetlink_get_family_id$batadv(&(0x7f0000004f40), r2) bpf$ENABLE_STATS(0x20, &(0x7f0000004f80), 0x4) socket$rxrpc(0x21, 0x2, 0xa) accept4(r4, &(0x7f0000004fc0)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @ipv4}}}, &(0x7f0000005040)=0x80, 0x80000) socket$inet_udplite(0x2, 0x2, 0x88) 250.536968ms ago: executing program 2 (id=1269): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0), 0x4) r1 = socket$inet6(0xa, 0x3, 0x8000000003c) bind$vsock_stream(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x0, 0x0, @host}, 0x10) r2 = socket$kcm(0x10, 0x400000002, 0x0) write$cgroup_subtree(r2, &(0x7f0000000100)=ANY=[@ANYBLOB="0007890242009103"], 0xfe33) recvmsg(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000005580)=""/4101, 0x1005}, {&(0x7f0000000140)=""/4092, 0xffc}, {&(0x7f00000065c0)=""/4102, 0x1006}, {&(0x7f0000001480)=""/177, 0xb1}, {&(0x7f0000001840)=""/185, 0xb9}, {&(0x7f0000001240)=""/118, 0x76}], 0x6}, 0x0) connect$inet6(r1, 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000380)=[{&(0x7f0000000040)="4d3b604056923ee74ba1a4ee057e71215b14c25626a77a8aba68699994b5f33e36cea2baf671ec851856602f5d5ede61f5876ad72caf07f1a3eeb5d418ea09c877c3d0f66cb3cdad6f04a20fc024fff34c37284219fdb659d339f60a36d0e3fe57a1d0be2ecde2542770274e86b3b09925a6a9310fb91f857abf4a3bb203f45a0abd36abefe00dc0a11569a14adc48c89bdee0ada2c6ae429982404547ada7e80bd10e145b95300a4d6784ff12a7f81ee2f4b5de6b7b4d4941c2ffe56cd12623c4ae0f97f84fe24749e70ad96eeb3ae82bdd", 0xd2}, {&(0x7f0000000140)="4e3dc2f6cf72c40f647c3eb806052102cd58d8e9a2965451e16f854b", 0x1c}, {&(0x7f0000000180)="4a3831515e9c164a18986494e8a0048e79e5ad3a7efc9e04bae12458273e", 0x1e}, {&(0x7f0000000200)="bfc12307693a1e7d5e1c4924388e9c775a99ab10a0a51ecccf681e40fb608d3d46b23c27dbf7ab01526061b359635fe303812244ca9e98c895ce598e14b378cf3d635ffec3946c685b82e394738ba3b16a52321cf4e3ea00e537feed9c39b92fc6fe3caa5b80697fa110ebea029fb9f5deb4", 0x72}, {&(0x7f0000000300)="2a3a6c37ed54d96a404ed763de79698b0d8409dd6b21c65fb0421afeacbdfb38b7df664ea9988932446d9b3f257a8b1de6b49c6ac2ee69ef4e0f4b6d9e30cc4cfeacca961f84b03f1674ca274bd01f693785162921163bedea0f355b7a", 0x5d}, {&(0x7f0000000280)="bb6ea35644c8fb1afd9069953847239f606d5865f1171e70b1612fdacf175e31f9395f535edc559251ad73e02d889355819165ffca85e67e7dcd6db6ab1c30", 0x3f}], 0x6) 0s ago: executing program 1 (id=1270): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="2e00000010008188040f80ec59acbc0413a1f848100000005e0c00f0ffffff180e000a001400000002801687121f", 0x2e}], 0x1}, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x2c00, &(0x7f0000001340)=[{&(0x7f0000000040)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb010511000b000a000d000000ba8000001201", 0x2e}], 0x1, 0x0, 0x0, 0xc9e}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r1}, 0x10) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r2, 0x400448cb, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) epoll_create1(0x0) sendmsg$TIPC_NL_NAME_TABLE_GET(0xffffffffffffffff, &(0x7f0000000f00)={&(0x7f0000000e40)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000ec0)={&(0x7f0000000e80)={0x14, 0x0, 0x1, 0x70bd2a, 0x25dfdbfe}, 0x14}}, 0x0) socket$packet(0x11, 0x0, 0x300) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_SET(r3, &(0x7f0000000300)={&(0x7f00000001c0), 0xc, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="5800005000a4634c33246bced483b21ce3b1ad6d3b37061c6a96ff269559c28c64365a581a728d59a4eb741049dbd9d02a418ad26777ad0ed39828742164fc3ff034281400ccc20a1404507f51c6560ac002562372c77f17b6a2e2bc4a0b02fe7cdd53b23c1f5a1986048e17e5f9a10000e8c5d09336f0920350bf04f8a6fc3210a460633042d4825cadef04f77dadef18ba521cfa24ebcc95058a1b52dbeedae4cee4733cd37359f2345928c29839b551ab596cc2d763f6908e6937b78d4fdd00", @ANYRES16=r4, @ANYBLOB="010000000000fedbdf253e0000000e0001006e657464657673696d0000000f0002006e657464657673696d3000001c008200736f757263655f6d61635f69735f6d756c746963617374000500830000000000"], 0x58}}, 0x110) r5 = socket$pppl2tp(0x18, 0x1, 0x1) r6 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r5, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r6, {0x2, 0x0, @dev}, 0x2}}, 0x2e) r7 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r7, &(0x7f0000000040)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x2, 0x1, 0x0, 0x0, {0xa, 0x0, 0x0, @remote}}}, 0x32) socket$igmp6(0xa, 0x3, 0x2) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), r3) r8 = socket$nl_sock_diag(0x10, 0x3, 0x4) setsockopt$netlink_NETLINK_NO_ENOBUFS(r8, 0x10e, 0x5, &(0x7f0000000700)=0x1, 0x4) socket$inet_tcp(0x2, 0x1, 0x0) kernel console output (not intermixed with test programs): /0x2a0 [ 123.699103][ T7274] skb_clone+0x20c/0x390 [ 123.703356][ T7274] ? dev_queue_xmit_nit+0x220/0xc10 [ 123.708553][ T7274] dev_queue_xmit_nit+0x419/0xc10 [ 123.713569][ T7274] ? dev_queue_xmit_nit+0x2b/0xc10 [ 123.718671][ T7274] ? validate_xmit_skb+0xa04/0x1120 [ 123.723862][ T7274] dev_hard_start_xmit+0x15f/0x7e0 [ 123.728964][ T7274] ? __pfx_validate_xmit_skb+0x10/0x10 [ 123.734421][ T7274] __dev_queue_xmit+0x1b0e/0x3d30 [ 123.739470][ T7274] ? __dev_queue_xmit+0x2d2/0x3d30 [ 123.744602][ T7274] ? __pfx___dev_queue_xmit+0x10/0x10 [ 123.750197][ T7274] ? __copy_skb_header+0x437/0x5b0 [ 123.755330][ T7274] ? __asan_memcpy+0x40/0x70 [ 123.759944][ T7274] ? __copy_skb_header+0x437/0x5b0 [ 123.765248][ T7274] ? __skb_clone+0x454/0x6c0 [ 123.769870][ T7274] ? skb_clone+0x240/0x390 [ 123.774300][ T7274] __netlink_deliver_tap+0x54d/0x7c0 [ 123.779615][ T7274] ? netlink_deliver_tap+0x2e/0x1b0 [ 123.784834][ T7274] netlink_deliver_tap+0x19d/0x1b0 [ 123.789955][ T7274] netlink_unicast+0x7b8/0x980 [ 123.794725][ T7274] ? __pfx_netlink_unicast+0x10/0x10 [ 123.800002][ T7274] ? __virt_addr_valid+0x183/0x520 [ 123.805110][ T7274] ? __check_object_size+0x49c/0x900 [ 123.810401][ T7274] ? bpf_lsm_netlink_send+0x9/0x10 [ 123.815518][ T7274] netlink_sendmsg+0x8db/0xcb0 [ 123.820287][ T7274] ? __pfx_netlink_sendmsg+0x10/0x10 [ 123.825663][ T7274] ? __import_iovec+0x536/0x820 [ 123.830616][ T7274] ? aa_sock_msg_perm+0x91/0x160 [ 123.835582][ T7274] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 123.840893][ T7274] ? security_socket_sendmsg+0x87/0xb0 [ 123.846369][ T7274] ? __pfx_netlink_sendmsg+0x10/0x10 [ 123.851653][ T7274] __sock_sendmsg+0x221/0x270 [ 123.856331][ T7274] ____sys_sendmsg+0x525/0x7d0 [ 123.861096][ T7274] ? __pfx_____sys_sendmsg+0x10/0x10 [ 123.866395][ T7274] __sys_sendmsg+0x2b0/0x3a0 [ 123.870993][ T7274] ? __pfx___sys_sendmsg+0x10/0x10 [ 123.876097][ T7274] ? vfs_write+0x7c4/0xc90 [ 123.880541][ T7274] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 123.886866][ T7274] ? do_syscall_64+0x100/0x230 [ 123.891629][ T7274] ? do_syscall_64+0xb6/0x230 [ 123.896301][ T7274] do_syscall_64+0xf3/0x230 [ 123.900803][ T7274] ? clear_bhb_loop+0x35/0x90 [ 123.905503][ T7274] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.911391][ T7274] RIP: 0033:0x7fc2b9175bd9 [ 123.915801][ T7274] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 123.935482][ T7274] RSP: 002b:00007fc2b9ea1048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 123.943898][ T7274] RAX: ffffffffffffffda RBX: 00007fc2b9303f60 RCX: 00007fc2b9175bd9 [ 123.951862][ T7274] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000004 [ 123.959823][ T7274] RBP: 00007fc2b9ea10a0 R08: 0000000000000000 R09: 0000000000000000 [ 123.967869][ T7274] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 123.975833][ T7274] R13: 000000000000000b R14: 00007fc2b9303f60 R15: 00007ffea19a8558 [ 123.983903][ T7274] [ 124.663343][ T7290] bridge0: entered allmulticast mode [ 124.724691][ T7289] team0: Port device bridge9 added [ 125.019833][ T7303] xt_CT: No such helper "snmp" [ 125.396088][ T7325] FAULT_INJECTION: forcing a failure. [ 125.396088][ T7325] name failslab, interval 1, probability 0, space 0, times 0 [ 125.416585][ T7325] CPU: 1 PID: 7325 Comm: syz.0.761 Not tainted 6.10.0-rc6-syzkaller-00170-g0913ec336a6c #0 [ 125.426805][ T7325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 125.437059][ T7325] Call Trace: [ 125.440364][ T7325] [ 125.443318][ T7325] dump_stack_lvl+0x241/0x360 [ 125.448035][ T7325] ? __pfx_dump_stack_lvl+0x10/0x10 [ 125.453271][ T7325] ? __pfx__printk+0x10/0x10 [ 125.457908][ T7325] should_fail_ex+0x3b0/0x4e0 [ 125.462623][ T7325] ? nf_tables_newtable+0x52e/0x1dc0 [ 125.467928][ T7325] should_failslab+0x9/0x20 [ 125.472457][ T7325] kmalloc_trace_noprof+0x6c/0x2c0 [ 125.477596][ T7325] ? nft_pernet+0x23/0x240 [ 125.482030][ T7325] nf_tables_newtable+0x52e/0x1dc0 [ 125.487171][ T7325] ? nfnl_pernet+0x23/0x240 [ 125.491681][ T7325] ? __pfx_nf_tables_newtable+0x10/0x10 [ 125.497229][ T7325] ? __nla_parse+0x40/0x60 [ 125.501652][ T7325] nfnetlink_rcv+0x1427/0x2a80 [ 125.506420][ T7325] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 125.512770][ T7325] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 125.517891][ T7325] ? __dev_queue_xmit+0x2d2/0x3d30 [ 125.523026][ T7325] ? netlink_deliver_tap+0x2e/0x1b0 [ 125.528312][ T7325] ? skb_clone+0x240/0x390 [ 125.532730][ T7325] ? __pfx_lock_release+0x10/0x10 [ 125.537767][ T7325] ? netlink_deliver_tap+0x2e/0x1b0 [ 125.542969][ T7325] netlink_unicast+0x7ea/0x980 [ 125.547740][ T7325] ? __pfx_netlink_unicast+0x10/0x10 [ 125.553017][ T7325] ? __virt_addr_valid+0x183/0x520 [ 125.558129][ T7325] ? __check_object_size+0x49c/0x900 [ 125.563411][ T7325] ? bpf_lsm_netlink_send+0x9/0x10 [ 125.568525][ T7325] netlink_sendmsg+0x8db/0xcb0 [ 125.573296][ T7325] ? __pfx_netlink_sendmsg+0x10/0x10 [ 125.578577][ T7325] ? __import_iovec+0x536/0x820 [ 125.583507][ T7325] ? aa_sock_msg_perm+0x91/0x160 [ 125.588500][ T7325] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 125.593815][ T7325] ? security_socket_sendmsg+0x87/0xb0 [ 125.599293][ T7325] ? __pfx_netlink_sendmsg+0x10/0x10 [ 125.604592][ T7325] __sock_sendmsg+0x221/0x270 [ 125.609283][ T7325] ____sys_sendmsg+0x525/0x7d0 [ 125.614096][ T7325] ? __pfx_____sys_sendmsg+0x10/0x10 [ 125.619669][ T7325] __sys_sendmsg+0x2b0/0x3a0 [ 125.624284][ T7325] ? __pfx___sys_sendmsg+0x10/0x10 [ 125.629406][ T7325] ? vfs_write+0x7c4/0xc90 [ 125.633888][ T7325] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 125.640245][ T7325] ? do_syscall_64+0x100/0x230 [ 125.645025][ T7325] ? do_syscall_64+0xb6/0x230 [ 125.649712][ T7325] do_syscall_64+0xf3/0x230 [ 125.654212][ T7325] ? clear_bhb_loop+0x35/0x90 [ 125.658887][ T7325] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 125.664779][ T7325] RIP: 0033:0x7fe791775bd9 [ 125.669187][ T7325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 125.688815][ T7325] RSP: 002b:00007fe79262f048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 125.697228][ T7325] RAX: ffffffffffffffda RBX: 00007fe791903f60 RCX: 00007fe791775bd9 [ 125.705214][ T7325] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003 [ 125.713197][ T7325] RBP: 00007fe79262f0a0 R08: 0000000000000000 R09: 0000000000000000 [ 125.721191][ T7325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 125.729154][ T7325] R13: 000000000000000b R14: 00007fe791903f60 R15: 00007ffe5361f558 [ 125.737131][ T7325] [ 126.202064][ T7350] pim6reg1: entered promiscuous mode [ 126.207724][ T7350] pim6reg1: entered allmulticast mode [ 126.441031][ T7356] __nla_validate_parse: 8 callbacks suppressed [ 126.441053][ T7356] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.773'. [ 126.462787][ T7356] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 126.471660][ T7356] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 126.485678][ T7356] netlink: 'syz.2.773': attribute type 10 has an invalid length. [ 126.494504][ T7356] bridge0: port 1(team0) entered blocking state [ 126.501636][ T7356] bridge0: port 1(team0) entered disabled state [ 126.509765][ T7356] team0: entered allmulticast mode [ 126.517610][ T7356] team0: entered promiscuous mode [ 126.589316][ T5100] Bluetooth: hci0: command tx timeout [ 126.794009][ T7369] ip6tnl0: entered promiscuous mode [ 126.804617][ T7368] ip6tnl0: left promiscuous mode [ 126.951616][ T7373] netlink: 8 bytes leftover after parsing attributes in process `syz.2.780'. [ 127.064563][ T7377] netlink: 12 bytes leftover after parsing attributes in process `syz.3.782'. [ 127.094224][ T7377] vlan4: entered promiscuous mode [ 127.099708][ T7377] team0: entered promiscuous mode [ 127.104899][ T7377] team_slave_0: entered promiscuous mode [ 127.111957][ T7377] team_slave_1: entered promiscuous mode [ 127.117894][ T7377] bridge8: entered promiscuous mode [ 127.124027][ T7377] bridge9: entered promiscuous mode [ 127.135267][ T7377] team0: left promiscuous mode [ 127.141725][ T7377] team_slave_0: left promiscuous mode [ 127.148528][ T7377] team_slave_1: left promiscuous mode [ 127.162856][ T7377] bridge8: left promiscuous mode [ 127.168252][ T7377] bridge9: left promiscuous mode [ 127.230538][ T5193] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 127.328390][ T7388] netlink: 8 bytes leftover after parsing attributes in process `syz.2.786'. [ 127.488649][ T7397] netlink: 'syz.2.790': attribute type 1 has an invalid length. [ 127.519245][ T7397] bond0: entered allmulticast mode [ 127.552932][ T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 127.582922][ T7402] netlink: 'syz.0.793': attribute type 4 has an invalid length. [ 128.189595][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 128.198195][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 128.209491][ T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 128.278398][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 128.502704][ T7420] netlink: 12 bytes leftover after parsing attributes in process `syz.3.799'. [ 128.634655][ T7423] netlink: 8 bytes leftover after parsing attributes in process `syz.0.802'. [ 128.860915][ T7432] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 128.870631][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 128.906894][ T7435] netlink: 'syz.1.807': attribute type 10 has an invalid length. [ 128.991002][ T7435] team0: Failed to send options change via netlink (err -105) [ 129.009220][ T7435] team0: Port device netdevsim0 added [ 129.057037][ T7442] vlan4: entered promiscuous mode [ 129.066315][ T7442] dummy0: entered promiscuous mode [ 129.079434][ T7442] vlan4: entered allmulticast mode [ 129.084623][ T7442] dummy0: entered allmulticast mode [ 129.104741][ T7442] dummy0: left allmulticast mode [ 129.118439][ T7442] dummy0: left promiscuous mode [ 129.217153][ T7454] netlink: 4 bytes leftover after parsing attributes in process `syz.0.811'. [ 129.246428][ T7454] bridge_slave_1: left allmulticast mode [ 129.281252][ T7454] bridge_slave_1: left promiscuous mode [ 129.317051][ T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 129.326456][ T7454] bridge0: port 2(bridge_slave_1) entered disabled state [ 129.354877][ T7454] bridge_slave_0: left allmulticast mode [ 129.378764][ T7454] bridge_slave_0: left promiscuous mode [ 129.385542][ T7454] bridge0: port 1(bridge_slave_0) entered disabled state [ 129.562808][ T7454] bridge0 (unregistering): left promiscuous mode [ 129.663798][ T7459] netlink: 44 bytes leftover after parsing attributes in process `syz.4.810'. [ 129.679151][ T7459] netlink: 24 bytes leftover after parsing attributes in process `syz.4.810'. [ 129.688284][ T7459] bridge0: port 2(bridge_slave_1) entered disabled state [ 129.710091][ T7459] bridge0: port 2(bridge_slave_1) entered blocking state [ 129.717289][ T7459] bridge0: port 2(bridge_slave_1) entered forwarding state [ 129.853347][ T7478] netlink: 12 bytes leftover after parsing attributes in process `syz.4.817'. [ 131.041388][ T7543] IPVS: set_ctl: invalid protocol: 0 0.0.7.0:0 [ 131.809375][ T7579] FAULT_INJECTION: forcing a failure. [ 131.809375][ T7579] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 131.857472][ T7579] CPU: 0 PID: 7579 Comm: syz.4.854 Not tainted 6.10.0-rc6-syzkaller-00170-g0913ec336a6c #0 [ 131.867603][ T7579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 131.877672][ T7579] Call Trace: [ 131.880960][ T7579] [ 131.883901][ T7579] dump_stack_lvl+0x241/0x360 [ 131.888628][ T7579] ? __pfx_dump_stack_lvl+0x10/0x10 [ 131.893863][ T7579] ? __pfx__printk+0x10/0x10 [ 131.898589][ T7579] ? __pfx_lock_release+0x10/0x10 [ 131.903655][ T7579] should_fail_ex+0x3b0/0x4e0 [ 131.908407][ T7579] _copy_from_user+0x2f/0xe0 [ 131.913054][ T7579] copy_msghdr_from_user+0xae/0x680 [ 131.918294][ T7579] ? __pfx___might_resched+0x10/0x10 [ 131.923629][ T7579] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 131.929691][ T7579] ? __might_fault+0xaa/0x120 [ 131.934393][ T7579] do_recvmmsg+0x40f/0xae0 [ 131.938831][ T7579] ? __pfx_lock_release+0x10/0x10 [ 131.943979][ T7579] ? __pfx_do_recvmmsg+0x10/0x10 [ 131.949059][ T7579] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 131.955032][ T7579] ? ksys_write+0x23e/0x2c0 [ 131.959566][ T7579] ? __pfx_lock_release+0x10/0x10 [ 131.964615][ T7579] ? vfs_write+0x7c4/0xc90 [ 131.969042][ T7579] ? __mutex_unlock_slowpath+0x21d/0x750 [ 131.974796][ T7579] ? __fget_files+0x3f6/0x470 [ 131.979502][ T7579] __x64_sys_recvmmsg+0x199/0x250 [ 131.984567][ T7579] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 131.990227][ T7579] ? do_syscall_64+0x100/0x230 [ 131.995013][ T7579] ? do_syscall_64+0xb6/0x230 [ 131.999715][ T7579] do_syscall_64+0xf3/0x230 [ 132.004239][ T7579] ? clear_bhb_loop+0x35/0x90 [ 132.008932][ T7579] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 132.014826][ T7579] RIP: 0033:0x7f2b6a775bd9 [ 132.019237][ T7579] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 132.038865][ T7579] RSP: 002b:00007f2b6b5cc048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 132.047287][ T7579] RAX: ffffffffffffffda RBX: 00007f2b6a903f60 RCX: 00007f2b6a775bd9 [ 132.055280][ T7579] RDX: 0000000000000f00 RSI: 0000000020000400 RDI: 0000000000000003 [ 132.063526][ T7579] RBP: 00007f2b6b5cc0a0 R08: 0000000000000000 R09: 0000000000000000 [ 132.071491][ T7579] R10: 0000004c42bb4f92 R11: 0000000000000246 R12: 0000000000000002 [ 132.079456][ T7579] R13: 000000000000000b R14: 00007f2b6a903f60 R15: 00007ffef55750f8 [ 132.087432][ T7579] [ 132.228092][ T7584] __nla_validate_parse: 6 callbacks suppressed [ 132.228112][ T7584] netlink: 68 bytes leftover after parsing attributes in process `syz.1.855'. [ 132.430291][ T50] net_ratelimit: 4 callbacks suppressed [ 132.430311][ T50] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 132.444263][ T50] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 132.684989][ T7601] netlink: 8 bytes leftover after parsing attributes in process `syz.2.862'. [ 132.894017][ T7624] FAULT_INJECTION: forcing a failure. [ 132.894017][ T7624] name failslab, interval 1, probability 0, space 0, times 0 [ 132.912128][ T7624] CPU: 1 PID: 7624 Comm: syz.1.869 Not tainted 6.10.0-rc6-syzkaller-00170-g0913ec336a6c #0 [ 132.922346][ T7624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 132.932430][ T7624] Call Trace: [ 132.935741][ T7624] [ 132.938697][ T7624] dump_stack_lvl+0x241/0x360 [ 132.943421][ T7624] ? __pfx_dump_stack_lvl+0x10/0x10 [ 132.948656][ T7624] ? __pfx__printk+0x10/0x10 [ 132.953289][ T7624] ? ref_tracker_alloc+0x332/0x490 [ 132.958418][ T7624] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 132.963885][ T7624] should_fail_ex+0x3b0/0x4e0 [ 132.968576][ T7624] ? skb_clone+0x20c/0x390 [ 132.973018][ T7624] should_failslab+0x9/0x20 [ 132.977532][ T7624] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 132.982912][ T7624] skb_clone+0x20c/0x390 [ 132.987157][ T7624] __netlink_deliver_tap+0x3cc/0x7c0 [ 132.992471][ T7624] ? netlink_deliver_tap+0x2e/0x1b0 [ 132.997716][ T7624] netlink_deliver_tap+0x19d/0x1b0 [ 133.002870][ T7624] netlink_sendskb+0x68/0x140 [ 133.007561][ T7624] netlink_unicast+0x39d/0x980 [ 133.012321][ T7624] ? __asan_memcpy+0x40/0x70 [ 133.016919][ T7624] ? __pfx_netlink_unicast+0x10/0x10 [ 133.022213][ T7624] netlink_rcv_skb+0x262/0x430 [ 133.026975][ T7624] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 133.032430][ T7624] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 133.037724][ T7624] ? netlink_deliver_tap+0x2e/0x1b0 [ 133.043004][ T7624] netlink_unicast+0x7ea/0x980 [ 133.047770][ T7624] ? __pfx_netlink_unicast+0x10/0x10 [ 133.053045][ T7624] ? __virt_addr_valid+0x183/0x520 [ 133.058151][ T7624] ? __check_object_size+0x49c/0x900 [ 133.063433][ T7624] ? bpf_lsm_netlink_send+0x9/0x10 [ 133.068541][ T7624] netlink_sendmsg+0x8db/0xcb0 [ 133.073308][ T7624] ? __pfx_netlink_sendmsg+0x10/0x10 [ 133.078611][ T7624] ? __import_iovec+0x536/0x820 [ 133.083473][ T7624] ? aa_sock_msg_perm+0x91/0x160 [ 133.088422][ T7624] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 133.093708][ T7624] ? security_socket_sendmsg+0x87/0xb0 [ 133.099173][ T7624] ? __pfx_netlink_sendmsg+0x10/0x10 [ 133.104456][ T7624] __sock_sendmsg+0x221/0x270 [ 133.109235][ T7624] ____sys_sendmsg+0x525/0x7d0 [ 133.114119][ T7624] ? __pfx_____sys_sendmsg+0x10/0x10 [ 133.119433][ T7624] __sys_sendmsg+0x2b0/0x3a0 [ 133.124040][ T7624] ? __pfx___sys_sendmsg+0x10/0x10 [ 133.129239][ T7624] ? vfs_write+0x7c4/0xc90 [ 133.133683][ T7624] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 133.140018][ T7624] ? do_syscall_64+0x100/0x230 [ 133.144807][ T7624] ? do_syscall_64+0xb6/0x230 [ 133.149585][ T7624] do_syscall_64+0xf3/0x230 [ 133.154175][ T7624] ? clear_bhb_loop+0x35/0x90 [ 133.158886][ T7624] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 133.164904][ T7624] RIP: 0033:0x7fc12e575bd9 [ 133.169328][ T7624] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 133.188946][ T7624] RSP: 002b:00007fc12f38e048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 133.197369][ T7624] RAX: ffffffffffffffda RBX: 00007fc12e703f60 RCX: 00007fc12e575bd9 [ 133.205511][ T7624] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 133.213501][ T7624] RBP: 00007fc12f38e0a0 R08: 0000000000000000 R09: 0000000000000000 [ 133.221463][ T7624] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 133.229426][ T7624] R13: 000000000000004d R14: 00007fc12e703f60 R15: 00007fff139178e8 [ 133.237400][ T7624] [ 133.311824][ T1246] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.318624][ T1246] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.438247][ T7639] FAULT_INJECTION: forcing a failure. [ 133.438247][ T7639] name failslab, interval 1, probability 0, space 0, times 0 [ 133.456207][ T7639] CPU: 0 PID: 7639 Comm: syz.0.873 Not tainted 6.10.0-rc6-syzkaller-00170-g0913ec336a6c #0 [ 133.466423][ T7639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 133.476679][ T7639] Call Trace: [ 133.479999][ T7639] [ 133.482969][ T7639] dump_stack_lvl+0x241/0x360 [ 133.487747][ T7639] ? __pfx_dump_stack_lvl+0x10/0x10 [ 133.492999][ T7639] ? __pfx__printk+0x10/0x10 [ 133.497736][ T7639] should_fail_ex+0x3b0/0x4e0 [ 133.502454][ T7639] ? __alloc_skb+0x1c3/0x440 [ 133.507075][ T7639] should_failslab+0x9/0x20 [ 133.511610][ T7639] kmem_cache_alloc_node_noprof+0x71/0x320 [ 133.517547][ T7639] __alloc_skb+0x1c3/0x440 [ 133.522067][ T7639] ? __pfx___alloc_skb+0x10/0x10 [ 133.527461][ T7639] ? netlink_ack_tlv_len+0x6e/0x200 [ 133.532953][ T7639] netlink_ack+0x13f/0xa30 [ 133.537378][ T7639] ? __pfx_lock_acquire+0x10/0x10 [ 133.542423][ T7639] ? __pfx_ctrl_getfamily+0x10/0x10 [ 133.547666][ T7639] netlink_rcv_skb+0x262/0x430 [ 133.552549][ T7639] ? __pfx_genl_rcv_msg+0x10/0x10 [ 133.557580][ T7639] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 133.563075][ T7639] genl_rcv+0x28/0x40 [ 133.567059][ T7639] netlink_unicast+0x7ea/0x980 [ 133.571949][ T7639] ? __pfx_netlink_unicast+0x10/0x10 [ 133.577335][ T7639] ? __virt_addr_valid+0x183/0x520 [ 133.582471][ T7639] ? __check_object_size+0x49c/0x900 [ 133.587939][ T7639] ? bpf_lsm_netlink_send+0x9/0x10 [ 133.593109][ T7639] netlink_sendmsg+0x8db/0xcb0 [ 133.597901][ T7639] ? __pfx_netlink_sendmsg+0x10/0x10 [ 133.603185][ T7639] ? aa_sock_msg_perm+0x91/0x160 [ 133.608121][ T7639] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 133.613396][ T7639] ? security_socket_sendmsg+0x87/0xb0 [ 133.619029][ T7639] ? __pfx_netlink_sendmsg+0x10/0x10 [ 133.624307][ T7639] __sock_sendmsg+0x221/0x270 [ 133.628995][ T7639] __sys_sendto+0x3a4/0x4f0 [ 133.633794][ T7639] ? __pfx___sys_sendto+0x10/0x10 [ 133.638946][ T7639] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 133.644950][ T7639] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 133.651276][ T7639] __x64_sys_sendto+0xde/0x100 [ 133.656040][ T7639] do_syscall_64+0xf3/0x230 [ 133.660561][ T7639] ? clear_bhb_loop+0x35/0x90 [ 133.665348][ T7639] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 133.671242][ T7639] RIP: 0033:0x7fe79177796c [ 133.675761][ T7639] Code: 2a 5a 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5a 02 00 48 8b [ 133.695374][ T7639] RSP: 002b:00007fe79260ced0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 133.703797][ T7639] RAX: ffffffffffffffda RBX: 00007fe79260cfd0 RCX: 00007fe79177796c [ 133.711779][ T7639] RDX: 0000000000000024 RSI: 00007fe79260d020 RDI: 0000000000000004 [ 133.719757][ T7639] RBP: 0000000000000000 R08: 00007fe79260cf24 R09: 000000000000000c [ 133.727727][ T7639] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 133.735719][ T7639] R13: 00007fe79260cf78 R14: 00007fe79260d020 R15: 0000000000000000 [ 133.743707][ T7639] [ 133.801659][ T5143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 133.853758][ T7648] FAULT_INJECTION: forcing a failure. [ 133.853758][ T7648] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 133.878041][ T7648] CPU: 1 PID: 7648 Comm: syz.4.875 Not tainted 6.10.0-rc6-syzkaller-00170-g0913ec336a6c #0 [ 133.888174][ T7648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 133.897081][ T7651] atomic_op ffff888078afa998 conn xmit_atomic 0000000000000000 [ 133.898264][ T7648] Call Trace: [ 133.898278][ T7648] [ 133.898287][ T7648] dump_stack_lvl+0x241/0x360 [ 133.912873][ T7651] netlink: 44 bytes leftover after parsing attributes in process `syz.2.877'. [ 133.916938][ T7648] ? __pfx_dump_stack_lvl+0x10/0x10 [ 133.928741][ T7651] netlink: 12 bytes leftover after parsing attributes in process `syz.2.877'. [ 133.930947][ T7648] ? __pfx__printk+0x10/0x10 [ 133.930981][ T7648] ? __pfx_lock_release+0x10/0x10 [ 133.931002][ T7648] ? __local_bh_enable_ip+0x168/0x200 [ 133.931020][ T7648] ? __lock_acquire+0x1346/0x1fd0 [ 133.931039][ T7648] should_fail_ex+0x3b0/0x4e0 [ 133.931069][ T7648] _copy_to_user+0x2f/0xb0 [ 133.946380][ T7651] netlink: 4 bytes leftover after parsing attributes in process `syz.2.877'. [ 133.949492][ T7648] l2cap_sock_getsockopt+0x1140/0x1830 [ 133.949529][ T7648] ? __pfx_l2cap_sock_getsockopt+0x10/0x10 [ 133.949550][ T7648] ? __pfx_lock_acquire+0x10/0x10 [ 133.949568][ T7648] ? aa_sock_opt_perm+0x79/0x120 [ 133.949593][ T7648] ? bpf_lsm_socket_getsockopt+0x9/0x10 [ 133.949610][ T7648] ? security_socket_getsockopt+0x87/0xb0 [ 133.949630][ T7648] ? __pfx_l2cap_sock_getsockopt+0x10/0x10 [ 133.949657][ T7648] do_sock_getsockopt+0x373/0x850 [ 133.949687][ T7648] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 133.949710][ T7648] ? __fget_files+0x3f6/0x470 [ 133.949740][ T7648] __sys_getsockopt+0x271/0x330 [ 133.949763][ T7648] ? __pfx___sys_getsockopt+0x10/0x10 [ 133.949785][ T7648] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 133.949806][ T7648] ? do_syscall_64+0x100/0x230 [ 133.949833][ T7648] __x64_sys_getsockopt+0xb5/0xd0 [ 133.949856][ T7648] do_syscall_64+0xf3/0x230 [ 133.949879][ T7648] ? clear_bhb_loop+0x35/0x90 [ 133.949907][ T7648] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 133.949931][ T7648] RIP: 0033:0x7f2b6a775bd9 [ 133.949948][ T7648] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 133.949962][ T7648] RSP: 002b:00007f2b6b5cc048 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 133.949984][ T7648] RAX: ffffffffffffffda RBX: 00007f2b6a903f60 RCX: 00007f2b6a775bd9 [ 133.949998][ T7648] RDX: 0000000000000004 RSI: 0000000000000112 RDI: 0000000000000004 [ 133.950011][ T7648] RBP: 00007f2b6b5cc0a0 R08: 00000000200000c0 R09: 0000000000000000 [ 133.950024][ T7648] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 133.950036][ T7648] R13: 000000000000000b R14: 00007f2b6a903f60 R15: 00007ffef55750f8 [ 133.950067][ T7648] [ 133.958014][ T5143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 134.033134][ T7656] netlink: 8 bytes leftover after parsing attributes in process `syz.3.878'. [ 134.261417][ T7668] FAULT_INJECTION: forcing a failure. [ 134.261417][ T7668] name failslab, interval 1, probability 0, space 0, times 0 [ 134.296306][ T7658] netlink: 'syz.4.879': attribute type 10 has an invalid length. [ 134.301408][ T7668] CPU: 0 PID: 7668 Comm: syz.0.880 Not tainted 6.10.0-rc6-syzkaller-00170-g0913ec336a6c #0 [ 134.314428][ T7668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 134.324859][ T7668] Call Trace: [ 134.328165][ T7668] [ 134.331206][ T7668] dump_stack_lvl+0x241/0x360 [ 134.335928][ T7668] ? __pfx_dump_stack_lvl+0x10/0x10 [ 134.341249][ T7668] ? __pfx__printk+0x10/0x10 [ 134.345890][ T7668] should_fail_ex+0x3b0/0x4e0 [ 134.350643][ T7668] ? sctp_add_bind_addr+0x89/0x3a0 [ 134.355797][ T7668] should_failslab+0x9/0x20 [ 134.360426][ T7668] kmalloc_trace_noprof+0x6c/0x2c0 [ 134.365621][ T7668] sctp_add_bind_addr+0x89/0x3a0 [ 134.370601][ T7668] sctp_copy_local_addr_list+0x311/0x500 [ 134.376366][ T7668] ? sctp_copy_local_addr_list+0xab/0x500 [ 134.382121][ T7668] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 134.388315][ T7668] ? sctp_v4_is_any+0x35/0x60 [ 134.393125][ T7668] sctp_bind_addr_copy+0xad/0x3b0 [ 134.398271][ T7668] ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190 [ 134.404626][ T7668] sctp_connect_new_asoc+0x2f3/0x6c0 [ 134.409912][ T7668] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 134.415804][ T7668] ? sctp_sendmsg+0xbb9/0x3520 [ 134.420568][ T7668] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 134.426107][ T7668] ? security_sctp_bind_connect+0x90/0xb0 [ 134.431822][ T7668] sctp_sendmsg+0x219a/0x3520 [ 134.436537][ T7668] ? __pfx_sctp_sendmsg+0x10/0x10 [ 134.441850][ T7668] ? __pfx_aa_sk_perm+0x10/0x10 [ 134.446711][ T7668] ? __pfx_lock_release+0x10/0x10 [ 134.451737][ T7668] ? inet_sendmsg+0x330/0x390 [ 134.456410][ T7668] __sock_sendmsg+0x1a6/0x270 [ 134.461087][ T7668] ____sys_sendmsg+0x525/0x7d0 [ 134.465858][ T7668] ? __pfx_____sys_sendmsg+0x10/0x10 [ 134.471145][ T7668] __sys_sendmmsg+0x3b2/0x740 [ 134.475820][ T7668] ? __pfx___sys_sendmmsg+0x10/0x10 [ 134.481035][ T7668] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 134.486916][ T7668] ? ksys_write+0x23e/0x2c0 [ 134.491410][ T7668] ? __pfx_lock_release+0x10/0x10 [ 134.496426][ T7668] ? vfs_write+0x7c4/0xc90 [ 134.500840][ T7668] ? __mutex_unlock_slowpath+0x21d/0x750 [ 134.506637][ T7668] ? __pfx_vfs_write+0x10/0x10 [ 134.511409][ T7668] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 134.517469][ T7668] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 134.523787][ T7668] ? do_syscall_64+0x100/0x230 [ 134.528620][ T7668] __x64_sys_sendmmsg+0xa0/0xb0 [ 134.533642][ T7668] do_syscall_64+0xf3/0x230 [ 134.538137][ T7668] ? clear_bhb_loop+0x35/0x90 [ 134.542898][ T7668] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 134.548808][ T7668] RIP: 0033:0x7fe791775bd9 [ 134.553330][ T7668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 134.572953][ T7668] RSP: 002b:00007fe79262f048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 134.581371][ T7668] RAX: ffffffffffffffda RBX: 00007fe791903f60 RCX: 00007fe791775bd9 [ 134.589333][ T7668] RDX: 0000000000000001 RSI: 0000000020000500 RDI: 0000000000000003 [ 134.597294][ T7668] RBP: 00007fe79262f0a0 R08: 0000000000000000 R09: 0000000000000000 [ 134.605302][ T7668] R10: 0000000004044040 R11: 0000000000000246 R12: 0000000000000002 [ 134.613293][ T7668] R13: 000000000000000b R14: 00007fe791903f60 R15: 00007ffe5361f558 [ 134.621287][ T7668] [ 134.670053][ T7677] netlink: 8 bytes leftover after parsing attributes in process `syz.3.884'. [ 134.784235][ T7680] netlink: 'syz.4.886': attribute type 17 has an invalid length. [ 134.793907][ T7680] netlink: 16 bytes leftover after parsing attributes in process `syz.4.886'. [ 134.830809][ T50] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 134.946161][ T7690] netlink: 8 bytes leftover after parsing attributes in process `syz.4.889'. [ 135.117332][ T7692] netlink: 'syz.1.888': attribute type 4 has an invalid length. [ 135.192836][ T7693] netlink: 8 bytes leftover after parsing attributes in process `syz.4.889'. [ 135.879358][ T5143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 135.989508][ T7727] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 136.009900][ T7727] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 136.032592][ T7727] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 136.059038][ T7727] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 136.207494][ T7740] netlink: 'syz.2.909': attribute type 10 has an invalid length. [ 136.235735][ T7740] team0: left allmulticast mode [ 136.252475][ T7740] team0: left promiscuous mode [ 136.264911][ T7740] bridge0: port 1(team0) entered disabled state [ 136.331905][ T7755] netlink: 'syz.0.913': attribute type 1 has an invalid length. [ 136.341899][ T7740] batman_adv: batadv0: Adding interface: team0 [ 136.348097][ T7740] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 136.380167][ T7755] netlink: 'syz.0.913': attribute type 1 has an invalid length. [ 136.392478][ T7740] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 136.468366][ T7748] netlink: 'syz.2.909': attribute type 10 has an invalid length. [ 136.491325][ T7748] team0: entered promiscuous mode [ 136.505660][ T7748] 8021q: adding VLAN 0 to HW filter on device team0 [ 136.528063][ T7748] batman_adv: batadv0: Interface activated: team0 [ 136.536091][ T7748] batman_adv: batadv0: Interface deactivated: team0 [ 136.552504][ T7748] batman_adv: batadv0: Removing interface: team0 [ 136.679075][ T7748] bridge0: port 1(team0) entered blocking state [ 136.695498][ T7748] bridge0: port 1(team0) entered disabled state [ 136.715739][ T7748] team0: entered allmulticast mode [ 137.148157][ T7785] netlink: 'syz.1.918': attribute type 8 has an invalid length. [ 137.159167][ T7740] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 137.422985][ T7794] __nla_validate_parse: 12 callbacks suppressed [ 137.423008][ T7794] netlink: 12 bytes leftover after parsing attributes in process `syz.2.920'. [ 137.473767][ T7794] netlink: 4 bytes leftover after parsing attributes in process `syz.2.920'. [ 137.486102][ T7795] netlink: 8 bytes leftover after parsing attributes in process `syz.4.922'. [ 137.495402][ T7788] netlink: 44 bytes leftover after parsing attributes in process `syz.2.920'. [ 137.846221][ T7819] netlink: 'syz.2.931': attribute type 10 has an invalid length. [ 137.882154][ T7819] bridge0: port 1(team0) entered disabled state [ 137.915116][ T7819] team0: left allmulticast mode [ 137.934466][ T7819] team0: left promiscuous mode [ 137.952516][ T50] net_ratelimit: 5 callbacks suppressed [ 137.952536][ T50] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 137.956900][ T7819] bridge0: port 1(team0) entered disabled state [ 138.010711][ T7819] batman_adv: batadv0: Adding interface: team0 [ 138.032766][ T7819] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 138.095707][ T7819] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 138.163672][ T7823] netlink: 'syz.2.931': attribute type 10 has an invalid length. [ 138.190092][ T7823] netlink: 2 bytes leftover after parsing attributes in process `syz.2.931'. [ 138.230525][ T7823] team0: entered promiscuous mode [ 138.236545][ T7823] 8021q: adding VLAN 0 to HW filter on device team0 [ 138.262851][ T7823] batman_adv: batadv0: Interface activated: team0 [ 138.273144][ T5107] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 138.279236][ T7823] batman_adv: batadv0: Interface deactivated: team0 [ 138.287303][ T5107] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 138.292757][ T7823] batman_adv: batadv0: Removing interface: team0 [ 138.306980][ T5107] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 138.307064][ T7823] bridge0: port 1(team0) entered blocking state [ 138.325183][ T5107] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 138.326577][ T7823] bridge0: port 1(team0) entered disabled state [ 138.340686][ T5107] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 138.348057][ T7823] team0: entered allmulticast mode [ 138.349474][ T5107] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 138.575140][ T7839] netlink: 8 bytes leftover after parsing attributes in process `syz.3.938'. [ 138.618907][ T7837] netlink: 8 bytes leftover after parsing attributes in process `syz.1.937'. [ 138.713902][ T7825] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 138.931799][ T7847] gretap0: entered promiscuous mode [ 138.952548][ T7849] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 138.990168][ T7847] ip6gretap0: entered promiscuous mode [ 139.002658][ T783] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 139.013340][ T7847] debugfs: Directory 'hsr1' with parent 'hsr' already present! [ 139.039153][ T7847] Cannot create hsr debugfs directory [ 139.124402][ T7852] netlink: 164 bytes leftover after parsing attributes in process `syz.3.942'. [ 139.133583][ T7849] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 139.174619][ T7853] netlink: 48 bytes leftover after parsing attributes in process `syz.3.942'. [ 139.192519][ T7853] netlink: 48 bytes leftover after parsing attributes in process `syz.3.942'. [ 139.284111][ T7849] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 139.299216][ T7849] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 139.314292][ T7849] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 139.330345][ T7848] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 139.692997][ T7828] chnl_net:caif_netlink_parms(): no params data found [ 139.783699][ T7881] atomic_op ffff88802c0a1998 conn xmit_atomic 0000000000000000 [ 139.887554][ T7828] bridge0: port 1(bridge_slave_0) entered blocking state [ 139.895232][ T7828] bridge0: port 1(bridge_slave_0) entered disabled state [ 139.902706][ T7828] bridge_slave_0: entered allmulticast mode [ 139.910638][ T7828] bridge_slave_0: entered promiscuous mode [ 139.920012][ T7889] validate_nla: 1 callbacks suppressed [ 139.920029][ T7889] netlink: 'syz.3.954': attribute type 10 has an invalid length. [ 139.935413][ T7889] bridge0: port 3(batadv0) entered blocking state [ 139.943672][ T7889] bridge0: port 3(batadv0) entered disabled state [ 139.951405][ T7889] batadv0: entered allmulticast mode [ 139.958781][ T7889] batadv0: entered promiscuous mode [ 139.965842][ T7889] bridge0: port 3(batadv0) entered blocking state [ 139.972447][ T7889] bridge0: port 3(batadv0) entered forwarding state [ 139.984780][ T1057] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 139.994311][ T1057] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 140.006534][ T7828] bridge0: port 2(bridge_slave_1) entered blocking state [ 140.014930][ T7828] bridge0: port 2(bridge_slave_1) entered disabled state [ 140.022404][ T7828] bridge_slave_1: entered allmulticast mode [ 140.030379][ T7828] bridge_slave_1: entered promiscuous mode [ 140.030386][ T5193] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 140.066735][ T7892] netlink: 'syz.3.955': attribute type 29 has an invalid length. [ 140.093493][ T7892] netlink: 'syz.3.955': attribute type 29 has an invalid length. [ 140.109550][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 140.122595][ T7828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 140.151455][ T7828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 140.174632][ T7892] netlink: 'syz.3.955': attribute type 29 has an invalid length. [ 140.258832][ T7828] team0: Port device team_slave_0 added [ 140.299259][ T7828] team0: Port device team_slave_1 added [ 140.371223][ T7828] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 140.385437][ T7828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 140.431527][ T5107] Bluetooth: hci5: command tx timeout [ 140.453330][ T7828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 140.474213][ T7828] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 140.489101][ T7828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 140.517809][ T7828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 140.603581][ T7828] hsr_slave_0: entered promiscuous mode [ 140.624724][ T7828] hsr_slave_1: entered promiscuous mode [ 140.645592][ T7828] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 140.657084][ T7915] atomic_op ffff888060e9f998 conn xmit_atomic 0000000000000000 [ 140.661474][ T7828] Cannot create hsr debugfs directory [ 140.857987][ T7927] netlink: 'syz.2.967': attribute type 10 has an invalid length. [ 140.885819][ T7927] bridge0: port 1(team0) entered disabled state [ 140.899377][ T7927] team0: left allmulticast mode [ 140.914725][ T7927] team0: left promiscuous mode [ 140.928587][ T7927] bridge0: port 1(team0) entered disabled state [ 140.938907][ T7927] batman_adv: batadv0: Adding interface: team0 [ 140.948592][ T7927] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 140.980052][ T7927] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 141.014669][ T7931] netlink: 'syz.2.967': attribute type 10 has an invalid length. [ 141.025257][ T7931] team0: entered promiscuous mode [ 141.032293][ T7931] 8021q: adding VLAN 0 to HW filter on device team0 [ 141.039630][ T7931] batman_adv: batadv0: Interface activated: team0 [ 141.046163][ T7931] batman_adv: batadv0: Interface deactivated: team0 [ 141.053230][ T7931] batman_adv: batadv0: Removing interface: team0 [ 141.060572][ T7931] bridge0: port 1(team0) entered blocking state [ 141.067037][ T7931] bridge0: port 1(team0) entered disabled state [ 141.074988][ T7931] team0: entered allmulticast mode [ 141.232291][ T7828] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 141.250558][ T7828] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.364094][ T7828] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 141.374626][ T7828] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.464199][ T7828] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 141.474632][ T7828] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.569949][ T7828] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 141.585468][ T7828] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.610215][ T7951] atomic_op ffff88807b6eb998 conn xmit_atomic 0000000000000000 [ 141.698602][ T7927] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 141.820455][ T7955] ieee802154 phy0 wpan0: encryption failed: -90 [ 141.948769][ T7828] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 141.963805][ T7828] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 141.974859][ T7828] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 142.001859][ T7828] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 142.290166][ T7972] netlink: 'syz.1.983': attribute type 29 has an invalid length. [ 142.308295][ T7828] 8021q: adding VLAN 0 to HW filter on device bond0 [ 142.332112][ T7972] netlink: 'syz.1.983': attribute type 29 has an invalid length. [ 142.364658][ T7977] atomic_op ffff88807eb53198 conn xmit_atomic 0000000000000000 [ 142.388348][ T7828] 8021q: adding VLAN 0 to HW filter on device team0 [ 142.422443][ T7978] netlink: 'syz.1.983': attribute type 29 has an invalid length. [ 142.437490][ T7977] __nla_validate_parse: 17 callbacks suppressed [ 142.437511][ T7977] netlink: 44 bytes leftover after parsing attributes in process `syz.0.986'. [ 142.445767][ T7983] netlink: 12 bytes leftover after parsing attributes in process `syz.0.986'. [ 142.468154][ T7977] netlink: 4 bytes leftover after parsing attributes in process `syz.0.986'. [ 142.501179][ T5193] bridge0: port 1(bridge_slave_0) entered blocking state [ 142.508368][ T5193] bridge0: port 1(bridge_slave_0) entered forwarding state [ 142.516587][ T5107] Bluetooth: hci5: command tx timeout [ 142.532316][ T5193] bridge0: port 2(bridge_slave_1) entered blocking state [ 142.539686][ T5193] bridge0: port 2(bridge_slave_1) entered forwarding state [ 142.588207][ T7985] netlink: 'syz.1.989': attribute type 10 has an invalid length. [ 142.689971][ T7989] netlink: 2 bytes leftover after parsing attributes in process `syz.1.989'. [ 142.705997][ T7989] team0: entered promiscuous mode [ 142.715343][ T7989] team_slave_0: entered promiscuous mode [ 142.716731][ T7995] netlink: 32 bytes leftover after parsing attributes in process `syz.3.993'. [ 142.726915][ T7989] team_slave_1: entered promiscuous mode [ 142.744794][ T7989] netdevsim netdevsim1 netdevsim0: entered promiscuous mode [ 142.767360][ T7989] 8021q: adding VLAN 0 to HW filter on device team0 [ 142.783637][ T7989] bridge0: port 3(team0) entered blocking state [ 142.790927][ T7989] bridge0: port 3(team0) entered disabled state [ 142.810040][ T7989] team0: entered allmulticast mode [ 142.818806][ T7989] team_slave_0: entered allmulticast mode [ 142.830152][ T7989] team_slave_1: entered allmulticast mode [ 142.836955][ T7989] netdevsim netdevsim1 netdevsim0: entered allmulticast mode [ 142.850107][ T7989] bridge0: port 3(team0) entered blocking state [ 142.856579][ T7989] bridge0: port 3(team0) entered forwarding state [ 142.875777][ T8002] netlink: 120 bytes leftover after parsing attributes in process `syz.0.995'. [ 143.039593][ T8008] netlink: 8 bytes leftover after parsing attributes in process `syz.2.997'. [ 143.083497][ T8013] net_ratelimit: 4 callbacks suppressed [ 143.083518][ T8013] openvswitch: netlink: nsh attribute has 4 unknown bytes. [ 143.120221][ T8014] sctp: [Deprecated]: syz.1.999 (pid 8014) Use of struct sctp_assoc_value in delayed_ack socket option. [ 143.120221][ T8014] Use struct sctp_sack_info instead [ 143.153673][ T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 143.166113][ T5193] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 143.225040][ T8017] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 143.233302][ T8020] atomic_op ffff88806402b198 conn xmit_atomic 0000000000000000 [ 143.253084][ T8020] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1001'. [ 143.257954][ T7828] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 143.275047][ T8020] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1001'. [ 143.292823][ T8020] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1001'. [ 143.301612][ T8017] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 143.385215][ T8017] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 143.401805][ T8017] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 143.456860][ T8016] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 143.485008][ T8016] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 143.505680][ T8016] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 143.691979][ T8039] batman_adv: batadv0: Adding interface: team0 [ 143.698204][ T8039] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 143.759563][ T8039] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 143.786568][ T8045] team0: entered promiscuous mode [ 143.802833][ T8045] team_slave_0: entered promiscuous mode [ 143.808751][ T8045] team_slave_1: entered promiscuous mode [ 143.848317][ T8045] bridge8: entered promiscuous mode [ 143.867532][ T8045] bridge9: entered promiscuous mode [ 143.897879][ T8045] 8021q: adding VLAN 0 to HW filter on device team0 [ 143.908031][ T8045] batman_adv: batadv0: Interface activated: team0 [ 143.936181][ T8045] batman_adv: batadv0: Interface deactivated: team0 [ 143.945495][ T8045] batman_adv: batadv0: Removing interface: team0 [ 143.973680][ T8045] bridge0: port 4(team0) entered blocking state [ 143.984206][ T8045] bridge0: port 4(team0) entered disabled state [ 143.992289][ T8045] team0: entered allmulticast mode [ 143.997668][ T8045] team_slave_0: entered allmulticast mode [ 144.007802][ T8045] team_slave_1: entered allmulticast mode [ 144.017925][ T8045] bridge8: entered allmulticast mode [ 144.042177][ T8045] bridge9: entered allmulticast mode [ 144.055835][ T8045] bridge0: port 4(team0) entered blocking state [ 144.056817][ T8062] atomic_op ffff888140e96198 conn xmit_atomic 0000000000000000 [ 144.062280][ T8045] bridge0: port 4(team0) entered forwarding state [ 144.172222][ T7828] veth0_vlan: entered promiscuous mode [ 144.205544][ T7828] veth1_vlan: entered promiscuous mode [ 144.288733][ T7828] veth0_macvtap: entered promiscuous mode [ 144.328979][ T7828] veth1_macvtap: entered promiscuous mode [ 144.360510][ T7828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 144.387072][ T7828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 144.407857][ T7828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 144.419839][ T7828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 144.430772][ T7828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 144.441607][ T7828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 144.475127][ T7828] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 144.546112][ T7828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 144.568469][ T7828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 144.581230][ T7828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 144.597807][ T7828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 144.599581][ T5107] Bluetooth: hci5: command tx timeout [ 144.618109][ T7828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 144.638366][ T7828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 144.663870][ T7828] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 144.725393][ T7828] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 144.742916][ T7828] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 144.752377][ T7828] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 144.763293][ T7828] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 144.798649][ T8090] bridge0: port 3(team0) entered disabled state [ 144.829399][ T8090] team0: left allmulticast mode [ 144.831698][ T8096] atomic_op ffff888061fa8198 conn xmit_atomic 0000000000000000 [ 144.845058][ T8090] team_slave_0: left allmulticast mode [ 144.858428][ T8090] team_slave_1: left allmulticast mode [ 144.868796][ T8090] netdevsim netdevsim1 netdevsim0: left allmulticast mode [ 144.877664][ T8090] team0: left promiscuous mode [ 144.882696][ T8090] team_slave_0: left promiscuous mode [ 144.888501][ T8090] team_slave_1: left promiscuous mode [ 144.894889][ T8090] netdevsim netdevsim1 netdevsim0: left promiscuous mode [ 144.904183][ T8090] bridge0: port 3(team0) entered disabled state [ 144.915290][ T8092] team0: entered promiscuous mode [ 144.923237][ T8092] team_slave_0: entered promiscuous mode [ 144.932396][ T8092] team_slave_1: entered promiscuous mode [ 144.938247][ T8092] netdevsim netdevsim1 netdevsim0: entered promiscuous mode [ 144.947713][ T8092] 8021q: adding VLAN 0 to HW filter on device team0 [ 144.955030][ T8092] bridge0: port 3(team0) entered blocking state [ 144.963829][ T8092] bridge0: port 3(team0) entered disabled state [ 144.973018][ T8092] team0: entered allmulticast mode [ 144.978360][ T8092] team_slave_0: entered allmulticast mode [ 144.984530][ T8092] team_slave_1: entered allmulticast mode [ 144.990480][ T8092] netdevsim netdevsim1 netdevsim0: entered allmulticast mode [ 145.000311][ T8092] bridge0: port 3(team0) entered blocking state [ 145.006772][ T8092] bridge0: port 3(team0) entered forwarding state [ 145.030135][ T8098] validate_nla: 6 callbacks suppressed [ 145.030151][ T8098] netlink: 'syz.0.1028': attribute type 10 has an invalid length. [ 145.114336][ T8098] batman_adv: batadv0: Adding interface: team0 [ 145.123942][ T8098] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 145.157062][ T8098] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 145.157382][ T8107] xt_bpf: check failed: parse error [ 145.172159][ T8100] netlink: 'syz.0.1028': attribute type 10 has an invalid length. [ 145.187581][ T8100] team0: entered promiscuous mode [ 145.209975][ T8100] team_slave_0: entered promiscuous mode [ 145.223629][ T8100] team_slave_1: entered promiscuous mode [ 145.243116][ T8100] 8021q: adding VLAN 0 to HW filter on device team0 [ 145.260035][ T8100] batman_adv: batadv0: Interface activated: team0 [ 145.275272][ T8100] batman_adv: batadv0: Interface deactivated: team0 [ 145.286857][ T8100] batman_adv: batadv0: Removing interface: team0 [ 145.313227][ T8109] gretap0: entered promiscuous mode [ 145.330095][ T8109] bridge0: entered promiscuous mode [ 145.357329][ T8109] debugfs: Directory 'hsr1' with parent 'hsr' already present! [ 145.378758][ T8109] Cannot create hsr debugfs directory [ 145.620976][ T8124] xt_recent: Unsupported userspace flags (00000042) [ 145.741642][ T2451] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 145.770296][ T2451] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 145.833562][ T8135] atomic_op ffff88807b552998 conn xmit_atomic 0000000000000000 [ 145.971068][ T2451] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 146.009262][ T2451] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 146.162642][ T8146] FAULT_INJECTION: forcing a failure. [ 146.162642][ T8146] name failslab, interval 1, probability 0, space 0, times 0 [ 146.178194][ T8146] CPU: 0 PID: 8146 Comm: syz.4.1044 Not tainted 6.10.0-rc6-syzkaller-00170-g0913ec336a6c #0 [ 146.188329][ T8146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 146.198415][ T8146] Call Trace: [ 146.200070][ T8140] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 146.201694][ T8146] [ 146.201709][ T8146] dump_stack_lvl+0x241/0x360 [ 146.201741][ T8146] ? __pfx_dump_stack_lvl+0x10/0x10 [ 146.209164][ T8140] IPv6: NLM_F_CREATE should be set when creating new route [ 146.212011][ T8146] ? __pfx__printk+0x10/0x10 [ 146.233938][ T8146] should_fail_ex+0x3b0/0x4e0 [ 146.238662][ T8146] ? sctp_add_bind_addr+0x89/0x3a0 [ 146.243807][ T8146] should_failslab+0x9/0x20 [ 146.248322][ T8146] kmalloc_trace_noprof+0x6c/0x2c0 [ 146.253448][ T8146] sctp_add_bind_addr+0x89/0x3a0 [ 146.258387][ T8146] sctp_copy_local_addr_list+0x311/0x500 [ 146.264143][ T8146] ? sctp_copy_local_addr_list+0xab/0x500 [ 146.270031][ T8146] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 146.276182][ T8146] ? sctp_v4_is_any+0x35/0x60 [ 146.280872][ T8146] sctp_bind_addr_copy+0xad/0x3b0 [ 146.285895][ T8146] ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190 [ 146.292233][ T8146] sctp_connect_new_asoc+0x2f3/0x6c0 [ 146.297514][ T8146] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 146.303329][ T8146] ? sctp_endpoint_lookup_assoc+0xc9/0x250 [ 146.309131][ T8146] __sctp_connect+0x66d/0xe30 [ 146.313805][ T8146] ? __pfx___sctp_connect+0x10/0x10 [ 146.318992][ T8146] ? __might_fault+0xc6/0x120 [ 146.323676][ T8146] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 146.329223][ T8146] ? security_sctp_bind_connect+0x90/0xb0 [ 146.334950][ T8146] sctp_getsockopt_connectx3+0x46f/0x730 [ 146.340668][ T8146] ? __local_bh_enable_ip+0x168/0x200 [ 146.346040][ T8146] ? __pfx_sctp_getsockopt_connectx3+0x10/0x10 [ 146.352184][ T8146] ? __local_bh_enable_ip+0x168/0x200 [ 146.357552][ T8146] ? sctp_getsockopt+0x13a/0xbb0 [ 146.362478][ T8146] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 146.368193][ T8146] sctp_getsockopt+0x8de/0xbb0 [ 146.373069][ T8146] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 146.379035][ T8146] do_sock_getsockopt+0x373/0x850 [ 146.384123][ T8146] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 146.389708][ T8146] ? __fget_files+0x3f6/0x470 [ 146.394392][ T8146] __sys_getsockopt+0x271/0x330 [ 146.399253][ T8146] ? __pfx___sys_getsockopt+0x10/0x10 [ 146.404633][ T8146] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 146.410954][ T8146] ? do_syscall_64+0x100/0x230 [ 146.415718][ T8146] __x64_sys_getsockopt+0xb5/0xd0 [ 146.420739][ T8146] do_syscall_64+0xf3/0x230 [ 146.425238][ T8146] ? clear_bhb_loop+0x35/0x90 [ 146.429926][ T8146] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.435824][ T8146] RIP: 0033:0x7f1ef2b75bd9 [ 146.440267][ T8146] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 146.459877][ T8146] RSP: 002b:00007f1ef3893048 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 146.468548][ T8146] RAX: ffffffffffffffda RBX: 00007f1ef2d03f60 RCX: 00007f1ef2b75bd9 [ 146.476515][ T8146] RDX: 000000000000006f RSI: 0000000000000084 RDI: 0000000000000003 [ 146.484565][ T8146] RBP: 00007f1ef38930a0 R08: 0000000020000100 R09: 0000000000000000 [ 146.492614][ T8146] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000002 [ 146.500580][ T8146] R13: 000000000000000b R14: 00007f1ef2d03f60 R15: 00007ffcd2c69548 [ 146.508646][ T8146] [ 146.669190][ T5100] Bluetooth: hci5: command tx timeout [ 146.758490][ T8156] netlink: 'syz.4.1048': attribute type 1 has an invalid length. [ 146.973865][ T8167] atomic_op ffff88807cbc9198 conn xmit_atomic 0000000000000000 [ 147.043395][ T8171] FAULT_INJECTION: forcing a failure. [ 147.043395][ T8171] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 147.064166][ T8171] CPU: 1 PID: 8171 Comm: syz.1.1054 Not tainted 6.10.0-rc6-syzkaller-00170-g0913ec336a6c #0 [ 147.074298][ T8171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 147.084393][ T8171] Call Trace: [ 147.087782][ T8171] [ 147.090743][ T8171] dump_stack_lvl+0x241/0x360 [ 147.095515][ T8171] ? __pfx_dump_stack_lvl+0x10/0x10 [ 147.100914][ T8171] ? __pfx__printk+0x10/0x10 [ 147.105540][ T8171] ? __pfx_lock_release+0x10/0x10 [ 147.110675][ T8171] should_fail_ex+0x3b0/0x4e0 [ 147.115385][ T8171] _copy_from_user+0x2f/0xe0 [ 147.120503][ T8171] copy_msghdr_from_user+0xae/0x680 [ 147.126070][ T8171] ? __pfx___might_resched+0x10/0x10 [ 147.131546][ T8171] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 147.137444][ T8171] ? __might_fault+0xaa/0x120 [ 147.142287][ T8171] do_recvmmsg+0x40f/0xae0 [ 147.146818][ T8171] ? __pfx_lock_release+0x10/0x10 [ 147.151878][ T8171] ? __pfx_do_recvmmsg+0x10/0x10 [ 147.156960][ T8171] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 147.162862][ T8171] ? ksys_write+0x23e/0x2c0 [ 147.167364][ T8171] ? __pfx_lock_release+0x10/0x10 [ 147.172438][ T8171] ? vfs_write+0x7c4/0xc90 [ 147.176877][ T8171] ? __mutex_unlock_slowpath+0x21d/0x750 [ 147.182543][ T8171] ? __fget_files+0x3f6/0x470 [ 147.187240][ T8171] __x64_sys_recvmmsg+0x199/0x250 [ 147.192266][ T8171] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 147.197810][ T8171] ? do_syscall_64+0x100/0x230 [ 147.202655][ T8171] ? do_syscall_64+0xb6/0x230 [ 147.207329][ T8171] do_syscall_64+0xf3/0x230 [ 147.211825][ T8171] ? clear_bhb_loop+0x35/0x90 [ 147.216503][ T8171] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 147.222397][ T8171] RIP: 0033:0x7fc12e575bd9 [ 147.226824][ T8171] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 147.246533][ T8171] RSP: 002b:00007fc12f38e048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 147.254969][ T8171] RAX: ffffffffffffffda RBX: 00007fc12e703f60 RCX: 00007fc12e575bd9 [ 147.263038][ T8171] RDX: 0400000000000284 RSI: 0000000020000040 RDI: 0000000000000003 [ 147.271034][ T8171] RBP: 00007fc12f38e0a0 R08: 0000000000000000 R09: 0000000000000000 [ 147.279178][ T8171] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002 [ 147.287139][ T8171] R13: 000000000000004d R14: 00007fc12e703f60 R15: 00007fff139178e8 [ 147.295133][ T8171] [ 147.560163][ T8186] __nla_validate_parse: 27 callbacks suppressed [ 147.560186][ T8186] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1059'. [ 147.611347][ T8186] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 147.618663][ T8186] IPv6: NLM_F_CREATE should be set when creating new route [ 147.797787][ T8191] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1061'. [ 147.818408][ T8191] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1061'. [ 147.832190][ T8191] bridge0: port 2(bridge_slave_1) entered disabled state [ 147.846874][ T8191] bridge0: port 2(bridge_slave_1) entered blocking state [ 147.854263][ T8191] bridge0: port 2(bridge_slave_1) entered forwarding state [ 147.941229][ T8195] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1062'. [ 147.978503][ T8197] netlink: 228 bytes leftover after parsing attributes in process `syz.0.1063'. [ 148.117541][ T8205] netlink: 'syz.2.1067': attribute type 10 has an invalid length. [ 148.118205][ T8204] atomic_op ffff88807cbca998 conn xmit_atomic 0000000000000000 [ 148.150173][ T8205] bridge0: port 1(team0) entered disabled state [ 148.169896][ T8205] team0: left allmulticast mode [ 148.174818][ T8205] team0: left promiscuous mode [ 148.185831][ T8205] bridge0: port 1(team0) entered disabled state [ 148.196850][ T8208] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1066'. [ 148.210236][ T8208] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1066'. [ 148.221087][ T8205] batman_adv: batadv0: Adding interface: team0 [ 148.227296][ T8205] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 148.260415][ T8205] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 148.282824][ T8204] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1066'. [ 148.292883][ T8206] netlink: 'syz.2.1067': attribute type 10 has an invalid length. [ 148.313851][ T8206] netlink: 2 bytes leftover after parsing attributes in process `syz.2.1067'. [ 148.328368][ T8206] team0: entered promiscuous mode [ 148.334697][ T8206] 8021q: adding VLAN 0 to HW filter on device team0 [ 148.342479][ T8206] batman_adv: batadv0: Interface activated: team0 [ 148.350289][ T8206] batman_adv: batadv0: Interface deactivated: team0 [ 148.357744][ T8206] batman_adv: batadv0: Removing interface: team0 [ 148.365277][ T8206] bridge0: port 1(team0) entered blocking state [ 148.371993][ T8206] bridge0: port 1(team0) entered disabled state [ 148.378470][ T8206] team0: entered allmulticast mode [ 148.528052][ T8221] net_ratelimit: 13 callbacks suppressed [ 148.528070][ T8221] IPv6: addrconf: prefix option has invalid lifetime [ 148.540774][ T8221] IPv6: addrconf: prefix option has invalid lifetime [ 148.561427][ C1] vxcan0: j1939_tp_rxtimer: 0xffff88802dc6f400: rx timeout, send abort [ 148.572019][ C1] vxcan0: j1939_xtp_rx_abort_one: 0xffff88802dc6f400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 148.685392][ T8226] trusted_key: syz.1.1074 sent an empty control message without MSG_MORE. [ 148.731869][ T8228] netlink: 'syz.2.1075': attribute type 10 has an invalid length. [ 148.749443][ T5100] Bluetooth: hci5: command 0x0405 tx timeout [ 148.754147][ T8228] bridge0: port 1(team0) entered disabled state [ 148.775347][ T8228] team0: left allmulticast mode [ 148.780592][ T8228] team0: left promiscuous mode [ 148.791360][ T8228] bridge0: port 1(team0) entered disabled state [ 148.801753][ T8228] batman_adv: batadv0: Adding interface: team0 [ 148.808182][ T8228] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 148.834285][ T8228] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 148.847044][ T8229] netlink: 'syz.2.1075': attribute type 10 has an invalid length. [ 148.858350][ T8229] netlink: 2 bytes leftover after parsing attributes in process `syz.2.1075'. [ 148.888003][ T8229] team0: entered promiscuous mode [ 148.903033][ T8229] 8021q: adding VLAN 0 to HW filter on device team0 [ 148.910662][ T8229] batman_adv: batadv0: Interface activated: team0 [ 148.917262][ T8229] batman_adv: batadv0: Interface deactivated: team0 [ 148.924216][ T8229] batman_adv: batadv0: Removing interface: team0 [ 148.936616][ T8229] bridge0: port 1(team0) entered blocking state [ 148.943286][ T8229] bridge0: port 1(team0) entered disabled state [ 148.950078][ T8229] team0: entered allmulticast mode [ 149.380186][ T8251] atomic_op ffff88801104b198 conn xmit_atomic 0000000000000000 [ 149.562979][ T8228] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 149.819465][ T8272] FAULT_INJECTION: forcing a failure. [ 149.819465][ T8272] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 149.851752][ T8272] CPU: 1 PID: 8272 Comm: syz.1.1089 Not tainted 6.10.0-rc6-syzkaller-00170-g0913ec336a6c #0 [ 149.861981][ T8272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 149.872151][ T8272] Call Trace: [ 149.875450][ T8272] [ 149.878408][ T8272] dump_stack_lvl+0x241/0x360 [ 149.883142][ T8272] ? __pfx_dump_stack_lvl+0x10/0x10 [ 149.888374][ T8272] ? __pfx__printk+0x10/0x10 [ 149.892994][ T8272] ? __pfx_lock_release+0x10/0x10 [ 149.898134][ T8272] should_fail_ex+0x3b0/0x4e0 [ 149.902849][ T8272] _copy_from_user+0x2f/0xe0 [ 149.907470][ T8272] copy_msghdr_from_user+0xae/0x680 [ 149.912724][ T8272] ? _parse_integer_limit+0x1b5/0x200 [ 149.918144][ T8272] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 149.924009][ T8272] __sys_sendmmsg+0x374/0x740 [ 149.928727][ T8272] ? __pfx___sys_sendmmsg+0x10/0x10 [ 149.933992][ T8272] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 149.939919][ T8272] ? ksys_write+0x23e/0x2c0 [ 149.944448][ T8272] ? __pfx_lock_release+0x10/0x10 [ 149.949596][ T8272] ? vfs_write+0x7c4/0xc90 [ 149.954063][ T8272] ? __mutex_unlock_slowpath+0x21d/0x750 [ 149.959738][ T8272] ? __pfx_vfs_write+0x10/0x10 [ 149.964551][ T8272] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 149.970580][ T8272] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 149.976983][ T8272] ? do_syscall_64+0x100/0x230 [ 149.981799][ T8272] __x64_sys_sendmmsg+0xa0/0xb0 [ 149.986702][ T8272] do_syscall_64+0xf3/0x230 [ 149.991244][ T8272] ? clear_bhb_loop+0x35/0x90 [ 149.995990][ T8272] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 150.001924][ T8272] RIP: 0033:0x7fc12e575bd9 [ 150.006369][ T8272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 150.026014][ T8272] RSP: 002b:00007fc12f38e048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 150.034468][ T8272] RAX: ffffffffffffffda RBX: 00007fc12e703f60 RCX: 00007fc12e575bd9 [ 150.042477][ T8272] RDX: 0000000000000001 RSI: 0000000020001f80 RDI: 0000000000000003 [ 150.050481][ T8272] RBP: 00007fc12f38e0a0 R08: 0000000000000000 R09: 0000000000000000 [ 150.058488][ T8272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 150.066487][ T8272] R13: 000000000000004d R14: 00007fc12e703f60 R15: 00007fff139178e8 [ 150.074513][ T8272] [ 150.080512][ C1] vxcan0: j1939_tp_rxtimer: 0xffff88802dc6c400: rx timeout, send abort [ 150.090154][ C1] vxcan0: j1939_xtp_rx_abort_one: 0xffff88802dc6c400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 150.539816][ T8290] atomic_op ffff888074c43198 conn xmit_atomic 0000000000000000 [ 150.832206][ T8303] netlink: 'syz.4.1098': attribute type 10 has an invalid length. [ 150.896592][ T8303] batman_adv: batadv0: Adding interface: team0 [ 150.947589][ T8303] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 151.021441][ T8303] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 151.060253][ T8307] netlink: 'syz.4.1098': attribute type 10 has an invalid length. [ 151.102957][ T8307] team0: entered promiscuous mode [ 151.146012][ T8307] team_slave_0: entered promiscuous mode [ 151.174434][ T8307] team_slave_1: entered promiscuous mode [ 151.216911][ T8307] 8021q: adding VLAN 0 to HW filter on device team0 [ 151.254781][ T8307] batman_adv: batadv0: Interface activated: team0 [ 151.274958][ T8307] batman_adv: batadv0: Interface deactivated: team0 [ 151.296345][ T8307] batman_adv: batadv0: Removing interface: team0 [ 151.655965][ T8307] bridge0: port 3(team0) entered blocking state [ 151.678924][ T8307] bridge0: port 3(team0) entered disabled state [ 151.695264][ T8307] team0: entered allmulticast mode [ 151.707527][ T8307] team_slave_0: entered allmulticast mode [ 151.728859][ T8307] team_slave_1: entered allmulticast mode [ 151.745440][ T8312] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 151.754358][ T8307] bridge0: port 3(team0) entered blocking state [ 151.760809][ T8307] bridge0: port 3(team0) entered forwarding state [ 152.027845][ T8333] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 152.035169][ T8333] IPv6: NLM_F_CREATE should be set when creating new route [ 152.043429][ T8336] IPVS: length: 122 != 24 [ 154.248069][ T8401] netlink: 'syz.4.1128': attribute type 10 has an invalid length. [ 157.191618][ T8401] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 157.415681][ T8422] __nla_validate_parse: 9 callbacks suppressed [ 157.415701][ T8422] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1133'. [ 157.506891][ T8441] atomic_op ffff888022310198 conn xmit_atomic 0000000000000000 [ 157.533005][ T8441] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1136'. [ 157.554015][ T8441] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1136'. [ 157.572770][ T8441] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1136'. [ 158.185385][ T8472] FAULT_INJECTION: forcing a failure. [ 158.185385][ T8472] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 158.225016][ T8472] CPU: 1 PID: 8472 Comm: syz.1.1146 Not tainted 6.10.0-rc6-syzkaller-00170-g0913ec336a6c #0 [ 158.235148][ T8472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 158.245229][ T8472] Call Trace: [ 158.248545][ T8472] [ 158.251486][ T8472] dump_stack_lvl+0x241/0x360 [ 158.256209][ T8472] ? __pfx_dump_stack_lvl+0x10/0x10 [ 158.261441][ T8472] ? __pfx__printk+0x10/0x10 [ 158.266063][ T8472] ? snprintf+0xda/0x120 [ 158.270361][ T8472] should_fail_ex+0x3b0/0x4e0 [ 158.275699][ T8472] _copy_to_user+0x2f/0xb0 [ 158.280151][ T8472] simple_read_from_buffer+0xca/0x150 [ 158.285548][ T8472] proc_fail_nth_read+0x1e9/0x250 [ 158.290698][ T8472] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 158.296288][ T8472] ? rw_verify_area+0x520/0x6b0 [ 158.301163][ T8472] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 158.306726][ T8472] vfs_read+0x204/0xbc0 [ 158.310904][ T8472] ? __pfx_lock_release+0x10/0x10 [ 158.315985][ T8472] ? __pfx_vfs_read+0x10/0x10 [ 158.320812][ T8472] ? __fget_files+0x29/0x470 [ 158.325459][ T8472] ? __fget_files+0x3f6/0x470 [ 158.330182][ T8472] ksys_read+0x1a0/0x2c0 [ 158.334455][ T8472] ? __pfx_ksys_read+0x10/0x10 [ 158.339234][ T8472] ? do_syscall_64+0x100/0x230 [ 158.344018][ T8472] ? do_syscall_64+0xb6/0x230 [ 158.348745][ T8472] do_syscall_64+0xf3/0x230 [ 158.353364][ T8472] ? clear_bhb_loop+0x35/0x90 [ 158.358069][ T8472] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 158.363997][ T8472] RIP: 0033:0x7fc12e5746bc [ 158.368426][ T8472] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48 [ 158.388055][ T8472] RSP: 002b:00007fc12f38e040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 158.396490][ T8472] RAX: ffffffffffffffda RBX: 00007fc12e703f60 RCX: 00007fc12e5746bc [ 158.404478][ T8472] RDX: 000000000000000f RSI: 00007fc12f38e0b0 RDI: 0000000000000003 [ 158.412650][ T8472] RBP: 00007fc12f38e0a0 R08: 0000000000000000 R09: 0000000000000000 [ 158.420737][ T8472] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 158.428911][ T8472] R13: 000000000000004d R14: 00007fc12e703f60 R15: 00007fff139178e8 [ 158.437115][ T8472] [ 158.999409][ T8481] atomic_op ffff88802e10c198 conn xmit_atomic 0000000000000000 [ 159.001646][ T8477] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1148'. [ 159.021472][ T8481] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1150'. [ 159.040715][ T8481] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1150'. [ 159.056996][ T8481] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1150'. [ 159.243281][ T8495] FAULT_INJECTION: forcing a failure. [ 159.243281][ T8495] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 159.273835][ T8495] CPU: 0 PID: 8495 Comm: syz.4.1154 Not tainted 6.10.0-rc6-syzkaller-00170-g0913ec336a6c #0 [ 159.283984][ T8495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 159.294065][ T8495] Call Trace: [ 159.297365][ T8495] [ 159.300318][ T8495] dump_stack_lvl+0x241/0x360 [ 159.305039][ T8495] ? __pfx_dump_stack_lvl+0x10/0x10 [ 159.310278][ T8495] ? __pfx__printk+0x10/0x10 [ 159.314908][ T8495] ? __pfx_lock_release+0x10/0x10 [ 159.319987][ T8495] should_fail_ex+0x3b0/0x4e0 [ 159.324711][ T8495] _copy_from_user+0x2f/0xe0 [ 159.329371][ T8495] copy_msghdr_from_user+0xae/0x680 [ 159.334612][ T8495] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 159.340473][ T8495] __sys_sendmsg+0x23d/0x3a0 [ 159.345104][ T8495] ? __pfx___sys_sendmsg+0x10/0x10 [ 159.350244][ T8495] ? vfs_write+0x7c4/0xc90 [ 159.354735][ T8495] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 159.361096][ T8495] ? do_syscall_64+0x100/0x230 [ 159.365901][ T8495] ? do_syscall_64+0xb6/0x230 [ 159.370633][ T8495] do_syscall_64+0xf3/0x230 [ 159.375191][ T8495] ? clear_bhb_loop+0x35/0x90 [ 159.377235][ T8504] IPVS: sync thread started: state = BACKUP, mcast_ifn = macsec0, syncid = 0, id = 0 [ 159.379889][ T8495] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 159.379922][ T8495] RIP: 0033:0x7f1ef2b75bd9 [ 159.379940][ T8495] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 159.379955][ T8495] RSP: 002b:00007f1ef3872048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 159.379976][ T8495] RAX: ffffffffffffffda RBX: 00007f1ef2d04038 RCX: 00007f1ef2b75bd9 [ 159.379990][ T8495] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000004 [ 159.380002][ T8495] RBP: 00007f1ef38720a0 R08: 0000000000000000 R09: 0000000000000000 [ 159.380014][ T8495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 159.380026][ T8495] R13: 000000000000006e R14: 00007f1ef2d04038 R15: 00007ffcd2c69548 [ 159.380056][ T8495] [ 159.564535][ T8513] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1160'. [ 159.597865][ T8513] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 159.605210][ T8513] IPv6: NLM_F_CREATE should be set when creating new route [ 159.620279][ T8513] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 159.870268][ T8524] atomic_op ffff888062248198 conn xmit_atomic 0000000000000000 [ 159.884243][ T8524] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1164'. [ 160.418723][ T8532] netlink: 'syz.0.1167': attribute type 10 has an invalid length. [ 160.478472][ T8532] team0: left promiscuous mode [ 160.489084][ T8532] team_slave_0: left promiscuous mode [ 160.494681][ T8532] team_slave_1: left promiscuous mode [ 160.514309][ T8532] batman_adv: batadv0: Adding interface: team0 [ 160.532952][ T8532] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 160.562968][ T8532] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 160.574494][ T8535] netlink: 'syz.0.1167': attribute type 10 has an invalid length. [ 160.585403][ T8535] team0: entered promiscuous mode [ 160.592762][ T8535] team_slave_0: entered promiscuous mode [ 160.598924][ T8535] team_slave_1: entered promiscuous mode [ 160.607937][ T8535] 8021q: adding VLAN 0 to HW filter on device team0 [ 160.618329][ T8535] batman_adv: batadv0: Interface activated: team0 [ 160.625448][ T8535] batman_adv: batadv0: Interface deactivated: team0 [ 160.638203][ T8535] batman_adv: batadv0: Removing interface: team0 [ 160.961822][ T8553] netlink: 'syz.4.1173': attribute type 4 has an invalid length. [ 160.996671][ T8553] netlink: 'syz.4.1173': attribute type 4 has an invalid length. [ 161.163308][ T8557] atomic_op ffff888022059198 conn xmit_atomic 0000000000000000 [ 161.251045][ T8532] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 161.302108][ T8561] FAULT_INJECTION: forcing a failure. [ 161.302108][ T8561] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 161.330704][ T8561] CPU: 1 PID: 8561 Comm: syz.3.1176 Not tainted 6.10.0-rc6-syzkaller-00170-g0913ec336a6c #0 [ 161.340846][ T8561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 161.350934][ T8561] Call Trace: [ 161.354222][ T8561] [ 161.357145][ T8561] dump_stack_lvl+0x241/0x360 [ 161.361920][ T8561] ? __pfx_dump_stack_lvl+0x10/0x10 [ 161.367115][ T8561] ? __pfx__printk+0x10/0x10 [ 161.371710][ T8561] ? __pfx_lock_release+0x10/0x10 [ 161.376740][ T8561] should_fail_ex+0x3b0/0x4e0 [ 161.381418][ T8561] _copy_to_user+0x2f/0xb0 [ 161.385827][ T8561] sctp_getsockopt_local_addrs+0xd36/0xec0 [ 161.391640][ T8561] ? __pfx_sctp_getsockopt_local_addrs+0x10/0x10 [ 161.397958][ T8561] ? __local_bh_enable_ip+0x168/0x200 [ 161.403323][ T8561] ? lockdep_hardirqs_on+0x99/0x150 [ 161.408515][ T8561] ? __local_bh_enable_ip+0x168/0x200 [ 161.413876][ T8561] ? sctp_getsockopt+0x13a/0xbb0 [ 161.418809][ T8561] sctp_getsockopt+0x6ad/0xbb0 [ 161.423680][ T8561] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 161.429607][ T8561] do_sock_getsockopt+0x373/0x850 [ 161.434640][ T8561] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 161.440187][ T8561] ? __fget_files+0x3f6/0x470 [ 161.444868][ T8561] __sys_getsockopt+0x271/0x330 [ 161.449723][ T8561] ? __pfx___sys_getsockopt+0x10/0x10 [ 161.455125][ T8561] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 161.461452][ T8561] ? do_syscall_64+0x100/0x230 [ 161.466224][ T8561] __x64_sys_getsockopt+0xb5/0xd0 [ 161.471245][ T8561] do_syscall_64+0xf3/0x230 [ 161.475748][ T8561] ? clear_bhb_loop+0x35/0x90 [ 161.480513][ T8561] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.486400][ T8561] RIP: 0033:0x7f931b975bd9 [ 161.490807][ T8561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 161.510406][ T8561] RSP: 002b:00007f931c7bf048 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 161.518820][ T8561] RAX: ffffffffffffffda RBX: 00007f931bb03f60 RCX: 00007f931b975bd9 [ 161.526781][ T8561] RDX: 000000000000006d RSI: 0000000000000084 RDI: 0000000000000003 [ 161.534742][ T8561] RBP: 00007f931c7bf0a0 R08: 0000000020000a80 R09: 0000000000000000 [ 161.542705][ T8561] R10: 0000000020000880 R11: 0000000000000246 R12: 0000000000000001 [ 161.550764][ T8561] R13: 000000000000004d R14: 00007f931bb03f60 R15: 00007ffe9ee14228 [ 161.558880][ T8561] [ 162.172404][ T8585] atomic_op ffff88801ef03998 conn xmit_atomic 0000000000000000 [ 162.448345][ T8589] netlink: 'syz.4.1188': attribute type 10 has an invalid length. [ 162.495694][ T8589] bridge0: port 3(team0) entered disabled state [ 162.613368][ T8589] team0: left allmulticast mode [ 162.618292][ T8589] team_slave_0: left allmulticast mode [ 162.628364][ T8594] openvswitch: netlink: Key 0 has unexpected len 2 expected 0 [ 162.644904][ T8589] team_slave_1: left allmulticast mode [ 162.663465][ T8589] team0: left promiscuous mode [ 162.668542][ T8589] team_slave_0: left promiscuous mode [ 162.696441][ T8589] team_slave_1: left promiscuous mode [ 162.711636][ T8589] bridge0: port 3(team0) entered disabled state [ 162.734828][ T8589] batman_adv: batadv0: Adding interface: team0 [ 162.747983][ T8589] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 162.785605][ T8589] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 162.816489][ T8590] netlink: 'syz.4.1188': attribute type 10 has an invalid length. [ 162.839162][ T8590] __nla_validate_parse: 12 callbacks suppressed [ 162.839183][ T8590] netlink: 2 bytes leftover after parsing attributes in process `syz.4.1188'. [ 162.859414][ T8590] team0: entered promiscuous mode [ 162.868783][ T8590] team_slave_0: entered promiscuous mode [ 162.875684][ T8590] team_slave_1: entered promiscuous mode [ 162.895834][ T8590] 8021q: adding VLAN 0 to HW filter on device team0 [ 162.905910][ T8590] batman_adv: batadv0: Interface activated: team0 [ 162.927054][ T8590] batman_adv: batadv0: Interface deactivated: team0 [ 162.936635][ T8590] batman_adv: batadv0: Removing interface: team0 [ 162.953686][ T8590] bridge0: port 3(team0) entered blocking state [ 162.960923][ T8590] bridge0: port 3(team0) entered disabled state [ 162.967717][ T8590] team0: entered allmulticast mode [ 162.973442][ T8590] team_slave_0: entered allmulticast mode [ 162.979709][ T8590] team_slave_1: entered allmulticast mode [ 162.989509][ T8590] bridge0: port 3(team0) entered blocking state [ 162.995976][ T8590] bridge0: port 3(team0) entered forwarding state [ 163.205926][ T8591] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 163.442306][ T8623] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1198'. [ 163.473089][ T8623] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1198'. [ 163.484600][ T8625] netlink: 'syz.0.1199': attribute type 1 has an invalid length. [ 163.509982][ T8623] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1198'. [ 163.521666][ T8625] vxcan1: tx address claim with dlc 1 [ 163.860031][ T5100] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 163.872604][ T5100] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 163.882034][ T5100] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 163.921039][ T5100] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 163.934517][ T5100] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 163.942666][ T5100] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 164.015186][ T8647] netlink: 'syz.0.1207': attribute type 10 has an invalid length. [ 164.039459][ T8647] team0: left promiscuous mode [ 164.044558][ T8647] team_slave_0: left promiscuous mode [ 164.057029][ T8647] team_slave_1: left promiscuous mode [ 164.099685][ T8647] batman_adv: batadv0: Adding interface: team0 [ 164.105987][ T8647] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 164.149666][ T8647] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 164.256396][ T8646] gretap0: entered promiscuous mode [ 164.288760][ T8646] bridge0: entered promiscuous mode [ 164.519448][ T8646] debugfs: Directory 'hsr1' with parent 'hsr' already present! [ 164.527126][ T8646] Cannot create hsr debugfs directory [ 164.548089][ T8649] netlink: 'syz.0.1207': attribute type 10 has an invalid length. [ 164.559457][ T8649] netlink: 2 bytes leftover after parsing attributes in process `syz.0.1207'. [ 164.588835][ T8649] team0: entered promiscuous mode [ 164.605120][ T8649] team_slave_0: entered promiscuous mode [ 164.619747][ T8649] team_slave_1: entered promiscuous mode [ 164.638459][ T8649] 8021q: adding VLAN 0 to HW filter on device team0 [ 164.652805][ T8649] batman_adv: batadv0: Interface activated: team0 [ 164.660056][ T8649] batman_adv: batadv0: Interface deactivated: team0 [ 164.671869][ T8653] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1209'. [ 164.676652][ T8649] batman_adv: batadv0: Removing interface: team0 [ 164.811475][ T8655] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1210'. [ 164.848303][ T8647] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 165.055655][ T8659] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1211'. [ 165.082171][ T8659] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1211'. [ 165.107723][ T8664] netlink: 'syz.4.1212': attribute type 3 has an invalid length. [ 165.120548][ T8659] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1211'. [ 165.163885][ T8638] chnl_net:caif_netlink_parms(): no params data found [ 165.323429][ T8667] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 165.330765][ T8667] IPv6: NLM_F_CREATE should be set when creating new route [ 165.393330][ T8667] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 165.417134][ T8638] bridge0: port 1(bridge_slave_0) entered blocking state [ 165.425880][ T8638] bridge0: port 1(bridge_slave_0) entered disabled state [ 165.449302][ T8638] bridge_slave_0: entered allmulticast mode [ 165.456281][ T8638] bridge_slave_0: entered promiscuous mode [ 165.482381][ T8638] bridge0: port 2(bridge_slave_1) entered blocking state [ 165.493896][ T8671] netlink: 'syz.0.1214': attribute type 29 has an invalid length. [ 165.499204][ T8638] bridge0: port 2(bridge_slave_1) entered disabled state [ 165.520840][ T8638] bridge_slave_1: entered allmulticast mode [ 165.528273][ T8638] bridge_slave_1: entered promiscuous mode [ 165.552137][ T8671] netlink: 'syz.0.1214': attribute type 29 has an invalid length. [ 165.586833][ T8638] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 165.596876][ T8671] netlink: 'syz.0.1214': attribute type 29 has an invalid length. [ 165.610750][ T8671] netlink: 'syz.0.1214': attribute type 29 has an invalid length. [ 165.625313][ T8638] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 165.706906][ T8638] team0: Port device team_slave_0 added [ 165.739806][ T8638] team0: Port device team_slave_1 added [ 165.807104][ T8638] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 165.824841][ T8638] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 165.887705][ T8638] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 165.908222][ T8638] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 165.939394][ T8638] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 165.968221][ T8638] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 166.030599][ T5100] Bluetooth: hci3: command tx timeout [ 166.231739][ T8638] hsr_slave_0: entered promiscuous mode [ 166.242401][ T8638] hsr_slave_1: entered promiscuous mode [ 166.267716][ T8638] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 166.275639][ T8638] Cannot create hsr debugfs directory [ 166.765260][ T8685] netlink: 'syz.4.1220': attribute type 10 has an invalid length. [ 166.818277][ T8685] bridge0: port 3(team0) entered disabled state [ 166.854331][ T8685] team0: left allmulticast mode [ 166.878391][ T8685] team_slave_0: left allmulticast mode [ 166.894458][ T8685] team_slave_1: left allmulticast mode [ 166.904614][ T8685] team0: left promiscuous mode [ 166.919081][ T8685] team_slave_0: left promiscuous mode [ 166.929115][ T8685] team_slave_1: left promiscuous mode [ 166.935016][ T8685] bridge0: port 3(team0) entered disabled state [ 166.981744][ T8685] batman_adv: batadv0: Adding interface: team0 [ 166.990501][ T8685] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 167.034053][ T8688] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 167.059101][ T8685] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 167.104743][ T8687] netlink: 'syz.4.1220': attribute type 10 has an invalid length. [ 167.125162][ T8687] team0: entered promiscuous mode [ 167.130429][ T8687] team_slave_0: entered promiscuous mode [ 167.136402][ T8687] team_slave_1: entered promiscuous mode [ 167.152224][ T8687] 8021q: adding VLAN 0 to HW filter on device team0 [ 167.161950][ T8687] batman_adv: batadv0: Interface activated: team0 [ 167.163092][ T5107] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 167.168580][ T8687] batman_adv: batadv0: Interface deactivated: team0 [ 167.178970][ T5107] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 167.190541][ T8687] batman_adv: batadv0: Removing interface: team0 [ 167.193552][ T5107] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 167.205568][ T8687] bridge0: port 3(team0) entered blocking state [ 167.207512][ T5107] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 167.220291][ T5107] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 167.221412][ T8687] bridge0: port 3(team0) entered disabled state [ 167.228060][ T5107] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 167.241987][ T8687] team0: entered allmulticast mode [ 167.247165][ T8687] team_slave_0: entered allmulticast mode [ 167.254262][ T8687] team_slave_1: entered allmulticast mode [ 167.262854][ T8687] bridge0: port 3(team0) entered blocking state [ 167.269416][ T8687] bridge0: port 3(team0) entered forwarding state [ 167.357579][ T8697] FAULT_INJECTION: forcing a failure. [ 167.357579][ T8697] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 167.379829][ T8697] CPU: 0 PID: 8697 Comm: syz.4.1223 Not tainted 6.10.0-rc6-syzkaller-00170-g0913ec336a6c #0 [ 167.389964][ T8697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 167.400042][ T8697] Call Trace: [ 167.403335][ T8697] [ 167.406279][ T8697] dump_stack_lvl+0x241/0x360 [ 167.411071][ T8697] ? __pfx_dump_stack_lvl+0x10/0x10 [ 167.416296][ T8697] ? __pfx__printk+0x10/0x10 [ 167.420917][ T8697] ? __pfx_lock_release+0x10/0x10 [ 167.425965][ T8697] should_fail_ex+0x3b0/0x4e0 [ 167.430673][ T8697] _copy_from_user+0x2f/0xe0 [ 167.435331][ T8697] copy_msghdr_from_user+0xae/0x680 [ 167.440564][ T8697] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 167.446418][ T8697] do_recvmmsg+0x40f/0xae0 [ 167.450957][ T8697] ? __pfx_lock_release+0x10/0x10 [ 167.456008][ T8697] ? __pfx_do_recvmmsg+0x10/0x10 [ 167.461001][ T8697] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 167.466936][ T8697] ? ksys_write+0x23e/0x2c0 [ 167.471474][ T8697] ? __pfx_lock_release+0x10/0x10 [ 167.476538][ T8697] ? vfs_write+0x7c4/0xc90 [ 167.481081][ T8697] ? __mutex_unlock_slowpath+0x21d/0x750 [ 167.486863][ T8697] ? __fget_files+0x3f6/0x470 [ 167.491590][ T8697] __x64_sys_recvmmsg+0x199/0x250 [ 167.496653][ T8697] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 167.502244][ T8697] ? do_syscall_64+0x100/0x230 [ 167.507044][ T8697] ? do_syscall_64+0xb6/0x230 [ 167.511768][ T8697] do_syscall_64+0xf3/0x230 [ 167.516307][ T8697] ? clear_bhb_loop+0x35/0x90 [ 167.521027][ T8697] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 167.526949][ T8697] RIP: 0033:0x7f1ef2b75bd9 [ 167.531384][ T8697] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 167.551017][ T8697] RSP: 002b:00007f1ef3893048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 167.559463][ T8697] RAX: ffffffffffffffda RBX: 00007f1ef2d03f60 RCX: 00007f1ef2b75bd9 [ 167.567466][ T8697] RDX: 0000000000000001 RSI: 0000000020001900 RDI: 0000000000000004 [ 167.575470][ T8697] RBP: 00007f1ef38930a0 R08: 0000000000000000 R09: 0000000000000000 [ 167.583465][ T8697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 167.591446][ T8697] R13: 000000000000000b R14: 00007f1ef2d03f60 R15: 00007ffcd2c69548 [ 167.599438][ T8697] [ 167.794338][ T8638] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 168.003896][ T8638] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 168.114059][ T5100] Bluetooth: hci3: command tx timeout [ 168.225817][ T8638] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 168.250224][ T5107] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 168.267591][ T8694] chnl_net:caif_netlink_parms(): no params data found [ 168.280665][ T5107] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 168.294639][ T5107] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 168.310296][ T5107] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 168.318203][ T5107] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 168.325716][ T5107] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 168.445447][ T8638] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 169.309318][ T5100] Bluetooth: hci2: command tx timeout [ 170.189309][ T5100] Bluetooth: hci3: command tx timeout [ 170.350855][ T5100] Bluetooth: hci6: command tx timeout [ 170.459331][ T8694] bridge0: port 1(bridge_slave_0) entered blocking state [ 170.466513][ T8694] bridge0: port 1(bridge_slave_0) entered disabled state [ 170.483074][ T8694] bridge_slave_0: entered allmulticast mode [ 170.491491][ T8694] bridge_slave_0: entered promiscuous mode [ 170.508547][ T8694] bridge0: port 2(bridge_slave_1) entered blocking state [ 170.515932][ T8694] bridge0: port 2(bridge_slave_1) entered disabled state [ 170.523898][ T8694] bridge_slave_1: entered allmulticast mode [ 170.531640][ T8694] bridge_slave_1: entered promiscuous mode [ 170.547093][ T8734] netlink: 'syz.4.1231': attribute type 10 has an invalid length. [ 170.567332][ T8734] bridge0: port 3(team0) entered disabled state [ 170.574837][ T8734] team0: left allmulticast mode [ 170.580633][ T8734] team_slave_0: left allmulticast mode [ 170.586132][ T8734] team_slave_1: left allmulticast mode [ 170.592016][ T8734] team0: left promiscuous mode [ 170.596824][ T8734] team_slave_0: left promiscuous mode [ 170.605452][ T8734] team_slave_1: left promiscuous mode [ 170.611506][ T8734] bridge0: port 3(team0) entered disabled state [ 170.620627][ T8734] batman_adv: batadv0: Adding interface: team0 [ 170.626817][ T8734] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 170.653096][ T8734] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 170.688702][ T8735] netlink: 'syz.4.1231': attribute type 10 has an invalid length. [ 170.696796][ T8735] __nla_validate_parse: 6 callbacks suppressed [ 170.696811][ T8735] netlink: 2 bytes leftover after parsing attributes in process `syz.4.1231'. [ 170.713998][ T8735] team0: entered promiscuous mode [ 170.720729][ T8735] team_slave_0: entered promiscuous mode [ 170.726616][ T8735] team_slave_1: entered promiscuous mode [ 170.734096][ T8735] 8021q: adding VLAN 0 to HW filter on device team0 [ 170.741460][ T8735] batman_adv: batadv0: Interface activated: team0 [ 170.748033][ T8735] batman_adv: batadv0: Interface deactivated: team0 [ 170.755443][ T8735] batman_adv: batadv0: Removing interface: team0 [ 170.763532][ T8735] bridge0: port 3(team0) entered blocking state [ 170.771460][ T8735] bridge0: port 3(team0) entered disabled state [ 170.777893][ T8735] team0: entered allmulticast mode [ 170.783712][ T8735] team_slave_0: entered allmulticast mode [ 170.789949][ T8735] team_slave_1: entered allmulticast mode [ 170.797862][ T8735] bridge0: port 3(team0) entered blocking state [ 170.804263][ T8735] bridge0: port 3(team0) entered forwarding state [ 170.842118][ T8694] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 170.888160][ T8694] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 170.906041][ T8738] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1232'. [ 170.929976][ T8738] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1232'. [ 170.945476][ T8638] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 170.969855][ T8738] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1232'. [ 170.986996][ T8694] team0: Port device team_slave_0 added [ 170.994742][ T8638] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 171.007022][ T8638] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 171.025887][ T8694] team0: Port device team_slave_1 added [ 171.047246][ T8638] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 171.076103][ T8741] dccp_xmit_packet: Payload too large (65475) for featneg. [ 171.136118][ T8743] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1234'. [ 171.153762][ T8694] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 171.165474][ T8694] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 171.192274][ T8694] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 171.252320][ T8694] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 171.260107][ T8694] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 171.287650][ T8694] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 171.336935][ T8724] chnl_net:caif_netlink_parms(): no params data found [ 171.389805][ T5100] Bluetooth: hci2: command tx timeout [ 171.423864][ T8694] hsr_slave_0: entered promiscuous mode [ 171.431001][ T8694] hsr_slave_1: entered promiscuous mode [ 171.437243][ T8694] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 171.445055][ T8694] Cannot create hsr debugfs directory [ 171.562707][ T8724] bridge0: port 1(bridge_slave_0) entered blocking state [ 171.570127][ T8724] bridge0: port 1(bridge_slave_0) entered disabled state [ 171.577395][ T8724] bridge_slave_0: entered allmulticast mode [ 171.586491][ T8724] bridge_slave_0: entered promiscuous mode [ 171.606146][ T8724] bridge0: port 2(bridge_slave_1) entered blocking state [ 171.613562][ T8724] bridge0: port 2(bridge_slave_1) entered disabled state [ 171.621714][ T8724] bridge_slave_1: entered allmulticast mode [ 171.629660][ T8724] bridge_slave_1: entered promiscuous mode [ 171.687000][ T8724] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 171.716262][ T8724] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 171.771197][ T8724] team0: Port device team_slave_0 added [ 171.812599][ T8724] team0: Port device team_slave_1 added [ 171.845895][ T8694] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 171.888887][ T8724] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 171.896950][ T8724] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 171.930299][ T8724] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 171.943684][ T8724] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 171.951348][ T8724] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 171.977538][ T8724] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 172.008969][ T8694] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.063773][ T8724] hsr_slave_0: entered promiscuous mode [ 172.072734][ T8724] hsr_slave_1: entered promiscuous mode [ 172.084028][ T8724] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 172.092048][ T8724] Cannot create hsr debugfs directory [ 172.105610][ T8638] 8021q: adding VLAN 0 to HW filter on device bond0 [ 172.136835][ T8694] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.232594][ T8694] netdevsim netdevsim1 netdevsim0 (unregistering): left promiscuous mode [ 172.243147][ T8694] netdevsim netdevsim1 netdevsim0 (unregistering): left allmulticast mode [ 172.258898][ T8694] team0: Port device netdevsim0 removed [ 172.275030][ T5100] Bluetooth: hci3: command tx timeout [ 172.284534][ T8694] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.353374][ T8638] 8021q: adding VLAN 0 to HW filter on device team0 [ 172.429438][ T5100] Bluetooth: hci6: command tx timeout [ 172.540216][ T783] bridge0: port 1(bridge_slave_0) entered blocking state [ 172.547379][ T783] bridge0: port 1(bridge_slave_0) entered forwarding state [ 172.562472][ T783] bridge0: port 2(bridge_slave_1) entered blocking state [ 172.569735][ T783] bridge0: port 2(bridge_slave_1) entered forwarding state [ 172.752242][ T8694] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 172.792196][ T8694] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 172.966060][ T8724] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 173.006599][ T8694] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 173.021096][ T8694] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 173.335028][ T8724] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 173.372022][ T8772] netlink: 'syz.4.1239': attribute type 10 has an invalid length. [ 173.388792][ T8772] bridge0: port 3(team0) entered disabled state [ 173.403698][ T8772] team0: left allmulticast mode [ 173.408635][ T8772] team_slave_0: left allmulticast mode [ 173.415914][ T8772] team_slave_1: left allmulticast mode [ 173.421893][ T8772] team0: left promiscuous mode [ 173.427527][ T8772] team_slave_0: left promiscuous mode [ 173.433675][ T8772] team_slave_1: left promiscuous mode [ 173.439796][ T8772] bridge0: port 3(team0) entered disabled state [ 173.448117][ T8772] batman_adv: batadv0: Adding interface: team0 [ 173.455115][ T8772] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 173.480842][ T5100] Bluetooth: hci2: command tx timeout [ 173.486603][ T8772] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 173.528518][ T8724] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 173.543590][ T8773] netlink: 'syz.4.1239': attribute type 10 has an invalid length. [ 173.553057][ T8773] netlink: 2 bytes leftover after parsing attributes in process `syz.4.1239'. [ 173.562413][ T8773] team0: entered promiscuous mode [ 173.567471][ T8773] team_slave_0: entered promiscuous mode [ 173.573639][ T8773] team_slave_1: entered promiscuous mode [ 173.583390][ T8773] 8021q: adding VLAN 0 to HW filter on device team0 [ 173.590391][ T8773] batman_adv: batadv0: Interface activated: team0 [ 173.596948][ T8773] batman_adv: batadv0: Interface deactivated: team0 [ 173.604126][ T8773] batman_adv: batadv0: Removing interface: team0 [ 173.612981][ T8773] bridge0: port 3(team0) entered blocking state [ 173.622964][ T8773] bridge0: port 3(team0) entered disabled state [ 173.632681][ T8773] team0: entered allmulticast mode [ 173.637932][ T8773] team_slave_0: entered allmulticast mode [ 173.644383][ T8773] team_slave_1: entered allmulticast mode [ 173.653304][ T8773] bridge0: port 3(team0) entered blocking state [ 173.660014][ T8773] bridge0: port 3(team0) entered forwarding state [ 173.730381][ T8724] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 173.747775][ T8776] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1240'. [ 173.758528][ T8776] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1240'. [ 173.764091][ T8638] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 173.768467][ T8776] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1240'. [ 173.930133][ T8638] veth0_vlan: entered promiscuous mode [ 173.957072][ T8778] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1241'. [ 174.007820][ T8638] veth1_vlan: entered promiscuous mode [ 174.025872][ T8724] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 174.050423][ T8724] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 174.064698][ T8781] dccp_xmit_packet: Payload too large (65475) for featneg. [ 174.072414][ T8724] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 174.131915][ T8724] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 174.185392][ T8694] 8021q: adding VLAN 0 to HW filter on device bond0 [ 174.243153][ T8694] 8021q: adding VLAN 0 to HW filter on device team0 [ 174.305379][ T5143] bridge0: port 1(bridge_slave_0) entered blocking state [ 174.312624][ T5143] bridge0: port 1(bridge_slave_0) entered forwarding state [ 174.327138][ T8638] veth0_macvtap: entered promiscuous mode [ 174.364703][ T8638] veth1_macvtap: entered promiscuous mode [ 174.377090][ T5143] bridge0: port 2(bridge_slave_1) entered blocking state [ 174.384427][ T5143] bridge0: port 2(bridge_slave_1) entered forwarding state [ 174.434652][ T8638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 174.445498][ T8638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.457267][ T8638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 174.468148][ T8638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.479772][ T8638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 174.490944][ T8638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.501356][ T8638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 174.512561][ T5100] Bluetooth: hci6: command tx timeout [ 174.518164][ T8638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.533789][ T8638] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 174.556801][ T8638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 174.567594][ T8638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.577792][ T8638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 174.590417][ T8638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.600346][ T8638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 174.611046][ T8638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.621566][ T8638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 174.632646][ T8638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 174.645375][ T8638] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 174.694562][ T8638] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.707719][ T8638] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.731151][ T8638] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.741222][ T8638] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.813703][ T8724] 8021q: adding VLAN 0 to HW filter on device bond0 [ 174.951403][ T8724] 8021q: adding VLAN 0 to HW filter on device team0 [ 174.985751][ T2467] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 175.011835][ T2467] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 175.027985][ T5171] bridge0: port 1(bridge_slave_0) entered blocking state [ 175.035253][ T5171] bridge0: port 1(bridge_slave_0) entered forwarding state [ 175.056791][ T5171] bridge0: port 2(bridge_slave_1) entered blocking state [ 175.064049][ T5171] bridge0: port 2(bridge_slave_1) entered forwarding state [ 175.079674][ T8694] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 175.163854][ T2467] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 175.184079][ T2467] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 175.250532][ T5107] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 175.262292][ T5107] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 175.279962][ T5107] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 175.292221][ T5107] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 175.302807][ T5107] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 175.311052][ T5107] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 175.320968][ T8801] netlink: 'syz.4.1247': attribute type 10 has an invalid length. [ 175.352165][ T8801] bridge0: port 3(team0) entered disabled state [ 175.365895][ T8801] team0: left allmulticast mode [ 175.371340][ T8801] team_slave_0: left allmulticast mode [ 175.377491][ T8801] team_slave_1: left allmulticast mode [ 175.384935][ T8801] team0: left promiscuous mode [ 175.390522][ T8801] team_slave_0: left promiscuous mode [ 175.396174][ T8801] team_slave_1: left promiscuous mode [ 175.402942][ T8801] bridge0: port 3(team0) entered disabled state [ 175.414912][ T8801] batman_adv: batadv0: Adding interface: team0 [ 175.422911][ T8801] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 175.450864][ T8801] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 175.476431][ T8804] netlink: 'syz.4.1247': attribute type 10 has an invalid length. [ 175.487532][ T8804] team0: entered promiscuous mode [ 175.495346][ T8804] team_slave_0: entered promiscuous mode [ 175.502599][ T8804] team_slave_1: entered promiscuous mode [ 175.510904][ T8804] 8021q: adding VLAN 0 to HW filter on device team0 [ 175.518070][ T8804] batman_adv: batadv0: Interface activated: team0 [ 175.524984][ T8804] batman_adv: batadv0: Interface deactivated: team0 [ 175.532506][ T8804] batman_adv: batadv0: Removing interface: team0 [ 175.541280][ T8804] bridge0: port 3(team0) entered blocking state [ 175.549816][ T5100] Bluetooth: hci2: command tx timeout [ 175.555528][ T8804] bridge0: port 3(team0) entered disabled state [ 175.562881][ T8804] team0: entered allmulticast mode [ 175.569625][ T8804] team_slave_0: entered allmulticast mode [ 175.575587][ T8804] team_slave_1: entered allmulticast mode [ 175.584891][ T8804] bridge0: port 3(team0) entered blocking state [ 175.591260][ T8804] bridge0: port 3(team0) entered forwarding state [ 175.676947][ T8694] veth0_vlan: entered promiscuous mode [ 175.754332][ T8694] veth1_vlan: entered promiscuous mode [ 175.936308][ T8694] veth0_macvtap: entered promiscuous mode [ 175.974814][ T8694] veth1_macvtap: entered promiscuous mode [ 175.982738][ T8818] dccp_xmit_packet: Payload too large (65475) for featneg. [ 176.072368][ T8694] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 176.085849][ T8694] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 176.097375][ T8694] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 176.108546][ T8694] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 176.120887][ T8694] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 176.131895][ T8694] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 176.141850][ T8694] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 176.154518][ T8694] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 176.164685][ T8694] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 176.175209][ T8694] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 176.187231][ T8694] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 176.193322][ T8806] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 176.254832][ T8821] gretap0: entered promiscuous mode [ 176.274112][ T8821] bridge0: entered promiscuous mode [ 176.301434][ T8821] debugfs: Directory 'hsr1' with parent 'hsr' already present! [ 176.328783][ T8821] Cannot create hsr debugfs directory [ 176.363488][ T8694] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 176.409217][ T8694] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 176.429803][ T8694] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 176.450067][ T8694] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 176.469693][ T8694] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 176.499636][ T8694] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 176.524447][ T8694] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 176.549535][ T8694] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 176.562902][ T8694] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 176.580879][ T5100] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 176.584805][ T8694] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 176.591272][ T5100] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 176.607468][ T4490] Bluetooth: hci6: command tx timeout [ 176.615191][ T5100] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 176.617902][ T8694] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 176.625762][ T5100] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 176.641713][ T5100] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 176.648062][ T8724] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 176.650045][ T5100] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 176.783735][ T8798] chnl_net:caif_netlink_parms(): no params data found [ 176.811928][ T8694] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 176.832959][ T8694] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 176.849347][ T8694] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 176.858275][ T8694] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 177.031307][ T8834] atomic_op ffff88801fe0e198 conn xmit_atomic 0000000000000000 [ 177.070038][ T1057] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 177.093588][ T8724] veth0_vlan: entered promiscuous mode [ 177.108035][ T8836] __nla_validate_parse: 4 callbacks suppressed [ 177.108055][ T8836] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1256'. [ 177.135728][ T8834] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1256'. [ 177.147458][ T8836] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1256'. [ 177.217022][ T1057] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 177.267790][ T8798] bridge0: port 1(bridge_slave_0) entered blocking state [ 177.278977][ T8798] bridge0: port 1(bridge_slave_0) entered disabled state [ 177.287942][ T8798] bridge_slave_0: entered allmulticast mode [ 177.300343][ T8798] bridge_slave_0: entered promiscuous mode [ 177.310388][ T8798] bridge0: port 2(bridge_slave_1) entered blocking state [ 177.317712][ T8798] bridge0: port 2(bridge_slave_1) entered disabled state [ 177.330869][ T8798] bridge_slave_1: entered allmulticast mode [ 177.338322][ T8798] bridge_slave_1: entered promiscuous mode [ 177.364622][ T8724] veth1_vlan: entered promiscuous mode [ 177.373943][ T8841] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1257'. [ 177.399767][ T1057] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 177.458713][ T8798] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 177.483446][ T8798] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 177.564242][ T1057] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 177.605721][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 177.636756][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 177.673569][ T8798] team0: Port device team_slave_0 added [ 177.724801][ T8798] team0: Port device team_slave_1 added [ 177.840161][ T8798] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 177.847253][ T8798] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 177.850243][ T2483] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 177.884097][ T2483] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 177.886642][ T8798] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 177.954824][ T8798] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 177.961995][ T8798] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 177.988470][ T8798] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 178.165527][ T8825] chnl_net:caif_netlink_parms(): no params data found [ 178.227156][ T8724] veth0_macvtap: entered promiscuous mode [ 178.277632][ T8798] hsr_slave_0: entered promiscuous mode [ 178.286080][ T8798] hsr_slave_1: entered promiscuous mode [ 178.293825][ T8798] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 178.301666][ T8798] Cannot create hsr debugfs directory [ 178.394332][ T8867] atomic_op ffff888023452198 conn xmit_atomic 0000000000000000 [ 178.423624][ T8724] veth1_macvtap: entered promiscuous mode [ 178.430597][ T1057] team0: left allmulticast mode [ 178.435744][ T1057] team_slave_0: left allmulticast mode [ 178.442153][ T1057] team_slave_1: left allmulticast mode [ 178.448863][ T1057] bridge0: port 3(team0) entered disabled state [ 178.461057][ T1057] bridge_slave_1: left allmulticast mode [ 178.467661][ T1057] bridge_slave_1: left promiscuous mode [ 178.468946][ T8868] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1263'. [ 178.475994][ T1057] bridge0: port 2(bridge_slave_1) entered disabled state [ 178.485546][ T8868] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1263'. [ 178.503698][ T1057] bridge_slave_0: left allmulticast mode [ 178.510341][ T1057] bridge_slave_0: left promiscuous mode [ 178.516059][ T1057] bridge0: port 1(bridge_slave_0) entered disabled state [ 178.725181][ T1057] gretap0 (unregistering): left promiscuous mode [ 178.754489][ T5107] Bluetooth: hci7: command tx timeout [ 178.814076][ T1057] bridge0 (unregistering): left promiscuous mode [ 178.987075][ T1057] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 179.008882][ T1057] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 179.031445][ T1057] bond0 (unregistering): (slave wlan1): Releasing backup interface [ 179.045349][ T1057] bond0 (unregistering): Released all slaves [ 179.068012][ T1057] bond1 (unregistering): Released all slaves [ 179.097315][ T8867] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1263'. [ 179.371198][ T8874] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1264'. [ 179.435084][ T8825] bridge0: port 1(bridge_slave_0) entered blocking state [ 179.455122][ T8825] bridge0: port 1(bridge_slave_0) entered disabled state [ 179.473188][ T8825] bridge_slave_0: entered allmulticast mode [ 179.492459][ T8825] bridge_slave_0: entered promiscuous mode [ 179.501387][ T8872] team0: Device ip6gre0 is of different type [ 179.534796][ T8724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 179.572521][ T8724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 179.594169][ T8724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 179.620903][ T8724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 179.640301][ T8724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 179.664393][ T8724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 179.679228][ T8724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 179.702191][ T8724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 179.723825][ T8724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 179.744868][ T8724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 179.765856][ T8724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 179.788355][ T8724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 179.802102][ T8724] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 179.846346][ T8825] bridge0: port 2(bridge_slave_1) entered blocking state [ 179.859673][ T8825] bridge0: port 2(bridge_slave_1) entered disabled state [ 179.866991][ T8825] bridge_slave_1: entered allmulticast mode [ 179.881868][ T8825] bridge_slave_1: entered promiscuous mode [ 179.896996][ T8724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 179.907812][ T8724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 179.918050][ T8724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 179.930172][ T8724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 179.940428][ T8724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 179.953031][ T8724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 179.963204][ T8724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 179.974039][ T8724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 179.984799][ T8724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 179.996441][ T8724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.006600][ T8724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 180.017308][ T8724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 180.043375][ T8724] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 180.108987][ T8892] netlink: 'syz.1.1270': attribute type 10 has an invalid length. [ 180.137155][ T8892] batman_adv: batadv0: Adding interface: team0 [ 180.146443][ T8892] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 180.179090][ T8892] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 180.216666][ T8724] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.226262][ T8724] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.235259][ T8724] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.244236][ T8724] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.275828][ T8893] netlink: 'syz.1.1270': attribute type 10 has an invalid length. [ 180.285859][ T8893] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1270'. [ 180.296167][ T8893] team0: entered promiscuous mode [ 180.301708][ T8893] team_slave_0: entered promiscuous mode [ 180.307736][ T8893] team_slave_1: entered promiscuous mode [ 180.315700][ T8893] 8021q: adding VLAN 0 to HW filter on device team0 [ 180.324046][ T8893] batman_adv: batadv0: Interface activated: team0 [ 180.330825][ T8893] batman_adv: batadv0: Interface deactivated: team0 [ 180.337636][ T8893] batman_adv: batadv0: Removing interface: team0 [ 180.344935][ T8893] bridge0: port 3(team0) entered blocking state [ 180.352166][ T8893] bridge0: port 3(team0) entered disabled state [ 180.358713][ T8893] team0: entered allmulticast mode [ 180.364161][ T8893] team_slave_0: entered allmulticast mode [ 180.370087][ T8893] team_slave_1: entered allmulticast mode [ 180.377663][ T8893] bridge0: port 3(team0) entered blocking state [ 180.384086][ T8893] bridge0: port 3(team0) entered forwarding state [ 180.393888][ T1057] ------------[ cut here ]------------ [ 180.399731][ T1057] WARNING: CPU: 1 PID: 1057 at net/ieee802154/core.c:354 cfg802154_pernet_exit+0xb9/0xe0 [ 180.409696][ T1057] Modules linked in: [ 180.413593][ T1057] CPU: 1 PID: 1057 Comm: kworker/u8:5 Not tainted 6.10.0-rc6-syzkaller-00170-g0913ec336a6c #0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 180.424233][ T1057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 180.435214][ T1057] Workqueue: netns cleanup_net [ 180.440285][ T1057] RIP: 0010:cfg802154_pernet_exit+0xb9/0xe0 [ 180.446220][ T1057] Code: 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 1c b7 c3 f6 48 8b 1b 4c 39 e3 74 12 e8 ef 01 5e f6 eb 89 e8 e8 01 5e f6 90 <0f> 0b 90 eb d0 e8 dd 01 5e f6 eb 05 e8 d6 01 5e f6 5b 41 5c 41 5d [ 180.466247][ T1057] RSP: 0018:ffffc90004547a88 EFLAGS: 00010293 [ 180.473801][ T1057] RAX: ffffffff8b3825c8 RBX: ffff8880231c2008 RCX: ffff88802251bc00 [ 180.481993][ T1057] RDX: 0000000000000000 RSI: 00000000ffffffef RDI: 0000000000000000 [ 180.490302][ T1057] RBP: 00000000ffffffef R08: ffffffff8b382595 R09: 1ffffffff1ebcdc4 [ 180.498795][ T1057] R10: dffffc0000000000 R11: fffffbfff1ebcdc5 R12: ffffffff8f8d05e0 [ 180.507335][ T1057] R13: dffffc0000000000 R14: ffff888022dfd640 R15: ffff8880231c2608 [ 180.515475][ T1057] FS: 0000000000000000(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000 [ 180.524756][ T1057] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.531463][ T1057] CR2: 00007ff96115b460 CR3: 000000005cf20000 CR4: 00000000003506f0 [ 180.539701][ T1057] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 180.547705][ T1057] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 180.556079][ T1057] Call Trace: [ 180.559482][ T1057] [ 180.562862][ T1057] ? __warn+0x163/0x4e0 [ 180.567048][ T1057] ? cfg802154_pernet_exit+0xb9/0xe0 [ 180.572616][ T1057] ? report_bug+0x2b3/0x500 [ 180.577152][ T1057] ? cfg802154_pernet_exit+0xb9/0xe0 [ 180.582803][ T1057] ? handle_bug+0x3e/0x70 [ 180.587115][ T8892] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 180.587155][ T1057] ? exc_invalid_op+0x1a/0x50 [ 180.598768][ T1057] ? asm_exc_invalid_op+0x1a/0x20 [ 180.604237][ T1057] ? cfg802154_pernet_exit+0x85/0xe0 [ 180.609830][ T1057] ? cfg802154_pernet_exit+0xb8/0xe0 [ 180.615156][ T1057] ? cfg802154_pernet_exit+0xb9/0xe0 [ 180.620573][ T1057] ? cfg802154_pernet_exit+0xb8/0xe0 [ 180.625991][ T1057] cleanup_net+0x802/0xcc0 [ 180.630532][ T1057] ? __pfx_cleanup_net+0x10/0x10 [ 180.635616][ T1057] ? process_scheduled_works+0x945/0x1830 [ 180.641702][ T1057] process_scheduled_works+0xa2c/0x1830 [ 180.647312][ T1057] ? __pfx_process_scheduled_works+0x10/0x10 [ 180.653455][ T1057] ? assign_work+0x364/0x3d0 [ 180.658079][ T1057] worker_thread+0x86d/0xd50 [ 180.662771][ T1057] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 180.668750][ T1057] ? __kthread_parkme+0x169/0x1d0 [ 180.674357][ T1057] ? __pfx_worker_thread+0x10/0x10 [ 180.679596][ T1057] kthread+0x2f0/0x390 [ 180.683693][ T1057] ? __pfx_worker_thread+0x10/0x10 [ 180.688841][ T1057] ? __pfx_kthread+0x10/0x10 [ 180.693540][ T1057] ret_from_fork+0x4b/0x80 [ 180.698449][ T1057] ? __pfx_kthread+0x10/0x10 [ 180.703962][ T1057] ret_from_fork_asm+0x1a/0x30 [ 180.708788][ T1057] [ 180.711876][ T1057] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 180.719174][ T1057] CPU: 1 PID: 1057 Comm: kworker/u8:5 Not tainted 6.10.0-rc6-syzkaller-00170-g0913ec336a6c #0 [ 180.729416][ T1057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 180.739474][ T1057] Workqueue: netns cleanup_net [ 180.744250][ T1057] Call Trace: [ 180.747535][ T1057] [ 180.750470][ T1057] dump_stack_lvl+0x241/0x360 [ 180.755172][ T1057] ? __pfx_dump_stack_lvl+0x10/0x10 [ 180.760400][ T1057] ? __pfx__printk+0x10/0x10 [ 180.764983][ T1057] ? vscnprintf+0x5d/0x90 [ 180.769333][ T1057] panic+0x349/0x860 [ 180.773279][ T1057] ? __warn+0x172/0x4e0 [ 180.777452][ T1057] ? __pfx_panic+0x10/0x10 [ 180.781882][ T1057] ? ret_from_fork_asm+0x1a/0x30 [ 180.786828][ T1057] __warn+0x346/0x4e0 [ 180.790798][ T1057] ? cfg802154_pernet_exit+0xb9/0xe0 [ 180.796116][ T1057] report_bug+0x2b3/0x500 [ 180.800487][ T1057] ? cfg802154_pernet_exit+0xb9/0xe0 [ 180.805850][ T1057] handle_bug+0x3e/0x70 [ 180.810011][ T1057] exc_invalid_op+0x1a/0x50 [ 180.814513][ T1057] asm_exc_invalid_op+0x1a/0x20 [ 180.819377][ T1057] RIP: 0010:cfg802154_pernet_exit+0xb9/0xe0 [ 180.825310][ T1057] Code: 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 1c b7 c3 f6 48 8b 1b 4c 39 e3 74 12 e8 ef 01 5e f6 eb 89 e8 e8 01 5e f6 90 <0f> 0b 90 eb d0 e8 dd 01 5e f6 eb 05 e8 d6 01 5e f6 5b 41 5c 41 5d [ 180.845090][ T1057] RSP: 0018:ffffc90004547a88 EFLAGS: 00010293 [ 180.851164][ T1057] RAX: ffffffff8b3825c8 RBX: ffff8880231c2008 RCX: ffff88802251bc00 [ 180.859151][ T1057] RDX: 0000000000000000 RSI: 00000000ffffffef RDI: 0000000000000000 [ 180.867147][ T1057] RBP: 00000000ffffffef R08: ffffffff8b382595 R09: 1ffffffff1ebcdc4 [ 180.875150][ T1057] R10: dffffc0000000000 R11: fffffbfff1ebcdc5 R12: ffffffff8f8d05e0 [ 180.883162][ T1057] R13: dffffc0000000000 R14: ffff888022dfd640 R15: ffff8880231c2608 [ 180.891142][ T1057] ? cfg802154_pernet_exit+0x85/0xe0 [ 180.896457][ T1057] ? cfg802154_pernet_exit+0xb8/0xe0 [ 180.901783][ T1057] ? cfg802154_pernet_exit+0xb8/0xe0 [ 180.907095][ T1057] cleanup_net+0x802/0xcc0 [ 180.911590][ T1057] ? __pfx_cleanup_net+0x10/0x10 [ 180.916545][ T1057] ? process_scheduled_works+0x945/0x1830 [ 180.922305][ T1057] process_scheduled_works+0xa2c/0x1830 [ 180.927886][ T1057] ? __pfx_process_scheduled_works+0x10/0x10 [ 180.933873][ T1057] ? assign_work+0x364/0x3d0 [ 180.938492][ T1057] worker_thread+0x86d/0xd50 [ 180.943116][ T1057] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 180.949051][ T1057] ? __kthread_parkme+0x169/0x1d0 [ 180.954104][ T1057] ? __pfx_worker_thread+0x10/0x10 [ 180.959236][ T1057] kthread+0x2f0/0x390 [ 180.963411][ T1057] ? __pfx_worker_thread+0x10/0x10 [ 180.968551][ T1057] ? __pfx_kthread+0x10/0x10 [ 180.973163][ T1057] ret_from_fork+0x4b/0x80 [ 180.977779][ T1057] ? __pfx_kthread+0x10/0x10 [ 180.982395][ T1057] ret_from_fork_asm+0x1a/0x30 [ 180.987215][ T1057] [ 180.990513][ T1057] Kernel Offset: disabled [ 180.995014][ T1057] Rebooting in 86400 seconds..