last executing test programs: 10.575383321s ago: executing program 0 (id=1107): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002740)={0x1c, 0x40, 0x9, 0xffffffff, 0x25dfdbfd, {0x1}, [@typed={0x4, 0x11f}, @nested={0x4, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x400c004}, 0x0) 10.411422458s ago: executing program 0 (id=1110): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x48, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x1c, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @synproxy={{0xd}, @val={0x4}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x70}}, 0x0) 10.250972281s ago: executing program 0 (id=1114): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000080), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000100)=ANY=[@ANYBLOB="84010000", @ANYRES16=r1, @ANYBLOB="010000000000000000000100000304000480080002000100000008000100000000000400088058010c8054010b80081180"], 0x184}}, 0x4000) 10.051651062s ago: executing program 0 (id=1117): r0 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000100)=@ethtool_ringparam={0xe, 0x0, 0xf00}}) 9.806731143s ago: executing program 0 (id=1123): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0x80000000}, 0x19a) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@mpls_getroute={0x1c, 0x1a, 0x9, 0x70bd27, 0x0, {0x1c, 0x10}}, 0x1c}, 0x1, 0x0, 0x0, 0x4008010}, 0x0) 9.639197849s ago: executing program 0 (id=1127): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140)={'batadv0\x00', 0x0}) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000ffdbdf250f000000050033000100000008000300", @ANYRES32=r1], 0x24}, 0x1, 0x0, 0x0, 0x48000}, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x70bd2a, 0x8000000, {0x0, 0x0, 0x0, r1, {0x1f, 0x3}, {0x4}}}, 0x24}, 0x1, 0x0, 0x0, 0x20008040}, 0x4000000) 1.87469564s ago: executing program 1 (id=1248): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000001c80)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822a0269a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7ae22e16c6c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bba3d005585bf07d70e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37bc21cfdc8180c7d09c35d130d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d96ee1b84bb64b14aebc6b5194c55dd6890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56bd86acb7654a195bc3e98df3a5dffd5b07838a3ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0ed9829dec16ab67a4f59a504e09f55ab82bbd405087a17a229a149c53ee9145500db213cb36489a10957739e481a756e65bde579bbbfb404213f661eeaaffacbcfbfd6e19946b18a45333df51d78f735999aadfcda64488160c4ae6ba9dcef0c144e3de7be7fdc1ead6a425ff6128fab1517630c1d9507e0685488a57f85298b4e4382842c0730"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000000)={@cgroup=r0, r0, 0x2f, 0x0, 0x0, @void, @value}, 0x20) bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000180)=ANY=[@ANYRES32, @ANYRES32=r0, @ANYBLOB='/\x00\x00\x00\b'], 0x20) 1.74243027s ago: executing program 1 (id=1251): r0 = socket$inet(0xa, 0x801, 0x84) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) listen(r0, 0x8) accept4$inet(r0, &(0x7f0000000100), 0x0, 0x80800) 1.565420256s ago: executing program 1 (id=1256): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000140)=@ccm_128={{0x304}, "68c450239392a361", "09f700"}, 0x3) 1.426727423s ago: executing program 1 (id=1259): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.net/syz1\x00', 0x200002, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002040)={0x18, 0x0, 0x0, &(0x7f0000000340)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41000, 0xf, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) socket$nl_xfrm(0x10, 0x3, 0x6) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=ANY=[@ANYBLOB="50000000100003040000000000000000f2000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100766c616e000000001800028006000100010000000c000200540a00001800000008000500", @ANYRES32=r2], 0x50}, 0x1, 0xba01}, 0x0) r3 = socket(0x10, 0x3, 0x0) write(r3, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000000d0000000000000008000f0001000000", 0x24) 1.0787624s ago: executing program 1 (id=1265): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10) getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f0000000000)={'mangle\x00', 0x0, [0x2, 0x7, 0x3, 0x3, 0x7]}, &(0x7f0000000100)=0x54) 984.985583ms ago: executing program 4 (id=1269): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000000), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01020000010000ecffff03"], 0x4c}, 0x8, 0x3000000000002}, 0x0) 846.751971ms ago: executing program 2 (id=1271): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x28, 0x3, 0x6, 0x101, 0x2000000, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x28}}, 0x0) 846.562023ms ago: executing program 4 (id=1272): sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000066c0)=[{{&(0x7f00000019c0)={0xa, 0x0, 0xffffff25, @mcast1, 0x4}, 0x1c, 0x0}}], 0x1, 0x4163a) r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r0, &(0x7f0000000140), 0x10) sendmsg$can_bcm(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="050000000300000000000000", @ANYRES64=0x0, @ANYBLOB="0000000001"], 0x48}}, 0x0) recvmsg$can_bcm(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x42) read(r0, &(0x7f0000001480)=""/4096, 0x1000) 795.064326ms ago: executing program 3 (id=1273): ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'sit0\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=@ipv6_newnexthop={0x34, 0x68, 0x1, 0x70bd25, 0x0, {}, [@NHA_ENCAP_TYPE={0x6, 0x7, 0x3}, @NHA_OIF={0x8, 0x5, r0}, @NHA_ENCAP={0xc, 0x8, 0x0, 0x1, @SEG6_LOCAL_ACTION={0x8, 0x1, 0x5}}]}, 0x34}}, 0x0) 639.866552ms ago: executing program 3 (id=1274): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000010c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x5c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x20, 0x11, 0x0, 0x1, @limit={{0xa}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x101}]}}}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xa4}, 0x1, 0x0, 0x0, 0x44000}, 0x0) 562.832639ms ago: executing program 4 (id=1275): r0 = socket(0x1d, 0x2, 0x6) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x6a, 0x10, 0x0, &(0x7f0000000080)) 562.60151ms ago: executing program 2 (id=1276): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002040)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0xf, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000080), 0x4) setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, 0x0, 0x0) close(0xffffffffffffffff) 525.729426ms ago: executing program 3 (id=1277): r0 = socket$kcm(0xa, 0x1, 0x0) r1 = socket$kcm(0xa, 0x5, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="000000000000000000e8ffffffffffff05000000", @ANYRES32=0x1], 0x48) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x8936, &(0x7f0000000000)={r1}) 422.363901ms ago: executing program 2 (id=1278): syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x5, 0x4, 0x4, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000080000000000000000000080850000000f00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000725e850000000100000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x19}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x52, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r1, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70) 370.768147ms ago: executing program 4 (id=1279): r0 = socket$inet(0xa, 0x801, 0x84) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) listen(r0, 0x8) accept4$inet(r0, &(0x7f0000000100), 0x0, 0x80800) 355.124127ms ago: executing program 3 (id=1280): r0 = socket(0x10, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000000)={'ip6tnl0\x00', &(0x7f0000000080)={'syztnl2\x00', 0x0, 0x0, 0x8, 0xc, 0x1, 0x51, @local, @loopback={0xff00, 0x460c6}, 0x8000, 0x0, 0x1}}) 333.866414ms ago: executing program 2 (id=1281): r0 = socket(0x11, 0x800000003, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000380)=@newqdisc={0x9c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r1, {0x0, 0x4}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x6c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x8, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100], [0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x4]}}, @TCA_TAPRIO_ATTR_FLAGS={0x8, 0xa, 0x1}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x8, 0xc, 0x0, 0x1, [{0x4}]}]}}]}, 0x9c}}, 0x0) 262.230305ms ago: executing program 4 (id=1282): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'bridge0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x18}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x100, 0xf4, 0xe3, 0x1}}}}]}, 0x48}}, 0x0) 200.609004ms ago: executing program 2 (id=1283): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000240), r0) sendmsg$SMC_PNETID_ADD(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000280)={0x20, r1, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x4009000}, 0x4090) 200.112967ms ago: executing program 3 (id=1284): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$SMC_PNETID_DEL(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x2c, r1, 0x1, 0x0, 0x0, {0x2, 0x2, 0x2}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x2c}, 0x1, 0x40030000000000, 0x0, 0x40084}, 0x0) 142.823971ms ago: executing program 1 (id=1285): r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, 0x0, 0x0) socket$inet6(0xa, 0x80000, 0x80000002) r1 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) listen(r1, 0x101) r2 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r2, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10) sendmmsg$inet(r2, &(0x7f0000001200)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000f00)=ANY=[@ANYBLOB="14000000000000000000000001000000090000000000000014000000000000000000000001000000000000000000000014000000000000000000000002000000080000000000003f59f38200000000000000000001000000040000000000"], 0xd0}}], 0x2, 0xc8c5) 112.178064ms ago: executing program 4 (id=1286): unshare(0x20000400) r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_udp_encap(r0, 0x11, 0x68, &(0x7f0000000000)=0x5, 0x4) setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f00000000c0)=0x2, 0x4) 72.252688ms ago: executing program 2 (id=1287): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) 0s ago: executing program 3 (id=1288): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000f80)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kfree\x00', r0, 0x0, 0xbed}, 0x18) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x28, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_ID={0x8}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}}, 0x70}}, 0x0) kernel console output (not intermixed with test programs): sim0: renamed from eth0 [ 80.369480][ T5843] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 80.380493][ T5843] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 80.403986][ T5843] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 80.454401][ T5842] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 80.464725][ T5842] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 80.481422][ T5842] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 80.514077][ T5842] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 80.567703][ T5832] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.611610][ T5836] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.628661][ T5832] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.670594][ T5836] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.703870][ T2987] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.711231][ T2987] bridge0: port 1(bridge_slave_0) entered forwarding state [ 80.723359][ T2987] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.730489][ T2987] bridge0: port 2(bridge_slave_1) entered forwarding state [ 80.751744][ T2987] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.759429][ T2987] bridge0: port 1(bridge_slave_0) entered forwarding state [ 80.781339][ T63] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.788530][ T63] bridge0: port 2(bridge_slave_1) entered forwarding state [ 80.808578][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.895355][ T5837] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.918024][ T5843] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.939671][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.946858][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 80.980277][ T63] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.987518][ T63] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.066720][ T5843] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.091274][ T63] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.098473][ T63] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.139127][ T5842] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.166030][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.173269][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.225999][ T5839] Bluetooth: hci0: command tx timeout [ 81.248054][ T5842] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.304521][ T5839] Bluetooth: hci1: command tx timeout [ 81.325154][ T2975] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.332285][ T2975] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.341361][ T2975] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.348540][ T2975] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.386406][ T5839] Bluetooth: hci2: command tx timeout [ 81.391028][ T5843] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 81.391938][ T5839] Bluetooth: hci3: command tx timeout [ 81.412264][ T5843] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 81.430628][ T5832] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 81.456869][ T5836] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 81.474420][ T5839] Bluetooth: hci4: command tx timeout [ 81.582573][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 81.622106][ T5836] veth0_vlan: entered promiscuous mode [ 81.713205][ T5832] veth0_vlan: entered promiscuous mode [ 81.731973][ T5836] veth1_vlan: entered promiscuous mode [ 81.769138][ T5832] veth1_vlan: entered promiscuous mode [ 81.819361][ T5843] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 81.868479][ T5836] veth0_macvtap: entered promiscuous mode [ 81.902972][ T5832] veth0_macvtap: entered promiscuous mode [ 81.919548][ T5836] veth1_macvtap: entered promiscuous mode [ 81.936294][ T5832] veth1_macvtap: entered promiscuous mode [ 82.025751][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 82.039127][ T5842] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.061500][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 82.077882][ T5843] veth0_vlan: entered promiscuous mode [ 82.091086][ T5832] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.100274][ T5832] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.109460][ T5832] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.119679][ T5832] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.131035][ T5836] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.142973][ T5836] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.155726][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 82.170993][ T5843] veth1_vlan: entered promiscuous mode [ 82.182949][ T5836] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 82.194599][ T5836] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.205647][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 82.228467][ T5836] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.238908][ T5836] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.250660][ T5836] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.259498][ T5836] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.303942][ T5837] veth0_vlan: entered promiscuous mode [ 82.341971][ T5837] veth1_vlan: entered promiscuous mode [ 82.392168][ T5842] veth0_vlan: entered promiscuous mode [ 82.474813][ T2987] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.483291][ T2987] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.495916][ T5842] veth1_vlan: entered promiscuous mode [ 82.509863][ T5837] veth0_macvtap: entered promiscuous mode [ 82.510546][ T3008] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.530409][ T3008] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.540042][ T5843] veth0_macvtap: entered promiscuous mode [ 82.577997][ T5843] veth1_macvtap: entered promiscuous mode [ 82.602327][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.611044][ T5837] veth1_macvtap: entered promiscuous mode [ 82.614035][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.638316][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.653168][ T5842] veth0_macvtap: entered promiscuous mode [ 82.659336][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.672952][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.685022][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.696349][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.707477][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.719218][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 82.739680][ T5842] veth1_macvtap: entered promiscuous mode [ 82.776038][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 82.791914][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.803716][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 82.814799][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.826705][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 82.842199][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.853659][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.866671][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.877548][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.889599][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.908855][ T5836] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 82.914074][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.939142][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 82.952954][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 82.965949][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.975986][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 82.987581][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.997661][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.008995][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.020601][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.034476][ T5837] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.043237][ T5837] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.052162][ T5837] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.074089][ T5837] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.154950][ T5843] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.171554][ T5843] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.189328][ T5843] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.199507][ T5843] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.225667][ T5919] sctp: [Deprecated]: syz.1.2 (pid 5919) Use of struct sctp_assoc_value in delayed_ack socket option. [ 83.225667][ T5919] Use struct sctp_sack_info instead [ 83.249672][ T5921] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1'. [ 83.279896][ T5842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.295619][ T5842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.307518][ T5842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.314570][ T5839] Bluetooth: hci0: command tx timeout [ 83.319317][ T5842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.339652][ T5842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.350613][ T5842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.368551][ T5842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.379510][ T5842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.390490][ T5839] Bluetooth: hci1: command tx timeout [ 83.393062][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.421440][ T5842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.462836][ T5842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.483248][ T5839] Bluetooth: hci3: command tx timeout [ 83.488733][ T5148] Bluetooth: hci2: command tx timeout [ 83.499491][ T5842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.521587][ T5924] Bluetooth: MGMT ver 1.23 [ 83.531033][ T5842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.543767][ T5839] Bluetooth: hci4: command tx timeout [ 83.554869][ T5842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.565463][ T5842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.575728][ T5842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.586253][ T5842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.598401][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.636719][ T5925] bridge_slave_0: left allmulticast mode [ 83.642539][ T5925] bridge_slave_0: left promiscuous mode [ 83.650176][ T5925] bridge0: port 1(bridge_slave_0) entered disabled state [ 83.667251][ T5925] bridge_slave_1: left allmulticast mode [ 83.673069][ T5925] bridge_slave_1: left promiscuous mode [ 83.679445][ T5925] bridge0: port 2(bridge_slave_1) entered disabled state [ 83.690900][ T5928] netlink: 'syz.0.7': attribute type 10 has an invalid length. [ 83.700122][ T5925] bond0: (slave bond_slave_0): Releasing backup interface [ 83.713342][ T5925] bond0: (slave bond_slave_1): Releasing backup interface [ 83.733481][ T5925] team0: Port device team_slave_0 removed [ 83.747516][ T5925] team0: Port device team_slave_1 removed [ 83.754814][ T5925] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 83.762246][ T5925] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 83.772213][ T5925] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 83.780060][ T5925] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 83.850368][ T5924] tipc: Started in network mode [ 83.859867][ T5924] tipc: Node identity 2219371c1645, cluster identity 4711 [ 83.869155][ T5924] tipc: Enabled bearer , priority 10 [ 83.875926][ T5930] netlink: 'syz.0.7': attribute type 1 has an invalid length. [ 83.882157][ T5927] netlink: 48 bytes leftover after parsing attributes in process `syz.0.7'. [ 83.897445][ T5930] netlink: 224 bytes leftover after parsing attributes in process `syz.0.7'. [ 83.905530][ T5928] team0: Device veth1_macvtap failed to register rx_handler [ 83.944058][ T5842] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.964314][ T5842] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.973341][ T5842] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.985925][ T5842] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.019443][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.043729][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.089840][ T5932] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 84.226036][ T5928] pim6reg1: entered promiscuous mode [ 84.232565][ T5928] pim6reg1: entered allmulticast mode [ 84.393407][ T2987] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.418388][ T2987] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.453462][ T2975] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.465560][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.473409][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.490857][ T2975] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.620334][ T2975] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.654932][ T5939] netlink: 44 bytes leftover after parsing attributes in process `syz.0.9'. [ 84.657053][ T2975] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.688610][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.715309][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.848810][ T5946] RDS: rds_bind could not find a transport for ::4000:0:20:0, load rds_tcp or rds_rdma? [ 84.866321][ T5946] netlink: 'syz.4.5': attribute type 8 has an invalid length. [ 84.928749][ T5943] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.936340][ T5943] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.985376][ T26] tipc: Node number set to 878458652 [ 85.060413][ T5943] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 85.073403][ T5943] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 85.135543][ T5943] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.146192][ T5943] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.157607][ T5943] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.167158][ T5943] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.384592][ T5839] Bluetooth: hci0: command tx timeout [ 85.464579][ T5839] Bluetooth: hci1: command tx timeout [ 85.554153][ T5839] Bluetooth: hci3: command tx timeout [ 85.559631][ T5839] Bluetooth: hci2: command tx timeout [ 85.580909][ T5964] netlink: 24 bytes leftover after parsing attributes in process `syz.0.14'. [ 85.627177][ T5964] netlink: 4 bytes leftover after parsing attributes in process `syz.0.14'. [ 85.634153][ T5839] Bluetooth: hci4: command tx timeout [ 85.708121][ T30] audit: type=1800 audit(1742601117.005:2): pid=5962 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4" name="blkio.bfq.time_recursive" dev="tmpfs" ino=18 res=0 errno=0 [ 85.798774][ T30] audit: type=1800 audit(1742601117.045:3): pid=5962 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4" name="blkio.bfq.time_recursive" dev="tmpfs" ino=18 res=0 errno=0 [ 86.203288][ T5964] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 86.231847][ T5964] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 86.254450][ T5964] bond0 (unregistering): Released all slaves [ 86.571396][ T5967] netlink: 24 bytes leftover after parsing attributes in process `syz.1.13'. [ 86.807775][ T5988] netlink: 24 bytes leftover after parsing attributes in process `syz.2.18'. [ 86.998591][ T875] cfg80211: failed to load regulatory.db [ 87.179123][ T6007] Zero length message leads to an empty skb [ 87.850063][ T6018] netlink: 148 bytes leftover after parsing attributes in process `syz.2.24'. [ 88.025037][ T6018] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check. [ 88.068499][ T5982] syz.3.17 uses obsolete (PF_INET,SOCK_PACKET) [ 88.195353][ T6022] netlink: 'syz.2.24': attribute type 2 has an invalid length. [ 88.526605][ T6029] netlink: 'syz.0.25': attribute type 1 has an invalid length. [ 88.574009][ T6028] syzkaller0: entered promiscuous mode [ 88.579553][ T6028] syzkaller0: entered allmulticast mode [ 88.631331][ T6029] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 88.839500][ T6042] netlink: 4 bytes leftover after parsing attributes in process `syz.2.28'. [ 89.394442][ T6049] netlink: 48 bytes leftover after parsing attributes in process `syz.2.28'. [ 89.924475][ T6083] netlink: 272 bytes leftover after parsing attributes in process `syz.4.30'. [ 90.262749][ T6086] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.271297][ T6086] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.494836][ T6097] xt_CT: No such helper "snmp" [ 90.854091][ T6116] netlink: 52 bytes leftover after parsing attributes in process `syz.0.34'. [ 90.881537][ T6116] netlink: 300 bytes leftover after parsing attributes in process `syz.0.34'. [ 91.057595][ T6086] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 91.080081][ T6086] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 91.146059][ T6126] netlink: 'syz.0.34': attribute type 10 has an invalid length. [ 91.158571][ T6126] netlink: 2 bytes leftover after parsing attributes in process `syz.0.34'. [ 91.177669][ T6086] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 91.186644][ T6086] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 91.196500][ T6086] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 91.205788][ T6086] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 91.270663][ T6106] IPv6: syztnl1: Disabled Multicast RS [ 91.294492][ T6126] team0: entered promiscuous mode [ 91.313747][ T6126] team_slave_0: entered promiscuous mode [ 91.314300][ T5148] Bluetooth: hci4: command 0x0405 tx timeout [ 91.319678][ T6126] team_slave_1: entered promiscuous mode [ 91.345935][ T6126] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.352994][ T6126] bridge0: port 3(team0) entered blocking state [ 91.389734][ T6126] bridge0: port 3(team0) entered disabled state [ 91.420636][ T6126] team0: entered allmulticast mode [ 91.441587][ T6126] team_slave_0: entered allmulticast mode [ 91.480448][ T6126] team_slave_1: entered allmulticast mode [ 91.765129][ T6147] netlink: 8 bytes leftover after parsing attributes in process `syz.2.35'. [ 91.978593][ T6155] netlink: 20 bytes leftover after parsing attributes in process `syz.4.39'. [ 92.065220][ T6160] IPVS: set_ctl: invalid protocol: 47 224.0.0.2:20001 [ 92.099881][ T6158] netlink: 84 bytes leftover after parsing attributes in process `syz.1.37'. [ 92.245606][ T6155] netlink: 20 bytes leftover after parsing attributes in process `syz.4.39'. [ 92.671065][ T6175] (unnamed net_device) (uninitialized): option lacp_active: mode dependency failed, not supported in mode balance-rr(0) [ 92.685478][ T6176] openvswitch: netlink: nsh attribute has 1 unknown bytes. [ 92.692749][ T6176] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 92.922178][ T6182] nicvf0: tun_chr_ioctl cmd 1074025676 [ 92.937126][ T6182] nicvf0: owner set to 0 [ 93.414739][ T6207] netlink: 'syz.4.48': attribute type 4 has an invalid length. [ 94.253258][ T6228] netlink: 'syz.1.52': attribute type 10 has an invalid length. [ 94.949728][ T6256] (unnamed net_device) (uninitialized): option lacp_active: mode dependency failed, not supported in mode balance-rr(0) [ 95.145535][ T30] audit: type=1800 audit(1742601126.455:4): pid=6264 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.59" name="blkio.bfq.time_recursive" dev="tmpfs" ino=69 res=0 errno=0 [ 95.207206][ T6267] tipc: Started in network mode [ 95.226726][ T6267] tipc: Node identity 4, cluster identity 4711 [ 95.234989][ T30] audit: type=1800 audit(1742601126.455:5): pid=6264 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.59" name="blkio.bfq.time_recursive" dev="tmpfs" ino=69 res=0 errno=0 [ 95.242031][ T6267] tipc: Node number set to 4 [ 95.301946][ T6269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 95.318153][ T6269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.338936][ T6275] __nla_validate_parse: 1 callbacks suppressed [ 95.338966][ T6275] netlink: 52 bytes leftover after parsing attributes in process `syz.2.63'. [ 95.348706][ T6269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 95.364283][ T6275] netlink: 300 bytes leftover after parsing attributes in process `syz.2.63'. [ 95.381117][ T6269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.401300][ T6269] batadv_slave_0: entered promiscuous mode [ 95.408958][ T6269] syz_tun: entered promiscuous mode [ 95.436949][ T6275] netlink: 'syz.2.63': attribute type 10 has an invalid length. [ 95.452629][ T6275] netlink: 2 bytes leftover after parsing attributes in process `syz.2.63'. [ 95.471564][ T6275] team0: entered promiscuous mode [ 95.504703][ T6275] team_slave_0: entered promiscuous mode [ 95.516481][ T6275] team_slave_1: entered promiscuous mode [ 95.564337][ T6275] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.571365][ T6275] bridge0: port 3(team0) entered blocking state [ 95.598668][ T6275] bridge0: port 3(team0) entered disabled state [ 95.620208][ T6275] team0: entered allmulticast mode [ 95.634056][ T6275] team_slave_0: entered allmulticast mode [ 95.640891][ T6275] team_slave_1: entered allmulticast mode [ 95.829589][ T6295] netlink: 'syz.3.65': attribute type 4 has an invalid length. [ 96.017417][ T6301] IPv6: syztnl1: Disabled Multicast RS [ 96.101354][ T6309] netlink: 40 bytes leftover after parsing attributes in process `syz.2.72'. [ 96.159940][ T30] audit: type=1800 audit(1742601127.465:6): pid=6312 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.73" name="blkio.bfq.time_recursive" dev="tmpfs" ino=98 res=0 errno=0 [ 96.850804][ T6335] netlink: 12 bytes leftover after parsing attributes in process `syz.2.78'. [ 96.883622][ T6335] netlink: 20 bytes leftover after parsing attributes in process `syz.2.78'. [ 96.973130][ T6342] netlink: 40 bytes leftover after parsing attributes in process `syz.0.79'. [ 97.300228][ T6328] netlink: 24 bytes leftover after parsing attributes in process `syz.1.87'. [ 97.349104][ T6349] netlink: 8 bytes leftover after parsing attributes in process `syz.3.82'. [ 97.358187][ T6349] netlink: 32 bytes leftover after parsing attributes in process `syz.3.82'. [ 97.372547][ T6349] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1 [ 97.409138][ T6349] gretap1: entered promiscuous mode [ 97.525131][ T6351] bond0: (slave bond_slave_0): Releasing backup interface [ 97.560677][ T30] audit: type=1800 audit(1742601128.865:7): pid=6357 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.85" name="blkio.bfq.time_recursive" dev="tmpfs" ino=114 res=0 errno=0 [ 97.783046][ T6363] netlink: 'syz.1.97': attribute type 10 has an invalid length. [ 98.332709][ T30] audit: type=1800 audit(1742601129.635:8): pid=6393 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.98" name="blkio.bfq.time_recursive" dev="tmpfs" ino=128 res=0 errno=0 [ 98.419868][ C0] IPv4: Oversized IP packet from 127.0.0.1 [ 98.429206][ T6395] netlink: 'syz.1.100': attribute type 21 has an invalid length. [ 98.437645][ T6395] IPv6: NLM_F_CREATE should be specified when creating new route [ 98.446842][ T6395] xt_hashlimit: overflow, try lower: 0/0 [ 98.548908][ T6397] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.684491][ T6400] xt_CT: No such helper "pptp" [ 98.744611][ T6397] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.862129][ T6397] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.916343][ T6408] netlink: 'syz.1.104': attribute type 10 has an invalid length. [ 98.969119][ T6409] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 99.044013][ T6397] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 99.233251][ T6397] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.269551][ T6397] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.319414][ T6420] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input5 [ 99.337314][ T6397] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.377074][ T6421] netlink: 'syz.2.109': attribute type 11 has an invalid length. [ 99.433723][ T6397] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.470730][ T6425] IPVS: set_ctl: invalid protocol: 191 100.1.1.1:20003 [ 99.478931][ T52] IPVS: starting estimator thread 0... [ 99.484391][ T6420] Bluetooth: MGMT ver 1.23 [ 99.493388][ T6425] xt_connbytes: Forcing CT accounting to be enabled [ 99.500435][ T6425] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 99.512555][ T6425] xt_bpf: check failed: parse error [ 99.585816][ T6429] IPVS: using max 19 ests per chain, 45600 per kthread [ 99.789977][ T6449] netlink: zone id is out of range [ 99.843236][ T6449] netlink: zone id is out of range [ 99.874590][ T6449] netlink: get zone limit has 8 unknown bytes [ 99.884443][ T6453] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 102.549883][ T6496] netlink: 'syz.1.125': attribute type 10 has an invalid length. [ 102.573263][ T6496] __nla_validate_parse: 19 callbacks suppressed [ 102.573282][ T6496] netlink: 40 bytes leftover after parsing attributes in process `syz.1.125'. [ 102.642058][ T6496] team0: Port device geneve0 added [ 103.018805][ T6509] netlink: 'syz.0.132': attribute type 10 has an invalid length. [ 103.081757][ T6515] xt_hashlimit: max too large, truncated to 1048576 [ 103.326415][ T6527] netlink: 96 bytes leftover after parsing attributes in process `syz.0.140'. [ 103.356064][ T6527] netlink: 4 bytes leftover after parsing attributes in process `syz.0.140'. [ 103.402767][ T6527] hsr_slave_0: left promiscuous mode [ 103.423737][ T6527] hsr_slave_1: left promiscuous mode [ 103.511432][ T6537] netlink: 'syz.3.142': attribute type 1 has an invalid length. [ 104.104694][ T6565] netlink: 'syz.3.150': attribute type 10 has an invalid length. [ 105.132943][ T6604] netlink: 96 bytes leftover after parsing attributes in process `syz.1.161'. [ 105.160570][ T6605] netlink: 8 bytes leftover after parsing attributes in process `syz.4.160'. [ 105.184514][ T6604] openvswitch: netlink: Unexpected mask (mask=4000040, allowed=10048) [ 105.501930][ T6610] sit0: entered promiscuous mode [ 105.524125][ T6610] netlink: 'syz.1.162': attribute type 1 has an invalid length. [ 105.569049][ T6610] netlink: 1 bytes leftover after parsing attributes in process `syz.1.162'. [ 105.581471][ T6616] netlink: 132 bytes leftover after parsing attributes in process `syz.0.164'. [ 105.666789][ T6618] netlink: 'syz.1.166': attribute type 10 has an invalid length. [ 105.751442][ T6620] netlink: 12 bytes leftover after parsing attributes in process `syz.2.165'. [ 105.778223][ T6620] IPv6: sit2: Disabled Multicast RS [ 105.813066][ T6623] netlink: 'syz.0.167': attribute type 10 has an invalid length. [ 106.011631][ T6628] pim6reg0: tun_chr_ioctl cmd 1074025694 [ 106.041511][ T6628] netlink: 'syz.1.169': attribute type 8 has an invalid length. [ 106.503961][ T6648] netlink: 4 bytes leftover after parsing attributes in process `syz.1.174'. [ 106.619878][ T6653] netlink: 56 bytes leftover after parsing attributes in process `syz.4.178'. [ 106.640808][ T6655] sit0: entered promiscuous mode [ 106.683965][ T6655] netlink: 'syz.0.177': attribute type 1 has an invalid length. [ 107.371524][ T30] audit: type=1800 audit(1742601138.675:9): pid=6677 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.184" name="blkio.bfq.time_recursive" dev="tmpfs" ino=214 res=0 errno=0 [ 107.504536][ T6682] vlan2: entered promiscuous mode [ 107.509636][ T6682] ip6gretap0: entered promiscuous mode [ 107.948474][ T6698] __nla_validate_parse: 5 callbacks suppressed [ 107.948494][ T6698] netlink: 8 bytes leftover after parsing attributes in process `syz.3.188'. [ 107.987979][ T6698] netlink: 4 bytes leftover after parsing attributes in process `syz.3.188'. [ 108.019482][ T6698] netlink: 'syz.3.188': attribute type 14 has an invalid length. [ 108.033661][ T6698] netlink: 'syz.3.188': attribute type 13 has an invalid length. [ 108.483138][ T6712] netlink: 8 bytes leftover after parsing attributes in process `syz.4.192'. [ 108.492285][ T6712] sch_tbf: burst 0 is lower than device lo mtu (18) ! [ 108.927626][ T6727] netlink: 'syz.4.199': attribute type 12 has an invalid length. [ 108.963092][ T6727] netlink: 'syz.4.199': attribute type 29 has an invalid length. [ 108.996360][ T6727] netlink: 148 bytes leftover after parsing attributes in process `syz.4.199'. [ 109.005581][ T6727] netlink: 'syz.4.199': attribute type 1 has an invalid length. [ 109.013747][ T6727] netlink: 'syz.4.199': attribute type 2 has an invalid length. [ 109.021549][ T6727] netlink: 39 bytes leftover after parsing attributes in process `syz.4.199'. [ 109.151999][ T6732] netlink: 4 bytes leftover after parsing attributes in process `syz.0.197'. [ 109.217283][ T30] audit: type=1800 audit(1742601140.525:10): pid=6736 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.200" name="blkio.bfq.time_recursive" dev="tmpfs" ino=200 res=0 errno=0 [ 109.313372][ T30] audit: type=1800 audit(1742601140.555:11): pid=6736 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.200" name="blkio.bfq.time_recursive" dev="tmpfs" ino=200 res=0 errno=0 [ 109.553239][ T6708] netlink: 64 bytes leftover after parsing attributes in process `syz.3.191'. [ 109.651228][ T30] audit: type=1800 audit(1742601140.955:12): pid=6743 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.204" name="blkio.bfq.time_recursive" dev="tmpfs" ino=218 res=0 errno=0 [ 109.702548][ T30] audit: type=1800 audit(1742601140.985:13): pid=6743 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.204" name="blkio.bfq.time_recursive" dev="tmpfs" ino=218 res=0 errno=0 [ 109.818967][ T6750] netlink: 8 bytes leftover after parsing attributes in process `syz.1.203'. [ 109.841614][ T6750] netlink: 24 bytes leftover after parsing attributes in process `syz.1.203'. [ 109.895417][ T6752] netlink: 36 bytes leftover after parsing attributes in process `syz.4.207'. [ 111.062981][ T6797] 8021q: VLANs not supported on sit0 [ 111.090796][ T30] audit: type=1800 audit(1742601142.395:14): pid=6797 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.218" name="blkio.bfq.time_recursive" dev="tmpfs" ino=221 res=0 errno=0 [ 111.212218][ T30] audit: type=1800 audit(1742601142.395:15): pid=6797 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.218" name="blkio.bfq.time_recursive" dev="tmpfs" ino=221 res=0 errno=0 [ 111.299775][ T6809] netlink: 'syz.3.222': attribute type 10 has an invalid length. [ 111.439687][ T6821] Illegal XDP return value 4294967262 on prog (id 104) dev N/A, expect packet loss! [ 111.979753][ T6845] netlink: 'syz.1.229': attribute type 1 has an invalid length. [ 111.996531][ T6845] netlink: 'syz.1.229': attribute type 10 has an invalid length. [ 112.021858][ T6845] netlink: 'syz.1.229': attribute type 4 has an invalid length. [ 112.074937][ T6845] netlink: 'syz.1.229': attribute type 1 has an invalid length. [ 112.335360][ T6850] sit0: left promiscuous mode [ 113.068476][ T30] audit: type=1800 audit(1742601144.375:16): pid=6897 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.242" name="blkio.bfq.time_recursive" dev="tmpfs" ino=271 res=0 errno=0 [ 113.132113][ T30] audit: type=1800 audit(1742601144.375:17): pid=6897 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.242" name="blkio.bfq.time_recursive" dev="tmpfs" ino=271 res=0 errno=0 [ 113.331446][ T6911] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 113.509734][ T6920] __nla_validate_parse: 13 callbacks suppressed [ 113.509754][ T6920] netlink: 37 bytes leftover after parsing attributes in process `syz.4.249'. [ 114.542705][ T30] audit: type=1800 audit(1742601145.845:18): pid=6946 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.255" name="blkio.bfq.time_recursive" dev="tmpfs" ino=275 res=0 errno=0 [ 114.653111][ T30] audit: type=1800 audit(1742601145.845:19): pid=6946 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.255" name="blkio.bfq.time_recursive" dev="tmpfs" ino=275 res=0 errno=0 [ 114.730157][ T6954] validate_nla: 4 callbacks suppressed [ 114.730178][ T6954] netlink: 'syz.0.254': attribute type 10 has an invalid length. [ 115.220039][ T6973] vlan0: entered promiscuous mode [ 115.302780][ T6974] tipc: Started in network mode [ 115.354076][ T6974] tipc: Node identity 4, cluster identity 4711 [ 115.368531][ T6974] tipc: Node number set to 4 [ 115.621948][ T6989] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 115.857654][ T6999] FAULT_INJECTION: forcing a failure. [ 115.857654][ T6999] name failslab, interval 1, probability 0, space 0, times 1 [ 115.863606][ T30] audit: type=1800 audit(1742601147.165:20): pid=6999 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.267" name="blkio.bfq.time_recursive" dev="tmpfs" ino=328 res=0 errno=0 [ 115.873729][ T6999] CPU: 1 UID: 0 PID: 6999 Comm: syz.1.267 Not tainted 6.14.0-rc7-syzkaller-01413-gd9917c7d533c #0 [ 115.873759][ T6999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 115.873779][ T6999] Call Trace: [ 115.873787][ T6999] [ 115.873796][ T6999] dump_stack_lvl+0x241/0x360 [ 115.873836][ T6999] ? __pfx_dump_stack_lvl+0x10/0x10 [ 115.873862][ T6999] ? __pfx__printk+0x10/0x10 [ 115.873886][ T6999] ? __pfx_snprintf+0x10/0x10 [ 115.873921][ T6999] should_fail_ex+0x40a/0x550 [ 115.873963][ T6999] should_failslab+0xac/0x100 [ 115.873995][ T6999] __kmalloc_noprof+0xdd/0x4c0 [ 115.874026][ T6999] ? aa_label_asxprint+0x6e/0x130 [ 115.874060][ T6999] aa_label_asxprint+0x6e/0x130 [ 115.874092][ T6999] apparmor_lsmprop_to_secctx+0x9e/0x180 [ 115.874119][ T6999] security_lsmprop_to_secctx+0x93/0x2b0 [ 115.874147][ T6999] audit_log_task_context+0xff/0x260 [ 115.874177][ T6999] ? __pfx_audit_log_start+0x10/0x10 [ 115.874206][ T6999] ? __pfx_audit_log_task_context+0x10/0x10 [ 115.874237][ T6999] ? __pfx_audit_log_format+0x10/0x10 [ 115.874269][ T6999] ? take_dentry_name_snapshot+0x2b/0x530 [ 115.874311][ T6999] integrity_audit_message+0x228/0x4f0 [ 115.874351][ T6999] ? __pfx_integrity_audit_message+0x10/0x10 [ 115.874387][ T6999] ? take_dentry_name_snapshot+0x515/0x530 [ 115.874429][ T6999] integrity_audit_msg+0x41/0x60 [ 115.874466][ T6999] ima_collect_measurement+0x83f/0xb20 [ 115.874505][ T6999] ? __pfx_ima_collect_measurement+0x10/0x10 [ 115.874540][ T6999] ? rcu_is_watching+0x15/0xb0 [ 115.874565][ T6999] ? trace_contention_end+0x3c/0x120 [ 115.874621][ T6999] ? ima_get_hash_algo+0x156/0x4d0 [ 115.874674][ T6999] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 115.874718][ T6999] process_measurement+0x1351/0x1fb0 [ 115.874763][ T6999] ? __pfx_process_measurement+0x10/0x10 [ 115.874786][ T6999] ? __pfx_lock_acquire+0x10/0x10 [ 115.874819][ T6999] ? aa_file_perm+0x137/0xf50 [ 115.874887][ T6999] ? __lock_acquire+0x1397/0x2100 [ 115.874923][ T6999] ? apparmor_current_getlsmprop_subj+0xde/0x160 [ 115.874962][ T6999] ima_file_mmap+0x1cd/0x220 [ 115.874988][ T6999] ? __pfx_ima_file_mmap+0x10/0x10 [ 115.875009][ T6999] ? end_current_label_crit_section+0x151/0x180 [ 115.875047][ T6999] ? common_file_perm+0x1a6/0x210 [ 115.875088][ T6999] security_mmap_file+0x7aa/0xa40 [ 115.875124][ T6999] vm_mmap_pgoff+0x14f/0x530 [ 115.875157][ T6999] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 115.875185][ T6999] ? __fget_files+0x2a/0x410 [ 115.875220][ T6999] ? __fget_files+0x395/0x410 [ 115.875251][ T6999] ? __fget_files+0x2a/0x410 [ 115.875288][ T6999] ksys_mmap_pgoff+0x4eb/0x720 [ 115.875324][ T6999] ? __x64_sys_mmap+0x7f/0x140 [ 115.875361][ T6999] do_syscall_64+0xf3/0x230 [ 115.875396][ T6999] ? clear_bhb_loop+0x35/0x90 [ 115.875430][ T6999] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 115.875468][ T6999] RIP: 0033:0x7f2b2bd8d169 [ 115.875492][ T6999] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 115.875510][ T6999] RSP: 002b:00007f2b2cb8e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 115.875534][ T6999] RAX: ffffffffffffffda RBX: 00007f2b2bfa5fa0 RCX: 00007f2b2bd8d169 [ 115.875550][ T6999] RDX: 0000000002000005 RSI: 0000000000003000 RDI: 0000200000001000 [ 115.875564][ T6999] RBP: 00007f2b2cb8e090 R08: 0000000000000003 R09: 00000000607d8000 [ 115.875578][ T6999] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000001 [ 115.875591][ T6999] R13: 0000000000000000 R14: 00007f2b2bfa5fa0 R15: 00007ffdf01124e8 [ 115.875624][ T6999] [ 115.875636][ T6999] audit: error in audit_log_task_context [ 116.260526][ T30] audit: type=1800 audit(1742601147.165:21): pid=6999 uid=0 auid=4294967295 ses=4294967295 op=collect_data cause=failed(directio) comm="syz.1.267" name="blkio.bfq.time_recursive" dev="tmpfs" ino=328 res=0 errno=0 [ 116.603603][ T7021] netlink: 12 bytes leftover after parsing attributes in process `syz.4.269'. [ 116.625872][ T7020] syzkaller1: entered promiscuous mode [ 116.631543][ T7020] syzkaller1: entered allmulticast mode [ 116.634168][ T7021] netlink: 12 bytes leftover after parsing attributes in process `syz.4.269'. [ 116.668027][ T7023] netlink: 'syz.0.275': attribute type 10 has an invalid length. [ 116.996260][ T7038] FAULT_INJECTION: forcing a failure. [ 116.996260][ T7038] name failslab, interval 1, probability 0, space 0, times 0 [ 117.009513][ T30] audit: type=1800 audit(1742601148.305:22): pid=7038 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.280" name="blkio.bfq.time_recursive" dev="tmpfs" ino=308 res=0 errno=0 [ 117.083788][ T7038] CPU: 1 UID: 0 PID: 7038 Comm: syz.0.280 Not tainted 6.14.0-rc7-syzkaller-01413-gd9917c7d533c #0 [ 117.083819][ T7038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 117.083830][ T7038] Call Trace: [ 117.083836][ T7038] [ 117.083900][ T7038] dump_stack_lvl+0x241/0x360 [ 117.083951][ T7038] ? __pfx_dump_stack_lvl+0x10/0x10 [ 117.083973][ T7038] ? __pfx__printk+0x10/0x10 [ 117.083994][ T7038] ? kmem_cache_alloc_noprof+0x48/0x380 [ 117.084019][ T7038] ? __pfx___might_resched+0x10/0x10 [ 117.084048][ T7038] should_fail_ex+0x40a/0x550 [ 117.084079][ T7038] should_failslab+0xac/0x100 [ 117.084103][ T7038] ? ima_d_path+0xc4/0x270 [ 117.084120][ T7038] kmem_cache_alloc_noprof+0x70/0x380 [ 117.084148][ T7038] ima_d_path+0xc4/0x270 [ 117.084169][ T7038] ? __pfx_ima_d_path+0x10/0x10 [ 117.084203][ T7038] process_measurement+0x13e0/0x1fb0 [ 117.084240][ T7038] ? __pfx_process_measurement+0x10/0x10 [ 117.084259][ T7038] ? __pfx_lock_acquire+0x10/0x10 [ 117.084286][ T7038] ? aa_file_perm+0x137/0xf50 [ 117.084342][ T7038] ? __lock_acquire+0x1397/0x2100 [ 117.084371][ T7038] ? apparmor_current_getlsmprop_subj+0xde/0x160 [ 117.084401][ T7038] ima_file_mmap+0x1cd/0x220 [ 117.084421][ T7038] ? __pfx_ima_file_mmap+0x10/0x10 [ 117.084438][ T7038] ? end_current_label_crit_section+0x151/0x180 [ 117.084467][ T7038] ? common_file_perm+0x1a6/0x210 [ 117.084499][ T7038] security_mmap_file+0x7aa/0xa40 [ 117.084524][ T7038] vm_mmap_pgoff+0x14f/0x530 [ 117.084549][ T7038] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 117.084569][ T7038] ? __fget_files+0x2a/0x410 [ 117.084597][ T7038] ? __fget_files+0x395/0x410 [ 117.084623][ T7038] ? __fget_files+0x2a/0x410 [ 117.084668][ T7038] ksys_mmap_pgoff+0x4eb/0x720 [ 117.084698][ T7038] ? __x64_sys_mmap+0x7f/0x140 [ 117.084727][ T7038] do_syscall_64+0xf3/0x230 [ 117.084754][ T7038] ? clear_bhb_loop+0x35/0x90 [ 117.084783][ T7038] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 117.084809][ T7038] RIP: 0033:0x7f6b6ef8d169 [ 117.084825][ T7038] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 117.084839][ T7038] RSP: 002b:00007f6b6fec7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 117.084859][ T7038] RAX: ffffffffffffffda RBX: 00007f6b6f1a5fa0 RCX: 00007f6b6ef8d169 [ 117.084871][ T7038] RDX: 0000000002000005 RSI: 0000000000003000 RDI: 0000200000001000 [ 117.084883][ T7038] RBP: 00007f6b6fec7090 R08: 0000000000000003 R09: 00000000607d8000 [ 117.084893][ T7038] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000001 [ 117.084905][ T7038] R13: 0000000000000000 R14: 00007f6b6f1a5fa0 R15: 00007ffd28c1e2e8 [ 117.084931][ T7038] [ 117.101238][ T30] audit: type=1800 audit(1742601148.305:23): pid=7038 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.280" name="blkio.bfq.time_recursive" dev="tmpfs" ino=308 res=0 errno=0 [ 117.699907][ T7060] tipc: Enabling of bearer rejected, failed to enable media [ 117.737752][ T30] audit: type=1800 audit(1742601149.045:24): pid=7065 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.284" name="blkio.bfq.time_recursive" dev="tmpfs" ino=314 res=0 errno=0 [ 118.130422][ T7088] netlink: 1284 bytes leftover after parsing attributes in process `syz.3.292'. [ 118.232277][ T7092] netlink: 'syz.1.293': attribute type 1 has an invalid length. [ 118.260546][ T7092] netlink: 600 bytes leftover after parsing attributes in process `syz.1.293'. [ 118.298423][ T7098] ax25_connect(): syz.2.295 uses autobind, please contact jreuter@yaina.de [ 118.326969][ T7098] netlink: 20 bytes leftover after parsing attributes in process `syz.2.295'. [ 118.449403][ T7094] xt_CT: No such helper "snmp" [ 118.535641][ T7106] netlink: 300 bytes leftover after parsing attributes in process `syz.2.298'. [ 118.982559][ T7127] netlink: 8 bytes leftover after parsing attributes in process `syz.1.303'. [ 119.036492][ T7127] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 119.749348][ T7156] netlink: 36 bytes leftover after parsing attributes in process `syz.1.311'. [ 119.981183][ T7164] tipc: Started in network mode [ 119.986279][ T7164] tipc: Node identity 4, cluster identity 4711 [ 119.992497][ T7164] tipc: Node number set to 4 [ 120.287062][ T7179] bridge1: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 120.313656][ T30] audit: type=1800 audit(1742601151.615:25): pid=7181 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.316" name="blkio.bfq.time_recursive" dev="tmpfs" ino=319 res=0 errno=0 [ 120.386943][ T30] audit: type=1800 audit(1742601151.615:26): pid=7181 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.316" name="blkio.bfq.time_recursive" dev="tmpfs" ino=319 res=0 errno=0 [ 120.818936][ T7204] netlink: 'syz.1.332': attribute type 27 has an invalid length. [ 120.929454][ T7207] netlink: 8 bytes leftover after parsing attributes in process `syz.1.332'. [ 120.983878][ T7207] netlink: 4 bytes leftover after parsing attributes in process `syz.1.332'. [ 121.014110][ T7207] netlink: 'syz.1.332': attribute type 12 has an invalid length. [ 121.085315][ T7215] netlink: 16 bytes leftover after parsing attributes in process `syz.3.333'. [ 121.212775][ T30] audit: type=1800 audit(1742601152.515:27): pid=7220 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.335" name="blkio.bfq.time_recursive" dev="tmpfs" ino=341 res=0 errno=0 [ 121.237254][ T7220] FAULT_INJECTION: forcing a failure. [ 121.237254][ T7220] name failslab, interval 1, probability 0, space 0, times 0 [ 121.265203][ T7204] sit0: left promiscuous mode [ 121.277109][ T7220] CPU: 0 UID: 0 PID: 7220 Comm: syz.4.335 Not tainted 6.14.0-rc7-syzkaller-01413-gd9917c7d533c #0 [ 121.277140][ T7220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 121.277153][ T7220] Call Trace: [ 121.277161][ T7220] [ 121.277171][ T7220] dump_stack_lvl+0x241/0x360 [ 121.277204][ T7220] ? __pfx_dump_stack_lvl+0x10/0x10 [ 121.277229][ T7220] ? __pfx__printk+0x10/0x10 [ 121.277253][ T7220] ? __kmalloc_noprof+0xb5/0x4c0 [ 121.277283][ T7220] ? __pfx___might_resched+0x10/0x10 [ 121.277318][ T7220] should_fail_ex+0x40a/0x550 [ 121.277356][ T7220] should_failslab+0xac/0x100 [ 121.277393][ T7220] __kmalloc_noprof+0xdd/0x4c0 [ 121.277421][ T7220] ? ima_write_template_field_data+0x44/0x490 [ 121.277450][ T7220] ? process_measurement+0x150b/0x1fb0 [ 121.277488][ T7220] ima_write_template_field_data+0x44/0x490 [ 121.277516][ T7220] ? ima_eventdigest_init_common+0x29e/0x3b0 [ 121.277549][ T7220] ima_eventdigest_init_common+0x2d2/0x3b0 [ 121.277584][ T7220] ? __pfx_ima_eventdigest_init_common+0x10/0x10 [ 121.277637][ T7220] ? rcu_is_watching+0x15/0xb0 [ 121.277679][ T7220] ? __kmalloc_noprof+0x2a5/0x4c0 [ 121.277707][ T7220] ? ima_alloc_init_template+0x162/0x6e0 [ 121.277729][ T7220] ? __pfx_ima_eventdigest_ng_init+0x10/0x10 [ 121.277761][ T7220] ima_alloc_init_template+0x2f9/0x6e0 [ 121.277794][ T7220] ima_store_measurement+0x289/0x6f0 [ 121.277827][ T7220] ? __pfx_ima_store_measurement+0x10/0x10 [ 121.277852][ T7220] ? ima_d_path+0x1a4/0x270 [ 121.277895][ T7220] process_measurement+0x150b/0x1fb0 [ 121.277938][ T7220] ? __pfx_process_measurement+0x10/0x10 [ 121.277960][ T7220] ? __pfx_lock_acquire+0x10/0x10 [ 121.277992][ T7220] ? aa_file_perm+0x137/0xf50 [ 121.278056][ T7220] ? __lock_acquire+0x1397/0x2100 [ 121.278089][ T7220] ? apparmor_current_getlsmprop_subj+0xde/0x160 [ 121.278125][ T7220] ima_file_mmap+0x1cd/0x220 [ 121.278153][ T7220] ? __pfx_ima_file_mmap+0x10/0x10 [ 121.278173][ T7220] ? end_current_label_crit_section+0x151/0x180 [ 121.278208][ T7220] ? common_file_perm+0x1a6/0x210 [ 121.278245][ T7220] security_mmap_file+0x7aa/0xa40 [ 121.278276][ T7220] vm_mmap_pgoff+0x14f/0x530 [ 121.278306][ T7220] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 121.278331][ T7220] ? __fget_files+0x2a/0x410 [ 121.278368][ T7220] ? __fget_files+0x395/0x410 [ 121.278397][ T7220] ? __fget_files+0x2a/0x410 [ 121.278432][ T7220] ksys_mmap_pgoff+0x4eb/0x720 [ 121.278465][ T7220] ? __x64_sys_mmap+0x7f/0x140 [ 121.278500][ T7220] do_syscall_64+0xf3/0x230 [ 121.278531][ T7220] ? clear_bhb_loop+0x35/0x90 [ 121.278564][ T7220] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.278592][ T7220] RIP: 0033:0x7f2c8598d169 [ 121.278610][ T7220] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 121.278627][ T7220] RSP: 002b:00007f2c8678b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 121.278648][ T7220] RAX: ffffffffffffffda RBX: 00007f2c85ba5fa0 RCX: 00007f2c8598d169 [ 121.278662][ T7220] RDX: 0000000002000005 RSI: 0000000000003000 RDI: 0000200000001000 [ 121.278675][ T7220] RBP: 00007f2c8678b090 R08: 0000000000000003 R09: 00000000607d8000 [ 121.278688][ T7220] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000001 [ 121.278700][ T7220] R13: 0000000000000000 R14: 00007f2c85ba5fa0 R15: 00007ffe3e43a798 [ 121.278731][ T7220] [ 121.306475][ T30] audit: type=1800 audit(1742601152.545:28): pid=7220 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.335" name="blkio.bfq.time_recursive" dev="tmpfs" ino=341 res=0 errno=0 [ 121.765310][ T30] audit: type=1804 audit(1742601152.585:29): pid=7220 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.4.335" name="/newroot/62/blkio.bfq.time_recursive" dev="tmpfs" ino=341 res=0 errno=0 [ 121.912597][ T7204] tipc: Resetting bearer [ 122.166971][ T7239] netlink: 16 bytes leftover after parsing attributes in process `syz.4.338'. [ 122.900118][ T7204] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 122.913814][ T7204] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 122.924755][ T7204] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 122.934619][ T7204] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.061319][ T7212] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 123.068844][ T7212] IPv6: NLM_F_CREATE should be set when creating new route [ 123.127542][ T7217] 8021q: adding VLAN 0 to HW filter on device bond0 [ 123.136228][ T7217] tipc: Resetting bearer [ 123.143008][ T7217] 8021q: adding VLAN 0 to HW filter on device team0 [ 123.152712][ T7217] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 123.324690][ T7250] netlink: 104 bytes leftover after parsing attributes in process `syz.3.339'. [ 123.360360][ T7254] netlink: 24 bytes leftover after parsing attributes in process `syz.1.340'. [ 123.390488][ T7254] sctp: [Deprecated]: syz.1.340 (pid 7254) Use of struct sctp_assoc_value in delayed_ack socket option. [ 123.390488][ T7254] Use struct sctp_sack_info instead [ 123.673461][ T7265] netlink: 8 bytes leftover after parsing attributes in process `syz.1.344'. [ 123.691880][ T7265] netlink: 4 bytes leftover after parsing attributes in process `syz.1.344'. [ 123.698268][ T7268] FAULT_INJECTION: forcing a failure. [ 123.698268][ T7268] name failslab, interval 1, probability 0, space 0, times 0 [ 123.710726][ T30] audit: type=1800 audit(1742601154.995:30): pid=7268 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.346" name="blkio.bfq.time_recursive" dev="tmpfs" ino=352 res=0 errno=0 [ 123.740636][ T7266] netlink: 'syz.4.345': attribute type 1 has an invalid length. [ 123.746450][ T7268] CPU: 0 UID: 0 PID: 7268 Comm: syz.2.346 Not tainted 6.14.0-rc7-syzkaller-01413-gd9917c7d533c #0 [ 123.746480][ T7268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 123.746494][ T7268] Call Trace: [ 123.746503][ T7268] [ 123.746512][ T7268] dump_stack_lvl+0x241/0x360 [ 123.746548][ T7268] ? __pfx_dump_stack_lvl+0x10/0x10 [ 123.746573][ T7268] ? __pfx__printk+0x10/0x10 [ 123.746600][ T7268] ? __kmalloc_noprof+0xb5/0x4c0 [ 123.746633][ T7268] ? __pfx___might_resched+0x10/0x10 [ 123.746669][ T7268] should_fail_ex+0x40a/0x550 [ 123.746710][ T7268] should_failslab+0xac/0x100 [ 123.746742][ T7268] __kmalloc_noprof+0xdd/0x4c0 [ 123.746772][ T7268] ? ima_write_template_field_data+0x44/0x490 [ 123.746811][ T7268] ima_write_template_field_data+0x44/0x490 [ 123.746852][ T7268] ima_eventname_init_common+0x1e3/0x250 [ 123.746887][ T7268] ? __pfx_ima_eventname_init_common+0x10/0x10 [ 123.746925][ T7268] ? rcu_is_watching+0x15/0xb0 [ 123.746952][ T7268] ? __kmalloc_noprof+0x2a5/0x4c0 [ 123.746982][ T7268] ? ima_alloc_init_template+0x162/0x6e0 [ 123.747006][ T7268] ? __pfx_ima_eventname_ng_init+0x10/0x10 [ 123.747041][ T7268] ima_alloc_init_template+0x2f9/0x6e0 [ 123.747076][ T7268] ima_store_measurement+0x289/0x6f0 [ 123.747112][ T7268] ? __pfx_ima_store_measurement+0x10/0x10 [ 123.747138][ T7268] ? ima_d_path+0x1a4/0x270 [ 123.747186][ T7268] process_measurement+0x150b/0x1fb0 [ 123.747240][ T7268] ? __pfx_process_measurement+0x10/0x10 [ 123.747265][ T7268] ? __pfx_lock_acquire+0x10/0x10 [ 123.747300][ T7268] ? aa_file_perm+0x137/0xf50 [ 123.747367][ T7268] ? __lock_acquire+0x1397/0x2100 [ 123.747404][ T7268] ? apparmor_current_getlsmprop_subj+0xde/0x160 [ 123.747443][ T7268] ima_file_mmap+0x1cd/0x220 [ 123.747469][ T7268] ? __pfx_ima_file_mmap+0x10/0x10 [ 123.747491][ T7268] ? end_current_label_crit_section+0x151/0x180 [ 123.747529][ T7268] ? common_file_perm+0x1a6/0x210 [ 123.747568][ T7268] security_mmap_file+0x7aa/0xa40 [ 123.747603][ T7268] vm_mmap_pgoff+0x14f/0x530 [ 123.747636][ T7268] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 123.747663][ T7268] ? __fget_files+0x2a/0x410 [ 123.747699][ T7268] ? __fget_files+0x395/0x410 [ 123.747730][ T7268] ? __fget_files+0x2a/0x410 [ 123.747768][ T7268] ksys_mmap_pgoff+0x4eb/0x720 [ 123.747804][ T7268] ? __x64_sys_mmap+0x7f/0x140 [ 123.747842][ T7268] do_syscall_64+0xf3/0x230 [ 123.747877][ T7268] ? clear_bhb_loop+0x35/0x90 [ 123.747913][ T7268] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.747943][ T7268] RIP: 0033:0x7f738658d169 [ 123.747963][ T7268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 123.747981][ T7268] RSP: 002b:00007f7387371038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 123.748004][ T7268] RAX: ffffffffffffffda RBX: 00007f73867a5fa0 RCX: 00007f738658d169 [ 123.748020][ T7268] RDX: 0000000002000005 RSI: 0000000000003000 RDI: 0000200000001000 [ 123.748035][ T7268] RBP: 00007f7387371090 R08: 0000000000000003 R09: 00000000607d8000 [ 123.748049][ T7268] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000001 [ 123.748062][ T7268] R13: 0000000000000000 R14: 00007f73867a5fa0 R15: 00007ffd19e2b858 [ 123.748095][ T7268] [ 124.052936][ T7273] lo speed is unknown, defaulting to 1000 [ 124.063946][ T30] audit: type=1800 audit(1742601154.995:31): pid=7268 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.346" name="blkio.bfq.time_recursive" dev="tmpfs" ino=352 res=0 errno=0 [ 124.132334][ T7273] lo speed is unknown, defaulting to 1000 [ 124.148598][ T7273] lo speed is unknown, defaulting to 1000 [ 124.173587][ T30] audit: type=1804 audit(1742601155.085:32): pid=7268 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.2.346" name="/newroot/65/blkio.bfq.time_recursive" dev="tmpfs" ino=352 res=0 errno=0 [ 124.175441][ T7273] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 124.260886][ T7273] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 124.340432][ T7273] lo speed is unknown, defaulting to 1000 [ 124.352296][ T7273] lo speed is unknown, defaulting to 1000 [ 124.363338][ T7273] lo speed is unknown, defaulting to 1000 [ 124.391267][ T30] audit: type=1800 audit(1742601155.685:33): pid=7285 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.352" name="blkio.bfq.time_recursive" dev="tmpfs" ino=435 res=0 errno=0 [ 124.420468][ T7273] lo speed is unknown, defaulting to 1000 [ 124.439197][ T7273] lo speed is unknown, defaulting to 1000 [ 124.463748][ T30] audit: type=1800 audit(1742601155.685:34): pid=7285 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.352" name="blkio.bfq.time_recursive" dev="tmpfs" ino=435 res=0 errno=0 [ 124.643722][ T7296] netlink: 24 bytes leftover after parsing attributes in process `syz.2.356'. [ 124.726203][ T7296] netlink: 176 bytes leftover after parsing attributes in process `syz.2.356'. [ 124.768319][ T7300] FAULT_INJECTION: forcing a failure. [ 124.768319][ T7300] name failslab, interval 1, probability 0, space 0, times 0 [ 124.824617][ T7300] CPU: 1 UID: 0 PID: 7300 Comm: syz.3.358 Not tainted 6.14.0-rc7-syzkaller-01413-gd9917c7d533c #0 [ 124.824647][ T7300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 124.824660][ T7300] Call Trace: [ 124.824667][ T7300] [ 124.824676][ T7300] dump_stack_lvl+0x241/0x360 [ 124.824708][ T7300] ? __pfx_dump_stack_lvl+0x10/0x10 [ 124.824732][ T7300] ? __pfx__printk+0x10/0x10 [ 124.824755][ T7300] ? kmem_cache_alloc_noprof+0x48/0x380 [ 124.824786][ T7300] ? __pfx___might_resched+0x10/0x10 [ 124.824818][ T7300] should_fail_ex+0x40a/0x550 [ 124.824857][ T7300] should_failslab+0xac/0x100 [ 124.824886][ T7300] ? vm_area_dup+0x27/0x290 [ 124.824906][ T7300] kmem_cache_alloc_noprof+0x70/0x380 [ 124.824941][ T7300] vm_area_dup+0x27/0x290 [ 124.824966][ T7300] __split_vma+0x1bf/0xbf0 [ 124.825004][ T7300] ? __pfx___split_vma+0x10/0x10 [ 124.825038][ T7300] ? is_bpf_text_address+0x285/0x2a0 [ 124.825056][ T7300] ? is_bpf_text_address+0x26/0x2a0 [ 124.825076][ T7300] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 124.825112][ T7300] vms_gather_munmap_vmas+0x2e6/0x1600 [ 124.825155][ T7300] ? mtree_range_walk+0x6fd/0x8e0 [ 124.825187][ T7300] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 124.825223][ T7300] ? mas_find+0x8c0/0xbb0 [ 124.825258][ T7300] mmap_region+0xa52/0x2fc0 [ 124.825283][ T7300] ? ksys_mmap_pgoff+0x4eb/0x720 [ 124.825327][ T7300] ? validate_chain+0x11e/0x5920 [ 124.825379][ T7300] ? __pfx_mmap_region+0x10/0x10 [ 124.825460][ T7300] ? __pfx_arch_get_unmapped_area_topdown+0x10/0x10 [ 124.825507][ T7300] ? mm_get_unmapped_area+0xa8/0xd0 [ 124.825530][ T7300] ? shmem_get_unmapped_area+0x2a7/0x8f0 [ 124.825556][ T7300] ? cap_mmap_addr+0xaa/0xf0 [ 124.825584][ T7300] ? bpf_lsm_mmap_addr+0x9/0x10 [ 124.825616][ T7300] ? security_mmap_addr+0x6f/0x250 [ 124.825648][ T7300] ? shmem_mapping+0xd/0x50 [ 124.825684][ T7300] do_mmap+0xecc/0x13a0 [ 124.825727][ T7300] ? __pfx_do_mmap+0x10/0x10 [ 124.825757][ T7300] ? down_write_killable+0x19e/0x260 [ 124.825777][ T7300] ? vm_mmap_pgoff+0x212/0x530 [ 124.825798][ T7300] ? __pfx_down_write_killable+0x10/0x10 [ 124.825817][ T7300] ? common_file_perm+0x1a6/0x210 [ 124.825857][ T7300] vm_mmap_pgoff+0x2a0/0x530 [ 124.825889][ T7300] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 124.825915][ T7300] ? __fget_files+0x2a/0x410 [ 124.825949][ T7300] ? __fget_files+0x395/0x410 [ 124.825978][ T7300] ? __fget_files+0x2a/0x410 [ 124.826012][ T7300] ksys_mmap_pgoff+0x4eb/0x720 [ 124.826045][ T7300] ? __x64_sys_mmap+0x7f/0x140 [ 124.826080][ T7300] do_syscall_64+0xf3/0x230 [ 124.826111][ T7300] ? clear_bhb_loop+0x35/0x90 [ 124.826142][ T7300] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.826170][ T7300] RIP: 0033:0x7f7a8558d169 [ 124.826188][ T7300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 124.826205][ T7300] RSP: 002b:00007f7a86337038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 124.826227][ T7300] RAX: ffffffffffffffda RBX: 00007f7a857a5fa0 RCX: 00007f7a8558d169 [ 124.826241][ T7300] RDX: 0000000002000005 RSI: 0000000000003000 RDI: 0000200000001000 [ 124.826255][ T7300] RBP: 00007f7a86337090 R08: 0000000000000003 R09: 00000000607d8000 [ 124.826268][ T7300] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000002 [ 124.826280][ T7300] R13: 0000000000000000 R14: 00007f7a857a5fa0 R15: 00007ffe54e8f8b8 [ 124.826311][ T7300] [ 125.343804][ T30] kauditd_printk_skb: 2 callbacks suppressed [ 125.343823][ T30] audit: type=1800 audit(1742601156.625:37): pid=7314 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.365" name="hugetlb.2MB.rsvd.usage_in_bytes" dev="tmpfs" ino=368 res=0 errno=0 [ 125.508993][ T30] audit: type=1804 audit(1742601156.815:38): pid=7329 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.369" name="/newroot/70/cgroup.controllers" dev="tmpfs" ino=379 res=1 errno=0 [ 125.531519][ T30] audit: type=1800 audit(1742601156.815:39): pid=7329 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.369" name="cgroup.controllers" dev="tmpfs" ino=379 res=0 errno=0 [ 125.618961][ T7323] RDS: rds_bind could not find a transport for fc00::1, load rds_tcp or rds_rdma? [ 125.831336][ T7346] FAULT_INJECTION: forcing a failure. [ 125.831336][ T7346] name failslab, interval 1, probability 0, space 0, times 0 [ 125.844407][ T30] audit: type=1800 audit(1742601157.135:40): pid=7346 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.375" name="blkio.bfq.time_recursive" dev="tmpfs" ino=373 res=0 errno=0 [ 125.872176][ T7346] CPU: 1 UID: 0 PID: 7346 Comm: syz.3.375 Not tainted 6.14.0-rc7-syzkaller-01413-gd9917c7d533c #0 [ 125.872205][ T7346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 125.872217][ T7346] Call Trace: [ 125.872224][ T7346] [ 125.872232][ T7346] dump_stack_lvl+0x241/0x360 [ 125.872263][ T7346] ? __pfx_dump_stack_lvl+0x10/0x10 [ 125.872287][ T7346] ? __pfx__printk+0x10/0x10 [ 125.872311][ T7346] ? kmem_cache_alloc_noprof+0x48/0x380 [ 125.872342][ T7346] ? __pfx___might_resched+0x10/0x10 [ 125.872373][ T7346] should_fail_ex+0x40a/0x550 [ 125.872411][ T7346] should_failslab+0xac/0x100 [ 125.872440][ T7346] ? vm_area_dup+0x61/0x290 [ 125.872460][ T7346] kmem_cache_alloc_noprof+0x70/0x380 [ 125.872494][ T7346] vm_area_dup+0x61/0x290 [ 125.872518][ T7346] __split_vma+0x1bf/0xbf0 [ 125.872569][ T7346] ? __pfx___split_vma+0x10/0x10 [ 125.872602][ T7346] ? is_bpf_text_address+0x285/0x2a0 [ 125.872620][ T7346] ? is_bpf_text_address+0x26/0x2a0 [ 125.872640][ T7346] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 125.872673][ T7346] vms_gather_munmap_vmas+0x2e6/0x1600 [ 125.872714][ T7346] ? mtree_range_walk+0x6fd/0x8e0 [ 125.872745][ T7346] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 125.872781][ T7346] ? mas_find+0x8c0/0xbb0 [ 125.872815][ T7346] mmap_region+0xa52/0x2fc0 [ 125.872840][ T7346] ? ksys_mmap_pgoff+0x4eb/0x720 [ 125.872883][ T7346] ? validate_chain+0x11e/0x5920 [ 125.872924][ T7346] ? __pfx_mmap_region+0x10/0x10 [ 125.873005][ T7346] ? __pfx_arch_get_unmapped_area_topdown+0x10/0x10 [ 125.873055][ T7346] ? mm_get_unmapped_area+0xa8/0xd0 [ 125.873078][ T7346] ? shmem_get_unmapped_area+0x2a7/0x8f0 [ 125.873105][ T7346] ? cap_mmap_addr+0xaa/0xf0 [ 125.873132][ T7346] ? bpf_lsm_mmap_addr+0x9/0x10 [ 125.873158][ T7346] ? security_mmap_addr+0x6f/0x250 [ 125.873188][ T7346] ? shmem_mapping+0xd/0x50 [ 125.873221][ T7346] do_mmap+0xecc/0x13a0 [ 125.873263][ T7346] ? __pfx_do_mmap+0x10/0x10 [ 125.873292][ T7346] ? down_write_killable+0x19e/0x260 [ 125.873311][ T7346] ? vm_mmap_pgoff+0x212/0x530 [ 125.873331][ T7346] ? __pfx_down_write_killable+0x10/0x10 [ 125.873349][ T7346] ? common_file_perm+0x1a6/0x210 [ 125.873388][ T7346] vm_mmap_pgoff+0x2a0/0x530 [ 125.873419][ T7346] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 125.873443][ T7346] ? __fget_files+0x2a/0x410 [ 125.873479][ T7346] ? __fget_files+0x395/0x410 [ 125.873506][ T7346] ? __fget_files+0x2a/0x410 [ 125.873540][ T7346] ksys_mmap_pgoff+0x4eb/0x720 [ 125.873570][ T7346] ? __x64_sys_mmap+0x7f/0x140 [ 125.873603][ T7346] do_syscall_64+0xf3/0x230 [ 125.873633][ T7346] ? clear_bhb_loop+0x35/0x90 [ 125.873665][ T7346] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 125.873693][ T7346] RIP: 0033:0x7f7a8558d169 [ 125.873711][ T7346] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 125.873726][ T7346] RSP: 002b:00007f7a86337038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 125.873747][ T7346] RAX: ffffffffffffffda RBX: 00007f7a857a5fa0 RCX: 00007f7a8558d169 [ 125.873761][ T7346] RDX: 0000000002000005 RSI: 0000000000003000 RDI: 0000200000001000 [ 125.873774][ T7346] RBP: 00007f7a86337090 R08: 0000000000000003 R09: 00000000607d8000 [ 125.873786][ T7346] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000002 [ 125.873797][ T7346] R13: 0000000000000000 R14: 00007f7a857a5fa0 R15: 00007ffe54e8f8b8 [ 125.873826][ T7346] [ 126.206092][ T30] audit: type=1800 audit(1742601157.135:41): pid=7346 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.375" name="blkio.bfq.time_recursive" dev="tmpfs" ino=373 res=0 errno=0 [ 126.260767][ T7354] netlink: 'syz.0.378': attribute type 1 has an invalid length. [ 126.267186][ T7343] netlink: 36 bytes leftover after parsing attributes in process `syz.4.374'. [ 126.344440][ T7357] netlink: 'syz.0.379': attribute type 2 has an invalid length. [ 126.389013][ T30] audit: type=1800 audit(1742601157.695:42): pid=7355 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.377" name="blkio.bfq.time_recursive" dev="tmpfs" ino=467 res=0 errno=0 [ 126.411344][ T30] audit: type=1800 audit(1742601157.695:43): pid=7355 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.377" name="blkio.bfq.time_recursive" dev="tmpfs" ino=467 res=0 errno=0 [ 126.607841][ T7370] netlink: 2 bytes leftover after parsing attributes in process `syz.2.384'. [ 126.644789][ T7374] netlink: 4 bytes leftover after parsing attributes in process `syz.3.385'. [ 126.668000][ T7374] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 126.798602][ T7374] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 127.273292][ T30] audit: type=1800 audit(1742601158.575:44): pid=7409 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.392" name="blkio.bfq.time_recursive" dev="tmpfs" ino=474 res=0 errno=0 [ 127.296596][ T7409] FAULT_INJECTION: forcing a failure. [ 127.296596][ T7409] name failslab, interval 1, probability 0, space 0, times 0 [ 127.323969][ T30] audit: type=1800 audit(1742601158.605:45): pid=7409 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.392" name="blkio.bfq.time_recursive" dev="tmpfs" ino=474 res=0 errno=0 [ 127.351064][ T7409] CPU: 0 UID: 0 PID: 7409 Comm: syz.1.392 Not tainted 6.14.0-rc7-syzkaller-01413-gd9917c7d533c #0 [ 127.351095][ T7409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 127.351107][ T7409] Call Trace: [ 127.351114][ T7409] [ 127.351123][ T7409] dump_stack_lvl+0x241/0x360 [ 127.351155][ T7409] ? __pfx_dump_stack_lvl+0x10/0x10 [ 127.351179][ T7409] ? __pfx__printk+0x10/0x10 [ 127.351203][ T7409] ? kmem_cache_alloc_noprof+0x48/0x380 [ 127.351234][ T7409] ? __pfx___might_resched+0x10/0x10 [ 127.351267][ T7409] should_fail_ex+0x40a/0x550 [ 127.351305][ T7409] should_failslab+0xac/0x100 [ 127.351333][ T7409] ? mas_alloc_nodes+0x25b/0x7e0 [ 127.351360][ T7409] kmem_cache_alloc_noprof+0x70/0x380 [ 127.351395][ T7409] mas_alloc_nodes+0x25b/0x7e0 [ 127.351432][ T7409] mas_preallocate+0x575/0x8d0 [ 127.351466][ T7409] ? __pfx_mas_preallocate+0x10/0x10 [ 127.351506][ T7409] ? __mas_set_range+0x133/0x3c0 [ 127.351539][ T7409] __split_vma+0x2f6/0xbf0 [ 127.351577][ T7409] ? __pfx___split_vma+0x10/0x10 [ 127.351611][ T7409] ? is_bpf_text_address+0x285/0x2a0 [ 127.351630][ T7409] ? is_bpf_text_address+0x26/0x2a0 [ 127.351649][ T7409] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 127.351684][ T7409] vms_gather_munmap_vmas+0x2e6/0x1600 [ 127.351727][ T7409] ? mtree_range_walk+0x6fd/0x8e0 [ 127.351760][ T7409] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 127.351797][ T7409] ? mas_find+0x8c0/0xbb0 [ 127.351832][ T7409] mmap_region+0xa52/0x2fc0 [ 127.351858][ T7409] ? ksys_mmap_pgoff+0x4eb/0x720 [ 127.351904][ T7409] ? validate_chain+0x11e/0x5920 [ 127.351948][ T7409] ? __pfx_mmap_region+0x10/0x10 [ 127.352040][ T7409] ? __pfx_arch_get_unmapped_area_topdown+0x10/0x10 [ 127.352092][ T7409] ? mm_get_unmapped_area+0xa8/0xd0 [ 127.352116][ T7409] ? shmem_get_unmapped_area+0x2a7/0x8f0 [ 127.352144][ T7409] ? cap_mmap_addr+0xaa/0xf0 [ 127.352173][ T7409] ? bpf_lsm_mmap_addr+0x9/0x10 [ 127.352201][ T7409] ? security_mmap_addr+0x6f/0x250 [ 127.352232][ T7409] ? shmem_mapping+0xd/0x50 [ 127.352269][ T7409] do_mmap+0xecc/0x13a0 [ 127.352313][ T7409] ? __pfx_do_mmap+0x10/0x10 [ 127.352342][ T7409] ? down_write_killable+0x19e/0x260 [ 127.352362][ T7409] ? vm_mmap_pgoff+0x212/0x530 [ 127.352382][ T7409] ? __pfx_down_write_killable+0x10/0x10 [ 127.352400][ T7409] ? common_file_perm+0x1a6/0x210 [ 127.352439][ T7409] vm_mmap_pgoff+0x2a0/0x530 [ 127.352471][ T7409] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 127.352496][ T7409] ? __fget_files+0x2a/0x410 [ 127.352529][ T7409] ? __fget_files+0x395/0x410 [ 127.352559][ T7409] ? __fget_files+0x2a/0x410 [ 127.352594][ T7409] ksys_mmap_pgoff+0x4eb/0x720 [ 127.352628][ T7409] ? __x64_sys_mmap+0x7f/0x140 [ 127.352663][ T7409] do_syscall_64+0xf3/0x230 [ 127.352693][ T7409] ? clear_bhb_loop+0x35/0x90 [ 127.352725][ T7409] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.352753][ T7409] RIP: 0033:0x7f2b2bd8d169 [ 127.352771][ T7409] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 127.352788][ T7409] RSP: 002b:00007f2b2cb8e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 127.352810][ T7409] RAX: ffffffffffffffda RBX: 00007f2b2bfa5fa0 RCX: 00007f2b2bd8d169 [ 127.352825][ T7409] RDX: 0000000002000005 RSI: 0000000000003000 RDI: 0000200000001000 [ 127.352838][ T7409] RBP: 00007f2b2cb8e090 R08: 0000000000000003 R09: 00000000607d8000 [ 127.352851][ T7409] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000002 [ 127.352862][ T7409] R13: 0000000000000000 R14: 00007f2b2bfa5fa0 R15: 00007ffdf01124e8 [ 127.352893][ T7409] [ 127.819156][ T7424] trusted_key: syz.1.396 sent an empty control message without MSG_MORE. [ 127.999963][ T7412] A link change request failed with some changes committed already. Interface wg0 may have been left with an inconsistent configuration, please check. [ 128.210525][ T30] audit: type=1800 audit(1742601159.515:46): pid=7442 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.402" name="blkio.bfq.time_recursive" dev="tmpfs" ino=426 res=0 errno=0 [ 128.287275][ T7449] netlink: 12 bytes leftover after parsing attributes in process `syz.1.403'. [ 128.431119][ T7457] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 128.456584][ T7453] bond1: entered promiscuous mode [ 128.461784][ T7453] bond1: entered allmulticast mode [ 128.467513][ T7453] 8021q: adding VLAN 0 to HW filter on device bond1 [ 128.577955][ T7462] netlink: 'syz.2.409': attribute type 10 has an invalid length. [ 128.591354][ T7462] dummy0: entered promiscuous mode [ 128.597838][ T7462] dummy0: entered allmulticast mode [ 128.605250][ T7462] team0: Port device dummy0 added [ 128.635211][ T7462] team0: left allmulticast mode [ 128.640243][ T7462] team_slave_0: left allmulticast mode [ 128.646121][ T7462] team_slave_1: left allmulticast mode [ 128.651635][ T7462] dummy0: left allmulticast mode [ 128.662132][ T7462] bridge0: port 3(team0) entered disabled state [ 128.678610][ T7462] dummy0: left promiscuous mode [ 128.712125][ T7462] team0: Port device dummy0 removed [ 128.722650][ T7462] bridge_slave_0: left allmulticast mode [ 128.728756][ T7462] bridge_slave_0: left promiscuous mode [ 128.735719][ T7462] bridge0: port 1(bridge_slave_0) entered disabled state [ 128.758109][ T7462] bridge_slave_1: left allmulticast mode [ 128.773242][ T7462] bridge_slave_1: left promiscuous mode [ 128.779844][ T7462] bridge0: port 2(bridge_slave_1) entered disabled state [ 128.805685][ T7462] bond0: (slave bond_slave_0): Releasing backup interface [ 128.826553][ T7462] bond0: (slave bond_slave_1): Releasing backup interface [ 128.837115][ T7462] team_slave_0: left promiscuous mode [ 128.853161][ T7462] team0: Port device team_slave_0 removed [ 128.869694][ T7462] team_slave_1: left promiscuous mode [ 128.879041][ T7462] team0: Port device team_slave_1 removed [ 128.896587][ T7462] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 128.918403][ T7462] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 128.940164][ T7466] netlink: 'syz.1.410': attribute type 4 has an invalid length. [ 129.149819][ T7480] netlink: 36 bytes leftover after parsing attributes in process `syz.4.415'. [ 129.531890][ T7491] netlink: 20 bytes leftover after parsing attributes in process `syz.2.418'. [ 129.647620][ T7494] netlink: 168864 bytes leftover after parsing attributes in process `syz.3.419'. [ 129.677544][ T7494] openvswitch: netlink: Message has 44053 unknown bytes. [ 129.723107][ T7494] netlink: 68 bytes leftover after parsing attributes in process `syz.3.419'. [ 129.835789][ T7499] netlink: 8 bytes leftover after parsing attributes in process `syz.2.421'. [ 130.102456][ T7509] sctp: [Deprecated]: syz.1.426 (pid 7509) Use of struct sctp_assoc_value in delayed_ack socket option. [ 130.102456][ T7509] Use struct sctp_sack_info instead [ 130.190960][ T7515] netlink: 'syz.4.427': attribute type 8 has an invalid length. [ 130.582526][ T7532] netlink: 'syz.1.429': attribute type 16 has an invalid length. [ 130.594198][ T7532] netlink: 'syz.1.429': attribute type 17 has an invalid length. [ 130.669183][ T7532] tipc: Resetting bearer [ 130.724176][ T7532] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 131.053008][ T7551] A link change request failed with some changes committed already. Interface bond_slave_1 may have been left with an inconsistent configuration, please check. [ 131.360376][ T7561] netlink: 'syz.4.440': attribute type 8 has an invalid length. [ 131.436246][ T7563] netlink: 'syz.1.442': attribute type 4 has an invalid length. [ 131.503634][ T7570] netlink: 'syz.2.443': attribute type 10 has an invalid length. [ 131.532531][ T7570] team0: left promiscuous mode [ 131.565694][ T7570] 8021q: adding VLAN 0 to HW filter on device team0 [ 131.595248][ T7575] netlink: 40 bytes leftover after parsing attributes in process `syz.2.443'. [ 131.605995][ T7570] bond0: (slave team0): Enslaving as an active interface with an up link [ 132.270323][ T7604] lo speed is unknown, defaulting to 1000 [ 132.459348][ T7604] netlink: 16 bytes leftover after parsing attributes in process `syz.3.453'. [ 132.481488][ T7613] netlink: 28 bytes leftover after parsing attributes in process `syz.1.455'. [ 132.497211][ T7616] netlink: 'syz.2.456': attribute type 8 has an invalid length. [ 132.619364][ T30] kauditd_printk_skb: 4 callbacks suppressed [ 132.619383][ T30] audit: type=1800 audit(1742601163.925:51): pid=7621 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.458" name="blkio.bfq.time_recursive" dev="tmpfs" ino=522 res=0 errno=0 [ 132.691837][ T30] audit: type=1800 audit(1742601163.955:52): pid=7621 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.458" name="blkio.bfq.time_recursive" dev="tmpfs" ino=522 res=0 errno=0 [ 132.976270][ T7635] netlink: 'syz.1.464': attribute type 10 has an invalid length. [ 132.993307][ T7632] vlan0: entered promiscuous mode [ 133.002613][ T7632] batadv0: entered promiscuous mode [ 133.016321][ T7635] veth1_vlan: left promiscuous mode [ 133.034524][ T7635] team0: Device veth1_vlan failed to register rx_handler [ 133.078306][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.175456][ T7636] netlink: 137456 bytes leftover after parsing attributes in process `syz.4.462'. [ 133.215171][ T7636] netlink: zone id is out of range [ 133.220373][ T7636] netlink: zone id is out of range [ 133.287519][ T7636] netlink: zone id is out of range [ 133.343795][ T7636] netlink: zone id is out of range [ 133.398096][ T7636] netlink: zone id is out of range [ 133.406240][ T7636] netlink: zone id is out of range [ 133.411401][ T7636] netlink: zone id is out of range [ 133.461374][ T7645] netlink: 'syz.2.467': attribute type 10 has an invalid length. [ 133.484871][ T7639] lo speed is unknown, defaulting to 1000 [ 133.496373][ T7647] netlink: 'syz.1.468': attribute type 8 has an invalid length. [ 133.683144][ T7637] lo speed is unknown, defaulting to 1000 [ 133.980157][ T7651] netlink: 8 bytes leftover after parsing attributes in process `syz.2.470'. [ 134.051482][ T7656] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 134.396103][ T7640] bridge0: port 2(bridge_slave_1) entered disabled state [ 134.403710][ T7640] bridge0: port 1(bridge_slave_0) entered disabled state [ 134.584638][ T7640] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 134.682012][ T7640] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.692336][ T7640] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.706596][ T7640] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.718821][ T7640] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.832070][ T7639] net_ratelimit: 2095 callbacks suppressed [ 134.832086][ T7639] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 135.492808][ T7691] netlink: 8 bytes leftover after parsing attributes in process `syz.1.479'. [ 135.567470][ T7697] netlink: 'syz.3.480': attribute type 10 has an invalid length. [ 135.886442][ T7706] lo speed is unknown, defaulting to 1000 [ 136.338859][ T7722] xt_CT: You must specify a L4 protocol and not use inversions on it [ 136.366703][ T7706] lo speed is unknown, defaulting to 1000 [ 136.473253][ T7728] netlink: 152 bytes leftover after parsing attributes in process `syz.1.489'. [ 136.555760][ T7727] pimreg: entered allmulticast mode [ 137.174380][ T7723] pimreg: left allmulticast mode [ 137.195220][ T7749] Bluetooth: MGMT ver 1.23 [ 137.464536][ T7762] tipc: Enabling of bearer rejected, failed to enable media [ 137.509728][ T7767] bond0: Unable to set up delay as MII monitoring is disabled [ 137.727147][ T7779] netlink: 'syz.1.505': attribute type 5 has an invalid length. [ 137.757484][ T7781] netlink: 'syz.4.507': attribute type 10 has an invalid length. [ 137.773383][ T7784] lo speed is unknown, defaulting to 1000 [ 137.841376][ T7790] netlink: 256 bytes leftover after parsing attributes in process `syz.0.506'. [ 137.866301][ T7791] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input6 [ 137.872357][ T7779] : entered promiscuous mode [ 137.992551][ T7787] lo speed is unknown, defaulting to 1000 [ 138.189206][ T7796] syzkaller0: entered promiscuous mode [ 138.217397][ T7796] syzkaller0: entered allmulticast mode [ 138.321072][ T7806] netlink: 'syz.0.512': attribute type 5 has an invalid length. [ 138.352449][ T7806] netlink: 16 bytes leftover after parsing attributes in process `syz.0.512'. [ 140.327714][ T7825] netlink: 45 bytes leftover after parsing attributes in process `syz.1.519'. [ 140.374542][ T7825] netlink: 'syz.1.519': attribute type 11 has an invalid length. [ 140.458062][ T7832] netlink: 'syz.0.520': attribute type 58 has an invalid length. [ 140.493827][ T7832] netlink: 4 bytes leftover after parsing attributes in process `syz.0.520'. [ 140.651674][ T7845] ipt_ECN: cannot use operation on non-tcp rule [ 140.677008][ T7845] netlink: 'syz.2.524': attribute type 27 has an invalid length. [ 140.782762][ T7847] Bluetooth: hci1: Opcode 0x0401 failed: -4 [ 140.835268][ T30] audit: type=1800 audit(1742601172.145:53): pid=7858 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.527" name="blkio.bfq.time_recursive" dev="tmpfs" ino=524 res=0 errno=0 [ 140.864254][ T7858] FAULT_INJECTION: forcing a failure. [ 140.864254][ T7858] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 140.889947][ T7858] CPU: 1 UID: 0 PID: 7858 Comm: syz.2.527 Not tainted 6.14.0-rc7-syzkaller-01413-gd9917c7d533c #0 [ 140.889977][ T7858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 140.889989][ T7858] Call Trace: [ 140.889997][ T7858] [ 140.890005][ T7858] dump_stack_lvl+0x241/0x360 [ 140.890038][ T7858] ? __pfx_dump_stack_lvl+0x10/0x10 [ 140.890062][ T7858] ? __pfx__printk+0x10/0x10 [ 140.890111][ T7858] ? snprintf+0xda/0x120 [ 140.890139][ T7858] should_fail_ex+0x40a/0x550 [ 140.890196][ T7858] _copy_to_user+0x31/0xb0 [ 140.890228][ T7858] simple_read_from_buffer+0xca/0x150 [ 140.890260][ T7858] proc_fail_nth_read+0x1e9/0x250 [ 140.890293][ T7858] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 140.890327][ T7858] ? rw_verify_area+0x243/0x630 [ 140.890348][ T7858] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 140.890392][ T7858] vfs_read+0x1f8/0xb40 [ 140.890415][ T7858] ? fdget_pos+0x254/0x320 [ 140.890447][ T7858] ? __pfx___mutex_lock+0x10/0x10 [ 140.890479][ T7858] ? __pfx_vfs_read+0x10/0x10 [ 140.890505][ T7858] ? __fget_files+0x2a/0x410 [ 140.890538][ T7858] ? __fget_files+0x395/0x410 [ 140.890568][ T7858] ? __fget_files+0x2a/0x410 [ 140.890609][ T7858] ksys_read+0x18f/0x2b0 [ 140.890633][ T7858] ? __pfx_ksys_read+0x10/0x10 [ 140.890656][ T7858] ? do_syscall_64+0x100/0x230 [ 140.890691][ T7858] ? do_syscall_64+0xb6/0x230 [ 140.890725][ T7858] do_syscall_64+0xf3/0x230 [ 140.890757][ T7858] ? clear_bhb_loop+0x35/0x90 [ 140.890791][ T7858] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 140.890818][ T7858] RIP: 0033:0x7f738658bb7c [ 140.890836][ T7858] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 140.890852][ T7858] RSP: 002b:00007f7387371030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 140.890873][ T7858] RAX: ffffffffffffffda RBX: 00007f73867a5fa0 RCX: 00007f738658bb7c [ 140.890887][ T7858] RDX: 000000000000000f RSI: 00007f73873710a0 RDI: 0000000000000004 [ 140.890900][ T7858] RBP: 00007f7387371090 R08: 0000000000000000 R09: 00000000607d8000 [ 140.890912][ T7858] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000002 [ 140.890924][ T7858] R13: 0000000000000000 R14: 00007f73867a5fa0 R15: 00007ffd19e2b858 [ 140.890955][ T7858] [ 141.121828][ T30] audit: type=1800 audit(1742601172.165:54): pid=7858 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.527" name="blkio.bfq.time_recursive" dev="tmpfs" ino=524 res=0 errno=0 [ 141.184832][ T7863] netlink: 152 bytes leftover after parsing attributes in process `syz.1.529'. [ 141.202627][ T7867] netlink: 12 bytes leftover after parsing attributes in process `syz.4.528'. [ 141.239491][ T7866] netlink: 8 bytes leftover after parsing attributes in process `syz.3.531'. [ 141.251711][ T7863] netlink: 'syz.1.529': attribute type 1 has an invalid length. [ 141.294044][ T7866] netlink: 'syz.3.531': attribute type 1 has an invalid length. [ 141.441693][ T7874] netlink: 12 bytes leftover after parsing attributes in process `syz.2.532'. [ 141.730788][ T7885] netlink: 24 bytes leftover after parsing attributes in process `syz.0.533'. [ 141.790235][ T7885] netlink: 48 bytes leftover after parsing attributes in process `syz.0.533'. [ 142.750708][ T5839] Bluetooth: hci1: command 0x0401 tx timeout [ 143.138964][ T7883] ip6tnl1: entered promiscuous mode [ 143.150273][ T7883] ip6tnl1: entered allmulticast mode [ 143.161733][ T7883] team0: Device ip6tnl1 is of different type [ 143.378530][ T7907] netlink: 'syz.3.538': attribute type 29 has an invalid length. [ 143.391146][ T7906] x_tables: duplicate underflow at hook 1 [ 143.420384][ T7905] netlink: 8 bytes leftover after parsing attributes in process `syz.4.539'. [ 143.534262][ T30] audit: type=1800 audit(1742601174.835:55): pid=7918 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.543" name="blkio.bfq.time_recursive" dev="tmpfs" ino=509 res=0 errno=0 [ 143.534981][ T7921] tap0: tun_chr_ioctl cmd 1074025677 [ 143.572378][ T7921] tap0: linktype set to 768 [ 143.624340][ T30] audit: type=1800 audit(1742601174.905:56): pid=7918 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.543" name="blkio.bfq.time_recursive" dev="tmpfs" ino=509 res=0 errno=0 [ 143.759414][ T7924] No such timeout policy "syz0" [ 144.020064][ T7945] netlink: 'syz.4.551': attribute type 13 has an invalid length. [ 144.036686][ T7943] netlink: 'syz.1.550': attribute type 10 has an invalid length. [ 144.087580][ T7946] netlink: 24 bytes leftover after parsing attributes in process `syz.4.551'. [ 144.101362][ T7946] netlink: 48 bytes leftover after parsing attributes in process `syz.4.551'. [ 144.181302][ T7948] macsec2: entered promiscuous mode [ 144.201243][ T7948] dummy0: entered promiscuous mode [ 144.232012][ T7948] dummy0: left promiscuous mode [ 144.565555][ T7963] Cannot find del_set index 286 as target [ 145.058472][ T7995] syzkaller1: entered promiscuous mode [ 145.075366][ T7995] syzkaller1: entered allmulticast mode [ 145.184501][ T8005] netlink: 'syz.2.569': attribute type 8 has an invalid length. [ 145.192283][ T8005] FAULT_INJECTION: forcing a failure. [ 145.192283][ T8005] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 145.249855][ T8005] CPU: 1 UID: 0 PID: 8005 Comm: syz.2.569 Not tainted 6.14.0-rc7-syzkaller-01413-gd9917c7d533c #0 [ 145.249888][ T8005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 145.249901][ T8005] Call Trace: [ 145.249909][ T8005] [ 145.249918][ T8005] dump_stack_lvl+0x241/0x360 [ 145.249950][ T8005] ? __pfx_dump_stack_lvl+0x10/0x10 [ 145.249973][ T8005] ? __pfx__printk+0x10/0x10 [ 145.250001][ T8005] ? snprintf+0xda/0x120 [ 145.250028][ T8005] should_fail_ex+0x40a/0x550 [ 145.250073][ T8005] _copy_to_user+0x31/0xb0 [ 145.250104][ T8005] simple_read_from_buffer+0xca/0x150 [ 145.250136][ T8005] proc_fail_nth_read+0x1e9/0x250 [ 145.250168][ T8005] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 145.250201][ T8005] ? rw_verify_area+0x243/0x630 [ 145.250222][ T8005] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 145.250253][ T8005] vfs_read+0x1f8/0xb40 [ 145.250275][ T8005] ? fdget_pos+0x254/0x320 [ 145.250307][ T8005] ? __pfx___mutex_lock+0x10/0x10 [ 145.250338][ T8005] ? __pfx_vfs_read+0x10/0x10 [ 145.250357][ T8005] ? do_sys_openat2+0x17a/0x1d0 [ 145.250390][ T8005] ? __fget_files+0x2a/0x410 [ 145.250422][ T8005] ? __fget_files+0x395/0x410 [ 145.250451][ T8005] ? __fget_files+0x2a/0x410 [ 145.250490][ T8005] ksys_read+0x18f/0x2b0 [ 145.250514][ T8005] ? __pfx_ksys_read+0x10/0x10 [ 145.250537][ T8005] ? do_syscall_64+0x100/0x230 [ 145.250571][ T8005] ? do_syscall_64+0xb6/0x230 [ 145.250605][ T8005] do_syscall_64+0xf3/0x230 [ 145.250636][ T8005] ? clear_bhb_loop+0x35/0x90 [ 145.250668][ T8005] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 145.250696][ T8005] RIP: 0033:0x7f738658bb7c [ 145.250714][ T8005] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 145.250731][ T8005] RSP: 002b:00007f7387371030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 145.250753][ T8005] RAX: ffffffffffffffda RBX: 00007f73867a5fa0 RCX: 00007f738658bb7c [ 145.250768][ T8005] RDX: 000000000000000f RSI: 00007f73873710a0 RDI: 0000000000000004 [ 145.250780][ T8005] RBP: 00007f7387371090 R08: 0000000000000000 R09: 0000000000000000 [ 145.250793][ T8005] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 145.250804][ T8005] R13: 0000000000000000 R14: 00007f73867a5fa0 R15: 00007ffd19e2b858 [ 145.250834][ T8005] [ 145.713852][ T8015] __nla_validate_parse: 6 callbacks suppressed [ 145.713873][ T8015] netlink: 12 bytes leftover after parsing attributes in process `syz.2.572'. [ 145.968470][ T8004] bridge0: port 2(bridge_slave_1) entered disabled state [ 145.976050][ T8004] bridge0: port 1(bridge_slave_0) entered disabled state [ 146.088884][ T8028] netlink: 12 bytes leftover after parsing attributes in process `syz.0.575'. [ 146.485295][ T8004] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 146.532545][ T8004] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 146.959699][ T8004] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 146.984183][ T8004] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 146.992590][ T8004] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 147.004957][ T8004] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 147.035937][ T8004] bond1: left promiscuous mode [ 147.040778][ T8004] bond1: left allmulticast mode [ 147.322676][ T8041] IPv4: Oversized IP packet from 127.202.26.0 [ 147.415498][ T8046] netlink: 'syz.4.577': attribute type 7 has an invalid length. [ 147.434798][ T8045] netlink: 'syz.3.582': attribute type 6 has an invalid length. [ 147.595106][ T30] audit: type=1800 audit(1742601178.895:57): pid=8053 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.585" name="blkio.bfq.time_recursive" dev="tmpfs" ino=566 res=0 errno=0 [ 147.648124][ T8054] sctp: [Deprecated]: syz.1.584 (pid 8054) Use of int in max_burst socket option. [ 147.648124][ T8054] Use struct sctp_assoc_value instead [ 147.680770][ T30] audit: type=1800 audit(1742601178.895:58): pid=8053 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.585" name="blkio.bfq.time_recursive" dev="tmpfs" ino=566 res=0 errno=0 [ 147.723367][ T8062] smc: net device bond0 applied user defined pnetid SYZ2 [ 147.946126][ T8074] netlink: 32 bytes leftover after parsing attributes in process `syz.4.591'. [ 148.302381][ T8096] netlink: zone id is out of range [ 148.341732][ T8096] netlink: zone id is out of range [ 148.362044][ T8096] netlink: zone id is out of range [ 148.384995][ T8096] netlink: zone id is out of range [ 148.409912][ T8096] netlink: zone id is out of range [ 148.435505][ T8096] netlink: zone id is out of range [ 148.440979][ T8096] netlink: zone id is out of range [ 148.448100][ T8096] netlink: zone id is out of range [ 148.461196][ T8096] netlink: zone id is out of range [ 148.471067][ T8098] netlink: 8 bytes leftover after parsing attributes in process `syz.3.599'. [ 148.502059][ T8099] netlink: 8 bytes leftover after parsing attributes in process `syz.3.599'. [ 148.726153][ T8111] netlink: 'syz.1.602': attribute type 21 has an invalid length. [ 148.755758][ T8111] netlink: 8 bytes leftover after parsing attributes in process `syz.1.602'. [ 148.783986][ T8111] netlink: 12 bytes leftover after parsing attributes in process `syz.1.602'. [ 148.799933][ T8113] macvlan2: entered promiscuous mode [ 148.835174][ T8113] bridge0: entered promiscuous mode [ 149.044498][ T8119] netlink: 'syz.1.606': attribute type 10 has an invalid length. [ 149.539374][ T8136] lo speed is unknown, defaulting to 1000 [ 149.547776][ T8143] netlink: 'syz.3.616': attribute type 1 has an invalid length. [ 149.559906][ T8146] macsec0: entered promiscuous mode [ 149.574724][ T8142] macsec0: left promiscuous mode [ 149.757791][ T8143] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR [ 150.179564][ T8162] lo speed is unknown, defaulting to 1000 [ 150.206390][ T8178] PF_CAN: dropped non conform CAN skbuff: dev type 65534, len 25 [ 150.278763][ T8180] lo speed is unknown, defaulting to 1000 [ 150.378814][ T8188] tipc: Enabled bearer , priority 10 [ 150.582132][ T8193] netlink: 'syz.3.629': attribute type 1 has an invalid length. [ 150.647320][ T8197] IPv6: sit1: Disabled Multicast RS [ 150.653367][ T8197] sit1: entered allmulticast mode [ 150.883700][ T8184] lo speed is unknown, defaulting to 1000 [ 151.197396][ T8222] syzkaller1: entered promiscuous mode [ 151.224234][ T8222] syzkaller1: entered allmulticast mode [ 151.602084][ T8236] netlink: 'syz.4.642': attribute type 8 has an invalid length. [ 152.178623][ T8262] netlink: 28 bytes leftover after parsing attributes in process `syz.3.652'. [ 152.205108][ T8262] netlink: 28 bytes leftover after parsing attributes in process `syz.3.652'. [ 152.224073][ T8262] netlink: 28 bytes leftover after parsing attributes in process `syz.3.652'. [ 152.294738][ T8268] netlink: 8 bytes leftover after parsing attributes in process `syz.4.653'. [ 152.324032][ T8268] netlink: 32 bytes leftover after parsing attributes in process `syz.4.653'. [ 152.428509][ T8268] warning: `syz.4.653' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 152.693949][ T8288] netlink: 'syz.0.657': attribute type 10 has an invalid length. [ 152.957499][ T8293] 8021q: VLANs not supported on ip6gre0 [ 153.548548][ T8321] x_tables: ip_tables: socket match: used from hooks OUTPUT, but only valid from PREROUTING/INPUT [ 153.711371][ T8327] Cannot find del_set index 2 as target [ 153.809143][ T8329] lo speed is unknown, defaulting to 1000 [ 153.909840][ T8334] netlink: 12 bytes leftover after parsing attributes in process `syz.4.673'. [ 153.940193][ T8334] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 153.949381][ T8334] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 153.958158][ T8334] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 153.966582][ T8334] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 154.005030][ T8334] netdevsim netdevsim4 eth0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 154.014483][ T8334] netdevsim netdevsim4 eth1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 154.022903][ T8334] netdevsim netdevsim4 eth2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 154.032690][ T8334] netdevsim netdevsim4 eth3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 154.408020][ T8355] ieee802154 phy0 wpan0: encryption failed: -22 [ 154.435177][ T8351] vlan0: entered promiscuous mode [ 154.461046][ T8358] netlink: 8 bytes leftover after parsing attributes in process `syz.4.680'. [ 154.654295][ T8365] netlink: 16 bytes leftover after parsing attributes in process `syz.3.681'. [ 154.749446][ T8374] netlink: 4 bytes leftover after parsing attributes in process `syz.0.685'. [ 154.852464][ T5839] Bluetooth: hci4: link tx timeout [ 154.860472][ T5839] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 155.036050][ T8389] netpci0: tun_chr_ioctl cmd 1074025681 [ 155.151984][ T8394] vlan2: entered promiscuous mode [ 155.160662][ T8394] vlan2: entered allmulticast mode [ 155.165992][ T8394] hsr_slave_1: entered allmulticast mode [ 155.233137][ T8397] netlink: 4 bytes leftover after parsing attributes in process `syz.3.689'. [ 155.805481][ T8413] team0: left allmulticast mode [ 155.810791][ T8413] team_slave_0: left allmulticast mode [ 155.846361][ T8413] team_slave_1: left allmulticast mode [ 155.860847][ T8413] team0: left promiscuous mode [ 155.873061][ T8413] team_slave_0: left promiscuous mode [ 155.881535][ T8413] team_slave_1: left promiscuous mode [ 155.890215][ T8413] bridge0: port 3(team0) entered disabled state [ 156.021088][ T8413] bridge_slave_0: left allmulticast mode [ 156.027084][ T8413] bridge_slave_0: left promiscuous mode [ 156.032933][ T8413] bridge0: port 1(bridge_slave_0) entered disabled state [ 156.085208][ T8413] bridge_slave_1: left allmulticast mode [ 156.096730][ T8413] bridge_slave_1: left promiscuous mode [ 156.102635][ T8413] bridge0: port 2(bridge_slave_1) entered disabled state [ 156.138192][ T8413] team0: Port device team_slave_0 removed [ 156.150645][ T8413] team0: Failed to send options change via netlink (err -105) [ 156.161162][ T8413] team0: Failed to send port change of device team_slave_1 via netlink (err -105) [ 156.181198][ T8413] team0: Port device team_slave_1 removed [ 156.189076][ T8413] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 156.200484][ T8413] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 156.219618][ T8423] vlan2: entered promiscuous mode [ 156.236578][ T8423] batadv0: entered promiscuous mode [ 156.319999][ T8432] netlink: 'syz.4.698': attribute type 10 has an invalid length. [ 156.444881][ T8437] No such timeout policy "syz0" [ 156.672123][ T8453] tipc: Invalid UDP bearer configuration [ 156.672173][ T8453] tipc: Enabling of bearer rejected, failed to enable media [ 156.904137][ T5839] Bluetooth: hci4: command 0x0405 tx timeout [ 156.963385][ T8473] ªªªªªª: renamed from lo [ 157.170724][ T8478] netlink: 'syz.0.714': attribute type 1 has an invalid length. [ 157.202344][ T8480] netdevsim netdevsim3 netdevsim0: entered promiscuous mode [ 157.211177][ T8482] netlink: 'syz.0.714': attribute type 1 has an invalid length. [ 157.234685][ T8480] __nla_validate_parse: 5 callbacks suppressed [ 157.234706][ T8480] netlink: 8 bytes leftover after parsing attributes in process `syz.3.715'. [ 157.251652][ T8483] netlink: 'syz.2.716': attribute type 16 has an invalid length. [ 157.270533][ T8483] netlink: 'syz.2.716': attribute type 17 has an invalid length. [ 157.304062][ T8480] netlink: 4 bytes leftover after parsing attributes in process `syz.3.715'. [ 157.367477][ T8483] 8021q: adding VLAN 0 to HW filter on device bond0 [ 157.391465][ T8483] net_ratelimit: 322 callbacks suppressed [ 157.391478][ T8483] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 157.395388][ T8467] netlink: 40 bytes leftover after parsing attributes in process `syz.1.710'. [ 157.418958][ T7244] lo speed is unknown, defaulting to 1000 [ 157.447750][ T8467] netlink: 72 bytes leftover after parsing attributes in process `syz.1.710'. [ 157.564634][ T8488] batadv_slave_0: entered promiscuous mode [ 157.570673][ T8488] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check. [ 157.594767][ T8488] netlink: 20 bytes leftover after parsing attributes in process `syz.0.718'. [ 157.912970][ T8504] delete_channel: no stack [ 158.093257][ T8514] netlink: 'syz.3.729': attribute type 29 has an invalid length. [ 158.202110][ T8530] netlink: 'syz.2.731': attribute type 8 has an invalid length. [ 158.421605][ T8540] xt_TCPMSS: Only works on TCP SYN packets [ 158.664817][ T8546] xt_l2tp: missing protocol rule (udp|l2tpip) [ 158.774702][ T8548] netlink: 'syz.2.739': attribute type 5 has an invalid length. [ 158.792680][ T8548] netlink: 16 bytes leftover after parsing attributes in process `syz.2.739'. [ 158.824517][ T8558] xt_hashlimit: size too large, truncated to 1048576 [ 158.840806][ T8555] xt_hashlimit: size too large, truncated to 1048576 [ 158.861544][ T8558] xt_hashlimit: max too large, truncated to 1048576 [ 158.874942][ T8555] xt_hashlimit: max too large, truncated to 1048576 [ 158.918848][ T8555] syz.3.742: vmalloc error: size 8392704, failed to allocated page array size 16392, mode:0xcc2(GFP_KERNEL|__GFP_HIGHMEM), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 158.971099][ T8555] CPU: 0 UID: 0 PID: 8555 Comm: syz.3.742 Not tainted 6.14.0-rc7-syzkaller-01413-gd9917c7d533c #0 [ 158.971132][ T8555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 158.971144][ T8555] Call Trace: [ 158.971151][ T8555] [ 158.971160][ T8555] dump_stack_lvl+0x241/0x360 [ 158.971192][ T8555] ? __pfx_dump_stack_lvl+0x10/0x10 [ 158.971216][ T8555] ? __pfx__printk+0x10/0x10 [ 158.971243][ T8555] ? cpuset_print_current_mems_allowed+0x1f/0x350 [ 158.971271][ T8555] ? cpuset_print_current_mems_allowed+0x31e/0x350 [ 158.971301][ T8555] warn_alloc+0x278/0x410 [ 158.971329][ T8555] ? __pfx_warn_alloc+0x10/0x10 [ 158.971357][ T8555] ? htable_create+0x102/0x880 [ 158.971380][ T8555] ? __get_vm_area_node+0x1c8/0x2d0 [ 158.971412][ T8555] ? __get_vm_area_node+0x25c/0x2d0 [ 158.971451][ T8555] __vmalloc_node_range_noprof+0x62f/0x1380 [ 158.971502][ T8555] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 158.971533][ T8555] ? htable_create+0x102/0x880 [ 158.971555][ T8555] vmalloc_noprof+0x79/0x90 [ 158.971575][ T8555] ? htable_create+0x102/0x880 [ 158.971597][ T8555] htable_create+0x102/0x880 [ 158.971627][ T8555] hashlimit_mt_check_common+0x710/0xa40 [ 158.971658][ T8555] hashlimit_mt_check_v1+0x2ea/0x540 [ 158.971684][ T8555] ? __pfx_hashlimit_mt_check_v1+0x10/0x10 [ 158.971704][ T8555] ? trace_contention_end+0x3c/0x120 [ 158.971739][ T8555] ? __mutex_unlock_slowpath+0x227/0x800 [ 158.971775][ T8555] xt_check_match+0x368/0xa40 [ 158.971798][ T8555] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 158.971829][ T8555] ? __pfx_xt_check_match+0x10/0x10 [ 158.971864][ T8555] ? xt_find_match+0x1df/0x230 [ 158.971905][ T8555] translate_table+0x1704/0x2490 [ 158.971989][ T8555] ? __pfx_translate_table+0x10/0x10 [ 158.972021][ T8555] ? __might_fault+0xaa/0x120 [ 158.972043][ T8555] ? __pfx_lock_release+0x10/0x10 [ 158.972081][ T8555] ? __virt_addr_valid+0x183/0x530 [ 158.972106][ T8555] ? __might_fault+0xc6/0x120 [ 158.972132][ T8555] ? copy_from_sockptr_offset+0x6b/0xb0 [ 158.972167][ T8555] do_ip6t_set_ctl+0xe4c/0x1270 [ 158.972205][ T8555] ? nf_setsockopt+0x240/0x2c0 [ 158.972225][ T8555] ? aa_label_sk_perm+0x4f3/0x6c0 [ 158.972255][ T8555] ? __pfx_do_ip6t_set_ctl+0x10/0x10 [ 158.972287][ T8555] ? rcu_is_watching+0x15/0xb0 [ 158.972312][ T8555] ? trace_contention_end+0x3c/0x120 [ 158.972347][ T8555] ? __mutex_unlock_slowpath+0x227/0x800 [ 158.972388][ T8555] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 158.972437][ T8555] nf_setsockopt+0x295/0x2c0 [ 158.972466][ T8555] rawv6_setsockopt+0x2ac/0x690 [ 158.972491][ T8555] ? __pfx_rawv6_setsockopt+0x10/0x10 [ 158.972513][ T8555] ? __pfx_lock_acquire+0x10/0x10 [ 158.972543][ T8555] ? aa_sock_opt_perm+0x79/0x120 [ 158.972575][ T8555] ? sock_common_setsockopt+0x37/0xc0 [ 158.972613][ T8555] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 158.972646][ T8555] do_sock_setsockopt+0x3af/0x720 [ 158.972678][ T8555] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 158.972709][ T8555] ? __fget_files+0x395/0x410 [ 158.972739][ T8555] ? __fget_files+0x2a/0x410 [ 158.972778][ T8555] __x64_sys_setsockopt+0x1ee/0x280 [ 158.972811][ T8555] do_syscall_64+0xf3/0x230 [ 158.972842][ T8555] ? clear_bhb_loop+0x35/0x90 [ 158.972876][ T8555] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 158.972905][ T8555] RIP: 0033:0x7f7a8558d169 [ 158.972924][ T8555] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 158.972941][ T8555] RSP: 002b:00007f7a86337038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 158.972962][ T8555] RAX: ffffffffffffffda RBX: 00007f7a857a5fa0 RCX: 00007f7a8558d169 [ 158.972987][ T8555] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003 [ 158.972999][ T8555] RBP: 00007f7a8560e2a0 R08: 00000000000004a0 R09: 0000000000000000 [ 158.973012][ T8555] R10: 0000200000000940 R11: 0000000000000246 R12: 0000000000000000 [ 158.973026][ T8555] R13: 0000000000000000 R14: 00007f7a857a5fa0 R15: 00007ffe54e8f8b8 [ 158.973056][ T8555] [ 158.973161][ T8555] Mem-Info: [ 159.061872][ T8566] lo speed is unknown, defaulting to 1000 [ 159.110811][ T8555] active_anon:3905 inactive_anon:0 isolated_anon:0 [ 159.110811][ T8555] active_file:1600 inactive_file:38330 isolated_file:0 [ 159.110811][ T8555] unevictable:768 dirty:299 writeback:0 [ 159.110811][ T8555] slab_reclaimable:10896 slab_unreclaimable:98647 [ 159.110811][ T8555] mapped:28608 shmem:1404 pagetables:768 [ 159.110811][ T8555] sec_pagetables:0 bounce:0 [ 159.110811][ T8555] kernel_misc_reclaimable:0 [ 159.110811][ T8555] free:1334686 free_pcp:706 free_cma:0 [ 159.110910][ T8555] Node 0 active_anon:15620kB inactive_anon:0kB active_file:6400kB inactive_file:153252kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:114432kB dirty:1192kB writeback:0kB shmem:4080kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10968kB pagetables:3072kB sec_pagetables:0kB all_unreclaimable? no [ 159.471916][ T8555] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:68kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 159.472332][ T8573] netlink: 8 bytes leftover after parsing attributes in process `syz.1.747'. [ 159.502123][ T8555] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 159.502200][ T8555] lowmem_reserve[]: 0 2489 2490 2490 2490 [ 159.502254][ T8555] Node 0 DMA32 free:1416876kB boost:0kB min:34168kB low:42708kB high:51248kB reserved_highatomic:0KB active_anon:17196kB inactive_anon:0kB active_file:6400kB inactive_file:152936kB unevictable:1536kB writepending:1192kB present:3129332kB managed:2549692kB mlocked:0kB bounce:0kB free_pcp:2368kB local_pcp:1428kB free_cma:0kB [ 159.502314][ T8555] lowmem_reserve[]: 0 0 0 0 0 [ 159.603078][ T8555] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:324kB unevictable:0kB writepending:0kB present:1048580kB managed:364kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB [ 159.730312][ T8555] lowmem_reserve[]: 0 0 0 0 0 [ 159.759807][ T8555] Node 1 Normal free:3903484kB boost:0kB min:55728kB low:69660kB high:83592kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:68kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 159.797563][ T8577] netlink: 160 bytes leftover after parsing attributes in process `syz.1.748'. [ 159.824771][ T8555] lowmem_reserve[]: 0 0 0 0 0 [ 159.838148][ T8555] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 159.871510][ T8555] Node 0 DMA32: 3*4kB (UME) 51*8kB (U) 52*16kB (UME) 57*32kB (ME) 140*64kB (UME) 94*128kB (UM) 49*256kB (UME) 21*512kB (UME) 13*1024kB (UM) 4*2048kB (UM) 327*4096kB (UM) = 1408260kB [ 159.914378][ T8555] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 159.944361][ T8555] Node 1 Normal: 229*4kB (UME) 59*8kB (UME) 45*16kB (UME) 241*32kB (UME) 97*64kB (UME) 39*128kB (UME) 16*256kB (UME) 9*512kB (UME) 3*1024kB (UM) 4*2048kB (UE) 943*4096kB (M) = 3903516kB [ 159.984166][ T8555] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 160.004219][ T8555] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 160.022648][ T8555] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 160.063573][ T8555] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 160.072952][ T8555] 43836 total pagecache pages [ 160.085372][ T8555] 0 pages in swap cache [ 160.089764][ T8555] Free swap = 124996kB [ 160.114167][ T8555] Total swap = 124996kB [ 160.118396][ T8555] 2097051 pages RAM [ 160.122226][ T8555] 0 pages HighMem/MovableOnly [ 160.149124][ T8555] 427906 pages reserved [ 160.159050][ T8555] 0 pages cma reserved [ 160.350802][ T8595] netlink: 'syz.1.752': attribute type 1 has an invalid length. [ 160.359531][ T8595] netlink: 224 bytes leftover after parsing attributes in process `syz.1.752'. [ 161.141906][ T8624] wg1: entered promiscuous mode [ 161.148381][ T8624] wg1: entered allmulticast mode [ 161.171711][ T8626] netlink: 8 bytes leftover after parsing attributes in process `syz.0.762'. [ 161.426257][ T8635] lo speed is unknown, defaulting to 1000 [ 161.557350][ T8609] Bluetooth: hci1: Opcode 0x0401 failed: -4 [ 161.694480][ T8642] vlan3: entered promiscuous mode [ 161.699599][ T8642] batadv0: entered promiscuous mode [ 161.930028][ T8649] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input7 [ 162.594053][ T8682] netlink: 'syz.2.778': attribute type 35 has an invalid length. [ 162.665276][ T5148] Bluetooth: hci1: command 0x0401 tx timeout [ 162.690570][ T8687] x_tables: duplicate underflow at hook 1 [ 162.891145][ T8693] netlink: 'syz.3.781': attribute type 5 has an invalid length. [ 162.905906][ T8693] : entered promiscuous mode [ 163.252915][ T8706] __nla_validate_parse: 5 callbacks suppressed [ 163.252938][ T8706] netlink: 4 bytes leftover after parsing attributes in process `syz.3.784'. [ 163.293050][ T8707] netlink: 900 bytes leftover after parsing attributes in process `syz.0.776'. [ 163.355379][ T8710] netlink: 'syz.2.785': attribute type 15 has an invalid length. [ 163.370965][ T8713] netlink: 8 bytes leftover after parsing attributes in process `syz.3.784'. [ 163.381532][ T8710] netlink: 'syz.2.785': attribute type 3 has an invalid length. [ 163.406976][ T8710] netlink: 24 bytes leftover after parsing attributes in process `syz.2.785'. [ 163.765321][ T8721] netlink: 28 bytes leftover after parsing attributes in process `syz.3.788'. [ 163.793754][ T8721] netlink: 8 bytes leftover after parsing attributes in process `syz.3.788'. [ 163.888252][ T8729] tipc: Enabled bearer , priority 0 [ 164.106902][ T8726] tipc: Disabling bearer [ 164.320038][ T8753] vlan0: left promiscuous mode [ 164.328753][ T8753] netdevsim netdevsim3 netdevsim0: left promiscuous mode [ 164.343322][ T8753] gretap1: left promiscuous mode [ 164.366719][ T8753] bridge0: left promiscuous mode [ 164.373647][ T8753] macvlan2: left promiscuous mode [ 164.609243][ T8770] netlink: 104 bytes leftover after parsing attributes in process `syz.2.801'. [ 164.914051][ T8786] netlink: 8 bytes leftover after parsing attributes in process `syz.1.806'. [ 165.058124][ T8794] netlink: 'syz.3.808': attribute type 1 has an invalid length. [ 165.082905][ T8793] netlink: 'syz.4.809': attribute type 11 has an invalid length. [ 165.105311][ T8793] netlink: 36 bytes leftover after parsing attributes in process `syz.4.809'. [ 165.136519][ T8794] 8021q: adding VLAN 0 to HW filter on device bond1 [ 165.185039][ T8794] bond1: (slave ip6gretap1): making interface the new active one [ 165.209214][ T8794] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link [ 165.306082][ T8794] vlan2: entered promiscuous mode [ 165.363718][ T8794] bond1: entered promiscuous mode [ 165.368990][ T8794] ip6gretap1: entered promiscuous mode [ 165.378613][ T8794] vlan2: entered allmulticast mode [ 165.390833][ T8794] bond1: entered allmulticast mode [ 165.399109][ T8794] ip6gretap1: entered allmulticast mode [ 165.431310][ T8808] netlink: 4 bytes leftover after parsing attributes in process `syz.2.810'. [ 165.821375][ T8814] lo speed is unknown, defaulting to 1000 [ 166.707172][ T9] hid-generic 0005:046D:5505.0001: item fetching failed at offset 0/2 [ 166.765992][ T9] hid-generic 0005:046D:5505.0001: probe with driver hid-generic failed with error -22 [ 168.698024][ T8959] __nla_validate_parse: 10 callbacks suppressed [ 168.698047][ T8959] netlink: 24 bytes leftover after parsing attributes in process `syz.1.850'. [ 168.944176][ T8966] netlink: 'syz.4.856': attribute type 10 has an invalid length. [ 169.178035][ T8970] lo speed is unknown, defaulting to 1000 [ 169.408714][ T8977] xt_addrtype: input interface limitation not valid in POSTROUTING and OUTPUT [ 169.609439][ T8983] mac80211_hwsim hwsim17 wlan1: entered promiscuous mode [ 169.617346][ T8983] mac80211_hwsim hwsim17 wlan1: entered allmulticast mode [ 170.003318][ T8970] netlink: 64 bytes leftover after parsing attributes in process `syz.2.857'. [ 170.252282][ T9005] netlink: 'syz.0.867': attribute type 6 has an invalid length. [ 170.366721][ T9012] netlink: 8 bytes leftover after parsing attributes in process `syz.3.868'. [ 170.411298][ T9012] netlink: 32 bytes leftover after parsing attributes in process `syz.3.868'. [ 170.503275][ T9012] netlink: 4 bytes leftover after parsing attributes in process `syz.3.868'. [ 170.514830][ T9016] netlink: 'syz.0.870': attribute type 10 has an invalid length. [ 170.552615][ T9012] netlink: 'syz.3.868': attribute type 10 has an invalid length. [ 170.594739][ T9012] macvlan0: entered allmulticast mode [ 170.791043][ T9023] lo speed is unknown, defaulting to 1000 [ 171.302655][ T9042] netlink: 'syz.4.880': attribute type 8 has an invalid length. [ 171.639543][ T9056] netlink: 6 bytes leftover after parsing attributes in process `syz.0.885'. [ 171.738664][ T9063] netlink: 'syz.4.886': attribute type 10 has an invalid length. [ 171.950889][ T9068] x_tables: duplicate underflow at hook 2 [ 172.169478][ T9078] netlink: 'syz.3.891': attribute type 13 has an invalid length. [ 172.209788][ T9078] gretap0: refused to change device tx_queue_len [ 172.248533][ T9078] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 172.365380][ T9086] nbd: must specify at least one socket [ 172.566295][ T9090] netlink: 'syz.4.895': attribute type 49 has an invalid length. [ 172.665018][ T9095] netlink: 8 bytes leftover after parsing attributes in process `syz.0.896'. [ 173.150837][ T9111] netlink: 12 bytes leftover after parsing attributes in process `syz.0.902'. [ 173.232985][ T9113] netlink: 16 bytes leftover after parsing attributes in process `syz.2.903'. [ 173.261807][ T9111] netlink: 'syz.0.902': attribute type 8 has an invalid length. [ 173.330673][ T9117] netlink: 12 bytes leftover after parsing attributes in process `syz.2.903'. [ 173.365588][ T9116] sctp: [Deprecated]: syz.3.904 (pid 9116) Use of struct sctp_assoc_value in delayed_ack socket option. [ 173.365588][ T9116] Use struct sctp_sack_info instead [ 173.392870][ T9118] sctp: [Deprecated]: syz.3.904 (pid 9118) Use of struct sctp_assoc_value in delayed_ack socket option. [ 173.392870][ T9118] Use struct sctp_sack_info instead [ 173.418492][ T9119] rdma_rxe: rxe_newlink: failed to add lo [ 173.879791][ T9128] lo speed is unknown, defaulting to 1000 [ 174.256829][ T9137] bond2: entered promiscuous mode [ 174.261936][ T9137] bond2: entered allmulticast mode [ 174.273904][ T9137] 8021q: adding VLAN 0 to HW filter on device bond2 [ 174.643236][ T9137] bond2 (unregistering): Released all slaves [ 174.950477][ T9154] netlink: 16 bytes leftover after parsing attributes in process `syz.3.915'. [ 174.959654][ T9154] netlink: 16 bytes leftover after parsing attributes in process `syz.3.915'. [ 174.981370][ T9154] netlink: 104 bytes leftover after parsing attributes in process `syz.3.915'. [ 175.163369][ T9160] netlink: 36 bytes leftover after parsing attributes in process `syz.3.917'. [ 175.229994][ T9163] netlink: 'syz.0.918': attribute type 1 has an invalid length. [ 175.492132][ T9173] netlink: 4 bytes leftover after parsing attributes in process `syz.2.921'. [ 175.798040][ T9190] bridge0: port 3(veth0_to_bridge) entered blocking state [ 175.834326][ T9190] bridge0: port 3(veth0_to_bridge) entered disabled state [ 175.840183][ T9195] netlink: 4 bytes leftover after parsing attributes in process `syz.2.927'. [ 175.842677][ T9190] veth0_to_bridge: entered allmulticast mode [ 175.870937][ T9190] veth0_to_bridge: entered promiscuous mode [ 176.868487][ T9229] netlink: 12 bytes leftover after parsing attributes in process `syz.3.936'. [ 176.889242][ T9230] tipc: Started in network mode [ 176.929768][ T9230] tipc: Node identity 4, cluster identity 4711 [ 176.950994][ T9230] tipc: Node number set to 4 [ 177.072381][ T9236] netlink: 8 bytes leftover after parsing attributes in process `syz.4.937'. [ 177.615143][ T9262] netlink: 8 bytes leftover after parsing attributes in process `syz.3.946'. [ 178.600638][ T9311] lo speed is unknown, defaulting to 1000 [ 178.662592][ T9318] netlink: 16 bytes leftover after parsing attributes in process `syz.2.967'. [ 178.737587][ T9318] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 178.782420][ T9326] netlink: 'syz.3.972': attribute type 5 has an invalid length. [ 178.793279][ T9318] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 178.833745][ T9318] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 178.857096][ T9318] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 178.875387][ T9318] geneve2: entered allmulticast mode [ 179.191815][ T9344] netlink: 'syz.1.981': attribute type 2 has an invalid length. [ 179.239933][ T9344] netlink: 'syz.1.981': attribute type 1 has an invalid length. [ 179.425070][ T9351] macvtap1: entered promiscuous mode [ 179.443416][ T9351] team0: entered promiscuous mode [ 179.448673][ T9351] team_slave_0: entered promiscuous mode [ 179.478086][ T9351] team_slave_1: entered promiscuous mode [ 179.487474][ T9351] macvtap1: entered allmulticast mode [ 179.489545][ T9359] openvswitch: netlink: Actions may not be safe on all matching packets [ 179.493047][ T9351] team0: entered allmulticast mode [ 179.519703][ T9351] team_slave_0: entered allmulticast mode [ 179.538030][ T9351] team_slave_1: entered allmulticast mode [ 179.547226][ T9351] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 179.577438][ T9358] team0: left allmulticast mode [ 179.600266][ T9358] team_slave_0: left allmulticast mode [ 179.610851][ T9358] team_slave_1: left allmulticast mode [ 179.622986][ T9358] team0: left promiscuous mode [ 179.629067][ T9358] team_slave_0: left promiscuous mode [ 179.641600][ T9358] team_slave_1: left promiscuous mode [ 180.499235][ T9410] __nla_validate_parse: 5 callbacks suppressed [ 180.499256][ T9410] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1005'. [ 180.544135][ T9410] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1005'. [ 180.553192][ T9410] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1005'. [ 180.593899][ T9410] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1005'. [ 180.659219][ T9414] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1009'. [ 180.692112][ T9414] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1009'. [ 180.719451][ T9414] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1009'. [ 180.745396][ T9421] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1009'. [ 180.769662][ T9421] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1009'. [ 181.464815][ T9449] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1023'. [ 182.434348][ T9498] netlink: 'syz.2.1045': attribute type 2 has an invalid length. [ 182.458831][ T9498] netlink: 'syz.2.1045': attribute type 1 has an invalid length. [ 183.009654][ T9528] netlink: 'syz.3.1060': attribute type 1 has an invalid length. [ 183.062765][ T9528] 8021q: adding VLAN 0 to HW filter on device bond2 [ 183.100811][ T9528] vlan3: entered promiscuous mode [ 183.116676][ T9528] bond2: entered promiscuous mode [ 183.143741][ T9528] vlan3: entered allmulticast mode [ 183.148959][ T9528] bond2: entered allmulticast mode [ 183.288391][ T9539] syzkaller1: entered promiscuous mode [ 183.299956][ T9539] syzkaller1: entered allmulticast mode [ 184.120805][ T9586] netlink: 'syz.2.1081': attribute type 10 has an invalid length. [ 184.295281][ T9592] openvswitch: netlink: Message has 44053 unknown bytes. [ 184.746823][ T9615] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.783618][ T9615] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.792900][ T9615] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.820184][ T9615] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.832524][ T9615] geneve2: entered promiscuous mode [ 184.851602][ T9615] geneve2: entered allmulticast mode [ 184.925470][ T9615] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.938721][ T9615] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.948516][ T9615] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.959924][ T9615] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 185.578569][ T9650] __nla_validate_parse: 6 callbacks suppressed [ 185.578591][ T9650] netlink: 336 bytes leftover after parsing attributes in process `syz.0.1114'. [ 185.638570][ T9654] netlink: 'syz.4.1116': attribute type 1 has an invalid length. [ 185.934347][ T9662] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 186.202954][ T9676] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1127'. [ 186.626351][ T9694] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1133'. [ 186.700893][ T9698] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1137'. [ 186.791022][ T9700] xt_CT: You must specify a L4 protocol and not use inversions on it [ 187.072437][ T9714] netlink: 71 bytes leftover after parsing attributes in process `syz.4.1145'. [ 187.570337][ T9734] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1153'. [ 187.798866][ T9741] lo speed is unknown, defaulting to 1000 [ 187.808114][ T9743] netlink: 124 bytes leftover after parsing attributes in process `syz.1.1157'. [ 187.830000][ T9743] nbd: must specify at least one socket [ 188.207954][ T9761] ipvlan0: entered promiscuous mode [ 188.236466][ T9761] ipvlan0: entered allmulticast mode [ 188.241832][ T9761] veth0_vlan: entered allmulticast mode [ 188.522696][ T9772] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 188.781142][ T9782] xt_hashlimit: max too large, truncated to 1048576 [ 188.954418][ T30] audit: type=1804 audit(1742601220.265:59): pid=9789 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1178" name=2F6E6577726F6F742F3234372F18 dev="tmpfs" ino=1285 res=1 errno=0 [ 188.977038][ T30] audit: type=1800 audit(1742601220.265:60): pid=9789 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1178" name=18 dev="tmpfs" ino=1285 res=0 errno=0 [ 189.047724][ T9796] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1180'. [ 189.122399][ T9798] netlink: 'syz.1.1181': attribute type 1 has an invalid length. [ 191.665780][ T9841] syzkaller1: entered promiscuous mode [ 191.671500][ T9841] syzkaller1: entered allmulticast mode [ 191.841942][ T9848] netlink: 'syz.2.1204': attribute type 1 has an invalid length. [ 191.928901][ T9851] netlink: 'syz.3.1205': attribute type 8 has an invalid length. [ 192.145500][ T9861] tipc: Failed to remove unknown binding: 66,1,1/4:260082163/260082165 [ 192.786115][ T9892] ax25_connect(): syz.1.1225 uses autobind, please contact jreuter@yaina.de [ 192.927292][ T9900] ax25_connect(): syz.2.1229 uses autobind, please contact jreuter@yaina.de [ 193.894181][ T9947] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1246'. [ 194.226470][ T9966] netlink: 256 bytes leftover after parsing attributes in process `syz.2.1255'. [ 194.236978][ T9966] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1255'. [ 194.407297][ T9973] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1259'. [ 194.508585][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.810973][ T9995] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1269'. [ 195.679620][T10030] ------------[ cut here ]------------ [ 195.687371][T10030] WARNING: CPU: 0 PID: 10030 at net/ipv4/udp_offload.c:118 udp_tunnel_update_gro_rcv+0x31d/0x670 [ 195.698842][T10030] Modules linked in: [ 195.702794][T10030] CPU: 0 UID: 0 PID: 10030 Comm: syz.4.1286 Not tainted 6.14.0-rc7-syzkaller-01413-gd9917c7d533c #0 [ 195.714362][T10030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 195.725420][T10030] RIP: 0010:udp_tunnel_update_gro_rcv+0x31d/0x670 [ 195.732238][T10030] Code: 23 48 89 eb e8 c4 04 4f f7 c7 05 0a b6 32 10 01 00 00 00 31 ed 45 31 ed e9 80 01 00 00 e8 ab 04 4f f7 eb 40 e8 a4 04 4f f7 90 <0f> 0b 90 e9 5a 02 00 00 e8 96 04 4f f7 eb 2b e8 8f 04 4f f7 eb 24 [ 195.752537][T10030] RSP: 0018:ffffc90003087830 EFLAGS: 00010293 [ 195.758839][T10030] RAX: ffffffff8a72eece RBX: 1ffff1100ee02c7f RCX: ffff888079e70000 [ 195.766941][T10030] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 195.775184][T10030] RBP: 1ffff1100ee02c7f R08: ffffffff8a72e9e5 R09: 1ffffffff207a42e [ 195.783300][T10030] R10: dffffc0000000000 R11: fffffbfff207a42f R12: dffffc0000000000 [ 195.791984][T10030] R13: 0000000000000001 R14: ffff8880770163f8 R15: 0000000000000000 [ 195.800615][T10030] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 195.810235][T10030] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 195.817453][T10030] CR2: 0000200000000000 CR3: 000000005d124000 CR4: 00000000003526f0 [ 195.826174][T10030] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 195.834921][T10030] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 195.842946][T10030] Call Trace: [ 195.846877][T10030] [ 195.849851][T10030] ? __warn+0x165/0x4d0 [ 195.854658][T10030] ? udp_tunnel_update_gro_rcv+0x31d/0x670 [ 195.860517][T10030] ? report_bug+0x2b3/0x500 [ 195.865731][T10030] ? udp_tunnel_update_gro_rcv+0x31d/0x670 [ 195.871592][T10030] ? handle_bug+0x60/0x90 [ 195.876580][T10030] ? exc_invalid_op+0x1a/0x50 [ 195.881297][T10030] ? asm_exc_invalid_op+0x1a/0x20 [ 195.887096][T10030] ? udp_tunnel_update_gro_rcv+0xb5/0x670 [ 195.892861][T10030] ? udp_tunnel_update_gro_rcv+0x59e/0x670 [ 195.899769][T10030] ? udp_tunnel_update_gro_rcv+0x31d/0x670 [ 195.905920][T10030] udpv6_destroy_sock+0x230/0x2a0 [ 195.911013][T10030] ? __pfx_udpv6_destroy_sock+0x10/0x10 [ 195.917524][T10030] sk_common_release+0x71/0x2e0 [ 195.922427][T10030] inet_release+0x17d/0x200 [ 195.927943][T10030] sock_close+0xbc/0x240 [ 195.932255][T10030] ? __pfx_sock_close+0x10/0x10 [ 195.937828][T10030] __fput+0x3e9/0x9f0 [ 195.941882][T10030] task_work_run+0x24f/0x310 [ 195.947247][T10030] ? __pfx_task_work_run+0x10/0x10 [ 195.952406][T10030] ? do_exit+0xa25/0x2940 [ 195.956928][T10030] ? do_exit+0xa25/0x2940 [ 195.961333][T10030] do_exit+0xa2a/0x2940 [ 195.965604][T10030] ? __pfx_do_exit+0x10/0x10 [ 195.970248][T10030] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 195.975713][T10030] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 195.981747][T10030] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 195.988789][T10030] ? _raw_spin_lock_irq+0xdf/0x120 [ 195.994423][T10030] do_group_exit+0x207/0x2c0 [ 195.999034][T10030] ? _raw_spin_unlock_irq+0x23/0x50 [ 196.004881][T10030] ? lockdep_hardirqs_on+0x99/0x150 [ 196.010119][T10030] get_signal+0x168c/0x1720 [ 196.015128][T10030] ? __pfx_get_signal+0x10/0x10 [ 196.020009][T10030] arch_do_signal_or_restart+0x96/0x860 [ 196.026202][T10030] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 196.032388][T10030] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 196.038860][T10030] ? syscall_exit_to_user_mode+0xa3/0x340 [ 196.045248][T10030] syscall_exit_to_user_mode+0xce/0x340 [ 196.050844][T10030] do_syscall_64+0x100/0x230 [ 196.055900][T10030] ? clear_bhb_loop+0x35/0x90 [ 196.060603][T10030] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 196.067131][T10030] RIP: 0033:0x7f2c8598d169 [ 196.071660][T10030] Code: Unable to access opcode bytes at 0x7f2c8598d13f. [ 196.079291][T10030] RSP: 002b:00007f2c8678b0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 196.088392][T10030] RAX: fffffffffffffe00 RBX: 00007f2c85ba5fa8 RCX: 00007f2c8598d169 [ 196.096931][T10030] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f2c85ba5fa8 [ 196.105743][T10030] RBP: 00007f2c85ba5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 196.114264][T10030] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2c85ba5fac [ 196.122280][T10030] R13: 0000000000000000 R14: 00007ffe3e43a6b0 R15: 00007ffe3e43a798 [ 196.130830][T10030] [ 196.134385][T10030] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 196.141687][T10030] CPU: 0 UID: 0 PID: 10030 Comm: syz.4.1286 Not tainted 6.14.0-rc7-syzkaller-01413-gd9917c7d533c #0 [ 196.152451][T10030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 196.162513][T10030] Call Trace: [ 196.165808][T10030] [ 196.168768][T10030] dump_stack_lvl+0x241/0x360 [ 196.173486][T10030] ? __pfx_dump_stack_lvl+0x10/0x10 [ 196.178714][T10030] ? __pfx__printk+0x10/0x10 [ 196.183315][T10030] ? vscnprintf+0x5d/0x90 [ 196.187666][T10030] panic+0x349/0x880 [ 196.191586][T10030] ? __warn+0x174/0x4d0 [ 196.195747][T10030] ? __pfx_panic+0x10/0x10 [ 196.200184][T10030] __warn+0x344/0x4d0 [ 196.204178][T10030] ? udp_tunnel_update_gro_rcv+0x31d/0x670 [ 196.210014][T10030] report_bug+0x2b3/0x500 [ 196.214357][T10030] ? udp_tunnel_update_gro_rcv+0x31d/0x670 [ 196.220177][T10030] handle_bug+0x60/0x90 [ 196.224350][T10030] exc_invalid_op+0x1a/0x50 [ 196.228885][T10030] asm_exc_invalid_op+0x1a/0x20 [ 196.233760][T10030] RIP: 0010:udp_tunnel_update_gro_rcv+0x31d/0x670 [ 196.240184][T10030] Code: 23 48 89 eb e8 c4 04 4f f7 c7 05 0a b6 32 10 01 00 00 00 31 ed 45 31 ed e9 80 01 00 00 e8 ab 04 4f f7 eb 40 e8 a4 04 4f f7 90 <0f> 0b 90 e9 5a 02 00 00 e8 96 04 4f f7 eb 2b e8 8f 04 4f f7 eb 24 [ 196.259802][T10030] RSP: 0018:ffffc90003087830 EFLAGS: 00010293 [ 196.265894][T10030] RAX: ffffffff8a72eece RBX: 1ffff1100ee02c7f RCX: ffff888079e70000 [ 196.273875][T10030] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 196.281858][T10030] RBP: 1ffff1100ee02c7f R08: ffffffff8a72e9e5 R09: 1ffffffff207a42e [ 196.289849][T10030] R10: dffffc0000000000 R11: fffffbfff207a42f R12: dffffc0000000000 [ 196.297831][T10030] R13: 0000000000000001 R14: ffff8880770163f8 R15: 0000000000000000 [ 196.305813][T10030] ? udp_tunnel_update_gro_rcv+0xb5/0x670 [ 196.311547][T10030] ? udp_tunnel_update_gro_rcv+0x59e/0x670 [ 196.317377][T10030] udpv6_destroy_sock+0x230/0x2a0 [ 196.322416][T10030] ? __pfx_udpv6_destroy_sock+0x10/0x10 [ 196.327974][T10030] sk_common_release+0x71/0x2e0 [ 196.332851][T10030] inet_release+0x17d/0x200 [ 196.337377][T10030] sock_close+0xbc/0x240 [ 196.341634][T10030] ? __pfx_sock_close+0x10/0x10 [ 196.346501][T10030] __fput+0x3e9/0x9f0 [ 196.350507][T10030] task_work_run+0x24f/0x310 [ 196.355111][T10030] ? __pfx_task_work_run+0x10/0x10 [ 196.360226][T10030] ? do_exit+0xa25/0x2940 [ 196.364571][T10030] ? do_exit+0xa25/0x2940 [ 196.368938][T10030] do_exit+0xa2a/0x2940 [ 196.373117][T10030] ? __pfx_do_exit+0x10/0x10 [ 196.377721][T10030] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 196.383108][T10030] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 196.389105][T10030] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 196.395446][T10030] ? _raw_spin_lock_irq+0xdf/0x120 [ 196.400571][T10030] do_group_exit+0x207/0x2c0 [ 196.405178][T10030] ? _raw_spin_unlock_irq+0x23/0x50 [ 196.410388][T10030] ? lockdep_hardirqs_on+0x99/0x150 [ 196.415620][T10030] get_signal+0x168c/0x1720 [ 196.420148][T10030] ? __pfx_get_signal+0x10/0x10 [ 196.425014][T10030] arch_do_signal_or_restart+0x96/0x860 [ 196.430591][T10030] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 196.436756][T10030] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 196.442761][T10030] ? syscall_exit_to_user_mode+0xa3/0x340 [ 196.448496][T10030] syscall_exit_to_user_mode+0xce/0x340 [ 196.454058][T10030] do_syscall_64+0x100/0x230 [ 196.458664][T10030] ? clear_bhb_loop+0x35/0x90 [ 196.463361][T10030] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 196.469268][T10030] RIP: 0033:0x7f2c8598d169 [ 196.473692][T10030] Code: Unable to access opcode bytes at 0x7f2c8598d13f. [ 196.480715][T10030] RSP: 002b:00007f2c8678b0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 196.489140][T10030] RAX: fffffffffffffe00 RBX: 00007f2c85ba5fa8 RCX: 00007f2c8598d169 [ 196.497119][T10030] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f2c85ba5fa8 [ 196.505096][T10030] RBP: 00007f2c85ba5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 196.513069][T10030] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2c85ba5fac [ 196.521070][T10030] R13: 0000000000000000 R14: 00007ffe3e43a6b0 R15: 00007ffe3e43a798 [ 196.529064][T10030] [ 196.532385][T10030] Kernel Offset: disabled [ 196.536788][T10030] Rebooting in 86400 seconds..