last executing test programs: 46.82490976s ago: executing program 3 (id=1484): r0 = accept4$nfc_llcp(0xffffffffffffffff, &(0x7f0000000680), &(0x7f0000000700)=0x60, 0x0) ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r0, 0x4018f50b, &(0x7f0000000740)={0x1, 0x9, 0x8}) (async) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x9}, [@NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x1}]}, @NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELFLOWTABLE={0x70, 0x18, 0xa, 0x401, 0x0, 0x0, {0x3, 0x0, 0x1}, [@NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x6}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x5}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x2}]}, @NFT_MSG_DELCHAIN={0x14, 0x5, 0xa, 0x300, 0x0, 0x0, {0x0, 0x0, 0x5}}], {0x14, 0x10}}, 0xec}}, 0x0) (async) r2 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) (async) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$TIPC_CMD_DISABLE_BEARER(r5, &(0x7f00000240c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000024080)={&(0x7f0000024040)={0x2c, r6, 0x10, 0x70bd2a, 0x25dfdbfe, {{}, {}, {0x10, 0x13, @l2={'eth', 0x3a, 'tunl0\x00'}}}, [""]}, 0x2c}, 0x1, 0x0, 0x0, 0x48084}, 0x20010000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_page_free_batched\x00', r4}, 0x10) (async) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000bb00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x33, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_CMD_GET_LINKS(r7, &(0x7f0000000640)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x24, r6, 0x10, 0x70bd26, 0x25dfdbfc, {{}, {}, {0x8, 0x11, 0x8}}, ["", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x8085) (async) sendmsg$NFT_BATCH(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="4a26840e7cc31aac8781bda6444c18254e861ae4c1a693a5a71c00dd7b5d3ea0b393cbe29552ef4a64f4ca0ee1371ae6f04b6e5aaf863b6fd387d474bde06a69807a06e615efde2198046f1366d55892315e42692fe44bc3748c5e142cccaa03316d75889d05b76c873d5131690bafa9243bc6295ed9f60a88c09187f02622cf90f229f6da717d9201c691f1c974f667b56d6cb0c495b3cd13ba10672d2daf9cd157210021c5c30b15eb2fddc287d600978920f4050b3177dd77e33f62b01d66961c83d578fc49d8c96a2a5cba4ecce91774fb1b538a74360afa5f1c"], 0x23e80}, 0x1, 0x0, 0x0, 0x42000}, 0x52ea55b31c2859d4) (async) r8 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, &(0x7f0000000000)=[@in={0x2, 0xfffc, @empty}], 0x10) sendmmsg$inet6(r8, &(0x7f000000cf00)=[{{&(0x7f00000084c0)={0xa, 0xfffc, 0x0, @loopback}, 0x1c, &(0x7f0000000040)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}}], 0x1, 0x0) (async) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r8, 0x84, 0x1a, &(0x7f0000000140), &(0x7f00000001c0)=0x8) r9 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)={0x1c, 0x3b, 0x107, 0x0, 0x0, {0x4, 0x7c}, [@typed={0x8, 0x0, 0x0, 0x0, @fd}]}, 0x1c}}, 0x0) (async) r10 = socket$xdp(0x2c, 0x3, 0x0) (async) r11 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) setsockopt$ax25_int(r11, 0x101, 0x1, 0x0, 0x0) (async) setsockopt$XDP_UMEM_FILL_RING(r10, 0x11b, 0x5, &(0x7f0000000540)=0x20300, 0x4) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.events\x00', 0x275a, 0x0) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000000, 0x100010, r3, 0x0) (async) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'macsec0\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001e80)=ANY=[@ANYBLOB="3c000000100000010000004d5cabb2babea63f1d", @ANYRES32=r12, @ANYBLOB="00000000000000001c0012800b0001006d616373656300000c00028005000f0000000000"], 0x3c}}, 0x0) 46.824744601s ago: executing program 3 (id=1484): r0 = accept4$nfc_llcp(0xffffffffffffffff, &(0x7f0000000680), &(0x7f0000000700)=0x60, 0x0) ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r0, 0x4018f50b, &(0x7f0000000740)={0x1, 0x9, 0x8}) (async) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x9}, [@NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x1}]}, @NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELFLOWTABLE={0x70, 0x18, 0xa, 0x401, 0x0, 0x0, {0x3, 0x0, 0x1}, [@NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x6}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x5}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x2}]}, @NFT_MSG_DELCHAIN={0x14, 0x5, 0xa, 0x300, 0x0, 0x0, {0x0, 0x0, 0x5}}], {0x14, 0x10}}, 0xec}}, 0x0) (async) r2 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) (async) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$TIPC_CMD_DISABLE_BEARER(r5, &(0x7f00000240c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000024080)={&(0x7f0000024040)={0x2c, r6, 0x10, 0x70bd2a, 0x25dfdbfe, {{}, {}, {0x10, 0x13, @l2={'eth', 0x3a, 'tunl0\x00'}}}, [""]}, 0x2c}, 0x1, 0x0, 0x0, 0x48084}, 0x20010000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_page_free_batched\x00', r4}, 0x10) (async) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000bb00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x33, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_CMD_GET_LINKS(r7, &(0x7f0000000640)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x24, r6, 0x10, 0x70bd26, 0x25dfdbfc, {{}, {}, {0x8, 0x11, 0x8}}, ["", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x8085) (async) sendmsg$NFT_BATCH(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="4a26840e7cc31aac8781bda6444c18254e861ae4c1a693a5a71c00dd7b5d3ea0b393cbe29552ef4a64f4ca0ee1371ae6f04b6e5aaf863b6fd387d474bde06a69807a06e615efde2198046f1366d55892315e42692fe44bc3748c5e142cccaa03316d75889d05b76c873d5131690bafa9243bc6295ed9f60a88c09187f02622cf90f229f6da717d9201c691f1c974f667b56d6cb0c495b3cd13ba10672d2daf9cd157210021c5c30b15eb2fddc287d600978920f4050b3177dd77e33f62b01d66961c83d578fc49d8c96a2a5cba4ecce91774fb1b538a74360afa5f1c"], 0x23e80}, 0x1, 0x0, 0x0, 0x42000}, 0x52ea55b31c2859d4) (async) r8 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, &(0x7f0000000000)=[@in={0x2, 0xfffc, @empty}], 0x10) sendmmsg$inet6(r8, &(0x7f000000cf00)=[{{&(0x7f00000084c0)={0xa, 0xfffc, 0x0, @loopback}, 0x1c, &(0x7f0000000040)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}}], 0x1, 0x0) (async) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r8, 0x84, 0x1a, &(0x7f0000000140), &(0x7f00000001c0)=0x8) r9 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)={0x1c, 0x3b, 0x107, 0x0, 0x0, {0x4, 0x7c}, [@typed={0x8, 0x0, 0x0, 0x0, @fd}]}, 0x1c}}, 0x0) (async) r10 = socket$xdp(0x2c, 0x3, 0x0) (async) r11 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) setsockopt$ax25_int(r11, 0x101, 0x1, 0x0, 0x0) (async) setsockopt$XDP_UMEM_FILL_RING(r10, 0x11b, 0x5, &(0x7f0000000540)=0x20300, 0x4) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.events\x00', 0x275a, 0x0) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000000, 0x100010, r3, 0x0) (async) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'macsec0\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001e80)=ANY=[@ANYBLOB="3c000000100000010000004d5cabb2babea63f1d", @ANYRES32=r12, @ANYBLOB="00000000000000001c0012800b0001006d616373656300000c00028005000f0000000000"], 0x3c}}, 0x0) 46.824577263s ago: executing program 3 (id=1484): r0 = accept4$nfc_llcp(0xffffffffffffffff, &(0x7f0000000680), &(0x7f0000000700)=0x60, 0x0) ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r0, 0x4018f50b, &(0x7f0000000740)={0x1, 0x9, 0x8}) (async) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x9}, [@NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x1}]}, @NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELFLOWTABLE={0x70, 0x18, 0xa, 0x401, 0x0, 0x0, {0x3, 0x0, 0x1}, [@NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x6}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x5}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x2}]}, @NFT_MSG_DELCHAIN={0x14, 0x5, 0xa, 0x300, 0x0, 0x0, {0x0, 0x0, 0x5}}], {0x14, 0x10}}, 0xec}}, 0x0) (async) r2 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) (async) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$TIPC_CMD_DISABLE_BEARER(r5, &(0x7f00000240c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000024080)={&(0x7f0000024040)={0x2c, r6, 0x10, 0x70bd2a, 0x25dfdbfe, {{}, {}, {0x10, 0x13, @l2={'eth', 0x3a, 'tunl0\x00'}}}, [""]}, 0x2c}, 0x1, 0x0, 0x0, 0x48084}, 0x20010000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_page_free_batched\x00', r4}, 0x10) (async) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000bb00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x33, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_CMD_GET_LINKS(r7, &(0x7f0000000640)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x24, r6, 0x10, 0x70bd26, 0x25dfdbfc, {{}, {}, {0x8, 0x11, 0x8}}, ["", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x8085) (async) sendmsg$NFT_BATCH(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="4a26840e7cc31aac8781bda6444c18254e861ae4c1a693a5a71c00dd7b5d3ea0b393cbe29552ef4a64f4ca0ee1371ae6f04b6e5aaf863b6fd387d474bde06a69807a06e615efde2198046f1366d55892315e42692fe44bc3748c5e142cccaa03316d75889d05b76c873d5131690bafa9243bc6295ed9f60a88c09187f02622cf90f229f6da717d9201c691f1c974f667b56d6cb0c495b3cd13ba10672d2daf9cd157210021c5c30b15eb2fddc287d600978920f4050b3177dd77e33f62b01d66961c83d578fc49d8c96a2a5cba4ecce91774fb1b538a74360afa5f1c"], 0x23e80}, 0x1, 0x0, 0x0, 0x42000}, 0x52ea55b31c2859d4) (async) r8 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, &(0x7f0000000000)=[@in={0x2, 0xfffc, @empty}], 0x10) sendmmsg$inet6(r8, &(0x7f000000cf00)=[{{&(0x7f00000084c0)={0xa, 0xfffc, 0x0, @loopback}, 0x1c, &(0x7f0000000040)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}}], 0x1, 0x0) (async) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r8, 0x84, 0x1a, &(0x7f0000000140), &(0x7f00000001c0)=0x8) r9 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)={0x1c, 0x3b, 0x107, 0x0, 0x0, {0x4, 0x7c}, [@typed={0x8, 0x0, 0x0, 0x0, @fd}]}, 0x1c}}, 0x0) (async) r10 = socket$xdp(0x2c, 0x3, 0x0) (async) r11 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) setsockopt$ax25_int(r11, 0x101, 0x1, 0x0, 0x0) (async) setsockopt$XDP_UMEM_FILL_RING(r10, 0x11b, 0x5, &(0x7f0000000540)=0x20300, 0x4) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.events\x00', 0x275a, 0x0) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000000, 0x100010, r3, 0x0) (async) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'macsec0\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001e80)=ANY=[@ANYBLOB="3c000000100000010000004d5cabb2babea63f1d", @ANYRES32=r12, @ANYBLOB="00000000000000001c0012800b0001006d616373656300000c00028005000f0000000000"], 0x3c}}, 0x0) 37.398379542s ago: executing program 3 (id=1484): r0 = accept4$nfc_llcp(0xffffffffffffffff, &(0x7f0000000680), &(0x7f0000000700)=0x60, 0x0) ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r0, 0x4018f50b, &(0x7f0000000740)={0x1, 0x9, 0x8}) (async) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x9}, [@NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x1}]}, @NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELFLOWTABLE={0x70, 0x18, 0xa, 0x401, 0x0, 0x0, {0x3, 0x0, 0x1}, [@NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x6}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x5}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x2}]}, @NFT_MSG_DELCHAIN={0x14, 0x5, 0xa, 0x300, 0x0, 0x0, {0x0, 0x0, 0x5}}], {0x14, 0x10}}, 0xec}}, 0x0) (async) r2 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) (async) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$TIPC_CMD_DISABLE_BEARER(r5, &(0x7f00000240c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000024080)={&(0x7f0000024040)={0x2c, r6, 0x10, 0x70bd2a, 0x25dfdbfe, {{}, {}, {0x10, 0x13, @l2={'eth', 0x3a, 'tunl0\x00'}}}, [""]}, 0x2c}, 0x1, 0x0, 0x0, 0x48084}, 0x20010000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_page_free_batched\x00', r4}, 0x10) (async) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000bb00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x33, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_CMD_GET_LINKS(r7, &(0x7f0000000640)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x24, r6, 0x10, 0x70bd26, 0x25dfdbfc, {{}, {}, {0x8, 0x11, 0x8}}, ["", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x8085) (async) sendmsg$NFT_BATCH(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="4a26840e7cc31aac8781bda6444c18254e861ae4c1a693a5a71c00dd7b5d3ea0b393cbe29552ef4a64f4ca0ee1371ae6f04b6e5aaf863b6fd387d474bde06a69807a06e615efde2198046f1366d55892315e42692fe44bc3748c5e142cccaa03316d75889d05b76c873d5131690bafa9243bc6295ed9f60a88c09187f02622cf90f229f6da717d9201c691f1c974f667b56d6cb0c495b3cd13ba10672d2daf9cd157210021c5c30b15eb2fddc287d600978920f4050b3177dd77e33f62b01d66961c83d578fc49d8c96a2a5cba4ecce91774fb1b538a74360afa5f1c"], 0x23e80}, 0x1, 0x0, 0x0, 0x42000}, 0x52ea55b31c2859d4) (async) r8 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, &(0x7f0000000000)=[@in={0x2, 0xfffc, @empty}], 0x10) sendmmsg$inet6(r8, &(0x7f000000cf00)=[{{&(0x7f00000084c0)={0xa, 0xfffc, 0x0, @loopback}, 0x1c, &(0x7f0000000040)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}}], 0x1, 0x0) (async) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r8, 0x84, 0x1a, &(0x7f0000000140), &(0x7f00000001c0)=0x8) r9 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)={0x1c, 0x3b, 0x107, 0x0, 0x0, {0x4, 0x7c}, [@typed={0x8, 0x0, 0x0, 0x0, @fd}]}, 0x1c}}, 0x0) (async) r10 = socket$xdp(0x2c, 0x3, 0x0) (async) r11 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) setsockopt$ax25_int(r11, 0x101, 0x1, 0x0, 0x0) (async) setsockopt$XDP_UMEM_FILL_RING(r10, 0x11b, 0x5, &(0x7f0000000540)=0x20300, 0x4) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.events\x00', 0x275a, 0x0) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000000, 0x100010, r3, 0x0) (async) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'macsec0\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001e80)=ANY=[@ANYBLOB="3c000000100000010000004d5cabb2babea63f1d", @ANYRES32=r12, @ANYBLOB="00000000000000001c0012800b0001006d616373656300000c00028005000f0000000000"], 0x3c}}, 0x0) 23.612058721s ago: executing program 3 (id=1484): r0 = accept4$nfc_llcp(0xffffffffffffffff, &(0x7f0000000680), &(0x7f0000000700)=0x60, 0x0) ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r0, 0x4018f50b, &(0x7f0000000740)={0x1, 0x9, 0x8}) (async) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x9}, [@NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x1}]}, @NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELFLOWTABLE={0x70, 0x18, 0xa, 0x401, 0x0, 0x0, {0x3, 0x0, 0x1}, [@NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x6}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x5}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x2}]}, @NFT_MSG_DELCHAIN={0x14, 0x5, 0xa, 0x300, 0x0, 0x0, {0x0, 0x0, 0x5}}], {0x14, 0x10}}, 0xec}}, 0x0) (async) r2 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) (async) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$TIPC_CMD_DISABLE_BEARER(r5, &(0x7f00000240c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000024080)={&(0x7f0000024040)={0x2c, r6, 0x10, 0x70bd2a, 0x25dfdbfe, {{}, {}, {0x10, 0x13, @l2={'eth', 0x3a, 'tunl0\x00'}}}, [""]}, 0x2c}, 0x1, 0x0, 0x0, 0x48084}, 0x20010000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_page_free_batched\x00', r4}, 0x10) (async) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000bb00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x33, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_CMD_GET_LINKS(r7, &(0x7f0000000640)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x24, r6, 0x10, 0x70bd26, 0x25dfdbfc, {{}, {}, {0x8, 0x11, 0x8}}, ["", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x8085) (async) sendmsg$NFT_BATCH(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="4a26840e7cc31aac8781bda6444c18254e861ae4c1a693a5a71c00dd7b5d3ea0b393cbe29552ef4a64f4ca0ee1371ae6f04b6e5aaf863b6fd387d474bde06a69807a06e615efde2198046f1366d55892315e42692fe44bc3748c5e142cccaa03316d75889d05b76c873d5131690bafa9243bc6295ed9f60a88c09187f02622cf90f229f6da717d9201c691f1c974f667b56d6cb0c495b3cd13ba10672d2daf9cd157210021c5c30b15eb2fddc287d600978920f4050b3177dd77e33f62b01d66961c83d578fc49d8c96a2a5cba4ecce91774fb1b538a74360afa5f1c"], 0x23e80}, 0x1, 0x0, 0x0, 0x42000}, 0x52ea55b31c2859d4) (async) r8 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, &(0x7f0000000000)=[@in={0x2, 0xfffc, @empty}], 0x10) sendmmsg$inet6(r8, &(0x7f000000cf00)=[{{&(0x7f00000084c0)={0xa, 0xfffc, 0x0, @loopback}, 0x1c, &(0x7f0000000040)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}}], 0x1, 0x0) (async) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r8, 0x84, 0x1a, &(0x7f0000000140), &(0x7f00000001c0)=0x8) r9 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)={0x1c, 0x3b, 0x107, 0x0, 0x0, {0x4, 0x7c}, [@typed={0x8, 0x0, 0x0, 0x0, @fd}]}, 0x1c}}, 0x0) (async) r10 = socket$xdp(0x2c, 0x3, 0x0) (async) r11 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) setsockopt$ax25_int(r11, 0x101, 0x1, 0x0, 0x0) (async) setsockopt$XDP_UMEM_FILL_RING(r10, 0x11b, 0x5, &(0x7f0000000540)=0x20300, 0x4) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.events\x00', 0x275a, 0x0) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000000, 0x100010, r3, 0x0) (async) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'macsec0\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001e80)=ANY=[@ANYBLOB="3c000000100000010000004d5cabb2babea63f1d", @ANYRES32=r12, @ANYBLOB="00000000000000001c0012800b0001006d616373656300000c00028005000f0000000000"], 0x3c}}, 0x0) 13.237766296s ago: executing program 3 (id=1484): r0 = accept4$nfc_llcp(0xffffffffffffffff, &(0x7f0000000680), &(0x7f0000000700)=0x60, 0x0) ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r0, 0x4018f50b, &(0x7f0000000740)={0x1, 0x9, 0x8}) (async) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x9}, [@NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x1}]}, @NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELFLOWTABLE={0x70, 0x18, 0xa, 0x401, 0x0, 0x0, {0x3, 0x0, 0x1}, [@NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x6}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x5}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x2}]}, @NFT_MSG_DELCHAIN={0x14, 0x5, 0xa, 0x300, 0x0, 0x0, {0x0, 0x0, 0x5}}], {0x14, 0x10}}, 0xec}}, 0x0) (async) r2 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) (async) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$TIPC_CMD_DISABLE_BEARER(r5, &(0x7f00000240c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000024080)={&(0x7f0000024040)={0x2c, r6, 0x10, 0x70bd2a, 0x25dfdbfe, {{}, {}, {0x10, 0x13, @l2={'eth', 0x3a, 'tunl0\x00'}}}, [""]}, 0x2c}, 0x1, 0x0, 0x0, 0x48084}, 0x20010000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_page_free_batched\x00', r4}, 0x10) (async) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000bb00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x33, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_CMD_GET_LINKS(r7, &(0x7f0000000640)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x24, r6, 0x10, 0x70bd26, 0x25dfdbfc, {{}, {}, {0x8, 0x11, 0x8}}, ["", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x8085) (async) sendmsg$NFT_BATCH(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="4a26840e7cc31aac8781bda6444c18254e861ae4c1a693a5a71c00dd7b5d3ea0b393cbe29552ef4a64f4ca0ee1371ae6f04b6e5aaf863b6fd387d474bde06a69807a06e615efde2198046f1366d55892315e42692fe44bc3748c5e142cccaa03316d75889d05b76c873d5131690bafa9243bc6295ed9f60a88c09187f02622cf90f229f6da717d9201c691f1c974f667b56d6cb0c495b3cd13ba10672d2daf9cd157210021c5c30b15eb2fddc287d600978920f4050b3177dd77e33f62b01d66961c83d578fc49d8c96a2a5cba4ecce91774fb1b538a74360afa5f1c"], 0x23e80}, 0x1, 0x0, 0x0, 0x42000}, 0x52ea55b31c2859d4) (async) r8 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, &(0x7f0000000000)=[@in={0x2, 0xfffc, @empty}], 0x10) sendmmsg$inet6(r8, &(0x7f000000cf00)=[{{&(0x7f00000084c0)={0xa, 0xfffc, 0x0, @loopback}, 0x1c, &(0x7f0000000040)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}}], 0x1, 0x0) (async) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r8, 0x84, 0x1a, &(0x7f0000000140), &(0x7f00000001c0)=0x8) r9 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)={0x1c, 0x3b, 0x107, 0x0, 0x0, {0x4, 0x7c}, [@typed={0x8, 0x0, 0x0, 0x0, @fd}]}, 0x1c}}, 0x0) (async) r10 = socket$xdp(0x2c, 0x3, 0x0) (async) r11 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) setsockopt$ax25_int(r11, 0x101, 0x1, 0x0, 0x0) (async) setsockopt$XDP_UMEM_FILL_RING(r10, 0x11b, 0x5, &(0x7f0000000540)=0x20300, 0x4) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.events\x00', 0x275a, 0x0) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000000, 0x100010, r3, 0x0) (async) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'macsec0\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001e80)=ANY=[@ANYBLOB="3c000000100000010000004d5cabb2babea63f1d", @ANYRES32=r12, @ANYBLOB="00000000000000001c0012800b0001006d616373656300000c00028005000f0000000000"], 0x3c}}, 0x0) 2.870946604s ago: executing program 2 (id=2109): r0 = syz_genetlink_get_family_id$devlink(&(0x7f0000000200), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_SB_GET(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000540)={0x3c, r0, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}]}, 0x3c}}, 0x0) (async) r2 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030023000b63d25a80648c2594f90124fc600400214002000003053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0) recvmsg$kcm(r2, &(0x7f0000001580)={0x0, 0x1c, 0x0}, 0x0) (async) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x24, 0x4, 0x8, 0x101, 0x0, 0x0, {}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x11}, @CTA_TIMEOUT_L3PROTO={0x6}]}, 0xd}}, 0x0) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), r1) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000240)={&(0x7f0000000140)={0x2c, r4, 0x300, 0x70bd26, 0x25dfdbfd, {}, [@ETHTOOL_A_LINKMODES_DUPLEX={0x5, 0x6, 0x3}, @ETHTOOL_A_LINKMODES_DUPLEX={0x5, 0x6, 0xff}, @ETHTOOL_A_LINKMODES_MASTER_SLAVE_CFG={0x5, 0x7, 0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000045}, 0x48010) 2.761900922s ago: executing program 0 (id=2111): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, 0x0, 0x0) 2.734377466s ago: executing program 1 (id=2112): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14, 0x10, 0x1, 0x0, 0x2400}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_CT_KEY={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x0) 2.572462486s ago: executing program 0 (id=2113): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_SEC_LEVEL(r0, &(0x7f00000003c0)={0x0, 0xc00e, &(0x7f0000000380)={&(0x7f0000000200)={0x14, r1, 0x301, 0x0, 0x0, {0x5}}, 0x14}}, 0x0) 2.544958058s ago: executing program 2 (id=2114): r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) setsockopt$llc_int(r0, 0x10c, 0x5, &(0x7f00000001c0)=0x7f00, 0x4) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000080)=0x100000001, 0x4) connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000540), 0x4) r3 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x213) sendmsg$nl_route(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000980)=@ipv6_getaddr={0x20, 0x16, 0x1, 0x0, 0x0, {}, [@IFA_RT_PRIORITY={0x8}]}, 0x20}}, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000380)=0xffffffffffffffff, 0x4) setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_128={{0x304, 0x37}, "475566172f45f011", "bd14060000000000000092f94413582b", "00001000", "4e67cb72f328ac2f"}, 0x28) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000009c0)=@newtaction={0x64, 0x30, 0x1, 0x0, 0x0, {}, [{0x50, 0x1, [@m_mpls={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c}]}, {0x4, 0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0) writev(r2, &(0x7f0000000000)=[{&(0x7f0000000240)='-', 0xfdef}], 0x1) writev(r1, &(0x7f00000024c0)=[{&(0x7f0000000240)='\r', 0x1}], 0x1) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r1, 0x0) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) bind$bt_l2cap(r4, &(0x7f0000000000), 0xe) syz_genetlink_get_family_id$devlink(&(0x7f00000007c0), 0xffffffffffffffff) 2.390914964s ago: executing program 1 (id=2116): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="e4000000", @ANYRES16=r3, @ANYBLOB="07002abd5248ffdbdf2507ff000008000300", @ANYRES32=r4, @ANYBLOB="0c00990001000c0069000000140004002f6163766c616e3100000000000000000400cc00080005000a"], 0xe4}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00'}) 2.319541599s ago: executing program 4 (id=2117): bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000f80)=ANY=[@ANYBLOB="b70200000b000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f7a80d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001e8c76bbe7ff988a28ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f757036303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4522bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b9fbef2461c96a088a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabfd50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd1389a0963de85dd2b189774450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af1491ef06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f326df86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c39b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa525235da0000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981179186e4000000000000646174b55d251f7f8ca5ccc32a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2a434b9048ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b4783d66661a92f174f8293cf83bceaf6c9eda1f83166aa1e2093d626870510e6cd176d501fe01e4a752fc30134073188e3f826f695e4e14fca6596943467c7df154493023f77c107b3db20ea75b493b4b38dc43986d94748cbfab954edae20982b6d212a44f4b40387876bc9eb73900"/3112], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) 2.18626708s ago: executing program 0 (id=2118): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtaction={0x70, 0x30, 0x0, 0x0, 0x0, {0x9}, [{0x5c, 0x1, [@m_sample={0x58, 0x0, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8}, @TCA_SAMPLE_RATE={0x8}, @TCA_SAMPLE_PARMS={0x18}]}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2}}}}]}]}, 0x70}}, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) getsockopt$IP_VS_SO_GET_SERVICES(r3, 0x1000000, 0x482, 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r1, @ANYBLOB="08000100", @ANYRES32=r2], 0x90}}, 0x0) 2.104314448s ago: executing program 4 (id=2119): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r1, @ANYBLOB="01000000000001e14f003b00000008000300", @ANYRES32=r2, @ANYBLOB="d506330080000000ffffffffffff08"], 0x6f4}}, 0x0) 1.96621399s ago: executing program 1 (id=2120): r0 = socket$phonet(0x23, 0x2, 0x1) ioctl$SIOCPNDELRESOURCE(r0, 0x89ef, &(0x7f0000000000)=0x4) (async) ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x80049367, &(0x7f0000000040)) (async) ioctl$BTRFS_IOC_SNAP_DESTROY(r0, 0x5000940f, &(0x7f0000000080)={{r0}, "097825d083dd9355d590be7ca94fd07d163390a1b921e49062b9358197323f3483e0a6d6bce55cf71e789c13ac64d165eb07ff00d025f060183d55b81d65a691c2299a44edf5cd5a68bf872c93fbafcfa1153bb6f9b33e818340444ada2bb580121586807986102d12e0de3337a3a7ab0f836da43b3b4f4c0937b72e12852082e69ed9d3c7adfec782b1923e64021f3d8eed606cfe6e0c016279132f5b978245aa4bea7743a24a9be409fcc589d394d696557c5147d836d451d8ecaa57b2e1bf4e12c41ad6ecdcca4fc99932f4e44e77e41b90790c4eea36104ce16101b76eab29a8bfcf4357d835a200e29924601eca5afc94cd88be98322115fba5b26f66c8bdc7783cff4ec6536f31c7d3a59420e596a9d177094cfd6b675ecfb2156df49ecfb95220248887e5fd94c5bb0f7fc558917bbbdc80d8675fb6a3e2e263ecfc05f6e8f7111c1f837bab92c1c633e31c691826aa268dc876485f3d6ee4881437fd248af70c30c06b5606b2f336bd01244ee61eab52ab1994a9a21019459ba38ba40b0059b12645f8367076594cc78b2c29747cbfa15b5531c781fa80c325f081be86dff3ab3b1f207c751e8064d92684efdd25478b42804037edfc6ef71e0e823a0de7471ca33ae6f1c67ae171c0a65795bb4854f4ced95c51047a7dba561b926ded89918f9d5d7d1138711fa2afba261221405353d51896f5b44667095362f68143118152541dc32a8416043f93d86311f52f1ddfd9d1a501d049b72e74eaf199e16417a786754b4ff652f356a1039f75118bace2c70353f586ffe920447f3b5153cbd00b09a75cb123bd220108beb2f9d03806abeb82cd23f1cfba96b9545125e13ef72d04201e4bd91db9183458924e30b52bb12d1450cd103c338b68fd35a72e8df467380710b2223e24c5a96d0876ac0a002ad616a51173c52f76b16d1cef530ec1ac9629b09986082614bed5c023d4c296ed5e7aa0a4bdb9695a8f8ea6970564a6c01252ae5218cc30a59bc5ba91be7b8b8257f387ef297ea8f4f6e0293e34951b1ba2cca0de0297b9e1bc7658215a4df58ffda95ee08a4ca17a393200d15d0cb796f620b37afeb10bf0dce7398dd7bf63c82a8af2150271c05cf27498b123ba4af4ccb69bf5ca6a7cab12c361d5b471dd23f670ab5b9cd7b3f50e0fafc81dd05aef39a039f5f569990d806349954de89959c9a2da7dc61f63d5706f866fc1497405fab1d53d54b8a3602ad93ae8cfb3b5007a018c85aaa9d0cf8529f7610883d55039b4fa4d61d6f8430a2e55c723ea6974409f67c756052088b1a672ff5fa31c1d4a599251a3358c635aced73515fd354e750c710fd6f5edaf29f6d3e5aecbcec6adcad0a756b0f0265cb3dd8db5b0b752daa6fc50623111cb49266ac592172cb2c74f29f76682cb708023099dbaf3377771d39421d9835aded13e35de004ef931af1e25d4fe0ab07aa1be22ddf6a497fa173657a1776da929ff5e2246741edb0603117cb98fe4e280024a0954fa77ae18cd28089f704724d2c6a4304f5f46017a807381e4cdbc7963af3521d00970243007cf95ee3b5d72ed7077e48ca7cf3aed778dcd5e94ca5ff6add4807c9fdf294ed7a0b3a6870be6184b1c721c4ce75a3b75c65182d79d0072d3249e08edb4659d548daa804d4bf63cc24680a993f4f5731b9c518b857806294664a04337654e079f187d83215ecc45b7acf4b8730d2b396e93584b2d900d2108bb44039ada7cfbdbfe97e1e38a3b5824915b0b1aa918ef59eb591f8e87f6bb38519c16d0934102c86d619dbd96f97dde9d135dab7b9fcda0216d1b2a009818b4926209a0963b58ab4fc2e28d67654009475527419d65aa4dc5896f6da71244efb9f0e0c200a032f98b00a53738d9d9612c883eea159351e56e070b372928e1491fc58b9d55d5ff24df530b316e37b395af067fddc0071a50bb4a94a0474e4ed5a904bc4c0a9865786aa3d0cf5526516b4686a436e9d3f50572957d1003b7f9dbadf1268d2a0a51ab2122ee5a8b920e8182edbbd947a49f3d8d83a0e9e659779f0bdccd912c4ebf15f61a17aae94d7798ccd4618cac6b49b97455d13cc4bff71ef194c36b280da53bfb1902f4fe5f934aff1d4d87702ab6b0d54cf9b7dbcd46877a597ef5831e588fc1b2af24af0fa861ab51fcbaecb08b5c5bbe04d249f9544bb5d2295ae0ca15da1231441017afc10f877710d46f5de9227cf719937d8ec1f3e6d40bd8f8ef3f514915eca17f725c6a597f83f7eeb268822383672802a859fd6bc94331218c0525798fe08e9108fa1f7efdc5da9686841d4ab35216e1e9d871b78cfd2374ba1e51a85cc20149704eadf7f079da28119c76f42332b5b2d6299b759b801ce502a01e0d1206c535d67e9d0cfc516c8fa58bc42d05efaad3ee4143a352f62cfd78ac6fd37cbffe5bd4c9ef8498849dcb19c64de354aee20ae0fb4c19497440b5fa42e96c1adcdd22dc0a13900de1aac664826c8d7ef1a0f47032b8e9080a01ec0d7e435b569945ae18908d0724ec73ebf63af4e04c38282bd8560d02ee886109f34fa3d9dee0639e8fb0003f6d4536861a39a8325d5fd51d39b77d548b11eb506b38e7ba5edaa4cfd6b3524ef2efb5f1e7492baa69a473983aabae07704f1639f07bd6e4c040fd218086f610c874bfd1ef2d279294bae026aabc8d82889e5c15ee31d4e02c41ba7b22f21fc7dfce9b891f07e3da18ca69148d5f089dd7b27a7b5b0b27769a5b6b8e8c375524b38695b036e70f2518492fee161f9d63979aa6428eca6b1839365ee18784f14a2230b63418c967b9681c064daaa973f441e48e35319130f0b32404095b4b42d2bd7f5d13ab00b57fea2bdf951cb7b705b79b0cb51710a38e7cd87c3203f2b4a5a5e152a68c4b0cc6fc3f809e25b89b6ad5b619c2aa0c300ef8f62275a37123e2637b35cd52adc4f9ab1ba42295ada29503d86e432c5634c235515e34b184b79aa1128115061c0e33b315b672165e2eaccde872d349760ade5a8e5383419c56ff032a3bc7c54cd795e9938af675cb3cc839235589e6c93f59d7a5d290e8b94404925c0eb9fe11aecbfac0bf493c15d9f4d2b7c68ac97051f9c6ba49dc71f8b98720cfa12ce4dd2eaadec35e14e789a21f67e4a822b55b619f06a7db38e9369e9b2871302cc7ab141f6a4f1847b9f83b7e4746a471526a72c47c6a65779b57a0646d1b0ca0d1a786542368d6da33f7c0dd52d9655fb4c90ec785b060b513b9c3b456242bb141dc3da97e26ac6b744696079bd1dfcb52fb1f8886fb9b5568143d33ee72813388f7f085bdda000271ef8a6c56a3312f103c19ded5893d802da83eb077ae9fd3c598e3b2b3d546ce67696dbfa5a3ff8f944a7865cdf9c3cf02a366529941d3690e3e57561682ba2cda4e9e458765342f176926b5754c3219a6760ba90e6fa970c28ffc9db8acc30c47660ecf157ead79f2e5cb0ca69e8f96fc8f64cbe388a9aed4f41bbb9e3a5284871fff29d6370892a8bac1efebdbe4de9ade9a6a9326b6974fddeef559e6ce85f476b8263a84871f5e9c8c416024ca3a3ad9c01a4ce2d0c47936458b8ee57ff3d6a3f47817e79667abf91e21af8ef76311881b7364e8899b47c3ef2611b59e76d5b01d5b4efc67b97badf476e0dd0833ef6591b8375206f894bab587a58c4845fedc097e187da8b2c4b8e7a3a9c1e45c4db4c148ecb3b7dc30c5bb040ab51e5a38e5aef64c8363b6e369275f8b300849c01c0e12a0f7498bdaa01174a54e97e9879d0d3b08b2037d763f4d4f4d38f85d9efd3102c0bc3286dcdb62d1d0196fc8c7490c0f827db2d5c6f65131ef16e17490fe01afe19793b49600197f215d11a5f42a3b32b3555cf325dfd27549f1be9320de1e035411fecedf7f4faa8375d15aaad7a7d38de9af9c608f36c69b2b76b73f397a4b83483e85300c688601206d065013cd92d2136d9a34ca300c45d7c1f0eb902a1548b8147a45daa3fce40ea2deecb4a883580c0b3ff7a862f5ceeced87ad734b45cd7f282f6590cc5ec6f924c22c2be4d8ffdcc45862077f31f10a03e39d9f407699241d795a4b0c0b0c809c17540e92142151136ca53e8d40b46a6b3114fc99041b7735a5922113a586389c7d905624aae47fc39b86fa29976f40a3fffec5d1fbae8ae58b7566c40b2a4e3a6a4c286a87a6f1ec43c2f6ba385a0e9a9c7105f983bd2150786daaa9050735e548ddfebea652e02627ff0e65e778e52c13495a7dd47387bf6a317d35e9f8031e98e2bf23a668884115370535c4f7b68f78d1b680b543375a712c5d2cef725e38be1d4d0890c931c2306bfc180e2591b66a95b4dfb01a7bc1418e5085ce46975b490feaba004c514abd3507c98fd7c8ec3dbd871f3ba90ea35b1ce69ebcdc9d71e2fe669986ca549f86cbf2d12d8390335f9cec4630bbd0a13d8fa7920d1671fdda869118585e308cc873786cbc9904e3aea06f82f6fcabed5a3095659ef653e140e23157e8008231b1528697f3828f6c8ce3210f5cfdeb7757563c81ce24b786a1db0743e979563daa445d0a6dcd0eab881e0e71563b5dce1d087efbc4ed7869d3811ffb460721d833e2950a35360f7ea665ec115e9e9b6c01c811830a350fcfb4b157968587770535a97fcc8322f160bc9513c1e4639b0f1ef19ad606de667e56c1ddc50332f60c20687e8e1b0654d3c8bd1efce9275de55831857b3a6c3637aa95d1e79306766ee72061c5cfc0042b7c282eee0e124a1f293c84b24d04a8239614645bad2559ab04ea52ac39e85254b11b79b21dce09dad0933478d24df0978473697f1843296ad608bfb3d7e5d861e96ab1a7601173abd2a2177450ca3ce3d06248f2da0208eae402938a338be4da8eb32e76256829b297421fe55eeca75298b7c7fa0f39c143da5fd56d73d9289b23411c7edd0e96d097f6506817ee6926ff97b02392a84ec9745b96beaf2e59aa7dcf1b2317bd3dc76b54f53a906dd38d0ffd8997f6de6137f3fbf1a8f24bd80fcd7a835345106c027a9b6e8af7d15c5bade5009b67d650dfd115abd231157902ef5bbb618325836f7acb12849551eb9cb0c77bc54fca4d85e567966cf320994a800512a65a1ac5e1a064564abed2df9d0d3c4cd456975360562f7249a9039321f44d951a9ee47fcbd86117421e98201171fe24097c4e913946ccac439e63045b2d39531a9a94056bf8268d8efa6f412270d325b1f4b15c30e1d96ca64b19b779a05782849ce9a56307caa04f66d0fdc6d9f54db4417908b07e89134d68ee2007ee85fdf7b6dfdaffd382f1e284e4d70222b55974dc0e9a5e440f620d021bd117c66f19a6203e95a9fa09c034b50310998dae27042499efef19f2ece9bd20da5f70300de594e156b98d2f7dbfcdaad27aead5be6ccc9c4d1746d8a5dc58067de579bc5656d6c5a46de74f1070c0aa7e4c840f570169a4fdb6510fd548baa5d092029dd8da64eb374e4df6eaa1a103ef4efcd89c982dd21ffa8b1f31da6caf339c3221fd3037f2a67151f10678280f81e9e2d212984c94f0a03356f03348726be9ce90fb0e31d933e96acb48e7afd59aaff0fe20e6201103ed8b5aec5c4fff9abe4a9ec133c43fd0856c668bb9aaf43d4e8e04b22faaf595aa4d5976da38b925aee252a76a824a54d843b201e59b5985a57a5804163bdf49b0079336c9c85d46c06dd35dba8550ba6d015b83b3d73efea17a0e61f4a8282879ac8d93f4c099dd9f4dbb254c6c4d4c863139d74ad665727216372a1c1f56253118639df199f545"}) (async) ioctl$EXT4_IOC_PRECACHE_EXTENTS(r0, 0x6612) (async) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f0000001080)=0xa77) (async) getsockopt$EBT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x81, &(0x7f0000002140)={'broute\x00', 0x0, 0x4, 0x1000, [0x4, 0x0, 0x818, 0x3, 0x1, 0x3], 0x6, &(0x7f00000010c0)=[{}, {}, {}, {}, {}, {}], &(0x7f0000001140)=""/4096}, &(0x7f00000021c0)=0x78) (async) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, &(0x7f0000002200)={0x0, 0x0, "71459e3495bdd0036a6c46da8684340f1cb04a564ad87e5f195101373b0749201bb402a47b01e6f2a351e2a5aa2f2e9ca8fa967318cb179f27b5deb034bd3e15329b231e51132ac06d0c659c957258ca97ac065c24b814849aa4f0f5a0499fb4b3decd729eaa414a42d6952131380a7fb7949284516be1809b466d01cfcd8fb89ef9fd93fedd4e8b2f444ddcf9c5bd60b7949a6f67c574fdca0f45863f39f66c61f8142fe0fcf955f8b30a4622d570f867ac157b30aa16c1b0f470a542d79bd9f2eb96d0ff2794ce892189b2c4c3afb3e1aa42a35608af97855af73007878feda20f9d71c8b00f7fb05ac7fe6c87c0f4fd9286edf87df5b21b723bd5022e29af", "8a932aabf5b9c8976d84e10cee96809ca09d3abb865579428e952b54c711b98924ba3510cdac0f3ba3d93ff7971df3519bd24d21e17ec383bc115a62cacfcaf8c7ab0b7189f018bb57d8443e28f804adbc6be604cbf4c3fc98e408dd429928a8148dfeecfdee65ecd7a575e44ea4b1feb493afad2ed69cc3f27130d3c8ca5655c649903c67ed01d127acc30add46a2ac2c3df372f9d889bb2715b2ea6b430a3c05f2b1194d417d112b2299bf9be7b9fc2a6ac045aa5d8ce9d40e7f1c30663b09cf01806483c20b77237d81d53d54014d8a7927500e7b16b47d735da14e009dcf8f10a45435c9bf3242076df90203da3ab9901fd6409813f8b89762cdb6b004e622685aeadabfb3b3f79fc45aa52cae7cc289b9bac3be37d7570c9d36080a36b30b6045a623929dc4a844235e33579dee59dd80583b18ebae18905351b4609d1f33436c22bb77776eab68db64434c02875dce33dde910eddcf2e57a57b06d9638437a3bea6e373a9e821d1918faf3e37ef2ed0c5d054fef9d28dfee96ff03a7567ab579a25180b8416d219fcd7bc260c96e91602f641cccb106e4ead83d786ac1fd4067b3e0053e25509a6d7d8118496660be0636b4f23173b174c14d727ab42b9bd4ac0a8781f2ae1a0d18ffd3c4f8c05a3be200ffc9300d47f10c39733751944b67c8b28052c8f3ae4230be58e29b0c365485a11f440e46727bfdd95afa17091bb58a74cff3a2591a8e075a3562c68016cc7e1c9bce3058f6cf3b9e4d91c27e7be91d8843e447ea9b1bbb5018b24dda0a130fdc2b7e89cecb2fd4100143f40fb70aedff0895dfe91ba050474f47e68a17b0381e3d2eb24d71da928be9e0258c1b88792897b2a85b60d4f169ed300a37d67d36c23fe879c833ae72e02ab37c083928fdd909158a927668d686b3f3554228c7d65a2015037553c884699d46ba28747a03ea207cd8238a4b2313d14126272de44432a7a402d60a5977af16a9c15ef35eaa042419df0818275910f2247968be4b82dae02444e41f4be0e0c9291abf09ea774aed019b57b90afce98016e37ed13fdac18b090ef008612d9c01621fa0ffe86ed3e39d5539680b3b99c013f74274dbfb35d25bdd77689aaa38c1706b9581963101dea74653d577a579f24edf4cf8a23a2c035a99c55df9bc0951b581dcebae6844a5eab0ccd53929d714db7daea0d6e02d971b8e98807e6d06f8542d09f2729b13def0e1aaec353437b7975ce716d4423de7cf890067fe0afa7324e416971c235a54ddad220d560ca537c7a2d6e5b98039f1f5c4a223c9b98be65012888595e992d19883afde2f2dc8b69fcd18f6a857ecfb0e59ca0804a2d380687a6aa268ceb369e24285f3237172a2fa28b34cffbcb05313b707e707bd5914997af31d37edd45b9965b206be185ca32af388516a1adb67b9b2a23ca3e33962ebd8e1be39f2bbc7c92f5f8a76deafb54bc9805e051e22c5141007ae2a58ad13753f921620e583b6c509f88480997efcba30c6d1649731cb0eb48d45e1b119b044e32ab4c054ba7ecc4d48088eb715ececc1b83171508888b4302248d31384d12be599642a4baf213a75a82688d9a369bed444d5718e36e10e49d77a28d482c97a16d8d1345c86212eb9241b224e22acc0feee2aa6f84fd8deab7951e1670ee92bd659e0d2b988ced1dee042731109d2ccdb2a39beb427c084e5f48970ba16a8db2ce8a070d1ef9ea369b99efa6e90048b9f51e8d82b0e9ce3ab763365039b251f0261dc49d9c6c5dda62d6fbe8d704c6adca3bbf4920ee95e0eb97a8b28b5a25e52670354543b583fdd3dee5fb6b57b891205c6036b9a5fc99f39b80226f55976a9bcdf090a423ca41d282e073a4bd18cddfddd99fac6a7fba92943656162a7177939b148ae853267666d9841cb313094c3b56a8f82e0c38dbc56a9352ab9780b8dc1a09f443325deed992e836cd498c96e59745f5f1d0bfeb2dd43d1c09a13d45455db06726dde28621e4f1fa1c7d1a8c60e7a0b6060e0bbf3161dd82c9fd72e9dea9c93eb9e3a89aa80b27ab87be967d9762fc00050a45d6a5f5eb07a0a5d00d5cd9cd4d19218a22ed22abea872ad05c243bde3adb8be28a4d0b7a9f5e1b4e8a2366d0c327feb4905b8cc400b3b63c7f5e81a5c83cbbb8980c9f7294973c15ff26238a58764a66c0eece8a753df557076490f5a415049b109e6419033371df6f3b46e94b6d57da14e935d2a74c9ef812af5bc9bb95d56f3ac052feb604fe44c80fb35cb6d565f0dadb0e85cc1058d9aa0cba3cb24153fe509a2117c7a2e1c087681ee5c4a49a9f3ec46cd88e4e004418becc6bfc2094836e59bc386318049d75b84795ae216e215f6365edc4fbd54449b25b972383e7c92b5a7000038520bb4d37bcfcfc5df2c2e04fca5d5ed188c99e6ce5bec1b74526bacf353c5ff8aa6ce003ea17a70218b1a0590e73753e4c83144ab3f2a0bb3a1617aa9fafe4071ecc4de93771a69cfe6774cbff306cca1a2b3d7ccdd665b0a5d96c2569a334ef4663a21d6bbd3e5519c996ac33d09331c409c892b21eccc47e88c61975da3bdfcba825917b9e04ae0f4b36ba8e1b02138c3bc47db8c99a353b8281782f961c69ae9f2e2063f95617f3bfd211cc3bc5cadb9c1ef3bf0c8da56b46dc6283b11126463df02a31ff8067c541c22f702c831f6b72f0d3c845af7a913492ca448f37e3e56aefe6bf5d102ffae655e14a2fed2030d27d5391e74208a118c3e3a9bc03ff7d4ce7d4c6d68f86aa5e2004ee9cc3268e6ce6a3d0a51af896ce884ae31cf8e66241a5a876e9f2041523f04da76c09a97531527759d01987b203df74962a8d267b91c871fb2b297e9db0380c9c89cc5121ab2d2589fd77a498bda8e6a971fa6a3d03f9d735fc8049694081775d152af385c40b15096bb248aae06f9c873b813901d156a25fff37fe5ea175e8b5605156b027dc516fb6699080898832352d691d62165f2b5e8bf198e9cbde1e4c2059c2962dfdafd63c2601c09bcc719460d301d0cac2328e0772c81c3c35aafd08ff068d5da2812fe6149502e5e02648835004eecaae37cd03b2f744b62dd8acebdbc6dbf81a4ba06af2f59f35a6a8eff024db64f8d230b058bca7f97bf3d27975dc5cc9274992117917e3750af8512ca64fa4f705d50599a559a597c582f513616af92a7b006214731a9687738dbc761a741e36eaf9aa1cf80177a9117745526b26526ab54414192eaf0137c91ab81ca01efd1c7ee2ea12864b6a7788fd6333f8537333db70df9607a3c570140fb6a3ad0dd56065c7f52cb07ddb0a4b497e100c79cdbc162c1a9500ba6204764c0598a97770130e0113d3164357f7f5558762a1e78348af831d01b44c977255f147b1811fa036483b596d14814fdb6737f0523792a70b996d74415adbf140d245bb8528e8babeb2ef1e1f348413d039907e314a96dc30a33867015748ee79d62e4d7eb9557a55fa287e350682f6b5615772e4b5caf07783fc914d3e0e27fed5ee77938a9c228ac9418b81a1e0ed25373a687dafc5ab17e7e99d5b392ffaea2a9fc7845b4540641a61bfcf3493058cdd64c7dc633aa4e0b44e9b815ef0b2907d052101566aa3af429a0afa98a5595f67de0944dfd69d6a0312c39f3d8ee2290fd3d0803ceeb5b4d983f7b9980bc8f96061b722bd468306b2ed11c546383feee9bfefa89d22e56f84982735be8f48224c82e89f650a992b40339b014abaec05a0ebff096d0c24873286c919820da5e7f3cd4e5cec749564415d34c52f6d3c304b03cf3bd3609478623bcd7379492a92b6cb0b1bd68f98d28b145ed488c504ad687bd59baa6808f29fde86f2f2f032ba47e47a7dc88bfb9853aa0eba6b18439271e2fbd3b7c79bcb39b67a98bff61a642480eb70829129703d4a71619636f3c3156d72fbddb4b465c62fb6a10e2074a107f34cb3501221487e56121ac22a324b238654c8014eafadc2f4fef44e06fa3e844f7e96ddb333caf8e4bb74127c2a5447b8fabf8484cda33f08ac78e8e316b7abf4e731fb361930c53ba86ac43e833c871ce7c1a6cb8d6e005d0a19d6cde141562f124adeff9daaa3a8a145e4bfc7014cf49f88ae5217080e2a56115ca5326503142ff75cd0300ff8121cc0cd577dc9f7ba70fb6ab1d4fb3c3689f532fa677789c913cbb5a12cbaa47cd0ce2deb5da0decc63b4834692a6e39ee76517e0cd09f2efee77732da0a875bce04b3f9a6288bb9f960b8d78b233d3ad07134bbaf3baca723523665ec33528be07d574a136fcb9d00614594d4fdc5f5b69a5e5ba072d6383aecd92b9f5579e3d311de9fcaa4adf5561f618ca781b60fc9b189db8df9392966b1a9301b6239a54322cf275f5d02cfbd30922f04dfd1c74665d64ffa1518eb036aa752f9cb59ccc53e598d3cd4147737942874baa23a2750add0dd9bb50a15ef94b0c5bac41bcabde591a995e5e46772078a572aee034ae9349fb3e1f2eef46497f6f3bbc1a1ad1b983904ede3238d3a45cd612951983efcba4cc8640ee2baedd2e41edc887e84e0bc02d62d941376961a0fe9b00b142cbb29f5d660d9a23c75bc8bf2c61d2da7ea0221003e67df5e1e94b73a7a4e32f3ec67248d572665609fc727012dd03910862268077fb3ebe99be08840ad72570e621711e9f43fdb7b4fbec93f22fcae0ae2ff27afa576fa9392f59359bac85362520340e1cb6f23f49c33a720462cbb56fb70630e14b51768e7a12d22eccffea14fce2130cda1a51087c659a5c607b478de60c8458c2c6cf01ac045f299562e5437d62160d84d5348436c964a8842879b49fcd073024eee6f6270a89abf97f36ab902c5004c7d2adb50e0e3bd93d97c4e022a5c6159266e7d9f5ddf43ceeeb22c74aa266b6f67a272015af92ef535a453c5a9fe35fc2d80b037083e9cf5bc8d4e257e29e1ea43f7059b430a09c35b459f401974f14775a9eb34ffa2ad624700d20800cd74278e98215e9462bb3a7acf53bff83c9c69f6a10c6f55734551e193a2b0d9510e7ef8507d26563b9b0c57ba241b44f5c7c3012ba2b798f2326990369c80347d338044a5f87b0a276d634124216705fde60a57281c54550b334483678bc82f2b124ac15c3abb1e0719553f5ade1ea619359f983fa671cc5a2ea28cfc6b133dbb69b86364a7ddf4ebe448133a02661676eb058543aa68a4f93ecc3f52504dd2d85d6d3c7854210ba0c3fdf93c368c8929255e4f4de80ce30fe79d64a1c3b3d87a5777711171e847b0d80e28bb776acd37633f84dfda0629ceb3d02f5cf400958799eb06427045e7cdf96111864b34b627bec6ceab6a0c269b34f7c7a52ed3e0cc56e335690d822bf35d6f04f41b6a4204ba584b1cd3672bf58b0cd3b9cc0e0cc1a1aa4cb18fdf53744fcdcf65735eb2"}) ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f0000003200)={{r1, 0x18, 0x8, 0xfe6, 0x200, 0x48, 0x8001, 0x0, 0x3, 0x0, 0x3, 0x4, 0x2, 0x5}}) (async) r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000004240), 0xffffffffffffffff) (async) getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000004280)=0x0, &(0x7f00000042c0)=0x4) sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(0xffffffffffffffff, &(0x7f0000004440)={&(0x7f0000004200)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000004400)={&(0x7f0000004300)={0xc4, r2, 0x4, 0x70bd25, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_ADDR_REMOTE={0x44, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r3}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x16}}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @loopback}]}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x34, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x4}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x3}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6}]}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x4}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x4}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @loopback}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x2}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0xf5}]}, 0xc4}, 0x1, 0x0, 0x0, 0x40}, 0x0) r4 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) (async) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto(&(0x7f00000044c0)='*{$,:\b\x00', 0xffffffffffffffff) sendmsg$autorun(r5, &(0x7f00000045c0)=@policy21={&(0x7f0000004480)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000004580)={&(0x7f0000004500)={0x7c, r6, 0x4, 0x70bd28, 0x25dfdbfe, {0xf}, [@IFLA_BRIDGE_CFM_MEP_DELETE_INSTANCE={0x8, 0x1, 0xc}, @IFLA_BRIDGE_CFM_MEP_DELETE_UNSPEC={0x60, 0x0, "693fe309c4773395f33d35c740db419647a81778c92e77c55f2d97af81b17f85cd8a08c9761f15c389d9b7df5ad78093af37c980d387b8988ec49b501a3a7cea08999c36fdf4ecf701d4c447fb142a1a1ea62614fda62cc4109b42d0"}]}, 0x7c}, 0x1, 0x0, 0x0, 0x800}, 0x20008040) (async) r7 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000004600)='tasks\x00', 0x2, 0x0) (async) ioctl$sock_FIOGETOWN(r5, 0x8903, &(0x7f0000004640)=0x0) write$cgroup_pid(r7, &(0x7f0000004680)=r8, 0x12) (async) unshare(0x8000800) (async) write$cgroup_pid(r7, &(0x7f00000046c0)=r8, 0x12) ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8914, &(0x7f0000004700)={'bond_slave_1\x00', 0x400}) r9 = accept(r5, &(0x7f0000004740)=@pptp={0x18, 0x2, {0x0, @multicast2}}, &(0x7f00000047c0)=0x80) sendto$rose(r9, &(0x7f0000004800)="c58a60df27b16ec4c01fd2f645890107d25c0fd31c468c8145c92d9569c85ab640fc6abf23e6dc0e447b20598fb6836ce619235e871d6830c6d2702f5b469fd90a", 0x41, 0x2004c8c4, &(0x7f0000004880)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x5, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @null, @bcast]}, 0x40) r10 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_SET(r10, &(0x7f0000004980)={&(0x7f00000048c0)={0x10, 0x0, 0x0, 0x10100a00}, 0xc, &(0x7f0000004940)={&(0x7f0000004900)={0x3c, 0x3e9, 0x800, 0x70bd27, 0x25dfdbfe, {0x0, 0x1, 0x2, r8, 0x3, 0x7, 0xfffffffd, 0x2, 0x0, 0x9e, 0x9}, ["", "", "", "", "", ""]}, 0x3c}, 0x1, 0x0, 0x0, 0x20008800}, 0x10) (async) r11 = socket$xdp(0x2c, 0x3, 0x0) bind$xdp(r11, &(0x7f00000049c0)={0x2c, 0x1, r3, 0x28}, 0x10) r12 = syz_init_net_socket$ax25(0x3, 0x5, 0x8) setsockopt$ax25_SO_BINDTODEVICE(r12, 0x101, 0x19, &(0x7f0000004a00)=@bpq0, 0x10) 1.962492536s ago: executing program 0 (id=2121): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000007c0)) socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) socket$netlink(0x10, 0x3, 0x0) socket$inet6(0xa, 0x2, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298900000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24490a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1fcff7a1ef3282837771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969cc1595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d400000000000004011c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0890700eef552fcde2981f48c482bde8a168c3f5db2eaa6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000100000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed90868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c83ae45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422636f949e2ab8f162d7e3f855e378f4a1f40bc96fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df775e411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8605000000000000003fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373eaea36546791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf00000000f3ffffffffffff12a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca0000000000000000000090044ed83fec890f693d54e1c0adf7b3fe6cfcf3b9873cecd116826f1be38a8d61d866516197c199d5a3721a378de95d5c25b3887a271db57518e630dd132a518a3b2490b3a9ac177d286502aa73eb67275de3523ce65e50b67a3820faaab5e7b22850c8265b44085a0d2d3c734712591007e15d7f0b2cd7eb796e8f4318d2eb8343c5176056000000000000000000000007444a9a2b71016c9cf336078fa3fcfbdf4dcfc2f5acc09ad13dda373957ab7ed731565049f1d18bcba118079dc5307fa972f19cdf463cbf159985aeb0d92fceb4d62956f6de3f2a416a74"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) pipe(&(0x7f0000000680)) socketpair$unix(0x1, 0x5, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x61, 0x11, 0x4}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x20) bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r1, &(0x7f0000000000), &(0x7f0000001240)=""/53}, 0x20) 1.787344643s ago: executing program 0 (id=2122): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @empty}, 0x1c) shutdown(r0, 0x1) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000040)=0x1, 0x4) r1 = socket$inet6(0xa, 0x6, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x6, 0x4) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x33, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6}]}, 0x10) close(r1) sendto$inet6(r0, &(0x7f0000000200)="aebf", 0x2, 0x20004002, &(0x7f0000b63fe4)={0xa, 0x2, 0x80000000}, 0x1c) 1.53675666s ago: executing program 1 (id=2123): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r1) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="440000fc", @ANYRES16=r2, @ANYBLOB="410000000000000001000603000014000300060a0004090300f006e8ffffffffffff07000700263a0909140002"], 0x44}, 0x1, 0x1000000}, 0x0) 1.532130936s ago: executing program 4 (id=2124): r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket(0x10, 0x803, 0x0) sendmsg$L2TP_CMD_SESSION_DELETE(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=@newlink={0x44, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0xc5594286d776c8c5}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_LINK={0x8, 0x1, r2}, @IFLA_GRE_OFLAGS={0x6, 0x3, 0xbd}]}}}]}, 0x44}}, 0x0) sendto$packet(r0, &(0x7f0000000340)="c4a91cbf14022ed0209abbaffb7f", 0xe, 0x0, &(0x7f0000000100)={0x11, 0xf00, r2, 0x1, 0x0, 0x6, @link_local}, 0x14) 1.522628928s ago: executing program 2 (id=2125): r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000240)={0x1080}, 0x10) sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000680)=ANY=[@ANYBLOB="240000001200211700000000000000f706000000", @ANYRES32=0x0, @ANYBLOB="000000000000000004002b"], 0x24}}, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x1, 0x178, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="000000000000f8ffffff000000000000000000000000000000000000000000000000000000000000feffffff00000000000000000000000000000000000000f00c0000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f767469300000000c0000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000182c20000000000000000000000b8000000b8000000e80000006970000000000000000000000000000000000000000000a823c565625b8d720020000000000000007f0000e1ab141400000000000000000041554449540000bcb92dfff07fca000000466ef58f5dc8438b000000000000000800"/376]}, 0x1f0) socket$inet_tcp(0x2, 0x1, 0x0) (async) socket$nl_route(0x10, 0x3, 0x0) (async) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000240)={0x1080}, 0x10) (async) sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000680)=ANY=[@ANYBLOB="240000001200211700000000000000f706000000", @ANYRES32=0x0, @ANYBLOB="000000000000000004002b"], 0x24}}, 0x0) (async) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x1, 0x178, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="000000000000f8ffffff000000000000000000000000000000000000000000000000000000000000feffffff00000000000000000000000000000000000000f00c0000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f767469300000000c0000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000182c20000000000000000000000b8000000b8000000e80000006970000000000000000000000000000000000000000000a823c565625b8d720020000000000000007f0000e1ab141400000000000000000041554449540000bcb92dfff07fca000000466ef58f5dc8438b000000000000000800"/376]}, 0x1f0) (async) 1.376507871s ago: executing program 2 (id=2126): bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="b4050000020100007110770000000000460000000000000095000000004a000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd96, &(0x7f0000000080)=""/201, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffd56, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) 1.335760897s ago: executing program 4 (id=2127): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x4e20, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}, &(0x7f0000000180)=0x10) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x25, &(0x7f0000000000)={0x0, @in6={{0xa, 0x4e20, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x1}}}, 0x90) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)=@nat={'nat\x00', 0x670, 0x5, 0x338, 0x1f8, 0x1f8, 0xfeffffff, 0xb8, 0x0, 0x2a0, 0x2a0, 0xffffffff, 0x2a0, 0x2a0, 0x5, 0x0, {[{{@ip={@broadcast, @remote, 0xff, 0x0, 'geneve1\x00', 'geneve0\x00'}, 0x0, 0x70, 0xb8}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@empty, 'pimreg\x00'}}}, {{@uncond, 0x0, 0x70, 0x98, 0x0, {0x0, 0x7}}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xb8}}, {{@uncond, 0x0, 0x70, 0xa8}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x2200, {0x0, @local, @local, @gre_key, @icmp_id}}}}, {{@ip={@private, @dev, 0x0, 0x0, 'veth1_virt_wifi\x00', 'pim6reg0\x00', {}, {}, 0x0, 0x0, 0x60}, 0x0, 0x70, 0xa8}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x0, @local, @loopback, @port, @gre_key}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x398) 1.299129795s ago: executing program 0 (id=2128): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000440)={0x1f, 0x3, 0x3}, 0x6) write(r1, &(0x7f0000000040)="09000000010001", 0x7) r2 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r2, &(0x7f0000000100)=@name={0x1e, 0x2, 0x3, {{0x42}}}, 0x10) bind$tipc(r2, &(0x7f00000000c0)=@name={0x1e, 0x2, 0x9d3354bba4295a8d, {{0x41}}}, 0x10) recvmsg(r2, &(0x7f0000000400)={&(0x7f0000000180)=@pptp={0x18, 0x2, {0x0, @empty}}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000200)=""/204, 0xcc}, {&(0x7f0000000000)=""/22, 0x16}, {&(0x7f0000000700)=""/230, 0xe6}, {&(0x7f0000000300)=""/122, 0x7a}], 0x4}, 0x41) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000280)={0x1a, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x5, 0x0, @void, @value, @void, @value}, 0x48) connect$tipc(r2, &(0x7f00000003c0)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0xcf36, 0x3}}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000580)={0x44, 0x1, 0x1, 0x101, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @loopback}, {0x8, 0x2, @private}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}]}, @CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0xd}]}]}, 0x44}}, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000380)={'bond0\x00', 0x0}) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x401, 0xc47, 0x0, {0x0, 0x0, 0x0, r5, 0x20000}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_AD_SELECT={0x5, 0x16, 0x7}]}}}]}, 0x3c}}, 0x0) 1.235582841s ago: executing program 1 (id=2129): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB='8\x00\x00\x00U\x00/'], 0x38}, 0x1, 0x88a8ffffffffffff}, 0x0) 1.145259587s ago: executing program 2 (id=2130): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @private=0xa010102}}, 0x1c) r1 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x78000000, &(0x7f0000000140)={r2, 0x1, 0xdbf3}, 0x10) 845.028554ms ago: executing program 1 (id=2131): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) (async) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) setsockopt$sock_timeval(r1, 0x1, 0x15, &(0x7f0000000180)={0x0, 0xea60}, 0x10) gettid() (async) r2 = gettid() pipe(&(0x7f0000000340)) (async) pipe(&(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000005c0)={r2, r3, 0x0, 0x0, 0x0}, 0x30) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) (async) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0, 0x0}, &(0x7f0000000080)=0xc) sendmsg$netlink(r5, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000000c0)={0x24, 0x2c, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @uid=r8}, @nested={0xb, 0x0, 0x0, 0x1, [@generic="976b6408686030"]}]}, 0x24}], 0x1}, 0x0) getgid() sendmmsg$unix(r1, &(0x7f0000001800)=[{{&(0x7f0000000080)=@abs={0x0, 0x0, 0x4e1f}, 0x6e, &(0x7f00000014c0)=[{&(0x7f0000001880)="15945806d1c489ee1b8a914d89ba41b7e581472bc1ea43461b58a6d0285b9fb5e7e75026bb344269acd4eb24728ef377a897b385e4e521c21869be6390131ea99318a1b1dcbecab2897024cb859f2d4d2f8791ad6ceea5e5cb07de6b14649a49bdef68c4c112626bcc8a984dc00df56e57c09127eeee2ed4a11cc75f9358b0bf7d091c78f04907a2c9d3aa379565f6ba4110e468dd06a250bec726c67ad3afcaa351838b1a64b2200986e1eba10caa55e5665400"/199, 0xc7}, {&(0x7f00000001c0)="ff18d7564810f2050d4a6353ee6876308dd68919c294e1d030a2", 0x1a}, {&(0x7f0000000240)="52888b7f9d34461da4f444aaa7082f81e668fc16f4cf28999b8642fa05c97be44416ac5541645c1f665f7c5f1b49212aecd3a8dee25581c72cb330ea9b5b898fe3f496a40fb5ec9a6807b9b08dff3033f9f071d63af592fcdb83cf63a217013d1b4b52051a342f32ee3f54b6d3f8e173a44b6ca87b2ec87ec5bddc5ba10af994dc42272581ee03005c923b4ee69350dc14ca11d225e426f9c13cdd76a92132376d8d1047763ad0ad867c5581f822db4e515d0ccb6655e22d44158e9d8011dea9c5c7d5a936195363051a6cfc0d382a7de1b7c7", 0xd3}, {&(0x7f0000000340)="ac313609b852d3c2e69819d5239361fa8fb0451c4b091a1c75e3f7a8d1bb2cb1d506793fd7de2e6ef478a96b3545a76ac4b652ef9ae828f638ea7743b256b64bc846c0c061ff49028a7451933a1af25777585a2d08e7042d1c9c7ebd75a3be0a47c38cf8edd8f0ddf538a47a89b6a67c27aae32ec41ab996bee6f2a1bcb92b78bc636fdb23701d27aacc8a2e40186892086c6a02df2045b7e21fd7012108f2d3cf63947fbbeacda7ba6631960ec5e7005367ec43a2fff07dbd985372c2465fc71043bc5ca73ccd48211f4eda78c17499442f5dac5801531c2bdc35bdab789435291d4c63d9cd280b01843be85d65d515bc374daf56e5de17b55059b8c2c9b41226843b55ec8f310b1be7028a52cd5afc15f5bf002ccfa4e9563f9feb9aad827d8420feced78dc000aebd0eb8931401470a7cd6a19b77941555459e65a078ae543fafdbc47d8e60d08eeb705c28d319ceb486aa51d47fa8b7a2412dd5a67a1324a72e9a03c02088b50a388999bc8e7a155257b59106373b44cb5eafd4075f3fbf3ebb8cb35e672f926a116e7d215aed72956058b485ca794da99034864535e7912ba3f3adfde4e9c19b27368357626c4ff335c211ded734efd1a63ad975f11a69c8801a1d2d3d5a7a0da18dea16d1fb4c62784a750d353bfd7c1b0fc0b0b3b7069620b32d0ffa195559462787c2c5adc367185ca01aadc60a7fa5d0a890d9939e9382f5290bf7f0d7ac919381de43b7b813831776a4d32282e830b1135d78b181f6d6319c77d6f1d621c4ccb03210e7522a0b9c5450d0af9c4eff1a1b84f969e3744e91653f1b8872bf1b0c740ed69102b745ca47c18bc68b4e6fa238b1d388c6ffea8f62a3a8418f50bc1750680874a2d5ec4be60cdb3cfe9901e05a54e840501bcc978d7034a530bc75c9e41aafca037690ab279b875e677de25520d4d8a6b5b95621b9b3cfcd04c1fa236fa1378c5fe985d1fb940112065d1ae4ab27166cb3127f2eb0e9cfb429287520c38f1b6d4214abaedf37e6d41961ff4349a34249b8afd1546de62b5de6c9064a50d91945bf730122924d55b1fb743048498fb5997c27fc98188ae8548071b03cde6d78d9e7057fc59729fb75ad70ff0355c83d0bc7fccfe0beb3711c44a1370a29d5d111f6b05382899ecbf31cb256817829c7461170766f762178dcb0218ae878805a0e261ac2fde84b1d333dc319d4cf3dc3e9b886f39ab6d6f396e27250f9f5060cd09dbbbfebbc31489198ceefa7b1fdeb85f9c2d4ba2373cddbebbba8ba736e55304accf26d3204044afb765bda695dc90309b3525529b5fc57ec53ee3e7df4eea65a3b63a7f6395c867046eed0cae9b45c338d8489921c1db71d3ee6b3a139a12bbf0bc81135e824138087d74a2823cfdbabfea15e0d4766793e2bcf7d64a490b4de180885da3860780676fe8d8f86c1ab716367ae1f7736164d22aab49fabfb048cb2e90d77efbed72527ab8ab1cf88e2a167209df2d58376824ffde91926c3896d404645edf3ef6e985fb0f7bbdc8cd8a71663809284b7204d62dadd443dd68aae2acd178924e8825b56f132785113f8a2a810ec08e03bf5dfcf569ab212f47cfd3b9e693e8af9757f122364566db78dc673ec5c6293231fb35c9ba0d9c2e43eb0045f290bf3236a29ebd6c33f6dd838a4995e57ac4e8c76091782d0e940eeccbb4e7d9916b47c87a65cf526f0517cb4a645cbc64b9e7becd72c5d3f38d25e573220d96b966d581c501f1f41078a7af1468ba355816a8e55d0f551bc64d7edd3513ca9c8fa94a5cef62180f0523c4a466d353ac139a905643a019a6d2ec7122095f7346343218a3d74680756dbb618af170ce19af646a4e8009a476f1acc3dcaf64d16ffd4d9a99dd78292478d5b707b393f94b42b1851d5389ea901d1d5224c4ca838f6cde736b3957eab236cf9d753b1aac2e5a1727869f30b92d0a0f12bfbfd216ea7150456e965dfd2ab62f01ebc78cc1c5c1dafa73d16b61d4d39287fae3e1af676fa2d863fd209de13c9a108f6ae2774d64b83d0d38bb4d34e43997bfe53679647a2c982ca3922eb510dad2aa653aee834700a4b5ff9f656eb2cfc221a6f663088f8943013bac7d30e3c2458571907dafcde634844d7f8d993af5cbac4be38f9d65985b48acb2ccfbb192edbf687a391d27ef6ec9121e45ffee441e3a582d1dc30fb953076aa29d16457e22446ae1980c77f61d8a77b5b1ba8907de1d8bbdf1d16821b5a246fd7e56f92e9a7e9c897ab24473b53e8c8a700f6eb1e104f9441c56fed8b91574b362c3987928093afb357586e04fe84d640324bcf67fe64059bb839d560499e909f9643a028d3cd621dbe617c987bd83863c9ecd1267a8cfdbe1209500c1e3f9dc7add92ac60027c4a29b88fbb24dd3a2ace622519f2cb6217b3efefa33062b297ce74ba057911da763539f27ddbf619a90bd9e64022927e2f11827bf6a7fca711d5aac59e48ae98e5bc2921b1bb3e36f5667add12162095c7930e6f002ce722faebc190088955f5d1c8fa524e6fcbea14efdb9fb07fa9645053da886fb7e92ed170b4f4f61f58aea4e9728ce768107a208680a37b539566688841734d87d29c79b9c23320a6f27645e349e8110712b19c1934a4780bcf9257260a5b9ec094a094997533336647e84cf03fe18f3f0cc59e6a45a009ab3168be4179a7af94172eddd960e01e7171570e736af8079484a38d80fb010ddf3ca1a791d933a2636535acaaa564841a2b4cc92733d22a1e257de46c87faf4c124ccffd9969703166e3514dd0531c28f3dd61e361e070729cfa37bc4d873dcb528f3f150b68a47dc725416c3b208e82bfa1f4fe4d35d766a795808f6a94d5d892c90384d1bdbfa25b85ec4d69304ed9181030d04f7b69c0d5592702fcffb27c86e9c6f463326fa7b136e18c9f0a6626ae4d442e3aaeb3d15a78894302374c717c64f01ad68fbcff893cce7617a52f900c535d4185637b7d1d5522a12e4c80ecce2d605d358d24369b3d58e97cad782276449db744df9ca57e2a2e68477c9416dbe74f60fffe9448699bf52b4afb3d24e0622f0cac97fc52a1bdcd0885268ce2c0d2f48dfeb9cbdb9db8211e48a299b7c6bc62c59d64ce8e0efefa5bc19674589036f6910160c9b4f92e8e0a804f1130e0c2002756076e6eb63c2384999fbb1a8cf9791a1d3640ba102d9ace00edb01098b5acfe7688012056ff880a590d46090fbd6006089e42f5a6445c2e69955ad5ff576b9e0dcd6f0d75fd32d370bad07a8f398c6fce49af6fecffd60e4e9d57449a2e4c19948b102e094bc69e2b030d8f4d913f5c55f918329ccc96e3f05c1cd75a0ac0b2adf1ab70e2f8933623e8c6919968cd8e27756549f04c03deba2fd4154c2c4af0025a7420f43c8b55a278b473b8bc49da60cbda1b386c423ab897dd89a1c535e789ce7516500ba35e3682b1767b47eab423e0707a7c68596a2cb731fb0a2431282c7fca3d07b679b5688f2256b0ec2ec26b5750d7d8184892aef4ccd9d61505f9901a54ba805314326581e9c5466ca717c2d001b0e1a319b9939a87d22ffce0b0c99eb088044905a97e10cba3dab32fca92b1ae3773b1ca3361a14ee8bddb50d4442b3f244c858b24ad18e26d21cf5504087dffd6f1c74b02268ce3c358f11ced4f3ebc4c6a24bc23968b68aad3da4458823809d7534ab801beb986cd3141908c922c60bfc71c5b0178c634aea05e8f926f6d9306f5ce46fc6672c1dea2ca391c0991363ba2174f00de6cac5bfe1221ae2372012557d5c92b60099e63c1fdea8388139c3493c1b04571050859ee91e00b7746cdfe531e81ba036512becad9896f189e5e8dcf9e0988b6aca4ff296b8166b650b5657a60a0f662e1b2989a4da372a108fdcf0207818f0e420ba7c0267505f82562bd55767e5f2ea2a6ca28757853afbe23a26dafac9ee0207c47a5238ade69957a4d4026674d4b18c8915f3c78cd2e603fbd366e0c8bc9d5fadf1fb36d51340de03852db900b74bf48c33022f6ac0c76ecb512144ce4a2e2a66fbcd20b3a248ff8cc7904f2bc10469c015f80d9bbe083585fd7dc55110e05c2968a9147982bd4220704244ac496d29b33060bfd9c5fdf7b090428a2b6b736ec51172e3a0766b801233b78269d9d36b046894b2bb53a33a00a711d73f42e6e99ebf400593f7ca145390129a5a1a18ddc6364ae448dfd22b6aff7e654a5a2c9f6ac279767b1e57de84edad27dc3b78ac2f02c745b84c02a71a9a105b5436e17546a55e428033d7c23353b44413926eccbac6df50dffd36e3bb3c9f9d4b4e1df192112132a9b342038a00ac719d956111c876cd64cb75e33d28104badbd0dd6e6f787d8effe4247f3817d57e00ba8095aed0f424adfe6c88c8618b670df58c5e848e2fd73ab87d0e26cd592bcee07f29b4d56c9c82d4d9d418fc167ead71ccdbea77b48e4a6b6c8fbacc10a10fb6b35ded8072da658bc46af96f8c9049f8dd783fbd025c10051a5eb56cd14f2ac9429af94542341c894522046b48f79bbc2905e08421cda4aeed430bf454291f32aeb53bca2d848dec6cdd610d555d2a1d67d53c7cc2f340b4fb9128ac7e3ee3bb1764a8987760b471421bb98a6629d35c3063e5c1024d237ef6c24fc87f6a30164c0c7b15673f67b117dab1b6f7eb89b23e2f45b93e4d018445a06c8fd24bb3d81af49de3fb9c83423a93ad083f144fcf85fa1146f2ed3d020813984ce1a4b03eb18f070ac62100a1ec214e3b1e560e0ffd8c3d6ff66a29a623cf461dd70ac63c973229ac04a72be977a0b0947c06caaf00fc715af9f77bec6a532159227eccf989946d4ab32d5b78ccac4cf13a1d2dd88bad3d0c33df2c9a99a5a34c4a1c9bbeb7253b70dff9081d7c0714c8801e34ccabe809b6174d6f40193eef7e6f3bb4ac03c5073f04fa88853146a2e2d1a93b2e37714cc55c751db8c08ee46532a021c0f002084388bf90a094769b2cd421f49af104b5c0c7b1671b2a443ff5038cc77092e1aa6f0d2e025db297ccc1e6f35f5f84e5f86f16c17fe4525c13b2e09d8d2a401a93aa6883dbfea6fc50647527f056a210a0c47b634d68c022e288dbbcd8065a48eb3eba4e71fd2d7abd3a5297e71f5605f95ceeef253e1d0f578a7f5f9034fbc839ab64036afd145f820f17acbfa81bb0543bc02f436009af40bb5b95df20c01c83dd3045aed91f3cd52514fe4ea967f80debd8b31180f804c4216f3bd7ae6e3a7e3231e0dd982361062fb35812281c3cb46a481ab2852ba2d46ef44efeb3f660be76529a224814313a05fd1dac8087ed3cbcce4e65f514ec12b384e05fee8c25f1bea0c201e223bafe70f57b98ff3930c00b9f98c5abfe49e26c7cffea3734eb49f8f4e33aad3d2faf87ec9f49f0767265cb3db1dcf0a0bd8b21ea06250d15bfb025f3a3adebc1b46a690f0bbbf4007c97559da937d68fcfa8cfa259e207ba4aa9172530d4908479ad48b1ae18086a4009ee8bdecd68c07d423ca483ad332bd11b619b55a13c18cec64f760912cf64418277f86588b09e81ee545aca85d99cb99450d743717ef3b7b87fcfaa65651bd26275cb6e48b7ecb889b7cac43dff386e02d40cd954fda14640e3787d4bd43aaca9759d5b860168697fdd397a94a95b45e8b91273032926dc365174befefeaf68bab86dcd868c9c358b5d83c9173615f538f0e92ac731a160dd4dd0b2b9eb9cca32249ecd5c9a87c607488d91394f2475a0a004a8b641b21312628ab0cb95203ea16146632354eb2cad1fc2a04b4cb67db26ac5c637", 0x1000}, {&(0x7f0000001340)="a05cca25355d7e62850c9a115c6e7aa6199c0931ccabf709c01f152e49cb4c2bfb7df097f3d40b700a71c88c4bfed4c36eb1d5791eabe914af171d8e3b7fff8c3e292f", 0x43}, {&(0x7f00000013c0)}, {&(0x7f0000001400)="31231a3af4992c80a6ec033452e9f7ebebfad4642eacefe5647b4a2127e93c7e10b325ab31a1d540933ca7b0c0ad06101dc43d6c7531aaf2dc4eb2e3930432cbf1", 0x41}, {&(0x7f0000001480)}], 0x8, &(0x7f0000001540)=[@rights={{0x10}}, @rights={{0x20, 0x1, 0x1, [r0, r0, r1, r0]}}], 0x30}}, {{&(0x7f0000001580)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000001700)=[{&(0x7f0000001600)="72b15f72de17e4994a94be9376d7b72eda78a33a003c6383b2c4a94c142849a30873c9624a1912dc15959d45183b17fc17ee9a910833b10456ed73d01e5d800c7f670648b947c24cf0af7bd317153484f16de0d556ff304af55c263d4b25dd4476fb1fb19c3af71c0ef6471d0212269a919ebf7451fc029d4abbb686e272925e3aded07ef4f76fcf0f34064e158d3488d85b4a0e6056abbd0b77af7c9ad733f46f29a9fe56638ed6125f789be3fac910f575d4b59de46ff4a6cd9515f5600df3a5a9d5a4fbd2e818e8b0619bf413c4427a5440ef42e5d5b9961cdcafbdf860aeb8a19c9ed185fe93986f553339aadf189f44ea15aafb9f6b269443", 0xfb}], 0x1, &(0x7f0000001740)=[@rights={{0x18, 0x1, 0x1, [r6, r5]}}, @rights={{0x14, 0x1, 0x1, [r6]}}, @cred={{0x1c, 0x1, 0x2, {r7, r8, r9}}}, @rights={{0x18, 0x1, 0x1, [r4, r1]}}, @cred={{0x1c, 0x1, 0x2, {r7, r8, r9}}}], 0x88, 0x20048090}}], 0x2, 0x0) connect$unix(r1, &(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e) 301.941577ms ago: executing program 4 (id=2132): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000007c0)) socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) socket$netlink(0x10, 0x3, 0x0) socket$inet6(0xa, 0x2, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298900000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24490a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1fcff7a1ef3282837771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969cc1595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d400000000000004011c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0890700eef552fcde2981f48c482bde8a168c3f5db2eaa6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000100000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed90868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c83ae45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422636f949e2ab8f162d7e3f855e378f4a1f40bc96fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df775e411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8605000000000000003fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373eaea36546791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf00000000f3ffffffffffff12a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca0000000000000000000090044ed83fec890f693d54e1c0adf7b3fe6cfcf3b9873cecd116826f1be38a8d61d866516197c199d5a3721a378de95d5c25b3887a271db57518e630dd132a518a3b2490b3a9ac177d286502aa73eb67275de3523ce65e50b67a3820faaab5e7b22850c8265b44085a0d2d3c734712591007e15d7f0b2cd7eb796e8f4318d2eb8343c5176056000000000000000000000007444a9a2b71016c9cf336078fa3fcfbdf4dcfc2f5acc09ad13dda373957ab7ed731565049f1d18bcba118079dc5307fa972f19cdf463cbf159985aeb0d92fceb4d62956f6de3f2a416a74"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) pipe(&(0x7f0000000680)) socketpair$unix(0x1, 0x5, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x61, 0x11, 0x4}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x20) bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r1, &(0x7f0000000000), &(0x7f0000001240)=""/53}, 0x20) 207.054297ms ago: executing program 4 (id=2133): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x1c, r2, 0xb7a006d1969b963b, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}, 0x1, 0x800000000000000}, 0x0) 0s ago: executing program 2 (id=2134): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000002c0)={'bridge0\x00', 0x0}) sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x2c, 0x10, 0x44b, 0x0, 0x0, {0x7a, 0x0, 0x0, r5}, [@IFLA_ADDRESS={0xa, 0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}]}, 0x2c}}, 0x0) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r8 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000980)={0x802}, 0x10) sendmsg$nl_generic(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x1c, 0x52, 0x1, 0x0, 0x0, {0x2}, [@typed={0x8, 0x3, 0x0, 0x0, @binary="feffffff"}]}, 0x1c}}, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f00000005c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000580)={&(0x7f0000000480)={0x80, r6, 0x1, 0x70bd2a, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, @random=0x3}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}, @NL80211_ATTR_MESH_SETUP={0x38, 0x70, [@NL80211_MESH_SETUP_USERSPACE_AMPE={0x4}, @NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL={0x5}, @NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL={0x5, 0x1, 0x1}, @NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC={0x5}, @NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL={0x5, 0x1, 0x1}, @NL80211_MESH_SETUP_ENABLE_VENDOR_SYNC={0x5}, @NL80211_MESH_SETUP_AUTH_PROTOCOL={0x5, 0x8, 0x81}]}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x3}, @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x8}], @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xd41}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x200}, @NL80211_ATTR_HANDLE_DFS={0x4}, @NL80211_ATTR_SOCKET_OWNER={0x4}]}, 0x80}, 0x1, 0x0, 0x0, 0x30004082}, 0x441d0) sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="e4000000", @ANYRES16=r6, @ANYBLOB="07002abd5248ffdbdf2507ff000008000300", @ANYRES32=r7, @ANYBLOB="0c00990001000c0069000000140004002f6163766c616e3100000000000000000400cc00080005000a"], 0xe4}}, 0x0) r9 = socket$nl_route(0x10, 0x3, 0x0) r10 = socket$inet_mptcp(0x2, 0x1, 0x106) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000140)={{{@in=@loopback, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@remote}, 0x0, @in6=@initdev}}, &(0x7f0000000280)=0xe8) r12 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x15, 0xf, &(0x7f0000000000)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r12}, {}, {0x7, 0x0, 0xb, 0x6}, {0x85, 0x0, 0x0, 0x52}}, {{0x5, 0x0, 0x3}}, [], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}}}, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) setsockopt$inet_IP_IPSEC_POLICY(r10, 0x0, 0x10, &(0x7f0000000340)={{{@in=@local, @in6=@local, 0x4e21, 0x0, 0x4e21, 0x8, 0xa, 0x0, 0x10, 0x3b, 0x0, r11}, {0x9, 0x83c7, 0x2, 0x8, 0x9, 0x8000000000000001, 0x0, 0x5}, {0x25, 0x80000001, 0x4, 0x583a}, 0x80000001, 0x6e6bb8, 0x2, 0x1, 0x2, 0x2}, {{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x4d2, 0x3c}, 0x2, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x3506, 0x1, 0x0, 0x8, 0x4, 0x8, 0x7f}}, 0xe8) sendmsg$nl_route(r9, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@ipmr_delroute={0x30, 0x19, 0x1, 0x0, 0x0, {0x80, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, 0x5}, [@RTA_MULTIPATH={0xc, 0x9, {0x8}}, @RTA_PREFSRC={0x8, 0x7, @multicast2}]}, 0x30}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00'}) kernel console output (not intermixed with test programs): 092][ T9738] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 319.734113][ T9738] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 319.744585][ T9738] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 319.754413][ T9738] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 319.764871][ T9738] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 319.775957][ T9738] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 319.789470][ T9738] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 319.798547][ T9738] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 319.807803][ T9738] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 319.817715][ T9738] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 319.866336][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 319.877805][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 319.902381][ T3832] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 319.910238][ T3832] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 321.648852][ T63] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 322.427524][ T5246] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 322.436149][ T5246] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 322.444642][ T5246] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 322.454543][ T5246] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 322.462236][ T5246] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 322.469428][ T5246] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 322.497057][ T9751] lo speed is unknown, defaulting to 1000 [ 322.624738][ T9751] chnl_net:caif_netlink_parms(): no params data found [ 322.678461][ T9751] bridge0: port 1(bridge_slave_0) entered blocking state [ 322.685816][ T9751] bridge0: port 1(bridge_slave_0) entered disabled state [ 322.693110][ T9751] bridge_slave_0: entered allmulticast mode [ 322.699643][ T9751] bridge_slave_0: entered promiscuous mode [ 322.707251][ T9751] bridge0: port 2(bridge_slave_1) entered blocking state [ 322.716808][ T9751] bridge0: port 2(bridge_slave_1) entered disabled state [ 322.724046][ T9751] bridge_slave_1: entered allmulticast mode [ 322.730555][ T9751] bridge_slave_1: entered promiscuous mode [ 322.755933][ T9751] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 322.766996][ T9751] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 322.791360][ T9751] team0: Port device team_slave_0 added [ 322.798890][ T9751] team0: Port device team_slave_1 added [ 322.819789][ T9751] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 322.826972][ T9751] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 322.853429][ T9751] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 322.867543][ T9751] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 322.874648][ T9751] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 322.900801][ T9751] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 322.930239][ T9751] hsr_slave_0: entered promiscuous mode [ 322.937212][ T9751] hsr_slave_1: entered promiscuous mode [ 322.943467][ T9751] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 322.951029][ T9751] Cannot create hsr debugfs directory [ 323.136539][ T63] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 323.197388][ T63] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 323.278122][ T63] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 323.334233][ T63] bridge_slave_1: left allmulticast mode [ 323.339921][ T63] bridge_slave_1: left promiscuous mode [ 323.345862][ T63] bridge0: port 2(bridge_slave_1) entered disabled state [ 323.354763][ T63] bridge_slave_0: left allmulticast mode [ 323.360399][ T63] bridge_slave_0: left promiscuous mode [ 323.366456][ T63] bridge0: port 1(bridge_slave_0) entered disabled state [ 323.658788][ T63] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 323.670628][ T63] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 323.683185][ T63] bond0 (unregistering): Released all slaves [ 324.083157][ T63] hsr_slave_0: left promiscuous mode [ 324.089315][ T63] hsr_slave_1: left promiscuous mode [ 324.095712][ T63] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 324.107344][ T63] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 324.116533][ T63] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 324.124265][ T63] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 324.145817][ T63] veth1_macvtap: left promiscuous mode [ 324.151370][ T63] veth0_macvtap: left promiscuous mode [ 324.157544][ T63] veth1_vlan: left promiscuous mode [ 324.162929][ T63] veth0_vlan: left promiscuous mode [ 324.507227][ T63] team0 (unregistering): Port device team_slave_1 removed [ 324.527197][ T5246] Bluetooth: hci3: command tx timeout [ 324.543427][ T63] team0 (unregistering): Port device team_slave_0 removed [ 324.868332][ T9751] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 324.878856][ T9751] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 324.887379][ T9751] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 324.904385][ T9751] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 324.985362][ T9751] 8021q: adding VLAN 0 to HW filter on device bond0 [ 325.012885][ T9751] 8021q: adding VLAN 0 to HW filter on device team0 [ 325.026019][ T52] bridge0: port 1(bridge_slave_0) entered blocking state [ 325.033155][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state [ 325.053009][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 325.060096][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 325.208926][ T9751] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 325.248014][ T9751] veth0_vlan: entered promiscuous mode [ 325.258602][ T9751] veth1_vlan: entered promiscuous mode [ 325.280218][ T9751] veth0_macvtap: entered promiscuous mode [ 325.288653][ T9751] veth1_macvtap: entered promiscuous mode [ 325.301120][ T9751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 325.312705][ T9751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 325.322849][ T9751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 325.333495][ T9751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 325.343992][ T9751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 325.354549][ T9751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 325.364436][ T9751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 325.375904][ T9751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 325.389942][ T9751] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 325.403370][ T9751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 325.413991][ T9751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 325.425054][ T9751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 325.435669][ T9751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 325.446610][ T9751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 325.459444][ T9751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 325.469317][ T9751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 325.479958][ T9751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 325.491984][ T9751] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 325.503535][ T9751] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 325.512632][ T9751] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 325.522043][ T9751] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 325.530753][ T9751] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 325.580644][ T3832] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 325.592894][ T3832] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 325.612785][ T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 325.620942][ T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 327.403364][ T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 328.346697][ T9772] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1717'. [ 328.495919][ T54] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 328.506438][ T54] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 328.517722][ T54] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 328.528293][ T54] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 328.537268][ T54] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 328.545751][ T54] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 328.587047][ T9780] lo speed is unknown, defaulting to 1000 [ 328.836292][ T9780] chnl_net:caif_netlink_parms(): no params data found [ 328.967207][ T9780] bridge0: port 1(bridge_slave_0) entered blocking state [ 328.974600][ T9780] bridge0: port 1(bridge_slave_0) entered disabled state [ 328.982271][ T9780] bridge_slave_0: entered allmulticast mode [ 328.989275][ T9780] bridge_slave_0: entered promiscuous mode [ 329.010700][ T9780] bridge0: port 2(bridge_slave_1) entered blocking state [ 329.024241][ T9780] bridge0: port 2(bridge_slave_1) entered disabled state [ 329.041805][ T9780] bridge_slave_1: entered allmulticast mode [ 329.048825][ T9780] bridge_slave_1: entered promiscuous mode [ 329.156489][ T9780] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 329.176905][ T9822] FAULT_INJECTION: forcing a failure. [ 329.176905][ T9822] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 329.207281][ T9780] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 329.224974][ T9822] CPU: 1 UID: 0 PID: 9822 Comm: syz.4.1733 Not tainted 6.11.0-syzkaller-11504-g6c24a03a61a2 #0 [ 329.235347][ T9822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 329.245435][ T9822] Call Trace: [ 329.248737][ T9822] [ 329.251687][ T9822] dump_stack_lvl+0x241/0x360 [ 329.256404][ T9822] ? __pfx_dump_stack_lvl+0x10/0x10 [ 329.261633][ T9822] ? __pfx__printk+0x10/0x10 [ 329.266253][ T9822] ? __pfx_lock_release+0x10/0x10 [ 329.271315][ T9822] should_fail_ex+0x3b0/0x4e0 [ 329.276022][ T9822] _copy_from_user+0x2f/0xe0 [ 329.280643][ T9822] copy_msghdr_from_user+0xae/0x680 [ 329.285871][ T9822] ? __pfx___might_resched+0x10/0x10 [ 329.291183][ T9822] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 329.297017][ T9822] ? rcu_is_watching+0x15/0xb0 [ 329.301805][ T9822] ? __might_fault+0xaa/0x120 [ 329.306515][ T9822] __sys_sendmmsg+0x36d/0x730 [ 329.311220][ T9822] ? __pfx___sys_sendmmsg+0x10/0x10 [ 329.316451][ T9822] ? __pfx_lock_release+0x10/0x10 [ 329.321500][ T9822] ? kstrtouint_from_user+0x128/0x190 [ 329.326912][ T9822] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 329.332827][ T9822] ? ksys_write+0x229/0x2b0 [ 329.337360][ T9822] ? __pfx_lock_release+0x10/0x10 [ 329.342423][ T9822] ? vfs_write+0x7bf/0xc90 [ 329.346870][ T9822] ? kmem_cache_free+0x1a2/0x420 [ 329.351837][ T9822] ? __mutex_unlock_slowpath+0x21d/0x750 [ 329.357500][ T9822] ? __fget_files+0x3f3/0x470 [ 329.362212][ T9822] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 329.368220][ T9822] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 329.374570][ T9822] ? do_syscall_64+0x100/0x230 [ 329.379356][ T9822] __x64_sys_sendmmsg+0xa0/0xb0 [ 329.384239][ T9822] do_syscall_64+0xf3/0x230 [ 329.388759][ T9822] ? clear_bhb_loop+0x35/0x90 [ 329.393463][ T9822] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 329.399387][ T9822] RIP: 0033:0x7f9ac3b7dff9 [ 329.403823][ T9822] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 329.423444][ T9822] RSP: 002b:00007f9ac4963038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 329.431859][ T9822] RAX: ffffffffffffffda RBX: 00007f9ac3d35f80 RCX: 00007f9ac3b7dff9 [ 329.439827][ T9822] RDX: 0000000000264e33 RSI: 0000000020005240 RDI: 0000000000000003 [ 329.447795][ T9822] RBP: 00007f9ac4963090 R08: 0000000000000000 R09: 0000000000000000 [ 329.455762][ T9822] R10: 000000000000fffe R11: 0000000000000246 R12: 0000000000000002 [ 329.463733][ T9822] R13: 0000000000000000 R14: 00007f9ac3d35f80 R15: 00007fffac8d0378 [ 329.471713][ T9822] [ 329.540323][ T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 329.620899][ T9780] team0: Port device team_slave_0 added [ 329.644306][ T9780] team0: Port device team_slave_1 added [ 329.663503][ T9839] FAULT_INJECTION: forcing a failure. [ 329.663503][ T9839] name failslab, interval 1, probability 0, space 0, times 0 [ 329.693104][ T9839] CPU: 1 UID: 0 PID: 9839 Comm: syz.0.1738 Not tainted 6.11.0-syzkaller-11504-g6c24a03a61a2 #0 [ 329.703486][ T9839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 329.713556][ T9839] Call Trace: [ 329.716839][ T9839] [ 329.719776][ T9839] dump_stack_lvl+0x241/0x360 [ 329.724470][ T9839] ? __pfx_dump_stack_lvl+0x10/0x10 [ 329.729676][ T9839] ? __pfx__printk+0x10/0x10 [ 329.734269][ T9839] ? ref_tracker_alloc+0x332/0x490 [ 329.739383][ T9839] should_fail_ex+0x3b0/0x4e0 [ 329.744064][ T9839] ? skb_clone+0x20c/0x390 [ 329.748476][ T9839] should_failslab+0xac/0x100 [ 329.753148][ T9839] ? skb_clone+0x20c/0x390 [ 329.757557][ T9839] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 329.762928][ T9839] skb_clone+0x20c/0x390 [ 329.767167][ T9839] __netlink_deliver_tap+0x3cc/0x7c0 [ 329.772461][ T9839] ? netlink_deliver_tap+0x2e/0x1b0 [ 329.777657][ T9839] netlink_deliver_tap+0x19d/0x1b0 [ 329.782766][ T9839] netlink_unicast+0x7c4/0x990 [ 329.787532][ T9839] ? __pfx_netlink_unicast+0x10/0x10 [ 329.792811][ T9839] ? __virt_addr_valid+0x183/0x530 [ 329.797917][ T9839] ? __check_object_size+0x48e/0x900 [ 329.803201][ T9839] netlink_sendmsg+0x8e4/0xcb0 [ 329.807970][ T9839] ? __pfx_netlink_sendmsg+0x10/0x10 [ 329.813256][ T9839] ? aa_sock_msg_perm+0x91/0x160 [ 329.818190][ T9839] ? __pfx_netlink_sendmsg+0x10/0x10 [ 329.823475][ T9839] __sock_sendmsg+0x221/0x270 [ 329.828152][ T9839] ____sys_sendmsg+0x52a/0x7e0 [ 329.832917][ T9839] ? __pfx_____sys_sendmsg+0x10/0x10 [ 329.838212][ T9839] __sys_sendmsg+0x292/0x380 [ 329.842796][ T9839] ? __pfx___sys_sendmsg+0x10/0x10 [ 329.847908][ T9839] ? __pfx_vfs_write+0x10/0x10 [ 329.852689][ T9839] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 329.859013][ T9839] ? do_syscall_64+0x100/0x230 [ 329.863771][ T9839] ? do_syscall_64+0xb6/0x230 [ 329.868442][ T9839] do_syscall_64+0xf3/0x230 [ 329.872970][ T9839] ? clear_bhb_loop+0x35/0x90 [ 329.877642][ T9839] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 329.883536][ T9839] RIP: 0033:0x7f5540d7dff9 [ 329.887946][ T9839] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 329.907545][ T9839] RSP: 002b:00007f5541c58038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 329.915954][ T9839] RAX: ffffffffffffffda RBX: 00007f5540f35f80 RCX: 00007f5540d7dff9 [ 329.923921][ T9839] RDX: 0000000000000000 RSI: 0000000020000600 RDI: 0000000000000003 [ 329.931888][ T9839] RBP: 00007f5541c58090 R08: 0000000000000000 R09: 0000000000000000 [ 329.939853][ T9839] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 329.947815][ T9839] R13: 0000000000000000 R14: 00007f5540f35f80 R15: 00007ffea5912628 [ 329.955791][ T9839] [ 329.975078][ T9844] FAULT_INJECTION: forcing a failure. [ 329.975078][ T9844] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 329.991462][ T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 330.002848][ T9844] CPU: 1 UID: 0 PID: 9844 Comm: syz.1.1740 Not tainted 6.11.0-syzkaller-11504-g6c24a03a61a2 #0 [ 330.005733][ T9846] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1741'. [ 330.013281][ T9844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 330.013298][ T9844] Call Trace: [ 330.013307][ T9844] [ 330.013321][ T9844] dump_stack_lvl+0x241/0x360 [ 330.013354][ T9844] ? __pfx_dump_stack_lvl+0x10/0x10 [ 330.013378][ T9844] ? __pfx__printk+0x10/0x10 [ 330.013412][ T9844] should_fail_ex+0x3b0/0x4e0 [ 330.013439][ T9844] _copy_from_user+0x2f/0xe0 [ 330.013463][ T9844] move_addr_to_kernel+0x82/0x150 [ 330.013487][ T9844] __sys_sendto+0x29f/0x4f0 [ 330.013518][ T9844] ? __pfx___sys_sendto+0x10/0x10 [ 330.013542][ T9844] ? __mutex_unlock_slowpath+0x21d/0x750 [ 330.013585][ T9844] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 330.013613][ T9844] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 330.013641][ T9844] __x64_sys_sendto+0xde/0x100 [ 330.013669][ T9844] do_syscall_64+0xf3/0x230 [ 330.013686][ T9844] ? clear_bhb_loop+0x35/0x90 [ 330.047278][ T29] audit: type=1107 audit(1727797135.978:2): pid=9845 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='ƒq)gùm'0ìÃ%Zq¤ œ7U¢òÍ~Õ’?Î’[šÑžù³@¸‰NŸš€tæp^}߈윢ºÊð,{ªJ.qˆä· )ôÒ­÷ºd' [ 330.048705][ T9844] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 330.118987][ T9852] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1743'. [ 330.127860][ T9844] RIP: 0033:0x7f0b01b7dff9 [ 330.127892][ T9844] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 330.127908][ T9844] RSP: 002b:00007f0b029eb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 330.127928][ T9844] RAX: ffffffffffffffda RBX: 00007f0b01d35f80 RCX: 00007f0b01b7dff9 [ 330.127942][ T9844] RDX: 0000000000000001 RSI: 0000000020000100 RDI: 0000000000000003 [ 330.127954][ T9844] RBP: 00007f0b029eb090 R08: 0000000020000000 R09: 0000000000000010 [ 330.127967][ T9844] R10: e61e2840a154b0c0 R11: 0000000000000246 R12: 0000000000000001 [ 330.127979][ T9844] R13: 0000000000000000 R14: 00007f0b01d35f80 R15: 00007fff58c90a68 [ 330.128004][ T9844] [ 330.226582][ T9855] FAULT_INJECTION: forcing a failure. [ 330.226582][ T9855] name failslab, interval 1, probability 0, space 0, times 0 [ 330.240063][ T9855] CPU: 0 UID: 0 PID: 9855 Comm: syz.1.1744 Not tainted 6.11.0-syzkaller-11504-g6c24a03a61a2 #0 [ 330.250436][ T9855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 330.260520][ T9855] Call Trace: [ 330.263819][ T9855] [ 330.266771][ T9855] dump_stack_lvl+0x241/0x360 [ 330.271486][ T9855] ? __pfx_dump_stack_lvl+0x10/0x10 [ 330.276711][ T9855] ? __pfx__printk+0x10/0x10 [ 330.281343][ T9855] ? ref_tracker_alloc+0x332/0x490 [ 330.286498][ T9855] should_fail_ex+0x3b0/0x4e0 [ 330.291218][ T9855] ? skb_clone+0x20c/0x390 [ 330.295687][ T9855] should_failslab+0xac/0x100 [ 330.300391][ T9855] ? skb_clone+0x20c/0x390 [ 330.304831][ T9855] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 330.310212][ T9855] skb_clone+0x20c/0x390 [ 330.314457][ T9855] __netlink_deliver_tap+0x3cc/0x7c0 [ 330.319750][ T9855] ? netlink_deliver_tap+0x2e/0x1b0 [ 330.324966][ T9855] netlink_deliver_tap+0x19d/0x1b0 [ 330.330079][ T9855] netlink_sendskb+0x68/0x140 [ 330.334759][ T9855] netlink_unicast+0x39d/0x990 [ 330.339528][ T9855] ? __pfx_netlink_unicast+0x10/0x10 [ 330.344818][ T9855] ? tipc_nl_compat_dumpit+0x56d/0x740 [ 330.350283][ T9855] ? tipc_nl_compat_recv+0xf71/0x14c0 [ 330.355664][ T9855] tipc_nl_compat_recv+0x1037/0x14c0 [ 330.360960][ T9855] ? __pfx_tipc_nl_compat_recv+0x10/0x10 [ 330.366599][ T9855] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 330.372587][ T9855] ? __pfx_tipc_nl_compat_name_table_dump_header+0x10/0x10 [ 330.379784][ T9855] ? __pfx_tipc_nl_name_table_dump+0x10/0x10 [ 330.385780][ T9855] ? __pfx_tipc_nl_compat_name_table_dump+0x10/0x10 [ 330.392403][ T9855] ? genl_rcv_msg+0x121/0xec0 [ 330.397091][ T9855] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 330.403429][ T9855] ? __pfx___mutex_lock+0x10/0x10 [ 330.408458][ T9855] ? genl_get_cmd+0x71c/0xbe0 [ 330.413139][ T9855] genl_rcv_msg+0xb14/0xec0 [ 330.417642][ T9855] ? mark_lock+0x9a/0x360 [ 330.421970][ T9855] ? __pfx_genl_rcv_msg+0x10/0x10 [ 330.427015][ T9855] ? __pfx_lock_acquire+0x10/0x10 [ 330.432036][ T9855] ? __pfx_tipc_nl_compat_recv+0x10/0x10 [ 330.437686][ T9855] ? __pfx___might_resched+0x10/0x10 [ 330.442985][ T9855] netlink_rcv_skb+0x1e3/0x430 [ 330.447757][ T9855] ? __pfx_genl_rcv_msg+0x10/0x10 [ 330.452779][ T9855] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 330.458074][ T9855] ? __netlink_deliver_tap+0x77e/0x7c0 [ 330.463542][ T9855] genl_rcv+0x28/0x40 [ 330.467520][ T9855] netlink_unicast+0x7f6/0x990 [ 330.472288][ T9855] ? __pfx_netlink_unicast+0x10/0x10 [ 330.477569][ T9855] ? __virt_addr_valid+0x183/0x530 [ 330.482676][ T9855] ? __check_object_size+0x48e/0x900 [ 330.487957][ T9855] netlink_sendmsg+0x8e4/0xcb0 [ 330.492728][ T9855] ? __pfx_netlink_sendmsg+0x10/0x10 [ 330.498014][ T9855] ? aa_sock_msg_perm+0x91/0x160 [ 330.502952][ T9855] ? __pfx_netlink_sendmsg+0x10/0x10 [ 330.508233][ T9855] __sock_sendmsg+0x221/0x270 [ 330.512909][ T9855] ____sys_sendmsg+0x52a/0x7e0 [ 330.517674][ T9855] ? __pfx_____sys_sendmsg+0x10/0x10 [ 330.522967][ T9855] __sys_sendmsg+0x292/0x380 [ 330.527550][ T9855] ? __pfx___sys_sendmsg+0x10/0x10 [ 330.532664][ T9855] ? __pfx_vfs_write+0x10/0x10 [ 330.537453][ T9855] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 330.543787][ T9855] ? do_syscall_64+0x100/0x230 [ 330.548548][ T9855] ? do_syscall_64+0xb6/0x230 [ 330.553224][ T9855] do_syscall_64+0xf3/0x230 [ 330.557720][ T9855] ? clear_bhb_loop+0x35/0x90 [ 330.562390][ T9855] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 330.568279][ T9855] RIP: 0033:0x7f0b01b7dff9 [ 330.572691][ T9855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 330.592292][ T9855] RSP: 002b:00007f0b029eb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 330.600704][ T9855] RAX: ffffffffffffffda RBX: 00007f0b01d35f80 RCX: 00007f0b01b7dff9 [ 330.608667][ T9855] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000003 [ 330.616628][ T9855] RBP: 00007f0b029eb090 R08: 0000000000000000 R09: 0000000000000000 [ 330.624590][ T9855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 330.632551][ T9855] R13: 0000000000000000 R14: 00007f0b01d35f80 R15: 00007fff58c90a68 [ 330.640532][ T9855] [ 330.651979][ T5246] Bluetooth: hci3: command tx timeout [ 330.699255][ T9780] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 330.711556][ T9780] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 330.741570][ T9780] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 330.754141][ T9780] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 330.761112][ T9780] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 330.787379][ T9780] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 330.901256][ T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 330.960471][ T9865] lo speed is unknown, defaulting to 1000 [ 331.054784][ T9780] hsr_slave_0: entered promiscuous mode [ 331.073189][ T9780] hsr_slave_1: entered promiscuous mode [ 331.084222][ T9780] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 331.106847][ T9780] Cannot create hsr debugfs directory [ 331.251143][ T9869] lo speed is unknown, defaulting to 1000 [ 331.346737][ T12] bridge_slave_1: left allmulticast mode [ 331.363786][ T12] bridge_slave_1: left promiscuous mode [ 331.374049][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 331.386950][ T9881] FAULT_INJECTION: forcing a failure. [ 331.386950][ T9881] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 331.400516][ T9881] CPU: 1 UID: 0 PID: 9881 Comm: syz.1.1753 Not tainted 6.11.0-syzkaller-11504-g6c24a03a61a2 #0 [ 331.410959][ T9881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 331.421031][ T9881] Call Trace: [ 331.424327][ T9881] [ 331.427289][ T9881] dump_stack_lvl+0x241/0x360 [ 331.432000][ T9881] ? __pfx_dump_stack_lvl+0x10/0x10 [ 331.437233][ T9881] ? __pfx__printk+0x10/0x10 [ 331.441850][ T9881] ? __pfx_lock_release+0x10/0x10 [ 331.446921][ T9881] should_fail_ex+0x3b0/0x4e0 [ 331.451636][ T9881] _copy_from_user+0x2f/0xe0 [ 331.456248][ T9881] copy_msghdr_from_user+0xae/0x680 [ 331.461475][ T9881] ? __pfx___might_resched+0x10/0x10 [ 331.466792][ T9881] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 331.472630][ T9881] ? rcu_is_watching+0x15/0xb0 [ 331.477420][ T9881] ? __might_fault+0xaa/0x120 [ 331.482127][ T9881] __sys_sendmmsg+0x36d/0x730 [ 331.486830][ T9881] ? __pfx___sys_sendmmsg+0x10/0x10 [ 331.492059][ T9881] ? __pfx_lock_release+0x10/0x10 [ 331.497106][ T9881] ? kstrtouint_from_user+0x128/0x190 [ 331.502520][ T9881] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 331.508446][ T9881] ? ksys_write+0x229/0x2b0 [ 331.512980][ T9881] ? __pfx_lock_release+0x10/0x10 [ 331.518036][ T9881] ? vfs_write+0x7bf/0xc90 [ 331.522488][ T9881] ? kmem_cache_free+0x1a2/0x420 [ 331.527458][ T9881] ? __mutex_unlock_slowpath+0x21d/0x750 [ 331.533121][ T9881] ? __fget_files+0x3f3/0x470 [ 331.537834][ T9881] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 331.543842][ T9881] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 331.550197][ T9881] ? do_syscall_64+0x100/0x230 [ 331.554971][ T9881] __x64_sys_sendmmsg+0xa0/0xb0 [ 331.559823][ T9881] do_syscall_64+0xf3/0x230 [ 331.564356][ T9881] ? clear_bhb_loop+0x35/0x90 [ 331.569053][ T9881] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 331.574955][ T9881] RIP: 0033:0x7f0b01b7dff9 [ 331.579362][ T9881] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 331.598964][ T9881] RSP: 002b:00007f0b029eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 331.607382][ T9881] RAX: ffffffffffffffda RBX: 00007f0b01d35f80 RCX: 00007f0b01b7dff9 [ 331.615353][ T9881] RDX: 0000000000264e33 RSI: 0000000020005240 RDI: 0000000000000003 [ 331.623331][ T9881] RBP: 00007f0b029eb090 R08: 0000000000000000 R09: 0000000000000000 [ 331.631305][ T9881] R10: 000000000000fffe R11: 0000000000000246 R12: 0000000000000002 [ 331.639266][ T9881] R13: 0000000000000000 R14: 00007f0b01d35f80 R15: 00007fff58c90a68 [ 331.647238][ T9881] [ 331.652579][ T12] bridge_slave_0: left allmulticast mode [ 331.664264][ T12] bridge_slave_0: left promiscuous mode [ 331.678927][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 331.807819][ T9888] dccp_close: ABORT with 1 bytes unread [ 332.113281][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 332.124501][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 332.134780][ T12] bond0 (unregistering): Released all slaves [ 332.678330][ T9904] lo speed is unknown, defaulting to 1000 [ 332.695068][ T5246] Bluetooth: hci3: command tx timeout [ 332.969303][ T9780] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 332.995536][ T9780] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 333.016725][ T9915] dccp_close: ABORT with 1 bytes unread [ 333.025117][ T9780] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 333.047153][ T9780] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 333.271868][ T12] hsr_slave_0: left promiscuous mode [ 333.277901][ T12] hsr_slave_1: left promiscuous mode [ 333.292495][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 333.300016][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 333.310187][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 333.317764][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 333.408209][ T12] veth1_macvtap: left promiscuous mode [ 333.414102][ T12] veth0_macvtap: left promiscuous mode [ 333.419693][ T12] veth1_vlan: left promiscuous mode [ 333.425091][ T12] veth0_vlan: left promiscuous mode [ 333.851365][ T12] team0 (unregistering): Port device team_slave_1 removed [ 333.899037][ T12] team0 (unregistering): Port device team_slave_0 removed [ 334.402069][ T9938] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1775'. [ 334.460453][ T9780] 8021q: adding VLAN 0 to HW filter on device bond0 [ 334.492940][ T9940] netlink: 'syz.4.1776': attribute type 1 has an invalid length. [ 334.510977][ T9940] netlink: 9312 bytes leftover after parsing attributes in process `syz.4.1776'. [ 334.539459][ T9940] netlink: 'syz.4.1776': attribute type 1 has an invalid length. [ 334.619454][ T9780] 8021q: adding VLAN 0 to HW filter on device team0 [ 334.666706][ T63] bridge0: port 1(bridge_slave_0) entered blocking state [ 334.673996][ T63] bridge0: port 1(bridge_slave_0) entered forwarding state [ 334.689321][ T63] bridge0: port 2(bridge_slave_1) entered blocking state [ 334.696533][ T63] bridge0: port 2(bridge_slave_1) entered forwarding state [ 334.701936][ T9949] openvswitch: netlink: Unknown nsh attribute 0 [ 334.756672][ T9949] netlink: 3460 bytes leftover after parsing attributes in process `syz.4.1779'. [ 334.768316][ T5246] Bluetooth: hci3: command tx timeout [ 334.836401][ T9956] FAULT_INJECTION: forcing a failure. [ 334.836401][ T9956] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 334.874676][ T9956] CPU: 0 UID: 0 PID: 9956 Comm: syz.0.1781 Not tainted 6.11.0-syzkaller-11504-g6c24a03a61a2 #0 [ 334.885070][ T9956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 334.895151][ T9956] Call Trace: [ 334.898453][ T9956] [ 334.901402][ T9956] dump_stack_lvl+0x241/0x360 [ 334.906112][ T9956] ? __pfx_dump_stack_lvl+0x10/0x10 [ 334.911345][ T9956] ? __pfx__printk+0x10/0x10 [ 334.915975][ T9956] should_fail_ex+0x3b0/0x4e0 [ 334.920683][ T9956] _copy_from_user+0x2f/0xe0 [ 334.925300][ T9956] move_addr_to_kernel+0x82/0x150 [ 334.930346][ T9956] __sys_sendto+0x29f/0x4f0 [ 334.934878][ T9956] ? __pfx___sys_sendto+0x10/0x10 [ 334.939926][ T9956] ? __mutex_unlock_slowpath+0x21d/0x750 [ 334.945600][ T9956] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 334.951607][ T9956] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 334.957965][ T9956] __x64_sys_sendto+0xde/0x100 [ 334.962779][ T9956] do_syscall_64+0xf3/0x230 [ 334.967289][ T9956] ? clear_bhb_loop+0x35/0x90 [ 334.971955][ T9956] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 334.977854][ T9956] RIP: 0033:0x7f5540d7dff9 [ 334.982272][ T9956] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 335.001887][ T9956] RSP: 002b:00007f5541c58038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 335.010296][ T9956] RAX: ffffffffffffffda RBX: 00007f5540f35f80 RCX: 00007f5540d7dff9 [ 335.018263][ T9956] RDX: 0000000000034000 RSI: 0000000020000040 RDI: 0000000000000004 [ 335.026224][ T9956] RBP: 00007f5541c58090 R08: 0000000020000100 R09: 000000000000001c [ 335.034193][ T9956] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 335.042183][ T9956] R13: 0000000000000000 R14: 00007f5540f35f80 R15: 00007ffea5912628 [ 335.050173][ T9956] [ 335.125900][ T9780] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 335.197302][ T9780] veth0_vlan: entered promiscuous mode [ 335.233130][ T9963] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1783'. [ 335.234414][ T9780] veth1_vlan: entered promiscuous mode [ 335.280523][ T9780] veth0_macvtap: entered promiscuous mode [ 335.297869][ T9780] veth1_macvtap: entered promiscuous mode [ 335.334559][ T9780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 335.351171][ T9780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 335.391930][ T9780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 335.421635][ T9780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 335.437386][ T9780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 335.454855][ T9780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 335.464838][ T9780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 335.475796][ T9780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 335.487824][ T9780] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 335.499946][ T9978] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1788'. [ 335.523085][ T9780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 335.544894][ T9780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 335.582780][ T9780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 335.612322][ T9780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 335.625408][ T9780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 335.636567][ T9780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 335.646831][ T9780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 335.657794][ T9780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 335.669401][ T9780] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 335.698661][ T9780] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 335.710040][ T9780] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 335.719431][ T9780] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 335.729197][ T9780] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 335.819015][ T3832] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 335.831215][ T3832] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 335.849590][ T9990] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1792'. [ 335.864272][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 335.876208][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 336.538971][T10016] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1800'. [ 336.554092][T10016] 8021q: adding VLAN 0 to HW filter on device ipvlan8 [ 336.722774][T10025] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1804'. [ 337.072986][ T63] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 338.075672][ T63] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 338.186339][ T54] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 338.201330][ T54] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 338.209263][ T54] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 338.215435][T10056] FAULT_INJECTION: forcing a failure. [ 338.215435][T10056] name failslab, interval 1, probability 0, space 0, times 0 [ 338.219388][ T54] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 338.237203][ T54] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 338.244561][ T54] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 338.253133][T10056] CPU: 1 UID: 0 PID: 10056 Comm: syz.0.1815 Not tainted 6.11.0-syzkaller-11504-g6c24a03a61a2 #0 [ 338.263582][T10056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 338.273657][T10056] Call Trace: [ 338.276953][T10056] [ 338.279897][T10056] dump_stack_lvl+0x241/0x360 [ 338.284615][T10056] ? __pfx_dump_stack_lvl+0x10/0x10 [ 338.289845][T10056] ? __pfx__printk+0x10/0x10 [ 338.294470][T10056] ? kmem_cache_alloc_noprof+0x44/0x2a0 [ 338.300041][T10056] ? __pfx___might_resched+0x10/0x10 [ 338.305355][T10056] should_fail_ex+0x3b0/0x4e0 [ 338.310064][T10056] ? skb_clone+0x20c/0x390 [ 338.314506][T10056] should_failslab+0xac/0x100 [ 338.319209][T10056] ? skb_clone+0x20c/0x390 [ 338.323653][T10056] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 338.329051][T10056] skb_clone+0x20c/0x390 [ 338.333317][T10056] netlink_trim+0x14a/0x220 [ 338.337850][T10056] netlink_broadcast_filtered+0x76/0x12a0 [ 338.343595][T10056] ? __pfx_lock_release+0x10/0x10 [ 338.348642][T10056] ? nf_tables_fill_gen_info+0x3bd/0x5e0 [ 338.354310][T10056] nlmsg_notify+0xfb/0x1c0 [ 338.358758][T10056] nf_tables_commit+0x81ef/0x91e0 [ 338.363847][T10056] ? __pfx_nf_tables_commit+0x10/0x10 [ 338.369245][T10056] ? free_large_kmalloc+0x105/0x1c0 [ 338.374474][T10056] ? nf_tables_newrule+0x23cc/0x2980 [ 338.379782][T10056] ? kfree+0x21c/0x440 [ 338.383874][T10056] ? nft_trans_rule_add+0x30f/0x430 [ 338.389093][T10056] ? nf_tables_newrule+0x2461/0x2980 [ 338.394420][T10056] ? __pfx_nf_tables_newrule+0x10/0x10 [ 338.399915][T10056] ? __nla_parse+0x40/0x60 [ 338.404359][T10056] nfnetlink_rcv+0xc77/0x2ab0 [ 338.409085][T10056] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 338.414270][T10056] ? netlink_deliver_tap+0x2e/0x1b0 [ 338.419489][T10056] ? skb_clone+0x240/0x390 [ 338.423924][T10056] ? __pfx_lock_release+0x10/0x10 [ 338.428982][T10056] ? netlink_deliver_tap+0x2e/0x1b0 [ 338.434205][T10056] netlink_unicast+0x7f6/0x990 [ 338.439002][T10056] ? __pfx_netlink_unicast+0x10/0x10 [ 338.444309][T10056] ? __virt_addr_valid+0x183/0x530 [ 338.449443][T10056] ? __check_object_size+0x48e/0x900 [ 338.454839][T10056] netlink_sendmsg+0x8e4/0xcb0 [ 338.459640][T10056] ? __pfx_netlink_sendmsg+0x10/0x10 [ 338.464953][T10056] ? aa_sock_msg_perm+0x91/0x160 [ 338.469914][T10056] ? __pfx_netlink_sendmsg+0x10/0x10 [ 338.475220][T10056] __sock_sendmsg+0x221/0x270 [ 338.479926][T10056] ____sys_sendmsg+0x52a/0x7e0 [ 338.484719][T10056] ? __pfx_____sys_sendmsg+0x10/0x10 [ 338.490039][T10056] __sys_sendmsg+0x292/0x380 [ 338.494650][T10056] ? __pfx___sys_sendmsg+0x10/0x10 [ 338.499788][T10056] ? __pfx_vfs_write+0x10/0x10 [ 338.504604][T10056] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 338.511046][T10056] ? do_syscall_64+0x100/0x230 [ 338.515828][T10056] ? do_syscall_64+0xb6/0x230 [ 338.520523][T10056] do_syscall_64+0xf3/0x230 [ 338.525043][T10056] ? clear_bhb_loop+0x35/0x90 [ 338.529740][T10056] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 338.535658][T10056] RIP: 0033:0x7f5540d7dff9 [ 338.540092][T10056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 338.559717][T10056] RSP: 002b:00007f5541c58038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 338.568159][T10056] RAX: ffffffffffffffda RBX: 00007f5540f35f80 RCX: 00007f5540d7dff9 [ 338.576590][T10056] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 338.584581][T10056] RBP: 00007f5541c58090 R08: 0000000000000000 R09: 0000000000000000 [ 338.592568][T10056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 338.600554][T10056] R13: 0000000000000000 R14: 00007f5540f35f80 R15: 00007ffea5912628 [ 338.608562][T10056] [ 338.636816][ T63] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 338.666020][T10059] netlink: 'syz.2.1813': attribute type 21 has an invalid length. [ 338.692781][T10059] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1813'. [ 338.736779][T10052] lo speed is unknown, defaulting to 1000 [ 338.814017][T10066] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1817'. [ 338.853391][ T63] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 339.098507][T10052] chnl_net:caif_netlink_parms(): no params data found [ 339.193380][ T63] bridge_slave_1: left allmulticast mode [ 339.199306][ T63] bridge_slave_1: left promiscuous mode [ 339.205147][ T63] bridge0: port 2(bridge_slave_1) entered disabled state [ 339.214301][ T63] bridge_slave_0: left allmulticast mode [ 339.220013][ T63] bridge_slave_0: left promiscuous mode [ 339.225904][ T63] bridge0: port 1(bridge_slave_0) entered disabled state [ 339.769243][ T63] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 339.779917][ T63] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 339.790121][ T63] bond0 (unregistering): Released all slaves [ 339.826450][T10073] syzkaller0: entered promiscuous mode [ 339.838502][T10073] syzkaller0: entered allmulticast mode [ 340.195749][T10098] netlink: 'syz.0.1826': attribute type 3 has an invalid length. [ 340.204111][T10098] __nla_validate_parse: 2 callbacks suppressed [ 340.204128][T10098] netlink: 130984 bytes leftover after parsing attributes in process `syz.0.1826'. [ 340.365440][ T54] Bluetooth: hci3: command tx timeout [ 341.432201][T10052] bridge0: port 1(bridge_slave_0) entered blocking state [ 341.439310][T10052] bridge0: port 1(bridge_slave_0) entered disabled state [ 341.453736][T10052] bridge_slave_0: entered allmulticast mode [ 341.460658][T10052] bridge_slave_0: entered promiscuous mode [ 341.469603][T10106] veth1_macvtap: left promiscuous mode [ 341.475855][T10106] macsec0: entered promiscuous mode [ 341.481087][T10106] macsec0: entered allmulticast mode [ 341.490700][T10107] veth1_macvtap: entered promiscuous mode [ 341.496837][T10107] veth1_macvtap: entered allmulticast mode [ 341.503438][T10107] macsec0: left promiscuous mode [ 341.508475][T10107] macsec0: left allmulticast mode [ 341.513623][T10107] veth1_macvtap: left allmulticast mode [ 341.521110][T10052] bridge0: port 2(bridge_slave_1) entered blocking state [ 341.541631][T10052] bridge0: port 2(bridge_slave_1) entered disabled state [ 341.548861][T10052] bridge_slave_1: entered allmulticast mode [ 341.558018][T10052] bridge_slave_1: entered promiscuous mode [ 341.688443][T10052] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 341.730745][T10052] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 341.894806][T10052] team0: Port device team_slave_0 added [ 341.917965][T10052] team0: Port device team_slave_1 added [ 341.982031][ T63] hsr_slave_0: left promiscuous mode [ 341.988129][ T63] hsr_slave_1: left promiscuous mode [ 341.995223][ T63] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 342.003232][ T63] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 342.017508][ T63] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 342.025824][ T63] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 342.050604][ T63] veth1_macvtap: left promiscuous mode [ 342.056382][ T63] veth0_macvtap: left promiscuous mode [ 342.062290][ T63] veth1_vlan: left promiscuous mode [ 342.067734][ T63] veth0_vlan: left promiscuous mode [ 342.454202][ T54] Bluetooth: hci3: command tx timeout [ 342.520370][ T63] team0 (unregistering): Port device team_slave_1 removed [ 342.564070][ T63] team0 (unregistering): Port device team_slave_0 removed [ 343.027513][T10138] syzkaller0: entered promiscuous mode [ 343.033835][T10138] syzkaller0: entered allmulticast mode [ 343.047183][T10144] netlink: 'syz.2.1842': attribute type 1 has an invalid length. [ 343.055255][T10144] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1842'. [ 343.066443][T10052] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 343.076002][T10052] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 343.111552][T10052] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 343.123996][T10052] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 343.130956][T10052] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 343.157326][T10052] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 344.074482][T10159] netlink: 'syz.2.1848': attribute type 9 has an invalid length. [ 344.082473][T10159] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.1848'. [ 344.532282][ T54] Bluetooth: hci3: command tx timeout [ 344.633683][T10155] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1847'. [ 344.656298][T10158] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1848'. [ 344.767044][T10052] hsr_slave_0: entered promiscuous mode [ 344.798160][T10052] hsr_slave_1: entered promiscuous mode [ 344.808330][T10052] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 344.824046][T10052] Cannot create hsr debugfs directory [ 345.064038][T10172] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1855'. [ 345.083584][T10172] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1855'. [ 345.098414][ T5246] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 345.107764][ T5246] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 345.115777][ T5246] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 345.138277][ T5246] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 345.147069][ T5246] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 345.154545][ T5246] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 345.234833][T10175] lo speed is unknown, defaulting to 1000 [ 345.405392][T10185] x_tables: duplicate entry at hook 3 [ 345.479886][T10189] netlink: 'syz.2.1861': attribute type 10 has an invalid length. [ 345.489763][T10189] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 345.501393][T10189] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 345.512354][T10189] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link [ 345.527066][T10189] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1861'. [ 345.536315][T10189] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1861'. [ 345.624682][T10196] netlink: 'syz.2.1863': attribute type 1 has an invalid length. [ 345.750351][T10201] netlink: 136 bytes leftover after parsing attributes in process `syz.1.1865'. [ 345.751629][T10175] chnl_net:caif_netlink_parms(): no params data found [ 345.875938][T10052] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 345.904835][T10052] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 345.904864][T10207] Bluetooth: MGMT ver 1.23 [ 345.920291][T10052] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 345.959292][T10052] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 346.063264][T10175] bridge0: port 1(bridge_slave_0) entered blocking state [ 346.070395][T10175] bridge0: port 1(bridge_slave_0) entered disabled state [ 346.078334][T10214] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1870'. [ 346.095797][T10214] netlink: 'syz.2.1870': attribute type 1 has an invalid length. [ 346.107928][T10175] bridge_slave_0: entered allmulticast mode [ 346.112177][T10214] netlink: 'syz.2.1870': attribute type 1 has an invalid length. [ 346.118877][T10175] bridge_slave_0: entered promiscuous mode [ 346.125157][T10214] netlink: 'syz.2.1870': attribute type 2 has an invalid length. [ 346.146767][T10175] bridge0: port 2(bridge_slave_1) entered blocking state [ 346.160012][T10175] bridge0: port 2(bridge_slave_1) entered disabled state [ 346.160088][T10214] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1870'. [ 346.170210][T10175] bridge_slave_1: entered allmulticast mode [ 346.193043][T10175] bridge_slave_1: entered promiscuous mode [ 346.254156][T10175] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 346.296621][T10052] 8021q: adding VLAN 0 to HW filter on device bond0 [ 346.314161][T10175] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 346.394381][T10175] team0: Port device team_slave_0 added [ 346.403520][T10052] 8021q: adding VLAN 0 to HW filter on device team0 [ 346.450372][T10175] team0: Port device team_slave_1 added [ 346.479710][T10231] bond0: entered promiscuous mode [ 346.485654][T10231] bond_slave_0: entered promiscuous mode [ 346.491467][T10231] bond_slave_1: entered promiscuous mode [ 346.498892][T10231] 8021q: adding VLAN 0 to HW filter on device macvlan3 [ 346.509195][T10231] bond0: left promiscuous mode [ 346.516123][T10231] bond_slave_0: left promiscuous mode [ 346.522932][T10231] bond_slave_1: left promiscuous mode [ 346.584441][T10175] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 346.602549][ T54] Bluetooth: hci3: command tx timeout [ 346.606627][T10175] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 346.658926][T10175] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 346.683640][T10175] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 346.690619][T10175] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 346.717598][T10175] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 346.741583][ T2488] bridge0: port 1(bridge_slave_0) entered blocking state [ 346.748756][ T2488] bridge0: port 1(bridge_slave_0) entered forwarding state [ 346.816746][ T7759] bridge0: port 2(bridge_slave_1) entered blocking state [ 346.823942][ T7759] bridge0: port 2(bridge_slave_1) entered forwarding state [ 346.870580][T10175] hsr_slave_0: entered promiscuous mode [ 346.878998][T10175] hsr_slave_1: entered promiscuous mode [ 346.891203][T10175] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 346.900619][T10175] Cannot create hsr debugfs directory [ 347.110437][T10175] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 347.194359][T10175] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 347.241739][ T54] Bluetooth: hci4: command tx timeout [ 347.271145][T10052] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 347.293750][T10275] FAULT_INJECTION: forcing a failure. [ 347.293750][T10275] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 347.307460][T10275] CPU: 0 UID: 0 PID: 10275 Comm: syz.1.1888 Not tainted 6.11.0-syzkaller-11504-g6c24a03a61a2 #0 [ 347.309230][T10175] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 347.317894][T10275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 347.317909][T10275] Call Trace: [ 347.317917][T10275] [ 347.317925][T10275] dump_stack_lvl+0x241/0x360 [ 347.317964][T10275] ? __pfx_dump_stack_lvl+0x10/0x10 [ 347.317989][T10275] ? __pfx__printk+0x10/0x10 [ 347.318014][T10275] ? __pfx_lock_release+0x10/0x10 [ 347.318039][T10275] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 347.318067][T10275] should_fail_ex+0x3b0/0x4e0 [ 347.318096][T10275] _copy_from_user+0x2f/0xe0 [ 347.318121][T10275] copy_msghdr_from_user+0xae/0x680 [ 347.318143][T10275] ? exc_page_fault+0x590/0x8c0 [ 347.318172][T10275] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 347.318210][T10275] __sys_sendmmsg+0x36d/0x730 [ 347.318236][T10275] ? __pfx___sys_sendmmsg+0x10/0x10 [ 347.318265][T10275] ? __pfx_lock_release+0x10/0x10 [ 347.409894][T10275] ? kstrtouint_from_user+0x128/0x190 [ 347.415285][T10275] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 347.421174][T10275] ? ksys_write+0x229/0x2b0 [ 347.425675][T10275] ? __pfx_lock_release+0x10/0x10 [ 347.430710][T10275] ? vfs_write+0x7bf/0xc90 [ 347.435126][T10275] ? kmem_cache_free+0x1a2/0x420 [ 347.440066][T10275] ? __mutex_unlock_slowpath+0x21d/0x750 [ 347.445701][T10275] ? __fget_files+0x3f3/0x470 [ 347.450380][T10275] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 347.456357][T10275] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 347.462684][T10275] ? do_syscall_64+0x100/0x230 [ 347.467444][T10275] __x64_sys_sendmmsg+0xa0/0xb0 [ 347.472291][T10275] do_syscall_64+0xf3/0x230 [ 347.476784][T10275] ? clear_bhb_loop+0x35/0x90 [ 347.481451][T10275] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 347.487338][T10275] RIP: 0033:0x7f0b01b7dff9 [ 347.491748][T10275] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 347.511344][T10275] RSP: 002b:00007f0b029eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 347.519753][T10275] RAX: ffffffffffffffda RBX: 00007f0b01d35f80 RCX: 00007f0b01b7dff9 [ 347.527718][T10275] RDX: 0000000000264e33 RSI: 0000000020005240 RDI: 0000000000000003 [ 347.535688][T10275] RBP: 00007f0b029eb090 R08: 0000000000000000 R09: 0000000000000000 [ 347.543660][T10275] R10: 000000000000fffe R11: 0000000000000246 R12: 0000000000000002 [ 347.551629][T10275] R13: 0000000000000000 R14: 00007f0b01d35f80 R15: 00007fff58c90a68 [ 347.559602][T10275] [ 347.657399][T10175] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 347.684490][T10052] veth0_vlan: entered promiscuous mode [ 347.704311][T10052] veth1_vlan: entered promiscuous mode [ 347.801626][T10282] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1891'. [ 347.820564][T10282] netlink: 272 bytes leftover after parsing attributes in process `syz.1.1891'. [ 347.828990][T10052] veth0_macvtap: entered promiscuous mode [ 347.835551][T10282] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1891'. [ 347.857004][T10175] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 347.884057][T10175] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 347.899894][T10175] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 347.910808][T10052] veth1_macvtap: entered promiscuous mode [ 347.923614][T10175] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 347.952754][T10052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 347.968379][T10052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 347.968696][T10289] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1894'. [ 347.985029][T10052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 347.999156][T10052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 348.009297][T10052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 348.018445][T10289] netlink: 'syz.1.1894': attribute type 7 has an invalid length. [ 348.021567][T10052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 348.037710][T10289] netlink: 'syz.1.1894': attribute type 8 has an invalid length. [ 348.054870][T10052] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 348.094560][T10052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 348.116642][T10052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 348.130027][T10052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 348.152372][T10052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 348.176281][T10052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 348.189460][T10052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 348.199733][T10052] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 348.218244][T10052] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 348.229538][T10052] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 348.270518][T10052] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 348.285075][T10052] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 348.294661][T10052] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 348.310484][T10052] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 348.385306][T10304] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1900'. [ 348.448948][T10175] 8021q: adding VLAN 0 to HW filter on device bond0 [ 348.460491][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 348.484120][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 348.505580][T10306] FAULT_INJECTION: forcing a failure. [ 348.505580][T10306] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 348.519351][T10175] 8021q: adding VLAN 0 to HW filter on device team0 [ 348.543856][T10306] CPU: 1 UID: 0 PID: 10306 Comm: syz.1.1902 Not tainted 6.11.0-syzkaller-11504-g6c24a03a61a2 #0 [ 348.553724][ T2488] bridge0: port 1(bridge_slave_0) entered blocking state [ 348.554305][T10306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 348.561393][ T2488] bridge0: port 1(bridge_slave_0) entered forwarding state [ 348.571357][T10306] Call Trace: [ 348.571367][T10306] [ 348.571377][T10306] dump_stack_lvl+0x241/0x360 [ 348.571411][T10306] ? __pfx_dump_stack_lvl+0x10/0x10 [ 348.571438][T10306] ? __pfx__printk+0x10/0x10 [ 348.581846][ T2488] bridge0: port 2(bridge_slave_1) entered blocking state [ 348.581884][T10306] ? __pfx_lock_release+0x10/0x10 [ 348.584842][ T2488] bridge0: port 2(bridge_slave_1) entered forwarding state [ 348.589458][T10306] should_fail_ex+0x3b0/0x4e0 [ 348.623126][T10306] _copy_from_user+0x2f/0xe0 [ 348.627717][T10306] copy_msghdr_from_user+0xae/0x680 [ 348.632998][T10306] ? __pfx___might_resched+0x10/0x10 [ 348.638282][T10306] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 348.644085][T10306] ? rcu_is_watching+0x15/0xb0 [ 348.648845][T10306] ? __might_fault+0xaa/0x120 [ 348.653526][T10306] __sys_sendmmsg+0x36d/0x730 [ 348.658204][T10306] ? __pfx___sys_sendmmsg+0x10/0x10 [ 348.663405][T10306] ? __pfx_lock_release+0x10/0x10 [ 348.668425][T10306] ? kstrtouint_from_user+0x128/0x190 [ 348.673806][T10306] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 348.679712][T10306] ? ksys_write+0x229/0x2b0 [ 348.684224][T10306] ? __pfx_lock_release+0x10/0x10 [ 348.689261][T10306] ? vfs_write+0x7bf/0xc90 [ 348.693676][T10306] ? kmem_cache_free+0x1a2/0x420 [ 348.698610][T10306] ? __mutex_unlock_slowpath+0x21d/0x750 [ 348.704263][T10306] ? __fget_files+0x3f3/0x470 [ 348.708946][T10306] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 348.714928][T10306] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 348.721254][T10306] ? do_syscall_64+0x100/0x230 [ 348.726019][T10306] __x64_sys_sendmmsg+0xa0/0xb0 [ 348.730868][T10306] do_syscall_64+0xf3/0x230 [ 348.735366][T10306] ? clear_bhb_loop+0x35/0x90 [ 348.740037][T10306] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 348.745925][T10306] RIP: 0033:0x7f0b01b7dff9 [ 348.750332][T10306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 348.769933][T10306] RSP: 002b:00007f0b029eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 348.778349][T10306] RAX: ffffffffffffffda RBX: 00007f0b01d35f80 RCX: 00007f0b01b7dff9 [ 348.786313][T10306] RDX: 0000000000264e33 RSI: 0000000020005240 RDI: 0000000000000003 [ 348.794281][T10306] RBP: 00007f0b029eb090 R08: 0000000000000000 R09: 0000000000000000 [ 348.802247][T10306] R10: 000000000000fffe R11: 0000000000000246 R12: 0000000000000002 [ 348.810207][T10306] R13: 0000000000000000 R14: 00007f0b01d35f80 R15: 00007fff58c90a68 [ 348.818186][T10306] [ 348.855766][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 348.864202][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 348.939731][T10175] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 348.957214][T10314] FAULT_INJECTION: forcing a failure. [ 348.957214][T10314] name failslab, interval 1, probability 0, space 0, times 0 [ 348.993668][T10314] CPU: 0 UID: 0 PID: 10314 Comm: syz.1.1907 Not tainted 6.11.0-syzkaller-11504-g6c24a03a61a2 #0 [ 349.004138][T10314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 349.014207][T10314] Call Trace: [ 349.017486][T10314] [ 349.020409][T10314] dump_stack_lvl+0x241/0x360 [ 349.025094][T10314] ? __pfx_dump_stack_lvl+0x10/0x10 [ 349.030290][T10314] ? __pfx__printk+0x10/0x10 [ 349.034876][T10314] ? fs_reclaim_acquire+0x93/0x140 [ 349.039985][T10314] ? __pfx___might_resched+0x10/0x10 [ 349.045266][T10314] should_fail_ex+0x3b0/0x4e0 [ 349.049954][T10314] ? tomoyo_realpath_from_path+0xcf/0x5e0 [ 349.055669][T10314] should_failslab+0xac/0x100 [ 349.060345][T10314] ? tomoyo_realpath_from_path+0xcf/0x5e0 [ 349.066056][T10314] __kmalloc_noprof+0xd8/0x400 [ 349.070822][T10314] tomoyo_realpath_from_path+0xcf/0x5e0 [ 349.076382][T10314] tomoyo_path_number_perm+0x23a/0x880 [ 349.081847][T10314] ? tomoyo_path_number_perm+0x208/0x880 [ 349.087479][T10314] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 349.093486][T10314] ? __fget_files+0x29/0x470 [ 349.098070][T10314] ? __fget_files+0x3f3/0x470 [ 349.102746][T10314] security_file_ioctl+0xc6/0x2a0 [ 349.107771][T10314] __se_sys_ioctl+0x47/0x170 [ 349.112362][T10314] do_syscall_64+0xf3/0x230 [ 349.116945][T10314] ? clear_bhb_loop+0x35/0x90 [ 349.121614][T10314] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 349.127501][T10314] RIP: 0033:0x7f0b01b7dff9 [ 349.131908][T10314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 349.151507][T10314] RSP: 002b:00007f0b029eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 349.159922][T10314] RAX: ffffffffffffffda RBX: 00007f0b01d35f80 RCX: 00007f0b01b7dff9 [ 349.167973][T10314] RDX: 0000000020000000 RSI: 000000000000890c RDI: 0000000000000003 [ 349.175939][T10314] RBP: 00007f0b029eb090 R08: 0000000000000000 R09: 0000000000000000 [ 349.183905][T10314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 349.191865][T10314] R13: 0000000000000000 R14: 00007f0b01d35f80 R15: 00007fff58c90a68 [ 349.199840][T10314] [ 349.231748][T10314] ERROR: Out of memory at tomoyo_realpath_from_path. [ 349.325593][ T54] Bluetooth: hci4: command tx timeout [ 349.426266][T10331] openvswitch: netlink: IP tunnel attribute has 3048 unknown bytes. [ 349.491749][T10175] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 349.718817][T10175] veth0_vlan: entered promiscuous mode [ 349.736277][T10175] veth1_vlan: entered promiscuous mode [ 349.777676][T10175] veth0_macvtap: entered promiscuous mode [ 349.796913][T10351] bond0: entered promiscuous mode [ 349.809384][T10351] bond_slave_0: entered promiscuous mode [ 349.817338][T10351] bond_slave_1: entered promiscuous mode [ 349.823801][T10351] batadv_slave_0: entered promiscuous mode [ 349.830152][T10351] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 349.838308][T10351] bond0: left promiscuous mode [ 349.843896][T10351] bond_slave_0: left promiscuous mode [ 349.849445][T10351] bond_slave_1: left promiscuous mode [ 349.855145][T10351] batadv_slave_0: left promiscuous mode [ 349.877216][T10175] veth1_macvtap: entered promiscuous mode [ 349.906003][T10175] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 349.924316][T10175] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 349.938397][T10175] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 349.951165][T10175] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 349.978661][T10175] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 349.990033][T10175] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 350.001447][T10175] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 350.013162][T10175] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 350.024367][T10175] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 350.034887][T10175] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 350.047765][T10175] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 350.057854][T10175] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 350.068593][T10175] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 350.080680][T10175] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 350.091279][T10175] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 350.103006][T10175] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 350.113622][T10175] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 350.123644][T10175] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 350.134333][T10175] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 350.146024][T10175] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 350.158345][T10175] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 350.167303][T10175] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 350.176241][T10175] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 350.188103][T10175] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 350.277077][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 350.292952][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 350.336048][ T3832] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 350.347604][ T3832] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 350.462776][T10372] FAULT_INJECTION: forcing a failure. [ 350.462776][T10372] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 350.482645][T10372] CPU: 0 UID: 0 PID: 10372 Comm: syz.4.1925 Not tainted 6.11.0-syzkaller-11504-g6c24a03a61a2 #0 [ 350.493095][T10372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 350.503170][T10372] Call Trace: [ 350.506485][T10372] [ 350.509420][T10372] dump_stack_lvl+0x241/0x360 [ 350.514111][T10372] ? __pfx_dump_stack_lvl+0x10/0x10 [ 350.519320][T10372] ? __pfx__printk+0x10/0x10 [ 350.523925][T10372] ? __pfx_lock_release+0x10/0x10 [ 350.528946][T10372] should_fail_ex+0x3b0/0x4e0 [ 350.533620][T10372] _copy_from_user+0x2f/0xe0 [ 350.538202][T10372] copy_msghdr_from_user+0xae/0x680 [ 350.543414][T10372] ? __pfx___might_resched+0x10/0x10 [ 350.548714][T10372] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 350.554518][T10372] ? rcu_is_watching+0x15/0xb0 [ 350.559285][T10372] ? __might_fault+0xaa/0x120 [ 350.563969][T10372] __sys_sendmmsg+0x36d/0x730 [ 350.568638][T10372] ? __pfx___sys_sendmmsg+0x10/0x10 [ 350.573839][T10372] ? __pfx_lock_release+0x10/0x10 [ 350.578872][T10372] ? kstrtouint_from_user+0x128/0x190 [ 350.584241][T10372] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 350.590126][T10372] ? ksys_write+0x229/0x2b0 [ 350.594629][T10372] ? __pfx_lock_release+0x10/0x10 [ 350.599746][T10372] ? vfs_write+0x7bf/0xc90 [ 350.604166][T10372] ? kmem_cache_free+0x1a2/0x420 [ 350.609104][T10372] ? __mutex_unlock_slowpath+0x21d/0x750 [ 350.614739][T10372] ? __fget_files+0x3f3/0x470 [ 350.619423][T10372] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 350.625424][T10372] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 350.631744][T10372] ? do_syscall_64+0x100/0x230 [ 350.636499][T10372] __x64_sys_sendmmsg+0xa0/0xb0 [ 350.641341][T10372] do_syscall_64+0xf3/0x230 [ 350.645835][T10372] ? clear_bhb_loop+0x35/0x90 [ 350.650507][T10372] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 350.656396][T10372] RIP: 0033:0x7f2c7017dff9 [ 350.660803][T10372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 350.680399][T10372] RSP: 002b:00007f2c71031038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 350.688804][T10372] RAX: ffffffffffffffda RBX: 00007f2c70335f80 RCX: 00007f2c7017dff9 [ 350.696768][T10372] RDX: 0000000000264e33 RSI: 0000000020005240 RDI: 0000000000000003 [ 350.704729][T10372] RBP: 00007f2c71031090 R08: 0000000000000000 R09: 0000000000000000 [ 350.712697][T10372] R10: 000000000000fffe R11: 0000000000000246 R12: 0000000000000002 [ 350.720659][T10372] R13: 0000000000000000 R14: 00007f2c70335f80 R15: 00007ffd926da898 [ 350.728632][T10372] [ 350.857102][ T11] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 350.930735][T10376] __nla_validate_parse: 1 callbacks suppressed [ 350.930752][T10376] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1927'. [ 350.961140][T10380] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1928'. [ 351.401746][ T54] Bluetooth: hci4: command tx timeout [ 351.489804][ T11] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 351.544433][ T11] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 351.586230][ T11] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 351.669069][ T11] bridge_slave_1: left allmulticast mode [ 351.674901][ T11] bridge_slave_1: left promiscuous mode [ 351.680611][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 351.689071][ T11] bridge_slave_0: left allmulticast mode [ 351.695102][ T11] bridge_slave_0: left promiscuous mode [ 351.700817][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 352.217153][ T5246] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 352.233070][ T5246] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 352.247992][ T5246] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 352.257677][ T5246] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 352.265407][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 352.275227][ T5246] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 352.285962][ T5246] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 352.295933][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 352.307675][ T11] bond0 (unregistering): Released all slaves [ 352.477006][T10403] lo speed is unknown, defaulting to 1000 [ 352.692221][T10423] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1942'. [ 352.701301][T10423] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1942'. [ 353.127866][ T11] hsr_slave_0: left promiscuous mode [ 353.134715][ T11] hsr_slave_1: left promiscuous mode [ 353.140630][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 353.150259][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 353.158372][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 353.165841][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 353.188265][ T11] veth1_macvtap: left promiscuous mode [ 353.196845][ T11] veth0_macvtap: left promiscuous mode [ 353.202527][ T11] veth1_vlan: left promiscuous mode [ 353.208793][ T11] veth0_vlan: left promiscuous mode [ 353.481693][ T54] Bluetooth: hci4: command tx timeout [ 353.680668][ T11] team0 (unregistering): Port device team_slave_1 removed [ 353.733389][ T11] team0 (unregistering): Port device team_slave_0 removed [ 354.256788][T10403] chnl_net:caif_netlink_parms(): no params data found [ 354.310228][T10467] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1955'. [ 354.321431][T10467] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1955'. [ 354.370643][ T54] Bluetooth: hci3: command tx timeout [ 354.436425][T10473] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1957'. [ 354.465926][T10475] openvswitch: netlink: Message has 8 unknown bytes. [ 354.477868][T10475] openvswitch: netlink: Actions may not be safe on all matching packets [ 354.495997][T10475] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1956'. [ 354.537472][T10403] bridge0: port 1(bridge_slave_0) entered blocking state [ 354.546024][T10403] bridge0: port 1(bridge_slave_0) entered disabled state [ 354.553343][T10403] bridge_slave_0: entered allmulticast mode [ 354.560327][T10403] bridge_slave_0: entered promiscuous mode [ 354.568231][T10403] bridge0: port 2(bridge_slave_1) entered blocking state [ 354.575488][T10403] bridge0: port 2(bridge_slave_1) entered disabled state [ 354.582756][T10403] bridge_slave_1: entered allmulticast mode [ 354.589553][T10403] bridge_slave_1: entered promiscuous mode [ 354.815897][T10483] dccp_close: ABORT with 69 bytes unread [ 355.167875][ T54] Bluetooth: hci2: command 0x0406 tx timeout [ 355.168219][ T5234] Bluetooth: hci5: command 0x0406 tx timeout [ 355.173969][ T5245] Bluetooth: hci0: command 0x0406 tx timeout [ 356.279492][T10403] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 356.294457][T10403] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 356.304339][T10488] tipc: Enabled bearer , priority 10 [ 356.325312][T10497] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1966'. [ 356.346526][T10497] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1966'. [ 356.390297][T10499] netlink: 808 bytes leftover after parsing attributes in process `syz.4.1968'. [ 356.442632][ T5236] Bluetooth: hci3: command tx timeout [ 356.505408][T10403] team0: Port device team_slave_0 added [ 356.542076][T10507] netlink: 'syz.4.1972': attribute type 2 has an invalid length. [ 356.567387][T10507] *Ç+: renamed from ipvlan1 [ 356.580789][T10403] team0: Port device team_slave_1 added [ 356.640057][T10403] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 356.657811][T10403] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 356.685748][T10403] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 356.726664][T10515] bridge0: port 1(bridge_slave_0) entered disabled state [ 356.743071][T10515] bridge0: port 2(bridge_slave_1) entered disabled state [ 356.792074][T10525] FAULT_INJECTION: forcing a failure. [ 356.792074][T10525] name failslab, interval 1, probability 0, space 0, times 0 [ 356.809005][T10525] CPU: 0 UID: 0 PID: 10525 Comm: syz.4.1976 Not tainted 6.11.0-syzkaller-11504-g6c24a03a61a2 #0 [ 356.818127][T10403] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 356.819433][T10525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 356.826439][T10403] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 356.836377][T10525] Call Trace: [ 356.836387][T10525] [ 356.836396][T10525] dump_stack_lvl+0x241/0x360 [ 356.836430][T10525] ? __pfx_dump_stack_lvl+0x10/0x10 [ 356.863934][T10403] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 356.865521][T10525] ? __pfx__printk+0x10/0x10 [ 356.893348][T10525] ? kmem_cache_alloc_node_noprof+0x49/0x320 [ 356.899330][T10525] ? __pfx___might_resched+0x10/0x10 [ 356.904607][T10525] ? aa_label_sk_perm+0x4f3/0x6c0 [ 356.909629][T10525] should_fail_ex+0x3b0/0x4e0 [ 356.914302][T10525] should_failslab+0xac/0x100 [ 356.918971][T10525] ? __alloc_skb+0x1c3/0x440 [ 356.923557][T10525] kmem_cache_alloc_node_noprof+0x71/0x320 [ 356.929358][T10525] __alloc_skb+0x1c3/0x440 [ 356.933775][T10525] ? __pfx___alloc_skb+0x10/0x10 [ 356.938714][T10525] netlink_sendmsg+0x638/0xcb0 [ 356.943487][T10525] ? __pfx_netlink_sendmsg+0x10/0x10 [ 356.948799][T10525] ? aa_sock_msg_perm+0x91/0x160 [ 356.953732][T10525] ? __pfx_netlink_sendmsg+0x10/0x10 [ 356.959017][T10525] __sock_sendmsg+0x221/0x270 [ 356.963699][T10525] ____sys_sendmsg+0x52a/0x7e0 [ 356.968467][T10525] ? __pfx_____sys_sendmsg+0x10/0x10 [ 356.973753][T10525] __sys_sendmsg+0x292/0x380 [ 356.978333][T10525] ? __pfx___sys_sendmsg+0x10/0x10 [ 356.983441][T10525] ? __pfx_vfs_write+0x10/0x10 [ 356.988223][T10525] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 356.994546][T10525] ? do_syscall_64+0x100/0x230 [ 356.999303][T10525] ? do_syscall_64+0xb6/0x230 [ 357.003975][T10525] do_syscall_64+0xf3/0x230 [ 357.008468][T10525] ? clear_bhb_loop+0x35/0x90 [ 357.013134][T10525] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 357.019022][T10525] RIP: 0033:0x7f2c7017dff9 [ 357.023426][T10525] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 357.043028][T10525] RSP: 002b:00007f2c71031038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 357.051436][T10525] RAX: ffffffffffffffda RBX: 00007f2c70335f80 RCX: 00007f2c7017dff9 [ 357.059408][T10525] RDX: 0000000000000000 RSI: 0000000020000d40 RDI: 0000000000000005 [ 357.067376][T10525] RBP: 00007f2c71031090 R08: 0000000000000000 R09: 0000000000000000 [ 357.075337][T10525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 357.083305][T10525] R13: 0000000000000000 R14: 00007f2c70335f80 R15: 00007ffd926da898 [ 357.091278][T10525] [ 357.287472][T10403] hsr_slave_0: entered promiscuous mode [ 357.310918][T10403] hsr_slave_1: entered promiscuous mode [ 357.329107][T10541] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1981'. [ 357.339356][T10403] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 357.347245][T10403] Cannot create hsr debugfs directory [ 357.523142][T10551] netlink: 'syz.0.1984': attribute type 10 has an invalid length. [ 357.536778][T10551] netlink: 212848 bytes leftover after parsing attributes in process `syz.0.1984'. [ 357.664346][T10562] FAULT_INJECTION: forcing a failure. [ 357.664346][T10562] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 357.678873][T10562] CPU: 1 UID: 0 PID: 10562 Comm: syz.2.1990 Not tainted 6.11.0-syzkaller-11504-g6c24a03a61a2 #0 [ 357.689318][T10562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 357.699390][T10562] Call Trace: [ 357.702682][T10562] [ 357.705623][T10562] dump_stack_lvl+0x241/0x360 [ 357.710326][T10562] ? __pfx_dump_stack_lvl+0x10/0x10 [ 357.715535][T10562] ? __pfx__printk+0x10/0x10 [ 357.720130][T10562] should_fail_ex+0x3b0/0x4e0 [ 357.724806][T10562] _copy_from_user+0x2f/0xe0 [ 357.729388][T10562] move_addr_to_kernel+0x82/0x150 [ 357.734411][T10562] __sys_connect+0xc1/0x300 [ 357.738916][T10562] ? __pfx___sys_connect+0x10/0x10 [ 357.744030][T10562] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 357.750352][T10562] ? do_syscall_64+0x100/0x230 [ 357.755111][T10562] __x64_sys_connect+0x7a/0x90 [ 357.759876][T10562] do_syscall_64+0xf3/0x230 [ 357.764372][T10562] ? clear_bhb_loop+0x35/0x90 [ 357.769039][T10562] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 357.774930][T10562] RIP: 0033:0x7f2103d7dff9 [ 357.779336][T10562] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 357.798945][T10562] RSP: 002b:00007f2104b05038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 357.807355][T10562] RAX: ffffffffffffffda RBX: 00007f2103f35f80 RCX: 00007f2103d7dff9 [ 357.815320][T10562] RDX: 000000000000001c RSI: 0000000020000000 RDI: 0000000000000004 [ 357.823282][T10562] RBP: 00007f2104b05090 R08: 0000000000000000 R09: 0000000000000000 [ 357.831244][T10562] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 357.839205][T10562] R13: 0000000000000000 R14: 00007f2103f35f80 R15: 00007ffeaf3ea678 [ 357.847179][T10562] [ 357.891373][T10565] mac80211_hwsim hwsim19 wlan1: entered allmulticast mode [ 357.940380][ T2488] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 357.957217][ T2488] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 358.103027][T10575] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1995'. [ 358.145930][T10403] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 358.174248][T10403] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 358.194247][T10403] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 358.220439][T10403] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 358.353404][T10403] 8021q: adding VLAN 0 to HW filter on device bond0 [ 358.369760][T10403] 8021q: adding VLAN 0 to HW filter on device team0 [ 358.393000][ T63] bridge0: port 1(bridge_slave_0) entered blocking state [ 358.400101][ T63] bridge0: port 1(bridge_slave_0) entered forwarding state [ 358.428853][ T63] bridge0: port 2(bridge_slave_1) entered blocking state [ 358.436025][ T63] bridge0: port 2(bridge_slave_1) entered forwarding state [ 358.452819][T10590] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2002'. [ 358.484519][T10589] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2003'. [ 358.523721][ T5236] Bluetooth: hci3: command tx timeout [ 358.527561][T10403] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 358.539790][T10403] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 358.714791][T10403] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 358.746731][T10606] netlink: 'syz.4.2009': attribute type 4 has an invalid length. [ 358.826728][T10403] veth0_vlan: entered promiscuous mode [ 358.879056][T10403] veth1_vlan: entered promiscuous mode [ 358.931427][T10403] veth0_macvtap: entered promiscuous mode [ 358.951118][T10403] veth1_macvtap: entered promiscuous mode [ 358.972320][T10403] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 358.989867][T10403] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 359.007774][T10403] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 359.018374][T10403] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 359.031393][T10403] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 359.042096][T10403] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 359.052936][T10403] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 359.071553][T10403] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 359.089766][T10403] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 359.109414][T10403] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 359.132545][T10403] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 359.142561][T10403] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 359.153795][T10403] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 359.164661][T10403] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 359.184470][T10403] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 359.195559][T10403] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 359.206970][T10403] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 359.218307][T10403] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 359.228909][T10403] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 359.241329][T10403] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 359.261893][T10403] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 359.271169][T10403] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 359.284967][T10403] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 359.293718][T10403] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 359.380920][ T2488] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 359.396677][ T2488] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 359.430727][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 359.439282][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 359.446134][T10626] FAULT_INJECTION: forcing a failure. [ 359.446134][T10626] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 359.460580][T10626] CPU: 1 UID: 0 PID: 10626 Comm: syz.2.2015 Not tainted 6.11.0-syzkaller-11504-g6c24a03a61a2 #0 [ 359.471019][T10626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 359.481094][T10626] Call Trace: [ 359.484393][T10626] [ 359.487334][T10626] dump_stack_lvl+0x241/0x360 [ 359.492018][T10626] ? __pfx_dump_stack_lvl+0x10/0x10 [ 359.497215][T10626] ? __pfx__printk+0x10/0x10 [ 359.501811][T10626] should_fail_ex+0x3b0/0x4e0 [ 359.506487][T10626] _copy_from_user+0x2f/0xe0 [ 359.511070][T10626] move_addr_to_kernel+0x82/0x150 [ 359.516092][T10626] __sys_sendto+0x29f/0x4f0 [ 359.520599][T10626] ? __pfx___sys_sendto+0x10/0x10 [ 359.525621][T10626] ? __mutex_unlock_slowpath+0x21d/0x750 [ 359.531265][T10626] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 359.537243][T10626] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 359.543571][T10626] __x64_sys_sendto+0xde/0x100 [ 359.548333][T10626] do_syscall_64+0xf3/0x230 [ 359.552830][T10626] ? clear_bhb_loop+0x35/0x90 [ 359.557496][T10626] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 359.563384][T10626] RIP: 0033:0x7f2103d7dff9 [ 359.567792][T10626] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 359.587390][T10626] RSP: 002b:00007f2104b05038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 359.595796][T10626] RAX: ffffffffffffffda RBX: 00007f2103f35f80 RCX: 00007f2103d7dff9 [ 359.603760][T10626] RDX: 0000000000000002 RSI: 0000000020000200 RDI: 0000000000000003 [ 359.611721][T10626] RBP: 00007f2104b05090 R08: 0000000020b63fe4 R09: 000000000000001c [ 359.619685][T10626] R10: 0000000020004002 R11: 0000000000000246 R12: 0000000000000001 [ 359.627652][T10626] R13: 0000000000000000 R14: 00007f2103f35f80 R15: 00007ffeaf3ea678 [ 359.635627][T10626] [ 360.910243][T10669] infiniband syz0: set active [ 360.919949][T10669] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 360.951846][ T5282] lo speed is unknown, defaulting to 1000 [ 360.999503][T10676] xt_policy: too many policy elements [ 361.006502][T10678] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2036'. [ 361.238795][T10690] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2040'. [ 361.301325][ T63] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 362.395685][T10699] FAULT_INJECTION: forcing a failure. [ 362.395685][T10699] name failslab, interval 1, probability 0, space 0, times 0 [ 362.408377][T10699] CPU: 1 UID: 0 PID: 10699 Comm: syz.0.2043 Not tainted 6.11.0-syzkaller-11504-g6c24a03a61a2 #0 [ 362.418811][T10699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 362.428885][T10699] Call Trace: [ 362.432177][T10699] [ 362.435126][T10699] dump_stack_lvl+0x241/0x360 [ 362.439829][T10699] ? __pfx_dump_stack_lvl+0x10/0x10 [ 362.445054][T10699] ? __pfx__printk+0x10/0x10 [ 362.449672][T10699] ? __kmalloc_noprof+0xb0/0x400 [ 362.454634][T10699] ? __pfx___might_resched+0x10/0x10 [ 362.459946][T10699] should_fail_ex+0x3b0/0x4e0 [ 362.464648][T10699] ? genl_family_rcv_msg_attrs_parse+0xa3/0x290 [ 362.470912][T10699] should_failslab+0xac/0x100 [ 362.475610][T10699] ? genl_family_rcv_msg_attrs_parse+0xa3/0x290 [ 362.481871][T10699] __kmalloc_noprof+0xd8/0x400 [ 362.486658][T10699] ? apparmor_capable+0x13b/0x1b0 [ 362.491717][T10699] genl_family_rcv_msg_attrs_parse+0xa3/0x290 [ 362.497805][T10699] genl_rcv_msg+0x802/0xec0 [ 362.502309][T10699] ? mark_lock+0x9a/0x360 [ 362.506639][T10699] ? __pfx_genl_rcv_msg+0x10/0x10 [ 362.511677][T10699] ? __pfx_lock_acquire+0x10/0x10 [ 362.516696][T10699] ? __pfx_netlbl_unlabel_staticadddef+0x10/0x10 [ 362.523021][T10699] ? __pfx___might_resched+0x10/0x10 [ 362.528397][T10699] netlink_rcv_skb+0x1e3/0x430 [ 362.533160][T10699] ? __pfx_genl_rcv_msg+0x10/0x10 [ 362.538181][T10699] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 362.543488][T10699] genl_rcv+0x28/0x40 [ 362.547463][T10699] netlink_unicast+0x7f6/0x990 [ 362.552227][T10699] ? __pfx_netlink_unicast+0x10/0x10 [ 362.557503][T10699] ? __virt_addr_valid+0x183/0x530 [ 362.562606][T10699] ? __check_object_size+0x48e/0x900 [ 362.567889][T10699] netlink_sendmsg+0x8e4/0xcb0 [ 362.572657][T10699] ? __pfx_netlink_sendmsg+0x10/0x10 [ 362.578027][T10699] ? aa_sock_msg_perm+0x91/0x160 [ 362.582959][T10699] ? __pfx_netlink_sendmsg+0x10/0x10 [ 362.588248][T10699] __sock_sendmsg+0x221/0x270 [ 362.592927][T10699] ____sys_sendmsg+0x52a/0x7e0 [ 362.597691][T10699] ? __pfx_____sys_sendmsg+0x10/0x10 [ 362.602981][T10699] __sys_sendmsg+0x292/0x380 [ 362.607563][T10699] ? __pfx___sys_sendmsg+0x10/0x10 [ 362.612681][T10699] ? __pfx_vfs_write+0x10/0x10 [ 362.617460][T10699] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 362.623782][T10699] ? do_syscall_64+0x100/0x230 [ 362.628541][T10699] ? do_syscall_64+0xb6/0x230 [ 362.633210][T10699] do_syscall_64+0xf3/0x230 [ 362.637704][T10699] ? clear_bhb_loop+0x35/0x90 [ 362.642374][T10699] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 362.648260][T10699] RIP: 0033:0x7f5540d7dff9 [ 362.652667][T10699] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 362.672263][T10699] RSP: 002b:00007f5541c58038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 362.680670][T10699] RAX: ffffffffffffffda RBX: 00007f5540f35f80 RCX: 00007f5540d7dff9 [ 362.688636][T10699] RDX: 0000000000000000 RSI: 0000000020000d40 RDI: 0000000000000005 [ 362.696605][T10699] RBP: 00007f5541c58090 R08: 0000000000000000 R09: 0000000000000000 [ 362.704570][T10699] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 362.712530][T10699] R13: 0000000000000000 R14: 00007f5540f35f80 R15: 00007ffea5912628 [ 362.720507][T10699] [ 362.940120][T10717] netlink: 'syz.2.2049': attribute type 1 has an invalid length. [ 362.949812][T10717] netlink: 9348 bytes leftover after parsing attributes in process `syz.2.2049'. [ 362.964721][ T5246] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 362.974195][ T5246] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 362.979181][T10720] netlink: 'syz.1.2050': attribute type 9 has an invalid length. [ 362.982155][ T5246] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 362.993901][T10720] netlink: 134712 bytes leftover after parsing attributes in process `syz.1.2050'. [ 362.998927][ T5246] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 363.014528][ T5246] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 363.021916][ T5246] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 363.066743][T10718] lo speed is unknown, defaulting to 1000 [ 363.145286][ T63] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 363.254474][ T63] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 363.399906][ T63] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 363.445227][T10738] FAULT_INJECTION: forcing a failure. [ 363.445227][T10738] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 363.477047][T10741] FAULT_INJECTION: forcing a failure. [ 363.477047][T10741] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 363.490375][T10741] CPU: 1 UID: 0 PID: 10741 Comm: syz.1.2057 Not tainted 6.11.0-syzkaller-11504-g6c24a03a61a2 #0 [ 363.500814][T10741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 363.510885][T10741] Call Trace: [ 363.514180][T10741] [ 363.517121][T10741] dump_stack_lvl+0x241/0x360 [ 363.521832][T10741] ? __pfx_dump_stack_lvl+0x10/0x10 [ 363.527052][T10741] ? __pfx__printk+0x10/0x10 [ 363.531665][T10741] ? __pfx_lock_release+0x10/0x10 [ 363.536719][T10741] should_fail_ex+0x3b0/0x4e0 [ 363.541431][T10741] _copy_from_user+0x2f/0xe0 [ 363.546046][T10741] copy_msghdr_from_user+0xae/0x680 [ 363.551280][T10741] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 363.557124][T10741] __sys_sendmsg+0x22d/0x380 [ 363.561739][T10741] ? __pfx___sys_sendmsg+0x10/0x10 [ 363.566875][T10741] ? __pfx_vfs_write+0x10/0x10 [ 363.571683][T10741] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 363.574890][T10718] chnl_net:caif_netlink_parms(): no params data found [ 363.578366][T10741] ? do_syscall_64+0x100/0x230 [ 363.578392][T10741] ? do_syscall_64+0xb6/0x230 [ 363.594570][T10741] do_syscall_64+0xf3/0x230 [ 363.599079][T10741] ? clear_bhb_loop+0x35/0x90 [ 363.603768][T10741] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 363.609683][T10741] RIP: 0033:0x7f0b01b7dff9 [ 363.614113][T10741] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 363.633736][T10741] RSP: 002b:00007f0b029eb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 363.642185][T10741] RAX: ffffffffffffffda RBX: 00007f0b01d35f80 RCX: 00007f0b01b7dff9 [ 363.650172][T10741] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 363.658156][T10741] RBP: 00007f0b029eb090 R08: 0000000000000000 R09: 0000000000000000 [ 363.666139][T10741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 363.674214][T10741] R13: 0000000000000000 R14: 00007f0b01d35f80 R15: 00007fff58c90a68 [ 363.682210][T10741] [ 363.685229][T10738] CPU: 0 UID: 0 PID: 10738 Comm: syz.4.2055 Not tainted 6.11.0-syzkaller-11504-g6c24a03a61a2 #0 [ 363.695662][T10738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 363.705726][T10738] Call Trace: [ 363.709001][T10738] [ 363.711926][T10738] dump_stack_lvl+0x241/0x360 [ 363.716615][T10738] ? __pfx_dump_stack_lvl+0x10/0x10 [ 363.721824][T10738] ? __pfx__printk+0x10/0x10 [ 363.726413][T10738] ? __pfx_lock_release+0x10/0x10 [ 363.731439][T10738] should_fail_ex+0x3b0/0x4e0 [ 363.736119][T10738] _copy_from_user+0x2f/0xe0 [ 363.740711][T10738] copy_msghdr_from_user+0xae/0x680 [ 363.745912][T10738] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 363.751726][T10738] __sys_sendmsg+0x22d/0x380 [ 363.756310][T10738] ? __pfx___sys_sendmsg+0x10/0x10 [ 363.761420][T10738] ? __pfx_vfs_write+0x10/0x10 [ 363.766200][T10738] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 363.772528][T10738] ? do_syscall_64+0x100/0x230 [ 363.777287][T10738] ? do_syscall_64+0xb6/0x230 [ 363.781959][T10738] do_syscall_64+0xf3/0x230 [ 363.786456][T10738] ? clear_bhb_loop+0x35/0x90 [ 363.791126][T10738] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 363.797017][T10738] RIP: 0033:0x7f2c7017dff9 [ 363.801426][T10738] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 363.821030][T10738] RSP: 002b:00007f2c71031038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 363.829444][T10738] RAX: ffffffffffffffda RBX: 00007f2c70335f80 RCX: 00007f2c7017dff9 [ 363.837413][T10738] RDX: 0000000000000000 RSI: 00000000200003c0 RDI: 0000000000000004 [ 363.845391][T10738] RBP: 00007f2c71031090 R08: 0000000000000000 R09: 0000000000000000 [ 363.853357][T10738] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 363.861321][T10738] R13: 0000000000000000 R14: 00007f2c70335f80 R15: 00007ffd926da898 [ 363.869297][T10738] [ 364.190486][T10769] FAULT_INJECTION: forcing a failure. [ 364.190486][T10769] name failslab, interval 1, probability 0, space 0, times 0 [ 364.198022][ T5282] IPVS: starting estimator thread 0... [ 364.231639][T10769] CPU: 0 UID: 0 PID: 10769 Comm: syz.0.2067 Not tainted 6.11.0-syzkaller-11504-g6c24a03a61a2 #0 [ 364.242102][T10769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 364.252177][T10769] Call Trace: [ 364.255474][T10769] [ 364.258422][T10769] dump_stack_lvl+0x241/0x360 [ 364.263137][T10769] ? __pfx_dump_stack_lvl+0x10/0x10 [ 364.268368][T10769] ? __pfx__printk+0x10/0x10 [ 364.273002][T10769] ? __pfx_lock_acquire+0x10/0x10 [ 364.278062][T10769] should_fail_ex+0x3b0/0x4e0 [ 364.282774][T10769] should_failslab+0xac/0x100 [ 364.287474][T10769] ? netlbl_unlhsh_add+0x3bb/0x1370 [ 364.292702][T10769] __kmalloc_cache_noprof+0x6c/0x2c0 [ 364.298025][T10769] netlbl_unlhsh_add+0x3bb/0x1370 [ 364.303076][T10769] ? __pfx___nla_validate_parse+0x10/0x10 [ 364.308825][T10769] ? netlbl_unlhsh_add+0x12f/0x1370 [ 364.314051][T10769] ? __pfx_netlbl_unlhsh_add+0x10/0x10 [ 364.319550][T10769] netlbl_unlabel_staticadddef+0x58f/0x750 [ 364.320635][T10778] FAULT_INJECTION: forcing a failure. [ 364.320635][T10778] name failslab, interval 1, probability 0, space 0, times 0 [ 364.325367][T10769] ? __pfx_netlbl_unlabel_staticadddef+0x10/0x10 [ 364.325415][T10769] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 364.325447][T10769] genl_rcv_msg+0xb14/0xec0 [ 364.325466][T10769] ? mark_lock+0x9a/0x360 [ 364.359646][T10769] ? __pfx_genl_rcv_msg+0x10/0x10 [ 364.364702][T10769] ? __pfx_lock_acquire+0x10/0x10 [ 364.369744][T10769] ? __pfx_netlbl_unlabel_staticadddef+0x10/0x10 [ 364.376082][T10769] ? __pfx___might_resched+0x10/0x10 [ 364.381384][T10769] netlink_rcv_skb+0x1e3/0x430 [ 364.386159][T10769] ? __pfx_genl_rcv_msg+0x10/0x10 [ 364.391193][T10769] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 364.392178][T10771] IPVS: using max 19 ests per chain, 45600 per kthread [ 364.396501][T10769] genl_rcv+0x28/0x40 [ 364.407460][T10769] netlink_unicast+0x7f6/0x990 [ 364.412249][T10769] ? __pfx_netlink_unicast+0x10/0x10 [ 364.417549][T10769] ? __virt_addr_valid+0x183/0x530 [ 364.422667][T10769] ? __check_object_size+0x48e/0x900 [ 364.427958][T10769] netlink_sendmsg+0x8e4/0xcb0 [ 364.432752][T10769] ? __pfx_netlink_sendmsg+0x10/0x10 [ 364.438057][T10769] ? aa_sock_msg_perm+0x91/0x160 [ 364.443010][T10769] ? __pfx_netlink_sendmsg+0x10/0x10 [ 364.448320][T10769] __sock_sendmsg+0x221/0x270 [ 364.453015][T10769] ____sys_sendmsg+0x52a/0x7e0 [ 364.457790][T10769] ? __pfx_____sys_sendmsg+0x10/0x10 [ 364.463092][T10769] __sys_sendmsg+0x292/0x380 [ 364.467687][T10769] ? __pfx___sys_sendmsg+0x10/0x10 [ 364.472815][T10769] ? __pfx_vfs_write+0x10/0x10 [ 364.477613][T10769] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 364.483953][T10769] ? do_syscall_64+0x100/0x230 [ 364.488727][T10769] ? do_syscall_64+0xb6/0x230 [ 364.493416][T10769] do_syscall_64+0xf3/0x230 [ 364.497932][T10769] ? clear_bhb_loop+0x35/0x90 [ 364.502614][T10769] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 364.508517][T10769] RIP: 0033:0x7f5540d7dff9 [ 364.512940][T10769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 364.532553][T10769] RSP: 002b:00007f5541c58038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 364.540984][T10769] RAX: ffffffffffffffda RBX: 00007f5540f35f80 RCX: 00007f5540d7dff9 [ 364.548969][T10769] RDX: 0000000000000000 RSI: 0000000020000d40 RDI: 0000000000000005 [ 364.556961][T10769] RBP: 00007f5541c58090 R08: 0000000000000000 R09: 0000000000000000 [ 364.564946][T10769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 364.572945][T10769] R13: 0000000000000000 R14: 00007f5540f35f80 R15: 00007ffea5912628 [ 364.580950][T10769] [ 364.583983][T10778] CPU: 1 UID: 0 PID: 10778 Comm: syz.1.2070 Not tainted 6.11.0-syzkaller-11504-g6c24a03a61a2 #0 [ 364.594423][T10778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 364.604488][T10778] Call Trace: [ 364.607762][T10778] [ 364.610687][T10778] dump_stack_lvl+0x241/0x360 [ 364.615376][T10778] ? __pfx_dump_stack_lvl+0x10/0x10 [ 364.620581][T10778] ? __pfx__printk+0x10/0x10 [ 364.625188][T10778] should_fail_ex+0x3b0/0x4e0 [ 364.629872][T10778] should_failslab+0xac/0x100 [ 364.634548][T10778] ? sctp_add_bind_addr+0x89/0x3a0 [ 364.639661][T10778] __kmalloc_cache_noprof+0x6c/0x2c0 [ 364.644958][T10778] sctp_add_bind_addr+0x89/0x3a0 [ 364.649904][T10778] sctp_copy_local_addr_list+0x311/0x500 [ 364.655533][T10778] ? sctp_copy_local_addr_list+0xab/0x500 [ 364.661244][T10778] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 364.667394][T10778] ? sctp_v4_is_any+0x35/0x60 [ 364.672072][T10778] sctp_bind_addr_copy+0xad/0x3b0 [ 364.677092][T10778] ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190 [ 364.683419][T10778] sctp_connect_new_asoc+0x2f3/0x6c0 [ 364.688702][T10778] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 364.694502][T10778] ? sctp_sendmsg+0xbb9/0x3520 [ 364.699267][T10778] ? sctp_endpoint_lookup_assoc+0x7c/0x250 [ 364.705074][T10778] ? sctp_endpoint_lookup_assoc+0x217/0x250 [ 364.710961][T10778] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 364.716512][T10778] sctp_sendmsg+0x219a/0x3520 [ 364.721197][T10778] ? aa_sk_perm+0x96d/0xab0 [ 364.725700][T10778] ? __pfx_sctp_sendmsg+0x10/0x10 [ 364.730727][T10778] ? __pfx_aa_sk_perm+0x10/0x10 [ 364.735578][T10778] ? inet_sendmsg+0x330/0x390 [ 364.740256][T10778] __sock_sendmsg+0x1a6/0x270 [ 364.744936][T10778] __sys_sendto+0x39b/0x4f0 [ 364.749447][T10778] ? __pfx___sys_sendto+0x10/0x10 [ 364.754468][T10778] ? __mutex_unlock_slowpath+0x21d/0x750 [ 364.760114][T10778] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 364.766098][T10778] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 364.772434][T10778] __x64_sys_sendto+0xde/0x100 [ 364.777227][T10778] do_syscall_64+0xf3/0x230 [ 364.781731][T10778] ? clear_bhb_loop+0x35/0x90 [ 364.786402][T10778] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 364.792290][T10778] RIP: 0033:0x7f0b01b7dff9 [ 364.796700][T10778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 364.816302][T10778] RSP: 002b:00007f0b029eb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 364.824715][T10778] RAX: ffffffffffffffda RBX: 00007f0b01d35f80 RCX: 00007f0b01b7dff9 [ 364.832683][T10778] RDX: 0000000000000001 RSI: 0000000020000100 RDI: 0000000000000003 [ 364.840648][T10778] RBP: 00007f0b029eb090 R08: 0000000020000000 R09: 0000000000000010 [ 364.848618][T10778] R10: e61e2840a154b0c0 R11: 0000000000000246 R12: 0000000000000002 [ 364.856588][T10778] R13: 0000000000000000 R14: 00007f0b01d35f80 R15: 00007fff58c90a68 [ 364.864570][T10778] [ 364.907782][T10772] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 364.912016][ T63] bridge_slave_1: left allmulticast mode [ 364.924406][ T63] bridge_slave_1: left promiscuous mode [ 364.930140][ T63] bridge0: port 2(bridge_slave_1) entered disabled state [ 364.959742][ T63] bridge_slave_0: left allmulticast mode [ 364.971800][ T63] bridge_slave_0: left promiscuous mode [ 364.979613][ T63] bridge0: port 1(bridge_slave_0) entered disabled state [ 364.995116][T10785] FAULT_INJECTION: forcing a failure. [ 364.995116][T10785] name failslab, interval 1, probability 0, space 0, times 0 [ 365.011403][T10785] CPU: 1 UID: 0 PID: 10785 Comm: syz.1.2073 Not tainted 6.11.0-syzkaller-11504-g6c24a03a61a2 #0 [ 365.021854][T10785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 365.031915][T10785] Call Trace: [ 365.035196][T10785] [ 365.038116][T10785] dump_stack_lvl+0x241/0x360 [ 365.042791][T10785] ? __pfx_dump_stack_lvl+0x10/0x10 [ 365.047990][T10785] ? __pfx__printk+0x10/0x10 [ 365.052589][T10785] ? kmem_cache_alloc_node_noprof+0x49/0x320 [ 365.058574][T10785] ? __pfx___might_resched+0x10/0x10 [ 365.063948][T10785] should_fail_ex+0x3b0/0x4e0 [ 365.068621][T10785] should_failslab+0xac/0x100 [ 365.073291][T10785] ? __alloc_skb+0x1c3/0x440 [ 365.077876][T10785] kmem_cache_alloc_node_noprof+0x71/0x320 [ 365.083690][T10785] __alloc_skb+0x1c3/0x440 [ 365.088137][T10785] ? tcp_call_bpf+0x228/0x4f0 [ 365.092942][T10785] ? __pfx___alloc_skb+0x10/0x10 [ 365.097928][T10785] ? __asan_memset+0x23/0x50 [ 365.102556][T10785] tcp_stream_alloc_skb+0x3d/0x310 [ 365.107729][T10785] tcp_connect+0x11ee/0x4940 [ 365.111625][ T5246] Bluetooth: hci3: command tx timeout [ 365.112318][T10785] ? __asan_memset+0x23/0x50 [ 365.122441][T10785] ? __pfx_tcp_connect+0x10/0x10 [ 365.127375][T10785] ? __asan_memset+0x23/0x50 [ 365.131958][T10785] ? inet6_hash_connect+0x4b/0xd0 [ 365.136975][T10785] tcp_v6_connect+0x14b1/0x1e40 [ 365.141840][T10785] ? __pfx_tcp_v6_connect+0x10/0x10 [ 365.147057][T10785] ? kasan_save_track+0x3f/0x80 [ 365.151931][T10785] ? __kasan_kmalloc+0x98/0xb0 [ 365.156740][T10785] __inet_stream_connect+0x262/0xf30 [ 365.162066][T10785] ? __pfx___inet_stream_connect+0x10/0x10 [ 365.167894][T10785] ? __kasan_kmalloc+0x98/0xb0 [ 365.172654][T10785] ? tcp_sendmsg_fastopen+0x1d8/0x5d0 [ 365.178364][T10785] ? __kmalloc_cache_noprof+0x19c/0x2c0 [ 365.183919][T10785] tcp_sendmsg_fastopen+0x3a2/0x5d0 [ 365.189140][T10785] tcp_sendmsg_locked+0x4a23/0x50a0 [ 365.194333][T10785] ? __lock_acquire+0x1384/0x2050 [ 365.199365][T10785] ? mark_lock+0x9a/0x360 [ 365.203701][T10785] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 365.209682][T10785] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 365.216009][T10785] ? lockdep_hardirqs_on+0x99/0x150 [ 365.221216][T10785] ? __pfx_tcp_sendmsg_locked+0x10/0x10 [ 365.226757][T10785] ? __local_bh_enable_ip+0x168/0x200 [ 365.232145][T10785] ? do_raw_spin_unlock+0x13c/0x8b0 [ 365.237358][T10785] tcp_sendmsg+0x30/0x50 [ 365.241605][T10785] __sock_sendmsg+0xef/0x270 [ 365.246219][T10785] __sys_sendto+0x39b/0x4f0 [ 365.250726][T10785] ? __pfx___sys_sendto+0x10/0x10 [ 365.255745][T10785] ? __mutex_unlock_slowpath+0x21d/0x750 [ 365.261381][T10785] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 365.267354][T10785] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 365.273685][T10785] __x64_sys_sendto+0xde/0x100 [ 365.278457][T10785] do_syscall_64+0xf3/0x230 [ 365.282979][T10785] ? clear_bhb_loop+0x35/0x90 [ 365.287665][T10785] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 365.293553][T10785] RIP: 0033:0x7f0b01b7dff9 [ 365.297960][T10785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 365.317558][T10785] RSP: 002b:00007f0b029eb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 365.325968][T10785] RAX: ffffffffffffffda RBX: 00007f0b01d35f80 RCX: 00007f0b01b7dff9 [ 365.333938][T10785] RDX: 0000000000000002 RSI: 0000000020000200 RDI: 0000000000000003 [ 365.341915][T10785] RBP: 00007f0b029eb090 R08: 0000000020b63fe4 R09: 000000000000001c [ 365.349893][T10785] R10: 0000000020004002 R11: 0000000000000246 R12: 0000000000000001 [ 365.357865][T10785] R13: 0000000000000000 R14: 00007f0b01d35f80 R15: 00007fff58c90a68 [ 365.365838][T10785] [ 365.756253][ T63] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 365.767742][ T63] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 365.778273][ T63] bond0 (unregistering): Released all slaves [ 365.806867][T10718] bridge0: port 1(bridge_slave_0) entered blocking state [ 365.824284][T10718] bridge0: port 1(bridge_slave_0) entered disabled state [ 365.843551][T10718] bridge_slave_0: entered allmulticast mode [ 365.862138][T10718] bridge_slave_0: entered promiscuous mode [ 365.888737][T10718] bridge0: port 2(bridge_slave_1) entered blocking state [ 365.897011][T10718] bridge0: port 2(bridge_slave_1) entered disabled state [ 365.912169][T10718] bridge_slave_1: entered allmulticast mode [ 365.919672][T10718] bridge_slave_1: entered promiscuous mode [ 365.939032][T10800] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2078'. [ 365.997357][T10804] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 366.022991][T10804] x_tables: ip_tables: DNAT target: used from hooks POSTROUTING, but only usable from PREROUTING/OUTPUT [ 366.051409][T10803] sch_tbf: burst 88 is lower than device veth3 mtu (1514) ! [ 366.051663][T10800] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2078'. [ 366.103796][T10718] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 366.227618][T10718] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 366.271058][T10718] team0: Port device team_slave_0 added [ 366.357269][T10718] team0: Port device team_slave_1 added [ 366.627729][ T63] hsr_slave_0: left promiscuous mode [ 366.703899][ T63] hsr_slave_1: left promiscuous mode [ 366.722624][ T63] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 366.746642][ T63] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 366.787925][ T63] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 366.810757][ T63] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 366.845955][T10832] openvswitch: netlink: Unknown nsh attribute 0 [ 366.897092][ T63] veth1_macvtap: left promiscuous mode [ 366.908573][ T63] veth0_macvtap: left promiscuous mode [ 366.924838][ T63] veth1_vlan: left promiscuous mode [ 366.933100][ T63] veth0_vlan: left promiscuous mode [ 367.202175][ T5246] Bluetooth: hci3: command tx timeout [ 368.369934][ T63] team0 (unregistering): Port device team_slave_1 removed [ 368.468717][ T63] team0 (unregistering): Port device team_slave_0 removed [ 369.244117][ T5246] Bluetooth: hci3: command tx timeout [ 369.739143][T10718] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 369.766094][T10718] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 369.884897][T10718] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 369.943230][T10843] netlink: 'syz.4.2093': attribute type 49 has an invalid length. [ 369.993317][T10849] xt_SECMARK: invalid mode: 0 [ 370.044855][T10718] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 370.062431][ T5282] ip6_tunnel: ip6gretap0: Local routing loop detected! [ 370.091228][T10718] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 370.225487][T10718] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 370.383612][ T5283] ip6_tunnel: ip6gretap0: Local routing loop detected! [ 370.467457][T10718] hsr_slave_0: entered promiscuous mode [ 370.509408][T10718] hsr_slave_1: entered promiscuous mode [ 370.561701][T10718] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 370.581875][T10718] Cannot create hsr debugfs directory [ 370.786320][T10863] netlink: 'syz.0.2101': attribute type 1 has an invalid length. [ 370.873844][T10865] bridge0: port 1(bridge_slave_0) entered disabled state [ 370.886181][T10865] bridge0: port 2(bridge_slave_1) entered disabled state [ 371.104558][T10866] bond1: (slave veth1_to_hsr): Enslaving as a backup interface with an up link [ 371.331899][ T5246] Bluetooth: hci3: command tx timeout [ 372.062961][T10907] netlink: 156 bytes leftover after parsing attributes in process `syz.1.2116'. [ 372.327903][T10914] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2118'. [ 372.342235][T10914] netlink: 'syz.0.2118': attribute type 7 has an invalid length. [ 372.350190][T10914] netlink: 'syz.0.2118': attribute type 8 has an invalid length. [ 372.366465][T10914] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2118'. [ 373.563784][ C1] ip6_tunnel: ip6gretap0: Local routing loop detected! [ 374.595350][T10961] netlink: 156 bytes leftover after parsing attributes in process `syz.2.2134'. [ 378.687364][ T1268] ieee802154 phy0 wpan0: encryption failed: -22 [ 384.633634][ T5236] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 384.644554][ T5236] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 384.652364][ T5236] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 384.660321][ T5236] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 384.670375][ T5236] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 384.680511][ T5236] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 384.742934][ T5246] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 384.759751][ T5246] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 384.767763][ T5246] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 384.778236][ T5246] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 384.786920][ T5246] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 384.794319][ T5246] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 384.891924][T10953] bond0: option ad_select: unable to set because the bond device is up [ 386.183873][ T5236] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 386.201421][ T5236] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 386.210682][ T5236] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 386.218677][ T5236] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 386.228047][ T5236] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 386.235464][ T5236] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 386.359720][ T5246] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 386.378391][ T5246] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 386.390022][ T5246] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 386.398048][ T5246] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 386.405899][ T5246] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 386.414820][ T5246] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 386.761859][ T5236] Bluetooth: hci6: command tx timeout [ 386.841634][ T5236] Bluetooth: hci7: command tx timeout [ 388.281771][ T5236] Bluetooth: hci0: command tx timeout [ 388.441699][ T5236] Bluetooth: hci2: command tx timeout [ 388.841824][ T5236] Bluetooth: hci6: command tx timeout [ 388.925894][ T5236] Bluetooth: hci7: command tx timeout [ 390.361793][ T5236] Bluetooth: hci0: command tx timeout [ 390.521737][ T5236] Bluetooth: hci2: command tx timeout [ 390.921768][ T5236] Bluetooth: hci6: command tx timeout [ 391.003396][ T5236] Bluetooth: hci7: command tx timeout [ 392.449213][ T5236] Bluetooth: hci0: command tx timeout [ 392.602058][ T5236] Bluetooth: hci2: command tx timeout [ 393.001716][ T5236] Bluetooth: hci6: command tx timeout [ 393.081641][ T5236] Bluetooth: hci7: command tx timeout [ 394.521677][ T5236] Bluetooth: hci0: command tx timeout [ 394.681691][ T5236] Bluetooth: hci2: command tx timeout [ 401.247089][ T5236] Bluetooth: hci1: command 0x0406 tx timeout [ 424.189938][ T5236] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 424.199838][ T5236] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 424.208349][ T5236] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 424.216577][ T5236] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 424.224725][ T5236] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 424.233014][ T5236] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 426.281712][ T5236] Bluetooth: hci4: command tx timeout [ 428.361773][ T5236] Bluetooth: hci4: command tx timeout [ 430.442051][ T5236] Bluetooth: hci4: command tx timeout [ 432.521716][ T5236] Bluetooth: hci4: command tx timeout [ 440.127062][ T1268] ieee802154 phy0 wpan0: encryption failed: -22 [ 446.072364][ T5246] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 446.082734][ T5246] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 446.093330][ T5246] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 446.101263][ T5246] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 446.108973][ T5246] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 446.117622][ T5246] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 446.562234][ T5236] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 446.570893][ T5236] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 446.580457][ T5236] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 446.588363][ T5236] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 446.596064][ T5236] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 446.603811][ T5236] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 446.850995][ T5236] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 446.859901][ T5236] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 446.868713][ T5236] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 446.878010][ T5236] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 446.885680][ T5236] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 446.893129][ T5236] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 446.930245][ T5246] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 446.941302][ T5246] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 446.952369][ T5246] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 446.960368][ T5246] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 446.970216][ T5246] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 446.982008][ T5246] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 448.201672][ T5236] Bluetooth: hci5: command tx timeout [ 448.681744][ T5236] Bluetooth: hci8: command tx timeout [ 448.921843][ T5236] Bluetooth: hci9: command tx timeout [ 449.081733][ T5236] Bluetooth: hci10: command tx timeout [ 450.281582][ T5236] Bluetooth: hci5: command tx timeout [ 450.761696][ T5236] Bluetooth: hci8: command tx timeout [ 451.001906][ T5236] Bluetooth: hci9: command tx timeout [ 451.161650][ T5236] Bluetooth: hci10: command tx timeout [ 452.361572][ T5236] Bluetooth: hci5: command tx timeout [ 452.841682][ T5236] Bluetooth: hci8: command tx timeout [ 453.081805][ T5236] Bluetooth: hci9: command tx timeout [ 453.241607][ T5236] Bluetooth: hci10: command tx timeout [ 454.441574][ T5236] Bluetooth: hci5: command tx timeout [ 454.921759][ T5236] Bluetooth: hci8: command tx timeout [ 455.161741][ T5236] Bluetooth: hci9: command tx timeout [ 455.321672][ T5236] Bluetooth: hci10: command tx timeout [ 488.291646][ T5246] Bluetooth: hci3: command 0x0406 tx timeout [ 489.446852][ T5246] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 489.465565][ T5246] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 489.473905][ T5246] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 489.482470][ T5246] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 489.491839][ T5246] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3 [ 489.500347][ T5246] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 491.561646][ T5246] Bluetooth: hci11: command tx timeout [ 493.641621][ T5246] Bluetooth: hci11: command tx timeout [ 495.721610][ T5246] Bluetooth: hci11: command tx timeout [ 497.801656][ T5246] Bluetooth: hci11: command tx timeout [ 501.562550][ C1] ip6_tunnel: ip6gretap0: Local routing loop detected! [ 501.570517][ T1268] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.171812][ T5236] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 506.183483][ T5236] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 506.191381][ T5236] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 506.200217][ T5236] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 506.209240][ T5236] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3 [ 506.216711][ T5236] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 506.509313][ T5246] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 506.521783][ T5246] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 506.530376][ T5246] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 506.542033][ T5246] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 506.551584][ T5246] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3 [ 506.558984][ T5246] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 507.557219][T11009] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 507.568244][T11009] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 507.576683][T11009] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 507.584744][T11009] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 507.599349][T11009] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3 [ 507.606860][T11009] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 507.632600][ T5234] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 507.642526][ T5234] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 507.651325][ T5234] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 507.661687][ T5234] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 507.669348][ T5234] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3 [ 507.676863][ T5234] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2 [ 508.281762][T11009] Bluetooth: hci12: command tx timeout [ 508.601665][T11009] Bluetooth: hci13: command tx timeout [ 508.767166][T11009] Bluetooth: hci6: command 0x0406 tx timeout [ 508.773418][ T5234] Bluetooth: hci2: command 0x0406 tx timeout [ 508.779458][ T5234] Bluetooth: hci7: command 0x0406 tx timeout [ 508.800739][T11009] Bluetooth: hci0: command 0x0406 tx timeout [ 509.641810][ T5232] Bluetooth: hci14: command tx timeout [ 509.722006][ T5232] Bluetooth: hci15: command tx timeout [ 510.361634][ T5232] Bluetooth: hci12: command tx timeout [ 510.681646][ T5232] Bluetooth: hci13: command tx timeout [ 511.721742][ T5232] Bluetooth: hci14: command tx timeout [ 511.805941][ T5232] Bluetooth: hci15: command tx timeout [ 512.441701][ T5232] Bluetooth: hci12: command tx timeout [ 512.761571][ T5232] Bluetooth: hci13: command tx timeout [ 513.801754][ T5232] Bluetooth: hci14: command tx timeout [ 513.881722][ T5232] Bluetooth: hci15: command tx timeout [ 514.521664][ T5232] Bluetooth: hci12: command tx timeout [ 514.848497][ T5232] Bluetooth: hci13: command tx timeout [ 515.881791][ T5232] Bluetooth: hci14: command tx timeout [ 515.961980][ T5232] Bluetooth: hci15: command tx timeout [ 533.561967][ T30] INFO: task syz.4.1779:9949 blocked for more than 143 seconds. [ 533.569674][ T30] Not tainted 6.11.0-syzkaller-11504-g6c24a03a61a2 #0 [ 533.591525][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 533.601980][ T30] task:syz.4.1779 state:D stack:23616 pid:9949 tgid:9948 ppid:7777 flags:0x00004006 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 533.618150][ T30] Call Trace: [ 533.623052][ T30] [ 533.626030][ T30] __schedule+0x1895/0x4b30 [ 533.630595][ T30] ? __pfx___schedule+0x10/0x10 [ 533.658882][ T30] ? __pfx_lock_release+0x10/0x10 [ 533.724199][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 533.729750][ T30] ? schedule+0x90/0x320 [ 533.797912][ T30] schedule+0x14b/0x320 [ 533.811685][ T30] schedule_preempt_disabled+0x13/0x30 [ 533.817223][ T30] __mutex_lock+0x6a7/0xd70 [ 533.861966][ T30] ? __mutex_lock+0x52a/0xd70 [ 533.866727][ T30] ? netdev_run_todo+0x89e/0x1000 [ 533.901562][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 533.907469][ T30] ? __init_swait_queue_head+0xae/0x150 [ 533.941563][ T30] netdev_run_todo+0x89e/0x1000 [ 533.946505][ T30] ? __pfx_netdev_run_todo+0x10/0x10 [ 533.971627][ T30] rtnetlink_rcv_msg+0x748/0xcf0 [ 533.976636][ T30] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 534.005272][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 534.010806][ T30] ? ref_tracker_free+0x643/0x7e0 [ 534.023717][ T30] netlink_rcv_skb+0x1e3/0x430 [ 534.028548][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 534.051507][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 534.056892][ T30] ? netlink_deliver_tap+0x2e/0x1b0 [ 534.081526][ T30] netlink_unicast+0x7f6/0x990 [ 534.086376][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 534.109574][ T30] ? __virt_addr_valid+0x183/0x530 [ 534.118998][ T30] ? __check_object_size+0x48e/0x900 [ 534.140572][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 534.147837][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 534.157684][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 534.164963][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 534.170305][ T30] __sock_sendmsg+0x221/0x270 [ 534.179482][ T30] ____sys_sendmsg+0x52a/0x7e0 [ 534.186717][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 534.196521][ T30] ? futex_wake+0x523/0x5c0 [ 534.201103][ T30] __sys_sendmsg+0x292/0x380 [ 534.216260][ T30] ? __pfx___sys_sendmsg+0x10/0x10 [ 534.223771][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 534.230176][ T30] ? do_syscall_64+0x100/0x230 [ 534.240654][ T30] ? do_syscall_64+0xb6/0x230 [ 534.246622][ T30] do_syscall_64+0xf3/0x230 [ 534.251175][ T30] ? clear_bhb_loop+0x35/0x90 [ 534.261553][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 534.267530][ T30] RIP: 0033:0x7f9ac3b7dff9 [ 534.277655][ T30] RSP: 002b:00007f9ac4963038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 534.289659][ T30] RAX: ffffffffffffffda RBX: 00007f9ac3d35f80 RCX: 00007f9ac3b7dff9 [ 534.301458][ T30] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 000000000000000a [ 534.309480][ T30] RBP: 00007f9ac3bf0296 R08: 0000000000000000 R09: 0000000000000000 [ 534.325481][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 534.335816][ T30] R13: 0000000000000000 R14: 00007f9ac3d35f80 R15: 00007fffac8d0378 [ 534.348301][ T30] [ 534.353814][ T30] INFO: task syz-executor:10718 blocked for more than 144 seconds. [ 534.366551][ T30] Not tainted 6.11.0-syzkaller-11504-g6c24a03a61a2 #0 [ 534.376183][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 534.389263][ T30] task:syz-executor state:D stack:21728 pid:10718 tgid:10718 ppid:1 flags:0x00004006 [ 534.401453][ T30] Call Trace: [ 534.404764][ T30] [ 534.407719][ T30] __schedule+0x1895/0x4b30 [ 534.419447][ T30] ? __pfx___schedule+0x10/0x10 [ 534.424440][ T30] ? __pfx_lock_release+0x10/0x10 [ 534.429717][ T30] ? schedule+0x90/0x320 [ 534.441007][ T30] schedule+0x14b/0x320 [ 534.445500][ T30] schedule_timeout+0xb0/0x310 [ 534.450315][ T30] ? __pfx_schedule_timeout+0x10/0x10 [ 534.461464][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 534.467514][ T30] ? wait_for_completion+0x2fe/0x620 [ 534.479419][ T30] ? wait_for_completion+0x2fe/0x620 [ 534.484836][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 534.490075][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 534.499596][ T30] ? wait_for_completion+0x2fe/0x620 [ 534.510366][ T30] wait_for_completion+0x355/0x620 [ 534.517776][ T30] ? __pfx_wait_for_completion+0x10/0x10 [ 534.529366][ T30] ? __flush_work+0xe7/0xc50 [ 534.534080][ T30] __flush_work+0xa37/0xc50 [ 534.538620][ T30] ? __flush_work+0xe7/0xc50 [ 534.550243][ T30] ? __pfx___flush_work+0x10/0x10 [ 534.555464][ T30] ? __pfx_wq_barrier_func+0x10/0x10 [ 534.560797][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 534.571454][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 534.576626][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 534.587694][ T30] unregister_netdevice_many_notify+0x87b/0x1da0 [ 534.594190][ T30] ? __mutex_lock+0x9a1/0xd70 [ 534.598905][ T30] ? do_raw_spin_lock+0x14f/0x370 [ 534.610672][ T30] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 534.618792][ T30] ? do_raw_spin_unlock+0x13c/0x8b0 [ 534.629105][ T30] ? __mutex_lock+0x9ab/0xd70 [ 534.636737][ T30] ? do_raw_spin_unlock+0x13c/0x8b0 [ 534.645409][ T30] ? __mutex_lock+0x52a/0xd70 [ 534.650130][ T30] unregister_netdevice_queue+0x303/0x370 [ 534.659728][ T30] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 534.669394][ T30] nsim_destroy+0x180/0x5c0 [ 534.677298][ T30] ? nsim_dev_reload_destroy+0x28a/0x490 [ 534.686463][ T30] __nsim_dev_port_del+0x14b/0x1b0 [ 534.695020][ T30] nsim_dev_reload_destroy+0x28a/0x490 [ 534.700539][ T30] ? __pfx_nsim_bus_remove+0x10/0x10 [ 534.709196][ T30] nsim_drv_remove+0x58/0x160 [ 534.717354][ T30] device_release_driver_internal+0x4a9/0x7c0 [ 534.728030][ T30] bus_remove_device+0x34f/0x420 [ 534.736941][ T30] device_del+0x57a/0x9b0 [ 534.741333][ T30] ? __pfx_device_del+0x10/0x10 [ 534.749742][ T30] device_unregister+0x20/0xc0 [ 534.757937][ T30] del_device_store+0x363/0x480 [ 534.767127][ T30] ? __pfx_del_device_store+0x10/0x10 [ 534.775963][ T30] ? sysfs_kf_write+0x182/0x2a0 [ 534.780860][ T30] ? bus_attr_store+0x4f/0xa0 [ 534.788942][ T30] ? __pfx_sysfs_kf_write+0x10/0x10 [ 534.797618][ T30] kernfs_fop_write_iter+0x3a0/0x500 [ 534.806365][ T30] vfs_write+0xa6d/0xc90 [ 534.810660][ T30] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 534.819854][ T30] ? __pfx_vfs_write+0x10/0x10 [ 534.829187][ T30] ? do_sys_openat2+0x17a/0x1d0 [ 534.837594][ T30] ? __pfx_do_sys_openat2+0x10/0x10 [ 534.849159][ T30] ? fdget_pos+0x265/0x320 [ 534.857056][ T30] ksys_write+0x183/0x2b0 [ 534.864779][ T30] ? __pfx_ksys_write+0x10/0x10 [ 534.869772][ T30] ? do_syscall_64+0x100/0x230 [ 534.878330][ T30] ? do_syscall_64+0xb6/0x230 [ 534.886408][ T30] do_syscall_64+0xf3/0x230 [ 534.890948][ T30] ? clear_bhb_loop+0x35/0x90 [ 534.899016][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 534.908499][ T30] RIP: 0033:0x7fcf79d7cadf [ 534.916381][ T30] RSP: 002b:00007ffded3759f0 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 534.927421][ T30] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007fcf79d7cadf [ 534.942514][ T30] RDX: 0000000000000001 RSI: 00007ffded375a40 RDI: 0000000000000005 [ 534.950547][ T30] RBP: 00007fcf79df13ae R08: 0000000000000000 R09: 00007ffded375847 [ 534.961451][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 534.969469][ T30] R13: 00007ffded375a40 R14: 00007fcf7aa64620 R15: 0000000000000003 [ 534.983722][ T30] [ 534.986844][ T30] INFO: task syz.0.2128:10953 blocked for more than 144 seconds. [ 534.998399][ T30] Not tainted 6.11.0-syzkaller-11504-g6c24a03a61a2 #0 [ 535.010069][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 535.022207][ T30] task:syz.0.2128 state:D stack:25264 pid:10953 tgid:10941 ppid:7769 flags:0x00004002 [ 535.039190][ T30] Call Trace: [ 535.043733][ T30] [ 535.046700][ T30] __schedule+0x1895/0x4b30 [ 535.051255][ T30] ? __pfx___schedule+0x10/0x10 [ 535.062887][ T30] ? __pfx_lock_release+0x10/0x10 [ 535.067984][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 535.078005][ T30] ? schedule+0x90/0x320 [ 535.084643][ T30] schedule+0x14b/0x320 [ 535.088865][ T30] schedule_preempt_disabled+0x13/0x30 [ 535.098817][ T30] __mutex_lock+0x6a7/0xd70 [ 535.106013][ T30] ? __mutex_lock+0x52a/0xd70 [ 535.110745][ T30] ? tun_chr_close+0x3b/0x1b0 [ 535.120066][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 535.127405][ T30] ? __pfx_call_rcu+0x10/0x10 [ 535.137005][ T30] tun_chr_close+0x3b/0x1b0 [ 535.144829][ T30] ? __pfx_tun_chr_close+0x10/0x10 [ 535.149986][ T30] __fput+0x23f/0x880 [ 535.157469][ T30] task_work_run+0x24f/0x310 [ 535.164701][ T30] ? kasan_quarantine_put+0xdc/0x230 [ 535.170053][ T30] ? __pfx_task_work_run+0x10/0x10 [ 535.186031][ T30] ? do_exit+0xa2a/0x28e0 [ 535.190433][ T30] ? kmem_cache_free+0x1a2/0x420 [ 535.196660][ T30] ? do_exit+0xa2a/0x28e0 [ 535.201042][ T30] do_exit+0xa2f/0x28e0 [ 535.210752][ T30] ? __pfx_do_exit+0x10/0x10 [ 535.215496][ T30] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 535.220908][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 535.235260][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 535.247661][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 535.256214][ T30] do_group_exit+0x207/0x2c0 [ 535.260850][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 535.269386][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 535.278011][ T30] get_signal+0x176f/0x1810 [ 535.285890][ T30] ? __pfx_get_signal+0x10/0x10 [ 535.290806][ T30] arch_do_signal_or_restart+0x96/0x860 [ 535.299765][ T30] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 535.309279][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 535.318915][ T30] ? syscall_exit_to_user_mode+0xa3/0x370 [ 535.328815][ T30] syscall_exit_to_user_mode+0xc9/0x370 [ 535.334983][ T30] do_syscall_64+0x100/0x230 [ 535.347458][ T30] ? clear_bhb_loop+0x35/0x90 [ 535.352459][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 535.358408][ T30] RIP: 0033:0x7f5540d7dff9 [ 535.369558][ T30] RSP: 002b:00007f5541c37038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 535.378065][ T30] RAX: 000000000000003c RBX: 00007f5540f36058 RCX: 00007f5540d7dff9 [ 535.391460][ T30] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000003 [ 535.399487][ T30] RBP: 00007f5540df0296 R08: 0000000000000000 R09: 0000000000000000 [ 535.413526][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 535.426054][ T30] R13: 0000000000000000 R14: 00007f5540f36058 R15: 00007ffea5912628 [ 535.436448][ T30] [ 535.440797][ T30] INFO: task syz.1.2131:10951 blocked for more than 145 seconds. [ 535.450575][ T30] Not tainted 6.11.0-syzkaller-11504-g6c24a03a61a2 #0 [ 535.463196][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 535.476343][ T30] task:syz.1.2131 state:D stack:26080 pid:10951 tgid:10949 ppid:7771 flags:0x00004002 [ 535.496437][ T30] Call Trace: [ 535.499775][ T30] [ 535.504955][ T30] __schedule+0x1895/0x4b30 [ 535.509533][ T30] ? __pfx___schedule+0x10/0x10 [ 535.518923][ T30] ? __pfx_lock_release+0x10/0x10 [ 535.526220][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 535.535855][ T30] ? schedule+0x90/0x320 [ 535.540153][ T30] schedule+0x14b/0x320 [ 535.549997][ T30] schedule_preempt_disabled+0x13/0x30 [ 535.557328][ T30] __mutex_lock+0x6a7/0xd70 [ 535.567434][ T30] ? __mutex_lock+0x52a/0xd70 [ 535.573935][ T30] ? tun_chr_close+0x3b/0x1b0 [ 535.578663][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 535.589328][ T30] ? __pfx_call_rcu+0x10/0x10 [ 535.595798][ T30] tun_chr_close+0x3b/0x1b0 [ 535.600334][ T30] ? __pfx_tun_chr_close+0x10/0x10 [ 535.610967][ T30] __fput+0x23f/0x880 [ 535.615092][ T30] task_work_run+0x24f/0x310 [ 535.619715][ T30] ? kasan_quarantine_put+0xdc/0x230 [ 535.631699][ T30] ? __pfx_task_work_run+0x10/0x10 [ 535.636857][ T30] ? do_exit+0xa2a/0x28e0 [ 535.641209][ T30] ? kmem_cache_free+0x1a2/0x420 [ 535.654134][ T30] ? do_exit+0xa2a/0x28e0 [ 535.658698][ T30] do_exit+0xa2f/0x28e0 [ 535.666659][ T30] ? __pfx_do_exit+0x10/0x10 [ 535.671301][ T30] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 535.680160][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 535.689536][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 535.699328][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 535.707854][ T30] do_group_exit+0x207/0x2c0 [ 535.715822][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 535.721076][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 535.729991][ T30] get_signal+0x176f/0x1810 [ 535.737879][ T30] ? __pfx_get_signal+0x10/0x10 [ 535.746568][ T30] arch_do_signal_or_restart+0x96/0x860 [ 535.756814][ T30] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 535.765539][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 535.776461][ T30] ? syscall_exit_to_user_mode+0xa3/0x370 [ 535.784552][ T30] syscall_exit_to_user_mode+0xc9/0x370 [ 535.790155][ T30] do_syscall_64+0x100/0x230 [ 535.799380][ T30] ? clear_bhb_loop+0x35/0x90 [ 535.806582][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 535.816876][ T30] RIP: 0033:0x7f0b01b7dff9 [ 535.821333][ T30] RSP: 002b:00007f0b029ca038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 535.836457][ T30] RAX: 0000000000000024 RBX: 00007f0b01d36058 RCX: 00007f0b01b7dff9 [ 535.845807][ T30] RDX: 0000000000000000 RSI: 0000000020001280 RDI: 000000000000000b [ 535.860605][ T30] RBP: 00007f0b01bf0296 R08: 0000000000000000 R09: 0000000000000000 [ 535.869851][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 535.882295][ T30] R13: 0000000000000000 R14: 00007f0b01d36058 R15: 00007fff58c90a68 [ 535.890427][ T30] [ 535.902405][ T30] INFO: task syz.4.2133:10957 blocked for more than 145 seconds. [ 535.910179][ T30] Not tainted 6.11.0-syzkaller-11504-g6c24a03a61a2 #0 [ 535.921511][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 535.936341][ T30] task:syz.4.2133 state:D stack:25712 pid:10957 tgid:10956 ppid:10175 flags:0x00004002 [ 535.947780][ T30] Call Trace: [ 535.957773][ T30] [ 535.960762][ T30] __schedule+0x1895/0x4b30 [ 535.968015][ T30] ? __pfx___schedule+0x10/0x10 [ 535.978403][ T30] ? __pfx_lock_release+0x10/0x10 [ 535.984655][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 535.990158][ T30] ? schedule+0x90/0x320 [ 536.000393][ T30] schedule+0x14b/0x320 [ 536.005809][ T30] schedule_preempt_disabled+0x13/0x30 [ 536.011304][ T30] __mutex_lock+0x6a7/0xd70 [ 536.021529][ T30] ? __mutex_lock+0x52a/0xd70 [ 536.026266][ T30] ? tun_chr_close+0x3b/0x1b0 [ 536.030978][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 536.042867][ T30] ? __pfx_call_rcu+0x10/0x10 [ 536.047605][ T30] tun_chr_close+0x3b/0x1b0 [ 536.058906][ T30] ? __pfx_tun_chr_close+0x10/0x10 [ 536.065397][ T30] __fput+0x23f/0x880 [ 536.069434][ T30] task_work_run+0x24f/0x310 [ 536.079670][ T30] ? kasan_quarantine_put+0xdc/0x230 [ 536.086195][ T30] ? __pfx_task_work_run+0x10/0x10 [ 536.091341][ T30] ? do_exit+0xa2a/0x28e0 [ 536.101176][ T30] ? kmem_cache_free+0x1a2/0x420 [ 536.106298][ T30] ? do_exit+0xa2a/0x28e0 [ 536.110660][ T30] do_exit+0xa2f/0x28e0 [ 536.122495][ T30] ? __pfx_do_exit+0x10/0x10 [ 536.127148][ T30] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 536.137158][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 536.145378][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 536.156197][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 536.161374][ T30] do_group_exit+0x207/0x2c0 [ 536.169745][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 536.177329][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 536.186960][ T30] get_signal+0x176f/0x1810 [ 536.193863][ T30] ? __pfx_get_signal+0x10/0x10 [ 536.198770][ T30] arch_do_signal_or_restart+0x96/0x860 [ 536.205557][ T30] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 536.221285][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 536.227866][ T30] ? syscall_exit_to_user_mode+0xa3/0x370 [ 536.240405][ T30] syscall_exit_to_user_mode+0xc9/0x370 [ 536.246088][ T30] do_syscall_64+0x100/0x230 [ 536.250706][ T30] ? clear_bhb_loop+0x35/0x90 [ 536.258589][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 536.269223][ T30] RIP: 0033:0x7f2c7017dff9 [ 536.275804][ T30] RSP: 002b:00007f2c71031038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 536.290802][ T30] RAX: 000000000000001c RBX: 00007f2c70335f80 RCX: 00007f2c7017dff9 [ 536.301137][ T30] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000004 [ 536.311456][ T30] RBP: 00007f2c701f0296 R08: 0000000000000000 R09: 0000000000000000 [ 536.319472][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 536.333558][ T30] R13: 0000000000000000 R14: 00007f2c70335f80 R15: 00007ffd926da898 [ 536.346016][ T30] [ 536.349140][ T30] INFO: task syz.2.2134:10962 blocked for more than 146 seconds. [ 536.359225][ T30] Not tainted 6.11.0-syzkaller-11504-g6c24a03a61a2 #0 [ 536.371528][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 536.380247][ T30] task:syz.2.2134 state:D stack:23512 pid:10962 tgid:10958 ppid:7773 flags:0x00004002 [ 536.396372][ T30] Call Trace: [ 536.399695][ T30] [ 536.403862][ T30] __schedule+0x1895/0x4b30 [ 536.408424][ T30] ? __pfx___schedule+0x10/0x10 [ 536.418770][ T30] ? __pfx_lock_release+0x10/0x10 [ 536.425016][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 536.430523][ T30] ? schedule+0x90/0x320 [ 536.440371][ T30] schedule+0x14b/0x320 [ 536.446280][ T30] schedule_preempt_disabled+0x13/0x30 [ 536.457394][ T30] __mutex_lock+0x6a7/0xd70 [ 536.463382][ T30] ? __mutex_lock+0x52a/0xd70 [ 536.468107][ T30] ? tun_chr_close+0x3b/0x1b0 [ 536.479496][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 536.484647][ T30] ? __pfx_call_rcu+0x10/0x10 [ 536.489364][ T30] tun_chr_close+0x3b/0x1b0 [ 536.500536][ T30] ? __pfx_tun_chr_close+0x10/0x10 [ 536.505833][ T30] __fput+0x23f/0x880 [ 536.509860][ T30] task_work_run+0x24f/0x310 [ 536.521066][ T30] ? kasan_quarantine_put+0xdc/0x230 [ 536.526663][ T30] ? __pfx_task_work_run+0x10/0x10 [ 536.532007][ T30] ? do_exit+0xa2a/0x28e0 [ 536.536362][ T30] ? kmem_cache_free+0x1a2/0x420 [ 536.541328][ T30] ? do_exit+0xa2a/0x28e0 [ 536.552241][ T30] do_exit+0xa2f/0x28e0 [ 536.556453][ T30] ? __pfx_do_exit+0x10/0x10 [ 536.561067][ T30] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 536.573622][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 536.579864][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 536.590593][ T30] ? _raw_spin_lock_irq+0xdf/0x120 [ 536.598084][ T30] do_group_exit+0x207/0x2c0 [ 536.607051][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 536.614649][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 536.619899][ T30] get_signal+0x176f/0x1810 [ 536.629036][ T30] ? __pfx_get_signal+0x10/0x10 [ 536.636247][ T30] arch_do_signal_or_restart+0x96/0x860 [ 536.646310][ T30] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 536.654755][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 536.660799][ T30] ? syscall_exit_to_user_mode+0xa3/0x370 [ 536.668233][ T30] syscall_exit_to_user_mode+0xc9/0x370 [ 536.680832][ T30] do_syscall_64+0x100/0x230 [ 536.685817][ T30] ? clear_bhb_loop+0x35/0x90 [ 536.690543][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 536.696660][ T30] RIP: 0033:0x7f2103d7dff9 [ 536.701109][ T30] RSP: 002b:00007f2104aa2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 536.716229][ T30] RAX: 0000000000000030 RBX: 00007f2103f36208 RCX: 00007f2103d7dff9 [ 536.725603][ T30] RDX: 0000000000000000 RSI: 0000000020000e00 RDI: 0000000000000009 [ 536.739096][ T30] RBP: 00007f2103df0296 R08: 0000000000000000 R09: 0000000000000000 [ 536.748332][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 536.766743][ T30] R13: 0000000000000000 R14: 00007f2103f36208 R15: 00007ffeaf3ea678 [ 536.782036][ T30] [ 536.785119][ T30] INFO: task syz-executor:10966 blocked for more than 146 seconds. [ 536.799492][ T30] Not tainted 6.11.0-syzkaller-11504-g6c24a03a61a2 #0 [ 536.806927][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 536.821464][ T30] task:syz-executor state:D stack:24128 pid:10966 tgid:10966 ppid:1 flags:0x00004006 [ 536.837865][ T30] Call Trace: [ 536.841194][ T30] [ 536.844477][ T30] __schedule+0x1895/0x4b30 [ 536.849046][ T30] ? __pfx___schedule+0x10/0x10 [ 536.860582][ T30] ? __pfx_lock_release+0x10/0x10 [ 536.865769][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 536.871276][ T30] ? schedule+0x90/0x320 [ 536.881469][ T30] schedule+0x14b/0x320 [ 536.885859][ T30] schedule_preempt_disabled+0x13/0x30 [ 536.891360][ T30] __mutex_lock+0x6a7/0xd70 [ 536.902800][ T30] ? __mutex_lock+0x52a/0xd70 [ 536.907541][ T30] ? register_nexthop_notifier+0x84/0x290 [ 536.917727][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 536.927704][ T30] ? __asan_memset+0x23/0x50 [ 536.936796][ T30] register_nexthop_notifier+0x84/0x290 [ 536.944630][ T30] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 536.950485][ T30] ? __pfx_debug_check_no_locks_freed+0x10/0x10 [ 536.961221][ T30] ? __pfx_register_nexthop_notifier+0x10/0x10 [ 536.969669][ T30] ? __asan_memset+0x23/0x50 [ 536.975668][ T30] ops_init+0x31e/0x590 [ 536.979879][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 536.992152][ T30] setup_net+0x287/0x9e0 [ 536.996465][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 537.009365][ T30] ? __pfx_setup_net+0x10/0x10 [ 537.015378][ T30] copy_net_ns+0x33f/0x570 [ 537.019837][ T30] create_new_namespaces+0x425/0x7b0 [ 537.030604][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 537.037625][ T30] ksys_unshare+0x619/0xc10 [ 537.047641][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 537.053889][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 537.059913][ T30] ? do_syscall_64+0x100/0x230 [ 537.070247][ T30] __x64_sys_unshare+0x38/0x40 [ 537.075203][ T30] do_syscall_64+0xf3/0x230 [ 537.080601][ T30] ? clear_bhb_loop+0x35/0x90 [ 537.093339][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 537.099297][ T30] RIP: 0033:0x7f9da7f7f7f7 [ 537.108197][ T30] RSP: 002b:00007ffdc4adfc58 EFLAGS: 00000206 ORIG_RAX: 0000000000000110 [ 537.119462][ T30] RAX: ffffffffffffffda RBX: 00007f9da8135f40 RCX: 00007f9da7f7f7f7 [ 537.131454][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 [ 537.139467][ T30] RBP: 00007f9da8136a38 R08: 0000000000000000 R09: 0000000000000000 [ 537.153591][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 000000000000000c [ 537.166408][ T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 537.176718][ T30] [ 537.181052][ T30] INFO: task syz-executor:10968 blocked for more than 146 seconds. [ 537.191450][ T30] Not tainted 6.11.0-syzkaller-11504-g6c24a03a61a2 #0 [ 537.198935][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 537.214137][ T30] task:syz-executor state:D stack:24128 pid:10968 tgid:10968 ppid:1 flags:0x00004006 [ 537.228119][ T30] Call Trace: [ 537.234808][ T30] [ 537.237791][ T30] __schedule+0x1895/0x4b30 [ 537.249551][ T30] ? __pfx___schedule+0x10/0x10 [ 537.257834][ T30] ? __pfx_lock_release+0x10/0x10 [ 537.266239][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 537.275207][ T30] ? schedule+0x90/0x320 [ 537.279502][ T30] schedule+0x14b/0x320 [ 537.288398][ T30] schedule_preempt_disabled+0x13/0x30 [ 537.297494][ T30] __mutex_lock+0x6a7/0xd70 [ 537.305899][ T30] ? __mutex_lock+0x52a/0xd70 [ 537.310623][ T30] ? register_nexthop_notifier+0x84/0x290 [ 537.319793][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 537.330289][ T30] ? __asan_memset+0x23/0x50 [ 537.335155][ T30] register_nexthop_notifier+0x84/0x290 [ 537.340737][ T30] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 537.353612][ T30] ? __pfx_debug_check_no_locks_freed+0x10/0x10 [ 537.359913][ T30] ? __pfx_register_nexthop_notifier+0x10/0x10 [ 537.370666][ T30] ? __asan_memset+0x23/0x50 [ 537.377627][ T30] ops_init+0x31e/0x590 [ 537.384981][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 537.390418][ T30] setup_net+0x287/0x9e0 [ 537.399599][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 537.409431][ T30] ? __pfx_setup_net+0x10/0x10 [ 537.419735][ T30] copy_net_ns+0x33f/0x570 [ 537.425378][ T30] create_new_namespaces+0x425/0x7b0 [ 537.430714][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 537.441503][ T30] ksys_unshare+0x619/0xc10 [ 537.446073][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 537.451121][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 537.463724][ T30] ? do_syscall_64+0x100/0x230 [ 537.468541][ T30] __x64_sys_unshare+0x38/0x40 [ 537.476708][ T30] do_syscall_64+0xf3/0x230 [ 537.481247][ T30] ? clear_bhb_loop+0x35/0x90 [ 537.491478][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 537.499356][ T30] RIP: 0033:0x7fcafa17f7f7 [ 537.508245][ T30] RSP: 002b:00007ffe13ef5be8 EFLAGS: 00000206 ORIG_RAX: 0000000000000110 [ 537.518984][ T30] RAX: ffffffffffffffda RBX: 00007fcafa335f40 RCX: 00007fcafa17f7f7 [ 537.531452][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 [ 537.539460][ T30] RBP: 00007fcafa336a38 R08: 0000000000000000 R09: 0000000000000000 [ 537.553205][ T30] R10: 0000000000000000 R11: 0000000000000206 R12: 000000000000000c [ 537.561220][ T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 537.576702][ T30] [ 537.579839][ T30] INFO: task syz-executor:10972 blocked for more than 147 seconds. [ 537.587855][ T30] Not tainted 6.11.0-syzkaller-11504-g6c24a03a61a2 #0 [ 537.606671][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 537.616622][ T30] task:syz-executor state:D stack:24128 pid:10972 tgid:10972 ppid:1 flags:0x00000004 [ 537.631581][ T30] Call Trace: [ 537.634897][ T30] [ 537.637849][ T30] __schedule+0x1895/0x4b30 [ 537.649025][ T30] ? __pfx___schedule+0x10/0x10 [ 537.654040][ T30] ? __pfx_lock_release+0x10/0x10 [ 537.659103][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 537.671131][ T30] ? schedule+0x90/0x320 [ 537.675591][ T30] schedule+0x14b/0x320 [ 537.679783][ T30] schedule_preempt_disabled+0x13/0x30 [ 537.693519][ T30] __mutex_lock+0x6a7/0xd70 [ 537.698087][ T30] ? __mutex_lock+0x52a/0xd70 [ 537.710535][ T30] ? rtnetlink_rcv_msg+0x6e6/0xcf0 [ 537.718131][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 537.727572][ T30] rtnetlink_rcv_msg+0x6e6/0xcf0 [ 537.734861][ T30] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 537.740020][ T30] ? __lock_acquire+0x1384/0x2050 [ 537.749637][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 537.757485][ T30] netlink_rcv_skb+0x1e3/0x430 [ 537.766822][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 537.774592][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 537.779943][ T30] ? netlink_deliver_tap+0x2e/0x1b0 [ 537.789584][ T30] netlink_unicast+0x7f6/0x990 [ 537.798353][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 537.807854][ T30] ? __virt_addr_valid+0x183/0x530 [ 537.816285][ T30] ? __check_object_size+0x48e/0x900 [ 537.824883][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 537.829701][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 537.838439][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 537.846737][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 537.855422][ T30] __sock_sendmsg+0x221/0x270 [ 537.860146][ T30] __sys_sendto+0x39b/0x4f0 [ 537.868082][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 537.876542][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 537.886247][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 537.896958][ T30] ? exc_page_fault+0x590/0x8c0 [ 537.905842][ T30] __x64_sys_sendto+0xde/0x100 [ 537.910660][ T30] do_syscall_64+0xf3/0x230 [ 537.917683][ T30] ? clear_bhb_loop+0x35/0x90 [ 537.926830][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 537.935045][ T30] RIP: 0033:0x7f219df7fe8c [ 537.939498][ T30] RSP: 002b:00007ffe246ac6c0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 537.951454][ T30] RAX: ffffffffffffffda RBX: 00007f219ec64620 RCX: 00007f219df7fe8c [ 537.959562][ T30] RDX: 0000000000000028 RSI: 00007f219ec64670 RDI: 0000000000000003 [ 537.976674][ T30] RBP: 0000000000000000 R08: 00007ffe246ac714 R09: 000000000000000c [ 537.988123][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 537.999352][ T30] R13: 0000000000000000 R14: 00007f219ec64670 R15: 0000000000000000 [ 538.013980][ T30] [ 538.017119][ T30] INFO: task syz-executor:10974 blocked for more than 147 seconds. [ 538.029471][ T30] Not tainted 6.11.0-syzkaller-11504-g6c24a03a61a2 #0 [ 538.039103][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 538.057620][ T30] task:syz-executor state:D stack:24128 pid:10974 tgid:10974 ppid:1 flags:0x00000004 [ 538.067972][ T30] Call Trace: [ 538.071286][ T30] [ 538.081014][ T30] __schedule+0x1895/0x4b30 [ 538.085669][ T30] ? __pfx___schedule+0x10/0x10 [ 538.090550][ T30] ? __pfx_lock_release+0x10/0x10 [ 538.101798][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 538.107325][ T30] ? schedule+0x90/0x320 [ 538.117876][ T30] schedule+0x14b/0x320 [ 538.123657][ T30] schedule_preempt_disabled+0x13/0x30 [ 538.129164][ T30] __mutex_lock+0x6a7/0xd70 [ 538.140352][ T30] ? __mutex_lock+0x52a/0xd70 [ 538.145172][ T30] ? rtnetlink_rcv_msg+0x6e6/0xcf0 [ 538.150318][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 538.161509][ T30] rtnetlink_rcv_msg+0x6e6/0xcf0 [ 538.166496][ T30] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 538.177702][ T30] ? __lock_acquire+0x1384/0x2050 [ 538.182835][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 538.188342][ T30] netlink_rcv_skb+0x1e3/0x430 [ 538.199988][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 538.206551][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 538.219069][ T30] ? netlink_deliver_tap+0x2e/0x1b0 [ 538.224397][ T30] netlink_unicast+0x7f6/0x990 [ 538.229201][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 538.241497][ T30] ? __virt_addr_valid+0x183/0x530 [ 538.246663][ T30] ? __check_object_size+0x48e/0x900 [ 538.257632][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 538.262515][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 538.267836][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 538.279408][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 538.288717][ T30] __sock_sendmsg+0x221/0x270 [ 538.300152][ T30] __sys_sendto+0x39b/0x4f0 [ 538.304809][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 538.311122][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 538.324569][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 538.330965][ T30] ? exc_page_fault+0x590/0x8c0 [ 538.339240][ T30] __x64_sys_sendto+0xde/0x100 [ 538.347760][ T30] do_syscall_64+0xf3/0x230 [ 538.355760][ T30] ? clear_bhb_loop+0x35/0x90 [ 538.360476][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 538.371572][ T30] RIP: 0033:0x7f78b757fe8c [ 538.376032][ T30] RSP: 002b:00007ffc5988ba70 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 538.390533][ T30] RAX: ffffffffffffffda RBX: 00007f78b8264620 RCX: 00007f78b757fe8c [ 538.398701][ T30] RDX: 0000000000000028 RSI: 00007f78b8264670 RDI: 0000000000000003 [ 538.411453][ T30] RBP: 0000000000000000 R08: 00007ffc5988bac4 R09: 000000000000000c [ 538.425230][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 538.435511][ T30] R13: 0000000000000000 R14: 00007f78b8264670 R15: 0000000000000000 [ 538.448892][ T30] [ 538.452075][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 538.463719][ T30] [ 538.463719][ T30] Showing all locks held in the system: [ 538.475863][ T30] 3 locks held by kworker/u8:1/12: [ 538.481009][ T30] #0: ffff88814baf7148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 538.499175][ T30] #1: ffffc90000117d00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 538.520624][ T30] #2: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30 [ 538.530527][ T30] 3 locks held by kworker/1:0/25: [ 538.541503][ T30] #0: ffff88801ac81948 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 538.560097][ T30] #1: ffffc900001f7d00 ((check_lifetime_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 538.578568][ T30] #2: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: check_lifetime+0x433/0x960 [ 538.587860][ T30] 1 lock held by khungtaskd/30: [ 538.599297][ T30] #0: ffffffff8e937ee0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 538.615660][ T30] 4 locks held by kworker/0:2/941: [ 538.620825][ T30] 2 locks held by getty/4983: [ 538.631513][ T30] #0: ffff88802e3b30a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 538.641333][ T30] #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00 [ 538.658529][ T30] 3 locks held by kworker/1:3/5230: [ 538.670353][ T30] #0: ffff88801ac81948 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 538.690546][ T30] #1: ffffc9000399fd00 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 538.708340][ T30] #2: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: reg_check_chans_work+0x99/0xfd0 [ 538.719337][ T30] 3 locks held by kworker/1:4/5282: [ 538.731343][ T30] #0: ffff88801ac80948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850 [ 538.749001][ T30] #1: ffffc900041bfd00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850 [ 538.760173][ T30] #2: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20 [ 538.780159][ T30] 1 lock held by syz.4.1779/9949: [ 538.785319][ T30] #0: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: netdev_run_todo+0x89e/0x1000 [ 538.801476][ T30] 8 locks held by syz-executor/10718: [ 538.806894][ T30] #0: ffff888030df4420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x224/0xc90 [ 538.822980][ T30] #1: ffff888032272488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1ea/0x500 [ 538.837927][ T30] #2: ffff888027051788 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20e/0x500 [ 538.850426][ T30] #3: ffffffff8f5710c8 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480 [ 538.865326][ T30] #4: ffff88807d5520e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xce/0x7c0 [ 538.878294][ T30] #5: ffff88807fc98250 (&devlink->lock_key#20){+.+.}-{3:3}, at: nsim_drv_remove+0x50/0x160 [ 538.891536][ T30] #6: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: nsim_destroy+0x71/0x5c0 [ 538.900491][ T30] #7: ffffffff8e7d1dd0 (cpu_hotplug_lock){++++}-{0:0}, at: unregister_netdevice_many_notify+0x5ea/0x1da0 [ 538.918244][ T30] 1 lock held by syz.0.2128/10953: [ 538.925022][ T30] #0: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0 [ 538.940877][ T30] 1 lock held by syz.1.2131/10951: [ 538.946098][ T30] #0: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0 [ 538.961778][ T30] 1 lock held by syz.4.2133/10957: [ 538.966924][ T30] #0: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0 [ 538.982600][ T30] 1 lock held by syz.2.2134/10962: [ 538.987743][ T30] #0: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0 [ 539.001224][ T30] 2 locks held by syz-executor/10966: [ 539.011307][ T30] #0: ffffffff8fcc5f50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 539.020990][ T30] #1: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 539.039326][ T30] 2 locks held by syz-executor/10968: [ 539.044932][ T30] #0: ffffffff8fcc5f50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570 [ 539.061110][ T30] #1: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290 [ 539.071357][ T30] 1 lock held by syz-executor/10972: [ 539.081453][ T30] #0: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 539.090934][ T30] 1 lock held by syz-executor/10974: [ 539.103887][ T30] #0: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 539.116708][ T30] 1 lock held by syz-executor/10982: [ 539.125432][ T30] #0: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 539.139596][ T30] 1 lock held by syz-executor/10987: [ 539.147654][ T30] #0: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 539.161711][ T30] 1 lock held by syz-executor/10990: [ 539.167024][ T30] #0: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 539.181481][ T30] 1 lock held by syz-executor/10992: [ 539.186799][ T30] #0: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 539.202408][ T30] 1 lock held by syz-executor/10994: [ 539.207730][ T30] #0: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 539.224030][ T30] 1 lock held by syz-executor/10997: [ 539.230683][ T30] #0: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 539.243890][ T30] 1 lock held by syz-executor/11001: [ 539.249212][ T30] #0: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 539.265877][ T30] 1 lock held by syz-executor/11003: [ 539.271200][ T30] #0: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 539.283138][ T30] 1 lock held by syz-executor/11007: [ 539.288459][ T30] #0: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 539.301505][ T30] 1 lock held by syz-executor/11008: [ 539.306818][ T30] #0: ffffffff8fcd2a48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0 [ 539.331020][ T30] [ 539.337849][ T30] ============================================= [ 539.337849][ T30] [ 539.349223][ T30] NMI backtrace for cpu 1 [ 539.353583][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-syzkaller-11504-g6c24a03a61a2 #0 [ 539.363755][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 539.373838][ T30] Call Trace: [ 539.377136][ T30] [ 539.380079][ T30] dump_stack_lvl+0x241/0x360 [ 539.384799][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 539.390023][ T30] ? __pfx__printk+0x10/0x10 [ 539.394649][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 539.399612][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 539.405089][ T30] ? _printk+0xd5/0x120 [ 539.409278][ T30] ? __pfx__printk+0x10/0x10 [ 539.413892][ T30] ? __wake_up_klogd+0xcc/0x110 [ 539.418766][ T30] ? __pfx__printk+0x10/0x10 [ 539.423377][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 539.428424][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 539.434433][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 539.440439][ T30] watchdog+0xff4/0x1040 [ 539.444717][ T30] ? watchdog+0x1ea/0x1040 [ 539.449159][ T30] ? __pfx_watchdog+0x10/0x10 [ 539.453862][ T30] kthread+0x2f0/0x390 [ 539.457951][ T30] ? __pfx_watchdog+0x10/0x10 [ 539.462648][ T30] ? __pfx_kthread+0x10/0x10 [ 539.467253][ T30] ret_from_fork+0x4b/0x80 [ 539.471688][ T30] ? __pfx_kthread+0x10/0x10 [ 539.476290][ T30] ret_from_fork_asm+0x1a/0x30 [ 539.481084][ T30] [ 539.484923][ T30] Sending NMI from CPU 1 to CPUs 0: [ 539.490161][ C0] NMI backtrace for cpu 0 [ 539.490175][ C0] CPU: 0 UID: 0 PID: 941 Comm: kworker/0:2 Not tainted 6.11.0-syzkaller-11504-g6c24a03a61a2 #0 [ 539.490194][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 539.490205][ C0] Workqueue: events_power_efficient wg_ratelimiter_gc_entries [ 539.490234][ C0] RIP: 0010:_raw_spin_lock+0x36/0x40 [ 539.490258][ C0] Code: 00 e8 9e 44 94 f5 48 8d 7b 18 31 f6 31 d2 31 c9 41 b8 01 00 00 00 45 31 c9 ff 74 24 08 e8 c2 56 a1 f5 48 83 c4 08 48 89 df 5b c5 bb a2 f5 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 [ 539.490272][ C0] RSP: 0018:ffffc90004217b60 EFLAGS: 00000282 [ 539.490286][ C0] RAX: f348ab8b10e7bb00 RBX: 0000000000001928 RCX: f348ab8b10e7bb00 [ 539.490299][ C0] RDX: dffffc0000000000 RSI: ffffffff8c0adbc0 RDI: ffffffff8f446880 [ 539.490311][ C0] RBP: ffffc90004217dc0 R08: ffffffff9426e8a7 R09: 1ffffffff284dd14 [ 539.490323][ C0] R10: dffffc0000000000 R11: fffffbfff284dd15 R12: 0000000000000000 [ 539.490335][ C0] R13: dffffc0000000000 R14: 0000007d9a1fbb39 R15: ffffffff8f4469a0 [ 539.490348][ C0] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 539.490362][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 539.490374][ C0] CR2: 00007f2c70337a8c CR3: 000000000e734000 CR4: 00000000003506f0 [ 539.490388][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 539.490399][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 539.490409][ C0] Call Trace: [ 539.490415][ C0] [ 539.490423][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 539.490442][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 539.490466][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 539.490483][ C0] ? nmi_handle+0x2a/0x5a0 [ 539.490506][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 539.490526][ C0] ? nmi_handle+0x14f/0x5a0 [ 539.490541][ C0] ? nmi_handle+0x2a/0x5a0 [ 539.490557][ C0] ? _raw_spin_lock+0x36/0x40 [ 539.490576][ C0] ? default_do_nmi+0x63/0x160 [ 539.490595][ C0] ? exc_nmi+0x123/0x1f0 [ 539.490612][ C0] ? end_repeat_nmi+0xf/0x53 [ 539.490632][ C0] ? _raw_spin_lock+0x36/0x40 [ 539.490652][ C0] ? _raw_spin_lock+0x36/0x40 [ 539.490672][ C0] ? _raw_spin_lock+0x36/0x40 [ 539.490692][ C0] [ 539.490697][ C0] [ 539.490702][ C0] wg_ratelimiter_gc_entries+0x60/0x470 [ 539.490727][ C0] ? process_scheduled_works+0x976/0x1850 [ 539.490749][ C0] process_scheduled_works+0xa63/0x1850 [ 539.490782][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 539.490808][ C0] ? assign_work+0x364/0x3d0 [ 539.490830][ C0] worker_thread+0x870/0xd30 [ 539.490859][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 539.490883][ C0] ? __kthread_parkme+0x169/0x1d0 [ 539.490906][ C0] ? __pfx_worker_thread+0x10/0x10 [ 539.490927][ C0] kthread+0x2f0/0x390 [ 539.490942][ C0] ? __pfx_worker_thread+0x10/0x10 [ 539.490962][ C0] ? __pfx_kthread+0x10/0x10 [ 539.490977][ C0] ret_from_fork+0x4b/0x80 [ 539.490997][ C0] ? __pfx_kthread+0x10/0x10 [ 539.491012][ C0] ret_from_fork_asm+0x1a/0x30 [ 539.491041][ C0] [ 539.802940][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 539.809829][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-syzkaller-11504-g6c24a03a61a2 #0 [ 539.820008][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 539.830089][ T30] Call Trace: [ 539.833382][ T30] [ 539.836327][ T30] dump_stack_lvl+0x241/0x360 [ 539.841031][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 539.846260][ T30] ? __pfx__printk+0x10/0x10 [ 539.850872][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 539.856884][ T30] ? vscnprintf+0x5d/0x90 [ 539.861235][ T30] panic+0x349/0x880 [ 539.865155][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 539.871328][ T30] ? __pfx_panic+0x10/0x10 [ 539.875766][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 539.881156][ T30] ? __irq_work_queue_local+0x137/0x410 [ 539.886728][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 539.892117][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 539.898289][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 539.904462][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 539.910641][ T30] watchdog+0x1033/0x1040 [ 539.914995][ T30] ? watchdog+0x1ea/0x1040 [ 539.919437][ T30] ? __pfx_watchdog+0x10/0x10 [ 539.924139][ T30] kthread+0x2f0/0x390 [ 539.928224][ T30] ? __pfx_watchdog+0x10/0x10 [ 539.932923][ T30] ? __pfx_kthread+0x10/0x10 [ 539.937526][ T30] ret_from_fork+0x4b/0x80 [ 539.941965][ T30] ? __pfx_kthread+0x10/0x10 [ 539.946569][ T30] ret_from_fork_asm+0x1a/0x30 [ 539.951396][ T30] [ 539.954648][ T30] Kernel Offset: disabled [ 539.958976][ T30] Rebooting in 86400 seconds..