last executing test programs: 3.240939239s ago: executing program 0 (id=1946): socket$nl_netfilter(0x10, 0x3, 0xc) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x4, 0x4, 0x4, 0x100}, 0x48) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0x400000001ffffffd) r1 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendmsg$ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000b80)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00000000000000000000180000ee340007000033730004000280"], 0x20}}, 0x2000c000) r2 = socket(0x40000000015, 0x5, 0x0) connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10) bind$inet(r2, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x57) sendmsg$xdp(r2, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) recvmmsg(r2, &(0x7f0000000b40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=""/11, 0xb}}], 0x5df, 0x2, 0x0) ppoll(&(0x7f0000000080)=[{r2}], 0x1, 0x0, 0x0, 0x0) recvmsg(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x40002022) close(r0) 2.375201793s ago: executing program 0 (id=1961): r0 = socket$inet(0x2, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bind$alg(0xffffffffffffffff, &(0x7f0000000500)={0x26, 'aead\x00', 0x0, 0x0, 'morus640\x00'}, 0x58) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000c18000), 0x0) r1 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) ioctl$FS_IOC_GETFSLABEL(r2, 0x541b, &(0x7f0000000100)) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="9800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000950000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r3, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r4, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) sendmmsg$inet6(r1, &(0x7f0000002d40)=[{{0x0, 0x0, &(0x7f0000002c00)=[{&(0x7f0000002940)="99d6", 0x2}, {&(0x7f0000002980)="f555c15b70122cd0c98a5b39d97524", 0xf}], 0x2}}], 0x1, 0x0) pipe(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) connect$bt_l2cap(r7, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) sendmmsg$inet(r7, &(0x7f00000057c0)=[{{&(0x7f0000002d80)={0x2, 0x0, @multicast1}, 0x10, 0x0}}, {{&(0x7f0000000680)={0x2, 0x0, @multicast1}, 0x10, 0x0}}], 0x2, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000d40)={@map=r6, 0x2f, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) bind$inet(r0, &(0x7f0000000200)={0x2, 0x1004e20}, 0x10) readv(r5, &(0x7f0000000080)=[{&(0x7f00000006c0)=""/193, 0xc1}], 0x1) connect$inet(r0, &(0x7f00000002c0)={0x2, 0x4e20, @empty}, 0x10) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d00000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r8}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="18002000000000000000000000000000950000000000d35cc0e9b1fd1aab0000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe}, 0x90) sendmmsg$inet(r0, &(0x7f0000000680)=[{{0x0, 0x0, &(0x7f00000035c0)=[{&(0x7f0000000240)="60dbc0f4", 0x4}], 0x1}}], 0x1, 0x0) socket$nl_rdma(0x10, 0x3, 0x14) 2.087584534s ago: executing program 2 (id=1966): r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x3, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000003000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x5}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (fail_nth: 2) 1.737158816s ago: executing program 4 (id=1968): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)={0x14, 0x3a, 0x9, 0x0, 0x0, {0x1}}, 0x14}}, 0x0) 1.732858703s ago: executing program 2 (id=1970): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000300)=@framed={{0x61, 0x0, 0xa, 0xfe00, 0x70, 0x5}}, &(0x7f0000000000)='syzkaller\x00'}, 0x90) 1.602390256s ago: executing program 4 (id=1973): r0 = socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x1f, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xc}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10}, 0x90) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000500)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000700)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000540)={&(0x7f0000000640)={0x68, r1, 0x4, 0x70bd2c, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x800}}}}, [@NL80211_ATTR_INACTIVITY_TIMEOUT={0x6, 0x96, 0xfffe}, @NL80211_ATTR_HE_BSS_COLOR={0x34, 0x11b, 0x0, 0x1, [@NL80211_HE_BSS_COLOR_ATTR_COLOR={0x5, 0x1, 0x12}, @NL80211_HE_BSS_COLOR_ATTR_COLOR={0x5, 0x1, 0xf}, @NL80211_HE_BSS_COLOR_ATTR_COLOR={0x5, 0x1, 0x3e}, @NL80211_HE_BSS_COLOR_ATTR_COLOR={0x5, 0x1, 0x10}, @NL80211_HE_BSS_COLOR_ATTR_PARTIAL={0x4}, @NL80211_HE_BSS_COLOR_ATTR_COLOR={0x5, 0x1, 0x3}, @NL80211_HE_BSS_COLOR_ATTR_DISABLED={0x4}]}, @NL80211_ATTR_PBSS={0x4}]}, 0x68}, 0x1, 0x0, 0x0, 0x40}, 0x40000) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000040)=[@in={0x2, 0x4e24, @remote}, @in={0x2, 0x4e21, @private=0xa010102}, @in6={0xa, 0x4e20, 0x200, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x1}, @in={0x2, 0x4e24, @private=0xa010101}, @in6={0xa, 0x4e21, 0x0, @dev={0xfe, 0x80, '\x00', 0x3f}}, @in6={0xa, 0x4e23, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}, 0x1}, @in6={0xa, 0x4e24, 0x5, @local, 0x80}, @in6={0xa, 0x4e24, 0x8, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x3}, @in6={0xa, 0x4e22, 0x1f, @private0, 0x1}, @in={0x2, 0x4e21, @multicast1}], 0xe8) syz_emit_ethernet(0x6a, &(0x7f0000000080)=ANY=[@ANYBLOB="ffffffffffffbbbbbbbbbbbb8100000086dd60fec00000303a00fc000000000000000000000000000000ff020000000000000087802350c3517b5a0000000000000102009078000000006018b08800003b00fe8000000000000000000000000000aafe80000000010000"], 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x5, 0x4, &(0x7f0000000340)=ANY=[], &(0x7f0000000140)='GPL\x00', 0x8, 0x99, &(0x7f0000000400)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x400000}, 0x90) r3 = socket$inet6_sctp(0xa, 0x801, 0x84) sendto$inet6(r3, &(0x7f00000001c0)="c2", 0x1, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c) shutdown(r3, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@ipv4_newrule={0x30, 0x20, 0x1, 0x0, 0x0, {}, [@FRA_TUN_ID={0xc}, @FRA_GENERIC_POLICY=@FRA_L3MDEV={0x5, 0x13, 0x1}]}, 0x30}}, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) close(r5) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0x48400) r6 = socket$alg(0x26, 0x5, 0x0) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000e00)={'#! ', './file0'}, 0xb) accept4(r6, 0x0, 0x0, 0x0) r7 = socket$isdn_base(0x22, 0x3, 0x0) sendfile(r7, r0, 0x0, 0xfad1) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_RTOINFO(r3, 0x84, 0x0, &(0x7f00000003c0)={r8}, &(0x7f00000006c0)=0x10) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000240)={r8, @in6={{0xa, 0x4e21, 0xffffffff, @remote, 0x10000}}}, 0x0) 1.52895994s ago: executing program 2 (id=1974): r0 = socket$inet_udp(0x2, 0x2, 0x0) recvmmsg(r0, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x40000000000012d, 0x2, 0x0) setsockopt$inet_int(r0, 0x0, 0x6, &(0x7f0000000440)=0x2, 0x4) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000040)={'veth0_to_bridge\x00', &(0x7f0000000080)=@ethtool_rxnfc={0x0, 0x0, 0x0, {0x0, @ether_spec={@link_local, @remote}, {}, @esp_ip6_spec={@ipv4={'\x00', '\xff\xff', @local}, @private0}, {0x0, @remote}}}}) setsockopt$inet_int(r0, 0x0, 0xd, &(0x7f0000000580)=0x831, 0x4) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) syz_emit_ethernet(0x32, &(0x7f00000005c0)={@broadcast, @random, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x10, 0x0, @gue={{0x2}}}}}}}, 0x0) r1 = socket(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x3c1, 0x3, 0x2f0, 0x0, 0x178, 0xc, 0x0, 0x178, 0x220, 0x258, 0x258, 0x220, 0x258, 0x3, 0x0, {[{{@ipv6={@loopback={0x1f0}, @mcast2, [], [], 'syzkaller0\x00', 'netpci0\x00', {}, {}, 0x3a}, 0x0, 0x108, 0x148, 0x0, {}, [@common=@unspec=@statistic={{0x38}}, @common=@icmp6={{0x28}, {0x0, "c375", 0x2}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x0, 0x0, "1f4f4328b954deca86e41ed96a4ea63033f276cd53571aadaab6f00dbd07"}}}, {{@ipv6={@mcast1, @private1, [], [], 'wg2\x00', 'hsr0\x00'}, 0x0, 0xa8, 0xd8}, @common=@inet=@SET2={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x350) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) socketpair$unix(0x1, 0x2, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000001080)={0x0, 0x3, &(0x7f0000000080)={&(0x7f00000001c0)={0x6c, 0x2, 0x6, 0x1, 0x6000006, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xe, 0x3, 'bitmap:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x24, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8}}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty}}, @IPSET_ATTR_TIMEOUT={0x8}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x6c}}, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r2, 0xc020f509, &(0x7f0000000000)={r4, 0x402, 0x1, 0x3}) r5 = socket$kcm(0xa, 0x5, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r5, 0x890b, &(0x7f0000000000)={r5}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) write$cgroup_subtree(r2, &(0x7f0000000180)=ANY=[@ANYBLOB="8fedcb5d07081196f37538e486dd6372ce22667f2b00dbf6e97158b33d4fec877f1b6d76745b686158bbcfe8875afdef00010000000029"], 0xfdef) 1.442788307s ago: executing program 0 (id=1976): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000000)=@newtaction={0x48, 0x30, 0x1, 0x0, 0x25dfdbfc, {}, [{0x34, 0x1, [@m_skbedit={0x30, 0x1, 0x0, 0x0, {{0xc}, {0x4}, {0x4}, {0xc}, {0xc, 0x9}}}]}]}, 0x48}}, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), 0xffffffffffffffff) sendmsg$TIPC_NL_LINK_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0106000000000000000009000000240004801300410062726f6164636173742d6c696e6b00000c"], 0x38}}, 0x0) r2 = socket$unix(0x1, 0x2, 0x0) bind$unix(r2, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r3 = socket$unix(0x1, 0x2, 0x0) connect$unix(r3, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r4 = epoll_create(0x8) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000200)) sendmmsg(r3, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x0) ppoll(&(0x7f0000000100)=[{r3, 0x181}], 0x1, 0x0, 0x0, 0x0) close(r2) 1.321182369s ago: executing program 4 (id=1979): r0 = socket$inet_smc(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast2}, 0x10) (async, rerun: 32) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000001c0)='bbr\x00', 0x4) (rerun: 32) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) (async) sendto$inet(r0, &(0x7f0000000040)='u', 0xa792a, 0x801, 0x0, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='cdg\x00', 0x4) recvfrom$inet(r0, &(0x7f0000000080)=""/128, 0xfffffce3, 0x0, 0x0, 0x0) writev(r0, &(0x7f0000000400)=[{&(0x7f0000000200)="67a818beb2c030ce59945b", 0xb}, {&(0x7f0000000300), 0x400000}, {0x0}], 0x3) 1.192512212s ago: executing program 4 (id=1982): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000680)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f0000000780)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x4001}, 0xc, &(0x7f0000000740)={&(0x7f00000006c0)={0x78, r2, 0x1, 0x70bd28, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_KEY={0x18, 0x50, 0x0, 0x1, [@NL80211_KEY_DATA_WEP104={0x11, 0x1, "1fd33cf201c0990ee8e90c84de"}]}, @NL80211_ATTR_KEY_SEQ={0xd, 0xa, "1960a2fef83192269d"}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x18, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}]}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_KEY_DEFAULT={0x4}]}, 0x78}, 0x1, 0x0, 0x0, 0x20008800}, 0x40804) 1.108964376s ago: executing program 0 (id=1983): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)={0x14, 0x3a, 0x9, 0x0, 0x0, {0x1}}, 0x14}}, 0x0) 1.107900671s ago: executing program 4 (id=1984): syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = socket$inet(0x2, 0x2, 0x1) sendmsg$inet(r0, &(0x7f0000000600)={&(0x7f0000000000)={0x2, 0x0, @broadcast}, 0x10, &(0x7f0000000080)=[{&(0x7f0000000040)='\b\x00', 0x2}, {&(0x7f0000000200)="968b524b3b9a", 0x6}], 0x2, &(0x7f0000000240)=ANY=[@ANYBLOB="140000000000000000000000070000009404010000000000140000000000000001"], 0x30}, 0x0) socket$kcm(0x10, 0x2, 0x4) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000300)=[@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x40}}], 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x2, 0x13, &(0x7f0000000980)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000008520000001000000180000000010000000000000ada600005130c0fff0ffffffd902a55eb4ad1abf91000000000000b7020000010000008500000084000000b70000000000000095000000"], &(0x7f0000000280)='GPL\x00', 0x100, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x5, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x0, 0xc, 0x9, 0x200}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000400)=[0x1, 0x1], 0x0, 0x10, 0x40000}, 0x90) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000780)={&(0x7f0000000680)=ANY=[@ANYRES64=r1], &(0x7f0000001200)=""/4096, 0xdb, 0x1000, 0x0, 0x3}, 0x20) socket$inet_udplite(0x2, 0x2, 0x88) r2 = socket$kcm(0x10, 0x2, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000002cc0)=@newtaction={0xe5c, 0x30, 0xffff, 0x0, 0x0, {}, [{0xe48, 0x1, [@m_police={0xd34, 0x1, 0x0, 0x0, {{0xb}, {0xc7c, 0x2, 0x0, 0x1, [[@TCA_POLICE_RESULT={0x8}], [@TCA_POLICE_RATE={0x404, 0x2, [0x6, 0x8001, 0x83af, 0xd118, 0x6, 0x400, 0x7, 0x7ff, 0x736, 0x9, 0x401, 0x0, 0xfffffffb, 0x90, 0xe1e, 0xd5, 0x1, 0xfffffff7, 0x4, 0x1, 0x5, 0x2, 0x3, 0xfff, 0xa9, 0x3, 0x1, 0x0, 0x6, 0x5, 0x9cb, 0x2ac9cfff, 0x9, 0x49fa, 0xfffffff8, 0x8, 0x7, 0x6, 0xffffff7f, 0xfff, 0x8, 0x2, 0x3, 0x1, 0x7, 0xfffffffa, 0x3, 0x5, 0x6, 0x4, 0x9, 0x1, 0xd50, 0x0, 0x6, 0x30000000, 0xf, 0x2, 0xfffffff7, 0x6, 0x8, 0x3, 0x6, 0x3, 0x0, 0x8, 0x800, 0x8001, 0x3, 0x2, 0x8, 0x3, 0x200, 0x6, 0x8, 0x5, 0x6, 0x800, 0xc508, 0x5, 0x5, 0xab, 0x7, 0x4802, 0x35, 0x0, 0x1, 0x6, 0x745, 0x7, 0x9, 0x5, 0xffffffb7, 0x18, 0x0, 0x80000001, 0x5, 0xf63b, 0x8, 0x6, 0x7, 0xa36d, 0x9, 0x30edda9, 0x400, 0x9, 0x8, 0xfffffffb, 0x8001, 0x7, 0x9d61, 0x4, 0x3, 0x5, 0x5, 0x7fffffff, 0x200, 0x4, 0x5, 0xc, 0x7, 0x166, 0x0, 0x200, 0x6, 0x4, 0x4, 0x8, 0x2, 0xb0f, 0x2, 0xffff, 0xfffffff9, 0x2, 0xaf46d4d, 0xd, 0x7f, 0xfffffff8, 0x7, 0xd6, 0x34, 0x5, 0x2, 0x2, 0x3, 0x1, 0x0, 0xb49b, 0x0, 0x0, 0x8, 0x401, 0x80000001, 0xd95, 0x3, 0x10001, 0x1ff, 0x30, 0x4, 0x2, 0x3, 0x9, 0xfffffeff, 0x8, 0x3e1, 0x10001, 0x4, 0x4, 0x15, 0x7, 0x200, 0xff, 0xffffffff, 0x10, 0x9, 0x2, 0xee6, 0x643, 0x8, 0x8, 0x3, 0xd587, 0x10, 0xe074, 0x8, 0x9, 0x8, 0x8, 0x9c, 0x3, 0x380d, 0x9, 0xffffff01, 0xc, 0xfffffff8, 0x3, 0xffffffff, 0x6, 0x9, 0x4, 0x81, 0x5, 0x8, 0x0, 0x6, 0x81, 0x6, 0x15c000, 0x9, 0x6, 0x2, 0x1, 0x5, 0x3, 0x34f3, 0xf30, 0xced0, 0x0, 0x3ff, 0x348, 0xfffffffd, 0x44, 0x7fff, 0x5, 0xff, 0x0, 0x800000, 0x5, 0x6de, 0xfffffffb, 0x6, 0xffffff7f, 0x2, 0x9b2, 0x100, 0x5, 0x50b7, 0xfffffff8, 0x4, 0x6, 0x1, 0x80000001, 0x3d7, 0x400, 0x10001, 0x3, 0x9, 0x3, 0x100, 0x3860d732, 0x0, 0x8000, 0x1184, 0x80000000, 0x40, 0x6]}, @TCA_POLICE_RATE64={0xc}, @TCA_POLICE_RATE={0x404, 0x2, [0x0, 0x8, 0x8001, 0x101, 0x800, 0x3, 0x0, 0x8000, 0xfffffff1, 0x8163, 0x2, 0x7, 0x0, 0x7, 0x4, 0x238, 0x5c, 0x401, 0xfffffffa, 0x2, 0x6, 0x3, 0xfffffff7, 0x5, 0xa, 0xfffff12c, 0xa144fa00, 0x5, 0x4, 0xfffffff5, 0x40, 0xd69, 0x8001, 0xa24, 0xb1a, 0x40, 0x1, 0xff, 0x4, 0x0, 0xd193, 0x9, 0x0, 0x4, 0x9, 0xc00000, 0xd9, 0x6, 0x88d, 0x2, 0xf, 0x3, 0x81, 0x7, 0x9, 0xffffffff, 0x80, 0x349343ef, 0xfffffffb, 0xfffffffe, 0xbb1e, 0x7fffffff, 0xe509, 0x56c, 0x1, 0x7, 0x3, 0x3bc, 0x1, 0x1, 0x6, 0x3ca0a754, 0x9, 0x9, 0x86, 0x7f, 0x3, 0x101, 0x80, 0x54, 0x4, 0x1, 0x2, 0xc0f5, 0x9, 0x10001, 0x7fffffff, 0x3, 0x1, 0x5, 0x7, 0x8, 0x1, 0x1, 0x1, 0x80, 0x0, 0x10001, 0x80000000, 0x2, 0x0, 0x3, 0x400, 0x2, 0x2, 0x7f, 0x4, 0x81, 0x2, 0x5, 0x7, 0x6, 0x200, 0x3, 0x5, 0x200, 0x7, 0xffffa8db, 0x6, 0x3, 0x95e, 0x0, 0x4, 0x3ff, 0x0, 0x9, 0xc0000000, 0x800, 0x1, 0x401, 0x0, 0x3ff, 0x9, 0xfffffe01, 0xfc, 0x1, 0x81, 0xfff, 0x1, 0xffff, 0x6, 0x7, 0x101, 0x4, 0x4, 0x7ff, 0x0, 0xa, 0x45, 0x5, 0x1, 0x9, 0x3, 0x2, 0x4, 0x400, 0x2, 0x1, 0x9, 0x7, 0xd13, 0xa, 0x1, 0x7f, 0xa, 0x516f767d, 0x5, 0x8, 0x2, 0x6, 0xffffffff, 0x0, 0xfffffffb, 0xffffcbe5, 0x7fffffff, 0x5, 0x2, 0x8000, 0x1ff, 0x1c, 0xd6, 0x3, 0xb4, 0x1, 0x5, 0x8, 0xfffffff8, 0x1, 0x2, 0x5, 0x9, 0xfffffffa, 0x3, 0x8, 0x0, 0x8, 0xfff, 0x1cf, 0x8001, 0x9, 0x8, 0x3, 0xfffffffe, 0x3, 0x4, 0x7f, 0x3, 0x6, 0x9, 0x80, 0x8, 0x0, 0x3, 0x5, 0x7, 0x9, 0x8, 0x2, 0x5, 0x8, 0x6, 0xd, 0xfffffffa, 0x5, 0x3, 0x9, 0x8, 0x5, 0x5, 0x5a98, 0x1000, 0x9, 0x1, 0x2960, 0xdfc, 0x3, 0x40, 0x1, 0x400, 0x7e, 0xd, 0x8000, 0x4, 0xffff, 0x1, 0x9, 0x5, 0xc, 0x8000, 0x80000000, 0x6a4c, 0xffff, 0xb, 0x2, 0x5, 0x2]}, @TCA_POLICE_RATE={0x404, 0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbca9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd08, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, @TCA_POLICE_TBF={0x3c}, @TCA_POLICE_RESULT={0x8}], [@TCA_POLICE_AVRATE={0x8}, @TCA_POLICE_RATE64={0xc, 0x8, 0x7ff}]]}, {0x90, 0x6, "de6e90fefd486a1b74051061dfc35f893269f595b70488e9c4f31ac83295eaeb45c372f44cb2022f471900afb0d15c9478b0de010f5a90c9df186f3b129f5c90700f8aae449eb8148c8adf73fe95570285d3f7538e540b798f81bc1c1036d803e4c7534133ca6aa2e5ec81be85080e61165bf3e1dac9433cea763093f214c444f6faacf988cc7b9cd925a8c6"}, {0xc}, {0xc}}}, @m_sample={0x110, 0x0, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_SAMPLE_RATE={0x8}, @TCA_SAMPLE_TRUNC_SIZE={0x8}, @TCA_SAMPLE_RATE={0x8}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8}]}, {0xc2, 0x6, "efaacd77cefe6759050ffbdeacf4f7e475cb3ee34a42e7d2978e8d2689be0a2c214da36c734d59049158c0b9cb75a263573d07e164a4a2bee2cd9fb0472eb8363a8f3d35379662fd545fa3e037590e820ea9632174f6b1e21420a4413f98b4b9f3b96867f904c8dbe792853730a0d09b6ff0a2ffa82fd28191d6643666677d3644848776b09ac135238ef815ababa2db9e45427d9b7c0acdbafcdfef22ea8931f1dcc2b8098bc17e85fdf533db335827ee29ef5b1ea6a9c2d1e51ae6f39c"}, {0xc}, {0xc, 0x8, {0x5, 0x1}}}}]}]}, 0xe5c}}, 0x0) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008108040f80ecdb4cb92e0a480e000f000000e8bd6efb250314000e000100240248ff050005001200", 0x2e}], 0x1}, 0x0) socket$nl_route(0x10, 0x3, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x30, r5, 0x1, 0x0, 0x0, {{}, {}, {0x14, 0x19, {0xfffffffe, 0x0, 0x7, 0xc1}}}}, 0x30}}, 0x0) sendmsg$TIPC_CMD_DISABLE_BEARER(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0xc0}, 0x4) r6 = socket(0x10, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), r6) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xa) r7 = socket$inet_smc(0x2b, 0x1, 0x0) connect$inet(r7, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) r8 = socket$inet(0x2, 0x2000000080002, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r7, 0x0, 0x80, &(0x7f0000000280)=@broute={'broute\x00', 0x20, 0x2, 0x238, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200005c0], 0x0, 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="00000000d966000000000000000000000000000000000000000000000000000018e0000000000000feffffff01000000110000000000000081006263736630000002000800000000000073697430000002000000ffff00000000626f6e643000000000000000000000007600000000010000005c121d00000000ffffffffffff0000000000000000000000000000000000000000d0000000d000000000010000766c616e000000ff030000002000000000000000000000000000000000000000080000000000007f0000000000000100766c616e000000000000000000000000000000000000000000000000000000000800000000000000000000000000000041554449540000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff01000000030000000000000000006970365f76746930000000000000000073797a6b616c6c6572300000000000006263736630000000000000000000000076657468305f746f5f7465616d000000aaaaaaaaaacc030000000000aaaaaaaaaaaa00000000000000007000000070000000a8000000646e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa0000fcffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000002000000ffffffff00000000"]}, 0x2b0) setsockopt$EBT_SO_SET_COUNTERS(r8, 0x0, 0x81, &(0x7f00000001c0)={'broute\x00', 0x0, 0x0, 0x0, [0x0, 0x2, 0x0, 0x0, 0xfffffffffffffffe, 0x10000000000000], 0x2, &(0x7f0000000080), 0x0, [{}, {}]}, 0x98) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x0, 0x0, 0x4}, 0x48) sendmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000200)}], 0x1}, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x20000811) unshare(0x28000400) 1.014860924s ago: executing program 0 (id=1986): r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000072"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x90) close(r0) r1 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r1, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x30004081) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1e6b0b725ad99b817fd98cd824498949714e32f21dcc4ae5437aca55f21f3ca9e822d182054d54d53cd2b6da714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed00000000000000000000000000000000000000006c63b40e0c00000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f79829c90bd2114252581567acae715cbe1b57d5cda432c5b9443999f7d24195405f2e76ba88454cc9227069ccb7b37b41215c000000003be991e5e897284cdd6043058cec00000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x21, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x4000000}, 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90) r2 = socket(0x10, 0x803, 0x0) r3 = socket(0x0, 0x803, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=@getchain={0x24, 0x66, 0x0, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffff}, {0xfff1}, {0x0, 0xc}}}, 0x24}}, 0x0) getsockname$packet(r2, &(0x7f0000000740)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000700)=0x14) sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="380000001000010400000080000000523e2aaec4", @ANYRES32=r4, @ANYBLOB="0000000000000000180012800b000100697036746e6c00000800028d04001300"], 0x38}}, 0x0) r5 = socket(0x11, 0x800000003, 0x0) setsockopt$packet_fanout_data(r5, 0x107, 0x16, &(0x7f0000000240)={0x0, &(0x7f0000000140)}, 0x10) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r6, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) connect$inet6(r6, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_ULP(r6, 0x6, 0x1f, &(0x7f00000002c0), 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r6, 0x6, 0x14, &(0x7f00000000c0)=0x1, 0x4) write$binfmt_script(r6, &(0x7f0000000100), 0xfffffecd) setsockopt$inet6_tcp_TLS_TX(r6, 0x11a, 0x2, &(0x7f0000000400)=@gcm_256={{0x304}, "adffffff00", "4b5b154869939154798f82be7dcae38bcdcab75bc2d1dcb3b28921cb75aab36d", "899d6e3a", "90167d3ae79ca2c5"}, 0x38) setsockopt$sock_int(r6, 0x1, 0x12, &(0x7f0000000b40), 0x4) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="380000004900010000000000000000000a008000", @ANYRES32=0x0, @ANYBLOB="0000000008000200000000001400"/23], 0x38}}, 0x0) syz_emit_ethernet(0xb1, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaaaaaaaabbffffffffffff92001527b243421c58dc3b9852c40341f0f1209b2b96ef97f76b362be10c5c8fde87246029101a9697655bdca9235bfab1f7279f928658cd356227688d2d5d52bba2875097f671db54eeb8a3efad5d0812d72848f7faab947e39b2ef17f421955ecb666e18dc36851548ebdbaa734966d0c434b0df1669d8480629ae2eb5e7c0ccc60571c10b5a3814c9a45dbd95a35e6202b32af38a4b71bb6e21a2a9c8b554a856f00ef6"], 0x0) socket$nl_route(0x10, 0x3, 0x0) r8 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$sock_linger(r8, 0x1, 0x3d, &(0x7f00000002c0)={0x1}, 0x8) socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x48000) 969.190489ms ago: executing program 1 (id=1987): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="3b96feffffff000000003b00000008000300", @ANYRES32, @ANYBLOB="2600330040000000080411000000080211000001505050505050"], 0x44}}, 0x0) 740.604719ms ago: executing program 1 (id=1989): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$inet6(0xa, 0x2, 0x0) socket$kcm(0x10, 0x2, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x11, 0x80a, 0x0) socket(0x10, 0x3, 0x0) socket$inet_mptcp(0x2, 0x1, 0x106) socket$inet_udp(0x2, 0x2, 0x0) socket$inet_udp(0x2, 0x2, 0x0) socket$kcm(0x10, 0x2, 0x0) pipe(&(0x7f0000000040)={0xffffffffffffffff}) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x6}, 0x90) socket$inet6_sctp(0xa, 0x1, 0x84) socket$inet_sctp(0x2, 0x5, 0x84) socket$inet_udp(0x2, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="1100010000000000140012800c0001006d6163766c616e000400028008000500", @ANYRES32=r4, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x44}}, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket(0x10, 0x803, 0x0) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r7) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_REGISTER_BEACONS(r2, &(0x7f00000004c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x28, r8, 0x4, 0x70bd29, 0x25dfdbfd, {{}, {@void, @val={0x8, 0x3, r9}, @val={0xc, 0x99, {0xfffffffa, 0x2}}}}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x400c000}, 0x8000) sendmsg$nl_route(r7, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), r0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="780000001000390400"/20, @ANYRES32=r10, @ANYBLOB="0198000000000000580012800b000100697036677265000048000280060011004e200000060003000b00000008000500f912000006000e00020000000800140003000000050017000000000006000200b200000008000d00090000000400120018"], 0x78}}, 0x0) sendmmsg$inet(r1, &(0x7f0000005ac0)=[{{&(0x7f0000000180)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000400)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r10, @local, @local}}}], 0x20}}], 0x1, 0x0) 694.122687ms ago: executing program 3 (id=1990): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8}]}]}, @NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_XFRM_DIR={0x5}, @NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x6}, @NFTA_XFRM_DREG={0x8, 0x1, 0x1, 0x0, 0x11}, @NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x5}, @NFTA_XFRM_DIR={0x5, 0x3, 0x2}]}}}]}]}], {0x14}}, 0xe4}}, 0x0) 620.504255ms ago: executing program 1 (id=1991): r0 = socket(0x1e, 0x4, 0x0) setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000480), 0x4) getsockopt$inet_tcp_int(r0, 0x6, 0x0, &(0x7f00000001c0), &(0x7f0000000200)=0x4) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000340)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x23}, @printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x72}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 599.756962ms ago: executing program 3 (id=1992): r0 = socket(0x40000000002, 0x3, 0x80000000002) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='veth1_virt_wifi\x00', 0x10) setsockopt$inet_int(r0, 0x0, 0x4, 0x0, 0x0) sendto$unix(r0, 0x0, 0x5c8, 0x0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x10000e0}, 0x6e) 465.166412ms ago: executing program 3 (id=1993): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes-aesni)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe1a}], 0x1, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x4924924924924b9, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000005d80)=[{{0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000340)=""/4096, 0x34000}], 0x1}}], 0x1, 0x0, 0x0) 464.98286ms ago: executing program 1 (id=1994): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000680)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f0000000780)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x4001}, 0xc, &(0x7f0000000740)={&(0x7f00000006c0)={0x78, r2, 0x1, 0x70bd28, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_KEY={0x18, 0x50, 0x0, 0x1, [@NL80211_KEY_DATA_WEP104={0x11, 0x1, "1fd33cf201c0990ee8e90c84de"}]}, @NL80211_ATTR_KEY_SEQ={0xd, 0xa, "1960a2fef83192269d"}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x18, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}]}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_KEY_DEFAULT={0x4}]}, 0x78}, 0x1, 0x0, 0x0, 0x20008800}, 0x40804) 452.406884ms ago: executing program 2 (id=1995): socketpair$nbd(0x1, 0x1, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000940)=ANY=[@ANYBLOB="b4050000200080066110000000000000c6000000000000009500d800000000009f33ef60916e55893f1eeb0b2ae13d922e6235592ce847e2566c43d72918a897323fd0723043c47c896ce0bce66a245ad9d6817fd98cd824498949714ffaac8a6f77ef0000ca5d82054d54d53cd2b6db714e75d9bdae214fa68a0557eb2c5ca683a4b6fcfcff0bffffffffffd47042eaebfa6fa26fa7a347c7faa8e700458c60897d4a6148a1c11428427c40de60beacf871ab5c2ff88a02084e5b5271e45f00003826fb8579c1fb01d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0c20cdbe7009a6fe7cc78762f1d4dcdbca64920db9a50f86c21632f7a4bd344e0bd74ff05d37ef68e3b9db863c758ffffffffabe90ac5d08dd9d4e0359c41cf3626e1230bc1cd4c02c460ceb44276e9bd94d1c2e6d17dc5c2edf332a62f5fe68fbbbbfcfd00000000000fbf940e6652d357474ed5f816f66ac3027460ae66317f83cdd7a7eb2a7003d1a6cf5478533584961c329fcf5a43e05c92bfef0dcd28000000003f2915a3039c9a78f63b8ec7e60a0000fed7d67c440e23d130e51eea1e085bebabe7059de9cbfc5117c024185a062acb6b8eec31c21b3af8b9eedb4660ed2deb7acf2a33a376a5cb7d4266d5b0be14488d14b473502486ad8dd600000000000000000000c7766ea7c581782c0d90f42a85303835fc291c25d29e6bead5d7360f2e1929d7736ebc8558c4506407d3046022bdf25485bd5442169e9b4c1278343581b7a06f65e8ea6b042c4fd08381e5000000000000006398d6480000001a723b91030000006480304c66b217aea0156ce9eef911fe5b7370f79987303ecb3aabc53c60014a0101ab766754f596b41da9534d12b8306a1b36cf3b03f0d790879f523eabfbee83d8bd472ef69660cf6ec897106c51e54a17497f384c4956b41f3843e7c878b1e11316d8ddae1c6c3b85aaf7a9fcaf8f5d6186c42542d68ba72682c938d3c0a2e6e10eed71b1d31c9f300b41745329bf34495c63e43fb896e4903fb0fae54a8f0fe3b48a5b29d279070647e65097c8ecf32a15080000000000000001007ba4a70a084bd994ac5e00000000000000000000000000351a30cd97f83d72631d0fe92efa974a53f4dc1eb9a86df632a6d463688123f64d42a919bcfc44a90ffd680200000091f842a91c977f6075d07e39e669b0713af0498a99bf5261cb3269d499a5202d7a08b33ade7b38829b9bd39619688d5e9af22170ef83e5b92cbb32b655c45de1c154aad81bf64351668a3f76d5afa958aff76249e0ffdf8e45155536a1a44bfcbfbfd232af000052f9002a"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x1, 0x4, 0x2}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20) bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000000080)={r1, &(0x7f0000000040)}, 0x20) 396.904911ms ago: executing program 3 (id=1996): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)={0x2c, 0x3a, 0x9, 0x0, 0x0, {0x1}, [@typed={0x4}, @nested={0x8, 0x2, 0x0, 0x1, [@generic="9dfa5f8a"]}, @typed={0xc, 0x3, 0x0, 0x0, @u64}]}, 0x2c}}, 0x0) 336.123824ms ago: executing program 2 (id=1997): socket$nl_netfilter(0x10, 0x3, 0xc) socket$kcm(0x29, 0x5, 0x0) socket$inet6(0xa, 0x5, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x3a0ffffffff) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_route(0x10, 0x3, 0x0) syz_open_procfs$namespace(0x0, &(0x7f00000001c0)='ns/ipc\x00') socket$nl_xfrm(0x10, 0x3, 0x6) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0) socket$l2tp(0x2, 0x2, 0x73) socket$l2tp(0x2, 0x2, 0x73) socket$inet6(0xa, 0x6, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="1f02ffff0000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="21003300d0800000080211000000080211000001505050505050000000000000", @ANYRES8=r0], 0x40}}, 0x0) 329.109808ms ago: executing program 1 (id=1998): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100), 0xfecc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$SO_TIMESTAMP(r1, 0x1, 0x40, &(0x7f0000000000), 0x4) r2 = socket$rxrpc(0x21, 0x2, 0xa) bind$rxrpc(r2, &(0x7f00000000c0)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x24) 260.990204ms ago: executing program 3 (id=1999): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000200)={'wlan1\x00'}) sendmsg$NL80211_CMD_FRAME(r1, 0x0, 0x0) 185.38239ms ago: executing program 1 (id=2000): r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x3, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000003000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x5}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095", @ANYRES16=r0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5}, 0x48) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000380)={{r2}, &(0x7f0000000240), &(0x7f0000000280)='%pB \x00'}, 0x20) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x14, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020641c00000000002008fb7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000400)='signal_generate\x00', r3}, 0x10) r4 = syz_init_net_socket$x25(0x9, 0x5, 0x0) bind$x25(r4, &(0x7f0000000600)={0x9, @remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x1, 0x10}}, 0x12) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000003680)='tcp_probe\x00', r1}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r5 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r5, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) connect$inet(r5, &(0x7f0000000200)={0x2, 0x4e27, @multicast1}, 0x10) setsockopt$inet_tcp_TCP_REPAIR(r5, 0x6, 0x13, &(0x7f00000001c0), 0x4) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 184.570844ms ago: executing program 2 (id=2001): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000c80)=@newqdisc={0x188, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@TCA_STAB={0x164, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x4d, 0xe, 0x1, 0x9, 0x1, 0x7f, 0x2, 0x3}}, {0xa, 0x2, [0xfff7, 0xea3, 0x1]}}, {{0x1c, 0x1, {0x9, 0x7, 0x2, 0x1, 0x2, 0x5, 0x7, 0x1}}, {0x6, 0x2, [0x5]}}, {{0x1c, 0x1, {0x6, 0x5, 0x2, 0x80000001, 0x2, 0x0, 0x9, 0x4}}, {0xc, 0x2, [0x6, 0xf001, 0x6, 0x4]}}, {{0x1c, 0x1, {0x7, 0x4, 0x4, 0x7, 0x2, 0x0, 0x3474, 0xa}}, {0x18, 0x2, [0x10, 0x0, 0x0, 0x1, 0xb0, 0x0, 0x2, 0x4, 0xe4c1, 0x8]}}, {{0x1c, 0x1, {0xbb, 0x8, 0x2, 0xcf, 0x0, 0x9, 0xbf}}, {0x4}}, {{0x1c, 0x1, {0x7, 0xe, 0x9, 0x5, 0x1, 0x5, 0x6, 0x2}}, {0x8, 0x2, [0x9, 0x100]}}, {{0x1c, 0x1, {0xeb, 0x3, 0x1d11, 0x2, 0x2, 0x6, 0xbab3, 0x1}}, {0x6, 0x2, [0x5]}}, {{0x1c, 0x1, {0x3, 0xaa, 0xfc7, 0x401, 0x0, 0x0, 0xe3, 0x4}}, {0xc, 0x2, [0x8, 0x10, 0x7ff, 0x9]}}, {{0x1c, 0x1, {0x5, 0x7, 0xfff, 0x5, 0x1, 0x7b7, 0xffffffff, 0x3}}, {0xa, 0x2, [0x3, 0x401, 0x8000]}}]}]}, 0x188}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="18020000000000000000000000000030850000002c00000095000000000000002b4003fe37a077ae55f52c0d80a2649baca85309be96d5a45bbbdb5ff7ffffffd075b3eee14473f51be98db7efbb059842ba4470e8e04acb807fbbabc68abdcce9f672b6bb61c302dfd5c11071adac29fd64d33a3502fbeb1ed99dd0e792f24c420bfcc2635421d339ad521d6953b1137850d9e9ebf65ee988ea2dbee528678eb47efb7b3f19046c6f1bd1bf56e5853ed96137f95b3a11954ed1c8a8676468cf2405e48723d4b1ff"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x1000, &(0x7f0000001400)=""/4106}, 0x18) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x4000, &(0x7f0000000080)={&(0x7f0000000240)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8, 0x1, r2}]}, @IFLA_GROUP={0x8}]}, 0x34}}, 0x0) 89.128862ms ago: executing program 4 (id=2002): socket$tipc(0x1e, 0x5, 0x0) epoll_create1(0x0) r0 = socket$inet_smc(0x2b, 0x1, 0x0) listen(r0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, 0x0, 0x0) r2 = socket$can_j1939(0x1d, 0x2, 0x7) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, 0x0) sendmsg$BATADV_CMD_SET_VLAN(r3, 0x0, 0x0) sendmsg$nl_route(r1, 0x0, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x700}, 0x0, &(0x7f00000002c0)={0x3ff}, &(0x7f0000000300)={0x0, 0x3938700}, 0x0) socket(0x10, 0x80002, 0x0) 32.709051ms ago: executing program 0 (id=2003): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0x48}}, 0x0) 0s ago: executing program 3 (id=2004): r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000a000000095"], &(0x7f0000000040)='syzkaller\x00'}, 0x90) r1 = socket$nl_route(0x10, 0x3, 0x0) pipe(&(0x7f00000004c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000001000010400000000000000ffff000000", @ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e00140002800800010008000000060002000100000008000500", @ANYRES32=r2, @ANYRES32], 0x54}}, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{0x1, 0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000100)=r0}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f0000000180), &(0x7f00000002c0)=r0}, 0x20) r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000000)={0x3, 0x4, 0x4, 0xa, 0x0, r5, 0x1000, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x2}, 0x48) r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x1}, 0x48) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0) ioctl$FS_IOC_SETFLAGS(r7, 0x40086602, &(0x7f00000002c0)=0x44880) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x10, 0xe54, 0x3, 0x7f, 0x400, 0x1, 0x63, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3}, 0x48) r9 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xd, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006100000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000950000000000000010f21f467bf2c0c32beeb3053a7c6d70800d037f502c82b5c738b71e23d9d91cd6b179e5d1312ab1ed703612fda6d2852c829e032e504017434ab714db43634654995ed7a5c4e21d3601d91fb0a09a331dcf39878cae20ea934f2b51712bd66b8dfadfa5adc2742a21aff795763b5debbd72cd63b3b1e03c8798e9f2f8b37846456dd4d915154f"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000740)=@bpf_ext={0x1c, 0x16, &(0x7f0000000340)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x7}, [@ldst={0x2, 0x2, 0x3, 0x1, 0x5, 0xc}, @jmp={0x5, 0x0, 0x9, 0x3, 0x8, 0x100}, @map_idx_val={0x18, 0x5, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3}, @map_fd={0x18, 0x6, 0x1, 0x0, r2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x81}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @call={0x85, 0x0, 0x0, 0x43}, @jmp={0x5, 0x0, 0x7, 0x6, 0x8, 0xfffffffffffffff8, 0xffffffffffffffff}, @map_fd={0x18, 0xe, 0x1, 0x0, r4}]}, &(0x7f0000000400)='syzkaller\x00', 0x7, 0xbb, &(0x7f0000000440)=""/187, 0x41100, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000500)={0x8, 0x3}, 0x8, 0x10, &(0x7f0000000540)={0x2, 0x4, 0xb, 0x7a}, 0x10, 0x25c9, r0, 0x5, &(0x7f0000000680)=[r5, r6, r7, r8, r9], &(0x7f00000006c0)=[{0x5, 0x4, 0x10, 0x9}, {0x2, 0x2, 0xb, 0xa}, {0x4, 0x5, 0x4, 0x1}, {0x0, 0x4, 0xd, 0x1}, {0x1, 0x5, 0x5, 0x6}], 0x10, 0xa4}, 0x90) bpf$BPF_PROG_TEST_RUN_LIVE(0xa, &(0x7f0000000080)={r0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) kernel console output (not intermixed with test programs): kets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 291.869672][ T8143] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 291.888665][ T8143] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 291.895693][ T8143] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 291.924672][ T8143] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 291.951821][ T8152] bridge0: port 2(bridge_slave_1) entered blocking state [ 291.959504][ T8152] bridge0: port 2(bridge_slave_1) entered disabled state [ 291.967001][ T8152] bridge_slave_1: entered allmulticast mode [ 291.974328][ T8152] bridge_slave_1: entered promiscuous mode [ 291.984325][ T8150] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 291.996435][ T8146] bridge0: port 1(bridge_slave_0) entered blocking state [ 292.003635][ T8146] bridge0: port 1(bridge_slave_0) entered disabled state [ 292.016654][ T8146] bridge_slave_0: entered allmulticast mode [ 292.024437][ T8146] bridge_slave_0: entered promiscuous mode [ 292.041812][ T8146] bridge0: port 2(bridge_slave_1) entered blocking state [ 292.049298][ T5244] Bluetooth: hci3: command tx timeout [ 292.055570][ T8146] bridge0: port 2(bridge_slave_1) entered disabled state [ 292.064900][ T5244] Bluetooth: hci2: command tx timeout [ 292.073432][ T8146] bridge_slave_1: entered allmulticast mode [ 292.084046][ T8146] bridge_slave_1: entered promiscuous mode [ 292.122496][ T8150] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 292.225089][ T8145] team0: Port device team_slave_0 added [ 292.248483][ T8152] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 292.267218][ T8150] team0: Port device team_slave_0 added [ 292.304826][ T8146] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 292.326670][ T8145] team0: Port device team_slave_1 added [ 292.335727][ T8152] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 292.368883][ T8150] team0: Port device team_slave_1 added [ 292.397679][ T8143] hsr_slave_0: entered promiscuous mode [ 292.405230][ T8143] hsr_slave_1: entered promiscuous mode [ 292.424285][ T8143] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 292.444376][ T8143] Cannot create hsr debugfs directory [ 292.454638][ T8146] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 292.535820][ T8152] team0: Port device team_slave_0 added [ 292.642387][ T8152] team0: Port device team_slave_1 added [ 292.691217][ T8146] team0: Port device team_slave_0 added [ 292.710789][ T8146] team0: Port device team_slave_1 added [ 292.756803][ T8145] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 292.772908][ T8145] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 292.810850][ T8145] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 292.824505][ T8145] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 292.831805][ T8145] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 292.862891][ T8145] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 292.875264][ T8150] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 292.882543][ T8150] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 292.910224][ T8150] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 293.047931][ T8146] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 293.054937][ T8146] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 293.096129][ T8146] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 293.120507][ T8150] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 293.128106][ T8150] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 293.155981][ T8150] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 293.183852][ T8152] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 293.191312][ T8152] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 293.217630][ T8152] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 293.253587][ T8146] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 293.260907][ T8146] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 293.287312][ T8146] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 293.384883][ T8152] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 293.396311][ T8152] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 293.423134][ T8152] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 293.466105][ T8150] hsr_slave_0: entered promiscuous mode [ 293.473044][ T8150] hsr_slave_1: entered promiscuous mode [ 293.480465][ T8150] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 293.488947][ T8150] Cannot create hsr debugfs directory [ 293.513914][ T8145] hsr_slave_0: entered promiscuous mode [ 293.520586][ T8145] hsr_slave_1: entered promiscuous mode [ 293.527718][ T8145] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 293.535316][ T8145] Cannot create hsr debugfs directory [ 293.646399][ T5244] Bluetooth: hci5: command tx timeout [ 293.723886][ T8146] hsr_slave_0: entered promiscuous mode [ 293.744307][ T8146] hsr_slave_1: entered promiscuous mode [ 293.764532][ T8146] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 293.780011][ T8146] Cannot create hsr debugfs directory [ 293.868404][ T8152] hsr_slave_0: entered promiscuous mode [ 293.875319][ T8152] hsr_slave_1: entered promiscuous mode [ 293.882943][ T8152] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 293.891242][ T5244] Bluetooth: hci1: command tx timeout [ 293.896806][ T5244] Bluetooth: hci0: command tx timeout [ 293.902986][ T8152] Cannot create hsr debugfs directory [ 294.126351][ T5234] Bluetooth: hci2: command tx timeout [ 294.126410][ T5244] Bluetooth: hci3: command tx timeout [ 294.217721][ T1125] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 294.298906][ T1125] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 294.454303][ T1125] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 294.530713][ T8143] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 294.615079][ T1125] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 294.707364][ T8143] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 294.819302][ T8143] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 294.958430][ T8143] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.114151][ T1125] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.257903][ T1125] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.365979][ T1125] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.467122][ T1125] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.727195][ T1125] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.735191][ T5244] Bluetooth: hci5: command tx timeout [ 295.819442][ T1125] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.928429][ T1125] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.966570][ T5244] Bluetooth: hci0: command tx timeout [ 295.967870][ T5234] Bluetooth: hci1: command tx timeout [ 296.040807][ T1125] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 296.206724][ T5234] Bluetooth: hci2: command tx timeout [ 296.206868][ T5244] Bluetooth: hci3: command tx timeout [ 296.227727][ T8150] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 296.241532][ T8150] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 296.299968][ T8150] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 296.323249][ T8150] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 296.698621][ T8150] 8021q: adding VLAN 0 to HW filter on device bond0 [ 296.754192][ T8150] 8021q: adding VLAN 0 to HW filter on device team0 [ 296.779530][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 296.786753][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 296.820521][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 296.828598][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 296.915622][ T8150] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 296.943017][ T8150] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 297.407597][ T8150] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 297.419918][ T1125] geneve1: left allmulticast mode [ 297.424999][ T1125] geneve1: left promiscuous mode [ 297.447144][ T1125] bridge0: port 3(geneve1) entered disabled state [ 297.477357][ T1125] bridge_slave_1: left allmulticast mode [ 297.483072][ T1125] bridge_slave_1: left promiscuous mode [ 297.507779][ T1125] bridge0: port 2(bridge_slave_1) entered disabled state [ 297.530100][ T1125] bridge_slave_0: left allmulticast mode [ 297.535797][ T1125] bridge_slave_0: left promiscuous mode [ 297.550634][ T1125] bridge0: port 1(bridge_slave_0) entered disabled state [ 297.570051][ T1125] bridge_slave_1: left allmulticast mode [ 297.575742][ T1125] bridge_slave_1: left promiscuous mode [ 297.592488][ T1125] bridge0: port 2(bridge_slave_1) entered disabled state [ 297.604471][ T1125] bridge_slave_0: left allmulticast mode [ 297.610711][ T1125] bridge_slave_0: left promiscuous mode [ 297.617060][ T1125] bridge0: port 1(bridge_slave_0) entered disabled state [ 297.628594][ T1125] bridge_slave_1: left allmulticast mode [ 297.634281][ T1125] bridge_slave_1: left promiscuous mode [ 297.641365][ T1125] bridge0: port 2(bridge_slave_1) entered disabled state [ 297.655018][ T1125] bridge_slave_0: left allmulticast mode [ 297.662355][ T1125] bridge_slave_0: left promiscuous mode [ 297.673912][ T1125] bridge0: port 1(bridge_slave_0) entered disabled state [ 297.687496][ T1125] geneve1: left allmulticast mode [ 297.692578][ T1125] geneve1: left promiscuous mode [ 297.697930][ T1125] bridge0: port 3(geneve1) entered disabled state [ 297.705914][ T1125] bridge_slave_1: left allmulticast mode [ 297.711699][ T1125] bridge_slave_1: left promiscuous mode [ 297.717607][ T1125] bridge0: port 2(bridge_slave_1) entered disabled state [ 297.727871][ T1125] bridge_slave_0: left allmulticast mode [ 297.733547][ T1125] bridge_slave_0: left promiscuous mode [ 297.741320][ T1125] bridge0: port 1(bridge_slave_0) entered disabled state [ 298.959993][ T1125] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 298.973139][ T1125] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 298.985893][ T1125] bond0 (unregistering): Released all slaves [ 299.003308][ T1125] bond1 (unregistering): Released all slaves [ 299.024421][ T1125] bond2 (unregistering): (slave lo): Releasing active interface [ 299.033140][ T1125] bond2 (unregistering): (slave lo): last VLAN challenged slave left bond - VLAN blocking is removed [ 299.056070][ T1125] bond2 (unregistering): Released all slaves [ 299.153971][ T1125] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 299.174232][ T1125] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 299.187680][ T1125] bond0 (unregistering): Released all slaves [ 299.280985][ T1125] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 299.294046][ T1125] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 299.305859][ T1125] bond0 (unregistering): Released all slaves [ 299.322170][ T1125] bond1 (unregistering): Released all slaves [ 299.335403][ T1125] bond2 (unregistering): (slave lo): Releasing active interface [ 299.344179][ T1125] bond2 (unregistering): (slave lo): last VLAN challenged slave left bond - VLAN blocking is removed [ 299.366592][ T1125] bond2 (unregistering): Released all slaves [ 299.461050][ T1125] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 299.473485][ T1125] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 299.484837][ T1125] bond0 (unregistering): Released all slaves [ 299.501691][ T1125] bond1 (unregistering): Released all slaves [ 299.794026][ T1125] Êü: left promiscuous mode [ 300.096150][ T1125] tipc: Left network mode [ 300.117769][ T8150] veth0_vlan: entered promiscuous mode [ 300.164540][ T8150] veth1_vlan: entered promiscuous mode [ 300.304938][ T8150] veth0_macvtap: entered promiscuous mode [ 300.358676][ T8150] veth1_macvtap: entered promiscuous mode [ 300.383897][ T8150] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 300.397082][ T8150] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 300.408168][ T8150] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 300.423733][ T8150] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 300.435110][ T8150] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 300.461148][ T8150] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 300.482055][ T8150] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 300.492806][ T8150] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 300.504935][ T8150] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 300.578200][ T8150] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 300.590709][ T8150] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 300.601547][ T8150] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 300.616140][ T8150] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 300.626615][ T8150] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 300.637702][ T8150] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 300.647853][ T8150] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 300.658564][ T8150] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 300.669806][ T8150] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 300.690544][ T8150] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 300.700386][ T8150] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 300.709847][ T8150] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 300.720784][ T8150] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 301.134885][ T8143] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 301.162371][ T8143] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 301.181761][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 301.206452][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 301.217745][ T8143] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 301.338508][ T8143] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 301.371664][ T3005] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 301.390034][ T3005] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 301.526976][ T8146] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 301.559973][ T8146] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 301.660808][ T8146] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 301.768211][ T8146] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 301.880095][ T8152] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 301.986362][ T8152] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 302.019640][ T8152] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 302.047624][ T8152] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 302.334696][ T8145] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 302.385195][ T8145] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 302.416072][ T8145] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 302.436705][ T8145] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 302.464094][ T8143] 8021q: adding VLAN 0 to HW filter on device bond0 [ 302.518601][ T8143] 8021q: adding VLAN 0 to HW filter on device team0 [ 302.603728][ T3046] bridge0: port 1(bridge_slave_0) entered blocking state [ 302.610919][ T3046] bridge0: port 1(bridge_slave_0) entered forwarding state [ 302.664179][ T3046] bridge0: port 2(bridge_slave_1) entered blocking state [ 302.671398][ T3046] bridge0: port 2(bridge_slave_1) entered forwarding state [ 302.691889][ T8345] netlink: 188 bytes leftover after parsing attributes in process `syz.4.917'. [ 302.769354][ T8345] netlink: 'syz.4.917': attribute type 3 has an invalid length. [ 302.777799][ T8345] netlink: 666 bytes leftover after parsing attributes in process `syz.4.917'. [ 302.889443][ T8146] 8021q: adding VLAN 0 to HW filter on device bond0 [ 302.973351][ T1125] hsr_slave_0: left promiscuous mode [ 302.979587][ T1125] hsr_slave_1: left promiscuous mode [ 302.985565][ T1125] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 302.993449][ T1125] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 303.002441][ T1125] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 303.015135][ T1125] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 303.029803][ T1125] hsr_slave_0: left promiscuous mode [ 303.037918][ T1125] hsr_slave_1: left promiscuous mode [ 303.044071][ T1125] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 303.051874][ T1125] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 303.060477][ T1125] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 303.068070][ T1125] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 303.081032][ T1125] hsr_slave_0: left promiscuous mode [ 303.087962][ T1125] hsr_slave_1: left promiscuous mode [ 303.093866][ T1125] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 303.101417][ T1125] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 303.110569][ T1125] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 303.118926][ T1125] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 303.134159][ T1125] hsr_slave_0: left promiscuous mode [ 303.140446][ T1125] hsr_slave_1: left promiscuous mode [ 303.148932][ T1125] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 303.156889][ T1125] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 303.164866][ T1125] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 303.173013][ T1125] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 303.240908][ T1125] veth1_macvtap: left promiscuous mode [ 303.246663][ T1125] veth0_macvtap: left promiscuous mode [ 303.252340][ T1125] veth1_vlan: left promiscuous mode [ 303.258904][ T1125] veth0_vlan: left promiscuous mode [ 303.266952][ T1125] veth1_macvtap: left promiscuous mode [ 303.272619][ T1125] veth0_macvtap: left promiscuous mode [ 303.279784][ T1125] veth1_vlan: left promiscuous mode [ 303.285171][ T1125] veth0_vlan: left promiscuous mode [ 303.294546][ T1125] veth1_macvtap: left promiscuous mode [ 303.300235][ T1125] veth0_macvtap: left promiscuous mode [ 303.305871][ T1125] veth1_vlan: left promiscuous mode [ 303.311263][ T1125] veth0_vlan: left promiscuous mode [ 303.321468][ T1125] veth1_macvtap: left promiscuous mode [ 303.327251][ T1125] veth0_macvtap: left promiscuous mode [ 303.332900][ T1125] veth1_vlan: left promiscuous mode [ 303.339119][ T1125] veth0_vlan: left promiscuous mode [ 303.783607][ T1125] pim6reg527 (unregistering): left allmulticast mode [ 304.122539][ T1125] team0 (unregistering): Port device team_slave_1 removed [ 304.164080][ T1125] team0 (unregistering): Port device team_slave_0 removed [ 304.887785][ T1125] team0 (unregistering): Port device team_slave_1 removed [ 304.927889][ T1125] team0 (unregistering): Port device team_slave_0 removed [ 305.587879][ T1125] team0 (unregistering): Port device team_slave_1 removed [ 305.624788][ T1125] team0 (unregistering): Port device team_slave_0 removed [ 306.332644][ T1125] team0 (unregistering): Port device team_slave_1 removed [ 306.376745][ T1125] team0 (unregistering): Port device team_slave_0 removed [ 306.823737][ T8143] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 306.942110][ T8146] 8021q: adding VLAN 0 to HW filter on device team0 [ 307.023303][ T147] bridge0: port 1(bridge_slave_0) entered blocking state [ 307.030772][ T147] bridge0: port 1(bridge_slave_0) entered forwarding state [ 307.084303][ T3046] bridge0: port 2(bridge_slave_1) entered blocking state [ 307.091570][ T3046] bridge0: port 2(bridge_slave_1) entered forwarding state [ 307.185087][ T8152] 8021q: adding VLAN 0 to HW filter on device bond0 [ 307.265317][ T8145] 8021q: adding VLAN 0 to HW filter on device bond0 [ 307.407832][ T8145] 8021q: adding VLAN 0 to HW filter on device team0 [ 307.461524][ T3046] bridge0: port 1(bridge_slave_0) entered blocking state [ 307.468761][ T3046] bridge0: port 1(bridge_slave_0) entered forwarding state [ 307.512422][ T3046] bridge0: port 2(bridge_slave_1) entered blocking state [ 307.519711][ T3046] bridge0: port 2(bridge_slave_1) entered forwarding state [ 307.552633][ T8143] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 307.633258][ T8152] 8021q: adding VLAN 0 to HW filter on device team0 [ 307.701321][ T3025] bridge0: port 1(bridge_slave_0) entered blocking state [ 307.708547][ T3025] bridge0: port 1(bridge_slave_0) entered forwarding state [ 307.816144][ T3025] bridge0: port 2(bridge_slave_1) entered blocking state [ 307.823385][ T3025] bridge0: port 2(bridge_slave_1) entered forwarding state [ 308.024521][ T8143] veth0_vlan: entered promiscuous mode [ 308.049020][ T8143] veth1_vlan: entered promiscuous mode [ 308.226906][ T8379] netlink: 'syz.4.921': attribute type 3 has an invalid length. [ 308.307005][ T8379] netlink: 130984 bytes leftover after parsing attributes in process `syz.4.921'. [ 308.475870][ T8152] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 308.593454][ T8143] veth0_macvtap: entered promiscuous mode [ 308.661798][ T8146] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 308.700989][ T8143] veth1_macvtap: entered promiscuous mode [ 308.834867][ T8145] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 308.911539][ T8143] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 308.942222][ T8143] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 308.962841][ T8143] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 309.041834][ T8143] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 309.063811][ T8143] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 309.090061][ T8143] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 309.173754][ T8146] veth0_vlan: entered promiscuous mode [ 309.184014][ T1125] IPVS: stop unused estimator thread 0... [ 309.267164][ T8143] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 309.283083][ T8143] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 309.293479][ T8143] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 309.307285][ T8143] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 309.394004][ T8146] veth1_vlan: entered promiscuous mode [ 309.415887][ T8152] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 309.480167][ T8145] veth0_vlan: entered promiscuous mode [ 309.626985][ T8145] veth1_vlan: entered promiscuous mode [ 309.666765][ T1125] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 309.680105][ T1125] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 309.730418][ T8146] veth0_macvtap: entered promiscuous mode [ 309.810910][ T8146] veth1_macvtap: entered promiscuous mode [ 309.897416][ T8152] veth0_vlan: entered promiscuous mode [ 309.898377][ T1125] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 309.926529][ T1125] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 309.984075][ T8152] veth1_vlan: entered promiscuous mode [ 310.014613][ T8145] veth0_macvtap: entered promiscuous mode [ 310.030461][ T8146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 310.052039][ T8146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.074068][ T8146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 310.108685][ T8146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.131186][ T8146] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 310.175067][ T8423] netlink: 40 bytes leftover after parsing attributes in process `syz.4.923'. [ 310.239016][ T8146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 310.260672][ T8146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.286262][ T8146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 310.326366][ T8146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.345036][ T8146] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 310.360505][ T8145] veth1_macvtap: entered promiscuous mode [ 310.407973][ T8146] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 310.430820][ T8146] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 310.450805][ T8146] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 310.459961][ T8146] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 310.545855][ T8145] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 310.574994][ T8145] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.592605][ T8145] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 310.608475][ T8145] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.619229][ T8145] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 310.648076][ T8145] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.673933][ T8145] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 310.708595][ T8145] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 310.725578][ T8145] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.757410][ T8145] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 310.790804][ T8145] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.816378][ T8145] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 310.835290][ T8145] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 310.870268][ T8145] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 310.901636][ T8152] veth0_macvtap: entered promiscuous mode [ 310.935814][ T8145] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 310.958107][ T8145] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 310.977783][ T8145] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 310.987171][ T8145] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 311.046754][ T8152] veth1_macvtap: entered promiscuous mode [ 311.081022][ T8445] netlink: 'syz.0.926': attribute type 3 has an invalid length. [ 311.112128][ T8445] netlink: 130984 bytes leftover after parsing attributes in process `syz.0.926'. [ 311.332817][ T8152] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 311.396378][ T8152] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 311.411321][ T8152] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 311.423486][ T8152] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 311.433841][ T8152] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 311.444839][ T8152] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 311.455259][ T8152] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 311.472276][ T8152] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 311.485639][ T8152] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 311.528864][ T8152] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 311.549020][ T8152] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 311.565352][ T8152] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 311.577874][ T8152] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 311.595159][ T8152] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 311.632170][ T8152] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 311.663719][ T8152] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 311.685640][ T8152] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 311.699046][ T8152] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 311.789513][ T147] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 311.816425][ T147] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 311.901402][ T8152] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 311.916407][ T8152] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 311.932061][ T8152] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 311.941489][ T8152] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 312.091892][ T3025] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 312.113247][ T3025] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 313.618980][ T8476] netlink: 4 bytes leftover after parsing attributes in process `syz.4.930'. [ 313.639116][ T8476] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 313.650417][ T8476] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 313.659577][ T8476] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 313.668553][ T8476] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 313.681969][ T8476] vxlan0: entered promiscuous mode [ 313.840709][ T147] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 313.856696][ T147] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 313.916973][ T8499] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 313.962450][ T3046] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 314.014689][ T3046] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 314.141702][ T3046] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 314.167934][ T3046] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 314.296019][ T3025] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 314.339898][ T3025] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 314.403634][ T8516] netlink: 'syz.0.933': attribute type 1 has an invalid length. [ 314.485517][ T8516] netlink: 224 bytes leftover after parsing attributes in process `syz.0.933'. [ 314.592679][ T8521] netlink: 8 bytes leftover after parsing attributes in process `syz.2.934'. [ 314.624992][ T8521] geneve2: entered promiscuous mode [ 314.633418][ T8521] geneve2: entered allmulticast mode [ 314.823848][ T8529] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 315.523979][ T8564] netlink: 'syz.0.938': attribute type 2 has an invalid length. [ 315.610244][ T8562] netlink: 20 bytes leftover after parsing attributes in process `syz.0.938'. [ 315.833921][ T8573] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 315.923878][ T8562] netlink: 16 bytes leftover after parsing attributes in process `syz.0.938'. [ 315.996606][ T8562] netlink: 8 bytes leftover after parsing attributes in process `syz.0.938'. [ 316.324934][ T8591] Bluetooth: MGMT ver 1.23 [ 316.331764][ T8590] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 316.380195][ T8595] netlink: 'syz.2.943': attribute type 3 has an invalid length. [ 316.462349][ T8595] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.943'. [ 316.668468][ T8602] netlink: 'syz.0.946': attribute type 3 has an invalid length. [ 316.726477][ T8602] netlink: 130984 bytes leftover after parsing attributes in process `syz.0.946'. [ 316.976577][ T8609] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 317.054200][ T8607] netlink: 192 bytes leftover after parsing attributes in process `syz.4.947'. [ 317.097431][ T8607] netlink: 192 bytes leftover after parsing attributes in process `syz.4.947'. [ 317.601986][ T8627] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 318.046161][ T8644] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 318.054089][ T8644] IPv6: NLM_F_CREATE should be set when creating new route [ 318.061418][ T8644] IPv6: NLM_F_CREATE should be set when creating new route [ 318.155343][ T8641] IPv6: NLM_F_REPLACE set, but no existing node found! [ 318.228753][ T8641] netlink: 'syz.3.955': attribute type 6 has an invalid length. [ 318.891869][ T8661] __nla_validate_parse: 3 callbacks suppressed [ 318.891892][ T8661] netlink: 16126 bytes leftover after parsing attributes in process `syz.4.960'. [ 318.924322][ T8661] netlink: 183228 bytes leftover after parsing attributes in process `syz.4.960'. [ 319.236977][ T8664] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 319.527383][ T8667] netlink: 8 bytes leftover after parsing attributes in process `syz.0.962'. [ 319.571570][ T8667] geneve2: entered promiscuous mode [ 319.587178][ T8667] geneve2: entered allmulticast mode [ 320.442548][ T8693] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 320.771960][ T8703] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 321.741965][ T8739] netlink: 332 bytes leftover after parsing attributes in process `syz.0.979'. [ 323.021292][ T8715] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 323.059580][ T8750] netlink: 40 bytes leftover after parsing attributes in process `syz.4.980'. [ 323.227514][ T8754] macvlan2: entered promiscuous mode [ 323.233515][ T8754] vlan1: entered promiscuous mode [ 323.308488][ T8754] team0: Port device macvlan2 added [ 323.323074][ T8761] bridge0: port 3(geneve1) entered blocking state [ 323.346476][ T8761] bridge0: port 3(geneve1) entered disabled state [ 323.377436][ T8761] geneve1: entered allmulticast mode [ 323.412131][ T8761] geneve1: entered promiscuous mode [ 323.427092][ T8761] bridge0: port 3(geneve1) entered blocking state [ 323.433769][ T8761] bridge0: port 3(geneve1) entered forwarding state [ 324.408251][ T8783] netlink: 'syz.4.992': attribute type 27 has an invalid length. [ 324.440620][ T8783] netlink: 152 bytes leftover after parsing attributes in process `syz.4.992'. [ 324.519887][ T8783] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 325.464737][ T8831] syz.0.1015[8831] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 325.464913][ T8831] syz.0.1015[8831] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 325.595609][ T8839] syz.2.1018[8839] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 325.612054][ T8839] syz.2.1018[8839] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 327.156963][ T8890] syzkaller0: entered allmulticast mode [ 327.347860][ T8889] syzkaller0: entered promiscuous mode [ 327.364554][ T8889] syzkaller0: entered allmulticast mode [ 327.485509][ T8907] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1049'. [ 327.497974][ T8907] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1049'. [ 327.569993][ T5244] block nbd0: Wrong magic (0xee000000) [ 327.601100][ T8909] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1050'. [ 327.678182][ T8797] block nbd0: NBD_DISCONNECT [ 327.701595][ T8797] block nbd0: shutting down sockets [ 328.240114][ T8920] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1055'. [ 330.233443][ T8927] netlink: 10 bytes leftover after parsing attributes in process `syz.4.1058'. [ 330.716524][ T8952] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1067'. [ 331.308207][ T8973] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1078'. [ 331.527815][ T8985] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1083'. [ 332.075758][ T9008] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1094'. [ 332.087160][ T9008] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1094'. [ 332.632637][ T9025] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1102'. [ 334.055632][ T9094] xt_SECMARK: invalid mode: 0 [ 334.189897][ T9100] vxcan0: tx drop: invalid sa for name 0x0000000000000001 [ 334.269876][ T9103] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1132'. [ 334.381013][ T9109] netlink: 'syz.3.1136': attribute type 1 has an invalid length. [ 334.444218][ T9112] netdevsim netdevsim0 netdevsim0: entered allmulticast mode [ 334.734849][ T9124] netlink: 'syz.3.1144': attribute type 1 has an invalid length. [ 334.891453][ T9127] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 334.929354][ T9127] bond1: (slave batadv1): Enslaving as a backup interface with an up link [ 335.802487][ T9173] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1163'. [ 335.891354][ T9176] FAULT_INJECTION: forcing a failure. [ 335.891354][ T9176] name failslab, interval 1, probability 0, space 0, times 0 [ 335.906067][ T9176] CPU: 1 UID: 0 PID: 9176 Comm: syz.1.1164 Not tainted 6.11.0-rc3-syzkaller-00202-gf8669d7b5f5d #0 [ 335.916801][ T9176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 335.927028][ T9176] Call Trace: [ 335.930341][ T9176] [ 335.933302][ T9176] dump_stack_lvl+0x241/0x360 [ 335.938048][ T9176] ? __pfx_dump_stack_lvl+0x10/0x10 [ 335.943287][ T9176] ? __pfx__printk+0x10/0x10 [ 335.947947][ T9176] should_fail_ex+0x3b0/0x4e0 [ 335.952676][ T9176] should_failslab+0xac/0x100 [ 335.957403][ T9176] ? sctp_add_bind_addr+0x89/0x3a0 [ 335.962553][ T9176] __kmalloc_cache_noprof+0x6c/0x2c0 [ 335.967884][ T9176] sctp_add_bind_addr+0x89/0x3a0 [ 335.972867][ T9176] sctp_copy_local_addr_list+0x311/0x500 [ 335.978547][ T9176] ? sctp_copy_local_addr_list+0xab/0x500 [ 335.984304][ T9176] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 335.990489][ T9176] ? sctp_v4_is_any+0x35/0x60 [ 335.995239][ T9176] sctp_bind_addr_copy+0xad/0x3b0 [ 336.000308][ T9176] ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190 [ 336.006678][ T9176] sctp_connect_new_asoc+0x2f3/0x6c0 [ 336.012020][ T9176] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 336.017871][ T9176] ? sctp_sendmsg+0xbb9/0x3520 [ 336.022690][ T9176] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 336.028284][ T9176] ? security_sctp_bind_connect+0x90/0xb0 [ 336.034137][ T9176] sctp_sendmsg+0x219a/0x3520 [ 336.038891][ T9176] ? __pfx_sctp_sendmsg+0x10/0x10 [ 336.043968][ T9176] ? __pfx_aa_sk_perm+0x10/0x10 [ 336.048871][ T9176] ? inet_sendmsg+0x330/0x390 [ 336.053597][ T9176] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 336.058937][ T9176] ? security_socket_sendmsg+0x87/0xb0 [ 336.064451][ T9176] __sock_sendmsg+0x1a6/0x270 [ 336.069182][ T9176] ____sys_sendmsg+0x525/0x7d0 [ 336.074003][ T9176] ? __pfx_____sys_sendmsg+0x10/0x10 [ 336.079353][ T9176] __sys_sendmmsg+0x3b2/0x740 [ 336.084086][ T9176] ? __pfx___sys_sendmmsg+0x10/0x10 [ 336.089380][ T9176] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 336.095331][ T9176] ? ksys_write+0x23e/0x2c0 [ 336.099877][ T9176] ? __pfx_lock_release+0x10/0x10 [ 336.104954][ T9176] ? vfs_write+0x7c4/0xc90 [ 336.109421][ T9176] ? __mutex_unlock_slowpath+0x21d/0x750 [ 336.115089][ T9176] ? __pfx_vfs_write+0x10/0x10 [ 336.119924][ T9176] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 336.125949][ T9176] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 336.132347][ T9176] ? do_syscall_64+0x100/0x230 [ 336.137158][ T9176] __x64_sys_sendmmsg+0xa0/0xb0 [ 336.142060][ T9176] do_syscall_64+0xf3/0x230 [ 336.146688][ T9176] ? clear_bhb_loop+0x35/0x90 [ 336.151414][ T9176] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 336.157358][ T9176] RIP: 0033:0x7fc98f579e79 [ 336.161816][ T9176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 336.181470][ T9176] RSP: 002b:00007fc990431038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 336.189930][ T9176] RAX: ffffffffffffffda RBX: 00007fc98f715f80 RCX: 00007fc98f579e79 [ 336.197942][ T9176] RDX: 0000000000000002 RSI: 0000000020000e40 RDI: 0000000000000003 [ 336.205962][ T9176] RBP: 00007fc990431090 R08: 0000000000000000 R09: 0000000000000000 [ 336.213985][ T9176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 336.221999][ T9176] R13: 0000000000000000 R14: 00007fc98f715f80 R15: 00007fff96033808 [ 336.230006][ T9176] [ 336.835905][ T9201] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1172'. [ 336.949488][ T9202] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1172'. [ 336.993512][ T9202] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1172'. [ 338.140149][ T9250] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1190'. [ 338.220107][ T9250] netlink: 'syz.3.1190': attribute type 14 has an invalid length. [ 338.868065][ T9288] FAULT_INJECTION: forcing a failure. [ 338.868065][ T9288] name failslab, interval 1, probability 0, space 0, times 0 [ 338.881476][ T9288] CPU: 0 UID: 0 PID: 9288 Comm: syz.1.1203 Not tainted 6.11.0-rc3-syzkaller-00202-gf8669d7b5f5d #0 [ 338.892199][ T9288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 338.902260][ T9288] Call Trace: [ 338.905567][ T9288] [ 338.908530][ T9288] dump_stack_lvl+0x241/0x360 [ 338.913247][ T9288] ? __pfx_dump_stack_lvl+0x10/0x10 [ 338.918515][ T9288] ? __pfx__printk+0x10/0x10 [ 338.923164][ T9288] ? kmem_cache_alloc_node_noprof+0x49/0x320 [ 338.929173][ T9288] ? __pfx___might_resched+0x10/0x10 [ 338.934505][ T9288] should_fail_ex+0x3b0/0x4e0 [ 338.939219][ T9288] should_failslab+0xac/0x100 [ 338.943921][ T9288] ? __alloc_skb+0x1c3/0x440 [ 338.948525][ T9288] kmem_cache_alloc_node_noprof+0x71/0x320 [ 338.954353][ T9288] __alloc_skb+0x1c3/0x440 [ 338.958790][ T9288] ? __pfx___alloc_skb+0x10/0x10 [ 338.963738][ T9288] ? __kasan_kmalloc+0x98/0xb0 [ 338.968554][ T9288] ? ip_setup_cork+0x53f/0x8b0 [ 338.973334][ T9288] ? ip_append_data+0x10/0x190 [ 338.978110][ T9288] ? raw_sendmsg+0x1a53/0x2490 [ 338.982884][ T9288] ? __sys_sendto+0x3a4/0x4f0 [ 338.987569][ T9288] ? __x64_sys_sendto+0xde/0x100 [ 338.992518][ T9288] ? do_syscall_64+0xf3/0x230 [ 338.997202][ T9288] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 339.003290][ T9288] __ip_append_data+0x2d2b/0x40b0 [ 339.008359][ T9288] ? __pfx_raw_getfrag+0x10/0x10 [ 339.013325][ T9288] ? __kasan_kmalloc+0x98/0xb0 [ 339.018110][ T9288] ? __pfx___ip_append_data+0x10/0x10 [ 339.023504][ T9288] ? ip_setup_cork+0x4ae/0x8b0 [ 339.028287][ T9288] ip_append_data+0x14c/0x190 [ 339.032982][ T9288] ? __pfx_raw_getfrag+0x10/0x10 [ 339.037941][ T9288] raw_sendmsg+0x1a53/0x2490 [ 339.042560][ T9288] ? raw_sendmsg+0xc12/0x2490 [ 339.047271][ T9288] ? __pfx_raw_sendmsg+0x10/0x10 [ 339.052256][ T9288] ? inet_sendmsg+0x330/0x390 [ 339.056947][ T9288] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 339.062246][ T9288] ? security_socket_sendmsg+0x87/0xb0 [ 339.067728][ T9288] __sock_sendmsg+0x1a6/0x270 [ 339.072433][ T9288] __sys_sendto+0x3a4/0x4f0 [ 339.076954][ T9288] ? __pfx___sys_sendto+0x10/0x10 [ 339.082011][ T9288] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 339.088037][ T9288] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 339.094389][ T9288] __x64_sys_sendto+0xde/0x100 [ 339.099186][ T9288] do_syscall_64+0xf3/0x230 [ 339.103698][ T9288] ? clear_bhb_loop+0x35/0x90 [ 339.108389][ T9288] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 339.114323][ T9288] RIP: 0033:0x7fc98f579e79 [ 339.118748][ T9288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 339.138366][ T9288] RSP: 002b:00007fc990431038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 339.146798][ T9288] RAX: ffffffffffffffda RBX: 00007fc98f715f80 RCX: 00007fc98f579e79 [ 339.154779][ T9288] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 339.162756][ T9288] RBP: 00007fc990431090 R08: 0000000020000180 R09: 000000000000006e [ 339.170733][ T9288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 339.178709][ T9288] R13: 0000000000000000 R14: 00007fc98f715f80 R15: 00007fff96033808 [ 339.186812][ T9288] [ 339.628535][ T9298] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1208'. [ 340.025458][ T9320] FAULT_INJECTION: forcing a failure. [ 340.025458][ T9320] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 340.057233][ T9320] CPU: 1 UID: 0 PID: 9320 Comm: syz.3.1215 Not tainted 6.11.0-rc3-syzkaller-00202-gf8669d7b5f5d #0 [ 340.067990][ T9320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 340.078088][ T9320] Call Trace: [ 340.081404][ T9320] [ 340.084374][ T9320] dump_stack_lvl+0x241/0x360 [ 340.089146][ T9320] ? __pfx_dump_stack_lvl+0x10/0x10 [ 340.094388][ T9320] ? __pfx__printk+0x10/0x10 [ 340.099051][ T9320] ? __pfx_lock_release+0x10/0x10 [ 340.104141][ T9320] should_fail_ex+0x3b0/0x4e0 [ 340.108910][ T9320] _copy_from_user+0x2f/0xe0 [ 340.113558][ T9320] copy_msghdr_from_user+0xae/0x680 [ 340.118807][ T9320] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 340.124656][ T9320] __sys_sendmsg+0x23d/0x3a0 [ 340.129264][ T9320] ? __pfx___sys_sendmsg+0x10/0x10 [ 340.134396][ T9320] ? vfs_write+0x7c4/0xc90 [ 340.138866][ T9320] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 340.145213][ T9320] ? do_syscall_64+0x100/0x230 [ 340.149997][ T9320] ? do_syscall_64+0xb6/0x230 [ 340.154687][ T9320] do_syscall_64+0xf3/0x230 [ 340.159204][ T9320] ? clear_bhb_loop+0x35/0x90 [ 340.163894][ T9320] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 340.169795][ T9320] RIP: 0033:0x7f81e3379e79 [ 340.174224][ T9320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 340.193838][ T9320] RSP: 002b:00007f81e4221038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 340.202264][ T9320] RAX: ffffffffffffffda RBX: 00007f81e3515f80 RCX: 00007f81e3379e79 [ 340.210343][ T9320] RDX: 0000000000000004 RSI: 00000000200000c0 RDI: 0000000000000003 [ 340.218340][ T9320] RBP: 00007f81e4221090 R08: 0000000000000000 R09: 0000000000000000 [ 340.226330][ T9320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 340.234356][ T9320] R13: 0000000000000000 R14: 00007f81e3515f80 R15: 00007fffcdd42958 [ 340.242368][ T9320] [ 340.295245][ T5244] Bluetooth: hci3: command tx timeout [ 341.281428][ T9360] netlink: 'syz.2.1227': attribute type 3 has an invalid length. [ 341.366303][ T9360] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.1227'. [ 341.410344][ T9364] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1231'. [ 341.440511][ T9364] geneve2: entered promiscuous mode [ 341.445800][ T9364] geneve2: entered allmulticast mode [ 341.692359][ T9375] FAULT_INJECTION: forcing a failure. [ 341.692359][ T9375] name failslab, interval 1, probability 0, space 0, times 0 [ 341.723761][ T9375] CPU: 0 UID: 0 PID: 9375 Comm: syz.4.1234 Not tainted 6.11.0-rc3-syzkaller-00202-gf8669d7b5f5d #0 [ 341.734868][ T9375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 341.744987][ T9375] Call Trace: [ 341.748299][ T9375] [ 341.751256][ T9375] dump_stack_lvl+0x241/0x360 [ 341.755975][ T9375] ? __pfx_dump_stack_lvl+0x10/0x10 [ 341.761221][ T9375] ? __pfx__printk+0x10/0x10 [ 341.765867][ T9375] ? ref_tracker_alloc+0x332/0x490 [ 341.771026][ T9375] should_fail_ex+0x3b0/0x4e0 [ 341.775755][ T9375] ? skb_clone+0x20c/0x390 [ 341.780226][ T9375] should_failslab+0xac/0x100 [ 341.784959][ T9375] ? skb_clone+0x20c/0x390 [ 341.789423][ T9375] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 341.794842][ T9375] skb_clone+0x20c/0x390 [ 341.799137][ T9375] __netlink_deliver_tap+0x3cc/0x7c0 [ 341.804491][ T9375] ? netlink_deliver_tap+0x2e/0x1b0 [ 341.809733][ T9375] netlink_deliver_tap+0x19d/0x1b0 [ 341.814894][ T9375] netlink_unicast+0x7be/0x990 [ 341.819725][ T9375] ? __pfx_netlink_unicast+0x10/0x10 [ 341.825059][ T9375] ? __virt_addr_valid+0x183/0x530 [ 341.830353][ T9375] ? __check_object_size+0x49c/0x900 [ 341.835680][ T9375] ? bpf_lsm_netlink_send+0x9/0x10 [ 341.840851][ T9375] netlink_sendmsg+0x8e4/0xcb0 [ 341.845670][ T9375] ? __pfx_netlink_sendmsg+0x10/0x10 [ 341.850998][ T9375] ? __import_iovec+0x536/0x820 [ 341.855890][ T9375] ? aa_sock_msg_perm+0x91/0x160 [ 341.860868][ T9375] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 341.866188][ T9375] ? security_socket_sendmsg+0x87/0xb0 [ 341.871692][ T9375] ? __pfx_netlink_sendmsg+0x10/0x10 [ 341.876991][ T9375] __sock_sendmsg+0x221/0x270 [ 341.881710][ T9375] ____sys_sendmsg+0x525/0x7d0 [ 341.886526][ T9375] ? __pfx_____sys_sendmsg+0x10/0x10 [ 341.891875][ T9375] __sys_sendmsg+0x2b0/0x3a0 [ 341.896512][ T9375] ? __pfx___sys_sendmsg+0x10/0x10 [ 341.901672][ T9375] ? vfs_write+0x7c4/0xc90 [ 341.906181][ T9375] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 341.912571][ T9375] ? do_syscall_64+0x100/0x230 [ 341.917378][ T9375] ? do_syscall_64+0xb6/0x230 [ 341.922096][ T9375] do_syscall_64+0xf3/0x230 [ 341.926639][ T9375] ? clear_bhb_loop+0x35/0x90 [ 341.931410][ T9375] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 341.937344][ T9375] RIP: 0033:0x7feb02d79e79 [ 341.941799][ T9375] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 341.961446][ T9375] RSP: 002b:00007feb03b3c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 341.969915][ T9375] RAX: ffffffffffffffda RBX: 00007feb02f15f80 RCX: 00007feb02d79e79 [ 341.978112][ T9375] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000003 [ 341.986130][ T9375] RBP: 00007feb03b3c090 R08: 0000000000000000 R09: 0000000000000000 [ 341.994129][ T9375] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 342.002106][ T9375] R13: 0000000000000000 R14: 00007feb02f15f80 R15: 00007ffd5b770f28 [ 342.010120][ T9375] [ 342.085989][ T9375] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 342.205165][ T9387] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 342.349225][ T9391] unknown channel width for channel at 909000KHz? [ 342.874029][ T9416] netlink: 'syz.3.1247': attribute type 3 has an invalid length. [ 342.933902][ T9416] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.1247'. [ 342.991368][ T9418] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1249'. [ 343.052173][ T9418] ÊügáG: entered promiscuous mode [ 343.262900][ T9427] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 344.361751][ T9463] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1262'. [ 344.378383][ T9463] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1262'. [ 345.670067][ T9458] netlink: 'syz.3.1261': attribute type 3 has an invalid length. [ 345.696773][ T9458] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.1261'. [ 345.793773][ T9466] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1263'. [ 346.156700][ T9481] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 346.742769][ T9510] mac80211_hwsim hwsim25 wlan1: entered allmulticast mode [ 346.846637][ T9518] netlink: 'syz.3.1276': attribute type 3 has an invalid length. [ 346.854449][ T9518] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.1276'. [ 347.119911][ T9527] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1281'. [ 347.348783][ T25] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 347.486926][ T58] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 347.637390][ T5281] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 347.716783][ T5281] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 347.876639][ T58] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 347.927119][ T5281] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 348.021293][ T58] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 348.078509][ T5281] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 348.159764][ T5281] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 348.221527][ T9579] netlink: 'syz.3.1294': attribute type 3 has an invalid length. [ 348.240507][ T9579] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.1294'. [ 348.248508][ T9580] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.1295'. [ 348.250572][ T5281] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 348.817408][ T9597] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 349.516985][ T9624] netlink: 'syz.1.1307': attribute type 3 has an invalid length. [ 349.549808][ T9624] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.1307'. [ 349.906040][ T9633] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 350.520290][ T9652] xt_limit: Overflow, try lower: 2147483649/128 [ 350.535665][ T9655] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1324'. [ 350.558053][ T9655] bridge_slave_1: left allmulticast mode [ 350.563776][ T9655] bridge_slave_1: left promiscuous mode [ 350.575633][ T9655] bridge0: port 2(bridge_slave_1) entered disabled state [ 350.604848][ T9655] bridge_slave_0: left allmulticast mode [ 350.615348][ T9655] bridge_slave_0: left promiscuous mode [ 350.629033][ T9655] bridge0: port 1(bridge_slave_0) entered disabled state [ 350.885653][ T9658] netlink: 'syz.0.1325': attribute type 3 has an invalid length. [ 350.951157][ T9658] netlink: 130984 bytes leftover after parsing attributes in process `syz.0.1325'. [ 351.092618][ T9667] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check. [ 352.316868][ T9704] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw [ 352.487656][ T9710] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 352.623194][ T9718] netlink: 'syz.3.1343': attribute type 23 has an invalid length. [ 352.757976][ T9722] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1345'. [ 352.990661][ T9733] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1349'. [ 353.591916][ T9748] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 353.909360][ T9762] FAULT_INJECTION: forcing a failure. [ 353.909360][ T9762] name failslab, interval 1, probability 0, space 0, times 0 [ 353.926517][ T9762] CPU: 1 UID: 0 PID: 9762 Comm: syz.3.1361 Not tainted 6.11.0-rc3-syzkaller-00202-gf8669d7b5f5d #0 [ 353.937274][ T9762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 353.947374][ T9762] Call Trace: [ 353.950701][ T9762] [ 353.953672][ T9762] dump_stack_lvl+0x241/0x360 [ 353.958399][ T9762] ? __pfx_dump_stack_lvl+0x10/0x10 [ 353.963636][ T9762] ? __pfx__printk+0x10/0x10 [ 353.968259][ T9762] ? __kmalloc_node_noprof+0xb7/0x440 [ 353.973658][ T9762] ? __pfx___might_resched+0x10/0x10 [ 353.978976][ T9762] should_fail_ex+0x3b0/0x4e0 [ 353.983676][ T9762] should_failslab+0xac/0x100 [ 353.988381][ T9762] __kmalloc_node_noprof+0xdf/0x440 [ 353.993614][ T9762] ? crypto_create_tfm_node+0x88/0x3d0 [ 353.999100][ T9762] crypto_create_tfm_node+0x88/0x3d0 [ 354.004501][ T9762] crypto_alloc_tfm_node+0x161/0x360 [ 354.009819][ T9762] esp6_init_state+0x611/0x10b0 [ 354.014712][ T9762] ? __pfx_esp6_init_state+0x10/0x10 [ 354.020037][ T9762] ? __xfrm_init_state+0x708/0xea0 [ 354.025177][ T9762] ? __pfx_lock_release+0x10/0x10 [ 354.030240][ T9762] __xfrm_init_state+0x9db/0xea0 [ 354.035302][ T9762] xfrm_add_sa+0x2a76/0x3b50 [ 354.039927][ T9762] ? __pfx_xfrm_add_sa+0x10/0x10 [ 354.044895][ T9762] ? __nla_parse+0x40/0x60 [ 354.049336][ T9762] xfrm_user_rcv_msg+0x75b/0xa80 [ 354.054355][ T9762] ? __pfx_xfrm_user_rcv_msg+0x10/0x10 [ 354.059888][ T9762] ? __mutex_trylock_common+0x183/0x2e0 [ 354.065449][ T9762] ? __pfx___might_resched+0x10/0x10 [ 354.070769][ T9762] netlink_rcv_skb+0x1e3/0x430 [ 354.075562][ T9762] ? __pfx_xfrm_user_rcv_msg+0x10/0x10 [ 354.081061][ T9762] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 354.086399][ T9762] xfrm_netlink_rcv+0x79/0x90 [ 354.091136][ T9762] netlink_unicast+0x7f0/0x990 [ 354.095926][ T9762] ? __pfx_netlink_unicast+0x10/0x10 [ 354.101234][ T9762] ? __virt_addr_valid+0x183/0x530 [ 354.106361][ T9762] ? __check_object_size+0x49c/0x900 [ 354.111691][ T9762] ? bpf_lsm_netlink_send+0x9/0x10 [ 354.116822][ T9762] netlink_sendmsg+0x8e4/0xcb0 [ 354.121613][ T9762] ? __pfx_netlink_sendmsg+0x10/0x10 [ 354.126915][ T9762] ? __import_iovec+0x536/0x820 [ 354.131787][ T9762] ? aa_sock_msg_perm+0x91/0x160 [ 354.136771][ T9762] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 354.142077][ T9762] ? security_socket_sendmsg+0x87/0xb0 [ 354.147564][ T9762] ? __pfx_netlink_sendmsg+0x10/0x10 [ 354.152860][ T9762] __sock_sendmsg+0x221/0x270 [ 354.157605][ T9762] ____sys_sendmsg+0x525/0x7d0 [ 354.162421][ T9762] ? __pfx_____sys_sendmsg+0x10/0x10 [ 354.167766][ T9762] __sys_sendmsg+0x2b0/0x3a0 [ 354.172516][ T9762] ? __pfx___sys_sendmsg+0x10/0x10 [ 354.177749][ T9762] ? vfs_write+0x7c4/0xc90 [ 354.182229][ T9762] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 354.188627][ T9762] ? do_syscall_64+0x100/0x230 [ 354.193421][ T9762] ? do_syscall_64+0xb6/0x230 [ 354.198120][ T9762] do_syscall_64+0xf3/0x230 [ 354.202643][ T9762] ? clear_bhb_loop+0x35/0x90 [ 354.207343][ T9762] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 354.213250][ T9762] RIP: 0033:0x7f81e3379e79 [ 354.217677][ T9762] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 354.237297][ T9762] RSP: 002b:00007f81e4221038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 354.245730][ T9762] RAX: ffffffffffffffda RBX: 00007f81e3515f80 RCX: 00007f81e3379e79 [ 354.253804][ T9762] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000006 [ 354.261787][ T9762] RBP: 00007f81e4221090 R08: 0000000000000000 R09: 0000000000000000 [ 354.269767][ T9762] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 354.277751][ T9762] R13: 0000000000000000 R14: 00007f81e3515f80 R15: 00007fffcdd42958 [ 354.285757][ T9762] [ 354.340325][ T9769] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 354.995034][ T9795] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1368'. [ 355.043493][ T9799] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 355.098192][ T9798] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1368'. [ 355.737068][ T9822] netlink: 'syz.1.1378': attribute type 2 has an invalid length. [ 356.302487][ T9850] netlink: 'syz.1.1386': attribute type 3 has an invalid length. [ 356.513221][ T9857] pim6reg: entered allmulticast mode [ 357.310423][ T9853] pim6reg: left allmulticast mode [ 357.730480][ T9892] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 357.884349][ T9899] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 358.175690][ T9915] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1408'. [ 358.185114][ T9916] FAULT_INJECTION: forcing a failure. [ 358.185114][ T9916] name failslab, interval 1, probability 0, space 0, times 0 [ 358.198281][ T9916] CPU: 1 UID: 0 PID: 9916 Comm: syz.2.1407 Not tainted 6.11.0-rc3-syzkaller-00202-gf8669d7b5f5d #0 [ 358.209012][ T9916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 358.219099][ T9916] Call Trace: [ 358.222407][ T9916] [ 358.225358][ T9916] dump_stack_lvl+0x241/0x360 [ 358.230081][ T9916] ? __pfx_dump_stack_lvl+0x10/0x10 [ 358.235325][ T9916] ? __pfx__printk+0x10/0x10 [ 358.239944][ T9916] ? __pfx_rhashtable_lookup+0x10/0x10 [ 358.245425][ T9916] should_fail_ex+0x3b0/0x4e0 [ 358.250124][ T9916] ? skb_clone+0x20c/0x390 [ 358.254583][ T9916] should_failslab+0xac/0x100 [ 358.259306][ T9916] ? skb_clone+0x20c/0x390 [ 358.263748][ T9916] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 358.269155][ T9916] ? nbp_switchdev_allowed_egress+0xe1/0x1e0 [ 358.275235][ T9916] skb_clone+0x20c/0x390 [ 358.279525][ T9916] maybe_deliver+0x96/0x150 [ 358.284065][ T9916] br_flood+0x2e4/0x660 [ 358.285197][ T9919] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1408'. [ 358.288273][ T9916] br_dev_xmit+0x11fc/0x1b10 [ 358.288328][ T9916] ? br_dev_xmit+0x21d/0x1b10 [ 358.288366][ T9916] ? __pfx_br_dev_xmit+0x10/0x10 [ 358.288404][ T9916] ? __pfx_validate_xmit_xfrm+0x10/0x10 [ 358.288432][ T9916] ? __pfx_passthru_features_check+0x10/0x10 [ 358.323048][ T9916] ? __pfx_passthru_features_check+0x10/0x10 [ 358.329072][ T9916] ? netif_skb_features+0x7f4/0xbb0 [ 358.334358][ T9916] ? validate_xmit_skb+0x9f9/0x1120 [ 358.339608][ T9916] dev_hard_start_xmit+0x27a/0x7e0 [ 358.344774][ T9916] __dev_queue_xmit+0x1b63/0x3e90 [ 358.349837][ T9916] ? ip_tunnel_xmit+0x2119/0x2950 [ 358.354882][ T9916] ? ipgre_xmit+0x958/0xd40 [ 358.359418][ T9916] ? __dev_queue_xmit+0x2da/0x3e90 [ 358.364592][ T9916] ? __pfx___dev_queue_xmit+0x10/0x10 [ 358.370010][ T9916] ? __pfx_lock_acquire+0x10/0x10 [ 358.375153][ T9916] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 358.381169][ T9916] ? ip_finish_output2+0xa14/0x1390 [ 358.386408][ T9916] ? ip_finish_output2+0x45f/0x1390 [ 358.391634][ T9916] ip_finish_output2+0xd41/0x1390 [ 358.396685][ T9916] ? ip_finish_output2+0x45f/0x1390 [ 358.401906][ T9916] ? ip_frag_next+0x331/0xb20 [ 358.406614][ T9916] ? __pfx_ip_finish_output2+0x10/0x10 [ 358.412110][ T9916] ip_do_fragment+0x9ec/0x1b30 [ 358.416912][ T9916] ? __pfx_ip_finish_output2+0x10/0x10 [ 358.422401][ T9916] ? __pfx_ip_do_fragment+0x10/0x10 [ 358.427631][ T9916] ? xfrm_lookup_with_ifid+0x198e/0x1ed0 [ 358.433314][ T9916] ? ip_fast_csum+0x1f0/0x2b0 [ 358.438034][ T9916] ? ip_skb_dst_mtu+0x6ba/0x9b0 [ 358.442920][ T9916] ? __ip_finish_output+0x1fd/0x400 [ 358.448171][ T9916] ? ip_fragment+0x9a/0x220 [ 358.452701][ T9916] iptunnel_xmit+0x540/0x9b0 [ 358.457334][ T9916] ip_tunnel_xmit+0x2119/0x2950 [ 358.462258][ T9916] ? __pfx_ip_tunnel_xmit+0x10/0x10 [ 358.467481][ T9916] ? gre_build_header+0x341/0xb30 [ 358.472535][ T9916] ? __pfx_gre_build_header+0x10/0x10 [ 358.477925][ T9916] ? iptunnel_handle_offloads+0x31b/0x650 [ 358.483687][ T9916] ipgre_xmit+0x958/0xd40 [ 358.488171][ T9916] ? __pfx_ipgre_xmit+0x10/0x10 [ 358.493043][ T9916] ? validate_xmit_skb+0x9f9/0x1120 [ 358.498267][ T9916] dev_hard_start_xmit+0x27a/0x7e0 [ 358.503421][ T9916] __dev_queue_xmit+0x1b63/0x3e90 [ 358.508482][ T9916] ? __dev_queue_xmit+0x2da/0x3e90 [ 358.513616][ T9916] ? __pfx___dev_queue_xmit+0x10/0x10 [ 358.519019][ T9916] ? rcu_is_watching+0x15/0xb0 [ 358.523818][ T9916] ? skb_release_data+0x2b5/0x880 [ 358.528875][ T9916] ? pskb_expand_head+0xc89/0x1390 [ 358.534029][ T9916] ? __bpf_redirect+0x51c/0xe40 [ 358.538905][ T9916] __bpf_tx_skb+0x18e/0x260 [ 358.543436][ T9916] bpf_clone_redirect+0x26f/0x3d0 [ 358.548493][ T9916] bpf_prog_208b094576c80b22+0x5e/0x63 [ 358.554002][ T9916] ? mutex_spin_on_owner+0x270/0x330 [ 358.559313][ T9916] ? timekeeping_get_ns+0x5c/0x420 [ 358.564447][ T9916] ? seqcount_lockdep_reader_access+0x157/0x220 [ 358.570709][ T9916] ? lockdep_hardirqs_on+0x99/0x150 [ 358.575937][ T9916] ? bpf_test_run+0x370/0xa90 [ 358.580647][ T9916] ? __pfx_lockdep_softirqs_off+0x10/0x10 [ 358.586415][ T9916] ? ktime_get+0x3c/0xb0 [ 358.590674][ T9916] ? lockdep_hardirqs_on+0x99/0x150 [ 358.595903][ T9916] ? bpf_test_run+0x370/0xa90 [ 358.600601][ T9916] ? __pfx___cant_migrate+0x10/0x10 [ 358.605825][ T9916] ? ktime_get+0x9b/0xb0 [ 358.610087][ T9916] bpf_test_run+0x4f0/0xa90 [ 358.614614][ T9916] ? do_syscall_64+0xf3/0x230 [ 358.619342][ T9916] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 358.625437][ T9916] ? bpf_test_run+0x370/0xa90 [ 358.630240][ T9916] ? __pfx_bpf_test_run+0x10/0x10 [ 358.635299][ T9916] ? eth_type_trans+0x3d1/0x7a0 [ 358.640181][ T9916] ? __pfx_eth_type_trans+0x10/0x10 [ 358.645433][ T9916] ? convert___skb_to_skb+0x41/0x620 [ 358.650744][ T9916] bpf_prog_test_run_skb+0xc97/0x1820 [ 358.656166][ T9916] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 358.662009][ T9916] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 358.667843][ T9916] bpf_prog_test_run+0x33a/0x3b0 [ 358.672807][ T9916] __sys_bpf+0x48d/0x810 [ 358.677073][ T9916] ? __pfx___sys_bpf+0x10/0x10 [ 358.681880][ T9916] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 358.687893][ T9916] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 358.694247][ T9916] ? do_syscall_64+0x100/0x230 [ 358.699034][ T9916] __x64_sys_bpf+0x7c/0x90 [ 358.703471][ T9916] do_syscall_64+0xf3/0x230 [ 358.707989][ T9916] ? clear_bhb_loop+0x35/0x90 [ 358.712689][ T9916] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 358.718610][ T9916] RIP: 0033:0x7fa55eb79e79 [ 358.723042][ T9916] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 358.742667][ T9916] RSP: 002b:00007fa55f910038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 358.751101][ T9916] RAX: ffffffffffffffda RBX: 00007fa55ed15f80 RCX: 00007fa55eb79e79 [ 358.759095][ T9916] RDX: 0000000000000050 RSI: 0000000020000080 RDI: 000000000000000a [ 358.767088][ T9916] RBP: 00007fa55f910090 R08: 0000000000000000 R09: 0000000000000000 [ 358.775161][ T9916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 358.783149][ T9916] R13: 0000000000000000 R14: 00007fa55ed15f80 R15: 00007ffc3ecab5c8 [ 358.791157][ T9916] [ 358.803253][ T9905] DRBG: could not allocate digest TFM handle: hmac(sha512) [ 359.291335][ T9930] Bluetooth: MGMT ver 1.23 [ 359.566906][ T9943] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 359.588756][ T9946] netlink: 'syz.1.1417': attribute type 26 has an invalid length. [ 360.029480][ T9969] FAULT_INJECTION: forcing a failure. [ 360.029480][ T9969] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 360.042848][ T9969] CPU: 1 UID: 0 PID: 9969 Comm: syz.2.1427 Not tainted 6.11.0-rc3-syzkaller-00202-gf8669d7b5f5d #0 [ 360.053574][ T9969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 360.063678][ T9969] Call Trace: [ 360.066998][ T9969] [ 360.069981][ T9969] dump_stack_lvl+0x241/0x360 [ 360.074717][ T9969] ? __pfx_dump_stack_lvl+0x10/0x10 [ 360.079972][ T9969] ? __pfx__printk+0x10/0x10 [ 360.084635][ T9969] ? snprintf+0xda/0x120 [ 360.088937][ T9969] should_fail_ex+0x3b0/0x4e0 [ 360.093694][ T9969] _copy_to_user+0x2f/0xb0 [ 360.098174][ T9969] simple_read_from_buffer+0xca/0x150 [ 360.103611][ T9969] proc_fail_nth_read+0x1e9/0x250 [ 360.108695][ T9969] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 360.114300][ T9969] ? rw_verify_area+0x520/0x6b0 [ 360.119207][ T9969] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 360.124805][ T9969] vfs_read+0x204/0xbc0 [ 360.129036][ T9969] ? __pfx_lock_release+0x10/0x10 [ 360.134127][ T9969] ? __pfx_vfs_read+0x10/0x10 [ 360.138868][ T9969] ? __fget_files+0x29/0x470 [ 360.143523][ T9969] ? __fget_files+0x3f6/0x470 [ 360.148281][ T9969] ksys_read+0x1a0/0x2c0 [ 360.152593][ T9969] ? __pfx_ksys_read+0x10/0x10 [ 360.157416][ T9969] ? do_syscall_64+0x100/0x230 [ 360.162234][ T9969] ? do_syscall_64+0xb6/0x230 [ 360.167059][ T9969] do_syscall_64+0xf3/0x230 [ 360.171612][ T9969] ? clear_bhb_loop+0x35/0x90 [ 360.176344][ T9969] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 360.182289][ T9969] RIP: 0033:0x7fa55eb788bc [ 360.186751][ T9969] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 360.206408][ T9969] RSP: 002b:00007fa55f910030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 360.214872][ T9969] RAX: ffffffffffffffda RBX: 00007fa55ed15f80 RCX: 00007fa55eb788bc [ 360.222890][ T9969] RDX: 000000000000000f RSI: 00007fa55f9100a0 RDI: 0000000000000004 [ 360.230907][ T9969] RBP: 00007fa55f910090 R08: 0000000000000000 R09: 0000000000000000 [ 360.238925][ T9969] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 360.245309][ T9972] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1429'. [ 360.246957][ T9969] R13: 0000000000000000 R14: 00007fa55ed15f80 R15: 00007ffc3ecab5c8 [ 360.247033][ T9969] [ 360.424497][ T9978] FAULT_INJECTION: forcing a failure. [ 360.424497][ T9978] name failslab, interval 1, probability 0, space 0, times 0 [ 360.438155][ T9978] CPU: 1 UID: 0 PID: 9978 Comm: syz.0.1430 Not tainted 6.11.0-rc3-syzkaller-00202-gf8669d7b5f5d #0 [ 360.448918][ T9978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 360.459036][ T9978] Call Trace: [ 360.462405][ T9978] [ 360.465546][ T9978] dump_stack_lvl+0x241/0x360 [ 360.470274][ T9978] ? __pfx_dump_stack_lvl+0x10/0x10 [ 360.475509][ T9978] ? __pfx__printk+0x10/0x10 [ 360.480150][ T9978] ? kmem_cache_alloc_node_noprof+0x49/0x320 [ 360.486172][ T9978] ? __pfx___might_resched+0x10/0x10 [ 360.491502][ T9978] ? __dev_queue_xmit+0x1b63/0x3e90 [ 360.496748][ T9978] ? netlink_deliver_tap+0x19d/0x1b0 [ 360.502089][ T9978] should_fail_ex+0x3b0/0x4e0 [ 360.506794][ T9978] should_failslab+0xac/0x100 [ 360.511523][ T9978] ? __alloc_skb+0x1c3/0x440 [ 360.516176][ T9978] kmem_cache_alloc_node_noprof+0x71/0x320 [ 360.522040][ T9978] __alloc_skb+0x1c3/0x440 [ 360.526513][ T9978] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 360.532548][ T9978] ? __pfx___alloc_skb+0x10/0x10 [ 360.537550][ T9978] nfsd_nl_version_get_doit+0x94/0x790 [ 360.543072][ T9978] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 360.549449][ T9978] ? genl_get_cmd+0x65d/0xbe0 [ 360.554153][ T9978] ? __asan_memcpy+0x40/0x70 [ 360.558768][ T9978] ? __pfx_nfsd_nl_version_get_doit+0x10/0x10 [ 360.564862][ T9978] ? genl_get_cmd+0x65d/0xbe0 [ 360.569566][ T9978] ? dev_hard_start_xmit+0x773/0x7e0 [ 360.574878][ T9978] genl_rcv_msg+0xb14/0xec0 [ 360.579398][ T9978] ? mark_lock+0x9a/0x350 [ 360.583758][ T9978] ? __pfx_genl_rcv_msg+0x10/0x10 [ 360.588825][ T9978] ? __pfx_lock_acquire+0x10/0x10 [ 360.593871][ T9978] ? __pfx_nfsd_nl_version_get_doit+0x10/0x10 [ 360.599967][ T9978] ? __pfx___might_resched+0x10/0x10 [ 360.605279][ T9978] netlink_rcv_skb+0x1e3/0x430 [ 360.610068][ T9978] ? __pfx_genl_rcv_msg+0x10/0x10 [ 360.615112][ T9978] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 360.620435][ T9978] ? __netlink_deliver_tap+0x77e/0x7c0 [ 360.625926][ T9978] genl_rcv+0x28/0x40 [ 360.629942][ T9978] netlink_unicast+0x7f0/0x990 [ 360.634752][ T9978] ? __pfx_netlink_unicast+0x10/0x10 [ 360.640058][ T9978] ? __virt_addr_valid+0x183/0x530 [ 360.645194][ T9978] ? __check_object_size+0x49c/0x900 [ 360.650512][ T9978] ? bpf_lsm_netlink_send+0x9/0x10 [ 360.655642][ T9978] netlink_sendmsg+0x8e4/0xcb0 [ 360.660434][ T9978] ? __pfx_netlink_sendmsg+0x10/0x10 [ 360.665739][ T9978] ? __import_iovec+0x536/0x820 [ 360.670608][ T9978] ? aa_sock_msg_perm+0x91/0x160 [ 360.675598][ T9978] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 360.680903][ T9978] ? security_socket_sendmsg+0x87/0xb0 [ 360.686391][ T9978] ? __pfx_netlink_sendmsg+0x10/0x10 [ 360.691689][ T9978] __sock_sendmsg+0x221/0x270 [ 360.696398][ T9978] ____sys_sendmsg+0x525/0x7d0 [ 360.701187][ T9978] ? __pfx_____sys_sendmsg+0x10/0x10 [ 360.706503][ T9978] __sys_sendmsg+0x2b0/0x3a0 [ 360.711131][ T9978] ? __pfx___sys_sendmsg+0x10/0x10 [ 360.716264][ T9978] ? vfs_write+0x7c4/0xc90 [ 360.720750][ T9978] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 360.727104][ T9978] ? do_syscall_64+0x100/0x230 [ 360.731887][ T9978] ? do_syscall_64+0xb6/0x230 [ 360.736579][ T9978] do_syscall_64+0xf3/0x230 [ 360.741140][ T9978] ? clear_bhb_loop+0x35/0x90 [ 360.745836][ T9978] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 360.751750][ T9978] RIP: 0033:0x7f3c33779e79 [ 360.756181][ T9978] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 360.775812][ T9978] RSP: 002b:00007f3c344a6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 360.784242][ T9978] RAX: ffffffffffffffda RBX: 00007f3c33915f80 RCX: 00007f3c33779e79 [ 360.792226][ T9978] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000005 [ 360.800205][ T9978] RBP: 00007f3c344a6090 R08: 0000000000000000 R09: 0000000000000000 [ 360.808184][ T9978] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 360.816253][ T9978] R13: 0000000000000000 R14: 00007f3c33915f80 R15: 00007fff962bde98 [ 360.824256][ T9978] [ 360.940946][ T9979] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 360.985213][ T9986] netlink: 'syz.1.1434': attribute type 3 has an invalid length. [ 361.069345][ T9987] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1433'. [ 361.144477][ T9994] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1436'. [ 361.841681][T10027] netlink: 'syz.1.1446': attribute type 7 has an invalid length. [ 361.857020][T10027] netlink: 'syz.1.1446': attribute type 6 has an invalid length. [ 361.914838][T10029] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check. [ 362.091474][T10036] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1450'. [ 362.471743][T10051] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1456'. [ 362.593468][T10051] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1456'. [ 363.069269][T10072] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1464'. [ 363.331651][T10084] syzkaller1: entered promiscuous mode [ 363.337789][T10084] syzkaller1: entered allmulticast mode [ 372.021833][T10116] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1475'. [ 372.070728][T10116] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1475'. [ 372.091690][T10116] A link change request failed with some changes committed already. Interface veth1_macvtap may have been left with an inconsistent configuration, please check. [ 372.144732][T10114] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1476'. [ 372.533511][T10132] netlink: 'syz.3.1481': attribute type 7 has an invalid length. [ 372.583234][T10132] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1481'. [ 372.803572][T10142] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 372.823973][T10140] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1485'. [ 372.985384][T10146] netlink: 'syz.1.1487': attribute type 1 has an invalid length. [ 373.044314][T10148] FAULT_INJECTION: forcing a failure. [ 373.044314][T10148] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 373.084427][T10148] CPU: 1 UID: 0 PID: 10148 Comm: syz.3.1489 Not tainted 6.11.0-rc3-syzkaller-00202-gf8669d7b5f5d #0 [ 373.095543][T10148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 373.100266][T10146] bond1: entered promiscuous mode [ 373.105784][T10148] Call Trace: [ 373.105800][T10148] [ 373.105812][T10148] dump_stack_lvl+0x241/0x360 [ 373.105847][T10148] ? __pfx_dump_stack_lvl+0x10/0x10 [ 373.127070][T10148] ? __pfx__printk+0x10/0x10 [ 373.131726][T10148] ? __pfx_lock_release+0x10/0x10 [ 373.136820][T10148] should_fail_ex+0x3b0/0x4e0 [ 373.141556][T10148] _copy_from_iter+0x1f6/0x1960 [ 373.146476][T10148] ? __virt_addr_valid+0x183/0x530 [ 373.151637][T10148] ? __pfx_lock_release+0x10/0x10 [ 373.156719][T10148] ? __alloc_skb+0x28f/0x440 [ 373.161403][T10148] ? __pfx__copy_from_iter+0x10/0x10 [ 373.166729][T10148] ? __virt_addr_valid+0x183/0x530 [ 373.171898][T10148] ? __virt_addr_valid+0x183/0x530 [ 373.177063][T10148] ? __virt_addr_valid+0x45f/0x530 [ 373.182214][T10148] ? __check_object_size+0x49c/0x900 [ 373.187536][T10148] netlink_sendmsg+0x73d/0xcb0 [ 373.192390][T10148] ? __pfx_netlink_sendmsg+0x10/0x10 [ 373.197707][T10148] ? __import_iovec+0x536/0x820 [ 373.202596][T10148] ? aa_sock_msg_perm+0x91/0x160 [ 373.207567][T10148] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 373.212919][T10148] ? security_socket_sendmsg+0x87/0xb0 [ 373.218455][T10148] ? __pfx_netlink_sendmsg+0x10/0x10 [ 373.223816][T10148] __sock_sendmsg+0x221/0x270 [ 373.228526][T10148] ____sys_sendmsg+0x525/0x7d0 [ 373.233328][T10148] ? __pfx_____sys_sendmsg+0x10/0x10 [ 373.238665][T10148] __sys_sendmsg+0x2b0/0x3a0 [ 373.243311][T10148] ? __pfx___sys_sendmsg+0x10/0x10 [ 373.248468][T10148] ? vfs_write+0x7c4/0xc90 [ 373.252938][T10148] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 373.259378][T10148] ? do_syscall_64+0x100/0x230 [ 373.264173][T10148] ? do_syscall_64+0xb6/0x230 [ 373.268890][T10148] do_syscall_64+0xf3/0x230 [ 373.273420][T10148] ? clear_bhb_loop+0x35/0x90 [ 373.278156][T10148] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 373.284088][T10148] RIP: 0033:0x7f81e3379e79 [ 373.288521][T10148] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 373.308177][T10148] RSP: 002b:00007f81e4221038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 373.316665][T10148] RAX: ffffffffffffffda RBX: 00007f81e3515f80 RCX: 00007f81e3379e79 [ 373.324686][T10148] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 373.332704][T10148] RBP: 00007f81e4221090 R08: 0000000000000000 R09: 0000000000000000 [ 373.334807][T10156] netlink: 'syz.4.1490': attribute type 11 has an invalid length. [ 373.340698][T10148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 373.340724][T10148] R13: 0000000000000000 R14: 00007f81e3515f80 R15: 00007fffcdd42958 [ 373.340762][T10148] [ 373.377683][T10149] lo: entered promiscuous mode [ 373.384229][T10149] bond1: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 373.399627][T10156] netlink: 'syz.4.1490': attribute type 1 has an invalid length. [ 373.425738][T10156] netlink: 199816 bytes leftover after parsing attributes in process `syz.4.1490'. [ 373.444885][T10149] bond1: (slave lo): making interface the new active one [ 373.468021][T10149] bond1: (slave lo): Enslaving as an active interface with an up link [ 373.549163][T10153] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 373.601429][T10157] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1490'. [ 373.834592][T10174] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1497'. [ 374.007537][T10183] netlink: 'syz.1.1499': attribute type 13 has an invalid length. [ 374.086053][T10183] veth0_macvtap: left promiscuous mode [ 374.108934][T10183] macvtap0: entered allmulticast mode [ 374.150056][T10183] macvtap0: refused to change device tx_queue_len [ 374.210846][ T25] ip6_tnl_xmit_ctl: 2 callbacks suppressed [ 374.210870][ T25] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 374.330382][ T8] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 374.516735][ T5312] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 374.636602][ T5312] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 374.687554][T10211] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1508'. [ 374.716648][ T3064] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 374.796763][ T8] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 374.877492][ T8] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 374.956766][ T8] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 375.037435][ T8] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 375.266566][ T58] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 375.647338][T10249] FAULT_INJECTION: forcing a failure. [ 375.647338][T10249] name failslab, interval 1, probability 0, space 0, times 0 [ 375.660293][T10249] CPU: 0 UID: 0 PID: 10249 Comm: syz.3.1523 Not tainted 6.11.0-rc3-syzkaller-00202-gf8669d7b5f5d #0 [ 375.671111][T10249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 375.681199][T10249] Call Trace: [ 375.684481][T10249] [ 375.687413][T10249] dump_stack_lvl+0x241/0x360 [ 375.692104][T10249] ? __pfx_dump_stack_lvl+0x10/0x10 [ 375.697308][T10249] ? __pfx__printk+0x10/0x10 [ 375.701939][T10249] ? ref_tracker_alloc+0x332/0x490 [ 375.707086][T10249] should_fail_ex+0x3b0/0x4e0 [ 375.711810][T10249] ? skb_clone+0x20c/0x390 [ 375.716269][T10249] should_failslab+0xac/0x100 [ 375.721002][T10249] ? skb_clone+0x20c/0x390 [ 375.725468][T10249] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 375.730876][T10249] skb_clone+0x20c/0x390 [ 375.735143][T10249] __netlink_deliver_tap+0x3cc/0x7c0 [ 375.740476][T10249] ? netlink_deliver_tap+0x2e/0x1b0 [ 375.745730][T10249] netlink_deliver_tap+0x19d/0x1b0 [ 375.750868][T10249] netlink_unicast+0x7be/0x990 [ 375.755672][T10249] ? __pfx_netlink_unicast+0x10/0x10 [ 375.760996][T10249] ? __virt_addr_valid+0x183/0x530 [ 375.766147][T10249] ? __check_object_size+0x49c/0x900 [ 375.771491][T10249] ? bpf_lsm_netlink_send+0x9/0x10 [ 375.776657][T10249] netlink_sendmsg+0x8e4/0xcb0 [ 375.781472][T10249] ? __pfx_netlink_sendmsg+0x10/0x10 [ 375.786778][T10249] ? __import_iovec+0x536/0x820 [ 375.791649][T10249] ? aa_sock_msg_perm+0x91/0x160 [ 375.796617][T10249] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 375.801957][T10249] ? security_socket_sendmsg+0x87/0xb0 [ 375.807439][T10249] ? __pfx_netlink_sendmsg+0x10/0x10 [ 375.812740][T10249] __sock_sendmsg+0x221/0x270 [ 375.817452][T10249] ____sys_sendmsg+0x525/0x7d0 [ 375.822269][T10249] ? __pfx_____sys_sendmsg+0x10/0x10 [ 375.827601][T10249] __sys_sendmsg+0x2b0/0x3a0 [ 375.832209][T10249] ? __pfx___sys_sendmsg+0x10/0x10 [ 375.837332][T10249] ? vfs_write+0x7c4/0xc90 [ 375.841795][T10249] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 375.848140][T10249] ? do_syscall_64+0x100/0x230 [ 375.852916][T10249] ? do_syscall_64+0xb6/0x230 [ 375.857607][T10249] do_syscall_64+0xf3/0x230 [ 375.862127][T10249] ? clear_bhb_loop+0x35/0x90 [ 375.866834][T10249] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 375.872773][T10249] RIP: 0033:0x7f81e3379e79 [ 375.877231][T10249] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 375.897081][T10249] RSP: 002b:00007f81e4221038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 375.905547][T10249] RAX: ffffffffffffffda RBX: 00007f81e3515f80 RCX: 00007f81e3379e79 [ 375.913577][T10249] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000003 [ 375.921597][T10249] RBP: 00007f81e4221090 R08: 0000000000000000 R09: 0000000000000000 [ 375.929601][T10249] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 375.937615][T10249] R13: 0000000000000000 R14: 00007f81e3515f80 R15: 00007fffcdd42958 [ 375.945616][T10249] [ 376.149468][T10254] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1525'. [ 376.463604][T10267] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 376.532988][T10271] bridge1: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 376.644261][T10276] netlink: 'syz.2.1533': attribute type 13 has an invalid length. [ 376.699986][T10276] syz_tun: refused to change device tx_queue_len [ 376.711103][T10276] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 377.309837][T10306] FAULT_INJECTION: forcing a failure. [ 377.309837][T10306] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 377.353502][T10306] CPU: 1 UID: 0 PID: 10306 Comm: syz.2.1544 Not tainted 6.11.0-rc3-syzkaller-00202-gf8669d7b5f5d #0 [ 377.364360][T10306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 377.374469][T10306] Call Trace: [ 377.377786][T10306] [ 377.380755][T10306] dump_stack_lvl+0x241/0x360 [ 377.385487][T10306] ? __pfx_dump_stack_lvl+0x10/0x10 [ 377.390739][T10306] ? __pfx__printk+0x10/0x10 [ 377.394008][T10310] __nla_validate_parse: 1 callbacks suppressed [ 377.394033][T10310] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1545'. [ 377.395390][T10306] ? snprintf+0xda/0x120 [ 377.395429][T10306] should_fail_ex+0x3b0/0x4e0 [ 377.419511][T10306] _copy_to_user+0x2f/0xb0 [ 377.423997][T10306] simple_read_from_buffer+0xca/0x150 [ 377.429431][T10306] proc_fail_nth_read+0x1e9/0x250 [ 377.434515][T10306] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 377.440121][T10306] ? rw_verify_area+0x520/0x6b0 [ 377.445035][T10306] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 377.450637][T10306] vfs_read+0x204/0xbc0 [ 377.454938][T10306] ? __pfx_lock_release+0x10/0x10 [ 377.460129][T10306] ? __pfx_vfs_read+0x10/0x10 [ 377.464854][T10306] ? __fget_files+0x29/0x470 [ 377.469500][T10306] ? __fget_files+0x3f6/0x470 [ 377.474207][T10306] ksys_read+0x1a0/0x2c0 [ 377.478502][T10306] ? __pfx_ksys_read+0x10/0x10 [ 377.483324][T10306] ? do_syscall_64+0x100/0x230 [ 377.488139][T10306] ? do_syscall_64+0xb6/0x230 [ 377.492868][T10306] do_syscall_64+0xf3/0x230 [ 377.497422][T10306] ? clear_bhb_loop+0x35/0x90 [ 377.502157][T10306] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 377.508140][T10306] RIP: 0033:0x7fa55eb788bc [ 377.512602][T10306] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 377.532256][T10306] RSP: 002b:00007fa55f910030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 377.540774][T10306] RAX: ffffffffffffffda RBX: 00007fa55ed15f80 RCX: 00007fa55eb788bc [ 377.548874][T10306] RDX: 000000000000000f RSI: 00007fa55f9100a0 RDI: 0000000000000004 [ 377.556863][T10306] RBP: 00007fa55f910090 R08: 0000000000000000 R09: 0000000000000000 [ 377.564876][T10306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 377.572854][T10306] R13: 0000000000000000 R14: 00007fa55ed15f80 R15: 00007ffc3ecab5c8 [ 377.580858][T10306] [ 377.589588][T10310] bond2: (slave ip6gre1): The slave device specified does not support setting the MAC address [ 377.615107][T10310] bond2: (slave ip6gre1): Error -95 calling set_mac_address [ 377.943636][T10332] pimreg: entered allmulticast mode [ 378.051299][T10332] pimreg: left allmulticast mode [ 378.389386][T10345] netlink: 'syz.0.1557': attribute type 23 has an invalid length. [ 378.874933][T10362] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1562'. [ 379.201529][T10372] netlink: 'syz.0.1563': attribute type 4 has an invalid length. [ 379.721184][T10386] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1569'. [ 379.971530][T10395] netlink: 'syz.0.1573': attribute type 7 has an invalid length. [ 379.987966][T10395] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1573'. [ 380.135838][T10401] FAULT_INJECTION: forcing a failure. [ 380.135838][T10401] name failslab, interval 1, probability 0, space 0, times 0 [ 380.152396][T10401] CPU: 1 UID: 0 PID: 10401 Comm: syz.0.1576 Not tainted 6.11.0-rc3-syzkaller-00202-gf8669d7b5f5d #0 [ 380.163236][T10401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 380.173365][T10401] Call Trace: [ 380.176676][T10401] [ 380.179635][T10401] dump_stack_lvl+0x241/0x360 [ 380.184367][T10401] ? __pfx_dump_stack_lvl+0x10/0x10 [ 380.189704][T10401] ? __pfx__printk+0x10/0x10 [ 380.194349][T10401] ? __kmalloc_node_noprof+0xb7/0x440 [ 380.199805][T10401] ? __pfx___might_resched+0x10/0x10 [ 380.205142][T10401] should_fail_ex+0x3b0/0x4e0 [ 380.209883][T10401] should_failslab+0xac/0x100 [ 380.214636][T10401] __kmalloc_node_noprof+0xdf/0x440 [ 380.219883][T10401] ? crypto_create_tfm_node+0x88/0x3d0 [ 380.225411][T10401] crypto_create_tfm_node+0x88/0x3d0 [ 380.230766][T10401] crypto_spawn_tfm2+0x5c/0x90 [ 380.235584][T10401] crypto_authenc_init_tfm+0x46/0x220 [ 380.241020][T10401] crypto_create_tfm_node+0x167/0x3d0 [ 380.246458][T10401] crypto_alloc_tfm_node+0x161/0x360 [ 380.251807][T10401] esp6_init_state+0x611/0x10b0 [ 380.256735][T10401] ? __pfx_esp6_init_state+0x10/0x10 [ 380.262102][T10401] ? __xfrm_init_state+0x708/0xea0 [ 380.267269][T10401] ? __pfx_lock_release+0x10/0x10 [ 380.272359][T10401] __xfrm_init_state+0x9db/0xea0 [ 380.277373][T10401] xfrm_add_sa+0x2a76/0x3b50 [ 380.282075][T10401] ? __pfx_xfrm_add_sa+0x10/0x10 [ 380.287080][T10401] ? __nla_parse+0x40/0x60 [ 380.291553][T10401] xfrm_user_rcv_msg+0x75b/0xa80 [ 380.296550][T10401] ? __pfx_xfrm_user_rcv_msg+0x10/0x10 [ 380.302192][T10401] ? __mutex_trylock_common+0x183/0x2e0 [ 380.307786][T10401] ? __pfx___might_resched+0x10/0x10 [ 380.313140][T10401] netlink_rcv_skb+0x1e3/0x430 [ 380.317973][T10401] ? __pfx_xfrm_user_rcv_msg+0x10/0x10 [ 380.323498][T10401] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 380.328873][T10401] xfrm_netlink_rcv+0x79/0x90 [ 380.333594][T10401] netlink_unicast+0x7f0/0x990 [ 380.338401][T10401] ? __pfx_netlink_unicast+0x10/0x10 [ 380.343710][T10401] ? __virt_addr_valid+0x183/0x530 [ 380.348836][T10401] ? __check_object_size+0x49c/0x900 [ 380.354128][T10401] ? bpf_lsm_netlink_send+0x9/0x10 [ 380.359260][T10401] netlink_sendmsg+0x8e4/0xcb0 [ 380.364078][T10401] ? __pfx_netlink_sendmsg+0x10/0x10 [ 380.369380][T10401] ? __import_iovec+0x536/0x820 [ 380.374354][T10401] ? aa_sock_msg_perm+0x91/0x160 [ 380.379871][T10401] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 380.385191][T10401] ? security_socket_sendmsg+0x87/0xb0 [ 380.390708][T10401] ? __pfx_netlink_sendmsg+0x10/0x10 [ 380.396103][T10401] __sock_sendmsg+0x221/0x270 [ 380.400836][T10401] ____sys_sendmsg+0x525/0x7d0 [ 380.405933][T10401] ? __pfx_____sys_sendmsg+0x10/0x10 [ 380.411263][T10401] __sys_sendmsg+0x2b0/0x3a0 [ 380.415900][T10401] ? __pfx___sys_sendmsg+0x10/0x10 [ 380.421033][T10401] ? vfs_write+0x7c4/0xc90 [ 380.425540][T10401] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 380.431896][T10401] ? do_syscall_64+0x100/0x230 [ 380.436688][T10401] ? do_syscall_64+0xb6/0x230 [ 380.441414][T10401] do_syscall_64+0xf3/0x230 [ 380.445963][T10401] ? clear_bhb_loop+0x35/0x90 [ 380.450662][T10401] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 380.456574][T10401] RIP: 0033:0x7f3c33779e79 [ 380.461005][T10401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 380.480809][T10401] RSP: 002b:00007f3c344a6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 380.489248][T10401] RAX: ffffffffffffffda RBX: 00007f3c33915f80 RCX: 00007f3c33779e79 [ 380.497239][T10401] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000006 [ 380.505227][T10401] RBP: 00007f3c344a6090 R08: 0000000000000000 R09: 0000000000000000 [ 380.513213][T10401] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 380.521201][T10401] R13: 0000000000000000 R14: 00007f3c33915f80 R15: 00007fff962bde98 [ 380.529210][T10401] [ 380.777363][T10408] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1578'. [ 381.115191][T10425] FAULT_INJECTION: forcing a failure. [ 381.115191][T10425] name failslab, interval 1, probability 0, space 0, times 0 [ 381.155072][T10425] CPU: 0 UID: 0 PID: 10425 Comm: syz.0.1585 Not tainted 6.11.0-rc3-syzkaller-00202-gf8669d7b5f5d #0 [ 381.165926][T10425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 381.176047][T10425] Call Trace: [ 381.179373][T10425] [ 381.182378][T10425] dump_stack_lvl+0x241/0x360 [ 381.187101][T10425] ? __pfx_dump_stack_lvl+0x10/0x10 [ 381.192432][T10425] ? __pfx__printk+0x10/0x10 [ 381.197110][T10425] ? __lock_acquire+0x137a/0x2040 [ 381.202200][T10425] should_fail_ex+0x3b0/0x4e0 [ 381.206942][T10425] should_failslab+0xac/0x100 [ 381.211686][T10425] ? __alloc_skb+0x1c3/0x440 [ 381.216323][T10425] kmem_cache_alloc_node_noprof+0x71/0x320 [ 381.222185][T10425] __alloc_skb+0x1c3/0x440 [ 381.226668][T10425] ? __pfx___alloc_skb+0x10/0x10 [ 381.231661][T10425] ? __lock_acquire+0x2040/0x2040 [ 381.236739][T10425] ? tipc_group_filter_msg+0xf7e/0x1680 [ 381.242354][T10425] tipc_msg_reverse+0x235/0x930 [ 381.247276][T10425] tipc_sk_filter_rcv+0x11da/0x3950 [ 381.252540][T10425] ? __pfx_validate_chain+0x10/0x10 [ 381.257791][T10425] ? __pfx_tipc_sk_filter_rcv+0x10/0x10 [ 381.263379][T10425] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 381.269476][T10425] ? __release_sock+0x9a/0x350 [ 381.274295][T10425] tipc_sk_backlog_rcv+0x132/0x230 [ 381.279439][T10425] ? __pfx_tipc_sk_backlog_rcv+0x10/0x10 [ 381.285087][T10425] ? __release_sock+0x9a/0x350 [ 381.289866][T10425] ? do_raw_spin_unlock+0x13c/0x8b0 [ 381.295079][T10425] ? __pfx___local_bh_disable_ip+0x10/0x10 [ 381.300904][T10425] ? __pfx_tipc_sk_backlog_rcv+0x10/0x10 [ 381.306554][T10425] __release_sock+0x243/0x350 [ 381.311298][T10425] ? __pfx_tipc_send_packet+0x10/0x10 [ 381.316714][T10425] release_sock+0x61/0x1f0 [ 381.321179][T10425] ? __pfx_tipc_send_packet+0x10/0x10 [ 381.326601][T10425] tipc_send_packet+0x86/0xa0 [ 381.331334][T10425] __sock_sendmsg+0x221/0x270 [ 381.336105][T10425] ____sys_sendmsg+0x525/0x7d0 [ 381.340934][T10425] ? __pfx_____sys_sendmsg+0x10/0x10 [ 381.346289][T10425] __sys_sendmsg+0x2b0/0x3a0 [ 381.349054][T10439] netlink: 4096 bytes leftover after parsing attributes in process `syz.3.1588'. [ 381.350913][T10425] ? __pfx___sys_sendmsg+0x10/0x10 [ 381.350987][T10425] ? vfs_write+0x7c4/0xc90 [ 381.369250][T10439] openvswitch: netlink: Actions may not be safe on all matching packets [ 381.369692][T10425] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 381.384452][T10425] ? do_syscall_64+0x100/0x230 [ 381.389261][T10425] ? do_syscall_64+0xb6/0x230 [ 381.393961][T10425] do_syscall_64+0xf3/0x230 [ 381.398488][T10425] ? clear_bhb_loop+0x35/0x90 [ 381.403219][T10425] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 381.409172][T10425] RIP: 0033:0x7f3c33779e79 [ 381.413718][T10425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 381.433483][T10425] RSP: 002b:00007f3c344a6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 381.441924][T10425] RAX: ffffffffffffffda RBX: 00007f3c33915f80 RCX: 00007f3c33779e79 [ 381.449911][T10425] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 381.457903][T10425] RBP: 00007f3c344a6090 R08: 0000000000000000 R09: 0000000000000000 [ 381.465913][T10425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 381.473909][T10425] R13: 0000000000000000 R14: 00007f3c33915f80 R15: 00007fff962bde98 [ 381.481922][T10425] [ 381.689851][T10448] netlink: 'syz.4.1594': attribute type 3 has an invalid length. [ 381.720413][T10448] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.1594'. [ 382.140999][T10467] netlink: 112 bytes leftover after parsing attributes in process `syz.4.1600'. [ 382.249343][T10470] syzkaller0: tun_chr_ioctl cmd 2148553947 [ 382.279069][T10476] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.1603'. [ 382.390150][T10480] FAULT_INJECTION: forcing a failure. [ 382.390150][T10480] name failslab, interval 1, probability 0, space 0, times 0 [ 382.463959][T10480] CPU: 1 UID: 0 PID: 10480 Comm: syz.2.1605 Not tainted 6.11.0-rc3-syzkaller-00202-gf8669d7b5f5d #0 [ 382.474818][T10480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 382.484917][T10480] Call Trace: [ 382.488238][T10480] [ 382.491207][T10480] dump_stack_lvl+0x241/0x360 [ 382.495947][T10480] ? __pfx_dump_stack_lvl+0x10/0x10 [ 382.501201][T10480] ? __pfx__printk+0x10/0x10 [ 382.505865][T10480] ? ref_tracker_alloc+0x332/0x490 [ 382.511055][T10480] should_fail_ex+0x3b0/0x4e0 [ 382.515801][T10480] ? skb_clone+0x20c/0x390 [ 382.520287][T10480] should_failslab+0xac/0x100 [ 382.525001][T10480] ? skb_clone+0x20c/0x390 [ 382.529440][T10480] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 382.534848][T10480] skb_clone+0x20c/0x390 [ 382.539135][T10480] __netlink_deliver_tap+0x3cc/0x7c0 [ 382.544453][T10480] ? netlink_deliver_tap+0x2e/0x1b0 [ 382.549675][T10480] netlink_deliver_tap+0x19d/0x1b0 [ 382.554829][T10480] netlink_unicast+0x7be/0x990 [ 382.559655][T10480] ? __pfx_netlink_unicast+0x10/0x10 [ 382.564968][T10480] ? __virt_addr_valid+0x183/0x530 [ 382.570095][T10480] ? __check_object_size+0x49c/0x900 [ 382.575402][T10480] ? bpf_lsm_netlink_send+0x9/0x10 [ 382.580540][T10480] netlink_sendmsg+0x8e4/0xcb0 [ 382.585333][T10480] ? __pfx_netlink_sendmsg+0x10/0x10 [ 382.590640][T10480] ? __import_iovec+0x536/0x820 [ 382.595506][T10480] ? aa_sock_msg_perm+0x91/0x160 [ 382.600462][T10480] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 382.605762][T10480] ? security_socket_sendmsg+0x87/0xb0 [ 382.611250][T10480] ? __pfx_netlink_sendmsg+0x10/0x10 [ 382.616544][T10480] __sock_sendmsg+0x221/0x270 [ 382.621247][T10480] ____sys_sendmsg+0x525/0x7d0 [ 382.626034][T10480] ? __pfx_____sys_sendmsg+0x10/0x10 [ 382.631351][T10480] __sys_sendmsg+0x2b0/0x3a0 [ 382.635960][T10480] ? __pfx___sys_sendmsg+0x10/0x10 [ 382.641116][T10480] ? vfs_write+0x7c4/0xc90 [ 382.645601][T10480] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 382.651957][T10480] ? do_syscall_64+0x100/0x230 [ 382.656742][T10480] ? do_syscall_64+0xb6/0x230 [ 382.661430][T10480] do_syscall_64+0xf3/0x230 [ 382.665948][T10480] ? clear_bhb_loop+0x35/0x90 [ 382.670641][T10480] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 382.676585][T10480] RIP: 0033:0x7fa55eb79e79 [ 382.681011][T10480] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 382.700629][T10480] RSP: 002b:00007fa55f910038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 382.709061][T10480] RAX: ffffffffffffffda RBX: 00007fa55ed15f80 RCX: 00007fa55eb79e79 [ 382.717044][T10480] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000005 [ 382.725053][T10480] RBP: 00007fa55f910090 R08: 0000000000000000 R09: 0000000000000000 [ 382.733055][T10480] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 382.741051][T10480] R13: 0000000000000000 R14: 00007fa55ed15f80 R15: 00007ffc3ecab5c8 [ 382.749099][T10480] [ 382.766477][T10480] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1605'. [ 382.818926][T10480] erspan0: entered promiscuous mode [ 382.923091][T10488] xt_nfacct: accounting object `syz0' does not exists [ 382.965208][T10491] netlink: 'syz.1.1610': attribute type 3 has an invalid length. [ 383.499364][T10522] mac80211_hwsim hwsim20 wlan0: entered promiscuous mode [ 383.514442][T10522] macvlan2: entered allmulticast mode [ 383.524268][T10522] mac80211_hwsim hwsim20 wlan0: entered allmulticast mode [ 387.121207][T10584] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 387.462204][T10615] netlink: 'syz.2.1655': attribute type 3 has an invalid length. [ 387.689556][T10626] netlink: 'syz.3.1656': attribute type 3 has an invalid length. [ 387.782482][T10626] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.1656'. [ 388.279123][T10649] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check. [ 388.358302][T10651] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 388.909388][T10678] netlink: 'syz.0.1673': attribute type 3 has an invalid length. [ 388.950342][T10678] netlink: 130984 bytes leftover after parsing attributes in process `syz.0.1673'. [ 389.187787][T10690] netlink: 'syz.1.1677': attribute type 3 has an invalid length. [ 389.234078][T10690] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.1677'. [ 389.449503][T10694] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1683'. [ 389.705577][ T1125] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 389.726446][ T1125] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 391.108809][T10750] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 391.266649][T10767] netlink: 88 bytes leftover after parsing attributes in process `syz.4.1710'. [ 391.705962][T10784] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 391.912480][T10792] netlink: 'syz.0.1722': attribute type 33 has an invalid length. [ 392.197641][T10815] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 392.287821][T10812] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 392.375661][T10813] IPVS: length: 97 != 8 [ 392.386921][T10812] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 392.530988][T10827] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1732'. [ 393.073808][T10843] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 393.568411][T10863] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1743'. [ 394.322273][T10903] netlink: 'syz.1.1757': attribute type 1 has an invalid length. [ 394.352586][T10904] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1758'. [ 394.554772][T10910] FAULT_INJECTION: forcing a failure. [ 394.554772][T10910] name failslab, interval 1, probability 0, space 0, times 0 [ 394.606602][T10910] CPU: 0 UID: 0 PID: 10910 Comm: syz.3.1760 Not tainted 6.11.0-rc3-syzkaller-00202-gf8669d7b5f5d #0 [ 394.619979][T10910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 394.630076][T10910] Call Trace: [ 394.633370][T10910] [ 394.636312][T10910] dump_stack_lvl+0x241/0x360 [ 394.641008][T10910] ? __pfx_dump_stack_lvl+0x10/0x10 [ 394.646226][T10910] ? __pfx__printk+0x10/0x10 [ 394.650841][T10910] ? __pfx_lock_acquire+0x10/0x10 [ 394.656145][T10910] ? nf_ct_pernet+0x45/0x270 [ 394.660764][T10910] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 394.666797][T10910] should_fail_ex+0x3b0/0x4e0 [ 394.671496][T10910] ? __nf_conntrack_alloc+0x8f/0x380 [ 394.676802][T10910] should_failslab+0xac/0x100 [ 394.681501][T10910] ? __nf_conntrack_alloc+0x8f/0x380 [ 394.686822][T10910] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 394.692212][T10910] __nf_conntrack_alloc+0x8f/0x380 [ 394.697351][T10910] init_conntrack+0x3c3/0x1310 [ 394.702132][T10910] ? __pfx_init_conntrack+0x10/0x10 [ 394.707359][T10910] ? __pfx___nf_conntrack_find_get+0x10/0x10 [ 394.713362][T10910] ? __local_bh_enable_ip+0x168/0x200 [ 394.718768][T10910] nf_conntrack_in+0xd59/0x1880 [ 394.723668][T10910] ? __pfx_nf_conntrack_in+0x10/0x10 [ 394.729003][T10910] ? ipt_do_table+0x312/0x1860 [ 394.733803][T10910] ? __pfx_ipt_do_table+0x10/0x10 [ 394.738851][T10910] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 394.744946][T10910] ? ipv4_conntrack_defrag+0x2a2/0x5a0 [ 394.750423][T10910] ? ipv4_conntrack_local+0x120/0x200 [ 394.755818][T10910] ? __pfx_ipv4_conntrack_local+0x10/0x10 [ 394.761642][T10910] nf_hook_slow+0xc3/0x220 [ 394.766166][T10910] ? __pfx_dst_output+0x10/0x10 [ 394.771058][T10910] nf_hook+0x2c4/0x450 [ 394.775158][T10910] ? nf_hook+0x9e/0x450 [ 394.779334][T10910] ? __pfx_nf_hook+0x10/0x10 [ 394.783945][T10910] ? __pfx_dst_output+0x10/0x10 [ 394.788819][T10910] ? ip_setup_cork+0x4ae/0x8b0 [ 394.793627][T10910] ? ip_fast_csum+0x1f0/0x2b0 [ 394.798327][T10910] __ip_local_out+0x3d9/0x4e0 [ 394.803024][T10910] ? __pfx_dst_output+0x10/0x10 [ 394.807909][T10910] ip_push_pending_frames+0x95/0x150 [ 394.813223][T10910] raw_sendmsg+0x1ac5/0x2490 [ 394.817846][T10910] ? raw_sendmsg+0xc12/0x2490 [ 394.822560][T10910] ? __pfx_raw_sendmsg+0x10/0x10 [ 394.827561][T10910] ? inet_sendmsg+0x330/0x390 [ 394.832267][T10910] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 394.837574][T10910] ? security_socket_sendmsg+0x87/0xb0 [ 394.843154][T10910] __sock_sendmsg+0x1a6/0x270 [ 394.847863][T10910] __sys_sendto+0x3a4/0x4f0 [ 394.852402][T10910] ? __pfx___sys_sendto+0x10/0x10 [ 394.857475][T10910] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 394.863483][T10910] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 394.869851][T10910] __x64_sys_sendto+0xde/0x100 [ 394.874655][T10910] do_syscall_64+0xf3/0x230 [ 394.879173][T10910] ? clear_bhb_loop+0x35/0x90 [ 394.883869][T10910] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 394.889777][T10910] RIP: 0033:0x7f81e3379e79 [ 394.894206][T10910] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 394.914041][T10910] RSP: 002b:00007f81e4221038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 394.922494][T10910] RAX: ffffffffffffffda RBX: 00007f81e3515f80 RCX: 00007f81e3379e79 [ 394.930724][T10910] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 394.938736][T10910] RBP: 00007f81e4221090 R08: 0000000020000180 R09: 000000000000006e [ 394.946785][T10910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 394.954775][T10910] R13: 0000000000000000 R14: 00007f81e3515f80 R15: 00007fffcdd42958 [ 394.962806][T10910] [ 395.236008][T10925] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1769'. [ 395.247276][T10921] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 395.504332][T10938] netlink: 84 bytes leftover after parsing attributes in process `syz.4.1773'. [ 395.541472][T10940] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1774'. [ 395.586859][T10938] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1773'. [ 395.611621][T10938] geneve3: entered promiscuous mode [ 395.638107][T10938] geneve3: entered allmulticast mode [ 395.826060][T10955] netlink: 'syz.3.1777': attribute type 1 has an invalid length. [ 395.832517][T10954] xt_TCPMSS: Only works on TCP SYN packets [ 395.841655][T10955] netlink: 9372 bytes leftover after parsing attributes in process `syz.3.1777'. [ 395.887932][T10955] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1777'. [ 395.903592][T10953] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1777'. [ 395.912362][T10955] netlink: 11 bytes leftover after parsing attributes in process `syz.3.1777'. [ 396.185762][T10968] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 396.694221][T10988] can: request_module (can-proto-0) failed. [ 397.401266][T11024] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check. [ 397.535795][T11034] netlink: 'syz.0.1807': attribute type 1 has an invalid length. [ 397.546929][T11036] x_tables: duplicate entry at hook 2 [ 397.629928][T11040] FAULT_INJECTION: forcing a failure. [ 397.629928][T11040] name failslab, interval 1, probability 0, space 0, times 0 [ 397.693723][T11034] bond1: entered promiscuous mode [ 397.705729][T11040] CPU: 0 UID: 0 PID: 11040 Comm: syz.4.1809 Not tainted 6.11.0-rc3-syzkaller-00202-gf8669d7b5f5d #0 [ 397.716575][T11040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 397.726677][T11040] Call Trace: [ 397.729996][T11040] [ 397.732962][T11040] dump_stack_lvl+0x241/0x360 [ 397.737689][T11040] ? __pfx_dump_stack_lvl+0x10/0x10 [ 397.742934][T11040] ? __pfx__printk+0x10/0x10 [ 397.747586][T11040] ? __kmalloc_noprof+0xb0/0x400 [ 397.752568][T11040] ? __pfx___might_resched+0x10/0x10 [ 397.757907][T11040] should_fail_ex+0x3b0/0x4e0 [ 397.762624][T11040] ? copy_splice_read+0x18d/0xb60 [ 397.767692][T11040] should_failslab+0xac/0x100 [ 397.772422][T11040] ? copy_splice_read+0x18d/0xb60 [ 397.777486][T11040] __kmalloc_noprof+0xd8/0x400 [ 397.782290][T11040] copy_splice_read+0x18d/0xb60 [ 397.787190][T11040] ? __pfx_copy_splice_read+0x10/0x10 [ 397.792618][T11040] ? file_end_write+0xe0/0x250 [ 397.797453][T11040] ? direct_splice_actor+0x12b/0x220 [ 397.802782][T11040] splice_direct_to_actor+0x502/0xc90 [ 397.808219][T11040] ? __pfx_direct_splice_actor+0x10/0x10 [ 397.813901][T11040] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 397.819842][T11040] ? __fget_files+0x29/0x470 [ 397.824565][T11040] ? __pfx_lock_release+0x10/0x10 [ 397.829644][T11040] do_splice_direct+0x28c/0x3e0 [ 397.834544][T11040] ? __pfx_do_splice_direct+0x10/0x10 [ 397.840084][T11040] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 397.846027][T11040] ? security_file_permission+0x7f/0xa0 [ 397.851625][T11040] ? rw_verify_area+0x1d2/0x6b0 [ 397.856525][T11040] do_sendfile+0x56d/0xe20 [ 397.861003][T11040] ? __pfx_do_sendfile+0x10/0x10 [ 397.865993][T11040] __se_sys_sendfile64+0x17c/0x1e0 [ 397.871159][T11040] ? __pfx___se_sys_sendfile64+0x10/0x10 [ 397.876845][T11040] ? do_syscall_64+0x100/0x230 [ 397.881647][T11040] ? do_syscall_64+0xb6/0x230 [ 397.886362][T11040] do_syscall_64+0xf3/0x230 [ 397.890904][T11040] ? clear_bhb_loop+0x35/0x90 [ 397.895714][T11040] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 397.901648][T11040] RIP: 0033:0x7feb02d79e79 [ 397.906097][T11040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 397.925833][T11040] RSP: 002b:00007feb03b3c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 397.934298][T11040] RAX: ffffffffffffffda RBX: 00007feb02f15f80 RCX: 00007feb02d79e79 [ 397.942318][T11040] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000006 [ 397.950322][T11040] RBP: 00007feb03b3c090 R08: 0000000000000000 R09: 0000000000000000 [ 397.958333][T11040] R10: 0000000100000002 R11: 0000000000000246 R12: 0000000000000002 [ 397.966343][T11040] R13: 0000000000000000 R14: 00007feb02f15f80 R15: 00007ffd5b770f28 [ 397.974369][T11040] [ 397.979938][T11042] lo: entered promiscuous mode [ 397.994679][T11042] bond1: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 398.043628][T11042] bond1: (slave lo): making interface the new active one [ 398.052716][T11042] bond1: (slave lo): Enslaving as an active interface with an up link [ 398.852835][T11078] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1821'. [ 398.909213][T11078] erspan0: entered promiscuous mode [ 398.950599][T11084] netlink: 112 bytes leftover after parsing attributes in process `syz.3.1824'. [ 399.257083][T11095] xt_TCPMSS: Only works on TCP SYN packets [ 399.456755][ T5284] IPVS: starting estimator thread 0... [ 399.470988][T11100] tipc: Started in network mode [ 399.476713][T11100] tipc: Node identity ac1414aa, cluster identity 4711 [ 399.483854][T11100] tipc: Enabling of bearer rejected, failed to enable media [ 399.566503][T11104] IPVS: using max 16 ests per chain, 38400 per kthread [ 399.982603][T11114] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 400.939539][T11150] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 400.987166][T11154] xt_TCPMSS: Only works on TCP SYN packets [ 401.164597][T11158] netlink: 'syz.3.1845': attribute type 3 has an invalid length. [ 401.222710][T11158] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.1845'. [ 401.904319][T11193] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 402.323251][T11220] netlink: 'syz.1.1869': attribute type 3 has an invalid length. [ 402.384137][T11220] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.1869'. [ 402.834724][T11243] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1878'. [ 402.994472][T11243] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1878'. [ 403.002387][T11246] bond3: (slave bridge3): Enslaving as an active interface with an up link [ 403.064542][T11248] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 403.201075][T11254] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1882'. [ 403.614463][T11268] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check. [ 403.749073][T11278] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 403.904200][T11283] netlink: 'syz.3.1888': attribute type 3 has an invalid length. [ 403.932495][T11283] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.1888'. [ 404.082514][T11289] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1893'. [ 404.116238][T11289] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1893'. [ 404.462066][T11308] netlink: 'syz.2.1899': attribute type 23 has an invalid length. [ 404.578473][T11312] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1901'. [ 404.894192][T11328] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1906'. [ 404.926127][T11326] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1906'. [ 405.011534][T11333] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1907'. [ 405.133439][T11339] netlink: 'syz.0.1910': attribute type 7 has an invalid length. [ 405.141565][T11339] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1910'. [ 405.509933][T11347] vlan2: entered allmulticast mode [ 406.227246][T11368] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 406.498742][T11380] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 406.631947][T11387] netlink: 'syz.2.1927': attribute type 33 has an invalid length. [ 407.152417][T11411] nicvf0: tun_chr_ioctl cmd 1074025676 [ 407.170829][T11411] nicvf0: owner set to 0 [ 409.276296][T11420] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 409.503033][T11445] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1947'. [ 409.682925][T11451] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check. [ 409.911846][T11459] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1952'. [ 410.414905][ T5235] Bluetooth: hci3: link tx timeout [ 410.421621][ T5235] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa [ 410.608191][T11499] FAULT_INJECTION: forcing a failure. [ 410.608191][T11499] name failslab, interval 1, probability 0, space 0, times 0 [ 410.621350][T11499] CPU: 0 UID: 0 PID: 11499 Comm: syz.2.1966 Not tainted 6.11.0-rc3-syzkaller-00202-gf8669d7b5f5d #0 [ 410.632255][T11499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 410.642350][T11499] Call Trace: [ 410.645662][T11499] [ 410.648637][T11499] dump_stack_lvl+0x241/0x360 [ 410.653358][T11499] ? __pfx_dump_stack_lvl+0x10/0x10 [ 410.658600][T11499] ? __pfx__printk+0x10/0x10 [ 410.663262][T11499] ? __kmalloc_noprof+0xb0/0x400 [ 410.668212][T11499] ? __pfx___might_resched+0x10/0x10 [ 410.673530][T11499] should_fail_ex+0x3b0/0x4e0 [ 410.678261][T11499] ? bpf_test_init+0xe1/0x180 [ 410.682997][T11499] should_failslab+0xac/0x100 [ 410.687728][T11499] ? bpf_test_init+0xe1/0x180 [ 410.692459][T11499] __kmalloc_noprof+0xd8/0x400 [ 410.697271][T11499] bpf_test_init+0xe1/0x180 [ 410.701837][T11499] bpf_prog_test_run_xdp+0x48e/0x11b0 [ 410.707265][T11499] ? __pfx_lock_acquire+0x10/0x10 [ 410.712350][T11499] ? __pfx_lock_release+0x10/0x10 [ 410.717444][T11499] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 410.723312][T11499] ? __fget_files+0x29/0x470 [ 410.727973][T11499] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 410.733812][T11499] bpf_prog_test_run+0x33a/0x3b0 [ 410.738771][T11499] __sys_bpf+0x48d/0x810 [ 410.743036][T11499] ? __pfx___sys_bpf+0x10/0x10 [ 410.747835][T11499] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 410.753839][T11499] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 410.760181][T11499] ? do_syscall_64+0x100/0x230 [ 410.764961][T11499] __x64_sys_bpf+0x7c/0x90 [ 410.769393][T11499] do_syscall_64+0xf3/0x230 [ 410.773905][T11499] ? clear_bhb_loop+0x35/0x90 [ 410.778604][T11499] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 410.784511][T11499] RIP: 0033:0x7fa55eb79e79 [ 410.788935][T11499] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 410.808557][T11499] RSP: 002b:00007fa55f910038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 410.817010][T11499] RAX: ffffffffffffffda RBX: 00007fa55ed15f80 RCX: 00007fa55eb79e79 [ 410.824989][T11499] RDX: 0000000000000050 RSI: 0000000020000040 RDI: 000000000000000a [ 410.832976][T11499] RBP: 00007fa55f910090 R08: 0000000000000000 R09: 0000000000000000 [ 410.840962][T11499] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 410.848940][T11499] R13: 0000000000000000 R14: 00007fa55ed15f80 R15: 00007ffc3ecab5c8 [ 410.856943][T11499] [ 411.720187][T11541] bond0: entered promiscuous mode [ 411.726397][ T5235] Bluetooth: hci2: command 0x0406 tx timeout [ 411.732703][ T5235] Bluetooth: hci5: command 0x0406 tx timeout [ 411.739947][ T5235] Bluetooth: hci1: command 0x0406 tx timeout [ 411.748851][T11541] bond_slave_0: entered promiscuous mode [ 411.811431][T11541] bond_slave_1: entered promiscuous mode [ 411.902082][T11554] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 412.449164][T11551] Bluetooth: hci3: command 0x0406 tx timeout [ 412.642375][T11579] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 412.687864][T11583] bond1: Unknown bonding mode 6 for xdp xmit [ 412.694660][T11583] ------------[ cut here ]------------ [ 412.700322][T11583] WARNING: CPU: 1 PID: 11583 at drivers/net/bonding/bond_main.c:5494 bond_xdp_get_xmit_slave+0x519/0x690 [ 412.711771][T11583] Modules linked in: [ 412.715727][T11583] CPU: 1 UID: 0 PID: 11583 Comm: syz.1.2000 Not tainted 6.11.0-rc3-syzkaller-00202-gf8669d7b5f5d #0 [ 412.726695][T11583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 412.736871][T11583] RIP: 0010:bond_xdp_get_xmit_slave+0x519/0x690 [ 412.743206][T11583] Code: be 61 13 00 00 48 c7 c2 a0 2f 96 8c e8 f0 cf 14 fb eb 98 e8 39 2a 38 fb 4c 89 e7 48 c7 c6 80 50 96 8c 89 da e8 88 84 5a 05 90 <0f> 0b 90 eb a6 e8 1d 2a 38 fb 48 85 db 74 0a e8 13 2a 38 fb e9 72 [ 412.762953][T11583] RSP: 0018:ffffc9000944f848 EFLAGS: 00010246 [ 412.769125][T11583] RAX: a03aab9316e96200 RBX: 0000000000000006 RCX: a03aab9316e96200 [ 412.777209][T11583] RDX: ffffc900189ba000 RSI: 0000000000001de1 RDI: 0000000000001de2 [ 412.782680][T11588] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2004'. [ 412.785297][T11583] RBP: ffffc9000944fc60 R08: ffffffff8174024c R09: 1ffff92001289e84 [ 412.802419][T11583] R10: dffffc0000000000 R11: fffff52001289e85 R12: ffff888057d58000 [ 412.810495][T11583] R13: ffff888057d58000 R14: ffff888057d58cc0 R15: dffffc0000000000 [ 412.818589][T11583] FS: 00007fc9904316c0(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000 [ 412.827610][T11583] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 412.834264][T11583] CR2: 0000001b30d11ff8 CR3: 000000002b63a000 CR4: 00000000003506f0 [ 412.842359][T11583] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 412.850446][T11583] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 412.858522][T11583] Call Trace: [ 412.861849][T11583] [ 412.864829][T11583] ? __warn+0x163/0x4e0 [ 412.869108][T11583] ? bond_xdp_get_xmit_slave+0x519/0x690 [ 412.874827][T11583] ? report_bug+0x2b3/0x500 [ 412.879463][T11583] ? bond_xdp_get_xmit_slave+0x519/0x690 [ 412.885178][T11583] ? handle_bug+0x3e/0x70 [ 412.889633][T11583] ? exc_invalid_op+0x1a/0x50 [ 412.894388][T11583] ? asm_exc_invalid_op+0x1a/0x20 [ 412.899543][T11583] ? __wake_up_klogd+0xcc/0x110 [ 412.904461][T11583] ? bond_xdp_get_xmit_slave+0x519/0x690 [ 412.910236][T11583] ? bond_xdp_get_xmit_slave+0x518/0x690 [ 412.915952][T11583] xdp_master_redirect+0x143/0x2d0 [ 412.921208][T11583] bpf_test_run+0x8cf/0xa90 [ 412.925786][T11583] ? bpf_test_run+0x370/0xa90 [ 412.930608][T11583] ? __pfx_bpf_test_run+0x10/0x10 [ 412.935838][T11583] ? _copy_from_user+0xa6/0xe0 [ 412.940740][T11583] ? bpf_test_init+0x15a/0x180 [ 412.945593][T11583] ? xdp_convert_md_to_buff+0x5b/0x330 [ 412.951198][T11583] bpf_prog_test_run_xdp+0x7e3/0x11b0 [ 412.956701][T11583] ? __pfx_lock_release+0x10/0x10 [ 412.961822][T11583] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 412.967763][T11583] ? __fget_files+0x29/0x470 [ 412.972438][T11583] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 412.978374][T11583] bpf_prog_test_run+0x33a/0x3b0 [ 412.983369][T11583] __sys_bpf+0x48d/0x810 [ 412.987721][T11583] ? __pfx___sys_bpf+0x10/0x10 [ 412.992544][T11583] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 412.998629][T11583] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 413.005037][T11583] ? do_syscall_64+0x100/0x230 [ 413.009930][T11583] __x64_sys_bpf+0x7c/0x90 [ 413.014403][T11583] do_syscall_64+0xf3/0x230 [ 413.019024][T11583] ? clear_bhb_loop+0x35/0x90 [ 413.023765][T11583] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 413.029773][T11583] RIP: 0033:0x7fc98f579e79 [ 413.034238][T11583] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 413.054052][T11583] RSP: 002b:00007fc990431038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 413.062572][T11583] RAX: ffffffffffffffda RBX: 00007fc98f715f80 RCX: 00007fc98f579e79 [ 413.070716][T11583] RDX: 0000000000000050 RSI: 0000000020000040 RDI: 000000000000000a [ 413.078780][T11583] RBP: 00007fc98f5e7916 R08: 0000000000000000 R09: 0000000000000000 [ 413.086874][T11583] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 413.094954][T11583] R13: 0000000000000000 R14: 00007fc98f715f80 R15: 00007fff96033808 [ 413.103237][T11583] [ 413.106363][T11583] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 413.113681][T11583] CPU: 1 UID: 0 PID: 11583 Comm: syz.1.2000 Not tainted 6.11.0-rc3-syzkaller-00202-gf8669d7b5f5d #0 [ 413.124507][T11583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 413.134609][T11583] Call Trace: [ 413.137930][T11583] [ 413.140907][T11583] dump_stack_lvl+0x241/0x360 [ 413.145650][T11583] ? __pfx_dump_stack_lvl+0x10/0x10 [ 413.150909][T11583] ? __pfx__printk+0x10/0x10 [ 413.155567][T11583] ? vscnprintf+0x5d/0x90 [ 413.160035][T11583] panic+0x349/0x860 [ 413.163987][T11583] ? __warn+0x172/0x4e0 [ 413.168196][T11583] ? __pfx_panic+0x10/0x10 [ 413.172696][T11583] __warn+0x346/0x4e0 [ 413.176723][T11583] ? bond_xdp_get_xmit_slave+0x519/0x690 [ 413.182419][T11583] report_bug+0x2b3/0x500 [ 413.186803][T11583] ? bond_xdp_get_xmit_slave+0x519/0x690 [ 413.192511][T11583] handle_bug+0x3e/0x70 [ 413.196799][T11583] exc_invalid_op+0x1a/0x50 [ 413.201356][T11583] asm_exc_invalid_op+0x1a/0x20 [ 413.206251][T11583] RIP: 0010:bond_xdp_get_xmit_slave+0x519/0x690 [ 413.212558][T11583] Code: be 61 13 00 00 48 c7 c2 a0 2f 96 8c e8 f0 cf 14 fb eb 98 e8 39 2a 38 fb 4c 89 e7 48 c7 c6 80 50 96 8c 89 da e8 88 84 5a 05 90 <0f> 0b 90 eb a6 e8 1d 2a 38 fb 48 85 db 74 0a e8 13 2a 38 fb e9 72 [ 413.232236][T11583] RSP: 0018:ffffc9000944f848 EFLAGS: 00010246 [ 413.238366][T11583] RAX: a03aab9316e96200 RBX: 0000000000000006 RCX: a03aab9316e96200 [ 413.246385][T11583] RDX: ffffc900189ba000 RSI: 0000000000001de1 RDI: 0000000000001de2 [ 413.254402][T11583] RBP: ffffc9000944fc60 R08: ffffffff8174024c R09: 1ffff92001289e84 [ 413.262424][T11583] R10: dffffc0000000000 R11: fffff52001289e85 R12: ffff888057d58000 [ 413.270442][T11583] R13: ffff888057d58000 R14: ffff888057d58cc0 R15: dffffc0000000000 [ 413.278561][T11583] ? __wake_up_klogd+0xcc/0x110 [ 413.283483][T11583] ? bond_xdp_get_xmit_slave+0x518/0x690 [ 413.289193][T11583] xdp_master_redirect+0x143/0x2d0 [ 413.294402][T11583] bpf_test_run+0x8cf/0xa90 [ 413.298981][T11583] ? bpf_test_run+0x370/0xa90 [ 413.303756][T11583] ? __pfx_bpf_test_run+0x10/0x10 [ 413.308888][T11583] ? _copy_from_user+0xa6/0xe0 [ 413.313710][T11583] ? bpf_test_init+0x15a/0x180 [ 413.318535][T11583] ? xdp_convert_md_to_buff+0x5b/0x330 [ 413.324054][T11583] bpf_prog_test_run_xdp+0x7e3/0x11b0 [ 413.329497][T11583] ? __pfx_lock_release+0x10/0x10 [ 413.334593][T11583] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 413.340462][T11583] ? __fget_files+0x29/0x470 [ 413.345128][T11583] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 413.350997][T11583] bpf_prog_test_run+0x33a/0x3b0 [ 413.355995][T11583] __sys_bpf+0x48d/0x810 [ 413.360319][T11583] ? __pfx___sys_bpf+0x10/0x10 [ 413.365161][T11583] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 413.371209][T11583] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 413.377603][T11583] ? do_syscall_64+0x100/0x230 [ 413.382428][T11583] __x64_sys_bpf+0x7c/0x90 [ 413.386898][T11583] do_syscall_64+0xf3/0x230 [ 413.391451][T11583] ? clear_bhb_loop+0x35/0x90 [ 413.396184][T11583] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 413.402127][T11583] RIP: 0033:0x7fc98f579e79 [ 413.406584][T11583] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 413.426241][T11583] RSP: 002b:00007fc990431038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 413.434708][T11583] RAX: ffffffffffffffda RBX: 00007fc98f715f80 RCX: 00007fc98f579e79 [ 413.442745][T11583] RDX: 0000000000000050 RSI: 0000000020000040 RDI: 000000000000000a [ 413.450768][T11583] RBP: 00007fc98f5e7916 R08: 0000000000000000 R09: 0000000000000000 [ 413.458867][T11583] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 413.466948][T11583] R13: 0000000000000000 R14: 00007fc98f715f80 R15: 00007fff96033808 [ 413.474952][T11583] [ 413.478270][T11583] Kernel Offset: disabled [ 413.482655][T11583] Rebooting in 86400 seconds..