last executing test programs: 4.226635922s ago: executing program 4 (id=343): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004840}, 0x0) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x8, @local, 0x2}, 0x1c) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x4) r2 = socket$inet6(0xa, 0x3, 0x84) r3 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r3, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000180)=[{0x50, 0x0, 0x5, 0x80000001}, {0x6, 0x0, 0x2, 0x3}]}, 0x10) r4 = socket$inet6(0xa, 0x2, 0x0) r5 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000080)={'vxcan1\x00', 0x0}) socket$nl_netfilter(0x10, 0x3, 0xc) connect$can_bcm(r5, &(0x7f0000000300)={0x1d, r6}, 0x10) sendmsg$can_bcm(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000480)=ANY=[@ANYBLOB="05"], 0x48}}, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r8, 0x8933, &(0x7f00000000c0)={'vxcan0\x00', 0x0}) sendmsg$nl_route_sched(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r9}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0) r10 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r10, 0x89f3, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x700, 0x1, 0xfffffffc, 0x0, {{0x5, 0x4, 0x0, 0x2, 0x14, 0x67, 0xfffc, 0x80, 0x5e55b37311de6d89, 0x0, @broadcast, @local}}}}) close(r5) sendto$inet6(r4, 0x0, 0x0, 0x4098884, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c) bpf$MAP_LOOKUP_BATCH(0x18, 0x0, 0x0) sendto$inet6(r4, 0x0, 0x0, 0x0, 0x0, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000280)={{{@in=@local, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x7, 0x0, 0xfffffffffffffffd, 0x9, 0x6, 0x0, 0x40000000000000}, {0xffffffffffffffff, 0x1000000000, 0x53e5, 0x20}, 0xfffffff7, 0x1, 0x1, 0x0, 0x3, 0x2}, {{@in=@empty, 0x1, 0x32}, 0xa, @in6=@local, 0x1502, 0x4, 0x3, 0x0, 0xc36, 0xfffffffd}}, 0xe8) r11 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r11, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000) recvmmsg(r11, &(0x7f000000c800)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000340)=""/25, 0x19}, {&(0x7f0000000380)=""/93, 0x5d}, {&(0x7f0000000a00)=""/4096, 0xe22}, {&(0x7f0000001a00)=""/110, 0x6e}, {&(0x7f0000000400)=""/217, 0xd9}], 0x5}, 0xc}, {{0x0, 0x0, 0x0}, 0x24c9ddb}, {{0x0, 0x0, 0x0}, 0xf04}, {{0x0, 0x0, 0x0}, 0x1}], 0x4, 0x40000000, 0x0) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c) 3.95914284s ago: executing program 2 (id=348): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) sendmsg$inet(r0, &(0x7f0000000d40)={0x0, 0x7000003, &(0x7f00000023c0)=[{&(0x7f0000000b40)='?', 0x1}, {0x0, 0x1}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}, 0x20001) 3.92026766s ago: executing program 0 (id=350): r0 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'netdevsim0\x00', 0x0}) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000080300000095"], &(0x7f0000000300)='GPL\x00', 0xb, 0x0, 0x0, 0x0, 0x0, '\x00', r1, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffd62}, 0x94) 3.816128799s ago: executing program 2 (id=351): unshare(0x6a040000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0xc3490000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = socket$inet_smc(0x2b, 0x1, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$EBT_SO_GET_ENTRIES(r1, 0x0, 0x81, &(0x7f0000001d40)={'broute\x00', 0x0, 0x3, 0x0, [], 0x0, 0x0, 0x0}, &(0x7f0000001dc0)=0xa8) getsockopt$EBT_SO_GET_INIT_INFO(r0, 0x0, 0x82, &(0x7f00000000c0)={'nat\x00', 0x0, 0x0, 0x0, [0xf1, 0xfffffffa, 0x7, 0xfee, 0x3, 0x3]}, &(0x7f0000000340)=0x78) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8000}, 0x94) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r2 = socket$tipc(0x1e, 0x5, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x2}) readv(r3, &(0x7f00000001c0)=[{&(0x7f0000001400)=""/227, 0x10}], 0x4) socket$kcm(0x2, 0xa, 0x2) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r2, 0x8983, &(0x7f0000000040)={0x0, 'syzkaller1\x00', {0x4}, 0x1}) socket$packet(0x11, 0x3, 0x300) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) r4 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x9c}}, 0x0) 3.726904341s ago: executing program 0 (id=354): socketpair(0x1e, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) getpeername$packet(r0, 0x0, &(0x7f0000000040)=0x31) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x2, 0x1, 0x30}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9}, 0x90) 3.540914087s ago: executing program 0 (id=356): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000010900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073597a31000000000900010073797a300000000008000540000000218c0000000c0a01030000000000000000070000000900020073797a31000000000900010073797a3000000000600003805c000080080003400000000250000b80200001800a00010071756f7461000000100002800c00014000000000000000002c0001800a0001006c696d69740000001c0002800c00024000000000100000000c0001"], 0x110}}, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, 0x0}, 0x0) setsockopt$XDP_TX_RING(0xffffffffffffffff, 0x11b, 0x3, &(0x7f0000000000), 0x4) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000080000000c"], 0x48) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x24, 0x24, 0xd0f, 0x70bd2c, 0x0, {0x60, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x0, 0xe}}}, 0x24}}, 0x4000004) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x2, 0x2172, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) mmap(&(0x7f0000005000/0x1000)=nil, 0x1000, 0x0, 0x13, r2, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r3, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000e00)=ANY=[@ANYBLOB="bf16000000000000b7070000010000004070000000000000500000000000e1ff95000000000000002ba76bb33123751c4e345c652fbc1626cca2a2ad75806150ae0209e62751ee04000000670d25010000020000040000009fc404000000c788b277beee11bf9b0a4def23d410f6accd3641110bec4e90a6341965dac03d04683712a0b09edc9e9ef8f6e396ad200e011ea665c45a3449abe802f5ab3e89cf40b8580218ce740068720000074e3e8eea3fd8cf49827ca311f5b87e1ca8433a8acd715f5888b2007f0000000000000000010000000000fb00010000000000414027efc84293af6a22000000005335001db43a5c000000000000000024000000000000000000e75a89faff01210cce39bf405f1e846c1242000000000000cad326ad7add65873d9f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bc24fef5d7d617da7fb5e2a431ab9142f3a06d55740a43088696daaed74b9c5c29647d2f950a959cf9938d6df8600a62e96b7cb8e52cbdc2ba9d580609e31c30891f7e5ff7fd6fce424c2200af6c3784a1975fa657de38a3a32a4fd67ce446ac5431d07db79240acaf091231b986e77d05d988d6edc71df48dca02113a38300c2bf2b5543ffc1669557b3819d8c396d2c2361629d1022f722ec23812770d72cd0010000007889b8c7044f563a1f68d4eff895fdbc463f747c08f40105869035000000000000000000000000000000000000000000000000080000003ddf4aa4b1c8baa0ae6feb6737c275dc2740f742b5425f1d581961471cdb0500000000000000d4123f955267fe4a75c114f874e086287547d4099aeec9f1538ee25a365ccf4a9b604e88e12ff25184d4e3c6f7f623559435b26b50fb7113000000f0bc440550ee91302f5a000000000000000000000000006d0000e67ccc00148ac4c43021cce9f24f4b2f9492c32e7af05c648978d9980ba49789906d923e4916f390ab7edcd3f5b9fe14446dd446a52131c464f2c08efb46d934615c8631b7c42efd0294bea179b0433f5c899119ec2c3f4523110c0acef5383b5a2720caeb68f1e9c05b05d89467ded84da093dea262e51811e2d7fa515722516bd5ef6c8c4966e5937562a5648a696ad3a042a7097ddefe0671f977fb145890f5bf41ba92b8c4c8b14f0d4a880ef4518bb32881dfd15dc84e79d326337e21e041654f06bd7f000000000000000000000000000000282ffe0000000009350cfa3ab109ab4a7d95938c5334a0dd177f1a7389ee570d95e543a27546d3770740f354df6dd6b1bfe4104d2262f33f596d606ccce75a3c3d5f9ad94a7316b0c6ad14f1398a6b39b07121f636da418b34d48677cf8d2d99ee8ac50142bcdcc73dd73cc6ec46896ffb35ac82ac7a9309ea07396d2814dc630ad1a9913934849be25f7b81b59aaa9fa2e9d6ecafcfa1de81b2d3581ab1138537f98d2240b6c2bf40569da4e2bb77532ab9220347d78319617d17e14f7331486e86b2145980b95c88ae11b1c6b6ea6c2b2311d6ce6315cc451dd50ac746acd59d075b41f9a747894956b10453ccf6527d8f579256e9849bbaf6c7c84362209d3d2320101d57"], &(0x7f0000000140)='GPL\x00'}, 0x48) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000940)={r4, 0xe0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r5, &(0x7f0000000200)=0x5, 0xfffffe97) ioctl$BTRFS_IOC_SCRUB_PROGRESS(r1, 0xc400941d, &(0x7f0000000a00)={0x0, 0x4c, 0x1}) r6 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r6, 0x0, 0x60, &(0x7f0000000240)={'filter\x00', 0xb001, 0x4, 0x3a8, 0x0, 0x1d0, 0x0, 0x2c0, 0x2c0, 0x2c0, 0x7fffffe, 0x0, {[{{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0x1d0}}, {{@uncond, 0xc0, 0xe8, 0x0, {0x0, 0x1e03}}, @unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x46e, 0xfffc}}}, {{@uncond, 0xc0, 0xf0}, @unspec=@CONNMARK={0x30}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x3f8) r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$nl_generic(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c0000002d00090027bd7000fedbdf250500000008000a"], 0x1c}}, 0x20000086) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[], 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0xc010) 3.423473926s ago: executing program 4 (id=357): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$smc(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL802154_CMD_DEL_SEC_KEY(r0, &(0x7f0000000780)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x14, 0x0, 0x1, 0x70bd2a, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x20040810) syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000480), 0xffffffffffffffff) r1 = socket$nl_route(0x10, 0x3, 0x0) syz_emit_ethernet(0x6e, &(0x7f0000000280)={@local, @local, @val, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f81fcb", 0x30, 0x3a, 0x0, @private0, @mcast2, {[], @param_prob={0x4, 0x0, 0x0, 0x0, {0x0, 0x6, "4aa1d3", 0x0, 0x0, 0x0, @private1, @ipv4={'\x00', '\xff\xff', @loopback}}}}}}}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="5c01000013000100000000000000000000000300", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="050027000000000008008500", @ANYRES32=0x0, @ANYBLOB="140003006d6163766c616e31000000000000000008000a00", @ANYRES32=r1, @ANYBLOB="e8001a8048000a8014000700ff02000000000000000000000000000114000700fe8000000000000000000000000000aa050008000000000014000700fe8000000000000000000000000000bb9c00028010010180bafc0000000000000400070040ff0700100002800c000180080000000000000018000a80140007000000000000000000000000000000000144000a80050008000000000014000700fc020000000000000000000000000000140007000000000000000000000000000000000100000700fe80000000000000000000000000000005000800000000000400070004000700100002800c0001"], 0x15c}}, 0x0) 2.600849171s ago: executing program 4 (id=361): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000680)=ANY=[@ANYBLOB="c000000010000904000000ffffc7df2500000000", @ANYRES32=r2, @ANYBLOB="00000000000400009c001980960002002bab3b969c54255b0cd9445fe82b14afe039590cd064973882802a42d8fde6bcae1ff5a4ec0542d5f97cbb925247061f6d911ded5788ec6a8f03c9e16e424208c2ec129cd51937d27182438e2ddf5081ea85484165d4da6ac720397129ed96cf432bcc1266d7a77024b775574cd1ffc3689352db475751d7ae7b4630aa88dc9a1ea2cd966568594478a8f8777c3cc8fbe9de0000040014"], 0xc0}}, 0x40) 2.403111966s ago: executing program 3 (id=364): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000040)={'sit0\x00', &(0x7f0000000000)={'ip_vti0\x00', 0x0, 0x0, 0x0, 0x3, 0x2, {{0x5, 0x4, 0x0, 0x1, 0x14, 0x0, 0x4, 0x0, 0x4, 0x0, @rand_addr=0x64010101}}}}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) unshare(0x20040600) r1 = socket(0x1d, 0x2, 0x6) bind$inet(r1, &(0x7f00000000c0)={0x1d, 0x4e20, @loopback}, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFPFLAGS(0xffffffffffffffff, 0x8934, &(0x7f0000000040)={'wlan0\x00'}) ioctl(r2, 0x8b22, &(0x7f0000000040)) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r3, &(0x7f0000000400)={0x1f, 0xffff, 0x3}, 0x6) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfd6c}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x2, 0x4, 0x1, 0xbf22, 0x1080}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000500)={{r6}, &(0x7f00000001c0), &(0x7f0000000400)}, 0x20) r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) openat$cgroup_ro(r7, &(0x7f0000000140)='devices.list\x00', 0x0, 0x0) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0) r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x3, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r9}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3, 0x9, 0x0, 0x1, 0x600}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xd, 0x9, 0x0, 0x0, 0xffffff13}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x7, 0x9}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffdff}, {}, {}, {0x4, 0x0, 0x7}, {0x18, 0x2, 0x2, 0x0, r9}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x5, 0x1, 0x7, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) write(r3, &(0x7f0000000000)="3b000000010001ada89856a8edd9a222dfc5ac08", 0x14) 2.085865215s ago: executing program 4 (id=366): socket$inet6(0xa, 0x3, 0x2c) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)}, &(0x7f0000000240)=0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0241, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000100)=@ethtool_ringparam={0x7, 0x0, 0x20000000, 0x8, 0x6, 0x900, 0x401}}) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@ipv4_newroute={0x24, 0x18, 0x1, 0x0, 0x25dfdbfe, {0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x9}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x4}]}, 0x24}}, 0x0) syz_emit_ethernet(0x86, &(0x7f0000000000)=ANY=[], 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000400000000000000000000850000005000000085000000d000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r3}, 0xe) setsockopt$ARPT_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x0, 0x60, &(0x7f00000000c0)={'filter\x00', 0x4, [{}, {0x0, 0x100000000000000}]}, 0x68) r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x325, '\x00', 0x0, 0x0}, 0x50) unshare(0x22020600) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000180)={r4, 0x0}, 0x20) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NBD_CMD_CONNECT(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0100000000000000000001000000080001003f0000000c000200700f00000000ffff0c00060003000000000000000a000a00272d5d29212b0000140007"], 0x6c}}, 0x0) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0xc000) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz0\x00', 0x1ff) r7 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) openat$cgroup_freezer_state(r7, &(0x7f00000000c0), 0x2, 0x0) openat$cgroup_procs(r7, &(0x7f0000000040)='tasks\x00', 0x2, 0x0) 1.943507635s ago: executing program 0 (id=367): write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a6c52d922ba2a05dd42"], 0xfdef) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90) bpf$OBJ_GET_PROG(0x7, 0x0, 0x0) r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/5, 0x214000, 0x800}, 0x20) setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f00000001c0)=0x800, 0x4) socket$tipc(0x1e, 0x2, 0x0) r1 = socket$kcm(0xa, 0x3, 0x73) sendmsg$kcm(r1, &(0x7f0000000080)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x2000ff, @mcast2}, 0x80, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000002900000093f2000000000000000000004f14c3804d782bfcd98789e1f38a1cc2e04e764f340a966c4b443501f7aec5ca765f1daa5e580afe848e7d12c679420f83d4d6eeca6d4422fb737a72dc506dfed0cbe281030089e1766fcd6548b70af9398a9b5812098e55cbd0366bf0df8288cc1de77c"], 0x18}, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10) setsockopt$inet_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000300), 0x4) r3 = socket$igmp6(0xa, 0x3, 0x2) sendmmsg$inet6(r3, &(0x7f00000000c0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x0) ioctl$sock_TIOCINQ(r3, 0x541b, &(0x7f0000000180)) connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0c0000000300000000000000", @ANYRES32, @ANYBLOB='\t\x00'/20, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x1f, 0x1c, &(0x7f00000006c0)=ANY=[@ANYBLOB="180000000b00000000000000ff7f000018110000", @ANYRES32=r4, @ANYBLOB="00000000000014000000008500000083000000bf0900000000000055090100000000009500000000000000b7030000000000007b8af8ff00000000b70800000001491062600cb54dfa00007b8af0ff00000000bfa100000000000007010000f8fffff503b1faffbfa400010000000007040000f0ffffffb7020000080000001823000000010000000000000000000072a8ddcd8359139fc9ebed491d9af3e1ab0d73477001c2d946f3289a68493de4db8e2568999c0d0a0005bd1d7b249f9df444eaacbc5bb35be59395509f84b36a95b63e2ad07b3b704636fd8eef9f388334e2c1451d13e5566c7500a04612b1952e2a63195b6ccdb55760b36a93f926324b7091bbba06e75fe63538db5588e4d5975471401921bff6bb79aac2208de3c52721e0c8e4e05f65852a8711d8ea9f55a076b2fbf836224a130c8aac342e2402078949702d1b500de52c1a66184d4800c3e456f2143e1ea12535ac5288c5adc5530979e9bc1fa936de612b747ce3829f49053bd10ca37bafd98bf7717b893a3ea23f8e92c121", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000a5000000bf91000000000000b7020000010000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000100)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x11}, 0x94) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000240)=ANY=[@ANYBLOB="400000001f0019030000000000000000000000000000000000000000000000000000000000000000ff02000000000000000000000800"/64], 0x40}}, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000000)='hybla\x00', 0x6) getsockname$qrtr(r3, &(0x7f0000000480), &(0x7f00000004c0)=0xc) sendto$inet(r2, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0) recvfrom$inet(r2, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25) r6 = socket$pppl2tp(0x18, 0x1, 0x1) r7 = socket$inet_udp(0x2, 0x2, 0x0) connect$pppl2tp(r6, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r7, 0x2, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x32) r8 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r8, &(0x7f0000000340)=@pppol2tpin6={0x18, 0x1, {0x0, r7, 0x4, 0x0, 0x1, 0x4, {0xa, 0x8, 0x7fff, @mcast1, 0x7}}}, 0x32) 1.943001585s ago: executing program 3 (id=368): socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18aa0a00000000000000000000000000711235000000000095000000000000006ad8e17b8235e000cf47ea223e11001340f4d986d6578e055e37ee64513880bc235021f87dc3546af5c0c8b5e220c6e75353b428fb"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="54000000100039040000000000000000000003e4", @ANYRES32=0x0, @ANYBLOB="00000000000001003400128008000100736974002800028008000c000000008008000300ac14140014000b00ff0200000000000040000000000000018c173f4d91384262d370cfb6717b800f8cc63929fcc7c53ba7acbda2df145bb3a811c9cd3de5b824c110b94a8dc1fecf0e"], 0x54}}, 0x0) socket$inet_sctp(0x2, 0x5, 0x84) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0a000000050000000200000007"], 0x48) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000300)={r1, &(0x7f00000002c0), 0x0}, 0x20) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=@newtaction={0x64, 0x30, 0x9e54f29ff072a93b, 0x0, 0xfffffffd, {}, [{0x50, 0x1, [@m_csum={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x71, 0x1, {{0x1, 0x800, 0x3, 0xd, 0x6}, 0x29}}]}, {0xfffffee7}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x81}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0) close(r3) socket$inet6(0xa, 0x2, 0x3a) ioctl$SIOCSIFHWADDR(r3, 0x890b, &(0x7f00000000c0)={'syzkaller0\x00', @multicast}) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="160000001c0073fc000000000000000007000003", @ANYRES32=0x0, @ANYBLOB="000011000bdb2daa37c27ada22b5ec09"], 0x28}}, 0x40) bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1900000004000000080000000c00000000", @ANYRES32], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x20, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter}, 0x94) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'}) ioctl(r6, 0x8b1b, &(0x7f0000000040)) socket$alg(0x26, 0x5, 0x0) setsockopt$sock_int(r4, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4) syz_emit_ethernet(0x3b6, &(0x7f0000000000)={@multicast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x380, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0xdb0b, 0x0, 0x0, [{0x0, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af0302"}, {0x0, 0x1, "000000050000000026000400"}, {0x0, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c41bc943afcb04619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee96f24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f604d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000"}, {0x3, 0xb, "17dcea46805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f003"}, {0x21, 0x7, "b8a3e10090cf6164000000020000000000000000000000ffff008879e66485201a0015ca837c7357a0274500f700"/55}, {0x0, 0x14, "5e14f0e74d2d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c676d8800871a6aa54155dea2d995cb22c9924e0ad38c6967052cc7786d779b8353aac33a57d79b05613a12328f61129017fb632dbf04542188b196e213408c"}, {0x0, 0x5, "d5170000dce9674a36da018dff16e70b8b14c4b7a94fe18e88605aa6be1a02a326a6bce65f81ed"}]}}}}}}, 0x0) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) read(r7, &(0x7f00000001c0)=""/47, 0x2f) sendmsg$IPSET_CMD_SAVE(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000080601080000000000000004000000040500010006"], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x10) 1.872776195s ago: executing program 1 (id=369): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x6, 0x10, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000100000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006a00000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r1, 0x0, 0xe, 0x0, &(0x7f0000000740)="00800000000000000045a9000000", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xf}, 0x50) 1.709315453s ago: executing program 1 (id=370): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x800}, 0x0) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="00000002", @ANYRESHEX=r1, @ANYBLOB="000227bd7000fedbdf250200000005003700011e000005002f0001000000", @ANYRES8=r1], 0x24}, 0x1, 0x0, 0x0, 0x200000c4}, 0x40051) sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x2, 0x0, 0x6}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0x48}, 0x1, 0x0, 0x0, 0xac10ec8ecef8bae4}, 0x0) 1.487549015s ago: executing program 1 (id=371): bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x9, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000073013f000000000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @cgroup_sock=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0xbf71, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x3}, 0x50) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000100)={{r0}, &(0x7f0000000080), &(0x7f00000000c0)='%-5lx \x00'}, 0x20) 1.361119974s ago: executing program 1 (id=372): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x800}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x2, 0x0, 0x6}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x48}, 0x1, 0x0, 0x0, 0xac10ec8ecef8bae4}, 0x0) (fail_nth: 7) 1.285339744s ago: executing program 2 (id=373): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c000000040601020000000000000002000000"], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x800) 1.182776757s ago: executing program 3 (id=374): socket$rxrpc(0x21, 0x2, 0x2) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000d00)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="df33c9f7b9a60000000000000000", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2000}, 0x50) 1.18143635s ago: executing program 4 (id=375): r0 = socket$kcm(0x21, 0x2, 0x2) sendmsg$inet(r0, &(0x7f0000002780)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @empty, @private=0xa010102}}}, @ip_retopts={{0xb4, 0x110, 0xd, {[@ssrr={0x89, 0xf, 0xcf, [@private=0xa010102, @multicast2, @empty]}, @end, @timestamp_prespec={0x44, 0x24, 0x1f, 0x3, 0x3, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x1}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x3294}, {@loopback, 0x8}, {@broadcast, 0x7}]}, @timestamp_prespec={0x44, 0x2c, 0xb8, 0x3, 0x3, [{@multicast1, 0x3}, {@empty, 0x3}, {@empty, 0xb}, {@multicast2, 0x9}, {@local, 0x7}]}, @timestamp_prespec={0x44, 0x14, 0xc2, 0x3, 0x0, [{@multicast1, 0x3}, {@remote, 0xfffffff9}]}, @timestamp={0x44, 0x10, 0xaa, 0x0, 0x3, [0x5, 0x8, 0x6]}, @ra={0x94, 0x4}, @timestamp={0x44, 0x1c, 0xd2, 0x0, 0x9, [0x9, 0x5, 0x4, 0x6, 0x800, 0x4]}]}}}, @ip_retopts={{0x20, 0x0, 0x7, {[@timestamp={0x44, 0x4, 0x79, 0x0, 0x2}, @timestamp_prespec={0x44, 0xc, 0x26, 0x3, 0x0, [{@multicast1, 0x2}]}]}}}], 0xf8}, 0x0) 731.740776ms ago: executing program 1 (id=376): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x10, &(0x7f0000000600)=ANY=[@ANYBLOB="1800ffffffb000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000c700000095"], &(0x7f0000000300)='GPL\x00', 0x8, 0xff8, &(0x7f0000001e00)=""/4088}, 0x94) 728.976671ms ago: executing program 4 (id=377): socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) close(0x4) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00') unshare(0x6a040000) sendmsg$RDMA_NLDEV_CMD_PORT_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x20, 0x1405, 0x8, 0x70bd26, 0x25dfdbfe, "", [{{0x8}, {0x8, 0x3, 0x4}}]}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x4004040) 682.261621ms ago: executing program 3 (id=378): bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="b40500000000000061299a000000000020000000000000089500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0xa, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x366, 0x10, &(0x7f0000000000), 0x2b2}, 0x48) 603.307589ms ago: executing program 3 (id=379): bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xc, 0x16, &(0x7f0000000240)=ANY=[@ANYBLOB="61124c00000000006113720000000000bf2000000000000007000000080000003d0301000000000095000000000000006926000000000000bf67000000000000570600000fff07006706000002000000070600000ee60000bf150000000000003d650000000000006507000002000000070700004c0000001f750000000000006154000000000000070400000400f9ffad43010000000000950000000000000005000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0xffffffffffffff28}, 0x48) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)=@ipv6_newroute={0x2c, 0x18, 0x111, 0x1, 0x0, {0xa, 0x0, 0x80, 0x0, 0x0, 0x2, 0xff, 0x8, 0x2000}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x6}, @RTA_EXPIRES={0x8, 0x17, 0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4805}, 0x4) sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=@allocspi={0x150, 0x16, 0x1, 0x0, 0x0, {{{@in6=@loopback, @in=@broadcast}, {@in=@dev, 0x0, 0x6c}, @in6=@mcast2}, 0x0, 0x7fff}, [@migrate={0x50, 0x11, [{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in, @in6=@empty, @in6=@local}]}, @proto={0x5, 0x1b}]}, 0x150}}, 0x0) 588.491458ms ago: executing program 2 (id=380): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="14000000100001000000000000000000fff5000a20000000000a03000000000000000000390766f60900010073797a30000000004c000000090a01040000000000fbffffff00000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021100011800c000100636f756e746572009c0000000c0a01010000000000000000070000000900020073797a31000000000900010073797a300000000070000380"], 0x130}, 0x1, 0x0, 0x0, 0x8000}, 0x8880) 499.258136ms ago: executing program 3 (id=381): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f00000004c0)={0x5, 0x40000}, 0x10) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x3}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10) r2 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030030000b12d25a80648c2594f90224fc60100c034002000000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000002b80)={0x0, @in={{0x2, 0x4e21, @multicast1}}, 0x10, 0x2b, 0x0, 0x8, 0x2}, &(0x7f0000000580)=0x98) sendmsg$inet_sctp(r0, &(0x7f0000002cc0)={&(0x7f0000000380)=@in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1a}}, 0x10, &(0x7f0000002b00)=[{&(0x7f0000001600)="76f0ab9c3def95e79297e530ea2f3c23e982483b9016cfb3e20d93173a375631ceaf08461cb44219f20842ac87c079fbbca2c4d97fe843b358dae4d30c736be92ef37c4d5c82202dbf7a7b084079e88ed84d89b83bc9acacdca9d0d46931d184a93c2d6e39107d13da649ba2fd35eeeb3eba48dfb0aad22de96cb5fcf8a704575082c9eb6b69995d7fb2f3df681c1aaaa993ddba0c404ce6aab17debd38b09c55bb6db4b", 0xa4}, {&(0x7f00000016c0)="ce1e0a5c00fca54a7dd756ef3b526aed40f897bafacbe406d69465509346aa5db9644b1b77eb95bca2041c65f42939725393630a6e0670f3c51601d18828f289b886ad45b95137b0e4832045bb03f0bb70262af4e14409627450853d8107ae006d9a44dc254a89da2f57849bf9191499b49629dc69270c9e0bd0870ed11cd743181419d56511291e0562d8bd368647d9acbc4a16a751ec00ac99a37e82dfb41b51439c0382123628d2c02b8faefbcb60fbc33158e840", 0xb6}, {&(0x7f0000001780)="755600b4cfffc7d572cf8922be5bd073e78500d0c9e5f668bddb60d414f10346fa4f1b757d6c0f57ac864a2235929dc0db73beeae3e076a94ce20d583ed333611088e2f434a9598c366edca20b5e884eaef288e7836373dae4683b70f28a204b472ec28c210f9d931329ca621b84fee16d9cc702ac7bec8ef7d3dbc2d112d7c2ed9b8337d8fa311560b66fc3fea230cc57c617d1422a0121cbbf5d04276b84d0f80e964114c457e0827de69ac4f04a16f2b830c0cc5356690593e471da13d9a8c92100", 0xc3}, {&(0x7f0000001b00)="76aaf3f692b24078e998741400c435f2e740e959ad08cb0f8040aff87808c9cc1e19f27d77a619871b7331ccee4d09208ce9fe6c090ab9d3da9fc26bc8cd9d90b2f293a96242177c30f246be9290ca9fb2a9e306e7c45a158c9e22efcb1c840cfee8710087e8958decc0e9bf299b5ec11f8bea3c7f93be8d1fc0913d28d0410b10a0f12555228741cdac81eac9c4aba0e086035d0bd70e748f08c47c1c2b9964973dd8758665705fddc8db9327df6c5e4ff809480f22716672d480ab5907309b0afa9f82d73bf7dd7cbc6ba0a8a8c483bea5e3934b8afbccc3fee7a8a21bbd8710490c7dcbbc034fa542dac03461012e55bdee9a7c48caa09b84b06786fedb1e86b8a1857c7f7a2d7d18f50dbe4bf15eb3090efd659922333e0099469c29b7bfab6eee2e13fe407bf30460f5b37bf9853c4543e75ebcaf7bfc6bf86e4ef5fb0a8e262edb915493930232235e65e1e13744481b6f12894fb688007a548fae680eb7c6c3b96bf8ee781aee77e02551635eb9bb3387a7d9d4953a8664674108507a126228edbf91cae660dfec20eb249ca106d4d2490d952f90054302819f98c3737653568d7fc932dee7778dc44ce6108fcd5519384a9b5774a5d718f709a44b9f6ea6a590933257040433b0f46943eb1112b347818f2f7acb11ddcdf4829cdc6edd4bdb516fee955a5512acd931899f20fbeb2e74b83cae8e70f08a0882c08310cce8d11865df634e9f7df14c2e88ab560b14af75613f508d053f069191f523eb8fc86ac46d2997c5640b57605e6d6be1c1cc39ae8c1725ab00c3fd6f8bf490bedc1cc7c1cdf980a0c5125eb19f0fc24f60f72bc1c0032ea76dabfb4515504257e2383fae215301384efc147b19c5a14f4ea12070c236076fb8cae6efe8ef1e8277ac38ab2dc160f0086c5252b54b29dc6411cf32f87865a486224bb5ed89b54e93997d348c24125f834c0194126a38751d59593d51d9dfbe7d0a6758e1d1f30f783f55a121df2943348f96419267656b2b58e2252451c076c59570d8c5aa4efbb203d89ca41771477792c896b82e3dbdf4e0a8e6287d622562198ec905caee365dd360b4d9289b8c574b84b1e7ef1fd209d631e13ad745d62320284a535f24b551aa9686b0581dcd4a70dfae395578e290735cb64f69f55bc34cb3f97b1bf57c2acd4a056a8f66caeeda8331d18c22e57ccbb74409979a1c24757ae4af7a2d4807027da8403a31abc062b9b99007aff560f036a54844874038e843b1a4d0844cbd3cd0336f02b2fb7419bf996ae2745ac7ba939767dd3c5c5c01dba048b055b70392ec61868b0c67d7aa81b097cfc0fa97ae0990bddcdb9a5ffda190427a78f03ce013c5363f51f9adf4ea8caa452faccaabc6fd7af67563ca99f6d849e3e278cd5345a1b7ee372056b2b65cfc614c55d0844de632d3a8768a7a14672f7ba2b4104b6d27b05b5c4a9cefdedbaf1659bb8c770bab50319c41646f428d55338e8d78af66c41392db4909d314928e3e713769982c26b62b242eab1765624b16c3562d6cc5cba4e4c34b6d6f26e4831a3bf06759410241191dd6bb78e306f1549defcd4de41c236de6399916c1a96d5bd1385db778dee891c736ebc6f44baeb4f23ebecbb5a3cfe009ec4c8f48a11f0fb24619f7eb5c4a95aeb3bf71894a8efaa051768f7b6090e87d016fbbb37aaf0a00b6af2f53ac64b5337a13d2ef9601d926a232d75d2ae3bf152a977479ba55e4c9c6925c51d5fc3eaf0ac493e4d37cc8c7a6590257f4bedae67ed01cebab2473bf46899c853d1a1c93be43a167a4e5b2afdfef4eb8da0b44332bc38b0f26d268f0bf0e6989bf008f1ada550448c0aca325d1fae1182c8b7974d1d0fbb1d5f5bb9eb9e65bd48b15d409a1de7aacd93cdd3a243b4235d03d28729cc174ae1d9189d3b836d553ee49070a2665fc382baf715199c3c80e1b2bdda574223f2acbf51126a6c5fe2e1ef468430959c1611509921022e3f43e2937055f12a7ca752ea0279783b21a81040dc53bcc38ff89c4bd158bdd1363fc55ecb1609d8e42a25ad7b1df1c1d2ed385f82a04a277e99f62f5dd5307b92cd794e79561f3dccc8b809db0ce8793687da56f6a004d13da251d8bda3087036390c1d8af3a2323832d4fb5f0228f61ec9abed2fb374380abbd335c7a2ac3d876fe0cc927846a68c452fe73a5ac478ef8de76b6e6df9229641c52a04a592c9f212fc0ff5189c7cf3f90f205db50f07dc1df922300dd3e6ac7d3fbb8d7346c0c2cfd8c7a4df55f5395d6a93a88320ba8882868a4e59ffd16d5dcdd98333de404a4fc0349a651a71543d7e842082ddd10cf735e4cc81f0ae465cc7ffe839e9f562cc242b1cfb24ddd6e53f0547ac979bb0f1bf5545b340a290c2dc044647dc4f077e626e9d010a93c5fe40cdff805f33654663e6e0a881b16714894ae74a0ad6a014bf7f2df649db938920dbdc616b0be310ac025afcc4cbad1173a3490ef8c53480b4c8579564cdd5c7c452d3d204a7eeec0db568662f994accebc495642991fdd4d2ba750fca6fe33266d3d5c31d9f22b2362c2fda1973d585b53d79a48de1feb23c235cb117607a21e71366a11eb89f1f62bfeae5b4d5bb3130dbacd81a9f3d4b69e6d0a7ead5b5673f86e781dbe09926a18a80d0b3800ba39bb5bea682159616233acd711628825fbae4589f24c4e8d63fd926380a7ab5e04838b67da27bf29fcfed7c199f005953ac23b9d3d85fb2ab7d817ba7091c7894790cd8f9e05bcf0e0591dc6f7f57ed82abf49181db49a4365302df4f775a6758b937e3192c9bb446f911b147faa5a403d3da5d51b65ab99203f6036e9be5f1b4e9c9fcee9f9a5fc5a41c584c174172fffb862cc14a1a7d44d1811c1468f4b6720395ab81a33ae7b44ac8cb624f03b3606a56d297360c7f2624655abf374909e951c4b9164ea06cabf0bf823f17e64c9d8f903a622db469c91932d351924512dbfaa4c67f1144e19b2cfda38d17fd08902c9fedd5de2958d938899a44dfe581989d072993cf535079f33402c7874fd52b8ac600731f61a38d7191a8b6a3ac6a5779cf89eb5926e7d4d624f1c2b4fe63c50095edb5758e99fbb1fffb50004b7d990f39970094ab1f9b731250c19c3269e338219009a478de458843fbdc40eca5ab5c2f287fc21599746afd67f9b0db97d5dcd9cab0fa3992ea2bc593b1e630f27c03cc1447571916edbd10f1283c62cb20ba3166948a408c0f2ae9cf98feb8145f0441de09005198dfa37e9226a82ee3074003260ab508814b9b2b614d13a6284cbb5190ed6dd6113e95525ba49acad23ac53e26142231c108ae5bac56fab4f7c030d8af332752452e9160c8481f780cd72ece76db170030ef408553d31652b9e454c2040767cbfe3b83ad9954b4c327e87c72da3732e21586a6131e1c4b5cc59a69046a9e551e23dfa0de42b0271dde517ae06098a3f8365a94c11aa698603fa490bd6e0844a2c9f3d29297e625b5a2bd1ff6cb62e12dc1b115f3f31451a7e5f598e6c8121f3a8f018055c501f4c34c609fb4be5d44bafbc94d9135626476bbd01e93477d3cecc952d7a7df32b23f84ae9fcd9fec9709c4946f38b7fa44b507343d932b56e0495e8190f7594ef0dc3ab043a5c3b942a487fbd282be09711f779c3f231c5296794f8a5d5c735bf2c7b9fc2708a3573827681524a8b0e78a8c8fbbf4c22cc5ae72076514f6a7c3a87db4f3566d99e94da4a726bfbd75213cd5ea107cca502a05feb47bb81bf7a2d6d9c3244b37593a03e6f22290ee6cc09dbebc79ad258918e79f8e16362842260287ea452aa3669842cee73d02743fe50539e9d8f6315f81ed95935348485e22a3a0f05c348e834c31ad8c028d6cd777dba75e3fb4498a8ac631a7b4f518cb7a5436d370cba969e783c2b800a3391c78be6f2ac63019a017742c8fd1fe3f63ea60d83bbc65fc58ccfbd6d88b52d2f7df7e2fc893e836ce3497a69537a6bffa443cae983f55cd9ccfcfce9ed6d58cc39a3ba68796ef6c2595dedc18f2e94a7c6ee508e5546609e4068c29637b4fe10e599ce543bdb83b4ffa605f05253615c0fd4a55bd39ed5b56a7063a81225ee49f967bccccc9352466aa3ae6744a9551e42d502fdd2a2392c51522974a5fa729691b490f267e75dc14c71025159774fc93079b7fe971b7d349ab4aa8982c61e28f4ceb0a582b2dc9d69dea97fd78addabc5f5d021118a76d0c76821e84e3e8ac1b74855d95551e3895eb083fe90fb016c19c3af39fcaa28e80bd7cdbb84dd8033506d719c13c752637bef5b79268def5e933968cb095a6a0b2441faa77149308e5fc5a907cdc69d404ad7fc5dabb1dfab91d9510dce89ab399af626967bb3ba9c45bfc22a431262defbc0a5ed01f3caa9ec86d7807274badb96a40caa566841eacd0d590e8f3e7bd7720f3558c3b131f23b0992193e37b4827e70434f3646dee1015a25199eacd18b246f054cc2219b8338072b68d006ef8eda94ec2d256cd436b553cd7bc1c5d3fe56b8e721197bc2a855be302fb4d8729235cee784a4a3035d41d941b2bde33e498e81d421dbd2309a627ba9ffdae88c7b3243281bebd36130bf92537228de2f7871265469a3cffe04ef24e5881d08c777299d1fa5289fe2ce76f4ae77d4cf03b97685cfae1fe761a29379ec16eebefdbbe8a8ddcf4a4dd1edaee6d8055b6c706229fd9a30dbf5ce13b89ad5afcb15aed10364b0bc85817f56284c4f3508132154e6fd10a2e5cd3f7141882cf936fea8005737eb25f735849134d27884e3730ebc52d96d09c93a5e8091db9114d5ef0308a6307dbe0ef1e0afe91e061c57c2a397ccf8da96caa1458325cc44a80ffb859d872058f3ba1aeed527f370a4d6c7c949ebc8567b5cb9149a2406e223c222641467194e1fd6188ba74224136b0a388c71393bbe3ad706001232e63414519399a8baf22ae746ca1c2a021e4776922d2ef61fe0ab6dc440f1a405c1902614620b81cb9a9af96416668fb97f164c6f7bc914e82cef791d776812472df2459351039d6e210e52753e0f5570431e6ec9cb5b679a9228b55928f996e27f08e990d13d37cb4be5e86f66b7855b0e732a00af9e0d82866341b887ed991ad8854be031fb2d2bb3b9947f66008fdfb32440c1896224efb2b111b3e69317ca9d9e82df4d7f33fd4d80de53fac8be453ae35edb722f4de0a38d2870ed9c72883b2cd4a502fc3d8ef28f5549843e8b43e8f688bb71d9815e2d0e5ae784c4da5bff73e21991a260eef772ade49ea4e2a87d1471623ef9d6249c7212d0080ac7b1d43d51a2bfbb0be27c8af580b6e8016c5700d3c1221ebd17bf3fec09e14e55312d86187d82bb098a0c0ed1da9977a7f8d33d52ebe860613ab3bcb47426bfbb4de9aecb24e10dffe2d0b0931c20d5aaeb88dfb029d19b921f4342ea25a6d972d01a42f95755478daac3ad1388bb58b82936f130c7bf4aae5e1fb489b86d6aa6aa40969133c827c8aba22c8be09a55638dc94f5a1be3ea72b2fb62d97be0099409cbca13febf454bcccc82fb5f84d342fea2a3f9ee4fb0a831977e5cd4210d81591be9ae74894433b2906013aaf044c5bed77135e8c657e23b9e94752289f680146fe22d86637131b84a52058f6b16f8add4835755284df5395b013ce7431e36bd3992e9616547a007a25b8004b1b8f4e6b7f0951346578703bc135496c63a0ecdb1000fce47c0a6de70b3f907f7b67548a1d25ddf46cba7d1e1876a8bee339baedaf600744ffdc87b89d293cd00ce01df6054b903b153473aa10b", 0x1000}, {&(0x7f0000000480)="320791209d3143c27a5685492a88b542d0db901890d526864b676e55", 0x1c}, {&(0x7f0000001880)="7a5f5d7ab95c0692d2411649f91819a01efc2426c18d060cfddc0ff49a1b4a0349ac9d90800fe2ac1f815994c14ed8178b367ad8273a93df5926dfddf581db24581ab6c1078c33ca2b867bf3177fedc28ca76990", 0x54}, {&(0x7f0000001900)="5e1297c7ba16d1189a97895e9e44235166e3f48295f43313db2319d53339b0a3b6e98760e4695c06eb2283e1964b5662a5d45b4a43ba3a5436b0016471a0986d5c91b3274494cbcb6ea023402f128c95980f83e57a93125dd8d5527df6c439bb80a8c81fd3ecca9a7ecbd21274bc83ebee82a6b99e448e6b0830d1dc19c34c583e6e262165ed9ca39bd7c77fd51db2f779bebc36c3c4968b3e821e9f5f91f35e54627f9116c435336a0397020917300e57e28fd6737c270a0bcb225730b70c48eef3347bca05ad8c3f5fd94a0dd58cb2e81afcbfe0a52d386ad8f39825703038b447b2a09cd6ac747ef1", 0xea}, {&(0x7f0000001a00)="1b2091e927e7d0a28a080a967c1143edb33753f315d9e49ba8a1375a2d3352aa275e79b385db4269e7a2b2b2f0fa1627ed9e3f355056a67ef8ceaef4e5b722a0fe4dae62fc34532d6665bb8bbf658284394445b2567d8de2c1170e7644325b7f5b4f0cf7a1c566b7a4a775bbb266e218a047745ceff2bf840e0835e6ce5566edd8f1c01ff1d9806926f1590694c47fe7f814d913", 0x94}], 0x8, &(0x7f0000002c40)=[@sndinfo={0x20, 0x84, 0x2, {0x50, 0x206, 0x1, 0xfffffffb, r3}}, @init={0x18, 0x84, 0x0, {0x7f, 0x4, 0x33d4}}, @authinfo={0x18, 0x84, 0x6, {0x7ff}}, @prinfo={0x18, 0x84, 0x5, {0x30, 0x6}}], 0x68, 0x40}, 0x800) r4 = socket$inet_sctp(0x2, 0x1, 0x84) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000280)="89", 0x1}], 0x1}, 0x240000d5) recvfrom(r5, 0x0, 0xfffffddb, 0x40000023, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r11, 0x0, r12, 0x0, 0xf3a, 0x0) write(r9, &(0x7f0000000240)="94", 0x1) vmsplice(r12, &(0x7f0000000380)=[{&(0x7f0000013580)="0dd2e7c8926dc6acd0ae6c178054e95986faff9544de5fc4c30adf404da41181a77466ac5075905ea5f50134fdd517a957fe2ee59b61f9fe8d7aabe595ea23de2723e437af0423a56686a4c2d957be1a0ab922fbbd3cb1d8c6ab0d58440a327c8eb05d445b4ac5f20abe449e4084f8b996268d0564f67980d3ed3479e0edfe5cec7b4f89bface391c9c4c58ad123b91c33173c72326d1df18804a9ea20f9ece48f784d8ca2318e3d2b316666b5dfb7295c4915989d5bcb120e8fedaa97b93a137c256ce4", 0x20013644}, {&(0x7f0000013680)="c578381bf5113dad8319d9ea5294285ae9a90384ce23866477bef9de4399237d8b3522c9c194e71edaf3332a2f169682f9d8fa271683d4d441b710409e506333e0c3b64e52e8720734b6787f4a84f5bebb046649c6c697d978affd349031b2cd874c7a8961a586a9f2d62f945e7a5bf2f5f7a31684c0503704881d2578a2a98ac3ef4e4a4b0dcdb70db735d5c1652eed3848b2dd4131bb0eb7cfadfaf5", 0x9d}], 0x2, 0x0) tee(r8, r12, 0x8f5, 0x0) write(r10, 0x0, 0x0) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x8000004) preadv(r4, &(0x7f0000000500)=[{&(0x7f00000000c0)=""/162, 0xa2}, {&(0x7f0000000180)=""/63, 0x3f}, {&(0x7f0000000200)=""/86, 0x56}, {&(0x7f0000000600)=""/4096, 0x1000}, {&(0x7f00000002c0)=""/143, 0x8f}, {&(0x7f0000000400)=""/120, 0x78}], 0x6, 0x0, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="140100001f00f9ffff7f00000000000001"], 0x114}], 0x1}, 0x0) r13 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0a41, 0x0) ioctl$TUNSETIFF(r13, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0x4002}) write$tun(r13, &(0x7f0000000240)={@val={0x0, 0x18}, @val={0x3, 0x1, 0x3, 0xffff, 0xc4, 0x10}, @ipv4=@tcp={{0x5, 0x4, 0x3, 0x4, 0xd8, 0x65, 0x0, 0x9, 0x6, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast}, {{0x4e20, 0x4e22, 0x41424344, 0x41424344, 0x1, 0x0, 0x1d, 0x80, 0x7, 0x0, 0x9, {[@mptcp=@remove_addr={0x1e, 0x59, 0x6, 0x0, "3bcc55e2fb4b662a463b24b28a4fafb428a89d60f9547d33690c48bf9581455479f14cea31faf5212327c508ed14d3cc9f1b20adaecc3b4c664e61295f92adc7b03928e6f24a8ee8e299effe97537d57096d808d21b4"}, @exp_fastopen={0xfe, 0x4}]}}, {"13d3b3875dfd9a3f6328f33f09ceec09986b30406704e2560f04592cb4869c77658fcb3eca004c77b183c5840dbb0fd30bcd067737d3f07dff1755aac0e628d921d141b089c15306c066b177aab800b1"}}}}, 0xe6) 498.434829ms ago: executing program 1 (id=382): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00'}, 0x94) sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10) r1 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) bind$bt_hci(r1, &(0x7f0000000000)={0x27}, 0x74) sendmmsg$unix(r1, &(0x7f0000000b00)=[{{&(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}, {{&(0x7f0000000e80)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000740)}}, {{&(0x7f0000000580)=@file={0x0, './file0/file0\x00'}, 0x6e, &(0x7f00000006c0)=[{&(0x7f0000000600)='z', 0x1}], 0x1}}], 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000400)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000e40)={&(0x7f0000000640)={0x30, r5, 0x1, 0x70bd2a, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_SCAN_FREQUENCIES={0x14, 0x2c, 0x0, 0x1, [{0x8, 0x0, 0x23}, {0x8, 0x0, 0x23}]}]}, 0x30}}, 0x40084) socket$nl_route(0x10, 0x3, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c75150926b00000000", @ANYRES32=r7, @ANYBLOB="fe000000000000001c0012000c000100626f6e64000000000c0002000800010004"], 0x3c}}, 0x0) r8 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r8, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=@newlink={0x20, 0x10, 0x403, 0x0, 0xfffffffc, {0x0, 0x0, 0x0, r7, 0xff7f}}, 0x20}}, 0x0) 415.735518ms ago: executing program 0 (id=383): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x400, 0x0, 0x30, 0x0, 0xa3}, 0x9c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback={0xa000000}}, 0x1c) shutdown(r0, 0x2) 296.08887ms ago: executing program 2 (id=384): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x4001, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="50000000090601020000000000000000020000840900020073797a31000020000500010007000000280007800c00018008000140fffffff70500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80) 27.684126ms ago: executing program 2 (id=385): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$TIPC_NL_BEARER_SET(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000325bd7000fbdbdf25050000000c000980080002000300000028000280080001"], 0x46}}, 0x4004) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newtaction={0xa0, 0x30, 0x51b, 0x0, 0x0, {}, [{0x8c, 0x1, [@m_skbmod={0x5c, 0x1, 0x0, 0x0, {{0xb}, {0x30, 0x2, 0x0, 0x1, [@TCA_SKBMOD_PARMS={0x24, 0x2, {{0x7fffffff, 0x0, 0x0, 0xfffffffd}}}, @TCA_SKBMOD_ETYPE={0x6, 0x5, 0x6}]}, {0x4, 0x14}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x6}}}, @m_ct={0x2c, 0x2, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x1}}}}]}]}, 0xa0}}, 0x14008004) sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000380)=ANY=[@ANYBLOB="180100002e00010000000000fcdbdf250801f2800c00180008ac0f0000000000140001"], 0x118}], 0x1, 0x0, 0x0, 0x1}, 0x0) (fail_nth: 7) 0s ago: executing program 0 (id=386): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x3c, r1, 0x1, 0x0, 0x0, {0x3d}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x82}}]}, 0x3c}}, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendmsg$inet(r2, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000140)="be38", 0xffe7}], 0x1, &(0x7f0000000080)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaac14140000000b001400000000000000000000000700000007038b0100000000"], 0x38}, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.172' (ED25519) to the list of known hosts. [ 84.464724][ T5839] cgroup: Unknown subsys name 'net' [ 84.593973][ T5839] cgroup: Unknown subsys name 'cpuset' [ 84.603572][ T5839] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 86.273543][ T5839] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 88.973342][ T5865] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 88.982323][ T5865] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 88.990068][ T5862] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 88.997788][ T5865] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 89.005882][ T5865] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 89.006599][ T5862] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 89.013851][ T5865] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 89.028431][ T5865] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 89.036257][ T5865] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 89.041824][ T5862] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 89.044669][ T5865] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 89.058973][ T5865] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 89.070895][ T5867] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 89.090099][ T5865] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 89.110491][ T5869] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 89.118505][ T5869] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 89.126267][ T5869] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 89.126287][ T5870] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 89.134314][ T5869] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 89.150262][ T5870] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 89.151691][ T5869] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 89.167721][ T5869] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 89.175216][ T5869] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 89.183706][ T5869] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 89.191175][ T5869] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 89.816329][ T5849] chnl_net:caif_netlink_parms(): no params data found [ 89.979606][ T5856] chnl_net:caif_netlink_parms(): no params data found [ 89.994149][ T5851] chnl_net:caif_netlink_parms(): no params data found [ 90.082886][ T5850] chnl_net:caif_netlink_parms(): no params data found [ 90.107469][ T5860] chnl_net:caif_netlink_parms(): no params data found [ 90.197063][ T5849] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.204900][ T5849] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.213087][ T5849] bridge_slave_0: entered allmulticast mode [ 90.220593][ T5849] bridge_slave_0: entered promiscuous mode [ 90.238391][ T5849] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.246013][ T5849] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.253456][ T5849] bridge_slave_1: entered allmulticast mode [ 90.262856][ T5849] bridge_slave_1: entered promiscuous mode [ 90.377807][ T5856] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.385238][ T5856] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.392974][ T5856] bridge_slave_0: entered allmulticast mode [ 90.401228][ T5856] bridge_slave_0: entered promiscuous mode [ 90.447233][ T5856] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.456857][ T5856] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.464716][ T5856] bridge_slave_1: entered allmulticast mode [ 90.472891][ T5856] bridge_slave_1: entered promiscuous mode [ 90.488122][ T5849] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 90.497618][ T5851] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.505476][ T5851] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.512823][ T5851] bridge_slave_0: entered allmulticast mode [ 90.520991][ T5851] bridge_slave_0: entered promiscuous mode [ 90.556615][ T5849] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 90.566016][ T5851] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.574488][ T5851] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.582004][ T5851] bridge_slave_1: entered allmulticast mode [ 90.589532][ T5851] bridge_slave_1: entered promiscuous mode [ 90.682005][ T5856] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 90.694011][ T5856] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 90.745112][ T5850] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.753080][ T5850] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.760388][ T5850] bridge_slave_0: entered allmulticast mode [ 90.767659][ T5850] bridge_slave_0: entered promiscuous mode [ 90.804640][ T5860] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.814445][ T5860] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.822106][ T5860] bridge_slave_0: entered allmulticast mode [ 90.829316][ T5860] bridge_slave_0: entered promiscuous mode [ 90.841221][ T5849] team0: Port device team_slave_0 added [ 90.851522][ T5851] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 90.861163][ T5850] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.868392][ T5850] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.875975][ T5850] bridge_slave_1: entered allmulticast mode [ 90.883398][ T5850] bridge_slave_1: entered promiscuous mode [ 90.906416][ T5856] team0: Port device team_slave_0 added [ 90.915723][ T5856] team0: Port device team_slave_1 added [ 90.922543][ T5860] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.929819][ T5860] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.937170][ T5860] bridge_slave_1: entered allmulticast mode [ 90.944814][ T5860] bridge_slave_1: entered promiscuous mode [ 90.967261][ T5849] team0: Port device team_slave_1 added [ 90.975529][ T5851] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.067349][ T5851] team0: Port device team_slave_0 added [ 91.081166][ T5850] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.106397][ T5860] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.131331][ T5851] team0: Port device team_slave_1 added [ 91.138271][ T5849] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 91.145572][ T5849] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 91.171807][ T5849] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 91.182799][ T5869] Bluetooth: hci0: command tx timeout [ 91.189047][ T5850] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.199496][ T5856] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 91.207031][ T5856] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 91.233313][ T5859] Bluetooth: hci2: command tx timeout [ 91.233361][ T5856] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 91.239151][ T5869] Bluetooth: hci1: command tx timeout [ 91.255356][ T5859] Bluetooth: hci3: command tx timeout [ 91.255365][ T5854] Bluetooth: hci4: command tx timeout [ 91.257337][ T5856] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 91.273752][ T5856] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 91.300063][ T5856] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 91.314719][ T5860] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.338111][ T5849] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 91.345280][ T5849] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 91.371273][ T5849] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 91.443653][ T5851] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 91.450669][ T5851] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 91.477130][ T5851] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 91.509758][ T5850] team0: Port device team_slave_0 added [ 91.518546][ T5850] team0: Port device team_slave_1 added [ 91.526514][ T5860] team0: Port device team_slave_0 added [ 91.535402][ T5860] team0: Port device team_slave_1 added [ 91.543361][ T5851] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 91.553159][ T5851] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 91.579814][ T5851] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 91.686046][ T5850] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 91.693180][ T5850] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 91.719487][ T5850] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 91.731918][ T5860] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 91.738891][ T5860] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 91.769454][ T5860] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 91.783182][ T5860] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 91.790226][ T5860] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 91.816321][ T5860] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 91.855789][ T5856] hsr_slave_0: entered promiscuous mode [ 91.862908][ T5856] hsr_slave_1: entered promiscuous mode [ 91.872315][ T5850] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 91.879277][ T5850] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 91.905580][ T5850] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 91.953494][ T5849] hsr_slave_0: entered promiscuous mode [ 91.960097][ T5849] hsr_slave_1: entered promiscuous mode [ 91.966270][ T5849] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 91.974489][ T5849] Cannot create hsr debugfs directory [ 92.044631][ T10] cfg80211: failed to load regulatory.db [ 92.093957][ T5851] hsr_slave_0: entered promiscuous mode [ 92.100688][ T5851] hsr_slave_1: entered promiscuous mode [ 92.107051][ T5851] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 92.118813][ T5851] Cannot create hsr debugfs directory [ 92.149812][ T5860] hsr_slave_0: entered promiscuous mode [ 92.156201][ T5860] hsr_slave_1: entered promiscuous mode [ 92.162635][ T5860] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 92.170525][ T5860] Cannot create hsr debugfs directory [ 92.283429][ T5850] hsr_slave_0: entered promiscuous mode [ 92.290214][ T5850] hsr_slave_1: entered promiscuous mode [ 92.296372][ T5850] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 92.306304][ T5850] Cannot create hsr debugfs directory [ 92.820467][ T5856] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 92.835941][ T5856] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 92.852347][ T5856] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 92.865636][ T5856] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 92.934438][ T5849] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 92.961221][ T5849] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 92.986527][ T5849] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 92.998951][ T5849] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 93.067908][ T5860] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 93.091878][ T5860] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 93.126445][ T5860] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 93.137901][ T5860] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 93.206572][ T5851] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 93.218586][ T5851] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 93.230863][ T5869] Bluetooth: hci0: command tx timeout [ 93.266628][ T5851] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 93.287402][ T5851] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 93.310168][ T5859] Bluetooth: hci1: command tx timeout [ 93.310807][ T5854] Bluetooth: hci3: command tx timeout [ 93.315614][ T5859] Bluetooth: hci2: command tx timeout [ 93.326758][ T5869] Bluetooth: hci4: command tx timeout [ 93.422643][ T5850] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 93.443025][ T5856] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.457871][ T5850] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 93.481037][ T5850] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 93.513979][ T5850] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 93.544348][ T5856] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.557638][ T5849] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.586779][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.594041][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.631035][ T3581] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.638318][ T3581] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.674145][ T5849] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.711293][ T3581] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.718470][ T3581] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.738261][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.745461][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.819210][ T5860] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.885063][ T5851] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.971369][ T5860] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.997648][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.004878][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 94.025308][ T5851] 8021q: adding VLAN 0 to HW filter on device team0 [ 94.067555][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.074803][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.122914][ T3478] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.130177][ T3478] bridge0: port 1(bridge_slave_0) entered forwarding state [ 94.147824][ T5850] 8021q: adding VLAN 0 to HW filter on device bond0 [ 94.189390][ T3454] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.196864][ T3454] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.253841][ T5850] 8021q: adding VLAN 0 to HW filter on device team0 [ 94.301958][ T3454] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.309148][ T3454] bridge0: port 1(bridge_slave_0) entered forwarding state [ 94.364942][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.372208][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.434711][ T5856] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.648248][ T5849] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.674584][ T5856] veth0_vlan: entered promiscuous mode [ 94.774000][ T5856] veth1_vlan: entered promiscuous mode [ 94.786769][ T5860] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.928454][ T5849] veth0_vlan: entered promiscuous mode [ 94.938664][ T5856] veth0_macvtap: entered promiscuous mode [ 94.963506][ T5851] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.996954][ T5856] veth1_macvtap: entered promiscuous mode [ 95.033619][ T5849] veth1_vlan: entered promiscuous mode [ 95.074638][ T5860] veth0_vlan: entered promiscuous mode [ 95.099032][ T5856] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.134052][ T5860] veth1_vlan: entered promiscuous mode [ 95.177085][ T5856] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.238384][ T36] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.264810][ T36] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.294788][ T36] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.310515][ T5869] Bluetooth: hci0: command tx timeout [ 95.323810][ T36] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.344730][ T5849] veth0_macvtap: entered promiscuous mode [ 95.368175][ T5849] veth1_macvtap: entered promiscuous mode [ 95.390595][ T5869] Bluetooth: hci3: command tx timeout [ 95.396050][ T5869] Bluetooth: hci1: command tx timeout [ 95.404112][ T5859] Bluetooth: hci4: command tx timeout [ 95.404194][ T5854] Bluetooth: hci2: command tx timeout [ 95.424189][ T5850] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 95.448506][ T5860] veth0_macvtap: entered promiscuous mode [ 95.507379][ T5849] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.530512][ T5860] veth1_macvtap: entered promiscuous mode [ 95.542118][ T5849] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.600551][ T5860] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.615115][ T3546] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.624517][ T3546] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.661223][ T3546] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.670172][ T3546] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.693242][ T5860] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.726862][ T5851] veth0_vlan: entered promiscuous mode [ 95.756251][ T3478] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.766086][ T3478] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.779094][ T36] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.789449][ T36] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.813852][ T36] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.825196][ T36] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.841340][ T5850] veth0_vlan: entered promiscuous mode [ 95.872226][ T5851] veth1_vlan: entered promiscuous mode [ 95.898388][ T3478] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.915413][ T3478] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.924021][ T5850] veth1_vlan: entered promiscuous mode [ 96.005976][ T3478] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.013012][ T5851] veth0_macvtap: entered promiscuous mode [ 96.019614][ T3478] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.036508][ T3478] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.050390][ T3478] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.081241][ T5851] veth1_macvtap: entered promiscuous mode [ 96.156458][ T3581] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.173251][ T5851] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.181451][ T3581] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.197306][ T5856] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 96.206112][ T5850] veth0_macvtap: entered promiscuous mode [ 96.246952][ T5850] veth1_macvtap: entered promiscuous mode [ 96.298468][ T5851] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 96.338323][ T3546] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.356941][ T3546] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.360263][ T132] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.391493][ T132] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.446988][ T132] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.467744][ T132] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.524328][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.576828][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 96.627520][ T5977] netlink: 84 bytes leftover after parsing attributes in process `syz.2.6'. [ 96.650128][ T5977] netlink: 84 bytes leftover after parsing attributes in process `syz.2.6'. [ 96.684193][ T36] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.755619][ T36] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.814934][ T36] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.841317][ T36] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.965620][ T5981] netlink: 24 bytes leftover after parsing attributes in process `syz.2.7'. [ 97.028364][ T3478] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.046235][ T3478] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.144976][ T3546] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.186792][ T3546] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.298015][ T5992] xt_TPROXY: Can be used only with -p tcp or -p udp [ 97.307687][ T3546] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.358291][ T3546] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.365823][ T5994] Zero length message leads to an empty skb [ 97.387994][ T5994] netlink: 'syz.0.13': attribute type 1 has an invalid length. [ 97.398019][ T5854] Bluetooth: hci0: command tx timeout [ 97.405813][ T5996] netlink: 'syz.3.12': attribute type 5 has an invalid length. [ 97.451512][ T5992] xt_CT: No such helper "snmp" [ 97.470024][ T5854] Bluetooth: hci1: command tx timeout [ 97.475492][ T5854] Bluetooth: hci4: command tx timeout [ 97.481136][ T5869] Bluetooth: hci2: command tx timeout [ 97.486583][ T5869] Bluetooth: hci3: command tx timeout [ 97.522724][ T6003] netlink: 16 bytes leftover after parsing attributes in process `syz.0.13'. [ 97.614669][ T5994] 8021q: adding VLAN 0 to HW filter on device bond1 [ 97.635647][ T3478] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.658376][ T3478] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.737092][ T5996] ip6erspan0: entered promiscuous mode [ 98.226431][ T6018] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 98.545959][ T6025] netlink: 180 bytes leftover after parsing attributes in process `syz.2.18'. [ 98.886332][ T6043] FAULT_INJECTION: forcing a failure. [ 98.886332][ T6043] name failslab, interval 1, probability 0, space 0, times 1 [ 98.933187][ T6043] CPU: 1 UID: 0 PID: 6043 Comm: syz.0.21 Not tainted 6.16.0-rc5-syzkaller-01231-g96698d1898bc #0 PREEMPT(full) [ 98.933217][ T6043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 98.933237][ T6043] Call Trace: [ 98.933246][ T6043] [ 98.933255][ T6043] dump_stack_lvl+0x189/0x250 [ 98.933292][ T6043] ? __pfx____ratelimit+0x10/0x10 [ 98.933319][ T6043] ? __pfx_dump_stack_lvl+0x10/0x10 [ 98.933344][ T6043] ? __pfx__printk+0x10/0x10 [ 98.933378][ T6043] ? __pfx___might_resched+0x10/0x10 [ 98.933401][ T6043] ? fs_reclaim_acquire+0x7d/0x100 [ 98.933434][ T6043] should_fail_ex+0x414/0x560 [ 98.933468][ T6043] should_failslab+0xa8/0x100 [ 98.933496][ T6043] __kmalloc_node_track_caller_noprof+0xcc/0x4e0 [ 98.933519][ T6043] ? __kthread_create_on_node+0x1c6/0x3e0 [ 98.933551][ T6043] kvasprintf+0xdc/0x190 [ 98.933579][ T6043] ? __pfx_kvasprintf+0x10/0x10 [ 98.933604][ T6043] ? __kasan_kmalloc+0x93/0xb0 [ 98.933631][ T6043] ? __kthread_create_on_node+0xef/0x3e0 [ 98.933662][ T6043] __kthread_create_on_node+0x1c6/0x3e0 [ 98.933692][ T6043] ? __pfx___kthread_create_on_node+0x10/0x10 [ 98.933729][ T6043] ? __lock_acquire+0xab9/0xd20 [ 98.933752][ T6043] ? __pfx_rxrpc_io_thread+0x10/0x10 [ 98.933791][ T6043] ? __pfx_rxrpc_io_thread+0x10/0x10 [ 98.933822][ T6043] kthread_create_on_node+0xdd/0x130 [ 98.933856][ T6043] ? __pfx_kthread_create_on_node+0x10/0x10 [ 98.933891][ T6043] ? do_raw_spin_unlock+0x122/0x240 [ 98.933924][ T6043] rxrpc_lookup_local+0xe70/0x1410 [ 98.933955][ T6043] ? __pfx_rxrpc_lookup_local+0x10/0x10 [ 98.933974][ T6043] ? __pfx_rxrpc_encap_rcv+0x10/0x10 [ 98.934003][ T6043] ? __pfx_rxrpc_encap_err_rcv+0x10/0x10 [ 98.934027][ T6043] ? __local_bh_enable_ip+0x12d/0x1c0 [ 98.934055][ T6043] ? __local_bh_enable_ip+0x12d/0x1c0 [ 98.934082][ T6043] ? do_raw_spin_unlock+0x122/0x240 [ 98.934121][ T6043] rxrpc_sendmsg+0x399/0x710 [ 98.934155][ T6043] ? __pfx_rxrpc_sendmsg+0x10/0x10 [ 98.934185][ T6043] __sock_sendmsg+0x21c/0x270 [ 98.934214][ T6043] ____sys_sendmsg+0x505/0x830 [ 98.934240][ T6043] ? __pfx_____sys_sendmsg+0x10/0x10 [ 98.934283][ T6043] ? import_iovec+0x74/0xa0 [ 98.934310][ T6043] ___sys_sendmsg+0x21f/0x2a0 [ 98.934332][ T6043] ? __pfx____sys_sendmsg+0x10/0x10 [ 98.934392][ T6043] ? __fget_files+0x2a/0x420 [ 98.934417][ T6043] ? __fget_files+0x3a0/0x420 [ 98.934455][ T6043] __x64_sys_sendmsg+0x19b/0x260 [ 98.934478][ T6043] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 98.934510][ T6043] ? __pfx_ksys_write+0x10/0x10 [ 98.934530][ T6043] ? rcu_is_watching+0x15/0xb0 [ 98.934561][ T6043] ? do_syscall_64+0xbe/0x3b0 [ 98.934594][ T6043] do_syscall_64+0xfa/0x3b0 [ 98.934621][ T6043] ? lockdep_hardirqs_on+0x9c/0x150 [ 98.934647][ T6043] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 98.934667][ T6043] ? clear_bhb_loop+0x60/0xb0 [ 98.934692][ T6043] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 98.934712][ T6043] RIP: 0033:0x7fa2d6d8e929 [ 98.934738][ T6043] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 98.934755][ T6043] RSP: 002b:00007fa2d7b3b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 98.934785][ T6043] RAX: ffffffffffffffda RBX: 00007fa2d6fb5fa0 RCX: 00007fa2d6d8e929 [ 98.934800][ T6043] RDX: 0000000000000000 RSI: 0000200000002780 RDI: 0000000000000003 [ 98.934813][ T6043] RBP: 00007fa2d7b3b090 R08: 0000000000000000 R09: 0000000000000000 [ 98.934825][ T6043] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 98.934836][ T6043] R13: 0000000000000000 R14: 00007fa2d6fb5fa0 R15: 00007ffde4a0c7d8 [ 98.934869][ T6043] [ 99.488389][ T6030] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue [ 99.590861][ T6050] netlink: 'syz.1.22': attribute type 4 has an invalid length. [ 99.611477][ T6030] syzkaller0: entered promiscuous mode [ 99.628849][ T6049] netlink: 24 bytes leftover after parsing attributes in process `syz.0.23'. [ 99.650984][ T6030] syzkaller0: entered allmulticast mode [ 99.674836][ T6051] netlink: 'syz.1.22': attribute type 4 has an invalid length. [ 99.686689][ T6049] netlink: 84 bytes leftover after parsing attributes in process `syz.0.23'. [ 100.023025][ T6059] netlink: 20 bytes leftover after parsing attributes in process `syz.0.27'. [ 100.038496][ T6059] x_tables: ip_tables: udp match: only valid for protocol 17 [ 101.011043][ T6085] netlink: 8 bytes leftover after parsing attributes in process `syz.3.38'. [ 101.125436][ T6087] trusted_key: syz.3.38 sent an empty control message without MSG_MORE. [ 101.590065][ T6068] netem: incorrect gi model size [ 101.595281][ T6068] netem: change failed [ 101.661196][ T6081] netlink: 136 bytes leftover after parsing attributes in process `syz.2.35'. [ 101.675119][ T6081] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 101.810243][ T6090] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 101.917242][ T6095] (unnamed net_device) (uninitialized): option xmit_hash_policy: invalid value (34) [ 101.972392][ T6085] syz.3.38 (6085) used greatest stack depth: 17080 bytes left [ 102.015215][ T6092] netlink: 8 bytes leftover after parsing attributes in process `syz.4.40'. [ 102.209213][ T6104] netlink: 'syz.3.43': attribute type 4 has an invalid length. [ 102.266292][ T6108] netlink: 'syz.3.43': attribute type 4 has an invalid length. [ 102.387749][ T6114] syz.0.45 uses obsolete (PF_INET,SOCK_PACKET) [ 102.818060][ T6128] netlink: 4 bytes leftover after parsing attributes in process `syz.4.50'. [ 102.890638][ T6128] bridge_slave_1: left allmulticast mode [ 102.920312][ T6128] bridge_slave_1: left promiscuous mode [ 102.942465][ T6128] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.970384][ T6126] netlink: 'syz.4.50': attribute type 5 has an invalid length. [ 103.000063][ T6128] bridge_slave_0: left allmulticast mode [ 103.032550][ T6128] bridge_slave_0: left promiscuous mode [ 103.038540][ T6128] bridge0: port 1(bridge_slave_0) entered disabled state [ 103.323596][ T6137] netlink: 20 bytes leftover after parsing attributes in process `syz.0.52'. [ 103.581742][ T6151] netlink: 'syz.2.56': attribute type 4 has an invalid length. [ 103.598836][ T6151] netlink: 4 bytes leftover after parsing attributes in process `syz.2.56'. [ 104.081337][ T6170] FAULT_INJECTION: forcing a failure. [ 104.081337][ T6170] name failslab, interval 1, probability 0, space 0, times 0 [ 104.103444][ T6173] netlink: 32 bytes leftover after parsing attributes in process `syz.0.64'. [ 104.115235][ T6170] CPU: 0 UID: 0 PID: 6170 Comm: syz.4.63 Not tainted 6.16.0-rc5-syzkaller-01231-g96698d1898bc #0 PREEMPT(full) [ 104.115263][ T6170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 104.115276][ T6170] Call Trace: [ 104.115283][ T6170] [ 104.115292][ T6170] dump_stack_lvl+0x189/0x250 [ 104.115321][ T6170] ? __pfx____ratelimit+0x10/0x10 [ 104.115348][ T6170] ? __pfx_dump_stack_lvl+0x10/0x10 [ 104.115372][ T6170] ? __pfx__printk+0x10/0x10 [ 104.115404][ T6170] ? __pfx___might_resched+0x10/0x10 [ 104.115433][ T6170] should_fail_ex+0x414/0x560 [ 104.115472][ T6170] should_failslab+0xa8/0x100 [ 104.115510][ T6170] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 104.115533][ T6170] ? __alloc_skb+0x112/0x2d0 [ 104.115563][ T6170] __alloc_skb+0x112/0x2d0 [ 104.115592][ T6170] netlink_sendmsg+0x5c6/0xb30 [ 104.115627][ T6170] ? __pfx_netlink_sendmsg+0x10/0x10 [ 104.115655][ T6170] ? aa_sock_msg_perm+0x94/0x160 [ 104.115688][ T6170] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 104.115715][ T6170] ? __pfx_netlink_sendmsg+0x10/0x10 [ 104.115741][ T6170] __sock_sendmsg+0x21c/0x270 [ 104.115785][ T6170] ____sys_sendmsg+0x505/0x830 [ 104.115810][ T6170] ? __pfx_____sys_sendmsg+0x10/0x10 [ 104.115851][ T6170] ? import_iovec+0x74/0xa0 [ 104.115877][ T6170] ___sys_sendmsg+0x21f/0x2a0 [ 104.115898][ T6170] ? __pfx____sys_sendmsg+0x10/0x10 [ 104.115955][ T6170] ? __fget_files+0x2a/0x420 [ 104.115979][ T6170] ? __fget_files+0x3a0/0x420 [ 104.116016][ T6170] __x64_sys_sendmsg+0x19b/0x260 [ 104.116033][ T6170] ? schedule+0x165/0x360 [ 104.116059][ T6170] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 104.116097][ T6170] ? do_syscall_64+0xbe/0x3b0 [ 104.116128][ T6170] do_syscall_64+0xfa/0x3b0 [ 104.116157][ T6170] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 104.116175][ T6170] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 104.116194][ T6170] ? clear_bhb_loop+0x60/0xb0 [ 104.116218][ T6170] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 104.116237][ T6170] RIP: 0033:0x7f16f4b8e929 [ 104.116255][ T6170] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 104.116271][ T6170] RSP: 002b:00007f16f5a1c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 104.116291][ T6170] RAX: ffffffffffffffda RBX: 00007f16f4db5fa0 RCX: 00007f16f4b8e929 [ 104.116305][ T6170] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000006 [ 104.116317][ T6170] RBP: 00007f16f5a1c090 R08: 0000000000000000 R09: 0000000000000000 [ 104.116329][ T6170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 104.116340][ T6170] R13: 0000000000000000 R14: 00007f16f4db5fa0 R15: 00007ffd3fe24e28 [ 104.116371][ T6170] [ 104.651822][ T6182] netlink: 16 bytes leftover after parsing attributes in process `syz.3.65'. [ 105.461725][ T6218] set match dimension is over the limit! [ 105.690473][ T6224] Bluetooth: MGMT ver 1.23 [ 105.756055][ T6226] wg2: entered promiscuous mode [ 105.768204][ T6226] netlink: 20 bytes leftover after parsing attributes in process `syz.2.83'. [ 105.889450][ T6232] netlink: 'syz.0.87': attribute type 1 has an invalid length. [ 105.932587][ T6232] netlink: 'syz.0.87': attribute type 4 has an invalid length. [ 105.950094][ T6232] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.87'. [ 106.144665][ T6241] netlink: 28 bytes leftover after parsing attributes in process `syz.2.91'. [ 106.355514][ T6246] team0: No ports can be present during mode change [ 106.561586][ T6247] bond_slave_0: entered promiscuous mode [ 106.567507][ T6247] bond_slave_1: entered promiscuous mode [ 106.604429][ T6247] vlan2: entered promiscuous mode [ 106.609522][ T6247] bond0: entered promiscuous mode [ 106.716738][ T6260] netlink: 16 bytes leftover after parsing attributes in process `syz.2.98'. [ 106.988210][ T6268] Cannot find set identified by id 0 to match [ 107.061659][ T6273] netlink: 24 bytes leftover after parsing attributes in process `syz.0.100'. [ 107.190194][ T6277] netlink: 'syz.4.104': attribute type 10 has an invalid length. [ 107.222267][ T6271] netlink: 12 bytes leftover after parsing attributes in process `syz.0.100'. [ 107.261336][ T6281] netlink: 'syz.4.104': attribute type 10 has an invalid length. [ 107.309984][ T6281] netlink: 40 bytes leftover after parsing attributes in process `syz.4.104'. [ 107.361942][ T6277] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 107.411661][ T6277] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 107.432755][ T6288] netlink: 104 bytes leftover after parsing attributes in process `syz.0.109'. [ 107.448804][ T6281] batadv0: entered promiscuous mode [ 107.455869][ T6292] netlink: 'syz.3.110': attribute type 1 has an invalid length. [ 107.464033][ T6292] netlink: 'syz.3.110': attribute type 4 has an invalid length. [ 107.473564][ T6281] batadv0: entered allmulticast mode [ 107.479014][ T6292] netlink: 9462 bytes leftover after parsing attributes in process `syz.3.110'. [ 107.496122][ T6281] bond0: (slave batadv0): Releasing backup interface [ 107.533622][ T6281] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check. [ 107.741807][ T6300] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 107.987116][ T6308] netlink: zone id is out of range [ 108.020881][ T6308] netlink: zone id is out of range [ 108.060568][ T6308] netlink: zone id is out of range [ 108.103436][ T6308] netlink: zone id is out of range [ 108.131257][ T6308] netlink: zone id is out of range [ 108.148101][ T6283] bridge0: port 2(bridge_slave_1) entered disabled state [ 108.152079][ T6308] netlink: zone id is out of range [ 108.156709][ T6283] bridge0: port 1(bridge_slave_0) entered disabled state [ 108.187033][ T6308] netlink: zone id is out of range [ 108.214344][ T6308] netlink: zone id is out of range [ 108.231462][ T6308] netlink: zone id is out of range [ 108.711696][ T6283] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 108.750742][ T6283] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 109.249040][ T6305] pim6reg: entered allmulticast mode [ 109.287659][ T6305] pim6reg: left allmulticast mode [ 109.434722][ T6340] x_tables: duplicate underflow at hook 2 [ 109.510087][ T3546] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.544475][ T3546] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.575822][ T3546] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.623229][ T3546] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.691553][ T6354] netlink: 12 bytes leftover after parsing attributes in process `syz.2.124'. [ 109.802277][ T6334] IPVS: starting estimator thread 0... [ 109.950526][ T6356] IPVS: using max 26 ests per chain, 62400 per kthread [ 109.988399][ T6364] netlink: 20 bytes leftover after parsing attributes in process `syz.1.127'. [ 110.200357][ T6369] netlink: 8 bytes leftover after parsing attributes in process `syz.1.129'. [ 110.233818][ T6371] netlink: 'syz.2.130': attribute type 1 has an invalid length. [ 110.248376][ T6371] netlink: 'syz.2.130': attribute type 4 has an invalid length. [ 110.265637][ T6371] netlink: 9462 bytes leftover after parsing attributes in process `syz.2.130'. [ 110.885872][ T6392] FAULT_INJECTION: forcing a failure. [ 110.885872][ T6392] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 110.900305][ T6392] CPU: 0 UID: 0 PID: 6392 Comm: syz.4.138 Not tainted 6.16.0-rc5-syzkaller-01231-g96698d1898bc #0 PREEMPT(full) [ 110.900333][ T6392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 110.900345][ T6392] Call Trace: [ 110.900353][ T6392] [ 110.900362][ T6392] dump_stack_lvl+0x189/0x250 [ 110.900393][ T6392] ? __pfx____ratelimit+0x10/0x10 [ 110.900420][ T6392] ? __pfx_dump_stack_lvl+0x10/0x10 [ 110.900445][ T6392] ? __pfx__printk+0x10/0x10 [ 110.900472][ T6392] ? __might_fault+0xb0/0x130 [ 110.900508][ T6392] should_fail_ex+0x414/0x560 [ 110.900552][ T6392] _copy_from_iter+0x1db/0x16f0 [ 110.900577][ T6392] ? rcu_is_watching+0x15/0xb0 [ 110.900602][ T6392] ? kmem_cache_alloc_node_noprof+0x217/0x3c0 [ 110.900627][ T6392] ? __pfx__copy_from_iter+0x10/0x10 [ 110.900649][ T6392] ? __build_skb_around+0x257/0x3e0 [ 110.900682][ T6392] ? netlink_sendmsg+0x642/0xb30 [ 110.900708][ T6392] ? skb_put+0x11b/0x210 [ 110.900740][ T6392] netlink_sendmsg+0x6b2/0xb30 [ 110.900777][ T6392] ? __pfx_netlink_sendmsg+0x10/0x10 [ 110.900803][ T6392] ? aa_sock_msg_perm+0x94/0x160 [ 110.900828][ T6392] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 110.900852][ T6392] ? __pfx_netlink_sendmsg+0x10/0x10 [ 110.900875][ T6392] __sock_sendmsg+0x21c/0x270 [ 110.900897][ T6392] ____sys_sendmsg+0x505/0x830 [ 110.900917][ T6392] ? __pfx_____sys_sendmsg+0x10/0x10 [ 110.900949][ T6392] ? import_iovec+0x74/0xa0 [ 110.900971][ T6392] ___sys_sendmsg+0x21f/0x2a0 [ 110.900988][ T6392] ? __pfx____sys_sendmsg+0x10/0x10 [ 110.901031][ T6392] ? __fget_files+0x2a/0x420 [ 110.901051][ T6392] ? __fget_files+0x3a0/0x420 [ 110.901092][ T6392] __x64_sys_sendmsg+0x19b/0x260 [ 110.901127][ T6392] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 110.901164][ T6392] ? __pfx_ksys_write+0x10/0x10 [ 110.901180][ T6392] ? rcu_is_watching+0x15/0xb0 [ 110.901202][ T6392] ? do_syscall_64+0xbe/0x3b0 [ 110.901226][ T6392] do_syscall_64+0xfa/0x3b0 [ 110.901247][ T6392] ? lockdep_hardirqs_on+0x9c/0x150 [ 110.901267][ T6392] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 110.901282][ T6392] ? clear_bhb_loop+0x60/0xb0 [ 110.901301][ T6392] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 110.901316][ T6392] RIP: 0033:0x7f16f4b8e929 [ 110.901330][ T6392] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 110.901343][ T6392] RSP: 002b:00007f16f5a1c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 110.901360][ T6392] RAX: ffffffffffffffda RBX: 00007f16f4db5fa0 RCX: 00007f16f4b8e929 [ 110.901371][ T6392] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000004 [ 110.901381][ T6392] RBP: 00007f16f5a1c090 R08: 0000000000000000 R09: 0000000000000000 [ 110.901390][ T6392] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 110.901399][ T6392] R13: 0000000000000000 R14: 00007f16f4db5fa0 R15: 00007ffd3fe24e28 [ 110.901421][ T6392] [ 111.666925][ T6402] IPVS: set_ctl: invalid protocol: 47 127.0.0.1:20004 [ 111.678307][ T6406] pimreg: entered allmulticast mode [ 111.775735][ T6406] pimreg: left allmulticast mode [ 111.851028][ T6410] __nla_validate_parse: 3 callbacks suppressed [ 111.851047][ T6410] netlink: 492 bytes leftover after parsing attributes in process `syz.2.145'. [ 112.150175][ T6418] gretap0: entered promiscuous mode [ 112.165894][ T6418] vlan2: entered promiscuous mode [ 112.529173][ T6429] netlink: 'syz.0.150': attribute type 1 has an invalid length. [ 112.544327][ T6429] netlink: 'syz.0.150': attribute type 4 has an invalid length. [ 112.553005][ T6429] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.150'. [ 112.630474][ T6434] net_ratelimit: 4 callbacks suppressed [ 112.630492][ T6434] openvswitch: netlink: Missing key (keys=40, expected=2000) [ 112.659040][ T6437] netlink: 20 bytes leftover after parsing attributes in process `syz.4.153'. [ 112.798623][ T6440] netlink: 'syz.4.154': attribute type 4 has an invalid length. [ 112.840224][ T6440] netlink: 'syz.4.154': attribute type 4 has an invalid length. [ 113.206992][ T6455] FAULT_INJECTION: forcing a failure. [ 113.206992][ T6455] name failslab, interval 1, probability 0, space 0, times 0 [ 113.232212][ T6455] CPU: 1 UID: 0 PID: 6455 Comm: syz.3.160 Not tainted 6.16.0-rc5-syzkaller-01231-g96698d1898bc #0 PREEMPT(full) [ 113.232241][ T6455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 113.232252][ T6455] Call Trace: [ 113.232260][ T6455] [ 113.232269][ T6455] dump_stack_lvl+0x189/0x250 [ 113.232298][ T6455] ? __pfx____ratelimit+0x10/0x10 [ 113.232332][ T6455] ? __pfx_dump_stack_lvl+0x10/0x10 [ 113.232355][ T6455] ? __pfx__printk+0x10/0x10 [ 113.232385][ T6455] ? __pfx___might_resched+0x10/0x10 [ 113.232409][ T6455] ? fs_reclaim_acquire+0x7d/0x100 [ 113.232441][ T6455] should_fail_ex+0x414/0x560 [ 113.232476][ T6455] should_failslab+0xa8/0x100 [ 113.232501][ T6455] __kmalloc_noprof+0xcb/0x4f0 [ 113.232523][ T6455] ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0 [ 113.232551][ T6455] genl_family_rcv_msg_attrs_parse+0xa3/0x2a0 [ 113.232581][ T6455] genl_family_rcv_msg_doit+0xb8/0x300 [ 113.232610][ T6455] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 113.232636][ T6455] ? __pfx_genl_get_cmd+0x10/0x10 [ 113.232652][ T6455] ? __pfx_netlbl_cipsov4_list+0x10/0x10 [ 113.232690][ T6455] genl_rcv_msg+0x60e/0x790 [ 113.232718][ T6455] ? __pfx_genl_rcv_msg+0x10/0x10 [ 113.232737][ T6455] ? __pfx_netlbl_cipsov4_list+0x10/0x10 [ 113.232773][ T6455] netlink_rcv_skb+0x205/0x470 [ 113.232800][ T6455] ? __pfx_genl_rcv_msg+0x10/0x10 [ 113.232822][ T6455] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 113.232867][ T6455] ? down_read+0x1ad/0x2e0 [ 113.232899][ T6455] genl_rcv+0x28/0x40 [ 113.232917][ T6455] netlink_unicast+0x759/0x8e0 [ 113.232953][ T6455] netlink_sendmsg+0x805/0xb30 [ 113.233008][ T6455] ? __pfx_netlink_sendmsg+0x10/0x10 [ 113.233039][ T6455] ? aa_sock_msg_perm+0x94/0x160 [ 113.233072][ T6455] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 113.233100][ T6455] ? __pfx_netlink_sendmsg+0x10/0x10 [ 113.233129][ T6455] __sock_sendmsg+0x21c/0x270 [ 113.233158][ T6455] ____sys_sendmsg+0x505/0x830 [ 113.233184][ T6455] ? __pfx_____sys_sendmsg+0x10/0x10 [ 113.233227][ T6455] ? import_iovec+0x74/0xa0 [ 113.233255][ T6455] ___sys_sendmsg+0x21f/0x2a0 [ 113.233277][ T6455] ? __pfx____sys_sendmsg+0x10/0x10 [ 113.233346][ T6455] ? __fget_files+0x2a/0x420 [ 113.233370][ T6455] ? __fget_files+0x3a0/0x420 [ 113.233409][ T6455] __x64_sys_sendmsg+0x19b/0x260 [ 113.233428][ T6455] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 113.233458][ T6455] ? __pfx_ksys_write+0x10/0x10 [ 113.233488][ T6455] ? do_syscall_64+0xbe/0x3b0 [ 113.233517][ T6455] do_syscall_64+0xfa/0x3b0 [ 113.233543][ T6455] ? lockdep_hardirqs_on+0x9c/0x150 [ 113.233569][ T6455] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.233588][ T6455] ? clear_bhb_loop+0x60/0xb0 [ 113.233609][ T6455] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.233623][ T6455] RIP: 0033:0x7fa146b8e929 [ 113.233642][ T6455] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 113.233657][ T6455] RSP: 002b:00007fa147919038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 113.233678][ T6455] RAX: ffffffffffffffda RBX: 00007fa146db5fa0 RCX: 00007fa146b8e929 [ 113.233693][ T6455] RDX: 00000000040000c0 RSI: 0000200000001080 RDI: 0000000000000004 [ 113.233706][ T6455] RBP: 00007fa147919090 R08: 0000000000000000 R09: 0000000000000000 [ 113.233718][ T6455] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 113.233730][ T6455] R13: 0000000000000000 R14: 00007fa146db5fa0 R15: 00007ffc689e17d8 [ 113.233762][ T6455] [ 113.742999][ T6457] netlink: 104 bytes leftover after parsing attributes in process `syz.2.162'. [ 113.860036][ T6463] netlink: 8 bytes leftover after parsing attributes in process `syz.3.164'. [ 114.187052][ T6475] netlink: 84 bytes leftover after parsing attributes in process `syz.3.170'. [ 114.232119][ T6475] netlink: 84 bytes leftover after parsing attributes in process `syz.3.170'. [ 114.235367][ T6481] netlink: 24 bytes leftover after parsing attributes in process `syz.0.172'. [ 114.291348][ T6484] netlink: 'syz.4.174': attribute type 1 has an invalid length. [ 114.307342][ T6484] netlink: 'syz.4.174': attribute type 4 has an invalid length. [ 114.325450][ T6484] netlink: 9462 bytes leftover after parsing attributes in process `syz.4.174'. [ 114.666324][ T6503] netlink: 8 bytes leftover after parsing attributes in process `syz.2.180'. [ 114.964016][ T6514] Driver unsupported XDP return value 0 on prog (id 31) dev N/A, expect packet loss! [ 114.976958][ T6516] FAULT_INJECTION: forcing a failure. [ 114.976958][ T6516] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 114.993437][ T6516] CPU: 1 UID: 0 PID: 6516 Comm: syz.3.184 Not tainted 6.16.0-rc5-syzkaller-01231-g96698d1898bc #0 PREEMPT(full) [ 114.993476][ T6516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 114.993489][ T6516] Call Trace: [ 114.993497][ T6516] [ 114.993505][ T6516] dump_stack_lvl+0x189/0x250 [ 114.993537][ T6516] ? __pfx____ratelimit+0x10/0x10 [ 114.993565][ T6516] ? __pfx_dump_stack_lvl+0x10/0x10 [ 114.993589][ T6516] ? __pfx__printk+0x10/0x10 [ 114.993618][ T6516] ? __might_fault+0xb0/0x130 [ 114.993654][ T6516] should_fail_ex+0x414/0x560 [ 114.993689][ T6516] _copy_from_user+0x2d/0xb0 [ 114.993714][ T6516] ___sys_recvmsg+0x12e/0x510 [ 114.993741][ T6516] ? __pfx____sys_recvmsg+0x10/0x10 [ 114.993794][ T6516] ? __might_fault+0xb0/0x130 [ 114.993822][ T6516] do_recvmmsg+0x307/0x770 [ 114.993851][ T6516] ? __pfx_do_recvmmsg+0x10/0x10 [ 114.993885][ T6516] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 114.993934][ T6516] __x64_sys_recvmmsg+0x190/0x240 [ 114.993958][ T6516] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 114.993976][ T6516] ? rcu_is_watching+0x15/0xb0 [ 114.994006][ T6516] ? do_syscall_64+0xbe/0x3b0 [ 114.994038][ T6516] do_syscall_64+0xfa/0x3b0 [ 114.994065][ T6516] ? lockdep_hardirqs_on+0x9c/0x150 [ 114.994092][ T6516] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 114.994111][ T6516] ? clear_bhb_loop+0x60/0xb0 [ 114.994136][ T6516] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 114.994155][ T6516] RIP: 0033:0x7fa146b8e929 [ 114.994173][ T6516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 114.994189][ T6516] RSP: 002b:00007fa147919038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 114.994211][ T6516] RAX: ffffffffffffffda RBX: 00007fa146db5fa0 RCX: 00007fa146b8e929 [ 114.994225][ T6516] RDX: 0000000000000600 RSI: 0000200000003700 RDI: 0000000000000006 [ 114.994237][ T6516] RBP: 00007fa147919090 R08: 0000000000000000 R09: 0000000000000000 [ 114.994250][ T6516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 114.994261][ T6516] R13: 0000000000000000 R14: 00007fa146db5fa0 R15: 00007ffc689e17d8 [ 114.994293][ T6516] [ 115.236633][ T6504] syzkaller0: entered promiscuous mode [ 115.248979][ T6504] syzkaller0: entered allmulticast mode [ 116.955152][ T6523] vlan2: entered allmulticast mode [ 116.960363][ T6523] bridge_slave_0: entered allmulticast mode [ 117.163902][ T6558] veth3: entered promiscuous mode [ 117.393147][ T6578] __nla_validate_parse: 4 callbacks suppressed [ 117.393165][ T6578] netlink: 8 bytes leftover after parsing attributes in process `syz.4.204'. [ 117.618182][ T6589] netlink: 24 bytes leftover after parsing attributes in process `syz.4.208'. [ 117.896950][ T6598] netlink: 20 bytes leftover after parsing attributes in process `syz.0.212'. [ 117.920883][ T6601] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input5 [ 117.988731][ T6598] vlan2: entered promiscuous mode [ 118.013506][ T6598] team0: entered promiscuous mode [ 118.055033][ T6598] team_slave_0: entered promiscuous mode [ 118.078993][ T6598] team_slave_1: entered promiscuous mode [ 118.113763][ T6595] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue [ 118.152347][ T6595] syzkaller0: entered promiscuous mode [ 118.168139][ T6595] syzkaller0: entered allmulticast mode [ 118.384012][ T6614] netlink: 48 bytes leftover after parsing attributes in process `syz.0.218'. [ 118.423645][ T6619] netlink: 8 bytes leftover after parsing attributes in process `syz.3.219'. [ 118.467726][ T6621] netlink: 24 bytes leftover after parsing attributes in process `syz.1.221'. [ 118.639248][ T6628] netlink: 'syz.3.224': attribute type 4 has an invalid length. [ 118.647157][ T6628] netlink: 4 bytes leftover after parsing attributes in process `syz.3.224'. [ 118.710674][ T6630] netlink: 4 bytes leftover after parsing attributes in process `syz.1.225'. [ 118.840238][ T6635] netlink: 'syz.3.227': attribute type 30 has an invalid length. [ 119.625639][ T6662] netlink: 8 bytes leftover after parsing attributes in process `syz.3.234'. [ 119.775540][ T6665] netlink: 24 bytes leftover after parsing attributes in process `syz.0.235'. [ 121.093342][ T6675] netlink: 'syz.0.238': attribute type 1 has an invalid length. [ 121.124677][ T6675] netlink: 'syz.0.238': attribute type 4 has an invalid length. [ 121.848513][ T6713] bridge: RTM_NEWNEIGH with invalid ether address [ 121.909774][ T6708] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue [ 121.984262][ T6708] syzkaller0: entered promiscuous mode [ 121.987650][ T6717] tipc: Can't bind to reserved service type 0 [ 122.010219][ T6708] syzkaller0: entered allmulticast mode [ 122.409394][ T6735] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 123.160277][ T6745] clip:clip_setentry: non-CLIP VCC [ 124.600768][ T6761] __nla_validate_parse: 4 callbacks suppressed [ 124.600785][ T6761] netlink: 32 bytes leftover after parsing attributes in process `syz.2.263'. [ 124.691932][ T6766] netlink: 'syz.4.266': attribute type 2 has an invalid length. [ 124.799890][ T6771] netlink: 8 bytes leftover after parsing attributes in process `syz.1.267'. [ 124.882095][ T6776] netlink: 8 bytes leftover after parsing attributes in process `syz.3.268'. [ 124.919991][ T6776] openvswitch: netlink: nsh attribute has unmatched MD type 0. [ 124.947232][ T6776] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 125.499903][ T30] audit: type=1800 audit(1752208287.291:2): pid=6793 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.275" name="blkio.bfq.time_recursive" dev="tmpfs" ino=384 res=0 errno=0 [ 125.601245][ T6791] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue [ 125.624008][ T6791] syzkaller0: entered promiscuous mode [ 125.639776][ T6791] syzkaller0: entered allmulticast mode [ 125.924400][ T6812] netlink: 8 bytes leftover after parsing attributes in process `syz.2.280'. [ 126.113563][ T6817] FAULT_INJECTION: forcing a failure. [ 126.113563][ T6817] name failslab, interval 1, probability 0, space 0, times 0 [ 126.172971][ T6817] CPU: 1 UID: 0 PID: 6817 Comm: syz.2.282 Not tainted 6.16.0-rc5-syzkaller-01231-g96698d1898bc #0 PREEMPT(full) [ 126.172997][ T6817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 126.173009][ T6817] Call Trace: [ 126.173016][ T6817] [ 126.173024][ T6817] dump_stack_lvl+0x189/0x250 [ 126.173065][ T6817] ? __pfx____ratelimit+0x10/0x10 [ 126.173091][ T6817] ? __pfx_dump_stack_lvl+0x10/0x10 [ 126.173113][ T6817] ? __pfx__printk+0x10/0x10 [ 126.173143][ T6817] ? __pfx___might_resched+0x10/0x10 [ 126.173165][ T6817] ? fs_reclaim_acquire+0x7d/0x100 [ 126.173195][ T6817] should_fail_ex+0x414/0x560 [ 126.173226][ T6817] should_failslab+0xa8/0x100 [ 126.173251][ T6817] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 126.173273][ T6817] ? __alloc_skb+0x112/0x2d0 [ 126.173303][ T6817] __alloc_skb+0x112/0x2d0 [ 126.173333][ T6817] netlink_ack+0x146/0xa50 [ 126.173355][ T6817] ? __pfx_genl_rcv_msg+0x10/0x10 [ 126.173391][ T6817] netlink_rcv_skb+0x28c/0x470 [ 126.173417][ T6817] ? __pfx_genl_rcv_msg+0x10/0x10 [ 126.173437][ T6817] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 126.173479][ T6817] ? down_read+0x1ad/0x2e0 [ 126.173509][ T6817] genl_rcv+0x28/0x40 [ 126.173526][ T6817] netlink_unicast+0x759/0x8e0 [ 126.173559][ T6817] netlink_sendmsg+0x805/0xb30 [ 126.173597][ T6817] ? __pfx_netlink_sendmsg+0x10/0x10 [ 126.173626][ T6817] ? aa_sock_msg_perm+0x94/0x160 [ 126.173674][ T6817] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 126.173704][ T6817] ? __pfx_netlink_sendmsg+0x10/0x10 [ 126.173733][ T6817] __sock_sendmsg+0x21c/0x270 [ 126.173761][ T6817] ____sys_sendmsg+0x505/0x830 [ 126.173787][ T6817] ? __pfx_____sys_sendmsg+0x10/0x10 [ 126.173829][ T6817] ? import_iovec+0x74/0xa0 [ 126.173857][ T6817] ___sys_sendmsg+0x21f/0x2a0 [ 126.173880][ T6817] ? __pfx____sys_sendmsg+0x10/0x10 [ 126.173939][ T6817] ? __fget_files+0x2a/0x420 [ 126.173970][ T6817] ? __fget_files+0x3a0/0x420 [ 126.174007][ T6817] __x64_sys_sendmsg+0x19b/0x260 [ 126.174030][ T6817] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 126.174067][ T6817] ? __pfx_ksys_write+0x10/0x10 [ 126.174087][ T6817] ? rcu_is_watching+0x15/0xb0 [ 126.174117][ T6817] ? do_syscall_64+0xbe/0x3b0 [ 126.174150][ T6817] do_syscall_64+0xfa/0x3b0 [ 126.174177][ T6817] ? lockdep_hardirqs_on+0x9c/0x150 [ 126.174214][ T6817] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.174233][ T6817] ? clear_bhb_loop+0x60/0xb0 [ 126.174257][ T6817] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.174276][ T6817] RIP: 0033:0x7f1d2218e929 [ 126.174299][ T6817] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 126.174315][ T6817] RSP: 002b:00007f1d23092038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 126.174340][ T6817] RAX: ffffffffffffffda RBX: 00007f1d223b5fa0 RCX: 00007f1d2218e929 [ 126.174354][ T6817] RDX: 00000000040000c0 RSI: 0000200000001080 RDI: 0000000000000004 [ 126.174366][ T6817] RBP: 00007f1d23092090 R08: 0000000000000000 R09: 0000000000000000 [ 126.174378][ T6817] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 126.174389][ T6817] R13: 0000000000000000 R14: 00007f1d223b5fa0 R15: 00007fffb1b7faf8 [ 126.174421][ T6817] [ 126.638393][ T6822] netlink: 8 bytes leftover after parsing attributes in process `syz.0.283'. [ 126.650552][ T6822] netlink: 8 bytes leftover after parsing attributes in process `syz.0.283'. [ 126.659429][ T6822] netlink: 8 bytes leftover after parsing attributes in process `syz.0.283'. [ 126.944278][ T6831] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 127.308182][ T6838] netlink: 8 bytes leftover after parsing attributes in process `syz.0.289'. [ 128.031810][ T36] wlan0: Trigger new scan to find an IBSS to join [ 128.248435][ T6841] netlink: 4 bytes leftover after parsing attributes in process `syz.0.291'. [ 128.372445][ T6847] netlink: 8 bytes leftover after parsing attributes in process `syz.2.292'. [ 129.174129][ T6841] team_slave_0: left promiscuous mode [ 129.183041][ T6867] netlink: 'syz.3.294': attribute type 3 has an invalid length. [ 129.199755][ T6867] netlink: 'syz.3.294': attribute type 1 has an invalid length. [ 129.213537][ T6841] team0 (unregistering): Port device team_slave_0 removed [ 129.241747][ T6841] team_slave_1: left promiscuous mode [ 129.267738][ T6841] team0 (unregistering): Port device team_slave_1 removed [ 129.758321][ T6880] __nla_validate_parse: 4 callbacks suppressed [ 129.758341][ T6880] netlink: 16 bytes leftover after parsing attributes in process `syz.4.301'. [ 129.773448][ T6886] netlink: 8 bytes leftover after parsing attributes in process `syz.0.303'. [ 129.791341][ T6887] netlink: 8 bytes leftover after parsing attributes in process `syz.2.302'. [ 129.859179][ T6880] netlink: 16 bytes leftover after parsing attributes in process `syz.4.301'. [ 130.279303][ T6891] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue [ 130.283549][ T6910] netlink: 8 bytes leftover after parsing attributes in process `syz.4.312'. [ 130.297865][ T6905] netlink: 304 bytes leftover after parsing attributes in process `syz.2.310'. [ 130.355261][ T6891] syzkaller0: entered promiscuous mode [ 130.391810][ T6891] syzkaller0: entered allmulticast mode [ 130.556971][ T6915] FAULT_INJECTION: forcing a failure. [ 130.556971][ T6915] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 130.588745][ T6915] CPU: 1 UID: 0 PID: 6915 Comm: syz.3.311 Not tainted 6.16.0-rc5-syzkaller-01231-g96698d1898bc #0 PREEMPT(full) [ 130.588774][ T6915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 130.588786][ T6915] Call Trace: [ 130.588794][ T6915] [ 130.588803][ T6915] dump_stack_lvl+0x189/0x250 [ 130.588833][ T6915] ? __pfx____ratelimit+0x10/0x10 [ 130.588861][ T6915] ? __pfx_dump_stack_lvl+0x10/0x10 [ 130.588886][ T6915] ? __pfx__printk+0x10/0x10 [ 130.588914][ T6915] ? __might_fault+0xb0/0x130 [ 130.588949][ T6915] should_fail_ex+0x414/0x560 [ 130.588984][ T6915] _copy_from_user+0x2d/0xb0 [ 130.589008][ T6915] ___sys_sendmsg+0x158/0x2a0 [ 130.589031][ T6915] ? __pfx____sys_sendmsg+0x10/0x10 [ 130.589088][ T6915] ? __fget_files+0x2a/0x420 [ 130.589114][ T6915] ? __fget_files+0x3a0/0x420 [ 130.589163][ T6915] __x64_sys_sendmsg+0x19b/0x260 [ 130.589185][ T6915] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 130.589213][ T6915] ? __pfx_ksys_write+0x10/0x10 [ 130.589233][ T6915] ? rcu_is_watching+0x15/0xb0 [ 130.589262][ T6915] ? do_syscall_64+0xbe/0x3b0 [ 130.589293][ T6915] do_syscall_64+0xfa/0x3b0 [ 130.589319][ T6915] ? lockdep_hardirqs_on+0x9c/0x150 [ 130.589345][ T6915] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.589364][ T6915] ? clear_bhb_loop+0x60/0xb0 [ 130.589388][ T6915] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.589407][ T6915] RIP: 0033:0x7fa146b8e929 [ 130.589429][ T6915] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 130.589445][ T6915] RSP: 002b:00007fa147919038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 130.589465][ T6915] RAX: ffffffffffffffda RBX: 00007fa146db5fa0 RCX: 00007fa146b8e929 [ 130.589479][ T6915] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003 [ 130.589491][ T6915] RBP: 00007fa147919090 R08: 0000000000000000 R09: 0000000000000000 [ 130.589503][ T6915] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 130.589514][ T6915] R13: 0000000000000000 R14: 00007fa146db5fa0 R15: 00007ffc689e17d8 [ 130.589542][ T6915] [ 131.083922][ T3478] wlan0: Trigger new scan to find an IBSS to join [ 131.102939][ T6927] netlink: 8 bytes leftover after parsing attributes in process `syz.3.316'. [ 131.267829][ T6933] netlink: 8 bytes leftover after parsing attributes in process `syz.2.317'. [ 131.754949][ T6955] netlink: 'syz.1.321': attribute type 4 has an invalid length. [ 131.810057][ T6956] netlink: 'syz.1.321': attribute type 4 has an invalid length. [ 132.815346][ T6945] tipc: Enabling of bearer rejected, failed to enable media [ 133.007274][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.014240][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.372117][ T6974] netlink: 8 bytes leftover after parsing attributes in process `syz.1.329'. [ 133.720057][ T6986] xt_CT: No such helper "pptp" [ 133.822380][ T6989] openvswitch: netlink: Missing key (keys=40, expected=2000) [ 133.901394][ T6993] netlink: 'syz.4.337': attribute type 23 has an invalid length. [ 134.040411][ T3581] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 134.307783][ T7007] netlink: 4 bytes leftover after parsing attributes in process `syz.4.343'. [ 134.696534][ T7029] 8021q: adding VLAN 0 to HW filter on device bond1 [ 134.912838][ T7039] GUP no longer grows the stack in syz.0.356 (7039): 200000006000-20000000a000 (200000005000) [ 134.937187][ T7039] CPU: 1 UID: 0 PID: 7039 Comm: syz.0.356 Not tainted 6.16.0-rc5-syzkaller-01231-g96698d1898bc #0 PREEMPT(full) [ 134.937217][ T7039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 134.937229][ T7039] Call Trace: [ 134.937237][ T7039] [ 134.937246][ T7039] dump_stack_lvl+0x189/0x250 [ 134.937299][ T7039] ? __pfx_dump_stack_lvl+0x10/0x10 [ 134.937326][ T7039] ? __pfx__printk+0x10/0x10 [ 134.937350][ T7039] ? find_vma+0xe7/0x160 [ 134.937389][ T7039] __get_user_pages+0x2a60/0x30b0 [ 134.937461][ T7039] ? __pfx___get_user_pages+0x10/0x10 [ 134.937484][ T7039] ? __gup_longterm_locked+0xbf7/0x15b0 [ 134.937506][ T7039] ? down_read_killable+0x1d1/0x350 [ 134.937537][ T7039] ? try_get_folio+0x633/0x660 [ 134.937564][ T7039] __gup_longterm_locked+0xd66/0x15b0 [ 134.937593][ T7039] ? try_grab_folio_fast+0x1be/0x4f0 [ 134.937628][ T7039] ? gup_fast_fallback+0x1afc/0x2260 [ 134.937655][ T7039] gup_fast_fallback+0x1cd4/0x2260 [ 134.937718][ T7039] ? __pfx_gup_fast_fallback+0x10/0x10 [ 134.937739][ T7039] ? trace_contention_end+0x39/0x120 [ 134.937768][ T7039] ? __mutex_lock+0x330/0xe80 [ 134.937803][ T7039] ? is_valid_gup_args+0x11f/0x200 [ 134.937827][ T7039] ? get_user_pages_fast+0x4d/0xb0 [ 134.937852][ T7039] __iov_iter_get_pages_alloc+0x39a/0xb40 [ 134.937885][ T7039] ? __pfx_pipe_clear_nowait+0x10/0x10 [ 134.937914][ T7039] ? wait_for_space+0x24d/0x2d0 [ 134.937942][ T7039] iov_iter_get_pages2+0x5e/0xa0 [ 134.937970][ T7039] __se_sys_vmsplice+0x548/0x10d0 [ 134.938012][ T7039] ? wake_up_q+0xca/0x110 [ 134.938041][ T7039] ? __pfx___se_sys_vmsplice+0x10/0x10 [ 134.938071][ T7039] ? __pfx_futex_wake+0x10/0x10 [ 134.938100][ T7039] ? __lock_acquire+0xab9/0xd20 [ 134.938171][ T7039] ? rcu_is_watching+0x15/0xb0 [ 134.938203][ T7039] ? do_syscall_64+0xbe/0x3b0 [ 134.938237][ T7039] do_syscall_64+0xfa/0x3b0 [ 134.938265][ T7039] ? lockdep_hardirqs_on+0x9c/0x150 [ 134.938292][ T7039] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 134.938313][ T7039] ? clear_bhb_loop+0x60/0xb0 [ 134.938338][ T7039] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 134.938358][ T7039] RIP: 0033:0x7fa2d6d8e929 [ 134.938378][ T7039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 134.938395][ T7039] RSP: 002b:00007fa2d7b3b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000116 [ 134.938416][ T7039] RAX: ffffffffffffffda RBX: 00007fa2d6fb5fa0 RCX: 00007fa2d6d8e929 [ 134.938444][ T7039] RDX: 0000000000000001 RSI: 00002000000000c0 RDI: 000000000000000a [ 134.938457][ T7039] RBP: 00007fa2d6e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 134.938469][ T7039] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 134.938481][ T7039] R13: 0000000000000000 R14: 00007fa2d6fb5fa0 R15: 00007ffde4a0c7d8 [ 134.938516][ T7039] [ 135.327023][ T7029] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 135.376235][ T7047] xt_NFQUEUE: number of queues (65532) out of range (got 66665) [ 135.426352][ T7043] __nla_validate_parse: 1 callbacks suppressed [ 135.426374][ T7043] netlink: 20 bytes leftover after parsing attributes in process `syz.4.357'. [ 135.538447][ T7049] netlink: 20 bytes leftover after parsing attributes in process `syz.1.358'. [ 135.581873][ T7043] netlink: 152 bytes leftover after parsing attributes in process `syz.4.357'. [ 135.599182][ T7043] A link change request failed with some changes committed already. Interface macvlan1 may have been left with an inconsistent configuration, please check. [ 135.748210][ T7058] netlink: 8 bytes leftover after parsing attributes in process `syz.1.360'. [ 136.076314][ T7063] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 136.197709][ T7071] warning: `syz.3.364' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 136.586434][ T7082] netlink: 20 bytes leftover after parsing attributes in process `syz.4.366'. [ 136.770889][ T7084] IPv6: addrconf: prefix option has invalid lifetime [ 136.872337][ T7090] netlink: 28 bytes leftover after parsing attributes in process `syz.3.368'. [ 136.911059][ T7090] netlink: 28 bytes leftover after parsing attributes in process `syz.3.368'. [ 136.953334][ T7090] netlink: 28 bytes leftover after parsing attributes in process `syz.3.368'. [ 137.083315][ T7106] FAULT_INJECTION: forcing a failure. [ 137.083315][ T7106] name failslab, interval 1, probability 0, space 0, times 0 [ 137.141281][ T7106] CPU: 0 UID: 0 PID: 7106 Comm: syz.1.372 Not tainted 6.16.0-rc5-syzkaller-01231-g96698d1898bc #0 PREEMPT(full) [ 137.141310][ T7106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 137.141321][ T7106] Call Trace: [ 137.141329][ T7106] [ 137.141337][ T7106] dump_stack_lvl+0x189/0x250 [ 137.141365][ T7106] ? __pfx____ratelimit+0x10/0x10 [ 137.141392][ T7106] ? __pfx_dump_stack_lvl+0x10/0x10 [ 137.141416][ T7106] ? __pfx__printk+0x10/0x10 [ 137.141467][ T7106] ? __pfx___might_resched+0x10/0x10 [ 137.141490][ T7106] ? fs_reclaim_acquire+0x7d/0x100 [ 137.141524][ T7106] should_fail_ex+0x414/0x560 [ 137.141559][ T7106] should_failslab+0xa8/0x100 [ 137.141588][ T7106] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 137.141611][ T7106] ? __pfx_nf_tables_abort+0x10/0x10 [ 137.141640][ T7106] ? __alloc_skb+0x112/0x2d0 [ 137.141674][ T7106] __alloc_skb+0x112/0x2d0 [ 137.141707][ T7106] netlink_ack+0x146/0xa50 [ 137.141738][ T7106] ? __kasan_kmalloc+0x93/0xb0 [ 137.141771][ T7106] nfnetlink_rcv+0x2290/0x2520 [ 137.141827][ T7106] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 137.141862][ T7106] ? __lock_acquire+0xab9/0xd20 [ 137.141944][ T7106] ? netlink_deliver_tap+0x2e/0x1b0 [ 137.141969][ T7106] ? netlink_deliver_tap+0x2e/0x1b0 [ 137.142001][ T7106] netlink_unicast+0x759/0x8e0 [ 137.142035][ T7106] netlink_sendmsg+0x805/0xb30 [ 137.142072][ T7106] ? __pfx_netlink_sendmsg+0x10/0x10 [ 137.142102][ T7106] ? aa_sock_msg_perm+0x94/0x160 [ 137.142130][ T7106] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 137.142153][ T7106] ? __pfx_netlink_sendmsg+0x10/0x10 [ 137.142175][ T7106] __sock_sendmsg+0x21c/0x270 [ 137.142197][ T7106] ____sys_sendmsg+0x505/0x830 [ 137.142217][ T7106] ? __pfx_____sys_sendmsg+0x10/0x10 [ 137.142259][ T7106] ? import_iovec+0x74/0xa0 [ 137.142281][ T7106] ___sys_sendmsg+0x21f/0x2a0 [ 137.142297][ T7106] ? __pfx____sys_sendmsg+0x10/0x10 [ 137.142341][ T7106] ? __fget_files+0x2a/0x420 [ 137.142361][ T7106] ? __fget_files+0x3a0/0x420 [ 137.142389][ T7106] __x64_sys_sendmsg+0x19b/0x260 [ 137.142406][ T7106] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 137.142429][ T7106] ? __pfx_ksys_write+0x10/0x10 [ 137.142445][ T7106] ? rcu_is_watching+0x15/0xb0 [ 137.142468][ T7106] ? do_syscall_64+0xbe/0x3b0 [ 137.142493][ T7106] do_syscall_64+0xfa/0x3b0 [ 137.142513][ T7106] ? lockdep_hardirqs_on+0x9c/0x150 [ 137.142534][ T7106] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.142549][ T7106] ? clear_bhb_loop+0x60/0xb0 [ 137.142568][ T7106] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.142583][ T7106] RIP: 0033:0x7ff781d8e929 [ 137.142598][ T7106] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 137.142627][ T7106] RSP: 002b:00007ff782c3c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 137.142643][ T7106] RAX: ffffffffffffffda RBX: 00007ff781fb5fa0 RCX: 00007ff781d8e929 [ 137.142654][ T7106] RDX: 0000000000000000 RSI: 0000200000000500 RDI: 0000000000000003 [ 137.142663][ T7106] RBP: 00007ff782c3c090 R08: 0000000000000000 R09: 0000000000000000 [ 137.142672][ T7106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 137.142680][ T7106] R13: 0000000000000000 R14: 00007ff781fb5fa0 R15: 00007ffd17f91b98 [ 137.142706][ T7106] [ 137.529850][ T7109] netlink: 8 bytes leftover after parsing attributes in process `syz.2.373'. [ 137.758490][ T7123] IPv6: Can't replace route, no match found [ 137.821379][ T7125] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.381'. [ 138.075975][ T7138] netlink: 'syz.1.382': attribute type 1 has an invalid length. [ 138.279308][ T7143] bond2: entered promiscuous mode [ 138.313109][ T7143] bond2: entered allmulticast mode [ 138.319795][ T7147] netlink: 'syz.2.385': attribute type 1 has an invalid length. [ 138.327544][ T7147] FAULT_INJECTION: forcing a failure. [ 138.327544][ T7147] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 138.328003][ T7143] 8021q: adding VLAN 0 to HW filter on device bond2 [ 138.328620][ T7147] [ 138.328630][ T7147] ====================================================== [ 138.328638][ T7147] WARNING: possible circular locking dependency detected [ 138.328655][ T7147] 6.16.0-rc5-syzkaller-01231-g96698d1898bc #0 Not tainted [ 138.328668][ T7147] ------------------------------------------------------ [ 138.328675][ T7147] syz.2.385/7147 is trying to acquire lock: [ 138.328687][ T7147] ffffffff8e133380 (console_owner){-...}-{0:0}, at: vprintk_emit+0x444/0x7a0 [ 138.328746][ T7147] [ 138.328746][ T7147] but task is already holding lock: [ 138.328753][ T7147] ffff8880b8639f98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 138.328803][ T7147] [ 138.328803][ T7147] which lock already depends on the new lock. [ 138.328803][ T7147] [ 138.328810][ T7147] [ 138.328810][ T7147] the existing dependency chain (in reverse order) is: [ 138.328827][ T7147] [ 138.328827][ T7147] -> #4 (&rq->__lock){-.-.}-{2:2}: [ 138.328855][ T7147] lock_acquire+0x120/0x360 [ 138.328875][ T7147] _raw_spin_lock_nested+0x32/0x50 [ 138.328901][ T7147] raw_spin_rq_lock_nested+0x2a/0x140 [ 138.328923][ T7147] task_rq_lock+0xbc/0x470 [ 138.328943][ T7147] cgroup_move_task+0x9a/0x590 [ 138.328968][ T7147] css_set_move_task+0x658/0x9e0 [ 138.328992][ T7147] cgroup_post_fork+0x1ef/0x790 [ 138.329017][ T7147] copy_process+0x37e6/0x3b80 [ 138.329041][ T7147] kernel_clone+0x21e/0x870 [ 138.329066][ T7147] user_mode_thread+0xdd/0x140 [ 138.329091][ T7147] rest_init+0x23/0x300 [ 138.329108][ T7147] start_kernel+0x47d/0x500 [ 138.329128][ T7147] x86_64_start_reservations+0x24/0x30 [ 138.329155][ T7147] x86_64_start_kernel+0x143/0x1c0 [ 138.329181][ T7147] common_startup_64+0x13e/0x147 [ 138.329208][ T7147] [ 138.329208][ T7147] -> #3 (&p->pi_lock){-.-.}-{2:2}: [ 138.329237][ T7147] lock_acquire+0x120/0x360 [ 138.329255][ T7147] _raw_spin_lock_irqsave+0xa7/0xf0 [ 138.329276][ T7147] try_to_wake_up+0x6e/0x1290 [ 138.329304][ T7147] __wake_up_common_lock+0x137/0x1f0 [ 138.329334][ T7147] tty_port_default_wakeup+0xa2/0xf0 [ 138.329361][ T7147] serial8250_tx_chars+0x72e/0x970 [ 138.329385][ T7147] serial8250_handle_irq+0x633/0xbb0 [ 138.329407][ T7147] serial8250_default_handle_irq+0xbf/0x1b0 [ 138.329435][ T7147] serial8250_interrupt+0xa2/0x1d0 [ 138.329453][ T7147] __handle_irq_event_percpu+0x28c/0x980 [ 138.329482][ T7147] handle_irq_event+0x8b/0x1e0 [ 138.329508][ T7147] handle_edge_irq+0x267/0x9c0 [ 138.329533][ T7147] __common_interrupt+0x140/0x250 [ 138.329552][ T7147] common_interrupt+0xb6/0xe0 [ 138.329576][ T7147] asm_common_interrupt+0x26/0x40 [ 138.329594][ T7147] pv_native_safe_halt+0x13/0x20 [ 138.329621][ T7147] default_idle+0x13/0x20 [ 138.329649][ T7147] default_idle_call+0x74/0xb0 [ 138.329665][ T7147] do_idle+0x1e8/0x510 [ 138.329686][ T7147] cpu_startup_entry+0x44/0x60 [ 138.329709][ T7147] rest_init+0x2de/0x300 [ 138.329726][ T7147] start_kernel+0x47d/0x500 [ 138.329745][ T7147] x86_64_start_reservations+0x24/0x30 [ 138.329771][ T7147] x86_64_start_kernel+0x143/0x1c0 [ 138.329797][ T7147] common_startup_64+0x13e/0x147 [ 138.329830][ T7147] [ 138.329830][ T7147] -> #2 (&tty->write_wait){-.-.}-{3:3}: [ 138.329858][ T7147] lock_acquire+0x120/0x360 [ 138.329876][ T7147] _raw_spin_lock_irqsave+0xa7/0xf0 [ 138.329899][ T7147] __wake_up_common_lock+0x2f/0x1f0 [ 138.329928][ T7147] tty_port_default_wakeup+0xa2/0xf0 [ 138.329954][ T7147] serial8250_tx_chars+0x72e/0x970 [ 138.329975][ T7147] serial8250_handle_irq+0x633/0xbb0 [ 138.329998][ T7147] serial8250_default_handle_irq+0xbf/0x1b0 [ 138.330026][ T7147] serial8250_interrupt+0xa2/0x1d0 [ 138.330044][ T7147] __handle_irq_event_percpu+0x28c/0x980 [ 138.330071][ T7147] handle_irq_event+0x8b/0x1e0 [ 138.330098][ T7147] handle_edge_irq+0x267/0x9c0 [ 138.330121][ T7147] __common_interrupt+0x140/0x250 [ 138.330138][ T7147] common_interrupt+0xb6/0xe0 [ 138.330156][ T7147] asm_common_interrupt+0x26/0x40 [ 138.330174][ T7147] pv_native_safe_halt+0x13/0x20 [ 138.330198][ T7147] default_idle+0x13/0x20 [ 138.330226][ T7147] default_idle_call+0x74/0xb0 [ 138.330243][ T7147] do_idle+0x1e8/0x510 [ 138.330265][ T7147] cpu_startup_entry+0x44/0x60 [ 138.330286][ T7147] rest_init+0x2de/0x300 [ 138.330303][ T7147] start_kernel+0x47d/0x500 [ 138.330321][ T7147] x86_64_start_reservations+0x24/0x30 [ 138.330349][ T7147] x86_64_start_kernel+0x143/0x1c0 [ 138.330374][ T7147] common_startup_64+0x13e/0x147 [ 138.330402][ T7147] [ 138.330402][ T7147] -> #1 (&port_lock_key){-.-.}-{3:3}: [ 138.330430][ T7147] lock_acquire+0x120/0x360 [ 138.330447][ T7147] _raw_spin_lock_irqsave+0xa7/0xf0 [ 138.330469][ T7147] serial8250_console_write+0x17e/0x1ba0 [ 138.330495][ T7147] console_flush_all+0x728/0xc40 [ 138.330531][ T7147] console_unlock+0xc4/0x270 [ 138.330570][ T7147] vprintk_emit+0x5b7/0x7a0 [ 138.330592][ T7147] _printk+0xcf/0x120 [ 138.330618][ T7147] register_console+0xa8b/0xf90 [ 138.330644][ T7147] univ8250_console_init+0x52/0x90 [ 138.330668][ T7147] console_init+0x1a1/0x670 [ 138.330692][ T7147] start_kernel+0x2cc/0x500 [ 138.330723][ T7147] x86_64_start_reservations+0x24/0x30 [ 138.330747][ T7147] x86_64_start_kernel+0x143/0x1c0 [ 138.330772][ T7147] common_startup_64+0x13e/0x147 [ 138.330797][ T7147] [ 138.330797][ T7147] -> #0 (console_owner){-...}-{0:0}: [ 138.330828][ T7147] validate_chain+0xb9b/0x2140 [ 138.330849][ T7147] __lock_acquire+0xab9/0xd20 [ 138.330866][ T7147] lock_acquire+0x120/0x360 [ 138.330882][ T7147] vprintk_emit+0x460/0x7a0 [ 138.330906][ T7147] _printk+0xcf/0x120 [ 138.330929][ T7147] should_fail_ex+0x3f5/0x560 [ 138.330955][ T7147] strncpy_from_user+0x36/0x290 [ 138.330979][ T7147] strncpy_from_user_nofault+0x72/0x150 [ 138.331009][ T7147] bpf_probe_read_compat_str+0xe2/0x180 [ 138.331030][ T7147] bpf_prog_c1796171ffc7efef+0x3e/0x44 [ 138.331045][ T7147] bpf_trace_run4+0x28e/0x4a0 [ 138.331069][ T7147] __bpf_trace_sched_switch+0x17a/0x1e0 [ 138.331096][ T7147] __traceiter_sched_switch+0x9d/0xd0 [ 138.331122][ T7147] __schedule+0x2328/0x4d00 [ 138.331144][ T7147] preempt_schedule_common+0x83/0xd0 [ 138.331185][ T7147] preempt_schedule+0xae/0xc0 [ 138.331207][ T7147] preempt_schedule_thunk+0x16/0x30 [ 138.331225][ T7147] vprintk_emit+0x69a/0x7a0 [ 138.331248][ T7147] _printk+0xcf/0x120 [ 138.331273][ T7147] __nla_validate_parse+0x1719/0x2d40 [ 138.331291][ T7147] __nla_parse+0x40/0x60 [ 138.331308][ T7147] genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 138.331329][ T7147] genl_family_rcv_msg_doit+0xb8/0x300 [ 138.331350][ T7147] genl_rcv_msg+0x60e/0x790 [ 138.331368][ T7147] netlink_rcv_skb+0x205/0x470 [ 138.331391][ T7147] genl_rcv+0x28/0x40 [ 138.331407][ T7147] netlink_unicast+0x759/0x8e0 [ 138.331430][ T7147] netlink_sendmsg+0x805/0xb30 [ 138.331455][ T7147] __sock_sendmsg+0x21c/0x270 [ 138.331477][ T7147] ____sys_sendmsg+0x505/0x830 [ 138.331493][ T7147] ___sys_sendmsg+0x21f/0x2a0 [ 138.331510][ T7147] __x64_sys_sendmsg+0x19b/0x260 [ 138.331526][ T7147] do_syscall_64+0xfa/0x3b0 [ 138.331553][ T7147] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 138.331572][ T7147] [ 138.331572][ T7147] other info that might help us debug this: [ 138.331572][ T7147] [ 138.331579][ T7147] Chain exists of: [ 138.331579][ T7147] console_owner --> &p->pi_lock --> &rq->__lock [ 138.331579][ T7147] [ 138.331613][ T7147] Possible unsafe locking scenario: [ 138.331613][ T7147] [ 138.331618][ T7147] CPU0 CPU1 [ 138.331625][ T7147] ---- ---- [ 138.331632][ T7147] lock(&rq->__lock); [ 138.331645][ T7147] lock(&p->pi_lock); [ 138.331660][ T7147] lock(&rq->__lock); [ 138.331675][ T7147] lock(console_owner); [ 138.331688][ T7147] [ 138.331688][ T7147] *** DEADLOCK *** [ 138.331688][ T7147] [ 138.331695][ T7147] 4 locks held by syz.2.385/7147: [ 138.331706][ T7147] #0: ffffffff8f5853b0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 138.331754][ T7147] #1: ffffffff8f5851c8 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790 [ 138.331801][ T7147] #2: ffff8880b8639f98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 138.331859][ T7147] #3: ffffffff8e13f160 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run4+0x19c/0x4a0 [ 138.331915][ T7147] [ 138.331915][ T7147] stack backtrace: [ 138.331928][ T7147] CPU: 0 UID: 0 PID: 7147 Comm: syz.2.385 Not tainted 6.16.0-rc5-syzkaller-01231-g96698d1898bc #0 PREEMPT(full) [ 138.331952][ T7147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 138.331966][ T7147] Call Trace: [ 138.331974][ T7147] [ 138.331982][ T7147] dump_stack_lvl+0x189/0x250 [ 138.332010][ T7147] ? __pfx_dump_stack_lvl+0x10/0x10 [ 138.332036][ T7147] ? __pfx__printk+0x10/0x10 [ 138.332064][ T7147] ? print_lock_name+0xde/0x100 [ 138.332093][ T7147] print_circular_bug+0x2ee/0x310 [ 138.332122][ T7147] check_noncircular+0x134/0x160 [ 138.332154][ T7147] validate_chain+0xb9b/0x2140 [ 138.332192][ T7147] __lock_acquire+0xab9/0xd20 [ 138.332217][ T7147] ? vprintk_emit+0x444/0x7a0 [ 138.332242][ T7147] lock_acquire+0x120/0x360 [ 138.332262][ T7147] ? vprintk_emit+0x444/0x7a0 [ 138.332293][ T7147] ? do_raw_spin_unlock+0x122/0x240 [ 138.332323][ T7147] ? vprintk_emit+0x444/0x7a0 [ 138.332351][ T7147] vprintk_emit+0x460/0x7a0 [ 138.332376][ T7147] ? vprintk_emit+0x444/0x7a0 [ 138.332404][ T7147] ? __pfx_vprintk_emit+0x10/0x10 [ 138.332431][ T7147] ? number+0xd18/0xf60 [ 138.332455][ T7147] ? number+0xb1/0xf60 [ 138.332480][ T7147] _printk+0xcf/0x120 [ 138.332507][ T7147] ? __pfx____ratelimit+0x10/0x10 [ 138.332535][ T7147] ? __pfx__printk+0x10/0x10 [ 138.332569][ T7147] should_fail_ex+0x3f5/0x560 [ 138.332600][ T7147] strncpy_from_user+0x36/0x290 [ 138.332630][ T7147] strncpy_from_user_nofault+0x72/0x150 [ 138.332665][ T7147] bpf_probe_read_compat_str+0xe2/0x180 [ 138.332691][ T7147] bpf_prog_c1796171ffc7efef+0x3e/0x44 [ 138.332709][ T7147] bpf_trace_run4+0x28e/0x4a0 [ 138.332739][ T7147] ? bpf_trace_run4+0x19c/0x4a0 [ 138.332770][ T7147] ? __pfx_bpf_trace_run4+0x10/0x10 [ 138.332797][ T7147] ? kvm_sched_clock_read+0x11/0x20 [ 138.332831][ T7147] ? sched_clock_cpu+0x74/0x430 [ 138.332857][ T7147] ? __bpf_trace_sched_switch+0x15f/0x1e0 [ 138.332891][ T7147] __bpf_trace_sched_switch+0x17a/0x1e0 [ 138.332922][ T7147] ? __pfx___bpf_trace_sched_switch+0x10/0x10 [ 138.332952][ T7147] ? psi_group_change+0xbc7/0x1210 [ 138.332978][ T7147] ? rcu_read_lock_sched_held+0x89/0x100 [ 138.333004][ T7147] ? __pfx_rcu_read_lock_sched_held+0x10/0x10 [ 138.333032][ T7147] ? psi_task_switch+0x314/0x6d0 [ 138.333071][ T7147] ? tracing_record_taskinfo_sched_switch+0x7d/0x370 [ 138.333100][ T7147] ? __pfx___bpf_trace_sched_switch+0x10/0x10 [ 138.333129][ T7147] __traceiter_sched_switch+0x9d/0xd0 [ 138.333160][ T7147] __schedule+0x2328/0x4d00 [ 138.333190][ T7147] ? _prb_read_valid+0xa07/0xa90 [ 138.333212][ T7147] ? console_flush_all+0x13a/0xc40 [ 138.333238][ T7147] ? preempt_schedule_common+0x83/0xd0 [ 138.333270][ T7147] ? __pfx___schedule+0x10/0x10 [ 138.333300][ T7147] ? __pfx___console_unlock+0x10/0x10 [ 138.333329][ T7147] ? preempt_schedule+0xae/0xc0 [ 138.333371][ T7147] preempt_schedule_common+0x83/0xd0 [ 138.333398][ T7147] preempt_schedule+0xae/0xc0 [ 138.333423][ T7147] ? __pfx_preempt_schedule+0x10/0x10 [ 138.333448][ T7147] ? console_unlock+0x21b/0x270 [ 138.333475][ T7147] ? __pfx_console_unlock+0x10/0x10 [ 138.333502][ T7147] preempt_schedule_thunk+0x16/0x30 [ 138.333522][ T7147] ? vprintk_emit+0x695/0x7a0 [ 138.333548][ T7147] vprintk_emit+0x69a/0x7a0 [ 138.333575][ T7147] ? __pfx_vprintk_emit+0x10/0x10 [ 138.333600][ T7147] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 138.333626][ T7147] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 138.333662][ T7147] _printk+0xcf/0x120 [ 138.333711][ T7147] ? __pfx____ratelimit+0x10/0x10 [ 138.333740][ T7147] ? __pfx__printk+0x10/0x10 [ 138.333777][ T7147] __nla_validate_parse+0x1719/0x2d40 [ 138.333799][ T7147] ? __sock_sendmsg+0x21c/0x270 [ 138.333831][ T7147] ? ____sys_sendmsg+0x505/0x830 [ 138.333860][ T7147] ? __pfx___nla_validate_parse+0x10/0x10 [ 138.333898][ T7147] __nla_parse+0x40/0x60 [ 138.333921][ T7147] genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 138.333950][ T7147] genl_family_rcv_msg_doit+0xb8/0x300 [ 138.333977][ T7147] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 138.334002][ T7147] ? rcu_is_watching+0x15/0xb0 [ 138.334029][ T7147] ? apparmor_capable+0x137/0x1b0 [ 138.334055][ T7147] ? bpf_lsm_capable+0x9/0x20 [ 138.334079][ T7147] ? security_capable+0x7e/0x2e0 [ 138.334113][ T7147] genl_rcv_msg+0x60e/0x790 [ 138.334138][ T7147] ? __pfx_genl_rcv_msg+0x10/0x10 [ 138.334159][ T7147] ? __pfx_hwsim_new_edge_nl+0x10/0x10 [ 138.334202][ T7147] netlink_rcv_skb+0x205/0x470 [ 138.334230][ T7147] ? __pfx_genl_rcv_msg+0x10/0x10 [ 138.334253][ T7147] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 138.334291][ T7147] ? down_read+0x1ad/0x2e0 [ 138.334324][ T7147] genl_rcv+0x28/0x40 [ 138.334343][ T7147] netlink_unicast+0x759/0x8e0 [ 138.334375][ T7147] netlink_sendmsg+0x805/0xb30 [ 138.334410][ T7147] ? __pfx_netlink_sendmsg+0x10/0x10 [ 138.334442][ T7147] ? aa_sock_msg_perm+0x94/0x160 [ 138.334473][ T7147] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 138.334507][ T7147] ? __pfx_netlink_sendmsg+0x10/0x10 [ 138.334536][ T7147] __sock_sendmsg+0x21c/0x270 [ 138.334563][ T7147] ____sys_sendmsg+0x505/0x830 [ 138.334585][ T7147] ? __pfx_____sys_sendmsg+0x10/0x10 [ 138.334624][ T7147] ? import_iovec+0x74/0xa0 [ 138.334651][ T7147] ___sys_sendmsg+0x21f/0x2a0 [ 138.334672][ T7147] ? __pfx____sys_sendmsg+0x10/0x10 [ 138.334711][ T7147] ? __fget_files+0x2a/0x420 [ 138.334739][ T7147] ? __fget_files+0x3a0/0x420 [ 138.334774][ T7147] __x64_sys_sendmsg+0x19b/0x260 [ 138.334796][ T7147] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 138.334828][ T7147] ? __pfx_ksys_write+0x10/0x10 [ 138.334852][ T7147] ? rcu_is_watching+0x15/0xb0 [ 138.334891][ T7147] ? do_syscall_64+0xbe/0x3b0 [ 138.334923][ T7147] do_syscall_64+0xfa/0x3b0 [ 138.334951][ T7147] ? lockdep_hardirqs_on+0x9c/0x150 [ 138.334977][ T7147] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 138.335009][ T7147] ? clear_bhb_loop+0x60/0xb0 [ 138.335031][ T7147] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 138.335050][ T7147] RIP: 0033:0x7f1d2218e929 [ 138.335069][ T7147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 138.335086][ T7147] RSP: 002b:00007f1d23092038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 138.335107][ T7147] RAX: ffffffffffffffda RBX: 00007f1d223b5fa0 RCX: 00007f1d2218e929 [ 138.335122][ T7147] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000004 [ 138.335135][ T7147] RBP: 00007f1d23092090 R08: 0000000000000000 R09: 0000000000000000 [ 138.335148][ T7147] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 138.335159][ T7147] R13: 0000000000000000 R14: 00007f1d223b5fa0 R15: 00007fffb1b7faf8 [ 138.335182][ T7147] [ 139.819748][ T7147] CPU: 0 UID: 0 PID: 7147 Comm: syz.2.385 Not tainted 6.16.0-rc5-syzkaller-01231-g96698d1898bc #0 PREEMPT(full) [ 139.819768][ T7147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 139.819777][ T7147] Call Trace: [ 139.819785][ T7147] [ 139.819792][ T7147] dump_stack_lvl+0x189/0x250 [ 139.819814][ T7147] ? __pfx____ratelimit+0x10/0x10 [ 139.819832][ T7147] ? __pfx_dump_stack_lvl+0x10/0x10 [ 139.819848][ T7147] ? __pfx__printk+0x10/0x10 [ 139.819871][ T7147] should_fail_ex+0x414/0x560 [ 139.819892][ T7147] strncpy_from_user+0x36/0x290 [ 139.819912][ T7147] strncpy_from_user_nofault+0x72/0x150 [ 139.819936][ T7147] bpf_probe_read_compat_str+0xe2/0x180 [ 139.819954][ T7147] bpf_prog_c1796171ffc7efef+0x3e/0x44 [ 139.819966][ T7147] bpf_trace_run4+0x28e/0x4a0 [ 139.819986][ T7147] ? bpf_trace_run4+0x19c/0x4a0 [ 139.820006][ T7147] ? __pfx_bpf_trace_run4+0x10/0x10 [ 139.820024][ T7147] ? kvm_sched_clock_read+0x11/0x20 [ 139.820043][ T7147] ? sched_clock_cpu+0x74/0x430 [ 139.820060][ T7147] ? __bpf_trace_sched_switch+0x15f/0x1e0 [ 139.820082][ T7147] __bpf_trace_sched_switch+0x17a/0x1e0 [ 139.820103][ T7147] ? __pfx___bpf_trace_sched_switch+0x10/0x10 [ 139.820121][ T7147] ? psi_group_change+0xbc7/0x1210 [ 139.820138][ T7147] ? rcu_read_lock_sched_held+0x89/0x100 [ 139.820154][ T7147] ? __pfx_rcu_read_lock_sched_held+0x10/0x10 [ 139.820172][ T7147] ? psi_task_switch+0x314/0x6d0 [ 139.820190][ T7147] ? tracing_record_taskinfo_sched_switch+0x7d/0x370 [ 139.820210][ T7147] ? __pfx___bpf_trace_sched_switch+0x10/0x10 [ 139.820230][ T7147] __traceiter_sched_switch+0x9d/0xd0 [ 139.820251][ T7147] __schedule+0x2328/0x4d00 [ 139.820273][ T7147] ? _prb_read_valid+0xa07/0xa90 [ 139.820289][ T7147] ? console_flush_all+0x13a/0xc40 [ 139.820307][ T7147] ? preempt_schedule_common+0x83/0xd0 [ 139.820325][ T7147] ? __pfx___schedule+0x10/0x10 [ 139.820345][ T7147] ? __pfx___console_unlock+0x10/0x10 [ 139.820364][ T7147] ? preempt_schedule+0xae/0xc0 [ 139.820381][ T7147] preempt_schedule_common+0x83/0xd0 [ 139.820398][ T7147] preempt_schedule+0xae/0xc0 [ 139.820414][ T7147] ? __pfx_preempt_schedule+0x10/0x10 [ 139.820430][ T7147] ? console_unlock+0x21b/0x270 [ 139.820447][ T7147] ? __pfx_console_unlock+0x10/0x10 [ 139.820464][ T7147] preempt_schedule_thunk+0x16/0x30 [ 139.820477][ T7147] ? vprintk_emit+0x695/0x7a0 [ 139.820494][ T7147] vprintk_emit+0x69a/0x7a0 [ 139.820511][ T7147] ? __pfx_vprintk_emit+0x10/0x10 [ 139.820526][ T7147] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 139.820543][ T7147] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 139.820566][ T7147] _printk+0xcf/0x120 [ 139.820583][ T7147] ? __pfx____ratelimit+0x10/0x10 [ 139.820600][ T7147] ? __pfx__printk+0x10/0x10 [ 139.820622][ T7147] __nla_validate_parse+0x1719/0x2d40 [ 139.820635][ T7147] ? __sock_sendmsg+0x21c/0x270 [ 139.820650][ T7147] ? ____sys_sendmsg+0x505/0x830 [ 139.820669][ T7147] ? __pfx___nla_validate_parse+0x10/0x10 [ 139.820696][ T7147] __nla_parse+0x40/0x60 [ 139.820711][ T7147] genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 139.820730][ T7147] genl_family_rcv_msg_doit+0xb8/0x300 [ 139.820747][ T7147] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 139.820763][ T7147] ? rcu_is_watching+0x15/0xb0 [ 139.820779][ T7147] ? apparmor_capable+0x137/0x1b0 [ 139.820795][ T7147] ? bpf_lsm_capable+0x9/0x20 [ 139.820811][ T7147] ? security_capable+0x7e/0x2e0 [ 139.820832][ T7147] genl_rcv_msg+0x60e/0x790 [ 139.820848][ T7147] ? __pfx_genl_rcv_msg+0x10/0x10 [ 139.820860][ T7147] ? __pfx_hwsim_new_edge_nl+0x10/0x10 [ 139.820886][ T7147] netlink_rcv_skb+0x205/0x470 [ 139.820904][ T7147] ? __pfx_genl_rcv_msg+0x10/0x10 [ 139.820918][ T7147] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 139.820941][ T7147] ? down_read+0x1ad/0x2e0 [ 139.820961][ T7147] genl_rcv+0x28/0x40 [ 139.820973][ T7147] netlink_unicast+0x759/0x8e0 [ 139.820993][ T7147] netlink_sendmsg+0x805/0xb30 [ 139.821015][ T7147] ? __pfx_netlink_sendmsg+0x10/0x10 [ 139.821034][ T7147] ? aa_sock_msg_perm+0x94/0x160 [ 139.821054][ T7147] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 139.821074][ T7147] ? __pfx_netlink_sendmsg+0x10/0x10 [ 139.821092][ T7147] __sock_sendmsg+0x21c/0x270 [ 139.821121][ T7147] ____sys_sendmsg+0x505/0x830 [ 139.821134][ T7147] ? __pfx_____sys_sendmsg+0x10/0x10 [ 139.821157][ T7147] ? import_iovec+0x74/0xa0 [ 139.821172][ T7147] ___sys_sendmsg+0x21f/0x2a0 [ 139.821184][ T7147] ? __pfx____sys_sendmsg+0x10/0x10 [ 139.821207][ T7147] ? __fget_files+0x2a/0x420 [ 139.821224][ T7147] ? __fget_files+0x3a0/0x420 [ 139.821243][ T7147] __x64_sys_sendmsg+0x19b/0x260 [ 139.821256][ T7147] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 139.821271][ T7147] ? __pfx_ksys_write+0x10/0x10 [ 139.821284][ T7147] ? rcu_is_watching+0x15/0xb0 [ 139.821300][ T7147] ? do_syscall_64+0xbe/0x3b0 [ 139.821320][ T7147] do_syscall_64+0xfa/0x3b0 [ 139.821337][ T7147] ? lockdep_hardirqs_on+0x9c/0x150 [ 139.821354][ T7147] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.821366][ T7147] ? clear_bhb_loop+0x60/0xb0 [ 139.821380][ T7147] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.821393][ T7147] RIP: 0033:0x7f1d2218e929 [ 139.821406][ T7147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 139.821417][ T7147] RSP: 002b:00007f1d23092038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 139.821449][ T7147] RAX: ffffffffffffffda RBX: 00007f1d223b5fa0 RCX: 00007f1d2218e929 [ 139.821459][ T7147] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000004 [ 139.821467][ T7147] RBP: 00007f1d23092090 R08: 0000000000000000 R09: 0000000000000000 [ 139.821476][ T7147] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 139.821484][ T7147] R13: 0000000000000000 R14: 00007f1d223b5fa0 R15: 00007fffb1b7faf8 [ 139.821499][ T7147]