last executing test programs: 1m28.549949736s ago: executing program 4 (id=1306): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x6}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r1, 0x2000000, 0xe, 0xc, &(0x7f0000000500)="63eced8e46dc370adf33c981dfb3c9fe5c1457a16bf66e1e61ccb5086968e3ed0d06000000", 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 1m16.318027444s ago: executing program 4 (id=1306): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x6}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r1, 0x2000000, 0xe, 0xc, &(0x7f0000000500)="63eced8e46dc370adf33c981dfb3c9fe5c1457a16bf66e1e61ccb5086968e3ed0d06000000", 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 1m5.121448916s ago: executing program 4 (id=1306): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x6}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r1, 0x2000000, 0xe, 0xc, &(0x7f0000000500)="63eced8e46dc370adf33c981dfb3c9fe5c1457a16bf66e1e61ccb5086968e3ed0d06000000", 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 50.413500301s ago: executing program 4 (id=1306): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x6}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r1, 0x2000000, 0xe, 0xc, &(0x7f0000000500)="63eced8e46dc370adf33c981dfb3c9fe5c1457a16bf66e1e61ccb5086968e3ed0d06000000", 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 38.698756982s ago: executing program 4 (id=1306): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x6}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r1, 0x2000000, 0xe, 0xc, &(0x7f0000000500)="63eced8e46dc370adf33c981dfb3c9fe5c1457a16bf66e1e61ccb5086968e3ed0d06000000", 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 26.890312936s ago: executing program 4 (id=1306): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x6}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r1, 0x2000000, 0xe, 0xc, &(0x7f0000000500)="63eced8e46dc370adf33c981dfb3c9fe5c1457a16bf66e1e61ccb5086968e3ed0d06000000", 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 17.103553291s ago: executing program 0 (id=3198): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000015193bad5522f25efda10c10ebf0000000000000000000000000a2c000000060a000000"], 0x54}}, 0x0) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e000000080000000000180003801400038010000180040003"], 0x44}}, 0x0) 17.049007506s ago: executing program 0 (id=3202): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = epoll_create1(0x45e1c211144cdb31) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)={0x10000004}) r2 = socket$alg(0x26, 0x5, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0) bind$alg(r2, &(0x7f0000000180)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(md5)\x00'}, 0x58) r3 = accept$alg(r2, 0x0, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) accept4$llc(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0) sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)={0x34, r5, 0x1, 0x0, 0x0, {{}, {}, {0x18, 0x17, {0x0, 0x0, @l2={'ib', 0x3a, 'caif0\x00'}}}}}, 0x34}}, 0x0) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r8, 0x0, r10, 0x0, 0x8000f28, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0}, 0x90) splice(r9, 0x0, r6, 0x0, 0x7f, 0xe) write(r7, 0x0, 0x0) sendmmsg$sock(r3, &(0x7f000000af80)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f00000002c0)="86", 0xff03}], 0x1}}], 0xfffffdef, 0x0) r11 = socket$nl_generic(0x10, 0x3, 0x10) r12 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_GET(r11, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000600)={0x34, r12, 0x211, 0x0, 0x0, {0xf}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x7, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x0, 0x4, 0x0, 0x1, 0xac}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb}, 0x90) close(r0) 16.771447278s ago: executing program 2 (id=3209): socketpair(0x0, 0x0, 0x0, &(0x7f0000000000)) socket$kcm(0x2b, 0x1, 0x0) r0 = socket$kcm(0x10, 0x400000002, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000061101700000000000000000000000000bffd4dcb2efe6d14f7f82ebe4be755c4a95a2f7b8681cb2b09b41c798e7f6ef8fe21d5e5c182f49f1c42927fecca3b67c2d32ac5986a99c627916c89ca60a6c5c351eaba36a91c2f265ac3e99b5b9f393524a90a8a6e0589724443ff655f3bc20e"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001980)=[{&(0x7f0000000040)="100000002d000b02d25a806f8c6394f9101a04000a7401", 0x17}], 0x1}, 0x0) write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="934300004300338b4ab502000000000000", @ANYRES32, @ANYRES8=r0], 0xfe33) socket$kcm(0x2b, 0x1, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001e00)={0x1b, 0x0, 0x0, 0x4, 0x0, 0x1, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x3}, 0x48) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000a40)={0x1, 0x58, &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000a80), 0x4) r3 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000002740)={0x15, 0x16, &(0x7f00000034c0)=ANY=[@ANYBLOB="000028abc1186dcf2b7335974b26abb6efcec90ab16414b5ee9317fc81d305416ac61e48bada2a9c9476b9a3d948816ef0b1a300c13b70503b41e58f081a482de72d3c642c0db9b43757fdbe", @ANYRES32], 0x0, 0x2e2, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, 0x34, r2, 0x8, 0x0, 0x0, 0x10, &(0x7f00000024c0)={0x1, 0x0, 0x9, 0x1ff}, 0x10, 0x0, 0xffffffffffffffff, 0x2, &(0x7f00000026c0)=[r3], &(0x7f0000002700)=[{0x4, 0x4, 0xb, 0xa}, {0x2, 0x0, 0x0, 0x3}], 0x10, 0x5}, 0x90) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001e80)={0x1b, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', r1, 0xffffffffffffffff, 0x4, 0x1, 0x3}, 0x48) r4 = bpf$ITER_CREATE(0x21, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002d40)={0x11, 0x13, &(0x7f0000002b80)=ANY=[@ANYBLOB="03000000090000000000000067faffff186000000300000000000000030000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000001840000006000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70200000000000085000000860000009500000000000000"], 0x0, 0x5, 0x20, &(0x7f0000002c80)=""/32, 0x41000, 0x0, '\x00', r1, 0x0, r4, 0x8, 0x0, 0x0, 0x10, &(0x7f0000002d00)={0x0, 0x0, 0x0, 0x7f}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffff01}, 0x90) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000c00)={{r4}, &(0x7f0000000980), &(0x7f0000000bc0)='%-010d \x00'}, 0x20) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000023c0)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000ffffffff7a0af0fff8ffff5979a4f0ff00000000b7060000ffffffff2d6405000000000065040400014741001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000004000095000000000000006623848adf1dc9a764ab51a064e0ff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b01ddaa52e8756ad60a07d6f27c125e16d024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18ebf608d87b885297b6a79819782748b376358c33c9f53bfd989b1ca58949a54d5827df14feecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b77aafa63b9dd5fa5c53e9c37251709f1ff7f0000f07bf7f53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd7e43fe1ca8345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1777b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d0842835e81c358ebe73af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d99000000110000fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b27113ad4c7915c8f82c333a7b350802f0311807010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d637d406160ffaffffffb4e0bde6749aa52c408b74251914c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000000ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc36d5aa23bff8cce0600fcff00000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68fd36a03353a55a8a89b60317cd78ea1dc8e0f77f2c1e68ec7c01bd5a2028a8fc107007f3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f942cc750399d90296171fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2b4492510134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2e20ab1f05fc44ae9ae094c1b81d3ef947692b44d2afb09c7498dedf0f87c38bbcab7357836f03e8a7c392e535694a3ead2de11e6b1781e2a018c0ada7bc7f0eb2d678f23c07ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f60033fc32f68ea86a2df1e76fe27dfdff1cf9194849c4cc0da9533e5983693e526a7dc0d8728f3b573ca4427bdb44df9341e9b8050e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9247b51d92e0993af4beaf1f3f47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2402045cae150a7016f1a90716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed88631be6411f9927fe9f83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c277648475002e2c62681bd07331422a6e47bbd40857d52c4894944fae5c500000000000000ff00000000de784314b8fd419216b48d0f353c11ae185749fa9ac7dfa16bc5c23a23f74b17a7f1b2d799480f33faa3537a910d6ca02f48b0e69beb1119f106ea59195dbc72e17a5dc8c3d131d82f067e29dc39665dff39fb6347b374aaaf6e65efde3fc6202bf29ccfcb08caf18d668a462493aa82e76affba9c9af31d1c23237aa6eccfadfaf794bb1004c07b21ac6ed77718098b2f722bd05fea3561b86b2838a8de5b4f91d6aba95dc9f4464a024be4d0d8d04f5023e7e19e503624d39a43c7b310de519b40738ff9a623065c06d69d16d4a46ff300022fee47803989b7e916254e0fb9e1c8b07d8a4b8b692a75a32e6ed2caeaa7c258c47fe6143cd9e90b801eff78cd4e402374e0e4ca07b7f17254e3d2f0a2a1bac6fde8a15e3ef3588065524d41966fb3915e804c53201efee751ec294584d23d9008bdf046f55c030ab941a0b8723412127efb3eac0ccf68133c76770d5e7dabcc48d47685404cc540535ed70df75c24660d85f9c9a245185c7da217d1c3743db85db67b9b8a8f00af02367429f6f0b53c169c4356751bf68745dbde055e1722ae256ae53ae637a1431855d16dfa91d82a021a4b2dbb50bf6d59fdd0c9bc84cd7d544de2523b6ce8aaeb94bfba75079f7455204ccca02bd389d8409b2effe9b88e301ac4fe28752386a0678a3f54b2bdf56f927ddd6b0ac98b2b505f668597455ada51ba95ab852b49373a11ff31dcd82474b51498f65e0601bcdd23acb4c01bcd2f3e1ad378d14c07d923087d3518369710b70ffb0b523dc4f00f275c381fe1c091e478b04d5e4a9f75b4072acb005a83c25625ab7a351a68977177e27a1bf112114eb10250c2b9dca234f8967f0439696a2345e747b5f1d8c4bec86d8e8f2eb121ea0159615e7d475d45837921c2c0c3f9e683ac8000214a657c9f0a00000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000880), 0xfffffffffffffddd}, 0x48) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={r5, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) r7 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r6}, 0x4) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000840)={r7, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffe05, 0x0, 0x0, 0x0, 0x96, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x8, 0x0, 0x0}}, 0x4) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$MAP_CREATE(0x18000000, &(0x7f0000000040)=@base={0x2, 0x4, 0x800004, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', r8}, 0x48) 16.682609459s ago: executing program 0 (id=3211): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0xffffffff}, 0x90) connect$inet(0xffffffffffffffff, 0x0, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) sendmsg$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) shutdown(0xffffffffffffffff, 0x0) close(0xffffffffffffffff) bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0) socket$kcm(0x10, 0x2, 0x4) r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x51, &(0x7f0000000100)=[{&(0x7f00000006c0)="5c03320013006bcd9e3fe3dc6e48aa31086b8703110000001f00000000000000040014000d000a000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0) 16.571458058s ago: executing program 2 (id=3212): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000015193bad5522f25efda10c10ebf0000000000000000000000000a2c000000060a000000"], 0x54}}, 0x0) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e000000080000000000180003801400038010000180040003"], 0x44}}, 0x0) 16.57103746s ago: executing program 0 (id=3213): socketpair$unix(0x1, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000700)={{r0}, &(0x7f0000000680), &(0x7f00000006c0)}, 0x20) socket$nl_route(0x10, 0x3, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000002fc0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001380)=@ipv4_newroute={0x24, 0x1a, 0x1, 0x0, 0x0, {}, [@RTA_TABLE={0x8}]}, 0x24}}, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vlan1\x00'}) socket$rxrpc(0x21, 0x2, 0xa) r2 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_INIT(r2, 0x29, 0xc8, &(0x7f0000000340), 0x4) setsockopt$MRT6_ADD_MIF(r2, 0x29, 0xca, &(0x7f0000000000)={0x0, 0x1}, 0xc) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x0, 0x2, 0x3, 0x0, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x75, r3}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r4}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) close(r2) r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001280), 0x17) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000400)={r5}, 0x4) r6 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_STAT_DEL(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="3800000012140100000000000000000008004f000100000008004b00130000ed070003"], 0x38}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000dc0)={0x6, 0x9, &(0x7f0000000240)=ANY=[@ANYBLOB="1c000000000000000000000000009e0018200000", @ANYRES32=r5, @ANYBLOB="000000000000000081300000000000008500000091000000185300000400000000000000000000009500000000000000"], &(0x7f0000000140)='syzkaller\x00'}, 0x90) r7 = bpf$ITER_CREATE(0x21, &(0x7f0000000100), 0x8) connect$rxrpc(r7, &(0x7f00000000c0)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x2}}, 0x24) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000180)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="760ae2ffffffffff6011540000000000180000000000000000000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='afs_make_fs_call1\x00', r7}, 0x10) 16.437462101s ago: executing program 2 (id=3216): bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x16, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000b0093b97404f49dc105300da85000095"], &(0x7f0000000600)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x90) socketpair(0x21, 0x3, 0x800, &(0x7f0000000040)) 16.339336805s ago: executing program 2 (id=3217): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000800000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='contention_end\x00', r0}, 0x10) socket$inet6_sctp(0xa, 0x5, 0x84) socket(0x840000000002, 0x3, 0x100) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90) socket$nl_route(0x10, 0x3, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x3, 0x3a) socket$nl_route(0x10, 0x3, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000001100000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socket$nl_netfilter(0x10, 0x3, 0xc) r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), 0xffffffffffffffff) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) sendmsg$NBD_CMD_CONNECT(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="90000000", @ANYRES16=r2, @ANYBLOB="01000000000000000000010000000c00050000000000000000000c0002000000000000000000040007800c000800000000000000000008000100000000004400078008000100", @ANYRES32, @ANYBLOB="38000100", @ANYRES32=r3, @ANYBLOB="64800400", @ANYRES32, @ANYBLOB='\x00 \x00\x00', @ANYRES32, @ANYBLOB="08000100", @ANYRES32], 0x90}}, 0x0) 16.339092842s ago: executing program 1 (id=3218): r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'caif0\x00'}) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x2c, &(0x7f00000000c0)=[@in6={0xa, 0x4e20, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @in={0x2, 0x4e22, @loopback}]}, &(0x7f0000000180)=0x10) r2 = socket$netlink(0x10, 0x3, 0x4) writev(r2, &(0x7f0000000000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560a84476080ffe00600000000590000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x40b}], 0x1) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000240)={'wlan0\x00'}) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000340)={'#! ', '', [], 0xa, "fe8405665b961a2cecd2189bbb9ceb003790437c2414985810480da2fa4b4db9810ceb32d0de368ca13d317c5828faa1ea628e3404d370acd13f20bc4486883e28b7e144471a399c4e"}, 0x4d) mmap(&(0x7f000006f000/0x4000)=nil, 0x4000, 0x7, 0x10012, r3, 0x6420f000) ioctl$FS_IOC_GETFSMAP(r3, 0x40305839, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000002"]) socket$packet(0x11, 0x3, 0x300) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x3, 0x0, 0x0}, 0x90) socket$packet(0x11, 0x0, 0x300) socket$nl_route(0x10, 0x3, 0x0) socket(0x2a, 0x5, 0xfffffffd) sendmsg$BATADV_CMD_GET_MESH(r3, 0x0, 0x0) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.current\x00', 0x275a, 0x0) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_emit_ethernet(0x66, &(0x7f0000000400)=ANY=[@ANYBLOB="0580c20000000180c200000008004500005800000000002f90780000000000000000248065580000000010000800000086dd080088be00000000100000000100000000000000080022eb00000000200000000200000000008000000000000800655800000000"], 0x0) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=""/103, &(0x7f0000000600), &(0x7f0000001b40), 0x80, 0xffffffffffffffff, 0x0, 0x7}, 0x38) ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1000000}) r4 = socket$inet6(0xa, 0x800000000000002, 0x0) connect$inet6(r4, &(0x7f0000000940)={0x8, 0x0, 0x0, @rand_addr=' \x01\x00', 0x80000005}, 0x1c) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f00000002c0)={r2, 0xc, 0x6, 0x376}) 16.278968859s ago: executing program 0 (id=3220): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0xfff) syz_emit_ethernet(0x4a, &(0x7f0000000240)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000280)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x11, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 16.187442937s ago: executing program 2 (id=3221): r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000cc6000000000000000000000008dcf0e617798c5a9c359bdd802202ea4b9c846b4005899662b63291be9f0c85b5a03a35b798eaafa25f0c35e6374faf23c1210cc17c244ab58744d9f5cc370931d0ae902d6fd5faed01ba6b4c2c8be53aa4b63ebb05c8717753919b225c774fb18d68ca2cf976e5eb4fdd2a64be545b4d962786a9fdebdc56d7ac2bcaad884b9e5c771520469e07bf176e2f013d89e2561b6d6045760f65455b79e1338b7d6a141bf57f97a9ef13865b442f169852455846c4c71fefd4b9ceace00853cf76a624834ddd09a830f18a0d5681642075533779988ac334e66cb0ed22d6b4b03e75075f474a3dbb074fe0589c4a53cc123bad6cd4381d17e110fa40834aa3cfab9a59cb2b4d2e88ddba7b3680575c2204082e8"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xa}, 0x80) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000004f00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000009800000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0x0, 0xe, 0x0, &(0x7f0000000300)="14fd54ab72df97e6256c00000000", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) mmap(&(0x7f000009e000/0x4000)=nil, 0x4000, 0x0, 0x28011, r3, 0x0) mmap(&(0x7f000009e000/0x4000)=nil, 0x4000, 0x2800007, 0x8032, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000080)={0x0, 0x10, 0x3, 0x81, 0xa, 0x4, 0x5, 0x7f, {0x0, @in6={{0xa, 0x4e21, 0x2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x5}}, 0x0, 0x6, 0x1, 0x9, 0x1}}, &(0x7f0000000000)=0xb0) setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000140)={r4, 0x3, 0x20}, 0xc) 16.144616648s ago: executing program 0 (id=3223): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0xfff) syz_emit_ethernet(0x4a, &(0x7f0000000240)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000000)) sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=@newtaction={0x18, 0x30, 0xffff, 0x0, 0x0, {0x0, 0x0, 0x1300}, [{0x4}]}, 0x18}}, 0x0) syz_emit_ethernet(0x2a, &(0x7f0000000140)={@link_local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast=0xe0000001}, {0x0, 0xe21, 0x8}}}}}, 0x0) unshare(0x62040200) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0) openat$cgroup_ro(r2, &(0x7f00000001c0)='cpuacct.usage_all\x00', 0x0, 0x0) r3 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000080)={0x1}, 0x10) write(r3, &(0x7f0000000100)="240000001a00030000000000001503000a00000000000000000000000400000000000000", 0x24) r4 = socket$rxrpc(0x21, 0x2, 0xa) sendmsg$inet(r4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@ip_tos_int={{0x14, 0x110, 0xd, 0x4000000}}], 0x18, 0x4c00}, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x8, 0x4, 0x4, 0xff}, 0x48) ioctl$sock_netdev_private(r4, 0x89f0, &(0x7f0000000300)="ae594b0716c6b1817c7b140ece48ac6708d63f569609b57191b6126b1c1537b35c07da7af46fb460a53f9f4c4244697bdf1ec015120e19307c654787eb5979f02e1c9aea75e38c69b38caaeb90f36e26c66e59ea886662d808be04f4b8a15b97795fadbd0137144280b36cc24c56a018e60815b31669cfe9031dcd667226ec86309daada7f752730ad436e406636c30aee4aa1f16b8ba049a65ffc53b89571ad9156f14685557a94170ca055d226ecb85e976bc4d7a21aa09a161d098d5ff7f1158a") bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x3, 0x8, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000000015f3fb36000000bf7a9b74ae0000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7030000000000008500000021000000b7000000000000009500000000000000"], &(0x7f0000000200)='GPL\x00'}, 0x90) unshare(0x0) r6 = socket$igmp(0x2, 0x3, 0x2) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00'}, 0x90) getsockopt$EBT_SO_GET_ENTRIES(r6, 0x0, 0x81, &(0x7f0000005400)={'filter\x00', 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xffffffffffffffff], 0x0, 0x0, 0x0}, &(0x7f0000005480)=0x78) syz_emit_ethernet(0x4a, &(0x7f0000000280)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 16.125534347s ago: executing program 1 (id=3224): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$key(0xf, 0x3, 0x2) socket$nl_route(0x10, 0x3, 0x0) socket$unix(0x1, 0x2, 0x0) bind$unix(0xffffffffffffffff, &(0x7f0000000080)=@file={0x0, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r1 = socket$unix(0x1, 0x2, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = socket$xdp(0x2c, 0x3, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20) clock_gettime(0x0, &(0x7f0000000280)) ppoll(&(0x7f0000000240)=[{r2, 0xe25c9a466c376ce5}], 0x1, 0x0, 0x0, 0x0) setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f0000000040)=0x20, 0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'xfrm0\x00', 0x0}) setsockopt$XDP_UMEM_COMPLETION_RING(r2, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4) setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4) bind$xdp(r2, &(0x7f0000000100)={0x2c, 0x0, r4}, 0x10) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket(0x1, 0x803, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001e80)=0x14) sendmsg$nl_route(r5, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000001c0)=ANY=[@ANYBLOB="200000001100030400"/20, @ANYRES32=r7, @ANYBLOB="07000000000000006f10d4cc8d6d9c1e31347105190f955b5d4fba800c98781b80bbc3774850489988d1a4949fac112f1c7414126c6274"], 0x20}}, 0x0) sendmsg$unix(r1, &(0x7f0000000140)={&(0x7f0000000300)=@file={0x0, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000580)=[@rights={{0x14, 0x1, 0x1, [r0]}}], 0x18}, 0x0) sendmmsg(r1, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x0) r8 = socket$alg(0x26, 0x5, 0x0) bind$alg(r8, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r8, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) 16.063443815s ago: executing program 2 (id=3225): bind$rds(0xffffffffffffffff, 0x0, 0x0) sendmsg$rds(0xffffffffffffffff, 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000180)={'rose0\x00', 0x112}) preadv(r0, &(0x7f0000000040)=[{&(0x7f0000000240)=""/17, 0x11}], 0x1, 0x0, 0x0) socketpair(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$inet6(r1, &(0x7f0000003300)=[{{0x0, 0x0, &(0x7f0000002700)=[{&(0x7f0000000180)="1c", 0x1}], 0x1}}], 0x1, 0x0) ioctl$sock_inet_tcp_SIOCATMARK(r2, 0x8905, &(0x7f0000000000)) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@bloom_filter={0x1e, 0x9, 0x8, 0x1, 0x34e, r3, 0x80000000, '\x00', 0x0, r3, 0x2, 0x5, 0x1000000, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYRES32=r4, @ANYRESDEC, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000057"], 0x0}, 0x90) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r6 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r6, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="84010000100001000000000000000000e0000002000000000000000000000000fc01000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000006c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005d96a41f000000000000000a0000000000000000000000480003006c7a7300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004c001400726d643136302d67656e6572696300"/316], 0x184}}, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r7, 0x8946, &(0x7f0000000000)={'netdevsim0\x00', &(0x7f0000000400)=@ethtool_flash={0xf, 0x0, '.\x00'}}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0xe, &(0x7f00000002c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0ff1100001f79a4f0ff00000000b706000000000081ad64020000000000450404"], 0x0}, 0x90) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r8) sendmsg$NLBL_CIPSOV4_C_ADD(r8, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000002c0)=ANY=[@ANYBLOB="6c010000", @ANYRES16=r9, @ANYBLOB="010000000000000000000100000004000480080002000100000008000100000000000400088040010c8054000b80080009"], 0x16c}}, 0x0) r10 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000300)={'rose0\x00', 0x0}) r12 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r12, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000a00)=ANY=[@ANYBLOB="2000000011000100"/20, @ANYRES32=r11], 0x20}}, 0x0) 12.77869564s ago: executing program 3 (id=3230): socket$netlink(0x10, 0x3, 0x0) r0 = socket(0x10, 0x2, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140), 0x24}}, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000021c0)=@newtfilter={0x550, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {}, {0xe}}, [@filter_kind_options=@f_u32={{0x8}, {0x524, 0x2, [@TCA_U32_SEL={0x474, 0x5, {0x5, 0x18, 0x0, 0x4f, 0x3, 0xff, 0x1000, 0x7, [{0x5, 0x0, 0x1ff, 0x400}, {0x63, 0x7, 0x5, 0x3f}, {0x5, 0x6, 0x1, 0xff}, {0x8001, 0x0, 0x128c45f3, 0x8}, {0xdbc, 0x4, 0x2, 0xffffff34}, {0x3, 0x80000000, 0x7e25be85, 0x9}, {0xfff, 0x101}, {0x6, 0x4, 0x0, 0xa0}, {0x3f, 0x1, 0x10001, 0x20}, {0xffffffff, 0xd1, 0x3fe, 0x80000000}, {0x7, 0x7fff, 0x8, 0x9}, {0x6, 0x2, 0x40, 0x7}, {0x3, 0x8c, 0x81}, {0x10001, 0x0, 0x3, 0x409}, {0x3c, 0x1, 0x2, 0x8}, {0x1, 0x0, 0x4, 0xcca6}, {0x0, 0xfff, 0x8}, {0x6, 0x9a5, 0x2, 0xce0}, {0x0, 0x7fff}, {0x40ac, 0x3ff, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0xff}, {}, {0x5, 0x1ff, 0x0, 0x2}, {0x4, 0x0, 0x7fffffff, 0x8}, {0x0, 0x0, 0x0, 0x1ff}, {0x101, 0x4, 0x6, 0x9}, {0x0, 0x1ff, 0xfffffff7}, {0x0, 0x0, 0x0, 0x1}, {0x7, 0x1, 0x401, 0x7}, {0x3, 0x0, 0x100, 0xea6}, {0x9, 0x8, 0x80000000, 0xc689}, {0x0, 0x7f, 0x1}, {0x0, 0x0, 0x8, 0xffff}, {}, {0x3c, 0x4, 0x7fffffff, 0x7f}, {0x40, 0x53, 0x8, 0x5}, {0x0, 0x64f, 0x9}, {0x6, 0xffffffff, 0x1, 0x401}, {}, {0x5, 0x1000, 0x7, 0x1}, {0x0, 0x200}, {0xa}, {}, {0x0, 0x400, 0x7, 0x2}, {0x8001, 0x2, 0x5, 0xfff}, {0x7, 0x4, 0x63}, {0x7fff, 0x1, 0xb, 0x5}, {0x2, 0x3, 0x57, 0x5}, {0x401}, {0x0, 0x8a4, 0x0, 0x2}, {}, {0xff, 0x5bb, 0x42, 0x6}, {}, {0x7, 0x0, 0xffff}, {0x0, 0x0, 0x0, 0x4d}, {0x0, 0x8, 0x8, 0x200}, {}, {0x1, 0x4, 0x0, 0x7}, {0x6, 0xfffffff8, 0x4, 0x2}, {0x100, 0xe530, 0x2, 0x40}, {0x0, 0x0, 0x7, 0x4}, {0x6f, 0x0, 0xfffffffd}, {0x2}, {0x0, 0xa4e, 0x400}, {0x66e, 0x80000000, 0x7, 0x1}, {0x5, 0x0, 0x430, 0x8}, {0x50, 0x0, 0x81, 0x9}, {0x0, 0x8e}, {0x6, 0x9, 0x3, 0x6}, {0x8e, 0xc, 0x2, 0x6}]}}, @TCA_U32_CLASSID={0x8, 0x1, {0xfff2, 0x7}}, @TCA_U32_LINK={0x8, 0x3, 0xc52}, @TCA_U32_MARK={0x10, 0xa, {0x0, 0x1ff}}, @TCA_U32_ACT={0x8c, 0x7, [@m_vlan={0x88, 0x0, 0x0, 0x0, {{0x9}, {0x5c, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_ID={0x6}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0x3ff, 0x0, 0x10000000, 0x74}}}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0xa95}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x88a8}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x4}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0x0, 0x80000000, 0x4, 0x8, 0x7}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}}]}, 0x550}}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) 12.752148129s ago: executing program 3 (id=3231): r0 = socket(0x10, 0x3, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000000d0000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000be000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b}, 0x42) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000c80)={r1, 0x2000012, 0x100e, 0x2, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0x7ffe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'sit0\x00', 0x0}) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r7, 0x0, r8, 0x0, 0x8000f28, 0x0) ioctl$int_in(r8, 0x5452, &(0x7f00000000c0)=0x4) write(r6, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f0000000ec0)={'wpan0\x00'}) sendmsg$NL802154_CMD_DEL_SEC_KEY(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x30, r3, 0x200, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_SEC_KEY={0x10, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_ID={0xc, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0xffffffff}]}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x40840}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="480000006800010000000000000000000a000000000000000c0008800800030000000000060007000200000008000500", @ANYRES32=r2, @ANYBLOB="140006"], 0x48}}, 0x0) 7.91854967s ago: executing program 1 (id=3232): socket$netlink(0x10, 0x3, 0x0) r0 = socket(0x10, 0x2, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140), 0x24}}, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000021c0)=@newtfilter={0x540, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {}, {0xe}}, [@filter_kind_options=@f_u32={{0x8}, {0x514, 0x2, [@TCA_U32_SEL={0x464, 0x5, {0x5, 0x18, 0x0, 0x4f, 0x3, 0xff, 0x1000, 0x7, [{0x5, 0x0, 0x1ff, 0x400}, {0x63, 0x7, 0x5, 0x3f}, {0x5, 0x6, 0x1, 0xff}, {0x8001, 0x0, 0x128c45f3, 0x8}, {0xdbc, 0x4, 0x2, 0xffffff34}, {0x3, 0x80000000, 0x7e25be85, 0x9}, {0xfff, 0x101}, {0x6, 0x4, 0x0, 0xa0}, {0x3f, 0x1, 0x10001, 0x20}, {0xffffffff, 0xd1, 0x3fe, 0x80000000}, {0x7, 0x7fff, 0x8, 0x9}, {0x6, 0x2, 0x40, 0x7}, {0x3, 0x8c, 0x81}, {0x10001, 0x0, 0x3, 0x409}, {0x3c, 0x1, 0x2, 0x8}, {0x1, 0x0, 0x4, 0xcca6}, {0x0, 0xfff, 0x8}, {0x6, 0x9a5, 0x2, 0xce0}, {0x0, 0x7fff}, {0x40ac, 0x3ff, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0xff}, {}, {0x5, 0x1ff, 0x0, 0x2}, {0x4, 0x0, 0x7fffffff, 0x8}, {0x0, 0x0, 0x0, 0x1ff}, {0x101, 0x4, 0x6, 0x9}, {0x0, 0x1ff, 0xfffffff7}, {0x0, 0x0, 0x0, 0x1}, {0x7, 0x1, 0x401, 0x7}, {0x3, 0x0, 0x100, 0xea6}, {0x9, 0x8, 0x80000000, 0xc689}, {0x0, 0x7f, 0x1}, {0x0, 0x0, 0x8, 0xffff}, {}, {0x3c, 0x4, 0x7fffffff, 0x7f}, {0x40, 0x53, 0x8, 0x5}, {0x0, 0x64f, 0x9}, {0x6, 0xffffffff, 0x1, 0x401}, {}, {0x5, 0x1000, 0x7, 0x1}, {0x0, 0x200}, {0xa}, {}, {0x0, 0x400, 0x7, 0x2}, {0x8001, 0x2, 0x5, 0xfff}, {0x7, 0x4, 0x63}, {0x7fff, 0x1, 0xb, 0x5}, {0x2, 0x3, 0x57, 0x5}, {0x401}, {0x0, 0x8a4, 0x0, 0x2}, {}, {0xff, 0x5bb, 0x42, 0x6}, {}, {0x7, 0x0, 0xffff}, {0x0, 0x0, 0x0, 0x4d}, {0x0, 0x8, 0x8, 0x200}, {}, {0x1, 0x4, 0x0, 0x7}, {0x6, 0xfffffff8, 0x4, 0x2}, {0x100, 0xe530, 0x2, 0x40}, {0x6f, 0x0, 0xfffffffd}, {0x2}, {0x0, 0xa4e, 0x400}, {0x66e, 0x80000000, 0x7, 0x1}, {0x5, 0x0, 0x430, 0x8}, {0x50, 0x0, 0x81, 0x9}, {0x0, 0x8e}, {0x6, 0x9, 0x3, 0x6}, {0x8e, 0xc, 0x2, 0x6}]}}, @TCA_U32_CLASSID={0x8, 0x1, {0xfff2, 0x7}}, @TCA_U32_LINK={0x8, 0x3, 0xc52}, @TCA_U32_MARK={0x10, 0xa, {0x0, 0x1ff}}, @TCA_U32_ACT={0x8c, 0x7, [@m_vlan={0x88, 0x0, 0x0, 0x0, {{0x9}, {0x5c, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_ID={0x6}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0x3ff, 0x0, 0x10000000, 0x74}}}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0xa95}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x88a8}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x4}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0x0, 0x80000000, 0x4, 0x8, 0x7}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}}]}, 0x540}}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) 7.916632266s ago: executing program 3 (id=3233): r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f00000004c0)=ANY=[@ANYBLOB="9feb01001800000000000000340000003400ff0002000000040000000000000c0500000000000000010000850000000000000000fffbffff00000000ffff00000000000000000051ffcb9302e9fede00000000000000"], 0x0, 0x4e}, 0x20) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="3c00000010000d00000000000000000080000000", @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800b00010067656e65766500000c000280"], 0x3c}}, 0x0) syz_emit_ethernet(0x76, &(0x7f00000001c0)=ANY=[@ANYBLOB="0180c200000086082b9827c186dd60cb3e0200403a00fc020000000000000000000000000000ff0a00000000000000000000000006773c492cb8935ea8425cb3000104009078000000006002000000001100fe880000000000000000000000000001fe8000000000000000000000000000aa000000"], 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0x2, 0x2, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x6, 0x1}, 0x48) socket$inet_smc(0x2b, 0x1, 0x0) r1 = socket$tipc(0x1e, 0x2, 0x0) r2 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000000), 0x10) bind$tipc(r1, &(0x7f0000000140)=@name={0x1e, 0x2, 0x1, {{0x2}, 0x3}}, 0x10) bind$tipc(r1, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) r3 = socket$tipc(0x1e, 0x4, 0x0) setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x83f}, 0x10) bind$tipc(r1, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2}}}, 0x10) sendmsg$tipc(r1, &(0x7f0000001b40)={&(0x7f0000000200)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2}, 0x2000000}}, 0x10, 0x0}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) socket$packet(0x11, 0x0, 0x300) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @dev}, 0x10) r4 = socket$inet(0x2, 0x0, 0x0) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @empty}, 0x10) syz_init_net_socket$llc(0x1a, 0x801, 0x0) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) pselect6(0x40, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x1b, 0x8000}, 0x0, &(0x7f0000000180)={0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, &(0x7f00000001c0)={0x0, 0x3938700}, 0x0) write$binfmt_elf64(r4, &(0x7f0000001340)=ANY=[], 0xa89) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000480)={r0, 0x20, &(0x7f0000000440)={&(0x7f0000000580)=""/4096, 0x1000, 0x0, &(0x7f0000001580)=""/211, 0xd3}}, 0x10) 7.00748752s ago: executing program 3 (id=3234): r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'caif0\x00'}) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x2c, &(0x7f00000000c0)=[@in6={0xa, 0x4e20, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @in={0x2, 0x4e22, @loopback}]}, &(0x7f0000000180)=0x10) r2 = socket$netlink(0x10, 0x3, 0x4) writev(r2, &(0x7f0000000000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560a84476080ffe00600000000590000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x40b}], 0x1) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000240)={'wlan0\x00'}) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000340)={'#! ', '', [], 0xa, "fe8405665b961a2cecd2189bbb9ceb003790437c2414985810480da2fa4b4db9810ceb32d0de368ca13d317c5828faa1ea628e3404d370acd13f20bc4486883e28b7e144471a399c4e"}, 0x4d) mmap(&(0x7f000006f000/0x4000)=nil, 0x4000, 0x7, 0x10012, r3, 0x6420f000) ioctl$FS_IOC_GETFSMAP(r3, 0x40305839, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000002"]) socket$packet(0x11, 0x3, 0x300) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x3, 0x0, 0x0}, 0x90) socket$packet(0x11, 0x0, 0x300) socket$nl_route(0x10, 0x3, 0x0) socket(0x2a, 0x5, 0xfffffffd) sendmsg$BATADV_CMD_GET_MESH(r3, 0x0, 0x0) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.current\x00', 0x275a, 0x0) ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628) pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_emit_ethernet(0x66, &(0x7f0000000400)=ANY=[@ANYBLOB="0580c20000000180c200000008004500005800000000002f90780000000000000000248065580000000010000800000086dd080088be00000000100000000100000000000000080022eb00000000200000000200000000008000000000000800655800000000"], 0x0) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=""/103, &(0x7f0000000600), &(0x7f0000001b40), 0x80, 0xffffffffffffffff, 0x0, 0x7}, 0x38) ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1000000}) r4 = socket$inet6(0xa, 0x800000000000002, 0x0) connect$inet6(r4, &(0x7f0000000940)={0x8, 0x0, 0x0, @rand_addr=' \x01\x00', 0x80000005}, 0x1c) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f00000002c0)={r2, 0xc, 0x6, 0x376}) 4.937231101s ago: executing program 1 (id=3237): r0 = socket(0x11, 0x800000003, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000400)=@newqdisc={0xb4, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x84, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [], 0x0, [0x8, 0x4], [0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x20, 0x2, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8}, @TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8}, @TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0xcb2}]}]}]}}]}, 0xb4}}, 0x0) 4.933102049s ago: executing program 3 (id=3238): sendmsg$NL802154_CMD_NEW_SEC_LEVEL(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="8c0000"], 0x8c}}, 0x0) r0 = socket$kcm(0x2b, 0x1, 0x0) sendmsg$inet(r0, &(0x7f0000000040)={&(0x7f00000000c0)={0x2, 0x4001, @loopback}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x2000488c) setsockopt$sock_attach_bpf(r0, 0x1, 0xd, &(0x7f0000000080), 0x24) recvmsg$kcm(r0, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0) close(r0) 4.869839557s ago: executing program 1 (id=3239): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x1c, &(0x7f0000000100)=[@in6={0xa, 0x0, 0x0, @private0}]}, &(0x7f0000000180)=0x10) shutdown(r0, 0x1) getsockopt$bt_hci(r0, 0x84, 0x22, &(0x7f0000003280)=""/4104, &(0x7f0000001080)=0x1008) 207.473982ms ago: executing program 3 (id=3240): syz_emit_ethernet(0x3e, &(0x7f00000003c0)={@multicast, @random="68d4e408348b", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x8, 0x3a, 0x0, @ipv4={'\x00', '\xff\xff', @local}, @mcast2, {[], @echo_reply}}}}}, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, 0x0) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f00000003c0)=ANY=[@ANYBLOB="000086dd02000300"], 0xfdef) 0s ago: executing program 1 (id=3241): socket$netlink(0x10, 0x3, 0x0) r0 = socket(0x10, 0x2, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140), 0x24}}, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000021c0)=@newtfilter={0x550, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {}, {0xe}}, [@filter_kind_options=@f_u32={{0x8}, {0x524, 0x2, [@TCA_U32_SEL={0x474, 0x5, {0x5, 0x18, 0x0, 0x4f, 0x3, 0xff, 0x1000, 0x7, [{0x5, 0x0, 0x1ff, 0x400}, {0x63, 0x7, 0x5, 0x3f}, {0x5, 0x6, 0x1, 0xff}, {0x8001, 0x0, 0x128c45f3, 0x8}, {0xdbc, 0x4, 0x2, 0xffffff34}, {0x3, 0x80000000, 0x7e25be85, 0x9}, {0xfff, 0x101}, {0x6, 0x4, 0x0, 0xa0}, {0x3f, 0x1, 0x10001, 0x20}, {0xffffffff, 0xd1, 0x3fe, 0x80000000}, {0x7, 0x7fff, 0x8, 0x9}, {0x6, 0x2, 0x40, 0x7}, {0x3, 0x8c, 0x81}, {0x10001, 0x0, 0x3, 0x409}, {0x3c, 0x1, 0x2, 0x8}, {0x1, 0x0, 0x4, 0xcca6}, {0x0, 0xfff, 0x8}, {0x6, 0x9a5, 0x2, 0xce0}, {0x0, 0x7fff}, {0x40ac, 0x3ff, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0xff}, {}, {0x5, 0x1ff, 0x0, 0x2}, {0x4, 0x0, 0x7fffffff, 0x8}, {0x0, 0x0, 0x0, 0x1ff}, {0x101, 0x4, 0x6, 0x9}, {0x0, 0x1ff, 0xfffffff7}, {0x0, 0x0, 0x0, 0x1}, {0x7, 0x1, 0x401, 0x7}, {0x3, 0x0, 0x100, 0xea6}, {0x9, 0x8, 0x80000000, 0xc689}, {0x0, 0x7f, 0x1}, {0x0, 0x0, 0x8, 0xffff}, {}, {0x3c, 0x4, 0x7fffffff, 0x7f}, {0x40, 0x53, 0x8, 0x5}, {0x0, 0x64f, 0x9}, {0x6, 0xffffffff, 0x1, 0x401}, {}, {0x5, 0x1000, 0x7, 0x1}, {0x0, 0x200}, {0xa}, {}, {0x0, 0x400, 0x7, 0x2}, {0x8001, 0x2, 0x5, 0xfff}, {0x7, 0x4, 0x63}, {0x7fff, 0x1, 0xb, 0x5}, {0x2, 0x3, 0x57, 0x5}, {0x401}, {0x0, 0x8a4, 0x0, 0x2}, {}, {0xff, 0x5bb, 0x42, 0x6}, {}, {0x7, 0x0, 0xffff}, {0x0, 0x0, 0x0, 0x4d}, {0x0, 0x8, 0x8, 0x200}, {}, {0x1, 0x4, 0x0, 0x7}, {0x6, 0xfffffff8, 0x4, 0x2}, {0x100, 0xe530, 0x2, 0x40}, {0x0, 0x0, 0x7, 0x4}, {0x6f, 0x0, 0xfffffffd}, {0x2}, {0x0, 0xa4e, 0x400}, {0x66e, 0x80000000, 0x7, 0x1}, {0x5, 0x0, 0x430, 0x8}, {0x50, 0x0, 0x81, 0x9}, {0x0, 0x8e}, {0x6, 0x9, 0x3, 0x6}, {0x8e, 0xc, 0x2, 0x6}]}}, @TCA_U32_CLASSID={0x8, 0x1, {0xfff2, 0x7}}, @TCA_U32_LINK={0x8, 0x3, 0xc52}, @TCA_U32_MARK={0x10, 0xa, {0x0, 0x1ff}}, @TCA_U32_ACT={0x8c, 0x7, [@m_vlan={0x88, 0x0, 0x0, 0x0, {{0x9}, {0x5c, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_ID={0x6}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0x3ff, 0x0, 0x10000000, 0x74}}}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0xa95}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x88a8}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x4}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0x0, 0x80000000, 0x4, 0x8, 0x7}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}}]}, 0x550}}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) kernel console output (not intermixed with test programs): [ 287.991955][ T5589] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.045248][T12998] batadv_slave_1: left promiscuous mode [ 288.130358][ T5103] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 288.140741][ T5103] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 288.141736][T13008] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2418'. [ 288.149755][ T5103] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 288.167116][ T5103] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 288.180082][ T5103] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 288.190093][ T5103] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 288.301354][ T5589] bridge_slave_1: left allmulticast mode [ 288.307817][ T5589] bridge_slave_1: left promiscuous mode [ 288.313737][ T5589] bridge0: port 2(bridge_slave_1) entered disabled state [ 288.324029][ T5589] bridge_slave_0: left allmulticast mode [ 288.331185][ T5589] bridge_slave_0: left promiscuous mode [ 288.337740][ T5589] bridge0: port 1(bridge_slave_0) entered disabled state [ 288.478195][T13021] xt_socket: unknown flags 0x8 [ 288.759969][ T5589] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 288.771897][ T5589] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 288.783888][ T5589] bond0 (unregistering): Released all slaves [ 289.094392][T13005] chnl_net:caif_netlink_parms(): no params data found [ 289.181025][ T5589] hsr_slave_0: left promiscuous mode [ 289.192885][ T5589] hsr_slave_1: left promiscuous mode [ 289.200706][ T5589] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 289.213175][ T5589] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 289.221869][ T5589] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 289.235259][ T5589] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 289.259671][ T5589] veth1_macvtap: left promiscuous mode [ 289.265263][ T5589] veth0_macvtap: left promiscuous mode [ 289.270976][ T5589] veth1_vlan: left promiscuous mode [ 289.276373][ T5589] veth0_vlan: left promiscuous mode [ 289.390607][T13039] No such timeout policy "syz0" [ 289.508303][T13045] FAULT_INJECTION: forcing a failure. [ 289.508303][T13045] name failslab, interval 1, probability 0, space 0, times 0 [ 289.529734][T13045] CPU: 1 PID: 13045 Comm: syz.2.2430 Not tainted 6.10.0-rc5-syzkaller-01209-gaa77b1128016 #0 [ 289.539940][T13045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 289.550177][T13045] Call Trace: [ 289.553450][T13045] [ 289.556374][T13045] dump_stack_lvl+0x241/0x360 [ 289.561054][T13045] ? __pfx_dump_stack_lvl+0x10/0x10 [ 289.566242][T13045] ? __pfx__printk+0x10/0x10 [ 289.570827][T13045] ? ref_tracker_alloc+0x332/0x490 [ 289.575943][T13045] should_fail_ex+0x3b0/0x4e0 [ 289.580619][T13045] ? skb_clone+0x20c/0x390 [ 289.585028][T13045] should_failslab+0x9/0x20 [ 289.589528][T13045] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 289.594902][T13045] skb_clone+0x20c/0x390 [ 289.599145][T13045] __netlink_deliver_tap+0x3cc/0x7c0 [ 289.604430][T13045] ? netlink_deliver_tap+0x2e/0x1b0 [ 289.609624][T13045] netlink_deliver_tap+0x19d/0x1b0 [ 289.614729][T13045] netlink_unicast+0x7be/0x990 [ 289.619491][T13045] ? __pfx_netlink_unicast+0x10/0x10 [ 289.624763][T13045] ? __virt_addr_valid+0x183/0x520 [ 289.629872][T13045] ? __check_object_size+0x49c/0x900 [ 289.635153][T13045] ? bpf_lsm_netlink_send+0x9/0x10 [ 289.640260][T13045] netlink_sendmsg+0x8e4/0xcb0 [ 289.645037][T13045] ? __pfx_netlink_sendmsg+0x10/0x10 [ 289.650317][T13045] ? __import_iovec+0x536/0x820 [ 289.655156][T13045] ? aa_sock_msg_perm+0x91/0x160 [ 289.660087][T13045] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 289.665375][T13045] ? security_socket_sendmsg+0x87/0xb0 [ 289.670830][T13045] ? __pfx_netlink_sendmsg+0x10/0x10 [ 289.676103][T13045] __sock_sendmsg+0x221/0x270 [ 289.680774][T13045] ____sys_sendmsg+0x525/0x7d0 [ 289.685539][T13045] ? __pfx_____sys_sendmsg+0x10/0x10 [ 289.690831][T13045] __sys_sendmsg+0x2b0/0x3a0 [ 289.695418][T13045] ? __pfx___sys_sendmsg+0x10/0x10 [ 289.700524][T13045] ? vfs_write+0x7c4/0xc90 [ 289.704965][T13045] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 289.711283][T13045] ? do_syscall_64+0x100/0x230 [ 289.716040][T13045] ? do_syscall_64+0xb6/0x230 [ 289.720715][T13045] do_syscall_64+0xf3/0x230 [ 289.725207][T13045] ? clear_bhb_loop+0x35/0x90 [ 289.729876][T13045] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 289.735761][T13045] RIP: 0033:0x7f004f375bd9 [ 289.740169][T13045] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 289.759763][T13045] RSP: 002b:00007f0050070048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 289.768170][T13045] RAX: ffffffffffffffda RBX: 00007f004f503f60 RCX: 00007f004f375bd9 [ 289.776132][T13045] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 289.784090][T13045] RBP: 00007f00500700a0 R08: 0000000000000000 R09: 0000000000000000 [ 289.792049][T13045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 289.800009][T13045] R13: 000000000000000b R14: 00007f004f503f60 R15: 00007ffd2d5afa38 [ 289.807986][T13045] [ 290.266661][ T5103] Bluetooth: hci3: command tx timeout [ 290.279998][ T5589] team0 (unregistering): Port device team_slave_1 removed [ 290.326413][ T5589] team0 (unregistering): Port device team_slave_0 removed [ 290.953316][T13063] xt_socket: unknown flags 0x8 [ 290.966895][T13005] bridge0: port 1(bridge_slave_0) entered blocking state [ 290.977404][T13005] bridge0: port 1(bridge_slave_0) entered disabled state [ 290.995945][T13005] bridge_slave_0: entered allmulticast mode [ 291.009639][T13005] bridge_slave_0: entered promiscuous mode [ 291.038638][T13005] bridge0: port 2(bridge_slave_1) entered blocking state [ 291.051299][T13005] bridge0: port 2(bridge_slave_1) entered disabled state [ 291.062648][T13005] bridge_slave_1: entered allmulticast mode [ 291.071938][T13005] bridge_slave_1: entered promiscuous mode [ 291.180707][T13005] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 291.204890][T13005] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 291.328053][T13005] team0: Port device team_slave_0 added [ 291.344946][T13005] team0: Port device team_slave_1 added [ 291.380588][T13005] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 291.402825][T13005] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 291.440512][T13005] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 291.453672][T13005] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 291.460809][T13005] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 291.487213][T13005] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 291.546445][T13005] hsr_slave_0: entered promiscuous mode [ 291.554536][T13005] hsr_slave_1: entered promiscuous mode [ 291.566614][T13005] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 291.574627][T13005] Cannot create hsr debugfs directory [ 292.014916][T13103] No such timeout policy "syz0" [ 292.031671][T13104] FAULT_INJECTION: forcing a failure. [ 292.031671][T13104] name failslab, interval 1, probability 0, space 0, times 0 [ 292.047977][T13104] CPU: 1 PID: 13104 Comm: syz.3.2447 Not tainted 6.10.0-rc5-syzkaller-01209-gaa77b1128016 #0 [ 292.058190][T13104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 292.068279][T13104] Call Trace: [ 292.071580][T13104] [ 292.074541][T13104] dump_stack_lvl+0x241/0x360 [ 292.079257][T13104] ? __pfx_dump_stack_lvl+0x10/0x10 [ 292.083498][T13106] xt_socket: unknown flags 0x8 [ 292.084506][T13104] ? __pfx__printk+0x10/0x10 [ 292.093916][T13104] ? __pfx___might_resched+0x10/0x10 [ 292.099255][T13104] should_fail_ex+0x3b0/0x4e0 [ 292.103987][T13104] ? genl_family_rcv_msg_attrs_parse+0xa3/0x290 [ 292.110362][T13104] should_failslab+0x9/0x20 [ 292.114902][T13104] __kmalloc_noprof+0xd8/0x400 [ 292.119710][T13104] genl_family_rcv_msg_attrs_parse+0xa3/0x290 [ 292.125915][T13104] genl_rcv_msg+0x802/0xec0 [ 292.130453][T13104] ? mark_lock+0x9a/0x350 [ 292.134858][T13104] ? __pfx_genl_rcv_msg+0x10/0x10 [ 292.139950][T13104] ? __pfx_lock_acquire+0x10/0x10 [ 292.145085][T13104] ? __pfx_nl802154_pre_doit+0x10/0x10 [ 292.150577][T13104] ? __pfx_nl802154_add_llsec_seclevel+0x10/0x10 [ 292.156941][T13104] ? __pfx_nl802154_post_doit+0x10/0x10 [ 292.162545][T13104] ? __pfx___might_resched+0x10/0x10 [ 292.167872][T13104] netlink_rcv_skb+0x1e3/0x430 [ 292.172668][T13104] ? __pfx_genl_rcv_msg+0x10/0x10 [ 292.177730][T13104] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 292.183077][T13104] genl_rcv+0x28/0x40 [ 292.187088][T13104] netlink_unicast+0x7f0/0x990 [ 292.191891][T13104] ? __pfx_netlink_unicast+0x10/0x10 [ 292.197193][T13104] ? __virt_addr_valid+0x183/0x520 [ 292.202341][T13104] ? __check_object_size+0x49c/0x900 [ 292.207667][T13104] ? bpf_lsm_netlink_send+0x9/0x10 [ 292.212828][T13104] netlink_sendmsg+0x8e4/0xcb0 [ 292.217645][T13104] ? __pfx_netlink_sendmsg+0x10/0x10 [ 292.222977][T13104] ? __import_iovec+0x536/0x820 [ 292.227841][T13104] ? aa_sock_msg_perm+0x91/0x160 [ 292.232801][T13104] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 292.238087][T13104] ? security_socket_sendmsg+0x87/0xb0 [ 292.243569][T13104] ? __pfx_netlink_sendmsg+0x10/0x10 [ 292.248881][T13104] __sock_sendmsg+0x221/0x270 [ 292.253602][T13104] ____sys_sendmsg+0x525/0x7d0 [ 292.258407][T13104] ? __pfx_____sys_sendmsg+0x10/0x10 [ 292.263700][T13104] __sys_sendmsg+0x2b0/0x3a0 [ 292.268305][T13104] ? __pfx___sys_sendmsg+0x10/0x10 [ 292.273448][T13104] ? vfs_write+0x7c4/0xc90 [ 292.277897][T13104] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 292.284227][T13104] ? do_syscall_64+0x100/0x230 [ 292.289094][T13104] ? do_syscall_64+0xb6/0x230 [ 292.293816][T13104] do_syscall_64+0xf3/0x230 [ 292.298352][T13104] ? clear_bhb_loop+0x35/0x90 [ 292.303041][T13104] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 292.306666][T13111] FAULT_INJECTION: forcing a failure. [ 292.306666][T13111] name failslab, interval 1, probability 0, space 0, times 0 [ 292.309017][T13104] RIP: 0033:0x7fbefcf75bd9 [ 292.309043][T13104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 292.309065][T13104] RSP: 002b:00007fbefde01048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 292.347577][ T5103] Bluetooth: hci3: command tx timeout [ 292.354208][T13104] RAX: ffffffffffffffda RBX: 00007fbefd103f60 RCX: 00007fbefcf75bd9 [ 292.354230][T13104] RDX: 0000000000000000 RSI: 0000000020001b80 RDI: 0000000000000007 [ 292.354242][T13104] RBP: 00007fbefde010a0 R08: 0000000000000000 R09: 0000000000000000 [ 292.354254][T13104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 292.354266][T13104] R13: 000000000000000b R14: 00007fbefd103f60 R15: 00007ffd09b880d8 [ 292.354297][T13104] [ 292.402515][T13111] CPU: 0 PID: 13111 Comm: syz.1.2449 Not tainted 6.10.0-rc5-syzkaller-01209-gaa77b1128016 #0 [ 292.412691][T13111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 292.422764][T13111] Call Trace: [ 292.426044][T13111] [ 292.428966][T13111] dump_stack_lvl+0x241/0x360 [ 292.433642][T13111] ? __pfx_dump_stack_lvl+0x10/0x10 [ 292.438833][T13111] ? __pfx__printk+0x10/0x10 [ 292.443601][T13111] should_fail_ex+0x3b0/0x4e0 [ 292.448279][T13111] ? __alloc_skb+0x1c3/0x440 [ 292.452870][T13111] should_failslab+0x9/0x20 [ 292.457457][T13111] kmem_cache_alloc_node_noprof+0x71/0x320 [ 292.463266][T13111] __alloc_skb+0x1c3/0x440 [ 292.467688][T13111] ? __pfx___alloc_skb+0x10/0x10 [ 292.472628][T13111] ? netlink_ack_tlv_len+0x6e/0x200 [ 292.477829][T13111] netlink_ack+0x13f/0xa30 [ 292.482241][T13111] ? __pfx_lock_acquire+0x10/0x10 [ 292.487270][T13111] netlink_rcv_skb+0x262/0x430 [ 292.492028][T13111] ? __pfx_genl_rcv_msg+0x10/0x10 [ 292.497050][T13111] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 292.502350][T13111] genl_rcv+0x28/0x40 [ 292.506329][T13111] netlink_unicast+0x7f0/0x990 [ 292.511182][T13111] ? __pfx_netlink_unicast+0x10/0x10 [ 292.516465][T13111] ? __virt_addr_valid+0x183/0x520 [ 292.521574][T13111] ? __check_object_size+0x49c/0x900 [ 292.526859][T13111] ? bpf_lsm_netlink_send+0x9/0x10 [ 292.531970][T13111] netlink_sendmsg+0x8e4/0xcb0 [ 292.536735][T13111] ? __pfx_netlink_sendmsg+0x10/0x10 [ 292.542013][T13111] ? __import_iovec+0x536/0x820 [ 292.546861][T13111] ? aa_sock_msg_perm+0x91/0x160 [ 292.551831][T13111] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 292.557113][T13111] ? security_socket_sendmsg+0x87/0xb0 [ 292.562566][T13111] ? __pfx_netlink_sendmsg+0x10/0x10 [ 292.567850][T13111] __sock_sendmsg+0x221/0x270 [ 292.572535][T13111] ____sys_sendmsg+0x525/0x7d0 [ 292.577305][T13111] ? __pfx_____sys_sendmsg+0x10/0x10 [ 292.582598][T13111] __sys_sendmsg+0x2b0/0x3a0 [ 292.587186][T13111] ? __pfx___sys_sendmsg+0x10/0x10 [ 292.592298][T13111] ? vfs_write+0x7c4/0xc90 [ 292.596741][T13111] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 292.603061][T13111] ? do_syscall_64+0x100/0x230 [ 292.607828][T13111] ? do_syscall_64+0xb6/0x230 [ 292.612502][T13111] do_syscall_64+0xf3/0x230 [ 292.617016][T13111] ? clear_bhb_loop+0x35/0x90 [ 292.621689][T13111] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 292.627573][T13111] RIP: 0033:0x7f9260b75bd9 [ 292.632007][T13111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 292.651608][T13111] RSP: 002b:00007f926188f048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 292.660017][T13111] RAX: ffffffffffffffda RBX: 00007f9260d04038 RCX: 00007f9260b75bd9 [ 292.667980][T13111] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000004 [ 292.676032][T13111] RBP: 00007f926188f0a0 R08: 0000000000000000 R09: 0000000000000000 [ 292.683996][T13111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 292.691959][T13111] R13: 000000000000006e R14: 00007f9260d04038 R15: 00007ffee9048888 [ 292.699935][T13111] [ 292.964498][T13005] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 292.997219][T13005] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 293.035480][T13005] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 293.065062][T13005] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 293.275961][T13005] 8021q: adding VLAN 0 to HW filter on device bond0 [ 293.329210][T13005] 8021q: adding VLAN 0 to HW filter on device team0 [ 293.354807][ T7190] bridge0: port 1(bridge_slave_0) entered blocking state [ 293.362062][ T7190] bridge0: port 1(bridge_slave_0) entered forwarding state [ 293.396301][ T7190] bridge0: port 2(bridge_slave_1) entered blocking state [ 293.403513][ T7190] bridge0: port 2(bridge_slave_1) entered forwarding state [ 293.610111][T13005] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 293.784311][T13159] No such timeout policy "syz0" [ 293.988980][T13005] veth0_vlan: entered promiscuous mode [ 294.005125][T13005] veth1_vlan: entered promiscuous mode [ 294.093149][T13005] veth0_macvtap: entered promiscuous mode [ 294.134819][T13005] veth1_macvtap: entered promiscuous mode [ 294.233697][T13005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 294.264384][T13005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 294.285552][T13005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 294.322050][T13005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 294.353816][T13005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 294.399279][T13005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 294.420319][T13005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 294.431243][ T5103] Bluetooth: hci3: command tx timeout [ 294.439695][T13005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 294.450408][T13005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 294.460835][T13195] No such timeout policy "syz0" [ 294.466071][T13005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 294.477877][T13005] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 294.490102][T13005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 294.501397][T13005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 294.512070][T13005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 294.532718][T13005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 294.552924][T13005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 294.569241][T13005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 294.588308][T13005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 294.607810][T13005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 294.625718][T13005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 294.639606][T13005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 294.652462][T13005] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 294.751381][T13005] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 294.773827][T13005] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 294.788199][T13005] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 294.804212][T13005] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 294.822383][T13206] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2475'. [ 294.953548][T13215] netlink: 'syz.3.2477': attribute type 3 has an invalid length. [ 294.984133][T13215] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.2477'. [ 295.018405][T13218] FAULT_INJECTION: forcing a failure. [ 295.018405][T13218] name failslab, interval 1, probability 0, space 0, times 0 [ 295.057610][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 295.065474][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 295.075310][ T5585] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 295.084621][T13218] CPU: 1 PID: 13218 Comm: syz.0.2478 Not tainted 6.10.0-rc5-syzkaller-01209-gaa77b1128016 #0 [ 295.095348][T13218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 295.105419][T13218] Call Trace: [ 295.108699][T13218] [ 295.111715][T13218] dump_stack_lvl+0x241/0x360 [ 295.116399][T13218] ? __pfx_dump_stack_lvl+0x10/0x10 [ 295.121590][T13218] ? __pfx__printk+0x10/0x10 [ 295.126178][T13218] ? ref_tracker_alloc+0x332/0x490 [ 295.131294][T13218] should_fail_ex+0x3b0/0x4e0 [ 295.135975][T13218] ? skb_clone+0x20c/0x390 [ 295.140395][T13218] should_failslab+0x9/0x20 [ 295.144893][T13218] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 295.150276][T13218] skb_clone+0x20c/0x390 [ 295.154607][T13218] __netlink_deliver_tap+0x3cc/0x7c0 [ 295.159923][T13218] ? netlink_deliver_tap+0x2e/0x1b0 [ 295.165132][T13218] netlink_deliver_tap+0x19d/0x1b0 [ 295.170246][T13218] netlink_unicast+0x7be/0x990 [ 295.175010][T13218] ? __pfx_netlink_unicast+0x10/0x10 [ 295.180300][T13218] ? __virt_addr_valid+0x183/0x520 [ 295.185416][T13218] ? __check_object_size+0x49c/0x900 [ 295.190702][T13218] ? bpf_lsm_netlink_send+0x9/0x10 [ 295.195814][T13218] netlink_sendmsg+0x8e4/0xcb0 [ 295.200579][T13218] ? __pfx_netlink_sendmsg+0x10/0x10 [ 295.205858][T13218] ? __import_iovec+0x536/0x820 [ 295.210697][T13218] ? aa_sock_msg_perm+0x91/0x160 [ 295.215755][T13218] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 295.221031][T13218] ? security_socket_sendmsg+0x87/0xb0 [ 295.226489][T13218] ? __pfx_netlink_sendmsg+0x10/0x10 [ 295.231771][T13218] __sock_sendmsg+0x221/0x270 [ 295.236444][T13218] ____sys_sendmsg+0x525/0x7d0 [ 295.241210][T13218] ? __pfx_____sys_sendmsg+0x10/0x10 [ 295.246516][T13218] __sys_sendmsg+0x2b0/0x3a0 [ 295.251107][T13218] ? __pfx___sys_sendmsg+0x10/0x10 [ 295.256225][T13218] ? vfs_write+0x7c4/0xc90 [ 295.260667][T13218] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 295.266990][T13218] ? do_syscall_64+0x100/0x230 [ 295.271753][T13218] ? do_syscall_64+0xb6/0x230 [ 295.276423][T13218] do_syscall_64+0xf3/0x230 [ 295.280921][T13218] ? clear_bhb_loop+0x35/0x90 [ 295.285593][T13218] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 295.291518][T13218] RIP: 0033:0x7fda75d75bd9 [ 295.295978][T13218] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 295.315594][T13218] RSP: 002b:00007fda76ab6048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 295.324020][T13218] RAX: ffffffffffffffda RBX: 00007fda75f04038 RCX: 00007fda75d75bd9 [ 295.332075][T13218] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 295.340048][T13218] RBP: 00007fda76ab60a0 R08: 0000000000000000 R09: 0000000000000000 [ 295.348099][T13218] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 295.356064][T13218] R13: 000000000000006e R14: 00007fda75f04038 R15: 00007ffc2b93d328 [ 295.364056][T13218] [ 295.380211][ T5585] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 295.582486][T13233] FAULT_INJECTION: forcing a failure. [ 295.582486][T13233] name failslab, interval 1, probability 0, space 0, times 0 [ 295.596030][T13233] CPU: 1 PID: 13233 Comm: syz.3.2484 Not tainted 6.10.0-rc5-syzkaller-01209-gaa77b1128016 #0 [ 295.606309][T13233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 295.616394][T13233] Call Trace: [ 295.619706][T13233] [ 295.622722][T13233] dump_stack_lvl+0x241/0x360 [ 295.627406][T13233] ? __pfx_dump_stack_lvl+0x10/0x10 [ 295.632598][T13233] ? __pfx__printk+0x10/0x10 [ 295.637192][T13233] ? ref_tracker_alloc+0x332/0x490 [ 295.642312][T13233] should_fail_ex+0x3b0/0x4e0 [ 295.647003][T13233] ? skb_clone+0x20c/0x390 [ 295.651884][T13233] should_failslab+0x9/0x20 [ 295.656411][T13233] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 295.661805][T13233] skb_clone+0x20c/0x390 [ 295.666057][T13233] __netlink_deliver_tap+0x3cc/0x7c0 [ 295.671350][T13233] ? netlink_deliver_tap+0x2e/0x1b0 [ 295.676540][T13233] netlink_deliver_tap+0x19d/0x1b0 [ 295.681648][T13233] netlink_unicast+0x7be/0x990 [ 295.686411][T13233] ? __pfx_netlink_unicast+0x10/0x10 [ 295.691687][T13233] ? __virt_addr_valid+0x183/0x520 [ 295.696799][T13233] ? __check_object_size+0x49c/0x900 [ 295.702081][T13233] ? bpf_lsm_netlink_send+0x9/0x10 [ 295.707192][T13233] netlink_sendmsg+0x8e4/0xcb0 [ 295.711959][T13233] ? __pfx_netlink_sendmsg+0x10/0x10 [ 295.717244][T13233] ? __import_iovec+0x536/0x820 [ 295.722085][T13233] ? aa_sock_msg_perm+0x91/0x160 [ 295.727022][T13233] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 295.732298][T13233] ? security_socket_sendmsg+0x87/0xb0 [ 295.737758][T13233] ? __pfx_netlink_sendmsg+0x10/0x10 [ 295.743396][T13233] __sock_sendmsg+0x221/0x270 [ 295.748083][T13233] ____sys_sendmsg+0x525/0x7d0 [ 295.752852][T13233] ? __pfx_____sys_sendmsg+0x10/0x10 [ 295.758147][T13233] __sys_sendmsg+0x2b0/0x3a0 [ 295.762767][T13233] ? __pfx___sys_sendmsg+0x10/0x10 [ 295.767960][T13233] ? vfs_write+0x7c4/0xc90 [ 295.772409][T13233] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 295.778754][T13233] ? do_syscall_64+0x100/0x230 [ 295.783541][T13233] ? do_syscall_64+0xb6/0x230 [ 295.788229][T13233] do_syscall_64+0xf3/0x230 [ 295.792732][T13233] ? clear_bhb_loop+0x35/0x90 [ 295.797407][T13233] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 295.803293][T13233] RIP: 0033:0x7fbefcf75bd9 [ 295.807716][T13233] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 295.827380][T13233] RSP: 002b:00007fbefde01048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 295.835797][T13233] RAX: ffffffffffffffda RBX: 00007fbefd103f60 RCX: 00007fbefcf75bd9 [ 295.843852][T13233] RDX: 0000000000000000 RSI: 0000000020000380 RDI: 0000000000000003 [ 295.851820][T13233] RBP: 00007fbefde010a0 R08: 0000000000000000 R09: 0000000000000000 [ 295.859787][T13233] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 295.867763][T13233] R13: 000000000000000b R14: 00007fbefd103f60 R15: 00007ffd09b880d8 [ 295.875745][T13233] [ 295.886017][T13233] netlink: 188 bytes leftover after parsing attributes in process `syz.3.2484'. [ 295.983741][T13244] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 296.582859][T13290] xt_HMARK: spi-set and port-set can't be combined [ 296.750204][T13306] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2509'. [ 296.874754][T13313] ieee802154 phy0 wpan0: encryption failed: -22 [ 296.893739][T13313] netlink: 165 bytes leftover after parsing attributes in process `syz.0.2512'. [ 297.031497][T13320] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2515'. [ 297.359951][T13345] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2523'. [ 297.488906][T13356] FAULT_INJECTION: forcing a failure. [ 297.488906][T13356] name failslab, interval 1, probability 0, space 0, times 0 [ 297.502843][T13356] CPU: 0 PID: 13356 Comm: syz.3.2527 Not tainted 6.10.0-rc5-syzkaller-01209-gaa77b1128016 #0 [ 297.513119][T13356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 297.523189][T13356] Call Trace: [ 297.526590][T13356] [ 297.529584][T13356] dump_stack_lvl+0x241/0x360 [ 297.534305][T13356] ? __pfx_dump_stack_lvl+0x10/0x10 [ 297.539539][T13356] ? __pfx__printk+0x10/0x10 [ 297.544338][T13356] ? __pfx___might_resched+0x10/0x10 [ 297.549667][T13356] should_fail_ex+0x3b0/0x4e0 [ 297.554556][T13356] ? sock_kmalloc+0xd7/0x160 [ 297.559182][T13356] should_failslab+0x9/0x20 [ 297.563714][T13356] __kmalloc_noprof+0xd8/0x400 [ 297.568481][T13356] ? __might_fault+0xaa/0x120 [ 297.573157][T13356] sock_kmalloc+0xd7/0x160 [ 297.577575][T13356] ____sys_sendmsg+0x216/0x7d0 [ 297.582343][T13356] ? __pfx_____sys_sendmsg+0x10/0x10 [ 297.587641][T13356] __sys_sendmsg+0x2b0/0x3a0 [ 297.592235][T13356] ? __pfx___sys_sendmsg+0x10/0x10 [ 297.597345][T13356] ? vfs_write+0x7c4/0xc90 [ 297.601857][T13356] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 297.608227][T13356] ? do_syscall_64+0x100/0x230 [ 297.613003][T13356] ? do_syscall_64+0xb6/0x230 [ 297.617764][T13356] do_syscall_64+0xf3/0x230 [ 297.622262][T13356] ? clear_bhb_loop+0x35/0x90 [ 297.626933][T13356] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 297.632818][T13356] RIP: 0033:0x7fbefcf75bd9 [ 297.637224][T13356] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 297.656831][T13356] RSP: 002b:00007fbefde01048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 297.665244][T13356] RAX: ffffffffffffffda RBX: 00007fbefd103f60 RCX: 00007fbefcf75bd9 [ 297.673214][T13356] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003 [ 297.681182][T13356] RBP: 00007fbefde010a0 R08: 0000000000000000 R09: 0000000000000000 [ 297.689176][T13356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 297.697141][T13356] R13: 000000000000000b R14: 00007fbefd103f60 R15: 00007ffd09b880d8 [ 297.705116][T13356] [ 298.159571][T13389] syz.2.2539[13389] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 298.159733][T13389] syz.2.2539[13389] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 298.320347][T13397] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2543'. [ 298.347609][T13397] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2543'. [ 298.406166][T13399] IPv6: Can't replace route, no match found [ 298.411409][T13400] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2542'. [ 298.682392][T13405] syzkaller0: entered promiscuous mode [ 298.689490][T13405] syzkaller0: entered allmulticast mode [ 299.046912][ T1057] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 300.049540][ T1057] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 300.133898][ T1057] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 300.282597][ T1057] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 300.409236][T13440] FAULT_INJECTION: forcing a failure. [ 300.409236][T13440] name failslab, interval 1, probability 0, space 0, times 0 [ 300.433862][T13440] CPU: 1 PID: 13440 Comm: syz.0.2553 Not tainted 6.10.0-rc5-syzkaller-01209-gaa77b1128016 #0 [ 300.444087][T13440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 300.454182][T13440] Call Trace: [ 300.457488][T13440] [ 300.460434][T13440] dump_stack_lvl+0x241/0x360 [ 300.465133][T13440] ? __pfx_dump_stack_lvl+0x10/0x10 [ 300.470387][T13440] ? __pfx__printk+0x10/0x10 [ 300.474996][T13440] ? __pfx___might_resched+0x10/0x10 [ 300.480296][T13440] ? trace_contention_end+0x3c/0x120 [ 300.485655][T13440] ? __mutex_lock+0x2ef/0xd70 [ 300.490359][T13440] should_fail_ex+0x3b0/0x4e0 [ 300.495076][T13440] ? genl_start+0x1cb/0x6d0 [ 300.499612][T13440] should_failslab+0x9/0x20 [ 300.504144][T13440] kmalloc_trace_noprof+0x6c/0x2c0 [ 300.509296][T13440] genl_start+0x1cb/0x6d0 [ 300.513667][T13440] __netlink_dump_start+0x45c/0x780 [ 300.518896][T13440] genl_rcv_msg+0x88c/0xec0 [ 300.523516][T13440] ? mark_lock+0x9a/0x350 [ 300.527881][T13440] ? __pfx_genl_rcv_msg+0x10/0x10 [ 300.532944][T13440] ? __pfx_genl_start+0x10/0x10 [ 300.537811][T13440] ? __pfx_genl_dumpit+0x10/0x10 [ 300.542744][T13440] ? __pfx_genl_done+0x10/0x10 [ 300.547508][T13440] ? __pfx_lock_acquire+0x10/0x10 [ 300.552525][T13440] ? __pfx_nfc_genl_dump_ses+0x10/0x10 [ 300.557985][T13440] ? __pfx_nfc_genl_dump_ses_done+0x10/0x10 [ 300.563898][T13440] ? __pfx___might_resched+0x10/0x10 [ 300.569190][T13440] netlink_rcv_skb+0x1e3/0x430 [ 300.573956][T13440] ? __pfx_genl_rcv_msg+0x10/0x10 [ 300.578982][T13440] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 300.584283][T13440] genl_rcv+0x28/0x40 [ 300.588285][T13440] netlink_unicast+0x7f0/0x990 [ 300.591291][ T5096] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 300.593066][T13440] ? __pfx_netlink_unicast+0x10/0x10 [ 300.593113][T13440] ? __virt_addr_valid+0x183/0x520 [ 300.602987][ T5096] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 300.605462][T13440] ? __check_object_size+0x49c/0x900 [ 300.612073][ T5096] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 300.617473][T13440] ? bpf_lsm_netlink_send+0x9/0x10 [ 300.617512][T13440] netlink_sendmsg+0x8e4/0xcb0 [ 300.625102][ T5096] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 300.629800][T13440] ? __pfx_netlink_sendmsg+0x10/0x10 [ 300.629835][T13440] ? __import_iovec+0x536/0x820 [ 300.635862][ T5096] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 300.639783][T13440] ? aa_sock_msg_perm+0x91/0x160 [ 300.647334][ T5096] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 300.652005][T13440] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 300.681034][T13440] ? security_socket_sendmsg+0x87/0xb0 [ 300.686534][T13440] ? __pfx_netlink_sendmsg+0x10/0x10 [ 300.691847][T13440] __sock_sendmsg+0x221/0x270 [ 300.696557][T13440] ____sys_sendmsg+0x525/0x7d0 [ 300.701366][T13440] ? __pfx_____sys_sendmsg+0x10/0x10 [ 300.706705][T13440] __sys_sendmsg+0x2b0/0x3a0 [ 300.711346][T13440] ? __pfx___sys_sendmsg+0x10/0x10 [ 300.716489][T13440] ? vfs_write+0x7c4/0xc90 [ 300.720984][T13440] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 300.727342][T13440] ? do_syscall_64+0x100/0x230 [ 300.732141][T13440] ? do_syscall_64+0xb6/0x230 [ 300.736839][T13440] do_syscall_64+0xf3/0x230 [ 300.741342][T13440] ? clear_bhb_loop+0x35/0x90 [ 300.746016][T13440] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 300.751903][T13440] RIP: 0033:0x7fda75d75bd9 [ 300.756321][T13440] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 300.775957][T13440] RSP: 002b:00007fda76a95048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 300.784388][T13440] RAX: ffffffffffffffda RBX: 00007fda75f04110 RCX: 00007fda75d75bd9 [ 300.792367][T13440] RDX: 0000000000000000 RSI: 0000000020001240 RDI: 000000000000000c [ 300.800361][T13440] RBP: 00007fda76a950a0 R08: 0000000000000000 R09: 0000000000000000 [ 300.808356][T13440] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 300.816360][T13440] R13: 000000000000006e R14: 00007fda75f04110 R15: 00007ffc2b93d328 [ 300.824362][T13440] [ 300.889794][ T1057] bridge_slave_1: left allmulticast mode [ 300.897105][ T1057] bridge_slave_1: left promiscuous mode [ 300.902908][ T1057] bridge0: port 2(bridge_slave_1) entered disabled state [ 300.915417][ T1057] bridge_slave_0: left allmulticast mode [ 300.921481][ T1057] bridge_slave_0: left promiscuous mode [ 300.928259][ T1057] bridge0: port 1(bridge_slave_0) entered disabled state [ 301.341402][ T1057] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 301.353081][ T1057] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 301.364259][ T1057] bond0 (unregistering): Released all slaves [ 301.701996][T13465] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2565'. [ 301.767734][T13474] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2566'. [ 301.808888][T13442] chnl_net:caif_netlink_parms(): no params data found [ 301.831326][T13475] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2567'. [ 301.849310][T13475] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2567'. [ 301.940685][ T1057] hsr_slave_0: left promiscuous mode [ 301.947479][ T1057] hsr_slave_1: left promiscuous mode [ 301.955246][ T1057] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 301.964021][ T1057] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 301.974277][ T1057] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 301.982162][ T1057] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 302.004964][ T1057] veth1_macvtap: left promiscuous mode [ 302.010818][ T1057] veth0_macvtap: left promiscuous mode [ 302.016526][ T1057] veth1_vlan: left promiscuous mode [ 302.021834][ T1057] veth0_vlan: left promiscuous mode [ 302.047363][T13484] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2570'. [ 302.639870][T13490] No such timeout policy "syz0" [ 302.667223][ T5103] Bluetooth: hci3: command tx timeout [ 302.676310][T13492] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 302.696444][ T1057] team0 (unregistering): Port device team_slave_1 removed [ 302.772830][ T1057] team0 (unregistering): Port device team_slave_0 removed [ 303.389256][T13504] netlink: 'syz.2.2576': attribute type 72 has an invalid length. [ 303.420719][T13442] bridge0: port 1(bridge_slave_0) entered blocking state [ 303.444029][T13442] bridge0: port 1(bridge_slave_0) entered disabled state [ 303.459722][T13442] bridge_slave_0: entered allmulticast mode [ 303.474068][T13442] bridge_slave_0: entered promiscuous mode [ 303.519606][T13510] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2579'. [ 303.529018][T13442] bridge0: port 2(bridge_slave_1) entered blocking state [ 303.529168][T13442] bridge0: port 2(bridge_slave_1) entered disabled state [ 303.529379][T13442] bridge_slave_1: entered allmulticast mode [ 303.530607][T13442] bridge_slave_1: entered promiscuous mode [ 303.580974][T13512] netlink: 'syz.1.2581': attribute type 11 has an invalid length. [ 303.609505][T13512] netlink: 'syz.1.2581': attribute type 11 has an invalid length. [ 303.659187][T13512] debugfs: Directory 'netdev:' with parent 'phy15' already present! [ 303.684165][T13518] FAULT_INJECTION: forcing a failure. [ 303.684165][T13518] name failslab, interval 1, probability 0, space 0, times 0 [ 303.712336][T13442] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 303.712418][T13518] CPU: 0 PID: 13518 Comm: syz.2.2583 Not tainted 6.10.0-rc5-syzkaller-01209-gaa77b1128016 #0 [ 303.724661][T13512] netlink: 'syz.1.2581': attribute type 11 has an invalid length. [ 303.731517][T13518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 303.731547][T13518] Call Trace: [ 303.731557][T13518] [ 303.731567][T13518] dump_stack_lvl+0x241/0x360 [ 303.731597][T13518] ? __pfx_dump_stack_lvl+0x10/0x10 [ 303.731615][T13518] ? __pfx__printk+0x10/0x10 [ 303.731636][T13518] ? validate_chain+0x11e/0x5900 [ 303.731657][T13518] ? validate_chain+0x11e/0x5900 [ 303.731678][T13518] should_fail_ex+0x3b0/0x4e0 [ 303.731703][T13518] ? __alloc_skb+0x1c3/0x440 [ 303.731726][T13518] should_failslab+0x9/0x20 [ 303.731749][T13518] kmem_cache_alloc_node_noprof+0x71/0x320 [ 303.731778][T13518] __alloc_skb+0x1c3/0x440 [ 303.731799][T13518] ? __pfx_validate_chain+0x10/0x10 [ 303.731825][T13518] ? __pfx___alloc_skb+0x10/0x10 [ 303.731848][T13518] ? tipc_node_xmit+0x1e1/0x1020 [ 303.731876][T13518] tipc_msg_build+0x150/0x1070 [ 303.731898][T13518] ? mark_lock+0x9a/0x350 [ 303.731939][T13518] ? __pfx_tipc_msg_build+0x10/0x10 [ 303.731963][T13518] ? mark_lock+0x9a/0x350 [ 303.731988][T13518] ? __lock_acquire+0x1346/0x1fd0 [ 303.732013][T13518] __tipc_sendstream+0xa39/0x14e0 [ 303.732072][T13518] ? __pfx___tipc_sendstream+0x10/0x10 [ 303.732096][T13518] ? __local_bh_enable_ip+0x168/0x200 [ 303.732116][T13518] ? __pfx_woken_wake_function+0x10/0x10 [ 303.732138][T13518] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 303.732155][T13518] ? do_raw_spin_unlock+0x13c/0x8b0 [ 303.732185][T13518] ? __pfx_tipc_send_packet+0x10/0x10 [ 303.745230][T13442] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 303.750106][T13518] tipc_send_packet+0x7c/0xa0 [ 303.750141][T13518] __sock_sendmsg+0x221/0x270 [ 303.750164][T13518] ____sys_sendmsg+0x525/0x7d0 [ 303.750195][T13518] ? __pfx_____sys_sendmsg+0x10/0x10 [ 303.909504][T13518] ? __might_fault+0xaa/0x120 [ 303.914180][T13518] __sys_sendmmsg+0x3b2/0x740 [ 303.918859][T13518] ? __pfx___sys_sendmmsg+0x10/0x10 [ 303.924078][T13518] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 303.929965][T13518] ? ksys_write+0x23e/0x2c0 [ 303.934472][T13518] ? __pfx_lock_release+0x10/0x10 [ 303.939496][T13518] ? vfs_write+0x7c4/0xc90 [ 303.943914][T13518] ? __mutex_unlock_slowpath+0x21d/0x750 [ 303.949543][T13518] ? __pfx_vfs_write+0x10/0x10 [ 303.954313][T13518] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 303.960282][T13518] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 303.966597][T13518] ? do_syscall_64+0x100/0x230 [ 303.971353][T13518] __x64_sys_sendmmsg+0xa0/0xb0 [ 303.976198][T13518] do_syscall_64+0xf3/0x230 [ 303.980722][T13518] ? clear_bhb_loop+0x35/0x90 [ 303.985389][T13518] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 303.991283][T13518] RIP: 0033:0x7f004f375bd9 [ 303.995696][T13518] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 304.015467][T13518] RSP: 002b:00007f0050070048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 304.023873][T13518] RAX: ffffffffffffffda RBX: 00007f004f503f60 RCX: 00007f004f375bd9 [ 304.031839][T13518] RDX: 00000000040001b6 RSI: 0000000020001540 RDI: 0000000000000003 [ 304.039816][T13518] RBP: 00007f00500700a0 R08: 0000000000000000 R09: 0000000000000000 [ 304.047868][T13518] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 304.055834][T13518] R13: 000000000000000b R14: 00007f004f503f60 R15: 00007ffd2d5afa38 [ 304.063905][T13518] [ 304.160144][T13521] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2582'. [ 304.211805][T13442] team0: Port device team_slave_0 added [ 304.222164][T13442] team0: Port device team_slave_1 added [ 304.315232][T13525] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2585'. [ 304.339313][T13525] ipvlan1: entered promiscuous mode [ 304.345118][T13525] ipvlan1: entered allmulticast mode [ 304.357093][T13525] syz_tun: entered allmulticast mode [ 304.364881][T13442] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 304.372271][T13442] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 304.408804][T13442] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 304.481210][T13442] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 304.501525][T13442] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 304.563793][T13442] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 304.685404][T13539] netlink: 'syz.0.2591': attribute type 72 has an invalid length. [ 304.718985][T13442] hsr_slave_0: entered promiscuous mode [ 304.745844][ T5103] Bluetooth: hci3: command tx timeout [ 304.759508][T13442] hsr_slave_1: entered promiscuous mode [ 304.786940][T13442] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 304.802516][T13442] Cannot create hsr debugfs directory [ 304.863804][T13545] veth0_vlan: entered allmulticast mode [ 305.010303][T13559] batadv_slave_1: entered promiscuous mode [ 305.069242][T13557] batadv_slave_1: left promiscuous mode [ 305.223618][T13577] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2602'. [ 305.269186][T13578] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2603'. [ 305.404758][T13583] netlink: 'syz.0.2607': attribute type 72 has an invalid length. [ 305.517783][T13442] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 305.531330][T13442] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 305.542590][T13442] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 305.555935][T13442] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 305.673374][T13442] 8021q: adding VLAN 0 to HW filter on device bond0 [ 305.717861][T13442] 8021q: adding VLAN 0 to HW filter on device team0 [ 305.745666][ T931] bridge0: port 1(bridge_slave_0) entered blocking state [ 305.752890][ T931] bridge0: port 1(bridge_slave_0) entered forwarding state [ 305.770064][ T931] bridge0: port 2(bridge_slave_1) entered blocking state [ 305.777286][ T931] bridge0: port 2(bridge_slave_1) entered forwarding state [ 305.882583][T13595] netlink: 'syz.0.2613': attribute type 10 has an invalid length. [ 305.891572][T13595] bridge0: port 3(team0) entered blocking state [ 305.904503][T13595] bridge0: port 3(team0) entered disabled state [ 305.921872][T13595] team0: entered allmulticast mode [ 305.931232][T13595] team_slave_1: entered allmulticast mode [ 305.946622][T13595] team0: entered promiscuous mode [ 305.962155][T13595] team_slave_1: entered promiscuous mode [ 306.023204][T13598] syzkaller0: entered promiscuous mode [ 306.056307][T13598] syzkaller0: entered allmulticast mode [ 306.158641][T13610] xt_TPROXY: Can be used only with -p tcp or -p udp [ 306.213102][T13442] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 306.660681][T13442] veth0_vlan: entered promiscuous mode [ 306.707422][T13442] veth1_vlan: entered promiscuous mode [ 306.764754][T13442] veth0_macvtap: entered promiscuous mode [ 306.789865][T13442] veth1_macvtap: entered promiscuous mode [ 306.826006][ T5103] Bluetooth: hci3: command tx timeout [ 306.832952][T13442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 306.844081][T13442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 306.855828][T13442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 306.871131][T13442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 306.883625][T13442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 306.903325][T13442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 306.915537][T13442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 306.930197][T13442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 306.942264][T13442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 306.958329][T13649] netlink: 'syz.1.2633': attribute type 1 has an invalid length. [ 306.958372][T13442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 306.972492][T13649] netlink: 'syz.1.2633': attribute type 2 has an invalid length. [ 306.978963][T13442] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 307.004214][T13649] __nla_validate_parse: 7 callbacks suppressed [ 307.004233][T13649] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2633'. [ 307.005164][T13442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 307.036951][T13442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 307.049614][T13442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 307.061538][T13442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 307.074690][T13442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 307.090037][T13442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 307.100237][T13442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 307.113794][T13442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 307.123930][T13442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 307.135071][T13442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 307.164679][T13442] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 307.190790][T13442] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 307.202908][T13442] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 307.213914][T13442] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 307.223823][T13442] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 307.363473][T13657] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 307.421005][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 307.451467][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 307.525480][ T5585] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 307.558831][ T5585] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 307.843891][T13678] netlink: 1752 bytes leftover after parsing attributes in process `syz.1.2642'. [ 308.121576][T13696] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2645'. [ 308.202412][T13698] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2646'. [ 308.586197][ T5103] Bluetooth: hci0: command 0x0c20 tx timeout [ 308.654894][T13718] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 308.675454][T13718] team0: Port device batadv0 added [ 308.850635][T13730] netlink: 188 bytes leftover after parsing attributes in process `syz.2.2659'. [ 308.883585][T13731] ipip0: entered promiscuous mode [ 308.889152][T13730] netlink: 'syz.2.2659': attribute type 1 has an invalid length. [ 308.921707][T13730] netlink: 'syz.2.2659': attribute type 3 has an invalid length. [ 309.346606][T13761] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 309.383260][T13761] team0: Port device batadv0 added [ 309.931442][T13796] No such timeout policy "syz0" [ 310.294343][T13817] netlink: 'syz.1.2690': attribute type 29 has an invalid length. [ 310.312842][T13817] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2690'. [ 310.353546][ T5585] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 310.410613][T13817] netlink: 'syz.1.2690': attribute type 29 has an invalid length. [ 310.442761][T13817] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2690'. [ 310.452912][T13820] netlink: 'syz.1.2690': attribute type 29 has an invalid length. [ 310.461599][T13820] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2690'. [ 311.687567][T13832] netlink: 'syz.1.2696': attribute type 10 has an invalid length. [ 311.709984][T13832] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2696'. [ 311.766388][T13832] bridge0: port 1(dummy0) entered blocking state [ 311.783625][T13832] bridge0: port 1(dummy0) entered disabled state [ 311.790683][T13837] No such timeout policy "syz0" [ 311.805316][T13832] dummy0: entered allmulticast mode [ 311.992422][ T5096] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 312.002779][ T5096] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 312.012810][ T5096] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 312.025060][ T5096] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 312.036832][ T5096] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 312.046643][ T5096] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 312.079939][ T5585] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 312.185302][ T5585] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 312.201666][T13858] FAULT_INJECTION: forcing a failure. [ 312.201666][T13858] name failslab, interval 1, probability 0, space 0, times 0 [ 312.226752][T13858] CPU: 1 PID: 13858 Comm: syz.1.2703 Not tainted 6.10.0-rc5-syzkaller-01209-gaa77b1128016 #0 [ 312.236970][T13858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 312.247141][T13858] Call Trace: [ 312.250439][T13858] [ 312.253376][T13858] dump_stack_lvl+0x241/0x360 [ 312.258069][T13858] ? __pfx_dump_stack_lvl+0x10/0x10 [ 312.263270][T13858] ? __pfx__printk+0x10/0x10 [ 312.267865][T13858] ? __pfx_lock_acquire+0x10/0x10 [ 312.272885][T13858] should_fail_ex+0x3b0/0x4e0 [ 312.277650][T13858] ? dst_alloc+0x12b/0x190 [ 312.282161][T13858] should_failslab+0x9/0x20 [ 312.286708][T13858] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 312.292112][T13858] dst_alloc+0x12b/0x190 [ 312.296367][T13858] xfrm_alloc_dst+0x6e/0x150 [ 312.300953][T13858] xfrm_lookup_with_ifid+0xc10/0x1ed0 [ 312.306325][T13858] ? __pfx_xfrm_lookup_with_ifid+0x10/0x10 [ 312.312154][T13858] ? rcuref_put+0x1e3/0x240 [ 312.316650][T13858] ? __pfx_rcuref_put+0x10/0x10 [ 312.321516][T13858] xfrm_lookup_route+0x3c/0x1c0 [ 312.326361][T13858] ip6_dst_lookup_flow+0x13e/0x180 [ 312.331469][T13858] ? __pfx_ip6_dst_lookup_flow+0x10/0x10 [ 312.337109][T13858] sctp_v6_get_dst+0x105a/0x1e20 [ 312.342096][T13858] ? sctp_v6_get_dst+0x565/0x1e20 [ 312.347118][T13858] ? __pfx_sctp_v6_get_dst+0x10/0x10 [ 312.352395][T13858] ? __asan_memset+0x23/0x50 [ 312.357004][T13858] sctp_transport_route+0x12c/0x2e0 [ 312.362200][T13858] sctp_assoc_add_peer+0x614/0x15c0 [ 312.367397][T13858] sctp_connect_new_asoc+0x31d/0x6c0 [ 312.372674][T13858] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 312.378474][T13858] ? __ipv6_addr_type+0xda/0x2f0 [ 312.383401][T13858] ? sctp_endpoint_lookup_assoc+0xc9/0x250 [ 312.389203][T13858] __sctp_connect+0x66d/0xe30 [ 312.393879][T13858] ? __pfx___sctp_connect+0x10/0x10 [ 312.399067][T13858] ? __might_fault+0xc6/0x120 [ 312.403734][T13858] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 312.409271][T13858] ? security_sctp_bind_connect+0x90/0xb0 [ 312.414984][T13858] sctp_getsockopt_connectx3+0x46f/0x730 [ 312.420628][T13858] ? __local_bh_enable_ip+0x168/0x200 [ 312.425996][T13858] ? __pfx_sctp_getsockopt_connectx3+0x10/0x10 [ 312.432143][T13858] ? __local_bh_enable_ip+0x168/0x200 [ 312.437515][T13858] ? sctp_getsockopt+0x13a/0xbb0 [ 312.442455][T13858] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 312.448185][T13858] sctp_getsockopt+0x8de/0xbb0 [ 312.452957][T13858] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 312.458848][T13858] do_sock_getsockopt+0x373/0x850 [ 312.463874][T13858] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 312.469417][T13858] ? __fget_files+0x3f6/0x470 [ 312.474097][T13858] __sys_getsockopt+0x271/0x330 [ 312.478948][T13858] ? __pfx___sys_getsockopt+0x10/0x10 [ 312.484400][T13858] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 312.490721][T13858] ? do_syscall_64+0x100/0x230 [ 312.495480][T13858] __x64_sys_getsockopt+0xb5/0xd0 [ 312.500504][T13858] do_syscall_64+0xf3/0x230 [ 312.505006][T13858] ? clear_bhb_loop+0x35/0x90 [ 312.509677][T13858] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 312.515561][T13858] RIP: 0033:0x7f9260b75bd9 [ 312.519972][T13858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 312.539677][T13858] RSP: 002b:00007f92618b0048 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 312.548111][T13858] RAX: ffffffffffffffda RBX: 00007f9260d03f60 RCX: 00007f9260b75bd9 [ 312.556081][T13858] RDX: 000000000000006f RSI: 0000000000000084 RDI: 0000000000000003 [ 312.564041][T13858] RBP: 00007f92618b00a0 R08: 0000000020000280 R09: 0000000000000000 [ 312.572090][T13858] R10: 0000000020010180 R11: 0000000000000246 R12: 0000000000000002 [ 312.580053][T13858] R13: 000000000000000b R14: 00007f9260d03f60 R15: 00007ffee9048888 [ 312.588028][T13858] [ 312.639492][T13860] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2704'. [ 312.722468][ T5585] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 313.180772][ T5585] bridge_slave_1: left allmulticast mode [ 313.187412][ T5585] bridge_slave_1: left promiscuous mode [ 313.195188][ T5585] bridge0: port 2(bridge_slave_1) entered disabled state [ 313.214802][ T5576] tipc: Subscription rejected, illegal request [ 313.223801][ T5585] bridge_slave_0: left allmulticast mode [ 313.229841][ T5585] bridge_slave_0: left promiscuous mode [ 313.235888][ T5585] bridge0: port 1(bridge_slave_0) entered disabled state [ 313.755291][ T5585] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 313.773346][ T5585] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 313.785410][ T5585] bond0 (unregistering): Released all slaves [ 313.814073][T13893] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1 [ 313.867825][T13897] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2713'. [ 313.892650][T13850] chnl_net:caif_netlink_parms(): no params data found [ 314.106006][ T5103] Bluetooth: hci3: command tx timeout [ 314.152512][T13910] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2718'. [ 314.286364][T13916] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2719'. [ 314.418091][T13916] Êü: entered promiscuous mode [ 314.432364][T13850] bridge0: port 1(bridge_slave_0) entered blocking state [ 314.452544][T13850] bridge0: port 1(bridge_slave_0) entered disabled state [ 314.463291][T13850] bridge_slave_0: entered allmulticast mode [ 314.481593][T13850] bridge_slave_0: entered promiscuous mode [ 314.496468][T13850] bridge0: port 2(bridge_slave_1) entered blocking state [ 314.503945][T13850] bridge0: port 2(bridge_slave_1) entered disabled state [ 314.513073][T13850] bridge_slave_1: entered allmulticast mode [ 314.531889][T13850] bridge_slave_1: entered promiscuous mode [ 314.674313][T13916] syzkaller0: create flow: hash 3570090775 index 1 [ 314.775353][T13923] syzkaller0: entered promiscuous mode [ 314.788297][T13923] syzkaller0: entered allmulticast mode [ 314.812869][ T5585] hsr_slave_0: left promiscuous mode [ 314.819470][ T5585] hsr_slave_1: left promiscuous mode [ 314.830247][ T5585] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 314.840214][ T5585] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 314.850939][ T5585] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 314.858777][ T5585] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 314.881384][ T5585] veth1_macvtap: left promiscuous mode [ 314.887803][ T5585] veth0_macvtap: left promiscuous mode [ 314.893417][ T5585] veth1_vlan: left promiscuous mode [ 314.899876][ T5585] veth0_vlan: left promiscuous mode [ 315.384130][ T5585] team0 (unregistering): Port device team_slave_1 removed [ 315.445517][ T5585] team0 (unregistering): Port device team_slave_0 removed [ 316.075294][T13850] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 316.084993][ T51] syzkaller0: tun_net_xmit 48 [ 316.199814][ T5103] Bluetooth: hci3: command tx timeout [ 316.217842][T13850] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 316.266514][T13914] syzkaller0: delete flow: hash 3570090775 index 1 [ 317.634051][ T1248] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.917078][T13850] team0: Port device team_slave_0 added [ 317.951292][T13850] team0: Port device team_slave_1 added [ 318.003066][T13850] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 318.025163][T13850] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 318.060620][T13850] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 318.097457][T13850] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 318.120590][T13850] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 318.179025][T13850] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 318.266718][ T5103] Bluetooth: hci3: command tx timeout [ 318.286081][T13850] hsr_slave_0: entered promiscuous mode [ 318.292694][T13850] hsr_slave_1: entered promiscuous mode [ 318.300111][T13850] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 318.307917][T13850] Cannot create hsr debugfs directory [ 318.323771][T13965] netlink: 'syz.3.2733': attribute type 3 has an invalid length. [ 318.397716][T13966] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2731'. [ 318.609018][T13970] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2734'. [ 318.920724][T13978] No such timeout policy "syz0" [ 319.070703][T13850] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 319.078874][T13980] netlink: 54 bytes leftover after parsing attributes in process `syz.2.2737'. [ 319.093212][T13850] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 319.109004][T13850] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 319.133263][T13850] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 319.291558][T13850] 8021q: adding VLAN 0 to HW filter on device bond0 [ 319.315366][T13993] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2741'. [ 319.344628][T13993] Êü: entered promiscuous mode [ 319.369325][T13850] 8021q: adding VLAN 0 to HW filter on device team0 [ 319.397845][ T931] bridge0: port 1(bridge_slave_0) entered blocking state [ 319.405085][ T931] bridge0: port 1(bridge_slave_0) entered forwarding state [ 319.440588][ T5141] bridge0: port 2(bridge_slave_1) entered blocking state [ 319.447803][ T5141] bridge0: port 2(bridge_slave_1) entered forwarding state [ 319.542835][T13993] syzkaller0: entered promiscuous mode [ 319.581875][T13993] syzkaller0: entered allmulticast mode [ 319.599052][T14004] batadv_slave_1: entered promiscuous mode [ 319.599537][T14009] syzkaller0: create flow: hash 3570090775 index 1 [ 319.611827][T13999] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2744'. [ 319.632871][T14010] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2746'. [ 319.655973][T14010] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 319.663458][T14010] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 319.718734][T14010] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 319.726609][T14010] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 319.751390][T14010] bond0: (slave batadv0): Releasing backup interface [ 319.763587][T14013] netlink: 'syz.0.2746': attribute type 7 has an invalid length. [ 319.775635][T14013] netlink: 'syz.0.2746': attribute type 8 has an invalid length. [ 319.837063][T13992] syzkaller0: delete flow: hash 3570090775 index 1 [ 319.929867][T14017] No such timeout policy "syz0" [ 320.357456][ T5103] Bluetooth: hci3: command tx timeout [ 321.488121][T14003] batadv_slave_1: left promiscuous mode [ 321.809994][T14046] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2753'. [ 322.052492][T13850] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 322.189566][T14070] batadv_slave_1: entered promiscuous mode [ 322.255978][T14069] batadv_slave_1: left promiscuous mode [ 322.332122][T14080] No such timeout policy "syz0" [ 322.413567][T14083] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2764'. [ 322.528640][T13850] veth0_vlan: entered promiscuous mode [ 322.559890][T13850] veth1_vlan: entered promiscuous mode [ 322.628288][T14093] netlink: 'syz.0.2769': attribute type 10 has an invalid length. [ 322.689646][T14093] team0: left allmulticast mode [ 322.694563][T14093] team_slave_1: left allmulticast mode [ 322.722129][T14093] team0: left promiscuous mode [ 322.731536][T14093] team_slave_1: left promiscuous mode [ 322.738177][T14093] bridge0: port 3(team0) entered disabled state [ 322.748490][T14093] team0: Cannot enslave team device to itself [ 322.796141][T14100] batadv_slave_1: entered promiscuous mode [ 322.917119][T13850] veth0_macvtap: entered promiscuous mode [ 322.958774][T13850] veth1_macvtap: entered promiscuous mode [ 323.007062][T14099] batadv_slave_1: left promiscuous mode [ 323.016335][T14110] No such timeout policy "syz0" [ 323.117111][T13850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 323.155120][T13850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 323.173510][T13850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 323.207428][T13850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 323.234332][T13850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 323.253845][T13850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 323.268945][T13850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 323.283252][T13850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 323.311979][T13850] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 323.358135][T13850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 323.425907][T13850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 323.451210][T13850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 323.473263][T14128] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 323.489342][T13850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 323.509983][T13850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 323.529505][T13850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 323.543743][T13850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 323.558764][T13850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 323.576607][T13850] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 323.577876][T14133] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2778'. [ 323.641026][T13850] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 323.668704][T13850] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 323.685201][T13850] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 323.698138][T13850] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 323.836229][ T5576] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 323.847093][ T5576] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 323.899374][ T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 323.908335][ T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 324.045465][T14145] batadv_slave_1: entered promiscuous mode [ 324.121241][T14144] batadv_slave_1: left promiscuous mode [ 324.242294][T14157] No such timeout policy "syz0" [ 324.394619][T14169] netlink: 'syz.2.2794': attribute type 10 has an invalid length. [ 324.432095][T14169] veth1_vlan: left allmulticast mode [ 324.559257][T14178] batadv_slave_1: entered promiscuous mode [ 324.588688][T14173] pimreg: entered allmulticast mode [ 324.668545][T14177] batadv_slave_1: left promiscuous mode [ 324.746763][T14186] team0: entered promiscuous mode [ 324.757333][T14186] team_slave_1: entered promiscuous mode [ 324.839552][T14196] netlink: 'syz.0.2800': attribute type 11 has an invalid length. [ 324.876605][T14198] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2801'. [ 324.983501][ T5589] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 325.239096][T14185] team0: left promiscuous mode [ 325.243897][T14185] team_slave_1: left promiscuous mode [ 325.352581][ T5589] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 325.524516][ T5589] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 325.593790][ T5589] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 325.721791][ T5589] bridge_slave_1: left allmulticast mode [ 325.727534][ T5589] bridge_slave_1: left promiscuous mode [ 325.733216][ T5589] bridge0: port 2(bridge_slave_1) entered disabled state [ 325.743795][ T5589] bridge_slave_0: left allmulticast mode [ 325.749860][ T5589] bridge_slave_0: left promiscuous mode [ 325.755531][ T5589] bridge0: port 1(bridge_slave_0) entered disabled state [ 326.098241][ T5589] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 326.111362][ T5589] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 326.127240][ T5589] bond0 (unregistering): Released all slaves [ 326.391163][T14209] No such timeout policy "syz0" [ 326.411718][T14210] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2809'. [ 326.646842][ T5589] hsr_slave_0: left promiscuous mode [ 326.681756][ T5589] hsr_slave_1: left promiscuous mode [ 326.726747][ T5096] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 326.737648][ T5096] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 326.755204][ T5096] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 326.766778][ T5096] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 326.775547][ T5096] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 326.786423][ T5589] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 326.793903][ T5589] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 326.804616][ T5096] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 326.829445][ T5589] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 326.850558][ T5589] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 326.925176][ T5589] veth1_macvtap: left promiscuous mode [ 326.931113][ T5589] veth0_macvtap: left promiscuous mode [ 326.946037][ T5589] veth1_vlan: left promiscuous mode [ 326.952561][ T5589] veth0_vlan: left promiscuous mode [ 328.099853][ T5589] team0 (unregistering): Port device team_slave_1 removed [ 328.145372][ T5589] team0 (unregistering): Port device team_slave_0 removed [ 328.740974][T14246] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2821'. [ 328.841122][T14255] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2819'. [ 328.863705][T14253] No such timeout policy "syz0" [ 328.908781][ T5096] Bluetooth: hci3: command tx timeout [ 329.051021][T14220] chnl_net:caif_netlink_parms(): no params data found [ 329.164666][T14265] tipc: Started in network mode [ 329.171747][T14265] tipc: Node identity e0000002, cluster identity 4711 [ 329.184871][T14265] tipc: Enabling of bearer rejected, failed to enable media [ 329.320116][T14220] bridge0: port 1(bridge_slave_0) entered blocking state [ 329.335964][T14220] bridge0: port 1(bridge_slave_0) entered disabled state [ 329.344148][T14220] bridge_slave_0: entered allmulticast mode [ 329.358705][T14220] bridge_slave_0: entered promiscuous mode [ 329.374417][T14276] netlink: 'syz.3.2828': attribute type 10 has an invalid length. [ 329.391988][T14220] bridge0: port 2(bridge_slave_1) entered blocking state [ 329.399666][T14220] bridge0: port 2(bridge_slave_1) entered disabled state [ 329.407385][T14220] bridge_slave_1: entered allmulticast mode [ 329.415213][T14220] bridge_slave_1: entered promiscuous mode [ 329.458731][T14220] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 329.482133][T14287] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2833'. [ 329.485885][T14220] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 329.569819][T14220] team0: Port device team_slave_0 added [ 329.580700][T14289] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2834'. [ 329.592997][T14220] team0: Port device team_slave_1 added [ 329.651064][T14293] No such timeout policy "syz0" [ 329.696814][T14220] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 329.703813][T14220] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 329.759012][T14220] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 329.788603][T14220] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 329.804227][T14220] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 329.843006][T14220] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 329.980865][T14220] hsr_slave_0: entered promiscuous mode [ 329.996959][T14220] hsr_slave_1: entered promiscuous mode [ 330.003476][T14220] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 330.015682][T14220] Cannot create hsr debugfs directory [ 330.120735][T14314] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2844'. [ 330.139576][T14312] netlink: 'syz.2.2843': attribute type 10 has an invalid length. [ 330.297279][T14316] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2845'. [ 330.372580][T14323] No such timeout policy "syz0" [ 330.724571][T14343] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2855'. [ 330.744545][T14342] netlink: 'syz.3.2856': attribute type 10 has an invalid length. [ 330.979740][T14220] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 330.987692][ T5096] Bluetooth: hci3: command tx timeout [ 331.003644][T14220] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 331.027398][T14220] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 331.034709][T14361] No such timeout policy "syz0" [ 331.049352][T14220] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 331.062801][T14363] batadv_slave_1: entered promiscuous mode [ 331.212587][T14362] batadv_slave_1: left promiscuous mode [ 331.233120][T14368] FAULT_INJECTION: forcing a failure. [ 331.233120][T14368] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 331.262055][T14368] CPU: 0 PID: 14368 Comm: syz.3.2866 Not tainted 6.10.0-rc5-syzkaller-01209-gaa77b1128016 #0 [ 331.272363][T14368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 331.282443][T14368] Call Trace: [ 331.285745][T14368] [ 331.288707][T14368] dump_stack_lvl+0x241/0x360 [ 331.293379][T14368] ? __pfx_dump_stack_lvl+0x10/0x10 [ 331.298586][T14368] ? __pfx__printk+0x10/0x10 [ 331.303214][T14368] ? snprintf+0xda/0x120 [ 331.307495][T14368] should_fail_ex+0x3b0/0x4e0 [ 331.312215][T14368] _copy_to_user+0x2f/0xb0 [ 331.316660][T14368] simple_read_from_buffer+0xca/0x150 [ 331.322045][T14368] proc_fail_nth_read+0x1e9/0x250 [ 331.327071][T14368] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 331.332619][T14368] ? rw_verify_area+0x514/0x6b0 [ 331.337464][T14368] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 331.343004][T14368] vfs_read+0x204/0xbd0 [ 331.347155][T14368] ? __pfx_lock_release+0x10/0x10 [ 331.352178][T14368] ? __pfx_vfs_read+0x10/0x10 [ 331.356851][T14368] ? __fget_files+0x29/0x470 [ 331.361539][T14368] ? __fget_files+0x3f6/0x470 [ 331.366223][T14368] ksys_read+0x1a0/0x2c0 [ 331.370464][T14368] ? __pfx_ksys_read+0x10/0x10 [ 331.375227][T14368] ? do_syscall_64+0x100/0x230 [ 331.379990][T14368] ? do_syscall_64+0xb6/0x230 [ 331.384662][T14368] do_syscall_64+0xf3/0x230 [ 331.389158][T14368] ? clear_bhb_loop+0x35/0x90 [ 331.393833][T14368] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 331.399720][T14368] RIP: 0033:0x7fbefcf746bc [ 331.404138][T14368] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48 [ 331.423736][T14368] RSP: 002b:00007fbefde01040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 331.432146][T14368] RAX: ffffffffffffffda RBX: 00007fbefd103f60 RCX: 00007fbefcf746bc [ 331.440114][T14368] RDX: 000000000000000f RSI: 00007fbefde010b0 RDI: 0000000000000007 [ 331.448085][T14368] RBP: 00007fbefde010a0 R08: 0000000000000000 R09: 0000000000000000 [ 331.456051][T14368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 331.464017][T14368] R13: 000000000000000b R14: 00007fbefd103f60 R15: 00007ffd09b880d8 [ 331.472058][T14368] [ 331.508899][T14220] 8021q: adding VLAN 0 to HW filter on device bond0 [ 331.551737][T14220] 8021q: adding VLAN 0 to HW filter on device team0 [ 331.594603][ T5144] bridge0: port 1(bridge_slave_0) entered blocking state [ 331.601847][ T5144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 331.634368][ T5144] bridge0: port 2(bridge_slave_1) entered blocking state [ 331.641586][ T5144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 331.668066][T14379] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2869'. [ 331.685008][T14381] netlink: 'syz.0.2870': attribute type 10 has an invalid length. [ 331.708085][T14385] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2872'. [ 331.817366][T14386] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb [ 331.874927][T14386] tipc: Enabled bearer , priority 10 [ 331.940471][T14398] No such timeout policy "syz0" [ 332.205035][T14220] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 332.418824][T14421] netlink: 182 bytes leftover after parsing attributes in process `syz.0.2881'. [ 332.527512][T14428] netlink: 'syz.0.2883': attribute type 10 has an invalid length. [ 332.625437][T14220] veth0_vlan: entered promiscuous mode [ 332.663673][T14220] veth1_vlan: entered promiscuous mode [ 332.691632][T14433] bridge: RTM_NEWNEIGH with invalid state 0x0 [ 332.707964][T14438] No such timeout policy "syz0" [ 332.749725][T14433] netlink: 'syz.0.2885': attribute type 1 has an invalid length. [ 332.758072][T14433] netlink: 'syz.0.2885': attribute type 3 has an invalid length. [ 332.766288][T14433] NCSI netlink: No device for ifindex 0 [ 332.841786][T14220] veth0_macvtap: entered promiscuous mode [ 332.889571][T14220] veth1_macvtap: entered promiscuous mode [ 332.960935][T14220] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 332.973653][T14220] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 332.988775][T14220] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 333.001531][T14220] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 333.013000][T14220] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 333.030091][T14220] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 333.041232][T14220] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 333.059021][T14220] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 333.066050][ T5096] Bluetooth: hci3: command tx timeout [ 333.081388][T14220] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 333.119685][T14220] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 333.156388][T14220] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 333.176765][T14220] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 333.197338][T14220] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 333.222106][T14220] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 333.253997][T14220] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 333.293518][T14220] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 333.296047][T14466] --map-set only usable from mangle table [ 333.315833][T14220] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 333.321791][T14466] sctp: [Deprecated]: syz.3.2894 (pid 14466) Use of struct sctp_assoc_value in delayed_ack socket option. [ 333.321791][T14466] Use struct sctp_sack_info instead [ 333.352738][T14220] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 333.361006][T14471] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 333.381796][T14220] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 333.392167][T14220] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 333.414095][T14220] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 333.423919][T14220] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 333.442623][T14468] netlink: 'syz.1.2895': attribute type 10 has an invalid length. [ 333.638936][ T5576] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 333.666226][ T5576] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 333.706992][T14481] batadv_slave_1: entered promiscuous mode [ 333.799187][ T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 333.827080][T14480] batadv_slave_1: left promiscuous mode [ 333.836143][ T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 333.974699][T14497] No such timeout policy "syz0" [ 334.064814][T14503] netlink: 'syz.0.2907': attribute type 10 has an invalid length. [ 334.096448][T14503] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 334.160032][T14507] __nla_validate_parse: 7 callbacks suppressed [ 334.160054][T14507] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2908'. [ 334.263870][T14513] batadv_slave_1: entered promiscuous mode [ 334.463286][T14512] batadv_slave_1: left promiscuous mode [ 334.582652][T14541] netlink: 576 bytes leftover after parsing attributes in process `syz.2.2919'. [ 334.647475][T14543] netlink: 'syz.1.2920': attribute type 10 has an invalid length. [ 334.682961][T14543] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 334.744075][T14548] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2921'. [ 334.937138][T14567] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2928'. [ 334.959361][T14567] vlan3: entered promiscuous mode [ 334.971237][T14567] dummy0: entered promiscuous mode [ 335.099028][T14581] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2929'. [ 335.100899][T14582] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2931'. [ 335.421982][T14593] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2934'. [ 335.586623][T14605] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 335.904646][T14619] batadv_slave_1: entered promiscuous mode [ 335.915520][T14620] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2944'. [ 336.001753][T14616] batadv_slave_1: left promiscuous mode [ 336.172718][T14637] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2951'. [ 336.397356][T14656] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2953'. [ 336.454475][T14662] batadv_slave_1: entered promiscuous mode [ 336.515073][T14660] batadv_slave_1: left promiscuous mode [ 336.674011][ T5576] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 337.655395][ T5576] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 337.742724][ T5576] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 337.814954][ T5576] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 337.892951][ T5576] bridge_slave_1: left allmulticast mode [ 337.899917][ T5576] bridge_slave_1: left promiscuous mode [ 337.905671][ T5576] bridge0: port 2(bridge_slave_1) entered disabled state [ 337.917266][ T5576] bridge_slave_0: left allmulticast mode [ 337.922922][ T5576] bridge_slave_0: left promiscuous mode [ 337.929934][ T5576] bridge0: port 1(bridge_slave_0) entered disabled state [ 338.327609][ T5103] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 338.338475][ T5103] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 338.352863][ T5103] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 338.374309][ T5103] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 338.390795][ T5103] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 338.404597][ T5103] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 338.496732][ T5576] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 338.512776][ T5576] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 338.523705][ T5576] bond0 (unregistering): Released all slaves [ 338.794930][T14696] batadv_slave_1: entered promiscuous mode [ 339.061450][T14695] batadv_slave_1: left promiscuous mode [ 339.100208][ T5576] hsr_slave_0: left promiscuous mode [ 339.110699][ T5576] hsr_slave_1: left promiscuous mode [ 339.117616][ T5576] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 339.134542][ T5576] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 339.167947][ T5576] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 339.175439][ T5576] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 339.205210][T14722] __nla_validate_parse: 2 callbacks suppressed [ 339.205235][T14722] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2974'. [ 339.261999][ T5576] veth1_macvtap: left promiscuous mode [ 339.268848][ T5576] veth0_macvtap: left promiscuous mode [ 339.274539][ T5576] veth1_vlan: left promiscuous mode [ 339.280202][ T5576] veth0_vlan: left promiscuous mode [ 339.946593][ T5576] team0 (unregistering): Port device team_slave_1 removed [ 340.012653][ T5576] team0 (unregistering): Port device team_slave_0 removed [ 340.462845][T14738] netlink: 52 bytes leftover after parsing attributes in process `syz.0.2979'. [ 340.509533][ T5103] Bluetooth: hci3: command tx timeout [ 340.527658][T14737] netlink: 52 bytes leftover after parsing attributes in process `syz.0.2979'. [ 340.582750][T14687] chnl_net:caif_netlink_parms(): no params data found [ 340.726961][T14762] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2985'. [ 340.737410][T14757] netlink: 'syz.1.2986': attribute type 2 has an invalid length. [ 340.956879][T14687] bridge0: port 1(bridge_slave_0) entered blocking state [ 340.993375][T14687] bridge0: port 1(bridge_slave_0) entered disabled state [ 341.016758][T14687] bridge_slave_0: entered allmulticast mode [ 341.032022][T14687] bridge_slave_0: entered promiscuous mode [ 341.059230][T14776] vlan1: entered promiscuous mode [ 341.092945][T14779] vlan1 (unregistering): left promiscuous mode [ 341.097192][T14784] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2992'. [ 341.115081][T14782] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2991'. [ 341.126403][T14687] bridge0: port 2(bridge_slave_1) entered blocking state [ 341.133758][T14687] bridge0: port 2(bridge_slave_1) entered disabled state [ 341.141998][T14687] bridge_slave_1: entered allmulticast mode [ 341.150438][T14687] bridge_slave_1: entered promiscuous mode [ 341.173283][T14784] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2992'. [ 341.251041][T14687] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 341.274610][T14787] TCP: tcp_parse_options: Illegal window scaling value 150 > 14 received [ 341.284388][T14687] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 341.401020][T14687] team0: Port device team_slave_0 added [ 341.433643][T14687] team0: Port device team_slave_1 added [ 341.454798][T14802] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2994'. [ 341.493358][T14687] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 341.500883][T14687] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 341.535792][T14687] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 341.571206][T14687] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 341.583149][T14687] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 341.617021][T14687] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 341.724883][T14687] hsr_slave_0: entered promiscuous mode [ 341.749227][T14687] hsr_slave_1: entered promiscuous mode [ 341.771937][T14687] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 341.791539][T14687] Cannot create hsr debugfs directory [ 342.586894][ T5103] Bluetooth: hci3: command tx timeout [ 342.610825][T14687] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 342.631911][T14687] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 342.643389][T14687] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 342.658413][T14687] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 342.958061][T14687] 8021q: adding VLAN 0 to HW filter on device bond0 [ 342.990988][T14687] 8021q: adding VLAN 0 to HW filter on device team0 [ 343.009646][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 343.016918][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 343.032424][T14885] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3020'. [ 343.050721][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 343.057968][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 343.109656][T14687] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 343.394917][T14687] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 343.854001][T14687] veth0_vlan: entered promiscuous mode [ 343.907966][T14687] veth1_vlan: entered promiscuous mode [ 343.934950][T14923] FAULT_INJECTION: forcing a failure. [ 343.934950][T14923] name failslab, interval 1, probability 0, space 0, times 0 [ 343.986140][T14923] CPU: 0 PID: 14923 Comm: syz.0.3031 Not tainted 6.10.0-rc5-syzkaller-01209-gaa77b1128016 #0 [ 343.996353][T14923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 344.006435][T14923] Call Trace: [ 344.009736][T14923] [ 344.012703][T14923] dump_stack_lvl+0x241/0x360 [ 344.017405][T14923] ? __pfx_dump_stack_lvl+0x10/0x10 [ 344.022602][T14923] ? __pfx__printk+0x10/0x10 [ 344.027205][T14923] should_fail_ex+0x3b0/0x4e0 [ 344.031886][T14923] ? sctp_add_bind_addr+0x89/0x3a0 [ 344.036994][T14923] should_failslab+0x9/0x20 [ 344.041492][T14923] kmalloc_trace_noprof+0x6c/0x2c0 [ 344.046595][T14923] ? __pfx__get_random_bytes+0x10/0x10 [ 344.052061][T14923] sctp_add_bind_addr+0x89/0x3a0 [ 344.056998][T14923] sctp_copy_local_addr_list+0x311/0x500 [ 344.062630][T14923] ? sctp_copy_local_addr_list+0xab/0x500 [ 344.068343][T14923] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 344.074491][T14923] ? sctp_association_new+0x17c0/0x23f0 [ 344.080038][T14923] ? sctp_v6_is_any+0x60/0x70 [ 344.084723][T14923] sctp_bind_addr_copy+0xad/0x3b0 [ 344.089922][T14923] ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190 [ 344.096253][T14923] sctp_connect_new_asoc+0x2f3/0x6c0 [ 344.101549][T14923] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 344.107351][T14923] ? sctp_sendmsg+0xbb9/0x3520 [ 344.112148][T14923] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 344.117871][T14923] ? security_sctp_bind_connect+0x90/0xb0 [ 344.123602][T14923] sctp_sendmsg+0x219a/0x3520 [ 344.128295][T14923] ? __pfx_sctp_sendmsg+0x10/0x10 [ 344.133322][T14923] ? __pfx_aa_sk_perm+0x10/0x10 [ 344.138175][T14923] ? inet_sendmsg+0x330/0x390 [ 344.142850][T14923] __sock_sendmsg+0x1a6/0x270 [ 344.147524][T14923] __sys_sendto+0x3a4/0x4f0 [ 344.152035][T14923] ? __pfx___sys_sendto+0x10/0x10 [ 344.157072][T14923] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 344.163047][T14923] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 344.169372][T14923] __x64_sys_sendto+0xde/0x100 [ 344.174158][T14923] do_syscall_64+0xf3/0x230 [ 344.178689][T14923] ? clear_bhb_loop+0x35/0x90 [ 344.183377][T14923] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 344.189268][T14923] RIP: 0033:0x7fda75d75bd9 [ 344.193678][T14923] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 344.213280][T14923] RSP: 002b:00007fda76ad7048 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 344.221691][T14923] RAX: ffffffffffffffda RBX: 00007fda75f03f60 RCX: 00007fda75d75bd9 [ 344.229675][T14923] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000003 [ 344.237640][T14923] RBP: 00007fda76ad70a0 R08: 0000000020000100 R09: 000000000000001c [ 344.245610][T14923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 344.253582][T14923] R13: 000000000000000b R14: 00007fda75f03f60 R15: 00007ffc2b93d328 [ 344.261673][T14923] [ 344.270640][T14687] veth0_macvtap: entered promiscuous mode [ 344.302962][T14687] veth1_macvtap: entered promiscuous mode [ 344.555830][T14687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 344.578651][T14687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 344.589307][T14687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 344.600077][T14687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 344.629612][T14687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 344.651483][T14687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 344.666331][ T5103] Bluetooth: hci3: command tx timeout [ 344.679815][T14687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 344.691418][T14687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 344.718621][T14687] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 344.752298][T14943] netlink: 'syz.3.3036': attribute type 4 has an invalid length. [ 344.810675][T14687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 344.847483][T14687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 344.883677][T14687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 344.906961][T14687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 344.918369][T14687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 344.930404][T14687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 344.942512][T14687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 344.954280][T14687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 344.979053][T14687] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 345.000759][T14687] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 345.023274][T14687] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 345.053515][T14687] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 345.075706][T14687] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 345.155306][T14954] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3039'. [ 345.286843][T14971] bond0: entered promiscuous mode [ 345.292028][T14971] bond_slave_0: entered promiscuous mode [ 345.302614][T14971] bond_slave_1: entered promiscuous mode [ 345.417015][ T5589] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 345.448958][ T5589] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 345.502695][ T5576] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 345.522671][ T5576] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 345.806496][T14998] netlink: 'syz.3.3052': attribute type 29 has an invalid length. [ 345.870525][T15001] batadv_slave_1: entered promiscuous mode [ 345.888782][T15004] FAULT_INJECTION: forcing a failure. [ 345.888782][T15004] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 345.904840][T15000] batadv_slave_1: left promiscuous mode [ 345.911452][T15004] CPU: 0 PID: 15004 Comm: syz.3.3054 Not tainted 6.10.0-rc5-syzkaller-01209-gaa77b1128016 #0 [ 345.921637][T15004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 345.931803][T15004] Call Trace: [ 345.935095][T15004] [ 345.938047][T15004] dump_stack_lvl+0x241/0x360 [ 345.942755][T15004] ? __pfx_dump_stack_lvl+0x10/0x10 [ 345.947991][T15004] ? __pfx__printk+0x10/0x10 [ 345.952608][T15004] should_fail_ex+0x3b0/0x4e0 [ 345.957412][T15004] _copy_from_user+0x2f/0xe0 [ 345.962119][T15004] move_addr_to_kernel+0x82/0x150 [ 345.967179][T15004] copy_msghdr_from_user+0x43e/0x680 [ 345.972498][T15004] ? __pfx___might_resched+0x10/0x10 [ 345.977820][T15004] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 345.983667][T15004] ? __might_fault+0xaa/0x120 [ 345.988370][T15004] __sys_sendmmsg+0x374/0x740 [ 345.993065][T15004] ? __pfx___sys_sendmmsg+0x10/0x10 [ 345.998298][T15004] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 346.004211][T15004] ? ksys_write+0x23e/0x2c0 [ 346.008709][T15004] ? __pfx_lock_release+0x10/0x10 [ 346.013730][T15004] ? vfs_write+0x7c4/0xc90 [ 346.018145][T15004] ? __mutex_unlock_slowpath+0x21d/0x750 [ 346.023775][T15004] ? __pfx_vfs_write+0x10/0x10 [ 346.028556][T15004] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 346.034537][T15004] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 346.040862][T15004] ? do_syscall_64+0x100/0x230 [ 346.045625][T15004] __x64_sys_sendmmsg+0xa0/0xb0 [ 346.050483][T15004] do_syscall_64+0xf3/0x230 [ 346.054973][T15004] ? clear_bhb_loop+0x35/0x90 [ 346.059647][T15004] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 346.065534][T15004] RIP: 0033:0x7fbefcf75bd9 [ 346.069938][T15004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 346.089538][T15004] RSP: 002b:00007fbefde01048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 346.098048][T15004] RAX: ffffffffffffffda RBX: 00007fbefd103f60 RCX: 00007fbefcf75bd9 [ 346.106013][T15004] RDX: 0000000000000002 RSI: 0000000020005d40 RDI: 0000000000000008 [ 346.113973][T15004] RBP: 00007fbefde010a0 R08: 0000000000000000 R09: 0000000000000000 [ 346.121937][T15004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 346.129910][T15004] R13: 000000000000000b R14: 00007fbefd103f60 R15: 00007ffd09b880d8 [ 346.137889][T15004] [ 347.063118][T15075] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING [ 347.074276][T15071] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3076'. [ 347.146761][T15083] syzkaller0: left promiscuous mode [ 347.152249][T15083] syzkaller0: left allmulticast mode [ 347.800421][T15117] : renamed from ipvlan1 [ 348.243075][T15152] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3102'. [ 348.383348][T15156] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3104'. [ 348.569094][ T5585] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 349.304215][ T5585] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 349.363341][ T5585] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 349.451570][ T5585] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 349.530304][ T5585] bridge_slave_1: left allmulticast mode [ 349.536260][ T5585] bridge_slave_1: left promiscuous mode [ 349.542059][ T5585] bridge0: port 2(bridge_slave_1) entered disabled state [ 349.552961][ T5585] bridge_slave_0: left allmulticast mode [ 349.559149][ T5585] bridge_slave_0: left promiscuous mode [ 349.564890][ T5585] bridge0: port 1(bridge_slave_0) entered disabled state [ 349.897623][ T5585] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 349.910112][ T5585] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 349.921102][ T5585] bond0 (unregistering): Released all slaves [ 350.054197][T15170] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3109'. [ 350.073444][T15173] netlink: 248 bytes leftover after parsing attributes in process `syz.3.3111'. [ 350.197741][T15170] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3109'. [ 350.197749][T15176] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3112'. [ 350.270904][T15181] netlink: 'syz.1.3109': attribute type 2 has an invalid length. [ 350.296274][T15181] netlink: 'syz.1.3109': attribute type 1 has an invalid length. [ 350.320691][T15181] netlink: 'syz.1.3109': attribute type 2 has an invalid length. [ 350.376300][T15181] netlink: 'syz.1.3109': attribute type 2 has an invalid length. [ 350.408735][T15181] netlink: 'syz.1.3109': attribute type 2 has an invalid length. [ 350.429382][ T5585] hsr_slave_0: left promiscuous mode [ 350.443157][ T5585] hsr_slave_1: left promiscuous mode [ 350.455308][ T5585] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 350.467865][ T5096] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 350.477641][ T5585] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 350.487498][ T5096] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 350.497507][ T5096] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 350.515755][ T5096] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 350.523541][ T5585] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 350.531296][ T5096] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 350.540314][ T5585] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 350.547773][ T5096] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 350.583000][ T5585] veth1_macvtap: left promiscuous mode [ 350.589761][ T5585] veth0_macvtap: left promiscuous mode [ 350.595841][ T5585] veth1_vlan: left promiscuous mode [ 350.601223][ T5585] veth0_vlan: left promiscuous mode [ 351.282947][ T5585] team0 (unregistering): Port device team_slave_1 removed [ 351.357551][ T5585] team0 (unregistering): Port device team_slave_0 removed [ 351.792465][T15191] team0: entered promiscuous mode [ 351.798975][T15191] team_slave_0: entered promiscuous mode [ 351.805463][T15191] team_slave_1: entered promiscuous mode [ 351.811829][T15191] batadv0: entered promiscuous mode [ 351.850187][T15191] team0: left promiscuous mode [ 351.861827][T15191] team_slave_0: left promiscuous mode [ 351.871959][T15191] team_slave_1: left promiscuous mode [ 351.878855][T15191] batadv0: left promiscuous mode [ 352.119230][T15216] FAULT_INJECTION: forcing a failure. [ 352.119230][T15216] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 352.134582][T15218] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3125'. [ 352.162695][T15216] CPU: 1 PID: 15216 Comm: syz.3.3124 Not tainted 6.10.0-rc5-syzkaller-01209-gaa77b1128016 #0 [ 352.172998][T15216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 352.183083][T15216] Call Trace: [ 352.186385][T15216] [ 352.189324][T15216] dump_stack_lvl+0x241/0x360 [ 352.194005][T15216] ? __pfx_dump_stack_lvl+0x10/0x10 [ 352.199194][T15216] ? __pfx__printk+0x10/0x10 [ 352.203787][T15216] ? __pfx_lock_release+0x10/0x10 [ 352.208821][T15216] should_fail_ex+0x3b0/0x4e0 [ 352.213515][T15216] _copy_from_iter+0x43a/0x1960 [ 352.218359][T15216] ? __virt_addr_valid+0x183/0x520 [ 352.223478][T15216] ? __pfx__copy_from_iter+0x10/0x10 [ 352.228845][T15216] ? _sctp_make_chunk+0x161/0x460 [ 352.233903][T15216] ? __virt_addr_valid+0x183/0x520 [ 352.239055][T15216] ? __virt_addr_valid+0x183/0x520 [ 352.244186][T15216] ? __virt_addr_valid+0x44e/0x520 [ 352.249308][T15216] ? __phys_addr_symbol+0x2f/0x70 [ 352.254336][T15216] ? __check_object_size+0x49c/0x900 [ 352.259888][T15216] sctp_user_addto_chunk+0x8c/0x220 [ 352.265114][T15216] sctp_datamsg_from_user+0x760/0xf20 [ 352.270507][T15216] sctp_sendmsg_to_asoc+0xf7e/0x1800 [ 352.275802][T15216] ? __asan_memcpy+0x40/0x70 [ 352.280389][T15216] ? sctp_assoc_add_peer+0xe3c/0x15c0 [ 352.285788][T15216] ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10 [ 352.291500][T15216] ? sctp_connect_new_asoc+0x3fe/0x6c0 [ 352.296954][T15216] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 352.302749][T15216] ? sctp_sendmsg+0xbb9/0x3520 [ 352.307513][T15216] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 352.313051][T15216] ? security_sctp_bind_connect+0x90/0xb0 [ 352.318767][T15216] sctp_sendmsg+0x1bc3/0x3520 [ 352.323456][T15216] ? __pfx_sctp_sendmsg+0x10/0x10 [ 352.328480][T15216] ? __pfx_aa_sk_perm+0x10/0x10 [ 352.333326][T15216] ? iovec_from_user+0x1b0/0x240 [ 352.338263][T15216] ? inet_sendmsg+0x330/0x390 [ 352.342950][T15216] __sock_sendmsg+0x1a6/0x270 [ 352.347634][T15216] ____sys_sendmsg+0x525/0x7d0 [ 352.352425][T15216] ? __pfx_____sys_sendmsg+0x10/0x10 [ 352.357736][T15216] __sys_sendmmsg+0x3b2/0x740 [ 352.362432][T15216] ? __pfx___sys_sendmmsg+0x10/0x10 [ 352.367753][T15216] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 352.373665][T15216] ? ksys_write+0x23e/0x2c0 [ 352.378172][T15216] ? __pfx_lock_release+0x10/0x10 [ 352.383194][T15216] ? vfs_write+0x7c4/0xc90 [ 352.387608][T15216] ? __mutex_unlock_slowpath+0x21d/0x750 [ 352.393236][T15216] ? __pfx_vfs_write+0x10/0x10 [ 352.398014][T15216] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 352.403987][T15216] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 352.410310][T15216] ? do_syscall_64+0x100/0x230 [ 352.415067][T15216] __x64_sys_sendmmsg+0xa0/0xb0 [ 352.419916][T15216] do_syscall_64+0xf3/0x230 [ 352.424425][T15216] ? clear_bhb_loop+0x35/0x90 [ 352.429122][T15216] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 352.435007][T15216] RIP: 0033:0x7fbefcf75bd9 [ 352.439416][T15216] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 352.459033][T15216] RSP: 002b:00007fbefde01048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 352.467449][T15216] RAX: ffffffffffffffda RBX: 00007fbefd103f60 RCX: 00007fbefcf75bd9 [ 352.475421][T15216] RDX: 0000000000000004 RSI: 0000000020008340 RDI: 0000000000000003 [ 352.483385][T15216] RBP: 00007fbefde010a0 R08: 0000000000000000 R09: 0000000000000000 [ 352.491347][T15216] R10: 0000000000040850 R11: 0000000000000246 R12: 0000000000000002 [ 352.499309][T15216] R13: 000000000000000b R14: 00007fbefd103f60 R15: 00007ffd09b880d8 [ 352.507284][T15216] [ 352.594146][ T5096] Bluetooth: hci3: command tx timeout [ 352.654020][T15229] netlink: 248 bytes leftover after parsing attributes in process `syz.2.3123'. [ 352.664944][T15223] sch_tbf: burst 8 is lower than device lo mtu (65550) ! [ 352.722893][T15194] chnl_net:caif_netlink_parms(): no params data found [ 352.837318][T15234] dccp_invalid_packet: P.Data Offset(172) too large [ 353.010955][T15194] bridge0: port 1(bridge_slave_0) entered blocking state [ 353.030468][T15194] bridge0: port 1(bridge_slave_0) entered disabled state [ 353.039211][T15194] bridge_slave_0: entered allmulticast mode [ 353.047014][T15194] bridge_slave_0: entered promiscuous mode [ 353.058315][T15194] bridge0: port 2(bridge_slave_1) entered blocking state [ 353.067772][T15194] bridge0: port 2(bridge_slave_1) entered disabled state [ 353.075094][T15194] bridge_slave_1: entered allmulticast mode [ 353.083753][T15194] bridge_slave_1: entered promiscuous mode [ 353.149624][T15194] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 353.215978][T15194] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 353.310726][T15194] team0: Port device team_slave_0 added [ 353.346523][T15194] team0: Port device team_slave_1 added [ 353.440745][T15194] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 353.457343][T15194] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 353.605669][T15194] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 353.651750][T15194] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 353.677708][T15194] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 353.748704][T15194] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 353.784792][T15297] netlink: 'syz.1.3145': attribute type 1 has an invalid length. [ 353.804644][T15291] macvlan2: entered promiscuous mode [ 353.812978][T15297] netlink: 112848 bytes leftover after parsing attributes in process `syz.1.3145'. [ 353.818133][T15291] vlan1: entered promiscuous mode [ 353.836180][T15297] netlink: 'syz.1.3145': attribute type 1 has an invalid length. [ 353.842037][T15291] team0: Port device macvlan2 added [ 353.873227][T15300] batadv_slave_1: entered promiscuous mode [ 353.883004][T15297] bond0: option miimon: invalid value (18446744073072082944) [ 353.892185][T15297] bond0: option miimon: allowed values 0 - 2147483647 [ 353.912134][T15297] netlink: 'syz.1.3145': attribute type 2 has an invalid length. [ 353.928794][T15297] netlink: 244 bytes leftover after parsing attributes in process `syz.1.3145'. [ 354.004610][T15194] hsr_slave_0: entered promiscuous mode [ 354.055787][T15194] hsr_slave_1: entered promiscuous mode [ 354.065105][T15194] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 354.074277][T15194] Cannot create hsr debugfs directory [ 354.092801][T15299] batadv_slave_1: left promiscuous mode [ 354.128474][T15309] batadv_slave_1: entered promiscuous mode [ 354.150702][T15314] FAULT_INJECTION: forcing a failure. [ 354.150702][T15314] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 354.172454][T15314] CPU: 0 PID: 15314 Comm: syz.1.3150 Not tainted 6.10.0-rc5-syzkaller-01209-gaa77b1128016 #0 [ 354.182743][T15314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 354.192810][T15314] Call Trace: [ 354.196121][T15314] [ 354.199074][T15314] dump_stack_lvl+0x241/0x360 [ 354.203792][T15314] ? __pfx_dump_stack_lvl+0x10/0x10 [ 354.209025][T15314] ? __pfx__printk+0x10/0x10 [ 354.213648][T15314] ? snprintf+0xda/0x120 [ 354.217921][T15314] should_fail_ex+0x3b0/0x4e0 [ 354.222721][T15314] _copy_to_user+0x2f/0xb0 [ 354.227170][T15314] simple_read_from_buffer+0xca/0x150 [ 354.232575][T15314] proc_fail_nth_read+0x1e9/0x250 [ 354.237638][T15314] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 354.243228][T15314] ? rw_verify_area+0x514/0x6b0 [ 354.248131][T15314] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 354.253730][T15314] vfs_read+0x204/0xbd0 [ 354.257915][T15314] ? __pfx_lock_release+0x10/0x10 [ 354.262934][T15314] ? do_sock_setsockopt+0x3e2/0x720 [ 354.268155][T15314] ? __pfx_vfs_read+0x10/0x10 [ 354.272932][T15314] ? bpf_lsm_socket_setsockopt+0x9/0x10 [ 354.278753][T15314] ? __fget_files+0x29/0x470 [ 354.283370][T15314] ? __fget_files+0x3f6/0x470 [ 354.288059][T15314] ksys_read+0x1a0/0x2c0 [ 354.292315][T15314] ? __pfx_ksys_read+0x10/0x10 [ 354.297250][T15314] ? do_syscall_64+0x100/0x230 [ 354.302100][T15314] ? do_syscall_64+0xb6/0x230 [ 354.306791][T15314] do_syscall_64+0xf3/0x230 [ 354.311289][T15314] ? clear_bhb_loop+0x35/0x90 [ 354.315967][T15314] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 354.321850][T15314] RIP: 0033:0x7f9260b746bc [ 354.326361][T15314] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48 [ 354.346091][T15314] RSP: 002b:00007f926186e040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 354.354520][T15314] RAX: ffffffffffffffda RBX: 00007f9260d04110 RCX: 00007f9260b746bc [ 354.362538][T15314] RDX: 000000000000000f RSI: 00007f926186e0b0 RDI: 0000000000000006 [ 354.370532][T15314] RBP: 00007f926186e0a0 R08: 0000000000000000 R09: 0000000000000000 [ 354.378515][T15314] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000001 [ 354.386542][T15314] R13: 000000000000006e R14: 00007f9260d04110 R15: 00007ffee9048888 [ 354.394549][T15314] [ 354.411902][T15319] netlink: 'syz.0.3152': attribute type 10 has an invalid length. [ 354.421573][T15320] netlink: 'syz.0.3152': attribute type 10 has an invalid length. [ 354.468850][T15309] batadv_slave_1: left promiscuous mode [ 354.667183][ T5096] Bluetooth: hci3: command tx timeout [ 354.782512][T15347] FAULT_INJECTION: forcing a failure. [ 354.782512][T15347] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 354.806098][T15347] CPU: 1 PID: 15347 Comm: syz.2.3160 Not tainted 6.10.0-rc5-syzkaller-01209-gaa77b1128016 #0 [ 354.816308][T15347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 354.826392][T15347] Call Trace: [ 354.829690][T15347] [ 354.832642][T15347] dump_stack_lvl+0x241/0x360 [ 354.837343][T15347] ? __pfx_dump_stack_lvl+0x10/0x10 [ 354.842548][T15347] ? __pfx__printk+0x10/0x10 [ 354.847177][T15347] ? __pfx_lock_release+0x10/0x10 [ 354.852217][T15347] should_fail_ex+0x3b0/0x4e0 [ 354.856913][T15347] _copy_from_user+0x2f/0xe0 [ 354.861522][T15347] copy_msghdr_from_user+0xae/0x680 [ 354.866748][T15347] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 354.872636][T15347] __sys_sendmsg+0x23d/0x3a0 [ 354.877316][T15347] ? __pfx___sys_sendmsg+0x10/0x10 [ 354.882450][T15347] ? vfs_write+0x7c4/0xc90 [ 354.886927][T15347] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 354.893270][T15347] ? do_syscall_64+0x100/0x230 [ 354.898044][T15347] ? do_syscall_64+0xb6/0x230 [ 354.902739][T15347] do_syscall_64+0xf3/0x230 [ 354.907246][T15347] ? clear_bhb_loop+0x35/0x90 [ 354.912040][T15347] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 354.917957][T15347] RIP: 0033:0x7f004f375bd9 [ 354.922393][T15347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 354.942022][T15347] RSP: 002b:00007f0050070048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 354.950549][T15347] RAX: ffffffffffffffda RBX: 00007f004f503f60 RCX: 00007f004f375bd9 [ 354.958547][T15347] RDX: 00000000000000c1 RSI: 0000000020001640 RDI: 0000000000000003 [ 354.966544][T15347] RBP: 00007f00500700a0 R08: 0000000000000000 R09: 0000000000000000 [ 354.974599][T15347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 354.982600][T15347] R13: 000000000000000b R14: 00007f004f503f60 R15: 00007ffd2d5afa38 [ 354.990620][T15347] [ 355.045411][T15355] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3159'. [ 355.270025][T15374] netlink: 209840 bytes leftover after parsing attributes in process `syz.1.3168'. [ 355.387073][T15194] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 355.402875][T15194] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 355.416722][T15194] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 355.429429][T15194] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 355.603869][T15194] 8021q: adding VLAN 0 to HW filter on device bond0 [ 355.653284][T15194] 8021q: adding VLAN 0 to HW filter on device team0 [ 355.687412][ T6994] bridge0: port 1(bridge_slave_0) entered blocking state [ 355.694598][ T6994] bridge0: port 1(bridge_slave_0) entered forwarding state [ 355.749422][ T6994] bridge0: port 2(bridge_slave_1) entered blocking state [ 355.756653][ T6994] bridge0: port 2(bridge_slave_1) entered forwarding state [ 355.892113][T15391] netlink: 'syz.3.3175': attribute type 8 has an invalid length. [ 356.199317][T15194] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 356.338266][T15420] netlink: 'syz.3.3181': attribute type 309 has an invalid length. [ 356.397681][T15411] netlink: 76 bytes leftover after parsing attributes in process `syz.1.3179'. [ 356.444218][T15411] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 356.507311][T15427] netlink: 'syz.0.3182': attribute type 1 has an invalid length. [ 356.516550][T15427] netlink: 112848 bytes leftover after parsing attributes in process `syz.0.3182'. [ 356.547957][T15427] netlink: 'syz.0.3182': attribute type 1 has an invalid length. [ 356.569287][T15433] bond0: option miimon: invalid value (18446744073072082944) [ 356.597656][T15433] bond0: option miimon: allowed values 0 - 2147483647 [ 356.708693][T15440] batadv_slave_1: entered promiscuous mode [ 356.745996][ T5096] Bluetooth: hci3: command tx timeout [ 356.818407][T15194] veth0_vlan: entered promiscuous mode [ 356.859418][T15194] veth1_vlan: entered promiscuous mode [ 356.872877][T15439] batadv_slave_1: left promiscuous mode [ 356.954766][T15194] veth0_macvtap: entered promiscuous mode [ 356.975361][T15194] veth1_macvtap: entered promiscuous mode [ 357.012056][T15194] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 357.026454][T15194] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 357.038953][T15194] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 357.053401][T15194] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 357.075496][T15194] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 357.087325][T15194] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 357.097438][T15194] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 357.108400][T15194] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 357.127262][T15194] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 357.149644][T15194] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 357.168003][T15194] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 357.183320][T15194] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 357.195399][T15194] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 357.210995][T15194] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 357.221603][T15194] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 357.237731][T15194] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 357.252170][T15194] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 357.266607][T15194] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 357.283362][T15194] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 357.298037][T15194] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 357.308659][T15194] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 357.317844][T15194] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 357.444038][ T5583] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 357.453342][ T5583] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 357.490091][ T5583] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 357.503890][ T5583] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 357.524648][T15457] netlink: 'syz.0.3190': attribute type 4 has an invalid length. [ 357.796231][T15471] FAULT_INJECTION: forcing a failure. [ 357.796231][T15471] name failslab, interval 1, probability 0, space 0, times 0 [ 357.826010][T15471] CPU: 1 PID: 15471 Comm: syz.3.3195 Not tainted 6.10.0-rc5-syzkaller-01209-gaa77b1128016 #0 [ 357.836225][T15471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 357.846342][T15471] Call Trace: [ 357.849626][T15471] [ 357.852551][T15471] dump_stack_lvl+0x241/0x360 [ 357.857234][T15471] ? __pfx_dump_stack_lvl+0x10/0x10 [ 357.862436][T15471] ? __pfx__printk+0x10/0x10 [ 357.867051][T15471] should_fail_ex+0x3b0/0x4e0 [ 357.871755][T15471] ? nfnetlink_rcv+0x11b8/0x2a90 [ 357.876701][T15471] should_failslab+0x9/0x20 [ 357.881581][T15471] kmalloc_trace_noprof+0x6c/0x2c0 [ 357.886709][T15471] nfnetlink_rcv+0x11b8/0x2a90 [ 357.891501][T15471] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 357.896648][T15471] ? netlink_deliver_tap+0x2e/0x1b0 [ 357.901841][T15471] ? skb_clone+0x240/0x390 [ 357.906258][T15471] ? __pfx_lock_release+0x10/0x10 [ 357.911396][T15471] ? netlink_deliver_tap+0x2e/0x1b0 [ 357.916590][T15471] netlink_unicast+0x7f0/0x990 [ 357.921374][T15471] ? __pfx_netlink_unicast+0x10/0x10 [ 357.926659][T15471] ? __virt_addr_valid+0x183/0x520 [ 357.931769][T15471] ? __check_object_size+0x49c/0x900 [ 357.937070][T15471] ? bpf_lsm_netlink_send+0x9/0x10 [ 357.942186][T15471] netlink_sendmsg+0x8e4/0xcb0 [ 357.946954][T15471] ? __pfx_netlink_sendmsg+0x10/0x10 [ 357.952236][T15471] ? __import_iovec+0x536/0x820 [ 357.957081][T15471] ? aa_sock_msg_perm+0x91/0x160 [ 357.962018][T15471] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 357.967315][T15471] ? security_socket_sendmsg+0x87/0xb0 [ 357.972778][T15471] ? __pfx_netlink_sendmsg+0x10/0x10 [ 357.978066][T15471] __sock_sendmsg+0x221/0x270 [ 357.982741][T15471] ____sys_sendmsg+0x525/0x7d0 [ 357.987517][T15471] ? __pfx_____sys_sendmsg+0x10/0x10 [ 357.992809][T15471] __sys_sendmsg+0x2b0/0x3a0 [ 357.997421][T15471] ? __pfx___sys_sendmsg+0x10/0x10 [ 358.002645][T15471] ? vfs_write+0x7c4/0xc90 [ 358.007184][T15471] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 358.013515][T15471] ? do_syscall_64+0x100/0x230 [ 358.018281][T15471] ? do_syscall_64+0xb6/0x230 [ 358.022950][T15471] do_syscall_64+0xf3/0x230 [ 358.027449][T15471] ? clear_bhb_loop+0x35/0x90 [ 358.032122][T15471] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 358.038007][T15471] RIP: 0033:0x7fbefcf75bd9 [ 358.042419][T15471] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 358.062050][T15471] RSP: 002b:00007fbefde01048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 358.070486][T15471] RAX: ffffffffffffffda RBX: 00007fbefd103f60 RCX: 00007fbefcf75bd9 [ 358.078457][T15471] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003 [ 358.086426][T15471] RBP: 00007fbefde010a0 R08: 0000000000000000 R09: 0000000000000000 [ 358.094407][T15471] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 358.102476][T15471] R13: 000000000000000b R14: 00007fbefd103f60 R15: 00007ffd09b880d8 [ 358.110474][T15471] [ 358.189658][T15478] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3198'. [ 358.345132][T15492] tipc: Enabled bearer , priority 0 [ 358.464377][T15501] netlink: 168 bytes leftover after parsing attributes in process `syz.3.3208'. [ 358.519553][T15502] netlink: 232 bytes leftover after parsing attributes in process `syz.1.3206'. [ 358.529789][T15502] netlink: 72 bytes leftover after parsing attributes in process `syz.1.3206'. [ 358.575051][T15505] netlink: 15999 bytes leftover after parsing attributes in process `syz.2.3209'. [ 358.727858][T15514] pim6reg: entered allmulticast mode [ 358.766025][T15516] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3212'. [ 358.786955][T15514] pim6reg: left allmulticast mode [ 358.866281][T15521] validate_nla: 1 callbacks suppressed [ 358.866302][T15521] netlink: 'syz.0.3213': attribute type 3 has an invalid length. [ 358.984671][T15525] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3217'. [ 359.279136][ C0] hrtimer: interrupt took 4650667 ns [ 367.392850][T15578] tipc: Can't bind to reserved service type 2 [ 369.728662][ T5103] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 369.739136][ T5103] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 369.747394][ T5103] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 369.756674][ T5103] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 369.764521][ T5103] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 369.771904][ T5103] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 369.862865][ T5096] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 369.872656][ T5096] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 369.883175][ T5096] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 369.893493][ T5096] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 369.904721][ T5096] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 369.912562][ T5096] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 370.236689][T15587] chnl_net:caif_netlink_parms(): no params data found [ 370.281788][T15589] chnl_net:caif_netlink_parms(): no params data found [ 374.999673][ T5096] Bluetooth: hci3: command tx timeout [ 375.006306][ T5096] Bluetooth: hci5: command tx timeout [ 381.716106][ T5103] Bluetooth: hci5: command tx timeout [ 381.721725][ T5103] Bluetooth: hci3: command tx timeout [ 381.730664][ T1248] ieee802154 phy0 wpan0: encryption failed: -22 [ 390.495910][ T5096] Bluetooth: hci3: command tx timeout [ 390.501362][ T5096] Bluetooth: hci5: command tx timeout [ 402.656711][ T5103] Bluetooth: hci5: command tx timeout [ 402.662167][ T5103] Bluetooth: hci3: command tx timeout [ 477.327038][ T19] rcu: INFO: rcu_preempt detected expedited stalls on CPUs/tasks: { 0-.... } 3398 jiffies s: 59049 root: 0x1/. [ 477.339033][ T19] rcu: blocking rcu_node structures (internal RCU debug): [ 477.346209][ T19] Sending NMI from CPU 1 to CPUs 0: [ 477.351424][ C0] NMI backtrace for cpu 0 [ 477.351439][ C0] CPU: 0 PID: 3 Comm: pool_workqueue_ Not tainted 6.10.0-rc5-syzkaller-01209-gaa77b1128016 #0 [ 477.351459][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 477.351471][ C0] RIP: 0010:__sanitizer_cov_trace_const_cmp1+0x8/0x90 [ 477.351500][ C0] Code: cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 4c 8b 04 24 <65> 48 8b 14 25 80 d5 03 00 65 8b 05 50 ab 6d 7e a9 00 01 ff 00 74 [ 477.351516][ C0] RSP: 0018:ffffc90000007ad8 EFLAGS: 00000046 [ 477.351532][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: dffffc0000000000 [ 477.351545][ C0] RDX: 0000000000010100 RSI: 0000000000000000 RDI: 0000000000000000 [ 477.351557][ C0] RBP: ffffc90000007c30 R08: ffffffff8183832f R09: 1ffffffff1f5ba5d [ 477.351571][ C0] R10: dffffc0000000000 R11: fffffbfff1f5ba5e R12: 1ffff1101728593b [ 477.351584][ C0] R13: ffffffff8990ebe0 R14: ffff88807dd4d340 R15: 0000000000000001 [ 477.351598][ C0] FS: 0000000000000000(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000 [ 477.351613][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 477.351626][ C0] CR2: 00007f433b871cb2 CR3: 000000000e132000 CR4: 00000000003506f0 [ 477.351641][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 477.351652][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 477.351665][ C0] Call Trace: [ 477.351674][ C0] [ 477.351683][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 477.351708][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 477.351729][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 477.351751][ C0] ? nmi_handle+0x2a/0x5a0 [ 477.351786][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 477.351807][ C0] ? nmi_handle+0x14f/0x5a0 [ 477.351832][ C0] ? nmi_handle+0x2a/0x5a0 [ 477.351859][ C0] ? __sanitizer_cov_trace_const_cmp1+0x8/0x90 [ 477.351878][ C0] ? default_do_nmi+0x63/0x160 [ 477.351902][ C0] ? exc_nmi+0x123/0x1f0 [ 477.351923][ C0] ? end_repeat_nmi+0xf/0x53 [ 477.351945][ C0] ? __pfx_advance_sched+0x10/0x10 [ 477.351969][ C0] ? __hrtimer_run_queues+0x53f/0xd50 [ 477.351996][ C0] ? __sanitizer_cov_trace_const_cmp1+0x8/0x90 [ 477.352016][ C0] ? __sanitizer_cov_trace_const_cmp1+0x8/0x90 [ 477.352038][ C0] ? __sanitizer_cov_trace_const_cmp1+0x8/0x90 [ 477.352058][ C0] [ 477.352064][ C0] [ 477.352070][ C0] __hrtimer_run_queues+0x53f/0xd50 [ 477.352096][ C0] ? ktime_get_update_offsets_now+0x3c/0x250 [ 477.352127][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 477.352157][ C0] hrtimer_interrupt+0x396/0x990 [ 477.352196][ C0] __sysvec_apic_timer_interrupt+0x110/0x3f0 [ 477.352224][ C0] sysvec_apic_timer_interrupt+0x52/0xc0 [ 477.352251][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 477.352272][ C0] RIP: 0010:handle_softirqs+0x1df/0x970 [ 477.352291][ C0] Code: 89 7c 24 70 0f b7 db 48 c7 c7 40 b0 c9 8b e8 48 a3 2f 0a 65 66 c7 05 96 d3 a9 7e 00 00 e8 e9 86 43 00 fb 49 c7 c4 c0 a0 00 8e ff ff ff ff 0f bc c3 41 89 c7 41 ff c7 0f 84 e6 03 00 00 89 5c [ 477.352306][ C0] RSP: 0018:ffffc90000007e40 EFLAGS: 00000286 [ 477.352321][ C0] RAX: 85dd50d048294800 RBX: 0000000000000386 RCX: ffffffff947b4603 [ 477.352334][ C0] RDX: dffffc0000000000 RSI: ffffffff8bcabb40 RDI: ffffffff8c1fee00 [ 477.352348][ C0] RBP: ffffc90000007f50 R08: ffffffff8fadd2ef R09: 1ffffffff1f5ba5d [ 477.352362][ C0] R10: dffffc0000000000 R11: fffffbfff1f5ba5e R12: ffffffff8e00a0c0 [ 477.352375][ C0] R13: 0000000000000000 R14: dffffc0000000000 R15: 1ffff92000000fdc [ 477.352404][ C0] ? ktime_get+0x9b/0xb0 [ 477.352421][ C0] ? __irq_exit_rcu+0xf4/0x1c0 [ 477.352442][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 477.352462][ C0] ? irqtime_account_irq+0xd4/0x1e0 [ 477.352489][ C0] __irq_exit_rcu+0xf4/0x1c0 [ 477.352506][ C0] ? __pfx___irq_exit_rcu+0x10/0x10 [ 477.352530][ C0] irq_exit_rcu+0x9/0x30 [ 477.352546][ C0] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 477.352573][ C0] [ 477.352579][ C0] [ 477.352586][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 477.352607][ C0] RIP: 0010:synchronize_rcu+0x0/0x360 [ 477.352629][ C0] Code: e1 07 80 c1 03 38 c1 0f 8c 97 fe ff ff 4c 89 f7 e8 e5 64 7f 00 e9 8a fe ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 e0 48 [ 477.352644][ C0] RSP: 0018:ffffc90000087cb8 EFLAGS: 00000206 [ 477.352659][ C0] RAX: dffffc0000000000 RBX: 1ffff92000010fa0 RCX: ffffffff947b4603 [ 477.352673][ C0] RDX: 0000000000000001 RSI: ffffffff8bcac820 RDI: ffffffff8c1fee00 [ 477.352686][ C0] RBP: ffffc90000087da0 R08: ffffffff947a1487 R09: 1ffffffff28f4290 [ 477.352700][ C0] R10: dffffc0000000000 R11: fffffbfff28f4291 R12: ffffffff9479fc38 [ 477.352714][ C0] R13: 1ffff92000010f9c R14: 0000000000000202 R15: ffffc90000087d00 [ 477.352738][ C0] lockdep_unregister_key+0x4b7/0x540 [ 477.352761][ C0] ? __pfx_lockdep_unregister_key+0x10/0x10 [ 477.352784][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 477.352805][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 477.352826][ C0] pwq_release_workfn+0x6e0/0x840 [ 477.352851][ C0] kthread_worker_fn+0x500/0xaf0 [ 477.352875][ C0] ? kthread_worker_fn+0xdc/0xaf0 [ 477.352897][ C0] ? __pfx_pwq_release_workfn+0x10/0x10 [ 477.352916][ C0] ? __pfx_kthread_worker_fn+0x10/0x10 [ 477.352937][ C0] kthread+0x2f0/0x390 [ 477.352958][ C0] ? __pfx_kthread_worker_fn+0x10/0x10 [ 477.352978][ C0] ? __pfx_kthread+0x10/0x10 [ 477.353000][ C0] ret_from_fork+0x4b/0x80 [ 477.353023][ C0] ? __pfx_kthread+0x10/0x10 [ 477.353044][ C0] ret_from_fork_asm+0x1a/0x30 [ 477.353079][ C0] [ 480.045674][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 480.052711][ C1] rcu: 0-....: (16 ticks this GP) idle=ebfc/1/0x4000000000000000 softirq=55697/55697 fqs=24 [ 480.064064][ C1] rcu: hardirqs softirqs csw/system [ 480.070481][ C1] rcu: number: 0 0 0 [ 480.076897][ C1] rcu: cputime: 33275 0 8 ==> 36710(ms) [ 480.084702][ C1] rcu: (detected by 1, t=10504 jiffies, g=64441, q=1008 ncpus=2) [ 480.092520][ C1] Sending NMI from CPU 1 to CPUs 0: [ 480.097744][ C0] NMI backtrace for cpu 0 [ 480.097759][ C0] CPU: 0 PID: 3 Comm: pool_workqueue_ Not tainted 6.10.0-rc5-syzkaller-01209-gaa77b1128016 #0 [ 480.097779][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 480.097791][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x8/0x70 [ 480.097817][ C0] Code: 8b 3d ac 2b 46 0c 48 89 de 5b e9 23 50 5a 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 8b 04 24 <65> 48 8b 0c 25 80 d5 03 00 65 8b 15 50 ae 6d 7e f7 c2 00 01 ff 00 [ 480.097833][ C0] RSP: 0018:ffffc90000007a08 EFLAGS: 00000002 [ 480.097850][ C0] RAX: ffffffff8990ecc5 RBX: 0000000000000001 RCX: ffff8880172a3c00 [ 480.097864][ C0] RDX: ffff8880172a3c00 RSI: 0000000000000001 RDI: 0000000000000000 [ 480.097877][ C0] RBP: dffffc0000000000 R08: ffffffff8990ecb8 R09: fffff52000000f30 [ 480.097892][ C0] R10: dffffc0000000000 R11: fffff52000000f30 R12: 0000000000000002 [ 480.097905][ C0] R13: ffffffff8990ebe0 R14: ffff88807dd4d340 R15: ffff8880172a46c8 [ 480.097919][ C0] FS: 0000000000000000(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000 [ 480.097935][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 480.097948][ C0] CR2: 00007f433b871cb2 CR3: 000000000e132000 CR4: 00000000003506f0 [ 480.097964][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 480.097976][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 480.097988][ C0] Call Trace: [ 480.097998][ C0] [ 480.098008][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 480.098031][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 480.098054][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 480.098081][ C0] ? nmi_handle+0x2a/0x5a0 [ 480.098117][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 480.098138][ C0] ? nmi_handle+0x14f/0x5a0 [ 480.098163][ C0] ? nmi_handle+0x2a/0x5a0 [ 480.098190][ C0] ? __sanitizer_cov_trace_pc+0x8/0x70 [ 480.098207][ C0] ? __sanitizer_cov_trace_const_cmp1+0x8/0x90 [ 480.098227][ C0] ? default_do_nmi+0x63/0x160 [ 480.098250][ C0] ? exc_nmi+0x123/0x1f0 [ 480.098273][ C0] ? end_repeat_nmi+0xf/0x53 [ 480.098294][ C0] ? __pfx_advance_sched+0x10/0x10 [ 480.098319][ C0] ? advance_sched+0xd8/0xca0 [ 480.098339][ C0] ? advance_sched+0xe5/0xca0 [ 480.098362][ C0] ? __sanitizer_cov_trace_pc+0x8/0x70 [ 480.098381][ C0] ? __sanitizer_cov_trace_pc+0x8/0x70 [ 480.098401][ C0] ? __sanitizer_cov_trace_pc+0x8/0x70 [ 480.098420][ C0] [ 480.098426][ C0] [ 480.098432][ C0] advance_sched+0xe5/0xca0 [ 480.098456][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 480.098479][ C0] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 480.098506][ C0] ? __pfx_advance_sched+0x10/0x10 [ 480.098527][ C0] __hrtimer_run_queues+0x59b/0xd50 [ 480.098554][ C0] ? ktime_get_update_offsets_now+0x3c/0x250 [ 480.098584][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 480.098615][ C0] hrtimer_interrupt+0x396/0x990 [ 480.098654][ C0] __sysvec_apic_timer_interrupt+0x110/0x3f0 [ 480.098682][ C0] sysvec_apic_timer_interrupt+0x52/0xc0 [ 480.098709][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 480.098730][ C0] RIP: 0010:handle_softirqs+0x1df/0x970 [ 480.098749][ C0] Code: 89 7c 24 70 0f b7 db 48 c7 c7 40 b0 c9 8b e8 48 a3 2f 0a 65 66 c7 05 96 d3 a9 7e 00 00 e8 e9 86 43 00 fb 49 c7 c4 c0 a0 00 8e ff ff ff ff 0f bc c3 41 89 c7 41 ff c7 0f 84 e6 03 00 00 89 5c [ 480.098764][ C0] RSP: 0018:ffffc90000007e40 EFLAGS: 00000286 [ 480.098779][ C0] RAX: 85dd50d048294800 RBX: 0000000000000386 RCX: ffffffff947b4603 [ 480.098792][ C0] RDX: dffffc0000000000 RSI: ffffffff8bcabb40 RDI: ffffffff8c1fee00 [ 480.098805][ C0] RBP: ffffc90000007f50 R08: ffffffff8fadd2ef R09: 1ffffffff1f5ba5d [ 480.098819][ C0] R10: dffffc0000000000 R11: fffffbfff1f5ba5e R12: ffffffff8e00a0c0 [ 480.098833][ C0] R13: 0000000000000000 R14: dffffc0000000000 R15: 1ffff92000000fdc [ 480.098857][ C0] ? ktime_get+0x9b/0xb0 [ 480.098874][ C0] ? __irq_exit_rcu+0xf4/0x1c0 [ 480.098895][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 480.098915][ C0] ? irqtime_account_irq+0xd4/0x1e0 [ 480.098958][ C0] __irq_exit_rcu+0xf4/0x1c0 [ 480.098976][ C0] ? __pfx___irq_exit_rcu+0x10/0x10 [ 480.099000][ C0] irq_exit_rcu+0x9/0x30 [ 480.099016][ C0] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 480.099042][ C0] [ 480.099048][ C0] [ 480.099056][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 480.099082][ C0] RIP: 0010:synchronize_rcu+0x0/0x360 [ 480.099104][ C0] Code: e1 07 80 c1 03 38 c1 0f 8c 97 fe ff ff 4c 89 f7 e8 e5 64 7f 00 e9 8a fe ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 e0 48 [ 480.099119][ C0] RSP: 0018:ffffc90000087cb8 EFLAGS: 00000206 [ 480.099134][ C0] RAX: dffffc0000000000 RBX: 1ffff92000010fa0 RCX: ffffffff947b4603 [ 480.099148][ C0] RDX: 0000000000000001 RSI: ffffffff8bcac820 RDI: ffffffff8c1fee00 [ 480.099162][ C0] RBP: ffffc90000087da0 R08: ffffffff947a1487 R09: 1ffffffff28f4290 [ 480.099176][ C0] R10: dffffc0000000000 R11: fffffbfff28f4291 R12: ffffffff9479fc38 [ 480.099190][ C0] R13: 1ffff92000010f9c R14: 0000000000000202 R15: ffffc90000087d00 [ 480.099214][ C0] lockdep_unregister_key+0x4b7/0x540 [ 480.099237][ C0] ? __pfx_lockdep_unregister_key+0x10/0x10 [ 480.099260][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 480.099282][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 480.099303][ C0] pwq_release_workfn+0x6e0/0x840 [ 480.099329][ C0] kthread_worker_fn+0x500/0xaf0 [ 480.099353][ C0] ? kthread_worker_fn+0xdc/0xaf0 [ 480.099375][ C0] ? __pfx_pwq_release_workfn+0x10/0x10 [ 480.099394][ C0] ? __pfx_kthread_worker_fn+0x10/0x10 [ 480.099415][ C0] kthread+0x2f0/0x390 [ 480.099436][ C0] ? __pfx_kthread_worker_fn+0x10/0x10 [ 480.099456][ C0] ? __pfx_kthread+0x10/0x10 [ 480.099478][ C0] ret_from_fork+0x4b/0x80 [ 480.099501][ C0] ? __pfx_kthread+0x10/0x10 [ 480.099522][ C0] ret_from_fork_asm+0x1a/0x30 [ 480.099557][ C0] [ 480.099741][ C1] rcu: rcu_preempt kthread starved for 215 jiffies! g64441 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 [ 480.683047][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 480.693117][ C1] rcu: RCU grace-period kthread stack dump: [ 480.699018][ C1] task:rcu_preempt state:R running task stack:26576 pid:17 tgid:17 ppid:2 flags:0x00004000 [ 480.710783][ C1] Call Trace: [ 480.714068][ C1] [ 480.717186][ C1] __schedule+0x17e8/0x4a20 [ 480.721730][ C1] ? __pfx___schedule+0x10/0x10 [ 480.726594][ C1] ? __pfx_lock_release+0x10/0x10 [ 480.731625][ C1] ? __asan_memset+0x23/0x50 [ 480.736230][ C1] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 480.742046][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 480.748383][ C1] ? schedule+0x90/0x320 [ 480.752656][ C1] schedule+0x14b/0x320 [ 480.756913][ C1] schedule_timeout+0x1be/0x310 [ 480.761782][ C1] ? __pfx_schedule_timeout+0x10/0x10 [ 480.767189][ C1] ? __pfx_process_timeout+0x10/0x10 [ 480.772521][ C1] ? prepare_to_swait_event+0x32e/0x350 [ 480.778089][ C1] rcu_gp_fqs_loop+0x2df/0x1330 [ 480.782964][ C1] ? __pfx_rcu_implicit_dynticks_qs+0x10/0x10 [ 480.789044][ C1] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 480.794332][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 480.800241][ C1] ? finish_swait+0xd4/0x1e0 [ 480.804838][ C1] rcu_gp_kthread+0xa7/0x3b0 [ 480.809436][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 480.814638][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 480.820549][ C1] ? __kthread_parkme+0x169/0x1d0 [ 480.825584][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 480.830790][ C1] kthread+0x2f0/0x390 [ 480.834871][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 480.840073][ C1] ? __pfx_kthread+0x10/0x10 [ 480.844680][ C1] ret_from_fork+0x4b/0x80 [ 480.849111][ C1] ? __pfx_kthread+0x10/0x10 [ 480.853710][ C1] ret_from_fork_asm+0x1a/0x30 [ 480.858500][ C1] [ 480.861525][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 480.867869][ C1] CPU: 1 PID: 12 Comm: kworker/u8:1 Not tainted 6.10.0-rc5-syzkaller-01209-gaa77b1128016 #0 [ 480.877948][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 480.888013][ C1] Workqueue: events_unbound toggle_allocation_gate [ 480.894537][ C1] RIP: 0010:smp_call_function_many_cond+0x1865/0x29d0 [ 480.901316][ C1] Code: 89 e6 83 e6 01 31 ff e8 a9 09 0c 00 41 83 e4 01 49 bc 00 00 00 00 00 fc ff df 75 07 e8 54 05 0c 00 eb 38 f3 90 42 0f b6 04 23 <84> c0 75 11 41 f7 45 00 01 00 00 00 74 1e e8 38 05 0c 00 eb e4 44 [ 480.921019][ C1] RSP: 0018:ffffc90000117700 EFLAGS: 00000293 [ 480.927124][ C1] RAX: 0000000000000000 RBX: 1ffff11017288c21 RCX: ffff8880172c5a00 [ 480.935296][ C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 480.943289][ C1] RBP: ffffc900001178e0 R08: ffffffff818a21b7 R09: 1ffffffff25f78b0 [ 480.951275][ C1] R10: dffffc0000000000 R11: fffffbfff25f78b1 R12: dffffc0000000000 [ 480.959257][ C1] R13: ffff8880b9446108 R14: ffff8880b953f980 R15: 0000000000000000 [ 480.967243][ C1] FS: 0000000000000000(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000 [ 480.976179][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 480.982769][ C1] CR2: 00007ffd10e07ba8 CR3: 000000000e132000 CR4: 00000000003506f0 [ 480.990763][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 480.998763][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 481.006755][ C1] Call Trace: [ 481.010044][ C1] [ 481.012915][ C1] ? rcu_check_gp_kthread_starvation+0x278/0x310 [ 481.019266][ C1] ? print_other_cpu_stall+0x1470/0x15a0 [ 481.024918][ C1] ? __pfx_print_other_cpu_stall+0x10/0x10 [ 481.030743][ C1] ? __pfx_lock_release+0x10/0x10 [ 481.035787][ C1] ? kvm_check_and_clear_guest_paused+0x6a/0xd0 [ 481.042042][ C1] ? rcu_sched_clock_irq+0x9f4/0x10a0 [ 481.047433][ C1] ? __pfx_rcu_sched_clock_irq+0x10/0x10 [ 481.053110][ C1] ? hrtimer_run_queues+0x16c/0x460 [ 481.058341][ C1] ? acct_account_cputime+0x207/0x210 [ 481.063746][ C1] ? update_process_times+0x1ce/0x230 [ 481.069145][ C1] ? tick_nohz_handler+0x37c/0x500 [ 481.074715][ C1] ? __pfx_tick_nohz_handler+0x10/0x10 [ 481.080191][ C1] ? __hrtimer_run_queues+0x551/0xd50 [ 481.085592][ C1] ? ktime_get_update_offsets_now+0x3c/0x250 [ 481.091774][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 481.097506][ C1] ? ktime_get_update_offsets_now+0x22d/0x250 [ 481.103587][ C1] ? hrtimer_interrupt+0x396/0x990 [ 481.108741][ C1] ? __sysvec_apic_timer_interrupt+0x110/0x3f0 [ 481.114923][ C1] ? sysvec_apic_timer_interrupt+0xa1/0xc0 [ 481.120772][ C1] [ 481.123716][ C1] [ 481.126654][ C1] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 481.132923][ C1] ? smp_call_function_many_cond+0x1847/0x29d0 [ 481.139096][ C1] ? smp_call_function_many_cond+0x1865/0x29d0 [ 481.145292][ C1] ? kmem_cache_alloc_bulk_noprof+0x147/0x770 [ 481.151395][ C1] ? __pfx_do_sync_core+0x10/0x10 [ 481.156496][ C1] ? kmem_cache_alloc_bulk_noprof+0x147/0x770 [ 481.162605][ C1] ? kmem_cache_alloc_bulk_noprof+0x146/0x770 [ 481.168690][ C1] ? perf_event_text_poke+0x258/0x330 [ 481.174086][ C1] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 481.180428][ C1] ? __pfx_perf_event_text_poke+0x10/0x10 [ 481.186155][ C1] ? __mutex_trylock_common+0x183/0x2e0 [ 481.191722][ C1] ? preempt_schedule_thunk+0x1a/0x30 [ 481.197103][ C1] ? __pfx_do_sync_core+0x10/0x10 [ 481.202135][ C1] on_each_cpu_cond_mask+0x3f/0x80 [ 481.207262][ C1] text_poke_bp_batch+0x726/0xb30 [ 481.212307][ C1] ? kmem_cache_alloc_bulk_noprof+0x147/0x770 [ 481.218387][ C1] ? __pfx_text_poke_bp_batch+0x10/0x10 [ 481.223958][ C1] ? arch_jump_label_transform_queue+0x9b/0x100 [ 481.230217][ C1] text_poke_finish+0x30/0x50 [ 481.234902][ C1] arch_jump_label_transform_apply+0x1c/0x30 [ 481.240897][ C1] static_key_enable_cpuslocked+0x136/0x260 [ 481.246814][ C1] static_key_enable+0x1a/0x20 [ 481.251601][ C1] toggle_allocation_gate+0xb5/0x250 [ 481.256904][ C1] ? __pfx_toggle_allocation_gate+0x10/0x10 [ 481.262819][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 481.269340][ C1] ? process_scheduled_works+0x945/0x1830 [ 481.275070][ C1] process_scheduled_works+0xa2c/0x1830 [ 481.280654][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 481.286647][ C1] ? assign_work+0x364/0x3d0 [ 481.291249][ C1] worker_thread+0x86d/0xd50 [ 481.295860][ C1] ? __kthread_parkme+0x169/0x1d0 [ 481.300929][ C1] ? __pfx_worker_thread+0x10/0x10 [ 481.306048][ C1] kthread+0x2f0/0x390 [ 481.310127][ C1] ? __pfx_worker_thread+0x10/0x10 [ 481.315242][ C1] ? __pfx_kthread+0x10/0x10 [ 481.319865][ C1] ret_from_fork+0x4b/0x80 [ 481.324292][ C1] ? __pfx_kthread+0x10/0x10 [ 481.328891][ C1] ret_from_fork_asm+0x1a/0x30 [ 481.333684][ C1]