last executing test programs: 49.04641733s ago: executing program 0 (id=2006): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x12, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000003900000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x1d, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010000030900010073797a30000000002c000000030a010100000000000000007a30d18082930900030073797a320000000098000000060a010400000000000000000100000008000b4000000000700004803400018000000100657874686472000024000280080001400000000c080003400000000008000440000000220500020007000000380001800c0001006269747769736500280002800800034000000002080001400000001408000240000000120400078008000640000000040900010073797a30000000001400000011000100000000001b0000000700000a"], 0x10c}}, 0x0) 44.143091777s ago: executing program 0 (id=2006): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x12, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000003900000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x1d, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010000030900010073797a30000000002c000000030a010100000000000000007a30d18082930900030073797a320000000098000000060a010400000000000000000100000008000b4000000000700004803400018000000100657874686472000024000280080001400000000c080003400000000008000440000000220500020007000000380001800c0001006269747769736500280002800800034000000002080001400000001408000240000000120400078008000640000000040900010073797a30000000001400000011000100000000001b0000000700000a"], 0x10c}}, 0x0) 38.309500265s ago: executing program 0 (id=2006): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x12, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000003900000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x1d, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010000030900010073797a30000000002c000000030a010100000000000000007a30d18082930900030073797a320000000098000000060a010400000000000000000100000008000b4000000000700004803400018000000100657874686472000024000280080001400000000c080003400000000008000440000000220500020007000000380001800c0001006269747769736500280002800800034000000002080001400000001408000240000000120400078008000640000000040900010073797a30000000001400000011000100000000001b0000000700000a"], 0x10c}}, 0x0) 34.695277805s ago: executing program 4 (id=2322): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r1, r2, 0x2, 0x2, 0x0, @void, @value}, 0x10) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r3, r4, 0x2, 0x2, 0x0, @void, @value}, 0x10) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r5, r6, 0x2, 0x2, 0x0, @void, @value}, 0x10) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000280)={@cgroup=r5, 0x2, 0x0, 0x5, &(0x7f0000000180)=[0x0], 0x1, 0x0, 0x0, 0x0, 0x0}, 0x40) r7 = getpid() sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)={0x288, 0x2c, 0x1, 0x70bd25, 0x0, "", [@nested={0x4, 0x800}, @nested={0x274, 0x18, 0x0, 0x1, [@nested={0x26f, 0x12d, 0x0, 0x1, [@generic="d7757ff79a23cdd566d8b2158d0f322ff7acbc16a0cf9e456ded86e6f309e9dc47a46ada3674b1ae9a35a08add2eb1c610089d899811be0825078271edd45551d6b0a1ac03360dd6d9a64753290e1490a169662e423568543603fbf3715b453da21189cc837ed81f6e3c3f6c6af9da1009119df2c24e82e1b9518f3b467042bed5a338dc7686bd74a98b11ebef73af7f2832a1d02a4cde6bae0856037dd5ef6a05368709b9e93cb43a250ac83a69954dd99baf2800a3a0d5e4f501a609819dc1deebaf8af603ca6cea34ed", @generic="403fb18a9d24a73a41041e4fa2ef85116e0d98ddc891ba63a92bed5f1b714ca9c55cab0a9914661e774be1d1840895c6fa64842a6185ad09b813bf7a7bc22653081c7eee0a70c1300c36acd43161c685bee7ddcf3c4b23b30a86082c4b911707ab14e36035a6469f8f44a2aeca0f61011bcb08ff3b704d2803982d329708d5c6054251cad889ba5117b8d70f893f5d5c666c319c357a4780543ba39588a87220e51ff8d368d5e7d8686f3201f5f7ab7f7e0bacf634b8f2c406463b417c0fd1697fa8b5e2c0f5117f007624f6", @typed={0xa, 0xdc, 0x0, 0x0, @str='!$.\\.\x00'}, @typed={0x8, 0x94, 0x0, 0x0, @ipv4=@multicast1}, @nested={0x4, 0xa0}, @nested={0xd, 0xe9, 0x0, 0x1, [@generic="95", @typed={0x8, 0xeb, 0x0, 0x0, @pid=r7}]}, @nested={0xab, 0xc4, 0x0, 0x1, [@generic="91d064ca011ac51020c9374fdca91aedff76ef5d0966ddc59ac70f423c059c", @typed={0x81, 0x46, 0x0, 0x0, @binary="6dca35e7614b0c596a41720964820dbb0a21579488dd9b4d09efdd81a9f493744b82bdc0aec1288b9dcdb35be934411bae882b7e92dcb8d1c272ad87277d908a25174e908b5e19eeb2d549e6c6c1282a7c7cb25cfc2cc363ae9f4a988702a4d38cd2255d468f134a7fcdcab1cd2c4ebeb36ae327bb5659578ec32c1f55"}, @nested={0x4, 0x61}]}]}]}]}, 0x288}], 0x1}, 0x0) 34.625226122s ago: executing program 4 (id=2324): sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20004041, 0x0, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0xcc15, @dev, 0x7}, 0x1c) close(0xffffffffffffffff) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000004d80), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000001000000140001800800030000000000080006000a0000001ce420e119e0cd17b238aaec9c72d167ca8a6f427b0c2e3e4fead100d9c43766b95ac79d87924b18f1460174392a9706aa5832f823cbef529807e9af7185dea74b91860b860aa7548fa25d62c356f360357fffeaaab4a49d03f1783cb73592a741c2fd546b092c22d377c1b496c2d5020b34896c041dfc5a3013ea191e0780ea4a44028d6463d7817808c93ee45f7d22848bfab3a7131c472944c7483893be54430e4a14c881d6446c4ae92e6ad5007fe07c267f90a827b7893831c38484d403b4b3a4"], 0x28}}, 0x10) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x1f21, 0x12) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r3, 0x0) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_EVENTS(r4, 0x84, 0xb, 0x0, &(0x7f0000000000)) listen(r0, 0x0) r5 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r5, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) unshare(0x0) syz_emit_ethernet(0x3e, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbd30190780a010102ac1414aa040090780000000045000000000000000032000000000000000000006efb81da9cfd066ceffb5af9063f24f8d44fff8097af5680044fcd2b8d6a98feee0ab3cc03679d2299b8e5d210262c1d0b6e0c04a0ce1d6074842a3331fa3a4154d5c844cf2aa69825080264ebd9098fcb55377d4af4ec6fc23a1464b1a22ceec4448d655de734f2b1bdeeed91abcc394786ade91a6fa8d24ad6d62c31164dc0788c59bfdb8a64e40320b3b97a95217f6114bef717b02b06ce8291f63d985f8edba80065d0b22808bd0ecf8de80c06d9032147e16378c6b4733dfe1a2cda"], 0x0) accept$inet6(r3, 0x0, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000004c0)={0x30, r7, 0x1, 0x70bd2c, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0x1c}}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}]}, 0x30}}, 0x0) r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r8, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r8, &(0x7f0000000000)="0a000000010003", 0x7) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000040)=ANY=[@ANYRES8=r2], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r9 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r9, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000a40)=@newsa={0x140, 0x10, 0x1, 0x0, 0x0, {{@in=@empty, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in, 0x0, 0x6c}, @in=@remote, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @extra_flags={0x8, 0x18, 0x8}]}, 0x140}}, 0x0) 34.547833329s ago: executing program 4 (id=2327): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000940)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={{0x14}, [@NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_SREG={0x8}, @NFTA_EXTHDR_OP={0x8, 0x6, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_USERDATA={0x5, 0x7, 0x1, 0x0, "c5"}]}], {0x14}}, 0x84}}, 0x0) (async) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@ipv4_newrule={0x28, 0x20, 0x1, 0x0, 0x0, {}, [@FRA_GENERIC_POLICY=@FRA_UID_RANGE={0xc, 0x14, {0x0, 0xffffffffffffffff}}]}, 0x28}}, 0x0) 32.167168209s ago: executing program 0 (id=2006): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x12, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000003900000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x1d, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010000030900010073797a30000000002c000000030a010100000000000000007a30d18082930900030073797a320000000098000000060a010400000000000000000100000008000b4000000000700004803400018000000100657874686472000024000280080001400000000c080003400000000008000440000000220500020007000000380001800c0001006269747769736500280002800800034000000002080001400000001408000240000000120400078008000640000000040900010073797a30000000001400000011000100000000001b0000000700000a"], 0x10c}}, 0x0) 29.510099289s ago: executing program 4 (id=2327): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000940)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={{0x14}, [@NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_SREG={0x8}, @NFTA_EXTHDR_OP={0x8, 0x6, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_USERDATA={0x5, 0x7, 0x1, 0x0, "c5"}]}], {0x14}}, 0x84}}, 0x0) (async) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@ipv4_newrule={0x28, 0x20, 0x1, 0x0, 0x0, {}, [@FRA_GENERIC_POLICY=@FRA_UID_RANGE={0xc, 0x14, {0x0, 0xffffffffffffffff}}]}, 0x28}}, 0x0) 25.33420815s ago: executing program 0 (id=2006): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x12, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000003900000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x1d, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010000030900010073797a30000000002c000000030a010100000000000000007a30d18082930900030073797a320000000098000000060a010400000000000000000100000008000b4000000000700004803400018000000100657874686472000024000280080001400000000c080003400000000008000440000000220500020007000000380001800c0001006269747769736500280002800800034000000002080001400000001408000240000000120400078008000640000000040900010073797a30000000001400000011000100000000001b0000000700000a"], 0x10c}}, 0x0) 23.82063616s ago: executing program 4 (id=2327): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000940)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={{0x14}, [@NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_SREG={0x8}, @NFTA_EXTHDR_OP={0x8, 0x6, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_USERDATA={0x5, 0x7, 0x1, 0x0, "c5"}]}], {0x14}}, 0x84}}, 0x0) (async) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@ipv4_newrule={0x28, 0x20, 0x1, 0x0, 0x0, {}, [@FRA_GENERIC_POLICY=@FRA_UID_RANGE={0xc, 0x14, {0x0, 0xffffffffffffffff}}]}, 0x28}}, 0x0) 18.45685706s ago: executing program 0 (id=2006): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x12, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000003900000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x1d, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010000030900010073797a30000000002c000000030a010100000000000000007a30d18082930900030073797a320000000098000000060a010400000000000000000100000008000b4000000000700004803400018000000100657874686472000024000280080001400000000c080003400000000008000440000000220500020007000000380001800c0001006269747769736500280002800800034000000002080001400000001408000240000000120400078008000640000000040900010073797a30000000001400000011000100000000001b0000000700000a"], 0x10c}}, 0x0) 17.738765781s ago: executing program 2 (id=2519): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000008c0)=ANY=[@ANYBLOB="6c0000001000010400d201000072f60000020000", @ANYRES32=0x0, @ANYBLOB="0524060000000000300012800b0001006272696467650000200002800c002e00fffff6ffffffffff050007001f000000060027000000000008000a00a8"], 0x6c}}, 0x0) socket(0x3, 0x80000, 0x8) (async) r0 = socket(0x3, 0x80000, 0x8) socket$igmp6(0xa, 0x3, 0x2) (async) socket$igmp6(0xa, 0x3, 0x2) r1 = socket(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0xa00000000000000, 0x80, &(0x7f00000000c0)=@broute={'broute\x00', 0x20, 0x1, 0x990, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000e00], 0x0, 0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000000b00000000000000000062726964676530000000000000000000766c616e300000000000000000000000736974300000000000000000000000007465716c3000008000000000000000000000000000000000000000000180c20000000000000000000000b8080000b808000030090000616d6f6e670000000000000000000000000000002000000000000000000000002008000000000000140400000c000000000000000a0000000000003c31957c58e609ea3404000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000002f00000000000000000000000000000000000000000000000000000000000000000000fdffffffffffffff000000000000000000000000e4ff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005000000000000000000000000000000000000000000000000000000000000000000006fb7cd02b734bcce41ef6e95bd000000008000100000000000000000000000000000000000000000000000000000000000000040000000008fc7660c490587b3ab213098a6767c00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000088b999350317960900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000629244b7a419c5f714f4d16c3700000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000949853000000000000000000000000440a05000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f18a0afe99350000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b389d708839d3c00000000000000000000000000000000000000000056629f615a20576900000000000000000000000000de44000000000000000000000000000000000000000000000000f4f016fa70c1255400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e3ff0000000000000000feffffff0000000000000000001000000000000000000000000000000000cf4810668e73cab61331b8f60000000000000000000000000000000000000000000001000000000000000000000000000062f75a00627f34dd71012eed00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e0ffffff00000000000000000000000000000000000000000000001b000000000000000000000004000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fffffff90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f2573bd04a330000000e00000000000000000000000000000000000000e9ffffff00000000000000000000000000000000000000000000000000f56ed659f0072400000000000000000000000000000000000000000000000000000000000000000000000000003a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000075dab07149f533af00000000000000000000cb33322c9c564ae5f8eef74d5aa7cc9c000000000000000000000000000000000000000000000000000000000500000000000000000000000000000000000000003f7f1c53c1b3e900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000bb000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006fd58098000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d3d2e85100000000000000000000000000000000000000000000000000000000006e666c6f670000001100000000000000000000000000000000000000000000005080000000e3c800000000000000000000010000a600a9e85725d89818472e65aba21d9bbc1b20e8331c6fd24a5aceaeefe102e42a013ac2c00eeb782c34eab997013e0506220c21a44cc58ff5bc83d5e4066c7700"/2448]}, 0xa08) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000000)=0x800, 0x4) socket$nl_route(0x10, 0x3, 0x0) (async) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)=ANY=[@ANYBLOB="2000000069000b00000000000000000000000000000000e7070001"], 0x20}, 0x1, 0x200000000000000}, 0x0) (async) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)=ANY=[@ANYBLOB="2000000069000b00000000000000000000000000000000e7070001"], 0x20}, 0x1, 0x200000000000000}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x1f, 0x2, &(0x7f0000000200)=@raw=[@call={0x85, 0x0, 0x0, 0x93}, @exit], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) sendmmsg$alg(r0, &(0x7f0000000140), 0x4924b68, 0x0) sendmsg$DEVLINK_CMD_PORT_UNSPLIT(r0, &(0x7f0000000340)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f00000004c0)={0xf8, 0x0, 0x200, 0x70bd2d, 0x25dfdbff, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}}]}, 0xf8}, 0x1, 0x0, 0x0, 0x20044840}, 0x24000850) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x2, 0x1, 0x8c}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=ANY=[@ANYBLOB="300000001800dd8d000000000000000002000000000000060000000008001e0002"], 0x30}}, 0x4090) 17.735598003s ago: executing program 4 (id=2327): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000940)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={{0x14}, [@NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_SREG={0x8}, @NFTA_EXTHDR_OP={0x8, 0x6, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_USERDATA={0x5, 0x7, 0x1, 0x0, "c5"}]}], {0x14}}, 0x84}}, 0x0) (async) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@ipv4_newrule={0x28, 0x20, 0x1, 0x0, 0x0, {}, [@FRA_GENERIC_POLICY=@FRA_UID_RANGE={0xc, 0x14, {0x0, 0xffffffffffffffff}}]}, 0x28}}, 0x0) 17.079376674s ago: executing program 2 (id=2522): r0 = socket$alg(0x26, 0x5, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000070000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = socket$inet6(0xa, 0x2, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x409c884, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @mcast1, 0x7}, 0x1c) sendto$inet6(r1, &(0x7f0000003240)="0d0ad7c36d", 0x5, 0x6d91fb6106d8d10c, 0x0, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001100)=@dellink={0x28, 0x11, 0x1, 0x0, 0x0, {}, [@IFLA_NET_NS_PID={0x8}]}, 0x28}}, 0x40000) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10) connect$pppoe(0xffffffffffffffff, &(0x7f0000000240)={0x18, 0x0, {0x1, @remote, 'veth1_to_team\x00'}}, 0x1e) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0xaa}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x2a}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) r4 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r4, &(0x7f0000000100)={0x40000000, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="0218000010000000000000000000000003000600000000000200000400000000000000000000000008001200000000000000000000000000170000000000000000000000000000007f000001000000000000000000000000fc020000000000000000000000000000030005000000000002"], 0x80}}, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) accept(r0, &(0x7f00000003c0)=@nl, 0x0) 16.99874417s ago: executing program 2 (id=2525): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$batadv(&(0x7f0000000280), 0xffffffffffffffff) r0 = socket(0x22, 0xa, 0x10000) r1 = socket(0x6, 0x800000003, 0x4000) r2 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r2, &(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, r1, {0x2, 0x0, @multicast2}, 0x4004}}, 0x26) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000040)) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), 0xffffffffffffffff) sendmsg$TIPC_NL_NET_SET(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000000c0)={0x14, r4, 0x1}, 0x14}}, 0x0) r5 = socket$netlink(0x10, 0x3, 0x4) writev(r5, &(0x7f00000006c0)=[{&(0x7f0000000180)="480000001400197f09004b0101048c59028800ffff0001000000000028213ee20600d4ff4affff00c7e5ed5e00000000000000000000eaf60d18125d4b18857a9eace35ee8b12c00", 0x48}], 0x1) 16.911460818s ago: executing program 3 (id=2527): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(aes)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$inet(r1, &(0x7f0000002940)=[{{0x0, 0x0, &(0x7f00000028c0)=[{&(0x7f0000000440)="ee6b53ee60ae", 0x6}, {&(0x7f0000002600)="1b0446cf7cec0e1d490870", 0xb}], 0x2}, 0x2000000}], 0x1, 0x4000000) 16.862240233s ago: executing program 3 (id=2528): r0 = socket(0x1e, 0x4, 0x0) ioctl$SIOCPNADDRESOURCE(r0, 0x89e0, &(0x7f0000000200)=0x2) socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) r1 = socket$pppl2tp(0x18, 0x1, 0x1) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_int(r2, 0x0, 0x15, &(0x7f0000000040)=0x200, 0x4) connect$pppl2tp(r1, &(0x7f0000000200)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x3a) close(0x4) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid\x00') 16.689595576s ago: executing program 3 (id=2529): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0xb10, 0x170, 0xc8, 0x8, 0x170, 0x5803, 0xa40, 0x2e8, 0x2e8, 0xa40, 0x2e8, 0x3, 0x0, {[{{@ipv6={@empty, @private2, [], [0x0, 0x0, 0xffffffff], 'pim6reg0\x00', 'wlan0\x00'}, 0x0, 0x128, 0x170, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@devgroup={{0x38}, {0x5, 0x0, 0xc7}}, @common=@dst={{0x48}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp\x00'}}}, {{@uncond, 0x0, 0x8b0, 0x8d0, 0x0, {}, [@common=@unspec=@u32={{0x7e0}, {[{[{0xd8}]}, {[{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}]}, {[], [{}, {0x6b1cab00}]}, {[], [{0x0, 0x800}]}, {}, {[{0x0, 0x2}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x7caf1687, 0x3}]}, {[{}, {}, {}, {}, {}, {}, {}, {}, {0x943d}, {}, {0xfffffffc}]}, {[], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x4}]}, {[{}, {}, {}, {}, {}, {0x8}], [{}, {}, {}, {}, {}, {}, {0x20000000}]}, {}, {[{}, {}, {}, {}, {}, {0x0, 0x1}]}]}}, @inet=@rpfilter={{0x28}}]}, @unspec=@TRACE={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0xb70) syz_emit_ethernet(0x0, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0) getsockname$packet(r2, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r3, @ANYBLOB="00001000252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}}, 0x40000) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@newlink={0x3c, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bond={{0x9}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x4000) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000b80)) 16.61422319s ago: executing program 2 (id=2530): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f0000000640)={0x38, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_WANTED={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_MASK={0x4}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}, @ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}]}]}, 0x38}}, 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r2, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r2, &(0x7f0000000340)='#\x00\x00\x00', 0x4) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYRES16, @ANYRES16=0x0, @ANYRESOCT, @ANYRESHEX=r2, @ANYRES32=r2, @ANYBLOB="2dafd78e6697e08b2c6663a08e1a198d87762d5c13b6baf4824cdb30f7114e1b0d70ebda1a31e1466750fb2031a1afeaffae939edf7d5559191dac2b2e7c25792cbb399e9d9608c55dba95dd291b2d600f4e7d0877e772ccd57768a3cadc446fc1f826d89fac7d387c5fe086546f78efc759f025a386a2bd4ec2190b835aa74539ad55a50378ecffe4742cfafa8903534d33119b772832a7a68a05e9ad1cdf65d1621491f43d42a18048ef1ad5a64909361b2f81d899c2e9d8acd4c32f78047f80f64b4aa17ec2bad82515e34f7347e53fab392bb09267a47f8dee6a22860b12ebe21b1d39", @ANYRES8=r2, @ANYRES32=r2], 0x150}, 0x1, 0x0, 0x0, 0x400c040}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(r3, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x34, r4, 0x2, 0x70bd28, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0x4}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0xf1}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x8}], @NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20006000}, 0x8000) 16.555347203s ago: executing program 1 (id=2532): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) ioctl$sock_FIOSETOWN(r1, 0x8901, &(0x7f0000000040)) ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f00000000c0)) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r0, 0xffffffffffffffff}, &(0x7f00000000c0), &(0x7f0000000100)}, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000180)='syzkaller\x00', 0x8, 0x1016, &(0x7f0000003080)=""/4118, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) 16.467778635s ago: executing program 1 (id=2533): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(aes)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$inet(r1, &(0x7f0000002940)=[{{0x0, 0x0, &(0x7f00000028c0)=[{&(0x7f0000000440)="ee6b53ee", 0x4}, {&(0x7f0000002600)="1b0446cf7cec0e1d49", 0x9}], 0x2}}], 0x1, 0x4000000) 16.467292786s ago: executing program 1 (id=2534): r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000180), &(0x7f00000001c0)=0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000100)=@framed={{0x18, 0x5}, [@printk={@li, {0x3, 0x3, 0x3, 0xa, 0x0}, {0x5, 0x1, 0xb, 0x1, 0x5}, {0x7, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffe00}, {}, {}, {0x85, 0x0, 0x0, 0x19}}]}, &(0x7f0000000000)='GPL\x00', 0x8, 0xde, &(0x7f0000003e40)=""/222, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) 16.371326457s ago: executing program 1 (id=2535): socket$inet(0x2, 0x4000000000000001, 0x0) (async) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='dctcp\x00', 0x6) (async) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='dctcp\x00', 0x6) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) (async) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = socket(0x840000000002, 0x3, 0xff) sendmmsg$inet(r1, &(0x7f0000000840)=[{{&(0x7f0000000180)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="a400000000000000000000000700000094040000891b0d6401010164010102000000007f00000164010100ffffffff8631ffffffff050beac74fa992b4b352ed0011ea8f3cfa1220deb13d5d45053420cf0303e4070c106ac4313d64f617d77b9404000044041d8044347063e000000200000004e000000100000004ac1e010100000002e000000100000009ffffffff00007fefffffffff00000001010706c565aa410100000000"], 0xa8}}], 0x1, 0x4000000) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) socket$nl_generic(0x10, 0x3, 0x10) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_udp_int(r3, 0x11, 0xa, &(0x7f0000000000)=0x10000, 0x4) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) (async) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_COALESCE(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000020340)={0x24, r5, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_COALESCE_RULE_DELAY={0x8, 0x25, 0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x2400c891}, 0x0) sendmmsg$inet(r0, &(0x7f00000024c0)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000002c0)='\v', 0x1}], 0x1}}], 0x1, 0x0) 16.369178099s ago: executing program 2 (id=2536): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000e00), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000e40)={'wlan0\x00', 0x0}) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)={{0x14}, [@NFT_MSG_DELTABLE={0x0, 0x2, 0xa, 0x401, 0x0, 0x0, {}, [@NFTA_TABLE_NAME={0x0, 0x1, 'syz1\x00'}, @NFTA_TABLE_USERDATA={0x0, 0x6, "5e9891de1be4fad8408a3d78e7a8c68c3ac0bb404d94e6335bc2b4f5c212ddee9ad4d4d12be4a63cbc673d7b56a035d208f7f250bd4d39a244ec8e8e1168fdf86ad70ead5765bda472d935c3de24e3c07d782bdc801b7b7d953ed156c48144abd2658330950866ec084a10134edc2fc70f1a969c16df78d16537a9511d41cba32edd9e081ed0b819d333c07c42a47c7686227a98c4a922aa2e12b0c39b2a2f0e125c9ea2a6e92b03cb1048f113e7af9d001eff48f53130ba169d13dda5097ed7f053e05b4f92c747c10b648d3d39fdebca236c2533286884d904c09533e96fd9888614f25910e55bcb8ad4019115fd560bee3c2feb646e"}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xfffffffffffffe62}, 0x1, 0x0, 0x0, 0x20000000}, 0x44000) r4 = socket$can_j1939(0x1d, 0x2, 0x7) r5 = socket$can_j1939(0x1d, 0x2, 0x7) r6 = socket$inet6_udp(0xa, 0x2, 0x0) shutdown(r6, 0x0) ppoll(&(0x7f00000003c0)=[{r6}], 0x1, &(0x7f0000000400)={0x0, 0x989680}, 0x0, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) bind$can_j1939(r5, &(0x7f0000000240)={0x1d, r8, 0xffffffffffffffff, {}, 0xfe}, 0x18) r9 = accept4(r4, &(0x7f0000000440)=@tipc=@name, &(0x7f0000000100)=0x80, 0x800) bind$alg(r9, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-avx\x00'}, 0x58) bind$can_j1939(r4, &(0x7f0000000080)={0x1d, r8, 0x4, {0x1, 0xf0}, 0xff}, 0x18) sendmsg$can_j1939(r4, &(0x7f00000001c0)={&(0x7f0000000140)={0x1d, r8, 0x3, {0x1, 0x1, 0x4}, 0xfd}, 0x18, &(0x7f0000000180)={&(0x7f0000000280)="40d97c78b880c9311ed558a1fb9d22af5894af0bfac9b87c7c9ae274", 0x1c}, 0x1, 0x0, 0x0, 0xc000}, 0x4000850) sendmsg$NL80211_CMD_SET_BSS(r0, &(0x7f0000001300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd700001c96c34dd0b3a710000000000000008000300ed9f2b8a1dd75c9df448865fef715a1157dce1491a5982fcc2066dda2822b3694229860d1d96ffa2af3c4f96c32c584def71651f0f5e33fe877c671d78ae63a494539062f0224b9c89d4ee296624b31c6261007a9b6396f75b7a7b2527c5fb513e875f5f9ceb803bea91cd02dc9d75a67dd5eeffc8fa530bb6b601eb6f9c66ac15f670e3cbe46937170c3a2b880ff8562e6bb47a2ea258192f281af8605cab5cb0fb6ad2588fa9b30066083ec0e67e8e4e882a5c07eca27ca3bcc0b264860be4a0b0aa", @ANYRES32=r2, @ANYBLOB="05001e0080000000"], 0x24}, 0x1, 0x0, 0x0, 0x4750a8f0842baf26}, 0x20040050) 16.36844718s ago: executing program 3 (id=2537): setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4) (async) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x31, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x0) listen(0xffffffffffffffff, 0x0) (async, rerun: 32) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) (rerun: 32) sendmsg$IPSET_CMD_LIST(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x7, 0x6, 0x801, 0x0, 0x0, {0xa, 0x0, 0x4}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000005}, 0x80) (async) read(r1, &(0x7f0000005f40)=""/175, 0xaf) (async, rerun: 64) sendmsg$NL80211_CMD_NEW_MPATH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000026c0)={&(0x7f0000000080)=ANY=[@ANYBLOB, @ANYRES16, @ANYBLOB="09000891381308d2ece931f6b395d30ab864", @ANYRES32], 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x20000100) (async, rerun: 64) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x0, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1810b82c65aff862272f073c972164c90946cd8f1d9fc1db47"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000008c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b53c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000700)='cachefiles_ondemand_copen\x00', r2}, 0x10) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={r3, 0x34, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x6, 0x8, 0x4, 0x0, 0x80, 0x1, 0x1, '\x00', r4, 0xffffffffffffffff, 0x1, 0x1, 0x4, 0x0, @void, @value, @void, @value}, 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000100)={0x1, 0xffffffffffffffff}, 0x4) (async) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000600)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)='%pB \x00'}, 0x20) (async, rerun: 32) r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0) (rerun: 32) close(r8) (async) r9 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000002740)=ANY=[@ANYBLOB="14000000130001ffffff7f8cd913e90002"], 0x14}], 0x1}, 0x0) (async) recvmmsg(r9, &(0x7f0000001940)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) (async, rerun: 64) r10 = socket$nl_netfilter(0x10, 0x3, 0xc) (rerun: 64) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x1000000, 0x2010, r10, 0xfffffffffffff000) (async) ioctl$SIOCSIFHWADDR(r8, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random='\\\x00\x00 \x00'}) (async) r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000000c0)={r11, &(0x7f0000000300)='M', &(0x7f0000000000)=""/10, 0x2}, 0x20) (async) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000100)={r11, &(0x7f00000001c0)='M', 0x0}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x6, 0x20, &(0x7f0000000280)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [@map_idx_val={0x18, 0x3, 0x6, 0x0, 0xf, 0x0, 0x0, 0x0, 0xa323}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r6}}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x10}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000380)='GPL\x00', 0x4, 0x54, &(0x7f00000003c0)=""/84, 0x41000, 0x20, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, &(0x7f0000000540)={0x5, 0x4, 0x40, 0x9}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000640)=[r7, r8, r11], &(0x7f0000000680)=[{0x2, 0x1, 0x2, 0xf}, {0x0, 0x1, 0x2, 0x7}], 0x10, 0x100, @void, @value}, 0x94) 16.299605135s ago: executing program 2 (id=2538): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001300)=[{&(0x7f0000000200)="1700000072006bcd9e3fe3dc6e08000007230000040200", 0x17}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x4000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x1, 0xc0}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000240)=ANY=[@ANYBLOB="300000002c0001000000000000000000040000801c0011802e"], 0x30}], 0x1}, 0x0) 16.281371373s ago: executing program 3 (id=2539): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000000c0)={0x18, 0x2e, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}, 0x18}], 0x1}, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000023b7007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r2, 0x2000000, 0xe, 0x0, &(0x7f0000000040)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 16.159298323s ago: executing program 3 (id=2540): r0 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'syz_tun\x00', 0x0}) bind$packet(r0, &(0x7f0000000080)={0x11, 0x800, r1, 0x1, 0x0, 0x6, @multicast}, 0x14) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @redir={{0xa}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_REDIR_REG_PROTO_MIN={0x8, 0x1, 0x1, 0x0, 0xe}, @NFTA_REDIR_REG_PROTO_MAX={0x8, 0x2, 0x1, 0x0, 0x4000000}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x7c}, 0x1, 0x0, 0x0, 0x24004094}, 0x0) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000080)={'\x00', 0x52d35ce30131f272}) ioctl$TUNSETLINK(r4, 0x400454cd, 0x10e) getsockopt$bt_hci(r2, 0x84, 0x80, &(0x7f0000002100)=""/4127, &(0x7f0000000000)=0x101f) syz_emit_ethernet(0x3e, &(0x7f0000000000)={@multicast, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x4, 0x0, 0x0, 0xe0, 0x0, 0xe000, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty=0xac1414aa, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}}}, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000780)={&(0x7f0000000d00)=ANY=[@ANYBLOB="9feb010018000000000000006400000064000000080000000100000000000008010000000100000000000008030000000e0000000000000c030000000100000005000006e09e00000b000000ff01000004000000070000000f00000007000900000000000000ffff1000000000000000080000000000000905000000005f5f303f"], 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f0000001680)=ANY=[@ANYRES32=0x0], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000040)={0x0, 0x1}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r6 = socket$phonet_pipe(0x23, 0x5, 0x2) ioctl$sock_SIOCSIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r6, 0x8983, &(0x7f0000000200)) socket$inet6_udplite(0xa, 0x2, 0x88) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r5, 0x108, 0xe, 0x0, &(0x7f0000000140)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0xf48c, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 15.545226877s ago: executing program 1 (id=2541): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) r3 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000080)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x7, 0x6a, 0xa, 0xff00}, [@call={0xc}, @exit, @map_fd, @jmp]}, &(0x7f0000000140)='GPL\x00', 0x2, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2d) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)=ANY=[@ANYRES32=0x0, @ANYRES32=r3, @ANYBLOB="1100000000000000ffe00000", @ANYRES32=r2, @ANYRES64=0x0], 0x20) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x22, 0x301, 0x270bd24, 0x25dfdbfd, {0x1}}, 0x14}}, 0x0) 15.507814407s ago: executing program 1 (id=2542): ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000140)={'gre0\x00', &(0x7f00000000c0)={'sit0\x00', 0x0, 0x7f00, 0x700, 0x34, 0x8000, {{0xb, 0x4, 0x1, 0x7, 0x2c, 0x65, 0x0, 0x1, 0x29, 0x0, @dev={0xac, 0x14, 0x14, 0x3a}, @remote, {[@rr={0x7, 0x17, 0x71, [@empty, @local, @multicast1, @local, @dev={0xac, 0x14, 0x14, 0x33}]}]}}}}}) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000240)={'syztnl2\x00', &(0x7f0000000380)={'syztnl1\x00', r0, 0x2f, 0x0, 0x9, 0x8, 0x8, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @loopback, 0x8000, 0x1, 0x8, 0x4}}) setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000480)={@dev={0xfe, 0x80, '\x00', 0x11}, r1}, 0x14) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="1900000004000000080000000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000231ae5bc0f11ec1e2dc590c7000000000001420c8d2300"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={0xffffffffffffffff, 0x27, 0x0, 0x120, 0x0, 0x0, 0xd50, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) r3 = socket(0x2a, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x0, 0x6}}}, 0x24}}, 0x0) getsockname$packet(r3, &(0x7f0000000440)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001f40)=@newtfilter={0x40, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0x9}, {}, {0x1c, 0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0xfff2, 0x4}}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x10000}, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0) 1.038409851s ago: executing program 32 (id=2538): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001300)=[{&(0x7f0000000200)="1700000072006bcd9e3fe3dc6e08000007230000040200", 0x17}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x4000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x1, 0xc0}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000240)=ANY=[@ANYBLOB="300000002c0001000000000000000000040000801c0011802e"], 0x30}], 0x1}, 0x0) 995.287589ms ago: executing program 33 (id=2540): r0 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'syz_tun\x00', 0x0}) bind$packet(r0, &(0x7f0000000080)={0x11, 0x800, r1, 0x1, 0x0, 0x6, @multicast}, 0x14) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @redir={{0xa}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_REDIR_REG_PROTO_MIN={0x8, 0x1, 0x1, 0x0, 0xe}, @NFTA_REDIR_REG_PROTO_MAX={0x8, 0x2, 0x1, 0x0, 0x4000000}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x7c}, 0x1, 0x0, 0x0, 0x24004094}, 0x0) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000080)={'\x00', 0x52d35ce30131f272}) ioctl$TUNSETLINK(r4, 0x400454cd, 0x10e) getsockopt$bt_hci(r2, 0x84, 0x80, &(0x7f0000002100)=""/4127, &(0x7f0000000000)=0x101f) syz_emit_ethernet(0x3e, &(0x7f0000000000)={@multicast, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x4, 0x0, 0x0, 0xe0, 0x0, 0xe000, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty=0xac1414aa, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}}}, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000780)={&(0x7f0000000d00)=ANY=[@ANYBLOB="9feb010018000000000000006400000064000000080000000100000000000008010000000100000000000008030000000e0000000000000c030000000100000005000006e09e00000b000000ff01000004000000070000000f00000007000900000000000000ffff1000000000000000080000000000000905000000005f5f303f"], 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f0000001680)=ANY=[@ANYRES32=0x0], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000040)={0x0, 0x1}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r6 = socket$phonet_pipe(0x23, 0x5, 0x2) ioctl$sock_SIOCSIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r6, 0x8983, &(0x7f0000000200)) socket$inet6_udplite(0xa, 0x2, 0x88) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r5, 0x108, 0xe, 0x0, &(0x7f0000000140)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0xf48c, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 0s ago: executing program 34 (id=2542): ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000140)={'gre0\x00', &(0x7f00000000c0)={'sit0\x00', 0x0, 0x7f00, 0x700, 0x34, 0x8000, {{0xb, 0x4, 0x1, 0x7, 0x2c, 0x65, 0x0, 0x1, 0x29, 0x0, @dev={0xac, 0x14, 0x14, 0x3a}, @remote, {[@rr={0x7, 0x17, 0x71, [@empty, @local, @multicast1, @local, @dev={0xac, 0x14, 0x14, 0x33}]}]}}}}}) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000240)={'syztnl2\x00', &(0x7f0000000380)={'syztnl1\x00', r0, 0x2f, 0x0, 0x9, 0x8, 0x8, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @loopback, 0x8000, 0x1, 0x8, 0x4}}) setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000480)={@dev={0xfe, 0x80, '\x00', 0x11}, r1}, 0x14) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="1900000004000000080000000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000231ae5bc0f11ec1e2dc590c7000000000001420c8d2300"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={0xffffffffffffffff, 0x27, 0x0, 0x120, 0x0, 0x0, 0xd50, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) r3 = socket(0x2a, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x0, 0x6}}}, 0x24}}, 0x0) getsockname$packet(r3, &(0x7f0000000440)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001f40)=@newtfilter={0x40, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0x9}, {}, {0x1c, 0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0xfff2, 0x4}}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x10000}, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0) kernel console output (not intermixed with test programs): . [ 151.676044][T10541] x_tables: duplicate underflow at hook 1 [ 151.854174][T10558] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 151.888287][T10561] (unnamed net_device) (uninitialized): option ad_select: invalid value (255) [ 151.960792][T10566] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.1446'. [ 151.976452][T10569] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1447'. [ 151.992630][T10566] netlink: zone id is out of range [ 152.002703][T10566] netlink: zone id is out of range [ 152.005169][T10568] xfrm1: entered promiscuous mode [ 152.008563][T10566] netlink: get zone limit has 8 unknown bytes [ 152.022174][T10568] xfrm1: entered allmulticast mode [ 152.039541][T10573] netlink: 'syz.0.1448': attribute type 4 has an invalid length. [ 152.420316][T10606] netlink: 'syz.2.1460': attribute type 2 has an invalid length. [ 152.430884][T10613] netlink: set zone limit has 8 unknown bytes [ 152.543196][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 152.557630][T10610] warn_alloc: 1 callbacks suppressed [ 152.557651][T10610] syz.0.1461: vmalloc error: size 67112960, failed to allocated page array size 131080, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null) [ 152.562064][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 152.563476][T10610] ,cpuset=/,mems_allowed=0-1 [ 152.595083][T10610] CPU: 0 UID: 0 PID: 10610 Comm: syz.0.1461 Not tainted 6.13.0-syzkaller-04058-g05d91cdb1f91 #0 [ 152.595111][T10610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 152.595125][T10610] Call Trace: [ 152.595133][T10610] [ 152.595141][T10610] dump_stack_lvl+0x241/0x360 [ 152.595180][T10610] ? __pfx_dump_stack_lvl+0x10/0x10 [ 152.595211][T10610] ? __pfx__printk+0x10/0x10 [ 152.595244][T10610] ? __rcu_read_unlock+0xa1/0x110 [ 152.595270][T10610] warn_alloc+0x278/0x410 [ 152.595293][T10610] ? __pfx_warn_alloc+0x10/0x10 [ 152.595317][T10610] ? nf_tables_newset+0x17ba/0x3060 [ 152.595343][T10610] ? __get_vm_area_node+0x1c8/0x2d0 [ 152.595364][T10610] ? __get_vm_area_node+0x25c/0x2d0 [ 152.595389][T10610] __vmalloc_node_range_noprof+0x62f/0x1380 [ 152.595414][T10610] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 152.595454][T10610] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 152.595479][T10610] ? rcu_is_watching+0x15/0xb0 [ 152.595519][T10610] ? trace_kmalloc+0x1f/0xd0 [ 152.595549][T10610] ? __kmalloc_node_noprof+0x2ad/0x4d0 [ 152.595580][T10610] ? __kvmalloc_node_noprof+0x72/0x190 [ 152.595605][T10610] __kvmalloc_node_noprof+0x142/0x190 [ 152.595628][T10610] ? nf_tables_newset+0x17ba/0x3060 [ 152.595653][T10610] nf_tables_newset+0x17ba/0x3060 [ 152.595692][T10610] ? __pfx_nf_tables_newset+0x10/0x10 [ 152.595722][T10610] ? __pfx_lock_release+0x10/0x10 [ 152.595758][T10610] ? __nla_parse+0x40/0x60 [ 152.595786][T10610] nfnetlink_rcv+0x14e3/0x2ab0 [ 152.595833][T10610] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 152.595887][T10610] ? skb_clone+0x240/0x390 [ 152.595912][T10610] ? __pfx_lock_release+0x10/0x10 [ 152.595946][T10610] ? netlink_deliver_tap+0x2e/0x1b0 [ 152.595972][T10610] netlink_unicast+0x7f6/0x990 [ 152.595997][T10610] ? __pfx_netlink_unicast+0x10/0x10 [ 152.596017][T10610] ? __virt_addr_valid+0x45f/0x530 [ 152.596044][T10610] ? __phys_addr_symbol+0x2f/0x70 [ 152.596071][T10610] ? __check_object_size+0x47a/0x730 [ 152.596109][T10610] netlink_sendmsg+0x8e4/0xcb0 [ 152.596140][T10610] ? __pfx_netlink_sendmsg+0x10/0x10 [ 152.596167][T10610] ? aa_sock_msg_perm+0x91/0x160 [ 152.596192][T10610] ? __pfx_netlink_sendmsg+0x10/0x10 [ 152.596216][T10610] __sock_sendmsg+0x221/0x270 [ 152.596248][T10610] ____sys_sendmsg+0x52a/0x7e0 [ 152.596277][T10610] ? __pfx_____sys_sendmsg+0x10/0x10 [ 152.596301][T10610] ? __fget_files+0x2a/0x410 [ 152.596334][T10610] ? __fget_files+0x2a/0x410 [ 152.596369][T10610] __sys_sendmsg+0x269/0x350 [ 152.596396][T10610] ? __pfx___sys_sendmsg+0x10/0x10 [ 152.596419][T10610] ? lock_release+0xbf/0xa30 [ 152.596468][T10610] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 152.596496][T10610] ? rcu_is_watching+0x15/0xb0 [ 152.596551][T10610] ? rcu_is_watching+0x15/0xb0 [ 152.596585][T10610] do_syscall_64+0xf3/0x230 [ 152.596606][T10610] ? clear_bhb_loop+0x35/0x90 [ 152.596630][T10610] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 152.596651][T10610] RIP: 0033:0x7f1677f8cd29 [ 152.596668][T10610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 152.596686][T10610] RSP: 002b:00007f1678e43038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 152.596709][T10610] RAX: ffffffffffffffda RBX: 00007f16781a5fa0 RCX: 00007f1677f8cd29 [ 152.596725][T10610] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 152.596738][T10610] RBP: 00007f167800e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 152.596752][T10610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 152.596765][T10610] R13: 0000000000000000 R14: 00007f16781a5fa0 R15: 00007ffe64b1c7c8 [ 152.596789][T10610] [ 152.740483][T10635] netdevsim netdevsim2 netdevsim0: entered promiscuous mode [ 152.745820][T10610] Mem-Info: [ 152.967553][T10610] active_anon:4101 inactive_anon:0 isolated_anon:0 [ 152.967553][T10610] active_file:1843 inactive_file:38318 isolated_file:0 [ 152.967553][T10610] unevictable:768 dirty:240 writeback:0 [ 152.967553][T10610] slab_reclaimable:10803 slab_unreclaimable:104697 [ 152.967553][T10610] mapped:28831 shmem:1417 pagetables:698 [ 152.967553][T10610] sec_pagetables:0 bounce:0 [ 152.967553][T10610] kernel_misc_reclaimable:0 [ 152.967553][T10610] free:1333643 free_pcp:462 free_cma:0 [ 153.021979][T10610] Node 0 active_anon:16304kB inactive_anon:0kB active_file:7372kB inactive_file:153196kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:115324kB dirty:960kB writeback:0kB shmem:4132kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12612kB pagetables:2692kB sec_pagetables:0kB all_unreclaimable? no [ 153.101322][T10610] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 153.156894][T10610] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 153.158778][T10643] can: request_module (can-proto-0) failed. [ 153.192578][T10610] lowmem_reserve[]: 0 2490 2491 0 0 [ 153.198790][T10610] Node 0 DMA32 free:1414112kB boost:0kB min:34184kB low:42728kB high:51272kB reserved_highatomic:0KB active_anon:16364kB inactive_anon:0kB active_file:7372kB inactive_file:152620kB unevictable:1536kB writepending:960kB present:3129332kB managed:2550704kB mlocked:0kB bounce:0kB free_pcp:1760kB local_pcp:980kB free_cma:0kB [ 153.234867][T10610] lowmem_reserve[]: 0 0 0 0 0 [ 153.241272][T10610] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:576kB unevictable:0kB writepending:0kB present:1048580kB managed:620kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB [ 153.286506][T10610] lowmem_reserve[]: 0 0 0 0 0 [ 153.293754][T10610] Node 1 Normal free:3906916kB boost:0kB min:55708kB low:69632kB high:83556kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB [ 153.323344][T10610] lowmem_reserve[]: 0 0 0 0 0 [ 153.326096][T10657] tipc: New replicast peer: 100.1.1.1 [ 153.333619][T10610] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 153.347626][T10657] tipc: Enabled bearer , priority 10 [ 153.354781][T10610] Node 0 DMA32: 571*4kB (UME) 68*8kB (UME) 95*16kB (UME) 159*32kB (UME) 45*64kB (UME) 98*128kB (UME) 59*256kB (UM) 15*512kB (UM) 7*1024kB (UM) 4*2048kB (UM) 330*4096kB (UM) = 1414684kB [ 153.361022][T10655] tipc: Enabling of bearer rejected, failed to enable media [ 153.398922][T10610] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 153.435013][T10610] Node 1 Normal: 171*4kB (UE) 55*8kB (UME) 36*16kB (UME) 198*32kB (UME) 86*64kB (UME) 29*128kB (UME) 16*256kB (UM) 7*512kB (UME) 5*1024kB (UME) 3*2048kB (UE) 945*4096kB (UM) = 3906916kB [ 153.456771][T10610] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 153.480831][T10610] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 153.503068][T10610] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 153.538817][T10610] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 153.568685][T10610] 41581 total pagecache pages [ 153.581458][T10610] 0 pages in swap cache [ 153.595603][T10610] Free swap = 124996kB [ 153.620462][T10610] Total swap = 124996kB [ 153.624890][T10610] 2097051 pages RAM [ 153.630578][T10610] 0 pages HighMem/MovableOnly [ 153.636398][T10610] 427589 pages reserved [ 153.645424][T10610] 0 pages cma reserved [ 154.044072][T10713] netlink: 'syz.0.1491': attribute type 1 has an invalid length. [ 154.221299][T10731] nbd: device at index 3 is going down [ 154.228152][T10734] dvmrp8: entered allmulticast mode [ 154.255941][T10732] dvmrp8: left allmulticast mode [ 154.346957][ T5849] tipc: Node number set to 1 [ 154.359819][T10743] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 154.387466][T10743] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 154.396225][T10743] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 154.426460][T10743] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 154.441852][T10743] geneve2: entered promiscuous mode [ 154.454154][T10743] geneve2: entered allmulticast mode [ 154.702518][T10776] netlink: 'syz.1.1508': attribute type 10 has an invalid length. [ 154.711346][T10776] macvlan0: entered promiscuous mode [ 154.727507][T10776] macvlan0: entered allmulticast mode [ 154.733887][T10776] veth1_vlan: entered allmulticast mode [ 154.755017][T10776] bond0: (slave macvlan0): Enslaving as an active interface with an up link [ 155.000143][T10787] __nla_validate_parse: 7 callbacks suppressed [ 155.000163][T10787] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1515'. [ 155.229942][T10802] x_tables: duplicate underflow at hook 1 [ 155.559889][T10816] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1523'. [ 155.670281][T10821] sch_tbf: burst 19872 is lower than device lo mtu (11337746) ! [ 155.713370][T10821] xt_addrtype: output interface limitation not valid in PREROUTING and INPUT [ 155.737481][T10787] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 156.124795][T10864] netlink: 'syz.0.1536': attribute type 1 has an invalid length. [ 156.244222][T10873] netlink: 108 bytes leftover after parsing attributes in process `syz.0.1539'. [ 156.362101][T10880] xt_ecn: cannot match TCP bits for non-tcp packets [ 156.434805][T10884] netlink: 'syz.3.1545': attribute type 62 has an invalid length. [ 156.933647][T10929] dvmrp1: entered allmulticast mode [ 156.999763][T10937] x_tables: duplicate underflow at hook 3 [ 157.015019][T10937] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1563'. [ 157.049273][T10941] xt_TCPMSS: Only works on TCP SYN packets [ 157.189602][T10953] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains [ 157.235210][T10961] netlink: 10 bytes leftover after parsing attributes in process `syz.1.1573'. [ 157.503049][T10992] syz.3.1580[10992] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 157.503171][T10992] syz.3.1580[10992] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 157.515794][T10992] syz.3.1580[10992] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 157.542632][T10985] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 157.563452][T10985] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 157.572523][T10985] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 157.581793][T10985] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 157.592106][T10985] geneve3: entered promiscuous mode [ 157.597791][T10985] geneve3: entered allmulticast mode [ 157.604995][T10985] netdevsim netdevsim2 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0 [ 157.614478][T10985] netdevsim netdevsim2 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0 [ 157.625651][T10985] netdevsim netdevsim2 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0 [ 157.634814][T10985] netdevsim netdevsim2 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0 [ 157.721928][T11003] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1584'. [ 157.731532][T11003] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1584'. [ 158.085868][T11043] netlink: 260 bytes leftover after parsing attributes in process `syz.4.1594'. [ 158.167134][T11048] ip6t_rpfilter: unknown options [ 158.366486][T11066] xt_connbytes: Forcing CT accounting to be enabled [ 158.643765][T11096] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1613'. [ 158.657566][T11098] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1615'. [ 158.672803][T10102] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 158.689217][T10102] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 158.703854][T11098] Bluetooth: MGMT ver 1.23 [ 158.724211][T11104] IPVS: set_ctl: invalid protocol: 135 224.0.0.2:0 [ 158.748317][T11098] x_tables: duplicate underflow at hook 1 [ 159.000787][T11120] netlink: 'syz.3.1623': attribute type 8 has an invalid length. [ 159.032702][T11122] netlink: 'syz.2.1624': attribute type 1 has an invalid length. [ 159.356116][T11163] : entered promiscuous mode [ 159.434140][T11168] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 159.567830][T11181] xt_TPROXY: Can be used only with -p tcp or -p udp [ 159.572507][T11178] No such timeout policy "syz0" [ 159.873063][T11214] netlink: 'syz.0.1655': attribute type 1 has an invalid length. [ 159.986532][T11225] netlink: 'syz.0.1660': attribute type 1 has an invalid length. [ 160.173595][T11236] netlink: 'syz.0.1662': attribute type 4 has an invalid length. [ 160.217472][T11236] __nla_validate_parse: 10 callbacks suppressed [ 160.217493][T11236] netlink: 17 bytes leftover after parsing attributes in process `syz.0.1662'. [ 160.385710][T11254] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1670'. [ 160.415914][T11257] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1671'. [ 160.425216][T11257] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1671'. [ 160.448257][T11257] gretap2: entered promiscuous mode [ 160.453547][T11257] gretap2: entered allmulticast mode [ 160.491331][T11257] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1671'. [ 160.509860][T11261] tipc: Failed to remove unknown binding: 66,1,1/2886997162:3986957202/3986957204 [ 160.544644][T11263] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1675'. [ 160.618920][T11270] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1677'. [ 160.628884][T11270] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1677'. [ 160.781607][T11287] netlink: 'syz.2.1683': attribute type 1 has an invalid length. [ 160.810014][T11283] sctp: [Deprecated]: syz.3.1681 (pid 11283) Use of struct sctp_assoc_value in delayed_ack socket option. [ 160.810014][T11283] Use struct sctp_sack_info instead [ 161.155800][T11318] bond0: up delay (5) is not a multiple of miimon (4), value rounded to 4 ms [ 161.236352][T11327] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1698'. [ 161.269246][ T9792] page_pool_release_retry() stalled pool shutdown: id 27, 1 inflight 60 sec [ 161.336234][T11331] netlink: 'syz.0.1700': attribute type 20 has an invalid length. [ 161.810873][T11371] tipc: Enabled bearer , priority 0 [ 161.869877][T11371] syzkaller0: entered promiscuous mode [ 161.876468][T11371] syzkaller0: entered allmulticast mode [ 161.886253][T11371] tipc: Resetting bearer [ 161.902906][T10083] tipc: Resetting bearer [ 161.935793][T11370] tipc: Resetting bearer [ 161.990602][T11385] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1716'. [ 162.013928][T11370] tipc: Disabling bearer [ 162.066390][T11387] netlink: 'syz.1.1717': attribute type 11 has an invalid length. [ 162.165884][T11391] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 162.448919][T11423] netlink: zone id is out of range [ 162.454103][T11423] netlink: zone id is out of range [ 162.462725][T11424] netlink: 'syz.4.1727': attribute type 1 has an invalid length. [ 162.466207][T11423] netlink: zone id is out of range [ 162.489714][T11423] netlink: zone id is out of range [ 162.494950][T11423] netlink: zone id is out of range [ 162.503538][T11424] workqueue: Failed to create a rescuer kthread for wq "bond7": -EINTR [ 162.517381][T11423] netlink: get zone limit has 8 unknown bytes [ 162.954758][T11413] ip6t_srh: unknown srh match flags 536B [ 163.029197][T11408] syzkaller0: entered promiscuous mode [ 163.052115][T11408] syzkaller0: entered allmulticast mode [ 163.295788][T11495] team0: No ports can be present during mode change [ 163.598695][T11508] (unnamed net_device) (uninitialized): Invalid ad_actor_system MAC address. [ 163.617135][T11508] (unnamed net_device) (uninitialized): option ad_actor_system: invalid value (1) [ 163.633212][T11514] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 163.752939][T11521] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 164.157212][T11550] netlink: 'syz.4.1762': attribute type 29 has an invalid length. [ 164.166127][T11550] netlink: 'syz.4.1762': attribute type 29 has an invalid length. [ 164.966292][T11626] netdevsim netdevsim2: Direct firmware load for . [ 164.966292][T11626] failed with error -2 [ 165.032567][T11626] netdevsim netdevsim2: Falling back to sysfs fallback for: . [ 165.032567][T11626] [ 165.413804][T11651] __nla_validate_parse: 10 callbacks suppressed [ 165.413906][T11651] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1782'. [ 165.438044][T11654] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1782'. [ 165.853332][T11687] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1793'. [ 165.858299][T11688] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1794'. [ 165.874426][T11687] netlink: 43 bytes leftover after parsing attributes in process `syz.2.1793'. [ 165.886520][T11687] netlink: 'syz.2.1793': attribute type 5 has an invalid length. [ 165.954921][T11687] netlink: 43 bytes leftover after parsing attributes in process `syz.2.1793'. [ 166.143049][T11713] netlink: 'syz.0.1800': attribute type 1 has an invalid length. [ 166.153650][T11713] netlink: 228 bytes leftover after parsing attributes in process `syz.0.1800'. [ 166.211107][T11721] openvswitch: netlink: nsh attribute has 65504 unknown bytes. [ 166.220713][T11721] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 166.235726][T11721] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1802'. [ 166.312067][T11726] geneve2: entered promiscuous mode [ 166.318677][T11726] geneve2: entered allmulticast mode [ 166.383427][T11737] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1807'. [ 166.529514][T11751] tipc: Enabling of bearer rejected, failed to enable media [ 166.603812][T11756] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1813'. [ 166.878592][T11782] erspan0: entered promiscuous mode [ 166.894166][T11782] erspan0: left promiscuous mode [ 167.090063][T11811] xt_addrtype: ipv6 BLACKHOLE matching not supported [ 167.170611][T11820] xt_hashlimit: overflow, try lower: 1125899906842624/8 [ 167.409653][T11846] xt_socket: unknown flags 0x50 [ 167.595474][T11874] netlink: 'syz.1.1853': attribute type 1 has an invalid length. [ 167.616024][T11877] x_tables: duplicate underflow at hook 1 [ 167.819758][T11897] ieee802154 phy0 wpan0: encryption failed: -22 [ 167.850354][T11902] FAULT_INJECTION: forcing a failure. [ 167.850354][T11902] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 167.889309][T11902] CPU: 0 UID: 0 PID: 11902 Comm: syz.4.1863 Not tainted 6.13.0-syzkaller-04058-g05d91cdb1f91 #0 [ 167.889343][T11902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 167.889357][T11902] Call Trace: [ 167.889364][T11902] [ 167.889373][T11902] dump_stack_lvl+0x241/0x360 [ 167.889412][T11902] ? __pfx_dump_stack_lvl+0x10/0x10 [ 167.889443][T11902] ? __pfx__printk+0x10/0x10 [ 167.889472][T11902] ? __pfx_lock_release+0x10/0x10 [ 167.889504][T11902] should_fail_ex+0x3b0/0x4e0 [ 167.889527][T11902] _copy_from_iter+0x1e9/0x1c20 [ 167.889553][T11902] ? kmem_cache_alloc_node_noprof+0x22c/0x380 [ 167.889592][T11902] ? __alloc_skb+0x28f/0x440 [ 167.889612][T11902] ? __pfx__copy_from_iter+0x10/0x10 [ 167.889640][T11902] ? __virt_addr_valid+0x183/0x530 [ 167.889667][T11902] ? __virt_addr_valid+0x183/0x530 [ 167.889692][T11902] ? __virt_addr_valid+0x45f/0x530 [ 167.889719][T11902] ? __phys_addr_symbol+0x2f/0x70 [ 167.889747][T11902] ? __check_object_size+0x47a/0x730 [ 167.889778][T11902] netlink_sendmsg+0x73d/0xcb0 [ 167.889811][T11902] ? __pfx_netlink_sendmsg+0x10/0x10 [ 167.889838][T11902] ? aa_sock_msg_perm+0x91/0x160 [ 167.889863][T11902] ? __pfx_netlink_sendmsg+0x10/0x10 [ 167.889886][T11902] __sock_sendmsg+0x221/0x270 [ 167.889917][T11902] ____sys_sendmsg+0x52a/0x7e0 [ 167.889946][T11902] ? __pfx_____sys_sendmsg+0x10/0x10 [ 167.889969][T11902] ? __fget_files+0x2a/0x410 [ 167.890001][T11902] ? __fget_files+0x2a/0x410 [ 167.890036][T11902] __sys_sendmsg+0x269/0x350 [ 167.890059][T11902] ? bpf_lsm_file_permission+0x9/0x10 [ 167.890082][T11902] ? __pfx___sys_sendmsg+0x10/0x10 [ 167.890113][T11902] ? do_sys_openat2+0x17a/0x1d0 [ 167.890158][T11902] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 167.890185][T11902] ? rcu_is_watching+0x15/0xb0 [ 167.890219][T11902] ? rcu_is_watching+0x15/0xb0 [ 167.890259][T11902] do_syscall_64+0xf3/0x230 [ 167.890280][T11902] ? clear_bhb_loop+0x35/0x90 [ 167.890305][T11902] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 167.890328][T11902] RIP: 0033:0x7ff45918cd29 [ 167.890346][T11902] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 167.890364][T11902] RSP: 002b:00007ff459f9f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 167.890388][T11902] RAX: ffffffffffffffda RBX: 00007ff4593a5fa0 RCX: 00007ff45918cd29 [ 167.890404][T11902] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 167.890417][T11902] RBP: 00007ff459f9f090 R08: 0000000000000000 R09: 0000000000000000 [ 167.890430][T11902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 167.890442][T11902] R13: 0000000000000000 R14: 00007ff4593a5fa0 R15: 00007ffd66a00328 [ 167.890466][T11902] [ 168.185094][T11911] xt_cgroup: xt_cgroup: no path or classid specified [ 168.268127][T11921] netlink: 'syz.0.1868': attribute type 1 has an invalid length. [ 168.345181][T11925] pim6reg: entered allmulticast mode [ 168.354349][T11929] xt_l2tp: missing protocol rule (udp|l2tpip) [ 168.367214][T11928] xt_AUDIT: Audit type out of range (valid range: 0..2) [ 168.409371][T11925] pim6reg: left allmulticast mode [ 168.581547][T11953] netlink: 'syz.2.1881': attribute type 10 has an invalid length. [ 168.589656][T11953] geneve0: entered promiscuous mode [ 168.679780][T11961] IPVS: set_ctl: invalid protocol: 0 255.255.255.255:20002 [ 168.709968][T11964] IPVS: set_ctl: invalid protocol: 0 255.255.255.255:20002 [ 168.838898][T11976] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 168.851738][T11976] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 168.872701][T11976] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 168.901987][T11976] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 168.978389][T11992] dummy0: entered promiscuous mode [ 168.983784][T11992] macsec1: entered promiscuous mode [ 169.034269][T11997] xt_hashlimit: invalid interval [ 169.040541][T11998] xt_hashlimit: invalid interval [ 169.041289][T11999] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 169.112383][T11999] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 169.160755][T11999] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 169.212406][T11999] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 169.280455][T11999] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 169.295709][T11999] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 169.312393][T11999] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 169.330236][T11999] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 169.540142][T12039] FAULT_INJECTION: forcing a failure. [ 169.540142][T12039] name failslab, interval 1, probability 0, space 0, times 0 [ 169.553725][T12039] CPU: 1 UID: 0 PID: 12039 Comm: syz.4.1916 Not tainted 6.13.0-syzkaller-04058-g05d91cdb1f91 #0 [ 169.553756][T12039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 169.553770][T12039] Call Trace: [ 169.553778][T12039] [ 169.553786][T12039] dump_stack_lvl+0x241/0x360 [ 169.553823][T12039] ? __pfx_dump_stack_lvl+0x10/0x10 [ 169.553853][T12039] ? __pfx__printk+0x10/0x10 [ 169.553883][T12039] ? __pfx___might_resched+0x10/0x10 [ 169.553910][T12039] should_fail_ex+0x3b0/0x4e0 [ 169.553934][T12039] should_failslab+0xac/0x100 [ 169.553965][T12039] kmem_cache_alloc_node_noprof+0x77/0x380 [ 169.553997][T12039] ? __alloc_skb+0x1c3/0x440 [ 169.554018][T12039] ? genl_rcv_msg+0x88c/0xec0 [ 169.554047][T12039] __alloc_skb+0x1c3/0x440 [ 169.554066][T12039] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 169.554101][T12039] ? __pfx___alloc_skb+0x10/0x10 [ 169.554128][T12039] netlink_dump+0x239/0xe10 [ 169.554156][T12039] ? __pfx_netlink_dump+0x10/0x10 [ 169.554187][T12039] ? __asan_memset+0x23/0x50 [ 169.554209][T12039] ? genl_start+0x4ae/0x6d0 [ 169.554243][T12039] __netlink_dump_start+0x5a2/0x790 [ 169.554272][T12039] genl_rcv_msg+0x88c/0xec0 [ 169.554306][T12039] ? __pfx_genl_rcv_msg+0x10/0x10 [ 169.554343][T12039] ? stack_trace_save+0x118/0x1d0 [ 169.554366][T12039] ? __pfx_stack_trace_save+0x10/0x10 [ 169.554387][T12039] ? __pfx_genl_start+0x10/0x10 [ 169.554418][T12039] ? __pfx_genl_dumpit+0x10/0x10 [ 169.554443][T12039] ? __pfx_genl_done+0x10/0x10 [ 169.554472][T12039] ? rcu_is_watching+0x15/0xb0 [ 169.554503][T12039] ? lock_acquire+0xe3/0x550 [ 169.554533][T12039] ? __pfx_lock_acquire+0x10/0x10 [ 169.554558][T12039] ? __pfx_tcp_metrics_nl_dump+0x10/0x10 [ 169.554589][T12039] ? __pfx___might_resched+0x10/0x10 [ 169.554611][T12039] ? rcu_is_watching+0x15/0xb0 [ 169.554643][T12039] ? lock_acquire+0xe3/0x550 [ 169.554671][T12039] netlink_rcv_skb+0x1e3/0x430 [ 169.554694][T12039] ? __pfx_genl_rcv_msg+0x10/0x10 [ 169.554724][T12039] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 169.554746][T12039] ? lock_release+0xbf/0xa30 [ 169.554778][T12039] ? __pfx___netlink_lookup+0x10/0x10 [ 169.554807][T12039] ? net_generic+0x1f/0x240 [ 169.554840][T12039] genl_rcv+0x28/0x40 [ 169.554867][T12039] netlink_unicast+0x7f6/0x990 [ 169.554892][T12039] ? __pfx_netlink_unicast+0x10/0x10 [ 169.554911][T12039] ? __virt_addr_valid+0x45f/0x530 [ 169.554939][T12039] ? __phys_addr_symbol+0x2f/0x70 [ 169.554965][T12039] ? __check_object_size+0x47a/0x730 [ 169.554997][T12039] netlink_sendmsg+0x8e4/0xcb0 [ 169.555027][T12039] ? __pfx_netlink_sendmsg+0x10/0x10 [ 169.555054][T12039] ? aa_sock_msg_perm+0x91/0x160 [ 169.555078][T12039] ? __pfx_netlink_sendmsg+0x10/0x10 [ 169.555109][T12039] __sock_sendmsg+0x221/0x270 [ 169.555140][T12039] ____sys_sendmsg+0x52a/0x7e0 [ 169.555168][T12039] ? __pfx_____sys_sendmsg+0x10/0x10 [ 169.555191][T12039] ? __fget_files+0x2a/0x410 [ 169.555223][T12039] ? __fget_files+0x2a/0x410 [ 169.555257][T12039] __sys_sendmsg+0x269/0x350 [ 169.555281][T12039] ? bpf_lsm_file_permission+0x9/0x10 [ 169.555303][T12039] ? __pfx___sys_sendmsg+0x10/0x10 [ 169.555333][T12039] ? do_sys_openat2+0x17a/0x1d0 [ 169.555378][T12039] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 169.555406][T12039] ? rcu_is_watching+0x15/0xb0 [ 169.555437][T12039] ? rcu_is_watching+0x15/0xb0 [ 169.555470][T12039] do_syscall_64+0xf3/0x230 [ 169.555490][T12039] ? clear_bhb_loop+0x35/0x90 [ 169.555515][T12039] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 169.555537][T12039] RIP: 0033:0x7ff45918cd29 [ 169.555555][T12039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 169.555574][T12039] RSP: 002b:00007ff459f9f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 169.555597][T12039] RAX: ffffffffffffffda RBX: 00007ff4593a5fa0 RCX: 00007ff45918cd29 [ 169.555612][T12039] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 169.555625][T12039] RBP: 00007ff459f9f090 R08: 0000000000000000 R09: 0000000000000000 [ 169.555638][T12039] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 169.555651][T12039] R13: 0000000000000000 R14: 00007ff4593a5fa0 R15: 00007ffd66a00328 [ 169.555675][T12039] [ 170.003927][T12043] netlink: 'syz.1.1919': attribute type 18 has an invalid length. [ 170.042521][T12046] netlink: 'syz.0.1920': attribute type 9 has an invalid length. [ 170.259010][T12069] netlink: 'syz.2.1928': attribute type 1 has an invalid length. [ 170.312321][T12077] netlink: 'syz.2.1928': attribute type 2 has an invalid length. [ 170.327817][T12069] nbd: socks must be embedded in a SOCK_ITEM attr [ 170.334383][T12069] block nbd0: shutting down sockets [ 170.541695][T12102] geneve2: entered promiscuous mode [ 170.556268][T12102] geneve2: entered allmulticast mode [ 170.565515][T12106] vcan0: entered allmulticast mode [ 170.591115][T12106] vcan0 (unregistering): left allmulticast mode [ 170.634418][T12112] netlink: 'syz.2.1942': attribute type 4 has an invalid length. [ 170.754794][T12117] __nla_validate_parse: 20 callbacks suppressed [ 170.754817][T12117] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1943'. [ 170.779206][T12121] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1946'. [ 170.789152][T12119] Bluetooth: hci0: Opcode 0x0401 failed: -22 [ 170.917438][T12131] netlink: 124 bytes leftover after parsing attributes in process `syz.1.1951'. [ 171.100802][T12148] validate_nla: 1 callbacks suppressed [ 171.100823][T12148] netlink: 'syz.2.1955': attribute type 10 has an invalid length. [ 171.129097][T12148] veth0_macvtap: left promiscuous mode [ 171.135415][T12148] team0: Device veth0_macvtap failed to register rx_handler [ 171.198360][T12160] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1959'. [ 171.215585][T12161] netlink: 830 bytes leftover after parsing attributes in process `syz.0.1960'. [ 171.319888][T12173] FAULT_INJECTION: forcing a failure. [ 171.319888][T12173] name failslab, interval 1, probability 0, space 0, times 0 [ 171.351076][T12173] CPU: 0 UID: 0 PID: 12173 Comm: syz.1.1964 Not tainted 6.13.0-syzkaller-04058-g05d91cdb1f91 #0 [ 171.351114][T12173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 171.351128][T12173] Call Trace: [ 171.351135][T12173] [ 171.351144][T12173] dump_stack_lvl+0x241/0x360 [ 171.351182][T12173] ? __pfx_dump_stack_lvl+0x10/0x10 [ 171.351213][T12173] ? __pfx__printk+0x10/0x10 [ 171.351243][T12173] ? ref_tracker_alloc+0x332/0x490 [ 171.351268][T12173] should_fail_ex+0x3b0/0x4e0 [ 171.351290][T12173] should_failslab+0xac/0x100 [ 171.351321][T12173] ? skb_clone+0x20c/0x390 [ 171.351345][T12173] kmem_cache_alloc_noprof+0x70/0x380 [ 171.351379][T12173] skb_clone+0x20c/0x390 [ 171.351406][T12173] __netlink_deliver_tap+0x3cc/0x7f0 [ 171.351437][T12173] ? netlink_deliver_tap+0x2e/0x1b0 [ 171.351459][T12173] netlink_deliver_tap+0x19d/0x1b0 [ 171.351484][T12173] __netlink_sendskb+0x60/0xd0 [ 171.351505][T12173] netlink_dump+0x9f0/0xe10 [ 171.351532][T12173] ? __pfx_netlink_dump+0x10/0x10 [ 171.351562][T12173] ? __asan_memset+0x23/0x50 [ 171.351584][T12173] ? genl_start+0x4ae/0x6d0 [ 171.351616][T12173] __netlink_dump_start+0x5a2/0x790 [ 171.351645][T12173] genl_rcv_msg+0x88c/0xec0 [ 171.351679][T12173] ? __pfx_genl_rcv_msg+0x10/0x10 [ 171.351706][T12173] ? __dev_queue_xmit+0x1775/0x3f50 [ 171.351734][T12173] ? __pfx_genl_start+0x10/0x10 [ 171.351762][T12173] ? __pfx_genl_dumpit+0x10/0x10 [ 171.351789][T12173] ? __pfx_genl_done+0x10/0x10 [ 171.351821][T12173] ? rcu_is_watching+0x15/0xb0 [ 171.351853][T12173] ? lock_acquire+0xe3/0x550 [ 171.351879][T12173] ? __pfx___dev_queue_xmit+0x10/0x10 [ 171.351906][T12173] ? __pfx_lock_acquire+0x10/0x10 [ 171.351940][T12173] ? __pfx_tcp_metrics_nl_dump+0x10/0x10 [ 171.351970][T12173] ? __pfx___might_resched+0x10/0x10 [ 171.351998][T12173] netlink_rcv_skb+0x1e3/0x430 [ 171.352022][T12173] ? __pfx_genl_rcv_msg+0x10/0x10 [ 171.352051][T12173] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 171.352072][T12173] ? lock_release+0xbf/0xa30 [ 171.352105][T12173] ? __netlink_deliver_tap+0x7aa/0x7f0 [ 171.352132][T12173] genl_rcv+0x28/0x40 [ 171.352156][T12173] netlink_unicast+0x7f6/0x990 [ 171.352181][T12173] ? __pfx_netlink_unicast+0x10/0x10 [ 171.352200][T12173] ? __virt_addr_valid+0x45f/0x530 [ 171.352228][T12173] ? __phys_addr_symbol+0x2f/0x70 [ 171.352255][T12173] ? __check_object_size+0x47a/0x730 [ 171.352286][T12173] netlink_sendmsg+0x8e4/0xcb0 [ 171.352317][T12173] ? __pfx_netlink_sendmsg+0x10/0x10 [ 171.352343][T12173] ? aa_sock_msg_perm+0x91/0x160 [ 171.352369][T12173] ? __pfx_netlink_sendmsg+0x10/0x10 [ 171.352392][T12173] __sock_sendmsg+0x221/0x270 [ 171.352423][T12173] ____sys_sendmsg+0x52a/0x7e0 [ 171.352451][T12173] ? __pfx_____sys_sendmsg+0x10/0x10 [ 171.352474][T12173] ? __fget_files+0x2a/0x410 [ 171.352506][T12173] ? __fget_files+0x2a/0x410 [ 171.352540][T12173] __sys_sendmsg+0x269/0x350 [ 171.352563][T12173] ? bpf_lsm_file_permission+0x9/0x10 [ 171.352586][T12173] ? __pfx___sys_sendmsg+0x10/0x10 [ 171.352617][T12173] ? do_sys_openat2+0x17a/0x1d0 [ 171.352660][T12173] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 171.352688][T12173] ? rcu_is_watching+0x15/0xb0 [ 171.352721][T12173] ? rcu_is_watching+0x15/0xb0 [ 171.352753][T12173] do_syscall_64+0xf3/0x230 [ 171.352774][T12173] ? clear_bhb_loop+0x35/0x90 [ 171.352799][T12173] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 171.352821][T12173] RIP: 0033:0x7f076598cd29 [ 171.352839][T12173] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 171.352857][T12173] RSP: 002b:00007f0766751038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 171.352880][T12173] RAX: ffffffffffffffda RBX: 00007f0765ba5fa0 RCX: 00007f076598cd29 [ 171.352895][T12173] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 171.352913][T12173] RBP: 00007f0766751090 R08: 0000000000000000 R09: 0000000000000000 [ 171.352932][T12173] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 171.352945][T12173] R13: 0000000000000000 R14: 00007f0765ba5fa0 R15: 00007ffe01eca3c8 [ 171.352968][T12173] [ 171.989245][T12195] x_tables: duplicate underflow at hook 1 [ 171.995199][T12195] x_tables: duplicate underflow at hook 1 [ 172.001673][T12195] x_tables: duplicate underflow at hook 1 [ 172.007617][T12195] x_tables: duplicate underflow at hook 1 [ 172.013737][T12195] x_tables: duplicate underflow at hook 1 [ 172.020235][T12195] x_tables: duplicate underflow at hook 1 [ 172.026527][T12195] x_tables: duplicate underflow at hook 1 [ 172.032566][T12195] x_tables: duplicate underflow at hook 1 [ 172.057757][T12195] x_tables: duplicate underflow at hook 1 [ 172.210776][T12221] tipc: Invalid UDP bearer configuration [ 172.210814][T12221] tipc: Enabling of bearer rejected, failed to enable media [ 172.235202][T10105] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 172.247827][T10105] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 172.260206][T12222] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1977'. [ 172.276458][T12222] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1977'. [ 172.503548][T12242] xt_TCPMSS: Only works on TCP SYN packets [ 172.608809][T12256] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1989'. [ 172.618239][T12256] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1989'. [ 172.799160][T12261] netlink: 'syz.4.1992': attribute type 9 has an invalid length. [ 172.867164][ T5833] Bluetooth: hci0: command tx timeout [ 173.030106][T12276] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1996'. [ 173.273448][T12301] delete_channel: no stack [ 173.365886][T12304] syzkaller1: entered promiscuous mode [ 173.372275][T12304] syzkaller1: entered allmulticast mode [ 173.607227][ T5839] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 173.614728][ T5839] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 173.624659][ T5839] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 173.632845][ T5839] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 173.641590][ T5839] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 173.649788][ T5839] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 173.731205][T12321] netlink: 'syz.4.2012': attribute type 32 has an invalid length. [ 173.795063][T12323] xt_CT: You must specify a L4 protocol and not use inversions on it [ 173.813223][T12328] (unnamed net_device) (uninitialized): option arp_all_targets: invalid value (18446744073709551613) [ 173.909904][T12313] chnl_net:caif_netlink_parms(): no params data found [ 173.994095][T12337] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 174.054429][T12342] bond3: entered promiscuous mode [ 174.061974][T12342] bond3: entered allmulticast mode [ 174.070307][T12342] 8021q: adding VLAN 0 to HW filter on device bond3 [ 174.079007][T12313] bridge0: port 1(bridge_slave_0) entered blocking state [ 174.091140][T12313] bridge0: port 1(bridge_slave_0) entered disabled state [ 174.099664][T12313] bridge_slave_0: entered allmulticast mode [ 174.107319][T12313] bridge_slave_0: entered promiscuous mode [ 174.130973][T12337] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 174.154432][T12313] bridge0: port 2(bridge_slave_1) entered blocking state [ 174.161936][T12313] bridge0: port 2(bridge_slave_1) entered disabled state [ 174.170260][T12313] bridge_slave_1: entered allmulticast mode [ 174.178674][T12313] bridge_slave_1: entered promiscuous mode [ 174.208258][T12337] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 174.252039][T12313] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 174.315355][T12337] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 174.334775][T12313] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 174.372386][T12313] team0: Port device team_slave_0 added [ 174.383119][T12313] team0: Port device team_slave_1 added [ 174.428934][T12313] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 174.436110][T12313] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 174.466118][T12313] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 174.481154][T12313] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 174.488549][T12313] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 174.519788][T12313] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 174.541449][T12337] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.556059][T12337] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.576472][T12372] tipc: Enabling of bearer rejected, failed to enable media [ 174.589960][T12337] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.603409][T12337] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.658242][T12313] hsr_slave_0: entered promiscuous mode [ 174.664661][T12313] hsr_slave_1: entered promiscuous mode [ 174.679253][T12313] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 174.696710][T12313] Cannot create hsr debugfs directory [ 174.736280][T12381] netlink: 'syz.3.2029': attribute type 4 has an invalid length. [ 174.852533][T12391] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 174.888792][T12313] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 174.963568][T12313] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 175.046410][T12313] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 175.119729][T12313] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 175.197196][T12420] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 175.258669][T12313] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 175.289908][T12313] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 175.302838][T12429] netlink: 'syz.3.2046': attribute type 12 has an invalid length. [ 175.329253][T12313] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 175.341634][T12313] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 175.522279][T12313] 8021q: adding VLAN 0 to HW filter on device bond0 [ 175.542336][T12313] 8021q: adding VLAN 0 to HW filter on device team0 [ 175.555958][ T61] bridge0: port 1(bridge_slave_0) entered blocking state [ 175.563152][ T61] bridge0: port 1(bridge_slave_0) entered forwarding state [ 175.590487][ T61] bridge0: port 2(bridge_slave_1) entered blocking state [ 175.597715][ T61] bridge0: port 2(bridge_slave_1) entered forwarding state [ 175.666172][T12455] netlink: 'syz.1.2057': attribute type 12 has an invalid length. [ 175.668099][ T5839] Bluetooth: hci4: command tx timeout [ 175.768490][T12464] __nla_validate_parse: 4 callbacks suppressed [ 175.768513][T12464] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2060'. [ 175.922671][T12475] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 175.999079][T12313] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 176.082815][T12313] veth0_vlan: entered promiscuous mode [ 176.095536][T12313] veth1_vlan: entered promiscuous mode [ 176.142951][T12313] veth0_macvtap: entered promiscuous mode [ 176.162170][T12313] veth1_macvtap: entered promiscuous mode [ 176.172247][T12500] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2070'. [ 176.191776][T12313] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 176.216426][T12313] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 176.241709][T12313] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 176.252235][T12313] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 176.262225][T12313] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 176.271675][T12313] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 176.423274][T10108] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 176.438728][T10108] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 176.472925][T12506] netlink: 'syz.4.2075': attribute type 10 has an invalid length. [ 176.475201][T12510] vlan0: entered allmulticast mode [ 176.541625][T12515] pimreg: entered allmulticast mode [ 176.550532][T12516] pimreg: left allmulticast mode [ 176.574031][T12097] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 176.585152][T12097] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 176.609385][T12506] x_tables: ip6_tables: recent.0 match: invalid size 216 (kernel) != (user) 232 [ 176.613179][T12524] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 176.712489][ T29] audit: type=1107 audit(1738012445.472:3): pid=12525 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='Ù‹5ž÷Œ•%èÍUýAÊÃä™l…t¿Ý•/Öÿ Ž6òŠ¨Šç›' [ 176.721739][T12529] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2081'. [ 176.814094][T12534] xt_l2tp: unknown flags: 18 [ 176.842210][T12534] tipc: Started in network mode [ 176.848789][T12534] tipc: Node identity 080211000001, cluster identity 4711 [ 176.874652][T12534] tipc: Enabled bearer , priority 0 [ 176.933435][T12534] netlink: 830 bytes leftover after parsing attributes in process `syz.3.2083'. [ 176.948892][T12545] netlink: 'syz.1.2088': attribute type 1 has an invalid length. [ 176.958095][T12545] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2088'. [ 176.969323][T12534] mac80211_hwsim hwsim9 +: renamed from syzkaller0 [ 176.980765][T12534] tipc: Disabling bearer [ 177.061751][T12562] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2089'. [ 177.086467][T12566] tipc: Trying to set illegal importance in message [ 177.100462][T12568] xt_policy: output policy not valid in PREROUTING and INPUT [ 177.171115][T12574] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2091'. [ 177.220584][T12580] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2095'. [ 177.278168][T12584] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2096'. [ 177.294863][T12588] netlink: 228 bytes leftover after parsing attributes in process `syz.4.2099'. [ 177.295961][T12587] xt_TCPMSS: Only works on TCP SYN packets [ 177.448568][T12598] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check. [ 177.592902][T12611] openvswitch: netlink: Flow key attr not present in new flow. [ 178.081478][T12097] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 178.453702][ T5833] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 178.461491][ T5833] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 178.469943][ T5833] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 178.478203][ T5833] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 178.486358][ T5833] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 178.493967][ T5833] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 178.518360][T12689] netlink: 'syz.1.2127': attribute type 12 has an invalid length. [ 178.951490][T12683] chnl_net:caif_netlink_parms(): no params data found [ 178.998500][T12725] netlink: 'syz.4.2133': attribute type 3 has an invalid length. [ 179.018688][T12725] netlink: 'syz.4.2133': attribute type 2 has an invalid length. [ 179.129244][T12734] netlink: 'syz.3.2139': attribute type 1 has an invalid length. [ 179.244143][T12683] bridge0: port 1(bridge_slave_0) entered blocking state [ 179.258049][T12683] bridge0: port 1(bridge_slave_0) entered disabled state [ 179.265546][T12683] bridge_slave_0: entered allmulticast mode [ 179.274113][T12683] bridge_slave_0: entered promiscuous mode [ 179.283236][T12683] bridge0: port 2(bridge_slave_1) entered blocking state [ 179.290729][T12683] bridge0: port 2(bridge_slave_1) entered disabled state [ 179.317870][T12683] bridge_slave_1: entered allmulticast mode [ 179.335741][T12683] bridge_slave_1: entered promiscuous mode [ 179.368527][T12756] No such timeout policy "syz0" [ 179.407107][T12753] openvswitch: netlink: Geneve option length err (len 256, max 255). [ 179.409109][T12683] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 179.454960][T12683] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 179.533307][T12683] team0: Port device team_slave_0 added [ 179.543123][T12683] team0: Port device team_slave_1 added [ 179.614336][T12683] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 179.629953][T12683] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 179.661332][T12683] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 179.682775][T12683] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 179.690222][T12683] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 179.741282][T12683] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 179.780732][T12097] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 179.802453][T12786] xt_nfacct: accounting object `syz1' does not exists [ 179.861616][T12097] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 179.881360][T12683] hsr_slave_0: entered promiscuous mode [ 179.905692][T12683] hsr_slave_1: entered promiscuous mode [ 179.914021][T12683] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 179.925438][T12683] Cannot create hsr debugfs directory [ 179.949843][T12794] IPv6: sit2: Disabled Multicast RS [ 179.994855][T12097] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 180.069830][T12806] sctp: [Deprecated]: syz.1.2162 (pid 12806) Use of int in max_burst socket option deprecated. [ 180.069830][T12806] Use struct sctp_assoc_value instead [ 180.177296][T12097] bridge_slave_1: left allmulticast mode [ 180.183649][T12097] bridge_slave_1: left promiscuous mode [ 180.189510][T12097] bridge0: port 2(bridge_slave_1) entered disabled state [ 180.199793][T12097] bridge_slave_0: left allmulticast mode [ 180.205830][T12097] bridge_slave_0: left promiscuous mode [ 180.214715][T12097] bridge0: port 1(bridge_slave_0) entered disabled state [ 180.266524][T12820] sctp: [Deprecated]: syz.4.2164 (pid 12820) Use of struct sctp_assoc_value in delayed_ack socket option. [ 180.266524][T12820] Use struct sctp_sack_info instead [ 180.284246][T12821] sctp: [Deprecated]: syz.4.2164 (pid 12821) Use of struct sctp_assoc_value in delayed_ack socket option. [ 180.284246][T12821] Use struct sctp_sack_info instead [ 180.378590][T12097] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 180.389934][T12097] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 180.401590][T12097] bond0 (unregistering): Released all slaves [ 180.547371][ T5839] Bluetooth: hci4: command tx timeout [ 180.560448][T12836] batadv_slave_1: entered promiscuous mode [ 180.566480][T12836] batadv_slave_1: entered allmulticast mode [ 180.612419][T12840] netlink: 'syz.2.2171': attribute type 1 has an invalid length. [ 180.651069][T12840] 8021q: adding VLAN 0 to HW filter on device bond2 [ 180.806136][T12097] hsr_slave_0: left promiscuous mode [ 180.814887][T12097] hsr_slave_1: left promiscuous mode [ 180.823724][T12097] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 180.832333][T12097] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 180.840511][T12097] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 180.848410][T12097] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 180.859153][T12097] veth1_macvtap: left promiscuous mode [ 180.864865][T12097] veth0_macvtap: left promiscuous mode [ 180.870997][T12097] veth1_vlan: left promiscuous mode [ 180.876371][T12097] veth0_vlan: left promiscuous mode [ 180.998131][T10085] bond1: (slave ip6gretap1): link status up again after 0 ms [ 181.021699][T12863] __nla_validate_parse: 16 callbacks suppressed [ 181.021725][T12863] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2177'. [ 181.043550][T10085] bond1: (slave ip6gretap1): link status up again after 0 ms [ 181.066723][T10105] bond1: (slave ip6gretap1): link status up again after 0 ms [ 181.100662][T10085] bond1: (slave ip6gretap1): link status up again after 0 ms [ 181.118545][T12097] team0 (unregistering): Port device team_slave_1 removed [ 181.127157][T10108] bond1: (slave ip6gretap1): link status up again after 0 ms [ 181.138658][T12097] team0 (unregistering): Port device team_slave_0 removed [ 181.146839][T10105] bond1: (slave ip6gretap1): link status up again after 0 ms [ 181.166707][T10105] bond1: (slave ip6gretap1): link status up again after 0 ms [ 181.186966][T10085] bond1: (slave ip6gretap1): link status up again after 0 ms [ 181.195616][T12872] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2177'. [ 181.217183][T10085] bond1: (slave ip6gretap1): link status up again after 0 ms [ 181.237642][T10085] bond1: (slave ip6gretap1): link status up again after 0 ms [ 181.304570][T12683] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 181.327153][T12683] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 181.335281][T12877] xt_hashlimit: overflow, try lower: 4294967295/0 [ 181.338022][T12683] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 181.363169][T12683] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 181.552888][T12683] 8021q: adding VLAN 0 to HW filter on device bond0 [ 181.582470][T12683] 8021q: adding VLAN 0 to HW filter on device team0 [ 181.602546][T10085] bridge0: port 1(bridge_slave_0) entered blocking state [ 181.609761][T10085] bridge0: port 1(bridge_slave_0) entered forwarding state [ 181.637847][T10085] bridge0: port 2(bridge_slave_1) entered blocking state [ 181.645053][T10085] bridge0: port 2(bridge_slave_1) entered forwarding state [ 181.684078][T12896] (unnamed net_device) (uninitialized): ARP target 1.0.0.0 is already present [ 181.723404][T12910] netlink: 'syz.4.2188': attribute type 1 has an invalid length. [ 181.730058][T12896] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (1) [ 181.731759][T12911] netlink: 'syz.4.2188': attribute type 1 has an invalid length. [ 181.755486][T12910] netlink: 'syz.4.2188': attribute type 4 has an invalid length. [ 181.764439][T12910] netlink: 15334 bytes leftover after parsing attributes in process `syz.4.2188'. [ 181.774150][T12911] netlink: 'syz.4.2188': attribute type 4 has an invalid length. [ 181.787869][T12911] netlink: 15334 bytes leftover after parsing attributes in process `syz.4.2188'. [ 181.874315][T12919] netlink: 'syz.4.2190': attribute type 1 has an invalid length. [ 181.896114][T12919] netlink: 228 bytes leftover after parsing attributes in process `syz.4.2190'. [ 182.074684][T12941] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.2196'. [ 182.094746][T12941] IPVS: set_ctl: invalid protocol: 2 255.255.255.255:20003 [ 182.100713][T12683] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 182.198251][T12683] veth0_vlan: entered promiscuous mode [ 182.240505][T12683] veth1_vlan: entered promiscuous mode [ 182.276446][T12959] netlink: 72 bytes leftover after parsing attributes in process `syz.4.2201'. [ 182.283232][T12683] veth0_macvtap: entered promiscuous mode [ 182.305383][T12683] veth1_macvtap: entered promiscuous mode [ 182.343847][T12683] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 182.372364][T12960] ebt_among: wrong size: 1048 against expected 1006634004, rounded to 1006634008 [ 182.383922][T12683] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 182.397103][T12959] ebt_among: wrong size: 1048 against expected 1006634004, rounded to 1006634008 [ 182.415709][T12683] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.443328][T12683] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.475235][T12683] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.494248][T12683] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.534093][T12970] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2203'. [ 182.572766][T12977] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2204'. [ 182.584466][T12970] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2203'. [ 182.627296][ T5839] Bluetooth: hci4: command tx timeout [ 182.773118][T10085] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 182.783649][T10085] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 182.826787][T10105] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 182.850153][T10105] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 183.158903][T13034] tipc: Enabling of bearer rejected, failed to enable media [ 183.327689][T13048] syzkaller0: entered promiscuous mode [ 183.333375][T13048] syzkaller0: entered allmulticast mode [ 183.340845][T10105] syzkaller0: tun_net_xmit 48 [ 183.348148][T13048] syzkaller0: create flow: hash 3233922650 index 1 [ 183.357306][T13047] syzkaller0: delete flow: hash 3233922650 index 1 [ 183.602897][T13067] pimreg: entered allmulticast mode [ 183.933646][T13106] netlink: 'syz.1.2248': attribute type 29 has an invalid length. [ 183.947329][T13106] netlink: 'syz.1.2248': attribute type 29 has an invalid length. [ 184.010690][T13106] unsupported nla_type 58 [ 184.014571][T13107] netlink: 'syz.1.2248': attribute type 11 has an invalid length. [ 184.051674][T10105] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.297541][T13124] netlink: 'syz.4.2256': attribute type 4 has an invalid length. [ 184.548144][T13142] netlink: 'syz.1.2260': attribute type 4 has an invalid length. [ 184.575676][ T5833] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 184.585654][ T5833] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 184.590037][T13142] netlink: 'syz.1.2260': attribute type 4 has an invalid length. [ 184.601247][ T5833] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 184.611393][ T5833] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 184.619385][ T5833] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 184.630639][ T5833] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 184.999569][T13143] chnl_net:caif_netlink_parms(): no params data found [ 185.202777][T13182] can: request_module (can-proto-3) failed. [ 185.300703][T10105] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 185.325956][T13143] bridge0: port 1(bridge_slave_0) entered blocking state [ 185.346250][T13143] bridge0: port 1(bridge_slave_0) entered disabled state [ 185.357146][T13143] bridge_slave_0: entered allmulticast mode [ 185.364510][T13143] bridge_slave_0: entered promiscuous mode [ 185.416837][T13143] bridge0: port 2(bridge_slave_1) entered blocking state [ 185.424287][T13143] bridge0: port 2(bridge_slave_1) entered disabled state [ 185.447053][T13143] bridge_slave_1: entered allmulticast mode [ 185.454348][T13143] bridge_slave_1: entered promiscuous mode [ 185.480868][T10105] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 185.553913][T13143] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 185.598790][T13143] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 185.678320][T10105] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 185.720085][T13143] team0: Port device team_slave_0 added [ 185.740456][T13143] team0: Port device team_slave_1 added [ 185.788513][T13143] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 185.795499][T13143] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 185.841001][T13143] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 185.882807][T13143] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 185.901210][T13143] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 185.928337][T13143] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 186.031826][T10105] bridge_slave_1: left allmulticast mode [ 186.038066][T10105] bridge_slave_1: left promiscuous mode [ 186.044127][T10105] bridge0: port 2(bridge_slave_1) entered disabled state [ 186.063709][T10105] bridge_slave_0: left allmulticast mode [ 186.066215][T13239] __nla_validate_parse: 21 callbacks suppressed [ 186.066236][T13239] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2291'. [ 186.075284][T10105] bridge_slave_0: left promiscuous mode [ 186.091128][T10105] bridge0: port 1(bridge_slave_0) entered disabled state [ 186.099633][T13234] xt_check_table_hooks: 56 callbacks suppressed [ 186.099653][T13234] x_tables: duplicate underflow at hook 3 [ 186.115718][T13241] net_ratelimit: 44 callbacks suppressed [ 186.115739][T13241] openvswitch: netlink: Invalid MD length 0 for MD type 0 [ 186.131849][T13241] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 186.152178][T13143] hsr_slave_0: entered promiscuous mode [ 186.159282][T13143] hsr_slave_1: entered promiscuous mode [ 186.165687][T13143] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 186.175207][T13143] Cannot create hsr debugfs directory [ 186.181119][T13239] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-tlb(5) [ 186.332745][T10105] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 186.343864][T10105] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 186.354301][T10105] bond0 (unregistering): Released all slaves [ 186.364952][T13244] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2295'. [ 186.452854][T13255] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2298'. [ 186.470937][T13260] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2299'. [ 186.480395][T13260] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2299'. [ 186.549544][T10108] tipc: Subscription rejected, illegal request [ 186.568236][ T61] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 186.706903][ T5839] Bluetooth: hci4: command tx timeout [ 186.783346][ T8319] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 186.888136][T13285] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2307'. [ 186.934508][T10105] hsr_slave_0: left promiscuous mode [ 186.976234][T10105] hsr_slave_1: left promiscuous mode [ 186.987973][T10105] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 187.008675][T10105] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 187.017502][T10105] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 187.035264][T10105] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 187.045484][T13302] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2312'. [ 187.058145][T10105] veth1_macvtap: left promiscuous mode [ 187.063720][T10105] veth0_macvtap: left promiscuous mode [ 187.075891][T10105] veth1_vlan: left promiscuous mode [ 187.081584][T10105] veth0_vlan: left promiscuous mode [ 187.200406][T13304] IPv6: Can't replace route, no match found [ 187.297425][T10105] team0 (unregistering): Port device team_slave_1 removed [ 187.310464][T10105] team0 (unregistering): Port device team_slave_0 removed [ 187.395684][T13143] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 187.409165][T13143] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 187.422817][T13143] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 187.445552][T13143] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 187.455176][T13317] openvswitch: netlink: IP tunnel TTL not specified. [ 187.567901][T13322] bond0: (slave ipvlan1): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 187.585749][T13322] bond0: (slave ipvlan1): The slave device specified does not support setting the MAC address [ 187.601171][T13322] bond0: (slave ipvlan1): Error -95 calling set_mac_address [ 187.638293][T12097] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 187.735142][T13143] 8021q: adding VLAN 0 to HW filter on device bond0 [ 187.772629][T13143] 8021q: adding VLAN 0 to HW filter on device team0 [ 187.787660][T12097] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 187.816975][ T8319] bridge0: port 1(bridge_slave_0) entered blocking state [ 187.824117][ T8319] bridge0: port 1(bridge_slave_0) entered forwarding state [ 187.855541][T10108] bridge0: port 2(bridge_slave_1) entered blocking state [ 187.862761][T10108] bridge0: port 2(bridge_slave_1) entered forwarding state [ 187.936866][T10108] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 187.957306][T13338] dvmrp0: entered allmulticast mode [ 188.048770][T10108] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 188.186958][ T8319] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 188.229673][T13143] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 188.301515][T13143] veth0_vlan: entered promiscuous mode [ 188.332519][T13143] veth1_vlan: entered promiscuous mode [ 188.422862][ T5833] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 188.427907][T13143] veth0_macvtap: entered promiscuous mode [ 188.437319][ T5833] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 188.445629][T13143] veth1_macvtap: entered promiscuous mode [ 188.445666][ T5833] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 188.460228][ T5833] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 188.464857][T13143] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 188.477134][ T5833] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 188.484978][ T5833] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 188.486669][T13143] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 188.510225][T13143] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.520351][T13143] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.532239][T13143] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.541536][T13143] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.638804][T13368] netlink: 165 bytes leftover after parsing attributes in process `syz.3.2333'. [ 188.653095][T10105] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 188.662541][T10105] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 188.791906][T10105] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 188.800911][ T5839] Bluetooth: hci4: command tx timeout [ 188.821423][T10105] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 189.158077][T13408] netlink: 256 bytes leftover after parsing attributes in process `syz.2.2341'. [ 189.253906][T13359] chnl_net:caif_netlink_parms(): no params data found [ 189.296517][T13417] validate_nla: 2 callbacks suppressed [ 189.296537][T13417] netlink: 'syz.1.2340': attribute type 1 has an invalid length. [ 189.369998][T13417] 8021q: adding VLAN 0 to HW filter on device bond4 [ 189.432176][T13359] bridge0: port 1(bridge_slave_0) entered blocking state [ 189.439874][T13359] bridge0: port 1(bridge_slave_0) entered disabled state [ 189.447718][T13359] bridge_slave_0: entered allmulticast mode [ 189.454901][T13359] bridge_slave_0: entered promiscuous mode [ 189.465256][T13359] bridge0: port 2(bridge_slave_1) entered blocking state [ 189.472861][T13359] bridge0: port 2(bridge_slave_1) entered disabled state [ 189.481535][T13359] bridge_slave_1: entered allmulticast mode [ 189.488747][T13359] bridge_slave_1: entered promiscuous mode [ 189.528754][T13359] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 189.540140][T13359] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 189.585792][T13359] team0: Port device team_slave_0 added [ 189.606204][T13359] team0: Port device team_slave_1 added [ 189.630338][T13359] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 189.637473][T13359] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 189.664059][T13359] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 189.666311][T13437] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2347'. [ 189.684218][ T5849] IPVS: starting estimator thread 0... [ 189.693181][T13359] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 189.700662][T13359] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 189.728008][T13359] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 189.762829][T13359] hsr_slave_0: entered promiscuous mode [ 189.770089][T13359] hsr_slave_1: entered promiscuous mode [ 189.776198][T13359] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 189.784221][T13438] IPVS: using max 36 ests per chain, 86400 per kthread [ 189.786121][T13359] Cannot create hsr debugfs directory [ 190.011293][T13359] bond0: (slave netdevsim0): Releasing backup interface [ 190.074219][T13359] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 190.084319][T13359] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 190.093497][T13359] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 190.105168][T13359] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 190.162062][T10085] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 190.237299][T13359] 8021q: adding VLAN 0 to HW filter on device bond0 [ 190.257908][T13359] 8021q: adding VLAN 0 to HW filter on device team0 [ 190.273120][T12097] bridge0: port 1(bridge_slave_0) entered blocking state [ 190.280445][T12097] bridge0: port 1(bridge_slave_0) entered forwarding state [ 190.299587][T12097] bridge0: port 2(bridge_slave_1) entered blocking state [ 190.306803][T12097] bridge0: port 2(bridge_slave_1) entered forwarding state [ 190.451698][T13359] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 190.547036][ T5839] Bluetooth: hci2: command tx timeout [ 190.579979][T13359] veth0_vlan: entered promiscuous mode [ 190.590372][T13359] veth1_vlan: entered promiscuous mode [ 190.612315][T13359] veth0_macvtap: entered promiscuous mode [ 190.621702][T13359] veth1_macvtap: entered promiscuous mode [ 190.636138][T13359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 190.647075][T13359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 190.659493][T13359] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 190.671118][T13359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 190.682127][T13359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 190.693318][T13359] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 190.704865][T13359] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 190.714758][T13359] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 190.723843][T13359] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 190.767854][T13359] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 190.815053][ T29] audit: type=1107 audit(1738012459.572:4): pid=13461 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 190.817585][ T29] audit: type=1107 audit(1738012459.582:5): pid=13461 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 191.071394][T10085] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.091615][ T2970] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 191.110905][ T2970] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 191.132601][T13474] netlink: 'syz.1.2355': attribute type 15 has an invalid length. [ 191.141348][ T5833] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 191.147094][T13474] __nla_validate_parse: 5 callbacks suppressed [ 191.147128][T13474] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2355'. [ 191.160067][ T5833] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 191.174389][ T5833] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 191.182502][ T5833] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 191.190976][ T5833] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 191.198820][ T5833] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 191.212791][ T8319] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 191.227225][T12097] net_ratelimit: 16 callbacks suppressed [ 191.227250][T12097] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 191.242995][ T8319] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 191.359208][ T8319] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 191.443471][T13498] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2360'. [ 191.489309][T10085] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.553766][T10085] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.585083][T13482] chnl_net:caif_netlink_parms(): no params data found [ 191.650769][T13482] bridge0: port 1(bridge_slave_0) entered blocking state [ 191.658211][T13482] bridge0: port 1(bridge_slave_0) entered disabled state [ 191.665474][T13482] bridge_slave_0: entered allmulticast mode [ 191.673751][T13482] bridge_slave_0: entered promiscuous mode [ 191.680026][T13515] xt_CONNSECMARK: invalid mode: 0 [ 191.692726][T13482] bridge0: port 2(bridge_slave_1) entered blocking state [ 191.700003][T13482] bridge0: port 2(bridge_slave_1) entered disabled state [ 191.707458][T13482] bridge_slave_1: entered allmulticast mode [ 191.714406][T13482] bridge_slave_1: entered promiscuous mode [ 191.752045][T13482] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 191.764052][T13482] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 191.795165][T10085] bridge_slave_1: left allmulticast mode [ 191.801227][T10085] bridge_slave_1: left promiscuous mode [ 191.807456][T10085] bridge0: port 2(bridge_slave_1) entered disabled state [ 191.816031][T10085] bridge_slave_0: left allmulticast mode [ 191.822529][T10085] bridge_slave_0: left promiscuous mode [ 191.829027][T10085] bridge0: port 1(bridge_slave_0) entered disabled state [ 191.941417][T10085] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 191.952553][T10085] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 191.967240][T10085] bond0 (unregistering): Released all slaves [ 191.980047][T13482] team0: Port device team_slave_0 added [ 191.993031][T13518] IPv6: sit1: Disabled Multicast RS [ 192.001360][T13518] sit1: entered allmulticast mode [ 192.031668][T13482] team0: Port device team_slave_1 added [ 192.060627][T13482] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 192.073925][T13482] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 192.101917][T13482] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 192.114735][T13482] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 192.132348][T13482] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 192.160329][T13482] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 192.220369][T13482] hsr_slave_0: entered promiscuous mode [ 192.228725][T13482] hsr_slave_1: entered promiscuous mode [ 192.235020][T13482] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 192.243384][T13482] Cannot create hsr debugfs directory [ 192.266464][T13530] netlink: 'syz.2.2367': attribute type 41 has an invalid length. [ 192.308412][T10108] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 192.374723][T13533] netlink: 52 bytes leftover after parsing attributes in process `syz.1.2369'. [ 192.453417][ T2970] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 192.520157][T13541] netlink: 'syz.1.2370': attribute type 21 has an invalid length. [ 192.541446][T13541] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2370'. [ 192.566072][T10085] hsr_slave_0: left promiscuous mode [ 192.580467][T10085] hsr_slave_1: left promiscuous mode [ 192.588492][T10085] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 192.602361][T10085] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 192.618478][T10085] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 192.632532][T10085] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 192.646275][T10085] veth1_macvtap: left promiscuous mode [ 192.652410][T10085] veth0_macvtap: left promiscuous mode [ 192.658345][T10085] veth1_vlan: left promiscuous mode [ 192.663979][T10085] veth0_vlan: left promiscuous mode [ 192.825649][T13556] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2376'. [ 192.840249][T13556] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 192.912865][T10085] team0 (unregistering): Port device team_slave_1 removed [ 192.932996][T10085] team0 (unregistering): Port device team_slave_0 removed [ 193.035386][T13564] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2377'. [ 193.057354][T13564] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2377'. [ 193.142489][ T2970] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 193.235054][T13482] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 193.255200][T13482] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 193.267404][ T5839] Bluetooth: hci4: command tx timeout [ 193.280152][T13482] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 193.302293][T13482] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 193.348374][ T2970] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 193.373343][ T5833] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 193.381309][ T5833] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 193.389083][ T5833] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 193.397182][ T5833] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 193.404728][ T5833] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 193.412496][ T5833] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 193.488744][ T8319] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 193.528424][T13482] 8021q: adding VLAN 0 to HW filter on device bond0 [ 193.549121][T13482] 8021q: adding VLAN 0 to HW filter on device team0 [ 193.573953][ T8319] bridge0: port 1(bridge_slave_0) entered blocking state [ 193.581153][ T8319] bridge0: port 1(bridge_slave_0) entered forwarding state [ 193.604230][T13589] (unnamed net_device) (uninitialized): option resend_igmp: invalid value (32767) [ 193.613708][T13589] (unnamed net_device) (uninitialized): option resend_igmp: allowed values 0 - 255 [ 193.629012][ T8319] bridge0: port 2(bridge_slave_1) entered blocking state [ 193.636237][ T8319] bridge0: port 2(bridge_slave_1) entered forwarding state [ 193.652290][T10085] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.791281][ T8319] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 193.831141][T13598] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2387'. [ 193.855599][T13581] chnl_net:caif_netlink_parms(): no params data found [ 193.926562][T13482] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 193.949732][T12097] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 194.000009][T13581] bridge0: port 1(bridge_slave_0) entered blocking state [ 194.009558][T13581] bridge0: port 1(bridge_slave_0) entered disabled state [ 194.019567][T13581] bridge_slave_0: entered allmulticast mode [ 194.030855][T13581] bridge_slave_0: entered promiscuous mode [ 194.061792][T13581] bridge0: port 2(bridge_slave_1) entered blocking state [ 194.070139][T13581] bridge0: port 2(bridge_slave_1) entered disabled state [ 194.081721][T13581] bridge_slave_1: entered allmulticast mode [ 194.089735][T13581] bridge_slave_1: entered promiscuous mode [ 194.100243][T13615] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2388'. [ 194.166568][T13581] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 194.184688][T13482] veth0_vlan: entered promiscuous mode [ 194.197841][T13581] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 194.237205][T13482] veth1_vlan: entered promiscuous mode [ 194.286442][T13581] team0: Port device team_slave_0 added [ 194.310967][T13581] team0: Port device team_slave_1 added [ 194.389957][T13482] veth0_macvtap: entered promiscuous mode [ 194.403898][T13581] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 194.428276][T13581] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 194.457502][T13627] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2394'. [ 194.470874][T13581] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 194.484561][T10085] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 194.507544][T13581] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 194.515344][T13581] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 194.544292][T13581] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 194.561715][T13630] tap0: tun_chr_ioctl cmd 1074025677 [ 194.568606][T13630] tap0: linktype set to 778 [ 194.587230][T13482] veth1_macvtap: entered promiscuous mode [ 194.621818][T10085] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 194.654133][T13581] hsr_slave_0: entered promiscuous mode [ 194.661154][T13581] hsr_slave_1: entered promiscuous mode [ 194.669330][T13581] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 194.677664][T13581] Cannot create hsr debugfs directory [ 194.713581][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.715525][T13482] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 194.734398][T13482] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 194.750626][T13482] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 194.772225][T13482] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 194.785000][T13482] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 194.798070][T13482] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 194.853603][T10085] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 194.878049][T13644] netlink: 'syz.3.2398': attribute type 32 has an invalid length. [ 194.890655][T13482] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 194.900352][T13482] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 194.913009][T13482] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 194.924554][T13482] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 194.955545][T13644] (unnamed net_device) (uninitialized): Setting coupled_control to off (0) [ 195.112913][T10085] bridge_slave_1: left allmulticast mode [ 195.138339][T10085] bridge_slave_1: left promiscuous mode [ 195.145313][T10085] bridge0: port 2(bridge_slave_1) entered disabled state [ 195.166052][T10085] bridge_slave_0: left allmulticast mode [ 195.175350][T10085] bridge_slave_0: left promiscuous mode [ 195.184248][T10085] bridge0: port 1(bridge_slave_0) entered disabled state [ 195.332680][T10085] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 195.344791][T10085] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 195.353696][ T5839] Bluetooth: hci4: command tx timeout [ 195.361013][T10085] bond0 (unregistering): Released all slaves [ 195.380602][T13664] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 195.483175][T12097] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 195.483679][T13677] xt_CT: You must specify a L4 protocol and not use inversions on it [ 195.499369][T12097] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 195.516919][ T5839] Bluetooth: hci2: command tx timeout [ 195.546394][T10108] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 195.554862][T10108] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 195.704940][T10085] hsr_slave_0: left promiscuous mode [ 195.704982][T13686] x_tables: ip6_tables: MASQUERADE target: used from hooks INPUT, but only usable from POSTROUTING [ 195.722977][T10085] hsr_slave_1: left promiscuous mode [ 195.737832][T10085] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 195.746937][T10085] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 195.756744][T10085] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 195.767800][T10085] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 195.782676][T10085] veth1_macvtap: left promiscuous mode [ 195.788960][T10085] veth0_macvtap: left promiscuous mode [ 195.795199][T10085] veth1_vlan: left promiscuous mode [ 195.801004][T10085] veth0_vlan: left promiscuous mode [ 196.001635][T10085] team0 (unregistering): Port device team_slave_1 removed [ 196.014986][T10085] team0 (unregistering): Port device team_slave_0 removed [ 196.141205][T13581] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 196.170595][T13581] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 196.186243][T13581] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 196.192662][T13709] __nla_validate_parse: 5 callbacks suppressed [ 196.192684][T13709] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2419'. [ 196.214868][T13581] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 196.267593][ T61] net_ratelimit: 7 callbacks suppressed [ 196.267614][ T61] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 196.374596][T13725] netlink: 'syz.1.2426': attribute type 10 has an invalid length. [ 196.409775][T12097] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 196.438881][T13725] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 196.523014][T13734] tls_set_device_offload_rx: netdev not found [ 196.528351][T10108] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 196.554972][T13581] 8021q: adding VLAN 0 to HW filter on device bond0 [ 196.572552][T13581] 8021q: adding VLAN 0 to HW filter on device team0 [ 196.589171][ T2970] bridge0: port 1(bridge_slave_0) entered blocking state [ 196.596384][ T2970] bridge0: port 1(bridge_slave_0) entered forwarding state [ 196.624987][T12097] bridge0: port 2(bridge_slave_1) entered blocking state [ 196.632233][T12097] bridge0: port 2(bridge_slave_1) entered forwarding state [ 196.639151][T13740] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2431'. [ 196.650779][ T61] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 196.768235][ T2970] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 196.787132][ T5839] Bluetooth: hci3: command 0x0406 tx timeout [ 196.862537][T13581] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 196.887790][T12097] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 196.975913][ T8319] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 196.997112][T12097] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 197.086460][T13581] veth0_vlan: entered promiscuous mode [ 197.103501][T13581] veth1_vlan: entered promiscuous mode [ 197.129188][T13581] veth0_macvtap: entered promiscuous mode [ 197.139155][T13581] veth1_macvtap: entered promiscuous mode [ 197.154177][T13581] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 197.165019][T13581] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.177033][T13581] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 197.189635][T13581] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 197.200622][T13581] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.212539][T13581] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 197.226316][T13581] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.236030][T13581] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.247542][T13581] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.256459][T13581] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.310681][T10085] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 197.320174][T10085] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 197.335292][ T8319] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 197.357737][ T2970] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 197.366451][ T2970] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 197.374762][ T2970] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 197.416851][ T8319] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 197.473254][ T8319] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 197.507973][T10105] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 197.544898][ T8319] bridge_slave_1: left allmulticast mode [ 197.551112][ T8319] bridge_slave_1: left promiscuous mode [ 197.557744][ T8319] bridge0: port 2(bridge_slave_1) entered disabled state [ 197.566266][ T8319] bridge_slave_0: left allmulticast mode [ 197.573408][ T8319] bridge_slave_0: left promiscuous mode [ 197.579709][ T8319] bridge0: port 1(bridge_slave_0) entered disabled state [ 197.772611][ T8319] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 197.788696][ T8319] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 197.802853][ T8319] bond0 (unregistering): Released all slaves [ 197.847781][T12097] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 197.900187][ T5839] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 197.909187][ T5839] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 197.916487][ T5839] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 197.925945][ T5839] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 197.933504][ T5839] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 197.945784][ T5839] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 198.239235][T13804] netlink: 72 bytes leftover after parsing attributes in process `syz.3.2447'. [ 198.337192][T13815] x_tables: duplicate underflow at hook 1 [ 198.381018][T13785] chnl_net:caif_netlink_parms(): no params data found [ 198.431993][ T8319] hsr_slave_0: left promiscuous mode [ 198.438148][ T8319] hsr_slave_1: left promiscuous mode [ 198.444138][ T8319] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 198.455455][ T8319] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 198.473557][ T8319] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 198.496747][ T8319] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 198.521169][ T8319] veth1_macvtap: left promiscuous mode [ 198.533903][ T8319] veth0_macvtap: left promiscuous mode [ 198.546204][ T8319] veth1_vlan: left promiscuous mode [ 198.578246][ T8319] veth0_vlan: left promiscuous mode [ 199.057858][ T8319] team0 (unregistering): Port device team_slave_1 removed [ 199.104507][ T5833] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 199.113917][ T5833] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 199.121655][ T5833] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 199.129431][ T8319] team0 (unregistering): Port device team_slave_0 removed [ 199.130639][ T5833] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 199.144239][ T5833] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 199.151928][ T5833] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 199.195627][T13844] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2456'. [ 199.256801][T13845] netlink: 1316 bytes leftover after parsing attributes in process `syz.2.2456'. [ 199.275366][T13846] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2457'. [ 199.486142][T13785] bridge0: port 1(bridge_slave_0) entered blocking state [ 199.493969][T13785] bridge0: port 1(bridge_slave_0) entered disabled state [ 199.502925][T13785] bridge_slave_0: entered allmulticast mode [ 199.511023][T13785] bridge_slave_0: entered promiscuous mode [ 199.539202][T13785] bridge0: port 2(bridge_slave_1) entered blocking state [ 199.546360][T13785] bridge0: port 2(bridge_slave_1) entered disabled state [ 199.565151][T13785] bridge_slave_1: entered allmulticast mode [ 199.575159][T13785] bridge_slave_1: entered promiscuous mode [ 199.671453][T13785] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 199.683759][T13785] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 199.779129][T13785] team0: Port device team_slave_0 added [ 199.789412][T13785] team0: Port device team_slave_1 added [ 199.804114][T13883] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2469'. [ 199.842336][T13883] pim6reg: entered allmulticast mode [ 199.902226][T13883] pim6reg: left allmulticast mode [ 199.913795][T13785] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 199.921386][T13785] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 199.949532][T13785] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 199.965530][T13785] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 199.976555][T13785] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 200.005562][T13785] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 200.009179][ T5833] Bluetooth: hci2: command tx timeout [ 200.065517][T13837] chnl_net:caif_netlink_parms(): no params data found [ 200.085083][T13896] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2472'. [ 200.139973][T13904] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2476'. [ 200.207272][T13785] hsr_slave_0: entered promiscuous mode [ 200.213583][T13785] hsr_slave_1: entered promiscuous mode [ 200.219940][T13785] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 200.227795][T13785] Cannot create hsr debugfs directory [ 200.238837][ T8319] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 200.282394][T13837] bridge0: port 1(bridge_slave_0) entered blocking state [ 200.289708][T13837] bridge0: port 1(bridge_slave_0) entered disabled state [ 200.297279][T13837] bridge_slave_0: entered allmulticast mode [ 200.304219][T13837] bridge_slave_0: entered promiscuous mode [ 200.320990][T13837] bridge0: port 2(bridge_slave_1) entered blocking state [ 200.329149][T13837] bridge0: port 2(bridge_slave_1) entered disabled state [ 200.337169][T13837] bridge_slave_1: entered allmulticast mode [ 200.344008][T13837] bridge_slave_1: entered promiscuous mode [ 200.354658][ T8319] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 200.389816][T13837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 200.401964][T13837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 200.436398][T13837] team0: Port device team_slave_0 added [ 200.444197][ T8319] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 200.469821][T13837] team0: Port device team_slave_1 added [ 200.507146][ T8319] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 200.523015][T13837] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 200.531205][T13837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 200.559661][T13837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 200.572337][T13837] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 200.580135][T13837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 200.606796][T13837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 200.646042][T13837] hsr_slave_0: entered promiscuous mode [ 200.652472][T13837] hsr_slave_1: entered promiscuous mode [ 200.659351][T13837] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 200.667745][T13837] Cannot create hsr debugfs directory [ 200.714036][ T8319] bridge_slave_1: left allmulticast mode [ 200.724751][ T8319] bridge_slave_1: left promiscuous mode [ 200.730557][ T8319] bridge0: port 2(bridge_slave_1) entered disabled state [ 200.741376][ T8319] bridge_slave_0: left allmulticast mode [ 200.747533][ T8319] bridge_slave_0: left promiscuous mode [ 200.753637][ T8319] bridge0: port 1(bridge_slave_0) entered disabled state [ 200.900912][ T8319] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 200.911456][ T8319] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 200.921951][ T8319] bond0 (unregistering): Released all slaves [ 200.987869][T13785] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 200.999724][T13785] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 201.009285][T13785] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 201.028429][T13785] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 201.092968][T13785] 8021q: adding VLAN 0 to HW filter on device bond0 [ 201.118803][T13785] 8021q: adding VLAN 0 to HW filter on device team0 [ 201.130841][T10085] bridge0: port 1(bridge_slave_0) entered blocking state [ 201.138636][T10085] bridge0: port 1(bridge_slave_0) entered forwarding state [ 201.154366][T10108] bridge0: port 2(bridge_slave_1) entered blocking state [ 201.161486][T10108] bridge0: port 2(bridge_slave_1) entered forwarding state [ 201.188573][ T5833] Bluetooth: hci4: command tx timeout [ 201.191225][T13785] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 201.207793][T13785] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 201.279423][ T8319] hsr_slave_0: left promiscuous mode [ 201.285449][ T8319] hsr_slave_1: left promiscuous mode [ 201.294766][ T8319] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 201.304471][ T8319] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 201.312971][ T8319] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 201.321160][ T8319] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 201.331293][ T8319] veth1_macvtap: left promiscuous mode [ 201.336989][ T8319] veth0_macvtap: left promiscuous mode [ 201.343218][ T8319] veth1_vlan: left promiscuous mode [ 201.348846][ T8319] veth0_vlan: left promiscuous mode [ 201.495976][ T8319] team0 (unregistering): Port device team_slave_1 removed [ 201.509488][ T8319] team0 (unregistering): Port device team_slave_0 removed [ 201.570859][T13914] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 201.597099][ T2970] net_ratelimit: 7 callbacks suppressed [ 201.597123][ T2970] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 201.655478][T13927] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2481'. [ 201.658587][T13914] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 201.665359][T13927] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2481'. [ 201.692645][T13927] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2481'. [ 201.704246][T13927] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2481'. [ 201.710198][T13785] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 201.730018][T13914] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 201.761448][T13837] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 201.781483][T13837] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 201.792376][T13837] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 201.802505][T13837] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 201.814150][T13914] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 201.870864][T10108] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 201.882635][T13785] veth0_vlan: entered promiscuous mode [ 201.905541][T13914] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.925810][T13914] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.950316][T13914] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.960972][T13785] veth1_vlan: entered promiscuous mode [ 201.984306][T13914] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 202.018190][T10105] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 202.055801][T13837] 8021q: adding VLAN 0 to HW filter on device bond0 [ 202.067477][ T5833] Bluetooth: hci2: command tx timeout [ 202.068348][T13785] veth0_macvtap: entered promiscuous mode [ 202.085637][T13785] veth1_macvtap: entered promiscuous mode [ 202.108716][T13837] 8021q: adding VLAN 0 to HW filter on device team0 [ 202.123681][ T8319] bridge0: port 1(bridge_slave_0) entered blocking state [ 202.131034][ T8319] bridge0: port 1(bridge_slave_0) entered forwarding state [ 202.140033][T10108] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 202.153680][T13785] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 202.154990][T13944] netlink: 256 bytes leftover after parsing attributes in process `syz.2.2487'. [ 202.169497][T12097] bridge0: port 2(bridge_slave_1) entered blocking state [ 202.177851][T12097] bridge0: port 2(bridge_slave_1) entered forwarding state [ 202.191810][T13785] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 202.221444][T13785] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 202.231493][T13785] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 202.241967][T13785] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 202.252054][T13785] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 202.294061][T13948] veth0_to_hsr: mtu less than device minimum [ 202.300595][T10085] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 202.417032][ T8319] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 202.431735][T10108] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 202.447657][T10108] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 202.511930][T13959] vlan1: entered allmulticast mode [ 202.520478][T13959] bridge_slave_0: entered allmulticast mode [ 202.528878][T13959] bridge_slave_0: left allmulticast mode [ 202.557054][ T2970] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 202.586482][T12097] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 202.600297][T12097] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 202.625902][T13837] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 202.688263][T12097] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 202.817780][T12097] bond1: (slave ip6gretap1): failed to get link speed/duplex [ 203.028413][T13837] veth0_vlan: entered promiscuous mode [ 203.050579][T13837] veth1_vlan: entered promiscuous mode [ 203.097978][T13837] veth0_macvtap: entered promiscuous mode [ 203.128143][T13837] veth1_macvtap: entered promiscuous mode [ 203.166205][T13837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 203.178862][T13837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 203.190998][T13837] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 203.211663][T13837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 203.223877][T13837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 203.239035][T13837] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 203.253197][T13837] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 203.263661][T13837] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 203.275328][T13837] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 203.286743][ T5833] Bluetooth: hci4: command tx timeout [ 203.288739][T13837] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 203.305682][T14016] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2508'. [ 203.360232][T14018] ipt_rpfilter: unknown options [ 203.373357][T12097] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 203.394563][T12097] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 203.414501][T14020] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported [ 203.423582][T12097] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 203.431846][T12097] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 203.475504][T14022] ieee802154 phy0 wpan0: encryption failed: -22 [ 203.860996][ T2970] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 204.591398][T14045] netlink: 'syz.2.2519': attribute type 1 has an invalid length. [ 204.631371][T14046] netlink: 'syz.2.2519': attribute type 1 has an invalid length. [ 204.794084][ T5839] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 204.801621][ T5839] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 204.810878][ T5839] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 204.819133][ T5839] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 204.819423][ T2970] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 204.827313][ T5839] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 204.844698][ T5839] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 204.982208][ T2970] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 205.002978][T14051] chnl_net:caif_netlink_parms(): no params data found [ 205.054093][ T2970] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 205.068071][T14051] bridge0: port 1(bridge_slave_0) entered blocking state [ 205.075336][T14051] bridge0: port 1(bridge_slave_0) entered disabled state [ 205.082873][T14051] bridge_slave_0: entered allmulticast mode [ 205.090254][T14051] bridge_slave_0: entered promiscuous mode [ 205.098866][T14051] bridge0: port 2(bridge_slave_1) entered blocking state [ 205.107494][T14051] bridge0: port 2(bridge_slave_1) entered disabled state [ 205.114755][T14051] bridge_slave_1: entered allmulticast mode [ 205.122207][T14051] bridge_slave_1: entered promiscuous mode [ 205.143715][T14051] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 205.155371][T14051] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 205.237334][T14051] team0: Port device team_slave_0 added [ 205.253879][T14066] tipc: Failed to remove unknown binding: 66,1,1/0:1666624724/1666624726 [ 205.262796][T14066] tipc: Failed to remove unknown binding: 66,1,1/0:1666624724/1666624726 [ 205.269240][T14051] team0: Port device team_slave_1 added [ 205.365465][ T2970] bridge_slave_1: left allmulticast mode [ 205.379385][ T2970] bridge_slave_1: left promiscuous mode [ 205.385244][ T2970] bridge0: port 2(bridge_slave_1) entered disabled state [ 205.418187][ T2970] bridge_slave_0: left allmulticast mode [ 205.423908][ T2970] bridge_slave_0: left promiscuous mode [ 205.437368][ T2970] bridge0: port 1(bridge_slave_0) entered disabled state [ 205.508509][ T5833] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 205.516189][ T5833] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 205.524865][ T5833] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 205.532755][ T5833] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 205.540661][ T5833] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 205.545258][T14051] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 205.548475][ T5833] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 205.569000][T14051] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 205.596003][T14051] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 205.606068][T14085] xt_CT: You must specify a L4 protocol and not use inversions on it [ 205.608724][T14051] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 205.621831][T14051] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 205.648566][T14051] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 205.654235][T14085] netlink: 'syz.3.2529': attribute type 1 has an invalid length. [ 205.772059][ T2970] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 205.789325][ T2970] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 205.800159][ T2970] bond0 (unregistering): Released all slaves [ 205.858101][T14100] sctp: [Deprecated]: syz.1.2534 (pid 14100) Use of int in maxseg socket option. [ 205.858101][T14100] Use struct sctp_assoc_value instead [ 205.863467][T14086] 8021q: adding VLAN 0 to HW filter on device bond8 [ 205.884774][T14086] bond7: (slave bond8): making interface the new active one [ 205.893234][T14086] bond7: (slave bond8): Enslaving as an active interface with an up link [ 205.980493][T14051] hsr_slave_0: entered promiscuous mode [ 205.998515][T14051] hsr_slave_1: entered promiscuous mode [ 206.027899][T14051] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 206.046728][T14051] Cannot create hsr debugfs directory [ 206.866930][ T5839] Bluetooth: hci2: command tx timeout [ 207.597111][ T5839] Bluetooth: hci4: command tx timeout [ 208.946909][ T5839] Bluetooth: hci2: command tx timeout [ 209.666963][ T5839] Bluetooth: hci4: command tx timeout [ 211.027037][ T5839] Bluetooth: hci2: command tx timeout [ 211.747056][ T5839] Bluetooth: hci4: command tx timeout [ 213.106910][ T5839] Bluetooth: hci2: command tx timeout [ 213.827698][ T5839] Bluetooth: hci4: command tx timeout [ 221.473688][ T5833] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 221.477115][ T5146] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 221.484481][ T5833] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 221.489121][ T5146] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 221.495098][ T5833] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 221.505904][ T5146] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 221.510471][ T5833] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 221.521389][ T5146] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 221.523936][ T5833] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 221.531165][ T5146] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 221.544919][ T5833] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 221.548799][ T5146] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 222.433302][ T5843] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 222.440762][ T5843] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 222.448898][ T5843] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 222.457065][ T5843] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 222.464625][ T5843] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 222.472408][ T5843] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 223.587244][ T5843] Bluetooth: hci6: command tx timeout [ 223.591449][ T5146] Bluetooth: hci5: command tx timeout [ 224.546878][ T5146] Bluetooth: hci7: command tx timeout [ 225.666980][ T5146] Bluetooth: hci6: command tx timeout [ 225.667009][ T5843] Bluetooth: hci5: command tx timeout [ 226.626827][ T5843] Bluetooth: hci7: command tx timeout [ 227.746930][ T5843] Bluetooth: hci5: command tx timeout [ 227.750303][ T5146] Bluetooth: hci6: command tx timeout [ 228.706987][ T5146] Bluetooth: hci7: command tx timeout [ 229.826839][ T5146] Bluetooth: hci5: command tx timeout [ 229.837452][ T5146] Bluetooth: hci6: command tx timeout [ 230.786887][ T5146] Bluetooth: hci7: command tx timeout [ 256.158977][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 266.144411][ T5843] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 266.152174][ T5843] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 266.159584][ T5843] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 266.167436][ T5843] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 266.175055][ T5843] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 266.182770][ T5843] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 266.657103][ T5146] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 266.664463][ T5146] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 266.672599][ T5146] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 266.680887][ T5146] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 266.688740][ T5146] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 266.696072][ T5146] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 268.227547][ T5146] Bluetooth: hci8: command tx timeout [ 268.706969][ T5146] Bluetooth: hci9: command tx timeout [ 270.306942][ T5146] Bluetooth: hci8: command tx timeout [ 270.786998][ T5146] Bluetooth: hci9: command tx timeout [ 272.387119][ T5146] Bluetooth: hci8: command tx timeout [ 272.867390][ T5146] Bluetooth: hci9: command tx timeout [ 274.466915][ T5146] Bluetooth: hci8: command tx timeout [ 274.946808][ T5146] Bluetooth: hci9: command tx timeout [ 281.549577][ T5843] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 281.551826][ T5833] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 281.560493][ T5843] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 281.564254][ T5833] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 281.572063][ T5843] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 281.578780][ T5833] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 281.590321][ T5843] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 281.593872][ T5833] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 281.604176][ T5843] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 281.608300][ T5833] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3 [ 281.614605][ T5843] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 281.621954][ T5833] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 282.982769][ T5833] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 282.990434][ T5833] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 282.998224][ T5833] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 283.006309][ T5833] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 283.015934][ T5833] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3 [ 283.023834][ T5833] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 283.666899][ T5833] Bluetooth: hci10: command tx timeout [ 283.669382][ T5839] Bluetooth: hci11: command tx timeout [ 285.116842][ T5839] Bluetooth: hci12: command tx timeout [ 285.746984][ T5839] Bluetooth: hci10: command tx timeout [ 285.750549][ T5833] Bluetooth: hci11: command tx timeout [ 287.186817][ T5833] Bluetooth: hci12: command tx timeout [ 287.827047][ T5833] Bluetooth: hci10: command tx timeout [ 287.827093][ T5839] Bluetooth: hci11: command tx timeout [ 289.266859][ T5839] Bluetooth: hci12: command tx timeout [ 289.907146][ T5839] Bluetooth: hci10: command tx timeout [ 289.907150][ T5833] Bluetooth: hci11: command tx timeout [ 291.346929][ T5833] Bluetooth: hci12: command tx timeout [ 317.587663][ C1] net_ratelimit: 19 callbacks suppressed [ 317.587687][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 317.594433][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 327.346437][ T5839] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 327.354651][ T5839] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 327.362297][ T5839] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 327.370325][ T5839] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 327.378093][ T5839] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3 [ 327.385546][ T5839] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 328.959521][ T54] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 328.967008][ T54] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 328.974616][ T54] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 328.982544][ T54] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 328.990698][ T54] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3 [ 328.998643][ T54] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 329.427050][ T5843] Bluetooth: hci13: command tx timeout [ 329.907315][ T5843] Bluetooth: hci1: command 0x0406 tx timeout [ 329.907603][ T54] Bluetooth: hci2: command 0x0406 tx timeout [ 329.913895][ T5844] Bluetooth: hci4: command 0x0406 tx timeout [ 331.027048][ T5833] Bluetooth: hci14: command tx timeout [ 331.506813][ T5833] Bluetooth: hci13: command tx timeout [ 333.106800][ T5833] Bluetooth: hci14: command tx timeout [ 333.586971][ T5833] Bluetooth: hci13: command tx timeout [ 335.186887][ T5833] Bluetooth: hci14: command tx timeout [ 335.666860][ T5833] Bluetooth: hci13: command tx timeout [ 337.266940][ T5833] Bluetooth: hci14: command tx timeout [ 342.129404][ T5839] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 342.140505][ T5839] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 342.146435][ T5843] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1 [ 342.148639][ T5839] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 342.155110][ T5843] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9 [ 342.166117][ T5839] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 342.170070][ T5843] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9 [ 342.180472][ T5839] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3 [ 342.184333][ T5843] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4 [ 342.190711][ T5839] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2 [ 342.198464][ T5843] Bluetooth: hci16: unexpected cc 0x0c25 length: 249 > 3 [ 342.213139][ T5843] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2 [ 343.097188][ T54] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1 [ 343.104633][ T54] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9 [ 343.113030][ T54] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9 [ 343.122896][ T54] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4 [ 343.130849][ T54] Bluetooth: hci17: unexpected cc 0x0c25 length: 249 > 3 [ 343.138689][ T54] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2 [ 344.226914][ T5146] Bluetooth: hci16: command tx timeout [ 344.227060][ T54] Bluetooth: hci15: command tx timeout [ 345.186797][ T54] Bluetooth: hci17: command tx timeout [ 345.267836][ T5839] Bluetooth: hci7: command 0x0406 tx timeout [ 345.270247][ T54] Bluetooth: hci6: command 0x0406 tx timeout [ 345.274406][ T5839] Bluetooth: hci5: command 0x0406 tx timeout [ 346.306953][ T5843] Bluetooth: hci16: command tx timeout [ 346.307088][ T5839] Bluetooth: hci15: command tx timeout [ 347.266950][ T5839] Bluetooth: hci17: command tx timeout [ 348.387089][ T5839] Bluetooth: hci16: command tx timeout [ 348.390413][ T5843] Bluetooth: hci15: command tx timeout [ 349.347053][ T5843] Bluetooth: hci17: command tx timeout [ 350.466918][ T5843] Bluetooth: hci15: command tx timeout [ 350.466949][ T5839] Bluetooth: hci16: command tx timeout [ 351.426950][ T5839] Bluetooth: hci17: command tx timeout [ 357.266888][ T30] INFO: task kworker/u8:9:2970 blocked for more than 143 seconds. [ 357.274896][ T30] Not tainted 6.13.0-syzkaller-04058-g05d91cdb1f91 #0 [ 357.282800][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 357.291625][ T30] task:kworker/u8:9 state:D stack:21136 pid:2970 tgid:2970 ppid:2 flags:0x00004000 [ 357.302361][ T30] Workqueue: netns cleanup_net [ 357.307410][ T30] Call Trace: [ 357.310740][ T30] SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 357.313701][ T30] __schedule+0x186c/0x4be0 [ 357.318332][ T30] ? schedule+0x90/0x320 [ 357.322827][ T30] ? schedule+0x90/0x320 [ 357.327383][ T30] ? __pfx___schedule+0x10/0x10 [ 357.332301][ T30] ? __pfx_lock_release+0x10/0x10 [ 357.337803][ T30] ? rcu_is_watching+0x15/0xb0 [ 357.342626][ T30] ? kthread_data+0x52/0xd0 [ 357.347616][ T30] ? schedule+0x90/0x320 [ 357.351921][ T30] ? wq_worker_sleeping+0x66/0x240 [ 357.357866][ T30] ? schedule+0x90/0x320 [ 357.386761][ T30] schedule+0x14b/0x320 [ 357.396745][ T30] schedule_preempt_disabled+0x13/0x30 [ 357.402366][ T30] __mutex_lock+0x817/0x1010 [ 357.411205][ T30] ? __mutex_lock+0x602/0x1010 [ 357.416038][ T30] ? unregister_netdevice_many_notify+0x1c2c/0x2030 [ 357.422800][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 357.428085][ T30] ? __pfx___might_resched+0x10/0x10 [ 357.433451][ T30] ? __pfx_device_del+0x10/0x10 [ 357.438492][ T30] unregister_netdevice_many_notify+0x1c2c/0x2030 [ 357.444972][ T30] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 357.451850][ T30] ? rcu_is_watching+0x15/0xb0 [ 357.456721][ T30] ? __pfx_lock_release+0x10/0x10 [ 357.462037][ T30] unregister_netdevice_queue+0x303/0x370 [ 357.467850][ T30] ? __pfx_up_write+0x10/0x10 [ 357.472668][ T30] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 357.478993][ T30] ? kernfs_remove_by_name_ns+0x11b/0x160 [ 357.484757][ T30] _cfg80211_unregister_wdev+0x163/0x590 [ 357.490488][ T30] ieee80211_remove_interfaces+0x4ef/0x700 [ 357.496425][ T30] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 357.502855][ T30] ? rcu_is_watching+0x15/0xb0 [ 357.507712][ T30] ieee80211_unregister_hw+0x5d/0x2c0 [ 357.513140][ T30] mac80211_hwsim_del_radio+0x2c4/0x4c0 [ 357.518790][ T30] ? __pfx_mac80211_hwsim_del_radio+0x10/0x10 [ 357.524897][ T30] hwsim_exit_net+0x5c1/0x670 [ 357.529681][ T30] ? __pfx_hwsim_exit_net+0x10/0x10 [ 357.534930][ T30] ? __ip_vs_dev_cleanup_batch+0x239/0x260 [ 357.540938][ T30] cleanup_net+0x812/0xd60 [ 357.545391][ T30] ? __pfx_cleanup_net+0x10/0x10 [ 357.550582][ T30] ? rcu_is_watching+0x15/0xb0 [ 357.555401][ T30] ? process_scheduled_works+0x976/0x1840 [ 357.561471][ T30] process_scheduled_works+0xa66/0x1840 [ 357.567166][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 357.573334][ T30] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 357.578985][ T30] ? assign_work+0x364/0x3d0 [ 357.583616][ T30] worker_thread+0x870/0xd30 [ 357.588560][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 357.594509][ T30] ? __kthread_parkme+0x169/0x1d0 [ 357.599635][ T30] ? __pfx_worker_thread+0x10/0x10 [ 357.604800][ T30] kthread+0x7a9/0x920 [ 357.608975][ T30] ? __pfx_kthread+0x10/0x10 [ 357.613740][ T30] ? __pfx_worker_thread+0x10/0x10 [ 357.618952][ T30] ? __pfx_kthread+0x10/0x10 [ 357.623890][ T30] ? __pfx_kthread+0x10/0x10 [ 357.628618][ T30] ? __pfx_kthread+0x10/0x10 [ 357.633258][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 357.638563][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 357.643795][ T30] ? __pfx_kthread+0x10/0x10 [ 357.648475][ T30] ret_from_fork+0x4b/0x80 [ 357.652919][ T30] ? __pfx_kthread+0x10/0x10 [ 357.657672][ T30] ret_from_fork_asm+0x1a/0x30 [ 357.662473][ T30] [ 357.665775][ T30] INFO: task kworker/u8:15:8319 blocked for more than 143 seconds. [ 357.673821][ T30] Not tainted 6.13.0-syzkaller-04058-g05d91cdb1f91 #0 [ 357.681169][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 357.690000][ T30] task:kworker/u8:15 state:D stack:20336 pid:8319 tgid:8319 ppid:2 flags:0x00004000 [ 357.700273][ T30] Workqueue: events_unbound linkwatch_event [ 357.706185][ T30] Call Trace: [ 357.709539][ T30] [ 357.712487][ T30] __schedule+0x186c/0x4be0 [ 357.717073][ T30] ? schedule+0x90/0x320 [ 357.721359][ T30] ? schedule+0x90/0x320 [ 357.725631][ T30] ? __pfx___schedule+0x10/0x10 [ 357.730565][ T30] ? __pfx_lock_release+0x10/0x10 [ 357.735622][ T30] ? rcu_is_watching+0x15/0xb0 [ 357.740534][ T30] ? kthread_data+0x52/0xd0 [ 357.745141][ T30] ? schedule+0x90/0x320 [ 357.749636][ T30] ? wq_worker_sleeping+0x66/0x240 [ 357.754816][ T30] ? schedule+0x90/0x320 [ 357.759178][ T30] schedule+0x14b/0x320 [ 357.763368][ T30] schedule_preempt_disabled+0x13/0x30 [ 357.769322][ T30] __mutex_lock+0x817/0x1010 [ 357.774008][ T30] ? __mutex_lock+0x602/0x1010 [ 357.778858][ T30] ? linkwatch_event+0xe/0x60 [ 357.783567][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 357.788813][ T30] ? __pfx_debug_object_deactivate+0x10/0x10 [ 357.794947][ T30] ? rcu_is_watching+0x15/0xb0 [ 357.799809][ T30] ? process_scheduled_works+0x976/0x1840 [ 357.805603][ T30] linkwatch_event+0xe/0x60 [ 357.810229][ T30] process_scheduled_works+0xa66/0x1840 [ 357.816040][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 357.822123][ T30] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 357.827801][ T30] ? assign_work+0x364/0x3d0 [ 357.832461][ T30] worker_thread+0x870/0xd30 [ 357.837169][ T30] ? __kthread_parkme+0x169/0x1d0 [ 357.842240][ T30] ? __pfx_worker_thread+0x10/0x10 [ 357.847457][ T30] kthread+0x7a9/0x920 [ 357.851658][ T30] ? __pfx_worker_thread+0x10/0x10 [ 357.856861][ T30] ? __pfx_kthread+0x10/0x10 [ 357.861585][ T30] ? __pfx_kthread+0x10/0x10 [ 357.866304][ T30] ? rcu_is_watching+0x15/0xb0 [ 357.871796][ T30] ? __pfx_kthread+0x10/0x10 [ 357.876434][ T30] ? __pfx_kthread+0x10/0x10 [ 357.881190][ T30] ret_from_fork+0x4b/0x80 [ 357.885637][ T30] ? __pfx_kthread+0x10/0x10 [ 357.890288][ T30] ret_from_fork_asm+0x1a/0x30 [ 357.895091][ T30] [ 357.898223][ T30] INFO: task syz-executor:14051 blocked for more than 143 seconds. [ 357.906130][ T30] Not tainted 6.13.0-syzkaller-04058-g05d91cdb1f91 #0 [ 357.913647][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 357.922395][ T30] task:syz-executor state:D stack:22128 pid:14051 tgid:14051 ppid:1 flags:0x00000004 [ 357.932637][ T30] Call Trace: [ 357.935935][ T30] [ 357.938929][ T30] __schedule+0x186c/0x4be0 [ 357.943566][ T30] ? schedule+0x90/0x320 [ 357.948001][ T30] ? schedule+0x90/0x320 [ 357.952286][ T30] ? __pfx___schedule+0x10/0x10 [ 357.957203][ T30] ? __pfx_lock_release+0x10/0x10 [ 357.962346][ T30] ? rcu_is_watching+0x15/0xb0 [ 357.967254][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 357.973693][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 357.980760][ T30] ? schedule+0x90/0x320 [ 357.985054][ T30] schedule+0x14b/0x320 [ 357.989482][ T30] schedule_preempt_disabled+0x13/0x30 [ 357.995018][ T30] __mutex_lock+0x817/0x1010 [ 357.999761][ T30] ? __mutex_lock+0x602/0x1010 [ 358.004599][ T30] ? rtnl_newlink+0xce2/0x2210 [ 358.009480][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 358.014563][ T30] ? ns_capable+0x8a/0xf0 [ 358.018979][ T30] ? rtnl_link_get_net_capable+0x168/0x340 [ 358.024970][ T30] rtnl_newlink+0xce2/0x2210 [ 358.029718][ T30] ? __pfx_rtnl_newlink+0x10/0x10 [ 358.034785][ T30] ? page_ext_get+0x20/0x2a0 [ 358.039439][ T30] ? rcu_read_lock_held+0xa/0x50 [ 358.044406][ T30] ? rcu_is_watching+0x15/0xb0 [ 358.049276][ T30] ? lock_release+0xbf/0xa30 [ 358.053935][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 358.059115][ T30] ? deref_stack_reg+0x17c/0x210 [ 358.064087][ T30] ? __pfx_lock_release+0x10/0x10 [ 358.069318][ T30] ? stack_trace_save+0x118/0x1d0 [ 358.074721][ T30] ? unwind_next_frame+0x18e6/0x22d0 [ 358.080167][ T30] ? deref_stack_reg+0x17c/0x210 [ 358.085160][ T30] ? preempt_count_add+0x93/0x190 [ 358.090326][ T30] ? 0xffffffffa000095c [ 358.094522][ T30] ? is_bpf_text_address+0x285/0x2a0 [ 358.100010][ T30] ? is_bpf_text_address+0x26/0x2a0 [ 358.105556][ T30] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 358.111898][ T30] ? kernel_text_address+0xa7/0xe0 [ 358.117236][ T30] ? __kernel_text_address+0xd/0x40 [ 358.122467][ T30] ? unwind_get_return_address+0x4d/0x90 [ 358.128222][ T30] ? rcu_is_watching+0x15/0xb0 [ 358.133196][ T30] ? lock_release+0xbf/0xa30 [ 358.137862][ T30] ? __pfx_lock_release+0x10/0x10 [ 358.143047][ T30] ? bpf_lsm_capable+0x9/0x10 [ 358.148061][ T30] ? security_capable+0x7e/0x2d0 [ 358.153134][ T30] ? __pfx_rtnl_newlink+0x10/0x10 [ 358.158234][ T30] rtnetlink_rcv_msg+0x791/0xcf0 [ 358.163208][ T30] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 358.168436][ T30] ? lock_release+0xbf/0xa30 [ 358.173091][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 358.178929][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 358.184016][ T30] ? rcu_is_watching+0x15/0xb0 [ 358.188954][ T30] ? lock_acquire+0xe3/0x550 [ 358.193660][ T30] netlink_rcv_skb+0x1e3/0x430 [ 358.198520][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 358.204020][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 358.209527][ T30] ? net_generic+0x1f/0x240 [ 358.214086][ T30] ? netlink_deliver_tap+0x2e/0x1b0 [ 358.219389][ T30] netlink_unicast+0x7f6/0x990 [ 358.224271][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 358.229764][ T30] ? __virt_addr_valid+0x45f/0x530 [ 358.234942][ T30] ? __phys_addr_symbol+0x2f/0x70 [ 358.240061][ T30] ? __check_object_size+0x47a/0x730 [ 358.245486][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 358.250367][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 358.255952][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 358.261162][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 358.266571][ T30] __sock_sendmsg+0x221/0x270 [ 358.271289][ T30] __sys_sendto+0x363/0x4c0 [ 358.275815][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 358.281324][ T30] ? __phys_addr+0xba/0x170 [ 358.285899][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 358.292550][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 358.299055][ T30] ? rcu_is_watching+0x15/0xb0 [ 358.303887][ T30] __x64_sys_sendto+0xde/0x100 [ 358.309024][ T30] do_syscall_64+0xf3/0x230 [ 358.313591][ T30] ? clear_bhb_loop+0x35/0x90 [ 358.318481][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 358.324455][ T30] RIP: 0033:0x7f8fdb18ebbc [ 358.328932][ T30] RSP: 002b:00007ffd0d967f30 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 358.337531][ T30] RAX: ffffffffffffffda RBX: 00007f8fdbed4620 RCX: 00007f8fdb18ebbc [ 358.347912][ T30] RDX: 0000000000000054 RSI: 00007f8fdbed4670 RDI: 0000000000000003 [ 358.356034][ T30] RBP: 0000000000000000 R08: 00007ffd0d967f84 R09: 000000000000000c [ 358.364119][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 358.372240][ T30] R13: 0000000000000000 R14: 00007f8fdbed4670 R15: 0000000000000000 [ 358.380657][ T30] [ 358.383754][ T30] INFO: task syz-executor:14081 blocked for more than 144 seconds. [ 358.391996][ T30] Not tainted 6.13.0-syzkaller-04058-g05d91cdb1f91 #0 [ 358.399700][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 358.408813][ T30] task:syz-executor state:D stack:25488 pid:14081 tgid:14081 ppid:1 flags:0x00004006 [ 358.419248][ T30] Call Trace: [ 358.422570][ T30] [ 358.425523][ T30] __schedule+0x186c/0x4be0 [ 358.430268][ T30] ? schedule+0x90/0x320 [ 358.434556][ T30] ? schedule+0x90/0x320 [ 358.439345][ T30] ? __pfx___schedule+0x10/0x10 [ 358.444269][ T30] ? __pfx_lock_release+0x10/0x10 [ 358.449463][ T30] ? rcu_is_watching+0x15/0xb0 [ 358.454289][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 358.460322][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 358.466947][ T30] ? schedule+0x90/0x320 [ 358.471239][ T30] schedule+0x14b/0x320 [ 358.475478][ T30] schedule_preempt_disabled+0x13/0x30 [ 358.481143][ T30] __mutex_lock+0x817/0x1010 [ 358.486970][ T30] ? __mutex_lock+0x602/0x1010 [ 358.491918][ T30] ? ip_tunnel_init_net+0x20e/0x720 [ 358.497300][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 358.502369][ T30] ? read_word_at_a_time+0xe/0x20 [ 358.507560][ T30] ? sized_strscpy+0x9a/0x2b0 [ 358.512272][ T30] ip_tunnel_init_net+0x20e/0x720 [ 358.517405][ T30] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 358.523012][ T30] ? rcu_is_watching+0x15/0xb0 [ 358.527883][ T30] ? trace_kmalloc+0x1f/0xd0 [ 358.532621][ T30] ? __kmalloc_noprof+0x2a5/0x4c0 [ 358.537828][ T30] ? ops_init+0x75/0x590 [ 358.542294][ T30] ops_init+0x31e/0x590 [ 358.546633][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 358.552110][ T30] setup_net+0x287/0x9e0 [ 358.556401][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 358.563012][ T30] ? __pfx_setup_net+0x10/0x10 [ 358.567973][ T30] copy_net_ns+0x33f/0x570 [ 358.572434][ T30] create_new_namespaces+0x425/0x7b0 [ 358.577812][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 358.583639][ T30] ksys_unshare+0x57d/0xa70 [ 358.588684][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 358.593870][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 358.600320][ T30] ? rcu_is_watching+0x15/0xb0 [ 358.605179][ T30] __x64_sys_unshare+0x38/0x40 [ 358.610515][ T30] do_syscall_64+0xf3/0x230 [ 358.615141][ T30] ? clear_bhb_loop+0x35/0x90 [ 358.619917][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 358.625849][ T30] RIP: 0033:0x7f893ff8e527 [ 358.630430][ T30] RSP: 002b:00007fff3f4282d8 EFLAGS: 00000202 ORIG_RAX: 0000000000000110 [ 358.638943][ T30] RAX: ffffffffffffffda RBX: 00007f89401a5f40 RCX: 00007f893ff8e527 [ 358.647112][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 [ 358.655147][ T30] RBP: 00007f89401a6738 R08: 0000000000000000 R09: 0000000000000000 [ 358.663260][ T30] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000008 [ 358.671358][ T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 358.679803][ T30] [ 358.682868][ T30] INFO: task syz.2.2538:14112 blocked for more than 144 seconds. [ 358.690968][ T30] Not tainted 6.13.0-syzkaller-04058-g05d91cdb1f91 #0 [ 358.698549][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 358.707396][ T30] task:syz.2.2538 state:D stack:24240 pid:14112 tgid:14111 ppid:5831 flags:0x00004004 [ 358.717753][ T30] Call Trace: [ 358.721113][ T30] [ 358.724077][ T30] __schedule+0x186c/0x4be0 [ 358.728864][ T30] ? schedule+0x90/0x320 [ 358.733151][ T30] ? schedule+0x90/0x320 [ 358.737508][ T30] ? __pfx___schedule+0x10/0x10 [ 358.742404][ T30] ? __pfx_lock_release+0x10/0x10 [ 358.747586][ T30] ? rcu_is_watching+0x15/0xb0 [ 358.752390][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 358.758483][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 358.764902][ T30] ? schedule+0x90/0x320 [ 358.769286][ T30] schedule+0x14b/0x320 [ 358.773492][ T30] schedule_preempt_disabled+0x13/0x30 [ 358.779047][ T30] __mutex_lock+0x817/0x1010 [ 358.783695][ T30] ? __mutex_lock+0x602/0x1010 [ 358.789066][ T30] ? reg_process_self_managed_hints+0xb9/0x1c0 [ 358.795836][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 358.801087][ T30] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 358.807280][ T30] reg_process_self_managed_hints+0xb9/0x1c0 [ 358.813658][ T30] wiphy_register+0x1be5/0x27b0 [ 358.818748][ T30] ? __pfx_wiphy_register+0x10/0x10 [ 358.823996][ T30] ? minstrel_ht_alloc+0x72b/0x860 [ 358.829253][ T30] ? ieee80211_init_rate_ctrl_alg+0x5a2/0x620 [ 358.835918][ T30] ieee80211_register_hw+0x354e/0x4240 [ 358.841659][ T30] ? ieee80211_register_hw+0x1681/0x4240 [ 358.847376][ T30] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 358.853577][ T30] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 358.859494][ T30] ? __asan_memset+0x23/0x50 [ 358.864120][ T30] ? __hrtimer_init+0x170/0x250 [ 358.869406][ T30] mac80211_hwsim_new_radio+0x2a9f/0x4a90 [ 358.875386][ T30] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 358.881557][ T30] ? kstrndup+0x5c/0xb0 [ 358.885746][ T30] ? __asan_memcpy+0x40/0x70 [ 358.890423][ T30] hwsim_new_radio_nl+0xece/0x2290 [ 358.895914][ T30] ? __pfx___nla_validate_parse+0x10/0x10 [ 358.902001][ T30] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 358.907666][ T30] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 358.914052][ T30] genl_rcv_msg+0xb14/0xec0 [ 358.918656][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 358.923715][ T30] ? stack_trace_save+0x118/0x1d0 [ 358.928817][ T30] ? __pfx_stack_trace_save+0x10/0x10 [ 358.934217][ T30] ? stack_depot_save_flags+0x37/0x940 [ 358.939758][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 358.944902][ T30] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 358.950594][ T30] ? __pfx___might_resched+0x10/0x10 [ 358.955919][ T30] ? rcu_is_watching+0x15/0xb0 [ 358.960783][ T30] ? lock_acquire+0xe3/0x550 [ 358.965417][ T30] netlink_rcv_skb+0x1e3/0x430 [ 358.970419][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 358.975597][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 358.981199][ T30] ? lock_release+0xbf/0xa30 [ 358.985850][ T30] ? __pfx___netlink_lookup+0x10/0x10 [ 358.991328][ T30] ? net_generic+0x1f/0x240 [ 358.996204][ T30] genl_rcv+0x28/0x40 [ 359.000393][ T30] netlink_unicast+0x7f6/0x990 [ 359.005206][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 359.010666][ T30] ? __virt_addr_valid+0x45f/0x530 [ 359.016013][ T30] ? __phys_addr_symbol+0x2f/0x70 [ 359.022286][ T30] ? __check_object_size+0x47a/0x730 [ 359.027843][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 359.032633][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 359.038061][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 359.043137][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 359.048505][ T30] __sock_sendmsg+0x221/0x270 [ 359.053223][ T30] ____sys_sendmsg+0x52a/0x7e0 [ 359.058072][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 359.063398][ T30] ? __fget_files+0x2a/0x410 [ 359.068120][ T30] ? __fget_files+0x2a/0x410 [ 359.072864][ T30] __sys_sendmsg+0x269/0x350 [ 359.077602][ T30] ? __pfx_futex_wake+0x10/0x10 [ 359.082498][ T30] ? __pfx___sys_sendmsg+0x10/0x10 [ 359.087800][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 359.094193][ T30] ? rcu_is_watching+0x15/0xb0 [ 359.099525][ T30] ? rcu_is_watching+0x15/0xb0 [ 359.104362][ T30] do_syscall_64+0xf3/0x230 [ 359.108953][ T30] ? clear_bhb_loop+0x35/0x90 [ 359.113673][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 359.119742][ T30] RIP: 0033:0x7fb541d8cd29 [ 359.124183][ T30] RSP: 002b:00007fb542c1c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 359.132945][ T30] RAX: ffffffffffffffda RBX: 00007fb541fa5fa0 RCX: 00007fb541d8cd29 [ 359.141533][ T30] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000004 [ 359.149685][ T30] RBP: 00007fb541e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 359.157838][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 359.165923][ T30] R13: 0000000000000000 R14: 00007fb541fa5fa0 R15: 00007fff2cad96b8 [ 359.174034][ T30] [ 359.177414][ T30] INFO: task syz.3.2540:14116 blocked for more than 145 seconds. [ 359.185189][ T30] Not tainted 6.13.0-syzkaller-04058-g05d91cdb1f91 #0 [ 359.192771][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 359.201839][ T30] task:syz.3.2540 state:D stack:25808 pid:14116 tgid:14115 ppid:5835 flags:0x00000004 [ 359.212258][ T30] Call Trace: [ 359.215601][ T30] [ 359.218617][ T30] __schedule+0x186c/0x4be0 [ 359.223177][ T30] ? schedule+0x90/0x320 [ 359.227583][ T30] ? schedule+0x90/0x320 [ 359.231889][ T30] ? __pfx___schedule+0x10/0x10 [ 359.236854][ T30] ? __pfx_lock_release+0x10/0x10 [ 359.241911][ T30] ? rcu_is_watching+0x15/0xb0 [ 359.246774][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 359.252720][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 359.259126][ T30] ? schedule+0x90/0x320 [ 359.263401][ T30] schedule+0x14b/0x320 [ 359.267649][ T30] schedule_preempt_disabled+0x13/0x30 [ 359.273169][ T30] __mutex_lock+0x817/0x1010 [ 359.277863][ T30] ? __mutex_lock+0x602/0x1010 [ 359.282670][ T30] ? __tun_chr_ioctl+0x48c/0x2400 [ 359.287791][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 359.293052][ T30] ? __might_fault+0xaa/0x120 [ 359.297852][ T30] __tun_chr_ioctl+0x48c/0x2400 [ 359.303234][ T30] ? __pfx___tun_chr_ioctl+0x10/0x10 [ 359.308880][ T30] ? __pfx_tun_chr_ioctl+0x10/0x10 [ 359.314061][ T30] __se_sys_ioctl+0xf5/0x170 [ 359.318860][ T30] do_syscall_64+0xf3/0x230 [ 359.323594][ T30] ? clear_bhb_loop+0x35/0x90 [ 359.328547][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 359.335140][ T30] RIP: 0033:0x7f305b58cd29 [ 359.339696][ T30] RSP: 002b:00007f305c462038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 359.348254][ T30] RAX: ffffffffffffffda RBX: 00007f305b7a5fa0 RCX: 00007f305b58cd29 [ 359.356236][ T30] RDX: 0000000020000080 RSI: 00000000400454ca RDI: 0000000000000006 [ 359.364393][ T30] RBP: 00007f305b60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 359.372560][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 359.380815][ T30] R13: 0000000000000000 R14: 00007f305b7a5fa0 R15: 00007ffdb62810c8 [ 359.388974][ T30] [ 359.392166][ T30] INFO: task syz.3.2540:14117 blocked for more than 145 seconds. [ 359.400767][ T30] Not tainted 6.13.0-syzkaller-04058-g05d91cdb1f91 #0 [ 359.408742][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 359.417806][ T30] task:syz.3.2540 state:D stack:28176 pid:14117 tgid:14115 ppid:5835 flags:0x00000004 [ 359.428233][ T30] Call Trace: [ 359.431557][ T30] [ 359.434530][ T30] __schedule+0x186c/0x4be0 [ 359.439166][ T30] ? schedule+0x90/0x320 [ 359.443454][ T30] ? schedule+0x90/0x320 [ 359.447992][ T30] ? __pfx___schedule+0x10/0x10 [ 359.452896][ T30] ? __pfx_lock_release+0x10/0x10 [ 359.458141][ T30] ? rcu_is_watching+0x15/0xb0 [ 359.462969][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 359.469602][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 359.476430][ T30] ? schedule+0x90/0x320 [ 359.480779][ T30] schedule+0x14b/0x320 [ 359.485015][ T30] schedule_preempt_disabled+0x13/0x30 [ 359.490707][ T30] __mutex_lock+0x817/0x1010 [ 359.495650][ T30] ? __mutex_lock+0x602/0x1010 [ 359.500540][ T30] ? __tun_chr_ioctl+0x48c/0x2400 [ 359.505801][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 359.511589][ T30] __tun_chr_ioctl+0x48c/0x2400 [ 359.516697][ T30] ? __pfx___tun_chr_ioctl+0x10/0x10 [ 359.522041][ T30] ? __pfx_tun_chr_ioctl+0x10/0x10 [ 359.527338][ T30] __se_sys_ioctl+0xf5/0x170 [ 359.532036][ T30] do_syscall_64+0xf3/0x230 [ 359.536716][ T30] ? clear_bhb_loop+0x35/0x90 [ 359.541444][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 359.547885][ T30] RIP: 0033:0x7f305b58cd29 [ 359.552341][ T30] RSP: 002b:00007f305c441038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 359.560964][ T30] RAX: ffffffffffffffda RBX: 00007f305b7a6080 RCX: 00007f305b58cd29 [ 359.569654][ T30] RDX: 000000000000010e RSI: 00000000400454cd RDI: 0000000000000006 [ 359.577729][ T30] RBP: 00007f305b60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 359.585727][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 359.593913][ T30] R13: 0000000000000001 R14: 00007f305b7a6080 R15: 00007ffdb62810c8 [ 359.602452][ T30] [ 359.605808][ T30] INFO: task syz.3.2540:14118 blocked for more than 145 seconds. [ 359.614646][ T30] Not tainted 6.13.0-syzkaller-04058-g05d91cdb1f91 #0 [ 359.622280][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 359.631118][ T30] task:syz.3.2540 state:D stack:28176 pid:14118 tgid:14115 ppid:5835 flags:0x00000004 [ 359.641494][ T30] Call Trace: [ 359.644807][ T30] [ 359.647805][ T30] __schedule+0x186c/0x4be0 [ 359.652349][ T30] ? schedule+0x90/0x320 [ 359.656688][ T30] ? schedule+0x90/0x320 [ 359.660975][ T30] ? __pfx___schedule+0x10/0x10 [ 359.665859][ T30] ? __pfx_lock_release+0x10/0x10 [ 359.670984][ T30] ? rcu_is_watching+0x15/0xb0 [ 359.675805][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 359.681841][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 359.688889][ T30] ? rcu_is_watching+0x15/0xb0 [ 359.694368][ T30] ? schedule+0x90/0x320 [ 359.698877][ T30] schedule+0x14b/0x320 [ 359.703089][ T30] schedule_preempt_disabled+0x13/0x30 [ 359.708650][ T30] __mutex_lock+0x817/0x1010 [ 359.713558][ T30] ? __mutex_lock+0x602/0x1010 [ 359.718451][ T30] ? vlan_ioctl_handler+0x112/0x9d0 [ 359.723711][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 359.728835][ T30] ? rcu_is_watching+0x15/0xb0 [ 359.733642][ T30] ? trace_contention_end+0x3c/0x120 [ 359.739045][ T30] ? __might_fault+0xaa/0x120 [ 359.743788][ T30] vlan_ioctl_handler+0x112/0x9d0 [ 359.749055][ T30] ? __pfx_vlan_ioctl_handler+0x10/0x10 [ 359.754667][ T30] ? __pfx_vlan_ioctl_handler+0x10/0x10 [ 359.760382][ T30] sock_ioctl+0x680/0x8e0 [ 359.764798][ T30] ? __pfx_sock_ioctl+0x10/0x10 [ 359.770200][ T30] ? __fget_files+0x2a/0x410 [ 359.774831][ T30] ? __fget_files+0x2a/0x410 [ 359.779508][ T30] ? __pfx_sock_ioctl+0x10/0x10 [ 359.784441][ T30] __se_sys_ioctl+0xf5/0x170 [ 359.789128][ T30] do_syscall_64+0xf3/0x230 [ 359.793916][ T30] ? clear_bhb_loop+0x35/0x90 [ 359.799309][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 359.805267][ T30] RIP: 0033:0x7f305b58cd29 [ 359.809776][ T30] RSP: 002b:00007f305c420038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 359.818904][ T30] RAX: ffffffffffffffda RBX: 00007f305b7a6160 RCX: 00007f305b58cd29 [ 359.827045][ T30] RDX: 0000000020000200 RSI: 0000000000008983 RDI: 0000000000000007 [ 359.835233][ T30] RBP: 00007f305b60e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 359.843284][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 359.851326][ T30] R13: 0000000000000000 R14: 00007f305b7a6160 R15: 00007ffdb62810c8 [ 359.859512][ T30] [ 359.862600][ T30] INFO: task syz.1.2542:14123 blocked for more than 145 seconds. [ 359.870489][ T30] Not tainted 6.13.0-syzkaller-04058-g05d91cdb1f91 #0 [ 359.877854][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 359.886611][ T30] task:syz.1.2542 state:D stack:27120 pid:14123 tgid:14122 ppid:5830 flags:0x00000004 [ 359.896921][ T30] Call Trace: [ 359.900247][ T30] [ 359.903181][ T30] __schedule+0x186c/0x4be0 [ 359.907818][ T30] ? schedule+0x90/0x320 [ 359.912109][ T30] ? schedule+0x90/0x320 [ 359.916770][ T30] ? __pfx___schedule+0x10/0x10 [ 359.921670][ T30] ? __pfx_lock_release+0x10/0x10 [ 359.926864][ T30] ? rcu_is_watching+0x15/0xb0 [ 359.931691][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 359.937701][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 359.944166][ T30] ? schedule+0x90/0x320 [ 359.948518][ T30] schedule+0x14b/0x320 [ 359.952727][ T30] schedule_preempt_disabled+0x13/0x30 [ 359.958274][ T30] __mutex_lock+0x817/0x1010 [ 359.962998][ T30] ? __mutex_lock+0x602/0x1010 [ 359.967943][ T30] ? rtnetlink_rcv_msg+0x6e6/0xcf0 [ 359.973096][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 359.978217][ T30] ? bpf_lsm_capable+0x9/0x10 [ 359.983021][ T30] ? security_capable+0x7e/0x2d0 [ 359.988250][ T30] rtnetlink_rcv_msg+0x6e6/0xcf0 [ 359.993322][ T30] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 359.998549][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 360.004052][ T30] ? ref_tracker_free+0x643/0x7e0 [ 360.009208][ T30] netlink_rcv_skb+0x1e3/0x430 [ 360.014129][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 360.019985][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 360.025457][ T30] ? netlink_deliver_tap+0x2e/0x1b0 [ 360.030945][ T30] netlink_unicast+0x7f6/0x990 [ 360.035761][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 360.041141][ T30] ? __virt_addr_valid+0x45f/0x530 [ 360.046302][ T30] ? __phys_addr_symbol+0x2f/0x70 [ 360.051395][ T30] ? __check_object_size+0x47a/0x730 [ 360.056793][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 360.061601][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 360.066983][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 360.072109][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 360.077567][ T30] __sock_sendmsg+0x221/0x270 [ 360.082302][ T30] ____sys_sendmsg+0x52a/0x7e0 [ 360.087144][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 360.092466][ T30] ? __fget_files+0x2a/0x410 [ 360.097155][ T30] ? __fget_files+0x2a/0x410 [ 360.101783][ T30] __sys_sendmmsg+0x36a/0x720 [ 360.106473][ T30] ? __pfx___sys_sendmmsg+0x10/0x10 [ 360.111753][ T30] ? wake_up_q+0xdc/0x120 [ 360.116303][ T30] ? futex_wait+0x285/0x360 [ 360.121188][ T30] ? __pfx_futex_wait+0x10/0x10 [ 360.126081][ T30] ? fd_install+0x9c/0x5d0 [ 360.130573][ T30] ? lock_release+0xbf/0xa30 [ 360.135193][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 360.140301][ T30] ? do_futex+0x33b/0x560 [ 360.144702][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 360.151132][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 360.157542][ T30] ? rcu_is_watching+0x15/0xb0 [ 360.162875][ T30] __x64_sys_sendmmsg+0xa0/0xb0 [ 360.167837][ T30] do_syscall_64+0xf3/0x230 [ 360.172365][ T30] ? clear_bhb_loop+0x35/0x90 [ 360.177109][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 360.183039][ T30] RIP: 0033:0x7f076598cd29 [ 360.187618][ T30] RSP: 002b:00007f0766751038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 360.196079][ T30] RAX: ffffffffffffffda RBX: 00007f0765ba5fa0 RCX: 00007f076598cd29 [ 360.204166][ T30] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000005 [ 360.212235][ T30] RBP: 00007f0765a0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 360.220300][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 360.228848][ T30] R13: 0000000000000000 R14: 00007f0765ba5fa0 R15: 00007ffe01eca3c8 [ 360.236944][ T30] [ 360.240045][ T30] INFO: lockdep is turned off. [ 360.244829][ T30] NMI backtrace for cpu 0 [ 360.244841][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-syzkaller-04058-g05d91cdb1f91 #0 [ 360.244857][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 360.244866][ T30] Call Trace: [ 360.244874][ T30] [ 360.244881][ T30] dump_stack_lvl+0x241/0x360 [ 360.244909][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 360.244931][ T30] ? __pfx__printk+0x10/0x10 [ 360.244952][ T30] ? __pfx_rcu_preempt_deferred_qs_irqrestore+0x10/0x10 [ 360.244976][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 360.244998][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 360.245016][ T30] ? _printk+0xd5/0x120 [ 360.245035][ T30] ? __pfx_rcu_read_unlock_special+0x10/0x10 [ 360.245055][ T30] ? __pfx__printk+0x10/0x10 [ 360.245076][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 360.245092][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 360.245113][ T30] watchdog+0xff6/0x1040 [ 360.245132][ T30] ? watchdog+0x1ea/0x1040 [ 360.245152][ T30] ? __pfx_watchdog+0x10/0x10 [ 360.245170][ T30] kthread+0x7a9/0x920 [ 360.245188][ T30] ? __pfx_kthread+0x10/0x10 [ 360.245208][ T30] ? __pfx_watchdog+0x10/0x10 [ 360.245226][ T30] ? __pfx_kthread+0x10/0x10 [ 360.245244][ T30] ? __pfx_kthread+0x10/0x10 [ 360.245270][ T30] ? __pfx_kthread+0x10/0x10 [ 360.245288][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 360.245308][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 360.245330][ T30] ? __pfx_kthread+0x10/0x10 [ 360.245349][ T30] ret_from_fork+0x4b/0x80 [ 360.245366][ T30] ? __pfx_kthread+0x10/0x10 [ 360.245385][ T30] ret_from_fork_asm+0x1a/0x30 [ 360.245410][ T30] [ 360.245415][ T30] Sending NMI from CPU 0 to CPUs 1: [ 360.414496][ C1] NMI backtrace for cpu 1 [ 360.414512][ C1] CPU: 1 UID: 0 PID: 10089 Comm: kworker/u8:20 Not tainted 6.13.0-syzkaller-04058-g05d91cdb1f91 #0 [ 360.414532][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 360.414544][ C1] Workqueue: events_unbound toggle_allocation_gate [ 360.414575][ C1] RIP: 0010:smp_call_function_many_cond+0x1ba4/0x2d30 [ 360.414605][ C1] Code: 03 84 c0 75 7e 45 8b 65 00 44 89 e6 83 e6 01 31 ff e8 a0 e8 0b 00 41 83 e4 01 4c 8b 64 24 68 75 07 e8 50 e4 0b 00 eb 41 f3 90 <48> b8 00 00 00 00 00 fc ff df 0f b6 04 03 84 c0 75 11 41 f7 45 00 [ 360.414620][ C1] RSP: 0018:ffffc90004c97640 EFLAGS: 00000293 [ 360.414634][ C1] RAX: ffffffff81939795 RBX: 1ffff110170c8c89 RCX: ffff888044379e00 [ 360.414647][ C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 360.414657][ C1] RBP: ffffc90004c97840 R08: ffffffff81939760 R09: 1ffffffff2037496 [ 360.414670][ C1] R10: dffffc0000000000 R11: fffffbfff2037497 R12: ffff8880b873fac8 [ 360.414683][ C1] R13: ffff8880b8646448 R14: ffff8880b873fac0 R15: 0000000000000000 [ 360.414695][ C1] FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 360.414709][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 360.414721][ C1] CR2: 0000555933f01088 CR3: 000000000e738000 CR4: 00000000003526f0 [ 360.414736][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 360.414746][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 360.414756][ C1] Call Trace: [ 360.414763][ C1] [ 360.414772][ C1] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 360.414795][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 360.414819][ C1] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 360.414849][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 360.414866][ C1] ? nmi_handle+0x14f/0x5a0 [ 360.414887][ C1] ? nmi_handle+0x2a/0x5a0 [ 360.414909][ C1] ? smp_call_function_many_cond+0x1ba4/0x2d30 [ 360.414934][ C1] ? default_do_nmi+0x63/0x160 [ 360.414956][ C1] ? exc_nmi+0x123/0x1f0 [ 360.414975][ C1] ? end_repeat_nmi+0xf/0x53 [ 360.415003][ C1] ? smp_call_function_many_cond+0x1b90/0x2d30 [ 360.415028][ C1] ? smp_call_function_many_cond+0x1bc5/0x2d30 [ 360.415055][ C1] ? smp_call_function_many_cond+0x1ba4/0x2d30 [ 360.415081][ C1] ? smp_call_function_many_cond+0x1ba4/0x2d30 [ 360.415108][ C1] ? smp_call_function_many_cond+0x1ba4/0x2d30 [ 360.415133][ C1] [ 360.415139][ C1] [ 360.415145][ C1] ? kmem_cache_alloc_bulk_noprof+0x157/0x7c0 [ 360.415191][ C1] ? kmem_cache_alloc_bulk_noprof+0x157/0x7c0 [ 360.415220][ C1] ? kmem_cache_alloc_bulk_noprof+0x157/0x7c0 [ 360.415250][ C1] ? kmem_cache_alloc_bulk_noprof+0x156/0x7c0 [ 360.415277][ C1] ? perf_event_text_poke+0x258/0x330 [ 360.415300][ C1] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 360.415335][ C1] ? __pfx_perf_event_text_poke+0x10/0x10 [ 360.415356][ C1] ? __pfx___mutex_trylock_common+0x10/0x10 [ 360.415385][ C1] ? __pfx_do_sync_core+0x10/0x10 [ 360.415411][ C1] on_each_cpu_cond_mask+0x3f/0x80 [ 360.415437][ C1] text_poke_bp_batch+0x726/0xb30 [ 360.415467][ C1] ? kmem_cache_alloc_bulk_noprof+0x157/0x7c0 [ 360.415494][ C1] ? __pfx_text_poke_bp_batch+0x10/0x10 [ 360.415523][ C1] ? arch_jump_label_transform_queue+0x9b/0x100 [ 360.415544][ C1] ? process_scheduled_works+0x976/0x1840 [ 360.415564][ C1] text_poke_finish+0x30/0x50 [ 360.415589][ C1] arch_jump_label_transform_apply+0x1c/0x30 [ 360.415607][ C1] static_key_disable_cpuslocked+0xd2/0x1c0 [ 360.415635][ C1] static_key_disable+0x1a/0x20 [ 360.415659][ C1] toggle_allocation_gate+0x1bf/0x260 [ 360.415682][ C1] ? __pfx_toggle_allocation_gate+0x10/0x10 [ 360.415705][ C1] ? __pfx_autoremove_wake_function+0x10/0x10 [ 360.415733][ C1] process_scheduled_works+0xa66/0x1840 [ 360.415765][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 360.415785][ C1] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 360.415809][ C1] ? assign_work+0x364/0x3d0 [ 360.415829][ C1] worker_thread+0x870/0xd30 [ 360.415855][ C1] ? __kthread_parkme+0x169/0x1d0 [ 360.415876][ C1] ? __pfx_worker_thread+0x10/0x10 [ 360.415895][ C1] kthread+0x7a9/0x920 [ 360.415918][ C1] ? __pfx_worker_thread+0x10/0x10 [ 360.415936][ C1] ? __pfx_kthread+0x10/0x10 [ 360.415957][ C1] ? __pfx_kthread+0x10/0x10 [ 360.415980][ C1] ? rcu_is_watching+0x15/0xb0 [ 360.416005][ C1] ? __pfx_kthread+0x10/0x10 [ 360.416026][ C1] ? __pfx_kthread+0x10/0x10 [ 360.416048][ C1] ret_from_fork+0x4b/0x80 [ 360.416066][ C1] ? __pfx_kthread+0x10/0x10 [ 360.416087][ C1] ret_from_fork_asm+0x1a/0x30 [ 360.416112][ C1] [ 360.423393][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 360.423416][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-syzkaller-04058-g05d91cdb1f91 #0 [ 360.423442][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 360.423457][ T30] Call Trace: [ 360.423465][ T30] [ 360.423474][ T30] dump_stack_lvl+0x241/0x360 [ 360.423516][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 360.423549][ T30] ? __pfx__printk+0x10/0x10 [ 360.423582][ T30] ? vscnprintf+0x5d/0x90 [ 360.423612][ T30] panic+0x349/0x880 [ 360.423642][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 360.423672][ T30] ? __pfx_panic+0x10/0x10 [ 360.423703][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 360.423731][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 360.423760][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 360.423793][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 360.423825][ T30] watchdog+0x1035/0x1040 [ 360.423854][ T30] ? watchdog+0x1ea/0x1040 [ 360.423884][ T30] ? __pfx_watchdog+0x10/0x10 [ 360.423910][ T30] kthread+0x7a9/0x920 [ 360.423939][ T30] ? __pfx_kthread+0x10/0x10 [ 360.423969][ T30] ? __pfx_watchdog+0x10/0x10 [ 360.423995][ T30] ? __pfx_kthread+0x10/0x10 [ 360.424023][ T30] ? __pfx_kthread+0x10/0x10 [ 360.424054][ T30] ? __pfx_kthread+0x10/0x10 [ 360.424081][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 360.424111][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 360.424142][ T30] ? __pfx_kthread+0x10/0x10 [ 360.424171][ T30] ret_from_fork+0x4b/0x80 [ 360.424195][ T30] ? __pfx_kthread+0x10/0x10 [ 360.424224][ T30] ret_from_fork_asm+0x1a/0x30 [ 360.424254][ T30] [ 361.029046][ T30] Kernel Offset: disabled [ 361.033376][ T30] Rebooting in 86400 seconds..