last executing test programs: 2m48.051783444s ago: executing program 4 (id=564): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r0}) syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r1) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) setsockopt$inet_int(r0, 0x0, 0x8, &(0x7f0000000180)=0x8, 0x4) recvmmsg(r0, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0) 2m47.445505085s ago: executing program 4 (id=569): socket$packet(0x11, 0x2, 0x300) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0x3) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10) syz_emit_ethernet(0x56, &(0x7f0000000140)={@local, @link_local, @void, {@canfd={0xd, {{0x0, 0x0, 0x1}, 0x2, 0x3, 0x0, 0x0, "8b4666c386dacbf2a4f2a49d7d587036f1b30a1da297e7bb33766abd4c9b2ce42edc52122fbe51f569f9fb99736855e19a029024a2679a5d22c04a534993ecbb"}}}}, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$SOCK_DIAG_BY_FAMILY(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)={0x14, 0x14, 0x1, 0x0, 0x0, {0x28, 0x8}}, 0x14}}, 0x40) recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x60ae0}], 0x318, 0x0, 0xdb0, 0xf5ffffff}, 0x3f01) sendmsg$tipc(r2, &(0x7f0000000240)={0x0, 0x18, &(0x7f00000000c0), 0x31}, 0x0) close(r2) 2m47.300826476s ago: executing program 4 (id=572): r0 = socket$inet_udp(0x2, 0x2, 0x0) recvmmsg(r0, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x40000000000012d, 0x2, 0x0) (async, rerun: 64) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000005c0)=@raw={'raw\x00', 0x9, 0x3, 0x240, 0x120, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x1f8, 0xffffffff, 0xffffffff, 0x1f8, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @random="e01e5762bce1", 0x5, 0x4, [0x14, 0x10, 0x25, 0x14, 0x33, 0x1a, 0xb, 0x2c, 0x31, 0x2b, 0x8, 0x22, 0x1, 0xb, 0x8, 0x13], 0x2, 0x74, 0x7}}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0xe, 0x2ea, 0x5, 0xfd, 'syz0\x00', 'syz1\x00', {0x4}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2a0) (rerun: 64) setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000140)=0x6, 0x4) (async, rerun: 64) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) (rerun: 64) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, 0x0, {0x8, 0x3}, {0x6}, {0x4, 0xe}}}, 0x24}}, 0x40004) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="340000003e000900000000000008000003000000040004001c000180180010"], 0x34}}, 0x84) (async) syz_emit_ethernet(0x32, &(0x7f0000001140)={@broadcast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv4={0x800, @udp={{0x6, 0x4, 0x0, 0x0, 0x24, 0x66, 0x0, 0x0, 0x11, 0x0, @empty, @empty, {[@timestamp={0x44, 0x4, 0x8d}]}}, {0x1, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0) 2m46.36167966s ago: executing program 4 (id=583): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000001, 0x32, 0xffffffffffffffff, 0x0) getsockopt$inet6_tcp_int(r1, 0x6, 0xa, 0x0, &(0x7f0000000100)) sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x801, 0x70bd28, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x42004}, [@IFLA_XDP={0x1c, 0x2b, 0x0, 0x1, [@IFLA_XDP_EXPECTED_FD={0x8, 0x8, r0}, @IFLA_XDP_FLAGS={0x8, 0x3, 0x19}, @IFLA_XDP_FD={0x8}]}, @IFLA_GROUP={0x8}]}, 0x44}}, 0x0) 2m46.128758557s ago: executing program 4 (id=589): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x2c, r1, 0x4, 0x70bd2b, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_DISABLE_HT={0x4}]}, 0x2c}}, 0x4c040) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0) r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000040)={r3}, 0x8) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000010040), 0xf67, 0xffffffffffffffff, 0x4}, 0x38) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0) close(r5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)) ioctl$SIOCSIFHWADDR(r5, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random="0000230c1100"}) close(r4) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x13, 0x10, 0x8, 0x0, 0x0, 0x1, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r8 = socket$inet6(0xa, 0x805, 0x0) getsockopt$bt_hci(r8, 0x84, 0x0, 0x0, &(0x7f0000000040)) r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000a80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000014000000b7020000000000008500000051000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000005000000b70000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000ac0), r10) sendmsg$NLBL_CALIPSO_C_REMOVE(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x1c, r11, 0x1, 0x70bd25, 0x25dfdbff, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40005}, 0x8000) r12 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff) r13 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_CCA_ED_LEVEL(r13, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r12, @ANYBLOB="fd012bbd7000fddbdf250e00000008000300", @ANYRES32=r12], 0x1c}, 0x1, 0x0, 0x0, 0x2000080}, 0x400c8c0) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r10, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, r12, 0x200, 0x70bd2d, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x90) bpf$BPF_GET_PROG_INFO(0x1c, &(0x7f00000003c0)={r9, 0x0, 0x0}, 0x10) r14 = bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0x8, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="850000006100000054000000000000009500000000000000b4a8b1541206000000e9c79077fa15ba36eca61299de54cf77c9062c30bc068829afff36b31fa7e358e95cfa"], &(0x7f0000281ffc)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000180)={r14, 0x2000000, 0x14, 0x0, &(0x7f0000000000)="134345be218a82fe733e8c3f43303816b8567084637af22e", 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000240)={@cgroup=r6, r9, 0x1, 0x0, 0xffffffffffffffff, @void, @value=r14}, 0x20) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000340)={r7, &(0x7f0000000b00)="1823", 0x0}, 0x20) 2m45.852963353s ago: executing program 4 (id=594): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)={0x50, 0x3, 0x1, 0x201, 0x0, 0x0, {0xa}, [@CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x149}]}, @CTA_TUPLE_ORIG={0x30, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @loopback}, {0x14, 0x4, @loopback}}}]}]}, 0x50}}, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000080)='rpc_clnt_new\x00', r1, 0x0, 0xb9b}, 0x18) r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000080)='rpc_clnt_new\x00', r3, 0x0, 0xb9b}, 0x18) sendmsg$netlink(r2, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0) 2m38.921379979s ago: executing program 3 (id=673): r0 = socket$vsock_stream(0x28, 0x1, 0x0) r1 = socket$kcm(0x2, 0xa, 0x2) connect$vsock_stream(r0, &(0x7f0000000240)={0x28, 0x0, 0x2711, @local}, 0x10) (async) connect$vsock_stream(r0, &(0x7f0000000240)={0x28, 0x0, 0x2711, @local}, 0x10) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}) ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x54e3, 0x0) (async) r2 = ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x54e3, 0x0) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f00000000c0), 0x10) r4 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x12, &(0x7f0000000100)=0x1, 0x4) (async) setsockopt$inet_tcp_int(r4, 0x6, 0x12, &(0x7f0000000100)=0x1, 0x4) bind$inet(r4, &(0x7f00000005c0)={0x2, 0x4e21, @loopback}, 0x10) (async) bind$inet(r4, &(0x7f00000005c0)={0x2, 0x4e21, @loopback}, 0x10) connect$inet(r4, &(0x7f0000000400)={0x2, 0x4e20, @empty}, 0x10) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000002c0)={0x58, 0x2, 0x6, 0x201, 0x0, 0x0, {0xc}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x60000}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'hash:net,port\x00'}]}, 0x58}}, 0x0) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r4, 0x6, 0x1d, &(0x7f0000000000)={0x0, 0x20, 0xfffffffa, 0x1}, 0x14) (async) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r4, 0x6, 0x1d, &(0x7f0000000000)={0x0, 0x20, 0xfffffffa, 0x1}, 0x14) shutdown(r4, 0x1) r6 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000140), 0x2, 0x0) socket$netlink(0x10, 0x3, 0x1) (async) r7 = socket$netlink(0x10, 0x3, 0x1) r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ppoll(&(0x7f0000000180)=[{r0, 0xc000}, {r1, 0x280}, {r2, 0x3601}, {r3, 0x4000}, {r4, 0x4420}, {r6, 0x2048}, {r7, 0x124}, {r8, 0x90}], 0x8, &(0x7f0000000200)={0x0, 0x3938700}, &(0x7f0000000280)={[0x17]}, 0x8) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.swap.events\x00', 0x275a, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.swap.events\x00', 0x275a, 0x0) setsockopt$sock_attach_bpf(r10, 0x1, 0x41, &(0x7f0000000100)=r11, 0x8) socket$nl_netfilter(0x10, 0x3, 0xc) (async) r12 = socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_generic(0x10, 0x3, 0x10) (async) r13 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), r13) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000540)={&(0x7f0000000480)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x4c, 0x4c, 0x5, [@const={0x7}, @enum={0xa, 0x1, 0x0, 0x6, 0x4, [{0xc, 0xb}]}, @decl_tag={0x8, 0x0, 0x0, 0x11, 0x2, 0x2}, @var={0xc, 0x0, 0x0, 0xe, 0x1, 0x2}, @ptr={0x5, 0x0, 0x0, 0x2, 0x2}]}, {0x0, [0x2e, 0x0, 0x30]}}, &(0x7f0000000500)=""/64, 0x69, 0x40, 0x0, 0x7, 0x10000, @value}, 0x28) (async) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000540)={&(0x7f0000000480)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x4c, 0x4c, 0x5, [@const={0x7}, @enum={0xa, 0x1, 0x0, 0x6, 0x4, [{0xc, 0xb}]}, @decl_tag={0x8, 0x0, 0x0, 0x11, 0x2, 0x2}, @var={0xc, 0x0, 0x0, 0xe, 0x1, 0x2}, @ptr={0x5, 0x0, 0x0, 0x2, 0x2}]}, {0x0, [0x2e, 0x0, 0x30]}}, &(0x7f0000000500)=""/64, 0x69, 0x40, 0x0, 0x7, 0x10000, @value}, 0x28) sendmsg$NFQNL_MSG_CONFIG(r12, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c0000000203010800000000000000000000000000000000f2ffffff"], 0x1c}}, 0x20) sendmsg$NFQNL_MSG_CONFIG(r12, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000020301040000000000000000000000100800010001000000d619c6572068fcc92d462d0ef5e6fb4d1563863761d005eba74e5d52cc457560b49dce751c60dbde35b2206169b4ea9dbcc08cf067e24798b1c7651e4900cff4006b00c79e584550f893fb6bcf039e767d70591783fd12b88178ffad0a4dcf049b7d7b0b8378db89f4f66385684e3dcd37a2b76d4b51f6e4ba92bedccc7ea3b12a5f2881fb548332109f0e8127ace84429afe53df7862062e39d85e5473c11de3e30057409b42a15b628f3ed508be138874d6f78b504963b0cfb5332590b3f4e24324899b8d4a7ba66634cd2b9e261f55dd083efa64e339e4cec39396312ba328b87c7"], 0x1c}}, 0x0) (async) sendmsg$NFQNL_MSG_CONFIG(r12, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000020301040000000000000000000000100800010001000000d619c6572068fcc92d462d0ef5e6fb4d1563863761d005eba74e5d52cc457560b49dce751c60dbde35b2206169b4ea9dbcc08cf067e24798b1c7651e4900cff4006b00c79e584550f893fb6bcf039e767d70591783fd12b88178ffad0a4dcf049b7d7b0b8378db89f4f66385684e3dcd37a2b76d4b51f6e4ba92bedccc7ea3b12a5f2881fb548332109f0e8127ace84429afe53df7862062e39d85e5473c11de3e30057409b42a15b628f3ed508be138874d6f78b504963b0cfb5332590b3f4e24324899b8d4a7ba66634cd2b9e261f55dd083efa64e339e4cec39396312ba328b87c7"], 0x1c}}, 0x0) setsockopt$sock_attach_bpf(r10, 0x1, 0x41, &(0x7f0000000100)=r9, 0x4) 2m38.729468446s ago: executing program 3 (id=675): r0 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) connect$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe) ioctl$sock_bt_hidp_HIDPCONNADD(r0, 0x400448c8, &(0x7f0000000280)={r1, r1, 0x1, 0x2, &(0x7f00000000c0)='\x00\x00', 0x9, 0x1, 0x16bf, 0x5505, 0xc3b8, 0x1, 0x0, 'syz0\x00'}) r2 = socket$alg(0x26, 0x5, 0x0) syz_emit_ethernet(0x11, &(0x7f0000000200)={@remote, @random="0000dcf6177a", @void, {@mpls_uc={0x8864, {[], @llc={@llc={0xaa, 0xdc, 'T'}}}}}}, 0x0) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2000004, 0x3b071, 0xffffffffffffffff, 0x0) accept4(r2, 0x0, 0x0, 0x80000) ioctl$sock_bt_hidp_HIDPCONNDEL(r0, 0x400448c9, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}) 2m37.511698499s ago: executing program 3 (id=682): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[@ANYBLOB='t\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002dbd7000fedbdf250600000008000300", @ANYRES32=r1, @ANYBLOB="0c009900000000005c00000008000500ecd2e06b4ba9daf1d52af7f241a89e494df1d94cdd0a00e800ffffffffffff00001c00e70064e4ea037fe815e0ceff25481831b22bea5cf47ed66f6bf0"], 0x74}, 0x1, 0x0, 0x0, 0x80}, 0x8000) r4 = socket$alg(0x26, 0x5, 0x0) accept4(r4, 0x0, 0x0, 0x800) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000740)={'wlan1\x00', 0x0}) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) r10 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x801, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2f}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x55}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x3, 0x84}}}, 0x6c}}, 0x20050800) r11 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_REGISTER_FRAME(r11, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000003c0)={0x9c, r8, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}, @NL80211_ATTR_FRAME_MATCH={0x7c, 0x5b, "8469e37c101dc1e8cde7218d7083605280b4056cdccf43fadf3e71336d685adc068a0ea5fdcf5618b4b90b4cd7293015843be33a597da666c7fad0560fe7f5e489c509a3541a89bdae113797961b08b77a653b67b8aac4941e3686dab72d747d6ed36c7d143a3dd13e3c2339c3458d0a61990c6864e9a508"}]}, 0x9c}}, 0x0) sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000c80)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000003a00000008000300", @ANYRES32=r6, @ANYBLOB="05005b"], 0x24}}, 0x0) 2m37.253601594s ago: executing program 3 (id=683): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r0}, &(0x7f0000000080), &(0x7f00000000c0)}, 0x20) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async) sendmsg$NFT_BATCH(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001780)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000050a03000000000000000000020000000c00024000000000000000010900010073797a30000000002c000000030a0102e8ffffff00000000020000000900010073797a30000000000900030073797a320000000020000000020a03"], 0xa0}, 0x1, 0x0, 0x0, 0x8001}, 0x0) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000600)={r0}, 0x4) (async) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async) sendmsg$NFT_MSG_GETCHAIN(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000004c0)={0x2c, 0x4, 0xa, 0x3, 0x0, 0x0, {0x2, 0x0, 0x8}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x48840}, 0x0) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x11, 0x10, &(0x7f0000000700)=@framed={{0x18, 0x0, 0x0, 0x0, 0xf2, 0x0, 0x0, 0x0, 0x5}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f0000000680)='GPL\x00', 0x5, 0x2a, &(0x7f0000000780)=""/42, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x63, 0x0, 0x0, 0x10, 0x7fffffff, @void, @value}, 0x94) 2m36.880920538s ago: executing program 3 (id=686): ioctl$F2FS_IOC_WRITE_CHECKPOINT(0xffffffffffffffff, 0xf507, 0x0) socket$packet(0x11, 0x2, 0x300) write$tun(0xffffffffffffffff, &(0x7f0000000340)=ANY=[], 0x42) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x4aa4) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'digest_null\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0) r2 = socket(0xa, 0x3, 0x3a) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000000)={'vxcan1\x00', 0x0}) setsockopt$MRT6_ADD_MIF(r2, 0x29, 0xca, &(0x7f0000000040)={0x0, 0x0, 0xc, r3, 0x3}, 0xc) setsockopt$MRT6_FLUSH(r2, 0x29, 0xd4, &(0x7f0000000080)=0xc, 0x4) r4 = accept4(r1, 0x0, 0x0, 0x0) sendmsg$TIPC_NL_BEARER_SET(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000580)={0x14, 0x0, 0x20, 0x70bd25, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x4008014) r5 = socket$pppoe(0x18, 0x1, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="05000000e6ef1f00060000007f000000"], 0x48) unshare(0x26020480) bpf$MAP_GET_NEXT_KEY(0x15, &(0x7f0000000580)={r6, 0x0, 0x0}, 0x20) connect$pppoe(r5, &(0x7f0000000040)={0x18, 0x0, {0x4, @random="bb7fb37b9489", 'bond0\x00'}}, 0x1e) sendmmsg(r5, &(0x7f0000002340)=[{{0x0, 0x0, 0x0}}], 0x3e8, 0x0) 2m36.313738145s ago: executing program 3 (id=692): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x25, 0x301, 0x270bd24, 0x25dfdbfd, {0x1}}, 0x14}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) (async) r2 = socket$key(0xf, 0x3, 0x2) (async) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={0x28, 0x42, 0xb, 0x70bd26, 0x4000, {0x3}, [@typed={0x8, 0x2, 0x0, 0x0, @u32=0x7}, @nested={0xa, 0x1, 0x0, 0x1, [@generic="78a449a0dd64"]}]}, 0x28}}, 0x4040080) (async, rerun: 32) sendmsg$key(r2, &(0x7f0000000100)={0x40000000, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)={0x2, 0x18, 0x0, 0x0, 0x1b, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @empty}}, @sadb_x_policy={0x8, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@multicast2}}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private0}}, @sadb_x_kmaddress={0x7, 0x19, 0x0, @in={0x2, 0x0, @multicast1}, @in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}]}, 0xd8}}, 0x0) (async, rerun: 32) sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)=@newlink={0x44, 0x10, 0x437, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_PRIORITY={0x6}, @IFLA_BR_VLAN_FILTERING={0x5}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4040010}, 0x0) 2m30.803449334s ago: executing program 32 (id=594): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)={0x50, 0x3, 0x1, 0x201, 0x0, 0x0, {0xa}, [@CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x149}]}, @CTA_TUPLE_ORIG={0x30, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @loopback}, {0x14, 0x4, @loopback}}}]}]}, 0x50}}, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000080)='rpc_clnt_new\x00', r1, 0x0, 0xb9b}, 0x18) r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000080)='rpc_clnt_new\x00', r3, 0x0, 0xb9b}, 0x18) sendmsg$netlink(r2, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0) 2m21.082828695s ago: executing program 33 (id=692): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x25, 0x301, 0x270bd24, 0x25dfdbfd, {0x1}}, 0x14}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) (async) r2 = socket$key(0xf, 0x3, 0x2) (async) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={0x28, 0x42, 0xb, 0x70bd26, 0x4000, {0x3}, [@typed={0x8, 0x2, 0x0, 0x0, @u32=0x7}, @nested={0xa, 0x1, 0x0, 0x1, [@generic="78a449a0dd64"]}]}, 0x28}}, 0x4040080) (async, rerun: 32) sendmsg$key(r2, &(0x7f0000000100)={0x40000000, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)={0x2, 0x18, 0x0, 0x0, 0x1b, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @empty}}, @sadb_x_policy={0x8, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@multicast2}}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private0}}, @sadb_x_kmaddress={0x7, 0x19, 0x0, @in={0x2, 0x0, @multicast1}, @in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}]}, 0xd8}}, 0x0) (async, rerun: 32) sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)=@newlink={0x44, 0x10, 0x437, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_PRIORITY={0x6}, @IFLA_BR_VLAN_FILTERING={0x5}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4040010}, 0x0) 1m12.329558992s ago: executing program 2 (id=1553): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$cgroup_int(r0, &(0x7f0000000200), 0x12) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x22051, r0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x18, 0x1, &(0x7f00000001c0)=@raw=[@jmp={0x5, 0x1, 0xd, 0x0, 0x5, 0x6, 0x8}], &(0x7f0000000180)='syzkaller\x00', 0x8, 0x1020, &(0x7f0000001200)=""/4128, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001180)=ANY=[@ANYBLOB="61154c00000000006113500000000000bfa00000000000001503000008004e002d3501000000000095004100000000006916850000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf670000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ff3d4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2739670b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc401000000cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be19637302f3b41eae50509fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524a3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8b0100010000000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d545ffffffff00000000a1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf857689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684ee54c0a263c806aabac2f66cb052f847c62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961ef4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fc0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bb000000000000000000000000000000884efcecca45ea4ab2ec097668456a6ff12854997f5aed737d5205ace5c0b64f87ef10784d0479cb44ca077e0c4ce6ff880e2ce3de63853a9740e9233683bfc8636bee293aeeb680b399a296e6f44c07b5fc5d9d359af007f23004a7acb6df23664ea209620b4fe0f4df81c33bd8ca2335cb4b50881937379b45a301175c3e8eb32970564ec8e25c46ee3bae079faedaad94276cfa251be8256c4c37fc84a25c3a2feb39e94a5266a10716d4a3cef499fa176018054e9149a1c9d20a809ce3"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0xe, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000071120b000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2a, '\x00', 0x0, @sk_skb=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400, @void, @value}, 0x94) 1m1.386911743s ago: executing program 2 (id=1553): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$cgroup_int(r0, &(0x7f0000000200), 0x12) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x22051, r0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x18, 0x1, &(0x7f00000001c0)=@raw=[@jmp={0x5, 0x1, 0xd, 0x0, 0x5, 0x6, 0x8}], &(0x7f0000000180)='syzkaller\x00', 0x8, 0x1020, &(0x7f0000001200)=""/4128, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001180)=ANY=[@ANYBLOB="61154c00000000006113500000000000bfa00000000000001503000008004e002d3501000000000095004100000000006916850000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf670000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ff3d4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2739670b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc401000000cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be19637302f3b41eae50509fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524a3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8b0100010000000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d545ffffffff00000000a1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf857689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684ee54c0a263c806aabac2f66cb052f847c62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961ef4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fc0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bb000000000000000000000000000000884efcecca45ea4ab2ec097668456a6ff12854997f5aed737d5205ace5c0b64f87ef10784d0479cb44ca077e0c4ce6ff880e2ce3de63853a9740e9233683bfc8636bee293aeeb680b399a296e6f44c07b5fc5d9d359af007f23004a7acb6df23664ea209620b4fe0f4df81c33bd8ca2335cb4b50881937379b45a301175c3e8eb32970564ec8e25c46ee3bae079faedaad94276cfa251be8256c4c37fc84a25c3a2feb39e94a5266a10716d4a3cef499fa176018054e9149a1c9d20a809ce3"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0xe, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000071120b000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2a, '\x00', 0x0, @sk_skb=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400, @void, @value}, 0x94) 46.637464579s ago: executing program 2 (id=1553): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$cgroup_int(r0, &(0x7f0000000200), 0x12) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x22051, r0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x18, 0x1, &(0x7f00000001c0)=@raw=[@jmp={0x5, 0x1, 0xd, 0x0, 0x5, 0x6, 0x8}], &(0x7f0000000180)='syzkaller\x00', 0x8, 0x1020, &(0x7f0000001200)=""/4128, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001180)=ANY=[@ANYBLOB="61154c00000000006113500000000000bfa00000000000001503000008004e002d3501000000000095004100000000006916850000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf670000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ff3d4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2739670b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc401000000cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be19637302f3b41eae50509fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524a3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8b0100010000000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d545ffffffff00000000a1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf857689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684ee54c0a263c806aabac2f66cb052f847c62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961ef4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fc0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bb000000000000000000000000000000884efcecca45ea4ab2ec097668456a6ff12854997f5aed737d5205ace5c0b64f87ef10784d0479cb44ca077e0c4ce6ff880e2ce3de63853a9740e9233683bfc8636bee293aeeb680b399a296e6f44c07b5fc5d9d359af007f23004a7acb6df23664ea209620b4fe0f4df81c33bd8ca2335cb4b50881937379b45a301175c3e8eb32970564ec8e25c46ee3bae079faedaad94276cfa251be8256c4c37fc84a25c3a2feb39e94a5266a10716d4a3cef499fa176018054e9149a1c9d20a809ce3"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0xe, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000071120b000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2a, '\x00', 0x0, @sk_skb=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400, @void, @value}, 0x94) 30.421241423s ago: executing program 2 (id=1553): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$cgroup_int(r0, &(0x7f0000000200), 0x12) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x22051, r0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x18, 0x1, &(0x7f00000001c0)=@raw=[@jmp={0x5, 0x1, 0xd, 0x0, 0x5, 0x6, 0x8}], &(0x7f0000000180)='syzkaller\x00', 0x8, 0x1020, &(0x7f0000001200)=""/4128, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001180)=ANY=[@ANYBLOB="61154c00000000006113500000000000bfa00000000000001503000008004e002d3501000000000095004100000000006916850000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf670000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ff3d4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2739670b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc401000000cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be19637302f3b41eae50509fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524a3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8b0100010000000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d545ffffffff00000000a1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf857689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684ee54c0a263c806aabac2f66cb052f847c62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961ef4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fc0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bb000000000000000000000000000000884efcecca45ea4ab2ec097668456a6ff12854997f5aed737d5205ace5c0b64f87ef10784d0479cb44ca077e0c4ce6ff880e2ce3de63853a9740e9233683bfc8636bee293aeeb680b399a296e6f44c07b5fc5d9d359af007f23004a7acb6df23664ea209620b4fe0f4df81c33bd8ca2335cb4b50881937379b45a301175c3e8eb32970564ec8e25c46ee3bae079faedaad94276cfa251be8256c4c37fc84a25c3a2feb39e94a5266a10716d4a3cef499fa176018054e9149a1c9d20a809ce3"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0xe, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000071120b000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2a, '\x00', 0x0, @sk_skb=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400, @void, @value}, 0x94) 14.837458313s ago: executing program 2 (id=1553): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$cgroup_int(r0, &(0x7f0000000200), 0x12) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x22051, r0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x18, 0x1, &(0x7f00000001c0)=@raw=[@jmp={0x5, 0x1, 0xd, 0x0, 0x5, 0x6, 0x8}], &(0x7f0000000180)='syzkaller\x00', 0x8, 0x1020, &(0x7f0000001200)=""/4128, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001180)=ANY=[@ANYBLOB="61154c00000000006113500000000000bfa00000000000001503000008004e002d3501000000000095004100000000006916850000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf670000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ff3d4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2739670b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc401000000cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be19637302f3b41eae50509fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524a3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8b0100010000000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d545ffffffff00000000a1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf857689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684ee54c0a263c806aabac2f66cb052f847c62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961ef4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fc0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bb000000000000000000000000000000884efcecca45ea4ab2ec097668456a6ff12854997f5aed737d5205ace5c0b64f87ef10784d0479cb44ca077e0c4ce6ff880e2ce3de63853a9740e9233683bfc8636bee293aeeb680b399a296e6f44c07b5fc5d9d359af007f23004a7acb6df23664ea209620b4fe0f4df81c33bd8ca2335cb4b50881937379b45a301175c3e8eb32970564ec8e25c46ee3bae079faedaad94276cfa251be8256c4c37fc84a25c3a2feb39e94a5266a10716d4a3cef499fa176018054e9149a1c9d20a809ce3"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0xe, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000071120b000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2a, '\x00', 0x0, @sk_skb=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400, @void, @value}, 0x94) 2.48314962s ago: executing program 6 (id=2063): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000c80)=ANY=[@ANYBLOB="034886dd0100"], 0xfdef) 2.361633054s ago: executing program 0 (id=2065): r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000040)={'sit0\x00', &(0x7f0000000180)={'syztnl0\x00', 0x0, 0x8002, 0x10, 0x7ff, 0x7, {{0x5, 0x4, 0x0, 0x13, 0x14, 0x78, 0xfffc, 0xfd, 0x4, 0x0, @empty, @empty}}}}) 2.21790384s ago: executing program 0 (id=2066): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000000040)={0x61}, 0x1) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f00000000c0)={0xab}, 0x1) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c) write(r0, &(0x7f0000000400), 0x0) listen(r0, 0x9) sendto$inet6(r0, &(0x7f0000000080)="b1", 0x1, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x8fa9, @loopback, 0xffffffff}, 0x1c) 2.165693347s ago: executing program 6 (id=2067): r0 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_ADD(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)={0x40, r0, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'veth1_to_bridge\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0xc810) 2.013212066s ago: executing program 6 (id=2069): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) sendmmsg$inet(r0, &(0x7f0000001400)=[{{0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000740)="1a2a70f075b4c88c55dbd87a4a5f87a575500ffc3b9e9e70e90a176815392f99924219c833513725ffb666c386cc0924f1939bf5fbeb2d3d06b60dec5bae8501f201de6f6afc1104ee0a14c3b8f8d640bd36a57b4c2b241ade18f6a7cd537d71c721c86216ee99993ceb964ae96893230f051629ec9227af36473f3cbafa6f0692fc070e7fbf5195ecaf7d4c0bf74bef7fedecbf27d3e19d416111bbdbec40b44ec2b2f54b20f7d2419febed659e85c83fd6d7d95e97ba8d3ab50298467ffb480e0b787526d09c44449fa7ce49b3d92b421a8368056ca28f8662e20680339cbe02b571cdc5daa0075ff14b5ed07afa3097a8", 0xf2}, {&(0x7f0000000840)="dbeb5a02c82eb6e813ad57289a4d904cec88ac5fb3382f9641252d6ddb5bdfa00afa017a1953b6ac63b6d4bf3e6fa3686e820f7f62ee9a98dc360c47d48b1ba8b9330505dea72961a8ca73334dd98e6711ed6233ea7a888045a096628eee353e59163e0609fc0c0c8e60d1871f484c4a5feeade137aa3ce5db736e8871da7da4f530595c6d6e1f65723a61984228f02a4b2e7f23ac212f31a4f78dde5fdda4a7cb857766883ed161c4632ad692cb63b07b7caf78", 0xb4}, {&(0x7f00000009c0)="38683f236ec70a28ca402d598c63be8457d671512abf13c876ee62c07a2a539a4360571c535df89c62baa6e83dd697d7b4ff48f93b1d92dcfc5f9b56cebe0a984f10f663e6916e322bb06f864479ee14397a8f341c1911d0987f6e849fa6dfd1a058d71d0c74607a1ce48e7b553fecc11f37df2ea61837bac0d37e64e907e66b1a", 0x81}], 0x3}}], 0x1, 0xc0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4) sendmsg$inet(r0, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f0000000180)="24aeb629fe7b9365d7b070ecc4dd1152738d0e31230b870ed50f6d166478d2b3e4963ba03800c460d40436d5d6dd73c8b2cf41e6937baa57c249d2bed4d36b15b641c2766034b01209e60dfa5ade22e0d4d897f050", 0x55}, {&(0x7f0000000380)="064b5a44bc841d0eb3cde7939f732de2357f57de1b028d9c939cf361d6e17fd0a67ea6b6456bb6c3c6739facbfbff1201931291b341b298590f55f00f3874ce872dbc3ce8cda35ace31b9b334bb5a9165ed6c44eecae86a24d83e1d288d3dd466809e24f0dc811508e518851cd83141ee9ba314b9f0398eaa68f6eae7e8ae7f63b846b74e2178d35f52c2ab884891ea40c2ce9b48fb4f5ce8f8ebfada1e4b15a367904af34b5d705f4130309ed83916c416f91224b852695a76bc8a8b95874d54bbd0f583fd39f957277b27ceb0348eeb5b30e9a5ddb33a6ad8d3a4a", 0xdc}, {&(0x7f0000000240)="7457b2316e204aba6b591334c56be87dc6b5ec55cf130145", 0x18}, {&(0x7f0000000480)="cdf3015ae846337720622f5ef786deee3b963ec31593af3e36f09ccbb64dcf5afc09d82f57e74df1f5fceb84dd15441e", 0x30}, {&(0x7f0000000c40)="645ae8fd31b3c84f6b49d710c86a75c8975baf0e80ffbba753a5dbc06bf3f6e09db2655db3539859eab379da476e7e93e21e317ca8321db540d815d0bceda8ffa2a594e00ba059d24bb7b2c1d926627d66dedb436faf50044f831c606e5d0338249fd87c2448393537362aebbc8d47fade3144643fc23015565cd1569db23cff792bc7f5c7d21ac333cd46175f6660c6789cf5a52d46f2e54284b6e42cecbaf6f60b911c318cea90bc55e98a2f179c720396b563a6105c4969c601ac22b7519b662dbcd443c5be89d7", 0xc9}, {&(0x7f00000011c0)="391a801fafa501e3c39f", 0xa}], 0x6, &(0x7f00000014c0)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32, @ANYBLOB="ffffffffffffffff00000000110000000000000000000000010000000800000000000000c0"], 0xf8}, 0x44000) sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27) 1.983214878s ago: executing program 0 (id=2070): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000280)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000080)={0x40, r1, 0x1, 0x70bd2a, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_SEC_DEVKEY={0x24, 0x24, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0202}}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0xe9d4}, @NL802154_DEVKEY_ATTR_ID={0xc, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x2}]}]}]}, 0x40}}, 0x4000844) 1.89074237s ago: executing program 1 (id=2072): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'xcbc(twofish-generic)\x00'}, 0x58) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, 0x108) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="a95c55bcc7cb4a9362a5ce533229c8ee", 0x20) 1.856806025s ago: executing program 5 (id=2073): syz_emit_ethernet(0x320, &(0x7f0000000780)={@multicast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x2ea, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0xf8, 0xfffffffc, 0x0, [{0x0, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, '\x00'/12}, {0x18, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c41bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee96f24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000"}, {0x18, 0xb, "17dcea46805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4610001394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f003"}, {0xe, 0xe, "5e14f0e7e72d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c676d8800871a6aa54155de"}]}}}}}}, 0x0) 1.665435102s ago: executing program 5 (id=2074): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000001300)=@raw={'raw\x00', 0x3c1, 0x3, 0x530, 0x348, 0x18c, 0x203, 0x348, 0x19030000, 0x460, 0x2e0, 0x2e0, 0x460, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x300, 0x348, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{0xb1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x80}, {}, {}, {}, {}, {}, {}, {0x16}]}}, @common=@hl={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x590) 1.664987372s ago: executing program 2 (id=1553): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$cgroup_int(r0, &(0x7f0000000200), 0x12) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x22051, r0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x18, 0x1, &(0x7f00000001c0)=@raw=[@jmp={0x5, 0x1, 0xd, 0x0, 0x5, 0x6, 0x8}], &(0x7f0000000180)='syzkaller\x00', 0x8, 0x1020, &(0x7f0000001200)=""/4128, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001180)=ANY=[@ANYBLOB="61154c00000000006113500000000000bfa00000000000001503000008004e002d3501000000000095004100000000006916850000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf670000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ff3d4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2739670b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc401000000cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be19637302f3b41eae50509fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524a3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8b0100010000000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d545ffffffff00000000a1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf857689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684ee54c0a263c806aabac2f66cb052f847c62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961ef4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fc0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bb000000000000000000000000000000884efcecca45ea4ab2ec097668456a6ff12854997f5aed737d5205ace5c0b64f87ef10784d0479cb44ca077e0c4ce6ff880e2ce3de63853a9740e9233683bfc8636bee293aeeb680b399a296e6f44c07b5fc5d9d359af007f23004a7acb6df23664ea209620b4fe0f4df81c33bd8ca2335cb4b50881937379b45a301175c3e8eb32970564ec8e25c46ee3bae079faedaad94276cfa251be8256c4c37fc84a25c3a2feb39e94a5266a10716d4a3cef499fa176018054e9149a1c9d20a809ce3"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0xe, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000071120b000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2a, '\x00', 0x0, @sk_skb=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400, @void, @value}, 0x94) 1.618376258s ago: executing program 0 (id=2075): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), r0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)={0x30, r1, 0x1, 0x0, 0x0, {}, [@NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r2}}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x48041}, 0x0) 609.305122ms ago: executing program 0 (id=2076): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x54, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x54}}, 0x0) 608.81988ms ago: executing program 1 (id=2077): r0 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_ADD(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)={0x34, r0, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'vcan0\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000000}, 0xc810) 608.578713ms ago: executing program 6 (id=2078): r0 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_DELETE(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01002bbd7000fedbdf2504000000080009"], 0x34}, 0x1, 0x0, 0x0, 0x20008100}, 0x0) 608.306976ms ago: executing program 5 (id=2079): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0xc7) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x11) shutdown(r0, 0x1) 469.629271ms ago: executing program 1 (id=2080): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)={{0x14}, [@NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x801, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x4}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x94}, 0x1, 0x0, 0x0, 0x4000000}, 0x8090) 409.168406ms ago: executing program 5 (id=2081): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), r0) sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)={0x30, r1, 0x1, 0x0, 0x0, {}, [@NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x1}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x109}]}, 0x30}, 0x1, 0x0, 0x0, 0x48041}, 0x0) 380.434768ms ago: executing program 1 (id=2082): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$TIPC_CMD_GET_BEARER_NAMES(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)={0x1c, r1, 0x1, 0x70bd29, 0x25dfdbff}, 0x1c}, 0x1, 0x0, 0x0, 0x2000c855}, 0x4000) 380.201561ms ago: executing program 6 (id=2083): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_GET(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000700)=ANY=[@ANYBLOB="2c000000010203000000000000000000020000001800028014000180080001"], 0x2c}}, 0x0) 257.505969ms ago: executing program 0 (id=2084): connect$unix(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000840)=@newqdisc={0x88, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x58, 0x2, {{0x0, 0x0, 0x0, 0x7fffffff}, [@TCA_NETEM_RATE64={0xc, 0x8, 0x6f63fe4a4d3f2aa0}, @TCA_NETEM_LOSS={0x30, 0x5, 0x0, 0x1, [@NETEM_LOSS_GI={0x18, 0x1, {0x2, 0x4, 0x2, 0x7ffffffd, 0x5ba4}}, @NETEM_LOSS_GE={0x14, 0x2, {0x3ff, 0x9c20, 0x7, 0x200}}]}]}}}]}, 0x88}}, 0x0) shutdown(r0, 0x2) 211.482571ms ago: executing program 5 (id=2085): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x801, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x801, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x74}, 0x1, 0x0, 0x0, 0x4000000}, 0x8090) 204.617492ms ago: executing program 1 (id=2086): unshare(0x24020400) r0 = socket$pppoe(0x18, 0x1, 0x0) close(r0) getpeername(r0, 0x0, 0x0) 128.806966ms ago: executing program 6 (id=2087): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) r1 = socket$inet_udp(0x2, 0x2, 0x0) sendto$inet(r1, &(0x7f0000000080)='\x00'/10, 0xfdef, 0x0, &(0x7f00000000c0)={0x2, 0x4e20, @empty}, 0x10) recvfrom(r0, 0x0, 0x0, 0x10102, 0x0, 0x0) 33.345395ms ago: executing program 5 (id=2088): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="8a", 0x440) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg(r1, &(0x7f0000002f40)=[{{0x0, 0x0, &(0x7f0000000a80)=[{&(0x7f0000000600)="cf60974a346617a4beeee72373ed64deb19d6a8a4cbf52706881b6054bf6a3c632577143b3a930f973dbeafece6ef5cfe27a936be7f158f509a41b1fa6535c278690827cb1fa64a5d2a5535edc55984ff96dd95b23aa0e0e9d2f9b9c21c9dce754ccf9fcf774b06fdd39d7be92a1f4b2f139d042f9dae82cb2dfcb289d9952062cb2a4f36b3f81b45f593fc7aded4663d7c28fa9e2a147347e932792cea17f448e68a52083ae37e78110cbc4dcb13840cbe82eff052f12d8774d6353b3a03e607d10a01eebbb2202024f67b6a37b2b3f00c668972803058b4792bfe3eb6db7ad5a7245acc9254cb756485e5a52a1", 0xee}, {&(0x7f0000000b00)="a6629b1538f5b726c194ab21284a21d814f2", 0x12}, {&(0x7f0000004180)="cf705dc1da88bc15f373c74cb1691cbdbaf38a0f0af56f8d2fb099ac8f75bed9905892f6d62c81c2ab4bc2ffeed6dabbc50ac414e203c1457eb3e66a3ef71ec930091275a57b04719893c60e87f6bac7222432a4e73b78dcd1670515767b52718963e560a078231e1f4666f8796ae02316d3e7ecbbb2ab2732bfcd2486d5f1a02891fbdb394e3220d4c552def03ca10b4c1f1f828fa38483fc5bba47fa77df70f0e3ae26b27d44a4a59b05d577a8267dbf30bc3efd6b36b616d2b897b197f7ad09a42371987116b8da8c04fbfa9391005df0a2a6c9f7a6670e7dde559561e9dbbf14e101e9caaa453958c7d00a65b83c784bdeea9cfb5ccad0cac0cc3548d9bc1918d5cb72f8cab3e4306a22a99fc90203014a529ea78197ab53b5c0d58b61684ba02d914da2cdb0152d61da06086ee59ea223063c92cba1165ab5ffa8ae570cac13e9c9d12eaea01dadb2027311616e847dd26b518c9baa1f5f2b3bcb9fbd20209cd016b0fd131ff2d8de5723d8494ba89e4cb09dd8453286522a1ec94d981c2db49ce5ef124710e2edf8f45daf1c4a92c21a357673b5aacd79fe32bf33c714bec6a9afc07cab3917d57e1000660bcd3cdc41b6e5ce0a7e10166a4c79d9e9bd56f666dce119ac615cff5433cbd388cfc1fe13bb1b01a3958ca12e67c9f98ccfcc3f96c6000527b911fd76ab26d16767f96ff72bcf39b111133176755ef0bade5d4575218dca4b4b7466efd5da5b4a36de76e0e9c5a9bf489b5d4d1d9a146aad3a210bc203b346e39dce02ef9dafbb01f058ecd5a48fa168aef18a1eff1eebadb21bfab61d7080da6840b8d30c5dd9c3f4f1cc9d93bb68edf294bea47af69430dfe13fadf40ea18f1de7abdca4e85d7814aaabdb0c208b43cf8b856dcce2b1daa33a9423dd1e9af07d485118f4a3085e26f2c97fe8b157c5c3c85837ec7b794d54a537c0b07be44e3e9388852979faea38f06a91ea38597ca01debf48c53d79430213ce12e09ec29c5760ee3b659fdff913ee2218e8d41de202923da09bd73b160bcd94d0a4d22785ade7f1fa36b04d8efebc2266a85892414cc4570230642574aa795a9a913dd56ac1906ed1e856d7a", 0x310}], 0x3}}], 0x1, 0x0) 0s ago: executing program 1 (id=2089): r0 = socket$key(0xf, 0x3, 0x2) r1 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x1ff, 0x4) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @empty, 0xffffffff}, 0x1c) r2 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$sock_int(r2, 0x1, 0xf, 0x0, 0x0) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x33, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x1}]}, 0x10) bind$inet6(r2, &(0x7f00000006c0)={0xa, 0x4e20, 0x4000b, @empty, 0x80ad}, 0x1c) sendmsg$key(r0, &(0x7f0000000100)={0x3, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="0203f3021600000000000000000000000200090008000000e9000000000000000300060000000000020000000000000000000000000000000200010000000000000003fdff000020030005000000000002000000ac1414aa00000000000000000a00080008"], 0xb0}, 0x1, 0x7}, 0x8000000) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000180)=@newlink={0x44, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x4}}}, @IFLA_ADDRESS={0xa, 0x1, @multicast}]}, 0x44}}, 0x0) sendmmsg$inet6(r2, &(0x7f0000003380)=[{{&(0x7f00000000c0)={0xa, 0x0, 0x2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x40}, 0x1c, &(0x7f0000000480)=[{&(0x7f00000001c0)="956f9b7fbb33e36de4b3cd37895c1af6fcec508b1ddd2e7f7444117386b52fbfa96bd1af0ac3781990a5809c315b62027c5fa5e37e1a3cf8343d00aeb4d457ff6f22328ebc4d1d4bb33b6ee7db329755ea70b589052ad29890553d5676902b1d927c0a746e8b7f45fab4e937c33ed1e1ce7814beedea5fa96a069c5301b556d089bae3f3abb5ef0e65c91c914bf7a663e2d573ff8973e870beb269b871342f9f9fd8ff6c6d32b6fd6ceca203cd45e9b08f7a45360c7ded3421357a45fadc639be42af8a3ae65b0b07733", 0xca}, {&(0x7f00000002c0)="33202efbd5f7ad12654163bcab85f9ee7461a07dd33a7b5743107b4a7bd9e30bd4995a70b5729d71d767936e66cfa23b6f72185394c71efa802c595879355a0e9d3b4fa28f3e5432e2c6b1524183e03f2b0c19f926f889bd0febf8a6d53a6e030c3fd2885eb72780784f8d0fb48746f25d4cc1b45fa3d2a5ac59218b5489977c752358d7b49f19c6d2b95640103f119dcb53a04f7ab2fec9", 0x98}, {&(0x7f0000000380)="535249fd35f468d7a290f0982cfc7839b0c722ec2f581461", 0x18}, {&(0x7f00000003c0)="b7c9fdf918bcd91fb0a4e01a4128f20241a4d2808dd1494f691ddb4572cf20f751e1bd1a6714b55bbc29e63a57004b9b3c666bafc34b6bfe5e561d13d99ed1a3c3c9f6031ff48279fec5864e46292b099b93d95906c57c48d6c316c9c82117419da022c329f0bdac516a0b4438d3d98ab309f864e6763c430f38df3abe9954678633d62889e12a696f0f8f21058476f4f5e666745575b8f7d3be09007154631f13e77cf57374c19df292688995", 0xad}], 0x4, &(0x7f0000000700)=[@hopopts={{0x38, 0x29, 0x36, {0x11, 0x4, '\x00', [@calipso={0x7, 0x10, {0x3, 0x2, 0x22, 0x9, [0x1]}}, @enc_lim={0x4, 0x1, 0xb}, @padn={0x1, 0x3, [0x0, 0x0, 0x0]}, @enc_lim={0x4, 0x1, 0x5e}, @enc_lim={0x4, 0x1, 0x4}]}}}, @hopopts_2292={{0xa0, 0x29, 0x36, {0x1d, 0x10, '\x00', [@generic={0xa, 0x64, "b311427340fb5ba41509de30645347925a91c12e0c2cd205f52e55bc87d385fbe089645a81bf8ec21d33c93f302a9bb43130e285aafd7cb355abbc520bd24c5403cdd40ac009c8e6b0a97735a2c29c28fee252b38f91ad29a06e2691d67ab41b57d8010d"}, @enc_lim={0x4, 0x1, 0x79}, @hao={0xc9, 0x10, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @pad1, @pad1]}}}, @hoplimit={{0x14}}, @hopopts={{0x38, 0x29, 0x36, {0x87, 0x3, '\x00', [@hao={0xc9, 0x10, @dev={0xfe, 0x80, '\x00', 0x3d}}, @pad1, @generic={0x1, 0x3, ' \vI'}, @enc_lim={0x4, 0x1, 0xff}]}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x5879}}, @rthdrdstopts={{0x138, 0x29, 0x37, {0x33, 0x24, '\x00', [@jumbo={0xc2, 0x4, 0x4}, @generic={0x5, 0xbb, "8c67f30907696d5487c9032fd103455f38908f5c224196e51a4058c3ff82a2dacf40e85b4ed99f2188a884443eb175373767adaee24807c7663d125b92e08dee87f47ad1bb768529c3e0c7f1fae996d3cadcf3373c6ff99bc073aa3125bd667757b193530ff06401b1d82b278182df540449a954b83e0474479248195e440851cef6ee5481ab958373d01ccca8fd055040c7b42ba55ec5a3ec06411f61719921d21ab089880bff6b598ea6415c4746427a5bce5c80cb044ec487d2"}, @enc_lim={0x4, 0x1, 0x1}, @jumbo={0xc2, 0x4, 0x67}, @generic={0x8, 0x15, "a004c1f1ab2fac0fad639583413cd176972e68fb2f"}, @ra={0x5, 0x2, 0x3ff}, @generic={0x18, 0x31, "3918ac7cb49edc68d084dfa7d0a8591388e9b1543c52d06fcb4b2698ab2cdde1f3215e802ee9a50e46549718ca4ef676a8"}, @jumbo={0xc2, 0x4, 0x2}]}}}], 0x278}}, {{&(0x7f00000004c0)={0xa, 0x4e20, 0xb5f1, @rand_addr=' \x01\x00', 0x4}, 0x1c, &(0x7f0000000680)=[{&(0x7f0000000500)="3386cf537e7f81f07e0f0594a70b1c77674e5c751752c9cc8d7f5a8418628cf104c6035d5037ec9aacd82c127e8c599cbe63685eaba9c56489621d2b725fc0f1d1e7236c8bd1bf87b83ee121b1665f6c2430280dc4d504a47bc66e199ec0fe911c4afe92d5ed686475414ab6182b3d5f84d49718ce19c8763b58c1db4cc4dd86a506d8f9394ae7e0a144bfd0769263acded7adfa410b62f4078ec6b6f0b6d793133efb76df9313bf2c4a4de22b6e507c09746691a2b30e504272bb6151ee6a2e64736ebf76645249227b47ef2a53fb3be7bd2f2ae6e9d1c0438f3daf27ec071e76ffbc", 0xe3}, {&(0x7f0000000600)="a9b9a99487d6011b1f38fcb1a2009b515c5d88671e5cdd71f09f0508626612394fd57864654e569994d7c3e5a5c90f0be775fa857873e92ed420a63851a2d44fe35929b0c1f06932a2e5b40449a6382078d5f5fab1cc34", 0x57}, {&(0x7f0000000980)="e0fc14de96e21172126bab24f3d89cd34c63c8b05a13c6395974b5664a7546265d1e1abfe08eb1f7dcb73667b55f33a9c2410864092c9efcb88532afb8ca0469860557776cd36371caf397c54f9456269f034ae14b0840d53522f05553ea637f7887d5b24a82d31720adec8b59ddbc19b274af9598b1aec348b4564d4d84fcf6be66bbadd31d0edcadc23ebfb015763d3e1e7c8e0ba2d466266c48dcd623db272b8ff4683f86ee92b1eebeeabfd44f9ca2b83b8e35e68512b4d82f647954852678fc7eda5ad03bf616dc9958758aeda43de27033eaf1e0207ed278ed38", 0xdd}, {&(0x7f0000000a80)="2a9455711436a392a1d7666c9447af020a4c4698f66c68ada72026690d82230ac8592f36b7227edbc3d5bf7f613cf651b799f3be268c237a9115b11340a2bcd05a1cb74630dc0344495e095c7167edad75ba933111aa5b3e77363c4eca4250386fc69f599cf6c64ad5e498b13b1166c2ccef6302203237ecd4e71f09240f85270ec270d6b30a90f9141643a2bbb25687afa09499884f274edd8ec78b4b576ed863b106858201162305936b6e788ae380cb557f8ac79b934a356f9d8a838e9b1c431718b5d8f28276abe63cbe6f39d0b9", 0xd0}], 0x4, &(0x7f0000000b80)=[@dstopts={{0xe8, 0x29, 0x37, {0x32, 0x19, '\x00', [@calipso={0x7, 0x28, {0x3, 0x8, 0x7, 0x604, [0x7ff, 0x9, 0x2, 0x8000000000000000]}}, @generic={0xb, 0x9c, "c5c1a3403343d58e5abe3c5be6f6e621df878d589c662501c70a94f0a02511422ff627852cba1fbc6a59ca8714800742e2329cf052dcfb59190005f776629cdef66407add47a80b6ffe5c7521751fdc9c1d1f28b468794e5c75c6781f50485ee3827a6816c27043db96cd87915cbbc4486b0ccb870ef47bfe1cdf9e532a54a587f0c13e2c1e3d28bd673caea7944e96dca7c8e1702d8b3a5ca607528"}, @pad1]}}}, @hopopts_2292={{0x20, 0x29, 0x36, {0x0, 0x0, '\x00', [@enc_lim={0x4, 0x1, 0xbe}]}}}], 0x108}}, {{&(0x7f0000000cc0)={0xa, 0x4e24, 0x9b57, @mcast2, 0x1}, 0x1c, &(0x7f0000001180)=[{&(0x7f0000000d00)="f963be18c8b7989c3b90a8d3b84840d48bd5b947b99ba40e03fe8c5db01ad78a33c7ccd00bee67b34f08e0cfc090f5568c613e9c45cf40a791eeffbd1df771943aad896ca4616fe4a297c61c5b6e6583c3fec24979a7d5e0c94662a83908de3d553f7b75b2daea72946f7c0b53331c3b45b39bc30a97e4dc3aa826def719deca4debf6d896e06e57e49d109ba5a5", 0x8e}, {&(0x7f0000000dc0)="fafdf5aaf2d5302e663a3a4891e02b6052d3e9a2aca515a23428a577f05e6cf024fbf8f08f9103061209aec2a6e1b29ff48608ac366009934cb59e923dee431da3a7edbe8d477627eef504af4e6d39fb71208478be3a4261c0bf3ab770f8bac5b206786bd3b341e97d359f3fc059e926ed", 0x71}, {&(0x7f0000000e40)="e1455ed659fca501c2fe9064ad6e4e11ddcedc3ef742ff", 0x17}, {&(0x7f0000000e80)="d56d1324e09596296b994e55fb3614cbde0fb5c8e3f41181d321c893c3508be674e153fcd2e67b3edd32157c9bd9610f8a4a129f0ce25048aca311d196d65947f0ba37a13e3f9a1f7a8f69ddc90b14a50d58778720280fdca5cd67384e9aee13a95cd31cbc41746923c68188df310fc57fb2e52832db32a530fa25d1537133ffd348cce0f3dccbd25cbe8703a0604a58eac050f2f9fbe5db9b3d2761e2c5335bb73677397b003371c4a0f665e5aa1bc0e1b7976ae8a48b2dc51140202f1e483dd40a6fbbf8eb884f1969b3347d999515c9a17d66250967f661e8e32ce73ff42a65923ec8d235b05a64", 0xe9}, {&(0x7f0000000f80)="24e6fea226e30b20c3df70605171b81adf778d99725a4e26b2387fa74a6b55f91bb30032494b964d6be39ba91fe884cd562c5080e1efc1d6c6b19d49c3f75a44872ed6aeb3603f7e0930254773c951ef31d7f9ef08ed092b68c47bec833c4ce489df162ed3c5737e5ad9e3a922781cc78de3e39ed8d42548920e8fc22cadad37f9df9045a00b9b6f628c811bfa12c63ea6d7a2a4002c3c52cc944b1747c8c1412cc2d7b7c2d20b165a9bb2ac9ba2202f3ca83e87ad293bc6a5d3e557700bba32b516e16ea16bd23b4312e50fac6cc7d55dfe88e60dccae6f01c813e2116221dcc5d43355aece076565ebc0b87d80", 0xee}, {&(0x7f0000001080)="0e79c0751c756709d1af7d98961088a3d79e611a898d37b862c7b460761651b0cbc7b0411a6913cdf94079f39d2757ac1d66d0b616023ce53f80f6cf39615aa86a20392ebb6c1bc5291ddd0be0a7bf85c7250a4594f53a419965df33412cf9834788c0d5a17ed595ea75831eccc5f6f1f4d58954b65c573d4592582a", 0x7c}, {&(0x7f0000001100)="3ff1c8ec9ce6ea5314f1034f4371ce18fda2afc2ae8e9d083ca49062e3f440718884c50526f3076d56ddcb5e4d108f611807e72cee12cc48351ddcf7ba599957178609c771fa734955f5bb", 0x4b}], 0x7}}, {{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001200)="4e4be025b15ceeb4b08b25d74409cda3298bcb74888e7cb87b08d62df4a7066dc40898f3f5e14b346e43dd3633754df9d4079e7baefb4131bd1c760583454ec7676481c60f6e63efad4bbac0f8f34dd7", 0x50}, {&(0x7f0000001280)="92c20837ecd48b5457dcfcfbcc8ba968d88551b85827058b34be5676f55a3ada26d1fa286d8f9960826ddef33e80eadaac2291252c207fc5ee0c8eff79f18a9d845cc86ff1f3c9ecd53051e082e9afa4e0c141b5054bc7f4d6e6a56e7e8e47e4a2dc0e90bdedddc380749bfe3f24123832335536af9b2238c73e25454d2291b1706464badaed53593e39c8a05f3378656672119d7b253e28", 0x98}, {&(0x7f0000001340)="3811f6f01af73e350db1096034063e23372eb4dc8ce478cd23399edea559cc0ecd1eef2720066d446b7d77dc38d30e3de85de8c99666e4ea1bfed3761a9c6c9a7fa811c435d445c275964bb60c9e775f3725b097d9aa910896f3de58bf9635bfee8c4e148ebd8cb54148461d5675f3ad092f46d4c16acd061a1cfc80f71c2c39fb84b399761748871acb3b3867ad10842ba94b0808e28b37e5e8250c19056feaed6dfef5074f132c63d4a9b815d577b0669ddb0c132abb152a37a5543f0327e1", 0xc0}, {&(0x7f0000001400)="2bca0df48f3bf57f3f651b2d93c2d44e445ee6dfc24e10b3bc1725db1d051f7953cea44ef97f548ca602e087c3ec6a586826", 0x32}, {&(0x7f0000001440)="fe1fb920958637bd0f281f0819e43b08fc13ff430aee95f0b50e9b4aa6764f7c7b9f0933dbb4527d15001b50c377388dbf2688e24f7471c9b07de09eb5be0eaae8fbe05bd1794496c2ad630fbd9ed33bc7e65d2186a9fe84a266d5ffd7021d7bdf528e0610a6f68fe541ec22914df4e7fd52201a5d3f80700f3dd82f3a3f197a69f2d46bf59a7ec15032ba114849f94abe9525d2aeecc332a6bf8c4c8c6bf894bb890f186f9b", 0xa6}, {&(0x7f0000001500)}, {&(0x7f0000001540)="83b7decc69a2059c129d4abdb154d180bb17bd761b111f64790dc8c58899f2739ed632f302fec3faab1cff22ada8519b04505face762fa0b732472a3891c0f296a2fe1072fddaa143e8403cf5b850a54fff03673269fd351950f6f863ddef4f5ec836f1a98f2e8a6f6c5d8173ff9d8c3e9db26f00e47daf31af193036e435680ed8385df39687dcdb4505050bd39125383f7cc6f3c5a49c1a98e9ab617d20f920e1a22c984d54f3a990b41e5f5f626c9762faf71b7ec2585c0866a36969956eff716372a2ce8b2c20d4ec92dbd9a1e79070a1b17209c30c6732a4d4e8eff64f835a78385f8e0ce0c3f", 0xe9}, {&(0x7f0000001640)="1e39fc51782d331448920c3f6e1a8743dbb884c220d22e6d2a07401bb6e6fb5a832e978b9315c074c048fbc433475c394a0069603e48ccffbf622e75da6cbad1f4ce6db4dd6cdd4d10fe7eba16d856fba76142c7b24cd77a77239b62b984a89e4dd425180bf567", 0x67}, {&(0x7f00000016c0)="eac319ae6ff13c5a7b11a3131d9a48d057e9270dc0d52318ea081fa89899523d4628aa1da6f5bf7225a2d1dd6a62e68e86400f488556d8bd88b466cd45d4f0ec2594f28f6d5670378de0f8d1f04bc3c8014ba13152", 0x55}, {&(0x7f0000001740)="3b3539b9c120e93df6e4c1d0c9510e15ff40adb237ab84b630307355761f4532e4fc664692b2ca361c8e775fccde2dd8eae2f03f97da3ea97e803ae4f4fdcc6f9d1ab744516c81d93ba086839a9a158248b9ef4b68fbfba6b392e96c9f2aa9b0b75cc43e4d0dbfb90e50c1ac76e19c70", 0x70}], 0xa}}, {{&(0x7f0000001d40)={0xa, 0x4e23, 0x9, @private1={0xfc, 0x1, '\x00', 0x1}, 0x5}, 0x1c, &(0x7f0000003180)=[{&(0x7f0000001d80)="6c1507d1559bb14f1c1dc7351c0eb77468654a40c432ef799b558fc0fe925679d8a91d0b524110db4295eef5b69d324efd42137d7526d628b701c6765177fa2cab867355a98ba748ba4d9f13314f6d8262f7f32ba45b3a68c688f5c3f2005f3b2e36", 0x62}, {&(0x7f0000001e00)="dd7c1b36cbdb19170eabf274c24ed12a5228f33e7c32bd9dcdb7781885f10c1e15dbdd325b0b93490f4686514f5cadc2f1125bb898681a7cc6806f3a050f0fd4b77dd55b3751267cd3e21c10c73789f9704a02ed9810ec66031a2660e765c3862fb1fc37fad3e8293f1d049d3bb74238f519045519c1d5331942b233890b55aa442ad84ab727695e12419fb73c38373e5ce61212fe2abaf31a22a5ad880ae57cce820672f9a48c13bdc3d8a4412d58701f2b233984c4c43b121366a718784b343f9e5881a8bb2d99955d24569f8395ed0db95fa9f89ee4c75f3ac2ad929575a406", 0xe1}, {&(0x7f0000001f00)="868e8066f5c427135068f5b35572010f50ba3acf3d3edc5a27a0878f43c3143c9d2e5425cbbbae6292b29936bad9a62f101d2d288851d645522b4dbf92bde5b9b474c686dd790ffcf9ef358449ea733d4fbeba9fb366a335da00c6eef252451af139aae959719de7f6c2a8ce533727020536e0dc0dfe099104e34b002be7ae57e0cce9e83f6f06019cb6b102bf7a5628f2836d64048ff60007aa2a477374cfd570a39f0a948e7d24e443b04a97033ed1e5045a5cb1962294bff305665a6ed7d4e2e05e83d75372b275802f45eb5d006ad0781d23e0d12b1546c190ca1743a1fabe9e3e422e2fe33121cc5b2aee6993d9c9e18fa430da", 0xf6}, {&(0x7f0000002000)="53b053107415ae94dc3abd8292013d6d0ea0db23f458303c1a21be9164a58e1ed786d64886b2a742a56764ba7ebc5f6acc5d2ce77c459357809d04db46961b3c1e05d3ca5ad74f1959cfa07396ba75e6802bc53e810925966f4f99c12b91a4c0dc62ef0a0d35c99b2805a422295a19cd0fb52baa49959fd4c36da4864a6e", 0x7e}, {&(0x7f0000002080)="1e4def87ff73cbe0d60d9e281e252a8a9e6ab79fb7878cf3a8d5c6dd9cadb13485cd7cab8ae1465cb46c1c59ce2d683e8a1f658b04c88333", 0x38}, {&(0x7f0000002180)="91bb02a81d75ff6402ee332ca1f57a16322d49ea90f03baf95e8e63d97b6fb64dbf765f7f731865da35e60f19e7e100c46d6405e45c5f72d96a05b0dd8d99f50254731afb3807c292c1eb151d9fc6fee2580e34ebfbb4623a35f6e9ee91fa1e87479d628ebbf45dcc26aa0f07063ad03e88d2c4860aacd1748185d5fb53c3cceb785d1a4ff5010c93bc6d94c10877eab1da6ec38e57611f7cf6dfab4f1095d5a9e66e6020447b0edc10ea393989a4f5a8ff2370865512d655a6a50da8b581b07907ac1a4cc38b7ce07a1e9050344af30be946a12e24233fa3ea9215d829db121def0173f1f7a8b151a8a0decb007e9b59e289c42c9580560312f77d02493c42e124148b3b1611b6c5106a99a5ec69c5024861333e43797bdf66794c24b787b515fb8dff02c3558a06914a445a86314284b573cf94f77cf8b38eaf57c2dbc84e4d6a1ae8f779f9597a12d5bd0f45805658ea651564623cf15ea58b05611b55f5ff833b6adeae7c1eb46ccb9876cf8d4cc92bd0f76fdaf2de9630cd90ee34e82faf26f8d9f144081dbb57137828a3fdaa686573d5831f3f8e590196286fe440c4b27c930ce7e422b7d13293c281c2f947dbf296aae86383bc8568a7b020abba6cf88cec1def2309a1adb0ac8ac49702762692e7875fee471be2dfd897e0041fd518d007ada79afca2d8023c6bb183d31837963d07aac5cf102b66e51c237b13a295685f92e7b294b154334e6ee0ccea0679c455b0bea4f23d1f8559f1cd1716050e90b5310a54eab2a9bb2ef73d62e153d3abba639b0e725f444c1ebe34dce5d0be990f8d82c2a8d5a9ecc90359007be5117dcbe3370266e093ffe1d13cc69599721914e6ecc4588d2041e85514b8ccc918c421e469d259756d32c09503d685dafc3f8b506a8830cd148c3fe788cf45ac9d133ced3650b6d177b117f0f5c299000eeb806f1d9ae1c2404416a3c836d3232cc0b17f089c565cedc82c82547be1808f79652566ecb15fd33f67beb66b7bf8e5db5172189c048e33338697de8863fdfe83ad378c60eaead85064a99057fec1af87a395f508aa79a9b7bd7b7c47598d0ea5f66d5c25d4ab3105902ea5c860cca1b8e8e5e80a88fa580930e724727d631e15ee92844a11d2a73e15ba26080a11fe5541d3552d948e9d4bd1072108850f42d52fac6b43cfd407f52ad9cea3683fc3386d2c130318bbf8a159db4c85436d1935f906f958c93bf0fe8997cd969ba7d1d35c433a664037e3999e0d0c9c6de2c4a6b324b7cf6c6006a7872b2b45190a80600f1057e770f45bc3d3f2b3410d8316b80c34572faa30f45d7e27467618f1ea6400e4d14a9c4077cb4977cf2e2cc2b6682b801d84bb1ab9a9609341e1b8aabc5060d4f059cb5790a0d055f3ae8b2b1feeb552b620a9bfe556abaf4bdc32dc6362592056bbef43ec6e78d48dd12cb13e32948b8a17b07bbc3d8a4f4e758f257f9540eec0efe25a13e8c5b0ca602569599dd6c808f1bc36ab0483f58e36e8a3f6059d4e80db5604a28fd5f5ce35dd22e1f5f2e96e51d07c90c9a7828b0420bc957fdcda722a53eb3afd114e44e2560da812cb54eeb7c46cef37103a98269bbd216ef6b7abfb85e8b14ae056aed39baa38870456981528e9f30290db6fedf0318e7f1a4e232a2eb0bc2565bbf80125d7a39ffd81d2f0bd2ad114c72cf33f362ef0d29b3346ce003e30d62eaaedec0f8b0aff5afdb939d7bc9250205e209bf74586e84c956276fa185d8a4e7469d7bcb4ea37b0cb5d3126efd3c0885915394b284e5ccbeba36d0221710d479171d4dc31b7e3c176cb387e3f87f312410b51044971ffb19d27d0749e43d8bfeebb20061e9ee4caa7db823fc5998b978c2c36591b44bb0fef541d7fff6a31ac528de234d727933d19af6bb62e551729665dbcf78caa859bf7e208cb8a344e4523d9d4812f528bed38f046d594f0cb1bb706b5bef7c680f8b35f77a22c66202e34ad1589a9c300017af1bdce3d16d705065eb8e599ff8a6a69843ca3b625c419b1d3e4ed3316ae2b7581f2fe26b5d70f246f6030e90010bc1094fbbca5cc3af003b2369c4f64f9d9848c0ff9f13cca6dfc318983e16e67429563f961bb56206d2cfa9e7ebbec4a0cf464dee700cfe4a569b982e24d24e94808a2de2572a3b7c34b9a22cc61d04a91231b5dadf67eef249e178ad6c6a5c8d8a2c15778f60ad17ad16f2823caa1ad7fdf21d2fb3e47a46c01d073dab26f0fb9bb0196d9c06669d19b2ab7617909fa0db6000ddd654615e0e82eb0be984980c393d58eaf929ccdeba7477a6e35cf4f11161fa28487b7be8d83a96909f0c4a37abe18e2a0e98db68be6273c1f08859d5901a50bbe5d20fa15bc6b95c98fbf604e824657b270ccfcdcc34c3bdbd79ff263d8bb64a9347fcd5694b604a182b2e3789dafe5de2913c7254406b56dd8fbdb65aad85968abecdc75983a4df3cdbe5ba1857011e8bb4c1d111ccfdd23cc6872bddaaa8cd354cde6fbcd1aead00d3af698301e838f932625a09d6aef5a85dd127b2b096ff906876ae4c67ac051cd447b7de7e11b8bdedcad9a127a1715e1b600b681dc99040b462b2fab7d566dbaa2fe42e2561beb48b88618d5d99d28b4ea2fcb06fc2876bd90feb2e6d475dfafc5d5e5b123022f4e629da752cd0af2768c1b078ecc53ce3795af1ee7085bc3e02570ec38f69440c850779d48b3af77a8e58f5b464058a83a652542a81c705753c3858cbd1f150b189ecd5c93aea07cf112fc89edfe0c860787e6632a7033b8865d2bfa55e186eedd82b4e130793724041ea02c78d4758acef42f8e3bf9b5bd3469f48ec5127a75cecc1b1122bdc3f7c6cdbfd6a3434e5f0f8241236fc5b5672346d2dc42175e32f928d798dfb2082de6ab567c2a230caa457a255a0ffdabc86aa699330026c605c541877ea70d171fb6c72e0009f7eb1cb8994a99cb9bfdf8844908962a7b3e445a3ba3482a39fc1259f4bfe2a7b14d2cab2d6defd268bbda4dae32387de5219b1a75643a4d1990e7bfea66f8f10ec0f8ae3d872bbeed93c1a83f54bdc8e63549c90910807e1f3c26759da5500e0be1c2887ccc896dbc8e51e6a89f4a5ced2a290e9436b07d5f8de9514dd14b8cbafc8a413e8fa58b546d38b671e6806f7cadaf12d5739dba94ee7977c57e4219f8661ea69c00488a997337e8b7895e355b756f18857015a56818ce42c1c2f623d0d0d7a6c8d1c78cb87743a7271c422d0b05cf1c0c5f046f9ba18cf725aaab97a6c082b2b68f6c5ed4638ad0da23e41c100135ce0c9f7950c56b84c4460c340b698f61f2a1b71fa8e4f0d4ce1278a3802be09658d5aa575998cfca60f706e340a74e9302413770631509f94d509cf0013b40e052d0cdfb5ab1b341a760196d31ddde3822856a2ab51d6b6e2c2b684eea1c9aafc54bc7a995d6037587a8f5e68a51fa408fe438bc0dd47ce6d963d087a629e73a7b0e9592530ae5333c0673a6367553e7ba0d472d84f33f2dbf3723826e9eea4aeceed5d2728646d3b4c189754cb33ad544c1f45aa60658ce9ef8b1a738ae393e6f1e3958fc3a112c2d6802dfae8df3afc43dc8282225cf6c81c85e701548dbe976741575662d35686693b10a3029811d47026f7984a35437ea232ff08d2e859e0577a7bfd5960877a970f69cc891aad029fd9adb7316729feeb8d4c15685df5e3e0db2d9cd6cdcb7928de91be6ce8af028aa091a2d0f0fe30143c348faaeea47cbe9da07326b32f0a493ccb7231de5865a782addf8f68a2de840a31983f7e3a379a9f40127cc2d22254a2b7246d52953391fd5933593de87ce804f1051c8a6447c333c52f5f9e6d6eb99568838f3469257e8fe67fb1ed532d17e3ee18b68107e5d1e37943725daff08162024913f878878740a94c00647ff13198f426b81fd03ee55527269d23cde6c4448bfa32a60b1ab3b97a7157a8bf7c4bcb25fbcc8a702440afe4587b00f10ba5313db3b01c31d27f62990c9c355fbea5d241076edd8a3f2baa01a1e731cdc0d586539f8f33d2c3a15b0325958ddf12f22df2bf84df0b365aa0340439be4b561b1bf0892276d86170fd53f9234a083eebec01626ec8da6fc77be68b5ce9c0718bbff6affbb21ad0e4b4638eb95f603cac887e8c72443a392f9f18ba3647b4e63e484ae730369e64530c99ce62890eb349dfdab9e276b8238e3673f2bf56e4f8ec5639fc7a06bb885a3a39f67ffe33427788957b389d3996325d44929be508ca2fadb70cf69903303b738eca1a283f71a60651a313bdf5cc4401da07ac38bcf9818f009a455d28ce817115046e6c916323ccbfed99a54ebc030cdfaa20abdc80e3862e8d510a0611f9b288338c6ddbe47ede5826a254cb00bfdd89c1710a71abd63c260c3b1b31d65e71546207741bbc4beffade832319c4a637eac6c6a74fb6922027db9fbfdb4f13dd2356602f8768db031d4416e10d3fa2c854b5cc7ad17279fb9004fa7f9d4b95bf1431c09f6762a38bc8c8975593714b60b2bcef40d9f74b155407a72047d912dc5749226046a0748b5db24525197f3f80a9709c2d033692db9d47a2917943c320d844e3be86f83421e5e3eb1f827926fbad5fa9af087c7f43fac6599002e119e03dd3fa3ec48cd46146f78b30d19ecf7b860b8dec4b94145d2bbef6a9f186ca9d35344495b4a5fe72951d24a9a4eb0146a074a3dbdb4af88c504f2203cbcc4bea8c909773d9f364d29ee50e59efd8f572f6fa903b5e5d4780286b1f1adc534169298926f0fca344cb62df2c0b59172b8598f286d45adf01d6ea2c858f3dcd7e20a8426e85239b81b71bf36610e31cfef7359e56523b2d9a19b6ce6148b38da13bd5f1eb2b387644bb03fee184bec9f59760fb628e5f3ce9f72b57fb6a1835cc4e854749ce52cc243ed5d8e7b256a17a47e090086db761bc641580291d868a7c9379ccbaa46cee23933d0c107c0041bea9ab352da32f12b72bd0e19605ef672d8a8a67bf0aebb504fdd06d0b94c93281319a731aaf2403d41f49772d299524aa684ae8949ba09473ef170d35aecc80bd3d90f48a298da0fb386f1024e032ff253b3d2073d71e53d28e0788ec5c9afe2a8f7d2876a03e08a11bde957e12892b4c843d1123d0ad056499243b2914e721551c71d6c1e3ea7d324465a73c54dadb88418a065e17377eabc1c483d2d44b41d95dcac8ed4b050721b0456cfe6c21dcce862ac10b3236b90bf24058232d49736a2afd46fb5dd70eb26bc73e1a125b1d3b49fa676f7e4aaa2ce4d5ae7a152fbf6cb7154bee9984e5ec4c1a7497c301697e9d9d40c08fd69365d9a92b62365c2952d14946478b17e6eab497388cadc89600d2db6cd49406d39e7ff3683629763ac8e04679a7990137cb5905778d526ddc0ed97bbcd3614f998e32d18e9c47a9d5a453d9e61698d232701137ba9eaef18fa0958273b31121c2c2e11b5a2fa75959fbd39be7cf7c539d96cd556118ee3eb3de686378663b2c1269e8126ac64fb058a6d28fcafe6e65c1638f581ae41b9bb2bf8a50b56b7688e9efc8628a51e13fdc2128b52de13a61300afc10e7879da1972c66ee623cc63e69dac09553c6ee44164ec581bbfc6a907e3a345e5f7300818add93b32337f8001bd9154af44a732a87a2d33c803bca5d4c8116115b3db8e2addf14fa84d11234069c084080857adf0061b33bf492fbbc70ac1ba70a7416c4fe6428c234727f025ba1edb278bc4b77bd2e61ce3efa34d1f0cbc9d7eed34f5e43894d279048fa652676a031ec2ae4f4e723ef69832a8ac30bfd", 0x1000}], 0x6, &(0x7f0000003200)=[@flowinfo={{0x14, 0x29, 0xb, 0x2}}, @dstopts_2292={{0x110, 0x29, 0x4, {0x1, 0x1e, '\x00', [@padn={0x1, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}, @pad1, @generic={0x44, 0xe4, "79db7e288b3e0131b25f40935b735bc1f0bb24669e03d8b17a9c8ec8b19b58f0507fdbdef91784215fd8866a84e065175f482905ff8d34be1284fc44219bcb27aa8e65027acfe085b95513664f19919b8cd6a48baa6ff4185e7087745b21d6a64e6a7507227533603fbd8748244fb2c82cd99b977348090d469ae32f88fabc0baadde7cfd61955b6e2753eeda657ae878b754726c9b5c863ec74cb38bd8a2e28626fbe92498eb4c6692ccc8b1868b20728c93ebc45dffdd4a1775204020ecbfa9e991529cddf52739015c8af2c4e7285c1302a13011d28e5a6cf1532094d24f7b1646720"}, @padn={0x1, 0x1, [0x0]}]}}}, @dstopts={{0x30, 0x29, 0x37, {0x11, 0x3, '\x00', [@hao={0xc9, 0x10, @rand_addr=' \x01\x00'}, @jumbo={0xc2, 0x4, 0xfcf}]}}}], 0x158}}], 0x5, 0x24000080) kernel console output (not intermixed with test programs): 21541][ T9945] RBP: 00007f6f25e10b39 R08: 00000000000004c0 R09: 0000000000000000 [ 209.421553][ T9945] R10: 00002000000004c0 R11: 0000000000000246 R12: 0000000000000000 [ 209.421564][ T9945] R13: 0000000000000000 R14: 00007f6f25fb6080 R15: 00007ffcf33783b8 [ 209.421597][ T9945] [ 209.421606][ T9945] Mem-Info: [ 209.841538][ T9945] active_anon:8373 inactive_anon:0 isolated_anon:0 [ 209.841538][ T9945] active_file:1647 inactive_file:39881 isolated_file:0 [ 209.841538][ T9945] unevictable:768 dirty:102 writeback:0 [ 209.841538][ T9945] slab_reclaimable:11533 slab_unreclaimable:108521 [ 209.841538][ T9945] mapped:43304 shmem:4350 pagetables:1091 [ 209.841538][ T9945] sec_pagetables:0 bounce:0 [ 209.841538][ T9945] kernel_misc_reclaimable:0 [ 209.841538][ T9945] free:1296464 free_pcp:13257 free_cma:0 [ 209.852372][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 209.901652][ T9945] Node 0 active_anon:33592kB inactive_anon:0kB active_file:6588kB inactive_file:159320kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:173216kB dirty:408kB writeback:0kB shmem:15864kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:13880kB pagetables:4228kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 209.941187][ T9945] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:136kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 209.974685][ T9945] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 210.005684][ T9945] lowmem_reserve[]: 0 2501 2502 2502 2502 [ 210.013157][ T9945] Node 0 DMA32 free:1264176kB boost:0kB min:34264kB low:42828kB high:51392kB reserved_highatomic:0KB free_highatomic:0KB active_anon:34048kB inactive_anon:0kB active_file:6588kB inactive_file:157488kB unevictable:1536kB writepending:408kB present:3129332kB managed:2561024kB mlocked:0kB bounce:0kB free_pcp:37248kB local_pcp:21484kB free_cma:0kB [ 210.065904][ T9945] lowmem_reserve[]: 0 0 1 1 1 [ 210.077730][ T9945] Node 0 Normal free:16kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1832kB unevictable:0kB writepending:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB [ 210.140264][ T9945] lowmem_reserve[]: 0 0 0 0 0 [ 210.150753][ T9945] Node 1 Normal free:3905928kB boost:0kB min:55612kB low:69512kB high:83412kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:15424kB local_pcp:5184kB free_cma:0kB [ 210.274234][ T9945] lowmem_reserve[]: 0 0 0 0 0 [ 210.288309][ T9945] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 210.340696][ T9945] Node 0 DMA32: 1067*4kB (UM) 345*8kB (UM) 125*16kB (UME) 98*32kB (UM) 89*64kB (UM) 26*128kB (M) 21*256kB (M) 15*512kB (UM) 32*1024kB (UM) 13*2048kB (UME) 287*4096kB (UM) = 1269188kB [ 210.354710][ T9953] netlink: 'syz.5.1121': attribute type 4 has an invalid length. [ 210.390558][ T9945] Node 0 Normal: 0*4kB 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16kB [ 210.422277][ T9954] netlink: 'syz.5.1121': attribute type 4 has an invalid length. [ 210.488217][ T9945] Node 1 Normal: 166*4kB (UME) 44*8kB (UME) 47*16kB (UME) 115*32kB (UME) 47*64kB (UME) 7*128kB (UME) 3*256kB (ME) 3*512kB (ME) 1*1024kB (M) 1*2048kB (E) 950*4096kB (M) = 3905928kB [ 210.547356][ T9945] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 210.566411][ T9945] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 210.576472][ T9945] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 210.651912][ T9945] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 210.679623][ T9945] 43038 total pagecache pages [ 210.684368][ T9945] 0 pages in swap cache [ 210.695917][ T9945] Free swap = 124996kB [ 210.704705][ T9945] Total swap = 124996kB [ 210.711355][ T9965] netlink: 'syz.1.1125': attribute type 1 has an invalid length. [ 210.715086][ T9945] 2097051 pages RAM [ 210.741739][ T9945] 0 pages HighMem/MovableOnly [ 210.756226][ T9945] 424689 pages reserved [ 210.781782][ T9965] 8021q: adding VLAN 0 to HW filter on device bond0 [ 210.787009][ T9945] 0 pages cma reserved [ 210.807321][ T9965] vlan4: entered allmulticast mode [ 210.812679][ T9965] veth1: entered allmulticast mode [ 210.822979][ T9965] bond0: (slave vlan4): making interface the new active one [ 210.834021][ T9965] bond0: (slave vlan4): Enslaving as an active interface with an up link [ 210.874345][ T9967] wireguard0: entered promiscuous mode [ 210.919551][ T9967] wireguard0: entered allmulticast mode [ 211.023961][ T9977] tipc: Enabling of bearer rejected, failed to enable media [ 211.079594][ T9982] wg1: entered promiscuous mode [ 211.094744][ T9982] wg1: entered allmulticast mode [ 211.447522][ T5918] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 211.567764][ T9997] netlink: 'syz.1.1136': attribute type 9 has an invalid length. [ 211.585658][ T9997] netlink: 'syz.1.1136': attribute type 7 has an invalid length. [ 211.595196][ T9997] netlink: 'syz.1.1136': attribute type 8 has an invalid length. [ 211.729838][T10003] xt_CT: You must specify a L4 protocol and not use inversions on it [ 211.927501][ T5841] Bluetooth: hci2: command 0x0406 tx timeout [ 211.944618][ T5841] Bluetooth: hci3: command 0x0406 tx timeout [ 211.951296][ T51] Bluetooth: hci1: command 0x080f tx timeout [ 212.031250][T10018] netlink: 'syz.0.1142': attribute type 32 has an invalid length. [ 212.097720][T10021] __nla_validate_parse: 11 callbacks suppressed [ 212.097747][T10021] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1143'. [ 212.144574][T10018] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1142'. [ 212.489068][ T5918] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 212.603724][T10028] bridge0: port 2(bridge_slave_1) entered disabled state [ 212.611858][T10028] bridge0: port 1(bridge_slave_0) entered disabled state [ 212.779003][T10028] wg1: left promiscuous mode [ 212.792269][T10028] wg1: left allmulticast mode [ 213.022133][T10028] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 213.050458][ T7267] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 213.068172][T10028] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 213.297128][T10028] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 213.306179][T10028] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 213.325501][T10028] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 213.335736][T10028] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 213.433313][T10041] _Z`Ԁ@: entered promiscuous mode [ 213.535159][ T1211] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 213.543400][ T7267] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 213.827274][T10077] netlink: 'syz.6.1148': attribute type 4 has an invalid length. [ 213.880896][T10081] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 213.968316][T10078] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1147'. [ 214.044452][T10084] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode balance-rr(0) [ 214.236302][T10095] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1154'. [ 214.463102][T10107] vxcan1: tx drop: invalid sa for name 0x0000000000000001 [ 214.567408][ T1211] net_ratelimit: 1 callbacks suppressed [ 214.567431][ T1211] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 214.581501][T10107] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 214.603598][T10107] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 214.678135][T10107] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 214.737537][T10115] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 214.786006][T10115] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 214.803751][T10115] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 214.813331][T10115] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 214.833738][T10115] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 214.866389][T10115] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 215.021713][T10131] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 215.030647][T10139] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1163'. [ 215.071163][T10131] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 215.080846][T10131] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 215.090409][T10131] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 215.100921][T10131] geneve2: entered allmulticast mode [ 215.122014][T10141] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1164'. [ 215.136704][T10141] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1164'. [ 215.167515][T10141] netlink: 'syz.1.1164': attribute type 1 has an invalid length. [ 215.175288][T10141] netlink: 244 bytes leftover after parsing attributes in process `syz.1.1164'. [ 215.455883][T10153] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1169'. [ 215.601722][ T7267] IPVS: starting estimator thread 0... [ 215.709490][T10156] IPVS: using max 26 ests per chain, 62400 per kthread [ 217.808510][T10180] $H: (slave wlan1): Releasing backup interface [ 217.818794][T10180] mac80211_hwsim hwsim5 wlan1: left promiscuous mode [ 217.842874][T10186] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1179'. [ 217.851016][T10180] batman_adv: batadv0: Interface deactivated: ip6gretap1 [ 217.877005][T10180] batman_adv: batadv0: Removing interface: ip6gretap1 [ 217.892279][T10187] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1178'. [ 217.914910][T10180] bond0: (slave vlan4): Releasing active interface [ 218.158360][T10195] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.1182'. [ 218.940579][T10217] netdevsim netdevsim1: Direct firmware load for .. failed with error -2 [ 218.987035][T10217] netdevsim netdevsim1: Falling back to sysfs fallback for: .. [ 219.608514][ T5937] net_ratelimit: 18 callbacks suppressed [ 219.608535][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 219.767261][ T1211] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 220.023732][T10248] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1197'. [ 220.513566][T10266] lo: entered promiscuous mode [ 220.771857][T10280] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1201'. [ 220.807542][ T1211] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 220.957630][T10278] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1202'. [ 221.185670][T10290] sch_tbf: burst 32855 is lower than device lo mtu (39799) ! [ 221.214453][T10299] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1206'. [ 221.263486][T10299] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1206'. [ 221.379490][ T150] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 221.397844][ T150] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 221.412456][ T5937] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 221.772559][T10319] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 221.781934][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 221.847209][ T1211] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 221.927080][ T7267] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 222.169687][T10329] IPVS: set_ctl: invalid protocol: 46 172.20.20.30:20004 [ 222.186888][ T7267] IPVS: starting estimator thread 0... [ 222.247283][ T5937] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 222.286938][T10330] IPVS: using max 27 ests per chain, 64800 per kthread [ 222.539175][T10336] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci6/hci6:200/input8 [ 222.558000][T10338] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 222.566906][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 222.593981][T10339] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1217'. [ 222.618162][T10339] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1217'. [ 222.648655][ T7267] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 222.657343][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 222.726655][T10343] sctp: [Deprecated]: syz.2.1218 (pid 10343) Use of struct sctp_assoc_value in delayed_ack socket option. [ 222.726655][T10343] Use struct sctp_sack_info instead [ 222.911750][T10355] netlink: 'syz.6.1220': attribute type 2 has an invalid length. [ 222.967379][T10355] netlink: 'syz.6.1220': attribute type 1 has an invalid length. [ 223.163034][T10363] netlink: 'syz.1.1225': attribute type 3 has an invalid length. [ 223.200356][T10363] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1225'. [ 223.313628][T10376] IPv6: NLM_F_REPLACE set, but no existing node found! [ 223.446532][T10385] netlink: 'syz.6.1228': attribute type 5 has an invalid length. [ 223.476570][T10385] netlink: 'syz.6.1228': attribute type 4 has an invalid length. [ 223.508870][T10386] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1229'. [ 223.595257][T10396] netlink: 44 bytes leftover after parsing attributes in process `syz.5.1231'. [ 223.607329][T10396] netlink: 43 bytes leftover after parsing attributes in process `syz.5.1231'. [ 223.616321][T10396] netlink: 'syz.5.1231': attribute type 6 has an invalid length. [ 223.678041][T10396] netlink: 'syz.5.1231': attribute type 5 has an invalid length. [ 223.727516][T10396] netlink: 43 bytes leftover after parsing attributes in process `syz.5.1231'. [ 223.914906][T10405] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 223.922237][T10405] IPv6: NLM_F_CREATE should be set when creating new route [ 223.929565][T10405] IPv6: NLM_F_CREATE should be set when creating new route [ 223.936858][T10405] IPv6: NLM_F_CREATE should be set when creating new route [ 224.002315][T10405] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 224.055520][T10417] netlink: 17 bytes leftover after parsing attributes in process `syz.6.1237'. [ 224.479721][T10438] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1244'. [ 224.517663][T10439] netlink: 92 bytes leftover after parsing attributes in process `syz.6.1245'. [ 224.581887][T10426] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 224.608891][T10441] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1244'. [ 224.654669][T10445] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1247'. [ 224.683705][T10445] hsr0: entered promiscuous mode [ 224.699167][T10445] hsr_slave_0: left promiscuous mode [ 224.706611][T10445] hsr_slave_1: left promiscuous mode [ 224.771573][T10445] hsr0 (unregistering): left promiscuous mode [ 224.871384][T10426] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 225.082480][ T5918] net_ratelimit: 90 callbacks suppressed [ 225.082502][ T5918] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 225.098558][T10464] netlink: 'syz.0.1253': attribute type 10 has an invalid length. [ 225.124332][T10426] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 225.185008][T10464] dummy0: entered promiscuous mode [ 225.282757][T10426] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 225.447140][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 225.614684][T10426] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 225.650519][T10482] syzkaller0: entered promiscuous mode [ 225.661707][T10482] syzkaller0: entered allmulticast mode [ 225.691419][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 225.710430][T10426] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 225.738492][T10426] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 225.764937][T10426] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 225.848388][ T7144] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 225.857846][ T5937] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 225.869294][ T7269] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 226.087779][ T5898] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 226.859368][T10526] netlink: zone id is out of range [ 226.871230][T10526] netlink: zone id is out of range [ 226.876579][T10526] netlink: zone id is out of range [ 226.905778][T10526] netlink: zone id is out of range [ 227.298142][T10539] tipc: Enabling of bearer rejected, failed to enable media [ 227.555278][T10547] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 227.562636][T10547] IPv6: NLM_F_CREATE should be set when creating new route [ 227.570099][T10547] IPv6: NLM_F_CREATE should be set when creating new route [ 227.577402][T10547] IPv6: NLM_F_CREATE should be set when creating new route [ 228.243466][T10575] __nla_validate_parse: 12 callbacks suppressed [ 228.243490][T10575] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1287'. [ 228.422830][T10588] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1289'. [ 228.602328][T10595] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1293'. [ 229.178164][T10620] syzkaller0: Caught tx_queue_len zero misconfig [ 229.311818][T10623] netlink: 'syz.0.1300': attribute type 9 has an invalid length. [ 229.320345][T10623] netlink: 'syz.0.1300': attribute type 7 has an invalid length. [ 229.328841][T10623] netlink: 'syz.0.1300': attribute type 8 has an invalid length. [ 229.470780][T10625] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 229.562858][T10630] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1304'. [ 229.609396][T10628] wireguard0: entered promiscuous mode [ 229.725373][T10632] vti0: entered promiscuous mode [ 229.736419][T10625] vlan2: left allmulticast mode [ 229.742586][T10625] bond0: left allmulticast mode [ 229.748210][T10625] vlan2: left promiscuous mode [ 229.753438][T10625] bond0: left promiscuous mode [ 229.761285][T10625] bridge0: port 1(vlan2) entered disabled state [ 229.837676][ T5918] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 230.244538][T10660] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1312'. [ 230.263203][ T5918] net_ratelimit: 4146 callbacks suppressed [ 230.263226][ T5918] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 230.287369][T10660] netlink: 43 bytes leftover after parsing attributes in process `syz.0.1312'. [ 230.309249][T10660] netlink: 'syz.0.1312': attribute type 6 has an invalid length. [ 230.347804][T10660] netlink: 'syz.0.1312': attribute type 5 has an invalid length. [ 230.357086][ T5898] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 230.378623][T10660] netlink: 43 bytes leftover after parsing attributes in process `syz.0.1312'. [ 230.592366][T10673] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1317'. [ 230.608580][T10676] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1318'. [ 231.138044][T10709] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 231.160437][T10712] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1331'. [ 231.287888][ T5918] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 231.388555][T10718] syzkaller1: entered promiscuous mode [ 231.394201][T10718] syzkaller1: entered allmulticast mode [ 231.401788][T10720] netlink: 'syz.1.1333': attribute type 7 has an invalid length. [ 231.413448][T10720] netlink: 'syz.1.1333': attribute type 8 has an invalid length. [ 231.447374][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 231.456219][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 231.465073][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 231.473749][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 231.482553][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 231.491158][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 231.499792][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 231.834179][T10733] tc_dump_action: action bad kind [ 232.092798][T10743] netlink: 'syz.2.1340': attribute type 9 has an invalid length. [ 232.100657][T10743] netlink: 'syz.2.1340': attribute type 7 has an invalid length. [ 232.111153][T10743] netlink: 'syz.2.1340': attribute type 8 has an invalid length. [ 233.112270][T10784] bridge0: port 1(veth0_to_bridge) entered blocking state [ 233.120068][T10784] bridge0: port 1(veth0_to_bridge) entered disabled state [ 233.131213][T10784] veth0_to_bridge: entered allmulticast mode [ 233.158051][T10784] veth0_to_bridge: entered promiscuous mode [ 233.188662][T10784] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 233.595142][T10798] __nla_validate_parse: 10 callbacks suppressed [ 233.595164][T10798] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1359'. [ 233.918506][T10816] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1365'. [ 234.167005][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 234.307628][T10828] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1370'. [ 234.680236][T10836] FAULT_INJECTION: forcing a failure. [ 234.680236][T10836] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 234.709103][T10836] CPU: 0 UID: 0 PID: 10836 Comm: syz.1.1373 Not tainted 6.16.0-rc1-syzkaller-00196-g08207f42d3ff #0 PREEMPT(full) [ 234.709134][T10836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 234.709147][T10836] Call Trace: [ 234.709154][T10836] [ 234.709163][T10836] dump_stack_lvl+0x189/0x250 [ 234.709199][T10836] ? __pfx____ratelimit+0x10/0x10 [ 234.709229][T10836] ? __pfx_dump_stack_lvl+0x10/0x10 [ 234.709259][T10836] ? __pfx__printk+0x10/0x10 [ 234.709282][T10836] ? __might_fault+0xb0/0x130 [ 234.709316][T10836] should_fail_ex+0x414/0x560 [ 234.709349][T10836] _copy_from_iter+0x1db/0x16f0 [ 234.709385][T10836] ? rcu_is_watching+0x15/0xb0 [ 234.709418][T10836] ? kmem_cache_alloc_node_noprof+0x217/0x3c0 [ 234.709441][T10836] ? __pfx__copy_from_iter+0x10/0x10 [ 234.709480][T10836] ? __build_skb_around+0x257/0x3e0 [ 234.709510][T10836] ? netlink_sendmsg+0x642/0xb30 [ 234.709532][T10836] ? skb_put+0x11b/0x210 [ 234.709561][T10836] netlink_sendmsg+0x6b2/0xb30 [ 234.709597][T10836] ? __pfx_netlink_sendmsg+0x10/0x10 [ 234.709627][T10836] ? aa_sock_msg_perm+0x94/0x160 [ 234.709656][T10836] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 234.709681][T10836] ? __pfx_netlink_sendmsg+0x10/0x10 [ 234.709706][T10836] __sock_sendmsg+0x219/0x270 [ 234.709730][T10836] ____sys_sendmsg+0x505/0x830 [ 234.709763][T10836] ? __pfx_____sys_sendmsg+0x10/0x10 [ 234.709800][T10836] ? import_iovec+0x74/0xa0 [ 234.709826][T10836] ___sys_sendmsg+0x21f/0x2a0 [ 234.709855][T10836] ? __pfx____sys_sendmsg+0x10/0x10 [ 234.709926][T10836] ? __fget_files+0x2a/0x420 [ 234.709948][T10836] ? __fget_files+0x3a0/0x420 [ 234.709991][T10836] __x64_sys_sendmsg+0x19b/0x260 [ 234.710021][T10836] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 234.710060][T10836] ? __pfx_ksys_write+0x10/0x10 [ 234.710076][T10836] ? rcu_is_watching+0x15/0xb0 [ 234.710112][T10836] ? do_syscall_64+0xbe/0x3b0 [ 234.710137][T10836] do_syscall_64+0xfa/0x3b0 [ 234.710155][T10836] ? lockdep_hardirqs_on+0x9c/0x150 [ 234.710184][T10836] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 234.710204][T10836] ? clear_bhb_loop+0x60/0xb0 [ 234.710230][T10836] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 234.710250][T10836] RIP: 0033:0x7f431798e929 [ 234.710268][T10836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 234.710285][T10836] RSP: 002b:00007f43188b5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 234.710307][T10836] RAX: ffffffffffffffda RBX: 00007f4317bb5fa0 RCX: 00007f431798e929 [ 234.710322][T10836] RDX: 0000000000000010 RSI: 0000200000000080 RDI: 0000000000000003 [ 234.710335][T10836] RBP: 00007f43188b5090 R08: 0000000000000000 R09: 0000000000000000 [ 234.710347][T10836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 234.710359][T10836] R13: 0000000000000000 R14: 00007f4317bb5fa0 R15: 00007fff8b0973e8 [ 234.710394][T10836] [ 235.449217][ T5918] net_ratelimit: 135 callbacks suppressed [ 235.449239][ T5918] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 235.950080][T10864] sctp: [Deprecated]: syz.1.1382 (pid 10864) Use of struct sctp_assoc_value in delayed_ack socket option. [ 235.950080][T10864] Use struct sctp_sack_info instead [ 236.060132][T10869] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1383'. [ 236.493658][ T5918] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 236.689455][T10892] validate_nla: 3 callbacks suppressed [ 236.689480][T10892] netlink: 'syz.5.1392': attribute type 5 has an invalid length. [ 236.714683][T10894] netlink: 212408 bytes leftover after parsing attributes in process `syz.2.1391'. [ 236.726489][T10892] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1392'. [ 236.782004][T10892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 236.791888][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 236.881868][T10892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 237.074618][T10906] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 237.526179][T10916] netlink: 256 bytes leftover after parsing attributes in process `syz.2.1396'. [ 237.538079][ T5918] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 237.689480][ T7269] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 237.690874][T10920] netlink: 'syz.5.1397': attribute type 1 has an invalid length. [ 237.817968][T10920] bond2: entered promiscuous mode [ 237.850388][T10920] 8021q: adding VLAN 0 to HW filter on device bond2 [ 238.441546][T10954] 8021q: VLANs not supported on vxcan0 [ 238.567375][ T1211] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 238.620235][T10959] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1408'. [ 238.647308][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 238.933594][T10969] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1413'. [ 238.944480][T10969] netlink: 'syz.1.1413': attribute type 30 has an invalid length. [ 238.966865][T10969] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1413'. [ 239.095951][T10977] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 239.190972][T10979] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1416'. [ 239.575849][T10988] syzkaller0: entered promiscuous mode [ 239.650413][T10988] syzkaller0: entered allmulticast mode [ 240.087165][T11018] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1425'. [ 240.223814][T11016] netlink: 8128 bytes leftover after parsing attributes in process `syz.5.1425'. [ 240.228159][T11015] netlink: 'syz.1.1427': attribute type 1 has an invalid length. [ 240.573215][ T7267] net_ratelimit: 8 callbacks suppressed [ 240.573238][ T7267] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 240.647453][ T1211] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 241.689983][ T1211] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 241.737367][T11018] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1425'. [ 241.958475][T11026] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1430'. [ 241.983544][T11026] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1430'. [ 242.061329][T11026] vlan5: entered allmulticast mode [ 242.066644][T11026] macvlan1: entered allmulticast mode [ 242.072597][T11026] veth1_vlan: entered allmulticast mode [ 242.729663][ T5898] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 243.174257][T11075] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 243.355610][T11083] netlink: 'syz.0.1443': attribute type 1 has an invalid length. [ 243.627019][ T7269] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 243.727637][T11088] netlink: 'syz.0.1448': attribute type 1 has an invalid length. [ 243.770398][ T5898] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 243.808921][T11088] bond4: entered promiscuous mode [ 243.814537][T11088] 8021q: adding VLAN 0 to HW filter on device bond4 [ 244.005476][T11096] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1448'. [ 244.014251][T11097] netlink: 'syz.5.1449': attribute type 1 has an invalid length. [ 244.022629][T11097] netlink: 'syz.5.1449': attribute type 2 has an invalid length. [ 244.079301][T11088] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1448'. [ 244.316892][T11103] netlink: 'syz.5.1450': attribute type 2 has an invalid length. [ 244.346450][T11103] IPv6: NLM_F_CREATE should be specified when creating new route [ 244.409865][ T7269] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 244.799209][T11118] netlink: 'syz.5.1456': attribute type 1 has an invalid length. [ 244.807276][ T5898] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 244.920799][T11118] 8021q: adding VLAN 0 to HW filter on device bond3 [ 244.967910][T11130] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1459'. [ 245.130763][T11121] syzkaller1: entered promiscuous mode [ 245.136473][T11121] syzkaller1: entered allmulticast mode [ 245.205565][T11136] tun0: tun_chr_ioctl cmd 35108 [ 245.221077][T11128] tun0: tun_chr_ioctl cmd 1074812117 [ 245.398898][T11139] xt_cgroup: path and classid specified [ 245.437148][T11138] IPVS: set_ctl: invalid protocol: 50 10.1.1.2:20004 [ 245.488277][T11138] netlink: zone id is out of range [ 245.571640][T11139] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci6/hci6:200/input9 [ 245.593817][T11138] net_ratelimit: 7 callbacks suppressed [ 245.593847][T11138] netlink: zone id is out of range [ 245.655623][T11138] netlink: zone id is out of range [ 245.665555][T11138] netlink: zone id is out of range [ 245.684771][T11138] netlink: zone id is out of range [ 245.707297][T11138] netlink: zone id is out of range [ 245.712637][T11138] netlink: zone id is out of range [ 245.717153][T11148] netlink: 'syz.6.1461': attribute type 4 has an invalid length. [ 245.728443][T11138] netlink: zone id is out of range [ 245.749372][T11138] netlink: zone id is out of range [ 245.754592][T11138] netlink: zone id is out of range [ 245.755105][T11148] netlink: 'syz.6.1461': attribute type 2 has an invalid length. [ 245.776360][T11138] netlink: zone id is out of range [ 246.489388][T11169] mac80211_hwsim hwsim21 wlan0: entered promiscuous mode [ 246.554846][T11175] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1468'. [ 246.607796][T11169] mac80211_hwsim hwsim21 wlan0: left promiscuous mode [ 246.972203][T11184] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1471'. [ 247.012836][T11184] tipc: Started in network mode [ 247.026890][T11184] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 247.036693][T11184] tipc: Enabling of bearer rejected, failed to enable media [ 247.220241][T11190] netlink: 'syz.0.1472': attribute type 1 has an invalid length. [ 247.245640][T11190] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1472'. [ 247.813106][T11189] team0 (unregistering): Port device team_slave_0 removed [ 247.847511][T11189] team0 (unregistering): Port device team_slave_1 removed [ 248.167736][ T5837] Bluetooth: hci0: Opcode 0x0401 failed: -110 [ 248.336002][T11210] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1477'. [ 248.376472][T11218] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1480'. [ 248.457901][T11220] syz_tun: entered allmulticast mode [ 248.694836][T11232] netlink: 'syz.5.1482': attribute type 1 has an invalid length. [ 248.729322][T11229] netlink: 'syz.0.1485': attribute type 32 has an invalid length. [ 248.777648][T11232] netlink: 224 bytes leftover after parsing attributes in process `syz.5.1482'. [ 248.888831][T11232] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1482'. [ 248.935283][ T5837] Bluetooth: hci6: link tx timeout [ 248.941313][ T5837] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa [ 249.014604][T11215] xt_TCPMSS: Only works on TCP SYN packets [ 249.184308][T11245] __nla_validate_parse: 1 callbacks suppressed [ 249.184328][T11245] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1490'. [ 249.499837][T11256] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1494'. [ 249.861656][T11275] netlink: 'syz.2.1499': attribute type 2 has an invalid length. [ 249.989303][T11280] netlink: 'syz.5.1502': attribute type 5 has an invalid length. [ 250.660760][T11274] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1500'. [ 250.699621][T11274] SET target dimension over the limit! [ 250.763797][ T5154] block nbd1: Receive control failed (result -32) [ 250.977590][ T5154] Bluetooth: hci6: command 0x0405 tx timeout [ 251.403844][T11317] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1514'. [ 251.447005][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 251.723173][T11340] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1521'. [ 251.774667][T11344] netlink: 96 bytes leftover after parsing attributes in process `syz.5.1520'. [ 251.804884][T11344] netlink: 'syz.5.1520': attribute type 1 has an invalid length. [ 251.815931][T11344] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1520'. [ 251.895078][T11349] RDS: rds_bind could not find a transport for fec0:ffff::1, load rds_tcp or rds_rdma? [ 251.981391][T11354] net_ratelimit: 15 callbacks suppressed [ 251.981412][T11354] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 252.441528][T11386] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1532'. [ 252.453929][T11386] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1532'. [ 252.615779][T11397] netlink: 'syz.0.1534': attribute type 1 has an invalid length. [ 252.752260][T11406] netlink: del zone limit has 4 unknown bytes [ 253.171024][T11413] veth4: entered allmulticast mode [ 253.490017][T11428] vlan2: entered promiscuous mode [ 253.495329][T11428] bond0: entered promiscuous mode [ 253.500557][T11428] bond_slave_0: entered promiscuous mode [ 253.506617][T11428] bond_slave_1: entered promiscuous mode [ 253.512998][T11428] netdevsim netdevsim6 netdevsim0: entered promiscuous mode [ 253.523066][T11428] bond0: (slave vlan2): Opening slave failed [ 253.862786][T11446] netlink: 27 bytes leftover after parsing attributes in process `syz.0.1551'. [ 254.408865][T11468] x_tables: duplicate underflow at hook 3 [ 254.471289][T11468] xt_TCPMSS: Only works on TCP SYN packets [ 254.579074][T11469] ip6tnl1: entered promiscuous mode [ 254.584364][T11469] ip6tnl1: entered allmulticast mode [ 254.998448][T11486] netlink: 60 bytes leftover after parsing attributes in process `syz.6.1561'. [ 255.160493][T11495] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1567'. [ 255.225731][T11495] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1567'. [ 255.234338][T11491] bond5: entered promiscuous mode [ 255.242136][T11488] can: request_module (can-proto-3) failed. [ 255.245970][T11491] 8021q: adding VLAN 0 to HW filter on device bond5 [ 255.265297][ T5839] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 255.276026][ T5839] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 255.293772][ T5839] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 255.311465][ T5839] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 255.319497][T11499] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 255.331775][ T5839] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 255.380627][T11500] netlink: 'syz.1.1567': attribute type 25 has an invalid length. [ 255.731957][T11511] openvswitch: netlink: Actions may not be safe on all matching packets [ 255.922518][T11516] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 255.956190][T11496] chnl_net:caif_netlink_parms(): no params data found [ 256.224032][T11526] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1574'. [ 256.243626][T11526] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1574'. [ 256.341434][T11532] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1576'. [ 256.348511][T11526] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1574'. [ 256.532203][T11496] bridge0: port 1(bridge_slave_0) entered blocking state [ 256.552384][T11496] bridge0: port 1(bridge_slave_0) entered disabled state [ 256.572682][T11496] bridge_slave_0: entered allmulticast mode [ 256.596652][T11496] bridge_slave_0: entered promiscuous mode [ 256.645424][T11496] bridge0: port 2(bridge_slave_1) entered blocking state [ 256.673562][T11496] bridge0: port 2(bridge_slave_1) entered disabled state [ 256.701480][T11496] bridge_slave_1: entered allmulticast mode [ 256.738807][T11496] bridge_slave_1: entered promiscuous mode [ 256.967228][ T5837] Bluetooth: hci6: command 0x0405 tx timeout [ 257.221378][T11496] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 257.255108][T11496] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 257.396261][T11553] netlink: 212376 bytes leftover after parsing attributes in process `syz.5.1582'. [ 257.449197][ T5837] Bluetooth: hci1: command tx timeout [ 257.515934][T11496] team0: Port device team_slave_0 added [ 257.561302][T11496] team0: Port device team_slave_1 added [ 257.762568][T11496] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 257.782682][T11496] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 257.797076][T11565] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1585'. [ 257.878724][T11575] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1586'. [ 257.898137][T11496] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 257.986533][T11496] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 258.007585][T11496] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 258.050794][T11496] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 258.091646][T11585] netlink: 'syz.6.1589': attribute type 11 has an invalid length. [ 258.384399][T11591] vlan0: entered promiscuous mode [ 258.466047][T11496] hsr_slave_0: entered promiscuous mode [ 258.479330][T11496] hsr_slave_1: entered promiscuous mode [ 258.645782][T11603] netlink: 'syz.0.1593': attribute type 2 has an invalid length. [ 259.198301][T11619] 8021q: adding VLAN 0 to HW filter on device bond4 [ 259.221644][T11617] 8021q: VLANs not supported on sit0 [ 259.288189][T11623] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 259.298816][T11623] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 259.307872][T11623] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 259.316609][T11623] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 259.437311][T11621] 8021q: adding VLAN 0 to HW filter on device bond5 [ 259.526944][ T5154] Bluetooth: hci1: command tx timeout [ 260.311409][T11496] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 260.441116][T11496] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 260.564825][T11496] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 260.706114][T11496] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 260.792896][T11656] __nla_validate_parse: 3 callbacks suppressed [ 260.792916][T11656] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1610'. [ 260.891191][T11656] vlan3: entered promiscuous mode [ 260.919769][T11656] erspan0: entered promiscuous mode [ 261.140133][T11664] netlink: 192 bytes leftover after parsing attributes in process `syz.1.1613'. [ 261.220908][T11668] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1614'. [ 261.262795][T11496] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 261.277386][T11668] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1614'. [ 261.303938][T11668] netlink: 'syz.0.1614': attribute type 15 has an invalid length. [ 261.311488][T11496] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 261.387592][T11496] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 261.428507][T11671] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 261.439604][T11496] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 261.607255][ T5154] Bluetooth: hci1: command 0x040f tx timeout [ 261.640563][T11683] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 261.655067][T11683] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 261.850526][T11496] 8021q: adding VLAN 0 to HW filter on device bond0 [ 261.908272][T11496] 8021q: adding VLAN 0 to HW filter on device team0 [ 261.946253][ T7144] bridge0: port 1(bridge_slave_0) entered blocking state [ 261.953646][ T7144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 261.987529][T11690] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check. [ 262.021259][ T7144] bridge0: port 2(bridge_slave_1) entered blocking state [ 262.028571][ T7144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 262.190209][T11694] netlink: 'syz.0.1621': attribute type 21 has an invalid length. [ 262.237678][T11694] netlink: 176 bytes leftover after parsing attributes in process `syz.0.1621'. [ 262.254778][T11700] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1622'. [ 262.288184][T11700] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1622'. [ 262.453125][T11705] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1623'. [ 262.488083][T11705] openvswitch: netlink: push_nsh: missing base or metadata attributes [ 262.524594][T11705] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 262.718058][T11496] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 262.735068][T11714] xt_hashlimit: size too large, truncated to 1048576 [ 262.748533][T11714] xt_hashlimit: overflow, try lower: 3/0 [ 262.786652][T11717] xt_hashlimit: size too large, truncated to 1048576 [ 262.799791][T11717] xt_hashlimit: overflow, try lower: 3/0 [ 262.895790][T11496] veth0_vlan: entered promiscuous mode [ 262.939156][T11496] veth1_vlan: entered promiscuous mode [ 263.060910][T11496] veth0_macvtap: entered promiscuous mode [ 263.107834][T11496] veth1_macvtap: entered promiscuous mode [ 263.200202][T11496] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 263.249727][T11496] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 263.304775][T11496] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.337477][T11496] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.362558][T11496] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.380453][T11496] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.414856][T11731] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1630'. [ 263.644641][T11738] netlink: 'syz.1.1631': attribute type 3 has an invalid length. [ 263.690718][ T5837] Bluetooth: hci1: command 0x040f tx timeout [ 263.712547][ T7143] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 263.749949][ T7143] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 263.853837][ T7145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 263.893399][ T7145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 264.829253][T11766] netlink: 'syz.0.1642': attribute type 1 has an invalid length. [ 264.943127][T11766] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1642'. [ 265.081352][ T6608] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 265.150966][T11767] netdevsim netdevsim0 eth0: set [1, 1] type 2 family 0 port 20000 - 0 [ 265.172778][T11767] netdevsim netdevsim0 eth1: set [1, 1] type 2 family 0 port 20000 - 0 [ 265.192418][T11767] netdevsim netdevsim0 eth2: set [1, 1] type 2 family 0 port 20000 - 0 [ 265.205584][T11767] netdevsim netdevsim0 eth3: set [1, 1] type 2 family 0 port 20000 - 0 [ 265.231909][T11767] bond6: (slave geneve2): making interface the new active one [ 265.252898][T11767] bond6: (slave geneve2): Enslaving as an active interface with an up link [ 265.313409][T11766] 8021q: adding VLAN 0 to HW filter on device bond6 [ 265.381792][ T6608] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 265.784305][ T6608] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 266.028990][ T6608] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 266.540571][ T5154] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 266.552407][ T5154] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 266.560946][ T5154] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 266.598014][ T5154] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 266.605717][ T6608] bridge_slave_1: left allmulticast mode [ 266.616569][ T5154] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 266.624978][ T6608] bridge_slave_1: left promiscuous mode [ 266.645209][ T6608] bridge0: port 2(bridge_slave_1) entered disabled state [ 266.739225][ T6608] bridge_slave_0: left allmulticast mode [ 266.744925][ T6608] bridge_slave_0: left promiscuous mode [ 266.764210][ T6608] bridge0: port 1(bridge_slave_0) entered disabled state [ 266.776148][T11828] __nla_validate_parse: 1 callbacks suppressed [ 266.776167][T11828] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1656'. [ 266.822534][T11828] netlink: 43 bytes leftover after parsing attributes in process `syz.0.1656'. [ 266.858714][T11828] netlink: 'syz.0.1656': attribute type 5 has an invalid length. [ 266.889650][T11828] netlink: 43 bytes leftover after parsing attributes in process `syz.0.1656'. [ 267.657499][T11865] sctp: [Deprecated]: syz.6.1664 (pid 11865) Use of struct sctp_assoc_value in delayed_ack socket option. [ 267.657499][T11865] Use struct sctp_sack_info instead [ 267.991377][ T6608] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 268.003610][ T6608] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 268.031036][ T6608] bond0 (unregistering): Released all slaves [ 268.070227][T11872] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1665'. [ 268.648601][ T5154] Bluetooth: hci1: command tx timeout [ 269.574642][ T6608] hsr_slave_0: left promiscuous mode [ 269.601030][ T6608] hsr_slave_1: left promiscuous mode [ 269.621066][ T6608] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 269.642963][ T6608] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 269.672939][ T6608] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 269.685208][ T6608] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 269.764868][ T6608] veth1_macvtap: left promiscuous mode [ 269.778511][ T6608] veth0_macvtap: left promiscuous mode [ 269.791922][ T6608] veth1_vlan: left promiscuous mode [ 269.803608][ T6608] veth0_vlan: left promiscuous mode [ 270.247615][T11931] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1681'. [ 270.258039][T11931] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1681'. [ 270.573135][ T6608] team0 (unregistering): Port device team_slave_1 removed [ 270.665470][ T6608] team0 (unregistering): Port device team_slave_0 removed [ 270.727151][ T5154] Bluetooth: hci1: command tx timeout [ 271.115652][T11949] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1686'. [ 271.125788][T11949] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1686'. [ 271.231882][T11951] netlink: 'syz.1.1687': attribute type 13 has an invalid length. [ 271.244205][T11951] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1687'. [ 271.373006][T11951] (unnamed net_device) (uninitialized): option fail_over_mac: invalid value (6) [ 271.437458][T11820] chnl_net:caif_netlink_parms(): no params data found [ 271.640154][T11964] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1688'. [ 271.848435][T11967] netlink: 'syz.0.1690': attribute type 30 has an invalid length. [ 271.890708][T11973] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1692'. [ 271.964119][T11975] netlink: 'syz.1.1693': attribute type 1 has an invalid length. [ 272.070379][T11820] bridge0: port 1(bridge_slave_0) entered blocking state [ 272.099083][T11820] bridge0: port 1(bridge_slave_0) entered disabled state [ 272.106515][T11820] bridge_slave_0: entered allmulticast mode [ 272.129479][T11820] bridge_slave_0: entered promiscuous mode [ 272.156531][T11967] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 272.164986][T11967] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 272.173401][T11967] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 272.181985][T11967] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 272.253039][T11967] netdevsim netdevsim0 eth0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 272.261927][T11967] netdevsim netdevsim0 eth1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 272.270581][T11967] netdevsim netdevsim0 eth2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 272.279181][T11967] netdevsim netdevsim0 eth3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 272.462167][T11820] bridge0: port 2(bridge_slave_1) entered blocking state [ 272.478179][T11820] bridge0: port 2(bridge_slave_1) entered disabled state [ 272.485489][T11820] bridge_slave_1: entered allmulticast mode [ 272.537517][T11820] bridge_slave_1: entered promiscuous mode [ 272.675073][T11987] x_tables: duplicate underflow at hook 1 [ 272.709416][T11987] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1696'. [ 272.721597][T11820] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 272.799919][T11820] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 272.812194][ T5154] Bluetooth: hci1: command tx timeout [ 272.994680][T11820] team0: Port device team_slave_0 added [ 273.159750][T11820] team0: Port device team_slave_1 added [ 273.323290][T11820] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 273.344238][T11820] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 273.402020][T12004] netlink: 'syz.0.1701': attribute type 1 has an invalid length. [ 273.410508][T12004] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1701'. [ 273.422208][T11820] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 273.461831][T12002] bridge_slave_0: left allmulticast mode [ 273.468119][T12002] bridge_slave_0: left promiscuous mode [ 273.474054][T12002] bridge0: port 1(bridge_slave_0) entered disabled state [ 273.487653][T12002] bridge_slave_1: left allmulticast mode [ 273.493431][T12002] bridge_slave_1: left promiscuous mode [ 273.499523][T12002] bridge0: port 2(bridge_slave_1) entered disabled state [ 273.513507][T12002] bond0: (slave bond_slave_0): Releasing backup interface [ 273.535889][T12002] bond_slave_0: left promiscuous mode [ 273.557930][T12002] bond0: (slave bond_slave_1): Releasing backup interface [ 273.580018][T12002] bond_slave_1: left promiscuous mode [ 273.618315][T12002] team0: Failed to send options change via netlink (err -105) [ 273.635430][T12002] team0: Failed to send port change of device team_slave_0 via netlink (err -105) [ 273.647878][T12002] team0: Port device team_slave_0 removed [ 273.660688][T12002] team0: Failed to send options change via netlink (err -105) [ 273.669008][T12002] team0: Failed to send port change of device team_slave_1 via netlink (err -105) [ 273.679611][T12002] team0: Port device team_slave_1 removed [ 273.686146][T12002] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 273.693888][T12002] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 273.702906][T12002] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 273.711212][T12002] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 273.727816][T12002] bond2: (slave batadv1): Releasing active interface [ 273.741887][T12002] bond6: (slave geneve2): Releasing active interface [ 273.752783][T12002] netdevsim netdevsim0 eth0: unset [1, 1] type 2 family 0 port 20000 - 0 [ 273.761922][T12002] netdevsim netdevsim0 eth1: unset [1, 1] type 2 family 0 port 20000 - 0 [ 273.771553][T12002] netdevsim netdevsim0 eth2: unset [1, 1] type 2 family 0 port 20000 - 0 [ 273.780448][T12002] netdevsim netdevsim0 eth3: unset [1, 1] type 2 family 0 port 20000 - 0 [ 273.793051][T11820] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 273.801823][T11820] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 273.831459][T11820] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 274.010758][T12015] syzkaller0: Caught tx_queue_len zero misconfig [ 274.045552][T11820] hsr_slave_0: entered promiscuous mode [ 274.053808][T11820] hsr_slave_1: entered promiscuous mode [ 274.155272][T12017] veth0: entered promiscuous mode [ 274.166470][T12019] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1705'. [ 274.281099][T12025] netlink: 'syz.0.1705': attribute type 1 has an invalid length. [ 274.294266][T12025] netlink: 228 bytes leftover after parsing attributes in process `syz.0.1705'. [ 274.303942][T12025] NCSI netlink: No device for ifindex 0 [ 274.386388][T12025] syzkaller1: entered promiscuous mode [ 274.425883][T12025] syzkaller1: entered allmulticast mode [ 274.890514][ T5154] Bluetooth: hci1: command tx timeout [ 275.057953][T12045] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1713'. [ 275.168132][T12054] netlink: 'syz.5.1715': attribute type 4 has an invalid length. [ 275.196148][T12053] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1716'. [ 275.206724][T12054] netlink: 'syz.5.1715': attribute type 4 has an invalid length. [ 275.348794][T12061] netlink: 'syz.0.1718': attribute type 4 has an invalid length. [ 275.398904][T12062] netlink: 'syz.0.1718': attribute type 4 has an invalid length. [ 275.887143][T12087] netlink: 304 bytes leftover after parsing attributes in process `syz.0.1726'. [ 276.016713][T11820] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 276.042202][T11820] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 276.083331][T11820] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 276.122350][T11820] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 276.395052][T11820] 8021q: adding VLAN 0 to HW filter on device bond0 [ 276.472420][T11820] 8021q: adding VLAN 0 to HW filter on device team0 [ 276.501592][ T7143] bridge0: port 1(bridge_slave_0) entered blocking state [ 276.509118][ T7143] bridge0: port 1(bridge_slave_0) entered forwarding state [ 276.535951][ T7143] bridge0: port 2(bridge_slave_1) entered blocking state [ 276.543214][ T7143] bridge0: port 2(bridge_slave_1) entered forwarding state [ 276.582982][T12116] netlink: 'syz.6.1732': attribute type 1 has an invalid length. [ 276.601386][T12116] netlink: 'syz.6.1732': attribute type 2 has an invalid length. [ 276.618519][T12116] netlink: 'syz.6.1732': attribute type 1 has an invalid length. [ 276.764883][T11820] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 277.375650][T11820] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 277.567584][T11820] veth0_vlan: entered promiscuous mode [ 277.602390][T11820] veth1_vlan: entered promiscuous mode [ 277.671853][T12158] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1745'. [ 277.955172][T11820] veth0_macvtap: entered promiscuous mode [ 277.991555][T11820] veth1_macvtap: entered promiscuous mode [ 278.073144][T11820] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 278.133704][T11820] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 278.189954][T11820] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 278.225292][T11820] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 278.244604][T11820] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 278.265676][T11820] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 278.563431][ T7143] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 278.580780][ T7143] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 278.621649][T12180] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1752'. [ 278.655135][ T7145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 278.679251][ T7145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 279.420404][T12203] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 279.520097][T12203] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 279.842412][ T1103] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 279.924804][T12213] dummy0: entered promiscuous mode [ 279.932881][T12213] vlan5: entered promiscuous mode [ 280.009117][T12203] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 280.123720][ T1103] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 280.191174][T12203] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 280.291035][ T1103] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 280.312456][T12218] A link change request failed with some changes committed already. Interface veth1_to_batadv may have been left with an inconsistent configuration, please check. [ 280.399926][T12220] netlink: 'syz.6.1763': attribute type 1 has an invalid length. [ 280.412591][ T1103] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 280.565051][T12203] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 280.693754][T12203] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 280.813327][T12203] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 280.933027][T12203] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 280.955185][ T5837] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 280.965850][ T5837] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 280.974948][ T5837] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 280.992745][ T5837] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 281.004678][ T5837] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 281.098165][ T1103] bridge_slave_1: left allmulticast mode [ 281.103873][ T1103] bridge_slave_1: left promiscuous mode [ 281.156193][ T1103] bridge0: port 2(bridge_slave_1) entered disabled state [ 281.185228][ T1103] bridge_slave_0: left allmulticast mode [ 281.190467][T12252] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1771'. [ 281.236422][ T1103] bridge_slave_0: left promiscuous mode [ 281.247663][ T1103] bridge0: port 1(bridge_slave_0) entered disabled state [ 281.438529][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805ca3c400: rx timeout, send abort [ 281.570768][T12268] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1775'. [ 281.934495][ T1103] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 281.939529][ C0] vcan0: j1939_tp_rxtimer: 0xffff8880296b3c00: rx timeout, send abort [ 281.952589][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805ca3c400: abort rx timeout. Force session deactivation [ 281.971790][ T1103] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 281.983028][ T1103] bond0 (unregistering): Released all slaves [ 282.493669][T12290] netlink: 'syz.5.1781': attribute type 10 has an invalid length. [ 282.508896][T12290] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1781'. [ 282.755918][T12290] veth0_vlan: entered allmulticast mode [ 282.783884][T12290] bridge0: port 3(veth0_vlan) entered blocking state [ 282.837386][T12290] bridge0: port 3(veth0_vlan) entered disabled state [ 282.859635][T12290] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check. [ 283.048339][ T5154] Bluetooth: hci1: command tx timeout [ 283.138931][T12293] netlink: 'syz.5.1782': attribute type 10 has an invalid length. [ 283.197629][ T1103] hsr_slave_0: left promiscuous mode [ 283.209110][ T1103] hsr_slave_1: left promiscuous mode [ 283.224381][ T1103] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 283.232334][ T1103] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 283.240852][ T1103] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 283.248803][ T1103] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 283.275657][ T1103] veth1_macvtap: left promiscuous mode [ 283.281615][ T1103] veth0_macvtap: left promiscuous mode [ 283.287901][ T1103] veth1_vlan: left promiscuous mode [ 283.293398][ T1103] veth0_vlan: left promiscuous mode [ 283.855269][ T1103] team0 (unregistering): Port device team_slave_1 removed [ 283.904080][ T1103] team0 (unregistering): Port device team_slave_0 removed [ 284.406989][T12293] bridge0: port 2(bridge_slave_1) entered blocking state [ 284.414376][T12293] bridge0: port 2(bridge_slave_1) entered forwarding state [ 284.421994][T12293] bridge0: port 1(bridge_slave_0) entered blocking state [ 284.429201][T12293] bridge0: port 1(bridge_slave_0) entered forwarding state [ 284.443443][T12293] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 284.463930][T12295] bridge_slave_1: left allmulticast mode [ 284.472222][T12295] bridge_slave_1: left promiscuous mode [ 284.479008][T12295] bridge0: port 2(bridge_slave_1) entered disabled state [ 284.490313][T12295] bridge_slave_0: left allmulticast mode [ 284.496003][T12295] bridge_slave_0: left promiscuous mode [ 284.507829][T12295] bridge0: port 1(bridge_slave_0) entered disabled state [ 284.532519][T12295] bond0: (slave bridge0): Releasing backup interface [ 284.651523][T12242] chnl_net:caif_netlink_parms(): no params data found [ 285.127543][ T5154] Bluetooth: hci1: command tx timeout [ 285.160908][T12299] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1783'. [ 285.173154][T12242] bridge0: port 1(bridge_slave_0) entered blocking state [ 285.184809][T12242] bridge0: port 1(bridge_slave_0) entered disabled state [ 285.193039][T12242] bridge_slave_0: entered allmulticast mode [ 285.202679][T12242] bridge_slave_0: entered promiscuous mode [ 285.227347][T12304] tipc: Enabled bearer , priority 0 [ 285.245630][T12242] bridge0: port 2(bridge_slave_1) entered blocking state [ 285.264812][T12242] bridge0: port 2(bridge_slave_1) entered disabled state [ 285.274585][T12242] bridge_slave_1: entered allmulticast mode [ 285.292348][T12242] bridge_slave_1: entered promiscuous mode [ 285.399154][T12307] syzkaller0: mtu less than device minimum [ 285.464072][T12242] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 285.670973][T12242] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 285.876720][T12242] team0: Port device team_slave_0 added [ 285.910812][T12242] team0: Port device team_slave_1 added [ 286.007053][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 286.070118][T12325] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1787'. [ 286.116484][T12242] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 286.134823][T12242] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 286.207720][T12242] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 286.308921][T12242] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 286.316687][T12242] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 286.364574][T12242] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 286.459674][T12340] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 286.508349][T12337] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1792'. [ 286.533980][T12337] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1792'. [ 286.568122][T12242] hsr_slave_0: entered promiscuous mode [ 286.575274][T12242] hsr_slave_1: entered promiscuous mode [ 286.779143][T12349] FAULT_INJECTION: forcing a failure. [ 286.779143][T12349] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 286.803187][T12349] CPU: 1 UID: 0 PID: 12349 Comm: syz.1.1795 Not tainted 6.16.0-rc1-syzkaller-00196-g08207f42d3ff #0 PREEMPT(full) [ 286.803220][T12349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 286.803232][T12349] Call Trace: [ 286.803240][T12349] [ 286.803249][T12349] dump_stack_lvl+0x189/0x250 [ 286.803288][T12349] ? __pfx____ratelimit+0x10/0x10 [ 286.803331][T12349] ? __pfx_dump_stack_lvl+0x10/0x10 [ 286.803362][T12349] ? __pfx__printk+0x10/0x10 [ 286.803386][T12349] ? __might_fault+0xb0/0x130 [ 286.803422][T12349] should_fail_ex+0x414/0x560 [ 286.803455][T12349] _copy_from_user+0x2d/0xb0 [ 286.803479][T12349] ___sys_sendmsg+0x158/0x2a0 [ 286.803510][T12349] ? __pfx____sys_sendmsg+0x10/0x10 [ 286.803577][T12349] ? __fget_files+0x2a/0x420 [ 286.803601][T12349] ? __fget_files+0x3a0/0x420 [ 286.803635][T12349] __x64_sys_sendmsg+0x19b/0x260 [ 286.803665][T12349] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 286.803704][T12349] ? __pfx_ksys_write+0x10/0x10 [ 286.803721][T12349] ? rcu_is_watching+0x15/0xb0 [ 286.803758][T12349] ? do_syscall_64+0xbe/0x3b0 [ 286.803783][T12349] do_syscall_64+0xfa/0x3b0 [ 286.803802][T12349] ? lockdep_hardirqs_on+0x9c/0x150 [ 286.803832][T12349] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.803852][T12349] ? clear_bhb_loop+0x60/0xb0 [ 286.803878][T12349] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.803897][T12349] RIP: 0033:0x7f431798e929 [ 286.803917][T12349] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 286.803934][T12349] RSP: 002b:00007f43188b5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 286.803957][T12349] RAX: ffffffffffffffda RBX: 00007f4317bb5fa0 RCX: 00007f431798e929 [ 286.803971][T12349] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 286.803985][T12349] RBP: 00007f43188b5090 R08: 0000000000000000 R09: 0000000000000000 [ 286.803999][T12349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 286.804012][T12349] R13: 0000000000000000 R14: 00007f4317bb5fa0 R15: 00007fff8b0973e8 [ 286.804048][T12349] [ 287.207021][ T5154] Bluetooth: hci1: command tx timeout [ 287.884548][T12372] (unnamed net_device) (uninitialized): peer notification delay (9) is not a multiple of miimon (100), value rounded to 0 ms [ 287.898088][T12372] (unnamed net_device) (uninitialized): option use_carrier: invalid value (5) [ 287.924750][T12374] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1801'. [ 288.001137][T12381] netlink: 'syz.0.1804': attribute type 1 has an invalid length. [ 288.009800][T12381] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 288.339684][T12394] FAULT_INJECTION: forcing a failure. [ 288.339684][T12394] name failslab, interval 1, probability 0, space 0, times 0 [ 288.391724][T12394] CPU: 1 UID: 0 PID: 12394 Comm: syz.6.1807 Not tainted 6.16.0-rc1-syzkaller-00196-g08207f42d3ff #0 PREEMPT(full) [ 288.391756][T12394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 288.391769][T12394] Call Trace: [ 288.391777][T12394] [ 288.391786][T12394] dump_stack_lvl+0x189/0x250 [ 288.391822][T12394] ? __pfx____ratelimit+0x10/0x10 [ 288.391867][T12394] ? __pfx_dump_stack_lvl+0x10/0x10 [ 288.391897][T12394] ? __pfx__printk+0x10/0x10 [ 288.391927][T12394] ? __pfx___might_resched+0x10/0x10 [ 288.391963][T12394] should_fail_ex+0x414/0x560 [ 288.391995][T12394] should_failslab+0xa8/0x100 [ 288.392019][T12394] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 288.392040][T12394] ? __alloc_skb+0x112/0x2d0 [ 288.392069][T12394] __alloc_skb+0x112/0x2d0 [ 288.392098][T12394] netlink_sendmsg+0x5c6/0xb30 [ 288.392134][T12394] ? __pfx_netlink_sendmsg+0x10/0x10 [ 288.392164][T12394] ? aa_sock_msg_perm+0x94/0x160 [ 288.392192][T12394] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 288.392217][T12394] ? __pfx_netlink_sendmsg+0x10/0x10 [ 288.392254][T12394] __sock_sendmsg+0x219/0x270 [ 288.392278][T12394] ____sys_sendmsg+0x505/0x830 [ 288.392311][T12394] ? __pfx_____sys_sendmsg+0x10/0x10 [ 288.392349][T12394] ? import_iovec+0x74/0xa0 [ 288.392375][T12394] ___sys_sendmsg+0x21f/0x2a0 [ 288.392404][T12394] ? __pfx____sys_sendmsg+0x10/0x10 [ 288.392472][T12394] ? __fget_files+0x2a/0x420 [ 288.392492][T12394] ? __fget_files+0x3a0/0x420 [ 288.392525][T12394] __x64_sys_sendmsg+0x19b/0x260 [ 288.392554][T12394] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 288.392590][T12394] ? __pfx_ksys_write+0x10/0x10 [ 288.392606][T12394] ? rcu_is_watching+0x15/0xb0 [ 288.392642][T12394] ? do_syscall_64+0xbe/0x3b0 [ 288.392667][T12394] do_syscall_64+0xfa/0x3b0 [ 288.392685][T12394] ? lockdep_hardirqs_on+0x9c/0x150 [ 288.392715][T12394] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 288.392735][T12394] ? clear_bhb_loop+0x60/0xb0 [ 288.392761][T12394] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 288.392780][T12394] RIP: 0033:0x7f6f25d8e929 [ 288.392798][T12394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 288.392816][T12394] RSP: 002b:00007f6f26c95038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 288.392839][T12394] RAX: ffffffffffffffda RBX: 00007f6f25fb5fa0 RCX: 00007f6f25d8e929 [ 288.392853][T12394] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 288.392865][T12394] RBP: 00007f6f26c95090 R08: 0000000000000000 R09: 0000000000000000 [ 288.392877][T12394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 288.392889][T12394] R13: 0000000000000000 R14: 00007f6f25fb5fa0 R15: 00007ffcf33783b8 [ 288.392923][T12394] [ 289.058650][T12242] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 289.108656][T12242] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 289.150880][T12242] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 289.159934][T12401] netlink: 68 bytes leftover after parsing attributes in process `syz.6.1808'. [ 289.193844][T12242] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 289.248489][T12401] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1808'. [ 289.287112][ T5154] Bluetooth: hci1: command tx timeout [ 289.317760][T12402] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1808'. [ 289.529917][T12411] openvswitch: netlink: Missing key (keys=40, expected=2000) [ 289.741513][T12242] 8021q: adding VLAN 0 to HW filter on device bond0 [ 289.868954][T12242] 8021q: adding VLAN 0 to HW filter on device team0 [ 289.936351][ T7143] bridge0: port 1(bridge_slave_0) entered blocking state [ 289.943606][ T7143] bridge0: port 1(bridge_slave_0) entered forwarding state [ 289.991624][ T7143] bridge0: port 2(bridge_slave_1) entered blocking state [ 289.998872][ T7143] bridge0: port 2(bridge_slave_1) entered forwarding state [ 290.073356][T12426] : renamed from bond_slave_0 [ 290.344445][T12427] syzkaller0: entered promiscuous mode [ 290.376869][T12427] syzkaller0: entered allmulticast mode [ 290.570901][T12442] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 290.707616][T12242] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 291.374143][ T5154] Bluetooth: hci1: command tx timeout [ 293.253554][T12484] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1825'. [ 293.264884][T12242] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 293.306207][T12484] wg1: left promiscuous mode [ 293.314345][T12484] wg1: left allmulticast mode [ 293.339734][T12484] netlink: 'syz.1.1825': attribute type 2 has an invalid length. [ 293.490900][ T5837] block nbd2: Wrong magic (0x24000000) [ 293.550168][T12242] veth0_vlan: entered promiscuous mode [ 293.625682][T12242] veth1_vlan: entered promiscuous mode [ 293.644035][T12497] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1830'. [ 293.729808][T12500] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1830'. [ 293.847568][ T5837] Bluetooth: hci4: command 0x0406 tx timeout [ 294.113426][T12500] veth1_vlan (unregistering): left allmulticast mode [ 294.262891][T12242] veth0_macvtap: entered promiscuous mode [ 294.322583][T12242] veth1_macvtap: entered promiscuous mode [ 294.710011][T12242] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 294.801057][T12242] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 294.855873][T12242] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 294.891936][T12242] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 294.917274][T12242] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 294.938164][T12242] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 295.133291][T12531] netlink: 'syz.1.1840': attribute type 83 has an invalid length. [ 295.143928][T12530] netlink: 'syz.1.1840': attribute type 83 has an invalid length. [ 295.209853][ T7145] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 295.240643][ T7145] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 295.390972][T12533] netlink: 'syz.6.1841': attribute type 4 has an invalid length. [ 295.409843][ T150] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 295.413676][T12533] netlink: 'syz.6.1841': attribute type 4 has an invalid length. [ 295.435797][ T150] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 296.063288][T12555] Bluetooth: hci0: Opcode 0x0401 failed: -4 [ 296.159656][ T7140] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 296.441079][ T7140] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 296.558702][ T7140] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 296.621498][ T7140] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 296.775751][ T7140] bridge_slave_1: left allmulticast mode [ 296.781570][ T7140] bridge_slave_1: left promiscuous mode [ 296.787466][ T7140] bridge0: port 2(bridge_slave_1) entered disabled state [ 296.798007][ T7140] bridge_slave_0: left allmulticast mode [ 296.803652][ T7140] bridge_slave_0: left promiscuous mode [ 296.809897][ T7140] bridge0: port 1(bridge_slave_0) entered disabled state [ 297.050021][T12577] x_tables: duplicate underflow at hook 2 [ 297.463766][T12586] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1857'. [ 297.583054][ T7140] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 297.595839][ T5839] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 297.607766][ T5839] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 297.614243][ T7140] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 297.623877][ T5839] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 297.626063][ T7140] bond0 (unregistering): Released all slaves [ 297.642152][ T5839] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 297.652249][ T5839] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 297.660660][T12574] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1854'. [ 297.670315][T12574] netlink: 15 bytes leftover after parsing attributes in process `syz.6.1854'. [ 297.680431][T12574] netlink: 15 bytes leftover after parsing attributes in process `syz.6.1854'. [ 297.740716][T12586] 8021q: adding VLAN 0 to HW filter on device bond6 [ 297.785679][T12587] bond6: (slave veth9): Enslaving as an active interface with an up link [ 298.057737][T12595] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 298.152510][T12608] netlink: 'syz.1.1863': attribute type 1 has an invalid length. [ 298.174603][T12608] netlink: 'syz.1.1863': attribute type 9 has an invalid length. [ 298.412383][T12619] netlink: 'syz.0.1865': attribute type 1 has an invalid length. [ 298.420941][T12619] netlink: 228 bytes leftover after parsing attributes in process `syz.0.1865'. [ 298.476485][T12623] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1864'. [ 298.490205][T12623] netlink: 'syz.6.1864': attribute type 10 has an invalid length. [ 298.746616][ T7140] hsr_slave_0: left promiscuous mode [ 298.755772][ T7140] hsr_slave_1: left promiscuous mode [ 298.762187][ T7140] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 298.770368][ T7140] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 298.800923][ T7140] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 298.814039][ T7140] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 298.916321][ T7140] veth1_macvtap: left promiscuous mode [ 298.937626][ T7140] veth0_macvtap: left promiscuous mode [ 298.943387][ T7140] veth1_vlan: left promiscuous mode [ 298.969554][ T5839] Bluetooth: hci5: command 0x0406 tx timeout [ 298.969677][ T7140] veth0_vlan: left promiscuous mode [ 299.010149][T12638] netlink: zone id is out of range [ 299.015328][T12638] netlink: zone id is out of range [ 299.090225][T12638] netlink: set zone limit has 4 unknown bytes [ 299.157297][T12644] FAULT_INJECTION: forcing a failure. [ 299.157297][T12644] name failslab, interval 1, probability 0, space 0, times 0 [ 299.185082][T12638] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1873'. [ 299.187134][T12644] CPU: 1 UID: 0 PID: 12644 Comm: syz.0.1874 Not tainted 6.16.0-rc1-syzkaller-00196-g08207f42d3ff #0 PREEMPT(full) [ 299.187162][T12644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 299.187173][T12644] Call Trace: [ 299.187181][T12644] [ 299.187188][T12644] dump_stack_lvl+0x189/0x250 [ 299.187221][T12644] ? __pfx____ratelimit+0x10/0x10 [ 299.187250][T12644] ? __pfx_dump_stack_lvl+0x10/0x10 [ 299.187277][T12644] ? __pfx__printk+0x10/0x10 [ 299.187303][T12644] ? __pfx___might_resched+0x10/0x10 [ 299.187328][T12644] ? fs_reclaim_acquire+0x7d/0x100 [ 299.187354][T12644] should_fail_ex+0x414/0x560 [ 299.187384][T12644] should_failslab+0xa8/0x100 [ 299.187404][T12644] __kmalloc_noprof+0xcb/0x4f0 [ 299.187421][T12644] ? nf_tables_newrule+0x1506/0x2890 [ 299.187443][T12644] ? nla_strcmp+0x106/0x140 [ 299.187473][T12644] nf_tables_newrule+0x1506/0x2890 [ 299.187515][T12644] ? __pfx_nf_tables_newrule+0x10/0x10 [ 299.187541][T12644] ? nfnl_pernet+0x23/0x240 [ 299.187578][T12644] ? __nla_parse+0x40/0x60 [ 299.187608][T12644] nfnetlink_rcv+0x1132/0x2520 [ 299.187670][T12644] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 299.187715][T12644] ? ref_tracker_free+0x63a/0x7d0 [ 299.187773][T12644] ? __netlink_deliver_tap+0x807/0x850 [ 299.187804][T12644] ? netlink_deliver_tap+0x2e/0x1b0 [ 299.187825][T12644] ? netlink_deliver_tap+0x2e/0x1b0 [ 299.187852][T12644] netlink_unicast+0x758/0x8d0 [ 299.187891][T12644] netlink_sendmsg+0x805/0xb30 [ 299.187924][T12644] ? __pfx_netlink_sendmsg+0x10/0x10 [ 299.187950][T12644] ? aa_sock_msg_perm+0x94/0x160 [ 299.187974][T12644] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 299.187997][T12644] ? __pfx_netlink_sendmsg+0x10/0x10 [ 299.188019][T12644] __sock_sendmsg+0x219/0x270 [ 299.188040][T12644] ____sys_sendmsg+0x505/0x830 [ 299.188070][T12644] ? __pfx_____sys_sendmsg+0x10/0x10 [ 299.188103][T12644] ? import_iovec+0x74/0xa0 [ 299.188126][T12644] ___sys_sendmsg+0x21f/0x2a0 [ 299.188152][T12644] ? __pfx____sys_sendmsg+0x10/0x10 [ 299.188216][T12644] ? __fget_files+0x2a/0x420 [ 299.188234][T12644] ? __fget_files+0x3a0/0x420 [ 299.188266][T12644] __x64_sys_sendmsg+0x19b/0x260 [ 299.188292][T12644] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 299.188325][T12644] ? __pfx_ksys_write+0x10/0x10 [ 299.188348][T12644] ? do_syscall_64+0xbe/0x3b0 [ 299.188370][T12644] do_syscall_64+0xfa/0x3b0 [ 299.188385][T12644] ? lockdep_hardirqs_on+0x9c/0x150 [ 299.188412][T12644] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 299.188430][T12644] ? clear_bhb_loop+0x60/0xb0 [ 299.188452][T12644] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 299.188469][T12644] RIP: 0033:0x7f7dd7b8e929 [ 299.188487][T12644] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 299.188503][T12644] RSP: 002b:00007f7dd59f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 299.188523][T12644] RAX: ffffffffffffffda RBX: 00007f7dd7db6080 RCX: 00007f7dd7b8e929 [ 299.188536][T12644] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 299.188547][T12644] RBP: 00007f7dd59f6090 R08: 0000000000000000 R09: 0000000000000000 [ 299.188558][T12644] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 299.188568][T12644] R13: 0000000000000001 R14: 00007f7dd7db6080 R15: 00007ffe8a3de1e8 [ 299.188599][T12644] [ 299.688233][ T5837] Bluetooth: hci1: command tx timeout [ 299.806383][T12661] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1878'. [ 300.552674][ T7140] team0 (unregistering): Port device team_slave_1 removed [ 300.612864][ T7140] team0 (unregistering): Port device team_slave_0 removed [ 301.113701][T12661] (unnamed net_device) (uninitialized): option resend_igmp: invalid value (2878) [ 301.134191][T12661] (unnamed net_device) (uninitialized): option resend_igmp: allowed values 0 - 255 [ 301.749626][T12588] chnl_net:caif_netlink_parms(): no params data found [ 301.767017][ T5837] Bluetooth: hci1: command tx timeout [ 301.775716][T12699] FAULT_INJECTION: forcing a failure. [ 301.775716][T12699] name failslab, interval 1, probability 0, space 0, times 0 [ 301.798927][T12702] netlink: 'syz.0.1887': attribute type 4 has an invalid length. [ 301.917680][T12699] CPU: 0 UID: 0 PID: 12699 Comm: syz.5.1888 Not tainted 6.16.0-rc1-syzkaller-00196-g08207f42d3ff #0 PREEMPT(full) [ 301.917712][T12699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 301.917724][T12699] Call Trace: [ 301.917732][T12699] [ 301.917741][T12699] dump_stack_lvl+0x189/0x250 [ 301.917777][T12699] ? __pfx____ratelimit+0x10/0x10 [ 301.917809][T12699] ? __pfx_dump_stack_lvl+0x10/0x10 [ 301.917838][T12699] ? __pfx__printk+0x10/0x10 [ 301.917867][T12699] ? __pfx___might_resched+0x10/0x10 [ 301.917897][T12699] ? fs_reclaim_acquire+0x7d/0x100 [ 301.917927][T12699] should_fail_ex+0x414/0x560 [ 301.917958][T12699] should_failslab+0xa8/0x100 [ 301.917982][T12699] __kmalloc_cache_noprof+0x70/0x3d0 [ 301.918001][T12699] ? nfnetlink_rcv+0xeff/0x2520 [ 301.918037][T12699] nfnetlink_rcv+0xeff/0x2520 [ 301.918114][T12699] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 301.918166][T12699] ? ref_tracker_free+0x63a/0x7d0 [ 301.918229][T12699] ? __netlink_deliver_tap+0x807/0x850 [ 301.918265][T12699] ? netlink_deliver_tap+0x2e/0x1b0 [ 301.918289][T12699] ? netlink_deliver_tap+0x2e/0x1b0 [ 301.918320][T12699] netlink_unicast+0x758/0x8d0 [ 301.918355][T12699] netlink_sendmsg+0x805/0xb30 [ 301.918392][T12699] ? __pfx_netlink_sendmsg+0x10/0x10 [ 301.918421][T12699] ? aa_sock_msg_perm+0x94/0x160 [ 301.918449][T12699] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 301.918474][T12699] ? __pfx_netlink_sendmsg+0x10/0x10 [ 301.918499][T12699] __sock_sendmsg+0x219/0x270 [ 301.918524][T12699] ____sys_sendmsg+0x505/0x830 [ 301.918557][T12699] ? __pfx_____sys_sendmsg+0x10/0x10 [ 301.918595][T12699] ? import_iovec+0x74/0xa0 [ 301.918620][T12699] ___sys_sendmsg+0x21f/0x2a0 [ 301.918649][T12699] ? __pfx____sys_sendmsg+0x10/0x10 [ 301.918727][T12699] ? __fget_files+0x2a/0x420 [ 301.918748][T12699] ? __fget_files+0x3a0/0x420 [ 301.918782][T12699] __x64_sys_sendmsg+0x19b/0x260 [ 301.918812][T12699] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 301.918924][T12699] ? __pfx_ksys_write+0x10/0x10 [ 301.918955][T12699] ? rcu_is_watching+0x15/0xb0 [ 301.918993][T12699] ? do_syscall_64+0xbe/0x3b0 [ 301.919018][T12699] do_syscall_64+0xfa/0x3b0 [ 301.919037][T12699] ? lockdep_hardirqs_on+0x9c/0x150 [ 301.919066][T12699] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 301.919087][T12699] ? clear_bhb_loop+0x60/0xb0 [ 301.919112][T12699] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 301.919131][T12699] RIP: 0033:0x7fde0d98e929 [ 301.919152][T12699] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 301.919170][T12699] RSP: 002b:00007fde0e7bf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 301.919193][T12699] RAX: ffffffffffffffda RBX: 00007fde0dbb5fa0 RCX: 00007fde0d98e929 [ 301.919208][T12699] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 301.919221][T12699] RBP: 00007fde0e7bf090 R08: 0000000000000000 R09: 0000000000000000 [ 301.919234][T12699] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 301.919245][T12699] R13: 0000000000000000 R14: 00007fde0dbb5fa0 R15: 00007ffd0dae9158 [ 301.919281][T12699] [ 302.448463][T12711] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1890'. [ 302.498553][T12712] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1890'. [ 302.653236][T12716] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1891'. [ 302.666402][T12716] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1891'. [ 302.678619][T12588] bridge0: port 1(bridge_slave_0) entered blocking state [ 302.717061][T12588] bridge0: port 1(bridge_slave_0) entered disabled state [ 302.724393][T12588] bridge_slave_0: entered allmulticast mode [ 302.776094][T12588] bridge_slave_0: entered promiscuous mode [ 302.811562][T12588] bridge0: port 2(bridge_slave_1) entered blocking state [ 302.837043][T12588] bridge0: port 2(bridge_slave_1) entered disabled state [ 302.844349][T12588] bridge_slave_1: entered allmulticast mode [ 302.876710][T12588] bridge_slave_1: entered promiscuous mode [ 302.882212][T12732] ipt_ECN: cannot use operation on non-tcp rule [ 303.038579][T12741] FAULT_INJECTION: forcing a failure. [ 303.038579][T12741] name failslab, interval 1, probability 0, space 0, times 0 [ 303.039547][T12588] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 303.064930][T12588] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 303.120565][T12741] CPU: 1 UID: 0 PID: 12741 Comm: syz.5.1900 Not tainted 6.16.0-rc1-syzkaller-00196-g08207f42d3ff #0 PREEMPT(full) [ 303.120598][T12741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 303.120610][T12741] Call Trace: [ 303.120619][T12741] [ 303.120628][T12741] dump_stack_lvl+0x189/0x250 [ 303.120665][T12741] ? __pfx____ratelimit+0x10/0x10 [ 303.120697][T12741] ? __pfx_dump_stack_lvl+0x10/0x10 [ 303.120727][T12741] ? __pfx__printk+0x10/0x10 [ 303.120775][T12741] ? __pfx___might_resched+0x10/0x10 [ 303.120805][T12741] ? fs_reclaim_acquire+0x7d/0x100 [ 303.120842][T12741] should_fail_ex+0x414/0x560 [ 303.120875][T12741] should_failslab+0xa8/0x100 [ 303.120898][T12741] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 303.120918][T12741] ? __pfx_nf_tables_abort+0x10/0x10 [ 303.120942][T12741] ? __alloc_skb+0x112/0x2d0 [ 303.120969][T12741] __alloc_skb+0x112/0x2d0 [ 303.120997][T12741] netlink_ack+0x146/0xa50 [ 303.121026][T12741] ? __kasan_kmalloc+0x93/0xb0 [ 303.121057][T12741] nfnetlink_rcv+0x2290/0x2520 [ 303.121126][T12741] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 303.121177][T12741] ? ref_tracker_free+0x63a/0x7d0 [ 303.121239][T12741] ? __netlink_deliver_tap+0x807/0x850 [ 303.121274][T12741] ? netlink_deliver_tap+0x2e/0x1b0 [ 303.121298][T12741] ? netlink_deliver_tap+0x2e/0x1b0 [ 303.121327][T12741] netlink_unicast+0x758/0x8d0 [ 303.121362][T12741] netlink_sendmsg+0x805/0xb30 [ 303.121398][T12741] ? __pfx_netlink_sendmsg+0x10/0x10 [ 303.121426][T12741] ? aa_sock_msg_perm+0x94/0x160 [ 303.121454][T12741] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 303.121479][T12741] ? __pfx_netlink_sendmsg+0x10/0x10 [ 303.121505][T12741] __sock_sendmsg+0x219/0x270 [ 303.121528][T12741] ____sys_sendmsg+0x505/0x830 [ 303.121561][T12741] ? __pfx_____sys_sendmsg+0x10/0x10 [ 303.121598][T12741] ? import_iovec+0x74/0xa0 [ 303.121624][T12741] ___sys_sendmsg+0x21f/0x2a0 [ 303.121653][T12741] ? __pfx____sys_sendmsg+0x10/0x10 [ 303.121722][T12741] ? __fget_files+0x2a/0x420 [ 303.121743][T12741] ? __fget_files+0x3a0/0x420 [ 303.121777][T12741] __x64_sys_sendmsg+0x19b/0x260 [ 303.121807][T12741] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 303.121853][T12741] ? __pfx_ksys_write+0x10/0x10 [ 303.121869][T12741] ? rcu_is_watching+0x15/0xb0 [ 303.121904][T12741] ? do_syscall_64+0xbe/0x3b0 [ 303.121929][T12741] do_syscall_64+0xfa/0x3b0 [ 303.121946][T12741] ? lockdep_hardirqs_on+0x9c/0x150 [ 303.121975][T12741] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 303.121996][T12741] ? clear_bhb_loop+0x60/0xb0 [ 303.122020][T12741] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 303.122040][T12741] RIP: 0033:0x7fde0d98e929 [ 303.122059][T12741] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 303.122076][T12741] RSP: 002b:00007fde0e7bf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 303.122098][T12741] RAX: ffffffffffffffda RBX: 00007fde0dbb5fa0 RCX: 00007fde0d98e929 [ 303.122112][T12741] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 303.122125][T12741] RBP: 00007fde0e7bf090 R08: 0000000000000000 R09: 0000000000000000 [ 303.122137][T12741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 303.122149][T12741] R13: 0000000000000000 R14: 00007fde0dbb5fa0 R15: 00007ffd0dae9158 [ 303.122183][T12741] [ 303.461842][T12751] IPVS: set_ctl: invalid protocol: 124 172.20.20.34:20003 [ 303.463510][T12743] syz_tun: left allmulticast mode [ 303.539928][T12743] 8021q: adding VLAN 0 to HW filter on device bond0 [ 303.549305][T12743] 8021q: adding VLAN 0 to HW filter on device team0 [ 303.642344][T12743] veth1_to_batadv: entered promiscuous mode [ 303.704356][T12743] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 303.728091][T12743] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 303.761938][T12743] veth1_vlan: left promiscuous mode [ 303.785599][T12743] vlan0: left promiscuous mode [ 303.808671][T12743] veth1_vlan: entered promiscuous mode [ 303.848776][ T5837] Bluetooth: hci1: command tx timeout [ 303.852538][T12743] veth1_macvtap: left promiscuous mode [ 303.862321][T12743] veth0_macvtap: left promiscuous mode [ 303.870370][T12743] veth0_macvtap: entered promiscuous mode [ 303.878299][T12743] veth1_macvtap: entered promiscuous mode [ 303.896976][T12743] geneve2: left allmulticast mode [ 303.903185][T12743] vti0: left promiscuous mode [ 303.918242][T12743] 8021q: adding VLAN 0 to HW filter on device bond1 [ 303.984703][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 303.991980][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 304.023722][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 304.031039][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 304.126425][T12773] netlink: 'syz.6.1907': attribute type 11 has an invalid length. [ 304.142539][T12756] netlink: 84 bytes leftover after parsing attributes in process `syz.5.1903'. [ 304.152514][T12756] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1903'. [ 304.161937][T12756] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1903'. [ 304.174629][T12756] netlink: 60 bytes leftover after parsing attributes in process `syz.5.1903'. [ 304.311088][T12588] team0: Port device team_slave_0 added [ 304.335180][T12588] team0: Port device team_slave_1 added [ 304.513362][T12785] tipc: Failed to remove unknown binding: 66,1,1/0:323350881/323350883 [ 304.609598][T12588] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 304.616598][T12588] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 304.657906][T12790] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1914'. [ 304.683158][T12588] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 304.712355][T12588] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 304.722261][T12790] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1914'. [ 304.732808][T12588] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 304.758895][T12790] netlink: 'syz.1.1914': attribute type 14 has an invalid length. [ 304.758921][T12790] netlink: 'syz.1.1914': attribute type 12 has an invalid length. [ 304.837376][T12803] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1914'. [ 304.850213][T12802] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 304.857534][T12802] IPv6: NLM_F_CREATE should be set when creating new route [ 304.879968][T12588] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 305.016963][T12811] IPVS: sync thread started: state = BACKUP, mcast_ifn = vlan0, syncid = 1, id = 0 [ 305.255583][ T7149] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 305.267791][ T7149] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 305.277990][ T1211] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 305.422249][T12588] hsr_slave_0: entered promiscuous mode [ 305.430660][T12588] hsr_slave_1: entered promiscuous mode [ 305.467206][ T5918] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 305.557043][ T5918] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 305.690576][T12824] netlink: 136 bytes leftover after parsing attributes in process `syz.0.1921'. [ 305.738044][T12824] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check. [ 305.757398][T12834] FAULT_INJECTION: forcing a failure. [ 305.757398][T12834] name failslab, interval 1, probability 0, space 0, times 0 [ 305.803280][T12834] CPU: 0 UID: 0 PID: 12834 Comm: syz.1.1924 Not tainted 6.16.0-rc1-syzkaller-00196-g08207f42d3ff #0 PREEMPT(full) [ 305.803312][T12834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 305.803325][T12834] Call Trace: [ 305.803333][T12834] [ 305.803342][T12834] dump_stack_lvl+0x189/0x250 [ 305.803377][T12834] ? __pfx____ratelimit+0x10/0x10 [ 305.803407][T12834] ? __pfx_dump_stack_lvl+0x10/0x10 [ 305.803437][T12834] ? __pfx__printk+0x10/0x10 [ 305.803476][T12834] should_fail_ex+0x414/0x560 [ 305.803510][T12834] should_failslab+0xa8/0x100 [ 305.803534][T12834] kmem_cache_alloc_noprof+0x73/0x3c0 [ 305.803563][T12834] ? skb_clone+0x212/0x3a0 [ 305.803595][T12834] skb_clone+0x212/0x3a0 [ 305.803626][T12834] __netlink_deliver_tap+0x404/0x850 [ 305.803665][T12834] ? netlink_deliver_tap+0x2e/0x1b0 [ 305.803690][T12834] netlink_deliver_tap+0x19c/0x1b0 [ 305.803716][T12834] netlink_sendskb+0x68/0x140 [ 305.803738][T12834] nfnetlink_rcv+0x2290/0x2520 [ 305.803808][T12834] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 305.803856][T12834] ? ref_tracker_free+0x63a/0x7d0 [ 305.803920][T12834] ? __netlink_deliver_tap+0x807/0x850 [ 305.803956][T12834] ? netlink_deliver_tap+0x2e/0x1b0 [ 305.803986][T12834] ? netlink_deliver_tap+0x2e/0x1b0 [ 305.804017][T12834] netlink_unicast+0x758/0x8d0 [ 305.804053][T12834] netlink_sendmsg+0x805/0xb30 [ 305.804089][T12834] ? __pfx_netlink_sendmsg+0x10/0x10 [ 305.804117][T12834] ? aa_sock_msg_perm+0x94/0x160 [ 305.804145][T12834] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 305.804169][T12834] ? __pfx_netlink_sendmsg+0x10/0x10 [ 305.804194][T12834] __sock_sendmsg+0x219/0x270 [ 305.804218][T12834] ____sys_sendmsg+0x505/0x830 [ 305.804250][T12834] ? __pfx_____sys_sendmsg+0x10/0x10 [ 305.804292][T12834] ? import_iovec+0x74/0xa0 [ 305.804316][T12834] ___sys_sendmsg+0x21f/0x2a0 [ 305.804344][T12834] ? __pfx____sys_sendmsg+0x10/0x10 [ 305.804415][T12834] ? __fget_files+0x2a/0x420 [ 305.804435][T12834] ? __fget_files+0x3a0/0x420 [ 305.804469][T12834] __x64_sys_sendmsg+0x19b/0x260 [ 305.804498][T12834] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 305.804536][T12834] ? __pfx_ksys_write+0x10/0x10 [ 305.804551][T12834] ? rcu_is_watching+0x15/0xb0 [ 305.804586][T12834] ? do_syscall_64+0xbe/0x3b0 [ 305.804610][T12834] do_syscall_64+0xfa/0x3b0 [ 305.804627][T12834] ? lockdep_hardirqs_on+0x9c/0x150 [ 305.804655][T12834] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 305.804674][T12834] ? clear_bhb_loop+0x60/0xb0 [ 305.804699][T12834] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 305.804717][T12834] RIP: 0033:0x7f431798e929 [ 305.804735][T12834] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 305.804752][T12834] RSP: 002b:00007f43188b5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 305.804773][T12834] RAX: ffffffffffffffda RBX: 00007f4317bb5fa0 RCX: 00007f431798e929 [ 305.804787][T12834] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 305.804800][T12834] RBP: 00007f43188b5090 R08: 0000000000000000 R09: 0000000000000000 [ 305.804812][T12834] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 305.804823][T12834] R13: 0000000000000000 R14: 00007f4317bb5fa0 R15: 00007fff8b0973e8 [ 305.804857][T12834] [ 306.163030][ T5837] Bluetooth: hci1: command tx timeout [ 306.395265][T12845] No such timeout policy "syz0" [ 306.489475][T12849] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1925'. [ 306.501100][T12845] _Z`Ԁ@: entered promiscuous mode [ 307.072894][T12588] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 307.112466][T12588] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 307.155509][T12588] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 307.197524][T12588] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 307.349601][ T30] audit: type=1107 audit(1749882885.562:9): pid=12873 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='1d]:xJP@cd$JnyO^D#z' [ 307.744036][T12895] FAULT_INJECTION: forcing a failure. [ 307.744036][T12895] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 307.821837][T12895] CPU: 1 UID: 0 PID: 12895 Comm: syz.1.1938 Not tainted 6.16.0-rc1-syzkaller-00196-g08207f42d3ff #0 PREEMPT(full) [ 307.821869][T12895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 307.821882][T12895] Call Trace: [ 307.821891][T12895] [ 307.821900][T12895] dump_stack_lvl+0x189/0x250 [ 307.821936][T12895] ? __pfx____ratelimit+0x10/0x10 [ 307.821967][T12895] ? __pfx_dump_stack_lvl+0x10/0x10 [ 307.821997][T12895] ? __pfx__printk+0x10/0x10 [ 307.822044][T12895] should_fail_ex+0x414/0x560 [ 307.822077][T12895] _copy_to_user+0x31/0xb0 [ 307.822103][T12895] simple_read_from_buffer+0xe1/0x170 [ 307.822129][T12895] proc_fail_nth_read+0x1df/0x250 [ 307.822158][T12895] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 307.822185][T12895] ? rw_verify_area+0x258/0x650 [ 307.822214][T12895] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 307.822240][T12895] vfs_read+0x200/0x980 [ 307.822277][T12895] ? __pfx___mutex_lock+0x10/0x10 [ 307.822299][T12895] ? __pfx_vfs_read+0x10/0x10 [ 307.822331][T12895] ? __fget_files+0x2a/0x420 [ 307.822359][T12895] ? __fget_files+0x3a0/0x420 [ 307.822380][T12895] ? __fget_files+0x2a/0x420 [ 307.822413][T12895] ksys_read+0x145/0x250 [ 307.822435][T12895] ? __pfx_ksys_read+0x10/0x10 [ 307.822462][T12895] ? rcu_is_watching+0x15/0xb0 [ 307.822499][T12895] ? do_syscall_64+0xbe/0x3b0 [ 307.822524][T12895] do_syscall_64+0xfa/0x3b0 [ 307.822542][T12895] ? lockdep_hardirqs_on+0x9c/0x150 [ 307.822571][T12895] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 307.822590][T12895] ? clear_bhb_loop+0x60/0xb0 [ 307.822616][T12895] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 307.822635][T12895] RIP: 0033:0x7f431798d33c [ 307.822654][T12895] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 307.822672][T12895] RSP: 002b:00007f43188b5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 307.822695][T12895] RAX: ffffffffffffffda RBX: 00007f4317bb5fa0 RCX: 00007f431798d33c [ 307.822711][T12895] RDX: 000000000000000f RSI: 00007f43188b50a0 RDI: 0000000000000004 [ 307.822723][T12895] RBP: 00007f43188b5090 R08: 0000000000000000 R09: 0000000000000000 [ 307.822736][T12895] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 307.822749][T12895] R13: 0000000000000000 R14: 00007f4317bb5fa0 R15: 00007fff8b0973e8 [ 307.822783][T12895] [ 308.338433][T12908] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1940'. [ 308.541088][T12588] 8021q: adding VLAN 0 to HW filter on device bond0 [ 308.634126][T12588] 8021q: adding VLAN 0 to HW filter on device team0 [ 308.668604][ T6054] bridge0: port 1(bridge_slave_0) entered blocking state [ 308.675856][ T6054] bridge0: port 1(bridge_slave_0) entered forwarding state [ 308.781207][ T6054] bridge0: port 2(bridge_slave_1) entered blocking state [ 308.788457][ T6054] bridge0: port 2(bridge_slave_1) entered forwarding state [ 309.122225][T12932] netlink: 'syz.1.1946': attribute type 5 has an invalid length. [ 309.127109][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 309.434387][T12588] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 309.539901][T12588] veth0_vlan: entered promiscuous mode [ 309.597344][T12588] veth1_vlan: entered promiscuous mode [ 309.770185][T12588] veth0_macvtap: entered promiscuous mode [ 309.783450][T12588] veth1_macvtap: entered promiscuous mode [ 309.806551][T12588] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 309.831873][T12588] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 309.852735][T12588] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 309.863082][T12588] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 309.872239][T12588] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 309.882510][T12588] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 310.071892][T12965] netlink: 'syz.0.1957': attribute type 1 has an invalid length. [ 310.255479][T12981] IPVS: sync thread started: state = MASTER, mcast_ifn = team_slave_1, syncid = 0, id = 0 [ 310.267580][T12974] bond7: (slave gretap1): making interface the new active one [ 310.276210][T12974] bond7: (slave gretap1): Enslaving as an active interface with an up link [ 310.577974][T12987] netlink: 'syz.6.1961': attribute type 1 has an invalid length. [ 310.586033][T12987] netlink: 'syz.6.1961': attribute type 1 has an invalid length. [ 310.649371][ T1103] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 310.693899][ T1103] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 310.853190][ T150] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 310.882684][ T150] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 310.932830][T13005] netlink: 'syz.5.1964': attribute type 11 has an invalid length. [ 310.953952][T13005] netlink: 'syz.5.1964': attribute type 11 has an invalid length. [ 310.997751][T13005] __nla_validate_parse: 1 callbacks suppressed [ 310.997770][T13005] netlink: 224 bytes leftover after parsing attributes in process `syz.5.1964'. [ 311.303482][T13024] netlink: 104 bytes leftover after parsing attributes in process `syz.6.1969'. [ 311.318178][T13024] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1969'. [ 311.545332][ T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 311.677974][T13023] syzkaller1: entered promiscuous mode [ 311.704644][T13023] syzkaller1: entered allmulticast mode [ 311.818173][ T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 312.133615][ T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 312.306127][ T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 312.482513][ T12] bridge_slave_1: left allmulticast mode [ 312.499260][ T12] bridge_slave_1: left promiscuous mode [ 312.516922][T13044] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1981'. [ 312.518774][T13040] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1972'. [ 312.534609][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 312.562014][ T12] bridge_slave_0: left allmulticast mode [ 312.577693][ T12] bridge_slave_0: left promiscuous mode [ 312.587149][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 313.075597][ T5839] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 313.086031][ T5839] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 313.095946][ T5839] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 313.107695][ T5839] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 313.116613][ T5839] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 313.245402][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 313.260074][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 313.273866][ T12] bond0 (unregistering): Released all slaves [ 313.290057][T13040] hsr_slave_0: left promiscuous mode [ 313.298450][T13040] hsr_slave_1: left promiscuous mode [ 313.505793][T13059] netlink: 'syz.6.1977': attribute type 1 has an invalid length. [ 313.650263][T13062] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input10 [ 313.770296][T13063] bridge5: entered promiscuous mode [ 313.775815][T13063] bridge5: entered allmulticast mode [ 313.800789][T13063] team0: Port device bridge5 added [ 313.911945][ T12] hsr_slave_0: left promiscuous mode [ 313.933861][ T12] hsr_slave_1: left promiscuous mode [ 313.942856][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 313.961224][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 313.982458][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 313.996046][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 314.055695][ T12] veth1_macvtap: left promiscuous mode [ 314.063528][ T12] veth0_macvtap: left promiscuous mode [ 314.076996][ T12] veth1_vlan: left promiscuous mode [ 314.082387][ T12] veth0_vlan: left promiscuous mode [ 314.325026][T13091] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1986'. [ 314.724837][ T12] team0 (unregistering): Port device team_slave_1 removed [ 314.811811][ T12] team0 (unregistering): Port device team_slave_0 removed [ 315.211707][ T5837] Bluetooth: hci1: command tx timeout [ 315.977883][T13118] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1991'. [ 315.980798][T13120] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1993'. [ 315.997848][T13107] wg1: left promiscuous mode [ 316.002881][T13107] wg1: left allmulticast mode [ 316.050720][T13120] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1993'. [ 316.066976][T13120] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1993'. [ 316.121091][T13107] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 316.140006][T13107] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 316.209952][T13107] veth1_vlan: left allmulticast mode [ 316.418054][T13107] veth0_vlan: left allmulticast mode [ 316.667422][T13107] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 316.679082][T13107] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 316.688302][T13107] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 316.697695][T13107] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 316.727089][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 316.943252][T13107] bond2: left promiscuous mode [ 316.957804][T13127] FAULT_INJECTION: forcing a failure. [ 316.957804][T13127] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 316.982063][T13127] CPU: 1 UID: 0 PID: 13127 Comm: syz.0.1994 Not tainted 6.16.0-rc1-syzkaller-00196-g08207f42d3ff #0 PREEMPT(full) [ 316.982093][T13127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 316.982106][T13127] Call Trace: [ 316.982113][T13127] [ 316.982121][T13127] dump_stack_lvl+0x189/0x250 [ 316.982155][T13127] ? __pfx____ratelimit+0x10/0x10 [ 316.982185][T13127] ? __pfx_dump_stack_lvl+0x10/0x10 [ 316.982213][T13127] ? __pfx__printk+0x10/0x10 [ 316.982230][T13127] ? fs_reclaim_acquire+0x7d/0x100 [ 316.982250][T13127] should_fail_ex+0x414/0x560 [ 316.982269][T13127] prepare_alloc_pages+0x213/0x610 [ 316.982289][T13127] __alloc_frozen_pages_noprof+0x123/0x370 [ 316.982306][T13127] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 316.982327][T13127] ? policy_nodemask+0x27c/0x720 [ 316.982338][T13127] ? __lock_acquire+0xab9/0xd20 [ 316.982357][T13127] alloc_pages_mpol+0x232/0x4a0 [ 316.982373][T13127] vma_alloc_folio_noprof+0xe4/0x200 [ 316.982385][T13127] ? page_table_check_set+0x18d/0x730 [ 316.982399][T13127] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 316.982420][T13127] folio_prealloc+0x30/0x180 [ 316.982433][T13127] __handle_mm_fault+0x2c88/0x5620 [ 316.982464][T13127] ? __pfx___handle_mm_fault+0x10/0x10 [ 316.982490][T13127] ? follow_page_pte+0x8d6/0x14b0 [ 316.982513][T13127] handle_mm_fault+0x40a/0x8e0 [ 316.982538][T13127] __get_user_pages+0x1af4/0x30b0 [ 316.982553][T13127] ? stack_depot_save_flags+0x40/0x900 [ 316.982575][T13127] ? __kvmalloc_node_noprof+0x30d/0x5f0 [ 316.982601][T13127] ? __pfx___get_user_pages+0x10/0x10 [ 316.982623][T13127] __gup_longterm_locked+0x3e3/0x15b0 [ 316.982646][T13127] ? xdp_umem_pin_pages+0xc6/0x340 [ 316.982670][T13127] ? rcu_is_watching+0x15/0xb0 [ 316.982686][T13127] ? xdp_umem_pin_pages+0x52/0x340 [ 316.982705][T13127] pin_user_pages+0x9e/0xd0 [ 316.982724][T13127] xdp_umem_pin_pages+0x117/0x340 [ 316.982744][T13127] xdp_umem_create+0x677/0x8e0 [ 316.982768][T13127] xsk_setsockopt+0x62a/0x710 [ 316.982786][T13127] ? __pfx_xsk_setsockopt+0x10/0x10 [ 316.982801][T13127] ? __lock_acquire+0xab9/0xd20 [ 316.982819][T13127] ? aa_sock_opt_perm+0x74/0x110 [ 316.982835][T13127] ? bpf_lsm_socket_setsockopt+0x9/0x20 [ 316.982850][T13127] ? __pfx_xsk_setsockopt+0x10/0x10 [ 316.982867][T13127] do_sock_setsockopt+0x25a/0x3e0 [ 316.982883][T13127] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 316.982901][T13127] ? __fget_files+0x2a/0x420 [ 316.982927][T13127] __x64_sys_setsockopt+0x18b/0x220 [ 316.982945][T13127] do_syscall_64+0xfa/0x3b0 [ 316.982956][T13127] ? lockdep_hardirqs_on+0x9c/0x150 [ 316.982973][T13127] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 316.982985][T13127] ? clear_bhb_loop+0x60/0xb0 [ 316.982999][T13127] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 316.983011][T13127] RIP: 0033:0x7f7dd7b8e929 [ 316.983023][T13127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 316.983034][T13127] RSP: 002b:00007f7dd8911038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 316.983048][T13127] RAX: ffffffffffffffda RBX: 00007f7dd7db5fa0 RCX: 00007f7dd7b8e929 [ 316.983057][T13127] RDX: 0000000000000004 RSI: 000000000000011b RDI: 0000000000000005 [ 316.983065][T13127] RBP: 00007f7dd8911090 R08: 0000000000000020 R09: 0000000000000000 [ 316.983072][T13127] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001 [ 316.983086][T13127] R13: 0000000000000000 R14: 00007f7dd7db5fa0 R15: 00007ffe8a3de1e8 [ 316.983106][T13127] [ 317.333703][ T5837] Bluetooth: hci1: command tx timeout [ 317.404331][T13118] netdevsim netdevsim6 netdevsim0: set [1, 1] type 2 family 0 port 45460 - 0 [ 317.413574][T13118] netdevsim netdevsim6 netdevsim1: set [1, 1] type 2 family 0 port 45460 - 0 [ 317.423512][T13118] netdevsim netdevsim6 netdevsim2: set [1, 1] type 2 family 0 port 45460 - 0 [ 317.439537][T13118] netdevsim netdevsim6 netdevsim3: set [1, 1] type 2 family 0 port 45460 - 0 [ 317.465091][T13118] geneve3: entered promiscuous mode [ 317.470450][T13118] geneve3: entered allmulticast mode [ 317.790371][T13055] chnl_net:caif_netlink_parms(): no params data found [ 317.967968][T13149] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1998'. [ 318.066108][T13055] bridge0: port 1(bridge_slave_0) entered blocking state [ 318.083516][T13055] bridge0: port 1(bridge_slave_0) entered disabled state [ 318.092465][T13055] bridge_slave_0: entered allmulticast mode [ 318.101951][T13055] bridge_slave_0: entered promiscuous mode [ 318.119356][T13055] bridge0: port 2(bridge_slave_1) entered blocking state [ 318.127664][T13055] bridge0: port 2(bridge_slave_1) entered disabled state [ 318.136180][T13055] bridge_slave_1: entered allmulticast mode [ 318.150139][T13055] bridge_slave_1: entered promiscuous mode [ 318.230286][T13055] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 318.244445][T13055] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 318.322409][T13162] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2003'. [ 318.353442][T13162] openvswitch: netlink: nsh attribute has 1 unknown bytes. [ 318.373846][T13055] team0: Port device team_slave_0 added [ 318.385013][T13162] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 318.409854][T13055] team0: Port device team_slave_1 added [ 318.511025][T13055] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 318.520152][T13055] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 318.550358][T13055] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 318.564546][T13055] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 318.574918][T13055] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 318.623736][T13055] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 318.710286][T13171] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2005'. [ 318.746023][T13171] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2005'. [ 318.797827][T13055] hsr_slave_0: entered promiscuous mode [ 318.806253][T13055] hsr_slave_1: entered promiscuous mode [ 318.816643][T13173] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input11 [ 319.046410][T13180] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2008'. [ 319.065966][T13180] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2008'. [ 319.311561][T13189] xt_connbytes: Forcing CT accounting to be enabled [ 319.325581][T13189] set match dimension is over the limit! [ 319.367229][ T5837] Bluetooth: hci1: command tx timeout [ 319.865860][T13215] netlink: 'syz.6.2021': attribute type 36 has an invalid length. [ 320.409858][T13227] netlink: 'syz.1.2024': attribute type 1 has an invalid length. [ 320.447788][T13227] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2024'. [ 320.597794][ T5837] block nbd3: Receive control failed (result -32) [ 320.753573][T13224] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2023'. [ 320.805151][T13055] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 320.821082][T13224] xt_TCPMSS: Only works on TCP SYN packets [ 320.862348][T13055] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 320.953877][T13234] 8021q: VLANs not supported on sit0 [ 320.980828][T13234] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 320.989960][T13234] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 320.998256][T13234] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 321.006542][T13234] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 321.021273][T13055] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 321.030596][T13236] netlink: 'syz.5.2026': attribute type 4 has an invalid length. [ 321.059686][T13055] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 321.245213][T13242] bridge0: port 1(wlan0) entered blocking state [ 321.262840][T13242] bridge0: port 1(wlan0) entered disabled state [ 321.274277][T13242] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode [ 321.330500][T13242] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode [ 321.449213][ T5837] Bluetooth: hci1: command tx timeout [ 321.635688][T13055] 8021q: adding VLAN 0 to HW filter on device bond0 [ 321.694980][T13055] 8021q: adding VLAN 0 to HW filter on device team0 [ 321.722384][ T7144] bridge0: port 1(bridge_slave_0) entered blocking state [ 321.729661][ T7144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 321.755286][ T7144] bridge0: port 2(bridge_slave_1) entered blocking state [ 321.762720][ T7144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 322.106338][T13275] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2039'. [ 322.350008][T13055] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 322.489587][T13055] veth0_vlan: entered promiscuous mode [ 322.521917][T13055] veth1_vlan: entered promiscuous mode [ 322.619775][T13295] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2044'. [ 322.629724][T13293] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2046'. [ 322.841092][T13055] veth0_macvtap: entered promiscuous mode [ 322.889127][T13055] veth1_macvtap: entered promiscuous mode [ 322.936654][T13305] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2049'. [ 322.943030][T13307] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2048'. [ 322.975699][T13055] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 322.983454][T13307] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2048'. [ 323.012942][T13055] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 323.035624][T13309] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2048'. [ 323.046011][T13307] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 323.056867][T13307] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 323.065184][T13307] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 323.073605][T13307] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 323.166452][T13309] netdevsim netdevsim0 eth0: set [1, 1] type 2 family 0 port 59583 - 0 [ 323.195264][T13309] netdevsim netdevsim0 eth1: set [1, 1] type 2 family 0 port 59583 - 0 [ 323.220693][T13309] netdevsim netdevsim0 eth2: set [1, 1] type 2 family 0 port 59583 - 0 [ 323.237398][T13309] netdevsim netdevsim0 eth3: set [1, 1] type 2 family 0 port 59583 - 0 [ 323.259439][T13309] geneve3: entered promiscuous mode [ 323.264711][T13309] geneve3: entered allmulticast mode [ 323.294380][T13055] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 323.307455][T13055] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 323.316383][T13055] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 323.325508][T13055] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 323.410931][T13319] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2055'. [ 323.628089][ T7149] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 323.644522][ T7149] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 323.818920][ T7144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 323.846027][ T7144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 324.033804][T13342] netlink: 'syz.5.2064': attribute type 36 has an invalid length. [ 324.263357][T13349] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2068'. [ 324.440025][T13362] netlink: 'syz.0.2070': attribute type 36 has an invalid length. [ 324.792172][ T7144] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 324.792180][T13372] block nbd4: Unsupported socket: shutdown callout must be supported. [ 324.947038][ T7144] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 325.028204][ T7144] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 325.116401][ T7144] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 325.252354][ T7144] bridge_slave_1: left allmulticast mode [ 325.258232][ T7144] bridge_slave_1: left promiscuous mode [ 325.265068][ T7144] bridge0: port 2(bridge_slave_1) entered disabled state [ 325.274415][ T7144] bridge_slave_0: left allmulticast mode [ 325.281147][ T7144] bridge_slave_0: left promiscuous mode [ 325.287233][ T7144] bridge0: port 1(bridge_slave_0) entered disabled state [ 325.717905][ T7144] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 325.762658][ T7144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 325.780152][T13379] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2078'. [ 325.815408][ T7144] bond0 (unregistering): Released all slaves [ 326.327171][ T31] INFO: task syz.3.692:8424 blocked for more than 143 seconds. [ 326.334870][ T31] Not tainted 6.16.0-rc1-syzkaller-00196-g08207f42d3ff #0 [ 326.356912][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 326.393157][ T31] task:syz.3.692 state:D stack:25368 pid:8424 tgid:8423 ppid:5847 task_flags:0x400040 flags:0x00004004 [ 326.453979][ T31] Call Trace: [ 326.457746][ T31] [ 326.460730][ T31] __schedule+0x16f5/0x4d00 [ 326.465299][ T31] ? __lock_acquire+0xab9/0xd20 [ 326.511085][ T31] ? schedule+0x165/0x360 [ 326.515514][ T31] ? __pfx___schedule+0x10/0x10 [ 326.542584][ T31] ? schedule+0x91/0x360 [ 326.582993][ T31] schedule+0x165/0x360 [ 326.606848][ T31] schedule_preempt_disabled+0x13/0x30 [ 326.612470][ T31] __mutex_lock+0x724/0xe80 [ 326.656525][ T31] ? __mutex_lock+0x51b/0xe80 [ 326.713514][ T31] ? nfsd_nl_rpc_status_get_dumpit+0xd9/0x1280 [ 326.728178][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 326.733470][ T31] ? stack_trace_save+0x9c/0xe0 [ 326.760186][ T31] nfsd_nl_rpc_status_get_dumpit+0xd9/0x1280 [ 326.766258][ T31] ? kasan_save_track+0x4f/0x80 [ 326.785686][ T31] ? kasan_save_track+0x3e/0x80 [ 326.790792][ T31] ? __kasan_kmalloc+0x93/0xb0 [ 326.795599][ T31] ? __kmalloc_node_track_caller_noprof+0x271/0x4e0 [ 326.822815][ T31] ? kmalloc_reserve+0x136/0x290 [ 326.839601][ T31] ? __alloc_skb+0x142/0x2d0 [ 326.844774][ T31] ? netlink_dump+0x22b/0xe20 [ 326.855424][ T31] ? genl_family_rcv_msg_dumpit+0x1e7/0x2c0 [ 326.865401][ T31] ? genl_rcv_msg+0x5da/0x790 [ 326.876440][ T31] ? netlink_rcv_skb+0x205/0x470 [ 326.885218][ T31] ? __pfx_nfsd_nl_rpc_status_get_dumpit+0x10/0x10 [ 326.896997][ T31] ? __sock_sendmsg+0x219/0x270 [ 326.901906][ T31] ? ____sys_sendmsg+0x505/0x830 [ 326.915742][ T31] ? ___sys_sendmsg+0x21f/0x2a0 [ 326.920840][ T31] ? __x64_sys_sendmsg+0x19b/0x260 [ 326.925981][ T31] ? do_syscall_64+0xfa/0x3b0 [ 326.938693][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 326.944867][ T31] ? rcu_is_watching+0x15/0xb0 [ 326.958817][ T31] ? trace_kmalloc+0x1f/0xd0 [ 326.963464][ T31] ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0 [ 326.982268][ T31] ? __build_skb_around+0x257/0x3e0 [ 326.996783][ T31] genl_dumpit+0x108/0x1b0 [ 327.001273][ T31] netlink_dump+0x62d/0xe20 [ 327.005960][ T31] ? __pfx_netlink_dump+0x10/0x10 [ 327.043101][ T31] ? genl_start+0x499/0x6c0 [ 327.048087][ T31] __netlink_dump_start+0x5cb/0x7e0 [ 327.053342][ T31] genl_family_rcv_msg_dumpit+0x1e7/0x2c0 [ 327.076953][ T31] ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10 [ 327.083362][ T31] ? genl_get_cmd+0x496/0x910 [ 327.096836][ T31] ? __pfx_genl_start+0x10/0x10 [ 327.101755][ T31] ? __pfx_genl_dumpit+0x10/0x10 [ 327.116913][ T31] ? __pfx_genl_done+0x10/0x10 [ 327.121761][ T31] genl_rcv_msg+0x5da/0x790 [ 327.126314][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 327.146839][ T31] ? __pfx_nfsd_nl_rpc_status_get_dumpit+0x10/0x10 [ 327.153682][ T31] netlink_rcv_skb+0x205/0x470 [ 327.166884][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 327.172231][ T31] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 327.184282][ T31] ? down_read+0x1ad/0x2e0 [ 327.188908][ T31] genl_rcv+0x28/0x40 [ 327.192972][ T31] netlink_unicast+0x758/0x8d0 [ 327.198100][ T31] netlink_sendmsg+0x805/0xb30 [ 327.203183][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 327.209008][ T31] ? aa_sock_msg_perm+0x94/0x160 [ 327.213978][ T31] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 327.219335][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 327.224639][ T31] __sock_sendmsg+0x219/0x270 [ 327.229536][ T31] ____sys_sendmsg+0x505/0x830 [ 327.234343][ T31] ? __pfx_____sys_sendmsg+0x10/0x10 [ 327.239829][ T31] ? import_iovec+0x74/0xa0 [ 327.244358][ T31] ___sys_sendmsg+0x21f/0x2a0 [ 327.249970][ T31] ? __pfx____sys_sendmsg+0x10/0x10 [ 327.255274][ T31] ? __fget_files+0x2a/0x420 [ 327.259993][ T31] ? __fget_files+0x3a0/0x420 [ 327.264824][ T31] __x64_sys_sendmsg+0x19b/0x260 [ 327.270047][ T31] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 327.275748][ T31] ? rcu_is_watching+0x15/0xb0 [ 327.281538][ T31] ? do_syscall_64+0xbe/0x3b0 [ 327.286268][ T31] do_syscall_64+0xfa/0x3b0 [ 327.291430][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 327.296694][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 327.302996][ T31] ? clear_bhb_loop+0x60/0xb0 [ 327.307892][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 327.313803][ T31] RIP: 0033:0x7f31dd38e929 [ 327.318317][ T31] RSP: 002b:00007f31de1ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 327.326783][ T31] RAX: ffffffffffffffda RBX: 00007f31dd5b5fa0 RCX: 00007f31dd38e929 [ 327.334781][ T31] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003 [ 327.342850][ T31] RBP: 00007f31dd410b39 R08: 0000000000000000 R09: 0000000000000000 [ 327.350986][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 327.359336][ T31] R13: 0000000000000000 R14: 00007f31dd5b5fa0 R15: 00007ffeda4f2588 [ 327.367738][ T31] [ 327.370878][ T31] [ 327.370878][ T31] Showing all locks held in the system: [ 327.379240][ T31] 1 lock held by khungtaskd/31: [ 327.384128][ T31] #0: ffffffff8e13eda0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 327.397645][ T31] 2 locks held by getty/5601: [ 327.402721][ T31] #0: ffff88814cae20a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 327.437676][ T31] #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400 [ 327.487072][ T31] 5 locks held by syz-executor/5848: [ 327.492560][ T31] #0: ffff8880335a4d80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x1fe/0x500 [ 327.537627][ T31] #1: ffff8880335a4078 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330 [ 327.565145][ T31] #2: ffffffff8f6784a8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x230 [ 327.575799][ T31] #3: ffff8880283a0338 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x70/0x680 [ 327.595211][ T31] #4: ffffffff8e1448b8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x3b9/0x730 [ 327.606257][ T31] 2 locks held by kworker/0:8/5918: [ 327.627132][ T31] #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 327.647992][ T31] #1: ffffc90004d9fbc0 (free_ipc_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 327.666965][ T31] 4 locks held by kworker/1:3/5937: [ 327.672210][ T31] 2 locks held by kworker/u8:9/6608: [ 327.686481][ T31] #0: ffff8880b863b918 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 327.706386][ T31] #1: ffffc9000b617bc0 ((work_completion)(&(&kfence_timer)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 327.774054][ T31] 4 locks held by kworker/u8:20/7144: [ 327.779956][ T31] #0: ffff88801b2fe148 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 327.815306][ T31] #1: ffffc9000214fbc0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 327.846329][ T31] #2: ffffffff8f503610 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x800 [ 327.876481][ T31] #3: ffffffff8e1448b8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x3b9/0x730 [ 327.897558][ T31] 3 locks held by kworker/1:8/7267: [ 327.902824][ T31] 2 locks held by syz.4.594/8070: [ 327.916314][ T31] #0: ffffffff8f576630 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 327.926462][ T31] #1: ffffffff8e41cd68 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0x12a/0x1650 [ 327.946813][ T31] 3 locks held by syz.3.692/8424: [ 327.951894][ T31] #0: ffffffff8f576630 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 327.972967][ T31] #1: ffff888021f9e6d0 (nlk_cb_mutex-GENERIC){+.+.}-{4:4}, at: __netlink_dump_start+0xfe/0x7e0 [ 327.986976][ T31] #2: ffffffff8e41cd68 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_rpc_status_get_dumpit+0xd9/0x1280 [ 328.007954][ T31] 3 locks held by syz-executor/8635: [ 328.013297][ T31] #0: ffff88807cc60d80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x1fe/0x500 [ 328.026931][ T31] #1: ffff88807cc60078 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330 [ 328.036677][ T31] #2: ffffffff8f6784a8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x230 [ 328.066091][ T31] 3 locks held by syz.6.2087/13396: [ 328.071439][ T31] #0: ffff88807d124d80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x1fe/0x500 [ 328.095216][ T31] #1: ffff88807d124078 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330 [ 328.114070][ T31] #2: ffffffff8f6784a8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x230 [ 328.126134][ T31] [ 328.168109][ T31] ============================================= [ 328.168109][ T31] [ 328.187375][ T31] NMI backtrace for cpu 0 [ 328.187398][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc1-syzkaller-00196-g08207f42d3ff #0 PREEMPT(full) [ 328.187423][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 328.187434][ T31] Call Trace: [ 328.187442][ T31] [ 328.187451][ T31] dump_stack_lvl+0x189/0x250 [ 328.187484][ T31] ? __wake_up_klogd+0xd9/0x110 [ 328.187511][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 328.187540][ T31] ? __pfx__printk+0x10/0x10 [ 328.187583][ T31] nmi_cpu_backtrace+0x39e/0x3d0 [ 328.187613][ T31] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 328.187637][ T31] ? _printk+0xcf/0x120 [ 328.187663][ T31] ? __pfx__printk+0x10/0x10 [ 328.187687][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 328.187716][ T31] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 328.187746][ T31] watchdog+0xfee/0x1030 [ 328.187789][ T31] ? watchdog+0x1de/0x1030 [ 328.187825][ T31] kthread+0x70e/0x8a0 [ 328.187852][ T31] ? __pfx_watchdog+0x10/0x10 [ 328.187876][ T31] ? __pfx_kthread+0x10/0x10 [ 328.187901][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 328.187928][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 328.187954][ T31] ? __pfx_kthread+0x10/0x10 [ 328.187978][ T31] ret_from_fork+0x3fc/0x770 [ 328.188008][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 328.188043][ T31] ? __switch_to_asm+0x39/0x70 [ 328.188062][ T31] ? __switch_to_asm+0x33/0x70 [ 328.188080][ T31] ? __pfx_kthread+0x10/0x10 [ 328.188104][ T31] ret_from_fork_asm+0x1a/0x30 [ 328.188142][ T31] [ 328.188149][ T31] Sending NMI from CPU 0 to CPUs 1: [ 328.352317][ C1] NMI backtrace for cpu 1 [ 328.352336][ C1] CPU: 1 UID: 0 PID: 13402 Comm: syz.1.2089 Not tainted 6.16.0-rc1-syzkaller-00196-g08207f42d3ff #0 PREEMPT(full) [ 328.352356][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 328.352365][ C1] RIP: 0010:memset_orig+0x60/0xb0 [ 328.352387][ C1] Code: 48 89 47 08 48 89 47 10 48 89 47 18 48 89 47 20 48 89 47 28 48 89 47 30 48 89 47 38 48 8d 7f 40 75 d8 0f 1f 84 00 00 00 00 00 <89> d1 83 e1 38 74 14 c1 e9 03 66 0f 1f 44 00 00 ff c9 48 89 07 48 [ 328.352400][ C1] RSP: 0018:ffffc90004def4f0 EFLAGS: 00000246 [ 328.352417][ C1] RAX: 0000000000000000 RBX: ffffc90004def600 RCX: 0000000000000000 [ 328.352428][ C1] RDX: 0000000000000010 RSI: 0000000000000000 RDI: ffffc90004def618 [ 328.352438][ C1] RBP: dffffc0000000000 R08: ffffc90004def627 R09: 0000000000000000 [ 328.352449][ C1] R10: ffffc90004def618 R11: fffff520009bdec5 R12: ffffc90004def930 [ 328.352460][ C1] R13: ffffc90004def618 R14: ffffc90004def5c8 R15: ffffc90004def610 [ 328.352472][ C1] FS: 0000000000000000(0000) GS:ffff888125d52000(0000) knlGS:0000000000000000 [ 328.352485][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 328.352496][ C1] CR2: 00007fc070665e9c CR3: 000000000df38000 CR4: 00000000003526f0 [ 328.352512][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 328.352521][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 328.352532][ C1] Call Trace: [ 328.352538][ C1] [ 328.352544][ C1] unwind_next_frame+0xc98/0x2390 [ 328.352571][ C1] ? unwind_next_frame+0xa5/0x2390 [ 328.352593][ C1] ? vfree+0x25a/0x400 [ 328.352611][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 328.352628][ C1] arch_stack_walk+0x11c/0x150 [ 328.352646][ C1] ? vfree+0x353/0x400 [ 328.352662][ C1] stack_trace_save+0x9c/0xe0 [ 328.352678][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 328.352699][ C1] save_stack+0xf5/0x1f0 [ 328.352715][ C1] ? __pfx_save_stack+0x10/0x10 [ 328.352728][ C1] ? __free_frozen_pages+0xc71/0xe70 [ 328.352743][ C1] ? vfree+0x25a/0x400 [ 328.352770][ C1] ? page_ext_put+0x97/0xc0 [ 328.352788][ C1] __reset_page_owner+0x71/0x1f0 [ 328.352804][ C1] __free_frozen_pages+0xc71/0xe70 [ 328.352824][ C1] vfree+0x25a/0x400 [ 328.352840][ C1] vfree+0x353/0x400 [ 328.352855][ C1] ? __pfx_kcov_close+0x10/0x10 [ 328.352875][ C1] kcov_close+0x28/0x50 [ 328.352893][ C1] __fput+0x44c/0xa70 [ 328.352917][ C1] task_work_run+0x1d1/0x260 [ 328.352936][ C1] ? __pfx_task_work_run+0x10/0x10 [ 328.352956][ C1] ? kmem_cache_free+0x18f/0x400 [ 328.352973][ C1] do_exit+0x6ad/0x22e0 [ 328.352994][ C1] ? do_raw_spin_lock+0x121/0x290 [ 328.353012][ C1] ? __pfx_do_exit+0x10/0x10 [ 328.353027][ C1] ? cgroup_freezing+0x20/0x360 [ 328.353053][ C1] do_group_exit+0x21c/0x2d0 [ 328.353070][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 328.353094][ C1] get_signal+0x1286/0x1340 [ 328.353125][ C1] arch_do_signal_or_restart+0x9a/0x750 [ 328.353145][ C1] ? blkcg_maybe_throttle_current+0x1ab/0xb40 [ 328.353166][ C1] ? kmem_cache_free+0x309/0x400 [ 328.353181][ C1] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 328.353207][ C1] ? exit_to_user_mode_loop+0x40/0x110 [ 328.353229][ C1] exit_to_user_mode_loop+0x75/0x110 [ 328.353249][ C1] do_syscall_64+0x2bd/0x3b0 [ 328.353264][ C1] ? lockdep_hardirqs_on+0x9c/0x150 [ 328.353285][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 328.353301][ C1] ? clear_bhb_loop+0x60/0xb0 [ 328.353319][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 328.353333][ C1] RIP: 0033:0x7f431798e929 [ 328.353346][ C1] Code: Unable to access opcode bytes at 0x7f431798e8ff. [ 328.353354][ C1] RSP: 002b:00007fff8b097548 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 328.353370][ C1] RAX: 0000000000000000 RBX: 000000000004fa97 RCX: 00007f431798e929 [ 328.353380][ C1] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 328.353389][ C1] RBP: 00007f4317bb7ba0 R08: 0000000000000001 R09: 0000000c8b09783f [ 328.353400][ C1] R10: 00007f4317800000 R11: 0000000000000246 R12: 00007f4317bb5fac [ 328.353410][ C1] R13: 00007f4317bb5fa0 R14: ffffffffffffffff R15: 00007fff8b097660 [ 328.353430][ C1] [ 328.774283][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 328.781169][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc1-syzkaller-00196-g08207f42d3ff #0 PREEMPT(full) [ 328.792993][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 328.803149][ T31] Call Trace: [ 328.806565][ T31] [ 328.809530][ T31] dump_stack_lvl+0x99/0x250 [ 328.814180][ T31] ? __asan_memcpy+0x40/0x70 [ 328.818809][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 328.824055][ T31] ? __pfx__printk+0x10/0x10 [ 328.828774][ T31] panic+0x2db/0x790 [ 328.832722][ T31] ? __pfx_panic+0x10/0x10 [ 328.837167][ T31] ? nmi_backtrace_stall_check+0x433/0x440 [ 328.843004][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 328.848409][ T31] ? nmi_trigger_cpumask_backtrace+0x2b6/0x300 [ 328.854777][ T31] watchdog+0x102d/0x1030 [ 328.859137][ T31] ? watchdog+0x1de/0x1030 [ 328.863590][ T31] kthread+0x70e/0x8a0 [ 328.867734][ T31] ? __pfx_watchdog+0x10/0x10 [ 328.874320][ T31] ? __pfx_kthread+0x10/0x10 [ 328.879788][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 328.885405][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 328.891560][ T31] ? __pfx_kthread+0x10/0x10 [ 328.896473][ T31] ret_from_fork+0x3fc/0x770 [ 328.901224][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 328.906479][ T31] ? __switch_to_asm+0x39/0x70 [ 328.912602][ T31] ? __switch_to_asm+0x33/0x70 [ 328.917471][ T31] ? __pfx_kthread+0x10/0x10 [ 328.922124][ T31] ret_from_fork_asm+0x1a/0x30 [ 328.926948][ T31] [ 328.930277][ T31] Kernel Offset: disabled [ 328.934611][ T31] Rebooting in 86400 seconds..