last executing test programs: 3.104825609s ago: executing program 2 (id=1002): r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594f90b24fc60", 0x8c0}], 0x1}, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) bind$netlink(r1, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfb, 0x2}, 0xc) sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000200001"], 0xb8}}, 0x0) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080)={0x1, 0xffffffffffffffff}, 0x4) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000600)={'ip_vti0\x00', &(0x7f0000000a00)={'tunl0\x00', 0x0, 0x700, 0x7, 0x6, 0x80000000, {{0x41, 0x4, 0x1, 0xd, 0x104, 0x65, 0x0, 0x68, 0x8cc596d9c333c4aa, 0x0, @local, @local, {[@timestamp_prespec={0x44, 0xc, 0xe4, 0x3, 0xc, [{@broadcast, 0x1}]}, @timestamp={0x44, 0x14, 0x3a, 0x0, 0x9, [0x3, 0x1000, 0x8, 0x3d2]}, @rr={0x7, 0x2b, 0xa5, [@multicast2, @multicast1, @initdev={0xac, 0x1e, 0x1, 0x0}, @rand_addr=0x64010100, @remote, @broadcast, @private=0xa010101, @empty, @private=0xa010102, @rand_addr=0x64010100]}, @timestamp_addr={0x44, 0x4c, 0x9, 0x1, 0x9, [{@dev={0xac, 0x14, 0x14, 0x2e}, 0x3}, {@private=0xa010101, 0xfffff053}, {@multicast2, 0x200}, {@empty, 0x7fffffff}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x2}, {@local, 0x81}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x6}, {@loopback, 0x82a}, {@loopback, 0x8}]}, @timestamp_prespec={0x44, 0x3c, 0x1e, 0x3, 0x7, [{@local, 0xf8}, {@local, 0x2}, {@rand_addr=0x64010102, 0xffff}, {@multicast1, 0x3}, {@rand_addr=0x64010100, 0x9}, {@broadcast, 0x10}, {@remote, 0x7}]}, @end, @timestamp_addr={0x44, 0x1c, 0x28, 0x1, 0x8, [{@multicast2, 0x3}, {@multicast2, 0x800}, {@local, 0x4}]}]}}}}}) r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000640)={&(0x7f0000000b40)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x9f, 0x9f, 0x3, [@const={0x6, 0x0, 0x0, 0xa, 0x3}, @datasec={0x5, 0x7, 0x0, 0xf, 0x3, [{0x4, 0x80000001}, {0x2, 0x6, 0xe7d5}, {0x4, 0x1, 0x200}, {0x1, 0xff, 0xffff0000}, {0x5, 0xfffff801, 0x8000}, {0x6, 0x3, 0x6}, {0x3, 0x8, 0x9}], "bb2889"}, @enum64={0x10, 0x3, 0x0, 0x13, 0x1, 0x4, [{0x7, 0x0, 0xfffffff8}, {0x5, 0x1d840}, {0x3, 0xb, 0x7}]}]}, {0x0, [0xe]}}, &(0x7f0000002c80)=""/4096, 0xbb, 0x1000, 0x0, 0x81, 0x10000, @value}, 0x28) r6 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000d80), 0x2, 0x0) write$cgroup_subtree(r6, &(0x7f0000000dc0)={[{0x2b, 'blkio'}, {0x2b, 'net'}, {0x2b, 'io'}, {0x2d, 'devices'}, {0x2b, 'net'}, {0x2b, 'net_cls'}, {0x0, 'rlimit'}]}, 0x2f) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000cc0)={0x6, 0x2f, &(0x7f0000000880)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7fff}, {}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0x8}, @map_idx_val={0x18, 0x5, 0x6, 0x0, 0x5, 0x0, 0x0, 0x0, 0x9}, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}, @map_idx_val={0x18, 0x6, 0x6, 0x0, 0xe, 0x0, 0x0, 0x0, 0x10001}, @call={0x85, 0x0, 0x0, 0x20}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000001c0)='GPL\x00', 0x7, 0x16, &(0x7f00000005c0)=""/22, 0x0, 0x40, '\x00', r4, 0x25, r5, 0x8, &(0x7f0000000c00)={0x7, 0x2}, 0x8, 0x10, &(0x7f0000000c40)={0x3, 0x7, 0xfffffffe, 0x2}, 0x10, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000c80)=[{0x3, 0x1, 0xf, 0x1}, {0x1, 0x5, 0xb, 0x9}], 0x10, 0x5, @void, @value}, 0x94) r7 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r7, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) r8 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r8, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/5, 0x214000, 0x800}, 0x20) setsockopt$XDP_TX_RING(r8, 0x11b, 0x3, &(0x7f00000001c0)=0x200000, 0x4) r9 = socket$tipc(0x1e, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000380)={'team_slave_1\x00', 0x0}) setsockopt$XDP_UMEM_COMPLETION_RING(r8, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4) setsockopt$XDP_UMEM_FILL_RING(r8, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4) bind$xdp(r8, &(0x7f0000000100)={0x2c, 0x8, r10}, 0x10) getsockopt$XDP_STATISTICS(r8, 0x11b, 0x7, &(0x7f0000000040), &(0x7f00000000c0)=0x30) socket$nl_netfilter(0x10, 0x3, 0xc) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x11, r7, 0xda682000) r11 = socket$igmp(0x2, 0x3, 0x2) getsockopt$inet_opts(r11, 0x0, 0xc, 0x0, &(0x7f0000000780)) mmap(&(0x7f0000001000/0x3000)=nil, 0x30000, 0x0, 0x11, r7, 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) recvmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000003c0)=""/202, 0xca}, {&(0x7f0000002b80)=""/207, 0xcf}, {&(0x7f0000000740)=""/117, 0x75}, {&(0x7f00000007c0)=""/192, 0xc0}, {&(0x7f0000003cc0)=""/4062, 0xfde}, {&(0x7f00000002c0)=""/194, 0xc2}, {&(0x7f0000001b40)=""/130, 0x82}, {&(0x7f0000000200)=""/72, 0x48}, {&(0x7f00000070c0)=""/4096, 0x1000}, {&(0x7f00000004c0)=""/249, 0xf9}], 0xa}, 0x0) 2.601338806s ago: executing program 0 (id=1010): r0 = socket$inet(0xa, 0x801, 0x84) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_SOCKET_KEY={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x7c}}, 0x0) connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r0, 0x8) r2 = accept4(r0, 0x0, 0x0, 0x0) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f0000000140)={0x1, [0x0]}, &(0x7f0000000240)=0x8) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x10, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x0, 0x1, 0x45}], {0x95, 0x0, 0x700}}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, &(0x7f0000000240)={r4}, &(0x7f0000000140)=0x8) 2.358516022s ago: executing program 1 (id=1011): r0 = socket$kcm(0x10, 0x2, 0x0) r1 = socket(0x2b, 0x1, 0x0) r2 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c) r3 = socket$inet_dccp(0x2, 0x6, 0x0) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x19, 0xf, &(0x7f0000000080)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {0x85, 0x0, 0x0, 0x39}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0xba}}}, &(0x7f0000001a00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) listen(r2, 0x5) connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e20, @local}, 0x10) sendmmsg(r3, &(0x7f0000006040)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x3, 0x4084) listen(r1, 0x0) r5 = socket$kcm(0x10, 0x400000002, 0x0) write$cgroup_subtree(r5, &(0x7f0000000100)=ANY=[@ANYBLOB="0007000042009103"], 0xfe33) recvmsg(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001240)=[{&(0x7f0000004580)=""/4095, 0xfff}, {&(0x7f0000000140)=""/4092, 0xffc}, {&(0x7f0000001140)=""/181, 0xb5}], 0x3}, 0x0) setsockopt$sock_timeval(r1, 0x1, 0x14, &(0x7f0000454ff0)={0x0, 0x2710}, 0x10) accept4$nfc_llcp(r1, 0x0, 0x0, 0x0) setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000001200)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0x14) sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0) r6 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)) sendmsg$nl_route_sched(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000840)=@newqdisc={0x38, 0x24, 0xd0f, 0x70bd2b, 0x0, {0x60, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0xa}}, [@qdisc_kind_options=@q_pie={{0x8}, {0xc, 0x2, [@TCA_PIE_BYTEMODE={0x8, 0x7, 0x1}]}}]}, 0x38}}, 0x0) r7 = socket(0x15, 0x5, 0x0) getsockopt(r7, 0x200000000114, 0x2721, 0x0, &(0x7f0000000040)) mmap(&(0x7f0000fa2000/0x4000)=nil, 0x4000, 0x0, 0x82011, 0xffffffffffffffff, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) 2.186890204s ago: executing program 1 (id=1012): socket$nl_route(0x10, 0x3, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000003c0)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, 0x0, 0x10) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x30004081) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x52cc) listen(r0, 0x9) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r4, @ANYBLOB="010000000000fbdbdf250100000008000200000000000500050000000000080003000100000048000180050002002000000006000100020000000800060003000000080003"], 0x84}}, 0x20000000) sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)={0x14, r4, 0x1, 0x70bd2c, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x800) 1.958187734s ago: executing program 1 (id=1013): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000003100)={0x0, 0x0, &(0x7f00000030c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="4000000009060103010000000000000003000004100008800c2007800800094000000009050001000700000008000940"], 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x4080) 1.93720255s ago: executing program 2 (id=1014): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000180)={'wlan0\x00', 0x0}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_STATION(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)={0x34, r3, 0x1, 0x70bd2d, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_CHANNELS={0xa, 0xbd, [0x8, 0x1, 0x99ce]}]}, 0x34}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a300000000058000000030a0104000000000000000001000000090003803d2175fbe782c2002c00048008000240172af2e40800014000000003080002401c791e7108000240423930ce08000140000000030900010073797a300000000088000000060a010400000000000000000100000008000b4000000000140004801000"], 0x122}}, 0x0) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000040)={0x84, @loopback, 0x0, 0x0, 'sh\x00', 0x13}, 0x2c) r4 = socket$inet_sctp(0x2, 0x1, 0x84) sendmmsg$inet_sctp(r4, &(0x7f0000001680)=[{&(0x7f0000000000)=@in={0x2, 0xfffc, @loopback}, 0x10, &(0x7f0000000100)=[{0x0}], 0x1}], 0x1, 0xfc) 1.655126502s ago: executing program 1 (id=1016): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newlink={0x40, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @vti={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VTI_REMOTE={0x8, 0x5, @multicast2}]}}}, @IFLA_MASTER={0x8}]}, 0x40}, 0x1, 0x0, 0x0, 0x800}, 0x4000) (async) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newlink={0x40, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @vti={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VTI_REMOTE={0x8, 0x5, @multicast2}]}}}, @IFLA_MASTER={0x8}]}, 0x40}, 0x1, 0x0, 0x0, 0x800}, 0x4000) sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)=@newtaction={0x6c, 0x30, 0x48b, 0x1000, 0x0, {}, [{0x58, 0x1, [@m_nat={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x9, 0xfc000000, 0x7, 0x4, 0xfffffffd}, @multicast1, @empty, 0xffffffff}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0) (async) sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)=@newtaction={0x6c, 0x30, 0x48b, 0x1000, 0x0, {}, [{0x58, 0x1, [@m_nat={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x9, 0xfc000000, 0x7, 0x4, 0xfffffffd}, @multicast1, @empty, 0xffffffff}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) ioctl$TUNATTACHFILTER(r3, 0x401054d5, &(0x7f0000000000)={0x4, &(0x7f00000001c0)=[{0x25, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x37cb7880}, {0x0, 0xfe, 0x10}, {0x6, 0x0, 0x0, 0x8007}]}) mmap(&(0x7f0000159000/0x1000)=nil, 0x1000, 0x7, 0x31, 0xffffffffffffffff, 0x0) (async) mmap(&(0x7f0000159000/0x1000)=nil, 0x1000, 0x7, 0x31, 0xffffffffffffffff, 0x0) setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f00000002c0)={&(0x7f0000000000)=""/61, 0x32a000, 0x800, 0x200, 0x3}, 0x20) (async) setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f00000002c0)={&(0x7f0000000000)=""/61, 0x32a000, 0x800, 0x200, 0x3}, 0x20) mmap(&(0x7f0000001000/0xc00000)=nil, 0x200000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) sendmmsg(r2, &(0x7f0000000040), 0x0, 0x0) 1.603046209s ago: executing program 2 (id=1017): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_int(r0, 0x0, 0xb, &(0x7f0000000040)=0x3, 0x4) setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x1a, &(0x7f0000000200)={0x1, 'netdevsim0\x00'}, 0x18) syz_emit_ethernet(0xba, &(0x7f0000000440)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xac, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x0, 0x0, 0x3, 0x24, 0x0, {0x24, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8, @local, @multicast1, {[@cipso={0x86, 0x66, 0x0, [{0x5, 0xc, "e2ffb28c599d1681fb52"}, {0x0, 0x9, "789607671442eb"}, {0x5, 0xe, '\x00'/12}, {0x0, 0x9, "e706d30bd224f8"}, {0x0, 0x7, "cfa11cab1a"}, {0x0, 0x10, "8475be675de6a70a05a0dc91e5c6"}, {0x0, 0x9, "6580a5e97612fe"}, {0x0, 0x12, "240011000300"/16}, {0x0, 0x2}]}, @cipso={0x86, 0x15, 0x3, [{0x0, 0xf, "10329145cb6608154fc1f0ac37"}]}]}}}}}}}, 0x0) 1.542648612s ago: executing program 0 (id=1018): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', 0x0}) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1, 0x3, 0x261, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x400000, @void, @value, @void, @value}, 0x48) 1.427120918s ago: executing program 2 (id=1019): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000180)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32, 0x6}, 0x9c) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x12c, @loopback}, 0x1c) 1.306548429s ago: executing program 0 (id=1021): sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000014000780080008400000000008001240ffffffe80500010006000000050005000200000005000400000000000900020073"], 0x5c}}, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x49920d862a92153b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_XFRM_LINK={0x8, 0x3, 0x4}]}}}]}, 0x3c}}, 0x0) connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x0, @loopback}, 0x58) 1.141495118s ago: executing program 2 (id=1022): r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594f90b24fc60", 0x8c0}], 0x1}, 0x0) recvmsg$kcm(r0, &(0x7f0000000280)={0x0, 0xa1, &(0x7f0000000680)=[{&(0x7f00000003c0)=""/202, 0xca}, {&(0x7f0000002b80)=""/207, 0xcf}, {&(0x7f0000000740)=""/117, 0x75}, {&(0x7f00000007c0)=""/192, 0xc0}, {&(0x7f0000003cc0)=""/4062, 0xfde}, {&(0x7f00000002c0)=""/194, 0xc2}, {&(0x7f0000001b40)=""/130, 0x82}, {&(0x7f0000000200)=""/72, 0x48}, {&(0x7f00000070c0)=""/4096, 0x1000}, {&(0x7f00000004c0)=""/249, 0xf9}], 0xa}, 0x0) 986.959565ms ago: executing program 1 (id=1025): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000140)='nv\x00', 0x3) recvmsg(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)=[{0x0}], 0x1}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)=@getchain={0x24, 0x66, 0x100, 0x70bd2b, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0xd, 0xffff}, {0x6, 0xfff2}, {0x0, 0x8}}}, 0x24}}, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$MRT_DEL_VIF(r3, 0x0, 0x1a, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=@newqdisc={0x3c, 0x24, 0xd0f, 0x70bd2b, 0x0, {0x60, 0x0, 0x0, r4, {0x0, 0x8}, {0xffff, 0xffff}, {0x0, 0xc}}, [@qdisc_kind_options=@q_plug={{0x9}, {0xc, 0x2, {0x2, 0x7ffffffd}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80d1}, 0x3000c81c) sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0xffffffdd, 0xa}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1, 0x0, 0xa0}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x19, &(0x7f0000000000), 0xb5, 0x10, &(0x7f0000000000), 0x7, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x14}}, 0x10) sendmsg$inet(r0, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0) 973.857688ms ago: executing program 4 (id=1026): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000003100)={0x0, 0x0, &(0x7f00000030c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="4000000009060103010000000000000003000004100008800c2007800800094000000009050001000700000008000940"], 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x4080) 890.60591ms ago: executing program 4 (id=1027): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[], 0x4c}, 0x1, 0x0, 0x0, 0x20000881}, 0x4054) 814.957767ms ago: executing program 2 (id=1028): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509", 0x4e}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) recvmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000c00)=[{&(0x7f00000006c0)=""/214, 0xd6}, {&(0x7f0000000940)=""/270, 0x10e}, {&(0x7f0000002400)=""/4073, 0xfe9}, {&(0x7f0000000f00)=""/196, 0xc4}, {&(0x7f0000000300)=""/180, 0xb4}, {&(0x7f0000000cc0)=""/216, 0xd8}, {&(0x7f0000001000)=""/206, 0xce}, {&(0x7f0000000480)=""/68, 0x44}, {&(0x7f0000000500)=""/66, 0x42}, {&(0x7f0000000840)=""/176, 0xb0}, {&(0x7f0000000580)=""/237, 0xed}, {&(0x7f0000000240)=""/138, 0x8a}], 0xc}, 0x10100) recvmsg$kcm(r0, &(0x7f0000000900)={0x0, 0x0, 0x0}, 0x0) recvmsg$kcm(r0, &(0x7f0000000680)={0x0, 0x0, 0x0}, 0x0) recvmsg$kcm(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) recvmsg$kcm(r0, &(0x7f0000000440)={0x0, 0x1a, 0x0}, 0x0) 775.176142ms ago: executing program 3 (id=1030): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=@gettaction={0x60, 0x32, 0x9408f9ce2610ee65, 0x0, 0x0, {}, [@action_gd=@TCA_ACT_TAB={0x40, 0x1, [{0xc, 0x4, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7ff}}, {0xc, 0xd, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xf6bc}}, {0xc, 0x1e, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0xc, 0xe, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xffffffff}}, {0xc, 0x20, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}]}, @action_dump_flags=@TCA_ROOT_FLAGS={0x2e, 0x2, {0x0, 0x1}}]}, 0x60}, 0x1, 0x0, 0x0, 0x44}, 0x200000000000000) 701.371846ms ago: executing program 4 (id=1031): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="e50002000000000071113d00000000008510000002000000850000007d00000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000140), 0x4) setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f00000000c0)=@gcm_128={{0x304, 0x38}, "837ad552eed22b08", "e20000000000000010000000002000", '\x00', "d647cb0002ff00"}, 0x28) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x11a, 0x4, 0x0, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000280)=0x2, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xffe0}, {0xa, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x1c, 0x2, [@TCA_FQ_PLIMIT={0x8, 0x1, 0x9}, @TCA_FQ_FLOW_MAX_RATE={0x8, 0x2}, @TCA_FQ_FLOW_REFILL_DELAY={0x8, 0x9, 0x3}]}}]}, 0x48}}, 0x4) recvfrom$inet6(r0, 0x0, 0x12, 0x2, 0x0, 0x0) socket$nl_crypto(0x10, 0x3, 0x15) r5 = socket(0x11, 0x800000003, 0x0) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x3000004, 0x3032, 0xffffffffffffffff, 0x0) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000e00)=@broute={'broute\x00', 0x20, 0x5, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20001240], 0x0, 0x0, &(0x7f0000001240)=ANY=[@ANYBLOB="000000000000000000000000000000de000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000fcffffff0000000000000000000000007506478004f7fddc4ffeb7c100000000000000000000000000000000000000000000020000000000"]}, 0x108) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) r7 = socket(0x11, 0x2, 0x2000004) bind$packet(r7, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, 0x14) sendmsg$IPSET_CMD_SAVE(r7, 0x0, 0x4004840) bind$netlink(r6, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x80065c9}, 0xc) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x891) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010000030900010073797a30000000002c000000030a01010000000000000000010000000900010073797a3000000000090003007300a0000000060a01040000000000200000015b669024a54829a17d00000008000b400000000078000480340001800b000100657874686472000024000280080001400000000c080003400000000008000440000000220500020007000000400001800c0001006269747769736500300002800800034000000002080001400000001408000240000000120c00078006000100bb91000008000640000000000900010073797a30000000001400000011000100000000000000000007"], 0x114}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000600)) ioctl$SIOCGETMIFCNT_IN6(r5, 0x89e0, &(0x7f0000000100)={0x1}) 619.180963ms ago: executing program 3 (id=1032): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_type(r0, &(0x7f00000001c0), 0x2, 0x0) read(r1, 0x0, 0x0) 557.043776ms ago: executing program 3 (id=1033): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000180)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32, 0x6}, 0x9c) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x201, @loopback}, 0x1c) 499.368508ms ago: executing program 4 (id=1034): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000580)={'wpan0\x00'}) sendmsg$IEEE802154_LLSEC_SETPARAMS(r0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20008001}, 0x8004) 383.671564ms ago: executing program 3 (id=1035): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_tcp_int(r0, 0x6, 0x19, &(0x7f0000000000), 0x4) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000001380)='net_prio.prioidx\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000003, 0x12, r0, 0x0) 383.32853ms ago: executing program 4 (id=1036): socket$nl_route(0x10, 0x3, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000003c0)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, 0x0, 0x10) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x30004081) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x52cc) listen(r0, 0x9) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r4, @ANYBLOB="010000000000fbdbdf250100000008000200000000000500050000000000080003000100000048000180050002002000000006000100020000000800060003000000080003"], 0x84}}, 0x20000000) sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)={0x14, r4, 0x1, 0x70bd2c, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x800) 346.203652ms ago: executing program 0 (id=1037): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000003100)={0x0, 0x0, &(0x7f00000030c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="4000000009060103010000000000000003000004100008800c200780080009400000000905000100070000000800094000000fff09000200"], 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x4080) 230.649782ms ago: executing program 3 (id=1038): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap(&(0x7f0000abb000/0x1000)=nil, 0x1000, 0x0, 0x102000200032, 0xffffffffffffffff, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$sock_timeval(r1, 0x1, 0xd, &(0x7f0000abaff9)={0x0, 0xea60}, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) getpeername$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000100)=0x14) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x10, 0x3, 0x0) r6 = socket(0x10, 0x803, 0x2) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r6) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route_sched(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0x9}, {0xffff, 0xffff}, {0x0, 0x10}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newtfilter={0x3c, 0x28, 0xd27, 0x1000001, 0x0, {0x0, 0x0, 0x0, r7, {0xd, 0x9}, {0x6}, {0x0, 0xa}}, [@filter_kind_options=@f_flow={{0x9}, {0x4}}, @TCA_RATE={0x6, 0x5, {0x3, 0xc}}]}, 0x3c}}, 0x4000) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'team0\x00', 0x0}) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={0xffffffffffffffff, 0x58, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'macvtap0\x00', 0x0}) r11 = socket(0x2a, 0x2, 0x0) getsockname$packet(r11, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x44, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r12, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x9, 0x1}}}}]}, 0x44}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=@newtfilter={0x54, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r12, {0x0, 0x9}, {}, {0x1c, 0xfff1}}, [@filter_kind_options=@f_flow={{0x9}, {0x24, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_KEYS={0x8, 0x1, 0x8c30}, @TCA_FLOW_XOR={0x8}, @TCA_FLOW_BASECLASS={0x8, 0x3, {0xfff1, 0xb}}]}}]}, 0x54}}, 0x0) r13 = socket(0x10, 0x3, 0x0) r14 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r14, 0x8933, &(0x7f00000000c0)={'tunl0\x00', 0x0}) sendmsg$nl_route(r13, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="04020600000000000000cb03e436da", @ANYRES32=r15, @ANYBLOB="0000000000000000180012800900010069706970000000000800028004001300"], 0x38}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000003c0)={'syztnl0\x00', &(0x7f0000000340)={'syztnl0\x00', 0x0, 0x4, 0x5, 0x4, 0x6, 0xe, @dev={0xfe, 0x80, '\x00', 0x13}, @loopback, 0x8000, 0x8010, 0x9, 0x8}}) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000400)={@multicast2, @remote, 0x0}, &(0x7f0000000440)=0xc) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000500)={'ip6gre0\x00', &(0x7f0000000480)={'ip6tnl0\x00', 0x0, 0x2f, 0x9, 0x9, 0x80000001, 0x50, @private2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x1, 0x80, 0x9, 0x8}}) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000540)={'vxcan1\x00', 0x0}) sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r0, &(0x7f0000000780)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000740)={&(0x7f0000000580)=ANY=[@ANYBLOB="88010000", @ANYRES16=r2, @ANYBLOB="02002abd7000fbdbdf2506000000680001800800030001000000140002006272696467655f736c6176655f30000008000100", @ANYRES32=r3, @ANYBLOB="08000100", @ANYRES32=r7, @ANYBLOB="080003000200789c8dea5266726d3000000200000000000000001400020076657468305f746f5f628fc800be8b9b4e26000400", @ANYRES32=r8, @ANYBLOB="08000300000000000c000180080003000000000040000180080003000100000008000100", @ANYRES32=r9, @ANYBLOB="080003000100000008000100", @ANYRES32=r10, @ANYBLOB="1400020070696d3672656700000000000000000008000100", @ANYRES32=r12, @ANYBLOB="3c00018014000200697036677265746170300000000000001400020076657468300000000000000000000000080003000300000008000100", @ANYRES32=r15, @ANYBLOB="0c00018008000100", @ANYRES32=r16, @ANYBLOB="1c00018008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=r17, @ANYBLOB="08000300030000003c00018008000100", @ANYRES32=r18, @ANYBLOB="1400020076657468305f746f5f6272696467650014000200626f6e645f736c6176655f310000000008000300000000000c00018008000100", @ANYRES32=r19, @ANYBLOB], 0x188}, 0x1, 0x0, 0x0, 0x8000}, 0x4000) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x10, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x1, 0x20}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x8, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) 206.032912ms ago: executing program 0 (id=1039): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x3c, 0x21, 0x400, 0x70bd29, 0x25dfdbfc, {0xe}, [@generic="8f25882245e729e9bf9c7c55c49e6dab345d158d76cf47ec08d6dcc4514467c1682a990e24"]}, 0x3c}, 0x1, 0x0, 0x0, 0x4004000}, 0x24000800) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="b40a000040000900000000000000000002000021040060809c0a01"], 0xab4}}, 0x0) 182.609933ms ago: executing program 4 (id=1040): r0 = socket$kcm(0x10, 0x2, 0x0) r1 = socket$kcm(0x29, 0x7, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x2, 0x4, &(0x7f0000000040)=@raw=[@map_fd={0x18, 0x6, 0x1, 0x0, 0x1}, @btf_id={0x18, 0x7, 0x3, 0x0, 0x2}], &(0x7f0000000080)='GPL\x00', 0x7fffffff, 0x0, 0x0, 0x40f00, 0x6f, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3, &(0x7f00000000c0)=[0x1, 0x1, 0xffffffffffffffff], &(0x7f0000000140)=[{0x0, 0x1, 0x8, 0x3}, {0x3, 0x5, 0x10, 0x5}, {0x3, 0x4, 0x6, 0x4}], 0x10, 0x1, @void, @value}, 0x94) ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x89e0, &(0x7f0000000240)={r0, r2}) r3 = syz_init_net_socket$ax25(0x3, 0x5, 0x7) setsockopt$ax25_SO_BINDTODEVICE(r3, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0x10) sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a1810039000000000b0000000000000e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x0) 38.401574ms ago: executing program 3 (id=1041): r0 = socket(0x2a, 0x2, 0x0) syz_emit_ethernet(0x56, &(0x7f0000000580)={@local, @link_local={0x3}, @void, {@ipv4={0x800, @tcp={{0xd, 0x4, 0x0, 0x0, 0x48, 0x0, 0x0, 0x0, 0x6, 0x0, @dev, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@rr={0x44, 0xf, 0x8, [@multicast2, @remote, @multicast2]}, @ssrr={0x89, 0xb, 0xd7, [@rand_addr, @rand_addr]}, @ssrr={0x89, 0x3}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x38, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000014c0)=@newtfilter={0x130c, 0x2c, 0xd27, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r1, {0x3}, {}, {0x5, 0xffe0}}, [@filter_kind_options=@f_u32={{0x8}, {0x12e0, 0x2, [@TCA_U32_SEL={0x34, 0x5, {0x2, 0x7f, 0x2, 0x4f84, 0x0, 0x9, 0x8, 0xffff, [{0x3, 0x1a5a4ba, 0x4, 0x6}, {0x10, 0x5, 0x40ac, 0x5}]}}, @TCA_U32_POLICE={0x464, 0x6, [@TCA_POLICE_RATE64={0xc}, @TCA_POLICE_TBF={0x3c, 0x1, {0x7, 0x20000000, 0xf, 0x28, 0x7636, {0x4, 0x2, 0xfff9, 0x6, 0x3, 0x8}, {0x7, 0x2, 0x6, 0xc38e, 0xc44, 0xd}, 0x6, 0xe, 0x9}}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x4}, @TCA_POLICE_RATE64={0xc, 0x8, 0x8}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0xd1, 0xa3, 0x9, 0x5, 0x5, 0x4, 0x0, 0x1, 0x80000000, 0x2, 0x0, 0x3, 0x5, 0x400, 0xa, 0x401, 0x4, 0xfffffff9, 0x0, 0x80000000, 0xb8, 0x834, 0x0, 0x0, 0x7, 0x9, 0x3af, 0x1, 0x0, 0x2, 0x2, 0x75, 0x101, 0x0, 0x2, 0x1000, 0x5, 0x7fffffff, 0x1, 0x3, 0x5, 0x101, 0x2, 0x618, 0x80, 0x327e38cd, 0xbab7, 0x3, 0x6, 0xfffffdaa, 0x5, 0xf1a, 0xc, 0x40000, 0x8921, 0x2, 0x7, 0x3, 0x0, 0x2, 0x4, 0x6, 0x4, 0x8d3, 0x3, 0x0, 0xfffffffc, 0x4, 0x8, 0x200, 0x8, 0x4, 0x98, 0x1, 0xfffffff7, 0x7f, 0x8, 0xae37, 0xe, 0x0, 0xb, 0x10001, 0x8, 0x3, 0x9, 0x5, 0x200, 0x5, 0x3, 0x2000, 0xea, 0x6108e083, 0x8, 0x80000001, 0x416, 0x18000000, 0x8, 0x9, 0xfffffffe, 0xfffffffc, 0x400, 0x32e24cbd, 0x4, 0x6ba95ced, 0x9, 0x7, 0x1, 0x8001, 0x0, 0x6, 0xf0e, 0x64e, 0xff, 0x8e20, 0x9, 0x2, 0x1ff, 0x5, 0x60000, 0x1, 0x6, 0x5, 0x5, 0x3, 0x1000, 0x3, 0xffffffff, 0x185e, 0x3, 0x6, 0xb, 0x0, 0x0, 0x6, 0x7, 0xffffff01, 0x5, 0x5, 0x800, 0x9, 0x7, 0x5, 0xfff, 0x8000, 0x7fff, 0x80, 0x93d, 0x81, 0x9, 0xfff, 0x8, 0x8, 0x5, 0x2, 0x3, 0x8, 0x1, 0xc38b, 0x3, 0x800, 0x8, 0x4, 0x7, 0x1, 0x3, 0xffffffff, 0x8, 0x579b, 0x2, 0x4, 0xfff, 0x4, 0x200, 0x1, 0x2, 0x9, 0x9, 0x3, 0xe5, 0x1, 0x0, 0x6, 0xffff, 0x7fffffff, 0x8, 0x7, 0x4, 0x3, 0x7, 0x40, 0x8, 0x4, 0x40, 0xf, 0x7, 0xfffff4cb, 0x0, 0xfffffffd, 0xb4, 0x5, 0x5, 0x7fffffff, 0x8001, 0x2, 0x60, 0x7, 0x7, 0x8, 0x1000, 0xa2, 0x7ff, 0x2, 0x7, 0x1, 0x7, 0xffffffff, 0x0, 0x1, 0x80000000, 0x20, 0x0, 0x6, 0x10001, 0x8, 0x3, 0xe, 0x6, 0x1, 0x8, 0x435, 0x2, 0x401, 0x9, 0x7, 0x6, 0x1, 0xfffffe00, 0x5, 0x101, 0xffff554d, 0xc15c, 0x3, 0x91, 0x40, 0x40, 0x0, 0x0, 0x93d7, 0x1, 0x7fffffff, 0x3, 0x400, 0xfff, 0x10000, 0x1000, 0x6]}]}, @TCA_U32_MARK={0x10, 0xa, {0x813, 0xffffff28}}, @TCA_U32_INDEV={0x14, 0x8, 'veth0\x00'}, @TCA_U32_POLICE={0xc2c, 0x6, [@TCA_POLICE_AVRATE={0x8, 0x4, 0x3}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x5}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x6, 0x8, 0xff68, 0xffff, 0xffffff28, 0x40, 0x8, 0x0, 0x3, 0x1, 0x6, 0x2, 0x7fff, 0x6, 0x8, 0x7, 0x5, 0x3c, 0x0, 0x7ff, 0x7fffffff, 0x80000000, 0x8, 0xd, 0x1, 0x4, 0x5, 0x2, 0xa8, 0x6, 0x4, 0x5, 0x7f, 0x3, 0x1, 0xce6d, 0xb332, 0x81, 0x7fffffff, 0xba, 0xffffffe1, 0xa0, 0xff, 0x3, 0xcb84, 0x4, 0x4, 0x6, 0x7, 0x6, 0x1ff, 0x9, 0xffffff63, 0x4, 0x1000, 0x9, 0x5, 0x9, 0x5, 0x40, 0x9, 0xaa6, 0x0, 0x1, 0x7ff, 0xfffffff0, 0xffffffff, 0x9, 0xe0, 0x7f, 0x0, 0x7fff, 0x3, 0x10000000, 0x7ff, 0x3, 0x8, 0x5, 0x5, 0x7, 0x800, 0x9, 0x6, 0xac1, 0x6, 0x2, 0x1ff, 0xfffffffa, 0x0, 0x4, 0x1, 0x4, 0x2, 0x9, 0x8000, 0x1000, 0x0, 0x1, 0x8000, 0x6, 0x7, 0x4, 0xffff, 0x8, 0x7, 0x10001, 0x80000000, 0xa, 0x81, 0xcd9, 0xa91, 0x9575, 0x7, 0x28, 0x6, 0x5, 0x9, 0x3, 0xb8, 0x6, 0x7, 0x521, 0x6, 0x9, 0x48a5ec53, 0x9, 0x7fffffff, 0x6a, 0x10001, 0x6, 0x9, 0x1, 0x10000, 0x5, 0x8308, 0x3, 0x1, 0x3, 0xaa31, 0x10, 0x3, 0x1, 0x1ff, 0x588, 0x6, 0x6, 0x3ff, 0x7, 0x2, 0xa, 0x2, 0x516a, 0x2, 0x3bb, 0xffffff07, 0x7fff, 0x4, 0x8, 0xffff393b, 0x3, 0x4, 0x2, 0x3, 0x9, 0x101, 0x6254, 0x1, 0x10000, 0x80000000, 0x9, 0x9, 0xb3e, 0x1ec, 0x300, 0x9, 0xc9, 0x8, 0x800, 0x0, 0x2, 0xc21, 0x6, 0x2, 0x8, 0x101, 0x6c, 0x7ff, 0xfffffffb, 0x1, 0x4, 0x5, 0x1, 0x2, 0x52, 0x0, 0xa, 0x6, 0x8, 0x2, 0x6, 0x4, 0x3eab, 0xffffffff, 0xfffffffc, 0x9, 0x0, 0x8001, 0x480a, 0x3, 0x2, 0x1, 0x80, 0x8, 0xfffffffc, 0x1, 0x5, 0x591, 0x80, 0x5, 0x5, 0x2, 0x80000000, 0xfffffffa, 0x8, 0x1, 0x2, 0x3, 0x6, 0x0, 0x3, 0x5, 0x80000000, 0x7, 0x8, 0x9, 0xffffff7f, 0xffff, 0x0, 0x7, 0xfff, 0x3, 0x8001, 0x66c4, 0x7ff, 0xb5, 0x2, 0xcbe0, 0xfffffab4, 0x0, 0x247c000, 0x4, 0x0, 0x0, 0x2, 0x8, 0x1]}, @TCA_POLICE_RATE={0x404, 0x2, [0x8000, 0x3, 0x3, 0x5, 0x9, 0x44, 0x7, 0x6bfd, 0x7, 0x6, 0x101, 0x4, 0x0, 0x3, 0xe46, 0x2, 0x6, 0x4, 0x1, 0x7, 0x6573, 0x7, 0x3ff, 0x10001, 0x3c1, 0x6, 0xf6, 0x5, 0x196c, 0xdc9c, 0x4, 0x7, 0x3, 0x1, 0x4, 0x28, 0x5, 0x8, 0x8, 0x7, 0x3973c9e8, 0x80000001, 0x9, 0x8, 0x3, 0x3, 0x1a4, 0x5, 0x5, 0x10000, 0x8, 0x4, 0x3, 0x80000000, 0x8, 0x5, 0xfffffff7, 0xd, 0x0, 0x8, 0x5, 0x9, 0x0, 0x8, 0x95, 0xef, 0x1, 0x26a9, 0x2, 0x21f, 0x7, 0x2, 0xffff, 0x5, 0x7, 0xffffff00, 0x93ea, 0x1, 0x5, 0x2ebac94b, 0x5, 0x3, 0x4, 0x3, 0x800, 0x1, 0x4, 0x2, 0x200000, 0x742, 0x4, 0x4, 0x8f4f, 0xe8f3, 0x1ff, 0xffff, 0xfffffff8, 0x517, 0x1, 0x0, 0x9, 0x7f, 0xffff, 0x4, 0x3, 0xcd, 0x4, 0x8, 0x1, 0x7, 0x2, 0xb, 0x3ff, 0x4, 0x4, 0x8, 0x5, 0xf, 0xe, 0x0, 0x1, 0xdf, 0x8001, 0x2, 0x6, 0xd06, 0x8, 0x9, 0x9999, 0x5, 0x3, 0x6, 0x1ff, 0x81, 0xff, 0x3, 0x6, 0x7, 0x100, 0x401, 0x7fff, 0x117, 0x80000000, 0x1, 0xc0000000, 0x2, 0x0, 0xd, 0x1, 0xd, 0x1, 0x6, 0x19c1, 0x7, 0x52, 0x5183, 0xad, 0xcab5, 0x5, 0x7f, 0x400, 0x6, 0x4279795c, 0xfffffffc, 0x0, 0x4, 0x9, 0x4, 0x7, 0x6, 0x7, 0x8, 0x8000, 0x0, 0x9, 0xffffff80, 0x0, 0x1ff, 0x779, 0xffff, 0x6, 0x0, 0x5, 0x9, 0x81, 0x8, 0x2, 0x9, 0x55, 0x0, 0x4, 0x8, 0xc9f9, 0xeb0b, 0x1ff, 0x4, 0x4, 0x8, 0x2, 0x8, 0x800, 0x8, 0xa, 0x7, 0x6, 0x4, 0x5, 0xffffffff, 0xde, 0x8, 0x0, 0x8d26, 0x6, 0x3, 0xf, 0x7, 0xf16e, 0xe, 0x0, 0x10000, 0x7, 0x1, 0x6d81, 0x0, 0x8, 0x0, 0x1, 0x10000, 0x5b507254, 0xdc, 0x1, 0x2, 0xffffffff, 0x1, 0x3, 0x3, 0x9, 0xd9c, 0xffffff00, 0x7ff, 0x4, 0x80000001, 0x400, 0x101, 0x1, 0x7fff, 0xe2, 0x5, 0x977e, 0x8, 0x0, 0xc2, 0xffffffff, 0x3ff, 0x6792, 0x1]}, @TCA_POLICE_RATE={0x404, 0x2, [0x7, 0x2, 0xfffffffb, 0xf, 0x2, 0x80000000, 0x0, 0x9, 0x70000, 0x100, 0x7, 0x2, 0x5, 0x80, 0x5d, 0xd, 0x7, 0xdf, 0x8000, 0x29b, 0x6f, 0x9, 0xfffffff8, 0x7fff, 0x4, 0x9f, 0x8, 0x100000, 0x8, 0x0, 0x101, 0x6, 0x8, 0x0, 0x9d3, 0x9, 0x7, 0x0, 0xfffffffb, 0x0, 0x8, 0x101, 0x10, 0x2e, 0xd, 0x80, 0x8, 0x40, 0x5, 0x6, 0x3, 0x5, 0x1000, 0x4, 0x9, 0xffffffcf, 0x1ff, 0x80, 0x506cdd1, 0x7ff, 0xec7b, 0x0, 0x80000000, 0x200, 0x7, 0x9, 0x0, 0x20000002, 0xe93f, 0x7, 0x4, 0x1, 0x2, 0x7, 0x2, 0x7, 0x8, 0x94f3, 0x35, 0x800, 0x4, 0x0, 0x5, 0x7, 0xfcf7, 0x5, 0x2, 0x90, 0xb9ee, 0x200, 0x81, 0x5, 0xc6be, 0xc65, 0x6, 0x4, 0x6, 0x64, 0x2, 0x1, 0x8, 0x8, 0x9, 0x6, 0x7fff, 0x1, 0x7ff, 0x3, 0x2, 0x7, 0x0, 0x5, 0x73f5f204, 0xc000000, 0x0, 0x7, 0x2, 0xfff, 0x2, 0xa, 0x8, 0x4, 0xfffffff9, 0x7702, 0x0, 0x9, 0x40, 0x0, 0x4, 0xb, 0x2, 0x3c3, 0x5, 0x67, 0xffffff68, 0xc, 0xe9, 0x4, 0xdc, 0xf, 0x7f5, 0x3, 0x6, 0xf2f4, 0x6, 0x3600, 0xc4, 0x3, 0x0, 0xffffff58, 0xfffffffc, 0x800, 0x9, 0x4, 0x10, 0x1, 0x1, 0x1, 0x9, 0x1, 0xfffffff8, 0x2, 0x1, 0x1000, 0x2, 0x9, 0xffffff7d, 0xb, 0x3, 0xfffffca0, 0x800, 0x4, 0x4, 0x1, 0x0, 0x5, 0x0, 0x3ff, 0x8, 0x0, 0x4, 0x99ab, 0x6, 0x8d, 0x1000, 0x5, 0x8, 0x6, 0x80, 0x0, 0x1000, 0x5, 0x5, 0x5, 0x3, 0xa, 0x5, 0x1, 0x9, 0x7, 0x0, 0x10000, 0xd1, 0xb, 0x80, 0xfffffffd, 0x6, 0x3, 0x6, 0xb, 0x2d, 0x6, 0x400040, 0x9, 0x8, 0x8, 0x5, 0x9, 0x3, 0xffff, 0x9, 0x2, 0x80000001, 0x1, 0x1, 0x4, 0x1, 0x73d, 0xc5, 0xfffffffd, 0x1, 0x9, 0xc, 0x1ff, 0x6, 0x4, 0x39a0, 0x7, 0x7, 0x99a, 0x7, 0x7, 0x3, 0x8, 0x1, 0x2, 0xeb8, 0x864, 0x401, 0x4, 0x80, 0x336, 0xffff, 0x7, 0x1, 0xee0d]}, @TCA_POLICE_RESULT={0x8}]}, @TCA_U32_ACT={0x1d8, 0x7, [@m_ct={0x100, 0xd, 0x0, 0x0, {{0x7}, {0xa0, 0x2, 0x0, 0x1, [@TCA_CT_NAT_IPV6_MIN={0x14, 0xb, @loopback}, @TCA_CT_NAT_IPV6_MAX={0x14, 0xc, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x32}}}, @TCA_CT_ZONE={0x6, 0x4, 0x8}, @TCA_CT_LABELS={0x14, 0x7, "64d7bfcf0e9ff17d330f06fbf762ed22"}, @TCA_CT_NAT_IPV6_MIN={0x14, 0xb, @loopback}, @TCA_CT_LABELS_MASK={0x14, 0x8, "7d8b253f0e7fe25ece251df6b73058c6"}, @TCA_CT_ACTION={0x6, 0x3, 0x4}, @TCA_CT_NAT_IPV4_MAX={0x8, 0xa, @dev={0xac, 0x14, 0x14, 0x16}}, @TCA_CT_NAT_PORT_MAX={0x6, 0xe, 0x4e20}, @TCA_CT_PARMS={0x18, 0x1, {0x2, 0x4, 0x0, 0xd2, 0xc7cc000}}]}, {0x3b, 0x6, "4fbac450e1a832ab1604f4bcff4fbab656e1c2b78ae4701a0d3d79dd7b9b46adde992bec08a13111b32ff92917240eb2533cefce813f53"}, {0xc}, {0xc, 0x8, {0x2, 0x1}}}}, @m_simple={0xd4, 0x6, 0x0, 0x0, {{0xb}, {0x1c, 0x2, 0x0, 0x1, [@TCA_DEF_PARMS={0x18, 0x2, {0x7, 0x4, 0x10000000, 0x7ff, 0x4}}]}, {0x8e, 0x6, "f5b3a481a29ed9b6de65bd453e48dc6c7a99b76df9810faced6b02c3df32dab8e9eae391dcf4991973623fbccc07568d12befb9b3ae87ad211dde97212df67534417535c80c5e480f46dc551d6b877d64db585e35b46df89e313f4d6bac5a1277551a05fe09aa3fe31f3430f8c4e6f1852a302001a25172ef0f708ab10e96e3812ff5609f63375dafa05"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}, @TCA_U32_LINK={0x8, 0x3, 0x80000001}, @TCA_U32_INDEV={0x14, 0x8, 'veth1_macvtap\x00'}]}}]}, 0x130c}}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xb, &(0x7f0000000240)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x20000000}, {0x85, 0x0, 0x0, 0x70}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'\x00', 0x52d35ce30131f272}) ioctl$TUNSETPERSIST(r3, 0x400454cb, 0x1) ioctl$TUNSETPERSIST(r3, 0x400454cb, 0x1000000008) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) 5.839307ms ago: executing program 0 (id=1042): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=@gettaction={0x60, 0x32, 0x9408f9ce2610ee65, 0x0, 0x0, {}, [@action_gd=@TCA_ACT_TAB={0x40, 0x1, [{0xc, 0x4, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7ff}}, {0xc, 0xd, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xf6bc}}, {0xc, 0x1e, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0xc, 0xe, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xffffffff}}, {0xc, 0x20, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}]}, @action_dump_flags=@TCA_ROOT_FLAGS={0x2e, 0x2, {0x0, 0x1}}]}, 0x60}, 0x1, 0x0, 0x0, 0x44}, 0x400000000000000) 0s ago: executing program 1 (id=1043): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_type(r0, &(0x7f00000001c0), 0x2, 0x0) read(r1, 0x0, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.212' (ED25519) to the list of known hosts. [ 70.779114][ T5815] cgroup: Unknown subsys name 'net' [ 70.894921][ T5815] cgroup: Unknown subsys name 'cpuset' [ 70.903930][ T5815] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 71.844618][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.851188][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 72.475401][ T5815] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 76.451835][ T5831] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 76.476108][ T5843] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 76.484585][ T5843] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 76.493006][ T5843] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 76.501217][ T5843] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 76.512689][ T5843] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 76.523012][ T5843] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 76.531118][ T5843] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 76.539957][ T5843] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 76.547175][ T5843] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 76.555063][ T5843] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 76.565199][ T5844] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 76.566300][ T5843] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 76.580455][ T5843] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 76.588804][ T5843] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 76.601856][ T5843] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 76.605533][ T5846] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 76.622845][ T5843] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 76.633023][ T5846] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 76.642920][ T5847] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 76.651051][ T5848] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 76.651085][ T5846] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 76.666064][ T5847] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 76.666317][ T5848] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 76.674655][ T5846] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 76.688083][ T5836] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 76.688306][ T5847] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 76.708749][ T5847] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 76.729639][ T5847] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 76.743201][ T5836] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 77.148687][ T5839] chnl_net:caif_netlink_parms(): no params data found [ 77.215924][ T5835] chnl_net:caif_netlink_parms(): no params data found [ 77.326528][ T5828] chnl_net:caif_netlink_parms(): no params data found [ 77.401115][ T5839] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.408646][ T5839] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.417347][ T5839] bridge_slave_0: entered allmulticast mode [ 77.424612][ T5839] bridge_slave_0: entered promiscuous mode [ 77.444248][ T5834] chnl_net:caif_netlink_parms(): no params data found [ 77.458693][ T5827] chnl_net:caif_netlink_parms(): no params data found [ 77.474072][ T5839] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.481247][ T5839] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.491155][ T5839] bridge_slave_1: entered allmulticast mode [ 77.498615][ T5839] bridge_slave_1: entered promiscuous mode [ 77.584937][ T5835] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.592391][ T5835] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.599592][ T5835] bridge_slave_0: entered allmulticast mode [ 77.606940][ T5835] bridge_slave_0: entered promiscuous mode [ 77.624948][ T5839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 77.637862][ T5839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 77.682677][ T5835] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.689827][ T5835] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.698073][ T5835] bridge_slave_1: entered allmulticast mode [ 77.705699][ T5835] bridge_slave_1: entered promiscuous mode [ 77.739881][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.747812][ T5828] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.755200][ T5828] bridge_slave_0: entered allmulticast mode [ 77.763280][ T5828] bridge_slave_0: entered promiscuous mode [ 77.804662][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.812095][ T5828] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.819292][ T5828] bridge_slave_1: entered allmulticast mode [ 77.827340][ T5828] bridge_slave_1: entered promiscuous mode [ 77.852842][ T5839] team0: Port device team_slave_0 added [ 77.881842][ T5835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 77.900079][ T5839] team0: Port device team_slave_1 added [ 77.910223][ T5834] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.917582][ T5834] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.925649][ T5834] bridge_slave_0: entered allmulticast mode [ 77.932633][ T5834] bridge_slave_0: entered promiscuous mode [ 77.950985][ T5828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 77.963090][ T5835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 77.999009][ T5834] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.006513][ T5834] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.013888][ T5834] bridge_slave_1: entered allmulticast mode [ 78.020666][ T5834] bridge_slave_1: entered promiscuous mode [ 78.037111][ T5828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 78.066411][ T5827] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.073800][ T5827] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.081213][ T5827] bridge_slave_0: entered allmulticast mode [ 78.088525][ T5827] bridge_slave_0: entered promiscuous mode [ 78.097791][ T5827] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.105477][ T5827] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.113394][ T5827] bridge_slave_1: entered allmulticast mode [ 78.120361][ T5827] bridge_slave_1: entered promiscuous mode [ 78.128207][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 78.135584][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.161902][ T5839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 78.221884][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 78.228909][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.255093][ T5839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 78.269569][ T5834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 78.281952][ T5834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 78.293513][ T5828] team0: Port device team_slave_0 added [ 78.302220][ T5835] team0: Port device team_slave_0 added [ 78.312374][ T5827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 78.347497][ T5828] team0: Port device team_slave_1 added [ 78.355343][ T5835] team0: Port device team_slave_1 added [ 78.363639][ T5827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 78.393821][ T5834] team0: Port device team_slave_0 added [ 78.440711][ T5827] team0: Port device team_slave_0 added [ 78.452478][ T5834] team0: Port device team_slave_1 added [ 78.468234][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 78.475565][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.502574][ T5835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 78.523163][ T5827] team0: Port device team_slave_1 added [ 78.534315][ T5839] hsr_slave_0: entered promiscuous mode [ 78.541076][ T5839] hsr_slave_1: entered promiscuous mode [ 78.557530][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 78.564941][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.591172][ T5828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 78.606753][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 78.614178][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.640322][ T5835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 78.684432][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 78.691947][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.718348][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 78.732474][ T5143] Bluetooth: hci4: command tx timeout [ 78.738652][ T5836] Bluetooth: hci3: command tx timeout [ 78.745406][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 78.752715][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.779128][ T5827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 78.791913][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 78.798902][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.825018][ T5143] Bluetooth: hci2: command tx timeout [ 78.831021][ T5836] Bluetooth: hci0: command tx timeout [ 78.831029][ T5827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 78.847381][ T5143] Bluetooth: hci1: command tx timeout [ 78.860025][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 78.870786][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.897121][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 78.910846][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 78.917915][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 78.944181][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.003368][ T5828] hsr_slave_0: entered promiscuous mode [ 79.009987][ T5828] hsr_slave_1: entered promiscuous mode [ 79.017297][ T5828] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 79.025425][ T5828] Cannot create hsr debugfs directory [ 79.043471][ T5835] hsr_slave_0: entered promiscuous mode [ 79.050911][ T5835] hsr_slave_1: entered promiscuous mode [ 79.057554][ T5835] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 79.065747][ T5835] Cannot create hsr debugfs directory [ 79.136845][ T5827] hsr_slave_0: entered promiscuous mode [ 79.144906][ T5827] hsr_slave_1: entered promiscuous mode [ 79.151080][ T5827] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 79.158856][ T5827] Cannot create hsr debugfs directory [ 79.244779][ T5834] hsr_slave_0: entered promiscuous mode [ 79.251208][ T5834] hsr_slave_1: entered promiscuous mode [ 79.258342][ T5834] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 79.266110][ T5834] Cannot create hsr debugfs directory [ 79.556219][ T5839] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 79.568276][ T5839] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 79.589224][ T5839] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 79.618489][ T5839] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 79.678876][ T5835] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 79.694091][ T5835] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 79.706060][ T5835] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 79.718616][ T5835] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 79.790455][ T5828] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 79.812507][ T5828] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 79.822493][ T5828] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 79.833382][ T5828] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 79.908509][ T5834] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 79.919338][ T5834] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 79.934734][ T5834] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 79.965137][ T5834] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 80.015810][ T5827] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 80.041159][ T5827] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 80.071814][ T5827] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 80.086141][ T5827] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 80.143942][ T5839] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.183286][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.206562][ T5839] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.240800][ T52] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.248102][ T52] bridge0: port 1(bridge_slave_0) entered forwarding state [ 80.278168][ T5835] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.304086][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.318846][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.326060][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 80.342117][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.349259][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 80.382248][ T52] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.389386][ T52] bridge0: port 2(bridge_slave_1) entered forwarding state [ 80.420428][ T5828] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.439198][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.456972][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.464182][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 80.507798][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.514998][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 80.577089][ T5834] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.598398][ T5828] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 80.615663][ T5828] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 80.651085][ T1100] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.658435][ T1100] bridge0: port 1(bridge_slave_0) entered forwarding state [ 80.688012][ T5835] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 80.699990][ T5835] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 80.740507][ T5827] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.788900][ T1100] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.796145][ T1100] bridge0: port 2(bridge_slave_1) entered forwarding state [ 80.812325][ T5836] Bluetooth: hci3: command tx timeout [ 80.817827][ T5836] Bluetooth: hci4: command tx timeout [ 80.882147][ T5836] Bluetooth: hci0: command tx timeout [ 80.882518][ T5143] Bluetooth: hci1: command tx timeout [ 80.888085][ T5847] Bluetooth: hci2: command tx timeout [ 80.923715][ T5827] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.000236][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.007443][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.020585][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.027824][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.106872][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 81.139393][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 81.173047][ T5839] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 81.331494][ T5835] veth0_vlan: entered promiscuous mode [ 81.346623][ T5839] veth0_vlan: entered promiscuous mode [ 81.363700][ T5828] veth0_vlan: entered promiscuous mode [ 81.406816][ T5828] veth1_vlan: entered promiscuous mode [ 81.420760][ T5835] veth1_vlan: entered promiscuous mode [ 81.467905][ T5839] veth1_vlan: entered promiscuous mode [ 81.490076][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 81.531041][ T5835] veth0_macvtap: entered promiscuous mode [ 81.563873][ T5828] veth0_macvtap: entered promiscuous mode [ 81.578463][ T5835] veth1_macvtap: entered promiscuous mode [ 81.589470][ T5828] veth1_macvtap: entered promiscuous mode [ 81.604046][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 81.647713][ T5839] veth0_macvtap: entered promiscuous mode [ 81.659956][ T5839] veth1_macvtap: entered promiscuous mode [ 81.681004][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 81.697427][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 81.726811][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 81.743726][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.760906][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 81.773544][ T5828] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.783592][ T5828] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.792748][ T5828] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.803452][ T5828] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.825570][ T5835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 81.837384][ T5835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.855916][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 81.869151][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 81.887845][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.898438][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 81.909104][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.920679][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 81.940209][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 81.952820][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.962823][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 81.973770][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.985501][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 82.006524][ T5835] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.015729][ T5835] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.025953][ T5835] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.035649][ T5835] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.058695][ T5827] veth0_vlan: entered promiscuous mode [ 82.065502][ T5839] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.075330][ T5839] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.085025][ T5839] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.094457][ T5839] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.195533][ T5834] veth0_vlan: entered promiscuous mode [ 82.208778][ T5827] veth1_vlan: entered promiscuous mode [ 82.327342][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.336024][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.337993][ T5834] veth1_vlan: entered promiscuous mode [ 82.376405][ T5827] veth0_macvtap: entered promiscuous mode [ 82.394525][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.404430][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.429686][ T5827] veth1_macvtap: entered promiscuous mode [ 82.474522][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.493649][ T5834] veth0_macvtap: entered promiscuous mode [ 82.494874][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.532092][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.542899][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.553736][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.564972][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.575019][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.586819][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.598040][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 82.616726][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.622544][ T5834] veth1_macvtap: entered promiscuous mode [ 82.630657][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.646011][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 82.658251][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.668219][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 82.678930][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.689664][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 82.700310][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.712710][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 82.729887][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.739311][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.758441][ T5827] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.767818][ T5827] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.777419][ T5827] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.787048][ T5827] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.808998][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.819865][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.830495][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.841130][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.851119][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.861632][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.871864][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 82.882493][ T5836] Bluetooth: hci3: command tx timeout [ 82.888440][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 82.891871][ T5836] Bluetooth: hci4: command tx timeout [ 82.901308][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 82.923128][ T5828] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 82.966945][ T5836] Bluetooth: hci1: command tx timeout [ 82.975443][ T5847] Bluetooth: hci0: command tx timeout [ 82.975455][ T5143] Bluetooth: hci2: command tx timeout [ 82.993586][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.004922][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.015152][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.026210][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.036175][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.047722][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.057722][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.068342][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.080148][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.125524][ T1100] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.147984][ T1100] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.152013][ T5834] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.170448][ T5834] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.179667][ T5834] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.188907][ T5834] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.329401][ T5918] netlink: 72 bytes leftover after parsing attributes in process `syz.2.3'. [ 83.503889][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.515113][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.559767][ T1106] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.568352][ T1106] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.578900][ T5922] netlink: zone id is out of range [ 83.600349][ T5922] netlink: zone id is out of range [ 83.615318][ T5922] netlink: zone id is out of range [ 83.620546][ T5922] netlink: zone id is out of range [ 83.646464][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.664612][ T5920] netlink: 'syz.1.2': attribute type 10 has an invalid length. [ 83.678664][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.735056][ T1100] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.754802][ T5930] netlink: 256 bytes leftover after parsing attributes in process `syz.3.8'. [ 83.760957][ T1100] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.789262][ T5920] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 84.053870][ T5934] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 84.246100][ T5941] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5'. [ 84.265500][ T5940] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1'. [ 84.291245][ T5941] tc_dump_action: action bad kind [ 84.345830][ T5942] FAULT_INJECTION: forcing a failure. [ 84.345830][ T5942] name failslab, interval 1, probability 0, space 0, times 1 [ 84.365604][ T5942] CPU: 1 UID: 0 PID: 5942 Comm: syz.3.11 Not tainted 6.13.0-rc3-syzkaller-00151-gcc54ec56d822 #0 [ 84.376207][ T5942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 84.386345][ T5942] Call Trace: [ 84.389676][ T5942] [ 84.392657][ T5942] dump_stack_lvl+0x241/0x360 [ 84.397426][ T5942] ? __pfx_dump_stack_lvl+0x10/0x10 [ 84.402820][ T5942] ? __pfx__printk+0x10/0x10 [ 84.407473][ T5942] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 84.413522][ T5942] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 84.419920][ T5942] should_fail_ex+0x3b0/0x4e0 [ 84.424683][ T5942] should_failslab+0xac/0x100 [ 84.429856][ T5942] __kmalloc_cache_noprof+0x70/0x390 [ 84.435210][ T5942] ? once_disable_jump+0x52/0x1a0 [ 84.440325][ T5942] once_disable_jump+0x52/0x1a0 [ 84.445264][ T5942] inet6_ehashfn+0x58d/0x5a0 [ 84.449934][ T5942] ? lockdep_hardirqs_on+0x99/0x150 [ 84.455215][ T5942] ? __pfx_inet6_ehashfn+0x10/0x10 [ 84.460422][ T5942] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 84.465948][ T5947] bond1: entered promiscuous mode [ 84.466356][ T5942] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 84.472324][ T5947] bond1: entered allmulticast mode [ 84.477761][ T5942] __inet6_lookup_established+0xc2/0xdc0 [ 84.477819][ T5942] ? mark_lock+0x9a/0x360 [ 84.477858][ T5942] ? __lock_acquire+0x1397/0x2100 [ 84.498401][ T5942] ? __pfx___inet6_lookup_established+0x10/0x10 [ 84.504746][ T5942] inet6_lookup+0xc6/0x3e0 [ 84.509250][ T5942] ? __pfx_inet6_lookup+0x10/0x10 [ 84.514361][ T5942] inet_diag_find_one_icsk+0x36d/0x810 [ 84.519896][ T5942] ? inet_diag_find_one_icsk+0x2c/0x810 [ 84.525525][ T5942] tcp_diag_destroy+0x85/0xc0 [ 84.530356][ T5942] ? __pfx_tcp_diag_destroy+0x10/0x10 [ 84.535795][ T5942] inet_diag_cmd_exact+0x43b/0x540 [ 84.540997][ T5942] ? __pfx_inet_diag_cmd_exact+0x10/0x10 [ 84.546732][ T5942] ? __pfx_lock_acquire+0x10/0x10 [ 84.551821][ T5942] inet_diag_handler_cmd+0x206/0x2b0 [ 84.557204][ T5942] ? __pfx_inet_diag_handler_cmd+0x10/0x10 [ 84.563096][ T5942] ? sock_diag_lock_handler+0x19/0x280 [ 84.568620][ T5942] ? __pfx_inet_diag_handler_cmd+0x10/0x10 [ 84.574492][ T5942] sock_diag_rcv_msg+0x3dc/0x5f0 [ 84.579515][ T5942] netlink_rcv_skb+0x1e3/0x430 [ 84.582121][ T5953] warning: `syz.1.12' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 84.584315][ T5942] ? __pfx_sock_diag_rcv_msg+0x10/0x10 [ 84.584358][ T5942] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 84.606407][ T5942] ? netlink_deliver_tap+0x2e/0x1b0 [ 84.611675][ T5942] netlink_unicast+0x7f6/0x990 [ 84.616531][ T5942] ? __pfx_netlink_unicast+0x10/0x10 [ 84.621884][ T5942] ? __virt_addr_valid+0x45f/0x530 [ 84.627065][ T5942] ? __phys_addr_symbol+0x2f/0x70 [ 84.632153][ T5942] ? __check_object_size+0x47a/0x730 [ 84.637518][ T5942] netlink_sendmsg+0x8e4/0xcb0 [ 84.642359][ T5942] ? __pfx_netlink_sendmsg+0x10/0x10 [ 84.647708][ T5942] ? aa_sock_msg_perm+0x91/0x160 [ 84.652717][ T5942] ? __pfx_netlink_sendmsg+0x10/0x10 [ 84.658090][ T5942] __sock_sendmsg+0x221/0x270 [ 84.662837][ T5942] sock_write_iter+0x2d7/0x3f0 [ 84.667667][ T5942] ? __pfx_sock_write_iter+0x10/0x10 [ 84.673041][ T5942] do_iter_readv_writev+0x600/0x880 [ 84.678299][ T5942] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 84.684088][ T5942] ? bpf_lsm_file_permission+0x9/0x10 [ 84.689528][ T5942] ? security_file_permission+0x74/0x280 [ 84.695242][ T5942] ? rw_verify_area+0x1c3/0x6f0 [ 84.700167][ T5942] vfs_writev+0x376/0xba0 [ 84.704587][ T5942] ? __pfx_lock_acquire+0x10/0x10 [ 84.709675][ T5942] ? __pfx_vfs_writev+0x10/0x10 [ 84.714602][ T5942] ? __pfx_vfs_write+0x10/0x10 [ 84.719424][ T5942] ? __fget_files+0x2a/0x410 [ 84.724098][ T5942] ? __fget_files+0x395/0x410 [ 84.728852][ T5942] ? __fget_files+0x2a/0x410 [ 84.733516][ T5942] do_writev+0x1b6/0x360 [ 84.737843][ T5942] ? __pfx_do_writev+0x10/0x10 [ 84.742667][ T5942] ? do_syscall_64+0x100/0x230 [ 84.747506][ T5942] ? do_syscall_64+0xb6/0x230 [ 84.752267][ T5942] do_syscall_64+0xf3/0x230 [ 84.757027][ T5942] ? clear_bhb_loop+0x35/0x90 [ 84.761764][ T5942] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.767747][ T5942] RIP: 0033:0x7fbedd985d29 [ 84.772239][ T5942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 84.780728][ T5956] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 84.791872][ T5942] RSP: 002b:00007fbede817038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 84.791908][ T5942] RAX: ffffffffffffffda RBX: 00007fbeddb75fa0 RCX: 00007fbedd985d29 [ 84.791926][ T5942] RDX: 0000000000000001 RSI: 00000000200000c0 RDI: 0000000000000006 [ 84.791941][ T5942] RBP: 00007fbede817090 R08: 0000000000000000 R09: 0000000000000000 [ 84.791954][ T5942] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 84.791968][ T5942] R13: 0000000000000000 R14: 00007fbeddb75fa0 R15: 00007ffd6fa013b8 [ 84.792003][ T5942] [ 84.973319][ T5847] Bluetooth: hci3: command tx timeout [ 84.980046][ T5836] Bluetooth: hci4: command tx timeout [ 85.026970][ T5959] netlink: zone id is out of range [ 85.032327][ T5959] netlink: zone id is out of range [ 85.037794][ T5959] netlink: zone id is out of range [ 85.043939][ T5959] netlink: zone id is out of range [ 85.045978][ T5836] Bluetooth: hci2: command tx timeout [ 85.062460][ T5847] Bluetooth: hci1: command tx timeout [ 85.068647][ T5847] Bluetooth: hci0: command tx timeout [ 85.140952][ T5961] netlink: 60 bytes leftover after parsing attributes in process `syz.2.17'. [ 85.294960][ T5967] Bluetooth: MGMT ver 1.23 [ 85.303025][ T5963] netlink: 'syz.1.19': attribute type 10 has an invalid length. [ 85.388768][ T5972] netlink: 4 bytes leftover after parsing attributes in process `syz.2.21'. [ 85.630870][ T5980] netlink: 12 bytes leftover after parsing attributes in process `syz.1.26'. [ 85.677023][ T5980] tc_dump_action: action bad kind [ 85.790669][ T5979] xt_CT: No such helper "pptp" [ 85.974507][ T5992] netlink: 12 bytes leftover after parsing attributes in process `syz.1.30'. [ 85.992755][ T5994] FAULT_INJECTION: forcing a failure. [ 85.992755][ T5994] name failslab, interval 1, probability 0, space 0, times 0 [ 86.032447][ T5994] CPU: 0 UID: 0 PID: 5994 Comm: syz.4.31 Not tainted 6.13.0-rc3-syzkaller-00151-gcc54ec56d822 #0 [ 86.043048][ T5994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 86.053170][ T5994] Call Trace: [ 86.056505][ T5994] [ 86.059490][ T5994] dump_stack_lvl+0x241/0x360 [ 86.064248][ T5994] ? __pfx_dump_stack_lvl+0x10/0x10 [ 86.069523][ T5994] ? __pfx__printk+0x10/0x10 [ 86.074188][ T5994] ? ref_tracker_alloc+0x332/0x490 [ 86.079375][ T5994] should_fail_ex+0x3b0/0x4e0 [ 86.084133][ T5994] should_failslab+0xac/0x100 [ 86.088882][ T5994] ? skb_clone+0x20c/0x390 [ 86.093362][ T5994] kmem_cache_alloc_noprof+0x70/0x380 [ 86.098807][ T5994] skb_clone+0x20c/0x390 [ 86.103121][ T5994] __netlink_deliver_tap+0x3cc/0x7f0 [ 86.108480][ T5994] ? netlink_deliver_tap+0x2e/0x1b0 [ 86.113744][ T5994] netlink_deliver_tap+0x19d/0x1b0 [ 86.117432][ T5997] x_tables: duplicate underflow at hook 2 [ 86.118905][ T5994] netlink_sendskb+0x68/0x140 [ 86.129386][ T5994] netlink_unicast+0x39d/0x990 [ 86.134229][ T5994] ? __pfx_netlink_unicast+0x10/0x10 [ 86.139600][ T5994] netlink_rcv_skb+0x262/0x430 [ 86.144424][ T5994] ? __pfx_sock_diag_rcv_msg+0x10/0x10 [ 86.149949][ T5994] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 86.154381][ T5999] netlink: zone id is out of range [ 86.155291][ T5994] ? netlink_deliver_tap+0x2e/0x1b0 [ 86.160537][ T5999] netlink: zone id is out of range [ 86.165639][ T5994] netlink_unicast+0x7f6/0x990 [ 86.165696][ T5994] ? __pfx_netlink_unicast+0x10/0x10 [ 86.165730][ T5994] ? __virt_addr_valid+0x45f/0x530 [ 86.165761][ T5994] ? __phys_addr_symbol+0x2f/0x70 [ 86.165788][ T5994] ? __check_object_size+0x47a/0x730 [ 86.165823][ T5994] netlink_sendmsg+0x8e4/0xcb0 [ 86.165861][ T5994] ? __pfx_netlink_sendmsg+0x10/0x10 [ 86.165892][ T5994] ? aa_sock_msg_perm+0x91/0x160 [ 86.165924][ T5994] ? __pfx_netlink_sendmsg+0x10/0x10 [ 86.165949][ T5994] __sock_sendmsg+0x221/0x270 [ 86.165987][ T5994] sock_write_iter+0x2d7/0x3f0 [ 86.166023][ T5994] ? __pfx_sock_write_iter+0x10/0x10 [ 86.166092][ T5994] do_iter_readv_writev+0x600/0x880 [ 86.166127][ T5994] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 86.166161][ T5994] ? bpf_lsm_file_permission+0x9/0x10 [ 86.166197][ T5994] ? security_file_permission+0x74/0x280 [ 86.166233][ T5994] ? rw_verify_area+0x1c3/0x6f0 [ 86.166274][ T5994] vfs_writev+0x376/0xba0 [ 86.166318][ T5994] ? __pfx_lock_acquire+0x10/0x10 [ 86.166426][ T5994] ? __pfx_vfs_writev+0x10/0x10 [ 86.166475][ T5994] ? __pfx_vfs_write+0x10/0x10 [ 86.166501][ T5994] ? __fget_files+0x2a/0x410 [ 86.166534][ T5994] ? __fget_files+0x395/0x410 [ 86.288380][ T5994] ? __fget_files+0x2a/0x410 [ 86.293058][ T5994] do_writev+0x1b6/0x360 [ 86.297464][ T5994] ? __pfx_do_writev+0x10/0x10 [ 86.302319][ T5994] ? do_syscall_64+0x100/0x230 [ 86.307159][ T5994] ? do_syscall_64+0xb6/0x230 [ 86.311911][ T5994] do_syscall_64+0xf3/0x230 [ 86.316486][ T5994] ? clear_bhb_loop+0x35/0x90 [ 86.321206][ T5994] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.327160][ T5994] RIP: 0033:0x7f68db385d29 [ 86.331627][ T5994] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 86.351295][ T5994] RSP: 002b:00007f68dc1eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 86.359775][ T5994] RAX: ffffffffffffffda RBX: 00007f68db575fa0 RCX: 00007f68db385d29 [ 86.367813][ T5994] RDX: 0000000000000001 RSI: 00000000200000c0 RDI: 0000000000000006 [ 86.375837][ T5994] RBP: 00007f68dc1eb090 R08: 0000000000000000 R09: 0000000000000000 [ 86.384124][ T5994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 86.392148][ T5994] R13: 0000000000000000 R14: 00007f68db575fa0 R15: 00007ffe3977c648 [ 86.400195][ T5994] [ 86.428644][ T6006] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 86.688904][ T6014] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 86.892660][ T6012] netlink: 'syz.1.37': attribute type 10 has an invalid length. [ 87.127758][ T6038] netlink: 12 bytes leftover after parsing attributes in process `syz.2.42'. [ 87.157617][ T6038] tc_dump_action: action bad kind [ 87.371797][ T6046] syz.1.47 uses obsolete (PF_INET,SOCK_PACKET) [ 87.414644][ T6048] netlink: 120 bytes leftover after parsing attributes in process `syz.0.48'. [ 87.657986][ T6057] FAULT_INJECTION: forcing a failure. [ 87.657986][ T6057] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 87.691644][ T6057] CPU: 0 UID: 0 PID: 6057 Comm: syz.2.51 Not tainted 6.13.0-rc3-syzkaller-00151-gcc54ec56d822 #0 [ 87.702538][ T6057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 87.712643][ T6057] Call Trace: [ 87.715980][ T6057] [ 87.718959][ T6057] dump_stack_lvl+0x241/0x360 [ 87.723709][ T6057] ? __pfx_dump_stack_lvl+0x10/0x10 [ 87.728982][ T6057] ? __pfx__printk+0x10/0x10 [ 87.733993][ T6057] ? snprintf+0xda/0x120 [ 87.738306][ T6057] should_fail_ex+0x3b0/0x4e0 [ 87.743078][ T6057] _copy_to_user+0x31/0xb0 [ 87.747569][ T6057] simple_read_from_buffer+0xca/0x150 [ 87.753044][ T6057] proc_fail_nth_read+0x1e9/0x250 [ 87.758134][ T6057] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 87.763795][ T6057] ? rw_verify_area+0x55e/0x6f0 [ 87.768719][ T6057] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 87.774340][ T6057] vfs_read+0x1fc/0xb70 [ 87.778557][ T6057] ? __pfx___mutex_lock+0x10/0x10 [ 87.783654][ T6057] ? __pfx_vfs_read+0x10/0x10 [ 87.788389][ T6057] ? __fget_files+0x2a/0x410 [ 87.793075][ T6057] ? __fget_files+0x395/0x410 [ 87.797811][ T6057] ? __fget_files+0x2a/0x410 [ 87.802496][ T6057] ksys_read+0x18f/0x2b0 [ 87.806808][ T6057] ? __pfx_ksys_read+0x10/0x10 [ 87.811627][ T6057] ? do_syscall_64+0x100/0x230 [ 87.816464][ T6057] ? do_syscall_64+0xb6/0x230 [ 87.821230][ T6057] do_syscall_64+0xf3/0x230 [ 87.825806][ T6057] ? clear_bhb_loop+0x35/0x90 [ 87.830549][ T6057] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.836522][ T6057] RIP: 0033:0x7f7d33b8473c [ 87.840992][ T6057] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 87.860685][ T6057] RSP: 002b:00007f7d34972030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 87.869171][ T6057] RAX: ffffffffffffffda RBX: 00007f7d33d75fa0 RCX: 00007f7d33b8473c [ 87.877207][ T6057] RDX: 000000000000000f RSI: 00007f7d349720a0 RDI: 0000000000000007 [ 87.885240][ T6057] RBP: 00007f7d34972090 R08: 0000000000000000 R09: 0000000000000000 [ 87.893270][ T6057] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 87.901300][ T6057] R13: 0000000000000000 R14: 00007f7d33d75fa0 R15: 00007ffce77f74e8 [ 87.909359][ T6057] [ 88.182164][ T6067] netlink: 'syz.3.56': attribute type 10 has an invalid length. [ 88.331025][ T6067] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 88.659891][ T6086] net_ratelimit: 8 callbacks suppressed [ 88.659915][ T6086] netlink: zone id is out of range [ 88.691698][ T6086] netlink: zone id is out of range [ 88.696904][ T6086] netlink: zone id is out of range [ 88.719354][ T6086] netlink: zone id is out of range [ 88.743941][ T6088] __nla_validate_parse: 2 callbacks suppressed [ 88.743963][ T6088] netlink: 12 bytes leftover after parsing attributes in process `syz.0.64'. [ 88.791881][ T6088] tc_dump_action: action bad kind [ 88.843325][ T6094] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 88.859229][ T6097] netlink: 'syz.2.65': attribute type 1 has an invalid length. [ 88.878150][ T6097] netlink: 'syz.2.65': attribute type 1 has an invalid length. [ 89.477231][ T6120] netdevsim netdevsim0 netdevsim0: entered promiscuous mode [ 89.502562][ T6117] netlink: 'syz.4.73': attribute type 10 has an invalid length. [ 89.612754][ T6117] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 89.779046][ T6124] netlink: 4 bytes leftover after parsing attributes in process `syz.3.74'. [ 89.968319][ T6135] netlink: zone id is out of range [ 90.006802][ T6135] netlink: zone id is out of range [ 90.030678][ T6135] netlink: zone id is out of range [ 90.051599][ T6135] netlink: zone id is out of range [ 90.189247][ T6142] netlink: 4 bytes leftover after parsing attributes in process `syz.1.81'. [ 90.326948][ T6153] netlink: 44 bytes leftover after parsing attributes in process `syz.4.83'. [ 90.330073][ T6145] netlink: 8 bytes leftover after parsing attributes in process `syz.2.84'. [ 90.346365][ T6151] netlink: 12 bytes leftover after parsing attributes in process `syz.0.82'. [ 90.356435][ T6151] tc_dump_action: action bad kind [ 90.641324][ T6159] netlink: 8 bytes leftover after parsing attributes in process `syz.0.87'. [ 90.726421][ T6163] netlink: 'syz.3.88': attribute type 10 has an invalid length. [ 90.880903][ T6165] netlink: 20 bytes leftover after parsing attributes in process `syz.1.89'. [ 90.893292][ T6171] netlink: 12 bytes leftover after parsing attributes in process `syz.1.89'. [ 90.968302][ T6165] netlink: 12 bytes leftover after parsing attributes in process `syz.1.89'. [ 91.032237][ T6177] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 91.160681][ T6180] netlink: zone id is out of range [ 91.181938][ T6180] netlink: zone id is out of range [ 91.278870][ T6191] tc_dump_action: action bad kind [ 91.705118][ T6206] netlink: 'syz.0.104': attribute type 10 has an invalid length. [ 91.849047][ T6206] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 92.177051][ T6228] tc_dump_action: action bad kind [ 92.357614][ T25] cfg80211: failed to load regulatory.db [ 92.634804][ T6253] netlink: 'syz.2.119': attribute type 1 has an invalid length. [ 92.704886][ T6257] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 93.079823][ T6271] netlink: 'syz.2.124': attribute type 10 has an invalid length. [ 93.134478][ T6271] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 93.329494][ T6286] tc_dump_action: action bad kind [ 93.778784][ T6308] __nla_validate_parse: 11 callbacks suppressed [ 93.778808][ T6308] netlink: 48 bytes leftover after parsing attributes in process `syz.0.135'. [ 94.016081][ T6320] net_ratelimit: 10 callbacks suppressed [ 94.016107][ T6320] netlink: zone id is out of range [ 94.048946][ T6321] netlink: 8 bytes leftover after parsing attributes in process `syz.4.137'. [ 94.049564][ T6320] netlink: zone id is out of range [ 94.070559][ T6320] netlink: zone id is out of range [ 94.105570][ T6320] netlink: zone id is out of range [ 94.325160][ T6326] netlink: 'syz.0.140': attribute type 10 has an invalid length. [ 94.394226][ T6332] Zero length message leads to an empty skb [ 94.521791][ T6334] netlink: 12 bytes leftover after parsing attributes in process `syz.3.143'. [ 94.564834][ T6334] tc_dump_action: action bad kind [ 94.573218][ T6340] xt_socket: unknown flags 0x3c [ 94.578407][ T6340] xt_socket: unknown flags 0x3c [ 94.817196][ T6349] netlink: 56 bytes leftover after parsing attributes in process `syz.4.149'. [ 94.841824][ T6349] netlink: 12 bytes leftover after parsing attributes in process `syz.4.149'. [ 94.851046][ T6349] netlink: 31 bytes leftover after parsing attributes in process `syz.4.149'. [ 94.876438][ T6349] netlink: 'syz.4.149': attribute type 3 has an invalid length. [ 94.887933][ T6353] netlink: 24 bytes leftover after parsing attributes in process `syz.3.150'. [ 94.911431][ T6349] netlink: 'syz.4.149': attribute type 2 has an invalid length. [ 94.940825][ T6272] syz.1.121 (6272) used greatest stack depth: 18640 bytes left [ 94.978023][ T6357] netlink: zone id is out of range [ 94.983377][ T6357] netlink: zone id is out of range [ 94.988530][ T6357] netlink: zone id is out of range [ 94.993848][ T6357] netlink: zone id is out of range [ 95.026807][ T6349] netlink: 31 bytes leftover after parsing attributes in process `syz.4.149'. [ 95.081978][ T6344] netlink: 8 bytes leftover after parsing attributes in process `syz.2.148'. [ 95.401170][ T6370] netlink: 8 bytes leftover after parsing attributes in process `syz.4.155'. [ 95.526301][ T6375] netlink: 'syz.3.158': attribute type 10 has an invalid length. [ 95.541635][ T6377] tc_dump_action: action bad kind [ 95.743374][ T6381] netlink: 'syz.1.161': attribute type 1 has an invalid length. [ 95.749921][ T6384] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 95.975501][ T6399] netlink: zone id is out of range [ 95.991092][ T6399] netlink: zone id is out of range [ 96.017338][ T6400] xt_l2tp: missing protocol rule (udp|l2tpip) [ 96.507045][ T6423] netlink: 'syz.2.174': attribute type 10 has an invalid length. [ 96.625259][ T6428] tc_dump_action: action bad kind [ 97.277120][ T6459] netlink: 'syz.0.186': attribute type 29 has an invalid length. [ 97.314288][ T6459] netlink: 'syz.0.186': attribute type 29 has an invalid length. [ 97.332433][ T6459] netlink: 'syz.0.186': attribute type 29 has an invalid length. [ 97.340942][ T6459] netlink: 'syz.0.186': attribute type 29 has an invalid length. [ 98.066383][ T6494] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 98.691150][ T6522] pimreg: entered allmulticast mode [ 98.736380][ T6522] pimreg: left allmulticast mode [ 99.075860][ T6546] __nla_validate_parse: 12 callbacks suppressed [ 99.075884][ T6546] netlink: 8 bytes leftover after parsing attributes in process `syz.3.219'. [ 99.121797][ T6546] netlink: 12 bytes leftover after parsing attributes in process `syz.3.219'. [ 99.495879][ T6556] validate_nla: 14 callbacks suppressed [ 99.495905][ T6556] netlink: 'syz.3.224': attribute type 10 has an invalid length. [ 99.636429][ T6566] net_ratelimit: 10 callbacks suppressed [ 99.636453][ T6566] netlink: zone id is out of range [ 99.647535][ T6566] netlink: zone id is out of range [ 99.652772][ T6566] netlink: zone id is out of range [ 99.658041][ T6566] netlink: zone id is out of range [ 99.741290][ T6571] netlink: 'syz.2.229': attribute type 29 has an invalid length. [ 99.787787][ T6571] netlink: 'syz.2.229': attribute type 29 has an invalid length. [ 99.804186][ T6577] FAULT_INJECTION: forcing a failure. [ 99.804186][ T6577] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 99.813726][ T6571] netlink: 'syz.2.229': attribute type 29 has an invalid length. [ 99.827868][ T6577] CPU: 0 UID: 0 PID: 6577 Comm: syz.1.234 Not tainted 6.13.0-rc3-syzkaller-00151-gcc54ec56d822 #0 [ 99.838711][ T6577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 99.841057][ T6571] netlink: 'syz.2.229': attribute type 29 has an invalid length. [ 99.848785][ T6577] Call Trace: [ 99.848801][ T6577] [ 99.848811][ T6577] dump_stack_lvl+0x241/0x360 [ 99.848852][ T6577] ? __pfx_dump_stack_lvl+0x10/0x10 [ 99.848884][ T6577] ? __pfx__printk+0x10/0x10 [ 99.848916][ T6577] ? __pfx_lock_release+0x10/0x10 [ 99.882475][ T6577] should_fail_ex+0x3b0/0x4e0 [ 99.887215][ T6577] _copy_from_user+0x2f/0xc0 [ 99.891864][ T6577] copy_msghdr_from_user+0xae/0x680 [ 99.897141][ T6577] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 99.903094][ T6577] ? __fget_files+0x2a/0x410 [ 99.903137][ T6578] netlink: 'syz.2.229': attribute type 29 has an invalid length. [ 99.907721][ T6577] ? __fget_files+0x2a/0x410 [ 99.907765][ T6577] __sys_recvmsg+0x200/0x390 [ 99.907800][ T6577] ? __pfx___sys_recvmsg+0x10/0x10 [ 99.929863][ T6577] ? __mutex_unlock_slowpath+0x21e/0x790 [ 99.935575][ T6577] ? __fget_files+0x2a/0x410 [ 99.940253][ T6577] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 99.946649][ T6577] ? do_syscall_64+0x100/0x230 [ 99.951481][ T6577] ? do_syscall_64+0xb6/0x230 [ 99.956228][ T6577] do_syscall_64+0xf3/0x230 [ 99.960796][ T6577] ? clear_bhb_loop+0x35/0x90 [ 99.965531][ T6577] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 99.971485][ T6577] RIP: 0033:0x7f904c385d29 [ 99.975952][ T6577] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 99.995610][ T6577] RSP: 002b:00007f904d24d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 100.004092][ T6577] RAX: ffffffffffffffda RBX: 00007f904c575fa0 RCX: 00007f904c385d29 [ 100.012115][ T6577] RDX: 0000000000000104 RSI: 0000000020001500 RDI: 0000000000000003 [ 100.020138][ T6577] RBP: 00007f904d24d090 R08: 0000000000000000 R09: 0000000000000000 [ 100.028159][ T6577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 100.036195][ T6577] R13: 0000000000000000 R14: 00007f904c575fa0 R15: 00007ffe2731b248 [ 100.044231][ T6577] [ 100.169422][ T6583] netlink: 'syz.0.236': attribute type 1 has an invalid length. [ 100.190916][ T6583] netlink: 'syz.0.236': attribute type 1 has an invalid length. [ 100.341243][ T6595] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 100.414858][ T6598] netlink: 'syz.2.241': attribute type 10 has an invalid length. [ 100.629050][ T6604] tipc: Started in network mode [ 100.634435][ T6604] tipc: Node identity ac14140f, cluster identity 4711 [ 100.644288][ T6604] tipc: New replicast peer: 255.255.255.255 [ 100.651125][ T6604] tipc: Enabled bearer , priority 10 [ 100.894661][ T6614] netlink: 'syz.4.248': attribute type 29 has an invalid length. [ 101.588576][ T6645] netlink: zone id is out of range [ 101.604449][ T6645] netlink: zone id is out of range [ 101.612300][ T6645] netlink: zone id is out of range [ 101.626932][ T6645] netlink: zone id is out of range [ 101.635106][ T6641] 8021q: adding VLAN 0 to HW filter on device bond2 [ 101.657655][ T6651] FAULT_INJECTION: forcing a failure. [ 101.657655][ T6651] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 101.701342][ T6651] CPU: 0 UID: 0 PID: 6651 Comm: syz.0.262 Not tainted 6.13.0-rc3-syzkaller-00151-gcc54ec56d822 #0 [ 101.712123][ T6651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 101.722255][ T6651] Call Trace: [ 101.725576][ T6651] [ 101.728551][ T6651] dump_stack_lvl+0x241/0x360 [ 101.733301][ T6651] ? __pfx_dump_stack_lvl+0x10/0x10 [ 101.738574][ T6651] ? __pfx__printk+0x10/0x10 [ 101.743217][ T6651] ? __pfx_lock_release+0x10/0x10 [ 101.748297][ T6651] should_fail_ex+0x3b0/0x4e0 [ 101.753033][ T6651] _copy_to_iter+0x1f8/0x1c50 [ 101.757805][ T6651] ? __virt_addr_valid+0x183/0x530 [ 101.762975][ T6651] ? __pfx_lock_release+0x10/0x10 [ 101.768069][ T6651] ? __pfx__copy_to_iter+0x10/0x10 [ 101.773227][ T6651] ? __virt_addr_valid+0x183/0x530 [ 101.778359][ T6651] ? __virt_addr_valid+0x183/0x530 [ 101.783504][ T6651] ? __virt_addr_valid+0x45f/0x530 [ 101.788636][ T6651] ? __check_object_size+0x47a/0x730 [ 101.793976][ T6651] __skb_datagram_iter+0x107/0x900 [ 101.799102][ T6651] ? up_write+0x1a9/0x590 [ 101.803460][ T6651] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 101.809116][ T6651] ? __pfx_validate_chain+0x10/0x10 [ 101.814337][ T6651] skb_copy_datagram_iter+0xd1/0x250 [ 101.819676][ T6651] tcp_recvmsg_locked+0xf8a/0x3c80 [ 101.824851][ T6651] ? __pfx_tcp_recvmsg_locked+0x10/0x10 [ 101.830416][ T6651] ? mark_lock+0x9a/0x360 [ 101.834804][ T6651] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 101.840802][ T6651] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 101.847147][ T6651] ? __local_bh_enable_ip+0x168/0x200 [ 101.852542][ T6651] ? lockdep_hardirqs_on+0x99/0x150 [ 101.857851][ T6651] ? __local_bh_enable_ip+0x168/0x200 [ 101.863244][ T6651] ? tcp_recvmsg+0x23c/0x920 [ 101.867859][ T6651] tcp_recvmsg+0x25d/0x920 [ 101.872297][ T6651] ? __pfx_tcp_recvmsg+0x10/0x10 [ 101.877261][ T6651] ? sock_rps_record_flow+0x1a/0x400 [ 101.882557][ T6651] ? inet_recvmsg+0xde/0x2d0 [ 101.887158][ T6651] ? __pfx_tcp_recvmsg+0x10/0x10 [ 101.892113][ T6651] inet_recvmsg+0x150/0x2d0 [ 101.896662][ T6651] ? __pfx_inet_recvmsg+0x10/0x10 [ 101.901706][ T6651] ? aa_sock_msg_perm+0x91/0x160 [ 101.906659][ T6651] ? bpf_lsm_socket_recvmsg+0x9/0x10 [ 101.911975][ T6651] sock_recvmsg+0x1ae/0x280 [ 101.916507][ T6651] ____sys_recvmsg+0x1c6/0x480 [ 101.921295][ T6651] ? __pfx_____sys_recvmsg+0x10/0x10 [ 101.926628][ T6651] __sys_recvmsg+0x291/0x390 [ 101.931241][ T6651] ? __pfx___sys_recvmsg+0x10/0x10 [ 101.936398][ T6651] ? __mutex_unlock_slowpath+0x21e/0x790 [ 101.942065][ T6651] ? __fget_files+0x2a/0x410 [ 101.946691][ T6651] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 101.953045][ T6651] ? do_syscall_64+0x100/0x230 [ 101.957830][ T6651] ? do_syscall_64+0xb6/0x230 [ 101.962535][ T6651] do_syscall_64+0xf3/0x230 [ 101.967087][ T6651] ? clear_bhb_loop+0x35/0x90 [ 101.971778][ T6651] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 101.977699][ T6651] RIP: 0033:0x7fb222185d29 [ 101.982140][ T6651] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 102.001856][ T6651] RSP: 002b:00007fb222f77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 102.010391][ T6651] RAX: ffffffffffffffda RBX: 00007fb222376080 RCX: 00007fb222185d29 [ 102.018377][ T6651] RDX: 0000000000000104 RSI: 0000000020001500 RDI: 0000000000000003 [ 102.026357][ T6651] RBP: 00007fb222f77090 R08: 0000000000000000 R09: 0000000000000000 [ 102.034353][ T6651] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 102.042480][ T6651] R13: 0000000000000001 R14: 00007fb222376080 R15: 00007ffebe3550e8 [ 102.050579][ T6651] [ 102.054538][ T5905] tipc: Node number set to 2886997007 [ 102.251822][ T6641] netlink: 72 bytes leftover after parsing attributes in process `syz.2.260'. [ 102.337370][ T6648] bond2: (slave veth3): Enslaving as an active interface with a down link [ 102.838367][ T6684] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 102.884296][ T6679] xt_CT: No such helper "syz1" [ 102.904854][ T6684] 8021q: adding VLAN 0 to HW filter on device bond3 [ 103.125390][ T6698] netlink: 12 bytes leftover after parsing attributes in process `syz.1.279'. [ 103.146394][ T6698] netlink: 12 bytes leftover after parsing attributes in process `syz.1.279'. [ 103.478018][ T6717] FAULT_INJECTION: forcing a failure. [ 103.478018][ T6717] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 103.504858][ T6717] CPU: 1 UID: 0 PID: 6717 Comm: syz.0.284 Not tainted 6.13.0-rc3-syzkaller-00151-gcc54ec56d822 #0 [ 103.515616][ T6717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 103.526149][ T6717] Call Trace: [ 103.529481][ T6717] [ 103.532449][ T6717] dump_stack_lvl+0x241/0x360 [ 103.537176][ T6717] ? __pfx_dump_stack_lvl+0x10/0x10 [ 103.542418][ T6717] ? __pfx__printk+0x10/0x10 [ 103.547051][ T6717] ? __pfx_lock_release+0x10/0x10 [ 103.552101][ T6717] should_fail_ex+0x3b0/0x4e0 [ 103.556808][ T6717] _copy_to_iter+0x1f8/0x1c50 [ 103.561503][ T6717] ? __virt_addr_valid+0x183/0x530 [ 103.566631][ T6717] ? __pfx_lock_release+0x10/0x10 [ 103.571677][ T6717] ? __pfx__copy_to_iter+0x10/0x10 [ 103.576816][ T6717] ? __virt_addr_valid+0x183/0x530 [ 103.581940][ T6717] ? __virt_addr_valid+0x183/0x530 [ 103.587062][ T6717] ? __virt_addr_valid+0x45f/0x530 [ 103.592190][ T6717] ? __check_object_size+0x47a/0x730 [ 103.597493][ T6717] __skb_datagram_iter+0x3c6/0x900 [ 103.602623][ T6717] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 103.608299][ T6717] skb_copy_datagram_iter+0xd1/0x250 [ 103.613609][ T6717] tcp_recvmsg_locked+0xf8a/0x3c80 [ 103.618741][ T6717] ? mark_lock+0x9a/0x360 [ 103.623116][ T6717] ? do_raw_spin_lock+0x14f/0x370 [ 103.628149][ T6717] ? __pfx___local_bh_disable_ip+0x10/0x10 [ 103.633976][ T6717] ? __pfx_tcp_recvmsg_locked+0x10/0x10 [ 103.639544][ T6717] ? mark_lock+0x9a/0x360 [ 103.643892][ T6717] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 103.649909][ T6717] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 103.656343][ T6717] ? __local_bh_enable_ip+0x168/0x200 [ 103.661744][ T6717] ? lockdep_hardirqs_on+0x99/0x150 [ 103.666959][ T6717] ? __local_bh_enable_ip+0x168/0x200 [ 103.672352][ T6717] ? tcp_recvmsg+0x23c/0x920 [ 103.676969][ T6717] tcp_recvmsg+0x25d/0x920 [ 103.681403][ T6717] ? lockdep_hardirqs_on+0x99/0x150 [ 103.686637][ T6717] ? __pfx_tcp_recvmsg+0x10/0x10 [ 103.691597][ T6717] ? sock_rps_record_flow+0x1a/0x400 [ 103.696910][ T6717] ? inet_recvmsg+0xde/0x2d0 [ 103.701512][ T6717] ? __pfx_tcp_recvmsg+0x10/0x10 [ 103.706552][ T6717] inet_recvmsg+0x150/0x2d0 [ 103.711066][ T6717] ? __pfx_inet_recvmsg+0x10/0x10 [ 103.716107][ T6717] ? aa_sock_msg_perm+0x91/0x160 [ 103.721056][ T6717] ? bpf_lsm_socket_recvmsg+0x9/0x10 [ 103.726362][ T6717] sock_recvmsg+0x1ae/0x280 [ 103.730899][ T6717] ____sys_recvmsg+0x1c6/0x480 [ 103.735684][ T6717] ? __pfx_____sys_recvmsg+0x10/0x10 [ 103.740998][ T6717] __sys_recvmsg+0x291/0x390 [ 103.745693][ T6717] ? __pfx___sys_recvmsg+0x10/0x10 [ 103.750814][ T6717] ? __mutex_unlock_slowpath+0x21e/0x790 [ 103.756474][ T6717] ? __fget_files+0x2a/0x410 [ 103.761106][ T6717] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 103.767535][ T6717] ? do_syscall_64+0x100/0x230 [ 103.772322][ T6717] ? do_syscall_64+0xb6/0x230 [ 103.777107][ T6717] do_syscall_64+0xf3/0x230 [ 103.781632][ T6717] ? clear_bhb_loop+0x35/0x90 [ 103.786321][ T6717] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 103.792233][ T6717] RIP: 0033:0x7fb222185d29 [ 103.796668][ T6717] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 103.816289][ T6717] RSP: 002b:00007fb222f77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 103.824721][ T6717] RAX: ffffffffffffffda RBX: 00007fb222376080 RCX: 00007fb222185d29 [ 103.832707][ T6717] RDX: 0000000000000104 RSI: 0000000020001500 RDI: 0000000000000003 [ 103.840776][ T6717] RBP: 00007fb222f77090 R08: 0000000000000000 R09: 0000000000000000 [ 103.848756][ T6717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 103.856734][ T6717] R13: 0000000000000001 R14: 00007fb222376080 R15: 00007ffebe3550e8 [ 103.864726][ T6717] [ 104.030450][ T6725] Bluetooth: MGMT ver 1.23 [ 104.327586][ T6736] netlink: 12 bytes leftover after parsing attributes in process `syz.2.293'. [ 104.818152][ T6756] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 104.882397][ T6759] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 105.092215][ T6776] FAULT_INJECTION: forcing a failure. [ 105.092215][ T6776] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 105.105748][ T6776] CPU: 1 UID: 0 PID: 6776 Comm: syz.0.306 Not tainted 6.13.0-rc3-syzkaller-00151-gcc54ec56d822 #0 [ 105.116415][ T6776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 105.126538][ T6776] Call Trace: [ 105.129859][ T6776] [ 105.132828][ T6776] dump_stack_lvl+0x241/0x360 [ 105.137565][ T6776] ? __pfx_dump_stack_lvl+0x10/0x10 [ 105.142819][ T6776] ? __pfx__printk+0x10/0x10 [ 105.147453][ T6776] ? __pfx_lock_release+0x10/0x10 [ 105.152525][ T6776] should_fail_ex+0x3b0/0x4e0 [ 105.157258][ T6776] _copy_to_iter+0x1f8/0x1c50 [ 105.161981][ T6776] ? __virt_addr_valid+0x183/0x530 [ 105.167131][ T6776] ? __pfx_lock_release+0x10/0x10 [ 105.172212][ T6776] ? __pfx__copy_to_iter+0x10/0x10 [ 105.177350][ T6776] ? __virt_addr_valid+0x183/0x530 [ 105.182478][ T6776] ? __virt_addr_valid+0x183/0x530 [ 105.187605][ T6776] ? __virt_addr_valid+0x45f/0x530 [ 105.192731][ T6776] ? __check_object_size+0x47a/0x730 [ 105.198033][ T6776] __skb_datagram_iter+0x3c6/0x900 [ 105.203165][ T6776] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 105.208820][ T6776] skb_copy_datagram_iter+0xd1/0x250 [ 105.214123][ T6776] tcp_recvmsg_locked+0xf8a/0x3c80 [ 105.219290][ T6776] ? __pfx_tcp_recvmsg_locked+0x10/0x10 [ 105.224850][ T6776] ? mark_lock+0x9a/0x360 [ 105.229194][ T6776] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 105.235189][ T6776] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 105.241561][ T6776] ? __local_bh_enable_ip+0x168/0x200 [ 105.246983][ T6776] ? lockdep_hardirqs_on+0x99/0x150 [ 105.252216][ T6776] ? __local_bh_enable_ip+0x168/0x200 [ 105.257610][ T6776] ? tcp_recvmsg+0x23c/0x920 [ 105.262229][ T6776] tcp_recvmsg+0x25d/0x920 [ 105.266668][ T6776] ? __pfx_tcp_recvmsg+0x10/0x10 [ 105.271631][ T6776] ? sock_rps_record_flow+0x1a/0x400 [ 105.276925][ T6776] ? inet_recvmsg+0xde/0x2d0 [ 105.281536][ T6776] ? __pfx_tcp_recvmsg+0x10/0x10 [ 105.286501][ T6776] inet_recvmsg+0x150/0x2d0 [ 105.291018][ T6776] ? __pfx_inet_recvmsg+0x10/0x10 [ 105.296056][ T6776] ? aa_sock_msg_perm+0x91/0x160 [ 105.301029][ T6776] ? bpf_lsm_socket_recvmsg+0x9/0x10 [ 105.306338][ T6776] sock_recvmsg+0x1ae/0x280 [ 105.310960][ T6776] ____sys_recvmsg+0x1c6/0x480 [ 105.315749][ T6776] ? __pfx_____sys_recvmsg+0x10/0x10 [ 105.321071][ T6776] __sys_recvmsg+0x291/0x390 [ 105.325678][ T6776] ? __pfx___sys_recvmsg+0x10/0x10 [ 105.330800][ T6776] ? __mutex_unlock_slowpath+0x21e/0x790 [ 105.336469][ T6776] ? __fget_files+0x2a/0x410 [ 105.341090][ T6776] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 105.347524][ T6776] ? do_syscall_64+0x100/0x230 [ 105.352315][ T6776] ? do_syscall_64+0xb6/0x230 [ 105.357011][ T6776] do_syscall_64+0xf3/0x230 [ 105.361542][ T6776] ? clear_bhb_loop+0x35/0x90 [ 105.366261][ T6776] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 105.372177][ T6776] RIP: 0033:0x7fb222185d29 [ 105.376621][ T6776] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 105.396327][ T6776] RSP: 002b:00007fb222f77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 105.404757][ T6776] RAX: ffffffffffffffda RBX: 00007fb222376080 RCX: 00007fb222185d29 [ 105.412741][ T6776] RDX: 0000000000000104 RSI: 0000000020001500 RDI: 0000000000000003 [ 105.420720][ T6776] RBP: 00007fb222f77090 R08: 0000000000000000 R09: 0000000000000000 [ 105.428704][ T6776] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 105.436688][ T6776] R13: 0000000000000001 R14: 00007fb222376080 R15: 00007ffebe3550e8 [ 105.444686][ T6776] [ 105.751625][ T6788] veth1_macvtap: left promiscuous mode [ 105.775439][ T6790] netlink: 44 bytes leftover after parsing attributes in process `syz.4.313'. [ 105.791084][ T6792] netlink: 32 bytes leftover after parsing attributes in process `syz.1.314'. [ 106.734324][ T6844] netlink: 24 bytes leftover after parsing attributes in process `syz.2.329'. [ 106.922464][ T6854] FAULT_INJECTION: forcing a failure. [ 106.922464][ T6854] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 106.954063][ T6854] CPU: 1 UID: 0 PID: 6854 Comm: syz.3.331 Not tainted 6.13.0-rc3-syzkaller-00151-gcc54ec56d822 #0 [ 106.964834][ T6854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 106.974926][ T6854] Call Trace: [ 106.978217][ T6854] [ 106.981157][ T6854] dump_stack_lvl+0x241/0x360 [ 106.985860][ T6854] ? __pfx_dump_stack_lvl+0x10/0x10 [ 106.991082][ T6854] ? __pfx__printk+0x10/0x10 [ 106.995687][ T6854] ? __pfx_lock_release+0x10/0x10 [ 107.000729][ T6854] should_fail_ex+0x3b0/0x4e0 [ 107.005435][ T6854] _copy_to_iter+0x1f8/0x1c50 [ 107.010128][ T6854] ? __virt_addr_valid+0x183/0x530 [ 107.015255][ T6854] ? __pfx_lock_release+0x10/0x10 [ 107.020300][ T6854] ? __pfx__copy_to_iter+0x10/0x10 [ 107.025430][ T6854] ? __virt_addr_valid+0x183/0x530 [ 107.030755][ T6854] ? __virt_addr_valid+0x183/0x530 [ 107.035908][ T6854] ? __virt_addr_valid+0x45f/0x530 [ 107.041056][ T6854] ? __check_object_size+0x47a/0x730 [ 107.046374][ T6854] __skb_datagram_iter+0x3c6/0x900 [ 107.051516][ T6854] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 107.057174][ T6854] skb_copy_datagram_iter+0xd1/0x250 [ 107.062485][ T6854] tcp_recvmsg_locked+0xf8a/0x3c80 [ 107.067647][ T6854] ? __pfx_tcp_recvmsg_locked+0x10/0x10 [ 107.073215][ T6854] ? mark_lock+0x9a/0x360 [ 107.077565][ T6854] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 107.083655][ T6854] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 107.090016][ T6854] ? __local_bh_enable_ip+0x168/0x200 [ 107.095412][ T6854] ? lockdep_hardirqs_on+0x99/0x150 [ 107.100631][ T6854] ? __local_bh_enable_ip+0x168/0x200 [ 107.106025][ T6854] ? tcp_recvmsg+0x23c/0x920 [ 107.110642][ T6854] tcp_recvmsg+0x25d/0x920 [ 107.115086][ T6854] ? __pfx_tcp_recvmsg+0x10/0x10 [ 107.120050][ T6854] ? sock_rps_record_flow+0x1a/0x400 [ 107.125350][ T6854] ? inet_recvmsg+0xde/0x2d0 [ 107.129959][ T6854] ? __pfx_tcp_recvmsg+0x10/0x10 [ 107.134941][ T6854] inet_recvmsg+0x150/0x2d0 [ 107.139470][ T6854] ? __pfx_inet_recvmsg+0x10/0x10 [ 107.144779][ T6854] ? aa_sock_msg_perm+0x91/0x160 [ 107.149730][ T6854] ? bpf_lsm_socket_recvmsg+0x9/0x10 [ 107.155041][ T6854] sock_recvmsg+0x1ae/0x280 [ 107.159571][ T6854] ____sys_recvmsg+0x1c6/0x480 [ 107.164359][ T6854] ? __pfx_____sys_recvmsg+0x10/0x10 [ 107.169675][ T6854] __sys_recvmsg+0x291/0x390 [ 107.174288][ T6854] ? __pfx___sys_recvmsg+0x10/0x10 [ 107.179414][ T6854] ? __mutex_unlock_slowpath+0x21e/0x790 [ 107.185078][ T6854] ? __fget_files+0x2a/0x410 [ 107.189699][ T6854] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 107.196046][ T6854] ? do_syscall_64+0x100/0x230 [ 107.200833][ T6854] ? do_syscall_64+0xb6/0x230 [ 107.205707][ T6854] do_syscall_64+0xf3/0x230 [ 107.210232][ T6854] ? clear_bhb_loop+0x35/0x90 [ 107.214920][ T6854] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 107.220837][ T6854] RIP: 0033:0x7fbedd985d29 [ 107.225294][ T6854] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 107.244929][ T6854] RSP: 002b:00007fbede7f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 107.253467][ T6854] RAX: ffffffffffffffda RBX: 00007fbeddb76080 RCX: 00007fbedd985d29 [ 107.261451][ T6854] RDX: 0000000000000104 RSI: 0000000020001500 RDI: 0000000000000003 [ 107.269434][ T6854] RBP: 00007fbede7f6090 R08: 0000000000000000 R09: 0000000000000000 [ 107.277418][ T6854] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 107.285400][ T6854] R13: 0000000000000001 R14: 00007fbeddb76080 R15: 00007ffd6fa013b8 [ 107.293399][ T6854] [ 107.477599][ T6858] netlink: zone id is out of range [ 107.508496][ T6862] validate_nla: 15 callbacks suppressed [ 107.508517][ T6862] netlink: 'syz.0.338': attribute type 1 has an invalid length. [ 107.527306][ T6858] netlink: zone id is out of range [ 107.541523][ T6858] netlink: zone id is out of range [ 107.546865][ T6858] netlink: zone id is out of range [ 107.862037][ T6874] netlink: 'syz.2.343': attribute type 10 has an invalid length. [ 107.939984][ T6877] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 107.987997][ T6868] netlink: 'syz.0.340': attribute type 10 has an invalid length. [ 108.048620][ C0] dccp_check_seqno: Step 6 failed for CLOSE packet, (LSWL(239488072030667) <= P.seqno(239488072030666) <= S.SWH(239488072030741)) and (P.ackno exists or LAWL(116607173091158) <= P.ackno(116607173091158) <= S.AWH(116607173091158), sending SYNC... [ 108.154137][ T6891] netlink: 4 bytes leftover after parsing attributes in process `syz.0.348'. [ 108.697252][ T6896] bridge0: port 1(bridge_slave_0) entered disabled state [ 108.720598][ T6896] sctp: [Deprecated]: syz.4.352 (pid 6896) Use of int in maxseg socket option. [ 108.720598][ T6896] Use struct sctp_assoc_value instead [ 108.744998][ T6896] x_tables: duplicate underflow at hook 1 [ 108.758799][ T6900] netlink: 8 bytes leftover after parsing attributes in process `syz.0.350'. [ 108.816194][ T6900] wg2: entered promiscuous mode [ 108.845210][ T6900] wg2: entered allmulticast mode [ 108.942813][ T6906] netlink: zone id is out of range [ 108.948017][ T6906] netlink: zone id is out of range [ 108.981652][ T6906] netlink: zone id is out of range [ 108.986906][ T6906] netlink: zone id is out of range [ 109.119404][ T6913] FAULT_INJECTION: forcing a failure. [ 109.119404][ T6913] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 109.147324][ T6913] CPU: 1 UID: 0 PID: 6913 Comm: syz.4.358 Not tainted 6.13.0-rc3-syzkaller-00151-gcc54ec56d822 #0 [ 109.158078][ T6913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 109.168248][ T6913] Call Trace: [ 109.171543][ T6913] [ 109.174481][ T6913] dump_stack_lvl+0x241/0x360 [ 109.179184][ T6913] ? __pfx_dump_stack_lvl+0x10/0x10 [ 109.184402][ T6913] ? __pfx__printk+0x10/0x10 [ 109.189011][ T6913] ? __pfx_lock_release+0x10/0x10 [ 109.194056][ T6913] should_fail_ex+0x3b0/0x4e0 [ 109.198757][ T6913] _copy_to_iter+0x1f8/0x1c50 [ 109.203454][ T6913] ? __virt_addr_valid+0x183/0x530 [ 109.208612][ T6913] ? __pfx_lock_release+0x10/0x10 [ 109.213678][ T6913] ? __pfx__copy_to_iter+0x10/0x10 [ 109.218992][ T6913] ? __virt_addr_valid+0x183/0x530 [ 109.224122][ T6913] ? __virt_addr_valid+0x183/0x530 [ 109.229251][ T6913] ? __virt_addr_valid+0x45f/0x530 [ 109.234411][ T6913] ? __check_object_size+0x47a/0x730 [ 109.239717][ T6913] __skb_datagram_iter+0x3c6/0x900 [ 109.244852][ T6913] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 109.250529][ T6913] skb_copy_datagram_iter+0xd1/0x250 [ 109.255877][ T6913] tcp_recvmsg_locked+0xf8a/0x3c80 [ 109.261057][ T6913] ? __pfx_tcp_recvmsg_locked+0x10/0x10 [ 109.266632][ T6913] ? mark_lock+0x9a/0x360 [ 109.270986][ T6913] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 109.276987][ T6913] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 109.283373][ T6913] ? __local_bh_enable_ip+0x168/0x200 [ 109.288764][ T6913] ? lockdep_hardirqs_on+0x99/0x150 [ 109.293986][ T6913] ? __local_bh_enable_ip+0x168/0x200 [ 109.299378][ T6913] ? tcp_recvmsg+0x23c/0x920 [ 109.303996][ T6913] tcp_recvmsg+0x25d/0x920 [ 109.308522][ T6913] ? __pfx_tcp_recvmsg+0x10/0x10 [ 109.313480][ T6913] ? sock_rps_record_flow+0x1a/0x400 [ 109.318774][ T6913] ? inet_recvmsg+0xde/0x2d0 [ 109.323374][ T6913] ? __pfx_tcp_recvmsg+0x10/0x10 [ 109.328324][ T6913] inet_recvmsg+0x150/0x2d0 [ 109.332842][ T6913] ? __pfx_inet_recvmsg+0x10/0x10 [ 109.337884][ T6913] ? aa_sock_msg_perm+0x91/0x160 [ 109.342842][ T6913] ? bpf_lsm_socket_recvmsg+0x9/0x10 [ 109.348243][ T6913] sock_recvmsg+0x1ae/0x280 [ 109.352771][ T6913] ____sys_recvmsg+0x1c6/0x480 [ 109.357577][ T6913] ? __pfx_____sys_recvmsg+0x10/0x10 [ 109.362897][ T6913] __sys_recvmsg+0x291/0x390 [ 109.367509][ T6913] ? __pfx___sys_recvmsg+0x10/0x10 [ 109.372636][ T6913] ? __mutex_unlock_slowpath+0x21e/0x790 [ 109.378387][ T6913] ? __fget_files+0x2a/0x410 [ 109.383080][ T6913] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 109.389634][ T6913] ? do_syscall_64+0x100/0x230 [ 109.394445][ T6913] ? do_syscall_64+0xb6/0x230 [ 109.399146][ T6913] do_syscall_64+0xf3/0x230 [ 109.403678][ T6913] ? clear_bhb_loop+0x35/0x90 [ 109.408375][ T6913] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 109.414299][ T6913] RIP: 0033:0x7f68db385d29 [ 109.418727][ T6913] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 109.438345][ T6913] RSP: 002b:00007f68dc1ca038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 109.446884][ T6913] RAX: ffffffffffffffda RBX: 00007f68db576080 RCX: 00007f68db385d29 [ 109.454872][ T6913] RDX: 0000000000000104 RSI: 0000000020001500 RDI: 0000000000000003 [ 109.462859][ T6913] RBP: 00007f68dc1ca090 R08: 0000000000000000 R09: 0000000000000000 [ 109.470851][ T6913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 109.478883][ T6913] R13: 0000000000000001 R14: 00007f68db576080 R15: 00007ffe3977c648 [ 109.486911][ T6913] [ 109.563873][ T6915] netlink: 'syz.3.359': attribute type 10 has an invalid length. [ 110.058983][ T6934] bridge0: port 1(bridge_slave_0) entered disabled state [ 110.117980][ T6934] bridge0: port 2(bridge_slave_1) entered disabled state [ 110.399994][ T6953] netlink: 100 bytes leftover after parsing attributes in process `syz.3.373'. [ 110.422567][ T6956] netlink: 'syz.4.374': attribute type 10 has an invalid length. [ 110.502218][ T6958] netlink: 'syz.0.375': attribute type 10 has an invalid length. [ 110.555621][ T6960] netlink: 8 bytes leftover after parsing attributes in process `syz.2.376'. [ 110.862198][ T6976] trusted_key: syz.4.382 sent an empty control message without MSG_MORE. [ 110.900204][ T6981] FAULT_INJECTION: forcing a failure. [ 110.900204][ T6981] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 110.937889][ T6981] CPU: 0 UID: 0 PID: 6981 Comm: syz.0.381 Not tainted 6.13.0-rc3-syzkaller-00151-gcc54ec56d822 #0 [ 110.948622][ T6981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 110.958729][ T6981] Call Trace: [ 110.962048][ T6981] [ 110.965019][ T6981] dump_stack_lvl+0x241/0x360 [ 110.969763][ T6981] ? __pfx_dump_stack_lvl+0x10/0x10 [ 110.975015][ T6981] ? __pfx__printk+0x10/0x10 [ 110.979661][ T6981] ? __pfx_lock_release+0x10/0x10 [ 110.984758][ T6981] should_fail_ex+0x3b0/0x4e0 [ 110.989524][ T6981] _copy_to_iter+0x1f8/0x1c50 [ 110.994272][ T6981] ? __virt_addr_valid+0x183/0x530 [ 110.999446][ T6981] ? __pfx_lock_release+0x10/0x10 [ 111.004550][ T6981] ? __pfx__copy_to_iter+0x10/0x10 [ 111.009736][ T6981] ? __virt_addr_valid+0x183/0x530 [ 111.014900][ T6981] ? __virt_addr_valid+0x183/0x530 [ 111.020054][ T6981] ? __virt_addr_valid+0x45f/0x530 [ 111.025472][ T6981] ? __check_object_size+0x47a/0x730 [ 111.030826][ T6981] __skb_datagram_iter+0x3c6/0x900 [ 111.036037][ T6981] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 111.041735][ T6981] skb_copy_datagram_iter+0xd1/0x250 [ 111.047081][ T6981] tcp_recvmsg_locked+0xf8a/0x3c80 [ 111.052302][ T6981] ? __pfx_tcp_recvmsg_locked+0x10/0x10 [ 111.057912][ T6981] ? mark_lock+0x9a/0x360 [ 111.062295][ T6981] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 111.068319][ T6981] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 111.074704][ T6981] ? __local_bh_enable_ip+0x168/0x200 [ 111.080154][ T6981] ? lockdep_hardirqs_on+0x99/0x150 [ 111.085425][ T6981] ? __local_bh_enable_ip+0x168/0x200 [ 111.090861][ T6981] ? tcp_recvmsg+0x23c/0x920 [ 111.095523][ T6981] tcp_recvmsg+0x25d/0x920 [ 111.099997][ T6981] ? __pfx_tcp_recvmsg+0x10/0x10 [ 111.104996][ T6981] ? sock_rps_record_flow+0x1a/0x400 [ 111.110336][ T6981] ? inet_recvmsg+0xde/0x2d0 [ 111.114976][ T6981] ? __pfx_tcp_recvmsg+0x10/0x10 [ 111.119960][ T6981] inet_recvmsg+0x150/0x2d0 [ 111.124516][ T6981] ? __pfx_inet_recvmsg+0x10/0x10 [ 111.129587][ T6981] ? aa_sock_msg_perm+0x91/0x160 [ 111.134568][ T6981] ? bpf_lsm_socket_recvmsg+0x9/0x10 [ 111.139905][ T6981] sock_recvmsg+0x1ae/0x280 [ 111.144470][ T6981] ____sys_recvmsg+0x1c6/0x480 [ 111.149302][ T6981] ? __pfx_____sys_recvmsg+0x10/0x10 [ 111.154665][ T6981] __sys_recvmsg+0x291/0x390 [ 111.159310][ T6981] ? __pfx___sys_recvmsg+0x10/0x10 [ 111.164462][ T6981] ? __mutex_unlock_slowpath+0x21e/0x790 [ 111.170594][ T6981] ? __fget_files+0x2a/0x410 [ 111.175337][ T6981] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 111.181733][ T6981] ? do_syscall_64+0x100/0x230 [ 111.186568][ T6981] ? do_syscall_64+0xb6/0x230 [ 111.191301][ T6981] do_syscall_64+0xf3/0x230 [ 111.195839][ T6981] ? clear_bhb_loop+0x35/0x90 [ 111.200535][ T6981] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 111.206461][ T6981] RIP: 0033:0x7fb222185d29 [ 111.210902][ T6981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 111.230538][ T6981] RSP: 002b:00007fb222f77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 111.238973][ T6981] RAX: ffffffffffffffda RBX: 00007fb222376080 RCX: 00007fb222185d29 [ 111.246962][ T6981] RDX: 0000000000000104 RSI: 0000000020001500 RDI: 0000000000000003 [ 111.254945][ T6981] RBP: 00007fb222f77090 R08: 0000000000000000 R09: 0000000000000000 [ 111.262927][ T6981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 111.270905][ T6981] R13: 0000000000000001 R14: 00007fb222376080 R15: 00007ffebe3550e8 [ 111.278899][ T6981] [ 111.402000][ T6998] netlink: 'syz.3.389': attribute type 10 has an invalid length. [ 111.648362][ T7009] FAULT_INJECTION: forcing a failure. [ 111.648362][ T7009] name failslab, interval 1, probability 0, space 0, times 0 [ 111.686170][ T7009] CPU: 0 UID: 0 PID: 7009 Comm: syz.1.392 Not tainted 6.13.0-rc3-syzkaller-00151-gcc54ec56d822 #0 [ 111.696858][ T7009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 111.706959][ T7009] Call Trace: [ 111.710276][ T7009] [ 111.713244][ T7009] dump_stack_lvl+0x241/0x360 [ 111.717973][ T7009] ? __pfx_dump_stack_lvl+0x10/0x10 [ 111.723203][ T7009] ? __pfx__printk+0x10/0x10 [ 111.727822][ T7009] should_fail_ex+0x3b0/0x4e0 [ 111.732529][ T7009] should_failslab+0xac/0x100 [ 111.737224][ T7009] ? dccp_ackvec_update_records+0x2d/0x450 [ 111.743044][ T7009] kmem_cache_alloc_noprof+0x70/0x380 [ 111.748440][ T7009] dccp_ackvec_update_records+0x2d/0x450 [ 111.754109][ T7009] dccp_insert_options+0x10eb/0x18f0 [ 111.759435][ T7009] dccp_transmit_skb+0x5b9/0x16f0 [ 111.764509][ T7009] dccp_xmit_packet+0x376/0x610 [ 111.769398][ T7009] dccp_write_xmit+0x138/0x220 [ 111.774187][ T7009] dccp_sendmsg+0x76f/0xb90 [ 111.778716][ T7009] ? __pfx_dccp_sendmsg+0x10/0x10 [ 111.783760][ T7009] ? sock_rps_record_flow+0x1a/0x400 [ 111.789061][ T7009] ? inet_sendmsg+0x330/0x390 [ 111.793754][ T7009] __sock_sendmsg+0x1a6/0x270 [ 111.798458][ T7009] ____sys_sendmsg+0x52a/0x7e0 [ 111.803245][ T7009] ? __pfx_____sys_sendmsg+0x10/0x10 [ 111.808576][ T7009] ? __fget_files+0x2a/0x410 [ 111.813186][ T7009] ? __fget_files+0x2a/0x410 [ 111.817799][ T7009] __sys_sendmmsg+0x36a/0x720 [ 111.822499][ T7009] ? __pfx___sys_sendmmsg+0x10/0x10 [ 111.827722][ T7009] ? __pfx_lock_release+0x10/0x10 [ 111.832756][ T7009] ? kstrtouint_from_user+0x128/0x190 [ 111.838204][ T7009] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 111.844161][ T7009] ? ksys_write+0x22a/0x2b0 [ 111.848678][ T7009] ? __pfx_lock_release+0x10/0x10 [ 111.853727][ T7009] ? vfs_write+0x730/0xd30 [ 111.858179][ T7009] ? __mutex_unlock_slowpath+0x21e/0x790 [ 111.863852][ T7009] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 111.869851][ T7009] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 111.876194][ T7009] ? do_syscall_64+0x100/0x230 [ 111.880980][ T7009] __x64_sys_sendmmsg+0xa0/0xb0 [ 111.885849][ T7009] do_syscall_64+0xf3/0x230 [ 111.890371][ T7009] ? clear_bhb_loop+0x35/0x90 [ 111.895063][ T7009] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 111.900972][ T7009] RIP: 0033:0x7f904c385d29 [ 111.905399][ T7009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 111.925021][ T7009] RSP: 002b:00007f904d24d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 111.933534][ T7009] RAX: ffffffffffffffda RBX: 00007f904c575fa0 RCX: 00007f904c385d29 [ 111.941603][ T7009] RDX: 0000000000000003 RSI: 0000000020006040 RDI: 0000000000000006 [ 111.949584][ T7009] RBP: 00007f904d24d090 R08: 0000000000000000 R09: 0000000000000000 [ 111.957569][ T7009] R10: 0000000000004084 R11: 0000000000000246 R12: 0000000000000001 [ 111.965577][ T7009] R13: 0000000000000000 R14: 00007f904c575fa0 R15: 00007ffe2731b248 [ 111.973664][ T7009] [ 112.022057][ T7015] netlink: 256 bytes leftover after parsing attributes in process `syz.0.395'. [ 112.031332][ T7015] netlink: 256 bytes leftover after parsing attributes in process `syz.0.395'. [ 112.040468][ T7015] netlink: 256 bytes leftover after parsing attributes in process `syz.0.395'. [ 112.042708][ T7009] netlink: 'syz.1.392': attribute type 10 has an invalid length. [ 112.049687][ T7015] netlink: 256 bytes leftover after parsing attributes in process `syz.0.395'. [ 112.066421][ T7015] netlink: 256 bytes leftover after parsing attributes in process `syz.0.395'. [ 112.075596][ T7015] netlink: 256 bytes leftover after parsing attributes in process `syz.0.395'. [ 112.085102][ T7015] netlink: 256 bytes leftover after parsing attributes in process `syz.0.395'. [ 112.094625][ T7015] netlink: 256 bytes leftover after parsing attributes in process `syz.0.395'. [ 112.166624][ C1] dccp_check_seqno: Step 6 failed for CLOSE packet, (LSWL(191188247799985) <= P.seqno(191188247799984) <= S.SWH(191188247800021)) and (P.ackno exists or LAWL(192632302928710) <= P.ackno(192632302928710) <= S.AWH(192632302928710), sending SYNC... [ 112.325294][ T7022] netlink: zone id is out of range [ 112.347661][ T7022] netlink: zone id is out of range [ 112.388625][ T7022] netlink: zone id is out of range [ 112.401974][ T7022] netlink: zone id is out of range [ 112.544361][ T7031] netlink: 'syz.0.401': attribute type 10 has an invalid length. [ 112.957375][ T7052] netlink: 'syz.2.407': attribute type 10 has an invalid length. [ 112.981224][ T7056] netlink: 'syz.3.409': attribute type 4 has an invalid length. [ 112.989468][ T7056] netlink: 'syz.3.409': attribute type 11 has an invalid length. [ 113.256741][ T7069] netlink: zone id is out of range [ 113.262901][ T7069] netlink: zone id is out of range [ 113.268063][ T7069] netlink: zone id is out of range [ 113.275141][ T7069] netlink: zone id is out of range [ 113.515981][ T7081] wg2: left promiscuous mode [ 113.520791][ T7081] wg2: left allmulticast mode [ 113.528966][ T7081] team0: Device wg2 is of different type [ 114.440951][ T5912] IPVS: starting estimator thread 0... [ 114.552050][ T7106] IPVS: using max 18 ests per chain, 43200 per kthread [ 114.580333][ T7112] netlink: zone id is out of range [ 115.467640][ T7152] sctp: [Deprecated]: syz.0.441 (pid 7152) Use of struct sctp_assoc_value in delayed_ack socket option. [ 115.467640][ T7152] Use struct sctp_sack_info instead [ 116.050574][ T7176] IPVS: length: 157 != 24 [ 116.650358][ T7195] Cannot find add_set index 0 as target [ 116.971649][ T7204] netlink: 'syz.3.461': attribute type 9 has an invalid length. [ 116.979371][ T7204] __nla_validate_parse: 62 callbacks suppressed [ 116.979389][ T7204] netlink: 244 bytes leftover after parsing attributes in process `syz.3.461'. [ 117.350661][ T7229] net_ratelimit: 4 callbacks suppressed [ 117.350682][ T7229] netlink: zone id is out of range [ 117.475356][ T7229] netlink: zone id is out of range [ 117.480872][ T7229] netlink: zone id is out of range [ 117.486548][ T7229] netlink: zone id is out of range [ 117.548104][ T7231] netlink: 48 bytes leftover after parsing attributes in process `syz.0.474'. [ 118.260330][ T7265] netlink: 'syz.0.491': attribute type 10 has an invalid length. [ 118.565012][ T7270] netlink: 'syz.2.488': attribute type 10 has an invalid length. [ 118.873897][ T7291] sctp: [Deprecated]: syz.2.499 (pid 7291) Use of struct sctp_assoc_value in delayed_ack socket option. [ 118.873897][ T7291] Use struct sctp_sack_info instead [ 119.014145][ T7301] dccp_invalid_packet: P.CsCov 5 exceeds packet length 16 [ 119.084239][ T7303] netlink: 8 bytes leftover after parsing attributes in process `syz.0.504'. [ 119.127505][ T7303] mac80211_hwsim hwsim10 wlan1: Device is already in use. [ 119.433330][ T7318] netlink: 'syz.2.510': attribute type 10 has an invalid length. [ 119.639084][ T7330] xt_bpf: check failed: parse error [ 119.850085][ T7336] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 120.190621][ T7355] netlink: 72 bytes leftover after parsing attributes in process `syz.2.527'. [ 120.247155][ T7357] FAULT_INJECTION: forcing a failure. [ 120.247155][ T7357] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 120.249082][ T7358] netlink: 72 bytes leftover after parsing attributes in process `syz.2.527'. [ 120.281875][ T7357] CPU: 1 UID: 0 PID: 7357 Comm: syz.1.526 Not tainted 6.13.0-rc3-syzkaller-00151-gcc54ec56d822 #0 [ 120.292660][ T7357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 120.302728][ T7357] Call Trace: [ 120.306018][ T7357] [ 120.308992][ T7357] dump_stack_lvl+0x241/0x360 [ 120.313716][ T7357] ? __pfx_dump_stack_lvl+0x10/0x10 [ 120.318932][ T7357] ? __pfx__printk+0x10/0x10 [ 120.323540][ T7357] ? __pfx_lock_release+0x10/0x10 [ 120.328586][ T7357] should_fail_ex+0x3b0/0x4e0 [ 120.333290][ T7357] _copy_from_user+0x2f/0xc0 [ 120.337898][ T7357] copy_msghdr_from_user+0xae/0x680 [ 120.343121][ T7357] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 120.348946][ T7357] ? __fget_files+0x2a/0x410 [ 120.353557][ T7357] ? __fget_files+0x2a/0x410 [ 120.358170][ T7357] __sys_sendmsg+0x209/0x350 [ 120.362797][ T7357] ? __pfx_lock_release+0x10/0x10 [ 120.367837][ T7357] ? __pfx___sys_sendmsg+0x10/0x10 [ 120.372996][ T7357] ? __pfx_vfs_write+0x10/0x10 [ 120.377786][ T7357] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 120.384133][ T7357] ? do_syscall_64+0x100/0x230 [ 120.388916][ T7357] ? do_syscall_64+0xb6/0x230 [ 120.393616][ T7357] do_syscall_64+0xf3/0x230 [ 120.398139][ T7357] ? clear_bhb_loop+0x35/0x90 [ 120.402855][ T7357] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.408768][ T7357] RIP: 0033:0x7f904c385d29 [ 120.413200][ T7357] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 120.432822][ T7357] RSP: 002b:00007f904d24d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 120.441261][ T7357] RAX: ffffffffffffffda RBX: 00007f904c575fa0 RCX: 00007f904c385d29 [ 120.449247][ T7357] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000005 [ 120.457229][ T7357] RBP: 00007f904d24d090 R08: 0000000000000000 R09: 0000000000000000 [ 120.465470][ T7357] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 120.473476][ T7357] R13: 0000000000000000 R14: 00007f904c575fa0 R15: 00007ffe2731b248 [ 120.481566][ T7357] [ 120.692483][ T7372] netlink: 'syz.1.531': attribute type 10 has an invalid length. [ 121.192948][ T7402] netlink: 808 bytes leftover after parsing attributes in process `syz.4.541'. [ 121.485675][ T7414] netlink: 'syz.1.545': attribute type 11 has an invalid length. [ 121.772643][ T7425] netlink: 'syz.4.548': attribute type 10 has an invalid length. [ 122.251815][ T7436] x_tables: duplicate underflow at hook 3 [ 122.278130][ T7436] netlink: 4 bytes leftover after parsing attributes in process `syz.4.555'. [ 122.300698][ T7436] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 122.351582][ T7447] netlink: 'syz.2.560': attribute type 11 has an invalid length. [ 122.457902][ T7436] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 122.594298][ T7458] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 123.060338][ T7482] netlink: zone id is out of range [ 123.062290][ T7481] FAULT_INJECTION: forcing a failure. [ 123.062290][ T7481] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 123.065714][ T7482] netlink: zone id is out of range [ 123.105716][ T7482] netlink: zone id is out of range [ 123.111247][ T7482] netlink: zone id is out of range [ 123.124477][ T7481] CPU: 1 UID: 0 PID: 7481 Comm: syz.3.574 Not tainted 6.13.0-rc3-syzkaller-00151-gcc54ec56d822 #0 [ 123.135188][ T7481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 123.145330][ T7481] Call Trace: [ 123.148624][ T7481] [ 123.151568][ T7481] dump_stack_lvl+0x241/0x360 [ 123.156279][ T7481] ? __pfx_dump_stack_lvl+0x10/0x10 [ 123.161502][ T7481] ? __pfx__printk+0x10/0x10 [ 123.166113][ T7481] ? __pfx_lock_release+0x10/0x10 [ 123.171157][ T7481] should_fail_ex+0x3b0/0x4e0 [ 123.175858][ T7481] _copy_from_iter+0x1e9/0x1c20 [ 123.180726][ T7481] ? __virt_addr_valid+0x183/0x530 [ 123.185862][ T7481] ? __alloc_skb+0x28f/0x440 [ 123.190466][ T7481] ? __pfx__copy_from_iter+0x10/0x10 [ 123.195770][ T7481] ? __virt_addr_valid+0x183/0x530 [ 123.200900][ T7481] ? __virt_addr_valid+0x183/0x530 [ 123.206035][ T7481] ? __virt_addr_valid+0x45f/0x530 [ 123.211174][ T7481] ? __phys_addr_symbol+0x2f/0x70 [ 123.216211][ T7481] ? __check_object_size+0x47a/0x730 [ 123.221538][ T7481] netlink_sendmsg+0x73d/0xcb0 [ 123.226348][ T7481] ? __pfx_netlink_sendmsg+0x10/0x10 [ 123.231668][ T7481] ? aa_sock_msg_perm+0x91/0x160 [ 123.236652][ T7481] ? __pfx_netlink_sendmsg+0x10/0x10 [ 123.241954][ T7481] __sock_sendmsg+0x221/0x270 [ 123.246744][ T7481] ____sys_sendmsg+0x52a/0x7e0 [ 123.251540][ T7481] ? __pfx_____sys_sendmsg+0x10/0x10 [ 123.256841][ T7481] ? __fget_files+0x2a/0x410 [ 123.261462][ T7481] ? __fget_files+0x2a/0x410 [ 123.266082][ T7481] __sys_sendmsg+0x269/0x350 [ 123.270684][ T7481] ? __pfx_lock_release+0x10/0x10 [ 123.275747][ T7481] ? __pfx___sys_sendmsg+0x10/0x10 [ 123.280921][ T7481] ? __pfx_vfs_write+0x10/0x10 [ 123.285729][ T7481] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 123.292079][ T7481] ? do_syscall_64+0x100/0x230 [ 123.296871][ T7481] ? do_syscall_64+0xb6/0x230 [ 123.301570][ T7481] do_syscall_64+0xf3/0x230 [ 123.306093][ T7481] ? clear_bhb_loop+0x35/0x90 [ 123.310781][ T7481] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.316695][ T7481] RIP: 0033:0x7fbedd985d29 [ 123.321134][ T7481] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 123.340750][ T7481] RSP: 002b:00007fbede817038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 123.349179][ T7481] RAX: ffffffffffffffda RBX: 00007fbeddb75fa0 RCX: 00007fbedd985d29 [ 123.357163][ T7481] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000005 [ 123.365577][ T7481] RBP: 00007fbede817090 R08: 0000000000000000 R09: 0000000000000000 [ 123.373555][ T7481] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 123.381538][ T7481] R13: 0000000000000000 R14: 00007fbeddb75fa0 R15: 00007ffd6fa013b8 [ 123.389532][ T7481] [ 123.629643][ T7498] raw_sendmsg: syz.2.577 forgot to set AF_INET. Fix it! [ 123.669027][ T7486] netlink: 24 bytes leftover after parsing attributes in process `syz.2.577'. [ 124.285772][ T7524] netlink: 'syz.2.588': attribute type 1 has an invalid length. [ 124.346666][ T7524] 8021q: adding VLAN 0 to HW filter on device bond4 [ 124.565520][ T7549] dccp_invalid_packet: P.Data Offset(0) too small [ 124.738145][ T7552] bridge0: port 1(bridge_slave_0) entered disabled state [ 125.019404][ T7565] netlink: zone id is out of range [ 125.029792][ T7565] netlink: zone id is out of range [ 125.036804][ T7565] netlink: zone id is out of range [ 125.091667][ T7565] netlink: zone id is out of range [ 125.152954][ T7572] netlink: 'syz.2.605': attribute type 1 has an invalid length. [ 125.175556][ T7572] netlink: 4 bytes leftover after parsing attributes in process `syz.2.605'. [ 125.198223][ T7574] netlink: 24 bytes leftover after parsing attributes in process `syz.0.604'. [ 125.228436][ T7574] netlink: 48 bytes leftover after parsing attributes in process `syz.0.604'. [ 125.254456][ T7578] netlink: 'syz.2.605': attribute type 1 has an invalid length. [ 125.262507][ T7578] netlink: 4 bytes leftover after parsing attributes in process `syz.2.605'. [ 125.666934][ T7600] netlink: 24 bytes leftover after parsing attributes in process `syz.0.614'. [ 125.675544][ T7602] FAULT_INJECTION: forcing a failure. [ 125.675544][ T7602] name failslab, interval 1, probability 0, space 0, times 0 [ 125.703956][ T7602] CPU: 0 UID: 0 PID: 7602 Comm: syz.2.613 Not tainted 6.13.0-rc3-syzkaller-00151-gcc54ec56d822 #0 [ 125.707990][ T7605] netlink: 'syz.0.614': attribute type 1 has an invalid length. [ 125.714607][ T7602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 125.714629][ T7602] Call Trace: [ 125.714639][ T7602] [ 125.714649][ T7602] dump_stack_lvl+0x241/0x360 [ 125.714689][ T7602] ? __pfx_dump_stack_lvl+0x10/0x10 [ 125.714722][ T7602] ? __pfx__printk+0x10/0x10 [ 125.714755][ T7602] ? kmem_cache_alloc_node_noprof+0x4f/0x380 [ 125.714787][ T7602] ? __pfx___might_resched+0x10/0x10 [ 125.714816][ T7602] should_fail_ex+0x3b0/0x4e0 [ 125.714857][ T7602] should_failslab+0xac/0x100 [ 125.714889][ T7602] kmem_cache_alloc_node_noprof+0x77/0x380 [ 125.714920][ T7602] ? __alloc_skb+0x1c3/0x440 [ 125.735418][ T7605] netlink: 236 bytes leftover after parsing attributes in process `syz.0.614'. [ 125.735953][ T7602] __alloc_skb+0x1c3/0x440 [ 125.798088][ T7602] ? __pfx___alloc_skb+0x10/0x10 [ 125.803104][ T7602] ? netlink_ack_tlv_len+0x6e/0x200 [ 125.808367][ T7602] netlink_ack+0x145/0xa50 [ 125.812846][ T7602] ? __pfx___might_resched+0x10/0x10 [ 125.818206][ T7602] netlink_rcv_skb+0x262/0x430 [ 125.823041][ T7602] ? __pfx_genl_rcv_msg+0x10/0x10 [ 125.828147][ T7602] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 125.833522][ T7602] genl_rcv+0x28/0x40 [ 125.837571][ T7602] netlink_unicast+0x7f6/0x990 [ 125.842586][ T7602] ? __pfx_netlink_unicast+0x10/0x10 [ 125.847937][ T7602] ? __virt_addr_valid+0x45f/0x530 [ 125.853110][ T7602] ? __phys_addr_symbol+0x2f/0x70 [ 125.858200][ T7602] ? __check_object_size+0x47a/0x730 [ 125.863577][ T7602] netlink_sendmsg+0x8e4/0xcb0 [ 125.868429][ T7602] ? __pfx_netlink_sendmsg+0x10/0x10 [ 125.873877][ T7602] ? aa_sock_msg_perm+0x91/0x160 [ 125.878906][ T7602] ? __pfx_netlink_sendmsg+0x10/0x10 [ 125.884250][ T7602] __sock_sendmsg+0x221/0x270 [ 125.889010][ T7602] ____sys_sendmsg+0x52a/0x7e0 [ 125.893858][ T7602] ? __pfx_____sys_sendmsg+0x10/0x10 [ 125.899208][ T7602] ? __fget_files+0x2a/0x410 [ 125.903871][ T7602] ? __fget_files+0x2a/0x410 [ 125.908541][ T7602] __sys_sendmsg+0x269/0x350 [ 125.913201][ T7602] ? __pfx_lock_release+0x10/0x10 [ 125.918302][ T7602] ? __pfx___sys_sendmsg+0x10/0x10 [ 125.923539][ T7602] ? __pfx_vfs_write+0x10/0x10 [ 125.928393][ T7602] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 125.934789][ T7602] ? do_syscall_64+0x100/0x230 [ 125.939625][ T7602] ? do_syscall_64+0xb6/0x230 [ 125.944381][ T7602] do_syscall_64+0xf3/0x230 [ 125.948957][ T7602] ? clear_bhb_loop+0x35/0x90 [ 125.953705][ T7602] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 125.959760][ T7602] RIP: 0033:0x7f7d33b85d29 [ 125.964235][ T7602] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 125.983891][ T7602] RSP: 002b:00007f7d34972038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 125.992362][ T7602] RAX: ffffffffffffffda RBX: 00007f7d33d75fa0 RCX: 00007f7d33b85d29 [ 126.000389][ T7602] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000005 [ 126.008412][ T7602] RBP: 00007f7d34972090 R08: 0000000000000000 R09: 0000000000000000 [ 126.016445][ T7602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 126.024468][ T7602] R13: 0000000000000000 R14: 00007f7d33d75fa0 R15: 00007ffce77f74e8 [ 126.032510][ T7602] [ 126.309471][ T7619] netlink: 'syz.4.623': attribute type 11 has an invalid length. [ 126.429434][ T7625] netlink: 'syz.1.615': attribute type 10 has an invalid length. [ 127.037993][ T7660] netlink: 8 bytes leftover after parsing attributes in process `syz.2.636'. [ 127.563428][ T7683] netlink: 48 bytes leftover after parsing attributes in process `syz.3.645'. [ 127.719146][ T7697] FAULT_INJECTION: forcing a failure. [ 127.719146][ T7697] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 127.750720][ T7697] CPU: 0 UID: 0 PID: 7697 Comm: syz.2.649 Not tainted 6.13.0-rc3-syzkaller-00151-gcc54ec56d822 #0 [ 127.761395][ T7697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 127.771545][ T7697] Call Trace: [ 127.774871][ T7697] [ 127.777877][ T7697] dump_stack_lvl+0x241/0x360 [ 127.782619][ T7697] ? __pfx_dump_stack_lvl+0x10/0x10 [ 127.788140][ T7697] ? __pfx__printk+0x10/0x10 [ 127.792797][ T7697] ? snprintf+0xda/0x120 [ 127.797098][ T7697] should_fail_ex+0x3b0/0x4e0 [ 127.801839][ T7697] _copy_to_user+0x31/0xb0 [ 127.806322][ T7697] simple_read_from_buffer+0xca/0x150 [ 127.811763][ T7697] proc_fail_nth_read+0x1e9/0x250 [ 127.816842][ T7697] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 127.822457][ T7697] ? rw_verify_area+0x55e/0x6f0 [ 127.827373][ T7697] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 127.832977][ T7697] vfs_read+0x1fc/0xb70 [ 127.837173][ T7697] ? __pfx___mutex_lock+0x10/0x10 [ 127.842495][ T7697] ? __pfx_vfs_read+0x10/0x10 [ 127.847192][ T7697] ? __fget_files+0x2a/0x410 [ 127.851806][ T7697] ? __fget_files+0x395/0x410 [ 127.856506][ T7697] ? __fget_files+0x2a/0x410 [ 127.861124][ T7697] ksys_read+0x18f/0x2b0 [ 127.865407][ T7697] ? __pfx_ksys_read+0x10/0x10 [ 127.870209][ T7697] ? do_syscall_64+0x100/0x230 [ 127.875011][ T7697] ? do_syscall_64+0xb6/0x230 [ 127.879739][ T7697] do_syscall_64+0xf3/0x230 [ 127.884306][ T7697] ? clear_bhb_loop+0x35/0x90 [ 127.889013][ T7697] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.894953][ T7697] RIP: 0033:0x7f7d33b8473c [ 127.899413][ T7697] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 127.919060][ T7697] RSP: 002b:00007f7d34972030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 127.927505][ T7697] RAX: ffffffffffffffda RBX: 00007f7d33d75fa0 RCX: 00007f7d33b8473c [ 127.935492][ T7697] RDX: 000000000000000f RSI: 00007f7d349720a0 RDI: 0000000000000003 [ 127.943485][ T7697] RBP: 00007f7d34972090 R08: 0000000000000000 R09: 0000000000000000 [ 127.951515][ T7697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 127.959503][ T7697] R13: 0000000000000000 R14: 00007f7d33d75fa0 R15: 00007ffce77f74e8 [ 127.967504][ T7697] [ 128.181914][ T7711] netlink: 36 bytes leftover after parsing attributes in process `syz.2.654'. [ 128.232068][ T7710] netlink: 'syz.0.653': attribute type 10 has an invalid length. [ 128.619487][ T7726] netlink: 4 bytes leftover after parsing attributes in process `syz.3.660'. [ 128.637027][ T7735] workqueue: name exceeds WQ_NAME_LEN. Truncating to: þÜ»}ÆÓžäاïj×ì·Pbôõ=ÌI [ 128.679450][ T7735] dvmrp0: entered allmulticast mode [ 128.687373][ T7735] netlink: 8 bytes leftover after parsing attributes in process `syz.4.663'. [ 129.929973][ T7787] netlink: 40 bytes leftover after parsing attributes in process `syz.1.677'. [ 129.979695][ T7779] netlink: 8 bytes leftover after parsing attributes in process `syz.0.675'. [ 129.982433][ T7787] netlink: 72 bytes leftover after parsing attributes in process `syz.1.677'. [ 130.012672][ T7779] macsec0: entered promiscuous mode [ 130.245895][ T7797] net_ratelimit: 5 callbacks suppressed [ 130.245920][ T7797] netlink: zone id is out of range [ 130.264730][ T7797] netlink: zone id is out of range [ 130.277394][ T7797] netlink: zone id is out of range [ 130.299564][ T7797] netlink: zone id is out of range [ 130.358189][ T7804] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 131.226714][ T7840] vcan0: tx drop: invalid sa for name 0x0000000000000002 [ 131.260798][ T7838] netlink: 'syz.0.689': attribute type 10 has an invalid length. [ 131.560339][ T7855] netlink: zone id is out of range [ 131.577992][ T7855] netlink: zone id is out of range [ 131.604188][ T7859] netlink: 72 bytes leftover after parsing attributes in process `syz.4.693'. [ 131.618033][ T7855] netlink: zone id is out of range [ 131.651478][ T7855] netlink: zone id is out of range [ 131.696663][ T7860] netlink: 'syz.3.696': attribute type 10 has an invalid length. [ 132.090789][ T7883] netlink: 8 bytes leftover after parsing attributes in process `syz.2.701'. [ 132.445645][ T7897] netlink: 'syz.0.705': attribute type 10 has an invalid length. [ 132.892426][ T7916] netlink: zone id is out of range [ 132.972535][ T7918] netlink: 'syz.0.711': attribute type 10 has an invalid length. [ 132.984027][ T7921] (unnamed net_device) (uninitialized): down delay (33554432) is not a multiple of miimon (640), value rounded to 33553920 ms [ 133.079665][ T7930] netlink: 72 bytes leftover after parsing attributes in process `syz.4.713'. [ 133.316923][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.323701][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.620189][ T7949] netlink: 'syz.0.721': attribute type 10 has an invalid length. [ 133.732917][ T7952] xt_CT: You must specify a L4 protocol and not use inversions on it [ 133.988963][ T7972] netlink: 'syz.4.727': attribute type 10 has an invalid length. [ 134.098935][ T7974] netlink: 4 bytes leftover after parsing attributes in process `syz.1.728'. [ 134.108794][ T7974] netlink: 'syz.1.728': attribute type 3 has an invalid length. [ 134.112990][ T7978] netlink: 72 bytes leftover after parsing attributes in process `syz.3.730'. [ 134.694273][ T7999] netlink: 'syz.3.737': attribute type 10 has an invalid length. [ 135.014960][ T8011] netlink: 16 bytes leftover after parsing attributes in process `syz.3.742'. [ 135.148168][ T8018] netlink: 8 bytes leftover after parsing attributes in process `syz.4.745'. [ 135.186487][ T8018] macsec0: entered promiscuous mode [ 135.632213][ T8038] netlink: 'syz.3.755': attribute type 10 has an invalid length. [ 135.709267][ T8044] netlink: 12 bytes leftover after parsing attributes in process `syz.4.756'. [ 135.765590][ T8035] netlink: 'syz.2.753': attribute type 10 has an invalid length. [ 135.842234][ T8050] net_ratelimit: 11 callbacks suppressed [ 135.842259][ T8050] netlink: zone id is out of range [ 135.855082][ T8050] netlink: zone id is out of range [ 135.860261][ T8050] netlink: zone id is out of range [ 135.866452][ T8050] netlink: zone id is out of range [ 136.085177][ C1] dccp_check_seqno: Step 6 failed for CLOSE packet, (LSWL(264276276161639) <= P.seqno(264276276161638) <= S.SWH(264276276161662)) and (P.ackno exists or LAWL(5902188957132) <= P.ackno(5902188957132) <= S.AWH(5902188957132), sending SYNC... [ 136.322276][ T8067] netlink: 'syz.2.763': attribute type 1 has an invalid length. [ 136.633516][ T8053] syz.3.759 (8053) used greatest stack depth: 16088 bytes left [ 136.925651][ T8102] netlink: zone id is out of range [ 136.941136][ T8102] netlink: zone id is out of range [ 136.966183][ T8098] netlink: 'syz.2.771': attribute type 10 has an invalid length. [ 136.981558][ T8102] netlink: zone id is out of range [ 136.986763][ T8102] netlink: zone id is out of range [ 137.260881][ T8120] netlink: 'syz.0.779': attribute type 7 has an invalid length. [ 137.270145][ T8120] netlink: 72 bytes leftover after parsing attributes in process `syz.0.779'. [ 137.272321][ T8114] netlink: 'syz.2.778': attribute type 10 has an invalid length. [ 137.320183][ T8121] netlink: 12 bytes leftover after parsing attributes in process `syz.3.781'. [ 137.331531][ T8121] tc_dump_action: action bad kind [ 137.410821][ T8126] veth1_to_team: entered promiscuous mode [ 137.509237][ T8127] veth1_to_team: left promiscuous mode [ 137.687549][ T8135] netlink: 'syz.4.786': attribute type 21 has an invalid length. [ 137.732800][ T8135] netlink: 132 bytes leftover after parsing attributes in process `syz.4.786'. [ 137.783548][ T8144] netlink: 'syz.2.788': attribute type 10 has an invalid length. [ 137.993141][ T8155] netlink: zone id is out of range [ 138.217244][ T8166] netlink: 12 bytes leftover after parsing attributes in process `syz.0.797'. [ 138.240530][ T8166] tc_dump_action: action bad kind [ 138.332841][ T8170] netlink: 'syz.2.795': attribute type 10 has an invalid length. [ 138.380489][ T8174] netlink: 72 bytes leftover after parsing attributes in process `syz.4.794'. [ 138.448628][ T8176] x_tables: duplicate underflow at hook 2 [ 138.822638][ T8192] netlink: 'syz.2.805': attribute type 10 has an invalid length. [ 139.000129][ T8204] netlink: 12 bytes leftover after parsing attributes in process `syz.3.809'. [ 139.016650][ T8204] tc_dump_action: action bad kind [ 139.184378][ T8212] netlink: 'syz.2.814': attribute type 10 has an invalid length. [ 139.186905][ T8214] netlink: 808 bytes leftover after parsing attributes in process `syz.3.813'. [ 139.498934][ T8226] netlink: 72 bytes leftover after parsing attributes in process `syz.1.817'. [ 139.570036][ T8228] netlink: 36 bytes leftover after parsing attributes in process `syz.3.819'. [ 139.672512][ T8233] netlink: 'syz.4.821': attribute type 10 has an invalid length. [ 140.302281][ T8245] delete_channel: no stack [ 140.530650][ T8269] netlink: 72 bytes leftover after parsing attributes in process `syz.4.833'. [ 140.609813][ T8275] netlink: 4 bytes leftover after parsing attributes in process `syz.2.837'. [ 140.872152][ T8284] netlink: 8 bytes leftover after parsing attributes in process `syz.4.841'. [ 140.921093][ T8284] mac80211_hwsim hwsim11 wlan1: Device is already in use. [ 140.937152][ T8286] netlink: 4 bytes leftover after parsing attributes in process `syz.2.842'. [ 140.951778][ T8286] Bluetooth: MGMT ver 1.23 [ 141.096388][ T8291] veth1_macvtap: left promiscuous mode [ 141.257662][ T8299] net_ratelimit: 11 callbacks suppressed [ 141.257686][ T8299] netlink: zone id is out of range [ 141.292525][ T8299] netlink: zone id is out of range [ 141.297744][ T8299] netlink: zone id is out of range [ 141.331715][ T8299] netlink: zone id is out of range [ 141.442180][ T8303] validate_nla: 2 callbacks suppressed [ 141.442202][ T8303] netlink: 'syz.1.850': attribute type 10 has an invalid length. [ 142.555072][ T8338] IPVS: set_ctl: invalid protocol: 47 255.255.255.255:20002 [ 142.564530][ T8336] netlink: zone id is out of range [ 142.612145][ T8336] netlink: zone id is out of range [ 142.632584][ T8336] netlink: zone id is out of range [ 142.637792][ T8336] netlink: zone id is out of range [ 142.772047][ T8343] netlink: 'syz.3.867': attribute type 10 has an invalid length. [ 143.259099][ T8370] __nla_validate_parse: 6 callbacks suppressed [ 143.259123][ T8370] netlink: 8 bytes leftover after parsing attributes in process `syz.0.877'. [ 143.548382][ T8380] netlink: zone id is out of range [ 143.568866][ T8380] netlink: zone id is out of range [ 143.744321][ T8384] netlink: 'syz.0.883': attribute type 10 has an invalid length. [ 144.027845][ T8398] netlink: 16 bytes leftover after parsing attributes in process `syz.0.888'. [ 144.054522][ T8398] netlink: 24 bytes leftover after parsing attributes in process `syz.0.888'. [ 144.181074][ T8411] netlink: 12 bytes leftover after parsing attributes in process `syz.1.891'. [ 144.202324][ T8411] netlink: 'syz.1.891': attribute type 1 has an invalid length. [ 144.244029][ T8407] netlink: 24 bytes leftover after parsing attributes in process `syz.0.888'. [ 144.409746][ T8404] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 144.424703][ T8404] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 144.443950][ T8404] bond0 (unregistering): (slave wlan1): Releasing backup interface [ 144.457562][ T8404] bond0 (unregistering): Released all slaves [ 144.487489][ T8410] netlink: 12 bytes leftover after parsing attributes in process `syz.2.892'. [ 144.498769][ T8410] tc_dump_action: action bad kind [ 145.267089][ T8441] netlink: 'syz.3.901': attribute type 10 has an invalid length. [ 145.322685][ T8446] netlink: 8 bytes leftover after parsing attributes in process `syz.2.902'. [ 145.379771][ T8449] netlink: 'syz.4.904': attribute type 12 has an invalid length. [ 145.654204][ T8431] xt_TCPMSS: Only works on TCP SYN packets [ 146.148962][ T8482] (unnamed net_device) (uninitialized): option ad_select: invalid value (7) [ 146.203294][ T8486] sctp: [Deprecated]: syz.1.913 (pid 8486) Use of int in max_burst socket option deprecated. [ 146.203294][ T8486] Use struct sctp_assoc_value instead [ 146.227966][ T8484] netlink: 12 bytes leftover after parsing attributes in process `syz.2.915'. [ 146.235735][ T8488] netlink: 8 bytes leftover after parsing attributes in process `syz.4.917'. [ 146.253733][ T8484] netlink: 256 bytes leftover after parsing attributes in process `syz.2.915'. [ 146.508048][ T8501] x_tables: duplicate underflow at hook 1 [ 146.575105][ T8501] Bluetooth: hci0: Opcode 0x0401 failed: -22 [ 146.617137][ T8504] sctp: [Deprecated]: syz.3.922 (pid 8504) Use of int in max_burst socket option. [ 146.617137][ T8504] Use struct sctp_assoc_value instead [ 146.997128][ T8514] net_ratelimit: 6 callbacks suppressed [ 146.997150][ T8514] netlink: zone id is out of range [ 147.041904][ T8514] netlink: zone id is out of range [ 147.051783][ T8514] netlink: zone id is out of range [ 147.067614][ T8514] netlink: zone id is out of range [ 147.068812][ T8518] vxcan1 speed is unknown, defaulting to 1000 [ 147.091255][ T8518] vxcan1 speed is unknown, defaulting to 1000 [ 147.138842][ T8518] vxcan1 speed is unknown, defaulting to 1000 [ 147.289000][ T8526] netlink: 'syz.2.931': attribute type 13 has an invalid length. [ 147.413576][ T25] vxcan1 speed is unknown, defaulting to 1000 [ 147.422816][ T8518] infiniband syz2: set active [ 147.431466][ T8518] infiniband syz2: added vxcan1 [ 147.574721][ T8518] RDS/IB: syz2: added [ 147.579832][ T8518] smc: adding ib device syz2 with port count 1 [ 147.587290][ T8518] smc: ib device syz2 port 1 has pnetid [ 147.596633][ T5905] vxcan1 speed is unknown, defaulting to 1000 [ 147.608425][ T8518] vxcan1 speed is unknown, defaulting to 1000 [ 147.732501][ T8538] veth3: entered allmulticast mode [ 147.927681][ T8518] vxcan1 speed is unknown, defaulting to 1000 [ 148.240338][ T8556] netlink: 'syz.4.940': attribute type 3 has an invalid length. [ 148.416227][ T8518] vxcan1 speed is unknown, defaulting to 1000 [ 148.658008][ T5143] Bluetooth: hci0: command tx timeout [ 148.684602][ T8575] netlink: zone id is out of range [ 148.689792][ T8575] netlink: zone id is out of range [ 148.707093][ T8518] vxcan1 speed is unknown, defaulting to 1000 [ 148.758836][ T8575] netlink: zone id is out of range [ 148.783234][ T8575] netlink: zone id is out of range [ 148.789223][ T8579] __nla_validate_parse: 6 callbacks suppressed [ 148.789242][ T8579] netlink: 44 bytes leftover after parsing attributes in process `syz.0.945'. [ 148.830995][ T8518] vxcan1 speed is unknown, defaulting to 1000 [ 149.439357][ T8593] netlink: 8 bytes leftover after parsing attributes in process `syz.4.952'. [ 149.561665][ T8600] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode [ 149.571726][ T8595] netlink: 64 bytes leftover after parsing attributes in process `syz.2.956'. [ 149.660463][ T8604] netdevsim netdevsim1: Direct firmware load for  failed with error -2 [ 149.677530][ T8604] netdevsim netdevsim1: Falling back to sysfs fallback for:  [ 149.753433][ T8608] tap0: tun_chr_ioctl cmd 1074025675 [ 149.759148][ T8608] tap0: persist disabled [ 149.836600][ T8606] netlink: 8 bytes leftover after parsing attributes in process `syz.4.959'. [ 149.847838][ T8606] netlink: 8 bytes leftover after parsing attributes in process `syz.4.959'. [ 149.859700][ T8611] netlink: 36 bytes leftover after parsing attributes in process `syz.3.960'. [ 149.877328][ T8611] netlink: 16 bytes leftover after parsing attributes in process `syz.3.960'. [ 149.894386][ T8611] netlink: 36 bytes leftover after parsing attributes in process `syz.3.960'. [ 149.918551][ T8611] netlink: 36 bytes leftover after parsing attributes in process `syz.3.960'. [ 150.250353][ T8625] netlink: 'syz.4.966': attribute type 10 has an invalid length. [ 150.985492][ T8657] FAULT_INJECTION: forcing a failure. [ 150.985492][ T8657] name failslab, interval 1, probability 0, space 0, times 0 [ 151.001847][ T8655] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 151.019040][ T8655] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 151.033496][ T8657] CPU: 0 UID: 0 PID: 8657 Comm: syz.0.980 Not tainted 6.13.0-rc3-syzkaller-00151-gcc54ec56d822 #0 [ 151.044170][ T8657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 151.054272][ T8657] Call Trace: [ 151.057596][ T8657] [ 151.060570][ T8657] dump_stack_lvl+0x241/0x360 [ 151.065310][ T8657] ? __pfx_dump_stack_lvl+0x10/0x10 [ 151.070570][ T8657] ? __pfx__printk+0x10/0x10 [ 151.075218][ T8657] ? __kmalloc_noprof+0xb5/0x4c0 [ 151.080209][ T8657] ? __pfx___might_resched+0x10/0x10 [ 151.085542][ T8657] should_fail_ex+0x3b0/0x4e0 [ 151.090284][ T8657] should_failslab+0xac/0x100 [ 151.095019][ T8657] __kmalloc_noprof+0xdd/0x4c0 [ 151.099838][ T8657] ? iovec_from_user+0x87/0x240 [ 151.104750][ T8657] iovec_from_user+0x87/0x240 [ 151.109492][ T8657] __import_iovec+0x152/0x870 [ 151.114274][ T8657] import_iovec+0xeb/0x120 [ 151.118762][ T8657] copy_msghdr_from_user+0x52f/0x680 [ 151.124115][ T8657] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 151.129982][ T8657] ? __fget_files+0x2a/0x410 [ 151.134640][ T8657] ? __fget_files+0x2a/0x410 [ 151.139313][ T8657] __sys_recvmsg+0x200/0x390 [ 151.143962][ T8657] ? __pfx___sys_recvmsg+0x10/0x10 [ 151.149098][ T8657] ? __mutex_unlock_slowpath+0x21e/0x790 [ 151.154767][ T8657] ? __fget_files+0x2a/0x410 [ 151.159401][ T8657] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 151.165746][ T8657] ? do_syscall_64+0x100/0x230 [ 151.170557][ T8657] ? do_syscall_64+0xb6/0x230 [ 151.175259][ T8657] do_syscall_64+0xf3/0x230 [ 151.179799][ T8657] ? clear_bhb_loop+0x35/0x90 [ 151.184608][ T8657] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 151.190526][ T8657] RIP: 0033:0x7fb222185d29 [ 151.194959][ T8657] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 151.214702][ T8657] RSP: 002b:00007fb222f98038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 151.223138][ T8657] RAX: ffffffffffffffda RBX: 00007fb222375fa0 RCX: 00007fb222185d29 [ 151.231124][ T8657] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 151.239128][ T8657] RBP: 00007fb222f98090 R08: 0000000000000000 R09: 0000000000000000 [ 151.247133][ T8657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 151.255159][ T8657] R13: 0000000000000000 R14: 00007fb222375fa0 R15: 00007ffebe3550e8 [ 151.263159][ T8657] [ 151.270927][ T8664] netlink: 36 bytes leftover after parsing attributes in process `syz.3.982'. [ 151.747716][ T8682] netlink: 'syz.3.990': attribute type 10 has an invalid length. [ 151.770482][ T8682] mac80211_hwsim hwsim5 wlan1: left allmulticast mode [ 152.022680][ T8690] vlan0: entered promiscuous mode [ 152.065651][ T8690] team0: Port device vlan0 added [ 152.403458][ T8710] netlink: zone id is out of range [ 152.415906][ T8710] netlink: zone id is out of range [ 152.424551][ T8706] netlink: 'syz.1.1001': attribute type 28 has an invalid length. [ 152.426930][ T8710] netlink: zone id is out of range [ 152.433293][ T8706] netlink: 'syz.1.1001': attribute type 3 has an invalid length. [ 152.437744][ T8710] netlink: zone id is out of range [ 152.553250][ T8706] syz.1.1001 uses old SIOCAX25GETINFO [ 152.807551][ T8721] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 152.856862][ T8721] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 152.960071][ T8711] infiniband syz1: set active [ 152.979926][ T8711] infiniband syz1: added team_slave_0 [ 153.027829][ T8711] RDS/IB: syz1: added [ 153.044739][ T8711] smc: adding ib device syz1 with port count 1 [ 153.052097][ T8711] smc: ib device syz1 port 1 has pnetid [ 153.082093][ T8733] netlink: 'syz.1.1011': attribute type 10 has an invalid length. [ 153.869661][ T8742] __nla_validate_parse: 17 callbacks suppressed [ 153.869682][ T8742] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1015'. [ 153.912855][ T8742] tc_dump_action: action bad kind [ 154.139722][ T8753] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1020'. [ 154.165942][ T8753] netlink: 596 bytes leftover after parsing attributes in process `syz.3.1020'. [ 154.296690][ T8757] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1023'. [ 154.306547][ T8757] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1023'. [ 154.316220][ T8757] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1023'. [ 154.326100][ T8757] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1023'. [ 154.419806][ T8763] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1026'. [ 154.452228][ T8761] netlink: 'syz.3.1024': attribute type 10 has an invalid length. [ 154.633726][ T8775] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1030'. [ 154.643173][ T8775] tc_dump_action: action bad kind [ 155.065971][ T8792] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1036'. [ 155.229324][ T8798] netlink: zone id is out of range [ 155.241642][ T8798] netlink: zone id is out of range [ 155.249371][ T8798] netlink: zone id is out of range [ 155.259790][ T8800] netlink: 'syz.4.1040': attribute type 10 has an invalid length. [ 155.268007][ T8798] netlink: zone id is out of range [ 155.328087][ T8800] macvlan0: entered promiscuous mode [ 155.337423][ T8800] macvlan0: entered allmulticast mode [ 155.369516][ T8800] veth1_vlan: entered allmulticast mode [ 155.392985][ T8800] bond0: (slave macvlan0): Enslaving as an active interface with an up link [ 155.417249][ T8799] ------------[ cut here ]------------ [ 155.423226][ T8799] refcount_t: decrement hit 0; leaking memory. [ 155.435373][ T8804] tc_dump_action: action bad kind [ 155.469811][ T8799] WARNING: CPU: 1 PID: 8799 at lib/refcount.c:31 refcount_warn_saturate+0xfa/0x1d0 [ 155.479331][ T8799] Modules linked in: [ 155.483412][ T8799] CPU: 1 UID: 0 PID: 8799 Comm: syz.4.1040 Not tainted 6.13.0-rc3-syzkaller-00151-gcc54ec56d822 #0 [ 155.494437][ T8799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 155.504664][ T8799] RIP: 0010:refcount_warn_saturate+0xfa/0x1d0 [ 155.510803][ T8799] Code: b2 00 00 00 e8 b7 3b dd fc 5b 5d c3 cc cc cc cc e8 ab 3b dd fc c6 05 5f 7e 41 0b 01 90 48 c7 c7 a0 6a 5f 8c e8 57 df 9d fc 90 <0f> 0b 90 90 eb d9 e8 8b 3b dd fc c6 05 3c 7e 41 0b 01 90 48 c7 c7 [ 155.530809][ T8799] RSP: 0018:ffffc9000b5ffb48 EFLAGS: 00010246 [ 155.537141][ T8799] RAX: 198c9f7bc9afaf00 RBX: ffff88807a62a64c RCX: ffff888034691e00 [ 155.545237][ T8799] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 155.553460][ T8799] RBP: 0000000000000004 R08: ffffffff81601a42 R09: fffffbfff1cfa210 [ 155.561634][ T8799] R10: dffffc0000000000 R11: fffffbfff1cfa210 R12: ffff88807a62a608 [ 155.569670][ T8799] R13: 0000000000000000 R14: ffff88807a62a64c R15: dffffc0000000000 [ 155.577751][ T8799] FS: 0000555582389500(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 155.586989][ T8799] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 155.594088][ T8799] CR2: 00007f60940171f8 CR3: 000000002f28e000 CR4: 00000000003526f0 [ 155.602186][ T8799] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 155.610197][ T8799] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 155.618250][ T8799] Call Trace: [ 155.621642][ T8799] [ 155.624606][ T8799] ? __warn+0x165/0x4d0 [ 155.628812][ T8799] ? refcount_warn_saturate+0xfa/0x1d0 [ 155.634417][ T8799] ? report_bug+0x2b3/0x500 [ 155.638970][ T8799] ? refcount_warn_saturate+0xfa/0x1d0 [ 155.644605][ T8799] ? handle_bug+0x60/0x90 [ 155.648980][ T8799] ? exc_invalid_op+0x1a/0x50 [ 155.653758][ T8799] ? asm_exc_invalid_op+0x1a/0x20 [ 155.658843][ T8799] ? __warn_printk+0x292/0x360 [ 155.663712][ T8799] ? refcount_warn_saturate+0xfa/0x1d0 [ 155.669221][ T8799] ? refcount_warn_saturate+0xf9/0x1d0 [ 155.674843][ T8799] ref_tracker_free+0x6af/0x7e0 [ 155.679746][ T8799] ? __pfx_skb_queue_purge_reason+0x10/0x10 [ 155.685872][ T8799] ? __pfx_ref_tracker_free+0x10/0x10 [ 155.691323][ T8799] ? ax25_destroy_socket+0x551/0x5c0 [ 155.697042][ T8799] ax25_release+0x368/0x950 [ 155.701749][ T8799] sock_close+0xbc/0x240 [ 155.706043][ T8799] ? __pfx_sock_close+0x10/0x10 [ 155.710941][ T8799] __fput+0x23c/0xa50 [ 155.715043][ T8799] task_work_run+0x24f/0x310 [ 155.719674][ T8799] ? _raw_spin_unlock+0x28/0x50 [ 155.724633][ T8799] ? __pfx_task_work_run+0x10/0x10 [ 155.729819][ T8799] ? syscall_exit_to_user_mode+0xa3/0x340 [ 155.735647][ T8799] syscall_exit_to_user_mode+0x13f/0x340 [ 155.741322][ T8799] do_syscall_64+0x100/0x230 [ 155.746032][ T8799] ? clear_bhb_loop+0x35/0x90 [ 155.750748][ T8799] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 155.756729][ T8799] RIP: 0033:0x7f68db385d29 [ 155.761176][ T8799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 155.781025][ T8799] RSP: 002b:00007ffe3977c7a8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 155.789546][ T8799] RAX: 0000000000000000 RBX: 00007f68db577ba0 RCX: 00007f68db385d29 [ 155.797900][ T8799] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 155.806027][ T8799] RBP: 00007f68db577ba0 R08: 0000000000000094 R09: 00007ffe3977ca9f [ 155.814198][ T8799] R10: 00000000003ffd48 R11: 0000000000000246 R12: 0000000000026191 [ 155.822280][ T8799] R13: 00007ffe3977c8b0 R14: 0000000000000032 R15: ffffffffffffffff [ 155.830314][ T8799] [ 155.833460][ T8799] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 155.840763][ T8799] CPU: 1 UID: 0 PID: 8799 Comm: syz.4.1040 Not tainted 6.13.0-rc3-syzkaller-00151-gcc54ec56d822 #0 [ 155.851455][ T8799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 155.861533][ T8799] Call Trace: [ 155.864834][ T8799] [ 155.867831][ T8799] dump_stack_lvl+0x241/0x360 [ 155.872527][ T8799] ? __pfx_dump_stack_lvl+0x10/0x10 [ 155.877740][ T8799] ? __pfx__printk+0x10/0x10 [ 155.882340][ T8799] ? _printk+0xd5/0x120 [ 155.886510][ T8799] ? __init_begin+0x41000/0x41000 [ 155.891556][ T8799] ? vscnprintf+0x5d/0x90 [ 155.895914][ T8799] panic+0x349/0x880 [ 155.899827][ T8799] ? __warn+0x174/0x4d0 [ 155.904024][ T8799] ? __pfx_panic+0x10/0x10 [ 155.908467][ T8799] __warn+0x344/0x4d0 [ 155.912462][ T8799] ? refcount_warn_saturate+0xfa/0x1d0 [ 155.917952][ T8799] report_bug+0x2b3/0x500 [ 155.922303][ T8799] ? refcount_warn_saturate+0xfa/0x1d0 [ 155.927786][ T8799] handle_bug+0x60/0x90 [ 155.931954][ T8799] exc_invalid_op+0x1a/0x50 [ 155.936647][ T8799] asm_exc_invalid_op+0x1a/0x20 [ 155.941523][ T8799] RIP: 0010:refcount_warn_saturate+0xfa/0x1d0 [ 155.947632][ T8799] Code: b2 00 00 00 e8 b7 3b dd fc 5b 5d c3 cc cc cc cc e8 ab 3b dd fc c6 05 5f 7e 41 0b 01 90 48 c7 c7 a0 6a 5f 8c e8 57 df 9d fc 90 <0f> 0b 90 90 eb d9 e8 8b 3b dd fc c6 05 3c 7e 41 0b 01 90 48 c7 c7 [ 155.967443][ T8799] RSP: 0018:ffffc9000b5ffb48 EFLAGS: 00010246 [ 155.973532][ T8799] RAX: 198c9f7bc9afaf00 RBX: ffff88807a62a64c RCX: ffff888034691e00 [ 155.981525][ T8799] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 155.989564][ T8799] RBP: 0000000000000004 R08: ffffffff81601a42 R09: fffffbfff1cfa210 [ 155.997546][ T8799] R10: dffffc0000000000 R11: fffffbfff1cfa210 R12: ffff88807a62a608 [ 156.005528][ T8799] R13: 0000000000000000 R14: ffff88807a62a64c R15: dffffc0000000000 [ 156.013517][ T8799] ? __warn_printk+0x292/0x360 [ 156.018307][ T8799] ? refcount_warn_saturate+0xf9/0x1d0 [ 156.023803][ T8799] ref_tracker_free+0x6af/0x7e0 [ 156.028667][ T8799] ? __pfx_skb_queue_purge_reason+0x10/0x10 [ 156.034584][ T8799] ? __pfx_ref_tracker_free+0x10/0x10 [ 156.039991][ T8799] ? ax25_destroy_socket+0x551/0x5c0 [ 156.045300][ T8799] ax25_release+0x368/0x950 [ 156.049843][ T8799] sock_close+0xbc/0x240 [ 156.054120][ T8799] ? __pfx_sock_close+0x10/0x10 [ 156.058994][ T8799] __fput+0x23c/0xa50 [ 156.063046][ T8799] task_work_run+0x24f/0x310 [ 156.067655][ T8799] ? _raw_spin_unlock+0x28/0x50 [ 156.072525][ T8799] ? __pfx_task_work_run+0x10/0x10 [ 156.077657][ T8799] ? syscall_exit_to_user_mode+0xa3/0x340 [ 156.083400][ T8799] syscall_exit_to_user_mode+0x13f/0x340 [ 156.089054][ T8799] do_syscall_64+0x100/0x230 [ 156.093663][ T8799] ? clear_bhb_loop+0x35/0x90 [ 156.098351][ T8799] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 156.104262][ T8799] RIP: 0033:0x7f68db385d29 [ 156.108686][ T8799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 156.128304][ T8799] RSP: 002b:00007ffe3977c7a8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 156.136736][ T8799] RAX: 0000000000000000 RBX: 00007f68db577ba0 RCX: 00007f68db385d29 [ 156.144719][ T8799] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 156.152697][ T8799] RBP: 00007f68db577ba0 R08: 0000000000000094 R09: 00007ffe3977ca9f [ 156.160675][ T8799] R10: 00000000003ffd48 R11: 0000000000000246 R12: 0000000000026191 [ 156.168653][ T8799] R13: 00007ffe3977c8b0 R14: 0000000000000032 R15: ffffffffffffffff [ 156.176647][ T8799] [ 156.180027][ T8799] Kernel Offset: disabled [ 156.184411][ T8799] Rebooting in 86400 seconds..