last executing test programs: 1m18.466133707s ago: executing program 3 (id=2537): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NL80211_CMD_JOIN_IBSS(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000200)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYBLOB="010100000000000000002b00200008000300", @ANYRES32=0x0, @ANYBLOB], 0x58}}, 0x0) r1 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_DEL_MIF(r1, 0x29, 0xc8, 0x0, 0xc000000) setsockopt$MRT6_FLUSH(r1, 0x29, 0xd1, &(0x7f0000000340), 0x4) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$sock_int(r2, 0x1, 0x22, &(0x7f0000000000)=0xccb, 0x4) bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) recvmmsg(r2, &(0x7f0000000880), 0x1, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r3 = socket(0x2a, 0xa, 0x1) sendmmsg(r3, &(0x7f0000000000), 0x400000000000235, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58040000060a0b040000000000000000020000002c0004802800018007000100637400001c0002800800024000000008050003000000000008000140000000140900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a"], 0x80}}, 0x0) 1m7.719343101s ago: executing program 3 (id=2537): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NL80211_CMD_JOIN_IBSS(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000200)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYBLOB="010100000000000000002b00200008000300", @ANYRES32=0x0, @ANYBLOB], 0x58}}, 0x0) r1 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_DEL_MIF(r1, 0x29, 0xc8, 0x0, 0xc000000) setsockopt$MRT6_FLUSH(r1, 0x29, 0xd1, &(0x7f0000000340), 0x4) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$sock_int(r2, 0x1, 0x22, &(0x7f0000000000)=0xccb, 0x4) bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) recvmmsg(r2, &(0x7f0000000880), 0x1, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r3 = socket(0x2a, 0xa, 0x1) sendmmsg(r3, &(0x7f0000000000), 0x400000000000235, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58040000060a0b040000000000000000020000002c0004802800018007000100637400001c0002800800024000000008050003000000000008000140000000140900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a"], 0x80}}, 0x0) 51.986858222s ago: executing program 3 (id=2537): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NL80211_CMD_JOIN_IBSS(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000200)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYBLOB="010100000000000000002b00200008000300", @ANYRES32=0x0, @ANYBLOB], 0x58}}, 0x0) r1 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_DEL_MIF(r1, 0x29, 0xc8, 0x0, 0xc000000) setsockopt$MRT6_FLUSH(r1, 0x29, 0xd1, &(0x7f0000000340), 0x4) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$sock_int(r2, 0x1, 0x22, &(0x7f0000000000)=0xccb, 0x4) bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) recvmmsg(r2, &(0x7f0000000880), 0x1, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r3 = socket(0x2a, 0xa, 0x1) sendmmsg(r3, &(0x7f0000000000), 0x400000000000235, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58040000060a0b040000000000000000020000002c0004802800018007000100637400001c0002800800024000000008050003000000000008000140000000140900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a"], 0x80}}, 0x0) 38.236096935s ago: executing program 3 (id=2537): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NL80211_CMD_JOIN_IBSS(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000200)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYBLOB="010100000000000000002b00200008000300", @ANYRES32=0x0, @ANYBLOB], 0x58}}, 0x0) r1 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_DEL_MIF(r1, 0x29, 0xc8, 0x0, 0xc000000) setsockopt$MRT6_FLUSH(r1, 0x29, 0xd1, &(0x7f0000000340), 0x4) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$sock_int(r2, 0x1, 0x22, &(0x7f0000000000)=0xccb, 0x4) bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) recvmmsg(r2, &(0x7f0000000880), 0x1, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r3 = socket(0x2a, 0xa, 0x1) sendmmsg(r3, &(0x7f0000000000), 0x400000000000235, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58040000060a0b040000000000000000020000002c0004802800018007000100637400001c0002800800024000000008050003000000000008000140000000140900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a"], 0x80}}, 0x0) 23.255047413s ago: executing program 3 (id=2537): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NL80211_CMD_JOIN_IBSS(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000200)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYBLOB="010100000000000000002b00200008000300", @ANYRES32=0x0, @ANYBLOB], 0x58}}, 0x0) r1 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_DEL_MIF(r1, 0x29, 0xc8, 0x0, 0xc000000) setsockopt$MRT6_FLUSH(r1, 0x29, 0xd1, &(0x7f0000000340), 0x4) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$sock_int(r2, 0x1, 0x22, &(0x7f0000000000)=0xccb, 0x4) bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) recvmmsg(r2, &(0x7f0000000880), 0x1, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r3 = socket(0x2a, 0xa, 0x1) sendmmsg(r3, &(0x7f0000000000), 0x400000000000235, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58040000060a0b040000000000000000020000002c0004802800018007000100637400001c0002800800024000000008050003000000000008000140000000140900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a"], 0x80}}, 0x0) 6.962355843s ago: executing program 3 (id=2537): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NL80211_CMD_JOIN_IBSS(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000200)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYBLOB="010100000000000000002b00200008000300", @ANYRES32=0x0, @ANYBLOB], 0x58}}, 0x0) r1 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_DEL_MIF(r1, 0x29, 0xc8, 0x0, 0xc000000) setsockopt$MRT6_FLUSH(r1, 0x29, 0xd1, &(0x7f0000000340), 0x4) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$sock_int(r2, 0x1, 0x22, &(0x7f0000000000)=0xccb, 0x4) bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) recvmmsg(r2, &(0x7f0000000880), 0x1, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r3 = socket(0x2a, 0xa, 0x1) sendmmsg(r3, &(0x7f0000000000), 0x400000000000235, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58040000060a0b040000000000000000020000002c0004802800018007000100637400001c0002800800024000000008050003000000000008000140000000140900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a"], 0x80}}, 0x0) 4.215536612s ago: executing program 1 (id=3255): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000003c0), r0) sendmsg$NLBL_CIPSOV4_C_LISTALL(r0, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000800)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1], 0x14}}, 0x0) 4.070739743s ago: executing program 1 (id=3256): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_MPU={0x8}, @TCA_CAKE_RAW={0x8}]}}]}, 0x44}}, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_TEST(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="380000000b0601080000000000000000060000020500010007000000100007800c00fe80080001406401010209000200"], 0x38}}, 0x4800) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x20, 0x0, 0x10, 0x70bd25, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x8, 0xcd, [0xfff, 0x101]}]}, 0x20}, 0x1, 0x0, 0x0, 0x48090}, 0x24004000) 3.729249026s ago: executing program 0 (id=3260): r0 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000200)={'vxcan1\x00', 0x0}) bind$can_j1939(r0, &(0x7f0000000100)={0x1d, r1}, 0x18) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan1\x00'}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(r3, &(0x7f00000004c0)={0x1f, @fixed}, 0x8) getsockopt$bt_BT_DEFER_SETUP(r3, 0x112, 0x7, &(0x7f0000000100), &(0x7f0000000140)=0x4) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000013c0)={'veth1_macvtap\x00', 0x0}) socket$netlink(0x10, 0x3, 0x0) r5 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000040)={0x10000}, 0x10) sendmsg$nl_route(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="200000005f0005"], 0x20}}, 0x0) sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000002840)=ANY=[@ANYBLOB="500000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800b0001006d616373656300001800028005000900010000000c000100000000000000000008000500", @ANYRES32=r4], 0x50}}, 0x0) r6 = socket$unix(0x1, 0x1, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'veth1\x00', 0x0}) sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x2, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}, {0x0, 0x8}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x2, 0x2, {0x4000}}}, @TCA_STAB={0x0, 0x8, 0x0, 0x1, [{{0x0, 0x1, {0xfa, 0xf, 0x100, 0x3, 0x1, 0x3, 0xb}}, {0x0, 0x2, [0xa37, 0xfff, 0x8]}}, {{0x0, 0x1, {0xaa, 0x0, 0x7, 0x7, 0x1, 0x1, 0xfffffffe}}, {0x0, 0x2, [0x6, 0x8, 0x9]}}]}]}, 0x38}}, 0x0) sendmsg$can_j1939(r0, &(0x7f00000002c0)={&(0x7f00000000c0)={0x1d, r8, 0x0, {0x0, 0x1ee}}, 0x18, &(0x7f00000004c0)={&(0x7f0000000300)="008f895a677fa587a22b170dce470ad1e2ba80a9cef06e6cf69b5f2892d2e119c33510adf45dfb799c1f23a09ee13071e17945bc8035b3b360bedc05b3c9a3d459c9534bad09204b3819b3110766282bb753ff68cabbd9a69eecc364516afe88ac61e71042c6e196af5d34a0c753dd1bfb4d0a897bf2073237f3e0e3176f78cea192cbde37ce7d282c8420d62bda71a80a07b2e2817957d094b9d78f4180d1ef32adcf24b52b3e4cdb554bbaee643398434a1efc2d3fcad29c4730844acd66080a7a935b645179838a7d89f612b8f54e5a813b13009a630471388a48d41ccf051409e010e5", 0xe5}, 0x1, 0x0, 0x0, 0x8845}, 0x0) 3.158953644s ago: executing program 1 (id=3262): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000007c0)) socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) socket$netlink(0x10, 0x3, 0x0) socket$inet6(0xa, 0x2, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298900000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24490a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1fcff7a1ef3282837771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969cc1595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d400000000000004011c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0890700eef552fcde2981f48c482bde8a168c3f5db2eaa6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000100000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed90868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c83ae45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422636f949e2ab8f162d7e3f855e378f4a1f40bc96fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df775e411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8605000000000000003fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373eaea36546791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf00000000f3ffffffffffff12a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca0000000000000000000090044ed83fec890f693d54e1c0adf7b3fe6cfcf3b9873cecd116826f1be38a8d61d866516197c199d5a3721a378de95d5c25b3887a271db57518e630dd132a518a3b2490b3a9ac177d286502aa73eb67275de3523ce65e50b67a3820faaab5e7b22850c8265b44085a0d2d3c734712591007e15d7f0b2cd7eb796e8f4318d2eb8343c5176056000000000000000000000007444a9a2b71016c9cf336078fa3fcfbdf4dcfc2f5acc09ad13dda373957ab7ed731565049f1d18bcba118079dc5307fa972f19cdf463cbf159985aeb0d92fceb4d62956f6"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) pipe(&(0x7f0000000680)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x61, 0x11, 0x4}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x20) bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r1, &(0x7f0000000000), &(0x7f0000001240)=""/53}, 0x20) 3.069399475s ago: executing program 0 (id=3264): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_KEY(r1, &(0x7f0000000180)={0x0, 0x4000, &(0x7f0000000140)={&(0x7f0000000080)={0x3c, r2, 0x9, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_KEY={0x14, 0x50, 0x0, 0x1, [@NL80211_KEY_MODE={0x5, 0x9, 0x2}, @NL80211_KEY_IDX={0x5}]}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x3c}}, 0x0) 2.995513346s ago: executing program 1 (id=3265): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wg2\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=@newqdisc={0x48, 0x24, 0xf0b, 0xf0ff, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x18, 0x2, [@TCA_CAKE_BASE_RATE64={0xc, 0x2, 0x3b9acb00}, @TCA_CAKE_DIFFSERV_MODE={0x8, 0x3, 0x2}]}}]}, 0x48}}, 0x0) 2.804672834s ago: executing program 1 (id=3267): r0 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0x49920d862a92153b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_FAIL_OVER_MAC={0x5}]}}}]}, 0x3c}}, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r1) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="5c0000002a00090000000000000000000400002c450011"], 0x5c}, 0x1, 0x3000000}, 0x0) bind$inet6(r2, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @mcast2, 0xb}, 0x32) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000027c0)={0xffffffffffffffff, &(0x7f0000002680)="21e1f68986d8b6172096333527db4a704560e90211a7551d5fd1b19d80bd23148b5ba7e1398be81e212dc9131b8a0efd513ba397a47dbf13445871167353d4c94946d7d4c39e3c2676e16c6f9b3b34867b360b12290a8cbad5208d332147b87a0ee791ddba54bf488cb5bbea5e8507e7fe19ad974294338fa9904993ad6fc6a6d3db53042d4e400857d974ccd8a14465d3f5a2a99f1ccf1e", &(0x7f0000002740)=""/105}, 0x20) socket$inet6(0xa, 0x2, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x1c1842, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00'}) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) sendmsg$inet(0xffffffffffffffff, 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10) ppoll(&(0x7f0000000180)=[{r4}], 0x1, 0x0, 0x0, 0x0) socket$inet_sctp(0x2, 0x0, 0x84) 2.789730033s ago: executing program 0 (id=3268): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000240), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000100000008000100040000002c0004800500030080ff00000500030080ffffff05000300016900000500030080ffffff0500030004e300000800020003"], 0x50}}, 0x0) 2.619072224s ago: executing program 0 (id=3270): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, 0x0, 0x0) write(r0, &(0x7f0000000040)="05000000010001", 0x7) recvmmsg(r0, &(0x7f0000000540)=[{{&(0x7f0000000000)=@pptp={0x18, 0x2, {0x0, @empty}}, 0x80, &(0x7f0000000080), 0x0, 0x0, 0xfffffffffffffeec}, 0x1}, {{&(0x7f00000000c0)=@rc={0x1f, @none}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000200)=""/74, 0x4a}, {&(0x7f0000000300)=""/110, 0x6e}], 0x2, &(0x7f0000000380)=""/146, 0x92}, 0x4}], 0x2, 0x40000102, &(0x7f0000000440)={0x0, 0x989680}) 2.258082187s ago: executing program 4 (id=3273): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x40, r1, 0x5, 0x60000000, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IE={0x11, 0x2a, [@random={0xdd, 0xb, 'abcdefghijk'}]}, @NL80211_ATTR_SCAN_SSIDS={0x10, 0x2d, 0x0, 0x1, [{0xa, 0x0, @default_ap_ssid}]}]}, 0x40}}, 0x0) syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000040)=@mgmt_frame=@beacon={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000080)={0x0, 0x4c4b40}, &(0x7f00000000c0)) syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000340)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) 2.106210586s ago: executing program 2 (id=3275): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000007c0)) socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) socket$netlink(0x10, 0x3, 0x0) socket$inet6(0xa, 0x2, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298900000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24490a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1fcff7a1ef3282837771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969cc1595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d400000000000004011c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0890700eef552fcde2981f48c482bde8a168c3f5db2eaa6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000100000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed90868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c83ae45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422636f949e2ab8f162d7e3f855e378f4a1f40bc96fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df775e411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8605000000000000003fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373eaea36546791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf00000000f3ffffffffffff12a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca0000000000000000000090044ed83fec890f693d54e1c0adf7b3fe6cfcf3b9873cecd116826f1be38a8d61d866516197c199d5a3721a378de95d5c25b3887a271db57518e630dd132a518a3b2490b3a9ac177d286502aa73eb67275de3523ce65e50b67a3820faaab5e7b22850c8265b44085a0d2d3c734712591007e15d7f0b2cd7eb796e8f4318d2eb8343c5176056000000000000000000000007444a9a2b71016c9cf336078fa3fcfbdf4dcfc2f5acc09ad13dda373957ab7ed731565049f1d18bcba118079dc5307fa972f19cdf463cbf159985aeb0d92fceb4d62956f6"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) pipe(&(0x7f0000000680)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x61, 0x11, 0x4}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x20) bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r1, &(0x7f0000000000), &(0x7f0000001240)=""/53}, 0x20) 2.044326423s ago: executing program 2 (id=3276): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x34, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x1, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={r2, 0xe0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f0000001200)=[{}], 0x8, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x10) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000002100)=@newtaction={0xe98, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0xe84, 0x1, [@m_pedit={0xe80, 0x1, 0x0, 0x0, {{0xa}, {0xe54, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe50, 0x2, {{{}, 0x93, 0x0, [{0x2, 0x1000, 0x8, 0x6, 0xffffffff, 0xffffffff}, {0x4, 0x169, 0x3410, 0xa52b, 0xd8, 0x10}]}, [{}, {}, {}, {0xfffffffc}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x80000001}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x2}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {0x0, 0x0, 0xfffffffe}, {0x0, 0x8}, {}, {0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, {0x8}, {}, {0x0, 0x0, 0xfffffffc}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x5}, {0x0, 0x0, 0xffffffff}, {0x0, 0x1000000}, {0xaba}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x8000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffb}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe98}}, 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r4 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_int(r4, 0x1, 0x1d, &(0x7f0000000140)=0x401, 0x4) recvmmsg(r4, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x40000000000012d, 0x2, 0x0) bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) syz_emit_ethernet(0x32, &(0x7f00000002c0)={@broadcast, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x10, 0x0, @gue={{0x2}}}}}}}, 0x0) write$bt_hci(r3, &(0x7f0000000080)={0x1, @le_read_remote_features={{0x2016, 0x2}, {0xc8}}}, 0x6) 1.83045849s ago: executing program 1 (id=3277): r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r0, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @multicast2}, 0x2}}, 0x2e) syz_emit_ethernet(0x41, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffff"], 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000027c0)=@base={0x4, 0x4, 0x4, 0x10005, 0x800, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000000)={r2, 0xa2, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001040)={r3}, 0xc) close(r5) r6 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r6, &(0x7f00000000c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}, 0x2, 0x2}}, 0x26) setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r6, 0x111, 0x2, 0x20000000, 0x4) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000080)={'syztnl0\x00', &(0x7f0000000240)={'syztnl1\x00', r4, 0x20, 0x1, 0x1800, 0x5, {{0x20, 0x4, 0x0, 0x30, 0x80, 0x67, 0x0, 0x8, 0x29, 0x0, @local, @broadcast, {[@timestamp_prespec={0x44, 0x44, 0x7e, 0x3, 0x9, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x5}, {@private=0xa010100}, {@multicast1, 0x4}, {@multicast1, 0x1}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x2}, {@loopback, 0x5}, {@broadcast, 0x40}, {@multicast2, 0xfffffff8}]}, @timestamp_prespec={0x44, 0x14, 0x5d, 0x3, 0xe, [{@multicast1, 0xffff0000}, {@loopback, 0x8000}]}, @noop, @generic={0x82, 0x10, "83503653eae0625d13a520598064"}]}}}}}) bpf$ENABLE_STATS(0x20, 0x0, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NBD_CMD_CONNECT(r9, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000440)={0x5c, r10, 0x1, 0x3, 0x0, {}, [@NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x1}, @NBD_ATTR_SIZE_BYTES={0xc}, @NBD_ATTR_SOCKETS={0x14, 0x7, 0x0, 0x1, [{0x8}, {0x8}]}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x3}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20004000}, 0x0) r11 = socket$key(0xf, 0x3, 0x2) recvmmsg(r11, &(0x7f0000005440)=[{{0x0, 0x0, 0x0}, 0x7}], 0x1, 0x40000002, 0x0) sendmsg$NBD_CMD_DISCONNECT(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x1c, r10, 0x1, 0x0, 0x0, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x1c}}, 0x0) r12 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r12, 0x84, 0xd, 0x0, &(0x7f0000000040)) setsockopt$inet6_tcp_TCP_MD5SIG(r7, 0x6, 0xe, &(0x7f0000000e00)={@in6={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}}, 0x0, 0x0, 0x44, 0x0, "e541bd3d3aa6a2bf75e9671e8abcb31c134f3a9db8f52e7300fe6e079f35ac63186c7244fc3b3801e79f15ced9fd7e55d0345bce05c13ed90158fbdeb70322ea3188f81890e3db00"}, 0xd8) sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000004c0)=[{{&(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="14f30000cce08ede2300000000290000000b00000000007fff000000008a97f4b5d32798045e9243faa0b3142e32a59168feb2920940aa453f6867906c3ce58fa810cca989694ba76082b6186b3538390befb25ee60a663b5d3a133d58"], 0x18}}], 0x1, 0x40000) bind$inet6(r7, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r7, 0x0) syz_emit_ethernet(0x4a, &(0x7f00000001c0)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0xa, 0x0, 0x800, 0x0, 0x0, {[@md5sig={0x13, 0x12, "d2046a04403af364bb9a5c45c903e140"}]}}}}}}}, 0x0) 1.64433719s ago: executing program 0 (id=3278): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x40, @loopback}], 0x1c) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000280)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000100)={r2}, 0x8) 1.591338181s ago: executing program 0 (id=3279): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000003c0), r0) sendmsg$NLBL_CIPSOV4_C_LISTALL(r0, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000800)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1], 0x14}}, 0x0) 673.674572ms ago: executing program 4 (id=3280): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_TEST(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x38, 0xb, 0x6, 0x801, 0x0, 0x400300, {0x6, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x10, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x64010102}}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x38}}, 0x4800) 615.142191ms ago: executing program 2 (id=3281): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0xd, 0x9, &(0x7f0000000680)=@framed={{0x18, 0x8, 0x0, 0x4000}, [@func={0x85, 0x0, 0x1, 0x0, 0x5}, @call={0x85, 0x0, 0x0, 0x88}, @generic={0xa7}, @initr0, @exit]}, &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x34, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) 579.220497ms ago: executing program 4 (id=3282): r0 = socket(0xa, 0x1, 0x2) r1 = socket$kcm(0x2, 0x1000000000000005, 0x0) sendmsg$inet(r1, &(0x7f0000007940)={&(0x7f0000000100)={0x2, 0x0, @rand_addr=0x20}, 0x140, &(0x7f0000000140)=[{&(0x7f0000000380), 0xff7a}], 0x1, &(0x7f0000007880)=[@ip_tos_u8={{0x11, 0x34000, 0x11}}, @ip_pktinfo={{0x1c, 0xfd000f00, 0x7ffff, {0x0, @remote, @multicast1}}}, @ip_pktinfo={{0x1c, 0x28f0700, 0xc, {0x0, @empty=0xa0050000}}}, @ip_retopts={{0x24, 0x84, 0x7, {[@ra={0x94, 0x4}, @timestamp={0x44, 0x10, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}]}}}, @ip_tos_u8={{0x11, 0x16010000}}], 0x98}, 0x4dc) close(r0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000500)=ANY=[@ANYBLOB="61154c00000000006113500000000000bfa000000000000036000000080013002d03010000000000950000000000000069165e0000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf310000000000000f650000000000006507f9ff01000000070700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44b6b498b98ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089da6d6a710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f50e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8d829906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453b65586f65c7943d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a443c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87100900000000000000de8bf777b2eaa45c940aabc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e52a2a10f922cc2de27ac24483639c369b06ecc7ea4195898691cc9c414c599c33eac655d01d1c4f89c999fd7aaa5d0984c82128ad6a1fad9dd079e095aa8331fe3d2e2baed37d6c93d402dc67b"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_MAX_BURST(r2, 0x84, 0xc, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000180)=0x8) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x83, &(0x7f0000000180)={r3}, 0x8) socket$kcm(0x11, 0x200000000000002, 0x300) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cgroup.controllers\x00', 0x26e1, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001ac0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112b0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01ac69398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc786b409ac930c90ff90f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d858952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ef6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b6214912a517810200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09e3187a10d905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367638cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734837ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a6d072034cecc457776c5fa1f33b0203c07052c6bc314b0ac5c63bc2083c9cda0b7480e0b17854ffcc76176ce266bc698f7921b8afe798a7a5ed33ab0374455ee368fda99a0e681bf9426831b193395cb01a7332a50aac841cb7d48a1768a7640a9820631ba775a2d4f12e8e717eaaa2a6d14fee0c15f36c203dbc7c06128bec84231d43e152ef19ce027436fb4ebb9fce431b913f4817597a6f53d1626f9d1cb7b36fb18ac19547a8b20ede70c81a75686cea85dcd34408128da7cab045541bc6b9a0a79f63f2e7646356e04b977c9f47467537015240b974184be9c54b7c628ae4d97ebdb06070344468994afbaac71e5ffac2c61d9af66f9de2760a38e968a781528531c1c936a02065be48f1eee77be878873206d65bd0b1241fab9139abd7f40febe81fed3684e6b59273da01f1743c6a5df300ec59c65e8174fc2d95a62ca7b937289ad14107333007eab833a5849eb19f18ae41743dfb949377e"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xc, 0x17, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70200000000e0ff850000001700000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7020000000000008500000086000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xe, &(0x7f0000000440)=ANY=[@ANYBLOB="b70200001a000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b706000065ffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e8fa6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e6185fec0e07004e60c08dc81a7a0d4773bc41c10b81b1f42db8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e0ebc622003b538dfd8e012e79578e51bc5f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b803000000661df28d9961b63e1a9cf6c2a660a1fe3c18a3cb1c51160fb20b1c581e7b148ba532e6ea09c346dfebd38608b32a0080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e14861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16b089f37b3591a15c0a9be6eb18208404c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b74cd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f50714600fb6241c6e955031795b2c2f56411e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r4, 0x18000000000002a0, 0xfe, 0x60000000, &(0x7f0000000100)="b9ff03076844268cb89e14f008004be0ffff00124000632f77fbac141416ac141416441805074d2f87e5940c05ab845013f2325f1a39010702038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c) 488.056576ms ago: executing program 2 (id=3283): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x30, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x80, 0x0, 0x0, 0x0, 0xee01}}}, 0xb8}}, 0x0) 238.751673ms ago: executing program 2 (id=3284): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18020000f9ffffff0000000000000000850000004100000095000000000000003d789ade838a5adf0c21f97a9d6f55528c474cb385573d9fd2aff88c497a5d0ab93dbb1df77098cacd277206f0902cf2c1d66e1ef4fe6deeaf8739f048bff4c9d61b5c334ef7384130fd875789e46307b8f29c46149360bea59a42011aabc5001093a06d23b6cf4f033c6000c3ab63ee036fe7023574b86c8964c32f955d410083f7567735a2ca0100000000000000c644e801f17579bac767236f2b3addb04f55cee250cb376879ae14b9e1ab98703bc7db41925c55b0a4141ae3c08d264831d0f6365469c35621850000f6ff0000000000000000000000000000000000317dc59df6de3bfd0d7f785ff1e9606c84574e4b80937ae83516d820278c4c3fda817aeb17be0cca599b7c4bf6350dcb747508404034d9478ff88e1cbfe43f46a1a5d9239e393f2bb309160118a787cb0c64b606ffe744f79c1bba0ca081302b0f04e377f1b6a3646cbe934ef6ad95d4f160a9dcc9550f9777ca5d2daa2b239547f27a221d2eefb2c40ffe95c97ce091b7c2a8c0471b9124af726edb5a3b9aba486b93cb5ea7fff68f53401f8e826d5afbb98ed8b015dc328a507d15260a18a79110e68f1d43dad73121b60ec43e98e3f522b61a4f8fc0ba0257e8fd5ac428b986c49c76395b5a51c2c75d8c1453771915705bd0925cf573b0a9c01d8e552fe288d3c0433cbe801747f335448deb0e7164f6df7d3554bc66ff51352f912d76519aa6290fe7e72402000000e85552c5c049dde27c5294dc77c8a4490492a6deb8108c14ac9a261e2d990f65ea36f217783759c06e37c3a2f3b0b3c3893700152cdca1a4a045b3645b827c989b6a42f3a19d7df9b6c176a209afe66b38ab5a44bffc22ff89f0f03345e2f83f38b01df7ad086b462aad68f9fdf167f53fac61f511bf206de4eaf6d3eabde1bbe1077c3df5ff031bb8e9fc7f562c68e71db1dc7e61eb73a7b068ed9782ab069743d99dfe6209bd936d3e706df924e7043c5a66b730b6c64b6df44ad36788bd93ac57fd67baf927ec64f9ba759e7d4ed9bcf1a33ca39864d3bde66ad03a491ddfd17a3189ad7340ef90306e8dca300131219a55bbbd21289cf14fe40ef8fad89488df3503a766a8edf43bf816f4a5f0d8b1a0c183575a1589994054af2338e49a18186b94de6151107353eccd2817a075f9c4da88c31af5af5c981c6d72edb4df8b352a7d339e903a81b3c4eb51d8a286d0505cf8ee7c0daba3c2beb61865ee571a16cfb00e99088c8236964c798972daa234a0f055e33ea334d85a01d6f53da316813ea458430671b5eb59007a3e0a359aeb67a512576c942d187e5e9a905b18a303303e05266ecd0ab77f0ef4ae42d4c8d21c65fcedc6876ff461de2e2fa8c262b489edf06065535cb58820cfc9d3c1a93976d085a70000"], &(0x7f0000000240)='syzkaller\x00', 0x4, 0xff0, &(0x7f000062b000)=""/4080, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x3d) r1 = socket(0x10, 0x803, 0x0) r2 = socket(0x10, 0x803, 0x0) r3 = socket(0xf, 0x2, 0xd) ioctl$EXT4_IOC_GET_ES_CACHE(r3, 0xc020662a, &(0x7f0000000400)={0x400, 0x1, 0x6, 0x3, 0x3, [{0x2, 0x0, 0x100, '\x00', 0x800}, {0x9, 0x1fad, 0x7}, {0xad, 0x7, 0x5, '\x00', 0x200}]}) sendmsg$nl_route_sched(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=@getchain={0x24}, 0x24}}, 0x0) getsockname$packet(r1, &(0x7f0000000740)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000700)=0x14) r5 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_STAT_GET(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x18, 0x1411, 0x1, 0x0, 0x0, "", [@RDMA_NLDEV_ATTR_STAT_RES={0x8}]}, 0x18}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="380000001000010400"/20, @ANYRES32=r4, @ANYBLOB="00000000000000180012800b000100697036746e500500080002800400132000"], 0x38}}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="640000001000010400"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000440012800b000100697036746e6c0000340002800500060000000000040000000000000006000f00030000000600100052f60000080007000900000006000f00eef200000cfbe1af1c773f8e91f209e3e3603036528e17785ee9da79d3b37d5ced9765b3aa94"], 0x64}}, 0x20004090) socket$inet6_sctp(0xa, 0x1, 0x84) r6 = socket$inet(0x2b, 0x801, 0x0) socket$kcm(0x29, 0x7, 0x0) listen(r6, 0x0) setsockopt$inet_int(r6, 0x0, 0x22, &(0x7f0000001880), 0x4) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0xa0001f98, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50) 237.346966ms ago: executing program 4 (id=3285): bpf$BPF_BTF_LOAD(0x12, &(0x7f00000007c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb0100181000000a0000000c0000000c00001402000000000000000000000d000000000000c67b"], 0x0, 0x26, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x19) 103.219872ms ago: executing program 4 (id=3286): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=@ipv4_newroute={0x1c, 0x18, 0x35f32a6dfa748ddd, 0x300, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}}, 0x1c}}, 0x0) 64.482934ms ago: executing program 2 (id=3287): r0 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0x49920d862a92153b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_FAIL_OVER_MAC={0x5}]}}}]}, 0x3c}}, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r1) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="5c0000002a00090000000000000000000400002c450011"], 0x5c}, 0x1, 0x3000000}, 0x0) bind$inet6(r2, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @mcast2, 0xb}, 0x32) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000027c0)={0xffffffffffffffff, &(0x7f0000002680)="21e1f68986d8b6172096333527db4a704560e90211a7551d5fd1b19d80bd23148b5ba7e1398be81e212dc9131b8a0efd513ba397a47dbf13445871167353d4c94946d7d4c39e3c2676e16c6f9b3b34867b360b12290a8cbad5208d332147b87a0ee791ddba54bf488cb5bbea5e8507e7fe19ad974294338fa9904993ad6fc6a6d3db53042d4e400857d974ccd8a14465d3f5a2a99f1ccf1e", &(0x7f0000002740)=""/105}, 0x20) socket$inet6(0xa, 0x2, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x1c1842, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00'}) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) sendmsg$inet(0xffffffffffffffff, 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10) ppoll(&(0x7f0000000180)=[{r4}], 0x1, 0x0, 0x0, 0x0) socket$inet_sctp(0x2, 0x0, 0x84) 0s ago: executing program 4 (id=3288): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000240), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000003", @ANYRES16=r1, @ANYBLOB="010000000000000000000100000008000100040000002c0004800500030080ff00000500030080ffffff05000300016900000500030080ffffff0500030004e300000800020003"], 0x50}}, 0x0) kernel console output (not intermixed with test programs): tering): (slave bond_slave_1): Releasing backup interface [ 304.140240][ T4241] bond0 (unregistering): Released all slaves [ 304.663901][T12796] chnl_net:caif_netlink_parms(): no params data found [ 304.692146][ T5240] Bluetooth: hci3: command tx timeout [ 304.740069][ T4241] hsr_slave_0: left promiscuous mode [ 304.749267][ T4241] hsr_slave_1: left promiscuous mode [ 304.765064][ T4241] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 304.781007][ T4241] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 304.789770][ T4241] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 304.798070][ T4241] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 304.825957][ T4241] veth1_macvtap: left promiscuous mode [ 304.831521][ T4241] veth0_macvtap: left promiscuous mode [ 304.839411][ T4241] veth1_vlan: left promiscuous mode [ 304.845470][ T4241] veth0_vlan: left promiscuous mode [ 305.606269][T12879] validate_nla: 4 callbacks suppressed [ 305.606294][T12879] netlink: 'syz.4.2836': attribute type 1 has an invalid length. [ 305.624085][T12879] netlink: 'syz.4.2836': attribute type 2 has an invalid length. [ 305.640854][T12879] netlink: 'syz.4.2836': attribute type 1 has an invalid length. [ 305.703996][ T4241] team0 (unregistering): Port device team_slave_1 removed [ 305.771328][ T4241] team0 (unregistering): Port device team_slave_0 removed [ 306.378026][T12864] workqueue: Failed to create a rescuer kthread for wq "bond7": -EINTR [ 306.772037][ T5240] Bluetooth: hci3: command tx timeout [ 306.778777][T12796] bridge0: port 1(bridge_slave_0) entered blocking state [ 306.784105][T12893] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 306.786369][T12796] bridge0: port 1(bridge_slave_0) entered disabled state [ 306.803095][T12796] bridge_slave_0: entered allmulticast mode [ 306.811065][T12796] bridge_slave_0: entered promiscuous mode [ 306.820848][T12796] bridge0: port 2(bridge_slave_1) entered blocking state [ 306.828319][T12796] bridge0: port 2(bridge_slave_1) entered disabled state [ 306.836898][T12796] bridge_slave_1: entered allmulticast mode [ 306.844701][T12796] bridge_slave_1: entered promiscuous mode [ 306.925806][T12893] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 307.037895][T12909] netlink: 'syz.2.2844': attribute type 3 has an invalid length. [ 307.054387][T12909] __nla_validate_parse: 2 callbacks suppressed [ 307.054408][T12909] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.2844'. [ 307.111564][T12796] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 307.163263][T12796] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 307.356833][T12796] team0: Port device team_slave_0 added [ 307.404453][T12796] team0: Port device team_slave_1 added [ 307.566427][T12796] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 307.602043][T12796] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 307.665551][T12796] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 307.816634][T12931] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2845'. [ 307.843866][T12796] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 307.851110][T12796] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 307.883270][T12796] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 308.085437][T12948] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2853'. [ 308.141399][T12796] hsr_slave_0: entered promiscuous mode [ 308.159558][T12796] hsr_slave_1: entered promiscuous mode [ 308.169540][T12953] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2854'. [ 308.197012][T12796] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 308.216457][T12796] Cannot create hsr debugfs directory [ 308.420880][T12961] netlink: 'syz.4.2856': attribute type 3 has an invalid length. [ 308.472454][T12961] netlink: 130984 bytes leftover after parsing attributes in process `syz.4.2856'. [ 308.851963][ T5240] Bluetooth: hci3: command tx timeout [ 308.905742][T12982] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2866'. [ 309.399676][T13002] netlink: 'syz.1.2872': attribute type 3 has an invalid length. [ 309.452876][T13002] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.2872'. [ 309.506809][T12796] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 309.536815][T12796] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 309.556903][T12796] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 309.573911][T12796] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 309.649635][T13006] FAULT_INJECTION: forcing a failure. [ 309.649635][T13006] name failslab, interval 1, probability 0, space 0, times 0 [ 309.683017][T13006] CPU: 1 UID: 0 PID: 13006 Comm: syz.1.2874 Not tainted 6.11.0-syzkaller-01469-g6f9defaf9912 #0 [ 309.693500][T13006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 309.701697][T13009] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2875'. [ 309.703589][T13006] Call Trace: [ 309.703602][T13006] [ 309.703613][T13006] dump_stack_lvl+0x241/0x360 [ 309.723499][T13006] ? __pfx_dump_stack_lvl+0x10/0x10 [ 309.728753][T13006] ? __pfx__printk+0x10/0x10 [ 309.732742][T13009] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2875'. [ 309.733371][T13006] ? __kmalloc_node_noprof+0xb7/0x440 [ 309.733405][T13006] ? __pfx___might_resched+0x10/0x10 [ 309.753095][T13006] ? __asan_memset+0x23/0x50 [ 309.757728][T13006] should_fail_ex+0x3b0/0x4e0 [ 309.762450][T13006] should_failslab+0xac/0x100 [ 309.767178][T13006] __kmalloc_node_noprof+0xdf/0x440 [ 309.772416][T13006] ? __kvmalloc_node_noprof+0x72/0x190 [ 309.777929][T13006] __kvmalloc_node_noprof+0x72/0x190 [ 309.778027][T13009] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2875'. [ 309.783247][T13006] rhashtable_init_noprof+0x534/0xa60 [ 309.783288][T13006] br_mdb_hash_init+0x26/0x90 [ 309.783315][T13006] br_dev_init+0x47/0x390 [ 309.806775][T13006] ? __kmalloc_cache_noprof+0x19c/0x2c0 [ 309.812371][T13006] register_netdevice+0x6d7/0x1b00 [ 309.817544][T13006] ? __pfx_register_netdevice+0x10/0x10 [ 309.823134][T13006] ? alloc_netdev_mqs+0xc5b/0x1000 [ 309.828287][T13006] ? validate_linkmsg+0x71e/0x900 [ 309.833359][T13006] br_dev_newlink+0x27/0x100 [ 309.837999][T13006] ? __pfx_br_dev_newlink+0x10/0x10 [ 309.843250][T13006] rtnl_newlink+0x1591/0x20a0 [ 309.848004][T13006] ? __pfx_rtnl_newlink+0x10/0x10 [ 309.853074][T13006] ? do_raw_spin_unlock+0x13c/0x8b0 [ 309.858321][T13006] ? __mutex_lock+0x9a5/0xd70 [ 309.863041][T13006] ? __mutex_lock+0x527/0xd70 [ 309.867781][T13006] ? __pfx_rtnl_newlink+0x10/0x10 [ 309.872853][T13006] rtnetlink_rcv_msg+0x73f/0xcf0 [ 309.877850][T13006] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 309.883008][T13006] ? rcu_preempt_deferred_qs_irqrestore+0x87b/0xc70 [ 309.889642][T13006] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 309.895169][T13006] netlink_rcv_skb+0x1e3/0x430 [ 309.899984][T13006] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 309.905489][T13006] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 309.910855][T13006] ? __rcu_read_unlock+0xa1/0x110 [ 309.915931][T13006] netlink_unicast+0x7f6/0x990 [ 309.920754][T13006] ? __pfx_netlink_unicast+0x10/0x10 [ 309.926088][T13006] ? __virt_addr_valid+0x183/0x530 [ 309.931241][T13006] ? __check_object_size+0x49c/0x900 [ 309.936573][T13006] ? bpf_lsm_netlink_send+0x9/0x10 [ 309.941734][T13006] netlink_sendmsg+0x8e4/0xcb0 [ 309.946566][T13006] ? __pfx_netlink_sendmsg+0x10/0x10 [ 309.951926][T13006] ? __import_iovec+0x536/0x820 [ 309.956815][T13006] ? aa_sock_msg_perm+0x91/0x160 [ 309.961790][T13006] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 309.967118][T13006] ? security_socket_sendmsg+0x87/0xb0 [ 309.972633][T13006] ? __pfx_netlink_sendmsg+0x10/0x10 [ 309.977969][T13006] __sock_sendmsg+0x221/0x270 [ 309.982714][T13006] ____sys_sendmsg+0x525/0x7d0 [ 309.987514][T13006] ? __pfx_____sys_sendmsg+0x10/0x10 [ 309.992841][T13006] __sys_sendmsg+0x2b0/0x3a0 [ 309.997487][T13006] ? __pfx___sys_sendmsg+0x10/0x10 [ 310.002624][T13006] ? vfs_write+0x7c4/0xc90 [ 310.007084][T13006] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 310.013434][T13006] ? do_syscall_64+0x100/0x230 [ 310.018222][T13006] ? do_syscall_64+0xb6/0x230 [ 310.022920][T13006] do_syscall_64+0xf3/0x230 [ 310.027438][T13006] ? clear_bhb_loop+0x35/0x90 [ 310.032135][T13006] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 310.038085][T13006] RIP: 0033:0x7f4a6397def9 [ 310.042543][T13006] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 310.062191][T13006] RSP: 002b:00007f4a646dd038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 310.070649][T13006] RAX: ffffffffffffffda RBX: 00007f4a63b35f80 RCX: 00007f4a6397def9 [ 310.078630][T13006] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 310.086624][T13006] RBP: 00007f4a646dd090 R08: 0000000000000000 R09: 0000000000000000 [ 310.094705][T13006] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 310.102713][T13006] R13: 0000000000000000 R14: 00007f4a63b35f80 R15: 00007ffead9c3ce8 [ 310.110705][T13006] [ 310.336886][T12796] 8021q: adding VLAN 0 to HW filter on device bond0 [ 310.450103][T12796] 8021q: adding VLAN 0 to HW filter on device team0 [ 310.500320][ T1057] bridge0: port 1(bridge_slave_0) entered blocking state [ 310.507601][ T1057] bridge0: port 1(bridge_slave_0) entered forwarding state [ 310.577502][ T63] bridge0: port 2(bridge_slave_1) entered blocking state [ 310.584849][ T63] bridge0: port 2(bridge_slave_1) entered forwarding state [ 310.932257][ T5240] Bluetooth: hci3: command tx timeout [ 310.940100][T13044] wlan0: mtu greater than device maximum [ 311.157639][T13057] bond_slave_1: entered promiscuous mode [ 311.163865][T13057] bridge0: entered promiscuous mode [ 311.205481][T13057] bond0: entered promiscuous mode [ 311.214018][T13057] bond_slave_0: entered promiscuous mode [ 311.235387][T13057] batadv0: entered promiscuous mode [ 311.266616][T13056] bond0: left promiscuous mode [ 311.271460][T13056] bond_slave_0: left promiscuous mode [ 311.331302][T13056] batadv0: left promiscuous mode [ 311.363400][T13056] bond_slave_1: left promiscuous mode [ 311.369301][T13056] bridge0: left promiscuous mode [ 311.471546][T12796] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 311.641136][T12796] veth0_vlan: entered promiscuous mode [ 311.686332][T12796] veth1_vlan: entered promiscuous mode [ 311.809693][T12796] veth0_macvtap: entered promiscuous mode [ 311.865839][T12796] veth1_macvtap: entered promiscuous mode [ 311.935309][T12796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 311.957486][T12796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 311.993148][T12796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 312.021265][T12796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 312.037907][T12796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 312.048802][T12796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 312.059152][T12796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 312.070404][T12796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 312.106253][T12796] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 312.147868][T12796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 312.171135][T12796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 312.197217][T12796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 312.219837][T12796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 312.230262][T12796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 312.242172][T12796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 312.262199][T12796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 312.282440][T12796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 312.309686][T12796] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 312.471500][T12796] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 312.481225][T12796] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 312.492845][T13104] netlink: 'syz.1.2907': attribute type 3 has an invalid length. [ 312.500641][T13104] __nla_validate_parse: 62 callbacks suppressed [ 312.500652][T13104] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.2907'. [ 312.501920][T12796] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 312.538670][T12796] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 312.559408][T13105] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2907'. [ 312.779090][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 312.816602][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 312.910088][T13111] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2910'. [ 312.930435][ T1057] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 312.949037][ T1057] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 313.961026][T13156] netlink: 'syz.2.2925': attribute type 1 has an invalid length. [ 313.970416][T13156] netlink: 'syz.2.2925': attribute type 2 has an invalid length. [ 313.984564][T13156] netlink: 'syz.2.2925': attribute type 1 has an invalid length. [ 314.088158][T13167] netlink: 'syz.1.2926': attribute type 3 has an invalid length. [ 314.117621][T13167] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.2926'. [ 314.160748][T13159] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2926'. [ 314.320081][T13172] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 314.720556][T13189] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2935'. [ 314.896810][T13194] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2936'. [ 315.335818][ T35] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 316.217430][ T35] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 316.386287][ T35] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 316.526445][ T35] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 316.527106][ T5238] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 316.551472][ T5238] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 316.564657][ T5238] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 316.576057][ T5238] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 316.584991][ T5238] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 316.595412][ T5238] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 317.010791][T13251] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2958'. [ 317.046171][T13251] vlan3: entered promiscuous mode [ 317.282988][ T35] bridge_slave_1: left allmulticast mode [ 317.289325][ T35] bridge_slave_1: left promiscuous mode [ 317.308336][ T35] bridge0: port 2(bridge_slave_1) entered disabled state [ 317.343419][ T35] bridge_slave_0: left allmulticast mode [ 317.352036][ T35] bridge_slave_0: left promiscuous mode [ 317.366773][ T35] bridge0: port 1(bridge_slave_0) entered disabled state [ 317.384070][T13266] xt_addrtype: both incoming and outgoing interface limitation cannot be selected [ 318.237614][ T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 318.250185][ T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 318.263418][ T35] bond0 (unregistering): Released all slaves [ 318.540214][T13298] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2971'. [ 318.560915][T13298] vlan3: entered promiscuous mode [ 318.592564][T13300] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2972'. [ 318.693586][ T5240] Bluetooth: hci3: command tx timeout [ 318.734384][T13307] FAULT_INJECTION: forcing a failure. [ 318.734384][T13307] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 318.754490][T13307] CPU: 0 UID: 0 PID: 13307 Comm: syz.4.2975 Not tainted 6.11.0-syzkaller-01469-g6f9defaf9912 #0 [ 318.764990][T13307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 318.775108][T13307] Call Trace: [ 318.778413][T13307] [ 318.781363][T13307] dump_stack_lvl+0x241/0x360 [ 318.786100][T13307] ? __pfx_dump_stack_lvl+0x10/0x10 [ 318.791357][T13307] ? __pfx__printk+0x10/0x10 [ 318.796011][T13307] ? snprintf+0xda/0x120 [ 318.800297][T13307] should_fail_ex+0x3b0/0x4e0 [ 318.805032][T13307] _copy_to_user+0x2f/0xb0 [ 318.809521][T13307] simple_read_from_buffer+0xca/0x150 [ 318.814955][T13307] proc_fail_nth_read+0x1ec/0x260 [ 318.820028][T13307] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 318.825624][T13307] ? rw_verify_area+0x520/0x6b0 [ 318.830527][T13307] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 318.836127][T13307] vfs_read+0x204/0xbc0 [ 318.840332][T13307] ? __pfx_lock_release+0x10/0x10 [ 318.845389][T13307] ? __pfx_vfs_read+0x10/0x10 [ 318.850081][T13307] ? __fget_files+0x29/0x470 [ 318.854703][T13307] ? __fget_files+0x3f6/0x470 [ 318.859423][T13307] ksys_read+0x1a0/0x2c0 [ 318.863698][T13307] ? __pfx_ksys_read+0x10/0x10 [ 318.868497][T13307] ? do_syscall_64+0x100/0x230 [ 318.873326][T13307] ? do_syscall_64+0xb6/0x230 [ 318.878059][T13307] do_syscall_64+0xf3/0x230 [ 318.882621][T13307] ? clear_bhb_loop+0x35/0x90 [ 318.887348][T13307] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 318.893291][T13307] RIP: 0033:0x7f7362d7c93c [ 318.897738][T13307] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 318.917483][T13307] RSP: 002b:00007f7363b8c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 318.925943][T13307] RAX: ffffffffffffffda RBX: 00007f7362f35f80 RCX: 00007f7362d7c93c [ 318.934005][T13307] RDX: 000000000000000f RSI: 00007f7363b8c0a0 RDI: 0000000000000004 [ 318.942025][T13307] RBP: 00007f7363b8c090 R08: 0000000000000000 R09: 0000000000000000 [ 318.950085][T13307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 318.958090][T13307] R13: 0000000000000000 R14: 00007f7362f35f80 R15: 00007ffeac699018 [ 318.966123][T13307] [ 319.203135][T13326] netlink: 165 bytes leftover after parsing attributes in process `syz.4.2979'. [ 319.396387][ T35] hsr_slave_0: left promiscuous mode [ 319.446070][ T35] hsr_slave_1: left promiscuous mode [ 319.471669][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 319.495942][ T35] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 319.517282][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 319.528758][ T35] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 319.586426][ T35] veth1_macvtap: left promiscuous mode [ 319.606288][ T35] veth0_macvtap: left promiscuous mode [ 319.628102][ T35] veth1_vlan: left promiscuous mode [ 319.643785][ T35] veth0_vlan: left promiscuous mode [ 320.635790][ T35] team0 (unregistering): Port device team_slave_1 removed [ 320.698545][ T35] team0 (unregistering): Port device team_slave_0 removed [ 320.782503][ T5240] Bluetooth: hci3: command tx timeout [ 321.320203][T13229] chnl_net:caif_netlink_parms(): no params data found [ 321.335014][T13346] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2987'. [ 321.427542][T13360] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2992'. [ 321.537550][T13365] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2994'. [ 321.829094][T13378] FAULT_INJECTION: forcing a failure. [ 321.829094][T13378] name failslab, interval 1, probability 0, space 0, times 0 [ 321.848152][T13382] FAULT_INJECTION: forcing a failure. [ 321.848152][T13382] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 321.874909][T13378] CPU: 0 UID: 0 PID: 13378 Comm: syz.2.3000 Not tainted 6.11.0-syzkaller-01469-g6f9defaf9912 #0 [ 321.885418][T13378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 321.895521][T13378] Call Trace: [ 321.898832][T13378] [ 321.901781][T13378] dump_stack_lvl+0x241/0x360 [ 321.906516][T13378] ? __pfx_dump_stack_lvl+0x10/0x10 [ 321.911776][T13378] ? __pfx__printk+0x10/0x10 [ 321.916434][T13378] ? __kmalloc_node_track_caller_noprof+0xb2/0x440 [ 321.922981][T13378] ? __pfx___might_resched+0x10/0x10 [ 321.928295][T13378] should_fail_ex+0x3b0/0x4e0 [ 321.933008][T13378] should_failslab+0xac/0x100 [ 321.937735][T13378] __kmalloc_node_track_caller_noprof+0xda/0x440 [ 321.944103][T13378] ? kobject_set_name_vargs+0x61/0x120 [ 321.949604][T13378] kstrdup+0x3a/0x80 [ 321.953537][T13378] kobject_set_name_vargs+0x61/0x120 [ 321.958881][T13378] dev_set_name+0xd5/0x120 [ 321.963358][T13378] ? __pfx_dev_set_name+0x10/0x10 [ 321.968527][T13378] ? device_initialize+0x266/0x460 [ 321.973694][T13378] netdev_register_kobject+0xb7/0x310 [ 321.979116][T13378] register_netdevice+0x12c5/0x1b00 [ 321.984361][T13378] ? __pfx_register_netdevice+0x10/0x10 [ 321.989936][T13378] ? alloc_netdev_mqs+0xc5b/0x1000 [ 321.995101][T13378] br_dev_newlink+0x27/0x100 [ 321.999745][T13378] ? __pfx_br_dev_newlink+0x10/0x10 [ 322.004999][T13378] rtnl_newlink+0x1591/0x20a0 [ 322.009753][T13378] ? __pfx_rtnl_newlink+0x10/0x10 [ 322.014826][T13378] ? do_raw_spin_unlock+0x13c/0x8b0 [ 322.020088][T13378] ? __mutex_lock+0x9a5/0xd70 [ 322.024819][T13378] ? __mutex_lock+0x527/0xd70 [ 322.029574][T13378] ? __pfx_rtnl_newlink+0x10/0x10 [ 322.034645][T13378] rtnetlink_rcv_msg+0x73f/0xcf0 [ 322.039624][T13378] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 322.044783][T13378] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 322.050293][T13378] ? ref_tracker_free+0x643/0x7e0 [ 322.055370][T13378] netlink_rcv_skb+0x1e3/0x430 [ 322.060197][T13378] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 322.065702][T13378] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 322.071049][T13378] ? netlink_deliver_tap+0x2e/0x1b0 [ 322.076289][T13378] netlink_unicast+0x7f6/0x990 [ 322.081096][T13378] ? __pfx_netlink_unicast+0x10/0x10 [ 322.086415][T13378] ? __virt_addr_valid+0x183/0x530 [ 322.091584][T13378] ? __check_object_size+0x49c/0x900 [ 322.096914][T13378] ? bpf_lsm_netlink_send+0x9/0x10 [ 322.102070][T13378] netlink_sendmsg+0x8e4/0xcb0 [ 322.106892][T13378] ? __pfx_netlink_sendmsg+0x10/0x10 [ 322.112224][T13378] ? __import_iovec+0x536/0x820 [ 322.117116][T13378] ? aa_sock_msg_perm+0x91/0x160 [ 322.122088][T13378] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 322.127411][T13378] ? security_socket_sendmsg+0x87/0xb0 [ 322.132913][T13378] ? __pfx_netlink_sendmsg+0x10/0x10 [ 322.138247][T13378] __sock_sendmsg+0x221/0x270 [ 322.142985][T13378] ____sys_sendmsg+0x525/0x7d0 [ 322.147789][T13378] ? __pfx_____sys_sendmsg+0x10/0x10 [ 322.153128][T13378] __sys_sendmsg+0x2b0/0x3a0 [ 322.157758][T13378] ? __pfx___sys_sendmsg+0x10/0x10 [ 322.162903][T13378] ? vfs_write+0x7c4/0xc90 [ 322.167391][T13378] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 322.173757][T13378] ? do_syscall_64+0x100/0x230 [ 322.178569][T13378] ? do_syscall_64+0xb6/0x230 [ 322.183283][T13378] do_syscall_64+0xf3/0x230 [ 322.187817][T13378] ? clear_bhb_loop+0x35/0x90 [ 322.192527][T13378] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 322.198454][T13378] RIP: 0033:0x7f272b17def9 [ 322.202898][T13378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 322.222547][T13378] RSP: 002b:00007f272c030038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 322.230989][T13378] RAX: ffffffffffffffda RBX: 00007f272b335f80 RCX: 00007f272b17def9 [ 322.238997][T13378] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 322.246999][T13378] RBP: 00007f272c030090 R08: 0000000000000000 R09: 0000000000000000 [ 322.255009][T13378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 322.263009][T13378] R13: 0000000000000000 R14: 00007f272b335f80 R15: 00007fffd9839f98 [ 322.271074][T13378] [ 322.274117][T13382] CPU: 1 UID: 0 PID: 13382 Comm: syz.1.2999 Not tainted 6.11.0-syzkaller-01469-g6f9defaf9912 #0 [ 322.284584][T13382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 322.294685][T13382] Call Trace: [ 322.298006][T13382] [ 322.300981][T13382] dump_stack_lvl+0x241/0x360 [ 322.305696][T13382] ? __pfx_dump_stack_lvl+0x10/0x10 [ 322.310916][T13382] ? __pfx__printk+0x10/0x10 [ 322.315531][T13382] ? snprintf+0xda/0x120 [ 322.319788][T13382] should_fail_ex+0x3b0/0x4e0 [ 322.324490][T13382] _copy_to_user+0x2f/0xb0 [ 322.328925][T13382] simple_read_from_buffer+0xca/0x150 [ 322.334316][T13382] proc_fail_nth_read+0x1ec/0x260 [ 322.339358][T13382] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 322.344919][T13382] ? rw_verify_area+0x520/0x6b0 [ 322.349781][T13382] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 322.355338][T13382] vfs_read+0x204/0xbc0 [ 322.359509][T13382] ? __pfx_lock_release+0x10/0x10 [ 322.364558][T13382] ? __pfx_vfs_read+0x10/0x10 [ 322.369247][T13382] ? __fget_files+0x29/0x470 [ 322.373867][T13382] ? __fget_files+0x3f6/0x470 [ 322.378579][T13382] ksys_read+0x1a0/0x2c0 [ 322.382853][T13382] ? __pfx_ksys_read+0x10/0x10 [ 322.387627][T13382] ? do_syscall_64+0x100/0x230 [ 322.392421][T13382] ? do_syscall_64+0xb6/0x230 [ 322.397123][T13382] do_syscall_64+0xf3/0x230 [ 322.401673][T13382] ? clear_bhb_loop+0x35/0x90 [ 322.406389][T13382] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 322.412299][T13382] RIP: 0033:0x7f4a6397c93c [ 322.416723][T13382] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 322.436349][T13382] RSP: 002b:00007f4a646dd030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 322.444783][T13382] RAX: ffffffffffffffda RBX: 00007f4a63b35f80 RCX: 00007f4a6397c93c [ 322.452791][T13382] RDX: 000000000000000f RSI: 00007f4a646dd0a0 RDI: 0000000000000005 [ 322.460769][T13382] RBP: 00007f4a646dd090 R08: 0000000000000000 R09: 0000000000000000 [ 322.468749][T13382] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 322.476736][T13382] R13: 0000000000000000 R14: 00007f4a63b35f80 R15: 00007ffead9c3ce8 [ 322.484745][T13382] [ 322.672591][T13392] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3003'. [ 322.724324][T13229] bridge0: port 1(bridge_slave_0) entered blocking state [ 322.731537][T13229] bridge0: port 1(bridge_slave_0) entered disabled state [ 322.772907][T13229] bridge_slave_0: entered allmulticast mode [ 322.790984][T13229] bridge_slave_0: entered promiscuous mode [ 322.809192][T13229] bridge0: port 2(bridge_slave_1) entered blocking state [ 322.833533][T13229] bridge0: port 2(bridge_slave_1) entered disabled state [ 322.851297][T13229] bridge_slave_1: entered allmulticast mode [ 322.861463][T13229] bridge_slave_1: entered promiscuous mode [ 322.863093][ T5240] Bluetooth: hci3: command tx timeout [ 322.885166][T13400] syzkaller0: entered promiscuous mode [ 322.900981][T13400] syzkaller0: entered allmulticast mode [ 322.946067][T13400] openvswitch: netlink: Actions may not be safe on all matching packets [ 323.017705][T13229] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 323.053801][T13229] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 323.193280][T13229] team0: Port device team_slave_0 added [ 323.251767][T13229] team0: Port device team_slave_1 added [ 323.375537][T13421] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3015'. [ 323.402636][T13229] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 323.409650][T13229] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 323.462092][T13229] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 323.475710][T13229] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 323.485760][T13229] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 323.515469][T13229] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 323.583759][T13423] netlink: 'syz.1.3016': attribute type 1 has an invalid length. [ 323.600799][T13423] netlink: 'syz.1.3016': attribute type 2 has an invalid length. [ 323.676532][T13427] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3018'. [ 323.725987][T13229] hsr_slave_0: entered promiscuous mode [ 323.765555][T13229] hsr_slave_1: entered promiscuous mode [ 323.784038][T13229] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 323.824455][T13229] Cannot create hsr debugfs directory [ 324.459471][T13469] netlink: 'syz.1.3027': attribute type 1 has an invalid length. [ 324.542129][T13469] netlink: 'syz.1.3027': attribute type 2 has an invalid length. [ 324.549928][T13469] netlink: 'syz.1.3027': attribute type 1 has an invalid length. [ 324.840196][T13492] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3029'. [ 324.853481][T13492] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3029'. [ 324.869786][T13492] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3029'. [ 324.880925][T13490] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3028'. [ 324.932979][ T5240] Bluetooth: hci3: command tx timeout [ 324.998191][T13496] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3031'. [ 325.249145][T13229] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 325.278911][T13229] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 325.298753][T13229] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 325.333245][T13229] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 325.577131][T13229] 8021q: adding VLAN 0 to HW filter on device bond0 [ 325.616610][T13229] 8021q: adding VLAN 0 to HW filter on device team0 [ 325.648735][ T4241] bridge0: port 1(bridge_slave_0) entered blocking state [ 325.655972][ T4241] bridge0: port 1(bridge_slave_0) entered forwarding state [ 325.680902][ T4241] bridge0: port 2(bridge_slave_1) entered blocking state [ 325.688135][ T4241] bridge0: port 2(bridge_slave_1) entered forwarding state [ 325.956415][T13523] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3043'. [ 325.980161][T13526] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3044'. [ 326.104331][T13229] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 326.251580][T13229] veth0_vlan: entered promiscuous mode [ 326.291350][T13229] veth1_vlan: entered promiscuous mode [ 326.334046][T13229] veth0_macvtap: entered promiscuous mode [ 326.348436][T13229] veth1_macvtap: entered promiscuous mode [ 326.425003][T13229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 326.446335][T13229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 326.483953][T13229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 326.511399][T13229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 326.548036][T13229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 326.559641][T13229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 326.577144][T13229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 326.589377][T13229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 326.612970][T13229] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 326.638204][T13538] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3049'. [ 326.695414][T13545] sch_tbf: burst 88 is lower than device veth5 mtu (1514) ! [ 326.740200][T13229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 326.790359][T13229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 326.808531][T13229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 326.838896][T13229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 326.867570][T13229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 326.878772][T13229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 326.891926][T13229] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 326.906585][T13229] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 326.918416][T13229] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 326.974438][T13559] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3056'. [ 327.008090][T13229] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 327.032088][T13229] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 327.063851][T13229] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 327.075408][T13229] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 327.430054][ T1057] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 327.461898][ T1057] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 327.538085][ T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 327.546765][ T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 327.842291][T13589] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 328.162674][T13592] IPVS: set_ctl: invalid protocol: 0 255.255.255.255:20002 [ 328.547329][T13603] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 328.556445][T13603] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 328.565296][T13603] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 328.574146][T13603] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 329.018638][T13618] netlink: 'syz.4.3078': attribute type 1 has an invalid length. [ 329.196039][T13624] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 329.218417][T13630] __nla_validate_parse: 4 callbacks suppressed [ 329.218434][T13630] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3083'. [ 329.235426][T13630] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3083'. [ 329.833308][T13648] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3089'. [ 329.856677][T13648] vlan3: entered promiscuous mode [ 330.020585][T13652] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 330.178314][ T1057] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 330.435419][T13660] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3093'. [ 331.001481][T13665] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3094'. [ 331.021104][T13665] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3094'. [ 331.177164][ T5240] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 331.330582][T13674] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 331.348651][ T1057] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 331.523251][ T1057] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 331.665594][ T1057] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 331.733819][ T5238] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 331.744652][ T5238] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 331.754717][ T5238] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 331.777320][ T5238] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 331.797572][ T5238] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 331.811037][ T5238] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 331.965392][T13688] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3103'. [ 332.024311][T13688] vlan3: entered promiscuous mode [ 332.344159][T13700] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3108'. [ 332.368802][T13700] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3108'. [ 332.578090][ T1057] bridge_slave_1: left allmulticast mode [ 332.584137][ T1057] bridge_slave_1: left promiscuous mode [ 332.589970][ T1057] bridge0: port 2(bridge_slave_1) entered disabled state [ 332.609467][ T1057] bridge_slave_0: left allmulticast mode [ 332.618316][ T1057] bridge_slave_0: left promiscuous mode [ 332.624926][ T1057] bridge0: port 1(bridge_slave_0) entered disabled state [ 332.807896][T13722] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 332.899273][T13725] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 332.920432][T13725] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 333.260545][ T1057] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 333.274593][ T1057] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 333.286464][ T1057] bond0 (unregistering): Released all slaves [ 333.654049][T13683] chnl_net:caif_netlink_parms(): no params data found [ 333.929118][ T5238] Bluetooth: hci3: command tx timeout [ 333.951509][T13743] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 334.038466][T13736] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 334.089468][T13741] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3123'. [ 334.316232][ T1057] hsr_slave_0: left promiscuous mode [ 334.335215][ T1057] hsr_slave_1: left promiscuous mode [ 334.363571][ T1057] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 334.377095][ T1057] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 334.393681][ T1057] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 334.412873][ T1057] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 334.450109][ T1057] veth1_macvtap: left promiscuous mode [ 334.466637][ T1057] veth0_macvtap: left promiscuous mode [ 334.477340][ T1057] veth1_vlan: left promiscuous mode [ 334.488635][ T1057] veth0_vlan: left promiscuous mode [ 334.506035][T13764] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 335.146313][T13772] netlink: 'syz.4.3131': attribute type 7 has an invalid length. [ 335.309547][ T1057] team0 (unregistering): Port device team_slave_1 removed [ 335.384846][ T1057] team0 (unregistering): Port device team_slave_0 removed [ 335.979482][ T5238] Bluetooth: hci3: command tx timeout [ 336.072884][T13683] bridge0: port 1(bridge_slave_0) entered blocking state [ 336.086682][T13683] bridge0: port 1(bridge_slave_0) entered disabled state [ 336.103869][T13683] bridge_slave_0: entered allmulticast mode [ 336.112745][T13683] bridge_slave_0: entered promiscuous mode [ 336.130686][T13772] Êü: entered promiscuous mode [ 336.144150][T13784] __nla_validate_parse: 1 callbacks suppressed [ 336.144169][T13784] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3136'. [ 336.181929][T13784] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3136'. [ 336.200118][T13683] bridge0: port 2(bridge_slave_1) entered blocking state [ 336.221214][T13683] bridge0: port 2(bridge_slave_1) entered disabled state [ 336.261300][T13683] bridge_slave_1: entered allmulticast mode [ 336.275600][T13683] bridge_slave_1: entered promiscuous mode [ 336.292979][T13787] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 336.457293][T13800] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3140'. [ 336.594687][T13683] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 336.635116][T13683] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 336.863521][T13811] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3143'. [ 336.884823][T13811] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3143'. [ 336.911196][T13683] team0: Port device team_slave_0 added [ 336.966263][T13683] team0: Port device team_slave_1 added [ 337.112016][T13683] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 337.135262][T13683] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 337.201925][T13683] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 337.228718][T13683] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 337.251990][T13683] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 337.316905][T13683] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 337.404758][T13822] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 337.458572][T13822] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 337.529238][T13683] hsr_slave_0: entered promiscuous mode [ 337.563201][T13683] hsr_slave_1: entered promiscuous mode [ 337.597248][T13683] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 337.621214][T13683] Cannot create hsr debugfs directory [ 337.711097][T13850] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3151'. [ 337.745074][T13848] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3150'. [ 337.903311][T13857] FAULT_INJECTION: forcing a failure. [ 337.903311][T13857] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 337.924254][T13856] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3153'. [ 337.942249][T13857] CPU: 0 UID: 0 PID: 13857 Comm: syz.2.3152 Not tainted 6.11.0-syzkaller-01469-g6f9defaf9912 #0 [ 337.952738][T13857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 337.962826][T13857] Call Trace: [ 337.966137][T13857] [ 337.969098][T13857] dump_stack_lvl+0x241/0x360 [ 337.973922][T13857] ? __pfx_dump_stack_lvl+0x10/0x10 [ 337.979178][T13857] ? __pfx__printk+0x10/0x10 [ 337.983821][T13857] ? __pfx_lock_release+0x10/0x10 [ 337.988872][T13857] should_fail_ex+0x3b0/0x4e0 [ 337.993576][T13857] _copy_from_user+0x2f/0xe0 [ 337.998189][T13857] copy_msghdr_from_user+0xae/0x680 [ 338.003415][T13857] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 338.009257][T13857] __sys_sendmsg+0x23d/0x3a0 [ 338.013862][T13857] ? __pfx___sys_sendmsg+0x10/0x10 [ 338.018981][T13857] ? vfs_write+0x7c4/0xc90 [ 338.023442][T13857] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 338.029789][T13857] ? do_syscall_64+0x100/0x230 [ 338.034584][T13857] ? do_syscall_64+0xb6/0x230 [ 338.039282][T13857] do_syscall_64+0xf3/0x230 [ 338.043806][T13857] ? clear_bhb_loop+0x35/0x90 [ 338.048501][T13857] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 338.054408][T13857] RIP: 0033:0x7f272b17def9 [ 338.058841][T13857] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 338.078461][T13857] RSP: 002b:00007f272c030038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 338.086906][T13857] RAX: ffffffffffffffda RBX: 00007f272b335f80 RCX: 00007f272b17def9 [ 338.094885][T13857] RDX: 0000000000004800 RSI: 0000000020000300 RDI: 0000000000000003 [ 338.102864][T13857] RBP: 00007f272c030090 R08: 0000000000000000 R09: 0000000000000000 [ 338.110839][T13857] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 338.118816][T13857] R13: 0000000000000000 R14: 00007f272b335f80 R15: 00007fffd9839f98 [ 338.126812][T13857] [ 338.142678][ T5238] Bluetooth: hci3: command tx timeout [ 338.148952][T13856] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3153'. [ 338.165988][T13856] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3153'. [ 338.408203][T13862] netlink: 'syz.1.3155': attribute type 1 has an invalid length. [ 338.431617][T13862] netlink: 'syz.1.3155': attribute type 2 has an invalid length. [ 338.447570][T13862] netlink: 'syz.1.3155': attribute type 1 has an invalid length. [ 339.400104][T13683] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 339.447369][T13683] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 339.486375][T13683] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 339.539420][T13683] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 339.657272][T13922] FAULT_INJECTION: forcing a failure. [ 339.657272][T13922] name failslab, interval 1, probability 0, space 0, times 0 [ 339.671167][T13923] FAULT_INJECTION: forcing a failure. [ 339.671167][T13923] name failslab, interval 1, probability 0, space 0, times 0 [ 339.711976][T13922] CPU: 0 UID: 0 PID: 13922 Comm: syz.4.3169 Not tainted 6.11.0-syzkaller-01469-g6f9defaf9912 #0 [ 339.722465][T13922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 339.732548][T13922] Call Trace: [ 339.735859][T13922] [ 339.738807][T13922] dump_stack_lvl+0x241/0x360 [ 339.743519][T13922] ? __pfx_dump_stack_lvl+0x10/0x10 [ 339.748756][T13922] ? __pfx__printk+0x10/0x10 [ 339.753370][T13922] ? __kmalloc_cache_noprof+0x44/0x2c0 [ 339.758843][T13922] ? __pfx___might_resched+0x10/0x10 [ 339.764152][T13922] should_fail_ex+0x3b0/0x4e0 [ 339.768844][T13922] should_failslab+0xac/0x100 [ 339.773540][T13922] ? __xdp_reg_mem_model+0x1e3/0x620 [ 339.778858][T13922] __kmalloc_cache_noprof+0x6c/0x2c0 [ 339.784174][T13922] __xdp_reg_mem_model+0x1e3/0x620 [ 339.789324][T13922] ? __pfx___xdp_reg_mem_model+0x10/0x10 [ 339.795000][T13922] ? page_pool_list+0x232/0x280 [ 339.799905][T13922] ? page_pool_create_percpu+0x64a/0xa00 [ 339.805583][T13922] xdp_reg_mem_model+0x22/0x40 [ 339.810381][T13922] bpf_test_run_xdp_live+0x32f/0x2160 [ 339.815803][T13922] ? bpf_dispatcher_change_prog+0xd8b/0xf10 [ 339.821716][T13922] ? __pfx_lock_release+0x10/0x10 [ 339.826769][T13922] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 339.832086][T13922] ? __mutex_unlock_slowpath+0x21d/0x750 [ 339.837750][T13922] ? __pfx_autoremove_wake_function+0x10/0x10 [ 339.843839][T13922] ? __mutex_unlock_slowpath+0x21d/0x750 [ 339.849487][T13922] ? __pfx_bpf_test_run_xdp_live+0x10/0x10 [ 339.855313][T13922] ? synchronize_rcu+0x11b/0x360 [ 339.860272][T13922] ? __pfx_synchronize_rcu+0x10/0x10 [ 339.865596][T13922] ? __pfx_bpf_dispatcher_change_prog+0x10/0x10 [ 339.871852][T13922] ? 0xffffffffa0000850 [ 339.876024][T13922] ? 0xffffffffa00008d0 [ 339.880282][T13922] ? 0xffffffffa000094c [ 339.884461][T13922] ? __pfx_xdp_test_run_init_page+0x10/0x10 [ 339.890392][T13922] ? _copy_from_user+0xa6/0xe0 [ 339.895174][T13922] ? bpf_test_init+0x15a/0x180 [ 339.899965][T13922] ? xdp_convert_md_to_buff+0x5b/0x330 [ 339.905447][T13922] bpf_prog_test_run_xdp+0x805/0x11e0 [ 339.910841][T13922] ? __pfx_lock_release+0x10/0x10 [ 339.915911][T13922] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 339.921734][T13922] ? __fget_files+0x29/0x470 [ 339.926353][T13922] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 339.932180][T13922] bpf_prog_test_run+0x33a/0x3b0 [ 339.937139][T13922] __sys_bpf+0x48d/0x810 [ 339.941396][T13922] ? __pfx___sys_bpf+0x10/0x10 [ 339.946199][T13922] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 339.952206][T13922] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 339.958565][T13922] ? do_syscall_64+0x100/0x230 [ 339.963355][T13922] __x64_sys_bpf+0x7c/0x90 [ 339.967787][T13922] do_syscall_64+0xf3/0x230 [ 339.972317][T13922] ? clear_bhb_loop+0x35/0x90 [ 339.977021][T13922] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 339.982926][T13922] RIP: 0033:0x7f7362d7def9 [ 339.987353][T13922] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 340.006978][T13922] RSP: 002b:00007f7363b8c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 340.015407][T13922] RAX: ffffffffffffffda RBX: 00007f7362f35f80 RCX: 00007f7362d7def9 [ 340.023389][T13922] RDX: 0000000000000050 RSI: 0000000020000080 RDI: 000000000000000a [ 340.031373][T13922] RBP: 00007f7363b8c090 R08: 0000000000000000 R09: 0000000000000000 [ 340.039356][T13922] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 340.047338][T13922] R13: 0000000000000000 R14: 00007f7362f35f80 R15: 00007ffeac699018 [ 340.055340][T13922] [ 340.066590][T13923] CPU: 0 UID: 0 PID: 13923 Comm: syz.0.3170 Not tainted 6.11.0-syzkaller-01469-g6f9defaf9912 #0 [ 340.077070][T13923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 340.087169][T13923] Call Trace: [ 340.090484][T13923] [ 340.093452][T13923] dump_stack_lvl+0x241/0x360 [ 340.098200][T13923] ? __pfx_dump_stack_lvl+0x10/0x10 [ 340.103462][T13923] ? __pfx__printk+0x10/0x10 [ 340.108104][T13923] ? kmem_cache_alloc_node_noprof+0x49/0x320 [ 340.114116][T13923] ? __pfx___might_resched+0x10/0x10 [ 340.119452][T13923] should_fail_ex+0x3b0/0x4e0 [ 340.124173][T13923] should_failslab+0xac/0x100 [ 340.128904][T13923] ? __alloc_skb+0x1c3/0x440 [ 340.133539][T13923] kmem_cache_alloc_node_noprof+0x71/0x320 [ 340.139366][T13923] __alloc_skb+0x1c3/0x440 [ 340.143812][T13923] ? __pfx___alloc_skb+0x10/0x10 [ 340.148773][T13923] ? netlink_autobind+0xd6/0x2f0 [ 340.153717][T13923] ? netlink_autobind+0x2b0/0x2f0 [ 340.158759][T13923] netlink_sendmsg+0x638/0xcb0 [ 340.163557][T13923] ? __pfx_netlink_sendmsg+0x10/0x10 [ 340.168866][T13923] ? __import_iovec+0x536/0x820 [ 340.173732][T13923] ? aa_sock_msg_perm+0x91/0x160 [ 340.178683][T13923] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 340.183983][T13923] ? security_socket_sendmsg+0x87/0xb0 [ 340.189459][T13923] ? __pfx_netlink_sendmsg+0x10/0x10 [ 340.194764][T13923] __sock_sendmsg+0x221/0x270 [ 340.199462][T13923] ____sys_sendmsg+0x525/0x7d0 [ 340.204256][T13923] ? __pfx_____sys_sendmsg+0x10/0x10 [ 340.209571][T13923] __sys_sendmsg+0x2b0/0x3a0 [ 340.214175][T13923] ? __pfx___sys_sendmsg+0x10/0x10 [ 340.219298][T13923] ? vfs_write+0x7c4/0xc90 [ 340.223763][T13923] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 340.230114][T13923] ? do_syscall_64+0x100/0x230 [ 340.234902][T13923] ? do_syscall_64+0xb6/0x230 [ 340.239616][T13923] do_syscall_64+0xf3/0x230 [ 340.244139][T13923] ? clear_bhb_loop+0x35/0x90 [ 340.248832][T13923] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 340.254739][T13923] RIP: 0033:0x7f39c8f7def9 [ 340.259166][T13923] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 340.278822][T13923] RSP: 002b:00007f39c9e23038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 340.287258][T13923] RAX: ffffffffffffffda RBX: 00007f39c9135f80 RCX: 00007f39c8f7def9 [ 340.295246][T13923] RDX: 0000000000004800 RSI: 0000000020000300 RDI: 0000000000000003 [ 340.303255][T13923] RBP: 00007f39c9e23090 R08: 0000000000000000 R09: 0000000000000000 [ 340.311323][T13923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 340.319300][T13923] R13: 0000000000000000 R14: 00007f39c9135f80 R15: 00007fff78020758 [ 340.327298][T13923] [ 340.382417][ T5238] Bluetooth: hci3: command tx timeout [ 340.581448][T13683] 8021q: adding VLAN 0 to HW filter on device bond0 [ 340.667082][T13683] 8021q: adding VLAN 0 to HW filter on device team0 [ 340.751175][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 340.758465][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 340.775809][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 340.783085][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 340.875721][T13934] nbd: device at index 0 is going down [ 341.206464][T13945] __nla_validate_parse: 6 callbacks suppressed [ 341.206483][T13945] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3177'. [ 341.406259][T13951] FAULT_INJECTION: forcing a failure. [ 341.406259][T13951] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 341.458958][T13683] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 341.466228][T13951] CPU: 0 UID: 0 PID: 13951 Comm: syz.0.3179 Not tainted 6.11.0-syzkaller-01469-g6f9defaf9912 #0 [ 341.476688][T13951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 341.486788][T13951] Call Trace: [ 341.490099][T13951] [ 341.493056][T13951] dump_stack_lvl+0x241/0x360 [ 341.497789][T13951] ? __pfx_dump_stack_lvl+0x10/0x10 [ 341.503045][T13951] ? __pfx__printk+0x10/0x10 [ 341.507697][T13951] ? __pfx_lock_release+0x10/0x10 [ 341.512781][T13951] should_fail_ex+0x3b0/0x4e0 [ 341.517505][T13951] _copy_from_user+0x2f/0xe0 [ 341.522139][T13951] copy_msghdr_from_user+0xae/0x680 [ 341.527387][T13951] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 341.533257][T13951] __sys_sendmsg+0x23d/0x3a0 [ 341.537892][T13951] ? __pfx___sys_sendmsg+0x10/0x10 [ 341.543034][T13951] ? vfs_write+0x7c4/0xc90 [ 341.547532][T13951] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 341.553909][T13951] ? do_syscall_64+0x100/0x230 [ 341.558724][T13951] ? do_syscall_64+0xb6/0x230 [ 341.563451][T13951] do_syscall_64+0xf3/0x230 [ 341.568005][T13951] ? clear_bhb_loop+0x35/0x90 [ 341.572725][T13951] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 341.578654][T13951] RIP: 0033:0x7f39c8f7def9 [ 341.583099][T13951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 341.602735][T13951] RSP: 002b:00007f39c9e23038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 341.611166][T13951] RAX: ffffffffffffffda RBX: 00007f39c9135f80 RCX: 00007f39c8f7def9 [ 341.619243][T13951] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000004 [ 341.627226][T13951] RBP: 00007f39c9e23090 R08: 0000000000000000 R09: 0000000000000000 [ 341.635205][T13951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 341.643185][T13951] R13: 0000000000000000 R14: 00007f39c9135f80 R15: 00007fff78020758 [ 341.651183][T13951] [ 341.744506][T13683] veth0_vlan: entered promiscuous mode [ 341.780802][T13683] veth1_vlan: entered promiscuous mode [ 341.871344][T13683] veth0_macvtap: entered promiscuous mode [ 341.896781][T13683] veth1_macvtap: entered promiscuous mode [ 341.959673][T13963] tipc: Enabling of bearer rejected, already enabled [ 341.986148][T13683] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 342.008355][T13683] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 342.051936][T13683] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 342.069183][T13683] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 342.091850][T13683] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 342.115639][T13683] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 342.131938][T13683] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 342.155612][T13683] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 342.185607][T13683] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 342.258313][T13683] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 342.262288][T13973] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3187'. [ 342.277070][T13683] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 342.283586][T13973] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3187'. [ 342.290093][T13683] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 342.308497][T13683] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 342.320459][T13683] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 342.331730][T13683] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 342.343558][T13683] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 342.344305][T13977] nbd: device at index 0 is going down [ 342.354676][T13683] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 342.372887][T13683] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 342.417975][T13683] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 342.434779][T13683] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 342.486998][T13683] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 342.513413][T13683] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 342.565352][T13981] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3189'. [ 342.575120][T13981] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3189'. [ 342.795459][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 342.832953][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 342.879922][ T4241] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 342.889197][ T4241] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 343.616071][T14016] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3203'. [ 343.626158][T14016] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3203'. [ 343.743657][T14014] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3202'. [ 343.769218][T14014] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3202'. [ 343.769867][T14024] FAULT_INJECTION: forcing a failure. [ 343.769867][T14024] name failslab, interval 1, probability 0, space 0, times 0 [ 343.808776][T14024] CPU: 0 UID: 0 PID: 14024 Comm: syz.2.3205 Not tainted 6.11.0-syzkaller-01469-g6f9defaf9912 #0 [ 343.819269][T14024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 343.829366][T14024] Call Trace: [ 343.832677][T14024] [ 343.835636][T14024] dump_stack_lvl+0x241/0x360 [ 343.840341][T14024] ? __pfx_dump_stack_lvl+0x10/0x10 [ 343.845562][T14024] ? __pfx__printk+0x10/0x10 [ 343.850169][T14024] ? kmem_cache_alloc_noprof+0x44/0x2a0 [ 343.855734][T14024] ? __pfx___might_resched+0x10/0x10 [ 343.861038][T14024] should_fail_ex+0x3b0/0x4e0 [ 343.865735][T14024] ? __kernfs_new_node+0xd8/0x870 [ 343.870784][T14024] should_failslab+0xac/0x100 [ 343.875497][T14024] ? __kernfs_new_node+0xd8/0x870 [ 343.880553][T14024] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 343.885949][T14024] __kernfs_new_node+0xd8/0x870 [ 343.890824][T14024] ? up_write+0x1a9/0x590 [ 343.895168][T14024] ? __pfx___kernfs_new_node+0x10/0x10 [ 343.900645][T14024] ? __pfx_up_write+0x10/0x10 [ 343.905354][T14024] kernfs_new_node+0x137/0x240 [ 343.910136][T14024] __kernfs_create_file+0x49/0x2e0 [ 343.915276][T14024] sysfs_add_file_mode_ns+0x24a/0x310 [ 343.920674][T14024] internal_create_group+0x7a7/0x11d0 [ 343.926088][T14024] ? __pfx_internal_create_group+0x10/0x10 [ 343.931939][T14024] sysfs_create_groups+0x56/0x120 [ 343.937001][T14024] device_add_attrs+0xe5/0x600 [ 343.941793][T14024] ? __pfx_device_add_attrs+0x10/0x10 [ 343.947211][T14024] device_add+0x576/0xbf0 [ 343.951562][T14024] ? device_initialize+0x266/0x460 [ 343.956703][T14024] netdev_register_kobject+0x17e/0x310 [ 343.962187][T14024] register_netdevice+0x12c5/0x1b00 [ 343.967411][T14024] ? __pfx_register_netdevice+0x10/0x10 [ 343.972973][T14024] ? alloc_netdev_mqs+0xc5b/0x1000 [ 343.978112][T14024] br_dev_newlink+0x27/0x100 [ 343.982732][T14024] ? __pfx_br_dev_newlink+0x10/0x10 [ 343.987959][T14024] rtnl_newlink+0x1591/0x20a0 [ 343.992683][T14024] ? __pfx_rtnl_newlink+0x10/0x10 [ 343.997784][T14024] ? __pfx___mutex_trylock_common+0x10/0x10 [ 344.003709][T14024] ? rcu_is_watching+0x15/0xb0 [ 344.008506][T14024] ? trace_contention_end+0x3c/0x120 [ 344.013809][T14024] ? __mutex_lock+0x2ef/0xd70 [ 344.018517][T14024] ? __pfx_lock_release+0x10/0x10 [ 344.023575][T14024] ? __pfx_rtnl_newlink+0x10/0x10 [ 344.028624][T14024] rtnetlink_rcv_msg+0x73f/0xcf0 [ 344.033582][T14024] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 344.038723][T14024] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 344.044212][T14024] ? ref_tracker_free+0x643/0x7e0 [ 344.049264][T14024] netlink_rcv_skb+0x1e3/0x430 [ 344.054059][T14024] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 344.059546][T14024] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 344.064876][T14024] ? netlink_deliver_tap+0x2e/0x1b0 [ 344.070099][T14024] netlink_unicast+0x7f6/0x990 [ 344.074894][T14024] ? __pfx_netlink_unicast+0x10/0x10 [ 344.080208][T14024] ? __virt_addr_valid+0x183/0x530 [ 344.085357][T14024] ? __check_object_size+0x49c/0x900 [ 344.090842][T14024] ? bpf_lsm_netlink_send+0x9/0x10 [ 344.095977][T14024] netlink_sendmsg+0x8e4/0xcb0 [ 344.100781][T14024] ? __pfx_netlink_sendmsg+0x10/0x10 [ 344.106093][T14024] ? __import_iovec+0x536/0x820 [ 344.110996][T14024] ? aa_sock_msg_perm+0x91/0x160 [ 344.115957][T14024] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 344.121356][T14024] ? security_socket_sendmsg+0x87/0xb0 [ 344.126841][T14024] ? __pfx_netlink_sendmsg+0x10/0x10 [ 344.132155][T14024] __sock_sendmsg+0x221/0x270 [ 344.136874][T14024] ____sys_sendmsg+0x525/0x7d0 [ 344.141669][T14024] ? __pfx_____sys_sendmsg+0x10/0x10 [ 344.146986][T14024] __sys_sendmsg+0x2b0/0x3a0 [ 344.151599][T14024] ? __pfx___sys_sendmsg+0x10/0x10 [ 344.156726][T14024] ? vfs_write+0x7c4/0xc90 [ 344.161197][T14024] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 344.167552][T14024] ? do_syscall_64+0x100/0x230 [ 344.172352][T14024] ? do_syscall_64+0xb6/0x230 [ 344.177064][T14024] do_syscall_64+0xf3/0x230 [ 344.181597][T14024] ? clear_bhb_loop+0x35/0x90 [ 344.186298][T14024] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 344.192218][T14024] RIP: 0033:0x7f272b17def9 [ 344.196663][T14024] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 344.216287][T14024] RSP: 002b:00007f272c030038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 344.224746][T14024] RAX: ffffffffffffffda RBX: 00007f272b335f80 RCX: 00007f272b17def9 [ 344.232751][T14024] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 344.240745][T14024] RBP: 00007f272c030090 R08: 0000000000000000 R09: 0000000000000000 [ 344.248731][T14024] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 344.256727][T14024] R13: 0000000000000000 R14: 00007f272b335f80 R15: 00007fffd9839f98 [ 344.264826][T14024] [ 344.283551][T14020] nbd: device at index 4 is going down [ 344.465887][T14030] netlink: 64 bytes leftover after parsing attributes in process `syz.1.3208'. [ 344.753964][T14048] FAULT_INJECTION: forcing a failure. [ 344.753964][T14048] name failslab, interval 1, probability 0, space 0, times 0 [ 344.814170][T14048] CPU: 1 UID: 0 PID: 14048 Comm: syz.2.3214 Not tainted 6.11.0-syzkaller-01469-g6f9defaf9912 #0 [ 344.824680][T14048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 344.834814][T14048] Call Trace: [ 344.838126][T14048] [ 344.841091][T14048] dump_stack_lvl+0x241/0x360 [ 344.845830][T14048] ? __pfx_dump_stack_lvl+0x10/0x10 [ 344.851087][T14048] ? __pfx__printk+0x10/0x10 [ 344.855738][T14048] ? ref_tracker_alloc+0x332/0x490 [ 344.860881][T14048] should_fail_ex+0x3b0/0x4e0 [ 344.865591][T14048] ? skb_clone+0x20c/0x390 [ 344.870014][T14048] should_failslab+0xac/0x100 [ 344.874730][T14048] ? skb_clone+0x20c/0x390 [ 344.879191][T14048] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 344.884620][T14048] skb_clone+0x20c/0x390 [ 344.888921][T14048] __netlink_deliver_tap+0x3cc/0x7c0 [ 344.894248][T14048] ? netlink_deliver_tap+0x2e/0x1b0 [ 344.899470][T14048] netlink_deliver_tap+0x19d/0x1b0 [ 344.904613][T14048] netlink_sendskb+0x68/0x140 [ 344.909311][T14048] netlink_unicast+0x39d/0x990 [ 344.914100][T14048] ? __asan_memcpy+0x40/0x70 [ 344.918711][T14048] ? __pfx_netlink_unicast+0x10/0x10 [ 344.924026][T14048] netlink_rcv_skb+0x262/0x430 [ 344.928810][T14048] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 344.934323][T14048] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 344.939640][T14048] ? apparmor_capable+0x13b/0x1b0 [ 344.944683][T14048] ? bpf_lsm_capable+0x9/0x10 [ 344.949373][T14048] ? security_capable+0x90/0xb0 [ 344.954243][T14048] nfnetlink_rcv+0x297/0x2ab0 [ 344.958938][T14048] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 344.964684][T14048] ? __dev_queue_xmit+0x2da/0x3e80 [ 344.969811][T14048] ? __dev_queue_xmit+0x1764/0x3e80 [ 344.975021][T14048] ? kasan_save_track+0x51/0x80 [ 344.979893][T14048] ? do_syscall_64+0xf3/0x230 [ 344.984592][T14048] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 344.989722][T14048] ? __dev_queue_xmit+0x2da/0x3e80 [ 344.994850][T14048] ? __pfx___dev_queue_xmit+0x10/0x10 [ 345.000250][T14048] ? ref_tracker_free+0x643/0x7e0 [ 345.005291][T14048] ? __asan_memcpy+0x40/0x70 [ 345.009985][T14048] ? __pfx_ref_tracker_free+0x10/0x10 [ 345.015385][T14048] ? netlink_deliver_tap+0x2e/0x1b0 [ 345.020602][T14048] ? skb_clone+0x240/0x390 [ 345.025032][T14048] ? __pfx_lock_release+0x10/0x10 [ 345.030073][T14048] ? __netlink_deliver_tap+0x77e/0x7c0 [ 345.035565][T14048] ? netlink_deliver_tap+0x2e/0x1b0 [ 345.040789][T14048] netlink_unicast+0x7f6/0x990 [ 345.045582][T14048] ? __pfx_netlink_unicast+0x10/0x10 [ 345.050881][T14048] ? __virt_addr_valid+0x183/0x530 [ 345.056009][T14048] ? __check_object_size+0x49c/0x900 [ 345.061312][T14048] ? bpf_lsm_netlink_send+0x9/0x10 [ 345.066439][T14048] netlink_sendmsg+0x8e4/0xcb0 [ 345.071254][T14048] ? __pfx_netlink_sendmsg+0x10/0x10 [ 345.076559][T14048] ? __import_iovec+0x536/0x820 [ 345.081429][T14048] ? aa_sock_msg_perm+0x91/0x160 [ 345.086396][T14048] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 345.091695][T14048] ? security_socket_sendmsg+0x87/0xb0 [ 345.097174][T14048] ? __pfx_netlink_sendmsg+0x10/0x10 [ 345.102482][T14048] __sock_sendmsg+0x221/0x270 [ 345.107185][T14048] ____sys_sendmsg+0x525/0x7d0 [ 345.111973][T14048] ? __pfx_____sys_sendmsg+0x10/0x10 [ 345.117287][T14048] __sys_sendmsg+0x2b0/0x3a0 [ 345.121903][T14048] ? __pfx___sys_sendmsg+0x10/0x10 [ 345.127038][T14048] ? vfs_write+0x7c4/0xc90 [ 345.131514][T14048] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 345.137866][T14048] ? do_syscall_64+0x100/0x230 [ 345.142663][T14048] ? do_syscall_64+0xb6/0x230 [ 345.147362][T14048] do_syscall_64+0xf3/0x230 [ 345.151889][T14048] ? clear_bhb_loop+0x35/0x90 [ 345.156586][T14048] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 345.162496][T14048] RIP: 0033:0x7f272b17def9 [ 345.166923][T14048] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 345.186544][T14048] RSP: 002b:00007f272c030038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 345.194973][T14048] RAX: ffffffffffffffda RBX: 00007f272b335f80 RCX: 00007f272b17def9 [ 345.202968][T14048] RDX: 0000000000004800 RSI: 0000000020000300 RDI: 0000000000000003 [ 345.210950][T14048] RBP: 00007f272c030090 R08: 0000000000000000 R09: 0000000000000000 [ 345.218932][T14048] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 345.226917][T14048] R13: 0000000000000000 R14: 00007f272b335f80 R15: 00007fffd9839f98 [ 345.234919][T14048] [ 345.599619][T14063] FAULT_INJECTION: forcing a failure. [ 345.599619][T14063] name failslab, interval 1, probability 0, space 0, times 0 [ 345.632530][T14063] CPU: 1 UID: 0 PID: 14063 Comm: syz.4.3221 Not tainted 6.11.0-syzkaller-01469-g6f9defaf9912 #0 [ 345.643027][T14063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 345.653122][T14063] Call Trace: [ 345.656434][T14063] [ 345.659401][T14063] dump_stack_lvl+0x241/0x360 [ 345.664143][T14063] ? __pfx_dump_stack_lvl+0x10/0x10 [ 345.669393][T14063] ? __pfx__printk+0x10/0x10 [ 345.674048][T14063] ? ref_tracker_alloc+0x332/0x490 [ 345.679204][T14063] should_fail_ex+0x3b0/0x4e0 [ 345.683924][T14063] ? skb_clone+0x20c/0x390 [ 345.688383][T14063] should_failslab+0xac/0x100 [ 345.693135][T14063] ? skb_clone+0x20c/0x390 [ 345.697590][T14063] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 345.703015][T14063] skb_clone+0x20c/0x390 [ 345.707303][T14063] __netlink_deliver_tap+0x3cc/0x7c0 [ 345.712650][T14063] ? netlink_deliver_tap+0x2e/0x1b0 [ 345.717905][T14063] netlink_deliver_tap+0x19d/0x1b0 [ 345.723068][T14063] netlink_unicast+0x7c4/0x990 [ 345.727900][T14063] ? __pfx_netlink_unicast+0x10/0x10 [ 345.733233][T14063] ? __virt_addr_valid+0x183/0x530 [ 345.738394][T14063] ? __check_object_size+0x49c/0x900 [ 345.743743][T14063] ? bpf_lsm_netlink_send+0x9/0x10 [ 345.748958][T14063] netlink_sendmsg+0x8e4/0xcb0 [ 345.753785][T14063] ? __pfx_netlink_sendmsg+0x10/0x10 [ 345.759104][T14063] ? __import_iovec+0x536/0x820 [ 345.763972][T14063] ? aa_sock_msg_perm+0x91/0x160 [ 345.768925][T14063] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 345.774226][T14063] ? security_socket_sendmsg+0x87/0xb0 [ 345.779738][T14063] ? __pfx_netlink_sendmsg+0x10/0x10 [ 345.785044][T14063] __sock_sendmsg+0x221/0x270 [ 345.789747][T14063] ____sys_sendmsg+0x525/0x7d0 [ 345.794533][T14063] ? __pfx_____sys_sendmsg+0x10/0x10 [ 345.799848][T14063] __sys_sendmsg+0x2b0/0x3a0 [ 345.804454][T14063] ? __pfx___sys_sendmsg+0x10/0x10 [ 345.809574][T14063] ? vfs_write+0x7c4/0xc90 [ 345.814065][T14063] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 345.820442][T14063] ? do_syscall_64+0x100/0x230 [ 345.825247][T14063] ? do_syscall_64+0xb6/0x230 [ 345.829952][T14063] do_syscall_64+0xf3/0x230 [ 345.834481][T14063] ? clear_bhb_loop+0x35/0x90 [ 345.839264][T14063] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 345.845188][T14063] RIP: 0033:0x7f7362d7def9 [ 345.849625][T14063] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 345.869269][T14063] RSP: 002b:00007f7363b8c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 345.877793][T14063] RAX: ffffffffffffffda RBX: 00007f7362f35f80 RCX: 00007f7362d7def9 [ 345.885778][T14063] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000004 [ 345.893847][T14063] RBP: 00007f7363b8c090 R08: 0000000000000000 R09: 0000000000000000 [ 345.901835][T14063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 345.909835][T14063] R13: 0000000000000000 R14: 00007f7362f35f80 R15: 00007ffeac699018 [ 345.917858][T14063] [ 346.134817][T14081] FAULT_INJECTION: forcing a failure. [ 346.134817][T14081] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 346.160032][T14081] CPU: 1 UID: 0 PID: 14081 Comm: syz.1.3228 Not tainted 6.11.0-syzkaller-01469-g6f9defaf9912 #0 [ 346.170699][T14081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 346.180804][T14081] Call Trace: [ 346.184124][T14081] [ 346.187091][T14081] dump_stack_lvl+0x241/0x360 [ 346.191838][T14081] ? __pfx_dump_stack_lvl+0x10/0x10 [ 346.197098][T14081] ? __pfx__printk+0x10/0x10 [ 346.201750][T14081] ? __pfx_lock_release+0x10/0x10 [ 346.206851][T14081] should_fail_ex+0x3b0/0x4e0 [ 346.211592][T14081] _copy_from_iter+0x1f6/0x1960 [ 346.216501][T14081] ? __virt_addr_valid+0x183/0x530 [ 346.221669][T14081] ? __pfx_lock_release+0x10/0x10 [ 346.226767][T14081] ? __alloc_skb+0x28f/0x440 [ 346.231421][T14081] ? __pfx__copy_from_iter+0x10/0x10 [ 346.236789][T14081] ? __virt_addr_valid+0x183/0x530 [ 346.242038][T14081] ? __virt_addr_valid+0x183/0x530 [ 346.247198][T14081] ? __virt_addr_valid+0x45f/0x530 [ 346.252365][T14081] ? __check_object_size+0x49c/0x900 [ 346.257719][T14081] netlink_sendmsg+0x73d/0xcb0 [ 346.262562][T14081] ? __pfx_netlink_sendmsg+0x10/0x10 [ 346.267918][T14081] ? __import_iovec+0x536/0x820 [ 346.272000][T14088] __nla_validate_parse: 3 callbacks suppressed [ 346.272024][T14088] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3230'. [ 346.272802][T14081] ? aa_sock_msg_perm+0x91/0x160 [ 346.292795][T14081] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 346.298139][T14081] ? security_socket_sendmsg+0x87/0xb0 [ 346.303658][T14081] ? __pfx_netlink_sendmsg+0x10/0x10 [ 346.308994][T14081] __sock_sendmsg+0x221/0x270 [ 346.313730][T14081] ____sys_sendmsg+0x525/0x7d0 [ 346.318558][T14081] ? __pfx_____sys_sendmsg+0x10/0x10 [ 346.323911][T14081] __sys_sendmsg+0x2b0/0x3a0 [ 346.328551][T14081] ? __pfx___sys_sendmsg+0x10/0x10 [ 346.333705][T14081] ? vfs_write+0x7c4/0xc90 [ 346.338217][T14081] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 346.344597][T14081] ? do_syscall_64+0x100/0x230 [ 346.349384][T14081] ? do_syscall_64+0xb6/0x230 [ 346.354103][T14081] do_syscall_64+0xf3/0x230 [ 346.358665][T14081] ? clear_bhb_loop+0x35/0x90 [ 346.363391][T14081] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 346.369338][T14081] RIP: 0033:0x7f4a6397def9 [ 346.373793][T14081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 346.393622][T14081] RSP: 002b:00007f4a646dd038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 346.402176][T14081] RAX: ffffffffffffffda RBX: 00007f4a63b35f80 RCX: 00007f4a6397def9 [ 346.410197][T14081] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000004 [ 346.418305][T14081] RBP: 00007f4a646dd090 R08: 0000000000000000 R09: 0000000000000000 [ 346.426322][T14081] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 346.434337][T14081] R13: 0000000000000000 R14: 00007f4a63b35f80 R15: 00007ffead9c3ce8 [ 346.442400][T14081] [ 346.558393][ T11] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 347.402396][T14096] netlink: 68 bytes leftover after parsing attributes in process `syz.4.3234'. [ 347.809355][ T11] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 347.935866][ T5240] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 347.946664][ T5240] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 347.962890][ T5240] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 347.971518][ T5240] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 347.982174][ T5240] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 347.994415][ T5240] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 348.043837][T14122] netlink: 'syz.1.3242': attribute type 2 has an invalid length. [ 348.081197][T14122] netlink: 'syz.1.3242': attribute type 1 has an invalid length. [ 348.108278][ T11] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 348.137349][T14118] syzkaller0: entered promiscuous mode [ 348.167038][T14122] syzkaller0 (unregistering): left promiscuous mode [ 348.355849][ T11] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 348.377604][T14127] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3244'. [ 348.646519][T14142] netlink: 52 bytes leftover after parsing attributes in process `syz.4.3247'. [ 348.994759][ T11] bridge_slave_1: left allmulticast mode [ 349.017093][ T11] bridge_slave_1: left promiscuous mode [ 349.032947][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 349.073537][ T11] bridge_slave_0: left allmulticast mode [ 349.093645][ T11] bridge_slave_0: left promiscuous mode [ 349.120191][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 349.970657][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 349.988744][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 350.003799][ T11] bond0 (unregistering): Released all slaves [ 350.017562][T14171] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3257'. [ 350.052894][ T5238] Bluetooth: hci3: command tx timeout [ 350.151047][T14184] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3260'. [ 350.993390][T14226] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3271'. [ 351.073584][ T11] hsr_slave_0: left promiscuous mode [ 351.088657][ T11] hsr_slave_1: left promiscuous mode [ 351.112845][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 351.125129][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 351.139439][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 351.153159][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 351.196664][ T11] veth1_macvtap: left promiscuous mode [ 351.202663][ T11] veth0_macvtap: left promiscuous mode [ 351.208814][ T11] veth1_vlan: left promiscuous mode [ 351.217121][ T11] veth0_vlan: left promiscuous mode [ 351.263173][T14237] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 351.293386][T14237] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 351.588617][T14243] nbd: nbd1 already in use [ 351.597707][T14243] block nbd1: NBD_DISCONNECT [ 351.609977][T14243] block nbd1: Send disconnect failed -22 [ 351.629725][T14243] block nbd1: Disconnected due to user request. [ 351.638287][T14243] block nbd1: shutting down sockets [ 352.027421][ T11] team0 (unregistering): Port device team_slave_1 removed [ 352.090202][ T11] team0 (unregistering): Port device team_slave_0 removed [ 352.132419][ T5238] Bluetooth: hci3: command tx timeout [ 352.627437][T14119] chnl_net:caif_netlink_parms(): no params data found [ 352.897811][T14119] bridge0: port 1(bridge_slave_0) entered blocking state [ 352.916545][T14119] bridge0: port 1(bridge_slave_0) entered disabled state [ 352.939019][T14119] bridge_slave_0: entered allmulticast mode [ 352.955235][T14119] bridge_slave_0: entered promiscuous mode [ 352.974491][T14119] bridge0: port 2(bridge_slave_1) entered blocking state [ 352.984963][T14119] bridge0: port 2(bridge_slave_1) entered disabled state [ 352.993204][T14119] bridge_slave_1: entered allmulticast mode [ 353.011602][T14119] bridge_slave_1: entered promiscuous mode [ 353.118963][T14119] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 353.139451][T14265] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3284'. [ 353.170457][T14265] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3284'. [ 353.197156][T14119] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 353.278345][T14119] team0: Port device team_slave_0 added [ 353.300337][T14119] team0: Port device team_slave_1 added [ 353.379561][T14119] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 353.388941][T14119] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 353.420588][T14119] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 353.454431][T14119] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 353.461569][T14119] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 353.491317][T14119] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 353.545415][T14119] hsr_slave_0: entered promiscuous mode [ 353.552810][T14119] hsr_slave_1: entered promiscuous mode [ 353.565465][T14119] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 353.577482][T14119] Cannot create hsr debugfs directory [ 354.222656][ T5238] Bluetooth: hci3: command tx timeout [ 356.291964][ T5238] Bluetooth: hci3: command tx timeout [ 358.453861][ C0] Dead loop on virtual device ipvlan1, fix it urgently! [ 361.789411][ T5240] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 361.798253][ T5240] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 361.810910][ T5240] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 361.820243][ T5240] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 361.828985][ T5240] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 361.838311][ T5240] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 362.018960][T14281] chnl_net:caif_netlink_parms(): no params data found [ 362.177137][T14281] bridge0: port 1(bridge_slave_0) entered blocking state [ 362.185029][T14281] bridge0: port 1(bridge_slave_0) entered disabled state [ 362.192511][T14281] bridge_slave_0: entered allmulticast mode [ 362.200197][T14281] bridge_slave_0: entered promiscuous mode [ 362.210205][T14281] bridge0: port 2(bridge_slave_1) entered blocking state [ 362.230391][T14281] bridge0: port 2(bridge_slave_1) entered disabled state [ 362.240576][T14281] bridge_slave_1: entered allmulticast mode [ 362.255343][T14281] bridge_slave_1: entered promiscuous mode [ 362.335012][T14281] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 362.350319][T14281] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 362.411186][ T5240] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 362.415713][T14281] team0: Port device team_slave_0 added [ 362.428956][ T5240] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 362.433193][T14281] team0: Port device team_slave_1 added [ 362.443047][ T5240] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 362.454507][ T5240] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 362.464423][ T5240] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 362.471958][ T5240] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 362.494785][T14281] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 362.503207][T14281] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 362.530457][T14281] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 362.547177][T14281] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 362.554833][T14281] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 362.581601][T14281] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 362.656785][T14281] hsr_slave_0: entered promiscuous mode [ 362.664211][T14281] hsr_slave_1: entered promiscuous mode [ 362.670453][T14281] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 362.678893][T14281] Cannot create hsr debugfs directory [ 362.910000][T14281] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 362.921094][T14281] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 363.026651][T14281] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 363.037240][T14281] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 363.115714][T14290] chnl_net:caif_netlink_parms(): no params data found [ 363.171399][T14281] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 363.183852][T14281] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 363.278223][T14281] bond0: (slave netdevsim0): Releasing backup interface [ 363.291473][T14281] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 363.301985][T14281] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 363.359191][T14290] bridge0: port 1(bridge_slave_0) entered blocking state [ 363.368720][T14290] bridge0: port 1(bridge_slave_0) entered disabled state [ 363.377122][T14290] bridge_slave_0: entered allmulticast mode [ 363.387583][T14290] bridge_slave_0: entered promiscuous mode [ 363.396612][T14290] bridge0: port 2(bridge_slave_1) entered blocking state [ 363.405448][T14290] bridge0: port 2(bridge_slave_1) entered disabled state [ 363.414172][T14290] bridge_slave_1: entered allmulticast mode [ 363.421303][T14290] bridge_slave_1: entered promiscuous mode [ 363.480742][T14290] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 363.513887][T14290] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 363.646965][T14290] team0: Port device team_slave_0 added [ 363.666688][T14290] team0: Port device team_slave_1 added [ 363.784822][T14290] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 363.792225][T14290] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 363.852016][T14290] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 363.882631][T14290] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 363.889640][T14290] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 363.893082][ T5240] Bluetooth: hci5: command tx timeout [ 363.933648][T14290] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 363.996331][T14290] hsr_slave_0: entered promiscuous mode [ 364.004279][T14290] hsr_slave_1: entered promiscuous mode [ 364.010712][T14290] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 364.019009][T14290] Cannot create hsr debugfs directory [ 364.207205][ T5238] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 364.222804][ T5238] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 364.252604][ T5238] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 364.261563][ T5238] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 364.270336][ T5235] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 364.278433][ T5235] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 364.286449][ T5244] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 364.308513][ T5244] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 364.317108][ T5244] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 364.326787][ T5244] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 364.336800][ T5244] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 364.353509][ T5244] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 364.368296][T14290] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 364.507281][T14290] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 364.532397][ T5238] Bluetooth: hci6: command tx timeout [ 364.616726][T14290] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 364.711229][T14290] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 364.877516][T14302] chnl_net:caif_netlink_parms(): no params data found [ 365.006029][T14300] chnl_net:caif_netlink_parms(): no params data found [ 365.079609][T14302] bridge0: port 1(bridge_slave_0) entered blocking state [ 365.087928][T14302] bridge0: port 1(bridge_slave_0) entered disabled state [ 365.095493][T14302] bridge_slave_0: entered allmulticast mode [ 365.103244][T14302] bridge_slave_0: entered promiscuous mode [ 365.122564][T14302] bridge0: port 2(bridge_slave_1) entered blocking state [ 365.129755][T14302] bridge0: port 2(bridge_slave_1) entered disabled state [ 365.137993][T14302] bridge_slave_1: entered allmulticast mode [ 365.147534][T14302] bridge_slave_1: entered promiscuous mode [ 365.228150][T14302] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 365.242908][T14302] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 365.287726][T14300] bridge0: port 1(bridge_slave_0) entered blocking state [ 365.299025][T14300] bridge0: port 1(bridge_slave_0) entered disabled state [ 365.306828][T14300] bridge_slave_0: entered allmulticast mode [ 365.315471][T14300] bridge_slave_0: entered promiscuous mode [ 365.325025][T14300] bridge0: port 2(bridge_slave_1) entered blocking state [ 365.332463][T14300] bridge0: port 2(bridge_slave_1) entered disabled state [ 365.339761][T14300] bridge_slave_1: entered allmulticast mode [ 365.347768][T14300] bridge_slave_1: entered promiscuous mode [ 365.390925][T14302] team0: Port device team_slave_0 added [ 365.400485][T14302] team0: Port device team_slave_1 added [ 365.440909][T14300] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 365.455158][T14300] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 365.479427][T14302] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 365.487787][T14302] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 365.522353][T14302] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 365.549861][T14302] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 365.557785][T14302] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 365.587418][T14302] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 365.631073][T14300] team0: Port device team_slave_0 added [ 365.644622][T14300] team0: Port device team_slave_1 added [ 365.724154][T14302] hsr_slave_0: entered promiscuous mode [ 365.730841][T14302] hsr_slave_1: entered promiscuous mode [ 365.739326][T14302] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 365.747265][T14302] Cannot create hsr debugfs directory [ 365.753774][T14300] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 365.760750][T14300] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 365.787205][T14300] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 365.800459][T14300] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 365.807531][T14300] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 365.834075][T14300] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 365.937864][T14300] hsr_slave_0: entered promiscuous mode [ 365.945857][T14300] hsr_slave_1: entered promiscuous mode [ 365.952686][T14300] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 365.960939][T14300] Cannot create hsr debugfs directory [ 365.972363][ T5238] Bluetooth: hci5: command tx timeout [ 366.182260][T14302] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 366.279961][T14302] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 366.292356][ T5238] Bluetooth: hci7: command tx timeout [ 366.351099][T14302] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 366.372147][ T5238] Bluetooth: hci8: command tx timeout [ 366.422296][T14302] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 366.566554][T14300] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 366.612407][ T5238] Bluetooth: hci6: command tx timeout [ 366.658325][T14300] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 366.738749][T14300] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 366.827700][T14300] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 368.052712][ T5244] Bluetooth: hci5: command tx timeout [ 368.372177][ T5238] Bluetooth: hci7: command tx timeout [ 368.462489][ T5238] Bluetooth: hci8: command tx timeout [ 368.696838][ T5238] Bluetooth: hci6: command tx timeout [ 370.132443][ T5238] Bluetooth: hci5: command tx timeout [ 370.451999][ T5238] Bluetooth: hci7: command tx timeout [ 370.533060][ T5238] Bluetooth: hci8: command tx timeout [ 370.772268][ T5238] Bluetooth: hci6: command tx timeout [ 372.532318][ T5238] Bluetooth: hci7: command tx timeout [ 372.612719][ T5238] Bluetooth: hci8: command tx timeout [ 408.544064][ T5244] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 408.554279][ T5244] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 408.564521][ T5244] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 408.574351][ T5244] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 408.583275][ T5244] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 408.592485][ T5244] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 408.794099][T14322] chnl_net:caif_netlink_parms(): no params data found [ 408.888886][T14322] bridge0: port 1(bridge_slave_0) entered blocking state [ 408.896491][T14322] bridge0: port 1(bridge_slave_0) entered disabled state [ 408.905285][T14322] bridge_slave_0: entered allmulticast mode [ 408.913297][T14322] bridge_slave_0: entered promiscuous mode [ 408.921611][T14322] bridge0: port 2(bridge_slave_1) entered blocking state [ 408.930457][T14322] bridge0: port 2(bridge_slave_1) entered disabled state [ 408.939450][T14322] bridge_slave_1: entered allmulticast mode [ 408.948141][T14322] bridge_slave_1: entered promiscuous mode [ 408.989632][T14322] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 409.005436][T14322] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 409.050256][T14322] team0: Port device team_slave_0 added [ 409.059331][T14322] team0: Port device team_slave_1 added [ 409.096410][T14322] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 409.104645][T14322] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 409.133056][T14322] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 409.146647][T14322] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 409.154072][T14322] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 409.180889][T14322] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 409.233806][T14322] hsr_slave_0: entered promiscuous mode [ 409.240410][T14322] hsr_slave_1: entered promiscuous mode [ 409.247449][T14322] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 409.255668][T14322] Cannot create hsr debugfs directory [ 410.692385][ T5238] Bluetooth: hci9: command tx timeout [ 412.772779][ T5238] Bluetooth: hci9: command tx timeout [ 414.852619][ T5238] Bluetooth: hci9: command tx timeout [ 416.932248][ T5238] Bluetooth: hci9: command tx timeout [ 421.856524][ T5244] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 421.866990][ T5244] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 421.876655][ T5244] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 421.886730][ T5244] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 421.904238][ T5244] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 421.913334][ T5244] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 422.120818][T14331] chnl_net:caif_netlink_parms(): no params data found [ 422.214446][T14331] bridge0: port 1(bridge_slave_0) entered blocking state [ 422.221673][T14331] bridge0: port 1(bridge_slave_0) entered disabled state [ 422.229923][T14331] bridge_slave_0: entered allmulticast mode [ 422.238578][T14331] bridge_slave_0: entered promiscuous mode [ 422.248698][T14331] bridge0: port 2(bridge_slave_1) entered blocking state [ 422.257358][T14331] bridge0: port 2(bridge_slave_1) entered disabled state [ 422.265339][T14331] bridge_slave_1: entered allmulticast mode [ 422.273709][T14331] bridge_slave_1: entered promiscuous mode [ 422.319848][T14331] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 422.333723][T14331] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 422.378774][T14331] team0: Port device team_slave_0 added [ 422.390568][T14331] team0: Port device team_slave_1 added [ 422.429643][T14331] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 422.436823][T14331] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 422.464399][T14331] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 422.479506][T14331] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 422.486909][T14331] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 422.513612][T14331] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 422.570626][T14331] hsr_slave_0: entered promiscuous mode [ 422.577952][T14331] hsr_slave_1: entered promiscuous mode [ 422.585636][T14331] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 422.594206][T14331] Cannot create hsr debugfs directory [ 423.018443][ T5244] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 423.045561][ T5244] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 423.056237][ T5244] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 423.066241][ T5244] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 423.075198][ T5244] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3 [ 423.084018][ T5244] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 423.325368][T14340] chnl_net:caif_netlink_parms(): no params data found [ 423.429167][T14340] bridge0: port 1(bridge_slave_0) entered blocking state [ 423.436615][T14340] bridge0: port 1(bridge_slave_0) entered disabled state [ 423.444386][T14340] bridge_slave_0: entered allmulticast mode [ 423.451662][T14340] bridge_slave_0: entered promiscuous mode [ 423.461101][T14340] bridge0: port 2(bridge_slave_1) entered blocking state [ 423.468893][T14340] bridge0: port 2(bridge_slave_1) entered disabled state [ 423.477611][T14340] bridge_slave_1: entered allmulticast mode [ 423.486090][T14340] bridge_slave_1: entered promiscuous mode [ 423.534007][T14340] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 423.546891][T14340] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 423.594967][T14340] team0: Port device team_slave_0 added [ 423.606944][T14340] team0: Port device team_slave_1 added [ 423.649005][T14340] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 423.656531][T14340] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 423.683916][T14340] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 423.698157][T14340] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 423.705653][T14340] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 423.732186][T14340] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 423.790838][T14340] hsr_slave_0: entered promiscuous mode [ 423.798245][T14340] hsr_slave_1: entered promiscuous mode [ 423.806149][T14340] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 423.815245][T14340] Cannot create hsr debugfs directory [ 423.972732][ T5244] Bluetooth: hci10: command tx timeout [ 424.566762][ T5238] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 424.577929][ T5238] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 424.587455][ T5238] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 424.596646][ T5238] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 424.606843][ T5238] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3 [ 424.615880][ T5238] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 424.646921][ T5238] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 424.658137][ T5244] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 424.674951][ T5244] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 424.683881][ T5244] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 424.693660][ T5244] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3 [ 424.701234][ T5244] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 425.076288][T14352] chnl_net:caif_netlink_parms(): no params data found [ 425.089547][T14350] chnl_net:caif_netlink_parms(): no params data found [ 425.172024][ T5235] Bluetooth: hci11: command tx timeout [ 425.256723][T14350] bridge0: port 1(bridge_slave_0) entered blocking state [ 425.264968][T14350] bridge0: port 1(bridge_slave_0) entered disabled state [ 425.273043][T14350] bridge_slave_0: entered allmulticast mode [ 425.280792][T14350] bridge_slave_0: entered promiscuous mode [ 425.305272][T14350] bridge0: port 2(bridge_slave_1) entered blocking state [ 425.313381][T14350] bridge0: port 2(bridge_slave_1) entered disabled state [ 425.320730][T14350] bridge_slave_1: entered allmulticast mode [ 425.329188][T14350] bridge_slave_1: entered promiscuous mode [ 425.388338][T14350] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 425.398168][T14352] bridge0: port 1(bridge_slave_0) entered blocking state [ 425.406963][T14352] bridge0: port 1(bridge_slave_0) entered disabled state [ 425.415103][T14352] bridge_slave_0: entered allmulticast mode [ 425.423703][T14352] bridge_slave_0: entered promiscuous mode [ 425.435493][T14350] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 425.473981][T14352] bridge0: port 2(bridge_slave_1) entered blocking state [ 425.481243][T14352] bridge0: port 2(bridge_slave_1) entered disabled state [ 425.489757][T14352] bridge_slave_1: entered allmulticast mode [ 425.508017][T14352] bridge_slave_1: entered promiscuous mode [ 425.539103][T14350] team0: Port device team_slave_0 added [ 425.548706][T14350] team0: Port device team_slave_1 added [ 425.610431][T14352] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 425.626186][T14352] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 425.636839][T14350] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 425.644817][T14350] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 425.672567][T14350] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 425.715334][T14350] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 425.723276][T14350] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 425.750302][T14350] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 425.791536][T14352] team0: Port device team_slave_0 added [ 425.804062][T14352] team0: Port device team_slave_1 added [ 425.853819][T14350] hsr_slave_0: entered promiscuous mode [ 425.860868][T14350] hsr_slave_1: entered promiscuous mode [ 425.868202][T14350] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 425.876479][T14350] Cannot create hsr debugfs directory [ 425.922783][T14352] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 425.929795][T14352] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 425.956978][T14352] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 426.000650][T14352] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 426.008015][T14352] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 426.035044][T14352] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 426.061669][ T5235] Bluetooth: hci10: command tx timeout [ 426.121124][T14352] hsr_slave_0: entered promiscuous mode [ 426.129532][T14352] hsr_slave_1: entered promiscuous mode [ 426.137051][T14352] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 426.145309][T14352] Cannot create hsr debugfs directory [ 426.692219][ T5235] Bluetooth: hci12: command tx timeout [ 426.773722][ T5235] Bluetooth: hci13: command tx timeout [ 427.252471][ T5235] Bluetooth: hci11: command tx timeout [ 428.132815][ T5235] Bluetooth: hci10: command tx timeout [ 428.772625][ T5235] Bluetooth: hci12: command tx timeout [ 428.852195][ T5235] Bluetooth: hci13: command tx timeout [ 429.331909][ T5235] Bluetooth: hci11: command tx timeout [ 430.212216][ T5235] Bluetooth: hci10: command tx timeout [ 430.852544][ T5235] Bluetooth: hci12: command tx timeout [ 430.942294][ T5235] Bluetooth: hci13: command tx timeout [ 431.412451][ T5235] Bluetooth: hci11: command tx timeout [ 432.932504][ T5235] Bluetooth: hci12: command tx timeout [ 433.012609][ T5235] Bluetooth: hci13: command tx timeout [ 470.262099][ T5244] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 470.272178][ T5244] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 470.283784][ T5244] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 470.296511][ T5244] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 470.307263][ T5244] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3 [ 470.316637][ T5244] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 470.543334][T14367] chnl_net:caif_netlink_parms(): no params data found [ 470.654967][T14367] bridge0: port 1(bridge_slave_0) entered blocking state [ 470.662659][T14367] bridge0: port 1(bridge_slave_0) entered disabled state [ 470.671278][T14367] bridge_slave_0: entered allmulticast mode [ 470.679892][T14367] bridge_slave_0: entered promiscuous mode [ 470.689919][T14367] bridge0: port 2(bridge_slave_1) entered blocking state [ 470.697977][T14367] bridge0: port 2(bridge_slave_1) entered disabled state [ 470.705922][T14367] bridge_slave_1: entered allmulticast mode [ 470.714212][T14367] bridge_slave_1: entered promiscuous mode [ 470.760308][T14367] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 470.775365][T14367] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 470.823228][T14367] team0: Port device team_slave_0 added [ 470.834147][T14367] team0: Port device team_slave_1 added [ 470.870948][T14367] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 470.878779][T14367] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 470.905971][T14367] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 470.920920][T14367] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 470.929103][T14367] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 470.956188][T14367] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 471.019165][T14367] hsr_slave_0: entered promiscuous mode [ 471.026869][T14367] hsr_slave_1: entered promiscuous mode [ 471.034242][T14367] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 471.043778][T14367] Cannot create hsr debugfs directory [ 472.372519][ T5235] Bluetooth: hci14: command tx timeout [ 473.182519][ T5235] Bluetooth: hci3: command 0x0406 tx timeout [ 474.452734][ T5244] Bluetooth: hci14: command tx timeout [ 476.532522][ T5244] Bluetooth: hci14: command tx timeout [ 478.612350][ T5244] Bluetooth: hci14: command tx timeout [ 482.458175][ T5235] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 482.469829][ T5235] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 482.479584][ T5235] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 482.488577][ T5235] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 482.496762][ T5235] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3 [ 482.505296][ T5235] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2 [ 482.727755][T14376] chnl_net:caif_netlink_parms(): no params data found [ 482.830269][T14376] bridge0: port 1(bridge_slave_0) entered blocking state [ 482.838310][T14376] bridge0: port 1(bridge_slave_0) entered disabled state [ 482.846405][T14376] bridge_slave_0: entered allmulticast mode [ 482.855148][T14376] bridge_slave_0: entered promiscuous mode [ 482.867202][T14376] bridge0: port 2(bridge_slave_1) entered blocking state [ 482.875153][T14376] bridge0: port 2(bridge_slave_1) entered disabled state [ 482.883563][T14376] bridge_slave_1: entered allmulticast mode [ 482.891342][T14376] bridge_slave_1: entered promiscuous mode [ 482.934354][T14376] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 482.948752][T14376] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 482.997394][T14376] team0: Port device team_slave_0 added [ 483.009988][T14376] team0: Port device team_slave_1 added [ 483.051376][T14376] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 483.059006][T14376] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 483.086109][T14376] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 483.101395][T14376] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 483.108738][T14376] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 483.135103][T14376] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 483.213327][T14376] hsr_slave_0: entered promiscuous mode [ 483.220614][T14376] hsr_slave_1: entered promiscuous mode [ 483.228620][T14376] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 483.236939][T14376] Cannot create hsr debugfs directory [ 483.539667][ T5244] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1 [ 483.551403][ T5244] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9 [ 483.560856][ T5244] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9 [ 483.570194][ T5244] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4 [ 483.578687][ T5244] Bluetooth: hci16: unexpected cc 0x0c25 length: 249 > 3 [ 483.586542][ T5244] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2 [ 483.974448][T14385] chnl_net:caif_netlink_parms(): no params data found [ 484.079615][T14385] bridge0: port 1(bridge_slave_0) entered blocking state [ 484.088400][T14385] bridge0: port 1(bridge_slave_0) entered disabled state [ 484.096309][T14385] bridge_slave_0: entered allmulticast mode [ 484.104332][T14385] bridge_slave_0: entered promiscuous mode [ 484.114625][T14385] bridge0: port 2(bridge_slave_1) entered blocking state [ 484.122026][T14385] bridge0: port 2(bridge_slave_1) entered disabled state [ 484.129418][T14385] bridge_slave_1: entered allmulticast mode [ 484.137528][T14385] bridge_slave_1: entered promiscuous mode [ 484.181187][T14385] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 484.195279][T14385] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 484.273497][T14385] team0: Port device team_slave_0 added [ 484.294540][T14385] team0: Port device team_slave_1 added [ 484.375381][T14385] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 484.383357][T14385] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 484.442066][T14385] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 484.464941][T14385] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 484.482201][T14385] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 484.532878][ T5244] Bluetooth: hci15: command tx timeout [ 484.542549][T14385] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 484.602967][T14385] hsr_slave_0: entered promiscuous mode [ 484.610454][T14385] hsr_slave_1: entered promiscuous mode [ 484.618251][T14385] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 484.627027][T14385] Cannot create hsr debugfs directory [ 484.820848][ T5235] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1 [ 484.836350][ T5235] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9 [ 484.848663][ T5235] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9 [ 484.857959][ T5235] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4 [ 484.882663][ T5235] Bluetooth: hci17: unexpected cc 0x0c25 length: 249 > 3 [ 484.891548][ T5235] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2 [ 485.014788][ T5235] Bluetooth: hci18: unexpected cc 0x0c03 length: 249 > 1 [ 485.025618][ T5235] Bluetooth: hci18: unexpected cc 0x1003 length: 249 > 9 [ 485.039431][ T5235] Bluetooth: hci18: unexpected cc 0x1001 length: 249 > 9 [ 485.054345][ T5235] Bluetooth: hci18: unexpected cc 0x0c23 length: 249 > 4 [ 485.064058][ T5235] Bluetooth: hci18: unexpected cc 0x0c25 length: 249 > 3 [ 485.071616][ T5235] Bluetooth: hci18: unexpected cc 0x0c38 length: 249 > 2 [ 485.366808][T14395] chnl_net:caif_netlink_parms(): no params data found [ 485.620182][T14395] bridge0: port 1(bridge_slave_0) entered blocking state [ 485.628094][T14395] bridge0: port 1(bridge_slave_0) entered disabled state [ 485.636681][T14395] bridge_slave_0: entered allmulticast mode [ 485.645482][T14395] bridge_slave_0: entered promiscuous mode [ 485.652163][ T5244] Bluetooth: hci16: command tx timeout [ 485.663588][T14395] bridge0: port 2(bridge_slave_1) entered blocking state [ 485.670866][T14395] bridge0: port 2(bridge_slave_1) entered disabled state [ 485.678954][T14395] bridge_slave_1: entered allmulticast mode [ 485.687855][T14395] bridge_slave_1: entered promiscuous mode [ 485.745156][T14397] chnl_net:caif_netlink_parms(): no params data found [ 485.762764][T14395] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 485.795284][T14395] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 485.909748][T14395] team0: Port device team_slave_0 added [ 485.946218][T14395] team0: Port device team_slave_1 added [ 485.967568][T14397] bridge0: port 1(bridge_slave_0) entered blocking state [ 485.975902][T14397] bridge0: port 1(bridge_slave_0) entered disabled state [ 485.983497][T14397] bridge_slave_0: entered allmulticast mode [ 485.991425][T14397] bridge_slave_0: entered promiscuous mode [ 486.017691][T14397] bridge0: port 2(bridge_slave_1) entered blocking state [ 486.026137][T14397] bridge0: port 2(bridge_slave_1) entered disabled state [ 486.034539][T14397] bridge_slave_1: entered allmulticast mode [ 486.042870][T14397] bridge_slave_1: entered promiscuous mode [ 486.050724][T14395] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 486.058433][T14395] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 486.086550][T14395] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 486.131106][T14395] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 486.139981][T14395] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 486.167163][T14395] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 486.184022][T14397] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 486.198055][T14397] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 486.290909][T14397] team0: Port device team_slave_0 added [ 486.303156][T14397] team0: Port device team_slave_1 added [ 486.316896][T14395] hsr_slave_0: entered promiscuous mode [ 486.325139][T14395] hsr_slave_1: entered promiscuous mode [ 486.331683][T14395] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 486.339956][T14395] Cannot create hsr debugfs directory [ 486.433022][T14397] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 486.440018][T14397] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 486.474142][T14397] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 486.493040][T14397] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 486.500060][T14397] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 486.526846][T14397] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 486.588194][ T63] bridge_slave_1: left allmulticast mode [ 486.594679][ T63] bridge_slave_1: left promiscuous mode [ 486.600534][ T63] bridge0: port 2(bridge_slave_1) entered disabled state [ 486.611457][ T63] bridge_slave_0: left allmulticast mode [ 486.617326][ T4621] Bluetooth: hci15: command tx timeout [ 486.623563][ T63] bridge_slave_0: left promiscuous mode [ 486.629390][ T63] bridge0: port 1(bridge_slave_0) entered disabled state [ 486.932827][ T4621] Bluetooth: hci17: command tx timeout [ 487.172730][ T4621] Bluetooth: hci18: command tx timeout [ 487.740528][ T4621] Bluetooth: hci16: command tx timeout [ 488.070664][ T63] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 488.084467][ T63] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 488.097029][ T63] bond0 (unregistering): (slave batadv0): Releasing backup interface [ 488.108612][ T63] bond0 (unregistering): (slave team0): Releasing backup interface [ 488.122766][ T63] bond0 (unregistering): Released all slaves [ 488.141562][ T63] bond1 (unregistering): Released all slaves [ 488.158948][ T63] bond2 (unregistering): Released all slaves [ 488.181519][ T63] bond3 (unregistering): Released all slaves [ 488.290043][T14397] hsr_slave_0: entered promiscuous mode [ 488.308612][T14397] hsr_slave_1: entered promiscuous mode [ 488.329677][T14397] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 488.347802][T14397] Cannot create hsr debugfs directory [ 488.541973][ T4621] Bluetooth: hci6: command 0x0406 tx timeout [ 488.551262][ T4621] Bluetooth: hci7: command 0x0406 tx timeout [ 488.556670][ T5238] Bluetooth: hci5: command 0x0406 tx timeout [ 488.612008][ T5240] Bluetooth: hci8: command 0x0406 tx timeout [ 488.692020][ T5240] Bluetooth: hci15: command tx timeout [ 488.969519][ T63] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 488.978868][ T63] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 488.988164][ T63] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 488.996159][ T63] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 489.012531][ T5240] Bluetooth: hci17: command tx timeout [ 489.030469][ T63] veth1_macvtap: left promiscuous mode [ 489.036176][ T63] veth0_macvtap: left promiscuous mode [ 489.042614][ T63] veth1_vlan: left promiscuous mode [ 489.047994][ T63] veth0_vlan: left promiscuous mode [ 489.252338][ T5240] Bluetooth: hci18: command tx timeout [ 489.820646][ T5240] Bluetooth: hci16: command tx timeout [ 489.920493][ T63] team0 (unregistering): Port device team_slave_1 removed [ 490.772276][ T5240] Bluetooth: hci15: command tx timeout [ 490.923776][ T63] IPVS: stop unused estimator thread 0... [ 491.092110][ T5240] Bluetooth: hci17: command tx timeout [ 491.342672][ T5240] Bluetooth: hci18: command tx timeout [ 491.902739][ T5240] Bluetooth: hci16: command tx timeout [ 493.182358][ T5240] Bluetooth: hci17: command tx timeout [ 493.412405][ T5240] Bluetooth: hci18: command tx timeout [ 497.973440][ T30] INFO: task syz-executor:14119 blocked for more than 143 seconds. [ 497.981514][ T30] Not tainted 6.11.0-syzkaller-01469-g6f9defaf9912 #0 [ 497.990074][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 498.000231][ T30] task:syz-executor state:D stack:21728 pid:14119 tgid:14119 ppid:1 flags:0x00000004 [ 498.011556][ T30] Call Trace: [ 498.015893][ T30] [ 498.018900][ T30] __schedule+0x1800/0x4a60 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 498.024987][ T30] ? __pfx___schedule+0x10/0x10 [ 498.030582][ T30] ? __pfx_lock_release+0x10/0x10 [ 498.037419][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 498.044051][ T30] ? schedule+0x90/0x320 [ 498.048381][ T30] schedule+0x14b/0x320 [ 498.054040][ T30] schedule_preempt_disabled+0x13/0x30 [ 498.059570][ T30] __mutex_lock+0x6a4/0xd70 [ 498.065514][ T30] ? __mutex_lock+0x527/0xd70 [ 498.070299][ T30] ? genl_rcv_msg+0x121/0xec0 [ 498.076281][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 498.081366][ T30] ? __pfx_validate_chain+0x10/0x10 [ 498.088852][ T30] ? __pfx_validate_chain+0x10/0x10 [ 498.095194][ T30] ? radix_tree_lookup+0x238/0x290 [ 498.100370][ T30] genl_rcv_msg+0x121/0xec0 [ 498.106162][ T30] ? mark_lock+0x9a/0x350 [ 498.110564][ T30] ? __lock_acquire+0x137a/0x2040 [ 498.116299][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 498.121424][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 498.127207][ T30] ? __pfx___might_resched+0x10/0x10 [ 498.133717][ T30] netlink_rcv_skb+0x1e3/0x430 [ 498.138832][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 498.145423][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 498.150824][ T30] genl_rcv+0x28/0x40 [ 498.172626][ T30] netlink_unicast+0x7f6/0x990 [ 498.178319][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 498.216289][ T30] ? __virt_addr_valid+0x183/0x530 [ 498.221513][ T30] ? __check_object_size+0x49c/0x900 [ 498.231310][ T30] ? bpf_lsm_netlink_send+0x9/0x10 [ 498.237002][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 498.242283][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 498.247642][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 498.253560][ T30] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 498.258914][ T30] ? security_socket_sendmsg+0x87/0xb0 [ 498.264866][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 498.270224][ T30] __sock_sendmsg+0x221/0x270 [ 498.275353][ T30] __sys_sendto+0x3a4/0x4f0 [ 498.279936][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 498.285474][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 498.291525][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 498.298835][ T30] __x64_sys_sendto+0xde/0x100 [ 498.304078][ T30] do_syscall_64+0xf3/0x230 [ 498.308643][ T30] ? clear_bhb_loop+0x35/0x90 [ 498.313747][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 498.319699][ T30] RIP: 0033:0x7f910f77fd8c [ 498.324588][ T30] RSP: 002b:00007ffe576e7090 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 498.333487][ T30] RAX: ffffffffffffffda RBX: 00007f9110464620 RCX: 00007f910f77fd8c [ 498.341507][ T30] RDX: 0000000000000020 RSI: 00007f9110464670 RDI: 0000000000000005 [ 498.349957][ T30] RBP: 0000000000000000 R08: 00007ffe576e70e4 R09: 000000000000000c [ 498.358432][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000005 [ 498.367330][ T30] R13: 00007ffe576e7138 R14: 00007f9110464670 R15: 0000000000000000 [ 498.376045][ T30] [ 498.379235][ T30] INFO: task syz.1.3277:14243 blocked for more than 143 seconds. [ 498.387510][ T30] Not tainted 6.11.0-syzkaller-01469-g6f9defaf9912 #0 [ 498.395225][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 498.406504][ T30] task:syz.1.3277 state:D stack:23480 pid:14243 tgid:14242 ppid:5229 flags:0x00004004 [ 498.417106][ T30] Call Trace: [ 498.420430][ T30] [ 498.423904][ T30] __schedule+0x1800/0x4a60 [ 498.428497][ T30] ? __pfx___schedule+0x10/0x10 [ 498.433808][ T30] ? __pfx_lock_release+0x10/0x10 [ 498.438896][ T30] ? __lock_acquire+0x137a/0x2040 [ 498.444482][ T30] ? schedule+0x90/0x320 [ 498.448794][ T30] schedule+0x14b/0x320 [ 498.453619][ T30] schedule_timeout+0xb0/0x310 [ 498.458436][ T30] ? __pfx_schedule_timeout+0x10/0x10 [ 498.464363][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 498.470420][ T30] ? wait_for_completion+0x2fe/0x620 [ 498.476249][ T30] ? wait_for_completion+0x2fe/0x620 [ 498.481602][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 498.487239][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 498.492825][ T30] ? wait_for_completion+0x2fe/0x620 [ 498.498227][ T30] wait_for_completion+0x355/0x620 [ 498.504053][ T30] ? __pfx_wait_for_completion+0x10/0x10 [ 498.509762][ T30] ? flush_workqueue_prep_pwqs+0x45c/0x4c0 [ 498.516017][ T30] ? check_flush_dependency+0xb2/0x390 [ 498.521547][ T30] __flush_workqueue+0x7d6/0x1710 [ 498.527127][ T30] ? _raw_spin_unlock_irqrestore+0x8f/0x140 [ 498.533611][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 498.538881][ T30] ? __pfx___flush_workqueue+0x10/0x10 [ 498.544830][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 498.550869][ T30] ? __wake_up_common_lock+0x18c/0x1e0 [ 498.556899][ T30] nbd_disconnect_and_put+0xaa/0x250 [ 498.562756][ T30] nbd_genl_disconnect+0x451/0x720 [ 498.567957][ T30] ? __pfx_nbd_genl_disconnect+0x10/0x10 [ 498.574223][ T30] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 498.580630][ T30] genl_rcv_msg+0xb14/0xec0 [ 498.585628][ T30] ? mark_lock+0x9a/0x350 [ 498.590030][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 498.595559][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 498.600647][ T30] ? __pfx_nbd_genl_disconnect+0x10/0x10 [ 498.607072][ T30] ? __pfx___might_resched+0x10/0x10 [ 498.612837][ T30] netlink_rcv_skb+0x1e3/0x430 [ 498.617689][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 498.623270][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 498.628658][ T30] genl_rcv+0x28/0x40 [ 498.633100][ T30] netlink_unicast+0x7f6/0x990 [ 498.637970][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 498.643720][ T30] ? __virt_addr_valid+0x183/0x530 [ 498.648880][ T30] ? __check_object_size+0x49c/0x900 [ 498.654584][ T30] ? bpf_lsm_netlink_send+0x9/0x10 [ 498.659756][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 498.665035][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 498.670387][ T30] ? __import_iovec+0x536/0x820 [ 498.675702][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 498.680694][ T30] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 498.686570][ T30] ? security_socket_sendmsg+0x87/0xb0 [ 498.693323][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 498.698675][ T30] __sock_sendmsg+0x221/0x270 [ 498.704269][ T30] ____sys_sendmsg+0x525/0x7d0 [ 498.709106][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 498.714929][ T30] __sys_sendmsg+0x2b0/0x3a0 [ 498.719581][ T30] ? __pfx___sys_sendmsg+0x10/0x10 [ 498.725300][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 498.731693][ T30] ? do_syscall_64+0x100/0x230 [ 498.736956][ T30] ? do_syscall_64+0xb6/0x230 [ 498.741684][ T30] do_syscall_64+0xf3/0x230 [ 498.746659][ T30] ? clear_bhb_loop+0x35/0x90 [ 498.751391][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 498.757743][ T30] RIP: 0033:0x7f4a6397def9 [ 498.762493][ T30] RSP: 002b:00007f4a646dd038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 498.770961][ T30] RAX: ffffffffffffffda RBX: 00007f4a63b35f80 RCX: 00007f4a6397def9 [ 498.779423][ T30] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 000000000000000a [ 498.787808][ T30] RBP: 00007f4a639f0b76 R08: 0000000000000000 R09: 0000000000000000 [ 498.796296][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 498.805174][ T30] R13: 0000000000000000 R14: 00007f4a63b35f80 R15: 00007ffead9c3ce8 [ 498.813908][ T30] [ 498.817041][ T30] INFO: task syz.0.3279:14248 blocked for more than 144 seconds. [ 498.825233][ T30] Not tainted 6.11.0-syzkaller-01469-g6f9defaf9912 #0 [ 498.832867][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 498.841578][ T30] task:syz.0.3279 state:D stack:27360 pid:14248 tgid:14247 ppid:5233 flags:0x00000004 [ 498.852416][ T30] Call Trace: [ 498.855744][ T30] [ 498.858715][ T30] __schedule+0x1800/0x4a60 [ 498.863787][ T30] ? __pfx___schedule+0x10/0x10 [ 498.868702][ T30] ? __pfx_lock_release+0x10/0x10 [ 498.874171][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 498.879710][ T30] ? schedule+0x90/0x320 [ 498.884380][ T30] schedule+0x14b/0x320 [ 498.888603][ T30] schedule_preempt_disabled+0x13/0x30 [ 498.894548][ T30] __mutex_lock+0x6a4/0xd70 [ 498.899112][ T30] ? __mutex_lock+0x527/0xd70 [ 498.904465][ T30] ? genl_rcv_msg+0x121/0xec0 [ 498.909478][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 498.915062][ T30] ? __pfx_validate_chain+0x10/0x10 [ 498.920313][ T30] ? __pfx_validate_chain+0x10/0x10 [ 498.926331][ T30] ? radix_tree_lookup+0x238/0x290 [ 498.931512][ T30] genl_rcv_msg+0x121/0xec0 [ 498.936661][ T30] ? mark_lock+0x9a/0x350 [ 498.941061][ T30] ? __lock_acquire+0x137a/0x2040 [ 498.946574][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 498.951686][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 498.957139][ T30] ? __pfx___might_resched+0x10/0x10 [ 498.962862][ T30] netlink_rcv_skb+0x1e3/0x430 [ 498.967687][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 498.973144][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 498.978526][ T30] genl_rcv+0x28/0x40 [ 498.982962][ T30] netlink_unicast+0x7f6/0x990 [ 498.987798][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 498.993607][ T30] ? __virt_addr_valid+0x183/0x530 [ 498.998775][ T30] ? __check_object_size+0x49c/0x900 [ 499.004519][ T30] ? bpf_lsm_netlink_send+0x9/0x10 [ 499.009683][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 499.015643][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 499.020999][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 499.026392][ T30] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 499.032729][ T30] ? security_socket_sendmsg+0x87/0xb0 [ 499.038257][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 499.043959][ T30] __sock_sendmsg+0x221/0x270 [ 499.048696][ T30] __sys_sendto+0x3a4/0x4f0 [ 499.054031][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 499.059157][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 499.065606][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 499.072380][ T30] ? exc_page_fault+0x590/0x8c0 [ 499.077303][ T30] __x64_sys_sendto+0xde/0x100 [ 499.082577][ T30] do_syscall_64+0xf3/0x230 [ 499.087142][ T30] ? clear_bhb_loop+0x35/0x90 [ 499.092428][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 499.098383][ T30] RIP: 0033:0x7f39c8f7fd8c [ 499.103243][ T30] RSP: 002b:00007f39c9e21ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 499.112025][ T30] RAX: ffffffffffffffda RBX: 00007f39c9e21fc0 RCX: 00007f39c8f7fd8c [ 499.120334][ T30] RDX: 0000000000000028 RSI: 00007f39c9e22010 RDI: 0000000000000004 [ 499.128798][ T30] RBP: 0000000000000000 R08: 00007f39c9e21f14 R09: 000000000000000c [ 499.137197][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 499.146450][ T30] R13: 00007f39c9e21f68 R14: 00007f39c9e22010 R15: 0000000000000000 [ 499.154883][ T30] [ 499.158025][ T30] INFO: task syz.2.3287:14274 blocked for more than 144 seconds. [ 499.166205][ T30] Not tainted 6.11.0-syzkaller-01469-g6f9defaf9912 #0 [ 499.174370][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 499.183477][ T30] task:syz.2.3287 state:D stack:27072 pid:14274 tgid:14270 ppid:5237 flags:0x00000004 [ 499.194040][ T30] Call Trace: [ 499.197359][ T30] [ 499.200324][ T30] __schedule+0x1800/0x4a60 [ 499.206901][ T30] ? __pfx___schedule+0x10/0x10 [ 499.212078][ T30] ? __pfx_lock_release+0x10/0x10 [ 499.217439][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 499.225305][ T30] ? schedule+0x90/0x320 [ 499.229621][ T30] schedule+0x14b/0x320 [ 499.234345][ T30] schedule_preempt_disabled+0x13/0x30 [ 499.239870][ T30] __mutex_lock+0x6a4/0xd70 [ 499.245259][ T30] ? __mutex_lock+0x527/0xd70 [ 499.249995][ T30] ? genl_rcv_msg+0x121/0xec0 [ 499.256369][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 499.262767][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 499.268038][ T30] ? __local_bh_enable_ip+0x168/0x200 [ 499.274387][ T30] ? dev_hard_start_xmit+0x773/0x7e0 [ 499.279755][ T30] ? radix_tree_lookup+0x238/0x290 [ 499.285635][ T30] genl_rcv_msg+0x121/0xec0 [ 499.290162][ T30] ? mark_lock+0x9a/0x350 [ 499.295219][ T30] ? __lock_acquire+0x137a/0x2040 [ 499.300297][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 499.306106][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 499.311187][ T30] ? __pfx___might_resched+0x10/0x10 [ 499.317763][ T30] netlink_rcv_skb+0x1e3/0x430 [ 499.323295][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 499.328375][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 499.342373][ T30] ? __netlink_deliver_tap+0x77e/0x7c0 [ 499.347994][ T30] genl_rcv+0x28/0x40 [ 499.353767][ T30] netlink_unicast+0x7f6/0x990 [ 499.358593][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 499.363997][ T30] ? __virt_addr_valid+0x183/0x530 [ 499.369164][ T30] ? __check_object_size+0x49c/0x900 [ 499.375195][ T30] ? bpf_lsm_netlink_send+0x9/0x10 [ 499.380376][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 499.387451][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 499.393263][ T30] ? __import_iovec+0x536/0x820 [ 499.398164][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 499.403800][ T30] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 499.409146][ T30] ? security_socket_sendmsg+0x87/0xb0 [ 499.415311][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 499.420670][ T30] __sock_sendmsg+0x221/0x270 [ 499.426329][ T30] ____sys_sendmsg+0x525/0x7d0 [ 499.431176][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 499.436984][ T30] __sys_sendmsg+0x2b0/0x3a0 [ 499.441629][ T30] ? __pfx___sys_sendmsg+0x10/0x10 [ 499.447548][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 499.454484][ T30] ? do_syscall_64+0x100/0x230 [ 499.459316][ T30] ? do_syscall_64+0xb6/0x230 [ 499.464815][ T30] do_syscall_64+0xf3/0x230 [ 499.469389][ T30] ? clear_bhb_loop+0x35/0x90 [ 499.474772][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 499.480733][ T30] RIP: 0033:0x7f272b17def9 [ 499.486346][ T30] RSP: 002b:00007f272c00f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 499.495402][ T30] RAX: ffffffffffffffda RBX: 00007f272b336058 RCX: 00007f272b17def9 [ 499.503711][ T30] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000005 [ 499.511808][ T30] RBP: 00007f272b1f0b76 R08: 0000000000000000 R09: 0000000000000000 [ 499.520061][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 499.528709][ T30] R13: 0000000000000000 R14: 00007f272b336058 R15: 00007fffd9839f98 [ 499.536823][ T30] [ 499.540164][ T30] INFO: task syz.4.3288:14273 blocked for more than 144 seconds. [ 499.548666][ T30] Not tainted 6.11.0-syzkaller-01469-g6f9defaf9912 #0 [ 499.556182][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 499.565501][ T30] task:syz.4.3288 state:D stack:27360 pid:14273 tgid:14272 ppid:5242 flags:0x00000004 [ 499.576160][ T30] Call Trace: [ 499.579482][ T30] [ 499.582671][ T30] __schedule+0x1800/0x4a60 [ 499.587632][ T30] ? __pfx___schedule+0x10/0x10 [ 499.592731][ T30] ? __pfx_lock_release+0x10/0x10 [ 499.598042][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 499.603696][ T30] ? schedule+0x90/0x320 [ 499.608217][ T30] schedule+0x14b/0x320 [ 499.612555][ T30] schedule_preempt_disabled+0x13/0x30 [ 499.618092][ T30] __mutex_lock+0x6a4/0xd70 [ 499.623086][ T30] ? __mutex_lock+0x527/0xd70 [ 499.628107][ T30] ? genl_rcv_msg+0x121/0xec0 [ 499.633070][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 499.638509][ T30] ? __pfx_validate_chain+0x10/0x10 [ 499.643903][ T30] ? __pfx_validate_chain+0x10/0x10 [ 499.649357][ T30] ? radix_tree_lookup+0x238/0x290 [ 499.654899][ T30] genl_rcv_msg+0x121/0xec0 [ 499.659460][ T30] ? mark_lock+0x9a/0x350 [ 499.664011][ T30] ? __lock_acquire+0x137a/0x2040 [ 499.669354][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 499.674821][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 499.679910][ T30] ? __pfx___might_resched+0x10/0x10 [ 499.685387][ T30] netlink_rcv_skb+0x1e3/0x430 [ 499.690498][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 499.695705][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 499.701430][ T30] genl_rcv+0x28/0x40 [ 499.705663][ T30] netlink_unicast+0x7f6/0x990 [ 499.710499][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 499.716251][ T30] ? __virt_addr_valid+0x183/0x530 [ 499.721528][ T30] ? __check_object_size+0x49c/0x900 [ 499.727036][ T30] ? bpf_lsm_netlink_send+0x9/0x10 [ 499.732805][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 499.737983][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 499.743784][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 499.748801][ T30] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 499.754280][ T30] ? security_socket_sendmsg+0x87/0xb0 [ 499.760089][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 499.765589][ T30] __sock_sendmsg+0x221/0x270 [ 499.770513][ T30] __sys_sendto+0x3a4/0x4f0 [ 499.775376][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 499.780497][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 499.787124][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 499.793654][ T30] ? exc_page_fault+0x590/0x8c0 [ 499.798877][ T30] __x64_sys_sendto+0xde/0x100 [ 499.803900][ T30] do_syscall_64+0xf3/0x230 [ 499.808461][ T30] ? clear_bhb_loop+0x35/0x90 [ 499.813829][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 499.819981][ T30] RIP: 0033:0x7f7362d7fd8c [ 499.824582][ T30] RSP: 002b:00007f7363b8aec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 499.833716][ T30] RAX: ffffffffffffffda RBX: 00007f7363b8afc0 RCX: 00007f7362d7fd8c [ 499.841884][ T30] RDX: 0000000000000028 RSI: 00007f7363b8b010 RDI: 0000000000000004 [ 499.850110][ T30] RBP: 0000000000000000 R08: 00007f7363b8af14 R09: 000000000000000c [ 499.858304][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 499.866470][ T30] R13: 00007f7363b8af68 R14: 00007f7363b8b010 R15: 0000000000000000 [ 499.874914][ T30] [ 499.878061][ T30] [ 499.878061][ T30] Showing all locks held in the system: [ 499.886576][ T30] 5 locks held by kworker/u8:0/11: [ 499.892299][ T30] 1 lock held by khungtaskd/30: [ 499.897391][ T30] #0: ffffffff8e938320 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 499.907658][ T30] 3 locks held by kworker/u8:2/35: [ 499.912940][ T30] 2 locks held by getty/4986: [ 499.917849][ T30] #0: ffff88803519a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 499.928097][ T30] #1: ffffc900031232f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6ac/0x1e00 [ 499.938736][ T30] 2 locks held by kworker/u9:9/5248: [ 499.944398][ T30] #0: ffff888026172948 ((wq_completion)nbd1-recv){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830 [ 499.955830][ T30] #1: ffffc900037bfd00 ((work_completion)(&args->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830 [ 499.968077][ T30] 2 locks held by syz-executor/14119: [ 499.973821][ T30] #0: ffffffff8fcee2b0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 499.982307][ T30] #1: ffffffff8fcee168 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x121/0xec0 [ 499.991562][ T30] 3 locks held by syz.1.3277/14243: [ 499.996867][ T30] #0: ffffffff8fcee2b0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 500.005604][ T30] #1: ffffffff8fcee168 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x121/0xec0 [ 500.014752][ T30] #2: ffff88802177e998 (&nbd->config_lock){+.+.}-{3:3}, at: nbd_disconnect_and_put+0x34/0x250 [ 500.025584][ T30] 2 locks held by syz.0.3279/14248: [ 500.030813][ T30] #0: ffffffff8fcee2b0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 500.039443][ T30] #1: ffffffff8fcee168 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x121/0xec0 [ 500.049065][ T30] 2 locks held by syz.2.3287/14274: [ 500.054692][ T30] #0: ffffffff8fcee2b0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 500.063312][ T30] #1: ffffffff8fcee168 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x121/0xec0 [ 500.072840][ T30] 2 locks held by syz.4.3288/14273: [ 500.078076][ T30] #0: ffffffff8fcee2b0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 500.087032][ T30] #1: ffffffff8fcee168 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x121/0xec0 [ 500.096179][ T30] 2 locks held by syz-executor/14281: [ 500.101577][ T30] #0: ffffffff8fcee2b0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 500.110711][ T30] #1: ffffffff8fcee168 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x121/0xec0 [ 500.120265][ T30] 2 locks held by syz-executor/14290: [ 500.126165][ T30] #0: ffffffff8fcee2b0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 500.135035][ T30] #1: ffffffff8fcee168 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x121/0xec0 [ 500.144889][ T30] 2 locks held by syz-executor/14300: [ 500.150303][ T30] #0: ffffffff8fcee2b0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 500.159297][ T30] #1: ffffffff8fcee168 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x121/0xec0 [ 500.168936][ T30] 2 locks held by syz-executor/14302: [ 500.174742][ T30] #0: ffffffff8fcee2b0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 500.183567][ T30] #1: ffffffff8fcee168 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x121/0xec0 [ 500.193022][ T30] 2 locks held by syz-executor/14322: [ 500.198427][ T30] #0: ffffffff8fcee2b0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 500.207360][ T30] #1: ffffffff8fcee168 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x121/0xec0 [ 500.217089][ T30] 2 locks held by syz-executor/14331: [ 500.223076][ T30] #0: ffffffff8fcee2b0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 500.231379][ T30] #1: ffffffff8fcee168 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x121/0xec0 [ 500.241377][ T30] 2 locks held by syz-executor/14340: [ 500.247331][ T30] #0: ffffffff8fcee2b0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 500.256063][ T30] #1: ffffffff8fcee168 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x121/0xec0 [ 500.265688][ T30] 2 locks held by syz-executor/14350: [ 500.271092][ T30] #0: ffffffff8fcee2b0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 500.280077][ T30] #1: ffffffff8fcee168 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x121/0xec0 [ 500.289671][ T30] 2 locks held by syz-executor/14352: [ 500.295628][ T30] #0: ffffffff8fcee2b0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 500.304539][ T30] #1: ffffffff8fcee168 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x121/0xec0 [ 500.314108][ T30] 2 locks held by syz-executor/14367: [ 500.319516][ T30] #0: ffffffff8fcee2b0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 500.328452][ T30] #1: ffffffff8fcee168 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x121/0xec0 [ 500.338014][ T30] 2 locks held by syz-executor/14376: [ 500.344231][ T30] #0: ffffffff8fcee2b0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 500.352892][ T30] #1: ffffffff8fcee168 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x121/0xec0 [ 500.362412][ T30] 2 locks held by syz-executor/14385: [ 500.367819][ T30] #0: ffffffff8fcee2b0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 500.376869][ T30] #1: ffffffff8fcee168 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x121/0xec0 [ 500.386485][ T30] 2 locks held by syz-executor/14395: [ 500.392329][ T30] #0: ffffffff8fcee2b0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 500.400610][ T30] #1: ffffffff8fcee168 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x121/0xec0 [ 500.410506][ T30] 2 locks held by syz-executor/14397: [ 500.416393][ T30] #0: ffffffff8fcee2b0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40 [ 500.425231][ T30] #1: ffffffff8fcee168 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x121/0xec0 [ 500.434792][ T30] [ 500.437153][ T30] ============================================= [ 500.437153][ T30] [ 500.446684][ T30] NMI backtrace for cpu 0 [ 500.451061][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-syzkaller-01469-g6f9defaf9912 #0 [ 500.461254][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 500.471353][ T30] Call Trace: [ 500.474669][ T30] [ 500.477631][ T30] dump_stack_lvl+0x241/0x360 [ 500.482362][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 500.487611][ T30] ? __pfx__printk+0x10/0x10 [ 500.492241][ T30] ? vprintk_emit+0x667/0x7c0 [ 500.496965][ T30] ? __pfx_vprintk_emit+0x10/0x10 [ 500.502047][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 500.507036][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 500.512537][ T30] ? _printk+0xd5/0x120 [ 500.516740][ T30] ? __pfx__printk+0x10/0x10 [ 500.521384][ T30] ? __wake_up_klogd+0xcc/0x110 [ 500.526280][ T30] ? __pfx__printk+0x10/0x10 [ 500.530905][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 500.535961][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 500.541982][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 500.548031][ T30] watchdog+0xff4/0x1040 [ 500.552347][ T30] ? watchdog+0x1ea/0x1040 [ 500.556825][ T30] ? __pfx_watchdog+0x10/0x10 [ 500.561525][ T30] kthread+0x2f0/0x390 [ 500.565621][ T30] ? __pfx_watchdog+0x10/0x10 [ 500.570320][ T30] ? __pfx_kthread+0x10/0x10 [ 500.574943][ T30] ret_from_fork+0x4b/0x80 [ 500.579388][ T30] ? __pfx_kthread+0x10/0x10 [ 500.584009][ T30] ret_from_fork_asm+0x1a/0x30 [ 500.588817][ T30] [ 500.593017][ T30] Sending NMI from CPU 0 to CPUs 1: [ 500.598304][ C1] NMI backtrace for cpu 1 [ 500.598320][ C1] CPU: 1 UID: 0 PID: 35 Comm: kworker/u8:2 Not tainted 6.11.0-syzkaller-01469-g6f9defaf9912 #0 [ 500.598342][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 500.598353][ C1] Workqueue: bat_events batadv_nc_worker [ 500.598383][ C1] RIP: 0010:__kasan_check_read+0x0/0x20 [ 500.598410][ C1] Code: 8e 4c 89 fe e8 d1 4f bc 09 31 db eb d0 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 89 f6 48 8b 0c 24 31 d2 e9 6f e6 ff ff 66 2e 0f 1f 84 [ 500.598425][ C1] RSP: 0018:ffffc90000ab79d8 EFLAGS: 00000246 [ 500.598440][ C1] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000002 [ 500.598452][ C1] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff90183168 [ 500.598463][ C1] RBP: ffffc90000ab7b40 R08: 0000000000000000 R09: 0000000000000000 [ 500.598475][ C1] R10: dffffc0000000000 R11: fffffbfff203062e R12: 1ffff92000156f44 [ 500.598489][ C1] R13: dffffc0000000000 R14: 0000000000000000 R15: dffffc0000000000 [ 500.598502][ C1] FS: 0000000000000000(0000) GS:ffff8880b8900000(0000) knlGS:0000000000000000 [ 500.598517][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 500.598530][ C1] CR2: 00007ffea0251000 CR3: 000000000e734000 CR4: 00000000003506f0 [ 500.598546][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 500.598557][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 500.598569][ C1] Call Trace: [ 500.598577][ C1] [ 500.598586][ C1] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 500.598608][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 500.598635][ C1] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 500.598663][ C1] ? nmi_handle+0x2a/0x5a0 [ 500.598691][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 500.598714][ C1] ? nmi_handle+0x14f/0x5a0 [ 500.598731][ C1] ? nmi_handle+0x2a/0x5a0 [ 500.598750][ C1] ? __pfx___kasan_check_read+0x10/0x10 [ 500.598772][ C1] ? default_do_nmi+0x63/0x160 [ 500.598794][ C1] ? exc_nmi+0x123/0x1f0 [ 500.598814][ C1] ? end_repeat_nmi+0xf/0x53 [ 500.598844][ C1] ? __pfx___kasan_check_read+0x10/0x10 [ 500.598868][ C1] ? __pfx___kasan_check_read+0x10/0x10 [ 500.598892][ C1] ? __pfx___kasan_check_read+0x10/0x10 [ 500.598916][ C1] [ 500.598922][ C1] [ 500.598928][ C1] lock_acquire+0xd4/0x550 [ 500.598956][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 500.598983][ C1] ? batadv_nc_worker+0xcb/0x610 [ 500.599006][ C1] ? __pfx_lock_release+0x10/0x10 [ 500.599033][ C1] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 500.599064][ C1] batadv_nc_worker+0xec/0x610 [ 500.599086][ C1] ? batadv_nc_worker+0xcb/0x610 [ 500.599108][ C1] ? batadv_nc_worker+0xcb/0x610 [ 500.599133][ C1] ? process_scheduled_works+0x945/0x1830 [ 500.599156][ C1] process_scheduled_works+0xa2c/0x1830 [ 500.599199][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 500.599238][ C1] ? assign_work+0x364/0x3d0 [ 500.599264][ C1] worker_thread+0x870/0xd30 [ 500.599299][ C1] ? __kthread_parkme+0x169/0x1d0 [ 500.599326][ C1] ? __pfx_worker_thread+0x10/0x10 [ 500.599350][ C1] kthread+0x2f0/0x390 [ 500.599377][ C1] ? __pfx_worker_thread+0x10/0x10 [ 500.599400][ C1] ? __pfx_kthread+0x10/0x10 [ 500.599427][ C1] ret_from_fork+0x4b/0x80 [ 500.599451][ C1] ? __pfx_kthread+0x10/0x10 [ 500.599478][ C1] ret_from_fork_asm+0x1a/0x30 [ 500.599514][ C1] [ 500.933406][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 500.940311][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-syzkaller-01469-g6f9defaf9912 #0 [ 500.950507][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 500.960601][ T30] Call Trace: [ 500.963923][ T30] [ 500.966888][ T30] dump_stack_lvl+0x241/0x360 [ 500.971629][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 500.976878][ T30] ? __pfx__printk+0x10/0x10 [ 500.981516][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 500.987554][ T30] ? vscnprintf+0x5d/0x90 [ 500.991942][ T30] panic+0x349/0x860 [ 500.995883][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 501.002084][ T30] ? __pfx_panic+0x10/0x10 [ 501.006549][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 501.011960][ T30] ? __irq_work_queue_local+0x137/0x410 [ 501.017562][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 501.022981][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 501.029175][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 501.035373][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 501.041574][ T30] watchdog+0x1033/0x1040 [ 501.045957][ T30] ? watchdog+0x1ea/0x1040 [ 501.050424][ T30] ? __pfx_watchdog+0x10/0x10 [ 501.055149][ T30] kthread+0x2f0/0x390 [ 501.059266][ T30] ? __pfx_watchdog+0x10/0x10 [ 501.063987][ T30] ? __pfx_kthread+0x10/0x10 [ 501.068627][ T30] ret_from_fork+0x4b/0x80 [ 501.073090][ T30] ? __pfx_kthread+0x10/0x10 [ 501.077729][ T30] ret_from_fork_asm+0x1a/0x30 [ 501.082553][ T30] [ 501.085916][ T30] Kernel Offset: disabled [ 501.090261][ T30] Rebooting in 86400 seconds..