last executing test programs: 1m36.487837846s ago: executing program 3 (id=176): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001c2df6f270000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r1}, 0x10) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0}, &(0x7f0000000080)=0xc) sendmsg$netlink(r2, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000000c0)=ANY=[@ANYBLOB="182015b4d7be17a97e3090cd2d84cb08000195", @ANYRES32=r4, @ANYBLOB], 0x18}], 0x1}, 0x0) 50.683741435s ago: executing program 3 (id=176): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001c2df6f270000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r1}, 0x10) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0}, &(0x7f0000000080)=0xc) sendmsg$netlink(r2, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000000c0)=ANY=[@ANYBLOB="182015b4d7be17a97e3090cd2d84cb08000195", @ANYRES32=r4, @ANYBLOB], 0x18}], 0x1}, 0x0) 43.550373527s ago: executing program 3 (id=176): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001c2df6f270000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r1}, 0x10) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0}, &(0x7f0000000080)=0xc) sendmsg$netlink(r2, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000000c0)=ANY=[@ANYBLOB="182015b4d7be17a97e3090cd2d84cb08000195", @ANYRES32=r4, @ANYBLOB], 0x18}], 0x1}, 0x0) 35.472581421s ago: executing program 3 (id=176): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001c2df6f270000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r1}, 0x10) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0}, &(0x7f0000000080)=0xc) sendmsg$netlink(r2, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000000c0)=ANY=[@ANYBLOB="182015b4d7be17a97e3090cd2d84cb08000195", @ANYRES32=r4, @ANYBLOB], 0x18}], 0x1}, 0x0) 27.711256418s ago: executing program 3 (id=176): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001c2df6f270000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r1}, 0x10) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0}, &(0x7f0000000080)=0xc) sendmsg$netlink(r2, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000000c0)=ANY=[@ANYBLOB="182015b4d7be17a97e3090cd2d84cb08000195", @ANYRES32=r4, @ANYBLOB], 0x18}], 0x1}, 0x0) 18.015683678s ago: executing program 3 (id=176): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001c2df6f270000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r1}, 0x10) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0}, &(0x7f0000000080)=0xc) sendmsg$netlink(r2, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000000c0)=ANY=[@ANYBLOB="182015b4d7be17a97e3090cd2d84cb08000195", @ANYRES32=r4, @ANYBLOB], 0x18}], 0x1}, 0x0) 16.959285401s ago: executing program 1 (id=2325): r0 = socket(0x2a, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x24000001) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001a00)=ANY=[@ANYBLOB="850000008b000000840000000000000095000000000000008560fc2b2062f611fc2f864ef177d634e46e8dcfe61b4fb9f600344d592fee49e176fe6ad28fbcb1f9259bfc63e9030971917e30b6f42e8f9dd6ab0ce07312a135cd363aa7e5bcef8fd0e8c7d2082584156c52ebfd69e8e13b7a8b477abc86468e11b6242133ce882f05e16b91c37b3437347f6058b4489c759783b9d4dfb55d0085a26e41201a6d8c8ced33e10048e756a40538b32bf653fa3c831a4e60599ed7a0f999d18de9984522a7cdb6fc30015633a0132c9578b7da5bd7280a5f7e28fd858ba712020b23ef8a2785b6c146c48b48ca7e232d0489661396e9303b38aa5d26d06e2e676795fd2733f95da570bab301000000ffffffff2a2792a630d8fcdc"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r1 = socket$l2tp6(0xa, 0x2, 0x73) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x440, 0x260, 0x150, 0x150, 0x0, 0xf8010000, 0x370, 0x238, 0x238, 0x370, 0x238, 0x3, 0x0, {[{{@ipv6={@mcast1, @empty, [], [], 'veth0_to_team\x00', 'macvlan1\x00', {}, {}, 0x84}, 0x0, 0x218, 0x260, 0x0, {}, [@common=@eui64={{0x28}}, @common=@inet=@sctp={{0x148}, {[0x4e21], [0x4e24], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800], 0x0, [{}, {0x0, 0x4}], 0x0, 0xd}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp\x00'}}}, {{@ipv6={@empty, @mcast1, [], [], 'pim6reg1\x00', 'gre0\x00'}, 0x0, 0xa8, 0x110}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0xc, 0xe, 0xfffffffa, 0xfa8, '\x00', 'syz0\x00', {0x100000001}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4a0) socket(0x2a, 0x2, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) close(r2) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0x0, 0x0, 0x5}, 0x10) syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) recvmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r3 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10) sendmmsg$inet(r2, &(0x7f0000003e40)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x1) getsockname$packet(r0, &(0x7f00000009c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x44, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x9, 0x1}}}}]}, 0x44}}, 0x8c4) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f0000"], 0x48) r5 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r5, 0x107, 0x8, &(0x7f0000000100)=0x40049, 0x4) recvmmsg(r5, &(0x7f0000000480)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=""/11, 0x17}}], 0x400000000000179, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001300)=@getchain={0x24, 0x66, 0x100, 0x70bd27, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0xd, 0x10}, {0x9}, {0x7, 0x6}}}, 0x24}}, 0x1) socket$netlink(0x10, 0x3, 0x0) 16.594742226s ago: executing program 4 (id=2338): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) r3 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000080)=ANY=[@ANYRES32, @ANYBLOB="000000000000000005000000000000009500000000000074"], &(0x7f0000000140)='GPL\x00', 0x2, 0x95, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)={@ifindex, r3, 0x11, 0x0, 0x0, @void, @value=r2}, 0x20) 16.512981468s ago: executing program 4 (id=2339): r0 = socket$inet(0x2, 0x3, 0x6) setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000180)=0x7b, 0x4) shutdown(r0, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x89e0, 0x0) 16.447829666s ago: executing program 4 (id=2340): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$tipc(0x1e, 0x4, 0x0) bind$tipc(r1, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10) socket$nl_crypto(0x10, 0x3, 0x15) r2 = socket$tipc(0x1e, 0x5, 0x0) sendmsg$tipc(r2, &(0x7f0000000240)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, 0x0}, 0x0) close(r2) r3 = syz_genetlink_get_family_id$l2tp(&(0x7f00000034c0), r0) r4 = accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000000), 0x80000) r5 = socket$vsock_stream(0x28, 0x1, 0x0) shutdown(r5, 0x0) sendmsg$L2TP_CMD_SESSION_MODIFY(r0, &(0x7f0000003580)={0x0, 0x0, &(0x7f0000003540)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="250625bd7000fddbdf250700000008001700", @ANYRES32=r4, @ANYBLOB="e055b06e4317ca7396b6a2518e1371272ff8be1a6a05c0bb935630ff5c102da081171b85d5bfcdbcda4e878023d3f209505955cfdaa641d3c3d336fbc0b0bc9a2332de78eadc5e33ba7911239dcfb9900496576ae8e25978c1a4f9c624e5e2e800a641802d5c9e5d42d99e1cf78aac95bf97afaaf492e5b76ccc9a4132c8c4d5340580a1acac09f77084b0f8576e551428702eb0a4a9302eeff731ff49e39c3ddff06b01cef2e37192d574d859c3908d6196fea388b0892c649d20ebc58d6c92d493c61385e5dbbedee0d8e0a8284af1e3d36455d9e56013ff89b31679dad7219a"], 0x1c}, 0x1, 0x0, 0x0, 0x8000040}, 0x5) 16.447619945s ago: executing program 4 (id=2341): mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x200000b, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2000002, 0x42073, 0xffffffffffffffff, 0xaba00000) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="6c00000002060500000000000000000000000000120003006269746d61703a6970006d616300000005000400000000000900020073797a3100000000200007800c00018008000140000000000800080000000000080006400000000005000500020000000500010006"], 0x6c}}, 0x0) 16.382979691s ago: executing program 2 (id=2343): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0xff9f, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {0xa, 0x0, 0x3}, [@NHA_FDB={0x4}]}, 0x1c}}, 0x0) 16.382574358s ago: executing program 4 (id=2344): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) read(r0, &(0x7f0000000000)=""/225, 0xe1) r1 = socket$rxrpc(0x21, 0x2, 0xa) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_tcp_TLS_TX(r2, 0x6, 0x1, &(0x7f0000001b80)=@gcm_256={{0x303}, "e11fd25f228e7de8", "8452fe0e66fa615e00e1c0742c52d98f60149ba20f6258068c42e89f4175c12c", "8c11f4c2", "1bd80c52b34eb5b5"}, 0x38) unshare(0x40600) tee(r1, r1, 0x66f, 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="b4050000000000006110780000000000630122000000000095000000000000008f6a138c9e4eb32e71d7754e127d8d87525e8d57dc3c002fa721249c4cdfd87788947190b59b5af99eaaecbf2ba57aa6ffd750ffd3bef751c89264a6a9ec3b188b69dc1b6a12211cbf01e697342cf987ca2161e2a58904"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) 16.275773654s ago: executing program 2 (id=2345): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) r3 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="85000000070000006a0a00ff000000000c00000000000000950000000000000018100000", @ANYRES32, @ANYBLOB="000000000000000005000000000000009500000000000074"], &(0x7f0000000140)='GPL\x00', 0x2, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2d) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)={@ifindex, r3, 0x11, 0x0, 0x0, @void, @value=r2}, 0x20) 16.26773878s ago: executing program 2 (id=2346): r0 = socket(0x1e, 0x1, 0x0) connect$tipc(r0, &(0x7f0000000040)=@id={0x1e, 0x3, 0x0, {0x600}}, 0x10) shutdown(r0, 0x2) 16.186353578s ago: executing program 0 (id=2347): syz_genetlink_get_family_id$gtp(&(0x7f0000000580), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$GTP_CMD_GETPDP(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x2c}}, 0x0) 16.147136571s ago: executing program 2 (id=2348): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bond0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x21, &(0x7f0000000040)={&(0x7f0000000080)=@newlink={0x44, 0x10, 0x49920d862a92153b, 0x800, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1b400}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x6}]}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}}, 0x0) 16.146765273s ago: executing program 0 (id=2349): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) r3 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000080)=ANY=[@ANYRES32, @ANYBLOB="000000000000000005000000000000009500000000000074"], &(0x7f0000000140)='GPL\x00', 0x2, 0x95, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)={@ifindex, r3, 0x11, 0x0, 0x0, @void, @value=r2}, 0x20) 16.072057073s ago: executing program 0 (id=2350): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)={0x2c, r1, 0x1, 0x70bd2b, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_4ADDR={0x5, 0x53, 0x1}, @NL80211_ATTR_4ADDR={0x5, 0x53, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x5}, 0x4004080) 16.0715456s ago: executing program 1 (id=2351): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000c40), r0) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r0, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)={0x34, r1, 0x1, 0x0, 0x0, {0x6, 0x0, 0x900}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @private}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @multicast2}, @NLBL_UNLABEL_A_SECCTX={0xf, 0x7, 'unconfined\x00'}]}, 0x34}, 0x2, 0x34005}, 0x0) (fail_nth: 6) 15.963840453s ago: executing program 1 (id=2352): r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x80, 0x0, @mcast1, 0x8}, 0x1c) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev}, 0x1c) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f00000000c0)={0xfffffe}, 0xfd9e) socket$netlink(0x10, 0x3, 0x4) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) bind$packet(r1, &(0x7f0000000280)={0x11, 0x7, r2, 0x1, 0xdf, 0x6, @local}, 0x14) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) socket(0x10, 0x803, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000140)) syz_genetlink_get_family_id$batadv(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$BATADV_CMD_SET_MESH(r3, 0x0, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x70bd2a, 0x8000000, {0x0, 0x0, 0x0, r2, {0x1f, 0x3}}}, 0x24}, 0x1, 0x0, 0x0, 0x20008040}, 0x4000000) 15.57747434s ago: executing program 2 (id=2353): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newtaction={0x14, 0x30, 0x20, 0x70bd26, 0x25dfdbfe}, 0x14}}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @gretap={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_IFLAGS={0x6, 0x2, 0x2020}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0xc845}, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000d40)=@newlink={0x44, 0x10, 0x437, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x4}}}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x44}}, 0x0) sendmsg$MPTCP_PM_CMD_REMOVE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r1, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_TOKEN={0x8}, @MPTCP_PM_ATTR_LOC_ID={0x5}]}, 0x24}}, 0x0) 15.516202875s ago: executing program 4 (id=2354): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000003c0)='sys_enter\x00', r1}, 0x18) recvfrom$inet(0xffffffffffffffff, 0x0, 0x0, 0x40000182, 0x0, 0x0) r2 = socket(0x10, 0x80002, 0x0) r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(r3, &(0x7f0000000000), 0x8) listen(r3, 0x9615) accept4(r3, 0x0, 0x0, 0x80800) syz_init_net_socket$netrom(0x6, 0x5, 0x0) sendmsg$nl_route(r2, 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r4, 0x6, 0x23, 0x0, &(0x7f0000000ec0)) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x10040, &(0x7f0000001480)={0x0, 0x989680}) r5 = socket$alg(0x26, 0x5, 0x0) bind$alg(r5, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(adiantum(xts(ctr-cast6-avx),blowfish-generic),nhpoly130'}, 0x58) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r7, 0x0, 0x0) recvmmsg$unix(r7, &(0x7f0000000240), 0x0, 0x10000, 0x0) syz_genetlink_get_family_id$ethtool(0x0, r6) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000140), 0xffffffffffffffff) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(r8, 0x8933, &(0x7f0000000380)={'vcan0\x00'}) bind$can_j1939(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x1c, 0x12, 0x1, 0x70bd26, 0x25dfdbfb, {0xa}, [@nested={0x7, 0x0, 0x0, 0x1, [@generic="05a0d5"]}]}, 0x1c}}, 0x0) sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000240)=ANY=[@ANYBLOB="300000002c0001000000000000000000040000801c0011802e"], 0x30}], 0x1}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 15.439821742s ago: executing program 0 (id=2355): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40008004}, 0x20004000) r1 = socket$inet6(0xa, 0x1, 0x40003) bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e24, 0x0, @empty, 0x9}, 0x3) listen(r1, 0x43) r2 = socket$inet_dccp(0x2, 0x6, 0x0) setsockopt(r2, 0x10d, 0x800000000d, &(0x7f00001c9fff)="03", 0x1) syz_emit_ethernet(0x8e, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaa1acd1f78800d86dd608a37f200587300fe8000000000000000000000000000bbfe8000000000000000000000000000aa"], 0x0) r3 = socket$xdp(0x2c, 0x3, 0x0) mmap$xdp(&(0x7f000042a000/0x800000)=nil, 0x800000, 0x0, 0x11, r3, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f000005a000/0x3000)=nil, 0x3000, 0x1000000, 0x12, r4, 0x0) mmap(&(0x7f00004ef000/0x4000)=nil, 0x4000, 0x2000006, 0x12, r4, 0x0) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2, 0x11, r3, 0x20000) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) r6 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'xfrm0\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r6, 0x890b, &(0x7f0000000140)={@private2, @private1={0xfc, 0x1, '\x00', 0x1}, @local, 0x2, 0x6, 0x7, 0x0, 0x7, 0x80610105, r7}) write$tun(r5, &(0x7f0000000000)=ANY=[], 0x38) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r5, 0x0) accept4(r1, 0x0, 0x0, 0x0) 15.406793503s ago: executing program 1 (id=2356): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) r3 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="85000000070000006a0a00ff000000000c00000000000000950000000000000018100000", @ANYRES32, @ANYBLOB="000000000000000005000000000000009500000000000074"], &(0x7f0000000140)='GPL\x00', 0x2, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2d) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)={@ifindex, r3, 0x11, 0x0, 0x0, @void, @value=r2}, 0x20) 15.397294502s ago: executing program 0 (id=2357): bind$tipc(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10) accept4(0xffffffffffffffff, 0x0, &(0x7f0000000140), 0x0) setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r0, 0x84, 0x82, 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@newtaction={0xd0, 0x30, 0x10, 0xfffffffc, 0x0, {}, [{0xbc, 0x1, [@m_gact={0xb8, 0x1, 0x0, 0x0, {{0x9}, {0x40, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x7ff, 0x6, 0x6, 0x0, 0x10}}, @TCA_GACT_PARMS={0x18, 0x2, {0x3, 0x0, 0x2, 0x4}}, @TCA_GACT_PROB={0xc, 0x3, {0x1, 0x260c, 0x9740aa64001af6d0}}]}, {0x50, 0x6, "4343a6f7cfe1589b32a3ec285734d9a10232c47e98b5b064d58524dd78267940c81f92eaef01bd9ce4bdda671e27a4e8d816a5669efc6bb436d30b40f25a8e66aac7b32e8cc11a7765be43f2"}, {0xc, 0x7, {0x1}}, {0xc}}}]}]}, 0xd0}, 0x1, 0x0, 0x0, 0x4008040}, 0x24000000) r2 = socket(0x10, 0x3, 0x0) sendmmsg$alg(r2, &(0x7f0000000140), 0x4924b68, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$phonet_pipe(0x23, 0x5, 0x2) close(r0) r3 = socket$inet6(0xa, 0x3, 0x20) setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000400)=@raw={'raw\x00', 0x3c1, 0x3, 0x388, 0x138, 0xffffff80, 0x178, 0x138, 0x178, 0x2b8, 0x258, 0x230, 0x2b8, 0x258, 0x2034, 0x0, {[{{@uncond, 0x1d, 0x100, 0x138, 0x340, {0x1e0002a8, 0x7203000000000000}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@cluster={{0x30}, {0x300}}]}, @common=@inet=@SET3={0x38}}, {{@ipv6={@private1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], 'syzkaller1\x00', 'nr0\x00'}, 0x0, 0x118, 0x180, 0x0, {}, [@common=@dst={{0x48}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3e8) 15.347807438s ago: executing program 2 (id=2358): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x16, 0x0, 0x8, 0xfffe, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) r2 = socket$packet(0x11, 0x2, 0x300) r3 = socket$inet6_mptcp(0xa, 0x1, 0x106) connect$inet6(r3, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}}, 0x1c) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'rose0\x00'}) ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000040)={'vxcan1\x00', 0x400}) socket$nl_route(0x10, 0x3, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) recvfrom$x25(r4, 0x0, 0x0, 0x40, 0x0, 0x0) r5 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_int(r5, 0x10d, 0x92, &(0x7f0000000000), &(0x7f0000000080)=0x4) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0c00000004000000040000000900f18dffa117fb2a4ab86b11a603aeeba2a83ae7b878ad72ac7f74d83297c64590413970e95fafd76f0fd999bfef488a64874f9ed53b3e900c00309780253f5f691598e6f948684092a01c9449da6156809217ccd31914403b2b8edd27bc367e06a1aa58540621bd3cab24b3fb2f3c2a59fedbc837ca8268fa7accb86b2c892f45cba4fb8046b1308f7df168825db9ff0d82300e7300bf8298b2ab5ff36eeb5ca2dae1fbec0328c7686e54de03e804058c49b1d58c1f2df3a900eeddd918ef3b030e59eba308cba35736b84983", @ANYRES32=r0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0xf, "0000000000000000000100000e000058"}}}]}, 0x48}}, 0x0) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000024c0), &(0x7f0000001280), 0x3, r6}, 0x38) r10 = socket$inet6(0xa, 0x6, 0x0) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000497000/0x2000)=nil, 0x2000, 0x2000002, 0x13, r11, 0x0) getsockopt$inet6_opts(r11, 0x29, 0x3b, 0x0, &(0x7f0000000000)) socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$IP6T_SO_GET_INFO(r10, 0x29, 0x40, &(0x7f0000000040)={'filter\x00', 0x0, [0x8a9, 0xa20, 0x4, 0x0, 0xff]}, &(0x7f00000000c0)=0x54) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, &(0x7f0000004f00)={0x0, 0x0, &(0x7f0000004ec0)={&(0x7f0000004e40)={0x34, 0x0, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@NL802154_ATTR_PID={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x804}, 0x4) r12 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000280)={0x0, r3}, 0x8) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000480)={0x1b8, 0x37, 0x10, 0x70bd25, 0x25dfdbfb, {0x16}, [@generic="467504d55ed7b943879d406e9d3f0879aa4caea52371082715f269044960055cfe6611a055426176f49f4446ba4f04f40bfe0e36fcab73930fcfe45ac053c17b74e2ba61ae420c1cdddf383c1c78f5c23bcde80e0fc224e0d2481e452cd63face18659fcdff79c3221a57a202e65113b8d7a01c1e74ef6fc06170f088099922ad69635d927f25089eb7fd3edb1a7d3b1677e9c283ab6414474e9ee3007345aa9e45f3deb237624c704bb1754ca64c9ff663070071b4537e42b9b7c908aa7", @nested={0xc, 0x56, 0x0, 0x1, [@typed={0x8, 0x120, 0x0, 0x0, @pid}]}, @typed={0x8, 0x10c, 0x0, 0x0, @pid}, @nested={0x19, 0x1, 0x0, 0x1, [@typed={0x8, 0xf03, 0x0, 0x0, @fd=r12}, @generic="30b31b14ab89d48bfc923c213d"]}, @generic="43714b36dfc7521d6b2aa16e3d8f4cd7f4ad78dd67d02c8b0af4a8be", @generic="13302cd18904b7b8aa5edcba5783f18a", @nested={0x1d, 0xbe, 0x0, 0x1, [@nested={0x4, 0x56}, @generic="be62", @generic="c8cfc31f6bdc416540e0653f0e340effcfad13"]}, @generic="8b94a0ad8bf6d37bb87cd991c6e0ab422822d528ffa8bddcbdef173fa99f8967bf3b63467d0b324af453a26496917dff842a704077ca4bb4c1fa2a1f210184b20197e4456ed0c912e1d6ee4ef72b0897a2fd11b43f88fb3aec380ddb38490e", @typed={0x8, 0xa5, 0x0, 0x0, @u32=0x7}]}, 0x1b8}, 0x1, 0x0, 0x0, 0x40801}, 0x48000) 15.292294603s ago: executing program 1 (id=2359): r0 = socket$kcm(0x10, 0x400000002, 0x0) write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="0007f73342009103"], 0xfe33) 15.237597793s ago: executing program 1 (id=2360): syz_genetlink_get_family_id$gtp(&(0x7f0000000580), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$GTP_CMD_GETPDP(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x2c}}, 0x0) 15.127961288s ago: executing program 0 (id=2361): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x5, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x0, 0x2}, 0xe) listen(r0, 0xa1) accept4$bt_l2cap(r0, 0x0, 0x0, 0x0) shutdown(r0, 0x1) setsockopt$sock_int(r0, 0x1, 0xa, &(0x7f0000000040), 0x4) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'macsec0\x00', 0x4000}) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000240)={'macsec0\x00', 0x1}) 102.714885ms ago: executing program 32 (id=2361): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x5, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x0, 0x2}, 0xe) listen(r0, 0xa1) accept4$bt_l2cap(r0, 0x0, 0x0, 0x0) shutdown(r0, 0x1) setsockopt$sock_int(r0, 0x1, 0xa, &(0x7f0000000040), 0x4) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'macsec0\x00', 0x4000}) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000240)={'macsec0\x00', 0x1}) 80.359786ms ago: executing program 33 (id=2360): syz_genetlink_get_family_id$gtp(&(0x7f0000000580), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$GTP_CMD_GETPDP(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x2c}}, 0x0) 39.378225ms ago: executing program 34 (id=2358): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x16, 0x0, 0x8, 0xfffe, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1) r2 = socket$packet(0x11, 0x2, 0x300) r3 = socket$inet6_mptcp(0xa, 0x1, 0x106) connect$inet6(r3, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}}, 0x1c) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'rose0\x00'}) ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000040)={'vxcan1\x00', 0x400}) socket$nl_route(0x10, 0x3, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) recvfrom$x25(r4, 0x0, 0x0, 0x40, 0x0, 0x0) r5 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_int(r5, 0x10d, 0x92, &(0x7f0000000000), &(0x7f0000000080)=0x4) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0c00000004000000040000000900f18dffa117fb2a4ab86b11a603aeeba2a83ae7b878ad72ac7f74d83297c64590413970e95fafd76f0fd999bfef488a64874f9ed53b3e900c00309780253f5f691598e6f948684092a01c9449da6156809217ccd31914403b2b8edd27bc367e06a1aa58540621bd3cab24b3fb2f3c2a59fedbc837ca8268fa7accb86b2c892f45cba4fb8046b1308f7df168825db9ff0d82300e7300bf8298b2ab5ff36eeb5ca2dae1fbec0328c7686e54de03e804058c49b1d58c1f2df3a900eeddd918ef3b030e59eba308cba35736b84983", @ANYRES32=r0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0xf, "0000000000000000000100000e000058"}}}]}, 0x48}}, 0x0) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000024c0), &(0x7f0000001280), 0x3, r6}, 0x38) r10 = socket$inet6(0xa, 0x6, 0x0) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000497000/0x2000)=nil, 0x2000, 0x2000002, 0x13, r11, 0x0) getsockopt$inet6_opts(r11, 0x29, 0x3b, 0x0, &(0x7f0000000000)) socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$IP6T_SO_GET_INFO(r10, 0x29, 0x40, &(0x7f0000000040)={'filter\x00', 0x0, [0x8a9, 0xa20, 0x4, 0x0, 0xff]}, &(0x7f00000000c0)=0x54) sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, &(0x7f0000004f00)={0x0, 0x0, &(0x7f0000004ec0)={&(0x7f0000004e40)={0x34, 0x0, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@NL802154_ATTR_PID={0x8}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x804}, 0x4) r12 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000280)={0x0, r3}, 0x8) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000480)={0x1b8, 0x37, 0x10, 0x70bd25, 0x25dfdbfb, {0x16}, [@generic="467504d55ed7b943879d406e9d3f0879aa4caea52371082715f269044960055cfe6611a055426176f49f4446ba4f04f40bfe0e36fcab73930fcfe45ac053c17b74e2ba61ae420c1cdddf383c1c78f5c23bcde80e0fc224e0d2481e452cd63face18659fcdff79c3221a57a202e65113b8d7a01c1e74ef6fc06170f088099922ad69635d927f25089eb7fd3edb1a7d3b1677e9c283ab6414474e9ee3007345aa9e45f3deb237624c704bb1754ca64c9ff663070071b4537e42b9b7c908aa7", @nested={0xc, 0x56, 0x0, 0x1, [@typed={0x8, 0x120, 0x0, 0x0, @pid}]}, @typed={0x8, 0x10c, 0x0, 0x0, @pid}, @nested={0x19, 0x1, 0x0, 0x1, [@typed={0x8, 0xf03, 0x0, 0x0, @fd=r12}, @generic="30b31b14ab89d48bfc923c213d"]}, @generic="43714b36dfc7521d6b2aa16e3d8f4cd7f4ad78dd67d02c8b0af4a8be", @generic="13302cd18904b7b8aa5edcba5783f18a", @nested={0x1d, 0xbe, 0x0, 0x1, [@nested={0x4, 0x56}, @generic="be62", @generic="c8cfc31f6bdc416540e0653f0e340effcfad13"]}, @generic="8b94a0ad8bf6d37bb87cd991c6e0ab422822d528ffa8bddcbdef173fa99f8967bf3b63467d0b324af453a26496917dff842a704077ca4bb4c1fa2a1f210184b20197e4456ed0c912e1d6ee4ef72b0897a2fd11b43f88fb3aec380ddb38490e", @typed={0x8, 0xa5, 0x0, 0x0, @u32=0x7}]}, 0x1b8}, 0x1, 0x0, 0x0, 0x40801}, 0x48000) 0s ago: executing program 35 (id=2354): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000003c0)='sys_enter\x00', r1}, 0x18) recvfrom$inet(0xffffffffffffffff, 0x0, 0x0, 0x40000182, 0x0, 0x0) r2 = socket(0x10, 0x80002, 0x0) r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(r3, &(0x7f0000000000), 0x8) listen(r3, 0x9615) accept4(r3, 0x0, 0x0, 0x80800) syz_init_net_socket$netrom(0x6, 0x5, 0x0) sendmsg$nl_route(r2, 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r4, 0x6, 0x23, 0x0, &(0x7f0000000ec0)) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x10040, &(0x7f0000001480)={0x0, 0x989680}) r5 = socket$alg(0x26, 0x5, 0x0) bind$alg(r5, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(adiantum(xts(ctr-cast6-avx),blowfish-generic),nhpoly130'}, 0x58) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r7, 0x0, 0x0) recvmmsg$unix(r7, &(0x7f0000000240), 0x0, 0x10000, 0x0) syz_genetlink_get_family_id$ethtool(0x0, r6) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000140), 0xffffffffffffffff) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(r8, 0x8933, &(0x7f0000000380)={'vcan0\x00'}) bind$can_j1939(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x1c, 0x12, 0x1, 0x70bd26, 0x25dfdbfb, {0xa}, [@nested={0x7, 0x0, 0x0, 0x1, [@generic="05a0d5"]}]}, 0x1c}}, 0x0) sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000240)=ANY=[@ANYBLOB="300000002c0001000000000000000000040000801c0011802e"], 0x30}], 0x1}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) kernel console output (not intermixed with test programs): 12846] tipc: Enabled bearer , priority 0 [ 138.674051][T12846] syzkaller0: entered promiscuous mode [ 138.689753][T12846] syzkaller0: entered allmulticast mode [ 138.707692][T12846] tipc: Resetting bearer [ 138.724685][T12845] tipc: Resetting bearer [ 138.732521][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 138.795937][T12845] tipc: Disabling bearer [ 138.849926][T12845] veth0: left promiscuous mode [ 138.866337][T12635] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 138.896847][T12635] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 138.909108][T12880] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1896'. [ 138.928282][T12635] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 138.956498][T12635] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 139.010766][T12881] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1895'. [ 139.120295][T12635] 8021q: adding VLAN 0 to HW filter on device bond0 [ 139.147151][T12894] netlink: 'syz.2.1901': attribute type 39 has an invalid length. [ 139.174063][T12635] 8021q: adding VLAN 0 to HW filter on device team0 [ 139.196306][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 139.203423][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 139.244942][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 139.252056][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 139.260326][T12903] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1904'. [ 139.368542][T12918] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1909'. [ 139.415930][T12923] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1910'. [ 139.435164][T12918] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1909'. [ 139.481216][T12930] FAULT_INJECTION: forcing a failure. [ 139.481216][T12930] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 139.516704][T12930] CPU: 0 UID: 0 PID: 12930 Comm: syz.4.1912 Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 139.516727][T12930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 139.516737][T12930] Call Trace: [ 139.516743][T12930] [ 139.516749][T12930] dump_stack_lvl+0x241/0x360 [ 139.516777][T12930] ? __pfx_dump_stack_lvl+0x10/0x10 [ 139.516796][T12930] ? __pfx__printk+0x10/0x10 [ 139.516815][T12930] ? __pfx_lock_release+0x10/0x10 [ 139.516839][T12930] should_fail_ex+0x3b0/0x4e0 [ 139.516857][T12930] _copy_from_iter+0x1e9/0x1c20 [ 139.516875][T12930] ? kmem_cache_alloc_node_noprof+0x22c/0x380 [ 139.516904][T12930] ? __alloc_skb+0x28f/0x440 [ 139.516919][T12930] ? __pfx__copy_from_iter+0x10/0x10 [ 139.516939][T12930] ? __virt_addr_valid+0x183/0x530 [ 139.516958][T12930] ? __virt_addr_valid+0x183/0x530 [ 139.516976][T12930] ? __virt_addr_valid+0x45f/0x530 [ 139.516994][T12930] ? __phys_addr_symbol+0x2f/0x70 [ 139.517012][T12930] ? __check_object_size+0x47a/0x730 [ 139.517035][T12930] netlink_sendmsg+0x73d/0xcb0 [ 139.517058][T12930] ? __pfx_netlink_sendmsg+0x10/0x10 [ 139.517077][T12930] ? __pfx_aa_file_perm+0x10/0x10 [ 139.517094][T12930] ? aa_sock_msg_perm+0x91/0x160 [ 139.517113][T12930] ? __pfx_netlink_sendmsg+0x10/0x10 [ 139.517129][T12930] __sock_sendmsg+0x221/0x270 [ 139.517151][T12930] sock_write_iter+0x2d7/0x3f0 [ 139.517171][T12930] ? __pfx_sock_write_iter+0x10/0x10 [ 139.517189][T12930] ? lock_release+0xbf/0xa30 [ 139.517212][T12930] ? bpf_lsm_file_permission+0x9/0x10 [ 139.517227][T12930] ? security_file_permission+0x74/0x280 [ 139.517252][T12930] vfs_write+0xaeb/0xd30 [ 139.517270][T12930] ? __pfx_sock_write_iter+0x10/0x10 [ 139.517290][T12930] ? __pfx_vfs_write+0x10/0x10 [ 139.517305][T12930] ? do_sys_openat2+0x17a/0x1d0 [ 139.517327][T12930] ? __fget_files+0x2a/0x410 [ 139.517348][T12930] ? __fget_files+0x2a/0x410 [ 139.517372][T12930] ksys_write+0x18f/0x2b0 [ 139.517389][T12930] ? __pfx_ksys_write+0x10/0x10 [ 139.517405][T12930] ? rcu_is_watching+0x15/0xb0 [ 139.517428][T12930] ? rcu_is_watching+0x15/0xb0 [ 139.517450][T12930] do_syscall_64+0xf3/0x230 [ 139.517466][T12930] ? clear_bhb_loop+0x35/0x90 [ 139.517485][T12930] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.517501][T12930] RIP: 0033:0x7faf4598cd29 [ 139.517514][T12930] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 139.517527][T12930] RSP: 002b:00007faf46750038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 139.517552][T12930] RAX: ffffffffffffffda RBX: 00007faf45ba5fa0 RCX: 00007faf4598cd29 [ 139.517564][T12930] RDX: 0000000000000026 RSI: 0000000020000140 RDI: 0000000000000003 [ 139.517574][T12930] RBP: 00007faf46750090 R08: 0000000000000000 R09: 0000000000000000 [ 139.517584][T12930] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 139.517594][T12930] R13: 0000000000000000 R14: 00007faf45ba5fa0 R15: 00007fff74431418 [ 139.517613][T12930] [ 139.646034][T12635] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 139.774404][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 139.822328][ T5832] Bluetooth: hci4: command tx timeout [ 139.858017][T12942] netlink: 'syz.2.1914': attribute type 15 has an invalid length. [ 139.902060][T12952] netlink: 'syz.1.1918': attribute type 39 has an invalid length. [ 139.969862][T12635] veth0_vlan: entered promiscuous mode [ 140.025840][T12635] veth1_vlan: entered promiscuous mode [ 140.087280][T12635] veth0_macvtap: entered promiscuous mode [ 140.118082][T12635] veth1_macvtap: entered promiscuous mode [ 140.195086][T12635] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 140.243927][T12977] 8021q: adding VLAN 0 to HW filter on device bond9 [ 140.251867][T12977] bond0: (slave bond9): Enslaving as an active interface with an up link [ 140.286891][T12635] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 140.334945][T12635] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 140.390850][T12635] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 140.412368][T12635] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 140.432305][T12635] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 140.597654][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 140.633924][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 140.670863][ T1325] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 140.726458][ T1325] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 140.802213][T13037] netlink: 'syz.2.1942': attribute type 12 has an invalid length. [ 140.812620][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 140.826138][T13037] tipc: Enabling of bearer rejected, already enabled [ 140.994542][T13055] netlink: 'syz.4.1946': attribute type 15 has an invalid length. [ 141.477055][T13115] xt_addrtype: ipv6 BLACKHOLE matching not supported [ 141.621204][T13134] FAULT_INJECTION: forcing a failure. [ 141.621204][T13134] name failslab, interval 1, probability 0, space 0, times 0 [ 141.663923][T13134] CPU: 0 UID: 0 PID: 13134 Comm: syz.2.1977 Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 141.663947][T13134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 141.663956][T13134] Call Trace: [ 141.663962][T13134] [ 141.663967][T13134] dump_stack_lvl+0x241/0x360 [ 141.663994][T13134] ? __pfx_dump_stack_lvl+0x10/0x10 [ 141.664014][T13134] ? __pfx__printk+0x10/0x10 [ 141.664036][T13134] ? __pfx___might_resched+0x10/0x10 [ 141.664055][T13134] should_fail_ex+0x3b0/0x4e0 [ 141.664072][T13134] should_failslab+0xac/0x100 [ 141.664093][T13134] ? vm_area_dup+0x27/0x290 [ 141.664112][T13134] kmem_cache_alloc_noprof+0x70/0x380 [ 141.664135][T13134] vm_area_dup+0x27/0x290 [ 141.664156][T13134] __split_vma+0x1cb/0xc50 [ 141.664180][T13134] ? __pfx___split_vma+0x10/0x10 [ 141.664203][T13134] ? mas_find+0x950/0xbb0 [ 141.664226][T13134] vms_gather_munmap_vmas+0x4c1/0x1600 [ 141.664255][T13134] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 141.664278][T13134] ? mas_find+0x8c0/0xbb0 [ 141.664301][T13134] __mmap_region+0x7c4/0x2d30 [ 141.664323][T13134] ? lock_release+0xbf/0xa30 [ 141.664345][T13134] ? stack_trace_save+0x118/0x1d0 [ 141.664360][T13134] ? unwind_next_frame+0x18e6/0x22d0 [ 141.664382][T13134] ? __pfx___mmap_region+0x10/0x10 [ 141.664405][T13134] ? is_bpf_text_address+0x26/0x2a0 [ 141.664424][T13134] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 141.664458][T13134] ? rcu_is_watching+0x15/0xb0 [ 141.664483][T13134] ? arch_get_unmapped_area_topdown+0x28e/0xc50 [ 141.664502][T13134] ? kasan_save_track+0x3f/0x80 [ 141.664518][T13134] ? __kasan_slab_alloc+0x66/0x80 [ 141.664538][T13134] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.664556][T13134] ? __pfx_arch_get_unmapped_area_topdown+0x10/0x10 [ 141.664586][T13134] ? mm_get_unmapped_area_vmflags+0xb9/0xf0 [ 141.664605][T13134] ? cap_mmap_addr+0x163/0x2c0 [ 141.664621][T13134] mmap_region+0x226/0x2c0 [ 141.664641][T13134] do_mmap+0x97a/0x10d0 [ 141.664659][T13134] ? __pfx_do_mmap+0x10/0x10 [ 141.664672][T13134] ? __pfx_down_write_killable+0x10/0x10 [ 141.664688][T13134] ? common_file_perm+0x1a6/0x210 [ 141.664711][T13134] vm_mmap_pgoff+0x214/0x430 [ 141.664731][T13134] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 141.664749][T13134] ? hugetlb_file_setup+0x3dc/0x5c0 [ 141.664771][T13134] ksys_mmap_pgoff+0x53e/0x720 [ 141.664788][T13134] do_syscall_64+0xf3/0x230 [ 141.664802][T13134] ? clear_bhb_loop+0x35/0x90 [ 141.664819][T13134] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.664836][T13134] RIP: 0033:0x7f3bbc38cd29 [ 141.664849][T13134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 141.664862][T13134] RSP: 002b:00007f3bbd251038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 141.664880][T13134] RAX: ffffffffffffffda RBX: 00007f3bbc5a5fa0 RCX: 00007f3bbc38cd29 [ 141.664892][T13134] RDX: 0000000000000001 RSI: 0000000000400000 RDI: 0000000020000000 [ 141.664902][T13134] RBP: 00007f3bbd251090 R08: ffffffffffffffff R09: 0000000000000000 [ 141.664913][T13134] R10: 0000000000041071 R11: 0000000000000246 R12: 0000000000000001 [ 141.664923][T13134] R13: 0000000000000001 R14: 00007f3bbc5a5fa0 R15: 00007fffc87ec908 [ 141.664940][T13134] [ 141.742248][T13146] FAULT_INJECTION: forcing a failure. [ 141.742248][T13146] name failslab, interval 1, probability 0, space 0, times 0 [ 141.853574][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 142.034610][T13146] CPU: 1 UID: 0 PID: 13146 Comm: syz.0.1982 Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 142.034634][T13146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 142.034643][T13146] Call Trace: [ 142.034650][T13146] [ 142.034656][T13146] dump_stack_lvl+0x241/0x360 [ 142.034682][T13146] ? __pfx_dump_stack_lvl+0x10/0x10 [ 142.034701][T13146] ? __pfx__printk+0x10/0x10 [ 142.034721][T13146] ? __asan_memcpy+0x40/0x70 [ 142.034735][T13146] ? __pfx___might_resched+0x10/0x10 [ 142.034751][T13146] ? dynamic_dname+0x141/0x1b0 [ 142.034782][T13146] should_fail_ex+0x3b0/0x4e0 [ 142.034798][T13146] should_failslab+0xac/0x100 [ 142.034818][T13146] __kmalloc_noprof+0xdd/0x4c0 [ 142.034837][T13146] ? tomoyo_encode+0x26f/0x540 [ 142.034857][T13146] tomoyo_encode+0x26f/0x540 [ 142.034874][T13146] ? __pfx_sockfs_dname+0x10/0x10 [ 142.034897][T13146] tomoyo_realpath_from_path+0x59e/0x5e0 [ 142.034920][T13146] tomoyo_path_number_perm+0x236/0x860 [ 142.034936][T13146] ? proc_fail_nth_write+0x24f/0x2d0 [ 142.034956][T13146] ? common_file_perm+0x1a6/0x210 [ 142.034972][T13146] ? tomoyo_path_number_perm+0x206/0x860 [ 142.034987][T13146] ? __pfx_lock_release+0x10/0x10 [ 142.035006][T13146] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 142.035029][T13146] ? preempt_count_add+0x93/0x190 [ 142.035060][T13146] ? fput+0x21b/0x290 [ 142.035080][T13146] ? __fget_files+0x2a/0x410 [ 142.035102][T13146] ? __fget_files+0x2a/0x410 [ 142.035124][T13146] security_file_ioctl+0xc6/0x2a0 [ 142.035147][T13146] __se_sys_ioctl+0x46/0x170 [ 142.035182][T13146] do_syscall_64+0xf3/0x230 [ 142.035197][T13146] ? clear_bhb_loop+0x35/0x90 [ 142.035217][T13146] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 142.035234][T13146] RIP: 0033:0x7ff21758cd29 [ 142.035248][T13146] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 142.035261][T13146] RSP: 002b:00007ff2183fe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 142.035279][T13146] RAX: ffffffffffffffda RBX: 00007ff2177a5fa0 RCX: 00007ff21758cd29 [ 142.035290][T13146] RDX: 0000000000000000 RSI: 00000000c020f509 RDI: 0000000000000003 [ 142.035308][T13146] RBP: 00007ff2183fe090 R08: 0000000000000000 R09: 0000000000000000 [ 142.035318][T13146] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 142.035326][T13146] R13: 0000000000000000 R14: 00007ff2177a5fa0 R15: 00007ffe30044418 [ 142.035345][T13146] [ 142.035359][T13146] ERROR: Out of memory at tomoyo_realpath_from_path. [ 142.411453][T13189] 8021q: adding VLAN 0 to HW filter on device bond14 [ 142.419818][T13189] bond0: (slave bond14): Enslaving as an active interface with an up link [ 142.608707][ T1325] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 142.892533][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 143.430278][T13209] FAULT_INJECTION: forcing a failure. [ 143.430278][T13209] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 143.508933][T13209] CPU: 0 UID: 0 PID: 13209 Comm: syz.0.2006 Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 143.508958][T13209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 143.508967][T13209] Call Trace: [ 143.508973][T13209] [ 143.508980][T13209] dump_stack_lvl+0x241/0x360 [ 143.509007][T13209] ? __pfx_dump_stack_lvl+0x10/0x10 [ 143.509027][T13209] ? __pfx__printk+0x10/0x10 [ 143.509047][T13209] ? __pfx_lock_release+0x10/0x10 [ 143.509065][T13209] ? rcu_is_watching+0x15/0xb0 [ 143.509086][T13209] ? lock_release+0xbf/0xa30 [ 143.509106][T13209] should_fail_ex+0x3b0/0x4e0 [ 143.509123][T13209] _copy_from_user+0x2d/0xb0 [ 143.509143][T13209] copy_msghdr_from_user+0xae/0x680 [ 143.509164][T13209] ? rcu_is_watching+0x15/0xb0 [ 143.509186][T13209] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 143.509205][T13209] ? __fget_files+0x2a/0x410 [ 143.509227][T13209] ? __fget_files+0x2a/0x410 [ 143.509250][T13209] __sys_sendmsg+0x209/0x350 [ 143.509266][T13209] ? bpf_lsm_file_permission+0x9/0x10 [ 143.509283][T13209] ? __pfx___sys_sendmsg+0x10/0x10 [ 143.509305][T13209] ? do_sys_openat2+0x17a/0x1d0 [ 143.509337][T13209] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 143.509356][T13209] ? rcu_is_watching+0x15/0xb0 [ 143.509377][T13209] ? rcu_is_watching+0x15/0xb0 [ 143.509405][T13209] do_syscall_64+0xf3/0x230 [ 143.509421][T13209] ? clear_bhb_loop+0x35/0x90 [ 143.509440][T13209] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 143.509456][T13209] RIP: 0033:0x7ff21758cd29 [ 143.509470][T13209] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 143.509482][T13209] RSP: 002b:00007ff2183fe038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 143.509501][T13209] RAX: ffffffffffffffda RBX: 00007ff2177a5fa0 RCX: 00007ff21758cd29 [ 143.509513][T13209] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 143.509523][T13209] RBP: 00007ff2183fe090 R08: 0000000000000000 R09: 0000000000000000 [ 143.509532][T13209] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 143.509541][T13209] R13: 0000000000000000 R14: 00007ff2177a5fa0 R15: 00007ffe30044418 [ 143.509560][T13209] [ 143.586361][T13220] FAULT_INJECTION: forcing a failure. [ 143.586361][T13220] name failslab, interval 1, probability 0, space 0, times 0 [ 143.688961][T13224] __nla_validate_parse: 15 callbacks suppressed [ 143.688979][T13224] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2013'. [ 143.691847][T13226] FAULT_INJECTION: forcing a failure. [ 143.691847][T13226] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 143.714782][ T5837] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 143.749559][T13226] CPU: 1 UID: 0 PID: 13226 Comm: syz.0.2012 Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 143.749581][T13226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 143.749592][T13226] Call Trace: [ 143.749597][T13226] [ 143.749603][T13226] dump_stack_lvl+0x241/0x360 [ 143.749631][T13226] ? __pfx_dump_stack_lvl+0x10/0x10 [ 143.749651][T13226] ? __pfx__printk+0x10/0x10 [ 143.749671][T13226] ? __pfx_lock_release+0x10/0x10 [ 143.749695][T13226] should_fail_ex+0x3b0/0x4e0 [ 143.749711][T13226] _copy_from_iter+0x1e9/0x1c20 [ 143.749729][T13226] ? kmem_cache_alloc_node_noprof+0x22c/0x380 [ 143.749757][T13226] ? __alloc_skb+0x28f/0x440 [ 143.749773][T13226] ? __pfx__copy_from_iter+0x10/0x10 [ 143.749792][T13226] ? __virt_addr_valid+0x183/0x530 [ 143.749810][T13226] ? __virt_addr_valid+0x183/0x530 [ 143.749828][T13226] ? __virt_addr_valid+0x45f/0x530 [ 143.749846][T13226] ? __phys_addr_symbol+0x2f/0x70 [ 143.749864][T13226] ? __check_object_size+0x47a/0x730 [ 143.749885][T13226] netlink_sendmsg+0x73d/0xcb0 [ 143.749909][T13226] ? __pfx_netlink_sendmsg+0x10/0x10 [ 143.749927][T13226] ? aa_sock_msg_perm+0x91/0x160 [ 143.749946][T13226] ? __pfx_netlink_sendmsg+0x10/0x10 [ 143.749962][T13226] __sock_sendmsg+0x221/0x270 [ 143.749984][T13226] ____sys_sendmsg+0x52a/0x7e0 [ 143.750003][T13226] ? __pfx_____sys_sendmsg+0x10/0x10 [ 143.750020][T13226] ? __fget_files+0x2a/0x410 [ 143.750041][T13226] ? __fget_files+0x2a/0x410 [ 143.750064][T13226] __sys_sendmsg+0x269/0x350 [ 143.750080][T13226] ? bpf_lsm_file_permission+0x9/0x10 [ 143.750097][T13226] ? __pfx___sys_sendmsg+0x10/0x10 [ 143.750119][T13226] ? do_sys_openat2+0x17a/0x1d0 [ 143.750162][T13226] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 143.750181][T13226] ? rcu_is_watching+0x15/0xb0 [ 143.750203][T13226] ? rcu_is_watching+0x15/0xb0 [ 143.750224][T13226] do_syscall_64+0xf3/0x230 [ 143.750240][T13226] ? clear_bhb_loop+0x35/0x90 [ 143.750258][T13226] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 143.750275][T13226] RIP: 0033:0x7ff21758cd29 [ 143.750288][T13226] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 143.750301][T13226] RSP: 002b:00007ff2183fe038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 143.750318][T13226] RAX: ffffffffffffffda RBX: 00007ff2177a5fa0 RCX: 00007ff21758cd29 [ 143.750330][T13226] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003 [ 143.750340][T13226] RBP: 00007ff2183fe090 R08: 0000000000000000 R09: 0000000000000000 [ 143.750350][T13226] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 143.750359][T13226] R13: 0000000000000000 R14: 00007ff2177a5fa0 R15: 00007ffe30044418 [ 143.750376][T13226] [ 143.803050][T13220] CPU: 1 UID: 0 PID: 13220 Comm: syz.1.2011 Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 143.803072][T13220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 143.803082][T13220] Call Trace: [ 143.803088][T13220] [ 143.803094][T13220] dump_stack_lvl+0x241/0x360 [ 143.803128][T13220] ? __pfx_dump_stack_lvl+0x10/0x10 [ 143.803148][T13220] ? __pfx__printk+0x10/0x10 [ 143.803169][T13220] ? __pfx___might_resched+0x10/0x10 [ 143.803189][T13220] should_fail_ex+0x3b0/0x4e0 [ 143.803207][T13220] should_failslab+0xac/0x100 [ 143.803228][T13220] kmem_cache_alloc_node_noprof+0x77/0x380 [ 143.803249][T13220] ? __alloc_skb+0x1c3/0x440 [ 143.803266][T13220] __alloc_skb+0x1c3/0x440 [ 143.803281][T13220] ? lock_release+0xbf/0xa30 [ 143.803301][T13220] ? __pfx___alloc_skb+0x10/0x10 [ 143.803321][T13220] tipc_msg_build+0x150/0x1070 [ 143.803341][T13220] ? tipc_node_find+0x42f/0x5a0 [ 143.803363][T13220] ? __pfx_tipc_msg_build+0x10/0x10 [ 143.803383][T13220] ? tipc_node_get_mtu+0x228/0x2d0 [ 143.803404][T13220] __tipc_sendmsg+0x1e61/0x35e0 [ 143.803433][T13220] ? 0xffffffffa000094c [ 143.803444][T13220] ? __pfx___tipc_sendmsg+0x10/0x10 [ 143.803465][T13220] ? is_bpf_text_address+0x285/0x2a0 [ 143.803483][T13220] ? is_bpf_text_address+0x26/0x2a0 [ 143.803501][T13220] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 143.803521][T13220] ? rcu_is_watching+0x15/0xb0 [ 143.803542][T13220] ? _parse_integer_limit+0x1b5/0x200 [ 143.803560][T13220] ? kstrtoull+0x1d1/0x2f0 [ 143.803577][T13220] ? __pfx_kstrtoull+0x10/0x10 [ 143.803591][T13220] ? lock_release+0xbf/0xa30 [ 143.803610][T13220] ? __pfx___might_resched+0x10/0x10 [ 143.803629][T13220] ? rcu_is_watching+0x15/0xb0 [ 143.803649][T13220] ? lock_acquire+0xe3/0x550 [ 143.803667][T13220] ? tipc_connect+0x138/0x720 [ 143.803686][T13220] ? rcu_is_watching+0x15/0xb0 [ 143.803706][T13220] ? tipc_connect+0x138/0x720 [ 143.803725][T13220] ? lock_release+0xbf/0xa30 [ 143.803743][T13220] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 143.803765][T13220] ? __local_bh_enable_ip+0x168/0x200 [ 143.803781][T13220] ? __pfx_woken_wake_function+0x10/0x10 [ 143.803801][T13220] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 143.803819][T13220] ? iov_iter_kvec+0x4e/0x180 [ 143.803838][T13220] tipc_connect+0x505/0x720 [ 143.803860][T13220] ? __pfx_tipc_connect+0x10/0x10 [ 143.803878][T13220] ? aa_sk_perm+0x96d/0xab0 [ 143.803897][T13220] ? __pfx_aa_sk_perm+0x10/0x10 [ 143.803911][T13220] ? __might_fault+0xc6/0x120 [ 143.803931][T13220] __sys_connect+0x288/0x2d0 [ 143.803946][T13220] ? __fget_files+0x2a/0x410 [ 143.803966][T13220] ? __pfx___sys_connect+0x10/0x10 [ 143.803986][T13220] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 143.804005][T13220] ? rcu_is_watching+0x15/0xb0 [ 143.804027][T13220] __x64_sys_connect+0x7a/0x90 [ 143.804043][T13220] do_syscall_64+0xf3/0x230 [ 143.804058][T13220] ? clear_bhb_loop+0x35/0x90 [ 143.804076][T13220] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 143.804093][T13220] RIP: 0033:0x7f83fbd8cd29 [ 143.804106][T13220] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 143.804125][T13220] RSP: 002b:00007f83fcb82038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 143.804143][T13220] RAX: ffffffffffffffda RBX: 00007f83fbfa5fa0 RCX: 00007f83fbd8cd29 [ 143.804154][T13220] RDX: 0000000000000010 RSI: 0000000020000040 RDI: 0000000000000003 [ 143.804164][T13220] RBP: 00007f83fcb82090 R08: 0000000000000000 R09: 0000000000000000 [ 143.804174][T13220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 143.804184][T13220] R13: 0000000000000000 R14: 00007f83fbfa5fa0 R15: 00007fff1a1e39c8 [ 143.804202][T13220] [ 143.818449][T13231] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2016'. [ 143.869205][ T5837] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 143.936631][T13235] No such timeout policy "syz0" [ 143.945742][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 143.961273][ T5837] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 144.002293][T13241] netlink: 'syz.2.2016': attribute type 39 has an invalid length. [ 144.015988][ T5837] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 144.261567][T13250] netlink: 'syz.2.2022': attribute type 10 has an invalid length. [ 144.285178][ T5837] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 144.322319][T13258] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2026'. [ 144.325284][ T5837] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 144.331276][T13250] team0: Port device netdevsim0 added [ 144.728259][T13217] chnl_net:caif_netlink_parms(): no params data found [ 144.772380][T13283] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2032'. [ 144.869190][T13283] netlink: 'syz.0.2032': attribute type 39 has an invalid length. [ 144.931968][ T1325] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 144.955156][T13301] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2037'. [ 144.972577][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 145.038798][T13217] bridge0: port 1(bridge_slave_0) entered blocking state [ 145.048186][T13217] bridge0: port 1(bridge_slave_0) entered disabled state [ 145.056434][T13217] bridge_slave_0: entered allmulticast mode [ 145.064015][T13217] bridge_slave_0: entered promiscuous mode [ 145.075694][T13217] bridge0: port 2(bridge_slave_1) entered blocking state [ 145.083460][T13217] bridge0: port 2(bridge_slave_1) entered disabled state [ 145.090582][T13217] bridge_slave_1: entered allmulticast mode [ 145.122210][T13217] bridge_slave_1: entered promiscuous mode [ 145.148894][ T1325] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.204335][T13325] FAULT_INJECTION: forcing a failure. [ 145.204335][T13325] name failslab, interval 1, probability 0, space 0, times 0 [ 145.220151][T13217] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 145.230593][T13325] CPU: 1 UID: 0 PID: 13325 Comm: syz.4.2045 Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 145.230614][T13325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 145.230623][T13325] Call Trace: [ 145.230629][T13325] [ 145.230635][T13325] dump_stack_lvl+0x241/0x360 [ 145.230661][T13325] ? __pfx_dump_stack_lvl+0x10/0x10 [ 145.230680][T13325] ? __pfx__printk+0x10/0x10 [ 145.230699][T13325] ? __pfx_lock_acquire+0x10/0x10 [ 145.230718][T13325] ? __pfx___might_resched+0x10/0x10 [ 145.230734][T13325] ? aa_label_sk_perm+0x4f3/0x6c0 [ 145.230751][T13325] should_fail_ex+0x3b0/0x4e0 [ 145.230768][T13325] should_failslab+0xac/0x100 [ 145.230789][T13325] kmem_cache_alloc_node_noprof+0x77/0x380 [ 145.230809][T13325] ? __alloc_skb+0x1c3/0x440 [ 145.230826][T13325] __alloc_skb+0x1c3/0x440 [ 145.230843][T13325] ? __pfx___alloc_skb+0x10/0x10 [ 145.230862][T13325] netlink_sendmsg+0x638/0xcb0 [ 145.230883][T13325] ? __pfx_netlink_sendmsg+0x10/0x10 [ 145.230902][T13325] ? aa_sock_msg_perm+0x91/0x160 [ 145.230920][T13325] ? __pfx_netlink_sendmsg+0x10/0x10 [ 145.230935][T13325] __sock_sendmsg+0x221/0x270 [ 145.230955][T13325] ____sys_sendmsg+0x52a/0x7e0 [ 145.230976][T13325] ? __pfx_____sys_sendmsg+0x10/0x10 [ 145.230991][T13325] ? __fget_files+0x2a/0x410 [ 145.231023][T13325] ? __fget_files+0x2a/0x410 [ 145.231046][T13325] __sys_sendmsg+0x269/0x350 [ 145.231062][T13325] ? bpf_lsm_file_permission+0x9/0x10 [ 145.231078][T13325] ? __pfx___sys_sendmsg+0x10/0x10 [ 145.231099][T13325] ? do_sys_openat2+0x17a/0x1d0 [ 145.231127][T13325] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 145.231145][T13325] ? rcu_is_watching+0x15/0xb0 [ 145.231166][T13325] ? rcu_is_watching+0x15/0xb0 [ 145.231186][T13325] do_syscall_64+0xf3/0x230 [ 145.231201][T13325] ? clear_bhb_loop+0x35/0x90 [ 145.231220][T13325] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 145.231235][T13325] RIP: 0033:0x7faf4598cd29 [ 145.231248][T13325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 145.231261][T13325] RSP: 002b:00007faf46750038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 145.231278][T13325] RAX: ffffffffffffffda RBX: 00007faf45ba5fa0 RCX: 00007faf4598cd29 [ 145.231290][T13325] RDX: 0000000000000000 RSI: 0000000020000d40 RDI: 0000000000000004 [ 145.231299][T13325] RBP: 00007faf46750090 R08: 0000000000000000 R09: 0000000000000000 [ 145.231308][T13325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 145.231317][T13325] R13: 0000000000000000 R14: 00007faf45ba5fa0 R15: 00007fff74431418 [ 145.231335][T13325] [ 145.489474][T13217] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 145.567868][T13334] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 145.574336][T13334] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 145.585144][T13217] team0: Port device team_slave_0 added [ 145.592067][T13336] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2050'. [ 145.631687][T13217] team0: Port device team_slave_1 added [ 145.638220][T13340] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2052'. [ 145.659943][ T1325] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.686945][T13217] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 145.697416][T13217] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 145.727770][T13217] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 145.741947][T13340] netlink: 'syz.1.2052': attribute type 39 has an invalid length. [ 145.750177][T13217] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 145.750191][T13217] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 145.750212][T13217] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 145.819797][T13217] hsr_slave_0: entered promiscuous mode [ 145.826581][T13217] hsr_slave_1: entered promiscuous mode [ 145.855833][T13352] netlink: 220 bytes leftover after parsing attributes in process `syz.0.2057'. [ 145.917314][T13352] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 145.975652][ T1325] bridge_slave_1: left allmulticast mode [ 145.993040][ T1325] bridge_slave_1: left promiscuous mode [ 146.001815][ T1325] bridge0: port 2(bridge_slave_1) entered disabled state [ 146.009445][T13364] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2063'. [ 146.019246][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 146.027996][ T1325] bridge_slave_0: left allmulticast mode [ 146.034910][ T1325] bridge_slave_0: left promiscuous mode [ 146.040575][ T1325] bridge0: port 1(bridge_slave_0) entered disabled state [ 146.204082][T13378] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2070'. [ 146.237079][ T1325] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 146.248543][ T1325] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 146.258608][ T1325] bond0 (unregistering): Released all slaves [ 146.296998][T13378] netlink: 'syz.2.2070': attribute type 39 has an invalid length. [ 146.358876][T13390] FAULT_INJECTION: forcing a failure. [ 146.358876][T13390] name failslab, interval 1, probability 0, space 0, times 0 [ 146.399420][T13390] CPU: 0 UID: 0 PID: 13390 Comm: syz.1.2073 Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 146.399444][T13390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 146.399454][T13390] Call Trace: [ 146.399460][T13390] [ 146.399467][T13390] dump_stack_lvl+0x241/0x360 [ 146.399495][T13390] ? __pfx_dump_stack_lvl+0x10/0x10 [ 146.399515][T13390] ? __pfx__printk+0x10/0x10 [ 146.399536][T13390] ? __pfx___might_resched+0x10/0x10 [ 146.399552][T13390] ? lock_release+0xbf/0xa30 [ 146.399572][T13390] should_fail_ex+0x3b0/0x4e0 [ 146.399590][T13390] should_failslab+0xac/0x100 [ 146.399611][T13390] __kmalloc_node_noprof+0xe1/0x4d0 [ 146.399631][T13390] ? apparmor_capable+0x13b/0x1b0 [ 146.399650][T13390] ? __kvmalloc_node_noprof+0x72/0x190 [ 146.399668][T13390] __kvmalloc_node_noprof+0x72/0x190 [ 146.399684][T13390] xt_alloc_table_info+0x3d/0xa0 [ 146.399700][T13390] do_ip6t_set_ctl+0xba0/0x1270 [ 146.399721][T13390] ? __pfx___mutex_trylock_common+0x10/0x10 [ 146.399740][T13390] ? kstrtouint_from_user+0x128/0x190 [ 146.399756][T13390] ? __pfx_do_ip6t_set_ctl+0x10/0x10 [ 146.399773][T13390] ? rcu_is_watching+0x15/0xb0 [ 146.399792][T13390] ? trace_contention_end+0x3c/0x120 [ 146.399815][T13390] ? __mutex_unlock_slowpath+0x227/0x800 [ 146.399832][T13390] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 146.399846][T13390] ? aa_sk_perm+0x96d/0xab0 [ 146.399861][T13390] ? rcu_is_watching+0x15/0xb0 [ 146.399879][T13390] ? __pfx_aa_sk_perm+0x10/0x10 [ 146.399891][T13390] ? lock_release+0xbf/0xa30 [ 146.399908][T13390] nf_setsockopt+0x295/0x2c0 [ 146.399927][T13390] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 146.399947][T13390] do_sock_setsockopt+0x3af/0x720 [ 146.399965][T13390] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 146.399983][T13390] ? __fget_files+0x395/0x410 [ 146.400003][T13390] ? __fget_files+0x2a/0x410 [ 146.400025][T13390] __x64_sys_setsockopt+0x1ee/0x280 [ 146.400044][T13390] do_syscall_64+0xf3/0x230 [ 146.400058][T13390] ? clear_bhb_loop+0x35/0x90 [ 146.400076][T13390] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.400090][T13390] RIP: 0033:0x7f83fbd8cd29 [ 146.400104][T13390] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 146.400116][T13390] RSP: 002b:00007f83fcb82038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 146.400133][T13390] RAX: ffffffffffffffda RBX: 00007f83fbfa5fa0 RCX: 00007f83fbd8cd29 [ 146.400153][T13390] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003 [ 146.400161][T13390] RBP: 00007f83fcb82090 R08: 0000000000000400 R09: 0000000000000000 [ 146.400171][T13390] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001 [ 146.400181][T13390] R13: 0000000000000000 R14: 00007f83fbfa5fa0 R15: 00007fff1a1e39c8 [ 146.400199][T13390] [ 146.680755][ T5837] Bluetooth: hci4: command tx timeout [ 146.887960][ T1325] hsr_slave_0: left promiscuous mode [ 146.894711][ T1325] hsr_slave_1: left promiscuous mode [ 146.900418][ T1325] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 146.908303][ T1325] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 146.919202][ T1325] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 146.927713][ T1325] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 146.937688][ T1325] veth1_macvtap: left promiscuous mode [ 146.943713][ T1325] veth0_macvtap: left promiscuous mode [ 146.949268][ T1325] veth1_vlan: left promiscuous mode [ 146.955092][ T1325] veth0_vlan: left promiscuous mode [ 147.062521][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 147.161740][ T1325] team0 (unregistering): Port device team_slave_1 removed [ 147.172250][ T1325] team0 (unregistering): Port device team_slave_0 removed [ 147.312084][T13217] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 147.354011][T13217] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 147.379952][T13217] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 147.398370][T13217] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 147.561311][T13217] 8021q: adding VLAN 0 to HW filter on device bond0 [ 147.591532][T13217] 8021q: adding VLAN 0 to HW filter on device team0 [ 147.616201][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 147.623307][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 147.677838][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 147.684965][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 147.945896][T13217] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 148.013985][T13217] veth0_vlan: entered promiscuous mode [ 148.036670][T13217] veth1_vlan: entered promiscuous mode [ 148.077508][T13217] veth0_macvtap: entered promiscuous mode [ 148.093044][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 148.104350][T13217] veth1_macvtap: entered promiscuous mode [ 148.120082][T13217] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 148.133692][T13217] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 148.148396][T13217] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.160334][T13217] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.172014][T13217] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.182038][T13217] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.258399][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 148.267076][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 148.297610][ T1325] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 148.306040][T13542] netlink: 'syz.0.2111': attribute type 39 has an invalid length. [ 148.310437][ T1325] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 148.574413][T13564] 8021q: adding VLAN 0 to HW filter on device bond10 [ 148.582399][T13564] bond0: (slave bond10): Enslaving as an active interface with an up link [ 148.790321][T13585] FAULT_INJECTION: forcing a failure. [ 148.790321][T13585] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 148.790791][T13581] __nla_validate_parse: 11 callbacks suppressed [ 148.790806][T13581] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2121'. [ 148.811975][T13585] CPU: 1 UID: 0 PID: 13585 Comm: syz.4.2122 Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 148.811997][T13585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 148.812007][T13585] Call Trace: [ 148.812013][T13585] [ 148.812019][T13585] dump_stack_lvl+0x241/0x360 [ 148.812045][T13585] ? __pfx_dump_stack_lvl+0x10/0x10 [ 148.812065][T13585] ? __pfx__printk+0x10/0x10 [ 148.812085][T13585] ? __pfx_lock_release+0x10/0x10 [ 148.812103][T13585] ? rcu_is_watching+0x15/0xb0 [ 148.812124][T13585] ? lock_release+0xbf/0xa30 [ 148.812143][T13585] should_fail_ex+0x3b0/0x4e0 [ 148.812161][T13585] _copy_from_user+0x2d/0xb0 [ 148.812181][T13585] copy_msghdr_from_user+0xae/0x680 [ 148.812202][T13585] ? lock_release+0xbf/0xa30 [ 148.812221][T13585] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 148.812240][T13585] ? __fget_files+0x2a/0x410 [ 148.812261][T13585] ? __fget_files+0x2a/0x410 [ 148.812284][T13585] __sys_recvmsg+0x200/0x390 [ 148.812304][T13585] ? __pfx___sys_recvmsg+0x10/0x10 [ 148.812326][T13585] ? __fget_files+0x2a/0x410 [ 148.812352][T13585] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 148.812371][T13585] ? rcu_is_watching+0x15/0xb0 [ 148.812392][T13585] ? rcu_is_watching+0x15/0xb0 [ 148.812413][T13585] do_syscall_64+0xf3/0x230 [ 148.812429][T13585] ? clear_bhb_loop+0x35/0x90 [ 148.812447][T13585] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 148.812468][T13585] RIP: 0033:0x7faf4598cd29 [ 148.812481][T13585] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 148.812494][T13585] RSP: 002b:00007faf46750038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 148.812511][T13585] RAX: ffffffffffffffda RBX: 00007faf45ba5fa0 RCX: 00007faf4598cd29 [ 148.812523][T13585] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003 [ 148.812533][T13585] RBP: 00007faf46750090 R08: 0000000000000000 R09: 0000000000000000 [ 148.812542][T13585] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 148.812551][T13585] R13: 0000000000000000 R14: 00007faf45ba5fa0 R15: 00007fff74431418 [ 148.812569][T13585] [ 148.952295][T13594] netlink: 'syz.2.2123': attribute type 39 has an invalid length. [ 149.096875][T13595] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2125'. [ 149.117479][T13604] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2130'. [ 149.132523][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 149.147157][T13607] No such timeout policy "syz0" [ 149.364673][T13634] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2138'. [ 149.393794][T13632] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2140'. [ 149.425048][T13637] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2142'. [ 149.460566][T13639] 8021q: adding VLAN 0 to HW filter on device bond11 [ 149.469031][T13639] bond0: (slave bond11): Enslaving as an active interface with an up link [ 149.569813][T13642] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2143'. [ 149.673693][T13662] Timeout policy `syz0' can only be used by L3 protocol number 34984 [ 149.687787][T13664] FAULT_INJECTION: forcing a failure. [ 149.687787][T13664] name failslab, interval 1, probability 0, space 0, times 0 [ 149.702246][T13664] CPU: 0 UID: 0 PID: 13664 Comm: syz.2.2151 Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 149.702268][T13664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 149.702276][T13664] Call Trace: [ 149.702282][T13664] [ 149.702289][T13664] dump_stack_lvl+0x241/0x360 [ 149.702315][T13664] ? __pfx_dump_stack_lvl+0x10/0x10 [ 149.702334][T13664] ? __pfx__printk+0x10/0x10 [ 149.702355][T13664] ? __pfx___might_resched+0x10/0x10 [ 149.702374][T13664] should_fail_ex+0x3b0/0x4e0 [ 149.702392][T13664] should_failslab+0xac/0x100 [ 149.702412][T13664] ? vm_area_dup+0x27/0x290 [ 149.702430][T13664] kmem_cache_alloc_noprof+0x70/0x380 [ 149.702454][T13664] vm_area_dup+0x27/0x290 [ 149.702478][T13664] __split_vma+0x1cb/0xc50 [ 149.702498][T13664] ? __pfx_lock_release+0x10/0x10 [ 149.702521][T13664] ? __pfx___split_vma+0x10/0x10 [ 149.702548][T13664] vms_gather_munmap_vmas+0x2e6/0x1600 [ 149.702570][T13664] ? process_measurement+0x1aea/0x1fb0 [ 149.702590][T13664] ? mtree_range_walk+0x6fd/0x8e0 [ 149.702612][T13664] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 149.702637][T13664] ? mas_find+0x8c0/0xbb0 [ 149.702657][T13664] __mmap_region+0x7c4/0x2d30 [ 149.702680][T13664] ? rcu_is_watching+0x15/0xb0 [ 149.702705][T13664] ? deref_stack_reg+0x17c/0x210 [ 149.702725][T13664] ? __pfx___mmap_region+0x10/0x10 [ 149.702747][T13664] ? 0xffffffffa000094c [ 149.702774][T13664] ? rcu_is_watching+0x15/0xb0 [ 149.702795][T13664] ? lock_release+0xbf/0xa30 [ 149.702812][T13664] ? __pfx_lock_acquire+0x10/0x10 [ 149.702829][T13664] ? get_pid_task+0x23/0x1f0 [ 149.702848][T13664] ? arch_get_unmapped_area_topdown+0x28e/0xc50 [ 149.702871][T13664] ? __pfx_lock_release+0x10/0x10 [ 149.702888][T13664] ? __pfx_arch_get_unmapped_area_topdown+0x10/0x10 [ 149.702917][T13664] ? lock_acquire+0xe3/0x550 [ 149.702933][T13664] ? cap_mmap_addr+0x163/0x2c0 [ 149.702947][T13664] mmap_region+0x226/0x2c0 [ 149.702966][T13664] do_mmap+0x97a/0x10d0 [ 149.702983][T13664] ? __pfx_do_mmap+0x10/0x10 [ 149.702997][T13664] ? __pfx_down_write_killable+0x10/0x10 [ 149.703012][T13664] ? common_file_perm+0x1a6/0x210 [ 149.703031][T13664] vm_mmap_pgoff+0x214/0x430 [ 149.703051][T13664] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 149.703067][T13664] ? __fget_files+0x2a/0x410 [ 149.703088][T13664] ? __fget_files+0x395/0x410 [ 149.703105][T13664] ? __fget_files+0x2a/0x410 [ 149.703125][T13664] ksys_mmap_pgoff+0x4eb/0x720 [ 149.703139][T13664] ? __x64_sys_mmap+0x7f/0x140 [ 149.703158][T13664] do_syscall_64+0xf3/0x230 [ 149.703173][T13664] ? clear_bhb_loop+0x35/0x90 [ 149.703192][T13664] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 149.703207][T13664] RIP: 0033:0x7f3bbc38cd29 [ 149.703220][T13664] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 149.703233][T13664] RSP: 002b:00007f3bbd251038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 149.703250][T13664] RAX: ffffffffffffffda RBX: 00007f3bbc5a5fa0 RCX: 00007f3bbc38cd29 [ 149.703262][T13664] RDX: 0000000000000002 RSI: 0000000000c00000 RDI: 0000000020001000 [ 149.703271][T13664] RBP: 00007f3bbd251090 R08: 0000000000000004 R09: 0000000000020000 [ 149.703280][T13664] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000001 [ 149.703290][T13664] R13: 0000000000000000 R14: 00007f3bbc5a5fa0 R15: 00007fffc87ec908 [ 149.703307][T13664] [ 150.114763][T13673] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2154'. [ 150.172570][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 150.183375][T13683] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2153'. [ 150.196215][ T5872] hid-generic 0005:16C0:05DF.0001: item fetching failed at offset 0/1 [ 150.205465][ T5872] hid-generic 0005:16C0:05DF.0001: probe with driver hid-generic failed with error -22 [ 150.281592][T13686] 8021q: adding VLAN 0 to HW filter on device bond15 [ 150.291723][T13686] bond0: (slave bond15): Enslaving as an active interface with an up link [ 150.357915][T13702] FAULT_INJECTION: forcing a failure. [ 150.357915][T13702] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 150.358441][ T64] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 150.373350][T13702] CPU: 0 UID: 0 PID: 13702 Comm: syz.4.2165 Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 150.373371][T13702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 150.373381][T13702] Call Trace: [ 150.373387][T13702] [ 150.373393][T13702] dump_stack_lvl+0x241/0x360 [ 150.373420][T13702] ? __pfx_dump_stack_lvl+0x10/0x10 [ 150.373440][T13702] ? __pfx__printk+0x10/0x10 [ 150.373460][T13702] ? __pfx_lock_release+0x10/0x10 [ 150.373478][T13702] ? rcu_is_watching+0x15/0xb0 [ 150.373498][T13702] ? lock_release+0xbf/0xa30 [ 150.373518][T13702] should_fail_ex+0x3b0/0x4e0 [ 150.373536][T13702] _copy_from_user+0x2d/0xb0 [ 150.373555][T13702] copy_msghdr_from_user+0xae/0x680 [ 150.373576][T13702] ? rcu_is_watching+0x15/0xb0 [ 150.373598][T13702] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 150.373617][T13702] ? __fget_files+0x2a/0x410 [ 150.373638][T13702] ? __fget_files+0x2a/0x410 [ 150.373661][T13702] __sys_sendmsg+0x209/0x350 [ 150.373677][T13702] ? bpf_lsm_file_permission+0x9/0x10 [ 150.373693][T13702] ? __pfx___sys_sendmsg+0x10/0x10 [ 150.373715][T13702] ? do_sys_openat2+0x17a/0x1d0 [ 150.373746][T13702] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 150.373764][T13702] ? rcu_is_watching+0x15/0xb0 [ 150.373784][T13702] ? rcu_is_watching+0x15/0xb0 [ 150.373813][T13702] do_syscall_64+0xf3/0x230 [ 150.373828][T13702] ? clear_bhb_loop+0x35/0x90 [ 150.373847][T13702] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 150.373862][T13702] RIP: 0033:0x7faf4598cd29 [ 150.373875][T13702] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 150.373888][T13702] RSP: 002b:00007faf46750038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 150.373906][T13702] RAX: ffffffffffffffda RBX: 00007faf45ba5fa0 RCX: 00007faf4598cd29 [ 150.373917][T13702] RDX: 0000000000040000 RSI: 00000000200002c0 RDI: 0000000000000003 [ 150.373927][T13702] RBP: 00007faf46750090 R08: 0000000000000000 R09: 0000000000000000 [ 150.373937][T13702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 150.373946][T13702] R13: 0000000000000000 R14: 00007faf45ba5fa0 R15: 00007fff74431418 [ 150.373964][T13702] [ 150.571864][T13690] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2159'. [ 151.212536][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 151.396521][T13709] netlink: 'syz.1.2166': attribute type 12 has an invalid length. [ 151.424525][T13709] tipc: Enabled bearer , priority 0 [ 151.426626][T13715] FAULT_INJECTION: forcing a failure. [ 151.426626][T13715] name failslab, interval 1, probability 0, space 0, times 0 [ 151.464363][T13708] tipc: Disabling bearer [ 151.470423][T13715] CPU: 1 UID: 0 PID: 13715 Comm: syz.4.2169 Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 151.470442][T13715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 151.470458][T13715] Call Trace: [ 151.470464][T13715] [ 151.470470][T13715] dump_stack_lvl+0x241/0x360 [ 151.470495][T13715] ? __pfx_dump_stack_lvl+0x10/0x10 [ 151.470515][T13715] ? __pfx__printk+0x10/0x10 [ 151.470535][T13715] ? __pfx___might_resched+0x10/0x10 [ 151.470554][T13715] should_fail_ex+0x3b0/0x4e0 [ 151.470571][T13715] should_failslab+0xac/0x100 [ 151.470591][T13715] kmem_cache_alloc_node_noprof+0x77/0x380 [ 151.470612][T13715] ? __alloc_skb+0x1c3/0x440 [ 151.470629][T13715] __alloc_skb+0x1c3/0x440 [ 151.470644][T13715] ? __pfx___netlink_lookup+0x10/0x10 [ 151.470663][T13715] ? __pfx___alloc_skb+0x10/0x10 [ 151.470679][T13715] ? netlink_autobind+0xd6/0x2f0 [ 151.470695][T13715] ? netlink_autobind+0x2b0/0x2f0 [ 151.470714][T13715] netlink_sendmsg+0x638/0xcb0 [ 151.470736][T13715] ? __pfx_netlink_sendmsg+0x10/0x10 [ 151.470753][T13715] ? aa_sock_msg_perm+0x91/0x160 [ 151.470771][T13715] ? __pfx_netlink_sendmsg+0x10/0x10 [ 151.470786][T13715] __sock_sendmsg+0x221/0x270 [ 151.470806][T13715] ____sys_sendmsg+0x52a/0x7e0 [ 151.470826][T13715] ? __pfx_____sys_sendmsg+0x10/0x10 [ 151.470840][T13715] ? __fget_files+0x2a/0x410 [ 151.470861][T13715] ? __fget_files+0x2a/0x410 [ 151.470883][T13715] __sys_sendmsg+0x269/0x350 [ 151.470899][T13715] ? bpf_lsm_file_permission+0x9/0x10 [ 151.470915][T13715] ? __pfx___sys_sendmsg+0x10/0x10 [ 151.470936][T13715] ? do_sys_openat2+0x17a/0x1d0 [ 151.470965][T13715] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 151.470985][T13715] ? rcu_is_watching+0x15/0xb0 [ 151.471006][T13715] ? rcu_is_watching+0x15/0xb0 [ 151.471028][T13715] do_syscall_64+0xf3/0x230 [ 151.471044][T13715] ? clear_bhb_loop+0x35/0x90 [ 151.471062][T13715] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 151.471079][T13715] RIP: 0033:0x7faf4598cd29 [ 151.471093][T13715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 151.471105][T13715] RSP: 002b:00007faf46750038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 151.471123][T13715] RAX: ffffffffffffffda RBX: 00007faf45ba5fa0 RCX: 00007faf4598cd29 [ 151.471135][T13715] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 151.471146][T13715] RBP: 00007faf46750090 R08: 0000000000000000 R09: 0000000000000000 [ 151.471155][T13715] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 151.471165][T13715] R13: 0000000000000000 R14: 00007faf45ba5fa0 R15: 00007fff74431418 [ 151.471184][T13715] [ 151.485799][T13718] FAULT_INJECTION: forcing a failure. [ 151.485799][T13718] name failslab, interval 1, probability 0, space 0, times 0 [ 151.575172][ T5832] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 151.618097][T13724] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 151.619361][ T5832] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 151.633921][T13718] CPU: 0 UID: 0 PID: 13718 Comm: syz.2.2171 Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 151.633943][T13718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 151.633952][T13718] Call Trace: [ 151.633958][T13718] [ 151.633965][T13718] dump_stack_lvl+0x241/0x360 [ 151.633991][T13718] ? __pfx_dump_stack_lvl+0x10/0x10 [ 151.634010][T13718] ? __pfx__printk+0x10/0x10 [ 151.634027][T13718] ? lock_release+0xbf/0xa30 [ 151.634051][T13718] should_fail_ex+0x3b0/0x4e0 [ 151.634069][T13718] should_failslab+0xac/0x100 [ 151.634089][T13718] ? skb_clone+0x20c/0x390 [ 151.634106][T13718] kmem_cache_alloc_noprof+0x70/0x380 [ 151.634128][T13718] skb_clone+0x20c/0x390 [ 151.634147][T13718] __netlink_deliver_tap+0x3cc/0x7f0 [ 151.634170][T13718] ? netlink_deliver_tap+0x2e/0x1b0 [ 151.634186][T13718] netlink_deliver_tap+0x19d/0x1b0 [ 151.634203][T13718] netlink_unicast+0x7c4/0x990 [ 151.634221][T13718] ? __pfx_netlink_unicast+0x10/0x10 [ 151.634235][T13718] ? __virt_addr_valid+0x45f/0x530 [ 151.634254][T13718] ? __phys_addr_symbol+0x2f/0x70 [ 151.634271][T13718] ? __check_object_size+0x47a/0x730 [ 151.634293][T13718] netlink_sendmsg+0x8e4/0xcb0 [ 151.634326][T13718] ? __pfx_netlink_sendmsg+0x10/0x10 [ 151.634345][T13718] ? aa_sock_msg_perm+0x91/0x160 [ 151.634364][T13718] ? __pfx_netlink_sendmsg+0x10/0x10 [ 151.634380][T13718] __sock_sendmsg+0x221/0x270 [ 151.634401][T13718] ____sys_sendmsg+0x52a/0x7e0 [ 151.634422][T13718] ? __pfx_____sys_sendmsg+0x10/0x10 [ 151.634437][T13718] ? __fget_files+0x2a/0x410 [ 151.634460][T13718] ? __fget_files+0x2a/0x410 [ 151.634482][T13718] __sys_sendmsg+0x269/0x350 [ 151.634498][T13718] ? bpf_lsm_file_permission+0x9/0x10 [ 151.634514][T13718] ? __pfx___sys_sendmsg+0x10/0x10 [ 151.634535][T13718] ? do_sys_openat2+0x17a/0x1d0 [ 151.634566][T13718] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 151.634585][T13718] ? rcu_is_watching+0x15/0xb0 [ 151.634606][T13718] ? rcu_is_watching+0x15/0xb0 [ 151.634627][T13718] do_syscall_64+0xf3/0x230 [ 151.634642][T13718] ? clear_bhb_loop+0x35/0x90 [ 151.634660][T13718] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 151.634676][T13718] RIP: 0033:0x7f3bbc38cd29 [ 151.634690][T13718] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 151.634703][T13718] RSP: 002b:00007f3bbd251038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 151.634720][T13718] RAX: ffffffffffffffda RBX: 00007f3bbc5a5fa0 RCX: 00007f3bbc38cd29 [ 151.634730][T13718] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003 [ 151.634740][T13718] RBP: 00007f3bbd251090 R08: 0000000000000000 R09: 0000000000000000 [ 151.634750][T13718] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 151.634767][T13718] R13: 0000000000000000 R14: 00007f3bbc5a5fa0 R15: 00007fffc87ec908 [ 151.634786][T13718] [ 152.075176][ T5832] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 152.083279][ T5832] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 152.090705][ T5832] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 152.098734][ T5832] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 152.209080][T13720] chnl_net:caif_netlink_parms(): no params data found [ 152.219261][T13738] tipc: Enabled bearer , priority 10 [ 152.230802][T13742] FAULT_INJECTION: forcing a failure. [ 152.230802][T13742] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 152.252098][T13742] CPU: 0 UID: 0 PID: 13742 Comm: syz.4.2177 Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 152.252120][T13742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 152.252130][T13742] Call Trace: [ 152.252136][T13742] [ 152.252143][T13742] dump_stack_lvl+0x241/0x360 [ 152.252169][T13742] ? __pfx_dump_stack_lvl+0x10/0x10 [ 152.252190][T13742] ? __pfx__printk+0x10/0x10 [ 152.252209][T13742] ? __pfx_lock_release+0x10/0x10 [ 152.252232][T13742] should_fail_ex+0x3b0/0x4e0 [ 152.252249][T13742] _copy_from_iter+0x1e9/0x1c20 [ 152.252267][T13742] ? kmem_cache_alloc_node_noprof+0x22c/0x380 [ 152.252295][T13742] ? __alloc_skb+0x28f/0x440 [ 152.252310][T13742] ? __pfx__copy_from_iter+0x10/0x10 [ 152.252329][T13742] ? __virt_addr_valid+0x183/0x530 [ 152.252348][T13742] ? __virt_addr_valid+0x183/0x530 [ 152.252366][T13742] ? __virt_addr_valid+0x45f/0x530 [ 152.252384][T13742] ? __phys_addr_symbol+0x2f/0x70 [ 152.252402][T13742] ? __check_object_size+0x47a/0x730 [ 152.252425][T13742] netlink_sendmsg+0x73d/0xcb0 [ 152.252447][T13742] ? __pfx_netlink_sendmsg+0x10/0x10 [ 152.252481][T13742] ? aa_sock_msg_perm+0x91/0x160 [ 152.252499][T13742] ? __pfx_netlink_sendmsg+0x10/0x10 [ 152.252516][T13742] __sock_sendmsg+0x221/0x270 [ 152.252538][T13742] ____sys_sendmsg+0x52a/0x7e0 [ 152.252559][T13742] ? __pfx_____sys_sendmsg+0x10/0x10 [ 152.252575][T13742] ? __fget_files+0x2a/0x410 [ 152.252596][T13742] ? __fget_files+0x2a/0x410 [ 152.252620][T13742] __sys_sendmsg+0x269/0x350 [ 152.252637][T13742] ? bpf_lsm_file_permission+0x9/0x10 [ 152.252654][T13742] ? __pfx___sys_sendmsg+0x10/0x10 [ 152.252677][T13742] ? do_sys_openat2+0x17a/0x1d0 [ 152.252710][T13742] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 152.252729][T13742] ? rcu_is_watching+0x15/0xb0 [ 152.252751][T13742] ? rcu_is_watching+0x15/0xb0 [ 152.252772][T13742] do_syscall_64+0xf3/0x230 [ 152.252787][T13742] ? clear_bhb_loop+0x35/0x90 [ 152.252806][T13742] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 152.252822][T13742] RIP: 0033:0x7faf4598cd29 [ 152.252836][T13742] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 152.252850][T13742] RSP: 002b:00007faf46750038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 152.252868][T13742] RAX: ffffffffffffffda RBX: 00007faf45ba5fa0 RCX: 00007faf4598cd29 [ 152.252880][T13742] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 152.252891][T13742] RBP: 00007faf46750090 R08: 0000000000000000 R09: 0000000000000000 [ 152.252901][T13742] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 152.252911][T13742] R13: 0000000000000000 R14: 00007faf45ba5fa0 R15: 00007fff74431418 [ 152.252930][T13742] [ 152.253080][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 152.543719][T13745] netlink: 'syz.1.2178': attribute type 4 has an invalid length. [ 152.580310][T13749] team0: Device vti0 is of different type [ 152.616988][T13756] FAULT_INJECTION: forcing a failure. [ 152.616988][T13756] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 152.656558][T13756] CPU: 0 UID: 0 PID: 13756 Comm: syz.2.2181 Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 152.656581][T13756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 152.656591][T13756] Call Trace: [ 152.656597][T13756] [ 152.656602][T13756] dump_stack_lvl+0x241/0x360 [ 152.656629][T13756] ? __pfx_dump_stack_lvl+0x10/0x10 [ 152.656650][T13756] ? __pfx__printk+0x10/0x10 [ 152.656674][T13756] should_fail_ex+0x3b0/0x4e0 [ 152.656692][T13756] _copy_from_user+0x2d/0xb0 [ 152.656714][T13756] copy_from_sockptr_offset+0x6b/0xb0 [ 152.656736][T13756] do_ip6t_set_ctl+0xbe6/0x1270 [ 152.656757][T13756] ? __pfx___mutex_trylock_common+0x10/0x10 [ 152.656779][T13756] ? kstrtouint_from_user+0x128/0x190 [ 152.656797][T13756] ? __pfx_do_ip6t_set_ctl+0x10/0x10 [ 152.656816][T13756] ? rcu_is_watching+0x15/0xb0 [ 152.656837][T13756] ? trace_contention_end+0x3c/0x120 [ 152.656863][T13756] ? __mutex_unlock_slowpath+0x227/0x800 [ 152.656883][T13756] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 152.656898][T13756] ? aa_sk_perm+0x96d/0xab0 [ 152.656916][T13756] ? rcu_is_watching+0x15/0xb0 [ 152.656935][T13756] ? __pfx_aa_sk_perm+0x10/0x10 [ 152.656949][T13756] ? lock_release+0xbf/0xa30 [ 152.656969][T13756] nf_setsockopt+0x295/0x2c0 [ 152.656989][T13756] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 152.657010][T13756] do_sock_setsockopt+0x3af/0x720 [ 152.657030][T13756] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 152.657049][T13756] ? __fget_files+0x395/0x410 [ 152.657070][T13756] ? __fget_files+0x2a/0x410 [ 152.657094][T13756] __x64_sys_setsockopt+0x1ee/0x280 [ 152.657113][T13756] do_syscall_64+0xf3/0x230 [ 152.657129][T13756] ? clear_bhb_loop+0x35/0x90 [ 152.657148][T13756] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 152.657165][T13756] RIP: 0033:0x7f3bbc38cd29 [ 152.657178][T13756] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 152.657192][T13756] RSP: 002b:00007f3bbd251038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 152.657209][T13756] RAX: ffffffffffffffda RBX: 00007f3bbc5a5fa0 RCX: 00007f3bbc38cd29 [ 152.657221][T13756] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003 [ 152.657231][T13756] RBP: 00007f3bbd251090 R08: 0000000000000400 R09: 0000000000000000 [ 152.657241][T13756] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001 [ 152.657252][T13756] R13: 0000000000000000 R14: 00007f3bbc5a5fa0 R15: 00007fffc87ec908 [ 152.657271][T13756] [ 152.910121][T13720] bridge0: port 1(bridge_slave_0) entered blocking state [ 152.921860][T13720] bridge0: port 1(bridge_slave_0) entered disabled state [ 152.934168][T13720] bridge_slave_0: entered allmulticast mode [ 152.940865][T13720] bridge_slave_0: entered promiscuous mode [ 152.954934][T13720] bridge0: port 2(bridge_slave_1) entered blocking state [ 152.962039][T13720] bridge0: port 2(bridge_slave_1) entered disabled state [ 152.969575][T13720] bridge_slave_1: entered allmulticast mode [ 152.977223][T13720] bridge_slave_1: entered promiscuous mode [ 152.985200][T13777] tipc: Enabling of bearer rejected, already enabled [ 153.058940][T13720] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 153.071339][T13720] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 153.102193][T13720] team0: Port device team_slave_0 added [ 153.110345][T13720] team0: Port device team_slave_1 added [ 153.166285][T13720] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 153.176965][T13720] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 153.207039][T13720] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 153.225756][T13798] netlink: 'syz.1.2196': attribute type 4 has an invalid length. [ 153.237995][T13720] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 153.250885][T13720] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 153.292524][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 153.305741][T13720] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 153.326884][ T64] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 153.407191][T13809] FAULT_INJECTION: forcing a failure. [ 153.407191][T13809] name failslab, interval 1, probability 0, space 0, times 0 [ 153.428913][T13809] CPU: 0 UID: 0 PID: 13809 Comm: syz.4.2201 Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 153.428937][T13809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 153.428946][T13809] Call Trace: [ 153.428952][T13809] [ 153.428958][T13809] dump_stack_lvl+0x241/0x360 [ 153.428985][T13809] ? __pfx_dump_stack_lvl+0x10/0x10 [ 153.429005][T13809] ? __pfx__printk+0x10/0x10 [ 153.429022][T13809] ? kasan_save_free_info+0x40/0x50 [ 153.429036][T13809] ? __kasan_slab_free+0x59/0x70 [ 153.429054][T13809] ? __pfx___might_resched+0x10/0x10 [ 153.429070][T13809] ? __netlink_deliver_tap+0x56b/0x7f0 [ 153.429087][T13809] ? netlink_deliver_tap+0x19d/0x1b0 [ 153.429101][T13809] ? netlink_unicast+0x7c4/0x990 [ 153.429117][T13809] should_fail_ex+0x3b0/0x4e0 [ 153.429135][T13809] should_failslab+0xac/0x100 [ 153.429155][T13809] kmem_cache_alloc_node_noprof+0x77/0x380 [ 153.429176][T13809] ? __alloc_skb+0x1c3/0x440 [ 153.429191][T13809] ? lock_acquire+0xe3/0x550 [ 153.429208][T13809] __alloc_skb+0x1c3/0x440 [ 153.429225][T13809] ? __pfx___alloc_skb+0x10/0x10 [ 153.429245][T13809] netlink_dump+0x239/0xe10 [ 153.429260][T13809] ? __mutex_lock+0x397/0x1010 [ 153.429275][T13809] ? lock_release+0xbf/0xa30 [ 153.429306][T13809] ? __pfx_netlink_dump+0x10/0x10 [ 153.429321][T13809] ? __netlink_lookup+0x780/0x890 [ 153.429343][T13809] ? __pfx_lock_acquire+0x10/0x10 [ 153.429359][T13809] ? __dev_queue_xmit+0x1775/0x3f50 [ 153.429376][T13809] ? kasan_save_track+0x51/0x80 [ 153.429397][T13809] __netlink_dump_start+0x5a2/0x790 [ 153.429417][T13809] rtnetlink_rcv_msg+0xb3d/0xcf0 [ 153.429439][T13809] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 153.429458][T13809] ? __pfx_fib_nl_dumprule+0x10/0x10 [ 153.429481][T13809] ? ref_tracker_free+0x643/0x7e0 [ 153.429498][T13809] netlink_rcv_skb+0x1e3/0x430 [ 153.429514][T13809] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 153.429534][T13809] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 153.429560][T13809] ? netlink_deliver_tap+0x2e/0x1b0 [ 153.429577][T13809] netlink_unicast+0x7f6/0x990 [ 153.429595][T13809] ? __pfx_netlink_unicast+0x10/0x10 [ 153.429609][T13809] ? __virt_addr_valid+0x45f/0x530 [ 153.429629][T13809] ? __phys_addr_symbol+0x2f/0x70 [ 153.429645][T13809] ? __check_object_size+0x47a/0x730 [ 153.429666][T13809] netlink_sendmsg+0x8e4/0xcb0 [ 153.429688][T13809] ? __pfx_netlink_sendmsg+0x10/0x10 [ 153.429706][T13809] ? __pfx_aa_file_perm+0x10/0x10 [ 153.429722][T13809] ? aa_sock_msg_perm+0x91/0x160 [ 153.429740][T13809] ? __pfx_netlink_sendmsg+0x10/0x10 [ 153.429756][T13809] __sock_sendmsg+0x221/0x270 [ 153.429778][T13809] sock_write_iter+0x2d7/0x3f0 [ 153.429798][T13809] ? __pfx_sock_write_iter+0x10/0x10 [ 153.429815][T13809] ? lock_release+0xbf/0xa30 [ 153.429839][T13809] ? bpf_lsm_file_permission+0x9/0x10 [ 153.429853][T13809] ? security_file_permission+0x74/0x280 [ 153.429877][T13809] vfs_write+0xaeb/0xd30 [ 153.429895][T13809] ? __pfx_sock_write_iter+0x10/0x10 [ 153.429914][T13809] ? __pfx_vfs_write+0x10/0x10 [ 153.429928][T13809] ? do_sys_openat2+0x17a/0x1d0 [ 153.429949][T13809] ? __fget_files+0x2a/0x410 [ 153.429970][T13809] ? __fget_files+0x2a/0x410 [ 153.429992][T13809] ksys_write+0x18f/0x2b0 [ 153.430009][T13809] ? __pfx_ksys_write+0x10/0x10 [ 153.430024][T13809] ? rcu_is_watching+0x15/0xb0 [ 153.430045][T13809] ? rcu_is_watching+0x15/0xb0 [ 153.430067][T13809] do_syscall_64+0xf3/0x230 [ 153.430082][T13809] ? clear_bhb_loop+0x35/0x90 [ 153.430100][T13809] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 153.430115][T13809] RIP: 0033:0x7faf4598cd29 [ 153.430128][T13809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 153.430141][T13809] RSP: 002b:00007faf46750038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 153.430159][T13809] RAX: ffffffffffffffda RBX: 00007faf45ba5fa0 RCX: 00007faf4598cd29 [ 153.430172][T13809] RDX: 0000000000000026 RSI: 0000000020000140 RDI: 0000000000000003 [ 153.430181][T13809] RBP: 00007faf46750090 R08: 0000000000000000 R09: 0000000000000000 [ 153.430191][T13809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 153.430200][T13809] R13: 0000000000000000 R14: 00007faf45ba5fa0 R15: 00007fff74431418 [ 153.430218][T13809] [ 153.868744][ T64] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 153.897984][T13720] hsr_slave_0: entered promiscuous mode [ 153.914966][T13720] hsr_slave_1: entered promiscuous mode [ 153.920952][T13720] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 153.929521][T13720] Cannot create hsr debugfs directory [ 154.067426][ T64] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 154.174443][ T5832] Bluetooth: hci4: command tx timeout [ 154.187948][T13848] __nla_validate_parse: 6 callbacks suppressed [ 154.187962][T13848] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2215'. [ 154.191441][T13850] x_tables: duplicate underflow at hook 1 [ 154.248023][ T64] bridge_slave_1: left allmulticast mode [ 154.279234][ T64] bridge_slave_1: left promiscuous mode [ 154.316874][ T64] bridge0: port 2(bridge_slave_1) entered disabled state [ 154.330584][T13858] FAULT_INJECTION: forcing a failure. [ 154.330584][T13858] name failslab, interval 1, probability 0, space 0, times 0 [ 154.343338][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 154.355868][T13858] CPU: 1 UID: 0 PID: 13858 Comm: syz.4.2216 Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 154.355888][T13858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 154.355897][T13858] Call Trace: [ 154.355903][T13858] [ 154.355909][T13858] dump_stack_lvl+0x241/0x360 [ 154.355935][T13858] ? __pfx_dump_stack_lvl+0x10/0x10 [ 154.355956][T13858] ? __pfx__printk+0x10/0x10 [ 154.355977][T13858] ? __pfx___might_resched+0x10/0x10 [ 154.355995][T13858] should_fail_ex+0x3b0/0x4e0 [ 154.356012][T13858] should_failslab+0xac/0x100 [ 154.356033][T13858] ? vm_area_dup+0x61/0x290 [ 154.356052][T13858] kmem_cache_alloc_noprof+0x70/0x380 [ 154.356076][T13858] vm_area_dup+0x61/0x290 [ 154.356096][T13858] __split_vma+0x1cb/0xc50 [ 154.356116][T13858] ? __pfx_lock_release+0x10/0x10 [ 154.356139][T13858] ? __pfx___split_vma+0x10/0x10 [ 154.356166][T13858] vms_gather_munmap_vmas+0x2e6/0x1600 [ 154.356189][T13858] ? process_measurement+0x1aea/0x1fb0 [ 154.356208][T13858] ? mtree_range_walk+0x6fd/0x8e0 [ 154.356229][T13858] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 154.356252][T13858] ? mas_find+0x8c0/0xbb0 [ 154.356274][T13858] __mmap_region+0x7c4/0x2d30 [ 154.356297][T13858] ? rcu_is_watching+0x15/0xb0 [ 154.356322][T13858] ? deref_stack_reg+0x17c/0x210 [ 154.356343][T13858] ? __pfx___mmap_region+0x10/0x10 [ 154.356366][T13858] ? 0xffffffffa000094c [ 154.356395][T13858] ? rcu_is_watching+0x15/0xb0 [ 154.356415][T13858] ? lock_release+0xbf/0xa30 [ 154.356433][T13858] ? __pfx_lock_acquire+0x10/0x10 [ 154.356458][T13858] ? get_pid_task+0x23/0x1f0 [ 154.356480][T13858] ? arch_get_unmapped_area_topdown+0x28e/0xc50 [ 154.356502][T13858] ? __pfx_lock_release+0x10/0x10 [ 154.356520][T13858] ? __pfx_arch_get_unmapped_area_topdown+0x10/0x10 [ 154.356541][T13858] ? lock_acquire+0xe3/0x550 [ 154.356559][T13858] ? cap_mmap_addr+0x163/0x2c0 [ 154.356575][T13858] mmap_region+0x226/0x2c0 [ 154.356595][T13858] do_mmap+0x97a/0x10d0 [ 154.356613][T13858] ? __pfx_do_mmap+0x10/0x10 [ 154.356627][T13858] ? __pfx_down_write_killable+0x10/0x10 [ 154.356644][T13858] ? common_file_perm+0x1a6/0x210 [ 154.356663][T13858] vm_mmap_pgoff+0x214/0x430 [ 154.356684][T13858] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 154.356700][T13858] ? __fget_files+0x2a/0x410 [ 154.356720][T13858] ? __fget_files+0x395/0x410 [ 154.356739][T13858] ? __fget_files+0x2a/0x410 [ 154.356758][T13858] ksys_mmap_pgoff+0x4eb/0x720 [ 154.356774][T13858] ? __x64_sys_mmap+0x7f/0x140 [ 154.356793][T13858] do_syscall_64+0xf3/0x230 [ 154.356807][T13858] ? clear_bhb_loop+0x35/0x90 [ 154.356826][T13858] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 154.356843][T13858] RIP: 0033:0x7faf4598cd29 [ 154.356856][T13858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 154.356869][T13858] RSP: 002b:00007faf46750038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 154.356886][T13858] RAX: ffffffffffffffda RBX: 00007faf45ba5fa0 RCX: 00007faf4598cd29 [ 154.356897][T13858] RDX: 0000000000000002 RSI: 0000000000c00000 RDI: 0000000020001000 [ 154.356907][T13858] RBP: 00007faf46750090 R08: 0000000000000004 R09: 0000000000020000 [ 154.356916][T13858] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000001 [ 154.356925][T13858] R13: 0000000000000000 R14: 00007faf45ba5fa0 R15: 00007fff74431418 [ 154.356942][T13858] [ 154.358968][ T64] bridge_slave_0: left allmulticast mode [ 154.707803][ T64] bridge_slave_0: left promiscuous mode [ 154.713982][ T64] bridge0: port 1(bridge_slave_0) entered disabled state [ 154.776089][T13887] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2222'. [ 154.776477][T13879] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2220'. [ 154.926446][ T64] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 154.937595][ T64] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 154.948363][ T64] bond0 (unregistering): Released all slaves [ 154.995415][T13894] netlink: 'syz.0.2224': attribute type 1 has an invalid length. [ 155.100183][T13902] 8021q: adding VLAN 0 to HW filter on device bond16 [ 155.104952][T13910] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2229'. [ 155.109631][T13902] bond16: entered promiscuous mode [ 155.122217][T13902] bond16: entered allmulticast mode [ 155.129214][T13902] bond0: (slave bond16): Enslaving as an active interface with an up link [ 155.145677][T13904] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 155.255403][T13916] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2231'. [ 155.269344][T13926] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2234'. [ 155.333145][T13926] netlink: 'syz.4.2234': attribute type 39 has an invalid length. [ 155.372576][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 155.390861][T13934] netlink: 100 bytes leftover after parsing attributes in process `syz.2.2236'. [ 155.458467][T13720] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 155.467035][T13941] FAULT_INJECTION: forcing a failure. [ 155.467035][T13941] name failslab, interval 1, probability 0, space 0, times 0 [ 155.487027][T13940] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2238'. [ 155.497086][T13941] CPU: 0 UID: 0 PID: 13941 Comm: syz.1.2239 Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 155.497115][T13941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 155.497125][T13941] Call Trace: [ 155.497131][T13941] [ 155.497137][T13941] dump_stack_lvl+0x241/0x360 [ 155.497164][T13941] ? __pfx_dump_stack_lvl+0x10/0x10 [ 155.497185][T13941] ? __pfx__printk+0x10/0x10 [ 155.497207][T13941] ? __pfx___might_resched+0x10/0x10 [ 155.497226][T13941] should_fail_ex+0x3b0/0x4e0 [ 155.497243][T13941] should_failslab+0xac/0x100 [ 155.497264][T13941] kmem_cache_alloc_node_noprof+0x77/0x380 [ 155.497286][T13941] ? __alloc_skb+0x1c3/0x440 [ 155.497304][T13941] __alloc_skb+0x1c3/0x440 [ 155.497319][T13941] ? __pfx___netlink_lookup+0x10/0x10 [ 155.497340][T13941] ? __pfx___alloc_skb+0x10/0x10 [ 155.497355][T13941] ? netlink_autobind+0xd6/0x2f0 [ 155.497372][T13941] ? netlink_autobind+0x2b0/0x2f0 [ 155.497391][T13941] netlink_sendmsg+0x638/0xcb0 [ 155.497414][T13941] ? __pfx_netlink_sendmsg+0x10/0x10 [ 155.497433][T13941] ? aa_sock_msg_perm+0x91/0x160 [ 155.497452][T13941] ? __pfx_netlink_sendmsg+0x10/0x10 [ 155.497469][T13941] __sock_sendmsg+0x221/0x270 [ 155.497490][T13941] ____sys_sendmsg+0x52a/0x7e0 [ 155.497511][T13941] ? __pfx_____sys_sendmsg+0x10/0x10 [ 155.497527][T13941] ? __fget_files+0x2a/0x410 [ 155.497548][T13941] ? __fget_files+0x2a/0x410 [ 155.497572][T13941] __sys_sendmsg+0x269/0x350 [ 155.497588][T13941] ? bpf_lsm_file_permission+0x9/0x10 [ 155.497605][T13941] ? __pfx___sys_sendmsg+0x10/0x10 [ 155.497628][T13941] ? do_sys_openat2+0x17a/0x1d0 [ 155.497661][T13941] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 155.497681][T13941] ? rcu_is_watching+0x15/0xb0 [ 155.497704][T13941] ? rcu_is_watching+0x15/0xb0 [ 155.497725][T13941] do_syscall_64+0xf3/0x230 [ 155.497741][T13941] ? clear_bhb_loop+0x35/0x90 [ 155.497759][T13941] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 155.497776][T13941] RIP: 0033:0x7f83fbd8cd29 [ 155.497790][T13941] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 155.497803][T13941] RSP: 002b:00007f83fcb82038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 155.497821][T13941] RAX: ffffffffffffffda RBX: 00007f83fbfa5fa0 RCX: 00007f83fbd8cd29 [ 155.497833][T13941] RDX: 0000000000040000 RSI: 00000000200002c0 RDI: 0000000000000003 [ 155.497844][T13941] RBP: 00007f83fcb82090 R08: 0000000000000000 R09: 0000000000000000 [ 155.497855][T13941] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 155.497864][T13941] R13: 0000000000000000 R14: 00007f83fbfa5fa0 R15: 00007fff1a1e39c8 [ 155.497883][T13941] [ 155.527713][T13944] FAULT_INJECTION: forcing a failure. [ 155.527713][T13944] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 155.588492][T13720] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 155.676296][T13944] CPU: 1 UID: 0 PID: 13944 Comm: syz.2.2241 Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 155.676320][T13944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 155.676331][T13944] Call Trace: [ 155.676342][T13944] [ 155.676349][T13944] dump_stack_lvl+0x241/0x360 [ 155.676375][T13944] ? __pfx_dump_stack_lvl+0x10/0x10 [ 155.676395][T13944] ? __pfx__printk+0x10/0x10 [ 155.676415][T13944] ? __pfx_lock_release+0x10/0x10 [ 155.676437][T13944] should_fail_ex+0x3b0/0x4e0 [ 155.676456][T13944] _copy_from_iter+0x424/0x1c20 [ 155.676473][T13944] ? kmem_cache_alloc_node_noprof+0x22c/0x380 [ 155.676500][T13944] ? __pfx__copy_from_iter+0x10/0x10 [ 155.676519][T13944] ? __virt_addr_valid+0x183/0x530 [ 155.676538][T13944] ? __virt_addr_valid+0x183/0x530 [ 155.676555][T13944] ? __virt_addr_valid+0x45f/0x530 [ 155.676573][T13944] ? __phys_addr_symbol+0x2f/0x70 [ 155.676591][T13944] ? __check_object_size+0x47a/0x730 [ 155.676613][T13944] netlink_sendmsg+0x73d/0xcb0 [ 155.676636][T13944] ? __pfx_netlink_sendmsg+0x10/0x10 [ 155.676654][T13944] ? aa_sock_msg_perm+0x91/0x160 [ 155.676673][T13944] ? __pfx_netlink_sendmsg+0x10/0x10 [ 155.676690][T13944] __sock_sendmsg+0x221/0x270 [ 155.676711][T13944] ____sys_sendmsg+0x52a/0x7e0 [ 155.676731][T13944] ? __pfx_____sys_sendmsg+0x10/0x10 [ 155.676748][T13944] ? __fget_files+0x2a/0x410 [ 155.676770][T13944] ? __fget_files+0x2a/0x410 [ 155.676793][T13944] __sys_sendmsg+0x269/0x350 [ 155.676809][T13944] ? bpf_lsm_file_permission+0x9/0x10 [ 155.676826][T13944] ? __pfx___sys_sendmsg+0x10/0x10 [ 155.676847][T13944] ? do_sys_openat2+0x17a/0x1d0 [ 155.676878][T13944] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 155.676897][T13944] ? rcu_is_watching+0x15/0xb0 [ 155.676918][T13944] ? rcu_is_watching+0x15/0xb0 [ 155.676939][T13944] do_syscall_64+0xf3/0x230 [ 155.676954][T13944] ? clear_bhb_loop+0x35/0x90 [ 155.676972][T13944] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 155.676988][T13944] RIP: 0033:0x7f3bbc38cd29 [ 155.677002][T13944] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 155.677015][T13944] RSP: 002b:00007f3bbd251038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 155.677032][T13944] RAX: ffffffffffffffda RBX: 00007f3bbc5a5fa0 RCX: 00007f3bbc38cd29 [ 155.677044][T13944] RDX: 0000000000000000 RSI: 0000000020000d40 RDI: 0000000000000004 [ 155.677053][T13944] RBP: 00007f3bbd251090 R08: 0000000000000000 R09: 0000000000000000 [ 155.677063][T13944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 155.677073][T13944] R13: 0000000000000000 R14: 00007f3bbc5a5fa0 R15: 00007fffc87ec908 [ 155.677091][T13944] [ 155.799679][T13947] netlink: 256 bytes leftover after parsing attributes in process `syz.1.2242'. [ 155.830861][T13953] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2243'. [ 155.842212][T13720] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 156.127023][T13720] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 156.188423][T13958] No such timeout policy "syz0" [ 156.199603][ T64] hsr_slave_0: left promiscuous mode [ 156.216900][ T64] hsr_slave_1: left promiscuous mode [ 156.227896][ T64] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 156.238026][ T64] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 156.247433][ T64] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 156.255372][ T64] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 156.264002][ T5832] Bluetooth: hci4: command tx timeout [ 156.269792][ T64] veth1_macvtap: left promiscuous mode [ 156.275939][ T64] veth0_macvtap: left promiscuous mode [ 156.281510][ T64] veth1_vlan: left promiscuous mode [ 156.289262][ T64] veth0_vlan: left promiscuous mode [ 156.378360][ T64] team0 (unregistering): Port device team_slave_1 removed [ 156.389690][ T64] team0 (unregistering): Port device team_slave_0 removed [ 156.404109][T13974] netlink: 'syz.1.2248': attribute type 39 has an invalid length. [ 156.412541][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 156.619527][T13720] 8021q: adding VLAN 0 to HW filter on device bond0 [ 156.641854][T13720] 8021q: adding VLAN 0 to HW filter on device team0 [ 156.661931][ T61] bridge0: port 1(bridge_slave_0) entered blocking state [ 156.669052][ T61] bridge0: port 1(bridge_slave_0) entered forwarding state [ 156.716480][ T61] bridge0: port 2(bridge_slave_1) entered blocking state [ 156.723696][ T61] bridge0: port 2(bridge_slave_1) entered forwarding state [ 156.800192][T13997] Timeout policy `syz0' can only be used by L3 protocol number 34984 [ 156.925525][T14010] netlink: 'syz.1.2261': attribute type 39 has an invalid length. [ 156.968490][T14016] FAULT_INJECTION: forcing a failure. [ 156.968490][T14016] name failslab, interval 1, probability 0, space 0, times 0 [ 156.981148][T14016] CPU: 1 UID: 0 PID: 14016 Comm: syz.2.2262 Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 156.981169][T14016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 156.981178][T14016] Call Trace: [ 156.981185][T14016] [ 156.981192][T14016] dump_stack_lvl+0x241/0x360 [ 156.981219][T14016] ? __pfx_dump_stack_lvl+0x10/0x10 [ 156.981239][T14016] ? __pfx__printk+0x10/0x10 [ 156.981266][T14016] ? rcu_is_watching+0x15/0xb0 [ 156.981287][T14016] ? lock_acquire+0xe3/0x550 [ 156.981305][T14016] ? unwind_next_frame+0x18e6/0x22d0 [ 156.981323][T14016] ? deref_stack_reg+0x17c/0x210 [ 156.981341][T14016] should_fail_ex+0x3b0/0x4e0 [ 156.981358][T14016] should_failslab+0xac/0x100 [ 156.981379][T14016] ? skb_clone+0x20c/0x390 [ 156.981396][T14016] kmem_cache_alloc_noprof+0x70/0x380 [ 156.981419][T14016] skb_clone+0x20c/0x390 [ 156.981436][T14016] ? dev_queue_xmit_nit+0x3fe/0xca0 [ 156.981452][T14016] dev_queue_xmit_nit+0x249/0xca0 [ 156.981468][T14016] ? dev_queue_xmit_nit+0x2b/0xca0 [ 156.981483][T14016] ? validate_xmit_skb+0x9b8/0xff0 [ 156.981502][T14016] dev_hard_start_xmit+0x15f/0x7d0 [ 156.981520][T14016] ? __pfx_validate_xmit_skb+0x10/0x10 [ 156.981542][T14016] __dev_queue_xmit+0x1b73/0x3f50 [ 156.981560][T14016] ? kasan_save_track+0x51/0x80 [ 156.981579][T14016] ? ____sys_sendmsg+0x52a/0x7e0 [ 156.981600][T14016] ? __dev_queue_xmit+0x2f4/0x3f50 [ 156.981619][T14016] ? __pfx___dev_queue_xmit+0x10/0x10 [ 156.981644][T14016] ? __copy_skb_header+0x437/0x5b0 [ 156.981662][T14016] ? __asan_memcpy+0x40/0x70 [ 156.981685][T14016] ? skb_clone+0x240/0x390 [ 156.981704][T14016] __netlink_deliver_tap+0x56b/0x7f0 [ 156.981727][T14016] ? netlink_deliver_tap+0x2e/0x1b0 [ 156.981744][T14016] netlink_deliver_tap+0x19d/0x1b0 [ 156.981762][T14016] netlink_unicast+0x7c4/0x990 [ 156.981781][T14016] ? __pfx_netlink_unicast+0x10/0x10 [ 156.981796][T14016] ? __virt_addr_valid+0x45f/0x530 [ 156.981815][T14016] ? __phys_addr_symbol+0x2f/0x70 [ 156.981833][T14016] ? __check_object_size+0x47a/0x730 [ 156.981855][T14016] netlink_sendmsg+0x8e4/0xcb0 [ 156.981878][T14016] ? __pfx_netlink_sendmsg+0x10/0x10 [ 156.981897][T14016] ? aa_sock_msg_perm+0x91/0x160 [ 156.981917][T14016] ? __pfx_netlink_sendmsg+0x10/0x10 [ 156.981933][T14016] __sock_sendmsg+0x221/0x270 [ 156.981955][T14016] ____sys_sendmsg+0x52a/0x7e0 [ 156.981976][T14016] ? __pfx_____sys_sendmsg+0x10/0x10 [ 156.981993][T14016] ? __fget_files+0x2a/0x410 [ 156.982015][T14016] ? __fget_files+0x2a/0x410 [ 156.982039][T14016] __sys_sendmsg+0x269/0x350 [ 156.982056][T14016] ? bpf_lsm_file_permission+0x9/0x10 [ 156.982073][T14016] ? __pfx___sys_sendmsg+0x10/0x10 [ 156.982096][T14016] ? do_sys_openat2+0x17a/0x1d0 [ 156.982127][T14016] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 156.982147][T14016] ? rcu_is_watching+0x15/0xb0 [ 156.982169][T14016] ? rcu_is_watching+0x15/0xb0 [ 156.982191][T14016] do_syscall_64+0xf3/0x230 [ 156.982207][T14016] ? clear_bhb_loop+0x35/0x90 [ 156.982226][T14016] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 156.982243][T14016] RIP: 0033:0x7f3bbc38cd29 [ 156.982263][T14016] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 156.982277][T14016] RSP: 002b:00007f3bbd251038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 156.982295][T14016] RAX: ffffffffffffffda RBX: 00007f3bbc5a5fa0 RCX: 00007f3bbc38cd29 [ 156.982307][T14016] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000004 [ 156.982318][T14016] RBP: 00007f3bbd251090 R08: 0000000000000000 R09: 0000000000000000 [ 156.982328][T14016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 156.982339][T14016] R13: 0000000000000000 R14: 00007f3bbc5a5fa0 R15: 00007fffc87ec908 [ 156.982358][T14016] [ 157.435011][T13720] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 157.452523][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 157.471852][T13720] veth0_vlan: entered promiscuous mode [ 157.483186][T13720] veth1_vlan: entered promiscuous mode [ 157.499950][T13720] veth0_macvtap: entered promiscuous mode [ 157.509646][T13720] veth1_macvtap: entered promiscuous mode [ 157.522954][T13720] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 157.532313][T13720] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 157.541577][T13720] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.550311][T13720] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.559527][T13720] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.568770][T13720] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.683752][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 157.691575][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 157.795885][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 157.809046][T14054] netlink: 'syz.2.2278': attribute type 1 has an invalid length. [ 157.817309][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 158.201193][T14098] FAULT_INJECTION: forcing a failure. [ 158.201193][T14098] name failslab, interval 1, probability 0, space 0, times 0 [ 158.218164][T14098] CPU: 0 UID: 0 PID: 14098 Comm: syz.4.2287 Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 158.218186][T14098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 158.218196][T14098] Call Trace: [ 158.218202][T14098] [ 158.218208][T14098] dump_stack_lvl+0x241/0x360 [ 158.218234][T14098] ? __pfx_dump_stack_lvl+0x10/0x10 [ 158.218255][T14098] ? __pfx__printk+0x10/0x10 [ 158.218276][T14098] ? __pfx___might_resched+0x10/0x10 [ 158.218293][T14098] ? mas_wr_walk_descend+0x566/0x840 [ 158.218315][T14098] should_fail_ex+0x3b0/0x4e0 [ 158.218333][T14098] should_failslab+0xac/0x100 [ 158.218354][T14098] ? mas_alloc_nodes+0x25b/0x7e0 [ 158.218373][T14098] kmem_cache_alloc_noprof+0x70/0x380 [ 158.218397][T14098] mas_alloc_nodes+0x25b/0x7e0 [ 158.218421][T14098] mas_preallocate+0x575/0x8d0 [ 158.218444][T14098] ? __pfx_mas_preallocate+0x10/0x10 [ 158.218468][T14098] ? __mas_set_range+0x133/0x3c0 [ 158.218492][T14098] __split_vma+0x302/0xc50 [ 158.218512][T14098] ? __pfx_lock_release+0x10/0x10 [ 158.218536][T14098] ? __pfx___split_vma+0x10/0x10 [ 158.218563][T14098] vms_gather_munmap_vmas+0x2e6/0x1600 [ 158.218586][T14098] ? process_measurement+0x1aea/0x1fb0 [ 158.218607][T14098] ? mtree_range_walk+0x6fd/0x8e0 [ 158.218628][T14098] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 158.218653][T14098] ? mas_find+0x8c0/0xbb0 [ 158.218676][T14098] __mmap_region+0x7c4/0x2d30 [ 158.218701][T14098] ? rcu_is_watching+0x15/0xb0 [ 158.218724][T14098] ? deref_stack_reg+0x17c/0x210 [ 158.218745][T14098] ? __pfx___mmap_region+0x10/0x10 [ 158.218768][T14098] ? 0xffffffffa000094c [ 158.218797][T14098] ? rcu_is_watching+0x15/0xb0 [ 158.218817][T14098] ? lock_release+0xbf/0xa30 [ 158.218837][T14098] ? __pfx_lock_acquire+0x10/0x10 [ 158.218855][T14098] ? get_pid_task+0x23/0x1f0 [ 158.218876][T14098] ? arch_get_unmapped_area_topdown+0x28e/0xc50 [ 158.218899][T14098] ? __pfx_lock_release+0x10/0x10 [ 158.218917][T14098] ? __pfx_arch_get_unmapped_area_topdown+0x10/0x10 [ 158.218938][T14098] ? lock_acquire+0xe3/0x550 [ 158.218956][T14098] ? cap_mmap_addr+0x163/0x2c0 [ 158.218973][T14098] mmap_region+0x226/0x2c0 [ 158.218992][T14098] do_mmap+0x97a/0x10d0 [ 158.219012][T14098] ? __pfx_do_mmap+0x10/0x10 [ 158.219027][T14098] ? __pfx_down_write_killable+0x10/0x10 [ 158.219043][T14098] ? common_file_perm+0x1a6/0x210 [ 158.219063][T14098] vm_mmap_pgoff+0x214/0x430 [ 158.219085][T14098] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 158.219101][T14098] ? __fget_files+0x2a/0x410 [ 158.219131][T14098] ? __fget_files+0x395/0x410 [ 158.219150][T14098] ? __fget_files+0x2a/0x410 [ 158.219172][T14098] ksys_mmap_pgoff+0x4eb/0x720 [ 158.219188][T14098] ? __x64_sys_mmap+0x7f/0x140 [ 158.219207][T14098] do_syscall_64+0xf3/0x230 [ 158.219222][T14098] ? clear_bhb_loop+0x35/0x90 [ 158.219242][T14098] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 158.219259][T14098] RIP: 0033:0x7faf4598cd29 [ 158.219272][T14098] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 158.219285][T14098] RSP: 002b:00007faf46750038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 158.219304][T14098] RAX: ffffffffffffffda RBX: 00007faf45ba5fa0 RCX: 00007faf4598cd29 [ 158.219316][T14098] RDX: 0000000000000002 RSI: 0000000000c00000 RDI: 0000000020001000 [ 158.219326][T14098] RBP: 00007faf46750090 R08: 0000000000000004 R09: 0000000000020000 [ 158.219337][T14098] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000001 [ 158.219347][T14098] R13: 0000000000000000 R14: 00007faf45ba5fa0 R15: 00007fff74431418 [ 158.219365][T14098] [ 158.532537][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 158.756789][T14137] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 158.832156][T14137] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 158.938547][T14143] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 158.950929][T14137] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 158.977837][T14170] FAULT_INJECTION: forcing a failure. [ 158.977837][T14170] name failslab, interval 1, probability 0, space 0, times 0 [ 158.990965][T14170] CPU: 1 UID: 0 PID: 14170 Comm: syz.4.2311 Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 158.990986][T14170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 158.990996][T14170] Call Trace: [ 158.991002][T14170] [ 158.991009][T14170] dump_stack_lvl+0x241/0x360 [ 158.991033][T14170] ? __pfx_dump_stack_lvl+0x10/0x10 [ 158.991046][T14170] ? __pfx__printk+0x10/0x10 [ 158.991061][T14170] ? __pfx___might_resched+0x10/0x10 [ 158.991072][T14170] ? aa_get_newest_label+0xff/0x6f0 [ 158.991083][T14170] ? stack_trace_save+0x118/0x1d0 [ 158.991093][T14170] should_fail_ex+0x3b0/0x4e0 [ 158.991103][T14170] should_failslab+0xac/0x100 [ 158.991116][T14170] __kmalloc_noprof+0xdd/0x4c0 [ 158.991131][T14170] ? genl_family_rcv_msg_attrs_parse+0xa3/0x290 [ 158.991144][T14170] ? apparmor_capable+0x13b/0x1b0 [ 158.991157][T14170] genl_family_rcv_msg_attrs_parse+0xa3/0x290 [ 158.991172][T14170] genl_rcv_msg+0x802/0xec0 [ 158.991186][T14170] ? __pfx_genl_rcv_msg+0x10/0x10 [ 158.991197][T14170] ? stack_trace_save+0x118/0x1d0 [ 158.991207][T14170] ? __pfx_stack_trace_save+0x10/0x10 [ 158.991216][T14170] ? stack_depot_save_flags+0x37/0x940 [ 158.991227][T14170] ? rcu_is_watching+0x15/0xb0 [ 158.991240][T14170] ? lock_acquire+0xe3/0x550 [ 158.991253][T14170] ? __pfx_lock_acquire+0x10/0x10 [ 158.991264][T14170] ? __pfx_netlbl_unlabel_staticadddef+0x10/0x10 [ 158.991277][T14170] ? __pfx___might_resched+0x10/0x10 [ 158.991286][T14170] ? rcu_is_watching+0x15/0xb0 [ 158.991299][T14170] ? lock_acquire+0xe3/0x550 [ 158.991311][T14170] netlink_rcv_skb+0x1e3/0x430 [ 158.991321][T14170] ? __pfx_genl_rcv_msg+0x10/0x10 [ 158.991333][T14170] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 158.991342][T14170] ? lock_release+0xbf/0xa30 [ 158.991356][T14170] ? __pfx___netlink_lookup+0x10/0x10 [ 158.991368][T14170] ? net_generic+0x1f/0x240 [ 158.991382][T14170] genl_rcv+0x28/0x40 [ 158.991393][T14170] netlink_unicast+0x7f6/0x990 [ 158.991404][T14170] ? __pfx_netlink_unicast+0x10/0x10 [ 158.991412][T14170] ? __virt_addr_valid+0x45f/0x530 [ 158.991424][T14170] ? __phys_addr_symbol+0x2f/0x70 [ 158.991435][T14170] ? __check_object_size+0x47a/0x730 [ 158.991449][T14170] netlink_sendmsg+0x8e4/0xcb0 [ 158.991462][T14170] ? __pfx_netlink_sendmsg+0x10/0x10 [ 158.991473][T14170] ? aa_sock_msg_perm+0x91/0x160 [ 158.991483][T14170] ? __pfx_netlink_sendmsg+0x10/0x10 [ 158.991493][T14170] __sock_sendmsg+0x221/0x270 [ 158.991507][T14170] ____sys_sendmsg+0x52a/0x7e0 [ 158.991519][T14170] ? __pfx_____sys_sendmsg+0x10/0x10 [ 158.991529][T14170] ? __fget_files+0x2a/0x410 [ 158.991546][T14170] ? __fget_files+0x2a/0x410 [ 158.991560][T14170] __sys_sendmsg+0x269/0x350 [ 158.991570][T14170] ? bpf_lsm_file_permission+0x9/0x10 [ 158.991580][T14170] ? __pfx___sys_sendmsg+0x10/0x10 [ 158.991593][T14170] ? do_sys_openat2+0x17a/0x1d0 [ 158.991612][T14170] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 158.991624][T14170] ? rcu_is_watching+0x15/0xb0 [ 158.991638][T14170] ? rcu_is_watching+0x15/0xb0 [ 158.991651][T14170] do_syscall_64+0xf3/0x230 [ 158.991660][T14170] ? clear_bhb_loop+0x35/0x90 [ 158.991672][T14170] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 158.991681][T14170] RIP: 0033:0x7faf4598cd29 [ 158.991690][T14170] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 158.991698][T14170] RSP: 002b:00007faf46750038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 158.991709][T14170] RAX: ffffffffffffffda RBX: 00007faf45ba5fa0 RCX: 00007faf4598cd29 [ 158.991715][T14170] RDX: 0000000000000000 RSI: 0000000020000d40 RDI: 0000000000000004 [ 158.991721][T14170] RBP: 00007faf46750090 R08: 0000000000000000 R09: 0000000000000000 [ 158.991727][T14170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 158.991732][T14170] R13: 0000000000000000 R14: 00007faf45ba5fa0 R15: 00007fff74431418 [ 158.991743][T14170] [ 159.458187][T14174] __nla_validate_parse: 9 callbacks suppressed [ 159.458201][T14174] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2313'. [ 159.613215][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 160.006474][ T11] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.111699][T14203] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2324'. [ 160.652996][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 161.110089][T14212] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2326'. [ 161.201061][T14220] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 161.207546][T14220] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 161.273515][ T5837] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 161.281702][ T5837] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 161.289857][ T5837] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 161.298216][ T5837] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 161.306604][ T5837] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 161.315698][ T5837] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 161.350556][T14235] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 161.357024][T14235] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 161.490517][ T11] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.509884][T14223] chnl_net:caif_netlink_parms(): no params data found [ 161.521319][T14241] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2336'. [ 161.565674][ T11] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.620528][T14223] bridge0: port 1(bridge_slave_0) entered blocking state [ 161.628045][T14223] bridge0: port 1(bridge_slave_0) entered disabled state [ 161.635651][T14223] bridge_slave_0: entered allmulticast mode [ 161.642405][T14223] bridge_slave_0: entered promiscuous mode [ 161.650112][ T11] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.669361][T14223] bridge0: port 2(bridge_slave_1) entered blocking state [ 161.679156][T14223] bridge0: port 2(bridge_slave_1) entered disabled state [ 161.687348][T14223] bridge_slave_1: entered allmulticast mode [ 161.696447][T14223] bridge_slave_1: entered promiscuous mode [ 161.702614][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 161.730739][T14223] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 161.751777][T14223] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 161.787586][T14223] team0: Port device team_slave_0 added [ 161.807367][T14223] team0: Port device team_slave_1 added [ 161.814845][ T11] bridge_slave_1: left allmulticast mode [ 161.820591][ T11] bridge_slave_1: left promiscuous mode [ 161.827284][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 161.835908][ T11] bridge_slave_0: left allmulticast mode [ 161.841560][ T11] bridge_slave_0: left promiscuous mode [ 161.848583][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 161.927388][T14223] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 161.934762][T14223] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 161.961549][T14223] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 161.991516][T14285] FAULT_INJECTION: forcing a failure. [ 161.991516][T14285] name failslab, interval 1, probability 0, space 0, times 0 [ 161.994708][T14278] 8021q: adding VLAN 0 to HW filter on device bond17 [ 162.013564][T14278] bond17: entered promiscuous mode [ 162.018761][T14285] CPU: 1 UID: 0 PID: 14285 Comm: syz.1.2351 Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 162.018784][T14285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 162.018793][T14285] Call Trace: [ 162.018800][T14285] [ 162.018806][T14285] dump_stack_lvl+0x241/0x360 [ 162.018834][T14285] ? __pfx_dump_stack_lvl+0x10/0x10 [ 162.018854][T14285] ? __pfx__printk+0x10/0x10 [ 162.018871][T14285] ? rcu_is_watching+0x15/0xb0 [ 162.018893][T14285] ? lock_acquire+0xe3/0x550 [ 162.018916][T14285] should_fail_ex+0x3b0/0x4e0 [ 162.018934][T14285] should_failslab+0xac/0x100 [ 162.018954][T14285] __kmalloc_cache_noprof+0x70/0x390 [ 162.018975][T14285] ? netlbl_unlhsh_add+0x685/0x1220 [ 162.018995][T14285] netlbl_unlhsh_add+0x685/0x1220 [ 162.019013][T14285] ? netlbl_unlhsh_add+0xd5/0x1220 [ 162.019031][T14285] ? __pfx_netlbl_unlhsh_add+0x10/0x10 [ 162.019053][T14285] netlbl_unlabel_staticadddef+0x59d/0x770 [ 162.019073][T14285] ? __pfx_netlbl_unlabel_staticadddef+0x10/0x10 [ 162.019095][T14285] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 162.019120][T14285] genl_rcv_msg+0xb14/0xec0 [ 162.019144][T14285] ? __pfx_genl_rcv_msg+0x10/0x10 [ 162.019163][T14285] ? stack_trace_save+0x118/0x1d0 [ 162.019179][T14285] ? __pfx_stack_trace_save+0x10/0x10 [ 162.019195][T14285] ? stack_depot_save_flags+0x37/0x940 [ 162.019219][T14285] ? __pfx_lock_acquire+0x10/0x10 [ 162.019236][T14285] ? __pfx_netlbl_unlabel_staticadddef+0x10/0x10 [ 162.019255][T14285] ? __pfx___might_resched+0x10/0x10 [ 162.019271][T14285] ? rcu_is_watching+0x15/0xb0 [ 162.019290][T14285] ? lock_acquire+0xe3/0x550 [ 162.019310][T14285] netlink_rcv_skb+0x1e3/0x430 [ 162.019326][T14285] ? __pfx_genl_rcv_msg+0x10/0x10 [ 162.019345][T14285] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 162.019361][T14285] ? lock_release+0xbf/0xa30 [ 162.019382][T14285] ? __pfx___netlink_lookup+0x10/0x10 [ 162.019402][T14285] ? net_generic+0x1f/0x240 [ 162.019424][T14285] genl_rcv+0x28/0x40 [ 162.019442][T14285] netlink_unicast+0x7f6/0x990 [ 162.019459][T14285] ? __pfx_netlink_unicast+0x10/0x10 [ 162.019473][T14285] ? __virt_addr_valid+0x45f/0x530 [ 162.019492][T14285] ? __phys_addr_symbol+0x2f/0x70 [ 162.019510][T14285] ? __check_object_size+0x47a/0x730 [ 162.019538][T14285] netlink_sendmsg+0x8e4/0xcb0 [ 162.019560][T14285] ? __pfx_netlink_sendmsg+0x10/0x10 [ 162.019578][T14285] ? aa_sock_msg_perm+0x91/0x160 [ 162.019597][T14285] ? __pfx_netlink_sendmsg+0x10/0x10 [ 162.019613][T14285] __sock_sendmsg+0x221/0x270 [ 162.019634][T14285] ____sys_sendmsg+0x52a/0x7e0 [ 162.019655][T14285] ? __pfx_____sys_sendmsg+0x10/0x10 [ 162.019671][T14285] ? __fget_files+0x2a/0x410 [ 162.019691][T14285] ? __fget_files+0x2a/0x410 [ 162.019714][T14285] __sys_sendmsg+0x269/0x350 [ 162.019730][T14285] ? bpf_lsm_file_permission+0x9/0x10 [ 162.019747][T14285] ? __pfx___sys_sendmsg+0x10/0x10 [ 162.019773][T14285] ? do_sys_openat2+0x17a/0x1d0 [ 162.019803][T14285] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 162.019821][T14285] ? rcu_is_watching+0x15/0xb0 [ 162.019842][T14285] ? rcu_is_watching+0x15/0xb0 [ 162.019863][T14285] do_syscall_64+0xf3/0x230 [ 162.019878][T14285] ? clear_bhb_loop+0x35/0x90 [ 162.019895][T14285] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 162.019912][T14285] RIP: 0033:0x7f83fbd8cd29 [ 162.019926][T14285] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 162.019940][T14285] RSP: 002b:00007f83fcb82038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 162.019958][T14285] RAX: ffffffffffffffda RBX: 00007f83fbfa5fa0 RCX: 00007f83fbd8cd29 [ 162.019969][T14285] RDX: 0000000000000000 RSI: 0000000020000d40 RDI: 0000000000000004 [ 162.019979][T14285] RBP: 00007f83fcb82090 R08: 0000000000000000 R09: 0000000000000000 [ 162.019988][T14285] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 162.019998][T14285] R13: 0000000000000000 R14: 00007f83fbfa5fa0 R15: 00007fff1a1e39c8 [ 162.020015][T14285] [ 162.196765][T14290] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2352'. [ 162.200089][T14278] bond17: entered allmulticast mode [ 162.437241][T14278] bond0: (slave bond17): Enslaving as an active interface with an up link [ 162.515806][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 162.530831][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 162.541684][ T11] bond0 (unregistering): Released all slaves [ 162.550820][T14223] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 162.558762][T14223] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 162.588095][T14223] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 162.730150][T14223] hsr_slave_0: entered promiscuous mode [ 162.742562][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 162.755712][T14223] hsr_slave_1: entered promiscuous mode [ 162.820233][T14311] xt_cluster: you have exceeded the maximum number of cluster nodes (768 > 32) [ 163.374215][ T5832] Bluetooth: hci4: command tx timeout [ 163.772659][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 164.812551][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 165.453114][ T5832] Bluetooth: hci4: command tx timeout [ 165.862648][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 166.892540][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 167.533077][ T5832] Bluetooth: hci4: command tx timeout [ 167.932622][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 168.972550][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 169.613039][ T5832] Bluetooth: hci4: command tx timeout [ 170.012630][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 171.062541][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 172.092644][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 173.132561][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 174.182620][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 175.212596][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 176.013107][ T54] Bluetooth: hci2: command 0x0406 tx timeout [ 176.014913][ T5842] Bluetooth: hci1: command 0x0406 tx timeout [ 176.252621][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 177.292542][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 178.233104][ T5832] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 178.243922][ T5832] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 178.251504][ T5832] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 178.259730][ T5832] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 178.266676][ T54] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 178.267053][ T54] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 178.267246][ T54] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 178.291709][ T54] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 178.303916][ T5843] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 178.310978][ T54] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 178.311344][ T5843] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 178.326131][ T5843] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 178.333224][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 178.341091][ T5843] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 178.350259][ T5843] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 178.358396][ T5843] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 178.365229][ T5847] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 178.367241][ T5843] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 178.373556][ T5847] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 178.380738][ T5843] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 178.391844][ T5847] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 178.402010][ T5847] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 178.403481][ T5843] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 178.413862][ T5847] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 178.427594][ T5847] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 179.372580][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 180.412701][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 180.419987][ T5847] Bluetooth: hci5: command tx timeout [ 180.493277][ T5847] Bluetooth: hci8: command tx timeout [ 180.493343][ T54] Bluetooth: hci7: command tx timeout [ 180.498665][ T5843] Bluetooth: hci6: command tx timeout [ 181.452537][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 182.492631][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 182.499692][ T5847] Bluetooth: hci5: command tx timeout [ 182.572935][ T5843] Bluetooth: hci8: command tx timeout [ 182.573132][ T54] Bluetooth: hci6: command tx timeout [ 182.578388][ T5847] Bluetooth: hci7: command tx timeout [ 183.533101][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 184.572694][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 184.580067][ T5847] Bluetooth: hci5: command tx timeout [ 184.653223][ T5847] Bluetooth: hci6: command tx timeout [ 184.653235][ T54] Bluetooth: hci7: command tx timeout [ 184.653260][ T54] Bluetooth: hci8: command tx timeout [ 185.612560][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 186.652668][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 186.659708][ T54] Bluetooth: hci5: command tx timeout [ 186.733542][ T54] Bluetooth: hci6: command tx timeout [ 186.733557][ T5843] Bluetooth: hci7: command tx timeout [ 186.733580][ T5843] Bluetooth: hci8: command tx timeout [ 187.692552][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 188.732607][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 189.772540][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 190.812631][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 191.852577][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 192.892642][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 193.933013][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 194.416363][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.982629][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 196.012551][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 197.052610][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 198.092553][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 199.132619][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 200.172591][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 201.212612][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 202.252543][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 203.292679][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 204.332560][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 205.372635][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 206.412545][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 207.452670][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 208.492590][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 209.532628][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 210.572608][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 211.612616][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 212.652539][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 213.692663][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 214.732536][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 215.772654][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 216.812645][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 217.852628][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 218.892583][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 219.932612][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 220.972582][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 222.012658][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 222.825534][ T5847] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 222.833070][ T5847] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 222.840291][ T5847] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 222.848628][ T5847] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 222.856731][ T5847] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 222.864467][ T5847] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 223.052573][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 224.092615][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 224.893060][ T5843] Bluetooth: hci9: command tx timeout [ 225.132726][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 226.182664][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 226.973073][ T5843] Bluetooth: hci9: command tx timeout [ 227.212608][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 228.262657][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 229.053056][ T5843] Bluetooth: hci9: command tx timeout [ 229.292730][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 230.332623][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 231.133029][ T5843] Bluetooth: hci9: command tx timeout [ 231.372557][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 232.412661][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 233.452612][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 234.493149][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 235.532534][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 236.572660][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 237.612549][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 238.652672][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 239.003960][ T5847] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 239.011926][ T5847] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 239.020093][ T5847] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 239.034192][ T5847] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 239.041615][ T5847] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 239.049572][ T5847] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 239.057406][ T5847] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 239.066699][ T5843] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 239.075230][ T5843] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 239.086771][ T5843] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 239.095915][ T5843] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3 [ 239.103671][ T5843] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 239.122410][ T54] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 239.128038][ T5832] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 239.130402][ T54] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 239.139328][ T5832] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 239.145196][ T54] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 239.152451][ T5832] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 239.160420][ T54] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 239.168199][ T5832] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 239.174672][ T54] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3 [ 239.188967][ T54] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 239.189964][ T5832] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3 [ 239.205142][ T5832] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 239.692548][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 240.732690][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 241.133214][ T5847] Bluetooth: hci11: command tx timeout [ 241.133260][ T5832] Bluetooth: hci10: command tx timeout [ 241.212853][ T5832] Bluetooth: hci12: command tx timeout [ 241.293123][ T5832] Bluetooth: hci13: command tx timeout [ 241.772539][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 242.812624][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 243.212801][ T5832] Bluetooth: hci11: command tx timeout [ 243.213759][ T5847] Bluetooth: hci10: command tx timeout [ 243.293079][ T5847] Bluetooth: hci12: command tx timeout [ 243.373230][ T5847] Bluetooth: hci13: command tx timeout [ 243.852532][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 244.902608][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 245.293219][ T5847] Bluetooth: hci10: command tx timeout [ 245.293260][ T5832] Bluetooth: hci11: command tx timeout [ 245.373104][ T5832] Bluetooth: hci12: command tx timeout [ 245.452587][ T5832] Bluetooth: hci13: command tx timeout [ 245.932533][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 246.972691][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 247.373697][ T5832] Bluetooth: hci10: command tx timeout [ 247.373756][ T5847] Bluetooth: hci11: command tx timeout [ 247.452641][ T5847] Bluetooth: hci12: command tx timeout [ 247.533177][ T5847] Bluetooth: hci13: command tx timeout [ 248.012605][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 249.052655][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 250.092576][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 251.132675][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 252.172588][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 253.212625][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 254.252536][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 255.292649][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 255.855020][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.332594][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 257.372617][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 258.412563][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 259.452631][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 260.492566][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 261.532654][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 262.572533][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 263.612680][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 264.653233][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 265.692647][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 266.732536][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 267.772623][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 268.812571][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 269.852655][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 270.892546][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 271.932611][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 272.972554][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 274.012617][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 275.052584][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 276.092618][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 277.132607][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 278.172657][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 279.212545][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 280.252633][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 281.292599][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 282.332677][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 283.372571][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 283.533438][ T5843] Bluetooth: hci3: command 0x0406 tx timeout [ 283.533553][ T54] Bluetooth: hci4: command 0x0406 tx timeout [ 284.422608][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 284.477656][ T5847] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 284.485313][ T5847] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 284.493702][ T5847] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 284.501400][ T5847] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 284.509351][ T5847] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3 [ 284.516991][ T5847] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 285.452535][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 286.492638][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 286.575104][ T5847] Bluetooth: hci14: command tx timeout [ 287.532535][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 288.572643][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 288.652581][ T5847] Bluetooth: hci14: command tx timeout [ 289.612756][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 290.652623][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 290.733224][ T5847] Bluetooth: hci14: command tx timeout [ 291.693774][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 292.732637][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 292.812764][ T5847] Bluetooth: hci14: command tx timeout [ 293.772620][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 294.812634][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 295.852541][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 296.892677][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 297.932603][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 298.972695][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 299.565049][ T5832] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 299.572348][ T5832] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 299.580402][ T5832] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 299.588586][ T5832] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 299.598773][ T5843] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3 [ 299.606696][ T5843] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2 [ 299.645408][ T5847] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1 [ 299.653440][ T5847] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9 [ 299.660745][ T5847] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9 [ 299.669218][ T5847] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4 [ 299.676838][ T5847] Bluetooth: hci16: unexpected cc 0x0c25 length: 249 > 3 [ 299.685943][ T5847] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2 [ 299.703032][ T5847] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1 [ 299.711672][ T5847] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9 [ 299.720121][ T5832] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9 [ 299.721126][ T5843] Bluetooth: hci18: unexpected cc 0x0c03 length: 249 > 1 [ 299.730081][ T5832] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4 [ 299.736197][ T5843] Bluetooth: hci18: unexpected cc 0x1003 length: 249 > 9 [ 299.744391][ T5832] Bluetooth: hci17: unexpected cc 0x0c25 length: 249 > 3 [ 299.750492][ T5843] Bluetooth: hci18: unexpected cc 0x1001 length: 249 > 9 [ 299.757816][ T5832] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2 [ 299.765904][ T5843] Bluetooth: hci18: unexpected cc 0x0c23 length: 249 > 4 [ 299.781163][ T5843] Bluetooth: hci18: unexpected cc 0x0c25 length: 249 > 3 [ 299.789192][ T5843] Bluetooth: hci18: unexpected cc 0x0c38 length: 249 > 2 [ 300.012532][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 301.052627][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 301.692846][ T5847] Bluetooth: hci15: command tx timeout [ 301.773074][ T5847] Bluetooth: hci16: command tx timeout [ 301.852560][ T5847] Bluetooth: hci18: command tx timeout [ 301.853041][ T5843] Bluetooth: hci17: command tx timeout [ 302.102530][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 303.142606][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 303.772809][ T5842] Bluetooth: hci15: command tx timeout [ 303.853099][ T5842] Bluetooth: hci16: command tx timeout [ 303.932922][ T5842] Bluetooth: hci17: command tx timeout [ 303.932928][ T5837] Bluetooth: hci18: command tx timeout [ 304.013078][ T5842] Bluetooth: hci5: command 0x0406 tx timeout [ 304.013437][ T5837] Bluetooth: hci6: command 0x0406 tx timeout [ 304.019086][ T5844] Bluetooth: hci8: command 0x0406 tx timeout [ 304.025566][ T5146] Bluetooth: hci7: command 0x0406 tx timeout [ 304.172538][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 305.212624][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 305.853199][ T54] Bluetooth: hci15: command tx timeout [ 305.942853][ T54] Bluetooth: hci16: command tx timeout [ 306.013184][ T54] Bluetooth: hci18: command tx timeout [ 306.013918][ T5843] Bluetooth: hci17: command tx timeout [ 306.252537][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 307.292622][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 307.932650][ T5843] Bluetooth: hci15: command tx timeout [ 308.013097][ T5843] Bluetooth: hci16: command tx timeout [ 308.093110][ T5843] Bluetooth: hci17: command tx timeout [ 308.093184][ T54] Bluetooth: hci18: command tx timeout [ 308.342583][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 309.372616][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 310.412539][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 311.452611][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 312.492588][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 313.532626][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 314.572541][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 315.373122][ T30] INFO: task kworker/u8:0:11 blocked for more than 143 seconds. [ 315.380809][ T30] Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 315.388615][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 315.397546][ T30] task:kworker/u8:0 state:D stack:22096 pid:11 tgid:11 ppid:2 flags:0x00004000 [ 315.408170][ T30] Workqueue: netns cleanup_net [ 315.413538][ T30] Call Trace: [ 315.416820][ T30] SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 315.419735][ T30] __schedule+0x186c/0x4be0 [ 315.424730][ T30] ? schedule+0x90/0x320 [ 315.428996][ T30] ? schedule+0x90/0x320 [ 315.434179][ T30] ? __pfx___schedule+0x10/0x10 [ 315.439351][ T30] ? __pfx_lock_release+0x10/0x10 [ 315.474653][ T30] ? rcu_is_watching+0x15/0xb0 [ 315.479453][ T30] ? kthread_data+0x52/0xd0 [ 315.484274][ T30] ? schedule+0x90/0x320 [ 315.488531][ T30] ? wq_worker_sleeping+0x66/0x240 [ 315.494043][ T30] ? schedule+0x90/0x320 [ 315.498280][ T30] schedule+0x14b/0x320 [ 315.502420][ T30] schedule_preempt_disabled+0x13/0x30 [ 315.508393][ T30] __mutex_lock+0x817/0x1010 [ 315.513557][ T30] ? __mutex_lock+0x602/0x1010 [ 315.518375][ T30] ? unregister_netdevice_many_notify+0xac2/0x2030 [ 315.525213][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 315.530234][ T30] ? __pfx___might_resched+0x10/0x10 [ 315.535909][ T30] ? unregister_netdevice_many_notify+0x9fa/0x2030 [ 315.542413][ T30] ? rcu_is_watching+0x15/0xb0 [ 315.547554][ T30] ? unregister_netdevice_many_notify+0x9fa/0x2030 [ 315.554408][ T30] unregister_netdevice_many_notify+0xac2/0x2030 [ 315.560726][ T30] ? rcu_is_watching+0x15/0xb0 [ 315.565882][ T30] ? lock_release+0xbf/0xa30 [ 315.570464][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 315.577171][ T30] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 315.584123][ T30] ? rcu_is_watching+0x15/0xb0 [ 315.588903][ T30] ? __pfx_lock_release+0x10/0x10 [ 315.593965][ T30] unregister_netdevice_queue+0x303/0x370 [ 315.599683][ T30] ? __pfx_up_write+0x10/0x10 [ 315.604414][ T30] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 315.610658][ T30] ? kernfs_remove_by_name_ns+0x11b/0x160 [ 315.616562][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 315.624645][ T30] _cfg80211_unregister_wdev+0x163/0x590 [ 315.630288][ T30] ieee80211_remove_interfaces+0x4ef/0x700 [ 315.636546][ T30] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 315.643374][ T30] ? rcu_is_watching+0x15/0xb0 [ 315.648147][ T30] ieee80211_unregister_hw+0x5d/0x2c0 [ 315.653904][ T30] mac80211_hwsim_del_radio+0x2c4/0x4c0 [ 315.659451][ T30] ? __pfx_mac80211_hwsim_del_radio+0x10/0x10 [ 315.665918][ T30] hwsim_exit_net+0x5c1/0x670 [ 315.670584][ T30] ? __pfx_hwsim_exit_net+0x10/0x10 [ 315.676170][ T30] ? __ip_vs_dev_cleanup_batch+0x239/0x260 [ 315.681990][ T30] cleanup_net+0x812/0xd60 [ 315.686804][ T30] ? __pfx_cleanup_net+0x10/0x10 [ 315.691732][ T30] ? rcu_is_watching+0x15/0xb0 [ 315.696961][ T30] ? process_scheduled_works+0x976/0x1840 [ 315.703197][ T30] process_scheduled_works+0xa66/0x1840 [ 315.708777][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 315.715067][ T30] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 315.720641][ T30] ? assign_work+0x364/0x3d0 [ 315.725608][ T30] worker_thread+0x870/0xd30 [ 315.730191][ T30] ? __kthread_parkme+0x169/0x1d0 [ 315.735591][ T30] ? __pfx_worker_thread+0x10/0x10 [ 315.740691][ T30] kthread+0x7a9/0x920 [ 315.745136][ T30] ? __pfx_kthread+0x10/0x10 [ 315.749715][ T30] ? __pfx_worker_thread+0x10/0x10 [ 315.755207][ T30] ? __pfx_kthread+0x10/0x10 [ 315.759784][ T30] ? __pfx_kthread+0x10/0x10 [ 315.764745][ T30] ? __pfx_kthread+0x10/0x10 [ 315.769322][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 315.774898][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 315.780088][ T30] ? __pfx_kthread+0x10/0x10 [ 315.785098][ T30] ret_from_fork+0x4b/0x80 [ 315.789517][ T30] ? __pfx_kthread+0x10/0x10 [ 315.794481][ T30] ret_from_fork_asm+0x1a/0x30 [ 315.799237][ T30] [ 315.802281][ T30] INFO: task kworker/u8:4:61 blocked for more than 143 seconds. [ 315.810332][ T30] Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 315.817936][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 315.827125][ T30] task:kworker/u8:4 state:D stack:22128 pid:61 tgid:61 ppid:2 flags:0x00004000 [ 315.837514][ T30] Workqueue: events_unbound linkwatch_event [ 315.843448][ T30] Call Trace: [ 315.846728][ T30] [ 315.849664][ T30] __schedule+0x186c/0x4be0 [ 315.854198][ T30] ? schedule+0x90/0x320 [ 315.858425][ T30] ? schedule+0x90/0x320 [ 315.863166][ T30] ? __pfx___schedule+0x10/0x10 [ 315.868032][ T30] ? __pfx_lock_release+0x10/0x10 [ 315.873388][ T30] ? rcu_is_watching+0x15/0xb0 [ 315.878142][ T30] ? kthread_data+0x52/0xd0 [ 315.883152][ T30] ? schedule+0x90/0x320 [ 315.887404][ T30] ? wq_worker_sleeping+0x66/0x240 [ 315.892851][ T30] ? schedule+0x90/0x320 [ 315.897083][ T30] schedule+0x14b/0x320 [ 315.901222][ T30] schedule_preempt_disabled+0x13/0x30 [ 315.907128][ T30] __mutex_lock+0x817/0x1010 [ 315.911707][ T30] ? __mutex_lock+0x602/0x1010 [ 315.916835][ T30] ? linkwatch_event+0xe/0x60 [ 315.921500][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 315.926934][ T30] ? __pfx_debug_object_deactivate+0x10/0x10 [ 315.933467][ T30] ? rcu_is_watching+0x15/0xb0 [ 315.938243][ T30] ? process_scheduled_works+0x976/0x1840 [ 315.944293][ T30] linkwatch_event+0xe/0x60 [ 315.948785][ T30] process_scheduled_works+0xa66/0x1840 [ 315.954697][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 315.960672][ T30] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 315.966722][ T30] ? assign_work+0x364/0x3d0 [ 315.971325][ T30] worker_thread+0x870/0xd30 [ 315.976313][ T30] ? __kthread_parkme+0x169/0x1d0 [ 315.981325][ T30] ? __pfx_worker_thread+0x10/0x10 [ 315.986803][ T30] kthread+0x7a9/0x920 [ 315.990863][ T30] ? __pfx_kthread+0x10/0x10 [ 315.995831][ T30] ? __pfx_worker_thread+0x10/0x10 [ 316.000929][ T30] ? __pfx_kthread+0x10/0x10 [ 316.005886][ T30] ? __pfx_kthread+0x10/0x10 [ 316.010465][ T30] ? __pfx_kthread+0x10/0x10 [ 316.015599][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 316.020809][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 316.026476][ T30] ? __pfx_kthread+0x10/0x10 [ 316.031124][ T30] ret_from_fork+0x4b/0x80 [ 316.035872][ T30] ? __pfx_kthread+0x10/0x10 [ 316.040450][ T30] ret_from_fork_asm+0x1a/0x30 [ 316.045581][ T30] [ 316.048618][ T30] INFO: task kworker/u8:6:1073 blocked for more than 144 seconds. [ 316.056950][ T30] Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 316.064484][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 316.073525][ T30] task:kworker/u8:6 state:D stack:23440 pid:1073 tgid:1073 ppid:2 flags:0x00004000 [ 316.083861][ T30] Workqueue: cfg80211 cfg80211_dfs_channels_update_work [ 316.090795][ T30] Call Trace: [ 316.094123][ T30] [ 316.097058][ T30] __schedule+0x186c/0x4be0 [ 316.101573][ T30] ? schedule+0x90/0x320 [ 316.105838][ T30] ? schedule+0x90/0x320 [ 316.110065][ T30] ? __pfx___schedule+0x10/0x10 [ 316.115337][ T30] ? __pfx_lock_release+0x10/0x10 [ 316.120371][ T30] ? rcu_is_watching+0x15/0xb0 [ 316.125509][ T30] ? kthread_data+0x52/0xd0 [ 316.130042][ T30] ? schedule+0x90/0x320 [ 316.134684][ T30] ? wq_worker_sleeping+0x66/0x240 [ 316.139794][ T30] ? rcu_is_watching+0x15/0xb0 [ 316.144931][ T30] ? schedule+0x90/0x320 [ 316.149168][ T30] schedule+0x14b/0x320 [ 316.153686][ T30] schedule_preempt_disabled+0x13/0x30 [ 316.159134][ T30] __mutex_lock+0x817/0x1010 [ 316.164220][ T30] ? __mutex_lock+0x602/0x1010 [ 316.168989][ T30] ? cfg80211_dfs_channels_update_work+0xbf/0x610 [ 316.175731][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 316.180740][ T30] ? __pfx___schedule+0x10/0x10 [ 316.185962][ T30] ? rcu_is_watching+0x15/0xb0 [ 316.190721][ T30] cfg80211_dfs_channels_update_work+0xbf/0x610 [ 316.197337][ T30] ? preempt_schedule+0xe1/0xf0 [ 316.202180][ T30] ? __pfx_preempt_schedule+0x10/0x10 [ 316.207926][ T30] ? __pfx_cfg80211_dfs_channels_update_work+0x10/0x10 [ 316.215308][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 316.220695][ T30] ? process_scheduled_works+0x976/0x1840 [ 316.226900][ T30] process_scheduled_works+0xa66/0x1840 [ 316.233074][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 316.239078][ T30] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 316.244951][ T30] ? assign_work+0x364/0x3d0 [ 316.249526][ T30] worker_thread+0x870/0xd30 [ 316.254489][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 316.260373][ T30] ? __kthread_parkme+0x169/0x1d0 [ 316.265766][ T30] ? __pfx_worker_thread+0x10/0x10 [ 316.270866][ T30] kthread+0x7a9/0x920 [ 316.275304][ T30] ? __pfx_kthread+0x10/0x10 [ 316.279885][ T30] ? __pfx_worker_thread+0x10/0x10 [ 316.285494][ T30] ? __pfx_kthread+0x10/0x10 [ 316.290088][ T30] ? __pfx_kthread+0x10/0x10 [ 316.295005][ T30] ? __pfx_kthread+0x10/0x10 [ 316.299582][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 316.305155][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 316.310341][ T30] ? __pfx_kthread+0x10/0x10 [ 316.315316][ T30] ret_from_fork+0x4b/0x80 [ 316.319726][ T30] ? __pfx_kthread+0x10/0x10 [ 316.324692][ T30] ret_from_fork_asm+0x1a/0x30 [ 316.329448][ T30] [ 316.332747][ T30] INFO: task dhcpcd:5501 blocked for more than 144 seconds. [ 316.340136][ T30] Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 316.347758][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 316.356441][ T30] task:dhcpcd state:D stack:21200 pid:5501 tgid:5501 ppid:5500 flags:0x00004002 [ 316.366954][ T30] Call Trace: [ 316.370221][ T30] [ 316.373649][ T30] __schedule+0x186c/0x4be0 [ 316.378150][ T30] ? schedule+0x90/0x320 [ 316.382376][ T30] ? schedule+0x90/0x320 [ 316.387034][ T30] ? __pfx___schedule+0x10/0x10 [ 316.391876][ T30] ? __pfx_lock_release+0x10/0x10 [ 316.397284][ T30] ? rcu_is_watching+0x15/0xb0 [ 316.402055][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 316.408428][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 316.415079][ T30] ? schedule+0x90/0x320 [ 316.419307][ T30] schedule+0x14b/0x320 [ 316.423969][ T30] schedule_preempt_disabled+0x13/0x30 [ 316.429438][ T30] __mutex_lock+0x817/0x1010 [ 316.434431][ T30] ? __mutex_lock+0x602/0x1010 [ 316.439229][ T30] ? rtnl_dumpit+0x99/0x200 [ 316.444117][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 316.449133][ T30] ? __build_skb_around+0x245/0x3d0 [ 316.454702][ T30] ? __alloc_skb+0x28f/0x440 [ 316.459279][ T30] ? __kasan_slab_free+0x59/0x70 [ 316.464703][ T30] ? __pfx___alloc_skb+0x10/0x10 [ 316.469653][ T30] ? __pfx_rtnl_dump_all+0x10/0x10 [ 316.475262][ T30] rtnl_dumpit+0x99/0x200 [ 316.479597][ T30] netlink_dump+0x64d/0xe10 [ 316.484443][ T30] ? __pfx_netlink_dump+0x10/0x10 [ 316.489461][ T30] ? netlink_recvmsg+0x632/0x11a0 [ 316.494853][ T30] ? netlink_recvmsg+0x632/0x11a0 [ 316.499867][ T30] netlink_recvmsg+0x6ec/0x11a0 [ 316.505252][ T30] ? __pfx_netlink_recvmsg+0x10/0x10 [ 316.510542][ T30] ? rcu_is_watching+0x15/0xb0 [ 316.515640][ T30] ? __pfx_aa_sk_perm+0x10/0x10 [ 316.520479][ T30] ? lock_release+0xbf/0xa30 [ 316.525440][ T30] ? __pfx___might_resched+0x10/0x10 [ 316.530716][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 316.536029][ T30] ? bpf_lsm_socket_recvmsg+0x9/0x10 [ 316.541369][ T30] ? __pfx_netlink_recvmsg+0x10/0x10 [ 316.547033][ T30] sock_recvmsg+0x22f/0x280 [ 316.551531][ T30] ____sys_recvmsg+0x1c6/0x480 [ 316.556708][ T30] ? __pfx_____sys_recvmsg+0x10/0x10 [ 316.561987][ T30] ? lock_release+0xbf/0xa30 [ 316.566950][ T30] __sys_recvmsg+0x291/0x390 [ 316.571532][ T30] ? __pfx___sys_recvmsg+0x10/0x10 [ 316.577172][ T30] ? __pfx_lock_release+0x10/0x10 [ 316.582200][ T30] ? trace_sys_enter+0x74/0x120 [ 316.587221][ T30] ? rcu_is_watching+0x15/0xb0 [ 316.592012][ T30] ? trace_sys_enter+0x25/0x120 [ 316.596898][ T30] do_syscall_64+0xf3/0x230 [ 316.601411][ T30] ? clear_bhb_loop+0x35/0x90 [ 316.606136][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 316.612046][ T30] RIP: 0033:0x7fbea1eac91e [ 316.616914][ T30] RSP: 002b:00007ffce5700b38 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 316.625593][ T30] RAX: ffffffffffffffda RBX: 00007ffce5701c60 RCX: 00007fbea1eac91e [ 316.633977][ T30] RDX: 0000000000000000 RSI: 00007ffce5701b80 RDI: 0000000000000010 [ 316.641981][ T30] RBP: 00007ffce5701bf0 R08: 00007ffce5701b64 R09: 000000000000000c [ 316.650330][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 316.658361][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 316.666202][ T30] R13: 00007ffce5701b64 R14: 00007ffce5701b80 R15: 00007ffce5701b70 [ 316.674523][ T30] [ 316.677576][ T30] INFO: task syz-executor:14223 blocked for more than 144 seconds. [ 316.685847][ T30] Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 316.693640][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 316.702302][ T30] task:syz-executor state:D stack:22128 pid:14223 tgid:14223 ppid:1 flags:0x00000004 [ 316.712985][ T30] Call Trace: [ 316.716273][ T30] [ 316.719208][ T30] __schedule+0x186c/0x4be0 [ 316.724012][ T30] ? schedule+0x90/0x320 [ 316.728244][ T30] ? schedule+0x90/0x320 [ 316.733099][ T30] ? __pfx___schedule+0x10/0x10 [ 316.738003][ T30] ? __pfx_lock_release+0x10/0x10 [ 316.743361][ T30] ? rcu_is_watching+0x15/0xb0 [ 316.748177][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 316.754453][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 316.760773][ T30] ? schedule+0x90/0x320 [ 316.765390][ T30] schedule+0x14b/0x320 [ 316.769538][ T30] schedule_preempt_disabled+0x13/0x30 [ 316.775396][ T30] __mutex_lock+0x817/0x1010 [ 316.779973][ T30] ? __mutex_lock+0x602/0x1010 [ 316.785107][ T30] ? rtnl_newlink+0xce2/0x2210 [ 316.789868][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 316.795269][ T30] ? ns_capable+0x8a/0xf0 [ 316.799586][ T30] ? rtnl_link_get_net_capable+0x168/0x340 [ 316.805764][ T30] rtnl_newlink+0xce2/0x2210 [ 316.810348][ T30] ? __pfx_rtnl_newlink+0x10/0x10 [ 316.815749][ T30] ? rcu_is_watching+0x15/0xb0 [ 316.820505][ T30] ? lock_release+0xbf/0xa30 [ 316.825465][ T30] ? rcu_is_watching+0x15/0xb0 [ 316.830222][ T30] ? lock_release+0xbf/0xa30 [ 316.835266][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 316.840291][ T30] ? lock_release+0xbf/0xa30 [ 316.845052][ T30] ? deref_stack_reg+0x17c/0x210 [ 316.850070][ T30] ? __pfx_lock_release+0x10/0x10 [ 316.855136][ T30] ? stack_trace_save+0x118/0x1d0 [ 316.860160][ T30] ? unwind_next_frame+0x18e6/0x22d0 [ 316.865465][ T30] ? deref_stack_reg+0x17c/0x210 [ 316.870405][ T30] ? preempt_count_add+0x93/0x190 [ 316.875758][ T30] ? 0xffffffffa000094c [ 316.879901][ T30] ? is_bpf_text_address+0x285/0x2a0 [ 316.885559][ T30] ? is_bpf_text_address+0x26/0x2a0 [ 316.890748][ T30] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 316.897273][ T30] ? kernel_text_address+0xa7/0xe0 [ 316.902377][ T30] ? __kernel_text_address+0xd/0x40 [ 316.907949][ T30] ? unwind_get_return_address+0x4d/0x90 [ 316.913937][ T30] ? rcu_is_watching+0x15/0xb0 [ 316.918694][ T30] ? lock_release+0xbf/0xa30 [ 316.923782][ T30] ? __pfx_lock_release+0x10/0x10 [ 316.928815][ T30] ? apparmor_capable+0x13b/0x1b0 [ 316.934179][ T30] ? bpf_lsm_capable+0x9/0x10 [ 316.938843][ T30] ? security_capable+0x7e/0x2d0 [ 316.944284][ T30] ? __pfx_rtnl_newlink+0x10/0x10 [ 316.949359][ T30] rtnetlink_rcv_msg+0x791/0xcf0 [ 316.954628][ T30] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 316.959752][ T30] ? lock_release+0xbf/0xa30 [ 316.964814][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 316.970284][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 316.975743][ T30] ? rcu_is_watching+0x15/0xb0 [ 316.980502][ T30] ? lock_acquire+0xe3/0x550 [ 316.985471][ T30] netlink_rcv_skb+0x1e3/0x430 [ 316.990244][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 316.996112][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 317.001389][ T30] ? net_generic+0x1f/0x240 [ 317.006273][ T30] ? netlink_deliver_tap+0x2e/0x1b0 [ 317.011457][ T30] netlink_unicast+0x7f6/0x990 [ 317.016587][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 317.021879][ T30] ? __virt_addr_valid+0x45f/0x530 [ 317.027367][ T30] ? __phys_addr_symbol+0x2f/0x70 [ 317.032380][ T30] ? __check_object_size+0x47a/0x730 [ 317.038036][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 317.043317][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 317.048608][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 317.053916][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 317.059188][ T30] __sock_sendmsg+0x221/0x270 [ 317.064391][ T30] __sys_sendto+0x363/0x4c0 [ 317.068897][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 317.074327][ T30] ? __might_fault+0xc6/0x120 [ 317.078991][ T30] ? trace_sys_enter+0x74/0x120 [ 317.084315][ T30] ? rcu_is_watching+0x15/0xb0 [ 317.089074][ T30] __x64_sys_sendto+0xde/0x100 [ 317.094005][ T30] do_syscall_64+0xf3/0x230 [ 317.098512][ T30] ? clear_bhb_loop+0x35/0x90 [ 317.103232][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 317.109127][ T30] RIP: 0033:0x7fab0658ebbc [ 317.113555][ T30] RSP: 002b:00007ffec769c120 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 317.121973][ T30] RAX: ffffffffffffffda RBX: 00007fab072d4620 RCX: 00007fab0658ebbc [ 317.130291][ T30] RDX: 0000000000000020 RSI: 00007fab072d4670 RDI: 0000000000000003 [ 317.138599][ T30] RBP: 0000000000000000 R08: 00007ffec769c174 R09: 000000000000000c [ 317.146901][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 317.155260][ T30] R13: 0000000000000000 R14: 00007fab072d4670 R15: 0000000000000000 [ 317.163736][ T30] [ 317.166774][ T30] INFO: task syz.4.2354:14306 blocked for more than 145 seconds. [ 317.174876][ T30] Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 317.182139][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 317.191191][ T30] task:syz.4.2354 state:D stack:24240 pid:14306 tgid:14295 ppid:5829 flags:0x00004006 [ 317.201705][ T30] Call Trace: [ 317.205419][ T30] [ 317.208342][ T30] __schedule+0x186c/0x4be0 [ 317.213326][ T30] ? schedule+0x90/0x320 [ 317.217580][ T30] ? schedule+0x90/0x320 [ 317.221809][ T30] ? __pfx___schedule+0x10/0x10 [ 317.227126][ T30] ? __pfx_lock_release+0x10/0x10 [ 317.232170][ T30] ? rcu_is_watching+0x15/0xb0 [ 317.237306][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 317.243726][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 317.250059][ T30] ? schedule+0x90/0x320 [ 317.254642][ T30] schedule+0x14b/0x320 [ 317.258841][ T30] schedule_preempt_disabled+0x13/0x30 [ 317.264687][ T30] __mutex_lock+0x817/0x1010 [ 317.269271][ T30] ? __mutex_lock+0x602/0x1010 [ 317.274436][ T30] ? reg_process_self_managed_hints+0xb9/0x1c0 [ 317.280583][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 317.286015][ T30] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 317.291987][ T30] reg_process_self_managed_hints+0xb9/0x1c0 [ 317.299226][ T30] wiphy_register+0x1be5/0x27b0 [ 317.305879][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.313438][ T30] ? __pfx_wiphy_register+0x10/0x10 [ 317.318650][ T30] ? minstrel_ht_alloc+0x72b/0x860 [ 317.324240][ T30] ? ieee80211_init_rate_ctrl_alg+0x5a2/0x620 [ 317.330309][ T30] ieee80211_register_hw+0x354e/0x4240 [ 317.335985][ T30] ? ieee80211_register_hw+0x15e1/0x4240 [ 317.341625][ T30] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 317.347493][ T30] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 317.353323][ T30] ? __asan_memset+0x23/0x50 [ 317.357974][ T30] ? __hrtimer_init+0x170/0x250 [ 317.363480][ T30] mac80211_hwsim_new_radio+0x2a9f/0x4a90 [ 317.369206][ T30] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 317.375740][ T30] ? kstrndup+0x5c/0xb0 [ 317.379899][ T30] ? __asan_memcpy+0x40/0x70 [ 317.385232][ T30] hwsim_new_radio_nl+0xece/0x2290 [ 317.390359][ T30] ? __pfx___nla_validate_parse+0x10/0x10 [ 317.396885][ T30] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 317.402447][ T30] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 317.409313][ T30] genl_rcv_msg+0xb14/0xec0 [ 317.414180][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 317.419208][ T30] ? stack_trace_save+0x118/0x1d0 [ 317.424617][ T30] ? __pfx_stack_trace_save+0x10/0x10 [ 317.429980][ T30] ? stack_depot_save_flags+0x37/0x940 [ 317.435913][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 317.440928][ T30] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 317.446878][ T30] ? __pfx___might_resched+0x10/0x10 [ 317.452149][ T30] ? rcu_is_watching+0x15/0xb0 [ 317.457329][ T30] ? lock_acquire+0xe3/0x550 [ 317.461959][ T30] netlink_rcv_skb+0x1e3/0x430 [ 317.467123][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 317.472142][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 317.477825][ T30] ? lock_release+0xbf/0xa30 [ 317.482409][ T30] ? __pfx___netlink_lookup+0x10/0x10 [ 317.488158][ T30] ? net_generic+0x1f/0x240 [ 317.493178][ T30] genl_rcv+0x28/0x40 [ 317.497167][ T30] netlink_unicast+0x7f6/0x990 [ 317.501913][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 317.507553][ T30] ? __virt_addr_valid+0x45f/0x530 [ 317.513176][ T30] ? __phys_addr_symbol+0x2f/0x70 [ 317.518211][ T30] ? __check_object_size+0x47a/0x730 [ 317.523975][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 317.528733][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 317.534532][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 317.539468][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 317.545262][ T30] __sock_sendmsg+0x221/0x270 [ 317.549958][ T30] ____sys_sendmsg+0x52a/0x7e0 [ 317.555126][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 317.560400][ T30] ? __fget_files+0x2a/0x410 [ 317.565478][ T30] ? __fget_files+0x2a/0x410 [ 317.570064][ T30] __sys_sendmsg+0x269/0x350 [ 317.575056][ T30] ? __pfx___sys_sendmsg+0x10/0x10 [ 317.580165][ T30] ? __pfx_lock_release+0x10/0x10 [ 317.585583][ T30] ? trace_sys_enter+0x74/0x120 [ 317.590427][ T30] ? rcu_is_watching+0x15/0xb0 [ 317.595341][ T30] ? trace_sys_enter+0x25/0x120 [ 317.600196][ T30] do_syscall_64+0xf3/0x230 [ 317.604724][ T30] ? clear_bhb_loop+0x35/0x90 [ 317.609410][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 317.615352][ T30] RIP: 0033:0x7faf4598cd29 [ 317.619773][ T30] RSP: 002b:00007faf4670e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 317.628629][ T30] RAX: ffffffffffffffda RBX: 00007faf45ba6160 RCX: 00007faf4598cd29 [ 317.636964][ T30] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000004 [ 317.645292][ T30] RBP: 00007faf45a0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 317.653606][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 317.661566][ T30] R13: 0000000000000000 R14: 00007faf45ba6160 R15: 00007fff74431418 [ 317.670175][ T30] [ 317.673613][ T30] INFO: task syz.2.2358:14305 blocked for more than 145 seconds. [ 317.681328][ T30] Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 317.689057][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 317.692645][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 317.700774][ T30] task:syz.2.2358 state:D stack:27568 pid:14305 tgid:14304 ppid:5834 flags:0x00000004 [ 317.715090][ T30] Call Trace: [ 317.718353][ T30] [ 317.721266][ T30] __schedule+0x186c/0x4be0 [ 317.726219][ T30] ? schedule+0x90/0x320 [ 317.730466][ T30] ? schedule+0x90/0x320 [ 317.735092][ T30] ? __pfx___schedule+0x10/0x10 [ 317.739936][ T30] ? __pfx_lock_release+0x10/0x10 [ 317.745345][ T30] ? rcu_is_watching+0x15/0xb0 [ 317.750105][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 317.756387][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 317.763203][ T30] ? schedule+0x90/0x320 [ 317.767456][ T30] schedule+0x14b/0x320 [ 317.771689][ T30] schedule_preempt_disabled+0x13/0x30 [ 317.777584][ T30] __mutex_lock+0x817/0x1010 [ 317.782166][ T30] ? __mutex_lock+0x602/0x1010 [ 317.787539][ T30] ? __tun_chr_ioctl+0x419/0x2400 [ 317.793101][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 317.798125][ T30] ? lock_release+0xbf/0xa30 [ 317.803211][ T30] ? __might_fault+0xaa/0x120 [ 317.807898][ T30] __tun_chr_ioctl+0x419/0x2400 [ 317.813246][ T30] ? __pfx___tun_chr_ioctl+0x10/0x10 [ 317.818534][ T30] ? __pfx_tun_chr_ioctl+0x10/0x10 [ 317.824117][ T30] __se_sys_ioctl+0xf5/0x170 [ 317.828713][ T30] do_syscall_64+0xf3/0x230 [ 317.833679][ T30] ? clear_bhb_loop+0x35/0x90 [ 317.838363][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 317.844694][ T30] RIP: 0033:0x7f3bbc38cd29 [ 317.849112][ T30] RSP: 002b:00007f3bbd251038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 317.857730][ T30] RAX: ffffffffffffffda RBX: 00007f3bbc5a5fa0 RCX: 00007f3bbc38cd29 [ 317.865728][ T30] RDX: 0000000020000040 RSI: 00000000400454d9 RDI: 0000000000000004 [ 317.873791][ T30] RBP: 00007f3bbc40e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 317.881767][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 317.890094][ T30] R13: 0000000000000000 R14: 00007f3bbc5a5fa0 R15: 00007fffc87ec908 [ 317.898501][ T30] [ 317.901521][ T30] INFO: task syz.2.2358:14310 blocked for more than 145 seconds. [ 317.909752][ T30] Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 317.917450][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 317.926452][ T30] task:syz.2.2358 state:D stack:28176 pid:14310 tgid:14304 ppid:5834 flags:0x00000004 [ 317.937192][ T30] Call Trace: [ 317.940474][ T30] [ 317.943896][ T30] __schedule+0x186c/0x4be0 [ 317.948411][ T30] ? schedule+0x90/0x320 [ 317.953155][ T30] ? schedule+0x90/0x320 [ 317.957406][ T30] ? __pfx___schedule+0x10/0x10 [ 317.962241][ T30] ? __pfx_lock_release+0x10/0x10 [ 317.967644][ T30] ? rcu_is_watching+0x15/0xb0 [ 317.972446][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 317.978889][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 317.985543][ T30] ? schedule+0x90/0x320 [ 317.989776][ T30] schedule+0x14b/0x320 [ 317.994318][ T30] schedule_preempt_disabled+0x13/0x30 [ 317.999767][ T30] __mutex_lock+0x817/0x1010 [ 318.004799][ T30] ? __mutex_lock+0x602/0x1010 [ 318.009551][ T30] ? __tun_chr_ioctl+0x48c/0x2400 [ 318.015138][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 318.020151][ T30] ? lock_release+0xbf/0xa30 [ 318.025252][ T30] __tun_chr_ioctl+0x48c/0x2400 [ 318.030121][ T30] ? __pfx___tun_chr_ioctl+0x10/0x10 [ 318.035813][ T30] ? __pfx_tun_chr_ioctl+0x10/0x10 [ 318.040917][ T30] __se_sys_ioctl+0xf5/0x170 [ 318.045890][ T30] do_syscall_64+0xf3/0x230 [ 318.050380][ T30] ? clear_bhb_loop+0x35/0x90 [ 318.055526][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 318.061425][ T30] RIP: 0033:0x7f3bbc38cd29 [ 318.066174][ T30] RSP: 002b:00007f3bbd230038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 318.075008][ T30] RAX: ffffffffffffffda RBX: 00007f3bbc5a6080 RCX: 00007f3bbc38cd29 [ 318.083455][ T30] RDX: 0000000000000001 RSI: 00000000400454cb RDI: 0000000000000004 [ 318.091429][ T30] RBP: 00007f3bbc40e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 318.099854][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 318.107978][ T30] R13: 0000000000000001 R14: 00007f3bbc5a6080 R15: 00007fffc87ec908 [ 318.116036][ T30] [ 318.119052][ T30] INFO: task syz.2.2358:14316 blocked for more than 146 seconds. [ 318.126874][ T30] Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 318.134415][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 318.143553][ T30] task:syz.2.2358 state:D stack:27792 pid:14316 tgid:14304 ppid:5834 flags:0x00000004 [ 318.154190][ T30] Call Trace: [ 318.157461][ T30] [ 318.160376][ T30] __schedule+0x186c/0x4be0 [ 318.165399][ T30] ? schedule+0x90/0x320 [ 318.169649][ T30] ? schedule+0x90/0x320 [ 318.174230][ T30] ? __pfx___schedule+0x10/0x10 [ 318.179116][ T30] ? __pfx_lock_release+0x10/0x10 [ 318.184522][ T30] ? rcu_is_watching+0x15/0xb0 [ 318.189277][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 318.195545][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 318.201886][ T30] ? schedule+0x90/0x320 [ 318.206498][ T30] schedule+0x14b/0x320 [ 318.210646][ T30] schedule_preempt_disabled+0x13/0x30 [ 318.216487][ T30] __mutex_lock+0x817/0x1010 [ 318.221067][ T30] ? __mutex_lock+0x602/0x1010 [ 318.226265][ T30] ? rtnetlink_rcv_msg+0x6e6/0xcf0 [ 318.231372][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 318.236779][ T30] ? bpf_lsm_capable+0x9/0x10 [ 318.241445][ T30] ? security_capable+0x7e/0x2d0 [ 318.246764][ T30] rtnetlink_rcv_msg+0x6e6/0xcf0 [ 318.251717][ T30] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 318.257317][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 318.263276][ T30] ? ref_tracker_free+0x643/0x7e0 [ 318.268308][ T30] netlink_rcv_skb+0x1e3/0x430 [ 318.273545][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 318.279012][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 318.284801][ T30] ? netlink_deliver_tap+0x2e/0x1b0 [ 318.290005][ T30] netlink_unicast+0x7f6/0x990 [ 318.295113][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 318.300391][ T30] ? __virt_addr_valid+0x45f/0x530 [ 318.305879][ T30] ? __phys_addr_symbol+0x2f/0x70 [ 318.310894][ T30] ? __check_object_size+0x47a/0x730 [ 318.316558][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 318.321315][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 318.326981][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 318.331907][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 318.337655][ T30] __sock_sendmsg+0x221/0x270 [ 318.342329][ T30] ____sys_sendmsg+0x52a/0x7e0 [ 318.347471][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 318.352931][ T30] ? __fget_files+0x2a/0x410 [ 318.357526][ T30] ? __fget_files+0x2a/0x410 [ 318.362207][ T30] __sys_sendmsg+0x269/0x350 [ 318.366837][ T30] ? __pfx___sys_sendmsg+0x10/0x10 [ 318.371971][ T30] ? __pfx_lock_release+0x10/0x10 [ 318.377043][ T30] ? trace_sys_enter+0x74/0x120 [ 318.381967][ T30] ? rcu_is_watching+0x15/0xb0 [ 318.387097][ T30] ? trace_sys_enter+0x25/0x120 [ 318.391945][ T30] do_syscall_64+0xf3/0x230 [ 318.396831][ T30] ? clear_bhb_loop+0x35/0x90 [ 318.401500][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 318.407783][ T30] RIP: 0033:0x7f3bbc38cd29 [ 318.412185][ T30] RSP: 002b:00007f3bbd20f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 318.421017][ T30] RAX: ffffffffffffffda RBX: 00007f3bbc5a6160 RCX: 00007f3bbc38cd29 [ 318.429339][ T30] RDX: 0000000000000000 RSI: 00000000200012c0 RDI: 000000000000000a [ 318.437707][ T30] RBP: 00007f3bbc40e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 318.446103][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 318.454406][ T30] R13: 0000000000000000 R14: 00007f3bbc5a6160 R15: 00007fffc87ec908 [ 318.462369][ T30] [ 318.465758][ T30] INFO: task syz.1.2360:14317 blocked for more than 146 seconds. [ 318.473800][ T30] Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 318.481062][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 318.490270][ T30] task:syz.1.2360 state:D stack:28176 pid:14317 tgid:14315 ppid:5831 flags:0x00000004 [ 318.500959][ T30] Call Trace: [ 318.504776][ T30] [ 318.507732][ T30] __schedule+0x186c/0x4be0 [ 318.512265][ T30] ? schedule+0x90/0x320 [ 318.516923][ T30] ? schedule+0x90/0x320 [ 318.521169][ T30] ? __pfx___schedule+0x10/0x10 [ 318.526402][ T30] ? __pfx_lock_release+0x10/0x10 [ 318.531446][ T30] ? rcu_is_watching+0x15/0xb0 [ 318.536597][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 318.543020][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 318.549377][ T30] ? schedule+0x90/0x320 [ 318.554027][ T30] schedule+0x14b/0x320 [ 318.558180][ T30] schedule_preempt_disabled+0x13/0x30 [ 318.564053][ T30] __mutex_lock+0x817/0x1010 [ 318.568632][ T30] ? __mutex_lock+0x602/0x1010 [ 318.573785][ T30] ? genl_rcv_msg+0x121/0xec0 [ 318.578455][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 318.583941][ T30] ? rcu_is_watching+0x15/0xb0 [ 318.588739][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 318.595451][ T30] ? lock_release+0xbf/0xa30 [ 318.600033][ T30] ? rcu_is_watching+0x15/0xb0 [ 318.604996][ T30] ? radix_tree_lookup+0x238/0x290 [ 318.610115][ T30] genl_rcv_msg+0x121/0xec0 [ 318.614656][ T30] ? __dev_queue_xmit+0x2f4/0x3f50 [ 318.619775][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 318.624822][ T30] ? __dev_queue_xmit+0x1775/0x3f50 [ 318.630030][ T30] ? kasan_save_track+0x51/0x80 [ 318.635238][ T30] ? __sys_sendto+0x363/0x4c0 [ 318.639908][ T30] ? rcu_is_watching+0x15/0xb0 [ 318.645070][ T30] ? lock_acquire+0xe3/0x550 [ 318.649650][ T30] ? __pfx___dev_queue_xmit+0x10/0x10 [ 318.655403][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 318.660443][ T30] ? __pfx___might_resched+0x10/0x10 [ 318.666174][ T30] netlink_rcv_skb+0x1e3/0x430 [ 318.670962][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 318.676382][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 318.681658][ T30] ? lock_release+0xbf/0xa30 [ 318.686624][ T30] ? __netlink_deliver_tap+0x7aa/0x7f0 [ 318.692123][ T30] genl_rcv+0x28/0x40 [ 318.696477][ T30] netlink_unicast+0x7f6/0x990 [ 318.701231][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 318.706961][ T30] ? __virt_addr_valid+0x45f/0x530 [ 318.712078][ T30] ? __phys_addr_symbol+0x2f/0x70 [ 318.717434][ T30] ? __check_object_size+0x47a/0x730 [ 318.723213][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 318.727987][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 318.732583][ C1] IPVS: ovf: UDP 224.0.0.2:0 - no destination available [ 318.736265][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 318.745592][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 318.750909][ T30] __sock_sendmsg+0x221/0x270 [ 318.755956][ T30] __sys_sendto+0x363/0x4c0 [ 318.760474][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 318.765892][ T30] ? __might_fault+0xc6/0x120 [ 318.770568][ T30] ? trace_sys_enter+0x74/0x120 [ 318.775900][ T30] ? rcu_is_watching+0x15/0xb0 [ 318.780673][ T30] __x64_sys_sendto+0xde/0x100 [ 318.785847][ T30] do_syscall_64+0xf3/0x230 [ 318.790345][ T30] ? clear_bhb_loop+0x35/0x90 [ 318.795440][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 318.801348][ T30] RIP: 0033:0x7f83fbd8ebbc [ 318.806139][ T30] RSP: 002b:00007f83fcb80ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 318.815045][ T30] RAX: ffffffffffffffda RBX: 00007f83fcb80fc0 RCX: 00007f83fbd8ebbc [ 318.823521][ T30] RDX: 000000000000001c RSI: 00007f83fcb81010 RDI: 0000000000000003 [ 318.831495][ T30] RBP: 0000000000000000 R08: 00007f83fcb80f14 R09: 000000000000000c [ 318.839818][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 318.848130][ T30] R13: 00007f83fcb80f68 R14: 00007f83fcb81010 R15: 0000000000000000 [ 318.856280][ T30] [ 318.859308][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 318.868346][ T30] INFO: task syz.0.2361:14319 blocked for more than 146 seconds. [ 318.876090][ T30] Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 318.883938][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 318.893115][ T30] task:syz.0.2361 state:D stack:28176 pid:14319 tgid:14318 ppid:5833 flags:0x00000004 [ 318.903803][ T30] Call Trace: [ 318.907070][ T30] [ 318.909980][ T30] __schedule+0x186c/0x4be0 [ 318.914920][ T30] ? schedule+0x90/0x320 [ 318.919153][ T30] ? schedule+0x90/0x320 [ 318.923885][ T30] ? __pfx___schedule+0x10/0x10 [ 318.928767][ T30] ? __pfx_lock_release+0x10/0x10 [ 318.934310][ T30] ? rcu_is_watching+0x15/0xb0 [ 318.939088][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 318.945309][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 318.951625][ T30] ? schedule+0x90/0x320 [ 318.956262][ T30] schedule+0x14b/0x320 [ 318.960411][ T30] schedule_preempt_disabled+0x13/0x30 [ 318.966270][ T30] __mutex_lock+0x817/0x1010 [ 318.970848][ T30] ? __mutex_lock+0x602/0x1010 [ 318.976010][ T30] ? dev_ioctl+0x706/0x1340 [ 318.980505][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 318.986060][ T30] ? inet6_ioctl+0x203/0x280 [ 318.990670][ T30] ? dev_load+0x21/0x1f0 [ 318.995362][ T30] dev_ioctl+0x706/0x1340 [ 318.999732][ T30] sock_do_ioctl+0x240/0x460 [ 319.004702][ T30] ? __pfx_sock_do_ioctl+0x10/0x10 [ 319.009806][ T30] sock_ioctl+0x626/0x8e0 [ 319.014554][ T30] ? __pfx_sock_ioctl+0x10/0x10 [ 319.019397][ T30] ? __fget_files+0x2a/0x410 [ 319.024364][ T30] ? __fget_files+0x2a/0x410 [ 319.028947][ T30] ? __pfx_sock_ioctl+0x10/0x10 [ 319.034196][ T30] __se_sys_ioctl+0xf5/0x170 [ 319.038776][ T30] do_syscall_64+0xf3/0x230 [ 319.043779][ T30] ? clear_bhb_loop+0x35/0x90 [ 319.048464][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 319.054735][ T30] RIP: 0033:0x7ff21758cd29 [ 319.059143][ T30] RSP: 002b:00007ff2183fe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 319.067944][ T30] RAX: ffffffffffffffda RBX: 00007ff2177a5fa0 RCX: 00007ff21758cd29 [ 319.076257][ T30] RDX: 0000000020000000 RSI: 0000000000008914 RDI: 0000000000000003 [ 319.084564][ T30] RBP: 00007ff21760e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 319.093057][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 319.101069][ T30] R13: 0000000000000000 R14: 00007ff2177a5fa0 R15: 00007ffe30044418 [ 319.109332][ T30] [ 319.112358][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 319.121415][ T30] INFO: task syz.0.2361:14322 blocked for more than 147 seconds. [ 319.129164][ T30] Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 319.136799][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 319.145844][ T30] task:syz.0.2361 state:D stack:28176 pid:14322 tgid:14318 ppid:5833 flags:0x00000004 [ 319.156357][ T30] Call Trace: [ 319.159625][ T30] [ 319.163077][ T30] __schedule+0x186c/0x4be0 [ 319.167598][ T30] ? schedule+0x90/0x320 [ 319.171846][ T30] ? schedule+0x90/0x320 [ 319.176466][ T30] ? __pfx___schedule+0x10/0x10 [ 319.181311][ T30] ? __pfx_lock_release+0x10/0x10 [ 319.186706][ T30] ? rcu_is_watching+0x15/0xb0 [ 319.191486][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 319.197763][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 319.204469][ T30] ? schedule+0x90/0x320 [ 319.208703][ T30] schedule+0x14b/0x320 [ 319.213494][ T30] schedule_preempt_disabled+0x13/0x30 [ 319.218970][ T30] __mutex_lock+0x817/0x1010 [ 319.223969][ T30] ? __mutex_lock+0x602/0x1010 [ 319.228723][ T30] ? dev_ioctl+0x706/0x1340 [ 319.233678][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 319.238713][ T30] ? inet6_ioctl+0x203/0x280 [ 319.243817][ T30] ? dev_load+0x21/0x1f0 [ 319.248067][ T30] dev_ioctl+0x706/0x1340 [ 319.252377][ T30] sock_do_ioctl+0x240/0x460 [ 319.257397][ T30] ? __pfx_sock_do_ioctl+0x10/0x10 [ 319.263043][ T30] sock_ioctl+0x626/0x8e0 [ 319.267382][ T30] ? __pfx_sock_ioctl+0x10/0x10 [ 319.272234][ T30] ? __fget_files+0x2a/0x410 [ 319.277210][ T30] ? __fget_files+0x2a/0x410 [ 319.281795][ T30] ? __pfx_sock_ioctl+0x10/0x10 [ 319.287027][ T30] __se_sys_ioctl+0xf5/0x170 [ 319.291609][ T30] do_syscall_64+0xf3/0x230 [ 319.296496][ T30] ? clear_bhb_loop+0x35/0x90 [ 319.301166][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 319.307472][ T30] RIP: 0033:0x7ff21758cd29 [ 319.311875][ T30] RSP: 002b:00007ff2183dd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 319.320675][ T30] RAX: ffffffffffffffda RBX: 00007ff2177a6080 RCX: 00007ff21758cd29 [ 319.329047][ T30] RDX: 0000000020000240 RSI: 0000000000008914 RDI: 0000000000000003 [ 319.337360][ T30] RBP: 00007ff21760e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 319.345831][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 319.354000][ T30] R13: 0000000000000000 R14: 00007ff2177a6080 R15: 00007ffe30044418 [ 319.362076][ T30] [ 319.365534][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 319.375123][ T30] INFO: lockdep is turned off. [ 319.379901][ T30] NMI backtrace for cpu 1 [ 319.379910][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 319.379921][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 319.379927][ T30] Call Trace: [ 319.379931][ T30] [ 319.379935][ T30] dump_stack_lvl+0x241/0x360 [ 319.379954][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 319.379968][ T30] ? __pfx__printk+0x10/0x10 [ 319.379980][ T30] ? __pfx_rcu_preempt_deferred_qs_irqrestore+0x10/0x10 [ 319.379995][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 319.380010][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 319.380021][ T30] ? _printk+0xd5/0x120 [ 319.380032][ T30] ? __pfx_rcu_read_unlock_special+0x10/0x10 [ 319.380045][ T30] ? __pfx__printk+0x10/0x10 [ 319.380058][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 319.380069][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 319.380082][ T30] watchdog+0xff6/0x1040 [ 319.380094][ T30] ? watchdog+0x1ea/0x1040 [ 319.380106][ T30] ? __pfx_watchdog+0x10/0x10 [ 319.380117][ T30] kthread+0x7a9/0x920 [ 319.380129][ T30] ? __pfx_kthread+0x10/0x10 [ 319.380141][ T30] ? __pfx_watchdog+0x10/0x10 [ 319.380152][ T30] ? __pfx_kthread+0x10/0x10 [ 319.380165][ T30] ? __pfx_kthread+0x10/0x10 [ 319.380179][ T30] ? __pfx_kthread+0x10/0x10 [ 319.380191][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 319.380203][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 319.380217][ T30] ? __pfx_kthread+0x10/0x10 [ 319.380229][ T30] ret_from_fork+0x4b/0x80 [ 319.380239][ T30] ? __pfx_kthread+0x10/0x10 [ 319.380250][ T30] ret_from_fork_asm+0x1a/0x30 [ 319.380263][ T30] [ 319.380267][ T30] Sending NMI from CPU 1 to CPUs 0: [ 319.551630][ C0] NMI backtrace for cpu 0 skipped: idling at acpi_safe_halt+0x21/0x30 [ 319.552976][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 319.552990][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-syzkaller-04101-gb2aec4efe834 #0 [ 319.553009][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 319.553020][ T30] Call Trace: [ 319.553028][ T30] [ 319.553035][ T30] dump_stack_lvl+0x241/0x360 [ 319.553062][ T30] ? __pfx_vprintk_emit+0x10/0x10 [ 319.553079][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 319.553099][ T30] ? __pfx__printk+0x10/0x10 [ 319.553122][ T30] ? vscnprintf+0x5d/0x90 [ 319.553142][ T30] panic+0x349/0x880 [ 319.553163][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 319.553184][ T30] ? __pfx_panic+0x10/0x10 [ 319.553202][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 319.553225][ T30] ? __irq_work_queue_local+0x137/0x410 [ 319.553245][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 319.553264][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 319.553284][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 319.553305][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 319.553327][ T30] watchdog+0x1035/0x1040 [ 319.553347][ T30] ? watchdog+0x1ea/0x1040 [ 319.553369][ T30] ? __pfx_watchdog+0x10/0x10 [ 319.553387][ T30] kthread+0x7a9/0x920 [ 319.553406][ T30] ? __pfx_kthread+0x10/0x10 [ 319.553426][ T30] ? __pfx_watchdog+0x10/0x10 [ 319.553444][ T30] ? __pfx_kthread+0x10/0x10 [ 319.553463][ T30] ? __pfx_kthread+0x10/0x10 [ 319.553483][ T30] ? __pfx_kthread+0x10/0x10 [ 319.553500][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 319.553521][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 319.553542][ T30] ? __pfx_kthread+0x10/0x10 [ 319.553562][ T30] ret_from_fork+0x4b/0x80 [ 319.553579][ T30] ? __pfx_kthread+0x10/0x10 [ 319.553598][ T30] ret_from_fork_asm+0x1a/0x30 [ 319.553619][ T30] [ 319.738231][ T30] Kernel Offset: disabled [ 319.742540][ T30] Rebooting in 86400 seconds..