last executing test programs: 1m29.187838875s ago: executing program 4 (id=1339): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000980)={0x2}, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000780)={'vlan0\x00'}) write(r0, &(0x7f0000000300)="240000001a005f0214f9f4070d0903001f000000fe050000000200000800040001000000", 0x24) r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x31e}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x56a}, {&(0x7f00000007c0)=""/154, 0xd7}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 1m6.707668504s ago: executing program 4 (id=1339): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000980)={0x2}, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000780)={'vlan0\x00'}) write(r0, &(0x7f0000000300)="240000001a005f0214f9f4070d0903001f000000fe050000000200000800040001000000", 0x24) r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x31e}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x56a}, {&(0x7f00000007c0)=""/154, 0xd7}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 52.411596343s ago: executing program 4 (id=1339): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000980)={0x2}, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000780)={'vlan0\x00'}) write(r0, &(0x7f0000000300)="240000001a005f0214f9f4070d0903001f000000fe050000000200000800040001000000", 0x24) r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x31e}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x56a}, {&(0x7f00000007c0)=""/154, 0xd7}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 36.342894892s ago: executing program 4 (id=1339): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000980)={0x2}, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000780)={'vlan0\x00'}) write(r0, &(0x7f0000000300)="240000001a005f0214f9f4070d0903001f000000fe050000000200000800040001000000", 0x24) r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x31e}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x56a}, {&(0x7f00000007c0)=""/154, 0xd7}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 20.934460542s ago: executing program 4 (id=1339): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000980)={0x2}, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000780)={'vlan0\x00'}) write(r0, &(0x7f0000000300)="240000001a005f0214f9f4070d0903001f000000fe050000000200000800040001000000", 0x24) r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x31e}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x56a}, {&(0x7f00000007c0)=""/154, 0xd7}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 5.918956606s ago: executing program 4 (id=1339): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000980)={0x2}, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000780)={'vlan0\x00'}) write(r0, &(0x7f0000000300)="240000001a005f0214f9f4070d0903001f000000fe050000000200000800040001000000", 0x24) r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x31e}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x56a}, {&(0x7f00000007c0)=""/154, 0xd7}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 4.805898704s ago: executing program 2 (id=2514): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c000000190001410000000000000000021800000000fd000000ed0008000100ac141400080008"], 0x2c}}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0xc004743e, 0x20001400) 4.614094474s ago: executing program 2 (id=2517): r0 = socket$can_j1939(0x1d, 0x2, 0x7) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000009c0)={'vcan0\x00', 0x0}) r2 = socket$can_j1939(0x1d, 0x2, 0x7) bind$can_j1939(r2, &(0x7f0000000080)={0x1d, r1}, 0x18) sendmsg$can_j1939(r2, &(0x7f00000001c0)={&(0x7f0000000040), 0x18, &(0x7f0000000180)={&(0x7f00000000c0)="92", 0x1a000}}, 0xee) r3 = socket$nl_route(0x10, 0x3, 0x0) bind$can_j1939(0xffffffffffffffff, &(0x7f0000000200)={0x1d, r1, 0x80000000, {0x0, 0x0, 0x3}, 0x2}, 0x18) r4 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000f00)=@newtfilter={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, r5}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0) 1.764193633s ago: executing program 2 (id=2524): socket$nl_netfilter(0x10, 0x3, 0xc) socket$alg(0x26, 0x5, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x3}, 0x1c) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$inet6_buf(r0, 0x29, 0x1e, 0x0, &(0x7f00000001c0)) connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x20}, 0x5}, 0x1c) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'cryptd(crct10dif-generic)\x00'}, 0x4b) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r2, &(0x7f0000000000), 0x6) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r3, &(0x7f0000001140)={0x1f, 0x0, 0x1}, 0x6) write$bt_hci(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="011904"], 0xe) socket$nl_netfilter(0x10, 0x3, 0xc) mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0xb, 0x10, 0xffffffffffffffff, 0x0) pipe(0x0) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000c40)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01001801000000000000200000002000000005000000000000000100000f0400000000000000000000000000000000000104000000000000006100"], 0x0, 0x3d}, 0x20) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000080)=@mangle={'mangle\x00', 0x1f, 0x6, 0x3a0, 0x118, 0x0, 0x330, 0x298, 0x330, 0x3f0, 0x3f0, 0x3f0, 0x3f0, 0x3f0, 0x6, 0x0, {[{{@ip={@multicast1, @remote, 0x0, 0x0, 'ip6erspan0\x00', 'pimreg0\x00'}, 0x0, 0x70, 0xa8}, @common=@inet=@SET3={0x38}}, {{@ip={@multicast2, @dev, 0x0, 0x0, 'veth0_to_bond\x00', 'syzkaller1\x00'}, 0x0, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @loopback, 0x0, 0x0, 'vlan0\x00', 'veth1_to_bridge\x00'}, 0x0, 0x70, 0x98}, @ECN={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @ECN={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x400) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000dc020078000000000000000000000000ff02000000000000e26ea7250000000100000000000000000a"], 0xb8}}, 0x0) sendmsg$nl_xfrm(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="650100001b"], 0x188}}, 0x0) sendmsg$nl_xfrm(r4, &(0x7f0000000480)={0x0, 0x2500, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="6501000014"], 0x188}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000200)={'syz_tun\x00'}) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000004c0)=ANY=[@ANYBLOB="180100000000400000000000f3a30000850000006d0000009536b2ca2f800990b23617df06597bfb9d31916848ddb90bcff467126b3de385d5bde5d53fe40296df1c9d2b14ad07ef55f5cc4fb623728e123f05872fda1e7f8f7186b32dc79c0a411c6ebecf098301e78e18bccaac7f88ee438e64daef443d3f030a6ff65ec23392e750fdb3650871987df586a8a221835e9dccd550fba30f2cd1c33fbfa1bba6584e428b96f2db4303c08e0ba6ea0951972a5701c44041"], &(0x7f0000000100)='GPL\x00', 0x0, 0x2f, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffff800}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='contention_end\x00', r7}, 0x10) r8 = syz_init_net_socket$x25(0x9, 0x5, 0x0) sendmsg$TIPC_CMD_GET_LINKS(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) 1.508045331s ago: executing program 0 (id=2528): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000180)={'wlan0\x00'}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000440)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000001200000008000300", @ANYBLOB="0a0006000802110000010000200011800400040004000200040001000400030004000300040006"], 0x48}}, 0x0) 1.432033813s ago: executing program 3 (id=2529): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000780)=@raw={'raw\x00', 0x701, 0x3, 0x258, 0x108, 0xb, 0x108, 0x1c0, 0x0, 0x1c0, 0x1c8, 0x1c8, 0x1c0, 0x1c8, 0x3, 0x0, {[{{@ip={@rand_addr, @broadcast, 0x0, 0x0, 'veth1_to_batadv\x00', '\x00', {}, {}, 0x32}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@inet=@esp={{0x30}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}, {{@ip={@loopback, @empty, 0x0, 0x0, 'veth1_to_batadv\x00', 'ip6erspan0\x00'}, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x2b8) (async) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000780)=@raw={'raw\x00', 0x701, 0x3, 0x258, 0x108, 0xb, 0x108, 0x1c0, 0x0, 0x1c0, 0x1c8, 0x1c8, 0x1c0, 0x1c8, 0x3, 0x0, {[{{@ip={@rand_addr, @broadcast, 0x0, 0x0, 'veth1_to_batadv\x00', '\x00', {}, {}, 0x32}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@inet=@esp={{0x30}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}, {{@ip={@loopback, @empty, 0x0, 0x0, 'veth1_to_batadv\x00', 'ip6erspan0\x00'}, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x2b8) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r1}, 0x10) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r1}, 0x10) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48) (async) r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r2, 0xffffffffffffffff}, 0x4) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xc, 0x20, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000cbbb614da377070bf988852573e22d4d3026ecb185eabcbd5330b6c2f736b13ceab5a8621488c23bfc3d550d5ed42e974dcb8ad2974eecb6f0dd39bd00", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000a500000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7020000000000008500000086000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xc, 0x20, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000cbbb614da377070bf988852573e22d4d3026ecb185eabcbd5330b6c2f736b13ceab5a8621488c23bfc3d550d5ed42e974dcb8ad2974eecb6f0dd39bd00", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000a500000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7020000000000008500000086000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r6, 0x89f2, &(0x7f0000000100)={'syztnl0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r6, 0x89f1, &(0x7f00000011c0)={'ip6tnl0\x00', &(0x7f0000001140)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @private2, @ipv4={'\x00', '\xff\xff', @empty}}}) r7 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r7, 0x89f1, &(0x7f0000000500)={'ip6tnl0\x00', &(0x7f0000000480)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @rand_addr=' \x01\x00', @loopback}}) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r5, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) (async) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r5, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) socket(0x1e, 0x5, 0x0) (async) r8 = socket(0x1e, 0x5, 0x0) listen(r8, 0x0) accept4$inet6(r8, 0x0, 0x0, 0x0) sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0) 1.371873562s ago: executing program 2 (id=2531): r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) listen(r0, 0xc) r1 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r1, &(0x7f0000e5c000)={0x2, 0x4e20, @local}, 0x10) getsockopt$inet_int(0xffffffffffffffff, 0x10d, 0xe9, &(0x7f0000000040), &(0x7f0000000080)=0x4) 1.240135622s ago: executing program 0 (id=2532): socket$inet6(0xa, 0x3, 0x2f) r0 = socket$inet6(0xa, 0x3, 0x7) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000140)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20) connect$inet6(r0, &(0x7f0000000280)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x4380000, @loopback}, 0x1c) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) sendmsg$802154_raw(0xffffffffffffffff, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'bridge0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3c00000010004b0400"/20, @ANYRES32=r3, @ANYBLOB="00400000000000001c0012800b00010062726964676500000c00028005002c0002"], 0x3c}}, 0x0) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$sock_linger(r5, 0x1, 0xd, &(0x7f0000000000)={0x8000001}, 0x8) close(r5) bind$bt_hci(r4, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r4, &(0x7f0000000200)=ANY=[@ANYBLOB="1a00000007"], 0xd) 1.221256533s ago: executing program 3 (id=2533): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000780)=@newsa={0x138, 0x10, 0x1, 0x0, 0x0, {{@in=@multicast1, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}, {@in6=@private1, 0x0, 0x32}, @in=@loopback, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_auth={0x48, 0x1, {{'ghash\x00'}, 0x2}}]}, 0x138}}, 0x0) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@ipv4_newroute={0x1c, 0x1a, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3500}}, 0x1c}}, 0x0) sendmsg$NL802154_CMD_GET_WPAN_PHY(r2, &(0x7f00000002c0)={0x0, 0x39, &(0x7f00000001c0)={&(0x7f0000000000)={0x28, r1, 0xb15, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x3, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc}]}, 0x28}}, 0x0) r4 = socket$inet_icmp(0x2, 0x2, 0x1) setsockopt$EBT_SO_SET_ENTRIES(r4, 0x0, 0x80, &(0x7f0000000bc0)=@nat={'nat\x00', 0x19, 0x0, 0x90, [], 0x2, 0x0, &(0x7f0000000b00)=[{}, {}, {0x2}]}, 0x108) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000003feffff720af0fff8ffffff71a4f0ff0000000071100000000000001d400500000000004704000001ed00000f030000000000001d44000000000000620a00fe040026ca7203000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51bf900000000000000d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba3a9508f9d6aba582a896a9f1e096df6ecea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350844ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6032399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x5a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90) 1.172835538s ago: executing program 1 (id=2534): socket(0x10, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_LOOKUP_BATCH(0x18, 0x0, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000009007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdc0}, 0x50) 984.168662ms ago: executing program 0 (id=2535): r0 = socket(0x10, 0x3, 0x0) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) unshare(0x0) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x6}, 0x4) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_TEST(r1, &(0x7f0000000280)={0x0, 0xb00, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="380000000b060114000000000000000000000000100007800c00018008000140e000000205000100070000000900020073797a31"], 0x38}}, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0) sendto$inet6(r0, &(0x7f0000000180)="9000000018001f2fb9409b52ffff65580200be04020c060560020b0243000f00ffffff9e00c8388827a685a168d0bf47d32345653602648dcaaf6c26c291214549935ade4a460c20b6ec0cff3959547f500f58ba86c902000f1d012e02000280160012000a000000000000000000000000080000000eceb6b362bb944cf2e70100aba4183b003e5fa424ac4d31c4f7a1", 0x90, 0x0, 0x0, 0xf) 983.951814ms ago: executing program 1 (id=2536): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000080)={'filter\x00'}, &(0x7f0000000940)=0xbe) sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001b00)=ANY=[@ANYBLOB="200100001900010400000000000000007f000001000000000000000000000000ac1e000100000000000000000000000000000000000000000200102000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000001000000000009c58ebe000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008001f00020000005400080050000800003f48"], 0x120}}, 0x0) (fail_nth: 4) 983.281165ms ago: executing program 3 (id=2537): r0 = socket(0x10, 0x3, 0x0) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) unshare(0x0) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x6}, 0x4) ioctl$sock_inet_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, &(0x7f0000000440)={'wlan1\x00', {0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}}) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000080)=[{0x30, 0x0, 0x0, 0xfffff010}, {0x6}]}, 0x10) syz_emit_ethernet(0xfdef, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff0800450000380000000000019078ac1e0001ac1414aa030090780300000045000000000000000dbc74000000000000000000000000040022ebff"], 0x0) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0xb00, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="380000000b060114000000000000000000000000100007800c00018008000140e000000205000100070000000900020073797a31"], 0x38}}, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0) sendto$inet6(r0, &(0x7f0000000180)="9000000018001f2fb9409b52ffff65580200be04020c060560020b0243000f00ffffff9e00c8388827a685a168d0bf47d32345653602648dcaaf6c26c291214549935ade4a460c20b6ec0cff3959547f500f58ba86c902000f1d012e02000280160012000a000000000000000000000000080000000eceb6b362bb944cf2e70100aba4183b003e5fa424ac4d31c4f7a1", 0x90, 0x0, 0x0, 0xf) 606.579705ms ago: executing program 1 (id=2538): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x90) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000001080)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0x0, @private2}, 0x1c, &(0x7f0000000480)=[{&(0x7f0000000280)}], 0x1}}], 0x1, 0x0) accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) close(0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f00000000c0)="ab553fec94248c32e27d04", 0xb) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r1, 0x0) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @remote}, 0x10) r3 = socket$netlink(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000240)={0x0, 0x8, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="3800feff", @ANYRES16=r4, @ANYBLOB="1506000000000000004c0100000024000180060005004e22000008000300ac1414bb060001000200000008000600a7"], 0x38}}, 0x0) 530.644127ms ago: executing program 0 (id=2539): r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmsg$L2TP_CMD_NOOP(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00042bbd7000fcdbdf250000000008001700", @ANYRES32, @ANYBLOB="050006000300000005001200d5000100000000000000c208f52468cdbdfe000000000000000003000000ea8338580fc7a846efa229baddb06d59924dfa21666fa9f27bfcc03b0b18d341e6e6f7b76d75b691b6d49ed02cf4f608dae8872a70"], 0x3c}, 0x1, 0x0, 0x0, 0x20000054}, 0x24000000) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r2}, 0x10) r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000200)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00000000000000000000030000000800018004b140d1500002800800020000000000080001"], 0x30}}, 0x0) sendmsg$netlink(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002b0001ca650000000004001806"], 0x114}], 0x1}, 0x0) sendmsg$RDMA_NLDEV_CMD_RES_GET(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x38, 0x1409, 0x800, 0x70bd26, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x38}}, 0x48001) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000ac0)=@mangle={'mangle\x00', 0x64, 0x6, 0x5b0, 0x0, 0x318, 0x0, 0x0, 0xe8, 0x4e0, 0x4e0, 0x4e0, 0x4e0, 0x4e0, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xe8, 0x0, {0x0, 0x3a010000}}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv6=@dev}}}, {{@ipv6={@remote, @loopback, [], [], 'wg1\x00', 'ip6gretap0\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xe8}}, {{@uncond, 0x0, 0x138, 0x160, 0x0, {}, [@common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x0, 0x0, @dev, @private1, @remote}}]}, @unspec=@CHECKSUM={0x28, 'CHECKSUM\x00', 0x0, {0x0}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@inet=@TCPMSS={0x28}}, {{@ipv6={@loopback, @private2, [], [], 'batadv0\x00', 'veth0_to_batadv\x00'}, 0x0, 0xd0, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @inet=@DSCP={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x610) 491.042894ms ago: executing program 3 (id=2540): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) shutdown(r1, 0x0) write(r1, 0x0, 0x0) sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB="e2f2457e3fc853760e98d44d5551839571eb72a880e54735e11b36bce4198114aa208280a2ccbc21cee5d9355f74446c9d60c176ad6439ddbf425d1f28c5920040e2a2f28451e10c85fa2656cbf005d43b0e3d6ba5fbe8111242f100af7b03c1ea53d651b10fcb967a9ebac974dce2b0f7401824ed8efe01cd5b422bc3e682adc96e347ad42c2fdcc8739a1d0296dec2045c46e78fcf150b5d14e094a933cc1e7448fba379a65019d7b0830e99fa522bcadc12dce911143e48f88adf826c33d87c6a347fbb2995b1ca6cc6093d6a18469dc3508578d918fe0ee397b5972159fbc139", @ANYRESHEX, @ANYRESDEC=r1], 0x14}}, 0x0) recvmmsg(r0, &(0x7f0000000000)=[{{0x0, 0x140, &(0x7f00000002c0)=[{&(0x7f00000004c0)=""/4091, 0x1008}, {&(0x7f0000001580)=""/238, 0xf0}], 0x5, 0x0, 0x353}}], 0x40000000000002e, 0x0, 0x0) 426.596275ms ago: executing program 1 (id=2541): socket$nl_netfilter(0x10, 0x3, 0xc) socket$alg(0x26, 0x5, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x3}, 0x1c) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$inet6_buf(r0, 0x29, 0x1e, 0x0, &(0x7f00000001c0)) connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x20}, 0x5}, 0x1c) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'cryptd(crct10dif-generic)\x00'}, 0x4b) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r2, &(0x7f0000000000), 0x6) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r3, &(0x7f0000001140)={0x1f, 0x0, 0x1}, 0x6) write$bt_hci(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="011904"], 0xe) socket$nl_netfilter(0x10, 0x3, 0xc) mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0xb, 0x10, 0xffffffffffffffff, 0x0) pipe(0x0) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000c40)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01001801000000000000200000002000000005000000000000000100000f0400000000000000000000000000000000000104000000000000006100"], 0x0, 0x3d}, 0x20) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000080)=@mangle={'mangle\x00', 0x1f, 0x6, 0x3a0, 0x118, 0x0, 0x330, 0x298, 0x330, 0x3f0, 0x3f0, 0x3f0, 0x3f0, 0x3f0, 0x6, 0x0, {[{{@ip={@multicast1, @remote, 0x0, 0x0, 'ip6erspan0\x00', 'pimreg0\x00'}, 0x0, 0x70, 0xa8}, @common=@inet=@SET3={0x38}}, {{@ip={@multicast2, @dev, 0x0, 0x0, 'veth0_to_bond\x00', 'syzkaller1\x00'}, 0x0, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @loopback, 0x0, 0x0, 'vlan0\x00', 'veth1_to_bridge\x00'}, 0x0, 0x70, 0x98}, @ECN={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @ECN={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x400) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000dc020078000000000000000000000000ff02000000000000e26ea7250000000100000000000000000a"], 0xb8}}, 0x0) sendmsg$nl_xfrm(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="650100001b"], 0x188}}, 0x0) sendmsg$nl_xfrm(r4, &(0x7f0000000480)={0x0, 0x2500, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="6501000014"], 0x188}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000200)={'syz_tun\x00'}) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000004c0)=ANY=[@ANYBLOB="180100000000400000000000f3a30000850000006d0000009536b2ca2f800990b23617df06597bfb9d31916848ddb90bcff467126b3de385d5bde5d53fe40296df1c9d2b14ad07ef55f5cc4fb623728e123f05872fda1e7f8f7186b32dc79c0a411c6ebecf098301e78e18bccaac7f88ee438e64daef443d3f030a6ff65ec23392e750fdb3650871987df586a8a221835e9dccd550fba30f2cd1c33fbfa1bba6584e428b96f2db4303c08e0ba6ea0951972a5701c44041"], &(0x7f0000000100)='GPL\x00', 0x0, 0x2f, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffff800}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='contention_end\x00', r7}, 0x10) r8 = syz_init_net_socket$x25(0x9, 0x5, 0x0) sendmsg$TIPC_CMD_GET_LINKS(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) 397.479628ms ago: executing program 2 (id=2542): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000180)={'wlan0\x00'}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000440)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000001200000008000300", @ANYBLOB="0a0006000802110000010000200011800400040004000200040001000400030004000300040006"], 0x48}}, 0x0) 328.598167ms ago: executing program 3 (id=2543): socket$inet6(0xa, 0x0, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0xc8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0xaa, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaaaaaaaaaa049c0000ffff8100000086dd604f3bf500303a0020010000000007000000000000000002ff05"], 0x0) 205.544949ms ago: executing program 0 (id=2544): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="0203000010000000000b00000000000005000600000000000a00000000000000fc02000000000000000000000000000000000000000000000200010000000000000000000000000005000500000000000a00000000000000000000000000000000000000000000000000000000000000010014000000000001"], 0x80}, 0x1, 0x7}, 0x0) 204.4624ms ago: executing program 1 (id=2545): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) socket$packet(0x11, 0x3, 0x300) sendmmsg$inet6(r0, &(0x7f0000009940)=[{{&(0x7f0000000100)={0xa, 0xfc, 0x0, @loopback={0x0, 0xac141414}}, 0x1c, 0x0}}], 0x1, 0x20004855) 100.444194ms ago: executing program 0 (id=2546): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) bind$rds(0xffffffffffffffff, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10) r2 = socket(0x2, 0x80805, 0x0) r3 = socket$inet_sctp(0x2, 0x5, 0x84) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xb, &(0x7f0000000b00)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x20000000}, {0x85, 0x0, 0x0, 0x72}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0xc, &(0x7f0000000240)=@assoc_value={0x0}, &(0x7f0000000080)=0x8) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f00000001c0)={r5}, 0x8) r6 = epoll_create1(0x0) r7 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r7, &(0x7f00000000c0)) r8 = socket$can_raw(0x1d, 0x3, 0x1) epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r8, &(0x7f0000000000)) epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r8, &(0x7f0000000200)) r9 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_JOIN_MESH(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)={0x34, r11, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r10}, @void}}, [@chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xffff}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @default=0x9b4}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x6}]]}, 0x34}}, 0x0) r12 = epoll_create1(0x80000) epoll_ctl$EPOLL_CTL_ADD(r12, 0x1, r6, &(0x7f0000000240)) sendmmsg(r8, &(0x7f00000027c0)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000100)="c24c2160c395e9d4e64d42d460ce95ac5fd79b0444fbf58e96fe88cbd12404dbf5b0f104e17225642c53c9777ba1e3c3db04b6aa4968c9aade0aa78f8cca9d1e5f07960418ae03673b78eb18d0b4934bb63ba060eb65dae7fda0fe52a89dd5c8a2b9e5d67460e9985b5fa3b993e00d40ddd40473816b5d1aa2f083877bfefef506e4e331e53e928574b658cc90b5e644e224684e1b2e61", 0x97}, {&(0x7f0000000280)}, {&(0x7f0000000040)="edad2c208de8cccf805fa57cb9ad11742f0bdb4d2a0ebfca087d463b69634dd829f05e218e15b89e49f07afab905b35a75f2bc02a91e62c14b1cddb75e2cde8de590a7ddf2295d80a1e6ad3b4872732071d5e4e13ec04c6ff79039d6be91b3985968", 0x62}, {&(0x7f0000000340)="42cfefd8d0eba173e54d6a5ea2560653f78b7b9966f45b77fb73b58e42145d41e1688ca553f4148c1a5c040c398d0fdd6421fba75f882c760aab8398253077f25806bfed30d02c7779bd2e812db0e5067e0fc23b5de542b384a595", 0x5b}, {&(0x7f00000003c0)="db8e32522ba58c561839321e4f2c51c8cff191bee3b97afcd3e4cf582c95c0cb624f0244ccb8e333514fb8c480ae5933d89dcfdf8215a509eca11deb742c7ebd04d302c24274a50957f770e08e493bef01815b7e792f58faaac0b4a39f0b2d93a61f4e139bc0b86f4b1cdc89b1057cb9d69d2ff87c7a4ea7254321cf5d3980994b8e73bb812153b2e2cf0d2f46c95d7cc0aea7bca937dd870d26ad4c5a1d12d33789dc961411b076104b1f7a4bf3b90b3f8e3b5010ccacd55f22de43670c4f26dd8252f580827d492641b68df82a449ae0edf7c7ac6ec9bb4330ba7ce232c72fc93c3fcdc3a142af772f1913134f05035428d45f71032f036d061e43", 0xfc}, {&(0x7f00000004c0)="73a66eec022f9b0d895f30708721173682cf947f77f0111106e1465c6f6577a46da531e4691db4c28f74cdd0dd5786d33aac79f6a26b4c5a8e1f3591fa25a662ff9e06b86424c60204", 0x49}, {&(0x7f00000001c0)="86f2eceeec0cf4e67ec18e21", 0xc}], 0x7, &(0x7f00000005c0)=[{0x80, 0x101, 0x7fff, "af0149b616848e23e10d409dad019448e2cdc7b2a25ecbe2840bc3d3281930fada79a4168340f5eda537ebbf3925146918878dd8886f1df3f67e09a87a773d09dc5a40bb37227c66f860fd4549a69e9258ebdf7398f7a33c52da995446da990047a68e65d639b85ac851d0fce514"}], 0x80}}, {{&(0x7f0000000640)=@qipcrtr={0x2a, 0xffffffffffffffff, 0x3fff}, 0x80, &(0x7f00000016c0)=[{&(0x7f00000006c0)="69931b0504b5a3dbeeb716a86d8a88afc453db196e08e2b16d7cd5ff5e96f7c43741eed176535388a12ee550c79dfa689b958f69015ba32515642c94c4b1fc0b1c43062693fca2607c9f04b34b0a52e0117d3cef057f7853767db74a2c0480b68f9b1c860599f3bf7c525747051d167b9f81ac45b77dd8a1e1f8e8c97b3e4612244de43a34777dce1dd9d00e4308c0fa7ccc6b82e5190e431a4fef445c42e179ba777c331d7f77220c24155ca993b2ab2ed504c61ac201f86d74aaa90aee827c9aba72707efeb816b858e2f7006426f3a69503861bf55ed62daaf99f7f4b59e4675601a307bbfd49fd20f52878c94cc354e8a86ce9b034337239f314df43b7663594504204b481660dd10591d034c6f4af461a292bb102fdf8008a4d3149209dc074caeb648e832ea52688148d9ae60891e4174ef45496bb94f054c2d219937aea18deb6aab8e99c505aff0d81bc78a979e6ff49564d79849243ceceef8bd71582532db41e1e938ca27b800b720163f1b9bf9e898c23dc7e4dc6c6fdb6f11f4516ac0b0b752805fab9187bb85efab537243554c68090e7e346c146763f2872deae3f5bdf4fb5f766caed899bbe53e44cc614059b69ae7a9cc96f24b36362f7d77131dafdf92748f4e45b60b79df16c430bbcb5b7cffdef401ef7aa59fa1728786255964d3d317aedfa0fb83a3c2d4ced2d4924c956aa1ac82c812cb9fba0e37dbd2e624c836df12a211770dfd31969cccf4e1cdd1a8c249e5903500f3a4bab04fd8ca15ae563d47e63f16187937bf0bf2f185fa95efc86276af7012269d4758009d88ba6b3ca8e4f155c4124bfb82dd4184a4e8508cafd5c25217d8c17cb34e13c95eb03fff928673ba9eb3b58783a9c695d6d9cbd01d00009787bdfa26ac69b33a89014dddfac7ead32168d9bb05abadba6160d67194e1a5ee6ac3f695b06d27a2a5be7c323f163824a7592809209845beb2e605ec8096de38138b6a03e0974e8e29a0b345c6df7ef20b729d07ade97581d77927bd2c92aeccd25dcf5e4049191eff6e92e4ccc0c19ef05ed61ba11a544cdd87c664c75943cea54147c1ea70765a97d4149cdcd26ed41ded64dae4b1253c2f57c0f85655e9eccc17bcd5696048741be9bdcd3a3dcf73cfb5074603f529a0112bc50443a02285d90e1d2ec60581531bb67655c468347601f7aecb698c969b1457456e8fd008809702168761e6369688c52398a310a2e2bb34ec0dec0e32857bf17b501f62168c6f61d857915fa103348d12a402f7527918d097a887257804af68469739a406f01f5e9a72e2b44d3b95dc0c550b59e745df32dfbe20580b97a73b2353da883a75019651d58a78bd8889f4d7ff155ace8648cabb70430c233866c262f11dbbbbdb51d6d1bf0c0f5446329ecba80cc8342678584d6ab1b28c6e5b6777a162f12cd60654416d498c0e49fad28325db23f82c6861267616a6d1b6b44e7f0c369969611f542394485bc432dbfeea358794abaff835e6d3a9aa1c13cf88d99cb13c2d4a195f5679cd9a2a7314e50eeca313512e097cd0e1fda8da13afa11117f257205741a1b1acf3356f8cbfec8e247121f18f8e8443bd243eeb18646a7df5d298b0e7e3aed996ce2bd6fc9b2a47a89805a12c94d8998753845136fdda7ceb0679a6c29b3f6deef097c300bf0aa4ef7c2b09db126b4a1d403438f213e658bc3addbc0f1e90af930c44215a47d73ab5ea4e42d928c71dd57f411e845245d4e50f25e2463442e157da0636bc49b4906db8f88eed443b91e75aa9b9c5a719006099b2a69efa7efe0dd7e965222cc7a9a6b79b15d43f2e6d71f58f4ab13000bf03cca96c0ba7c265171d65250b57679445ebb59b64d3bc6bc17dcded9babf3bc16d826617e0db794271cb2b91b72627da66d72db1d98ff7b079411d707fadb59c635e6e1f66f514ebb62640361f7c43dfdea612b4e44a67c965e18618ee470d4d48a6b1ebd973b59bd1d7ca2f7021227b833a20c70aceae4ed9be7dbe828602e8b48ba8b8a3aa2076f8cd4e76cfd742031433affa8ca39fad76b9722d758047934cf84ab90ed38f2bc0386dac1c7378f0bccddb07733faae9b913ed99d5bb3374a27f0caa23b011eaf352054531164e9d7dc519f0b26dbeb788d520ae614905bda11bff8ae4bdeae84aba7d54f91a37e1bca810885c1ca3d2e55d3710c6d401b742ef200276a80f3f7faa307c4a6080fd46e8b3fb4d65342b81340ad9bddca68b1f1a780ed4bb56b67d0d204202a77abc8df0c5ce9d64b1255e999211482ea03d0978a58d171ea5cb483926bc1da7e0124fa2e135a5795d75562441ab7b066d0749743c24a92683ac4f2225b4d8dceb65c79260b06f37e0ef3573980728febaee8e450ec25dff364b277c66ae0dd274cc1ae99e895070b93f51866f8871e1e8c22887382315a7bd6fe0ccb13e2b3e628fa66c1043a1530e626faee9f3f2c353d61948dc594160d917cb7683b74b7935bcf4fc92d6f7ad49872339667422d8e4fe05173242a4a84baec104052b9f0c97fd7f52b9b0b1985fbeeb8d499e935fa6fa8e986801726716d4962773db8e39805f5c261cb38ee8866733909375a1a8afd1efa50d17407b7bb2cbe59fce7406e3811ba8084d518ddacc6018a97ab393ae8457b859b4768c458fa4f4ebb4dec2c80cb7bbd6e97ffdf5c4243de43abd29981cdde6639bb2cccacf4ba974f722f54bcbc2a22b8a6070e39b882dfce074139d59e72daa418be97a52ba6104502d50d820c6bbf7e85155afaf8c44ece65cc26ed82b8908047f645c6f6691bc8f05b5c0c7683b3b1c6e7c71235167e49f86388cab355758eab757eee03a39de5a14143ed6113a0fe627f0aeb3d64935053d4e62e9489db535801724425571b0364b65dcf932b412bee64455c26734327babe79fe4f5ca0bc88341c41ff7583a65120c4f63c7699fdb411d51cfe783c14897c1ae22df69d04063a0d37aba38d5c48cf0452c970995bf84fe320487eb94001779c4859d1a33ec0b3c752486de6da395ea746a2c6740b6d01a5e2aecdb05b289e07a0bfcd8be4d928f3c746f54b92f9b3e26df0591e1b001e6f74c03568231d3c8806be63bb1ff45b62760a8a970ff88eed02b49acfb47a63d0ed9eb4c734c7ece8ee2996b480e06f721f8e8b301098e3cd5be7b0cbeae7edddab293a83d389672bc0a3ca560e543f129c046761cbc7c729e543e9608c72298462453d3410758cf03cd1b20fc6de55e3bd62f3cf743d8b21a7dd3e62705a63a5775c8c4fa2117342805806bd82866a4b3368e19725dba0e764650060ead1b92a333cee14b2c2965e269aba4c3e13c1b341c466b3a0cc2cd7ea21f713fc8edad27f6b321adf89d71ef4b44c94c3968d0acf3098d17330daf7744d756cae4856bfa61b2cf7d00023ce403029469b31ee7eef4525fb794eb0940d632188c4c3518f7700502c95bd74a0f168412a8212c7d99c232a224f638b74a9b14ee89038d1f82887952242392367227e3a36072d3ebccb2cdd701510e47db469e7055c80cfcbc4535cdeebf322659b3a4dea8707a48ac265b089f602de13e7fac672fc055268db1ee425690d01acb8581e8d793b19dea018657236e5731efc98913084ec3950dc81a1b225305478a4506dbeba66902a9bd078553ffd6d8fb9041bc8846a5d7c8049e73b9f89647baac9da9f0c5040a73dd6dac3b6041673cf3a3bb8aebd1ebcf0a667c71775a24b7c740d4a7c0df11ef7c676357f95e796a21ff5788327dbe9214273b09c21aad946c0ee21e4e25498af2b9ec35900c529fac6ca270abd06fb6d67813a84e569a2c1f3f0358efed0893b1a9dac7564b1d77a61f19d22d205e8120aec6a33c70fc3ce7b547db943f03430966e6f5b90e07a19f8f2459318c3215b98ed3898b318853d71e5cbde75748712b9aeffd89fd59055e44868fa9577195af7cdd397329ad4c24bb5e6775777d87355b5f42df7ea04514327d307ed1bf76d54ef9a3a13de6138935d2210f45e58ef67b1c25b090db050552c48a698444b53d6545bdea7193e23736a1a1cc37ce980e7bba30366a349bf842a670135d4b2ec6b0aeb3942f44355814a02970490dc1fe475dbf492a75a28aae67d94efa3687b74162856f2e867feb8dd77feed731f5212d9a99c4d191f3e5731d903ae0c97d59d305185ef5efbc4a503083acc7058cfd41b3206a1cd43d4b917fcb469d14ff46d357d364c73a68bc6f6c533bfecd528baec5fab0ece740133e802c61ff3a64f5d9e4e7f8f6f20aa333f9d778187a27681945677595715f85efaaa9f2004eb9762e644ad4d40c708a71eda8bb27f034c751a1d4722a734960134461f494fa0500887f82d515f1c829b793f004699e7244ac4f4bb2e9182cb2f98a9a2d0c012ac3c36adb58d7e98fa9e4fa3504b2306a104504a5ebcbaf128f9f6562f7f3c5808751d24a015035ba1de11a3921b0474db51ed31d0bc51f0dbe6b1deeec0556d5db1a6ab1c590b4bba866990e4351a4f38e3c94615c472916c0a7151e24c59f359394e6922f0b8b3d918e64e2944454a6ea050e665ac632e35f06db1b55989610f279b22b7b8fd39c7d1f383faa588c9167aa2a5031de325b6813f89ed0fa90e17ac6b788155d80544ff65ccf52aa8a2c1ee20e74f44b959f7745a4a5a8e7cf509f7bc194be0fc1919e88489a96fb93006350f5ba95f24bb290a3441bc81aa911e38ef4dd456e675bfea8eed8a0f7d8036be77d3990ddb690584d11c57c367e57011735da7c3b3cef4b0eb671f2767d2dc4b3c1f3d8b2dd48d33073a48d7647e0e7ee7f78cf9918d3cded06dad9747afbdbe694b1c9a1964aec9b11980be1261c9baec2755af1d9a842908d2c33d1944d51f7401b42a096b90d6df003928706e259d3f97fd3ef2a614d6149e156f35daeb14ec51cfd64a7848037ff7740e0721a5799b9a2959efc8af7ff2f4b64625995575039fb55f0315d4ae5f8863ae1df43d2c930997eb75d1de84093e67601efb10e155f7b59a65166c86c8696af1b28e3ff23fa6d6ae307e0efa8c8516cad74cd92539b2cb0934c0d221e538f37abfadad3ba245a81cf5a0722fcf77f19966c34bfa888a5c92daf7b997fd44fd7db5ccedc50ce762f83e85ac4512589def75de671477fab70ee9ac1dff5b8a9724130f35b29fd95c7e42267b9c1d82ecb7dab0f3188c3f1a343e279e6114ffb6fd3797b835a6869c6ba6ac002808b1502a9546ac9eaf9755f731d8ca2cd2bbb3835fc5711bbd298f32c2f409d08a2f4b5c3f117275e79e44a8202ba00b3c340d41b73e5008399c66d331ec4669b712127872d28392bb6c468b5acbaf514ee1c51bb3835b0c201fe8c09abdac3e4f33cd7ded56d7f672a8ce1a8ce1dc5fe5eb8ac15378346f5a78f87e5e4e2f42d4f1bda04c213e90e8a55349cc767e6cac31ee903be6646447e16bc842fc92c5a5dfee7c33c6185fe0b5538b32bc31b1a9bc779aa77e7fa77319e024a82fe71f54e26fa62077ab0ebc4c2c1c422609f69f6cd70ad47fd6232dc3dba317f394a28904fa40542934451e393881397b30bfddda148748e8e9d266508600a9ee121d5eaeff347d7e5620193f9467d4bc30e1345084c80015682ffc576b09b63689b593f1e32b663c10bd2afab4bd074037011ac306afda3d805a7d6497d6256d0a7078e9db54f164ecb94356268047d0b6078347c024ea4c8d6fba111b5425def4b824122eee5088a2cf0dd439f22c3b947b4e786c3dec02e4179e6fd7c0c091b7f0edfb4ac0ac3e9d10c12a5", 0x1000}], 0x1, &(0x7f0000001700)=[{0xc8, 0x111, 0x80000001, "1ff33026bf6616162780439816b67f40d307eee279af25e197e0c6070e2ab597890d95d11403af0111c9695b86fc5af38b4554b04a6bf88cfe412345079eab582ea6c8a4120868ba637be47ada51fd5f8dd0063fa1579eb7c7fa9fe0164d68ab6563e21ab9af037df637b5a84e3726cb2f360f853760f525c2cb4f16b3353077c27c2ed71014339d23ffa967729d02aa36654b5d435e5302b15f62a9beea0968778f6d382ec5483f78ad160dd561c8997a"}, {0x40, 0x112, 0x6, "ca9aa933fefc1dd3c4808bec8d362657b96eb3d0700085d3ce00bc773d7a58ea3d1946ff89d070ce6261c1eaa89d"}], 0x108}}, {{&(0x7f0000001840)=@un=@file={0x0, './file0\x00'}, 0x80, &(0x7f0000001cc0)=[{&(0x7f00000018c0)="cf1fefc46d6ad27fd812f3d0ff8b15cc172875584563661ad4a0ea1cd3553267e3b97849d8b87ecdddb3c8a55ea361b976b534867555427932dbb397126168ad2701eca27ca4ea7a702936a577bb13670204362e1528008cca6d2f8bddcb87a466394bc11fcf141c1100d06bfcb59d9e8b3701651459bee4188ea536d44bcaf6a0af9da3c568c5ce7ab80ef72daf1c1f24d3c9c69ff9f338879e8e77790b010ed147a7caa579406468e585a86beea3a7b7a2f6ed", 0xb4}, {&(0x7f0000001980)="f08a2720442ba2e988ec3ca4abfbc7d1f9842b41fd13cce6f54548142d9b3c2d44796996d293d0f4dab727ad3c6d7947219ce93c6959fb957030bbab48ecf5aad4a1e4d2d3726d1a139aee8efa8f6304dc93d74e6e115ce00403e66dba58a2cd3b83561d53483308181bbbf14c53e6751c5c328f369e1577204deb43a43ab6fc1df0a06c105a452a259736e375005c53be863cf732a5f21614b7ebea", 0x9c}, {&(0x7f0000001a40)="4adea9db8e519a1c4a0eb5211ee3d1c748f4bcf12c96a2f3f307e7ff50014160a31b0af37a7f91de4d7d6492452c1bace2cb7aeaa3a9e6d55c9460fc369afeb9f40a222b037aefbaae5e4269da6772f8289a012bb197e0346e7df24c21f8c80406116ba787dd4623b69d4797b84456bc33ffd3a5e0d047a899213d958bdcd1c7f707080a63a2f3388eb2455bfb4a", 0x8e}, {&(0x7f0000001b00)="a9735179aa0630f4f3841e994b3f17afad6df92c9abd5cacf5d2da799651546c3a42da12981bb2e5c829a7c3efc328dd913c6f153065145a5133ce8016ee569eea0e47d6a93fd66a2e70d429a41dc4e7faf02b334baedc90cf0b8a0589a4c3866cec53022dfb02e274da8c1f70305e8cd33d4c46c675f5a7e633a6af5729810e22f09cab8edcafe961372b79634638e11d94a70d00ebd45bd6c05f4828babf2d80ced399d823f397c3329819bb815d2615a62d81b50b4e8283954c9fb23fe833653359d17b350221b0627998f0907384f30731b78e6267d9d5b73e0d40c8dc2017113c128393e3c142d548fdcc9d14a04c8e79dbb51b129f3ad0db39504496", 0xff}, {&(0x7f0000001c00)="170291520f58b2850e229b44514b864802c9f3b6073ec53a2be93ec47f7c1792f2a2978960036398c8c78a64ee45f761631e3e3a053ad205ce52beb6942262bd7e6d28fc4c0aa09948fb1b531b9b1853a41a6a7a33b021561d11961e65e683e32c948c47444cc08ab7d3f17f4f972850be26759b15167d626887afd3353a20ab8bbb582256f9aacca16107faf6bc91790eeff3c2e5c7041d2977cd4abc543d4f24deab1663f5a8c1040482deb6dd1e213be4f31d4d182efa160e1917d41bac", 0xbf}], 0x5}}, {{&(0x7f0000001d40)=@nfc={0x27, 0x0, 0xffffffffffffffff, 0x5}, 0x80, &(0x7f0000002280)=[{&(0x7f0000001dc0)="6ab7d86841e434c75981556fc1d407404fa06bf82b0b8bbca461e06126d51a74187980df1a363222c28a78a7ff360775370939a1b89dc291f14b006e9b1c5f7695936ceb4db2f999aa28258531115c24b143ca91e7be19d0e8bb40fe", 0x5c}, {&(0x7f0000001e40)="0d1d4697ee189c423366e7d326786890aa2486ad9b2b6d202060608afe4ffb9592592e52c50e69cd4f209b6e273440ef6950aecd12537d10c752e9f43a1f9a044d2546eb8ad9026356412781de402426", 0x50}, {&(0x7f0000001ec0)="b1c67790c0bc206d7da72d784db84f5e98e1cad94fb82fca2c1437d947ce959232b7446883708d88a6330133c78da9456522c9712469dff600c1f2bb19863f78a4a858f99763d41c4f0796e01ed834cf4facb778eb50871a80e149024be4a3a298f5fce9f135b32edd2c30211d30fa0fceecc7ffa464df97f9a393bfeed6f5759f958647b8e72d100cfc3d4cd6bab4203d9ed5116e3ec6f46db1d014b4500608185ff37e6987fb1101fa3c701f9cec8e64e2a223d19d63cc7c82d393f81daa32e6e37d9178f74f79870ef753a1e0efbb1b1f5b426fb17370", 0xd8}, {&(0x7f0000001fc0)="5e1e30d6aa7ad80d1133c10528da336160292e2dcf2ae5a4461fa851b2ec57d2e8628eb2138be3ec3d21a191476253e30e77e50edefa1483f5fde9b86c771d417574690c6af9b1356ef3ba32637a4d6a55eadeecfa79b69b71fd0fb7d1d566bdb807b90cf9dd8d7387979904f40d7d245a42c95a74b2c554e4b4f0862a16fad4384125", 0x83}, {&(0x7f0000002080)="e125c668df126de285ff737a192f5ff7d64521c89d4b172485ed34269f0eb0ecec0e02e398812cb0279daacd08eeca914be624a7df904f73466bbe5724fb3de71ade97bcd9d54606448351711e07df705a432846c3095181c3cf43b06f3d58868fed2ee076ff432ea357ee0710962a12011aafb43a82c8208744fec8d9ea285cd3bc1ed361fd73de5458e3d5", 0x8c}, {&(0x7f0000002140)="96c88a07aadde92bad0c45be85da71f86112a3be17086391b1375322f580d44901a47f2e708889656edabc73b99c6bbc7a2581a4165e4a436ac719d607cd985e3008", 0x42}, {&(0x7f00000021c0)="1455a08aaf8d5abe3a8cba0ccd34ab384ff8ab0bf501c2062cfff883b78fd6ded9c085d34da24ab28ca10c3b2a5514a0d55d04d2437322f191846b0d56bb757e98a93e811a5e46410fab61163b3ec8915525f14a25b9b5c2cfe574d3b55e326cc28e81eea2e3b7300c809273ea447e887cfbe0570a2789968cf44bea9e92c9e744f456275047cf3614c1a0d46d44345dfaf2e67db1e4ec73ab7e0c454e8f9293bf0ef8e7c16246c4fd8635bf9849d297e24b8fc45ed31ab97df928c631", 0xbd}], 0x7}}, {{&(0x7f0000002300)=@un=@file={0x1, './file0\x00'}, 0x80, &(0x7f0000002700)=[{&(0x7f0000002380)="f48fa6efeb25e97c645b7268d5db0336755b7bd5e01384ca4b40a0b2bb2d7e35f826c0011073652e5d54a85886dbd567f15689ce0380ee253807dd7813373d194ec4c33c30d4ec", 0x47}, {&(0x7f0000002400)="ec0ab79fb11353538902e503ddde6350b83f8bdb6ff4b1786f2122d9b65c192fc06b9b20bf1f53fe5942d52113b8e78cfdfb7e1d42c5af30b1fb248bec7048242e092517b1ad3cd84827fb5808dec06ecec8c301463df5cb70b79bfe13fd25808b813358c7cff86f0ea612da2c4268af69b8802d0f65fba8f9b1d7db27c4c1e86574b8761a8f0cd2a8", 0x89}, {&(0x7f00000024c0)="6be60a8c825b6bf95351722a14ebbe20856b304eb2c71880a6bcf0b12732bed5301c2b3fb4bae042a4c8a10432e05db0a700db2c3bbb2e36e6b28db898f870aef52d2dd498cbef65c93216eb5abe03836b72d25cd6cac4bd472eea33a8882297b864f7363fd1b45998f33b53", 0x6c}, {&(0x7f0000002540)}], 0x4, &(0x7f0000002780)=[{0x18, 0x10f, 0xffffffff, "9d97b5958f76c31e"}], 0x18}}], 0x5, 0x9) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8003}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r13}, @IFLA_MASTER={0x8, 0xa, r13}]}, 0x44}}, 0x0) 100.053271ms ago: executing program 2 (id=2547): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_GET(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="0100000000000000000002000000080009"], 0x1c}}, 0x0) 139.546µs ago: executing program 1 (id=2548): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000002080)=@gettaction={0x4c, 0x32, 0x0, 0x0, 0x0, {}, [@action_gd=@TCA_ACT_TAB={0x38, 0x1, [{0xc, 0x0, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0xc, 0x0, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0xc, 0x0, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}, {0x10, 0x0, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'police\x00'}}]}]}, 0x4c}}, 0x0) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0xb70}, {&(0x7f00000007c0)=""/154, 0x4c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}, 0x1817}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 0s ago: executing program 3 (id=2549): r0 = socket(0x10, 0x3, 0x0) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) unshare(0x0) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x6}, 0x4) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_TEST(r1, &(0x7f0000000280)={0x0, 0xb00, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="380000000b060114000000000000000000000000100007800c00018008000140e000000205000100070000000900020073797a31"], 0x38}}, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0) sendto$inet6(r0, &(0x7f0000000180)="9000000018001f2fb9409b52ffff65580200be04020c060560020b0243000f00ffffff9e00c8388827a685a168d0bf47d32345653602648dcaaf6c26c291214549935ade4a460c20b6ec0cff3959547f500f58ba86c902000f1d012e02000280160012000a000000000000000000000000080000000eceb6b362bb944cf2e70100aba4183b003e5fa424ac4d31c4f7a1", 0x90, 0x0, 0x0, 0xf) kernel console output (not intermixed with test programs): tribute type 15 has an invalid length. [ 212.603304][T11186] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1800'. [ 212.714328][T11197] netlink: 165 bytes leftover after parsing attributes in process `syz.2.1802'. [ 212.785371][T10983] hsr_slave_0: entered promiscuous mode [ 212.823597][T10983] hsr_slave_1: entered promiscuous mode [ 212.849336][T10983] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 212.869378][T10983] Cannot create hsr debugfs directory [ 212.912352][T11205] bridge0: port 3(team0) entered blocking state [ 212.930324][ T5097] Bluetooth: hci1: command tx timeout [ 212.938664][T11205] bridge0: port 3(team0) entered disabled state [ 212.946109][T11205] team0: entered allmulticast mode [ 212.951662][T11205] team_slave_0: entered allmulticast mode [ 212.958833][T11205] team_slave_1: entered allmulticast mode [ 212.968240][T11205] team0: entered promiscuous mode [ 212.974041][T11205] team_slave_0: entered promiscuous mode [ 212.984488][T11205] team_slave_1: entered promiscuous mode [ 212.994727][T11205] bridge0: port 3(team0) entered blocking state [ 213.001471][T11205] bridge0: port 3(team0) entered forwarding state [ 213.892519][T11234] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check. [ 213.966115][ T8815] hsr_slave_0: left promiscuous mode [ 213.972446][ T8815] hsr_slave_1: left promiscuous mode [ 213.983524][ T8815] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 213.992147][ T8815] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 214.000930][ T8815] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 214.008362][ T8815] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 214.042139][ T8815] veth1_macvtap: left promiscuous mode [ 214.048658][ T8815] veth0_macvtap: left promiscuous mode [ 214.055434][ T8815] veth1_vlan: left promiscuous mode [ 214.062166][ T8815] veth0_vlan: left promiscuous mode [ 214.610116][ T5097] Bluetooth: hci0: command tx timeout [ 215.464083][ T8815] team0 (unregistering): Port device team_slave_1 removed [ 215.508939][ T8815] team0 (unregistering): Port device team_slave_0 removed [ 215.921964][T11274] __nla_validate_parse: 5 callbacks suppressed [ 215.921984][T11274] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1820'. [ 215.950549][T11274] netlink: 'syz.3.1820': attribute type 11 has an invalid length. [ 215.983315][T11274] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 215.993229][T11274] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 216.002757][T11274] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 216.011536][T11274] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 216.027308][T11274] vxlan0: entered promiscuous mode [ 216.137821][T11282] netlink: 165 bytes leftover after parsing attributes in process `syz.3.1824'. [ 216.149325][T11282] netlink: 277 bytes leftover after parsing attributes in process `syz.3.1824'. [ 216.589801][T11300] dccp_invalid_packet: P.Data Offset(172) too large [ 216.755288][T11306] netlink: 165 bytes leftover after parsing attributes in process `syz.2.1835'. [ 216.784786][T11306] netlink: 277 bytes leftover after parsing attributes in process `syz.2.1835'. [ 217.247198][T10943] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 217.286141][T10943] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 217.384355][T10943] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 217.435743][T10943] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 217.787901][T11354] netlink: 165 bytes leftover after parsing attributes in process `syz.1.1845'. [ 217.802317][T11354] netlink: 277 bytes leftover after parsing attributes in process `syz.1.1845'. [ 217.817928][T10943] 8021q: adding VLAN 0 to HW filter on device bond0 [ 217.918716][T10943] 8021q: adding VLAN 0 to HW filter on device team0 [ 217.972512][ T783] bridge0: port 1(bridge_slave_0) entered blocking state [ 217.979838][ T783] bridge0: port 1(bridge_slave_0) entered forwarding state [ 217.992428][ T783] bridge0: port 2(bridge_slave_1) entered blocking state [ 217.999737][ T783] bridge0: port 2(bridge_slave_1) entered forwarding state [ 218.011723][T10983] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 218.026919][T10983] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 218.039780][T10983] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 218.079493][T10983] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 218.342921][T11364] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1849'. [ 218.406031][T10983] 8021q: adding VLAN 0 to HW filter on device bond0 [ 218.512300][T10983] 8021q: adding VLAN 0 to HW filter on device team0 [ 218.557587][ T5143] bridge0: port 1(bridge_slave_0) entered blocking state [ 218.564901][ T5143] bridge0: port 1(bridge_slave_0) entered forwarding state [ 218.632277][ T5143] bridge0: port 2(bridge_slave_1) entered blocking state [ 218.639441][ T5143] bridge0: port 2(bridge_slave_1) entered forwarding state [ 218.712868][T11372] netlink: 'syz.1.1851': attribute type 4 has an invalid length. [ 218.732275][T11372] netlink: 17 bytes leftover after parsing attributes in process `syz.1.1851'. [ 218.761879][T11386] netlink: 165 bytes leftover after parsing attributes in process `syz.2.1855'. [ 218.857540][T10943] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 219.704373][ T53] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 219.735943][ T53] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 219.749597][ T53] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 219.758313][ T53] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 219.767439][T10983] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 219.775877][ T53] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 219.789073][ T53] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 219.943680][ T61] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 220.113772][ T61] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 220.232757][T10983] veth0_vlan: entered promiscuous mode [ 220.293572][T10943] veth0_vlan: entered promiscuous mode [ 220.359496][ T61] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 220.425966][T11450] netlink: 'syz.3.1863': attribute type 6 has an invalid length. [ 220.547575][ T61] team0: Port device netdevsim0 removed [ 220.562051][ T61] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 220.598169][T10943] veth1_vlan: entered promiscuous mode [ 220.705896][T10983] veth1_vlan: entered promiscuous mode [ 220.868531][T10943] veth0_macvtap: entered promiscuous mode [ 220.988727][T10983] veth0_macvtap: entered promiscuous mode [ 221.023407][T10943] veth1_macvtap: entered promiscuous mode [ 221.074621][T11482] netlink: 'syz.1.1870': attribute type 1 has an invalid length. [ 221.088080][T10983] veth1_macvtap: entered promiscuous mode [ 221.098845][T11482] __nla_validate_parse: 6 callbacks suppressed [ 221.098864][T11482] netlink: 112860 bytes leftover after parsing attributes in process `syz.1.1870'. [ 221.162624][T11482] netlink: 'syz.1.1870': attribute type 8 has an invalid length. [ 221.229614][T11424] chnl_net:caif_netlink_parms(): no params data found [ 221.264664][T10983] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 221.283942][T10983] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.304204][T10983] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 221.320562][T10983] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.331306][T10983] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 221.342465][T10983] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.354903][T10983] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 221.381588][T10943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 221.429351][T10943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.453810][T10943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 221.469607][T10943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.485860][T10943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 221.503534][T10943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.514882][T10943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 221.528184][T10943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.549746][T10943] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 221.623221][T10983] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 221.658651][T10983] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.673701][T10983] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 221.689965][T10983] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.699987][T10983] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 221.710663][T10983] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.720595][T10983] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 221.734051][T10983] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.757528][T10983] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 221.778792][T10983] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.801926][T10983] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 221.890953][ T53] Bluetooth: hci2: command tx timeout [ 221.901436][T10943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 221.920062][T10943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.941552][T10943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 221.963736][T10943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.979379][T10943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 222.000430][T10943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 222.019257][T10943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 222.039786][T10943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 222.061351][T10943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 222.083011][T10943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 222.104880][T10943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 222.125717][T10943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 222.154105][T10943] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 222.187414][T10943] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.205898][T10943] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.227652][T10943] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.237695][T10943] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.312704][T11424] bridge0: port 1(bridge_slave_0) entered blocking state [ 222.324366][T11424] bridge0: port 1(bridge_slave_0) entered disabled state [ 222.333869][T11424] bridge_slave_0: entered allmulticast mode [ 222.343057][T11424] bridge_slave_0: entered promiscuous mode [ 222.365222][T10983] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.374592][T10983] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.384029][T10983] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.393070][T10983] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.409749][T11424] bridge0: port 2(bridge_slave_1) entered blocking state [ 222.417773][T11424] bridge0: port 2(bridge_slave_1) entered disabled state [ 222.425531][T11424] bridge_slave_1: entered allmulticast mode [ 222.433873][T11424] bridge_slave_1: entered promiscuous mode [ 222.519413][T11424] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 222.576321][T11424] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 222.754593][T11424] team0: Port device team_slave_0 added [ 222.792724][T11424] team0: Port device team_slave_1 added [ 222.838190][T11546] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1882'. [ 222.903318][T11424] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 222.910718][T11424] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 222.980472][T11424] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 223.025314][T11554] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1883'. [ 223.055347][T11424] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 223.069436][T11424] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 223.140156][T11424] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 223.217448][ T2839] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 223.228737][ T8815] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 223.252347][ T2839] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 223.271477][ T8815] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 223.351503][T11424] hsr_slave_0: entered promiscuous mode [ 223.370545][T11424] hsr_slave_1: entered promiscuous mode [ 223.381134][T11424] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 223.389273][T11424] Cannot create hsr debugfs directory [ 223.643187][ T61] bridge_slave_1: left allmulticast mode [ 223.648882][ T61] bridge_slave_1: left promiscuous mode [ 223.666661][ T61] bridge0: port 2(bridge_slave_1) entered disabled state [ 223.697863][ T61] bridge_slave_0: left allmulticast mode [ 223.709369][ T61] bridge_slave_0: left promiscuous mode [ 223.716073][ T61] bridge0: port 1(bridge_slave_0) entered disabled state [ 223.974871][ T53] Bluetooth: hci2: command tx timeout [ 224.157048][ T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 224.169781][ T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 224.185674][ T61] bond0 (unregistering): Released all slaves [ 224.306114][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 224.317333][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 224.328645][T11571] netlink: 191384 bytes leftover after parsing attributes in process `syz.3.1887'. [ 224.409277][ T8815] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 224.425292][ T8815] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 224.506242][T11575] Bluetooth: MGMT ver 1.22 [ 224.712445][T11588] FAULT_INJECTION: forcing a failure. [ 224.712445][T11588] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 224.759811][T11588] CPU: 0 PID: 11588 Comm: syz.1.1892 Not tainted 6.10.0-rc7-syzkaller-00262-g70c676cb3dfc #0 [ 224.770023][T11588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 224.780102][T11588] Call Trace: [ 224.783404][T11588] [ 224.786352][T11588] dump_stack_lvl+0x241/0x360 [ 224.791064][T11588] ? __pfx_dump_stack_lvl+0x10/0x10 [ 224.796291][T11588] ? __pfx__printk+0x10/0x10 [ 224.800914][T11588] ? __pfx_lock_release+0x10/0x10 [ 224.805972][T11588] should_fail_ex+0x3b0/0x4e0 [ 224.810683][T11588] _copy_to_user+0x2f/0xb0 [ 224.815126][T11588] mptcp_put_subflow_data+0xbf/0x110 [ 224.820441][T11588] mptcp_getsockopt+0x1770/0x2f70 [ 224.825517][T11588] ? __pfx_mptcp_getsockopt+0x10/0x10 [ 224.830952][T11588] ? __pfx_lock_acquire+0x10/0x10 [ 224.836006][T11588] ? __pfx_validate_chain+0x10/0x10 [ 224.841241][T11588] ? mark_lock+0x9a/0x350 [ 224.845603][T11588] ? __lock_acquire+0x1346/0x1fd0 [ 224.850677][T11588] ? mark_lock+0x9a/0x350 [ 224.855029][T11588] ? __pfx_validate_chain+0x10/0x10 [ 224.860251][T11588] ? __lock_acquire+0x1346/0x1fd0 [ 224.865300][T11588] ? aa_label_sk_perm+0x4f0/0x6d0 [ 224.870359][T11588] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 224.875770][T11588] ? get_pid_task+0x23/0x1f0 [ 224.880386][T11588] ? __pfx___might_resched+0x10/0x10 [ 224.885696][T11588] ? __lock_acquire+0x1346/0x1fd0 [ 224.890752][T11588] ? aa_sk_perm+0x967/0xab0 [ 224.895288][T11588] ? __pfx_aa_sk_perm+0x10/0x10 [ 224.900159][T11588] ? __pfx_lock_acquire+0x10/0x10 [ 224.905195][T11588] ? aa_sock_opt_perm+0x79/0x120 [ 224.910169][T11588] ? sock_common_getsockopt+0x2e/0xb0 [ 224.915558][T11588] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 224.921478][T11588] do_sock_getsockopt+0x373/0x850 [ 224.926534][T11588] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 224.932105][T11588] ? __fget_files+0x3f6/0x470 [ 224.936819][T11588] __sys_getsockopt+0x271/0x330 [ 224.941700][T11588] ? __pfx___sys_getsockopt+0x10/0x10 [ 224.947102][T11588] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 224.953481][T11588] ? do_syscall_64+0x100/0x230 [ 224.958282][T11588] __x64_sys_getsockopt+0xb5/0xd0 [ 224.963330][T11588] do_syscall_64+0xf3/0x230 [ 224.967856][T11588] ? clear_bhb_loop+0x35/0x90 [ 224.972554][T11588] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 224.978479][T11588] RIP: 0033:0x7fee56975bd9 [ 224.982912][T11588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 225.002625][T11588] RSP: 002b:00007fee577f8048 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 225.011065][T11588] RAX: ffffffffffffffda RBX: 00007fee56b03f60 RCX: 00007fee56975bd9 [ 225.019061][T11588] RDX: 0000000000000003 RSI: 000000000000011c RDI: 0000000000000003 [ 225.027316][T11588] RBP: 00007fee577f80a0 R08: 0000000020000100 R09: 0000000000000000 [ 225.035311][T11588] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000001 [ 225.043277][T11588] R13: 000000000000000b R14: 00007fee56b03f60 R15: 00007ffdf6d23c38 [ 225.051269][T11588] [ 225.335363][T11603] netlink: 'syz.1.1894': attribute type 10 has an invalid length. [ 225.468795][ T61] hsr_slave_0: left promiscuous mode [ 225.497764][ T61] hsr_slave_1: left promiscuous mode [ 225.522720][ T61] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 225.552698][ T61] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 225.651469][ T61] veth1_macvtap: left promiscuous mode [ 225.657056][ T61] veth0_macvtap: left promiscuous mode [ 225.680038][ T61] veth1_vlan: left promiscuous mode [ 225.690170][ T61] veth0_vlan: left promiscuous mode [ 225.983506][ T61] pimreg (unregistering): left allmulticast mode [ 226.050655][ T5097] Bluetooth: hci2: command tx timeout [ 226.530470][ T5097] Bluetooth: hci0: command 0x0401 tx timeout [ 226.539511][ T53] Bluetooth: hci0: Opcode 0x0401 failed: -110 [ 226.674025][ T5097] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 226.688745][ T61] team0 (unregistering): Port device team_slave_1 removed [ 226.693283][ T5097] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 226.714106][ T5097] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 226.727226][ T5097] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 226.735224][ T5097] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 226.743720][ T5097] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 226.783962][ T61] team0 (unregistering): Port device team_slave_0 removed [ 227.184163][T11622] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1900'. [ 227.245056][T11632] netlink: 'syz.3.1902': attribute type 26 has an invalid length. [ 227.273115][T11623] team1: Mode changed to "loadbalance" [ 227.280348][T11628] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1901'. [ 227.289356][T11628] syz_tun: entered promiscuous mode [ 227.560170][T11643] team0: Device bridge0 is already an upper device of the team interface [ 227.886083][T11424] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 227.932856][T11424] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 227.971488][T11424] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 227.984720][T11424] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 228.005845][T11629] chnl_net:caif_netlink_parms(): no params data found [ 228.019635][T11658] Cannot find add_set index 1 as target [ 228.130797][ T53] Bluetooth: hci2: command tx timeout [ 228.148113][T11629] bridge0: port 1(bridge_slave_0) entered blocking state [ 228.165076][T11629] bridge0: port 1(bridge_slave_0) entered disabled state [ 228.181655][T11629] bridge_slave_0: entered allmulticast mode [ 228.192574][T11629] bridge_slave_0: entered promiscuous mode [ 228.206456][T11629] bridge0: port 2(bridge_slave_1) entered blocking state [ 228.219656][T11629] bridge0: port 2(bridge_slave_1) entered disabled state [ 228.227306][T11629] bridge_slave_1: entered allmulticast mode [ 228.237500][T11629] bridge_slave_1: entered promiscuous mode [ 228.296787][T11629] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 228.324232][T11629] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 228.423265][T11629] team0: Port device team_slave_0 added [ 228.474081][T11629] team0: Port device team_slave_1 added [ 228.502832][T11675] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 228.568088][T11678] netlink: 'syz.1.1912': attribute type 29 has an invalid length. [ 228.603608][T11629] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 228.631577][T11629] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 228.684664][T11629] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 228.715233][T11629] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 228.735812][T11629] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 228.762577][T11629] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 228.774122][T11678] netlink: 'syz.1.1912': attribute type 29 has an invalid length. [ 228.798216][T11675] netlink: 'syz.1.1912': attribute type 29 has an invalid length. [ 228.850085][ T53] Bluetooth: hci1: command tx timeout [ 228.887171][T11690] netlink: 188 bytes leftover after parsing attributes in process `syz.0.1916'. [ 228.899311][T11690] netlink: 'syz.0.1916': attribute type 1 has an invalid length. [ 228.911712][T11690] ieee802154 phy1 wpan1: encryption failed: -22 [ 228.984366][T11629] hsr_slave_0: entered promiscuous mode [ 229.012246][T11629] hsr_slave_1: entered promiscuous mode [ 229.030061][T11629] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 229.037659][T11629] Cannot create hsr debugfs directory [ 229.156925][T11704] netlink: 4260 bytes leftover after parsing attributes in process `syz.3.1919'. [ 229.324647][ T61] IPVS: stop unused estimator thread 0... [ 229.367626][T11424] 8021q: adding VLAN 0 to HW filter on device bond0 [ 229.512028][T11720] netlink: 165 bytes leftover after parsing attributes in process `syz.1.1925'. [ 229.538050][T11720] netlink: 277 bytes leftover after parsing attributes in process `syz.1.1925'. [ 229.542355][T11424] 8021q: adding VLAN 0 to HW filter on device team0 [ 229.702061][T11728] netlink: 'syz.1.1927': attribute type 29 has an invalid length. [ 229.947048][T11732] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1927'. [ 230.931822][ T53] Bluetooth: hci1: command tx timeout [ 231.133440][T11728] netlink: 'syz.1.1927': attribute type 29 has an invalid length. [ 231.236531][T11735] netlink: 'syz.0.1928': attribute type 4 has an invalid length. [ 231.242830][T11629] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 231.279269][ T5173] bridge0: port 1(bridge_slave_0) entered blocking state [ 231.286560][ T5173] bridge0: port 1(bridge_slave_0) entered forwarding state [ 231.333002][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 231.340193][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 231.434474][T11629] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 231.571405][T11629] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 231.697002][T11757] netlink: 165 bytes leftover after parsing attributes in process `syz.0.1935'. [ 231.708332][T11757] netlink: 277 bytes leftover after parsing attributes in process `syz.0.1935'. [ 231.732377][T11629] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 231.851927][T11765] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1940'. [ 231.920985][ T61] bridge_slave_1: left allmulticast mode [ 231.926677][ T61] bridge_slave_1: left promiscuous mode [ 231.959190][ T61] bridge0: port 2(bridge_slave_1) entered disabled state [ 231.991797][ T61] bridge_slave_0: left allmulticast mode [ 232.008252][ T61] bridge_slave_0: left promiscuous mode [ 232.014599][ T61] bridge0: port 1(bridge_slave_0) entered disabled state [ 232.447862][ T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 232.466945][ T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 232.479209][ T61] bond0 (unregistering): Released all slaves [ 232.661797][T11790] __nla_validate_parse: 5 callbacks suppressed [ 232.661819][T11790] netlink: 165 bytes leftover after parsing attributes in process `syz.1.1947'. [ 232.732440][T11790] netlink: 277 bytes leftover after parsing attributes in process `syz.1.1947'. [ 232.813802][T11629] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 232.934658][T11629] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 232.946501][T11807] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1952'. [ 232.984901][T11424] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 233.012483][ T53] Bluetooth: hci1: command tx timeout [ 233.021960][T11629] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 233.040661][T11629] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 233.143877][ T61] hsr_slave_0: left promiscuous mode [ 233.161063][ T61] hsr_slave_1: left promiscuous mode [ 233.173177][ T61] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 233.186651][ T61] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 233.203823][ T61] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 233.211923][ T61] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 233.241861][ T61] veth1_macvtap: left promiscuous mode [ 233.247528][ T61] veth0_macvtap: left promiscuous mode [ 233.253760][ T61] veth1_vlan: left promiscuous mode [ 233.259364][ T61] veth0_vlan: left promiscuous mode [ 233.747530][ T61] team0 (unregistering): Port device team_slave_1 removed [ 233.817817][ T61] team0 (unregistering): Port device team_slave_0 removed [ 234.244585][T11822] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition [ 234.260114][T11822] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0) [ 234.283286][T11824] netlink: 'syz.1.1957': attribute type 10 has an invalid length. [ 234.316230][T11824] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 234.333126][T11824] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 234.394953][T11831] netlink: 165 bytes leftover after parsing attributes in process `syz.3.1960'. [ 234.415520][T11831] netlink: 277 bytes leftover after parsing attributes in process `syz.3.1960'. [ 234.553251][T11424] veth0_vlan: entered promiscuous mode [ 234.607507][T11424] veth1_vlan: entered promiscuous mode [ 234.671158][T11629] 8021q: adding VLAN 0 to HW filter on device bond0 [ 234.744832][T11629] 8021q: adding VLAN 0 to HW filter on device team0 [ 234.773022][T11424] veth0_macvtap: entered promiscuous mode [ 234.813803][ T5145] bridge0: port 1(bridge_slave_0) entered blocking state [ 234.820990][ T5145] bridge0: port 1(bridge_slave_0) entered forwarding state [ 234.870212][ T5145] bridge0: port 2(bridge_slave_1) entered blocking state [ 234.877410][ T5145] bridge0: port 2(bridge_slave_1) entered forwarding state [ 234.904065][T11424] veth1_macvtap: entered promiscuous mode [ 235.001762][T11424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 235.031353][T11424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.054252][T11424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 235.066322][T11424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.076309][T11424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 235.087323][T11424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.097846][ T53] Bluetooth: hci1: command tx timeout [ 235.102088][T11424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 235.116563][T11424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.146537][T11424] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 235.194295][T11850] –eth0_vlan: renamed from bridge_slave_1 (while UP) [ 235.218499][T11424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 235.233366][T11424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.245227][T11424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 235.264984][T11424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.275196][T11424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 235.297956][T11424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.311695][T11864] netlink: 165 bytes leftover after parsing attributes in process `syz.0.1971'. [ 235.316092][T11424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 235.321846][T11864] netlink: 277 bytes leftover after parsing attributes in process `syz.0.1971'. [ 235.339923][T11424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.361184][T11424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 235.382530][T11424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.404079][T11424] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 235.441998][T11424] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.452931][T11424] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.463694][T11424] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.473210][T11424] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.557641][T11870] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1974'. [ 235.625651][T11629] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 235.741826][T11879] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1976'. [ 235.815202][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 235.830323][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 235.920684][ T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 235.928546][ T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 235.996883][T11896] netlink: 165 bytes leftover after parsing attributes in process `syz.0.1981'. [ 236.149155][T11629] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 236.783029][T11629] veth0_vlan: entered promiscuous mode [ 236.845308][T11629] veth1_vlan: entered promiscuous mode [ 236.964038][T11629] veth0_macvtap: entered promiscuous mode [ 237.010983][T11629] veth1_macvtap: entered promiscuous mode [ 237.141712][T11629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 237.180729][T11629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 237.204576][T11629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 237.225164][T11629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 237.244359][T11629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 237.265831][T11629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 237.276305][T11629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 237.288789][T11629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 237.300316][T11629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 237.314350][T11629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 237.326669][T11629] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 237.353534][T11629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 237.382692][T11629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 237.419117][T11629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 237.455767][T11629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 237.487572][T11629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 237.524150][T11629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 237.548347][T11629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 237.572287][T11629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 237.596988][T11629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 237.620768][T11629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 237.642286][T11629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 237.666839][T11629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 237.691621][T11629] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 237.765069][T11629] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 237.776063][T11629] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 237.785355][T11629] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 237.795604][T11629] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 237.918975][T11971] __nla_validate_parse: 10 callbacks suppressed [ 237.918995][T11971] netlink: 165 bytes leftover after parsing attributes in process `syz.1.2005'. [ 237.935516][T11970] sctp: [Deprecated]: syz.3.2004 (pid 11970) Use of struct sctp_assoc_value in delayed_ack socket option. [ 237.935516][T11970] Use struct sctp_sack_info instead [ 237.980782][T11971] netlink: 277 bytes leftover after parsing attributes in process `syz.1.2005'. [ 238.041132][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 238.067197][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 238.132435][ T8815] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 238.168568][ T8815] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 238.290714][T11978] sctp: [Deprecated]: syz.1.2008 (pid 11978) Use of struct sctp_assoc_value in delayed_ack socket option. [ 238.290714][T11978] Use struct sctp_sack_info instead [ 238.520597][T12002] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2017'. [ 238.580337][T12004] netlink: 165 bytes leftover after parsing attributes in process `syz.3.2018'. [ 238.602057][T12004] netlink: 277 bytes leftover after parsing attributes in process `syz.3.2018'. [ 238.672949][T12008] tun0: tun_chr_ioctl cmd 1074025692 [ 238.751317][T12019] batadv_slave_1: entered promiscuous mode [ 238.767953][T12018] batadv_slave_1: left promiscuous mode [ 238.908997][T12027] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2026'. [ 239.010962][ T5097] Bluetooth: hci1: command 0x0405 tx timeout [ 239.417225][T12045] netlink: 165 bytes leftover after parsing attributes in process `syz.1.2032'. [ 239.437123][T12045] netlink: 277 bytes leftover after parsing attributes in process `syz.1.2032'. [ 239.685289][T12055] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2036'. [ 239.919581][ T51] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 240.261531][ T51] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 240.362641][ T51] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 240.417513][ T51] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 240.541551][ T51] bridge_slave_1: left allmulticast mode [ 240.547251][ T51] bridge_slave_1: left promiscuous mode [ 240.553417][ T51] bridge0: port 2(bridge_slave_1) entered disabled state [ 240.563452][ T51] bridge_slave_0: left allmulticast mode [ 240.570479][ T51] bridge_slave_0: left promiscuous mode [ 240.576339][ T51] bridge0: port 1(bridge_slave_0) entered disabled state [ 241.125458][ T5097] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 241.153313][ T5097] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 241.162695][ T5097] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 241.164056][ T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 241.188366][ T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 241.196306][ T5097] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 241.206233][ T5097] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 241.213920][ T5097] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 241.222191][ T51] bond0 (unregistering): Released all slaves [ 241.264796][T12076] openvswitch: : Dropping previously announced user features [ 241.533079][T12094] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2050'. [ 241.969403][T12133] netlink: 'syz.0.2058': attribute type 3 has an invalid length. [ 242.069120][T12139] FAULT_INJECTION: forcing a failure. [ 242.069120][T12139] name failslab, interval 1, probability 0, space 0, times 0 [ 242.082235][T12139] CPU: 0 PID: 12139 Comm: syz.3.2060 Not tainted 6.10.0-rc7-syzkaller-00262-g70c676cb3dfc #0 [ 242.092408][T12139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 242.102492][T12139] Call Trace: [ 242.105794][T12139] [ 242.108736][T12139] dump_stack_lvl+0x241/0x360 [ 242.113437][T12139] ? __pfx_dump_stack_lvl+0x10/0x10 [ 242.118660][T12139] ? __pfx__printk+0x10/0x10 [ 242.123352][T12139] should_fail_ex+0x3b0/0x4e0 [ 242.128054][T12139] ? skb_clone+0x20c/0x390 [ 242.132469][T12139] should_failslab+0x9/0x20 [ 242.137091][T12139] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 242.142524][T12139] skb_clone+0x20c/0x390 [ 242.146810][T12139] ? dev_queue_xmit_nit+0x220/0xc10 [ 242.152296][T12139] dev_queue_xmit_nit+0x419/0xc10 [ 242.157335][T12139] ? dev_queue_xmit_nit+0x2b/0xc10 [ 242.162466][T12139] ? validate_xmit_skb+0xa04/0x1120 [ 242.167682][T12139] dev_hard_start_xmit+0x15f/0x7e0 [ 242.172822][T12139] ? __pfx_validate_xmit_skb+0x10/0x10 [ 242.178320][T12139] __dev_queue_xmit+0x1b0e/0x3d30 [ 242.183374][T12139] ? do_sendfile+0x56d/0xe20 [ 242.187974][T12139] ? __se_sys_sendfile64+0x17c/0x1e0 [ 242.193354][T12139] ? do_syscall_64+0xf3/0x230 [ 242.198052][T12139] ? __dev_queue_xmit+0x2d2/0x3d30 [ 242.203172][T12139] ? __pfx___dev_queue_xmit+0x10/0x10 [ 242.208540][T12139] ? __copy_skb_header+0x437/0x5b0 [ 242.213662][T12139] ? __asan_memcpy+0x40/0x70 [ 242.218269][T12139] ? __copy_skb_header+0x437/0x5b0 [ 242.223384][T12139] ? __skb_clone+0x454/0x6c0 [ 242.227989][T12139] ? skb_clone+0x240/0x390 [ 242.232410][T12139] __netlink_deliver_tap+0x54d/0x7c0 [ 242.237710][T12139] ? netlink_deliver_tap+0x2e/0x1b0 [ 242.242929][T12139] netlink_deliver_tap+0x19d/0x1b0 [ 242.248044][T12139] netlink_unicast+0x7b8/0x980 [ 242.252987][T12139] ? __pfx_netlink_unicast+0x10/0x10 [ 242.258266][T12139] ? __virt_addr_valid+0x183/0x530 [ 242.263379][T12139] ? __check_object_size+0x49c/0x900 [ 242.268659][T12139] ? bpf_lsm_netlink_send+0x9/0x10 [ 242.273773][T12139] netlink_sendmsg+0x8db/0xcb0 [ 242.278544][T12139] ? __pfx_netlink_sendmsg+0x10/0x10 [ 242.283822][T12139] ? arch_stack_walk+0x16d/0x1b0 [ 242.288756][T12139] ? aa_sock_msg_perm+0x91/0x160 [ 242.293694][T12139] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 242.298990][T12139] ? security_socket_sendmsg+0x87/0xb0 [ 242.304476][T12139] ? __pfx_netlink_sendmsg+0x10/0x10 [ 242.309784][T12139] __sock_sendmsg+0x221/0x270 [ 242.314480][T12139] sock_sendmsg+0x134/0x200 [ 242.319166][T12139] ? __pfx_sock_sendmsg+0x10/0x10 [ 242.324215][T12139] ? splice_direct_to_actor+0x502/0xc90 [ 242.329769][T12139] ? do_splice_direct+0x28c/0x3e0 [ 242.334807][T12139] ? do_sendfile+0x56d/0xe20 [ 242.339408][T12139] ? __se_sys_sendfile64+0x17c/0x1e0 [ 242.344719][T12139] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 242.350817][T12139] ? iov_iter_bvec+0x4e/0x180 [ 242.355509][T12139] splice_to_socket+0xa13/0x10b0 [ 242.360557][T12139] ? __pfx_splice_to_socket+0x10/0x10 [ 242.366006][T12139] ? __pfx_splice_to_socket+0x10/0x10 [ 242.371380][T12139] direct_splice_actor+0x11e/0x220 [ 242.376498][T12139] splice_direct_to_actor+0x58e/0xc90 [ 242.381884][T12139] ? __pfx_direct_splice_actor+0x10/0x10 [ 242.387513][T12139] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 242.393417][T12139] ? __fget_files+0x29/0x470 [ 242.398010][T12139] ? __pfx_lock_release+0x10/0x10 [ 242.403040][T12139] do_splice_direct+0x28c/0x3e0 [ 242.407895][T12139] ? __pfx_do_splice_direct+0x10/0x10 [ 242.413276][T12139] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 242.419174][T12139] ? security_file_permission+0x7f/0xa0 [ 242.424722][T12139] ? rw_verify_area+0x1d2/0x6b0 [ 242.429573][T12139] do_sendfile+0x56d/0xe20 [ 242.434002][T12139] ? __pfx_do_sendfile+0x10/0x10 [ 242.438949][T12139] __se_sys_sendfile64+0x17c/0x1e0 [ 242.444077][T12139] ? __pfx___se_sys_sendfile64+0x10/0x10 [ 242.449709][T12139] ? do_syscall_64+0x100/0x230 [ 242.454475][T12139] ? do_syscall_64+0xb6/0x230 [ 242.459154][T12139] do_syscall_64+0xf3/0x230 [ 242.463657][T12139] ? clear_bhb_loop+0x35/0x90 [ 242.468340][T12139] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 242.474248][T12139] RIP: 0033:0x7f6022d75bd9 [ 242.478659][T12139] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 242.498285][T12139] RSP: 002b:00007f60227ff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 242.506802][T12139] RAX: ffffffffffffffda RBX: 00007f6022f03f60 RCX: 00007f6022d75bd9 [ 242.514790][T12139] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000009 [ 242.522779][T12139] RBP: 00007f60227ff0a0 R08: 0000000000000000 R09: 0000000000000000 [ 242.530750][T12139] R10: 0000000100000002 R11: 0000000000000246 R12: 0000000000000002 [ 242.538736][T12139] R13: 000000000000000b R14: 00007f6022f03f60 R15: 00007ffd42cf3338 [ 242.546807][T12139] [ 242.597259][T12137] netlink: 'syz.1.2059': attribute type 10 has an invalid length. [ 243.162673][ T51] hsr_slave_0: left promiscuous mode [ 243.182968][ T51] hsr_slave_1: left promiscuous mode [ 243.203251][ T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 243.218341][ T51] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 243.235597][ T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 243.252722][ T51] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 243.270189][ T5097] Bluetooth: hci1: command tx timeout [ 243.299218][ T51] veth1_macvtap: left promiscuous mode [ 243.310403][ T51] veth0_macvtap: left promiscuous mode [ 243.316066][ T51] veth1_vlan: left promiscuous mode [ 243.349065][ T51] veth0_vlan: left promiscuous mode [ 243.349446][T12177] __nla_validate_parse: 2 callbacks suppressed [ 243.349461][T12177] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2068'. [ 243.981303][ T51] team0 (unregistering): Port device team_slave_1 removed [ 244.028466][ T51] team0 (unregistering): Port device team_slave_0 removed [ 244.836940][T12202] netlink: 'syz.3.2078': attribute type 10 has an invalid length. [ 245.026479][T12225] netlink: 104 bytes leftover after parsing attributes in process `syz.0.2083'. [ 245.330580][ T5097] Bluetooth: hci1: command tx timeout [ 245.523658][T12245] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2086'. [ 245.597402][T12083] chnl_net:caif_netlink_parms(): no params data found [ 246.098551][T12083] bridge0: port 1(bridge_slave_0) entered blocking state [ 246.121253][T12083] bridge0: port 1(bridge_slave_0) entered disabled state [ 246.128994][T12083] bridge_slave_0: entered allmulticast mode [ 246.156881][T12083] bridge_slave_0: entered promiscuous mode [ 246.192067][T12283] netlink: 'syz.1.2096': attribute type 10 has an invalid length. [ 246.211599][T12083] bridge0: port 2(bridge_slave_1) entered blocking state [ 246.219170][T12083] bridge0: port 2(bridge_slave_1) entered disabled state [ 246.248454][T12083] bridge_slave_1: entered allmulticast mode [ 246.261541][T12083] bridge_slave_1: entered promiscuous mode [ 246.310246][T12290] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2098'. [ 246.422546][T12083] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 246.448215][T12083] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 246.485751][T12298] netdevsim netdevsim1 netdevsim0: entered promiscuous mode [ 246.506014][T12298] ipvlan0: entered promiscuous mode [ 246.525367][T12298] ipvlan0: left promiscuous mode [ 246.580334][T12298] netdevsim netdevsim1 netdevsim0: left promiscuous mode [ 246.824370][T12083] team0: Port device team_slave_0 added [ 246.854560][T12083] team0: Port device team_slave_1 added [ 247.025283][T12083] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 247.051109][T12083] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 247.111026][T12083] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 247.146846][T12083] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 247.166043][T12083] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 247.218790][T12083] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 247.234855][T12327] netlink: 'syz.0.2110': attribute type 10 has an invalid length. [ 247.413180][ T5097] Bluetooth: hci1: command tx timeout [ 247.664869][T12352] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2116'. [ 247.721798][T12083] hsr_slave_0: entered promiscuous mode [ 247.754843][T12083] hsr_slave_1: entered promiscuous mode [ 247.774067][T12083] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 247.783820][T12083] Cannot create hsr debugfs directory [ 247.853086][T12360] team0: Port device vlan2 added [ 248.066703][T12366] smc: net device ip6_vti0 applied user defined pnetid SYZ0 [ 248.206352][T12373] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2121'. [ 248.256253][T12376] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2124'. [ 248.287210][T12377] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2122'. [ 248.322974][T12377] netlink: 'syz.0.2122': attribute type 8 has an invalid length. [ 248.340184][T12377] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2122'. [ 248.570334][T12400] FAULT_INJECTION: forcing a failure. [ 248.570334][T12400] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 248.611336][T12400] CPU: 1 PID: 12400 Comm: syz.0.2129 Not tainted 6.10.0-rc7-syzkaller-00262-g70c676cb3dfc #0 [ 248.621555][T12400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 248.631632][T12400] Call Trace: [ 248.634932][T12400] [ 248.637880][T12400] dump_stack_lvl+0x241/0x360 [ 248.642595][T12400] ? __pfx_dump_stack_lvl+0x10/0x10 [ 248.647833][T12400] ? __pfx__printk+0x10/0x10 [ 248.652489][T12400] ? __pfx_lock_release+0x10/0x10 [ 248.657553][T12400] should_fail_ex+0x3b0/0x4e0 [ 248.662266][T12400] _copy_from_iter+0x1f6/0x1960 [ 248.667149][T12400] ? __virt_addr_valid+0x183/0x530 [ 248.672282][T12400] ? skb_set_owner_w+0x238/0x3e0 [ 248.677250][T12400] ? __pfx__copy_from_iter+0x10/0x10 [ 248.682547][T12400] ? __pfx__copy_from_iter+0x10/0x10 [ 248.687856][T12400] ? page_copy_sane+0x154/0x260 [ 248.692739][T12400] copy_page_from_iter+0x7a/0x100 [ 248.697810][T12400] skb_copy_datagram_from_iter+0x2d8/0x6c0 [ 248.703656][T12400] unix_stream_sendmsg+0x62a/0xf80 [ 248.708812][T12400] ? __pfx_unix_stream_sendmsg+0x10/0x10 [ 248.714559][T12400] ? __pfx_lock_release+0x10/0x10 [ 248.719608][T12400] ? __import_iovec+0x536/0x820 [ 248.724477][T12400] ? aa_sock_msg_perm+0x91/0x160 [ 248.729456][T12400] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 248.734769][T12400] ? security_socket_sendmsg+0x87/0xb0 [ 248.740264][T12400] ? __pfx_unix_stream_sendmsg+0x10/0x10 [ 248.745921][T12400] __sock_sendmsg+0x221/0x270 [ 248.750631][T12400] ____sys_sendmsg+0x525/0x7d0 [ 248.755436][T12400] ? __pfx_____sys_sendmsg+0x10/0x10 [ 248.760784][T12400] __sys_sendmsg+0x2b0/0x3a0 [ 248.765414][T12400] ? __pfx___sys_sendmsg+0x10/0x10 [ 248.770644][T12400] ? vfs_write+0x7c4/0xc90 [ 248.775127][T12400] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 248.781490][T12400] ? do_syscall_64+0x100/0x230 [ 248.786292][T12400] ? do_syscall_64+0xb6/0x230 [ 248.791018][T12400] do_syscall_64+0xf3/0x230 [ 248.795557][T12400] ? clear_bhb_loop+0x35/0x90 [ 248.800363][T12400] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 248.806291][T12400] RIP: 0033:0x7f235f175bd9 [ 248.810761][T12400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 248.830462][T12400] RSP: 002b:00007f235fecb048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 248.838916][T12400] RAX: ffffffffffffffda RBX: 00007f235f303f60 RCX: 00007f235f175bd9 [ 248.846947][T12400] RDX: 0000000000000000 RSI: 0000000020000500 RDI: 0000000000000004 [ 248.854943][T12400] RBP: 00007f235fecb0a0 R08: 0000000000000000 R09: 0000000000000000 [ 248.862946][T12400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 248.870963][T12400] R13: 000000000000000b R14: 00007f235f303f60 R15: 00007ffebbba32c8 [ 248.878973][T12400] [ 249.507632][ T5097] Bluetooth: hci1: command tx timeout [ 249.562593][T12442] bridge0: port 1(bridge_slave_0) entered blocking state [ 249.569817][T12442] bridge0: port 1(bridge_slave_0) entered forwarding state [ 249.655670][T12454] xt_addrtype: ipv6 does not support BROADCAST matching [ 249.941816][T12461] netlink: 'syz.1.2143': attribute type 11 has an invalid length. [ 250.236242][T12486] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2148'. [ 250.360995][T12496] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2150'. [ 250.392476][T12083] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 250.471443][T12083] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 250.506307][T12083] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 250.530694][T12083] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 250.567681][T12507] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2153'. [ 250.904766][T12083] 8021q: adding VLAN 0 to HW filter on device bond0 [ 250.988296][T12083] 8021q: adding VLAN 0 to HW filter on device team0 [ 251.083535][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 251.090774][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 251.113606][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 251.120797][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 251.258163][T12540] syzkaller0: entered promiscuous mode [ 251.279582][T12540] syzkaller0: entered allmulticast mode [ 251.301855][T12539] ieee802154 phy1 wpan1: encryption failed: -90 [ 251.406556][T12083] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 251.428107][T12083] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 251.443844][T12553] netlink: 165 bytes leftover after parsing attributes in process `syz.3.2166'. [ 251.451592][T12555] syz.2.2165[12555] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 251.453031][T12555] syz.2.2165[12555] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 251.475558][T12553] netlink: 277 bytes leftover after parsing attributes in process `syz.3.2166'. [ 251.592466][T12550] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 251.826697][T12574] FAULT_INJECTION: forcing a failure. [ 251.826697][T12574] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 251.867924][T12574] CPU: 1 PID: 12574 Comm: syz.2.2169 Not tainted 6.10.0-rc7-syzkaller-00262-g70c676cb3dfc #0 [ 251.878139][T12574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 251.888218][T12574] Call Trace: [ 251.891530][T12574] [ 251.894488][T12574] dump_stack_lvl+0x241/0x360 [ 251.899289][T12574] ? __pfx_dump_stack_lvl+0x10/0x10 [ 251.904536][T12574] ? __pfx__printk+0x10/0x10 [ 251.909191][T12574] ? __pfx_lock_release+0x10/0x10 [ 251.914336][T12574] should_fail_ex+0x3b0/0x4e0 [ 251.919038][T12574] _copy_from_user+0x2f/0xe0 [ 251.923652][T12574] copy_msghdr_from_user+0xae/0x680 [ 251.928898][T12574] ? __pfx___might_resched+0x10/0x10 [ 251.934227][T12574] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 251.940071][T12574] ? __might_fault+0xaa/0x120 [ 251.944782][T12574] do_recvmmsg+0x40f/0xae0 [ 251.949266][T12574] ? __pfx_lock_release+0x10/0x10 [ 251.954318][T12574] ? __pfx_do_recvmmsg+0x10/0x10 [ 251.959304][T12574] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 251.965230][T12574] ? ksys_write+0x23e/0x2c0 [ 251.969757][T12574] ? __pfx_lock_release+0x10/0x10 [ 251.974807][T12574] ? vfs_write+0x7c4/0xc90 [ 251.975587][T12083] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 251.979249][T12574] ? __mutex_unlock_slowpath+0x21d/0x750 [ 251.991640][T12574] ? __fget_files+0x3f6/0x470 [ 251.996332][T12574] __x64_sys_recvmmsg+0x199/0x250 [ 252.001358][T12574] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 252.006900][T12574] ? do_syscall_64+0x100/0x230 [ 252.011664][T12574] ? do_syscall_64+0xb6/0x230 [ 252.016344][T12574] do_syscall_64+0xf3/0x230 [ 252.020870][T12574] ? clear_bhb_loop+0x35/0x90 [ 252.025551][T12574] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 252.031447][T12574] RIP: 0033:0x7f8743375bd9 [ 252.035856][T12574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 252.055470][T12574] RSP: 002b:00007f8744078048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 252.063969][T12574] RAX: ffffffffffffffda RBX: 00007f8743503f60 RCX: 00007f8743375bd9 [ 252.071936][T12574] RDX: 0000000000000700 RSI: 0000000020001440 RDI: 0000000000000006 [ 252.079990][T12574] RBP: 00007f87440780a0 R08: 0000000000000000 R09: 0000000000000000 [ 252.087953][T12574] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 252.095928][T12574] R13: 000000000000000b R14: 00007f8743503f60 R15: 00007ffdc545a748 [ 252.103908][T12574] [ 252.161253][T12587] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2173'. [ 252.182346][T12585] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2170'. [ 252.192438][T12587] syz.3.2173[12587] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 252.192590][T12587] syz.3.2173[12587] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 252.224244][T12585] netlink: 43 bytes leftover after parsing attributes in process `syz.1.2170'. [ 252.282811][T12585] netlink: 'syz.1.2170': attribute type 6 has an invalid length. [ 252.320092][T12585] netlink: 'syz.1.2170': attribute type 5 has an invalid length. [ 252.327873][T12585] netlink: 43 bytes leftover after parsing attributes in process `syz.1.2170'. [ 252.641219][T12610] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2177'. [ 252.939044][T12083] veth0_vlan: entered promiscuous mode [ 252.986943][T12083] veth1_vlan: entered promiscuous mode [ 253.138174][T12083] veth0_macvtap: entered promiscuous mode [ 253.176583][T12083] veth1_macvtap: entered promiscuous mode [ 253.266392][T12083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 253.304958][T12083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 253.343428][T12083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 253.378533][T12083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 253.408387][T12083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 253.458162][T12083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 253.517278][T12083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 253.561713][T12083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 253.603678][T12083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 253.627873][T12083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 253.647809][T12083] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 253.795128][T12083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 253.838964][T12083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 253.872491][T12083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 253.906420][T12083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 253.939040][T12083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 253.957079][T12083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 253.976049][T12083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 254.008703][T12083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 254.036981][T12083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 254.058254][T12083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 254.068794][T12083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 254.081814][T12083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 254.094831][T12083] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 254.115016][T12667] netlink: 'syz.0.2189': attribute type 2 has an invalid length. [ 254.162591][T12667] netlink: 'syz.0.2189': attribute type 1 has an invalid length. [ 254.164235][T12083] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 254.201221][T12083] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 254.211872][T12667] netlink: 'syz.0.2189': attribute type 3 has an invalid length. [ 254.226610][T12083] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 254.250064][T12083] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 254.674478][ T8808] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 254.706228][ T8808] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 254.757283][T12692] netlink: 'syz.2.2196': attribute type 14 has an invalid length. [ 254.836506][ T8813] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 254.858950][ T8813] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 255.257075][T12724] netlink: 'syz.1.2205': attribute type 14 has an invalid length. [ 255.455544][T12735] __nla_validate_parse: 11 callbacks suppressed [ 255.455564][T12735] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2207'. [ 255.500844][T12735] syz.2.2207[12735] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 255.502200][T12735] syz.2.2207[12735] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 255.591925][T12743] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2210'. [ 256.054473][ T1247] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.104496][ T61] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 256.413469][T12743] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 256.464400][ T61] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 256.672956][ T61] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 256.811490][ T61] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 257.078973][ T61] bridge_slave_1: left allmulticast mode [ 257.094194][ T61] bridge_slave_1: left promiscuous mode [ 257.116398][T12796] netlink: 165 bytes leftover after parsing attributes in process `syz.2.2216'. [ 257.130564][ T61] bridge0: port 2(bridge_slave_1) entered disabled state [ 257.149209][T12796] netlink: 277 bytes leftover after parsing attributes in process `syz.2.2216'. [ 257.164306][ T61] bridge_slave_0: left allmulticast mode [ 257.181816][ T61] bridge_slave_0: left promiscuous mode [ 257.195714][ T61] bridge0: port 1(bridge_slave_0) entered disabled state [ 257.627381][ T53] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 257.642189][ T53] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 257.652707][ T53] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 257.662121][ T53] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 257.677553][ T53] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 257.685736][ T53] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 258.049568][ T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 258.063328][ T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 258.076536][ T61] bond0 (unregistering): Released all slaves [ 258.205057][T12832] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2222'. [ 258.269627][T12835] pim6reg: entered allmulticast mode [ 258.320418][T12839] vxcan1: entered allmulticast mode [ 258.432538][T12835] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2223'. [ 258.717954][T12861] netlink: 165 bytes leftover after parsing attributes in process `syz.3.2229'. [ 258.728669][T12861] netlink: 277 bytes leftover after parsing attributes in process `syz.3.2229'. [ 258.980742][T12858] x_tables: duplicate underflow at hook 1 [ 259.074626][ T61] hsr_slave_0: left promiscuous mode [ 259.150270][ T61] hsr_slave_1: left promiscuous mode [ 259.193385][ T61] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 259.208192][ T61] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 259.248034][ T61] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 259.257440][ T61] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 259.318287][ T61] veth1_macvtap: left promiscuous mode [ 259.327349][ T61] veth0_macvtap: left promiscuous mode [ 259.334329][ T61] veth1_vlan: left promiscuous mode [ 259.339667][ T61] veth0_vlan: left promiscuous mode [ 259.733335][ T5097] Bluetooth: hci1: command tx timeout [ 259.872354][ T61] team0 (unregistering): Port device team_slave_1 removed [ 259.925679][ T61] team0 (unregistering): Port device team_slave_0 removed [ 260.366615][T12895] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2239'. [ 260.479528][T12903] netlink: 165 bytes leftover after parsing attributes in process `syz.3.2242'. [ 260.537873][T12903] netlink: 277 bytes leftover after parsing attributes in process `syz.3.2242'. [ 260.574415][T12904] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 260.664742][T12904] FAULT_INJECTION: forcing a failure. [ 260.664742][T12904] name failslab, interval 1, probability 0, space 0, times 0 [ 260.733278][T12904] CPU: 1 PID: 12904 Comm: syz.1.2241 Not tainted 6.10.0-rc7-syzkaller-00262-g70c676cb3dfc #0 [ 260.743489][T12904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 260.753572][T12904] Call Trace: [ 260.756880][T12904] [ 260.760182][T12904] dump_stack_lvl+0x241/0x360 [ 260.764903][T12904] ? __pfx_dump_stack_lvl+0x10/0x10 [ 260.770146][T12904] ? __pfx__printk+0x10/0x10 [ 260.774791][T12904] should_fail_ex+0x3b0/0x4e0 [ 260.779506][T12904] ? sctp_add_bind_addr+0x89/0x3a0 [ 260.784842][T12904] should_failslab+0x9/0x20 [ 260.789383][T12904] kmalloc_trace_noprof+0x6c/0x2c0 [ 260.794570][T12904] sctp_add_bind_addr+0x89/0x3a0 [ 260.799559][T12904] sctp_copy_local_addr_list+0x311/0x500 [ 260.805229][T12904] ? sctp_copy_local_addr_list+0xab/0x500 [ 260.810972][T12904] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 260.817141][T12904] ? sctp_v6_is_any+0x60/0x70 [ 260.821830][T12904] sctp_bind_addr_copy+0xad/0x3b0 [ 260.826921][T12904] ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190 [ 260.833278][T12904] sctp_connect_new_asoc+0x2f3/0x6c0 [ 260.838594][T12904] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 260.844409][T12904] ? sctp_sendmsg+0xbb9/0x3520 [ 260.849180][T12904] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 260.854735][T12904] ? security_sctp_bind_connect+0x90/0xb0 [ 260.860480][T12904] sctp_sendmsg+0x219a/0x3520 [ 260.865177][T12904] ? __pfx_sctp_sendmsg+0x10/0x10 [ 260.870294][T12904] ? __pfx_aa_sk_perm+0x10/0x10 [ 260.875156][T12904] ? inet_sendmsg+0x330/0x390 [ 260.879834][T12904] __sock_sendmsg+0x1a6/0x270 [ 260.884546][T12904] __sys_sendto+0x3a4/0x4f0 [ 260.889060][T12904] ? __pfx___sys_sendto+0x10/0x10 [ 260.894104][T12904] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 260.900083][T12904] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 260.906414][T12904] __x64_sys_sendto+0xde/0x100 [ 260.911174][T12904] do_syscall_64+0xf3/0x230 [ 260.915772][T12904] ? clear_bhb_loop+0x35/0x90 [ 260.920464][T12904] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 260.926357][T12904] RIP: 0033:0x7fee56975bd9 [ 260.930943][T12904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 260.950564][T12904] RSP: 002b:00007fee577f8048 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 260.959000][T12904] RAX: ffffffffffffffda RBX: 00007fee56b03f60 RCX: 00007fee56975bd9 [ 260.967075][T12904] RDX: 0000000000000001 RSI: 0000000020847fff RDI: 0000000000000003 [ 260.975051][T12904] RBP: 00007fee577f80a0 R08: 000000002005ffe4 R09: 000000000000001c [ 260.983033][T12904] R10: 0000000004008040 R11: 0000000000000246 R12: 0000000000000002 [ 260.991011][T12904] R13: 000000000000000b R14: 00007fee56b03f60 R15: 00007ffdf6d23c38 [ 260.999001][T12904] [ 261.036201][T12816] chnl_net:caif_netlink_parms(): no params data found [ 261.530392][T12816] bridge0: port 1(bridge_slave_0) entered blocking state [ 261.540391][T12816] bridge0: port 1(bridge_slave_0) entered disabled state [ 261.560274][T12816] bridge_slave_0: entered allmulticast mode [ 261.572760][T12816] bridge_slave_0: entered promiscuous mode [ 261.720102][T12816] bridge0: port 2(bridge_slave_1) entered blocking state [ 261.727270][T12816] bridge0: port 2(bridge_slave_1) entered disabled state [ 261.783745][T12816] bridge_slave_1: entered allmulticast mode [ 261.792999][T12953] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 261.816345][ T53] Bluetooth: hci1: command tx timeout [ 261.824039][T12816] bridge_slave_1: entered promiscuous mode [ 261.910361][T12957] batadv_slave_1: default FDB implementation only supports local addresses [ 261.952123][T12962] netlink: 165 bytes leftover after parsing attributes in process `syz.1.2255'. [ 261.988103][T12962] netlink: 277 bytes leftover after parsing attributes in process `syz.1.2255'. [ 262.004770][T12816] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 262.056002][T12816] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 262.337643][T12816] team0: Port device team_slave_0 added [ 262.420249][T12816] team0: Port device team_slave_1 added [ 262.514943][T12816] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 262.541202][T12816] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 262.600340][T12816] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 262.646742][T12816] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 262.661407][T12816] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 262.708879][T12816] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 262.879827][T12816] hsr_slave_0: entered promiscuous mode [ 262.899086][T12816] hsr_slave_1: entered promiscuous mode [ 262.923309][T12816] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 262.937134][T12816] Cannot create hsr debugfs directory [ 263.235557][T13015] netlink: 165 bytes leftover after parsing attributes in process `syz.2.2269'. [ 263.250358][ T53] Bluetooth: hci4: command 0x0406 tx timeout [ 263.286364][T13015] netlink: 277 bytes leftover after parsing attributes in process `syz.2.2269'. [ 263.395361][T13019] netlink: 'syz.3.2271': attribute type 1 has an invalid length. [ 263.424117][T13019] netlink: 112860 bytes leftover after parsing attributes in process `syz.3.2271'. [ 263.454566][T13019] netlink: 'syz.3.2271': attribute type 1 has an invalid length. [ 263.683306][T13033] FAULT_INJECTION: forcing a failure. [ 263.683306][T13033] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 263.722330][T13033] CPU: 0 PID: 13033 Comm: syz.1.2274 Not tainted 6.10.0-rc7-syzkaller-00262-g70c676cb3dfc #0 [ 263.732530][T13033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 263.742694][T13033] Call Trace: [ 263.745995][T13033] [ 263.748940][T13033] dump_stack_lvl+0x241/0x360 [ 263.753654][T13033] ? __pfx_dump_stack_lvl+0x10/0x10 [ 263.758887][T13033] ? __pfx__printk+0x10/0x10 [ 263.763520][T13033] ? snprintf+0xda/0x120 [ 263.767793][T13033] should_fail_ex+0x3b0/0x4e0 [ 263.772509][T13033] _copy_to_user+0x2f/0xb0 [ 263.776950][T13033] simple_read_from_buffer+0xca/0x150 [ 263.782356][T13033] proc_fail_nth_read+0x1e9/0x250 [ 263.787410][T13033] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 263.792990][T13033] ? rw_verify_area+0x520/0x6b0 [ 263.797864][T13033] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 263.803441][T13033] vfs_read+0x204/0xbc0 [ 263.807644][T13033] ? __pfx_lock_release+0x10/0x10 [ 263.812712][T13033] ? do_sock_setsockopt+0x3e2/0x720 [ 263.817940][T13033] ? __pfx_vfs_read+0x10/0x10 [ 263.822652][T13033] ? __fget_files+0x29/0x470 [ 263.827271][T13033] ? __fget_files+0x3f6/0x470 [ 263.831983][T13033] ksys_read+0x1a0/0x2c0 [ 263.836256][T13033] ? __pfx_ksys_read+0x10/0x10 [ 263.841044][T13033] ? do_syscall_64+0x100/0x230 [ 263.845832][T13033] ? do_syscall_64+0xb6/0x230 [ 263.850539][T13033] do_syscall_64+0xf3/0x230 [ 263.855070][T13033] ? clear_bhb_loop+0x35/0x90 [ 263.859761][T13033] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 263.865676][T13033] RIP: 0033:0x7fee569746bc [ 263.870104][T13033] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48 [ 263.889725][T13033] RSP: 002b:00007fee577f8040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 263.898164][T13033] RAX: ffffffffffffffda RBX: 00007fee56b03f60 RCX: 00007fee569746bc [ 263.906154][T13033] RDX: 000000000000000f RSI: 00007fee577f80b0 RDI: 0000000000000004 [ 263.914147][T13033] RBP: 00007fee577f80a0 R08: 0000000000000000 R09: 0000000000000000 [ 263.922132][T13033] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000001 [ 263.930120][T13033] R13: 000000000000000b R14: 00007fee56b03f60 R15: 00007ffdf6d23c38 [ 263.938214][T13033] [ 263.944431][ T5097] Bluetooth: hci1: command tx timeout [ 264.177772][T13046] FAULT_INJECTION: forcing a failure. [ 264.177772][T13046] name failslab, interval 1, probability 0, space 0, times 0 [ 264.228955][T13046] CPU: 1 PID: 13046 Comm: syz.1.2278 Not tainted 6.10.0-rc7-syzkaller-00262-g70c676cb3dfc #0 [ 264.239166][T13046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 264.249336][T13046] Call Trace: [ 264.252618][T13046] [ 264.255544][T13046] dump_stack_lvl+0x241/0x360 [ 264.260226][T13046] ? __pfx_dump_stack_lvl+0x10/0x10 [ 264.265423][T13046] ? __pfx__printk+0x10/0x10 [ 264.270022][T13046] should_fail_ex+0x3b0/0x4e0 [ 264.274699][T13046] ? sctp_add_bind_addr+0x89/0x3a0 [ 264.279834][T13046] should_failslab+0x9/0x20 [ 264.284339][T13046] kmalloc_trace_noprof+0x6c/0x2c0 [ 264.289454][T13046] sctp_add_bind_addr+0x89/0x3a0 [ 264.294413][T13046] sctp_copy_local_addr_list+0x311/0x500 [ 264.300070][T13046] ? sctp_copy_local_addr_list+0xab/0x500 [ 264.305805][T13046] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 264.311984][T13046] ? sctp_v4_is_any+0x35/0x60 [ 264.316690][T13046] sctp_bind_addr_copy+0xad/0x3b0 [ 264.321749][T13046] ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190 [ 264.328275][T13046] sctp_connect_new_asoc+0x2f3/0x6c0 [ 264.333662][T13046] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 264.339473][T13046] ? sctp_sendmsg+0xbb9/0x3520 [ 264.344257][T13046] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 264.349805][T13046] ? security_sctp_bind_connect+0x90/0xb0 [ 264.355527][T13046] sctp_sendmsg+0x219a/0x3520 [ 264.360215][T13046] ? __pfx_sctp_sendmsg+0x10/0x10 [ 264.365233][T13046] ? __pfx_aa_sk_perm+0x10/0x10 [ 264.370090][T13046] ? __pfx_lock_release+0x10/0x10 [ 264.375142][T13046] ? inet_sendmsg+0x330/0x390 [ 264.379939][T13046] __sock_sendmsg+0x1a6/0x270 [ 264.384635][T13046] ____sys_sendmsg+0x525/0x7d0 [ 264.389418][T13046] ? __pfx_____sys_sendmsg+0x10/0x10 [ 264.394731][T13046] __sys_sendmmsg+0x3b2/0x740 [ 264.399422][T13046] ? __pfx___sys_sendmmsg+0x10/0x10 [ 264.404652][T13046] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 264.410553][T13046] ? ksys_write+0x23e/0x2c0 [ 264.415082][T13046] ? __pfx_lock_release+0x10/0x10 [ 264.420117][T13046] ? vfs_write+0x7c4/0xc90 [ 264.424541][T13046] ? __mutex_unlock_slowpath+0x21d/0x750 [ 264.430205][T13046] ? __pfx_vfs_write+0x10/0x10 [ 264.435016][T13046] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 264.441020][T13046] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 264.447367][T13046] ? do_syscall_64+0x100/0x230 [ 264.452144][T13046] __x64_sys_sendmmsg+0xa0/0xb0 [ 264.457006][T13046] do_syscall_64+0xf3/0x230 [ 264.461518][T13046] ? clear_bhb_loop+0x35/0x90 [ 264.466200][T13046] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 264.472099][T13046] RIP: 0033:0x7fee56975bd9 [ 264.476561][T13046] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 264.496380][T13046] RSP: 002b:00007fee577f8048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 264.504802][T13046] RAX: ffffffffffffffda RBX: 00007fee56b03f60 RCX: 00007fee56975bd9 [ 264.512766][T13046] RDX: 0000000000000001 RSI: 0000000020002a00 RDI: 0000000000000003 [ 264.520903][T13046] RBP: 00007fee577f80a0 R08: 0000000000000000 R09: 0000000000000000 [ 264.528884][T13046] R10: 0000000000000040 R11: 0000000000000246 R12: 0000000000000002 [ 264.536858][T13046] R13: 000000000000000b R14: 00007fee56b03f60 R15: 00007ffdf6d23c38 [ 264.545023][T13046] [ 264.663525][T13058] netlink: 165 bytes leftover after parsing attributes in process `syz.1.2282'. [ 264.673493][T13058] netlink: 277 bytes leftover after parsing attributes in process `syz.1.2282'. [ 265.058801][T13077] netlink: 'syz.1.2286': attribute type 10 has an invalid length. [ 265.075639][T13077] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 265.117598][T13077] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 265.174313][T13077] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link [ 265.201535][T12816] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 265.270954][T12816] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 265.304158][T12816] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 265.353960][T12816] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 265.491798][T13095] netlink: 165 bytes leftover after parsing attributes in process `syz.2.2294'. [ 265.521151][T13095] netlink: 277 bytes leftover after parsing attributes in process `syz.2.2294'. [ 265.711459][T12816] 8021q: adding VLAN 0 to HW filter on device bond0 [ 265.766182][T12816] 8021q: adding VLAN 0 to HW filter on device team0 [ 265.831656][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 265.838867][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 265.903958][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 265.911164][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 265.917391][T13117] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2300'. [ 265.957798][T13117] ipt_REJECT: TCP_RESET invalid for non-tcp [ 265.970168][ T5097] Bluetooth: hci1: command tx timeout [ 266.026277][T13121] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2301'. [ 266.320179][T13144] netlink: 165 bytes leftover after parsing attributes in process `syz.2.2307'. [ 266.361399][T13144] netlink: 277 bytes leftover after parsing attributes in process `syz.2.2307'. [ 266.604644][T13157] netlink: 'syz.0.2311': attribute type 1 has an invalid length. [ 266.627396][T13157] netlink: 112860 bytes leftover after parsing attributes in process `syz.0.2311'. [ 266.634733][T12816] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 266.655790][T13157] netlink: 'syz.0.2311': attribute type 1 has an invalid length. [ 267.188943][T13179] netlink: 88 bytes leftover after parsing attributes in process `syz.2.2315'. [ 267.371937][T13188] netlink: 'syz.1.2317': attribute type 6 has an invalid length. [ 267.379941][T13188] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2317'. [ 267.569620][T12816] veth0_vlan: entered promiscuous mode [ 267.617732][T12816] veth1_vlan: entered promiscuous mode [ 267.729187][T13201] netlink: 165 bytes leftover after parsing attributes in process `syz.0.2320'. [ 267.822803][T12816] veth0_macvtap: entered promiscuous mode [ 267.871648][T12816] veth1_macvtap: entered promiscuous mode [ 267.967712][T12816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 268.016670][T12816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.044542][T12816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 268.067790][T12816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.090921][T12816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 268.105209][T12816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.127634][T12816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 268.152991][T12816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.175123][T12816] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 268.286750][T13218] netlink: 'syz.0.2321': attribute type 30 has an invalid length. [ 268.386369][T12816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 268.432423][T12816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.448976][T12816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 268.460293][T12816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.472369][T12816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 268.483934][T12816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.495956][T12816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 268.509349][T12816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.523144][T12816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 268.538911][T12816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.562372][T12816] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 268.582476][T12816] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 268.608258][T12816] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 268.706136][T12816] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 268.727913][T12816] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 268.747169][T12816] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 268.770032][T12816] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 269.173270][T13266] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 269.279169][T13265] netlink: 'syz.1.2332': attribute type 1 has an invalid length. [ 269.290420][T13265] netlink: 'syz.1.2332': attribute type 1 has an invalid length. [ 269.304011][T13208] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 269.332792][T13208] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 269.404237][T13267] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 269.436889][T13266] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 269.495544][ T8815] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 269.520161][ T8815] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 269.598162][T13285] FAULT_INJECTION: forcing a failure. [ 269.598162][T13285] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 269.649327][T13285] CPU: 1 PID: 13285 Comm: syz.0.2335 Not tainted 6.10.0-rc7-syzkaller-00262-g70c676cb3dfc #0 [ 269.659534][T13285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 269.669900][T13285] Call Trace: [ 269.673204][T13285] [ 269.676147][T13285] dump_stack_lvl+0x241/0x360 [ 269.680865][T13285] ? __pfx_dump_stack_lvl+0x10/0x10 [ 269.686531][T13285] ? __pfx__printk+0x10/0x10 [ 269.691160][T13285] ? __pfx_lock_release+0x10/0x10 [ 269.696209][T13285] should_fail_ex+0x3b0/0x4e0 [ 269.700911][T13285] _copy_from_iter+0x1f6/0x1960 [ 269.705779][T13285] ? __virt_addr_valid+0x183/0x530 [ 269.710897][T13285] ? __pfx_lock_release+0x10/0x10 [ 269.716026][T13285] ? __alloc_skb+0x28f/0x440 [ 269.720622][T13285] ? __pfx__copy_from_iter+0x10/0x10 [ 269.725920][T13285] ? __virt_addr_valid+0x183/0x530 [ 269.731040][T13285] ? __virt_addr_valid+0x183/0x530 [ 269.736155][T13285] ? __virt_addr_valid+0x45f/0x530 [ 269.741268][T13285] ? __check_object_size+0x49c/0x900 [ 269.746642][T13285] netlink_sendmsg+0x743/0xcb0 [ 269.751434][T13285] ? __pfx_netlink_sendmsg+0x10/0x10 [ 269.756752][T13285] ? __import_iovec+0x536/0x820 [ 269.761623][T13285] ? aa_sock_msg_perm+0x91/0x160 [ 269.766571][T13285] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 269.771901][T13285] ? security_socket_sendmsg+0x87/0xb0 [ 269.777416][T13285] ? __pfx_netlink_sendmsg+0x10/0x10 [ 269.783234][T13285] __sock_sendmsg+0x221/0x270 [ 269.787953][T13285] ____sys_sendmsg+0x525/0x7d0 [ 269.792731][T13285] ? __pfx_____sys_sendmsg+0x10/0x10 [ 269.798021][T13285] __sys_sendmsg+0x2b0/0x3a0 [ 269.802630][T13285] ? __pfx___sys_sendmsg+0x10/0x10 [ 269.807759][T13285] ? vfs_write+0x7c4/0xc90 [ 269.812219][T13285] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 269.818545][T13285] ? do_syscall_64+0x100/0x230 [ 269.823323][T13285] ? do_syscall_64+0xb6/0x230 [ 269.828008][T13285] do_syscall_64+0xf3/0x230 [ 269.832510][T13285] ? clear_bhb_loop+0x35/0x90 [ 269.837185][T13285] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 269.843104][T13285] RIP: 0033:0x7f235f175bd9 [ 269.847610][T13285] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 269.867223][T13285] RSP: 002b:00007f235fecb048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 269.875644][T13285] RAX: ffffffffffffffda RBX: 00007f235f303f60 RCX: 00007f235f175bd9 [ 269.883619][T13285] RDX: 0000000000000000 RSI: 0000000020000500 RDI: 0000000000000003 [ 269.891585][T13285] RBP: 00007f235fecb0a0 R08: 0000000000000000 R09: 0000000000000000 [ 269.899547][T13285] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 269.907516][T13285] R13: 000000000000000b R14: 00007f235f303f60 R15: 00007ffebbba32c8 [ 269.915499][T13285] [ 270.640185][T13312] __nla_validate_parse: 6 callbacks suppressed [ 270.640204][T13312] netlink: 165 bytes leftover after parsing attributes in process `syz.0.2345'. [ 270.680118][T13313] netlink: 88 bytes leftover after parsing attributes in process `syz.3.2343'. [ 270.690383][T13312] netlink: 277 bytes leftover after parsing attributes in process `syz.0.2345'. [ 271.166016][T13340] netlink: 'syz.3.2355': attribute type 3 has an invalid length. [ 271.186972][T13340] netlink: 9 bytes leftover after parsing attributes in process `syz.3.2355'. [ 271.198134][T13342] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2356'. [ 271.436841][ T2906] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 271.511506][T13352] netlink: 88 bytes leftover after parsing attributes in process `syz.3.2358'. [ 271.680336][ T2906] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 271.749465][ T2906] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 271.816840][ T2906] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 271.955850][ T2906] bridge_slave_1: left allmulticast mode [ 271.961746][ T2906] bridge_slave_1: left promiscuous mode [ 271.967490][ T2906] bridge0: port 2(bridge_slave_1) entered disabled state [ 271.979347][ T2906] bridge_slave_0: left allmulticast mode [ 271.986419][ T2906] bridge_slave_0: left promiscuous mode [ 271.992448][ T2906] bridge0: port 1(bridge_slave_0) entered disabled state [ 272.344278][ T2906] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 272.356958][ T2906] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 272.372457][ T2906] bond0 (unregistering): Released all slaves [ 272.473634][T13371] netlink: 'syz.2.2364': attribute type 15 has an invalid length. [ 272.496251][T13371] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2364'. [ 272.778321][T13391] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2368'. [ 272.793800][T13388] netlink: 8280 bytes leftover after parsing attributes in process `syz.2.2367'. [ 272.797459][T13391] tipc: Trying to set illegal importance in message [ 272.834404][T13388] netlink: 8280 bytes leftover after parsing attributes in process `syz.2.2367'. [ 273.051825][ T2906] hsr_slave_0: left promiscuous mode [ 273.103112][ T53] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 273.130197][ T53] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 273.143451][ T53] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 273.153774][ T53] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 273.161520][ T2906] hsr_slave_1: left promiscuous mode [ 273.167074][ T53] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 273.176540][ T53] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 273.212861][ T2906] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 273.234379][ T2906] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 273.245106][ T2906] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 273.256978][ T2906] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 273.316071][ T2906] veth1_macvtap: left promiscuous mode [ 273.325056][ T2906] veth0_macvtap: left promiscuous mode [ 273.340151][ T2906] veth1_vlan: left promiscuous mode [ 273.375182][ T2906] veth0_vlan: left promiscuous mode [ 274.220734][ T2906] team0 (unregistering): Port device team_slave_1 removed [ 274.263844][ T2906] team0 (unregistering): Port device team_slave_0 removed [ 274.739992][T13425] netlink: 'syz.2.2377': attribute type 15 has an invalid length. [ 274.780413][T13429] bridge0: entered allmulticast mode [ 274.834994][T13431] pim6reg: entered allmulticast mode [ 274.968063][T13440] FAULT_INJECTION: forcing a failure. [ 274.968063][T13440] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 275.040972][T13440] CPU: 1 PID: 13440 Comm: syz.2.2382 Not tainted 6.10.0-rc7-syzkaller-00262-g70c676cb3dfc #0 [ 275.051169][T13440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 275.061219][T13440] Call Trace: [ 275.064493][T13440] [ 275.067433][T13440] dump_stack_lvl+0x241/0x360 [ 275.072116][T13440] ? __pfx_dump_stack_lvl+0x10/0x10 [ 275.077348][T13440] ? __pfx__printk+0x10/0x10 [ 275.081945][T13440] ? __pfx_lock_release+0x10/0x10 [ 275.086976][T13440] should_fail_ex+0x3b0/0x4e0 [ 275.091655][T13440] _copy_to_iter+0x1f6/0x1960 [ 275.096333][T13440] ? __virt_addr_valid+0x183/0x530 [ 275.101537][T13440] ? __pfx_lock_release+0x10/0x10 [ 275.106582][T13440] ? __pfx__copy_to_iter+0x10/0x10 [ 275.111708][T13440] ? __virt_addr_valid+0x183/0x530 [ 275.116840][T13440] ? __virt_addr_valid+0x183/0x530 [ 275.121959][T13440] ? __virt_addr_valid+0x45f/0x530 [ 275.127074][T13440] ? __phys_addr_symbol+0x2f/0x70 [ 275.132133][T13440] ? __check_object_size+0x49c/0x900 [ 275.137422][T13440] __skb_datagram_iter+0x112/0x890 [ 275.142545][T13440] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 275.148182][T13440] skb_copy_datagram_iter+0xd1/0x250 [ 275.153474][T13440] netlink_recvmsg+0x2d0/0x11d0 [ 275.158328][T13440] ? __pfx_netlink_recvmsg+0x10/0x10 [ 275.163628][T13440] ? __pfx___might_resched+0x10/0x10 [ 275.168929][T13440] ? __might_fault+0xaa/0x120 [ 275.173619][T13440] ? __pfx_lock_release+0x10/0x10 [ 275.178650][T13440] ? __import_iovec+0x536/0x820 [ 275.183505][T13440] ? __pfx_netlink_recvmsg+0x10/0x10 [ 275.188808][T13440] sock_recvmsg_nosec+0x18e/0x1d0 [ 275.193839][T13440] ____sys_recvmsg+0x3c0/0x470 [ 275.198607][T13440] ? __pfx_____sys_recvmsg+0x10/0x10 [ 275.203900][T13440] ? __might_fault+0xaa/0x120 [ 275.208582][T13440] do_recvmmsg+0x474/0xae0 [ 275.213002][T13440] ? __pfx_lock_release+0x10/0x10 [ 275.218021][T13440] ? __pfx_do_recvmmsg+0x10/0x10 [ 275.222962][T13440] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 275.228846][T13440] ? ksys_write+0x23e/0x2c0 [ 275.233342][T13440] ? __pfx_lock_release+0x10/0x10 [ 275.238366][T13440] ? vfs_write+0x7c4/0xc90 [ 275.242864][T13440] ? __mutex_unlock_slowpath+0x21d/0x750 [ 275.248497][T13440] ? __fget_files+0x3f6/0x470 [ 275.253186][T13440] __x64_sys_recvmmsg+0x199/0x250 [ 275.258234][T13440] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 275.263804][T13440] ? do_syscall_64+0x100/0x230 [ 275.268581][T13440] ? do_syscall_64+0xb6/0x230 [ 275.273257][T13440] do_syscall_64+0xf3/0x230 [ 275.277771][T13440] ? clear_bhb_loop+0x35/0x90 [ 275.282457][T13440] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 275.288360][T13440] RIP: 0033:0x7f8743375bd9 [ 275.292775][T13440] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 275.312375][T13440] RSP: 002b:00007f8744078048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 275.320787][T13440] RAX: ffffffffffffffda RBX: 00007f8743503f60 RCX: 00007f8743375bd9 [ 275.328748][T13440] RDX: 040000000000002e RSI: 0000000020000000 RDI: 0000000000000003 [ 275.336714][T13440] RBP: 00007f87440780a0 R08: 0000000000000000 R09: 0000000000000000 [ 275.344674][T13440] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 275.352638][T13440] R13: 000000000000000b R14: 00007f8743503f60 R15: 00007ffdc545a748 [ 275.360620][T13440] [ 275.414503][ T5097] Bluetooth: hci1: command tx timeout [ 275.673721][T13400] chnl_net:caif_netlink_parms(): no params data found [ 275.964416][T13480] netlink: 'syz.2.2392': attribute type 15 has an invalid length. [ 275.990128][T13480] __nla_validate_parse: 2 callbacks suppressed [ 275.990147][T13480] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2392'. [ 276.182015][T13502] netlink: 'syz.2.2397': attribute type 1 has an invalid length. [ 276.222516][T13400] bridge0: port 1(bridge_slave_0) entered blocking state [ 276.250408][T13400] bridge0: port 1(bridge_slave_0) entered disabled state [ 276.257698][T13400] bridge_slave_0: entered allmulticast mode [ 276.295755][T13400] bridge_slave_0: entered promiscuous mode [ 276.339139][T13400] bridge0: port 2(bridge_slave_1) entered blocking state [ 276.359393][T13400] bridge0: port 2(bridge_slave_1) entered disabled state [ 276.398728][T13400] bridge_slave_1: entered allmulticast mode [ 276.431687][T13400] bridge_slave_1: entered promiscuous mode [ 276.580926][T13400] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 276.652751][T13400] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 276.757510][T13400] team0: Port device team_slave_0 added [ 276.781187][T13400] team0: Port device team_slave_1 added [ 276.843552][T13400] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 276.865961][T13400] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 276.905150][T13400] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 277.286382][T13400] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 277.296957][T13400] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 277.328025][T13400] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 277.340647][T13538] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2406'. [ 277.490715][ T5097] Bluetooth: hci1: command tx timeout [ 277.525786][T13546] netlink: 'syz.1.2407': attribute type 15 has an invalid length. [ 277.581787][T13546] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2407'. [ 277.630412][T13400] hsr_slave_0: entered promiscuous mode [ 277.672608][T13400] hsr_slave_1: entered promiscuous mode [ 277.701121][T13400] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 277.719141][T13400] Cannot create hsr debugfs directory [ 278.200000][T13579] netlink: 165 bytes leftover after parsing attributes in process `syz.2.2417'. [ 278.234837][T13579] netlink: 277 bytes leftover after parsing attributes in process `syz.2.2417'. [ 278.377148][T13586] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2418'. [ 279.069378][T13592] netlink: 'syz.0.2420': attribute type 15 has an invalid length. [ 279.106417][T13592] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2420'. [ 279.117777][T13594] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check. [ 279.165827][T13594] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2421'. [ 279.570337][ T5097] Bluetooth: hci1: command tx timeout [ 279.706374][T13618] netlink: 165 bytes leftover after parsing attributes in process `syz.0.2428'. [ 279.731678][T13618] netlink: 277 bytes leftover after parsing attributes in process `syz.0.2428'. [ 279.889238][T13632] IPVS: sync thread started: state = BACKUP, mcast_ifn = bond0, syncid = 0, id = 0 [ 279.955553][T13631] netlink: 'syz.2.2432': attribute type 15 has an invalid length. [ 280.560144][T13400] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 280.626850][T13400] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 280.683141][T13400] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 280.716823][T13400] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 280.775426][T13674] IPVS: sync thread started: state = BACKUP, mcast_ifn = bond0, syncid = 0, id = 0 [ 281.037560][T13400] 8021q: adding VLAN 0 to HW filter on device bond0 [ 281.095071][T13400] 8021q: adding VLAN 0 to HW filter on device team0 [ 281.152944][ T5100] bridge0: port 1(bridge_slave_0) entered blocking state [ 281.160167][ T5100] bridge0: port 1(bridge_slave_0) entered forwarding state [ 281.223170][ T5100] bridge0: port 2(bridge_slave_1) entered blocking state [ 281.230566][ T5100] bridge0: port 2(bridge_slave_1) entered forwarding state [ 281.374010][T13700] __nla_validate_parse: 6 callbacks suppressed [ 281.374031][T13700] netlink: 165 bytes leftover after parsing attributes in process `syz.3.2454'. [ 281.411950][T13700] netlink: 277 bytes leftover after parsing attributes in process `syz.3.2454'. [ 281.661897][ T5097] Bluetooth: hci1: command tx timeout [ 281.762821][T13723] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 281.772114][T13723] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 281.781715][T13723] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 281.790551][T13723] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 281.885707][T13400] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 281.943158][T13735] netlink: 216 bytes leftover after parsing attributes in process `syz.3.2465'. [ 281.972338][T13737] FAULT_INJECTION: forcing a failure. [ 281.972338][T13737] name failslab, interval 1, probability 0, space 0, times 0 [ 282.020629][T13737] CPU: 0 PID: 13737 Comm: syz.1.2463 Not tainted 6.10.0-rc7-syzkaller-00262-g70c676cb3dfc #0 [ 282.030843][T13737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 282.040924][T13737] Call Trace: [ 282.044228][T13737] [ 282.047182][T13737] dump_stack_lvl+0x241/0x360 [ 282.051894][T13737] ? __pfx_dump_stack_lvl+0x10/0x10 [ 282.057144][T13737] ? __pfx__printk+0x10/0x10 [ 282.061777][T13737] ? __pfx_lock_acquire+0x10/0x10 [ 282.066837][T13737] ? sock_def_readable+0xd7/0x5b0 [ 282.071892][T13737] should_fail_ex+0x3b0/0x4e0 [ 282.076608][T13737] ? inet_twsk_alloc+0xe7/0x890 [ 282.081490][T13737] should_failslab+0x9/0x20 [ 282.086027][T13737] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 282.091439][T13737] inet_twsk_alloc+0xe7/0x890 [ 282.096150][T13737] ? sk_wake_async+0x6b/0x290 [ 282.100854][T13737] ? dccp_rcv_reset+0x1e8/0x370 [ 282.105737][T13737] dccp_time_wait+0x2d/0x250 [ 282.110353][T13737] ? sk_wake_async+0x6b/0x290 [ 282.115144][T13737] dccp_rcv_state_process+0x438/0x910 [ 282.120549][T13737] dccp_v6_do_rcv+0x335/0xb10 [ 282.125259][T13737] ? __pfx_dccp_v6_do_rcv+0x10/0x10 [ 282.130490][T13737] __release_sock+0x243/0x350 [ 282.135210][T13737] release_sock+0x61/0x1f0 [ 282.139661][T13737] inet_stream_connect+0x88/0xa0 [ 282.144667][T13737] __sys_connect+0x2df/0x310 [ 282.149291][T13737] ? __pfx___sys_connect+0x10/0x10 [ 282.154445][T13737] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 282.160806][T13737] ? do_syscall_64+0x100/0x230 [ 282.165610][T13737] __x64_sys_connect+0x7a/0x90 [ 282.170675][T13737] do_syscall_64+0xf3/0x230 [ 282.175327][T13737] ? clear_bhb_loop+0x35/0x90 [ 282.180037][T13737] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 282.185971][T13737] RIP: 0033:0x7fee56975bd9 [ 282.190415][T13737] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 282.210054][T13737] RSP: 002b:00007fee577d7048 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 282.218517][T13737] RAX: ffffffffffffffda RBX: 00007fee56b04038 RCX: 00007fee56975bd9 [ 282.226519][T13737] RDX: 000000000000001c RSI: 0000000020000040 RDI: 000000000000000b [ 282.234521][T13737] RBP: 00007fee577d70a0 R08: 0000000000000000 R09: 0000000000000000 [ 282.242797][T13737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 282.250973][T13737] R13: 000000000000006e R14: 00007fee56b04038 R15: 00007ffdf6d23c38 [ 282.259004][T13737] [ 282.379578][T13752] debugfs: Directory 'netdev:nicvf0' with parent 'phy32' already present! [ 282.417572][T13737] dccp_time_wait: time wait bucket table overflow [ 282.628146][T13767] netlink: 6 bytes leftover after parsing attributes in process `syz.3.2472'. [ 282.658955][T13766] netlink: 165 bytes leftover after parsing attributes in process `syz.0.2470'. [ 282.674861][T13400] veth0_vlan: entered promiscuous mode [ 282.685501][T13768] netlink: 'syz.3.2472': attribute type 1 has an invalid length. [ 282.686758][T13766] netlink: 277 bytes leftover after parsing attributes in process `syz.0.2470'. [ 282.713358][T13400] veth1_vlan: entered promiscuous mode [ 282.755535][T13767] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2472'. [ 282.846043][T13400] veth0_macvtap: entered promiscuous mode [ 282.889344][T13400] veth1_macvtap: entered promiscuous mode [ 282.991046][T13400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 283.041148][T13400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.070050][T13400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 283.083384][T13779] netlink: 'syz.0.2475': attribute type 1 has an invalid length. [ 283.091649][T13400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.091689][T13400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 283.114003][T13400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.125064][T13400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 283.137314][T13400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.151910][T13400] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 283.242818][T13400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 283.276393][T13400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.309970][T13400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 283.351747][T13400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.373519][T13400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 283.388923][T13400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.401044][T13400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 283.415548][T13400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.426045][T13400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 283.437343][T13400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.450367][T13400] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 283.462209][T13400] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 283.480753][T13400] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 283.512452][T13796] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2479'. [ 283.532397][T13796] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2479'. [ 283.588324][T13400] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 283.616522][T13400] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 283.637146][T13400] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 283.658724][T13400] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 283.921960][T13820] netlink: 165 bytes leftover after parsing attributes in process `syz.1.2485'. [ 283.934439][T13819] netlink: 'syz.2.2484': attribute type 15 has an invalid length. [ 283.965466][T13210] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 284.004979][T13210] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 284.112748][T13210] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 284.135352][T13210] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 284.797759][T13864] netlink: 'syz.1.2498': attribute type 15 has an invalid length. [ 285.269566][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 285.276088][ C0] vcan0: j1939_xtp_rx_dat: no rx connection found [ 285.282857][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.290723][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.298651][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.306547][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.314516][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.322419][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.330356][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.338191][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.346169][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.354075][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.362025][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.369919][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.377843][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.385743][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.393713][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.401598][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.409512][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.417400][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.425335][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.433218][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.441287][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.449124][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.457095][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.464978][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.473002][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.480891][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.488815][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.496703][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.504676][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.512647][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.520600][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.528439][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.536440][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.544316][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.552299][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.560198][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.568210][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.576121][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.584159][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.592303][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.600243][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.608168][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.616136][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.624003][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.631968][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.639807][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.647800][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.655705][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.663659][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.671528][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.679443][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.687328][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.695286][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.703164][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.711113][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.718948][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.726902][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.734762][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.742732][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.750591][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.758613][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.766518][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.774486][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.782384][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.790343][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.798182][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.806157][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.814019][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.821971][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.829803][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.837776][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.845652][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.853586][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.861459][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.869383][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.877267][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.885243][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.893115][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.901147][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.909033][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.917018][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.924889][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.932884][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.940756][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.948675][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.956606][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.964558][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.972440][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.980373][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 285.988205][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 285.996154][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 286.004017][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 286.011968][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 286.019790][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 286.027777][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found [ 286.035659][ C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found [ 286.273687][T13904] netlink: 'syz.1.2509': attribute type 15 has an invalid length. [ 286.317263][T13906] netlink: 'syz.1.2510': attribute type 15 has an invalid length. [ 286.411586][ T2839] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 286.427414][T13908] __nla_validate_parse: 10 callbacks suppressed [ 286.427434][T13908] netlink: 165 bytes leftover after parsing attributes in process `syz.1.2511'. [ 286.476928][T13908] netlink: 277 bytes leftover after parsing attributes in process `syz.1.2511'. [ 286.534746][ T2839] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 286.621313][ T2839] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 286.698162][ T2839] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 286.824296][ T2839] bridge_slave_1: left allmulticast mode [ 286.831209][ T2839] bridge_slave_1: left promiscuous mode [ 286.837102][ T2839] bridge0: port 2(bridge_slave_1) entered disabled state [ 286.848006][ T2839] bridge_slave_0: left allmulticast mode [ 286.855447][ T2839] bridge_slave_0: left promiscuous mode [ 286.862164][ T2839] bridge0: port 1(bridge_slave_0) entered disabled state [ 287.219668][ T2839] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 287.233141][ T2839] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 287.245916][ T2839] bond0 (unregistering): Released all slaves [ 287.546252][T13923] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2515'. [ 287.573794][T13924] netlink: 165 bytes leftover after parsing attributes in process `syz.1.2513'. [ 287.611912][T13924] netlink: 277 bytes leftover after parsing attributes in process `syz.1.2513'. [ 287.760769][ T2839] hsr_slave_0: left promiscuous mode [ 287.790193][ T2839] hsr_slave_1: left promiscuous mode [ 287.836986][ T2839] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 287.870327][ T2839] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 287.963148][ T2839] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 287.983640][ T2839] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 288.196490][ T2839] veth1_macvtap: left promiscuous mode [ 288.235410][ T2839] veth0_macvtap: left promiscuous mode [ 288.273382][ T2839] veth1_vlan: left promiscuous mode [ 288.309356][ T2839] veth0_vlan: left promiscuous mode [ 288.391803][ T53] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 288.412185][ T53] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 288.421278][ T53] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 288.431073][ T53] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 288.444969][ T53] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 288.452984][ T53] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 289.881143][ T2839] team0 (unregistering): Port device team_slave_1 removed [ 289.925739][ T2839] team0 (unregistering): Port device team_slave_0 removed [ 290.331004][T13934] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2517'. [ 290.411428][T13950] netlink: 'syz.1.2520': attribute type 15 has an invalid length. [ 290.426735][T13950] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2520'. [ 290.490745][T13952] netlink: 'syz.3.2521': attribute type 15 has an invalid length. [ 290.519830][T13956] xt_time: unknown flags 0x4 [ 290.524374][T13952] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2521'. [ 290.534487][ T5097] Bluetooth: hci1: command tx timeout [ 290.695315][T13959] netlink: 165 bytes leftover after parsing attributes in process `syz.2.2524'. [ 290.706514][T13960] netlink: 165 bytes leftover after parsing attributes in process `syz.1.2525'. [ 290.910244][T13968] xt_CT: No such helper "netbios-ns" [ 290.938523][T13969] xt_CT: No such helper "netbios-ns" [ 291.035734][T13946] chnl_net:caif_netlink_parms(): no params data found [ 291.116068][T13983] bridge0: port 2(bridge_slave_1) entered disabled state [ 291.125560][T13983] bridge0: port 1(bridge_slave_0) entered disabled state [ 291.283374][T13999] FAULT_INJECTION: forcing a failure. [ 291.283374][T13999] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 291.317081][T13999] CPU: 0 PID: 13999 Comm: syz.1.2536 Not tainted 6.10.0-rc7-syzkaller-00262-g70c676cb3dfc #0 [ 291.327295][T13999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 291.337375][T13999] Call Trace: [ 291.340694][T13999] [ 291.343641][T13999] dump_stack_lvl+0x241/0x360 [ 291.348357][T13999] ? __pfx_dump_stack_lvl+0x10/0x10 [ 291.353582][T13999] ? __pfx__printk+0x10/0x10 [ 291.358200][T13999] ? __pfx_lock_release+0x10/0x10 [ 291.363278][T13999] should_fail_ex+0x3b0/0x4e0 [ 291.367988][T13999] _copy_from_iter+0x1f6/0x1960 [ 291.372859][T13999] ? __virt_addr_valid+0x183/0x530 [ 291.378001][T13999] ? __pfx_lock_release+0x10/0x10 [ 291.383061][T13999] ? __alloc_skb+0x28f/0x440 [ 291.387762][T13999] ? __pfx__copy_from_iter+0x10/0x10 [ 291.393072][T13999] ? __virt_addr_valid+0x183/0x530 [ 291.398215][T13999] ? __virt_addr_valid+0x183/0x530 [ 291.403447][T13999] ? __virt_addr_valid+0x45f/0x530 [ 291.408613][T13999] ? __check_object_size+0x49c/0x900 [ 291.413933][T13999] netlink_sendmsg+0x743/0xcb0 [ 291.418738][T13999] ? __pfx_netlink_sendmsg+0x10/0x10 [ 291.424150][T13999] ? __import_iovec+0x536/0x820 [ 291.429027][T13999] ? aa_sock_msg_perm+0x91/0x160 [ 291.434009][T13999] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 291.439325][T13999] ? security_socket_sendmsg+0x87/0xb0 [ 291.444901][T13999] ? __pfx_netlink_sendmsg+0x10/0x10 [ 291.450246][T13999] __sock_sendmsg+0x221/0x270 [ 291.454954][T13999] ____sys_sendmsg+0x525/0x7d0 [ 291.459765][T13999] ? __pfx_____sys_sendmsg+0x10/0x10 [ 291.465095][T13999] __sys_sendmsg+0x2b0/0x3a0 [ 291.469713][T13999] ? __pfx___sys_sendmsg+0x10/0x10 [ 291.474851][T13999] ? vfs_write+0x7c4/0xc90 [ 291.479337][T13999] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 291.485694][T13999] ? do_syscall_64+0x100/0x230 [ 291.490492][T13999] ? do_syscall_64+0xb6/0x230 [ 291.495200][T13999] do_syscall_64+0xf3/0x230 [ 291.499739][T13999] ? clear_bhb_loop+0x35/0x90 [ 291.504447][T13999] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 291.510391][T13999] RIP: 0033:0x7fee56975bd9 [ 291.514822][T13999] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 291.534896][T13999] RSP: 002b:00007fee577f8048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 291.543339][T13999] RAX: ffffffffffffffda RBX: 00007fee56b03f60 RCX: 00007fee56975bd9 [ 291.551335][T13999] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 291.559326][T13999] RBP: 00007fee577f80a0 R08: 0000000000000000 R09: 0000000000000000 [ 291.567326][T13999] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 291.575406][T13999] R13: 000000000000000b R14: 00007fee56b03f60 R15: 00007ffdf6d23c38 [ 291.583500][T13999] [ 291.610804][T14001] netlink: 'syz.0.2535': attribute type 15 has an invalid length. [ 291.629374][T14001] __nla_validate_parse: 3 callbacks suppressed [ 291.629393][T14001] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2535'. [ 291.661331][T14003] netlink: 'syz.3.2537': attribute type 15 has an invalid length. [ 291.678206][T14003] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2537'. [ 291.700522][T13946] bridge0: port 1(bridge_slave_0) entered blocking state [ 291.730610][T13946] bridge0: port 1(bridge_slave_0) entered disabled state [ 291.737896][T13946] bridge_slave_0: entered allmulticast mode [ 291.756387][T13946] bridge_slave_0: entered promiscuous mode [ 291.769461][T13946] bridge0: port 2(bridge_slave_1) entered blocking state [ 291.777518][T13946] bridge0: port 2(bridge_slave_1) entered disabled state [ 291.784997][T13946] bridge_slave_1: entered allmulticast mode [ 291.793754][T13946] bridge_slave_1: entered promiscuous mode [ 291.817233][T14016] netlink: 168 bytes leftover after parsing attributes in process `syz.0.2539'. [ 291.847327][T14016] netlink: 'syz.0.2539': attribute type 2 has an invalid length. [ 291.893578][T14016] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2539'. [ 291.915730][T14020] netlink: 165 bytes leftover after parsing attributes in process `syz.1.2541'. [ 291.942369][T13946] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 291.953050][T14020] netlink: 277 bytes leftover after parsing attributes in process `syz.1.2541'. [ 291.991303][T13946] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 292.004691][T14024] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2542'. [ 292.136349][T13946] team0: Port device team_slave_0 added [ 292.182455][T13946] team0: Port device team_slave_1 added [ 292.266672][T14036] ================================================================== [ 292.274776][T14036] BUG: KASAN: slab-use-after-free in dev_map_enqueue+0x40/0x3e0 [ 292.282433][T14036] Read of size 8 at addr ffff888024d3ef00 by task syz.0.2546/14036 [ 292.290335][T14036] [ 292.292664][T14036] CPU: 1 PID: 14036 Comm: syz.0.2546 Not tainted 6.10.0-rc7-syzkaller-00262-g70c676cb3dfc #0 [ 292.302823][T14036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 292.312892][T14036] Call Trace: [ 292.316185][T14036] [ 292.319132][T14036] dump_stack_lvl+0x241/0x360 [ 292.323835][T14036] ? __pfx_dump_stack_lvl+0x10/0x10 [ 292.329061][T14036] ? __pfx__printk+0x10/0x10 [ 292.333666][T14036] ? _printk+0xd5/0x120 [ 292.337844][T14036] ? __virt_addr_valid+0x183/0x530 [ 292.342978][T14036] ? __virt_addr_valid+0x183/0x530 [ 292.348198][T14036] print_report+0x169/0x550 [ 292.352736][T14036] ? __virt_addr_valid+0x183/0x530 [ 292.357867][T14036] ? __virt_addr_valid+0x183/0x530 [ 292.362996][T14036] ? __virt_addr_valid+0x45f/0x530 [ 292.368132][T14036] ? __phys_addr+0xba/0x170 [ 292.372664][T14036] ? dev_map_enqueue+0x40/0x3e0 [ 292.377533][T14036] kasan_report+0x143/0x180 [ 292.382048][T14036] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 292.388053][T14036] ? dev_map_enqueue+0x40/0x3e0 [ 292.392922][T14036] dev_map_enqueue+0x40/0x3e0 [ 292.397619][T14036] xdp_do_redirect_frame+0x2a6/0x660 [ 292.402935][T14036] bpf_test_run_xdp_live+0xe60/0x1e60 [ 292.408343][T14036] ? bpf_test_run_xdp_live+0x724/0x1e60 [ 292.413909][T14036] ? __pfx_bpf_test_run_xdp_live+0x10/0x10 [ 292.419760][T14036] ? __pfx_xdp_test_run_init_page+0x10/0x10 [ 292.425678][T14036] ? __might_fault+0xaa/0x120 [ 292.430379][T14036] ? __might_fault+0xc6/0x120 [ 292.435075][T14036] ? _copy_from_user+0xa6/0xe0 [ 292.439853][T14036] ? bpf_test_init+0x15a/0x180 [ 292.444637][T14036] ? xdp_convert_md_to_buff+0x5b/0x330 [ 292.450116][T14036] bpf_prog_test_run_xdp+0x80e/0x11b0 [ 292.455518][T14036] ? __pfx_lock_release+0x10/0x10 [ 292.460566][T14036] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 292.466395][T14036] ? __fget_files+0x29/0x470 [ 292.471012][T14036] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 292.476847][T14036] bpf_prog_test_run+0x33a/0x3b0 [ 292.481808][T14036] __sys_bpf+0x48d/0x810 [ 292.486089][T14036] ? __pfx___sys_bpf+0x10/0x10 [ 292.490904][T14036] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 292.496971][T14036] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 292.503319][T14036] ? do_syscall_64+0x100/0x230 [ 292.508161][T14036] __x64_sys_bpf+0x7c/0x90 [ 292.512597][T14036] do_syscall_64+0xf3/0x230 [ 292.517127][T14036] ? clear_bhb_loop+0x35/0x90 [ 292.521821][T14036] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 292.527739][T14036] RIP: 0033:0x7f235f175bd9 [ 292.532170][T14036] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 292.551885][T14036] RSP: 002b:00007f235fecb048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 292.560328][T14036] RAX: ffffffffffffffda RBX: 00007f235f303f60 RCX: 00007f235f175bd9 [ 292.568315][T14036] RDX: 0000000000000050 RSI: 0000000020000240 RDI: 000000000000000a [ 292.576304][T14036] RBP: 00007f235f1e4e60 R08: 0000000000000000 R09: 0000000000000000 [ 292.584288][T14036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 292.592272][T14036] R13: 000000000000000b R14: 00007f235f303f60 R15: 00007ffebbba32c8 [ 292.600268][T14036] [ 292.603298][T14036] [ 292.605623][T14036] Allocated by task 5095: [ 292.609954][T14036] kasan_save_track+0x3f/0x80 [ 292.614645][T14036] __kasan_kmalloc+0x98/0xb0 [ 292.619258][T14036] kmalloc_trace_noprof+0x19c/0x2c0 [ 292.624489][T14036] alloc_fdtable+0xa1/0x280 [ 292.629009][T14036] dup_fd+0x893/0xce0 [ 292.633005][T14036] copy_files+0x150/0x2a0 [ 292.637346][T14036] copy_process+0x171b/0x3dc0 [ 292.642033][T14036] kernel_clone+0x226/0x8f0 [ 292.646551][T14036] __x64_sys_clone+0x258/0x2a0 [ 292.651325][T14036] do_syscall_64+0xf3/0x230 [ 292.655849][T14036] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 292.661760][T14036] [ 292.664090][T14036] Freed by task 11673: [ 292.668160][T14036] kasan_save_track+0x3f/0x80 [ 292.672943][T14036] kasan_save_free_info+0x40/0x50 [ 292.677981][T14036] poison_slab_object+0xe0/0x150 [ 292.678992][ T5097] Bluetooth: hci1: command tx timeout [ 292.682914][T14036] __kasan_slab_free+0x37/0x60 [ 292.682938][T14036] kfree+0x149/0x360 [ 292.682960][T14036] put_files_struct+0x2e9/0x360 [ 292.701794][T14036] do_exit+0xa08/0x27e0 [ 292.705965][T14036] do_group_exit+0x207/0x2c0 [ 292.710568][T14036] get_signal+0x16a1/0x1740 [ 292.715342][T14036] arch_do_signal_or_restart+0x96/0x860 [ 292.720902][T14036] syscall_exit_to_user_mode+0xc9/0x360 [ 292.726467][T14036] do_syscall_64+0x100/0x230 [ 292.731075][T14036] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 292.736979][T14036] [ 292.739312][T14036] The buggy address belongs to the object at ffff888024d3ef00 [ 292.739312][T14036] which belongs to the cache kmalloc-cg-64 of size 64 [ 292.753471][T14036] The buggy address is located 0 bytes inside of [ 292.753471][T14036] freed 64-byte region [ffff888024d3ef00, ffff888024d3ef40) [ 292.767035][T14036] [ 292.769384][T14036] The buggy address belongs to the physical page: [ 292.775808][T14036] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888024d3eb80 pfn:0x24d3e [ 292.785894][T14036] memcg:ffff88802df7d601 [ 292.790140][T14036] flags: 0xfff00000000200(workingset|node=0|zone=1|lastcpupid=0x7ff) [ 292.798325][T14036] page_type: 0xffffefff(slab) [ 292.803023][T14036] raw: 00fff00000000200 ffff88801504dc80 ffff88801504e348 ffffea0001934510 [ 292.811621][T14036] raw: ffff888024d3eb80 0000000000200002 00000001ffffefff ffff88802df7d601 [ 292.820218][T14036] page dumped because: kasan: bad access detected [ 292.826657][T14036] page_owner tracks the page as allocated [ 292.832830][T14036] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x152cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5088, tgid 5088 (syz-executor), ts 141762763292, free_ts 141762359044 [ 292.852212][T14036] post_alloc_hook+0x1f3/0x230 [ 292.857000][T14036] get_page_from_freelist+0x2e4c/0x2f10 [ 292.862571][T14036] __alloc_pages_noprof+0x256/0x6c0 [ 292.867791][T14036] alloc_slab_page+0x5f/0x120 [ 292.872489][T14036] allocate_slab+0x5a/0x2f0 [ 292.877034][T14036] ___slab_alloc+0xcd1/0x14b0 [ 292.881732][T14036] __slab_alloc+0x58/0xa0 [ 292.886077][T14036] kmalloc_trace_noprof+0x1d5/0x2c0 [ 292.891380][T14036] alloc_fdtable+0xa1/0x280 [ 292.895907][T14036] dup_fd+0x893/0xce0 [ 292.899917][T14036] copy_files+0x150/0x2a0 [ 292.904248][T14036] copy_process+0x171b/0x3dc0 [ 292.908906][T14036] kernel_clone+0x226/0x8f0 [ 292.913391][T14036] __x64_sys_clone+0x258/0x2a0 [ 292.918137][T14036] do_syscall_64+0xf3/0x230 [ 292.922643][T14036] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 292.929029][T14036] page last free pid 5088 tgid 5088 stack trace: [ 292.935374][T14036] free_unref_page+0xd22/0xea0 [ 292.940151][T14036] vfree+0x186/0x2e0 [ 292.944049][T14036] do_ip6t_get_ctl+0x11eb/0x1820 [ 292.948970][T14036] nf_getsockopt+0x299/0x2c0 [ 292.953544][T14036] ipv6_getsockopt+0x263/0x380 [ 292.958299][T14036] tcp_getsockopt+0x163/0x1c0 [ 292.962983][T14036] do_sock_getsockopt+0x373/0x850 [ 292.968006][T14036] __sys_getsockopt+0x271/0x330 [ 292.972852][T14036] __x64_sys_getsockopt+0xb5/0xd0 [ 292.977892][T14036] do_syscall_64+0xf3/0x230 [ 292.982410][T14036] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 292.988310][T14036] [ 292.990613][T14036] Memory state around the buggy address: [ 292.996257][T14036] ffff888024d3ee00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 293.004320][T14036] ffff888024d3ee80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 293.012378][T14036] >ffff888024d3ef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 293.020432][T14036] ^ [ 293.024505][T14036] ffff888024d3ef80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 293.032741][T14036] ffff888024d3f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 293.040799][T14036] ================================================================== [ 293.049022][T14036] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 293.056242][T14036] CPU: 1 PID: 14036 Comm: syz.0.2546 Not tainted 6.10.0-rc7-syzkaller-00262-g70c676cb3dfc #0 [ 293.066410][T14036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 293.076476][T14036] Call Trace: [ 293.079759][T14036] [ 293.082684][T14036] dump_stack_lvl+0x241/0x360 [ 293.087406][T14036] ? __pfx_dump_stack_lvl+0x10/0x10 [ 293.092600][T14036] ? __pfx__printk+0x10/0x10 [ 293.097206][T14036] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 293.103209][T14036] ? vscnprintf+0x5d/0x90 [ 293.107557][T14036] panic+0x349/0x860 [ 293.111471][T14036] ? check_panic_on_warn+0x21/0xb0 [ 293.116588][T14036] ? __pfx_panic+0x10/0x10 [ 293.120996][T14036] ? _raw_spin_unlock_irqrestore+0xd8/0x140 [ 293.126873][T14036] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 293.132752][T14036] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 293.139067][T14036] check_panic_on_warn+0x86/0xb0 [ 293.144008][T14036] ? dev_map_enqueue+0x40/0x3e0 [ 293.148848][T14036] end_report+0x77/0x160 [ 293.153087][T14036] kasan_report+0x154/0x180 [ 293.157601][T14036] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 293.163586][T14036] ? dev_map_enqueue+0x40/0x3e0 [ 293.168427][T14036] dev_map_enqueue+0x40/0x3e0 [ 293.173095][T14036] xdp_do_redirect_frame+0x2a6/0x660 [ 293.178375][T14036] bpf_test_run_xdp_live+0xe60/0x1e60 [ 293.183829][T14036] ? bpf_test_run_xdp_live+0x724/0x1e60 [ 293.189366][T14036] ? __pfx_bpf_test_run_xdp_live+0x10/0x10 [ 293.195174][T14036] ? __pfx_xdp_test_run_init_page+0x10/0x10 [ 293.201095][T14036] ? __might_fault+0xaa/0x120 [ 293.205962][T14036] ? __might_fault+0xc6/0x120 [ 293.210656][T14036] ? _copy_from_user+0xa6/0xe0 [ 293.215425][T14036] ? bpf_test_init+0x15a/0x180 [ 293.220194][T14036] ? xdp_convert_md_to_buff+0x5b/0x330 [ 293.225650][T14036] bpf_prog_test_run_xdp+0x80e/0x11b0 [ 293.231032][T14036] ? __pfx_lock_release+0x10/0x10 [ 293.236076][T14036] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 293.241883][T14036] ? __fget_files+0x29/0x470 [ 293.246476][T14036] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 293.252294][T14036] bpf_prog_test_run+0x33a/0x3b0 [ 293.257246][T14036] __sys_bpf+0x48d/0x810 [ 293.261506][T14036] ? __pfx___sys_bpf+0x10/0x10 [ 293.266277][T14036] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 293.272338][T14036] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 293.278680][T14036] ? do_syscall_64+0x100/0x230 [ 293.283441][T14036] __x64_sys_bpf+0x7c/0x90 [ 293.287847][T14036] do_syscall_64+0xf3/0x230 [ 293.292361][T14036] ? clear_bhb_loop+0x35/0x90 [ 293.297022][T14036] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 293.302917][T14036] RIP: 0033:0x7f235f175bd9 [ 293.307349][T14036] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 293.326957][T14036] RSP: 002b:00007f235fecb048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 293.335368][T14036] RAX: ffffffffffffffda RBX: 00007f235f303f60 RCX: 00007f235f175bd9 [ 293.343360][T14036] RDX: 0000000000000050 RSI: 0000000020000240 RDI: 000000000000000a [ 293.351338][T14036] RBP: 00007f235f1e4e60 R08: 0000000000000000 R09: 0000000000000000 [ 293.359315][T14036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 293.367293][T14036] R13: 000000000000000b R14: 00007f235f303f60 R15: 00007ffebbba32c8 [ 293.375274][T14036] [ 293.378514][T14036] Kernel Offset: disabled [ 293.382829][T14036] Rebooting in 86400 seconds..