last executing test programs: 2.691158283s ago: executing program 1 (id=1724): r0 = socket$xdp(0x2c, 0x3, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0x8, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="850000006100000054000000000000009500000000000000b4a8b1541206000000e9c79077fa15ba36eca61299de54cf77c9062c30bc068829afff36b31fa7e358e95cfa"], &(0x7f0000281ffc)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000200)={r1, 0x2000000, 0x2, 0x0, &(0x7f00000001c0)="1343", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) setsockopt$XDP_TX_RING(r0, 0x11b, 0x6, &(0x7f0000000000)=0x40000000, 0x4) socket$xdp(0x2c, 0x3, 0x0) (async) bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0x8, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="850000006100000054000000000000009500000000000000b4a8b1541206000000e9c79077fa15ba36eca61299de54cf77c9062c30bc068829afff36b31fa7e358e95cfa"], &(0x7f0000281ffc)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) (async) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000200)={r1, 0x2000000, 0x2, 0x0, &(0x7f00000001c0)="1343", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async) setsockopt$XDP_TX_RING(r0, 0x11b, 0x6, &(0x7f0000000000)=0x40000000, 0x4) (async) 1.808080548s ago: executing program 3 (id=1731): socket$kcm(0x10, 0x3, 0x10) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x70, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_EXPRESSIONS={0x48, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @reject={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_REJECT_TYPE={0x8}, @NFTA_REJECT_TYPE={0x8, 0x1, 0x1, 0x0, 0x2}]}}}, {0x20, 0x1, 0x0, 0x1, @rt={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_RT_DREG={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_RT_KEY={0x8}]}}}]}, @NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xf8}}, 0x0) r1 = socket$inet(0x2, 0x80001, 0x84) r2 = socket$inet_sctp(0x2, 0x5, 0x84) r3 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000200)=0xfffffdd9) unshare(0x60480) setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r1, 0x84, 0x19, &(0x7f0000000300)={r4, 0x25}, 0x8) getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000240)={r4, 0x4, 0x3ff, 0x3}, &(0x7f0000000280)=0x10) r5 = socket(0x23, 0x80805, 0x0) listen(r5, 0x0) poll(&(0x7f0000000000)=[{r5, 0x9081}], 0x1, 0x2) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r2, 0x84, 0x6c, &(0x7f0000000340)={r4}, &(0x7f00000000c0)=0x8) socket$nl_generic(0x10, 0x3, 0x10) socket$tipc(0x1e, 0x5, 0x0) socket$netlink(0x10, 0x3, 0xc) r6 = socket$alg(0x26, 0x5, 0x0) bind$alg(r6, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58) accept4(r6, 0x0, 0x0, 0x0) socket(0x15, 0x5, 0x0) socket$inet_sctp(0x2, 0x1, 0x84) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) 1.440120973s ago: executing program 4 (id=1737): sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) (async) bind$inet6(0xffffffffffffffff, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000001300)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="c3aa00fe01000000711003000000000095"], &(0x7f0000000480)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000100)) (async) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x0) (async) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) (async) bpf$MAP_CREATE(0x0, 0x0, 0x50) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) (async) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="e4000000", @ANYRES16=r3, @ANYBLOB="07002abd5248ffdbdf2507ff000008000300", @ANYRES32=r4, @ANYBLOB="0c00990001000c0069000000140004002f6163766c616e3100000000000000000400cc00080005000a"], 0xe4}}, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0) close(r5) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)) (async) r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x8000}, 0x0) (async) ioctl$sock_bt_bnep_BNEPCONNADD(r5, 0x400442c8, &(0x7f00000003c0)={r1, 0x8000, 0x4, "50f0a2ce219460e9fc0f2d04256b563622ebeb6270e35da0db82467a767fc03f02c37c20830ffd9e1c368baae9eec0c9d0b6c879577bb99381b1474e930943ccfb9bf24707863564dce8b6e161492c6869fd3adfeff0123a3f8ce7b6e1077bab4c341dda856092f3d0f2742299c51bc0d4"}) (async) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18020000000000000000000000000000850000002200000085000000050000009500000000000000c3492895246348bf79855db116f785cc6b65"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x46) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r7, 0x0, 0xe, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f4305", 0x0, 0x6f12, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000006, 0x4000010, r0, 0xb8053000) (async) ioctl$SIOCSIFHWADDR(r5, 0x8b18, &(0x7f0000000000)={'wlan1\x00', @random="010000000700"}) (async) ioctl$SIOCSIFHWADDR(r5, 0x8b06, &(0x7f0000000080)={'wlan1\x00', @random="02000000000a"}) 1.375697977s ago: executing program 0 (id=1738): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x12, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="b60a00000000000071113300000000001800000000000000000000003400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 1.280238265s ago: executing program 1 (id=1740): sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x28008040) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[], 0x7c}}, 0x0) sendmsg$RDMA_NLDEV_CMD_STAT_DEL(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4001}, 0x4040) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x14) socket$netlink(0x10, 0x3, 0x7) sendmsg$nl_generic(r1, 0x0, 0x0) sendmsg$inet(0xffffffffffffffff, 0x0, 0x2000c8d0) r2 = socket$packet(0x11, 0xa, 0x300) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f00000004c0)=[{0x28, 0x0, 0x5, 0xfffff034}, {0x80000006, 0x0, 0x12, 0xf9}]}, 0x10) syz_emit_ethernet(0x52, &(0x7f0000000480)=ANY=[@ANYBLOB="0180c2000002aaaaaaaaaaaa08004d03004400670000012190787f00000100000000441cac0000002a96800000000000000500000cf9000000400000005e8903"], 0x0) 1.279373775s ago: executing program 4 (id=1742): bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000001c0)={0xffffffffffffffff, 0xe0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000000)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, &(0x7f0000000040)=[0x0], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x34, &(0x7f00000000c0)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x40, 0x10, &(0x7f0000000100), &(0x7f0000000140), 0x8, 0xa9, 0x8, 0x8, &(0x7f0000000180)}}, 0x10) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x8000, 0x0) syz_genetlink_get_family_id$l2tp(&(0x7f00000002c0), r0) write$cgroup_int(r0, &(0x7f0000000200), 0x12) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x4010, r0, 0x5cea8000) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) socket(0x10, 0x80002, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r1, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faa7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497dad64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6fba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd2310801570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb414c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000a0cc2b89ce1525748ce167cbabb881f060599a6a59f645edca1d5c24b2f6b8c997a8f3e1b7679984a566d98d4d31198ee4c5ea7be0d99cf89bba4a6fd0bec12e7792bec3c5038e13b1982f80cdecd07f8908a983a7c9fb81c2ba7f7e87c991f30e50d1b3bbe4cf2a2f5d4571b6568ada51bc121c9139d2a8e0"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r2}, 0x10) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r3, 0x800448d5, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) r4 = socket$l2tp(0x2, 0x2, 0x73) bind$inet(r4, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x10) connect$inet(r4, &(0x7f0000000200)={0x2, 0x4e22, @local}, 0x10) r5 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000180)="5c00000013006bcd9e3fe3dc4e48aa31086b8703410000004000000000000000040014000d000a00100000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f6", 0x5a}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0) sendmmsg$inet(r4, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0) socket$inet6(0xa, 0x805, 0x0) sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001080)="020000000a55fbc3d774090c4665299c3c1dc8b87fbfe6aa8162fd897f263828a2", 0x21}], 0x1}], 0x1, 0x0) unshare(0x6a000600) socket$rxrpc(0x21, 0x2, 0xa) 1.234782079s ago: executing program 0 (id=1743): r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@gettfilter={0x24, 0x2e, 0x301, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x3}}}, 0x24}}, 0x0) 1.112527583s ago: executing program 2 (id=1744): r0 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) r2 = socket$can_j1939(0x1d, 0x2, 0x7) bind$can_j1939(r2, 0x0, 0x0) bind$can_j1939(r2, &(0x7f0000000040)={0x1d, r1, 0x3, {0x2, 0x1, 0x5}, 0xff}, 0x18) 1.063761575s ago: executing program 1 (id=1745): bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b70000008113b0ffbfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071103600000000001d300500000000004704000001ed00000f030000000000001d44020000000000620a00fe040400007203000000000000e500f7ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a8641aa05a1336b3b4c4becea710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3380d28e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51bf900000000000000d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343cccc953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93020000000000000080e69db384ac7eeedcf2ba3a9508f9d6aba582a896a9f1e096df6ecea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6032399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000002040)=ANY=[@ANYBLOB="a40000000001050500000000000000000a0000003c0002802c00018014000300fc00000000000000000000000000000014000400000000000000000000000088ffffff010c00028005000100000000003c0001800c00028005000100000000002c000180140003002001000000000000000000000000000114000400fc0100000000000000000000000000000800074000000000080015400000000008000840"], 0xa4}}, 0x0) 1.062865854s ago: executing program 0 (id=1746): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x0, &(0x7f0000000040)}, 0x10) bind$bt_hci(r0, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6) 946.725301ms ago: executing program 1 (id=1747): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00', 0x0}) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x24, 0x1, 0x4, 0x5, 0x0, 0x0, {0x0, 0x0, 0x8}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}, @NFULA_CFG_QTHRESH={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x50}, 0x0) r3 = socket$pppl2tp(0x18, 0x1, 0x1) ioctl$SIOCSIFMTU(r3, 0x8922, &(0x7f0000000080)={'erspan0\x00', 0x3}) socket(0x11, 0x800000003, 0x0) r4 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r4, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'}) socket$inet_icmp_raw(0x2, 0x3, 0x1) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000340)=ANY=[@ANYRES64=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', r1, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000001100)=ANY=[@ANYBLOB="1800"/13], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xc, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r5 = socket(0x10, 0x3, 0x0) r6 = socket$alg(0x26, 0x5, 0x0) bind$alg(r6, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(blowfish)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5", 0x4) writev(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f0000000000)="729804819e25bf1576ffe5c12a5207113f19d58313ab", 0x16}], 0x1) r7 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8b04, &(0x7f0000000000)={'wlan0\x00'}) r8 = accept4(r6, 0x0, 0x0, 0x80800) sendmmsg$alg(r8, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="f7", 0x1}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x40084}], 0x1, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000001c0)='kmem_cache_free\x00', r9}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0x17, 0x13, &(0x7f0000000640)=@raw=[@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x10001}}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x10}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @alu={0x4, 0x0, 0x9, 0x1, 0x4, 0x100, 0x4}], &(0x7f0000000700)='GPL\x00', 0x9, 0xf1, &(0x7f0000000740)=""/241, 0x40f00, 0xb, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x8, &(0x7f0000000900)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000940)={0x4, 0x8, 0x46}, 0x10, 0x0, r9, 0x0, &(0x7f0000000580)=[0xffffffffffffffff], &(0x7f0000000b40), 0x10, 0x2, @void, @value}, 0x94) setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10) sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=ANY=[@ANYBLOB="18003800005200010000000018"], 0x18}}, 0x0) r10 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000040)={'tunl0\x00', 0x0}) sendmsg$nl_route_sched(r10, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newqdisc={0x148, 0x24, 0x4ee4e6a52ff56541, 0x0, 0xfffffffe, {0x0, 0x0, 0x0, r11, {0x0, 0xb}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_red={{0x8}, {0x11c, 0x2, [@TCA_RED_STAB={0x104, 0x2, "0a1fb0699d46dac48f29d158dbe8cfb1979e12979688dc039b90627d7b60f0d5ca47f33eed46409b7c8722ce020df6b24c2e6ac7b97dc04d01be2092874115214b1ebb764511f69cd1e9f6263346363d2c639c7667ce67af25166c2f0f85f36aa8867406119c2a6f1f892e31dea982c5ab0348d560eae59ea49ef95d73202a6e3b5e1eb38244e694e7410d33bc92794ad27031f2a19698b51424df36e2a876a4fc871207bf12a84f1d4d132f5bb7edcf2d08d677e6a7268e106b6ced3c7f53df24092ddb9e0fac6a1153c3fc88bfd1404fef22cf3e825a6e19c6a48a5444eabb459af0ec9a278df4011773d2f2e6529ed0ad424b47ec67522477f979360b76d1"}, @TCA_RED_PARMS={0x14, 0x1, {0x3f26, 0x7, 0x81, 0x9, 0xb, 0x14, 0x5}}]}}]}, 0x148}}, 0x4000010) 923.233892ms ago: executing program 0 (id=1748): r0 = socket(0x2, 0x80805, 0x0) r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000020000000800000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x13, r1, 0x1000) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) r3 = socket(0x10, 0x803, 0x0) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r5 = socket(0x400000000010, 0x3, 0x0) r6 = socket$unix(0x1, 0x1, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000400), r5) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r3, 0x84, 0x22, &(0x7f00000000c0)={0x1ff, 0x4, 0x0, 0x2, 0x0}, &(0x7f0000000180)=0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f00000003c0)=[@sack_perm, @window={0x3, 0x80c, 0x4}, @timestamp, @sack_perm], 0x4) getsockopt$inet_sctp6_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f00000001c0)={r8, 0x5}, &(0x7f0000000200)=0x8) sendmsg$nl_route_sched(r3, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newtfilter={0x30, 0x2c, 0xd2b, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r7, {0xf, 0xfff0}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x4}}]}, 0x30}}, 0x24040084) sendmsg$IPSET_CMD_SAVE(r0, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x28, 0x8, 0x6, 0x201, 0x0, 0x0, {0xa, 0x0, 0x9}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x40800}, 0x8) socket$inet_icmp_raw(0x2, 0x3, 0x1) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x7e832, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10) socket$rxrpc(0x21, 0x2, 0xa) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f0000000140)={0x1, [0x0]}, &(0x7f0000000240)=0x8) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000001600)={r9, @in6={{0xa, 0x4e22, 0x1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x1}}, [0x3ff, 0x5, 0x8, 0x8000000000000001, 0x10001, 0x9d, 0x0, 0x6, 0x200, 0x7, 0xfd1, 0x400000000000, 0x6, 0x6, 0x2]}, &(0x7f0000001700)=0x100) 846.268741ms ago: executing program 2 (id=1749): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000280)=ANY=[@ANYRES8=0x0, @ANYRES8=r0, @ANYRES16=r0, @ANYRESOCT=r0, @ANYBLOB="0d3b9eda27557cfb589305c789ac60282b0d37ee17f48fc0cdd429c81124d3d30ff156ffb2f387112e8a459da413ce8eeb5e74819b705293268cff1bd1b5b471ec3b6211c86da7a7619c1b99462d698518215a739c2d06d51087d22eaf16c482c2942d39be01c1a9bf7e285bc54b795a1375655d5d86322f18d358cfd25bdc19a6ed1cababd8dcaae561e11811bcebc69116f177da054a4d88", @ANYRES64=r0, @ANYRES64=r0, @ANYRES64, @ANYRES8=r0, @ANYRES32=r0], 0x20) r1 = socket(0x10, 0x803, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_GET_WOWLAN(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x28}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000000)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@newlink={0x34, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r3, 0x10681, 0x800}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x34}}, 0x20044002) r4 = socket(0x10, 0x803, 0x0) r5 = socket(0x1, 0x803, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r6}, [@IFA_LOCAL={0x14, 0x2, @ipv4}, @IFA_FLAGS={0x8, 0x8, 0x200}]}, 0x34}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[], 0x7c}}, 0x0) 845.084273ms ago: executing program 3 (id=1750): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000a40)=ANY=[@ANYBLOB="020300000e00000028bd7000fdffffff05000600338000000a00000000000000000000000000000000000000000000010000000000000000fbff010000000000fc00020c030000a005000500008000000a"], 0x70}, 0x1, 0x7}, 0x8000) 795.039862ms ago: executing program 2 (id=1751): socket$inet6_tcp(0xa, 0x1, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000060000000000000000008500000007000000850000000e00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)) socket$inet(0x2, 0x4000000805, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(blowfish)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad", 0x1) r1 = accept4(r0, 0x0, 0x0, 0x80800) sendmsg$NL80211_CMD_PEER_MEASUREMENT_START(r1, 0x0, 0x1) recvmsg(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)}, 0x20) r2 = socket$kcm(0x2d, 0x2, 0x0) sendmsg$IPSET_CMD_LIST(r2, &(0x7f00000000c0)={&(0x7f0000000000)={0x2d, 0x0, 0x1f, 0x20}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x40041) socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$packet(0x11, 0x3, 0x300) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="12000000070000000400000002"], 0x50) socket(0xa, 0x3, 0x3a) socket$xdp(0x2c, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009ef0100766c616e00000000180002800c000200200000001f000000060001000000000008000500", @ANYRES32=r3, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB="0a000100000070"], 0x64}}, 0x0) 708.488988ms ago: executing program 0 (id=1752): r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000017000000540006803c0004"], 0x68}, 0x1, 0x0, 0x0, 0x4}, 0x4008014) socket$nl_route(0x10, 0x3, 0x0) 676.512575ms ago: executing program 4 (id=1753): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000140)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x4}}, 0x10) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendto$inet(r0, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast2}, 0x10) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, 0x0, 0x0) r2 = socket(0x200000000000011, 0x4000000000080002, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0) sendto$packet(r2, 0x0, 0x0, 0xc001, 0x0, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_DEL_TX_TS(r4, 0x0, 0x40008c4) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) sendto$inet(r0, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00) 663.260604ms ago: executing program 0 (id=1754): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) r0 = bpf$ITER_CREATE(0xb, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x79, 0x10, 0x64}, [@ldst={0x5}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x22e, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) close(r0) sendmsg$inet(0xffffffffffffffff, 0x0, 0x0) r2 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r2, &(0x7f0000000000)={0x18, 0x0, {0x7, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}, 'geneve0\x00'}}, 0x1e) sendmmsg(r2, &(0x7f00000006c0)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000380)='>', 0x1}], 0x1, &(0x7f00000011c0)=ANY=[], 0x210}}], 0x1, 0x40884) recvmmsg(r2, &(0x7f0000000900)=[{{0x0, 0xfffffffffffffe1f, 0x0}, 0x1}], 0x3fffffffffffd3c, 0x40018003, 0x0) recvmsg$unix(0xffffffffffffffff, 0x0, 0x0) sendmsg$sock(0xffffffffffffffff, 0x0, 0x0) syz_emit_ethernet(0x76, &(0x7f0000000080)={@multicast, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "5e15b1", 0x40, 0x3a, 0x0, @dev, @mcast2, {[], @param_prob={0x4, 0x0, 0x0, 0x0, {0x0, 0x6, "f96959", 0x0, 0x88, 0x0, @private2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [@routing, @dstopts={0x6c}]}}}}}}}, 0x0) r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{0x0}, {&(0x7f0000000580)="d4fa0c511aad03aa5ed217677bc41c027d9c830c439c7f821ddd78b6915cb170e7603acf9e433c2903bb6773f4b0130668a1e5b5e08d21d0b69c28ca3455aed65855c86f3d1e5789d26375a0d85eaf5e92e19c9affcf76e7a94e76556d2b104ebf645747fadc91460f4b3c94e1a89b51be4a6aa4c65285f988329a8163b69c51b801500a5bacd0463976e2960e2679ef2feee5e6ce6bb78a51fb0e15820d13e4a5aa9e0742a6f8d677ad28fea356657bb550c8311b682d9003c82267a15aa7334bc53b65b9119a1a7d905c7dd365b85c230bbad0d5d0a79819e112637819d9a187cfdf782c6127d2d4281926ab0e22f7346b616fe28ed0b9f4a0c9fdac6d3a90a9c38b5e31448a45546388c95045bc22fe88c43b82a0a5d3eb61c238a5159ea98db9c00aeef644ae98a8cb8dffff3b7ba14d7971910b559623af8295", 0x13c}], 0x2, 0x0, 0x48}, 0x0) setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f0000000200)=0x1, 0x4) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94) r5 = socket$inet6_udp(0xa, 0x2, 0x0) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$int_in(r4, 0x5452, &(0x7f0000000240)=0x9) sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0x6c, 0x2, 0x6, 0x201, 0x6000000, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xe, 0x3, 'bitmap:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x24, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @local}}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0x80ffffff}}, @IPSET_ATTR_NETMASK={0x5, 0x14, 0x20}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x6c}}, 0x0) setsockopt$inet6_MCAST_MSFILTER(r5, 0x29, 0x30, &(0x7f0000000780)=ANY=[], 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x3d0af9a79bd53705, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x82000, 0x2, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) setsockopt$MRT_DEL_VIF(r0, 0x0, 0xcb, &(0x7f00000001c0)={0x1, 0x0, 0x4, 0x2, @vifc_lcl_ifindex, @private=0xa010100}, 0x10) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x22, 0x1, 0x0, 0x0, @void, @value}, 0x28) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8b18, &(0x7f0000000000)={'wlan1\x00'}) 587.964138ms ago: executing program 3 (id=1755): socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_GET_COALESCE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="20040000", @ANYRES16, @ANYBLOB="000225bd7000fddbdf25640000000c00"], 0x20}, 0x1, 0x0, 0x0, 0x8050}, 0x44044) sendmsg$IPSET_CMD_RENAME(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="200000000506010200000000000000000a0000"], 0x20}, 0x1, 0x0, 0x0, 0x20004000}, 0x800) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) syz_emit_ethernet(0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="0180c2000003a21428c6c08586dd61bcc1d700006cffd73200002f2bf8000000000000000002000056374f7ef830cbe64fe0ba0000000000000000000000000001f5b5c9ff14cc5c3392895ee071138414f4d694f6aed8110f340f07b8efcc4f341a75360c5a"], 0x0) r0 = socket$inet_mptcp(0x2, 0x1, 0x106) r1 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x25ffffff7}, 0xc) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$l2tp(&(0x7f0000000440), 0xffffffffffffffff) r3 = socket$pppl2tp(0x18, 0x1, 0x1) r4 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r3, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r4, {0x2, 0x0, @dev}, 0x2}}, 0x2e) getsockopt$inet_mptcp_buf(r0, 0x11c, 0x4, 0x0, &(0x7f00000000c0)) r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = socket$inet6(0xa, 0x80002, 0x0) bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0) bind$inet6(r7, 0x0, 0x0) bind$inet6(r6, &(0x7f0000000040)={0xa, 0x4e24}, 0x1c) listen(r6, 0x0) syz_emit_ethernet(0x5e, &(0x7f00000009c0)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1e}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00@\x00', 0x28, 0x6, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x4e24, 0x300, 0x41424344, 0x41424344, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, {[@md5sig={0x13, 0x12, "d4c466fb19f71e96642faa2300"}]}}}}}}}}, 0x0) r8 = socket$nl_route(0x10, 0x3, 0x0) r9 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_wireguard(r8, 0x8933, &(0x7f00000002c0)={'wg2\x00', 0x0}) sendmsg$WG_CMD_SET_DEVICE(r9, &(0x7f0000000340)={0x0, 0x100000, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="80020000", @ANYRES16, @ANYBLOB="05002abd7000fddbdf2501000000080005000100000030020880f400008024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b24000100000000000000000000000000000000000000000000000000000000000000000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff240002001171ee8da334a5099295af229a5d237a7f4102f01f28b34347d6cbbe135d83ec24000100975c9d81c983c8209ee781254b899f8ed925ae9f0923c23c62f53c57cdbf691c0800030007200000240002005da952055e5857d673cddd36909746c80efa3ff95c317de1063db32bc80a0b3e060005000200000008000300030000007800008024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0600050005000000480009801c000080060001000200000008000200ffffffff050003000100000028000080060001000a00000014000200ff02000000000000000000000000000105000300020000003c00008024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b1400040002004e2200000000000000000000000078000080040009800800030002000000200004000a004e2000000005000000000000000000000000000000010400000024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b240002000f1b8b82264208ab1a2dce776c03b9f348f500ef8e7606466943f5ba2ae2881e0c0000800800030006000000060006004e24000008000100", @ANYRES32=r10, @ANYBLOB="240003"], 0x280}, 0x1, 0x0, 0x0, 0x4000}, 0x40) sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f0000000400)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2848820}, 0xc, &(0x7f00000003c0)={&(0x7f0000000240)={0x6c, 0x0, 0x100, 0x70bd28, 0x25dfdbfe, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg2\x00'}, @WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e20}, @WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @c}, @WGDEVICE_A_FLAGS={0x8, 0x5, 0x1}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0xb}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0x7fffffff}]}, 0x6c}, 0x1, 0x0, 0x0, 0x8c0}, 0x24040051) 435.929595ms ago: executing program 4 (id=1756): mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000300)={r0, 0xffffffffffffffff}, 0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x11, 0x10, &(0x7f00000003c0)=@framed={{}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x8, 0xfff0, 0x40000000}, {}, {}, {0x7, 0x1, 0xb, 0x4, 0xa, 0x0, 0xf8}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}]}, &(0x7f0000000240)='GPL\x00', 0x4, 0x1005, &(0x7f00000014c0)=""/4101, 0x0, 0xc, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 400.85937ms ago: executing program 1 (id=1757): socket$packet(0x11, 0x2, 0x300) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000072000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000740)=ANY=[@ANYRES32, @ANYRES32, @ANYRES64=r0, @ANYRES64=0x0, @ANYBLOB="ed"], 0x20) 352.346286ms ago: executing program 2 (id=1758): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x0, &(0x7f0000000040)}, 0x10) bind$bt_hci(r0, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6) 288.900876ms ago: executing program 3 (id=1759): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x12, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="b60a00000000000071113300000000001800000000000000000000003f00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 282.235472ms ago: executing program 1 (id=1760): r0 = socket$netlink(0x10, 0x3, 0xa) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETRULE(r2, 0x0, 0x0) unshare(0x62040200) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r3, 0x107, 0xa, 0x0, 0x0) r4 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="20000000520001000000000000000000020000000c00", @ANYRES16=r4], 0x20}}, 0x0) setsockopt$packet_rx_ring(r3, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0xfffffffc, 0xff, 0x80000000}, 0x1c) r5 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000200)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x8a}, 0x9c) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x10}}, 0x0) bind$inet6(r5, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r6 = socket$can_j1939(0x1d, 0x2, 0x7) setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r6, 0x84, 0x4, 0x0, 0x0) sendto$inet6(r5, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) shutdown(r5, 0x2) shutdown(r1, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x72a, 0x0, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4800000010001fff00"/20, @ANYBLOB="a1800000000053a230151280090001007665746800000000180002801400010000000000", @ANYRES32=0x0, @ANYBLOB="204c020000000000"], 0x48}}, 0x0) 243.92697ms ago: executing program 2 (id=1761): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000280)=ANY=[@ANYRES8=0x0, @ANYRES8=r0, @ANYRES16=r0, @ANYRESOCT=r0, @ANYBLOB="0d3b9eda27557cfb589305c789ac60282b0d37ee17f48fc0cdd429c81124d3d30ff156ffb2f387112e8a459da413ce8eeb5e74819b705293268cff1bd1b5b471ec3b6211c86da7a7619c1b99462d698518215a739c2d06d51087d22eaf16c482c2942d39be01c1a9bf7e285bc54b795a1375655d5d86322f18d358cfd25bdc19a6ed1cababd8dcaae561e11811bcebc69116f177da054a4d88", @ANYRES64=r0, @ANYRES64=r0, @ANYRES64, @ANYRES8=r0, @ANYRES32=r0], 0x20) r1 = socket(0x10, 0x803, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_GET_WOWLAN(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x28}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000000)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@newlink={0x34, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r3, 0x10681, 0x800}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x34}}, 0x20044002) r4 = socket(0x10, 0x803, 0x0) r5 = socket(0x1, 0x803, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r6}, [@IFA_LOCAL={0x14, 0x2, @ipv4}, @IFA_FLAGS={0x8, 0x8, 0x200}]}, 0x34}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[], 0x7c}}, 0x0) 156.347967ms ago: executing program 4 (id=1762): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000240)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x17, 0x17, &(0x7f0000000080)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x301}, {}, {0x85, 0x0, 0x0, 0x11}}, {}, [@printk={@p, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5}, {0x7, 0x0, 0x2}, {}, {}, {0x25}}], {{0x6, 0x1, 0xb, 0x1, 0x9, 0x0, 0x4800000}, {0x5}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff7, @void, @value}, 0x94) 156.051396ms ago: executing program 3 (id=1763): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0xffffffffffffffde, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000000}}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x0, @in=@broadcast, 0x0, 0x0, 0x3}]}]}, 0xfc}}, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000008c0)=ANY=[@ANYBLOB="84010000210001000000000000000000fc02000000000000000000000a000000fe80000000000000000000000000003500000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000034011100ac14140c000000000000000000000000fc000000000000000000000000000001fc020000000000000000000000000000fe8000000000000000000000000000aaff0000000200000002000a00ac1414aa000000000000000000000000fe8000000000000000000000000000aa00000000000000000000000000000000ff020000000000000000000000000001ff020000003500000a000800ac1414bb000000000000000000000000fc02000000000000000000000000000064010102000000000000000000000000fe8000000000000000000000000000323c"], 0x184}}, 0x0) 82.048175ms ago: executing program 2 (id=1764): r0 = socket$inet(0x2, 0x1, 0x100) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x11, 0x0, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) mkdirat$cgroup(r1, &(0x7f0000000a00)='syz0\x00', 0x1ff) setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f0000000140)={0x10, {{0x2, 0x4e24, @broadcast}}}, 0x88) syz_emit_ethernet(0x56, &(0x7f00000000c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000e000d080000e004020000d01d920c6964076e4dade375df7194f64c1fc8fd85d41ddf15eb78b546d89eabfe44301cded0ca7a5a5b236ef7a14cded1bf7794931ad974ce9ae3bc079651"], 0x0) socket$inet(0x2, 0x1, 0x100) (async) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) (async) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) (async) sendto$inet(r0, 0x0, 0x0, 0x11, 0x0, 0x0) (async) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30) (async) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async) mkdirat$cgroup(r1, &(0x7f0000000a00)='syz0\x00', 0x1ff) (async) setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f0000000140)={0x10, {{0x2, 0x4e24, @broadcast}}}, 0x88) (async) syz_emit_ethernet(0x56, &(0x7f00000000c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000e000d080000e004020000d01d920c6964076e4dade375df7194f64c1fc8fd85d41ddf15eb78b546d89eabfe44301cded0ca7a5a5b236ef7a14cded1bf7794931ad974ce9ae3bc079651"], 0x0) (async) 51.375726ms ago: executing program 3 (id=1765): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newtaction={0x1280, 0x32, 0xffff, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x1300}, [{0x4}, {0x1178, 0x1, [@m_sample={0x1060, 0x6, 0x0, 0x0, {{0xb}, {0x34, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PARMS={0x18, 0x2, {0xd, 0x4, 0x20000000, 0x6, 0x80}}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x7, 0x5, 0xffffffffffffffff, 0x78}}]}, {0x1002, 0x6, "6dbe0c32057f945e664072936e0cdb0ec9ddf25ea1faf51755a637bdcb2a050f82f014b4cb89c0ded14571a4017eaa1eb65de69b380d370de8152ade547a1bfe72b4d1088eedd6d71c83e1d046271bb1212648d78469eeca96d7310f2c797328db6a422dd492fd66466cd9da87c527f7349a9db03aacbd74c0762257a3b28ab4e26b262f2e56e3a579d3f98a7c3451726fc52741f0a195bf2e6ebda99b2d017b610c5cc723e7146bb22a0fdc5e356f6c79dd219f8e81d3ab6f080f88b7ce169cb3faccf7545ac452879d13a3613e43660c2d43634cd55ab382e7660b06346042e51622ecdd8a8317d7baaf9b4abaf4371f0972eb2a78219c77f747878da8ad0a54c58ad57a1ef075deaef90dd53355083aa7cc08006821aef9ef35ff351acc218d0fbab1eeaf6baae7f3bcce9994b2f4c3a89203feb8e9ed820961250bb4986d4271c20fb6d0aa16d5ffb5ad740eb57dfcd67b5a59bd628c0d6d47c5351b7280568a3ca545c8a169bd428d177ff71240269fe9b7a3202ee22980456c6873d60efec0bb3d8ebdd5924b33e12f88c4a6265e246a9000bee2a49d3a0bf2be369d5dbf8b09c54449ae5f68e8274749b486f05d553022b4cd16049ad3c6292dc45121d47ac4704496db4f43ffc08a12316e31c1028ba04e070bd60d758431cf22e0ea40bffcc6fbe0bb353e234f9b1b900e5875e6e8840b3ae3c27d59a514e0a28b5b761453d0cb96cfa6bf25db3b8a94c06f947169cc999801fb0bbe43b200830328c687b1f849fc2e4c43883e2b292b23330849b94b84fda382b88492dcea01d18d790c87e686a4a4a9d7b83de998c09cfbe2e66d5d54ea7edb9176d18fc6ba1f223b090981daee1bc9cc7f01b6d2112a3b5d48e8dda03be0f710f5005842850695313b53b54164ffff279b2547ea12918d6be45cf44ac6cbbea8751235aaa3c218db302df97dd795ff287f0a511ad9e8be8308628e2e3313443799f854c1bddd615ba08204b4b2335d7074ae4dee55bb85bb712bff1d020a9bc66656643c9de5509de731baf631ac84aa07ff0166209450af6701ed6891a0eaa4fccdebc91c0c6f65d1ae0b6b20a695ed8c35034a500e053998b3e1529f413eaeceae9209a030736a6069be265deb88981f61a4f043e9105509ebfdcea3afb034a99444608a6e084a2b3597d607157b3c6720dc96de38f196ebf7b25ea7411ba11e40ca9146cbf1c06cbce87c45605c8a8b83a7c31bc359ca081109eafb9d15b8027f37d19f32b74b18f9d68d0be5c7eaccc399ecf47ac93dc43e526d2a51810989c030fc8280d3fe2ef412c4f5dca1be5d2387445f21bfef578b86b6e063a26c6f45406d8c593e49bfaea857d09dd187c4b1784cd4fe040044582624e3945ddeb6e117c0c564b94677afb9bdf39456cfa795de28e3c4447507783278d9d54abeb5f9be37037e54dbb82c463616f108d2cc44169f4f0c69c595f462d982244169b3b563c79b71e27ffd09f8782eee853e6f58c1c377d2f275f500b7c53134f8fe1d5030c6d12d29d051d0e7de89d9eed38445afd56ee3e3ef32af41d2b9ca92d5e27b017e223aaf05e9bcc2482d4e00407c59ca5f51b560632a3955807d406b1bcd3d842ac74389e17b015a051848e09df72ea862f5d23b0105637ed4318d9e4c7da9ad9bbe82f4d5c5aac5f611d4283a467259f1987e62ba6b8c48fd43d16e178fede94163825cc8f8d86575d1aa2f226e26175197c8b786319d4ee437c8adc6871df3fd52692f3f54f9998b23e3bcf903fecb295252d09ea26bf97f88b13dcce2dd4082ebfb9f74a301f5090dd8fdc9c907139720c2015c3e465b79495b28a2cb2005d47db068094899a9140ddf94b51701a3b983202d54aafd26fa83cab5eb95d4955ea9c86fdaa7aff7e971b5dffffd1fb6515b22dd90d13e39787e737deaa16f0fcbe1de49b59d3e1a61784eb71e0be6c5518d287347b9ca0f61896cfdceef0f636b8fc520c1cce85fb36c06d98a7c722ec714d79993cd78cffeb5c97c8a323c8e33d0fd1d66369c3a85e9acca056c5a408cd3af18dfcd77086d372c75467a11049fbc8a3ecf7753088e5da05cf99a36b00505bd4c65da02c36012e66332a1a5f8b6844f14cf80082a59c9feb37a8a210ae7771ca7f47ea667c4dca5ec45ba33fa4eaa2650fe92b530ef5c296f9aef6921a0a3abebf6ff2ab7d66db0456d0e0974a0f15e0bc10be79d2c161be3ed53436cd9d281b1ac626ebe8ca96bbd4b972ec1681d3c67a50463ba198fd9995c8174fd7823ed3e7752da28d1bebc7495f9bc57bacfaffd95bd18744f6986464a2fb70f5ed84ba3dea900179c85b9b76ad36fad61c370a77151b2433d500fab6c27b0d2da3e823b16c284ad91e86504f6dbad39fff53da7ea63b45759d7a39d00d0e111fc17b4ec4f15786ff34f7b82ac816dd963c683b5029c8fbf36bb386df2a0457055551dee6908ccd486cfc9bb29371e6178488e9fc8663507dba8f2845a604a07ed89bf501933fedc5be7684a302338bcc86a6bf26c9e439d799805df32b8132493cc0de1bc8adbb273c0ca40ff87d8ab85220073e3cf659f89809dd2b394265a0c69a9e43d5e59cbd4f4c4e26a0a4641bf4302c006a6fbf9e26f6564c149625814bbeddb0911fde243cbcca57b3ac1f6e874c262e27848e336a9bc853d9c0c54777dd10c3cdc1991beab9228126a358c8c0f4155eb785215247c1a6fcf6c77283182f0c4526e77adc60705fa4041bc0f7ba3ad5ce2c6ba6d1f47c764021692ff9421d2ce79299d2dd5cd558e3e70dfadf3da606a8a8d30dae74107998d9247bf668b3acb6ecdabf149a3b8065d0103b0001b75deba516880418da854389c65e6754fe2226c413633bda5257db696ee7dd8eaa62587b66d84c608b16db78a64c49078824bbfe4a7b0d5a60d4c5943bcb2e11d0bdc5810936a10131cc4db3638ddb0436f654ee592c5b170e3cf73588cdddf5c7d78644588b295d3a73f6c8c152eb9dbeaf63eac0dbfd6875bab1ef444b1023a0beb6ebe41ed3f6c3a6795e55b619a935fb9620c301f50e6ee2a944610ad46d5899217237a46a8d98e7f7b56d70e5e0ec1edb75a36dfbe8f3a6506fe2de0466ee995c8b629913c9fa1627bb53e343269e225afbcee8b2cdbbb5d5ebf6d4ccf441f688c919dec965b149fbdf67f3d853e7e3f148aa5cc60a1f9726dfc40a882d633ab1c2010e942584f252d0ed4deee82568ba03efffa68a6929f2fe6d565dcb3f7cc852198900b6042264d98a7eb958dd7f63b002560d4418a5eef2463c78b142d85e74fa4de6b0d14ffec9eb41207fe0c74e525e51939dacf46fbfa97b0263ee237cc83ed6e6ea4f53d2fbe6079679ead96ab6322e49afd1ed862a449de9824ce569482498758db668e633219d77d0f1bc7764a71b5ae09ad3aee6d90e1849a074389c7acba9fedb8a2bebba11d16efbac6f171ef4f3b6dbbf98ac297975260cec794b254194e24f4fbaf6956429b3349f2a6c6996c5c09451d9c3dab27a8f5cbc49ef7a02434e861f9f96b13e4caa1515c44a6235c982884270af2820c4dc7936ab767a0ca497a11c8dee425712b729b851a93cdd6f047539066ea1d50829cdf39515aac1e41300b95b5c1e56a87ae8171f5224e6d5e61ee80962c459ac6f5f762846bda0da2dbdb18f037e3c952c6df9c529340ed8223137101f04fb42d7ddcc6c64ea526a7e12e07e361e00c0008604f7803b6aa139421acd41d3c38640ec4344d19e7e8ec4c6bd562c669da561b708d3b3c321f2d6527c0d220e4faf589ec73d809b482c8cacd8870274b4024f30055281b8d5e2a83bd2cfa4b99807993671f0c7a238423e3ac28869ff051723c560d73a2722ba0aacf12f0f31a597ca71fb8b1e8b4d8d99770da02f89f46ba08ae2dd0cf16f10a2313f6400a1859ba53346980bfeccc3526a8007de201e01a0eb44ac4ee465e5a83e017c60cc46bdf1408643b44250a7692aacf45a41e50b964c18ef63fe5d8f9fd8d6954230eb5afa7170e03930fe4c97201ab76166acbd944340bed29383aaf9c4d481531e065a08571fbbc637c8246d148417fd5ce3d3784087d05c5480ecc39815dedb9c6bcc0f8d5e6701094c20b56bb6f447b09d1c63c04ff35727abb2976aa5afac68ef5ee83a058dcdf1a9e2c4265145e8632ecf801fdd298bd23ed5c9811c98207d7727f062bcdd9168afc0220c1ecea5ac4001f262a13822e5ebe8241bb0fcdcf7d88754193eb8fbd29ca060638324509ca9869986f9603229d62e186d15e4892d923e1c24b37f47c89b6dfc3c5d1b1e1272f49741a25da6f0e2739f12032c315795341e9d549fd190794824e7f8f811d4e609f2907af2bd4b08113bbaf460cf1cbc7468528608596641ac15bf687d46708d85601035cb426efa80d4e990b9ef923b7926caeec728df481b5c0652c2c3aa30bd83b0b8c8f8a396dca9961af2b9d2550da16bd5ad7b2e48a3fd8ce361fd3244e6b4169cb09be7ef223fad6529c8916cfc6bd9f896b0f801d96048f9b92de8fe0bbce1ff3eb1dcc9cc240b36604ae3a6069d4c8c4203ee3cbcf8a9ff52b6314d87bdf55a3d18fc19e9024cc950a2693290fe45b772d69174a0aee171dd636aad4a3e6cece27c2dc57302ec60a522903c021560c47a0b7a5662daf0f418693d3fe16e218735382dab4399cf0c01c4a62a1c3b193279ffef4310ae51aa6d2b366ec8f97f649eb7044a83f52616f829b77cb07bee2b898dfac89188496b23fab3786cff4b2f82f9c876f3ed4513692edc1c22c8a6b831ba0f225ceb64e17ee9fda3dc547b773dbb9ec4e0595d82c38f1a6821fe19f46d0b495afff7468a6534aeddfb49ca4b39abd8ade87cd42225a2d89d3f582506c5e19a3476524a64d680655ef14fbc98cb2a34a2fb9e44da4cc72442f662dcadc5668a0136e0b82333cd3ec71e47251ce89694db00450e88daef21fd4d150c6c6b46552cdf44b94111113f75a6614e391eaa72541c1b44911e3642c9857443eabad42600999964325918516fbc11f28a504c4a501fe3e7991495e06520542aff18ade7eddd4fb88db1be14b82c8edc41656fdbd7773c6f4e776503cdc2d22828607153b4bae7785a6784d33e0647655e5db35418e10eae3de4519ce18491a2ca775b852673203a60218b91c0a3646b046f32ac82c17efe8112d67f21b269b90b58ce34d6f9d84245949875145ac2690ca1b8136a96bafbb75971f113364ddfc294afed84c397e54168a6205dfd5f9de04934ec1b195fe3044478cbee75cc2e83c19a725ffef1e1179df6f7d1c6b71b9596790d56aaccfbaaed06124c688a1cc29806ef38c89d3870760d2408b163b1bd084325775c7cb9e309b27e3be18059d4fa06ac5bc46504fdbf07344e76777372ac97adf23494cfc47d3cce580d08ae349e4e88f748c9e34a4f55e3681325ae581814b7c0f02a1919302ae0b5b662465f2806d48c7658ae3ca1e2024dfc2fcf1aa48e36c6c797582d7d07b0d553671bdf59c809c6e3e1f2b69721817e5fa618e8029506d8c0323c3c34d7b5bdfbbca6d4f45e75bd3123195bbc5935482b21de47c26d18b8dc1fff3a7f5c05358048ede29a9c80a4e2d0261fa20cfa6e12817d52cc6d26d16218ab5e6044c24326a407cfaa586739067e4161ee421c9842e1335c4f506f62b94c84b496b85f29cfe0ab88a0efc40d5df15760ef8be41d9632c5566e70b4c7a59cbf6e134e9a6360d67a87ae9287abc9a6d190636f017f7bae19150f3eb997ea193f41c4d34a3ab1431"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1}}}}, @m_mpls={0x114, 0x1a, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0xfff, 0x3, 0x10000000, 0x6, 0x10001}, 0x2}}]}, {0xcb, 0x6, "786a1c27aa53185ea82e41878cfedea599fd24cd80e0c34d025fcf9907180b0b017081a535a3eb91611c3a0546a66cf429a1b7cf5973ba5eea561a3810e0a613efe7effb55be4be51839a019c78dcea020565b781b8670246db28b7f50f64386d73cf01fbfc9c2a7437593afb92194d1bcca9ec38fd5d40b44a5ab849b8a0d2d0af2a5b65f569f65bf5785f9aee180443ac97b2fec6b3bc8abda10bbcab26093f5d873b9a21eabf718ea899db20cd38cca510e1dce8bbb1d68d3391de979509a3f86c66bbf4cd9"}, {0xc}, {0xc, 0x8, {0x4, 0x3}}}}]}, {0xf0, 0x1, [@m_connmark={0xec, 0x12, 0x0, 0x0, {{0xd}, {0x4}, {0xba, 0x6, "0e38e15ca6d3fef99c770d2bd464dbb730e3181f008db0f464483272613196c9c4597cd2372c2fe1327d96dfeccffecd96af871e77e7027ed8288c4f103afa59943a647953be2bd4e2518ad6e89c52a53cc3dd8bdb49fc001226e66bcc588040c4bc150bbcd7da59ef0e043bef9333d03793a36017552415cf2da2b87f9c1693d2ade696aadcd3eb1abc8c8c1c72d2d67810ae95e6cc686c34bcabe611c23c3b41f4d2e996a25c790754e36614b1ed437f51e8fc7859"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x1280}}, 0x0) socket$inet6_mptcp(0xa, 0x1, 0x106) r1 = socket$nl_generic(0x10, 0x3, 0x10) socket$unix(0x1, 0x1, 0x0) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000500), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_FEATURES_SET(r3, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000380)=ANY=[@ANYBLOB='%\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000c00000004000380"], 0x18}}, 0x0) sendmsg$ETHTOOL_MSG_DEBUG_SET(r1, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e00000000000000000018000280080002001100000004000100080004"], 0x44}, 0x1, 0x0, 0x0, 0x10}, 0x8090) r5 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=@newqdisc={0x58, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r7, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0x3}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x9, 0x4, 0x5, 0x5, 0x7, 0x7, 0x3, 0x4, 0x3}}}}]}, 0x58}}, 0x44080) sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000300)=@newqdisc={0x38, 0x24, 0xd0f, 0x70bd29, 0x0, {0x60, 0x0, 0x0, r7, {}, {0xe, 0xa}, {0x2, 0x10}}, [@qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0x9}}]}, 0x38}, 0x1, 0x0, 0x0, 0x55}, 0x4000) sendmsg$IPCTNL_MSG_EXP_NEW(r5, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000000020103000000000000000002000008240002800c000280050001002f000000060003090000000000000001000008000840000000ee"], 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x8000) 0s ago: executing program 4 (id=1766): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newtaction={0x127c, 0x32, 0xffff, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x1300}, [{0x4}, {0x1174, 0x1, [@m_sample={0x105c, 0x6, 0x0, 0x0, {{0xb}, {0x34, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PARMS={0x18, 0x2, {0xd, 0x4, 0x20000000, 0x6, 0x80}}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x7, 0x5, 0xffffffffffffffff, 0x78}}]}, {0x1000, 0x6, "6dbe0c32057f945e664072936e0cdb0ec9ddf25ea1faf51755a637bdcb2a050f82f014b4cb89c0ded14571a4017eaa1eb65de69b380d370de8152ade547a1bfe72b4d1088eedd6d71c83e1d046271bb1212648d78469eeca96d7310f2c797328db6a422dd492fd66466cd9da87c527f7349a9db03aacbd74c0762257a3b28ab4e26b262f2e56e3a579d3f98a7c3451726fc52741f0a195bf2e6ebda99b2d017b610c5cc723e7146bb22a0fdc5e356f6c79dd219f8e81d3ab6f080f88b7ce169cb3faccf7545ac452879d13a3613e43660c2d43634cd55ab382e7660b06346042e51622ecdd8a8317d7baaf9b4abaf4371f0972eb2a78219c77f747878da8ad0a54c58ad57a1ef075deaef90dd53355083aa7cc08006821aef9ef35ff351acc218d0fbab1eeaf6baae7f3bcce9994b2f4c3a89203feb8e9ed820961250bb4986d4271c20fb6d0aa16d5ffb5ad740eb57dfcd67b5a59bd628c0d6d47c5351b7280568a3ca545c8a169bd428d177ff71240269fe9b7a3202ee22980456c6873d60efec0bb3d8ebdd5924b33e12f88c4a6265e246a9000bee2a49d3a0bf2be369d5dbf8b09c54449ae5f68e8274749b486f05d553022b4cd16049ad3c6292dc45121d47ac4704496db4f43ffc08a12316e31c1028ba04e070bd60d758431cf22e0ea40bffcc6fbe0bb353e234f9b1b900e5875e6e8840b3ae3c27d59a514e0a28b5b761453d0cb96cfa6bf25db3b8a94c06f947169cc999801fb0bbe43b200830328c687b1f849fc2e4c43883e2b292b23330849b94b84fda382b88492dcea01d18d790c87e686a4a4a9d7b83de998c09cfbe2e66d5d54ea7edb9176d18fc6ba1f223b090981daee1bc9cc7f01b6d2112a3b5d48e8dda03be0f710f5005842850695313b53b54164ffff279b2547ea12918d6be45cf44ac6cbbea8751235aaa3c218db302df97dd795ff287f0a511ad9e8be8308628e2e3313443799f854c1bddd615ba08204b4b2335d7074ae4dee55bb85bb712bff1d020a9bc66656643c9de5509de731baf631ac84aa07ff0166209450af6701ed6891a0eaa4fccdebc91c0c6f65d1ae0b6b20a695ed8c35034a500e053998b3e1529f413eaeceae9209a030736a6069be265deb88981f61a4f043e9105509ebfdcea3afb034a99444608a6e084a2b3597d607157b3c6720dc96de38f196ebf7b25ea7411ba11e40ca9146cbf1c06cbce87c45605c8a8b83a7c31bc359ca081109eafb9d15b8027f37d19f32b74b18f9d68d0be5c7eaccc399ecf47ac93dc43e526d2a51810989c030fc8280d3fe2ef412c4f5dca1be5d2387445f21bfef578b86b6e063a26c6f45406d8c593e49bfaea857d09dd187c4b1784cd4fe040044582624e3945ddeb6e117c0c564b94677afb9bdf39456cfa795de28e3c4447507783278d9d54abeb5f9be37037e54dbb82c463616f108d2cc44169f4f0c69c595f462d982244169b3b563c79b71e27ffd09f8782eee853e6f58c1c377d2f275f500b7c53134f8fe1d5030c6d12d29d051d0e7de89d9eed38445afd56ee3e3ef32af41d2b9ca92d5e27b017e223aaf05e9bcc2482d4e00407c59ca5f51b560632a3955807d406b1bcd3d842ac74389e17b015a051848e09df72ea862f5d23b0105637ed4318d9e4c7da9ad9bbe82f4d5c5aac5f611d4283a467259f1987e62ba6b8c48fd43d16e178fede94163825cc8f8d86575d1aa2f226e26175197c8b786319d4ee437c8adc6871df3fd52692f3f54f9998b23e3bcf903fecb295252d09ea26bf97f88b13dcce2dd4082ebfb9f74a301f5090dd8fdc9c907139720c2015c3e465b79495b28a2cb2005d47db068094899a9140ddf94b51701a3b983202d54aafd26fa83cab5eb95d4955ea9c86fdaa7aff7e971b5dffffd1fb6515b22dd90d13e39787e737deaa16f0fcbe1de49b59d3e1a61784eb71e0be6c5518d287347b9ca0f61896cfdceef0f636b8fc520c1cce85fb36c06d98a7c722ec714d79993cd78cffeb5c97c8a323c8e33d0fd1d66369c3a85e9acca056c5a408cd3af18dfcd77086d372c75467a11049fbc8a3ecf7753088e5da05cf99a36b00505bd4c65da02c36012e66332a1a5f8b6844f14cf80082a59c9feb37a8a210ae7771ca7f47ea667c4dca5ec45ba33fa4eaa2650fe92b530ef5c296f9aef6921a0a3abebf6ff2ab7d66db0456d0e0974a0f15e0bc10be79d2c161be3ed53436cd9d281b1ac626ebe8ca96bbd4b972ec1681d3c67a50463ba198fd9995c8174fd7823ed3e7752da28d1bebc7495f9bc57bacfaffd95bd18744f6986464a2fb70f5ed84ba3dea900179c85b9b76ad36fad61c370a77151b2433d500fab6c27b0d2da3e823b16c284ad91e86504f6dbad39fff53da7ea63b45759d7a39d00d0e111fc17b4ec4f15786ff34f7b82ac816dd963c683b5029c8fbf36bb386df2a0457055551dee6908ccd486cfc9bb29371e6178488e9fc8663507dba8f2845a604a07ed89bf501933fedc5be7684a302338bcc86a6bf26c9e439d799805df32b8132493cc0de1bc8adbb273c0ca40ff87d8ab85220073e3cf659f89809dd2b394265a0c69a9e43d5e59cbd4f4c4e26a0a4641bf4302c006a6fbf9e26f6564c149625814bbeddb0911fde243cbcca57b3ac1f6e874c262e27848e336a9bc853d9c0c54777dd10c3cdc1991beab9228126a358c8c0f4155eb785215247c1a6fcf6c77283182f0c4526e77adc60705fa4041bc0f7ba3ad5ce2c6ba6d1f47c764021692ff9421d2ce79299d2dd5cd558e3e70dfadf3da606a8a8d30dae74107998d9247bf668b3acb6ecdabf149a3b8065d0103b0001b75deba516880418da854389c65e6754fe2226c413633bda5257db696ee7dd8eaa62587b66d84c608b16db78a64c49078824bbfe4a7b0d5a60d4c5943bcb2e11d0bdc5810936a10131cc4db3638ddb0436f654ee592c5b170e3cf73588cdddf5c7d78644588b295d3a73f6c8c152eb9dbeaf63eac0dbfd6875bab1ef444b1023a0beb6ebe41ed3f6c3a6795e55b619a935fb9620c301f50e6ee2a944610ad46d5899217237a46a8d98e7f7b56d70e5e0ec1edb75a36dfbe8f3a6506fe2de0466ee995c8b629913c9fa1627bb53e343269e225afbcee8b2cdbbb5d5ebf6d4ccf441f688c919dec965b149fbdf67f3d853e7e3f148aa5cc60a1f9726dfc40a882d633ab1c2010e942584f252d0ed4deee82568ba03efffa68a6929f2fe6d565dcb3f7cc852198900b6042264d98a7eb958dd7f63b002560d4418a5eef2463c78b142d85e74fa4de6b0d14ffec9eb41207fe0c74e525e51939dacf46fbfa97b0263ee237cc83ed6e6ea4f53d2fbe6079679ead96ab6322e49afd1ed862a449de9824ce569482498758db668e633219d77d0f1bc7764a71b5ae09ad3aee6d90e1849a074389c7acba9fedb8a2bebba11d16efbac6f171ef4f3b6dbbf98ac297975260cec794b254194e24f4fbaf6956429b3349f2a6c6996c5c09451d9c3dab27a8f5cbc49ef7a02434e861f9f96b13e4caa1515c44a6235c982884270af2820c4dc7936ab767a0ca497a11c8dee425712b729b851a93cdd6f047539066ea1d50829cdf39515aac1e41300b95b5c1e56a87ae8171f5224e6d5e61ee80962c459ac6f5f762846bda0da2dbdb18f037e3c952c6df9c529340ed8223137101f04fb42d7ddcc6c64ea526a7e12e07e361e00c0008604f7803b6aa139421acd41d3c38640ec4344d19e7e8ec4c6bd562c669da561b708d3b3c321f2d6527c0d220e4faf589ec73d809b482c8cacd8870274b4024f30055281b8d5e2a83bd2cfa4b99807993671f0c7a238423e3ac28869ff051723c560d73a2722ba0aacf12f0f31a597ca71fb8b1e8b4d8d99770da02f89f46ba08ae2dd0cf16f10a2313f6400a1859ba53346980bfeccc3526a8007de201e01a0eb44ac4ee465e5a83e017c60cc46bdf1408643b44250a7692aacf45a41e50b964c18ef63fe5d8f9fd8d6954230eb5afa7170e03930fe4c97201ab76166acbd944340bed29383aaf9c4d481531e065a08571fbbc637c8246d148417fd5ce3d3784087d05c5480ecc39815dedb9c6bcc0f8d5e6701094c20b56bb6f447b09d1c63c04ff35727abb2976aa5afac68ef5ee83a058dcdf1a9e2c4265145e8632ecf801fdd298bd23ed5c9811c98207d7727f062bcdd9168afc0220c1ecea5ac4001f262a13822e5ebe8241bb0fcdcf7d88754193eb8fbd29ca060638324509ca9869986f9603229d62e186d15e4892d923e1c24b37f47c89b6dfc3c5d1b1e1272f49741a25da6f0e2739f12032c315795341e9d549fd190794824e7f8f811d4e609f2907af2bd4b08113bbaf460cf1cbc7468528608596641ac15bf687d46708d85601035cb426efa80d4e990b9ef923b7926caeec728df481b5c0652c2c3aa30bd83b0b8c8f8a396dca9961af2b9d2550da16bd5ad7b2e48a3fd8ce361fd3244e6b4169cb09be7ef223fad6529c8916cfc6bd9f896b0f801d96048f9b92de8fe0bbce1ff3eb1dcc9cc240b36604ae3a6069d4c8c4203ee3cbcf8a9ff52b6314d87bdf55a3d18fc19e9024cc950a2693290fe45b772d69174a0aee171dd636aad4a3e6cece27c2dc57302ec60a522903c021560c47a0b7a5662daf0f418693d3fe16e218735382dab4399cf0c01c4a62a1c3b193279ffef4310ae51aa6d2b366ec8f97f649eb7044a83f52616f829b77cb07bee2b898dfac89188496b23fab3786cff4b2f82f9c876f3ed4513692edc1c22c8a6b831ba0f225ceb64e17ee9fda3dc547b773dbb9ec4e0595d82c38f1a6821fe19f46d0b495afff7468a6534aeddfb49ca4b39abd8ade87cd42225a2d89d3f582506c5e19a3476524a64d680655ef14fbc98cb2a34a2fb9e44da4cc72442f662dcadc5668a0136e0b82333cd3ec71e47251ce89694db00450e88daef21fd4d150c6c6b46552cdf44b94111113f75a6614e391eaa72541c1b44911e3642c9857443eabad42600999964325918516fbc11f28a504c4a501fe3e7991495e06520542aff18ade7eddd4fb88db1be14b82c8edc41656fdbd7773c6f4e776503cdc2d22828607153b4bae7785a6784d33e0647655e5db35418e10eae3de4519ce18491a2ca775b852673203a60218b91c0a3646b046f32ac82c17efe8112d67f21b269b90b58ce34d6f9d84245949875145ac2690ca1b8136a96bafbb75971f113364ddfc294afed84c397e54168a6205dfd5f9de04934ec1b195fe3044478cbee75cc2e83c19a725ffef1e1179df6f7d1c6b71b9596790d56aaccfbaaed06124c688a1cc29806ef38c89d3870760d2408b163b1bd084325775c7cb9e309b27e3be18059d4fa06ac5bc46504fdbf07344e76777372ac97adf23494cfc47d3cce580d08ae349e4e88f748c9e34a4f55e3681325ae581814b7c0f02a1919302ae0b5b662465f2806d48c7658ae3ca1e2024dfc2fcf1aa48e36c6c797582d7d07b0d553671bdf59c809c6e3e1f2b69721817e5fa618e8029506d8c0323c3c34d7b5bdfbbca6d4f45e75bd3123195bbc5935482b21de47c26d18b8dc1fff3a7f5c05358048ede29a9c80a4e2d0261fa20cfa6e12817d52cc6d26d16218ab5e6044c24326a407cfaa586739067e4161ee421c9842e1335c4f506f62b94c84b496b85f29cfe0ab88a0efc40d5df15760ef8be41d9632c5566e70b4c7a59cbf6e134e9a6360d67a87ae9287abc9a6d190636f017f7bae19150f3eb997ea193f41c4d34a3ab"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1}}}}, @m_mpls={0x114, 0x1a, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0xfff, 0x3, 0x10000000, 0x6, 0x10001}, 0x2}}]}, {0xcb, 0x6, "786a1c27aa53185ea82e41878cfedea599fd24cd80e0c34d025fcf9907180b0b017081a535a3eb91611c3a0546a66cf429a1b7cf5973ba5eea561a3810e0a613efe7effb55be4be51839a019c78dcea020565b781b8670246db28b7f50f64386d73cf01fbfc9c2a7437593afb92194d1bcca9ec38fd5d40b44a5ab849b8a0d2d0af2a5b65f569f65bf5785f9aee180443ac97b2fec6b3bc8abda10bbcab26093f5d873b9a21eabf718ea899db20cd38cca510e1dce8bbb1d68d3391de979509a3f86c66bbf4cd9"}, {0xc}, {0xc, 0x8, {0x4, 0x3}}}}]}, {0xf0, 0x1, [@m_connmark={0xec, 0x12, 0x0, 0x0, {{0xd}, {0x4}, {0xba, 0x6, "0e38e15ca6d3fef99c770d2bd464dbb730e3181f008db0f464483272613196c9c4597cd2372c2fe1327d96dfeccffecd96af871e77e7027ed8288c4f103afa59943a647953be2bd4e2518ad6e89c52a53cc3dd8bdb49fc001226e66bcc588040c4bc150bbcd7da59ef0e043bef9333d03793a36017552415cf2da2b87f9c1693d2ade696aadcd3eb1abc8c8c1c72d2d67810ae95e6cc686c34bcabe611c23c3b41f4d2e996a25c790754e36614b1ed437f51e8fc7859"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x127c}}, 0x0) socket$inet6_mptcp(0xa, 0x1, 0x106) r1 = socket$nl_generic(0x10, 0x3, 0x10) socket$unix(0x1, 0x1, 0x0) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000500), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_FEATURES_SET(r3, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000380)=ANY=[@ANYBLOB='%\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000c00000004000380"], 0x18}}, 0x0) sendmsg$ETHTOOL_MSG_DEBUG_SET(r1, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e00000000000000000018000280080002001100000004000100080004"], 0x44}, 0x1, 0x0, 0x0, 0x10}, 0x8090) r5 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=@newqdisc={0x58, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r7, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0x3}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x9, 0x4, 0x5, 0x5, 0x7, 0x7, 0x3, 0x4, 0x3}}}}]}, 0x58}}, 0x44080) sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000300)=@newqdisc={0x38, 0x24, 0xd0f, 0x70bd29, 0x0, {0x60, 0x0, 0x0, r7, {}, {0xe, 0xa}, {0x2, 0x10}}, [@qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0x9}}]}, 0x38}, 0x1, 0x0, 0x0, 0x55}, 0x4000) sendmsg$IPCTNL_MSG_EXP_NEW(r5, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000000020103000000000000000002000008240002800c000280050001002f000000060003090000000000000001000008000840000000ee"], 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x8000) kernel console output (not intermixed with test programs): 15][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.226509][ T5847] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.245301][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.253124][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.279478][ T5848] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.293059][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.300041][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.326359][ T5848] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.345357][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.352613][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.378844][ T5843] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.516490][ T5847] hsr_slave_0: entered promiscuous mode [ 92.524311][ T5847] hsr_slave_1: entered promiscuous mode [ 92.530836][ T5847] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 92.538592][ T5847] Cannot create hsr debugfs directory [ 92.581410][ T5843] hsr_slave_0: entered promiscuous mode [ 92.588053][ T5843] hsr_slave_1: entered promiscuous mode [ 92.594530][ T5843] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 92.602196][ T5843] Cannot create hsr debugfs directory [ 92.693155][ T5846] hsr_slave_0: entered promiscuous mode [ 92.699611][ T5846] hsr_slave_1: entered promiscuous mode [ 92.706532][ T5846] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 92.714775][ T5846] Cannot create hsr debugfs directory [ 92.727320][ T5848] hsr_slave_0: entered promiscuous mode [ 92.734128][ T5848] hsr_slave_1: entered promiscuous mode [ 92.740436][ T5848] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 92.748033][ T5848] Cannot create hsr debugfs directory [ 93.113422][ T5837] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 93.196369][ T5837] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 93.207941][ T5837] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 93.225800][ T5837] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 93.350286][ T5841] Bluetooth: hci0: command tx timeout [ 93.384791][ T5847] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 93.402322][ T5847] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 93.437677][ T5847] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 93.451149][ T5847] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 93.500783][ T5841] Bluetooth: hci1: command tx timeout [ 93.513972][ T5843] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 93.537709][ T5843] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 93.549714][ T5843] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 93.583097][ T5843] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 93.661449][ T5841] Bluetooth: hci4: command tx timeout [ 93.665605][ T55] Bluetooth: hci3: command tx timeout [ 93.707324][ T5848] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 93.740406][ T55] Bluetooth: hci2: command tx timeout [ 93.748254][ T5848] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 93.759358][ T5848] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 93.771948][ T5848] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 93.814293][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.891945][ T5847] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.899047][ T5846] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 93.929822][ T5846] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 93.945990][ T5837] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.965026][ T3547] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.972369][ T3547] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.992202][ T5846] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 94.028109][ T3547] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.035349][ T3547] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.048382][ T5846] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 94.068673][ T5847] 8021q: adding VLAN 0 to HW filter on device team0 [ 94.093055][ T1319] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.100283][ T1319] bridge0: port 1(bridge_slave_0) entered forwarding state [ 94.111797][ T1319] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.119000][ T1319] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.283082][ T5843] 8021q: adding VLAN 0 to HW filter on device bond0 [ 94.373360][ T5843] 8021q: adding VLAN 0 to HW filter on device team0 [ 94.416319][ T3547] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.423532][ T3547] bridge0: port 1(bridge_slave_0) entered forwarding state [ 94.478444][ T5848] 8021q: adding VLAN 0 to HW filter on device bond0 [ 94.489457][ T1319] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.496725][ T1319] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.616200][ T5848] 8021q: adding VLAN 0 to HW filter on device team0 [ 94.659334][ T5846] 8021q: adding VLAN 0 to HW filter on device bond0 [ 94.677216][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.684470][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 94.706531][ T3547] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.713740][ T3547] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.779062][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.813438][ T5846] 8021q: adding VLAN 0 to HW filter on device team0 [ 94.887968][ T3547] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.895688][ T3547] bridge0: port 1(bridge_slave_0) entered forwarding state [ 94.916536][ T3547] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.923796][ T3547] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.945599][ T5847] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 95.209697][ T5837] veth0_vlan: entered promiscuous mode [ 95.248771][ T5843] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 95.293959][ T5847] veth0_vlan: entered promiscuous mode [ 95.316334][ T5837] veth1_vlan: entered promiscuous mode [ 95.379461][ T5847] veth1_vlan: entered promiscuous mode [ 95.429301][ T55] Bluetooth: hci0: command tx timeout [ 95.469995][ T5843] veth0_vlan: entered promiscuous mode [ 95.496428][ T5837] veth0_macvtap: entered promiscuous mode [ 95.504368][ T5843] veth1_vlan: entered promiscuous mode [ 95.519330][ T5848] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 95.534363][ T5837] veth1_macvtap: entered promiscuous mode [ 95.581431][ T55] Bluetooth: hci1: command tx timeout [ 95.583567][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.599596][ T5846] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 95.625387][ T5847] veth0_macvtap: entered promiscuous mode [ 95.638281][ T5847] veth1_macvtap: entered promiscuous mode [ 95.676213][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.708200][ T5837] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.721230][ T5837] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.730028][ T5837] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.739018][ T5837] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.747090][ T55] Bluetooth: hci4: command tx timeout [ 95.755521][ T5841] Bluetooth: hci3: command tx timeout [ 95.761556][ T5843] veth0_macvtap: entered promiscuous mode [ 95.773987][ T5843] veth1_macvtap: entered promiscuous mode [ 95.822142][ T5841] Bluetooth: hci2: command tx timeout [ 95.845424][ T5847] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 95.857134][ T5847] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.869394][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.916465][ T5847] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 95.927757][ T5847] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.942922][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.960634][ T5848] veth0_vlan: entered promiscuous mode [ 95.966916][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 95.978308][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 95.991534][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 96.002135][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.013817][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.055489][ T5848] veth1_vlan: entered promiscuous mode [ 96.073888][ T5847] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.082829][ T5847] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.092508][ T5847] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.101701][ T5847] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.137478][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 96.148829][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.159113][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 96.171731][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.183592][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 96.194848][ T5843] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.204069][ T5843] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.215763][ T5843] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.225300][ T5843] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.268343][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.286865][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.413521][ T5848] veth0_macvtap: entered promiscuous mode [ 96.422636][ T5846] veth0_vlan: entered promiscuous mode [ 96.429335][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.447314][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.459910][ T5848] veth1_macvtap: entered promiscuous mode [ 96.498859][ T1142] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.515269][ T1142] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.526946][ T5846] veth1_vlan: entered promiscuous mode [ 96.573049][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 96.591972][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.607142][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 96.618155][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.632289][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 96.642871][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.654989][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.685486][ T5837] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 96.697817][ T1319] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.705400][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 96.718772][ T1319] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.727559][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.738937][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 96.749484][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.759417][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 96.771195][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.782826][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 96.845531][ T1319] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.858546][ T1319] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.868846][ T5848] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.881544][ T5848] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.890774][ T5848] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.899538][ T5848] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.996767][ T5846] veth0_macvtap: entered promiscuous mode [ 97.019142][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.033633][ T5846] veth1_macvtap: entered promiscuous mode [ 97.043638][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.173373][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 97.216312][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.227118][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 97.238554][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.250152][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 97.269185][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.282181][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 97.292850][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.305204][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 97.318583][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 97.329540][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.341476][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 97.358182][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.368739][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 97.383372][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.394988][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 97.406430][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.418710][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 97.469751][ T1142] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.480518][ T1142] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.503710][ T5841] Bluetooth: hci0: command tx timeout [ 97.548521][ T5846] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.593697][ T5846] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.629264][ T5846] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.649514][ T5846] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.671643][ T5841] Bluetooth: hci1: command tx timeout [ 97.821621][ T5841] Bluetooth: hci3: command tx timeout [ 97.827123][ T5841] Bluetooth: hci4: command tx timeout [ 97.900673][ T5841] Bluetooth: hci2: command tx timeout [ 97.912642][ T66] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.971018][ T66] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.018072][ T5953] netlink: 'syz.1.7': attribute type 33 has an invalid length. [ 98.178415][ T5953] sctp: [Deprecated]: syz.1.7 (pid 5953) Use of struct sctp_assoc_value in delayed_ack socket option. [ 98.178415][ T5953] Use struct sctp_sack_info instead [ 98.238945][ T5953] netlink: 4083 bytes leftover after parsing attributes in process `syz.1.7'. [ 98.274046][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.275575][ T5951] netlink: 4083 bytes leftover after parsing attributes in process `syz.1.7'. [ 98.287177][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.486085][ T5969] Bluetooth: MGMT ver 1.23 [ 98.519267][ T1319] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.561344][ T1319] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.582676][ T5967] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 100.170044][ T6010] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 100.197320][ T6010] dummy0: entered promiscuous mode [ 100.203623][ T6010] vlan2: entered promiscuous mode [ 100.531343][ T6020] netlink: 36 bytes leftover after parsing attributes in process `syz.3.23'. [ 100.616353][ T6020] netlink: 36 bytes leftover after parsing attributes in process `syz.3.23'. [ 100.712480][ T6030] netlink: 4 bytes leftover after parsing attributes in process `syz.1.24'. [ 100.726237][ T6028] netlink: 12 bytes leftover after parsing attributes in process `syz.4.26'. [ 100.808940][ T6028] netlink: 8 bytes leftover after parsing attributes in process `syz.4.26'. [ 100.845159][ T6030] 8021q: adding VLAN 0 to HW filter on device bond1 [ 100.886924][ T6030] team0: Port device bond1 added [ 101.018062][ T6039] netlink: 'syz.0.28': attribute type 1 has an invalid length. [ 101.034086][ T6039] netlink: 224 bytes leftover after parsing attributes in process `syz.0.28'. [ 101.087290][ T6040] Bluetooth: hci0: Opcode 0x0c03 failed: -112 [ 101.612837][ T6047] bridge0: port 2(bridge_slave_1) entered disabled state [ 101.621224][ T6047] bridge0: port 1(bridge_slave_0) entered disabled state [ 101.933918][ T6047] bridge_slave_0: left allmulticast mode [ 101.940025][ T6047] bridge_slave_0: left promiscuous mode [ 101.947182][ T6047] bridge0: port 1(bridge_slave_0) entered disabled state [ 101.967276][ T6047] bridge_slave_1: left allmulticast mode [ 101.973658][ T6047] bridge_slave_1: left promiscuous mode [ 101.979669][ T6047] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.008533][ T6047] bond0: (slave bond_slave_0): Releasing backup interface [ 102.024952][ T6047] bond0: (slave bond_slave_1): Releasing backup interface [ 102.046925][ T6047] team0: Port device team_slave_0 removed [ 102.067701][ T6047] team0: Port device team_slave_1 removed [ 102.083580][ T6047] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 102.097320][ T6047] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 102.123297][ T6087] netlink: 'syz.4.41': attribute type 5 has an invalid length. [ 102.123475][ T6047] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 102.143717][ T6047] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 102.226806][ T6047] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 102.237008][ T6047] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 102.247333][ T6047] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 102.256329][ T6047] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 103.082490][ T6111] vlan2: entered promiscuous mode [ 103.106954][ T6111] vlan2: entered allmulticast mode [ 103.121668][ T6111] hsr_slave_1: entered allmulticast mode [ 103.182745][ T5841] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 103.251168][ T6111] netlink: 4 bytes leftover after parsing attributes in process `syz.1.52'. [ 103.274921][ T6120] netlink: 'syz.4.53': attribute type 10 has an invalid length. [ 103.283150][ T6120] netlink: 40 bytes leftover after parsing attributes in process `syz.4.53'. [ 103.312110][ T6121] netlink: 180 bytes leftover after parsing attributes in process `syz.3.54'. [ 103.373882][ T6091] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 103.422784][ T6120] batman_adv: batadv0: Adding interface: virt_wifi0 [ 103.429584][ T6120] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.461825][ T6120] batman_adv: batadv0: Interface activated: virt_wifi0 [ 103.809735][ T6130] Zero length message leads to an empty skb [ 103.854880][ T6130] vlan2: entered allmulticast mode [ 103.874113][ T6130] bond0: entered allmulticast mode [ 103.879320][ T6130] bond_slave_0: entered allmulticast mode [ 103.926629][ T6130] bond_slave_1: entered allmulticast mode [ 103.957275][ T6130] bridge0: port 3(vlan2) entered blocking state [ 103.987885][ T6130] bridge0: port 3(vlan2) entered disabled state [ 104.015566][ T6130] vlan2: entered promiscuous mode [ 104.027685][ T6130] bond0: entered promiscuous mode [ 104.037174][ T6130] bond_slave_0: entered promiscuous mode [ 104.063972][ T6130] bond_slave_1: entered promiscuous mode [ 104.099851][ T6130] bridge0: port 3(vlan2) entered blocking state [ 104.106757][ T6130] bridge0: port 3(vlan2) entered forwarding state [ 104.199209][ T6144] syz.0.60 uses obsolete (PF_INET,SOCK_PACKET) [ 104.496662][ T6150] hsr0: entered promiscuous mode [ 104.530496][ T6150] hsr0: entered allmulticast mode [ 104.540878][ T6150] hsr_slave_0: entered allmulticast mode [ 104.542260][ T6157] Bluetooth: hci0: Opcode 0x0c03 failed: -112 [ 104.561790][ T6150] hsr_slave_1: entered allmulticast mode [ 104.907670][ T6168] netlink: 212 bytes leftover after parsing attributes in process `syz.3.68'. [ 104.986002][ T6172] netlink: 36 bytes leftover after parsing attributes in process `syz.2.70'. [ 105.040382][ T6172] netlink: 4 bytes leftover after parsing attributes in process `syz.2.70'. [ 105.049136][ T6172] netlink: 4 bytes leftover after parsing attributes in process `syz.2.70'. [ 105.110951][ T6172] netlink: 4 bytes leftover after parsing attributes in process `syz.2.70'. [ 105.196488][ T6172] netlink: 'syz.2.70': attribute type 4 has an invalid length. [ 105.398488][ T6190] FAULT_INJECTION: forcing a failure. [ 105.398488][ T6190] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 105.452547][ T6190] CPU: 1 UID: 0 PID: 6190 Comm: syz.4.76 Not tainted 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 PREEMPT(full) [ 105.452578][ T6190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 105.452595][ T6190] Call Trace: [ 105.452604][ T6190] [ 105.452613][ T6190] dump_stack_lvl+0x241/0x360 [ 105.452658][ T6190] ? __pfx_dump_stack_lvl+0x10/0x10 [ 105.452687][ T6190] ? __pfx__printk+0x10/0x10 [ 105.452727][ T6190] should_fail_ex+0x424/0x570 [ 105.452758][ T6190] _copy_to_user+0x31/0xb0 [ 105.452783][ T6190] simple_read_from_buffer+0xc4/0x170 [ 105.452817][ T6190] proc_fail_nth_read+0x1ef/0x260 [ 105.452841][ T6190] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 105.452865][ T6190] ? rw_verify_area+0x246/0x630 [ 105.452885][ T6190] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 105.452907][ T6190] vfs_read+0x21f/0xb90 [ 105.452936][ T6190] ? __pfx___mutex_lock+0x10/0x10 [ 105.452960][ T6190] ? __pfx_vfs_read+0x10/0x10 [ 105.452985][ T6190] ? __fget_files+0x2a/0x420 [ 105.453017][ T6190] ? __fget_files+0x39d/0x420 [ 105.453045][ T6190] ? __fget_files+0x2a/0x420 [ 105.453086][ T6190] ksys_read+0x19d/0x2d0 [ 105.453111][ T6190] ? __pfx_ksys_read+0x10/0x10 [ 105.453141][ T6190] ? do_syscall_64+0xb6/0x230 [ 105.453167][ T6190] do_syscall_64+0xf3/0x230 [ 105.453190][ T6190] ? clear_bhb_loop+0x45/0xa0 [ 105.453227][ T6190] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 105.453251][ T6190] RIP: 0033:0x7f0d15f8cb7c [ 105.453274][ T6190] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 105.453290][ T6190] RSP: 002b:00007f0d16dc7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 105.453312][ T6190] RAX: ffffffffffffffda RBX: 00007f0d161b5fa0 RCX: 00007f0d15f8cb7c [ 105.453327][ T6190] RDX: 000000000000000f RSI: 00007f0d16dc70a0 RDI: 0000000000000003 [ 105.453339][ T6190] RBP: 00007f0d16dc7090 R08: 0000000000000000 R09: 0000000000000000 [ 105.453352][ T6190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 105.453364][ T6190] R13: 0000000000000000 R14: 00007f0d161b5fa0 R15: 00007ffeff4a6fb8 [ 105.453397][ T6190] [ 106.280634][ T6212] netlink: 'syz.1.84': attribute type 1 has an invalid length. [ 106.316369][ T6209] dummy0: entered promiscuous mode [ 106.323979][ T6212] netlink: 'syz.1.84': attribute type 4 has an invalid length. [ 106.346651][ T6209] vlan2: entered promiscuous mode [ 106.352533][ T6212] netlink: 188 bytes leftover after parsing attributes in process `syz.1.84'. [ 106.362658][ T6212] NCSI netlink: No device for ifindex 458760 [ 106.472253][ T6210] warning: `syz.4.82' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 106.568700][ T6218] netlink: 'syz.0.86': attribute type 16 has an invalid length. [ 106.578988][ T6218] netlink: 'syz.0.86': attribute type 17 has an invalid length. [ 106.628447][ T5841] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 106.725148][ T6218] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 106.799463][ T6222] IPv6: sit1: Disabled Multicast RS [ 106.819339][ T6221] netlink: 76 bytes leftover after parsing attributes in process `syz.2.88'. [ 106.844393][ T6222] sit1: entered allmulticast mode [ 107.121191][ T6238] sctp: [Deprecated]: syz.1.95 (pid 6238) Use of struct sctp_assoc_value in delayed_ack socket option. [ 107.121191][ T6238] Use struct sctp_sack_info instead [ 107.814948][ T6275] netlink: 'syz.4.105': attribute type 1 has an invalid length. [ 107.869001][ T6268] 8021q: adding VLAN 0 to HW filter on device bond1 [ 107.916945][ T6268] bridge0: port 3(bond1) entered blocking state [ 107.931501][ T6268] bridge0: port 3(bond1) entered disabled state [ 107.942755][ T6268] bond1: entered allmulticast mode [ 107.951746][ T6268] bond1: entered promiscuous mode [ 107.957878][ T6268] bridge0: port 3(bond1) entered blocking state [ 107.964860][ T6268] bridge0: port 3(bond1) entered forwarding state [ 108.006309][ T12] bridge0: port 3(bond1) entered disabled state [ 108.214534][ T6287] ip6erspan0: entered promiscuous mode [ 108.755796][ T6309] __nla_validate_parse: 1 callbacks suppressed [ 108.755816][ T6309] netlink: 212 bytes leftover after parsing attributes in process `syz.4.113'. [ 108.911075][ T6318] netlink: 'syz.1.116': attribute type 1 has an invalid length. [ 108.921838][ T6311] Bluetooth: hci0: Opcode 0x0c03 failed: -112 [ 108.946435][ T6318] netlink: 224 bytes leftover after parsing attributes in process `syz.1.116'. [ 109.029123][ T6326] netlink: 'syz.4.118': attribute type 1 has an invalid length. [ 109.038447][ T6326] netlink: 'syz.4.118': attribute type 2 has an invalid length. [ 109.046926][ T6326] netlink: 212 bytes leftover after parsing attributes in process `syz.4.118'. [ 109.153750][ T6330] netlink: 256 bytes leftover after parsing attributes in process `syz.0.119'. [ 109.312590][ T6335] FAULT_INJECTION: forcing a failure. [ 109.312590][ T6335] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 109.370518][ T6335] CPU: 1 UID: 0 PID: 6335 Comm: syz.3.121 Not tainted 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 PREEMPT(full) [ 109.370549][ T6335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 109.370562][ T6335] Call Trace: [ 109.370570][ T6335] [ 109.370579][ T6335] dump_stack_lvl+0x241/0x360 [ 109.370616][ T6335] ? __pfx_dump_stack_lvl+0x10/0x10 [ 109.370646][ T6335] ? __pfx__printk+0x10/0x10 [ 109.370687][ T6335] should_fail_ex+0x424/0x570 [ 109.370718][ T6335] _copy_from_user+0x2d/0xb0 [ 109.370741][ T6335] __sys_bpf+0x1c5/0x8b0 [ 109.370765][ T6335] ? __pfx___sys_bpf+0x10/0x10 [ 109.370799][ T6335] ? ksys_write+0x275/0x2d0 [ 109.370846][ T6335] __x64_sys_bpf+0x7c/0x90 [ 109.370877][ T6335] do_syscall_64+0xf3/0x230 [ 109.370905][ T6335] ? clear_bhb_loop+0x45/0xa0 [ 109.370930][ T6335] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 109.370950][ T6335] RIP: 0033:0x7f578538e169 [ 109.370968][ T6335] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 109.370985][ T6335] RSP: 002b:00007f57862b2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 109.371007][ T6335] RAX: ffffffffffffffda RBX: 00007f57855b5fa0 RCX: 00007f578538e169 [ 109.371022][ T6335] RDX: 0000000000000090 RSI: 0000200000000440 RDI: 0000000000000005 [ 109.371035][ T6335] RBP: 00007f57862b2090 R08: 0000000000000000 R09: 0000000000000000 [ 109.371048][ T6335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 109.371059][ T6335] R13: 0000000000000000 R14: 00007f57855b5fa0 R15: 00007ffd695c10d8 [ 109.371091][ T6335] [ 109.591733][ T6343] FAULT_INJECTION: forcing a failure. [ 109.591733][ T6343] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 109.636367][ T6343] CPU: 1 UID: 0 PID: 6343 Comm: syz.1.123 Not tainted 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 PREEMPT(full) [ 109.636398][ T6343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 109.636410][ T6343] Call Trace: [ 109.636418][ T6343] [ 109.636428][ T6343] dump_stack_lvl+0x241/0x360 [ 109.636465][ T6343] ? __pfx_dump_stack_lvl+0x10/0x10 [ 109.636494][ T6343] ? __pfx__printk+0x10/0x10 [ 109.636536][ T6343] should_fail_ex+0x424/0x570 [ 109.636568][ T6343] _copy_from_user+0x2d/0xb0 [ 109.636591][ T6343] copy_msghdr_from_user+0xb3/0x580 [ 109.636631][ T6343] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 109.636659][ T6343] ? __fget_files+0x2a/0x420 [ 109.636694][ T6343] ? __fget_files+0x2a/0x420 [ 109.636732][ T6343] __sys_sendmsg+0x20a/0x360 [ 109.636762][ T6343] ? __pfx___sys_sendmsg+0x10/0x10 [ 109.636842][ T6343] ? do_syscall_64+0xb6/0x230 [ 109.636869][ T6343] do_syscall_64+0xf3/0x230 [ 109.636892][ T6343] ? clear_bhb_loop+0x45/0xa0 [ 109.636915][ T6343] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 109.636934][ T6343] RIP: 0033:0x7f219af8e169 [ 109.636952][ T6343] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 109.636968][ T6343] RSP: 002b:00007f219bd93038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 109.636990][ T6343] RAX: ffffffffffffffda RBX: 00007f219b1b5fa0 RCX: 00007f219af8e169 [ 109.637005][ T6343] RDX: 00000000040080ca RSI: 0000200000000380 RDI: 0000000000000003 [ 109.637018][ T6343] RBP: 00007f219bd93090 R08: 0000000000000000 R09: 0000000000000000 [ 109.637030][ T6343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 109.637042][ T6343] R13: 0000000000000000 R14: 00007f219b1b5fa0 R15: 00007ffecde707c8 [ 109.637080][ T6343] [ 110.197726][ T6362] netlink: 8 bytes leftover after parsing attributes in process `syz.0.128'. [ 110.262543][ T6363] tc_dump_action: action bad kind [ 110.516805][ T6374] netlink: 216 bytes leftover after parsing attributes in process `syz.0.132'. [ 110.543400][ T6374] netlink: 24 bytes leftover after parsing attributes in process `syz.0.132'. [ 110.591027][ T6374] netlink: 16 bytes leftover after parsing attributes in process `syz.0.132'. [ 110.868806][ T6386] netlink: 8 bytes leftover after parsing attributes in process `syz.3.136'. [ 110.941850][ T5841] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 111.337872][ T6399] netlink: 212 bytes leftover after parsing attributes in process `syz.1.139'. [ 112.098053][ T6428] Bluetooth: hci0: Opcode 0x0c03 failed: -112 [ 112.967546][ T6470] openvswitch: netlink: IP tunnel attribute has 16 unknown bytes. [ 113.635978][ T6499] tipc: Started in network mode [ 113.648813][ T6499] tipc: Node identity , cluster identity 4711 [ 113.656990][ T6499] tipc: Failed to obtain node identity [ 113.664191][ T6499] tipc: Enabling of bearer rejected, failed to enable media [ 114.140235][ T5841] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 114.147244][ T6479] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 114.317142][ T6530] netlink: 'syz.4.173': attribute type 1 has an invalid length. [ 114.327885][ T6530] netlink: 'syz.4.173': attribute type 2 has an invalid length. [ 114.427030][ T6514] team0 (unregistering): Port device team_slave_0 removed [ 114.472686][ T6514] team0 (unregistering): Port device team_slave_1 removed [ 114.537618][ T6538] __nla_validate_parse: 5 callbacks suppressed [ 114.537639][ T6538] netlink: 24 bytes leftover after parsing attributes in process `syz.4.175'. [ 114.981115][ T6554] netlink: 'syz.2.181': attribute type 1 has an invalid length. [ 114.988836][ T6554] netlink: 224 bytes leftover after parsing attributes in process `syz.2.181'. [ 115.178256][ T6557] Bluetooth: hci0: Opcode 0x0c03 failed: -112 [ 115.244812][ T6559] wg1: entered promiscuous mode [ 115.249762][ T6559] wg1: entered allmulticast mode [ 115.602588][ T6568] bridge0: port 2(bridge_slave_1) entered disabled state [ 115.610479][ T6568] bridge0: port 1(bridge_slave_0) entered disabled state [ 116.010709][ T6568] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 116.099067][ T6568] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 116.255331][ T6568] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 116.281850][ T6568] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 116.291898][ T6568] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 116.301610][ T6568] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 116.671740][ T6606] netlink: 212 bytes leftover after parsing attributes in process `syz.3.195'. [ 116.707423][ T6608] netlink: 16 bytes leftover after parsing attributes in process `syz.4.196'. [ 116.742386][ T6609] netlink: 596 bytes leftover after parsing attributes in process `syz.1.192'. [ 116.984860][ T6619] netlink: 12 bytes leftover after parsing attributes in process `syz.4.198'. [ 117.260710][ T5841] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 117.286003][ T6611] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 118.589067][ T6672] netlink: 212 bytes leftover after parsing attributes in process `syz.4.210'. [ 118.836478][ T6678] netlink: 16 bytes leftover after parsing attributes in process `syz.2.214'. [ 118.849848][ T6676] Bluetooth: hci0: Opcode 0x0c03 failed: -112 [ 118.911389][ T6683] netlink: 16 bytes leftover after parsing attributes in process `syz.0.211'. [ 118.937495][ T6683] netlink: 32 bytes leftover after parsing attributes in process `syz.0.211'. [ 118.984148][ T6683] veth1_macvtap: left promiscuous mode [ 119.008875][ T6683] macsec0: entered promiscuous mode [ 119.268590][ T6696] xt_cluster: you have exceeded the maximum number of cluster nodes (261 > 32) [ 119.668510][ T6713] __nla_validate_parse: 3 callbacks suppressed [ 119.668532][ T6713] netlink: 24 bytes leftover after parsing attributes in process `syz.2.228'. [ 119.845689][ T6716] vlan3: entered promiscuous mode [ 119.893645][ T6713] xt_socket: unknown flags 0x4 [ 119.916982][ T5844] IPVS: starting estimator thread 0... [ 119.958070][ T6719] vlan2: entered promiscuous mode [ 119.977666][ T6719] dummy0: entered promiscuous mode [ 120.031414][ T6726] IPVS: using max 27 ests per chain, 64800 per kthread [ 120.623884][ T6754] netlink: 16 bytes leftover after parsing attributes in process `syz.1.243'. [ 120.705010][ T6756] netlink: 212 bytes leftover after parsing attributes in process `syz.0.244'. [ 120.861505][ T5841] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 121.300024][ T6768] dummy0: entered promiscuous mode [ 121.318714][ T6768] vlan2: entered promiscuous mode [ 121.375052][ T6772] netlink: 16 bytes leftover after parsing attributes in process `syz.3.251'. [ 121.754640][ T6780] Bluetooth: hci0: Opcode 0x0c03 failed: -112 [ 122.600005][ T6815] netlink: 8 bytes leftover after parsing attributes in process `syz.1.265'. [ 123.064970][ T6829] netlink: 87 bytes leftover after parsing attributes in process `syz.1.270'. [ 123.076758][ T6830] IPVS: set_ctl: invalid protocol: 113 224.0.0.1:20004 [ 123.825465][ T5841] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 123.996542][ T6862] openvswitch: netlink: Key 0 has unexpected len 4 expected 0 [ 124.017046][ T6862] netlink: 60 bytes leftover after parsing attributes in process `syz.2.281'. [ 124.053794][ T6833] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 125.541409][ T6894] netlink: 'syz.3.290': attribute type 10 has an invalid length. [ 126.255174][ T6911] gre1: entered allmulticast mode [ 126.619133][ T6913] can: request_module (can-proto-0) failed. [ 126.629998][ T6913] netlink: 'syz.1.298': attribute type 1 has an invalid length. [ 126.643734][ T6913] netlink: 3 bytes leftover after parsing attributes in process `syz.1.298'. [ 126.685209][ T6913] batadv1: entered promiscuous mode [ 126.699683][ T6913] batadv1: entered allmulticast mode [ 126.828225][ T6913] netlink: 48 bytes leftover after parsing attributes in process `syz.1.298'. [ 127.314111][ T6929] netlink: 256 bytes leftover after parsing attributes in process `syz.0.302'. [ 127.522809][ T6935] netlink: 212 bytes leftover after parsing attributes in process `syz.2.305'. [ 127.889865][ T6944] netlink: 12 bytes leftover after parsing attributes in process `syz.0.308'. [ 128.047274][ T6943] netlink: 8 bytes leftover after parsing attributes in process `syz.2.309'. [ 129.222086][ T6958] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 129.344628][ T6970] netlink: 212 bytes leftover after parsing attributes in process `syz.0.316'. [ 129.666212][ T6977] netlink: 8 bytes leftover after parsing attributes in process `syz.0.318'. [ 129.881134][ T6979] netlink: 8 bytes leftover after parsing attributes in process `syz.2.319'. [ 130.736747][ T6994] netlink: 8 bytes leftover after parsing attributes in process `syz.0.326'. [ 132.309962][ T7026] netlink: 'syz.1.334': attribute type 3 has an invalid length. [ 132.641041][ T7033] netlink: 'syz.4.336': attribute type 1 has an invalid length. [ 132.690590][ T7033] netlink: 228 bytes leftover after parsing attributes in process `syz.4.336'. [ 133.470744][ T7047] 8021q: adding VLAN 0 to HW filter on device bond0 [ 133.479108][ T7047] team0: Port device bond0 added [ 133.687515][ T7047] syz.2.337 (7047) used greatest stack depth: 17608 bytes left [ 134.371371][ T7068] team_slave_0: entered promiscuous mode [ 134.430685][ T7071] team_slave_0: left promiscuous mode [ 134.547428][ T7077] netlink: 12 bytes leftover after parsing attributes in process `syz.0.349'. [ 135.082970][ T7096] ieee802154 phy0 wpan0: encryption failed: -22 [ 135.625448][ T7114] netlink: 212 bytes leftover after parsing attributes in process `syz.0.361'. [ 135.953629][ T7124] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0) [ 136.161374][ T7132] netlink: 44 bytes leftover after parsing attributes in process `syz.2.367'. [ 136.370679][ T7137] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 136.399219][ T7137] netlink: 'syz.4.369': attribute type 1 has an invalid length. [ 136.497158][ T7139] netlink: 3 bytes leftover after parsing attributes in process `syz.4.369'. [ 136.582867][ T7137] netlink: 3 bytes leftover after parsing attributes in process `syz.4.369'. [ 136.736750][ T7139] batadv1: entered promiscuous mode [ 136.743429][ T7139] batadv1: entered allmulticast mode [ 136.846366][ T7137] batadv1: entered promiscuous mode [ 136.853337][ T7137] batadv1: entered allmulticast mode [ 137.110970][ T7160] netlink: 8 bytes leftover after parsing attributes in process `syz.2.377'. [ 137.261002][ T7166] netlink: 48 bytes leftover after parsing attributes in process `syz.4.380'. [ 137.305743][ T7166] vti0: entered promiscuous mode [ 137.345102][ T7166] netlink: 32 bytes leftover after parsing attributes in process `syz.4.380'. [ 137.797503][ T7180] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 137.907620][ T7180] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 137.918185][ T7184] netlink: 212 bytes leftover after parsing attributes in process `syz.4.385'. [ 138.016028][ T7180] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 138.085358][ T7180] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 138.148278][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.298383][ T7180] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 138.379140][ T7180] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 138.438434][ T7180] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 138.448574][ T7200] netlink: 'syz.1.391': attribute type 1 has an invalid length. [ 138.459085][ T7200] netlink: 224 bytes leftover after parsing attributes in process `syz.1.391'. [ 138.482081][ T7180] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 138.666681][ T7210] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 139.077107][ T7226] netlink: 8 bytes leftover after parsing attributes in process `syz.1.400'. [ 139.086545][ T7226] netlink: 4 bytes leftover after parsing attributes in process `syz.1.400'. [ 139.355887][ T7234] vlan2: entered promiscuous mode [ 139.858694][ T7244] netlink: 'syz.3.405': attribute type 1 has an invalid length. [ 139.883965][ T7244] netlink: 224 bytes leftover after parsing attributes in process `syz.3.405'. [ 140.584263][ T7261] netlink: 'syz.0.408': attribute type 16 has an invalid length. [ 140.593133][ T7261] netlink: 'syz.0.408': attribute type 17 has an invalid length. [ 142.071588][ T7284] netdevsim netdevsim4: Direct firmware load for / [ 142.071588][ T7284] failed with error -2 [ 142.076545][ T7283] vlan2: entered promiscuous mode [ 142.094715][ T7283] dummy0: entered promiscuous mode [ 142.106535][ T7284] netdevsim netdevsim4: Falling back to sysfs fallback for: / [ 142.106535][ T7284] [ 142.255870][ T7286] netlink: 16 bytes leftover after parsing attributes in process `syz.3.415'. [ 142.272877][ T7286] netlink: 64 bytes leftover after parsing attributes in process `syz.3.415'. [ 142.285083][ T7296] netlink: 12 bytes leftover after parsing attributes in process `syz.3.415'. [ 142.299660][ T7286] tipc: Invalid UDP bearer configuration [ 142.299737][ T7286] tipc: Enabling of bearer rejected, failed to enable media [ 142.531461][ T7306] netlink: 32 bytes leftover after parsing attributes in process `syz.2.421'. [ 142.542205][ T24] IPVS: starting estimator thread 0... [ 142.640478][ T7307] IPVS: using max 26 ests per chain, 62400 per kthread [ 142.677330][ T7309] netlink: 'syz.0.422': attribute type 3 has an invalid length. [ 142.706644][ T7309] netlink: 132 bytes leftover after parsing attributes in process `syz.0.422'. [ 142.963546][ T7311] netlink: 48 bytes leftover after parsing attributes in process `syz.0.422'. [ 143.214408][ T7331] netlink: 8 bytes leftover after parsing attributes in process `syz.4.427'. [ 143.250604][ T7331] netlink: 8 bytes leftover after parsing attributes in process `syz.4.427'. [ 143.379133][ T7335] vlan2: entered promiscuous mode [ 144.135924][ T7353] netlink: 8 bytes leftover after parsing attributes in process `syz.3.433'. [ 144.294834][ T7353] netlink: 20 bytes leftover after parsing attributes in process `syz.3.433'. [ 145.246097][ T7392] netlink: 8 bytes leftover after parsing attributes in process `syz.1.453'. [ 145.270740][ T7390] netlink: 8 bytes leftover after parsing attributes in process `syz.1.453'. [ 145.281162][ T7391] netlink: 212 bytes leftover after parsing attributes in process `syz.0.451'. [ 145.290541][ T7390] netlink: 4 bytes leftover after parsing attributes in process `syz.1.453'. [ 145.316996][ T7392] netlink: 4 bytes leftover after parsing attributes in process `syz.1.453'. [ 145.907418][ T7413] vlan2: entered promiscuous mode [ 146.637940][ T7440] IPVS: set_ctl: invalid protocol: 0 224.0.0.2:20002 [ 146.974349][ T7454] vlan2: entered promiscuous mode [ 147.675210][ T7482] netlink: 'syz.0.486': attribute type 1 has an invalid length. [ 147.679129][ T7479] geneve0: entered promiscuous mode [ 147.771608][ T7482] 8021q: adding VLAN 0 to HW filter on device bond1 [ 147.857814][ T7488] 8021q: adding VLAN 0 to HW filter on device bond1 [ 147.886789][ T7488] bond1: (slave vcan1): The slave device specified does not support setting the MAC address [ 147.908947][ T7488] bond1: (slave vcan1): Error -95 calling set_mac_address [ 147.947872][ T7478] geneve0: left promiscuous mode [ 147.985209][ T7492] vti0: entered promiscuous mode [ 148.482827][ T7515] netlink: 'syz.0.497': attribute type 1 has an invalid length. [ 148.517174][ T7515] __nla_validate_parse: 9 callbacks suppressed [ 148.517194][ T7515] netlink: 224 bytes leftover after parsing attributes in process `syz.0.497'. [ 148.618919][ T7509] vlan2: entered promiscuous mode [ 149.004817][ T7529] netlink: 32 bytes leftover after parsing attributes in process `syz.1.503'. [ 149.067124][ T7529] x_tables: duplicate underflow at hook 2 [ 149.330893][ T7540] netlink: 48 bytes leftover after parsing attributes in process `syz.4.507'. [ 149.416474][ T7543] netlink: 12 bytes leftover after parsing attributes in process `syz.2.509'. [ 149.458990][ T7543] netlink: 8 bytes leftover after parsing attributes in process `syz.2.509'. [ 149.461512][ T7545] netlink: 32 bytes leftover after parsing attributes in process `syz.4.507'. [ 150.007701][ T7561] vlan2: entered promiscuous mode [ 150.097471][ T7566] netlink: 16 bytes leftover after parsing attributes in process `syz.4.518'. [ 150.327907][ T5919] IPVS: starting estimator thread 0... [ 150.445531][ T7576] IPVS: using max 29 ests per chain, 69600 per kthread [ 150.556545][ T7584] netlink: 24 bytes leftover after parsing attributes in process `syz.4.524'. [ 150.851760][ T7595] netlink: 16 bytes leftover after parsing attributes in process `syz.4.526'. [ 150.971003][ T7602] netlink: 48 bytes leftover after parsing attributes in process `syz.1.528'. [ 151.501317][ T7609] netlink: 'syz.1.531': attribute type 1 has an invalid length. [ 151.980627][ T5841] Bluetooth: hci4: command tx timeout [ 152.589484][ T7656] vlan2: entered promiscuous mode [ 152.616257][ T7656] bridge0: entered promiscuous mode [ 152.657142][ T7656] vlan2: entered allmulticast mode [ 152.674326][ T7656] bridge0: entered allmulticast mode [ 152.862477][ T7667] bridge_slave_0: left allmulticast mode [ 152.871424][ T7667] bridge_slave_0: left promiscuous mode [ 152.910689][ T7667] bridge0: port 1(bridge_slave_0) entered disabled state [ 152.958087][ T7667] bridge_slave_1: left allmulticast mode [ 152.978011][ T7667] bridge_slave_1: left promiscuous mode [ 152.988991][ T7667] bridge0: port 2(bridge_slave_1) entered disabled state [ 153.046646][ T7667] bond0: (slave bond_slave_0): Releasing backup interface [ 153.062692][ T7675] netlink: 'syz.3.558': attribute type 10 has an invalid length. [ 153.072101][ T7667] bond0: (slave bond_slave_1): Releasing backup interface [ 153.087036][ T7667] team0: Port device team_slave_0 removed [ 153.097901][ T7667] team0: Port device team_slave_1 removed [ 153.105202][ T7667] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 153.115776][ T7667] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 153.128862][ T7667] team0: Port device bond1 removed [ 153.135339][ T7672] tc_dump_action: action bad kind [ 153.188222][ T7675] syz_tun: entered promiscuous mode [ 153.218364][ T7675] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 153.389010][ T7688] sock: sock_set_timeout: `syz.1.561' (pid 7688) tries to set negative timeout [ 153.603628][ T7699] FAULT_INJECTION: forcing a failure. [ 153.603628][ T7699] name failslab, interval 1, probability 0, space 0, times 1 [ 153.616646][ T7699] CPU: 1 UID: 0 PID: 7699 Comm: syz.0.564 Not tainted 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 PREEMPT(full) [ 153.616676][ T7699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 153.616689][ T7699] Call Trace: [ 153.616697][ T7699] [ 153.616707][ T7699] dump_stack_lvl+0x241/0x360 [ 153.616750][ T7699] ? __pfx_dump_stack_lvl+0x10/0x10 [ 153.616780][ T7699] ? __pfx__printk+0x10/0x10 [ 153.616813][ T7699] ? __pfx___might_resched+0x10/0x10 [ 153.616843][ T7699] should_fail_ex+0x424/0x570 [ 153.616875][ T7699] should_failslab+0xac/0x100 [ 153.616905][ T7699] __kmalloc_noprof+0xdf/0x4d0 [ 153.616932][ T7699] ? tomoyo_realpath_from_path+0xc2/0x5e0 [ 153.616963][ T7699] ? tomoyo_realpath_from_path+0xcf/0x5e0 [ 153.617007][ T7699] tomoyo_realpath_from_path+0xcf/0x5e0 [ 153.617053][ T7699] tomoyo_path_number_perm+0x245/0x790 [ 153.617084][ T7699] ? tomoyo_path_number_perm+0x215/0x790 [ 153.617113][ T7699] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 153.617148][ T7699] ? ksys_write+0x24e/0x2d0 [ 153.617180][ T7699] ? __lock_acquire+0xad5/0xd80 [ 153.617222][ T7699] ? __fget_files+0x2a/0x420 [ 153.617252][ T7699] ? __fget_files+0x2a/0x420 [ 153.617304][ T7699] ? __fget_files+0x2a/0x420 [ 153.617341][ T7699] security_file_ioctl+0xc6/0x2a0 [ 153.617368][ T7699] __se_sys_ioctl+0x46/0x160 [ 153.617394][ T7699] do_syscall_64+0xf3/0x230 [ 153.617420][ T7699] ? clear_bhb_loop+0x45/0xa0 [ 153.617445][ T7699] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 153.617466][ T7699] RIP: 0033:0x7f84aed8e169 [ 153.617484][ T7699] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 153.617500][ T7699] RSP: 002b:00007f84afb74038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 153.617523][ T7699] RAX: ffffffffffffffda RBX: 00007f84aefb5fa0 RCX: 00007f84aed8e169 [ 153.617538][ T7699] RDX: 0000200000000480 RSI: 00000000000089e0 RDI: 0000000000000003 [ 153.617551][ T7699] RBP: 00007f84afb74090 R08: 0000000000000000 R09: 0000000000000000 [ 153.617563][ T7699] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 153.617575][ T7699] R13: 0000000000000000 R14: 00007f84aefb5fa0 R15: 00007ffc87d985a8 [ 153.617608][ T7699] [ 153.617618][ T7699] ERROR: Out of memory at tomoyo_realpath_from_path. [ 154.086667][ T7717] __nla_validate_parse: 7 callbacks suppressed [ 154.086688][ T7717] netlink: 596 bytes leftover after parsing attributes in process `syz.4.569'. [ 154.858677][ T7728] netlink: 'syz.2.574': attribute type 1 has an invalid length. [ 154.901831][ T7728] bond1: entered promiscuous mode [ 154.907558][ T7728] 8021q: adding VLAN 0 to HW filter on device bond1 [ 155.056856][ T7734] netlink: 24 bytes leftover after parsing attributes in process `syz.0.576'. [ 155.722496][ T7748] vlan2: entered promiscuous mode [ 156.164735][ T7756] FAULT_INJECTION: forcing a failure. [ 156.164735][ T7756] name failslab, interval 1, probability 0, space 0, times 0 [ 156.181457][ T7756] CPU: 0 UID: 0 PID: 7756 Comm: syz.1.583 Not tainted 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 PREEMPT(full) [ 156.181488][ T7756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 156.181501][ T7756] Call Trace: [ 156.181509][ T7756] [ 156.181519][ T7756] dump_stack_lvl+0x241/0x360 [ 156.181557][ T7756] ? __pfx_dump_stack_lvl+0x10/0x10 [ 156.181586][ T7756] ? __pfx__printk+0x10/0x10 [ 156.181620][ T7756] ? __pfx___might_resched+0x10/0x10 [ 156.181650][ T7756] should_fail_ex+0x424/0x570 [ 156.181683][ T7756] should_failslab+0xac/0x100 [ 156.181714][ T7756] __kmalloc_noprof+0xdf/0x4d0 [ 156.181741][ T7756] ? tomoyo_encode+0x26f/0x540 [ 156.181776][ T7756] tomoyo_encode+0x26f/0x540 [ 156.181817][ T7756] ? __pfx_sockfs_dname+0x10/0x10 [ 156.181852][ T7756] tomoyo_realpath_from_path+0x59e/0x5e0 [ 156.181899][ T7756] tomoyo_path_number_perm+0x245/0x790 [ 156.181930][ T7756] ? tomoyo_path_number_perm+0x215/0x790 [ 156.181960][ T7756] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 156.181995][ T7756] ? ksys_write+0x24e/0x2d0 [ 156.182027][ T7756] ? __lock_acquire+0xad5/0xd80 [ 156.182070][ T7756] ? __fget_files+0x2a/0x420 [ 156.182102][ T7756] ? __fget_files+0x2a/0x420 [ 156.182137][ T7756] ? __fget_files+0x2a/0x420 [ 156.182174][ T7756] security_file_ioctl+0xc6/0x2a0 [ 156.182200][ T7756] __se_sys_ioctl+0x46/0x160 [ 156.182227][ T7756] do_syscall_64+0xf3/0x230 [ 156.182253][ T7756] ? clear_bhb_loop+0x45/0xa0 [ 156.182278][ T7756] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 156.182298][ T7756] RIP: 0033:0x7f219af8e169 [ 156.182317][ T7756] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 156.182334][ T7756] RSP: 002b:00007f219bd93038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 156.182356][ T7756] RAX: ffffffffffffffda RBX: 00007f219b1b5fa0 RCX: 00007f219af8e169 [ 156.182371][ T7756] RDX: 0000200000000480 RSI: 00000000000089e0 RDI: 0000000000000003 [ 156.182389][ T7756] RBP: 00007f219bd93090 R08: 0000000000000000 R09: 0000000000000000 [ 156.182401][ T7756] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 156.182412][ T7756] R13: 0000000000000000 R14: 00007f219b1b5fa0 R15: 00007ffecde707c8 [ 156.182445][ T7756] [ 156.182569][ T7756] ERROR: Out of memory at tomoyo_realpath_from_path. [ 156.599209][ T7760] IPVS: sh: UDP 224.0.0.2:0 - no destination available [ 156.604368][ T7761] netlink: 12 bytes leftover after parsing attributes in process `syz.1.584'. [ 156.619573][ T9] IPVS: starting estimator thread 0... [ 156.730611][ T7762] IPVS: using max 27 ests per chain, 64800 per kthread [ 156.993351][ T7771] tc_dump_action: action bad kind [ 157.354493][ T7803] vlan3: entered promiscuous mode [ 157.700936][ T7809] wg1: entered promiscuous mode [ 157.720446][ T7809] wg1: entered allmulticast mode [ 157.777954][ T7819] netlink: 132 bytes leftover after parsing attributes in process `syz.4.602'. [ 158.162280][ T7831] IPv6: syztnl1: Disabled Multicast RS [ 158.178001][ T7826] netlink: 596 bytes leftover after parsing attributes in process `syz.3.603'. [ 158.422562][ T7847] netlink: 48 bytes leftover after parsing attributes in process `syz.4.612'. [ 158.428214][ T7849] netlink: 'syz.0.613': attribute type 2 has an invalid length. [ 158.446076][ T7847] netlink: 32 bytes leftover after parsing attributes in process `syz.4.612'. [ 158.463013][ T7849] lave_0: entered promiscuous mode [ 158.797220][ T7864] netlink: 4 bytes leftover after parsing attributes in process `syz.0.619'. [ 159.200744][ T7878] vlan2: entered promiscuous mode [ 159.355923][ T7885] ieee802154 phy0 wpan0: encryption failed: -22 [ 159.375403][ T7888] netlink: 48 bytes leftover after parsing attributes in process `syz.2.628'. [ 159.396805][ T7888] vti0: entered promiscuous mode [ 159.416840][ T7888] netlink: 32 bytes leftover after parsing attributes in process `syz.2.628'. [ 159.737466][ T7904] netlink: 'syz.0.635': attribute type 10 has an invalid length. [ 159.779636][ T7904] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 160.226088][ T7916] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic [ 160.291183][ T7921] netlink: 20 bytes leftover after parsing attributes in process `syz.0.641'. [ 160.482350][ T7927] netlink: 'syz.2.643': attribute type 29 has an invalid length. [ 162.795271][ T7969] netlink: 'syz.0.658': attribute type 1 has an invalid length. [ 162.827724][ T7969] netlink: 224 bytes leftover after parsing attributes in process `syz.0.658'. [ 163.013929][ T7978] netlink: 212 bytes leftover after parsing attributes in process `syz.1.662'. [ 163.498883][ T7999] syzkaller0: entered allmulticast mode [ 163.526717][ T8004] netlink: 48 bytes leftover after parsing attributes in process `syz.1.673'. [ 163.547522][ T7999] syzkaller0 (unregistering): left allmulticast mode [ 163.608671][ T8006] netlink: 32 bytes leftover after parsing attributes in process `syz.1.673'. [ 164.239360][ T8037] dvmrp1: entered allmulticast mode [ 164.428967][ T8050] netlink: 48 bytes leftover after parsing attributes in process `syz.4.689'. [ 164.480338][ T8050] netlink: 32 bytes leftover after parsing attributes in process `syz.4.689'. [ 165.139052][ T8065] netlink: 'syz.4.694': attribute type 11 has an invalid length. [ 165.168342][ T8065] netlink: 140 bytes leftover after parsing attributes in process `syz.4.694'. [ 165.365016][ T8068] netlink: 'syz.0.695': attribute type 1 has an invalid length. [ 165.394017][ T8068] netlink: 224 bytes leftover after parsing attributes in process `syz.0.695'. [ 165.706707][ T8081] netlink: 212 bytes leftover after parsing attributes in process `syz.1.700'. [ 165.840860][ T8086] tc_dump_action: action bad kind [ 165.948502][ T8089] netlink: 48 bytes leftover after parsing attributes in process `syz.1.704'. [ 165.977678][ T8089] netlink: 32 bytes leftover after parsing attributes in process `syz.1.704'. [ 166.817531][ T8123] tc_dump_action: action bad kind [ 167.476139][ T8138] netlink: 48 bytes leftover after parsing attributes in process `syz.2.722'. [ 167.508924][ T8138] netlink: 32 bytes leftover after parsing attributes in process `syz.2.722'. [ 167.882212][ T8153] tc_dump_action: action bad kind [ 168.458119][ T8176] tc_dump_action: action bad kind [ 168.684741][ T8183] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'nat' [ 168.797536][ T8191] veth0: entered promiscuous mode [ 168.893044][ T8199] netlink: 4 bytes leftover after parsing attributes in process `syz.0.741'. [ 169.289552][ T8208] tc_dump_action: action bad kind [ 169.296054][ T8208] netlink: 'syz.1.749': attribute type 10 has an invalid length. [ 169.444904][ T8219] tc_dump_action: action bad kind [ 169.899226][ T8236] vlan2: entered promiscuous mode [ 169.918333][ T8238] netlink: 'syz.3.759': attribute type 3 has an invalid length. [ 169.926616][ T8238] __nla_validate_parse: 2 callbacks suppressed [ 169.926634][ T8238] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.759'. [ 170.113191][ T8245] tc_dump_action: action bad kind [ 170.348128][ T8259] netlink: 'syz.2.770': attribute type 1 has an invalid length. [ 170.356715][ T8259] netlink: 224 bytes leftover after parsing attributes in process `syz.2.770'. [ 170.520382][ T8271] netlink: 16 bytes leftover after parsing attributes in process `syz.2.774'. [ 170.652276][ T8280] tc_dump_action: action bad kind [ 170.819336][ T8291] netlink: 8 bytes leftover after parsing attributes in process `syz.2.782'. [ 170.851697][ T8291] netlink: 4 bytes leftover after parsing attributes in process `syz.2.782'. [ 170.879476][ T8292] netlink: 'syz.2.782': attribute type 1 has an invalid length. [ 170.896294][ T8291] netlink: 'syz.2.782': attribute type 18 has an invalid length. [ 170.907174][ T8292] netlink: 224 bytes leftover after parsing attributes in process `syz.2.782'. [ 171.301683][ T8317] tc_dump_action: action bad kind [ 171.426997][ T8319] Bluetooth: hci0: Opcode 0x0c03 failed: -112 [ 172.042930][ T8341] bridge0: port 4(batadv1) entered blocking state [ 172.049834][ T8341] bridge0: port 4(batadv1) entered disabled state [ 172.058521][ T8341] batadv1: entered allmulticast mode [ 172.066425][ T8341] batadv1: entered promiscuous mode [ 172.176350][ T8345] tc_dump_action: action bad kind [ 172.190917][ T8342] netlink: 'syz.3.802': attribute type 1 has an invalid length. [ 172.200440][ T8342] netlink: 224 bytes leftover after parsing attributes in process `syz.3.802'. [ 172.544182][ T66] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled [ 172.554212][ T66] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled [ 172.681410][ T8372] netlink: 48 bytes leftover after parsing attributes in process `syz.0.815'. [ 172.716974][ T8372] vti0: entered promiscuous mode [ 172.762413][ T8372] netlink: 32 bytes leftover after parsing attributes in process `syz.0.815'. [ 172.838684][ T8379] tc_dump_action: action bad kind [ 172.867452][ T8381] vlan2: entered promiscuous mode [ 173.240646][ T8396] netlink: 32 bytes leftover after parsing attributes in process `syz.0.824'. [ 173.501772][ T5841] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 173.511751][ T8352] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 173.560906][ T8405] openvswitch: netlink: Flow actions attr not present in new flow. [ 173.620772][ T8407] netlink: 'syz.3.828': attribute type 2 has an invalid length. [ 173.648260][ T8409] tc_dump_action: action bad kind [ 173.798563][ T8413] vti0: entered promiscuous mode [ 174.296073][ T8430] Bluetooth: hci0: Opcode 0x0c03 failed: -112 [ 174.417287][ T8436] netlink: 'syz.1.840': attribute type 1 has an invalid length. [ 175.485679][ T8469] __nla_validate_parse: 5 callbacks suppressed [ 175.485701][ T8469] netlink: 48 bytes leftover after parsing attributes in process `syz.1.852'. [ 176.134376][ T8484] netlink: 8 bytes leftover after parsing attributes in process `syz.2.856'. [ 176.380177][ T5841] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 176.412004][ T8500] netlink: 212 bytes leftover after parsing attributes in process `syz.1.863'. [ 176.838954][ T8516] netlink: 'syz.4.867': attribute type 2 has an invalid length. [ 176.885563][ T8516] netlink: 28 bytes leftover after parsing attributes in process `syz.4.867'. [ 176.920332][ T8516] netlink: 28 bytes leftover after parsing attributes in process `syz.4.867'. [ 177.130384][ T8527] netlink: 'syz.4.872': attribute type 1 has an invalid length. [ 177.161803][ T8527] netlink: 224 bytes leftover after parsing attributes in process `syz.4.872'. [ 177.356569][ T8535] vlan2: entered promiscuous mode [ 177.404237][ T66] tipc: Subscription rejected, illegal request [ 177.760243][ T8556] netlink: 8 bytes leftover after parsing attributes in process `syz.0.880'. [ 178.467019][ T8591] netlink: 212 bytes leftover after parsing attributes in process `syz.4.892'. [ 178.505516][ T8592] netlink: 'syz.2.891': attribute type 10 has an invalid length. [ 178.534991][ T8592] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 178.782270][ T8603] Bluetooth: hci0: Opcode 0x0c03 failed: -112 [ 178.813868][ T8608] tc_dump_action: action bad kind [ 179.416020][ T8636] tc_dump_action: action bad kind [ 179.997058][ T8665] netlink: 48 bytes leftover after parsing attributes in process `syz.1.924'. [ 180.032922][ T8665] netlink: 32 bytes leftover after parsing attributes in process `syz.1.924'. [ 180.112658][ T8669] tc_dump_action: action bad kind [ 180.870336][ T5841] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 180.877801][ T8632] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 180.940648][ T8694] vlan3: entered promiscuous mode [ 180.945917][ T8694] bridge0: entered promiscuous mode [ 180.951638][ T8694] vlan3: entered allmulticast mode [ 180.956885][ T8694] bridge0: entered allmulticast mode [ 181.069949][ T8698] __nla_validate_parse: 1 callbacks suppressed [ 181.069965][ T8698] netlink: 48 bytes leftover after parsing attributes in process `syz.4.937'. [ 181.094917][ T8698] netlink: 32 bytes leftover after parsing attributes in process `syz.4.937'. [ 181.258153][ T8702] netlink: 'syz.4.939': attribute type 1 has an invalid length. [ 181.266231][ T8702] netlink: 224 bytes leftover after parsing attributes in process `syz.4.939'. [ 181.779835][ T8731] netlink: 48 bytes leftover after parsing attributes in process `syz.0.949'. [ 181.818306][ T8731] netlink: 32 bytes leftover after parsing attributes in process `syz.0.949'. [ 181.969345][ T8735] netlink: 20 bytes leftover after parsing attributes in process `syz.2.951'. [ 182.062891][ T8737] netlink: 8 bytes leftover after parsing attributes in process `syz.0.952'. [ 182.165073][ T8742] netlink: 212 bytes leftover after parsing attributes in process `syz.2.955'. [ 182.283082][ T8747] netlink: 'syz.2.957': attribute type 5 has an invalid length. [ 182.316486][ T8747] netlink: 'syz.2.957': attribute type 9 has an invalid length. [ 182.333962][ T8747] netlink: 'syz.2.957': attribute type 9 has an invalid length. [ 182.340800][ T8750] netlink: 'syz.2.957': attribute type 5 has an invalid length. [ 182.571273][ T8758] FAULT_INJECTION: forcing a failure. [ 182.571273][ T8758] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 182.625104][ T8758] CPU: 0 UID: 0 PID: 8758 Comm: syz.0.961 Not tainted 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 PREEMPT(full) [ 182.625138][ T8758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 182.625152][ T8758] Call Trace: [ 182.625160][ T8758] [ 182.625169][ T8758] dump_stack_lvl+0x241/0x360 [ 182.625221][ T8758] ? __pfx_dump_stack_lvl+0x10/0x10 [ 182.625250][ T8758] ? __pfx__printk+0x10/0x10 [ 182.625293][ T8758] should_fail_ex+0x424/0x570 [ 182.625325][ T8758] _copy_from_user+0x2d/0xb0 [ 182.625348][ T8758] copy_msghdr_from_user+0xb3/0x580 [ 182.625386][ T8758] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 182.625416][ T8758] ? __fget_files+0x2a/0x420 [ 182.625460][ T8758] ? __fget_files+0x2a/0x420 [ 182.625501][ T8758] __sys_sendmsg+0x20a/0x360 [ 182.625534][ T8758] ? __pfx___sys_sendmsg+0x10/0x10 [ 182.625618][ T8758] ? do_syscall_64+0xb6/0x230 [ 182.625646][ T8758] do_syscall_64+0xf3/0x230 [ 182.625670][ T8758] ? clear_bhb_loop+0x45/0xa0 [ 182.625695][ T8758] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 182.625716][ T8758] RIP: 0033:0x7f84aed8e169 [ 182.625739][ T8758] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 182.625756][ T8758] RSP: 002b:00007f84afb74038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 182.625786][ T8758] RAX: ffffffffffffffda RBX: 00007f84aefb5fa0 RCX: 00007f84aed8e169 [ 182.625801][ T8758] RDX: 0000000000004000 RSI: 0000200000000280 RDI: 0000000000000003 [ 182.625815][ T8758] RBP: 00007f84afb74090 R08: 0000000000000000 R09: 0000000000000000 [ 182.625827][ T8758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 182.625838][ T8758] R13: 0000000000000000 R14: 00007f84aefb5fa0 R15: 00007ffc87d985a8 [ 182.625870][ T8758] [ 182.707137][ T8767] netlink: 48 bytes leftover after parsing attributes in process `syz.4.964'. [ 183.007997][ T8779] netlink: 8 bytes leftover after parsing attributes in process `syz.3.967'. [ 183.092924][ T8785] FAULT_INJECTION: forcing a failure. [ 183.092924][ T8785] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 183.106782][ T8785] CPU: 1 UID: 0 PID: 8785 Comm: syz.4.971 Not tainted 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 PREEMPT(full) [ 183.106812][ T8785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 183.106825][ T8785] Call Trace: [ 183.106833][ T8785] [ 183.106842][ T8785] dump_stack_lvl+0x241/0x360 [ 183.106880][ T8785] ? __pfx_dump_stack_lvl+0x10/0x10 [ 183.106909][ T8785] ? __pfx__printk+0x10/0x10 [ 183.106953][ T8785] should_fail_ex+0x424/0x570 [ 183.106985][ T8785] _copy_from_user+0x2d/0xb0 [ 183.107007][ T8785] sctp_getsockopt_assoc_stats+0xec/0xa10 [ 183.107044][ T8785] ? __pfx_sctp_getsockopt_assoc_stats+0x10/0x10 [ 183.107103][ T8785] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 183.107137][ T8785] sctp_getsockopt+0x42f/0xbb0 [ 183.107164][ T8785] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 183.107188][ T8785] do_sock_getsockopt+0x391/0x740 [ 183.107221][ T8785] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 183.107244][ T8785] ? __fget_files+0x2a/0x420 [ 183.107277][ T8785] ? __fget_files+0x39d/0x420 [ 183.107306][ T8785] ? __fget_files+0x2a/0x420 [ 183.107345][ T8785] __x64_sys_getsockopt+0x2a3/0x370 [ 183.107380][ T8785] ? __pfx___x64_sys_getsockopt+0x10/0x10 [ 183.107413][ T8785] ? do_syscall_64+0xb6/0x230 [ 183.107441][ T8785] do_syscall_64+0xf3/0x230 [ 183.107463][ T8785] ? clear_bhb_loop+0x45/0xa0 [ 183.107490][ T8785] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 183.107510][ T8785] RIP: 0033:0x7f0d15f8e169 [ 183.107528][ T8785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 183.107545][ T8785] RSP: 002b:00007f0d16da6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 183.107567][ T8785] RAX: ffffffffffffffda RBX: 00007f0d161b6080 RCX: 00007f0d15f8e169 [ 183.107581][ T8785] RDX: 0000000000000070 RSI: 0000000000000084 RDI: 0000000000000003 [ 183.107593][ T8785] RBP: 00007f0d16da6090 R08: 0000200000001700 R09: 0000000000000000 [ 183.107606][ T8785] R10: 0000200000001600 R11: 0000000000000246 R12: 0000000000000001 [ 183.107619][ T8785] R13: 0000000000000000 R14: 00007f0d161b6080 R15: 00007ffeff4a6fb8 [ 183.107656][ T8785] [ 183.654017][ T8797] netlink: 'syz.0.977': attribute type 1 has an invalid length. [ 183.673399][ T8797] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR [ 184.496785][ T8840] netlink: 'syz.0.995': attribute type 1 has an invalid length. [ 185.124650][ T8869] bond1: left allmulticast mode [ 185.129876][ T8869] bond1: left promiscuous mode [ 185.139577][ T8869] bridge0: port 3(bond1) entered disabled state [ 185.180465][ T8869] bridge_slave_1: left allmulticast mode [ 185.187262][ T8869] bridge_slave_1: left promiscuous mode [ 185.200313][ T8869] bridge0: port 2(bridge_slave_1) entered disabled state [ 185.217944][ T8869] bridge_slave_0: left allmulticast mode [ 185.224421][ T8869] bridge_slave_0: left promiscuous mode [ 185.239496][ T8869] bridge0: port 1(bridge_slave_0) entered disabled state [ 185.580780][ T8882] tc_dump_action: action bad kind [ 185.968615][ T8899] netdevsim netdevsim0: Direct firmware load for / [ 185.968615][ T8899] failed with error -2 [ 186.008988][ T8899] netdevsim netdevsim0: Falling back to sysfs fallback for: / [ 186.008988][ T8899] [ 186.308462][ T8912] netlink: 'syz.3.1024': attribute type 10 has an invalid length. [ 186.318472][ T8915] netlink: 'syz.1.1022': attribute type 3 has an invalid length. [ 186.413878][ T8912] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 186.567573][ T8924] tc_dump_action: action bad kind [ 186.582074][ T8926] netlink: 'syz.2.1026': attribute type 1 has an invalid length. [ 186.595829][ T8926] __nla_validate_parse: 12 callbacks suppressed [ 186.595849][ T8926] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1026'. [ 186.986085][ T8948] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1034'. [ 187.051607][ T8951] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1034'. [ 187.256957][ T8959] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1038'. [ 187.384186][ T8964] tc_dump_action: action bad kind [ 187.731080][ T8980] Bluetooth: hci0: Opcode 0x0c03 failed: -112 [ 187.971632][ T8983] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1047'. [ 188.057138][ T8995] netlink: 212 bytes leftover after parsing attributes in process `syz.3.1052'. [ 188.289931][ T9002] tc_dump_action: action bad kind [ 188.370897][ T9006] netlink: 'syz.0.1057': attribute type 1 has an invalid length. [ 188.388493][ T9006] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1057'. [ 189.112207][ T9037] tc_dump_action: action bad kind [ 189.820217][ T5841] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 189.853085][ T9016] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 190.007103][ T9065] tc_dump_action: action bad kind [ 190.292629][ T9077] IPv6: Can't replace route, no match found [ 190.304343][ T9077] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1083'. [ 190.611677][ T9092] Bluetooth: hci0: Opcode 0x0c03 failed: -112 [ 190.717904][ T9101] FAULT_INJECTION: forcing a failure. [ 190.717904][ T9101] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 190.729935][ T9103] tc_dump_action: action bad kind [ 190.741404][ T9101] CPU: 0 UID: 0 PID: 9101 Comm: syz.2.1094 Not tainted 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 PREEMPT(full) [ 190.741436][ T9101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 190.741449][ T9101] Call Trace: [ 190.741457][ T9101] [ 190.741466][ T9101] dump_stack_lvl+0x241/0x360 [ 190.741504][ T9101] ? __pfx_dump_stack_lvl+0x10/0x10 [ 190.741534][ T9101] ? __pfx__printk+0x10/0x10 [ 190.741577][ T9101] should_fail_ex+0x424/0x570 [ 190.741609][ T9101] _copy_from_iter+0x211/0x1c70 [ 190.741649][ T9101] ? alloc_pages_mpol+0x4e6/0x690 [ 190.741683][ T9101] ? __pfx__copy_from_iter+0x10/0x10 [ 190.741722][ T9101] ? set_page_refcounted+0xa1/0x1e0 [ 190.741751][ T9101] ? alloc_pages_noprof+0x136/0x190 [ 190.741777][ T9101] ? page_copy_sane+0x46/0x260 [ 190.741818][ T9101] copy_page_from_iter+0x7a/0x100 [ 190.741853][ T9101] tun_get_user+0x1f6c/0x47c0 [ 190.741881][ T9101] ? tun_get_user+0x852/0x47c0 [ 190.741923][ T9101] ? aa_file_perm+0x139/0xf60 [ 190.741954][ T9101] ? aa_file_perm+0x3f1/0xf60 [ 190.741983][ T9101] ? __pfx_tun_get_user+0x10/0x10 [ 190.742028][ T9101] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 190.742076][ T9101] ? tun_get+0x1e/0x2f0 [ 190.742100][ T9101] ? tun_get+0x1e/0x2f0 [ 190.742120][ T9101] ? tun_get+0x27d/0x2f0 [ 190.742145][ T9101] tun_chr_write_iter+0x10d/0x1f0 [ 190.742172][ T9101] vfs_write+0x70f/0xd10 [ 190.742203][ T9101] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 190.742228][ T9101] ? __pfx_vfs_write+0x10/0x10 [ 190.742255][ T9101] ? __fget_files+0x2a/0x420 [ 190.742289][ T9101] ? __fget_files+0x2a/0x420 [ 190.742331][ T9101] ksys_write+0x19d/0x2d0 [ 190.742356][ T9101] ? __pfx_ksys_write+0x10/0x10 [ 190.742386][ T9101] ? do_syscall_64+0xb6/0x230 [ 190.742413][ T9101] do_syscall_64+0xf3/0x230 [ 190.742436][ T9101] ? clear_bhb_loop+0x45/0xa0 [ 190.742461][ T9101] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 190.742481][ T9101] RIP: 0033:0x7f996258cc1f [ 190.742499][ T9101] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 190.742515][ T9101] RSP: 002b:00007f996345e000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 190.742537][ T9101] RAX: ffffffffffffffda RBX: 00007f99627b5fa0 RCX: 00007f996258cc1f [ 190.742552][ T9101] RDX: 0000000000000052 RSI: 0000200000000480 RDI: 00000000000000c8 [ 190.742565][ T9101] RBP: 00007f996345e090 R08: 0000000000000000 R09: 0000000000000000 [ 190.742577][ T9101] R10: 0000000000000052 R11: 0000000000000293 R12: 0000000000000001 [ 190.742589][ T9101] R13: 0000000000000000 R14: 00007f99627b5fa0 R15: 00007ffea35a8d18 [ 190.742622][ T9101] [ 191.089055][ T9110] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1098'. [ 191.311057][ T9118] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1100'. [ 191.653239][ T9136] tc_dump_action: action bad kind [ 191.738279][ T9137] __nla_validate_parse: 1 callbacks suppressed [ 191.738300][ T9137] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1108'. [ 191.762631][ T9141] netlink: 212 bytes leftover after parsing attributes in process `syz.0.1111'. [ 192.185423][ T9160] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1118'. [ 192.257292][ T9165] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1118'. [ 192.619966][ T9181] tc_dump_action: action bad kind [ 192.700592][ T5841] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 192.708956][ T9186] netlink: 'syz.4.1128': attribute type 1 has an invalid length. [ 192.737447][ T9186] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1128'. [ 192.967354][ T9207] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1133'. [ 192.989456][ T9207] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1133'. [ 193.085507][ T9209] vlan4: entered promiscuous mode [ 193.407202][ T9229] tc_dump_action: action bad kind [ 193.553669][ T9238] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1144'. [ 193.576066][ T9238] tunl0: Master is either lo or non-ether device [ 193.688573][ T9243] netlink: 428 bytes leftover after parsing attributes in process `syz.1.1147'. [ 193.698041][ T9243] netlink: 2528 bytes leftover after parsing attributes in process `syz.1.1147'. [ 194.011768][ T9260] tc_dump_action: action bad kind [ 194.339137][ T9273] xt_CT: No such helper "syz1" [ 194.795482][ T9294] FAULT_INJECTION: forcing a failure. [ 194.795482][ T9294] name failslab, interval 1, probability 0, space 0, times 0 [ 194.810242][ T9294] CPU: 1 UID: 0 PID: 9294 Comm: syz.4.1170 Not tainted 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 PREEMPT(full) [ 194.810274][ T9294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 194.810287][ T9294] Call Trace: [ 194.810296][ T9294] [ 194.810305][ T9294] dump_stack_lvl+0x241/0x360 [ 194.810343][ T9294] ? __pfx_dump_stack_lvl+0x10/0x10 [ 194.810372][ T9294] ? __pfx__printk+0x10/0x10 [ 194.810406][ T9294] ? __pfx___might_resched+0x10/0x10 [ 194.810436][ T9294] should_fail_ex+0x424/0x570 [ 194.810467][ T9294] should_failslab+0xac/0x100 [ 194.810497][ T9294] kmem_cache_alloc_node_noprof+0x7d/0x3b0 [ 194.810526][ T9294] ? __alloc_skb+0x1c2/0x480 [ 194.810555][ T9294] __alloc_skb+0x1c2/0x480 [ 194.810585][ T9294] ? __pfx___alloc_skb+0x10/0x10 [ 194.810615][ T9294] ? netlink_ack_tlv_len+0x6e/0x200 [ 194.810649][ T9294] netlink_ack+0x147/0xa70 [ 194.810667][ T9294] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 194.810696][ T9294] ? ref_tracker_free+0x63e/0x7e0 [ 194.810731][ T9294] netlink_rcv_skb+0x296/0x480 [ 194.810753][ T9294] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 194.810776][ T9294] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 194.810817][ T9294] ? netlink_deliver_tap+0x2e/0x1b0 [ 194.810840][ T9294] ? netlink_deliver_tap+0x2e/0x1b0 [ 194.810864][ T9294] netlink_unicast+0x7f8/0x9a0 [ 194.810905][ T9294] ? __pfx_netlink_unicast+0x10/0x10 [ 194.810939][ T9294] ? skb_put+0x114/0x1f0 [ 194.810967][ T9294] netlink_sendmsg+0x8c3/0xcd0 [ 194.811002][ T9294] ? __pfx_netlink_sendmsg+0x10/0x10 [ 194.811029][ T9294] ? aa_sock_msg_perm+0x91/0x160 [ 194.811065][ T9294] ? __pfx_netlink_sendmsg+0x10/0x10 [ 194.811084][ T9294] __sock_sendmsg+0x221/0x270 [ 194.811118][ T9294] ____sys_sendmsg+0x523/0x860 [ 194.811154][ T9294] ? __pfx_____sys_sendmsg+0x10/0x10 [ 194.811178][ T9294] ? __fget_files+0x2a/0x420 [ 194.811212][ T9294] ? __fget_files+0x2a/0x420 [ 194.811253][ T9294] __sys_sendmsg+0x271/0x360 [ 194.811284][ T9294] ? __pfx___sys_sendmsg+0x10/0x10 [ 194.811371][ T9294] ? do_syscall_64+0xb6/0x230 [ 194.811399][ T9294] do_syscall_64+0xf3/0x230 [ 194.811421][ T9294] ? clear_bhb_loop+0x45/0xa0 [ 194.811447][ T9294] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 194.811467][ T9294] RIP: 0033:0x7f0d15f8e169 [ 194.811486][ T9294] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 194.811502][ T9294] RSP: 002b:00007f0d16dc7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 194.811525][ T9294] RAX: ffffffffffffffda RBX: 00007f0d161b5fa0 RCX: 00007f0d15f8e169 [ 194.811540][ T9294] RDX: 0000000000004000 RSI: 0000200000000280 RDI: 0000000000000003 [ 194.811553][ T9294] RBP: 00007f0d16dc7090 R08: 0000000000000000 R09: 0000000000000000 [ 194.811565][ T9294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 194.811577][ T9294] R13: 0000000000000000 R14: 00007f0d161b5fa0 R15: 00007ffeff4a6fb8 [ 194.811610][ T9294] [ 195.885946][ T9336] tc_dump_action: action bad kind [ 196.366014][ T9361] Bluetooth: hci0: Opcode 0x0c03 failed: -112 [ 196.483573][ T9379] tc_dump_action: action bad kind [ 196.705693][ T9388] FAULT_INJECTION: forcing a failure. [ 196.705693][ T9388] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 196.727432][ T9388] CPU: 0 UID: 0 PID: 9388 Comm: syz.3.1206 Not tainted 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 PREEMPT(full) [ 196.727465][ T9388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 196.727486][ T9388] Call Trace: [ 196.727494][ T9388] [ 196.727504][ T9388] dump_stack_lvl+0x241/0x360 [ 196.727543][ T9388] ? __pfx_dump_stack_lvl+0x10/0x10 [ 196.727572][ T9388] ? __pfx__printk+0x10/0x10 [ 196.727613][ T9388] should_fail_ex+0x424/0x570 [ 196.727646][ T9388] _copy_to_user+0x31/0xb0 [ 196.727671][ T9388] simple_read_from_buffer+0xc4/0x170 [ 196.727706][ T9388] proc_fail_nth_read+0x1ef/0x260 [ 196.727730][ T9388] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 196.727755][ T9388] ? rw_verify_area+0x246/0x630 [ 196.727774][ T9388] ? xsk_setsockopt+0x104/0x840 [ 196.727803][ T9388] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 196.727826][ T9388] vfs_read+0x21f/0xb90 [ 196.727858][ T9388] ? __pfx_vfs_read+0x10/0x10 [ 196.727881][ T9388] ? do_sock_setsockopt+0x3ea/0x710 [ 196.727911][ T9388] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 196.727941][ T9388] ksys_read+0x19d/0x2d0 [ 196.727965][ T9388] ? __pfx_ksys_read+0x10/0x10 [ 196.727993][ T9388] ? do_syscall_64+0xb6/0x230 [ 196.728020][ T9388] do_syscall_64+0xf3/0x230 [ 196.728043][ T9388] ? clear_bhb_loop+0x45/0xa0 [ 196.728067][ T9388] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 196.728087][ T9388] RIP: 0033:0x7f578538cb7c [ 196.728105][ T9388] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 196.728120][ T9388] RSP: 002b:00007f57862b2030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 196.728140][ T9388] RAX: ffffffffffffffda RBX: 00007f57855b5fa0 RCX: 00007f578538cb7c [ 196.728154][ T9388] RDX: 000000000000000f RSI: 00007f57862b20a0 RDI: 0000000000000004 [ 196.728166][ T9388] RBP: 00007f57862b2090 R08: 0000000000000000 R09: 0000000000000000 [ 196.728179][ T9388] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 196.728190][ T9388] R13: 0000000000000000 R14: 00007f57855b5fa0 R15: 00007ffd695c10d8 [ 196.728224][ T9388] [ 197.057708][ T9396] netlink: 'syz.0.1207': attribute type 4 has an invalid length. [ 197.067461][ T9396] __nla_validate_parse: 10 callbacks suppressed [ 197.067491][ T9396] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1207'. [ 197.419523][ T9408] af_packet: tpacket_rcv: packet too big, clamped from 65354 to 3710. macoff=82 [ 197.576223][ T9415] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1217'. [ 197.594266][ T9415] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1217'. [ 197.864206][ T9428] netlink: 212 bytes leftover after parsing attributes in process `syz.3.1223'. [ 197.988748][ T9433] ieee802154 phy0 wpan0: encryption failed: -22 [ 197.996621][ T9433] netlink: 'syz.0.1225': attribute type 13 has an invalid length. [ 198.326219][ T9451] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1233'. [ 198.335816][ T9451] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1233'. [ 198.380637][ T5841] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 198.387648][ T9404] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 198.705657][ T9471] netlink: 'syz.4.1240': attribute type 1 has an invalid length. [ 198.722423][ T9471] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1240'. [ 198.902346][ T9481] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1245'. [ 199.055428][ T9487] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1247'. [ 199.064870][ T9485] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 199.204063][ T9493] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1249'. [ 199.293377][ T9498] tc_dump_action: action bad kind [ 199.432863][ T9503] tc_dump_action: action bad kind [ 199.590802][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.782127][ T9518] xt_ecn: cannot match TCP bits for non-tcp packets [ 199.960621][ T9523] xt_CT: No such helper "snmp" [ 200.165843][ T9533] tc_dump_action: action bad kind [ 200.549781][ T9549] netlink: 'syz.1.1272': attribute type 1 has an invalid length. [ 200.905168][ T9564] tc_dump_action: action bad kind [ 201.100718][ T5841] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 201.108423][ T9514] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 201.436113][ T9593] tc_dump_action: action bad kind [ 201.456671][ T9595] sock: sock_timestamping_bind_phc: sock not bind to device [ 201.875885][ T9611] Bluetooth: hci0: Opcode 0x0c03 failed: -112 [ 202.204734][ T9631] tc_dump_action: action bad kind [ 202.266160][ T9629] __nla_validate_parse: 14 callbacks suppressed [ 202.266186][ T9629] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1301'. [ 202.582778][ T9635] tc_dump_action: action bad kind [ 203.599858][ T9687] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1323'. [ 203.904903][ T5841] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 203.911769][ T9659] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 204.055489][ T9707] netlink: 'syz.2.1330': attribute type 13 has an invalid length. [ 204.101747][ T9707] netlink: 'syz.2.1330': attribute type 27 has an invalid length. [ 204.162945][ T9709] netlink: 'syz.1.1331': attribute type 1 has an invalid length. [ 204.186750][ T9709] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1331'. [ 204.712929][ T9731] Bluetooth: hci0: Opcode 0x0c03 failed: -112 [ 204.858426][ T9743] FAULT_INJECTION: forcing a failure. [ 204.858426][ T9743] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 204.884241][ T9743] CPU: 1 UID: 0 PID: 9743 Comm: syz.4.1346 Not tainted 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 PREEMPT(full) [ 204.884274][ T9743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 204.884287][ T9743] Call Trace: [ 204.884296][ T9743] [ 204.884305][ T9743] dump_stack_lvl+0x241/0x360 [ 204.884343][ T9743] ? __pfx_dump_stack_lvl+0x10/0x10 [ 204.884373][ T9743] ? __pfx__printk+0x10/0x10 [ 204.884416][ T9743] should_fail_ex+0x424/0x570 [ 204.884449][ T9743] _copy_from_user+0x2d/0xb0 [ 204.884473][ T9743] copy_msghdr_from_user+0xb3/0x580 [ 204.884514][ T9743] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 204.884565][ T9743] __sys_sendmmsg+0x361/0x7b0 [ 204.884607][ T9743] ? __pfx___sys_sendmmsg+0x10/0x10 [ 204.884674][ T9743] ? rcu_read_lock_any_held+0xbb/0x160 [ 204.884702][ T9743] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 204.884742][ T9743] ? vfs_write+0xb29/0xd10 [ 204.884777][ T9743] ? ksys_write+0x24e/0x2d0 [ 204.884804][ T9743] ? __mutex_unlock_slowpath+0x229/0x800 [ 204.884861][ T9743] ? ksys_write+0x275/0x2d0 [ 204.884898][ T9743] __x64_sys_sendmmsg+0xa0/0xb0 [ 204.884928][ T9743] do_syscall_64+0xf3/0x230 [ 204.884952][ T9743] ? clear_bhb_loop+0x45/0xa0 [ 204.884978][ T9743] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 204.884998][ T9743] RIP: 0033:0x7f0d15f8e169 [ 204.885016][ T9743] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 204.885033][ T9743] RSP: 002b:00007f0d16dc7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 204.885055][ T9743] RAX: ffffffffffffffda RBX: 00007f0d161b5fa0 RCX: 00007f0d15f8e169 [ 204.885070][ T9743] RDX: 00000000040000cf RSI: 0000200000000900 RDI: 000000000000000c [ 204.885083][ T9743] RBP: 00007f0d16dc7090 R08: 0000000000000000 R09: 0000000000000000 [ 204.885096][ T9743] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 204.885108][ T9743] R13: 0000000000000000 R14: 00007f0d161b5fa0 R15: 00007ffeff4a6fb8 [ 204.885141][ T9743] [ 204.921232][ T9745] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1348'. [ 205.506840][ T9763] netlink: 212 bytes leftover after parsing attributes in process `syz.4.1353'. [ 205.637905][ T9771] netlink: 'syz.2.1356': attribute type 1 has an invalid length. [ 205.670201][ T9771] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1356'. [ 206.456643][ T9809] FAULT_INJECTION: forcing a failure. [ 206.456643][ T9809] name failslab, interval 1, probability 0, space 0, times 0 [ 206.480210][ T9809] CPU: 1 UID: 0 PID: 9809 Comm: syz.4.1370 Not tainted 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 PREEMPT(full) [ 206.480257][ T9809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 206.480277][ T9809] Call Trace: [ 206.480290][ T9809] [ 206.480305][ T9809] dump_stack_lvl+0x241/0x360 [ 206.480364][ T9809] ? __pfx_dump_stack_lvl+0x10/0x10 [ 206.480394][ T9809] ? __pfx__printk+0x10/0x10 [ 206.480427][ T9809] ? __pfx___might_resched+0x10/0x10 [ 206.480461][ T9809] should_fail_ex+0x424/0x570 [ 206.480493][ T9809] should_failslab+0xac/0x100 [ 206.480524][ T9809] kmem_cache_alloc_node_noprof+0x7d/0x3b0 [ 206.480554][ T9809] ? __alloc_skb+0x1c2/0x480 [ 206.480583][ T9809] __alloc_skb+0x1c2/0x480 [ 206.480612][ T9809] ? __pfx___alloc_skb+0x10/0x10 [ 206.480633][ T9809] ? __local_bh_enable_ip+0x168/0x200 [ 206.480654][ T9809] ? l2tp_ip_sendmsg+0x36/0x1670 [ 206.480676][ T9809] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 206.480702][ T9809] sock_wmalloc+0xab/0x120 [ 206.480734][ T9809] l2tp_ip_sendmsg+0x1b3/0x1670 [ 206.480762][ T9809] ? inet_sendmsg+0x330/0x390 [ 206.480796][ T9809] __sock_sendmsg+0x1a6/0x270 [ 206.480832][ T9809] ____sys_sendmsg+0x523/0x860 [ 206.480868][ T9809] ? __pfx_____sys_sendmsg+0x10/0x10 [ 206.480913][ T9809] __sys_sendmmsg+0x3a0/0x7b0 [ 206.480952][ T9809] ? __pfx___sys_sendmmsg+0x10/0x10 [ 206.481012][ T9809] ? rcu_read_lock_any_held+0xbb/0x160 [ 206.481032][ T9809] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 206.481053][ T9809] ? vfs_write+0xb29/0xd10 [ 206.481077][ T9809] ? ksys_write+0x24e/0x2d0 [ 206.481095][ T9809] ? __mutex_unlock_slowpath+0x229/0x800 [ 206.481136][ T9809] ? ksys_write+0x275/0x2d0 [ 206.481161][ T9809] __x64_sys_sendmmsg+0xa0/0xb0 [ 206.481181][ T9809] do_syscall_64+0xf3/0x230 [ 206.481198][ T9809] ? clear_bhb_loop+0x45/0xa0 [ 206.481215][ T9809] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 206.481229][ T9809] RIP: 0033:0x7f0d15f8e169 [ 206.481242][ T9809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 206.481254][ T9809] RSP: 002b:00007f0d16dc7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 206.481269][ T9809] RAX: ffffffffffffffda RBX: 00007f0d161b5fa0 RCX: 00007f0d15f8e169 [ 206.481280][ T9809] RDX: 00000000040000cf RSI: 0000200000000900 RDI: 000000000000000c [ 206.481290][ T9809] RBP: 00007f0d16dc7090 R08: 0000000000000000 R09: 0000000000000000 [ 206.481298][ T9809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 206.481307][ T9809] R13: 0000000000000000 R14: 00007f0d161b5fa0 R15: 00007ffeff4a6fb8 [ 206.481329][ T9809] [ 206.791017][ T5841] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 206.811238][ T9777] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 207.189492][ T9828] netlink: 'syz.1.1379': attribute type 1 has an invalid length. [ 207.207794][ T9828] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1379'. [ 207.365302][ T9837] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1382'. [ 207.811526][ T9853] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1384'. [ 208.177951][ T9873] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1390'. [ 208.206241][ T9873] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1390'. [ 208.291832][ T9846] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 208.572213][ T9891] netlink: 'syz.2.1397': attribute type 1 has an invalid length. [ 208.589169][ T9891] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1397'. [ 209.031701][ T9903] vlan2: entered promiscuous mode [ 209.076130][ T9913] netlink: 'syz.2.1406': attribute type 1 has an invalid length. [ 209.100670][ T9913] netlink: 'syz.2.1406': attribute type 4 has an invalid length. [ 209.111495][ T9913] netlink: 15363 bytes leftover after parsing attributes in process `syz.2.1406'. [ 209.400859][ T9933] Â: renamed from pim6reg1 [ 209.471669][ T9937] netlink: 'syz.2.1413': attribute type 1 has an invalid length. [ 209.548603][ T9937] 8021q: adding VLAN 0 to HW filter on device bond2 [ 209.631456][ T9937] bond2: (slave gretap1): making interface the new active one [ 209.654624][ T9937] bond2: (slave gretap1): Enslaving as an active interface with an up link [ 209.688205][ T9947] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1416'. [ 209.775876][ T9951] netlink: 'syz.4.1418': attribute type 1 has an invalid length. [ 209.810805][ T9951] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1418'. [ 209.838150][ T9954] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1419'. [ 210.109741][ T9958] FAULT_INJECTION: forcing a failure. [ 210.109741][ T9958] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 210.192843][ T9958] CPU: 1 UID: 0 PID: 9958 Comm: syz.1.1420 Not tainted 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 PREEMPT(full) [ 210.192875][ T9958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 210.192888][ T9958] Call Trace: [ 210.192896][ T9958] [ 210.192905][ T9958] dump_stack_lvl+0x241/0x360 [ 210.192942][ T9958] ? __pfx_dump_stack_lvl+0x10/0x10 [ 210.192967][ T9958] ? __pfx__printk+0x10/0x10 [ 210.193000][ T9958] should_fail_ex+0x424/0x570 [ 210.193025][ T9958] _copy_from_user+0x2d/0xb0 [ 210.193052][ T9958] copy_msghdr_from_user+0xb3/0x580 [ 210.193084][ T9958] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 210.193122][ T9958] __sys_sendmmsg+0x361/0x7b0 [ 210.193153][ T9958] ? __pfx___sys_sendmmsg+0x10/0x10 [ 210.193202][ T9958] ? rcu_read_lock_any_held+0xbb/0x160 [ 210.193224][ T9958] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 210.193248][ T9958] ? vfs_write+0xb29/0xd10 [ 210.193274][ T9958] ? ksys_write+0x24e/0x2d0 [ 210.193297][ T9958] ? __mutex_unlock_slowpath+0x229/0x800 [ 210.193340][ T9958] ? ksys_write+0x275/0x2d0 [ 210.193367][ T9958] __x64_sys_sendmmsg+0xa0/0xb0 [ 210.193389][ T9958] do_syscall_64+0xf3/0x230 [ 210.193408][ T9958] ? clear_bhb_loop+0x45/0xa0 [ 210.193427][ T9958] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 210.193443][ T9958] RIP: 0033:0x7f219af8e169 [ 210.193457][ T9958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 210.193470][ T9958] RSP: 002b:00007f219bd93038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 210.193488][ T9958] RAX: ffffffffffffffda RBX: 00007f219b1b5fa0 RCX: 00007f219af8e169 [ 210.193499][ T9958] RDX: 00000000040000cf RSI: 0000200000000900 RDI: 000000000000000c [ 210.193510][ T9958] RBP: 00007f219bd93090 R08: 0000000000000000 R09: 0000000000000000 [ 210.193520][ T9958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 210.193529][ T9958] R13: 0000000000000000 R14: 00007f219b1b5fa0 R15: 00007ffecde707c8 [ 210.193553][ T9958] [ 210.248174][ T9963] netlink: 'syz.4.1422': attribute type 1 has an invalid length. [ 210.400977][ T5841] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 210.424575][ T9963] netlink: 208 bytes leftover after parsing attributes in process `syz.4.1422'. [ 210.789453][ T9978] raw_sendmsg: syz.2.1427 forgot to set AF_INET. Fix it! [ 211.022631][ T9981] Illegal XDP return value 3684627025 on prog (id 505) dev N/A, expect packet loss! [ 211.227959][ T9990] gre1: entered allmulticast mode [ 211.310318][ T9991] vlan4: entered promiscuous mode [ 211.900402][ T5841] Bluetooth: hci3: command 0x0406 tx timeout [ 211.901885][ T5852] Bluetooth: hci1: command 0x0406 tx timeout [ 211.908021][ T5841] Bluetooth: hci2: command 0x0406 tx timeout [ 212.123194][T10034] FAULT_INJECTION: forcing a failure. [ 212.123194][T10034] name failslab, interval 1, probability 0, space 0, times 0 [ 212.136074][T10034] CPU: 0 UID: 0 PID: 10034 Comm: syz.2.1444 Not tainted 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 PREEMPT(full) [ 212.136102][T10034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 212.136116][T10034] Call Trace: [ 212.136124][T10034] [ 212.136140][T10034] dump_stack_lvl+0x241/0x360 [ 212.136178][T10034] ? __pfx_dump_stack_lvl+0x10/0x10 [ 212.136208][T10034] ? __pfx__printk+0x10/0x10 [ 212.136241][T10034] ? __pfx___might_resched+0x10/0x10 [ 212.136272][T10034] should_fail_ex+0x424/0x570 [ 212.136304][T10034] should_failslab+0xac/0x100 [ 212.136335][T10034] kmem_cache_alloc_node_noprof+0x7d/0x3b0 [ 212.136365][T10034] ? __alloc_skb+0x1c2/0x480 [ 212.136393][T10034] __alloc_skb+0x1c2/0x480 [ 212.136424][T10034] ? __pfx___alloc_skb+0x10/0x10 [ 212.136445][T10034] ? __local_bh_enable_ip+0x168/0x200 [ 212.136466][T10034] ? l2tp_ip_sendmsg+0x36/0x1670 [ 212.136487][T10034] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 212.136514][T10034] sock_wmalloc+0xab/0x120 [ 212.136544][T10034] l2tp_ip_sendmsg+0x1b3/0x1670 [ 212.136572][T10034] ? inet_sendmsg+0x330/0x390 [ 212.136605][T10034] __sock_sendmsg+0x1a6/0x270 [ 212.136641][T10034] ____sys_sendmsg+0x523/0x860 [ 212.136679][T10034] ? __pfx_____sys_sendmsg+0x10/0x10 [ 212.136724][T10034] __sys_sendmmsg+0x3a0/0x7b0 [ 212.136765][T10034] ? __pfx___sys_sendmmsg+0x10/0x10 [ 212.136833][T10034] ? rcu_read_lock_any_held+0xbb/0x160 [ 212.136861][T10034] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 212.136891][T10034] ? vfs_write+0xb29/0xd10 [ 212.136919][T10034] ? __lock_acquire+0xad5/0xd80 [ 212.136940][T10034] ? from_kuid+0x211/0x740 [ 212.136963][T10034] ? __pfx_from_kuid+0x10/0x10 [ 212.137000][T10034] ? bpf_trace_run2+0x1fe/0x550 [ 212.137029][T10034] ? bpf_trace_run2+0x39f/0x550 [ 212.137084][T10034] ? trace_sys_enter+0x74/0x120 [ 212.137107][T10034] ? rcu_is_watching+0x15/0xb0 [ 212.137144][T10034] __x64_sys_sendmmsg+0xa0/0xb0 [ 212.137174][T10034] do_syscall_64+0xf3/0x230 [ 212.137198][T10034] ? clear_bhb_loop+0x45/0xa0 [ 212.137223][T10034] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 212.137243][T10034] RIP: 0033:0x7f996258e169 [ 212.137261][T10034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 212.137278][T10034] RSP: 002b:00007f996345e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 212.137299][T10034] RAX: ffffffffffffffda RBX: 00007f99627b5fa0 RCX: 00007f996258e169 [ 212.137314][T10034] RDX: 00000000040000cf RSI: 0000200000000900 RDI: 000000000000000c [ 212.137327][T10034] RBP: 00007f996345e090 R08: 0000000000000000 R09: 0000000000000000 [ 212.137340][T10034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 212.137352][T10034] R13: 0000000000000000 R14: 00007f99627b5fa0 R15: 00007ffea35a8d18 [ 212.137386][T10034] [ 212.436098][T10022] tc_dump_action: action bad kind [ 212.840867][T10051] __nla_validate_parse: 3 callbacks suppressed [ 212.840887][T10051] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1449'. [ 213.047510][T10067] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1454'. [ 213.360492][T10075] Bluetooth: hci0: Opcode 0x0c03 failed: -112 [ 214.055962][T10103] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1468'. [ 214.221760][T10113] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1470'. [ 214.357414][T10118] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1471'. [ 215.020966][T10141] tc_dump_action: action bad kind [ 215.151098][T10146] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1478'. [ 215.335673][T10154] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1485'. [ 215.420730][ T5856] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 215.787130][T10165] bridge_slave_0: left allmulticast mode [ 215.818816][T10165] bridge_slave_0: left promiscuous mode [ 215.845440][T10170] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1487'. [ 215.854669][T10165] bridge0: port 1(bridge_slave_0) entered disabled state [ 215.895828][T10165] bridge_slave_1: left allmulticast mode [ 215.945425][T10165] bridge_slave_1: left promiscuous mode [ 215.970701][T10165] bridge0: port 2(bridge_slave_1) entered disabled state [ 216.046243][T10177] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1487'. [ 216.101525][T10165] bond0: (slave bond_slave_0): Releasing backup interface [ 216.135972][T10180] netlink: 'syz.3.1492': attribute type 5 has an invalid length. [ 216.145557][T10165] bond_slave_0: left promiscuous mode [ 216.154336][T10165] bond_slave_0: left allmulticast mode [ 216.202945][T10165] bond0: (slave bond_slave_1): Releasing backup interface [ 216.256158][T10165] bond_slave_1: left promiscuous mode [ 216.276303][T10165] bond_slave_1: left allmulticast mode [ 216.325206][T10165] team0: Port device team_slave_0 removed [ 216.378942][T10165] team0: Port device team_slave_1 removed [ 216.401483][T10165] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 216.429260][T10165] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 216.463029][T10165] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 216.486757][T10165] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 216.509058][T10165] batman_adv: batadv0: Interface deactivated: virt_wifi0 [ 216.520189][T10165] batman_adv: batadv0: Removing interface: virt_wifi0 [ 216.630246][T10165] vlan2: left promiscuous mode [ 216.635252][T10165] bond0: left promiscuous mode [ 216.651101][T10165] bridge0: port 3(vlan2) entered disabled state [ 216.824340][T10165] batadv1: left allmulticast mode [ 216.829487][T10165] batadv1: left promiscuous mode [ 216.850680][T10165] bridge0: port 4(batadv1) entered disabled state [ 218.936301][T10193] tc_dump_action: action bad kind [ 219.016872][T10198] netlink: 'syz.4.1499': attribute type 1 has an invalid length. [ 219.037339][T10198] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1499'. [ 219.088620][T10200] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1498'. [ 219.229454][T10207] tc_dump_action: action bad kind [ 220.124579][T10228] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1506'. [ 220.278907][T10240] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1512'. [ 220.280374][T10238] tc_dump_action: action bad kind [ 220.414542][T10242] netlink: 'syz.2.1511': attribute type 3 has an invalid length. [ 220.426372][T10242] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1511'. [ 220.716395][ T1207] IPVS: starting estimator thread 0... [ 220.830337][T10256] IPVS: using max 30 ests per chain, 72000 per kthread [ 220.881403][T10260] Bluetooth: hci0: Opcode 0x0c03 failed: -112 [ 220.959291][T10264] netlink: 'syz.4.1520': attribute type 10 has an invalid length. [ 221.215072][T10264] netdevsim netdevsim4 netdevsim0: entered allmulticast mode [ 221.224135][T10264] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 221.348155][T10275] tc_dump_action: action bad kind [ 221.496722][T10289] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1528'. [ 221.540972][T10289] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1528'. [ 221.848253][T10306] netlink: 'syz.0.1535': attribute type 3 has an invalid length. [ 221.856268][T10306] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1535'. [ 222.001173][T10312] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1538'. [ 222.016278][T10312] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1538'. [ 222.039688][T10312] netlink: 'syz.3.1538': attribute type 16 has an invalid length. [ 222.072801][T10312] netlink: 'syz.3.1538': attribute type 3 has an invalid length. [ 222.229109][T10320] tc_dump_action: action bad kind [ 222.940822][ T5856] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 222.955752][T10292] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 223.129093][T10350] netlink: 'syz.2.1551': attribute type 1 has an invalid length. [ 223.240581][T10354] netlink: 'syz.4.1553': attribute type 5 has an invalid length. [ 223.309521][T10361] tipc: Started in network mode [ 223.337966][T10361] tipc: Node identity 7, cluster identity 4711 [ 223.396353][T10361] tipc: Node number set to 7 [ 223.628769][T10361] tipc: Cannot configure node identity twice [ 223.650013][T10376] Bluetooth: hci0: Opcode 0x0c03 failed: -112 [ 224.155631][T10391] __nla_validate_parse: 5 callbacks suppressed [ 224.155654][T10391] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1566'. [ 224.258917][T10396] tc_dump_action: action bad kind [ 224.939368][T10426] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1582'. [ 224.968712][T10426] netlink: 'syz.2.1582': attribute type 9 has an invalid length. [ 224.980217][T10426] netlink: 203172 bytes leftover after parsing attributes in process `syz.2.1582'. [ 225.028523][T10432] netlink: 'syz.3.1580': attribute type 11 has an invalid length. [ 225.044066][T10433] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1579'. [ 225.069397][T10432] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1580'. [ 225.550926][T10456] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1588'. [ 225.740321][ T5856] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 225.814124][T10468] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1594'. [ 225.870864][T10468] delete_channel: no stack [ 225.909253][T10466] Bluetooth: hci0: Opcode 0x0c03 failed: -112 [ 226.079727][T10474] netlink: 'syz.0.1596': attribute type 1 has an invalid length. [ 226.101860][T10474] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1596'. [ 226.655750][T10501] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1608'. [ 226.764435][T10505] sysfs: cannot create duplicate filename '/class/ieee80211/!å¯!$' [ 226.798735][T10505] CPU: 0 UID: 0 PID: 10505 Comm: syz.4.1609 Not tainted 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 PREEMPT(full) [ 226.798770][T10505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 226.798784][T10505] Call Trace: [ 226.798792][T10505] [ 226.798802][T10505] dump_stack_lvl+0x241/0x360 [ 226.798843][T10505] ? __pfx_dump_stack_lvl+0x10/0x10 [ 226.798874][T10505] ? __pfx__printk+0x10/0x10 [ 226.798903][T10505] ? kernfs_path_from_node+0x2b/0x250 [ 226.798939][T10505] ? kernfs_path_from_node+0x217/0x250 [ 226.798965][T10505] sysfs_warn_dup+0x8e/0xa0 [ 226.798998][T10505] sysfs_do_create_link_sd+0xbe/0x110 [ 226.799036][T10505] device_add_class_symlinks+0x1c5/0x250 [ 226.799072][T10505] device_add+0x553/0xbf0 [ 226.799121][T10505] wiphy_register+0x193c/0x2660 [ 226.799165][T10505] ? __pfx_wiphy_register+0x10/0x10 [ 226.799191][T10505] ? minstrel_ht_alloc+0x85a/0x950 [ 226.799229][T10505] ? ieee80211_init_rate_ctrl_alg+0x5a2/0x620 [ 226.799284][T10505] ieee80211_register_hw+0x35e9/0x42d0 [ 226.799334][T10505] ? ieee80211_register_hw+0x1661/0x42d0 [ 226.799388][T10505] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 226.799436][T10505] ? __hrtimer_setup+0x17f/0x200 [ 226.799459][T10505] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 226.799492][T10505] mac80211_hwsim_new_radio+0x2adc/0x4a60 [ 226.799553][T10505] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 226.799579][T10505] ? trace_kmalloc+0x1f/0xd0 [ 226.799604][T10505] ? __kmalloc_node_track_caller_noprof+0x2b2/0x4d0 [ 226.799633][T10505] ? kstrndup+0xbb/0x150 [ 226.799669][T10505] hwsim_new_radio_nl+0xed0/0x2290 [ 226.799710][T10505] ? __pfx___nla_validate_parse+0x10/0x10 [ 226.799746][T10505] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 226.799816][T10505] ? genl_family_rcv_msg_attrs_parse+0x1d4/0x290 [ 226.799856][T10505] genl_rcv_msg+0xb38/0xf00 [ 226.799895][T10505] ? __pfx_genl_rcv_msg+0x10/0x10 [ 226.799920][T10505] ? stack_trace_save+0x11a/0x1d0 [ 226.799959][T10505] ? __pfx_stack_trace_save+0x10/0x10 [ 226.799991][T10505] ? stack_depot_save_flags+0x44/0x940 [ 226.800033][T10505] ? stack_trace_snprint+0x71/0xf0 [ 226.800077][T10505] ? __lock_acquire+0xad5/0xd80 [ 226.800099][T10505] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 226.800144][T10505] netlink_rcv_skb+0x208/0x480 [ 226.800167][T10505] ? __pfx_genl_rcv_msg+0x10/0x10 [ 226.800195][T10505] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 226.800243][T10505] ? netlink_deliver_tap+0x2e/0x1b0 [ 226.800272][T10505] genl_rcv+0x28/0x40 [ 226.800297][T10505] netlink_unicast+0x7f8/0x9a0 [ 226.800341][T10505] ? __pfx_netlink_unicast+0x10/0x10 [ 226.800375][T10505] ? skb_put+0x114/0x1f0 [ 226.800406][T10505] netlink_sendmsg+0x8c3/0xcd0 [ 226.800445][T10505] ? __pfx_netlink_sendmsg+0x10/0x10 [ 226.800473][T10505] ? aa_sock_msg_perm+0x91/0x160 [ 226.800510][T10505] ? __pfx_netlink_sendmsg+0x10/0x10 [ 226.800529][T10505] __sock_sendmsg+0x221/0x270 [ 226.800566][T10505] ____sys_sendmsg+0x523/0x860 [ 226.800605][T10505] ? __pfx_____sys_sendmsg+0x10/0x10 [ 226.800630][T10505] ? __fget_files+0x2a/0x420 [ 226.800665][T10505] ? __fget_files+0x2a/0x420 [ 226.800707][T10505] __sys_sendmsg+0x271/0x360 [ 226.800741][T10505] ? __pfx___sys_sendmsg+0x10/0x10 [ 226.800835][T10505] ? do_syscall_64+0xb6/0x230 [ 226.800863][T10505] do_syscall_64+0xf3/0x230 [ 226.800887][T10505] ? clear_bhb_loop+0x45/0xa0 [ 226.800913][T10505] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 226.800944][T10505] RIP: 0033:0x7f0d15f8e169 [ 226.800965][T10505] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 226.800982][T10505] RSP: 002b:00007f0d16dc7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 226.801016][T10505] RAX: ffffffffffffffda RBX: 00007f0d161b5fa0 RCX: 00007f0d15f8e169 [ 226.801031][T10505] RDX: 0000000000000300 RSI: 0000200000000040 RDI: 0000000000000009 [ 226.801043][T10505] RBP: 00007f0d16010a68 R08: 0000000000000000 R09: 0000000000000000 [ 226.801055][T10505] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 226.801067][T10505] R13: 0000000000000000 R14: 00007f0d161b5fa0 R15: 00007ffeff4a6fb8 [ 226.801100][T10505] [ 227.216437][T10511] tc_dump_action: action bad kind [ 227.736868][T10555] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1617'. [ 227.980956][ T5856] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 227.994304][T10500] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 228.150893][T10569] netlink: 'syz.3.1623': attribute type 9 has an invalid length. [ 228.215318][T10573] sysfs: cannot create duplicate filename '/class/ieee80211/!å¯!$' [ 228.230385][T10573] CPU: 0 UID: 0 PID: 10573 Comm: syz.0.1624 Not tainted 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 PREEMPT(full) [ 228.230419][T10573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 228.230433][T10573] Call Trace: [ 228.230441][T10573] [ 228.230450][T10573] dump_stack_lvl+0x241/0x360 [ 228.230500][T10573] ? __pfx_dump_stack_lvl+0x10/0x10 [ 228.230530][T10573] ? __pfx__printk+0x10/0x10 [ 228.230557][T10573] ? kernfs_path_from_node+0x2b/0x250 [ 228.230583][T10573] ? kernfs_path_from_node+0x217/0x250 [ 228.230608][T10573] sysfs_warn_dup+0x8e/0xa0 [ 228.230639][T10573] sysfs_do_create_link_sd+0xbe/0x110 [ 228.230674][T10573] device_add_class_symlinks+0x1c5/0x250 [ 228.230708][T10573] device_add+0x553/0xbf0 [ 228.230744][T10573] wiphy_register+0x193c/0x2660 [ 228.230786][T10573] ? __pfx_wiphy_register+0x10/0x10 [ 228.230811][T10573] ? minstrel_ht_alloc+0x85a/0x950 [ 228.230849][T10573] ? ieee80211_init_rate_ctrl_alg+0x5a2/0x620 [ 228.230885][T10573] ieee80211_register_hw+0x35e9/0x42d0 [ 228.230933][T10573] ? ieee80211_register_hw+0x1661/0x42d0 [ 228.230975][T10573] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 228.231022][T10573] ? __hrtimer_setup+0x17f/0x200 [ 228.231045][T10573] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 228.231079][T10573] mac80211_hwsim_new_radio+0x2adc/0x4a60 [ 228.231141][T10573] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 228.231166][T10573] ? trace_kmalloc+0x1f/0xd0 [ 228.231191][T10573] ? __kmalloc_node_track_caller_noprof+0x2b2/0x4d0 [ 228.231219][T10573] ? kstrndup+0xbb/0x150 [ 228.231256][T10573] hwsim_new_radio_nl+0xed0/0x2290 [ 228.231298][T10573] ? __pfx___nla_validate_parse+0x10/0x10 [ 228.231337][T10573] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 228.231405][T10573] ? genl_family_rcv_msg_attrs_parse+0x1d4/0x290 [ 228.231444][T10573] genl_rcv_msg+0xb38/0xf00 [ 228.231488][T10573] ? __pfx_genl_rcv_msg+0x10/0x10 [ 228.231512][T10573] ? stack_trace_save+0x11a/0x1d0 [ 228.231545][T10573] ? __pfx_stack_trace_save+0x10/0x10 [ 228.231576][T10573] ? stack_depot_save_flags+0x44/0x940 [ 228.231600][T10573] ? stack_trace_snprint+0x71/0xf0 [ 228.231645][T10573] ? __lock_acquire+0xad5/0xd80 [ 228.231669][T10573] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 228.231714][T10573] netlink_rcv_skb+0x208/0x480 [ 228.231738][T10573] ? __pfx_genl_rcv_msg+0x10/0x10 [ 228.231767][T10573] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 228.231832][T10573] ? netlink_deliver_tap+0x2e/0x1b0 [ 228.231863][T10573] genl_rcv+0x28/0x40 [ 228.231887][T10573] netlink_unicast+0x7f8/0x9a0 [ 228.231931][T10573] ? __pfx_netlink_unicast+0x10/0x10 [ 228.231967][T10573] ? skb_put+0x114/0x1f0 [ 228.231998][T10573] netlink_sendmsg+0x8c3/0xcd0 [ 228.232037][T10573] ? __pfx_netlink_sendmsg+0x10/0x10 [ 228.232065][T10573] ? aa_sock_msg_perm+0x91/0x160 [ 228.232102][T10573] ? __pfx_netlink_sendmsg+0x10/0x10 [ 228.232122][T10573] __sock_sendmsg+0x221/0x270 [ 228.232159][T10573] ____sys_sendmsg+0x523/0x860 [ 228.232198][T10573] ? __pfx_____sys_sendmsg+0x10/0x10 [ 228.232222][T10573] ? __fget_files+0x2a/0x420 [ 228.232258][T10573] ? __fget_files+0x2a/0x420 [ 228.232302][T10573] __sys_sendmsg+0x271/0x360 [ 228.232347][T10573] ? __pfx___sys_sendmsg+0x10/0x10 [ 228.232371][T10573] ? from_kuid+0x211/0x740 [ 228.232428][T10573] ? __pfx_bpf_trace_run2+0x10/0x10 [ 228.232477][T10573] ? trace_sys_enter+0x74/0x120 [ 228.232519][T10573] ? rcu_is_watching+0x15/0xb0 [ 228.232547][T10573] ? trace_sys_enter+0x25/0x120 [ 228.232577][T10573] do_syscall_64+0xf3/0x230 [ 228.232601][T10573] ? clear_bhb_loop+0x45/0xa0 [ 228.232627][T10573] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 228.232648][T10573] RIP: 0033:0x7f84aed8e169 [ 228.232669][T10573] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 228.232686][T10573] RSP: 002b:00007f84afb74038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 228.232710][T10573] RAX: ffffffffffffffda RBX: 00007f84aefb5fa0 RCX: 00007f84aed8e169 [ 228.232726][T10573] RDX: 0000000000000300 RSI: 0000200000000040 RDI: 0000000000000009 [ 228.232740][T10573] RBP: 00007f84aee10a68 R08: 0000000000000000 R09: 0000000000000000 [ 228.232754][T10573] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 228.232767][T10573] R13: 0000000000000000 R14: 00007f84aefb5fa0 R15: 00007ffc87d985a8 [ 228.232804][T10573] [ 229.117325][T10595] Bluetooth: hci0: Opcode 0x0c03 failed: -112 [ 229.207070][T10607] netlink: 'syz.3.1638': attribute type 5 has an invalid length. [ 229.233452][T10607] __nla_validate_parse: 133 callbacks suppressed [ 229.233475][T10607] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1638'. [ 229.255116][T10607] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16) [ 229.498344][T10619] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1641'. [ 229.587232][T10624] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1643'. [ 229.602521][T10622] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1645'. [ 230.675282][T10662] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1656'. [ 231.081526][T10682] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1665'. [ 231.180441][ T5856] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 231.187311][T10644] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 231.250363][T10691] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1669'. [ 231.916941][T10718] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1678'. [ 231.919753][T10720] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1680'. [ 232.317750][T10733] x_tables: duplicate underflow at hook 2 [ 233.629667][T10787] tc_dump_action: action bad kind [ 233.806694][T10793] netlink: 256 bytes leftover after parsing attributes in process `syz.4.1708'. [ 233.897337][T10798] netlink: 'syz.2.1710': attribute type 1 has an invalid length. [ 234.368176][T10827] tc_dump_action: action bad kind [ 234.768345][T10838] syz.1.1724: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 234.800193][T10838] CPU: 0 UID: 0 PID: 10838 Comm: syz.1.1724 Not tainted 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 PREEMPT(full) [ 234.800227][T10838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 234.800241][T10838] Call Trace: [ 234.800249][T10838] [ 234.800258][T10838] dump_stack_lvl+0x241/0x360 [ 234.800297][T10838] ? __pfx_dump_stack_lvl+0x10/0x10 [ 234.800326][T10838] ? __pfx__printk+0x10/0x10 [ 234.800354][T10838] ? cpuset_print_current_mems_allowed+0x1f/0x350 [ 234.800385][T10838] ? cpuset_print_current_mems_allowed+0x1f/0x350 [ 234.800414][T10838] ? cpuset_print_current_mems_allowed+0x31e/0x350 [ 234.800446][T10838] warn_alloc+0x27c/0x410 [ 234.800465][T10838] ? is_mmconf_reserved+0x3a1/0x3f0 [ 234.800487][T10838] ? __vmalloc_node_range_noprof+0x108/0x1390 [ 234.800519][T10838] ? __pfx_warn_alloc+0x10/0x10 [ 234.800541][T10838] ? kasan_save_track+0x3f/0x80 [ 234.800561][T10838] ? __kasan_kmalloc+0x9d/0xb0 [ 234.800585][T10838] ? xsk_setsockopt+0x449/0x840 [ 234.800614][T10838] ? do_sock_setsockopt+0x3b1/0x710 [ 234.800637][T10838] ? __x64_sys_setsockopt+0x1ee/0x280 [ 234.800660][T10838] ? do_syscall_64+0xf3/0x230 [ 234.800679][T10838] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 234.800711][T10838] __vmalloc_node_range_noprof+0x128/0x1390 [ 234.800777][T10838] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 234.800815][T10838] ? __kasan_kmalloc+0x9d/0xb0 [ 234.800845][T10838] vmalloc_user_noprof+0x74/0x80 [ 234.800877][T10838] ? xskq_create+0xb6/0x170 [ 234.800894][T10838] xskq_create+0xb6/0x170 [ 234.800917][T10838] xsk_init_queue+0xa1/0x100 [ 234.800953][T10838] xsk_setsockopt+0x449/0x840 [ 234.800987][T10838] ? __pfx_xsk_setsockopt+0x10/0x10 [ 234.801015][T10838] ? attach_type_to_prog_type+0x395/0x460 [ 234.801041][T10838] ? __pfx_aa_sk_perm+0x10/0x10 [ 234.801071][T10838] ? aa_sock_opt_perm+0x79/0x120 [ 234.801105][T10838] ? __pfx_xsk_setsockopt+0x10/0x10 [ 234.801135][T10838] do_sock_setsockopt+0x3b1/0x710 [ 234.801167][T10838] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 234.801196][T10838] ? __fget_files+0x2a/0x420 [ 234.801231][T10838] ? __fget_files+0x39d/0x420 [ 234.801260][T10838] ? __fget_files+0x2a/0x420 [ 234.801299][T10838] __x64_sys_setsockopt+0x1ee/0x280 [ 234.801333][T10838] do_syscall_64+0xf3/0x230 [ 234.801357][T10838] ? clear_bhb_loop+0x45/0xa0 [ 234.801381][T10838] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 234.801402][T10838] RIP: 0033:0x7f219af8e169 [ 234.801420][T10838] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 234.801438][T10838] RSP: 002b:00007f219bd93038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 234.801461][T10838] RAX: ffffffffffffffda RBX: 00007f219b1b5fa0 RCX: 00007f219af8e169 [ 234.801476][T10838] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003 [ 234.801488][T10838] RBP: 00007f219b010a68 R08: 0000000000000004 R09: 0000000000000000 [ 234.801501][T10838] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 234.801513][T10838] R13: 0000000000000000 R14: 00007f219b1b5fa0 R15: 00007ffecde707c8 [ 234.801547][T10838] [ 234.801555][T10838] Mem-Info: [ 235.158348][T10838] active_anon:12307 inactive_anon:0 isolated_anon:0 [ 235.158348][T10838] active_file:1908 inactive_file:38369 isolated_file:0 [ 235.158348][T10838] unevictable:768 dirty:281 writeback:0 [ 235.158348][T10838] slab_reclaimable:10555 slab_unreclaimable:98989 [ 235.158348][T10838] mapped:31814 shmem:7162 pagetables:778 [ 235.158348][T10838] sec_pagetables:0 bounce:0 [ 235.158348][T10838] kernel_misc_reclaimable:0 [ 235.158348][T10838] free:1332513 free_pcp:3238 free_cma:0 [ 235.300113][T10838] Node 0 active_anon:45128kB inactive_anon:0kB active_file:7632kB inactive_file:153400kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:115656kB dirty:1124kB writeback:0kB shmem:23312kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12664kB pagetables:2912kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 235.397846][T10838] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 235.486528][T10838] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 235.553262][T10838] lowmem_reserve[]: 0 2487 2487 2487 2487 [ 235.565766][T10838] Node 0 DMA32 free:1435000kB boost:0kB min:34152kB low:42688kB high:51224kB reserved_highatomic:0KB active_anon:26020kB inactive_anon:0kB active_file:7632kB inactive_file:153300kB unevictable:1536kB writepending:1124kB present:3129332kB managed:2547412kB mlocked:0kB bounce:0kB free_pcp:5276kB local_pcp:4492kB free_cma:0kB [ 235.619135][T10838] lowmem_reserve[]: 0 0 0 0 0 [ 235.624372][T10838] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:8kB inactive_anon:0kB active_file:0kB inactive_file:100kB unevictable:0kB writepending:0kB present:1048580kB managed:108kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 235.651498][T10838] lowmem_reserve[]: 0 0 0 0 0 [ 235.656273][T10838] Node 1 Normal free:3912136kB boost:0kB min:55748kB low:69684kB high:83620kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 235.719918][T10838] lowmem_reserve[]: 0 0 0 0 0 [ 235.747789][T10862] tc_dump_action: action bad kind [ 235.756916][T10860] __nla_validate_parse: 3 callbacks suppressed [ 235.756936][T10860] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1741'. [ 235.762238][T10838] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 235.834996][T10838] Node 0 DMA32: 828*4kB (UME) 748*8kB (UME) 426*16kB (UME) 369*32kB (UME) 216*64kB (UME) 102*128kB (UME) 51*256kB (UME) 32*512kB (UME) 27*1024kB (UM) 8*2048kB (UM) 320*4096kB (UM) = 1438992kB [ 235.884729][T10838] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 235.906568][T10838] Node 1 Normal: 226*4kB (UE) 54*8kB (UME) 39*16kB (UME) 207*32kB (UME) 91*64kB (UME) 33*128kB (UM) 15*256kB (UM) 7*512kB (UME) 3*1024kB (UME) 4*2048kB (UE) 946*4096kB (M) = 3912136kB [ 235.946170][T10838] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 235.962036][T10838] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 235.971553][T10838] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 235.982436][T10838] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 235.992189][T10838] 41739 total pagecache pages [ 235.997028][T10838] 0 pages in swap cache [ 236.001915][T10838] Free swap = 124996kB [ 236.006719][T10838] Total swap = 124996kB [ 236.017405][T10838] 2097051 pages RAM [ 236.021375][T10838] 0 pages HighMem/MovableOnly [ 236.026167][T10838] 428540 pages reserved [ 236.031510][T10838] 0 pages cma reserved [ 236.643482][T10897] erspan0: mtu less than device minimum [ 236.658836][T10906] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1752'. [ 236.816988][T10911] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1751'. [ 237.400859][T10942] [ 237.403249][T10942] ====================================================== [ 237.410286][T10942] WARNING: possible circular locking dependency detected [ 237.417318][T10942] 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 Not tainted [ 237.424433][T10942] ------------------------------------------------------ [ 237.431459][T10942] syz.2.1764/10942 is trying to acquire lock: [ 237.437528][T10942] ffff88805cf20aa8 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_switch_to_fallback+0x35/0xda0 [ 237.448258][T10942] [ 237.448258][T10942] but task is already holding lock: [ 237.455624][T10942] ffff88805cf20258 (sk_lock-AF_INET){+.+.}-{0:0}, at: smc_sendmsg+0x55/0x530 [ 237.464439][T10942] [ 237.464439][T10942] which lock already depends on the new lock. [ 237.464439][T10942] [ 237.474843][T10942] [ 237.474843][T10942] the existing dependency chain (in reverse order) is: [ 237.483860][T10942] [ 237.483860][T10942] -> #2 (sk_lock-AF_INET){+.+.}-{0:0}: [ 237.491517][T10942] lock_acquire+0x116/0x2f0 [ 237.496588][T10942] lock_sock_nested+0x48/0x100 [ 237.501888][T10942] do_ip_setsockopt+0x17e9/0x39c0 [ 237.507444][T10942] ip_setsockopt+0x63/0x100 [ 237.512476][T10942] do_sock_setsockopt+0x3b1/0x710 [ 237.518034][T10942] __x64_sys_setsockopt+0x1ee/0x280 [ 237.523759][T10942] do_syscall_64+0xf3/0x230 [ 237.528791][T10942] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 237.535212][T10942] [ 237.535212][T10942] -> #1 (rtnl_mutex){+.+.}-{4:4}: [ 237.542452][T10942] lock_acquire+0x116/0x2f0 [ 237.547481][T10942] __mutex_lock+0x1a5/0x10c0 [ 237.552597][T10942] do_ip_setsockopt+0x10f0/0x39c0 [ 237.558153][T10942] ip_setsockopt+0x63/0x100 [ 237.563185][T10942] smc_setsockopt+0x25c/0xd50 [ 237.568386][T10942] do_sock_setsockopt+0x3b1/0x710 [ 237.573952][T10942] __x64_sys_setsockopt+0x1ee/0x280 [ 237.579680][T10942] do_syscall_64+0xf3/0x230 [ 237.584714][T10942] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 237.591136][T10942] [ 237.591136][T10942] -> #0 (&smc->clcsock_release_lock){+.+.}-{4:4}: [ 237.599756][T10942] validate_chain+0xa69/0x24e0 [ 237.605051][T10942] __lock_acquire+0xad5/0xd80 [ 237.610252][T10942] lock_acquire+0x116/0x2f0 [ 237.615280][T10942] __mutex_lock+0x1a5/0x10c0 [ 237.620401][T10942] smc_switch_to_fallback+0x35/0xda0 [ 237.626211][T10942] smc_sendmsg+0x11f/0x530 [ 237.631151][T10942] __sock_sendmsg+0x221/0x270 [ 237.636363][T10942] __sys_sendto+0x365/0x4c0 [ 237.641406][T10942] __x64_sys_sendto+0xde/0x100 [ 237.646698][T10942] do_syscall_64+0xf3/0x230 [ 237.651733][T10942] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 237.658154][T10942] [ 237.658154][T10942] other info that might help us debug this: [ 237.658154][T10942] [ 237.668400][T10942] Chain exists of: [ 237.668400][T10942] &smc->clcsock_release_lock --> rtnl_mutex --> sk_lock-AF_INET [ 237.668400][T10942] [ 237.681980][T10942] Possible unsafe locking scenario: [ 237.681980][T10942] [ 237.689427][T10942] CPU0 CPU1 [ 237.694790][T10942] ---- ---- [ 237.700151][T10942] lock(sk_lock-AF_INET); [ 237.704573][T10942] lock(rtnl_mutex); [ 237.711082][T10942] lock(sk_lock-AF_INET); [ 237.718038][T10942] lock(&smc->clcsock_release_lock); [ 237.723419][T10942] [ 237.723419][T10942] *** DEADLOCK *** [ 237.723419][T10942] [ 237.731562][T10942] 1 lock held by syz.2.1764/10942: [ 237.736674][T10942] #0: ffff88805cf20258 (sk_lock-AF_INET){+.+.}-{0:0}, at: smc_sendmsg+0x55/0x530 [ 237.745914][T10942] [ 237.745914][T10942] stack backtrace: [ 237.751800][T10942] CPU: 1 UID: 0 PID: 10942 Comm: syz.2.1764 Not tainted 6.15.0-rc1-syzkaller-00412-g4e34a840613b #0 PREEMPT(full) [ 237.751823][T10942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 237.751834][T10942] Call Trace: [ 237.751843][T10942] [ 237.751851][T10942] dump_stack_lvl+0x241/0x360 [ 237.751877][T10942] ? __pfx_dump_stack_lvl+0x10/0x10 [ 237.751902][T10942] ? __pfx__printk+0x10/0x10 [ 237.751925][T10942] ? print_lock+0x171/0x1a0 [ 237.751945][T10942] print_circular_bug+0x2e1/0x300 [ 237.751969][T10942] check_noncircular+0x142/0x160 [ 237.751993][T10942] validate_chain+0xa69/0x24e0 [ 237.752019][T10942] ? look_up_lock_class+0x7b/0x170 [ 237.752038][T10942] ? register_lock_class+0x54/0x330 [ 237.752055][T10942] __lock_acquire+0xad5/0xd80 [ 237.752075][T10942] lock_acquire+0x116/0x2f0 [ 237.752090][T10942] ? smc_switch_to_fallback+0x35/0xda0 [ 237.752112][T10942] __mutex_lock+0x1a5/0x10c0 [ 237.752130][T10942] ? smc_switch_to_fallback+0x35/0xda0 [ 237.752147][T10942] ? futex_wait_queue+0x31/0x1f0 [ 237.752162][T10942] ? futex_unqueue+0xcb/0xf0 [ 237.752187][T10942] ? smc_switch_to_fallback+0x35/0xda0 [ 237.752203][T10942] ? __pfx___mutex_lock+0x10/0x10 [ 237.752225][T10942] ? __local_bh_enable_ip+0x168/0x200 [ 237.752240][T10942] ? lockdep_hardirqs_on+0x9d/0x150 [ 237.752258][T10942] ? __local_bh_enable_ip+0x168/0x200 [ 237.752274][T10942] smc_switch_to_fallback+0x35/0xda0 [ 237.752290][T10942] ? do_raw_spin_unlock+0x13c/0x8b0 [ 237.752317][T10942] smc_sendmsg+0x11f/0x530 [ 237.752334][T10942] ? __pfx_smc_sendmsg+0x10/0x10 [ 237.752348][T10942] __sock_sendmsg+0x221/0x270 [ 237.752376][T10942] __sys_sendto+0x365/0x4c0 [ 237.752396][T10942] ? __pfx___sys_sendto+0x10/0x10 [ 237.752414][T10942] ? do_futex+0x37c/0x5a0 [ 237.752453][T10942] __x64_sys_sendto+0xde/0x100 [ 237.752472][T10942] do_syscall_64+0xf3/0x230 [ 237.752507][T10942] ? clear_bhb_loop+0x45/0xa0 [ 237.752526][T10942] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 237.752543][T10942] RIP: 0033:0x7f996258e169 [ 237.752558][T10942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 237.752573][T10942] RSP: 002b:00007f996345e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 237.752590][T10942] RAX: ffffffffffffffda RBX: 00007f99627b5fa0 RCX: 00007f996258e169 [ 237.752602][T10942] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 237.752612][T10942] RBP: 00007f9962610a68 R08: 0000200000e68000 R09: 0000000000000010 [ 237.752624][T10942] R10: 00000000200007fd R11: 0000000000000246 R12: 0000000000000000 [ 237.752634][T10942] R13: 0000000000000000 R14: 00007f99627b5fa0 R15: 00007ffea35a8d18 [ 237.752658][T10942] [ 237.756384][T10940] tc_dump_action: action bad kind [ 238.026803][T10943] tc_dump_action: action bad kind