last executing test programs: 1.725390462s ago: executing program 4 (id=489): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x7c, r2, 0x1, 0x70bd26, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_FRAME={0x5c, 0x33, @beacon={{{0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x9}, @broadcast, @device_a, @initial, {0xf, 0x5}}, 0xffffffffffffffff, @default, 0x1000, @val={0x0, 0x6, @default_ibss_ssid}, @val, @val={0x3, 0x1, 0x2c}, @void, @val={0x6, 0x2, 0x1ff}, @val={0x5, 0x3, {0x5, 0x97, 0x5}}, @val={0x25, 0x3, {0x7b, 0x30, 0x5}}, @void, @void, @void, @val={0x72, 0x6}, @val={0x71, 0x7, {0xffffffffffffffff, 0x0, 0x1, 0x0, 0xfd, 0x7, 0x20}}, @val={0x76, 0x6, {0x3, 0x0, 0x2f, 0x6}}}}, @NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}]}, 0x7c}, 0x1, 0x0, 0x0, 0xc0}, 0x0) 1.597127656s ago: executing program 4 (id=494): r0 = socket$inet(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000280)=@newqdisc={0x32, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x14, 0x2, [@TCA_TAPRIO_ATTR_TXTIME_DELAY={0x8, 0xb, 0x4}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x8, 0x2, 0x0, 0x1, [{0x4, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_CMD]}]}]}}]}, 0x44}}, 0x0) 1.370874555s ago: executing program 4 (id=499): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000900)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_STATION(r1, &(0x7f0000001080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)={0x2c, r2, 0xb97534d5fe9700cf, 0x4, 0x25dfdbff, {{0x12}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_STA_FLAGS={0x4}, @NL80211_ATTR_MAC={0xa}]}, 0x2c}, 0x1, 0x0, 0x0, 0x200488c1}, 0x0) 1.176759704s ago: executing program 4 (id=505): r0 = socket$inet_smc(0x2b, 0x1, 0x0) getsockopt$EBT_SO_GET_INIT_INFO(r0, 0x0, 0x82, &(0x7f0000000240)={'filter\x00', 0x0, 0x0, 0x0, [0xf1, 0xfffffffb, 0x7, 0xfee, 0x5, 0x3]}, &(0x7f0000000340)=0x50) 1.159264646s ago: executing program 1 (id=507): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e21, @broadcast}, 0x10) ioctl$int_in(r0, 0x5452, &(0x7f0000002300)=0x200) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) 1.045384684s ago: executing program 2 (id=508): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="1400000010000100"/18], 0x50}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETSETELEM(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000009c0)={0x2c, 0xd, 0xa, 0xe01, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}]}, 0x2c}}, 0x0) 1.044857942s ago: executing program 4 (id=509): sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) bpf$ITER_CREATE(0x21, 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000380)={'vcan0\x00', 0x0}) r2 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000280)={'vcan0\x00', 0x0}) bind$can_j1939(r2, &(0x7f0000000100)={0x1d, r3, 0x0, {}, 0xfd}, 0x18) connect$can_j1939(r2, &(0x7f0000000080)={0x1d, r3, 0x0, {0x0, 0xf0, 0x2}, 0xfe}, 0x18) sendmsg$can_j1939(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)="434a9c5c0c00000000", 0x9}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000007c0)=@newtfilter={0x24, 0x11, 0x1, 0x74bd2b, 0x100000, {0x0, 0x0, 0x74, r1, {0xfff3, 0x8}, {0x4, 0xfff3}, {0xffe0, 0xffe0}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4010}, 0x0) 1.044576288s ago: executing program 1 (id=510): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_BSS(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x24, r2, 0x90d, 0x70bd26, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_P2P_OPPPS={0x5, 0xa3, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4840}, 0x80) 880.065835ms ago: executing program 0 (id=513): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0xd000000, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='cdg\x00', 0x4) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmmsg(r0, &(0x7f0000009880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000002840)=[{0xc, 0x102, 0x1000}, {0xc, 0x102, 0x5}], 0x18}}, {{0x0, 0x0, &(0x7f0000003ec0)}}, {{0x0, 0x0, 0x0}}], 0x3, 0x4000) 879.195467ms ago: executing program 3 (id=514): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a80)={{0x14}, [@NFT_MSG_NEWRULE={0x40, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @masq={{0x9}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3cd2e7b3d6526bf5}}}, 0x68}}, 0x0) syz_emit_ethernet(0x26, &(0x7f00000013c0)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x10}, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x21, 0x0, @remote, @remote}, "dd9dec79"}}}}, 0x0) 825.409423ms ago: executing program 1 (id=515): syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x2, 0x0, 0x4, 0x1, 0x0, @rand_addr=0x64010100, @local}, @time_exceeded={0xb, 0x1, 0x0, 0x3, 0x24, 0x0, {0x5, 0x4, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x29, 0x0, @private, @local}}}}}}, 0x0) 824.895589ms ago: executing program 2 (id=516): socket(0x10, 0x2, 0x0) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x48890) sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="48040000", @ANYRES16=r2, @ANYBLOB="01e5c300000000fb04003b1c210008000300", @ANYRES32=r1, @ANYBLOB="2c0433005000de295b3acba52ee4080211000001505050505050"], 0x448}}, 0x0) 819.566017ms ago: executing program 0 (id=517): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000020000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000540)=ANY=[@ANYBLOB="6c00000010001fff109e00008000000000000000", @ANYRES32=0x0, @ANYBLOB="00000000003f0000440012800b00010067656e6576650000340002800500030003000000060005004e20000005000400ab000000050009000100000005000a0001000000050009000100000008000a00", @ANYRES32=r3], 0x6c}, 0x1, 0x0, 0x0, 0x1}, 0x0) 736.516695ms ago: executing program 1 (id=518): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x2, 0x0, 0x0, 0x7, 0x8}, {0x12, 0x3, 0x0, 0x1, 0x1, 0x400}, 0xa5, 0x4, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x78, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xf}, {0xa, 0xa}, {0x6}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x7, 0x8, 0x4, 0x0, 0x7}, 0xf0, 0x1, 0x31a, 0x3, 0x88a, 0x0, 0x8e, 0x1f, 0x1, 0xff, {0x4415, 0x2, 0x800, 0x5, 0x0, 0x5}}}}]}, 0x78}}, 0x4000) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000004000)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014751c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a0c93d47018c12e7ba8188a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab188dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b4896c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e547f7ad33850d9feccd0111a2e3700845dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005202000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a12489c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af14915f29b719f54926fc32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86ae826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa520000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da357f9e93ce055019c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c672b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981fd9086e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2826b47ad8ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b478abc5b196dd5308cb20c4e2a0bd702651bb39f10523102dcd8ece692159028f314e0d6bfa400475c6699fdc40efe0948e3cef7419a7f113134e5ee20fd87c4521ccfbd32d6f147f743d30866bdd86ca8bf0c7bcc475f4ed53517aaa51f1c151d859a7f0b53abd332c84bdad313e82ac3777a6f7f649ff8a25f6dfe09cb29213896b49a825257bf143e9fa3bbd47009e66fe5705b3ef2b40a182e408c680727d64e00e1ce508f8fd64ac6c84ccc28fc333067de63b9bb5daaa12ce60ee3779ded79651be69d2a413cd948a873dd7ad7017b150828cf100d3df8537f22aff58343c9ee966fceb594bbe10b911427f76a25a219be2f85287b7f83d323a30991067ad1369792166062085ff20c5fb9f6e4f78dd09c7d2d6ca3c8a5d0d26ccbe576f44a1bc94194817"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0xe80, 0x6000, &(0x7f0000000640)="b9ff03076844268cb89e14f088a847e088641100050000210283ac141440e0", 0x0, 0x11, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x48) 525.290813ms ago: executing program 1 (id=519): socket$packet(0x11, 0xa, 0x300) r0 = socket$inet(0x2, 0x3, 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) sendmmsg$inet(r0, &(0x7f0000000280)=[{{&(0x7f0000000200)={0x2, 0x4e22, @local}, 0x10, 0x0}}], 0x1, 0x4000) 524.278745ms ago: executing program 2 (id=520): r0 = socket$inet6(0xa, 0x2, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000100)=0xffff, 0x4) sendto$inet6(r0, &(0x7f0000000000)="800037bbfa9ba1ce", 0x8, 0x0, &(0x7f0000001100)={0xa, 0x0, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000000bc0)=[{{0x0, 0x0, 0x0}, 0x9}], 0x1, 0x10102, 0x0) 523.963511ms ago: executing program 0 (id=521): r0 = socket(0x11, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000005c0)={'ip6gretap0\x00', 0x0}) bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @remote}, 0x14) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0xe9, 0x4) sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000003080)=[{&(0x7f0000000280)=ANY=[@ANYBLOB="3f011400dcdc18"], 0xdd12}], 0x1}, 0x20040051) 516.59855ms ago: executing program 3 (id=522): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000007c0)=@newqdisc={0x24, 0x24, 0xd0f, 0x70bd29, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffe0, 0xa}, {0x2, 0x10}}}, 0x24}, 0x1, 0x0, 0x0, 0x54}, 0x4000) 503.624873ms ago: executing program 1 (id=523): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x80001, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$kcm(0x2, 0xa, 0x2) pselect6(0x40, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, &(0x7f0000000240)={0x1f, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) 365.321349ms ago: executing program 0 (id=524): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x8003}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1, 0x0, 0x4}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x3c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @reject={{0xb}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0xb0}}, 0x0) 364.985629ms ago: executing program 3 (id=525): syz_emit_ethernet(0x46, &(0x7f0000000140)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x9, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x6, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@rr={0x7, 0xb, 0x5, [@remote, @rand_addr]}, @timestamp={0x44, 0x4, 0x0, 0x0, 0x3}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0) 364.685393ms ago: executing program 2 (id=526): r0 = socket$xdp(0x2c, 0x3, 0x0) r1 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x800}, 0x20) setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f00000003c0)=0x800, 0x4) setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f000000cdc0)=0x10, 0x4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'veth1_to_batadv\x00', 0x0}) setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4) setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4) bind$xdp(r1, &(0x7f00000001c0)={0x2c, 0x8, r3}, 0x10) bind$xdp(r0, &(0x7f0000000200)={0x2c, 0x1, r3, 0x24, r1}, 0x10) 325.439052ms ago: executing program 3 (id=527): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x24, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}}, 0x24}}, 0x44080) 309.578478ms ago: executing program 0 (id=528): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(blowfish))\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5", 0x4) r1 = accept4(r0, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), r1) sendmsg$alg(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000140)="8492", 0x2}, {&(0x7f0000003800)="1b0262cc3e46c8", 0x7}], 0x2, &(0x7f0000000180)=[@op={0x10, 0x117, 0x3, 0x1}], 0x10, 0x20000050}, 0xcf253c578c596b15) 223.648284ms ago: executing program 3 (id=529): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r2 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r1, &(0x7f0000000380)={@val={0x1c, 0x800}, @val={0x1, 0x3, 0x0, 0x14, 0x14}, @mpls={[], @ipv4=@tcp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x68, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x200, 0x0, 0x41424344, 0x41424344, 0x0, 0x2, 0x8, 0x0, 0x0, 0x0, 0x1c, {[@mptcp=@syn={0x1e, 0xc, 0x4, 0x1, 0x24, 0x2, 0x4}]}}}}}}, 0x42) 223.327931ms ago: executing program 2 (id=530): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_int(r0, 0x1, 0x2a, &(0x7f0000000040)=0x1, 0x4) 89.878393ms ago: executing program 2 (id=531): r0 = socket$nl_route(0x10, 0x3, 0x0) recvmsg(r0, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=@bridge_getneigh={0x20, 0x1e, 0x3c964e403b131b43}, 0x20}}, 0x0) 88.601648ms ago: executing program 4 (id=532): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_PAUSE_SET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="310428bd7000ffffffff1600000018000180140002006e657464657673696d300040000000000500030000000000050002"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 9.433568ms ago: executing program 0 (id=533): r0 = socket(0x2, 0x80805, 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10) setsockopt$inet_sctp_SCTP_RESET_ASSOC(r0, 0x84, 0x78, &(0x7f0000000180), 0x4) 0s ago: executing program 3 (id=534): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000400)={0xa, 0x2, 0xac3, @loopback, 0x9}, 0x1c) setsockopt$inet6_tcp_int(r0, 0x6, 0xa, &(0x7f0000001100)=0x8, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.63' (ED25519) to the list of known hosts. [ 66.554828][ T5817] cgroup: Unknown subsys name 'net' [ 66.706896][ T5817] cgroup: Unknown subsys name 'cpuset' [ 66.715934][ T5817] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 68.119904][ T5817] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 71.299799][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.306678][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.973264][ T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 71.981439][ T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 71.989349][ T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 71.997624][ T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 72.014162][ T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 72.054196][ T5831] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 72.062244][ T5831] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 72.070416][ T5831] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 72.077871][ T5831] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 72.087274][ T5831] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 72.137529][ T5838] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 72.146202][ T5841] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 72.149265][ T5838] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 72.154423][ T5841] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 72.168624][ T5841] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 72.184730][ T51] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 72.203994][ T51] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 72.219598][ T5841] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 72.235159][ T5841] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 72.246331][ T5841] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 72.263973][ T5831] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 72.273272][ T5831] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 72.284389][ T5831] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 72.292670][ T5831] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 72.300549][ T5831] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 72.831862][ T5828] chnl_net:caif_netlink_parms(): no params data found [ 72.882930][ T5842] chnl_net:caif_netlink_parms(): no params data found [ 73.012823][ T5832] chnl_net:caif_netlink_parms(): no params data found [ 73.057039][ T5845] chnl_net:caif_netlink_parms(): no params data found [ 73.099296][ T5833] chnl_net:caif_netlink_parms(): no params data found [ 73.219381][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.227133][ T5828] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.234705][ T5828] bridge_slave_0: entered allmulticast mode [ 73.241687][ T5828] bridge_slave_0: entered promiscuous mode [ 73.250329][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.258344][ T5828] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.265710][ T5828] bridge_slave_1: entered allmulticast mode [ 73.272646][ T5828] bridge_slave_1: entered promiscuous mode [ 73.305522][ T5842] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.312678][ T5842] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.320056][ T5842] bridge_slave_0: entered allmulticast mode [ 73.328530][ T5842] bridge_slave_0: entered promiscuous mode [ 73.376805][ T5842] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.384050][ T5842] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.391190][ T5842] bridge_slave_1: entered allmulticast mode [ 73.398979][ T5842] bridge_slave_1: entered promiscuous mode [ 73.439871][ T5828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 73.449083][ T5832] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.456573][ T5832] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.464266][ T5832] bridge_slave_0: entered allmulticast mode [ 73.471848][ T5832] bridge_slave_0: entered promiscuous mode [ 73.514960][ T5828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 73.538478][ T5832] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.545938][ T5832] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.553213][ T5832] bridge_slave_1: entered allmulticast mode [ 73.560440][ T5832] bridge_slave_1: entered promiscuous mode [ 73.594400][ T5842] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 73.609334][ T5842] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 73.650921][ T5832] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 73.673378][ T5845] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.681088][ T5845] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.689780][ T5845] bridge_slave_0: entered allmulticast mode [ 73.698082][ T5845] bridge_slave_0: entered promiscuous mode [ 73.731369][ T5828] team0: Port device team_slave_0 added [ 73.739677][ T5832] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 73.764106][ T5845] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.771217][ T5845] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.780673][ T5845] bridge_slave_1: entered allmulticast mode [ 73.787750][ T5845] bridge_slave_1: entered promiscuous mode [ 73.819884][ T5828] team0: Port device team_slave_1 added [ 73.881226][ T5842] team0: Port device team_slave_0 added [ 73.890708][ T5842] team0: Port device team_slave_1 added [ 73.896968][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.905414][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.912588][ T5833] bridge_slave_0: entered allmulticast mode [ 73.919839][ T5833] bridge_slave_0: entered promiscuous mode [ 73.940407][ T5832] team0: Port device team_slave_0 added [ 73.950679][ T5845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 73.962051][ T5845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 73.982129][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.989795][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.997053][ T5833] bridge_slave_1: entered allmulticast mode [ 74.004237][ T5833] bridge_slave_1: entered promiscuous mode [ 74.011633][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 74.020425][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.047278][ T5828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 74.060339][ T5832] team0: Port device team_slave_1 added [ 74.094487][ T5841] Bluetooth: hci0: command tx timeout [ 74.132283][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 74.139349][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.166755][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 74.191952][ T5845] team0: Port device team_slave_0 added [ 74.199579][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 74.206553][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.232535][ T5842] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 74.245301][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 74.252252][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.278333][ T5841] Bluetooth: hci1: command tx timeout [ 74.278795][ T5842] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 74.284101][ T5841] Bluetooth: hci2: command tx timeout [ 74.320776][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 74.327775][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.353929][ T5832] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 74.357202][ T5831] Bluetooth: hci4: command tx timeout [ 74.366869][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 74.369942][ T5841] Bluetooth: hci3: command tx timeout [ 74.376877][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.376916][ T5832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 74.379169][ T5845] team0: Port device team_slave_1 added [ 74.434650][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 74.447088][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 74.519559][ T5833] team0: Port device team_slave_0 added [ 74.528290][ T5833] team0: Port device team_slave_1 added [ 74.535659][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 74.542605][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.568590][ T5845] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 74.628268][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 74.635300][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.661738][ T5845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 74.693985][ T5828] hsr_slave_0: entered promiscuous mode [ 74.700245][ T5828] hsr_slave_1: entered promiscuous mode [ 74.766783][ T5832] hsr_slave_0: entered promiscuous mode [ 74.772998][ T5832] hsr_slave_1: entered promiscuous mode [ 74.779465][ T5832] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 74.787288][ T5832] Cannot create hsr debugfs directory [ 74.793262][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 74.800729][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.826720][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 74.842702][ T5842] hsr_slave_0: entered promiscuous mode [ 74.851203][ T5842] hsr_slave_1: entered promiscuous mode [ 74.857477][ T5842] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 74.865250][ T5842] Cannot create hsr debugfs directory [ 74.888488][ T5845] hsr_slave_0: entered promiscuous mode [ 74.895198][ T5845] hsr_slave_1: entered promiscuous mode [ 74.901164][ T5845] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 74.908931][ T5845] Cannot create hsr debugfs directory [ 74.945207][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 74.952159][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.979050][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 75.130078][ T5833] hsr_slave_0: entered promiscuous mode [ 75.137136][ T5833] hsr_slave_1: entered promiscuous mode [ 75.143175][ T5833] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 75.150775][ T5833] Cannot create hsr debugfs directory [ 75.587796][ T5828] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 75.599813][ T5828] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 75.613007][ T5828] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 75.638572][ T5828] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 75.690059][ T5832] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 75.719690][ T5832] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 75.739625][ T5832] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 75.751113][ T5832] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 75.804565][ T5842] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 75.825941][ T5842] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 75.854782][ T5842] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 75.889143][ T5842] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 75.921419][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0 [ 75.954473][ T5833] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 75.967969][ T5833] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 75.979591][ T5833] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 76.010639][ T5833] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 76.074827][ T5828] 8021q: adding VLAN 0 to HW filter on device team0 [ 76.120497][ T3525] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.127911][ T3525] bridge0: port 1(bridge_slave_0) entered forwarding state [ 76.161249][ T3525] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.168366][ T3525] bridge0: port 2(bridge_slave_1) entered forwarding state [ 76.175105][ T5841] Bluetooth: hci0: command tx timeout [ 76.193171][ T5845] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 76.224745][ T5845] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 76.264900][ T5845] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 76.276117][ T5845] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 76.316479][ T5832] 8021q: adding VLAN 0 to HW filter on device bond0 [ 76.335177][ T5841] Bluetooth: hci2: command tx timeout [ 76.341510][ T5831] Bluetooth: hci1: command tx timeout [ 76.414241][ T5841] Bluetooth: hci3: command tx timeout [ 76.414248][ T5831] Bluetooth: hci4: command tx timeout [ 76.441739][ T5832] 8021q: adding VLAN 0 to HW filter on device team0 [ 76.499746][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0 [ 76.517541][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.524685][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 76.537295][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.544438][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 76.603435][ T5842] 8021q: adding VLAN 0 to HW filter on device bond0 [ 76.633596][ T5833] 8021q: adding VLAN 0 to HW filter on device team0 [ 76.680576][ T5842] 8021q: adding VLAN 0 to HW filter on device team0 [ 76.700903][ T3525] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.708043][ T3525] bridge0: port 1(bridge_slave_0) entered forwarding state [ 76.740856][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.747979][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 76.758856][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.765969][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 76.782867][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.790442][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 76.803603][ T5832] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 76.833217][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0 [ 76.888806][ T5845] 8021q: adding VLAN 0 to HW filter on device team0 [ 76.906272][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 76.943237][ T65] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.950483][ T65] bridge0: port 1(bridge_slave_0) entered forwarding state [ 76.989080][ T65] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.996240][ T65] bridge0: port 2(bridge_slave_1) entered forwarding state [ 77.112988][ T5845] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 77.127386][ T5845] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 77.214471][ T5828] veth0_vlan: entered promiscuous mode [ 77.238651][ T5832] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 77.286819][ T5828] veth1_vlan: entered promiscuous mode [ 77.372777][ T5828] veth0_macvtap: entered promiscuous mode [ 77.413419][ T5828] veth1_macvtap: entered promiscuous mode [ 77.494459][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 77.530964][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 77.643006][ T49] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.680250][ T49] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.712151][ T49] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.732205][ T49] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.808080][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 77.847541][ T5842] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 77.878400][ T2126] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.899182][ T2126] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.906751][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 77.979028][ T3525] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.990837][ T3525] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.065901][ T5832] veth0_vlan: entered promiscuous mode [ 78.086567][ T5845] veth0_vlan: entered promiscuous mode [ 78.093548][ T5828] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 78.105674][ T5842] veth0_vlan: entered promiscuous mode [ 78.133160][ T5832] veth1_vlan: entered promiscuous mode [ 78.148152][ T5842] veth1_vlan: entered promiscuous mode [ 78.187466][ T5833] veth0_vlan: entered promiscuous mode [ 78.236582][ T5845] veth1_vlan: entered promiscuous mode [ 78.255841][ T5841] Bluetooth: hci0: command tx timeout [ 78.266908][ T5941] netlink: 'syz.0.1': attribute type 1 has an invalid length. [ 78.279522][ T5833] veth1_vlan: entered promiscuous mode [ 78.288057][ T5832] veth0_macvtap: entered promiscuous mode [ 78.311033][ T5832] veth1_macvtap: entered promiscuous mode [ 78.378071][ T5942] veth3: entered promiscuous mode [ 78.401446][ T5842] veth0_macvtap: entered promiscuous mode [ 78.415067][ T5842] veth1_macvtap: entered promiscuous mode [ 78.415828][ T5841] Bluetooth: hci2: command tx timeout [ 78.426913][ T5831] Bluetooth: hci1: command tx timeout [ 78.467763][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 78.476128][ T5845] veth0_macvtap: entered promiscuous mode [ 78.494010][ T5841] Bluetooth: hci4: command tx timeout [ 78.494304][ T5833] veth0_macvtap: entered promiscuous mode [ 78.505403][ T5841] Bluetooth: hci3: command tx timeout [ 78.527682][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 78.556429][ T5845] veth1_macvtap: entered promiscuous mode [ 78.577299][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 78.625755][ T5833] veth1_macvtap: entered promiscuous mode [ 78.634208][ T2126] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.642947][ T2126] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.679322][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 78.721229][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 78.732016][ T2126] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.784975][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 78.798928][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 78.856097][ T2126] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.925204][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 78.946719][ T2126] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.006876][ T2126] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.018379][ T2126] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.037037][ T2126] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.046822][ T2126] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.084273][ T2126] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.095381][ T2126] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.122866][ T3455] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.131978][ T3455] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.158468][ T65] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.158637][ T3455] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.182173][ T65] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.201735][ T3455] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.263530][ T3455] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 79.282774][ T3455] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.304221][ T3455] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.379901][ T5928] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.403762][ T5928] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.451945][ T2126] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.471111][ T2126] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.510186][ T5928] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.527704][ T5928] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.637759][ T2126] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.658139][ T2126] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.819489][ T3455] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.828168][ T3455] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.860785][ T5973] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3'. [ 79.930316][ T65] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.959968][ T65] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.091705][ T5979] netlink: 'syz.0.10': attribute type 1 has an invalid length. [ 80.133509][ T5979] netlink: 184 bytes leftover after parsing attributes in process `syz.0.10'. [ 80.160068][ T5979] netlink: 'syz.0.10': attribute type 1 has an invalid length. [ 80.229832][ T5983] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2'. [ 80.334128][ T5841] Bluetooth: hci0: command tx timeout [ 80.406863][ T5983] Zero length message leads to an empty skb [ 80.408354][ T5991] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 80.493991][ T5841] Bluetooth: hci2: command tx timeout [ 80.499450][ T5831] Bluetooth: hci1: command tx timeout [ 80.535492][ T5995] unknown channel width for channel at 909000KHz? [ 80.574307][ T5831] Bluetooth: hci3: command tx timeout [ 80.579774][ T5841] Bluetooth: hci4: command tx timeout [ 81.101226][ T6020] bond0: option primary: mode dependency failed, not supported in mode balance-rr(0) [ 81.342347][ T6030] Driver unsupported XDP return value 0 on prog (id 11) dev N/A, expect packet loss! [ 81.432467][ T6030] netlink: 20 bytes leftover after parsing attributes in process `syz.2.24'. [ 81.464621][ T6030] netlink: 40 bytes leftover after parsing attributes in process `syz.2.24'. [ 81.495119][ T6030] (unnamed net_device) (uninitialized): option min_links: invalid value (18446744073709551615) [ 81.512933][ T6030] (unnamed net_device) (uninitialized): option min_links: allowed values 0 - 2147483647 [ 81.626526][ T6031] netlink: 56 bytes leftover after parsing attributes in process `syz.2.24'. [ 82.192108][ T6051] netlink: 56 bytes leftover after parsing attributes in process `syz.1.32'. [ 82.257215][ T6058] batadv1: entered promiscuous mode [ 82.747149][ T6065] syzkaller1: entered promiscuous mode [ 82.763912][ T6065] syzkaller1: entered allmulticast mode [ 82.786784][ T6079] netlink: 12 bytes leftover after parsing attributes in process `syz.0.36'. [ 82.801855][ T6081] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 82.951494][ T6079] netlink: 128 bytes leftover after parsing attributes in process `syz.0.36'. [ 83.016656][ T6079] netlink: 8 bytes leftover after parsing attributes in process `syz.0.36'. [ 83.083599][ T6079] trusted_key: syz.0.36 sent an empty control message without MSG_MORE. [ 84.030715][ T6117] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.039081][ T6117] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.302066][ T6117] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 84.331247][ T6117] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 84.579820][ T65] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 84.614943][ T65] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 84.645898][ T65] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 84.681904][ T65] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 84.738358][ T6117] syz.0.48 (6117) used greatest stack depth: 19928 bytes left [ 85.730486][ T6176] __nla_validate_parse: 4 callbacks suppressed [ 85.730504][ T6176] netlink: 36 bytes leftover after parsing attributes in process `syz.0.68'. [ 86.364560][ T6201] netlink: 'syz.0.72': attribute type 13 has an invalid length. [ 86.379788][ T6201] netlink: 'syz.0.72': attribute type 17 has an invalid length. [ 86.402215][ T6202] netlink: 32 bytes leftover after parsing attributes in process `syz.3.73'. [ 86.663173][ T24] cfg80211: failed to load regulatory.db [ 87.052656][ T6192] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 87.057188][ T6201] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.111841][ T6201] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.178407][ T6201] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 87.243804][ T6216] syzkaller1: entered promiscuous mode [ 87.250094][ T6216] syzkaller1: entered allmulticast mode [ 87.429070][ T6229] netlink: 12 bytes leftover after parsing attributes in process `syz.3.79'. [ 87.494183][ T6228] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 87.502565][ T6228] team0: Device ipvlan2 is already an upper device of the team interface [ 87.518662][ T6232] netlink: 'syz.4.80': attribute type 10 has an invalid length. [ 87.533078][ T6232] netlink: 40 bytes leftover after parsing attributes in process `syz.4.80'. [ 87.575009][ T6232] bridge0: port 3(dummy0) entered blocking state [ 87.581830][ T6232] bridge0: port 3(dummy0) entered disabled state [ 87.595035][ T6201] syz.0.72 (6201) used greatest stack depth: 19456 bytes left [ 87.605411][ T6232] dummy0: entered allmulticast mode [ 87.623812][ T6232] dummy0: entered promiscuous mode [ 87.629727][ T6232] bridge0: port 3(dummy0) entered blocking state [ 87.636249][ T6232] bridge0: port 3(dummy0) entered forwarding state [ 87.719155][ T6238] sctp: failed to load transform for md5: -2 [ 87.766913][ T6232] sctp: failed to load transform for md5: -2 [ 87.809897][ T6246] netlink: 8 bytes leftover after parsing attributes in process `syz.1.84'. [ 88.046278][ T6263] syz.2.89: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 88.062446][ T6259] netlink: 4 bytes leftover after parsing attributes in process `syz.1.87'. [ 88.107429][ T6259] mac80211_hwsim hwsim7 wlan0: entered promiscuous mode [ 88.124559][ T6263] CPU: 0 UID: 0 PID: 6263 Comm: syz.2.89 Not tainted 6.16.0-rc3-syzkaller-00902-gbeead7eea896 #0 PREEMPT(full) [ 88.124587][ T6263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 88.124603][ T6263] Call Trace: [ 88.124611][ T6263] [ 88.124618][ T6263] dump_stack_lvl+0x189/0x250 [ 88.124659][ T6263] ? __pfx_dump_stack_lvl+0x10/0x10 [ 88.124684][ T6263] ? __pfx__printk+0x10/0x10 [ 88.124703][ T6263] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 88.124722][ T6263] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 88.124743][ T6263] ? cpuset_print_current_mems_allowed+0x2ee/0x360 [ 88.124772][ T6263] warn_alloc+0x214/0x310 [ 88.124791][ T6263] ? stack_depot_save_flags+0x40/0x900 [ 88.124817][ T6263] ? __pfx_warn_alloc+0x10/0x10 [ 88.124838][ T6263] ? kasan_save_track+0x4f/0x80 [ 88.124862][ T6263] ? xskq_create+0x56/0x170 [ 88.124878][ T6263] ? xsk_init_queue+0xb0/0x110 [ 88.124893][ T6263] ? xsk_setsockopt+0x43f/0x710 [ 88.124908][ T6263] ? do_sock_setsockopt+0x25a/0x3e0 [ 88.124928][ T6263] ? __x64_sys_setsockopt+0x18b/0x220 [ 88.124948][ T6263] ? do_syscall_64+0xfa/0x3b0 [ 88.124966][ T6263] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.124992][ T6263] __vmalloc_node_range_noprof+0x125/0x12f0 [ 88.125043][ T6263] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 88.125069][ T6263] ? __kasan_kmalloc+0x93/0xb0 [ 88.125089][ T6263] vmalloc_user_noprof+0xad/0xf0 [ 88.125107][ T6263] ? xskq_create+0xbf/0x170 [ 88.125126][ T6263] xskq_create+0xbf/0x170 [ 88.125147][ T6263] xsk_init_queue+0xb0/0x110 [ 88.125167][ T6263] xsk_setsockopt+0x43f/0x710 [ 88.125187][ T6263] ? __pfx_xsk_setsockopt+0x10/0x10 [ 88.125201][ T6263] ? __lock_acquire+0xab9/0xd20 [ 88.125230][ T6263] ? bpf_lsm_socket_setsockopt+0x9/0x20 [ 88.125250][ T6263] ? __pfx_xsk_setsockopt+0x10/0x10 [ 88.125267][ T6263] do_sock_setsockopt+0x25a/0x3e0 [ 88.125291][ T6263] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 88.125318][ T6263] ? __fget_files+0x2a/0x420 [ 88.125344][ T6263] __x64_sys_setsockopt+0x18b/0x220 [ 88.125369][ T6263] do_syscall_64+0xfa/0x3b0 [ 88.125386][ T6263] ? lockdep_hardirqs_on+0x9c/0x150 [ 88.125403][ T6263] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.125419][ T6263] ? clear_bhb_loop+0x60/0xb0 [ 88.125438][ T6263] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.125452][ T6263] RIP: 0033:0x7fd72c18e929 [ 88.125473][ T6263] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 88.125486][ T6263] RSP: 002b:00007fd729ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 88.125504][ T6263] RAX: ffffffffffffffda RBX: 00007fd72c3b5fa0 RCX: 00007fd72c18e929 [ 88.125516][ T6263] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000006 [ 88.125525][ T6263] RBP: 00007fd72c210b39 R08: 0000000000000004 R09: 0000000000000000 [ 88.125534][ T6263] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 88.125544][ T6263] R13: 0000000000000000 R14: 00007fd72c3b5fa0 R15: 00007ffccce1e4b8 [ 88.125570][ T6263] [ 88.125581][ T6263] Mem-Info: [ 88.151348][ T6259] macsec1: entered allmulticast mode [ 88.173883][ T6263] active_anon:4390 inactive_anon:0 isolated_anon:0 [ 88.173883][ T6263] active_file:1342 inactive_file:39824 isolated_file:0 [ 88.173883][ T6263] unevictable:768 dirty:1556 writeback:0 [ 88.173883][ T6263] slab_reclaimable:10386 slab_unreclaimable:106309 [ 88.173883][ T6263] mapped:28990 shmem:1361 pagetables:1055 [ 88.173883][ T6263] sec_pagetables:0 bounce:0 [ 88.173883][ T6263] kernel_misc_reclaimable:0 [ 88.173883][ T6263] free:1320232 free_pcp:21584 free_cma:0 [ 88.220118][ T6259] mac80211_hwsim hwsim7 wlan0: entered allmulticast mode [ 88.388677][ T6263] Node 0 active_anon:17760kB inactive_anon:0kB active_file:5368kB inactive_file:159096kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:116060kB dirty:6212kB writeback:0kB shmem:3908kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11608kB pagetables:4300kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 88.540930][ T6263] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:12kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:120kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 88.572467][ T6263] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 88.577293][ T6259] mac80211_hwsim hwsim7 wlan0: left allmulticast mode [ 88.617915][ T6259] mac80211_hwsim hwsim7 wlan0: left promiscuous mode [ 88.624791][ T6263] lowmem_reserve[]: 0 2500 2502 2502 2502 [ 88.639589][ T6281] netlink: 16 bytes leftover after parsing attributes in process `syz.3.93'. [ 88.676475][ T6268] sit0: entered promiscuous mode [ 88.681522][ T6268] sit0: entered allmulticast mode [ 88.683769][ T6263] Node 0 DMA32 free:1363292kB boost:0kB min:34264kB low:42828kB high:51392kB reserved_highatomic:0KB free_highatomic:0KB active_anon:17612kB inactive_anon:0kB active_file:5368kB inactive_file:157288kB unevictable:1536kB writepending:6204kB present:3129332kB managed:2560932kB mlocked:0kB bounce:0kB free_pcp:66052kB local_pcp:32872kB free_cma:0kB [ 88.772697][ T6263] lowmem_reserve[]: 0 0 1 1 1 [ 88.791751][ T6263] Node 0 Normal free:28kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1808kB unevictable:0kB writepending:8kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB [ 88.825827][ T6263] lowmem_reserve[]: 0 0 0 0 0 [ 88.830644][ T6263] Node 1 Normal free:3901096kB boost:0kB min:55612kB low:69512kB high:83412kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:12kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:20608kB local_pcp:7360kB free_cma:0kB [ 88.893017][ T6263] lowmem_reserve[]: 0 0 0 0 0 [ 88.903151][ T6263] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 88.967583][ T6263] Node 0 DMA32: 36*4kB (ME) 194*8kB (UME) 103*16kB (UM) 108*32kB (UME) 42*64kB (UME) 37*128kB (UME) 17*256kB (UME) 11*512kB (UM) 8*1024kB (UME) 4*2048kB (M) 323*4096kB (M) = 1363600kB [ 89.018376][ T6263] Node 0 Normal: 1*4kB (M) 1*8kB (M) 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 28kB [ 89.062622][ T6263] Node 1 Normal: 210*4kB (UME) 56*8kB (UME) 36*16kB (UME) 63*32kB (UME) 24*64kB (UME) 3*128kB (UME) 2*256kB (M) 3*512kB (ME) 2*1024kB (ME) 2*2048kB (UE) 949*4096kB (M) = 3901096kB [ 89.114145][ T6263] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 89.130168][ T6263] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 89.179294][ T6263] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 89.202704][ T6263] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 89.212239][ T6263] 42559 total pagecache pages [ 89.218606][ T6263] 0 pages in swap cache [ 89.222902][ T6263] Free swap = 124996kB [ 89.227306][ T6263] Total swap = 124996kB [ 89.232097][ T6263] 2097051 pages RAM [ 89.239221][ T6263] 0 pages HighMem/MovableOnly [ 89.246267][ T6263] 424712 pages reserved [ 89.250547][ T6263] 0 pages cma reserved [ 89.629117][ T6324] netlink: 'syz.1.108': attribute type 12 has an invalid length. [ 89.659669][ T6324] netlink: 9472 bytes leftover after parsing attributes in process `syz.1.108'. [ 89.970927][ T6339] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic [ 89.996391][ T6340] netlink: 'syz.0.117': attribute type 4 has an invalid length. [ 90.699882][ T6383] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input5 [ 90.943350][ T6396] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 91.400540][ T6429] netlink: 4 bytes leftover after parsing attributes in process `syz.0.158'. [ 92.009263][ T6457] netlink: 12 bytes leftover after parsing attributes in process `syz.2.171'. [ 93.151226][ T6505] netlink: 16 bytes leftover after parsing attributes in process `syz.1.192'. [ 93.361301][ T6509] netdevsim netdevsim1 netdevsim0: entered promiscuous mode [ 93.361484][ T6510] netlink: 16 bytes leftover after parsing attributes in process `syz.3.193'. [ 93.526613][ T6516] netlink: 4 bytes leftover after parsing attributes in process `syz.1.197'. [ 93.611767][ T6520] ip6gretap0: entered promiscuous mode [ 93.626248][ T6520] macsec1: entered allmulticast mode [ 93.631876][ T6520] ip6gretap0: entered allmulticast mode [ 93.670440][ T6520] ip6gretap0: left allmulticast mode [ 93.676260][ T6520] ip6gretap0: left promiscuous mode [ 93.719453][ T6523] netdevsim netdevsim1 netdevsim0: left promiscuous mode [ 93.728008][ T6523] netdevsim netdevsim1 netdevsim0: entered allmulticast mode [ 94.373286][ T6560] netlink: 4 bytes leftover after parsing attributes in process `syz.2.215'. [ 95.520632][ T6609] netlink: 'syz.1.236': attribute type 3 has an invalid length. [ 95.715260][ T6621] dvmrp1: entered allmulticast mode [ 95.943837][ T6630] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 95.968423][ T6630] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 96.196196][ T6647] syz.3.253 uses obsolete (PF_INET,SOCK_PACKET) [ 96.275280][ T6652] netlink: 4 bytes leftover after parsing attributes in process `syz.2.255'. [ 96.322698][ T6652] batadv0: entered promiscuous mode [ 96.329718][ T6652] macvtap1: entered promiscuous mode [ 96.337357][ T6652] macvtap1: entered allmulticast mode [ 96.342870][ T6652] batadv0: entered allmulticast mode [ 96.350040][ T6652] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 96.360546][ T6656] netlink: 32 bytes leftover after parsing attributes in process `syz.4.258'. [ 96.394472][ T6659] batadv0: left allmulticast mode [ 96.404713][ T6659] batadv0: left promiscuous mode [ 96.679267][ T6672] Bluetooth: MGMT ver 1.23 [ 96.778402][ T6673] netlink: set zone limit has 4 unknown bytes [ 97.129139][ T6695] bridge0: entered promiscuous mode [ 97.139619][ T6695] vlan2: entered promiscuous mode [ 97.269387][ T6701] netlink: 8 bytes leftover after parsing attributes in process `syz.2.279'. [ 97.578196][ T6722] netdevsim netdevsim0 netdevsim0: entered promiscuous mode [ 97.591951][ T6722] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 97.696150][ T6731] netlink: 24 bytes leftover after parsing attributes in process `syz.2.293'. [ 98.143140][ T6754] netlink: 52 bytes leftover after parsing attributes in process `syz.3.305'. [ 98.170648][ T6754] netlink: 52 bytes leftover after parsing attributes in process `syz.3.305'. [ 99.009365][ T6786] netlink: 4 bytes leftover after parsing attributes in process `syz.0.316'. [ 99.423440][ T6814] wg2: entered promiscuous mode [ 99.432939][ T6814] wg2: entered allmulticast mode [ 99.827788][ T6836] netdevsim netdevsim3 netdevsim0: entered allmulticast mode [ 100.007814][ T6849] netlink: 8 bytes leftover after parsing attributes in process `syz.2.348'. [ 100.111995][ T6855] netlink: 4 bytes leftover after parsing attributes in process `syz.4.351'. [ 100.320845][ T6854] warning: `syz.1.350' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 100.337351][ T6862] tipc: Started in network mode [ 100.342248][ T6862] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711 [ 100.364826][ T6862] tipc: Enabled bearer , priority 0 [ 100.995655][ T6916] netlink: 'syz.1.378': attribute type 1 has an invalid length. [ 101.003556][ T6916] netlink: 224 bytes leftover after parsing attributes in process `syz.1.378'. [ 101.356602][ T6928] netlink: 4 bytes leftover after parsing attributes in process `syz.3.383'. [ 101.358745][ T6930] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 101.372852][ T6930] IPv6: NLM_F_CREATE should be set when creating new route [ 101.494989][ T5903] tipc: Node number set to 11578026 [ 102.329010][ T6984] netlink: 24 bytes leftover after parsing attributes in process `syz.3.408'. [ 102.691727][ T7004] netlink: 32 bytes leftover after parsing attributes in process `syz.3.418'. [ 102.805486][ T7008] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 103.093370][ T7028] netlink: 20 bytes leftover after parsing attributes in process `syz.1.427'. [ 103.118467][ T7028] netlink: 20 bytes leftover after parsing attributes in process `syz.1.427'. [ 103.128401][ T7028] netlink: 20 bytes leftover after parsing attributes in process `syz.1.427'. [ 103.237372][ T7035] netlink: 'syz.2.432': attribute type 2 has an invalid length. [ 103.347939][ T7045] IPVS: sync thread started: state = MASTER, mcast_ifn = lo, syncid = 2, id = 0 [ 103.693077][ T7065] netlink: 8 bytes leftover after parsing attributes in process `syz.1.443'. [ 103.703771][ T7066] netlink: 4 bytes leftover after parsing attributes in process `syz.0.442'. [ 105.443388][ T7156] syz_tun: entered allmulticast mode [ 105.453223][ T7160] netlink: 20 bytes leftover after parsing attributes in process `syz.3.485'. [ 105.480673][ T7155] syz_tun: left allmulticast mode [ 105.484530][ T7160] x_tables: ip_tables: udp match: only valid for protocol 17 [ 105.629685][ T7168] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 105.722057][ T7176] netlink: 48 bytes leftover after parsing attributes in process `syz.1.493'. [ 105.744508][ T7175] netlink: 2 bytes leftover after parsing attributes in process `syz.4.494'. [ 105.957054][ T7182] team0: Port device team_slave_0 removed [ 105.981233][ T7188] wg1: Master is either lo or non-ether device [ 106.485395][ T7225] netlink: 'syz.0.517': attribute type 1 has an invalid length. [ 106.565634][ T7225] bond1: (slave geneve2): making interface the new active one [ 106.575320][ T7225] bond1: (slave geneve2): Enslaving as an active interface with an up link [ 106.597029][ T7228] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 106.628134][ T5928] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 20000 - 0 [ 106.661731][ T5928] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 20000 - 0 [ 106.697837][ T5928] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 20000 - 0 [ 106.719046][ T5928] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 20000 - 0 [ 107.208911][ T7264] ================================================================== [ 107.217008][ T7264] BUG: KASAN: slab-out-of-bounds in pause_parse_request+0x40/0x160 [ 107.224912][ T7264] Read of size 8 at addr ffff88805f148230 by task syz.4.532/7264 [ 107.232635][ T7264] [ 107.234966][ T7264] CPU: 1 UID: 0 PID: 7264 Comm: syz.4.532 Not tainted 6.16.0-rc3-syzkaller-00902-gbeead7eea896 #0 PREEMPT(full) [ 107.234989][ T7264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 107.235000][ T7264] Call Trace: [ 107.235008][ T7264] [ 107.235015][ T7264] dump_stack_lvl+0x189/0x250 [ 107.235043][ T7264] ? __virt_addr_valid+0x1c8/0x5c0 [ 107.235060][ T7264] ? rcu_is_watching+0x15/0xb0 [ 107.235084][ T7264] ? __kasan_check_byte+0x12/0x40 [ 107.235102][ T7264] ? __pfx_dump_stack_lvl+0x10/0x10 [ 107.235124][ T7264] ? rcu_is_watching+0x15/0xb0 [ 107.235148][ T7264] ? lock_release+0x4b/0x3e0 [ 107.235171][ T7264] ? __virt_addr_valid+0x1c8/0x5c0 [ 107.235186][ T7264] ? __virt_addr_valid+0x4a5/0x5c0 [ 107.235202][ T7264] print_report+0xd2/0x2b0 [ 107.235224][ T7264] ? pause_parse_request+0x40/0x160 [ 107.235241][ T7264] kasan_report+0x118/0x150 [ 107.235258][ T7264] ? pause_parse_request+0x40/0x160 [ 107.235278][ T7264] ? __pfx_pause_parse_request+0x10/0x10 [ 107.235296][ T7264] pause_parse_request+0x40/0x160 [ 107.235314][ T7264] ? __pfx_pause_parse_request+0x10/0x10 [ 107.235332][ T7264] ethnl_default_set_doit+0x2be/0xa40 [ 107.235355][ T7264] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 107.235384][ T7264] genl_family_rcv_msg_doit+0x212/0x300 [ 107.235412][ T7264] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 107.235450][ T7264] ? bpf_lsm_capable+0x9/0x20 [ 107.235466][ T7264] ? security_capable+0x7e/0x2e0 [ 107.235490][ T7264] genl_rcv_msg+0x60e/0x790 [ 107.235517][ T7264] ? __pfx_genl_rcv_msg+0x10/0x10 [ 107.235541][ T7264] ? ref_tracker_free+0x63a/0x7d0 [ 107.235564][ T7264] ? __pfx_ethnl_default_set_doit+0x10/0x10 [ 107.235587][ T7264] ? __pfx_ref_tracker_free+0x10/0x10 [ 107.235613][ T7264] netlink_rcv_skb+0x208/0x470 [ 107.235634][ T7264] ? __pfx_genl_rcv_msg+0x10/0x10 [ 107.235657][ T7264] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 107.235684][ T7264] ? down_read+0x1ad/0x2e0 [ 107.235705][ T7264] genl_rcv+0x28/0x40 [ 107.235726][ T7264] netlink_unicast+0x75b/0x8d0 [ 107.235747][ T7264] netlink_sendmsg+0x805/0xb30 [ 107.235770][ T7264] ? __pfx_netlink_sendmsg+0x10/0x10 [ 107.235791][ T7264] ? aa_sock_msg_perm+0x94/0x160 [ 107.235813][ T7264] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 107.235833][ T7264] ? __pfx_netlink_sendmsg+0x10/0x10 [ 107.235854][ T7264] __sock_sendmsg+0x219/0x270 [ 107.235873][ T7264] ____sys_sendmsg+0x505/0x830 [ 107.235898][ T7264] ? __pfx_____sys_sendmsg+0x10/0x10 [ 107.235925][ T7264] ? import_iovec+0x74/0xa0 [ 107.235942][ T7264] ___sys_sendmsg+0x21f/0x2a0 [ 107.235966][ T7264] ? __pfx____sys_sendmsg+0x10/0x10 [ 107.236004][ T7264] ? __fget_files+0x2a/0x420 [ 107.236022][ T7264] ? __fget_files+0x3a0/0x420 [ 107.236045][ T7264] __x64_sys_sendmsg+0x19b/0x260 [ 107.236069][ T7264] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 107.236096][ T7264] ? rcu_is_watching+0x15/0xb0 [ 107.236124][ T7264] ? do_syscall_64+0xbe/0x3b0 [ 107.236145][ T7264] do_syscall_64+0xfa/0x3b0 [ 107.236164][ T7264] ? lockdep_hardirqs_on+0x9c/0x150 [ 107.236182][ T7264] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 107.236199][ T7264] ? clear_bhb_loop+0x60/0xb0 [ 107.236219][ T7264] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 107.236236][ T7264] RIP: 0033:0x7facac58e929 [ 107.236252][ T7264] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 107.236267][ T7264] RSP: 002b:00007facad39a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 107.236286][ T7264] RAX: ffffffffffffffda RBX: 00007facac7b5fa0 RCX: 00007facac58e929 [ 107.236299][ T7264] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 107.236311][ T7264] RBP: 00007facac610b39 R08: 0000000000000000 R09: 0000000000000000 [ 107.236322][ T7264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 107.236333][ T7264] R13: 0000000000000000 R14: 00007facac7b5fa0 R15: 00007ffcbbe39688 [ 107.236351][ T7264] [ 107.236358][ T7264] [ 107.616988][ T7264] Allocated by task 7264: [ 107.621299][ T7264] kasan_save_track+0x3e/0x80 [ 107.625966][ T7264] __kasan_kmalloc+0x93/0xb0 [ 107.630538][ T7264] __kmalloc_noprof+0x27a/0x4f0 [ 107.635367][ T7264] genl_family_rcv_msg_attrs_parse+0xa3/0x2a0 [ 107.641428][ T7264] genl_family_rcv_msg_doit+0xb8/0x300 [ 107.646876][ T7264] genl_rcv_msg+0x60e/0x790 [ 107.651366][ T7264] netlink_rcv_skb+0x208/0x470 [ 107.656111][ T7264] genl_rcv+0x28/0x40 [ 107.660078][ T7264] netlink_unicast+0x75b/0x8d0 [ 107.664825][ T7264] netlink_sendmsg+0x805/0xb30 [ 107.669576][ T7264] __sock_sendmsg+0x219/0x270 [ 107.674234][ T7264] ____sys_sendmsg+0x505/0x830 [ 107.678983][ T7264] ___sys_sendmsg+0x21f/0x2a0 [ 107.683646][ T7264] __x64_sys_sendmsg+0x19b/0x260 [ 107.688570][ T7264] do_syscall_64+0xfa/0x3b0 [ 107.693059][ T7264] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 107.698934][ T7264] [ 107.701239][ T7264] The buggy address belongs to the object at ffff88805f148200 [ 107.701239][ T7264] which belongs to the cache kmalloc-64 of size 64 [ 107.715096][ T7264] The buggy address is located 8 bytes to the right of [ 107.715096][ T7264] allocated 40-byte region [ffff88805f148200, ffff88805f148228) [ 107.729484][ T7264] [ 107.731791][ T7264] The buggy address belongs to the physical page: [ 107.738179][ T7264] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5f148 [ 107.746922][ T7264] anon flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 107.754447][ T7264] page_type: f5(slab) [ 107.758427][ T7264] raw: 00fff00000000000 ffff88801a4418c0 0000000000000000 0000000000000001 [ 107.767081][ T7264] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 107.775646][ T7264] page dumped because: kasan: bad access detected [ 107.782047][ T7264] page_owner tracks the page as allocated [ 107.787744][ T7264] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5828, tgid 5828 (syz-executor), ts 74599295442, free_ts 21164093021 [ 107.807089][ T7264] post_alloc_hook+0x240/0x2a0 [ 107.811846][ T7264] get_page_from_freelist+0x21e4/0x22c0 [ 107.817386][ T7264] __alloc_frozen_pages_noprof+0x181/0x370 [ 107.823211][ T7264] alloc_pages_mpol+0x232/0x4a0 [ 107.828059][ T7264] allocate_slab+0x8a/0x3b0 [ 107.832563][ T7264] ___slab_alloc+0xbfc/0x1480 [ 107.837233][ T7264] __kmalloc_noprof+0x305/0x4f0 [ 107.842078][ T7264] kobject_get_path+0xc5/0x2d0 [ 107.846847][ T7264] kobject_uevent_env+0x292/0x8c0 [ 107.851881][ T7264] netdev_queue_update_kobjects+0x346/0x6c0 [ 107.857771][ T7264] netdev_register_kobject+0x258/0x310 [ 107.863229][ T7264] register_netdevice+0x126c/0x1ae0 [ 107.868424][ T7264] veth_newlink+0x5cc/0xa50 [ 107.872922][ T7264] rtnl_newlink_create+0x30d/0xb00 [ 107.878031][ T7264] rtnl_newlink+0x16d6/0x1c70 [ 107.882739][ T7264] rtnetlink_rcv_msg+0x7cc/0xb70 [ 107.887683][ T7264] page last free pid 1 tgid 1 stack trace: [ 107.893482][ T7264] __free_frozen_pages+0xc71/0xe70 [ 107.898591][ T7264] free_contig_range+0x1bd/0x4a0 [ 107.903526][ T7264] destroy_args+0x7e/0x5d0 [ 107.907933][ T7264] debug_vm_pgtable+0x412/0x450 [ 107.912771][ T7264] do_one_initcall+0x233/0x820 [ 107.917520][ T7264] do_initcall_level+0x137/0x1f0 [ 107.922447][ T7264] do_initcalls+0x69/0xd0 [ 107.926766][ T7264] kernel_init_freeable+0x3d9/0x570 [ 107.932477][ T7264] kernel_init+0x1d/0x1d0 [ 107.936802][ T7264] ret_from_fork+0x3fc/0x770 [ 107.941382][ T7264] ret_from_fork_asm+0x1a/0x30 [ 107.946142][ T7264] [ 107.948449][ T7264] Memory state around the buggy address: [ 107.954060][ T7264] ffff88805f148100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 107.962103][ T7264] ffff88805f148180: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc [ 107.970158][ T7264] >ffff88805f148200: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc [ 107.978202][ T7264] ^ [ 107.983814][ T7264] ffff88805f148280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 107.991864][ T7264] ffff88805f148300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 107.999903][ T7264] ================================================================== [ 108.022269][ T7264] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 108.029502][ T7264] CPU: 1 UID: 0 PID: 7264 Comm: syz.4.532 Not tainted 6.16.0-rc3-syzkaller-00902-gbeead7eea896 #0 PREEMPT(full) [ 108.041395][ T7264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 108.051459][ T7264] Call Trace: [ 108.054737][ T7264] [ 108.057656][ T7264] dump_stack_lvl+0x99/0x250 [ 108.062244][ T7264] ? __asan_memcpy+0x40/0x70 [ 108.066824][ T7264] ? __pfx_dump_stack_lvl+0x10/0x10 [ 108.072017][ T7264] ? __pfx__printk+0x10/0x10 [ 108.076620][ T7264] panic+0x2db/0x790 [ 108.080529][ T7264] ? __pfx_panic+0x10/0x10 [ 108.084948][ T7264] ? _raw_spin_unlock_irqrestore+0xfd/0x110 [ 108.090835][ T7264] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 108.097155][ T7264] ? print_memory_metadata+0x314/0x400 [ 108.102610][ T7264] ? pause_parse_request+0x40/0x160 [ 108.107800][ T7264] check_panic_on_warn+0x89/0xb0 [ 108.112728][ T7264] ? pause_parse_request+0x40/0x160 [ 108.117909][ T7264] end_report+0x78/0x160 [ 108.122252][ T7264] kasan_report+0x129/0x150 [ 108.126767][ T7264] ? pause_parse_request+0x40/0x160 [ 108.131968][ T7264] ? __pfx_pause_parse_request+0x10/0x10 [ 108.137592][ T7264] pause_parse_request+0x40/0x160 [ 108.142613][ T7264] ? __pfx_pause_parse_request+0x10/0x10 [ 108.148235][ T7264] ethnl_default_set_doit+0x2be/0xa40 [ 108.153604][ T7264] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 108.159931][ T7264] genl_family_rcv_msg_doit+0x212/0x300 [ 108.165470][ T7264] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 108.171534][ T7264] ? bpf_lsm_capable+0x9/0x20 [ 108.176196][ T7264] ? security_capable+0x7e/0x2e0 [ 108.181132][ T7264] genl_rcv_msg+0x60e/0x790 [ 108.185633][ T7264] ? __pfx_genl_rcv_msg+0x10/0x10 [ 108.190673][ T7264] ? ref_tracker_free+0x63a/0x7d0 [ 108.195689][ T7264] ? __pfx_ethnl_default_set_doit+0x10/0x10 [ 108.201572][ T7264] ? __pfx_ref_tracker_free+0x10/0x10 [ 108.206936][ T7264] netlink_rcv_skb+0x208/0x470 [ 108.211694][ T7264] ? __pfx_genl_rcv_msg+0x10/0x10 [ 108.216711][ T7264] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 108.221992][ T7264] ? down_read+0x1ad/0x2e0 [ 108.226399][ T7264] genl_rcv+0x28/0x40 [ 108.230376][ T7264] netlink_unicast+0x75b/0x8d0 [ 108.235129][ T7264] netlink_sendmsg+0x805/0xb30 [ 108.239887][ T7264] ? __pfx_netlink_sendmsg+0x10/0x10 [ 108.245162][ T7264] ? aa_sock_msg_perm+0x94/0x160 [ 108.250088][ T7264] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 108.255363][ T7264] ? __pfx_netlink_sendmsg+0x10/0x10 [ 108.260642][ T7264] __sock_sendmsg+0x219/0x270 [ 108.265307][ T7264] ____sys_sendmsg+0x505/0x830 [ 108.270065][ T7264] ? __pfx_____sys_sendmsg+0x10/0x10 [ 108.275346][ T7264] ? import_iovec+0x74/0xa0 [ 108.279852][ T7264] ___sys_sendmsg+0x21f/0x2a0 [ 108.284524][ T7264] ? __pfx____sys_sendmsg+0x10/0x10 [ 108.289731][ T7264] ? __fget_files+0x2a/0x420 [ 108.294307][ T7264] ? __fget_files+0x3a0/0x420 [ 108.298974][ T7264] __x64_sys_sendmsg+0x19b/0x260 [ 108.303903][ T7264] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 108.309358][ T7264] ? rcu_is_watching+0x15/0xb0 [ 108.314121][ T7264] ? do_syscall_64+0xbe/0x3b0 [ 108.318793][ T7264] do_syscall_64+0xfa/0x3b0 [ 108.323283][ T7264] ? lockdep_hardirqs_on+0x9c/0x150 [ 108.328467][ T7264] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 108.334520][ T7264] ? clear_bhb_loop+0x60/0xb0 [ 108.339185][ T7264] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 108.345062][ T7264] RIP: 0033:0x7facac58e929 [ 108.349464][ T7264] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 108.369053][ T7264] RSP: 002b:00007facad39a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 108.377451][ T7264] RAX: ffffffffffffffda RBX: 00007facac7b5fa0 RCX: 00007facac58e929 [ 108.385412][ T7264] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 108.393379][ T7264] RBP: 00007facac610b39 R08: 0000000000000000 R09: 0000000000000000 [ 108.401346][ T7264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 108.409326][ T7264] R13: 0000000000000000 R14: 00007facac7b5fa0 R15: 00007ffcbbe39688 [ 108.417303][ T7264] [ 108.420590][ T7264] Kernel Offset: disabled [ 108.424905][ T7264] Rebooting in 86400 seconds..