last executing test programs: 19.712540047s ago: executing program 4 (id=2765): socket(0x2a, 0x2, 0x0) r0 = socket(0x2b, 0x80801, 0x1) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, 0x0, 0x0) 19.639823077s ago: executing program 4 (id=2768): r0 = socket(0x2a, 0x2, 0x0) getsockname$packet(r0, 0x0, &(0x7f00000001c0)) r1 = socket$inet(0x2, 0x4000000805, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000280)={@broadcast, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0xc) 19.615039355s ago: executing program 4 (id=2769): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETCARRIER(r0, 0x400454e2, &(0x7f0000001ec0)=0x1) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x4000) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="09000000030000000400010005"], 0x48) close(0x3) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYRESDEC=r0, @ANYRES32=0x1, @ANYBLOB="0000000000b1c9960000ace0ac7400000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r3, &(0x7f0000000100), &(0x7f0000000000)=""/8, 0x2}, 0x20) bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r3, &(0x7f0000000300)='@', 0x20000000}, 0x20) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000007200000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f000001a4c0)='xdp_cpumap_kthread\x00', r4, 0x0, 0x1}, 0x18) sendmsg$netlink(r1, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000006c0)=ANY=[@ANYRES16=r1], 0x114}], 0x1}, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000003d0007010000000000000000047c0000040000001c0001800600060088a80000100004"], 0x34}}, 0x0) r6 = socket(0x40000000015, 0x805, 0x0) getsockopt(r6, 0x114, 0x271b, &(0x7f0000000440)=""/102400, &(0x7f00000000c0)=0x41) 19.395497984s ago: executing program 4 (id=2780): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r0, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000380), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x0) recvmmsg(r1, &(0x7f0000001140), 0x700, 0x2, 0x0) 18.592034563s ago: executing program 0 (id=2798): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETCARRIER(r0, 0x400454e2, &(0x7f0000001ec0)=0x1) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x4000) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="09000000030000000400010005"], 0x48) close(0x3) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYRESDEC=r0, @ANYRES32=0x1, @ANYBLOB="0000000000b1c9960000ace0ac7400000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r3, &(0x7f0000000100), &(0x7f0000000000)=""/8, 0x2}, 0x20) bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r3, &(0x7f0000000300)='@', 0x20000000}, 0x20) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000007200000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f000001a4c0)='xdp_cpumap_kthread\x00', r4, 0x0, 0x1}, 0x18) sendmsg$netlink(r1, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000006c0)=ANY=[@ANYRES16=r1], 0x114}], 0x1}, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000003d0007010000000000000000047c0000040000001c0001800600060088a80000100004"], 0x34}}, 0x0) r6 = socket(0x40000000015, 0x805, 0x0) getsockopt(r6, 0x114, 0x271b, &(0x7f0000000440)=""/102400, &(0x7f00000000c0)=0x41) r7 = socket$inet(0x2, 0x80000, 0x52fe) setsockopt$IPT_SO_SET_REPLACE(r7, 0x0, 0x40, &(0x7f0000001f80)=@nat={'nat\x00', 0x1b, 0x5, 0x440, 0xd0, 0x1a8, 0xffffffff, 0x1a8, 0x0, 0x3a8, 0x3a8, 0xffffffff, 0x3a8, 0x3a8, 0x5, &(0x7f0000001f00), {[{{@ip={@remote, @loopback, 0xff000000, 0xff, 'veth0_to_bond\x00', 'pimreg1\x00', {}, {0xff}, 0x8, 0x2}, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xe}, 0x400, 0xf, [0xb, 0x1, 0x5, 0x1a, 0xa, 0x3e, 0xd, 0x14, 0x36, 0x13, 0x1f, 0x4, 0x8, 0x7, 0x18, 0x3a], 0x2, 0x200}}}, {{@ip={@multicast1, @multicast1, 0xff000000, 0x0, 'vcan0\x00', 'pimreg0\x00', {0xff}, {}, 0x0, 0x2, 0x1}, 0x0, 0xa0, 0xd8, 0x0, {}, [@common=@addrtype={{0x30}, {0x410, 0xa02, 0x1}}]}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x1c, @local, @dev={0xac, 0x14, 0x14, 0x3f}, @port=0x4e23, @gre_key}}}}, {{@uncond, 0x0, 0xd0, 0x130, 0x0, {}, [@common=@unspec=@devgroup={{0x38}, {0x4, 0x646a, 0x2, 0x8, 0x3}}, @common=@icmp={{0x28}, {0xb, "ad8d"}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x1, @empty, 0x0, 0x10, [0x2b, 0x1b, 0x11, 0x11, 0x35, 0x37, 0x26, 0x2a, 0x25, 0x17, 0x26, 0x25, 0x2d, 0x37, 0x3f, 0x22], 0x0, 0x1}}}, {{@ip={@private=0xa010101, @private=0xa010101, 0xff, 0x0, 'pim6reg\x00', 'veth0_to_hsr\x00', {0xff}, {}, 0x73, 0x2, 0x10}, 0x0, 0x98, 0xd0, 0x0, {}, [@common=@icmp={{0x28}, {0xc, "22b1"}}]}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x8, @initdev={0xac, 0x1e, 0x1, 0x0}, @remote, @gre_key=0x3c2, @port=0x4e23}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x4a0) r8 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) connect$bt_l2cap(r8, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x4}, 0xe) getsockopt$sock_buf(r8, 0x1, 0x1c, 0x0, &(0x7f0000000080)) r9 = socket$kcm(0x2, 0xa, 0x2) recvmmsg(0xffffffffffffffff, &(0x7f0000001dc0)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000000c0)=""/10, 0xa}, {&(0x7f0000000100)=""/117, 0x75}, {&(0x7f0000000240)=""/95, 0x5f}, {&(0x7f00000001c0)=""/52, 0x34}, {&(0x7f00000002c0)=""/49, 0x31}], 0x5, &(0x7f0000000380)=""/7, 0x7}, 0x2000400}, {{&(0x7f00000003c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000580), 0x0, &(0x7f00000005c0)=""/245, 0xf5}, 0xf}, {{&(0x7f00000006c0)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, 0x80, &(0x7f0000001d40)=[{&(0x7f0000002780)=""/206, 0xce}, {&(0x7f0000019440)=""/4112, 0x1010}, {&(0x7f00000018c0)=""/132, 0x84}, {&(0x7f0000001980)=""/214, 0xd6}, {&(0x7f0000001a80)=""/164, 0xa4}, {&(0x7f0000001b40)=""/125, 0x7d}, {&(0x7f0000001c00)=""/196, 0xc4}, {&(0x7f0000000840)=""/31, 0x1f}], 0x8}, 0x401}], 0x3, 0x20, &(0x7f0000001e80)={0x77359400}) ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast}) 18.506452681s ago: executing program 4 (id=2801): syz_emit_ethernet(0x1031, &(0x7f0000001700)=ANY=[], &(0x7f0000000040)={0x1, 0x4, [0x687, 0xc, 0x8b, 0xa4a]}) 18.448538942s ago: executing program 4 (id=2804): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), r2) getsockname$packet(r2, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000680)=@newqdisc={0x48, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x16}, {0xffff, 0xffff}, {0x8, 0x7}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x14, 0x2, [@TCA_FQ_CODEL_TARGET={0x8, 0x1, 0x6}, @TCA_FQ_CODEL_ECN={0x8}]}}]}, 0x48}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0xe, 0x3}, {}, {0x5, 0xfff1}}}, 0x24}}, 0x40004) 18.407605856s ago: executing program 2 (id=2806): r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_tcp_SIOCATMARK(r0, 0x8905, &(0x7f0000000080)) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x15, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x75, r1}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0xfffffffffffffe8b, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r2}, 0xc) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7a}}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x2, 0x0, 0x0, 0x1d6225b, 0x0, 0x0, 0x14, 0x0, @void, @value}, 0x90) r4 = socket(0x200000000000011, 0x2, 0x0) setsockopt$packet_tx_ring(r4, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1, 0x0, 0x7fffffff, 0x34}, 0x1c) pipe(&(0x7f0000019480)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r5, &(0x7f00000000c0)=[{&(0x7f0000000180)='\b\x00', 0x2}], 0x1, 0x1) close(r6) socket$key(0xf, 0x3, 0x2) splice(r5, 0x0, r6, 0x0, 0x10500, 0x0) sendmsg$SEG6_CMD_GET_TUNSRC(r4, &(0x7f0000000740)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000003c0)={0x0}, 0x1, 0x0, 0x0, 0x4008010}, 0x20000850) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) setsockopt$inet_tcp_int(r0, 0x6, 0x7, &(0x7f0000000000)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0xa, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet(r0, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x10) 18.325223276s ago: executing program 0 (id=2808): r0 = socket(0x2a, 0x2, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=@newtfilter={0x4c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0xc}, {}, {0x1c}}, [@filter_kind_options=@f_flower={{0xb}, {0x1c, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x10, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x1000}]}]}, @TCA_FLOWER_KEY_CT_MARK={0x8, 0x5f, 0x10}]}}]}, 0x4c}}, 0x0) sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) ioctl$BTRFS_IOC_SET_FEATURES(0xffffffffffffffff, 0x40309439, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) r2 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000080)='hugetlb.1GB.rsvd.limit_in_bytes\x00', 0x2, 0x0) writev(r2, &(0x7f0000000a40)=[{&(0x7f00000007c0)='t', 0x1}], 0x1) 18.240344458s ago: executing program 0 (id=2809): r0 = socket$inet(0x2, 0x2, 0x1) sendmsg$inet(r0, 0x0, 0x20000000) 18.225261342s ago: executing program 0 (id=2810): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f00000003c0)={r0}, 0xc) 18.098656268s ago: executing program 0 (id=2812): r0 = socket$igmp(0x2, 0x3, 0x2) r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000380)=ANY=[@ANYBLOB="9feb01001800000000000000340000003400000006000000040000000000000e0400000000000000000000000000000d040000000000000000000004000000000400000000000008030000000000000061"], 0x0, 0x52, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0c00000004000000040000000000010000000000", @ANYRES32=r2, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=r1, @ANYBLOB="08000000000000007700000000000000006e000000001501009b4e00"], 0x50) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'gretap0\x00', &(0x7f0000000040)={'syztnl2\x00', 0x0, 0x7800, 0x7850, 0x7, 0x10001, {{0x27, 0x4, 0x0, 0x1e, 0x9c, 0x64, 0x0, 0x6, 0x2f, 0x0, @local, @private=0xa010100, {[@rr={0x7, 0x7, 0x40, [@rand_addr=0x64010100]}, @rr={0x7, 0xb, 0x1f, [@remote, @multicast1]}, @ra={0x94, 0x4, 0x1}, @end, @timestamp={0x44, 0x20, 0x3e, 0x0, 0xb, [0xf9, 0x0, 0x5b, 0x0, 0x1398, 0x6, 0x80]}, @generic={0x86, 0x2}, @timestamp={0x44, 0x2c, 0xab, 0x0, 0x2, [0xffffffff, 0x7e0, 0x8, 0x5, 0x1, 0x6, 0x7, 0x3, 0x200, 0xd]}, @cipso={0x86, 0x22, 0x1, [{0x2, 0x3, "1e"}, {0x7, 0x3, "8d"}, {0x7, 0xc, "502f75b1f03bb6a4a293"}, {0x0, 0x7, "653107180d"}, {0x0, 0x3, "86"}]}]}}}}}) setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000000180)={0x40, 0x0, 0x9, 0x3, @vifc_lcl_ifindex=r3, @rand_addr=0x64010101}, 0x10) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r4, &(0x7f0000000180), 0x40010) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000691000/0x4000)=nil, 0x4000, 0x3, 0x28011, r5, 0x0) mmap(&(0x7f0000867000/0x2000)=nil, 0x2000, 0x0, 0x11, r5, 0x1000) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r6, &(0x7f0000000940)=[{&(0x7f0000000400)="1333", 0x2}], 0x1, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000b00)={'vlan0\x00', &(0x7f00000006c0)=@ethtool_gstrings={0x1b, 0x1, 0x66, "e3feb98868d847508793613d285e8e152ae57ba79d352678db20cc9a28f8ee5ee124d59162bd991db65cdc541afb9159ae59ee0d35fcf1535ca0b49299a5a33232643f3bb7618c5dbf050d3a1fc11edda2cfa6b53ea0d86c93d854c03b6eff6e728a04f15ca7"}}) 18.053930069s ago: executing program 0 (id=2813): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x100, 0x8000}, 0x4) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000100)=0xffffffffffffffff, 0x4) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000001240)=ANY=[@ANYBLOB="84000000180001002cbd7000ffdbdf251d0107000c000b00040000a00300008015000100030000a006000000bac45f9ce14233bd0000000008000900", @ANYRES32, @ANYBLOB="0c000b00000000e0020000a015000200010000a0070300007f15f0386605000b0200000008000a00", @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08000500fe0601de08000e"], 0x84}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000440)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_SET_MESH(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000005c0)={0x24, r2, 0x1, 0x70bd29, 0xfffffffe, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x100000000000000, 0x0, 0x4000}, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000300)="d800", 0x2}], 0x1}, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x1f, 0x2, 0xbf22, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000400), 0x401, r5, 0x0, 0xa002a0}, 0x38) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200), &(0x7f0000001540), 0xfffffffe, r5, 0x0, 0x1500}, 0x38) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0xca02}) unshare(0x62040200) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x609, 0x4, 0x0, &(0x7f0000000140)="dd800000", 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r7 = socket(0xa, 0x40000000002, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r7, 0x0, 0x80, &(0x7f0000000880)=@nat={'nat\x00', 0x19, 0x2, 0x348, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x2, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000021000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000400000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff020000000300000000000000ffff0000000000000000000000000000000062726983676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000d8010000d801000010020000636f6d6d656e7400000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000003f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073746174697374696300000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000ffffffff000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e3000e575dd73000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a8000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000ffffffff00000000"]}, 0x3c0) 17.536200043s ago: executing program 2 (id=2815): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=@newlink={0x58, 0x10, 0x403, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x74, 0x0, 0x800, 0x55007}, [@IFLA_LINKINFO={0x38, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x28, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERIER={0x5, 0x19, 0x2}, @IFLA_BR_STP_STATE={0x8, 0x5, 0x1}, @IFLA_BR_MCAST_STARTUP_QUERY_INTVL={0xc, 0x23, 0x6}, @IFLA_BR_NF_CALL_IPTABLES={0x5, 0x24, 0x1}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x800}, 0x80) 17.287112235s ago: executing program 1 (id=2816): socket(0x2a, 0x2, 0x0) r0 = socket(0x2b, 0x80801, 0x1) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000fc0)=@raw={'raw\x00', 0x3c1, 0x3, 0x2f8, 0x140, 0x5c, 0x160, 0x140, 0x3e0, 0x250, 0x228, 0x25a, 0x250, 0x228, 0x4, 0x0, {[{{@ipv6={@remote, @dev, [], [], 'veth0_to_batadv\x00', 'wg1\x00', {}, {0x222cecdb0fb5a62a}, 0x3a}, 0x5002, 0xd0, 0x118, 0x52020000, {0x0, 0x6802000000000000}, [@common=@icmp6={{0x28}, {0x0, "d176"}}]}, @unspec=@CT0={0x48}}, {{@ipv6={@local, @private2, [], [0xff], 'veth1_to_hsr\x00', 'dummy0\x00', {}, {}, 0x88}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x358) 17.26861928s ago: executing program 1 (id=2817): r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'hsr0\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000100)={r2, 0x1, 0x6}, 0x10) r3 = socket$nl_route(0x10, 0x3, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r4, 0x8923, &(0x7f0000000000)={'lo\x00', @random="dbccee5d2fd1"}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'hsr0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)=@delchain={0x24, 0x11, 0x1, 0x70bd26, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0xffe0, 0xfff2}, {0x0, 0xc}, {0x4, 0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x8044}, 0x4000000) syz_emit_ethernet(0x1ee, &(0x7f0000000ac0)={@local, @broadcast, @void, {@mpls_mc={0x8848, {[{0x4}, {0x101}, {0x9, 0x0, 0x1}, {0x6}, {0x8}], @ipv6=@udp={0x7, 0x6, "40b9a6", 0x1a4, 0x11, 0x0, @remote, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xf}}, {[@routing={0x33, 0xa, 0x1, 0x0, 0x0, [@private0={0xfc, 0x0, '\x00', 0x1}, @local, @private0={0xfc, 0x0, '\x00', 0x1}, @private2={0xfc, 0x2, '\x00', 0x1}, @local]}, @hopopts={0x2e}, @srh={0x62, 0x6, 0x4, 0x3, 0x0, 0x4, 0x756e, [@private2={0xfc, 0x2, '\x00', 0x1}, @empty, @remote]}, @fragment={0xb4, 0x0, 0x8, 0x1, 0x0, 0x9, 0x66}, @dstopts={0x8, 0x6, '\x00', [@pad1, @hao={0xc9, 0x10, @dev={0xfe, 0x80, '\x00', 0x3c}}, @calipso={0x7, 0x20, {0x1, 0x6, 0x3, 0x0, [0x1, 0x5, 0x8]}}]}, @routing={0x6c, 0x4, 0x1, 0x7f, 0x0, [@loopback, @loopback]}], {0x4e22, 0x4e21, 0x9c, 0x0, @wg=@initiation={0x1, 0x3, "a3164f377301b51da75d483c44fe5f51b704cb6f20af81923f7d8984a3ecbcc4", "edf59483ed39c35c07db74c268b2829c107081509809b5377d3710b582cbdce49b16bbaaa1c1aa62f009781fb2258ee0", "f832b910ec3b02c8fd6ac42c6b21c0a05fe89f6b5e433861ab86339b", {"c2bf6d9089a5e692b7b348de8a3fa228", "1dd70f42327fad2e5461f6a109b9e860"}}}}}}}}}, 0x0) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) r7 = socket$inet6(0xa, 0x1, 0x84) bind$inet6(r7, &(0x7f0000ed3fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000740)={0x0, 0x8a, "8052d5d12fc88e6c03719e191f36370517c7ca32a3b6ed3d9c6d543a3dd8ab6d52fd35d6f58f83ce140aec048cd0c9cfa14602bb89bfa243835cc7575195043841f211687df6c04d96df30129e7758c124c5b9032d658eca7db898933d138e5a3df51aac50a600c3b1c61c3599a331755349a8212a9dfbe4289463586215eb5e392cbeb4d24c4905f629"}, &(0x7f0000000800)=0x92) setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x5, &(0x7f00000008c0)={r8, @in6={{0xa, 0x4e24, 0xf8000000, @remote, 0x320b}}}, 0x84) shutdown(r7, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f00000005c0)='hybla\x00', 0x6) setsockopt$sock_linger(r7, 0x1, 0xd, &(0x7f0000000040)={0x1, 0xffffffff}, 0x8) r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r9}, 0x10) sendto$inet6(r7, &(0x7f0000000100)="bc", 0x1, 0x0, &(0x7f00000006c0)={0xa, 0x4e20, 0x4004, @loopback}, 0x1c) close(r7) sendmsg$NFT_MSG_GETTABLE(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000010a01020008033328cc6223a81c4cafa73b00000000000002000005"], 0x14}, 0x1, 0x0, 0x0, 0x4040010}, 0x24008080) getsockopt(r6, 0x10, 0xf88, &(0x7f0000000000)=""/46, &(0x7f0000000080)=0x2e) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), r10) 16.517479499s ago: executing program 2 (id=2818): setsockopt(0xffffffffffffffff, 0xce6, 0x8, &(0x7f00000001c0)="91825d21", 0x4) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYRES32=0x0, @ANYBLOB="00000000000000002c00128009000100626f6e64000000001c0002800500010004"], 0x4c}}, 0x0) 16.503211469s ago: executing program 3 (id=2819): r0 = socket(0x2a, 0x2, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=@newtfilter={0x4c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0xc}, {}, {0x1c}}, [@filter_kind_options=@f_flower={{0xb}, {0x1c, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x10, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x1000}]}]}, @TCA_FLOWER_KEY_CT_MARK={0x8, 0x5f, 0x10}]}}]}, 0x4c}}, 0x0) sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) ioctl$BTRFS_IOC_SET_FEATURES(0xffffffffffffffff, 0x40309439, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) r2 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000080)='hugetlb.1GB.rsvd.limit_in_bytes\x00', 0x2, 0x0) writev(r2, &(0x7f0000000a40)=[{&(0x7f00000007c0)='t', 0x1}], 0x1) 16.499949677s ago: executing program 1 (id=2820): r0 = socket$inet(0x2, 0x2, 0x1) sendmsg$inet(r0, 0x0, 0x20000000) 16.456134394s ago: executing program 3 (id=2821): r0 = socket$unix(0x1, 0x2, 0x0) socket$kcm(0x10, 0x2, 0x0) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x4, {{0xa, 0x0, 0x8000, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}}}, 0x108) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=@newlink={0x48, 0x10, 0x44b, 0x0, 0x0, {0x7a, 0x0, 0x0, 0x0, 0x0, 0x54880}, [@IFLA_LINKINFO={0xf, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_AGEING_TIME={0x8, 0x8, 0x81}]}}}, @IFLA_ADDRESS={0xa, 0x1, @dev}]}, 0x48}}, 0x4) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c75150926b00000000", @ANYRES32=r3, @ANYBLOB="fe000000000000001c0012000c000100626f6e64000000000c0002000800010004"], 0x3c}}, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket(0x1, 0x803, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x12}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0xfffffffffffffd59}}}, @IFLA_MASTER={0x8, 0xa, r7}]}, 0x40}}, 0x0) bind$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) sendmsg$unix(r0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="4fc4602e"], 0x30, 0x4048015}, 0x0) r8 = socket$unix(0x1, 0x2, 0x0) r9 = epoll_create(0x1) getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000a40)={0x0, 0x0}, &(0x7f0000000a80)=0xc) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000ac0)={0x0, 0x0, 0x0}, 0x0) sendmsg$netlink(r1, &(0x7f0000000c00)={&(0x7f0000000400)=@proc={0x10, 0x0, 0x25dfdbfc, 0x40}, 0xc, &(0x7f00000004c0)=[{&(0x7f00000007c0)={0x154, 0x3d, 0x1, 0x70bd2d, 0x25dfdbfb, "", [@generic="250148573047e14b4fdff6c87f18190a3890f3f7054efd030d8a81f3c62bcd7cba2b3675a8053606db7c2cc819d388d8a531c611c80607c7361aa07c69b4971323df5bcebf80a10f3e4a7b48fb79ab97e05513b310ac845a17aff16f983f9276ef63744a9d62a101aa082885f7fd9618d1356b6a383896ea6efd198760e6ba205194b403b78df4cde178bd7847ef272712b2943e8bca866a615e6b2d92650dd466017d03d259ed8a4f74f796f5720ba84b470a7538b8abe5936bf7c30aa182f95cc187e4967bf0c914974454fba8f80bec", @nested={0x5f, 0x69, 0x0, 0x1, [@typed={0x4, 0x14a}, @nested={0x4, 0x4d}, @generic="6bef1c7277f52d5a108ec802706960b111", @typed={0x4, 0x6}, @nested={0x4, 0x118}, @generic="094fd88fe48a7960732242d91ae2516f30fe35323362eb56cc99fa3fd13b533a2354", @nested={0x4, 0x26}, @typed={0x14, 0x145, 0x0, 0x0, @ipv6=@private0={0xfc, 0x0, '\x00', 0x1}}]}, @typed={0xe, 0xf9, 0x0, 0x0, @str='}\\-[)\\()\\\x00'}]}, 0x154}, {&(0x7f0000000540)={0x54, 0x3a, 0x20, 0x70bd27, 0x25dfdbfd, "", [@typed={0x8, 0x122, 0x0, 0x0, @uid}, @generic="5dab8a4ba861fd1433b62ab6fdfd4bce2c202343f5beb3c3db0d1bc8f4c20786aeac4383a9014dc92bdd858fda631bd0a4eb2cd37f83defdb965a2"]}, 0x54}, {&(0x7f0000000600)={0xd8, 0x21, 0x100, 0x70bd27, 0x25dfdbfe, "", [@generic="7560e55a594bb00c71c28c3686c5329e533650895dd4c3787b4199a2add515699e6c07ff8467d6712ccb0e3d5b63a2f3a5933a633e98bece646df31f036559ea9a19d92cd105fb9e8ac2f50b53d1fbb862f98311a393f457a8", @typed={0x6a, 0xcb, 0x0, 0x0, @binary="52b24c929084b44980e9b82a5bc79c8f9a805b3717e282e80b950b921ee537a349fe962a94e559f2a77e013aec0b17357aa9fccc932ec3e02a8f3cc2f5e3de06ba97e9b9b3fb72904369ff724e9db1a6c1cf4399cf2cdadfa6b00a1f689763cb5084a179fdfd"}, @generic]}, 0xd8}], 0x3, &(0x7f0000000b80)=[@cred={{0x1c, 0x1, 0x2, {0x0, r10, r11}}}, @rights={{0x1c, 0x1, 0x1, [r9, r0, r1]}}, @rights={{0x14, 0x1, 0x1, [r5]}}], 0x58}, 0x8890) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r12 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r12}, 0xc) connect$unix(r8, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) sendmmsg(r8, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x3ec0) readv(r0, &(0x7f0000000000)=[{&(0x7f0000000200)=""/150, 0x96}], 0x1) r13 = socket$igmp(0x2, 0x3, 0x2) ioctl$sock_SIOCETHTOOL(r13, 0x8946, &(0x7f0000000b00)={'veth0\x00', &(0x7f0000000100)=@ethtool_link_settings={0x4c, 0x0, 0x0, 0x10, 0x0, 0x0, 0xfe, 0x8, 0x0, 0x4, [0x0, 0x0, 0x0, 0x0, 0x2, 0x1]}}) 16.455907134s ago: executing program 2 (id=2822): syz_emit_ethernet(0x7e, &(0x7f0000000100)={@multicast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x5, 0x0, 0x3, 0x0, 0x0, {0x15, 0x4, 0x0, 0x0, 0x1, 0x65, 0x0, 0x1, 0x2f, 0x0, @dev, @remote, {[@noop, @timestamp_addr={0x44, 0x3c, 0x0, 0x1, 0x0, [{@multicast2}, {@private=0xa010100, 0xb00}, {@local}, {}, {@initdev={0xac, 0x1e, 0x41, 0x0}}, {@local}, {@local}]}]}}}}}}}, 0x0) 16.408325236s ago: executing program 1 (id=2823): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f0000000000)="fc0000001d000724ab09254ec100070007ab08001b000000f0ffff002100057e0000000000000e000039000000039815fad151ba0101099cecb94b46fe0000000a00020025", 0xffffff0c) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) splice(r0, 0x0, r2, 0x0, 0x1100000000f336, 0x0) 16.407723059s ago: executing program 2 (id=2824): r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_tcp_SIOCATMARK(r0, 0x8905, &(0x7f0000000080)) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x15, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x75, r1}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0xfffffffffffffe8b, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r2}, 0xc) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7a}}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x2, 0x0, 0x0, 0x1d6225b, 0x0, 0x0, 0x14, 0x0, @void, @value}, 0x90) r4 = socket(0x200000000000011, 0x2, 0x0) setsockopt$packet_tx_ring(r4, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1, 0x0, 0x7fffffff, 0x34}, 0x1c) pipe(&(0x7f0000019480)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r5, &(0x7f00000000c0)=[{&(0x7f0000000180)='\b\x00', 0x2}], 0x1, 0x1) close(r6) socket$key(0xf, 0x3, 0x2) splice(r5, 0x0, r6, 0x0, 0x10500, 0x0) sendmsg$SEG6_CMD_GET_TUNSRC(r4, &(0x7f0000000740)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000003c0)={0x0}, 0x1, 0x0, 0x0, 0x4008010}, 0x20000850) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) setsockopt$inet_tcp_int(r0, 0x6, 0x7, &(0x7f0000000000)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0xa, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet(r0, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x10) 16.31681629s ago: executing program 3 (id=2825): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r0, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000380)=[{0x0}], 0x1, &(0x7f0000000280)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x0) recvmmsg(r1, &(0x7f0000001140), 0x700, 0x2, 0x0) 15.541099067s ago: executing program 1 (id=2826): socket(0x2a, 0x2, 0x0) r0 = socket(0x2b, 0x80801, 0x1) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000fc0)=@raw={'raw\x00', 0x3c1, 0x3, 0x2f8, 0x140, 0x5c, 0x160, 0x140, 0x3e0, 0x250, 0x228, 0x25a, 0x250, 0x228, 0x4, 0x0, {[{{@ipv6={@remote, @dev, [], [], 'veth0_to_batadv\x00', 'wg1\x00', {}, {0x222cecdb0fb5a62a}, 0x3a}, 0x5002, 0xd0, 0x118, 0x52020000, {0x0, 0x6802000000000000}, [@common=@icmp6={{0x28}, {0x0, "d176"}}]}, @unspec=@CT0={0x48}}, {{@ipv6={@local, @private2, [], [0xff], 'veth1_to_hsr\x00', 'dummy0\x00', {}, {}, 0x88}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x358) 15.540411842s ago: executing program 2 (id=2827): r0 = socket$igmp(0x2, 0x3, 0x2) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="2400000001040102000000c9fd0000000000000008000340000100000500010001"], 0x24}}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c00000001040168b8000000000000000000040005000100"], 0x1c}}, 0x0) openat$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000080)='io.pressure\x00', 0x2, 0x0) close(r0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) readv(r4, &(0x7f00000002c0)=[{&(0x7f0000000000)=""/81, 0x51}, {0x0}], 0x2) bind$bt_hci(r4, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r4, &(0x7f0000000340)="23000000010007", 0x7) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket(0x1, 0x803, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001ac0)=@newlink={0x44, 0x10, 0x609, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x88a8ffa7}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r7}]}, 0x44}}, 0x0) sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)=@ipv4_getaddr={0x20, 0x16, 0x100, 0x70bd2b, 0x25dfdbfc, {0x2, 0x1, 0xa2, 0xff, r7}, [@IFA_TARGET_NETNSID={0x8}]}, 0x20}, 0x1, 0x0, 0x0, 0x4001}, 0x0) socket$xdp(0x2c, 0x3, 0x0) r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0xe, 0x8, &(0x7f0000000040)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r8}}]}, &(0x7f00000000c0)='syzkaller\x00', 0x4, 0xb9, &(0x7f0000000200)=""/185, 0x0, 0xc, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000b00)={'veth0\x00', &(0x7f0000000000)=@ethtool_link_settings={0x4c, 0x0, 0x0, 0x10, 0x0, 0x0, 0xfe, 0x8, 0x0, 0x8, [0x0, 0x10000000, 0x8, 0x0, 0x2, 0x1, 0xfffffffc], [0x10000, 0x1ff, 0x7, 0x7, 0x8, 0x6, 0x4, 0x7042]}}) 15.527249048s ago: executing program 1 (id=2828): r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="9feb010018000000000000001400000014000000020000"], &(0x7f0000000f40)=""/4089, 0x2e, 0xff9, 0xa, 0x0, 0x0, @void, @value}, 0x28) socket$igmp(0x2, 0x3, 0x2) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000011c0)={0x18, 0x2c, 0x1, 0x0, 0x0, "", [@nested={0x4, 0x800}, @nested={0x4, 0x19}]}, 0x18}], 0x1}, 0x0) r2 = socket(0x10, 0x803, 0x0) r3 = socket(0x2b, 0x80801, 0x1) shutdown(r3, 0xfffffffffffffffd) write(r2, &(0x7f0000000040)="2600000022004701050007108980e8ff06006d20002b1f00c0e90101c7bb0000b00000000000", 0x26) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x10, &(0x7f0000000140)=ANY=[@ANYBLOB="186600000200000000000000ffffffff18121000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000018110000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000"], &(0x7f00000001c0)='GPL\x00', 0x6, 0x23, &(0x7f0000000200)=""/35, 0x40f00, 0x42, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f0000000240)={0x5, 0x5}, 0x8, 0x10, &(0x7f00000002c0)={0x3, 0x9, 0x8, 0xfffffffb}, 0x10, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000300)=[{0x2, 0x2, 0x3, 0x6}, {0x4, 0x5, 0x0, 0x4}, {0x2, 0x5, 0x6, 0xb}, {0x0, 0x1, 0xf, 0x3}], 0x10, 0x80000000, @void, @value}, 0x94) r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFDSTADDR(r5, 0x8918, &(0x7f00000002c0)={'veth0\x00', {0x2, 0x4e21, @private=0xa010101}}) r6 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000080)={0x5, 0x0, 0x1008, 0x5}, 0x7) write(r6, &(0x7f0000000300)="240000001a005f0214f9f4070d0903008100000000050000000000000800030001000000", 0x24) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='cq_poll\x00', r4, 0x0, 0x3}, 0x18) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000280)="1b874c43d045c96d33fb31820a837db86a0b05f2db5165475fccbfaddd4a594b1cd0482b3d1e01220b791a9c3c182d4eec87642be19d1db0e357f7eea9f688c6b1e83e05dc7e4a22eb2577e8ef3f051b629d0733fb949059b8011a34372f5a8f2ebaeee407292c166edb4149c188164c1b89d71dd65961a4fd7e0d005f417080cdf395e411bdb23900"/147, 0x93) socket$inet6_tcp(0xa, 0x1, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x0, 0x0, &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_inet_SIOCSIFFLAGS(r7, 0x89b0, 0x0) r8 = socket$inet6(0xa, 0x80003, 0xff) r9 = socket$inet6(0xa, 0x800, 0xff) setsockopt$inet6_int(r9, 0x29, 0x16, &(0x7f0000fcb000), 0x4) setsockopt$inet6_int(r8, 0x29, 0x16, &(0x7f0000fcb000), 0x4) close(r8) r10 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r10, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) write$bt_hci(r10, &(0x7f0000000180)=ANY=[], 0x8) socket$packet(0x11, 0x3, 0x300) 15.461317206s ago: executing program 3 (id=2829): socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, 0x0, 0x80) 15.404372629s ago: executing program 3 (id=2830): r0 = socket(0x2a, 0x2, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=@newtfilter={0x4c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0xc}, {}, {0x1c}}, [@filter_kind_options=@f_flower={{0xb}, {0x1c, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x10, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x1000}]}]}, @TCA_FLOWER_KEY_CT_MARK={0x8, 0x5f, 0x10}]}}]}, 0x4c}}, 0x0) sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) ioctl$BTRFS_IOC_SET_FEATURES(0xffffffffffffffff, 0x40309439, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r3 = openat$cgroup_int(r2, &(0x7f0000000080)='hugetlb.1GB.rsvd.limit_in_bytes\x00', 0x2, 0x0) writev(r3, &(0x7f0000000a40)=[{&(0x7f00000007c0)='t', 0x1}], 0x1) 15.404201376s ago: executing program 3 (id=2831): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=@newsa={0x10c, 0x10, 0x281, 0x70bd27, 0x0, {{@in=@remote, @in6=@mcast1, 0x0, 0x400, 0x0, 0x401, 0x0, 0x0, 0x0, 0x3c, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x3c}, @in=@empty, {0x9, 0x2, 0x0, 0x6, 0x100}, {0x6}, {0x2, 0x1ff}, 0x0, 0x0, 0x2, 0x1, 0x0, 0x9c}, [@encap={0x1c, 0x4, {0x1, 0x4e21, 0x4e20, @in=@empty}}]}, 0x10c}}, 0x0) unshare(0x2040600) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0x80, 0x30, 0xb, 0x0, 0x0, {}, [{0x6c, 0x1, [@m_ct={0x68, 0x1, 0x0, 0x0, {{0x7}, {0x40, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}, @TCA_CT_LABELS={0x14, 0x7, "4614c334e344ae53204373dc0ddeb17f"}, @TCA_CT_ZONE={0x6, 0x8}, @TCA_CT_ZONE={0x6, 0x4, 0xd4c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x80}}, 0x0) bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={0xffffffffffffffff, 0x0, 0x20000000}, 0x20) bpf$MAP_DELETE_ELEM(0x15, &(0x7f0000000500)={0xffffffffffffffff, 0x0, 0x20000000}, 0x20) 2.05441068s ago: executing program 32 (id=2813): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x100, 0x8000}, 0x4) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000100)=0xffffffffffffffff, 0x4) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000001240)=ANY=[@ANYBLOB="84000000180001002cbd7000ffdbdf251d0107000c000b00040000a00300008015000100030000a006000000bac45f9ce14233bd0000000008000900", @ANYRES32, @ANYBLOB="0c000b00000000e0020000a015000200010000a0070300007f15f0386605000b0200000008000a00", @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08000500fe0601de08000e"], 0x84}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000440)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_SET_MESH(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000005c0)={0x24, r2, 0x1, 0x70bd29, 0xfffffffe, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x100000000000000, 0x0, 0x4000}, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000300)="d800", 0x2}], 0x1}, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x1f, 0x2, 0xbf22, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000400), 0x401, r5, 0x0, 0xa002a0}, 0x38) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200), &(0x7f0000001540), 0xfffffffe, r5, 0x0, 0x1500}, 0x38) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0xca02}) unshare(0x62040200) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x609, 0x4, 0x0, &(0x7f0000000140)="dd800000", 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r7 = socket(0xa, 0x40000000002, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r7, 0x0, 0x80, &(0x7f0000000880)=@nat={'nat\x00', 0x19, 0x2, 0x348, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x2, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000021000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000400000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff020000000300000000000000ffff0000000000000000000000000000000062726983676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000d8010000d801000010020000636f6d6d656e7400000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000003f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073746174697374696300000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000ffffffff000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e3000e575dd73000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a8000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000ffffffff00000000"]}, 0x3c0) 43.21162ms ago: executing program 33 (id=2828): r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="9feb010018000000000000001400000014000000020000"], &(0x7f0000000f40)=""/4089, 0x2e, 0xff9, 0xa, 0x0, 0x0, @void, @value}, 0x28) socket$igmp(0x2, 0x3, 0x2) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000011c0)={0x18, 0x2c, 0x1, 0x0, 0x0, "", [@nested={0x4, 0x800}, @nested={0x4, 0x19}]}, 0x18}], 0x1}, 0x0) r2 = socket(0x10, 0x803, 0x0) r3 = socket(0x2b, 0x80801, 0x1) shutdown(r3, 0xfffffffffffffffd) write(r2, &(0x7f0000000040)="2600000022004701050007108980e8ff06006d20002b1f00c0e90101c7bb0000b00000000000", 0x26) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x10, &(0x7f0000000140)=ANY=[@ANYBLOB="186600000200000000000000ffffffff18121000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000018110000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000"], &(0x7f00000001c0)='GPL\x00', 0x6, 0x23, &(0x7f0000000200)=""/35, 0x40f00, 0x42, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f0000000240)={0x5, 0x5}, 0x8, 0x10, &(0x7f00000002c0)={0x3, 0x9, 0x8, 0xfffffffb}, 0x10, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000300)=[{0x2, 0x2, 0x3, 0x6}, {0x4, 0x5, 0x0, 0x4}, {0x2, 0x5, 0x6, 0xb}, {0x0, 0x1, 0xf, 0x3}], 0x10, 0x80000000, @void, @value}, 0x94) r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet_SIOCSIFDSTADDR(r5, 0x8918, &(0x7f00000002c0)={'veth0\x00', {0x2, 0x4e21, @private=0xa010101}}) r6 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000080)={0x5, 0x0, 0x1008, 0x5}, 0x7) write(r6, &(0x7f0000000300)="240000001a005f0214f9f4070d0903008100000000050000000000000800030001000000", 0x24) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='cq_poll\x00', r4, 0x0, 0x3}, 0x18) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000280)="1b874c43d045c96d33fb31820a837db86a0b05f2db5165475fccbfaddd4a594b1cd0482b3d1e01220b791a9c3c182d4eec87642be19d1db0e357f7eea9f688c6b1e83e05dc7e4a22eb2577e8ef3f051b629d0733fb949059b8011a34372f5a8f2ebaeee407292c166edb4149c188164c1b89d71dd65961a4fd7e0d005f417080cdf395e411bdb23900"/147, 0x93) socket$inet6_tcp(0xa, 0x1, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x0, 0x0, &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_inet_SIOCSIFFLAGS(r7, 0x89b0, 0x0) r8 = socket$inet6(0xa, 0x80003, 0xff) r9 = socket$inet6(0xa, 0x800, 0xff) setsockopt$inet6_int(r9, 0x29, 0x16, &(0x7f0000fcb000), 0x4) setsockopt$inet6_int(r8, 0x29, 0x16, &(0x7f0000fcb000), 0x4) close(r8) r10 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r10, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) write$bt_hci(r10, &(0x7f0000000180)=ANY=[], 0x8) socket$packet(0x11, 0x3, 0x300) 22.72658ms ago: executing program 34 (id=2827): r0 = socket$igmp(0x2, 0x3, 0x2) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="2400000001040102000000c9fd0000000000000008000340000100000500010001"], 0x24}}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c00000001040168b8000000000000000000040005000100"], 0x1c}}, 0x0) openat$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000080)='io.pressure\x00', 0x2, 0x0) close(r0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) readv(r4, &(0x7f00000002c0)=[{&(0x7f0000000000)=""/81, 0x51}, {0x0}], 0x2) bind$bt_hci(r4, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r4, &(0x7f0000000340)="23000000010007", 0x7) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket(0x1, 0x803, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001ac0)=@newlink={0x44, 0x10, 0x609, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x88a8ffa7}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r7}]}, 0x44}}, 0x0) sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)=@ipv4_getaddr={0x20, 0x16, 0x100, 0x70bd2b, 0x25dfdbfc, {0x2, 0x1, 0xa2, 0xff, r7}, [@IFA_TARGET_NETNSID={0x8}]}, 0x20}, 0x1, 0x0, 0x0, 0x4001}, 0x0) socket$xdp(0x2c, 0x3, 0x0) r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0xe, 0x8, &(0x7f0000000040)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r8}}]}, &(0x7f00000000c0)='syzkaller\x00', 0x4, 0xb9, &(0x7f0000000200)=""/185, 0x0, 0xc, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000b00)={'veth0\x00', &(0x7f0000000000)=@ethtool_link_settings={0x4c, 0x0, 0x0, 0x10, 0x0, 0x0, 0xfe, 0x8, 0x0, 0x8, [0x0, 0x10000000, 0x8, 0x0, 0x2, 0x1, 0xfffffffc], [0x10000, 0x1ff, 0x7, 0x7, 0x8, 0x6, 0x4, 0x7042]}}) 0s ago: executing program 35 (id=2831): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=@newsa={0x10c, 0x10, 0x281, 0x70bd27, 0x0, {{@in=@remote, @in6=@mcast1, 0x0, 0x400, 0x0, 0x401, 0x0, 0x0, 0x0, 0x3c, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x3c}, @in=@empty, {0x9, 0x2, 0x0, 0x6, 0x100}, {0x6}, {0x2, 0x1ff}, 0x0, 0x0, 0x2, 0x1, 0x0, 0x9c}, [@encap={0x1c, 0x4, {0x1, 0x4e21, 0x4e20, @in=@empty}}]}, 0x10c}}, 0x0) unshare(0x2040600) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0x80, 0x30, 0xb, 0x0, 0x0, {}, [{0x6c, 0x1, [@m_ct={0x68, 0x1, 0x0, 0x0, {{0x7}, {0x40, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}, @TCA_CT_LABELS={0x14, 0x7, "4614c334e344ae53204373dc0ddeb17f"}, @TCA_CT_ZONE={0x6, 0x8}, @TCA_CT_ZONE={0x6, 0x4, 0xd4c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x80}}, 0x0) bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={0xffffffffffffffff, 0x0, 0x20000000}, 0x20) bpf$MAP_DELETE_ELEM(0x15, &(0x7f0000000500)={0xffffffffffffffff, 0x0, 0x20000000}, 0x20) kernel console output (not intermixed with test programs): 80.060542][ T7409] kmem_cache_alloc_node_noprof+0x77/0x380 [ 80.060563][ T7409] ? __alloc_skb+0x1c3/0x440 [ 80.060581][ T7409] __alloc_skb+0x1c3/0x440 [ 80.060595][ T7409] ? __pfx___netlink_lookup+0x10/0x10 [ 80.060615][ T7409] ? __pfx___alloc_skb+0x10/0x10 [ 80.060631][ T7409] ? netlink_autobind+0xd6/0x2f0 [ 80.060648][ T7409] ? netlink_autobind+0x2b0/0x2f0 [ 80.060666][ T7409] netlink_sendmsg+0x638/0xcb0 [ 80.060687][ T7409] ? __pfx_netlink_sendmsg+0x10/0x10 [ 80.060704][ T7409] ? aa_sock_msg_perm+0x91/0x160 [ 80.060723][ T7409] ? __pfx_netlink_sendmsg+0x10/0x10 [ 80.060739][ T7409] __sock_sendmsg+0x221/0x270 [ 80.060759][ T7409] ____sys_sendmsg+0x52a/0x7e0 [ 80.060779][ T7409] ? __pfx_____sys_sendmsg+0x10/0x10 [ 80.060794][ T7409] ? __fget_files+0x2a/0x410 [ 80.060816][ T7409] ? __fget_files+0x2a/0x410 [ 80.060838][ T7409] __sys_sendmsg+0x269/0x350 [ 80.060854][ T7409] ? bpf_lsm_file_permission+0x9/0x10 [ 80.060871][ T7409] ? __pfx___sys_sendmsg+0x10/0x10 [ 80.060893][ T7409] ? do_sys_openat2+0x17a/0x1d0 [ 80.060924][ T7409] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 80.060945][ T7409] ? rcu_is_watching+0x15/0xb0 [ 80.060966][ T7409] ? rcu_is_watching+0x15/0xb0 [ 80.060987][ T7409] do_syscall_64+0xf3/0x230 [ 80.061002][ T7409] ? clear_bhb_loop+0x35/0x90 [ 80.061020][ T7409] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 80.061036][ T7409] RIP: 0033:0x7fbc7738cda9 [ 80.061050][ T7409] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 80.061062][ T7409] RSP: 002b:00007fbc78191038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 80.061079][ T7409] RAX: ffffffffffffffda RBX: 00007fbc775a5fa0 RCX: 00007fbc7738cda9 [ 80.061090][ T7409] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 80.061099][ T7409] RBP: 00007fbc78191090 R08: 0000000000000000 R09: 0000000000000000 [ 80.061108][ T7409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 80.061117][ T7409] R13: 0000000000000000 R14: 00007fbc775a5fa0 R15: 00007fff2ae40af8 [ 80.061132][ T7409] [ 80.329865][ T7411] syz.2.512: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 80.344557][ T7411] CPU: 1 UID: 0 PID: 7411 Comm: syz.2.512 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0 [ 80.344574][ T7411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 80.344582][ T7411] Call Trace: [ 80.344587][ T7411] [ 80.344592][ T7411] dump_stack_lvl+0x241/0x360 [ 80.344616][ T7411] ? __pfx_dump_stack_lvl+0x10/0x10 [ 80.344633][ T7411] ? __pfx__printk+0x10/0x10 [ 80.344651][ T7411] ? cpuset_print_current_mems_allowed+0x1f/0x350 [ 80.344671][ T7411] ? cpuset_print_current_mems_allowed+0x31e/0x350 [ 80.344690][ T7411] warn_alloc+0x278/0x410 [ 80.344704][ T7411] ? __vmalloc_node_range_noprof+0x106/0x1380 [ 80.344718][ T7411] ? __pfx_warn_alloc+0x10/0x10 [ 80.344732][ T7411] ? kasan_save_track+0x3f/0x80 [ 80.344745][ T7411] ? __kasan_kmalloc+0x98/0xb0 [ 80.344759][ T7411] ? xsk_setsockopt+0x4ea/0x950 [ 80.344773][ T7411] ? do_sock_setsockopt+0x3af/0x720 [ 80.344786][ T7411] ? __x64_sys_setsockopt+0x1ee/0x280 [ 80.344799][ T7411] ? do_syscall_64+0xf3/0x230 [ 80.344809][ T7411] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 80.344826][ T7411] __vmalloc_node_range_noprof+0x126/0x1380 [ 80.344850][ T7411] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 80.344866][ T7411] ? __kasan_kmalloc+0x98/0xb0 [ 80.344882][ T7411] vmalloc_user_noprof+0x74/0x80 [ 80.344895][ T7411] ? xskq_create+0xb6/0x170 [ 80.344909][ T7411] xskq_create+0xb6/0x170 [ 80.344924][ T7411] xsk_init_queue+0xa1/0x100 [ 80.344939][ T7411] xsk_setsockopt+0x4ea/0x950 [ 80.344954][ T7411] ? __pfx_xsk_setsockopt+0x10/0x10 [ 80.344967][ T7411] ? rcu_is_watching+0x15/0xb0 [ 80.344984][ T7411] ? __pfx_aa_sk_perm+0x10/0x10 [ 80.344996][ T7411] ? lock_release+0xbf/0xa30 [ 80.345011][ T7411] ? aa_sock_opt_perm+0x79/0x120 [ 80.345026][ T7411] ? __pfx_xsk_setsockopt+0x10/0x10 [ 80.345039][ T7411] do_sock_setsockopt+0x3af/0x720 [ 80.345054][ T7411] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 80.345070][ T7411] ? __fget_files+0x395/0x410 [ 80.345087][ T7411] ? __fget_files+0x2a/0x410 [ 80.345105][ T7411] __x64_sys_setsockopt+0x1ee/0x280 [ 80.345121][ T7411] do_syscall_64+0xf3/0x230 [ 80.345132][ T7411] ? clear_bhb_loop+0x35/0x90 [ 80.345146][ T7411] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 80.345159][ T7411] RIP: 0033:0x7fc7bbd8cda9 [ 80.345170][ T7411] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 80.345180][ T7411] RSP: 002b:00007fc7bcb3f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 80.345193][ T7411] RAX: ffffffffffffffda RBX: 00007fc7bbfa5fa0 RCX: 00007fc7bbd8cda9 [ 80.345203][ T7411] RDX: 0000000000000006 RSI: 000000000000011b RDI: 000000000000000c [ 80.345210][ T7411] RBP: 00007fc7bbe0e2a0 R08: 0000000000000004 R09: 0000000000000000 [ 80.345218][ T7411] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000000 [ 80.345226][ T7411] R13: 0000000000000000 R14: 00007fc7bbfa5fa0 R15: 00007ffdba9084a8 [ 80.345240][ T7411] [ 80.345247][ T7411] Mem-Info: [ 80.440966][ T7418] netlink: 12 bytes leftover after parsing attributes in process `syz.0.513'. [ 80.444724][ T7411] active_anon:5535 inactive_anon:0 isolated_anon:0 [ 80.444724][ T7411] active_file:1586 inactive_file:38303 isolated_file:0 [ 80.444724][ T7411] unevictable:768 dirty:736 writeback:0 [ 80.444724][ T7411] slab_reclaimable:9322 slab_unreclaimable:139584 [ 80.444724][ T7411] mapped:29751 shmem:1420 pagetables:709 [ 80.444724][ T7411] sec_pagetables:0 bounce:0 [ 80.444724][ T7411] kernel_misc_reclaimable:0 [ 80.444724][ T7411] free:1302480 free_pcp:440 free_cma:0 [ 80.519927][ T7428] netlink: 84 bytes leftover after parsing attributes in process `syz.3.515'. [ 80.521084][ T7411] Node 0 active_anon:22240kB inactive_anon:0kB active_file:6344kB inactive_file:153136kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:123004kB dirty:2940kB writeback:0kB shmem:4144kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10748kB pagetables:2836kB sec_pagetables:0kB all_unreclaimable? no [ 80.772400][ T7411] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 80.844879][ T7432] FAULT_INJECTION: forcing a failure. [ 80.844879][ T7432] name failslab, interval 1, probability 0, space 0, times 0 [ 80.858189][ T7411] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 80.876879][ T7432] CPU: 1 UID: 0 PID: 7432 Comm: syz.4.517 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0 [ 80.876902][ T7432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 80.876912][ T7432] Call Trace: [ 80.876918][ T7432] [ 80.876924][ T7432] dump_stack_lvl+0x241/0x360 [ 80.876950][ T7432] ? __pfx_dump_stack_lvl+0x10/0x10 [ 80.876970][ T7432] ? __pfx__printk+0x10/0x10 [ 80.876990][ T7432] ? __pfx___might_resched+0x10/0x10 [ 80.877010][ T7432] should_fail_ex+0x3b0/0x4e0 [ 80.877033][ T7432] should_failslab+0xac/0x100 [ 80.877055][ T7432] __kmalloc_noprof+0xdd/0x4c0 [ 80.877075][ T7432] ? taprio_init+0x2ff/0xc80 [ 80.877093][ T7432] taprio_init+0x2ff/0xc80 [ 80.877109][ T7432] ? ____sys_sendmsg+0x52a/0x7e0 [ 80.877125][ T7432] ? __sys_sendmsg+0x269/0x350 [ 80.877140][ T7432] ? do_syscall_64+0xf3/0x230 [ 80.877160][ T7432] ? __pfx_taprio_init+0x10/0x10 [ 80.877176][ T7432] ? qdisc_alloc+0x7dd/0xa80 [ 80.877194][ T7432] ? qdisc_lookup+0x350/0x6b0 [ 80.877213][ T7432] ? __pfx_taprio_init+0x10/0x10 [ 80.877228][ T7432] qdisc_create+0x9d4/0x11a0 [ 80.877248][ T7432] ? stack_trace_save+0x118/0x1d0 [ 80.877267][ T7432] ? __pfx_qdisc_create+0x10/0x10 [ 80.877288][ T7432] ? __nla_parse+0x40/0x60 [ 80.877306][ T7432] tc_modify_qdisc+0xbbb/0x1f10 [ 80.877332][ T7432] ? __pfx_tc_modify_qdisc+0x10/0x10 [ 80.877360][ T7432] ? security_capable+0x7e/0x2d0 [ 80.877377][ T7432] ? __pfx_tc_modify_qdisc+0x10/0x10 [ 80.877398][ T7432] rtnetlink_rcv_msg+0x73f/0xcf0 [ 80.877416][ T7432] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 80.877435][ T7432] ? lock_release+0xbf/0xa30 [ 80.877453][ T7432] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 80.877472][ T7432] ? __pfx_lock_acquire+0x10/0x10 [ 80.877489][ T7432] ? rcu_is_watching+0x15/0xb0 [ 80.877509][ T7432] ? lock_acquire+0xe3/0x550 [ 80.877530][ T7432] netlink_rcv_skb+0x1e3/0x430 [ 80.877547][ T7432] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 80.877566][ T7432] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 80.877589][ T7432] ? net_generic+0x1f/0x240 [ 80.877610][ T7432] ? netlink_deliver_tap+0x2e/0x1b0 [ 80.877627][ T7432] netlink_unicast+0x7f6/0x990 [ 80.877645][ T7432] ? __pfx_netlink_unicast+0x10/0x10 [ 80.877659][ T7432] ? __virt_addr_valid+0x45f/0x530 [ 80.877677][ T7432] ? __phys_addr_symbol+0x2f/0x70 [ 80.877695][ T7432] ? __check_object_size+0x47a/0x730 [ 80.877716][ T7432] netlink_sendmsg+0x8e4/0xcb0 [ 80.877737][ T7432] ? __pfx_netlink_sendmsg+0x10/0x10 [ 80.877755][ T7432] ? aa_sock_msg_perm+0x91/0x160 [ 80.877774][ T7432] ? __pfx_netlink_sendmsg+0x10/0x10 [ 80.877790][ T7432] __sock_sendmsg+0x221/0x270 [ 80.877810][ T7432] ____sys_sendmsg+0x52a/0x7e0 [ 80.877830][ T7432] ? __pfx_____sys_sendmsg+0x10/0x10 [ 80.877845][ T7432] ? __fget_files+0x2a/0x410 [ 80.877866][ T7432] ? __fget_files+0x2a/0x410 [ 80.877889][ T7432] __sys_sendmsg+0x269/0x350 [ 80.877907][ T7432] ? __pfx___sys_sendmsg+0x10/0x10 [ 80.877931][ T7432] ? __htab_map_lookup_elem+0x239/0x2a0 [ 80.877958][ T7432] ? __pfx_lock_release+0x10/0x10 [ 80.877980][ T7432] ? trace_sys_enter+0x74/0x120 [ 80.877998][ T7432] ? rcu_is_watching+0x15/0xb0 [ 80.878017][ T7432] ? trace_sys_enter+0x25/0x120 [ 80.878043][ T7432] do_syscall_64+0xf3/0x230 [ 80.878057][ T7432] ? clear_bhb_loop+0x35/0x90 [ 80.878075][ T7432] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 80.878090][ T7432] RIP: 0033:0x7f0c7e98cda9 [ 80.878104][ T7432] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 80.878116][ T7432] RSP: 002b:00007f0c7f8b1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 80.878133][ T7432] RAX: ffffffffffffffda RBX: 00007f0c7eba5fa0 RCX: 00007f0c7e98cda9 [ 80.878148][ T7432] RDX: 0000000000004000 RSI: 00000000200007c0 RDI: 0000000000000004 [ 80.878158][ T7432] RBP: 00007f0c7f8b1090 R08: 0000000000000000 R09: 0000000000000000 [ 80.878169][ T7432] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 80.878178][ T7432] R13: 0000000000000000 R14: 00007f0c7eba5fa0 R15: 00007fff0bb393d8 [ 80.878195][ T7432] [ 80.935232][ T7437] netlink: 16 bytes leftover after parsing attributes in process `syz.0.518'. [ 80.938011][ T7411] lowmem_reserve[]: [ 80.999714][ T7438] netlink: 24 bytes leftover after parsing attributes in process `syz.3.519'. [ 81.141834][ T7442] netlink: 'syz.0.521': attribute type 1 has an invalid length. [ 81.147059][ T7411] 0 2490 2491 0 0 [ 81.320458][ T7411] Node 0 DMA32 free:1287320kB boost:0kB min:34184kB low:42728kB high:51272kB reserved_highatomic:0KB active_anon:22204kB inactive_anon:0kB active_file:6344kB inactive_file:152564kB unevictable:1536kB writepending:2940kB present:3129332kB managed:2550704kB mlocked:0kB bounce:0kB free_pcp:1376kB local_pcp:544kB free_cma:0kB [ 81.351832][ T7411] lowmem_reserve[]: 0 0 0 0 0 [ 81.357164][ T7411] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:580kB unevictable:0kB writepending:0kB present:1048580kB managed:620kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 81.396238][ T7411] lowmem_reserve[]: 0 0 0 0 0 [ 81.400975][ T7411] Node 1 Normal free:3906644kB boost:0kB min:55708kB low:69632kB high:83556kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 81.429842][ T7450] nbd: must specify at least one socket [ 81.457129][ T7344] Set syz1 is full, maxelem 65536 reached [ 81.521983][ T7411] lowmem_reserve[]: 0 0 0 0 0 [ 81.546689][ T7411] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 81.576905][ T7411] Node 0 DMA32: 0*4kB 14*8kB (UME) 1*16kB (M) 1984*32kB (UME) 168*64kB (UME) 29*128kB (UME) 15*256kB (M) 11*512kB (UME) 6*1024kB (ME) 1*2048kB (M) 292*4096kB (M) = 1291776kB [ 81.609382][ T7411] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 81.638837][ T7411] Node 1 Normal: 219*4kB (UME) 53*8kB (UME) 40*16kB (UME) 188*32kB (UME) 99*64kB (UME) 29*128kB (UME) 16*256kB (UME) 9*512kB (UM) 5*1024kB (UME) 2*2048kB (UE) 945*4096kB (M) = 3906644kB [ 81.679931][ T7411] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 81.691514][ T7411] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 81.796107][ T7411] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 81.836903][ T7411] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 81.881054][ T7411] 41311 total pagecache pages [ 81.902587][ T7411] 0 pages in swap cache [ 81.906761][ T7411] Free swap = 124996kB [ 81.911000][ T7411] Total swap = 124996kB [ 81.915230][ T7411] 2097051 pages RAM [ 81.919046][ T7411] 0 pages HighMem/MovableOnly [ 81.935189][ T7468] FAULT_INJECTION: forcing a failure. [ 81.935189][ T7468] name failslab, interval 1, probability 0, space 0, times 0 [ 81.948546][ T7411] 427589 pages reserved [ 81.958736][ T7411] 0 pages cma reserved [ 81.987039][ T7468] CPU: 0 UID: 0 PID: 7468 Comm: syz.1.526 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0 [ 81.987061][ T7468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 81.987070][ T7468] Call Trace: [ 81.987076][ T7468] [ 81.987082][ T7468] dump_stack_lvl+0x241/0x360 [ 81.987108][ T7468] ? __pfx_dump_stack_lvl+0x10/0x10 [ 81.987129][ T7468] ? __pfx__printk+0x10/0x10 [ 81.987149][ T7468] ? __pfx___might_resched+0x10/0x10 [ 81.987165][ T7468] ? aa_get_newest_label+0xff/0x6f0 [ 81.987181][ T7468] ? stack_trace_save+0x118/0x1d0 [ 81.987197][ T7468] should_fail_ex+0x3b0/0x4e0 [ 81.987214][ T7468] should_failslab+0xac/0x100 [ 81.987235][ T7468] __kmalloc_noprof+0xdd/0x4c0 [ 81.987255][ T7468] ? genl_family_rcv_msg_attrs_parse+0xa3/0x290 [ 81.987275][ T7468] ? apparmor_capable+0x13b/0x1b0 [ 81.987296][ T7468] genl_family_rcv_msg_attrs_parse+0xa3/0x290 [ 81.987321][ T7468] genl_rcv_msg+0x802/0xec0 [ 81.987342][ T7468] ? __pfx_genl_rcv_msg+0x10/0x10 [ 81.987361][ T7468] ? stack_trace_save+0x118/0x1d0 [ 81.987376][ T7468] ? __pfx_stack_trace_save+0x10/0x10 [ 81.987393][ T7468] ? stack_depot_save_flags+0x37/0x940 [ 81.987410][ T7468] ? rcu_is_watching+0x15/0xb0 [ 81.987430][ T7468] ? lock_acquire+0xe3/0x550 [ 81.987450][ T7468] ? __pfx_lock_acquire+0x10/0x10 [ 81.987467][ T7468] ? __pfx_nl802154_pre_doit+0x10/0x10 [ 81.987486][ T7468] ? __pfx_nl802154_set_channel+0x10/0x10 [ 81.987503][ T7468] ? __pfx_nl802154_post_doit+0x10/0x10 [ 81.987523][ T7468] ? __pfx___might_resched+0x10/0x10 [ 81.987539][ T7468] ? rcu_is_watching+0x15/0xb0 [ 81.987559][ T7468] ? lock_acquire+0xe3/0x550 [ 81.987578][ T7468] netlink_rcv_skb+0x1e3/0x430 [ 81.987595][ T7468] ? __pfx_genl_rcv_msg+0x10/0x10 [ 81.987615][ T7468] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 81.987630][ T7468] ? lock_release+0xbf/0xa30 [ 81.987653][ T7468] ? __pfx___netlink_lookup+0x10/0x10 [ 81.987673][ T7468] ? net_generic+0x1f/0x240 [ 81.987694][ T7468] genl_rcv+0x28/0x40 [ 81.987711][ T7468] netlink_unicast+0x7f6/0x990 [ 81.987729][ T7468] ? __pfx_netlink_unicast+0x10/0x10 [ 81.987743][ T7468] ? __virt_addr_valid+0x45f/0x530 [ 81.987762][ T7468] ? __phys_addr_symbol+0x2f/0x70 [ 81.987781][ T7468] ? __check_object_size+0x47a/0x730 [ 81.987802][ T7468] netlink_sendmsg+0x8e4/0xcb0 [ 81.987824][ T7468] ? __pfx_netlink_sendmsg+0x10/0x10 [ 81.987842][ T7468] ? aa_sock_msg_perm+0x91/0x160 [ 81.987860][ T7468] ? __pfx_netlink_sendmsg+0x10/0x10 [ 81.987877][ T7468] __sock_sendmsg+0x221/0x270 [ 81.987899][ T7468] ____sys_sendmsg+0x52a/0x7e0 [ 81.987919][ T7468] ? __pfx_____sys_sendmsg+0x10/0x10 [ 81.987935][ T7468] ? __fget_files+0x2a/0x410 [ 81.987965][ T7468] ? __fget_files+0x2a/0x410 [ 81.987989][ T7468] __sys_sendmsg+0x269/0x350 [ 81.988005][ T7468] ? bpf_lsm_file_permission+0x9/0x10 [ 81.988021][ T7468] ? __pfx___sys_sendmsg+0x10/0x10 [ 81.988042][ T7468] ? do_sys_openat2+0x17a/0x1d0 [ 81.988075][ T7468] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 81.988095][ T7468] ? rcu_is_watching+0x15/0xb0 [ 81.988117][ T7468] ? rcu_is_watching+0x15/0xb0 [ 81.988138][ T7468] do_syscall_64+0xf3/0x230 [ 81.988157][ T7468] ? clear_bhb_loop+0x35/0x90 [ 81.988175][ T7468] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.988190][ T7468] RIP: 0033:0x7fea9798cda9 [ 81.988204][ T7468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 81.988217][ T7468] RSP: 002b:00007fea987aa038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 81.988234][ T7468] RAX: ffffffffffffffda RBX: 00007fea97ba5fa0 RCX: 00007fea9798cda9 [ 81.988245][ T7468] RDX: 000000000000c004 RSI: 0000000020000640 RDI: 0000000000000004 [ 81.988256][ T7468] RBP: 00007fea987aa090 R08: 0000000000000000 R09: 0000000000000000 [ 81.988265][ T7468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 81.988274][ T7468] R13: 0000000000000000 R14: 00007fea97ba5fa0 R15: 00007fffde140118 [ 81.988290][ T7468] [ 82.649409][ T7497] FAULT_INJECTION: forcing a failure. [ 82.649409][ T7497] name failslab, interval 1, probability 0, space 0, times 0 [ 82.670850][ T7501] xt_CT: You must specify a L4 protocol and not use inversions on it [ 82.680137][ T7502] FAULT_INJECTION: forcing a failure. [ 82.680137][ T7502] name failslab, interval 1, probability 0, space 0, times 0 [ 82.696567][ T7497] CPU: 0 UID: 0 PID: 7497 Comm: syz.4.535 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0 [ 82.696589][ T7497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 82.696599][ T7497] Call Trace: [ 82.696605][ T7497] [ 82.696611][ T7497] dump_stack_lvl+0x241/0x360 [ 82.696638][ T7497] ? __pfx_dump_stack_lvl+0x10/0x10 [ 82.696660][ T7497] ? __pfx__printk+0x10/0x10 [ 82.696681][ T7497] ? __pfx___might_resched+0x10/0x10 [ 82.696701][ T7497] should_fail_ex+0x3b0/0x4e0 [ 82.696719][ T7497] should_failslab+0xac/0x100 [ 82.696742][ T7497] kmem_cache_alloc_node_noprof+0x77/0x380 [ 82.696764][ T7497] ? __alloc_skb+0x1c3/0x440 [ 82.696782][ T7497] __alloc_skb+0x1c3/0x440 [ 82.696798][ T7497] ? __pfx___netlink_lookup+0x10/0x10 [ 82.696819][ T7497] ? __pfx___alloc_skb+0x10/0x10 [ 82.696835][ T7497] ? netlink_autobind+0xd6/0x2f0 [ 82.696852][ T7497] ? netlink_autobind+0x2b0/0x2f0 [ 82.696872][ T7497] netlink_sendmsg+0x638/0xcb0 [ 82.696895][ T7497] ? __pfx_netlink_sendmsg+0x10/0x10 [ 82.696924][ T7497] ? aa_sock_msg_perm+0x91/0x160 [ 82.696944][ T7497] ? __pfx_netlink_sendmsg+0x10/0x10 [ 82.696961][ T7497] __sock_sendmsg+0x221/0x270 [ 82.696983][ T7497] ____sys_sendmsg+0x52a/0x7e0 [ 82.697005][ T7497] ? __pfx_____sys_sendmsg+0x10/0x10 [ 82.697022][ T7497] ? __fget_files+0x2a/0x410 [ 82.697044][ T7497] ? __fget_files+0x2a/0x410 [ 82.697068][ T7497] __sys_sendmsg+0x269/0x350 [ 82.697085][ T7497] ? bpf_lsm_file_permission+0x9/0x10 [ 82.697103][ T7497] ? __pfx___sys_sendmsg+0x10/0x10 [ 82.697125][ T7497] ? do_sys_openat2+0x17a/0x1d0 [ 82.697156][ T7497] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 82.697177][ T7497] ? rcu_is_watching+0x15/0xb0 [ 82.697200][ T7497] ? rcu_is_watching+0x15/0xb0 [ 82.697223][ T7497] do_syscall_64+0xf3/0x230 [ 82.697238][ T7497] ? clear_bhb_loop+0x35/0x90 [ 82.697257][ T7497] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.697272][ T7497] RIP: 0033:0x7f0c7e98cda9 [ 82.697285][ T7497] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 82.697299][ T7497] RSP: 002b:00007f0c7f8b1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 82.697318][ T7497] RAX: ffffffffffffffda RBX: 00007f0c7eba5fa0 RCX: 00007f0c7e98cda9 [ 82.697330][ T7497] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 82.697340][ T7497] RBP: 00007f0c7f8b1090 R08: 0000000000000000 R09: 0000000000000000 [ 82.697351][ T7497] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 82.697361][ T7497] R13: 0000000000000000 R14: 00007f0c7eba5fa0 R15: 00007fff0bb393d8 [ 82.697379][ T7497] [ 82.697526][ T7502] CPU: 0 UID: 0 PID: 7502 Comm: syz.1.538 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0 [ 82.697546][ T7502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 82.697555][ T7502] Call Trace: [ 82.697561][ T7502] [ 82.697567][ T7502] dump_stack_lvl+0x241/0x360 [ 82.697592][ T7502] ? __pfx_dump_stack_lvl+0x10/0x10 [ 82.697614][ T7502] ? __pfx__printk+0x10/0x10 [ 82.697633][ T7502] ? trace_kmem_cache_alloc+0x1f/0xc0 [ 82.697657][ T7502] ? __build_skb_around+0x245/0x3d0 [ 82.697676][ T7502] should_fail_ex+0x3b0/0x4e0 [ 82.697694][ T7502] should_failslab+0xac/0x100 [ 82.697715][ T7502] ? _sctp_make_chunk+0x161/0x460 [ 82.697734][ T7502] kmem_cache_alloc_noprof+0x70/0x380 [ 82.697758][ T7502] _sctp_make_chunk+0x161/0x460 [ 82.697779][ T7502] sctp_make_init+0x603/0x2840 [ 82.697798][ T7502] ? perf_trace_itimer_state+0x43f/0x510 [ 82.697821][ T7502] ? kernel_text_address+0xa7/0xe0 [ 82.697848][ T7502] ? __pfx_sctp_make_init+0x10/0x10 [ 82.697869][ T7502] ? stack_trace_save+0x118/0x1d0 [ 82.697886][ T7502] sctp_sf_do_prm_asoc+0xd2/0x3f0 [ 82.697910][ T7502] ? __pfx_sctp_pname+0x10/0x10 [ 82.697927][ T7502] sctp_do_sm+0x1f1/0x60c0 [ 82.697944][ T7502] ? lock_acquire+0xe3/0x550 [ 82.697965][ T7502] ? kasan_save_track+0x51/0x80 [ 82.697983][ T7502] ? __kasan_kmalloc+0x98/0xb0 [ 82.698001][ T7502] ? sctp_stream_init_ext+0x56/0x180 [ 82.698017][ T7502] ? sctp_sendmsg_to_asoc+0x12fd/0x1800 [ 82.698038][ T7502] ? __sock_sendmsg+0x1a6/0x270 [ 82.698058][ T7502] ? ____sys_sendmsg+0x52a/0x7e0 [ 82.698074][ T7502] ? __sys_sendmmsg+0x36a/0x720 [ 82.698090][ T7502] ? __x64_sys_sendmmsg+0xa0/0xb0 [ 82.698108][ T7502] ? do_syscall_64+0xf3/0x230 [ 82.698122][ T7502] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.698140][ T7502] ? __pfx_sctp_do_sm+0x10/0x10 [ 82.698174][ T7502] ? __sk_mem_raise_allocated+0xa5f/0x1140 [ 82.698199][ T7502] sctp_primitive_ASSOCIATE+0x95/0xc0 [ 82.698222][ T7502] sctp_sendmsg_to_asoc+0xfa5/0x1800 [ 82.698247][ T7502] ? __asan_memcpy+0x40/0x70 [ 82.698263][ T7502] ? sctp_assoc_add_peer+0xe3c/0x15c0 [ 82.698291][ T7502] ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10 [ 82.698312][ T7502] ? sctp_connect_new_asoc+0x3fe/0x6c0 [ 82.698335][ T7502] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 82.698356][ T7502] ? sctp_sendmsg+0xbb9/0x3520 [ 82.698379][ T7502] ? sctp_endpoint_lookup_assoc+0xc9/0x250 [ 82.698401][ T7502] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 82.698426][ T7502] sctp_sendmsg+0x1bc3/0x3520 [ 82.698454][ T7502] ? aa_sk_perm+0x96d/0xab0 [ 82.698468][ T7502] ? __pfx_sctp_sendmsg+0x10/0x10 [ 82.698492][ T7502] ? __pfx_aa_sk_perm+0x10/0x10 [ 82.698509][ T7502] ? inet_sendmsg+0x330/0x390 [ 82.698529][ T7502] __sock_sendmsg+0x1a6/0x270 [ 82.698551][ T7502] ____sys_sendmsg+0x52a/0x7e0 [ 82.698571][ T7502] ? __pfx_____sys_sendmsg+0x10/0x10 [ 82.698588][ T7502] ? __fget_files+0x2a/0x410 [ 82.698611][ T7502] ? __fget_files+0x2a/0x410 [ 82.698635][ T7502] __sys_sendmmsg+0x36a/0x720 [ 82.698652][ T7502] ? __pfx___might_resched+0x10/0x10 [ 82.698674][ T7502] ? __pfx___sys_sendmmsg+0x10/0x10 [ 82.698690][ T7502] ? rcu_is_watching+0x15/0xb0 [ 82.698717][ T7502] ? __pfx_lock_release+0x10/0x10 [ 82.698735][ T7502] ? kstrtouint_from_user+0x128/0x190 [ 82.698759][ T7502] ? rcu_is_watching+0x15/0xb0 [ 82.698779][ T7502] ? lock_release+0xbf/0xa30 [ 82.698797][ T7502] ? __pfx_lock_release+0x10/0x10 [ 82.698816][ T7502] ? proc_fail_nth_write+0x24f/0x2d0 [ 82.698835][ T7502] ? common_file_perm+0x1a6/0x210 [ 82.698852][ T7502] ? __pfx_lock_release+0x10/0x10 [ 82.698871][ T7502] ? bpf_lsm_file_permission+0x9/0x10 [ 82.698886][ T7502] ? preempt_count_add+0x93/0x190 [ 82.698908][ T7502] ? sb_end_write+0xe9/0x1c0 [ 82.698928][ T7502] ? vfs_write+0x730/0xd30 [ 82.698945][ T7502] ? __mutex_unlock_slowpath+0x227/0x800 [ 82.698979][ T7502] ? ksys_write+0x251/0x2b0 [ 82.698995][ T7502] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 82.699014][ T7502] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 82.699034][ T7502] ? rcu_is_watching+0x15/0xb0 [ 82.699057][ T7502] __x64_sys_sendmmsg+0xa0/0xb0 [ 82.699076][ T7502] do_syscall_64+0xf3/0x230 [ 82.699090][ T7502] ? clear_bhb_loop+0x35/0x90 [ 82.699108][ T7502] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.699124][ T7502] RIP: 0033:0x7fea9798cda9 [ 82.699137][ T7502] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 82.699150][ T7502] RSP: 002b:00007fea987aa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 82.699166][ T7502] RAX: ffffffffffffffda RBX: 00007fea97ba5fa0 RCX: 00007fea9798cda9 [ 82.699177][ T7502] RDX: 0000000000000001 RSI: 0000000020003f40 RDI: 0000000000000004 [ 82.699186][ T7502] RBP: 00007fea987aa090 R08: 0000000000000000 R09: 0000000000000000 [ 82.699197][ T7502] R10: 00000000200000d0 R11: 0000000000000246 R12: 0000000000000002 [ 82.699207][ T7502] R13: 0000000000000000 R14: 00007fea97ba5fa0 R15: 00007fffde140118 [ 82.699225][ T7502] [ 83.580690][ T29] audit: type=1804 audit(1738187083.023:8): pid=7517 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.544" name="/newroot/108/cgroup.controllers" dev="tmpfs" ino=574 res=1 errno=0 [ 83.603085][ T29] audit: type=1800 audit(1738187083.023:9): pid=7517 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.544" name="cgroup.controllers" dev="tmpfs" ino=574 res=0 errno=0 [ 83.685486][ T7528] openvswitch: netlink: Missing key (keys=40, expected=80) [ 83.939088][ T7547] FAULT_INJECTION: forcing a failure. [ 83.939088][ T7547] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 83.972454][ T7547] CPU: 0 UID: 0 PID: 7547 Comm: syz.3.556 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0 [ 83.972479][ T7547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 83.972489][ T7547] Call Trace: [ 83.972495][ T7547] [ 83.972501][ T7547] dump_stack_lvl+0x241/0x360 [ 83.972527][ T7547] ? __pfx_dump_stack_lvl+0x10/0x10 [ 83.972547][ T7547] ? __pfx__printk+0x10/0x10 [ 83.972564][ T7547] ? lock_acquire+0xe3/0x550 [ 83.972582][ T7547] ? __pfx_lock_release+0x10/0x10 [ 83.972599][ T7547] ? aa_file_perm+0x137/0xf50 [ 83.972615][ T7547] ? aa_file_perm+0x3ef/0xf50 [ 83.972632][ T7547] should_fail_ex+0x3b0/0x4e0 [ 83.972649][ T7547] _copy_from_user+0x2d/0xb0 [ 83.972670][ T7547] kstrtouint_from_user+0xc6/0x190 [ 83.972688][ T7547] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 83.972706][ T7547] ? __pfx_lock_acquire+0x10/0x10 [ 83.972723][ T7547] ? __pfx___might_resched+0x10/0x10 [ 83.972743][ T7547] proc_fail_nth_write+0xaa/0x2d0 [ 83.972762][ T7547] ? common_file_perm+0x1a6/0x210 [ 83.972778][ T7547] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 83.972796][ T7547] ? bpf_lsm_file_permission+0x9/0x10 [ 83.972811][ T7547] ? preempt_count_add+0x93/0x190 [ 83.972826][ T7547] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 83.972844][ T7547] vfs_write+0x2a3/0xd30 [ 83.972860][ T7547] ? fdget_pos+0x254/0x320 [ 83.972881][ T7547] ? __mutex_unlock_slowpath+0x227/0x800 [ 83.972914][ T7547] ? __pfx_vfs_write+0x10/0x10 [ 83.972928][ T7547] ? do_sys_openat2+0x17a/0x1d0 [ 83.972949][ T7547] ? __fget_files+0x2a/0x410 [ 83.972968][ T7547] ? __fget_files+0x395/0x410 [ 83.972988][ T7547] ? __fget_files+0x2a/0x410 [ 83.973011][ T7547] ksys_write+0x18f/0x2b0 [ 83.973027][ T7547] ? __pfx_ksys_write+0x10/0x10 [ 83.973042][ T7547] ? rcu_is_watching+0x15/0xb0 [ 83.973064][ T7547] ? rcu_is_watching+0x15/0xb0 [ 83.973085][ T7547] do_syscall_64+0xf3/0x230 [ 83.973100][ T7547] ? clear_bhb_loop+0x35/0x90 [ 83.973118][ T7547] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 83.973133][ T7547] RIP: 0033:0x7fbc7738b85f [ 83.973146][ T7547] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 83.973159][ T7547] RSP: 002b:00007fbc78191030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 83.973176][ T7547] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fbc7738b85f [ 83.973187][ T7547] RDX: 0000000000000001 RSI: 00007fbc781910a0 RDI: 0000000000000006 [ 83.973197][ T7547] RBP: 00007fbc78191090 R08: 0000000000000000 R09: 0000000000000000 [ 83.973206][ T7547] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 83.973216][ T7547] R13: 0000000000000000 R14: 00007fbc775a5fa0 R15: 00007fff2ae40af8 [ 83.973234][ T7547] [ 84.363608][ T7564] __nla_validate_parse: 17 callbacks suppressed [ 84.363649][ T7564] netlink: 40 bytes leftover after parsing attributes in process `syz.2.562'. [ 84.383422][ T7565] netlink: 28 bytes leftover after parsing attributes in process `syz.3.561'. [ 84.402473][ T7565] netlink: 8 bytes leftover after parsing attributes in process `syz.3.561'. [ 84.536234][ T7569] netlink: 16 bytes leftover after parsing attributes in process `syz.2.563'. [ 84.633242][ T7571] netlink: 'syz.0.566': attribute type 1 has an invalid length. [ 84.645334][ T7578] netlink: 'syz.1.568': attribute type 3 has an invalid length. [ 84.664670][ T7571] netlink: 4 bytes leftover after parsing attributes in process `syz.0.566'. [ 84.796497][ T7589] openvswitch: netlink: Invalid VLAN frame [ 84.809466][ T7596] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 84.827684][ T7599] netlink: 40 bytes leftover after parsing attributes in process `syz.0.573'. [ 84.863901][ T7589] syzkaller1: entered promiscuous mode [ 84.875346][ T7589] syzkaller1: entered allmulticast mode [ 84.900902][ T7582] lo speed is unknown, defaulting to 1000 [ 84.907432][ T7582] lo speed is unknown, defaulting to 1000 [ 84.913995][ T7582] lo speed is unknown, defaulting to 1000 [ 84.921773][ T7582] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 84.933835][ T7582] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 84.952585][ T7582] lo speed is unknown, defaulting to 1000 [ 84.963352][ T7609] netlink: 20 bytes leftover after parsing attributes in process `syz.0.576'. [ 84.971632][ T7582] lo speed is unknown, defaulting to 1000 [ 84.973344][ T7609] syz_tun: entered allmulticast mode [ 84.983426][ T7582] lo speed is unknown, defaulting to 1000 [ 84.990481][ T7582] lo speed is unknown, defaulting to 1000 [ 85.010377][ T7582] lo speed is unknown, defaulting to 1000 [ 85.020593][ T7582] lo speed is unknown, defaulting to 1000 [ 85.078943][ T7616] netlink: 48 bytes leftover after parsing attributes in process `syz.1.578'. [ 85.111376][ T7609] netlink: 12 bytes leftover after parsing attributes in process `syz.0.576'. [ 85.158772][ T7626] netlink: 16 bytes leftover after parsing attributes in process `syz.0.579'. [ 85.169646][ T7573] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 85.251124][ T7635] netlink: 'syz.3.584': attribute type 1 has an invalid length. [ 85.423432][ T7655] FAULT_INJECTION: forcing a failure. [ 85.423432][ T7655] name failslab, interval 1, probability 0, space 0, times 0 [ 85.436228][ T7655] CPU: 1 UID: 0 PID: 7655 Comm: syz.0.590 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0 [ 85.436248][ T7655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 85.436256][ T7655] Call Trace: [ 85.436261][ T7655] [ 85.436267][ T7655] dump_stack_lvl+0x241/0x360 [ 85.436289][ T7655] ? __pfx_dump_stack_lvl+0x10/0x10 [ 85.436305][ T7655] ? __pfx__printk+0x10/0x10 [ 85.436322][ T7655] ? __pfx___might_resched+0x10/0x10 [ 85.436337][ T7655] should_fail_ex+0x3b0/0x4e0 [ 85.436351][ T7655] should_failslab+0xac/0x100 [ 85.436369][ T7655] kmem_cache_alloc_node_noprof+0x77/0x380 [ 85.436386][ T7655] ? __alloc_skb+0x1c3/0x440 [ 85.436401][ T7655] __alloc_skb+0x1c3/0x440 [ 85.436412][ T7655] ? stack_depot_save_flags+0x37/0x940 [ 85.436426][ T7655] ? __pfx___alloc_skb+0x10/0x10 [ 85.436439][ T7655] ? netlink_ack_tlv_len+0x6e/0x200 [ 85.436453][ T7655] netlink_ack+0x145/0xa50 [ 85.436465][ T7655] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 85.436482][ T7655] ? __pfx_nl80211_post_doit+0x10/0x10 [ 85.436498][ T7655] ? __pfx___might_resched+0x10/0x10 [ 85.436511][ T7655] ? rcu_is_watching+0x15/0xb0 [ 85.436530][ T7655] netlink_rcv_skb+0x262/0x430 [ 85.436543][ T7655] ? __pfx_genl_rcv_msg+0x10/0x10 [ 85.436559][ T7655] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 85.436571][ T7655] ? lock_release+0xbf/0xa30 [ 85.436590][ T7655] ? __pfx___netlink_lookup+0x10/0x10 [ 85.436605][ T7655] ? net_generic+0x1f/0x240 [ 85.436624][ T7655] genl_rcv+0x28/0x40 [ 85.436638][ T7655] netlink_unicast+0x7f6/0x990 [ 85.436652][ T7655] ? __pfx_netlink_unicast+0x10/0x10 [ 85.436662][ T7655] ? __virt_addr_valid+0x45f/0x530 [ 85.436677][ T7655] ? __phys_addr_symbol+0x2f/0x70 [ 85.436692][ T7655] ? __check_object_size+0x47a/0x730 [ 85.436716][ T7655] netlink_sendmsg+0x8e4/0xcb0 [ 85.436737][ T7655] ? __pfx_netlink_sendmsg+0x10/0x10 [ 85.436752][ T7655] ? aa_sock_msg_perm+0x91/0x160 [ 85.436767][ T7655] ? __pfx_netlink_sendmsg+0x10/0x10 [ 85.436780][ T7655] __sock_sendmsg+0x221/0x270 [ 85.436797][ T7655] ____sys_sendmsg+0x52a/0x7e0 [ 85.436813][ T7655] ? __pfx_____sys_sendmsg+0x10/0x10 [ 85.436826][ T7655] ? __fget_files+0x2a/0x410 [ 85.436843][ T7655] ? __fget_files+0x2a/0x410 [ 85.436861][ T7655] __sys_sendmsg+0x269/0x350 [ 85.436873][ T7655] ? bpf_lsm_file_permission+0x9/0x10 [ 85.436886][ T7655] ? __pfx___sys_sendmsg+0x10/0x10 [ 85.436903][ T7655] ? do_sys_openat2+0x17a/0x1d0 [ 85.436928][ T7655] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 85.436943][ T7655] ? rcu_is_watching+0x15/0xb0 [ 85.436960][ T7655] ? rcu_is_watching+0x15/0xb0 [ 85.436978][ T7655] do_syscall_64+0xf3/0x230 [ 85.436990][ T7655] ? clear_bhb_loop+0x35/0x90 [ 85.437004][ T7655] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.437017][ T7655] RIP: 0033:0x7f01a538cda9 [ 85.437028][ T7655] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 85.437039][ T7655] RSP: 002b:00007f01a61f3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 85.437053][ T7655] RAX: ffffffffffffffda RBX: 00007f01a55a5fa0 RCX: 00007f01a538cda9 [ 85.437062][ T7655] RDX: 0000000000040000 RSI: 0000000020002040 RDI: 0000000000000003 [ 85.437070][ T7655] RBP: 00007f01a61f3090 R08: 0000000000000000 R09: 0000000000000000 [ 85.437078][ T7655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 85.437085][ T7655] R13: 0000000000000000 R14: 00007f01a55a5fa0 R15: 00007ffecc1e2ba8 [ 85.437099][ T7655] [ 85.865857][ T7665] lo speed is unknown, defaulting to 1000 [ 85.986663][ T9] hid-generic 0005:7FFF:0008.000B: unknown main item tag 0x0 [ 85.994583][ T7683] netlink: 'syz.1.600': attribute type 1 has an invalid length. [ 86.002387][ T9] hid-generic 0005:7FFF:0008.000B: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 86.328711][ T5858] hid-generic 0005:7FFF:0008.000C: unknown main item tag 0x0 [ 86.331533][ T7727] No such timeout policy "syz1" [ 86.341432][ T5858] hid-generic 0005:7FFF:0008.000C: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 86.492785][ T7738] tipc: Started in network mode [ 86.497780][ T7738] tipc: Node identity 96f1f082786b, cluster identity 4711 [ 86.505178][ T7738] tipc: Enabled bearer , priority 0 [ 86.568429][ T7738] syzkaller0: entered promiscuous mode [ 86.575561][ T7738] syzkaller0: entered allmulticast mode [ 86.583692][ T7738] tipc: Resetting bearer [ 86.594438][ T7742] netlink: 'syz.1.622': attribute type 1 has an invalid length. [ 86.690850][ T7737] tipc: Resetting bearer [ 86.730226][ T7737] tipc: Disabling bearer [ 86.772221][ T9] hid-generic 0005:7FFF:0008.000D: unknown main item tag 0x0 [ 86.791545][ T9] hid-generic 0005:7FFF:0008.000D: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 86.803737][ T7765] tipc: Started in network mode [ 86.810696][ T7765] tipc: Node identity b67c783d0d33, cluster identity 4711 [ 86.818475][ T7765] tipc: Enabled bearer , priority 0 [ 86.866548][ T7765] syzkaller0: entered promiscuous mode [ 86.872072][ T7765] syzkaller0: entered allmulticast mode [ 86.878159][ T7765] tipc: Resetting bearer [ 86.888270][ T7765] FAULT_INJECTION: forcing a failure. [ 86.888270][ T7765] name failslab, interval 1, probability 0, space 0, times 0 [ 86.903932][ T7765] CPU: 1 UID: 0 PID: 7765 Comm: syz.0.631 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0 [ 86.903954][ T7765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 86.903963][ T7765] Call Trace: [ 86.903969][ T7765] [ 86.903976][ T7765] dump_stack_lvl+0x241/0x360 [ 86.904002][ T7765] ? __pfx_dump_stack_lvl+0x10/0x10 [ 86.904022][ T7765] ? __pfx__printk+0x10/0x10 [ 86.904043][ T7765] ? __pfx___might_resched+0x10/0x10 [ 86.904062][ T7765] should_fail_ex+0x3b0/0x4e0 [ 86.904080][ T7765] should_failslab+0xac/0x100 [ 86.904101][ T7765] __kmalloc_noprof+0xdd/0x4c0 [ 86.904120][ T7765] ? kstrtouint_from_user+0x128/0x190 [ 86.904136][ T7765] ? tomoyo_realpath_from_path+0xcf/0x5e0 [ 86.904157][ T7765] tomoyo_realpath_from_path+0xcf/0x5e0 [ 86.904179][ T7765] tomoyo_path_number_perm+0x236/0x860 [ 86.904196][ T7765] ? proc_fail_nth_write+0x24f/0x2d0 [ 86.904215][ T7765] ? common_file_perm+0x1a6/0x210 [ 86.904230][ T7765] ? tomoyo_path_number_perm+0x206/0x860 [ 86.904244][ T7765] ? __pfx_lock_release+0x10/0x10 [ 86.904262][ T7765] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 86.904283][ T7765] ? preempt_count_add+0x93/0x190 [ 86.904313][ T7765] ? fput+0x21b/0x290 [ 86.904332][ T7765] ? __fget_files+0x2a/0x410 [ 86.904357][ T7765] ? __fget_files+0x2a/0x410 [ 86.904377][ T7765] security_file_ioctl+0xc6/0x2a0 [ 86.904400][ T7765] __se_sys_ioctl+0x46/0x170 [ 86.904417][ T7765] do_syscall_64+0xf3/0x230 [ 86.904432][ T7765] ? clear_bhb_loop+0x35/0x90 [ 86.904450][ T7765] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.904466][ T7765] RIP: 0033:0x7f01a538cda9 [ 86.904479][ T7765] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 86.904492][ T7765] RSP: 002b:00007f01a61f3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 86.904509][ T7765] RAX: ffffffffffffffda RBX: 00007f01a55a5fa0 RCX: 00007f01a538cda9 [ 86.904520][ T7765] RDX: 0000000020000080 RSI: 000000000000890b RDI: 0000000000000006 [ 86.904530][ T7765] RBP: 00007f01a61f3090 R08: 0000000000000000 R09: 0000000000000000 [ 86.904539][ T7765] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 86.904549][ T7765] R13: 0000000000000000 R14: 00007f01a55a5fa0 R15: 00007ffecc1e2ba8 [ 86.904565][ T7765] [ 86.904665][ T7765] ERROR: Out of memory at tomoyo_realpath_from_path. [ 87.143143][ T7764] tipc: Resetting bearer [ 87.222762][ T7764] tipc: Disabling bearer [ 87.370941][ T29] audit: type=1107 audit(1738187086.813:10): pid=7796 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='Þ‰6»?bŽÇWV*MöÜÊû~±þMÖ°Þü›òÙ| ȭɨ(\B¢3†ùÂ`7(s '„7øû+OËv_kH]Úá‚— çe±3Ë`7x*I˜¥d{§[¸et>n5rÜÿ’ôs„£ˆïÛ4rø—Ñw·äÝ^ß.vfç_zhFækB§#»Õ÷C?`b;m°çû0Òt=ÑH*uû.7D­Är?ý?CŠ°ÑNƵÿzoàÄýç6ú4¤Í²-í|ý¾Rà†Þ¸kVw«êßÿŒÌf=`sg±§Ü¿ÜfözL.©lܪZ†€|`pÛýÐK ' [ 87.461232][ T7795] tipc: Started in network mode [ 87.468427][ T7795] tipc: Node identity da2ec567c249, cluster identity 4711 [ 87.475684][ T7795] tipc: Enabled bearer , priority 0 [ 87.517934][ T7794] tipc: Disabling bearer [ 87.859422][ T7814] xt_AUDIT: Audit type out of range (valid range: 0..2) [ 87.912418][ T29] audit: type=1800 audit(1738187087.353:11): pid=7824 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.651" name="memory.events" dev="tmpfs" ino=689 res=0 errno=0 [ 88.318066][ T46] hid-generic 0005:7FFF:0008.000E: unknown main item tag 0x0 [ 88.326904][ T46] hid-generic 0005:7FFF:0008.000E: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 88.422055][ T7855] netlink: 'syz.4.662': attribute type 1 has an invalid length. [ 88.632796][ T29] audit: type=1800 audit(1738187088.083:12): pid=7868 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.666" name="memory.events" dev="tmpfs" ino=732 res=0 errno=0 [ 88.681079][ T7886] FAULT_INJECTION: forcing a failure. [ 88.681079][ T7886] name failslab, interval 1, probability 0, space 0, times 0 [ 88.735411][ T7886] CPU: 1 UID: 0 PID: 7886 Comm: syz.1.674 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0 [ 88.735434][ T7886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 88.735446][ T7886] Call Trace: [ 88.735452][ T7886] [ 88.735458][ T7886] dump_stack_lvl+0x241/0x360 [ 88.735486][ T7886] ? __pfx_dump_stack_lvl+0x10/0x10 [ 88.735506][ T7886] ? __pfx__printk+0x10/0x10 [ 88.735528][ T7886] ? __pfx___might_resched+0x10/0x10 [ 88.735545][ T7886] ? aa_get_newest_label+0xff/0x6f0 [ 88.735562][ T7886] ? stack_trace_save+0x118/0x1d0 [ 88.735580][ T7886] should_fail_ex+0x3b0/0x4e0 [ 88.735597][ T7886] should_failslab+0xac/0x100 [ 88.735619][ T7886] __kmalloc_noprof+0xdd/0x4c0 [ 88.735641][ T7886] ? genl_family_rcv_msg_attrs_parse+0xa3/0x290 [ 88.735663][ T7886] ? apparmor_capable+0x13b/0x1b0 [ 88.735684][ T7886] genl_family_rcv_msg_attrs_parse+0xa3/0x290 [ 88.735708][ T7886] genl_rcv_msg+0x802/0xec0 [ 88.735732][ T7886] ? __pfx_genl_rcv_msg+0x10/0x10 [ 88.735758][ T7886] ? stack_trace_save+0x118/0x1d0 [ 88.735775][ T7886] ? __pfx_stack_trace_save+0x10/0x10 [ 88.735792][ T7886] ? stack_depot_save_flags+0x37/0x940 [ 88.735809][ T7886] ? rcu_is_watching+0x15/0xb0 [ 88.735831][ T7886] ? lock_acquire+0xe3/0x550 [ 88.735852][ T7886] ? __pfx_lock_acquire+0x10/0x10 [ 88.735869][ T7886] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 88.735890][ T7886] ? __pfx_nl80211_connect+0x10/0x10 [ 88.735910][ T7886] ? __pfx_nl80211_post_doit+0x10/0x10 [ 88.735931][ T7886] ? __pfx___might_resched+0x10/0x10 [ 88.735946][ T7886] ? rcu_is_watching+0x15/0xb0 [ 88.735971][ T7886] ? lock_acquire+0xe3/0x550 [ 88.735992][ T7886] netlink_rcv_skb+0x1e3/0x430 [ 88.736010][ T7886] ? __pfx_genl_rcv_msg+0x10/0x10 [ 88.736030][ T7886] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 88.736045][ T7886] ? lock_release+0xbf/0xa30 [ 88.736067][ T7886] ? __pfx___netlink_lookup+0x10/0x10 [ 88.736088][ T7886] ? net_generic+0x1f/0x240 [ 88.736111][ T7886] genl_rcv+0x28/0x40 [ 88.736129][ T7886] netlink_unicast+0x7f6/0x990 [ 88.736147][ T7886] ? __pfx_netlink_unicast+0x10/0x10 [ 88.736161][ T7886] ? __virt_addr_valid+0x45f/0x530 [ 88.736181][ T7886] ? __phys_addr_symbol+0x2f/0x70 [ 88.736200][ T7886] ? __check_object_size+0x47a/0x730 [ 88.736222][ T7886] netlink_sendmsg+0x8e4/0xcb0 [ 88.736245][ T7886] ? __pfx_netlink_sendmsg+0x10/0x10 [ 88.736264][ T7886] ? aa_sock_msg_perm+0x91/0x160 [ 88.736282][ T7886] ? __pfx_netlink_sendmsg+0x10/0x10 [ 88.736298][ T7886] __sock_sendmsg+0x221/0x270 [ 88.736320][ T7886] ____sys_sendmsg+0x52a/0x7e0 [ 88.736341][ T7886] ? __pfx_____sys_sendmsg+0x10/0x10 [ 88.736358][ T7886] ? __fget_files+0x2a/0x410 [ 88.736379][ T7886] ? __fget_files+0x2a/0x410 [ 88.736403][ T7886] __sys_sendmsg+0x269/0x350 [ 88.736419][ T7886] ? bpf_lsm_file_permission+0x9/0x10 [ 88.736436][ T7886] ? __pfx___sys_sendmsg+0x10/0x10 [ 88.736458][ T7886] ? do_sys_openat2+0x17a/0x1d0 [ 88.736488][ T7886] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 88.736508][ T7886] ? rcu_is_watching+0x15/0xb0 [ 88.736530][ T7886] ? rcu_is_watching+0x15/0xb0 [ 88.736552][ T7886] do_syscall_64+0xf3/0x230 [ 88.736568][ T7886] ? clear_bhb_loop+0x35/0x90 [ 88.736586][ T7886] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.736602][ T7886] RIP: 0033:0x7fea9798cda9 [ 88.736615][ T7886] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 88.736629][ T7886] RSP: 002b:00007fea987aa038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 88.736646][ T7886] RAX: ffffffffffffffda RBX: 00007fea97ba5fa0 RCX: 00007fea9798cda9 [ 88.736658][ T7886] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000004 [ 88.736668][ T7886] RBP: 00007fea987aa090 R08: 0000000000000000 R09: 0000000000000000 [ 88.736678][ T7886] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 88.736687][ T7886] R13: 0000000000000000 R14: 00007fea97ba5fa0 R15: 00007fffde140118 [ 88.736705][ T7886] [ 89.669315][ T7909] netlink: 'syz.2.681': attribute type 1 has an invalid length. [ 89.694718][ T7913] __nla_validate_parse: 41 callbacks suppressed [ 89.694734][ T7913] netlink: 28 bytes leftover after parsing attributes in process `syz.0.683'. [ 89.699736][ T7909] netlink: 4 bytes leftover after parsing attributes in process `syz.2.681'. [ 89.705268][ T7913] netlink: 8 bytes leftover after parsing attributes in process `syz.0.683'. [ 89.756269][ T7919] netlink: 16 bytes leftover after parsing attributes in process `syz.4.685'. [ 89.801442][ T7922] netlink: 84 bytes leftover after parsing attributes in process `syz.4.687'. [ 90.014734][ T7945] netlink: 8 bytes leftover after parsing attributes in process `syz.2.695'. [ 90.023831][ T7926] netlink: 'syz.0.688': attribute type 31 has an invalid length. [ 90.038703][ T7947] netlink: 28 bytes leftover after parsing attributes in process `syz.1.696'. [ 90.073757][ T7950] netlink: 16 bytes leftover after parsing attributes in process `syz.2.697'. [ 90.080660][ T7947] netlink: 8 bytes leftover after parsing attributes in process `syz.1.696'. [ 90.190342][ T7956] netlink: 'syz.4.700': attribute type 1 has an invalid length. [ 90.239366][ T7956] netlink: 4 bytes leftover after parsing attributes in process `syz.4.700'. [ 90.710704][ T8000] FAULT_INJECTION: forcing a failure. [ 90.710704][ T8000] name failslab, interval 1, probability 0, space 0, times 0 [ 90.725535][ T8000] CPU: 1 UID: 0 PID: 8000 Comm: syz.0.715 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0 [ 90.725557][ T8000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 90.725567][ T8000] Call Trace: [ 90.725572][ T8000] [ 90.725578][ T8000] dump_stack_lvl+0x241/0x360 [ 90.725606][ T8000] ? __pfx_dump_stack_lvl+0x10/0x10 [ 90.725627][ T8000] ? __pfx__printk+0x10/0x10 [ 90.725647][ T8000] ? __pfx___might_resched+0x10/0x10 [ 90.725666][ T8000] should_fail_ex+0x3b0/0x4e0 [ 90.725682][ T8000] should_failslab+0xac/0x100 [ 90.725702][ T8000] __kmalloc_noprof+0xdd/0x4c0 [ 90.725723][ T8000] ? taprio_init+0x2ff/0xc80 [ 90.725741][ T8000] taprio_init+0x2ff/0xc80 [ 90.725757][ T8000] ? ____sys_sendmsg+0x52a/0x7e0 [ 90.725773][ T8000] ? __sys_sendmsg+0x269/0x350 [ 90.725787][ T8000] ? do_syscall_64+0xf3/0x230 [ 90.725807][ T8000] ? __pfx_taprio_init+0x10/0x10 [ 90.725822][ T8000] ? qdisc_alloc+0x7dd/0xa80 [ 90.725840][ T8000] ? qdisc_lookup+0x350/0x6b0 [ 90.725858][ T8000] ? __pfx_taprio_init+0x10/0x10 [ 90.725874][ T8000] qdisc_create+0x9d4/0x11a0 [ 90.725895][ T8000] ? stack_trace_save+0x118/0x1d0 [ 90.725913][ T8000] ? __pfx_qdisc_create+0x10/0x10 [ 90.725934][ T8000] ? __nla_parse+0x40/0x60 [ 90.725951][ T8000] tc_modify_qdisc+0xbbb/0x1f10 [ 90.725978][ T8000] ? __pfx_tc_modify_qdisc+0x10/0x10 [ 90.726005][ T8000] ? security_capable+0x7e/0x2d0 [ 90.726021][ T8000] ? __pfx_tc_modify_qdisc+0x10/0x10 [ 90.726042][ T8000] rtnetlink_rcv_msg+0x73f/0xcf0 [ 90.726058][ T8000] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 90.726079][ T8000] ? lock_release+0xbf/0xa30 [ 90.726096][ T8000] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 90.726116][ T8000] ? __pfx_lock_acquire+0x10/0x10 [ 90.726131][ T8000] ? rcu_is_watching+0x15/0xb0 [ 90.726152][ T8000] ? lock_acquire+0xe3/0x550 [ 90.726170][ T8000] netlink_rcv_skb+0x1e3/0x430 [ 90.726186][ T8000] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 90.726204][ T8000] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 90.726226][ T8000] ? net_generic+0x1f/0x240 [ 90.726247][ T8000] ? netlink_deliver_tap+0x2e/0x1b0 [ 90.726265][ T8000] netlink_unicast+0x7f6/0x990 [ 90.726284][ T8000] ? __pfx_netlink_unicast+0x10/0x10 [ 90.726298][ T8000] ? __virt_addr_valid+0x45f/0x530 [ 90.726318][ T8000] ? __phys_addr_symbol+0x2f/0x70 [ 90.726337][ T8000] ? __check_object_size+0x47a/0x730 [ 90.726367][ T8000] netlink_sendmsg+0x8e4/0xcb0 [ 90.726388][ T8000] ? __pfx_netlink_sendmsg+0x10/0x10 [ 90.726407][ T8000] ? aa_sock_msg_perm+0x91/0x160 [ 90.726425][ T8000] ? __pfx_netlink_sendmsg+0x10/0x10 [ 90.726441][ T8000] __sock_sendmsg+0x221/0x270 [ 90.726462][ T8000] ____sys_sendmsg+0x52a/0x7e0 [ 90.726481][ T8000] ? __pfx_____sys_sendmsg+0x10/0x10 [ 90.726497][ T8000] ? __fget_files+0x2a/0x410 [ 90.726519][ T8000] ? __fget_files+0x2a/0x410 [ 90.726547][ T8000] __sys_sendmsg+0x269/0x350 [ 90.726564][ T8000] ? bpf_lsm_file_permission+0x9/0x10 [ 90.726581][ T8000] ? __pfx___sys_sendmsg+0x10/0x10 [ 90.726603][ T8000] ? do_sys_openat2+0x17a/0x1d0 [ 90.726635][ T8000] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 90.726654][ T8000] ? rcu_is_watching+0x15/0xb0 [ 90.726676][ T8000] ? rcu_is_watching+0x15/0xb0 [ 90.726698][ T8000] do_syscall_64+0xf3/0x230 [ 90.726713][ T8000] ? clear_bhb_loop+0x35/0x90 [ 90.726732][ T8000] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 90.726749][ T8000] RIP: 0033:0x7f01a538cda9 [ 90.726762][ T8000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 90.726776][ T8000] RSP: 002b:00007f01a61f3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 90.726794][ T8000] RAX: ffffffffffffffda RBX: 00007f01a55a5fa0 RCX: 00007f01a538cda9 [ 90.726806][ T8000] RDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000004 [ 90.726816][ T8000] RBP: 00007f01a61f3090 R08: 0000000000000000 R09: 0000000000000000 [ 90.726827][ T8000] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 90.726837][ T8000] R13: 0000000000000000 R14: 00007f01a55a5fa0 R15: 00007ffecc1e2ba8 [ 90.726855][ T8000] [ 90.748389][ T8003] netlink: 'syz.2.717': attribute type 1 has an invalid length. [ 91.682324][ T8051] netlink: 'syz.1.732': attribute type 1 has an invalid length. [ 91.915261][ T8086] sctp: [Deprecated]: syz.4.743 (pid 8086) Use of struct sctp_assoc_value in delayed_ack socket option. [ 91.915261][ T8086] Use struct sctp_sack_info instead [ 92.099714][ T8104] netlink: 'syz.1.750': attribute type 1 has an invalid length. [ 92.435064][ T8141] netlink: 'syz.2.763': attribute type 1 has an invalid length. [ 92.548783][ T9] hid-generic 0005:7FFF:0008.000F: unknown main item tag 0x0 [ 92.563930][ T9] hid-generic 0005:7FFF:0008.000F: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 92.673476][ T29] audit: type=1800 audit(1738187092.123:13): pid=8162 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.768" name="memory.events" dev="tmpfs" ino=804 res=0 errno=0 [ 92.885928][ T8182] netlink: 'syz.0.777': attribute type 1 has an invalid length. [ 93.007852][ T8194] netlink: 'syz.0.789': attribute type 1 has an invalid length. [ 93.095259][ T9] hid-generic 0005:7FFF:0008.0010: unknown main item tag 0x0 [ 93.124107][ T9] hid-generic 0005:7FFF:0008.0010: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 93.366287][ T8236] netlink: 'syz.4.796': attribute type 1 has an invalid length. [ 93.374014][ T5858] hid-generic 0005:7FFF:0008.0011: unknown main item tag 0x0 [ 93.381879][ T5858] hid-generic 0005:7FFF:0008.0011: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 93.510901][ T8251] netlink: 'syz.3.801': attribute type 11 has an invalid length. [ 93.589145][ T8257] netlink: 'syz.3.802': attribute type 1 has an invalid length. [ 93.714896][ T5858] hid-generic 0005:7FFF:0008.0012: unknown main item tag 0x0 [ 93.733255][ T5858] hid-generic 0005:7FFF:0008.0012: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 93.745388][ T8276] netlink: 'syz.2.811': attribute type 1 has an invalid length. [ 94.170037][ T8326] netlink: 'syz.2.826': attribute type 11 has an invalid length. [ 94.247659][ T8338] FAULT_INJECTION: forcing a failure. [ 94.247659][ T8338] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 94.263154][ T8338] CPU: 1 UID: 0 PID: 8338 Comm: syz.2.830 Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0 [ 94.263177][ T8338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 94.263186][ T8338] Call Trace: [ 94.263192][ T8338] [ 94.263198][ T8338] dump_stack_lvl+0x241/0x360 [ 94.263226][ T8338] ? __pfx_dump_stack_lvl+0x10/0x10 [ 94.263247][ T8338] ? __pfx__printk+0x10/0x10 [ 94.263267][ T8338] ? __pfx_lock_release+0x10/0x10 [ 94.263286][ T8338] ? rcu_is_watching+0x15/0xb0 [ 94.263309][ T8338] should_fail_ex+0x3b0/0x4e0 [ 94.263327][ T8338] _copy_from_iter+0x1e9/0x1c20 [ 94.263349][ T8338] ? rcu_is_watching+0x15/0xb0 [ 94.263378][ T8338] ? alloc_pages_mpol_noprof+0x58e/0x780 [ 94.263399][ T8338] ? __pfx__copy_from_iter+0x10/0x10 [ 94.263419][ T8338] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 94.263442][ T8338] ? alloc_pages_noprof+0xef/0x170 [ 94.263461][ T8338] ? page_copy_sane+0x46/0x260 [ 94.263481][ T8338] copy_page_from_iter+0x7a/0x100 [ 94.263501][ T8338] tun_get_user+0x2035/0x48a0 [ 94.263521][ T8338] ? tun_get_user+0x875/0x48a0 [ 94.263542][ T8338] ? rcu_is_watching+0x15/0xb0 [ 94.263564][ T8338] ? aa_file_perm+0x137/0xf50 [ 94.263584][ T8338] ? __pfx_tun_get_user+0x10/0x10 [ 94.263609][ T8338] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 94.263625][ T8338] ? rcu_is_watching+0x15/0xb0 [ 94.263646][ T8338] ? __pfx_lock_release+0x10/0x10 [ 94.263668][ T8338] ? __pfx_lock_release+0x10/0x10 [ 94.263688][ T8338] ? tun_get+0x1e/0x2f0 [ 94.263705][ T8338] ? tun_get+0x27d/0x2f0 [ 94.263722][ T8338] tun_chr_write_iter+0x10d/0x1f0 [ 94.263742][ T8338] vfs_write+0xaeb/0xd30 [ 94.263760][ T8338] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 94.263778][ T8338] ? __pfx_vfs_write+0x10/0x10 [ 94.263793][ T8338] ? do_sys_openat2+0x17a/0x1d0 [ 94.263815][ T8338] ? __fget_files+0x2a/0x410 [ 94.263837][ T8338] ? __fget_files+0x2a/0x410 [ 94.263861][ T8338] ksys_write+0x18f/0x2b0 [ 94.263878][ T8338] ? __pfx_ksys_write+0x10/0x10 [ 94.263894][ T8338] ? rcu_is_watching+0x15/0xb0 [ 94.263915][ T8338] ? rcu_is_watching+0x15/0xb0 [ 94.263937][ T8338] do_syscall_64+0xf3/0x230 [ 94.263957][ T8338] ? clear_bhb_loop+0x35/0x90 [ 94.263975][ T8338] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 94.263992][ T8338] RIP: 0033:0x7fc7bbd8b85f [ 94.264006][ T8338] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 94.264019][ T8338] RSP: 002b:00007fc7bcb3f000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 94.264038][ T8338] RAX: ffffffffffffffda RBX: 00007fc7bbfa5fa0 RCX: 00007fc7bbd8b85f [ 94.264050][ T8338] RDX: 000000000000007e RSI: 0000000020000300 RDI: 00000000000000c8 [ 94.264060][ T8338] RBP: 00007fc7bcb3f090 R08: 0000000000000000 R09: 0000000000000000 [ 94.264071][ T8338] R10: 000000000000007e R11: 0000000000000293 R12: 0000000000000001 [ 94.264081][ T8338] R13: 0000000000000000 R14: 00007fc7bbfa5fa0 R15: 00007ffdba9084a8 [ 94.264099][ T8338] [ 94.801168][ T8364] __nla_validate_parse: 55 callbacks suppressed [ 94.801187][ T8364] netlink: 40 bytes leftover after parsing attributes in process `syz.1.849'. [ 94.819497][ T8365] netlink: 4 bytes leftover after parsing attributes in process `syz.2.839'. [ 94.958896][ T8387] netlink: 84 bytes leftover after parsing attributes in process `syz.2.845'. [ 94.973904][ T8379] netlink: 4 bytes leftover after parsing attributes in process `syz.0.844'. [ 95.024591][ T8384] netlink: 4 bytes leftover after parsing attributes in process `syz.3.846'. [ 95.084996][ T46] hid-generic 0005:7FFF:0008.0013: unknown main item tag 0x0 [ 95.096526][ T46] hid-generic 0005:7FFF:0008.0013: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 95.175873][ T8405] netlink: 28 bytes leftover after parsing attributes in process `syz.4.850'. [ 95.184800][ T8405] netlink: 8 bytes leftover after parsing attributes in process `syz.4.850'. [ 95.255781][ T8414] netlink: 40 bytes leftover after parsing attributes in process `syz.4.854'. [ 95.288922][ T29] audit: type=1800 audit(1738187094.733:14): pid=8410 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.851" name="memory.events" dev="tmpfs" ino=887 res=0 errno=0 [ 95.317031][ T8421] netlink: 48 bytes leftover after parsing attributes in process `syz.3.855'. [ 95.425467][ T8428] netlink: 84 bytes leftover after parsing attributes in process `syz.2.858'. [ 95.448127][ T8431] sctp: [Deprecated]: syz.4.859 (pid 8431) Use of struct sctp_assoc_value in delayed_ack socket option. [ 95.448127][ T8431] Use struct sctp_sack_info instead [ 95.594448][ T46] hid-generic 0005:7FFF:0008.0014: unknown main item tag 0x0 [ 95.603603][ T46] hid-generic 0005:7FFF:0008.0014: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 95.758706][ T8462] 8021q: adding VLAN 0 to HW filter on device bond9 [ 95.789948][ T8462] bond9: (slave veth1): Enslaving as an active interface with a down link [ 96.021137][ T46] hid-generic 0005:7FFF:0008.0015: unknown main item tag 0x0 [ 96.031046][ T46] hid-generic 0005:7FFF:0008.0015: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 96.351293][ T46] hid-generic 0005:7FFF:0008.0016: unknown main item tag 0x0 [ 96.360154][ T46] hid-generic 0005:7FFF:0008.0016: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 96.669056][ T46] hid-generic 0005:7FFF:0008.0017: unknown main item tag 0x0 [ 96.685430][ T46] hid-generic 0005:7FFF:0008.0017: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 96.834430][ T8587] validate_nla: 10 callbacks suppressed [ 96.834447][ T8587] netlink: 'syz.1.918': attribute type 1 has an invalid length. [ 96.861217][ T8587] 8021q: adding VLAN 0 to HW filter on device bond12 [ 96.907561][ T8587] bond12: (slave veth1): Enslaving as an active interface with a down link [ 96.967479][ T8601] lo speed is unknown, defaulting to 1000 [ 97.166330][ T8601] lo speed is unknown, defaulting to 1000 [ 97.297151][ T8623] netlink: 'syz.3.928': attribute type 11 has an invalid length. [ 97.573734][ T46] hid-generic 0005:7FFF:0008.0018: unknown main item tag 0x0 [ 97.584216][ T46] hid-generic 0005:7FFF:0008.0018: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 97.864085][ T8660] netlink: 'syz.0.940': attribute type 1 has an invalid length. [ 97.892566][ T8661] netlink: 'syz.2.939': attribute type 1 has an invalid length. [ 98.046916][ T8672] netlink: 'syz.0.942': attribute type 39 has an invalid length. [ 98.054751][ T46] IPVS: starting estimator thread 0... [ 98.101323][ T8641] atomic_op ffff88804d04b198 conn xmit_atomic 0000000000000000 [ 98.144530][ T8674] IPVS: using max 51 ests per chain, 122400 per kthread [ 98.276060][ T29] audit: type=1800 audit(1738187097.723:15): pid=8688 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.947" name="memory.events" dev="tmpfs" ino=1019 res=0 errno=0 [ 98.773137][ T5841] hid-generic 0005:7FFF:0008.0019: unknown main item tag 0x0 [ 98.781916][ T5841] hid-generic 0005:7FFF:0008.0019: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 98.872517][ T29] audit: type=1800 audit(1738187098.313:16): pid=8742 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.966" name="memory.events" dev="tmpfs" ino=1000 res=0 errno=0 [ 99.205773][ T8783] netlink: 'syz.1.987': attribute type 1 has an invalid length. [ 99.219443][ T8783] 8021q: adding VLAN 0 to HW filter on device bond13 [ 99.234676][ T8783] bond13: (slave veth3): Enslaving as an active interface with a down link [ 99.528559][ T8804] netlink: 'syz.0.993': attribute type 1 has an invalid length. [ 99.721627][ T46] hid-generic 0005:7FFF:0008.001A: unknown main item tag 0x0 [ 99.730219][ T46] hid-generic 0005:7FFF:0008.001A: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 99.757307][ T5841] hid-generic 0005:7FFF:0008.001B: unknown main item tag 0x0 [ 99.771814][ T5841] hid-generic 0005:7FFF:0008.001B: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 100.059565][ T8858] __nla_validate_parse: 43 callbacks suppressed [ 100.059583][ T8858] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1014'. [ 100.062680][ T8857] xt_hashlimit: Unknown mode mask 40030000, kernel too old? [ 100.084789][ T8858] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 100.166511][ T8865] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1015'. [ 100.342987][ T8885] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1022'. [ 100.470084][ T5858] hid-generic 0005:7FFF:0008.001C: unknown main item tag 0x0 [ 100.478661][ T5858] hid-generic 0005:7FFF:0008.001C: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 100.493912][ T8901] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1029'. [ 100.530433][ T8906] netlink: 84 bytes leftover after parsing attributes in process `syz.4.1030'. [ 100.665134][ T8921] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1036'. [ 100.755765][ T8933] netlink: 'syz.4.1040': attribute type 1 has an invalid length. [ 100.784418][ T8933] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1040'. [ 100.839584][ T8939] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1042'. [ 101.304328][ T8969] netlink: 'syz.2.1054': attribute type 1 has an invalid length. [ 101.347302][ T8972] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1055'. [ 101.352638][ T8969] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1054'. [ 101.620070][ T29] audit: type=1800 audit(1738187101.063:17): pid=8986 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1059" name="memory.events" dev="tmpfs" ino=1103 res=0 errno=0 [ 101.734544][ T9008] netlink: 'syz.4.1067': attribute type 1 has an invalid length. [ 101.851790][ T9014] netlink: 'syz.0.1070': attribute type 1 has an invalid length. [ 102.025713][ T5858] hid-generic 0005:7FFF:0008.001D: unknown main item tag 0x0 [ 102.047948][ T5858] hid-generic 0005:7FFF:0008.001D: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 102.163220][ T9046] netlink: 'syz.0.1080': attribute type 1 has an invalid length. [ 102.346428][ T9071] netlink: 'syz.0.1089': attribute type 1 has an invalid length. [ 102.347616][ T5858] hid-generic 0005:7FFF:0008.001E: unknown main item tag 0x0 [ 102.384335][ T5858] hid-generic 0005:7FFF:0008.001E: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 102.436089][ T9081] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: invalid value (0) [ 102.446709][ T9081] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: allowed values 1 - 65535 [ 102.531938][ T9089] netlink: 'syz.0.1099': attribute type 1 has an invalid length. [ 102.603235][ T9098] netlink: 'syz.1.1100': attribute type 1 has an invalid length. [ 102.708104][ T5858] hid-generic 0005:7FFF:0008.001F: unknown main item tag 0x0 [ 102.725427][ T5858] hid-generic 0005:7FFF:0008.001F: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 102.780458][ T9124] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: invalid value (0) [ 102.797040][ T9124] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: allowed values 1 - 65535 [ 102.859939][ T5841] hid-generic 0005:7FFF:0008.0020: unknown main item tag 0x0 [ 102.869378][ T5841] hid-generic 0005:7FFF:0008.0020: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 103.004239][ T9154] netlink: 'syz.1.1118': attribute type 1 has an invalid length. [ 103.207349][ T5858] hid-generic 0005:7FFF:0008.0021: unknown main item tag 0x0 [ 103.216206][ T5858] hid-generic 0005:7FFF:0008.0021: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 103.621936][ T9197] netlink: 'syz.4.1135': attribute type 1 has an invalid length. [ 103.668513][ T5858] hid-generic 0005:7FFF:0008.0022: unknown main item tag 0x0 [ 103.678725][ T5858] hid-generic 0005:7FFF:0008.0022: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 103.842178][ T9227] netlink: 'syz.3.1148': attribute type 1 has an invalid length. [ 104.040502][ T5841] hid-generic 0005:7FFF:0008.0023: unknown main item tag 0x0 [ 104.055138][ T5841] hid-generic 0005:7FFF:0008.0023: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 104.281006][ T9275] netlink: 'syz.0.1165': attribute type 1 has an invalid length. [ 104.331139][ T9275] 8021q: adding VLAN 0 to HW filter on device bond11 [ 104.498505][ T5841] hid-generic 0005:7FFF:0008.0024: unknown main item tag 0x0 [ 104.523518][ T5841] hid-generic 0005:7FFF:0008.0024: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 104.566690][ T9273] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 104.896838][ T9324] netlink: 'syz.4.1183': attribute type 1 has an invalid length. [ 104.897914][ T5841] hid-generic 0005:7FFF:0008.0025: unknown main item tag 0x0 [ 104.923082][ T5841] hid-generic 0005:7FFF:0008.0025: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 105.096786][ T29] audit: type=1800 audit(1738187104.543:18): pid=9334 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1182" name="memory.events" dev="tmpfs" ino=1231 res=0 errno=0 [ 105.149103][ T9355] __nla_validate_parse: 40 callbacks suppressed [ 105.149120][ T9355] netlink: 84 bytes leftover after parsing attributes in process `syz.4.1195'. [ 105.223460][ T9357] xt_CT: No such helper "snmp" [ 105.285470][ T9362] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1197'. [ 105.384177][ T9373] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1202'. [ 105.486817][ T9381] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1207'. [ 105.496831][ T9381] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1207'. [ 105.519859][ T9385] netlink: 84 bytes leftover after parsing attributes in process `syz.2.1209'. [ 105.570584][ T9391] bridge0: port 1(ipvlan0) entered blocking state [ 105.598811][ T9391] bridge0: port 1(ipvlan0) entered disabled state [ 105.605894][ T9391] ipvlan0: entered allmulticast mode [ 105.611458][ T9391] bridge0: entered allmulticast mode [ 105.633209][ T9391] ipvlan0: left allmulticast mode [ 105.638314][ T9391] bridge0: left allmulticast mode [ 105.731240][ T9400] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1214'. [ 105.763459][ T9408] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1218'. [ 105.789437][ T9412] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1219'. [ 105.804472][ T9415] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1220'. [ 106.359150][ T9453] 8021q: adding VLAN 0 to HW filter on device bond17 [ 106.990423][ T29] audit: type=1800 audit(1738187106.433:19): pid=9463 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1233" name="memory.events" dev="tmpfs" ino=1347 res=0 errno=0 [ 108.068479][ T9534] validate_nla: 3 callbacks suppressed [ 108.068654][ T9534] netlink: 'syz.4.1256': attribute type 1 has an invalid length. [ 108.160566][ T5858] hid-generic 0005:7FFF:0008.0026: unknown main item tag 0x0 [ 108.169558][ T5858] hid-generic 0005:7FFF:0008.0026: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 108.326516][ T9555] netlink: 'syz.2.1263': attribute type 1 has an invalid length. [ 108.710085][ T9431] Set syz1 is full, maxelem 65536 reached [ 108.830858][ T9605] netlink: 'syz.4.1283': attribute type 1 has an invalid length. [ 108.966412][ T9617] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: invalid value (0) [ 108.979397][ T9617] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: allowed values 1 - 65535 [ 109.347783][ T9666] netlink: 'syz.3.1306': attribute type 1 has an invalid length. [ 109.546700][ T9693] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: invalid value (0) [ 109.556559][ T9693] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: allowed values 1 - 65535 [ 109.946792][ T9736] openvswitch: netlink: Invalid VLAN frame [ 110.016223][ T9736] syzkaller1: entered promiscuous mode [ 110.023513][ T9736] syzkaller1: entered allmulticast mode [ 110.030880][ T12] syzkaller1: tun_net_xmit 70 [ 110.169408][ T9760] __nla_validate_parse: 44 callbacks suppressed [ 110.169427][ T9760] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1345'. [ 110.185962][ T9760] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: invalid value (0) [ 110.196378][ T9760] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: allowed values 1 - 65535 [ 110.215939][ T9764] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1346'. [ 110.224996][ T9764] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1346'. [ 110.400104][ T9782] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1353'. [ 110.523683][ T9792] netlink: 84 bytes leftover after parsing attributes in process `syz.4.1355'. [ 110.603092][ T9799] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1359'. [ 110.629023][ T9805] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1362'. [ 110.632823][ T9807] netlink: 'syz.1.1361': attribute type 1 has an invalid length. [ 110.639366][ T9805] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1362'. [ 110.679562][ T9807] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1361'. [ 110.807020][ T9825] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1368'. [ 110.921420][ T5858] hid-generic 0005:7FFF:0008.0027: unknown main item tag 0x0 [ 110.931520][ T5858] hid-generic 0005:7FFF:0008.0027: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 111.112304][ T9852] lo speed is unknown, defaulting to 1000 [ 111.390141][ T9880] netlink: 'syz.2.1388': attribute type 1 has an invalid length. [ 111.408323][ T9880] 8021q: adding VLAN 0 to HW filter on device bond17 [ 111.464359][ T9861] siw: device registration error -23 [ 111.965984][ T9936] netlink: 'syz.2.1410': attribute type 1 has an invalid length. [ 112.240842][ T9965] tipc: Started in network mode [ 112.246366][ T9965] tipc: Node identity da9ac7f8da85, cluster identity 4711 [ 112.253897][ T9965] tipc: Enabled bearer , priority 0 [ 112.294897][ T9965] syzkaller0: entered promiscuous mode [ 112.302403][ T9965] syzkaller0: entered allmulticast mode [ 112.308278][ T9965] tipc: Resetting bearer [ 112.367437][ T9963] tipc: Resetting bearer [ 112.417079][ T9963] tipc: Disabling bearer [ 112.802953][T10025] netlink: 'syz.2.1447': attribute type 1 has an invalid length. [ 113.036738][ T9] hid-generic 0005:7FFF:0008.0028: unknown main item tag 0x0 [ 113.046499][ T9] hid-generic 0005:7FFF:0008.0028: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 113.126112][T10050] netlink: 'syz.2.1457': attribute type 1 has an invalid length. [ 113.145077][T10050] 8021q: adding VLAN 0 to HW filter on device bond20 [ 113.380647][T10084] netlink: 'syz.0.1470': attribute type 1 has an invalid length. [ 113.458610][T10094] netlink: 'syz.2.1473': attribute type 1 has an invalid length. [ 113.493051][T10094] 8021q: adding VLAN 0 to HW filter on device bond21 [ 113.664933][T10118] netlink: 'syz.2.1484': attribute type 1 has an invalid length. [ 114.028822][T10154] netlink: 'syz.0.1499': attribute type 1 has an invalid length. [ 114.312216][ T29] audit: type=1800 audit(1738187113.753:20): pid=10185 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1508" name="memory.events" dev="tmpfs" ino=1667 res=0 errno=0 [ 114.402714][ T29] audit: type=1800 audit(1738187113.853:21): pid=10186 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1509" name="memory.events" dev="tmpfs" ino=1499 res=0 errno=0 [ 114.685065][ T9] hid-generic 0005:7FFF:0008.0029: unknown main item tag 0x0 [ 114.694299][T10217] netlink: 'syz.3.1521': attribute type 1 has an invalid length. [ 114.702144][ T9] hid-generic 0005:7FFF:0008.0029: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 114.736415][T10222] netlink: 'syz.2.1519': attribute type 31 has an invalid length. [ 114.955759][T10244] netlink: 'syz.1.1531': attribute type 1 has an invalid length. [ 115.104346][ T29] audit: type=1800 audit(1738187114.553:22): pid=10247 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1530" name="memory.events" dev="tmpfs" ino=1521 res=0 errno=0 [ 115.130146][ T5858] hid-generic 0005:7FFF:0008.002A: unknown main item tag 0x0 [ 115.139443][ T5858] hid-generic 0005:7FFF:0008.002A: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 115.179946][T10259] __nla_validate_parse: 61 callbacks suppressed [ 115.186739][T10259] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1535'. [ 115.349854][T10273] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1542'. [ 115.412589][T10275] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1541'. [ 115.427552][ T9] hid-generic 0005:7FFF:0008.002B: unknown main item tag 0x0 [ 115.436117][ T9] hid-generic 0005:7FFF:0008.002B: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 115.509751][T10290] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1548'. [ 115.526460][T10292] netlink: 'syz.4.1549': attribute type 1 has an invalid length. [ 115.607459][T10300] netlink: 240 bytes leftover after parsing attributes in process `syz.0.1541'. [ 115.726177][ T29] audit: type=1800 audit(1738187115.173:23): pid=10303 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1552" name="memory.events" dev="tmpfs" ino=1684 res=0 errno=0 [ 115.767524][ T9] hid-generic 0005:7FFF:0008.002C: unknown main item tag 0x0 [ 115.776133][ T9] hid-generic 0005:7FFF:0008.002C: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 115.881263][T10321] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1562'. [ 115.899238][T10324] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1563'. [ 115.959771][T10330] netlink: 'syz.4.1565': attribute type 1 has an invalid length. [ 116.026595][ T5858] hid-generic 0005:7FFF:0008.002D: unknown main item tag 0x0 [ 116.035359][ T5858] hid-generic 0005:7FFF:0008.002D: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 116.111544][T10350] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1575'. [ 116.241533][T10363] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1579'. [ 116.268716][ T29] audit: type=1800 audit(1738187115.703:24): pid=10347 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1571" name="memory.events" dev="tmpfs" ino=1697 res=0 errno=0 [ 116.390826][ T5858] hid-generic 0005:7FFF:0008.002E: unknown main item tag 0x0 [ 116.399361][ T5858] hid-generic 0005:7FFF:0008.002E: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 116.495103][T10386] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1588'. [ 116.711285][ T5858] hid-generic 0005:7FFF:0008.002F: unknown main item tag 0x0 [ 116.721189][ T5858] hid-generic 0005:7FFF:0008.002F: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 116.809823][ T29] audit: type=1800 audit(1738187116.253:25): pid=10419 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1599" name="memory.events" dev="tmpfs" ino=1653 res=0 errno=0 [ 116.986674][ T5858] hid-generic 0005:7FFF:0008.0030: unknown main item tag 0x0 [ 117.000915][ T5858] hid-generic 0005:7FFF:0008.0030: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 117.220377][ T5858] hid-generic 0005:7FFF:0008.0031: unknown main item tag 0x0 [ 117.238212][ T5858] hid-generic 0005:7FFF:0008.0031: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 117.393623][ T29] audit: type=1800 audit(1738187116.843:26): pid=10477 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1624" name="memory.events" dev="tmpfs" ino=1797 res=0 errno=0 [ 117.494008][T10496] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 117.640719][ T9] hid-generic 0005:7FFF:0008.0032: unknown main item tag 0x0 [ 117.650549][ T9] hid-generic 0005:7FFF:0008.0032: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 117.937477][ T29] audit: type=1800 audit(1738187117.383:27): pid=10538 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1650" name="memory.events" dev="tmpfs" ino=1803 res=0 errno=0 [ 117.961151][ T5858] hid-generic 0005:7FFF:0008.0033: unknown main item tag 0x0 [ 117.973374][ T5858] hid-generic 0005:7FFF:0008.0033: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 118.244501][ T9] hid-generic 0005:7FFF:0008.0034: unknown main item tag 0x0 [ 118.256860][ T9] hid-generic 0005:7FFF:0008.0034: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 118.490185][ T29] audit: type=1800 audit(1738187117.933:28): pid=10597 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1674" name="memory.events" dev="tmpfs" ino=1820 res=0 errno=0 [ 118.591784][ T5858] hid-generic 0005:7FFF:0008.0035: unknown main item tag 0x0 [ 118.600749][ T5858] hid-generic 0005:7FFF:0008.0035: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 118.849953][ T9] hid-generic 0005:7FFF:0008.0036: unknown main item tag 0x0 [ 118.859562][ T9] hid-generic 0005:7FFF:0008.0036: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 119.148709][ T9] hid-generic 0005:7FFF:0008.0037: unknown main item tag 0x0 [ 119.157002][ T9] hid-generic 0005:7FFF:0008.0037: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 119.554530][ T29] audit: type=1800 audit(1738187119.003:29): pid=10718 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1723" name="memory.events" dev="tmpfs" ino=1835 res=0 errno=0 [ 119.622336][ T29] audit: type=1800 audit(1738187119.063:30): pid=10727 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1729" name="memory.events" dev="tmpfs" ino=1897 res=0 errno=0 [ 120.079551][ T5858] hid-generic 0005:7FFF:0008.0038: unknown main item tag 0x0 [ 120.091736][ T5858] hid-generic 0005:7FFF:0008.0038: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 120.222051][T10792] __nla_validate_parse: 38 callbacks suppressed [ 120.222068][T10792] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1755'. [ 120.319539][ T29] audit: type=1800 audit(1738187119.753:31): pid=10788 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1751" name="memory.events" dev="tmpfs" ino=1698 res=0 errno=0 [ 120.357175][T10802] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1759'. [ 120.456299][ T9] hid-generic 0005:7FFF:0008.0039: unknown main item tag 0x0 [ 120.468307][ T9] hid-generic 0005:7FFF:0008.0039: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 120.555559][T10822] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1768'. [ 120.621359][T10831] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1771'. [ 120.706792][ T5858] hid-generic 0005:7FFF:0008.003A: unknown main item tag 0x0 [ 120.715644][ T5858] hid-generic 0005:7FFF:0008.003A: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 120.795404][T10852] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1782'. [ 120.933776][ T29] audit: type=1800 audit(1738187120.383:32): pid=10862 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1783" name="memory.events" dev="tmpfs" ino=1747 res=0 errno=0 [ 121.021893][ T5858] hid-generic 0005:7FFF:0008.003B: unknown main item tag 0x0 [ 121.030498][ T5858] hid-generic 0005:7FFF:0008.003B: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 121.105202][T10884] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1796'. [ 121.294076][ T9] hid-generic 0005:7FFF:0008.003C: unknown main item tag 0x0 [ 121.309779][ T9] hid-generic 0005:7FFF:0008.003C: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 121.328422][T10913] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1809'. [ 121.436031][ T29] audit: type=1800 audit(1738187120.883:33): pid=10914 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1807" name="memory.events" dev="tmpfs" ino=1759 res=0 errno=0 [ 121.580356][T10936] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1820'. [ 121.622525][ T9] hid-generic 0005:7FFF:0008.003D: unknown main item tag 0x0 [ 121.631203][ T9] hid-generic 0005:7FFF:0008.003D: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 121.875702][ T5858] hid-generic 0005:7FFF:0008.003E: unknown main item tag 0x0 [ 121.884914][ T5858] hid-generic 0005:7FFF:0008.003E: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 121.898099][T10975] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1838'. [ 122.068346][ T29] audit: type=1800 audit(1738187121.513:34): pid=10980 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1835" name="memory.events" dev="tmpfs" ino=1788 res=0 errno=0 [ 122.149573][T11005] validate_nla: 3 callbacks suppressed [ 122.149587][T11005] netlink: 'syz.1.1849': attribute type 1 has an invalid length. [ 122.190938][ T9] hid-generic 0005:7FFF:0008.003F: unknown main item tag 0x0 [ 122.191070][T11005] 8021q: adding VLAN 0 to HW filter on device bond20 [ 122.205557][ T9] hid-generic 0005:7FFF:0008.003F: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 122.224534][T11012] bond20: (slave veth5): Enslaving as an active interface with a down link [ 122.246176][T11014] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1852'. [ 122.428877][ T9] hid-generic 0005:7FFF:0008.0040: unknown main item tag 0x0 [ 122.438427][ T9] hid-generic 0005:7FFF:0008.0040: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 122.560764][T11048] netlink: 'syz.1.1867': attribute type 1 has an invalid length. [ 122.607066][T11048] 8021q: adding VLAN 0 to HW filter on device bond21 [ 122.622906][ T29] audit: type=1800 audit(1738187122.063:35): pid=11043 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1863" name="memory.events" dev="tmpfs" ino=1811 res=0 errno=0 [ 122.645866][T11048] bond21: (slave veth7): Enslaving as an active interface with a down link [ 122.917853][T11089] netlink: 'syz.2.1885': attribute type 1 has an invalid length. [ 122.944579][T11089] 8021q: adding VLAN 0 to HW filter on device bond24 [ 122.982520][T11089] bond24: (slave veth9): Enslaving as an active interface with a down link [ 123.080936][ T5858] hid-generic 0005:7FFF:0008.0041: unknown main item tag 0x0 [ 123.093958][ T5858] hid-generic 0005:7FFF:0008.0041: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 123.222258][ T29] audit: type=1800 audit(1738187122.663:36): pid=11113 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1893" name="memory.events" dev="tmpfs" ino=1827 res=0 errno=0 [ 123.277970][T11127] netlink: 'syz.4.1902': attribute type 1 has an invalid length. [ 123.317841][T11127] 8021q: adding VLAN 0 to HW filter on device bond19 [ 123.352741][T11127] bond19: (slave veth7): Enslaving as an active interface with a down link [ 123.400885][ T5858] hid-generic 0005:7FFF:0008.0042: unknown main item tag 0x0 [ 123.410096][ T5858] hid-generic 0005:7FFF:0008.0042: hidraw0: BLUETOOTH HID v0.02 Device [syz1] on aa:aa:aa:aa:aa:aa [ 123.574604][T11159] netlink: 'syz.4.1918': attribute type 1 has an invalid length. [ 123.594709][T11159] 8021q: adding VLAN 0 to HW filter on device bond20 [ 123.625560][T11159] bond20: (slave veth9): Enslaving as an active interface with a down link [ 123.769628][ T29] audit: type=1800 audit(1738187123.213:37): pid=11173 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1920" name="memory.events" dev="tmpfs" ino=1854 res=0 errno=0 [ 124.443795][ T29] audit: type=1800 audit(1738187123.893:38): pid=11240 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1947" name="memory.events" dev="tmpfs" ino=2146 res=0 errno=0 [ 124.582022][ T29] audit: type=1800 audit(1738187124.013:39): pid=11248 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1952" name="memory.events" dev="tmpfs" ino=2082 res=0 errno=0 [ 125.206007][ T29] audit: type=1800 audit(1738187124.653:40): pid=11298 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1972" name="memory.events" dev="tmpfs" ino=2089 res=0 errno=0 [ 125.232276][T11312] __nla_validate_parse: 18 callbacks suppressed [ 125.232291][T11312] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1978'. [ 125.306070][T11315] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1979'. [ 125.463720][ T29] audit: type=1800 audit(1738187124.913:41): pid=11313 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1977" name="memory.events" dev="tmpfs" ino=2184 res=0 errno=0 [ 125.695891][T11336] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1986'. [ 125.832734][T11344] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1989'. [ 125.898167][T11348] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1992'. [ 126.061210][ T29] audit: type=1800 audit(1738187125.503:42): pid=11351 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1991" name="memory.events" dev="tmpfs" ino=1880 res=0 errno=0 [ 126.248583][T11378] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2003'. [ 126.259096][T11381] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2001'. [ 126.295120][T11387] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2004'. [ 126.502446][T11411] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2017'. [ 126.605400][T11421] netlink: 84 bytes leftover after parsing attributes in process `syz.1.2021'. [ 126.632461][ T29] audit: type=1800 audit(1738187126.063:43): pid=11409 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2012" name="memory.events" dev="tmpfs" ino=2222 res=0 errno=0 [ 126.899655][T11449] Bluetooth: hci0: Opcode 0x0401 failed: -22 [ 127.025845][T11463] bond0: (slave veth1): Releasing active interface [ 127.034854][T11463] bond2: (slave ip6gretap0): Releasing backup interface [ 127.044160][T11463] bond19: (slave veth7): Releasing active interface [ 127.053550][T11463] bond20: (slave veth9): Releasing active interface [ 127.274311][T11486] nr0: entered promiscuous mode [ 127.282317][T11486] vlan1: entered allmulticast mode [ 127.382664][T11492] netlink: 'syz.2.2048': attribute type 1 has an invalid length. [ 127.914745][T11533] netlink: 'syz.1.2063': attribute type 1 has an invalid length. [ 128.129515][ T29] audit: type=1800 audit(1738187127.573:44): pid=11542 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2065" name="memory.events" dev="tmpfs" ino=2258 res=0 errno=0 [ 128.453145][ T29] audit: type=1800 audit(1738187127.883:45): pid=11567 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2072" name="memory.events" dev="tmpfs" ino=2260 res=0 errno=0 [ 128.454391][T11580] netlink: 'syz.1.2075': attribute type 1 has an invalid length. [ 128.937628][ T29] audit: type=1800 audit(1738187128.373:46): pid=11613 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2086" name="memory.events" dev="tmpfs" ino=2271 res=0 errno=0 [ 128.948388][T11631] netlink: 'syz.0.2097': attribute type 1 has an invalid length. [ 128.986346][T11629] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: invalid value (0) [ 128.996118][T11629] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: allowed values 1 - 65535 [ 129.266867][T11653] 8021q: adding VLAN 0 to HW filter on device bond15 [ 129.295331][T11653] bond15: (slave veth5): Enslaving as an active interface with an up link [ 129.403427][T11668] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: invalid value (0) [ 129.416897][T11666] netlink: 'syz.4.2110': attribute type 1 has an invalid length. [ 129.417638][T11668] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: allowed values 1 - 65535 [ 129.644565][ T29] audit: type=1800 audit(1738187129.083:47): pid=11676 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2112" name="memory.events" dev="tmpfs" ino=2333 res=0 errno=0 [ 129.785430][T11693] 8021q: adding VLAN 0 to HW filter on device bond22 [ 129.841471][T11693] bond22: (slave veth11): Enslaving as an active interface with an up link [ 129.904737][T11708] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: invalid value (0) [ 129.928196][T11708] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: allowed values 1 - 65535 [ 129.969723][T11710] netlink: 'syz.4.2125': attribute type 1 has an invalid length. [ 130.300681][ T29] audit: type=1800 audit(1738187129.743:48): pid=11738 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2133" name="memory.events" dev="tmpfs" ino=2105 res=0 errno=0 [ 130.375409][T11745] __nla_validate_parse: 32 callbacks suppressed [ 130.375425][T11745] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2137'. [ 130.503767][T11755] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2141'. [ 130.540371][T11757] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2142'. [ 130.564405][T11757] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: invalid value (0) [ 130.575157][T11757] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: allowed values 1 - 65535 [ 130.590484][T11761] netlink: 'syz.3.2143': attribute type 1 has an invalid length. [ 130.622293][T11761] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2143'. [ 130.676589][T11775] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2148'. [ 130.869594][T11795] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2155'. [ 130.883514][ T29] audit: type=1800 audit(1738187130.333:49): pid=11786 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2150" name="memory.events" dev="tmpfs" ino=2118 res=0 errno=0 [ 130.952899][T11802] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2157'. [ 130.986173][ T29] audit: type=1800 audit(1738187130.433:50): pid=11799 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2154" name="memory.events" dev="tmpfs" ino=2371 res=0 errno=0 [ 131.008427][T11804] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2158'. [ 131.034817][T11804] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: invalid value (0) [ 131.045097][T11804] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: allowed values 1 - 65535 [ 131.124707][T11810] netlink: 'syz.2.2161': attribute type 1 has an invalid length. [ 131.154079][T11810] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2161'. [ 131.161391][T11814] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2162'. [ 131.445708][T11843] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: invalid value (0) [ 131.456982][T11843] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: allowed values 1 - 65535 [ 131.529010][T11847] netlink: 'syz.4.2174': attribute type 1 has an invalid length. [ 131.670136][ T29] audit: type=1800 audit(1738187131.113:51): pid=11853 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2173" name="memory.events" dev="tmpfs" ino=2407 res=0 errno=0 [ 131.865173][ T29] audit: type=1800 audit(1738187131.313:52): pid=11868 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2177" name="memory.events" dev="tmpfs" ino=2084 res=0 errno=0 [ 131.965541][T11881] 8021q: adding VLAN 0 to HW filter on device bond26 [ 131.985692][T11881] bond26: (slave veth9): Enslaving as an active interface with an up link [ 132.034461][T11888] netlink: 'syz.1.2189': attribute type 1 has an invalid length. [ 132.377064][ T29] audit: type=1800 audit(1738187131.823:53): pid=11915 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2197" name="memory.events" dev="tmpfs" ino=2429 res=0 errno=0 [ 132.483406][T11927] netlink: 'syz.0.2203': attribute type 1 has an invalid length. [ 132.496343][ T29] audit: type=1800 audit(1738187131.943:54): pid=11923 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2200" name="memory.events" dev="tmpfs" ino=2414 res=0 errno=0 [ 132.846586][T11962] netlink: 'syz.4.2216': attribute type 1 has an invalid length. [ 132.975423][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.981855][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.081095][ T29] audit: type=1800 audit(1738187132.523:55): pid=11971 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2219" name="memory.events" dev="tmpfs" ino=2176 res=0 errno=0 [ 133.420380][T12002] netlink: 'syz.2.2231': attribute type 1 has an invalid length. [ 133.718554][ T29] audit: type=1800 audit(1738187133.163:56): pid=12029 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2238" name="memory.events" dev="tmpfs" ino=2408 res=0 errno=0 [ 133.863381][T12047] netlink: 'syz.4.2248': attribute type 1 has an invalid length. [ 134.214105][T12082] netlink: 'syz.0.2262': attribute type 1 has an invalid length. [ 134.633462][T12119] netlink: 'syz.1.2276': attribute type 1 has an invalid length. [ 134.985731][T12156] netlink: 'syz.4.2290': attribute type 1 has an invalid length. [ 135.166851][ T29] kauditd_printk_skb: 2 callbacks suppressed [ 135.166868][ T29] audit: type=1800 audit(1738187134.613:59): pid=12163 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2286" name="memory.events" dev="tmpfs" ino=2517 res=0 errno=0 [ 135.226160][ T29] audit: type=1800 audit(1738187134.663:60): pid=12166 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2292" name="memory.events" dev="tmpfs" ino=2232 res=0 errno=0 [ 135.554847][T12196] netlink: 'syz.0.2304': attribute type 1 has an invalid length. [ 135.580235][T12196] __nla_validate_parse: 35 callbacks suppressed [ 135.580251][T12196] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2304'. [ 135.648100][T12205] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2308'. [ 135.916413][ T29] audit: type=1800 audit(1738187135.353:61): pid=12220 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2310" name="memory.events" dev="tmpfs" ino=2596 res=0 errno=0 [ 135.962569][ T29] audit: type=1800 audit(1738187135.403:62): pid=12223 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2313" name="memory.events" dev="tmpfs" ino=2473 res=0 errno=0 [ 136.014035][T12241] netlink: 'syz.3.2319': attribute type 1 has an invalid length. [ 136.042715][T12241] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2319'. [ 136.197960][T12250] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2322'. [ 136.449340][T12283] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2335'. [ 136.461351][T12279] netlink: 'syz.2.2332': attribute type 1 has an invalid length. [ 136.482845][T12279] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2332'. [ 136.523421][T12289] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2336'. [ 136.611687][ T29] audit: type=1800 audit(1738187136.053:63): pid=12287 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2333" name="memory.events" dev="tmpfs" ino=2286 res=0 errno=0 [ 136.894247][T12316] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2346'. [ 136.958545][T12326] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2348'. [ 137.004358][T12332] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2353'. [ 137.315294][ T29] audit: type=1800 audit(1738187136.763:64): pid=12352 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2358" name="memory.events" dev="tmpfs" ino=2274 res=0 errno=0 [ 137.751559][T12401] validate_nla: 2 callbacks suppressed [ 137.751576][T12401] netlink: 'syz.4.2379': attribute type 1 has an invalid length. [ 137.960179][ T29] audit: type=1800 audit(1738187137.403:65): pid=12412 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2382" name="memory.events" dev="tmpfs" ino=2570 res=0 errno=0 [ 138.207634][T12443] netlink: 'syz.1.2394': attribute type 1 has an invalid length. [ 138.691477][ T29] audit: type=1800 audit(1738187138.133:66): pid=12480 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2408" name="memory.events" dev="tmpfs" ino=2607 res=0 errno=0 [ 138.699803][T12484] netlink: 'syz.1.2410': attribute type 1 has an invalid length. [ 139.113780][T12520] netlink: 'syz.2.2423': attribute type 1 has an invalid length. [ 139.468435][ T29] audit: type=1800 audit(1738187138.903:67): pid=12544 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2429" name="memory.events" dev="tmpfs" ino=2742 res=0 errno=0 [ 139.702326][T12574] netlink: 'syz.1.2444': attribute type 1 has an invalid length. [ 140.161535][T12610] netlink: 'syz.3.2458': attribute type 1 has an invalid length. [ 140.615188][T12650] netlink: 'syz.1.2472': attribute type 1 has an invalid length. [ 140.647851][T12658] __nla_validate_parse: 26 callbacks suppressed [ 140.647867][T12658] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2475'. [ 140.667259][T12660] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2472'. [ 140.728885][T12663] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2477'. [ 140.808448][ T29] audit: type=1800 audit(1738187140.253:68): pid=12661 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2474" name="memory.events" dev="tmpfs" ino=2664 res=0 errno=0 [ 140.859603][T12675] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2480'. [ 141.109898][T12690] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2487'. [ 141.181877][T12697] netlink: 'syz.2.2489': attribute type 1 has an invalid length. [ 141.199270][T12700] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2490'. [ 141.211502][T12697] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2489'. [ 141.366023][T12711] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2494'. [ 141.397864][ T29] audit: type=1800 audit(1738187140.843:69): pid=12709 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2493" name="memory.events" dev="tmpfs" ino=2843 res=0 errno=0 [ 141.561689][ T29] audit: type=1800 audit(1738187141.003:70): pid=12714 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2495" name="memory.events" dev="tmpfs" ino=2370 res=0 errno=0 [ 141.585982][T12720] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2498'. [ 141.730268][T12729] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2501'. [ 141.755037][T12733] netlink: 'syz.3.2503': attribute type 1 has an invalid length. [ 141.841683][T12741] netlink: 'syz.1.2506': attribute type 1 has an invalid length. [ 142.134781][ T29] audit: type=1800 audit(1738187141.583:71): pid=12764 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2510" name="memory.events" dev="tmpfs" ino=2864 res=0 errno=0 [ 142.489076][T12793] 8021q: adding VLAN 0 to HW filter on device bond37 [ 142.947686][T12836] 8021q: adding VLAN 0 to HW filter on device bond18 [ 143.173897][T12832] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 143.572264][T12884] validate_nla: 4 callbacks suppressed [ 143.572281][T12884] netlink: 'syz.4.2550': attribute type 1 has an invalid length. [ 143.724883][T12891] 8021q: adding VLAN 0 to HW filter on device bond34 [ 143.821772][T12900] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 143.993928][T12921] netlink: 'syz.1.2563': attribute type 1 has an invalid length. [ 144.050771][T12928] xt_CT: No such helper "snmp" [ 144.148402][T12936] bridge0: port 1(ipvlan0) entered blocking state [ 144.157381][T12936] bridge0: port 1(ipvlan0) entered disabled state [ 144.164058][T12936] ipvlan0: entered allmulticast mode [ 144.169437][T12936] bridge0: entered allmulticast mode [ 144.175894][T12936] ipvlan0: left allmulticast mode [ 144.181008][T12936] bridge0: left allmulticast mode [ 144.320462][T12957] netlink: 'syz.2.2573': attribute type 1 has an invalid length. [ 144.391622][T12962] nbd: must specify at least one socket [ 144.834059][T12969] netlink: 'syz.2.2585': attribute type 1 has an invalid length. [ 144.976710][T12973] xt_CT: You must specify a L4 protocol and not use inversions on it [ 145.034172][T12977] openvswitch: netlink: Missing key (keys=40, expected=80) [ 145.214716][T12993] xt_AUDIT: Audit type out of range (valid range: 0..2) [ 145.228184][T12992] openvswitch: netlink: Invalid VLAN frame [ 145.356647][T12992] syzkaller1: entered promiscuous mode [ 145.362156][T12992] syzkaller1: entered allmulticast mode [ 145.433423][ T29] audit: type=1800 audit(1738187144.883:72): pid=13001 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2588" name="memory.events" dev="tmpfs" ino=2954 res=0 errno=0 [ 145.659324][T13025] 8021q: adding VLAN 0 to HW filter on device bond39 [ 145.719724][T13036] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 145.725211][T13040] __nla_validate_parse: 39 callbacks suppressed [ 145.725227][T13040] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2603'. [ 145.838880][T13048] xt_CT: No such helper "snmp" [ 145.914467][T13057] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2610'. [ 146.005426][T13064] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2612'. [ 146.027852][T13067] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2614'. [ 146.055730][T13064] 8021q: adding VLAN 0 to HW filter on device bond35 [ 146.150586][ T29] audit: type=1800 audit(1738187145.593:73): pid=13065 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2611" name="memory.events" dev="tmpfs" ino=2983 res=0 errno=0 [ 146.268999][T13083] xt_CT: No such helper "snmp" [ 146.305877][T13082] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2619'. [ 146.400504][T13097] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2624'. [ 146.473823][T13102] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2626'. [ 146.489328][T13106] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2627'. [ 146.559796][T13106] 8021q: adding VLAN 0 to HW filter on device bond36 [ 146.672835][T13118] xt_CT: No such helper "snmp" [ 146.712452][T13133] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2641'. [ 146.743228][T13136] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2640'. [ 146.856933][ T29] audit: type=1800 audit(1738187146.303:74): pid=13134 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2637" name="memory.events" dev="tmpfs" ino=2511 res=0 errno=0 [ 146.912064][T13146] 8021q: adding VLAN 0 to HW filter on device bond40 [ 147.177712][T13174] netlink: 'syz.1.2657': attribute type 1 has an invalid length. [ 147.299857][T13185] 8021q: adding VLAN 0 to HW filter on device bond38 [ 147.584445][T13209] netlink: 'syz.0.2671': attribute type 1 has an invalid length. [ 147.685038][T13216] 8021q: adding VLAN 0 to HW filter on device bond24 [ 147.904343][T13243] netlink: 'syz.0.2684': attribute type 1 has an invalid length. [ 147.965403][T13248] 8021q: adding VLAN 0 to HW filter on device bond43 [ 148.009846][ T29] audit: type=1800 audit(1738187147.453:75): pid=13250 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2685" name="memory.events" dev="tmpfs" ino=2898 res=0 errno=0 [ 148.170763][T13262] bridge0: port 1(ipvlan0) entered blocking state [ 148.184051][T13262] bridge0: port 1(ipvlan0) entered disabled state [ 148.200839][T13262] ipvlan0: entered allmulticast mode [ 148.210849][T13262] bridge0: entered allmulticast mode [ 148.218901][T13262] ipvlan0: left allmulticast mode [ 148.224239][T13262] bridge0: left allmulticast mode [ 148.371201][T13285] netlink: 'syz.2.2700': attribute type 1 has an invalid length. [ 148.389067][T13287] 8021q: adding VLAN 0 to HW filter on device bond44 [ 148.538979][T13304] bridge0: port 1(ipvlan0) entered blocking state [ 148.550997][T13304] bridge0: port 1(ipvlan0) entered disabled state [ 148.558182][T13304] ipvlan0: entered allmulticast mode [ 148.563807][T13304] bridge0: entered allmulticast mode [ 148.569950][T13304] ipvlan0: left allmulticast mode [ 148.577527][T13304] bridge0: left allmulticast mode [ 148.742422][ T29] audit: type=1800 audit(1738187148.173:76): pid=13312 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2710" name="memory.events" dev="tmpfs" ino=3057 res=0 errno=0 [ 148.816866][T13326] 8021q: adding VLAN 0 to HW filter on device bond38 [ 148.841858][T13330] netlink: 'syz.1.2716': attribute type 1 has an invalid length. [ 149.168528][T13363] 8021q: adding VLAN 0 to HW filter on device bond46 [ 149.211323][T13363] bond46: (slave veth13): Enslaving as an active interface with an up link [ 149.333795][T13372] lo speed is unknown, defaulting to 1000 [ 149.490316][ T29] audit: type=1800 audit(1738187148.933:77): pid=13390 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2735" name="memory.events" dev="tmpfs" ino=3079 res=0 errno=0 [ 149.588312][T13399] openvswitch: netlink: Invalid VLAN frame [ 149.746548][T13405] Set syz1 is full, maxelem 65536 reached [ 149.762432][T13413] siw: device registration error -23 [ 149.858993][T13421] 8021q: adding VLAN 0 to HW filter on device bond40 [ 149.965507][T13433] xt_CT: No such helper "snmp" [ 149.973659][T13439] bridge25: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 150.432073][T13490] openvswitch: netlink: Invalid VLAN frame [ 150.512892][T13502] netlink: 'syz.3.2777': attribute type 1 has an invalid length. [ 150.906829][ T5839] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 150.914082][ T5839] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 150.921273][ T5839] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 150.929011][ T5839] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 150.936422][ T5839] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 150.943851][ T5839] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 150.964762][T13538] lo speed is unknown, defaulting to 1000 [ 151.026942][T13545] lo speed is unknown, defaulting to 1000 [ 151.056472][T13549] netlink: 'syz.2.2794': attribute type 1 has an invalid length. [ 151.088324][T13549] __nla_validate_parse: 31 callbacks suppressed [ 151.088341][T13549] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2794'. [ 151.094841][ T1309] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 151.111502][ T1309] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 151.163005][ T1309] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 151.184187][ T1309] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 151.457168][T13568] openvswitch: netlink: Invalid VLAN frame [ 151.571318][T13591] netlink: 'syz.1.2805': attribute type 1 has an invalid length. [ 151.588569][T13591] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2805'. [ 151.795685][ T5835] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 151.803705][ T5835] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 151.810918][ T5835] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 151.819272][ T5835] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 151.826760][ T5835] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 151.834020][ T5835] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 152.925098][ T11] bond0 (unregistering): Released all slaves [ 152.933849][ T11] bond1 (unregistering): Released all slaves [ 152.941922][ T11] bond2 (unregistering): Released all slaves [ 152.949940][ T11] bond3 (unregistering): Released all slaves [ 152.958802][ T11] bond4 (unregistering): Released all slaves [ 152.967624][ T11] bond5 (unregistering): Released all slaves [ 152.972466][ T5835] Bluetooth: hci5: command tx timeout [ 152.978531][ T11] bond6 (unregistering): Released all slaves [ 152.987845][ T11] bond7 (unregistering): Released all slaves [ 152.998052][ T11] bond8 (unregistering): Released all slaves [ 153.006358][ T11] bond9 (unregistering): Released all slaves [ 153.015370][ T11] bond10 (unregistering): Released all slaves [ 153.025028][ T11] bond11 (unregistering): Released all slaves [ 153.033846][ T11] bond12 (unregistering): Released all slaves [ 153.041985][ T11] bond13 (unregistering): Released all slaves [ 153.052582][ T11] bond14 (unregistering): Released all slaves [ 153.060964][ T11] bond15 (unregistering): Released all slaves [ 153.071948][ T11] bond16 (unregistering): Released all slaves [ 153.081302][ T11] bond17 (unregistering): Released all slaves [ 153.091012][ T11] bond18 (unregistering): Released all slaves [ 153.100279][ T11] bond19 (unregistering): Released all slaves [ 153.110136][ T11] bond20 (unregistering): Released all slaves [ 153.120545][ T11] bond21 (unregistering): Released all slaves [ 153.130782][ T11] bond22 (unregistering): (slave veth11): Releasing backup interface [ 153.141102][ T11] bond22 (unregistering): Released all slaves [ 153.151233][ T11] bond23 (unregistering): Released all slaves [ 153.159917][ T11] bond24 (unregistering): Released all slaves [ 153.168102][ T11] bond25 (unregistering): Released all slaves [ 153.176231][ T11] bond26 (unregistering): Released all slaves [ 153.184405][ T11] bond27 (unregistering): Released all slaves [ 153.193612][ T11] bond28 (unregistering): Released all slaves [ 153.201723][ T11] bond29 (unregistering): Released all slaves [ 153.209878][ T11] bond30 (unregistering): Released all slaves [ 153.218657][ T11] bond31 (unregistering): Released all slaves [ 153.228497][ T11] bond32 (unregistering): Released all slaves [ 153.239297][ T11] bond33 (unregistering): Released all slaves [ 153.248606][ T11] bond34 (unregistering): Released all slaves [ 153.256970][ T11] bond35 (unregistering): Released all slaves [ 153.266077][ T11] bond36 (unregistering): Released all slaves [ 153.275549][ T11] bond37 (unregistering): Released all slaves [ 153.285887][ T11] bond38 (unregistering): Released all slaves [ 153.296531][ T11] bond39 (unregistering): Released all slaves [ 153.305609][ T11] bond40 (unregistering): Released all slaves [ 153.346833][T13623] bridge25: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 153.357933][T13605] lo speed is unknown, defaulting to 1000 [ 153.379146][T13613] lo speed is unknown, defaulting to 1000 [ 153.410418][ T11] tipc: Left network mode [ 153.489791][T13643] netlink: 'syz.3.2821': attribute type 1 has an invalid length. [ 153.535930][T13643] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2821'. [ 153.579882][ T55] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 153.592408][ T55] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 153.852437][ T5835] Bluetooth: hci0: command tx timeout [ 154.443349][T13662] Bluetooth: MGMT ver 1.23 [ 155.052517][ T5835] Bluetooth: hci5: command tx timeout [ 155.932456][ T5835] Bluetooth: hci0: command tx timeout [ 157.132519][ T5835] Bluetooth: hci5: command tx timeout [ 158.022486][ T5835] Bluetooth: hci0: command tx timeout [ 159.212440][ T5835] Bluetooth: hci5: command tx timeout [ 160.092453][ T5835] Bluetooth: hci0: command tx timeout [ 167.941683][ T5839] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 167.948955][ T5839] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 167.956207][ T5839] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 167.963838][ T5839] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 167.971234][ T5839] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 167.978493][ T5839] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 170.012630][ T5839] Bluetooth: hci3: command tx timeout [ 170.052692][ T5835] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 170.059907][ T5835] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 170.067172][ T5835] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 170.074771][ T5835] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 170.082102][ T5835] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 170.089316][ T5835] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 170.129523][ T5839] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 170.137728][ T5839] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 170.139843][ T5843] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 170.152230][ T5843] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 170.152279][ T5839] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 170.159532][ T5843] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 170.167351][ T5839] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 170.174144][ T5843] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 170.180879][ T5839] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 170.187786][ T5843] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 170.194578][ T5839] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 170.201468][ T5843] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 172.092451][ T5146] Bluetooth: hci3: command tx timeout [ 172.172478][ T5146] Bluetooth: hci6: command tx timeout [ 172.252434][ T5146] Bluetooth: hci8: command tx timeout [ 172.262489][ T5146] Bluetooth: hci7: command tx timeout [ 174.172470][ T5835] Bluetooth: hci3: command tx timeout [ 174.252496][ T5835] Bluetooth: hci6: command tx timeout [ 174.332452][ T5835] Bluetooth: hci7: command tx timeout [ 174.332513][ T5839] Bluetooth: hci8: command tx timeout [ 176.012610][ T5839] Bluetooth: hci1: command 0x0406 tx timeout [ 176.012745][ T5835] Bluetooth: hci2: command 0x0406 tx timeout [ 176.252458][ T5843] Bluetooth: hci3: command tx timeout [ 176.332522][ T5843] Bluetooth: hci6: command tx timeout [ 176.412492][ T5843] Bluetooth: hci8: command tx timeout [ 176.422534][ T5843] Bluetooth: hci7: command tx timeout [ 178.412570][ T5843] Bluetooth: hci6: command tx timeout [ 178.492447][ T5843] Bluetooth: hci7: command tx timeout [ 178.492488][ T5146] Bluetooth: hci8: command tx timeout [ 194.414239][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.420546][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 211.985520][ T5843] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 211.992789][ T5843] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 211.999955][ T5843] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 212.007886][ T5843] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 212.015785][ T5843] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 212.023005][ T5843] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 214.092434][ T5843] Bluetooth: hci9: command tx timeout [ 216.172470][ T5843] Bluetooth: hci9: command tx timeout [ 218.252515][ T5843] Bluetooth: hci9: command tx timeout [ 220.332454][ T5843] Bluetooth: hci9: command tx timeout [ 228.014652][ T5146] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 228.021946][ T5146] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 228.029313][ T5146] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 228.037048][ T5146] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 228.044706][ T5146] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 228.052018][ T5146] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 230.092484][ T5146] Bluetooth: hci10: command tx timeout [ 230.612693][ T5843] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 230.619984][ T5843] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 230.627361][ T5843] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 230.635007][ T5843] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 230.642559][ T5843] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3 [ 230.650189][ T5843] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 230.683142][ T5843] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 230.690467][ T5843] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 230.697805][ T5843] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 230.705519][ T5843] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 230.713048][ T5843] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3 [ 230.720361][ T5843] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 230.730951][ T5843] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 230.738348][ T5843] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 230.745677][ T5843] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 230.754634][ T5843] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 230.762119][ T5843] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3 [ 230.769536][ T5843] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 232.172440][ T5843] Bluetooth: hci10: command tx timeout [ 232.732514][ T5843] Bluetooth: hci11: command tx timeout [ 232.732535][ T5146] Bluetooth: hci12: command tx timeout [ 232.822482][ T5843] Bluetooth: hci13: command tx timeout [ 234.252440][ T5843] Bluetooth: hci10: command tx timeout [ 234.812507][ T5843] Bluetooth: hci12: command tx timeout [ 234.822472][ T5843] Bluetooth: hci11: command tx timeout [ 234.892492][ T5843] Bluetooth: hci13: command tx timeout [ 236.332469][ T5843] Bluetooth: hci10: command tx timeout [ 236.892526][ T5843] Bluetooth: hci11: command tx timeout [ 236.892551][ T5146] Bluetooth: hci12: command tx timeout [ 236.972479][ T5146] Bluetooth: hci13: command tx timeout [ 238.972510][ T5843] Bluetooth: hci11: command tx timeout [ 238.972577][ T5146] Bluetooth: hci12: command tx timeout [ 239.052434][ T5146] Bluetooth: hci13: command tx timeout [ 255.854688][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.860959][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 272.580639][ T5835] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 272.587989][ T5835] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 272.595399][ T5835] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 272.603153][ T5835] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 272.610627][ T5835] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3 [ 272.618028][ T5835] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 273.292475][ T5835] Bluetooth: hci4: command 0x0406 tx timeout [ 274.652657][ T5146] Bluetooth: hci14: command tx timeout [ 276.732439][ T5839] Bluetooth: hci14: command tx timeout [ 278.412654][ T5839] Bluetooth: hci5: command 0x0406 tx timeout [ 278.412658][ T5843] Bluetooth: hci0: command 0x0406 tx timeout [ 278.812487][ T5146] Bluetooth: hci14: command tx timeout [ 280.892459][ T5146] Bluetooth: hci14: command tx timeout [ 288.097489][ T5835] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 288.104964][ T5835] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 288.112217][ T5835] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 288.120094][ T5835] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 288.127597][ T5835] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3 [ 288.134999][ T5835] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2 [ 290.172460][ T5835] Bluetooth: hci15: command tx timeout [ 290.692454][ T5146] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1 [ 290.699751][ T5146] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9 [ 290.707079][ T5146] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9 [ 290.714987][ T5146] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4 [ 290.722755][ T5146] Bluetooth: hci16: unexpected cc 0x0c25 length: 249 > 3 [ 290.729990][ T5146] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2 [ 290.767766][ T5146] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1 [ 290.775382][ T5146] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9 [ 290.779325][ T5843] Bluetooth: hci18: unexpected cc 0x0c03 length: 249 > 1 [ 290.782727][ T5146] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9 [ 290.789942][ T5843] Bluetooth: hci18: unexpected cc 0x1003 length: 249 > 9 [ 290.797454][ T5146] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4 [ 290.804174][ T5843] Bluetooth: hci18: unexpected cc 0x1001 length: 249 > 9 [ 290.811289][ T5146] Bluetooth: hci17: unexpected cc 0x0c25 length: 249 > 3 [ 290.818703][ T5843] Bluetooth: hci18: unexpected cc 0x0c23 length: 249 > 4 [ 290.825383][ T5146] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2 [ 290.832376][ T5843] Bluetooth: hci18: unexpected cc 0x0c25 length: 249 > 3 [ 290.846438][ T5843] Bluetooth: hci18: unexpected cc 0x0c38 length: 249 > 2 [ 292.252469][ T5836] Bluetooth: hci15: command tx timeout [ 292.812463][ T5836] Bluetooth: hci16: command tx timeout [ 292.892478][ T5836] Bluetooth: hci18: command tx timeout [ 292.892549][ T53] Bluetooth: hci17: command tx timeout [ 293.772532][ T53] Bluetooth: hci3: command 0x0406 tx timeout [ 293.772739][ T5836] Bluetooth: hci6: command 0x0406 tx timeout [ 293.778552][ T5834] Bluetooth: hci8: command 0x0406 tx timeout [ 293.784878][ T5844] Bluetooth: hci7: command 0x0406 tx timeout [ 294.332447][ T5843] Bluetooth: hci15: command tx timeout [ 294.892446][ T5843] Bluetooth: hci16: command tx timeout [ 294.972502][ T5843] Bluetooth: hci17: command tx timeout [ 294.982482][ T5843] Bluetooth: hci18: command tx timeout [ 296.412599][ T5843] Bluetooth: hci15: command tx timeout [ 296.972450][ T5843] Bluetooth: hci16: command tx timeout [ 297.052504][ T5843] Bluetooth: hci17: command tx timeout [ 297.062520][ T5843] Bluetooth: hci18: command tx timeout [ 299.052531][ T5843] Bluetooth: hci16: command tx timeout [ 299.132486][ T5843] Bluetooth: hci17: command tx timeout [ 299.132485][ T5839] Bluetooth: hci18: command tx timeout [ 316.012528][ T30] INFO: task kworker/u8:0:11 blocked for more than 143 seconds. [ 316.020192][ T30] Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0 [ 316.027574][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 316.036254][ T30] task:kworker/u8:0 state:D stack:23280 pid:11 tgid:11 ppid:2 flags:0x00004000 [ 316.046529][ T30] Workqueue: netns cleanup_net [ 316.051303][ T30] Call Trace: [ 316.054892][ T30] [ 316.057844][ T30] __schedule+0x186c/0x4be0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 316.062412][ T30] ? schedule+0x90/0x320 [ 316.066672][ T30] ? schedule+0x90/0x320 [ 316.070924][ T30] ? __pfx___schedule+0x10/0x10 [ 316.075829][ T30] ? __pfx_lock_release+0x10/0x10 [ 316.081034][ T30] ? rcu_is_watching+0x15/0xb0 [ 316.085870][ T30] ? kthread_data+0x52/0xd0 [ 316.090379][ T30] ? schedule+0x90/0x320 [ 316.094785][ T30] ? wq_worker_sleeping+0x66/0x240 [ 316.099907][ T30] ? schedule+0x90/0x320 [ 316.122417][ T30] schedule+0x14b/0x320 [ 316.126600][ T30] schedule_preempt_disabled+0x13/0x30 [ 316.132069][ T30] __mutex_lock+0x817/0x1010 [ 316.138663][ T30] ? __mutex_lock+0x602/0x1010 [ 316.143657][ T30] ? unregister_netdevice_many_notify+0xac2/0x2030 [ 316.150148][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 316.155408][ T30] ? __pfx___might_resched+0x10/0x10 [ 316.160699][ T30] ? unregister_netdevice_many_notify+0x9fa/0x2030 [ 316.167212][ T30] ? rcu_is_watching+0x15/0xb0 [ 316.171958][ T30] ? unregister_netdevice_many_notify+0x9fa/0x2030 [ 316.178493][ T30] unregister_netdevice_many_notify+0xac2/0x2030 [ 316.184827][ T30] ? rcu_is_watching+0x15/0xb0 [ 316.189574][ T30] ? lock_release+0xbf/0xa30 [ 316.194186][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 316.200514][ T30] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 316.207288][ T30] ? rcu_is_watching+0x15/0xb0 [ 316.212037][ T30] ? __pfx_lock_release+0x10/0x10 [ 316.217061][ T30] unregister_netdevice_queue+0x303/0x370 [ 316.222789][ T30] ? __pfx_up_write+0x10/0x10 [ 316.227445][ T30] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 316.233684][ T30] ? kernfs_remove_by_name_ns+0x11b/0x160 [ 316.239385][ T30] _cfg80211_unregister_wdev+0x163/0x590 [ 316.245057][ T30] ieee80211_remove_interfaces+0x4ef/0x700 [ 316.250865][ T30] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 316.257434][ T30] ? rcu_is_watching+0x15/0xb0 [ 316.262210][ T30] ieee80211_unregister_hw+0x5d/0x2c0 [ 316.267594][ T30] mac80211_hwsim_del_radio+0x2c4/0x4c0 [ 316.273143][ T30] ? __pfx_mac80211_hwsim_del_radio+0x10/0x10 [ 316.279195][ T30] hwsim_exit_net+0x5c1/0x670 [ 316.283879][ T30] ? __pfx_hwsim_exit_net+0x10/0x10 [ 316.289061][ T30] ? __ip_vs_dev_cleanup_batch+0x239/0x260 [ 316.294873][ T30] cleanup_net+0x812/0xd60 [ 316.299269][ T30] ? __pfx_cleanup_net+0x10/0x10 [ 316.304209][ T30] ? rcu_is_watching+0x15/0xb0 [ 316.308957][ T30] ? process_scheduled_works+0x976/0x1840 [ 316.314679][ T30] process_scheduled_works+0xa66/0x1840 [ 316.320211][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 316.326191][ T30] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 316.331717][ T30] ? assign_work+0x364/0x3d0 [ 316.336372][ T30] worker_thread+0x870/0xd30 [ 316.340947][ T30] ? __kthread_parkme+0x169/0x1d0 [ 316.346005][ T30] ? __pfx_worker_thread+0x10/0x10 [ 316.351102][ T30] kthread+0x7a9/0x920 [ 316.355175][ T30] ? __pfx_kthread+0x10/0x10 [ 316.360011][ T30] ? __pfx_worker_thread+0x10/0x10 [ 316.365179][ T30] ? __pfx_kthread+0x10/0x10 [ 316.369768][ T30] ? __pfx_kthread+0x10/0x10 [ 316.374365][ T30] ? __pfx_kthread+0x10/0x10 [ 316.378949][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 316.384157][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 316.389338][ T30] ? __pfx_kthread+0x10/0x10 [ 316.393936][ T30] ret_from_fork+0x4b/0x80 [ 316.398336][ T30] ? __pfx_kthread+0x10/0x10 [ 316.402929][ T30] ret_from_fork_asm+0x1a/0x30 [ 316.407681][ T30] [ 316.410702][ T30] INFO: task kworker/u8:3:55 blocked for more than 143 seconds. [ 316.418349][ T30] Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0 [ 316.425676][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 316.434363][ T30] task:kworker/u8:3 state:D stack:22224 pid:55 tgid:55 ppid:2 flags:0x00004000 [ 316.444543][ T30] Workqueue: ipv6_addrconf addrconf_dad_work [ 316.450511][ T30] Call Trace: [ 316.453792][ T30] [ 316.456706][ T30] __schedule+0x186c/0x4be0 [ 316.461518][ T30] ? schedule+0x90/0x320 [ 316.465817][ T30] ? schedule+0x90/0x320 [ 316.470045][ T30] ? __pfx___schedule+0x10/0x10 [ 316.474913][ T30] ? __pfx_lock_release+0x10/0x10 [ 316.479925][ T30] ? rcu_is_watching+0x15/0xb0 [ 316.484705][ T30] ? kthread_data+0x52/0xd0 [ 316.489192][ T30] ? schedule+0x90/0x320 [ 316.493484][ T30] ? wq_worker_sleeping+0x66/0x240 [ 316.498578][ T30] ? schedule+0x90/0x320 [ 316.502836][ T30] schedule+0x14b/0x320 [ 316.506978][ T30] schedule_preempt_disabled+0x13/0x30 [ 316.512451][ T30] __mutex_lock+0x817/0x1010 [ 316.517026][ T30] ? __mutex_lock+0x602/0x1010 [ 316.521773][ T30] ? addrconf_dad_work+0x10e/0x16a0 [ 316.526980][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 316.531992][ T30] addrconf_dad_work+0x10e/0x16a0 [ 316.537016][ T30] ? __pfx_lock_release+0x10/0x10 [ 316.542020][ T30] ? __pfx_addrconf_dad_work+0x10/0x10 [ 316.547533][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 316.553895][ T30] ? rcu_is_watching+0x15/0xb0 [ 316.558652][ T30] ? process_scheduled_works+0x976/0x1840 [ 316.564658][ T30] process_scheduled_works+0xa66/0x1840 [ 316.570220][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 316.576204][ T30] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 316.581735][ T30] ? assign_work+0x364/0x3d0 [ 316.586331][ T30] worker_thread+0x870/0xd30 [ 316.590908][ T30] ? __kthread_parkme+0x169/0x1d0 [ 316.595944][ T30] ? __pfx_worker_thread+0x10/0x10 [ 316.601038][ T30] kthread+0x7a9/0x920 [ 316.605126][ T30] ? __pfx_kthread+0x10/0x10 [ 316.609708][ T30] ? __pfx_worker_thread+0x10/0x10 [ 316.614831][ T30] ? __pfx_kthread+0x10/0x10 [ 316.619405][ T30] ? __pfx_kthread+0x10/0x10 [ 316.624001][ T30] ? __pfx_kthread+0x10/0x10 [ 316.628573][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 316.633789][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 316.638984][ T30] ? __pfx_kthread+0x10/0x10 [ 316.643580][ T30] ret_from_fork+0x4b/0x80 [ 316.647980][ T30] ? __pfx_kthread+0x10/0x10 [ 316.652609][ T30] ret_from_fork_asm+0x1a/0x30 [ 316.657361][ T30] [ 316.660441][ T30] INFO: task kworker/u8:7:3487 blocked for more than 144 seconds. [ 316.668501][ T30] Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0 [ 316.675903][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 316.684608][ T30] task:kworker/u8:7 state:D stack:21744 pid:3487 tgid:3487 ppid:2 flags:0x00004000 [ 316.694803][ T30] Workqueue: events_unbound linkwatch_event [ 316.700685][ T30] Call Trace: [ 316.703990][ T30] [ 316.706920][ T30] __schedule+0x186c/0x4be0 [ 316.711412][ T30] ? schedule+0x90/0x320 [ 316.715672][ T30] ? schedule+0x90/0x320 [ 316.719902][ T30] ? __pfx___schedule+0x10/0x10 [ 316.724765][ T30] ? __pfx_lock_release+0x10/0x10 [ 316.729773][ T30] ? rcu_is_watching+0x15/0xb0 [ 316.734602][ T30] ? kthread_data+0x52/0xd0 [ 316.739086][ T30] ? schedule+0x90/0x320 [ 316.743335][ T30] ? wq_worker_sleeping+0x66/0x240 [ 316.748430][ T30] ? schedule+0x90/0x320 [ 316.752668][ T30] schedule+0x14b/0x320 [ 316.756809][ T30] schedule_preempt_disabled+0x13/0x30 [ 316.762268][ T30] __mutex_lock+0x817/0x1010 [ 316.766867][ T30] ? __mutex_lock+0x602/0x1010 [ 316.771908][ T30] ? linkwatch_event+0xe/0x60 [ 316.776617][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 316.781628][ T30] ? __pfx_debug_object_deactivate+0x10/0x10 [ 316.787622][ T30] ? rcu_is_watching+0x15/0xb0 [ 316.792404][ T30] ? process_scheduled_works+0x976/0x1840 [ 316.798121][ T30] linkwatch_event+0xe/0x60 [ 316.802632][ T30] process_scheduled_works+0xa66/0x1840 [ 316.808168][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 316.814219][ T30] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 316.819748][ T30] ? assign_work+0x364/0x3d0 [ 316.824365][ T30] worker_thread+0x870/0xd30 [ 316.828959][ T30] ? __kthread_parkme+0x169/0x1d0 [ 316.833985][ T30] ? __pfx_worker_thread+0x10/0x10 [ 316.839077][ T30] kthread+0x7a9/0x920 [ 316.843153][ T30] ? __pfx_kthread+0x10/0x10 [ 316.847726][ T30] ? __pfx_worker_thread+0x10/0x10 [ 316.852835][ T30] ? __pfx_kthread+0x10/0x10 [ 316.857404][ T30] ? __pfx_kthread+0x10/0x10 [ 316.861974][ T30] ? __pfx_kthread+0x10/0x10 [ 316.866565][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 316.872060][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 316.877295][ T30] ? __pfx_kthread+0x10/0x10 [ 316.881868][ T30] ret_from_fork+0x4b/0x80 [ 316.886305][ T30] ? __pfx_kthread+0x10/0x10 [ 316.890877][ T30] ret_from_fork_asm+0x1a/0x30 [ 316.895755][ T30] [ 316.898832][ T30] INFO: task syz-executor:13605 blocked for more than 144 seconds. [ 316.906865][ T30] Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0 [ 316.914153][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 316.922823][ T30] task:syz-executor state:D stack:22128 pid:13605 tgid:13605 ppid:1 flags:0x00004006 [ 316.932987][ T30] Call Trace: [ 316.936246][ T30] [ 316.939157][ T30] __schedule+0x186c/0x4be0 [ 316.943672][ T30] ? schedule+0x90/0x320 [ 316.947901][ T30] ? schedule+0x90/0x320 [ 316.952127][ T30] ? __pfx___schedule+0x10/0x10 [ 316.956975][ T30] ? __pfx_lock_release+0x10/0x10 [ 316.961980][ T30] ? rcu_is_watching+0x15/0xb0 [ 316.966749][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 316.972715][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 316.979283][ T30] ? schedule+0x90/0x320 [ 316.983585][ T30] schedule+0x14b/0x320 [ 316.987742][ T30] schedule_preempt_disabled+0x13/0x30 [ 316.993208][ T30] __mutex_lock+0x817/0x1010 [ 316.997784][ T30] ? __mutex_lock+0x602/0x1010 [ 317.002559][ T30] ? reg_process_self_managed_hints+0xb9/0x1c0 [ 317.008695][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 317.013721][ T30] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 317.019687][ T30] reg_process_self_managed_hints+0xb9/0x1c0 [ 317.025675][ T30] wiphy_register+0x1be5/0x27b0 [ 317.030512][ T30] ? __pfx_wiphy_register+0x10/0x10 [ 317.035715][ T30] ? minstrel_ht_alloc+0x72b/0x860 [ 317.040812][ T30] ? ieee80211_init_rate_ctrl_alg+0x5a2/0x620 [ 317.046888][ T30] ieee80211_register_hw+0x354e/0x4240 [ 317.052336][ T30] ? ieee80211_register_hw+0x15f1/0x4240 [ 317.057996][ T30] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 317.063837][ T30] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 317.069633][ T30] ? __asan_memset+0x23/0x50 [ 317.074226][ T30] ? __hrtimer_init+0x170/0x250 [ 317.079346][ T30] mac80211_hwsim_new_radio+0x2a9f/0x4a90 [ 317.085104][ T30] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 317.091157][ T30] hwsim_new_radio_nl+0xece/0x2290 [ 317.096274][ T30] ? __pfx___nla_validate_parse+0x10/0x10 [ 317.101974][ T30] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 317.107535][ T30] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 317.113873][ T30] genl_rcv_msg+0xb14/0xec0 [ 317.118368][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 317.123400][ T30] ? stack_trace_save+0x118/0x1d0 [ 317.128405][ T30] ? __pfx_stack_trace_save+0x10/0x10 [ 317.133927][ T30] ? stack_depot_save_flags+0x37/0x940 [ 317.139386][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 317.144418][ T30] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 317.149944][ T30] ? __pfx___might_resched+0x10/0x10 [ 317.155230][ T30] ? rcu_is_watching+0x15/0xb0 [ 317.159980][ T30] ? lock_acquire+0xe3/0x550 [ 317.164575][ T30] netlink_rcv_skb+0x1e3/0x430 [ 317.169318][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 317.174350][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 317.179847][ T30] ? lock_release+0xbf/0xa30 [ 317.184475][ T30] ? __pfx___netlink_lookup+0x10/0x10 [ 317.189832][ T30] ? net_generic+0x1f/0x240 [ 317.194357][ T30] genl_rcv+0x28/0x40 [ 317.198338][ T30] netlink_unicast+0x7f6/0x990 [ 317.203111][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 317.208374][ T30] ? __virt_addr_valid+0x45f/0x530 [ 317.213547][ T30] ? __phys_addr_symbol+0x2f/0x70 [ 317.218564][ T30] ? __check_object_size+0x47a/0x730 [ 317.223895][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 317.228659][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 317.233951][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 317.238951][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 317.244241][ T30] __sock_sendmsg+0x221/0x270 [ 317.248902][ T30] __sys_sendto+0x363/0x4c0 [ 317.253455][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 317.258533][ T30] ? __phys_addr+0xba/0x170 [ 317.263049][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 317.269357][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 317.275775][ T30] ? rcu_is_watching+0x15/0xb0 [ 317.280896][ T30] __x64_sys_sendto+0xde/0x100 [ 317.285755][ T30] do_syscall_64+0xf3/0x230 [ 317.290287][ T30] ? clear_bhb_loop+0x35/0x90 [ 317.296924][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.297055][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 317.303394][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.309138][ T30] RIP: 0033:0x7f555578ec3c [ 317.319796][ T30] RSP: 002b:00007ffc723e83e0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 317.328219][ T30] RAX: ffffffffffffffda RBX: 00007f55564d4620 RCX: 00007f555578ec3c [ 317.336376][ T30] RDX: 0000000000000024 RSI: 00007f55564d4670 RDI: 0000000000000003 [ 317.344643][ T30] RBP: 0000000000000000 R08: 00007ffc723e8434 R09: 000000000000000c [ 317.352636][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 317.360634][ T30] R13: 0000000000000000 R14: 00007f55564d4670 R15: 0000000000000000 [ 317.368621][ T30] [ 317.371633][ T30] INFO: task syz.0.2813:13613 blocked for more than 144 seconds. [ 317.379415][ T30] Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0 [ 317.387055][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 317.395815][ T30] task:syz.0.2813 state:D stack:25776 pid:13613 tgid:13608 ppid:5837 flags:0x00004006 [ 317.406016][ T30] Call Trace: [ 317.409280][ T30] [ 317.412193][ T30] __schedule+0x186c/0x4be0 [ 317.416738][ T30] ? schedule+0x90/0x320 [ 317.420972][ T30] ? schedule+0x90/0x320 [ 317.425212][ T30] ? __pfx___schedule+0x10/0x10 [ 317.430057][ T30] ? __pfx_lock_release+0x10/0x10 [ 317.435118][ T30] ? rcu_is_watching+0x15/0xb0 [ 317.439875][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 317.445776][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 317.452091][ T30] ? schedule+0x90/0x320 [ 317.456439][ T30] schedule+0x14b/0x320 [ 317.460595][ T30] schedule_preempt_disabled+0x13/0x30 [ 317.466079][ T30] __mutex_lock+0x817/0x1010 [ 317.470670][ T30] ? __mutex_lock+0x602/0x1010 [ 317.475466][ T30] ? mpls_net_exit+0x7d/0x2a0 [ 317.480142][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 317.485557][ T30] ? mpls_net_exit+0x78/0x2a0 [ 317.490247][ T30] ? mpls_net_exit+0x78/0x2a0 [ 317.494959][ T30] mpls_net_exit+0x7d/0x2a0 [ 317.499456][ T30] setup_net+0x794/0x9e0 [ 317.503763][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 317.509311][ T30] ? __pfx_setup_net+0x10/0x10 [ 317.514090][ T30] copy_net_ns+0x33f/0x570 [ 317.518492][ T30] create_new_namespaces+0x425/0x7b0 [ 317.523781][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 317.529482][ T30] ksys_unshare+0x57d/0xa70 [ 317.534024][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 317.539033][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 317.545376][ T30] ? rcu_is_watching+0x15/0xb0 [ 317.550124][ T30] __x64_sys_unshare+0x38/0x40 [ 317.554886][ T30] do_syscall_64+0xf3/0x230 [ 317.559368][ T30] ? clear_bhb_loop+0x35/0x90 [ 317.564048][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 317.569920][ T30] RIP: 0033:0x7f01a538cda9 [ 317.574354][ T30] RSP: 002b:00007f01a61b1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 317.582776][ T30] RAX: ffffffffffffffda RBX: 00007f01a55a6160 RCX: 00007f01a538cda9 [ 317.590983][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000062040200 [ 317.598974][ T30] RBP: 00007f01a540e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 317.606975][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 317.614988][ T30] R13: 0000000000000001 R14: 00007f01a55a6160 R15: 00007ffecc1e2ba8 [ 317.622978][ T30] [ 317.626007][ T30] INFO: task syz.2.2827:13659 blocked for more than 144 seconds. [ 317.633863][ T30] Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0 [ 317.641135][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 317.649805][ T30] task:syz.2.2827 state:D stack:26320 pid:13659 tgid:13658 ppid:5831 flags:0x00000004 [ 317.660007][ T30] Call Trace: [ 317.663306][ T30] [ 317.666220][ T30] __schedule+0x186c/0x4be0 [ 317.670708][ T30] ? schedule+0x90/0x320 [ 317.674948][ T30] ? schedule+0x90/0x320 [ 317.679174][ T30] ? __pfx___schedule+0x10/0x10 [ 317.684054][ T30] ? __pfx_lock_release+0x10/0x10 [ 317.689065][ T30] ? rcu_is_watching+0x15/0xb0 [ 317.694070][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 317.699975][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 317.706317][ T30] ? schedule+0x90/0x320 [ 317.710543][ T30] schedule+0x14b/0x320 [ 317.714706][ T30] schedule_preempt_disabled+0x13/0x30 [ 317.720146][ T30] __mutex_lock+0x817/0x1010 [ 317.724750][ T30] ? __mutex_lock+0x602/0x1010 [ 317.729499][ T30] ? rtnl_newlink+0xce2/0x2210 [ 317.734293][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 317.739319][ T30] ? ns_capable+0x8a/0xf0 [ 317.743671][ T30] ? rtnl_link_get_net_capable+0x168/0x340 [ 317.749470][ T30] rtnl_newlink+0xce2/0x2210 [ 317.754068][ T30] ? __pfx_rtnl_newlink+0x10/0x10 [ 317.759080][ T30] ? page_ext_get+0x20/0x2a0 [ 317.763683][ T30] ? rcu_read_lock_held+0xa/0x50 [ 317.768603][ T30] ? rcu_is_watching+0x15/0xb0 [ 317.773429][ T30] ? lock_release+0xbf/0xa30 [ 317.778006][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 317.783037][ T30] ? deref_stack_reg+0x17c/0x210 [ 317.787962][ T30] ? __pfx_lock_release+0x10/0x10 [ 317.793284][ T30] ? stack_trace_save+0x118/0x1d0 [ 317.798313][ T30] ? unwind_next_frame+0x18e6/0x22d0 [ 317.803611][ T30] ? deref_stack_reg+0x17c/0x210 [ 317.808532][ T30] ? preempt_count_add+0x93/0x190 [ 317.813556][ T30] ? 0xffffffffa0000954 [ 317.817688][ T30] ? is_bpf_text_address+0x285/0x2a0 [ 317.822987][ T30] ? is_bpf_text_address+0x26/0x2a0 [ 317.828174][ T30] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 317.834322][ T30] ? kernel_text_address+0xa7/0xe0 [ 317.839417][ T30] ? __kernel_text_address+0xd/0x40 [ 317.844634][ T30] ? rcu_is_watching+0x15/0xb0 [ 317.849383][ T30] ? lock_release+0xbf/0xa30 [ 317.854046][ T30] ? __pfx_aa_get_newest_label+0x10/0x10 [ 317.859663][ T30] ? __pfx_lock_release+0x10/0x10 [ 317.864691][ T30] ? bpf_lsm_capable+0x9/0x10 [ 317.869348][ T30] ? security_capable+0x7e/0x2d0 [ 317.874311][ T30] ? __pfx_rtnl_newlink+0x10/0x10 [ 317.879318][ T30] rtnetlink_rcv_msg+0x791/0xcf0 [ 317.884259][ T30] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 317.889353][ T30] ? lock_release+0xbf/0xa30 [ 317.893938][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 317.899612][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 317.904673][ T30] ? rcu_is_watching+0x15/0xb0 [ 317.909422][ T30] ? lock_acquire+0xe3/0x550 [ 317.914033][ T30] netlink_rcv_skb+0x1e3/0x430 [ 317.918796][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 317.924267][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 317.929536][ T30] ? net_generic+0x1f/0x240 [ 317.934197][ T30] ? netlink_deliver_tap+0x2e/0x1b0 [ 317.939394][ T30] netlink_unicast+0x7f6/0x990 [ 317.944239][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 317.949513][ T30] ? __virt_addr_valid+0x45f/0x530 [ 317.954652][ T30] ? __phys_addr_symbol+0x2f/0x70 [ 317.959672][ T30] ? __check_object_size+0x47a/0x730 [ 317.964963][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 317.969710][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 317.975034][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 317.979964][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 317.985248][ T30] __sock_sendmsg+0x221/0x270 [ 317.989912][ T30] ____sys_sendmsg+0x52a/0x7e0 [ 317.994677][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 318.000286][ T30] ? __fget_files+0x2a/0x410 [ 318.004915][ T30] ? __fget_files+0x2a/0x410 [ 318.009490][ T30] __sys_sendmsg+0x269/0x350 [ 318.014246][ T30] ? __pfx___sys_sendmsg+0x10/0x10 [ 318.019354][ T30] ? lock_release+0xbf/0xa30 [ 318.023968][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 318.030275][ T30] ? rcu_is_watching+0x15/0xb0 [ 318.035061][ T30] ? rcu_is_watching+0x15/0xb0 [ 318.039826][ T30] do_syscall_64+0xf3/0x230 [ 318.044347][ T30] ? clear_bhb_loop+0x35/0x90 [ 318.049010][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 318.054958][ T30] RIP: 0033:0x7fc7bbd8cda9 [ 318.059374][ T30] RSP: 002b:00007fc7bcb3f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 318.067814][ T30] RAX: ffffffffffffffda RBX: 00007fc7bbfa5fa0 RCX: 00007fc7bbd8cda9 [ 318.075799][ T30] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000006 [ 318.083778][ T30] RBP: 00007fc7bbe0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 318.091734][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 318.100058][ T30] R13: 0000000000000000 R14: 00007fc7bbfa5fa0 R15: 00007ffdba9084a8 [ 318.108086][ T30] [ 318.111127][ T30] INFO: task syz.2.2827:13662 blocked for more than 145 seconds. [ 318.119077][ T30] Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0 [ 318.126453][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 318.135138][ T30] task:syz.2.2827 state:D stack:24400 pid:13662 tgid:13658 ppid:5831 flags:0x00000004 [ 318.145304][ T30] Call Trace: [ 318.148564][ T30] [ 318.151476][ T30] __schedule+0x186c/0x4be0 [ 318.155984][ T30] ? schedule+0x90/0x320 [ 318.160206][ T30] ? schedule+0x90/0x320 [ 318.164452][ T30] ? __pfx___schedule+0x10/0x10 [ 318.169287][ T30] ? __pfx_lock_release+0x10/0x10 [ 318.174345][ T30] ? rcu_is_watching+0x15/0xb0 [ 318.179097][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 318.185217][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 318.191558][ T30] ? schedule+0x90/0x320 [ 318.195836][ T30] schedule+0x14b/0x320 [ 318.199988][ T30] schedule_preempt_disabled+0x13/0x30 [ 318.205762][ T30] __mutex_lock+0x817/0x1010 [ 318.210361][ T30] ? __mutex_lock+0x602/0x1010 [ 318.215216][ T30] ? dev_ethtool+0x21e/0x1bc0 [ 318.219915][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 318.224944][ T30] ? __kasan_kmalloc+0x98/0xb0 [ 318.229693][ T30] ? __kmalloc_cache_noprof+0x243/0x390 [ 318.235373][ T30] ? dev_ethtool+0x145/0x1bc0 [ 318.240054][ T30] dev_ethtool+0x21e/0x1bc0 [ 318.244661][ T30] ? lock_release+0xbf/0xa30 [ 318.249255][ T30] ? __pfx_lock_release+0x10/0x10 [ 318.254278][ T30] ? __pfx_dev_ethtool+0x10/0x10 [ 318.259200][ T30] ? __pfx_lock_release+0x10/0x10 [ 318.264230][ T30] ? tomoyo_path_number_perm+0x679/0x860 [ 318.269846][ T30] ? tomoyo_path_number_perm+0x679/0x860 [ 318.275531][ T30] ? dev_load+0x21/0x1f0 [ 318.279773][ T30] dev_ioctl+0x785/0x1340 [ 318.284126][ T30] sock_do_ioctl+0x240/0x460 [ 318.288715][ T30] ? __pfx_sock_do_ioctl+0x10/0x10 [ 318.293847][ T30] sock_ioctl+0x626/0x8e0 [ 318.298183][ T30] ? __pfx_sock_ioctl+0x10/0x10 [ 318.303065][ T30] ? __fget_files+0x2a/0x410 [ 318.307893][ T30] ? __fget_files+0x2a/0x410 [ 318.312640][ T30] ? __pfx_sock_ioctl+0x10/0x10 [ 318.317498][ T30] __se_sys_ioctl+0xf5/0x170 [ 318.322083][ T30] do_syscall_64+0xf3/0x230 [ 318.326599][ T30] ? clear_bhb_loop+0x35/0x90 [ 318.331258][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 318.337167][ T30] RIP: 0033:0x7fc7bbd8cda9 [ 318.341563][ T30] RSP: 002b:00007fc7bcb1e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 318.350003][ T30] RAX: ffffffffffffffda RBX: 00007fc7bbfa6080 RCX: 00007fc7bbd8cda9 [ 318.357981][ T30] RDX: 0000000020000b00 RSI: 0000000000008946 RDI: 0000000000000003 [ 318.365954][ T30] RBP: 00007fc7bbe0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 318.373927][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 318.381877][ T30] R13: 0000000000000000 R14: 00007fc7bbfa6080 R15: 00007ffdba9084a8 [ 318.389861][ T30] [ 318.392893][ T30] INFO: task syz.1.2828:13661 blocked for more than 145 seconds. [ 318.400596][ T30] Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0 [ 318.408148][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 318.416930][ T30] task:syz.1.2828 state:D stack:27088 pid:13661 tgid:13660 ppid:13538 flags:0x00000004 [ 318.427118][ T30] Call Trace: [ 318.430379][ T30] [ 318.433306][ T30] __schedule+0x186c/0x4be0 [ 318.437804][ T30] ? schedule+0x90/0x320 [ 318.442025][ T30] ? schedule+0x90/0x320 [ 318.446278][ T30] ? __pfx___schedule+0x10/0x10 [ 318.451113][ T30] ? __pfx_lock_release+0x10/0x10 [ 318.456160][ T30] ? rcu_is_watching+0x15/0xb0 [ 318.460936][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 318.466842][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 318.473169][ T30] ? rcu_is_watching+0x15/0xb0 [ 318.477919][ T30] ? schedule+0x90/0x320 [ 318.482141][ T30] schedule+0x14b/0x320 [ 318.486294][ T30] schedule_preempt_disabled+0x13/0x30 [ 318.491756][ T30] __mutex_lock+0x817/0x1010 [ 318.496372][ T30] ? __mutex_lock+0x602/0x1010 [ 318.501137][ T30] ? genl_rcv_msg+0x121/0xec0 [ 318.505830][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 318.511132][ T30] ? 0xffffffffa0000954 [ 318.515303][ T30] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 318.521440][ T30] ? kernel_text_address+0xa7/0xe0 [ 318.526547][ T30] ? __kernel_text_address+0xd/0x40 [ 318.531750][ T30] ? radix_tree_lookup+0x238/0x290 [ 318.536872][ T30] genl_rcv_msg+0x121/0xec0 [ 318.541364][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 318.546395][ T30] ? stack_trace_save+0x118/0x1d0 [ 318.551407][ T30] ? __pfx_stack_trace_save+0x10/0x10 [ 318.556782][ T30] ? stack_depot_save_flags+0x37/0x940 [ 318.562222][ T30] ? rcu_is_watching+0x15/0xb0 [ 318.567149][ T30] ? lock_acquire+0xe3/0x550 [ 318.571745][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 318.576911][ T30] ? __pfx___might_resched+0x10/0x10 [ 318.582182][ T30] ? rcu_is_watching+0x15/0xb0 [ 318.586958][ T30] ? lock_acquire+0xe3/0x550 [ 318.591535][ T30] netlink_rcv_skb+0x1e3/0x430 [ 318.596295][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 318.601304][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 318.606592][ T30] ? lock_release+0xbf/0xa30 [ 318.611166][ T30] ? __pfx___netlink_lookup+0x10/0x10 [ 318.616855][ T30] ? net_generic+0x1f/0x240 [ 318.621367][ T30] genl_rcv+0x28/0x40 [ 318.625360][ T30] netlink_unicast+0x7f6/0x990 [ 318.630105][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 318.635384][ T30] ? __virt_addr_valid+0x45f/0x530 [ 318.640475][ T30] ? __phys_addr_symbol+0x2f/0x70 [ 318.645502][ T30] ? __check_object_size+0x47a/0x730 [ 318.650776][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 318.655544][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 318.660810][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 318.665742][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 318.671009][ T30] __sock_sendmsg+0x221/0x270 [ 318.675747][ T30] ____sys_sendmsg+0x52a/0x7e0 [ 318.680516][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 318.685815][ T30] ? __fget_files+0x2a/0x410 [ 318.690394][ T30] ? __fget_files+0x2a/0x410 [ 318.694980][ T30] __sys_sendmsg+0x269/0x350 [ 318.699555][ T30] ? __pfx___sys_sendmsg+0x10/0x10 [ 318.704671][ T30] ? __se_sys_futex+0x3f9/0x480 [ 318.709502][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 318.716217][ T30] ? rcu_is_watching+0x15/0xb0 [ 318.721000][ T30] ? rcu_is_watching+0x15/0xb0 [ 318.725798][ T30] do_syscall_64+0xf3/0x230 [ 318.730304][ T30] ? clear_bhb_loop+0x35/0x90 [ 318.734989][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 318.740862][ T30] RIP: 0033:0x7f0350b8cda9 [ 318.745290][ T30] RSP: 002b:00007f0351921038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 318.753722][ T30] RAX: ffffffffffffffda RBX: 00007f0350da5fa0 RCX: 00007f0350b8cda9 [ 318.761675][ T30] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 318.769639][ T30] RBP: 00007f0350c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 318.777604][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 318.785574][ T30] R13: 0000000000000000 R14: 00007f0350da5fa0 R15: 00007fffba0abd98 [ 318.793544][ T30] [ 318.796552][ T30] INFO: task syz.1.2828:13663 blocked for more than 146 seconds. [ 318.804276][ T30] Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0 [ 318.811532][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 318.820482][ T30] task:syz.1.2828 state:D stack:25104 pid:13663 tgid:13660 ppid:13538 flags:0x00000004 [ 318.830705][ T30] Call Trace: [ 318.834009][ T30] [ 318.836925][ T30] __schedule+0x186c/0x4be0 [ 318.841417][ T30] ? schedule+0x90/0x320 [ 318.845678][ T30] ? schedule+0x90/0x320 [ 318.849903][ T30] ? __pfx___schedule+0x10/0x10 [ 318.854850][ T30] ? __pfx_lock_release+0x10/0x10 [ 318.859868][ T30] ? rcu_is_watching+0x15/0xb0 [ 318.864666][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 318.870547][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 318.876878][ T30] ? schedule+0x90/0x320 [ 318.881102][ T30] schedule+0x14b/0x320 [ 318.885268][ T30] schedule_preempt_disabled+0x13/0x30 [ 318.890709][ T30] __mutex_lock+0x817/0x1010 [ 318.895489][ T30] ? __mutex_lock+0x602/0x1010 [ 318.900268][ T30] ? addrconf_set_dstaddr+0xd3/0x400 [ 318.905588][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 318.910614][ T30] ? kfree+0x196/0x430 [ 318.914685][ T30] ? __se_sys_ioctl+0x46/0x170 [ 318.919758][ T30] ? do_syscall_64+0xf3/0x230 [ 318.924476][ T30] ? __might_fault+0xaa/0x120 [ 318.929160][ T30] addrconf_set_dstaddr+0xd3/0x400 [ 318.934278][ T30] ? __pfx_addrconf_set_dstaddr+0x10/0x10 [ 318.939979][ T30] ? rcu_is_watching+0x15/0xb0 [ 318.944778][ T30] ? lock_release+0xbf/0xa30 [ 318.949362][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 318.955711][ T30] ? __pfx_lock_release+0x10/0x10 [ 318.960727][ T30] inet6_ioctl+0x15d/0x280 [ 318.965158][ T30] ? __pfx_inet6_ioctl+0x10/0x10 [ 318.970091][ T30] ? tomoyo_path_number_perm+0x6f9/0x860 [ 318.975750][ T30] ? tomoyo_path_number_perm+0x206/0x860 [ 318.981362][ T30] sock_do_ioctl+0x158/0x460 [ 318.985961][ T30] ? __pfx_sock_do_ioctl+0x10/0x10 [ 318.991062][ T30] sock_ioctl+0x626/0x8e0 [ 318.995395][ T30] ? __pfx_sock_ioctl+0x10/0x10 [ 319.000227][ T30] ? __fget_files+0x2a/0x410 [ 319.004814][ T30] ? __fget_files+0x2a/0x410 [ 319.009387][ T30] ? __pfx_sock_ioctl+0x10/0x10 [ 319.014240][ T30] __se_sys_ioctl+0xf5/0x170 [ 319.018814][ T30] do_syscall_64+0xf3/0x230 [ 319.023747][ T30] ? clear_bhb_loop+0x35/0x90 [ 319.028432][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 319.034337][ T30] RIP: 0033:0x7f0350b8cda9 [ 319.038747][ T30] RSP: 002b:00007f0351900038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 319.047163][ T30] RAX: ffffffffffffffda RBX: 00007f0350da6080 RCX: 00007f0350b8cda9 [ 319.055203][ T30] RDX: 00000000200002c0 RSI: 0000000000008918 RDI: 0000000000000007 [ 319.063182][ T30] RBP: 00007f0350c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 319.071164][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 319.079144][ T30] R13: 0000000000000000 R14: 00007f0350da6080 R15: 00007fffba0abd98 [ 319.087159][ T30] [ 319.090165][ T30] INFO: task syz.1.2828:13670 blocked for more than 146 seconds. [ 319.097876][ T30] Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0 [ 319.105161][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 319.113821][ T30] task:syz.1.2828 state:D stack:27184 pid:13670 tgid:13660 ppid:13538 flags:0x00000004 [ 319.124357][ T30] Call Trace: [ 319.127639][ T30] [ 319.130555][ T30] __schedule+0x186c/0x4be0 [ 319.135132][ T30] ? schedule+0x90/0x320 [ 319.139372][ T30] ? schedule+0x90/0x320 [ 319.143635][ T30] ? __pfx___schedule+0x10/0x10 [ 319.148493][ T30] ? __pfx_lock_release+0x10/0x10 [ 319.153561][ T30] ? rcu_is_watching+0x15/0xb0 [ 319.158325][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 319.164222][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 319.170531][ T30] ? schedule+0x90/0x320 [ 319.174772][ T30] schedule+0x14b/0x320 [ 319.178914][ T30] schedule_preempt_disabled+0x13/0x30 [ 319.184390][ T30] __mutex_lock+0x817/0x1010 [ 319.188981][ T30] ? __mutex_lock+0x602/0x1010 [ 319.193779][ T30] ? rtnl_dumpit+0x99/0x200 [ 319.198268][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 319.203293][ T30] ? __build_skb_around+0x245/0x3d0 [ 319.208471][ T30] ? __alloc_skb+0x28f/0x440 [ 319.213112][ T30] ? __pfx___alloc_skb+0x10/0x10 [ 319.218050][ T30] ? __pfx_ip6mr_rtm_dumproute+0x10/0x10 [ 319.223690][ T30] rtnl_dumpit+0x99/0x200 [ 319.228288][ T30] netlink_dump+0x64d/0xe10 [ 319.232818][ T30] ? __pfx_netlink_dump+0x10/0x10 [ 319.237824][ T30] ? __netlink_lookup+0x780/0x890 [ 319.242859][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 319.247865][ T30] ? stack_trace_save+0x118/0x1d0 [ 319.252895][ T30] __netlink_dump_start+0x5a2/0x790 [ 319.258077][ T30] ? __pfx_ip6mr_rtm_dumproute+0x10/0x10 [ 319.263724][ T30] rtnetlink_rcv_msg+0xb3d/0xcf0 [ 319.268646][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 319.274123][ T30] ? __pfx_rtnl_dumpit+0x10/0x10 [ 319.279085][ T30] ? __pfx_ip6mr_rtm_dumproute+0x10/0x10 [ 319.284729][ T30] ? lock_acquire+0xe3/0x550 [ 319.289306][ T30] netlink_rcv_skb+0x1e3/0x430 [ 319.294073][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 319.299513][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 319.304802][ T30] ? net_generic+0x1f/0x240 [ 319.309289][ T30] ? netlink_deliver_tap+0x2e/0x1b0 [ 319.314484][ T30] netlink_unicast+0x7f6/0x990 [ 319.319229][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 319.324512][ T30] ? __virt_addr_valid+0x45f/0x530 [ 319.329952][ T30] ? __phys_addr_symbol+0x2f/0x70 [ 319.335007][ T30] ? __check_object_size+0x47a/0x730 [ 319.340300][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 319.345075][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 319.350344][ T30] ? __pfx_aa_file_perm+0x10/0x10 [ 319.355377][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 319.360300][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 319.365597][ T30] __sock_sendmsg+0x221/0x270 [ 319.370261][ T30] sock_write_iter+0x2d7/0x3f0 [ 319.375056][ T30] ? __pfx_sock_write_iter+0x10/0x10 [ 319.380327][ T30] ? bpf_lsm_file_permission+0x9/0x10 [ 319.385695][ T30] ? security_file_permission+0x74/0x280 [ 319.391317][ T30] vfs_write+0xaeb/0xd30 [ 319.395571][ T30] ? __pfx_sock_write_iter+0x10/0x10 [ 319.400838][ T30] ? __pfx_vfs_write+0x10/0x10 [ 319.405620][ T30] ? __fget_files+0x2a/0x410 [ 319.410196][ T30] ? __fget_files+0x2a/0x410 [ 319.414794][ T30] ksys_write+0x18f/0x2b0 [ 319.419105][ T30] ? __pfx_ksys_write+0x10/0x10 [ 319.423963][ T30] ? rcu_is_watching+0x15/0xb0 [ 319.428743][ T30] ? rcu_is_watching+0x15/0xb0 [ 319.433817][ T30] do_syscall_64+0xf3/0x230 [ 319.438321][ T30] ? clear_bhb_loop+0x35/0x90 [ 319.443018][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 319.448910][ T30] RIP: 0033:0x7f0350b8cda9 [ 319.453327][ T30] RSP: 002b:00007f034e9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 319.461726][ T30] RAX: ffffffffffffffda RBX: 00007f0350da6160 RCX: 00007f0350b8cda9 [ 319.469704][ T30] RDX: 0000000000000024 RSI: 0000000020000300 RDI: 0000000000000008 [ 319.477688][ T30] RBP: 00007f0350c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 319.485657][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 319.493625][ T30] R13: 0000000000000000 R14: 00007f0350da6160 R15: 00007fffba0abd98 [ 319.501579][ T30] [ 319.504599][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 319.513625][ T30] INFO: task syz.3.2831:13669 blocked for more than 146 seconds. [ 319.521329][ T30] Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0 [ 319.528614][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 319.537596][ T30] task:syz.3.2831 state:D stack:27760 pid:13669 tgid:13668 ppid:5838 flags:0x00000004 [ 319.547918][ T30] Call Trace: [ 319.551184][ T30] [ 319.554148][ T30] __schedule+0x186c/0x4be0 [ 319.558638][ T30] ? schedule+0x90/0x320 [ 319.562881][ T30] ? schedule+0x90/0x320 [ 319.567110][ T30] ? __pfx___schedule+0x10/0x10 [ 319.571941][ T30] ? __pfx_lock_release+0x10/0x10 [ 319.576969][ T30] ? rcu_is_watching+0x15/0xb0 [ 319.581722][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 319.587620][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 319.593952][ T30] ? schedule+0x90/0x320 [ 319.598177][ T30] schedule+0x14b/0x320 [ 319.602312][ T30] schedule_preempt_disabled+0x13/0x30 [ 319.607777][ T30] __mutex_lock+0x817/0x1010 [ 319.612416][ T30] ? __mutex_lock+0x602/0x1010 [ 319.617187][ T30] ? rtnetlink_rcv_msg+0x6e6/0xcf0 [ 319.622282][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 319.627310][ T30] ? bpf_lsm_capable+0x9/0x10 [ 319.631988][ T30] ? security_capable+0x7e/0x2d0 [ 319.637239][ T30] rtnetlink_rcv_msg+0x6e6/0xcf0 [ 319.642187][ T30] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 319.647333][ T30] ? lock_release+0xbf/0xa30 [ 319.651906][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 319.657381][ T30] ? __pfx_lock_acquire+0x10/0x10 [ 319.662440][ T30] ? rcu_is_watching+0x15/0xb0 [ 319.667192][ T30] ? lock_acquire+0xe3/0x550 [ 319.671771][ T30] netlink_rcv_skb+0x1e3/0x430 [ 319.676539][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 319.681980][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 319.687274][ T30] ? net_generic+0x1f/0x240 [ 319.691767][ T30] ? netlink_deliver_tap+0x2e/0x1b0 [ 319.697016][ T30] netlink_unicast+0x7f6/0x990 [ 319.701778][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 319.707069][ T30] ? __virt_addr_valid+0x45f/0x530 [ 319.712164][ T30] ? __phys_addr_symbol+0x2f/0x70 [ 319.717185][ T30] ? __check_object_size+0x47a/0x730 [ 319.722479][ T30] netlink_sendmsg+0x8e4/0xcb0 [ 319.727226][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 319.732510][ T30] ? futex_wait_queue+0x27/0x1d0 [ 319.737430][ T30] ? aa_sock_msg_perm+0x91/0x160 [ 319.742779][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 319.748076][ T30] __sock_sendmsg+0x221/0x270 [ 319.752769][ T30] ____sys_sendmsg+0x52a/0x7e0 [ 319.757515][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 319.762813][ T30] __sys_sendmsg+0x269/0x350 [ 319.767384][ T30] ? __pfx___sys_sendmsg+0x10/0x10 [ 319.772501][ T30] ? lock_release+0xbf/0xa30 [ 319.777083][ T30] ? __se_sys_futex+0x3f9/0x480 [ 319.781914][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 319.788257][ T30] ? rcu_is_watching+0x15/0xb0 [ 319.793034][ T30] ? rcu_is_watching+0x15/0xb0 [ 319.797787][ T30] do_syscall_64+0xf3/0x230 [ 319.802266][ T30] ? clear_bhb_loop+0x35/0x90 [ 319.806939][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 319.812829][ T30] RIP: 0033:0x7fbc7738cda9 [ 319.817223][ T30] RSP: 002b:00007fbc78191038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 319.825648][ T30] RAX: ffffffffffffffda RBX: 00007fbc775a5fa0 RCX: 00007fbc7738cda9 [ 319.833618][ T30] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000004 [ 319.841885][ T30] RBP: 00007fbc7740e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 319.849878][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 319.857877][ T30] R13: 0000000000000000 R14: 00007fbc775a5fa0 R15: 00007fff2ae40af8 [ 319.865883][ T30] [ 319.868896][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 319.877907][ T30] INFO: task syz-executor:13676 blocked for more than 147 seconds. [ 319.885796][ T30] Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0 [ 319.893093][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 319.901737][ T30] task:syz-executor state:D stack:26768 pid:13676 tgid:13676 ppid:1 flags:0x00000004 [ 319.911897][ T30] Call Trace: [ 319.915176][ T30] [ 319.918089][ T30] __schedule+0x186c/0x4be0 [ 319.922600][ T30] ? schedule+0x90/0x320 [ 319.926826][ T30] ? schedule+0x90/0x320 [ 319.931048][ T30] ? __pfx___schedule+0x10/0x10 [ 319.935976][ T30] ? __pfx_lock_release+0x10/0x10 [ 319.940984][ T30] ? rcu_is_watching+0x15/0xb0 [ 319.946086][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 319.951987][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 319.958348][ T30] ? schedule+0x90/0x320 [ 319.962600][ T30] schedule+0x14b/0x320 [ 319.966740][ T30] schedule_preempt_disabled+0x13/0x30 [ 319.972179][ T30] __mutex_lock+0x817/0x1010 [ 319.976798][ T30] ? __mutex_lock+0x602/0x1010 [ 319.981546][ T30] ? register_nexthop_notifier+0x84/0x290 [ 319.987273][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 319.992281][ T30] ? net_generic+0x1f/0x240 [ 319.996778][ T30] ? rcu_is_watching+0x15/0xb0 [ 320.001525][ T30] ? rcu_is_watching+0x15/0xb0 [ 320.006296][ T30] ? __asan_memset+0x23/0x50 [ 320.010869][ T30] register_nexthop_notifier+0x84/0x290 [ 320.016506][ T30] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 320.022293][ T30] ? __pfx_debug_check_no_locks_freed+0x10/0x10 [ 320.028540][ T30] ? __pfx_register_nexthop_notifier+0x10/0x10 [ 320.034700][ T30] ? __asan_memset+0x23/0x50 [ 320.039272][ T30] ops_init+0x31e/0x590 [ 320.043427][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 320.049068][ T30] setup_net+0x287/0x9e0 [ 320.053339][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 320.058866][ T30] ? __pfx_setup_net+0x10/0x10 [ 320.063676][ T30] copy_net_ns+0x33f/0x570 [ 320.068096][ T30] create_new_namespaces+0x425/0x7b0 [ 320.073389][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 320.079089][ T30] ksys_unshare+0x57d/0xa70 [ 320.083614][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 320.088624][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 320.094977][ T30] ? rcu_is_watching+0x15/0xb0 [ 320.099723][ T30] __x64_sys_unshare+0x38/0x40 [ 320.104483][ T30] do_syscall_64+0xf3/0x230 [ 320.108964][ T30] ? clear_bhb_loop+0x35/0x90 [ 320.113657][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 320.119642][ T30] RIP: 0033:0x7f07bbb8e5a7 [ 320.124063][ T30] RSP: 002b:00007ffe564c8c88 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 320.132484][ T30] RAX: ffffffffffffffda RBX: 00007f07bbda5f40 RCX: 00007f07bbb8e5a7 [ 320.140447][ T30] RDX: 00007f07bbb8cda9 RSI: 00007ffe564c8c50 RDI: 0000000040000000 [ 320.148710][ T30] RBP: 00007f07bbda6738 R08: 00007f07bbd6b9d0 R09: 00007f07bbd6b9d0 [ 320.156701][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000008 [ 320.164720][ T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 320.172747][ T30] [ 320.175748][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 320.184764][ T30] INFO: task syz-executor:13681 blocked for more than 147 seconds. [ 320.192655][ T30] Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0 [ 320.199924][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 320.208604][ T30] task:syz-executor state:D stack:26768 pid:13681 tgid:13681 ppid:1 flags:0x00004004 [ 320.218794][ T30] Call Trace: [ 320.222053][ T30] [ 320.224991][ T30] __schedule+0x186c/0x4be0 [ 320.229480][ T30] ? schedule+0x90/0x320 [ 320.233756][ T30] ? schedule+0x90/0x320 [ 320.237996][ T30] ? __pfx___schedule+0x10/0x10 [ 320.242862][ T30] ? __pfx_lock_release+0x10/0x10 [ 320.247867][ T30] ? rcu_is_watching+0x15/0xb0 [ 320.252963][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 320.258864][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 320.265198][ T30] ? schedule+0x90/0x320 [ 320.269423][ T30] schedule+0x14b/0x320 [ 320.273586][ T30] schedule_preempt_disabled+0x13/0x30 [ 320.279027][ T30] __mutex_lock+0x817/0x1010 [ 320.283619][ T30] ? __mutex_lock+0x602/0x1010 [ 320.288372][ T30] ? register_nexthop_notifier+0x84/0x290 [ 320.294098][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 320.299104][ T30] ? net_generic+0x1f/0x240 [ 320.303608][ T30] ? rcu_is_watching+0x15/0xb0 [ 320.308356][ T30] ? rcu_is_watching+0x15/0xb0 [ 320.313124][ T30] ? __asan_memset+0x23/0x50 [ 320.317693][ T30] register_nexthop_notifier+0x84/0x290 [ 320.323240][ T30] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 320.329024][ T30] ? __pfx_debug_check_no_locks_freed+0x10/0x10 [ 320.335270][ T30] ? __pfx_register_nexthop_notifier+0x10/0x10 [ 320.341409][ T30] ? __asan_memset+0x23/0x50 [ 320.345998][ T30] ops_init+0x31e/0x590 [ 320.350134][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 320.355789][ T30] setup_net+0x287/0x9e0 [ 320.360043][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 320.365593][ T30] ? __pfx_setup_net+0x10/0x10 [ 320.370341][ T30] copy_net_ns+0x33f/0x570 [ 320.374781][ T30] create_new_namespaces+0x425/0x7b0 [ 320.380065][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 320.385788][ T30] ksys_unshare+0x57d/0xa70 [ 320.390275][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 320.395301][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 320.401634][ T30] ? rcu_is_watching+0x15/0xb0 [ 320.406407][ T30] __x64_sys_unshare+0x38/0x40 [ 320.411173][ T30] do_syscall_64+0xf3/0x230 [ 320.415717][ T30] ? clear_bhb_loop+0x35/0x90 [ 320.420378][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 320.426277][ T30] RIP: 0033:0x7f1f47f8e5a7 [ 320.430671][ T30] RSP: 002b:00007ffcb2518498 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 320.439078][ T30] RAX: ffffffffffffffda RBX: 00007f1f481a5f40 RCX: 00007f1f47f8e5a7 [ 320.447055][ T30] RDX: 00007f1f47f8cda9 RSI: 00007ffcb2518460 RDI: 0000000040000000 [ 320.455512][ T30] RBP: 00007f1f481a6738 R08: 00007f1f4816b9d0 R09: 00007f1f4816b9d0 [ 320.463538][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000008 [ 320.471490][ T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 320.479484][ T30] [ 320.482512][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 320.491507][ T30] INFO: task syz-executor:13683 blocked for more than 147 seconds. [ 320.499394][ T30] Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0 [ 320.506672][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 320.515360][ T30] task:syz-executor state:D stack:26768 pid:13683 tgid:13683 ppid:1 flags:0x00004004 [ 320.525558][ T30] Call Trace: [ 320.528823][ T30] [ 320.531739][ T30] __schedule+0x186c/0x4be0 [ 320.536251][ T30] ? schedule+0x90/0x320 [ 320.540478][ T30] ? schedule+0x90/0x320 [ 320.544721][ T30] ? __pfx___schedule+0x10/0x10 [ 320.549556][ T30] ? __pfx_lock_release+0x10/0x10 [ 320.554579][ T30] ? rcu_is_watching+0x15/0xb0 [ 320.559656][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 320.565585][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 320.571899][ T30] ? schedule+0x90/0x320 [ 320.576179][ T30] schedule+0x14b/0x320 [ 320.580335][ T30] schedule_preempt_disabled+0x13/0x30 [ 320.585823][ T30] __mutex_lock+0x817/0x1010 [ 320.590400][ T30] ? __mutex_lock+0x602/0x1010 [ 320.595174][ T30] ? register_nexthop_notifier+0x84/0x290 [ 320.600882][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 320.605916][ T30] ? net_generic+0x1f/0x240 [ 320.610399][ T30] ? rcu_is_watching+0x15/0xb0 [ 320.615162][ T30] ? rcu_is_watching+0x15/0xb0 [ 320.619907][ T30] ? __asan_memset+0x23/0x50 [ 320.624499][ T30] register_nexthop_notifier+0x84/0x290 [ 320.630033][ T30] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 320.635870][ T30] ? __pfx_debug_check_no_locks_freed+0x10/0x10 [ 320.642109][ T30] ? __pfx_register_nexthop_notifier+0x10/0x10 [ 320.648531][ T30] ? __asan_memset+0x23/0x50 [ 320.653164][ T30] ops_init+0x31e/0x590 [ 320.657301][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 320.663016][ T30] setup_net+0x287/0x9e0 [ 320.667269][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 320.672824][ T30] ? __pfx_setup_net+0x10/0x10 [ 320.677573][ T30] copy_net_ns+0x33f/0x570 [ 320.681971][ T30] create_new_namespaces+0x425/0x7b0 [ 320.687262][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 320.692982][ T30] ksys_unshare+0x57d/0xa70 [ 320.697470][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 320.702529][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 320.708862][ T30] ? rcu_is_watching+0x15/0xb0 [ 320.713693][ T30] __x64_sys_unshare+0x38/0x40 [ 320.718447][ T30] do_syscall_64+0xf3/0x230 [ 320.722961][ T30] ? clear_bhb_loop+0x35/0x90 [ 320.727626][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 320.733558][ T30] RIP: 0033:0x7fef8c38e5a7 [ 320.737960][ T30] RSP: 002b:00007ffdcefd0b28 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 320.746387][ T30] RAX: ffffffffffffffda RBX: 00007fef8c5a5f40 RCX: 00007fef8c38e5a7 [ 320.754362][ T30] RDX: 00007fef8c38cda9 RSI: 00007ffdcefd0af0 RDI: 0000000040000000 [ 320.762889][ T30] RBP: 00007fef8c5a6738 R08: 00007fef8c56b9d0 R09: 00007fef8c56b9d0 [ 320.770869][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000008 [ 320.778839][ T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 320.786821][ T30] [ 320.789830][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 320.798849][ T30] INFO: task syz-executor:13685 blocked for more than 148 seconds. [ 320.806741][ T30] Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0 [ 320.814042][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 320.822710][ T30] task:syz-executor state:D stack:26352 pid:13685 tgid:13685 ppid:1 flags:0x00004004 [ 320.832880][ T30] Call Trace: [ 320.836139][ T30] [ 320.839054][ T30] __schedule+0x186c/0x4be0 [ 320.843562][ T30] ? schedule+0x90/0x320 [ 320.847787][ T30] ? schedule+0x90/0x320 [ 320.852025][ T30] ? __pfx___schedule+0x10/0x10 [ 320.856878][ T30] ? __pfx_lock_release+0x10/0x10 [ 320.861883][ T30] ? rcu_is_watching+0x15/0xb0 [ 320.866943][ T30] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 320.872858][ T30] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 320.879167][ T30] ? schedule+0x90/0x320 [ 320.883427][ T30] schedule+0x14b/0x320 [ 320.887585][ T30] schedule_preempt_disabled+0x13/0x30 [ 320.893087][ T30] __mutex_lock+0x817/0x1010 [ 320.897661][ T30] ? __mutex_lock+0x602/0x1010 [ 320.902459][ T30] ? register_nexthop_notifier+0x84/0x290 [ 320.908180][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 320.913218][ T30] ? net_generic+0x1f/0x240 [ 320.917703][ T30] ? rcu_is_watching+0x15/0xb0 [ 320.922533][ T30] ? rcu_is_watching+0x15/0xb0 [ 320.927300][ T30] ? __asan_memset+0x23/0x50 [ 320.931870][ T30] register_nexthop_notifier+0x84/0x290 [ 320.937423][ T30] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 320.943229][ T30] ? __pfx_debug_check_no_locks_freed+0x10/0x10 [ 320.949455][ T30] ? __pfx_register_nexthop_notifier+0x10/0x10 [ 320.955616][ T30] ? __asan_memset+0x23/0x50 [ 320.960187][ T30] ops_init+0x31e/0x590 [ 320.964345][ T30] ? lockdep_init_map_type+0xa1/0x910 [ 320.970065][ T30] setup_net+0x287/0x9e0 [ 320.974411][ T30] ? __pfx_down_read_killable+0x10/0x10 [ 320.979939][ T30] ? __pfx_setup_net+0x10/0x10 [ 320.984713][ T30] copy_net_ns+0x33f/0x570 [ 320.989115][ T30] create_new_namespaces+0x425/0x7b0 [ 320.994399][ T30] unshare_nsproxy_namespaces+0x124/0x180 [ 321.000187][ T30] ksys_unshare+0x57d/0xa70 [ 321.004689][ T30] ? __pfx_ksys_unshare+0x10/0x10 [ 321.009695][ T30] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 321.016022][ T30] ? rcu_is_watching+0x15/0xb0 [ 321.020769][ T30] __x64_sys_unshare+0x38/0x40 [ 321.025544][ T30] do_syscall_64+0xf3/0x230 [ 321.030028][ T30] ? clear_bhb_loop+0x35/0x90 [ 321.034720][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 321.040596][ T30] RIP: 0033:0x7f96c758e5a7 [ 321.045011][ T30] RSP: 002b:00007ffd2d5a55d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 321.053492][ T30] RAX: ffffffffffffffda RBX: 00007f96c77a5f40 RCX: 00007f96c758e5a7 [ 321.061445][ T30] RDX: 00007f96c758cda9 RSI: 00007ffd2d5a55a0 RDI: 0000000040000000 [ 321.069755][ T30] RBP: 00007f96c77a6738 R08: 00007f96c776b9d0 R09: 00007f96c776b9d0 [ 321.077753][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000008 [ 321.085756][ T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 321.093740][ T30] [ 321.096740][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 321.105809][ T30] INFO: lockdep is turned off. [ 321.110574][ T30] NMI backtrace for cpu 0 [ 321.110582][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0 [ 321.110592][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 321.110603][ T30] Call Trace: [ 321.110607][ T30] [ 321.110611][ T30] dump_stack_lvl+0x241/0x360 [ 321.110628][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 321.110640][ T30] ? __pfx__printk+0x10/0x10 [ 321.110653][ T30] ? __pfx_rcu_preempt_deferred_qs_irqrestore+0x10/0x10 [ 321.110667][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 321.110680][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 321.110691][ T30] ? _printk+0xd5/0x120 [ 321.110702][ T30] ? __pfx_rcu_read_unlock_special+0x10/0x10 [ 321.110713][ T30] ? __pfx__printk+0x10/0x10 [ 321.110726][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 321.110736][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 321.110748][ T30] watchdog+0xff6/0x1040 [ 321.110760][ T30] ? watchdog+0x1ea/0x1040 [ 321.110771][ T30] ? __pfx_watchdog+0x10/0x10 [ 321.110782][ T30] kthread+0x7a9/0x920 [ 321.110793][ T30] ? __pfx_kthread+0x10/0x10 [ 321.110805][ T30] ? __pfx_watchdog+0x10/0x10 [ 321.110815][ T30] ? __pfx_kthread+0x10/0x10 [ 321.110825][ T30] ? __pfx_kthread+0x10/0x10 [ 321.110837][ T30] ? __pfx_kthread+0x10/0x10 [ 321.110848][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 321.110859][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 321.110872][ T30] ? __pfx_kthread+0x10/0x10 [ 321.110883][ T30] ret_from_fork+0x4b/0x80 [ 321.110893][ T30] ? __pfx_kthread+0x10/0x10 [ 321.110905][ T30] ret_from_fork_asm+0x1a/0x30 [ 321.110916][ T30] [ 321.110920][ T30] Sending NMI from CPU 0 to CPUs 1: [ 321.277758][ C1] NMI backtrace for cpu 1 skipped: idling at acpi_safe_halt+0x21/0x30 [ 321.278784][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 321.293745][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-syzkaller-04046-g0ad9617c78ac #0 [ 321.303871][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 321.313901][ T30] Call Trace: [ 321.317160][ T30] [ 321.320070][ T30] dump_stack_lvl+0x241/0x360 [ 321.324729][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 321.329934][ T30] ? __pfx__printk+0x10/0x10 [ 321.334504][ T30] ? vscnprintf+0x5d/0x90 [ 321.338811][ T30] panic+0x349/0x880 [ 321.342692][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 321.348821][ T30] ? __pfx_panic+0x10/0x10 [ 321.353219][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 321.358570][ T30] ? __irq_work_queue_local+0x137/0x410 [ 321.364093][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 321.369440][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 321.375568][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 321.381728][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 321.387866][ T30] watchdog+0x1035/0x1040 [ 321.392175][ T30] ? watchdog+0x1ea/0x1040 [ 321.396571][ T30] ? __pfx_watchdog+0x10/0x10 [ 321.401226][ T30] kthread+0x7a9/0x920 [ 321.405272][ T30] ? __pfx_kthread+0x10/0x10 [ 321.409843][ T30] ? __pfx_watchdog+0x10/0x10 [ 321.414499][ T30] ? __pfx_kthread+0x10/0x10 [ 321.419069][ T30] ? __pfx_kthread+0x10/0x10 [ 321.423635][ T30] ? __pfx_kthread+0x10/0x10 [ 321.428202][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 321.433379][ T30] ? lockdep_hardirqs_on+0x99/0x150 [ 321.438557][ T30] ? __pfx_kthread+0x10/0x10 [ 321.443124][ T30] ret_from_fork+0x4b/0x80 [ 321.447519][ T30] ? __pfx_kthread+0x10/0x10 [ 321.452106][ T30] ret_from_fork_asm+0x1a/0x30 [ 321.456856][ T30] [ 321.460116][ T30] Kernel Offset: disabled [ 321.464428][ T30] Rebooting in 86400 seconds..