last executing test programs: 21.230568399s ago: executing program 0 (id=10639): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000180)=r1, 0x4) sendmsg$inet(r3, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20000000) 21.228592127s ago: executing program 2 (id=10640): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, 0x0, 0x0) listen(r0, 0x10040) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10) syz_emit_ethernet(0x36, &(0x7f0000002a80)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0) syz_emit_ethernet(0x76, &(0x7f00000002c0)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x3d, 0x68, 0x0, 0x4000, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x15, 0x1, 0x0, 0x0, 0x0, {[@mss={0x2, 0x4, 0x6}, @mptcp=@ack={0x1e, 0xc, 0x957, 0x4, "6a89c4abff99cbe2"}, @exp_fastopen={0xfe, 0x9, 0xf989, "69bb3fa1e9"}, @md5sig={0x13, 0x12, "0f9251fbe36d0b164c6446025c740542"}, @md5sig={0x13, 0x12, "77949379d78b4741c40913a94dd7a40a"}]}}}}}}}, 0x0) 21.011697425s ago: executing program 2 (id=10644): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x4, 0x9, 0x4, 0x7b, 0x6, 0x1, 0x1, 0x7f, 0x0, 0x34, 0x6, 0x9, 0x56, 0xdc}, 0xe) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x0, 0x20}, 0xc) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x5, @loopback}, 0x1c) sendmmsg$sock(r0, &(0x7f0000005380)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000100)="89", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000001c00)="bc", 0x1}], 0x1}}], 0x2, 0x0) 20.937332158s ago: executing program 0 (id=10645): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{r0}, &(0x7f0000000a00), &(0x7f0000000a40)=r1}, 0x20) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000001c0)={r4, r3, 0x25, 0x0, @void}, 0x10) syz_emit_ethernet(0x1289, &(0x7f00000048c0)=ANY=[], 0x0) 20.80615275s ago: executing program 2 (id=10646): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4800000010000108279d70080200000000000000", @ANYRES32=0x0, @ANYBLOB="00000000052004001400350064756d6d79300000000000000000000014001680100001"], 0x48}, 0x1, 0x0, 0x0, 0x4058805}, 0x0) 20.741707584s ago: executing program 0 (id=10648): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000200)={0x0, 0x7}, 0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xcc}, 0x8) sendmmsg$inet6(r0, &(0x7f00000003c0)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x280020}, 0x1c, &(0x7f00000000c0)=[{&(0x7f0000000540)='\x00', 0x1}], 0x1}}], 0x1, 0x20008050) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r0, 0x84, 0x78, &(0x7f0000000100), 0x4) 20.501409792s ago: executing program 2 (id=10651): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) socket(0x400000000010, 0x3, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=@newqdisc={0x38, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0x7}}]}, 0x38}, 0x1, 0x0, 0x0, 0x400dc}, 0x4000080) 20.478056313s ago: executing program 0 (id=10652): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000380)=0x2, 0x4) bind$inet(r0, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x28040041, &(0x7f0000000040)={0x2, 0x24e23, @loopback}, 0x10) sendmsg$inet(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000280)="1f", 0x1}], 0x1}, 0x48c0) recvmmsg(r0, &(0x7f0000001f40)=[{{&(0x7f00000004c0)=@x25, 0x80, &(0x7f0000000600), 0x0, &(0x7f0000000640)=""/183, 0xb7}, 0x8001}], 0x1, 0x40000, 0x0) 20.16620438s ago: executing program 0 (id=10653): bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000700)=ANY=[@ANYBLOB="18020000030000000000000000000000850000004100000085000000d000000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) 20.126149084s ago: executing program 4 (id=10654): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22, 0x6}, 0x1c) listen(r0, 0x10040) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) syz_emit_ethernet(0x36, &(0x7f0000002a80)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0) syz_emit_ethernet(0x76, &(0x7f00000002c0)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x3d, 0x68, 0x0, 0x4000, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x15, 0x1, 0x0, 0x0, 0x0, {[@mss={0x2, 0x4, 0x6}, @mptcp=@ack={0x1e, 0xc, 0x957, 0x4, "6a89c4abff99cbe2"}, @exp_fastopen={0xfe, 0x9, 0xf989, "69bb3fa1e9"}, @md5sig={0x13, 0x12, "0f9251fbe36d0b164c6446025c740542"}, @md5sig={0x13, 0x12, "77949379d78b4741c40913a94dd7a40a"}]}}}}}}}, 0x0) 19.957046054s ago: executing program 4 (id=10656): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendmmsg$inet(r0, &(0x7f0000001480)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000980)="91f8a9849519def28691bbc4173c3d6f357d0272b7e95a136b3ffec75b73e6937b7b22a1319130feaab952ac4703cad04be68907e50e997fc26e4c91ea4feb931647fc5393de25000000000000f2ffffff2e3591ceb1757de97fb25500620d0d30506e7429fa5337b74945da657f794d5b5bf89588e07b14a17f069912dc0c3f201bff8b9a687b85baa11244632642a9be7b42b6b5882b738f05eba73221490e2d5c17cf406be2796eec488a5b5268f507ee8d6f3dd1d64abc785708eb9bd24e352a984b2b1596d35ebe1d3443aa78fb40209dcfa4666bbcc6ca80", 0xdb}], 0x1}}, {{0x0, 0x0, &(0x7f0000000e80)=[{&(0x7f0000000880)="b527ce144a9e865255e6f85f4d18156225c3396c992b47cedd740a6a6c3c82aba6b56bd441a6dd0856d664fb959853821ce9917ed023550816ba4b21413e5e7c41c7e2197da810d26109c4572ec3dfb28073599772cf3e04b596b22fce7db25609f21c6da4db35a48c20cdfa45bba59b", 0x70}, {&(0x7f0000000cc0)="27cb1547d73d51c2b9eb909bbb859214eabfa995b909a5faccc33d38140dc15d080af6eaf18b2031f0c88867e93763c3466f13a7e1c71f9b7ed9652a901d80e85e1ba265a9837970a9a20940b0208fa916a0", 0x52}], 0x2}}], 0x2, 0x2090) sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0) 19.816834807s ago: executing program 0 (id=10657): socket$packet(0x11, 0x2, 0x300) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0xd2}, 0x9c) bind$inet6(r0, &(0x7f0000000300)={0xa, 0x4e23, 0x0, @loopback, 0x3}, 0x7e) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0xe0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newlink={0x28, 0x10, 0x801, 0xfffffffe, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x61c2f}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x2, @loopback, 0xfffffffd}}, 0x0, 0x0, 0x300, 0x0, 0x54, 0x6}, 0x9c) 19.773260438s ago: executing program 4 (id=10658): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{r0}, &(0x7f0000000a00), &(0x7f0000000a40)=r1}, 0x20) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000001c0)={r4, r3, 0x25, 0x0, @void}, 0x10) syz_emit_ethernet(0x1289, &(0x7f00000048c0)=ANY=[], 0x0) 19.695482545s ago: executing program 2 (id=10659): setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x4b0, 0x158, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3e0, 0xffffffff, 0xffffffff, 0x3e0, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [0x0, 0x0, 0x0, 0xff], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0x138, 0x158, 0x0, {}, [@common=@unspec=@connbytes={{0x38}, {[{0x2}, {0x7f}], 0x2, 0x2}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @unspec=@NOTRACK={0x20}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [0x0, 0xffffffff], [], 'erspan0\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x5, 0x41, 0x0, 0x2, 0x1800, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x510) syz_emit_ethernet(0x40, &(0x7f0000000040)={@local, @link_local={0x17, 0x80, 0xc2, 0x6, 0x5}, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "182325", 0xa, 0x2c, 0x1, @remote, @local, {[@routing={0x2c, 0x0, 0x0, 0x1}], "0639"}}}}}, 0x0) 19.623183971s ago: executing program 4 (id=10661): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback, 0x2}, 0x1c) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000000)={0x0, 0xfffffffe, 0x10}, 0xc) sendmmsg$inet6(r0, &(0x7f0000000200)=[{{&(0x7f0000000580)={0xa, 0x4e23, 0x1, @loopback}, 0x1c, &(0x7f00000006c0)}}], 0x1, 0x8020) writev(r0, &(0x7f00000001c0)=[{&(0x7f0000001380)="a8a452", 0x3}], 0x1) 19.508522195s ago: executing program 2 (id=10662): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x13, 0x4, 0x0, &(0x7f00000000c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x6a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x130}, 0x94) sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000380)="82f294054d05973abfac6a6f31050418457d017c5fd68b034cf51b9f6a6d71daa5c776bca90037bc7c3d88b151fbf856f69ebd05e750f13f02af646b284953b6640a08c827c6f2ff4ad8e84077f9f03f94792aa17c4743cba3f355bb9c5b04b91ed70d253db68e17cdd561fab504479f723388dda974e2a9fb1bcda474c08d6222179b19e902009ea3cb3e42", 0x8c}, {&(0x7f0000000480)="4ce09043b6aa2ae5946f67306c7f73ed469dfcfc5e1f4d8123a4a8a7b9be82f67f89605cd9bbf7254c156b00437f753a248daf68c5ebdc4a6346d336a6502e98eae72777956d1ebeeb855fae46b3ccb9fb3d593651b95ee00afe0816b3c6e7f3cb3b18fb5198643daa6b9cafde584957dd72ba27cef6604f5df59f0bee60bca63d75a9d812eb699c2d665b7179b22027cf748ac63bcc212703d44cb083e962eee9b5d212523c162b42377ebd0bc624bf9425f6f477", 0xb5}, {&(0x7f0000000780)="8ff2f15bd0017ce4b36b6bc4335634254cffcc40c0312f5ff35991272b79d76712dc0c3cfdc0d70ce8004884e6917bed9ffee1584df7f06c7bccac71daf78bf3c68b8d5e56357654784bdbc700bceb1049c6a47d53c5ac29f83aed3ae9", 0x5d}, {&(0x7f0000000800)="5193f0b40db29d9ce06f429ed3c2c6405967f1e559f08c35f5e63ad64c2746967cca1bbeaf6206a79c42badb4fb453f294c2932cb5552a5f9c1d633207a53c2f54d98c2f9e4323eac6c20c56e7607d212b210a0325f7c289d1a2552d7a3f2176a47e95bc46471fae9167768d58f22ff10ba3cc2050b1ee838ce9e4ac5a1544fec3e291272cfaaa4817539972fb8bb2ede331312f556ecea24236759bf0d51003477ec489820505cea6045a9939974c6f2ee3815378dc0a620982383e84178b017ba52b", 0xc3}, {&(0x7f0000000900)="a9be9b2ff3a19d5a1226e5243d37d1fd2894c1ae880dc2316aa2d5ad08944c7135eb837eff354282dd5863c051eb7b9b17be0e4fdd6560f3f2c2c04af73a6cb75b5d05d6037f91e8f4f08e90d5313fb91fbdc5acd212f7d8c8", 0x59}, {&(0x7f00000000c0)}], 0x6}}, {{&(0x7f0000000a40)=@alg={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha256\x00'}, 0x80, 0x0, 0x0, &(0x7f0000000cc0)=[@mark={{0x14, 0x1, 0x24, 0x9a9}}, @mark={{0x14, 0x1, 0x24, 0x4}}, @timestamping={{0x14, 0x1, 0x25, 0x101}}, @txtime={{0x18, 0x1, 0x3d, 0x80}}], 0x60}}], 0x2, 0x20000044) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'vlan1\x00'}) openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x800) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0) 19.445937579s ago: executing program 4 (id=10663): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r0, 0x107, 0x8, &(0x7f0000000100)=0x40049, 0x4) recvmmsg(r0, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=""/11, 0xb}, 0x8b}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000780)=""/255, 0xff}, 0xfffffff4}], 0x2, 0x10022, 0x0) 19.205926299s ago: executing program 4 (id=10666): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f0000000000)={0x8, {{0x2, 0x4e21, @multicast1}}, {{0x2, 0x4e23, @local}}}, 0x108) setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f0000000400)={0x8, {{0x2, 0x4e20, @multicast1}}, {{0x2, 0x4e20, @local}}}, 0x108) 18.436840517s ago: executing program 1 (id=10676): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @empty}, 0x10) syz_emit_ethernet(0x46, &(0x7f0000000000)={@broadcast, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0xfffc, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x4, 0x0, 0x12, 0x4, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @empty, @private=0xa010100}, "0dfd11c20c4a77be"}}}}}, 0x0) 18.382445951s ago: executing program 1 (id=10677): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000340)={@in={{0x2, 0x4e22, @local}}, 0x0, 0x0, 0x33, 0x0, "cebd7ceedb7b0ad952e966bbe242b92b746b023df2cb59e32e10366456deac64e782206bd4aee372005a52a40b7161161a8b2749fe184fb0d08bc63f90010a1ed2bf603d2c3fcc250c30136f9ef2ef8b"}, 0xd8) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x1d4c, 0x0, 0x11) sendmsg$inet(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000001c0)="12", 0x1}], 0x1}, 0x1) recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25) 18.302783675s ago: executing program 1 (id=10678): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x100, 0x6}, 0x4) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000180)=[{0x50, 0x1, 0x0, 0x80000000}, {0x6, 0x80, 0xfd, 0xfffffffd}]}, 0x10) syz_emit_ethernet(0x3e, &(0x7f0000000180)={@link_local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x64, 0x30, 0x4, 0x2, 0x0, @empty, @multicast2}, @dest_unreach={0x3, 0xa, 0x0, 0x0, 0x0, 0xc, {0x5, 0x4, 0x2, 0x6, 0xe, 0x65, 0x7fff, 0x0, 0x33, 0x6, @broadcast, @multicast2}}}}}}, 0x0) 18.131399307s ago: executing program 1 (id=10679): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22, 0x6}, 0x1c) listen(r0, 0x10040) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10) syz_emit_ethernet(0x0, 0x0, 0x0) syz_emit_ethernet(0x76, &(0x7f00000002c0)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x3d, 0x68, 0x0, 0x4000, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x15, 0x1, 0x0, 0x0, 0x0, {[@mss={0x2, 0x4, 0x6}, @mptcp=@ack={0x1e, 0xc, 0x957, 0x4, "6a89c4abff99cbe2"}, @exp_fastopen={0xfe, 0x9, 0xf989, "69bb3fa1e9"}, @md5sig={0x13, 0x12, "0f9251fbe36d0b164c6446025c740542"}, @md5sig={0x13, 0x12, "77949379d78b4741c40913a94dd7a40a"}]}}}}}}}, 0x0) 18.001204189s ago: executing program 1 (id=10680): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, 0x0, 0x0) sendto$inet(r0, 0x0, 0x0, 0x200047fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000002c0)='bbr', 0x37) r1 = socket$inet6(0x10, 0x2, 0x4) sendto$inet6(r1, &(0x7f0000000080)="4c00000012001f15b9409b8400feffffffffffff000000000017030038c88cc055c5ac27a6c5", 0x26, 0x0, 0x0, 0x0) 17.835399913s ago: executing program 1 (id=10681): r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000000100), 0x4) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_ADD_VIF(r2, 0x0, 0xca, &(0x7f00000000c0)={0x8, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) setsockopt$inet_mreq(r1, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8) syz_emit_ethernet(0x3e, &(0x7f0000000040)={@local, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x80, 0x2, 0x0, @empty, @multicast1=0xe0000300}, @dest_unreach={0x3, 0x4, 0x0, 0x0, 0x3, 0xc58, {0x5, 0x4, 0x0, 0x7, 0x0, 0x65, 0xe, 0x4e, 0x24, 0xc, @empty, @dev={0xac, 0x14, 0x14, 0x44}}}}}}}, 0x0) setsockopt$MRT_ADD_MFC_PROXY(r2, 0x0, 0xd2, &(0x7f0000000200)={@empty, @multicast2=0xe0000300, 0x0, "028a3f6c58b274e6d8451697efe428116085f06e9264f7d866b1970548fc3c7b", 0xb2, 0xffffeff7, 0x40, 0x40000006}, 0x3c) 15.76121266s ago: executing program 3 (id=10688): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000010240)={0x0, 0x0, 0x0}, 0x0) sendmmsg$inet6(r0, &(0x7f0000004d80)=[{{&(0x7f0000000100)={0xa, 0xfffd, 0x0, @private0}, 0x1c, &(0x7f00000002c0)=[{&(0x7f0000000040)="cc", 0x1}], 0x1}}], 0x1, 0x0) shutdown(r0, 0x1) getsockopt$bt_hci(r0, 0x84, 0x80, &(0x7f00000010c0)=""/4111, &(0x7f0000000000)=0x100f) 15.666302278s ago: executing program 3 (id=10689): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x100, 0x6}, 0x4) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x50, 0x1, 0x0, 0x80000000}, {0x6, 0x80, 0xfd, 0xfffffffd}]}, 0x10) syz_emit_ethernet(0x0, 0x0, 0x0) 15.547816857s ago: executing program 3 (id=10690): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=@bridge_setlink={0x2c, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x50}, [@IFLA_AF_SPEC={0x4, 0xc}, @IFLA_AF_SPEC={0x8, 0x1a, 0x0, 0x1, [@AF_INET6={0x4}]}]}, 0x2c}}, 0x0) r0 = socket$inet6(0xa, 0x3, 0x8000000003c) setsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, 0x0, 0x0) r1 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x370, 0x170, 0xffffffff, 0xffffffff, 0x170, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0x148, 0x170, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00'}, 0x0, 0x100, 0x130, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x3d0) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x4e21, 0x0, @empty, 0x7}, 0x1c) sendmsg(r0, &(0x7f00000000c0)={0x0, 0x9511, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0xfff2}], 0x1, 0x0, 0x0, 0x2c}, 0x44004) 15.500123021s ago: executing program 3 (id=10691): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, 0x0, 0x0) sendto$inet(r0, 0x0, 0x0, 0x200047fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000002c0)='bbr', 0x37) r1 = socket$inet6(0x10, 0x2, 0x4) sendto$inet6(r1, &(0x7f0000000080)="4c00000012001f15b9409b8400feffffffffffff000000000017030038c88cc055c5ac27a6c5", 0x26, 0x0, 0x0, 0x0) 15.40654578s ago: executing program 3 (id=10692): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000200)=[@window={0x3, 0x6, 0x7}, @mss={0x2, 0xd900}, @sack_perm, @sack_perm, @sack_perm, @sack_perm, @sack_perm], 0x7) 15.297033658s ago: executing program 3 (id=10693): mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'team_slave_0\x00', &(0x7f0000002fc0)=@ethtool_stats}) 4.002797869s ago: executing program 32 (id=10657): socket$packet(0x11, 0x2, 0x300) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0xd2}, 0x9c) bind$inet6(r0, &(0x7f0000000300)={0xa, 0x4e23, 0x0, @loopback, 0x3}, 0x7e) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0xe0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newlink={0x28, 0x10, 0x801, 0xfffffffe, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x61c2f}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x2, @loopback, 0xfffffffd}}, 0x0, 0x0, 0x300, 0x0, 0x54, 0x6}, 0x9c) 3.946355686s ago: executing program 33 (id=10662): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x13, 0x4, 0x0, &(0x7f00000000c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x6a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x130}, 0x94) sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000380)="82f294054d05973abfac6a6f31050418457d017c5fd68b034cf51b9f6a6d71daa5c776bca90037bc7c3d88b151fbf856f69ebd05e750f13f02af646b284953b6640a08c827c6f2ff4ad8e84077f9f03f94792aa17c4743cba3f355bb9c5b04b91ed70d253db68e17cdd561fab504479f723388dda974e2a9fb1bcda474c08d6222179b19e902009ea3cb3e42", 0x8c}, {&(0x7f0000000480)="4ce09043b6aa2ae5946f67306c7f73ed469dfcfc5e1f4d8123a4a8a7b9be82f67f89605cd9bbf7254c156b00437f753a248daf68c5ebdc4a6346d336a6502e98eae72777956d1ebeeb855fae46b3ccb9fb3d593651b95ee00afe0816b3c6e7f3cb3b18fb5198643daa6b9cafde584957dd72ba27cef6604f5df59f0bee60bca63d75a9d812eb699c2d665b7179b22027cf748ac63bcc212703d44cb083e962eee9b5d212523c162b42377ebd0bc624bf9425f6f477", 0xb5}, {&(0x7f0000000780)="8ff2f15bd0017ce4b36b6bc4335634254cffcc40c0312f5ff35991272b79d76712dc0c3cfdc0d70ce8004884e6917bed9ffee1584df7f06c7bccac71daf78bf3c68b8d5e56357654784bdbc700bceb1049c6a47d53c5ac29f83aed3ae9", 0x5d}, {&(0x7f0000000800)="5193f0b40db29d9ce06f429ed3c2c6405967f1e559f08c35f5e63ad64c2746967cca1bbeaf6206a79c42badb4fb453f294c2932cb5552a5f9c1d633207a53c2f54d98c2f9e4323eac6c20c56e7607d212b210a0325f7c289d1a2552d7a3f2176a47e95bc46471fae9167768d58f22ff10ba3cc2050b1ee838ce9e4ac5a1544fec3e291272cfaaa4817539972fb8bb2ede331312f556ecea24236759bf0d51003477ec489820505cea6045a9939974c6f2ee3815378dc0a620982383e84178b017ba52b", 0xc3}, {&(0x7f0000000900)="a9be9b2ff3a19d5a1226e5243d37d1fd2894c1ae880dc2316aa2d5ad08944c7135eb837eff354282dd5863c051eb7b9b17be0e4fdd6560f3f2c2c04af73a6cb75b5d05d6037f91e8f4f08e90d5313fb91fbdc5acd212f7d8c8", 0x59}, {&(0x7f00000000c0)}], 0x6}}, {{&(0x7f0000000a40)=@alg={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha256\x00'}, 0x80, 0x0, 0x0, &(0x7f0000000cc0)=[@mark={{0x14, 0x1, 0x24, 0x9a9}}, @mark={{0x14, 0x1, 0x24, 0x4}}, @timestamping={{0x14, 0x1, 0x25, 0x101}}, @txtime={{0x18, 0x1, 0x3d, 0x80}}], 0x60}}], 0x2, 0x20000044) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'vlan1\x00'}) openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x800) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0) 3.868532233s ago: executing program 34 (id=10666): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f0000000000)={0x8, {{0x2, 0x4e21, @multicast1}}, {{0x2, 0x4e23, @local}}}, 0x108) setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f0000000400)={0x8, {{0x2, 0x4e20, @multicast1}}, {{0x2, 0x4e20, @local}}}, 0x108) 2.488032308s ago: executing program 35 (id=10681): r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000000100), 0x4) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_ADD_VIF(r2, 0x0, 0xca, &(0x7f00000000c0)={0x8, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) setsockopt$inet_mreq(r1, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8) syz_emit_ethernet(0x3e, &(0x7f0000000040)={@local, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x80, 0x2, 0x0, @empty, @multicast1=0xe0000300}, @dest_unreach={0x3, 0x4, 0x0, 0x0, 0x3, 0xc58, {0x5, 0x4, 0x0, 0x7, 0x0, 0x65, 0xe, 0x4e, 0x24, 0xc, @empty, @dev={0xac, 0x14, 0x14, 0x44}}}}}}}, 0x0) setsockopt$MRT_ADD_MFC_PROXY(r2, 0x0, 0xd2, &(0x7f0000000200)={@empty, @multicast2=0xe0000300, 0x0, "028a3f6c58b274e6d8451697efe428116085f06e9264f7d866b1970548fc3c7b", 0xb2, 0xffffeff7, 0x40, 0x40000006}, 0x3c) 0s ago: executing program 36 (id=10693): mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'team_slave_0\x00', &(0x7f0000002fc0)=@ethtool_stats}) kernel console output (not intermixed with test programs): er parsing attributes in process `syz.4.9778'. [ 1218.018026][ T6965] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9779'. [ 1220.166012][ T6966] lo speed is unknown, defaulting to 1000 [ 1220.173701][ T6966] lo speed is unknown, defaulting to 1000 [ 1220.668142][ T6981] netlink: 24 bytes leftover after parsing attributes in process `syz.3.9783'. [ 1220.697695][ T6981] netlink: 'syz.3.9783': attribute type 1 has an invalid length. [ 1220.728081][ T6981] netlink: 224 bytes leftover after parsing attributes in process `syz.3.9783'. [ 1221.584445][ T6993] netlink: 72 bytes leftover after parsing attributes in process `syz.4.9788'. [ 1222.196437][ T7010] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9793'. [ 1222.416483][ T7013] team0: Device lo is loopback device. Loopback devices can't be added as a team port [ 1222.452623][ T7013] net_ratelimit: 356 callbacks suppressed [ 1222.452647][ T7013] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1222.481302][ T7013] netlink: 28 bytes leftover after parsing attributes in process `syz.0.9794'. [ 1222.555038][ T7016] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 1223.087481][ T7027] netlink: 72 bytes leftover after parsing attributes in process `syz.1.9800'. [ 1223.182480][ T7032] netlink: 24 bytes leftover after parsing attributes in process `syz.0.9801'. [ 1223.236037][ T7032] netlink: 'syz.0.9801': attribute type 1 has an invalid length. [ 1223.279734][ T7032] netlink: 224 bytes leftover after parsing attributes in process `syz.0.9801'. [ 1223.466819][ T7045] FAULT_INJECTION: forcing a failure. [ 1223.466819][ T7045] name failslab, interval 1, probability 0, space 0, times 0 [ 1223.495049][ T7045] CPU: 0 UID: 0 PID: 7045 Comm: syz.4.9808 Not tainted syzkaller #0 PREEMPT(full) [ 1223.495083][ T7045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1223.495098][ T7045] Call Trace: [ 1223.495108][ T7045] [ 1223.495119][ T7045] dump_stack_lvl+0xe8/0x150 [ 1223.495157][ T7045] should_fail_ex+0x412/0x560 [ 1223.495198][ T7045] should_failslab+0xa8/0x100 [ 1223.495231][ T7045] __kmalloc_noprof+0xe8/0x760 [ 1223.495260][ T7045] ? genl_family_rcv_msg_attrs_parse+0xd0/0x2f0 [ 1223.495295][ T7045] genl_family_rcv_msg_attrs_parse+0xd0/0x2f0 [ 1223.495331][ T7045] genl_family_rcv_msg_doit+0xd9/0x330 [ 1223.495372][ T7045] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1223.495407][ T7045] ? apparmor_capable+0x126/0x170 [ 1223.495438][ T7045] ? bpf_lsm_capable+0x9/0x20 [ 1223.495472][ T7045] ? security_capable+0x7e/0x2c0 [ 1223.495514][ T7045] genl_rcv_msg+0x61c/0x7a0 [ 1223.495546][ T7045] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1223.495570][ T7045] ? __pfx_ieee802154_add_iface+0x10/0x10 [ 1223.495622][ T7045] netlink_rcv_skb+0x232/0x4b0 [ 1223.495655][ T7045] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1223.495682][ T7045] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1223.495732][ T7045] ? down_read+0x272/0x2e0 [ 1223.495760][ T7045] ? genl_rcv+0xd/0x40 [ 1223.495785][ T7045] genl_rcv+0x28/0x40 [ 1223.495807][ T7045] netlink_unicast+0x75c/0x8e0 [ 1223.495847][ T7045] netlink_sendmsg+0x813/0xb40 [ 1223.495890][ T7045] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1223.495925][ T7045] ? aa_sock_msg_perm+0xf1/0x1b0 [ 1223.495950][ T7045] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 1223.495981][ T7045] ____sys_sendmsg+0x972/0x9f0 [ 1223.496034][ T7045] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1223.496077][ T7045] ? import_iovec+0x73/0xa0 [ 1223.496109][ T7045] ___sys_sendmsg+0x2a5/0x360 [ 1223.496151][ T7045] ? __pfx____sys_sendmsg+0x10/0x10 [ 1223.496224][ T7045] ? __fget_files+0x2a/0x420 [ 1223.496246][ T7045] ? __fget_files+0x3a0/0x420 [ 1223.496280][ T7045] __x64_sys_sendmsg+0x1bd/0x2a0 [ 1223.496319][ T7045] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 1223.496372][ T7045] ? __pfx_ksys_write+0x10/0x10 [ 1223.496414][ T7045] do_syscall_64+0x14d/0xf80 [ 1223.496441][ T7045] ? trace_irq_disable+0x3b/0x150 [ 1223.496462][ T7045] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1223.496487][ T7045] ? clear_bhb_loop+0x40/0x90 [ 1223.496516][ T7045] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1223.496540][ T7045] RIP: 0033:0x7fba6d99c819 [ 1223.496563][ T7045] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1223.496584][ T7045] RSP: 002b:00007fba6e80f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1223.496610][ T7045] RAX: ffffffffffffffda RBX: 00007fba6dc15fa0 RCX: 00007fba6d99c819 [ 1223.496628][ T7045] RDX: 0000000000000080 RSI: 0000200000000b00 RDI: 0000000000000006 [ 1223.496644][ T7045] RBP: 00007fba6e80f090 R08: 0000000000000000 R09: 0000000000000000 [ 1223.496660][ T7045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1223.496675][ T7045] R13: 00007fba6dc16038 R14: 00007fba6dc15fa0 R15: 00007ffee93a7f98 [ 1223.496713][ T7045] [ 1223.576969][ T7048] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9809'. [ 1223.997109][ T7048] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9809'. [ 1224.073868][ T7055] lo speed is unknown, defaulting to 1000 [ 1224.082239][ T7055] lo speed is unknown, defaulting to 1000 [ 1224.596638][ T7068] IPv6: addrconf: prefix option has invalid lifetime [ 1224.872497][ T7075] Set syz0 is full, maxelem 0 reached [ 1224.947501][ T29] audit: type=1804 audit(1776127951.697:5): pid=7079 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.9820" name="/newroot/1928/cgroup.controllers" dev="tmpfs" ino=9904 res=1 errno=0 [ 1225.048457][ T29] audit: type=1800 audit(1776127951.727:6): pid=7079 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.9820" name="cgroup.controllers" dev="tmpfs" ino=9904 res=0 errno=0 [ 1225.203160][ T7090] netlink: 'syz.0.9823': attribute type 1 has an invalid length. [ 1225.321880][ T7094] netlink: 'syz.2.9824': attribute type 2 has an invalid length. [ 1225.481175][ T7100] macvlan5: entered promiscuous mode [ 1225.488057][ T7099] openvswitch: netlink: ufid size 164 bytes exceeds the range (1, 16) [ 1225.497143][ T7100] bond0: entered promiscuous mode [ 1225.513189][ T7099] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1225.518225][ T7100] bond_slave_0: entered promiscuous mode [ 1225.550238][ T7100] bond_slave_1: entered promiscuous mode [ 1225.559400][ T7099] x_tables: duplicate underflow at hook 4 [ 1225.586678][ T7100] mac80211_hwsim hwsim10 wlan1: entered promiscuous mode [ 1225.597601][ T7100] 8021q: adding VLAN 0 to HW filter on device macvlan5 [ 1226.539028][ T7123] lo speed is unknown, defaulting to 1000 [ 1226.559976][ T7123] lo speed is unknown, defaulting to 1000 [ 1226.598810][ T7133] __nla_validate_parse: 11 callbacks suppressed [ 1226.598835][ T7133] netlink: 56 bytes leftover after parsing attributes in process `syz.0.9835'. [ 1226.617326][ T7133] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 1226.988147][ T7142] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9839'. [ 1227.489229][ T7158] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9846'. [ 1227.572853][ T7160] netlink: 24 bytes leftover after parsing attributes in process `syz.2.9845'. [ 1227.613080][ T7159] lo speed is unknown, defaulting to 1000 [ 1227.621299][ T7159] lo speed is unknown, defaulting to 1000 [ 1227.643306][ T7160] netlink: 'syz.2.9845': attribute type 1 has an invalid length. [ 1227.698513][ T7160] netlink: 224 bytes leftover after parsing attributes in process `syz.2.9845'. [ 1228.175880][ T7172] erspan0: left allmulticast mode [ 1228.184420][ T7172] erspan0: left promiscuous mode [ 1228.212854][ T7172] bridge18: port 1(erspan0) entered disabled state [ 1228.228441][ T7172] team0: left allmulticast mode [ 1228.262046][ T7172] team_slave_0: left allmulticast mode [ 1228.278076][ T7172] team_slave_1: left allmulticast mode [ 1228.309259][ T7172] team0: left promiscuous mode [ 1228.314109][ T7172] team_slave_0: left promiscuous mode [ 1228.387399][ T7172] team_slave_1: left promiscuous mode [ 1228.393399][ T7172] bridge0: port 5(team0) entered disabled state [ 1228.486823][ T7172] bridge0: port 1(bridge_slave_0) entered disabled state [ 1228.576406][ T7172] bridge_slave_1: left allmulticast mode [ 1228.584725][ T7172] bridge_slave_1: left promiscuous mode [ 1228.613029][ T7172] bridge0: port 2(bridge_slave_1) entered disabled state [ 1228.671509][ T7172] team0: Port device team_slave_0 removed [ 1228.768641][ T7172] team0: Port device team_slave_1 removed [ 1228.795720][ T7172] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1228.861005][ T7172] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 1228.966038][ T7173] team0: No ports can be present during mode change [ 1229.380726][ T7193] FAULT_INJECTION: forcing a failure. [ 1229.380726][ T7193] name failslab, interval 1, probability 0, space 0, times 0 [ 1229.431752][ T7193] CPU: 0 UID: 0 PID: 7193 Comm: syz.2.9856 Not tainted syzkaller #0 PREEMPT(full) [ 1229.431789][ T7193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1229.431804][ T7193] Call Trace: [ 1229.431815][ T7193] [ 1229.431826][ T7193] dump_stack_lvl+0xe8/0x150 [ 1229.431874][ T7193] should_fail_ex+0x412/0x560 [ 1229.431918][ T7193] should_failslab+0xa8/0x100 [ 1229.431953][ T7193] __kmalloc_node_track_caller_noprof+0xeb/0x7b0 [ 1229.431985][ T7193] ? kobject_set_name_vargs+0x61/0x110 [ 1229.432024][ T7193] kvasprintf+0xeb/0x1a0 [ 1229.432057][ T7193] ? __pfx_kvasprintf+0x10/0x10 [ 1229.432087][ T7193] ? do_raw_spin_lock+0x12b/0x2f0 [ 1229.432121][ T7193] ? kvasprintf_const+0xe1/0x240 [ 1229.432154][ T7193] kobject_set_name_vargs+0x61/0x110 [ 1229.432189][ T7193] dev_set_name+0xe2/0x140 [ 1229.432224][ T7193] ? __pfx_dev_set_name+0x10/0x10 [ 1229.432252][ T7193] ? __init_waitqueue_head+0xa9/0x150 [ 1229.432284][ T7193] ? device_initialize+0x26a/0x460 [ 1229.432318][ T7193] wakeup_source_sysfs_add+0x1a9/0x2c0 [ 1229.432358][ T7193] wakeup_source_register+0x18a/0x380 [ 1229.432395][ T7193] ep_insert+0x1022/0x1a40 [ 1229.432437][ T7193] ? __pfx_ep_insert+0x10/0x10 [ 1229.432476][ T7193] ? bpf_lsm_capable+0x9/0x20 [ 1229.432520][ T7193] do_epoll_ctl+0x7f4/0xe80 [ 1229.432554][ T7193] __x64_sys_epoll_ctl+0x165/0x1b0 [ 1229.432583][ T7193] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 1229.432622][ T7193] do_syscall_64+0x14d/0xf80 [ 1229.432649][ T7193] ? trace_irq_disable+0x3b/0x150 [ 1229.432671][ T7193] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1229.432700][ T7193] ? clear_bhb_loop+0x40/0x90 [ 1229.432730][ T7193] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1229.432754][ T7193] RIP: 0033:0x7f0ae359c819 [ 1229.432777][ T7193] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1229.432797][ T7193] RSP: 002b:00007f0ae450e028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 1229.432823][ T7193] RAX: ffffffffffffffda RBX: 00007f0ae3815fa0 RCX: 00007f0ae359c819 [ 1229.432848][ T7193] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000004 [ 1229.432863][ T7193] RBP: 00007f0ae450e090 R08: 0000000000000000 R09: 0000000000000000 [ 1229.432879][ T7193] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000002 [ 1229.432895][ T7193] R13: 00007f0ae3816038 R14: 00007f0ae3815fa0 R15: 00007ffdfcc601a8 [ 1229.432934][ T7193] [ 1230.253764][ T7199] netlink: 28 bytes leftover after parsing attributes in process `syz.4.9859'. [ 1230.283703][ T7199] netlink: 28 bytes leftover after parsing attributes in process `syz.4.9859'. [ 1230.332086][ T7206] netlink: 24 bytes leftover after parsing attributes in process `syz.3.9862'. [ 1230.388025][ T7199] netlink: 64 bytes leftover after parsing attributes in process `syz.4.9859'. [ 1230.446947][ T7206] netlink: 'syz.3.9862': attribute type 1 has an invalid length. [ 1230.467015][ T7206] netlink: 224 bytes leftover after parsing attributes in process `syz.3.9862'. [ 1230.766265][ T7219] syzkaller0: entered promiscuous mode [ 1230.771929][ T7219] syzkaller0: entered allmulticast mode [ 1231.763020][ T7247] lo speed is unknown, defaulting to 1000 [ 1231.782170][ T7247] lo speed is unknown, defaulting to 1000 [ 1231.859548][ T7250] __nla_validate_parse: 1 callbacks suppressed [ 1231.859572][ T7250] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9879'. [ 1231.923799][ T7253] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 1232.421948][ T7262] xt_bpf: check failed: parse error [ 1232.581985][ T7264] netlink: 24 bytes leftover after parsing attributes in process `syz.4.9885'. [ 1232.593691][ T7264] netlink: 'syz.4.9885': attribute type 1 has an invalid length. [ 1232.613938][ T7264] netlink: 224 bytes leftover after parsing attributes in process `syz.4.9885'. [ 1232.651573][ T7268] SET target dimension over the limit! [ 1233.089145][ T7284] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9892'. [ 1233.372475][ T7288] netlink: 'syz.2.9893': attribute type 2 has an invalid length. [ 1233.377898][ T7285] lo speed is unknown, defaulting to 1000 [ 1233.439615][ T7288] hmac(sha224): entered promiscuous mode [ 1233.485268][ T7285] lo speed is unknown, defaulting to 1000 [ 1233.824258][ T7292] netlink: 228 bytes leftover after parsing attributes in process `syz.2.9895'. [ 1233.857479][ T7295] netlink: 228 bytes leftover after parsing attributes in process `syz.2.9895'. [ 1234.119990][ T7299] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9898'. [ 1234.228372][ T7299] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 1234.235687][ T7299] IPv6: NLM_F_CREATE should be set when creating new route [ 1234.280158][ T7302] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 1234.287501][ T7302] IPv6: NLM_F_CREATE should be set when creating new route [ 1234.359976][ T7306] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9900'. [ 1234.441950][ T7299] lo speed is unknown, defaulting to 1000 [ 1234.451914][ T7299] lo speed is unknown, defaulting to 1000 [ 1234.702973][ T7315] netlink: 24 bytes leftover after parsing attributes in process `syz.1.9904'. [ 1234.780044][ T7315] netlink: 'syz.1.9904': attribute type 1 has an invalid length. [ 1234.821109][ T7315] netlink: 224 bytes leftover after parsing attributes in process `syz.1.9904'. [ 1234.901599][ T7322] x_tables: duplicate underflow at hook 2 [ 1235.642898][ T7336] netlink: 'syz.2.9912': attribute type 8 has an invalid length. [ 1236.930747][ T7371] __nla_validate_parse: 2 callbacks suppressed [ 1236.930771][ T7371] netlink: 24 bytes leftover after parsing attributes in process `syz.0.9923'. [ 1236.955576][ T7372] netlink: 72 bytes leftover after parsing attributes in process `syz.1.9924'. [ 1237.035884][ T7371] netlink: 'syz.0.9923': attribute type 1 has an invalid length. [ 1237.084590][ T7371] netlink: 224 bytes leftover after parsing attributes in process `syz.0.9923'. [ 1237.215314][ T7385] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9928'. [ 1237.383863][ T7389] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9929'. [ 1237.746480][ T7404] netlink: 20 bytes leftover after parsing attributes in process `syz.4.9936'. [ 1237.794049][ T7406] sctp: [Deprecated]: syz.3.9935 (pid 7406) Use of int in maxseg socket option. [ 1237.794049][ T7406] Use struct sctp_assoc_value instead [ 1238.157630][ T7424] netlink: 'syz.0.9940': attribute type 1 has an invalid length. [ 1238.174932][ T7426] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1238.195983][ T7424] netlink: 'syz.0.9940': attribute type 2 has an invalid length. [ 1238.398589][ T7430] netlink: 'syz.0.9941': attribute type 3 has an invalid length. [ 1238.415801][ T7430] netlink: 666 bytes leftover after parsing attributes in process `syz.0.9941'. [ 1238.919076][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1241.151926][ T7437] netlink: 28 bytes leftover after parsing attributes in process `syz.1.9945'. [ 1241.224895][ T7437] netlink: 28 bytes leftover after parsing attributes in process `syz.1.9945'. [ 1241.348552][ T7446] bond5: option mode: unable to set because the bond device has slaves [ 1241.452400][ T7446] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check. [ 1241.542134][ T7446] netlink: 20 bytes leftover after parsing attributes in process `syz.4.9946'. [ 1241.782542][ T7466] netlink: zone id is out of range [ 1241.794810][ T7466] netlink: zone id is out of range [ 1241.811549][ T7466] netlink: zone id is out of range [ 1241.827286][ T7460] netlink: 'syz.2.9950': attribute type 1 has an invalid length. [ 1241.841882][ T7466] netlink: zone id is out of range [ 1241.874562][ T7466] netlink: zone id is out of range [ 1241.933491][ T7466] netlink: zone id is out of range [ 1241.962849][ T7469] netlink: 'syz.4.9953': attribute type 2 has an invalid length. [ 1241.999229][ T7466] netlink: zone id is out of range [ 1242.027519][ T7466] netlink: zone id is out of range [ 1242.535092][ T7489] __nla_validate_parse: 8 callbacks suppressed [ 1242.535117][ T7489] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9959'. [ 1242.647212][ T7493] syzkaller0: entered promiscuous mode [ 1242.652859][ T7493] syzkaller0: entered allmulticast mode [ 1242.823386][ T7496] lo speed is unknown, defaulting to 1000 [ 1242.848028][ T7496] lo speed is unknown, defaulting to 1000 [ 1242.865505][ T7499] netlink: 28 bytes leftover after parsing attributes in process `syz.1.9962'. [ 1243.073086][ T7504] netlink: 'syz.1.9966': attribute type 2 has an invalid length. [ 1243.291739][ T7512] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9964'. [ 1244.059395][ T7528] netlink: 24 bytes leftover after parsing attributes in process `syz.3.9973'. [ 1244.097146][ T7528] netlink: 'syz.3.9973': attribute type 1 has an invalid length. [ 1244.120233][ T7528] netlink: 224 bytes leftover after parsing attributes in process `syz.3.9973'. [ 1244.307938][ T7538] netlink: 'syz.1.9975': attribute type 4 has an invalid length. [ 1244.507195][ T7544] net_ratelimit: 718 callbacks suppressed [ 1244.507223][ T7544] netlink: zone id is out of range [ 1244.532216][ T7544] netlink: zone id is out of range [ 1244.550019][ T7544] netlink: zone id is out of range [ 1244.562129][ T7544] netlink: zone id is out of range [ 1244.580373][ T7544] netlink: zone id is out of range [ 1244.614455][ T7544] netlink: zone id is out of range [ 1244.679151][ T7547] netlink: 'syz.2.9978': attribute type 2 has an invalid length. [ 1244.687447][ T7544] netlink: zone id is out of range [ 1244.692785][ T7544] netlink: zone id is out of range [ 1244.728462][ T7544] netlink: zone id is out of range [ 1244.733802][ T7544] netlink: zone id is out of range [ 1245.086845][ T7563] netlink: 9 bytes leftover after parsing attributes in process `syz.4.9985'. [ 1245.108695][ T7565] netlink: 13 bytes leftover after parsing attributes in process `syz.2.9986'. [ 1245.353377][ T7578] FAULT_INJECTION: forcing a failure. [ 1245.353377][ T7578] name failslab, interval 1, probability 0, space 0, times 0 [ 1245.369304][ T7574] netlink: 'syz.3.9992': attribute type 2 has an invalid length. [ 1245.383704][ T7578] CPU: 0 UID: 0 PID: 7578 Comm: syz.2.9990 Not tainted syzkaller #0 PREEMPT(full) [ 1245.383738][ T7578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1245.383754][ T7578] Call Trace: [ 1245.383765][ T7578] [ 1245.383775][ T7578] dump_stack_lvl+0xe8/0x150 [ 1245.383847][ T7578] should_fail_ex+0x412/0x560 [ 1245.383890][ T7578] should_failslab+0xa8/0x100 [ 1245.383922][ T7578] ? __kernfs_new_node+0xe9/0x8e0 [ 1245.383947][ T7578] kmem_cache_alloc_noprof+0x87/0x650 [ 1245.383984][ T7578] __kernfs_new_node+0xe9/0x8e0 [ 1245.384006][ T7578] ? arch_stack_walk+0xfb/0x150 [ 1245.384049][ T7578] ? __pfx___kernfs_new_node+0x10/0x10 [ 1245.384075][ T7578] ? kernfs_root+0x1c/0x230 [ 1245.384119][ T7578] ? kernfs_root+0x1c/0x230 [ 1245.384153][ T7578] ? kernfs_root+0x1c/0x230 [ 1245.384185][ T7578] ? kernfs_root+0x1c/0x230 [ 1245.384226][ T7578] kernfs_new_node+0x102/0x210 [ 1245.384255][ T7578] kernfs_create_dir_ns+0x44/0x130 [ 1245.384285][ T7578] sysfs_create_dir_ns+0x12f/0x2a0 [ 1245.384323][ T7578] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 1245.384360][ T7578] ? do_raw_spin_unlock+0xf5/0x210 [ 1245.384392][ T7578] kobject_add_internal+0x62b/0xd00 [ 1245.384435][ T7578] kobject_add+0x163/0x240 [ 1245.384472][ T7578] ? __pfx_kobject_add+0x10/0x10 [ 1245.384503][ T7578] ? do_raw_spin_unlock+0xf5/0x210 [ 1245.384536][ T7578] ? get_device_parent+0x366/0x3a0 [ 1245.384571][ T7578] device_add+0x408/0xb70 [ 1245.384601][ T7578] ? device_initialize+0x26a/0x460 [ 1245.384633][ T7578] wakeup_source_sysfs_add+0x1d3/0x2c0 [ 1245.384671][ T7578] wakeup_source_register+0x18a/0x380 [ 1245.384708][ T7578] ep_insert+0x1022/0x1a40 [ 1245.384749][ T7578] ? __pfx_ep_insert+0x10/0x10 [ 1245.384794][ T7578] ? bpf_lsm_capable+0x9/0x20 [ 1245.384838][ T7578] do_epoll_ctl+0x7f4/0xe80 [ 1245.384871][ T7578] __x64_sys_epoll_ctl+0x165/0x1b0 [ 1245.384899][ T7578] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 1245.384938][ T7578] do_syscall_64+0x14d/0xf80 [ 1245.384964][ T7578] ? trace_irq_disable+0x3b/0x150 [ 1245.384985][ T7578] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1245.385010][ T7578] ? clear_bhb_loop+0x40/0x90 [ 1245.385040][ T7578] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1245.385064][ T7578] RIP: 0033:0x7f0ae359c819 [ 1245.385087][ T7578] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1245.385108][ T7578] RSP: 002b:00007f0ae450e028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 1245.385133][ T7578] RAX: ffffffffffffffda RBX: 00007f0ae3815fa0 RCX: 00007f0ae359c819 [ 1245.385151][ T7578] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000004 [ 1245.385166][ T7578] RBP: 00007f0ae450e090 R08: 0000000000000000 R09: 0000000000000000 [ 1245.385182][ T7578] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000002 [ 1245.385198][ T7578] R13: 00007f0ae3816038 R14: 00007f0ae3815fa0 R15: 00007ffdfcc601a8 [ 1245.385237][ T7578] [ 1245.691251][ T7578] kobject: kobject_add_internal failed for wakeup13 (error: -12 parent: wakeup) [ 1246.016200][ T7585] syzkaller0: entered promiscuous mode [ 1246.021743][ T7585] syzkaller0: entered allmulticast mode [ 1246.136938][ T7585] netlink: 'syz.4.9993': attribute type 4 has an invalid length. [ 1246.304779][ T7600] netlink: 'syz.2.9996': attribute type 2 has an invalid length. [ 1246.312991][ T7600] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9996'. [ 1246.481353][ T7600] netlink: 'syz.2.9996': attribute type 2 has an invalid length. [ 1246.492712][ T7600] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9996'. [ 1246.971508][ T7610] netlink: 'syz.0.10000': attribute type 8 has an invalid length. [ 1247.128296][ T7613] netlink: 24 bytes leftover after parsing attributes in process `syz.1.9998'. [ 1247.269349][ T7613] netlink: 'syz.1.9998': attribute type 1 has an invalid length. [ 1247.355900][ T7626] netlink: 'syz.2.10005': attribute type 2 has an invalid length. [ 1247.445561][ T7628] erspan0: left allmulticast mode [ 1247.466961][ T7628] erspan0: left promiscuous mode [ 1247.477279][ T7628] bridge15: port 1(erspan0) entered disabled state [ 1247.503101][ T7628] bridge25: port 1(erspan0) entered blocking state [ 1247.517464][ T7628] bridge25: port 1(erspan0) entered disabled state [ 1247.550730][ T7628] erspan0: entered allmulticast mode [ 1247.561563][ T7628] erspan0: entered promiscuous mode [ 1247.576093][ T7628] bridge25: port 1(erspan0) entered blocking state [ 1247.582889][ T7628] bridge25: port 1(erspan0) entered forwarding state [ 1247.790751][ T7643] __nla_validate_parse: 2 callbacks suppressed [ 1247.790775][ T7643] netlink: 124 bytes leftover after parsing attributes in process `syz.2.10012'. [ 1248.038789][ T7651] FAULT_INJECTION: forcing a failure. [ 1248.038789][ T7651] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1248.134779][ T7651] CPU: 0 UID: 0 PID: 7651 Comm: syz.3.10015 Not tainted syzkaller #0 PREEMPT(full) [ 1248.134812][ T7651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1248.134827][ T7651] Call Trace: [ 1248.134837][ T7651] [ 1248.134847][ T7651] dump_stack_lvl+0xe8/0x150 [ 1248.134887][ T7651] should_fail_ex+0x412/0x560 [ 1248.134929][ T7651] _copy_from_user+0x2d/0xb0 [ 1248.134961][ T7651] __copy_msghdr+0x3c5/0x5b0 [ 1248.134999][ T7651] ___sys_sendmsg+0x213/0x360 [ 1248.135043][ T7651] ? __pfx____sys_sendmsg+0x10/0x10 [ 1248.135083][ T7651] ? kstrtouint+0x6e/0xe0 [ 1248.135147][ T7651] ? __fget_files+0x2a/0x420 [ 1248.135170][ T7651] ? __fget_files+0x3a0/0x420 [ 1248.135204][ T7651] __sys_sendmmsg+0x27c/0x4e0 [ 1248.135248][ T7651] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1248.135288][ T7651] ? __mutex_unlock_slowpath+0x1bd/0x7d0 [ 1248.135347][ T7651] ? ksys_write+0x242/0x270 [ 1248.135378][ T7651] ? __pfx_ksys_write+0x10/0x10 [ 1248.135414][ T7651] __x64_sys_sendmmsg+0xa0/0xc0 [ 1248.135453][ T7651] do_syscall_64+0x14d/0xf80 [ 1248.135480][ T7651] ? trace_irq_disable+0x3b/0x150 [ 1248.135502][ T7651] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1248.135527][ T7651] ? clear_bhb_loop+0x40/0x90 [ 1248.135563][ T7651] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1248.135586][ T7651] RIP: 0033:0x7f7d10f9c819 [ 1248.135608][ T7651] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1248.135629][ T7651] RSP: 002b:00007f7d0f1ee028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1248.135654][ T7651] RAX: ffffffffffffffda RBX: 00007f7d11215fa0 RCX: 00007f7d10f9c819 [ 1248.135672][ T7651] RDX: 0000000000000001 RSI: 0000200000003540 RDI: 0000000000000003 [ 1248.135688][ T7651] RBP: 00007f7d0f1ee090 R08: 0000000000000000 R09: 0000000000000000 [ 1248.135703][ T7651] R10: 0000000000008084 R11: 0000000000000246 R12: 0000000000000001 [ 1248.135719][ T7651] R13: 00007f7d11216038 R14: 00007f7d11215fa0 R15: 00007fffc741c518 [ 1248.135756][ T7651] [ 1248.951718][ T7675] netlink: 1047 bytes leftover after parsing attributes in process `syz.3.10025'. [ 1248.984894][ T7675] bridge_slave_1: default FDB implementation only supports local addresses [ 1249.008196][ T7681] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 1249.022441][ T7681] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 1249.034767][ T7681] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 1249.042829][ T7681] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 1249.050978][ T7681] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 1249.174980][T20178] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 1249.183091][T20178] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 1249.190651][T20178] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 1249.198869][T20178] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 1249.206796][T20178] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 1249.272625][ T7678] lo speed is unknown, defaulting to 1000 [ 1249.282051][ T7678] lo speed is unknown, defaulting to 1000 [ 1249.412418][ T5826] team0: Port device syz_tun removed [ 1249.519225][ T1089] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1249.571297][ T1089] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1249.679146][ T1089] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1249.752181][ T1089] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1249.791765][ T7686] net_ratelimit: 1443 callbacks suppressed [ 1249.791792][ T7686] netlink: zone id is out of range [ 1249.823613][ T7686] netlink: zone id is out of range [ 1249.841814][ T7686] netlink: zone id is out of range [ 1249.856694][ T7686] netlink: zone id is out of range [ 1249.868421][ T7686] netlink: zone id is out of range [ 1249.879774][ T7686] netlink: zone id is out of range [ 1249.893173][ T7686] netlink: zone id is out of range [ 1249.905650][ T7686] netlink: zone id is out of range [ 1249.919940][ T7686] netlink: zone id is out of range [ 1249.930976][ T7686] netlink: zone id is out of range [ 1250.272779][ T1089] hsr0: left allmulticast mode [ 1250.286155][ T1089] hsr_slave_0: left allmulticast mode [ 1250.311622][ T1089] hsr_slave_1: left allmulticast mode [ 1250.339938][ T1089] bridge0: port 3(hsr0) entered disabled state [ 1250.379880][ T1089] bridge_slave_1: left promiscuous mode [ 1250.400048][ T1089] bridge0: port 2(bridge_slave_1) entered disabled state [ 1250.417286][ T1089] bridge_slave_0: left allmulticast mode [ 1250.433911][ T1089] bridge_slave_0: left promiscuous mode [ 1250.465178][ T1089] bridge0: port 1(bridge_slave_0) entered disabled state [ 1250.518260][ T1089] bond2: left allmulticast mode [ 1250.523248][ T1089] bond2: left promiscuous mode [ 1250.543536][ T1089] bridge4: port 1(bond2) entered disabled state [ 1250.606455][ T1089] bond6: left allmulticast mode [ 1250.611483][ T1089] bond6: left promiscuous mode [ 1250.644958][ T1089] bridge13: port 2(bond6) entered disabled state [ 1250.682667][ T1089] bond9: left allmulticast mode [ 1250.714681][ T1089] bond9: left promiscuous mode [ 1250.719743][ T1089] bridge15: port 2(bond9) entered disabled state [ 1250.813616][ T1089] erspan0: left allmulticast mode [ 1250.824695][ T1089] erspan0: left promiscuous mode [ 1250.846803][ T1089] bridge25: port 1(erspan0) entered disabled state [ 1250.917519][ T7722] validate_nla: 2 callbacks suppressed [ 1250.917546][ T7722] netlink: 'syz.3.10038': attribute type 1 has an invalid length. [ 1251.235991][T20178] Bluetooth: hci5: command tx timeout [ 1251.356844][ T1089] gretap0 (unregistering): left promiscuous mode [ 1251.424412][ T1089] bond5 (unregistering): (slave geneve2): Releasing backup interface [ 1252.551337][ T1089] bond11 (unregistering): (slave bridge20): Releasing active interface [ 1252.782889][ T1089] bond0 (unregistering): left promiscuous mode [ 1252.789409][ T1089] bond_slave_0: left promiscuous mode [ 1252.795906][ T1089] bond_slave_1: left promiscuous mode [ 1252.810225][ T1089] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1252.822576][ T1089] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1252.832917][ T1089] bond0 (unregistering): Released all slaves [ 1252.850598][ T1089] bond1 (unregistering): Released all slaves [ 1252.869747][ T1089] bond2 (unregistering): Released all slaves [ 1252.895772][ T1089] bond3 (unregistering): Released all slaves [ 1252.916533][ T1089] bond4 (unregistering): Released all slaves [ 1252.942771][ T1089] bond5 (unregistering): Released all slaves [ 1252.962745][ T1089] bond6 (unregistering): Released all slaves [ 1252.984223][ T1089] bond7 (unregistering): Released all slaves [ 1253.011968][ T1089] bond8 (unregistering): Released all slaves [ 1253.037218][ T1089] bond9 (unregistering): Released all slaves [ 1253.062145][ T1089] bond10 (unregistering): Released all slaves [ 1253.085579][ T1089] bond11 (unregistering): (slave veth7): Releasing active interface [ 1253.102914][ T1089] bond11 (unregistering): (slave veth9): Releasing active interface [ 1253.113549][ T1089] bond11 (unregistering): Released all slaves [ 1253.132908][ T1089] bond12 (unregistering): Released all slaves [ 1253.152506][ T1089] bond13 (unregistering): Released all slaves [ 1253.215930][ T7722] workqueue: Failed to create a rescuer kthread for wq "bond22": -EINTR [ 1253.315647][T20178] Bluetooth: hci5: command tx timeout [ 1253.542493][ T1089] : left promiscuous mode [ 1253.743703][ T7770] FAULT_INJECTION: forcing a failure. [ 1253.743703][ T7770] name failslab, interval 1, probability 0, space 0, times 0 [ 1253.778689][ T1089] tipc: Left network mode [ 1253.785101][ T7770] CPU: 1 UID: 0 PID: 7770 Comm: syz.1.10054 Not tainted syzkaller #0 PREEMPT(full) [ 1253.785135][ T7770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1253.785151][ T7770] Call Trace: [ 1253.785161][ T7770] [ 1253.785171][ T7770] dump_stack_lvl+0xe8/0x150 [ 1253.785220][ T7770] should_fail_ex+0x412/0x560 [ 1253.785266][ T7770] should_failslab+0xa8/0x100 [ 1253.785298][ T7770] ? skb_clone+0x212/0x3a0 [ 1253.785321][ T7770] kmem_cache_alloc_noprof+0x87/0x650 [ 1253.785349][ T7770] ? __netlink_lookup+0xc6/0x8b0 [ 1253.785390][ T7770] skb_clone+0x212/0x3a0 [ 1253.785417][ T7770] __netlink_deliver_tap+0x404/0x850 [ 1253.785465][ T7770] ? netlink_deliver_tap+0x2e/0x1b0 [ 1253.785500][ T7770] netlink_deliver_tap+0x19c/0x1b0 [ 1253.785535][ T7770] netlink_unicast+0x730/0x8e0 [ 1253.785577][ T7770] netlink_sendmsg+0x813/0xb40 [ 1253.785622][ T7770] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1253.785661][ T7770] ? aa_sock_msg_perm+0xf1/0x1b0 [ 1253.785687][ T7770] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 1253.785719][ T7770] ____sys_sendmsg+0x972/0x9f0 [ 1253.785766][ T7770] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1253.785812][ T7770] ? import_iovec+0x73/0xa0 [ 1253.785846][ T7770] ___sys_sendmsg+0x2a5/0x360 [ 1253.785888][ T7770] ? __pfx____sys_sendmsg+0x10/0x10 [ 1253.785964][ T7770] ? __fget_files+0x2a/0x420 [ 1253.785986][ T7770] ? __fget_files+0x3a0/0x420 [ 1253.786021][ T7770] __x64_sys_sendmsg+0x1bd/0x2a0 [ 1253.786059][ T7770] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 1253.786107][ T7770] ? __pfx_ksys_write+0x10/0x10 [ 1253.786148][ T7770] do_syscall_64+0x14d/0xf80 [ 1253.786175][ T7770] ? trace_irq_disable+0x3b/0x150 [ 1253.786204][ T7770] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1253.786228][ T7770] ? clear_bhb_loop+0x40/0x90 [ 1253.786258][ T7770] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1253.786282][ T7770] RIP: 0033:0x7f482e79c819 [ 1253.786304][ T7770] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1253.786325][ T7770] RSP: 002b:00007f482f656028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1253.786352][ T7770] RAX: ffffffffffffffda RBX: 00007f482ea15fa0 RCX: 00007f482e79c819 [ 1253.786369][ T7770] RDX: 0000000024000806 RSI: 0000200000000180 RDI: 0000000000000003 [ 1253.786386][ T7770] RBP: 00007f482f656090 R08: 0000000000000000 R09: 0000000000000000 [ 1253.786402][ T7770] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1253.786417][ T7770] R13: 00007f482ea16038 R14: 00007f482ea15fa0 R15: 00007ffcf0074d08 [ 1253.786454][ T7770] [ 1254.113719][ T7678] chnl_net:caif_netlink_parms(): no params data found [ 1254.502422][ T7788] netlink: 28 bytes leftover after parsing attributes in process `syz.2.10058'. [ 1254.515553][ T7788] netlink: 40 bytes leftover after parsing attributes in process `syz.2.10058'. [ 1254.573155][ T7791] netlink: 12 bytes leftover after parsing attributes in process `syz.3.10059'. [ 1254.660795][ T7794] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10060'. [ 1254.888357][ T7678] bridge0: port 1(bridge_slave_0) entered blocking state [ 1254.933849][ T7678] bridge0: port 1(bridge_slave_0) entered disabled state [ 1254.961880][ T7678] bridge_slave_0: entered allmulticast mode [ 1254.987150][ T7678] bridge_slave_0: entered promiscuous mode [ 1255.089592][ T7807] macvlan6: entered promiscuous mode [ 1255.119950][ T7807] 8021q: adding VLAN 0 to HW filter on device macvlan6 [ 1255.170495][ T7678] bridge0: port 2(bridge_slave_1) entered blocking state [ 1255.197406][ T7678] bridge0: port 2(bridge_slave_1) entered disabled state [ 1255.225040][ T7678] bridge_slave_1: entered allmulticast mode [ 1255.256869][ T7678] bridge_slave_1: entered promiscuous mode [ 1255.400437][T20178] Bluetooth: hci5: command tx timeout [ 1255.431347][ T7678] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1255.445337][ T7823] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10066'. [ 1255.512835][ T7827] netlink: 'syz.4.10066': attribute type 13 has an invalid length. [ 1255.531168][ T7678] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1255.570955][ T7827] netlink: 'syz.4.10066': attribute type 17 has an invalid length. [ 1255.657722][ T7830] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.10069'. [ 1255.672628][ T7827] tunl0: left promiscuous mode [ 1255.713788][ T7834] FAULT_INJECTION: forcing a failure. [ 1255.713788][ T7834] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1255.757925][ T7834] CPU: 0 UID: 0 PID: 7834 Comm: syz.3.10070 Not tainted syzkaller #0 PREEMPT(full) [ 1255.757960][ T7834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1255.757976][ T7834] Call Trace: [ 1255.757986][ T7834] [ 1255.757997][ T7834] dump_stack_lvl+0xe8/0x150 [ 1255.758035][ T7834] should_fail_ex+0x412/0x560 [ 1255.758085][ T7834] _copy_from_iter+0x1d3/0x1670 [ 1255.758115][ T7834] ? rcu_is_watching+0x15/0xb0 [ 1255.758155][ T7834] ? __pfx__copy_from_iter+0x10/0x10 [ 1255.758189][ T7834] ? netlink_sendmsg+0x650/0xb40 [ 1255.758223][ T7834] ? skb_put+0x11b/0x210 [ 1255.758258][ T7834] netlink_sendmsg+0x6c0/0xb40 [ 1255.758298][ T7834] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1255.758333][ T7834] ? aa_sock_msg_perm+0xf1/0x1b0 [ 1255.758356][ T7834] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 1255.758386][ T7834] ____sys_sendmsg+0x972/0x9f0 [ 1255.758429][ T7834] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1255.758473][ T7834] ? import_iovec+0x73/0xa0 [ 1255.758504][ T7834] ___sys_sendmsg+0x2a5/0x360 [ 1255.758545][ T7834] ? __pfx____sys_sendmsg+0x10/0x10 [ 1255.758616][ T7834] ? __fget_files+0x2a/0x420 [ 1255.758637][ T7834] ? __fget_files+0x3a0/0x420 [ 1255.758669][ T7834] __x64_sys_sendmsg+0x1bd/0x2a0 [ 1255.758708][ T7834] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 1255.758753][ T7834] ? __pfx_ksys_write+0x10/0x10 [ 1255.758793][ T7834] do_syscall_64+0x14d/0xf80 [ 1255.758820][ T7834] ? trace_irq_disable+0x3b/0x150 [ 1255.758842][ T7834] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1255.758866][ T7834] ? clear_bhb_loop+0x40/0x90 [ 1255.758896][ T7834] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1255.758919][ T7834] RIP: 0033:0x7f7d10f9c819 [ 1255.758947][ T7834] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1255.758967][ T7834] RSP: 002b:00007f7d0f1ee028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1255.758993][ T7834] RAX: ffffffffffffffda RBX: 00007f7d11215fa0 RCX: 00007f7d10f9c819 [ 1255.759011][ T7834] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003 [ 1255.759025][ T7834] RBP: 00007f7d0f1ee090 R08: 0000000000000000 R09: 0000000000000000 [ 1255.759041][ T7834] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1255.759063][ T7834] R13: 00007f7d11216038 R14: 00007f7d11215fa0 R15: 00007fffc741c518 [ 1255.759100][ T7834] [ 1256.192422][ T7827] vcan0: left promiscuous mode [ 1256.197511][ T7827] vcan0: left allmulticast mode [ 1256.205315][ T7827] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1256.233818][ T7827] net_ratelimit: 36 callbacks suppressed [ 1256.233832][ T7827] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 1256.394146][ T7678] team0: Port device team_slave_0 added [ 1256.477135][ T7678] team0: Port device team_slave_1 added [ 1256.511832][ T7851] netlink: 'syz.2.10077': attribute type 10 has an invalid length. [ 1256.555452][ T7851] netlink: 'syz.2.10077': attribute type 10 has an invalid length. [ 1256.624061][ T7678] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1256.655236][ T7678] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1256.714771][ T7678] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1256.744366][ T7678] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1256.751704][ T7678] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1256.800135][ T7678] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1257.003903][ T7678] hsr_slave_0: entered promiscuous mode [ 1257.020413][ T7678] hsr_slave_1: entered promiscuous mode [ 1257.043590][ T7678] debugfs: 'hsr0' already exists in 'hsr' [ 1257.061471][ T7678] Cannot create hsr debugfs directory [ 1257.251381][ T1089] hsr_slave_0: left promiscuous mode [ 1257.266299][ T1089] hsr_slave_1: left promiscuous mode [ 1257.286189][ T1089] pim6reg99999991 (unregistering): left allmulticast mode [ 1257.475143][T20178] Bluetooth: hci5: command tx timeout [ 1257.670004][ T1089] team0 (unregistering): Port device team_slave_1 removed [ 1257.694239][ T1089] team0 (unregistering): Port device team_slave_0 removed [ 1258.175479][ T1089] IPVS: stop unused estimator thread 0... [ 1258.418037][ T7678] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1258.431636][ T7678] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1258.451320][ T7678] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1258.468085][ T7678] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1258.579506][ T7678] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1258.606657][ T7678] 8021q: adding VLAN 0 to HW filter on device team0 [ 1258.621856][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 1258.629142][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1258.660497][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 1258.667770][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1258.925308][ T7678] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1258.990176][ T7678] veth0_vlan: entered promiscuous mode [ 1259.007931][ T7678] veth1_vlan: entered promiscuous mode [ 1259.057127][ T7678] veth0_macvtap: entered promiscuous mode [ 1259.069897][ T7678] veth1_macvtap: entered promiscuous mode [ 1259.105240][ T7678] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1259.122369][ T7678] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1259.139947][ T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1259.167057][ T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1259.176654][ T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1259.197009][ T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1259.281893][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1259.304812][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1259.349824][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1259.358928][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1264.778243][ T7866] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10078'. [ 1265.035856][ T7872] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10081'. [ 1265.117305][ T7881] netlink: 5 bytes leftover after parsing attributes in process `syz.2.10084'. [ 1265.367276][ T7681] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1265.381052][ T7681] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1265.391115][ T7681] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1265.403105][ T7884] syzkaller0: entered promiscuous mode [ 1265.407990][ T7681] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1265.416426][ T7681] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1265.453012][ T7884] syzkaller0: entered allmulticast mode [ 1265.748538][ T7885] lo speed is unknown, defaulting to 1000 [ 1265.766570][ T7885] lo speed is unknown, defaulting to 1000 [ 1265.783378][ T7898] sctp: [Deprecated]: syz.0.10090 (pid 7898) Use of int in maxseg socket option. [ 1265.783378][ T7898] Use struct sctp_assoc_value instead [ 1266.348153][ T7917] openvswitch: netlink: Missing key (keys=40, expected=2000) [ 1266.630747][ T7925] openvswitch: netlink: Unexpected mask (mask=100000000, allowed=10048) [ 1266.747335][ T7930] x_tables: ip6_tables: CLASSIFY target: used from hooks PREROUTING, but only usable from FORWARD/OUTPUT/POSTROUTING [ 1266.765621][ T7929] x_tables: ip6_tables: CLASSIFY target: used from hooks PREROUTING, but only usable from FORWARD/OUTPUT/POSTROUTING [ 1266.849474][ T7928] netdevsim netdevsim2 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1266.906939][ T7928] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1267.086648][ T7928] netdevsim netdevsim2 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1267.105606][ T7928] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1267.176820][ T8054] bond5: left allmulticast mode [ 1267.205020][ T8054] bond5: left promiscuous mode [ 1267.210204][ T8054] bridge3: port 1(bond5) entered disabled state [ 1267.268023][ T8054] bond8: left allmulticast mode [ 1267.272974][ T8054] bond8: left promiscuous mode [ 1267.281674][ T8054] bridge5: port 1(bond8) entered disabled state [ 1267.299804][ T8054] bond9: left allmulticast mode [ 1267.304878][ T8054] bond9: left promiscuous mode [ 1267.309912][ T8054] bridge6: port 1(bond9) entered disabled state [ 1267.348332][ T7950] netlink: 'syz.4.10106': attribute type 1 has an invalid length. [ 1267.359478][ T7950] netlink: 'syz.4.10106': attribute type 2 has an invalid length. [ 1267.420247][ T8054] bond12: left allmulticast mode [ 1267.435498][ T8054] bond12: left promiscuous mode [ 1267.440841][ T8054] bridge10: port 1(bond12) entered disabled state [ 1267.474128][ T8054] vlan3: left allmulticast mode [ 1267.482259][ T7681] Bluetooth: hci2: command tx timeout [ 1267.502340][ T8054] bridge_slave_0: left allmulticast mode [ 1267.508320][ T8054] vlan3: left promiscuous mode [ 1267.516897][ T8054] bridge_slave_0: left promiscuous mode [ 1267.523086][ T8054] bridge0: port 1(vlan3) entered disabled state [ 1267.617893][ T7957] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10108'. [ 1267.638785][ T8054] dvmrp6: left allmulticast mode [ 1267.643985][ T8054] lo: left allmulticast mode [ 1267.806615][ T7961] block nbd0: not configured, cannot reconfigure [ 1267.841510][ T8054] bond15 (unregistering): (slave ip6gretap2): Removing an active aggregator [ 1267.863131][ T8054] bond15 (unregistering): (slave ip6gretap2): Releasing backup interface [ 1267.882255][ T8054] bond15 (unregistering): (slave ip6gretap2): the permanent HWaddr of slave - 82:b6:4e:31:ff:b1 - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts [ 1268.338317][ T8054] bond16 (unregistering): (slave gretap2): Releasing active interface [ 1269.565000][ T7681] Bluetooth: hci2: command tx timeout [ 1269.771461][ T8054] bond23 (unregistering): (slave bridge29): Releasing backup interface [ 1269.780236][ T8054] bridge29 (unregistering): left promiscuous mode [ 1269.788003][ T8054] bridge29 (unregistering): left allmulticast mode [ 1269.923576][ T8054] bond0 (unregistering): Released all slaves [ 1269.938513][ T1089] smc: removing ib device syz1 [ 1269.944306][ T8054] bond1 (unregistering): (slave veth3): Releasing active interface [ 1269.965644][ T8054] bond1 (unregistering): (slave batadv1): Releasing active interface [ 1269.975656][ T8054] bond1 (unregistering): Released all slaves [ 1269.997282][ T8054] bond2 (unregistering): Released all slaves [ 1270.019097][ T8054] bond3 (unregistering): Released all slaves [ 1270.042779][ T8054] bond4 (unregistering): Released all slaves [ 1270.071285][ T8054] bond5 (unregistering): Released all slaves [ 1270.091068][ T8054] bond6 (unregistering): Released all slaves [ 1270.120613][ T8054] bond7 (unregistering): Released all slaves [ 1270.139783][ T8054] bond8 (unregistering): Released all slaves [ 1270.168687][ T8054] bond9 (unregistering): Released all slaves [ 1270.193072][ T8054] bond10 (unregistering): Released all slaves [ 1270.214277][ T8054] bond11 (unregistering): Released all slaves [ 1270.246955][ T8054] bond12 (unregistering): Released all slaves [ 1270.267434][ T8054] bond13 (unregistering): (slave veth7): Releasing active interface [ 1270.281286][ T8054] bond13 (unregistering): (slave batadv2): Releasing active interface [ 1270.292535][ T8054] bond13 (unregistering): Released all slaves [ 1270.316602][ T8054] bond14 (unregistering): Released all slaves [ 1270.340850][ T8054] bond15 (unregistering): (slave veth9): Releasing backup interface [ 1270.358076][ T8054] bond15 (unregistering): Released all slaves [ 1270.380872][ T8054] bond16 (unregistering): Released all slaves [ 1270.400106][ T8054] bond17 (unregistering): Released all slaves [ 1270.427806][ T8054] bond18 (unregistering): Released all slaves [ 1270.450329][ T8054] bond19 (unregistering): Released all slaves [ 1270.473028][ T8054] bond20 (unregistering): Released all slaves [ 1270.489250][ T8054] bond21 (unregistering): Released all slaves [ 1270.514106][ T8054] bond22 (unregistering): Released all slaves [ 1270.549995][ T8054] bond23 (unregistering): Released all slaves [ 1270.589036][ T7928] netdevsim netdevsim2 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1270.605439][ T7928] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1270.695929][ T7965] FAULT_INJECTION: forcing a failure. [ 1270.695929][ T7965] name failslab, interval 1, probability 0, space 0, times 0 [ 1270.739803][ T7965] CPU: 1 UID: 0 PID: 7965 Comm: syz.0.10110 Not tainted syzkaller #0 PREEMPT(full) [ 1270.739838][ T7965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1270.739853][ T7965] Call Trace: [ 1270.739862][ T7965] [ 1270.739873][ T7965] dump_stack_lvl+0xe8/0x150 [ 1270.739911][ T7965] should_fail_ex+0x412/0x560 [ 1270.739953][ T7965] should_failslab+0xa8/0x100 [ 1270.739986][ T7965] __kmalloc_cache_node_noprof+0x8a/0x6b0 [ 1270.740016][ T7965] ? page_pool_create_percpu+0x76/0xb80 [ 1270.740047][ T7965] page_pool_create_percpu+0x76/0xb80 [ 1270.740093][ T7965] __veth_napi_enable_range+0x1ab/0x760 [ 1270.740127][ T7965] ? __mutex_unlock_slowpath+0x1bd/0x7d0 [ 1270.740158][ T7965] ? __pfx___veth_napi_enable_range+0x10/0x10 [ 1270.740204][ T7965] ? netif_napi_set_irq_locked+0x1f9/0x730 [ 1270.740239][ T7965] veth_napi_enable_range+0xff/0x200 [ 1270.740276][ T7965] veth_set_features+0x1c8/0x2a0 [ 1270.740306][ T7965] __netdev_update_features+0xa8f/0x1e10 [ 1270.740342][ T7965] ? do_raw_spin_lock+0x12b/0x2f0 [ 1270.740370][ T7965] ? __pfx___netdev_update_features+0x10/0x10 [ 1270.740402][ T7965] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 1270.740462][ T7965] ethtool_set_one_feature+0x2a7/0x2f0 [ 1270.740495][ T7965] ? __pfx_ethtool_set_one_feature+0x10/0x10 [ 1270.740524][ T7965] ? bpf_lsm_capable+0x9/0x20 [ 1270.740557][ T7965] ? security_capable+0x7e/0x2c0 [ 1270.740601][ T7965] dev_ethtool+0x10f9/0x1ae0 [ 1270.740639][ T7965] ? __pfx_dev_ethtool+0x10/0x10 [ 1270.740681][ T7965] ? dev_load+0x21/0x1f0 [ 1270.740713][ T7965] dev_ioctl+0x392/0x1150 [ 1270.740748][ T7965] sock_do_ioctl+0x23e/0x320 [ 1270.740779][ T7965] ? __pfx_sock_do_ioctl+0x10/0x10 [ 1270.740803][ T7965] ? __mutex_unlock_slowpath+0x1bd/0x7d0 [ 1270.740852][ T7965] sock_ioctl+0x5c6/0x7f0 [ 1270.740880][ T7965] ? __pfx_sock_ioctl+0x10/0x10 [ 1270.740906][ T7965] ? __fget_files+0x2a/0x420 [ 1270.740928][ T7965] ? __fget_files+0x3a0/0x420 [ 1270.740949][ T7965] ? __fget_files+0x2a/0x420 [ 1270.740975][ T7965] ? bpf_lsm_file_ioctl+0x9/0x20 [ 1270.741007][ T7965] ? __pfx_sock_ioctl+0x10/0x10 [ 1270.741032][ T7965] __se_sys_ioctl+0xfc/0x170 [ 1270.741074][ T7965] do_syscall_64+0x14d/0xf80 [ 1270.741100][ T7965] ? trace_irq_disable+0x3b/0x150 [ 1270.741122][ T7965] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1270.741146][ T7965] ? clear_bhb_loop+0x40/0x90 [ 1270.741176][ T7965] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1270.741200][ T7965] RIP: 0033:0x7f2d02b9c819 [ 1270.741223][ T7965] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1270.741244][ T7965] RSP: 002b:00007f2d03ad0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1270.741270][ T7965] RAX: ffffffffffffffda RBX: 00007f2d02e15fa0 RCX: 00007f2d02b9c819 [ 1270.741288][ T7965] RDX: 00002000000002c0 RSI: 0000000000008946 RDI: 0000000000000004 [ 1270.741304][ T7965] RBP: 00007f2d03ad0090 R08: 0000000000000000 R09: 0000000000000000 [ 1270.741319][ T7965] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1270.741333][ T7965] R13: 00007f2d02e16038 R14: 00007f2d02e15fa0 R15: 00007ffe11f956a8 [ 1270.741371][ T7965] [ 1271.066988][ T7965] veth0_to_team: set_features() failed (-12); wanted 0x0000612e4fdd49e9, left 0x0000612e4fdd09e9 [ 1271.159289][ T7983] netlink: zone id is out of range [ 1271.183208][ T7983] netlink: zone id is out of range [ 1271.236628][ T7928] netdevsim netdevsim2 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1271.246561][ T7928] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1271.262202][ T7983] netlink: zone id is out of range [ 1271.328755][ T7983] netlink: zone id is out of range [ 1271.333952][ T7983] netlink: zone id is out of range [ 1271.342225][ T7983] netlink: zone id is out of range [ 1271.347683][ T7983] netlink: zone id is out of range [ 1271.352872][ T7983] netlink: zone id is out of range [ 1271.358350][ T7983] netlink: zone id is out of range [ 1271.363702][ T7983] netlink: zone id is out of range [ 1271.369437][ T7983] netlink: zone id is out of range [ 1271.379407][ T7983] netlink: zone id is out of range [ 1271.384920][ T7983] netlink: zone id is out of range [ 1271.390089][ T7983] netlink: zone id is out of range [ 1271.395729][ T7983] netlink: zone id is out of range [ 1271.400890][ T7983] netlink: zone id is out of range [ 1271.406672][ T7983] netlink: zone id is out of range [ 1271.411840][ T7983] netlink: zone id is out of range [ 1271.479637][ T7983] netlink: 'syz.0.10113': attribute type 2 has an invalid length. [ 1271.537170][ T7988] netlink: 'syz.0.10113': attribute type 2 has an invalid length. [ 1271.576732][ T7983] : entered promiscuous mode [ 1271.591722][ T7994] can-isotp: isotp_sendmsg: can_send_ret -ENETDOWN [ 1271.637096][ T7681] Bluetooth: hci2: command tx timeout [ 1271.659832][ T7991] netlink: 20 bytes leftover after parsing attributes in process `syz.3.10114'. [ 1271.955809][ T8004] FAULT_INJECTION: forcing a failure. [ 1271.955809][ T8004] name failslab, interval 1, probability 0, space 0, times 0 [ 1271.973132][ T8004] CPU: 0 UID: 0 PID: 8004 Comm: syz.0.10116 Not tainted syzkaller #0 PREEMPT(full) [ 1271.973167][ T8004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1271.973182][ T8004] Call Trace: [ 1271.973193][ T8004] [ 1271.973203][ T8004] dump_stack_lvl+0xe8/0x150 [ 1271.973242][ T8004] should_fail_ex+0x412/0x560 [ 1271.973284][ T8004] should_failslab+0xa8/0x100 [ 1271.973319][ T8004] __kmalloc_noprof+0xe8/0x760 [ 1271.973347][ T8004] ? genl_family_rcv_msg_attrs_parse+0xd0/0x2f0 [ 1271.973384][ T8004] genl_family_rcv_msg_attrs_parse+0xd0/0x2f0 [ 1271.973420][ T8004] genl_family_rcv_msg_doit+0xd9/0x330 [ 1271.973446][ T8004] ? __asan_memcpy+0x40/0x70 [ 1271.973475][ T8004] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1271.973510][ T8004] ? apparmor_capable+0x126/0x170 [ 1271.973542][ T8004] ? bpf_lsm_capable+0x9/0x20 [ 1271.973574][ T8004] ? security_capable+0x7e/0x2c0 [ 1271.973618][ T8004] genl_rcv_msg+0x61c/0x7a0 [ 1271.973650][ T8004] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1271.973675][ T8004] ? __pfx_seg6_genl_sethmac+0x10/0x10 [ 1271.973728][ T8004] netlink_rcv_skb+0x232/0x4b0 [ 1271.973761][ T8004] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1271.973788][ T8004] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1271.973838][ T8004] ? down_read+0x272/0x2e0 [ 1271.973866][ T8004] ? genl_rcv+0xd/0x40 [ 1271.973892][ T8004] genl_rcv+0x28/0x40 [ 1271.973914][ T8004] netlink_unicast+0x75c/0x8e0 [ 1271.973956][ T8004] netlink_sendmsg+0x813/0xb40 [ 1271.974006][ T8004] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1271.974044][ T8004] ? aa_sock_msg_perm+0xf1/0x1b0 [ 1271.974069][ T8004] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 1271.974101][ T8004] ____sys_sendmsg+0x972/0x9f0 [ 1271.974146][ T8004] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1271.974192][ T8004] ? import_iovec+0x73/0xa0 [ 1271.974225][ T8004] ___sys_sendmsg+0x2a5/0x360 [ 1271.974267][ T8004] ? __pfx____sys_sendmsg+0x10/0x10 [ 1271.974344][ T8004] ? __fget_files+0x2a/0x420 [ 1271.974366][ T8004] ? __fget_files+0x3a0/0x420 [ 1271.974400][ T8004] __x64_sys_sendmsg+0x1bd/0x2a0 [ 1271.974439][ T8004] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 1271.974486][ T8004] ? __pfx_ksys_write+0x10/0x10 [ 1271.974529][ T8004] do_syscall_64+0x14d/0xf80 [ 1271.974556][ T8004] ? trace_irq_disable+0x3b/0x150 [ 1271.974576][ T8004] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1271.974599][ T8004] ? clear_bhb_loop+0x40/0x90 [ 1271.974626][ T8004] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1271.974645][ T8004] RIP: 0033:0x7f2d02b9c819 [ 1271.974664][ T8004] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1271.974682][ T8004] RSP: 002b:00007f2d03ad0028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1271.974706][ T8004] RAX: ffffffffffffffda RBX: 00007f2d02e15fa0 RCX: 00007f2d02b9c819 [ 1271.974722][ T8004] RDX: 0000000024000806 RSI: 0000200000000180 RDI: 0000000000000003 [ 1271.974734][ T8004] RBP: 00007f2d03ad0090 R08: 0000000000000000 R09: 0000000000000000 [ 1271.974746][ T8004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1271.974758][ T8004] R13: 00007f2d02e16038 R14: 00007f2d02e15fa0 R15: 00007ffe11f956a8 [ 1271.974787][ T8004] [ 1272.545182][ T8012] block nbd0: not configured, cannot reconfigure [ 1272.616935][ T12] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 1272.674818][ T12] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1272.853064][ T12] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 1272.885217][ T12] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1272.893723][ T12] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 1272.943786][ T12] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1273.067322][ T7885] chnl_net:caif_netlink_parms(): no params data found [ 1273.342799][ T8022] bond19: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0) [ 1273.406655][ T8022] bond19 (unregistering): Released all slaves [ 1273.471878][ T137] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 1273.481600][ T137] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1273.728907][ T7681] Bluetooth: hci2: command tx timeout [ 1273.859359][ T8041] netlink: 28 bytes leftover after parsing attributes in process `syz.3.10125'. [ 1273.870313][ T8051] netlink: 56 bytes leftover after parsing attributes in process `syz.4.10127'. [ 1273.886560][ T8055] netlink: 14 bytes leftover after parsing attributes in process `syz.0.10124'. [ 1273.898792][ T8046] netlink: 'syz.2.10126': attribute type 2 has an invalid length. [ 1273.950784][ T8058] netlink: 'syz.2.10126': attribute type 2 has an invalid length. [ 1274.036666][ T8060] netlink: 88 bytes leftover after parsing attributes in process `syz.4.10128'. [ 1274.527638][ T8075] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10132'. [ 1274.794090][ T7885] bridge0: port 1(bridge_slave_0) entered blocking state [ 1274.827311][ T7885] bridge0: port 1(bridge_slave_0) entered disabled state [ 1274.884238][ T7885] bridge_slave_0: entered allmulticast mode [ 1274.917246][ T7885] bridge_slave_0: entered promiscuous mode [ 1274.955568][ T7885] bridge0: port 2(bridge_slave_1) entered blocking state [ 1274.962790][ T7885] bridge0: port 2(bridge_slave_1) entered disabled state [ 1274.997772][ T8085] netlink: 44 bytes leftover after parsing attributes in process `syz.4.10135'. [ 1275.014870][ T7885] bridge_slave_1: entered allmulticast mode [ 1275.073669][ T7885] bridge_slave_1: entered promiscuous mode [ 1275.113488][ T8085] dvmrp0: entered allmulticast mode [ 1275.422564][ T7885] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1275.498592][ T8109] netlink: 24 bytes leftover after parsing attributes in process `syz.3.10140'. [ 1275.526105][ T7885] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1275.551473][ T8114] netlink: 'syz.3.10140': attribute type 1 has an invalid length. [ 1275.586943][ T8114] netlink: 224 bytes leftover after parsing attributes in process `syz.3.10140'. [ 1275.809445][ T8054] : left promiscuous mode [ 1275.946586][ T7885] team0: Port device team_slave_0 added [ 1276.089410][ T8054] tipc: Left network mode [ 1276.094468][ T7885] team0: Port device team_slave_1 added [ 1276.243262][ T7885] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1276.274732][ T7885] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1276.338612][ T7885] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1276.443848][ T7885] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1276.463763][ T7885] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1276.542564][ T7885] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1276.636501][ T8139] netlink: 28 bytes leftover after parsing attributes in process `syz.2.10151'. [ 1276.796147][ T8148] FAULT_INJECTION: forcing a failure. [ 1276.796147][ T8148] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1276.819760][ T8148] CPU: 1 UID: 0 PID: 8148 Comm: syz.4.10153 Not tainted syzkaller #0 PREEMPT(full) [ 1276.819793][ T8148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1276.819807][ T8148] Call Trace: [ 1276.819817][ T8148] [ 1276.819827][ T8148] dump_stack_lvl+0xe8/0x150 [ 1276.819865][ T8148] should_fail_ex+0x412/0x560 [ 1276.819907][ T8148] _copy_from_iter+0x1d3/0x1670 [ 1276.819938][ T8148] ? rcu_is_watching+0x15/0xb0 [ 1276.819978][ T8148] ? __pfx__copy_from_iter+0x10/0x10 [ 1276.820013][ T8148] ? netlink_sendmsg+0x650/0xb40 [ 1276.820045][ T8148] ? skb_put+0x11b/0x210 [ 1276.820082][ T8148] netlink_sendmsg+0x6c0/0xb40 [ 1276.820124][ T8148] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1276.820162][ T8148] ? aa_sock_msg_perm+0xf1/0x1b0 [ 1276.820188][ T8148] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 1276.820221][ T8148] ____sys_sendmsg+0x972/0x9f0 [ 1276.820266][ T8148] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1276.820312][ T8148] ? import_iovec+0x73/0xa0 [ 1276.820344][ T8148] ___sys_sendmsg+0x2a5/0x360 [ 1276.820385][ T8148] ? __pfx____sys_sendmsg+0x10/0x10 [ 1276.820459][ T8148] ? __fget_files+0x2a/0x420 [ 1276.820482][ T8148] ? __fget_files+0x3a0/0x420 [ 1276.820515][ T8148] __x64_sys_sendmsg+0x1bd/0x2a0 [ 1276.820555][ T8148] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 1276.820601][ T8148] ? __pfx_ksys_write+0x10/0x10 [ 1276.820650][ T8148] do_syscall_64+0x14d/0xf80 [ 1276.820678][ T8148] ? trace_irq_disable+0x3b/0x150 [ 1276.820699][ T8148] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1276.820724][ T8148] ? clear_bhb_loop+0x40/0x90 [ 1276.820753][ T8148] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1276.820777][ T8148] RIP: 0033:0x7fba6d99c819 [ 1276.820800][ T8148] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1276.820821][ T8148] RSP: 002b:00007fba6e80f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1276.820845][ T8148] RAX: ffffffffffffffda RBX: 00007fba6dc15fa0 RCX: 00007fba6d99c819 [ 1276.820862][ T8148] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003 [ 1276.820878][ T8148] RBP: 00007fba6e80f090 R08: 0000000000000000 R09: 0000000000000000 [ 1276.820893][ T8148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1276.820908][ T8148] R13: 00007fba6dc16038 R14: 00007fba6dc15fa0 R15: 00007ffee93a7f98 [ 1276.820943][ T8148] [ 1277.092011][ T7885] hsr_slave_0: entered promiscuous mode [ 1277.143192][ T7885] hsr_slave_1: entered promiscuous mode [ 1277.180027][ T7885] debugfs: 'hsr0' already exists in 'hsr' [ 1277.187283][ T7885] Cannot create hsr debugfs directory [ 1277.901749][ T8184] netlink: 24 bytes leftover after parsing attributes in process `syz.3.10163'. [ 1278.129388][ T8187] netlink: 'syz.3.10163': attribute type 1 has an invalid length. [ 1278.170853][ T8187] netlink: 224 bytes leftover after parsing attributes in process `syz.3.10163'. [ 1279.461797][ T8054] hsr_slave_0: left promiscuous mode [ 1279.509098][ T8054] hsr_slave_1: left promiscuous mode [ 1279.756458][ T8233] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10174'. [ 1279.810861][ T8236] netlink: 24 bytes leftover after parsing attributes in process `syz.3.10175'. [ 1279.869994][ T8238] netlink: 'syz.3.10175': attribute type 1 has an invalid length. [ 1279.904432][ T8238] netlink: 224 bytes leftover after parsing attributes in process `syz.3.10175'. [ 1280.903392][ T7165] lo speed is unknown, defaulting to 1000 [ 1280.919680][ T7165] infiniband syz2: ib_query_port failed (-19) [ 1281.027733][ T8248] lo speed is unknown, defaulting to 1000 [ 1281.063612][ T7885] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1281.150304][ T7885] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1281.213340][ T7885] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1281.437711][ T7885] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1281.466898][ T8259] netlink: 28 bytes leftover after parsing attributes in process `syz.3.10182'. [ 1281.671819][ T8268] netlink: 268 bytes leftover after parsing attributes in process `syz.3.10183'. [ 1281.808397][ T7885] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1281.856658][ T8054] IPVS: stop unused estimator thread 0... [ 1281.868849][ T7885] 8021q: adding VLAN 0 to HW filter on device team0 [ 1281.924574][ T1151] bridge0: port 1(bridge_slave_0) entered blocking state [ 1281.927172][ T8275] netlink: 56 bytes leftover after parsing attributes in process `syz.4.10185'. [ 1281.932156][ T1151] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1281.968008][ T1151] bridge0: port 2(bridge_slave_1) entered blocking state [ 1281.975382][ T1151] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1281.997334][ T8237] lo speed is unknown, defaulting to 1000 [ 1282.793424][ T8297] syzkaller0: entered promiscuous mode [ 1282.799781][ T8297] syzkaller0: entered allmulticast mode [ 1282.815691][ T8297] net_ratelimit: 708 callbacks suppressed [ 1282.815713][ T8297] TC_ACT_REPEAT abuse ? [ 1282.962473][ T7885] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1282.990929][ T8302] netlink: 84 bytes leftover after parsing attributes in process `syz.3.10194'. [ 1283.333076][ T7885] veth0_vlan: entered promiscuous mode [ 1283.389966][ T7885] veth1_vlan: entered promiscuous mode [ 1283.518803][ T7885] veth0_macvtap: entered promiscuous mode [ 1283.563361][ T7885] veth1_macvtap: entered promiscuous mode [ 1283.673657][ T7885] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1283.721889][ T7885] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1283.758140][ T8054] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1283.779088][ T8054] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1283.810863][ T8054] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1283.824421][ T8054] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1283.918256][ T8319] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10200'. [ 1284.028448][ T8324] FAULT_INJECTION: forcing a failure. [ 1284.028448][ T8324] name failslab, interval 1, probability 0, space 0, times 0 [ 1284.095059][ T8324] CPU: 1 UID: 0 PID: 8324 Comm: syz.2.10202 Not tainted syzkaller #0 PREEMPT(full) [ 1284.095093][ T8324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1284.095108][ T8324] Call Trace: [ 1284.095119][ T8324] [ 1284.095130][ T8324] dump_stack_lvl+0xe8/0x150 [ 1284.095169][ T8324] should_fail_ex+0x412/0x560 [ 1284.095210][ T8324] should_failslab+0xa8/0x100 [ 1284.095243][ T8324] __kmalloc_cache_noprof+0x88/0x660 [ 1284.095279][ T8324] ? rtnl_newlink+0x136/0x1bb0 [ 1284.095310][ T8324] ? unwind_next_frame+0xa5/0x23c0 [ 1284.095350][ T8324] rtnl_newlink+0x136/0x1bb0 [ 1284.095394][ T8324] ? __pfx_rtnl_newlink+0x10/0x10 [ 1284.095423][ T8324] ? __lock_acquire+0x6b5/0x2cf0 [ 1284.095455][ T8324] ? __lock_acquire+0x6b5/0x2cf0 [ 1284.095482][ T8324] ? __lock_acquire+0x6b5/0x2cf0 [ 1284.095516][ T8324] ? unwind_next_frame+0xa5/0x23c0 [ 1284.095561][ T8324] ? is_bpf_text_address+0x26/0x2b0 [ 1284.095591][ T8324] ? __lock_acquire+0x6b5/0x2cf0 [ 1284.095619][ T8324] ? __kernel_text_address+0xd/0x30 [ 1284.095640][ T8324] ? unwind_get_return_address+0x4d/0x90 [ 1284.095670][ T8324] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1284.095691][ T8324] ? arch_stack_walk+0xfb/0x150 [ 1284.095744][ T8324] ? __pfx_rtnl_newlink+0x10/0x10 [ 1284.095769][ T8324] rtnetlink_rcv_msg+0x7d5/0xbe0 [ 1284.095793][ T8324] ? kmem_cache_alloc_node_noprof+0x384/0x690 [ 1284.095822][ T8324] ? netlink_sendmsg+0x5d4/0xb40 [ 1284.095852][ T8324] ? rtnetlink_rcv_msg+0x1b9/0xbe0 [ 1284.095877][ T8324] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1284.095906][ T8324] ? __lock_acquire+0x6b5/0x2cf0 [ 1284.095939][ T8324] netlink_rcv_skb+0x232/0x4b0 [ 1284.095966][ T8324] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1284.095993][ T8324] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1284.096029][ T8324] ? netlink_deliver_tap+0x2e/0x1b0 [ 1284.096058][ T8324] ? netlink_deliver_tap+0x2e/0x1b0 [ 1284.096090][ T8324] netlink_unicast+0x75c/0x8e0 [ 1284.096123][ T8324] netlink_sendmsg+0x813/0xb40 [ 1284.096158][ T8324] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1284.096188][ T8324] ? aa_sock_msg_perm+0xf1/0x1b0 [ 1284.096209][ T8324] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 1284.096236][ T8324] ____sys_sendmsg+0x972/0x9f0 [ 1284.096272][ T8324] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1284.096309][ T8324] ? import_iovec+0x73/0xa0 [ 1284.096335][ T8324] ___sys_sendmsg+0x2a5/0x360 [ 1284.096369][ T8324] ? __pfx____sys_sendmsg+0x10/0x10 [ 1284.096427][ T8324] ? __fget_files+0x2a/0x420 [ 1284.096444][ T8324] ? __fget_files+0x3a0/0x420 [ 1284.096471][ T8324] __x64_sys_sendmsg+0x1bd/0x2a0 [ 1284.096503][ T8324] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 1284.096540][ T8324] ? __pfx_ksys_write+0x10/0x10 [ 1284.096572][ T8324] do_syscall_64+0x14d/0xf80 [ 1284.096594][ T8324] ? trace_irq_disable+0x3b/0x150 [ 1284.096612][ T8324] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1284.096631][ T8324] ? clear_bhb_loop+0x40/0x90 [ 1284.096655][ T8324] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1284.096675][ T8324] RIP: 0033:0x7f0ae359c819 [ 1284.096694][ T8324] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1284.096710][ T8324] RSP: 002b:00007f0ae450e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1284.096732][ T8324] RAX: ffffffffffffffda RBX: 00007f0ae3815fa0 RCX: 00007f0ae359c819 [ 1284.096747][ T8324] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003 [ 1284.096760][ T8324] RBP: 00007f0ae450e090 R08: 0000000000000000 R09: 0000000000000000 [ 1284.096772][ T8324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1284.096784][ T8324] R13: 00007f0ae3816038 R14: 00007f0ae3815fa0 R15: 00007ffdfcc601a8 [ 1284.096824][ T8324] [ 1284.195488][ T8054] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1284.440886][ T8322] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10200'. [ 1284.611296][ T8054] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1284.757976][ T3026] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1284.775990][ T3026] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1285.373032][ T8357] bridge: RTM_NEWNEIGH with invalid state 0x1 [ 1285.513081][T20178] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1285.524005][T20178] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1285.532294][T20178] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1285.541303][T20178] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1285.553006][T20178] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1285.615277][ T8360] lo speed is unknown, defaulting to 1000 [ 1286.166234][ T8378] netlink: 40 bytes leftover after parsing attributes in process `syz.4.10225'. [ 1286.195776][ T8379] netlink: 12 bytes leftover after parsing attributes in process `syz.1.10224'. [ 1286.269034][ T8383] netlink: 20 bytes leftover after parsing attributes in process `syz.0.10227'. [ 1286.404952][ T8390] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 1286.412224][ T8390] IPv6: NLM_F_CREATE should be set when creating new route [ 1286.419670][ T8390] IPv6: NLM_F_CREATE should be set when creating new route [ 1286.670170][ T8360] chnl_net:caif_netlink_parms(): no params data found [ 1286.951199][ T137] bond0: (slave bond_slave_0): interface is now down [ 1286.952088][ T8408] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1286.974579][ T137] bond0: (slave bond_slave_1): interface is now down [ 1286.996105][ T8408] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 1287.012559][ T8054] bond0: (slave bond_slave_0): interface is now down [ 1287.020748][ T8054] bond0: (slave bond_slave_1): interface is now down [ 1287.056020][ T8054] bond0: (slave bond_slave_0): interface is now down [ 1287.063686][ T8054] bond0: (slave bond_slave_1): interface is now down [ 1287.101852][ T8054] bond0: (slave bond_slave_0): interface is now down [ 1287.115927][ T5034] lo speed is unknown, defaulting to 1000 [ 1287.122027][ T5034] sqz0: Port: 1 Link ACTIVE [ 1287.142883][ T8054] bond0: (slave bond_slave_1): interface is now down [ 1287.154041][ T8416] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10240'. [ 1287.184725][ T8054] bond0: (slave bond_slave_0): interface is now down [ 1287.191495][ T8054] bond0: (slave bond_slave_1): interface is now down [ 1287.204704][ T8416] netlink: 20 bytes leftover after parsing attributes in process `syz.0.10240'. [ 1287.251317][T25966] lo speed is unknown, defaulting to 1000 [ 1287.264714][ T1151] bond0: (slave bond_slave_0): interface is now down [ 1287.281472][ T1151] bond0: (slave bond_slave_1): interface is now down [ 1287.335253][ T1151] bond0: (slave bond_slave_0): interface is now down [ 1287.362477][ T1151] bond0: (slave bond_slave_1): interface is now down [ 1287.384403][ T8360] bridge0: port 1(bridge_slave_0) entered blocking state [ 1287.391888][ T8360] bridge0: port 1(bridge_slave_0) entered disabled state [ 1287.400548][ T8360] bridge_slave_0: entered allmulticast mode [ 1287.407191][ T137] bond0: (slave bond_slave_0): interface is now down [ 1287.412318][ T8360] bridge_slave_0: entered promiscuous mode [ 1287.413926][ T137] bond0: (slave bond_slave_1): interface is now down [ 1287.427543][ T8360] bridge0: port 2(bridge_slave_1) entered blocking state [ 1287.434939][ T8360] bridge0: port 2(bridge_slave_1) entered disabled state [ 1287.442246][ T8360] bridge_slave_1: entered allmulticast mode [ 1287.494710][ T137] bond0: (slave bond_slave_0): interface is now down [ 1287.500966][ T8360] bridge_slave_1: entered promiscuous mode [ 1287.557668][ T137] bond0: (slave bond_slave_1): interface is now down [ 1287.586991][ T137] bond0: (slave bond_slave_0): interface is now down [ 1287.593768][ T137] bond0: (slave bond_slave_1): interface is now down [ 1287.643007][ T8360] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1287.645647][T20178] Bluetooth: hci0: command tx timeout [ 1287.686398][ T2353] bond0: (slave bond_slave_0): interface is now down [ 1287.693181][ T2353] bond0: (slave bond_slave_1): interface is now down [ 1287.710765][ T8360] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1287.778770][ T2353] bond0: (slave bond_slave_0): interface is now down [ 1287.808830][ T2353] bond0: (slave bond_slave_1): interface is now down [ 1287.868717][ T2353] bond0: (slave bond_slave_0): interface is now down [ 1287.903472][ T8360] team0: Port device team_slave_0 added [ 1287.909322][ T2353] bond0: (slave bond_slave_1): interface is now down [ 1287.930913][ T8360] team0: Port device team_slave_1 added [ 1287.944762][ T2353] bond0: (slave bond_slave_0): interface is now down [ 1287.951817][ T2353] bond0: (slave bond_slave_1): interface is now down [ 1288.004731][ T2353] bond0: (slave bond_slave_0): interface is now down [ 1288.011489][ T2353] bond0: (slave bond_slave_1): interface is now down [ 1288.028663][ T8360] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1288.054943][ T2353] bond0: (slave bond_slave_0): interface is now down [ 1288.061698][ T2353] bond0: (slave bond_slave_1): interface is now down [ 1288.069158][ T8360] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1288.114765][ T2353] bond0: (slave bond_slave_0): interface is now down [ 1288.121748][ T2353] bond0: (slave bond_slave_1): interface is now down [ 1288.129538][ T8360] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1288.177096][ T8360] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1288.184225][ T2353] bond0: (slave bond_slave_0): interface is now down [ 1288.208748][ T2353] bond0: (slave bond_slave_1): interface is now down [ 1288.215858][ T8360] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1288.264647][ T137] bond0: (slave bond_slave_0): interface is now down [ 1288.271415][ T137] bond0: (slave bond_slave_1): interface is now down [ 1288.284737][ T8360] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1288.304850][ T137] bond0: (slave bond_slave_0): interface is now down [ 1288.311773][ T137] bond0: (slave bond_slave_1): interface is now down [ 1288.345178][ T137] bond0: (slave bond_slave_0): interface is now down [ 1288.357533][ T137] bond0: (slave bond_slave_1): interface is now down [ 1288.404734][ T137] bond0: (slave bond_slave_0): interface is now down [ 1288.414729][ T137] bond0: (slave bond_slave_1): interface is now down [ 1288.444682][ T137] bond0: (slave bond_slave_0): interface is now down [ 1288.451906][ T137] bond0: (slave bond_slave_1): interface is now down [ 1288.484715][ T137] bond0: (slave bond_slave_0): interface is now down [ 1288.501811][ T137] bond0: (slave bond_slave_1): interface is now down [ 1288.534784][ T137] bond0: (slave bond_slave_0): interface is now down [ 1288.549480][ T137] bond0: (slave bond_slave_1): interface is now down [ 1288.584936][ T1151] bond0: (slave bond_slave_0): interface is now down [ 1288.591951][ T1151] bond0: (slave bond_slave_1): interface is now down [ 1288.624812][ T1151] bond0: (slave bond_slave_0): interface is now down [ 1288.643058][ T1151] bond0: (slave bond_slave_1): interface is now down [ 1288.688502][ T137] bond0: (slave bond_slave_0): interface is now down [ 1288.713342][ T137] bond0: (slave bond_slave_1): interface is now down [ 1288.804736][ T3026] bond0: (slave bond_slave_0): interface is now down [ 1288.812416][ T3026] bond0: (slave bond_slave_1): interface is now down [ 1288.835707][ T1151] bond0: (slave bond_slave_0): interface is now down [ 1288.867792][ T1151] bond0: (slave bond_slave_1): interface is now down [ 1288.915684][ T137] bond0: (slave bond_slave_0): interface is now down [ 1288.922679][ T137] bond0: (slave bond_slave_1): interface is now down [ 1288.946298][ T8054] bond0: (slave bond_slave_0): interface is now down [ 1288.963355][ T8054] bond0: (slave bond_slave_1): interface is now down [ 1289.004615][ T1151] bond0: (slave bond_slave_0): interface is now down [ 1289.011377][ T1151] bond0: (slave bond_slave_1): interface is now down [ 1289.032902][ T8360] hsr_slave_0: entered promiscuous mode [ 1289.066251][ T8360] hsr_slave_1: entered promiscuous mode [ 1289.075371][ T1151] bond0: (slave bond_slave_0): interface is now down [ 1289.082122][ T1151] bond0: (slave bond_slave_1): interface is now down [ 1289.107663][ T8360] debugfs: 'hsr0' already exists in 'hsr' [ 1289.113473][ T8360] Cannot create hsr debugfs directory [ 1289.131826][ T8470] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10265'. [ 1289.151849][ T1151] bond0: (slave bond_slave_0): interface is now down [ 1289.184761][ T8470] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10265'. [ 1289.194157][ T1151] bond0: (slave bond_slave_1): interface is now down [ 1289.201599][ T8470] netlink: 20 bytes leftover after parsing attributes in process `syz.0.10265'. [ 1289.238110][ T12] bond0: (slave bond_slave_0): interface is now down [ 1289.255474][ T12] bond0: (slave bond_slave_1): interface is now down [ 1289.294616][ T12] bond0: (slave bond_slave_0): interface is now down [ 1289.301413][ T12] bond0: (slave bond_slave_1): interface is now down [ 1289.368046][ T12] bond0: (slave bond_slave_0): interface is now down [ 1289.376322][ T12] bond0: (slave bond_slave_1): interface is now down [ 1289.403329][ T12] bond0: (slave bond_slave_0): interface is now down [ 1289.420586][ T12] bond0: (slave bond_slave_1): interface is now down [ 1289.476310][ T8054] bond0: (slave bond_slave_0): interface is now down [ 1289.498583][ T8054] bond0: (slave bond_slave_1): interface is now down [ 1289.555157][ T1151] bond0: (slave bond_slave_0): interface is now down [ 1289.561920][ T1151] bond0: (slave bond_slave_1): interface is now down [ 1289.604607][ T1151] bond0: (slave bond_slave_0): interface is now down [ 1289.624648][ T1151] bond0: (slave bond_slave_1): interface is now down [ 1289.664854][ T1151] bond0: (slave bond_slave_0): interface is now down [ 1289.671615][ T1151] bond0: (slave bond_slave_1): interface is now down [ 1289.714843][T20178] Bluetooth: hci0: command tx timeout [ 1289.722017][ T8054] bond0: (slave bond_slave_0): interface is now down [ 1289.733189][ T8054] bond0: (slave bond_slave_1): interface is now down [ 1289.754648][ T8054] bond0: (slave bond_slave_0): interface is now down [ 1289.761447][ T8054] bond0: (slave bond_slave_1): interface is now down [ 1289.820746][ T8054] bond0: (slave bond_slave_0): interface is now down [ 1289.845543][ T8054] bond0: (slave bond_slave_1): interface is now down [ 1289.901788][ T8054] bond0: (slave bond_slave_0): interface is now down [ 1289.931740][ T8054] bond0: (slave bond_slave_1): interface is now down [ 1289.974868][ T8054] bond0: (slave bond_slave_0): interface is now down [ 1290.011049][ T8054] bond0: (slave bond_slave_1): interface is now down [ 1290.064674][ T8054] bond0: (slave bond_slave_0): interface is now down [ 1290.071447][ T8054] bond0: (slave bond_slave_1): interface is now down [ 1290.112522][ T8054] bond0: now running without any active interface! [ 1290.797651][ T8360] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1290.843555][ T8360] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1290.886069][ T8360] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1290.920857][ T8360] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1291.143795][ T8360] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1291.191384][ T8360] 8021q: adding VLAN 0 to HW filter on device team0 [ 1291.228691][ T8054] bridge0: port 1(bridge_slave_0) entered blocking state [ 1291.235980][ T8054] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1291.245072][ T8549] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10298'. [ 1291.280817][ T8549] bond0: Unable to set up delay as MII monitoring is disabled [ 1291.298381][ T8054] bridge0: port 2(bridge_slave_1) entered blocking state [ 1291.305680][ T8054] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1291.422736][ T8556] netlink: 52 bytes leftover after parsing attributes in process `syz.0.10300'. [ 1291.794800][T20178] Bluetooth: hci0: command tx timeout [ 1291.857193][ T8360] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1291.996872][ T8360] veth0_vlan: entered promiscuous mode [ 1292.042592][ T8360] veth1_vlan: entered promiscuous mode [ 1292.137586][ T8360] veth0_macvtap: entered promiscuous mode [ 1292.174818][ T8360] veth1_macvtap: entered promiscuous mode [ 1292.239670][ T8360] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1292.270060][ T8360] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1292.307904][ T3026] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1292.339425][ T3026] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1292.370463][ T8589] netlink: 'syz.0.10314': attribute type 1 has an invalid length. [ 1292.401928][ T3026] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1292.508623][ T3026] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1292.567445][ T8596] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10315'. [ 1292.646618][ T8590] bond1: (slave bridge3): making interface the new active one [ 1292.668596][ T8590] bond1: (slave bridge3): Enslaving as an active interface with an up link [ 1292.723069][ T8592] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 1293.243906][ T1151] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1293.274678][ T1151] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1293.381221][ T8607] bond2 (unregistering): Released all slaves [ 1293.499622][ T137] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1293.511847][ T137] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1293.558709][ T8614] syzkaller0: entered promiscuous mode [ 1293.564339][ T8614] syzkaller0: entered allmulticast mode [ 1293.879329][T20178] Bluetooth: hci0: command tx timeout [ 1294.320542][ T7681] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1294.329932][ T7681] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1294.338484][ T7681] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1294.348763][ T7681] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1294.356906][ T7681] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1294.571767][ T5824] bridge0: port 3(syz_tun) entered disabled state [ 1294.706461][ T5824] syz_tun (unregistering): left allmulticast mode [ 1294.712969][ T5824] syz_tun (unregistering): left promiscuous mode [ 1294.742882][ T5824] bridge0: port 3(syz_tun) entered disabled state [ 1294.830528][ T8631] lo speed is unknown, defaulting to 1000 [ 1294.962612][ T12] netdevsim netdevsim2 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1295.019873][ T12] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1295.217115][ T12] netdevsim netdevsim2 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1295.255601][ T12] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1295.761853][ T12] netdevsim netdevsim2 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1295.804622][ T12] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1296.022042][ T12] netdevsim netdevsim2 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1296.066156][ T12] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1296.405304][ T12] hsr0: left allmulticast mode [ 1296.410155][ T12] hsr_slave_0: left allmulticast mode [ 1296.434828][ T12] hsr_slave_1: left allmulticast mode [ 1296.442265][ T12] bridge0: port 4(hsr0) entered disabled state [ 1296.445440][T20178] Bluetooth: hci4: command tx timeout [ 1296.493024][ T12] bridge_slave_1: left allmulticast mode [ 1296.525652][ T12] bridge_slave_1: left promiscuous mode [ 1296.544945][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 1296.600372][ T12] bridge_slave_0: left allmulticast mode [ 1296.625440][ T12] bridge_slave_0: left promiscuous mode [ 1296.643030][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 1296.692032][ T12] bond1: left allmulticast mode [ 1296.706943][ T12] bond1: left promiscuous mode [ 1296.726179][ T12] bridge5: port 1(bond1) entered disabled state [ 1296.870737][ T12] erspan0: left allmulticast mode [ 1296.889078][ T12] erspan0: left promiscuous mode [ 1296.912629][ T12] bridge22: port 1(erspan0) entered disabled state [ 1296.991095][ T12] dvmrp6: left allmulticast mode [ 1297.041338][ T8720] netlink: 220 bytes leftover after parsing attributes in process `syz.4.10363'. [ 1297.409878][T25966] IPVS: starting estimator thread 0... [ 1297.504630][ T8732] IPVS: using max 28 ests per chain, 67200 per kthread [ 1297.518503][ T12] gretap0 (unregistering): left promiscuous mode [ 1297.534836][ T12] batman_adv: batadv0: Removing interface: gretap1 [ 1298.137823][ T12] bond7 (unregistering): (slave bridge10): Releasing backup interface [ 1298.514700][T20178] Bluetooth: hci4: command tx timeout [ 1298.959388][ T12] bond0 (unregistering): left promiscuous mode [ 1298.968279][ T12] bond_slave_0: left promiscuous mode [ 1298.973919][ T12] bond_slave_1: left promiscuous mode [ 1298.989138][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1299.001327][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1299.019453][ T12] bond0 (unregistering): Released all slaves [ 1299.032447][ T12] bond1 (unregistering): Released all slaves [ 1299.052976][ T12] bond2 (unregistering): Released all slaves [ 1299.085758][ T12] bond3 (unregistering): Released all slaves [ 1299.108145][ T12] bond4 (unregistering): Released all slaves [ 1299.141274][ T12] bond5 (unregistering): Released all slaves [ 1299.160720][ T12] bond6 (unregistering): Released all slaves [ 1299.208888][ T12] bond7 (unregistering): Released all slaves [ 1299.227949][ T12] bond8 (unregistering): Released all slaves [ 1299.249056][ T12] bond9 (unregistering): Released all slaves [ 1299.280311][ T12] bond10 (unregistering): Released all slaves [ 1299.302033][ T12] bond11 (unregistering): (slave veth7): Releasing active interface [ 1299.311546][ T12] bond11 (unregistering): Released all slaves [ 1299.339659][ T12] bond12 (unregistering): Released all slaves [ 1299.364212][ T12] bond13 (unregistering): Released all slaves [ 1299.392086][ T12] bond14 (unregistering): (slave batadv1): Releasing active interface [ 1299.401674][ T12] batadv1: left promiscuous mode [ 1299.416976][ T12] batadv1: left allmulticast mode [ 1299.424277][ T12] bond14 (unregistering): Released all slaves [ 1299.474747][ T8730] tipc: Started in network mode [ 1299.479702][ T8730] tipc: Node identity ac14140f, cluster identity 4711 [ 1299.510074][ T8730] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1299.536947][ T8730] tipc: Enabled bearer , priority 10 [ 1299.547733][ T8631] chnl_net:caif_netlink_parms(): no params data found [ 1299.644784][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1299.784597][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1299.815969][ T8744] netlink: 'syz.0.10369': attribute type 1 has an invalid length. [ 1299.924635][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1300.028241][ T12] : left promiscuous mode [ 1300.064599][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1300.076625][ T8758] netlink: 12 bytes leftover after parsing attributes in process `syz.4.10374'. [ 1300.204730][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1300.230136][ T8751] bond2: (slave bridge4): making interface the new active one [ 1300.269962][ T8751] bond2: (slave bridge4): Enslaving as an active interface with an up link [ 1300.311861][ T8744] macvlan2: entered promiscuous mode [ 1300.338304][ T8744] macvlan2: entered allmulticast mode [ 1300.344669][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1300.358993][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1300.371301][ T8744] bond2: entered promiscuous mode [ 1300.388827][ T8744] bridge4: entered promiscuous mode [ 1300.406463][ T8744] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 1300.427013][ T8744] bond2: (slave macvlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened) [ 1300.457211][ T8744] bond2: left promiscuous mode [ 1300.469913][ T8744] bridge4: left promiscuous mode [ 1300.484775][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1300.510276][ T12] hmac(sha224): left promiscuous mode [ 1300.574893][ T8631] bridge0: port 1(bridge_slave_0) entered blocking state [ 1300.586894][ T8631] bridge0: port 1(bridge_slave_0) entered disabled state [ 1300.597275][T20178] Bluetooth: hci4: command tx timeout [ 1300.611009][ T8631] bridge_slave_0: entered allmulticast mode [ 1300.628037][ T8631] bridge_slave_0: entered promiscuous mode [ 1300.654606][ T12] tipc: Disabling bearer [ 1300.664921][ T7166] tipc: Node number set to 2886997007 [ 1300.672576][ T8767] syz_tun: entered allmulticast mode [ 1300.675290][ T12] tipc: Left network mode [ 1300.682956][ T8631] bridge0: port 2(bridge_slave_1) entered blocking state [ 1300.692919][ T8631] bridge0: port 2(bridge_slave_1) entered disabled state [ 1300.700866][ T8631] bridge_slave_1: entered allmulticast mode [ 1300.711082][ T8631] bridge_slave_1: entered promiscuous mode [ 1300.753114][ T8631] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1300.774714][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1300.787204][ T8631] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1300.980363][ T8631] team0: Port device team_slave_0 added [ 1301.018027][ T8631] team0: Port device team_slave_1 added [ 1301.034742][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1301.149470][ T8631] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1301.177946][ T8631] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1301.264165][ T8631] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1301.331585][ T8631] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1301.340967][ T8631] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1301.423879][ T8631] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1301.445509][ T8787] netlink: 12 bytes leftover after parsing attributes in process `syz.1.10388'. [ 1301.531888][ T8786] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10387'. [ 1301.762284][ T8631] hsr_slave_0: entered promiscuous mode [ 1301.786789][ T8631] hsr_slave_1: entered promiscuous mode [ 1301.793574][ T8631] debugfs: 'hsr0' already exists in 'hsr' [ 1301.806131][ T8631] Cannot create hsr debugfs directory [ 1302.605965][T25966] hid (null): global environment stack underflow [ 1302.674610][T20178] Bluetooth: hci4: command tx timeout [ 1302.685137][T25966] hid (null): unknown global tag 0xd [ 1302.781850][T25966] hid-generic 0005:10CF:0004.0001: global environment stack underflow [ 1302.830988][T25966] hid-generic 0005:10CF:0004.0001: item 0 0 1 11 parsing failed [ 1302.855286][T25966] hid-generic 0005:10CF:0004.0001: probe with driver hid-generic failed with error -22 [ 1303.009350][ T8825] syzkaller0: entered promiscuous mode [ 1303.017450][ T8825] syzkaller0: entered allmulticast mode [ 1303.565987][ T8631] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1303.644259][ T8631] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1303.681499][ T8631] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1303.712066][ T8631] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1304.093907][ T8631] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1304.218435][ T12] hsr_slave_0: left promiscuous mode [ 1304.239586][ T12] hsr_slave_1: left promiscuous mode [ 1304.250538][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1304.285624][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1304.674585][ C0] net_ratelimit: 3 callbacks suppressed [ 1304.674610][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1305.448613][ T1151] smc: removing ib device sqz0 [ 1305.472260][ T8631] 8021q: adding VLAN 0 to HW filter on device team0 [ 1305.681068][T25957] lo speed is unknown, defaulting to 1000 [ 1305.691061][T25957] sqz0: Port: 1 Link DOWN [ 1305.714741][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1305.724221][ T8054] bridge0: port 1(bridge_slave_0) entered blocking state [ 1305.731455][ T8054] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1305.900466][ T8054] bridge0: port 2(bridge_slave_1) entered blocking state [ 1305.908028][ T8054] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1306.152706][ T8631] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1306.756031][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1307.092934][ T8631] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1307.291739][ T8631] veth0_vlan: entered promiscuous mode [ 1307.368021][ T8631] veth1_vlan: entered promiscuous mode [ 1307.544181][ T8631] veth0_macvtap: entered promiscuous mode [ 1307.586735][ T8631] veth1_macvtap: entered promiscuous mode [ 1307.752457][ T8631] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1307.794698][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1307.966136][ T8631] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1308.012117][ T3026] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1308.089714][ T3026] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1308.125095][ T3026] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1308.133899][ T3026] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1308.626999][ T137] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1308.645179][ T137] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1308.834716][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1308.893688][ T2353] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1308.924585][ T2353] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1309.243369][ T12] IPVS: stop unused estimator thread 0... [ 1309.874594][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1309.893599][ T7681] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1309.910029][ T7681] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1309.918233][ T7681] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1309.926875][ T7681] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1309.935420][ T7681] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1310.550092][ T5830] syz_tun (unregistering): left allmulticast mode [ 1310.585078][ T5830] bond17: (slave syz_tun): Removing an active aggregator [ 1310.593224][ T5830] bond17: (slave syz_tun): Releasing backup interface [ 1310.809175][ T9037] chnl_net:caif_netlink_parms(): no params data found [ 1310.914596][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1311.187632][ T9037] bridge0: port 1(bridge_slave_0) entered blocking state [ 1311.222786][ T9037] bridge0: port 1(bridge_slave_0) entered disabled state [ 1311.247445][ T9037] bridge_slave_0: entered allmulticast mode [ 1311.263184][ T9037] bridge_slave_0: entered promiscuous mode [ 1311.277543][ T9037] bridge0: port 2(bridge_slave_1) entered blocking state [ 1311.305039][ T9037] bridge0: port 2(bridge_slave_1) entered disabled state [ 1311.312378][ T9037] bridge_slave_1: entered allmulticast mode [ 1311.353313][ T9037] bridge_slave_1: entered promiscuous mode [ 1311.472380][ T9037] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1311.498125][ T9037] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1311.677905][ T9037] team0: Port device team_slave_0 added [ 1311.697478][ T9037] team0: Port device team_slave_1 added [ 1311.838096][ T9037] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1311.862171][ T9037] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1311.954573][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1311.966580][ T9037] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1312.006848][ T9037] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1312.013864][ T9037] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1312.047038][T20178] Bluetooth: hci1: command tx timeout [ 1312.065455][ T9037] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1312.149738][ T9115] sctp: [Deprecated]: syz.2.10532 (pid 9115) Use of int in max_burst socket option. [ 1312.149738][ T9115] Use struct sctp_assoc_value instead [ 1312.173336][ T9037] hsr_slave_0: entered promiscuous mode [ 1312.195942][ T9037] hsr_slave_1: entered promiscuous mode [ 1312.207897][ T9037] debugfs: 'hsr0' already exists in 'hsr' [ 1312.217452][ T9037] Cannot create hsr debugfs directory [ 1312.994914][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1313.490604][ T9037] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1313.531944][ T9037] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1313.582357][ T9037] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1313.642671][ T9037] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1314.039219][ T9037] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1314.046141][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1314.115316][T20178] Bluetooth: hci1: command tx timeout [ 1314.143533][ T9037] 8021q: adding VLAN 0 to HW filter on device team0 [ 1314.245824][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 1314.253027][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1314.296472][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 1314.303677][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1315.042341][ T9037] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1315.075151][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1315.933557][ T9037] veth0_vlan: entered promiscuous mode [ 1315.982656][ T9037] veth1_vlan: entered promiscuous mode [ 1316.114627][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1316.147757][ T9037] veth0_macvtap: entered promiscuous mode [ 1316.188560][ T9037] veth1_macvtap: entered promiscuous mode [ 1316.195542][T20178] Bluetooth: hci1: command tx timeout [ 1316.269086][ T9037] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1316.302424][ T9037] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1316.364077][ T137] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1316.404248][ T137] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1316.454038][ T137] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1316.487038][ T137] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1316.800918][ T1089] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1316.835112][ T1089] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1316.957549][ T1089] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1316.985147][ T1089] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1317.154596][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1318.194596][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1318.275852][T20178] Bluetooth: hci1: command tx timeout [ 1319.234660][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1319.891374][ T9371] xt_connbytes: Forcing CT accounting to be enabled [ 1320.138375][ T9381] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10646'. [ 1320.274668][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1320.406048][ T9387] bond1: option arp_validate: mode dependency failed, not supported in mode 802.3ad(4) [ 1320.456121][ T9387] bond1 (unregistering): Released all slaves [ 1321.314775][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1321.387756][ T9415] bridge0: port 2(bridge_slave_1) entered disabled state [ 1321.395688][ T9415] bridge0: port 1(bridge_slave_0) entered disabled state [ 1322.354744][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1323.394837][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1324.444665][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1325.474649][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1326.514704][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1327.554646][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1328.594639][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1329.634642][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1330.674638][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1331.714658][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1332.754638][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1333.794640][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1334.844619][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1335.874635][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1336.924580][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1337.204246][ T7681] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1337.214868][ T7681] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1337.223701][ T7681] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1337.233642][ T7681] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1337.243899][ T7681] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1337.274416][ T7681] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 1337.284235][ T7681] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 1337.292504][ T7681] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 1337.301358][ T7681] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 1337.309638][ T7681] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 1337.365882][ T7681] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 1337.376208][ T7681] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 1337.387203][ T7681] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 1337.395695][ T7681] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 1337.403675][ T7681] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 1337.954604][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1338.521803][ T7681] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 1338.530967][ T7681] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 1338.543870][ T7681] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 1338.553920][ T7681] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 1338.562725][ T7681] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 1338.994622][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1339.315021][T20178] Bluetooth: hci3: command tx timeout [ 1339.397046][T20178] Bluetooth: hci6: command tx timeout [ 1339.474739][T20178] Bluetooth: hci7: command tx timeout [ 1340.035546][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1340.605825][T20178] Bluetooth: hci8: command tx timeout [ 1341.017909][ T7681] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 1341.029304][ T7681] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 1341.041917][ T7681] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 1341.050399][ T7681] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 1341.058826][ T7681] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 1341.074570][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1341.394715][T20178] Bluetooth: hci3: command tx timeout [ 1341.481384][T20178] Bluetooth: hci6: command tx timeout [ 1341.554615][T20178] Bluetooth: hci7: command tx timeout [ 1342.114633][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1342.675941][T20178] Bluetooth: hci8: command tx timeout [ 1343.074655][T20178] Bluetooth: hci9: command tx timeout [ 1343.154632][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1343.475101][T20178] Bluetooth: hci3: command tx timeout [ 1343.554606][T20178] Bluetooth: hci6: command tx timeout [ 1343.634574][T20178] Bluetooth: hci7: command tx timeout [ 1344.204637][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1344.763116][T20178] Bluetooth: hci8: command tx timeout [ 1345.154839][T20178] Bluetooth: hci9: command tx timeout [ 1345.244625][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1345.554581][T20178] Bluetooth: hci3: command tx timeout [ 1345.634570][T20178] Bluetooth: hci6: command tx timeout [ 1345.728344][T20178] Bluetooth: hci7: command tx timeout [ 1346.274581][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1346.834826][T20178] Bluetooth: hci8: command tx timeout [ 1347.234737][T20178] Bluetooth: hci9: command tx timeout [ 1347.314624][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1348.365108][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1349.314579][T20178] Bluetooth: hci9: command tx timeout [ 1349.394579][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1350.444592][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1351.474588][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1352.524587][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1353.554582][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1354.594582][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1355.644572][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1356.674716][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1357.714572][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1358.764577][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1359.794589][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1360.834584][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1361.798095][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1361.874581][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1362.914568][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1363.954575][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1364.995572][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1366.034611][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1367.074578][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1368.114673][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1369.154625][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1370.194632][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1371.244590][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1372.274628][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1373.315424][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1374.114612][ T7681] Bluetooth: hci5: command 0x0406 tx timeout [ 1374.364632][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1375.394629][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1376.434616][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1377.474599][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1378.534615][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1379.564568][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1380.594591][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1381.634828][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1382.684612][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1383.714618][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1384.754618][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1385.804619][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1386.834623][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1387.874611][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1388.914614][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1389.474748][ T7681] Bluetooth: hci2: command 0x0406 tx timeout [ 1389.954668][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1390.994571][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1392.034643][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1393.074648][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1394.114877][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1395.154556][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1396.194591][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1397.095753][ T7681] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 1397.104052][ T7681] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 1397.119145][ T7681] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 1397.128216][ T7681] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 1397.139101][ T7681] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 1397.234575][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1397.638179][ T7681] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 1397.648839][ T7681] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 1397.662971][ T7681] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 1397.672793][ T7681] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 1397.680960][ T7681] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 1397.746756][T20178] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 1397.758966][T20178] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 1397.769694][T20178] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 1397.779251][T20178] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 1397.788820][T20178] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 1398.274593][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1398.563468][T20178] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 1398.573500][T20178] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 1398.586113][T20178] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 1398.598196][T20178] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 1398.606363][T20178] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 1399.234893][ T7681] Bluetooth: hci10: command tx timeout [ 1399.314562][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1399.714599][ T7681] Bluetooth: hci11: command tx timeout [ 1399.875463][ T7681] Bluetooth: hci12: command tx timeout [ 1400.364613][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1400.675010][ T7681] Bluetooth: hci13: command tx timeout [ 1401.115050][T20178] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 1401.124626][T20178] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 1401.133754][T20178] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 1401.142007][T20178] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 1401.156839][T20178] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 1401.314623][ T7681] Bluetooth: hci10: command tx timeout [ 1401.404603][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1401.804537][ T7681] Bluetooth: hci11: command tx timeout [ 1401.965848][ T7681] Bluetooth: hci12: command tx timeout [ 1402.434556][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1402.766321][ T7681] Bluetooth: hci13: command tx timeout [ 1403.234907][ T7681] Bluetooth: hci14: command tx timeout [ 1403.394629][ T7681] Bluetooth: hci10: command tx timeout [ 1403.474545][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1403.874587][ T7681] Bluetooth: hci11: command tx timeout [ 1404.034782][ T7681] Bluetooth: hci12: command tx timeout [ 1404.524564][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1404.845138][ T7681] Bluetooth: hci13: command tx timeout [ 1405.324842][ T7681] Bluetooth: hci14: command tx timeout [ 1405.475784][ T7681] Bluetooth: hci10: command tx timeout [ 1405.554567][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1405.954569][ T7681] Bluetooth: hci11: command tx timeout [ 1406.124688][T20178] Bluetooth: hci12: command tx timeout [ 1406.594618][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1406.924962][T20178] Bluetooth: hci13: command tx timeout [ 1407.394643][T20178] Bluetooth: hci14: command tx timeout [ 1407.634559][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1408.674555][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1409.475931][ T7681] Bluetooth: hci14: command tx timeout [ 1409.714568][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1409.954709][ T7681] Bluetooth: hci0: command 0x0406 tx timeout [ 1410.754547][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1411.794562][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1412.834557][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1413.884555][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1414.914552][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1415.964571][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1416.994569][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1418.034609][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1419.084544][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1420.114583][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1421.154552][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1422.194551][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1423.245908][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1423.252708][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1424.274591][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1425.314568][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1426.354549][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1427.394547][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1428.434551][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1429.484565][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1430.524539][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1431.554569][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1432.594552][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1433.634559][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1434.674645][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1435.557574][ T7681] Bluetooth: hci1: command 0x0406 tx timeout [ 1435.724524][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1436.764543][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1437.794541][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1438.844525][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1439.874577][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1440.674879][ T7681] Bluetooth: hci4: command 0x0406 tx timeout [ 1440.914636][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1441.964544][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1442.994542][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1444.034590][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1445.084537][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1446.114548][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1447.154554][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1448.194555][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1449.234526][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1450.274573][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1451.314532][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1452.364562][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1453.404536][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1454.434540][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1455.474535][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1456.524531][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1457.176144][ T7681] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 1457.189615][ T7681] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 1457.199005][ T7681] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 1457.212275][ T7681] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 1457.221340][ T7681] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2 [ 1457.554533][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1458.262131][ T7681] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1 [ 1458.275793][ T7681] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9 [ 1458.285503][ T7681] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9 [ 1458.293735][ T7681] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4 [ 1458.303481][ T7681] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2 [ 1458.380175][ T7681] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1 [ 1458.391474][ T7681] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9 [ 1458.402747][ T7681] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9 [ 1458.412069][ T7681] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4 [ 1458.420151][ T7681] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2 [ 1458.594529][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1458.672766][ T7681] Bluetooth: hci18: unexpected cc 0x0c03 length: 249 > 1 [ 1458.685933][ T7681] Bluetooth: hci18: unexpected cc 0x1003 length: 249 > 9 [ 1458.699788][ T7681] Bluetooth: hci18: unexpected cc 0x1001 length: 249 > 9 [ 1458.708787][ T7681] Bluetooth: hci18: unexpected cc 0x0c23 length: 249 > 4 [ 1458.718430][ T7681] Bluetooth: hci18: unexpected cc 0x0c38 length: 249 > 2 [ 1459.314764][ T9547] Bluetooth: hci15: command tx timeout [ 1459.634533][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1460.354639][ T9547] Bluetooth: hci16: command tx timeout [ 1460.434746][ T9547] Bluetooth: hci17: command tx timeout [ 1460.674573][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1460.754678][ T9547] Bluetooth: hci18: command tx timeout [ 1461.154757][ T9547] Bluetooth: hci3: command 0x0406 tx timeout [ 1461.160880][ T9547] Bluetooth: hci7: command 0x0406 tx timeout [ 1461.173919][T29088] Bluetooth: hci6: command 0x0406 tx timeout [ 1461.180527][ T9547] Bluetooth: hci8: command 0x0406 tx timeout [ 1461.394651][ T7681] Bluetooth: hci15: command tx timeout [ 1461.649152][T20178] Bluetooth: hci19: unexpected cc 0x0c03 length: 249 > 1 [ 1461.660399][T20178] Bluetooth: hci19: unexpected cc 0x1003 length: 249 > 9 [ 1461.669897][T20178] Bluetooth: hci19: unexpected cc 0x1001 length: 249 > 9 [ 1461.679062][T20178] Bluetooth: hci19: unexpected cc 0x0c23 length: 249 > 4 [ 1461.687087][T20178] Bluetooth: hci19: unexpected cc 0x0c38 length: 249 > 2 [ 1461.714523][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1462.434679][T20178] Bluetooth: hci16: command tx timeout [ 1462.515521][T20178] Bluetooth: hci17: command tx timeout [ 1462.754586][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1462.834575][T20178] Bluetooth: hci18: command tx timeout [ 1463.474630][T20178] Bluetooth: hci15: command tx timeout [ 1463.714614][T20178] Bluetooth: hci19: command tx timeout [ 1463.794516][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1464.514740][ T7681] Bluetooth: hci16: command tx timeout [ 1464.594585][ T7681] Bluetooth: hci17: command tx timeout [ 1464.834647][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1464.914640][ T7681] Bluetooth: hci18: command tx timeout [ 1465.554701][ T7681] Bluetooth: hci15: command tx timeout [ 1465.794739][ T7681] Bluetooth: hci19: command tx timeout [ 1465.884542][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1466.278074][ T7681] Bluetooth: hci9: command 0x0406 tx timeout [ 1466.595377][T20178] Bluetooth: hci16: command tx timeout [ 1466.674685][T20178] Bluetooth: hci17: command tx timeout [ 1466.924536][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1466.994793][T20178] Bluetooth: hci18: command tx timeout [ 1467.875022][T20178] Bluetooth: hci19: command tx timeout [ 1467.964525][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1468.034932][ T30] INFO: task kworker/u8:11:8054 blocked for more than 143 seconds. [ 1468.056201][ T30] Not tainted syzkaller #0 [ 1468.061278][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1468.070658][ T30] task:kworker/u8:11 state:D stack:21248 pid:8054 tgid:8054 ppid:2 task_flags:0x4208160 flags:0x00080000 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1468.083162][ T30] Workqueue: events_unbound linkwatch_event [ 1468.095308][ T30] Call Trace: [ 1468.104862][ T30] [ 1468.108638][ T30] __schedule+0x15dd/0x52d0 [ 1468.124780][ T30] ? update_load_avg+0x1b0/0x1ec0 [ 1468.132836][ T30] ? __pfx___schedule+0x10/0x10 [ 1468.144526][ T30] ? schedule+0x90/0x360 [ 1468.148842][ T30] schedule+0x164/0x360 [ 1468.153088][ T30] schedule_preempt_disabled+0x13/0x30 [ 1468.184510][ T30] __mutex_lock+0x7fe/0x1300 [ 1468.189222][ T30] ? __mutex_lock+0x5ac/0x1300 [ 1468.194049][ T30] ? linkwatch_event+0xe/0x60 [ 1468.214973][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1468.220754][ T30] ? process_scheduled_works+0xa8d/0x18c0 [ 1468.226698][ T30] ? process_scheduled_works+0xa8d/0x18c0 [ 1468.232499][ T30] linkwatch_event+0xe/0x60 [ 1468.269022][ T30] process_scheduled_works+0xb6e/0x18c0 [ 1468.275073][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 1468.281138][ T30] ? assign_work+0x3d5/0x5e0 [ 1468.325878][ T30] worker_thread+0xa53/0xfc0 [ 1468.344534][ T30] kthread+0x388/0x470 [ 1468.348710][ T30] ? __pfx_worker_thread+0x10/0x10 [ 1468.353887][ T30] ? __pfx_kthread+0x10/0x10 [ 1468.375116][ T30] ret_from_fork+0x51e/0xb90 [ 1468.379830][ T30] ? __pfx_ret_from_fork+0x10/0x10 [ 1468.396530][ T30] ? __switch_to+0xc7d/0x1450 [ 1468.401310][ T30] ? __pfx_kthread+0x10/0x10 [ 1468.406050][ T30] ret_from_fork_asm+0x1a/0x30 [ 1468.410893][ T30] [ 1468.414262][ T30] INFO: task kworker/0:2:25957 blocked for more than 143 seconds. [ 1468.432187][ T30] Not tainted syzkaller #0 [ 1468.437773][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1468.446618][ T30] task:kworker/0:2 state:D stack:25088 pid:25957 tgid:25957 ppid:2 task_flags:0x4208060 flags:0x00080000 [ 1468.459139][ T30] Workqueue: events switchdev_deferred_process_work [ 1468.466946][ T30] Call Trace: [ 1468.470286][ T30] [ 1468.473298][ T30] __schedule+0x15dd/0x52d0 [ 1468.478402][ T30] ? do_raw_spin_unlock+0xf5/0x210 [ 1468.483691][ T30] ? __pfx___schedule+0x10/0x10 [ 1468.489035][ T30] ? schedule+0x90/0x360 [ 1468.493340][ T30] schedule+0x164/0x360 [ 1468.502449][ T30] schedule_preempt_disabled+0x13/0x30 [ 1468.508330][ T30] __mutex_lock+0x7fe/0x1300 [ 1468.513012][ T30] ? __mutex_lock+0x5ac/0x1300 [ 1468.519696][ T30] ? switchdev_deferred_process_work+0xe/0x20 [ 1468.528551][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1468.533656][ T30] ? process_scheduled_works+0xa8d/0x18c0 [ 1468.539945][ T30] ? process_scheduled_works+0xa8d/0x18c0 [ 1468.546492][ T30] switchdev_deferred_process_work+0xe/0x20 [ 1468.552465][ T30] process_scheduled_works+0xb6e/0x18c0 [ 1468.558637][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 1468.564991][ T30] ? assign_work+0x3d5/0x5e0 [ 1468.569672][ T30] worker_thread+0xa53/0xfc0 [ 1468.574355][ T30] kthread+0x388/0x470 [ 1468.578795][ T30] ? __pfx_worker_thread+0x10/0x10 [ 1468.583968][ T30] ? __pfx_kthread+0x10/0x10 [ 1468.589150][ T30] ret_from_fork+0x51e/0xb90 [ 1468.593806][ T30] ? __pfx_ret_from_fork+0x10/0x10 [ 1468.599613][ T30] ? __switch_to+0xc7d/0x1450 [ 1468.604400][ T30] ? __pfx_kthread+0x10/0x10 [ 1468.615345][ T30] ret_from_fork_asm+0x1a/0x30 [ 1468.620211][ T30] [ 1468.623391][ T30] INFO: task kworker/u8:1:2353 blocked for more than 143 seconds. [ 1468.634913][ T30] Not tainted syzkaller #0 [ 1468.639943][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1468.666407][ T30] task:kworker/u8:1 state:D stack:24576 pid:2353 tgid:2353 ppid:2 task_flags:0x4208060 flags:0x00080000 [ 1468.679982][ T30] Workqueue: netns cleanup_net [ 1468.685299][ T30] Call Trace: [ 1468.688632][ T30] [ 1468.691610][ T30] __schedule+0x15dd/0x52d0 [ 1468.696808][ T30] ? __pfx___schedule+0x10/0x10 [ 1468.701759][ T30] ? schedule+0x90/0x360 [ 1468.711913][ T30] schedule+0x164/0x360 [ 1468.716386][ T30] schedule_preempt_disabled+0x13/0x30 [ 1468.721963][ T30] __mutex_lock+0x7fe/0x1300 [ 1468.728148][ T30] ? __mutex_lock+0x5ac/0x1300 [ 1468.733107][ T30] ? ops_undo_list+0x2a4/0x940 [ 1468.738083][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1468.743230][ T30] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1468.749345][ T30] ? netns_bpf_run_array_detach+0x88/0x1a0 [ 1468.755415][ T30] ? bpf_prog_array_free+0x26/0x40 [ 1468.760678][ T30] ops_undo_list+0x2a4/0x940 [ 1468.765515][ T30] ? __pfx_ops_undo_list+0x10/0x10 [ 1468.770743][ T30] ? idr_destroy+0x227/0x290 [ 1468.775528][ T30] cleanup_net+0x56b/0x800 [ 1468.780068][ T30] ? __pfx_cleanup_net+0x10/0x10 [ 1468.785170][ T30] ? process_scheduled_works+0xa8d/0x18c0 [ 1468.790998][ T30] ? process_scheduled_works+0xa8d/0x18c0 [ 1468.796992][ T30] process_scheduled_works+0xb6e/0x18c0 [ 1468.802726][ T30] ? __pfx_process_scheduled_works+0x10/0x10 [ 1468.809071][ T30] ? assign_work+0x3d5/0x5e0 [ 1468.813816][ T30] worker_thread+0xa53/0xfc0 [ 1468.818654][ T30] kthread+0x388/0x470 [ 1468.822887][ T30] ? __pfx_worker_thread+0x10/0x10 [ 1468.828159][ T30] ? __pfx_kthread+0x10/0x10 [ 1468.834330][ T30] ret_from_fork+0x51e/0xb90 [ 1468.841353][ T30] ? __pfx_ret_from_fork+0x10/0x10 [ 1468.846667][ T30] ? __switch_to+0xc7d/0x1450 [ 1468.851464][ T30] ? __pfx_kthread+0x10/0x10 [ 1468.856287][ T30] ret_from_fork_asm+0x1a/0x30 [ 1468.861237][ T30] [ 1468.872691][ T30] INFO: task syz.2.10662:9424 blocked for more than 144 seconds. [ 1468.883540][ T30] Not tainted syzkaller #0 [ 1468.889087][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1468.898226][ T30] task:syz.2.10662 state:D stack:27520 pid:9424 tgid:9424 ppid:8631 task_flags:0x400040 flags:0x00080002 [ 1468.910665][ T30] Call Trace: [ 1468.914059][ T30] [ 1468.917660][ T30] __schedule+0x15dd/0x52d0 [ 1468.922331][ T30] ? __pfx___schedule+0x10/0x10 [ 1468.927792][ T30] ? schedule+0x90/0x360 [ 1468.934005][ T30] schedule+0x164/0x360 [ 1468.941412][ T30] schedule_preempt_disabled+0x13/0x30 [ 1468.948275][ T30] __mutex_lock+0x7fe/0x1300 [ 1468.952999][ T30] ? __mutex_lock+0x5ac/0x1300 [ 1468.959313][ T30] ? tun_chr_close+0x3e/0x1c0 [ 1468.964819][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1468.969987][ T30] ? __pfx_tun_chr_close+0x10/0x10 [ 1468.975586][ T30] tun_chr_close+0x3e/0x1c0 [ 1468.980226][ T30] __fput+0x44f/0xa70 [ 1468.984830][ T30] task_work_run+0x1d9/0x270 [ 1468.989554][ T30] ? __pfx_task_work_run+0x10/0x10 [ 1468.994887][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1469.006586][ T30] exit_to_user_mode_loop+0xed/0x480 [ 1469.012032][ T30] ? rcu_is_watching+0x15/0xb0 [ 1469.018090][ T30] do_syscall_64+0x32d/0xf80 [ 1469.022823][ T30] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1469.030057][ T30] ? clear_bhb_loop+0x40/0x90 [ 1469.036646][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1469.042686][ T30] RIP: 0033:0x7face839c819 [ 1469.049532][ T30] RSP: 002b:00007ffe841dab58 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1469.059341][ T30] RAX: 0000000000000000 RBX: 00007face8617da0 RCX: 00007face839c819 [ 1469.068795][ T30] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 1469.078556][ T30] RBP: 00007face8617da0 R08: 0000000000000006 R09: 0000000000000000 [ 1469.086903][ T30] R10: 00007face8617cb0 R11: 0000000000000246 R12: 0000000000142cd4 [ 1469.095257][ T30] R13: 00007face8615fac R14: 00000000001429f1 R15: 00007ffe841dac60 [ 1469.103475][ T30] [ 1469.107006][ T30] INFO: task syz.2.10662:9425 blocked for more than 144 seconds. [ 1469.115074][ T30] Not tainted syzkaller #0 [ 1469.120059][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1469.129828][ T30] task:syz.2.10662 state:D stack:26728 pid:9425 tgid:9424 ppid:8631 task_flags:0x400140 flags:0x00080002 [ 1469.149285][ T30] Call Trace: [ 1469.152640][ T30] [ 1469.159812][ T30] __schedule+0x15dd/0x52d0 [ 1469.165909][ T30] ? __pfx___schedule+0x10/0x10 [ 1469.170834][ T30] ? schedule+0x90/0x360 [ 1469.176716][ T30] schedule+0x164/0x360 [ 1469.180947][ T30] schedule_preempt_disabled+0x13/0x30 [ 1469.186969][ T30] __mutex_lock+0x7fe/0x1300 [ 1469.191640][ T30] ? __mutex_lock+0x5ac/0x1300 [ 1469.197014][ T30] ? nl80211_pre_doit+0x5e/0x8a0 [ 1469.202037][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1469.207620][ T30] ? __nla_parse+0x40/0x60 [ 1469.212106][ T30] nl80211_pre_doit+0x5e/0x8a0 [ 1469.217428][ T30] genl_family_rcv_msg_doit+0x1d7/0x330 [ 1469.223041][ T30] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1469.229612][ T30] ? bpf_lsm_capable+0x9/0x20 [ 1469.234362][ T30] ? security_capable+0x7e/0x2c0 [ 1469.245250][ T30] genl_rcv_msg+0x61c/0x7a0 [ 1469.250030][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1469.255595][ T30] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 1469.261120][ T30] ? __pfx_nl80211_tx_mgmt+0x10/0x10 [ 1469.269835][ T30] ? __pfx_nl80211_post_doit+0x10/0x10 [ 1469.276718][ T30] netlink_rcv_skb+0x232/0x4b0 [ 1469.281554][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1469.288060][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1469.293441][ T30] ? down_read+0x272/0x2e0 [ 1469.301768][ T30] ? genl_rcv+0xd/0x40 [ 1469.306232][ T30] genl_rcv+0x28/0x40 [ 1469.310277][ T30] netlink_unicast+0x75c/0x8e0 [ 1469.317184][ T30] netlink_sendmsg+0x813/0xb40 [ 1469.322037][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1469.327823][ T30] ? aa_sock_msg_perm+0xf1/0x1b0 [ 1469.332929][ T30] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 1469.338756][ T30] ____sys_sendmsg+0x972/0x9f0 [ 1469.347232][ T30] ? futex_unqueue+0x211/0x240 [ 1469.352091][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1469.358095][ T30] ? import_iovec+0x73/0xa0 [ 1469.362683][ T30] ___sys_sendmsg+0x2a5/0x360 [ 1469.367870][ T30] ? __pfx____sys_sendmsg+0x10/0x10 [ 1469.373155][ T30] ? futex_wait+0x29a/0x380 [ 1469.381053][ T30] ? __fget_files+0x2a/0x420 [ 1469.387117][ T30] ? __fget_files+0x3a0/0x420 [ 1469.391878][ T30] __x64_sys_sendmsg+0x1bd/0x2a0 [ 1469.398518][ T30] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 1469.404065][ T30] ? rcu_is_watching+0x15/0xb0 [ 1469.409370][ T30] do_syscall_64+0x14d/0xf80 [ 1469.414022][ T30] ? trace_irq_disable+0x3b/0x150 [ 1469.419541][ T30] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1469.425923][ T30] ? clear_bhb_loop+0x40/0x90 [ 1469.430661][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1469.437051][ T30] RIP: 0033:0x7face839c819 [ 1469.441520][ T30] RSP: 002b:00007face924d028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1469.454032][ T30] RAX: ffffffffffffffda RBX: 00007face8615fa0 RCX: 00007face839c819 [ 1469.462924][ T30] RDX: 0000000000000000 RSI: 0000200000001380 RDI: 0000000000000006 [ 1469.471385][ T30] RBP: 00007face8432c91 R08: 0000000000000000 R09: 0000000000000000 [ 1469.479824][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1469.491382][ T30] R13: 00007face8616038 R14: 00007face8615fa0 R15: 00007ffe841da9f8 [ 1469.500872][ T30] [ 1469.504169][ T30] INFO: task syz.4.10666:9435 blocked for more than 144 seconds. [ 1469.513559][ T30] Not tainted syzkaller #0 [ 1469.520147][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1469.529198][ T30] task:syz.4.10666 state:D stack:28832 pid:9435 tgid:9432 ppid:9037 task_flags:0x400040 flags:0x00080002 [ 1469.542040][ T30] Call Trace: [ 1469.548431][ T30] [ 1469.551444][ T30] __schedule+0x15dd/0x52d0 [ 1469.557198][ T30] ? futex_unqueue+0x22/0x240 [ 1469.561956][ T30] ? __pfx___schedule+0x10/0x10 [ 1469.567765][ T30] ? schedule+0x90/0x360 [ 1469.572075][ T30] schedule+0x164/0x360 [ 1469.576835][ T30] schedule_preempt_disabled+0x13/0x30 [ 1469.582371][ T30] __mutex_lock+0x7fe/0x1300 [ 1469.588089][ T30] ? __mutex_lock+0x5ac/0x1300 [ 1469.592940][ T30] ? do_ip_setsockopt+0xefa/0x2ea0 [ 1469.601311][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1469.607729][ T30] ? __pfx_futex_wait+0x10/0x10 [ 1469.612672][ T30] do_ip_setsockopt+0xefa/0x2ea0 [ 1469.619104][ T30] ? __pfx_do_ip_setsockopt+0x10/0x10 [ 1469.624807][ T30] ? aa_sk_perm+0x6d5/0x900 [ 1469.629407][ T30] ? __pfx_aa_sk_perm+0x10/0x10 [ 1469.634318][ T30] ? __fget_files+0x2a/0x420 [ 1469.645670][ T30] ? aa_sock_opt_perm+0xff/0x1a0 [ 1469.653357][ T30] ip_setsockopt+0x66/0x110 [ 1469.658398][ T30] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 1469.664356][ T30] do_sock_setsockopt+0x17c/0x1b0 [ 1469.669868][ T30] __x64_sys_setsockopt+0x13d/0x1b0 [ 1469.676449][ T30] do_syscall_64+0x14d/0xf80 [ 1469.681114][ T30] ? trace_irq_disable+0x3b/0x150 [ 1469.686753][ T30] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1469.692903][ T30] ? clear_bhb_loop+0x40/0x90 [ 1469.698064][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1469.704029][ T30] RIP: 0033:0x7f661d39c819 [ 1469.711859][ T30] RSP: 002b:00007f661e2c9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1469.722369][ T30] RAX: ffffffffffffffda RBX: 00007f661d615fa0 RCX: 00007f661d39c819 [ 1469.731735][ T30] RDX: 000000000000002e RSI: 0000000000000000 RDI: 0000000000000003 [ 1469.740190][ T30] RBP: 00007f661d432c91 R08: 0000000000000108 R09: 0000000000000000 [ 1469.748566][ T30] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1469.759898][ T30] R13: 00007f661d616038 R14: 00007f661d615fa0 R15: 00007ffddc703d88 [ 1469.768285][ T30] [ 1469.771431][ T30] INFO: task syz.4.10666:9436 blocked for more than 145 seconds. [ 1469.779592][ T30] Not tainted syzkaller #0 [ 1469.785345][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1469.794059][ T30] task:syz.4.10666 state:D stack:28736 pid:9436 tgid:9432 ppid:9037 task_flags:0x400040 flags:0x00080002 [ 1469.808974][ T30] Call Trace: [ 1469.812322][ T30] [ 1469.818844][ T30] __schedule+0x15dd/0x52d0 [ 1469.823439][ T30] ? kasan_save_track+0x3e/0x80 [ 1469.829914][ T30] ? kfree+0x1c1/0x630 [ 1469.834143][ T30] ? __pfx___schedule+0x10/0x10 [ 1469.840647][ T30] ? schedule+0x90/0x360 [ 1469.845310][ T30] schedule+0x164/0x360 [ 1469.849618][ T30] schedule_preempt_disabled+0x13/0x30 [ 1469.858997][ T30] __mutex_lock+0x7fe/0x1300 [ 1469.863703][ T30] ? __mutex_lock+0x5ac/0x1300 [ 1469.869068][ T30] ? do_ip_setsockopt+0xefa/0x2ea0 [ 1469.874351][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1469.882399][ T30] ? tomoyo_path_number_perm+0x219/0x630 [ 1469.888439][ T30] ? do_vfs_ioctl+0x1166/0x1530 [ 1469.893361][ T30] do_ip_setsockopt+0xefa/0x2ea0 [ 1469.899261][ T30] ? __pfx_do_ip_setsockopt+0x10/0x10 [ 1469.905001][ T30] ? aa_sk_perm+0x6d5/0x900 [ 1469.909584][ T30] ? __pfx_aa_sk_perm+0x10/0x10 [ 1469.915014][ T30] ? __fget_files+0x2a/0x420 [ 1469.919660][ T30] ? aa_sock_opt_perm+0xff/0x1a0 [ 1469.928194][ T30] ip_setsockopt+0x66/0x110 [ 1469.932775][ T30] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 1469.940176][ T30] do_sock_setsockopt+0x17c/0x1b0 [ 1469.946644][ T30] __x64_sys_setsockopt+0x13d/0x1b0 [ 1469.951923][ T30] do_syscall_64+0x14d/0xf80 [ 1469.956934][T20178] Bluetooth: hci19: command tx timeout [ 1469.967429][ T30] ? trace_irq_disable+0x3b/0x150 [ 1469.972524][ T30] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1469.979093][ T30] ? clear_bhb_loop+0x40/0x90 [ 1469.983836][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1469.990252][ T30] RIP: 0033:0x7f661d39c819 [ 1469.995014][ T30] RSP: 002b:00007f661e2a8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1470.003499][ T30] RAX: ffffffffffffffda RBX: 00007f661d616090 RCX: 00007f661d39c819 [ 1470.012493][ T30] RDX: 000000000000002c RSI: 0000000000000000 RDI: 0000000000000003 [ 1470.020820][ T30] RBP: 00007f661d432c91 R08: 0000000000000108 R09: 0000000000000000 [ 1470.029290][ T30] R10: 0000200000000400 R11: 0000000000000246 R12: 0000000000000000 [ 1470.037497][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1470.050966][ T30] R13: 00007f661d616128 R14: 00007f661d616090 R15: 00007ffddc703d88 [ 1470.063157][ T30] [ 1470.066666][ T30] INFO: task syz.1.10681:9466 blocked for more than 145 seconds. [ 1470.074889][ T30] Not tainted syzkaller #0 [ 1470.079912][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1470.089378][ T30] task:syz.1.10681 state:D stack:28248 pid:9466 tgid:9465 ppid:7885 task_flags:0x400140 flags:0x00080002 [ 1470.102845][ T30] Call Trace: [ 1470.106574][ T30] [ 1470.109574][ T30] __schedule+0x15dd/0x52d0 [ 1470.114189][ T30] ? __pfx___schedule+0x10/0x10 [ 1470.121485][ T30] ? schedule+0x90/0x360 [ 1470.126267][ T30] schedule+0x164/0x360 [ 1470.130507][ T30] schedule_preempt_disabled+0x13/0x30 [ 1470.136628][ T30] __mutex_lock+0x7fe/0x1300 [ 1470.141304][ T30] ? __mutex_lock+0x5ac/0x1300 [ 1470.146656][ T30] ? ip_mroute_setsockopt+0x137/0x1090 [ 1470.152319][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1470.165534][ T30] ? __schedule+0x15f3/0x52d0 [ 1470.170319][ T30] ? __futex_wait+0x371/0x420 [ 1470.175618][ T30] ip_mroute_setsockopt+0x137/0x1090 [ 1470.180977][ T30] ? __pfx_ip_mroute_setsockopt+0x10/0x10 [ 1470.187234][ T30] ? irqentry_exit+0x59e/0x620 [ 1470.192069][ T30] ? lockdep_hardirqs_on+0x7a/0x110 [ 1470.198571][ T30] ? irqentry_exit+0x59e/0x620 [ 1470.203493][ T30] do_ip_setsockopt+0xf1e/0x2ea0 [ 1470.209012][ T30] ? __pfx_do_ip_setsockopt+0x10/0x10 [ 1470.214871][ T30] ? aa_sk_perm+0x6d5/0x900 [ 1470.219450][ T30] ? __pfx_aa_sk_perm+0x10/0x10 [ 1470.224368][ T30] ? __fget_files+0x2a/0x420 [ 1470.230020][ T30] ? aa_sock_opt_perm+0xff/0x1a0 [ 1470.235321][ T30] ip_setsockopt+0x66/0x110 [ 1470.239880][ T30] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 1470.246602][ T30] do_sock_setsockopt+0x17c/0x1b0 [ 1470.251694][ T30] __x64_sys_setsockopt+0x13d/0x1b0 [ 1470.257427][ T30] do_syscall_64+0x14d/0xf80 [ 1470.269372][ T30] ? trace_irq_disable+0x3b/0x150 [ 1470.277671][ T30] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1470.283910][ T30] ? clear_bhb_loop+0x40/0x90 [ 1470.289146][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1470.295373][ T30] RIP: 0033:0x7f78e059c819 [ 1470.299887][ T30] RSP: 002b:00007f78e13c2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1470.308823][ T30] RAX: ffffffffffffffda RBX: 00007f78e0815fa0 RCX: 00007f78e059c819 [ 1470.317255][ T30] RDX: 00000000000000c8 RSI: 0000000000000000 RDI: 0000000000000003 [ 1470.325609][ T30] RBP: 00007f78e0632c91 R08: 0000000000000004 R09: 0000000000000000 [ 1470.333714][ T30] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000000 [ 1470.342681][ T30] R13: 00007f78e0816038 R14: 00007f78e0815fa0 R15: 00007ffd10edb168 [ 1470.351052][ T30] [ 1470.354174][ T30] INFO: task syz.1.10681:9467 blocked for more than 145 seconds. [ 1470.362918][ T30] Not tainted syzkaller #0 [ 1470.370827][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1470.383631][ T30] task:syz.1.10681 state:D stack:28832 pid:9467 tgid:9465 ppid:7885 task_flags:0x400140 flags:0x00080002 [ 1470.396964][ T30] Call Trace: [ 1470.400320][ T30] [ 1470.403392][ T30] __schedule+0x15dd/0x52d0 [ 1470.408542][ T30] ? rcu_is_watching+0x15/0xb0 [ 1470.413374][ T30] ? __schedule+0x15f3/0x52d0 [ 1470.418551][ T30] ? __pfx___schedule+0x10/0x10 [ 1470.423502][ T30] ? schedule+0x90/0x360 [ 1470.428172][ T30] schedule+0x164/0x360 [ 1470.432467][ T30] schedule_preempt_disabled+0x13/0x30 [ 1470.438544][ T30] __mutex_lock+0x7fe/0x1300 [ 1470.443213][ T30] ? __mutex_lock+0x5ac/0x1300 [ 1470.448879][ T30] ? ip_mroute_setsockopt+0x137/0x1090 [ 1470.454402][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1470.459909][ T30] ? __futex_wait+0x1fc/0x420 [ 1470.465082][ T30] ? __futex_wait+0x371/0x420 [ 1470.472514][ T30] ip_mroute_setsockopt+0x137/0x1090 [ 1470.478333][ T30] ? __pfx_ip_mroute_setsockopt+0x10/0x10 [ 1470.484121][ T30] ? futex_wait+0x29a/0x380 [ 1470.493198][ T30] ? __pfx_futex_wait+0x10/0x10 [ 1470.498467][ T30] do_ip_setsockopt+0xf1e/0x2ea0 [ 1470.503826][ T30] ? __pfx_do_ip_setsockopt+0x10/0x10 [ 1470.510826][ T30] ? aa_sk_perm+0x6d5/0x900 [ 1470.515727][ T30] ? __pfx_aa_sk_perm+0x10/0x10 [ 1470.520666][ T30] ? __fget_files+0x2a/0x420 [ 1470.525733][ T30] ? aa_sock_opt_perm+0xff/0x1a0 [ 1470.530728][ T30] ip_setsockopt+0x66/0x110 [ 1470.535723][ T30] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 1470.541674][ T30] do_sock_setsockopt+0x17c/0x1b0 [ 1470.547166][ T30] __x64_sys_setsockopt+0x13d/0x1b0 [ 1470.552440][ T30] do_syscall_64+0x14d/0xf80 [ 1470.558551][ T30] ? trace_irq_disable+0x3b/0x150 [ 1470.563725][ T30] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1470.573052][ T30] ? clear_bhb_loop+0x40/0x90 [ 1470.578295][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1470.584250][ T30] RIP: 0033:0x7f78e059c819 [ 1470.589121][ T30] RSP: 002b:00007f78e13a1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1470.602970][ T30] RAX: ffffffffffffffda RBX: 00007f78e0816090 RCX: 00007f78e059c819 [ 1470.611425][ T30] RDX: 00000000000000ca RSI: 0000000000000000 RDI: 0000000000000005 [ 1470.620740][ T30] RBP: 00007f78e0632c91 R08: 0000000000000010 R09: 0000000000000000 [ 1470.629052][ T30] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000 [ 1470.637417][ T30] R13: 00007f78e0816128 R14: 00007f78e0816090 R15: 00007ffd10edb168 [ 1470.645818][ T30] [ 1470.648937][ T30] INFO: task syz.1.10681:9468 blocked for more than 145 seconds. [ 1470.657131][ T30] Not tainted syzkaller #0 [ 1470.662108][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1470.674295][ T30] task:syz.1.10681 state:D stack:28832 pid:9468 tgid:9465 ppid:7885 task_flags:0x400040 flags:0x00080002 [ 1470.693998][ T30] Call Trace: [ 1470.697629][ T30] [ 1470.700705][ T30] __schedule+0x15dd/0x52d0 [ 1470.709724][ T30] ? kasan_save_track+0x3e/0x80 [ 1470.714982][ T30] ? kfree+0x1c1/0x630 [ 1470.719216][ T30] ? __pfx___schedule+0x10/0x10 [ 1470.724132][ T30] ? schedule+0x90/0x360 [ 1470.730330][ T30] schedule+0x164/0x360 [ 1470.734858][ T30] schedule_preempt_disabled+0x13/0x30 [ 1470.740390][ T30] __mutex_lock+0x7fe/0x1300 [ 1470.745499][ T30] ? __mutex_lock+0x5ac/0x1300 [ 1470.750334][ T30] ? do_ip_setsockopt+0xefa/0x2ea0 [ 1470.756368][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1470.761459][ T30] ? tomoyo_path_number_perm+0x219/0x630 [ 1470.767651][ T30] ? do_vfs_ioctl+0x1166/0x1530 [ 1470.772574][ T30] do_ip_setsockopt+0xefa/0x2ea0 [ 1470.781346][ T30] ? __pfx_do_ip_setsockopt+0x10/0x10 [ 1470.787153][ T30] ? aa_sk_perm+0x6d5/0x900 [ 1470.791728][ T30] ? __pfx_aa_sk_perm+0x10/0x10 [ 1470.797196][ T30] ? __fget_files+0x2a/0x420 [ 1470.801871][ T30] ? aa_sock_opt_perm+0xff/0x1a0 [ 1470.809619][ T30] ip_setsockopt+0x66/0x110 [ 1470.814193][ T30] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 1470.824813][ T30] do_sock_setsockopt+0x17c/0x1b0 [ 1470.829920][ T30] __x64_sys_setsockopt+0x13d/0x1b0 [ 1470.837690][ T30] do_syscall_64+0x14d/0xf80 [ 1470.842453][ T30] ? trace_irq_disable+0x3b/0x150 [ 1470.848034][ T30] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1470.854165][ T30] ? clear_bhb_loop+0x40/0x90 [ 1470.859364][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1470.865615][ T30] RIP: 0033:0x7f78e059c819 [ 1470.870088][ T30] RSP: 002b:00007f78e1380028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1470.881938][ T30] RAX: ffffffffffffffda RBX: 00007f78e0816180 RCX: 00007f78e059c819 [ 1470.890766][ T30] RDX: 0000000000000023 RSI: 0000000000000000 RDI: 0000000000000004 [ 1470.899153][ T30] RBP: 00007f78e0632c91 R08: 0000000000000008 R09: 0000000000000000 [ 1470.907674][ T30] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1470.918396][ T30] R13: 00007f78e0816218 R14: 00007f78e0816180 R15: 00007ffd10edb168 [ 1470.930622][ T30] [ 1470.933705][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 1470.943319][ T30] INFO: task syz.1.10681:9469 blocked for more than 146 seconds. [ 1470.952385][ T30] Not tainted syzkaller #0 [ 1470.958659][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1470.967728][ T30] task:syz.1.10681 state:D stack:28128 pid:9469 tgid:9465 ppid:7885 task_flags:0x400040 flags:0x00080002 [ 1470.983139][ T30] Call Trace: [ 1470.986855][ T30] [ 1470.989983][ T30] __schedule+0x15dd/0x52d0 [ 1471.000029][ T30] ? rcu_is_watching+0x15/0xb0 [ 1471.005281][ T30] ? __schedule+0x15f3/0x52d0 [ 1471.010093][ T30] ? __pfx___schedule+0x10/0x10 [ 1471.015591][ T30] ? schedule+0x90/0x360 [ 1471.019963][ T30] schedule+0x164/0x360 [ 1471.024238][ T30] schedule_preempt_disabled+0x13/0x30 [ 1471.030746][ T30] __mutex_lock+0x7fe/0x1300 [ 1471.039877][ T30] ? __mutex_lock+0x5ac/0x1300 [ 1471.045336][ T30] ? ip_mroute_setsockopt+0x137/0x1090 [ 1471.050980][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1471.057487][ T30] ? __futex_wait+0x1fc/0x420 [ 1471.062344][ T30] ? __futex_wait+0x371/0x420 [ 1471.068156][ T30] ip_mroute_setsockopt+0x137/0x1090 [ 1471.073585][ T30] ? __pfx_ip_mroute_setsockopt+0x10/0x10 [ 1471.079522][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1471.090122][ T30] ? futex_wait+0x29a/0x380 [ 1471.095107][ T30] ? __pfx_futex_wait+0x10/0x10 [ 1471.100100][ T30] do_ip_setsockopt+0xf1e/0x2ea0 [ 1471.106111][ T30] ? __pfx_do_ip_setsockopt+0x10/0x10 [ 1471.111626][ T30] ? aa_sk_perm+0x6d5/0x900 [ 1471.116693][ T30] ? __pfx_aa_sk_perm+0x10/0x10 [ 1471.121676][ T30] ? __fget_files+0x2a/0x420 [ 1471.127001][ T30] ? aa_sock_opt_perm+0xff/0x1a0 [ 1471.132066][ T30] ip_setsockopt+0x66/0x110 [ 1471.137167][ T30] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 1471.143232][ T30] do_sock_setsockopt+0x17c/0x1b0 [ 1471.152655][ T30] __x64_sys_setsockopt+0x13d/0x1b0 [ 1471.159702][ T30] do_syscall_64+0x14d/0xf80 [ 1471.164744][ T30] ? trace_irq_disable+0x3b/0x150 [ 1471.169906][ T30] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1471.177634][ T30] ? clear_bhb_loop+0x40/0x90 [ 1471.182446][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1471.191737][ T30] RIP: 0033:0x7f78e059c819 [ 1471.197344][ T30] RSP: 002b:00007f78de3f4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1471.206414][ T30] RAX: ffffffffffffffda RBX: 00007f78e0816270 RCX: 00007f78e059c819 [ 1471.215335][ T30] RDX: 00000000000000d2 RSI: 0000000000000000 RDI: 0000000000000005 [ 1471.223439][ T30] RBP: 00007f78e0632c91 R08: 000000000000003c R09: 0000000000000000 [ 1471.232203][ T30] R10: 0000200000000200 R11: 0000000000000246 R12: 0000000000000000 [ 1471.240861][ T30] R13: 00007f78e0816308 R14: 00007f78e0816270 R15: 00007ffd10edb168 [ 1471.249488][ T30] [ 1471.252624][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 1471.264597][ T30] [ 1471.264597][ T30] Showing all locks held in the system: [ 1471.272900][ T30] 1 lock held by khungtaskd/30: [ 1471.278399][ T30] #0: ffffffff8e75e5a0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 1471.293096][ T30] 3 locks held by kworker/u8:6/725: [ 1471.299366][ T30] #0: ffff888031828948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0 [ 1471.311612][ T30] #1: ffffc900037e7c40 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0 [ 1471.327660][ T30] #2: ffffffff8fbcb6c8 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30 [ 1471.337635][ T30] 1 lock held by udevd/5195: [ 1471.342353][ T30] 2 locks held by getty/5579: [ 1471.347621][ T30] #0: ffff8880368df0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 1471.357940][ T30] #1: ffffc9000322b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x45c/0x13c0 [ 1471.369609][ T30] 3 locks held by kworker/0:11/7165: [ 1471.375361][ T30] #0: ffff88813fe11d48 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0 [ 1471.388267][ T30] #1: ffffc9000465fc40 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0 [ 1471.403000][ T30] #2: ffffffff8fbcb6c8 (rtnl_mutex){+.+.}-{4:4}, at: reg_check_chans_work+0xab/0x1140 [ 1471.413237][ T30] 3 locks held by kworker/u8:11/8054: [ 1471.419088][ T30] #0: ffff88813fe54148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0 [ 1471.431291][ T30] #1: ffffc90004337c40 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0 [ 1471.442781][ T30] #2: ffffffff8fbcb6c8 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60 [ 1471.452296][ T30] 3 locks held by kworker/0:2/25957: [ 1471.458145][ T30] #0: ffff88813fe13148 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0 [ 1471.469630][ T30] #1: ffffc90004cbfc40 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0 [ 1471.482530][ T30] #2: ffffffff8fbcb6c8 (rtnl_mutex){+.+.}-{4:4}, at: switchdev_deferred_process_work+0xe/0x20 [ 1471.495277][ T30] 4 locks held by kworker/u8:1/2353: [ 1471.500681][ T30] #0: ffff88801bae6948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0 [ 1471.512204][ T30] #1: ffffc90003417c40 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0 [ 1471.523439][ T30] #2: ffffffff8fbbcdd0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf4/0x800 [ 1471.533257][ T30] #3: ffffffff8fbcb6c8 (rtnl_mutex){+.+.}-{4:4}, at: ops_undo_list+0x2a4/0x940 [ 1471.542855][ T30] 2 locks held by syz.0.10657/9415: [ 1471.548466][ T30] #0: ffffffff8fbcb6c8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x883/0x1bb0 [ 1471.560369][ T30] #1: ffff8880b2738d88 (&dev_instance_lock_key#18){+.+.}-{4:4}, at: napi_disable+0x4e/0x80 [ 1471.571499][ T30] 1 lock held by syz.2.10662/9424: [ 1471.577592][ T30] #0: ffffffff8fbcb6c8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3e/0x1c0 [ 1471.587117][ T30] 2 locks held by syz.2.10662/9425: [ 1471.592431][ T30] #0: ffffffff8fc3a810 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 1471.602819][ T30] #1: ffffffff8fbcb6c8 (rtnl_mutex){+.+.}-{4:4}, at: nl80211_pre_doit+0x5e/0x8a0 [ 1471.612742][ T30] 1 lock held by syz.4.10666/9435: [ 1471.618363][ T30] #0: ffffffff8fbcb6c8 (rtnl_mutex){+.+.}-{4:4}, at: do_ip_setsockopt+0xefa/0x2ea0 [ 1471.628223][ T30] 1 lock held by syz.4.10666/9436: [ 1471.633433][ T30] #0: ffffffff8fbcb6c8 (rtnl_mutex){+.+.}-{4:4}, at: do_ip_setsockopt+0xefa/0x2ea0 [ 1471.643738][ T30] 1 lock held by syz.1.10681/9466: [ 1471.649340][ T30] #0: ffffffff8fbcb6c8 (rtnl_mutex){+.+.}-{4:4}, at: ip_mroute_setsockopt+0x137/0x1090 [ 1471.659984][ T30] 1 lock held by syz.1.10681/9467: [ 1471.665466][ T30] #0: ffffffff8fbcb6c8 (rtnl_mutex){+.+.}-{4:4}, at: ip_mroute_setsockopt+0x137/0x1090 [ 1471.675822][ T30] 1 lock held by syz.1.10681/9468: [ 1471.681382][ T30] #0: ffffffff8fbcb6c8 (rtnl_mutex){+.+.}-{4:4}, at: do_ip_setsockopt+0xefa/0x2ea0 [ 1471.691320][ T30] 1 lock held by syz.1.10681/9469: [ 1471.698590][ T30] #0: ffffffff8fbcb6c8 (rtnl_mutex){+.+.}-{4:4}, at: ip_mroute_setsockopt+0x137/0x1090 [ 1471.708785][ T30] 1 lock held by syz.3.10693/9494: [ 1471.714023][ T30] #0: ffffffff8fbcb6c8 (rtnl_mutex){+.+.}-{4:4}, at: dev_ethtool+0x1e1/0x1ae0 [ 1471.731944][ T30] 1 lock held by syz-executor/9498: [ 1471.737687][ T30] #0: ffffffff8fbcb6c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0 [ 1471.747825][ T30] 1 lock held by syz-executor/9499: [ 1471.753141][ T30] #0: ffffffff8fbcb6c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0 [ 1471.763428][ T30] 1 lock held by syz-executor/9502: [ 1471.769484][ T30] #0: ffffffff8fbcb6c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0 [ 1471.779362][ T30] 1 lock held by syz-executor/9505: [ 1471.785092][ T30] #0: ffffffff8fbcb6c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0 [ 1471.795355][ T30] 1 lock held by syz-executor/9511: [ 1471.803407][ T30] #0: ffffffff8fbcb6c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0 [ 1471.813558][ T30] 1 lock held by syz-executor/9514: [ 1471.819205][ T30] #0: ffffffff8fbcb6c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0 [ 1471.829408][ T30] 1 lock held by syz-executor/9518: [ 1471.835455][ T30] #0: ffffffff8fbcb6c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0 [ 1471.845358][ T30] 1 lock held by syz-executor/9521: [ 1471.850831][ T30] #0: ffffffff8fbcb6c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0 [ 1471.860763][ T30] 1 lock held by syz-executor/9524: [ 1471.866384][ T30] #0: ffffffff8fbcb6c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0 [ 1471.876843][ T30] 1 lock held by syz-executor/9527: [ 1471.882174][ T30] #0: ffffffff8fbcb6c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0 [ 1471.892707][ T30] 1 lock held by syz-executor/9535: [ 1471.898445][ T30] #0: ffffffff8fbcb6c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0 [ 1471.913420][ T30] 1 lock held by syz-executor/9539: [ 1471.919108][ T30] #0: ffffffff8fbcb6c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0 [ 1471.929094][ T30] 1 lock held by syz-executor/9541: [ 1471.934395][ T30] #0: ffffffff8fbcb6c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0 [ 1471.945117][ T30] 1 lock held by syz-executor/9544: [ 1471.950424][ T30] #0: ffffffff8fbcb6c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0 [ 1471.961288][ T30] 1 lock held by syz-executor/9551: [ 1471.966912][ T30] #0: ffffffff8fbcb6c8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x404/0x1ad0 [ 1471.976995][ T30] [ 1471.979499][ T30] ============================================= [ 1471.979499][ T30] [ 1471.988592][ T30] NMI backtrace for cpu 0 [ 1471.988611][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) [ 1471.988636][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1471.988651][ T30] Call Trace: [ 1471.988661][ T30] [ 1471.988671][ T30] dump_stack_lvl+0xe8/0x150 [ 1471.988712][ T30] nmi_cpu_backtrace+0x274/0x2d0 [ 1471.988748][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 1471.988782][ T30] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 1471.988819][ T30] sys_info+0x135/0x170 [ 1471.988848][ T30] watchdog+0xfd9/0x1030 [ 1471.988883][ T30] ? watchdog+0x21a/0x1030 [ 1471.988913][ T30] kthread+0x388/0x470 [ 1471.988937][ T30] ? __pfx_watchdog+0x10/0x10 [ 1471.988958][ T30] ? __pfx_kthread+0x10/0x10 [ 1471.988982][ T30] ret_from_fork+0x51e/0xb90 [ 1471.989016][ T30] ? __pfx_ret_from_fork+0x10/0x10 [ 1471.989045][ T30] ? __switch_to+0xc7d/0x1450 [ 1471.989076][ T30] ? __pfx_kthread+0x10/0x10 [ 1471.989101][ T30] ret_from_fork_asm+0x1a/0x30 [ 1471.989152][ T30] [ 1471.989183][ T30] Sending NMI from CPU 0 to CPUs 1: [ 1472.102342][ C1] NMI backtrace for cpu 1 [ 1472.102363][ C1] CPU: 1 UID: 0 PID: 137 Comm: kworker/u8:5 Not tainted syzkaller #0 PREEMPT(full) [ 1472.102385][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1472.102400][ C1] Workqueue: events_unbound cfg80211_wiphy_work [ 1472.102428][ C1] RIP: 0010:check_preemption_disabled+0x1/0xe0 [ 1472.102457][ C1] Code: 20 d4 27 8c 48 c7 c6 60 d4 27 8c eb 1c 66 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 55 <41> 57 41 56 53 65 8b 05 57 93 69 07 65 8b 0d 4c 93 69 07 f7 c1 ff [ 1472.102475][ C1] RSP: 0018:ffffc90000a08880 EFLAGS: 00000002 [ 1472.102492][ C1] RAX: 0000000000000000 RBX: 0000000000000202 RCX: 0000000080000102 [ 1472.102505][ C1] RDX: ffffc90000a08a01 RSI: ffffffff8df48923 RDI: ffffffff8c27d480 [ 1472.102520][ C1] RBP: dffffc0000000000 R08: ffffc90002e27f38 R09: 0000000000000000 [ 1472.102535][ C1] R10: ffffc90000a08a18 R11: fffff52000141145 R12: ffffc90002e27f48 [ 1472.102550][ C1] R13: ffffffff81767a55 R14: ffffffff8e75e5a0 R15: ffff88801f751e80 [ 1472.102565][ C1] FS: 0000000000000000(0000) GS:ffff888125547000(0000) knlGS:0000000000000000 [ 1472.102582][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1472.102595][ C1] CR2: 0000559206d94168 CR3: 000000007e0f0000 CR4: 00000000003526f0 [ 1472.102613][ C1] Call Trace: [ 1472.102622][ C1] [ 1472.102631][ C1] lock_release+0xa1/0x3d0 [ 1472.102657][ C1] ? deref_stack_reg+0x19f/0x230 [ 1472.102690][ C1] ? unwind_next_frame+0xa5/0x23c0 [ 1472.102718][ C1] unwind_next_frame+0x1aaa/0x23c0 [ 1472.102751][ C1] ? unwind_next_frame+0xa5/0x23c0 [ 1472.102780][ C1] ? ret_from_fork+0x51e/0xb90 [ 1472.102808][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1472.102831][ C1] arch_stack_walk+0x11b/0x150 [ 1472.102863][ C1] ? ret_from_fork_asm+0x1a/0x30 [ 1472.102895][ C1] stack_trace_save+0xa9/0x100 [ 1472.102914][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 1472.102937][ C1] ? stack_depot_save_flags+0x33/0x810 [ 1472.102967][ C1] ? __lock_acquire+0x650/0x2cf0 [ 1472.102994][ C1] kasan_save_track+0x3e/0x80 [ 1472.103015][ C1] ? kasan_save_track+0x3e/0x80 [ 1472.103036][ C1] ? kasan_save_free_info+0x46/0x50 [ 1472.103064][ C1] ? __kasan_slab_free+0x5c/0x80 [ 1472.103093][ C1] ? kmem_cache_free+0x187/0x630 [ 1472.103114][ C1] ? rcu_core+0x7cd/0x1070 [ 1472.103138][ C1] ? handle_softirqs+0x22a/0x870 [ 1472.103163][ C1] ? do_softirq+0x76/0xd0 [ 1472.103187][ C1] ? __local_bh_enable_ip+0xf8/0x130 [ 1472.103225][ C1] ? ieee80211_ibss_work+0x307/0x10a0 [ 1472.103248][ C1] ? cfg80211_wiphy_work+0x2ab/0x4a0 [ 1472.103268][ C1] ? process_scheduled_works+0xb6e/0x18c0 [ 1472.103292][ C1] ? worker_thread+0xa53/0xfc0 [ 1472.103317][ C1] ? kthread+0x388/0x470 [ 1472.103334][ C1] ? ret_from_fork+0x51e/0xb90 [ 1472.103381][ C1] kasan_save_free_info+0x46/0x50 [ 1472.103411][ C1] __kasan_slab_free+0x5c/0x80 [ 1472.103434][ C1] kmem_cache_free+0x187/0x630 [ 1472.103456][ C1] ? rcu_core+0x7cd/0x1070 [ 1472.103480][ C1] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 1472.103501][ C1] ? rcu_core+0x751/0x1070 [ 1472.103524][ C1] ? __pfx___d_free+0x10/0x10 [ 1472.103548][ C1] rcu_core+0x7cd/0x1070 [ 1472.103581][ C1] ? __pfx_rcu_core+0x10/0x10 [ 1472.103607][ C1] ? try_to_wake_up+0x7fc/0x1390 [ 1472.103633][ C1] handle_softirqs+0x22a/0x870 [ 1472.103660][ C1] ? do_softirq+0x76/0xd0 [ 1472.103688][ C1] ? ieee80211_ibss_work+0x307/0x10a0 [ 1472.103711][ C1] do_softirq+0x76/0xd0 [ 1472.103735][ C1] [ 1472.103742][ C1] [ 1472.103749][ C1] __local_bh_enable_ip+0xf8/0x130 [ 1472.103775][ C1] ieee80211_ibss_work+0x307/0x10a0 [ 1472.103803][ C1] ? __pfx_ieee80211_ibss_work+0x10/0x10 [ 1472.103828][ C1] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 1472.103848][ C1] ? lockdep_hardirqs_on+0x7a/0x110 [ 1472.103869][ C1] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 1472.103889][ C1] ? skb_dequeue+0x124/0x160 [ 1472.103909][ C1] ? ieee80211_iface_work+0x107b/0x1380 [ 1472.103937][ C1] ? ieee80211_iface_work+0x12db/0x1380 [ 1472.103968][ C1] cfg80211_wiphy_work+0x2ab/0x4a0 [ 1472.103989][ C1] ? process_scheduled_works+0xa8d/0x18c0 [ 1472.104015][ C1] process_scheduled_works+0xb6e/0x18c0 [ 1472.104057][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 1472.104091][ C1] ? assign_work+0x3d5/0x5e0 [ 1472.104118][ C1] worker_thread+0xa53/0xfc0 [ 1472.104158][ C1] kthread+0x388/0x470 [ 1472.104177][ C1] ? __pfx_worker_thread+0x10/0x10 [ 1472.104202][ C1] ? __pfx_kthread+0x10/0x10 [ 1472.104221][ C1] ret_from_fork+0x51e/0xb90 [ 1472.104248][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 1472.104272][ C1] ? __switch_to+0xc7d/0x1450 [ 1472.104296][ C1] ? __pfx_kthread+0x10/0x10 [ 1472.104315][ C1] ret_from_fork_asm+0x1a/0x30 [ 1472.104352][ C1] [ 1472.164870][ C0] IPVS: ovf: UDP 224.0.0.1:0 - no destination available [ 1472.524870][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 1472.524947][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) [ 1472.525021][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 1472.525077][ T30] Call Trace: [ 1472.525109][ T30] [ 1472.525141][ T30] vpanic+0x56c/0xa60 [ 1472.525248][ T30] ? __pfx___schedule+0x10/0x10 [ 1472.525321][ T30] ? __pfx_vpanic+0x10/0x10 [ 1472.525437][ T30] panic+0xc5/0xd0 [ 1472.525523][ T30] ? __pfx_panic+0x10/0x10 [ 1472.525588][ T30] ? preempt_schedule_thunk+0x16/0x30 [ 1472.636953][ T30] ? nmi_trigger_cpumask_backtrace+0x2bb/0x300 [ 1472.643162][ T30] watchdog+0x1023/0x1030 [ 1472.647528][ T30] ? watchdog+0x21a/0x1030 [ 1472.651975][ T30] kthread+0x388/0x470 [ 1472.656073][ T30] ? __pfx_watchdog+0x10/0x10 [ 1472.660773][ T30] ? __pfx_kthread+0x10/0x10 [ 1472.665394][ T30] ret_from_fork+0x51e/0xb90 [ 1472.670026][ T30] ? __pfx_ret_from_fork+0x10/0x10 [ 1472.675176][ T30] ? __switch_to+0xc7d/0x1450 [ 1472.679890][ T30] ? __pfx_kthread+0x10/0x10 [ 1472.684509][ T30] ret_from_fork_asm+0x1a/0x30 [ 1472.689325][ T30] [ 1472.693019][ T30] Kernel Offset: disabled [ 1472.697370][ T30] Rebooting in 86400 seconds..