last executing test programs: 1.261883969s ago: executing program 4 (id=2003): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000), 0x0) 1.150390089s ago: executing program 3 (id=2007): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000008c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = socket$nl_generic(0x11, 0x3, 0x10) syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @random="176f9e5cba39", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x61, 0x0, 0x0, 0x2, 0x0, @multicast2, @dev={0xac, 0x14, 0x14, 0x11}}, @info_reply={0x10, 0x0, 0x0, 0x0, 0x7}}}}}, 0x0) sendmsg(r2, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x2c, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x3e}], 0x2, 0x0, 0x0, 0x11000000}, 0x0) 1.103704429s ago: executing program 4 (id=2008): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x100000, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r2}, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast}) 1.01105332s ago: executing program 3 (id=2012): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="4800000000010104000000000000000002000080240002801400018008000100e000000108000200e00000010c00028005000100000000000800154000000000080008"], 0x48}, 0x1, 0x0, 0x0, 0x40000}, 0x40000) 892.073042ms ago: executing program 3 (id=2014): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x100000, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180000000000000000000000000000008500000050"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r1}, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast}) 891.861645ms ago: executing program 1 (id=2015): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="100000000400000008000000080000000000", @ANYBLOB="0000ffffffffe8fffffffffffffd2e", @ANYRES64=r0], 0x48) 842.591542ms ago: executing program 1 (id=2017): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000080)=0x8, 0x4) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'wg2\x00', 0x0}) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000002c0)='kmem_cache_free\x00', r4}, 0x10) sendto$packet(r0, &(0x7f0000000180)='7', 0x2, 0x0, &(0x7f0000000040)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @random="bf73a9e561c5"}, 0x14) 724.164114ms ago: executing program 0 (id=2018): r0 = socket$packet(0x11, 0x2, 0x300) connect$vsock_stream(0xffffffffffffffff, 0x0, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000200)={0x2, &(0x7f0000000040)=[{0x28, 0x0, 0x0, 0xfff00002}, {0x16, 0x0, 0x0, 0x1}]}, 0x10) syz_emit_ethernet(0x3a, &(0x7f0000000180)=ANY=[], 0x0) 723.613957ms ago: executing program 4 (id=2020): r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x5, 0x4, 0x8, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r0, 0x0, 0x40000000, 0x0, 0x0, @void, @value, @void, @value}, 0x50) 639.383431ms ago: executing program 1 (id=2021): openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) close(r0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r4, r3, 0x26, 0x0, 0x0, @void, @value}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r4}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20) recvmsg$unix(r1, &(0x7f00000004c0)={&(0x7f0000000180), 0x6e, &(0x7f0000000100)=[{&(0x7f00000006c0)=""/179, 0x22fe0}], 0x1}, 0x0) sendmsg$inet(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000280)='>', 0x1}, {&(0x7f0000001780)="416a01c063b8e15c823fcdfe38ac04cf8652a1bd564abca9e9ad5118a16a2e5840d319fc9f613807dda831d1e8f82b66e264c1c4c4c61ed3c0833cad9f5c873cd89d0c7e9e939e46f65cb498894b398f75614f78b5756094f72ae486122727f4349564f6452ccc1ffec8ebd5a832edc7ad2e756a811a1ad210ab595f6d600947ef2937b4aa74c6df6fb0088cd4ee104f978a7f6d889f879af4c24f2ed89c29882184b1c413ed1c898ed13937f319ce1eeed23218f5ad0c102e8045e81d69031538931d8b762859f14e81d8454305316139ae50fdbcaec1e7e7cf249238d5de5938327c7155a7d483adea2f3b1960494bfdf545557fddf092daa00ed7527eba9d02e2521c3b06bf574dfa49b793e26b5c692bb5f16a2583e208f300d1edb11794effd531529e33fdc1d8ee3534662f9f128961ede2f20da3badb4e40c15c75d42a99ea7c20299c6aba0cce75baa1ddb180e034a7315bc3a336e43bd31688c77dd6b4e823c27fddeeea56e5e4f561b8f76e653e5d958c390a5fac125b0b9d40147c92499452f1b796d160785ef59fe56ea7059ea9c011d9c7623f13ad103f4160271a30f7d1b37d64e9b4604f2854ef47ae7051548598ce6e8c51e410412cac49d7cfe97a2051107a28811365608c8b5581775a607983078a73086d84f35b2bd99c7fd66ba1379d84fb8b1ecb2170a12f752ba05bcf17bb6496f40607bf108a5a877bc26bbb4f9279495622cdd4617cd18de0cc1ca28513e5261aa422934674a521348171d142eb28715504732eb77cbd66c885799a537c661843cc9f7963fc75d3ae55186502710245b9065cd55c73669352c0f12c8f39c152884db2e95f5d41d820fc3ae2cf619bd733c41f6de6d5bfe2f0d0bd987e3a6c79cf786ffb98473d04aff50853a91cb6e4d2b930ea8e43be3ab8ae85d0b4eee39f153b4244ce03a2e877dd7882fa06392d2d889c41d3d838b64c11cc5f27bcccd787fcc161aad4229104bfb5a7525ace4b1b1f3e936ff9172ccf26918bd1fe3184de271a3b7110fa5824f2a517b5e0fe8573813ad3e45025424476bef599b13cc1107dfc54e4093337c047f18a90d05451aa9785394c026947aa9d41c68c00a5515db4a4a47492d06abfc9737f382438dd33aef862f65c884016445d3ccd6159a573ae28008c9d00309e8f9ad407abb734cb477e358e08ac552803ad16441b9ebc46968b84c0f65384c88484b19884aea10723c6e1001513e4838012ed4afd921b0740e2fa7f6014bfb832334bdc6c0c4567f4acc62b3759c6668dd7fa615cc78223238a8d50626e482534debf7d2f98e06d9ae5e4228f84931d2f1ed456ad3d2d5900af250951aefd9e6fe43c2d06a723cd7cf2232aa23287cf625541e06cba6a6d661acbe37465b9666379833368df91fd3d2caa10dfc80fe6ceb2b6f17d533d9910a16a2544773f733c5862630eaaf1316f9651342ba7a39924dd9a48ff6cb635bad8a1e595da392124cd92d706292674b315312fca2447b52032f686c297313ac8a2538ecff9082671e594da425cd4b43ecf98a1ac123be0ea4eb29f7c32bb4ad3068ebfe880281783befcb8bd64f4df147aecf192844440d53719c58dbac94539c71d65b5364865f55165c8637ee71f8a7f9a672cd6dd4531cc96c832745011f77e10b2a10af81b8ef2ea7b639270988008d700c6f5c10916516de94e82213e108445316467b59f5811de35f28460e1786e95fac9349fde5c0852768980669c2d788a7a57a6d28cc7b60e5ea7419d239e50a91f91bf2e57fc343e622707f4cd3f71fabdc3b84fdd6f51bcbd2a9a80c6356285326dfab3414f8b702f3fe632fdf2d1412566bcac634edc3ff5174a77c5745e48ab0cc2a95fb2a09f91089b075d8eee86522a22494a6a47e8e785480ac2659c86a3a4023d8ed5678f5617137d42b093a3a1e4d3d283d264ef92e3cded52d01c529129203ab5694a4afd5e1eb2a973b8ef8fc20d441db4547f3e0e5aee684d9cbd79fe055c8cb3322ec72218e295478afc27776d656cd015d4328f774fa7803cfc196ef6230bc89537061a1fe9171404c9dd644bce559dc7f9e297ef8944f501945a5558eb35a2355cdbd80d8bb1c462edf60f78fcc201a7d4ce72dee86b48f3a3b1c42e1d6064c2276b163974c0ae2ba10b7dd9e45336abb16e0b17658fb323948a3256d57eec43a869fa47f381655a6bd6e15b9923258bb886c653a3afe025fbe367fe8c0ec890bc9caf71a7ede04031cd00b6290cd945e408709a98348a38ff561a2a19180d1139663ac2e12b73dfc1cb2ae37579d747da8df10844ece901c7cf59886cf7516cbdeeff9a03a83b71f1e86b52515f830c215126748365cea4d8b9a419c26450badb31c54f95b71a912b7d72f63bce72580c7123f6dd2154e02c9849a34e4fbb92a550754ac212ae1eece4a9871db6cab54de46b0efefd8200f66c61b89c938ca79d779d5134b30c126759909dbee097180dc04acf2d06215eca1adcecbe3e9ea8601742d2e0efd959b644cccc399c535f4d8b0d96c204c9853c78014ee2fab494950fe03c458613f86508e1f7e62d80ca899aee6b296beffb45350b7139e53b77f242073cffd1186aa0539a3a7b53c4c6ef63ee3ca5463e895fd38c3f1e254117b81b106567d7a684e6b31e6a077869c9de63f0bb89168df9122fc5ee24c50557670a64240647be3a273e8bf5fbbbc38151c539776f77f6841d0eab14b2140022ad29ec2dd21244450702dbfd642cbc39a26089d0020b539144df7fb075013601ae2384a1498db4f882017c1c2720a49b25991e52ad922ef0a01604e44c870105a29c032db862a67180c869a5c650e7fbe5abd28bc9825fc98c555eed2a7222c5df2fe92d5464811d86417832499e4472eaff8e827a711cd573154affc7f2318a5557aae6bde609936290c3cf9470c2be772cff79714a87a852ba61dd3d9862ed9651a87a1cfdceddf154be08434b9d00467510ff9838d4bc2c6471a7aad025ec32059d630d5371ef94cdbd608244d10275c32275f52afb4b0f2919f3d8e3cc1233d8bbf44cee70f9cff37b5f015a40bdee3d6e17d3e67dba2d9f2d1804b45c802e0146d1554fc838412db4d4219b59f43b1dc474625c4b43ab112ce505614df5afed236afb85db156c6fb2f52a5c59009faf3bd98e329f8cc7db99d913888d628a152321fad90420d91b686643df832266d910968377178f2b24d22c1a171bc33dbaeb6832d4137b370f5b8abbacda3f36f326b65ea944bda5cff4c681f530f9c3504a5095188ff9ba2cac68a692a78f7ec05699e44fe7000fc449506321286026148e243c8d5cfef1f35810cdc4a070ade110d5703e4c98e8ce317c36e1e40d278947f1df71828b00f930ab33fe2f63773fac6f67c6e8ae57a61ca06b46d9660265ff680c19235053f111001169be45bd2233d5503ce9b62edb74b5443cd232ffe56a5de8fc511e0db7d9986bd98b3be41c4dec2793d9181bdd5cc30962a3020f4b832c5c08e13206c98b346d7f3b1c59a098ac81797efd35224dd7ba3fa3b01af3c332214c6cc6bb53d18594d719ef27b39c92a9f16d212f84302a7a53f2204c52f6f2a8d7bc1e8207123658c650be23b78afd639675584ab6bfd09be1ae7852cba460440391d6cf21ec2be736905682e1a2e7e2b409300fcf10e8efb7985a2b71ee0f0c9ab167c8696a1fb15b2d0e0c08a047a68c46e94450d07292e08a8f90871e654a014bd2da51008b1a8b54cefca60bc262ec4705a04be908ad757884bb22265a55716a5b3f1b75b1212df54092f1ef60b283b1761ab5ce4e9884574497559c40c31f0adb0aecd3c7f0e14d18b810d50286bda88d828f5f746881c5bd41818f4b4f99736de5c93ddf07da6528c531c188574753e05b20bd641829816ef50594e58af2634ef0b0815f31fafd81ed791ba7189ef68a55d86be649e16737f06e94e1d26239ae4ed46851b5c4583d4e00d7595ef42b673fbefc27a796bc009b472276734eabd1c7fdbbea2ce4e24e178ea522a2d38069b2690affa474991a7bb603adb0f6e4e25b782554b862ea0f233c1861762419ec9caa958436cd1e5ac8e760e32bc9f78de8afeb9c2f7d1fc182b74d6d0e9ecef192df2782704b75281f3706a0daf2e601324ca49f9b54f4f74511cc0a9a3c716a1f887bd8d2499e2b6511261bfe1f72b36962d68c1348f4f535a82b1c8f1fb7e3994c590aa9d4ee64920012b4741948b976c33a936297f54cecfdf0f7122837db13f2699915d130778eb499cd917aa7b7d16c20deddd66f3e9128eae51264a8921a7565d59c043dfd7757d6f49379bd04422f70c7bfc52d5b543e5acc75ab7a458b9b9761b458d66778c13d236230363220caf36996e2b315a133e3a3fff23bd10405d56619c0a50d41eab0c66f1f9a4bbd83ee9fd6be53c0de0848ad9f1e1804768b92afb8ba9336522a3ec1493242abe3aee0ee4a977b321243e4d479911242349870877ddde5629d27278170a0658e237efb0ec910a20809c21ee964e432e5c04335944733af10792310c8955ba449d389a82d23ff579a240568dca844f8c70449e5796cadc8958c440d751ddae29244a9c763860ea3eb1aadc27590cb2ee9055fcbd808db1ca06f134846687c7376e689a38ac71b21d3696e255c5142f0c26d9fbac953251af6942d79be041d4fb37eee3d56b6d91ce60e5c5a5da24bf73f839193d95975727edcd379aa55f919601eb97aaf4c2971ab994a59847ac6108152ee2f1b932851a81b36197e9663313c9195650761175292865d81d95565a9e024196a28813df6443f62fa2b0fd8cc56d8eedd586400e7d14739838db574a9826aefd688750698068944ba58131572ea4fe0829d6c601c0cf13249ca55010a17e72e6e9f73622b1dbe0d7fdfd049c68e6df5a7ee072132d25c819496fcbf3840e4690ddeea425a108184e88496afc2e166ffd604e67c6f4b5cc9b11c03eccc85616c3c47bf0b26c312114e9d7876cc5135b9ef672cfdd251b22b2de282e9e6930f625285d4553686e49f8a236bd4066a25342bce02582a50aecf39f8cdcc00e90fd7f8e73ba54daee61100de76faf57df2be34f6715ec26f6ccdda9bc29dc43d52785290707c9100603317eb0f127df1fd83bcfce1f266e2c0f62b2be34ef55ba1f77af10baf04c9ea5d4215530269ec0f94e129edae895a829a2f6fd68a1e47f2705091b14a6860a2745ce5cdfba6ca4d5e496d6b381c393a7ce8aa5a4ef676e015569c6e016d5df7a1f8b8e9ef4cb7abd5be455dd722f92606bb1efdf84e4d0a009550a89a6794fc8b42edd93f6b2bffd557586655847c5476596225b8e1f789d77753d2dbeefc72745b21bc696aeff45c7af55851033085310aa371ab6c9ca47b4e369adc0e4b84d2f3c33e3723ba2ca78f86753bff5a9c5d6c3268549b0aa40abd986bdaeda6a4ac3457c3b05e4582c74b8ee5ef80685ca89691a995d3facdce964dd18dff2172a51433084614bab7060329aba2400a7e958f693dffd4db91b84d10220cf8fb004ab42f4923027439df5e21da2885131644baf4515a41fd8da37e4aaf601d663e0c348568ffea2d016d1f9ccb32e601aafc08c7bbee8d09b87c69dc85ccd0277f53fb8f0d8b7b880c552cb7b3b0a3e3ab798b5e1e83df60d1060e4f73442b526c1021cae7ca5f172be7590961807baede7019085272b1d60bc65ddc5efe6c0db11ece7c87989321e80c74d3b3eed8d03ebc4ea022b681520e62fbee57836ec14e0510eaed4829ca924c69456", 0x1000}], 0x2}, 0x40) 638.99633ms ago: executing program 2 (id=2022): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180100000000000000000000000000001812", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1800"/16], 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x9}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r2}, &(0x7f0000000540), &(0x7f0000000580)=r3}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r2, &(0x7f0000000780)}, 0x20) 612.803245ms ago: executing program 0 (id=2023): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1a, 0x3, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x90}}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2008, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) 544.12369ms ago: executing program 4 (id=2024): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1, 0xe, 0xffff, 0x9, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000002c0)={r0, &(0x7f0000000140), 0x0}, 0x20) 543.709541ms ago: executing program 3 (id=2025): bpf$MAP_CREATE(0x0, 0x0, 0x48) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @multicast2}, 0xffffffffffffff57) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, 0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000005000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r0, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20) syz_emit_ethernet(0x42, &(0x7f0000000080)={@broadcast, @dev, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "2e5cea", 0xc, 0x3c, 0x0, @private0, @mcast2, {[], {0x0, 0x0, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}}, 0x0) 543.469849ms ago: executing program 2 (id=2026): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000380)={'wg1\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000040)={@local, 0x65, r2}) ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f00000003c0)={@dev={0xfe, 0x80, '\x00', 0x15}, 0x74, r2}) 487.899525ms ago: executing program 0 (id=2027): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='mm_lru_activate\x00', r2}, 0x10) write$cgroup_int(r1, &(0x7f0000000200), 0x43451) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='mm_lru_activate\x00', r4}, 0x10) write$cgroup_int(r3, &(0x7f0000000200), 0x43451) 448.780053ms ago: executing program 4 (id=2028): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1}) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r1, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r2}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r3}, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast}) 395.997333ms ago: executing program 2 (id=2029): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000003d00)=@base={0x1, 0x3, 0x261, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000d80)={{r0, 0xffffffffffffffff}, &(0x7f0000000d00), &(0x7f0000000d40)='%+9llu \x00'}, 0x20) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000140)={r1, &(0x7f0000000300), 0x0}, 0x20) 395.560205ms ago: executing program 1 (id=2030): r0 = socket$inet6_udp(0xa, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10) connect$unix(0xffffffffffffffff, 0x0, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c) r1 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r1, &(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, r0, {0x2, 0x0, @private}, 0x4}}, 0x26) syz_emit_ethernet(0x4c, &(0x7f0000000340)={@broadcast, @local, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x16, 0x11, 0x0, @remote, @local, {[], {0x0, 0xe22, 0x16, 0x0, @gue={{0xb, 0x0, 0x0, 0x2}, "0a790cc55a8e"}}}}}}}, 0x0) 395.16531ms ago: executing program 3 (id=2031): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x1, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000a40)=ANY=[@ANYBLOB="2400000068000903ff9f0000000000000a00000000000000040004000800010001"], 0x24}}, 0x4) 321.707384ms ago: executing program 2 (id=2032): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = socket$inet6(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000086"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r2}, 0x10) sendto$inet6(r0, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0) 316.65052ms ago: executing program 0 (id=2033): r0 = socket$inet6(0xa, 0x80002, 0x0) sendmmsg$inet6(r0, &(0x7f0000000740)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0x0, @empty}, 0x1c, 0x0}}, {{&(0x7f0000000340)={0xa, 0x4e23, 0x8, @private1={0xfc, 0x1, '\x00', 0x4}, 0x3}, 0x1c, 0x0, 0x0, &(0x7f0000000040)=[@pktinfo={{0x24, 0x29, 0x32, {@loopback}}}], 0x28}}], 0x2, 0x4040884) 232.078981ms ago: executing program 3 (id=2034): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r1}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00'}, 0x10) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast}) close(r2) 231.699007ms ago: executing program 1 (id=2035): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000010000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000038500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000003c0)='fdb_delete\x00', r1}, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r2, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"}) 185.538972ms ago: executing program 2 (id=2036): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000080000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000086"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) bpf$MAP_CREATE(0x200000000000000, &(0x7f0000000340)=ANY=[@ANYBLOB="1900000004000000040000000200010000000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000ffffffff00000000000000000000000000000200c4"], 0x48) 169.197433ms ago: executing program 0 (id=2037): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$inet6(0xa, 0x80002, 0x88) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, 0x0, 0x0) syz_emit_ethernet(0x83, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030086dd601b8b97004d88c19edace00000000000000002100000002ff02000000000000000000000000000104004e20004d13"], 0x0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000200)={0xa0000004}) 102.212215ms ago: executing program 1 (id=2038): bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1}, 0xc) 52.161209ms ago: executing program 4 (id=2039): bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000071123300000000009500000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) 31.991706ms ago: executing program 0 (id=2040): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000002c7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001f80)=ANY=[@ANYBLOB="b702000026f90000bfa300000000000007030000007effff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe00000000850000002b000000b7000000000000009500000000000000496cf27fb6d2c643db7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27106e225b7937f02008b5e5a076d83923dd29c034055b67dafe6c8dc525d78c07f17e4d5b3185b310efcfa89147a09000000f110026e6d2ef831ab7ea0c34f17e3ad6eecbb622003b534dfd8e012e79578e51bc53099e90f4580d760551b5b0a341a2d7cbdb9cd38bdb2ca8e050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c214733a18c8b6619f28d9961b6fbce3f897226c57c2691208173656d60a17e3c184b751c51160fbcbbdb5b1e7be6148ba532e60a0ac346dfebd31a0806000000020000000000000048f941b13d924bcf334d83239dd27080e71113610e10d858e8327ef01fb6c86acac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08ab1e1ad828267d4eadd3964663e88535c063f7130856f756436303767d2e24f29e5dad9796edb697a6ea1182babc190ae2ebf8aad34732181feb215139f15ea7e8cb0bae7c34d5ac5e7c805210600000000000000c3dec04b25dfc17975238345d4f71ab158c36657b7218baa0700f781c0a99bd50499ccc421ace5e845885efb5b9964e4beba3da8223fe5308e4e65ee93e107000000f8ddebf70132a4d0175b989b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b1282dc51bb0015982730711c599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c570d338f0721fc7aa2a5836ba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca39059787790017b0689a411f450f173db9c24db65c1e00015c1d093dab18fd0699fe3304000000323e9c7080397bc49d70c060d57bc88fbe3bbaa058b040362ab926150363fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623279f73db9dec75070cd9ab0fda6b069ef6d2857ca3e4effcf7462710d133d541da86e0477e4a6cc999dc21c3ef408e6b178e7c9f274d7fafc8d757d33dfa35aa2000034837d365e63845f3c1092f8dde8af3904ea0f4b82649b83ed4fa0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000000000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edeeeba72205beff7771bcb293747b88486cacee403000000a2919a4bff2ed893f2c814679fa69fc7e0cf761f918725704a01c56009a9f748e5aaf30a10bd8c409b1870c1f75ee905000000d3f8e0048e55ae289ce2ad779ce71d4dc30cbb2cc4289d2f884d66cddc76eb7f601110ff39053c262279f4ef00fbdb8c328615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2e152cb2cf06f8edb30177fead735a952ffce676a93110904d5ee2abdab2ef3ff84c4d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007981699b6c0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d2503a3ea376721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e6712824a85eb9ee0a3b68c9e209756623adf685dd715d68ed11e4b4d5502f5124948f8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476fb20407ff7098b7174bef660200a99b5c0c20b378065fac4ef9ac2d00000060e5d3f1749feaecf69ba83a71caa9bdddc679f1b826f54b6563a4be1fd82b73c8c2bc65f63982b951fb058fd3c7b6341c4580376b6c16bd94d2da66059de81abfa15eeeb88b6ae5882ad341032c73f1285e21fff5a1d138e061b1dc7bbda199b5fab8e0719e9cd69b47dcb52b0be6a3a73afdf328132e1d4f21065716be0c53a23940d07188b015fa341dbc92231c8b5e5717eac184f46c9f61b69f55cd2231bcf821052429a1f250e8b734be0605a15f25923d599544b319319ff0a32621019347df460a098119a6f47eb1bac47946d7a009cbc6ec74c19a93cc7c7138b28c95270116181fd5f553573c48104d2ad0e10d3663488e664401453f22f0d76d2162635365258af61ae1f46f4a7862f302d91e3f7c2781f602220522e84602a939a8d5e4137ae31ccd397404dc72e06715a6503d4d865182803ee6725da7293b23daeebefd6fce7411c9624a7e8d5ba5a13e1c32adc4f3274497c6882a72475e4280a4d9a47c003c6ed3071330c58145be498ca2b42496c479a0a71e2f6f9bad8c84bc6be20281bde0b348cd2c60538a505ad4a0510eebb023e4954c9eb6cd70627f5c03d867dbf3ad5d1f1dc852064dd0efafc3df20ed65af3d194db76127f88f284fa1b71ab964fdd2474471da76373e65e9a8bf844bdfdd348bc7d00c4c7e7afe8a1f8cde79b7a6c5aafe954b8ba37818e40c14b37c23f9f614576b689436fef2f27f8b1e756e00262e22bca49c43fd73e7e99b2fa44a8c1db99c2cf2735ad6c5fabf082e0df0f8ba7e24272165f2f5b28230c02b53d44bd84bf6770157e96bbb96b5e1f165c87e7ad68a3600b3d357fa9a7d53c281d88ebb175a4dbb82130e6870982947913110f091d21760d985afd3163f2e6880682432f9b3b97d57a9f980edfa1116a3d04d58872a07d6a7e12db673acd2f7b8988d833e71943fe2c1c65a3cf36b955c56b55bfd3ecf0af694c71a03f2996c15b1ba971de1cb9c7e6a0000000000000014783ef54c51199317413f98dca8ff3d0bda50f6c0af58dbd6c031b1a5a7512c5896514adfa17d31429c68db50a93d88199defd3b4625fea426ff9293a28a544a6a9e2a79b55daa1b3c6b14c4ec6d164e902ce4913843d65d841973468729ea12bf6d3499036dbb66718f3497855c3baa6cc07c0fa388ec9df0617c1a28ef5a595ee267a76175b8a057e6efaf4fefe46def451f2858fe71a53e77b1a44e98843bb3a40102da3703dfb9f61bdcea2fb810b32d52e2157a150a63ea6135d1cf6f864c2e68884d7245bc5d61dc5a114d10ffb22e76678bbfc1e3865d17d128306d1b81884a934cb00000000000000000098a4526e6468987dbc63bff7590eb388afaba43d811996333eef7e9f472bee293f0c40d434b8be07cbd52325296e22802493edb5c590ad208bac683a8b2d4c9d2d57ff846ae8c422e0b28546671f11d8157bb762c91f3fbcca8e21589c92446ae65d408c0637ffcc2d44d715ce003dd1e12b085e186d069a55c2e96efbe5024d61a56a36d988c0f51a973a6c238e545b28211a92000000001501aed8d72af0fcd540a9d4e293690c5e697b3a1480e46df5371bca1cfb28a57c1b3c956ec81397e81fbf870a67385fea04220423f52ad8178b9fd04bdc7e5fee4bd52db996e633792118efdb6b88023e80da74fdf723c7f0b2e9f3bb90613508c00a292a0c5b87a4f8ff35eba73ce9ebf77d0c842063a7b42c757d828678d38e6a868eaead4f19cdeb7cfc100ceabb4a3999cce5d36ecfe80def20f7187bab75515226f4d9b30e0567612210d492468781999ce795522b726bdf37b15e9afde32a7052cc909efe6ae7804e5044f9f7ae2d8cb08cca312c557bff04cf1fbb0dcfe8ac00"/2832], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff4f, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r2, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000040)="76389e147583ddd0569ba56a5cfd", 0x0, 0x14000, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 0s ago: executing program 2 (id=2041): ioctl$int_in(0xffffffffffffffff, 0x5421, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x6, @loopback}, 0x1c) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_opts(r0, 0x29, 0x4d, &(0x7f0000000140)=ANY=[@ANYRESDEC], 0x8) setsockopt$inet6_int(r0, 0x29, 0x4a, &(0x7f0000000040)=0x7, 0x4) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) sendto$inet6(r1, &(0x7f0000000300), 0x5aa, 0x0, 0x0, 0xfffffffffffffdfd) recvmsg(r0, &(0x7f0000002640)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=""/42, 0x2a}, 0x0) kernel console output (not intermixed with test programs): man_adv: batadv0: Removing interface: batadv_slave_0 [ 133.090357][ T8474] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 133.102387][ T8474] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 133.163672][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.270295][ T8475] netlink: 16 bytes leftover after parsing attributes in process `syz.3.711'. [ 133.563165][ T8487] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 133.614256][ T8488] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check. [ 133.639450][ T8490] FAULT_INJECTION: forcing a failure. [ 133.639450][ T8490] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 133.657411][ T8490] CPU: 1 UID: 0 PID: 8490 Comm: syz.1.715 Not tainted 6.13.0-rc2-syzkaller-00411-g92c932b9946c #0 [ 133.668167][ T8490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 133.678259][ T8490] Call Trace: [ 133.681684][ T8490] [ 133.684758][ T8490] dump_stack_lvl+0x241/0x360 [ 133.689494][ T8490] ? __pfx_dump_stack_lvl+0x10/0x10 [ 133.694820][ T8490] ? __pfx__printk+0x10/0x10 [ 133.699452][ T8490] ? snprintf+0xda/0x120 [ 133.703723][ T8490] should_fail_ex+0x3b0/0x4e0 [ 133.708433][ T8490] _copy_to_user+0x31/0xb0 [ 133.712883][ T8490] simple_read_from_buffer+0xca/0x150 [ 133.718297][ T8490] proc_fail_nth_read+0x1e9/0x250 [ 133.723386][ T8490] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 133.728971][ T8490] ? rw_verify_area+0x55e/0x6f0 [ 133.733854][ T8490] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 133.739438][ T8490] vfs_read+0x1fc/0xb70 [ 133.743621][ T8490] ? __pfx___mutex_lock+0x10/0x10 [ 133.748673][ T8490] ? __pfx_vfs_read+0x10/0x10 [ 133.753377][ T8490] ? __fget_files+0x2a/0x410 [ 133.757990][ T8490] ? __fget_files+0x395/0x410 [ 133.762700][ T8490] ? __fget_files+0x2a/0x410 [ 133.767340][ T8490] ksys_read+0x18f/0x2b0 [ 133.771616][ T8490] ? __pfx_ksys_read+0x10/0x10 [ 133.776406][ T8490] ? do_syscall_64+0x100/0x230 [ 133.781201][ T8490] ? do_syscall_64+0xb6/0x230 [ 133.785931][ T8490] do_syscall_64+0xf3/0x230 [ 133.790469][ T8490] ? clear_bhb_loop+0x35/0x90 [ 133.795187][ T8490] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 133.801114][ T8490] RIP: 0033:0x7f70cdd8472c [ 133.805563][ T8490] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 133.825206][ T8490] RSP: 002b:00007f70ceb25030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 133.833661][ T8490] RAX: ffffffffffffffda RBX: 00007f70cdf75fa0 RCX: 00007f70cdd8472c [ 133.841711][ T8490] RDX: 000000000000000f RSI: 00007f70ceb250a0 RDI: 0000000000000003 [ 133.849712][ T8490] RBP: 00007f70ceb25090 R08: 0000000000000000 R09: 0000000000000000 [ 133.857724][ T8490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 133.865737][ T8490] R13: 0000000000000000 R14: 00007f70cdf75fa0 R15: 00007ffd81e3a408 [ 133.870324][ T8488] ip6_tunnel: non-ECT from 0000:0000:0000:0000:0000:ffff:ffff:fffd with DS=0xb [ 133.873735][ T8490] [ 133.989836][ T8487] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.042330][ T8508] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 134.093049][ T8487] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.200241][ T8487] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.370974][ T8487] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.409606][ T8487] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.434566][ T8487] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.455962][ T8487] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.500692][ T8520] netlink: 16 bytes leftover after parsing attributes in process `syz.3.725'. [ 134.540440][ T8520] netlink: 24 bytes leftover after parsing attributes in process `syz.3.725'. [ 134.716370][ T8528] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 134.785682][ T8530] tipc: Enabled bearer , priority 0 [ 134.882861][ T8530] syzkaller0: entered promiscuous mode [ 134.888415][ T8530] syzkaller0: entered allmulticast mode [ 134.894903][ T8530] tipc: Resetting bearer [ 134.972676][ T8529] tipc: Resetting bearer [ 135.153507][ T8555] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 135.516222][ T8568] netlink: 8 bytes leftover after parsing attributes in process `syz.2.738'. [ 135.528647][ T8568] netlink: 4 bytes leftover after parsing attributes in process `syz.2.738'. [ 135.812756][ T975] tipc: Node number set to 1 [ 137.096154][ T8529] tipc: Disabling bearer [ 137.170747][ T8570] netlink: 1264 bytes leftover after parsing attributes in process `syz.4.739'. [ 137.304280][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 137.331277][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 137.338680][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 137.353953][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 137.361795][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 137.361859][ T8582] netlink: 'syz.4.744': attribute type 5 has an invalid length. [ 137.369439][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 137.423289][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 137.434825][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 137.440845][ T8582] netlink: 'syz.4.744': attribute type 1 has an invalid length. [ 137.455157][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 137.468995][ T8582] netlink: 224 bytes leftover after parsing attributes in process `syz.4.744'. [ 137.473332][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 137.502917][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 137.519101][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 137.538365][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 137.549315][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 137.558613][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 137.566801][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 137.579141][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 137.587631][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 137.600628][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 137.608316][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 137.621547][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 137.629526][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 137.637335][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 137.653271][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 137.662866][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 137.670932][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 137.685593][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 137.695760][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 137.703941][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 137.719731][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 137.790787][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 137.798261][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 137.848954][ T8602] netlink: 16 bytes leftover after parsing attributes in process `syz.4.750'. [ 137.869062][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 137.882635][ T8605] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 137.890081][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 137.904871][ T8606] netlink: 8 bytes leftover after parsing attributes in process `syz.1.751'. [ 137.926993][ T8606] netlink: 28 bytes leftover after parsing attributes in process `syz.1.751'. [ 137.941767][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 137.964234][ T8606] netlink: 28 bytes leftover after parsing attributes in process `syz.1.751'. [ 137.973559][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 137.991945][ T8606] netlink: 'syz.1.751': attribute type 4 has an invalid length. [ 138.004783][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 138.020901][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 138.028307][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 138.069217][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 138.092106][ T8574] IPVS: set_ctl: invalid protocol: 22 255.255.255.255:20000 [ 138.124826][ T8615] netlink: 1264 bytes leftover after parsing attributes in process `syz.2.754'. [ 138.211907][ T8617] tipc: Started in network mode [ 138.227820][ T8617] tipc: Node identity 4, cluster identity 4711 [ 138.229411][ T54] Bluetooth: hci4: link tx timeout [ 138.240893][ T54] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 138.253049][ T5847] Bluetooth: hci4: link tx timeout [ 138.258232][ T5847] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 138.264159][ T8617] tipc: Node number set to 4 [ 138.269224][ T5847] Bluetooth: hci4: link tx timeout [ 138.276529][ T5847] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 138.452194][ T8617] netlink: 12 bytes leftover after parsing attributes in process `syz.1.757'. [ 138.486658][ T8630] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 138.570675][ T8632] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 138.704185][ T8636] netlink: 'syz.3.761': attribute type 13 has an invalid length. [ 138.732545][ T8636] netlink: 'syz.3.761': attribute type 58 has an invalid length. [ 138.953356][ T8646] ipt_REJECT: TCP_RESET invalid for non-tcp [ 138.963423][ T8646] netlink: 'syz.3.764': attribute type 2 has an invalid length. [ 139.140931][ T8652] bond0: entered promiscuous mode [ 139.146042][ T8652] bond_slave_0: entered promiscuous mode [ 139.174598][ T8652] bond_slave_1: entered promiscuous mode [ 139.194603][ T8652] netdevsim netdevsim1 netdevsim0: entered promiscuous mode [ 139.244486][ T8652] bond0: entered allmulticast mode [ 139.259601][ T8652] bond_slave_0: entered allmulticast mode [ 139.286667][ T8652] bond_slave_1: entered allmulticast mode [ 139.316871][ T8652] netdevsim netdevsim1 netdevsim0: entered allmulticast mode [ 139.920347][ T8690] netlink: 'syz.2.777': attribute type 1 has an invalid length. [ 140.012009][ T8690] 8021q: adding VLAN 0 to HW filter on device bond2 [ 140.103255][ T8693] bond2: (slave bridge0): Enslaving as an active interface with a down link [ 140.173821][ T8699] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 140.279205][ T5847] Bluetooth: hci4: command 0x0405 tx timeout [ 140.358675][ T8703] netlink: 'syz.3.782': attribute type 1 has an invalid length. [ 140.376065][ T8708] sctp: [Deprecated]: syz.1.783 (pid 8708) Use of int in maxseg socket option. [ 140.376065][ T8708] Use struct sctp_assoc_value instead [ 140.453114][ T8711] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link [ 140.544432][ T8713] __nla_validate_parse: 4 callbacks suppressed [ 140.544453][ T8713] netlink: 4 bytes leftover after parsing attributes in process `syz.2.785'. [ 140.711200][ T8713] netlink: 4 bytes leftover after parsing attributes in process `syz.2.785'. [ 141.318171][ T8746] netlink: 12 bytes leftover after parsing attributes in process `syz.1.795'. [ 141.340005][ T8748] netlink: 1264 bytes leftover after parsing attributes in process `syz.2.796'. [ 141.523568][ T8756] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 141.563376][ T8759] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 141.957891][ T8782] syzkaller1: entered promiscuous mode [ 141.967503][ T8782] syzkaller1: entered allmulticast mode [ 141.976377][ T8782] netlink: 8 bytes leftover after parsing attributes in process `syz.4.805'. [ 141.992463][ T8782] netlink: 40 bytes leftover after parsing attributes in process `syz.4.805'. [ 142.853795][ T8787] netlink: 1264 bytes leftover after parsing attributes in process `syz.3.807'. [ 142.910324][ T8788] netlink: 64 bytes leftover after parsing attributes in process `syz.2.806'. [ 142.932712][ T8788] netlink: 64 bytes leftover after parsing attributes in process `syz.2.806'. [ 143.433817][ T8802] netlink: 8 bytes leftover after parsing attributes in process `syz.4.810'. [ 143.746411][ T8829] bond0: left promiscuous mode [ 143.752868][ T8829] bond_slave_0: left promiscuous mode [ 143.767615][ T8829] bond_slave_1: left promiscuous mode [ 143.778053][ T8829] netdevsim netdevsim1 netdevsim0: left promiscuous mode [ 143.786874][ T8829] bond0: left allmulticast mode [ 143.796021][ T8829] bond_slave_0: left allmulticast mode [ 143.804355][ T8829] bond_slave_1: left allmulticast mode [ 143.814149][ T8829] netdevsim netdevsim1 netdevsim0: left allmulticast mode [ 143.829254][ T8829] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 144.594688][ T8845] netlink: 'syz.3.822': attribute type 1 has an invalid length. [ 145.137705][ T8867] netlink: 'syz.0.830': attribute type 4 has an invalid length. [ 145.636393][ T8905] __nla_validate_parse: 2 callbacks suppressed [ 145.636414][ T8905] netlink: 8 bytes leftover after parsing attributes in process `syz.2.841'. [ 145.750555][ T8914] x_tables: duplicate underflow at hook 2 [ 145.792238][ T8914] x_tables: duplicate underflow at hook 3 [ 145.798211][ T8914] x_tables: duplicate underflow at hook 3 [ 145.808318][ T8914] x_tables: duplicate underflow at hook 3 [ 145.820788][ T8914] x_tables: duplicate underflow at hook 3 [ 145.868780][ T8914] x_tables: duplicate underflow at hook 3 [ 145.882115][ T8914] x_tables: duplicate underflow at hook 3 [ 145.888010][ T8914] x_tables: duplicate underflow at hook 3 [ 145.904026][ T8920] PF_CAN: dropped non conform CAN FD skbuff: dev type 65534, len 40 [ 145.915362][ T8914] x_tables: duplicate underflow at hook 3 [ 145.925495][ T8914] x_tables: duplicate underflow at hook 3 [ 146.272138][ T8950] netlink: 132 bytes leftover after parsing attributes in process `syz.1.859'. [ 146.473007][ T8964] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 146.510685][ T8968] netlink: 12 bytes leftover after parsing attributes in process `syz.4.866'. [ 146.636014][ T8975] netlink: 36 bytes leftover after parsing attributes in process `syz.0.868'. [ 146.638538][ T8977] netlink: 52 bytes leftover after parsing attributes in process `syz.2.869'. [ 146.886435][ T8984] netlink: 1264 bytes leftover after parsing attributes in process `syz.4.873'. [ 147.590801][ T9014] netlink: 1264 bytes leftover after parsing attributes in process `syz.0.885'. [ 147.791923][ T9024] netlink: 'syz.1.889': attribute type 3 has an invalid length. [ 147.860273][ T9029] netlink: 8 bytes leftover after parsing attributes in process `syz.0.891'. [ 147.894194][ T9029] netlink: 4 bytes leftover after parsing attributes in process `syz.0.891'. [ 148.132365][ T9034] netlink: 'syz.2.893': attribute type 1 has an invalid length. [ 148.145590][ T9034] netlink: 24 bytes leftover after parsing attributes in process `syz.2.893'. [ 148.296347][ T9044] bond1: entered promiscuous mode [ 148.303205][ T9044] bond1: entered allmulticast mode [ 148.312615][ T9044] 8021q: adding VLAN 0 to HW filter on device bond1 [ 148.485040][ T9058] netlink: 'syz.2.901': attribute type 1 has an invalid length. [ 148.790012][ T9072] raw_sendmsg: syz.0.907 forgot to set AF_INET. Fix it! [ 148.953619][ T9094] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 149.491782][ T9125] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 150.441290][ T9166] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 150.535616][ T9172] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 150.648205][ T9177] __nla_validate_parse: 9 callbacks suppressed [ 150.648224][ T9177] netlink: 12 bytes leftover after parsing attributes in process `syz.0.945'. [ 150.704000][ T9177] netlink: 8 bytes leftover after parsing attributes in process `syz.0.945'. [ 150.715403][ T9177] netlink: 4 bytes leftover after parsing attributes in process `syz.0.945'. [ 150.759658][ T9184] netlink: 8 bytes leftover after parsing attributes in process `syz.0.945'. [ 150.850313][ T9183] netlink: 8 bytes leftover after parsing attributes in process `syz.3.947'. [ 150.859509][ T9183] netlink: 4 bytes leftover after parsing attributes in process `syz.3.947'. [ 150.868445][ T9183] netlink: 'syz.3.947': attribute type 1 has an invalid length. [ 150.876321][ T9183] netlink: 16 bytes leftover after parsing attributes in process `syz.3.947'. [ 150.923981][ T54] block nbd0: Receive control failed (result -107) [ 150.954750][ T9193] netlink: 24 bytes leftover after parsing attributes in process `syz.0.951'. [ 151.075010][ T9198] netlink: 'syz.1.952': attribute type 10 has an invalid length. [ 151.135311][ T9198] batman_adv: batadv0: Adding interface: team0 [ 151.149182][ T9198] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 151.158812][ T9204] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 151.178572][ T9198] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 151.291612][ T9209] netlink: 1264 bytes leftover after parsing attributes in process `syz.1.957'. [ 151.723133][ T9232] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 151.831012][ T9237] netlink: 1264 bytes leftover after parsing attributes in process `syz.4.970'. [ 152.166363][ T9259] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 153.013537][ T9299] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 153.151961][ T9308] Bluetooth: MGMT ver 1.23 [ 153.169509][ T9308] xt_HMARK: proto mask must be zero with L3 mode [ 153.344253][ T9314] netlink: 'syz.1.995': attribute type 1 has an invalid length. [ 153.404604][ T9322] bond5: (slave vti0): The slave device specified does not support setting the MAC address [ 153.434965][ T9322] bond5: (slave vti0): Setting fail_over_mac to active for active-backup mode [ 153.451149][ T9322] bond5: (slave vti0): making interface the new active one [ 153.466705][ T9322] bond5: (slave vti0): Enslaving as an active interface with an up link [ 153.678074][ T9336] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 153.852218][ T9341] xt_connbytes: Forcing CT accounting to be enabled [ 153.867726][ T9341] Cannot find add_set index 1 as target [ 154.528585][ T9388] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 155.275168][ T9422] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 155.353835][ T5921] IPVS: starting estimator thread 0... [ 155.465216][ T9426] IPVS: using max 25 ests per chain, 60000 per kthread [ 155.531671][ T9441] FAULT_INJECTION: forcing a failure. [ 155.531671][ T9441] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 155.578926][ T9441] CPU: 0 UID: 0 PID: 9441 Comm: syz.1.1034 Not tainted 6.13.0-rc2-syzkaller-00411-g92c932b9946c #0 [ 155.589670][ T9441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 155.599766][ T9441] Call Trace: [ 155.603071][ T9441] [ 155.606031][ T9441] dump_stack_lvl+0x241/0x360 [ 155.610760][ T9441] ? __pfx_dump_stack_lvl+0x10/0x10 [ 155.616024][ T9441] ? __pfx__printk+0x10/0x10 [ 155.620661][ T9441] ? __pfx_lock_release+0x10/0x10 [ 155.625753][ T9441] should_fail_ex+0x3b0/0x4e0 [ 155.630478][ T9441] _copy_from_user+0x2f/0xc0 [ 155.635111][ T9441] copy_msghdr_from_user+0xae/0x680 [ 155.640357][ T9441] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 155.646220][ T9441] ? __fget_files+0x2a/0x410 [ 155.650952][ T9441] ? __fget_files+0x2a/0x410 [ 155.655593][ T9441] __sys_sendmsg+0x209/0x350 [ 155.660223][ T9441] ? __pfx_lock_release+0x10/0x10 [ 155.665272][ T9441] ? __pfx___sys_sendmsg+0x10/0x10 [ 155.670398][ T9441] ? __pfx_vfs_write+0x10/0x10 [ 155.675181][ T9441] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 155.681510][ T9441] ? do_syscall_64+0x100/0x230 [ 155.686358][ T9441] ? do_syscall_64+0xb6/0x230 [ 155.691032][ T9441] do_syscall_64+0xf3/0x230 [ 155.695627][ T9441] ? clear_bhb_loop+0x35/0x90 [ 155.700306][ T9441] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 155.706375][ T9441] RIP: 0033:0x7f70cdd85d19 [ 155.710800][ T9441] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 155.730416][ T9441] RSP: 002b:00007f70ceb25038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 155.738840][ T9441] RAX: ffffffffffffffda RBX: 00007f70cdf75fa0 RCX: 00007f70cdd85d19 [ 155.746823][ T9441] RDX: 0000000000000000 RSI: 0000000020000880 RDI: 0000000000000003 [ 155.754795][ T9441] RBP: 00007f70ceb25090 R08: 0000000000000000 R09: 0000000000000000 [ 155.762772][ T9441] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 155.770835][ T9441] R13: 0000000000000000 R14: 00007f70cdf75fa0 R15: 00007ffd81e3a408 [ 155.778817][ T9441] [ 156.147602][ T9464] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 156.774701][ T9492] FAULT_INJECTION: forcing a failure. [ 156.774701][ T9492] name failslab, interval 1, probability 0, space 0, times 0 [ 156.799076][ T9492] CPU: 1 UID: 0 PID: 9492 Comm: syz.4.1051 Not tainted 6.13.0-rc2-syzkaller-00411-g92c932b9946c #0 [ 156.809819][ T9492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 156.819893][ T9492] Call Trace: [ 156.823186][ T9492] [ 156.826128][ T9492] dump_stack_lvl+0x241/0x360 [ 156.830835][ T9492] ? __pfx_dump_stack_lvl+0x10/0x10 [ 156.836053][ T9492] ? __pfx__printk+0x10/0x10 [ 156.840673][ T9492] ? kmem_cache_alloc_node_noprof+0x4f/0x380 [ 156.846680][ T9492] ? __pfx___might_resched+0x10/0x10 [ 156.851984][ T9492] should_fail_ex+0x3b0/0x4e0 [ 156.856696][ T9492] should_failslab+0xac/0x100 [ 156.861396][ T9492] kmem_cache_alloc_node_noprof+0x77/0x380 [ 156.867226][ T9492] ? __alloc_skb+0x1c3/0x440 [ 156.872017][ T9492] __alloc_skb+0x1c3/0x440 [ 156.876453][ T9492] ? __pfx___alloc_skb+0x10/0x10 [ 156.881403][ T9492] ? netlink_autobind+0xd6/0x2f0 [ 156.886354][ T9492] ? netlink_autobind+0x2b0/0x2f0 [ 156.891394][ T9492] netlink_sendmsg+0x638/0xcb0 [ 156.896182][ T9492] ? __pfx_netlink_sendmsg+0x10/0x10 [ 156.901496][ T9492] ? aa_sock_msg_perm+0x91/0x160 [ 156.906460][ T9492] ? __pfx_netlink_sendmsg+0x10/0x10 [ 156.912022][ T9492] __sock_sendmsg+0x221/0x270 [ 156.916724][ T9492] ____sys_sendmsg+0x52a/0x7e0 [ 156.921513][ T9492] ? __pfx_____sys_sendmsg+0x10/0x10 [ 156.926812][ T9492] ? __fget_files+0x2a/0x410 [ 156.931421][ T9492] ? __fget_files+0x2a/0x410 [ 156.936123][ T9492] __sys_sendmsg+0x269/0x350 [ 156.940734][ T9492] ? __pfx_lock_release+0x10/0x10 [ 156.945781][ T9492] ? __pfx___sys_sendmsg+0x10/0x10 [ 156.950918][ T9492] ? __pfx_vfs_write+0x10/0x10 [ 156.955720][ T9492] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 156.962063][ T9492] ? do_syscall_64+0x100/0x230 [ 156.966844][ T9492] ? do_syscall_64+0xb6/0x230 [ 156.971533][ T9492] do_syscall_64+0xf3/0x230 [ 156.976047][ T9492] ? clear_bhb_loop+0x35/0x90 [ 156.980741][ T9492] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 156.986689][ T9492] RIP: 0033:0x7fdba9f85d19 [ 156.991168][ T9492] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 157.010823][ T9492] RSP: 002b:00007fdbaad5f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 157.019351][ T9492] RAX: ffffffffffffffda RBX: 00007fdbaa175fa0 RCX: 00007fdba9f85d19 [ 157.027336][ T9492] RDX: 0000000000000000 RSI: 0000000020000880 RDI: 0000000000000003 [ 157.035318][ T9492] RBP: 00007fdbaad5f090 R08: 0000000000000000 R09: 0000000000000000 [ 157.043316][ T9492] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 157.051307][ T9492] R13: 0000000000000000 R14: 00007fdbaa175fa0 R15: 00007ffef1264048 [ 157.059310][ T9492] [ 157.252840][ T9498] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 157.411472][ T9505] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 157.565223][ T9515] netlink: 'syz.4.1061': attribute type 21 has an invalid length. [ 157.674269][ T9522] netlink: 'syz.1.1063': attribute type 58 has an invalid length. [ 157.702370][ T9522] __nla_validate_parse: 8 callbacks suppressed [ 157.702391][ T9522] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1063'. [ 157.980036][ T9535] netlink: 'syz.4.1067': attribute type 1 has an invalid length. [ 158.230919][ T9544] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 158.593038][ T9556] ip6gretap0: entered promiscuous mode [ 158.603837][ T9556] batadv_slave_0: entered promiscuous mode [ 159.070640][ T9577] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0 [ 159.350798][ T9586] netlink: 1264 bytes leftover after parsing attributes in process `syz.2.1084'. [ 159.975483][ T9602] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 160.009381][ T9601] (unnamed net_device) (uninitialized): ARP target 9.0.0.0 is already present [ 160.028200][ T9601] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (9) [ 160.253891][ T9610] FAULT_INJECTION: forcing a failure. [ 160.253891][ T9610] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 160.297659][ T9610] CPU: 0 UID: 0 PID: 9610 Comm: syz.3.1090 Not tainted 6.13.0-rc2-syzkaller-00411-g92c932b9946c #0 [ 160.308407][ T9610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 160.318489][ T9610] Call Trace: [ 160.321785][ T9610] [ 160.324734][ T9610] dump_stack_lvl+0x241/0x360 [ 160.329436][ T9610] ? __pfx_dump_stack_lvl+0x10/0x10 [ 160.334664][ T9610] ? __pfx__printk+0x10/0x10 [ 160.339293][ T9610] ? __pfx_lock_release+0x10/0x10 [ 160.344357][ T9610] should_fail_ex+0x3b0/0x4e0 [ 160.349075][ T9610] _copy_from_user+0x2f/0xc0 [ 160.353689][ T9610] copy_msghdr_from_user+0xae/0x680 [ 160.358922][ T9610] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 160.364748][ T9610] ? __fget_files+0x2a/0x410 [ 160.369368][ T9610] ? __fget_files+0x2a/0x410 [ 160.374074][ T9610] __sys_sendmsg+0x209/0x350 [ 160.378680][ T9610] ? __pfx_lock_release+0x10/0x10 [ 160.384113][ T9610] ? __pfx___sys_sendmsg+0x10/0x10 [ 160.389350][ T9610] ? __pfx_vfs_write+0x10/0x10 [ 160.394158][ T9610] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 160.400502][ T9610] ? do_syscall_64+0x100/0x230 [ 160.405283][ T9610] ? do_syscall_64+0xb6/0x230 [ 160.409971][ T9610] do_syscall_64+0xf3/0x230 [ 160.414485][ T9610] ? clear_bhb_loop+0x35/0x90 [ 160.419180][ T9610] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 160.425097][ T9610] RIP: 0033:0x7ff61dd85d19 [ 160.429556][ T9610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 160.449180][ T9610] RSP: 002b:00007ff61eae1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 160.457616][ T9610] RAX: ffffffffffffffda RBX: 00007ff61df75fa0 RCX: 00007ff61dd85d19 [ 160.465703][ T9610] RDX: 000000000000c000 RSI: 0000000020000000 RDI: 0000000000000003 [ 160.473709][ T9610] RBP: 00007ff61eae1090 R08: 0000000000000000 R09: 0000000000000000 [ 160.481697][ T9610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 160.489679][ T9610] R13: 0000000000000000 R14: 00007ff61df75fa0 R15: 00007fffea37c5a8 [ 160.497685][ T9610] [ 160.837451][ T9622] FAULT_INJECTION: forcing a failure. [ 160.837451][ T9622] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 160.852579][ T9622] CPU: 0 UID: 0 PID: 9622 Comm: syz.4.1096 Not tainted 6.13.0-rc2-syzkaller-00411-g92c932b9946c #0 [ 160.863315][ T9622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 160.873406][ T9622] Call Trace: [ 160.876730][ T9622] [ 160.879692][ T9622] dump_stack_lvl+0x241/0x360 [ 160.883952][ T9625] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 160.884389][ T9622] ? __pfx_dump_stack_lvl+0x10/0x10 [ 160.884422][ T9622] ? __pfx__printk+0x10/0x10 [ 160.904841][ T9622] ? __pfx_lock_release+0x10/0x10 [ 160.909912][ T9622] ? rcu_is_watching+0x15/0xb0 [ 160.914730][ T9622] should_fail_ex+0x3b0/0x4e0 [ 160.919467][ T9622] _copy_from_iter+0x1e9/0x1c20 [ 160.924370][ T9622] ? alloc_pages_mpol_noprof+0x417/0x680 [ 160.930037][ T9622] ? __pfx__copy_from_iter+0x10/0x10 [ 160.935364][ T9622] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 160.941389][ T9622] ? alloc_pages_noprof+0xef/0x170 [ 160.946532][ T9622] ? page_copy_sane+0x46/0x260 [ 160.951335][ T9622] copy_page_from_iter+0x7a/0x100 [ 160.956408][ T9622] tun_get_user+0x203c/0x4890 [ 160.961143][ T9622] ? tun_get_user+0x86e/0x4890 [ 160.965952][ T9622] ? __lock_acquire+0x1397/0x2100 [ 160.971015][ T9622] ? __pfx_tun_get_user+0x10/0x10 [ 160.976110][ T9622] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 160.981629][ T9622] ? tun_get+0x1e/0x2f0 [ 160.985930][ T9622] ? __pfx_lock_release+0x10/0x10 [ 160.991027][ T9622] ? tun_get+0x1e/0x2f0 [ 160.995238][ T9622] ? tun_get+0x27d/0x2f0 [ 160.997665][ T9629] FAULT_INJECTION: forcing a failure. [ 160.997665][ T9629] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 160.999523][ T9622] tun_chr_write_iter+0x10d/0x1f0 [ 160.999554][ T9622] vfs_write+0xaeb/0xd30 [ 160.999576][ T9622] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 160.999599][ T9622] ? __pfx_vfs_write+0x10/0x10 [ 160.999618][ T9622] ? __fget_files+0x2a/0x410 [ 160.999643][ T9622] ? __fget_files+0x2a/0x410 [ 160.999672][ T9622] ksys_write+0x18f/0x2b0 [ 160.999693][ T9622] ? __pfx_ksys_write+0x10/0x10 [ 160.999712][ T9622] ? do_syscall_64+0x100/0x230 [ 160.999734][ T9622] ? do_syscall_64+0xb6/0x230 [ 160.999754][ T9622] do_syscall_64+0xf3/0x230 [ 160.999769][ T9622] ? clear_bhb_loop+0x35/0x90 [ 161.069370][ T9622] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.075295][ T9622] RIP: 0033:0x7fdba9f847cf [ 161.079726][ T9622] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 161.099358][ T9622] RSP: 002b:00007fdbaad5f000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 161.107788][ T9622] RAX: ffffffffffffffda RBX: 00007fdbaa175fa0 RCX: 00007fdba9f847cf [ 161.115954][ T9622] RDX: 0000000000000056 RSI: 0000000020000040 RDI: 00000000000000c8 [ 161.123944][ T9622] RBP: 00007fdbaad5f090 R08: 0000000000000000 R09: 0000000000000000 [ 161.131932][ T9622] R10: 0000000000000056 R11: 0000000000000293 R12: 0000000000000001 [ 161.139930][ T9622] R13: 0000000000000000 R14: 00007fdbaa175fa0 R15: 00007ffef1264048 [ 161.147933][ T9622] [ 161.151750][ T9629] CPU: 1 UID: 0 PID: 9629 Comm: syz.3.1098 Not tainted 6.13.0-rc2-syzkaller-00411-g92c932b9946c #0 [ 161.162475][ T9629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 161.172565][ T9629] Call Trace: [ 161.175861][ T9629] [ 161.178808][ T9629] dump_stack_lvl+0x241/0x360 [ 161.183516][ T9629] ? __pfx_dump_stack_lvl+0x10/0x10 [ 161.188757][ T9629] ? __pfx__printk+0x10/0x10 [ 161.193381][ T9629] ? __pfx_lock_release+0x10/0x10 [ 161.198445][ T9629] should_fail_ex+0x3b0/0x4e0 [ 161.203162][ T9629] _copy_from_iter+0x1e9/0x1c20 [ 161.208024][ T9629] ? __virt_addr_valid+0x183/0x530 [ 161.213197][ T9629] ? __alloc_skb+0x28f/0x440 [ 161.217805][ T9629] ? __pfx__copy_from_iter+0x10/0x10 [ 161.223115][ T9629] ? __virt_addr_valid+0x183/0x530 [ 161.228397][ T9629] ? __virt_addr_valid+0x183/0x530 [ 161.233535][ T9629] ? __virt_addr_valid+0x45f/0x530 [ 161.238649][ T9629] ? __phys_addr_symbol+0x2f/0x70 [ 161.243676][ T9629] ? __check_object_size+0x47a/0x730 [ 161.248980][ T9629] netlink_sendmsg+0x73d/0xcb0 [ 161.253771][ T9629] ? __pfx_netlink_sendmsg+0x10/0x10 [ 161.259095][ T9629] ? aa_sock_msg_perm+0x91/0x160 [ 161.264090][ T9629] ? __pfx_netlink_sendmsg+0x10/0x10 [ 161.269388][ T9629] __sock_sendmsg+0x221/0x270 [ 161.274076][ T9629] ____sys_sendmsg+0x52a/0x7e0 [ 161.278850][ T9629] ? __pfx_____sys_sendmsg+0x10/0x10 [ 161.284226][ T9629] ? __fget_files+0x2a/0x410 [ 161.288817][ T9629] ? __fget_files+0x2a/0x410 [ 161.293418][ T9629] __sys_sendmsg+0x269/0x350 [ 161.298006][ T9629] ? __pfx_lock_release+0x10/0x10 [ 161.303045][ T9629] ? __pfx___sys_sendmsg+0x10/0x10 [ 161.308173][ T9629] ? __pfx_vfs_write+0x10/0x10 [ 161.312950][ T9629] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 161.319297][ T9629] ? do_syscall_64+0x100/0x230 [ 161.324087][ T9629] ? do_syscall_64+0xb6/0x230 [ 161.328768][ T9629] do_syscall_64+0xf3/0x230 [ 161.333286][ T9629] ? clear_bhb_loop+0x35/0x90 [ 161.337963][ T9629] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.343853][ T9629] RIP: 0033:0x7ff61dd85d19 [ 161.348279][ T9629] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 161.367983][ T9629] RSP: 002b:00007ff61eae1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 161.376491][ T9629] RAX: ffffffffffffffda RBX: 00007ff61df75fa0 RCX: 00007ff61dd85d19 [ 161.384465][ T9629] RDX: 0000000000000000 RSI: 0000000020000880 RDI: 0000000000000003 [ 161.392433][ T9629] RBP: 00007ff61eae1090 R08: 0000000000000000 R09: 0000000000000000 [ 161.400404][ T9629] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 161.408459][ T9629] R13: 0000000000000000 R14: 00007ff61df75fa0 R15: 00007fffea37c5a8 [ 161.416439][ T9629] [ 161.587081][ T9641] syz.1.1105: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 161.603020][ T9641] CPU: 1 UID: 0 PID: 9641 Comm: syz.1.1105 Not tainted 6.13.0-rc2-syzkaller-00411-g92c932b9946c #0 [ 161.613762][ T9641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 161.623856][ T9641] Call Trace: [ 161.627157][ T9641] [ 161.630158][ T9641] dump_stack_lvl+0x241/0x360 [ 161.634882][ T9641] ? __pfx_dump_stack_lvl+0x10/0x10 [ 161.640133][ T9641] ? __pfx__printk+0x10/0x10 [ 161.644787][ T9641] ? cpuset_print_current_mems_allowed+0x1f/0x350 [ 161.651231][ T9641] ? cpuset_print_current_mems_allowed+0x31e/0x350 [ 161.651326][ T9641] warn_alloc+0x278/0x410 [ 161.651352][ T9641] ? __vmalloc_node_range_noprof+0x106/0x1380 [ 161.651374][ T9641] ? __pfx_warn_alloc+0x10/0x10 [ 161.651396][ T9641] ? kasan_save_track+0x3f/0x80 [ 161.651416][ T9641] ? __kasan_kmalloc+0x98/0xb0 [ 161.651439][ T9641] ? xsk_setsockopt+0x4ea/0x950 [ 161.651461][ T9641] ? do_sock_setsockopt+0x3af/0x720 [ 161.651483][ T9641] ? __x64_sys_setsockopt+0x1ee/0x280 [ 161.651503][ T9641] ? do_syscall_64+0xf3/0x230 [ 161.651522][ T9641] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.651553][ T9641] __vmalloc_node_range_noprof+0x126/0x1380 [ 161.651599][ T9641] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 161.651622][ T9641] ? __kasan_kmalloc+0x98/0xb0 [ 161.651648][ T9641] vmalloc_user_noprof+0x74/0x80 [ 161.651669][ T9641] ? xskq_create+0xb6/0x170 [ 161.651690][ T9641] xskq_create+0xb6/0x170 [ 161.651716][ T9641] xsk_init_queue+0xa1/0x100 [ 161.651741][ T9641] xsk_setsockopt+0x4ea/0x950 [ 161.651767][ T9641] ? __pfx_xsk_setsockopt+0x10/0x10 [ 161.651790][ T9641] ? __pfx_aa_sk_perm+0x10/0x10 [ 161.651822][ T9641] ? aa_sock_opt_perm+0x79/0x120 [ 161.651844][ T9641] ? __pfx_xsk_setsockopt+0x10/0x10 [ 161.651862][ T9641] do_sock_setsockopt+0x3af/0x720 [ 161.651887][ T9641] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 161.651912][ T9641] ? __fget_files+0x395/0x410 [ 161.651936][ T9641] ? __fget_files+0x2a/0x410 [ 161.651964][ T9641] __x64_sys_setsockopt+0x1ee/0x280 [ 161.651989][ T9641] do_syscall_64+0xf3/0x230 [ 161.652009][ T9641] ? clear_bhb_loop+0x35/0x90 [ 161.652029][ T9641] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.652058][ T9641] RIP: 0033:0x7f70cdd85d19 [ 161.652078][ T9641] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 161.652095][ T9641] RSP: 002b:00007f70ceb25038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 161.652118][ T9641] RAX: ffffffffffffffda RBX: 00007f70cdf75fa0 RCX: 00007f70cdd85d19 [ 161.652135][ T9641] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003 [ 161.652147][ T9641] RBP: 00007f70cde01a20 R08: 0000000000000004 R09: 0000000000000000 [ 161.652160][ T9641] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000000 [ 161.652173][ T9641] R13: 0000000000000000 R14: 00007f70cdf75fa0 R15: 00007ffd81e3a408 [ 161.652204][ T9641] [ 161.666119][ T9641] Mem-Info: [ 161.783314][ T9641] active_anon:5385 inactive_anon:0 isolated_anon:0 [ 161.783314][ T9641] active_file:1585 inactive_file:38289 isolated_file:0 [ 161.783314][ T9641] unevictable:768 dirty:84 writeback:0 [ 161.783314][ T9641] slab_reclaimable:11077 slab_unreclaimable:102947 [ 161.783314][ T9641] mapped:28674 shmem:1437 pagetables:708 [ 161.783314][ T9641] sec_pagetables:0 bounce:0 [ 161.783314][ T9641] kernel_misc_reclaimable:0 [ 161.783314][ T9641] free:1327257 free_pcp:1494 free_cma:0 [ 161.949373][ T9641] Node 0 active_anon:21440kB inactive_anon:0kB active_file:6340kB inactive_file:153080kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:114796kB dirty:336kB writeback:0kB shmem:4212kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11636kB pagetables:2732kB sec_pagetables:0kB all_unreclaimable? no [ 161.986753][ T9641] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 162.036392][ T9645] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 162.052733][ T9641] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 162.083407][ T9641] lowmem_reserve[]: 0 2465 2466 0 0 [ 162.094467][ T9641] Node 0 DMA32 free:1383040kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:21604kB inactive_anon:0kB active_file:6340kB inactive_file:152240kB unevictable:1536kB writepending:336kB present:3129332kB managed:2552764kB mlocked:0kB bounce:0kB free_pcp:6336kB local_pcp:1100kB free_cma:0kB [ 162.165268][ T9663] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1110'. [ 162.187722][ T9641] lowmem_reserve[]: 0 0 0 0 0 [ 162.196782][ T9641] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:840kB unevictable:0kB writepending:0kB present:1048580kB managed:876kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 162.228237][ T9641] lowmem_reserve[]: 0 0 0 0 0 [ 162.240333][ T9668] FAULT_INJECTION: forcing a failure. [ 162.240333][ T9668] name failslab, interval 1, probability 0, space 0, times 0 [ 162.262688][ T9641] Node 1 Normal free:3910152kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 162.282302][ T9668] CPU: 1 UID: 0 PID: 9668 Comm: syz.4.1111 Not tainted 6.13.0-rc2-syzkaller-00411-g92c932b9946c #0 [ 162.296628][ T9641] lowmem_reserve[]: [ 162.302154][ T9668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 162.302174][ T9668] Call Trace: [ 162.302183][ T9668] [ 162.302191][ T9668] dump_stack_lvl+0x241/0x360 [ 162.302223][ T9668] ? __pfx_dump_stack_lvl+0x10/0x10 [ 162.302245][ T9668] ? __pfx__printk+0x10/0x10 [ 162.302269][ T9668] ? kmem_cache_alloc_node_noprof+0x4f/0x380 [ 162.306292][ T9641] 0 [ 162.316114][ T9668] ? __pfx___might_resched+0x10/0x10 [ 162.316146][ T9668] should_fail_ex+0x3b0/0x4e0 [ 162.316176][ T9668] should_failslab+0xac/0x100 [ 162.319703][ T9641] 0 [ 162.322385][ T9668] kmem_cache_alloc_node_noprof+0x77/0x380 [ 162.322416][ T9668] ? __alloc_skb+0x1c3/0x440 [ 162.327225][ T9641] 0 [ 162.332347][ T9668] __alloc_skb+0x1c3/0x440 [ 162.332375][ T9668] ? __pfx___alloc_skb+0x10/0x10 [ 162.332396][ T9668] ? netlink_autobind+0xd6/0x2f0 [ 162.332415][ T9668] ? netlink_autobind+0x2b0/0x2f0 [ 162.332439][ T9668] netlink_sendmsg+0x638/0xcb0 [ 162.337347][ T9641] 0 [ 162.343068][ T9668] ? __pfx_netlink_sendmsg+0x10/0x10 [ 162.343108][ T9668] ? aa_sock_msg_perm+0x91/0x160 [ 162.343132][ T9668] ? __pfx_netlink_sendmsg+0x10/0x10 [ 162.343148][ T9668] __sock_sendmsg+0x221/0x270 [ 162.343175][ T9668] ____sys_sendmsg+0x52a/0x7e0 [ 162.343201][ T9668] ? __pfx_____sys_sendmsg+0x10/0x10 [ 162.343220][ T9668] ? __fget_files+0x2a/0x410 [ 162.343246][ T9668] ? __fget_files+0x2a/0x410 [ 162.343277][ T9668] __sys_sendmsg+0x269/0x350 [ 162.343305][ T9668] ? __pfx_lock_release+0x10/0x10 [ 162.343330][ T9668] ? __pfx___sys_sendmsg+0x10/0x10 [ 162.343362][ T9668] ? __pfx_vfs_write+0x10/0x10 [ 162.343406][ T9668] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 162.343430][ T9668] ? do_syscall_64+0x100/0x230 [ 162.343452][ T9668] ? do_syscall_64+0xb6/0x230 [ 162.343472][ T9668] do_syscall_64+0xf3/0x230 [ 162.343490][ T9668] ? clear_bhb_loop+0x35/0x90 [ 162.343512][ T9668] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 162.343528][ T9668] RIP: 0033:0x7fdba9f85d19 [ 162.343548][ T9668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 162.346176][ T9641] 0 [ 162.351310][ T9668] RSP: 002b:00007fdbaad5f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 162.351336][ T9668] RAX: ffffffffffffffda RBX: 00007fdbaa175fa0 RCX: 00007fdba9f85d19 [ 162.351351][ T9668] RDX: 000000000000c000 RSI: 0000000020000000 RDI: 0000000000000003 [ 162.351363][ T9668] RBP: 00007fdbaad5f090 R08: 0000000000000000 R09: 0000000000000000 [ 162.351376][ T9668] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 162.351388][ T9668] R13: 0000000000000000 R14: 00007fdbaa175fa0 R15: 00007ffef1264048 [ 162.351414][ T9668] [ 162.588174][ T9641] [ 162.590929][ T9641] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 162.604367][ T9641] Node 0 DMA32: 56*4kB (UME) 281*8kB (UME) 211*16kB (UME) 119*32kB (UME) 129*64kB (UME) 52*128kB (UME) 14*256kB (UME) 6*512kB (UM) 11*1024kB (UME) 15*2048kB (UME) 321*4096kB (UM) = 1388024kB [ 162.635843][ T9641] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 162.647967][ T9641] Node 1 Normal: 224*4kB (UE) 59*8kB (UME) 43*16kB (UME) 198*32kB (UME) 97*64kB (UME) 36*128kB (UME) 15*256kB (UME) 8*512kB (UM) 2*1024kB (ME) 3*2048kB (UE) 946*4096kB (M) = 3910152kB [ 162.679000][ T9641] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 162.688626][ T9641] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 162.709232][ T9641] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 162.750239][ T9677] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 162.802058][ T9641] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 162.811901][ T9641] 41311 total pagecache pages [ 162.816711][ T9641] 0 pages in swap cache [ 162.824310][ T9641] Free swap = 124996kB [ 162.828528][ T9641] Total swap = 124996kB [ 162.832776][ T9641] 2097051 pages RAM [ 162.838614][ T9641] 0 pages HighMem/MovableOnly [ 162.848926][ T9641] 427010 pages reserved [ 162.853144][ T9641] 0 pages cma reserved [ 162.962068][ T9687] FAULT_INJECTION: forcing a failure. [ 162.962068][ T9687] name failslab, interval 1, probability 0, space 0, times 0 [ 163.000774][ T9690] sctp: [Deprecated]: syz.1.1119 (pid 9690) Use of int in maxseg socket option. [ 163.000774][ T9690] Use struct sctp_assoc_value instead [ 163.023367][ T9687] CPU: 1 UID: 0 PID: 9687 Comm: syz.3.1121 Not tainted 6.13.0-rc2-syzkaller-00411-g92c932b9946c #0 [ 163.034119][ T9687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 163.044195][ T9687] Call Trace: [ 163.047473][ T9687] [ 163.050401][ T9687] dump_stack_lvl+0x241/0x360 [ 163.055082][ T9687] ? __pfx_dump_stack_lvl+0x10/0x10 [ 163.060280][ T9687] ? __pfx__printk+0x10/0x10 [ 163.064886][ T9687] should_fail_ex+0x3b0/0x4e0 [ 163.069584][ T9687] should_failslab+0xac/0x100 [ 163.074352][ T9687] ? skb_clone+0x20c/0x390 [ 163.078874][ T9687] kmem_cache_alloc_noprof+0x70/0x380 [ 163.084281][ T9687] skb_clone+0x20c/0x390 [ 163.088530][ T9687] __netlink_deliver_tap+0x3cc/0x7f0 [ 163.093843][ T9687] ? netlink_deliver_tap+0x2e/0x1b0 [ 163.099074][ T9687] netlink_deliver_tap+0x19d/0x1b0 [ 163.104230][ T9687] netlink_unicast+0x7c4/0x990 [ 163.109011][ T9687] ? __pfx_netlink_unicast+0x10/0x10 [ 163.114303][ T9687] ? __virt_addr_valid+0x45f/0x530 [ 163.119423][ T9687] ? __phys_addr_symbol+0x2f/0x70 [ 163.124448][ T9687] ? __check_object_size+0x47a/0x730 [ 163.129738][ T9687] netlink_sendmsg+0x8e4/0xcb0 [ 163.134530][ T9687] ? __pfx_netlink_sendmsg+0x10/0x10 [ 163.139840][ T9687] ? aa_sock_msg_perm+0x91/0x160 [ 163.144782][ T9687] ? __pfx_netlink_sendmsg+0x10/0x10 [ 163.150061][ T9687] __sock_sendmsg+0x221/0x270 [ 163.154742][ T9687] ____sys_sendmsg+0x52a/0x7e0 [ 163.159509][ T9687] ? __pfx_____sys_sendmsg+0x10/0x10 [ 163.164790][ T9687] ? __fget_files+0x2a/0x410 [ 163.169380][ T9687] ? __fget_files+0x2a/0x410 [ 163.173972][ T9687] __sys_sendmsg+0x269/0x350 [ 163.178569][ T9687] ? __pfx_lock_release+0x10/0x10 [ 163.183656][ T9687] ? __pfx___sys_sendmsg+0x10/0x10 [ 163.188800][ T9687] ? __pfx_vfs_write+0x10/0x10 [ 163.193638][ T9687] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 163.200008][ T9687] ? do_syscall_64+0x100/0x230 [ 163.204872][ T9687] ? do_syscall_64+0xb6/0x230 [ 163.209552][ T9687] do_syscall_64+0xf3/0x230 [ 163.214054][ T9687] ? clear_bhb_loop+0x35/0x90 [ 163.218749][ T9687] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 163.224771][ T9687] RIP: 0033:0x7ff61dd85d19 [ 163.229224][ T9687] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 163.248865][ T9687] RSP: 002b:00007ff61eae1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 163.257309][ T9687] RAX: ffffffffffffffda RBX: 00007ff61df75fa0 RCX: 00007ff61dd85d19 [ 163.265283][ T9687] RDX: 0000000000000000 RSI: 0000000020000880 RDI: 0000000000000003 [ 163.273255][ T9687] RBP: 00007ff61eae1090 R08: 0000000000000000 R09: 0000000000000000 [ 163.281245][ T9687] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 163.289237][ T9687] R13: 0000000000000000 R14: 00007ff61df75fa0 R15: 00007fffea37c5a8 [ 163.297312][ T9687] [ 163.322947][ T9694] netlink: 'syz.2.1123': attribute type 29 has an invalid length. [ 163.472998][ T9704] bridge_slave_0: left allmulticast mode [ 163.473455][ T9706] openvswitch: netlink: Duplicate or invalid key (type 0). [ 163.479634][ T9704] bridge_slave_0: left promiscuous mode [ 163.504576][ T9704] bridge0: port 1(bridge_slave_0) entered disabled state [ 163.523895][ T9706] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 163.535593][ T9704] bridge_slave_1: left allmulticast mode [ 163.547561][ T9704] bridge_slave_1: left promiscuous mode [ 163.566409][ T9704] bridge0: port 2(bridge_slave_1) entered disabled state [ 163.627556][ T9704] bond0: (slave bond_slave_0): Releasing backup interface [ 163.665570][ T9704] bond0: (slave bond_slave_1): Releasing backup interface [ 163.696348][ T9704] team0: Port device team_slave_0 removed [ 163.721163][ T9704] team0: Port device team_slave_1 removed [ 163.728336][ T9732] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1129'. [ 163.749512][ T9704] bond1: (slave ip6gretap1): Releasing backup interface [ 163.778357][ T9711] team0: Mode changed to "loadbalance" [ 163.795183][ T9728] netlink: 'syz.1.1129': attribute type 1 has an invalid length. [ 163.808224][ T9720] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 163.812826][ T9728] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1129'. [ 164.129395][ T5847] Bluetooth: hci4: command 0x0405 tx timeout [ 164.475439][ T9756] netlink: 1264 bytes leftover after parsing attributes in process `syz.4.1140'. [ 164.557121][ T9758] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 164.694584][ T9769] FAULT_INJECTION: forcing a failure. [ 164.694584][ T9769] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 164.721798][ T9771] vlan0: entered promiscuous mode [ 164.733200][ T9770] FAULT_INJECTION: forcing a failure. [ 164.733200][ T9770] name failslab, interval 1, probability 0, space 0, times 0 [ 164.735156][ T9769] CPU: 0 UID: 0 PID: 9769 Comm: syz.2.1147 Not tainted 6.13.0-rc2-syzkaller-00411-g92c932b9946c #0 [ 164.756690][ T9769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 164.766786][ T9769] Call Trace: [ 164.770266][ T9769] [ 164.773224][ T9769] dump_stack_lvl+0x241/0x360 [ 164.777953][ T9769] ? __pfx_dump_stack_lvl+0x10/0x10 [ 164.783212][ T9769] ? __pfx__printk+0x10/0x10 [ 164.787867][ T9769] ? __pfx_lock_release+0x10/0x10 [ 164.792967][ T9769] should_fail_ex+0x3b0/0x4e0 [ 164.797719][ T9769] _copy_from_iter+0x1e9/0x1c20 [ 164.802624][ T9769] ? __virt_addr_valid+0x183/0x530 [ 164.807764][ T9769] ? __alloc_skb+0x28f/0x440 [ 164.812368][ T9769] ? __pfx__copy_from_iter+0x10/0x10 [ 164.817704][ T9769] ? __virt_addr_valid+0x183/0x530 [ 164.822904][ T9769] ? __virt_addr_valid+0x183/0x530 [ 164.828023][ T9769] ? __virt_addr_valid+0x45f/0x530 [ 164.833144][ T9769] ? __phys_addr_symbol+0x2f/0x70 [ 164.838191][ T9769] ? __check_object_size+0x47a/0x730 [ 164.843486][ T9769] netlink_sendmsg+0x73d/0xcb0 [ 164.848259][ T9769] ? __pfx_netlink_sendmsg+0x10/0x10 [ 164.853598][ T9769] ? aa_sock_msg_perm+0x91/0x160 [ 164.858625][ T9769] ? __pfx_netlink_sendmsg+0x10/0x10 [ 164.863904][ T9769] __sock_sendmsg+0x221/0x270 [ 164.868588][ T9769] ____sys_sendmsg+0x52a/0x7e0 [ 164.873358][ T9769] ? __pfx_____sys_sendmsg+0x10/0x10 [ 164.878644][ T9769] ? __fget_files+0x2a/0x410 [ 164.883281][ T9769] ? __fget_files+0x2a/0x410 [ 164.887938][ T9769] __sys_sendmsg+0x269/0x350 [ 164.892563][ T9769] ? __pfx_lock_release+0x10/0x10 [ 164.897599][ T9769] ? __pfx___sys_sendmsg+0x10/0x10 [ 164.902761][ T9769] ? __pfx_vfs_write+0x10/0x10 [ 164.907652][ T9769] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 164.913991][ T9769] ? do_syscall_64+0x100/0x230 [ 164.918803][ T9769] ? do_syscall_64+0xb6/0x230 [ 164.923589][ T9769] do_syscall_64+0xf3/0x230 [ 164.928099][ T9769] ? clear_bhb_loop+0x35/0x90 [ 164.932788][ T9769] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 164.938702][ T9769] RIP: 0033:0x7f5248385d19 [ 164.943136][ T9769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 164.962766][ T9769] RSP: 002b:00007f524925c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 164.971190][ T9769] RAX: ffffffffffffffda RBX: 00007f5248575fa0 RCX: 00007f5248385d19 [ 164.979166][ T9769] RDX: 000000000000c000 RSI: 0000000020000000 RDI: 0000000000000003 [ 164.987132][ T9769] RBP: 00007f524925c090 R08: 0000000000000000 R09: 0000000000000000 [ 164.995105][ T9769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 165.003076][ T9769] R13: 0000000000000000 R14: 00007f5248575fa0 R15: 00007ffebe8f9558 [ 165.011063][ T9769] [ 165.027407][ T9770] CPU: 0 UID: 0 PID: 9770 Comm: syz.3.1146 Not tainted 6.13.0-rc2-syzkaller-00411-g92c932b9946c #0 [ 165.038165][ T9770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 165.048290][ T9770] Call Trace: [ 165.051613][ T9770] [ 165.054572][ T9770] dump_stack_lvl+0x241/0x360 [ 165.059300][ T9770] ? __pfx_dump_stack_lvl+0x10/0x10 [ 165.064636][ T9770] ? __pfx__printk+0x10/0x10 [ 165.069273][ T9770] ? __kmalloc_cache_noprof+0x48/0x390 [ 165.074778][ T9770] ? __pfx___might_resched+0x10/0x10 [ 165.080116][ T9770] ? arch_stack_walk+0xfd/0x150 [ 165.085024][ T9770] should_fail_ex+0x3b0/0x4e0 [ 165.089729][ T9770] should_failslab+0xac/0x100 [ 165.094415][ T9770] __kmalloc_cache_noprof+0x70/0x390 [ 165.099702][ T9770] ? rtnl_newlink+0x131/0x2150 [ 165.104497][ T9770] rtnl_newlink+0x131/0x2150 [ 165.109210][ T9770] ? kasan_save_track+0x51/0x80 [ 165.114078][ T9770] ? kasan_save_free_info+0x40/0x50 [ 165.119396][ T9770] ? __kasan_slab_free+0x59/0x70 [ 165.124357][ T9770] ? __pfx_rtnl_newlink+0x10/0x10 [ 165.129387][ T9770] ? __netlink_deliver_tap+0x56b/0x7f0 [ 165.134854][ T9770] ? __pfx_validate_chain+0x10/0x10 [ 165.140062][ T9770] ? __sock_sendmsg+0x221/0x270 [ 165.144922][ T9770] ? ____sys_sendmsg+0x52a/0x7e0 [ 165.149865][ T9770] ? __sys_sendmsg+0x269/0x350 [ 165.154626][ T9770] ? do_syscall_64+0xf3/0x230 [ 165.159339][ T9770] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 165.165417][ T9770] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 165.171408][ T9770] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 165.177764][ T9770] ? mark_lock+0x9a/0x360 [ 165.182135][ T9770] ? __lock_acquire+0x1397/0x2100 [ 165.187203][ T9770] ? rcu_read_unlock+0x87/0xa0 [ 165.192059][ T9770] ? __dev_queue_xmit+0x1775/0x3f50 [ 165.197256][ T9770] ? __pfx_lock_release+0x10/0x10 [ 165.202319][ T9770] ? __pfx_rtnl_newlink+0x10/0x10 [ 165.207438][ T9770] rtnetlink_rcv_msg+0x791/0xcf0 [ 165.212377][ T9770] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 165.217491][ T9770] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 165.223042][ T9770] ? ref_tracker_free+0x643/0x7e0 [ 165.228075][ T9770] netlink_rcv_skb+0x1e3/0x430 [ 165.232840][ T9770] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 165.238304][ T9770] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 165.243608][ T9770] ? netlink_deliver_tap+0x2e/0x1b0 [ 165.248820][ T9770] netlink_unicast+0x7f6/0x990 [ 165.253639][ T9770] ? __pfx_netlink_unicast+0x10/0x10 [ 165.258932][ T9770] ? __virt_addr_valid+0x45f/0x530 [ 165.264049][ T9770] ? __phys_addr_symbol+0x2f/0x70 [ 165.269074][ T9770] ? __check_object_size+0x47a/0x730 [ 165.274363][ T9770] netlink_sendmsg+0x8e4/0xcb0 [ 165.279133][ T9770] ? __pfx_netlink_sendmsg+0x10/0x10 [ 165.284423][ T9770] ? aa_sock_msg_perm+0x91/0x160 [ 165.289363][ T9770] ? __pfx_netlink_sendmsg+0x10/0x10 [ 165.294644][ T9770] __sock_sendmsg+0x221/0x270 [ 165.299498][ T9770] ____sys_sendmsg+0x52a/0x7e0 [ 165.304268][ T9770] ? __pfx_____sys_sendmsg+0x10/0x10 [ 165.309555][ T9770] ? __fget_files+0x2a/0x410 [ 165.314148][ T9770] ? __fget_files+0x2a/0x410 [ 165.318742][ T9770] __sys_sendmsg+0x269/0x350 [ 165.323330][ T9770] ? __pfx_lock_release+0x10/0x10 [ 165.328367][ T9770] ? __pfx___sys_sendmsg+0x10/0x10 [ 165.333578][ T9770] ? __pfx_vfs_write+0x10/0x10 [ 165.338797][ T9770] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 165.345394][ T9770] ? do_syscall_64+0x100/0x230 [ 165.350309][ T9770] ? do_syscall_64+0xb6/0x230 [ 165.354983][ T9770] do_syscall_64+0xf3/0x230 [ 165.359570][ T9770] ? clear_bhb_loop+0x35/0x90 [ 165.364265][ T9770] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 165.370159][ T9770] RIP: 0033:0x7ff61dd85d19 [ 165.374612][ T9770] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 165.394319][ T9770] RSP: 002b:00007ff61eae1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 165.402740][ T9770] RAX: ffffffffffffffda RBX: 00007ff61df75fa0 RCX: 00007ff61dd85d19 [ 165.410710][ T9770] RDX: 0000000000000000 RSI: 0000000020000880 RDI: 0000000000000003 [ 165.418704][ T9770] RBP: 00007ff61eae1090 R08: 0000000000000000 R09: 0000000000000000 [ 165.426677][ T9770] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 165.434644][ T9770] R13: 0000000000000000 R14: 00007ff61df75fa0 R15: 00007fffea37c5a8 [ 165.442631][ T9770] [ 165.469743][ T9762] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1144'. [ 165.544329][ T9775] batman_adv: batadv0: Removing interface: team0 [ 165.602896][ T9775] bond0: (slave bond_slave_0): Releasing backup interface [ 165.647562][ T9775] bond0: (slave bond_slave_1): Releasing backup interface [ 165.703875][ T9775] team0: Port device team_slave_0 removed [ 165.761152][ T9789] netlink: 1264 bytes leftover after parsing attributes in process `syz.4.1152'. [ 165.795485][ T9775] team0: Port device team_slave_1 removed [ 165.812295][ T9775] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 165.820412][ T9775] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 165.840413][ T9775] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 165.849299][ T9775] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 165.895090][ T9775] bond0: (slave netdevsim0): Releasing backup interface [ 165.939341][ T9775] team0: Port device bridge1 removed [ 165.956301][ T9775] bond3: (slave bridge2): Releasing backup interface [ 165.982733][ T9775] bond5: (slave vti0): Releasing backup interface [ 166.027832][ T9781] team0: Mode changed to "loadbalance" [ 166.096460][ T9799] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 166.208950][ T54] Bluetooth: hci4: command 0x0405 tx timeout [ 166.266844][ T9806] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1156'. [ 166.315632][ T9806] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1156'. [ 166.496961][ T9817] netlink: 1280 bytes leftover after parsing attributes in process `syz.3.1162'. [ 166.617748][ T9823] netlink: 1264 bytes leftover after parsing attributes in process `syz.1.1164'. [ 166.620203][ T9825] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 166.637704][ T9825] FAULT_INJECTION: forcing a failure. [ 166.637704][ T9825] name failslab, interval 1, probability 0, space 0, times 0 [ 166.650382][ T9825] CPU: 0 UID: 0 PID: 9825 Comm: syz.3.1165 Not tainted 6.13.0-rc2-syzkaller-00411-g92c932b9946c #0 [ 166.661153][ T9825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 166.671223][ T9825] Call Trace: [ 166.674501][ T9825] [ 166.677433][ T9825] dump_stack_lvl+0x241/0x360 [ 166.682125][ T9825] ? __pfx_dump_stack_lvl+0x10/0x10 [ 166.687331][ T9825] ? __pfx__printk+0x10/0x10 [ 166.691931][ T9825] ? ip6_pol_route+0x198/0x15d0 [ 166.696789][ T9825] ? __pfx_validate_chain+0x10/0x10 [ 166.701993][ T9825] ? __pfx_validate_chain+0x10/0x10 [ 166.707202][ T9825] ? mark_lock+0x9a/0x360 [ 166.711537][ T9825] should_fail_ex+0x3b0/0x4e0 [ 166.716310][ T9825] should_failslab+0xac/0x100 [ 166.721191][ T9825] kmem_cache_alloc_node_noprof+0x77/0x380 [ 166.727001][ T9825] ? __alloc_skb+0x1c3/0x440 [ 166.731598][ T9825] __alloc_skb+0x1c3/0x440 [ 166.736020][ T9825] ? __pfx___alloc_skb+0x10/0x10 [ 166.740986][ T9825] tcp_make_synack+0x109/0x27b0 [ 166.745860][ T9825] ? __pfx_tcp_make_synack+0x10/0x10 [ 166.751151][ T9825] ? __pfx_lock_acquire+0x10/0x10 [ 166.756181][ T9825] ? ip6_mtu+0x81/0x3f0 [ 166.760334][ T9825] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 166.766408][ T9825] ? __pfx_lock_release+0x10/0x10 [ 166.771460][ T9825] ? tcp_select_initial_window+0x270/0x3d0 [ 166.777279][ T9825] ? tcp_openreq_init_rwin+0x5be/0xab0 [ 166.782749][ T9825] tcp_v6_send_synack+0xe1/0xed0 [ 166.787705][ T9825] ? __pfx_tcp_v6_send_synack+0x10/0x10 [ 166.793266][ T9825] tcp_conn_request+0x19ca/0x34c0 [ 166.798318][ T9825] ? __pfx_tcp_conn_request+0x10/0x10 [ 166.803709][ T9825] ? subflow_v6_conn_request+0x271/0x3a0 [ 166.809346][ T9825] ? tcp_rcv_state_process+0x1fc/0x44e0 [ 166.814980][ T9825] tcp_rcv_state_process+0x187e/0x44e0 [ 166.820440][ T9825] ? __pfx_lock_release+0x10/0x10 [ 166.825463][ T9825] ? __inet6_lookup_established+0xd28/0xdc0 [ 166.831371][ T9825] ? __pfx_tcp_rcv_state_process+0x10/0x10 [ 166.837188][ T9825] ? sk_filter_trim_cap+0x1b3/0xa80 [ 166.842413][ T9825] ? sk_filter_trim_cap+0x5bf/0xa80 [ 166.847616][ T9825] ? __pfx_tcp_inbound_hash+0x10/0x10 [ 166.852991][ T9825] ? inet6_lookup_listener+0x113/0x2d0 [ 166.858462][ T9825] tcp_v6_do_rcv+0x8f0/0x13e0 [ 166.863174][ T9825] ? tcp_v6_fill_cb+0x25a/0x470 [ 166.868068][ T9825] tcp_v6_rcv+0x220a/0x2fb0 [ 166.872620][ T9825] ? __pfx_tcp_v6_rcv+0x10/0x10 [ 166.877485][ T9825] ? __pfx_tcp_v6_rcv+0x10/0x10 [ 166.882367][ T9825] ? __pfx_tcp_v6_rcv+0x10/0x10 [ 166.887225][ T9825] ip6_protocol_deliver_rcu+0xc79/0x1580 [ 166.892879][ T9825] ? ip6_input_finish+0xdc/0x2d0 [ 166.897821][ T9825] ip6_input_finish+0x187/0x2d0 [ 166.903109][ T9825] ? __pfx_ip6_input_finish+0x10/0x10 [ 166.908480][ T9825] NF_HOOK+0x3a4/0x450 [ 166.912552][ T9825] ? NF_HOOK+0x9a/0x450 [ 166.916705][ T9825] ? __pfx_NF_HOOK+0x10/0x10 [ 166.921298][ T9825] ? __pfx_ip6_input_finish+0x10/0x10 [ 166.926677][ T9825] ? __pfx_ip6_rcv_finish+0x10/0x10 [ 166.931876][ T9825] NF_HOOK+0x3a4/0x450 [ 166.935951][ T9825] ? skb_orphan+0x4b/0xd0 [ 166.940310][ T9825] ? NF_HOOK+0x9a/0x450 [ 166.944492][ T9825] ? __pfx_NF_HOOK+0x10/0x10 [ 166.949091][ T9825] ? __pfx_ip6_rcv_finish+0x10/0x10 [ 166.954300][ T9825] ? __pfx_ipv6_rcv+0x10/0x10 [ 166.959010][ T9825] __netif_receive_skb+0x1ea/0x650 [ 166.964226][ T9825] ? __pfx_lock_acquire+0x10/0x10 [ 166.969268][ T9825] ? kasan_save_track+0x51/0x80 [ 166.974125][ T9825] ? __pfx___netif_receive_skb+0x10/0x10 [ 166.979776][ T9825] ? build_skb+0x52/0x2a0 [ 166.984109][ T9825] ? tun_get_user+0x2177/0x4890 [ 166.988964][ T9825] ? tun_chr_write_iter+0x10d/0x1f0 [ 166.994167][ T9825] ? do_syscall_64+0xf3/0x230 [ 166.998848][ T9825] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 167.004951][ T9825] ? tun_rx_batched+0x160/0x8f0 [ 167.009932][ T9825] ? __pfx_lockdep_softirqs_off+0x10/0x10 [ 167.015681][ T9825] ? netif_receive_skb+0x131/0x890 [ 167.020846][ T9825] ? netif_receive_skb+0x131/0x890 [ 167.026036][ T9825] netif_receive_skb+0x1e8/0x890 [ 167.031031][ T9825] ? tun_rx_batched+0x160/0x8f0 [ 167.035928][ T9825] ? __pfx_netif_receive_skb+0x10/0x10 [ 167.041445][ T9825] ? tun_rx_batched+0x160/0x8f0 [ 167.046389][ T9825] tun_rx_batched+0x1b7/0x8f0 [ 167.051263][ T9825] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 167.057602][ T9825] ? __pfx_lock_acquire+0x10/0x10 [ 167.062629][ T9825] ? __pfx_tun_rx_batched+0x10/0x10 [ 167.067886][ T9825] tun_get_user+0x30d6/0x4890 [ 167.072677][ T9825] ? tun_get_user+0x2bbe/0x4890 [ 167.077720][ T9825] ? tun_get_user+0x86e/0x4890 [ 167.082507][ T9825] ? __lock_acquire+0x1397/0x2100 [ 167.087580][ T9825] ? __pfx_tun_get_user+0x10/0x10 [ 167.092640][ T9825] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 167.098157][ T9825] ? tun_get+0x1e/0x2f0 [ 167.102446][ T9825] ? __pfx_lock_release+0x10/0x10 [ 167.107554][ T9825] ? tun_get+0x1e/0x2f0 [ 167.111736][ T9825] ? tun_get+0x27d/0x2f0 [ 167.115984][ T9825] tun_chr_write_iter+0x10d/0x1f0 [ 167.121123][ T9825] vfs_write+0xaeb/0xd30 [ 167.125413][ T9825] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 167.130990][ T9825] ? __pfx_vfs_write+0x10/0x10 [ 167.135939][ T9825] ? __fget_files+0x2a/0x410 [ 167.140637][ T9825] ? __fget_files+0x2a/0x410 [ 167.145239][ T9825] ksys_write+0x18f/0x2b0 [ 167.149776][ T9825] ? __pfx_ksys_write+0x10/0x10 [ 167.154662][ T9825] ? do_syscall_64+0x100/0x230 [ 167.159442][ T9825] ? do_syscall_64+0xb6/0x230 [ 167.164153][ T9825] do_syscall_64+0xf3/0x230 [ 167.168674][ T9825] ? clear_bhb_loop+0x35/0x90 [ 167.173361][ T9825] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 167.179259][ T9825] RIP: 0033:0x7ff61dd847cf [ 167.183677][ T9825] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 167.203390][ T9825] RSP: 002b:00007ff61eae1000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 167.211818][ T9825] RAX: ffffffffffffffda RBX: 00007ff61df75fa0 RCX: 00007ff61dd847cf [ 167.219983][ T9825] RDX: 0000000000000056 RSI: 0000000020000040 RDI: 00000000000000c8 [ 167.227968][ T9825] RBP: 00007ff61eae1090 R08: 0000000000000000 R09: 0000000000000000 [ 167.235944][ T9825] R10: 0000000000000056 R11: 0000000000000293 R12: 0000000000000001 [ 167.244005][ T9825] R13: 0000000000000000 R14: 00007ff61df75fa0 R15: 00007fffea37c5a8 [ 167.252004][ T9825] [ 167.428806][ T9832] FAULT_INJECTION: forcing a failure. [ 167.428806][ T9832] name failslab, interval 1, probability 0, space 0, times 0 [ 167.451196][ T9832] CPU: 0 UID: 0 PID: 9832 Comm: syz.2.1169 Not tainted 6.13.0-rc2-syzkaller-00411-g92c932b9946c #0 [ 167.461945][ T9832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 167.472131][ T9832] Call Trace: [ 167.475432][ T9832] [ 167.478384][ T9832] dump_stack_lvl+0x241/0x360 [ 167.483290][ T9832] ? __pfx_dump_stack_lvl+0x10/0x10 [ 167.488533][ T9832] ? __pfx__printk+0x10/0x10 [ 167.493278][ T9832] should_fail_ex+0x3b0/0x4e0 [ 167.498093][ T9832] should_failslab+0xac/0x100 [ 167.502802][ T9832] ? skb_clone+0x20c/0x390 [ 167.507227][ T9832] kmem_cache_alloc_noprof+0x70/0x380 [ 167.512611][ T9832] skb_clone+0x20c/0x390 [ 167.516861][ T9832] __netlink_deliver_tap+0x3cc/0x7f0 [ 167.522153][ T9832] ? netlink_deliver_tap+0x2e/0x1b0 [ 167.527348][ T9832] netlink_deliver_tap+0x19d/0x1b0 [ 167.532462][ T9832] netlink_unicast+0x7c4/0x990 [ 167.537332][ T9832] ? __pfx_netlink_unicast+0x10/0x10 [ 167.542617][ T9832] ? __virt_addr_valid+0x45f/0x530 [ 167.547738][ T9832] ? __phys_addr_symbol+0x2f/0x70 [ 167.552766][ T9832] ? __check_object_size+0x47a/0x730 [ 167.558055][ T9832] netlink_sendmsg+0x8e4/0xcb0 [ 167.562839][ T9832] ? __pfx_netlink_sendmsg+0x10/0x10 [ 167.568125][ T9832] ? aa_sock_msg_perm+0x91/0x160 [ 167.573069][ T9832] ? __pfx_netlink_sendmsg+0x10/0x10 [ 167.578358][ T9832] __sock_sendmsg+0x221/0x270 [ 167.583043][ T9832] ____sys_sendmsg+0x52a/0x7e0 [ 167.587829][ T9832] ? __pfx_____sys_sendmsg+0x10/0x10 [ 167.593129][ T9832] ? __fget_files+0x2a/0x410 [ 167.597733][ T9832] ? __fget_files+0x2a/0x410 [ 167.602334][ T9832] __sys_sendmsg+0x269/0x350 [ 167.606927][ T9832] ? __pfx_lock_release+0x10/0x10 [ 167.611961][ T9832] ? __pfx___sys_sendmsg+0x10/0x10 [ 167.617090][ T9832] ? __pfx_vfs_write+0x10/0x10 [ 167.621878][ T9832] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 167.628209][ T9832] ? do_syscall_64+0x100/0x230 [ 167.633062][ T9832] ? do_syscall_64+0xb6/0x230 [ 167.637741][ T9832] do_syscall_64+0xf3/0x230 [ 167.642317][ T9832] ? clear_bhb_loop+0x35/0x90 [ 167.647172][ T9832] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 167.653107][ T9832] RIP: 0033:0x7f5248385d19 [ 167.657574][ T9832] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 167.677212][ T9832] RSP: 002b:00007f524925c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 167.685668][ T9832] RAX: ffffffffffffffda RBX: 00007f5248575fa0 RCX: 00007f5248385d19 [ 167.693661][ T9832] RDX: 000000000000c000 RSI: 0000000020000000 RDI: 0000000000000003 [ 167.701656][ T9832] RBP: 00007f524925c090 R08: 0000000000000000 R09: 0000000000000000 [ 167.709665][ T9832] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 167.717643][ T9832] R13: 0000000000000000 R14: 00007f5248575fa0 R15: 00007ffebe8f9558 [ 167.725719][ T9832] [ 167.740337][ T9832] netlink: 1264 bytes leftover after parsing attributes in process `syz.2.1169'. [ 167.783300][ T9837] FAULT_INJECTION: forcing a failure. [ 167.783300][ T9837] name failslab, interval 1, probability 0, space 0, times 0 [ 167.818723][ T9837] CPU: 1 UID: 0 PID: 9837 Comm: syz.4.1171 Not tainted 6.13.0-rc2-syzkaller-00411-g92c932b9946c #0 [ 167.829486][ T9837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 167.839683][ T9837] Call Trace: [ 167.843055][ T9837] [ 167.846007][ T9837] dump_stack_lvl+0x241/0x360 [ 167.850698][ T9837] ? __pfx_dump_stack_lvl+0x10/0x10 [ 167.855945][ T9837] ? __pfx__printk+0x10/0x10 [ 167.860571][ T9837] ? kmem_cache_alloc_node_noprof+0x4f/0x380 [ 167.866586][ T9837] ? __pfx___might_resched+0x10/0x10 [ 167.871901][ T9837] should_fail_ex+0x3b0/0x4e0 [ 167.876630][ T9837] should_failslab+0xac/0x100 [ 167.881351][ T9837] kmem_cache_alloc_node_noprof+0x77/0x380 [ 167.887300][ T9837] ? __alloc_skb+0x1c3/0x440 [ 167.891926][ T9837] __alloc_skb+0x1c3/0x440 [ 167.896363][ T9837] ? __pfx___alloc_skb+0x10/0x10 [ 167.901311][ T9837] ? netlink_ack_tlv_len+0x6e/0x200 [ 167.906625][ T9837] netlink_ack+0x145/0xa50 [ 167.911061][ T9837] netlink_rcv_skb+0x262/0x430 [ 167.915910][ T9837] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 167.921380][ T9837] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 167.926727][ T9837] ? netlink_deliver_tap+0x2e/0x1b0 [ 167.931938][ T9837] netlink_unicast+0x7f6/0x990 [ 167.936714][ T9837] ? __pfx_netlink_unicast+0x10/0x10 [ 167.942000][ T9837] ? __virt_addr_valid+0x45f/0x530 [ 167.947125][ T9837] ? __phys_addr_symbol+0x2f/0x70 [ 167.952322][ T9837] ? __check_object_size+0x47a/0x730 [ 167.957637][ T9837] netlink_sendmsg+0x8e4/0xcb0 [ 167.962418][ T9837] ? __pfx_netlink_sendmsg+0x10/0x10 [ 167.967705][ T9837] ? aa_sock_msg_perm+0x91/0x160 [ 167.972995][ T9837] ? __pfx_netlink_sendmsg+0x10/0x10 [ 167.978274][ T9837] __sock_sendmsg+0x221/0x270 [ 167.982975][ T9837] ____sys_sendmsg+0x52a/0x7e0 [ 167.987747][ T9837] ? __pfx_____sys_sendmsg+0x10/0x10 [ 167.993208][ T9837] ? __fget_files+0x2a/0x410 [ 167.997827][ T9837] ? __fget_files+0x2a/0x410 [ 168.002445][ T9837] __sys_sendmsg+0x269/0x350 [ 168.007045][ T9837] ? __pfx_lock_release+0x10/0x10 [ 168.012072][ T9837] ? __pfx___sys_sendmsg+0x10/0x10 [ 168.017189][ T9837] ? __pfx_vfs_write+0x10/0x10 [ 168.022058][ T9837] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 168.028388][ T9837] ? do_syscall_64+0x100/0x230 [ 168.033152][ T9837] ? do_syscall_64+0xb6/0x230 [ 168.037826][ T9837] do_syscall_64+0xf3/0x230 [ 168.042326][ T9837] ? clear_bhb_loop+0x35/0x90 [ 168.047005][ T9837] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 168.052900][ T9837] RIP: 0033:0x7fdba9f85d19 [ 168.057346][ T9837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 168.076968][ T9837] RSP: 002b:00007fdbaad5f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 168.085393][ T9837] RAX: ffffffffffffffda RBX: 00007fdbaa175fa0 RCX: 00007fdba9f85d19 [ 168.093365][ T9837] RDX: 0000000000000000 RSI: 0000000020000880 RDI: 0000000000000003 [ 168.101334][ T9837] RBP: 00007fdbaad5f090 R08: 0000000000000000 R09: 0000000000000000 [ 168.109305][ T9837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 168.117286][ T9837] R13: 0000000000000000 R14: 00007fdbaa175fa0 R15: 00007ffef1264048 [ 168.125275][ T9837] [ 168.673340][ T9862] syz.2.1179 (9862) used obsolete PPPIOCDETACH ioctl [ 168.678691][ T9864] 8021q: adding VLAN 0 to HW filter on device team0 [ 168.689313][ T9865] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 168.715478][ T9864] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 168.752096][ T9862] xt_l2tp: wrong L2TP version: 0 [ 168.783567][ T9869] __nla_validate_parse: 6 callbacks suppressed [ 168.783591][ T9869] netlink: 1264 bytes leftover after parsing attributes in process `syz.0.1181'. [ 168.880888][ T9875] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 168.894208][ T9875] FAULT_INJECTION: forcing a failure. [ 168.894208][ T9875] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 168.908729][ T9875] CPU: 1 UID: 0 PID: 9875 Comm: syz.2.1186 Not tainted 6.13.0-rc2-syzkaller-00411-g92c932b9946c #0 [ 168.919623][ T9875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 168.929724][ T9875] Call Trace: [ 168.933036][ T9875] [ 168.936003][ T9875] dump_stack_lvl+0x241/0x360 [ 168.940717][ T9875] ? __pfx_dump_stack_lvl+0x10/0x10 [ 168.945949][ T9875] ? __pfx__printk+0x10/0x10 [ 168.950565][ T9875] ? snprintf+0xda/0x120 [ 168.954819][ T9875] should_fail_ex+0x3b0/0x4e0 [ 168.959515][ T9875] _copy_to_user+0x31/0xb0 [ 168.963938][ T9875] simple_read_from_buffer+0xca/0x150 [ 168.969317][ T9875] proc_fail_nth_read+0x1e9/0x250 [ 168.974343][ T9875] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 168.979900][ T9875] ? rw_verify_area+0x55e/0x6f0 [ 168.984751][ T9875] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 168.990300][ T9875] vfs_read+0x1fc/0xb70 [ 168.994458][ T9875] ? __pfx___mutex_lock+0x10/0x10 [ 168.999490][ T9875] ? __pfx_vfs_read+0x10/0x10 [ 169.004174][ T9875] ? __fget_files+0x2a/0x410 [ 169.008776][ T9875] ? __fget_files+0x395/0x410 [ 169.013460][ T9875] ? __fget_files+0x2a/0x410 [ 169.018060][ T9875] ksys_read+0x18f/0x2b0 [ 169.022305][ T9875] ? __pfx_ksys_read+0x10/0x10 [ 169.027069][ T9875] ? do_syscall_64+0x100/0x230 [ 169.031838][ T9875] ? do_syscall_64+0xb6/0x230 [ 169.036522][ T9875] do_syscall_64+0xf3/0x230 [ 169.041025][ T9875] ? clear_bhb_loop+0x35/0x90 [ 169.045792][ T9875] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 169.051683][ T9875] RIP: 0033:0x7f524838472c [ 169.056098][ T9875] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 169.075739][ T9875] RSP: 002b:00007f524925c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 169.084159][ T9875] RAX: ffffffffffffffda RBX: 00007f5248575fa0 RCX: 00007f524838472c [ 169.092129][ T9875] RDX: 000000000000000f RSI: 00007f524925c0a0 RDI: 0000000000000004 [ 169.100119][ T9875] RBP: 00007f524925c090 R08: 0000000000000000 R09: 0000000000000000 [ 169.108092][ T9875] R10: 0000000000000056 R11: 0000000000000246 R12: 0000000000000001 [ 169.116065][ T9875] R13: 0000000000000000 R14: 00007f5248575fa0 R15: 00007ffebe8f9558 [ 169.124051][ T9875] [ 169.294206][ T9887] FAULT_INJECTION: forcing a failure. [ 169.294206][ T9887] name failslab, interval 1, probability 0, space 0, times 0 [ 169.306963][ T9887] CPU: 0 UID: 0 PID: 9887 Comm: syz.3.1190 Not tainted 6.13.0-rc2-syzkaller-00411-g92c932b9946c #0 [ 169.317664][ T9887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 169.327734][ T9887] Call Trace: [ 169.331031][ T9887] [ 169.333990][ T9887] dump_stack_lvl+0x241/0x360 [ 169.338707][ T9887] ? __pfx_dump_stack_lvl+0x10/0x10 [ 169.343951][ T9887] ? __pfx__printk+0x10/0x10 [ 169.348597][ T9887] should_fail_ex+0x3b0/0x4e0 [ 169.353311][ T9887] should_failslab+0xac/0x100 [ 169.358000][ T9887] ? skb_clone+0x20c/0x390 [ 169.362426][ T9887] kmem_cache_alloc_noprof+0x70/0x380 [ 169.367802][ T9887] skb_clone+0x20c/0x390 [ 169.372052][ T9887] ? dev_queue_xmit_nit+0x3fe/0xca0 [ 169.377338][ T9887] dev_queue_xmit_nit+0x249/0xca0 [ 169.382363][ T9887] ? dev_queue_xmit_nit+0x2b/0xca0 [ 169.387475][ T9887] ? validate_xmit_skb+0x9b8/0xff0 [ 169.392596][ T9887] dev_hard_start_xmit+0x15f/0x7d0 [ 169.397709][ T9887] ? __pfx_validate_xmit_skb+0x10/0x10 [ 169.403175][ T9887] __dev_queue_xmit+0x1b73/0x3f50 [ 169.408219][ T9887] ? kasan_save_track+0x51/0x80 [ 169.413073][ T9887] ? ____sys_sendmsg+0x52a/0x7e0 [ 169.418009][ T9887] ? __dev_queue_xmit+0x2f4/0x3f50 [ 169.423122][ T9887] ? __pfx___dev_queue_xmit+0x10/0x10 [ 169.428504][ T9887] ? __copy_skb_header+0x437/0x5b0 [ 169.433619][ T9887] ? __asan_memcpy+0x40/0x70 [ 169.438209][ T9887] ? __copy_skb_header+0x437/0x5b0 [ 169.443325][ T9887] ? __skb_clone+0x454/0x6c0 [ 169.447924][ T9887] ? skb_clone+0x240/0x390 [ 169.452344][ T9887] __netlink_deliver_tap+0x56b/0x7f0 [ 169.457636][ T9887] ? netlink_deliver_tap+0x2e/0x1b0 [ 169.462836][ T9887] netlink_deliver_tap+0x19d/0x1b0 [ 169.467945][ T9887] netlink_unicast+0x7c4/0x990 [ 169.472720][ T9887] ? __pfx_netlink_unicast+0x10/0x10 [ 169.478005][ T9887] ? __virt_addr_valid+0x45f/0x530 [ 169.483115][ T9887] ? __phys_addr_symbol+0x2f/0x70 [ 169.488137][ T9887] ? __check_object_size+0x47a/0x730 [ 169.493524][ T9887] netlink_sendmsg+0x8e4/0xcb0 [ 169.498407][ T9887] ? __pfx_netlink_sendmsg+0x10/0x10 [ 169.503752][ T9887] ? aa_sock_msg_perm+0x91/0x160 [ 169.508696][ T9887] ? __pfx_netlink_sendmsg+0x10/0x10 [ 169.514008][ T9887] __sock_sendmsg+0x221/0x270 [ 169.518704][ T9887] ____sys_sendmsg+0x52a/0x7e0 [ 169.523493][ T9887] ? __pfx_____sys_sendmsg+0x10/0x10 [ 169.528808][ T9887] ? __fget_files+0x2a/0x410 [ 169.533431][ T9887] ? __fget_files+0x2a/0x410 [ 169.538062][ T9887] __sys_sendmsg+0x269/0x350 [ 169.542676][ T9887] ? __pfx_lock_release+0x10/0x10 [ 169.547713][ T9887] ? __pfx___sys_sendmsg+0x10/0x10 [ 169.552841][ T9887] ? __pfx_vfs_write+0x10/0x10 [ 169.557626][ T9887] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 169.563954][ T9887] ? do_syscall_64+0x100/0x230 [ 169.568837][ T9887] ? do_syscall_64+0xb6/0x230 [ 169.573521][ T9887] do_syscall_64+0xf3/0x230 [ 169.578050][ T9887] ? clear_bhb_loop+0x35/0x90 [ 169.582743][ T9887] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 169.588641][ T9887] RIP: 0033:0x7ff61dd85d19 [ 169.593058][ T9887] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 169.612752][ T9887] RSP: 002b:00007ff61eae1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 169.621276][ T9887] RAX: ffffffffffffffda RBX: 00007ff61df75fa0 RCX: 00007ff61dd85d19 [ 169.629244][ T9887] RDX: 000000000000c000 RSI: 0000000020000000 RDI: 0000000000000003 [ 169.637315][ T9887] RBP: 00007ff61eae1090 R08: 0000000000000000 R09: 0000000000000000 [ 169.645375][ T9887] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 169.653351][ T9887] R13: 0000000000000000 R14: 00007ff61df75fa0 R15: 00007fffea37c5a8 [ 169.661338][ T9887] [ 169.676080][ T9887] netlink: 1264 bytes leftover after parsing attributes in process `syz.3.1190'. [ 169.853505][ T9895] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1193'. [ 170.166018][ T9915] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1212'. [ 170.301100][ T9924] netlink: 'syz.1.1206': attribute type 2 has an invalid length. [ 170.319791][ T9924] netlink: 1264 bytes leftover after parsing attributes in process `syz.1.1206'. [ 170.387988][ T9931] netlink: 1264 bytes leftover after parsing attributes in process `syz.0.1208'. [ 170.410178][ T9928] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 170.478290][ T9935] FAULT_INJECTION: forcing a failure. [ 170.478290][ T9935] name failslab, interval 1, probability 0, space 0, times 0 [ 170.491575][ T9935] CPU: 1 UID: 0 PID: 9935 Comm: syz.0.1210 Not tainted 6.13.0-rc2-syzkaller-00411-g92c932b9946c #0 [ 170.502302][ T9935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 170.512393][ T9935] Call Trace: [ 170.515702][ T9935] [ 170.518666][ T9935] dump_stack_lvl+0x241/0x360 [ 170.523391][ T9935] ? __pfx_dump_stack_lvl+0x10/0x10 [ 170.528636][ T9935] ? __pfx__printk+0x10/0x10 [ 170.533267][ T9935] ? __kmalloc_noprof+0xb5/0x4c0 [ 170.538244][ T9935] ? __pfx___might_resched+0x10/0x10 [ 170.543567][ T9935] ? aa_get_newest_label+0xff/0x6f0 [ 170.548814][ T9935] should_fail_ex+0x3b0/0x4e0 [ 170.553561][ T9935] should_failslab+0xac/0x100 [ 170.558292][ T9935] __kmalloc_noprof+0xdd/0x4c0 [ 170.563191][ T9935] ? genl_family_rcv_msg_attrs_parse+0xa3/0x290 [ 170.569472][ T9935] ? apparmor_capable+0x13b/0x1b0 [ 170.574551][ T9935] genl_family_rcv_msg_attrs_parse+0xa3/0x290 [ 170.580681][ T9935] genl_rcv_msg+0x802/0xec0 [ 170.585408][ T9935] ? __pfx_genl_rcv_msg+0x10/0x10 [ 170.590513][ T9935] ? __pfx_lock_acquire+0x10/0x10 [ 170.595577][ T9935] ? __pfx_ovs_flow_cmd_set+0x10/0x10 [ 170.600991][ T9935] ? __pfx___might_resched+0x10/0x10 [ 170.606321][ T9935] netlink_rcv_skb+0x1e3/0x430 [ 170.611122][ T9935] ? __pfx_genl_rcv_msg+0x10/0x10 [ 170.616188][ T9935] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 170.621518][ T9935] ? __netlink_deliver_tap+0x7aa/0x7f0 [ 170.627000][ T9935] genl_rcv+0x28/0x40 [ 170.630983][ T9935] netlink_unicast+0x7f6/0x990 [ 170.635751][ T9935] ? __pfx_netlink_unicast+0x10/0x10 [ 170.641042][ T9935] ? __virt_addr_valid+0x45f/0x530 [ 170.646156][ T9935] ? __phys_addr_symbol+0x2f/0x70 [ 170.651198][ T9935] ? __check_object_size+0x47a/0x730 [ 170.656546][ T9935] netlink_sendmsg+0x8e4/0xcb0 [ 170.661354][ T9935] ? __pfx_netlink_sendmsg+0x10/0x10 [ 170.666643][ T9935] ? aa_sock_msg_perm+0x91/0x160 [ 170.671607][ T9935] ? __pfx_netlink_sendmsg+0x10/0x10 [ 170.676892][ T9935] __sock_sendmsg+0x221/0x270 [ 170.681670][ T9935] ____sys_sendmsg+0x52a/0x7e0 [ 170.686442][ T9935] ? __pfx_____sys_sendmsg+0x10/0x10 [ 170.691731][ T9935] ? __fget_files+0x2a/0x410 [ 170.696324][ T9935] ? __fget_files+0x2a/0x410 [ 170.700937][ T9935] __sys_sendmsg+0x269/0x350 [ 170.705991][ T9935] ? __pfx_lock_release+0x10/0x10 [ 170.709440][ T9943] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1213'. [ 170.711026][ T9935] ? __pfx___sys_sendmsg+0x10/0x10 [ 170.711067][ T9935] ? __pfx_vfs_write+0x10/0x10 [ 170.729879][ T9935] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 170.736218][ T9935] ? do_syscall_64+0x100/0x230 [ 170.740980][ T9935] ? do_syscall_64+0xb6/0x230 [ 170.745659][ T9935] do_syscall_64+0xf3/0x230 [ 170.750177][ T9935] ? clear_bhb_loop+0x35/0x90 [ 170.754896][ T9935] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 170.760820][ T9935] RIP: 0033:0x7fdb28785d19 [ 170.765258][ T9935] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 170.784878][ T9935] RSP: 002b:00007fdb2968b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 170.793328][ T9935] RAX: ffffffffffffffda RBX: 00007fdb28975fa0 RCX: 00007fdb28785d19 [ 170.801836][ T9935] RDX: 000000000000c000 RSI: 0000000020000000 RDI: 0000000000000003 [ 170.810370][ T9935] RBP: 00007fdb2968b090 R08: 0000000000000000 R09: 0000000000000000 [ 170.818345][ T9935] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 170.826356][ T9935] R13: 0000000000000000 R14: 00007fdb28975fa0 R15: 00007fff162d8328 [ 170.834390][ T9935] [ 170.896022][ T9938] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1213'. [ 170.967816][ T9951] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1215'. [ 170.993601][ T9951] netlink: 'syz.1.1215': attribute type 1 has an invalid length. [ 171.260040][ T9966] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 171.371836][ T9977] batadv_slave_1: entered promiscuous mode [ 171.404480][ T9973] batadv_slave_1: left promiscuous mode [ 171.412451][ T9984] netlink: 1264 bytes leftover after parsing attributes in process `syz.2.1226'. [ 171.759406][ T9996] FAULT_INJECTION: forcing a failure. [ 171.759406][ T9996] name failslab, interval 1, probability 0, space 0, times 0 [ 171.794068][ T9997] FAULT_INJECTION: forcing a failure. [ 171.794068][ T9997] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 171.809198][ T9996] CPU: 1 UID: 0 PID: 9996 Comm: syz.3.1231 Not tainted 6.13.0-rc2-syzkaller-00411-g92c932b9946c #0 [ 171.820112][ T9996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 171.830204][ T9996] Call Trace: [ 171.833507][ T9996] [ 171.836602][ T9996] dump_stack_lvl+0x241/0x360 [ 171.841334][ T9996] ? __pfx_dump_stack_lvl+0x10/0x10 [ 171.846612][ T9996] ? __pfx__printk+0x10/0x10 [ 171.851246][ T9996] ? kmem_cache_alloc_node_noprof+0x4f/0x380 [ 171.857262][ T9996] ? __pfx___might_resched+0x10/0x10 [ 171.862589][ T9996] should_fail_ex+0x3b0/0x4e0 [ 171.867317][ T9996] should_failslab+0xac/0x100 [ 171.872082][ T9996] kmem_cache_alloc_node_noprof+0x77/0x380 [ 171.877928][ T9996] ? __alloc_skb+0x1c3/0x440 [ 171.882570][ T9996] __alloc_skb+0x1c3/0x440 [ 171.887025][ T9996] ? __pfx___alloc_skb+0x10/0x10 [ 171.892001][ T9996] ? netlink_ack_tlv_len+0x6e/0x200 [ 171.897237][ T9996] netlink_ack+0x145/0xa50 [ 171.901701][ T9996] ? __pfx___might_resched+0x10/0x10 [ 171.907029][ T9996] netlink_rcv_skb+0x262/0x430 [ 171.911914][ T9996] ? __pfx_genl_rcv_msg+0x10/0x10 [ 171.916987][ T9996] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 171.922334][ T9996] ? __netlink_deliver_tap+0x7aa/0x7f0 [ 171.927844][ T9996] genl_rcv+0x28/0x40 [ 171.931864][ T9996] netlink_unicast+0x7f6/0x990 [ 171.936683][ T9996] ? __pfx_netlink_unicast+0x10/0x10 [ 171.942001][ T9996] ? __virt_addr_valid+0x45f/0x530 [ 171.947199][ T9996] ? __phys_addr_symbol+0x2f/0x70 [ 171.952239][ T9996] ? __check_object_size+0x47a/0x730 [ 171.957559][ T9996] netlink_sendmsg+0x8e4/0xcb0 [ 171.962354][ T9996] ? __pfx_netlink_sendmsg+0x10/0x10 [ 171.967654][ T9996] ? aa_sock_msg_perm+0x91/0x160 [ 171.972619][ T9996] ? __pfx_netlink_sendmsg+0x10/0x10 [ 171.977927][ T9996] __sock_sendmsg+0x221/0x270 [ 171.982634][ T9996] ____sys_sendmsg+0x52a/0x7e0 [ 171.987436][ T9996] ? __pfx_____sys_sendmsg+0x10/0x10 [ 171.992753][ T9996] ? __fget_files+0x2a/0x410 [ 171.997379][ T9996] ? __fget_files+0x2a/0x410 [ 172.002010][ T9996] __sys_sendmsg+0x269/0x350 [ 172.006634][ T9996] ? __pfx_lock_release+0x10/0x10 [ 172.011699][ T9996] ? __pfx___sys_sendmsg+0x10/0x10 [ 172.016838][ T9996] ? __pfx_vfs_write+0x10/0x10 [ 172.021728][ T9996] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 172.028180][ T9996] ? do_syscall_64+0x100/0x230 [ 172.032970][ T9996] ? do_syscall_64+0xb6/0x230 [ 172.037654][ T9996] do_syscall_64+0xf3/0x230 [ 172.042161][ T9996] ? clear_bhb_loop+0x35/0x90 [ 172.046836][ T9996] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 172.052725][ T9996] RIP: 0033:0x7ff61dd85d19 [ 172.057134][ T9996] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 172.076746][ T9996] RSP: 002b:00007ff61eae1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 172.085184][ T9996] RAX: ffffffffffffffda RBX: 00007ff61df75fa0 RCX: 00007ff61dd85d19 [ 172.093159][ T9996] RDX: 000000000000c000 RSI: 0000000020000000 RDI: 0000000000000003 [ 172.101164][ T9996] RBP: 00007ff61eae1090 R08: 0000000000000000 R09: 0000000000000000 [ 172.109200][ T9996] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 172.117200][ T9996] R13: 0000000000000000 R14: 00007ff61df75fa0 R15: 00007fffea37c5a8 [ 172.125194][ T9996] [ 172.130129][ T9997] CPU: 1 UID: 0 PID: 9997 Comm: syz.2.1232 Not tainted 6.13.0-rc2-syzkaller-00411-g92c932b9946c #0 [ 172.140880][ T9997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 172.151035][ T9997] Call Trace: [ 172.154350][ T9997] [ 172.157319][ T9997] dump_stack_lvl+0x241/0x360 [ 172.162040][ T9997] ? __pfx_dump_stack_lvl+0x10/0x10 [ 172.167268][ T9997] ? __pfx__printk+0x10/0x10 [ 172.171898][ T9997] ? snprintf+0xda/0x120 [ 172.176171][ T9997] should_fail_ex+0x3b0/0x4e0 [ 172.180899][ T9997] _copy_to_user+0x31/0xb0 [ 172.185346][ T9997] simple_read_from_buffer+0xca/0x150 [ 172.190756][ T9997] proc_fail_nth_read+0x1e9/0x250 [ 172.195818][ T9997] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 172.201424][ T9997] ? rw_verify_area+0x55e/0x6f0 [ 172.206315][ T9997] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 172.211906][ T9997] vfs_read+0x1fc/0xb70 [ 172.216110][ T9997] ? __pfx___mutex_lock+0x10/0x10 [ 172.221168][ T9997] ? __pfx_vfs_read+0x10/0x10 [ 172.225883][ T9997] ? __fget_files+0x2a/0x410 [ 172.230521][ T9997] ? __fget_files+0x395/0x410 [ 172.235237][ T9997] ? __fget_files+0x2a/0x410 [ 172.239881][ T9997] ksys_read+0x18f/0x2b0 [ 172.244164][ T9997] ? __pfx_ksys_read+0x10/0x10 [ 172.248963][ T9997] ? do_syscall_64+0x100/0x230 [ 172.253760][ T9997] ? do_syscall_64+0xb6/0x230 [ 172.258475][ T9997] do_syscall_64+0xf3/0x230 [ 172.263017][ T9997] ? clear_bhb_loop+0x35/0x90 [ 172.267735][ T9997] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 172.273753][ T9997] RIP: 0033:0x7f524838472c [ 172.278200][ T9997] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 172.297840][ T9997] RSP: 002b:00007f524925c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 172.306271][ T9997] RAX: ffffffffffffffda RBX: 00007f5248575fa0 RCX: 00007f524838472c [ 172.314247][ T9997] RDX: 000000000000000f RSI: 00007f524925c0a0 RDI: 0000000000000006 [ 172.322304][ T9997] RBP: 00007f524925c090 R08: 0000000000000000 R09: 0000000000000000 [ 172.330297][ T9997] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 172.338272][ T9997] R13: 0000000000000000 R14: 00007f5248575fa0 R15: 00007ffebe8f9558 [ 172.346262][ T9997] [ 172.440360][ T9999] syz_tun: left promiscuous mode [ 172.460654][ T9999] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 172.587710][T10003] bond2: entered promiscuous mode [ 172.643367][T10003] gretap1: entered promiscuous mode [ 172.649312][T10003] bond2: (slave gretap1): Enslaving as an active interface with an up link [ 172.667186][T10003] netlink: 'syz.3.1235': attribute type 5 has an invalid length. [ 172.792466][T10015] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 172.868340][T10018] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 173.087924][T10023] Â: renamed from pim6reg1 [ 173.397957][T10039] FAULT_INJECTION: forcing a failure. [ 173.397957][T10039] name failslab, interval 1, probability 0, space 0, times 0 [ 173.461881][T10039] CPU: 0 UID: 0 PID: 10039 Comm: syz.2.1248 Not tainted 6.13.0-rc2-syzkaller-00411-g92c932b9946c #0 [ 173.472725][T10039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 173.482964][T10039] Call Trace: [ 173.482980][T10039] [ 173.482991][T10039] dump_stack_lvl+0x241/0x360 [ 173.489193][T10039] ? __pfx_dump_stack_lvl+0x10/0x10 [ 173.489222][T10039] ? __pfx__printk+0x10/0x10 [ 173.489245][T10039] ? kmem_cache_alloc_node_noprof+0x4f/0x380 [ 173.489268][T10039] ? __pfx___might_resched+0x10/0x10 [ 173.489291][T10039] should_fail_ex+0x3b0/0x4e0 [ 173.489319][T10039] should_failslab+0xac/0x100 [ 173.489349][T10039] kmem_cache_alloc_node_noprof+0x77/0x380 [ 173.489369][T10039] ? __alloc_skb+0x1c3/0x440 [ 173.489390][T10039] __alloc_skb+0x1c3/0x440 [ 173.489413][T10039] ? __pfx___alloc_skb+0x10/0x10 [ 173.489435][T10039] ? netlink_ack_tlv_len+0x6e/0x200 [ 173.489455][T10039] netlink_ack+0x145/0xa50 [ 173.489474][T10039] ? __pfx___might_resched+0x10/0x10 [ 173.489499][T10039] netlink_rcv_skb+0x262/0x430 [ 173.489515][T10039] ? __pfx_genl_rcv_msg+0x10/0x10 [ 173.489535][T10039] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 173.489559][T10039] ? __netlink_deliver_tap+0x7aa/0x7f0 [ 173.489585][T10039] genl_rcv+0x28/0x40 [ 173.489606][T10039] netlink_unicast+0x7f6/0x990 [ 173.489636][T10039] ? __pfx_netlink_unicast+0x10/0x10 [ 173.489657][T10039] ? __virt_addr_valid+0x45f/0x530 [ 173.489679][T10039] ? __phys_addr_symbol+0x2f/0x70 [ 173.489698][T10039] ? __check_object_size+0x47a/0x730 [ 173.609914][T10039] netlink_sendmsg+0x8e4/0xcb0 [ 173.614739][T10039] ? __pfx_netlink_sendmsg+0x10/0x10 [ 173.620070][T10039] ? aa_sock_msg_perm+0x91/0x160 [ 173.625050][T10039] ? __pfx_netlink_sendmsg+0x10/0x10 [ 173.630375][T10039] __sock_sendmsg+0x221/0x270 [ 173.635094][T10039] ____sys_sendmsg+0x52a/0x7e0 [ 173.639908][T10039] ? __pfx_____sys_sendmsg+0x10/0x10 [ 173.645224][T10039] ? __fget_files+0x2a/0x410 [ 173.649827][T10039] ? __fget_files+0x2a/0x410 [ 173.654429][T10039] __sys_sendmsg+0x269/0x350 [ 173.659029][T10039] ? __pfx_lock_release+0x10/0x10 [ 173.664064][T10039] ? __pfx___sys_sendmsg+0x10/0x10 [ 173.669192][T10039] ? __pfx_vfs_write+0x10/0x10 [ 173.674002][T10039] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 173.680352][T10039] ? do_syscall_64+0x100/0x230 [ 173.685126][T10039] ? do_syscall_64+0xb6/0x230 [ 173.689830][T10039] do_syscall_64+0xf3/0x230 [ 173.694359][T10039] ? clear_bhb_loop+0x35/0x90 [ 173.699067][T10039] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 173.705157][T10039] RIP: 0033:0x7f5248385d19 [ 173.709602][T10039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 173.729228][T10039] RSP: 002b:00007f524925c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 173.737679][T10039] RAX: ffffffffffffffda RBX: 00007f5248575fa0 RCX: 00007f5248385d19 [ 173.745664][T10039] RDX: 000000000000c000 RSI: 0000000020000000 RDI: 0000000000000003 [ 173.753640][T10039] RBP: 00007f524925c090 R08: 0000000000000000 R09: 0000000000000000 [ 173.761618][T10039] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 173.769592][T10039] R13: 0000000000000000 R14: 00007f5248575fa0 R15: 00007ffebe8f9558 [ 173.777586][T10039] [ 173.789139][T10042] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 173.880723][T10055] __nla_validate_parse: 7 callbacks suppressed [ 173.880747][T10055] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1252'. [ 174.061201][T10063] netlink: 1264 bytes leftover after parsing attributes in process `syz.4.1256'. [ 174.201472][T10061] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input6 [ 174.276033][T10075] netlink: 1264 bytes leftover after parsing attributes in process `syz.4.1260'. [ 174.453580][T10086] netlink: 1264 bytes leftover after parsing attributes in process `syz.4.1264'. [ 174.468462][T10086] FAULT_INJECTION: forcing a failure. [ 174.468462][T10086] name failslab, interval 1, probability 0, space 0, times 0 [ 174.483069][T10089] netlink: 1264 bytes leftover after parsing attributes in process `syz.0.1274'. [ 174.485702][T10086] CPU: 1 UID: 0 PID: 10086 Comm: syz.4.1264 Not tainted 6.13.0-rc2-syzkaller-00411-g92c932b9946c #0 [ 174.503006][T10086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 174.513083][T10086] Call Trace: [ 174.516369][T10086] [ 174.519304][T10086] dump_stack_lvl+0x241/0x360 [ 174.523989][T10086] ? __pfx_dump_stack_lvl+0x10/0x10 [ 174.529189][T10086] ? __pfx__printk+0x10/0x10 [ 174.533788][T10086] ? ref_tracker_alloc+0x332/0x490 [ 174.538903][T10086] should_fail_ex+0x3b0/0x4e0 [ 174.543601][T10086] should_failslab+0xac/0x100 [ 174.548281][T10086] ? skb_clone+0x20c/0x390 [ 174.552701][T10086] kmem_cache_alloc_noprof+0x70/0x380 [ 174.558083][T10086] skb_clone+0x20c/0x390 [ 174.562357][T10086] __netlink_deliver_tap+0x3cc/0x7f0 [ 174.567652][T10086] ? netlink_deliver_tap+0x2e/0x1b0 [ 174.572894][T10086] netlink_deliver_tap+0x19d/0x1b0 [ 174.578006][T10086] netlink_sendskb+0x68/0x140 [ 174.582698][T10086] netlink_unicast+0x39d/0x990 [ 174.587471][T10086] ? __pfx_netlink_unicast+0x10/0x10 [ 174.592775][T10086] netlink_rcv_skb+0x262/0x430 [ 174.597541][T10086] ? __pfx_genl_rcv_msg+0x10/0x10 [ 174.602570][T10086] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 174.608212][T10086] ? __netlink_deliver_tap+0x7aa/0x7f0 [ 174.613682][T10086] genl_rcv+0x28/0x40 [ 174.617665][T10086] netlink_unicast+0x7f6/0x990 [ 174.622441][T10086] ? __pfx_netlink_unicast+0x10/0x10 [ 174.627817][T10086] ? __virt_addr_valid+0x45f/0x530 [ 174.632942][T10086] ? __phys_addr_symbol+0x2f/0x70 [ 174.637965][T10086] ? __check_object_size+0x47a/0x730 [ 174.643259][T10086] netlink_sendmsg+0x8e4/0xcb0 [ 174.648036][T10086] ? __pfx_netlink_sendmsg+0x10/0x10 [ 174.653441][T10086] ? aa_sock_msg_perm+0x91/0x160 [ 174.658387][T10086] ? __pfx_netlink_sendmsg+0x10/0x10 [ 174.663672][T10086] __sock_sendmsg+0x221/0x270 [ 174.668355][T10086] ____sys_sendmsg+0x52a/0x7e0 [ 174.673129][T10086] ? __pfx_____sys_sendmsg+0x10/0x10 [ 174.678409][T10086] ? __fget_files+0x2a/0x410 [ 174.683010][T10086] ? __fget_files+0x2a/0x410 [ 174.687609][T10086] __sys_sendmsg+0x269/0x350 [ 174.692211][T10086] ? __pfx_lock_release+0x10/0x10 [ 174.697240][T10086] ? __pfx___sys_sendmsg+0x10/0x10 [ 174.702364][T10086] ? __pfx_vfs_write+0x10/0x10 [ 174.707152][T10086] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 174.713482][T10086] ? do_syscall_64+0x100/0x230 [ 174.718253][T10086] ? do_syscall_64+0xb6/0x230 [ 174.722969][T10086] do_syscall_64+0xf3/0x230 [ 174.727491][T10086] ? clear_bhb_loop+0x35/0x90 [ 174.732180][T10086] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 174.738074][T10086] RIP: 0033:0x7fdba9f85d19 [ 174.742493][T10086] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 174.762204][T10086] RSP: 002b:00007fdbaad5f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 174.770626][T10086] RAX: ffffffffffffffda RBX: 00007fdbaa175fa0 RCX: 00007fdba9f85d19 [ 174.779065][T10086] RDX: 000000000000c000 RSI: 0000000020000000 RDI: 0000000000000003 [ 174.787040][T10086] RBP: 00007fdbaad5f090 R08: 0000000000000000 R09: 0000000000000000 [ 174.795011][T10086] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 174.802980][T10086] R13: 0000000000000000 R14: 00007fdbaa175fa0 R15: 00007ffef1264048 [ 174.810964][T10086] [ 174.852171][T10087] dvmrp8: entered allmulticast mode [ 174.984940][T10097] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 175.237000][T10108] 8021q: adding VLAN 0 to HW filter on device bond6 [ 175.251329][T10114] netlink: 1264 bytes leftover after parsing attributes in process `syz.1.1272'. [ 175.290759][T10115] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 175.546569][T10128] netlink: 1264 bytes leftover after parsing attributes in process `syz.2.1280'. [ 175.574195][T10135] netlink: 1264 bytes leftover after parsing attributes in process `syz.4.1281'. [ 175.614155][T10135] FAULT_INJECTION: forcing a failure. [ 175.614155][T10135] name failslab, interval 1, probability 0, space 0, times 0 [ 175.637290][T10135] CPU: 1 UID: 0 PID: 10135 Comm: syz.4.1281 Not tainted 6.13.0-rc2-syzkaller-00411-g92c932b9946c #0 [ 175.648127][T10135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 175.658211][T10135] Call Trace: [ 175.661502][T10135] [ 175.664438][T10135] dump_stack_lvl+0x241/0x360 [ 175.669246][T10135] ? __pfx_dump_stack_lvl+0x10/0x10 [ 175.674468][T10135] ? __pfx__printk+0x10/0x10 [ 175.679079][T10135] ? ref_tracker_alloc+0x332/0x490 [ 175.684209][T10135] should_fail_ex+0x3b0/0x4e0 [ 175.688954][T10135] should_failslab+0xac/0x100 [ 175.693666][T10135] ? skb_clone+0x20c/0x390 [ 175.698093][T10135] kmem_cache_alloc_noprof+0x70/0x380 [ 175.703476][T10135] skb_clone+0x20c/0x390 [ 175.707723][T10135] __netlink_deliver_tap+0x3cc/0x7f0 [ 175.713017][T10135] ? netlink_deliver_tap+0x2e/0x1b0 [ 175.718213][T10135] netlink_deliver_tap+0x19d/0x1b0 [ 175.723322][T10135] netlink_sendskb+0x68/0x140 [ 175.728002][T10135] netlink_unicast+0x39d/0x990 [ 175.732864][T10135] ? __pfx_netlink_unicast+0x10/0x10 [ 175.738192][T10135] netlink_rcv_skb+0x262/0x430 [ 175.743032][T10135] ? __pfx_genl_rcv_msg+0x10/0x10 [ 175.748261][T10135] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 175.753585][T10135] ? __netlink_deliver_tap+0x7aa/0x7f0 [ 175.759076][T10135] genl_rcv+0x28/0x40 [ 175.763108][T10135] netlink_unicast+0x7f6/0x990 [ 175.767921][T10135] ? __pfx_netlink_unicast+0x10/0x10 [ 175.773226][T10135] ? __virt_addr_valid+0x45f/0x530 [ 175.778343][T10135] ? __phys_addr_symbol+0x2f/0x70 [ 175.783373][T10135] ? __check_object_size+0x47a/0x730 [ 175.788682][T10135] netlink_sendmsg+0x8e4/0xcb0 [ 175.793461][T10135] ? __pfx_netlink_sendmsg+0x10/0x10 [ 175.798753][T10135] ? aa_sock_msg_perm+0x91/0x160 [ 175.803694][T10135] ? __pfx_netlink_sendmsg+0x10/0x10 [ 175.808974][T10135] __sock_sendmsg+0x221/0x270 [ 175.813657][T10135] ____sys_sendmsg+0x52a/0x7e0 [ 175.818512][T10135] ? __pfx_____sys_sendmsg+0x10/0x10 [ 175.823793][T10135] ? __fget_files+0x2a/0x410 [ 175.828389][T10135] ? __fget_files+0x2a/0x410 [ 175.833016][T10135] __sys_sendmsg+0x269/0x350 [ 175.837605][T10135] ? __pfx_lock_release+0x10/0x10 [ 175.842632][T10135] ? __pfx___sys_sendmsg+0x10/0x10 [ 175.847751][T10135] ? __pfx_vfs_write+0x10/0x10 [ 175.852566][T10135] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 175.858942][T10135] ? do_syscall_64+0x100/0x230 [ 175.863722][T10135] ? do_syscall_64+0xb6/0x230 [ 175.868402][T10135] do_syscall_64+0xf3/0x230 [ 175.872910][T10135] ? clear_bhb_loop+0x35/0x90 [ 175.877612][T10135] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 175.883506][T10135] RIP: 0033:0x7fdba9f85d19 [ 175.887924][T10135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 175.907547][T10135] RSP: 002b:00007fdbaad5f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 175.915970][T10135] RAX: ffffffffffffffda RBX: 00007fdbaa175fa0 RCX: 00007fdba9f85d19 [ 175.923945][T10135] RDX: 000000000000c000 RSI: 0000000020000000 RDI: 0000000000000003 [ 175.931914][T10135] RBP: 00007fdbaad5f090 R08: 0000000000000000 R09: 0000000000000000 [ 175.939886][T10135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 175.947858][T10135] R13: 0000000000000000 R14: 00007fdbaa175fa0 R15: 00007ffef1264048 [ 175.955867][T10135] [ 175.968041][ T5847] Bluetooth: hci4: command 0x0405 tx timeout [ 176.361380][T10153] netlink: 1264 bytes leftover after parsing attributes in process `syz.0.1291'. [ 176.514360][T10158] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1292'. [ 176.690489][T10174] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 176.712978][T10176] FAULT_INJECTION: forcing a failure. [ 176.712978][T10176] name failslab, interval 1, probability 0, space 0, times 0 [ 176.728027][T10176] CPU: 1 UID: 0 PID: 10176 Comm: syz.1.1298 Not tainted 6.13.0-rc2-syzkaller-00411-g92c932b9946c #0 [ 176.739864][T10176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 176.751084][T10176] Call Trace: [ 176.754983][T10176] [ 176.758002][T10176] dump_stack_lvl+0x241/0x360 [ 176.762702][T10176] ? __pfx_dump_stack_lvl+0x10/0x10 [ 176.769084][T10176] ? __pfx__printk+0x10/0x10 [ 176.774173][T10176] should_fail_ex+0x3b0/0x4e0 [ 176.779190][T10176] should_failslab+0xac/0x100 [ 176.784305][T10176] ? skb_clone+0x20c/0x390 [ 176.789285][T10176] kmem_cache_alloc_noprof+0x70/0x380 [ 176.795028][T10176] skb_clone+0x20c/0x390 [ 176.799748][T10176] ? dev_queue_xmit_nit+0x3fe/0xca0 [ 176.805188][T10176] dev_queue_xmit_nit+0x249/0xca0 [ 176.810507][T10176] ? dev_queue_xmit_nit+0x2b/0xca0 [ 176.816044][T10176] ? validate_xmit_skb+0x9b8/0xff0 [ 176.821854][T10176] dev_hard_start_xmit+0x15f/0x7d0 [ 176.828843][T10176] ? __pfx_validate_xmit_skb+0x10/0x10 [ 176.834523][T10176] __dev_queue_xmit+0x1b73/0x3f50 [ 176.840348][T10176] ? netlink_unicast+0x39d/0x990 [ 176.845358][T10176] ? ____sys_sendmsg+0x52a/0x7e0 [ 176.850431][T10176] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 176.856630][T10176] ? __dev_queue_xmit+0x2f4/0x3f50 [ 176.862912][T10176] ? __pfx___dev_queue_xmit+0x10/0x10 [ 176.868717][T10176] ? __copy_skb_header+0x437/0x5b0 [ 176.874038][T10176] ? __asan_memcpy+0x40/0x70 [ 176.878754][T10176] ? __copy_skb_header+0x437/0x5b0 [ 176.884225][T10176] ? __skb_clone+0x454/0x6c0 [ 176.889669][T10176] ? skb_clone+0x240/0x390 [ 176.894199][T10176] __netlink_deliver_tap+0x56b/0x7f0 [ 176.899714][T10176] ? netlink_deliver_tap+0x2e/0x1b0 [ 176.905583][T10176] netlink_deliver_tap+0x19d/0x1b0 [ 176.910828][T10176] netlink_sendskb+0x68/0x140 [ 176.915546][T10176] netlink_unicast+0x39d/0x990 [ 176.920365][T10176] ? __pfx_netlink_unicast+0x10/0x10 [ 176.925713][T10176] netlink_rcv_skb+0x262/0x430 [ 176.931425][T10176] ? __pfx_genl_rcv_msg+0x10/0x10 [ 176.936855][T10176] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 176.942611][T10176] ? __netlink_deliver_tap+0x7aa/0x7f0 [ 176.948209][T10176] genl_rcv+0x28/0x40 [ 176.952563][T10176] netlink_unicast+0x7f6/0x990 [ 176.957655][T10176] ? __pfx_netlink_unicast+0x10/0x10 [ 176.963323][T10176] ? __virt_addr_valid+0x45f/0x530 [ 176.968576][T10176] ? __phys_addr_symbol+0x2f/0x70 [ 176.973793][T10176] ? __check_object_size+0x47a/0x730 [ 176.979399][T10176] netlink_sendmsg+0x8e4/0xcb0 [ 176.984236][T10176] ? __pfx_netlink_sendmsg+0x10/0x10 [ 176.989576][T10176] ? aa_sock_msg_perm+0x91/0x160 [ 176.994634][T10176] ? __pfx_netlink_sendmsg+0x10/0x10 [ 177.000121][T10176] __sock_sendmsg+0x221/0x270 [ 177.005293][T10176] ____sys_sendmsg+0x52a/0x7e0 [ 177.010293][T10176] ? __pfx_____sys_sendmsg+0x10/0x10 [ 177.015688][T10176] ? __fget_files+0x2a/0x410 [ 177.020401][T10176] ? __fget_files+0x2a/0x410 [ 177.025205][T10176] __sys_sendmsg+0x269/0x350 [ 177.029817][T10176] ? __pfx_lock_release+0x10/0x10 [ 177.035209][T10176] ? __pfx___sys_sendmsg+0x10/0x10 [ 177.040506][T10176] ? __pfx_vfs_write+0x10/0x10 [ 177.045359][T10176] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 177.051741][T10176] ? do_syscall_64+0x100/0x230 [ 177.056543][T10176] ? do_syscall_64+0xb6/0x230 [ 177.061251][T10176] do_syscall_64+0xf3/0x230 [ 177.066406][T10176] ? clear_bhb_loop+0x35/0x90 [ 177.071498][T10176] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 177.077687][T10176] RIP: 0033:0x7f70cdd85d19 [ 177.082493][T10176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 177.104833][T10176] RSP: 002b:00007f70ceb25038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 177.113669][T10176] RAX: ffffffffffffffda RBX: 00007f70cdf75fa0 RCX: 00007f70cdd85d19 [ 177.122926][T10176] RDX: 000000000000c000 RSI: 0000000020000000 RDI: 0000000000000003 [ 177.132771][T10176] RBP: 00007f70ceb25090 R08: 0000000000000000 R09: 0000000000000000 [ 177.140751][T10176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 177.149338][T10176] R13: 0000000000000000 R14: 00007f70cdf75fa0 R15: 00007ffd81e3a408 [ 177.157458][T10176] [ 177.319251][T10185] netlink: 'syz.0.1303': attribute type 1 has an invalid length. [ 177.355453][T10187] pimreg3: entered allmulticast mode [ 177.398651][T10185] pimreg3: left allmulticast mode [ 178.049907][T10226] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 178.084070][T10225] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 178.492127][T10253] pim6reg1: entered promiscuous mode [ 178.511575][T10253] pim6reg1: entered allmulticast mode [ 178.643681][T10253] team0 (unregistering): Port device team_slave_0 removed [ 178.692380][T10253] team0 (unregistering): Port device team_slave_1 removed [ 178.704199][T10253] team0 (unregistering): Port device bridge1 removed [ 179.166285][T10292] xt_l2tp: missing protocol rule (udp|l2tpip) [ 179.187749][T10295] __nla_validate_parse: 16 callbacks suppressed [ 179.187770][T10295] netlink: 1264 bytes leftover after parsing attributes in process `syz.2.1343'. [ 179.248272][T10298] netlink: 1280 bytes leftover after parsing attributes in process `syz.2.1345'. [ 179.545188][T10310] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 180.054963][T10322] netlink: 1264 bytes leftover after parsing attributes in process `syz.3.1356'. [ 180.162810][T10328] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1358'. [ 180.191693][T10328] netlink: 'syz.3.1358': attribute type 5 has an invalid length. [ 180.290295][T10332] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 180.486611][T10348] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1365'. [ 180.555668][T10350] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1362'. [ 180.585872][T10350] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1362'. [ 180.604450][T10353] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1368'. [ 180.618779][T10350] vlan2: entered allmulticast mode [ 180.681354][T10353] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1368'. [ 180.693154][T10362] FAULT_INJECTION: forcing a failure. [ 180.693154][T10362] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 180.709260][T10359] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1368'. [ 180.719533][T10362] CPU: 1 UID: 0 PID: 10362 Comm: syz.4.1370 Not tainted 6.13.0-rc2-syzkaller-00411-g92c932b9946c #0 [ 180.730821][T10362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 180.741101][T10362] Call Trace: [ 180.744848][T10362] [ 180.749331][T10362] dump_stack_lvl+0x241/0x360 [ 180.754751][T10362] ? __pfx_dump_stack_lvl+0x10/0x10 [ 180.760174][T10362] ? __pfx__printk+0x10/0x10 [ 180.765960][T10362] ? __pfx_lock_release+0x10/0x10 [ 180.772658][T10362] should_fail_ex+0x3b0/0x4e0 [ 180.778013][T10362] _copy_from_user+0x2f/0xc0 [ 180.782735][T10362] copy_msghdr_from_user+0xae/0x680 [ 180.788152][T10362] ? __lock_acquire+0x1397/0x2100 [ 180.794156][T10362] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 180.801961][T10362] ? __fget_files+0x2a/0x410 [ 180.806789][T10362] ? __fget_files+0x2a/0x410 [ 180.814038][T10362] do_recvmmsg+0x3bd/0xab0 [ 180.820288][T10362] ? __pfx_do_recvmmsg+0x10/0x10 [ 180.827300][T10362] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 180.834755][T10362] ? ksys_write+0x22a/0x2b0 [ 180.839727][T10362] ? __pfx_lock_release+0x10/0x10 [ 180.846476][T10362] ? vfs_write+0x730/0xd30 [ 180.851694][T10362] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 180.858153][T10362] ? __fget_files+0x2a/0x410 [ 180.864372][T10362] __x64_sys_recvmmsg+0x199/0x250 [ 180.871123][T10362] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 180.877187][T10362] ? do_syscall_64+0x100/0x230 [ 180.882155][T10362] ? do_syscall_64+0xb6/0x230 [ 180.887913][T10362] do_syscall_64+0xf3/0x230 [ 180.893735][T10362] ? clear_bhb_loop+0x35/0x90 [ 180.899171][T10362] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.905885][T10362] RIP: 0033:0x7fdba9f85d19 [ 180.911544][T10362] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 180.938131][T10362] RSP: 002b:00007fdbaad5f038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 180.947626][T10362] RAX: ffffffffffffffda RBX: 00007fdbaa175fa0 RCX: 00007fdba9f85d19 [ 180.957195][T10362] RDX: 0000000000000a0d RSI: 00000000200066c0 RDI: 0000000000000005 [ 180.965455][T10362] RBP: 00007fdbaad5f090 R08: 0000000000000000 R09: 0000000000000000 [ 180.975121][T10362] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 180.984070][T10362] R13: 0000000000000000 R14: 00007fdbaa175fa0 R15: 00007ffef1264048 [ 180.993106][T10362] [ 181.032172][T10365] netlink: 'syz.1.1372': attribute type 1 has an invalid length. [ 181.332244][T10372] xt_l2tp: wrong L2TP version: 0 [ 181.478586][T10381] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 181.648377][T10395] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 184.431529][T10400] veth0: entered promiscuous mode [ 184.457978][T10400] macvtap1: entered promiscuous mode [ 184.480371][T10400] veth0: left promiscuous mode [ 184.524185][T10401] veth0: entered promiscuous mode [ 184.534011][T10401] macvtap1: entered promiscuous mode [ 184.574412][T10401] veth0: left promiscuous mode [ 184.976867][T10452] pim6reg1: entered promiscuous mode [ 184.982939][T10452] pim6reg1: entered allmulticast mode [ 185.324604][T10468] __nla_validate_parse: 2 callbacks suppressed [ 185.324628][T10468] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1416'. [ 186.111710][T10510] xt_hashlimit: size too large, truncated to 1048576 [ 187.732387][T10568] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1461'. [ 188.229203][T10590] netlink: 'syz.2.1471': attribute type 10 has an invalid length. [ 188.595867][T10603] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1477'. [ 188.617745][T10603] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 188.625229][T10603] IPv6: NLM_F_CREATE should be set when creating new route [ 188.633389][T10603] IPv6: NLM_F_CREATE should be set when creating new route [ 188.687488][T10609] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1480'. [ 188.879628][T10612] syzkaller0: entered promiscuous mode [ 188.906268][T10612] syzkaller0: entered allmulticast mode [ 189.283722][T10633] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1490'. [ 189.303432][T10633] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1490'. [ 191.562743][ T5845] Bluetooth: hci1: command 0x0406 tx timeout [ 191.562867][ T5836] Bluetooth: hci3: command 0x0406 tx timeout [ 191.568891][ T5146] Bluetooth: hci2: command 0x0406 tx timeout [ 191.829754][T10645] veth0_vlan: entered allmulticast mode [ 191.842601][T10646] veth0_vlan: left promiscuous mode [ 191.852503][T10646] veth0_vlan: entered promiscuous mode [ 192.124667][T10674] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1508'. [ 192.153664][T10674] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1508'. [ 192.358084][T10682] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1512'. [ 192.603103][T10698] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 193.774424][T10748] pim6reg1: entered promiscuous mode [ 193.792613][T10748] pim6reg1: entered allmulticast mode [ 194.007942][T10758] syz.4.1550[10758] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 194.008038][T10758] syz.4.1550[10758] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 194.050997][T10758] syz.4.1550[10758] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 194.319768][T10772] pim6reg1: entered promiscuous mode [ 194.343252][T10772] pim6reg1: entered allmulticast mode [ 194.423570][T10768] wg2: entered promiscuous mode [ 194.428685][T10768] wg2: entered allmulticast mode [ 194.813806][T10784] pim6reg1: entered promiscuous mode [ 194.819383][T10784] pim6reg1: entered allmulticast mode [ 195.591034][T10822] Timeout policy `syz0' can only be used by L3 protocol number 24578 [ 195.660694][T10822] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1578'. [ 196.029251][T10843] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1586'. [ 196.221700][T10854] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1593'. [ 196.651316][T10883] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1608'. [ 196.660467][T10883] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1608'. [ 196.998656][T10904] xt_check_table_hooks: 24 callbacks suppressed [ 196.998677][T10904] x_tables: duplicate underflow at hook 4 [ 197.361756][T10920] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 199.093313][T11001] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1662'. [ 199.421468][T11017] tipc: Enabled bearer , priority 0 [ 199.571511][T11017] syzkaller0: entered promiscuous mode [ 199.588383][T11017] syzkaller0: entered allmulticast mode [ 199.601867][T11017] tipc: Resetting bearer [ 199.711959][ T5994] tipc: Resetting bearer [ 199.756562][T11013] tipc: Resetting bearer [ 202.228377][T11013] tipc: Disabling bearer [ 202.238105][T11026] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1674'. [ 202.247476][T11026] IPv6: Can't replace route, no match found [ 202.272429][T11045] netlink: 'syz.1.1683': attribute type 21 has an invalid length. [ 202.976774][T11085] pim6reg1: entered promiscuous mode [ 203.007520][T11085] pim6reg1: entered allmulticast mode [ 205.931133][T11166] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1731'. [ 205.990553][T11168] veth1_macvtap: left promiscuous mode [ 205.996379][T11168] macsec0: entered promiscuous mode [ 206.021896][T11165] pim6reg1: entered promiscuous mode [ 206.036482][T11165] pim6reg1: entered allmulticast mode [ 206.458771][T11197] syz.4.1747[11197] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 206.460016][T11197] syz.4.1747[11197] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 206.477532][T11197] syz.4.1747[11197] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 206.517864][T11201] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1748'. [ 206.555642][T11201] tipc: Invalid UDP bearer configuration [ 206.555693][T11201] tipc: Enabling of bearer rejected, failed to enable media [ 207.022664][T11204] veth0_to_team: left promiscuous mode [ 207.028211][T11204] veth0_to_team: left allmulticast mode [ 207.088197][ T29] audit: type=1107 audit(1734350864.037:2): pid=11234 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 207.461826][T11204] bridge1: left promiscuous mode [ 207.466881][T11204] bridge1: left allmulticast mode [ 207.486113][T11204] mac80211_hwsim hwsim7 syzkaller0: left allmulticast mode [ 207.511662][T11204] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 207.529093][T11204] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 207.538063][T11204] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 207.553148][T11204] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 207.563751][T11204] geneve2: left promiscuous mode [ 207.572674][T11204] geneve2: left allmulticast mode [ 208.345240][T11290] pim6reg1: entered promiscuous mode [ 208.350698][T11290] pim6reg1: entered allmulticast mode [ 209.714239][T11367] x_tables: arp_tables: CLASSIFY target: used from hooks INPUT, but only usable from FORWARD/OUTPUT [ 210.032323][T11386] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1829'. [ 210.044967][T11386] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1829'. [ 210.060738][T11388] syz.4.1827[11388] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 210.060835][T11388] syz.4.1827[11388] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 210.077670][T11388] syz.4.1827[11388] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 210.116914][T11386] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1829'. [ 210.145070][T11386] netlink: 19 bytes leftover after parsing attributes in process `syz.0.1829'. [ 210.923451][T11438] mac80211_hwsim hwsim7 syzkaller0: entered promiscuous mode [ 210.943568][T11438] mac80211_hwsim hwsim7 syzkaller0: entered allmulticast mode [ 211.170565][T11453] netlink: 'syz.2.1862': attribute type 5 has an invalid length. [ 211.296554][T11464] netlink: 11 bytes leftover after parsing attributes in process `syz.1.1867'. [ 211.879345][T11497] syzkaller0: entered promiscuous mode [ 211.884896][T11497] syzkaller0: entered allmulticast mode [ 212.156216][T11513] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 212.356875][T11521] syz.4.1895[11521] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 212.356972][T11521] syz.4.1895[11521] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 212.384233][T11521] syz.4.1895[11521] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 212.942305][T11555] pim6reg1: entered promiscuous mode [ 212.992141][T11555] pim6reg1: entered allmulticast mode [ 214.479048][T11601] syz.4.1929[11601] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 214.479149][T11601] syz.4.1929[11601] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 214.491500][T11601] syz.4.1929[11601] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 214.664299][T11605] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1931'. [ 214.700001][T11605] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1931'. [ 215.580240][T11597] tipc: Enabled bearer , priority 0 [ 215.593347][T11598] mac80211_hwsim hwsim7 syzkaller0: left promiscuous mode [ 215.601039][T11598] mac80211_hwsim hwsim7 syzkaller0: left allmulticast mode [ 215.608650][T11598] tipc: Resetting bearer [ 215.655244][T11622] : renamed from ipvlan1 [ 215.973667][T11640] netlink: 164 bytes leftover after parsing attributes in process `syz.4.1948'. [ 216.283872][T11663] netlink: 'syz.1.1960': attribute type 27 has an invalid length. [ 216.349731][T11666] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1959'. [ 216.643118][T11683] : renamed from ipvlan1 [ 216.982984][T11701] pim6reg1: entered promiscuous mode [ 216.990474][T11705] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1980'. [ 217.009538][T11701] pim6reg1: entered allmulticast mode [ 217.124034][T11709] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1982'. [ 217.355955][T11715] pim6reg1: entered promiscuous mode [ 217.380740][T11715] pim6reg1: entered allmulticast mode [ 217.472794][T11723] pim6reg1: entered promiscuous mode [ 217.480181][T11723] pim6reg1: entered allmulticast mode [ 217.540035][T11727] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1990'. [ 217.582212][T11725] syzkaller0: entered promiscuous mode [ 217.602539][T11725] syzkaller0: entered allmulticast mode [ 219.557170][T11727] vlan2: entered promiscuous mode [ 219.894669][T11768] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2006'. [ 220.113353][T11773] pim6reg1: entered promiscuous mode [ 220.129279][T11773] pim6reg1: entered allmulticast mode [ 220.173866][T11786] pim6reg1: entered promiscuous mode [ 220.190369][T11786] pim6reg1: entered allmulticast mode [ 220.675763][T11815] pim6reg1: entered promiscuous mode [ 220.699176][T11815] pim6reg1: entered allmulticast mode [ 220.744974][T11821] netlink: 96 bytes leftover after parsing attributes in process `syz.2.2032'. [ 220.859441][T11825] pim6reg1: entered promiscuous mode [ 220.864807][T11825] pim6reg1: entered allmulticast mode [ 220.990975][T11835] [ 220.993735][T11835] ============================= [ 220.998616][T11835] WARNING: suspicious RCU usage [ 221.003956][T11835] 6.13.0-rc2-syzkaller-00411-g92c932b9946c #0 Not tainted [ 221.011570][T11835] ----------------------------- [ 221.016435][T11835] kernel/events/callchain.c:162 suspicious rcu_dereference_check() usage! [ 221.025278][T11835] [ 221.025278][T11835] other info that might help us debug this: [ 221.025278][T11835] [ 221.035844][T11835] [ 221.035844][T11835] rcu_scheduler_active = 2, debug_locks = 1 [ 221.044417][T11835] 1 lock held by syz.1.2038/11835: [ 221.050099][T11835] #0: ffffffff8e937fa0 (rcu_read_lock_trace){....}-{0:0}, at: rcu_read_lock_trace+0x38/0x80 [ 221.060461][T11835] [ 221.060461][T11835] stack backtrace: [ 221.066372][T11835] CPU: 1 UID: 0 PID: 11835 Comm: syz.1.2038 Not tainted 6.13.0-rc2-syzkaller-00411-g92c932b9946c #0 [ 221.077155][T11835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 [ 221.087227][T11835] Call Trace: [ 221.090509][T11835] [ 221.093439][T11835] dump_stack_lvl+0x241/0x360 [ 221.098131][T11835] ? __pfx_dump_stack_lvl+0x10/0x10 [ 221.103332][T11835] ? __pfx__printk+0x10/0x10 [ 221.107932][T11835] lockdep_rcu_suspicious+0x226/0x340 [ 221.113309][T11835] get_callchain_entry+0x2b2/0x3c0 [ 221.118431][T11835] get_perf_callchain+0xec/0x970 [ 221.123385][T11835] ? __pfx_get_perf_callchain+0x10/0x10 [ 221.128944][T11835] ? __lock_acquire+0x1397/0x2100 [ 221.133978][T11835] __bpf_get_stack+0x41f/0xad0 [ 221.138751][T11835] ? __pfx___bpf_get_stack+0x10/0x10 [ 221.144044][T11835] ? __pfx_lock_acquire+0x10/0x10 [ 221.149071][T11835] bpf_get_stack+0x33/0x50 [ 221.153491][T11835] bpf_get_stack_raw_tp+0x1a3/0x240 [ 221.158701][T11835] bpf_prog_b8a90dd1efcc4ad9+0x46/0x4a [ 221.164160][T11835] bpf_prog_run_pin_on_cpu+0xba/0x150 [ 221.169537][T11835] bpf_prog_test_run_syscall+0x316/0x4e0 [ 221.175175][T11835] ? __pfx_bpf_prog_test_run_syscall+0x10/0x10 [ 221.181331][T11835] ? __fget_files+0x2a/0x410 [ 221.185931][T11835] ? fput+0x21b/0x290 [ 221.189916][T11835] ? __pfx_bpf_prog_test_run_syscall+0x10/0x10 [ 221.196078][T11835] bpf_prog_test_run+0x2e4/0x360 [ 221.201021][T11835] __sys_bpf+0x48d/0x810 [ 221.205265][T11835] ? __pfx___sys_bpf+0x10/0x10 [ 221.210035][T11835] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 221.216017][T11835] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 221.222351][T11835] ? do_syscall_64+0x100/0x230 [ 221.227125][T11835] __x64_sys_bpf+0x7c/0x90 [ 221.232071][T11835] do_syscall_64+0xf3/0x230 [ 221.236573][T11835] ? clear_bhb_loop+0x35/0x90 [ 221.241251][T11835] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 221.247144][T11835] RIP: 0033:0x7f70cdd85d19 [ 221.251559][T11835] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 221.271175][T11835] RSP: 002b:00007f70ceb25038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 221.279601][T11835] RAX: ffffffffffffffda RBX: 00007f70cdf75fa0 RCX: 00007f70cdd85d19 [ 221.287574][T11835] RDX: 000000000000000c RSI: 00000000200004c0 RDI: 000000000000000a [ 221.295541][T11835] RBP: 00007f70cde01a20 R08: 0000000000000000 R09: 0000000000000000 [ 221.303510][T11835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 221.311479][T11835] R13: 0000000000000000 R14: 00007f70cdf75fa0 R15: 00007ffd81e3a408 [ 221.319467][T11835]