last executing test programs: 5.621621061s ago: executing program 3 (id=3084): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_GET_ADDR(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)={0x20, r1, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}]}]}, 0x20}}, 0x400005c) r2 = socket$packet(0x11, 0x2, 0x300) sendto$packet(r2, 0x0, 0x0, 0x4004080, &(0x7f0000000180)={0x11, 0x5, 0x0, 0x1, 0x2, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14) 4.856621117s ago: executing program 2 (id=3091): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r0, 0x0, 0x0) sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, 0x0, 0x81) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x14, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x10, 0x11, 0x4000}, @TCA_FQ_QUANTUM={0x8, 0x3, 0x4000}]}}]}, 0x40}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x36, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYRES16=r0, @ANYRES32, @ANYRESHEX=r4], 0xe8}, 0x1, 0x0, 0x0, 0x40004}, 0x0) close(r1) r6 = socket$inet6_sctp(0xa, 0x1, 0x84) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r7, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000002c0)=ANY=[@ANYBLOB="2c010000", @ANYRES16=r8, @ANYBLOB="010065bd7000fcdbdf254f00000008000300", @ANYRES32, @ANYBLOB="48007a8014000100c396d979a8f802a09c5d7bfaeb3575f21c0002002c8b2ddcc0a3a020196b852ff1e5776edd2fed6a243a33220c000300b38b3e2d8514cc07080004000500000030007a800800040007000000240001006b367eca9776d5c92ac3b99cce28c8dbdebd62217f9c5f46d4b1a11c682b40d61c007a800c000300e028aa46e44ee6830c0003009cf7debf7cdf5a207c007a80080004003465e91c0c0003004a159160a275d9fa08000400ff0f00000800040007000000140001006fde61d99aa98d55b507315489e6cd79140002"], 0x12c}}, 0x0) setsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r6, 0x84, 0x7, &(0x7f0000000000)={0x40}, 0x4) listen(r6, 0x401) sendto$inet6(r6, &(0x7f0000000500)="a4", 0x34000, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c) 4.820461082s ago: executing program 3 (id=3092): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)={{0x14, 0x10, 0x1, 0x9c}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x54, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xd}, @NFTA_SET_EXPRESSIONS={0x10, 0x12, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, @cmp={{0x8}, @void}}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x110}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x9c}}, 0x20050800) 4.633517965s ago: executing program 1 (id=3093): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="14000000100001000000000000000000"], 0x7c}}, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000640)={0xffffffffffffffff, 0xe0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0xa, &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x90, &(0x7f0000000440)=[{}, {}], 0x10, 0x0, 0x0, &(0x7f00000004c0), 0x8, 0x53, 0x8, 0x8, &(0x7f0000000500)}}, 0x10) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x20, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x48}}, 0x10) connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x19) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f00000009c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x100000d1}, 0x4000000) ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x82, 0xca, 0x15c2, 0x5886, 0x801, 0x0, 0x8, 'syz1\x00'}) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r3 = accept4(r2, 0x0, 0x0, 0x800) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f00000005c0), r4) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r6, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 4.633208798s ago: executing program 3 (id=3094): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73"], 0x38}}, 0x0) (fail_nth: 12) 2.252966506s ago: executing program 2 (id=3096): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000002, 0x100010, r0, 0xc8ae000) r1 = socket$phonet(0x23, 0x2, 0x1) ioctl$SIOCPNGETOBJECT(r1, 0x89e0, &(0x7f0000000000)=0xffff) sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x97, &(0x7f0000001ac0)={&(0x7f0000000380)=ANY=[@ANYBLOB="1c0000002c00010026bd7000fcdbdf250400000005000b000000d90f"], 0x1c}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)) 1.988570114s ago: executing program 1 (id=3097): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000002, 0x100010, r0, 0xc8ae000) r1 = accept4$vsock_stream(0xffffffffffffffff, &(0x7f0000000880)={0x28, 0x0, 0x2711, @my=0x1}, 0x10, 0x80000) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000900)={'netpci0\x00', &(0x7f00000008c0)=@ethtool_pauseparam={0x12, 0x1ff, 0x5, 0x25}}) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080)={0x1, 0xffffffffffffffff}, 0x4) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000100)={'sit0\x00', &(0x7f00000004c0)={'gretap0\x00', 0x0, 0x80, 0x80, 0x7, 0x8, {{0x2e, 0x4, 0x0, 0x34, 0xb8, 0x68, 0x0, 0x1, 0x4, 0x0, @multicast1, @multicast2, {[@timestamp={0x44, 0x14, 0xf9, 0x0, 0x0, [0xb0e, 0x40, 0x1ff, 0x7]}, @end, @timestamp={0x44, 0x2c, 0x9f, 0x0, 0x9, [0x6, 0x10001, 0xfffffffc, 0x7, 0x0, 0xb8c, 0x1, 0x1, 0xfffffffd, 0x2]}, @noop, @timestamp={0x44, 0x24, 0x3e, 0x0, 0x5, [0x8d3c, 0x7b, 0x200, 0x2, 0x8, 0x9e, 0x81, 0x99dd]}, @generic={0x7, 0xb, "103248b682839d41ad"}, @lsrr={0x83, 0x23, 0x52, [@private=0xa010101, @multicast2, @broadcast, @remote, @remote, @broadcast, @dev={0xac, 0x14, 0x14, 0x17}, @rand_addr=0x64010102]}, @ssrr={0x89, 0xf, 0x58, [@loopback, @multicast1, @multicast1]}]}}}}}) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000005c0)={0x1b, 0x0, 0x0, 0xffffff00, 0x0, 0x1, 0xeb9, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000640)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='blkio.throttle.io_serviced\x00', 0x0, 0x0) r7 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000006c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0xf, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x1, 0x0, @void, @value, @void, @value}, 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x1e, &(0x7f00000003c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x283}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xa}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}, @exit]}, &(0x7f00000000c0)='GPL\x00', 0x1, 0x68, &(0x7f0000000180)=""/104, 0x41000, 0x68, '\x00', r3, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x1, 0x1}, 0x8, 0x10, &(0x7f0000000300)={0x1, 0x1, 0x859, 0x5}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000740)=[r4, 0x1, 0x1, r5, r6, r7], &(0x7f0000000780)=[{0x3, 0x2, 0xf, 0x2}, {0x4, 0x5, 0x1}, {0x5, 0x2, 0x10, 0xc}], 0x10, 0x3ff, @void, @value}, 0x94) r8 = socket$phonet(0x23, 0x2, 0x1) r9 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r9, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a50000000060a0b040000000000000000020000002400048020000180070001006374000014000280080001400000000c080002400000000b0900010073797a300000006d0900020073797a3200000000140000001100010000000000000000000000000a"], 0x78}}, 0x0) ioctl$SIOCPNGETOBJECT(r8, 0x89e0, &(0x7f0000000000)=0xffff) sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000380)=ANY=[@ANYBLOB="1c0000002c00010026bd7000fcdbdf250400000005000b000000d90f"], 0x1c}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)) 1.830776003s ago: executing program 0 (id=3098): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff) gettid() sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x1c, r1, 0x1, 0x70bd28, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000040}, 0x4000000) 1.72578176s ago: executing program 3 (id=3099): bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xd, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x14, 0x61, 0x14, 0x88}, [@ldst={0x6}]}, &(0x7f0000000080)='GPL\x00', 0xa, 0x3e0, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x76, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) 1.528012582s ago: executing program 3 (id=3100): r0 = socket(0x2, 0x3, 0xff) mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1, 0x12, r0, 0xf570d000) bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10) sendmmsg$unix(r0, &(0x7f0000000900)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000180)="643c87cf08d21d994efea03321af0c6c7715a604", 0x14}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="1c00000000000000010000000c"], 0xf8}}], 0x2, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$CAN_RAW_JOIN_FILTERS(r0, 0x65, 0x6, &(0x7f0000000100), &(0x7f0000000140)=0x4) close(r0) 1.527097642s ago: executing program 2 (id=3101): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000002, 0x100010, r0, 0xc8ae000) r1 = socket$phonet(0x23, 0x2, 0x1) ioctl$SIOCPNGETOBJECT(r1, 0x89e0, &(0x7f0000000000)=0xffff) sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000380)=ANY=[@ANYBLOB="1c0000002c00010026bd7000fcdbdf250400000005000b000000d90f"], 0x1c}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000) (fail_nth: 8) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)) 1.526643959s ago: executing program 0 (id=3102): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r0) sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000040)={0xf4, r1, 0xe701ac47a3d23ecd, 0x0, 0x25dfdbfb, {}, [@NLBL_MGMT_A_DOMAIN={0xce, 0x1, 'C\xec\xf8\xa0w\x15|\xd8\xbcs\xe1\xb93\x14\xcd\xcb\xb6\xb9\xbb\x84\xe5\xbc\xdb\x7f\x9a\xf2\xea\xcc\x91:v@\xe83-\x1d\xaagQl\x7f\tKt\fc\x1f\x17]\xd5\xd0\xf0\xa8\xeb\xd2g\x92\x04\x02\x00\x00od\xe6,\xd3@I\x17\xf3\xbees0\xad\xc6\xbf/*\xb6(o\x91t\x12\x93U6\xf4@n\xdc\xdc\x8a7y\x81FY\xbe\xbbc\xd2\xc3\x01\xa5\xe2V\x8c\xb3im~\xd2V\xdaG\xbdbF\xc8n\x86\xac\x9c\xfb\xda\xe2&\"\xb4:\x13\xe9\tc\x85\xb4\xcb\x17\xbfm\x846\xe7\x7fp\x9eCdb\xad;\xa2\x8fs\xbf6\xe8\xe3Xg3&\xe2 \xd6\n\x9d=~<\x93/\xaf\x89\x06+\x96]\xb5+\xee\xff8^D*\xdb\xb8\xd8t\x80\xd4\x8fK=E0\xe8R\x83'}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x3}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}]}, 0xf4}, 0x1, 0x1000000, 0x0, 0x4004041}, 0x4) 1.445647067s ago: executing program 4 (id=3103): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x3, 0xe, &(0x7f0000000f40)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c03406910927c6b0b55b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfe79578e51bc53099e90f4580d760551b5b342f7cbdb9cd38bdb2209c676b2ac2deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f132020000002cbe7bc04b82d2789cb1b2b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c41146dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a42b359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780c70014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e506d1387b63112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece08ac772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2ef0ae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a3f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099bdae7ed04935c2c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adeb988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ffa3c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe4a3ced846891180604b6dd2499d16d7d9158ffffff069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb0814040000007874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dbae3428d2129ecfce1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296c6a298c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f050000000000000026049fe86e09623524f390bf79b441b75fc790c58e273cd905deb28c13c1ed1c0d9cae846b03008cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc48f97496079654f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b4749c28eb5167e9936ed327fb237a56224e49d9ea956d1798571b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecf743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be182724d95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd0403a099f32468f1561f058960d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b656dc0e32384f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bbe3e8ef76f57a2d0e69115d33394e86e4b83c0f3c2a34635f3eee4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cd082027c641ec4355eb4acff90756d1a1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8cc3fe28bc3586844f5fecb92aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a5906002fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128ab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0afd9ae134400f70b5e6aefb7eee403502732df858a2ea033b6c91c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80ffb8f386bb79f5589829b6b0679b5d65a00000000000000e6ff00000000000000000000faff0000bab50bc8508a9644d3e7c328b0ff22035c8073f8c1f0e3da7339fc81d4ab3ef2857ef70a81d8a1628da28c942571880e22df7cabae56d5ff5e483c9c1f5a258b8f1f34cc300312f76a374a6e9b3f9dbd7f538a80b00f97e47895b3201c5126feca0888956a7d768198d9c2109ac508a47ebb99c539ef45af7d87b308117a9e321a3861bc42cf41942c31268a4020221d7b1622585094eddd83c7f4acdd7f5c23d8b730bf03118261edada8b8487a3b1b7548a4687a91f12bf70bb1df3bfe7d4b92ad6fcbf401efd6eb004cf20016ad8d1dad136dd856ffca238b39482811f9c8524bf182f1956a3d044423927df28880bbd11c06407220df8e1d1d483d947d990dc175803d765ca14a915a0040b641959ad3e776b4bb4852fea12983dc18b7404914a6137dc4a78f1e0d331c60a9019c21698cd18753491df962f496f2395563e9c3d7b1228d0e488cf7e50a29541aa757f2e2ee9ff4433d65db0de5a123d569e39dce481156cbec584c9a32a8e3b032fa003192c891d83119bc950abac9147b9fcb0acd9a207b5ceb7e8ed1d91c000000000000000000000000000000141258373281153fa27e586ea82650f070d8851ac9e7ac07b37a6479d4017b5b5af3ff4c91235df4f657d77e386a329aec4d766369c86b62b01ceb028c6fcf206883633cb143016b9f5351a45a8cb4ea110ba700000000000000883416b6eff6a793c71deb7d780c4f51d86ece127c0714144916f397d398ad2fe72b710b932c15c2369cb5d2d2f6ae420672c4a626195a891ac51825077fbc286aa3866bbf18a4a8b836ea8c90af0d5f0aff55b50bc18c27875ed2628b91224b7fa9fd10ccd7c1b1a92bac529df981a6d30100e68555553625c0e91a51000000000000000000fe030f85b294f3ea1fce314a9dcefbe3b64e83c35c5e95734786ca78315793cc0e6e776d2ec07c55cd89541ec25e074e840287011cab538d79e1569df321282071d49a4dc5fb2d7da1d05249d0e153fd04aca2", @ANYRES8], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x16, 0x0, 0xffffffffffffffff, 0xffffffffffffffc9, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x22, 0x0, &(0x7f0000000100)="06ff03076844268cb89e14f008004ee0ffff00febabec41177fb86dd1302e000030c", 0x0, 0xfe, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.42397184s ago: executing program 1 (id=3104): socket(0x23, 0x6, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000000c0)=@ipv6_newaddrlabel={0x44, 0x18, 0x1, 0x0, 0x1, {0xa, 0x37}, [@IFAL_ADDRESS={0x14, 0x5, @remote}, @IFAL_ADDRESS={0x14, 0x1, @remote}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 866.50645ms ago: executing program 4 (id=3105): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$gtp(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$GTP_CMD_NEWPDP(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)={0x28, r1, 0x1, 0x0, 0x0, {}, [@GTPA_FAMILY={0x5, 0xd, 0x23}, @GTPA_TID={0xc}]}, 0x28}}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_FIB_RESULT={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_FIB_DREG={0x8}, @NFTA_FIB_FLAGS={0x8, 0x3, 0x1, 0x0, 0x20}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000080000000b"], 0x50) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000020001801000020646c2100000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10) r5 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$sock_linger(r5, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8) connect$inet6(r5, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x5}, 0x1c) sendmmsg$inet6(r5, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000) setsockopt$inet6_IPV6_RTHDR(r5, 0x29, 0x39, 0x0, 0x0) 855.478208ms ago: executing program 3 (id=3106): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000280)={@cgroup=r1, 0x1e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x4e20, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}, &(0x7f0000000180)=0x10) socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$inet_sctp6_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f0000000340)=0x6, 0x4) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000180)={'wlan0\x00', 0x0}) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_DEAUTHENTICATE(r2, &(0x7f00000008c0)={0x0, 0xffffff7b, &(0x7f0000000880)={&(0x7f00000002c0)={0x30, r4, 0x1, 0x70bd2a, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0xefc}, @NL80211_ATTR_MAC={0xa}]}, 0x30}, 0x1, 0x0, 0x0, 0xc094}, 0x40080) 729.591164ms ago: executing program 0 (id=3107): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000740)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='\a'], 0x10) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r2, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r0}, 0x20) sendmmsg$inet6(r0, &(0x7f0000000b00)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000001c0)="b0", 0x1}], 0x11}}], 0x2, 0x1) syz_genetlink_get_family_id$ethtool(&(0x7f0000000480), r0) 709.589484ms ago: executing program 4 (id=3108): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'macvtap0\x00', 0x0}) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000000)={@remote, r1}, 0x14) close(r0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=@newqdisc={0x24, 0x24, 0x3fe3aa0262d8c58b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0) ioctl$FS_IOC_GETFSLABEL(r2, 0x400452c9, &(0x7f0000000100)) socket$nl_netfilter(0x10, 0x3, 0xc) r3 = socket$inet(0x2, 0x2, 0x1) connect$inet(r3, &(0x7f0000000180)={0x2, 0x0, @remote}, 0x10) sendmmsg$inet(r3, &(0x7f0000000540)=[{{0x0, 0x2, &(0x7f0000000000)=[{&(0x7f00000000c0)="08001497733f5d3e", 0x6c6d}], 0x5}}, {{0x0, 0xe803, &(0x7f0000000440), 0x56}}], 0x2, 0x2004000) setsockopt(r3, 0x5, 0x0, &(0x7f0000000240)="a6548cf79f696b9968bcfbbb016334863470ed6bb8a243a4ea3b333f60b575cd90619f021689522eb941c78247b9e7be5e4c4ec07cda77842301c71dc5c5c924e030a578194a89ea935471ec1e8c02", 0x4f) openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20000, 0x0) 608.212645ms ago: executing program 4 (id=3109): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="14000000100001000000000000000000"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_CT_SREG={0x8, 0x4, 0x1, 0x0, 0x4}, @NFTA_CT_DIRECTION={0x5}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}}, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000640)={0xffffffffffffffff, 0xe0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0xa, &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x90, &(0x7f0000000440)=[{}, {}], 0x10, 0x0, 0x0, &(0x7f00000004c0), 0x8, 0x53, 0x8, 0x8, &(0x7f0000000500)}}, 0x10) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x20, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x48}}, 0x10) connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x19) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f00000009c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x100000d1}, 0x4000000) ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x82, 0xca, 0x15c2, 0x5886, 0x801, 0x0, 0x8, 'syz1\x00'}) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r2 = accept4(r1, 0x0, 0x0, 0x800) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000140), 0x0}, 0x20) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f00000005c0), r3) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 566.628264ms ago: executing program 2 (id=3110): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22, 0x1000, @rand_addr, 0x5}, 0x1c) setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000000180)=0x2, 0x4) r1 = socket$inet6(0xa, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x4) r3 = socket$packet(0x11, 0x4000000000002, 0x300) setsockopt$packet_tx_ring(r3, 0x107, 0xd, &(0x7f0000000100)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) write(r2, &(0x7f0000000040)="2700000014000707030e0000120f0a0011000100f5fe009d2fb112ff000000008a151f75080039", 0x27) write(r1, &(0x7f00000001c0)="7dbf2426b6983cb10c19ddeb3bbb8e640bd835e9983b399cdb372d5c3a246ca5337edd8e673099cf5108ab19d32bb310f92d180361bccf534bad2a3fdfc6c9a94702b3f0ddd14464e8b07911d6f7acf597ea8396d684c56873e2bff07087fd5d716a48d3ce1805b6d3d36bd7fa30ece2bc48013c", 0x74) setsockopt$sock_int(r1, 0x1, 0x2, &(0x7f0000000240)=0x9, 0x4) r4 = socket(0x10, 0x803, 0x0) ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1}}) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_cmd={0x2c, 0x6, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}) ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8914, &(0x7f0000000040)={'veth0_to_team\x00', 0x3fa1dc947ffe4b82}) setsockopt$sock_int(r0, 0x1, 0x2, &(0x7f00000002c0)=0xffff, 0x4) r5 = socket$inet6_icmp(0xa, 0x2, 0x3a) setsockopt$inet6_int(r5, 0x29, 0x43, &(0x7f0000000080)=0x20a, 0x4) bind$inet6(r1, &(0x7f0000000040)={0xa, 0xe22}, 0x1c) syz_emit_ethernet(0xd2, &(0x7f0000000d00)=ANY=[@ANYBLOB="0182c2000000ffffffffffff86dd60000000009c1100fe8000000000000000000000000000bbff02000000000000000000000000000100000e22009c90"], 0x0) 566.119873ms ago: executing program 0 (id=3111): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x4, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000063010000010000009500000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) 481.554242ms ago: executing program 1 (id=3112): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000002, 0x100010, r0, 0xc8ae000) r1 = socket$phonet(0x23, 0x2, 0x1) ioctl$SIOCPNGETOBJECT(r1, 0x89e0, &(0x7f0000000000)=0xffff) sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0xe4, &(0x7f0000001ac0)={&(0x7f0000000380)=ANY=[@ANYBLOB="1c0000002c00010026bd7000fcdbdf250400000005000b000000d90f"], 0x1c}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)) 474.11668ms ago: executing program 4 (id=3113): r0 = socket(0x10, 0x3, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r1) sendmsg$IEEE802154_SET_MACPARAMS(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x20, r2, 0x1, 0x70bd26, 0x25dfdbfd, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x4040881}, 0x44) (async) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f0000000300)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x74, r3, 0x4, 0x70bd29, 0x25dfdbff, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "66eed2d4a842822070e31cd835"}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "058b8e91b383fd38a2bb71958f"}, @NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "e5e3eb8fe422c70e73ef17c030"}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x10, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}]}, @NL80211_ATTR_KEY_DEFAULT_MGMT={0x4}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac05}]}, 0x74}, 0x1, 0x0, 0x0, 0x4004808}, 0x1) (async) r5 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r5, 0xc004743e, &(0x7f0000000040)=0x1) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xe0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x8, 0x0, 0x0}}, 0x10) r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000200)={r6}, 0x20) (async, rerun: 64) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="380000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001800128008000100707070000c00028008000100", @ANYRES32=r5, @ANYBLOB="33460e0f846531b07a3671101ced225f5f89e8e0725f06354c66ab8b2c2438a8b51c209eccb41986a10b4e1a57e086a31537ed3614b60a528c42f4c2c43fffbc9e3954952db03c4c92b488c20feebee733b7e5e5d3f6ec45c0e8fd97004152947961aec84c5ce71b0f000000000000000000000000000000004f2383feb205e11f0c39faf797c61dea80c8a93193231490532a4bf8c33a12d80c73ab2b6bc51f0b3d04103a43b7d6adb89e3fef7c1f1f95633f531736478dc5a1d4c090e5865d5024c0b8aa2313e180851d5bd2db659c270b9e8828265174fc03de2a4d677cf61d9b2a48a9eae67cb410d0241bcb7bdf87e08013191cbda6472c99594f8d2105a181cb649af8967a3313cc50e135784d08fb47ce9238bf96896aecaa0a1cd2896a"], 0x38}}, 0x0) (async, rerun: 64) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_SET(r7, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000740)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000000000000001400000018000180140002006e657464657673696d3000000000000005001900010000000800160000000100080017"], 0x44}}, 0x0) (async, rerun: 32) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb0100180000000000000038000000380000000300000001000000000000010000ffff0f000000000000000000000105000000100000000000000000000003000000000100000002"], 0x0, 0x53, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) (rerun: 32) r9 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r9, &(0x7f00005f5000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000880)={0x2, 0x400000000000003, 0x0, 0x0, 0x16, 0x0, 0x0, 0x0, [@sadb_lifetime={0x4, 0x3}, @sadb_address={0x5, 0x6, 0x6c, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private1}}, @sadb_lifetime={0x4, 0x4, 0x0, 0x7}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2}, @sadb_address={0x5, 0x5, 0x0, 0x80, 0x0, @in6={0xa, 0x0, 0x0, @mcast1}}]}, 0xb0}}, 0x0) r10 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000604000000002e"], 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) (async) r11 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) ioctl$PPPIOCGDEBUG(r5, 0x80047441, &(0x7f0000000640)) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x6, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r10, 0x0, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x48) (async) ioctl$sock_SIOCBRDELBR(r0, 0x89a1, &(0x7f0000000340)='veth1_vlan\x00') (async) r12 = socket$nl_generic(0x10, 0x3, 0x10) (async) accept(r11, &(0x7f0000000400)=@ax25={{0x3, @null}, [@bcast, @default, @null, @remote, @default, @netrom, @rose, @default]}, &(0x7f0000000480)=0x80) (async, rerun: 32) r13 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000240)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf2000000000000007000000180000003d030100000000009500f000000000007126000000000000bf67000000000000360602000fff07006706000020000000170200000ee60000bf250000000000002d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffad03000000000000720400000000000014000000000000009500000000000000db13d5d8b741f2cdaabc8383c8f56b8c2b84a800ea6553f304000000815dcf00c3eebc52267b042d19"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x74a849580afd22a, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffdc9, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) (rerun: 32) bind$l2tp6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0xed32992, @local, 0xfffffffb, 0x1}, 0x20) (async, rerun: 64) sendmsg$nl_generic(r12, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002700)={0x22e4, 0x3f, 0x9, 0x0, 0x801, {0x1}, [@typed={0x4}, @nested={0x4, 0x14}, @nested={0x22c5, 0xd3, 0x0, 0x1, [@typed={0x6f, 0x81, 0x0, 0x0, @binary="e9fbeb74e55ed54c6a010079f93b68ad38ccf73ed780b5178b9de20dcd8416e55ec642fd0b3e88de5ff93ba4066e57151007b33e6f5459942a0e8b6b8241a78e9d527c583435e2b4e173de539e85c67744fd73e0477b572643ccc8df99873d9d1957bb9ca3e58d4d5ed9ce"}, @generic="32d4cb387a4390a3d021", @generic="e40931cb7421b1d27ffe7d35fd35fa5fcefe035b30dad073b531a018ad816bced9e3fec42040aa1df8534b4009bcd4f00795f289dca957d4b4426701c3184745e8be8e018b2ff4e1b5cf8a6c4f1e6fe3a7e20c99d43b7a1d2e15809e0242bac35a427d19d4923e68fdd8f7171193335a0e619247e6357e92b73aacc0e2da56e0ec29a0765eeea1c63aec34ae18f9081616d7d4d7422ae7dcecc3b1", @nested={0x10b0, 0xdf, 0x0, 0x1, [@generic="7b17646d4fc0ee1aa9963a6b8e9350dc86b4bdcd600fc783a9e82d1eb22e8b22cb8ad1ee35eddec3b4a2749ce95d87c2015052623441cc63f9c4e314f869842e27e1a1d4f055ebfe45bc4669c8cc06f95d29005ac3f5f63becb4c5738a8cc5f05f33363287fd08b5de7408b5b0804260493354840868b7e954b2d3b693e8ed549fe1960f257f292223e73a5ec2b68c04fb4adfd4f649ae73a1597f6a288d08069b85a115e2418661ff20aacc", @generic="07cdb63bbb762523b397a7e69fff05e911881cd6e345cf778876619dc8a7b2e54b71d2dfe3a1fda5a5204c0b3c9583714dfd6cb40ce00136a8c057006776f25b320c629b721874c458c3eac48043bbdf902c34b0792ab441ef106fd679dd3f9ba11fb877ca3aa2f769652cb4b58de203f70e1fa7f633849dae9b51dbe5d3b35f4aa31d02dab2ea87286c1beecded41baf21264dc635af53c91e7e36febc10c6ec1acf134747522d222922dcfab72377aee78da1ef52af7074cb56d2c3f74dc62699835bf5f84b421eecb83ed337b99781ac45191e92ea119e408ce779eca87c82c4df9dbaaecb9e6ec071a270a5fc4dbf2f6e636aa472a17eef567eaf7ec241b3877c1a3eb6860083d9f988e65bbc73b709634a40e8f1e67a5d4088b0377357540e2120bfea94b5a061929e59b014a6e56e1008a4cd2b5a91571062ff7cb79a5385b705ccbcd113894040796dc587b7429a375f407323c882c399cf0b53f172f63d3c3d1471bb84b1d8a0553214d666a0f5854e9107b615b8459e4f2cdd34e7c7c5673fa25c95022c6c52e9a20a1cc69a22c59032b78be0e9ed8172dfdb0614ac67af8fb33280c60268dd258544a9758d9c2ac6a2eb0ddd00bee8a6ca72c274e058b5be8eb7941dc6513f86b387dfdbac163d3d9c5cedbc932f57fc15d88d52da2284fbc132ad530b7378427acd3ad3ba9a02b4d7930b3312bea7afb6e85b6eb1fbfbfc5d03184c73146b0048edd79717911457c4266577f126f7463c7dffe58df40b7cb1ff04c7825dea47175786c85cc8fbf8bfb0ca2cc8c52247da4b61c0bdd34fc0067cc8010205c3ef1dfcd79ff2376414d83dda52934925a4c9b39558241dfdf306b2d55f020d4203bf0ba2929b77faaa716169340c17f28cdfbd433b2dbe237388a0d21067cd065218750449b79e90a80db26fff8e21ec5961112fcfe7605c8cc1c9f3c17d1899d9771b990f276fa2b7226e869fb7195634c3693e63877923a77a5d0a8463537a23ffa892f1e5d2533511b7017ef78b7eedd3eecdd475edf65ae8cb05504364ee44caf9f42c7400705b217096767179ba670e9b8426ee89ad4a0c29b02d5c459ba266da500a463f9ddb4f0c739d17d9e72ef796a3fe309afd0a500f788464b955da8df6057181c30d1a0fac00a3180f356433cfd4098d2c66a6a78b4f38fd4a67a2fdd69920f02c36aa74792e46f05884635de04e8b276e51a2db6e4e5e2c9cd20bf086375c5187584edbf8a94fbc4296023b3252f6a0cca8aa9516271995aeb64c4cf46428a93dc6d830a3fb6367782005ced01f67df6ea45d64ded5f94fdeab5a1ef8c8626a1ebf9d0ff592869506d7a52d788e8f3c639cc728dde34878676e9849a9dfef691cc7b4af2062c2ca01a2a6f124806ac74d01f581b6b92deb5a6520f7e0a557f73b8e291264bbef4dd4d7ce1fd10e90941380339db23698df4eaf3fbba81111c30940503509f6b0dc34ec5615294f40530bee2c92d31a49fe47609ab6d76250146dc889673dcc1ba3bca57ba30b48efa416bede5cbcff1c169051b0217e939e938fe13e49a2be61e7a4fa1e9b49454b1cec1893bd8cc5915b5b68cd512587562c3bb625d930d63f8513e30e89e06bb5405d041a3de0c02bada699ad59c1fabfcfacb5585b6f32efeec7e69097aec521fbe90ddd4508a50d692b574e02a66001af43838c9b4f3179327573650db450ec805811b64fd5449493e70a96a0c00b1a07270e1e389211ef606ae44e558ce4fdad8c9040657130ca8fd053bb1c057e380957f51fb7f1b6475fc7a3d63217b08cb843b84fe306262907d7ae5ed9a8e0360046caa2921451fdb235837298fa0ba89ae6a0baad3f8e5a145658dbfeb82b3512b6410fd3945211c57d35348974abe83e0ac8b1546c8e1f70820170659727cce01461e05ee3237095c107505bb595721840d9ed6809d00aa7734750f8eb538b8abac757a03129dd7b327a50640523b7f11936163541c54ae8eaee61048f51fd785d7713c64e83d83ad30acd7d2dcb77ec26436ce3aa98302a566ad46720dfc54e32937246734f9555ed9eb53e4131976000e65eead9ad5e06048163fb3500a273e896edaee92500d729e945c903c6bbe6afd193245fabb78e16b73132b9b58e3b6454d0e450e4a842bfd6228b3b6d4da6bdb569fe8deaf615fb21c2df0a8a1aab77d0b835758ccb2fef7cdbc758381c99ad0df380755cca5520cdcd2c68e974b5529b5feb1ff2585bc6fd59f08f22e28224abc2b68cc23d6c3a9e2d252edc9313bc33db16005bcbf4485011417437bbe07057ff92958bf2cf4500b2f86cc7588b58910ef75ecabc4f83d95c8a483ba69778d75a3aba7b2824dbdd3127d6653825c992ad44015d69078e66916c4d6ef604272bc3d0c55aaa788c933c3c00bc6ef7dd549d0f920c8fd51475062dbc7bfcb166c6410f1c14aae0bebaefeab5975dc32626bf9fc1192271f9130b5456fa410f77f2d4de7f14c2a770d73307b3c386589c083cf2573f9a7f74b75edff7dbb1773931a9e9996e5dd3a9fdd8c8fb4d1c812a3a50a92ff72d7b99602f772fe70a72bd2e209d8a1a10a23a762d9bd2723f43a7bb3685a264bd25496f135a016686f1559300c12bea8228bf72196f7eb72c4a774463c46cc412051010d044e5bb94d6dc0c26e14c2953a3a29729ca21aa37f2bb22ea03e4833e3842b799bd0405624f2c134e3e75b8ef12a86fd814a57d5e5cd878bafe8cdc40955a1056a5c3bea342fe7af709d210cdfb08fecc28941a5f1a76078ab6f435e06b7fdceee1d172c4afd1cacc96efacb4031c756de1714806b778ce768228f98fed6b1f2ee50e7d8867094c5c01550c021d605a179aa654629e769bb91362575fa5a24e4460c33bbfacac08ebe79a8769e0ea591e8fbfbd29e40aab881d293eb44b625f2c29fa82ad1d7789252a468e0d31fd0d5b6477d26ae319aadd19b28af14a8b704f21628e58ef254adf863159f2d3ec7a91dd1f9f91fb56268761b5c42d320ed1fd54dccc5dea0fd132e1bf62ea0d26d2efdacf00670cb79441ac7e075933107e6e82024e43d500aeb36f60aee86ef61fe4029678bab4ea8bfe6e30ce14a61ff260573787ff7308ab3f47b0ca488b337745857266d26f76c980f755ae15164b1a4040505ffacf6265aa1032f6f5257c22d54bb93a0e2d40d0b22b51abfc47dc78ffa62d27df7f9ec2f920fd511e5bba9c36f54a46a34209a6805d5ece039073f1c664f9ac6899ca4a6c7e7e0ccfdc38de7a451d32338d0139188df41a6c7e55e086dafbac6e90ba5bbaa421d42f72f65239e1b15855d3443718e64378f006450851b26ec8d1d2e5ee794c2e75226211ce77f2f4e8e6f4f7623d36c5cbd9778b3b5a99b8d106db3cf00010c00397c72fe7aaf891e94d8814508a52e8dcee737d565a1fc1d983142ad821cbb68ea983a94e1a31044191fb80373455d42dd421ce1979e5792d7a1057eb4d1a48c2f6d4182951df1e63d276c76c6fac1bd2cf589c03bc2b41073dbe6badaacd20b941b7bd74e471fa9852a5e25c798e93712f47ed05efe9411b793a309f1f37e430be94a7b49da5137b84b7f849b1860d4de6686c11420aa3fd9991bcf0b0627e2cb90c8f402a5a7f48c6de91550150b45e783fb917c05bc7e1d20557cdcff83aa81d88f3c3d208130253e75f20dde39db1b18a822547485f49bf5f1f90387df2459660506c930806c167587eaf01eb937e1ad4a0562f4b2ea495830de349c7ce2facb3c0a9bb0a56d2c50186c51d394f744f0a265c01a57b4ef6c501397ac0e0f61edb70c8cad1e22cbc9ccf07f1e456b7d92503e86f7ccf6d20c7366fcd65afc6f1c0ac6ff699750b18c036df4cf2ee65f505b6158e2e9b7c4dd257fa5e2f0ef5dfe63b7bee8b3ba813f542ad4a18c479ec62361bf6e6b03e6d535495cbea3d8bd02557c11876620bc063b63efd500608d6ce97080bc53d12fe9d532781725045c919efa1a6c461765d105b4df8161093430426df808aba7a1839444b653457b983e4629e637985c60f12d619e921a426ffe9f1e36a0f2fe271f2aa4851db34ac0d7c26c91a918ef28bc905affd973bf5d60a6226c19ca46f5b31a2db2d7fe8535a43b32a9b3c7d522196bc16613de22aae02a45774b6b6b5738f6d31694f0d7ef7456c603dc2fdc1123afc2a2fce49e0fc53e3c27b299ac40fa28b484410598919eae37beb5465a652182963968321793e7cfc06f9af6a7be655c046f00cf6863d14ed511e1017e8f46222d25d470bed795d4c959bb054becc3edd747900a76e0d95a0505d0b285229fd9a88fb900811bdae4ed1b68193dc1c284ef35936130cdcfef7f8e72a290f89b609c2d3ad451fae552dabdcf7dbaf24b8be060b28cf624b00790b417b230d2ffa95cdc9f8b586f160fa4287b4850ef04fb1e541dd6252cb97ae8f888d8ab49a7a3c6bde6f191b14798d78d3be8f188448c9c6127bc3f502655a9c7140e57b4dfc86a43bd1de5093136b7376631e5f6789648c1eabe5ffa391c6865f87c91a9cc2a04b14f6f0bf09796aa3a88d0cbd2031db34981203d0415cb086ca81fb021c7e518d23e79e645dca3102c719f8fb395ffb733b54b2de3d0f16b71140822f8d6d1aed804f8145906360ff06896f1eae059bada33e3d1ac8fa1607677ded115b8b46cf58dfb87093018e1fdd1c685919606d67ee9b56f9d25a0e356b2b9cbcac52f78bf637ac080283148627829676e1e1b067e1e2932505d9d11c27189fefa47766082edfa2bbd4812c7ff201b99060749051a8078495ac493202b8f9c05562a67eaf3547d6492152afaa54b5a07951fda1cdde2ea4d234f42b343d4534dc38ef86b1dc230f07093934db273bbafda48237ebe8839b5244f5b1defd0c291d723d935dbdb2d2d5e9a57520858f7a3b0d471b021659a30e3b30427545378f988635d1d8cbd417e9eab37382137ef14633cf597f0d0c4af8b810e4dc4f347c2a91f5766ca12d8f50d0e1668b7dc805f5aefaae742c8dbe788afcc3aec2045a7159aa2fcb7bed1f396ebccc9120f241ecc3e6d38adfb258d25b868d697432c2ca7142d3f3fb10149576de5107e4c5a773027ca9f798fccde92cffe422963f6b9ad904b40daeedc01c72427f6ccc7bd76c2e71fbdf08c64da04174e1797b2a53e38dfb0d8be1b0193233fb2ae8945cc5ec7db1a9d7e54844a338294b96d48dc53a3f5bb0756b134e5337629ff82c08e45994e6f591eaab855a17824486564a38daf84a5001e49e0a8cc33f384983821b296d2422d52b10059e7d88350dbe004404b549b2e9613f74b777c8a91633c45013e14ffbe4549fd92a4f354ff4c308fa3f42ba638550db6cde1c13846b3f5d93d3b3f6818518971d32e29767b61336e2a2b85f35b37b2d4cb7f1f5a06c3bcec18ab334dec7ed7fcd60862f3387131c045e6b1563f7727e16b69c8c8944837d3e0c1a7cb61f58adee51a48d95624866f534d01d5a2a371a325e4c9dfefabbf54e19a074b2674bebf899068849d6eaa99d22e7653154beb146d0b1df94be95d3737d43fb62fc2748a9fb8c423086142109723f754d901f814057365caf73197af4a71bffc3a2580e48443d188ec710cbe888d0faef14718d6759eb33f236881fdaa95f989bf8096933b6d60541f13353d78ddfdbc3582cf15936f12d3299c35e899602570781181611b9bb92fcd65b689089037801d81753a6d253841067208e06aec18aa64c08ec3da1d3ddf28177687b060147443f37eb6cf6d857c7ed458d71efe9d"]}, @nested={0x10fa, 0x106, 0x0, 0x1, [@typed={0x1004, 0x13c, 0x0, 0x0, @binary="56bfb3cf09621f1bed7f4e61e6225e8be881e3be5c5fc17e1fece5504eff9b5da4eb38503f928d5560db6621f7df32858569ba44c5508208037ac7f77b399102bf8adb2f017ea3fbd6abd835eaad5be6f2ea75e0291db5e2b9618da45975a64c3d33bb05be3791afab6ec6a8da063e75e80125154663eff19f367282a5c7ef54c6e2418508b29b45de4c104b9bc2e00bc50e7ff47d4b7cd1fbb1742c755c7972a649bdd0b118beeb4c29b5bc0d39cab2cc1f3b98dbff3a3d27e293e29f0e8f63a49351627b022ec729af3d77c63e731e8bac9e335c439b16b18210e1aecc892d0c6d0e02df2601d10d4a14baf3f18815bb3d808ae1298b71a614a10eaf67b6c431b449cc48ad927695341600c82fd6024e172150038adc1a1629df7f1bcd82720237a9100d3e6da15b85e13e22f58ed97014dea132a82ca131d0cefa951d39310d581292795477913e54fda4c355904ae33d510460a41fb32f3f573067db98682d5cc26777426632914335973497bc217e71ac24842e22878756948c9273d4b890682cc2aca19a68b25e6c256ba8400a9e043c4642be1495a4f94182f75e9be207491de3b9cd4438dac727cfbadc233c0dd5205c0dda118bcc027d1cb66f32ad91c79b718065b5607a4031489a2ce162452e78285b517f2d78d7aa66628e6febe5dd86290fcf46e1cf9dac8a0d7c61ae45405b3298aef2124a792b60af463e47a5b9b8ec5489c56dd71c83f0e05684fadf93938e4772d54fe1a420402a1b349855a8edb0642986d00b4e371a8a434ae99b173790f07a6340fd2b560df7f53a604c2f9bd3328237fe1294b15420e5c4dea361316ba5681f0726f2dd50d92fc1e70a960d5a6780bf0c337ea13e52c56780ea101a1ec639c1851e76938396d0f4600db7c1ebb611848263ed778b6cc4f95a224aacf2122faa9ee37955e85efdaaff9579343ec5e6b9ea417d2f2b2f52458ecc7c2a47016faffe99676c814461296170c9dbdf939f8abcfa92ab5722f4e51aafb7dce1d570565597edc2d7108a80a84587b381dbf7975d7a89224628439935f965d104758ca0429343c922e686ef07f803100c4b579a3e3bff35399a7af90a67e15193ec8ec7ed4f6afe22ff6fba298e31f60f917539ffff1e1be77f9d3abf45f3db4af3004037531b2fe6e713715756aa1a16b6f14b708b11e54afe7f0af69dcdba7dfcbef3de13b4a360bcd7aaf692ec2d791938deb43b3cf2a67fb0310fff2be710e4439ad63612febc0cd5376ab89320285d34db1d0a00b4b67925aa6474ec58f493e3b3b65232e80ca9a6f606b335dc264689c0e9f3e11d183eee488e3de67e94e3e499e92a99ad9607c7ba72ea8ee4a18a67a14042cefea1180083a8d21ced5f0db52711128e1f3ecbf6ad7583dc7989826fd909b403122e7f50951fac82cdf53ff08d3b57bc0b19a4c425a17f17488bd1b9c47b0abb1384ff09c3fcdd185f1de75ce26640b91beba9cc278ad20253d1f9a2ef412d81b3994fe0d2ff57065a516110a3b1d6a9857e75ef891f9dcb1deb1939e20fd400a53c6248c1b797b1ddb2c5a80495eab77195913cc7b0af55b90f07c22bcbfa96a483b741d18a8a257b75ebee87bf595c7d1cc1b44886b8ecdb4c3a6a14a5256e2d880056bed382ef2311a2c074d848610dabacb385f79410c08b76cae1c64b048608f26e849a68e4a0818e6690e7dbd031f748ffd652254a41e615a3f1cd68ccd7005b6f48a58205adabda4bedc0b6d65295720d61905f9407a47091388aff8a1a8c02c551d0bf30ce8bb82d0ebc820aec702b2a502a99e1c192dbf9dbceb987e73b6ce952f21daa5e4afa81b75ee2763c58e5296a33c5b8f7f3bd7218dcf9ec113de08ee7d742aee3284250f8862eef59c424d08917860b883649f86e1e3af9efaec10f2582846ed09277ba7c75539e228bc35250b9baa7be280a5fe640951ff00c0f8a472e9100e9a69dceaf7b35f9b8a3f3716a5fbc80350ceb25ee86de7444fcbafb738d7a9436ce4d7aa167c05454149c71ae147d9c06da03ee31ffea2dab0b2bb6aa23c44f8ebd496aa8f47aee6543df9d641686955eb9b96d1bcc23cd76b0a77a0fd57e0d5b2629af7927df6689e3d593da0039a32d0bdfb568f7c16b8ccbbb1c72d57db7889a8724488abce796c332f9cc05059b5614157916019ea0232b5f74b88d111876a47775e20667661def03265b3d81024be8b19cc1fa2ce118555969d13d4fb31705a8e4832b6b192adc348e036ab3bb3866971b59ac8a411dd814baef369a5401c726d634c6da46139472e7b0a599cdfaa24c3b35863167232295864e2dd21ac5a685ecc627f9b00b99d837141a30e4d2e3488d10dcfde9920784c571c26616d2961d8fd6c53063f2b9ec431b1059987f4f082f8a76686691b75c5e2945c65b4fcb8207831bb65cc23d48f36759787d5e95807535a38a1e721c84b127ef3c010b49a8412d7428a1ea3864f001c8c25a5a95903e559e960def893a93665cf05db4cfcc538eb059ce17397f401306e63d43ff6569ea938e43f08931b69334e9a61ce57ba561f1d2cf976b2b35c6ded852fe8b4768424ad23f66795f4cccde422ead26339f5d78d07f768a63bafa30d156588897e06e83b585a52da2865ec29a8147f193a6d8dbb676b1480264e489175be7ddc002a5ed4dc2817f7ec5dace4ff817f423049917fd6dc0094b00b914e6c90e82189dc9c0130aeeec27bf0e56c8140c143340133ecc56adb6d80dddf8cdee4d1b8e8bae11be2012b4c911c59f7f2a2af60985a5dd158af15509ad18e3ec85845a2b6948193ba668d1c79021f8596224fc6330f06b9c43c2658eef11e46f710ef76e97c80ce86c9ea433d87e7b5cf928a71032a615f3ea228bfbe8a8e4f9f637b8bdfd5379dd05da42ef2964d75574fb8c6a0e5d6581f487d02696cd1aca4860d653967285bf49803fe53a0b45ec3479283ac09022b15c223c0c394c05826f3a8cdc9b971ee35c4b31a6d59077e75af1dfaddf6b2b6b4c48d8266e8b645ef1965c6aaaa7767cd9a110bdbbf2f6a28dff5f52a3080c536ab284a6da025bd09be0c991e5fec6f916c319721c3d09c8fdcfb6669cc935d93de7237b2a2ac212017aa4308ced9d80e92ec270c743774ccfb673f2c2518857d2b4849c79b65f6d79cc76323f0cd64538ac87db58daeafeb12b0946f29141c946404109dcaa52dd2c456c89730cee542e4b462bffb177fa41072b87455cf970db268ae74ee9d714dc4931d69aa90e7c84a27ee9242d6e3f49c1b9bf41180ad6a04223365783dd55b4097b019fb1e884f4100b814e850a1cd6910917800a9a26a981e430e703cd9f46ca0a668f5f262fa0e65dcf73963d62373f06e06b4cf0edfb96cb72badc77b52a5a56489772fa6f5cd57a8ebaa2750b7ad61202cc9c7a451445cd46839acb49a01847c795eedb4bbae411d072b8448a7ec21468ef5dce4670a026d46c4c0f5f20866697d51f7eba7e6a89a9d9edc4445af20e4a0868a4143132312755515ad234ac777697b09e4bd952334a76480657856eef7acc5609440541f787956dc0b40c3443a710b2a44cb833670118337367e94079ad9cb2d84402e5235308f77f66485d96b735571b198290ef9cadee69013ed353b67c78be996edaac2c01081af3c3a3ed23085a53b13f7209b3584fdc3f79b06dabf20a4e2b465a9efa9232f57c2acd00a0df8cf307c54db5bdae625fc7c8edda3d0da55211512be146785790339aeffc0333e42af5c83d85f5d69132ebb0b7c465a6fdf4eef62cfc105cd56dbd6b5129a874515bc3c6532b0751c886ffc2c9520858b89f376ef7f14b1d783ab4c40a9eafff0e412b92a147fc65e334695100334503018bca035691f8343e4bb5dbb65db8f27fe57db542efed194cf3e7d293ff1a7fa40409fd5ef80d4cd119a1384f00d578934f1f081fb314c59e35be83c39bdf70458be234dbae922bda4574e18e70069a3932c273c556eb9680444e1dbc505908beafedce072c69520d5ce3ceb50592c252bdf746f5b50406eb07cc1fcdeadfb44a249af1807be55eaa2d0885e639e1b8e15f7d768c859eac0a2d3783565446fdd8fcce2e4f3503a786773b10f9c474e61b21d7b3d0140674e796daf554af3e1b3dbbca37eb74dd78b4e7e6f52cb964178e81e8ff01ad4a9667f1434f7568aab20f780445ab84120a1f68ccc9cc30e2677fe7401dccc664e15adb71f3caea0afcf0fb3cc15d1401d8dc985fc4a848cbb8fe70e7a07ee54c9baa49c68cedb929556dc5f9c383887387e59594ff195b95085befbeee0f2f6bc5915b97634cb8ef3247dabfc02ff31f60d5fe5544e95b71feef00094dbe858880f01f9f66f0d9796e3e4d64f4a5ecac3cf05379fb9432e809a709883f0151a3b15864e251be30d2e9cc97c2383d7d4b71c7a013006275fb915996ddcd59819318d2111649fe94d5949125626299df8e962b7175941a0d8a9d18f27e5e1debe2f21088b50e63b040eca5b48fb15ffc160f8edb5a7de277b7986eeffa3d409fcc2c54f3609663d7ac6f65b9c7439efc407d8be31c1050164836a5173d52fa6832756ae630b9a4093d88ba90396bff123fbb728e7560efcd1eef26e5c47a4752eb930bc84916880defc8aced66139d8f42210867b517b6952d7ab0308b4dee8ada3c0ee5585d5221b44da8935eb5df5a4de400451fa202fcb8fd74726c61072b5903953f4f55782f5f728aba0460dfb6bac6cca5fa56c3a9cbf853bc03a6e39306f830d8260dfaafb18c0db107e7380e9d74cbfa9d315293a86639ec9fe1ec5243eaa78623d79b41e5411c3bcbb97cecad6e5e46f3a5ba042e0fc6539927b984760fda7a8e31e57316484c06c0868b873eef4ff3566a14f57393a99cfa8567640301175bfa2868c22c01bd08e07ab826fd765a5d7847d044908dcee23053c93ca94babc26672659613213374458d87fe0fb9eca6f62a7d19f059a991440a80068626524c83c9102ee85caaf11dafee24ca9f7af1bd75d0ec247d4995ec68c1e825a9124bb72a8060483df2b57536d10095f9a4daaf258d35893335e8b12a7c433ba8bf7138ea8d0cf8a8f9b033c9760904359cf403f79e43e75de3715b82462b51640f9232e80fedfe39be4d7f862e571beb8ec4d83f688fb80d7ccba01616a4d42ed0635de9e942c6f040f8acced50bb218e8fccb0d320c40d5422688893e046c9d8dfdade37e34726d5d2b483e1465c1676253752364cd7cbe51d546c2d72e3997543145149be7de402a6cd43802b2d6cba12a5b5c9d635385989ad63afc4c3ecf8871a776dba6d821b23145c93357d3d5bc20578080ef342b13b2d263796af01f41a1b559dbbe06950d3943a40796161501adca6641c7c6574ba42f5d4eba511f93db88204d7c5b8a3711d88b650165b18c2e5c0740c997ee542f08709e037500e0d494532fcabd43c46e54b03dbbffae3635d228b7abfb1f8ebd2b7a1c629c0ffde60b8b058d0c934a4a84f811884c59ccc5aae87e3d67ae69499a6d11089329d1e7212a611ddc61a0da817f706388d474f00560e5a2403a62ac5ab4fa2e0f47573852433c927fca8f46876740f8cb38438854718d492dc62a61d12cd21a5ef13f88616fd21659896f59bc7fd174a30491f16297a8434d172cca4dc08b459c7d52c502f79e83a570c163535226a9bb9c167c16627a0ab59f754c59fe4ea967ad4f4b523cf396388132d4385deab75a4013980cc94f4e51b03208beaa080b982d70fbd532286dc884602c1fe8844c31ab7d0b"}, @typed={0x8, 0xfd, 0x0, 0x0, @u32=0x1c}, @typed={0x8, 0x70, 0x0, 0x0, @u32=0x6}, @generic="51fabaffe256a007a611ab6d1a9fe7021701bb5bdb782a0b552837b345e037325fa583ef2b49c67b5a64df7f6b6ea7023704800caf60eb5011495105fec3ac0b4846acda926cde4a3aeb9676d1bdfe63ac3c5a30f08624ef623beac8cd93925ddbcb7570635e8b82eb14aae80083ed06ecb517c8c9ff8b23d6550f6fd323a6a37367efdb4cd96e348d10d99922cc3e5d857a1dd23503de59e7974aed92579246489ac4609496ed7813cabd8b6d640f10c901c46eb60970548a5779970f8b234faf7158aca7b02d8f7c1c0741c05cdfd73a58cc5773967cf3611f37661b34c31cba1c"]}]}]}, 0x22e4}}, 0x0) (async, rerun: 64) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x10011, r13, 0xef800000) 373.913094ms ago: executing program 2 (id=3114): r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x84, 0x84, 0x8, [@decl_tag={0x2, 0x0, 0x0, 0x11, 0x1, 0x5}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x4, 0x1}}, @int={0x9, 0x0, 0x0, 0x1, 0x0, 0x27, 0x0, 0x25, 0x2}, @enum={0x4, 0x8, 0x0, 0x6, 0x4, [{0x3, 0x2}, {0x7}, {0xff, 0x81}, {0x4}, {0x9, 0x9a}, {0x4, 0x8fc}, {0x5, 0x8c17}, {0x5}]}]}, {0x0, [0x30, 0x5f, 0x2e, 0x61, 0x5f, 0x0]}}, &(0x7f0000000140)=""/69, 0xa4, 0x45, 0x1, 0x59, 0x10000, @value}, 0x28) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x15, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000079103000000000007b0a00ff000000009500740000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 257.512747ms ago: executing program 0 (id=3115): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r0, 0x0, 0x0) sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, 0x0, 0x81) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x14, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x10, 0x11, 0x4000}, @TCA_FQ_QUANTUM={0x8, 0x3, 0x4000}]}}]}, 0x40}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x36, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYRES16=r0, @ANYRES32, @ANYRESHEX=r4], 0xe8}, 0x1, 0x0, 0x0, 0x40004}, 0x0) close(r1) r6 = socket$inet6_sctp(0xa, 0x1, 0x84) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r7, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000002c0)=ANY=[@ANYBLOB="2c010000", @ANYRES16=r8, @ANYBLOB="010065bd7000fcdbdf254f00000008000300", @ANYRES32, @ANYBLOB="48007a8014000100c396d979a8f802a09c5d7bfaeb3575f21c0002002c8b2ddcc0a3a020196b852ff1e5776edd2fed6a243a33220c000300b38b3e2d8514cc07080004000500000030007a800800040007000000240001006b367eca9776d5c92ac3b99cce28c8dbdebd62217f9c5f46d4b1a11c682b40d61c007a800c000300e028aa46e44ee6830c0003009cf7debf7cdf5a207c007a80080004003465e91c0c0003004a159160a275d9fa08000400ff0f00000800040007000000140001006fde61d99aa98d55b507315489e6cd79140002"], 0x12c}}, 0x0) setsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r6, 0x84, 0x7, &(0x7f0000000000)={0x40}, 0x4) listen(r6, 0x401) sendto$inet6(r6, &(0x7f0000000500)="a4", 0x34000, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c) 243.195353ms ago: executing program 1 (id=3116): r0 = socket(0x2, 0x3, 0xff) mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1, 0x12, r0, 0xf570d000) bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10) sendmmsg$unix(r0, &(0x7f0000000900)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000180)="643c87cf08d21d994efea03321af0c6c7715a604", 0x14}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="1c00000000000000010000000c"], 0xf8}}], 0x2, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$CAN_RAW_JOIN_FILTERS(r0, 0x65, 0x6, &(0x7f0000000100), &(0x7f0000000140)=0x4) close(r0) 163.139009ms ago: executing program 2 (id=3117): ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000200)={0xffffffffffffffff, 0x7, 0x40, 0x10001}) ioctl$TUNGETVNETHDRSZ(r0, 0x800454d7, &(0x7f0000000240)) r1 = socket$pptp(0x18, 0x1, 0x2) recvmmsg(r1, &(0x7f0000000e00)=[{{0x0, 0x0, 0x0}, 0xac4}], 0x1, 0x40, 0x0) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendto$inet6(r2, &(0x7f0000000040)="ad1ee006eb7dd012837aded63aa5a1021661d1625d749eac62d77d152ec06309e8586368231d32e072605e1c508ffed9b3b34081607954dd2c0d7fd5a07c5bdaea7d494c6adebd1a94578d5e84a06335396f499261dc568f75710c86a1685ee5d01e48673454d27e7b059c9932197f99e8e3580afedefabc42335ae8e93913cf2d11cbfa1fd6dc94f2b5ecf1173acccf8cb56b2059918a879bae9319675528eddefdb358969c9104cd7066e64231408d64d3215dba9dd787e970ced4fd98f79d954b730cea149250e617f1206adaf1693623190b8fb5561a3ba0a539bf9d5b90dfb5e89cb34afa2f9cde705eaba01dbbb61c79c9ca", 0xf5, 0x800, &(0x7f0000000140)={0xa, 0x4e24, 0x800, @private1={0xfc, 0x1, '\x00', 0x1}, 0x7ff}, 0x1c) r3 = socket(0x1a, 0x3, 0x976) r4 = socket$inet(0x2, 0x6, 0x0) getsockopt$inet_pktinfo(r4, 0x10d, 0xbc, 0xfffffffffffffffe, &(0x7f0000000000)=0x300) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'bridge0\x00'}) r5 = socket(0xa, 0x3, 0x4) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x14, 0x2a, 0xb, 0x0, 0x0, {0x4}}, 0x14}}, 0x0) ioctl$sock_SIOCBRDELBR(r5, 0x89a2, &(0x7f0000000000)='bridge0\x00') 33.418306ms ago: executing program 0 (id=3118): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$gtp(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$GTP_CMD_NEWPDP(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)={0x28, r1, 0x1, 0x0, 0x0, {}, [@GTPA_FAMILY={0x5, 0xd, 0x23}, @GTPA_TID={0xc}]}, 0x28}}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_FIB_RESULT={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_FIB_DREG={0x8}, @NFTA_FIB_FLAGS={0x8, 0x3, 0x1, 0x0, 0x20}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000080000000b"], 0x50) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000020001801000020646c2100000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10) r5 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$sock_linger(r5, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8) connect$inet6(r5, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x5}, 0x1c) sendmmsg$inet6(r5, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000) setsockopt$inet6_IPV6_RTHDR(r5, 0x29, 0x39, 0x0, 0x0) 10.983061ms ago: executing program 1 (id=3119): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(adiantum(xts(ctr-cast6-avx),blowfish-generic),nhpoly130'}, 0x58) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_group_source_req(r4, 0x29, 0x2e, &(0x7f0000000000)={0x3, {{0xa, 0x4e24, 0x0, @mcast2}}, {{0xa, 0x0, 0x2, @private0, 0x400}}}, 0x108) setsockopt$inet6_group_source_req(r4, 0x29, 0x2e, &(0x7f0000000140)={0x2, {{0xa, 0x0, 0x0, @mcast2}}, {{0xa, 0x0, 0xfffffffd, @mcast2, 0x10000000}}}, 0x108) getsockopt$inet6_buf(r4, 0x29, 0x30, &(0x7f0000000000)=""/40, &(0x7f0000001000)=0xf9) accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x80800) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000002c0)={'wlan1\x00', 0x0}) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000078c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_GET_WIPHY(r7, &(0x7f0000007980)={0x0, 0x0, &(0x7f0000007940)={&(0x7f0000007900)={0x24, r6, 0xccd495925cefb39, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8, 0x1, 0x45}, @val={0x8, 0x3, r8}, @void}}}, 0x24}, 0x1, 0x0, 0x0, 0x200040c0}, 0x800) sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r1, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x40, r6, 0x10, 0x70bd26, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x6000}, @NL80211_ATTR_FRAME={0x18, 0x33, @ctrl_frame=@bar={{}, {0x7ff2}, @broadcast, @broadcast, @basic={{0x1, 0x0, 0x0, 0x0, 0x6}, {0x0, 0x7}}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x801}, 0x40040) sendmsg$NL80211_CMD_PROBE_MESH_LINK(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000bc0)={0x1c, r2, 0x6858604f277b68af, 0x70bd26, 0x25dfdbff, {{}, {@val={0x8, 0x3, r5}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x8080}, 0x0) 0s ago: executing program 4 (id=3120): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000002, 0x100010, r0, 0xc8ae000) r1 = socket$phonet(0x23, 0x2, 0x1) ioctl$SIOCPNGETOBJECT(r1, 0x89e0, &(0x7f0000000000)=0xffff) sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000380)=ANY=[@ANYBLOB="1c0000002c00010026bd7000fcdbdf250400000005000b000000d90f"], 0x1c}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000) (fail_nth: 9) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)) kernel console output (not intermixed with test programs): 0 [ 265.081919][T11411] ? __fget_files+0x2a/0x410 [ 265.081962][T11411] ? fput+0x21b/0x290 [ 265.081984][T11411] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 265.082008][T11411] bpf_prog_test_run+0x2e4/0x360 [ 265.082037][T11411] __sys_bpf+0x487/0x820 [ 265.082062][T11411] ? __pfx___sys_bpf+0x10/0x10 [ 265.082097][T11411] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 265.082124][T11411] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 265.082151][T11411] ? do_syscall_64+0x100/0x230 [ 265.082180][T11411] __x64_sys_bpf+0x7c/0x90 [ 265.082202][T11411] do_syscall_64+0xf3/0x230 [ 265.082228][T11411] ? clear_bhb_loop+0x35/0x90 [ 265.082266][T11411] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 265.082290][T11411] RIP: 0033:0x7fcbec58d169 [ 265.082308][T11411] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 265.082324][T11411] RSP: 002b:00007fcbed327038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 265.082345][T11411] RAX: ffffffffffffffda RBX: 00007fcbec7a5fa0 RCX: 00007fcbec58d169 [ 265.082357][T11411] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a [ 265.082368][T11411] RBP: 00007fcbed327090 R08: 0000000000000000 R09: 0000000000000000 [ 265.082378][T11411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 265.082388][T11411] R13: 0000000000000000 R14: 00007fcbec7a5fa0 R15: 00007ffcb85bd288 [ 265.082414][T11411] [ 265.598286][T11428] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2201'. [ 265.668532][ T5911] tipc: Node number set to 1213738240 [ 265.769732][T11437] FAULT_INJECTION: forcing a failure. [ 265.769732][T11437] name failslab, interval 1, probability 0, space 0, times 0 [ 265.803278][T11437] CPU: 0 UID: 0 PID: 11437 Comm: syz.1.2204 Not tainted 6.14.0-rc7-syzkaller-00177-g0032c99e83b9 #0 [ 265.803307][T11437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 265.803320][T11437] Call Trace: [ 265.803328][T11437] [ 265.803337][T11437] dump_stack_lvl+0x241/0x360 [ 265.803370][T11437] ? __pfx_dump_stack_lvl+0x10/0x10 [ 265.803393][T11437] ? __pfx__printk+0x10/0x10 [ 265.803416][T11437] ? __kmalloc_noprof+0xb5/0x4c0 [ 265.803446][T11437] ? __pfx___might_resched+0x10/0x10 [ 265.803478][T11437] should_fail_ex+0x40a/0x550 [ 265.803515][T11437] should_failslab+0xac/0x100 [ 265.803545][T11437] __kmalloc_noprof+0xdd/0x4c0 [ 265.803573][T11437] ? security_sk_alloc+0x53/0x360 [ 265.803604][T11437] security_sk_alloc+0x53/0x360 [ 265.803632][T11437] sk_prot_alloc+0xfa/0x210 [ 265.803652][T11437] ? sk_alloc+0x27/0x370 [ 265.803675][T11437] sk_alloc+0x3e/0x370 [ 265.803700][T11437] can_create+0x1bd/0x4d0 [ 265.803736][T11437] __sock_create+0x4c0/0xa30 [ 265.803802][T11437] __sys_socket+0x150/0x3c0 [ 265.803836][T11437] ? __pfx___sys_socket+0x10/0x10 [ 265.803867][T11437] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 265.803900][T11437] ? do_syscall_64+0x100/0x230 [ 265.803947][T11437] __x64_sys_socket+0x7a/0x90 [ 265.803978][T11437] do_syscall_64+0xf3/0x230 [ 265.804010][T11437] ? clear_bhb_loop+0x35/0x90 [ 265.804044][T11437] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 265.804072][T11437] RIP: 0033:0x7f67d378d169 [ 265.804091][T11437] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 265.804109][T11437] RSP: 002b:00007f67d456e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 265.804133][T11437] RAX: ffffffffffffffda RBX: 00007f67d39a5fa0 RCX: 00007f67d378d169 [ 265.804148][T11437] RDX: 0000000000000007 RSI: 0000000000000002 RDI: 000000000000001d [ 265.804160][T11437] RBP: 00007f67d456e090 R08: 0000000000000000 R09: 0000000000000000 [ 265.804172][T11437] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 265.804184][T11437] R13: 0000000000000001 R14: 00007f67d39a5fa0 R15: 00007fffee163858 [ 265.804215][T11437] [ 266.367675][T11454] FAULT_INJECTION: forcing a failure. [ 266.367675][T11454] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 266.408695][T11454] CPU: 0 UID: 0 PID: 11454 Comm: syz.3.2210 Not tainted 6.14.0-rc7-syzkaller-00177-g0032c99e83b9 #0 [ 266.408733][T11454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 266.408754][T11454] Call Trace: [ 266.408761][T11454] [ 266.408770][T11454] dump_stack_lvl+0x241/0x360 [ 266.408802][T11454] ? __pfx_dump_stack_lvl+0x10/0x10 [ 266.408824][T11454] ? __pfx__printk+0x10/0x10 [ 266.408851][T11454] ? __pfx_lock_release+0x10/0x10 [ 266.408891][T11454] should_fail_ex+0x40a/0x550 [ 266.408928][T11454] _copy_from_iter+0x1df/0x1c40 [ 266.408952][T11454] ? __virt_addr_valid+0x183/0x530 [ 266.408973][T11454] ? __pfx_lock_release+0x10/0x10 [ 266.409011][T11454] ? __alloc_skb+0x28f/0x440 [ 266.409032][T11454] ? __pfx__copy_from_iter+0x10/0x10 [ 266.409059][T11454] ? __virt_addr_valid+0x183/0x530 [ 266.409076][T11454] ? __virt_addr_valid+0x183/0x530 [ 266.409094][T11454] ? __virt_addr_valid+0x45f/0x530 [ 266.409112][T11454] ? __phys_addr_symbol+0x2f/0x70 [ 266.409139][T11454] ? __check_object_size+0x47a/0x730 [ 266.409179][T11454] netlink_sendmsg+0x742/0xcb0 [ 266.409218][T11454] ? __pfx_netlink_sendmsg+0x10/0x10 [ 266.409247][T11454] ? aa_sock_msg_perm+0x91/0x160 [ 266.409290][T11454] ? __pfx_netlink_sendmsg+0x10/0x10 [ 266.409314][T11454] __sock_sendmsg+0x221/0x270 [ 266.409346][T11454] ____sys_sendmsg+0x53a/0x860 [ 266.409377][T11454] ? __pfx_____sys_sendmsg+0x10/0x10 [ 266.409397][T11454] ? __fget_files+0x2a/0x410 [ 266.409437][T11454] ? __fget_files+0x2a/0x410 [ 266.409475][T11454] __sys_sendmsg+0x269/0x350 [ 266.409503][T11454] ? __pfx___sys_sendmsg+0x10/0x10 [ 266.409537][T11454] ? do_sys_openat2+0x17a/0x1d0 [ 266.409589][T11454] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 266.409622][T11454] ? do_syscall_64+0x100/0x230 [ 266.409657][T11454] ? do_syscall_64+0xb6/0x230 [ 266.409692][T11454] do_syscall_64+0xf3/0x230 [ 266.409722][T11454] ? clear_bhb_loop+0x35/0x90 [ 266.409755][T11454] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 266.409784][T11454] RIP: 0033:0x7f860718d169 [ 266.409804][T11454] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 266.409830][T11454] RSP: 002b:00007f8607f33038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 266.409852][T11454] RAX: ffffffffffffffda RBX: 00007f86073a5fa0 RCX: 00007f860718d169 [ 266.409868][T11454] RDX: 0000000000000000 RSI: 0000200000000b80 RDI: 0000000000000004 [ 266.409881][T11454] RBP: 00007f8607f33090 R08: 0000000000000000 R09: 0000000000000000 [ 266.409894][T11454] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 266.409906][T11454] R13: 0000000000000000 R14: 00007f86073a5fa0 R15: 00007ffc633bbca8 [ 266.409941][T11454] [ 266.806516][T11460] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2211'. [ 267.204377][T11478] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2217'. [ 267.226855][T11480] openvswitch: netlink: IP tunnel TTL not specified. [ 267.788182][T11487] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2220'. [ 267.797573][T11487] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2220'. [ 267.860723][T11487] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2220'. [ 267.914619][T11493] netlink: 'syz.0.2222': attribute type 3 has an invalid length. [ 267.991302][T11496] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2223'. [ 268.042026][T11496] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2223'. [ 268.088274][T11496] FAULT_INJECTION: forcing a failure. [ 268.088274][T11496] name failslab, interval 1, probability 0, space 0, times 0 [ 268.128945][T11496] CPU: 0 UID: 0 PID: 11496 Comm: syz.1.2223 Not tainted 6.14.0-rc7-syzkaller-00177-g0032c99e83b9 #0 [ 268.128978][T11496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 268.128991][T11496] Call Trace: [ 268.128999][T11496] [ 268.129008][T11496] dump_stack_lvl+0x241/0x360 [ 268.129041][T11496] ? __pfx_dump_stack_lvl+0x10/0x10 [ 268.129064][T11496] ? __pfx__printk+0x10/0x10 [ 268.129094][T11496] ? kmem_cache_alloc_node_noprof+0x4f/0x380 [ 268.129125][T11496] ? __pfx___might_resched+0x10/0x10 [ 268.129158][T11496] should_fail_ex+0x40a/0x550 [ 268.129195][T11496] should_failslab+0xac/0x100 [ 268.129225][T11496] kmem_cache_alloc_node_noprof+0x77/0x380 [ 268.129253][T11496] ? __alloc_skb+0x1c3/0x440 [ 268.129278][T11496] __alloc_skb+0x1c3/0x440 [ 268.129304][T11496] ? __pfx___alloc_skb+0x10/0x10 [ 268.129331][T11496] ? netlink_ack_tlv_len+0x6e/0x200 [ 268.129357][T11496] netlink_ack+0x145/0xa60 [ 268.129378][T11496] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 268.129411][T11496] ? ref_tracker_free+0x643/0x7e0 [ 268.129439][T11496] netlink_rcv_skb+0x294/0x480 [ 268.129465][T11496] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 268.129495][T11496] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 268.129543][T11496] ? netlink_deliver_tap+0x2e/0x1b0 [ 268.129570][T11496] netlink_unicast+0x7f6/0x990 [ 268.129601][T11496] ? __pfx_netlink_unicast+0x10/0x10 [ 268.129621][T11496] ? __virt_addr_valid+0x45f/0x530 [ 268.129641][T11496] ? __phys_addr_symbol+0x2f/0x70 [ 268.129659][T11496] ? __check_object_size+0x47a/0x730 [ 268.129693][T11496] netlink_sendmsg+0x8de/0xcb0 [ 268.129757][T11496] ? __pfx_netlink_sendmsg+0x10/0x10 [ 268.129787][T11496] ? aa_sock_msg_perm+0x91/0x160 [ 268.129824][T11496] ? __pfx_netlink_sendmsg+0x10/0x10 [ 268.129848][T11496] __sock_sendmsg+0x221/0x270 [ 268.129880][T11496] ____sys_sendmsg+0x53a/0x860 [ 268.129910][T11496] ? __pfx_____sys_sendmsg+0x10/0x10 [ 268.129930][T11496] ? __fget_files+0x2a/0x410 [ 268.129962][T11496] ? __fget_files+0x2a/0x410 [ 268.129999][T11496] __sys_sendmsg+0x269/0x350 [ 268.130026][T11496] ? __pfx___sys_sendmsg+0x10/0x10 [ 268.130061][T11496] ? do_sys_openat2+0x17a/0x1d0 [ 268.130116][T11496] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 268.130150][T11496] ? do_syscall_64+0x100/0x230 [ 268.130186][T11496] ? do_syscall_64+0xb6/0x230 [ 268.130221][T11496] do_syscall_64+0xf3/0x230 [ 268.130252][T11496] ? clear_bhb_loop+0x35/0x90 [ 268.130283][T11496] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 268.130311][T11496] RIP: 0033:0x7f67d378d169 [ 268.130329][T11496] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 268.130346][T11496] RSP: 002b:00007f67d456e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 268.130368][T11496] RAX: ffffffffffffffda RBX: 00007f67d39a5fa0 RCX: 00007f67d378d169 [ 268.130383][T11496] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003 [ 268.130396][T11496] RBP: 00007f67d456e090 R08: 0000000000000000 R09: 0000000000000000 [ 268.130409][T11496] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 268.130421][T11496] R13: 0000000000000000 R14: 00007f67d39a5fa0 R15: 00007fffee163858 [ 268.130452][T11496] [ 268.727243][T11514] FAULT_INJECTION: forcing a failure. [ 268.727243][T11514] name failslab, interval 1, probability 0, space 0, times 0 [ 268.768235][T11514] CPU: 0 UID: 0 PID: 11514 Comm: syz.3.2229 Not tainted 6.14.0-rc7-syzkaller-00177-g0032c99e83b9 #0 [ 268.768269][T11514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 268.768283][T11514] Call Trace: [ 268.768290][T11514] [ 268.768299][T11514] dump_stack_lvl+0x241/0x360 [ 268.768331][T11514] ? __pfx_dump_stack_lvl+0x10/0x10 [ 268.768354][T11514] ? __pfx__printk+0x10/0x10 [ 268.768378][T11514] ? __kmalloc_node_noprof+0xb9/0x4d0 [ 268.768408][T11514] ? __pfx___might_resched+0x10/0x10 [ 268.768440][T11514] should_fail_ex+0x40a/0x550 [ 268.768477][T11514] should_failslab+0xac/0x100 [ 268.768507][T11514] __kmalloc_node_noprof+0xe1/0x4d0 [ 268.768536][T11514] ? __kvmalloc_node_noprof+0x72/0x190 [ 268.768574][T11514] __kvmalloc_node_noprof+0x72/0x190 [ 268.768608][T11514] bpf_test_run_xdp_live+0x290/0x2220 [ 268.768635][T11514] ? __pfx_lock_release+0x10/0x10 [ 268.768673][T11514] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 268.768697][T11514] ? __pfx___might_resched+0x10/0x10 [ 268.768729][T11514] ? __mutex_unlock_slowpath+0x227/0x800 [ 268.768772][T11514] ? __pfx_bpf_test_run_xdp_live+0x10/0x10 [ 268.768796][T11514] ? synchronize_rcu+0x11b/0x360 [ 268.768820][T11514] ? __pfx_synchronize_rcu+0x10/0x10 [ 268.768867][T11514] ? __pfx_bpf_dispatcher_change_prog+0x10/0x10 [ 268.768898][T11514] ? 0xffffffffa0000958 [ 268.768936][T11514] ? __pfx_xdp_test_run_init_page+0x10/0x10 [ 268.768981][T11514] ? _copy_from_user+0x95/0xb0 [ 268.769020][T11514] ? bpf_test_init+0x137/0x160 [ 268.769041][T11514] ? xdp_convert_md_to_buff+0x5b/0x330 [ 268.769069][T11514] bpf_prog_test_run_xdp+0x805/0x11e0 [ 268.769106][T11514] ? __pfx_lock_release+0x10/0x10 [ 268.769147][T11514] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 268.769174][T11514] ? __fget_files+0x2a/0x410 [ 268.769207][T11514] ? __fget_files+0x2a/0x410 [ 268.769241][T11514] ? fput+0x21b/0x290 [ 268.769269][T11514] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 268.769297][T11514] bpf_prog_test_run+0x2e4/0x360 [ 268.769331][T11514] __sys_bpf+0x487/0x820 [ 268.769362][T11514] ? __pfx___sys_bpf+0x10/0x10 [ 268.769405][T11514] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 268.769439][T11514] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 268.769472][T11514] ? do_syscall_64+0x100/0x230 [ 268.769510][T11514] __x64_sys_bpf+0x7c/0x90 [ 268.769536][T11514] do_syscall_64+0xf3/0x230 [ 268.769568][T11514] ? clear_bhb_loop+0x35/0x90 [ 268.769601][T11514] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 268.769629][T11514] RIP: 0033:0x7f860718d169 [ 268.769647][T11514] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 268.769665][T11514] RSP: 002b:00007f8607f33038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 268.769688][T11514] RAX: ffffffffffffffda RBX: 00007f86073a5fa0 RCX: 00007f860718d169 [ 268.769704][T11514] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a [ 268.769717][T11514] RBP: 00007f8607f33090 R08: 0000000000000000 R09: 0000000000000000 [ 268.769744][T11514] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 268.769763][T11514] R13: 0000000000000000 R14: 00007f86073a5fa0 R15: 00007ffc633bbca8 [ 268.769795][T11514] [ 269.298881][T11521] __nla_validate_parse: 1 callbacks suppressed [ 269.298905][T11521] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2230'. [ 269.464558][T11525] netlink: 'syz.0.2231': attribute type 1 has an invalid length. [ 269.516916][T11525] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2231'. [ 270.197284][T11554] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2237'. [ 270.269767][T11554] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2237'. [ 270.305901][T11554] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2237'. [ 270.550231][T11573] netlink: 'syz.0.2242': attribute type 1 has an invalid length. [ 270.583970][T11573] netlink: 244 bytes leftover after parsing attributes in process `syz.0.2242'. [ 270.658654][T11573] netlink: 'syz.0.2242': attribute type 1 has an invalid length. [ 270.697538][T11573] netlink: 244 bytes leftover after parsing attributes in process `syz.0.2242'. [ 270.724353][T11581] FAULT_INJECTION: forcing a failure. [ 270.724353][T11581] name failslab, interval 1, probability 0, space 0, times 0 [ 270.727655][T11573] netlink: 'syz.0.2242': attribute type 1 has an invalid length. [ 270.766809][T11583] FAULT_INJECTION: forcing a failure. [ 270.766809][T11583] name failslab, interval 1, probability 0, space 0, times 0 [ 270.787557][T11581] CPU: 1 UID: 0 PID: 11581 Comm: syz.4.2245 Not tainted 6.14.0-rc7-syzkaller-00177-g0032c99e83b9 #0 [ 270.787590][T11581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 270.787604][T11581] Call Trace: [ 270.787619][T11581] [ 270.787628][T11581] dump_stack_lvl+0x241/0x360 [ 270.787659][T11581] ? __pfx_dump_stack_lvl+0x10/0x10 [ 270.787683][T11581] ? __pfx__printk+0x10/0x10 [ 270.787706][T11581] ? __kmalloc_node_noprof+0xb9/0x4d0 [ 270.787737][T11581] ? __pfx___might_resched+0x10/0x10 [ 270.787763][T11581] ? trace_contention_end+0x3c/0x120 [ 270.787792][T11581] should_fail_ex+0x40a/0x550 [ 270.787830][T11581] should_failslab+0xac/0x100 [ 270.787860][T11581] __kmalloc_node_noprof+0xe1/0x4d0 [ 270.787898][T11581] ? __kvmalloc_node_noprof+0x72/0x190 [ 270.787930][T11581] ? __pfx___mutex_lock+0x10/0x10 [ 270.787967][T11581] __kvmalloc_node_noprof+0x72/0x190 [ 270.788002][T11581] nf_hook_entries_grow+0x288/0x720 [ 270.788040][T11581] __nf_register_net_hook+0x278/0x8d0 [ 270.788076][T11581] nf_register_net_hook+0xb0/0x190 [ 270.788100][T11581] nf_register_net_hooks+0x41/0x1a0 [ 270.788126][T11581] nf_defrag_ipv4_enable+0x85/0x110 [ 270.788160][T11581] socket_mt_v3_check+0x93/0x1e0 [ 270.788187][T11581] xt_check_match+0x368/0xa40 [ 270.788218][T11581] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 270.788252][T11581] ? __pfx_xt_check_match+0x10/0x10 [ 270.788293][T11581] ? xt_find_match+0x1df/0x230 [ 270.788328][T11581] translate_table+0x160d/0x2370 [ 270.788381][T11581] ? __pfx_translate_table+0x10/0x10 [ 270.788403][T11581] ? __might_fault+0xaa/0x120 [ 270.788424][T11581] ? __pfx_lock_release+0x10/0x10 [ 270.788461][T11581] ? __virt_addr_valid+0x183/0x530 [ 270.788487][T11581] ? __might_fault+0xc6/0x120 [ 270.788513][T11581] ? copy_from_sockptr_offset+0x6b/0xb0 [ 270.788538][T11581] do_ipt_set_ctl+0xe3d/0x1250 [ 270.788567][T11581] ? nf_setsockopt+0x240/0x2c0 [ 270.788592][T11581] ? do_ip_setsockopt+0x2824/0x3ae0 [ 270.788633][T11581] ? __pfx_do_ipt_set_ctl+0x10/0x10 [ 270.788656][T11581] ? rcu_is_watching+0x15/0xb0 [ 270.788681][T11581] ? trace_contention_end+0x3c/0x120 [ 270.788715][T11581] ? __mutex_unlock_slowpath+0x227/0x800 [ 270.788759][T11581] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 270.788789][T11581] ? aa_sk_perm+0x96d/0xab0 [ 270.788826][T11581] ? __pfx_aa_sk_perm+0x10/0x10 [ 270.788858][T11581] nf_setsockopt+0x295/0x2c0 [ 270.788890][T11581] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 270.788921][T11581] do_sock_setsockopt+0x3af/0x720 [ 270.788933][T11573] netlink: 244 bytes leftover after parsing attributes in process `syz.0.2242'. [ 270.788950][T11581] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 270.788976][T11581] ? __fget_files+0x395/0x410 [ 270.789015][T11581] ? __fget_files+0x2a/0x410 [ 270.789059][T11581] __x64_sys_setsockopt+0x1ee/0x280 [ 270.789092][T11581] do_syscall_64+0xf3/0x230 [ 270.789127][T11581] ? clear_bhb_loop+0x35/0x90 [ 270.789163][T11581] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 270.789193][T11581] RIP: 0033:0x7fd11ef8d169 [ 270.789213][T11581] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 270.789232][T11581] RSP: 002b:00007fd11fe76038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 270.789256][T11581] RAX: ffffffffffffffda RBX: 00007fd11f1a5fa0 RCX: 00007fd11ef8d169 [ 270.789272][T11581] RDX: 0000000000000040 RSI: 9003000000000000 RDI: 0000000000000003 [ 270.789287][T11581] RBP: 00007fd11fe76090 R08: 0000000000000328 R09: 0000000000000000 [ 270.789301][T11581] R10: 0000200000000b40 R11: 0000000000000246 R12: 0000000000000001 [ 270.789315][T11581] R13: 0000000000000000 R14: 00007fd11f1a5fa0 R15: 00007ffcc1b3fae8 [ 270.789349][T11581] [ 270.821481][T11583] CPU: 1 UID: 0 PID: 11583 Comm: syz.3.2246 Not tainted 6.14.0-rc7-syzkaller-00177-g0032c99e83b9 #0 [ 270.821518][T11583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 270.821533][T11583] Call Trace: [ 270.821542][T11583] [ 270.821553][T11583] dump_stack_lvl+0x241/0x360 [ 270.821602][T11583] ? __pfx_dump_stack_lvl+0x10/0x10 [ 270.821629][T11583] ? __pfx__printk+0x10/0x10 [ 270.821654][T11583] ? __kmalloc_cache_noprof+0x48/0x390 [ 270.821684][T11583] ? __pfx___might_resched+0x10/0x10 [ 270.821716][T11583] should_fail_ex+0x40a/0x550 [ 270.821752][T11583] should_failslab+0xac/0x100 [ 270.821781][T11583] __kmalloc_cache_noprof+0x70/0x390 [ 270.821808][T11583] ? nf_tables_newtable+0x52c/0x1e10 [ 270.821840][T11583] nf_tables_newtable+0x52c/0x1e10 [ 270.821873][T11583] ? nfnl_pernet+0x23/0x240 [ 270.821914][T11583] ? __pfx_nf_tables_newtable+0x10/0x10 [ 270.821954][T11583] ? __nla_parse+0x40/0x60 [ 270.821982][T11583] nfnetlink_rcv+0x14e3/0x2ab0 [ 270.822054][T11583] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 270.822142][T11583] ? netlink_deliver_tap+0x2e/0x1b0 [ 270.822167][T11583] ? skb_clone+0x240/0x390 [ 270.822194][T11583] ? __pfx_lock_release+0x10/0x10 [ 270.822243][T11583] ? netlink_deliver_tap+0x2e/0x1b0 [ 270.822273][T11583] netlink_unicast+0x7f6/0x990 [ 270.822307][T11583] ? __pfx_netlink_unicast+0x10/0x10 [ 270.822328][T11583] ? __virt_addr_valid+0x45f/0x530 [ 270.822351][T11583] ? __phys_addr_symbol+0x2f/0x70 [ 270.822371][T11583] ? __check_object_size+0x47a/0x730 [ 270.822406][T11583] netlink_sendmsg+0x8de/0xcb0 [ 270.822447][T11583] ? __pfx_netlink_sendmsg+0x10/0x10 [ 270.822480][T11583] ? aa_sock_msg_perm+0x91/0x160 [ 270.822521][T11583] ? __pfx_netlink_sendmsg+0x10/0x10 [ 270.822546][T11583] __sock_sendmsg+0x221/0x270 [ 270.822626][T11583] ____sys_sendmsg+0x53a/0x860 [ 270.822662][T11583] ? __pfx_____sys_sendmsg+0x10/0x10 [ 270.822683][T11583] ? __fget_files+0x2a/0x410 [ 270.822720][T11583] ? __fget_files+0x2a/0x410 [ 270.822760][T11583] __sys_sendmsg+0x269/0x350 [ 270.822790][T11583] ? __pfx___sys_sendmsg+0x10/0x10 [ 270.822828][T11583] ? do_sys_openat2+0x17a/0x1d0 [ 270.822888][T11583] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 270.822923][T11583] ? do_syscall_64+0x100/0x230 [ 270.822961][T11583] ? do_syscall_64+0xb6/0x230 [ 270.822999][T11583] do_syscall_64+0xf3/0x230 [ 270.823032][T11583] ? clear_bhb_loop+0x35/0x90 [ 270.823069][T11583] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 270.823098][T11583] RIP: 0033:0x7f860718d169 [ 270.823118][T11583] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 270.823138][T11583] RSP: 002b:00007f8607f33038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 270.823157][T11583] RAX: ffffffffffffffda RBX: 00007f86073a5fa0 RCX: 00007f860718d169 [ 270.823170][T11583] RDX: 0000000020050800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 270.823183][T11583] RBP: 00007f8607f33090 R08: 0000000000000000 R09: 0000000000000000 [ 270.823197][T11583] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 270.823209][T11583] R13: 0000000000000000 R14: 00007f86073a5fa0 R15: 00007ffc633bbca8 [ 270.823245][T11583] [ 272.325021][T11631] netlink: 'syz.1.2259': attribute type 2 has an invalid length. [ 272.766388][T11651] dccp_invalid_packet: pskb_may_pull failed [ 273.054201][T11663] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2267'. [ 273.218789][T11673] sock: sock_timestamping_bind_phc: sock not bind to device [ 273.734033][T11692] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 274.322315][T11715] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2284'. [ 274.350492][T11715] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2284'. [ 274.588935][T11726] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 274.787823][T11738] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2293'. [ 275.184271][T11753] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2299'. [ 275.219561][T11759] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2302'. [ 275.298445][T11761] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 275.465427][T11766] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported [ 276.074718][T11788] netlink: 'syz.4.2312': attribute type 15 has an invalid length. [ 276.086702][T11789] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2313'. [ 276.120564][T11789] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2313'. [ 276.133027][T11788] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2312'. [ 276.164352][T11788] netlink: 176 bytes leftover after parsing attributes in process `syz.4.2312'. [ 276.173007][T11789] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2313'. [ 276.328500][T11789] nbd0: detected capacity change from 0 to 256 [ 276.345519][ T5848] block nbd0: Receive control failed (result -104) [ 276.490993][ T7864] wlan1: Trigger new scan to find an IBSS to join [ 276.611360][T11808] sctp: [Deprecated]: syz.4.2321 (pid 11808) Use of struct sctp_assoc_value in delayed_ack socket option. [ 276.611360][T11808] Use struct sctp_sack_info instead [ 276.645260][T11805] xt_addrtype: ipv6 does not support BROADCAST matching [ 277.473586][T11851] ieee802154 phy0 wpan0: encryption failed: -22 [ 277.555376][T11855] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 277.567837][T11856] sctp: [Deprecated]: syz.1.2335 (pid 11856) Use of struct sctp_assoc_value in delayed_ack socket option. [ 277.567837][T11856] Use struct sctp_sack_info instead [ 278.261587][T11885] FAULT_INJECTION: forcing a failure. [ 278.261587][T11885] name failslab, interval 1, probability 0, space 0, times 0 [ 278.275223][T11885] CPU: 0 UID: 0 PID: 11885 Comm: syz.1.2347 Not tainted 6.14.0-rc7-syzkaller-00177-g0032c99e83b9 #0 [ 278.275249][T11885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 278.275263][T11885] Call Trace: [ 278.275271][T11885] [ 278.275279][T11885] dump_stack_lvl+0x241/0x360 [ 278.275312][T11885] ? __pfx_dump_stack_lvl+0x10/0x10 [ 278.275336][T11885] ? __pfx__printk+0x10/0x10 [ 278.275373][T11885] should_fail_ex+0x40a/0x550 [ 278.275410][T11885] should_failslab+0xac/0x100 [ 278.275441][T11885] __kmalloc_cache_noprof+0x70/0x390 [ 278.275469][T11885] ? __add_metainfo+0x77/0x340 [ 278.275502][T11885] __add_metainfo+0x77/0x340 [ 278.275536][T11885] use_all_metadata+0xb6/0x1b0 [ 278.275571][T11885] tcf_ife_init+0xa61/0xfc0 [ 278.275612][T11885] ? __pfx_tcf_ife_init+0x10/0x10 [ 278.275659][T11885] ? nla_memcpy+0x5a/0xb0 [ 278.275689][T11885] ? __pfx_tcf_ife_init+0x10/0x10 [ 278.275716][T11885] tcf_action_init_1+0x5d7/0x890 [ 278.275737][T11885] ? nla_strscpy+0x100/0x180 [ 278.275766][T11885] ? __pfx_tcf_action_init_1+0x10/0x10 [ 278.275785][T11885] ? _raw_read_unlock+0x28/0x50 [ 278.275811][T11885] ? tc_action_load_ops+0x244/0x510 [ 278.275861][T11885] ? __pfx_lock_release+0x10/0x10 [ 278.275893][T11885] ? __nla_parse+0x40/0x60 [ 278.275928][T11885] tcf_action_init+0x2e8/0xae0 [ 278.275949][T11885] ? 0xffffffffa0001f9c [ 278.275980][T11885] ? __pfx_tcf_action_init+0x10/0x10 [ 278.276070][T11885] ? apparmor_capable+0x13b/0x1b0 [ 278.276106][T11885] tc_ctl_action+0x47d/0xcf0 [ 278.276142][T11885] ? __pfx_tc_ctl_action+0x10/0x10 [ 278.276228][T11885] ? __pfx_tc_ctl_action+0x10/0x10 [ 278.276251][T11885] rtnetlink_rcv_msg+0x73f/0xcf0 [ 278.276282][T11885] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 278.276322][T11885] ? rcu_preempt_deferred_qs_irqrestore+0x8c4/0xca0 [ 278.276355][T11885] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 278.276402][T11885] netlink_rcv_skb+0x206/0x480 [ 278.276428][T11885] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 278.276457][T11885] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 278.276509][T11885] ? __rcu_read_unlock+0xa1/0x110 [ 278.276543][T11885] netlink_unicast+0x7f6/0x990 [ 278.276575][T11885] ? __pfx_netlink_unicast+0x10/0x10 [ 278.276595][T11885] ? __virt_addr_valid+0x45f/0x530 [ 278.276615][T11885] ? __phys_addr_symbol+0x2f/0x70 [ 278.276634][T11885] ? __check_object_size+0x47a/0x730 [ 278.276665][T11885] netlink_sendmsg+0x8de/0xcb0 [ 278.276704][T11885] ? __pfx_netlink_sendmsg+0x10/0x10 [ 278.276734][T11885] ? aa_sock_msg_perm+0x91/0x160 [ 278.276771][T11885] ? __pfx_netlink_sendmsg+0x10/0x10 [ 278.276795][T11885] __sock_sendmsg+0x221/0x270 [ 278.276828][T11885] ____sys_sendmsg+0x53a/0x860 [ 278.276862][T11885] ? __pfx_____sys_sendmsg+0x10/0x10 [ 278.276883][T11885] ? __fget_files+0x2a/0x410 [ 278.276928][T11885] ? __fget_files+0x2a/0x410 [ 278.276967][T11885] __sys_sendmsg+0x269/0x350 [ 278.276996][T11885] ? __pfx___sys_sendmsg+0x10/0x10 [ 278.277034][T11885] ? do_sys_openat2+0x17a/0x1d0 [ 278.277093][T11885] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 278.277126][T11885] ? do_syscall_64+0x100/0x230 [ 278.277161][T11885] ? do_syscall_64+0xb6/0x230 [ 278.277196][T11885] do_syscall_64+0xf3/0x230 [ 278.277228][T11885] ? clear_bhb_loop+0x35/0x90 [ 278.277262][T11885] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 278.277291][T11885] RIP: 0033:0x7f67d378d169 [ 278.277309][T11885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 278.277327][T11885] RSP: 002b:00007f67d456e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 278.277351][T11885] RAX: ffffffffffffffda RBX: 00007f67d39a5fa0 RCX: 00007f67d378d169 [ 278.277366][T11885] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003 [ 278.277379][T11885] RBP: 00007f67d456e090 R08: 0000000000000000 R09: 0000000000000000 [ 278.277393][T11885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 278.277405][T11885] R13: 0000000000000000 R14: 00007f67d39a5fa0 R15: 00007fffee163858 [ 278.277437][T11885] [ 278.821653][T11887] FAULT_INJECTION: forcing a failure. [ 278.821653][T11887] name failslab, interval 1, probability 0, space 0, times 0 [ 278.834460][T11887] CPU: 0 UID: 0 PID: 11887 Comm: syz.4.2348 Not tainted 6.14.0-rc7-syzkaller-00177-g0032c99e83b9 #0 [ 278.834488][T11887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 278.834501][T11887] Call Trace: [ 278.834509][T11887] [ 278.834518][T11887] dump_stack_lvl+0x241/0x360 [ 278.834550][T11887] ? __pfx_dump_stack_lvl+0x10/0x10 [ 278.834574][T11887] ? __pfx__printk+0x10/0x10 [ 278.834610][T11887] should_fail_ex+0x40a/0x550 [ 278.834648][T11887] should_failslab+0xac/0x100 [ 278.834677][T11887] ? skb_clone+0x20c/0x390 [ 278.834699][T11887] kmem_cache_alloc_noprof+0x70/0x380 [ 278.834735][T11887] skb_clone+0x20c/0x390 [ 278.834763][T11887] bpf_clone_redirect+0xab/0x3d0 [ 278.834799][T11887] bpf_prog_dde6c29962cc7727+0x5f/0x64 [ 278.834822][T11887] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 278.834862][T11887] ? bpf_test_run+0x370/0xa90 [ 278.834893][T11887] ? __pfx_lockdep_softirqs_off+0x10/0x10 [ 278.834925][T11887] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 278.834969][T11887] ? bpf_test_run+0x370/0xa90 [ 278.834993][T11887] ? __pfx___cant_migrate+0x10/0x10 [ 278.835019][T11887] ? bpf_test_run+0x370/0xa90 [ 278.835042][T11887] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 278.835072][T11887] ? bpf_test_timer_continue+0x11a/0x350 [ 278.835104][T11887] bpf_test_run+0x4f0/0xa90 [ 278.835134][T11887] ? bpf_test_run+0x370/0xa90 [ 278.835171][T11887] ? __pfx_bpf_test_run+0x10/0x10 [ 278.835222][T11887] ? __pfx_eth_type_trans+0x10/0x10 [ 278.835256][T11887] ? convert___skb_to_skb+0x41/0x630 [ 278.835285][T11887] bpf_prog_test_run_skb+0xcaa/0x1830 [ 278.835334][T11887] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 278.835357][T11887] ? __fget_files+0x2a/0x410 [ 278.835392][T11887] ? fput+0x21b/0x290 [ 278.835420][T11887] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 278.835447][T11887] bpf_prog_test_run+0x2e4/0x360 [ 278.835483][T11887] __sys_bpf+0x487/0x820 [ 278.835514][T11887] ? __pfx___sys_bpf+0x10/0x10 [ 278.835558][T11887] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 278.835593][T11887] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 278.835627][T11887] ? do_syscall_64+0x100/0x230 [ 278.835664][T11887] __x64_sys_bpf+0x7c/0x90 [ 278.835691][T11887] do_syscall_64+0xf3/0x230 [ 278.835722][T11887] ? clear_bhb_loop+0x35/0x90 [ 278.835755][T11887] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 278.835784][T11887] RIP: 0033:0x7fd11ef8d169 [ 278.835802][T11887] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 278.835820][T11887] RSP: 002b:00007fd11fe76038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 278.835843][T11887] RAX: ffffffffffffffda RBX: 00007fd11f1a5fa0 RCX: 00007fd11ef8d169 [ 278.835858][T11887] RDX: 0000000000000050 RSI: 0000200000000080 RDI: 000000000000000a [ 278.835883][T11887] RBP: 00007fd11fe76090 R08: 0000000000000000 R09: 0000000000000000 [ 278.835896][T11887] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 278.835908][T11887] R13: 0000000000000000 R14: 00007fd11f1a5fa0 R15: 00007ffcc1b3fae8 [ 278.835941][T11887] [ 279.519939][T11905] batman_adv: batadv0: Adding interface: dummy0 [ 279.526283][T11905] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 279.563568][T11903] __nla_validate_parse: 7 callbacks suppressed [ 279.563589][T11903] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2355'. [ 279.584724][T11905] batman_adv: batadv0: Interface activated: dummy0 [ 279.611211][T11908] batadv0: mtu less than device minimum [ 279.649607][T11908] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 279.662404][T11908] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 279.675505][T11908] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 279.688380][T11908] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 279.701101][T11908] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 279.713873][T11908] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 279.726689][T11908] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 279.739538][T11908] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 279.752225][T11908] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 280.429248][T11928] netlink: 'syz.2.2363': attribute type 2 has an invalid length. [ 280.979524][T11949] xt_policy: input policy not valid in POSTROUTING and OUTPUT [ 281.129116][T11960] netlink: 96 bytes leftover after parsing attributes in process `syz.2.2372'. [ 281.449569][ T7848] wlan1: Trigger new scan to find an IBSS to join [ 281.798079][T11990] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0 [ 281.967177][T11998] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2387'. [ 281.996616][T11998] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2387'. [ 282.023555][T11998] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2387'. [ 282.048679][T11998] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2387'. [ 282.153533][T12005] vlan3: entered promiscuous mode [ 282.169717][T12005] bridge0: entered promiscuous mode [ 282.185648][T12005] vlan3: entered allmulticast mode [ 282.195664][T12005] bridge0: entered allmulticast mode [ 282.204442][T12007] FAULT_INJECTION: forcing a failure. [ 282.204442][T12007] name failslab, interval 1, probability 0, space 0, times 0 [ 282.225715][T12007] CPU: 1 UID: 0 PID: 12007 Comm: syz.0.2391 Not tainted 6.14.0-rc7-syzkaller-00177-g0032c99e83b9 #0 [ 282.225748][T12007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 282.225762][T12007] Call Trace: [ 282.225770][T12007] [ 282.225778][T12007] dump_stack_lvl+0x241/0x360 [ 282.225811][T12007] ? __pfx_dump_stack_lvl+0x10/0x10 [ 282.225834][T12007] ? __pfx__printk+0x10/0x10 [ 282.225858][T12007] ? kmem_cache_alloc_node_noprof+0x4f/0x380 [ 282.225889][T12007] ? __pfx___might_resched+0x10/0x10 [ 282.225920][T12007] should_fail_ex+0x40a/0x550 [ 282.225956][T12007] should_failslab+0xac/0x100 [ 282.225987][T12007] kmem_cache_alloc_node_noprof+0x77/0x380 [ 282.226016][T12007] ? __alloc_skb+0x1c3/0x440 [ 282.226040][T12007] __alloc_skb+0x1c3/0x440 [ 282.226066][T12007] ? __pfx___alloc_skb+0x10/0x10 [ 282.226092][T12007] ? netlink_ack_tlv_len+0x6e/0x200 [ 282.226120][T12007] netlink_ack+0x145/0xa60 [ 282.226141][T12007] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 282.226176][T12007] ? ref_tracker_free+0x643/0x7e0 [ 282.226201][T12007] netlink_rcv_skb+0x294/0x480 [ 282.226227][T12007] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 282.226255][T12007] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 282.226303][T12007] ? netlink_deliver_tap+0x2e/0x1b0 [ 282.226331][T12007] netlink_unicast+0x7f6/0x990 [ 282.226362][T12007] ? __pfx_netlink_unicast+0x10/0x10 [ 282.226382][T12007] ? __virt_addr_valid+0x45f/0x530 [ 282.226403][T12007] ? __phys_addr_symbol+0x2f/0x70 [ 282.226422][T12007] ? __check_object_size+0x47a/0x730 [ 282.226456][T12007] netlink_sendmsg+0x8de/0xcb0 [ 282.226495][T12007] ? __pfx_netlink_sendmsg+0x10/0x10 [ 282.226526][T12007] ? aa_sock_msg_perm+0x91/0x160 [ 282.226564][T12007] ? __pfx_netlink_sendmsg+0x10/0x10 [ 282.226588][T12007] __sock_sendmsg+0x221/0x270 [ 282.226619][T12007] ____sys_sendmsg+0x53a/0x860 [ 282.226651][T12007] ? __pfx_____sys_sendmsg+0x10/0x10 [ 282.226672][T12007] ? __fget_files+0x2a/0x410 [ 282.226713][T12007] ? __fget_files+0x2a/0x410 [ 282.226753][T12007] __sys_sendmsg+0x269/0x350 [ 282.226780][T12007] ? __pfx___sys_sendmsg+0x10/0x10 [ 282.226818][T12007] ? do_sys_openat2+0x17a/0x1d0 [ 282.226875][T12007] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 282.226909][T12007] ? do_syscall_64+0x100/0x230 [ 282.226945][T12007] ? do_syscall_64+0xb6/0x230 [ 282.226980][T12007] do_syscall_64+0xf3/0x230 [ 282.227012][T12007] ? clear_bhb_loop+0x35/0x90 [ 282.227045][T12007] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 282.227074][T12007] RIP: 0033:0x7ff7dfd8d169 [ 282.227093][T12007] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 282.227111][T12007] RSP: 002b:00007ff7e0cb5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 282.227134][T12007] RAX: ffffffffffffffda RBX: 00007ff7dffa5fa0 RCX: 00007ff7dfd8d169 [ 282.227150][T12007] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003 [ 282.227163][T12007] RBP: 00007ff7e0cb5090 R08: 0000000000000000 R09: 0000000000000000 [ 282.227176][T12007] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 282.227189][T12007] R13: 0000000000000000 R14: 00007ff7dffa5fa0 R15: 00007ffe1c4383e8 [ 282.227219][T12007] [ 282.368387][T12005] team0: No ports can be present during mode change [ 282.671211][ T7848] wlan1: Creating new IBSS network, BSSID ca:7d:bf:41:fb:30 [ 282.701296][T12018] veth1_macvtap: left promiscuous mode [ 282.719620][T12018] macsec0: entered promiscuous mode [ 283.346003][T12053] netlink: 'syz.3.2405': attribute type 6 has an invalid length. [ 283.616901][T12059] netlink: 'syz.0.2407': attribute type 1 has an invalid length. [ 283.639374][T12059] netlink: 'syz.0.2407': attribute type 2 has an invalid length. [ 283.874936][T12076] sctp: [Deprecated]: syz.0.2411 (pid 12076) Use of int in max_burst socket option. [ 283.874936][T12076] Use struct sctp_assoc_value instead [ 284.286767][T12092] netlink: 'syz.0.2418': attribute type 2 has an invalid length. [ 284.298558][T12092] netlink: 'syz.0.2418': attribute type 1 has an invalid length. [ 284.342518][T12092] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2418'. [ 284.421725][T12098] FAULT_INJECTION: forcing a failure. [ 284.421725][T12098] name failslab, interval 1, probability 0, space 0, times 0 [ 284.443696][T12098] CPU: 1 UID: 0 PID: 12098 Comm: syz.1.2420 Not tainted 6.14.0-rc7-syzkaller-00177-g0032c99e83b9 #0 [ 284.443736][T12098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 284.443749][T12098] Call Trace: [ 284.443756][T12098] [ 284.443765][T12098] dump_stack_lvl+0x241/0x360 [ 284.443796][T12098] ? __pfx_dump_stack_lvl+0x10/0x10 [ 284.443820][T12098] ? __pfx__printk+0x10/0x10 [ 284.443848][T12098] ? ref_tracker_alloc+0x332/0x490 [ 284.443874][T12098] should_fail_ex+0x40a/0x550 [ 284.443912][T12098] should_failslab+0xac/0x100 [ 284.443942][T12098] ? skb_clone+0x20c/0x390 [ 284.443964][T12098] kmem_cache_alloc_noprof+0x70/0x380 [ 284.444001][T12098] skb_clone+0x20c/0x390 [ 284.444030][T12098] __netlink_deliver_tap+0x3c4/0x7f0 [ 284.444069][T12098] ? netlink_deliver_tap+0x2e/0x1b0 [ 284.444094][T12098] netlink_deliver_tap+0x19d/0x1b0 [ 284.444120][T12098] netlink_sendskb+0x68/0x140 [ 284.444145][T12098] netlink_unicast+0x39d/0x990 [ 284.444166][T12098] ? __asan_memcpy+0x40/0x70 [ 284.444195][T12098] ? __pfx_netlink_unicast+0x10/0x10 [ 284.444228][T12098] netlink_rcv_skb+0x294/0x480 [ 284.444256][T12098] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 284.444286][T12098] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 284.444337][T12098] ? netlink_deliver_tap+0x2e/0x1b0 [ 284.444366][T12098] netlink_unicast+0x7f6/0x990 [ 284.444398][T12098] ? __pfx_netlink_unicast+0x10/0x10 [ 284.444417][T12098] ? __virt_addr_valid+0x45f/0x530 [ 284.444439][T12098] ? __phys_addr_symbol+0x2f/0x70 [ 284.444458][T12098] ? __check_object_size+0x47a/0x730 [ 284.444492][T12098] netlink_sendmsg+0x8de/0xcb0 [ 284.444533][T12098] ? __pfx_netlink_sendmsg+0x10/0x10 [ 284.444564][T12098] ? aa_sock_msg_perm+0x91/0x160 [ 284.444603][T12098] ? __pfx_netlink_sendmsg+0x10/0x10 [ 284.444633][T12098] __sock_sendmsg+0x221/0x270 [ 284.444675][T12098] ____sys_sendmsg+0x53a/0x860 [ 284.444708][T12098] ? __pfx_____sys_sendmsg+0x10/0x10 [ 284.444736][T12098] ? __fget_files+0x2a/0x410 [ 284.444770][T12098] ? __fget_files+0x2a/0x410 [ 284.444811][T12098] __sys_sendmsg+0x269/0x350 [ 284.444841][T12098] ? __pfx___sys_sendmsg+0x10/0x10 [ 284.444878][T12098] ? do_sys_openat2+0x17a/0x1d0 [ 284.444944][T12098] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 284.444979][T12098] ? do_syscall_64+0x100/0x230 [ 284.445015][T12098] ? do_syscall_64+0xb6/0x230 [ 284.445051][T12098] do_syscall_64+0xf3/0x230 [ 284.445083][T12098] ? clear_bhb_loop+0x35/0x90 [ 284.445117][T12098] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 284.445145][T12098] RIP: 0033:0x7f67d378d169 [ 284.445164][T12098] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 284.445182][T12098] RSP: 002b:00007f67d456e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 284.445205][T12098] RAX: ffffffffffffffda RBX: 00007f67d39a5fa0 RCX: 00007f67d378d169 [ 284.445220][T12098] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003 [ 284.445233][T12098] RBP: 00007f67d456e090 R08: 0000000000000000 R09: 0000000000000000 [ 284.445247][T12098] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 284.445259][T12098] R13: 0000000000000000 R14: 00007f67d39a5fa0 R15: 00007fffee163858 [ 284.445292][T12098] [ 284.967751][T12104] netlink: 'syz.3.2422': attribute type 30 has an invalid length. [ 285.297462][T12126] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2429'. [ 285.599065][T12140] netlink: 'syz.1.2433': attribute type 2 has an invalid length. [ 285.607307][T12140] netlink: 'syz.1.2433': attribute type 1 has an invalid length. [ 285.677702][T12145] netlink: 'syz.0.2436': attribute type 2 has an invalid length. [ 285.698003][T12145] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2436'. [ 285.843428][T12156] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2438'. [ 285.868202][T12156] netlink: 92 bytes leftover after parsing attributes in process `syz.1.2438'. [ 286.050745][T12161] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2439'. [ 286.275955][T12172] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2443'. [ 286.356672][T12175] mac80211_hwsim hwsim9 syzkaller0: entered promiscuous mode [ 286.384843][T12175] mac80211_hwsim hwsim9 syzkaller0: entered allmulticast mode [ 286.449967][T12183] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2446'. [ 286.757620][T12198] sctp: [Deprecated]: syz.0.2448 (pid 12198) Use of int in max_burst socket option. [ 286.757620][T12198] Use struct sctp_assoc_value instead [ 287.124426][T12214] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2454'. [ 287.158956][T12214] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2454'. [ 287.189607][T12214] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2454'. [ 288.492645][T12263] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 288.512790][T12263] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 288.581951][T12270] net_ratelimit: 14 callbacks suppressed [ 288.581994][T12270] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 289.395796][T12320] x_tables: duplicate underflow at hook 2 [ 289.499968][T12329] x_tables: duplicate underflow at hook 1 [ 289.850497][T12352] FAULT_INJECTION: forcing a failure. [ 289.850497][T12352] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 289.871029][T12352] CPU: 1 UID: 0 PID: 12352 Comm: syz.0.2497 Not tainted 6.14.0-rc7-syzkaller-00177-g0032c99e83b9 #0 [ 289.871069][T12352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 289.871081][T12352] Call Trace: [ 289.871088][T12352] [ 289.871097][T12352] dump_stack_lvl+0x241/0x360 [ 289.871129][T12352] ? __pfx_dump_stack_lvl+0x10/0x10 [ 289.871153][T12352] ? __pfx__printk+0x10/0x10 [ 289.871177][T12352] ? __pfx_lock_release+0x10/0x10 [ 289.871216][T12352] should_fail_ex+0x40a/0x550 [ 289.871253][T12352] _copy_from_iter+0x1df/0x1c40 [ 289.871279][T12352] ? __virt_addr_valid+0x183/0x530 [ 289.871301][T12352] ? __pfx_lock_release+0x10/0x10 [ 289.871343][T12352] ? __pfx__copy_from_iter+0x10/0x10 [ 289.871371][T12352] ? __virt_addr_valid+0x183/0x530 [ 289.871390][T12352] ? __virt_addr_valid+0x183/0x530 [ 289.871408][T12352] ? __virt_addr_valid+0x45f/0x530 [ 289.871429][T12352] ? __phys_addr_symbol+0x2f/0x70 [ 289.871447][T12352] ? __check_object_size+0x47a/0x730 [ 289.871482][T12352] af_alg_sendmsg+0x154f/0x24d0 [ 289.871535][T12352] ? __pfx_af_alg_sendmsg+0x10/0x10 [ 289.871565][T12352] ? __pfx_aa_sk_perm+0x10/0x10 [ 289.871593][T12352] ? __import_iovec+0x582/0x830 [ 289.871623][T12352] ? aa_sock_msg_perm+0x91/0x160 [ 289.871656][T12352] ? skcipher_sendmsg+0x28/0xf0 [ 289.871690][T12352] ? __pfx_skcipher_sendmsg+0x10/0x10 [ 289.871719][T12352] __sock_sendmsg+0x221/0x270 [ 289.871753][T12352] ____sys_sendmsg+0x53a/0x860 [ 289.871787][T12352] ? __pfx_____sys_sendmsg+0x10/0x10 [ 289.871808][T12352] ? __fget_files+0x2a/0x410 [ 289.871843][T12352] ? __fget_files+0x2a/0x410 [ 289.871883][T12352] __sys_sendmsg+0x269/0x350 [ 289.871913][T12352] ? __pfx___sys_sendmsg+0x10/0x10 [ 289.871951][T12352] ? do_sys_openat2+0x17a/0x1d0 [ 289.872016][T12352] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 289.872057][T12352] ? do_syscall_64+0x100/0x230 [ 289.872091][T12352] ? do_syscall_64+0xb6/0x230 [ 289.872126][T12352] do_syscall_64+0xf3/0x230 [ 289.872157][T12352] ? clear_bhb_loop+0x35/0x90 [ 289.872191][T12352] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 289.872219][T12352] RIP: 0033:0x7ff7dfd8d169 [ 289.872239][T12352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 289.872256][T12352] RSP: 002b:00007ff7e0cb5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 289.872280][T12352] RAX: ffffffffffffffda RBX: 00007ff7dffa5fa0 RCX: 00007ff7dfd8d169 [ 289.872295][T12352] RDX: 0000000000048880 RSI: 00002000000001c0 RDI: 0000000000000004 [ 289.872309][T12352] RBP: 00007ff7e0cb5090 R08: 0000000000000000 R09: 0000000000000000 [ 289.872323][T12352] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 289.872335][T12352] R13: 0000000000000000 R14: 00007ff7dffa5fa0 R15: 00007ffe1c4383e8 [ 289.872369][T12352] [ 290.189509][T12355] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 290.276657][T12360] IPVS: set_ctl: invalid protocol: 4 10.1.1.0:20003 [ 290.316342][T12358] sctp: [Deprecated]: syz.2.2500 (pid 12358) Use of struct sctp_assoc_value in delayed_ack socket option. [ 290.316342][T12358] Use struct sctp_sack_info instead [ 290.769188][T12389] batman_adv: batadv0: Local translation table size (108) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:13:f0 [ 290.802351][T12389] batman_adv: batadv0: Local translation table size (108) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:13:f0 [ 290.848243][T12389] batman_adv: batadv0: Local translation table size (108) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:13:f0 [ 290.888793][T12389] batman_adv: batadv0: Local translation table size (108) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:13:f0 [ 290.928487][T12389] batman_adv: batadv0: Local translation table size (108) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:13:f0 [ 290.962243][T12389] batman_adv: batadv0: Local translation table size (108) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:13:f0 [ 291.008410][T12389] batman_adv: batadv0: Local translation table size (108) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:13:f0 [ 291.068472][T12389] batman_adv: batadv0: Local translation table size (108) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:13:f0 [ 291.187672][T12408] __nla_validate_parse: 8 callbacks suppressed [ 291.187693][T12408] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2516'. [ 291.243753][T12414] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2516'. [ 291.410434][T12418] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2520'. [ 291.716706][T12425] mac80211_hwsim hwsim9 syzkaller0: left promiscuous mode [ 291.724272][T12425] mac80211_hwsim hwsim9 syzkaller0: left allmulticast mode [ 291.731966][T12428] netdevsim netdevsim4: Firmware load for './file0/../file0' refused, path contains '..' component [ 291.873105][T12433] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2527'. [ 292.699533][T12470] netlink: 74 bytes leftover after parsing attributes in process `syz.3.2540'. [ 292.850457][T12476] Bluetooth: MGMT ver 1.23 [ 292.876933][T12476] netlink: 'syz.3.2543': attribute type 6 has an invalid length. [ 293.173948][T12497] netlink: 'syz.2.2549': attribute type 1 has an invalid length. [ 293.205466][T12497] netlink: 'syz.2.2549': attribute type 12 has an invalid length. [ 293.282935][T12505] sctp: [Deprecated]: syz.2.2549 (pid 12505) Use of struct sctp_assoc_value in delayed_ack socket option. [ 293.282935][T12505] Use struct sctp_sack_info instead [ 294.078909][T12553] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2564'. [ 294.136283][T12559] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2566'. [ 294.192586][T12561] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'syz0' [ 294.208818][T12559] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING [ 294.397875][T12569] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2569'. [ 294.726321][T12585] netlink: 14 bytes leftover after parsing attributes in process `syz.1.2575'. [ 294.994044][T12606] netlink: 64138 bytes leftover after parsing attributes in process `syz.2.2580'. [ 295.055731][T12585] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 295.065138][T12585] bond_slave_0: left promiscuous mode [ 295.075222][T12585] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 295.085324][T12585] bond_slave_1: left promiscuous mode [ 295.094424][T12585] bond0 (unregistering): Released all slaves [ 295.566656][T12633] xt_CT: No such helper "snmp_trap" [ 295.762614][T12650] net_ratelimit: 247 callbacks suppressed [ 295.762638][T12650] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:14:f0 [ 295.828429][T12650] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:14:f0 [ 295.882009][T12650] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:14:f0 [ 295.918409][T12650] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:14:f0 [ 295.947521][T12650] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:14:f0 [ 296.004513][T12650] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:14:f0 [ 296.067348][T12650] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:14:f0 [ 296.118092][T12650] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:14:f0 [ 296.169559][T12650] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:14:f0 [ 296.189549][T12650] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:14:f0 [ 296.543208][T12689] (unnamed net_device) (uninitialized): Unable to set peer notification delay as MII monitoring is disabled [ 296.568260][ T5842] Bluetooth: hci4: command 0x0405 tx timeout [ 296.904491][T12708] netlink: 'syz.2.2606': attribute type 10 has an invalid length. [ 296.994067][T12707] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 297.057984][T12720] xt_CT: You must specify a L4 protocol and not use inversions on it [ 297.151776][T12727] netlink: 'syz.0.2613': attribute type 10 has an invalid length. [ 297.160482][T12727] netdevsim netdevsim0 netdevsim0: left promiscuous mode [ 297.173156][T12727] netdevsim netdevsim0 netdevsim0: entered promiscuous mode [ 297.182945][T12727] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 297.262417][T12725] sctp: [Deprecated]: syz.3.2612 (pid 12725) Use of struct sctp_assoc_value in delayed_ack socket option. [ 297.262417][T12725] Use struct sctp_sack_info instead [ 297.421245][T12737] __nla_validate_parse: 5 callbacks suppressed [ 297.421307][T12737] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2616'. [ 297.443841][T12737] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2616'. [ 297.551553][T12745] xt_hashlimit: invalid rate [ 297.682857][T12752] FAULT_INJECTION: forcing a failure. [ 297.682857][T12752] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 297.720362][T12751] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22 [ 297.726131][T12752] CPU: 0 UID: 0 PID: 12752 Comm: syz.3.2623 Not tainted 6.14.0-rc7-syzkaller-00177-g0032c99e83b9 #0 [ 297.726168][T12752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 297.726183][T12752] Call Trace: [ 297.726191][T12752] [ 297.726201][T12752] dump_stack_lvl+0x241/0x360 [ 297.726236][T12752] ? __pfx_dump_stack_lvl+0x10/0x10 [ 297.726261][T12752] ? __pfx__printk+0x10/0x10 [ 297.726286][T12752] ? __pfx_lock_release+0x10/0x10 [ 297.726331][T12752] should_fail_ex+0x40a/0x550 [ 297.726370][T12752] _copy_from_iter+0x1df/0x1c40 [ 297.726399][T12752] ? __virt_addr_valid+0x183/0x530 [ 297.726422][T12752] ? __pfx_lock_release+0x10/0x10 [ 297.726465][T12752] ? __pfx__copy_from_iter+0x10/0x10 [ 297.726494][T12752] ? __virt_addr_valid+0x183/0x530 [ 297.726514][T12752] ? __virt_addr_valid+0x183/0x530 [ 297.726533][T12752] ? __virt_addr_valid+0x45f/0x530 [ 297.726555][T12752] ? __phys_addr_symbol+0x2f/0x70 [ 297.726574][T12752] ? __check_object_size+0x47a/0x730 [ 297.726610][T12752] af_alg_sendmsg+0x154f/0x24d0 [ 297.726706][T12752] ? __pfx_af_alg_sendmsg+0x10/0x10 [ 297.726740][T12752] ? __pfx_aa_sk_perm+0x10/0x10 [ 297.726772][T12752] ? __import_iovec+0x582/0x830 [ 297.726803][T12752] ? aa_sock_msg_perm+0x91/0x160 [ 297.726837][T12752] ? skcipher_sendmsg+0x28/0xf0 [ 297.726873][T12752] ? __pfx_skcipher_sendmsg+0x10/0x10 [ 297.726904][T12752] __sock_sendmsg+0x221/0x270 [ 297.726939][T12752] ____sys_sendmsg+0x53a/0x860 [ 297.726974][T12752] ? __pfx_____sys_sendmsg+0x10/0x10 [ 297.726996][T12752] ? __fget_files+0x2a/0x410 [ 297.727032][T12752] ? __fget_files+0x2a/0x410 [ 297.727074][T12752] __sys_sendmsg+0x269/0x350 [ 297.727105][T12752] ? __pfx___sys_sendmsg+0x10/0x10 [ 297.727145][T12752] ? do_sys_openat2+0x17a/0x1d0 [ 297.727207][T12752] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 297.727243][T12752] ? do_syscall_64+0x100/0x230 [ 297.727281][T12752] ? do_syscall_64+0xb6/0x230 [ 297.727318][T12752] do_syscall_64+0xf3/0x230 [ 297.727351][T12752] ? clear_bhb_loop+0x35/0x90 [ 297.727385][T12752] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 297.727415][T12752] RIP: 0033:0x7f860718d169 [ 297.727435][T12752] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 297.727455][T12752] RSP: 002b:00007f8607f33038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 297.727478][T12752] RAX: ffffffffffffffda RBX: 00007f86073a5fa0 RCX: 00007f860718d169 [ 297.727495][T12752] RDX: 0000000000048880 RSI: 00002000000001c0 RDI: 0000000000000004 [ 297.727509][T12752] RBP: 00007f8607f33090 R08: 0000000000000000 R09: 0000000000000000 [ 297.727523][T12752] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 297.727537][T12752] R13: 0000000000000000 R14: 00007f86073a5fa0 R15: 00007ffc633bbca8 [ 297.727572][T12752] [ 298.044663][T12751] netdevsim netdevsim4: Direct firmware load for . failed with error -22 [ 298.064057][T12751] netdevsim netdevsim4: Falling back to sysfs fallback for: . [ 298.285723][T12778] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2630'. [ 298.575251][T12791] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2634'. [ 298.682976][T12798] RDS: rds_bind could not find a transport for ::ffff:10.1.1.0, load rds_tcp or rds_rdma? [ 299.084266][T12817] netlink: 'syz.2.2644': attribute type 2 has an invalid length. [ 299.384846][T12836] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2650'. [ 299.714100][T12842] netlink: 'syz.4.2652': attribute type 2 has an invalid length. [ 300.004036][T12864] netlink: 'syz.3.2659': attribute type 30 has an invalid length. [ 300.313286][T12884] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2664'. [ 300.607415][T12895] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2669'. [ 300.617274][T12895] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2669'. [ 301.236625][T12934] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2682'. [ 301.265330][T12935] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2681'. [ 302.417486][T12955] xt_CT: No such helper "pptp" [ 303.547638][T12972] set match dimension is over the limit! [ 303.566516][T12972] set match dimension is over the limit! [ 303.582751][T12972] set match dimension is over the limit! [ 303.608310][T12973] netlink: 'syz.0.2692': attribute type 1 has an invalid length. [ 303.618348][T12972] set match dimension is over the limit! [ 303.624538][T12972] set match dimension is over the limit! [ 303.732053][T12973] 8021q: adding VLAN 0 to HW filter on device bond2 [ 303.787716][T12991] __nla_validate_parse: 1 callbacks suppressed [ 303.787739][T12991] netlink: 104 bytes leftover after parsing attributes in process `syz.1.2697'. [ 303.958687][T12996] net_ratelimit: 245 callbacks suppressed [ 303.958710][T12996] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 304.047949][T12999] openvswitch: netlink: Port -1 exceeds max allowable 65535 [ 304.081853][T12998] openvswitch: netlink: Port -1 exceeds max allowable 65535 [ 304.187261][T13005] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2703'. [ 304.636485][T13011] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2705'. [ 304.914974][T13025] batman_adv: batadv0: Local translation table size (108) exceeds maximum packet size (-320); Ignoring new local tt entry: 80:00:00:00:00:85 [ 305.088102][T13034] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_macvtap, syncid = 0, id = 0 [ 305.615731][T13048] xt_CT: You must specify a L4 protocol and not use inversions on it [ 305.663665][T13048] netlink: 'syz.1.2717': attribute type 3 has an invalid length. [ 305.705205][T13048] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2717'. [ 306.415770][T13089] lo: entered promiscuous mode [ 306.423976][T13089] Bluetooth: MGMT ver 1.23 [ 306.496421][T13087] lo: left promiscuous mode [ 306.845771][T13115] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2743'. [ 306.878134][T13115] nbd: nbd0 already in use [ 306.893688][ T1107] block nbd0: Possible stuck request ffff8880260e0000: control (read@0,4096B). Runtime 30 seconds [ 307.759173][T13163] openvswitch: netlink: IPv4 tun info is not correct [ 309.206332][T13196] netlink: 'syz.0.2766': attribute type 12 has an invalid length. [ 310.331981][T13251] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 310.774569][T13276] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2787'. [ 311.231487][T13303] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2793'. [ 311.347684][T13303] 8021q: adding VLAN 0 to HW filter on device bond0 [ 311.479700][T13311] vxcan3: entered promiscuous mode [ 311.515178][T13311] 8021q: adding VLAN 0 to HW filter on device bond0 [ 311.532745][T13311] bond0: (slave vxcan3): The slave device specified does not support setting the MAC address [ 311.546406][T13311] bond0: (slave vxcan3): Error -95 calling set_mac_address [ 311.583612][T13319] openvswitch: netlink: Missing key (keys=40, expected=100) [ 312.292236][T13360] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2808'. [ 312.351092][T13363] netlink: 'syz.1.2810': attribute type 21 has an invalid length. [ 312.355099][T13360] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2808'. [ 312.429202][T13360] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2808'. [ 312.434142][T13373] netlink: 'syz.1.2810': attribute type 21 has an invalid length. [ 312.481368][T13363] (unnamed net_device) (uninitialized): option lacp_rate: mode dependency failed, not supported in mode broadcast(3) [ 312.515250][T13373] (unnamed net_device) (uninitialized): option lacp_rate: mode dependency failed, not supported in mode broadcast(3) [ 312.845818][T13391] FAULT_INJECTION: forcing a failure. [ 312.845818][T13391] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 312.871609][T13386] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 312.902154][T13391] CPU: 1 UID: 0 PID: 13391 Comm: syz.1.2817 Not tainted 6.14.0-rc7-syzkaller-00177-g0032c99e83b9 #0 [ 312.902194][T13391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 312.902208][T13391] Call Trace: [ 312.902216][T13391] [ 312.902226][T13391] dump_stack_lvl+0x241/0x360 [ 312.902258][T13391] ? __pfx_dump_stack_lvl+0x10/0x10 [ 312.902282][T13391] ? __pfx__printk+0x10/0x10 [ 312.902307][T13391] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 312.902347][T13391] should_fail_ex+0x40a/0x550 [ 312.902385][T13391] prepare_alloc_pages+0x1da/0x5b0 [ 312.902418][T13391] __alloc_frozen_pages_noprof+0x16f/0x710 [ 312.902446][T13391] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 312.902473][T13391] ? _copy_from_iter+0x141/0x1c40 [ 312.902501][T13391] ? rep_movs_alternative+0x4a/0x70 [ 312.902533][T13391] ? __virt_addr_valid+0x183/0x530 [ 312.902558][T13391] alloc_pages_mpol+0x311/0x660 [ 312.902593][T13391] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 312.902625][T13391] ? __virt_addr_valid+0x183/0x530 [ 312.902644][T13391] ? __virt_addr_valid+0x45f/0x530 [ 312.902668][T13391] alloc_pages_noprof+0x121/0x190 [ 312.902700][T13391] af_alg_sendmsg+0x145b/0x24d0 [ 312.902757][T13391] ? __pfx_af_alg_sendmsg+0x10/0x10 [ 312.902790][T13391] ? __pfx_aa_sk_perm+0x10/0x10 [ 312.902820][T13391] ? __import_iovec+0x582/0x830 [ 312.902850][T13391] ? aa_sock_msg_perm+0x91/0x160 [ 312.902882][T13391] ? skcipher_sendmsg+0x28/0xf0 [ 312.902917][T13391] ? __pfx_skcipher_sendmsg+0x10/0x10 [ 312.902947][T13391] __sock_sendmsg+0x221/0x270 [ 312.902981][T13391] ____sys_sendmsg+0x53a/0x860 [ 312.903015][T13391] ? __pfx_____sys_sendmsg+0x10/0x10 [ 312.903036][T13391] ? __fget_files+0x2a/0x410 [ 312.903071][T13391] ? __fget_files+0x2a/0x410 [ 312.903117][T13391] __sys_sendmsg+0x269/0x350 [ 312.903146][T13391] ? __pfx___sys_sendmsg+0x10/0x10 [ 312.903193][T13391] ? do_sys_openat2+0x17a/0x1d0 [ 312.903253][T13391] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 312.903287][T13391] ? do_syscall_64+0x100/0x230 [ 312.903322][T13391] ? do_syscall_64+0xb6/0x230 [ 312.903358][T13391] do_syscall_64+0xf3/0x230 [ 312.903391][T13391] ? clear_bhb_loop+0x35/0x90 [ 312.903424][T13391] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 312.903453][T13391] RIP: 0033:0x7f67d378d169 [ 312.903471][T13391] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 312.903490][T13391] RSP: 002b:00007f67d456e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 312.903513][T13391] RAX: ffffffffffffffda RBX: 00007f67d39a5fa0 RCX: 00007f67d378d169 [ 312.903528][T13391] RDX: 0000000000048880 RSI: 00002000000001c0 RDI: 0000000000000004 [ 312.903542][T13391] RBP: 00007f67d456e090 R08: 0000000000000000 R09: 0000000000000000 [ 312.903555][T13391] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 312.903567][T13391] R13: 0000000000000000 R14: 00007f67d39a5fa0 R15: 00007fffee163858 [ 312.903600][T13391] [ 313.309023][T13395] netlink: 'syz.1.2820': attribute type 1 has an invalid length. [ 313.320599][T13395] netlink: 'syz.1.2820': attribute type 2 has an invalid length. [ 313.889705][T13422] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2824'. [ 313.930472][ T7864] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 313.941605][T13422] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2824'. [ 315.282072][T13498] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2843'. [ 315.312105][T13498] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2843'. [ 315.334009][T13498] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2843'. [ 315.921071][T13537] __nla_validate_parse: 2 callbacks suppressed [ 315.921090][T13537] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2853'. [ 316.381989][T13559] netlink: 'syz.1.2860': attribute type 2 has an invalid length. [ 316.422735][T13559] openvswitch: netlink: push_nsh: missing base or metadata attributes [ 316.463357][T13559] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 316.633026][T13572] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2864'. [ 316.655385][T13573] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2865'. [ 317.202332][ T5911] IPVS: starting estimator thread 0... [ 317.308353][T13606] IPVS: using max 19 ests per chain, 45600 per kthread [ 317.359663][T13612] RDS: rds_bind could not find a transport for ::ffff:10.1.1.1, load rds_tcp or rds_rdma? [ 317.400074][T13612] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2874'. [ 317.484217][T13620] netlink: 72 bytes leftover after parsing attributes in process `syz.3.2876'. [ 317.515311][T13620] netlink: 72 bytes leftover after parsing attributes in process `syz.3.2876'. [ 317.545870][T13622] netlink: 72 bytes leftover after parsing attributes in process `syz.3.2876'. [ 317.589245][T13622] netlink: 72 bytes leftover after parsing attributes in process `syz.3.2876'. [ 317.637705][T13622] mac80211_hwsim hwsim3 syzkaller0: Caught tx_queue_len zero misconfig [ 317.638636][T13631] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2879'. [ 317.788720][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.866745][T13641] bridge0: entered allmulticast mode [ 317.926363][T13647] netlink: 144 bytes leftover after parsing attributes in process `syz.3.2883'. [ 317.995871][T13650] FAULT_INJECTION: forcing a failure. [ 317.995871][T13650] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 318.012712][T13650] CPU: 1 UID: 0 PID: 13650 Comm: syz.1.2884 Not tainted 6.14.0-rc7-syzkaller-00177-g0032c99e83b9 #0 [ 318.012744][T13650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 318.012757][T13650] Call Trace: [ 318.012765][T13650] [ 318.012774][T13650] dump_stack_lvl+0x241/0x360 [ 318.012818][T13650] ? __pfx_dump_stack_lvl+0x10/0x10 [ 318.012847][T13650] ? __pfx__printk+0x10/0x10 [ 318.012883][T13650] should_fail_ex+0x40a/0x550 [ 318.012921][T13650] prepare_alloc_pages+0x1da/0x5b0 [ 318.012954][T13650] __alloc_frozen_pages_noprof+0x16f/0x710 [ 318.012983][T13650] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 318.013031][T13650] alloc_pages_mpol+0x311/0x660 [ 318.013066][T13650] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 318.013091][T13650] ? validate_chain+0x11e/0x5920 [ 318.013118][T13650] ? __thp_vma_allowable_orders+0x8ff/0x9c0 [ 318.013150][T13650] alloc_pages_noprof+0x121/0x190 [ 318.013182][T13650] pte_alloc_one+0x24/0x160 [ 318.013215][T13650] __handle_mm_fault+0x2f53/0x6ef0 [ 318.013246][T13650] ? mark_lock+0x9a/0x360 [ 318.013297][T13650] ? __pfx___handle_mm_fault+0x10/0x10 [ 318.013342][T13650] ? mt_find+0x2a9/0x920 [ 318.013374][T13650] ? __pfx_lock_release+0x10/0x10 [ 318.013420][T13650] ? mt_find+0x2a9/0x920 [ 318.013454][T13650] ? mt_find+0x6c8/0x920 [ 318.013486][T13650] ? mt_find+0x2a9/0x920 [ 318.013523][T13650] ? __pfx_mt_find+0x10/0x10 [ 318.013578][T13650] ? find_vma+0xf9/0x170 [ 318.013609][T13650] ? __pfx_find_vma+0x10/0x10 [ 318.013638][T13650] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 318.013674][T13650] handle_mm_fault+0x3e5/0x8d0 [ 318.013718][T13650] exc_page_fault+0x2b9/0x8b0 [ 318.013757][T13650] asm_exc_page_fault+0x26/0x30 [ 318.013785][T13650] RIP: 0010:rep_movs_alternative+0x30/0x70 [ 318.013812][T13650] Code: f9 40 73 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 [ 318.013829][T13650] RSP: 0018:ffffc9000b207a98 EFLAGS: 00050202 [ 318.013855][T13650] RAX: 00007ffffffff001 RBX: 0000200000000100 RCX: 0000000000000018 [ 318.013870][T13650] RDX: 0000000000000001 RSI: 0000200000000100 RDI: ffffc9000b207bd0 [ 318.013883][T13650] RBP: ffffc9000b207c70 R08: ffffc9000b207be7 R09: 1ffff92001640f7c [ 318.013898][T13650] R10: dffffc0000000000 R11: fffff52001640f7d R12: 1ffff92001640f64 [ 318.013914][T13650] R13: dffffc0000000000 R14: ffffc9000b207bd0 R15: 0000000000000018 [ 318.013948][T13650] _copy_from_user+0x7b/0xb0 [ 318.013979][T13650] rfcomm_dev_ioctl+0x255/0x22f0 [ 318.014015][T13650] ? tomoyo_path_number_perm+0x209/0x770 [ 318.014047][T13650] ? __pfx_lock_release+0x10/0x10 [ 318.014078][T13650] ? __pfx_rfcomm_dev_ioctl+0x10/0x10 [ 318.014111][T13650] ? tomoyo_path_number_perm+0x5dd/0x770 [ 318.014145][T13650] ? tomoyo_path_number_perm+0x5dd/0x770 [ 318.014181][T13650] ? __lock_acquire+0x1397/0x2100 [ 318.014215][T13650] ? bt_sock_ioctl+0xe9/0x2c0 [ 318.014251][T13650] sock_do_ioctl+0x158/0x460 [ 318.014287][T13650] ? __pfx_sock_do_ioctl+0x10/0x10 [ 318.014337][T13650] sock_ioctl+0x5c7/0x8d0 [ 318.014367][T13650] ? __pfx_sock_ioctl+0x10/0x10 [ 318.014394][T13650] ? __fget_files+0x2a/0x410 [ 318.014428][T13650] ? __fget_files+0x2a/0x410 [ 318.014560][T13650] ? __pfx_sock_ioctl+0x10/0x10 [ 318.014595][T13650] __se_sys_ioctl+0xf5/0x170 [ 318.014624][T13650] do_syscall_64+0xf3/0x230 [ 318.014658][T13650] ? clear_bhb_loop+0x35/0x90 [ 318.014692][T13650] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 318.014721][T13650] RIP: 0033:0x7f67d378d169 [ 318.014741][T13650] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 318.014768][T13650] RSP: 002b:00007f67d456e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 318.014791][T13650] RAX: ffffffffffffffda RBX: 00007f67d39a5fa0 RCX: 00007f67d378d169 [ 318.014804][T13650] RDX: 0000200000000100 RSI: 00000000400452c8 RDI: 0000000000000004 [ 318.014819][T13650] RBP: 00007f67d456e090 R08: 0000000000000000 R09: 0000000000000000 [ 318.014832][T13650] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 318.014844][T13650] R13: 0000000000000000 R14: 00007f67d39a5fa0 R15: 00007fffee163858 [ 318.014880][T13650] [ 318.475721][T13655] xt_NFQUEUE: number of total queues is 0 [ 318.482703][T13647] netlink: 'syz.3.2883': attribute type 29 has an invalid length. [ 318.497631][T13653] netlink: 'syz.3.2883': attribute type 29 has an invalid length. [ 318.554675][T13658] netlink: 'syz.1.2887': attribute type 5 has an invalid length. [ 318.579345][T13653] openvswitch: netlink: Flow key attr not present in new flow. [ 318.640498][T13653] netlink: 'syz.3.2883': attribute type 3 has an invalid length. [ 318.712515][T13665] openvswitch: netlink: Key type 31 is not supported [ 318.750712][T13665] bond0: (slave netdevsim0): Releasing backup interface [ 318.778215][T13665] netdevsim netdevsim0 netdevsim0: left promiscuous mode [ 318.947882][T13678] x_tables: unsorted underflow at hook 2 [ 319.073108][T13683] netlink: 'syz.2.2895': attribute type 1 has an invalid length. [ 319.143229][T13683] 8021q: adding VLAN 0 to HW filter on device bond1 [ 319.187689][T13690] bond1: (slave gretap1): making interface the new active one [ 319.201476][T13690] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 319.296165][T13695] netlink: 'syz.2.2899': attribute type 11 has an invalid length. [ 319.347686][T13695] sch_fq: defrate 0 ignored. [ 319.655865][T13711] FAULT_INJECTION: forcing a failure. [ 319.655865][T13711] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 319.678580][T13711] CPU: 0 UID: 0 PID: 13711 Comm: syz.4.2903 Not tainted 6.14.0-rc7-syzkaller-00177-g0032c99e83b9 #0 [ 319.678613][T13711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 319.678626][T13711] Call Trace: [ 319.678633][T13711] [ 319.678643][T13711] dump_stack_lvl+0x241/0x360 [ 319.678675][T13711] ? __pfx_dump_stack_lvl+0x10/0x10 [ 319.678700][T13711] ? __pfx__printk+0x10/0x10 [ 319.678724][T13711] ? __pfx_lock_release+0x10/0x10 [ 319.678768][T13711] should_fail_ex+0x40a/0x550 [ 319.678807][T13711] _copy_from_iter+0x1df/0x1c40 [ 319.678834][T13711] ? __virt_addr_valid+0x183/0x530 [ 319.678856][T13711] ? __pfx_lock_release+0x10/0x10 [ 319.678908][T13711] ? __pfx__copy_from_iter+0x10/0x10 [ 319.678936][T13711] ? __virt_addr_valid+0x183/0x530 [ 319.678956][T13711] ? __virt_addr_valid+0x183/0x530 [ 319.678974][T13711] ? __virt_addr_valid+0x45f/0x530 [ 319.678995][T13711] ? __phys_addr_symbol+0x2f/0x70 [ 319.679014][T13711] ? __check_object_size+0x47a/0x730 [ 319.679048][T13711] af_alg_sendmsg+0x154f/0x24d0 [ 319.679106][T13711] ? __pfx_af_alg_sendmsg+0x10/0x10 [ 319.679140][T13711] ? __pfx_aa_sk_perm+0x10/0x10 [ 319.679170][T13711] ? __import_iovec+0x582/0x830 [ 319.679200][T13711] ? aa_sock_msg_perm+0x91/0x160 [ 319.679233][T13711] ? skcipher_sendmsg+0x28/0xf0 [ 319.679269][T13711] ? __pfx_skcipher_sendmsg+0x10/0x10 [ 319.679299][T13711] __sock_sendmsg+0x221/0x270 [ 319.679333][T13711] ____sys_sendmsg+0x53a/0x860 [ 319.679366][T13711] ? __pfx_____sys_sendmsg+0x10/0x10 [ 319.679388][T13711] ? __fget_files+0x2a/0x410 [ 319.679422][T13711] ? __fget_files+0x2a/0x410 [ 319.679463][T13711] __sys_sendmsg+0x269/0x350 [ 319.679517][T13711] ? __pfx___sys_sendmsg+0x10/0x10 [ 319.679557][T13711] ? do_sys_openat2+0x17a/0x1d0 [ 319.679618][T13711] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 319.679652][T13711] ? do_syscall_64+0x100/0x230 [ 319.679689][T13711] ? do_syscall_64+0xb6/0x230 [ 319.679725][T13711] do_syscall_64+0xf3/0x230 [ 319.679757][T13711] ? clear_bhb_loop+0x35/0x90 [ 319.679873][T13711] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 319.679907][T13711] RIP: 0033:0x7fd11ef8d169 [ 319.679929][T13711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 319.679946][T13711] RSP: 002b:00007fd11fe76038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 319.679969][T13711] RAX: ffffffffffffffda RBX: 00007fd11f1a5fa0 RCX: 00007fd11ef8d169 [ 319.679984][T13711] RDX: 0000000000048880 RSI: 00002000000001c0 RDI: 0000000000000004 [ 319.679998][T13711] RBP: 00007fd11fe76090 R08: 0000000000000000 R09: 0000000000000000 [ 319.680011][T13711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 319.680024][T13711] R13: 0000000000000000 R14: 00007fd11f1a5fa0 R15: 00007ffcc1b3fae8 [ 319.680058][T13711] [ 320.882152][T13758] team0: Device vti0 is of different type [ 321.017782][T13771] rdma_rxe: rxe_newlink: rxe creation allowed on top of a real device only [ 321.036505][T13764] __nla_validate_parse: 13 callbacks suppressed [ 321.036540][T13764] netlink: 52 bytes leftover after parsing attributes in process `syz.3.2920'. [ 321.103377][T13764] netlink: 52 bytes leftover after parsing attributes in process `syz.3.2920'. [ 321.148578][T13764] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 321.178277][T13778] netlink: 'syz.2.2924': attribute type 11 has an invalid length. [ 321.204336][T13778] netlink: 204 bytes leftover after parsing attributes in process `syz.2.2924'. [ 321.448364][T13790] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 321.493026][T13795] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2930'. [ 321.540979][T13799] FAULT_INJECTION: forcing a failure. [ 321.540979][T13799] name failslab, interval 1, probability 0, space 0, times 0 [ 321.617855][T13799] CPU: 1 UID: 0 PID: 13799 Comm: syz.0.2929 Not tainted 6.14.0-rc7-syzkaller-00177-g0032c99e83b9 #0 [ 321.617889][T13799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 321.617903][T13799] Call Trace: [ 321.617911][T13799] [ 321.617919][T13799] dump_stack_lvl+0x241/0x360 [ 321.617952][T13799] ? __pfx_dump_stack_lvl+0x10/0x10 [ 321.617976][T13799] ? __pfx__printk+0x10/0x10 [ 321.618005][T13799] ? kmem_cache_alloc_node_noprof+0x4f/0x380 [ 321.618035][T13799] ? __pfx___might_resched+0x10/0x10 [ 321.618069][T13799] should_fail_ex+0x40a/0x550 [ 321.618106][T13799] should_failslab+0xac/0x100 [ 321.618135][T13799] kmem_cache_alloc_node_noprof+0x77/0x380 [ 321.618163][T13799] ? __alloc_skb+0x1c3/0x440 [ 321.618186][T13799] __alloc_skb+0x1c3/0x440 [ 321.618213][T13799] ? __pfx___alloc_skb+0x10/0x10 [ 321.618236][T13799] ? netlink_autobind+0xd6/0x2f0 [ 321.618262][T13799] ? netlink_autobind+0x2b0/0x2f0 [ 321.618293][T13799] netlink_sendmsg+0x634/0xcb0 [ 321.618330][T13799] ? __pfx_netlink_sendmsg+0x10/0x10 [ 321.618359][T13799] ? aa_sock_msg_perm+0x91/0x160 [ 321.618396][T13799] ? __pfx_netlink_sendmsg+0x10/0x10 [ 321.618420][T13799] __sock_sendmsg+0x221/0x270 [ 321.618452][T13799] ____sys_sendmsg+0x53a/0x860 [ 321.618482][T13799] ? __pfx_____sys_sendmsg+0x10/0x10 [ 321.618503][T13799] ? __fget_files+0x2a/0x410 [ 321.618535][T13799] ? __fget_files+0x2a/0x410 [ 321.618572][T13799] __sys_sendmsg+0x269/0x350 [ 321.618600][T13799] ? __pfx___sys_sendmsg+0x10/0x10 [ 321.618636][T13799] ? do_sys_openat2+0x17a/0x1d0 [ 321.618692][T13799] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 321.618724][T13799] ? do_syscall_64+0x100/0x230 [ 321.618757][T13799] ? do_syscall_64+0xb6/0x230 [ 321.618791][T13799] do_syscall_64+0xf3/0x230 [ 321.618835][T13799] ? clear_bhb_loop+0x35/0x90 [ 321.618869][T13799] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 321.618897][T13799] RIP: 0033:0x7ff7dfd8d169 [ 321.618933][T13799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 321.618949][T13799] RSP: 002b:00007ff7e0cb5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 321.618971][T13799] RAX: ffffffffffffffda RBX: 00007ff7dffa5fa0 RCX: 00007ff7dfd8d169 [ 321.618987][T13799] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003 [ 321.618999][T13799] RBP: 00007ff7e0cb5090 R08: 0000000000000000 R09: 0000000000000000 [ 321.619011][T13799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 321.619023][T13799] R13: 0000000000000000 R14: 00007ff7dffa5fa0 R15: 00007ffe1c4383e8 [ 321.619052][T13799] [ 322.115648][T13814] netlink: 'syz.2.2936': attribute type 18 has an invalid length. [ 322.179565][T13814] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 322.190633][T13814] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 322.201624][T13814] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 322.212493][T13814] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 322.329523][T13827] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2938'. [ 322.535902][T13836] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 322.653109][T13846] netlink: 104 bytes leftover after parsing attributes in process `syz.4.2941'. [ 322.925058][T13858] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2945'. [ 322.945336][T13840] bond3: entered promiscuous mode [ 322.950971][T13840] bond3: entered allmulticast mode [ 322.956705][T13840] 8021q: adding VLAN 0 to HW filter on device bond3 [ 323.045507][T13864] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2945'. [ 323.304321][T13869] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2946'. [ 323.308308][T13870] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2946'. [ 325.093879][T13970] IPv6: Can't replace route, no match found [ 325.371677][T13994] FAULT_INJECTION: forcing a failure. [ 325.371677][T13994] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 325.448301][T13994] CPU: 0 UID: 0 PID: 13994 Comm: syz.4.2981 Not tainted 6.14.0-rc7-syzkaller-00177-g0032c99e83b9 #0 [ 325.448331][T13994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 325.448349][T13994] Call Trace: [ 325.448357][T13994] [ 325.448366][T13994] dump_stack_lvl+0x241/0x360 [ 325.448398][T13994] ? __pfx_dump_stack_lvl+0x10/0x10 [ 325.448429][T13994] ? __pfx__printk+0x10/0x10 [ 325.448452][T13994] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 325.448490][T13994] should_fail_ex+0x40a/0x550 [ 325.448528][T13994] prepare_alloc_pages+0x1da/0x5b0 [ 325.448560][T13994] __alloc_frozen_pages_noprof+0x16f/0x710 [ 325.448589][T13994] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 325.448612][T13994] ? _copy_from_iter+0x141/0x1c40 [ 325.448638][T13994] ? rep_movs_alternative+0x4a/0x70 [ 325.448669][T13994] ? __virt_addr_valid+0x183/0x530 [ 325.448695][T13994] alloc_pages_mpol+0x311/0x660 [ 325.448728][T13994] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 325.448759][T13994] ? __virt_addr_valid+0x183/0x530 [ 325.448777][T13994] ? __virt_addr_valid+0x45f/0x530 [ 325.448825][T13994] alloc_pages_noprof+0x121/0x190 [ 325.448857][T13994] af_alg_sendmsg+0x145b/0x24d0 [ 325.448918][T13994] ? __pfx_af_alg_sendmsg+0x10/0x10 [ 325.448948][T13994] ? __pfx_aa_sk_perm+0x10/0x10 [ 325.448977][T13994] ? __import_iovec+0x582/0x830 [ 325.449006][T13994] ? aa_sock_msg_perm+0x91/0x160 [ 325.449037][T13994] ? skcipher_sendmsg+0x28/0xf0 [ 325.449072][T13994] ? __pfx_skcipher_sendmsg+0x10/0x10 [ 325.449101][T13994] __sock_sendmsg+0x221/0x270 [ 325.449142][T13994] ____sys_sendmsg+0x53a/0x860 [ 325.449175][T13994] ? __pfx_____sys_sendmsg+0x10/0x10 [ 325.449197][T13994] ? __fget_files+0x2a/0x410 [ 325.449231][T13994] ? __fget_files+0x2a/0x410 [ 325.449272][T13994] __sys_sendmsg+0x269/0x350 [ 325.449312][T13994] ? __pfx___sys_sendmsg+0x10/0x10 [ 325.449351][T13994] ? do_sys_openat2+0x17a/0x1d0 [ 325.449411][T13994] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 325.449453][T13994] ? do_syscall_64+0x100/0x230 [ 325.449489][T13994] ? do_syscall_64+0xb6/0x230 [ 325.449530][T13994] do_syscall_64+0xf3/0x230 [ 325.449562][T13994] ? clear_bhb_loop+0x35/0x90 [ 325.449595][T13994] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 325.449624][T13994] RIP: 0033:0x7fd11ef8d169 [ 325.449644][T13994] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 325.449662][T13994] RSP: 002b:00007fd11fe76038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 325.449685][T13994] RAX: ffffffffffffffda RBX: 00007fd11f1a5fa0 RCX: 00007fd11ef8d169 [ 325.449700][T13994] RDX: 0000000000048880 RSI: 00002000000001c0 RDI: 0000000000000004 [ 325.449713][T13994] RBP: 00007fd11fe76090 R08: 0000000000000000 R09: 0000000000000000 [ 325.449726][T13994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 325.449739][T13994] R13: 0000000000000000 R14: 00007fd11f1a5fa0 R15: 00007ffcc1b3fae8 [ 325.449768][T13994] [ 325.773207][T14002] netlink: 'syz.3.2984': attribute type 33 has an invalid length. [ 326.097078][T14021] __nla_validate_parse: 4 callbacks suppressed [ 326.097109][T14021] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2990'. [ 326.344794][T14031] FAULT_INJECTION: forcing a failure. [ 326.344794][T14031] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 326.378235][T14031] CPU: 0 UID: 0 PID: 14031 Comm: syz.0.2994 Not tainted 6.14.0-rc7-syzkaller-00177-g0032c99e83b9 #0 [ 326.378269][T14031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 326.378282][T14031] Call Trace: [ 326.378290][T14031] [ 326.378298][T14031] dump_stack_lvl+0x241/0x360 [ 326.378330][T14031] ? __pfx_dump_stack_lvl+0x10/0x10 [ 326.378353][T14031] ? __pfx__printk+0x10/0x10 [ 326.378381][T14031] ? snprintf+0xda/0x120 [ 326.378410][T14031] should_fail_ex+0x40a/0x550 [ 326.378446][T14031] _copy_to_user+0x31/0xb0 [ 326.378479][T14031] simple_read_from_buffer+0xca/0x150 [ 326.378511][T14031] proc_fail_nth_read+0x1e9/0x250 [ 326.378545][T14031] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 326.378578][T14031] ? rw_verify_area+0x243/0x630 [ 326.378599][T14031] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 326.378631][T14031] vfs_read+0x1f8/0xb40 [ 326.378654][T14031] ? fdget_pos+0x254/0x320 [ 326.378687][T14031] ? __pfx___mutex_lock+0x10/0x10 [ 326.378719][T14031] ? __pfx_vfs_read+0x10/0x10 [ 326.378739][T14031] ? __fget_files+0x2a/0x410 [ 326.378764][T14031] ? __fget_files+0x395/0x410 [ 326.378787][T14031] ? __fget_files+0x2a/0x410 [ 326.378817][T14031] ksys_read+0x18f/0x2b0 [ 326.378837][T14031] ? __pfx_ksys_read+0x10/0x10 [ 326.378854][T14031] ? do_syscall_64+0x100/0x230 [ 326.378882][T14031] ? do_syscall_64+0xb6/0x230 [ 326.378910][T14031] do_syscall_64+0xf3/0x230 [ 326.378935][T14031] ? clear_bhb_loop+0x35/0x90 [ 326.378984][T14031] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 326.379007][T14031] RIP: 0033:0x7ff7dfd8bb7c [ 326.379023][T14031] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 326.379037][T14031] RSP: 002b:00007ff7e0cb5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 326.379055][T14031] RAX: ffffffffffffffda RBX: 00007ff7dffa5fa0 RCX: 00007ff7dfd8bb7c [ 326.379068][T14031] RDX: 000000000000000f RSI: 00007ff7e0cb50a0 RDI: 0000000000000004 [ 326.379078][T14031] RBP: 00007ff7e0cb5090 R08: 0000000000000000 R09: 0000000000000000 [ 326.379088][T14031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 326.379098][T14031] R13: 0000000000000000 R14: 00007ff7dffa5fa0 R15: 00007ffe1c4383e8 [ 326.379125][T14031] [ 326.939486][T14048] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3001'. [ 327.122682][T14056] netlink: 80 bytes leftover after parsing attributes in process `syz.0.3004'. [ 327.203952][T14060] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 327.235467][T14062] netlink: 252 bytes leftover after parsing attributes in process `syz.4.3006'. [ 327.237752][T14063] bridge0: port 4(gretap0) entered blocking state [ 327.256486][T14063] bridge0: port 4(gretap0) entered disabled state [ 327.279672][T14063] gretap0: entered allmulticast mode [ 327.302557][T14063] gretap0: entered promiscuous mode [ 327.526526][T14076] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3013'. [ 327.943036][T14096] sctp: [Deprecated]: syz.4.3022 (pid 14096) Use of int in max_burst socket option. [ 327.943036][T14096] Use struct sctp_assoc_value instead [ 327.970794][T14092] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3020'. [ 327.998150][T14096] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3022'. [ 328.012657][T14099] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3022'. [ 328.243620][T14111] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3027'. [ 328.382500][T14118] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3029'. [ 328.744353][T14139] batman_adv: batadv0: Local translation table size (108) exceeds maximum packet size (-320); Ignoring new local tt entry: 80:00:00:00:00:85 [ 328.791620][T14145] FAULT_INJECTION: forcing a failure. [ 328.791620][T14145] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 328.812888][T14145] CPU: 0 UID: 0 PID: 14145 Comm: syz.3.3036 Not tainted 6.14.0-rc7-syzkaller-00177-g0032c99e83b9 #0 [ 328.812928][T14145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 328.812942][T14145] Call Trace: [ 328.812949][T14145] [ 328.812959][T14145] dump_stack_lvl+0x241/0x360 [ 328.812990][T14145] ? __pfx_dump_stack_lvl+0x10/0x10 [ 328.813014][T14145] ? __pfx__printk+0x10/0x10 [ 328.813038][T14145] ? __pfx_lock_release+0x10/0x10 [ 328.813079][T14145] should_fail_ex+0x40a/0x550 [ 328.813117][T14145] _copy_from_iter+0x1df/0x1c40 [ 328.813142][T14145] ? __virt_addr_valid+0x183/0x530 [ 328.813164][T14145] ? __pfx_lock_release+0x10/0x10 [ 328.813202][T14145] ? __alloc_skb+0x28f/0x440 [ 328.813223][T14145] ? __pfx__copy_from_iter+0x10/0x10 [ 328.813250][T14145] ? __virt_addr_valid+0x183/0x530 [ 328.813269][T14145] ? __virt_addr_valid+0x183/0x530 [ 328.813287][T14145] ? __virt_addr_valid+0x45f/0x530 [ 328.813307][T14145] ? __phys_addr_symbol+0x2f/0x70 [ 328.813327][T14145] ? __check_object_size+0x47a/0x730 [ 328.813361][T14145] netlink_sendmsg+0x742/0xcb0 [ 328.813401][T14145] ? __pfx_netlink_sendmsg+0x10/0x10 [ 328.813432][T14145] ? aa_sock_msg_perm+0x91/0x160 [ 328.813470][T14145] ? __pfx_netlink_sendmsg+0x10/0x10 [ 328.813494][T14145] __sock_sendmsg+0x221/0x270 [ 328.813527][T14145] ____sys_sendmsg+0x53a/0x860 [ 328.813559][T14145] ? __pfx_____sys_sendmsg+0x10/0x10 [ 328.813580][T14145] ? __fget_files+0x2a/0x410 [ 328.813615][T14145] ? __fget_files+0x2a/0x410 [ 328.813654][T14145] __sys_sendmsg+0x269/0x350 [ 328.813683][T14145] ? __pfx___sys_sendmsg+0x10/0x10 [ 328.813720][T14145] ? do_sys_openat2+0x17a/0x1d0 [ 328.813777][T14145] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 328.813811][T14145] ? do_syscall_64+0x100/0x230 [ 328.813847][T14145] ? do_syscall_64+0xb6/0x230 [ 328.813883][T14145] do_syscall_64+0xf3/0x230 [ 328.813925][T14145] ? clear_bhb_loop+0x35/0x90 [ 328.813958][T14145] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 328.813987][T14145] RIP: 0033:0x7f860718d169 [ 328.814006][T14145] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 328.814023][T14145] RSP: 002b:00007f8607f33038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 328.814046][T14145] RAX: ffffffffffffffda RBX: 00007f86073a5fa0 RCX: 00007f860718d169 [ 328.814062][T14145] RDX: 0000000020000000 RSI: 0000200000000140 RDI: 0000000000000003 [ 328.814076][T14145] RBP: 00007f8607f33090 R08: 0000000000000000 R09: 0000000000000000 [ 328.814089][T14145] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 328.814102][T14145] R13: 0000000000000000 R14: 00007f86073a5fa0 R15: 00007ffc633bbca8 [ 328.814133][T14145] [ 330.290799][T14207] FAULT_INJECTION: forcing a failure. [ 330.290799][T14207] name failslab, interval 1, probability 0, space 0, times 0 [ 330.327802][T14207] CPU: 0 UID: 0 PID: 14207 Comm: syz.3.3054 Not tainted 6.14.0-rc7-syzkaller-00177-g0032c99e83b9 #0 [ 330.327837][T14207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 330.327851][T14207] Call Trace: [ 330.327858][T14207] [ 330.327868][T14207] dump_stack_lvl+0x241/0x360 [ 330.327904][T14207] ? __pfx_dump_stack_lvl+0x10/0x10 [ 330.328076][T14207] ? __pfx__printk+0x10/0x10 [ 330.328111][T14207] ? __kmalloc_noprof+0xb5/0x4c0 [ 330.328142][T14207] ? __pfx___might_resched+0x10/0x10 [ 330.328175][T14207] should_fail_ex+0x40a/0x550 [ 330.328216][T14207] should_failslab+0xac/0x100 [ 330.328247][T14207] __kmalloc_noprof+0xdd/0x4c0 [ 330.328275][T14207] ? tipc_nl_compat_doit+0x1aa/0x610 [ 330.328306][T14207] tipc_nl_compat_doit+0x1aa/0x610 [ 330.328333][T14207] ? __pfx_aa_get_newest_label+0x10/0x10 [ 330.328367][T14207] ? __pfx_aa_get_newest_label+0x10/0x10 [ 330.328401][T14207] ? __pfx_tipc_nl_compat_doit+0x10/0x10 [ 330.328441][T14207] ? bpf_lsm_capable+0x9/0x10 [ 330.328470][T14207] ? security_capable+0x7e/0x2d0 [ 330.328509][T14207] tipc_nl_compat_recv+0xec5/0x1590 [ 330.328541][T14207] ? __pfx_tipc_nl_compat_recv+0x10/0x10 [ 330.328565][T14207] ? genl_get_cmd+0x610/0xce0 [ 330.328597][T14207] ? __pfx___mutex_lock+0x10/0x10 [ 330.328629][T14207] ? __pfx___tipc_nl_bearer_enable+0x10/0x10 [ 330.328658][T14207] ? __pfx_tipc_nl_compat_bearer_enable+0x10/0x10 [ 330.328683][T14207] ? __pfx_genl_get_cmd+0x10/0x10 [ 330.328712][T14207] ? do_raw_spin_unlock+0x13c/0x8b0 [ 330.328759][T14207] genl_rcv_msg+0xb1f/0xec0 [ 330.328803][T14207] ? __pfx_genl_rcv_msg+0x10/0x10 [ 330.328891][T14207] ? _raw_spin_unlock_irqrestore+0x8f/0x140 [ 330.328944][T14207] ? __pfx_lock_acquire+0x10/0x10 [ 330.328979][T14207] ? __pfx_tipc_nl_compat_recv+0x10/0x10 [ 330.329006][T14207] ? __pfx___might_resched+0x10/0x10 [ 330.329048][T14207] netlink_rcv_skb+0x206/0x480 [ 330.329078][T14207] ? __pfx_genl_rcv_msg+0x10/0x10 [ 330.329111][T14207] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 330.329162][T14207] ? __netlink_deliver_tap+0x7b0/0x7f0 [ 330.329208][T14207] genl_rcv+0x28/0x40 [ 330.329238][T14207] netlink_unicast+0x7f6/0x990 [ 330.329274][T14207] ? __pfx_netlink_unicast+0x10/0x10 [ 330.329294][T14207] ? __virt_addr_valid+0x45f/0x530 [ 330.329316][T14207] ? __phys_addr_symbol+0x2f/0x70 [ 330.329336][T14207] ? __check_object_size+0x47a/0x730 [ 330.329369][T14207] netlink_sendmsg+0x8de/0xcb0 [ 330.329410][T14207] ? __pfx_netlink_sendmsg+0x10/0x10 [ 330.329441][T14207] ? aa_sock_msg_perm+0x91/0x160 [ 330.329481][T14207] ? __pfx_netlink_sendmsg+0x10/0x10 [ 330.329506][T14207] __sock_sendmsg+0x221/0x270 [ 330.329540][T14207] ____sys_sendmsg+0x53a/0x860 [ 330.329576][T14207] ? __pfx_____sys_sendmsg+0x10/0x10 [ 330.329598][T14207] ? __fget_files+0x2a/0x410 [ 330.329634][T14207] ? __fget_files+0x2a/0x410 [ 330.329675][T14207] __sys_sendmsg+0x269/0x350 [ 330.329706][T14207] ? __pfx___sys_sendmsg+0x10/0x10 [ 330.329745][T14207] ? do_sys_openat2+0x17a/0x1d0 [ 330.329808][T14207] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 330.329850][T14207] ? do_syscall_64+0x100/0x230 [ 330.329888][T14207] ? do_syscall_64+0xb6/0x230 [ 330.329925][T14207] do_syscall_64+0xf3/0x230 [ 330.329957][T14207] ? clear_bhb_loop+0x35/0x90 [ 330.329990][T14207] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 330.330020][T14207] RIP: 0033:0x7f860718d169 [ 330.330041][T14207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 330.330061][T14207] RSP: 002b:00007f8607f33038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 330.330085][T14207] RAX: ffffffffffffffda RBX: 00007f86073a5fa0 RCX: 00007f860718d169 [ 330.330101][T14207] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003 [ 330.330115][T14207] RBP: 00007f8607f33090 R08: 0000000000000000 R09: 0000000000000000 [ 330.330129][T14207] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 330.330142][T14207] R13: 0000000000000000 R14: 00007f86073a5fa0 R15: 00007ffc633bbca8 [ 330.330176][T14207] [ 331.655026][T14264] FAULT_INJECTION: forcing a failure. [ 331.655026][T14264] name failslab, interval 1, probability 0, space 0, times 0 [ 331.703936][T14264] CPU: 0 UID: 0 PID: 14264 Comm: syz.4.3066 Not tainted 6.14.0-rc7-syzkaller-00177-g0032c99e83b9 #0 [ 331.703969][T14264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 331.703983][T14264] Call Trace: [ 331.703991][T14264] [ 331.704000][T14264] dump_stack_lvl+0x241/0x360 [ 331.704033][T14264] ? __pfx_dump_stack_lvl+0x10/0x10 [ 331.704058][T14264] ? __pfx__printk+0x10/0x10 [ 331.704083][T14264] ? __kmalloc_cache_noprof+0x48/0x390 [ 331.704114][T14264] ? __pfx___might_resched+0x10/0x10 [ 331.704147][T14264] should_fail_ex+0x40a/0x550 [ 331.704186][T14264] should_failslab+0xac/0x100 [ 331.704217][T14264] __kmalloc_cache_noprof+0x70/0x390 [ 331.704246][T14264] ? netlbl_mgmt_add_common+0x57/0x12e0 [ 331.704285][T14264] netlbl_mgmt_add_common+0x57/0x12e0 [ 331.704326][T14264] ? apparmor_current_getlsmprop_subj+0xde/0x160 [ 331.704357][T14264] ? end_current_label_crit_section+0x151/0x180 [ 331.704393][T14264] netlbl_mgmt_add+0x2ed/0x3d0 [ 331.704429][T14264] ? __pfx_netlbl_mgmt_add+0x10/0x10 [ 331.704465][T14264] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 331.704509][T14264] genl_rcv_msg+0xb1f/0xec0 [ 331.704551][T14264] ? __pfx_genl_rcv_msg+0x10/0x10 [ 331.704614][T14264] ? __pfx_lock_acquire+0x10/0x10 [ 331.704644][T14264] ? __pfx_netlbl_mgmt_add+0x10/0x10 [ 331.704692][T14264] ? __pfx___might_resched+0x10/0x10 [ 331.704732][T14264] netlink_rcv_skb+0x206/0x480 [ 331.704760][T14264] ? __pfx_genl_rcv_msg+0x10/0x10 [ 331.704794][T14264] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 331.704854][T14264] genl_rcv+0x28/0x40 [ 331.704883][T14264] netlink_unicast+0x7f6/0x990 [ 331.704916][T14264] ? __pfx_netlink_unicast+0x10/0x10 [ 331.704936][T14264] ? __virt_addr_valid+0x45f/0x530 [ 331.704957][T14264] ? __phys_addr_symbol+0x2f/0x70 [ 331.704976][T14264] ? __check_object_size+0x47a/0x730 [ 331.705010][T14264] netlink_sendmsg+0x8de/0xcb0 [ 331.705050][T14264] ? __pfx_netlink_sendmsg+0x10/0x10 [ 331.705082][T14264] ? aa_sock_msg_perm+0x91/0x160 [ 331.705120][T14264] ? __pfx_netlink_sendmsg+0x10/0x10 [ 331.705145][T14264] __sock_sendmsg+0x221/0x270 [ 331.705179][T14264] ____sys_sendmsg+0x53a/0x860 [ 331.705208][T14264] ? __pfx_____sys_sendmsg+0x10/0x10 [ 331.705228][T14264] ? __fget_files+0x2a/0x410 [ 331.705262][T14264] ? __fget_files+0x2a/0x410 [ 331.705303][T14264] __sys_sendmsg+0x269/0x350 [ 331.705333][T14264] ? __pfx___sys_sendmsg+0x10/0x10 [ 331.705372][T14264] ? do_sys_openat2+0x17a/0x1d0 [ 331.705434][T14264] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 331.705468][T14264] ? do_syscall_64+0x100/0x230 [ 331.705504][T14264] ? do_syscall_64+0xb6/0x230 [ 331.705538][T14264] do_syscall_64+0xf3/0x230 [ 331.705571][T14264] ? clear_bhb_loop+0x35/0x90 [ 331.705602][T14264] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 331.705630][T14264] RIP: 0033:0x7fd11ef8d169 [ 331.705650][T14264] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 331.705674][T14264] RSP: 002b:00007fd11fe76038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 331.705696][T14264] RAX: ffffffffffffffda RBX: 00007fd11f1a5fa0 RCX: 00007fd11ef8d169 [ 331.705711][T14264] RDX: 0000000000000004 RSI: 0000200000000000 RDI: 0000000000000004 [ 331.705724][T14264] RBP: 00007fd11fe76090 R08: 0000000000000000 R09: 0000000000000000 [ 331.705737][T14264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 331.705750][T14264] R13: 0000000000000000 R14: 00007fd11f1a5fa0 R15: 00007ffcc1b3fae8 [ 331.705784][T14264] [ 332.073284][T14270] tipc: Enabling of bearer rejected, failed to enable media [ 332.278610][T14283] __nla_validate_parse: 16 callbacks suppressed [ 332.278636][T14283] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3070'. [ 332.320732][T14274] netlink: 124 bytes leftover after parsing attributes in process `syz.0.3069'. [ 332.491075][T14292] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3074'. [ 332.500713][T14292] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3074'. [ 332.510329][T14292] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3074'. [ 332.549851][T14290] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3075'. [ 332.581524][T14298] netlink: 'syz.4.3076': attribute type 1 has an invalid length. [ 332.589721][T14298] netlink: 'syz.4.3076': attribute type 3 has an invalid length. [ 332.598629][T14298] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3076'. [ 332.648861][T14298] netlink: 'syz.4.3076': attribute type 3 has an invalid length. [ 332.927500][T14312] FAULT_INJECTION: forcing a failure. [ 332.927500][T14312] name failslab, interval 1, probability 0, space 0, times 0 [ 332.988431][T14312] CPU: 1 UID: 0 PID: 14312 Comm: syz.3.3081 Not tainted 6.14.0-rc7-syzkaller-00177-g0032c99e83b9 #0 [ 332.988464][T14312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 332.988477][T14312] Call Trace: [ 332.988484][T14312] [ 332.988493][T14312] dump_stack_lvl+0x241/0x360 [ 332.988525][T14312] ? __pfx_dump_stack_lvl+0x10/0x10 [ 332.988549][T14312] ? __pfx__printk+0x10/0x10 [ 332.988583][T14312] ? __pfx_lock_acquire+0x10/0x10 [ 332.988616][T14312] ? tipc_net+0x45/0x270 [ 332.988642][T14312] ? __pfx_lock_release+0x10/0x10 [ 332.988677][T14312] should_fail_ex+0x40a/0x550 [ 332.988716][T14312] should_failslab+0xac/0x100 [ 332.988747][T14312] __kmalloc_cache_noprof+0x70/0x390 [ 332.988775][T14312] ? __tipc_nl_bearer_enable+0xafb/0x1420 [ 332.988811][T14312] __tipc_nl_bearer_enable+0xafb/0x1420 [ 332.988852][T14312] ? __pfx___tipc_nl_bearer_enable+0x10/0x10 [ 332.988882][T14312] ? trace_contention_end+0x3c/0x120 [ 332.988917][T14312] ? __asan_memcpy+0x40/0x70 [ 332.988937][T14312] ? nla_put+0xd3/0x150 [ 332.988965][T14312] ? tipc_nl_compat_bearer_enable+0x416/0x5f0 [ 332.989000][T14312] ? __pfx_tipc_nl_compat_bearer_enable+0x10/0x10 [ 332.989030][T14312] ? __nla_parse+0x40/0x60 [ 332.989059][T14312] tipc_nl_compat_doit+0x3e2/0x610 [ 332.989085][T14312] ? __pfx_aa_get_newest_label+0x10/0x10 [ 332.989129][T14312] ? __pfx_tipc_nl_compat_doit+0x10/0x10 [ 332.989170][T14312] ? bpf_lsm_capable+0x9/0x10 [ 332.989201][T14312] ? security_capable+0x7e/0x2d0 [ 332.989242][T14312] tipc_nl_compat_recv+0xec5/0x1590 [ 332.989274][T14312] ? __pfx_tipc_nl_compat_recv+0x10/0x10 [ 332.989297][T14312] ? genl_get_cmd+0x610/0xce0 [ 332.989332][T14312] ? __pfx___mutex_lock+0x10/0x10 [ 332.989363][T14312] ? __pfx___tipc_nl_bearer_enable+0x10/0x10 [ 332.989404][T14312] ? __pfx_tipc_nl_compat_bearer_enable+0x10/0x10 [ 332.989429][T14312] ? __pfx_genl_get_cmd+0x10/0x10 [ 332.989465][T14312] ? __local_bh_enable_ip+0x168/0x200 [ 332.989490][T14312] ? lockdep_hardirqs_on+0x99/0x150 [ 332.989531][T14312] genl_rcv_msg+0xb1f/0xec0 [ 332.989585][T14312] ? __pfx_genl_rcv_msg+0x10/0x10 [ 332.989652][T14312] ? __pfx_lock_acquire+0x10/0x10 [ 332.989684][T14312] ? __pfx_tipc_nl_compat_recv+0x10/0x10 [ 332.989711][T14312] ? __pfx___might_resched+0x10/0x10 [ 332.989751][T14312] netlink_rcv_skb+0x206/0x480 [ 332.989779][T14312] ? __pfx_genl_rcv_msg+0x10/0x10 [ 332.989812][T14312] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 332.989854][T14312] ? __netlink_deliver_tap+0x7b0/0x7f0 [ 332.989898][T14312] genl_rcv+0x28/0x40 [ 332.989927][T14312] netlink_unicast+0x7f6/0x990 [ 332.989961][T14312] ? __pfx_netlink_unicast+0x10/0x10 [ 332.989981][T14312] ? __virt_addr_valid+0x45f/0x530 [ 332.990003][T14312] ? __phys_addr_symbol+0x2f/0x70 [ 332.990023][T14312] ? __check_object_size+0x47a/0x730 [ 332.990056][T14312] netlink_sendmsg+0x8de/0xcb0 [ 332.990098][T14312] ? __pfx_netlink_sendmsg+0x10/0x10 [ 332.990130][T14312] ? aa_sock_msg_perm+0x91/0x160 [ 332.990170][T14312] ? __pfx_netlink_sendmsg+0x10/0x10 [ 332.990194][T14312] __sock_sendmsg+0x221/0x270 [ 332.990227][T14312] ____sys_sendmsg+0x53a/0x860 [ 332.990263][T14312] ? __pfx_____sys_sendmsg+0x10/0x10 [ 332.990284][T14312] ? __fget_files+0x2a/0x410 [ 332.990319][T14312] ? __fget_files+0x2a/0x410 [ 332.990361][T14312] __sys_sendmsg+0x269/0x350 [ 332.990391][T14312] ? __pfx___sys_sendmsg+0x10/0x10 [ 332.990431][T14312] ? do_sys_openat2+0x17a/0x1d0 [ 332.990495][T14312] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 332.990529][T14312] ? do_syscall_64+0x100/0x230 [ 332.990572][T14312] ? do_syscall_64+0xb6/0x230 [ 332.990608][T14312] do_syscall_64+0xf3/0x230 [ 332.990640][T14312] ? clear_bhb_loop+0x35/0x90 [ 332.990674][T14312] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 332.990702][T14312] RIP: 0033:0x7f860718d169 [ 332.990722][T14312] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 332.990740][T14312] RSP: 002b:00007f8607f33038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 332.990763][T14312] RAX: ffffffffffffffda RBX: 00007f86073a5fa0 RCX: 00007f860718d169 [ 332.990778][T14312] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003 [ 332.990791][T14312] RBP: 00007f8607f33090 R08: 0000000000000000 R09: 0000000000000000 [ 332.990803][T14312] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 332.990815][T14312] R13: 0000000000000000 R14: 00007f86073a5fa0 R15: 00007ffc633bbca8 [ 332.990850][T14312] [ 333.646618][T14320] FAULT_INJECTION: forcing a failure. [ 333.646618][T14320] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 333.660765][T14320] CPU: 1 UID: 0 PID: 14320 Comm: syz.1.3086 Not tainted 6.14.0-rc7-syzkaller-00177-g0032c99e83b9 #0 [ 333.660790][T14320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 333.660801][T14320] Call Trace: [ 333.660807][T14320] [ 333.660815][T14320] dump_stack_lvl+0x241/0x360 [ 333.660851][T14320] ? __pfx_dump_stack_lvl+0x10/0x10 [ 333.660871][T14320] ? __pfx__printk+0x10/0x10 [ 333.660899][T14320] should_fail_ex+0x40a/0x550 [ 333.660932][T14320] prepare_alloc_pages+0x1da/0x5b0 [ 333.660959][T14320] __alloc_frozen_pages_noprof+0x16f/0x710 [ 333.660979][T14320] ? mark_lock+0x9a/0x360 [ 333.660999][T14320] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 333.661019][T14320] ? __lock_acquire+0x1397/0x2100 [ 333.661062][T14320] __alloc_pages_noprof+0xa/0x30 [ 333.661080][T14320] ___kmalloc_large_node+0x8b/0x1d0 [ 333.661110][T14320] __kmalloc_large_node_noprof+0x1a/0x80 [ 333.661137][T14320] __kmalloc_noprof+0x339/0x4c0 [ 333.661161][T14320] ? wiphy_new_nm+0x625/0x19a0 [ 333.661183][T14320] wiphy_new_nm+0x625/0x19a0 [ 333.661199][T14320] ? ieee80211_alloc_hw_nm+0x8f9/0x1ea0 [ 333.661222][T14320] ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10 [ 333.661246][T14320] ieee80211_alloc_hw_nm+0x3d4/0x1ea0 [ 333.661271][T14320] ? mac80211_hwsim_new_radio+0x116/0x4a40 [ 333.661300][T14320] mac80211_hwsim_new_radio+0x203/0x4a40 [ 333.661338][T14320] ? __pfx_stack_trace_save+0x10/0x10 [ 333.661365][T14320] ? stack_depot_save_flags+0x37/0x940 [ 333.661396][T14320] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 333.661432][T14320] hwsim_new_radio_nl+0xece/0x2290 [ 333.661467][T14320] ? __pfx___nla_validate_parse+0x10/0x10 [ 333.661491][T14320] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 333.661544][T14320] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 333.661648][T14320] genl_rcv_msg+0xb1f/0xec0 [ 333.661702][T14320] ? __pfx_genl_rcv_msg+0x10/0x10 [ 333.661770][T14320] ? __pfx_lock_acquire+0x10/0x10 [ 333.661803][T14320] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 333.661833][T14320] ? __pfx___might_resched+0x10/0x10 [ 333.661893][T14320] netlink_rcv_skb+0x206/0x480 [ 333.661921][T14320] ? __pfx_genl_rcv_msg+0x10/0x10 [ 333.661956][T14320] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 333.661998][T14320] ? __netlink_deliver_tap+0x7b0/0x7f0 [ 333.662043][T14320] genl_rcv+0x28/0x40 [ 333.662073][T14320] netlink_unicast+0x7f6/0x990 [ 333.662108][T14320] ? __pfx_netlink_unicast+0x10/0x10 [ 333.662129][T14320] ? __virt_addr_valid+0x45f/0x530 [ 333.662151][T14320] ? __phys_addr_symbol+0x2f/0x70 [ 333.662170][T14320] ? __check_object_size+0x47a/0x730 [ 333.662205][T14320] netlink_sendmsg+0x8de/0xcb0 [ 333.662247][T14320] ? __pfx_netlink_sendmsg+0x10/0x10 [ 333.662279][T14320] ? aa_sock_msg_perm+0x91/0x160 [ 333.662321][T14320] ? __pfx_netlink_sendmsg+0x10/0x10 [ 333.662346][T14320] __sock_sendmsg+0x221/0x270 [ 333.662381][T14320] ____sys_sendmsg+0x53a/0x860 [ 333.662416][T14320] ? __pfx_____sys_sendmsg+0x10/0x10 [ 333.662439][T14320] ? __fget_files+0x2a/0x410 [ 333.662474][T14320] ? __fget_files+0x2a/0x410 [ 333.662517][T14320] __sys_sendmsg+0x269/0x350 [ 333.662548][T14320] ? __pfx___sys_sendmsg+0x10/0x10 [ 333.662589][T14320] ? do_sys_openat2+0x17a/0x1d0 [ 333.662647][T14320] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 333.662684][T14320] ? do_syscall_64+0x100/0x230 [ 333.662722][T14320] ? do_syscall_64+0xb6/0x230 [ 333.662759][T14320] do_syscall_64+0xf3/0x230 [ 333.662793][T14320] ? clear_bhb_loop+0x35/0x90 [ 333.662829][T14320] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 333.662868][T14320] RIP: 0033:0x7f67d378d169 [ 333.662890][T14320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 333.662908][T14320] RSP: 002b:00007f67d456e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 333.662931][T14320] RAX: ffffffffffffffda RBX: 00007f67d39a5fa0 RCX: 00007f67d378d169 [ 333.662947][T14320] RDX: 0000000020000000 RSI: 0000200000000140 RDI: 0000000000000003 [ 333.662961][T14320] RBP: 00007f67d456e090 R08: 0000000000000000 R09: 0000000000000000 [ 333.662974][T14320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 333.662987][T14320] R13: 0000000000000000 R14: 00007f67d39a5fa0 R15: 00007fffee163858 [ 333.663023][T14320] [ 334.308320][T14329] x_tables: duplicate underflow at hook 2 [ 336.510188][ T5208] udevd[5208]: worker [11657] /devices/virtual/block/nbd0 is taking a long time [ 336.858347][T14344] tipc: Enabling of bearer rejected, failed to enable media [ 336.875832][T14344] FAULT_INJECTION: forcing a failure. [ 336.875832][T14344] name failslab, interval 1, probability 0, space 0, times 0 [ 336.948251][T14344] CPU: 0 UID: 0 PID: 14344 Comm: syz.3.3094 Not tainted 6.14.0-rc7-syzkaller-00177-g0032c99e83b9 #0 [ 336.948296][T14344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 336.948309][T14344] Call Trace: [ 336.948317][T14344] [ 336.948326][T14344] dump_stack_lvl+0x241/0x360 [ 336.948358][T14344] ? __pfx_dump_stack_lvl+0x10/0x10 [ 336.948382][T14344] ? __pfx__printk+0x10/0x10 [ 336.948406][T14344] ? kmem_cache_alloc_node_noprof+0x4f/0x380 [ 336.948438][T14344] ? __pfx___might_resched+0x10/0x10 [ 336.948472][T14344] should_fail_ex+0x40a/0x550 [ 336.948510][T14344] should_failslab+0xac/0x100 [ 336.948628][T14344] kmem_cache_alloc_node_noprof+0x77/0x380 [ 336.948667][T14344] ? __alloc_skb+0x1c3/0x440 [ 336.948694][T14344] __alloc_skb+0x1c3/0x440 [ 336.948716][T14344] ? ____sys_sendmsg+0x53a/0x860 [ 336.948744][T14344] ? __pfx___alloc_skb+0x10/0x10 [ 336.948772][T14344] ? netlink_ack_tlv_len+0x6e/0x200 [ 336.948802][T14344] netlink_ack+0x145/0xa60 [ 336.948825][T14344] ? __pfx_lock_acquire+0x10/0x10 [ 336.948856][T14344] ? __pfx_tipc_nl_compat_recv+0x10/0x10 [ 336.948885][T14344] ? __pfx___might_resched+0x10/0x10 [ 336.948925][T14344] netlink_rcv_skb+0x294/0x480 [ 336.948952][T14344] ? __pfx_genl_rcv_msg+0x10/0x10 [ 336.948987][T14344] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 336.949028][T14344] ? __netlink_deliver_tap+0x7b0/0x7f0 [ 336.949073][T14344] genl_rcv+0x28/0x40 [ 336.949111][T14344] netlink_unicast+0x7f6/0x990 [ 336.949146][T14344] ? __pfx_netlink_unicast+0x10/0x10 [ 336.949167][T14344] ? __virt_addr_valid+0x45f/0x530 [ 336.949191][T14344] ? __phys_addr_symbol+0x2f/0x70 [ 336.949212][T14344] ? __check_object_size+0x47a/0x730 [ 336.949292][T14344] netlink_sendmsg+0x8de/0xcb0 [ 336.949338][T14344] ? __pfx_netlink_sendmsg+0x10/0x10 [ 336.949371][T14344] ? aa_sock_msg_perm+0x91/0x160 [ 336.949412][T14344] ? __pfx_netlink_sendmsg+0x10/0x10 [ 336.949438][T14344] __sock_sendmsg+0x221/0x270 [ 336.949473][T14344] ____sys_sendmsg+0x53a/0x860 [ 336.949508][T14344] ? __pfx_____sys_sendmsg+0x10/0x10 [ 336.949531][T14344] ? __fget_files+0x2a/0x410 [ 336.949567][T14344] ? __fget_files+0x2a/0x410 [ 336.949610][T14344] __sys_sendmsg+0x269/0x350 [ 336.949639][T14344] ? __pfx___sys_sendmsg+0x10/0x10 [ 336.949679][T14344] ? do_sys_openat2+0x17a/0x1d0 [ 336.949741][T14344] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 336.949777][T14344] ? do_syscall_64+0x100/0x230 [ 336.949814][T14344] ? do_syscall_64+0xb6/0x230 [ 336.949851][T14344] do_syscall_64+0xf3/0x230 [ 336.949885][T14344] ? clear_bhb_loop+0x35/0x90 [ 336.949920][T14344] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 336.949949][T14344] RIP: 0033:0x7f860718d169 [ 336.949971][T14344] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 336.949990][T14344] RSP: 002b:00007f8607f33038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 336.950013][T14344] RAX: ffffffffffffffda RBX: 00007f86073a5fa0 RCX: 00007f860718d169 [ 336.950029][T14344] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003 [ 336.950042][T14344] RBP: 00007f8607f33090 R08: 0000000000000000 R09: 0000000000000000 [ 336.950055][T14344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 336.950067][T14344] R13: 0000000000000000 R14: 00007f86073a5fa0 R15: 00007ffc633bbca8 [ 336.950101][T14344] [ 337.321679][ T1107] block nbd0: Possible stuck request ffff8880260e0000: control (read@0,4096B). Runtime 60 seconds [ 337.702023][T14370] FAULT_INJECTION: forcing a failure. [ 337.702023][T14370] name failslab, interval 1, probability 0, space 0, times 0 [ 337.733649][T14370] CPU: 0 UID: 0 PID: 14370 Comm: syz.2.3101 Not tainted 6.14.0-rc7-syzkaller-00177-g0032c99e83b9 #0 [ 337.733680][T14370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 337.733694][T14370] Call Trace: [ 337.733702][T14370] [ 337.733712][T14370] dump_stack_lvl+0x241/0x360 [ 337.733744][T14370] ? __pfx_dump_stack_lvl+0x10/0x10 [ 337.733769][T14370] ? __pfx__printk+0x10/0x10 [ 337.733794][T14370] ? __kmalloc_node_track_caller_noprof+0xb4/0x4c0 [ 337.733828][T14370] ? __pfx___might_resched+0x10/0x10 [ 337.733854][T14370] ? vsnprintf+0x1181/0x1220 [ 337.733884][T14370] should_fail_ex+0x40a/0x550 [ 337.733922][T14370] should_failslab+0xac/0x100 [ 337.733952][T14370] __kmalloc_node_track_caller_noprof+0xdc/0x4c0 [ 337.733983][T14370] ? kobject_set_name_vargs+0x61/0x120 [ 337.734011][T14370] kvasprintf+0xdf/0x190 [ 337.734044][T14370] ? __pfx_kvasprintf+0x10/0x10 [ 337.734077][T14370] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 337.734111][T14370] ? kvasprintf_const+0x51/0x170 [ 337.734144][T14370] kobject_set_name_vargs+0x61/0x120 [ 337.734168][T14370] dev_set_name+0xd5/0x120 [ 337.734206][T14370] ? __kasan_kmalloc_large+0x8a/0xa0 [ 337.734233][T14370] ? wiphy_new_nm+0x69c/0x19a0 [ 337.734254][T14370] ? __pfx_dev_set_name+0x10/0x10 [ 337.734287][T14370] ? trace_kmalloc+0x1f/0xd0 [ 337.734313][T14370] ? __kmalloc_noprof+0x2a5/0x4c0 [ 337.734341][T14370] ? wiphy_new_nm+0x625/0x19a0 [ 337.734366][T14370] wiphy_new_nm+0x79f/0x19a0 [ 337.734385][T14370] ? ieee80211_alloc_hw_nm+0x8f9/0x1ea0 [ 337.734411][T14370] ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10 [ 337.734439][T14370] ieee80211_alloc_hw_nm+0x3d4/0x1ea0 [ 337.734471][T14370] ? mac80211_hwsim_new_radio+0x116/0x4a40 [ 337.734504][T14370] mac80211_hwsim_new_radio+0x203/0x4a40 [ 337.734542][T14370] ? __lock_acquire+0x1397/0x2100 [ 337.734575][T14370] ? __pfx_stack_trace_save+0x10/0x10 [ 337.734606][T14370] ? stack_depot_save_flags+0x37/0x940 [ 337.734641][T14370] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 337.734681][T14370] hwsim_new_radio_nl+0xece/0x2290 [ 337.734720][T14370] ? __pfx___nla_validate_parse+0x10/0x10 [ 337.734748][T14370] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 337.734808][T14370] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 337.734851][T14370] genl_rcv_msg+0xb1f/0xec0 [ 337.734892][T14370] ? __pfx_genl_rcv_msg+0x10/0x10 [ 337.734956][T14370] ? __pfx_lock_acquire+0x10/0x10 [ 337.734987][T14370] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 337.735015][T14370] ? __pfx___might_resched+0x10/0x10 [ 337.735053][T14370] netlink_rcv_skb+0x206/0x480 [ 337.735079][T14370] ? __pfx_genl_rcv_msg+0x10/0x10 [ 337.735108][T14370] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 337.735149][T14370] ? __netlink_deliver_tap+0x7b0/0x7f0 [ 337.735199][T14370] genl_rcv+0x28/0x40 [ 337.735227][T14370] netlink_unicast+0x7f6/0x990 [ 337.735260][T14370] ? __pfx_netlink_unicast+0x10/0x10 [ 337.735279][T14370] ? __virt_addr_valid+0x45f/0x530 [ 337.735300][T14370] ? __phys_addr_symbol+0x2f/0x70 [ 337.735319][T14370] ? __check_object_size+0x47a/0x730 [ 337.735353][T14370] netlink_sendmsg+0x8de/0xcb0 [ 337.735393][T14370] ? __pfx_netlink_sendmsg+0x10/0x10 [ 337.735424][T14370] ? aa_sock_msg_perm+0x91/0x160 [ 337.735463][T14370] ? __pfx_netlink_sendmsg+0x10/0x10 [ 337.735485][T14370] __sock_sendmsg+0x221/0x270 [ 337.735518][T14370] ____sys_sendmsg+0x53a/0x860 [ 337.735551][T14370] ? __pfx_____sys_sendmsg+0x10/0x10 [ 337.735572][T14370] ? __fget_files+0x2a/0x410 [ 337.735603][T14370] ? __fget_files+0x2a/0x410 [ 337.735642][T14370] __sys_sendmsg+0x269/0x350 [ 337.735672][T14370] ? __pfx___sys_sendmsg+0x10/0x10 [ 337.735709][T14370] ? do_sys_openat2+0x17a/0x1d0 [ 337.735769][T14370] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 337.735803][T14370] ? do_syscall_64+0x100/0x230 [ 337.735838][T14370] ? do_syscall_64+0xb6/0x230 [ 337.735871][T14370] do_syscall_64+0xf3/0x230 [ 337.735904][T14370] ? clear_bhb_loop+0x35/0x90 [ 337.735936][T14370] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 337.735962][T14370] RIP: 0033:0x7fcbec58d169 [ 337.735981][T14370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 337.735998][T14370] RSP: 002b:00007fcbed327038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 337.736020][T14370] RAX: ffffffffffffffda RBX: 00007fcbec7a5fa0 RCX: 00007fcbec58d169 [ 337.736035][T14370] RDX: 0000000020000000 RSI: 0000200000000140 RDI: 0000000000000003 [ 337.736048][T14370] RBP: 00007fcbed327090 R08: 0000000000000000 R09: 0000000000000000 [ 337.736061][T14370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 337.736073][T14370] R13: 0000000000000000 R14: 00007fcbec7a5fa0 R15: 00007ffcb85bd288 [ 337.736104][T14370] [ 338.683774][T14397] veth0_to_team: entered promiscuous mode [ 338.689811][T14397] veth0_to_team: entered allmulticast mode [ 339.166477][T14423] bridge0: port 1(gretap0) entered blocking state [ 339.194892][T14423] bridge0: port 1(gretap0) entered disabled state [ 339.209780][T14423] gretap0: entered allmulticast mode [ 339.216628][T14423] gretap0: entered promiscuous mode [ 339.241614][T14429] FAULT_INJECTION: forcing a failure. [ 339.241614][T14429] name failslab, interval 1, probability 0, space 0, times 0 [ 339.260788][T14429] CPU: 1 UID: 0 PID: 14429 Comm: syz.4.3120 Not tainted 6.14.0-rc7-syzkaller-00177-g0032c99e83b9 #0 [ 339.260821][T14429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 339.260834][T14429] Call Trace: [ 339.260842][T14429] [ 339.260851][T14429] dump_stack_lvl+0x241/0x360 [ 339.260884][T14429] ? __pfx_dump_stack_lvl+0x10/0x10 [ 339.260908][T14429] ? __pfx__printk+0x10/0x10 [ 339.260933][T14429] ? __kmalloc_noprof+0xb5/0x4c0 [ 339.260963][T14429] ? __pfx___might_resched+0x10/0x10 [ 339.260996][T14429] should_fail_ex+0x40a/0x550 [ 339.261035][T14429] should_failslab+0xac/0x100 [ 339.261064][T14429] __kmalloc_noprof+0xdd/0x4c0 [ 339.261092][T14429] ? rfkill_alloc+0xb0/0x2e0 [ 339.261125][T14429] rfkill_alloc+0xb0/0x2e0 [ 339.261160][T14429] wiphy_new_nm+0x1084/0x19a0 [ 339.261181][T14429] ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10 [ 339.261211][T14429] ieee80211_alloc_hw_nm+0x3d4/0x1ea0 [ 339.261242][T14429] ? mac80211_hwsim_new_radio+0x116/0x4a40 [ 339.261277][T14429] mac80211_hwsim_new_radio+0x203/0x4a40 [ 339.261327][T14429] ? __lock_acquire+0x1397/0x2100 [ 339.261361][T14429] ? __pfx_stack_trace_save+0x10/0x10 [ 339.261393][T14429] ? stack_depot_save_flags+0x37/0x940 [ 339.261430][T14429] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 339.261473][T14429] hwsim_new_radio_nl+0xece/0x2290 [ 339.261516][T14429] ? __pfx___nla_validate_parse+0x10/0x10 [ 339.261545][T14429] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 339.261609][T14429] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 339.261653][T14429] genl_rcv_msg+0xb1f/0xec0 [ 339.261695][T14429] ? __pfx_genl_rcv_msg+0x10/0x10 [ 339.261758][T14429] ? __pfx_lock_acquire+0x10/0x10 [ 339.261788][T14429] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 339.261817][T14429] ? __pfx___might_resched+0x10/0x10 [ 339.261857][T14429] netlink_rcv_skb+0x206/0x480 [ 339.261882][T14429] ? __pfx_genl_rcv_msg+0x10/0x10 [ 339.261914][T14429] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 339.261953][T14429] ? __netlink_deliver_tap+0x7b0/0x7f0 [ 339.261992][T14429] genl_rcv+0x28/0x40 [ 339.262019][T14429] netlink_unicast+0x7f6/0x990 [ 339.262049][T14429] ? __pfx_netlink_unicast+0x10/0x10 [ 339.262067][T14429] ? __virt_addr_valid+0x45f/0x530 [ 339.262088][T14429] ? __phys_addr_symbol+0x2f/0x70 [ 339.262106][T14429] ? __check_object_size+0x47a/0x730 [ 339.262138][T14429] netlink_sendmsg+0x8de/0xcb0 [ 339.262177][T14429] ? __pfx_netlink_sendmsg+0x10/0x10 [ 339.262209][T14429] ? aa_sock_msg_perm+0x91/0x160 [ 339.262247][T14429] ? __pfx_netlink_sendmsg+0x10/0x10 [ 339.262270][T14429] __sock_sendmsg+0x221/0x270 [ 339.262303][T14429] ____sys_sendmsg+0x53a/0x860 [ 339.262343][T14429] ? __pfx_____sys_sendmsg+0x10/0x10 [ 339.262363][T14429] ? __fget_files+0x2a/0x410 [ 339.262395][T14429] ? __fget_files+0x2a/0x410 [ 339.262435][T14429] __sys_sendmsg+0x269/0x350 [ 339.262463][T14429] ? __pfx___sys_sendmsg+0x10/0x10 [ 339.262500][T14429] ? do_sys_openat2+0x17a/0x1d0 [ 339.262558][T14429] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 339.262591][T14429] ? do_syscall_64+0x100/0x230 [ 339.262625][T14429] ? do_syscall_64+0xb6/0x230 [ 339.262680][T14429] do_syscall_64+0xf3/0x230 [ 339.262710][T14429] ? clear_bhb_loop+0x35/0x90 [ 339.262742][T14429] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 339.262771][T14429] RIP: 0033:0x7fd11ef8d169 [ 339.262791][T14429] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 339.262809][T14429] RSP: 002b:00007fd11fe76038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 339.262832][T14429] RAX: ffffffffffffffda RBX: 00007fd11f1a5fa0 RCX: 00007fd11ef8d169 [ 339.262847][T14429] RDX: 0000000020000000 RSI: 0000200000000140 RDI: 0000000000000003 [ 339.262860][T14429] RBP: 00007fd11fe76090 R08: 0000000000000000 R09: 0000000000000000 [ 339.262873][T14429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 339.262884][T14429] R13: 0000000000000000 R14: 00007fd11f1a5fa0 R15: 00007ffcc1b3fae8 [ 339.262916][T14429] [ 339.262932][T14429] INFO: trying to register non-static key. [ 339.661000][T14429] The code is fine but needs lockdep annotation, or maybe [ 339.668138][T14429] you didn't initialize this object before use? [ 339.674411][T14429] turning off the locking correctness validator. [ 339.680751][T14429] CPU: 1 UID: 0 PID: 14429 Comm: syz.4.3120 Not tainted 6.14.0-rc7-syzkaller-00177-g0032c99e83b9 #0 [ 339.680774][T14429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 339.680786][T14429] Call Trace: [ 339.680793][T14429] [ 339.680801][T14429] dump_stack_lvl+0x241/0x360 [ 339.680825][T14429] ? __pfx_dump_stack_lvl+0x10/0x10 [ 339.680843][T14429] ? __pfx__printk+0x10/0x10 [ 339.680859][T14429] ? __is_module_percpu_address+0x213/0x370 [ 339.680880][T14429] ? irq_work_queue+0xd1/0x150 [ 339.680903][T14429] ? __is_kernel_percpu_address+0x115/0x250 [ 339.680927][T14429] assign_lock_key+0x241/0x280 [ 339.680945][T14429] ? __pfx_assign_lock_key+0x10/0x10 [ 339.680963][T14429] ? __pfx_vprintk_emit+0x10/0x10 [ 339.680984][T14429] register_lock_class+0x1cf/0x980 [ 339.681011][T14429] ? __pfx_register_lock_class+0x10/0x10 [ 339.681036][T14429] ? _printk+0xd5/0x120 [ 339.681051][T14429] ? __init_begin+0x41000/0x41000 [ 339.681071][T14429] __lock_acquire+0xf3/0x2100 [ 339.681096][T14429] ? is_bpf_text_address+0x285/0x2a0 [ 339.681130][T14429] ? mark_lock+0x9a/0x360 [ 339.681146][T14429] lock_acquire+0x1ed/0x550 [ 339.681169][T14429] ? cfg80211_dev_free+0x33/0x2d0 [ 339.681187][T14429] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 339.681213][T14429] ? __pfx_lock_acquire+0x10/0x10 [ 339.681237][T14429] ? dump_stack_lvl+0x273/0x360 [ 339.681254][T14429] ? lockdep_hardirqs_on+0x99/0x150 [ 339.681279][T14429] ? dump_stack_lvl+0x2f9/0x360 [ 339.681297][T14429] ? __pfx_dump_stack_lvl+0x10/0x10 [ 339.681317][T14429] _raw_spin_lock_irqsave+0xd5/0x120 [ 339.681339][T14429] ? cfg80211_dev_free+0x33/0x2d0 [ 339.681356][T14429] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 339.681377][T14429] ? devres_release_all+0x1eb/0x250 [ 339.681399][T14429] ? device_release+0x66/0x1c0 [ 339.681418][T14429] ? __pfx_wiphy_dev_release+0x10/0x10 [ 339.681438][T14429] cfg80211_dev_free+0x33/0x2d0 [ 339.681454][T14429] ? trace_kmalloc+0x1f/0xd0 [ 339.681476][T14429] ? __pfx_wiphy_dev_release+0x10/0x10 [ 339.681495][T14429] device_release+0x99/0x1c0 [ 339.681516][T14429] kobject_put+0x22f/0x480 [ 339.681535][T14429] wiphy_new_nm+0x16ea/0x19a0 [ 339.681550][T14429] ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10 [ 339.681571][T14429] ieee80211_alloc_hw_nm+0x3d4/0x1ea0 [ 339.681594][T14429] ? mac80211_hwsim_new_radio+0x116/0x4a40 [ 339.681617][T14429] mac80211_hwsim_new_radio+0x203/0x4a40 [ 339.681643][T14429] ? __lock_acquire+0x1397/0x2100 [ 339.681667][T14429] ? __pfx_stack_trace_save+0x10/0x10 [ 339.681690][T14429] ? stack_depot_save_flags+0x37/0x940 [ 339.681717][T14429] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 339.681743][T14429] hwsim_new_radio_nl+0xece/0x2290 [ 339.681771][T14429] ? __pfx___nla_validate_parse+0x10/0x10 [ 339.681791][T14429] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 339.681824][T14429] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 339.681855][T14429] genl_rcv_msg+0xb1f/0xec0 [ 339.681882][T14429] ? __pfx_genl_rcv_msg+0x10/0x10 [ 339.681918][T14429] ? __pfx_lock_acquire+0x10/0x10 [ 339.681941][T14429] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 339.681962][T14429] ? __pfx___might_resched+0x10/0x10 [ 339.681988][T14429] netlink_rcv_skb+0x206/0x480 [ 339.682007][T14429] ? __pfx_genl_rcv_msg+0x10/0x10 [ 339.682032][T14429] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 339.682057][T14429] ? __netlink_deliver_tap+0x7b0/0x7f0 [ 339.682082][T14429] genl_rcv+0x28/0x40 [ 339.682110][T14429] netlink_unicast+0x7f6/0x990 [ 339.682131][T14429] ? __pfx_netlink_unicast+0x10/0x10 [ 339.682146][T14429] ? __virt_addr_valid+0x45f/0x530 [ 339.682162][T14429] ? __phys_addr_symbol+0x2f/0x70 [ 339.682176][T14429] ? __check_object_size+0x47a/0x730 [ 339.682200][T14429] netlink_sendmsg+0x8de/0xcb0 [ 339.682225][T14429] ? __pfx_netlink_sendmsg+0x10/0x10 [ 339.682247][T14429] ? aa_sock_msg_perm+0x91/0x160 [ 339.682274][T14429] ? __pfx_netlink_sendmsg+0x10/0x10 [ 339.682293][T14429] __sock_sendmsg+0x221/0x270 [ 339.682317][T14429] ____sys_sendmsg+0x53a/0x860 [ 339.682339][T14429] ? __pfx_____sys_sendmsg+0x10/0x10 [ 339.682356][T14429] ? __fget_files+0x2a/0x410 [ 339.682381][T14429] ? __fget_files+0x2a/0x410 [ 339.682407][T14429] __sys_sendmsg+0x269/0x350 [ 339.682427][T14429] ? __pfx___sys_sendmsg+0x10/0x10 [ 339.682450][T14429] ? do_sys_openat2+0x17a/0x1d0 [ 339.682484][T14429] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 339.682509][T14429] ? do_syscall_64+0x100/0x230 [ 339.682536][T14429] ? do_syscall_64+0xb6/0x230 [ 339.682561][T14429] do_syscall_64+0xf3/0x230 [ 339.682587][T14429] ? clear_bhb_loop+0x35/0x90 [ 339.682611][T14429] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 339.682634][T14429] RIP: 0033:0x7fd11ef8d169 [ 339.682649][T14429] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 339.682663][T14429] RSP: 002b:00007fd11fe76038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 339.682681][T14429] RAX: ffffffffffffffda RBX: 00007fd11f1a5fa0 RCX: 00007fd11ef8d169 [ 339.682693][T14429] RDX: 0000000020000000 RSI: 0000200000000140 RDI: 0000000000000003 [ 339.682704][T14429] RBP: 00007fd11fe76090 R08: 0000000000000000 R09: 0000000000000000 [ 339.682714][T14429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 339.682724][T14429] R13: 0000000000000000 R14: 00007fd11f1a5fa0 R15: 00007ffcc1b3fae8 [ 339.682741][T14429] [ 339.683582][T14429] ------------[ cut here ]------------ [ 340.211573][T14429] WARNING: CPU: 1 PID: 14429 at net/wireless/core.c:1197 cfg80211_dev_free+0x2ba/0x2d0 [ 340.221279][T14429] Modules linked in: [ 340.225187][T14429] CPU: 1 UID: 0 PID: 14429 Comm: syz.4.3120 Not tainted 6.14.0-rc7-syzkaller-00177-g0032c99e83b9 #0 [ 340.235950][T14429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 340.246024][T14429] RIP: 0010:cfg80211_dev_free+0x2ba/0x2d0 [ 340.251769][T14429] Code: da f6 49 8b be e0 08 00 00 e8 22 4e cf f6 4c 89 f7 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d e9 0c 4e cf f6 e8 27 97 73 f6 90 <0f> 0b 90 e9 a2 fd ff ff 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 [ 340.271484][T14429] RSP: 0018:ffffc9001bbe6e20 EFLAGS: 00010093 [ 340.277568][T14429] RAX: ffffffff8b4e4959 RBX: ffff8880343406a8 RCX: ffff88807a3f0000 [ 340.285577][T14429] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffc9001bbe6d00 [ 340.293692][T14429] RBP: 1ffffffff194d1b0 R08: 0000000000000003 R09: fffff5200377cda0 [ 340.301847][T14429] R10: dffffc0000000000 R11: fffff5200377cda0 R12: ffff8880343406b8 [ 340.309967][T14429] R13: dffffc0000000000 R14: ffff888034340000 R15: 0000000000000246 [ 340.318063][T14429] FS: 00007fd11fe766c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 340.327207][T14429] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 340.334201][T14429] CR2: 0000200000001ac0 CR3: 000000002cfba000 CR4: 00000000003526f0 [ 340.342454][T14429] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 340.350527][T14429] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 340.358693][T14429] Call Trace: [ 340.361993][T14429] [ 340.364954][T14429] ? __warn+0x165/0x4d0 [ 340.369132][T14429] ? cfg80211_dev_free+0x2ba/0x2d0 [ 340.374775][T14429] ? report_bug+0x2b3/0x500 [ 340.379291][T14429] ? cfg80211_dev_free+0x2ba/0x2d0 [ 340.384509][T14429] ? handle_bug+0x60/0x90 [ 340.388859][T14429] ? exc_invalid_op+0x1a/0x50 [ 340.393637][T14429] ? asm_exc_invalid_op+0x1a/0x20 [ 340.398677][T14429] ? cfg80211_dev_free+0x2b9/0x2d0 [ 340.403969][T14429] ? cfg80211_dev_free+0x2ba/0x2d0 [ 340.409093][T14429] ? trace_kmalloc+0x1f/0xd0 [ 340.413696][T14429] ? __pfx_wiphy_dev_release+0x10/0x10 [ 340.419174][T14429] device_release+0x99/0x1c0 [ 340.423780][T14429] kobject_put+0x22f/0x480 [ 340.428303][T14429] wiphy_new_nm+0x16ea/0x19a0 [ 340.432990][T14429] ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10 [ 340.439510][T14429] ieee80211_alloc_hw_nm+0x3d4/0x1ea0 [ 340.445007][T14429] ? mac80211_hwsim_new_radio+0x116/0x4a40 [ 340.450938][T14429] mac80211_hwsim_new_radio+0x203/0x4a40 [ 340.456596][T14429] ? __lock_acquire+0x1397/0x2100 [ 340.461723][T14429] ? __pfx_stack_trace_save+0x10/0x10 [ 340.467111][T14429] ? stack_depot_save_flags+0x37/0x940 [ 340.472670][T14429] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 340.478870][T14429] hwsim_new_radio_nl+0xece/0x2290 [ 340.484059][T14429] ? __pfx___nla_validate_parse+0x10/0x10 [ 340.489931][T14429] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 340.495516][T14429] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 340.502068][T14429] genl_rcv_msg+0xb1f/0xec0 [ 340.506603][T14429] ? __pfx_genl_rcv_msg+0x10/0x10 [ 340.511745][T14429] ? __pfx_lock_acquire+0x10/0x10 [ 340.516892][T14429] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 340.522659][T14429] ? __pfx___might_resched+0x10/0x10 [ 340.527974][T14429] netlink_rcv_skb+0x206/0x480 [ 340.532761][T14429] ? __pfx_genl_rcv_msg+0x10/0x10 [ 340.537981][T14429] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 340.543314][T14429] ? __netlink_deliver_tap+0x7b0/0x7f0 [ 340.548986][T14429] genl_rcv+0x28/0x40 [ 340.553172][T14429] netlink_unicast+0x7f6/0x990 [ 340.557985][T14429] ? __pfx_netlink_unicast+0x10/0x10 [ 340.563319][T14429] ? __virt_addr_valid+0x45f/0x530 [ 340.568549][T14429] ? __phys_addr_symbol+0x2f/0x70 [ 340.573611][T14429] ? __check_object_size+0x47a/0x730 [ 340.579136][T14429] netlink_sendmsg+0x8de/0xcb0 [ 340.583941][T14429] ? __pfx_netlink_sendmsg+0x10/0x10 [ 340.589256][T14429] ? aa_sock_msg_perm+0x91/0x160 [ 340.594309][T14429] ? __pfx_netlink_sendmsg+0x10/0x10 [ 340.599786][T14429] __sock_sendmsg+0x221/0x270 [ 340.604483][T14429] ____sys_sendmsg+0x53a/0x860 [ 340.609345][T14429] ? __pfx_____sys_sendmsg+0x10/0x10 [ 340.614686][T14429] ? __fget_files+0x2a/0x410 [ 340.619312][T14429] ? __fget_files+0x2a/0x410 [ 340.623942][T14429] __sys_sendmsg+0x269/0x350 [ 340.628563][T14429] ? __pfx___sys_sendmsg+0x10/0x10 [ 340.633706][T14429] ? do_sys_openat2+0x17a/0x1d0 [ 340.638681][T14429] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 340.645145][T14429] ? do_syscall_64+0x100/0x230 [ 340.650035][T14429] ? do_syscall_64+0xb6/0x230 [ 340.654734][T14429] do_syscall_64+0xf3/0x230 [ 340.659628][T14429] ? clear_bhb_loop+0x35/0x90 [ 340.664337][T14429] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 340.670357][T14429] RIP: 0033:0x7fd11ef8d169 [ 340.674805][T14429] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 340.694630][T14429] RSP: 002b:00007fd11fe76038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 340.703148][T14429] RAX: ffffffffffffffda RBX: 00007fd11f1a5fa0 RCX: 00007fd11ef8d169 [ 340.711610][T14429] RDX: 0000000020000000 RSI: 0000200000000140 RDI: 0000000000000003 [ 340.719607][T14429] RBP: 00007fd11fe76090 R08: 0000000000000000 R09: 0000000000000000 [ 340.727761][T14429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 340.735745][T14429] R13: 0000000000000000 R14: 00007fd11f1a5fa0 R15: 00007ffcc1b3fae8 [ 340.743980][T14429] [ 340.747021][T14429] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 340.754336][T14429] CPU: 1 UID: 0 PID: 14429 Comm: syz.4.3120 Not tainted 6.14.0-rc7-syzkaller-00177-g0032c99e83b9 #0 [ 340.765124][T14429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 340.775464][T14429] Call Trace: [ 340.778760][T14429] [ 340.781909][T14429] dump_stack_lvl+0x241/0x360 [ 340.786950][T14429] ? __pfx_dump_stack_lvl+0x10/0x10 [ 340.792217][T14429] ? __pfx__printk+0x10/0x10 [ 340.796872][T14429] ? _printk+0xd5/0x120 [ 340.801249][T14429] ? __init_begin+0x41000/0x41000 [ 340.806300][T14429] ? vscnprintf+0x5d/0x90 [ 340.811164][T14429] panic+0x349/0x880 [ 340.815327][T14429] ? __warn+0x174/0x4d0 [ 340.819500][T14429] ? __pfx_panic+0x10/0x10 [ 340.823993][T14429] __warn+0x344/0x4d0 [ 340.828104][T14429] ? cfg80211_dev_free+0x2ba/0x2d0 [ 340.833247][T14429] report_bug+0x2b3/0x500 [ 340.837770][T14429] ? cfg80211_dev_free+0x2ba/0x2d0 [ 340.842915][T14429] handle_bug+0x60/0x90 [ 340.847163][T14429] exc_invalid_op+0x1a/0x50 [ 340.851758][T14429] asm_exc_invalid_op+0x1a/0x20 [ 340.856624][T14429] RIP: 0010:cfg80211_dev_free+0x2ba/0x2d0 [ 340.862377][T14429] Code: da f6 49 8b be e0 08 00 00 e8 22 4e cf f6 4c 89 f7 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d e9 0c 4e cf f6 e8 27 97 73 f6 90 <0f> 0b 90 e9 a2 fd ff ff 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 [ 340.882017][T14429] RSP: 0018:ffffc9001bbe6e20 EFLAGS: 00010093 [ 340.888394][T14429] RAX: ffffffff8b4e4959 RBX: ffff8880343406a8 RCX: ffff88807a3f0000 [ 340.897112][T14429] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffc9001bbe6d00 [ 340.905119][T14429] RBP: 1ffffffff194d1b0 R08: 0000000000000003 R09: fffff5200377cda0 [ 340.913228][T14429] R10: dffffc0000000000 R11: fffff5200377cda0 R12: ffff8880343406b8 [ 340.921221][T14429] R13: dffffc0000000000 R14: ffff888034340000 R15: 0000000000000246 [ 340.929304][T14429] ? cfg80211_dev_free+0x2b9/0x2d0 [ 340.934437][T14429] ? trace_kmalloc+0x1f/0xd0 [ 340.939041][T14429] ? __pfx_wiphy_dev_release+0x10/0x10 [ 340.944511][T14429] device_release+0x99/0x1c0 [ 340.949133][T14429] kobject_put+0x22f/0x480 [ 340.953559][T14429] wiphy_new_nm+0x16ea/0x19a0 [ 340.958389][T14429] ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10 [ 340.965728][T14429] ieee80211_alloc_hw_nm+0x3d4/0x1ea0 [ 340.971255][T14429] ? mac80211_hwsim_new_radio+0x116/0x4a40 [ 340.977415][T14429] mac80211_hwsim_new_radio+0x203/0x4a40 [ 340.983275][T14429] ? __lock_acquire+0x1397/0x2100 [ 340.988356][T14429] ? __pfx_stack_trace_save+0x10/0x10 [ 340.994063][T14429] ? stack_depot_save_flags+0x37/0x940 [ 340.999573][T14429] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 341.005783][T14429] hwsim_new_radio_nl+0xece/0x2290 [ 341.011018][T14429] ? __pfx___nla_validate_parse+0x10/0x10 [ 341.017112][T14429] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 341.022972][T14429] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 341.029766][T14429] genl_rcv_msg+0xb1f/0xec0 [ 341.035185][T14429] ? __pfx_genl_rcv_msg+0x10/0x10 [ 341.040331][T14429] ? __pfx_lock_acquire+0x10/0x10 [ 341.045635][T14429] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 341.051305][T14429] ? __pfx___might_resched+0x10/0x10 [ 341.056718][T14429] netlink_rcv_skb+0x206/0x480 [ 341.061593][T14429] ? __pfx_genl_rcv_msg+0x10/0x10 [ 341.066652][T14429] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 341.072132][T14429] ? __netlink_deliver_tap+0x7b0/0x7f0 [ 341.077707][T14429] genl_rcv+0x28/0x40 [ 341.081808][T14429] netlink_unicast+0x7f6/0x990 [ 341.086585][T14429] ? __pfx_netlink_unicast+0x10/0x10 [ 341.091964][T14429] ? __virt_addr_valid+0x45f/0x530 [ 341.097263][T14429] ? __phys_addr_symbol+0x2f/0x70 [ 341.102398][T14429] ? __check_object_size+0x47a/0x730 [ 341.107826][T14429] netlink_sendmsg+0x8de/0xcb0 [ 341.112613][T14429] ? __pfx_netlink_sendmsg+0x10/0x10 [ 341.117912][T14429] ? aa_sock_msg_perm+0x91/0x160 [ 341.122877][T14429] ? __pfx_netlink_sendmsg+0x10/0x10 [ 341.128202][T14429] __sock_sendmsg+0x221/0x270 [ 341.132906][T14429] ____sys_sendmsg+0x53a/0x860 [ 341.137686][T14429] ? __pfx_____sys_sendmsg+0x10/0x10 [ 341.142986][T14429] ? __fget_files+0x2a/0x410 [ 341.147707][T14429] ? __fget_files+0x2a/0x410 [ 341.152941][T14429] __sys_sendmsg+0x269/0x350 [ 341.157717][T14429] ? __pfx___sys_sendmsg+0x10/0x10 [ 341.162937][T14429] ? do_sys_openat2+0x17a/0x1d0 [ 341.167994][T14429] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 341.174832][T14429] ? do_syscall_64+0x100/0x230 [ 341.179806][T14429] ? do_syscall_64+0xb6/0x230 [ 341.185144][T14429] do_syscall_64+0xf3/0x230 [ 341.190088][T14429] ? clear_bhb_loop+0x35/0x90 [ 341.194893][T14429] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 341.201112][T14429] RIP: 0033:0x7fd11ef8d169 [ 341.206533][T14429] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 341.227573][T14429] RSP: 002b:00007fd11fe76038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 341.236303][T14429] RAX: ffffffffffffffda RBX: 00007fd11f1a5fa0 RCX: 00007fd11ef8d169 [ 341.244312][T14429] RDX: 0000000020000000 RSI: 0000200000000140 RDI: 0000000000000003 [ 341.252621][T14429] RBP: 00007fd11fe76090 R08: 0000000000000000 R09: 0000000000000000 [ 341.260921][T14429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 341.269091][T14429] R13: 0000000000000000 R14: 00007fd11f1a5fa0 R15: 00007ffcc1b3fae8 [ 341.277312][T14429] [ 341.280653][T14429] Kernel Offset: disabled [ 341.285208][T14429] Rebooting in 86400 seconds..