last executing test programs: 2.956970103s ago: executing program 2 (id=2681): mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000009, 0x32, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0xf, &(0x7f0000000400)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8f, 0x0, 0x0, 0x0, 0xb}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4000}, {0x85, 0x0, 0x0, 0x86}}, {{0x5, 0x0, 0x5, 0x9, 0x0, 0x1, 0x1010000}}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x2a}}}, &(0x7f0000000080)='GPL\x00', 0x7, 0x1000, &(0x7f0000000cc0)=""/4096, 0x41100, 0x2f}, 0x94) (fail_nth: 1) 2.517385243s ago: executing program 2 (id=2684): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00'}) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x28001}, 0x8000002) 2.387169605s ago: executing program 2 (id=2686): syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$alg(0x26, 0x5, 0x0) socket$netlink(0x10, 0x3, 0xb) bind$alg(r1, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) accept4(r1, 0x0, 0x0, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x80, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x8, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) r2 = syz_init_net_socket$ax25(0x3, 0x2, 0x8) getsockopt$ax25_int(r2, 0x101, 0x19, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff) sendmsg$GTP_CMD_GETPDP(r3, &(0x7f0000002880)={0x0, 0x0, &(0x7f0000002840)={&(0x7f00000027c0)={0x14, r4, 0x301, 0x70bd25, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x24008040) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) r5 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r5, &(0x7f0000000380)={0xa, 0x14e24}, 0x1c) connect$inet6(r5, &(0x7f00000002c0)={0xa, 0x4e24}, 0x1c) sendmmsg$inet6(r5, &(0x7f00000009c0)=[{{0x0, 0x0, &(0x7f0000000200)=[{0x0}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, 0x0}}], 0x2, 0xc8040) sendmmsg(r5, &(0x7f00000092c0), 0x4ff, 0x0) splice(r5, 0x0, r0, 0x0, 0x7ffff000, 0x6) 2.236306682s ago: executing program 4 (id=2690): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'michael_mic-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000040)="4dc07f94", 0x4) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$inet(r1, &(0x7f0000003340)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000002c0)="af8d195ac29a2a0fe48238e1543d21ee817644e51046a895ff2b7e18d764b6e016752938c9d661e72f7cc56a70a2967587d23dfbef4857038e1cf33269f981efe0dc9d60409b63866620856ebf18d3dc1efe26620cef44f9311cc7b4fb0aee4581ccb941afd07c76517b7cee360ef44217cf70bfb7f34b8cef568000e6a94f0e3a2a35edbe8739bc4203acd8179229f375ff9c71210818738eabb1988fa217f608427624c073807576e4dfbc6cae39f311d1aacfd5a6ee473edeb0947459", 0xbe}], 0x1}}, {{0x0, 0x0, &(0x7f0000003080)=[{&(0x7f0000000440)="e2040000a9c9326c7cd88e36bb70b252b32a6be6339e52aff9c03ff6171d6af5e3a6a8b2b71c7fd818f2956aafe5d1c4e0f79e93388fc7e2ab007acefbb2732a8b01e6e94bba585006da01000100000000004b93f57fc91873aff149800d25401f1b8bb1b1be8dc6e7753a964f7642ef7f2bfe0b0f86dfc6f5ca0a4c9dca6d5b073368f5b31cdb244117c1fa638fadcaa3e6", 0x92}], 0x1}}, {{0x0, 0x0, &(0x7f0000003300)=[{&(0x7f0000003240)="ffc74af594e3d59c35681d", 0xb}], 0x1}}], 0x3, 0x44008090) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000400)={0x0}, 0x1, 0x0, 0x0, 0x4010}, 0x4) 2.143424047s ago: executing program 4 (id=2691): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3c020000190001000000000010000000ac1414bb0000000000000080ffffff00ac1414bb00000000000000000000000000000000ffff00000a00800000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000000000000900000000000000080000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000800000000000000000000000000000000000000000000000010000030000000084010500ac1414aa000000000000000000000000000000003200000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000ac1414aa000000000000000000000000000000002b"], 0x23c}}, 0x0) 2.031105939s ago: executing program 4 (id=2696): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00'}) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x64}, 0x1, 0x0, 0x0, 0x28001}, 0x8000002) 1.902779131s ago: executing program 4 (id=2700): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000076008b020200000000000000070200", @ANYRES32=0x0, @ANYBLOB='\f\x00\r'], 0x24}, 0x1, 0x5502000000000000}, 0x4000) 1.848840102s ago: executing program 4 (id=2701): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x300000d, 0x6052, r0, 0x1000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000000000000000002004000851000000600000018020000", @ANYRES32, @ANYBLOB="00003002000000006600020000000000180000000000000000000000000000009500040000000000360a020000000000180100002020782500000000002020207b1a00fe00000000bfa100000000000007010000f8ffffffb702000008000000b50a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222}, 0x78) 1.762106646s ago: executing program 4 (id=2703): pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c) sendto$inet6(r1, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) sendto$inet6(r1, &(0x7f0000000080)='D', 0x1, 0x4014, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, 0x0, 0x0) getsockopt$inet_sctp_SCTP_STATUS(r0, 0x84, 0xe, 0x0, 0x0) splice(r1, 0x0, r0, 0x0, 0x2, 0x0) 1.526475531s ago: executing program 1 (id=2711): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="05000000050000000200"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b703000000000000850000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000300)='tlb_flush\x00', r1}, 0x10) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2800001, 0xc3072, 0xffffffffffffffff, 0x0) 1.488408514s ago: executing program 2 (id=2712): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0x4, 0x4, 0xfffffffd, 0x1}, 0x10) write(r0, &(0x7f0000000000)="240000001a005f0214f9f407000904001f0000000000000000020000080004000a000000", 0x24) r1 = socket$inet_sctp(0x2, 0x1, 0x84) sendmmsg$inet_sctp(r1, &(0x7f0000003900)=[{&(0x7f0000000000)=@in={0x2, 0x4e23, @local}, 0x10, &(0x7f0000000600)=[{&(0x7f00000001c0)='!', 0x1}], 0x1, &(0x7f0000000780)=[@init={0x18, 0x84, 0x0, {0x99d1, 0x2, 0x0, 0x10}}], 0x18, 0x4}], 0x1, 0x40010) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) ioctl$FIBMAP(r3, 0x1, &(0x7f0000000300)=0xdc2658bd) r5 = openat$ppp(0xffffffffffffff9c, 0x0, 0x109942, 0x0) ioctl$PPPIOCNEWUNIT(r5, 0xc004743e, &(0x7f0000000180)=0x5) r6 = openat$ppp(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r6, 0xc004743e, &(0x7f0000000140)=0x10000000) r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000200), 0x8102, 0x0) ioctl$PPPIOCNEWUNIT(r7, 0xc004743e, &(0x7f0000000100)=0x3) close(r1) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000480)=ANY=[@ANYBLOB="6c0000001000010400d201000072f60000020000", @ANYRES32=r8, @ANYBLOB="0524060000000001300012800b0001006272696467650000200002800c002e00fffff6ffffffffff050007001f"], 0x6c}}, 0x0) r9 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4) ioctl$sock_bt_bnep_BNEPGETCONNINFO(r9, 0x800442d3, &(0x7f0000000bc0)={0x40000, 0x9, 0x991, @remote, 'dvmrp0\x00'}) setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f0000000040)=0x8001, 0x4) r10 = socket$kcm(0x10, 0x2, 0x0) r11 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r11, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000080)=ANY=[], 0x60}, 0x1, 0x0, 0x0, 0x4040080}, 0x0) r12 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r12, 0x0, 0x0) sendmsg$inet(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x1f000801}, 0x0) setsockopt$netlink_NETLINK_RX_RING(r2, 0x10e, 0x6, &(0x7f0000000280)={0x9, 0x5, 0x4, 0x8}, 0x10) 1.480561673s ago: executing program 1 (id=2713): socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$MAP_CREATE(0x0, 0x0, 0x48) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x4080001) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x50}, 0x1, 0x0, 0x0, 0x80}, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r3 = socket(0x400000000010, 0x3, 0x0) r4 = socket(0x400000000010, 0x3, 0x0) r5 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x400}}}]}, 0x38}}, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@gettfilter={0x24, 0x2e, 0x1, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, r7, {0x2, 0xa}, {0x1, 0xfff1}, {0x7, 0xc}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000090}, 0x4041080) sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x44010, &(0x7f0000000040)={0x11, 0x17, r6, 0x1, 0xf9}, 0x14) syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000f10d0000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000be000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece693"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000340)={0x0, 0xa}, 0x10}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000c80)={r8, 0x2000012, 0x0, 0x0, 0x0, 0x0, 0x7ffe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="3fcf00"/28], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0xd, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bc8900000000000035090100000000009500000000000000b7080000000000007b9a00fe00000000b509000000000000c3aaf0fff1000000bf86000000000000070800", @ANYRES32=r9, @ANYBLOB="0000000000000000b7050000080000004608ebff76000000bf9800000000000056080000000000008500000000000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 1.375195089s ago: executing program 1 (id=2714): socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$MAP_CREATE(0x0, 0x0, 0x48) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x4080001) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x50}, 0x1, 0x0, 0x0, 0x80}, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r3 = socket(0x400000000010, 0x3, 0x0) r4 = socket(0x400000000010, 0x3, 0x0) r5 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x400}}}]}, 0x38}}, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@gettfilter={0x24, 0x2e, 0x1, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, r7, {0x2, 0xa}, {0x1, 0xfff1}, {0x7, 0xc}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000090}, 0x4041080) sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x44010, &(0x7f0000000040)={0x11, 0x17, r6, 0x1, 0xf9}, 0x14) syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000f10d0000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000be000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece693"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000340)={0x0, 0xa}, 0x10}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000c80)={r8, 0x2000012, 0x0, 0x0, 0x0, 0x0, 0x7ffe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="3fcf00"/28], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0xd, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bc8900000000000035090100000000009500000000000000b7080000000000007b9a00fe00000000b509000000000000c3aaf0fff1000000bf86000000000000070800", @ANYRES32=r9, @ANYBLOB="0000000000000000b7050000080000004608ebff76000000bf9800000000000056080000000000008500000000000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 1.26335057s ago: executing program 1 (id=2715): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0) socket(0x22, 0x800000003, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000496000/0x2000)=nil, 0x2000, 0x0, 0x12, r1, 0x0) mmap(&(0x7f00004f1000/0x3000)=nil, 0x3000, 0x2000006, 0x12, r1, 0x913e0000) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f00005d5000/0x2000)=nil, 0x2000, 0x3, 0x28011, r2, 0xffffe000) mmap(&(0x7f00004a3000/0x1000)=nil, 0x1000, 0x0, 0x13, r2, 0x2000) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) ioctl$FS_IOC_RESVSP(r3, 0x40305829, &(0x7f0000000540)={0x1100, 0x0, 0x52, 0x10000}) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) socket$packet(0x11, 0x3, 0x300) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@broadcast, @in=@broadcast, 0x0, 0x0, 0x4e20, 0x0, 0xa, 0x0, 0x0, 0x5e, 0x0, 0xee01}, {0x0, 0x0, 0x72, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x1, 0x0, 0x0, 0x8}, 0x0, 0x0, 0x1}, {{@in6=@ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, 0x0, 0x32}, 0x2, @in=@multicast1, 0x0, 0x4}}, 0xe8) sendmmsg$inet6(r4, &(0x7f0000000a80)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x0, @private2}, 0x1c, 0x0}}, {{&(0x7f0000000040)={0xa, 0x4e21, 0x0, @dev}, 0x1c, 0x0, 0x0, 0x0, 0x0, 0xe00}}], 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0xf, &(0x7f0000000040)=ANY=[@ANYBLOB="1808000000000000000000000000000018110200", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bca900000000000035090100000000009500000000000000bf9800000000000056080000000000008500000007000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 969.693874ms ago: executing program 0 (id=2720): bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='virtio_transport_alloc_pkt\x00', r0}, 0x10) r1 = socket(0x28, 0x801, 0x0) connect$vsock_stream(r1, &(0x7f0000000880)={0x28, 0x0, 0x0, @local}, 0x10) 927.655088ms ago: executing program 0 (id=2721): r0 = socket(0x11, 0x800000003, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newqdisc={0x24, 0x24, 0xf0b, 0x70bd25, 0x0, {0x0, 0x0, 0x12, r1, {0x0, 0xffff}, {0xffff, 0xffff}, {0x7, 0x7}}}, 0x24}}, 0x0) 892.866844ms ago: executing program 0 (id=2722): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0e000000040000"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r1, 0x2000300, 0xe, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 811.275574ms ago: executing program 0 (id=2723): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000480)={&(0x7f00000004c0)=ANY=[@ANYBLOB="9feb01001800000000000000280000002800000003000000010000000000000c02000000000000200200000d00000000000000c00000000000000000002000000061"], 0x0, 0x43}, 0x28) 810.831661ms ago: executing program 1 (id=2724): r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000010c0)={0x5c, 0x19, 0x1, 0x0, 0x0, {0x1d, 0xd601, 0x9}, [@nested={0x48, 0x11, 0x0, 0x1, [@nested={0x40, 0xf6, 0x0, 0x1, [@typed={0x14, 0x148, 0x0, 0x0, @ipv6=@dev={0xfe, 0x80, '\x00', 0x3c}}, @typed={0x25, 0xdd, 0x0, 0x0, @binary="f8b54f5e41ec3a5a6666466ef0dac8319ca1ce530435bdf6cb13159c1c87836ae2"}]}, @nested={0x4, 0x14c}]}]}, 0x5c}}, 0x0) 810.264873ms ago: executing program 0 (id=2725): unshare(0x2c020680) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2e8}, 0x94) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, 0x0) r0 = socket$kcm(0x2, 0xa, 0x2) r1 = socket$packet(0x11, 0x2, 0x300) getsockopt$sock_buf(r1, 0x1, 0x28, &(0x7f0000000780)=""/155, &(0x7f0000000840)=0x9b) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faa7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497dad64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6fba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd2310801570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb414c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000a0cc2b89ce1525748ce167cbabb881f060599a6a59f645edca1d5c24b2f6b8c997a8f3e1b7679984a566d98d4d31198ee4c5ea7be0d99cf89bba4a6fd0bec12e7792bec3c5038e13b1982f80cdecd07f8908a983a7c9fb81c2ba7f7e87c991f30e50d1b3bbe4cf2a2f5d4571b6568ada51bc121c9139d2a8e0638c84066b1759081802"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e) getsockopt$inet_sctp6_SCTP_RECVNXTINFO(0xffffffffffffffff, 0x84, 0x21, 0x0, &(0x7f0000000440)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r2}, 0x10) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x29, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000e00)={&(0x7f0000000980)='sys_exit\x00', r3}, 0x10) r4 = socket$kcm(0x21, 0x2, 0x2) sendmsg$kcm(r4, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x4e22, @empty}}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000ac0)="ee", 0xfffffe5e}], 0x1, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36e1165814d435be5b317c6c8189587d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988ab013f40afe403041323110f62055394412158e7a3adb148d641aa40d4ab077fe34232aa8b31851466d0998a61d7da0c86d70000001010"], 0x10b8}, 0x8000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x20008091) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000600)=ANY=[@ANYRES16=r0], 0xa0}, 0x1, 0x0, 0x0, 0x400c5}, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0) r5 = socket$rds(0x15, 0x5, 0x0) bind$rds(r5, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f0000000040)={0x2, 0x0, @private=0xa010100}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f0000000300)=[{&(0x7f0000034640)=""/102400, 0x19000}], 0x1, 0x1903d}}], 0x48}, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000c40)={r2, 0x0, 0x0}, 0x10) r6 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r6, &(0x7f0000000500)={0x2, 0x4e23, @broadcast}, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0x0, 0x0}, 0x0) sendmsg$IPSET_CMD_SAVE(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x8004900}, 0x4048800) bpf$PROG_LOAD(0x5, 0x0, 0x0) 799.273905ms ago: executing program 3 (id=2726): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000140)=[{0x20, 0x0, 0x0, 0xfffff024}, {0x6, 0x0, 0x4}]}, 0x10) sendmmsg(r0, &(0x7f0000001c00), 0x400000000000159, 0x40840) 779.637297ms ago: executing program 1 (id=2727): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000076008b02020000000000000007020000", @ANYRES32=0x0, @ANYBLOB='\f\x00\r'], 0x24}, 0x1, 0x5502000000000000}, 0x4000) (fail_nth: 1) 682.620307ms ago: executing program 0 (id=2728): ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000000)={0xffffffffffffffff, 0x1300000000, 0xc, 0x5}) r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$WG_CMD_GET_DEVICE(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f00000011c0)={0x16d8, r1, 0x8, 0x70bd28, 0x25dfdbfe, {}, [@WGDEVICE_A_PEERS={0xa98, 0x8, 0x0, 0x1, [{0x38, 0x0, 0x0, 0x1, [@WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x3dd9}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}]}, {0x1e8, 0x0, 0x0, 0x1, [@WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_ALLOWEDIPS={0x1b8, 0x9, 0x0, 0x1, [{0x4}, {0xf4, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x41}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010101}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010102}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @empty}}, {0x5, 0x3, 0x2}}]}, {0x58, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @private=0xa010102}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x5, 0x3, 0x2}}]}, {0x64, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private1}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010102}, {0x5, 0x3, 0x1}}]}]}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "458ef3098b2e7c55cb37d04d767407d209b23cd8f69b50ec6eb743b5accf5416"}]}, {0x20, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e21, @private=0xa010101}}, @WGPEER_A_PROTOCOL_VERSION={0x8}]}, {0x2c8, 0x0, 0x0, 0x1, [@WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0xc}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @c_g}, @WGPEER_A_ALLOWEDIPS={0x238, 0x9, 0x0, 0x1, [{0x10c, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x2}}]}, {0x94, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x2d}}, {0x5, 0x3, 0x2}}]}, {0x94, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010101}, {0x5}}]}]}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e24, 0x5, @private0, 0x9}}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e22, 0xf, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x3}}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e21, 0xbf13, @dev={0xfe, 0x80, '\x00', 0x3e}, 0x1}}]}, {0x58c, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @c_g}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "ce39c7591f944ba8eed52d00b69fbe884b5fb16219e54f32ecd6dd74585793bd"}, @WGPEER_A_ALLOWEDIPS={0x4c8, 0x9, 0x0, 0x1, [{0xac, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x1}}]}, {0xac, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010100}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010102}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xf}}}, {0x5, 0x3, 0x1}}]}, {0x154, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x16}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @private0}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @broadcast}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}}, {0x5}}]}, {0x100, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @local}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @multicast2}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010101}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010100}, {0x5}}]}, {0x40, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5}}]}, {0x94, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @private=0xa010102}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {0x5}}]}, {0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x13}}}, {0x5, 0x3, 0x3}}]}, {0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x1}}]}]}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e23, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x2}}, @WGPEER_A_FLAGS={0x8, 0x3, 0x6}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PUBLIC_KEY={0x24}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}]}]}, @WGDEVICE_A_FLAGS={0x8}, @WGDEVICE_A_PEERS={0xbd8, 0x8, 0x0, 0x1, [{0x64, 0x0, 0x0, 0x1, [@WGPEER_A_FLAGS={0x8, 0x3, 0x4}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0xa7f}, @WGPEER_A_FLAGS={0x8, 0x3, 0x6}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "58dee1feb77215578b73f8c1bf76accdf5f9646cbe91e8fce8db5d9869aa81ed"}]}, {0x48, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e23, 0x8, @private0={0xfc, 0x0, '\x00', 0x1}, 0x2}}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g}]}, {0x350, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x328, 0x9, 0x0, 0x1, [{0xac, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x27}}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x2c}}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010101}, {0x5, 0x3, 0x3}}]}, {0x70, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010101}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x2}}]}, {0x34, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010102}, {0x5, 0x3, 0x3}}]}, {0x40, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5}}]}, {0x10c, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @private1}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @private1}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x3}}]}, {0x88, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x20}}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0x1}}]}]}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "138f9356ce5c531d401bb62b6b1d4ec3a12b4a831cdde18ebcf0510ca5001255"}]}, {0x48, 0x0, 0x0, 0x1, [@WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e20, 0xfffff000, @rand_addr=' \x01\x00', 0x401}}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e22, @local}}]}, {0x62c, 0x0, 0x0, 0x1, [@WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e20, @multicast1}}, @WGPEER_A_ALLOWEDIPS={0x5e4, 0x9, 0x0, 0x1, [{0x88, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x20}}, {0x5, 0x3, 0x3}}]}, {0x88, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private1}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x26}}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010102}, {0x5}}]}, {0xf4, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x3}}]}, {0xac, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @broadcast}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x1}}]}, {0x58, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x7, 0x0}}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x17}}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5}}]}, {0xb8, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x32}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private0={0xfc, 0x0, '\x00', 0x36}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private0}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}, {0x5, 0x3, 0x2}}]}, {0x58, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @local}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x3}}]}, {0xac, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @private=0x8}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0xf}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5}}]}, {0xf4, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @empty}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x33}}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x2}}]}, {0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x2}}]}]}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e23, @broadcast}}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e23, @rand_addr=0x64010100}}]}, {0x64, 0x0, 0x0, 0x1, [@WGPEER_A_PRESHARED_KEY={0x24, 0x2, "c7470d9e07c939c69b1683db158cfed96e4c15123aea758547ce5c8f50a6c088"}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e20, 0x7, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x7}}, @WGPEER_A_FLAGS={0x8, 0x3, 0x4}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e21, @rand_addr=0x64010102}}]}, {0xa8, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e21, @empty}}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "931bd7120db62725eae08c377fed4de53f9cc49214dc6f2f3a6cc810c4fe59d6"}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e22, @private=0xa010101}}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e23, 0x7, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7}}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e22, @multicast1}}]}, {0x4c, 0x0, 0x0, 0x1, [@WGPEER_A_PRESHARED_KEY={0x24, 0x2, "51c9f96d0f8ef1bd8c6d1230bba8f0b7a5edc6f9456b4514be37d6fdbc5b7bbb"}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0xc80c}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e20, @remote}}]}, {0xc, 0x0, 0x0, 0x1, [@WGPEER_A_FLAGS={0x8}]}]}, @WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @b}, @WGDEVICE_A_PEERS={0x28, 0x8, 0x0, 0x1, [{0x18, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e21, @empty}}]}, {0xc, 0x0, 0x0, 0x1, [@WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0xc}]}]}]}, 0x16d8}, 0x1, 0x0, 0x0, 0x14}, 0x4008800) unshare(0x6a040000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0xa2dbc000) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r3, &(0x7f0000000380)=[{&(0x7f0000000180)="04", 0x1}, {&(0x7f0000000200)="7f", 0x1}, {&(0x7f0000001300)="da02e0929db59d75", 0x8}, {&(0x7f00000002c0)="40288f34", 0x4}, {&(0x7f0000000440)="15", 0x1}, {&(0x7f0000002040)="162dd3cad75f87", 0x7}], 0x6, 0x6) ioctl$sock_inet_udp_SIOCINQ(r3, 0x541b, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x2, 0x3fc, 0x0, 0x32}, 0x9c) sendto$inet6(r2, &(0x7f0000847fff)='X', 0x34000, 0x600, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r5 = openat$cgroup_ro(r4, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0) write$cgroup_int(r5, &(0x7f0000000200)=0x80000002, 0x12) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x1f4, @loopback, 0x80}}, 0x100, 0x0, 0x0, 0x0, 0x54}, 0x9c) r6 = socket(0x10, 0x80002, 0x0) sendmsg(r6, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000040)="24000000180003041dfffd946f610500020100000005fe060c10880008000f00fff3c00e1400", 0x26}], 0x1}, 0x0) r7 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x6, 0x0, 0x8100, 0x0, {0xc3}, {}, {0xe, 0xd}}, [@TCA_RATE={0x6}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x11, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}}, 0x0) 462.403758ms ago: executing program 3 (id=2729): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000000)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x6c, 0x3, 0xa, 0x301, 0x0, 0x0, {0x5}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x3}, @NFTA_CHAIN_HOOK={0x28, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_HOOK_HOOKNUM={0x8}, @NFTA_HOOK_DEV={0x14, 0x3, 'netdevsim0\x00'}]}, @NFTA_CHAIN_COUNTERS={0x10, 0x8, 0x0, 0x1, [@NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x6b}]}]}], {0x14}}, 0xb4}}, 0x0) 350.492766ms ago: executing program 3 (id=2731): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{r1}, 0x0, &(0x7f0000000a40)=r0}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r1}, &(0x7f0000000880), &(0x7f00000008c0)=r0}, 0x20) 227.609293ms ago: executing program 3 (id=2732): bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='virtio_transport_alloc_pkt\x00', r0}, 0x10) r1 = socket(0x28, 0x801, 0x0) connect$vsock_stream(r1, &(0x7f0000000880)={0x28, 0x0, 0x0, @local}, 0x10) 191.032737ms ago: executing program 3 (id=2733): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r1}, &(0x7f0000000880), &(0x7f00000008c0)=r0}, 0x20) 136.963943ms ago: executing program 3 (id=2734): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000600)='ext4_nfs_commit_metadata\x00', r0, 0x0, 0xd}, 0x18) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r2 = socket$inet_sctp(0x2, 0x1, 0x84) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000840)={'ipvlan0\x00', &(0x7f0000000800)=@ethtool_sset_info={0x37, 0x2, 0xfffffffffffffff8}}) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x2}) readv(r1, 0x0, 0x0) r3 = socket$kcm(0x2, 0xa, 0x2) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r3, 0x8983, 0x0) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0) r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000100)={0x0, 0xffff, 0x18}, 0xc) r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='blkio.bfq.sectors_recursive\x00', 0x0, 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x13, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000ba20702500000000002003007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000010000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000009b"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r7, 0x0, 0x10, 0x10, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\b\x00\x00', &(0x7f0000000300)=""/8, 0x6c00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000880)=@bpf_ext={0x1c, 0x21, &(0x7f0000000bc0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3}, {}, {}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r5}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x81}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r6}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000300)={0x1, 0x3, 0xfffffffd, 0xa}, 0x10, 0xd281, r0, 0x0, &(0x7f00000005c0), 0x0, 0x10, 0x5}, 0x94) socket$nl_xfrm(0x10, 0x3, 0x6) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={0xffffffffffffffff, 0x27, 0x0, 0x0, 0x0, 0x0, 0x9, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x50) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10) ppoll(&(0x7f0000000500)=[{r4}], 0x1, 0x0, 0x0, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) 92.065313ms ago: executing program 2 (id=2735): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0xf, &(0x7f0000000400)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8f, 0x0, 0x0, 0x0, 0xb}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4000}, {0x85, 0x0, 0x0, 0x86}}, {{0x5, 0x0, 0x5, 0x9, 0x0, 0x1, 0x1010000}}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x2a}}}, &(0x7f0000000080)='GPL\x00', 0x7, 0x0, 0x0, 0x41100, 0x2f}, 0x94) 0s ago: executing program 2 (id=2736): bpf$MAP_CREATE(0x0, &(0x7f0000000c40)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x48) r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000004c0)={0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', 0x0}) setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f00000001c0)=0x2, 0x4) setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b700000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) ppoll(&(0x7f0000000500)=[{r3}], 0x1, 0x0, 0x0, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x300000000000000, 0x3, 0xfffffffffffffffd, 0x0, 0x80, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x8, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4) bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x0, r2}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={0xffffffffffffffff, 0x2000300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) kernel console output (not intermixed with test programs): [ 154.949873][ T9622] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1109'. [ 155.266989][ T9638] tipc: Enabling of bearer rejected, failed to enable media [ 155.696528][ T9663] FAULT_INJECTION: forcing a failure. [ 155.696528][ T9663] name failslab, interval 1, probability 0, space 0, times 0 [ 155.726945][ T9663] CPU: 0 UID: 0 PID: 9663 Comm: syz.2.1121 Not tainted syzkaller #0 PREEMPT(full) [ 155.726975][ T9663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 155.726989][ T9663] Call Trace: [ 155.726996][ T9663] [ 155.727005][ T9663] dump_stack_lvl+0x189/0x250 [ 155.727035][ T9663] ? __pfx____ratelimit+0x10/0x10 [ 155.727066][ T9663] ? __pfx_dump_stack_lvl+0x10/0x10 [ 155.727090][ T9663] ? __pfx__printk+0x10/0x10 [ 155.727121][ T9663] ? __pfx___might_resched+0x10/0x10 [ 155.727141][ T9663] ? lock_acquire+0x5f/0x360 [ 155.727172][ T9663] should_fail_ex+0x414/0x560 [ 155.727200][ T9663] should_failslab+0xa8/0x100 [ 155.727232][ T9663] kmem_cache_alloc_noprof+0x73/0x3c0 [ 155.727259][ T9663] ? skb_clone+0x212/0x3a0 [ 155.727286][ T9663] skb_clone+0x212/0x3a0 [ 155.727323][ T9663] ? netlink_trim+0x188/0x2e0 [ 155.727353][ T9663] netlink_trim+0x19f/0x2e0 [ 155.727383][ T9663] netlink_broadcast_filtered+0xd6/0x12c0 [ 155.727412][ T9663] ? nft_pernet+0x23/0x240 [ 155.727441][ T9663] ? nla_put+0xd0/0x150 [ 155.727461][ T9663] ? nfnl_pernet+0x23/0x240 [ 155.727486][ T9663] ? nfnl_pernet+0x23/0x240 [ 155.727510][ T9663] ? rcu_is_watching+0x15/0xb0 [ 155.727531][ T9663] ? __pfx_netlink_broadcast_filtered+0x10/0x10 [ 155.727563][ T9663] ? nfnl_pernet+0x23/0x240 [ 155.727591][ T9663] nlmsg_notify+0xf0/0x1a0 [ 155.727625][ T9663] nf_tables_commit+0x78ca/0x8700 [ 155.727662][ T9663] ? __pfx_nf_tables_commit+0x10/0x10 [ 155.727689][ T9663] ? free_large_kmalloc+0x13a/0x1f0 [ 155.727720][ T9663] ? nf_tables_newrule+0x23bc/0x2890 [ 155.727751][ T9663] ? __pfx_nf_tables_newrule+0x10/0x10 [ 155.727788][ T9663] nfnetlink_rcv+0x1a4b/0x2520 [ 155.727833][ T9663] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 155.727868][ T9663] ? kasan_save_track+0x4f/0x80 [ 155.727892][ T9663] ? kasan_save_track+0x3e/0x80 [ 155.727917][ T9663] ? __kasan_slab_alloc+0x6c/0x80 [ 155.727963][ T9663] ? netlink_deliver_tap+0x2e/0x1b0 [ 155.727993][ T9663] ? rcu_is_watching+0x15/0xb0 [ 155.728014][ T9663] ? netlink_deliver_tap+0x2e/0x1b0 [ 155.728047][ T9663] ? lock_release+0x4b/0x3e0 [ 155.728076][ T9663] ? net_generic+0x1e/0x240 [ 155.728101][ T9663] ? net_generic+0x1e/0x240 [ 155.728132][ T9663] netlink_unicast+0x82c/0x9e0 [ 155.728165][ T9663] ? __pfx_netlink_unicast+0x10/0x10 [ 155.728195][ T9663] ? netlink_sendmsg+0x642/0xb30 [ 155.728212][ T9663] ? skb_put+0x11b/0x210 [ 155.728235][ T9663] netlink_sendmsg+0x805/0xb30 [ 155.728259][ T9663] ? __pfx_netlink_sendmsg+0x10/0x10 [ 155.728279][ T9663] ? aa_sock_msg_perm+0xf1/0x1d0 [ 155.728307][ T9663] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 155.728331][ T9663] ? __pfx_netlink_sendmsg+0x10/0x10 [ 155.728350][ T9663] __sock_sendmsg+0x21c/0x270 [ 155.728380][ T9663] ____sys_sendmsg+0x505/0x830 [ 155.728405][ T9663] ? __pfx_____sys_sendmsg+0x10/0x10 [ 155.728433][ T9663] ? import_iovec+0x74/0xa0 [ 155.728459][ T9663] ___sys_sendmsg+0x21f/0x2a0 [ 155.728484][ T9663] ? __pfx____sys_sendmsg+0x10/0x10 [ 155.728526][ T9663] ? __fget_files+0x2a/0x420 [ 155.728544][ T9663] ? __fget_files+0x3a0/0x420 [ 155.728568][ T9663] __x64_sys_sendmsg+0x19b/0x260 [ 155.728593][ T9663] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 155.728621][ T9663] ? __pfx_ksys_write+0x10/0x10 [ 155.728648][ T9663] ? rcu_is_watching+0x15/0xb0 [ 155.728672][ T9663] ? rcu_is_watching+0x15/0xb0 [ 155.728694][ T9663] do_syscall_64+0xfa/0x3b0 [ 155.728714][ T9663] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 155.728735][ T9663] ? clear_bhb_loop+0x60/0xb0 [ 155.728759][ T9663] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 155.728780][ T9663] RIP: 0033:0x7fe72b18ebe9 [ 155.728799][ T9663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 155.728818][ T9663] RSP: 002b:00007fe72c037038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 155.728842][ T9663] RAX: ffffffffffffffda RBX: 00007fe72b3b5fa0 RCX: 00007fe72b18ebe9 [ 155.728858][ T9663] RDX: 0000000000000000 RSI: 0000200000000500 RDI: 0000000000000004 [ 155.728872][ T9663] RBP: 00007fe72c037090 R08: 0000000000000000 R09: 0000000000000000 [ 155.728886][ T9663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 155.728899][ T9663] R13: 00007fe72b3b6038 R14: 00007fe72b3b5fa0 R15: 00007ffcef82bea8 [ 155.728937][ T9663] [ 156.163099][ T9667] mac80211_hwsim hwsim7 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33) [ 156.194396][ T9667] mac80211_hwsim hwsim7 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33) [ 156.600178][ T9683] RDS: rds_bind could not find a transport for fe88::3, load rds_tcp or rds_rdma? [ 156.980292][ T9716] tipc: Enabling of bearer rejected, failed to enable media [ 156.994117][ T9718] openvswitch: netlink: Unexpected mask (mask=1040, allowed=10048) [ 157.008085][ T9718] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1141'. [ 157.315899][ T9741] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1147'. [ 157.419923][ T9739] netlink: 92 bytes leftover after parsing attributes in process `syz.1.1146'. [ 157.475774][ T9739] openvswitch: netlink: Tunnel attr 227 out of range max 16 [ 157.526008][ T9751] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1149'. [ 157.747065][ T9763] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1152'. [ 157.814983][ T9769] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1155'. [ 157.828277][ T9769] openvswitch: netlink: Flow key attr not present in new flow. [ 157.909778][ T9780] tipc: Enabling of bearer rejected, failed to enable media [ 158.382987][ T9815] __nla_validate_parse: 2 callbacks suppressed [ 158.383008][ T9815] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1169'. [ 158.411041][ T9818] tipc: Enabled bearer , priority 0 [ 158.428880][ T9818] syzkaller0: entered promiscuous mode [ 158.468071][ T9818] syzkaller0: entered allmulticast mode [ 158.513691][ T9818] tipc: Resetting bearer [ 158.523080][ T9816] tipc: Resetting bearer [ 158.536083][ T9816] tipc: Disabling bearer [ 158.605962][ T9833] tipc: Enabling of bearer rejected, failed to enable media [ 158.713463][ T9842] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1177'. [ 158.993667][ T9858] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1182'. [ 159.107091][ T9873] netlink: 10 bytes leftover after parsing attributes in process `syz.0.1186'. [ 159.161397][ T9873] tipc: Enabled bearer , priority 0 [ 159.168703][ T9873] syzkaller0: entered promiscuous mode [ 159.177100][ T9873] syzkaller0: entered allmulticast mode [ 159.205246][ T9873] tipc: Resetting bearer [ 159.221473][ T9873] tipc: Disabling bearer [ 159.250463][ T9883] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1188'. [ 159.262009][ T9883] netlink: 'syz.3.1188': attribute type 10 has an invalid length. [ 159.271973][ T9883] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1188'. [ 159.284743][ T9883] team0: Port device geneve0 added [ 159.292240][ T13] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 159.301693][ T13] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 159.310793][ T13] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 159.319308][ T13] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 159.332253][ T9887] dvmrp0: entered allmulticast mode [ 159.337724][ T9881] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1189'. [ 159.349222][ T9881] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1189'. [ 159.508028][ T9902] FAULT_INJECTION: forcing a failure. [ 159.508028][ T9902] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 159.521657][ T9902] CPU: 0 UID: 0 PID: 9902 Comm: syz.4.1194 Not tainted syzkaller #0 PREEMPT(full) [ 159.521686][ T9902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 159.521699][ T9902] Call Trace: [ 159.521708][ T9902] [ 159.521717][ T9902] dump_stack_lvl+0x189/0x250 [ 159.521747][ T9902] ? __pfx____ratelimit+0x10/0x10 [ 159.521779][ T9902] ? __pfx_dump_stack_lvl+0x10/0x10 [ 159.521803][ T9902] ? __pfx__printk+0x10/0x10 [ 159.521830][ T9902] ? __might_fault+0xb0/0x130 [ 159.521864][ T9902] ? rcu_is_watching+0x15/0xb0 [ 159.521886][ T9902] should_fail_ex+0x414/0x560 [ 159.521916][ T9902] _copy_from_user+0x2d/0xb0 [ 159.521941][ T9902] ___sys_sendmsg+0x158/0x2a0 [ 159.521966][ T9902] ? __pfx____sys_sendmsg+0x10/0x10 [ 159.522014][ T9902] ? __fget_files+0x2a/0x420 [ 159.522032][ T9902] ? __fget_files+0x3a0/0x420 [ 159.522056][ T9902] __x64_sys_sendmsg+0x19b/0x260 [ 159.522080][ T9902] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 159.522119][ T9902] ? __pfx_ksys_write+0x10/0x10 [ 159.522145][ T9902] ? rcu_is_watching+0x15/0xb0 [ 159.522168][ T9902] ? rcu_is_watching+0x15/0xb0 [ 159.522191][ T9902] do_syscall_64+0xfa/0x3b0 [ 159.522211][ T9902] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 159.522231][ T9902] ? clear_bhb_loop+0x60/0xb0 [ 159.522256][ T9902] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 159.522277][ T9902] RIP: 0033:0x7f3c43d8ebe9 [ 159.522295][ T9902] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 159.522314][ T9902] RSP: 002b:00007f3c44b6a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 159.522337][ T9902] RAX: ffffffffffffffda RBX: 00007f3c43fb5fa0 RCX: 00007f3c43d8ebe9 [ 159.522353][ T9902] RDX: 0000000000000000 RSI: 0000200000000480 RDI: 0000000000000003 [ 159.522367][ T9902] RBP: 00007f3c44b6a090 R08: 0000000000000000 R09: 0000000000000000 [ 159.522381][ T9902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 159.522393][ T9902] R13: 00007f3c43fb6038 R14: 00007f3c43fb5fa0 R15: 00007ffc32a92578 [ 159.522419][ T9902] [ 159.883524][ T9914] netlink: 388 bytes leftover after parsing attributes in process `syz.4.1200'. [ 160.007382][ T9920] tipc: Enabled bearer , priority 0 [ 160.016579][ T9920] syzkaller0: entered promiscuous mode [ 160.025783][ T9920] syzkaller0: entered allmulticast mode [ 160.064749][ T9920] tipc: Resetting bearer [ 160.105456][ T9919] tipc: Resetting bearer [ 160.114614][ T9919] tipc: Disabling bearer [ 160.309900][ T9936] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1209'. [ 160.695400][ T9970] sctp: [Deprecated]: syz.1.1219 (pid 9970) Use of struct sctp_assoc_value in delayed_ack socket option. [ 160.695400][ T9970] Use struct sctp_sack_info instead [ 160.975757][ T9985] netlink: 'syz.1.1221': attribute type 10 has an invalid length. [ 161.026338][ T9985] team0: Port device geneve0 added [ 161.481547][T10029] IPVS: set_ctl: invalid protocol: 4 172.20.20.68:20003 [ 161.686603][T10051] tipc: Enabling of bearer rejected, failed to enable media [ 161.873087][T10050] netlink: 'syz.1.1243': attribute type 10 has an invalid length. [ 162.732035][T10115] tipc: Enabling of bearer rejected, failed to enable media [ 163.199008][T10143] netlink: 'syz.1.1268': attribute type 1 has an invalid length. [ 163.219343][T10138] netlink: 'syz.3.1265': attribute type 10 has an invalid length. [ 163.274105][ T7757] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 163.294498][ T13] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 163.319581][ T13] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 163.332759][ T13] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 163.542716][T10156] __nla_validate_parse: 10 callbacks suppressed [ 163.542736][T10156] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1273'. [ 163.576044][T10156] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 163.614118][T10156] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 163.714627][T10171] tipc: Enabling of bearer rejected, failed to enable media [ 163.990540][T10189] netlink: 388 bytes leftover after parsing attributes in process `syz.4.1282'. [ 164.556319][T10225] tipc: Enabling of bearer rejected, failed to enable media [ 164.572617][T10226] netlink: 388 bytes leftover after parsing attributes in process `syz.0.1294'. [ 164.605615][T10230] openvswitch: netlink: Tunnel attr 16370 out of range max 16 [ 164.953540][T10255] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1305'. [ 165.064318][T10261] netlink: 388 bytes leftover after parsing attributes in process `syz.4.1308'. [ 165.155507][T10265] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1309'. [ 165.175668][T10263] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1309'. [ 165.200419][T10266] tipc: Enabling of bearer rejected, failed to enable media [ 165.683180][T10301] netlink: 'syz.4.1319': attribute type 12 has an invalid length. [ 165.691475][T10301] netlink: 190972 bytes leftover after parsing attributes in process `syz.4.1319'. [ 165.842439][T10309] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1322'. [ 166.024733][T10323] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1325'. [ 166.076766][T10326] tipc: Enabling of bearer rejected, failed to enable media [ 166.826896][T10363] tipc: Enabling of bearer rejected, failed to enable media [ 167.502888][T10406] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 167.535578][T10410] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 167.594511][T10402] netlink: 'syz.1.1351': attribute type 10 has an invalid length. [ 168.206250][T10446] ieee802154 phy0 wpan0: encryption failed: -22 [ 168.359442][T10455] netlink: 'syz.2.1367': attribute type 10 has an invalid length. [ 168.370490][T10455] team0: Port device geneve0 added [ 168.376995][ T37] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 168.413317][ T37] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 168.432262][ T37] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 168.447197][ T37] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 168.561397][T10466] __nla_validate_parse: 16 callbacks suppressed [ 168.561420][T10466] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1373'. [ 168.790732][T10478] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1375'. [ 168.853254][T10478] bond5: left allmulticast mode [ 168.873906][T10478] bond5: left promiscuous mode [ 168.899457][T10478] bridge0: port 6(bond5) entered disabled state [ 168.928354][T10478] bond4: left allmulticast mode [ 168.948503][T10478] bond4: left promiscuous mode [ 168.956718][T10478] bridge0: port 5(bond4) entered disabled state [ 168.966839][T10478] bond3: left allmulticast mode [ 168.972729][T10478] bond3: left promiscuous mode [ 168.978933][T10478] bridge0: port 4(bond3) entered disabled state [ 168.992868][T10478] bond1: left allmulticast mode [ 168.998002][T10478] bond1: left promiscuous mode [ 169.003248][T10478] bridge0: port 3(bond1) entered disabled state [ 169.030092][T10478] bridge_slave_1: left allmulticast mode [ 169.036663][T10478] bridge_slave_1: left promiscuous mode [ 169.041725][T10488] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1381'. [ 169.044131][T10478] bridge0: port 2(bridge_slave_1) entered disabled state [ 169.060800][T10478] bridge_slave_0: left allmulticast mode [ 169.066930][T10478] bridge_slave_0: left promiscuous mode [ 169.074601][T10478] bridge0: port 1(bridge_slave_0) entered disabled state [ 169.250732][T10492] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1382'. [ 169.448746][T10500] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1385'. [ 169.478686][T10502] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1386'. [ 169.754162][T10522] vxcan2: entered promiscuous mode [ 169.783619][T10529] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1397'. [ 169.794088][T10529] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1397'. [ 169.943137][T10540] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1398'. [ 169.970232][T10540] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1398'. [ 169.993043][T10540] netlink: 'syz.2.1398': attribute type 10 has an invalid length. [ 170.019290][ T7757] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 170.043762][ T7757] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 170.075965][ T7757] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 170.091789][ T7757] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 170.159388][T10547] tap0: tun_chr_ioctl cmd 2147767521 [ 170.215294][T10551] netlink: 'syz.4.1406': attribute type 1 has an invalid length. [ 171.034258][T10596] hsr_slave_0: left promiscuous mode [ 171.041227][T10596] hsr_slave_1: left promiscuous mode [ 171.071211][T10594] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 171.153267][T10594] bridge0: port 4(vlan2) entered blocking state [ 171.180466][T10594] bridge0: port 4(vlan2) entered disabled state [ 171.197267][T10594] vlan2: entered allmulticast mode [ 171.211280][T10594] bridge0: entered allmulticast mode [ 171.223457][T10594] vlan2: left allmulticast mode [ 171.233516][T10594] bridge0: left allmulticast mode [ 171.538721][T10626] netlink: 'syz.4.1432': attribute type 10 has an invalid length. [ 173.039481][T10679] FAULT_INJECTION: forcing a failure. [ 173.039481][T10679] name failslab, interval 1, probability 0, space 0, times 0 [ 173.052495][T10679] CPU: 1 UID: 0 PID: 10679 Comm: syz.2.1451 Not tainted syzkaller #0 PREEMPT(full) [ 173.052522][T10679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 173.052531][T10679] Call Trace: [ 173.052540][T10679] [ 173.052547][T10679] dump_stack_lvl+0x189/0x250 [ 173.052569][T10679] ? __pfx____ratelimit+0x10/0x10 [ 173.052591][T10679] ? __pfx_dump_stack_lvl+0x10/0x10 [ 173.052609][T10679] ? __pfx__printk+0x10/0x10 [ 173.052631][T10679] ? fs_reclaim_acquire+0x7d/0x100 [ 173.052654][T10679] ? rcu_is_watching+0x15/0xb0 [ 173.052669][T10679] ? __pfx___might_resched+0x10/0x10 [ 173.052683][T10679] ? lock_acquire+0x5f/0x360 [ 173.052705][T10679] should_fail_ex+0x414/0x560 [ 173.052726][T10679] should_failslab+0xa8/0x100 [ 173.052748][T10679] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 173.052769][T10679] ? __alloc_skb+0x112/0x2d0 [ 173.052785][T10679] __alloc_skb+0x112/0x2d0 [ 173.052800][T10679] netlink_sendmsg+0x5c6/0xb30 [ 173.052824][T10679] ? __pfx_netlink_sendmsg+0x10/0x10 [ 173.052838][T10679] ? aa_sock_msg_perm+0xf1/0x1d0 [ 173.052852][T10679] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 173.052868][T10679] ? __pfx_netlink_sendmsg+0x10/0x10 [ 173.052881][T10679] __sock_sendmsg+0x21c/0x270 [ 173.052902][T10679] ____sys_sendmsg+0x505/0x830 [ 173.052920][T10679] ? __pfx_____sys_sendmsg+0x10/0x10 [ 173.052940][T10679] ? import_iovec+0x74/0xa0 [ 173.052958][T10679] ___sys_sendmsg+0x21f/0x2a0 [ 173.052975][T10679] ? __pfx____sys_sendmsg+0x10/0x10 [ 173.053005][T10679] ? __fget_files+0x2a/0x420 [ 173.053018][T10679] ? __fget_files+0x3a0/0x420 [ 173.053034][T10679] __x64_sys_sendmsg+0x19b/0x260 [ 173.053051][T10679] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 173.053070][T10679] ? __pfx_ksys_write+0x10/0x10 [ 173.053092][T10679] ? rcu_is_watching+0x15/0xb0 [ 173.053107][T10679] do_syscall_64+0xfa/0x3b0 [ 173.053121][T10679] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 173.053136][T10679] ? clear_bhb_loop+0x60/0xb0 [ 173.053152][T10679] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 173.053167][T10679] RIP: 0033:0x7fe72b18ebe9 [ 173.053181][T10679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 173.053194][T10679] RSP: 002b:00007fe72c037038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 173.053210][T10679] RAX: ffffffffffffffda RBX: 00007fe72b3b5fa0 RCX: 00007fe72b18ebe9 [ 173.053237][T10679] RDX: 0000000000004000 RSI: 0000200000000280 RDI: 0000000000000003 [ 173.053246][T10679] RBP: 00007fe72c037090 R08: 0000000000000000 R09: 0000000000000000 [ 173.053256][T10679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 173.053265][T10679] R13: 00007fe72b3b6038 R14: 00007fe72b3b5fa0 R15: 00007ffcef82bea8 [ 173.053283][T10679] [ 173.604898][T10697] vlan2: entered promiscuous mode [ 173.610316][T10697] bridge0: entered promiscuous mode [ 173.619300][T10697] __nla_validate_parse: 16 callbacks suppressed [ 173.619320][T10697] netlink: 19 bytes leftover after parsing attributes in process `syz.4.1458'. [ 173.753211][T10708] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1463'. [ 173.769562][T10710] FAULT_INJECTION: forcing a failure. [ 173.769562][T10710] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 173.785012][T10710] CPU: 1 UID: 0 PID: 10710 Comm: syz.4.1464 Not tainted syzkaller #0 PREEMPT(full) [ 173.785042][T10710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 173.785056][T10710] Call Trace: [ 173.785063][T10710] [ 173.785071][T10710] dump_stack_lvl+0x189/0x250 [ 173.785100][T10710] ? __pfx____ratelimit+0x10/0x10 [ 173.785131][T10710] ? __pfx_dump_stack_lvl+0x10/0x10 [ 173.785156][T10710] ? __pfx__printk+0x10/0x10 [ 173.785183][T10710] ? __might_fault+0xb0/0x130 [ 173.785217][T10710] ? rcu_is_watching+0x15/0xb0 [ 173.785241][T10710] should_fail_ex+0x414/0x560 [ 173.785271][T10710] _copy_from_user+0x2d/0xb0 [ 173.785296][T10710] __sys_bpf+0x1ed/0x870 [ 173.785323][T10710] ? __pfx___sys_bpf+0x10/0x10 [ 173.785356][T10710] ? ksys_write+0x22a/0x250 [ 173.785384][T10710] ? __pfx_ksys_write+0x10/0x10 [ 173.785410][T10710] ? rcu_is_watching+0x15/0xb0 [ 173.785443][T10710] __x64_sys_bpf+0x7c/0x90 [ 173.785467][T10710] do_syscall_64+0xfa/0x3b0 [ 173.785487][T10710] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 173.785508][T10710] ? clear_bhb_loop+0x60/0xb0 [ 173.785531][T10710] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 173.785552][T10710] RIP: 0033:0x7f3c43d8ebe9 [ 173.785571][T10710] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 173.785590][T10710] RSP: 002b:00007f3c44b6a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 173.785613][T10710] RAX: ffffffffffffffda RBX: 00007f3c43fb5fa0 RCX: 00007f3c43d8ebe9 [ 173.785630][T10710] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a [ 173.785644][T10710] RBP: 00007f3c44b6a090 R08: 0000000000000000 R09: 0000000000000000 [ 173.785657][T10710] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 173.785670][T10710] R13: 00007f3c43fb6038 R14: 00007f3c43fb5fa0 R15: 00007ffc32a92578 [ 173.785696][T10710] [ 174.123482][T10723] netlink: 388 bytes leftover after parsing attributes in process `syz.4.1470'. [ 174.175697][T10728] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1472'. [ 174.184939][T10728] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 174.321506][T10736] 8021q: adding VLAN 0 to HW filter on device bond2 [ 174.330493][T10736] bridge0: port 4(bond2) entered blocking state [ 174.337194][T10736] bridge0: port 4(bond2) entered disabled state [ 174.344113][T10736] bond2: entered allmulticast mode [ 174.352657][T10736] bond2: entered promiscuous mode [ 174.358361][T10736] bridge0: port 4(bond2) entered blocking state [ 174.364869][T10736] bridge0: port 4(bond2) entered listening state [ 174.379765][T10742] FAULT_INJECTION: forcing a failure. [ 174.379765][T10742] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 174.394542][T10742] CPU: 0 UID: 0 PID: 10742 Comm: syz.2.1478 Not tainted syzkaller #0 PREEMPT(full) [ 174.394575][T10742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 174.394589][T10742] Call Trace: [ 174.394598][T10742] [ 174.394607][T10742] dump_stack_lvl+0x189/0x250 [ 174.394639][T10742] ? __pfx____ratelimit+0x10/0x10 [ 174.394671][T10742] ? __pfx_dump_stack_lvl+0x10/0x10 [ 174.394696][T10742] ? __pfx__printk+0x10/0x10 [ 174.394724][T10742] ? __might_fault+0xb0/0x130 [ 174.394757][T10742] ? rcu_is_watching+0x15/0xb0 [ 174.394781][T10742] should_fail_ex+0x414/0x560 [ 174.394812][T10742] _copy_from_iter+0x1db/0x16f0 [ 174.394834][T10742] ? rcu_is_watching+0x15/0xb0 [ 174.394855][T10742] ? kmem_cache_alloc_node_noprof+0x217/0x3c0 [ 174.394887][T10742] ? __pfx__copy_from_iter+0x10/0x10 [ 174.394908][T10742] ? __build_skb_around+0x257/0x3e0 [ 174.394943][T10742] ? netlink_sendmsg+0x642/0xb30 [ 174.394961][T10742] ? skb_put+0x11b/0x210 [ 174.394983][T10742] netlink_sendmsg+0x6b2/0xb30 [ 174.395008][T10742] ? __pfx_netlink_sendmsg+0x10/0x10 [ 174.395029][T10742] ? aa_sock_msg_perm+0xf1/0x1d0 [ 174.395049][T10742] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 174.395072][T10742] ? __pfx_netlink_sendmsg+0x10/0x10 [ 174.395092][T10742] __sock_sendmsg+0x21c/0x270 [ 174.395123][T10742] ____sys_sendmsg+0x505/0x830 [ 174.395149][T10742] ? __pfx_____sys_sendmsg+0x10/0x10 [ 174.395178][T10742] ? import_iovec+0x74/0xa0 [ 174.395203][T10742] ___sys_sendmsg+0x21f/0x2a0 [ 174.395227][T10742] ? __pfx____sys_sendmsg+0x10/0x10 [ 174.395271][T10742] ? __fget_files+0x2a/0x420 [ 174.395289][T10742] ? __fget_files+0x3a0/0x420 [ 174.395313][T10742] __x64_sys_sendmsg+0x19b/0x260 [ 174.395337][T10742] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 174.395366][T10742] ? __pfx_ksys_write+0x10/0x10 [ 174.395398][T10742] ? rcu_is_watching+0x15/0xb0 [ 174.395422][T10742] ? rcu_is_watching+0x15/0xb0 [ 174.395444][T10742] do_syscall_64+0xfa/0x3b0 [ 174.395463][T10742] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 174.395484][T10742] ? clear_bhb_loop+0x60/0xb0 [ 174.395509][T10742] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 174.395529][T10742] RIP: 0033:0x7fe72b18ebe9 [ 174.395548][T10742] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 174.395567][T10742] RSP: 002b:00007fe72c037038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 174.395591][T10742] RAX: ffffffffffffffda RBX: 00007fe72b3b5fa0 RCX: 00007fe72b18ebe9 [ 174.395607][T10742] RDX: 0000000020000010 RSI: 0000200000001000 RDI: 0000000000000003 [ 174.395622][T10742] RBP: 00007fe72c037090 R08: 0000000000000000 R09: 0000000000000000 [ 174.395635][T10742] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 174.395648][T10742] R13: 00007fe72b3b6038 R14: 00007fe72b3b5fa0 R15: 00007ffcef82bea8 [ 174.395674][T10742] [ 174.776561][ T8154] bridge0: port 4(bond2) entered disabled state [ 174.785265][T10748] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode balance-rr(0) [ 174.802204][T10751] tipc: Enabled bearer , priority 0 [ 174.803722][T10753] netlink: 388 bytes leftover after parsing attributes in process `syz.4.1482'. [ 174.821765][T10751] syzkaller0: entered promiscuous mode [ 174.827871][T10751] syzkaller0: entered allmulticast mode [ 174.851534][T10751] tipc: Resetting bearer [ 174.862977][T10750] tipc: Resetting bearer [ 174.892003][T10750] tipc: Disabling bearer [ 174.915681][T10757] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check. [ 174.991693][T10761] 8021q: adding VLAN 0 to HW filter on device bond6 [ 175.016283][T10761] bond6 (unregistering): Released all slaves [ 175.100388][T10769] ¾x9ÿ: renamed from bridge_slave_0 (while UP) [ 175.109727][T10769] netlink: 'syz.4.1486': attribute type 5 has an invalid length. [ 175.132240][T10769] netlink: 'syz.4.1486': attribute type 12 has an invalid length. [ 175.424360][T10790] netlink: 388 bytes leftover after parsing attributes in process `syz.4.1494'. [ 176.236738][T10841] netlink: 388 bytes leftover after parsing attributes in process `syz.1.1505'. [ 176.267209][T10838] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1506'. [ 176.317878][T10845] netlink: 'syz.3.1509': attribute type 10 has an invalid length. [ 176.345609][T10838] bridge2: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 176.401180][T10846] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1508'. [ 176.432440][T10846] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1508'. [ 176.472407][T10846] netlink: 'syz.0.1508': attribute type 10 has an invalid length. [ 176.483234][T10853] netlink: 'syz.3.1511': attribute type 11 has an invalid length. [ 176.490588][T10846] team0: Port device geneve0 added [ 176.517206][ T8154] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 176.546418][ T8154] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 176.594534][ T8154] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 176.620119][ T8154] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 176.707513][ C0] bridge0: port 1(1¾x9ÿ) entered learning state [ 176.714139][ C0] bridge0: port 2(bridge_slave_1) entered learning state [ 176.721571][ C0] bridge0: port 3(macvlan2) entered learning state [ 176.951994][T10878] netlink: 'syz.4.1520': attribute type 5 has an invalid length. [ 176.963492][T10878] geneve2: entered promiscuous mode [ 176.969949][T10878] geneve2: entered allmulticast mode [ 176.976391][ T37] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0 [ 176.985910][ T37] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0 [ 176.995187][ T37] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0 [ 177.005029][ T37] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0 [ 177.058670][T10883] tipc: Enabling of bearer rejected, failed to enable media [ 177.315375][T10891] geneve2: entered promiscuous mode [ 177.320934][T10891] geneve2: entered allmulticast mode [ 177.498791][T10904] FAULT_INJECTION: forcing a failure. [ 177.498791][T10904] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 177.531603][T10904] CPU: 0 UID: 0 PID: 10904 Comm: syz.0.1527 Not tainted syzkaller #0 PREEMPT(full) [ 177.531636][T10904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 177.531651][T10904] Call Trace: [ 177.531658][T10904] [ 177.531667][T10904] dump_stack_lvl+0x189/0x250 [ 177.531699][T10904] ? __pfx____ratelimit+0x10/0x10 [ 177.531739][T10904] ? __pfx_dump_stack_lvl+0x10/0x10 [ 177.531764][T10904] ? __pfx__printk+0x10/0x10 [ 177.531798][T10904] ? rcu_is_watching+0x15/0xb0 [ 177.531821][T10904] should_fail_ex+0x414/0x560 [ 177.531852][T10904] _copy_to_user+0x31/0xb0 [ 177.531878][T10904] simple_read_from_buffer+0xe1/0x170 [ 177.531913][T10904] proc_fail_nth_read+0x1b3/0x220 [ 177.531939][T10904] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 177.531972][T10904] ? rw_verify_area+0x2a6/0x4d0 [ 177.532004][T10904] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 177.532029][T10904] vfs_read+0x1fd/0xa30 [ 177.532054][T10904] ? fdget_pos+0x247/0x320 [ 177.532075][T10904] ? __pfx___mutex_lock+0x10/0x10 [ 177.532095][T10904] ? __pfx_vfs_read+0x10/0x10 [ 177.532127][T10904] ? __fget_files+0x3a0/0x420 [ 177.532146][T10904] ? __fget_files+0x2a/0x420 [ 177.532169][T10904] ksys_read+0x145/0x250 [ 177.532197][T10904] ? __pfx_ksys_read+0x10/0x10 [ 177.532223][T10904] ? rcu_is_watching+0x15/0xb0 [ 177.532246][T10904] ? rcu_is_watching+0x15/0xb0 [ 177.532268][T10904] do_syscall_64+0xfa/0x3b0 [ 177.532287][T10904] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 177.532309][T10904] ? clear_bhb_loop+0x60/0xb0 [ 177.532333][T10904] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 177.532354][T10904] RIP: 0033:0x7f3435d8d5fc [ 177.532372][T10904] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 177.532391][T10904] RSP: 002b:00007f3436cda030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 177.532414][T10904] RAX: ffffffffffffffda RBX: 00007f3435fb5fa0 RCX: 00007f3435d8d5fc [ 177.532431][T10904] RDX: 000000000000000f RSI: 00007f3436cda0a0 RDI: 0000000000000004 [ 177.532444][T10904] RBP: 00007f3436cda090 R08: 0000000000000000 R09: 0000000000000000 [ 177.532458][T10904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 177.532470][T10904] R13: 00007f3435fb6038 R14: 00007f3435fb5fa0 R15: 00007ffcce0c6f18 [ 177.532496][T10904] [ 177.973024][T10918] tipc: Enabling of bearer rejected, failed to enable media [ 178.345493][T10943] FAULT_INJECTION: forcing a failure. [ 178.345493][T10943] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 178.362264][T10943] CPU: 1 UID: 0 PID: 10943 Comm: syz.4.1539 Not tainted syzkaller #0 PREEMPT(full) [ 178.362297][T10943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 178.362312][T10943] Call Trace: [ 178.362320][T10943] [ 178.362329][T10943] dump_stack_lvl+0x189/0x250 [ 178.362359][T10943] ? __pfx____ratelimit+0x10/0x10 [ 178.362391][T10943] ? __pfx_dump_stack_lvl+0x10/0x10 [ 178.362415][T10943] ? __pfx__printk+0x10/0x10 [ 178.362445][T10943] ? lock_acquire+0x5f/0x360 [ 178.362479][T10943] should_fail_ex+0x414/0x560 [ 178.362509][T10943] prepare_alloc_pages+0x213/0x610 [ 178.362534][T10943] __alloc_frozen_pages_noprof+0x123/0x370 [ 178.362558][T10943] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 178.362581][T10943] ? __pfx___nla_validate_parse+0x10/0x10 [ 178.362615][T10943] ? policy_nodemask+0x27c/0x720 [ 178.362642][T10943] ? netlink_rcv_skb+0x205/0x470 [ 178.362672][T10943] ? netlink_unicast+0x82c/0x9e0 [ 178.362698][T10943] ? netlink_sendmsg+0x805/0xb30 [ 178.362718][T10943] alloc_pages_mpol+0x232/0x4a0 [ 178.362750][T10943] ___kmalloc_large_node+0x5f/0x1b0 [ 178.362781][T10943] __kmalloc_large_node_noprof+0x18/0x90 [ 178.362811][T10943] __kmalloc_noprof+0x36f/0x4f0 [ 178.362838][T10943] ? tcf_em_tree_validate+0x16f/0x1190 [ 178.362867][T10943] ? tcf_em_tree_validate+0x1bf/0x1190 [ 178.362900][T10943] tcf_em_tree_validate+0x1bf/0x1190 [ 178.362938][T10943] ? __kasan_kmalloc+0x93/0xb0 [ 178.362967][T10943] ? __kmalloc_cache_noprof+0x230/0x3d0 [ 178.362997][T10943] ? __pfx_tcf_em_tree_validate+0x10/0x10 [ 178.363031][T10943] ? tcf_exts_validate+0x42/0x60 [ 178.363065][T10943] cls_cgroup_change+0x3c2/0x540 [ 178.363099][T10943] ? __pfx_cls_cgroup_change+0x10/0x10 [ 178.363144][T10943] tc_new_tfilter+0xdca/0x15b0 [ 178.363182][T10943] ? __pfx_tc_new_tfilter+0x10/0x10 [ 178.363202][T10943] ? __dev_queue_xmit+0x1d79/0x3b50 [ 178.363239][T10943] ? rtnetlink_rcv_msg+0x1ab/0xb70 [ 178.363276][T10943] ? rcu_is_watching+0x15/0xb0 [ 178.363297][T10943] ? lock_release+0x4b/0x3e0 [ 178.363325][T10943] ? bpf_lsm_capable+0x9/0x20 [ 178.363354][T10943] ? security_capable+0x7e/0x2e0 [ 178.363387][T10943] ? __pfx_tc_new_tfilter+0x10/0x10 [ 178.363407][T10943] rtnetlink_rcv_msg+0x7cf/0xb70 [ 178.363441][T10943] ? rtnetlink_rcv_msg+0x1ab/0xb70 [ 178.363471][T10943] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 178.363501][T10943] ? ref_tracker_free+0x63a/0x7d0 [ 178.363531][T10943] ? __asan_memcpy+0x40/0x70 [ 178.363554][T10943] ? __pfx_ref_tracker_free+0x10/0x10 [ 178.363588][T10943] netlink_rcv_skb+0x205/0x470 [ 178.363620][T10943] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 178.363666][T10943] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 178.363710][T10943] netlink_unicast+0x82c/0x9e0 [ 178.363742][T10943] ? __pfx_netlink_unicast+0x10/0x10 [ 178.363772][T10943] ? netlink_sendmsg+0x642/0xb30 [ 178.363789][T10943] ? skb_put+0x11b/0x210 [ 178.363810][T10943] netlink_sendmsg+0x805/0xb30 [ 178.363835][T10943] ? __pfx_netlink_sendmsg+0x10/0x10 [ 178.363860][T10943] ? aa_sock_msg_perm+0xf1/0x1d0 [ 178.363881][T10943] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 178.363904][T10943] ? __pfx_netlink_sendmsg+0x10/0x10 [ 178.363923][T10943] __sock_sendmsg+0x21c/0x270 [ 178.363952][T10943] ____sys_sendmsg+0x505/0x830 [ 178.363977][T10943] ? __pfx_____sys_sendmsg+0x10/0x10 [ 178.364004][T10943] ? import_iovec+0x74/0xa0 [ 178.364029][T10943] ___sys_sendmsg+0x21f/0x2a0 [ 178.364053][T10943] ? __pfx____sys_sendmsg+0x10/0x10 [ 178.364095][T10943] ? __fget_files+0x2a/0x420 [ 178.364112][T10943] ? __fget_files+0x3a0/0x420 [ 178.364145][T10943] __x64_sys_sendmsg+0x19b/0x260 [ 178.364173][T10943] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 178.364202][T10943] ? __pfx_ksys_write+0x10/0x10 [ 178.364228][T10943] ? rcu_is_watching+0x15/0xb0 [ 178.364251][T10943] ? rcu_is_watching+0x15/0xb0 [ 178.364273][T10943] do_syscall_64+0xfa/0x3b0 [ 178.364293][T10943] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 178.364314][T10943] ? clear_bhb_loop+0x60/0xb0 [ 178.364337][T10943] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 178.364420][T10943] RIP: 0033:0x7f3c43d8ebe9 [ 178.364440][T10943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 178.364459][T10943] RSP: 002b:00007f3c44b6a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 178.364483][T10943] RAX: ffffffffffffffda RBX: 00007f3c43fb5fa0 RCX: 00007f3c43d8ebe9 [ 178.364499][T10943] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000004 [ 178.364513][T10943] RBP: 00007f3c44b6a090 R08: 0000000000000000 R09: 0000000000000000 [ 178.364526][T10943] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 178.364538][T10943] R13: 00007f3c43fb6038 R14: 00007f3c43fb5fa0 R15: 00007ffc32a92578 [ 178.364563][T10943] [ 178.900110][T10947] netlink: 'syz.0.1541': attribute type 2 has an invalid length. [ 178.912210][T10947] k›*·]‘: entered promiscuous mode [ 178.956554][T10949] __nla_validate_parse: 6 callbacks suppressed [ 178.956574][T10949] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1543'. [ 178.977763][T10947] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 179.017144][T10949] macvtap1: entered allmulticast mode [ 179.027066][T10949] bridge0: entered allmulticast mode [ 179.036324][T10954] netlink: 'syz.1.1542': attribute type 10 has an invalid length. [ 179.036822][T10949] bridge0: port 5(macvtap1) entered blocking state [ 179.051249][T10949] bridge0: port 5(macvtap1) entered disabled state [ 179.060188][T10949] bridge0: left allmulticast mode [ 179.086708][T10954] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 179.102916][T10954] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 179.143568][T10947] veth0_to_team: entered promiscuous mode [ 179.182579][T10947] veth0_to_team: entered allmulticast mode [ 179.449699][T10975] 8021q: adding VLAN 0 to HW filter on device bond4 [ 179.464203][T10975] bond4 (unregistering): Released all slaves [ 180.909660][T11065] netlink: 'syz.3.1580': attribute type 10 has an invalid length. [ 180.941273][T11065] veth0_macvtap: left promiscuous mode [ 180.950645][T11065] team0: Device veth0_macvtap failed to register rx_handler [ 180.965471][T11065] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1580'. [ 181.094838][T11075] 8021q: adding VLAN 0 to HW filter on device bond3 [ 181.107035][T11075] bridge0: port 5(bond3) entered blocking state [ 181.114911][T11075] bridge0: port 5(bond3) entered disabled state [ 181.121671][T11075] bond3: entered allmulticast mode [ 181.128627][T11075] bond3: entered promiscuous mode [ 181.134233][T11075] bridge0: port 5(bond3) entered blocking state [ 181.140826][T11075] bridge0: port 5(bond3) entered listening state [ 181.251734][T11081] macvlan2: entered allmulticast mode [ 181.257312][T11081] veth1_vlan: entered allmulticast mode [ 181.280327][T11081] veth1_vlan: left allmulticast mode [ 181.443475][T11105] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1595'. [ 181.560475][T11113] tipc: Enabling of bearer rejected, failed to enable media [ 181.566968][T11116] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 181.615700][T11116] tipc: Failed to remove unknown binding: 66,1,1/0:3074840910/3074840912 [ 181.625544][ T5968] IPVS: starting estimator thread 0... [ 181.661549][T11116] tipc: Failed to remove unknown binding: 66,1,1/0:3074840910/3074840912 [ 181.687939][T11116] tipc: Failed to remove unknown binding: 66,1,1/0:3074840910/3074840912 [ 181.718307][T11122] IPVS: using max 37 ests per chain, 88800 per kthread [ 181.792462][T11120] netlink: 788 bytes leftover after parsing attributes in process `syz.0.1598'. [ 181.953514][T11142] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1601'. [ 181.971235][T11142] netlink: 'syz.1.1601': attribute type 33 has an invalid length. [ 181.982130][T11142] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1601'. [ 181.999228][ T37] bridge0: port 5(bond3) entered disabled state [ 182.012442][T11144] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 182.080841][T11149] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1603'. [ 182.216496][ T5965] IPVS: starting estimator thread 0... [ 182.218319][T11156] ieee802154 phy0 wpan0: encryption failed: -22 [ 182.281458][T11160] netlink: 388 bytes leftover after parsing attributes in process `syz.2.1606'. [ 182.307925][T11157] IPVS: using max 32 ests per chain, 76800 per kthread [ 182.391443][T11164] batadv0: entered promiscuous mode [ 182.442537][T11168] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1608'. [ 182.607032][T11184] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1612'. [ 183.001889][T11203] netlink: 'syz.2.1615': attribute type 10 has an invalid length. [ 183.018418][T11171] bridge0: port 3(macvlan2) entered disabled state [ 183.025123][T11171] bridge0: port 2(bridge_slave_1) entered disabled state [ 183.032315][T11171] bridge0: port 1(1¾x9ÿ) entered disabled state [ 183.281963][T11171] dummy0: left promiscuous mode [ 183.381825][ T13] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 183.414454][ T13] netdevsim netdevsim4 netdevsim0: unset [1, 1] type 2 family 0 port 256 - 0 [ 183.434859][ T13] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 183.453704][ T13] netdevsim netdevsim4 netdevsim1: unset [1, 1] type 2 family 0 port 256 - 0 [ 183.491672][ T13] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 183.500970][ T13] netdevsim netdevsim4 netdevsim2: unset [1, 1] type 2 family 0 port 256 - 0 [ 183.516318][ T13] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 183.525622][ T13] netdevsim netdevsim4 netdevsim3: unset [1, 1] type 2 family 0 port 256 - 0 [ 183.621451][ T7020] IPVS: starting estimator thread 0... [ 183.633376][T11219] netlink: 'syz.0.1623': attribute type 4 has an invalid length. [ 183.729029][T11221] IPVS: using max 33 ests per chain, 79200 per kthread [ 183.834051][T11231] netlink: 'syz.2.1627': attribute type 142 has an invalid length. [ 183.884437][ T3487] IPVS: stop unused estimator thread 0... [ 183.906007][T11237] !: renamed from dummy0 [ 184.065678][T11251] __nla_validate_parse: 41 callbacks suppressed [ 184.065700][T11251] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1633'. [ 184.130222][T11253] IPVS: stopping master sync thread 11257 ... [ 184.136463][T11257] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 184.481931][T11285] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1638'. [ 184.525150][T11285] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1638'. [ 184.565338][T11293] netlink: 'syz.4.1638': attribute type 10 has an invalid length. [ 184.587985][T11285] bridge0: vlan filtering disabled, automatically disabling multicast vlan snooping [ 184.590290][T11295] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1641'. [ 184.629553][T11293] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1638'. [ 184.810637][T11306] netlink: 380 bytes leftover after parsing attributes in process `syz.0.1643'. [ 185.024139][T11314] bridge0: entered promiscuous mode [ 185.034661][T11314] macvtap1: entered promiscuous mode [ 185.044301][T11314] bridge0: port 1(macvtap1) entered blocking state [ 185.056146][T11314] bridge0: port 1(macvtap1) entered disabled state [ 185.063446][T11314] macvtap1: entered allmulticast mode [ 185.071849][T11314] bridge0: entered allmulticast mode [ 185.081911][T11314] macvtap1: left allmulticast mode [ 185.087246][T11314] bridge0: left allmulticast mode [ 185.096002][T11314] bridge0: left promiscuous mode [ 185.127172][T11316] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1645'. [ 185.152115][T11316] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1645'. [ 185.202311][T11316] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1645'. [ 185.265651][T11316] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1645'. [ 185.492894][T11340] netlink: 'syz.2.1651': attribute type 1 has an invalid length. [ 185.617194][T11349] openvswitch: netlink: Missing key (keys=40, expected=2000) [ 185.773800][T11361] netlink: 'syz.3.1660': attribute type 1 has an invalid length. [ 186.064153][T11384] netlink: 'syz.1.1666': attribute type 1 has an invalid length. [ 186.092799][T11385] FAULT_INJECTION: forcing a failure. [ 186.092799][T11385] name failslab, interval 1, probability 0, space 0, times 0 [ 186.111336][T11385] CPU: 0 UID: 0 PID: 11385 Comm: syz.4.1667 Not tainted syzkaller #0 PREEMPT(full) [ 186.111366][T11385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 186.111380][T11385] Call Trace: [ 186.111388][T11385] [ 186.111396][T11385] dump_stack_lvl+0x189/0x250 [ 186.111428][T11385] ? __pfx____ratelimit+0x10/0x10 [ 186.111459][T11385] ? __pfx_dump_stack_lvl+0x10/0x10 [ 186.111484][T11385] ? __pfx__printk+0x10/0x10 [ 186.111514][T11385] ? fs_reclaim_acquire+0x7d/0x100 [ 186.111547][T11385] ? __pfx___might_resched+0x10/0x10 [ 186.111566][T11385] ? lock_acquire+0x5f/0x360 [ 186.111608][T11385] should_fail_ex+0x414/0x560 [ 186.111637][T11385] ? alloc_netdev_mqs+0xa46/0x11b0 [ 186.111662][T11385] should_failslab+0xa8/0x100 [ 186.111693][T11385] __kvmalloc_node_noprof+0x161/0x5f0 [ 186.111723][T11385] ? alloc_netdev_mqs+0xa46/0x11b0 [ 186.111752][T11385] alloc_netdev_mqs+0xa46/0x11b0 [ 186.111781][T11385] rtnl_create_link+0x31f/0xd10 [ 186.111811][T11385] rtnl_newlink_create+0x25c/0xb00 [ 186.111839][T11385] ? __pfx_rtnl_newlink_create+0x10/0x10 [ 186.111863][T11385] ? __pfx___mutex_lock+0x10/0x10 [ 186.111887][T11385] ? ns_capable+0x8a/0xf0 [ 186.111908][T11385] rtnl_newlink+0x16d6/0x1c70 [ 186.111948][T11385] ? __pfx_rtnl_newlink+0x10/0x10 [ 186.111980][T11385] ? rcu_is_watching+0x15/0xb0 [ 186.111999][T11385] ? lock_release+0x4b/0x3e0 [ 186.112023][T11385] ? lock_release+0x4b/0x3e0 [ 186.112050][T11385] ? is_bpf_text_address+0x292/0x2b0 [ 186.112076][T11385] ? is_bpf_text_address+0x26/0x2b0 [ 186.112102][T11385] ? kernel_text_address+0xa5/0xe0 [ 186.112128][T11385] ? unwind_next_frame+0xa5/0x2390 [ 186.112147][T11385] ? rcu_is_watching+0x15/0xb0 [ 186.112163][T11385] ? unwind_next_frame+0xa5/0x2390 [ 186.112183][T11385] ? unwind_next_frame+0xa5/0x2390 [ 186.112205][T11385] ? rcu_is_watching+0x15/0xb0 [ 186.112223][T11385] ? is_bpf_text_address+0x26/0x2b0 [ 186.112247][T11385] ? rcu_is_watching+0x15/0xb0 [ 186.112264][T11385] ? rcu_is_watching+0x15/0xb0 [ 186.112280][T11385] ? lock_release+0x4b/0x3e0 [ 186.112304][T11385] ? lock_release+0x4b/0x3e0 [ 186.112330][T11385] ? is_bpf_text_address+0x292/0x2b0 [ 186.112357][T11385] ? is_bpf_text_address+0x26/0x2b0 [ 186.112383][T11385] ? kernel_text_address+0xa5/0xe0 [ 186.112407][T11385] ? __kernel_text_address+0xd/0x40 [ 186.112430][T11385] ? unwind_get_return_address+0x4d/0x90 [ 186.112454][T11385] ? rtnetlink_rcv_msg+0x1ab/0xb70 [ 186.112482][T11385] ? lock_release+0x4b/0x3e0 [ 186.112505][T11385] ? bpf_lsm_capable+0x9/0x20 [ 186.112528][T11385] ? security_capable+0x7e/0x2e0 [ 186.112556][T11385] ? __pfx_rtnl_newlink+0x10/0x10 [ 186.112581][T11385] rtnetlink_rcv_msg+0x7cf/0xb70 [ 186.112614][T11385] ? rtnetlink_rcv_msg+0x1ab/0xb70 [ 186.112639][T11385] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 186.112665][T11385] ? __netlink_lookup+0xbd/0x810 [ 186.112680][T11385] ? rcu_is_watching+0x15/0xb0 [ 186.112697][T11385] ? rcu_is_watching+0x15/0xb0 [ 186.112717][T11385] netlink_rcv_skb+0x205/0x470 [ 186.112744][T11385] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 186.112770][T11385] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 186.112806][T11385] netlink_unicast+0x82c/0x9e0 [ 186.112833][T11385] ? __pfx_netlink_unicast+0x10/0x10 [ 186.112857][T11385] ? netlink_sendmsg+0x642/0xb30 [ 186.112871][T11385] ? skb_put+0x11b/0x210 [ 186.112888][T11385] netlink_sendmsg+0x805/0xb30 [ 186.112908][T11385] ? __pfx_netlink_sendmsg+0x10/0x10 [ 186.112924][T11385] ? aa_sock_msg_perm+0xf1/0x1d0 [ 186.112940][T11385] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 186.112958][T11385] ? __pfx_netlink_sendmsg+0x10/0x10 [ 186.112973][T11385] __sock_sendmsg+0x21c/0x270 [ 186.112998][T11385] ____sys_sendmsg+0x505/0x830 [ 186.113018][T11385] ? __pfx_____sys_sendmsg+0x10/0x10 [ 186.113040][T11385] ? import_iovec+0x74/0xa0 [ 186.113061][T11385] ___sys_sendmsg+0x21f/0x2a0 [ 186.113080][T11385] ? __pfx____sys_sendmsg+0x10/0x10 [ 186.113115][T11385] ? __fget_files+0x2a/0x420 [ 186.113129][T11385] ? __fget_files+0x3a0/0x420 [ 186.113148][T11385] __x64_sys_sendmsg+0x19b/0x260 [ 186.113167][T11385] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 186.113190][T11385] ? __pfx_ksys_write+0x10/0x10 [ 186.113212][T11385] ? rcu_is_watching+0x15/0xb0 [ 186.113230][T11385] ? rcu_is_watching+0x15/0xb0 [ 186.113248][T11385] do_syscall_64+0xfa/0x3b0 [ 186.113263][T11385] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.113280][T11385] ? clear_bhb_loop+0x60/0xb0 [ 186.113299][T11385] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.113316][T11385] RIP: 0033:0x7f3c43d8ebe9 [ 186.113331][T11385] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 186.113349][T11385] RSP: 002b:00007f3c44b6a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 186.113369][T11385] RAX: ffffffffffffffda RBX: 00007f3c43fb5fa0 RCX: 00007f3c43d8ebe9 [ 186.113382][T11385] RDX: 0000000000004000 RSI: 0000200000000280 RDI: 0000000000000003 [ 186.113393][T11385] RBP: 00007f3c44b6a090 R08: 0000000000000000 R09: 0000000000000000 [ 186.113404][T11385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 186.113415][T11385] R13: 00007f3c43fb6038 R14: 00007f3c43fb5fa0 R15: 00007ffc32a92578 [ 186.113435][T11385] [ 186.832990][T11406] tipc: Enabled bearer , priority 0 [ 186.893124][T11399] tipc: Disabling bearer [ 187.133552][T11424] netlink: 'syz.2.1672': attribute type 6 has an invalid length. [ 187.314425][T11436] FAULT_INJECTION: forcing a failure. [ 187.314425][T11436] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 187.327895][T11436] CPU: 1 UID: 0 PID: 11436 Comm: syz.1.1684 Not tainted syzkaller #0 PREEMPT(full) [ 187.327925][T11436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 187.327939][T11436] Call Trace: [ 187.327947][T11436] [ 187.327955][T11436] dump_stack_lvl+0x189/0x250 [ 187.327986][T11436] ? __pfx____ratelimit+0x10/0x10 [ 187.328017][T11436] ? __pfx_dump_stack_lvl+0x10/0x10 [ 187.328040][T11436] ? __pfx__printk+0x10/0x10 [ 187.328168][T11436] ? __might_fault+0xb0/0x130 [ 187.328195][T11436] ? rcu_is_watching+0x15/0xb0 [ 187.328211][T11436] should_fail_ex+0x414/0x560 [ 187.328234][T11436] _copy_from_user+0x2d/0xb0 [ 187.328252][T11436] ___sys_sendmsg+0x158/0x2a0 [ 187.328270][T11436] ? __pfx____sys_sendmsg+0x10/0x10 [ 187.328300][T11436] ? __fget_files+0x2a/0x420 [ 187.328313][T11436] ? __fget_files+0x3a0/0x420 [ 187.328330][T11436] __x64_sys_sendmsg+0x19b/0x260 [ 187.328347][T11436] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 187.328376][T11436] ? __pfx_ksys_write+0x10/0x10 [ 187.328399][T11436] ? rcu_is_watching+0x15/0xb0 [ 187.328414][T11436] do_syscall_64+0xfa/0x3b0 [ 187.328430][T11436] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 187.328444][T11436] ? clear_bhb_loop+0x60/0xb0 [ 187.328461][T11436] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 187.328476][T11436] RIP: 0033:0x7f2e4b98ebe9 [ 187.328490][T11436] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 187.328503][T11436] RSP: 002b:00007f2e4c884038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 187.328520][T11436] RAX: ffffffffffffffda RBX: 00007f2e4bbb5fa0 RCX: 00007f2e4b98ebe9 [ 187.328531][T11436] RDX: 0000000020000000 RSI: 0000200000000340 RDI: 0000000000000004 [ 187.328542][T11436] RBP: 00007f2e4c884090 R08: 0000000000000000 R09: 0000000000000000 [ 187.328552][T11436] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 187.328560][T11436] R13: 00007f2e4bbb6038 R14: 00007f2e4bbb5fa0 R15: 00007ffca7b13988 [ 187.328579][T11436] [ 187.886810][T11457] vlan0: entered promiscuous mode [ 187.944109][T11460] netlink: 'syz.4.1692': attribute type 1 has an invalid length. [ 188.005598][T11462] 8021q: adding VLAN 0 to HW filter on device bond2 [ 188.022546][T11462] bridge0: port 1(bond2) entered blocking state [ 188.044935][T11462] bridge0: port 1(bond2) entered disabled state [ 188.062754][T11462] bond2: entered allmulticast mode [ 188.081199][T11462] bond2: entered promiscuous mode [ 188.301901][T11483] FAULT_INJECTION: forcing a failure. [ 188.301901][T11483] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 188.317887][T11483] CPU: 1 UID: 0 PID: 11483 Comm: syz.3.1701 Not tainted syzkaller #0 PREEMPT(full) [ 188.317918][T11483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 188.317932][T11483] Call Trace: [ 188.317940][T11483] [ 188.317949][T11483] dump_stack_lvl+0x189/0x250 [ 188.317981][T11483] ? __pfx____ratelimit+0x10/0x10 [ 188.318012][T11483] ? __pfx_dump_stack_lvl+0x10/0x10 [ 188.318037][T11483] ? __pfx__printk+0x10/0x10 [ 188.318064][T11483] ? __might_fault+0xb0/0x130 [ 188.318098][T11483] ? rcu_is_watching+0x15/0xb0 [ 188.318120][T11483] should_fail_ex+0x414/0x560 [ 188.318150][T11483] _copy_from_user+0x2d/0xb0 [ 188.318212][T11483] ___sys_sendmsg+0x158/0x2a0 [ 188.318237][T11483] ? __pfx____sys_sendmsg+0x10/0x10 [ 188.318280][T11483] ? __fget_files+0x2a/0x420 [ 188.318298][T11483] ? __fget_files+0x3a0/0x420 [ 188.318322][T11483] __x64_sys_sendmsg+0x19b/0x260 [ 188.318346][T11483] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 188.318374][T11483] ? __pfx_ksys_write+0x10/0x10 [ 188.318400][T11483] ? rcu_is_watching+0x15/0xb0 [ 188.318423][T11483] ? rcu_is_watching+0x15/0xb0 [ 188.318445][T11483] do_syscall_64+0xfa/0x3b0 [ 188.318465][T11483] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 188.318486][T11483] ? clear_bhb_loop+0x60/0xb0 [ 188.318509][T11483] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 188.318529][T11483] RIP: 0033:0x7f6d3318ebe9 [ 188.318546][T11483] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 188.318565][T11483] RSP: 002b:00007f6d33fc3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 188.318589][T11483] RAX: ffffffffffffffda RBX: 00007f6d333b5fa0 RCX: 00007f6d3318ebe9 [ 188.318605][T11483] RDX: 0000000000000000 RSI: 0000200000000480 RDI: 0000000000000003 [ 188.318618][T11483] RBP: 00007f6d33fc3090 R08: 0000000000000000 R09: 0000000000000000 [ 188.318631][T11483] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 188.318643][T11483] R13: 00007f6d333b6038 R14: 00007f6d333b5fa0 R15: 00007ffef269e788 [ 188.318669][T11483] [ 188.651452][T11495] FAULT_INJECTION: forcing a failure. [ 188.651452][T11495] name failslab, interval 1, probability 0, space 0, times 0 [ 188.681064][T11495] CPU: 1 UID: 0 PID: 11495 Comm: syz.1.1707 Not tainted syzkaller #0 PREEMPT(full) [ 188.681097][T11495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 188.681110][T11495] Call Trace: [ 188.681118][T11495] [ 188.681127][T11495] dump_stack_lvl+0x189/0x250 [ 188.681156][T11495] ? __pfx____ratelimit+0x10/0x10 [ 188.681188][T11495] ? __pfx_dump_stack_lvl+0x10/0x10 [ 188.681213][T11495] ? __pfx__printk+0x10/0x10 [ 188.681245][T11495] ? fs_reclaim_acquire+0x7d/0x100 [ 188.681277][T11495] ? __pfx___might_resched+0x10/0x10 [ 188.681297][T11495] ? lock_acquire+0x5f/0x360 [ 188.681329][T11495] should_fail_ex+0x414/0x560 [ 188.681359][T11495] ? alloc_netdev_mqs+0xa46/0x11b0 [ 188.681384][T11495] should_failslab+0xa8/0x100 [ 188.681417][T11495] __kvmalloc_node_noprof+0x161/0x5f0 [ 188.681447][T11495] ? alloc_netdev_mqs+0xa46/0x11b0 [ 188.681483][T11495] alloc_netdev_mqs+0xa46/0x11b0 [ 188.681514][T11495] rtnl_create_link+0x31f/0xd10 [ 188.681545][T11495] rtnl_newlink_create+0x25c/0xb00 [ 188.681574][T11495] ? __pfx_rtnl_newlink_create+0x10/0x10 [ 188.681597][T11495] ? __pfx___mutex_lock+0x10/0x10 [ 188.681624][T11495] ? ns_capable+0x8a/0xf0 [ 188.681646][T11495] rtnl_newlink+0x16d6/0x1c70 [ 188.681679][T11495] ? netlink_sendmsg+0x805/0xb30 [ 188.681705][T11495] ? __pfx_rtnl_newlink+0x10/0x10 [ 188.681751][T11495] ? rcu_is_watching+0x15/0xb0 [ 188.681777][T11495] ? nlmon_xmit+0xb0/0x100 [ 188.681797][T11495] ? kmem_cache_free+0x18f/0x400 [ 188.681830][T11495] ? rcu_is_watching+0x15/0xb0 [ 188.681851][T11495] ? __dev_queue_xmit+0x27b/0x3b50 [ 188.681876][T11495] ? __local_bh_enable_ip+0x12d/0x1c0 [ 188.681897][T11495] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 188.681917][T11495] ? __dev_queue_xmit+0x27b/0x3b50 [ 188.681941][T11495] ? lock_release+0x4b/0x3e0 [ 188.681972][T11495] ? __dev_queue_xmit+0x27b/0x3b50 [ 188.681995][T11495] ? __dev_queue_xmit+0x27b/0x3b50 [ 188.682021][T11495] ? __dev_queue_xmit+0x1d79/0x3b50 [ 188.682054][T11495] ? rtnetlink_rcv_msg+0x1ab/0xb70 [ 188.682088][T11495] ? lock_release+0x4b/0x3e0 [ 188.682117][T11495] ? bpf_lsm_capable+0x9/0x20 [ 188.682145][T11495] ? security_capable+0x7e/0x2e0 [ 188.682179][T11495] ? __pfx_rtnl_newlink+0x10/0x10 [ 188.682209][T11495] rtnetlink_rcv_msg+0x7cf/0xb70 [ 188.682242][T11495] ? rtnetlink_rcv_msg+0x1ab/0xb70 [ 188.682272][T11495] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 188.682302][T11495] ? ref_tracker_free+0x63a/0x7d0 [ 188.682331][T11495] ? __asan_memcpy+0x40/0x70 [ 188.682353][T11495] ? __pfx_ref_tracker_free+0x10/0x10 [ 188.682386][T11495] netlink_rcv_skb+0x205/0x470 [ 188.682419][T11495] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 188.682451][T11495] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 188.682503][T11495] netlink_unicast+0x82c/0x9e0 [ 188.682536][T11495] ? __pfx_netlink_unicast+0x10/0x10 [ 188.682565][T11495] ? netlink_sendmsg+0x642/0xb30 [ 188.682582][T11495] ? skb_put+0x11b/0x210 [ 188.682604][T11495] netlink_sendmsg+0x805/0xb30 [ 188.682629][T11495] ? __pfx_netlink_sendmsg+0x10/0x10 [ 188.682650][T11495] ? aa_sock_msg_perm+0xf1/0x1d0 [ 188.682669][T11495] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 188.682692][T11495] ? __pfx_netlink_sendmsg+0x10/0x10 [ 188.682710][T11495] __sock_sendmsg+0x21c/0x270 [ 188.682738][T11495] ____sys_sendmsg+0x505/0x830 [ 188.682761][T11495] ? __pfx_____sys_sendmsg+0x10/0x10 [ 188.682786][T11495] ? import_iovec+0x74/0xa0 [ 188.682810][T11495] ___sys_sendmsg+0x21f/0x2a0 [ 188.682833][T11495] ? __pfx____sys_sendmsg+0x10/0x10 [ 188.682875][T11495] ? __fget_files+0x2a/0x420 [ 188.682893][T11495] ? __fget_files+0x3a0/0x420 [ 188.682917][T11495] __x64_sys_sendmsg+0x19b/0x260 [ 188.682941][T11495] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 188.682969][T11495] ? __pfx_ksys_write+0x10/0x10 [ 188.682995][T11495] ? rcu_is_watching+0x15/0xb0 [ 188.683019][T11495] ? rcu_is_watching+0x15/0xb0 [ 188.683041][T11495] do_syscall_64+0xfa/0x3b0 [ 188.683061][T11495] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 188.683088][T11495] ? clear_bhb_loop+0x60/0xb0 [ 188.683112][T11495] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 188.683133][T11495] RIP: 0033:0x7f2e4b98ebe9 [ 188.683152][T11495] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 188.683172][T11495] RSP: 002b:00007f2e4c884038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 188.683196][T11495] RAX: ffffffffffffffda RBX: 00007f2e4bbb5fa0 RCX: 00007f2e4b98ebe9 [ 188.683212][T11495] RDX: 0000000000004000 RSI: 0000200000000280 RDI: 0000000000000003 [ 188.683226][T11495] RBP: 00007f2e4c884090 R08: 0000000000000000 R09: 0000000000000000 [ 188.683239][T11495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 188.683252][T11495] R13: 00007f2e4bbb6038 R14: 00007f2e4bbb5fa0 R15: 00007ffca7b13988 [ 188.683276][T11495] [ 189.335137][T11516] __nla_validate_parse: 87 callbacks suppressed [ 189.335160][T11516] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1712'. [ 189.496934][T11525] FAULT_INJECTION: forcing a failure. [ 189.496934][T11525] name failslab, interval 1, probability 0, space 0, times 0 [ 189.510925][T11525] CPU: 1 UID: 0 PID: 11525 Comm: syz.3.1716 Not tainted syzkaller #0 PREEMPT(full) [ 189.510955][T11525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 189.510969][T11525] Call Trace: [ 189.510977][T11525] [ 189.510985][T11525] dump_stack_lvl+0x189/0x250 [ 189.511014][T11525] ? __pfx____ratelimit+0x10/0x10 [ 189.511043][T11525] ? __pfx_dump_stack_lvl+0x10/0x10 [ 189.511064][T11525] ? __pfx__printk+0x10/0x10 [ 189.511089][T11525] ? fs_reclaim_acquire+0x7d/0x100 [ 189.511115][T11525] ? rcu_is_watching+0x15/0xb0 [ 189.511147][T11525] ? __pfx___might_resched+0x10/0x10 [ 189.511163][T11525] ? lock_acquire+0x5f/0x360 [ 189.511189][T11525] should_fail_ex+0x414/0x560 [ 189.511213][T11525] should_failslab+0xa8/0x100 [ 189.511239][T11525] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 189.511263][T11525] ? __alloc_skb+0x112/0x2d0 [ 189.511281][T11525] __alloc_skb+0x112/0x2d0 [ 189.511297][T11525] netlink_sendmsg+0x5c6/0xb30 [ 189.511317][T11525] ? __pfx_netlink_sendmsg+0x10/0x10 [ 189.511334][T11525] ? aa_sock_msg_perm+0xf1/0x1d0 [ 189.511350][T11525] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 189.511369][T11525] ? __pfx_netlink_sendmsg+0x10/0x10 [ 189.511385][T11525] __sock_sendmsg+0x21c/0x270 [ 189.511410][T11525] ____sys_sendmsg+0x505/0x830 [ 189.511431][T11525] ? __pfx_____sys_sendmsg+0x10/0x10 [ 189.511453][T11525] ? import_iovec+0x74/0xa0 [ 189.511475][T11525] ___sys_sendmsg+0x21f/0x2a0 [ 189.511493][T11525] ? __pfx____sys_sendmsg+0x10/0x10 [ 189.511529][T11525] ? __fget_files+0x2a/0x420 [ 189.511546][T11525] ? __fget_files+0x3a0/0x420 [ 189.511566][T11525] __x64_sys_sendmsg+0x19b/0x260 [ 189.511586][T11525] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 189.511608][T11525] ? __pfx_ksys_write+0x10/0x10 [ 189.511630][T11525] ? rcu_is_watching+0x15/0xb0 [ 189.511649][T11525] ? rcu_is_watching+0x15/0xb0 [ 189.511666][T11525] do_syscall_64+0xfa/0x3b0 [ 189.511682][T11525] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 189.511699][T11525] ? clear_bhb_loop+0x60/0xb0 [ 189.511718][T11525] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 189.511734][T11525] RIP: 0033:0x7f6d3318ebe9 [ 189.511750][T11525] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 189.511765][T11525] RSP: 002b:00007f6d33fc3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 189.511785][T11525] RAX: ffffffffffffffda RBX: 00007f6d333b5fa0 RCX: 00007f6d3318ebe9 [ 189.511798][T11525] RDX: 0000000000000000 RSI: 0000200000000480 RDI: 0000000000000003 [ 189.511809][T11525] RBP: 00007f6d33fc3090 R08: 0000000000000000 R09: 0000000000000000 [ 189.511819][T11525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 189.511829][T11525] R13: 00007f6d333b6038 R14: 00007f6d333b5fa0 R15: 00007ffef269e788 [ 189.511850][T11525] [ 189.878317][T11535] 8021q: adding VLAN 0 to HW filter on device bond4 [ 189.885917][T11535] bridge0: port 1(bond4) entered blocking state [ 189.892651][T11535] bridge0: port 1(bond4) entered disabled state [ 189.899549][T11535] bond4: entered allmulticast mode [ 189.906291][T11535] bond4: entered promiscuous mode [ 189.912401][T11535] bridge0: port 1(bond4) entered blocking state [ 189.918783][T11535] bridge0: port 1(bond4) entered forwarding state [ 189.943728][T11538] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1721'. [ 190.172016][T11548] netlink: 'syz.1.1725': attribute type 13 has an invalid length. [ 190.184644][T11555] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1728'. [ 190.232635][ T36] bridge0: port 1(bond4) entered disabled state [ 190.456680][T11571] netlink: 'syz.0.1730': attribute type 1 has an invalid length. [ 190.474502][T11571] netlink: 228 bytes leftover after parsing attributes in process `syz.0.1730'. [ 190.673162][T11586] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1735'. [ 190.903430][T11606] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1741'. [ 191.188441][T11626] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1745'. [ 191.481392][T11644] IPVS: lc: UDP 224.0.0.2:0 - no destination available [ 191.850976][T11665] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1762'. [ 191.884964][T11665] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1762'. [ 192.411115][T11711] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1777'. [ 192.420377][T11711] netlink: 'syz.1.1777': attribute type 30 has an invalid length. [ 192.865033][T11719] 8021q: adding VLAN 0 to HW filter on device bond3 [ 192.874732][T11719] bridge0: port 2(bond3) entered blocking state [ 192.881172][T11719] bridge0: port 2(bond3) entered disabled state [ 192.887772][T11719] bond3: entered allmulticast mode [ 192.894392][T11719] bond3: entered promiscuous mode [ 193.159063][T11736] tipc: Enabled bearer , priority 0 [ 193.168158][T11736] syzkaller0: entered promiscuous mode [ 193.174113][T11736] syzkaller0: entered allmulticast mode [ 193.204388][T11736] tipc: Resetting bearer [ 193.229922][T11735] tipc: Resetting bearer [ 193.259694][T11735] tipc: Disabling bearer [ 193.315028][T11747] ¾x9ÿ: left allmulticast mode [ 193.320244][T11747] ¾x9ÿ: left promiscuous mode [ 193.325230][T11747] bridge0: port 1(1¾x9ÿ) entered disabled state [ 193.384000][T11747] bridge_slave_1: left allmulticast mode [ 193.430328][T11747] bridge_slave_1: left promiscuous mode [ 193.436133][T11747] bridge0: port 2(bridge_slave_1) entered disabled state [ 193.479310][T11747] bond0: (slave bond_slave_0): Releasing backup interface [ 193.498429][T11747] bond0: (slave bond_slave_1): Releasing backup interface [ 193.509539][T11747] team0: Port device team_slave_0 removed [ 193.516948][T11747] team0: Port device team_slave_1 removed [ 193.527317][T11747] team0: Port device geneve0 removed [ 193.547814][T11747] team0: Port device veth3 removed [ 193.553482][T11747] macvlan2: left allmulticast mode [ 193.558862][T11747] macvlan2: left promiscuous mode [ 193.564088][T11747] bridge0: port 3(macvlan2) entered disabled state [ 193.584553][T11747] bond2: left allmulticast mode [ 193.597460][T11747] bond2: left promiscuous mode [ 193.602575][T11747] bridge0: port 4(bond2) entered disabled state [ 193.612255][T11747] bond3: left allmulticast mode [ 193.617323][T11747] bond3: left promiscuous mode [ 193.622436][T11747] bridge0: port 5(bond3) entered disabled state [ 193.634741][T11749] vlan0: entered promiscuous mode [ 193.644186][T11754] tipc: Enabled bearer , priority 0 [ 193.756984][T11754] tipc: Disabling bearer [ 193.926265][T11776] bond0: invalid ARP target 0.0.0.0 specified for addition [ 193.948378][T11776] bond0: option arp_ip_target: invalid value (0) [ 194.817660][T11831] __nla_validate_parse: 9 callbacks suppressed [ 194.817685][T11831] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1818'. [ 194.868289][T11831] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1818'. [ 195.232371][T11850] netlink: 'syz.0.1824': attribute type 1 has an invalid length. [ 195.233403][T11844] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1823'. [ 195.320556][T11846] veth3: entered promiscuous mode [ 195.805971][T11878] FAULT_INJECTION: forcing a failure. [ 195.805971][T11878] name failslab, interval 1, probability 0, space 0, times 0 [ 195.825989][T11878] CPU: 1 UID: 0 PID: 11878 Comm: syz.1.1834 Not tainted syzkaller #0 PREEMPT(full) [ 195.826019][T11878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 195.826032][T11878] Call Trace: [ 195.826040][T11878] [ 195.826048][T11878] dump_stack_lvl+0x189/0x250 [ 195.826077][T11878] ? __pfx____ratelimit+0x10/0x10 [ 195.826110][T11878] ? __pfx_dump_stack_lvl+0x10/0x10 [ 195.826135][T11878] ? __pfx__printk+0x10/0x10 [ 195.826167][T11878] ? __pfx___might_resched+0x10/0x10 [ 195.826187][T11878] ? lock_acquire+0x5f/0x360 [ 195.826219][T11878] should_fail_ex+0x414/0x560 [ 195.826247][T11878] should_failslab+0xa8/0x100 [ 195.826279][T11878] __kmalloc_noprof+0xcb/0x4f0 [ 195.826306][T11878] ? tomoyo_encode+0x28b/0x550 [ 195.826328][T11878] tomoyo_encode+0x28b/0x550 [ 195.826350][T11878] tomoyo_realpath_from_path+0x58d/0x5d0 [ 195.826372][T11878] ? tomoyo_domain+0xd9/0x130 [ 195.826397][T11878] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 195.826426][T11878] tomoyo_path_number_perm+0x1e8/0x5a0 [ 195.826454][T11878] ? lock_release+0x4b/0x3e0 [ 195.826484][T11878] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 195.826515][T11878] ? rcu_is_watching+0x15/0xb0 [ 195.826534][T11878] ? lock_release+0x4b/0x3e0 [ 195.826562][T11878] ? vfs_write+0x956/0xb30 [ 195.826591][T11878] ? __mutex_unlock_slowpath+0x1a1/0x740 [ 195.826634][T11878] ? lock_release+0x4b/0x3e0 [ 195.826666][T11878] ? __fget_files+0x2a/0x420 [ 195.826683][T11878] ? __fget_files+0x3a0/0x420 [ 195.826701][T11878] ? __fget_files+0x2a/0x420 [ 195.826736][T11878] security_file_ioctl+0xcb/0x2d0 [ 195.826764][T11878] __se_sys_ioctl+0x47/0x170 [ 195.826790][T11878] do_syscall_64+0xfa/0x3b0 [ 195.826809][T11878] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 195.826830][T11878] ? clear_bhb_loop+0x60/0xb0 [ 195.826853][T11878] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 195.826874][T11878] RIP: 0033:0x7f2e4b98ebe9 [ 195.826893][T11878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 195.826911][T11878] RSP: 002b:00007f2e4c884038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 195.826934][T11878] RAX: ffffffffffffffda RBX: 00007f2e4bbb5fa0 RCX: 00007f2e4b98ebe9 [ 195.826950][T11878] RDX: 0000200000000000 RSI: 0000000000008914 RDI: 0000000000000005 [ 195.826964][T11878] RBP: 00007f2e4c884090 R08: 0000000000000000 R09: 0000000000000000 [ 195.826977][T11878] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 195.826994][T11878] R13: 00007f2e4bbb6038 R14: 00007f2e4bbb5fa0 R15: 00007ffca7b13988 [ 195.827019][T11878] [ 195.852825][T11878] ERROR: Out of memory at tomoyo_realpath_from_path. [ 196.230929][T11895] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1838'. [ 196.256018][T11895] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1838'. [ 199.759766][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 229.565271][T11902] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1840'. [ 229.756124][T11906] netlink: 'syz.2.1841': attribute type 4 has an invalid length. [ 229.973068][T11928] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1845'. [ 229.986137][T11929] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1847'. [ 230.013354][T11929] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 230.024817][T11929] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 230.036850][T11929] bond0 (unregistering): (slave batadv0): Releasing backup interface [ 230.063182][T11929] bond0 (unregistering): Released all slaves [ 230.348508][T11943] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1854'. [ 230.366406][T11938] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1852'. [ 230.415151][T11934] infiniband syz2: set down [ 230.422518][T11934] infiniband syz2: added bond0 [ 230.465454][T11934] RDS/IB: syz2: added [ 230.470690][T11934] smc: adding ib device syz2 with port count 1 [ 230.477075][T11934] smc: ib device syz2 port 1 has pnetid [ 230.654736][T11956] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1857'. [ 230.981364][T11969] tipc: Enabled bearer , priority 0 [ 231.003880][T11969] syzkaller0: entered promiscuous mode [ 231.026355][T11969] syzkaller0: entered allmulticast mode [ 231.116209][T11970] tipc: Resetting bearer [ 231.140149][T11970] tipc: Disabling bearer [ 231.772420][T12011] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1873'. [ 231.852020][T12004] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1872'. [ 231.865626][T12004] netlink: 'syz.1.1872': attribute type 10 has an invalid length. [ 231.893009][T12016] macvlan2: entered allmulticast mode [ 231.902713][T12004] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1872'. [ 231.912910][T12016] veth1_vlan: entered allmulticast mode [ 231.926365][T12016] veth1_vlan: left allmulticast mode [ 231.952188][T12019] tipc: Enabling of bearer rejected, failed to enable media [ 232.370768][T12052] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1889'. [ 232.424392][T12052] 8021q: adding VLAN 0 to HW filter on device bond5 [ 232.449704][T12052] bond0: (slave bond5): Enslaving as an active interface with an up link [ 232.461560][T12061] netlink: 'syz.0.1888': attribute type 3 has an invalid length. [ 232.463702][T12059] 8021q: adding VLAN 0 to HW filter on device bond0 [ 232.479374][T12061] netlink: 'syz.0.1888': attribute type 1 has an invalid length. [ 232.587604][T12072] FAULT_INJECTION: forcing a failure. [ 232.587604][T12072] name failslab, interval 1, probability 0, space 0, times 0 [ 232.600593][T12072] CPU: 0 UID: 0 PID: 12072 Comm: syz.1.1893 Not tainted syzkaller #0 PREEMPT(full) [ 232.600623][T12072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 232.600637][T12072] Call Trace: [ 232.600645][T12072] [ 232.600653][T12072] dump_stack_lvl+0x189/0x250 [ 232.600685][T12072] ? __pfx____ratelimit+0x10/0x10 [ 232.600716][T12072] ? __pfx_dump_stack_lvl+0x10/0x10 [ 232.600742][T12072] ? __pfx__printk+0x10/0x10 [ 232.600772][T12072] ? rcu_read_lock_held+0xa/0x50 [ 232.600793][T12072] ? __rt6_find_exception_rcu+0x127/0x4c0 [ 232.600832][T12072] should_fail_ex+0x414/0x560 [ 232.600862][T12072] should_failslab+0xa8/0x100 [ 232.600892][T12072] ? __pfx_ip6_dst_gc+0x10/0x10 [ 232.600912][T12072] kmem_cache_alloc_noprof+0x73/0x3c0 [ 232.600940][T12072] ? dst_alloc+0x105/0x170 [ 232.600964][T12072] ? __pfx_ip6_dst_gc+0x10/0x10 [ 232.600985][T12072] dst_alloc+0x105/0x170 [ 232.601011][T12072] ip6_pol_route+0xa21/0x1180 [ 232.601035][T12072] ? ip6_pol_route+0x162/0x1180 [ 232.601061][T12072] ? __pfx_ip6_pol_route+0x10/0x10 [ 232.601086][T12072] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 232.601112][T12072] ? arch_stack_walk+0xfc/0x150 [ 232.601144][T12072] fib6_rule_lookup+0x55e/0x6f0 [ 232.601170][T12072] ? __pfx_ip6_pol_route_input+0x10/0x10 [ 232.601195][T12072] ? __pfx_fib6_rule_lookup+0x10/0x10 [ 232.601220][T12072] ? stack_depot_save_flags+0x40/0x860 [ 232.601251][T12072] ? __update_page_owner_handle+0x5a/0x570 [ 232.601279][T12072] ? rcu_is_watching+0x15/0xb0 [ 232.601301][T12072] ? rcu_is_watching+0x15/0xb0 [ 232.601326][T12072] ip6_route_input+0x6de/0xad0 [ 232.601349][T12072] ? __update_page_owner_handle+0x5a/0x570 [ 232.601380][T12072] ? __pfx_ip6_route_input+0x10/0x10 [ 232.601403][T12072] ? __pfx_ip_sabotage_in+0x10/0x10 [ 232.601439][T12072] ? nf_hook_slow_list+0x2af/0x390 [ 232.601464][T12072] ? rcu_is_watching+0x15/0xb0 [ 232.601484][T12072] ? lock_release+0x4b/0x3e0 [ 232.601515][T12072] ? ip6_rcv_finish_core+0x222/0x420 [ 232.601547][T12072] ip6_sublist_rcv+0x704/0xdd0 [ 232.601582][T12072] ? lock_release+0x4b/0x3e0 [ 232.601613][T12072] ? __pfx_ip6_sublist_rcv+0x10/0x10 [ 232.601643][T12072] ? skb_orphan+0xaf/0xd0 [ 232.601676][T12072] ? __pfx_ip6_rcv_finish+0x10/0x10 [ 232.601706][T12072] ? ip6_rcv_core+0x9e/0x1590 [ 232.601741][T12072] ipv6_list_rcv+0x3e5/0x430 [ 232.601776][T12072] ? __pfx_ipv6_list_rcv+0x10/0x10 [ 232.601807][T12072] ? kasan_save_track+0x3e/0x80 [ 232.601830][T12072] ? __kasan_slab_alloc+0x6c/0x80 [ 232.601856][T12072] ? bpf_test_run_xdp_live+0x15f1/0x1b10 [ 232.601889][T12072] ? bpf_prog_test_run_xdp+0x713/0x1000 [ 232.601920][T12072] ? bpf_prog_test_run+0x2c7/0x340 [ 232.601948][T12072] ? __sys_bpf+0x581/0x870 [ 232.601972][T12072] ? __pfx_ipv6_list_rcv+0x10/0x10 [ 232.602003][T12072] __netif_receive_skb_list_core+0x5f4/0x800 [ 232.602041][T12072] ? __pfx___netif_receive_skb_list_core+0x10/0x10 [ 232.602076][T12072] ? netif_receive_skb_list_internal+0x4fd/0xcc0 [ 232.602104][T12072] netif_receive_skb_list_internal+0x975/0xcc0 [ 232.602202][T12072] ? netif_receive_skb_list_internal+0x4fd/0xcc0 [ 232.602234][T12072] ? __pfx_netif_receive_skb_list_internal+0x10/0x10 [ 232.602264][T12072] ? __phys_addr+0xd3/0x180 [ 232.602290][T12072] ? build_skb_around+0x133/0x280 [ 232.602311][T12072] ? __xdp_build_skb_from_frame+0x34b/0x740 [ 232.602340][T12072] netif_receive_skb_list+0x54/0x450 [ 232.602370][T12072] bpf_test_run_xdp_live+0x1786/0x1b10 [ 232.602409][T12072] ? bpf_test_run_xdp_live+0x38e/0x1b10 [ 232.602457][T12072] ? __pfx_bpf_test_run_xdp_live+0x10/0x10 [ 232.602488][T12072] ? bpf_dispatcher_xdp+0x800/0x1000 [ 232.602508][T12072] ? bpf_dispatcher_xdp+0x800/0x1000 [ 232.602553][T12072] ? __pfx_xdp_test_run_init_page+0x10/0x10 [ 232.602577][T12072] ? _copy_from_user+0x94/0xb0 [ 232.602602][T12072] ? bpf_test_init+0x133/0x170 [ 232.602630][T12072] ? xdp_convert_md_to_buff+0x5b/0x330 [ 232.602664][T12072] bpf_prog_test_run_xdp+0x713/0x1000 [ 232.602702][T12072] ? rcu_is_watching+0x15/0xb0 [ 232.602724][T12072] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 232.602760][T12072] ? __fget_files+0x2a/0x420 [ 232.602782][T12072] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 232.602814][T12072] bpf_prog_test_run+0x2c7/0x340 [ 232.602846][T12072] __sys_bpf+0x581/0x870 [ 232.602873][T12072] ? __pfx___sys_bpf+0x10/0x10 [ 232.602908][T12072] ? ksys_write+0x22a/0x250 [ 232.602937][T12072] ? __pfx_ksys_write+0x10/0x10 [ 232.602963][T12072] ? rcu_is_watching+0x15/0xb0 [ 232.602987][T12072] __x64_sys_bpf+0x7c/0x90 [ 232.603012][T12072] do_syscall_64+0xfa/0x3b0 [ 232.603032][T12072] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 232.603053][T12072] ? clear_bhb_loop+0x60/0xb0 [ 232.603077][T12072] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 232.603098][T12072] RIP: 0033:0x7f2e4b98ebe9 [ 232.603116][T12072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 232.603134][T12072] RSP: 002b:00007f2e4c884038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 232.603157][T12072] RAX: ffffffffffffffda RBX: 00007f2e4bbb5fa0 RCX: 00007f2e4b98ebe9 [ 232.603173][T12072] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a [ 232.603187][T12072] RBP: 00007f2e4c884090 R08: 0000000000000000 R09: 0000000000000000 [ 232.603201][T12072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 232.603213][T12072] R13: 00007f2e4bbb6038 R14: 00007f2e4bbb5fa0 R15: 00007ffca7b13988 [ 232.603239][T12072] [ 233.323920][T12076] netlink: 'syz.3.1894': attribute type 10 has an invalid length. [ 233.526414][ T7020] IPVS: starting estimator thread 0... [ 233.647624][T12097] IPVS: using max 38 ests per chain, 91200 per kthread [ 233.692785][T12102] netlink: 'syz.4.1900': attribute type 1 has an invalid length. [ 233.721894][T12102] netlink: 'syz.4.1900': attribute type 2 has an invalid length. [ 233.743747][T12102] netlink: 'syz.4.1900': attribute type 8 has an invalid length. [ 233.933513][T12122] FAULT_INJECTION: forcing a failure. [ 233.933513][T12122] name failslab, interval 1, probability 0, space 0, times 0 [ 233.946428][T12122] CPU: 0 UID: 0 PID: 12122 Comm: syz.0.1906 Not tainted syzkaller #0 PREEMPT(full) [ 233.946458][T12122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 233.946471][T12122] Call Trace: [ 233.946480][T12122] [ 233.946488][T12122] dump_stack_lvl+0x189/0x250 [ 233.946519][T12122] ? __pfx____ratelimit+0x10/0x10 [ 233.946551][T12122] ? __pfx_dump_stack_lvl+0x10/0x10 [ 233.946576][T12122] ? __pfx__printk+0x10/0x10 [ 233.946606][T12122] ? netif_receive_skb_list_internal+0x4fd/0xcc0 [ 233.946633][T12122] ? netif_receive_skb_list_internal+0xa4f/0xcc0 [ 233.946665][T12122] should_fail_ex+0x414/0x560 [ 233.946694][T12122] should_failslab+0xa8/0x100 [ 233.946726][T12122] kmem_cache_alloc_bulk_noprof+0x77/0x790 [ 233.946757][T12122] ? lock_release+0x4b/0x3e0 [ 233.946790][T12122] ? pfn_valid+0x125/0x4d0 [ 233.946810][T12122] ? pfn_valid+0x125/0x4d0 [ 233.946831][T12122] bpf_test_run_xdp_live+0x15f1/0x1b10 [ 233.946870][T12122] ? bpf_test_run_xdp_live+0x38e/0x1b10 [ 233.946908][T12122] ? __pfx_bpf_test_run_xdp_live+0x10/0x10 [ 233.946940][T12122] ? bpf_dispatcher_xdp+0x800/0x1000 [ 233.946959][T12122] ? bpf_dispatcher_xdp+0x800/0x1000 [ 233.947003][T12122] ? __pfx_xdp_test_run_init_page+0x10/0x10 [ 233.947028][T12122] ? _copy_from_user+0x94/0xb0 [ 233.947053][T12122] ? bpf_test_init+0x133/0x170 [ 233.947081][T12122] ? xdp_convert_md_to_buff+0x5b/0x330 [ 233.947114][T12122] bpf_prog_test_run_xdp+0x713/0x1000 [ 233.947152][T12122] ? rcu_is_watching+0x15/0xb0 [ 233.947175][T12122] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 233.947211][T12122] ? __fget_files+0x2a/0x420 [ 233.947233][T12122] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 233.947278][T12122] bpf_prog_test_run+0x2c7/0x340 [ 233.947311][T12122] __sys_bpf+0x581/0x870 [ 233.947339][T12122] ? __pfx___sys_bpf+0x10/0x10 [ 233.947374][T12122] ? ksys_write+0x22a/0x250 [ 233.947409][T12122] ? __pfx_ksys_write+0x10/0x10 [ 233.947434][T12122] ? rcu_is_watching+0x15/0xb0 [ 233.947456][T12122] __x64_sys_bpf+0x7c/0x90 [ 233.947481][T12122] do_syscall_64+0xfa/0x3b0 [ 233.947501][T12122] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 233.947522][T12122] ? clear_bhb_loop+0x60/0xb0 [ 233.947546][T12122] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 233.947565][T12122] RIP: 0033:0x7f3435d8ebe9 [ 233.947585][T12122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 233.947604][T12122] RSP: 002b:00007f3436cda038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 233.947627][T12122] RAX: ffffffffffffffda RBX: 00007f3435fb5fa0 RCX: 00007f3435d8ebe9 [ 233.947643][T12122] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a [ 233.947656][T12122] RBP: 00007f3436cda090 R08: 0000000000000000 R09: 0000000000000000 [ 233.947669][T12122] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 233.947681][T12122] R13: 00007f3435fb6038 R14: 00007f3435fb5fa0 R15: 00007ffcce0c6f18 [ 233.947707][T12122] [ 234.290821][T12126] RDS: rds_bind could not find a transport for 100:806:aaaa:aaaa:aaaa::, load rds_tcp or rds_rdma? [ 234.359846][T12130] vti0: entered promiscuous mode [ 234.381896][T12130] vti0: entered allmulticast mode [ 234.873627][T12174] openvswitch: netlink: IP tunnel dst address not specified [ 235.446150][T12195] __nla_validate_parse: 8 callbacks suppressed [ 235.446172][T12195] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1927'. [ 235.657278][T12202] FAULT_INJECTION: forcing a failure. [ 235.657278][T12202] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 235.673351][T12202] CPU: 0 UID: 0 PID: 12202 Comm: syz.4.1929 Not tainted syzkaller #0 PREEMPT(full) [ 235.673381][T12202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 235.673394][T12202] Call Trace: [ 235.673401][T12202] [ 235.673409][T12202] dump_stack_lvl+0x189/0x250 [ 235.673439][T12202] ? __pfx____ratelimit+0x10/0x10 [ 235.673469][T12202] ? __pfx_dump_stack_lvl+0x10/0x10 [ 235.673495][T12202] ? __pfx__printk+0x10/0x10 [ 235.673521][T12202] ? __might_fault+0xb0/0x130 [ 235.673556][T12202] ? rcu_is_watching+0x15/0xb0 [ 235.673578][T12202] should_fail_ex+0x414/0x560 [ 235.673610][T12202] _copy_from_user+0x2d/0xb0 [ 235.673634][T12202] __sys_bpf+0x1ed/0x870 [ 235.673661][T12202] ? __pfx___sys_bpf+0x10/0x10 [ 235.673693][T12202] ? ksys_write+0x22a/0x250 [ 235.673719][T12202] ? __pfx_ksys_write+0x10/0x10 [ 235.673748][T12202] __x64_sys_bpf+0x7c/0x90 [ 235.673770][T12202] do_syscall_64+0xfa/0x3b0 [ 235.673788][T12202] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 235.673807][T12202] ? clear_bhb_loop+0x60/0xb0 [ 235.673829][T12202] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 235.673852][T12202] RIP: 0033:0x7f3c43d8ebe9 [ 235.673871][T12202] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 235.673889][T12202] RSP: 002b:00007f3c44b6a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 235.673912][T12202] RAX: ffffffffffffffda RBX: 00007f3c43fb5fa0 RCX: 00007f3c43d8ebe9 [ 235.673927][T12202] RDX: 0000000000000094 RSI: 0000200000000100 RDI: 0000000000000005 [ 235.673941][T12202] RBP: 00007f3c44b6a090 R08: 0000000000000000 R09: 0000000000000000 [ 235.673954][T12202] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 235.673966][T12202] R13: 00007f3c43fb6038 R14: 00007f3c43fb5fa0 R15: 00007ffc32a92578 [ 235.673991][T12202] [ 236.049486][T12221] netlink: 'syz.3.1937': attribute type 13 has an invalid length. [ 236.070779][T12221] netlink: 'syz.3.1937': attribute type 17 has an invalid length. [ 236.385588][T12236] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1939'. [ 236.428777][T12236] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1939'. [ 236.604548][T12241] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1940'. [ 236.666745][T12241] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1940'. [ 236.711369][T12244] netlink: 'syz.0.1939': attribute type 10 has an invalid length. [ 236.729624][T12244] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1939'. [ 236.838278][T12241] netlink: 'syz.2.1940': attribute type 10 has an invalid length. [ 236.846270][T12241] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1940'. [ 236.870121][ T8160] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 236.896090][ T8160] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 236.927500][ T8160] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 236.936034][ T8160] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 237.379729][T12268] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1950'. [ 237.420755][T12264] syzkaller0: entered promiscuous mode [ 237.429384][T12264] syzkaller0: entered allmulticast mode [ 237.737166][T12283] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1955'. [ 237.746932][T12283] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1955'. [ 238.434786][T12290] syzkaller1: entered promiscuous mode [ 238.468353][T12290] syzkaller1: entered allmulticast mode [ 238.815405][T12350] tipc: Enabled bearer , priority 0 [ 238.828280][T12350] syzkaller0: entered promiscuous mode [ 238.834622][T12350] syzkaller0: entered allmulticast mode [ 238.855006][T12350] tipc: Resetting bearer [ 238.903899][T12345] tipc: Resetting bearer [ 238.939094][T12345] tipc: Disabling bearer [ 239.494620][T12382] netlink: 'syz.0.1987': attribute type 10 has an invalid length. [ 240.888967][T12407] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 241.110493][T12423] nbd: must specify at least one socket [ 241.251596][T12436] netlink: 'syz.3.2008': attribute type 11 has an invalid length. [ 241.272968][T12436] __nla_validate_parse: 9 callbacks suppressed [ 241.272989][T12436] netlink: 140 bytes leftover after parsing attributes in process `syz.3.2008'. [ 241.949501][T12475] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2015'. [ 241.976782][T12475] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2015'. [ 241.995326][T12475] bond4: left promiscuous mode [ 242.008882][T12475] netlink: 'syz.1.2015': attribute type 10 has an invalid length. [ 242.016995][T12480] netlink: 'syz.2.2016': attribute type 10 has an invalid length. [ 242.033955][T12475] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2015'. [ 242.080995][T12480] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2016'. [ 242.135616][T12480] bond3: left allmulticast mode [ 242.142171][T12480] bond3: left promiscuous mode [ 242.148186][T12480] bridge0: port 2(bond3) entered disabled state [ 242.156884][T12480] bond2: left promiscuous mode [ 242.174420][T12480] bond2: left allmulticast mode [ 242.185639][T12480] bridge0: port 1(bond2) entered disabled state [ 242.207623][T12464] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2011'. [ 242.269579][T12484] netlink: 'syz.0.2011': attribute type 13 has an invalid length. [ 242.279372][T12484] netlink: 'syz.0.2011': attribute type 17 has an invalid length. [ 242.319351][T12487] macsec1: entered promiscuous mode [ 242.330287][T12487] macsec1: entered allmulticast mode [ 242.417679][T12484] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 242.647294][T12516] netlink: 'syz.3.2026': attribute type 2 has an invalid length. [ 242.670216][T12516] netlink: 164 bytes leftover after parsing attributes in process `syz.3.2026'. [ 242.937360][T12533] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2029'. [ 242.961989][T12533] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2029'. [ 242.987357][T12528] netlink: 'syz.3.2029': attribute type 10 has an invalid length. [ 242.995559][T12528] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2029'. [ 243.099277][T12538] netlink: 'syz.0.2032': attribute type 9 has an invalid length. [ 243.116272][T12540] netlink: 'syz.0.2032': attribute type 9 has an invalid length. [ 243.246982][T12546] netlink: 'syz.0.2035': attribute type 6 has an invalid length. [ 243.547625][T12568] smc: net device bond0 applied user defined pnetid SYZ2 [ 243.607756][T12569] smc: net device bond0 erased user defined pnetid SYZ2 [ 245.060922][T12614] macvlan3: entered promiscuous mode [ 245.089798][T12614] macvlan3: entered allmulticast mode [ 245.097092][T12614] bond4: (slave macvlan3): Opening slave failed [ 245.278849][T12636] sctp: [Deprecated]: syz.0.2064 (pid 12636) Use of int in max_burst socket option deprecated. [ 245.278849][T12636] Use struct sctp_assoc_value instead [ 245.443873][T12645] tipc: Disabling bearer [ 246.386362][T12713] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 246.474549][T12716] __nla_validate_parse: 22 callbacks suppressed [ 246.474573][T12716] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2091'. [ 246.655328][T12730] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2098'. [ 246.672493][T12730] veth0_to_bond: entered allmulticast mode [ 246.695189][T12730] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2098'. [ 246.846910][T12741] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2103'. [ 247.060919][T12764] validate_nla: 5 callbacks suppressed [ 247.060941][T12764] netlink: 'syz.0.2107': attribute type 2 has an invalid length. [ 247.135199][T12768] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2111'. [ 247.136988][T12769] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2107'. [ 247.155166][T12764] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2107'. [ 247.221489][T12771] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2112'. [ 247.272791][T12774] tipc: Enabling of bearer rejected, failed to enable media [ 247.292830][T12774] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2113'. [ 247.308632][T12774] bond0: entered promiscuous mode [ 247.316149][T12774] bond0: left promiscuous mode [ 247.393310][T12784] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2114'. [ 247.406603][T12784] netlink: 'syz.2.2114': attribute type 10 has an invalid length. [ 261.189896][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 287.019644][T12837] !: renamed from dummy0 [ 287.026950][T12832] __nla_validate_parse: 3 callbacks suppressed [ 287.026969][T12832] netlink: 176 bytes leftover after parsing attributes in process `syz.1.2131'. [ 287.043272][T12832] netlink: 176 bytes leftover after parsing attributes in process `syz.1.2131'. [ 287.240964][T12850] netlink: 14212 bytes leftover after parsing attributes in process `syz.1.2135'. [ 287.671259][T12865] netlink: 'syz.2.2138': attribute type 4 has an invalid length. [ 287.773904][T12868] veth4: entered allmulticast mode [ 288.259998][T12877] netlink: zone id is out of range [ 288.381563][T12885] netlink: del zone limit has 4 unknown bytes [ 288.441319][T12877] netlink: set zone limit has 4 unknown bytes [ 288.622941][T12891] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2143'. [ 288.633108][T12891] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2143'. [ 288.650796][T12891] netlink: 'syz.0.2143': attribute type 10 has an invalid length. [ 288.658901][T12891] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2143'. [ 288.726453][T12902] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 288.861307][T12907] batadv0: entered promiscuous mode [ 289.062500][T12913] tipc: Enabled bearer , priority 0 [ 289.071424][T12913] syzkaller0: entered promiscuous mode [ 289.078700][T12913] syzkaller0: entered allmulticast mode [ 289.106762][T12913] tipc: Resetting bearer [ 289.139712][T12913] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2151'. [ 289.223955][T12912] tipc: Resetting bearer [ 289.232441][T12912] tipc: Disabling bearer [ 289.292510][T12917] sctp: [Deprecated]: syz.3.2152 (pid 12917) Use of struct sctp_assoc_value in delayed_ack socket option. [ 289.292510][T12917] Use struct sctp_sack_info instead [ 289.519043][T12927] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes. [ 289.676486][T12929] tipc: Enabled bearer , priority 0 [ 289.710197][T12929] syzkaller0: entered promiscuous mode [ 289.736656][T12929] syzkaller0: entered allmulticast mode [ 289.813780][T12938] sch_fq: defrate 257 ignored. [ 289.820413][T12938] tipc: Resetting bearer [ 289.835349][T12925] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2154'. [ 290.197197][T12959] netlink: 80 bytes leftover after parsing attributes in process `syz.1.2165'. [ 290.461231][T12972] macvlan2: entered allmulticast mode [ 290.466882][T12972] veth1_vlan: entered allmulticast mode [ 290.476843][T12972] veth1_vlan: left allmulticast mode [ 290.491594][T12928] tipc: Resetting bearer [ 290.498738][T12928] tipc: Disabling bearer [ 290.679245][T12983] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2171'. [ 291.012617][T13009] can: request_module (can-proto-3) failed. [ 292.069244][T13047] __nla_validate_parse: 2 callbacks suppressed [ 292.069265][T13047] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2191'. [ 292.100916][T13047] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2191'. [ 292.265444][T13057] IPv4: Oversized IP packet from 127.202.26.0 [ 292.320292][T13055] tipc: New replicast peer: 255.255.255.255 [ 292.345462][T13055] tipc: Enabled bearer , priority 10 [ 292.374007][T13061] tc_dump_action: action bad kind [ 292.515803][T13069] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2198'. [ 292.550739][T13047] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2191'. [ 292.724534][T13073] netlink: 'syz.1.2201': attribute type 1 has an invalid length. [ 292.809645][T13073] bond6: entered promiscuous mode [ 292.840367][T13073] 8021q: adding VLAN 0 to HW filter on device bond6 [ 292.936765][T13082] netlink: 'syz.0.2203': attribute type 13 has an invalid length. [ 292.938547][T13078] bond6: (slave bridge1): making interface the new active one [ 292.946117][T13083] netlink: 'syz.0.2203': attribute type 13 has an invalid length. [ 292.987159][T13078] bridge1: entered promiscuous mode [ 293.002377][T13078] bond6: (slave bridge1): Enslaving as an active interface with an up link [ 293.043430][T13082] gretap0: refused to change device tx_queue_len [ 293.056043][T13082] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 293.072437][T13083] gretap0: refused to change device tx_queue_len [ 293.078964][T13083] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 293.124386][T13093] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2205'. [ 293.134304][T13093] netlink: 'syz.1.2205': attribute type 6 has an invalid length. [ 293.172549][T13093] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2205'. [ 293.457858][ T5990] tipc: Node number set to 754974721 [ 293.585893][T13102] tipc: Enabling of bearer rejected, failed to enable media [ 293.659323][T13115] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2212'. [ 293.735344][T13117] syzkaller0: entered promiscuous mode [ 293.741375][T13117] syzkaller0: entered allmulticast mode [ 293.954421][T13129] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2217'. [ 293.984939][T13131] netlink: 'syz.3.2219': attribute type 21 has an invalid length. [ 294.007930][T13131] netlink: 'syz.3.2219': attribute type 21 has an invalid length. [ 294.016132][T13129] dvmrp1: entered allmulticast mode [ 294.049381][T13129] dvmrp1: left allmulticast mode [ 294.294455][T13154] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2227'. [ 294.333782][T13162] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2229'. [ 294.378233][T13154] bond7: entered promiscuous mode [ 294.383621][T13154] bond7: entered allmulticast mode [ 294.389901][T13154] 8021q: adding VLAN 0 to HW filter on device bond7 [ 295.328204][T13203] sctp: [Deprecated]: syz.1.2240 (pid 13203) Use of struct sctp_assoc_value in delayed_ack socket option. [ 295.328204][T13203] Use struct sctp_sack_info instead [ 295.714658][T13228] team0: entered promiscuous mode [ 295.747927][T13228] geneve0: entered promiscuous mode [ 295.957260][T13241] 8021q: adding VLAN 0 to HW filter on device bond5 [ 295.966590][T13241] bridge0: port 1(bond5) entered blocking state [ 295.973806][T13241] bridge0: port 1(bond5) entered disabled state [ 295.984170][T13241] bond5: entered allmulticast mode [ 295.991425][T13241] bond5: entered promiscuous mode [ 295.993449][T13249] netlink: 'syz.2.2254': attribute type 10 has an invalid length. [ 296.017135][T13249] team0: left promiscuous mode [ 296.022388][T13249] geneve0: left promiscuous mode [ 296.029725][T13249] 8021q: adding VLAN 0 to HW filter on device team0 [ 296.152088][T13264] netlink: 'syz.0.2256': attribute type 1 has an invalid length. [ 296.187653][T13264] bond4: entered promiscuous mode [ 296.193369][T13264] 8021q: adding VLAN 0 to HW filter on device bond4 [ 296.310415][T13245] veth0_virt_wifi: renamed from veth0_macvtap [ 296.352909][T13264] bond4: (slave bridge2): making interface the new active one [ 296.360682][T13264] bridge2: entered promiscuous mode [ 296.367100][T13264] bond4: (slave bridge2): Enslaving as an active interface with an up link [ 296.486928][T13281] netlink: 'syz.0.2262': attribute type 3 has an invalid length. [ 296.660736][T13289] netlink: 'syz.4.2264': attribute type 28 has an invalid length. [ 296.782352][T13290] nbd4: detected capacity change from 0 to 63 [ 296.823922][T13295] 8021q: adding VLAN 0 to HW filter on device bond8 [ 296.835987][T13295] bridge0: port 2(bond8) entered blocking state [ 296.855437][T13295] bridge0: port 2(bond8) entered disabled state [ 296.872619][T13295] bond8: entered allmulticast mode [ 296.881759][ T5867] block nbd4: Receive control failed (result -104) [ 296.906065][T13295] bond8: entered promiscuous mode [ 296.915971][T13295] bond4: entered promiscuous mode [ 296.924433][T13295] bridge0: port 2(bond8) entered blocking state [ 296.930846][T13295] bridge0: port 2(bond8) entered forwarding state [ 296.951974][ T7757] bridge0: port 2(bond8) entered disabled state [ 297.245899][T13314] __nla_validate_parse: 13 callbacks suppressed [ 297.245922][T13314] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2269'. [ 297.373756][T13319] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2270'. [ 298.344497][T13350] openvswitch: netlink: Tunnel attr 227 out of range max 16 [ 298.842664][T13379] netlink: 168 bytes leftover after parsing attributes in process `syz.1.2293'. [ 299.220164][T13409] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2306'. [ 299.846988][T13470] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2336'. [ 299.895576][T13472] openvswitch: netlink: IP tunnel dst address not specified [ 299.972576][T13481] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2338'. [ 300.136409][T13493] sctp: [Deprecated]: syz.0.2347 (pid 13493) Use of int in max_burst socket option deprecated. [ 300.136409][T13493] Use struct sctp_assoc_value instead [ 300.166447][T13495] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2346'. [ 300.237976][T13501] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2350'. [ 300.316437][T13501] netlink: 'syz.3.2350': attribute type 10 has an invalid length. [ 300.560219][T13528] openvswitch: netlink: Flow actions attr not present in new flow. [ 300.844245][T13560] netlink: 'syz.3.2377': attribute type 1 has an invalid length. [ 300.880876][T13560] bond6: entered promiscuous mode [ 300.886412][T13560] 8021q: adding VLAN 0 to HW filter on device bond6 [ 300.921794][T13560] 8021q: adding VLAN 0 to HW filter on device bond6 [ 300.941560][T13560] bond6: (slave wireguard0): The slave device specified does not support setting the MAC address [ 300.945966][T13571] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2381'. [ 300.954674][T13560] bond6: (slave wireguard0): Setting fail_over_mac to active for active-backup mode [ 300.974732][T13560] bond6: (slave wireguard0): making interface the new active one [ 300.982732][T13560] wireguard0: entered promiscuous mode [ 300.990082][T13560] bond6: (slave wireguard0): Enslaving as an active interface with an up link [ 301.006891][T13571] : entered promiscuous mode [ 301.021355][T13571] : left promiscuous mode [ 301.305648][T13593] pim6reg1: entered promiscuous mode [ 301.318864][T13593] pim6reg1: entered allmulticast mode [ 301.766869][T13628] netlink: 'syz.2.2408': attribute type 2 has an invalid length. [ 302.355240][T13690] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2439'. [ 302.771811][T13726] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2456'. [ 303.069238][ T30] audit: type=1800 audit(1755895350.626:8): pid=13712 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2449" name="cgroup.controllers" dev="tmpfs" ino=2426 res=0 errno=0 [ 303.299508][T13769] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 303.514873][T13788] netlink: 'syz.0.2483': attribute type 10 has an invalid length. [ 303.522240][T13791] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2484'. [ 303.532752][T13791] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2484'. [ 303.585931][T13791] bond4: entered promiscuous mode [ 303.611461][T13791] bond4: entered allmulticast mode [ 303.626951][T13791] 8021q: adding VLAN 0 to HW filter on device bond4 [ 303.662865][T13802] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2485'. [ 304.094538][T13801] netlink: 'syz.0.2487': attribute type 6 has an invalid length. [ 304.166377][T13812] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2488'. [ 304.222777][T13814] netlink: 'syz.3.2488': attribute type 10 has an invalid length. [ 304.230986][T13814] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2488'. [ 304.241759][T13812] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2488'. [ 304.382773][T13818] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2489'. [ 304.393850][T13818] openvswitch: netlink: Unknown nsh attribute 0 [ 304.400960][T13818] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 304.415177][T13818] smc: adding net device syzkaller0 with user defined pnetid SYZ1 [ 304.493667][T13817] smc: removing net device syzkaller0 with user defined pnetid SYZ1 [ 304.723042][T13843] smc: adding net device syzkaller0 with user defined pnetid SYZ1 [ 305.103289][T13843] tipc: Enabled bearer , priority 0 [ 305.120126][T13843] syzkaller0: entered promiscuous mode [ 305.131607][T13843] syzkaller0: entered allmulticast mode [ 305.176750][T13843] tipc: Resetting bearer [ 305.426425][T13869] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2512'. [ 305.440102][T13869] openvswitch: netlink: Flow actions attr not present in new flow. [ 305.459622][T13841] tipc: Resetting bearer [ 305.472485][T13841] tipc: Disabling bearer [ 305.500436][T13841] smc: removing net device syzkaller0 with user defined pnetid SYZ1 [ 305.724315][T13887] FAULT_INJECTION: forcing a failure. [ 305.724315][T13887] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 305.747914][T13887] CPU: 1 UID: 0 PID: 13887 Comm: syz.3.2520 Not tainted syzkaller #0 PREEMPT(full) [ 305.747948][T13887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 305.747977][T13887] Call Trace: [ 305.747985][T13887] [ 305.747995][T13887] dump_stack_lvl+0x189/0x250 [ 305.748025][T13887] ? __pfx____ratelimit+0x10/0x10 [ 305.748061][T13887] ? __pfx_dump_stack_lvl+0x10/0x10 [ 305.748087][T13887] ? __pfx__printk+0x10/0x10 [ 305.748114][T13887] ? __might_fault+0xb0/0x130 [ 305.748145][T13887] ? rcu_is_watching+0x15/0xb0 [ 305.748167][T13887] ? 0xffffffffff600000 [ 305.748184][T13887] ? rcu_is_watching+0x15/0xb0 [ 305.748206][T13887] should_fail_ex+0x414/0x560 [ 305.748236][T13887] ? 0xffffffffff600000 [ 305.748252][T13887] _copy_from_user+0x2d/0xb0 [ 305.748277][T13887] vsock_connectible_setsockopt+0x5be/0x7b0 [ 305.748310][T13887] ? 0xffffffffff600000 [ 305.748326][T13887] ? __pfx_vsock_connectible_setsockopt+0x10/0x10 [ 305.748358][T13887] ? lock_release+0x4b/0x3e0 [ 305.748389][T13887] ? aa_sock_opt_perm+0xff/0x1b0 [ 305.748410][T13887] ? 0xffffffffff600000 [ 305.748425][T13887] ? bpf_lsm_socket_setsockopt+0x9/0x20 [ 305.748448][T13887] ? __pfx_vsock_connectible_setsockopt+0x10/0x10 [ 305.748482][T13887] ? 0xffffffffff600000 [ 305.748497][T13887] do_sock_setsockopt+0x179/0x1b0 [ 305.748521][T13887] __x64_sys_setsockopt+0x13f/0x1b0 [ 305.748542][T13887] ? 0xffffffffff600000 [ 305.748560][T13887] do_syscall_64+0xfa/0x3b0 [ 305.748580][T13887] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 305.748601][T13887] ? clear_bhb_loop+0x60/0xb0 [ 305.748625][T13887] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 305.748646][T13887] RIP: 0033:0x7f6d3318ebe9 [ 305.748664][T13887] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 305.748683][T13887] RSP: 002b:00007f6d33fc3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 305.748707][T13887] RAX: ffffffffffffffda RBX: 00007f6d333b5fa0 RCX: 00007f6d3318ebe9 [ 305.748723][T13887] RDX: 0000000000000000 RSI: 0000000000000028 RDI: 0000000000000003 [ 305.748736][T13887] RBP: 00007f6d33fc3090 R08: 0000000000000600 R09: 0000000000000000 [ 305.748750][T13887] R10: ffffffffff600000 R11: 0000000000000246 R12: 0000000000000001 [ 305.748764][T13887] R13: 00007f6d333b6038 R14: 00007f6d333b5fa0 R15: 00007ffef269e788 [ 305.748783][T13887] ? 0xffffffffff600000 [ 305.748804][T13887] [ 306.239895][T13913] smc: adding net device syzkaller0 with user defined pnetid SYZ1 [ 306.255678][T13912] smc: removing net device syzkaller0 with user defined pnetid SYZ1 [ 306.294824][T13917] tipc: Enabled bearer , priority 10 [ 307.372462][T13970] __nla_validate_parse: 4 callbacks suppressed [ 307.372484][T13970] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2551'. [ 307.423789][ T1210] tipc: Node number set to 2933300342 [ 307.965734][T13994] FAULT_INJECTION: forcing a failure. [ 307.965734][T13994] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 307.979369][T13994] CPU: 0 UID: 0 PID: 13994 Comm: syz.2.2562 Not tainted syzkaller #0 PREEMPT(full) [ 307.979400][T13994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 307.979413][T13994] Call Trace: [ 307.979421][T13994] [ 307.979430][T13994] dump_stack_lvl+0x189/0x250 [ 307.979460][T13994] ? __pfx____ratelimit+0x10/0x10 [ 307.979491][T13994] ? __pfx_dump_stack_lvl+0x10/0x10 [ 307.979515][T13994] ? __pfx__printk+0x10/0x10 [ 307.979548][T13994] ? rcu_is_watching+0x15/0xb0 [ 307.979578][T13994] should_fail_ex+0x414/0x560 [ 307.979608][T13994] _copy_to_user+0x31/0xb0 [ 307.979633][T13994] simple_read_from_buffer+0xe1/0x170 [ 307.979666][T13994] proc_fail_nth_read+0x1b3/0x220 [ 307.979691][T13994] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 307.979716][T13994] ? rw_verify_area+0x2a6/0x4d0 [ 307.979742][T13994] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 307.979765][T13994] vfs_read+0x1fd/0xa30 [ 307.979790][T13994] ? __pfx_aa_sk_perm+0x10/0x10 [ 307.979822][T13994] ? lock_release+0x4b/0x3e0 [ 307.979853][T13994] ? __pfx_vfs_read+0x10/0x10 [ 307.979883][T13994] ? __sys_bind+0x2e9/0x3e0 [ 307.979913][T13994] ? __pfx___sys_bind+0x10/0x10 [ 307.979947][T13994] ksys_read+0x145/0x250 [ 307.979975][T13994] ? __pfx_ksys_read+0x10/0x10 [ 307.980000][T13994] ? rcu_is_watching+0x15/0xb0 [ 307.980022][T13994] ? rcu_is_watching+0x15/0xb0 [ 307.980044][T13994] do_syscall_64+0xfa/0x3b0 [ 307.980063][T13994] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 307.980084][T13994] ? clear_bhb_loop+0x60/0xb0 [ 307.980107][T13994] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 307.980128][T13994] RIP: 0033:0x7fe72b18d5fc [ 307.980146][T13994] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 307.980165][T13994] RSP: 002b:00007fe72c037030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 307.980188][T13994] RAX: ffffffffffffffda RBX: 00007fe72b3b5fa0 RCX: 00007fe72b18d5fc [ 307.980203][T13994] RDX: 000000000000000f RSI: 00007fe72c0370a0 RDI: 0000000000000004 [ 307.980217][T13994] RBP: 00007fe72c037090 R08: 0000000000000000 R09: 0000000000000000 [ 307.980230][T13994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 307.980242][T13994] R13: 00007fe72b3b6038 R14: 00007fe72b3b5fa0 R15: 00007ffcef82bea8 [ 307.980268][T13994] [ 308.242715][T13995] tc_dump_action: action bad kind [ 308.291845][T13999] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2564'. [ 308.514536][T14017] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2572'. [ 308.527148][T14017] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2572'. [ 308.600002][T14021] FAULT_INJECTION: forcing a failure. [ 308.600002][T14021] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 308.613419][T14021] CPU: 1 UID: 0 PID: 14021 Comm: syz.3.2575 Not tainted syzkaller #0 PREEMPT(full) [ 308.613449][T14021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 308.613463][T14021] Call Trace: [ 308.613470][T14021] [ 308.613480][T14021] dump_stack_lvl+0x189/0x250 [ 308.613511][T14021] ? __pfx____ratelimit+0x10/0x10 [ 308.613543][T14021] ? __pfx_dump_stack_lvl+0x10/0x10 [ 308.613568][T14021] ? __pfx__printk+0x10/0x10 [ 308.613600][T14021] ? rcu_is_watching+0x15/0xb0 [ 308.613624][T14021] should_fail_ex+0x414/0x560 [ 308.613654][T14021] _copy_to_user+0x31/0xb0 [ 308.613680][T14021] simple_read_from_buffer+0xe1/0x170 [ 308.613714][T14021] proc_fail_nth_read+0x1b3/0x220 [ 308.613740][T14021] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 308.613773][T14021] ? rw_verify_area+0x2a6/0x4d0 [ 308.613799][T14021] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 308.613823][T14021] vfs_read+0x1fd/0xa30 [ 308.613848][T14021] ? fdget_pos+0x247/0x320 [ 308.613869][T14021] ? __pfx___mutex_lock+0x10/0x10 [ 308.613889][T14021] ? __pfx_vfs_read+0x10/0x10 [ 308.613920][T14021] ? __fget_files+0x3a0/0x420 [ 308.613937][T14021] ? __fget_files+0x2a/0x420 [ 308.613960][T14021] ksys_read+0x145/0x250 [ 308.613988][T14021] ? __pfx_ksys_read+0x10/0x10 [ 308.614019][T14021] ? rcu_is_watching+0x15/0xb0 [ 308.614041][T14021] do_syscall_64+0xfa/0x3b0 [ 308.614060][T14021] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 308.614081][T14021] ? clear_bhb_loop+0x60/0xb0 [ 308.614105][T14021] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 308.614126][T14021] RIP: 0033:0x7f6d3318d5fc [ 308.614143][T14021] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 308.614162][T14021] RSP: 002b:00007f6d33fc3030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 308.614186][T14021] RAX: ffffffffffffffda RBX: 00007f6d333b5fa0 RCX: 00007f6d3318d5fc [ 308.614202][T14021] RDX: 000000000000000f RSI: 00007f6d33fc30a0 RDI: 0000000000000003 [ 308.614216][T14021] RBP: 00007f6d33fc3090 R08: 0000000000000000 R09: 0000000000000000 [ 308.614229][T14021] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 308.614242][T14021] R13: 00007f6d333b6038 R14: 00007f6d333b5fa0 R15: 00007ffef269e788 [ 308.614267][T14021] [ 308.891541][T14028] smc: adding net device syzkaller0 with user defined pnetid SYZ1 [ 308.904876][T14031] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2580'. [ 308.972184][T14027] smc: removing net device syzkaller0 with user defined pnetid SYZ1 [ 309.159289][T14057] tipc: Enabling of bearer rejected, failed to enable media [ 309.351470][T14067] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2596'. [ 309.396935][T14069] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2597'. [ 309.485169][T14073] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2599'. [ 309.494413][T14073] openvswitch: netlink: Missing key (keys=40, expected=80) [ 309.763530][T14085] netlink: 'syz.1.2605': attribute type 10 has an invalid length. [ 309.841446][T14088] netlink: 'syz.3.2606': attribute type 8 has an invalid length. [ 309.886227][T14088] tipc: Enabling of bearer rejected, failed to enable media [ 310.039681][T14098] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2609'. [ 310.195141][T14108] netlink: 'syz.1.2612': attribute type 1 has an invalid length. [ 310.242832][T14108] bond9: entered promiscuous mode [ 310.251326][T14108] 8021q: adding VLAN 0 to HW filter on device bond9 [ 310.276693][T14113] 8021q: adding VLAN 0 to HW filter on device bond9 [ 310.285892][T14113] bond9: (slave vxcan3): The slave device specified does not support setting the MAC address [ 310.297723][T14113] bond9: (slave vxcan3): Setting fail_over_mac to active for active-backup mode [ 310.312490][T14113] bond9: (slave vxcan3): making interface the new active one [ 310.320783][T14113] vxcan3: entered promiscuous mode [ 310.327140][T14113] bond9: (slave vxcan3): Enslaving as an active interface with an up link [ 310.449892][T14117] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2616'. [ 310.589327][T14119] 8021q: adding VLAN 0 to HW filter on device bond5 [ 310.645637][T14119] bridge0: port 1(bond5) entered blocking state [ 310.652323][T14119] bridge0: port 1(bond5) entered disabled state [ 310.659000][T14119] bond5: entered allmulticast mode [ 310.666802][T14119] bridge0: port 1(bond5) entered blocking state [ 310.673323][T14119] bridge0: port 1(bond5) entered forwarding state [ 310.682834][T14120] netlink: 'syz.3.2616': attribute type 6 has an invalid length. [ 310.706420][ T8160] bridge0: port 1(bond5) entered disabled state [ 311.725161][T14201] netlink: 'syz.2.2651': attribute type 13 has an invalid length. [ 311.783825][T14205] smc: adding net device syzkaller0 with user defined pnetid SYZ1 [ 311.800591][T14204] smc: removing net device syzkaller0 with user defined pnetid SYZ1 [ 311.828042][T14209] bridge4: entered promiscuous mode [ 311.839433][T14210] bridge5: entered promiscuous mode [ 312.053536][T14229] tipc: Enabling of bearer rejected, failed to enable media [ 312.180338][T14237] 8021q: adding VLAN 0 to HW filter on device bond5 [ 312.220211][T14237] bond5 (unregistering): Released all slaves [ 312.384314][T14251] ip6tnl1: entered promiscuous mode [ 312.398923][T14251] ip6tnl1: entered allmulticast mode [ 312.406040][T14251] team0: Device ip6tnl1 is up. Set it down before adding it as a team port [ 312.555813][T14267] __nla_validate_parse: 4 callbacks suppressed [ 312.555838][T14267] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2674'. [ 312.629423][T14272] netlink: 'syz.2.2674': attribute type 10 has an invalid length. [ 313.197768][T14293] FAULT_INJECTION: forcing a failure. [ 313.197768][T14293] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 313.251782][T14293] CPU: 1 UID: 0 PID: 14293 Comm: syz.2.2681 Not tainted syzkaller #0 PREEMPT(full) [ 313.251813][T14293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 313.251826][T14293] Call Trace: [ 313.251833][T14293] [ 313.251842][T14293] dump_stack_lvl+0x189/0x250 [ 313.251871][T14293] ? __pfx____ratelimit+0x10/0x10 [ 313.251901][T14293] ? __pfx_dump_stack_lvl+0x10/0x10 [ 313.251926][T14293] ? __pfx__printk+0x10/0x10 [ 313.251953][T14293] ? __might_fault+0xb0/0x130 [ 313.251987][T14293] ? rcu_is_watching+0x15/0xb0 [ 313.252015][T14293] should_fail_ex+0x414/0x560 [ 313.252046][T14293] _copy_from_user+0x2d/0xb0 [ 313.252070][T14293] __sys_bpf+0x1ed/0x870 [ 313.252099][T14293] ? __pfx___sys_bpf+0x10/0x10 [ 313.252134][T14293] ? ksys_write+0x22a/0x250 [ 313.252177][T14293] ? __pfx_ksys_write+0x10/0x10 [ 313.252210][T14293] ? rcu_is_watching+0x15/0xb0 [ 313.252235][T14293] __x64_sys_bpf+0x7c/0x90 [ 313.252260][T14293] do_syscall_64+0xfa/0x3b0 [ 313.252279][T14293] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 313.252300][T14293] ? clear_bhb_loop+0x60/0xb0 [ 313.252324][T14293] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 313.252344][T14293] RIP: 0033:0x7fe72b18ebe9 [ 313.252363][T14293] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 313.252382][T14293] RSP: 002b:00007fe72c037038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 313.252404][T14293] RAX: ffffffffffffffda RBX: 00007fe72b3b5fa0 RCX: 00007fe72b18ebe9 [ 313.252420][T14293] RDX: 0000000000000094 RSI: 0000200000000200 RDI: 0000000000000005 [ 313.252433][T14293] RBP: 00007fe72c037090 R08: 0000000000000000 R09: 0000000000000000 [ 313.252446][T14293] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 313.252458][T14293] R13: 00007fe72b3b6038 R14: 00007fe72b3b5fa0 R15: 00007ffcef82bea8 [ 313.252484][T14293] [ 314.179640][T14348] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2700'. [ 314.701372][T14383] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2712'. [ 314.720593][T14383] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2712'. [ 315.020619][T14401] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2718'. [ 315.330846][T14424] FAULT_INJECTION: forcing a failure. [ 315.330846][T14424] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 315.369212][T14424] CPU: 0 UID: 0 PID: 14424 Comm: syz.1.2727 Not tainted syzkaller #0 PREEMPT(full) [ 315.369244][T14424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 315.369258][T14424] Call Trace: [ 315.369265][T14424] [ 315.369275][T14424] dump_stack_lvl+0x189/0x250 [ 315.369305][T14424] ? __pfx____ratelimit+0x10/0x10 [ 315.369336][T14424] ? __pfx_dump_stack_lvl+0x10/0x10 [ 315.369361][T14424] ? __pfx__printk+0x10/0x10 [ 315.369395][T14424] ? __might_fault+0xb0/0x130 [ 315.369429][T14424] ? rcu_is_watching+0x15/0xb0 [ 315.369452][T14424] should_fail_ex+0x414/0x560 [ 315.369482][T14424] _copy_from_user+0x2d/0xb0 [ 315.369507][T14424] ___sys_sendmsg+0x158/0x2a0 [ 315.369532][T14424] ? __pfx____sys_sendmsg+0x10/0x10 [ 315.369576][T14424] ? __fget_files+0x2a/0x420 [ 315.369594][T14424] ? __fget_files+0x3a0/0x420 [ 315.369618][T14424] __x64_sys_sendmsg+0x19b/0x260 [ 315.369641][T14424] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 315.369669][T14424] ? __pfx_ksys_write+0x10/0x10 [ 315.369694][T14424] ? rcu_is_watching+0x15/0xb0 [ 315.369717][T14424] ? rcu_is_watching+0x15/0xb0 [ 315.369738][T14424] do_syscall_64+0xfa/0x3b0 [ 315.369758][T14424] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 315.369777][T14424] ? clear_bhb_loop+0x60/0xb0 [ 315.369801][T14424] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 315.369822][T14424] RIP: 0033:0x7f2e4b98ebe9 [ 315.369841][T14424] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 315.369860][T14424] RSP: 002b:00007f2e4c884038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 315.369882][T14424] RAX: ffffffffffffffda RBX: 00007f2e4bbb5fa0 RCX: 00007f2e4b98ebe9 [ 315.369898][T14424] RDX: 0000000000004000 RSI: 0000200000000400 RDI: 0000000000000003 [ 315.369911][T14424] RBP: 00007f2e4c884090 R08: 0000000000000000 R09: 0000000000000000 [ 315.369925][T14424] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 315.369937][T14424] R13: 00007f2e4bbb6038 R14: 00007f2e4bbb5fa0 R15: 00007ffca7b13988 [ 315.369963][T14424] [ 316.045276][ T51] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 316.055109][ T51] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 316.067675][ T51] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 316.075950][ T51] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 316.085594][ T51] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 316.123802][ T5867] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 316.133094][ T5867] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 316.141184][ T5867] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 316.150178][ T5867] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 316.158690][ T5867] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 316.254624][T14427] netlink: 'syz.0.2728': attribute type 13 has an invalid length. [ 316.271062][T14427] netlink: 'syz.0.2728': attribute type 17 has an invalid length. [ 316.300032][T14427] ------------[ cut here ]------------ [ 316.305599][T14427] WARNING: CPU: 0 PID: 14427 at net/ipv6/route.c:4857 rt6_multipath_rebalance+0x455/0x8b0 [ 316.315580][T14427] Modules linked in: [ 316.319537][T14427] CPU: 0 UID: 0 PID: 14427 Comm: syz.0.2728 Not tainted syzkaller #0 PREEMPT(full) [ 316.328965][T14427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 316.339087][T14427] RIP: 0010:rt6_multipath_rebalance+0x455/0x8b0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 316.345383][T14427] Code: ff ff 44 89 e1 80 e1 07 38 c1 0f 8c 85 fe ff ff 4c 89 e7 e8 fd 1f f2 f7 e9 78 fe ff ff e8 b3 b4 8e f7 eb 05 e8 ac b4 8e f7 90 <0f> 0b 90 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f 5d e9 85 c4 4b 01 [ 316.365064][T14427] RSP: 0018:ffffc9001cff6620 EFLAGS: 00010283 [ 316.371204][T14427] RAX: ffffffff8a30f67d RBX: dffffc0000000000 RCX: 0000000000080000 [ 316.379240][T14427] RDX: ffffc9000c78c000 RSI: 000000000003560f RDI: 0000000000035610 [ 316.387242][T14427] RBP: dffffc0000000000 R08: 0000000000000003 R09: 0000000000000004 [ 316.395280][T14427] R10: dffffc0000000000 R11: fffff520039fecbc R12: ffff8880576fbcde [ 316.403325][T14427] R13: ffff8880325cd490 R14: 0000000000000000 R15: 1ffff110064b9a92 [ 316.411354][T14427] FS: 00007f3436cb96c0(0000) GS:ffff888125c18000(0000) knlGS:0000000000000000 [ 316.420338][T14427] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 316.426955][T14427] CR2: 00005556732175e8 CR3: 00000000240d8000 CR4: 00000000003526f0 [ 316.435012][T14427] Call Trace: [ 316.438350][T14427] [ 316.441311][T14427] fib6_ifup+0x14a/0x180 [ 316.445596][T14427] ? __pfx_fib6_ifup+0x10/0x10 [ 316.450447][T14427] fib6_clean_node+0x24d/0x590 [ 316.455254][T14427] ? __pfx_fib6_clean_node+0x10/0x10 [ 316.460609][T14427] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 316.466549][T14427] ? rcu_is_watching+0x15/0xb0 [ 316.471392][T14427] fib6_walk_continue+0x678/0x910 [ 316.476466][T14427] fib6_walk+0x149/0x290 [ 316.480772][T14427] __fib6_clean_all+0x234/0x380 [ 316.485658][T14427] ? __fib6_clean_all+0x9b/0x380 [ 316.490651][T14427] ? __pfx_fib6_ifup+0x10/0x10 [ 316.495450][T14427] ? __pfx___fib6_clean_all+0x10/0x10 [ 316.500889][T14427] ? __pfx_fib6_clean_node+0x10/0x10 [ 316.506213][T14427] ? __pfx_fib6_ifup+0x10/0x10 [ 316.511041][T14427] ? __mutex_unlock_slowpath+0x1a1/0x740 [ 316.516721][T14427] rt6_sync_up+0x128/0x160 [ 316.521197][T14427] ? __pfx_rt6_sync_up+0x10/0x10 [ 316.526211][T14427] ? ipv6_mc_up+0x3da/0x580 [ 316.530785][T14427] addrconf_notify+0xd55/0x1010 [ 316.535676][T14427] notifier_call_chain+0x1b3/0x3e0 [ 316.540846][T14427] netif_state_change+0x284/0x3a0 [ 316.545918][T14427] ? __pfx_netif_state_change+0x10/0x10 [ 316.551548][T14427] ? netif_change_flags+0xe8/0x1a0 [ 316.556705][T14427] do_setlink+0x35de/0x41c0 [ 316.561286][T14427] ? __kernel_text_address+0xd/0x40 [ 316.566536][T14427] ? __pfx_do_setlink+0x10/0x10 [ 316.571447][T14427] ? _printk+0xcf/0x120 [ 316.575642][T14427] ? __pfx____ratelimit+0x10/0x10 [ 316.580744][T14427] ? __mutex_trylock_common+0x153/0x260 [ 316.586369][T14427] ? __pfx___mutex_trylock_common+0x10/0x10 [ 316.592333][T14427] ? rcu_is_watching+0x15/0xb0 [ 316.597140][T14427] ? trace_contention_end+0x39/0x120 [ 316.602495][T14427] ? __mutex_lock+0x335/0x1350 [ 316.607295][T14427] ? rtnl_newlink+0x8db/0x1c70 [ 316.612135][T14427] ? __pfx___mutex_lock+0x10/0x10 [ 316.617197][T14427] ? ns_capable+0x8a/0xf0 [ 316.621586][T14427] ? rtnl_link_get_net_capable+0x16a/0x350 [ 316.627448][T14427] rtnl_newlink+0x149f/0x1c70 [ 316.632165][T14427] ? netlink_sendmsg+0x805/0xb30 [ 316.637150][T14427] ? __pfx_rtnl_newlink+0x10/0x10 [ 316.642271][T14427] ? rcu_is_watching+0x15/0xb0 [ 316.647074][T14427] ? nlmon_xmit+0xb0/0x100 [ 316.651547][T14427] ? kmem_cache_free+0x18f/0x400 [ 316.656529][T14427] ? rcu_is_watching+0x15/0xb0 [ 316.661359][T14427] ? __dev_queue_xmit+0x27b/0x3b50 [ 316.666503][T14427] ? __local_bh_enable_ip+0x12d/0x1c0 [ 316.671934][T14427] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 316.677703][T14427] ? __dev_queue_xmit+0x27b/0x3b50 [ 316.682886][T14427] ? lock_release+0x4b/0x3e0 [ 316.687551][T14427] ? __dev_queue_xmit+0x27b/0x3b50 [ 316.692690][T14427] ? __dev_queue_xmit+0x27b/0x3b50 [ 316.697866][T14427] ? __dev_queue_xmit+0x1d79/0x3b50 [ 316.703108][T14427] ? rtnetlink_rcv_msg+0x1ab/0xb70 [ 316.708289][T14427] ? rcu_is_watching+0x15/0xb0 [ 316.713088][T14427] ? lock_release+0x4b/0x3e0 [ 316.717754][T14427] ? bpf_lsm_capable+0x9/0x20 [ 316.722470][T14427] ? security_capable+0x7e/0x2e0 [ 316.727473][T14427] ? __pfx_rtnl_newlink+0x10/0x10 [ 316.732541][T14427] rtnetlink_rcv_msg+0x7cf/0xb70 [ 316.737648][T14427] ? rtnetlink_rcv_msg+0x1ab/0xb70 [ 316.742811][T14427] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 316.748341][T14427] ? ref_tracker_free+0x63a/0x7d0 [ 316.753415][T14427] ? __asan_memcpy+0x40/0x70 [ 316.758070][T14427] ? __pfx_ref_tracker_free+0x10/0x10 [ 316.763491][T14427] netlink_rcv_skb+0x205/0x470 [ 316.768327][T14427] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 316.773828][T14427] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 316.779183][T14427] netlink_unicast+0x82c/0x9e0 [ 316.783960][T14427] ? __pfx_netlink_unicast+0x10/0x10 [ 316.789281][T14427] ? netlink_sendmsg+0x642/0xb30 [ 316.794233][T14427] ? skb_put+0x11b/0x210 [ 316.798521][T14427] netlink_sendmsg+0x805/0xb30 [ 316.803298][T14427] ? __pfx_netlink_sendmsg+0x10/0x10 [ 316.808622][T14427] ? aa_sock_msg_perm+0xf1/0x1d0 [ 316.813588][T14427] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 316.818908][T14427] ? __pfx_netlink_sendmsg+0x10/0x10 [ 316.824197][T14427] __sock_sendmsg+0x21c/0x270 [ 316.828920][T14427] ____sys_sendmsg+0x505/0x830 [ 316.833745][T14427] ? __pfx_____sys_sendmsg+0x10/0x10 [ 316.839063][T14427] ? import_iovec+0x74/0xa0 [ 316.843573][T14427] ___sys_sendmsg+0x21f/0x2a0 [ 316.848285][T14427] ? __pfx____sys_sendmsg+0x10/0x10 [ 316.853509][T14427] ? futex_wake+0x4b2/0x560 [ 316.858072][T14427] ? __fget_files+0x2a/0x420 [ 316.862678][T14427] ? __fget_files+0x3a0/0x420 [ 316.867386][T14427] __x64_sys_sendmsg+0x19b/0x260 [ 316.872353][T14427] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 316.877869][T14427] ? rcu_is_watching+0x15/0xb0 [ 316.882657][T14427] ? rcu_is_watching+0x15/0xb0 [ 316.887455][T14427] do_syscall_64+0xfa/0x3b0 [ 316.891979][T14427] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 316.898076][T14427] ? clear_bhb_loop+0x60/0xb0 [ 316.902777][T14427] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 316.908705][T14427] RIP: 0033:0x7f3435d8ebe9 [ 316.913128][T14427] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 316.932801][T14427] RSP: 002b:00007f3436cb9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 316.941282][T14427] RAX: ffffffffffffffda RBX: 00007f3435fb6090 RCX: 00007f3435d8ebe9 [ 316.949312][T14427] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000009 [ 316.957288][T14427] RBP: 00007f3435e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 316.965287][T14427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 316.973290][T14427] R13: 00007f3435fb6128 R14: 00007f3435fb6090 R15: 00007ffcce0c6f18 [ 316.981306][T14427] [ 316.984418][T14427] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 316.991701][T14427] CPU: 0 UID: 0 PID: 14427 Comm: syz.0.2728 Not tainted syzkaller #0 PREEMPT(full) [ 317.001068][T14427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 317.011124][T14427] Call Trace: [ 317.014404][T14427] [ 317.017333][T14427] dump_stack_lvl+0x99/0x250 [ 317.021942][T14427] ? __asan_memcpy+0x40/0x70 [ 317.026569][T14427] ? __pfx_dump_stack_lvl+0x10/0x10 [ 317.031773][T14427] ? __pfx__printk+0x10/0x10 [ 317.036375][T14427] vpanic+0x281/0x750 [ 317.040360][T14427] ? __pfx__printk+0x10/0x10 [ 317.044961][T14427] ? __pfx_vpanic+0x10/0x10 [ 317.049471][T14427] ? is_bpf_text_address+0x26/0x2b0 [ 317.054696][T14427] panic+0xb9/0xc0 [ 317.058436][T14427] ? __pfx_panic+0x10/0x10 [ 317.062872][T14427] __warn+0x31b/0x4b0 [ 317.066883][T14427] ? rt6_multipath_rebalance+0x455/0x8b0 [ 317.072542][T14427] ? rt6_multipath_rebalance+0x455/0x8b0 [ 317.078195][T14427] report_bug+0x2be/0x4f0 [ 317.082540][T14427] ? rt6_multipath_rebalance+0x455/0x8b0 [ 317.088191][T14427] ? rt6_multipath_rebalance+0x455/0x8b0 [ 317.093839][T14427] ? rt6_multipath_rebalance+0x457/0x8b0 [ 317.099505][T14427] handle_bug+0x84/0x160 [ 317.103759][T14427] exc_invalid_op+0x1a/0x50 [ 317.108273][T14427] asm_exc_invalid_op+0x1a/0x20 [ 317.113135][T14427] RIP: 0010:rt6_multipath_rebalance+0x455/0x8b0 [ 317.119393][T14427] Code: ff ff 44 89 e1 80 e1 07 38 c1 0f 8c 85 fe ff ff 4c 89 e7 e8 fd 1f f2 f7 e9 78 fe ff ff e8 b3 b4 8e f7 eb 05 e8 ac b4 8e f7 90 <0f> 0b 90 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f 5d e9 85 c4 4b 01 [ 317.139017][T14427] RSP: 0018:ffffc9001cff6620 EFLAGS: 00010283 [ 317.145102][T14427] RAX: ffffffff8a30f67d RBX: dffffc0000000000 RCX: 0000000000080000 [ 317.153082][T14427] RDX: ffffc9000c78c000 RSI: 000000000003560f RDI: 0000000000035610 [ 317.161058][T14427] RBP: dffffc0000000000 R08: 0000000000000003 R09: 0000000000000004 [ 317.169035][T14427] R10: dffffc0000000000 R11: fffff520039fecbc R12: ffff8880576fbcde [ 317.177020][T14427] R13: ffff8880325cd490 R14: 0000000000000000 R15: 1ffff110064b9a92 [ 317.185004][T14427] ? rt6_multipath_rebalance+0x44d/0x8b0 [ 317.190667][T14427] fib6_ifup+0x14a/0x180 [ 317.194932][T14427] ? __pfx_fib6_ifup+0x10/0x10 [ 317.199722][T14427] fib6_clean_node+0x24d/0x590 [ 317.204516][T14427] ? __pfx_fib6_clean_node+0x10/0x10 [ 317.209812][T14427] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 317.215720][T14427] ? rcu_is_watching+0x15/0xb0 [ 317.220496][T14427] fib6_walk_continue+0x678/0x910 [ 317.225540][T14427] fib6_walk+0x149/0x290 [ 317.229802][T14427] __fib6_clean_all+0x234/0x380 [ 317.234665][T14427] ? __fib6_clean_all+0x9b/0x380 [ 317.239615][T14427] ? __pfx_fib6_ifup+0x10/0x10 [ 317.244395][T14427] ? __pfx___fib6_clean_all+0x10/0x10 [ 317.249776][T14427] ? __pfx_fib6_clean_node+0x10/0x10 [ 317.255077][T14427] ? __pfx_fib6_ifup+0x10/0x10 [ 317.259862][T14427] ? __mutex_unlock_slowpath+0x1a1/0x740 [ 317.265624][T14427] rt6_sync_up+0x128/0x160 [ 317.270060][T14427] ? __pfx_rt6_sync_up+0x10/0x10 [ 317.275018][T14427] ? ipv6_mc_up+0x3da/0x580 [ 317.279547][T14427] addrconf_notify+0xd55/0x1010 [ 317.284428][T14427] notifier_call_chain+0x1b3/0x3e0 [ 317.289602][T14427] netif_state_change+0x284/0x3a0 [ 317.294656][T14427] ? __pfx_netif_state_change+0x10/0x10 [ 317.300232][T14427] ? netif_change_flags+0xe8/0x1a0 [ 317.305358][T14427] do_setlink+0x35de/0x41c0 [ 317.309879][T14427] ? __kernel_text_address+0xd/0x40 [ 317.315123][T14427] ? __pfx_do_setlink+0x10/0x10 [ 317.320001][T14427] ? _printk+0xcf/0x120 [ 317.324225][T14427] ? __pfx____ratelimit+0x10/0x10 [ 317.329298][T14427] ? __mutex_trylock_common+0x153/0x260 [ 317.334879][T14427] ? __pfx___mutex_trylock_common+0x10/0x10 [ 317.340794][T14427] ? rcu_is_watching+0x15/0xb0 [ 317.345577][T14427] ? trace_contention_end+0x39/0x120 [ 317.350905][T14427] ? __mutex_lock+0x335/0x1350 [ 317.355683][T14427] ? rtnl_newlink+0x8db/0x1c70 [ 317.360472][T14427] ? __pfx___mutex_lock+0x10/0x10 [ 317.365507][T14427] ? ns_capable+0x8a/0xf0 [ 317.369841][T14427] ? rtnl_link_get_net_capable+0x16a/0x350 [ 317.375665][T14427] rtnl_newlink+0x149f/0x1c70 [ 317.380357][T14427] ? netlink_sendmsg+0x805/0xb30 [ 317.385304][T14427] ? __pfx_rtnl_newlink+0x10/0x10 [ 317.390354][T14427] ? rcu_is_watching+0x15/0xb0 [ 317.395128][T14427] ? nlmon_xmit+0xb0/0x100 [ 317.399552][T14427] ? kmem_cache_free+0x18f/0x400 [ 317.404507][T14427] ? rcu_is_watching+0x15/0xb0 [ 317.409281][T14427] ? __dev_queue_xmit+0x27b/0x3b50 [ 317.414406][T14427] ? __local_bh_enable_ip+0x12d/0x1c0 [ 317.419786][T14427] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 317.425512][T14427] ? __dev_queue_xmit+0x27b/0x3b50 [ 317.430642][T14427] ? lock_release+0x4b/0x3e0 [ 317.435268][T14427] ? __dev_queue_xmit+0x27b/0x3b50 [ 317.440404][T14427] ? __dev_queue_xmit+0x27b/0x3b50 [ 317.445540][T14427] ? __dev_queue_xmit+0x1d79/0x3b50 [ 317.450765][T14427] ? rtnetlink_rcv_msg+0x1ab/0xb70 [ 317.455909][T14427] ? rcu_is_watching+0x15/0xb0 [ 317.460684][T14427] ? lock_release+0x4b/0x3e0 [ 317.465295][T14427] ? bpf_lsm_capable+0x9/0x20 [ 317.470087][T14427] ? security_capable+0x7e/0x2e0 [ 317.475062][T14427] ? __pfx_rtnl_newlink+0x10/0x10 [ 317.480120][T14427] rtnetlink_rcv_msg+0x7cf/0xb70 [ 317.485095][T14427] ? rtnetlink_rcv_msg+0x1ab/0xb70 [ 317.490233][T14427] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 317.495716][T14427] ? ref_tracker_free+0x63a/0x7d0 [ 317.500766][T14427] ? __asan_memcpy+0x40/0x70 [ 317.505373][T14427] ? __pfx_ref_tracker_free+0x10/0x10 [ 317.510769][T14427] netlink_rcv_skb+0x205/0x470 [ 317.515561][T14427] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 317.521216][T14427] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 317.526550][T14427] netlink_unicast+0x82c/0x9e0 [ 317.531335][T14427] ? __pfx_netlink_unicast+0x10/0x10 [ 317.536640][T14427] ? netlink_sendmsg+0x642/0xb30 [ 317.541585][T14427] ? skb_put+0x11b/0x210 [ 317.545845][T14427] netlink_sendmsg+0x805/0xb30 [ 317.550624][T14427] ? __pfx_netlink_sendmsg+0x10/0x10 [ 317.555950][T14427] ? aa_sock_msg_perm+0xf1/0x1d0 [ 317.560906][T14427] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 317.566232][T14427] ? __pfx_netlink_sendmsg+0x10/0x10 [ 317.571540][T14427] __sock_sendmsg+0x21c/0x270 [ 317.576248][T14427] ____sys_sendmsg+0x505/0x830 [ 317.581034][T14427] ? __pfx_____sys_sendmsg+0x10/0x10 [ 317.586337][T14427] ? import_iovec+0x74/0xa0 [ 317.590851][T14427] ___sys_sendmsg+0x21f/0x2a0 [ 317.595571][T14427] ? __pfx____sys_sendmsg+0x10/0x10 [ 317.600781][T14427] ? futex_wake+0x4b2/0x560 [ 317.605318][T14427] ? __fget_files+0x2a/0x420 [ 317.609917][T14427] ? __fget_files+0x3a0/0x420 [ 317.614621][T14427] __x64_sys_sendmsg+0x19b/0x260 [ 317.619574][T14427] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 317.625044][T14427] ? rcu_is_watching+0x15/0xb0 [ 317.629819][T14427] ? rcu_is_watching+0x15/0xb0 [ 317.634608][T14427] do_syscall_64+0xfa/0x3b0 [ 317.639117][T14427] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 317.645191][T14427] ? clear_bhb_loop+0x60/0xb0 [ 317.649902][T14427] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 317.655894][T14427] RIP: 0033:0x7f3435d8ebe9 [ 317.660348][T14427] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 317.679966][T14427] RSP: 002b:00007f3436cb9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 317.688408][T14427] RAX: ffffffffffffffda RBX: 00007f3435fb6090 RCX: 00007f3435d8ebe9 [ 317.696386][T14427] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000009 [ 317.704386][T14427] RBP: 00007f3435e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 317.712390][T14427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 317.720381][T14427] R13: 00007f3435fb6128 R14: 00007f3435fb6090 R15: 00007ffcce0c6f18 [ 317.728389][T14427] [ 317.731754][T14427] Kernel Offset: disabled [ 317.736082][T14427] Rebooting in 86400 seconds..