last executing test programs: 7.850307715s ago: executing program 3 (id=2163): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='i2c_reply\x00', r0}, 0x10) close(r1) socket$kcm(0x10, 0x3, 0x10) r2 = socket$xdp(0x2c, 0x3, 0x0) getsockopt$XDP_STATISTICS(r2, 0x11b, 0x8, &(0x7f0000003140), &(0x7f0000000040)=0x30) unshare(0x62040200) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r4, 0x6, 0x21, &(0x7f0000000040)="5766b1b827f600333b09d3748ee7d700", 0x10) listen(r4, 0x0) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000080)={0xffffffffffffffff, 0x0, 0x0}, 0x20) setsockopt$inet_tcp_int(r4, 0x6, 0x19, &(0x7f0000000200)=0x2, 0x4) r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000300)={'wlan0\x00'}) sendmsg$NL80211_CMD_TDLS_OPER(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)={0x28, r6, 0x1, 0xffffffdd, 0x5, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x3}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000084}, 0x0) ioctl$int_in(r4, 0x5452, 0x0) unshare(0x40040000) shutdown(r4, 0x0) r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b000000000000"], 0x48) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, 0x0, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10) ppoll(&(0x7f0000000080)=[{r7}], 0x1, 0x0, 0x0, 0x0) pselect6(0x0, 0x0, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0xfffffffffffffffc, 0x9, 0x0, 0xfffffffffffffffd, 0x7fffffff}, 0x0, 0x0) listen(r3, 0x558d) r9 = socket$inet_udplite(0x2, 0x2, 0x88) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, r9, &(0x7f0000000240)={0xb0000000}) socket$netlink(0x10, 0x3, 0x0) 7.011371007s ago: executing program 4 (id=2169): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a00000005000000020000000400000000000000", @ANYRES32, @ANYBLOB="000000000000000000b73b400000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x13, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000004000000711076000000000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b703000000000000850000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000300)='tlb_flush\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) r3 = socket$inet6_dccp(0xa, 0x6, 0x0) setsockopt$inet6_dccp_buf(r3, 0x21, 0xf, &(0x7f0000000040)="9bcac562d0aff72f9b556913db37a7562ab95eabbe74864ff8f6ae0c65142a3ce2c6ef455aec5bf33dd5f0089c8f6ea1e8aa8038ef2f920c13a0d9685a2b4bf4c3832efdbc12d110d6e184464e69cd440e6ea39c40184fd7d01e4d89c37318cc85cf83f8580ed41d9853608528dc37b6ee70f2b003055c66fda4b607b6c6e5afd765562a0023386c21", 0x89) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f0000000140)={'wpan3\x00'}) r5 = syz_open_procfs$namespace(0x0, &(0x7f00000001c0)='ns/pid\x00') ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r5, 0x8004b706, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r2, 0x0) r6 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r6, 0x8982, &(0x7f0000000180)={0x3, 'ipvlan0\x00', {0x4}, 0x8}) 6.512550663s ago: executing program 4 (id=2173): r0 = syz_genetlink_get_family_id$tipc(&(0x7f00000003c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000140)={0x30, r0, 0x1, 0x0, 0xa6ff, {{}, {0x0, 0x3}, {0x14}}}, 0x30}, 0x1, 0xea, 0x0, 0x4004018}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) bind$inet6(0xffffffffffffffff, &(0x7f0000000640)={0xa, 0x4e20, 0x81, @mcast1, 0x64}, 0x1c) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x7, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x8, &(0x7f0000000000)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000140)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x25, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff) r5 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r5, 0x0, 0x0, 0x20000844, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="720ac4ff000000007110b400000000"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000580)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000f000000050030000000000008000300", @ANYRES32, @ANYBLOB="0800340079db00000000000000000000cba3175fdc2ef92cda56ee878d4b08bebc8659e4602e81ef4c77f0c457a4e0f399db7345cb508d9bee28a3955d4e43f15e7e4795cba65713be15ede8b9dbefec9a1ecaf04a720df9d9fb5c0feadf93f443dca9dac44d9696e6f5f310a538ed4c1d444952e01e5affe2b3df02cf9d74aa8866f07eb8a0fd7ad5fb22d9577d11b3faa54df9e48eca40693a142cd8575fa5b3177cee63b83b59738988f2e53a3ec4ba4182e946bbc34e7b6ee628797bd6c9fab9c17741342c9ed8ad0f5e65b19d"], 0x34}}, 0x4004010) 6.239251812s ago: executing program 4 (id=2174): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x3) accept4$netrom(r0, 0x0, 0x0, 0x0) 6.1781812s ago: executing program 4 (id=2175): socket$xdp(0x2c, 0x3, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="2800000010000108000000631bd942dc8c4b8900", @ANYRES32=0x0, @ANYBLOB="020400000000000008001b0000000000"], 0x28}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000050000000000000000000024000a20000000000a1f000000000000000000010000000900010073797a300000000058000000030a0104000000000000000001000000090003803d2175fbe782c2002c00048008000240172af2e40800014000000003080002401c791e7108000240423930ce08000140000000030900010073797a300000000088000000060a010400000000000000000100000008000b400000000014000480100001800b0001006e756d67656e00000900010073797a30000000004c0004804800018008000100666962003c000280080003400000000c0800014000000002080001400000"], 0x122}}, 0x10) syz_init_net_socket$llc(0x1a, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000280)) socket$nl_xfrm(0x10, 0x3, 0x6) r2 = socket$nl_route(0x10, 0x3, 0x0) bind$netlink(r2, &(0x7f00000001c0), 0xc) r3 = socket(0x10, 0x3, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r4, 0x6, 0x24, &(0x7f0000000080)=0x1, 0x4) r5 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00'}) shutdown(r4, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r5, 0x0, 0x48f, &(0x7f0000001a40)={0x3c, @private=0xa010102, 0x4e23, 0x2, 'sh\x00', 0x20, 0x6, 0xd}, 0x2c) recvmmsg(r4, &(0x7f0000001980)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=""/26, 0x11}}, {{0x0, 0x0, &(0x7f0000001300)=[{&(0x7f00000000c0)=""/47}, {&(0x7f0000000100)=""/224}, {&(0x7f0000000200)=""/4096}, {&(0x7f0000001200)=""/124}, {&(0x7f0000001280)=""/60}], 0x4d}}, {{&(0x7f0000001380)=@pppoe={0x18, 0x0, {0x0, @local}}, 0x0, &(0x7f0000001840)=[{&(0x7f0000001400)=""/149, 0xfffffffffffffefd}, {&(0x7f0000001b00)=""/118}, {&(0x7f0000001540)=""/188}, {&(0x7f0000001600)=""/57}, {&(0x7f0000001640)=""/135}, {&(0x7f00000014c0)=""/101}, {&(0x7f0000001780)=""/171}], 0x0, &(0x7f00000018c0)=""/176}}], 0x15cbc1ab4c0933f, 0x0, 0x0) r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r6, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r6, &(0x7f0000000340)="41000000010001", 0x7) close(r6) pselect6(0x40, &(0x7f0000000040)={0x0, 0x1, 0xd8, 0x7fffffffffffffff, 0xccd, 0x5, 0xcc3, 0x9}, &(0x7f0000000100)={0x8, 0x4, 0x37b8, 0x24a4, 0xd, 0x6, 0xda2f, 0x1}, &(0x7f0000000140)={0x956, 0x0, 0x9, 0x1, 0x0, 0x0, 0x7f, 0x6}, &(0x7f0000000180)={0x0, 0x3938700}, &(0x7f0000000200)={&(0x7f00000001c0), 0x8}) r7 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r7, 0x0, 0x0) sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001b80)=ANY=[@ANYBLOB="4c0000001000040000000000000000000000000034673379cebd842771780d8b63067fca50e6d37e14eaccf7d35d11fb009a0e1b2069cc1fdb1ee795a178164dabf9d86d40cc488dd949f995d6412ddb34467d45dbafef351473b067ba57f621698e3df9287e1e23a4bce5fc", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800900010069706970000000001c000280050009008900000005000a"], 0x4c}}, 0x4000010) bpf$MAP_CREATE(0x0, &(0x7f0000001c40)=@base={0x7, 0x19, 0x10001, 0x2, 0x40, 0x1, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) 5.23622688s ago: executing program 1 (id=2182): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000380)={'sit0\x00', 0x0}) r2 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_ADD_MFC(r2, 0x29, 0xcc, &(0x7f0000000280)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @mcast2}}, 0x5c) setsockopt$SO_J1939_FILTER(r2, 0x6b, 0x1, &(0x7f0000000100)=[{0x2, 0x0, {0x1, 0x0, 0x3}, {0x0, 0xff}, 0x0, 0xff}, {0x2, 0x3, {0x2, 0x0, 0x4}, {}, 0x1, 0x1}], 0x40) getsockopt$IP_VS_SO_GET_TIMEOUT(r0, 0x0, 0x486, &(0x7f0000000080), &(0x7f00000000c0)=0xc) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=@newlink={0x6c, 0x10, 0x403, 0x1, 0x0, {}, [@IFLA_LINKINFO={0x44, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x34, 0x2, 0x0, 0x1, [@IFLA_VLAN_INGRESS_QOS={0x1c, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x3, 0xfffffff6}}, @IFLA_VLAN_QOS_MAPPING={0xfffffffffffffcd2, 0x336, {0x5, 0x8}}]}, @IFLA_VLAN_ID={0x6}, @IFLA_VLAN_FLAGS={0xc, 0x2, {0xa, 0xc}}]}}}, @IFLA_LINK={0x8, 0x5, r1}]}, 0x6c}, 0x1, 0xba01, 0x0, 0x40005}, 0x0) 4.918363042s ago: executing program 1 (id=2183): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x24, 0x7, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0xa}, [@IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0xc004085}, 0x40044) r1 = socket$nl_rdma(0x10, 0x3, 0x14) r2 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3) getsockopt$bt_rfcomm_RFCOMM_LM(r2, 0x12, 0x3, &(0x7f0000000080), &(0x7f00000000c0)=0x4) ioctl$BTRFS_IOC_FS_INFO(r1, 0x8400941f, &(0x7f0000000300)) syz_emit_ethernet(0x5e, &(0x7f0000000040)={@local, @local, @void, {@ipv4={0x800, @generic={{0xd, 0x4, 0x2, 0x19, 0x50, 0x64, 0x0, 0x6, 0x73, 0x0, @rand_addr=0x64010100, @remote, {[@rr={0x7, 0x3, 0xd6}, @timestamp_addr={0x44, 0x1c, 0xf, 0x1, 0x6, [{@multicast2, 0x3ff}, {@rand_addr=0x64010102, 0x1}, {@loopback, 0x4326}]}]}}, "7c45e823c903d5edf706d35fa1dfd5bd45894b25682807137028e347"}}}}, 0x0) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)={0x68, 0x2, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0x3}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x3}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_MARKMASK={0x8, 0xb, 0x1, 0x0, 0x101}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x1}]}, 0x68}, 0x1, 0x0, 0x0, 0x20044805}, 0x1) sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="280000000b140100"], 0x28}, 0x1, 0x0, 0x0, 0x40004}, 0x8000) socket(0x22, 0x3, 0x1000) socket(0x22, 0x4, 0x6) 4.228315979s ago: executing program 2 (id=2186): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r1, &(0x7f00000003c0)={0xa, 0x3, 0x0, @mcast2, 0x5}, 0x1c) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0xc201}) r2 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000ff920000000000000100000000000000000000000000002c000000000000000000860090780000000000000000000000000000ee3f000000002b03"], 0xfdef) 4.227273191s ago: executing program 1 (id=2187): getpid() socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$cgroup_int(r0, &(0x7f0000000000)=0x1, 0xff28) mmap(&(0x7f00007a7000/0x14000)=nil, 0x14000, 0x2, 0x22051, r0, 0x0) mmap(&(0x7f00007a6000/0x3000)=nil, 0x3000, 0x100000c, 0x22051, r0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000020000000c"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000007500000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'macvlan0\x00', 0x0}) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4c000000100021040200"/20, @ANYRES32=r4, @ANYBLOB="f900000000000000240012800c0001006d6163766c616e00140002800800010010000000080003"], 0x4c}}, 0x0) r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000440), 0x4) r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r6, 0xffffffffffffffff}, 0x4) r8 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000006c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a, 0x0, 0x0, 0xd, 0x0, @void, @value}, 0x28) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007500000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) ppoll(&(0x7f0000000500)=[{r9}], 0x1, 0x0, 0x0, 0x0) r10 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000004c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x1000, '\x00', 0x0, 0xffffffffffffffff, 0x43b80, 0x3, 0x5, 0x0, @void, @value, @void, @value}, 0x50) r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000900)=@bpf_tracing={0x1a, 0x18, &(0x7f0000000700)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x1}, [@printk={@llx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8290}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, 0x1a, r5, 0x8, &(0x7f0000000800)={0x7, 0x4}, 0x8, 0x10, &(0x7f0000000a00)={0x0, 0x10, 0x4caf, 0x8}, 0x10, 0x2eb60, r1, 0x1, &(0x7f0000000880)=[r7, r1, r7, r11], &(0x7f00000008c0)=[{0x0, 0x3, 0xd, 0x8}], 0x10, 0x0, @void, @value}, 0x94) r12 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r12, &(0x7f0000000080)={0x1f, 0x0, 0x4}, 0x3) close(r12) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000c829f168b70200000800000018230000", @ANYRES32=r11, @ANYBLOB="0000000000000000b70500000800000085000000a50000009500000000000000"], &(0x7f0000000300)='GPL\x00', 0x4, 0x14, &(0x7f0000001e00)=""/4088, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x29, &(0x7f0000000200)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x800}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@map_val={0x18, 0xa, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0x1}, @map_idx={0x18, 0xa, 0x5, 0x0, 0x6}, @btf_id={0x18, 0x7, 0x3, 0x0, 0x3}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xa15}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @ldst={0x0, 0x1, 0x3, 0x8105f8cffb93dc36, 0x3, 0x50, 0xfffffffffffffff0}, @map_idx={0x18, 0x6, 0x5, 0x0, 0x6}, @printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000180)='GPL\x00', 0x3, 0x95, &(0x7f0000000380)=""/149, 0x40f00, 0x0, '\x00', r4, 0x0, r5, 0x8, &(0x7f0000000480)={0x9, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000540)=[r6, r9, r10, r11], &(0x7f0000000580)=[{0x0, 0x1, 0x8, 0x2}, {0x4, 0x5, 0x8}, {0x2, 0x3, 0x2, 0x7}, {0x1, 0x4, 0xf, 0x1}, {0x0, 0x1, 0x3, 0xa}, {0x2, 0x2, 0x5, 0x7}], 0x10, 0x0, @void, @value}, 0x94) socket$inet_udp(0x2, 0x2, 0x0) syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff) 4.1316826s ago: executing program 3 (id=2188): sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) (async) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) (async) sendmsg$NFC_CMD_GET_TARGET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x40000) (async) syz_genetlink_get_family_id$nfc(&(0x7f0000000140), 0xffffffffffffffff) (async) syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff) (async) socket$pppoe(0x18, 0x1, 0x0) bind$tipc(0xffffffffffffffff, &(0x7f0000000400)=@name={0x1e, 0x2, 0x3, {{0x40, 0x4}}}, 0x10) (async) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) (async) r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0xfffffffe, r0, 0x4}, 0x38) (async) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faa7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497dad64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6fba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd2310801570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb414c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000a0cc2b89ce1525748ce167cbabb881f060599a6a59f645edca1d5c24b2f6b8c997a8f3e1b7679984a566d98d4d31198ee4c5ea7be0d99cf89bba4a6fd0bec12e7792bec3c5038e13b1982f80cdecd07f8908a983a7c9fb81c2ba7f7e87c991f30e50d1b3bbe4cf2a2f5d4571b6568ada51bc121c9139d2a8e0638c84066b1759081802"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10) (async) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0xa, 0x9, 0x8, 0x40, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r3 = socket$netlink(0x10, 0x3, 0x12) sendmsg$RDMA_NLDEV_CMD_SYS_GET(r3, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x20, 0x1406, 0x1, 0x70bd27, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x440c0) (async) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000480), 0x1000, r2}, 0x38) 3.976467792s ago: executing program 0 (id=2189): r0 = socket$inet(0x2, 0x3, 0x1) setsockopt$inet_opts(r0, 0x0, 0xb, &(0x7f0000000000)="89", 0x1) syz_emit_ethernet(0xc6, &(0x7f00000000c0)={@local, @random="4489a2bc242d", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0xff, 0x1, 0x0, @private=0xa010104, @local}, @time_exceeded={0x4, 0x0, 0x0, 0x3, 0x0, 0x0, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @broadcast=0xac14140a, @broadcast=0xac1414bb, {[@timestamp_addr={0x44, 0x3c, 0x0, 0x1, 0x0, [{@local}, {@loopback}, {@loopback}, {@dev}, {@dev={0xac, 0x14, 0x14, 0xff}}, {@rand_addr=0x64010101}, {@remote, 0x2}]}, @ra={0x94, 0x4, 0x1}]}}}}}}}, 0x0) 3.840266637s ago: executing program 2 (id=2190): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000d89b551a000071121600000000009500020000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000540)={r0, 0x0, 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 3.800525019s ago: executing program 3 (id=2191): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmmsg$inet6(r0, &(0x7f0000000480)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x80020}, 0x1c, &(0x7f0000000500)=[{&(0x7f00000034c0)='\x00', 0x1}], 0x1}}], 0x1, 0x34000811) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000140), r1) sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01000003000000000000040000000800020005"], 0x24}}, 0x0) r3 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r5 = openat$cgroup_procs(r4, &(0x7f0000000040)='tasks\x00', 0x2, 0x0) r6 = openat$cgroup_procs(r4, &(0x7f00000002c0)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r5, &(0x7f00000000c0), 0x12) sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x40, r2, 0x2, 0x70bd25, 0x25dfdbfd, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @private0}, @NLBL_MGMT_A_DOMAIN={0x6, 0x1, '%\x00'}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @remote}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @loopback}]}, 0x40}}, 0x40004) pread64(r6, &(0x7f0000001840)=""/4096, 0x1000, 0x1) unshare(0x4000800) 3.767325464s ago: executing program 0 (id=2192): r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3) r1 = socket$igmp(0x2, 0x3, 0x2) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000080)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x924924924924c31, 0x3ec0) connect$unix(r3, &(0x7f0000000100)=@abs, 0x6e) setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f0000000080)={0x0, 0x4, 0x4, 0x9, @vifc_lcl_addr=@multicast1, @multicast2}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b70000008178005dbfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071105100000000001d400200000000004704000001ed00000f030000000000001d440000000000006b0a02fe000000007203000000000000b50000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYRESDEC=r0], 0x50) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="380000006c0015000000d9fece23b82004000000", @ANYRES32=r4, @ANYBLOB="000080000000000018003480050035"], 0x38}, 0x1, 0x300}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB='8\x00\x00\x00m'], 0x38}, 0x1, 0x300}, 0x0) r5 = socket(0x10, 0x3, 0x0) sendmmsg$alg(r5, &(0x7f0000000140), 0x4924b68, 0x0) setsockopt$MRT_FLUSH(r1, 0x0, 0xd4, &(0x7f00000008c0)=0x8, 0x4) syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3) (async) socket$igmp(0x2, 0x3, 0x2) (async) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)) (async) connect$unix(r2, &(0x7f0000000080)=@abs, 0x6e) (async) sendmmsg$unix(r3, &(0x7f00000bd000), 0x924924924924c31, 0x3ec0) (async) connect$unix(r3, &(0x7f0000000100)=@abs, 0x6e) (async) setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f0000000080)={0x0, 0x4, 0x4, 0x9, @vifc_lcl_addr=@multicast1, @multicast2}, 0x10) (async) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b70000008178005dbfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071105100000000001d400200000000004704000001ed00000f030000000000001d440000000000006b0a02fe000000007203000000000000b50000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYRESDEC=r0], 0x50) (async) socket$netlink(0x10, 0x3, 0x0) (async) sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="380000006c0015000000d9fece23b82004000000", @ANYRES32=r4, @ANYBLOB="000080000000000018003480050035"], 0x38}, 0x1, 0x300}, 0x0) (async) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB='8\x00\x00\x00m'], 0x38}, 0x1, 0x300}, 0x0) (async) socket(0x10, 0x3, 0x0) (async) sendmmsg$alg(r5, &(0x7f0000000140), 0x4924b68, 0x0) (async) setsockopt$MRT_FLUSH(r1, 0x0, 0xd4, &(0x7f00000008c0)=0x8, 0x4) (async) 3.669050817s ago: executing program 2 (id=2193): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f0000000680)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0xe) setsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, 0x0, 0x0) recvmsg(r0, &(0x7f0000000340)={&(0x7f0000000000)=@xdp, 0x80, &(0x7f0000000240)=[{&(0x7f0000000080)=""/189, 0xbd}, {&(0x7f0000000140)=""/39, 0x27}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000000180)=""/131, 0x83}], 0x4, &(0x7f0000000280)=""/169, 0xa9}, 0x40010020) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r1, 0x0, 0x60, &(0x7f0000000600)={'filter\x00', 0x5, 0x4, 0x3f0, 0xe8, 0x1f8, 0x1f8, 0x308, 0x308, 0x308, 0x4, 0x0, {[{{@arp={@local, @private=0xa010102, 0x0, 0x0, 0x7, 0x2, {@empty, {[0x0, 0xff, 0x0, 0xff, 0xff, 0xff]}}, {@empty, {[0xff, 0xff, 0x7f, 0x0, 0x0, 0xff]}}, 0x7, 0x9, 0x9, 0x5, 0x8, 0xfff8, 'team_slave_1\x00', 'erspan0\x00', {}, {}, 0x0, 0x2}, 0xc0, 0xe8}, @unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x5, 0xd, 0x1}}}, {{@arp={@rand_addr=0x64010100, @empty, 0xff, 0xffffff00, 0x7, 0xb, {@mac=@remote, {[0xff, 0x0, 0xff, 0xff, 0x0, 0xff]}}, {@mac=@dev={'\xaa\xaa\xaa\xaa\xaa', 0x34}, {[0xff, 0xff, 0x0, 0x0, 0xff]}}, 0xff, 0x3, 0x8, 0x8, 0x3ff, 0x400, 'veth0_vlan\x00', 'veth1_virt_wifi\x00', {}, {0x9e46297b4ea6878e}}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @multicast1, @private}}}, {{@arp={@multicast1, @private=0x5, 0xffffffff, 0xffffff, 0x1, 0x8, {@empty, {[0x0, 0xff, 0x0, 0xff, 0xff, 0xff]}}, {@empty, {[0x0, 0x0, 0xff, 0x0, 0xff]}}, 0x50, 0xffff, 0x3, 0xa1, 0x86e5, 0x3, 'ip_vti0\x00', 'gre0\x00', {0xff}, {}, 0x0, 0x206}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@local, @empty, @local, 0x1, 0xffffffff}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440) 3.592047097s ago: executing program 0 (id=2194): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x20, 0x7, 0x6, 0x801, 0x0, 0x0, {0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x20}}, 0x4000000) 3.496133236s ago: executing program 0 (id=2195): r0 = socket$alg(0x26, 0x5, 0x0) (async) r1 = socket(0x848000000015, 0x805, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000900)={0x7, &(0x7f00000008c0)=[{0x7, 0xf, 0x7f, 0xacf2}, {0x1, 0x3, 0xe0, 0x4}, {0x3, 0xff, 0xa, 0x3185}, {0xa94, 0x1, 0x1, 0x7}, {0x63, 0x52, 0x5, 0x9}, {0x10, 0xab, 0x55, 0x5}, {0x7ff, 0x7, 0x9, 0x9}]}, 0x10) (async) sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x3ff}, 0x1c) (async) bind$alg(r0, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'ccm(aes)\x00'}, 0x3a) setsockopt$ALG_SET_AEAD_AUTHSIZE(r0, 0x117, 0x5, 0x0, 0x100000001) (async) syz_emit_ethernet(0x47e, &(0x7f0000000ac0)=ANY=[@ANYBLOB="bbbbbbbbbbbb0180c200000386dd6000000004483afffe8000000000000000000000000000aaff02000000000000000000000000000186009078000000000000000009000000000aa78ce54006598080a8030003004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af180200010000000500000000260004000018fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c92cdb2e34de4731f3f61effc978001d06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee4df24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e6279047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000000b17dcea46c56aa00148c356de6b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f0031807b8a3e10000a3e1100000006f00ff12164039d0ebab140888c235c0fffe00000000600000ff0bc0fe0000000000000000de20e23f6541c300225e14f0e74d2d36cfb3f27faf9a0845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb1d18061c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3be0800c5fd97622c676d8800871a6aa54155de489abaa522c9924e0ad38c6967052cc7786d779b8353aac33a57d79b05613a12328f61129017fb632dbf04542188b196e213408c872d3126a3913336064fd440198947cb61124c665548344da863da2dfcd578ed9b048c76415994fc6c83db3be26b6328cb52bf265ae2f1e3da6fe8f39a1ca6d9d4e6ddc17dca63ccb904923f32ea0a16dbfd2c84d9253d3cfc6400297b0f596bd4cd93f292043fff5a50aad2c4a9871bb6f215421d960fbf5f12031041489859faad6b7894fe1137424008d432183a0113681c77fc82aec87a233d898a11c5cd98182e0722cd47409df61e0bba337962ebd666210dc03bdacde3052d2e9c5aa731b244867e503ea12228ee0be34e90eb3bf9d5935a7bf990cfb04124927b9452145135264a5e76623102303008f3d1b94be70c274ab2d3f2f578a7deb204a130cdcd01ff635a7dd507d75b4b7e767a1bc71a7c122a26200c77"], 0x0) (async, rerun: 32) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) (rerun: 32) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r3 = openat$cgroup_ro(r2, &(0x7f0000000100)='blkio.throttle.io_service_bytes\x00', 0x0, 0x0) r4 = openat$cgroup_int(r2, &(0x7f0000000080)='blkio.throttle.write_bps_device\x00', 0x2, 0x0) sendfile(r4, r3, 0x0, 0x100000001) r5 = syz_init_net_socket$x25(0x9, 0x5, 0x0) listen(r5, 0xc) (async) connect$x25(r5, &(0x7f0000000a80), 0x12) (async) sendmsg$nl_generic(r1, &(0x7f0000000880)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000380)={&(0x7f00000002c0)={0xb4, 0x2d, 0x800, 0x70bd27, 0x25dfdbff, {0x1c}, [@typed={0x9d, 0xe6, 0x0, 0x0, @binary="bbe6ed2945e8dc8dff3a43a3fcc00579fcdeadc53c930f5dd02c5bd97c574c92bdd65d4409e29a4d7aaccb4f5587eedc54ef443e50d3b13928cee4fcee3a02311b9901dd51ba620bafdb7812f686b3b8936f04877f24b5cb60223ca6d58d3d7e9f987a2f42cbfdb589f494a5bb5c6b512f303936fc45fd0975039208cdc4b5b7220f22ed542f357a2ce96a0ae2e018cd5355a41e293be89219"}]}, 0xb4}, 0x1, 0x0, 0x0, 0x40811}, 0x40000) (async, rerun: 64) r6 = socket(0x10, 0x3, 0x0) (rerun: 64) sendmmsg(r6, &(0x7f0000000280), 0x0, 0x0) (async) setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f0000000100)="ac15d0797cf88cfafefa77ca55f4791d331842ada3dbee51a8a259e378d45f5173b65ece7371c0caa93478f03b80d0ec1f41491c90b9b3b654506b1e88463c5d9e087b814d7c803bb4243d64b5cba2fddba7142efa31db0ebd3a", 0x5a) (async) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r6, &(0x7f00000000c0)={&(0x7f0000000000), 0xc, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="2c000000000801080000000000000000020000090900010073797a30000000000900010073797a300000000028c31f5e8d4ed5d0ab905a29d61cfe366f5c2c08b379c491d285d757cdbbcedc46858f15945915f1d5835b99d0d1eb001cb84114249347e4592276cda16e9fb100a52ae50e62be491e74110c2254350e1dee24073135dbd51b96a6d212083cc6637a3b307d9accefc5fb186e8a10987e6d011531d3aea8193f3e0a005fa5d819023a23bb1d29244289ea9c6f341d7e2ad465146bb503ad028992803675ad24de0db53b8db682c5bd8aae78446b49be697a09b9adf9"], 0x2c}, 0x1, 0x0, 0x0, 0x20040001}, 0x20048000) 3.376292446s ago: executing program 0 (id=2196): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{r2}, &(0x7f0000000580), 0x0}, 0x20) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r3) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) writev(r1, &(0x7f0000000040)=[{&(0x7f0000000100)="89e7ee2c78dad9b4b473fec988cafbe863cac50580cd", 0x140}, {&(0x7f0000000440)="9c74dfbf77572856c809ff86bb648daf351a32ad", 0x14}], 0x2) r6 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) connect$llc(r6, &(0x7f0000000100)={0x1a, 0x305, 0x56, 0x32, 0x5, 0xab, @local}, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10002100}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c0000ed2108000225f57000ff0700ebff0000000000000810000000"], 0x1c}, 0x1, 0x0, 0x0, 0x20000040}, 0x24000000) sendmsg$nl_xfrm(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="d80000001b00010000000000fdfffffffc000000000000000000000000000000200100000000000000000000000000004e240000000000010000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000ffffffffffffff7ffcffffffffffffff04000000000000000000000000000000fdffffffffffffff00000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000006fcffff00000000000003000000000000000000000000000c000800"], 0xd8}, 0x1, 0x0, 0x0, 0x40000}, 0x20008084) 3.296727341s ago: executing program 1 (id=2197): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f00000003c0)=ANY=[@ANYBLOB="9feb0100180000000000000018000000180000000b000000030000000000000802000000080000000000000804000000007c0af95f5f612e5f5f"], 0x0, 0x3b, 0x0, 0x1, 0x4ceff6ba, 0x0, @void, @value}, 0x28) r0 = syz_init_net_socket$ax25(0x3, 0x5, 0xca) ioctl$SIOCAX25GETINFO(r0, 0x89ed, 0xfffffffffffffffd) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x22, 0x0, 0x0) socket$inet6(0xa, 0x80002, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4) connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000540), 0x3c) ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x80086601, 0x0) setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f0000000040)=@gcm_256={{0x304, 0x36}, "00000000000008bc", "a5fdeb69a751e94df50ad7e9fb434d1665e9298b01e49419567b443803cf578f", "6d02cd81", "066580001e00"}, 0x38) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x14, 0x37, 0x9, 0x1, 0x255fdbfb, {0x11}}, 0x14}, 0x1, 0x0, 0x0, 0x8001}, 0x4000084) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) mmap(&(0x7f00001e3000/0x3000)=nil, 0x3000, 0x6, 0x20010, r4, 0x0) setsockopt$inet6_tcp_int(r2, 0x11a, 0x4, &(0x7f00000003c0)=0x9, 0x4) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_xfrm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=@newsa={0x138, 0x10, 0x1, 0x0, 0x0, {{@in=@multicast1, @in=@multicast1}, {@in=@broadcast, 0x0, 0x33}, @in6=@rand_addr=' \x01\x00', {}, {}, {0x8000000}, 0x0, 0x0, 0x2, 0x1, 0x0, 0x88}, [@algo_auth={0x48, 0x1, {{'sha256\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x44044005}, 0x0) read$alg(r4, &(0x7f0000000280)=""/187, 0xbb) 3.081486082s ago: executing program 1 (id=2198): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller0\x00', 0x1}) (async) unshare(0x60480) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x4000, 0x0) ioctl$PPPIOCATTCHAN(r1, 0x40047438, &(0x7f0000000100)) (async) r2 = socket$inet(0x2, 0x2, 0x1) bind$unix(r2, &(0x7f0000000640)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x1, 0x2, &(0x7f0000000140)=@raw=[@ldst={0x1, 0x0, 0x3, 0x0, 0x1, 0xb47e9dd3b9f8fca8}, @exit], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7, @void, @value}, 0x94) ioctl$TUNSETLINK(r0, 0x400454cd, 0x20) unshare(0x800) 2.867411431s ago: executing program 3 (id=2199): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)={0x74, 0x0, 0x9, 0x5, 0x0, 0x0, {0xb, 0x0, 0x4}, [@NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0x6}, @NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0x3}, @NFCTH_NAME={0x9, 0x1, 'syz1\x00'}, @NFCTH_TUPLE={0x44, 0x2, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @local}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @local}}}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x4000000}, 0x20004010) socket$nl_audit(0x10, 0x3, 0x9) (async) r1 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_TRIM(r1, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x10, 0x3f6, 0x20, 0x70bd27, 0x25dfdbfc, "", ["", "", "", "", "", "", ""]}, 0x10}}, 0x20004000) (async) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x11, &(0x7f0000000000)=0x401, 0x4) (async) r3 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_FLUSH(r3, 0x29, 0xd1, &(0x7f0000000000)=0x9, 0x4) setsockopt$MRT6_ADD_MIF(r3, 0x29, 0xca, &(0x7f00000000c0)={0x0, 0x1, 0x6}, 0xc) (async) socket$inet_sctp(0x2, 0x5, 0x84) 2.7324064s ago: executing program 2 (id=2200): r0 = socket$key(0xf, 0x3, 0x2) getsockopt$sock_int(r0, 0x1, 0x1, 0x0, &(0x7f0000000080)) socket$kcm(0x29, 0x4, 0x0) r1 = socket(0x10, 0x803, 0x0) write(r1, &(0x7f0000000240)="aefc00001a0025f00385bc04fef7681d0a0b49ff708800008002280008020200ac0a1410bc71176a36ede498534108e58342fa94a235a2a441f9", 0x3a) 2.673338966s ago: executing program 2 (id=2201): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0241, 0x0) (async, rerun: 32) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) (rerun: 32) ioctl$FS_IOC_GETFSLABEL(r1, 0x400452c8, 0x0) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0xcbecfc439824f046, 0x0) (async) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'syzkaller1\x00', 0xc201}) (async) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000140)=ANY=[@ANYBLOB="617b8c000000000061134c0000000000bfa00000000000000705000008004ef02d3501000000000095000000000000006916000000000000bf67000000000000350605000fff07206706000004000000160302000ee60060bf500000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9d0cc7d3b4"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) connect$bt_l2cap(0xffffffffffffffff, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) (async) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r4 = openat$cgroup_procs(r3, &(0x7f0000000840)='tasks\x00', 0x2, 0x0) r5 = getpid() write$cgroup_pid(r4, &(0x7f00000000c0)=r5, 0x12) (async) r6 = socket$inet(0x2, 0x1, 0x0) shutdown(r6, 0x0) recvmmsg(r6, &(0x7f00000066c0), 0xa0d, 0x0, 0x0) (async) r7 = openat$cgroup_ro(r2, &(0x7f0000000380)='memory.stat\x00', 0x0, 0x0) (async) r8 = socket$inet6_sctp(0xa, 0x1, 0x84) sendfile(r8, r7, 0x0, 0x9c) (async) r9 = socket$kcm(0x2, 0xa, 0x2) (async, rerun: 64) mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x1000001, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0) (rerun: 64) unshare(0x400) (async) r10 = socket$inet(0xa, 0x801, 0x84) connect$inet(r10, &(0x7f0000000340)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) (async, rerun: 64) ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) (rerun: 64) r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0xffffffbd, 0x5, 0x0, @void, @value, @void, @value}, 0x2a) bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r11, &(0x7f0000000000), &(0x7f0000000040)=""/73, 0x2}, 0x70) (async) write$tun(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="034886dd09032800030020000000600000000004730081e949b93897bc3b0000000000007d01ff020000000000000000000000000001"], 0xfdef) 1.742615963s ago: executing program 4 (id=2202): unshare(0x20500) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="02000000020000000000faff", @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x10) setsockopt$inet6_IPV6_ADDRFORM(0xffffffffffffffff, 0x29, 0x1, &(0x7f00000005c0), 0x4) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xc, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="180000000000000000000000000000009500160000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='sched_wake_idle_without_ipi\x00'}, 0x18) r1 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r0}, 0x8) close(r1) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, r1, 0x0, 0x7, &(0x7f00000007c0)='cgroup\x00'}, 0x30) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005345c0f63cdc2e82818254950ee03568b8809a1f04c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab66c1aae9314d7381fcfeb970bea672010000000000000043144648a07a975bd89dc398712376610faa54f12495b4659be8673086f6f3543205d4bc4ce05b8b961103673dff7f158052e62bfbdcddde6985f3f1ac5d9a94cc53207899762a07282a1914452d11858e795a3ca30a101af5574f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5ed44039aab46419496362e54cfad05b4004ac71a003d7b85d07191bed4e5a8908263722d4146f7ed569985439baa355cf3d8731f5e7a237bc06d035a8d601f21746d880819f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c5b9f87d988c9fbd2b9d9b4e2d71753b1549fa734f0b2e5fcf9549804cddad721971637f9c9730a9cc384eed30345979db9c93e1c52f42cad0a4d4f9436d3f39b0ed09c395dc6e970366087a8e4daeeb1b017006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f710c490ecd085d2811a7555c53030000007f00000000bfa6478eb96b079c277e2910b7ccdc3d672ed34aa65278c549e2abb549ad954884289130bc71cee2b7de62bf48129ae1af052a2d46a6165eb0954dac7265f1f425735acf6377793946b3229e861d8ea49806b3b533345d36ecef9df700000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c000000aaae37f044bcadeb0f6846582b7653665aa336db9f0384d3c7ddf79c2e0000000000000000000000000000000000000000000000e154aa0d3e41986a668ee1e5ef93a8ceac75f44aae95e26742f895f287111f8ee86f7e3ffb63cfb0e345cf7fc63dd2b0d30977899c6f03640040af4db71f7452bfc79a05118d8bb42b63b195771e42f9942ec626bd4b5461b74324012164e8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000006c0)=ANY=[@ANYRES32=r3, @ANYRES32=r2, @ANYBLOB="e10d00", @ANYRES32, @ANYBLOB="96755d93855d57185354f73fb4206f9fe8826f0cb62b8ac310c3b515f562fcb80278667971b5cf09145a16d389814be03ef710f3ab72283ace1ec0362e9541087f3d1a2e53c03ae65ab00355836af822e12ccf976833bf30b0608e5ed0eb9c78ba64afd5afd2e2a239cbd29963fecc4ac6aa795bb1ca65dd61f78ff20680e0a23e8fbbe6ac249927451a242117604c72147d244ab6a663a21e2ae0", @ANYRES64=0x0], 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r4}, 0x3e) r5 = socket$alg(0x26, 0x5, 0x0) bind$alg(r5, &(0x7f0000000180)={0x26, 'rng\x00', 0x0, 0x0, 'stdrng\x00'}, 0x58) setsockopt$ALG_SET_KEY(r5, 0x117, 0x19, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$can_bcm(0x1d, 0x2, 0x2) socket$vsock_stream(0x28, 0x1, 0x0) socket$vsock_stream(0x28, 0x1, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000780), 0x0, 0x0) socket$packet(0x11, 0x3, 0x300) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='pids.current\x00', 0x275a, 0x0) mmap(&(0x7f00008b7000/0x4000)=nil, 0x4000, 0x0, 0xb4013, r6, 0x0) getpeername$packet(r6, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000200)=0x14) 172.191893ms ago: executing program 3 (id=2203): r0 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000001180)={0xffffffffffffffff}, 0x4) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000011c0)={r0, 0x18000000000002a0, 0xe, 0x0, &(0x7f00000002c0)="b9ff03076003008cb89e08f086dd", 0x0, 0x60, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) (async) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001240)={0x3, 0x5, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x61}, @call={0x85, 0x0, 0x0, 0x2a}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x0, 0x28, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000340)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) (async) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000001100)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f00000010c0)=0x10) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000001300), 0x424282, 0x0) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, &(0x7f0000000040)={r4, 0x6}, &(0x7f0000001140)=0x8) (async) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f0000000140), &(0x7f0000001080)=0x4) (async, rerun: 64) getsockopt$bt_hci(r2, 0x84, 0x7f, &(0x7f0000000080)=""/4057, &(0x7f0000000000)=0xfd9) (rerun: 64) 171.627625ms ago: executing program 0 (id=2204): r0 = socket$pppoe(0x18, 0x1, 0x0) ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r0, 0x80489439, &(0x7f0000000000)) socket$key(0xf, 0x3, 0x2) (async) r1 = socket$key(0xf, 0x3, 0x2) recvmmsg(r1, &(0x7f0000000440), 0x6f5, 0x2000000022, &(0x7f0000000480)={0x77359400}) (async) recvmmsg(r1, &(0x7f0000000440), 0x6f5, 0x2000000022, &(0x7f0000000480)={0x77359400}) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181000b00000000010000000000000e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x0) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x8050) 115.250823ms ago: executing program 3 (id=2205): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x28, 0x4, 0x6, 0x201, 0x0, 0x0, {0x3, 0x0, 0x9}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000080}, 0x0) r1 = accept(r0, &(0x7f0000000000)=@alg, &(0x7f0000000080)=0x80) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', 0x0}) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_PAUSE_GET(r4, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000080)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000001a0000000c00018008000100", @ANYRES32=r3], 0x20}}, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000001c0)={'syztnl1\x00', &(0x7f0000000100)={'gre0\x00', 0x0, 0x1, 0x40, 0x3, 0x7, {{0x9, 0x4, 0x3, 0x9, 0x24, 0x67, 0x0, 0x7f, 0x2f, 0x0, @remote, @remote, {[@timestamp={0x44, 0x10, 0x73, 0x0, 0x0, [0x7, 0x8001, 0x0]}]}}}}}) r7 = socket(0x10, 0x3, 0x0) r8 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r7, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=@newqdisc={0x38, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0xc, 0x2, [@TCA_HHF_EVICT_TIMEOUT={0x8, 0x6, 0xfffffffe}]}}]}, 0x38}}, 0x0) sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r1, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f00000002c0)={0x68, r5, 0x300, 0x70bd2b, 0x25dfdbfc, {}, [@ETHTOOL_A_PRIVFLAGS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netpci0\x00'}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}]}, 0x68}, 0x1, 0x0, 0x0, 0xed9850e3dcd8e75b}, 0x8884) 54.105402ms ago: executing program 1 (id=2206): r0 = socket$inet(0xa, 0x801, 0x84) connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket(0x2b, 0x80801, 0x1) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, 0x0, 0x0) listen(r0, 0x8) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000013c0)={0xffffffffffffffff, 0xe0, &(0x7f00000012c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000580)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x75, 0x8, 0x0, 0x0}}, 0x10) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x2, &(0x7f0000001c40)=ANY=[@ANYBLOB="85000000a800000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x13, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x66) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = socket$xdp(0x2c, 0x3, 0x0) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, 0x0) setsockopt$XDP_TX_RING(r3, 0x11b, 0x3, &(0x7f0000001780)=0x100000, 0x4) bind$xdp(r3, &(0x7f0000000240)={0x2c, 0x1}, 0x10) r5 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(0xffffffffffffffff, 0x0, 0x0) r6 = socket$inet_sctp(0x2, 0x5, 0x84) bind$inet(r5, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) setsockopt$inet_udp_encap(r5, 0x11, 0x64, &(0x7f0000000000)=0x2, 0x4) syz_emit_ethernet(0x37, &(0x7f0000000380)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x6, 0x4, 0x0, 0x0, 0x29, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast, {[@timestamp_prespec={0x44, 0x4, 0xc5, 0x3, 0xc}]}}, {0x0, 0x4e20, 0x11, 0x0, @opaque="5fb31c3f9a6150addd"}}}}}, 0x0) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYRES16=r6], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000024c0), &(0x7f0000001280), 0xffffffff, r7}, 0x38) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$netlink(r8, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000180)={0x10, 0x10, 0x509}, 0x10}], 0x1}, 0x0) r9 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$unix(r9, &(0x7f0000001840)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="c7", 0x1}], 0x1, 0x0, 0x0, 0x844}}], 0x1, 0x4000045) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r9, 0x84, 0x7b, &(0x7f00000003c0)={0x0, 0x1}, 0x8) 193.22µs ago: executing program 4 (id=2207): bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x20, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001}}, &(0x7f0000000040)='GPL\x00', 0x8, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400, @void, @value}, 0x94) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000100000000000000000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket(0x400000000010, 0x3, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000140)=@newtfilter={0x5c, 0x2c, 0xd27, 0x70bd2c, 0x8000, {0x0, 0x0, 0x0, r4, {0x5, 0xd}, {}, {0xb, 0x8}}, [@filter_kind_options=@f_flower={{0xb}, {0x2c, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS_MASK={0x10, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x1}]}]}, @TCA_FLOWER_KEY_ENC_OPTS={0x18, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x14, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x100c}]}]}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x80}, 0x20000000) unshare(0x6a040000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x20000090, 0x0, 0x0) unshare(0x36050000) r5 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @private1}], 0x1c) select(0x2a, 0x0, 0x0, 0x0, &(0x7f00000000c0)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10) r6 = socket$inet6_icmp(0xa, 0x2, 0x3a) getsockopt$IP6T_SO_GET_REVISION_TARGET(r6, 0x29, 0x45, &(0x7f00000001c0)={'icmp6\x00'}, &(0x7f0000000300)=0x1e) 0s ago: executing program 2 (id=2208): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001480)=ANY=[@ANYRES32=0x0], 0x48) bpf$MAP_UPDATE_ELEM(0x4, &(0x7f00000011c0)={r0, &(0x7f0000000200), 0x0}, 0x20) kernel console output (not intermixed with test programs): .278622][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 197.305794][ T3580] IPVS: stop unused estimator thread 0... [ 197.431674][T10470] ip6tnl2: entered allmulticast mode [ 197.580164][T10481] netlink: 'syz.4.1316': attribute type 10 has an invalid length. [ 197.588047][T10481] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1316'. [ 197.716328][T10481] veth0_vlan: left promiscuous mode [ 197.756423][T10481] veth0_vlan: entered promiscuous mode [ 197.810530][T10481] veth0_vlan: entered allmulticast mode [ 197.870674][T10481] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check. [ 197.895579][T10501] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1325'. [ 197.915399][T10505] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1324'. [ 197.946744][T10506] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1320'. [ 198.016921][T10506] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1320'. [ 198.023581][T10504] lo speed is unknown, defaulting to 1000 [ 198.088588][T10506] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1320'. [ 198.143273][T10506] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1320'. [ 198.159348][ T5840] Bluetooth: hci4: command 0x0405 tx timeout [ 198.220426][T10516] netlink: 'syz.2.1326': attribute type 1 has an invalid length. [ 198.264048][T10518] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1326'. [ 198.277207][T10512] team0: Unable to change to the same mode the team is in [ 198.318666][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 198.361932][T10504] lo speed is unknown, defaulting to 1000 [ 199.115124][T10560] openvswitch: netlink: Multiple metadata blocks provided [ 199.358661][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 199.383364][T10582] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 199.422226][T10577] team0: Unable to change to the same mode the team is in [ 199.921304][T10620] lo speed is unknown, defaulting to 1000 [ 200.399430][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 200.897451][T10661] xt_recent: hitcount (486539264) is larger than allowed maximum (65535) [ 201.040175][T10669] FAULT_INJECTION: forcing a failure. [ 201.040175][T10669] name failslab, interval 1, probability 0, space 0, times 0 [ 201.055469][T10669] CPU: 0 UID: 0 PID: 10669 Comm: syz.3.1370 Not tainted 6.14.0-rc4-syzkaller-00840-g56794b5862c5 #0 [ 201.055496][T10669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 201.055507][T10669] Call Trace: [ 201.055513][T10669] [ 201.055520][T10669] dump_stack_lvl+0x241/0x360 [ 201.055555][T10669] ? __pfx_dump_stack_lvl+0x10/0x10 [ 201.055572][T10669] ? __pfx__printk+0x10/0x10 [ 201.055590][T10669] ? kmem_cache_alloc_node_noprof+0x4f/0x380 [ 201.055613][T10669] ? __pfx___might_resched+0x10/0x10 [ 201.055638][T10669] should_fail_ex+0x40a/0x550 [ 201.055664][T10669] should_failslab+0xac/0x100 [ 201.055686][T10669] kmem_cache_alloc_node_noprof+0x77/0x380 [ 201.055706][T10669] ? __alloc_skb+0x1c3/0x440 [ 201.055731][T10669] __alloc_skb+0x1c3/0x440 [ 201.055763][T10669] ? __pfx___alloc_skb+0x10/0x10 [ 201.055786][T10669] ? netlink_autobind+0xd6/0x2f0 [ 201.055804][T10669] ? netlink_autobind+0x2b0/0x2f0 [ 201.055826][T10669] netlink_sendmsg+0x634/0xcb0 [ 201.055856][T10669] ? __pfx_netlink_sendmsg+0x10/0x10 [ 201.055879][T10669] ? aa_sock_msg_perm+0x91/0x160 [ 201.055907][T10669] ? __pfx_netlink_sendmsg+0x10/0x10 [ 201.055924][T10669] __sock_sendmsg+0x221/0x270 [ 201.055946][T10669] ____sys_sendmsg+0x53a/0x860 [ 201.055976][T10669] ? __pfx_____sys_sendmsg+0x10/0x10 [ 201.055996][T10669] ? __fget_files+0x2a/0x410 [ 201.056021][T10669] ? __fget_files+0x2a/0x410 [ 201.056049][T10669] __sys_sendmsg+0x269/0x350 [ 201.056077][T10669] ? __pfx___sys_sendmsg+0x10/0x10 [ 201.056111][T10669] ? do_sys_openat2+0x17a/0x1d0 [ 201.056157][T10669] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 201.056181][T10669] ? do_syscall_64+0x100/0x230 [ 201.056205][T10669] ? do_syscall_64+0xb6/0x230 [ 201.056230][T10669] do_syscall_64+0xf3/0x230 [ 201.056251][T10669] ? clear_bhb_loop+0x35/0x90 [ 201.056275][T10669] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 201.056295][T10669] RIP: 0033:0x7f6b1b78d169 [ 201.056313][T10669] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 201.056327][T10669] RSP: 002b:00007f6b1c5b0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 201.056352][T10669] RAX: ffffffffffffffda RBX: 00007f6b1b9a5fa0 RCX: 00007f6b1b78d169 [ 201.056364][T10669] RDX: 0000000000000084 RSI: 0000400000000040 RDI: 0000000000000003 [ 201.056374][T10669] RBP: 00007f6b1c5b0090 R08: 0000000000000000 R09: 0000000000000000 [ 201.056384][T10669] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 201.056394][T10669] R13: 0000000000000000 R14: 00007f6b1b9a5fa0 R15: 00007ffc412f5898 [ 201.056421][T10669] [ 201.340484][T10668] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 201.438673][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 201.469734][T10668] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 202.089152][T10697] x_tables: ip6_tables: recent.0 match: invalid size 216 (kernel) != (user) 232 [ 202.126136][T10697] __nla_validate_parse: 10 callbacks suppressed [ 202.126155][T10697] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1382'. [ 202.446826][T10720] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 202.467686][T10720] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 202.477555][T10720] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 202.487153][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 202.519560][T10720] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 202.567271][T10720] team0: Port device geneve0 removed [ 202.576893][T10725] team0: Unable to change to the same mode the team is in [ 202.592379][T10729] netlink: 'syz.3.1392': attribute type 3 has an invalid length. [ 202.612269][T10720] team0: Unable to change to the same mode the team is in [ 202.683364][T10724] bond2 (unregistering): Released all slaves [ 202.739219][T10741] netlink: 1284 bytes leftover after parsing attributes in process `syz.3.1394'. [ 202.869890][T10745] FAULT_INJECTION: forcing a failure. [ 202.869890][T10745] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 202.914285][T10745] CPU: 0 UID: 0 PID: 10745 Comm: syz.0.1395 Not tainted 6.14.0-rc4-syzkaller-00840-g56794b5862c5 #0 [ 202.914308][T10745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 202.914317][T10745] Call Trace: [ 202.914322][T10745] [ 202.914329][T10745] dump_stack_lvl+0x241/0x360 [ 202.914349][T10745] ? __pfx_dump_stack_lvl+0x10/0x10 [ 202.914362][T10745] ? __pfx__printk+0x10/0x10 [ 202.914376][T10745] ? __pfx_lock_release+0x10/0x10 [ 202.914400][T10745] should_fail_ex+0x40a/0x550 [ 202.914419][T10745] _copy_from_iter+0x1df/0x1c40 [ 202.914433][T10745] ? __virt_addr_valid+0x183/0x530 [ 202.914446][T10745] ? __pfx_lock_release+0x10/0x10 [ 202.914467][T10745] ? __alloc_skb+0x28f/0x440 [ 202.914483][T10745] ? __pfx__copy_from_iter+0x10/0x10 [ 202.914498][T10745] ? __virt_addr_valid+0x183/0x530 [ 202.914509][T10745] ? __virt_addr_valid+0x183/0x530 [ 202.914519][T10745] ? __virt_addr_valid+0x45f/0x530 [ 202.914531][T10745] ? __phys_addr_symbol+0x2f/0x70 [ 202.914548][T10745] ? __check_object_size+0x47a/0x730 [ 202.914568][T10745] netlink_sendmsg+0x742/0xcb0 [ 202.914591][T10745] ? __pfx_netlink_sendmsg+0x10/0x10 [ 202.914608][T10745] ? aa_sock_msg_perm+0x91/0x160 [ 202.914630][T10745] ? __pfx_netlink_sendmsg+0x10/0x10 [ 202.914643][T10745] __sock_sendmsg+0x221/0x270 [ 202.914671][T10745] ____sys_sendmsg+0x53a/0x860 [ 202.914695][T10745] ? __pfx_____sys_sendmsg+0x10/0x10 [ 202.914711][T10745] ? __fget_files+0x2a/0x410 [ 202.914730][T10745] ? __fget_files+0x2a/0x410 [ 202.914752][T10745] __sys_sendmsg+0x269/0x350 [ 202.914772][T10745] ? __pfx___sys_sendmsg+0x10/0x10 [ 202.914799][T10745] ? do_sys_openat2+0x17a/0x1d0 [ 202.914834][T10745] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 202.914852][T10745] ? do_syscall_64+0x100/0x230 [ 202.914872][T10745] ? do_syscall_64+0xb6/0x230 [ 202.914891][T10745] do_syscall_64+0xf3/0x230 [ 202.914908][T10745] ? clear_bhb_loop+0x35/0x90 [ 202.914930][T10745] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 202.914946][T10745] RIP: 0033:0x7f34e2d8d169 [ 202.914960][T10745] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 202.914970][T10745] RSP: 002b:00007f34e3c0a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 202.914985][T10745] RAX: ffffffffffffffda RBX: 00007f34e2fa5fa0 RCX: 00007f34e2d8d169 [ 202.914994][T10745] RDX: 0000000000000084 RSI: 0000400000000040 RDI: 0000000000000003 [ 202.915002][T10745] RBP: 00007f34e3c0a090 R08: 0000000000000000 R09: 0000000000000000 [ 202.915010][T10745] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 202.915018][T10745] R13: 0000000000000000 R14: 00007f34e2fa5fa0 R15: 00007ffe16779168 [ 202.915037][T10745] [ 202.932650][T10747] macvlan0: entered promiscuous mode [ 203.053349][T10754] IPVS: set_ctl: invalid protocol: 47 172.20.20.187:20003 [ 203.083344][T10755] xt_hashlimit: invalid rate [ 203.214568][T10747] macvlan0: left promiscuous mode [ 203.485698][T10771] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1403'. [ 203.522584][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 203.559018][T10771] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1403'. [ 203.588660][T10778] netlink: 1284 bytes leftover after parsing attributes in process `syz.3.1406'. [ 203.718869][ T5889] IPVS: starting estimator thread 0... [ 203.765822][T10786] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1409'. [ 203.769598][T10787] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1410'. [ 203.794007][T10786] unsupported nlmsg_type 40 [ 203.810541][T10786] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1409'. [ 203.818716][T10783] IPVS: using max 21 ests per chain, 50400 per kthread [ 203.837922][T10786] xt_hashlimit: size too large, truncated to 1048576 [ 204.162728][T10805] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1415'. [ 204.357151][T10812] netlink: 1284 bytes leftover after parsing attributes in process `syz.3.1418'. [ 204.468052][T10819] netlink: 'syz.2.1421': attribute type 2 has an invalid length. [ 204.527355][T10822] atomic_op ffff88807bf3e998 conn xmit_atomic 0000000000000000 [ 204.535653][T10824] openvswitch: netlink: nsh attribute has 65524 unknown bytes. [ 204.556463][T10824] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 204.565661][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 204.666700][T10828] FAULT_INJECTION: forcing a failure. [ 204.666700][T10828] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 204.695158][T10828] CPU: 1 UID: 0 PID: 10828 Comm: syz.4.1426 Not tainted 6.14.0-rc4-syzkaller-00840-g56794b5862c5 #0 [ 204.695185][T10828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 204.695195][T10828] Call Trace: [ 204.695201][T10828] [ 204.695209][T10828] dump_stack_lvl+0x241/0x360 [ 204.695234][T10828] ? __pfx_dump_stack_lvl+0x10/0x10 [ 204.695251][T10828] ? __pfx__printk+0x10/0x10 [ 204.695269][T10828] ? __pfx_lock_release+0x10/0x10 [ 204.695299][T10828] should_fail_ex+0x40a/0x550 [ 204.695325][T10828] _copy_from_user+0x2d/0xb0 [ 204.695345][T10828] copy_msghdr_from_user+0xae/0x680 [ 204.695369][T10828] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 204.695385][T10828] ? __fget_files+0x2a/0x410 [ 204.695409][T10828] ? __fget_files+0x2a/0x410 [ 204.695438][T10828] __sys_sendmsg+0x209/0x350 [ 204.695466][T10828] ? __pfx___sys_sendmsg+0x10/0x10 [ 204.695500][T10828] ? do_sys_openat2+0x17a/0x1d0 [ 204.695545][T10828] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 204.695580][T10828] ? do_syscall_64+0x100/0x230 [ 204.695605][T10828] ? do_syscall_64+0xb6/0x230 [ 204.695628][T10828] do_syscall_64+0xf3/0x230 [ 204.695649][T10828] ? clear_bhb_loop+0x35/0x90 [ 204.695673][T10828] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 204.695697][T10828] RIP: 0033:0x7f9c9d58d169 [ 204.695711][T10828] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 204.695725][T10828] RSP: 002b:00007f9c9e40f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 204.695743][T10828] RAX: ffffffffffffffda RBX: 00007f9c9d7a5fa0 RCX: 00007f9c9d58d169 [ 204.695756][T10828] RDX: 000000002000080c RSI: 00004000000002c0 RDI: 0000000000000003 [ 204.695766][T10828] RBP: 00007f9c9e40f090 R08: 0000000000000000 R09: 0000000000000000 [ 204.695777][T10828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 204.695787][T10828] R13: 0000000000000000 R14: 00007f9c9d7a5fa0 R15: 00007ffc7a6a3de8 [ 204.695812][T10828] [ 205.055378][T10841] syzkaller1: entered promiscuous mode [ 205.123828][T10841] syzkaller1: entered allmulticast mode [ 205.283462][T10854] tipc: Enabled bearer , priority 10 [ 205.387086][T10860] netlink: 'syz.1.1438': attribute type 10 has an invalid length. [ 205.523314][T10866] team0: Unable to change to the same mode the team is in [ 205.598665][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 205.806109][T10879] ip6tnl1: entered allmulticast mode [ 205.929586][T10878] netlink: 'syz.0.1444': attribute type 10 has an invalid length. [ 205.947901][T10878] veth0_vlan: left promiscuous mode [ 205.978678][T10878] veth0_vlan: entered promiscuous mode [ 205.994069][T10878] veth0_vlan: entered allmulticast mode [ 206.025574][T10878] bridge0: port 1(veth0_vlan) entered blocking state [ 206.075681][T10878] bridge0: port 1(veth0_vlan) entered disabled state [ 206.101887][T10878] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check. [ 206.136758][T10894] FAULT_INJECTION: forcing a failure. [ 206.136758][T10894] name failslab, interval 1, probability 0, space 0, times 0 [ 206.159441][T10894] CPU: 1 UID: 0 PID: 10894 Comm: syz.3.1452 Not tainted 6.14.0-rc4-syzkaller-00840-g56794b5862c5 #0 [ 206.159466][T10894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 206.159476][T10894] Call Trace: [ 206.159481][T10894] [ 206.159489][T10894] dump_stack_lvl+0x241/0x360 [ 206.159512][T10894] ? __pfx_dump_stack_lvl+0x10/0x10 [ 206.159527][T10894] ? __pfx__printk+0x10/0x10 [ 206.159545][T10894] ? __kmalloc_cache_noprof+0x48/0x390 [ 206.159567][T10894] ? __pfx___might_resched+0x10/0x10 [ 206.159589][T10894] should_fail_ex+0x40a/0x550 [ 206.159611][T10894] should_failslab+0xac/0x100 [ 206.159633][T10894] __kmalloc_cache_noprof+0x70/0x390 [ 206.159659][T10894] ? hash_net_create+0x2fa/0x1040 [ 206.159683][T10894] hash_net_create+0x2fa/0x1040 [ 206.159707][T10894] ? __pfx_hash_net_create+0x10/0x10 [ 206.159725][T10894] ip_set_create+0xa78/0x1960 [ 206.159750][T10894] ? ip_set_create+0x48a/0x1960 [ 206.159776][T10894] ? __pfx_ip_set_create+0x10/0x10 [ 206.159829][T10894] ? nfnetlink_rcv_msg+0x225/0x1180 [ 206.159852][T10894] nfnetlink_rcv_msg+0xbec/0x1180 [ 206.159873][T10894] ? nfnetlink_rcv_msg+0x225/0x1180 [ 206.159917][T10894] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 206.159985][T10894] netlink_rcv_skb+0x206/0x480 [ 206.160005][T10894] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 206.160029][T10894] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 206.160060][T10894] ? apparmor_capable+0x13b/0x1b0 [ 206.160081][T10894] ? bpf_lsm_capable+0x9/0x10 [ 206.160102][T10894] ? security_capable+0x7e/0x2d0 [ 206.160130][T10894] nfnetlink_rcv+0x297/0x2ab0 [ 206.160152][T10894] ? __pfx_validate_chain+0x10/0x10 [ 206.160183][T10894] ? mark_lock+0x9a/0x360 [ 206.160197][T10894] ? __pfx_validate_chain+0x10/0x10 [ 206.160218][T10894] ? __lock_acquire+0x1397/0x2100 [ 206.160246][T10894] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 206.160273][T10894] ? mark_lock+0x9a/0x360 [ 206.160292][T10894] ? __lock_acquire+0x1397/0x2100 [ 206.160345][T10894] ? __pfx_lock_release+0x10/0x10 [ 206.160367][T10894] ? netlink_deliver_tap+0x2e/0x1b0 [ 206.160386][T10894] ? __pfx_lock_release+0x10/0x10 [ 206.160421][T10894] ? netlink_deliver_tap+0x2e/0x1b0 [ 206.160442][T10894] netlink_unicast+0x7f6/0x990 [ 206.160468][T10894] ? __pfx_netlink_unicast+0x10/0x10 [ 206.160482][T10894] ? __virt_addr_valid+0x45f/0x530 [ 206.160499][T10894] ? __phys_addr_symbol+0x2f/0x70 [ 206.160521][T10894] ? __check_object_size+0x47a/0x730 [ 206.160546][T10894] netlink_sendmsg+0x8de/0xcb0 [ 206.160576][T10894] ? __pfx_netlink_sendmsg+0x10/0x10 [ 206.160598][T10894] ? aa_sock_msg_perm+0x91/0x160 [ 206.160625][T10894] ? __pfx_netlink_sendmsg+0x10/0x10 [ 206.160647][T10894] __sock_sendmsg+0x221/0x270 [ 206.160670][T10894] ____sys_sendmsg+0x53a/0x860 [ 206.160701][T10894] ? __pfx_____sys_sendmsg+0x10/0x10 [ 206.160721][T10894] ? __fget_files+0x2a/0x410 [ 206.160746][T10894] ? __fget_files+0x2a/0x410 [ 206.160776][T10894] __sys_sendmsg+0x269/0x350 [ 206.160804][T10894] ? __pfx___sys_sendmsg+0x10/0x10 [ 206.160841][T10894] ? do_sys_openat2+0x17a/0x1d0 [ 206.160889][T10894] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 206.160913][T10894] ? do_syscall_64+0x100/0x230 [ 206.160939][T10894] ? do_syscall_64+0xb6/0x230 [ 206.160963][T10894] do_syscall_64+0xf3/0x230 [ 206.160983][T10894] ? clear_bhb_loop+0x35/0x90 [ 206.161008][T10894] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 206.161029][T10894] RIP: 0033:0x7f6b1b78d169 [ 206.161044][T10894] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 206.161059][T10894] RSP: 002b:00007f6b1c5b0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 206.161077][T10894] RAX: ffffffffffffffda RBX: 00007f6b1b9a5fa0 RCX: 00007f6b1b78d169 [ 206.161088][T10894] RDX: 0000000000000084 RSI: 0000400000000040 RDI: 0000000000000003 [ 206.161099][T10894] RBP: 00007f6b1c5b0090 R08: 0000000000000000 R09: 0000000000000000 [ 206.161109][T10894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 206.161119][T10894] R13: 0000000000000000 R14: 00007f6b1b9a5fa0 R15: 00007ffc412f5898 [ 206.161146][T10894] [ 206.578964][T10901] x_tables: duplicate underflow at hook 3 [ 206.638596][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 206.641495][T10901] bridge0 (unregistering): left promiscuous mode [ 206.714126][T10889] lo speed is unknown, defaulting to 1000 [ 206.848880][T10889] lo speed is unknown, defaulting to 1000 [ 207.046922][T10916] netlink: 'syz.2.1459': attribute type 2 has an invalid length. [ 207.058541][T10916] netlink: 'syz.2.1459': attribute type 9 has an invalid length. [ 207.181297][T10912] team0: Unable to change to the same mode the team is in [ 207.276759][T10929] __nla_validate_parse: 13 callbacks suppressed [ 207.276778][T10929] netlink: 1284 bytes leftover after parsing attributes in process `syz.1.1461'. [ 207.364065][T10930] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1462'. [ 207.449078][T10934] FAULT_INJECTION: forcing a failure. [ 207.449078][T10934] name failslab, interval 1, probability 0, space 0, times 0 [ 207.474553][T10934] CPU: 0 UID: 0 PID: 10934 Comm: syz.1.1464 Not tainted 6.14.0-rc4-syzkaller-00840-g56794b5862c5 #0 [ 207.474581][T10934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 207.474591][T10934] Call Trace: [ 207.474598][T10934] [ 207.474607][T10934] dump_stack_lvl+0x241/0x360 [ 207.474633][T10934] ? __pfx_dump_stack_lvl+0x10/0x10 [ 207.474651][T10934] ? __pfx__printk+0x10/0x10 [ 207.474670][T10934] ? __kmalloc_cache_node_noprof+0x47/0x3a0 [ 207.474693][T10934] ? __pfx___might_resched+0x10/0x10 [ 207.474719][T10934] should_fail_ex+0x40a/0x550 [ 207.474745][T10934] should_failslab+0xac/0x100 [ 207.474767][T10934] ? __get_vm_area_node+0x132/0x2d0 [ 207.474787][T10934] __kmalloc_cache_node_noprof+0x6f/0x3a0 [ 207.474808][T10934] ? kasan_save_track+0x3f/0x80 [ 207.474823][T10934] ? __kasan_kmalloc+0x98/0xb0 [ 207.474844][T10934] __get_vm_area_node+0x132/0x2d0 [ 207.474871][T10934] __vmalloc_node_range_noprof+0x344/0x1380 [ 207.474895][T10934] ? hash_net_create+0x356/0x1040 [ 207.474912][T10934] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 207.474948][T10934] ? __kasan_kmalloc_large+0x1a/0xa0 [ 207.474970][T10934] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 207.474995][T10934] ? rcu_is_watching+0x15/0xb0 [ 207.475013][T10934] ? trace_kmalloc+0x1f/0xd0 [ 207.475031][T10934] ? __kmalloc_node_noprof+0x2ad/0x4d0 [ 207.475050][T10934] ? __kvmalloc_node_noprof+0x72/0x190 [ 207.475077][T10934] __kvmalloc_node_noprof+0x142/0x190 [ 207.475100][T10934] ? hash_net_create+0x356/0x1040 [ 207.475117][T10934] hash_net_create+0x356/0x1040 [ 207.475145][T10934] ? __pfx_hash_net_create+0x10/0x10 [ 207.475162][T10934] ip_set_create+0xa78/0x1960 [ 207.475187][T10934] ? ip_set_create+0x48a/0x1960 [ 207.475213][T10934] ? __pfx_ip_set_create+0x10/0x10 [ 207.475266][T10934] ? nfnetlink_rcv_msg+0x225/0x1180 [ 207.475289][T10934] nfnetlink_rcv_msg+0xbec/0x1180 [ 207.475311][T10934] ? nfnetlink_rcv_msg+0x225/0x1180 [ 207.475360][T10934] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 207.475429][T10934] netlink_rcv_skb+0x206/0x480 [ 207.475449][T10934] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 207.475473][T10934] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 207.475505][T10934] ? apparmor_capable+0x13b/0x1b0 [ 207.475525][T10934] ? bpf_lsm_capable+0x9/0x10 [ 207.475549][T10934] ? security_capable+0x7e/0x2d0 [ 207.475578][T10934] nfnetlink_rcv+0x297/0x2ab0 [ 207.475598][T10934] ? __pfx_validate_chain+0x10/0x10 [ 207.475630][T10934] ? mark_lock+0x9a/0x360 [ 207.475644][T10934] ? __pfx_validate_chain+0x10/0x10 [ 207.475664][T10934] ? __lock_acquire+0x1397/0x2100 [ 207.475693][T10934] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 207.475719][T10934] ? mark_lock+0x9a/0x360 [ 207.475739][T10934] ? __lock_acquire+0x1397/0x2100 [ 207.475792][T10934] ? __pfx_lock_release+0x10/0x10 [ 207.475814][T10934] ? netlink_deliver_tap+0x2e/0x1b0 [ 207.475833][T10934] ? __pfx_lock_release+0x10/0x10 [ 207.475868][T10934] ? netlink_deliver_tap+0x2e/0x1b0 [ 207.475889][T10934] netlink_unicast+0x7f6/0x990 [ 207.475915][T10934] ? __pfx_netlink_unicast+0x10/0x10 [ 207.475929][T10934] ? __virt_addr_valid+0x45f/0x530 [ 207.475945][T10934] ? __phys_addr_symbol+0x2f/0x70 [ 207.475967][T10934] ? __check_object_size+0x47a/0x730 [ 207.475993][T10934] netlink_sendmsg+0x8de/0xcb0 [ 207.476023][T10934] ? __pfx_netlink_sendmsg+0x10/0x10 [ 207.476046][T10934] ? aa_sock_msg_perm+0x91/0x160 [ 207.476074][T10934] ? __pfx_netlink_sendmsg+0x10/0x10 [ 207.476090][T10934] __sock_sendmsg+0x221/0x270 [ 207.476113][T10934] ____sys_sendmsg+0x53a/0x860 [ 207.476144][T10934] ? __pfx_____sys_sendmsg+0x10/0x10 [ 207.476165][T10934] ? __fget_files+0x2a/0x410 [ 207.476190][T10934] ? __fget_files+0x2a/0x410 [ 207.476220][T10934] __sys_sendmsg+0x269/0x350 [ 207.476248][T10934] ? __pfx___sys_sendmsg+0x10/0x10 [ 207.476284][T10934] ? do_sys_openat2+0x17a/0x1d0 [ 207.476332][T10934] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 207.476365][T10934] ? do_syscall_64+0x100/0x230 [ 207.476392][T10934] ? do_syscall_64+0xb6/0x230 [ 207.476416][T10934] do_syscall_64+0xf3/0x230 [ 207.476438][T10934] ? clear_bhb_loop+0x35/0x90 [ 207.476462][T10934] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 207.476483][T10934] RIP: 0033:0x7f245e58d169 [ 207.476498][T10934] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 207.476512][T10934] RSP: 002b:00007f245f4d2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 207.476531][T10934] RAX: ffffffffffffffda RBX: 00007f245e7a5fa0 RCX: 00007f245e58d169 [ 207.476543][T10934] RDX: 0000000000000084 RSI: 0000400000000040 RDI: 0000000000000003 [ 207.476553][T10934] RBP: 00007f245f4d2090 R08: 0000000000000000 R09: 0000000000000000 [ 207.476564][T10934] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 207.476573][T10934] R13: 0000000000000000 R14: 00007f245e7a5fa0 R15: 00007ffee19cf578 [ 207.476600][T10934] [ 207.678770][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 207.683623][T10934] syz.1.1464: vmalloc error: size 33554456, vm_struct allocation failed, mode:0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 208.029356][T10934] CPU: 0 UID: 0 PID: 10934 Comm: syz.1.1464 Not tainted 6.14.0-rc4-syzkaller-00840-g56794b5862c5 #0 [ 208.029386][T10934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 208.029397][T10934] Call Trace: [ 208.029403][T10934] [ 208.029410][T10934] dump_stack_lvl+0x241/0x360 [ 208.029435][T10934] ? __pfx_dump_stack_lvl+0x10/0x10 [ 208.029453][T10934] ? __pfx__printk+0x10/0x10 [ 208.029474][T10934] ? cpuset_print_current_mems_allowed+0x1f/0x350 [ 208.029495][T10934] ? cpuset_print_current_mems_allowed+0x31e/0x350 [ 208.029518][T10934] warn_alloc+0x278/0x410 [ 208.029538][T10934] ? __pfx_warn_alloc+0x10/0x10 [ 208.029550][T10934] ? __kasan_kmalloc+0x23/0xb0 [ 208.029569][T10934] ? __kmalloc_cache_node_noprof+0x25d/0x3a0 [ 208.029595][T10934] ? __get_vm_area_node+0x280/0x2d0 [ 208.029622][T10934] __vmalloc_node_range_noprof+0x369/0x1380 [ 208.029644][T10934] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 208.029676][T10934] ? __kasan_kmalloc_large+0x1a/0xa0 [ 208.029695][T10934] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 208.029718][T10934] ? rcu_is_watching+0x15/0xb0 [ 208.029735][T10934] ? trace_kmalloc+0x1f/0xd0 [ 208.029753][T10934] ? __kmalloc_node_noprof+0x2ad/0x4d0 [ 208.029771][T10934] ? __kvmalloc_node_noprof+0x72/0x190 [ 208.029794][T10934] __kvmalloc_node_noprof+0x142/0x190 [ 208.029814][T10934] ? hash_net_create+0x356/0x1040 [ 208.029830][T10934] hash_net_create+0x356/0x1040 [ 208.029854][T10934] ? __pfx_hash_net_create+0x10/0x10 [ 208.029870][T10934] ip_set_create+0xa78/0x1960 [ 208.029892][T10934] ? ip_set_create+0x48a/0x1960 [ 208.029916][T10934] ? __pfx_ip_set_create+0x10/0x10 [ 208.029963][T10934] ? nfnetlink_rcv_msg+0x225/0x1180 [ 208.029984][T10934] nfnetlink_rcv_msg+0xbec/0x1180 [ 208.030004][T10934] ? nfnetlink_rcv_msg+0x225/0x1180 [ 208.030042][T10934] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 208.030102][T10934] netlink_rcv_skb+0x206/0x480 [ 208.030122][T10934] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 208.030143][T10934] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 208.030173][T10934] ? apparmor_capable+0x13b/0x1b0 [ 208.030194][T10934] ? bpf_lsm_capable+0x9/0x10 [ 208.030215][T10934] ? security_capable+0x7e/0x2d0 [ 208.030241][T10934] nfnetlink_rcv+0x297/0x2ab0 [ 208.030261][T10934] ? __pfx_validate_chain+0x10/0x10 [ 208.030292][T10934] ? mark_lock+0x9a/0x360 [ 208.030315][T10934] ? __pfx_validate_chain+0x10/0x10 [ 208.030333][T10934] ? __lock_acquire+0x1397/0x2100 [ 208.030359][T10934] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 208.030384][T10934] ? mark_lock+0x9a/0x360 [ 208.030400][T10934] ? __lock_acquire+0x1397/0x2100 [ 208.030449][T10934] ? __pfx_lock_release+0x10/0x10 [ 208.030470][T10934] ? netlink_deliver_tap+0x2e/0x1b0 [ 208.030484][T10934] ? __pfx_lock_release+0x10/0x10 [ 208.030517][T10934] ? netlink_deliver_tap+0x2e/0x1b0 [ 208.030535][T10934] netlink_unicast+0x7f6/0x990 [ 208.030557][T10934] ? __pfx_netlink_unicast+0x10/0x10 [ 208.030571][T10934] ? __virt_addr_valid+0x45f/0x530 [ 208.030586][T10934] ? __phys_addr_symbol+0x2f/0x70 [ 208.030606][T10934] ? __check_object_size+0x47a/0x730 [ 208.030630][T10934] netlink_sendmsg+0x8de/0xcb0 [ 208.030655][T10934] ? __pfx_netlink_sendmsg+0x10/0x10 [ 208.030673][T10934] ? aa_sock_msg_perm+0x91/0x160 [ 208.030695][T10934] ? __pfx_netlink_sendmsg+0x10/0x10 [ 208.030708][T10934] __sock_sendmsg+0x221/0x270 [ 208.030726][T10934] ____sys_sendmsg+0x53a/0x860 [ 208.030751][T10934] ? __pfx_____sys_sendmsg+0x10/0x10 [ 208.030767][T10934] ? __fget_files+0x2a/0x410 [ 208.030787][T10934] ? __fget_files+0x2a/0x410 [ 208.030809][T10934] __sys_sendmsg+0x269/0x350 [ 208.030832][T10934] ? __pfx___sys_sendmsg+0x10/0x10 [ 208.030859][T10934] ? do_sys_openat2+0x17a/0x1d0 [ 208.030895][T10934] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 208.030913][T10934] ? do_syscall_64+0x100/0x230 [ 208.030934][T10934] ? do_syscall_64+0xb6/0x230 [ 208.030953][T10934] do_syscall_64+0xf3/0x230 [ 208.030970][T10934] ? clear_bhb_loop+0x35/0x90 [ 208.030990][T10934] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 208.031009][T10934] RIP: 0033:0x7f245e58d169 [ 208.031022][T10934] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 208.031034][T10934] RSP: 002b:00007f245f4d2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 208.031049][T10934] RAX: ffffffffffffffda RBX: 00007f245e7a5fa0 RCX: 00007f245e58d169 [ 208.031059][T10934] RDX: 0000000000000084 RSI: 0000400000000040 RDI: 0000000000000003 [ 208.031067][T10934] RBP: 00007f245f4d2090 R08: 0000000000000000 R09: 0000000000000000 [ 208.031075][T10934] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 208.031083][T10934] R13: 0000000000000000 R14: 00007f245e7a5fa0 R15: 00007ffee19cf578 [ 208.031104][T10934] [ 208.031114][T10934] Mem-Info: [ 208.496783][T10934] active_anon:4141 inactive_anon:0 isolated_anon:0 [ 208.496783][T10934] active_file:1755 inactive_file:38359 isolated_file:0 [ 208.496783][T10934] unevictable:768 dirty:280 writeback:0 [ 208.496783][T10934] slab_reclaimable:10998 slab_unreclaimable:107013 [ 208.496783][T10934] mapped:29783 shmem:1489 pagetables:765 [ 208.496783][T10934] sec_pagetables:0 bounce:0 [ 208.496783][T10934] kernel_misc_reclaimable:0 [ 208.496783][T10934] free:1291196 free_pcp:395 free_cma:0 [ 208.600194][T10943] gtp0: entered promiscuous mode [ 208.629696][T10934] Node 0 active_anon:16360kB inactive_anon:0kB active_file:7020kB inactive_file:153356kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:119144kB dirty:1120kB writeback:0kB shmem:4224kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11840kB pagetables:3156kB sec_pagetables:0kB all_unreclaimable? no [ 208.663786][T10934] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:80kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 208.704840][T10934] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 208.732147][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 208.747780][T10934] lowmem_reserve[]: 0 2490 2490 0 0 [ 208.753343][T10934] Node 0 DMA32 free:1229688kB boost:0kB min:34168kB low:42708kB high:51248kB reserved_highatomic:0KB active_anon:16324kB inactive_anon:0kB active_file:7020kB inactive_file:153028kB unevictable:1536kB writepending:1120kB present:3129332kB managed:2549820kB mlocked:0kB bounce:0kB free_pcp:2640kB local_pcp:872kB free_cma:0kB [ 208.797754][T10934] lowmem_reserve[]: 0 0 0 0 0 [ 208.803906][T10934] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:328kB unevictable:0kB writepending:0kB present:1048580kB managed:364kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 208.838140][T10934] lowmem_reserve[]: 0 0 0 0 0 [ 208.843136][T10934] Node 1 Normal free:3909712kB boost:0kB min:55728kB low:69660kB high:83592kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:80kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB [ 208.879169][T10934] lowmem_reserve[]: 0 0 0 0 0 [ 208.884541][T10934] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 208.903361][T10934] Node 0 DMA32: 172*4kB (UME) 381*8kB (UME) 282*16kB (UME) 177*32kB (UME) 106*64kB (ME) 89*128kB (UME) 70*256kB (UM) 44*512kB (UME) 26*1024kB (UME) 11*2048kB (UM) 270*4096kB (UM) = 1227608kB [ 208.930240][T10934] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 208.955702][T10934] Node 1 Normal: 200*4kB (UME) 44*8kB (UME) 41*16kB (UME) 184*32kB (UME) 93*64kB (UME) 40*128kB (UME) 21*256kB (UME) 9*512kB (UM) 2*1024kB (ME) 2*2048kB (UE) 946*4096kB (M) = 3909712kB [ 208.980798][T10944] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 208.988968][ T974] IPVS: starting estimator thread 0... [ 208.992059][T10944] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 209.005271][T10934] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 209.021437][T10934] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 209.030936][T10934] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 209.031059][T10934] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 209.031075][T10934] 41554 total pagecache pages [ 209.031084][T10934] 0 pages in swap cache [ 209.031092][T10934] Free swap = 124996kB [ 209.031100][T10934] Total swap = 124996kB [ 209.031110][T10934] 2097051 pages RAM [ 209.031118][T10934] 0 pages HighMem/MovableOnly [ 209.031127][T10934] 427874 pages reserved [ 209.031135][T10934] 0 pages cma reserved [ 209.088816][T10957] IPVS: using max 23 ests per chain, 55200 per kthread [ 209.281027][T10960] netlink: 1284 bytes leftover after parsing attributes in process `syz.0.1471'. [ 209.366394][T10963] netlink: 88 bytes leftover after parsing attributes in process `syz.1.1472'. [ 209.389349][T10965] netlink: 'syz.2.1473': attribute type 10 has an invalid length. [ 209.405485][T10963] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1472'. [ 209.444877][T10965] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 209.502377][T10972] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1475'. [ 209.524057][T10972] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1475'. [ 209.594998][T10975] lo speed is unknown, defaulting to 1000 [ 209.758630][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 209.770295][T10977] netlink: 'syz.4.1476': attribute type 10 has an invalid length. [ 209.792693][T10977] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 209.911919][T10975] lo speed is unknown, defaulting to 1000 [ 210.033054][T10998] atomic_op ffff88805f9c9198 conn xmit_atomic 0000000000000000 [ 210.054488][T11002] netlink: 1284 bytes leftover after parsing attributes in process `syz.0.1485'. [ 210.165816][T10998] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1483'. [ 210.279005][T11010] netlink: 88 bytes leftover after parsing attributes in process `syz.0.1488'. [ 210.798619][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 210.891385][T11043] x_tables: duplicate underflow at hook 3 [ 211.838623][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 212.442676][T11087] x_tables: duplicate underflow at hook 1 [ 212.572768][T11099] __nla_validate_parse: 8 callbacks suppressed [ 212.572789][T11099] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1519'. [ 212.653158][T11104] lo speed is unknown, defaulting to 1000 [ 212.861857][T11122] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1523'. [ 212.878623][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 212.908348][T11127] netlink: 1284 bytes leftover after parsing attributes in process `syz.4.1526'. [ 212.995656][T11129] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1528'. [ 213.061828][T11104] lo speed is unknown, defaulting to 1000 [ 213.127885][T11135] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1531'. [ 213.159305][T11135] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1531'. [ 213.368630][T11144] lo speed is unknown, defaulting to 1000 [ 213.502195][T11162] netlink: 1284 bytes leftover after parsing attributes in process `syz.3.1538'. [ 213.516261][T11162] openvswitch: netlink: EtherType 0 is less than min 600 [ 213.643607][T11144] lo speed is unknown, defaulting to 1000 [ 213.769753][T11175] unknown channel width for channel at 909000KHz? [ 213.928604][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 213.951630][T11183] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1544'. [ 214.257980][T11192] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1549'. [ 214.286890][T11192] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1549'. [ 214.318100][T11192] netlink: 'syz.2.1549': attribute type 12 has an invalid length. [ 214.339055][T11192] netlink: 'syz.2.1549': attribute type 11 has an invalid length. [ 214.958698][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 215.022587][T11222] team0: Unable to change to the same mode the team is in [ 215.263833][T11235] team0: Unable to change to the same mode the team is in [ 215.746304][T11270] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 19996 - 0 [ 215.758383][T11270] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 19996 - 0 [ 215.775902][T11270] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 19996 - 0 [ 215.797013][T11270] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 19996 - 0 [ 215.800550][T11273] FAULT_INJECTION: forcing a failure. [ 215.800550][T11273] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 215.805874][T11270] geneve3: entered allmulticast mode [ 215.849722][T11273] CPU: 1 UID: 0 PID: 11273 Comm: syz.0.1581 Not tainted 6.14.0-rc4-syzkaller-00840-g56794b5862c5 #0 [ 215.849747][T11273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 215.849756][T11273] Call Trace: [ 215.849762][T11273] [ 215.849769][T11273] dump_stack_lvl+0x241/0x360 [ 215.849793][T11273] ? __pfx_dump_stack_lvl+0x10/0x10 [ 215.849809][T11273] ? __pfx__printk+0x10/0x10 [ 215.849827][T11273] ? __pfx_lock_release+0x10/0x10 [ 215.849855][T11273] should_fail_ex+0x40a/0x550 [ 215.849879][T11273] _copy_from_user+0x2d/0xb0 [ 215.849898][T11273] __sys_bpf+0x1be/0x820 [ 215.849919][T11273] ? __pfx___sys_bpf+0x10/0x10 [ 215.849949][T11273] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 215.849972][T11273] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 215.849994][T11273] ? do_syscall_64+0x100/0x230 [ 215.850026][T11273] __x64_sys_bpf+0x7c/0x90 [ 215.850044][T11273] do_syscall_64+0xf3/0x230 [ 215.850064][T11273] ? clear_bhb_loop+0x35/0x90 [ 215.850087][T11273] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 215.850106][T11273] RIP: 0033:0x7f34e2d8d169 [ 215.850120][T11273] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 215.850133][T11273] RSP: 002b:00007f34e3c0a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 215.850149][T11273] RAX: ffffffffffffffda RBX: 00007f34e2fa5fa0 RCX: 00007f34e2d8d169 [ 215.850160][T11273] RDX: 000000000000004c RSI: 0000400000000240 RDI: 000000000000000a [ 215.850170][T11273] RBP: 00007f34e3c0a090 R08: 0000000000000000 R09: 0000000000000000 [ 215.850179][T11273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 215.850189][T11273] R13: 0000000000000000 R14: 00007f34e2fa5fa0 R15: 00007ffe16779168 [ 215.850216][T11273] [ 216.035629][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 216.049277][T11268] team0: Unable to change to the same mode the team is in [ 216.406150][T11291] lo speed is unknown, defaulting to 1000 [ 216.717250][T11305] team0: Unable to change to the same mode the team is in [ 216.877808][T11291] lo speed is unknown, defaulting to 1000 [ 216.991799][T11322] FAULT_INJECTION: forcing a failure. [ 216.991799][T11322] name failslab, interval 1, probability 0, space 0, times 0 [ 217.038619][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 217.045800][T11322] CPU: 0 UID: 0 PID: 11322 Comm: syz.3.1596 Not tainted 6.14.0-rc4-syzkaller-00840-g56794b5862c5 #0 [ 217.045826][T11322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 217.045836][T11322] Call Trace: [ 217.045842][T11322] [ 217.045849][T11322] dump_stack_lvl+0x241/0x360 [ 217.045873][T11322] ? __pfx_dump_stack_lvl+0x10/0x10 [ 217.045887][T11322] ? __pfx__printk+0x10/0x10 [ 217.045903][T11322] ? __kmalloc_noprof+0xb5/0x4c0 [ 217.045924][T11322] ? __pfx___might_resched+0x10/0x10 [ 217.045947][T11322] should_fail_ex+0x40a/0x550 [ 217.045972][T11322] should_failslab+0xac/0x100 [ 217.045992][T11322] __kmalloc_noprof+0xdd/0x4c0 [ 217.046009][T11322] ? bpf_test_init+0xc3/0x160 [ 217.046028][T11322] bpf_test_init+0xc3/0x160 [ 217.046046][T11322] bpf_prog_test_run_skb+0x2bb/0x1830 [ 217.046061][T11322] ? __pfx_lock_release+0x10/0x10 [ 217.046089][T11322] ? __pfx___might_resched+0x10/0x10 [ 217.046112][T11322] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 217.046125][T11322] ? __fget_files+0x2a/0x410 [ 217.046147][T11322] ? fput+0x21b/0x290 [ 217.046163][T11322] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 217.046177][T11322] bpf_prog_test_run+0x2e4/0x360 [ 217.046198][T11322] __sys_bpf+0x487/0x820 [ 217.046215][T11322] ? __pfx___sys_bpf+0x10/0x10 [ 217.046237][T11322] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 217.046256][T11322] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 217.046277][T11322] ? do_syscall_64+0x100/0x230 [ 217.046299][T11322] __x64_sys_bpf+0x7c/0x90 [ 217.046318][T11322] do_syscall_64+0xf3/0x230 [ 217.046337][T11322] ? clear_bhb_loop+0x35/0x90 [ 217.046359][T11322] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 217.046379][T11322] RIP: 0033:0x7f6b1b78d169 [ 217.046394][T11322] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 217.046409][T11322] RSP: 002b:00007f6b1c5b0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 217.046427][T11322] RAX: ffffffffffffffda RBX: 00007f6b1b9a5fa0 RCX: 00007f6b1b78d169 [ 217.046438][T11322] RDX: 000000000000004c RSI: 0000400000000240 RDI: 000000000000000a [ 217.046449][T11322] RBP: 00007f6b1c5b0090 R08: 0000000000000000 R09: 0000000000000000 [ 217.046460][T11322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 217.046470][T11322] R13: 0000000000000000 R14: 00007f6b1b9a5fa0 R15: 00007ffc412f5898 [ 217.046496][T11322] [ 217.057283][T11323] 8021q: adding VLAN 0 to HW filter on device bond5 [ 217.477763][T11338] netlink: 'syz.3.1600': attribute type 10 has an invalid length. [ 217.742575][T11346] __nla_validate_parse: 12 callbacks suppressed [ 217.742595][T11346] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1603'. [ 217.763418][T11347] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1602'. [ 217.970969][T11351] pimreg: entered allmulticast mode [ 218.065947][T11351] pimreg: left allmulticast mode [ 218.078613][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 218.199957][T11362] FAULT_INJECTION: forcing a failure. [ 218.199957][T11362] name failslab, interval 1, probability 0, space 0, times 0 [ 218.238780][T11362] CPU: 1 UID: 0 PID: 11362 Comm: syz.4.1610 Not tainted 6.14.0-rc4-syzkaller-00840-g56794b5862c5 #0 [ 218.238806][T11362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 218.238816][T11362] Call Trace: [ 218.238822][T11362] [ 218.238829][T11362] dump_stack_lvl+0x241/0x360 [ 218.238854][T11362] ? __pfx_dump_stack_lvl+0x10/0x10 [ 218.238870][T11362] ? __pfx__printk+0x10/0x10 [ 218.238888][T11362] ? kmem_cache_alloc_node_noprof+0x4f/0x380 [ 218.238909][T11362] ? __pfx___might_resched+0x10/0x10 [ 218.238928][T11362] ? aa_label_sk_perm+0x4f3/0x6c0 [ 218.238952][T11362] should_fail_ex+0x40a/0x550 [ 218.238978][T11362] should_failslab+0xac/0x100 [ 218.239000][T11362] kmem_cache_alloc_node_noprof+0x77/0x380 [ 218.239020][T11362] ? __alloc_skb+0x1c3/0x440 [ 218.239045][T11362] __alloc_skb+0x1c3/0x440 [ 218.239070][T11362] ? __pfx___alloc_skb+0x10/0x10 [ 218.239101][T11362] netlink_sendmsg+0x634/0xcb0 [ 218.239131][T11362] ? __pfx_netlink_sendmsg+0x10/0x10 [ 218.239153][T11362] ? aa_sock_msg_perm+0x91/0x160 [ 218.239180][T11362] ? __pfx_netlink_sendmsg+0x10/0x10 [ 218.239197][T11362] __sock_sendmsg+0x221/0x270 [ 218.239219][T11362] ____sys_sendmsg+0x53a/0x860 [ 218.239249][T11362] ? __pfx_____sys_sendmsg+0x10/0x10 [ 218.239270][T11362] ? __fget_files+0x2a/0x410 [ 218.239295][T11362] ? __sys_sendmmsg+0x392/0x720 [ 218.239318][T11362] ? __might_fault+0xaa/0x120 [ 218.239337][T11362] __sys_sendmmsg+0x36a/0x720 [ 218.239371][T11362] ? __pfx___sys_sendmmsg+0x10/0x10 [ 218.239404][T11362] ? __pfx_lock_release+0x10/0x10 [ 218.239423][T11362] ? kstrtouint_from_user+0x128/0x190 [ 218.239462][T11362] ? ksys_write+0x22a/0x2b0 [ 218.239478][T11362] ? __pfx_lock_release+0x10/0x10 [ 218.239506][T11362] ? sb_end_write+0xe9/0x1c0 [ 218.239527][T11362] ? vfs_write+0x7fa/0xd10 [ 218.239545][T11362] ? __mutex_unlock_slowpath+0x227/0x800 [ 218.239602][T11362] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 218.239625][T11362] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 218.239649][T11362] ? do_syscall_64+0x100/0x230 [ 218.239674][T11362] __x64_sys_sendmmsg+0xa0/0xb0 [ 218.239698][T11362] do_syscall_64+0xf3/0x230 [ 218.239720][T11362] ? clear_bhb_loop+0x35/0x90 [ 218.239744][T11362] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 218.239764][T11362] RIP: 0033:0x7f9c9d58d169 [ 218.239779][T11362] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 218.239792][T11362] RSP: 002b:00007f9c9e40f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 218.239810][T11362] RAX: ffffffffffffffda RBX: 00007f9c9d7a5fa0 RCX: 00007f9c9d58d169 [ 218.239822][T11362] RDX: 040000000000009f RSI: 00004000000002c0 RDI: 0000000000000004 [ 218.239833][T11362] RBP: 00007f9c9e40f090 R08: 0000000000000000 R09: 0000000000000000 [ 218.239844][T11362] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 218.239853][T11362] R13: 0000000000000000 R14: 00007f9c9d7a5fa0 R15: 00007ffc7a6a3de8 [ 218.239879][T11362] [ 218.285302][T11364] lo speed is unknown, defaulting to 1000 [ 218.342387][T11368] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1612'. [ 218.604001][T11364] lo speed is unknown, defaulting to 1000 [ 218.626026][T11367] lo speed is unknown, defaulting to 1000 [ 218.697906][T11375] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1615'. [ 218.806913][T11381] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1616'. [ 218.925524][T11367] lo speed is unknown, defaulting to 1000 [ 219.033792][T11383] lo speed is unknown, defaulting to 1000 [ 219.118604][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 219.204700][T11395] netlink: 1284 bytes leftover after parsing attributes in process `syz.1.1622'. [ 219.421168][T11383] lo speed is unknown, defaulting to 1000 [ 219.706608][T11409] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1627'. [ 220.022870][T11413] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1628'. [ 220.108348][T11415] FAULT_INJECTION: forcing a failure. [ 220.108348][T11415] name failslab, interval 1, probability 0, space 0, times 0 [ 220.121926][T11415] CPU: 1 UID: 0 PID: 11415 Comm: syz.2.1629 Not tainted 6.14.0-rc4-syzkaller-00840-g56794b5862c5 #0 [ 220.121951][T11415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 220.121961][T11415] Call Trace: [ 220.121967][T11415] [ 220.121974][T11415] dump_stack_lvl+0x241/0x360 [ 220.121998][T11415] ? __pfx_dump_stack_lvl+0x10/0x10 [ 220.122014][T11415] ? __pfx__printk+0x10/0x10 [ 220.122032][T11415] ? kmem_cache_alloc_node_noprof+0x4f/0x380 [ 220.122055][T11415] ? __pfx___might_resched+0x10/0x10 [ 220.122079][T11415] should_fail_ex+0x40a/0x550 [ 220.122106][T11415] should_failslab+0xac/0x100 [ 220.122127][T11415] kmem_cache_alloc_node_noprof+0x77/0x380 [ 220.122147][T11415] ? __alloc_skb+0x1c3/0x440 [ 220.122172][T11415] __alloc_skb+0x1c3/0x440 [ 220.122197][T11415] ? __pfx___alloc_skb+0x10/0x10 [ 220.122221][T11415] ? netlink_autobind+0xd6/0x2f0 [ 220.122238][T11415] ? netlink_autobind+0x2b0/0x2f0 [ 220.122260][T11415] netlink_sendmsg+0x634/0xcb0 [ 220.122290][T11415] ? __pfx_netlink_sendmsg+0x10/0x10 [ 220.122312][T11415] ? aa_sock_msg_perm+0x91/0x160 [ 220.122340][T11415] ? __pfx_netlink_sendmsg+0x10/0x10 [ 220.122356][T11415] __sock_sendmsg+0x221/0x270 [ 220.122379][T11415] ____sys_sendmsg+0x53a/0x860 [ 220.122408][T11415] ? __pfx_____sys_sendmsg+0x10/0x10 [ 220.122436][T11415] ? __fget_files+0x2a/0x410 [ 220.122461][T11415] ? __fget_files+0x2a/0x410 [ 220.122489][T11415] __sys_sendmsg+0x269/0x350 [ 220.122516][T11415] ? __pfx___sys_sendmsg+0x10/0x10 [ 220.122551][T11415] ? do_sys_openat2+0x17a/0x1d0 [ 220.122600][T11415] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 220.122624][T11415] ? do_syscall_64+0x100/0x230 [ 220.122649][T11415] ? do_syscall_64+0xb6/0x230 [ 220.122673][T11415] do_syscall_64+0xf3/0x230 [ 220.122693][T11415] ? clear_bhb_loop+0x35/0x90 [ 220.122717][T11415] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 220.122737][T11415] RIP: 0033:0x7f8fd838d169 [ 220.122752][T11415] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 220.122765][T11415] RSP: 002b:00007f8fd9129038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 220.122784][T11415] RAX: ffffffffffffffda RBX: 00007f8fd85a5fa0 RCX: 00007f8fd838d169 [ 220.122796][T11415] RDX: 0000000000000000 RSI: 0000400000000180 RDI: 0000000000000003 [ 220.122806][T11415] RBP: 00007f8fd9129090 R08: 0000000000000000 R09: 0000000000000000 [ 220.122817][T11415] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 220.122827][T11415] R13: 0000000000000000 R14: 00007f8fd85a5fa0 R15: 00007ffe06dcc0e8 [ 220.122852][T11415] [ 220.133782][T11417] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1630'. [ 220.170012][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 220.197542][T11417] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1630'. [ 220.517474][T11427] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 19996 - 0 [ 220.527046][T11427] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 19996 - 0 [ 220.544143][T11427] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 19996 - 0 [ 220.557371][T11427] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 19996 - 0 [ 220.576618][T11427] geneve3: left allmulticast mode [ 221.198548][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 221.442090][T11456] x_tables: ip_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 221.640120][T11466] openvswitch: netlink: Message has 8 unknown bytes. [ 221.816401][T11474] bridge0: port 1(gretap0) entered blocking state [ 221.836776][T11474] bridge0: port 1(gretap0) entered disabled state [ 221.852400][T11474] gretap0: entered allmulticast mode [ 221.863355][T11474] gretap0: entered promiscuous mode [ 221.884525][T11478] gretap0: left allmulticast mode [ 221.890452][T11478] gretap0: left promiscuous mode [ 221.911279][T11478] bridge0: port 1(gretap0) entered disabled state [ 222.248651][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 222.281039][T11494] netlink: 'syz.4.1654': attribute type 11 has an invalid length. [ 222.874167][T11506] __nla_validate_parse: 13 callbacks suppressed [ 222.874186][T11506] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1659'. [ 223.050382][T11510] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1662'. [ 223.097450][T11512] 8021q: adding VLAN 0 to HW filter on device bond1 [ 223.203482][T11518] netlink: 1284 bytes leftover after parsing attributes in process `syz.4.1665'. [ 223.218246][T11515] syzkaller1: entered promiscuous mode [ 223.242438][T11515] syzkaller1: entered allmulticast mode [ 223.279934][T11519] bond3: (slave bridge1): Removing an active aggregator [ 223.289355][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 223.298965][ T9481] bond3: Warning: Found an uninitialized port [ 223.309243][T11519] bond3: (slave bridge1): Releasing backup interface [ 223.384690][T11526] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1666'. [ 223.424365][T11515] lo speed is unknown, defaulting to 1000 [ 223.706910][T11536] netlink: 1284 bytes leftover after parsing attributes in process `syz.0.1669'. [ 223.916043][T11515] lo speed is unknown, defaulting to 1000 [ 223.924503][T11542] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1671'. [ 224.318710][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 224.413901][T11553] netlink: 'syz.4.1674': attribute type 10 has an invalid length. [ 224.422287][T11553] netlink: 2 bytes leftover after parsing attributes in process `syz.4.1674'. [ 224.686621][T11553] team0: entered promiscuous mode [ 224.720057][T11553] 8021q: adding VLAN 0 to HW filter on device team0 [ 224.937524][T11562] netlink: 1284 bytes leftover after parsing attributes in process `syz.2.1677'. [ 224.947604][T11560] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1675'. [ 224.987240][T11560] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1675'. [ 225.162576][T11568] ipt_REJECT: TCP_RESET invalid for non-tcp [ 225.189848][T11568] 8021q: VLANs not supported on lo [ 225.358623][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 225.446214][T11587] team0: left promiscuous mode [ 225.479399][T11587] veth0_vlan: left allmulticast mode [ 225.546446][T11587] ip6tnl2: left allmulticast mode [ 226.081273][T11612] rdma_rxe: rxe_newlink: rxe creation allowed on top of a real device only [ 226.188264][T11618] syzkaller1: entered promiscuous mode [ 226.222888][T11618] syzkaller1: entered allmulticast mode [ 226.398695][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 227.333923][T11654] macvlan2: entered promiscuous mode [ 227.358819][T11654] bridge0: entered promiscuous mode [ 227.409320][T11657] macvlan3: entered promiscuous mode [ 227.438569][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 227.908200][T11671] FAULT_INJECTION: forcing a failure. [ 227.908200][T11671] name failslab, interval 1, probability 0, space 0, times 0 [ 227.999006][T11671] CPU: 1 UID: 0 PID: 11671 Comm: syz.0.1716 Not tainted 6.14.0-rc4-syzkaller-00840-g56794b5862c5 #0 [ 227.999034][T11671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 227.999044][T11671] Call Trace: [ 227.999050][T11671] [ 227.999057][T11671] dump_stack_lvl+0x241/0x360 [ 227.999082][T11671] ? __pfx_dump_stack_lvl+0x10/0x10 [ 227.999100][T11671] ? __pfx__printk+0x10/0x10 [ 227.999125][T11671] should_fail_ex+0x40a/0x550 [ 227.999150][T11671] should_failslab+0xac/0x100 [ 227.999171][T11671] __kmalloc_cache_noprof+0x70/0x390 [ 227.999190][T11671] ? __hw_addr_add_ex+0x1fb/0x760 [ 227.999216][T11671] __hw_addr_add_ex+0x1fb/0x760 [ 227.999243][T11671] dev_addr_init+0x157/0x240 [ 227.999267][T11671] ? __pfx_dev_addr_init+0x10/0x10 [ 227.999301][T11671] alloc_netdev_mqs+0x307/0x1210 [ 227.999316][T11671] ? __pfx_ppp_setup+0x10/0x10 [ 227.999344][T11671] rtnl_create_link+0x2f9/0xc90 [ 227.999373][T11671] rtnl_newlink_create+0x302/0xb30 [ 227.999395][T11671] ? __pfx_aa_get_newest_label+0x10/0x10 [ 227.999420][T11671] ? __pfx_rtnl_newlink_create+0x10/0x10 [ 227.999442][T11671] ? __pfx___mutex_lock+0x10/0x10 [ 227.999469][T11671] ? nla_strscpy+0x100/0x180 [ 227.999485][T11671] ? full_name_hash+0x93/0xe0 [ 227.999510][T11671] rtnl_newlink+0x1683/0x1da0 [ 227.999530][T11671] ? __lock_acquire+0x1397/0x2100 [ 227.999565][T11671] ? __pfx_rtnl_newlink+0x10/0x10 [ 227.999603][T11671] ? validate_chain+0x11e/0x5920 [ 227.999620][T11671] ? __pfx_lock_acquire+0x10/0x10 [ 227.999642][T11671] ? __pfx_lock_release+0x10/0x10 [ 227.999666][T11671] ? __pfx_validate_chain+0x10/0x10 [ 227.999683][T11671] ? mark_lock+0x9a/0x360 [ 227.999700][T11671] ? __lock_acquire+0x1397/0x2100 [ 227.999750][T11671] ? __pfx_lock_release+0x10/0x10 [ 227.999787][T11671] ? __pfx_rtnl_newlink+0x10/0x10 [ 227.999807][T11671] rtnetlink_rcv_msg+0x791/0xcf0 [ 227.999823][T11671] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 227.999841][T11671] ? __lock_acquire+0x1397/0x2100 [ 227.999871][T11671] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 227.999905][T11671] netlink_rcv_skb+0x206/0x480 [ 227.999924][T11671] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 227.999944][T11671] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 227.999983][T11671] ? netlink_deliver_tap+0x2e/0x1b0 [ 228.000004][T11671] netlink_unicast+0x7f6/0x990 [ 228.000027][T11671] ? __pfx_netlink_unicast+0x10/0x10 [ 228.000040][T11671] ? __virt_addr_valid+0x45f/0x530 [ 228.000056][T11671] ? __phys_addr_symbol+0x2f/0x70 [ 228.000077][T11671] ? __check_object_size+0x47a/0x730 [ 228.000101][T11671] netlink_sendmsg+0x8de/0xcb0 [ 228.000129][T11671] ? __pfx_netlink_sendmsg+0x10/0x10 [ 228.000149][T11671] ? aa_sock_msg_perm+0x91/0x160 [ 228.000176][T11671] ? __pfx_netlink_sendmsg+0x10/0x10 [ 228.000193][T11671] __sock_sendmsg+0x221/0x270 [ 228.000215][T11671] ____sys_sendmsg+0x53a/0x860 [ 228.000247][T11671] ? __pfx_____sys_sendmsg+0x10/0x10 [ 228.000266][T11671] ? __fget_files+0x2a/0x410 [ 228.000289][T11671] ? __fget_files+0x2a/0x410 [ 228.000319][T11671] __sys_sendmsg+0x269/0x350 [ 228.000347][T11671] ? __pfx___sys_sendmsg+0x10/0x10 [ 228.000380][T11671] ? do_sys_openat2+0x17a/0x1d0 [ 228.000426][T11671] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 228.000451][T11671] ? do_syscall_64+0x100/0x230 [ 228.000477][T11671] ? do_syscall_64+0xb6/0x230 [ 228.000501][T11671] do_syscall_64+0xf3/0x230 [ 228.000522][T11671] ? clear_bhb_loop+0x35/0x90 [ 228.000547][T11671] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 228.000567][T11671] RIP: 0033:0x7f34e2d8d169 [ 228.000581][T11671] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 228.000594][T11671] RSP: 002b:00007f34e3c0a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 228.000612][T11671] RAX: ffffffffffffffda RBX: 00007f34e2fa5fa0 RCX: 00007f34e2d8d169 [ 228.000624][T11671] RDX: 0000000000000000 RSI: 0000400000000180 RDI: 0000000000000003 [ 228.000635][T11671] RBP: 00007f34e3c0a090 R08: 0000000000000000 R09: 0000000000000000 [ 228.000645][T11671] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 228.000655][T11671] R13: 0000000000000000 R14: 00007f34e2fa5fa0 R15: 00007ffe16779168 [ 228.000683][T11671] [ 228.476805][T11684] __nla_validate_parse: 7 callbacks suppressed [ 228.476823][T11684] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1720'. [ 228.488612][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 228.510576][T11682] FAULT_INJECTION: forcing a failure. [ 228.510576][T11682] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 228.529012][T11682] CPU: 0 UID: 0 PID: 11682 Comm: syz.2.1719 Not tainted 6.14.0-rc4-syzkaller-00840-g56794b5862c5 #0 [ 228.529040][T11682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 228.529051][T11682] Call Trace: [ 228.529057][T11682] [ 228.529065][T11682] dump_stack_lvl+0x241/0x360 [ 228.529098][T11682] ? __pfx_dump_stack_lvl+0x10/0x10 [ 228.529115][T11682] ? __pfx__printk+0x10/0x10 [ 228.529143][T11682] should_fail_ex+0x40a/0x550 [ 228.529170][T11682] _copy_to_user+0x31/0xb0 [ 228.529192][T11682] bpf_test_finish+0x59c/0x890 [ 228.529219][T11682] ? __pfx_bpf_test_finish+0x10/0x10 [ 228.529243][T11682] ? convert_skb_to___skb+0x2d3/0x510 [ 228.529264][T11682] bpf_prog_test_run_skb+0xff8/0x1830 [ 228.529303][T11682] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 228.529319][T11682] ? __fget_files+0x2a/0x410 [ 228.529344][T11682] ? fput+0x21b/0x290 [ 228.529364][T11682] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 228.529384][T11682] bpf_prog_test_run+0x2e4/0x360 [ 228.529410][T11682] __sys_bpf+0x487/0x820 [ 228.529433][T11682] ? __pfx___sys_bpf+0x10/0x10 [ 228.529465][T11682] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 228.529490][T11682] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 228.529514][T11682] ? do_syscall_64+0x100/0x230 [ 228.529541][T11682] __x64_sys_bpf+0x7c/0x90 [ 228.529561][T11682] do_syscall_64+0xf3/0x230 [ 228.529584][T11682] ? clear_bhb_loop+0x35/0x90 [ 228.529608][T11682] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 228.529629][T11682] RIP: 0033:0x7f8fd838d169 [ 228.529643][T11682] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 228.529658][T11682] RSP: 002b:00007f8fd9129038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 228.529677][T11682] RAX: ffffffffffffffda RBX: 00007f8fd85a5fa0 RCX: 00007f8fd838d169 [ 228.529689][T11682] RDX: 000000000000004c RSI: 0000400000000240 RDI: 000000000000000a [ 228.529700][T11682] RBP: 00007f8fd9129090 R08: 0000000000000000 R09: 0000000000000000 [ 228.529711][T11682] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 228.529721][T11682] R13: 0000000000000000 R14: 00007f8fd85a5fa0 R15: 00007ffe06dcc0e8 [ 228.529747][T11682] [ 228.988042][T11689] netlink: 1284 bytes leftover after parsing attributes in process `syz.0.1721'. [ 229.477448][T11708] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1727'. [ 229.518570][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 229.770590][T11719] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1730'. [ 229.876683][T11719] bond7: entered promiscuous mode [ 229.909205][T11719] 8021q: adding VLAN 0 to HW filter on device bond7 [ 229.929176][T11732] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1734'. [ 230.097536][T11736] netlink: 1284 bytes leftover after parsing attributes in process `syz.2.1735'. [ 230.379299][T11719] bond7 (unregistering): Released all slaves [ 230.558632][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 230.661363][T11761] lo speed is unknown, defaulting to 1000 [ 230.704081][T11760] bond0: (slave wlan1): Releasing backup interface [ 231.044336][T11761] lo speed is unknown, defaulting to 1000 [ 231.098161][T11784] netlink: 'syz.0.1744': attribute type 49 has an invalid length. [ 231.315082][T11794] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1749'. [ 231.375948][T11797] netlink: 'syz.4.1750': attribute type 4 has an invalid length. [ 231.398359][T11797] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1750'. [ 231.413190][T11797] netlink: 'syz.4.1750': attribute type 1 has an invalid length. [ 231.420375][T11799] netlink: 1284 bytes leftover after parsing attributes in process `syz.2.1751'. [ 231.422692][T11797] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1750'. [ 231.608682][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 231.758022][T11815] FAULT_INJECTION: forcing a failure. [ 231.758022][T11815] name failslab, interval 1, probability 0, space 0, times 0 [ 231.791372][T11815] CPU: 1 UID: 0 PID: 11815 Comm: syz.2.1756 Not tainted 6.14.0-rc4-syzkaller-00840-g56794b5862c5 #0 [ 231.791402][T11815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 231.791412][T11815] Call Trace: [ 231.791419][T11815] [ 231.791427][T11815] dump_stack_lvl+0x241/0x360 [ 231.791454][T11815] ? __pfx_dump_stack_lvl+0x10/0x10 [ 231.791472][T11815] ? __pfx__printk+0x10/0x10 [ 231.791491][T11815] ? __kmalloc_cache_noprof+0x48/0x390 [ 231.791514][T11815] ? __pfx___might_resched+0x10/0x10 [ 231.791540][T11815] should_fail_ex+0x40a/0x550 [ 231.791567][T11815] should_failslab+0xac/0x100 [ 231.791590][T11815] __kmalloc_cache_noprof+0x70/0x390 [ 231.791609][T11815] ? alloc_netdev_mqs+0xc1a/0x1210 [ 231.791625][T11815] ? __xdp_rxq_info_reg+0x186/0x290 [ 231.791648][T11815] alloc_netdev_mqs+0xc1a/0x1210 [ 231.791674][T11815] rtnl_create_link+0x2f9/0xc90 [ 231.791704][T11815] rtnl_newlink_create+0x302/0xb30 [ 231.791728][T11815] ? __pfx_aa_get_newest_label+0x10/0x10 [ 231.791756][T11815] ? __pfx_rtnl_newlink_create+0x10/0x10 [ 231.791778][T11815] ? __pfx___mutex_lock+0x10/0x10 [ 231.791807][T11815] ? nla_strscpy+0x100/0x180 [ 231.791830][T11815] ? full_name_hash+0x93/0xe0 [ 231.791856][T11815] rtnl_newlink+0x1683/0x1da0 [ 231.791877][T11815] ? __lock_acquire+0x1397/0x2100 [ 231.791914][T11815] ? __pfx_rtnl_newlink+0x10/0x10 [ 231.791955][T11815] ? validate_chain+0x11e/0x5920 [ 231.791972][T11815] ? __pfx_lock_acquire+0x10/0x10 [ 231.791997][T11815] ? __pfx_lock_release+0x10/0x10 [ 231.792022][T11815] ? __pfx_validate_chain+0x10/0x10 [ 231.792041][T11815] ? mark_lock+0x9a/0x360 [ 231.792060][T11815] ? __lock_acquire+0x1397/0x2100 [ 231.792116][T11815] ? __pfx_lock_release+0x10/0x10 [ 231.792153][T11815] ? __pfx_rtnl_newlink+0x10/0x10 [ 231.792173][T11815] rtnetlink_rcv_msg+0x791/0xcf0 [ 231.792189][T11815] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 231.792207][T11815] ? __lock_acquire+0x1397/0x2100 [ 231.792230][T11815] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 231.792264][T11815] netlink_rcv_skb+0x206/0x480 [ 231.792285][T11815] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 231.792305][T11815] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 231.792347][T11815] ? netlink_deliver_tap+0x2e/0x1b0 [ 231.792368][T11815] netlink_unicast+0x7f6/0x990 [ 231.792393][T11815] ? __pfx_netlink_unicast+0x10/0x10 [ 231.792407][T11815] ? __virt_addr_valid+0x45f/0x530 [ 231.792424][T11815] ? __phys_addr_symbol+0x2f/0x70 [ 231.792446][T11815] ? __check_object_size+0x47a/0x730 [ 231.792471][T11815] netlink_sendmsg+0x8de/0xcb0 [ 231.792503][T11815] ? __pfx_netlink_sendmsg+0x10/0x10 [ 231.792526][T11815] ? aa_sock_msg_perm+0x91/0x160 [ 231.792554][T11815] ? __pfx_netlink_sendmsg+0x10/0x10 [ 231.792570][T11815] __sock_sendmsg+0x221/0x270 [ 231.792593][T11815] ____sys_sendmsg+0x53a/0x860 [ 231.792623][T11815] ? __pfx_____sys_sendmsg+0x10/0x10 [ 231.792643][T11815] ? __fget_files+0x2a/0x410 [ 231.792667][T11815] ? __fget_files+0x2a/0x410 [ 231.792696][T11815] __sys_sendmsg+0x269/0x350 [ 231.792725][T11815] ? __pfx___sys_sendmsg+0x10/0x10 [ 231.792760][T11815] ? do_sys_openat2+0x17a/0x1d0 [ 231.792810][T11815] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 231.792839][T11815] ? do_syscall_64+0x100/0x230 [ 231.792864][T11815] ? do_syscall_64+0xb6/0x230 [ 231.792885][T11815] do_syscall_64+0xf3/0x230 [ 231.792905][T11815] ? clear_bhb_loop+0x35/0x90 [ 231.792929][T11815] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 231.792949][T11815] RIP: 0033:0x7f8fd838d169 [ 231.792964][T11815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 231.792979][T11815] RSP: 002b:00007f8fd9129038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 231.792997][T11815] RAX: ffffffffffffffda RBX: 00007f8fd85a5fa0 RCX: 00007f8fd838d169 [ 231.793009][T11815] RDX: 0000000000000000 RSI: 0000400000000180 RDI: 0000000000000003 [ 231.793019][T11815] RBP: 00007f8fd9129090 R08: 0000000000000000 R09: 0000000000000000 [ 231.793029][T11815] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 231.793039][T11815] R13: 0000000000000000 R14: 00007f8fd85a5fa0 R15: 00007ffe06dcc0e8 [ 231.793067][T11815] [ 232.220127][T11813] team0: Unable to change to the same mode the team is in [ 232.337491][T11824] netlink: 'syz.4.1760': attribute type 10 has an invalid length. [ 232.351130][T11824] veth1_macvtap: left promiscuous mode [ 232.362799][T11824] team0: Device veth1_macvtap failed to register rx_handler [ 232.638692][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 232.795447][T11849] lo speed is unknown, defaulting to 1000 [ 232.871728][T11857] FAULT_INJECTION: forcing a failure. [ 232.871728][T11857] name failslab, interval 1, probability 0, space 0, times 0 [ 232.928691][T11857] CPU: 1 UID: 0 PID: 11857 Comm: syz.0.1771 Not tainted 6.14.0-rc4-syzkaller-00840-g56794b5862c5 #0 [ 232.928718][T11857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 232.928727][T11857] Call Trace: [ 232.928733][T11857] [ 232.928741][T11857] dump_stack_lvl+0x241/0x360 [ 232.928765][T11857] ? __pfx_dump_stack_lvl+0x10/0x10 [ 232.928791][T11857] ? __pfx__printk+0x10/0x10 [ 232.928808][T11857] ? __kmalloc_cache_noprof+0x48/0x390 [ 232.928830][T11857] ? __pfx___might_resched+0x10/0x10 [ 232.928854][T11857] should_fail_ex+0x40a/0x550 [ 232.928880][T11857] should_failslab+0xac/0x100 [ 232.928901][T11857] __kmalloc_cache_noprof+0x70/0x390 [ 232.928918][T11857] ? alloc_netdev_mqs+0xc7c/0x1210 [ 232.928938][T11857] alloc_netdev_mqs+0xc7c/0x1210 [ 232.928961][T11857] rtnl_create_link+0x2f9/0xc90 [ 232.928991][T11857] rtnl_newlink_create+0x302/0xb30 [ 232.929014][T11857] ? __pfx_aa_get_newest_label+0x10/0x10 [ 232.929037][T11857] ? __pfx_rtnl_newlink_create+0x10/0x10 [ 232.929058][T11857] ? __pfx___mutex_lock+0x10/0x10 [ 232.929084][T11857] ? nla_strscpy+0x100/0x180 [ 232.929100][T11857] ? full_name_hash+0x93/0xe0 [ 232.929122][T11857] rtnl_newlink+0x1683/0x1da0 [ 232.929141][T11857] ? __lock_acquire+0x1397/0x2100 [ 232.929176][T11857] ? __pfx_rtnl_newlink+0x10/0x10 [ 232.929217][T11857] ? validate_chain+0x11e/0x5920 [ 232.929233][T11857] ? __pfx_lock_acquire+0x10/0x10 [ 232.929256][T11857] ? __pfx_lock_release+0x10/0x10 [ 232.929281][T11857] ? __pfx_validate_chain+0x10/0x10 [ 232.929300][T11857] ? mark_lock+0x9a/0x360 [ 232.929320][T11857] ? __lock_acquire+0x1397/0x2100 [ 232.929375][T11857] ? __pfx_lock_release+0x10/0x10 [ 232.929413][T11857] ? __pfx_rtnl_newlink+0x10/0x10 [ 232.929433][T11857] rtnetlink_rcv_msg+0x791/0xcf0 [ 232.929450][T11857] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 232.929469][T11857] ? __lock_acquire+0x1397/0x2100 [ 232.929492][T11857] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 232.929526][T11857] netlink_rcv_skb+0x206/0x480 [ 232.929545][T11857] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 232.929566][T11857] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 232.929608][T11857] ? netlink_deliver_tap+0x2e/0x1b0 [ 232.929629][T11857] netlink_unicast+0x7f6/0x990 [ 232.929654][T11857] ? __pfx_netlink_unicast+0x10/0x10 [ 232.929668][T11857] ? __virt_addr_valid+0x45f/0x530 [ 232.929685][T11857] ? __phys_addr_symbol+0x2f/0x70 [ 232.929707][T11857] ? __check_object_size+0x47a/0x730 [ 232.929732][T11857] netlink_sendmsg+0x8de/0xcb0 [ 232.929764][T11857] ? __pfx_netlink_sendmsg+0x10/0x10 [ 232.929793][T11857] ? aa_sock_msg_perm+0x91/0x160 [ 232.929821][T11857] ? __pfx_netlink_sendmsg+0x10/0x10 [ 232.929837][T11857] __sock_sendmsg+0x221/0x270 [ 232.929860][T11857] ____sys_sendmsg+0x53a/0x860 [ 232.929892][T11857] ? __pfx_____sys_sendmsg+0x10/0x10 [ 232.929913][T11857] ? __fget_files+0x2a/0x410 [ 232.929937][T11857] ? __fget_files+0x2a/0x410 [ 232.929967][T11857] __sys_sendmsg+0x269/0x350 [ 232.929995][T11857] ? __pfx___sys_sendmsg+0x10/0x10 [ 232.930030][T11857] ? do_sys_openat2+0x17a/0x1d0 [ 232.930076][T11857] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 232.930098][T11857] ? do_syscall_64+0x100/0x230 [ 232.930121][T11857] ? do_syscall_64+0xb6/0x230 [ 232.930142][T11857] do_syscall_64+0xf3/0x230 [ 232.930164][T11857] ? clear_bhb_loop+0x35/0x90 [ 232.930186][T11857] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 232.930205][T11857] RIP: 0033:0x7f34e2d8d169 [ 232.930220][T11857] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 232.930234][T11857] RSP: 002b:00007f34e3c0a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 232.930253][T11857] RAX: ffffffffffffffda RBX: 00007f34e2fa5fa0 RCX: 00007f34e2d8d169 [ 232.930265][T11857] RDX: 0000000000000000 RSI: 0000400000000180 RDI: 0000000000000003 [ 232.930276][T11857] RBP: 00007f34e3c0a090 R08: 0000000000000000 R09: 0000000000000000 [ 232.930286][T11857] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 232.930295][T11857] R13: 0000000000000000 R14: 00007f34e2fa5fa0 R15: 00007ffe16779168 [ 232.930321][T11857] [ 233.006704][T11861] team0: Unable to change to the same mode the team is in [ 233.403130][T11849] lo speed is unknown, defaulting to 1000 [ 233.501851][T11874] ax25_connect(): syz.1.1772 uses autobind, please contact jreuter@yaina.de [ 233.688570][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 233.754663][T11887] __nla_validate_parse: 5 callbacks suppressed [ 233.754683][T11887] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1777'. [ 233.810273][T11889] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1779'. [ 233.819918][T11891] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1778'. [ 233.902331][T11893] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 234.010058][T11896] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1780'. [ 234.023509][T11896] vlan2: entered promiscuous mode [ 234.030037][T11896] bond0: entered promiscuous mode [ 234.054943][T11896] bond0: left promiscuous mode [ 234.107382][T11898] sch_fq: defrate 2048 ignored. [ 234.295695][T11904] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1783'. [ 234.309447][T11902] netlink: 1284 bytes leftover after parsing attributes in process `syz.1.1782'. [ 234.322507][T11908] FAULT_INJECTION: forcing a failure. [ 234.322507][T11908] name failslab, interval 1, probability 0, space 0, times 0 [ 234.344248][T11908] CPU: 0 UID: 0 PID: 11908 Comm: syz.0.1784 Not tainted 6.14.0-rc4-syzkaller-00840-g56794b5862c5 #0 [ 234.344274][T11908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 234.344284][T11908] Call Trace: [ 234.344290][T11908] [ 234.344297][T11908] dump_stack_lvl+0x241/0x360 [ 234.344323][T11908] ? __pfx_dump_stack_lvl+0x10/0x10 [ 234.344341][T11908] ? __pfx__printk+0x10/0x10 [ 234.344360][T11908] ? __kmalloc_node_noprof+0xb9/0x4d0 [ 234.344383][T11908] ? __pfx___might_resched+0x10/0x10 [ 234.344408][T11908] should_fail_ex+0x40a/0x550 [ 234.344432][T11908] should_failslab+0xac/0x100 [ 234.344453][T11908] __kmalloc_node_noprof+0xe1/0x4d0 [ 234.344472][T11908] ? __kvmalloc_node_noprof+0x72/0x190 [ 234.344498][T11908] __kvmalloc_node_noprof+0x72/0x190 [ 234.344520][T11908] alloc_netdev_mqs+0xce7/0x1210 [ 234.344542][T11908] rtnl_create_link+0x2f9/0xc90 [ 234.344569][T11908] rtnl_newlink_create+0x302/0xb30 [ 234.344590][T11908] ? __pfx_aa_get_newest_label+0x10/0x10 [ 234.344614][T11908] ? __pfx_rtnl_newlink_create+0x10/0x10 [ 234.344637][T11908] ? __pfx___mutex_lock+0x10/0x10 [ 234.344674][T11908] ? nla_strscpy+0x100/0x180 [ 234.344691][T11908] ? full_name_hash+0x93/0xe0 [ 234.344717][T11908] rtnl_newlink+0x1683/0x1da0 [ 234.344738][T11908] ? __lock_acquire+0x1397/0x2100 [ 234.344779][T11908] ? __pfx_rtnl_newlink+0x10/0x10 [ 234.344821][T11908] ? validate_chain+0x11e/0x5920 [ 234.344837][T11908] ? __pfx_lock_acquire+0x10/0x10 [ 234.344863][T11908] ? __pfx_lock_release+0x10/0x10 [ 234.344888][T11908] ? __pfx_validate_chain+0x10/0x10 [ 234.344907][T11908] ? mark_lock+0x9a/0x360 [ 234.344926][T11908] ? __lock_acquire+0x1397/0x2100 [ 234.344982][T11908] ? __pfx_lock_release+0x10/0x10 [ 234.345019][T11908] ? __pfx_rtnl_newlink+0x10/0x10 [ 234.345039][T11908] rtnetlink_rcv_msg+0x791/0xcf0 [ 234.345055][T11908] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 234.345074][T11908] ? __lock_acquire+0x1397/0x2100 [ 234.345098][T11908] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 234.345134][T11908] netlink_rcv_skb+0x206/0x480 [ 234.345154][T11908] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 234.345174][T11908] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 234.345217][T11908] ? netlink_deliver_tap+0x2e/0x1b0 [ 234.345238][T11908] netlink_unicast+0x7f6/0x990 [ 234.345263][T11908] ? __pfx_netlink_unicast+0x10/0x10 [ 234.345277][T11908] ? __virt_addr_valid+0x45f/0x530 [ 234.345294][T11908] ? __phys_addr_symbol+0x2f/0x70 [ 234.345315][T11908] ? __check_object_size+0x47a/0x730 [ 234.345341][T11908] netlink_sendmsg+0x8de/0xcb0 [ 234.345372][T11908] ? __pfx_netlink_sendmsg+0x10/0x10 [ 234.345412][T11908] ? aa_sock_msg_perm+0x91/0x160 [ 234.345440][T11908] ? __pfx_netlink_sendmsg+0x10/0x10 [ 234.345456][T11908] __sock_sendmsg+0x221/0x270 [ 234.345479][T11908] ____sys_sendmsg+0x53a/0x860 [ 234.345511][T11908] ? __pfx_____sys_sendmsg+0x10/0x10 [ 234.345531][T11908] ? __fget_files+0x2a/0x410 [ 234.345556][T11908] ? __fget_files+0x2a/0x410 [ 234.345586][T11908] __sys_sendmsg+0x269/0x350 [ 234.345615][T11908] ? __pfx___sys_sendmsg+0x10/0x10 [ 234.345651][T11908] ? do_sys_openat2+0x17a/0x1d0 [ 234.345705][T11908] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 234.345729][T11908] ? do_syscall_64+0x100/0x230 [ 234.345755][T11908] ? do_syscall_64+0xb6/0x230 [ 234.345779][T11908] do_syscall_64+0xf3/0x230 [ 234.345800][T11908] ? clear_bhb_loop+0x35/0x90 [ 234.345821][T11908] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 234.345848][T11908] RIP: 0033:0x7f34e2d8d169 [ 234.345862][T11908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 234.345876][T11908] RSP: 002b:00007f34e3c0a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 234.345894][T11908] RAX: ffffffffffffffda RBX: 00007f34e2fa5fa0 RCX: 00007f34e2d8d169 [ 234.345905][T11908] RDX: 0000000000000000 RSI: 0000400000000180 RDI: 0000000000000003 [ 234.345923][T11908] RBP: 00007f34e3c0a090 R08: 0000000000000000 R09: 0000000000000000 [ 234.345931][T11908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 234.345939][T11908] R13: 0000000000000000 R14: 00007f34e2fa5fa0 R15: 00007ffe16779168 [ 234.345963][T11908] [ 234.758695][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 234.949789][T11919] netem: incorrect ge model size [ 235.048172][T11928] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 235.077072][T11926] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1790'. [ 235.122846][T11928] netlink: 80 bytes leftover after parsing attributes in process `syz.1.1789'. [ 235.165767][T11933] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1792'. [ 235.269733][T11938] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1794'. [ 235.335368][T11943] lo speed is unknown, defaulting to 1000 [ 235.460676][T11949] vlan3: entered promiscuous mode [ 235.476212][T11951] netlink: 'syz.3.1796': attribute type 4 has an invalid length. [ 235.672415][T11943] lo speed is unknown, defaulting to 1000 [ 235.848641][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 236.184312][T11972] lo speed is unknown, defaulting to 1000 [ 236.488247][T11972] lo speed is unknown, defaulting to 1000 [ 236.878629][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 237.301304][T12022] lo speed is unknown, defaulting to 1000 [ 237.492064][T12038] netlink: 'syz.2.1822': attribute type 4 has an invalid length. [ 237.858683][T12028] lo speed is unknown, defaulting to 1000 [ 237.918607][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 238.126879][T12029] netlink: 'syz.1.1821': attribute type 11 has an invalid length. [ 238.159269][T12029] netlink: 'syz.1.1821': attribute type 5 has an invalid length. [ 238.226088][T12028] lo speed is unknown, defaulting to 1000 [ 238.270606][T12022] lo speed is unknown, defaulting to 1000 [ 238.506586][T12059] team0: Device gtp0 failed to enter team mode [ 238.518281][T12059] team0: Device gtp0 failed to enter team mode [ 238.958687][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 239.309774][T12072] __nla_validate_parse: 8 callbacks suppressed [ 239.309924][T12072] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1836'. [ 239.538050][T12078] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1840'. [ 239.577813][T12078] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1840'. [ 239.707357][T12100] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1843'. [ 239.722929][T12100] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1843'. [ 239.974951][T12110] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1844'. [ 239.998697][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 240.208710][T12114] lo speed is unknown, defaulting to 1000 [ 240.496615][T12114] lo speed is unknown, defaulting to 1000 [ 240.684050][T12128] netlink: 'syz.1.1850': attribute type 39 has an invalid length. [ 240.692465][T12129] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1849'. [ 240.791239][T12131] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1851'. [ 240.848712][T12131] netlink: 'syz.4.1851': attribute type 3 has an invalid length. [ 241.038749][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 241.307429][T12148] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1858'. [ 241.456390][T12143] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1856'. [ 242.078660][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 242.393281][T12176] netlink: zone id is out of range [ 242.407451][T12176] netlink: zone id is out of range [ 242.649756][T12179] team0: Unable to change to the same mode the team is in [ 243.118741][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 243.937436][T12210] FAULT_INJECTION: forcing a failure. [ 243.937436][T12210] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 243.988689][T12210] CPU: 0 UID: 0 PID: 12210 Comm: syz.3.1878 Not tainted 6.14.0-rc4-syzkaller-00840-g56794b5862c5 #0 [ 243.988718][T12210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 243.988728][T12210] Call Trace: [ 243.988734][T12210] [ 243.988741][T12210] dump_stack_lvl+0x241/0x360 [ 243.988766][T12210] ? __pfx_dump_stack_lvl+0x10/0x10 [ 243.988782][T12210] ? __pfx__printk+0x10/0x10 [ 243.988808][T12210] ? __pfx_lock_release+0x10/0x10 [ 243.988835][T12210] should_fail_ex+0x40a/0x550 [ 243.988861][T12210] _copy_from_user+0x2d/0xb0 [ 243.988881][T12210] move_addr_to_kernel+0x82/0x150 [ 243.988898][T12210] copy_msghdr_from_user+0x43e/0x680 [ 243.988917][T12210] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 243.988930][T12210] ? __fget_files+0x2a/0x410 [ 243.988950][T12210] ? __fget_files+0x2a/0x410 [ 243.988972][T12210] __sys_sendmmsg+0x32b/0x720 [ 243.988999][T12210] ? __pfx___sys_sendmmsg+0x10/0x10 [ 243.989026][T12210] ? __pfx_lock_release+0x10/0x10 [ 243.989042][T12210] ? kstrtouint_from_user+0x128/0x190 [ 243.989072][T12210] ? ksys_write+0x22a/0x2b0 [ 243.989085][T12210] ? __pfx_lock_release+0x10/0x10 [ 243.989106][T12210] ? sb_end_write+0xe9/0x1c0 [ 243.989123][T12210] ? vfs_write+0x7fa/0xd10 [ 243.989137][T12210] ? __mutex_unlock_slowpath+0x227/0x800 [ 243.989175][T12210] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 243.989194][T12210] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 243.989213][T12210] ? do_syscall_64+0x100/0x230 [ 243.989233][T12210] __x64_sys_sendmmsg+0xa0/0xb0 [ 243.989253][T12210] do_syscall_64+0xf3/0x230 [ 243.989270][T12210] ? clear_bhb_loop+0x35/0x90 [ 243.989289][T12210] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 243.989305][T12210] RIP: 0033:0x7f6b1b78d169 [ 243.989317][T12210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 243.989328][T12210] RSP: 002b:00007f6b1c5b0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 243.989343][T12210] RAX: ffffffffffffffda RBX: 00007f6b1b9a5fa0 RCX: 00007f6b1b78d169 [ 243.989352][T12210] RDX: 0000000000000001 RSI: 0000400000003540 RDI: 0000000000000003 [ 243.989361][T12210] RBP: 00007f6b1c5b0090 R08: 0000000000000000 R09: 0000000000000000 [ 243.989368][T12210] R10: 0000000004000000 R11: 0000000000000246 R12: 0000000000000001 [ 243.989376][T12210] R13: 0000000000000000 R14: 00007f6b1b9a5fa0 R15: 00007ffc412f5898 [ 243.989397][T12210] [ 244.198690][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 244.389978][T12214] __nla_validate_parse: 3 callbacks suppressed [ 244.389997][T12214] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1879'. [ 244.415127][T12214] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1879'. [ 244.444186][T12214] RDS: rds_bind could not find a transport for ::ffff:10.1.1.1, load rds_tcp or rds_rdma? [ 244.478185][T12216] team0: Unable to change to the same mode the team is in [ 244.498648][T12218] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1882'. [ 244.702838][T12226] lo speed is unknown, defaulting to 1000 [ 244.959576][T12243] netlink: 1284 bytes leftover after parsing attributes in process `syz.0.1888'. [ 245.061062][T12248] FAULT_INJECTION: forcing a failure. [ 245.061062][T12248] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 245.087654][T12248] CPU: 1 UID: 0 PID: 12248 Comm: syz.3.1890 Not tainted 6.14.0-rc4-syzkaller-00840-g56794b5862c5 #0 [ 245.087682][T12248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 245.087691][T12248] Call Trace: [ 245.087698][T12248] [ 245.087704][T12248] dump_stack_lvl+0x241/0x360 [ 245.087738][T12248] ? __pfx_dump_stack_lvl+0x10/0x10 [ 245.087753][T12248] ? __pfx__printk+0x10/0x10 [ 245.087770][T12248] ? __pfx_lock_release+0x10/0x10 [ 245.087799][T12248] should_fail_ex+0x40a/0x550 [ 245.087825][T12248] _copy_from_user+0x2d/0xb0 [ 245.087845][T12248] ____sys_sendmsg+0x30b/0x860 [ 245.087872][T12248] ? __pfx_____sys_sendmsg+0x10/0x10 [ 245.087891][T12248] ? __fget_files+0x2a/0x410 [ 245.087913][T12248] ? __fget_files+0x2a/0x410 [ 245.087938][T12248] __sys_sendmmsg+0x36a/0x720 [ 245.087969][T12248] ? __pfx___sys_sendmmsg+0x10/0x10 [ 245.088000][T12248] ? __pfx_lock_release+0x10/0x10 [ 245.088019][T12248] ? kstrtouint_from_user+0x128/0x190 [ 245.088052][T12248] ? ksys_write+0x22a/0x2b0 [ 245.088068][T12248] ? __pfx_lock_release+0x10/0x10 [ 245.088094][T12248] ? sb_end_write+0xe9/0x1c0 [ 245.088116][T12248] ? vfs_write+0x7fa/0xd10 [ 245.088132][T12248] ? __mutex_unlock_slowpath+0x227/0x800 [ 245.088177][T12248] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 245.088200][T12248] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 245.088222][T12248] ? do_syscall_64+0x100/0x230 [ 245.088246][T12248] __x64_sys_sendmmsg+0xa0/0xb0 [ 245.088271][T12248] do_syscall_64+0xf3/0x230 [ 245.088291][T12248] ? clear_bhb_loop+0x35/0x90 [ 245.088313][T12248] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 245.088333][T12248] RIP: 0033:0x7f6b1b78d169 [ 245.088348][T12248] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 245.088361][T12248] RSP: 002b:00007f6b1c5b0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 245.088379][T12248] RAX: ffffffffffffffda RBX: 00007f6b1b9a5fa0 RCX: 00007f6b1b78d169 [ 245.088390][T12248] RDX: 0000000000000001 RSI: 0000400000003540 RDI: 0000000000000003 [ 245.088401][T12248] RBP: 00007f6b1c5b0090 R08: 0000000000000000 R09: 0000000000000000 [ 245.088412][T12248] R10: 0000000004000000 R11: 0000000000000246 R12: 0000000000000001 [ 245.088422][T12248] R13: 0000000000000000 R14: 00007f6b1b9a5fa0 R15: 00007ffc412f5898 [ 245.088448][T12248] [ 245.320317][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 245.383631][T12226] lo speed is unknown, defaulting to 1000 [ 245.751971][T12262] team0: Unable to change to the same mode the team is in [ 245.825443][T12226] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1885'. [ 246.133193][T12281] netlink: 1284 bytes leftover after parsing attributes in process `syz.2.1901'. [ 246.347941][T12293] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1904'. [ 246.398139][T12294] netlink: 'syz.0.1904': attribute type 6 has an invalid length. [ 246.406159][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 246.474185][T12301] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1907'. [ 246.560749][T12305] FAULT_INJECTION: forcing a failure. [ 246.560749][T12305] name failslab, interval 1, probability 0, space 0, times 0 [ 246.603893][T12306] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1907'. [ 246.618721][T12305] CPU: 0 UID: 0 PID: 12305 Comm: syz.1.1908 Not tainted 6.14.0-rc4-syzkaller-00840-g56794b5862c5 #0 [ 246.618747][T12305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 246.618757][T12305] Call Trace: [ 246.618763][T12305] [ 246.618770][T12305] dump_stack_lvl+0x241/0x360 [ 246.618808][T12305] ? __pfx_dump_stack_lvl+0x10/0x10 [ 246.618829][T12305] ? __pfx__printk+0x10/0x10 [ 246.618852][T12305] ? __kmalloc_noprof+0xb5/0x4c0 [ 246.618880][T12305] ? __pfx___might_resched+0x10/0x10 [ 246.618904][T12305] should_fail_ex+0x40a/0x550 [ 246.618931][T12305] should_failslab+0xac/0x100 [ 246.618953][T12305] __kmalloc_noprof+0xdd/0x4c0 [ 246.618972][T12305] ? bpf_test_init+0xc3/0x160 [ 246.618993][T12305] bpf_test_init+0xc3/0x160 [ 246.619013][T12305] bpf_prog_test_run_skb+0x2bb/0x1830 [ 246.619031][T12305] ? __pfx_lock_release+0x10/0x10 [ 246.619062][T12305] ? __pfx___might_resched+0x10/0x10 [ 246.619088][T12305] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 246.619103][T12305] ? __fget_files+0x2a/0x410 [ 246.619128][T12305] ? fput+0x21b/0x290 [ 246.619146][T12305] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 246.619165][T12305] bpf_prog_test_run+0x2e4/0x360 [ 246.619190][T12305] __sys_bpf+0x487/0x820 [ 246.619213][T12305] ? __pfx___sys_bpf+0x10/0x10 [ 246.619231][T12305] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 246.619285][T12305] __x64_sys_bpf+0x7c/0x90 [ 246.619305][T12305] do_syscall_64+0xf3/0x230 [ 246.619328][T12305] ? clear_bhb_loop+0x35/0x90 [ 246.619351][T12305] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 246.619371][T12305] RIP: 0033:0x7f245e58d169 [ 246.619403][T12305] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 246.619417][T12305] RSP: 002b:00007f245f4d2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 246.619435][T12305] RAX: ffffffffffffffda RBX: 00007f245e7a5fa0 RCX: 00007f245e58d169 [ 246.619447][T12305] RDX: 0000000000000050 RSI: 0000400000000240 RDI: 000000000000000a [ 246.619458][T12305] RBP: 00007f245f4d2090 R08: 0000000000000000 R09: 0000000000000000 [ 246.619469][T12305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 246.619479][T12305] R13: 0000000000000000 R14: 00007f245e7a5fa0 R15: 00007ffee19cf578 [ 246.619505][T12305] [ 246.638550][T12308] lo speed is unknown, defaulting to 1000 [ 247.440257][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 248.480769][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 248.971501][T12315] netlink: 124 bytes leftover after parsing attributes in process `syz.3.1913'. [ 248.983570][T12318] team0: Unable to change to the same mode the team is in [ 248.993583][T12308] lo speed is unknown, defaulting to 1000 [ 249.151188][T12336] netlink: 'syz.4.1916': attribute type 1 has an invalid length. [ 249.317238][T12339] netlink: 'syz.1.1915': attribute type 1 has an invalid length. [ 249.528702][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 249.584706][T12352] FAULT_INJECTION: forcing a failure. [ 249.584706][T12352] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 249.637695][T12352] CPU: 0 UID: 0 PID: 12352 Comm: syz.3.1921 Not tainted 6.14.0-rc4-syzkaller-00840-g56794b5862c5 #0 [ 249.637722][T12352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 249.637732][T12352] Call Trace: [ 249.637738][T12352] [ 249.637745][T12352] dump_stack_lvl+0x241/0x360 [ 249.637769][T12352] ? __pfx_dump_stack_lvl+0x10/0x10 [ 249.637786][T12352] ? __pfx__printk+0x10/0x10 [ 249.637802][T12352] ? __pfx_lock_release+0x10/0x10 [ 249.637828][T12352] should_fail_ex+0x40a/0x550 [ 249.637852][T12352] _copy_from_user+0x2d/0xb0 [ 249.637873][T12352] do_arpt_set_ctl+0x759/0x1650 [ 249.637900][T12352] ? __pfx_do_arpt_set_ctl+0x10/0x10 [ 249.637922][T12352] ? nf_setsockopt+0x240/0x2c0 [ 249.637937][T12352] ? do_ip_setsockopt+0x2824/0x3ae0 [ 249.637959][T12352] ? __pfx_lock_release+0x10/0x10 [ 249.637979][T12352] ? rcu_is_watching+0x15/0xb0 [ 249.638004][T12352] ? __mutex_unlock_slowpath+0x227/0x800 [ 249.638032][T12352] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 249.638051][T12352] ? aa_sk_perm+0x96d/0xab0 [ 249.638074][T12352] ? vfs_write+0x7fa/0xd10 [ 249.638089][T12352] ? __pfx_aa_sk_perm+0x10/0x10 [ 249.638111][T12352] nf_setsockopt+0x295/0x2c0 [ 249.638132][T12352] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 249.638151][T12352] do_sock_setsockopt+0x3af/0x720 [ 249.638178][T12352] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 249.638206][T12352] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 249.638233][T12352] __x64_sys_setsockopt+0x1ee/0x280 [ 249.638260][T12352] do_syscall_64+0xf3/0x230 [ 249.638280][T12352] ? clear_bhb_loop+0x35/0x90 [ 249.638302][T12352] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 249.638321][T12352] RIP: 0033:0x7f6b1b78d169 [ 249.638347][T12352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 249.638361][T12352] RSP: 002b:00007f6b1c5b0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 249.638379][T12352] RAX: ffffffffffffffda RBX: 00007f6b1b9a5fa0 RCX: 00007f6b1b78d169 [ 249.638391][T12352] RDX: 0000000000000060 RSI: 0000000000000000 RDI: 0000000000000003 [ 249.638400][T12352] RBP: 00007f6b1c5b0090 R08: 00000000000000bf R09: 0000000000000000 [ 249.638410][T12352] R10: 00004000000001c0 R11: 0000000000000246 R12: 0000000000000001 [ 249.638420][T12352] R13: 0000000000000000 R14: 00007f6b1b9a5fa0 R15: 00007ffc412f5898 [ 249.638446][T12352] [ 249.676145][T12356] __nla_validate_parse: 1 callbacks suppressed [ 249.676161][T12356] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1924'. [ 250.010640][T12368] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1926'. [ 250.075694][T12373] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1929'. [ 250.348161][T12381] netlink: 'syz.2.1931': attribute type 10 has an invalid length. [ 250.379873][T12387] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1932'. [ 250.397182][T12381] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1931'. [ 250.427631][T12381] netlink: 31 bytes leftover after parsing attributes in process `syz.2.1931'. [ 250.456809][T12381] netlink: 'syz.2.1931': attribute type 3 has an invalid length. [ 250.477503][T12381] netlink: 'syz.2.1931': attribute type 2 has an invalid length. [ 250.501237][T12381] netlink: 31 bytes leftover after parsing attributes in process `syz.2.1931'. [ 250.553029][T12405] FAULT_INJECTION: forcing a failure. [ 250.553029][T12405] name failslab, interval 1, probability 0, space 0, times 0 [ 250.568637][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 250.615252][T12381] lo speed is unknown, defaulting to 1000 [ 250.622783][T12405] CPU: 0 UID: 0 PID: 12405 Comm: syz.0.1938 Not tainted 6.14.0-rc4-syzkaller-00840-g56794b5862c5 #0 [ 250.622809][T12405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 250.622819][T12405] Call Trace: [ 250.622825][T12405] [ 250.622832][T12405] dump_stack_lvl+0x241/0x360 [ 250.622858][T12405] ? __pfx_dump_stack_lvl+0x10/0x10 [ 250.622875][T12405] ? __pfx__printk+0x10/0x10 [ 250.622893][T12405] ? kmem_cache_alloc_node_noprof+0x4f/0x380 [ 250.622917][T12405] ? __pfx___might_resched+0x10/0x10 [ 250.622943][T12405] should_fail_ex+0x40a/0x550 [ 250.622969][T12405] should_failslab+0xac/0x100 [ 250.622991][T12405] kmem_cache_alloc_node_noprof+0x77/0x380 [ 250.623012][T12405] ? __alloc_skb+0x1c3/0x440 [ 250.623037][T12405] __alloc_skb+0x1c3/0x440 [ 250.623063][T12405] ? __pfx___alloc_skb+0x10/0x10 [ 250.623086][T12405] ? netlink_autobind+0xd6/0x2f0 [ 250.623104][T12405] ? netlink_autobind+0x2b0/0x2f0 [ 250.623127][T12405] netlink_sendmsg+0x634/0xcb0 [ 250.623157][T12405] ? __pfx_netlink_sendmsg+0x10/0x10 [ 250.623179][T12405] ? aa_sock_msg_perm+0x91/0x160 [ 250.623206][T12405] ? __pfx_netlink_sendmsg+0x10/0x10 [ 250.623223][T12405] __sock_sendmsg+0x221/0x270 [ 250.623244][T12405] ____sys_sendmsg+0x53a/0x860 [ 250.623275][T12405] ? __pfx_____sys_sendmsg+0x10/0x10 [ 250.623295][T12405] ? __fget_files+0x2a/0x410 [ 250.623319][T12405] ? __fget_files+0x2a/0x410 [ 250.623347][T12405] __sys_sendmsg+0x269/0x350 [ 250.623375][T12405] ? __pfx___sys_sendmsg+0x10/0x10 [ 250.623410][T12405] ? do_sys_openat2+0x17a/0x1d0 [ 250.623454][T12405] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 250.623477][T12405] ? do_syscall_64+0x100/0x230 [ 250.623510][T12405] ? do_syscall_64+0xb6/0x230 [ 250.623532][T12405] do_syscall_64+0xf3/0x230 [ 250.623552][T12405] ? clear_bhb_loop+0x35/0x90 [ 250.623574][T12405] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 250.623594][T12405] RIP: 0033:0x7f34e2d8d169 [ 250.623608][T12405] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 250.623620][T12405] RSP: 002b:00007f34e3c0a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 250.623637][T12405] RAX: ffffffffffffffda RBX: 00007f34e2fa5fa0 RCX: 00007f34e2d8d169 [ 250.623648][T12405] RDX: 0000000000000000 RSI: 00004000000012c0 RDI: 0000000000000003 [ 250.623656][T12405] RBP: 00007f34e3c0a090 R08: 0000000000000000 R09: 0000000000000000 [ 250.623667][T12405] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 250.623675][T12405] R13: 0000000000000000 R14: 00007f34e2fa5fa0 R15: 00007ffe16779168 [ 250.623699][T12405] [ 250.986350][T12381] lo speed is unknown, defaulting to 1000 [ 251.162038][T12417] lo speed is unknown, defaulting to 1000 [ 251.599190][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 251.746249][T12440] bridge0: port 1(veth0_to_bridge) entered blocking state [ 251.760827][T12440] bridge0: port 1(veth0_to_bridge) entered disabled state [ 251.768349][T12440] veth0_to_bridge: entered allmulticast mode [ 251.777603][T12440] veth0_to_bridge: entered promiscuous mode [ 251.823280][T12417] lo speed is unknown, defaulting to 1000 [ 251.932932][T12454] netlink: 'syz.4.1950': attribute type 1 has an invalid length. [ 252.179129][T12454] bond3: entered promiscuous mode [ 252.184649][T12454] 8021q: adding VLAN 0 to HW filter on device bond3 [ 252.331561][T12462] 8021q: adding VLAN 0 to HW filter on device bond3 [ 252.356042][T12462] bond3: (slave ip6gre1): The slave device specified does not support setting the MAC address [ 252.386047][T12462] bond3: (slave ip6gre1): Setting fail_over_mac to active for active-backup mode [ 252.423825][T12462] bond3: (slave ip6gre1): making interface the new active one [ 252.431886][T12462] ip6gre1: entered promiscuous mode [ 252.447848][T12462] bond3: (slave ip6gre1): Enslaving as an active interface with an up link [ 252.638635][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 253.109115][T12509] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1964'. [ 253.152669][T12513] netlink: 'syz.2.1965': attribute type 10 has an invalid length. [ 253.161550][T12510] xt_l2tp: v2 tid > 0xffff: 4294967295 [ 253.167418][T12514] xt_l2tp: v2 tid > 0xffff: 4294967295 [ 253.223329][T12513] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link [ 253.477088][T12525] veth0_to_bridge: left allmulticast mode [ 253.495300][T12525] veth0_to_bridge: left promiscuous mode [ 253.509362][T12525] bridge0: port 1(veth0_to_bridge) entered disabled state [ 253.559571][T12525] bond0: (slave bridge_slave_1): Releasing backup interface [ 253.603789][T12534] siw: device registration error -23 [ 253.678652][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 253.737698][T12545] ªªªªª: renamed from veth0_to_team [ 253.758047][T12545] ªªªªª: entered promiscuous mode [ 253.769065][T12545] ªªªªª: entered allmulticast mode [ 253.842482][T12545] RDS: rds_bind could not find a transport for ::ffff:100.1.1.2, load rds_tcp or rds_rdma? [ 253.908712][T12555] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1974'. [ 254.098972][T12566] pim6reg1: entered promiscuous mode [ 254.104334][T12566] pim6reg1: entered allmulticast mode [ 254.231319][T12573] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1979'. [ 254.708321][T12603] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1989'. [ 254.718580][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 254.925632][T12611] netlink: 'syz.0.1991': attribute type 61 has an invalid length. [ 254.955800][T12611] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1991'. [ 255.075811][T12622] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1994'. [ 255.164225][T12624] team0: Unable to change to the same mode the team is in [ 255.334243][T12631] lo speed is unknown, defaulting to 1000 [ 255.384603][T12634] xt_ecn: cannot match TCP bits for non-tcp packets [ 255.402448][T12634] netlink: 'syz.0.1998': attribute type 4 has an invalid length. [ 255.422966][T12634] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1998'. [ 255.438847][ T5840] Bluetooth: hci4: command 0x0405 tx timeout [ 255.768724][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 255.828720][T12649] lo speed is unknown, defaulting to 1000 [ 255.848982][T12631] lo speed is unknown, defaulting to 1000 [ 255.919336][T12656] netlink: 'syz.2.2004': attribute type 29 has an invalid length. [ 255.976478][T12656] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2004'. [ 256.005668][T12653] lo speed is unknown, defaulting to 1000 [ 256.005714][T12649] lo speed is unknown, defaulting to 1000 [ 256.071603][T12656] netlink: 'syz.2.2004': attribute type 29 has an invalid length. [ 256.204126][T12659] IPv6: sit2: Disabled Multicast RS [ 256.226707][T12659] sit2: entered allmulticast mode [ 256.267146][T12653] lo speed is unknown, defaulting to 1000 [ 256.285711][T12654] lo speed is unknown, defaulting to 1000 [ 256.767701][T12654] lo speed is unknown, defaulting to 1000 [ 256.798644][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 257.211029][T12675] netlink: 96 bytes leftover after parsing attributes in process `syz.2.2009'. [ 257.416965][T12680] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2011'. [ 257.838757][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 257.917358][T12684] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2013'. [ 258.215027][T12698] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2017'. [ 258.779334][T12722] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 258.878681][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 258.903543][T12733] netlink: 'syz.4.2029': attribute type 3 has an invalid length. [ 258.942448][T12733] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.2029'. [ 258.976989][T12738] netlink: 'syz.1.2030': attribute type 11 has an invalid length. [ 258.986889][T12739] netlink: 'syz.1.2030': attribute type 11 has an invalid length. [ 259.294602][T12747] xt_l2tp: wrong L2TP version: 0 [ 259.747422][T12767] netlink: 'syz.2.2039': attribute type 3 has an invalid length. [ 259.775297][T12769] lo speed is unknown, defaulting to 1000 [ 259.840823][T12777] sctp: [Deprecated]: syz.4.2043 (pid 12777) Use of struct sctp_assoc_value in delayed_ack socket option. [ 259.840823][T12777] Use struct sctp_sack_info instead [ 259.918761][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 260.070529][T12769] lo speed is unknown, defaulting to 1000 [ 260.116730][T12774] lo speed is unknown, defaulting to 1000 [ 260.229315][T12791] __nla_validate_parse: 2 callbacks suppressed [ 260.229334][T12791] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2046'. [ 260.289470][T12791] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2046'. [ 260.308755][T12791] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2046'. [ 260.327191][T12791] netlink: 'syz.2.2046': attribute type 29 has an invalid length. [ 260.532463][T12802] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2048'. [ 260.598153][T12774] lo speed is unknown, defaulting to 1000 [ 260.905082][T12822] bridge_slave_0: default FDB implementation only supports local addresses [ 260.942671][T12774] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2042'. [ 260.958655][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 261.034488][T12827] netlink: 165 bytes leftover after parsing attributes in process `syz.0.2054'. [ 261.069416][T12827] netlink: 277 bytes leftover after parsing attributes in process `syz.0.2054'. [ 261.181946][T12834] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2054'. [ 261.904609][T12846] lo speed is unknown, defaulting to 1000 [ 261.998616][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 262.728677][T12858] ip_vti0: entered promiscuous mode [ 262.754450][T12846] lo speed is unknown, defaulting to 1000 [ 262.860237][T12881] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2066'. [ 263.048542][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 263.269288][T12902] openvswitch: netlink: Actions may not be safe on all matching packets [ 263.321331][T12906] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2072'. [ 263.426201][T12906] tipc: Enabled bearer , priority 0 [ 263.653821][T12906] syzkaller0: entered promiscuous mode [ 263.686048][T12906] syzkaller0: entered allmulticast mode [ 263.715561][T12906] tipc: Resetting bearer [ 263.796529][T12901] tipc: Resetting bearer [ 264.078726][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 264.524833][ T7122] tipc: Node number set to 536936449 [ 265.121784][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 266.161495][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 266.379876][T12901] tipc: Disabling bearer [ 266.400114][T12960] FAULT_INJECTION: forcing a failure. [ 266.400114][T12960] name failslab, interval 1, probability 0, space 0, times 0 [ 266.413167][T12960] CPU: 0 UID: 0 PID: 12960 Comm: syz.0.2080 Not tainted 6.14.0-rc4-syzkaller-00840-g56794b5862c5 #0 [ 266.413190][T12960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 266.413201][T12960] Call Trace: [ 266.413207][T12960] [ 266.413214][T12960] dump_stack_lvl+0x241/0x360 [ 266.413240][T12960] ? __pfx_dump_stack_lvl+0x10/0x10 [ 266.413257][T12960] ? __pfx__printk+0x10/0x10 [ 266.413276][T12960] ? __kmalloc_cache_noprof+0x48/0x390 [ 266.413298][T12960] ? __pfx___might_resched+0x10/0x10 [ 266.413324][T12960] should_fail_ex+0x40a/0x550 [ 266.413351][T12960] should_failslab+0xac/0x100 [ 266.413372][T12960] __kmalloc_cache_noprof+0x70/0x390 [ 266.413391][T12960] ? tcf_block_get_ext+0x145/0x1670 [ 266.413414][T12960] tcf_block_get_ext+0x145/0x1670 [ 266.413450][T12960] ? lockdep_rtnl_is_held+0x26/0x40 [ 266.413476][T12960] clsact_init+0x568/0x760 [ 266.413500][T12960] ? __pfx_clsact_init+0x10/0x10 [ 266.413515][T12960] ? qdisc_alloc+0x7dd/0xa80 [ 266.413539][T12960] ? __pfx_clsact_init+0x10/0x10 [ 266.413556][T12960] qdisc_create+0x9d4/0x11a0 [ 266.413588][T12960] ? __pfx_qdisc_create+0x10/0x10 [ 266.413620][T12960] tc_modify_qdisc+0xbbb/0x1f10 [ 266.413658][T12960] ? __pfx_tc_modify_qdisc+0x10/0x10 [ 266.413703][T12960] ? __pfx_tc_modify_qdisc+0x10/0x10 [ 266.413727][T12960] rtnetlink_rcv_msg+0x73f/0xcf0 [ 266.413743][T12960] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 266.413763][T12960] ? __lock_acquire+0x1397/0x2100 [ 266.413786][T12960] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 266.413821][T12960] netlink_rcv_skb+0x206/0x480 [ 266.413840][T12960] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 266.413860][T12960] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 266.413901][T12960] ? netlink_deliver_tap+0x2e/0x1b0 [ 266.413921][T12960] netlink_unicast+0x7f6/0x990 [ 266.413945][T12960] ? __pfx_netlink_unicast+0x10/0x10 [ 266.413959][T12960] ? __virt_addr_valid+0x45f/0x530 [ 266.413976][T12960] ? __phys_addr_symbol+0x2f/0x70 [ 266.413997][T12960] ? __check_object_size+0x47a/0x730 [ 266.414023][T12960] netlink_sendmsg+0x8de/0xcb0 [ 266.414053][T12960] ? __pfx_netlink_sendmsg+0x10/0x10 [ 266.414076][T12960] ? aa_sock_msg_perm+0x91/0x160 [ 266.414105][T12960] ? __pfx_netlink_sendmsg+0x10/0x10 [ 266.414120][T12960] __sock_sendmsg+0x221/0x270 [ 266.414142][T12960] ____sys_sendmsg+0x53a/0x860 [ 266.414172][T12960] ? __pfx_____sys_sendmsg+0x10/0x10 [ 266.414193][T12960] ? __fget_files+0x2a/0x410 [ 266.414217][T12960] ? __fget_files+0x2a/0x410 [ 266.414247][T12960] __sys_sendmsg+0x269/0x350 [ 266.414275][T12960] ? __pfx___sys_sendmsg+0x10/0x10 [ 266.414311][T12960] ? do_sys_openat2+0x17a/0x1d0 [ 266.414359][T12960] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 266.414383][T12960] ? do_syscall_64+0x100/0x230 [ 266.414409][T12960] ? do_syscall_64+0xb6/0x230 [ 266.414439][T12960] do_syscall_64+0xf3/0x230 [ 266.414460][T12960] ? clear_bhb_loop+0x35/0x90 [ 266.414485][T12960] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 266.414504][T12960] RIP: 0033:0x7f34e2d8d169 [ 266.414519][T12960] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 266.414533][T12960] RSP: 002b:00007f34e3c0a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 266.414551][T12960] RAX: ffffffffffffffda RBX: 00007f34e2fa5fa0 RCX: 00007f34e2d8d169 [ 266.414563][T12960] RDX: 0000000000000000 RSI: 00004000000012c0 RDI: 0000000000000003 [ 266.414573][T12960] RBP: 00007f34e3c0a090 R08: 0000000000000000 R09: 0000000000000000 [ 266.414584][T12960] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 266.414594][T12960] R13: 0000000000000000 R14: 00007f34e2fa5fa0 R15: 00007ffe16779168 [ 266.414621][T12960] [ 266.973657][T12966] netlink: 'syz.2.2083': attribute type 6 has an invalid length. [ 267.161921][T12980] __nla_validate_parse: 1 callbacks suppressed [ 267.161940][T12980] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2087'. [ 267.207128][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 267.264622][T12987] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2087'. [ 268.005554][T12995] xt_CT: No such helper "pptp" [ 268.248933][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 269.285656][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 269.462984][T13000] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma? [ 269.793752][T13022] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2098'. [ 269.905942][T13026] sctp: [Deprecated]: syz.0.2099 (pid 13026) Use of int in max_burst socket option deprecated. [ 269.905942][T13026] Use struct sctp_assoc_value instead [ 270.115271][T13044] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2104'. [ 270.147106][T13048] sctp: [Deprecated]: syz.2.2106 (pid 13048) Use of int in max_burst socket option deprecated. [ 270.147106][T13048] Use struct sctp_assoc_value instead [ 270.185143][T13044] gre0: entered promiscuous mode [ 270.195069][T13044] gre0: entered allmulticast mode [ 270.195228][T13043] netlink: 'syz.3.2103': attribute type 5 has an invalid length. [ 270.219414][T13044] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 270.254783][T13044] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2104'. [ 270.291915][T13058] netlink: 'syz.2.2107': attribute type 21 has an invalid length. [ 270.318716][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 270.384611][T13065] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 270.393290][T13065] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 270.401848][T13065] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 270.410090][T13065] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 270.421090][T13069] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2108'. [ 270.440377][T13065] vxlan0: entered promiscuous mode [ 270.445564][T13065] vxlan0: entered allmulticast mode [ 270.461853][T13065] netdevsim netdevsim4 eth0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 270.470619][T13065] netdevsim netdevsim4 eth1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 270.479514][T13065] netdevsim netdevsim4 eth2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 270.487905][T13065] netdevsim netdevsim4 eth3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 270.923205][T13091] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2116'. [ 271.220749][T13112] netlink: 1004 bytes leftover after parsing attributes in process `syz.2.2122'. [ 271.316852][T13115] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2125'. [ 271.368623][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 271.409275][T13121] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2124'. [ 271.565358][T13127] mac80211_hwsim hwsim8 wlan1: entered allmulticast mode [ 271.580682][T13133] netlink: 'syz.0.2130': attribute type 9 has an invalid length. [ 271.600438][T13134] pimreg: entered allmulticast mode [ 271.608271][T13134] pimreg: left allmulticast mode [ 271.711614][T13141] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input8 [ 271.830255][T13143] veth11: entered promiscuous mode [ 271.848714][T13143] veth11: entered allmulticast mode [ 272.117701][T13161] lo speed is unknown, defaulting to 1000 [ 272.318677][ T5840] Bluetooth: hci4: command 0x0405 tx timeout [ 272.328170][T13175] __nla_validate_parse: 6 callbacks suppressed [ 272.328188][T13175] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2142'. [ 272.398696][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 272.428690][T13184] netlink: 'syz.1.2145': attribute type 1 has an invalid length. [ 272.470596][T13184] bond2: entered promiscuous mode [ 272.475863][T13184] 8021q: adding VLAN 0 to HW filter on device bond2 [ 272.588987][T13193] netlink: 3 bytes leftover after parsing attributes in process `syz.1.2145'. [ 272.604124][T13193] batadv0: entered promiscuous mode [ 272.630004][T13193] batadv0: entered allmulticast mode [ 272.664414][T13184] netlink: 3 bytes leftover after parsing attributes in process `syz.1.2145'. [ 272.691379][T13193] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 272.732085][T13193] bond2: (slave batadv0): making interface the new active one [ 272.744710][T13202] netlink: 'syz.0.2148': attribute type 1 has an invalid length. [ 272.765716][T13202] netlink: 228 bytes leftover after parsing attributes in process `syz.0.2148'. [ 272.794000][T13202] netlink: 11 bytes leftover after parsing attributes in process `syz.0.2148'. [ 272.811508][T13193] bond2: (slave batadv0): Enslaving as an active interface with an up link [ 272.827490][T13203] netlink: 'syz.4.2146': attribute type 1 has an invalid length. [ 272.907009][T13161] lo speed is unknown, defaulting to 1000 [ 272.918848][T13184] batadv1: entered promiscuous mode [ 272.924372][T13184] batadv1: entered allmulticast mode [ 272.950430][T13184] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 272.980917][T13184] bond2: (slave batadv1): Enslaving as an active interface with an up link [ 273.003475][T13218] netlink: 'syz.4.2146': attribute type 1 has an invalid length. [ 273.011630][T13218] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 273.438629][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 273.684598][T13242] xt_NFQUEUE: number of queues (65532) out of range (got 66665) [ 273.825328][T13249] tipc: Failed to remove unknown binding: 66,3,3/536936449:4291773367/4291773368 [ 273.923433][T13257] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2161'. [ 273.978140][T13261] No such timeout policy "syz0" [ 273.991565][T13259] lo speed is unknown, defaulting to 1000 [ 274.265099][T13274] sysfs: cannot create duplicate filename '/class/ieee80211/!' [ 274.292593][T13274] CPU: 1 UID: 0 PID: 13274 Comm: syz.2.2167 Not tainted 6.14.0-rc4-syzkaller-00840-g56794b5862c5 #0 [ 274.292624][T13274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 274.292636][T13274] Call Trace: [ 274.292643][T13274] [ 274.292652][T13274] dump_stack_lvl+0x241/0x360 [ 274.292681][T13274] ? __pfx_dump_stack_lvl+0x10/0x10 [ 274.292700][T13274] ? __pfx__printk+0x10/0x10 [ 274.292724][T13274] ? __kmalloc_cache_noprof+0x243/0x390 [ 274.292746][T13274] ? sysfs_warn_dup+0x51/0xa0 [ 274.292772][T13274] sysfs_warn_dup+0x8e/0xa0 [ 274.292792][T13274] sysfs_do_create_link_sd+0xbe/0x110 [ 274.292822][T13274] device_add_class_symlinks+0x1c5/0x250 [ 274.292852][T13274] device_add+0x553/0xbf0 [ 274.292884][T13274] wiphy_register+0x1922/0x2650 [ 274.292916][T13274] ? __pfx_wiphy_register+0x10/0x10 [ 274.292931][T13274] ? minstrel_ht_alloc+0x84b/0x940 [ 274.292958][T13274] ? ieee80211_init_rate_ctrl_alg+0x5a2/0x620 [ 274.292983][T13274] ieee80211_register_hw+0x35d9/0x42e0 [ 274.293019][T13274] ? ieee80211_register_hw+0x1631/0x42e0 [ 274.293048][T13274] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 274.293080][T13274] ? __asan_memset+0x23/0x50 [ 274.293097][T13274] ? __hrtimer_init+0x170/0x250 [ 274.293120][T13274] mac80211_hwsim_new_radio+0x2ae8/0x4a40 [ 274.293173][T13274] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 274.293196][T13274] ? trace_kmalloc+0x1f/0xd0 [ 274.293215][T13274] ? __kmalloc_node_track_caller_noprof+0x2a8/0x4c0 [ 274.293239][T13274] ? kstrndup+0xbb/0x150 [ 274.293272][T13274] hwsim_new_radio_nl+0xece/0x2290 [ 274.293306][T13274] ? __pfx___nla_validate_parse+0x10/0x10 [ 274.293330][T13274] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 274.293384][T13274] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 274.293418][T13274] genl_rcv_msg+0xb1f/0xec0 [ 274.293452][T13274] ? __pfx_genl_rcv_msg+0x10/0x10 [ 274.293506][T13274] ? __pfx_lock_acquire+0x10/0x10 [ 274.293531][T13274] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 274.293551][T13274] ? __pfx___might_resched+0x10/0x10 [ 274.293583][T13274] netlink_rcv_skb+0x206/0x480 [ 274.293603][T13274] ? __pfx_genl_rcv_msg+0x10/0x10 [ 274.293628][T13274] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 274.293681][T13274] genl_rcv+0x28/0x40 [ 274.293702][T13274] netlink_unicast+0x7f6/0x990 [ 274.293729][T13274] ? __pfx_netlink_unicast+0x10/0x10 [ 274.293744][T13274] ? __virt_addr_valid+0x45f/0x530 [ 274.293762][T13274] ? __phys_addr_symbol+0x2f/0x70 [ 274.293786][T13274] ? __check_object_size+0x47a/0x730 [ 274.293812][T13274] netlink_sendmsg+0x8de/0xcb0 [ 274.293852][T13274] ? __pfx_netlink_sendmsg+0x10/0x10 [ 274.293877][T13274] ? aa_sock_msg_perm+0x91/0x160 [ 274.293909][T13274] ? __pfx_netlink_sendmsg+0x10/0x10 [ 274.293927][T13274] __sock_sendmsg+0x221/0x270 [ 274.293952][T13274] ____sys_sendmsg+0x53a/0x860 [ 274.293986][T13274] ? __pfx_____sys_sendmsg+0x10/0x10 [ 274.294009][T13274] ? __fget_files+0x2a/0x410 [ 274.294035][T13274] ? __fget_files+0x2a/0x410 [ 274.294067][T13274] __sys_sendmsg+0x269/0x350 [ 274.294098][T13274] ? __pfx___sys_sendmsg+0x10/0x10 [ 274.294172][T13274] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 274.294197][T13274] ? do_syscall_64+0x100/0x230 [ 274.294225][T13274] ? do_syscall_64+0xb6/0x230 [ 274.294252][T13274] do_syscall_64+0xf3/0x230 [ 274.294275][T13274] ? clear_bhb_loop+0x35/0x90 [ 274.294300][T13274] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 274.294322][T13274] RIP: 0033:0x7f8fd838d169 [ 274.294339][T13274] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 274.294354][T13274] RSP: 002b:00007f8fd9129038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 274.294373][T13274] RAX: ffffffffffffffda RBX: 00007f8fd85a5fa0 RCX: 00007f8fd838d169 [ 274.294386][T13274] RDX: 0000000000000800 RSI: 0000400000000100 RDI: 0000000000000006 [ 274.294397][T13274] RBP: 00007f8fd840e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 274.294407][T13274] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 274.294418][T13274] R13: 0000000000000000 R14: 00007f8fd85a5fa0 R15: 00007ffe06dcc0e8 [ 274.294448][T13274] [ 274.410904][T13261] lo speed is unknown, defaulting to 1000 [ 274.478922][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 274.485855][T13259] lo speed is unknown, defaulting to 1000 [ 274.762021][T13261] lo speed is unknown, defaulting to 1000 [ 275.254942][T13259] lo speed is unknown, defaulting to 1000 [ 275.357523][T13305] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2173'. [ 275.496827][T13259] lo speed is unknown, defaulting to 1000 [ 275.518576][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 275.756585][T13312] gre0: left promiscuous mode [ 275.778767][T13312] gre0: left allmulticast mode [ 275.792939][T13315] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2175'. [ 275.810967][T13312] ip_vti0: left promiscuous mode [ 275.867153][T13312] ªªªªª: left promiscuous mode [ 275.910011][T13312] ªªªªª: left allmulticast mode [ 275.960053][T13312] bond3: left promiscuous mode [ 275.985327][T13312] ip6gre1: left promiscuous mode [ 276.034573][T13320] lo speed is unknown, defaulting to 1000 [ 276.081096][T13323] netlink: 'syz.1.2179': attribute type 4 has an invalid length. [ 276.085301][T13325] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2177'. [ 276.105938][T13325] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2177'. [ 276.119233][T13324] netlink: 'syz.1.2179': attribute type 4 has an invalid length. [ 276.558704][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 276.776091][T13320] lo speed is unknown, defaulting to 1000 [ 277.315435][T13349] netlink: 'syz.2.2184': attribute type 3 has an invalid length. [ 277.598564][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 277.658611][T13359] __nla_validate_parse: 4 callbacks suppressed [ 277.658629][T13359] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2187'. [ 278.047262][T13376] pimreg: entered allmulticast mode [ 278.054751][T13376] pimreg: left allmulticast mode [ 278.079107][T13378] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2191'. [ 278.151815][T13384] x_tables: duplicate underflow at hook 2 [ 278.393193][T13394] tipc: Enabled bearer , priority 0 [ 278.402355][T13394] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2196'. [ 278.430366][T13393] tipc: Resetting bearer [ 278.638645][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 278.939012][T13406] netlink: 'syz.3.2199': attribute type 1 has an invalid length. [ 278.960179][T13406] netlink: 'syz.3.2199': attribute type 1 has an invalid length. [ 279.418948][ T974] tipc: Node number set to 1251119842 [ 279.678555][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 280.728717][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 281.472327][T13393] tipc: Disabling bearer [ 281.487974][T13407] pim6reg: entered allmulticast mode [ 281.712486][T13429] netlink: 'syz.0.2204': attribute type 10 has an invalid length. [ 281.728740][T13429] ieee802154 phy0 wpan0: entered promiscuous mode [ 281.741825][T13429] bond0: (slave wpan0): Enslaving as an active interface with an up link [ 281.758621][ C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 281.766315][ T5889] ================================================================== [ 281.774402][ T5889] BUG: KASAN: null-ptr-deref in mac802154_header_create+0x16a/0x970 [ 281.782389][ T5889] Write of size 4 at addr 000000000000004c by task kworker/1:7/5889 [ 281.790364][ T5889] [ 281.792686][ T5889] CPU: 1 UID: 0 PID: 5889 Comm: kworker/1:7 Not tainted 6.14.0-rc4-syzkaller-00840-g56794b5862c5 #0 [ 281.792704][ T5889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 281.792714][ T5889] Workqueue: mld mld_ifc_work [ 281.792738][ T5889] Call Trace: [ 281.792744][ T5889] [ 281.792750][ T5889] dump_stack_lvl+0x241/0x360 [ 281.792766][ T5889] ? __pfx_dump_stack_lvl+0x10/0x10 [ 281.792779][ T5889] ? __pfx__printk+0x10/0x10 [ 281.792791][ T5889] ? _printk+0xd5/0x120 [ 281.792805][ T5889] print_report+0xe3/0x5b0 [ 281.792821][ T5889] ? __virt_addr_valid+0x58/0x530 [ 281.792834][ T5889] ? mac802154_header_create+0x16a/0x970 [ 281.792852][ T5889] kasan_report+0x143/0x180 [ 281.792867][ T5889] ? mac802154_header_create+0x16a/0x970 [ 281.792886][ T5889] kasan_check_range+0x282/0x290 [ 281.792902][ T5889] mac802154_header_create+0x16a/0x970 [ 281.792921][ T5889] ? __pfx_mac802154_header_create+0x10/0x10 [ 281.792939][ T5889] ? neigh_connected_output+0x1d5/0x450 [ 281.792953][ T5889] ? read_seqbegin+0x15a/0x2c0 [ 281.792966][ T5889] ? lockdep_hardirqs_on+0x99/0x150 [ 281.792983][ T5889] ? read_seqbegin+0x200/0x2c0 [ 281.792999][ T5889] ? ___neigh_create+0x1d89/0x2360 [ 281.793012][ T5889] ? __pfx_mac802154_header_create+0x10/0x10 [ 281.793029][ T5889] neigh_connected_output+0x27f/0x450 [ 281.793047][ T5889] ip6_finish_output2+0x12bc/0x17c0 [ 281.793063][ T5889] ? ip6_finish_output2+0x63b/0x17c0 [ 281.793078][ T5889] ? __pfx_ip6_finish_output2+0x10/0x10 [ 281.793095][ T5889] ? ip6_mtu+0x81/0x3f0 [ 281.793113][ T5889] ip6_finish_output+0x41e/0x840 [ 281.793134][ T5889] NF_HOOK+0x9e/0x430 [ 281.793146][ T5889] ? NF_HOOK+0xfa/0x430 [ 281.793157][ T5889] ? __pfx_NF_HOOK+0x10/0x10 [ 281.793169][ T5889] ? __pfx_dst_output+0x10/0x10 [ 281.793182][ T5889] ? icmp6_dst_alloc+0x3aa/0x420 [ 281.793195][ T5889] mld_sendpack+0x843/0xdb0 [ 281.793207][ T5889] ? __pfx_mld_newpack+0x10/0x10 [ 281.793223][ T5889] ? mld_sendpack+0x1e8/0xdb0 [ 281.793234][ T5889] ? __pfx_mld_sendpack+0x10/0x10 [ 281.793253][ T5889] mld_ifc_work+0x7d9/0xd90 [ 281.793273][ T5889] ? process_scheduled_works+0x9c6/0x18e0 [ 281.793288][ T5889] process_scheduled_works+0xabe/0x18e0 [ 281.793313][ T5889] ? __pfx_process_scheduled_works+0x10/0x10 [ 281.793330][ T5889] ? assign_work+0x364/0x3d0 [ 281.793352][ T5889] worker_thread+0x870/0xd30 [ 281.793372][ T5889] ? __kthread_parkme+0x169/0x1d0 [ 281.793389][ T5889] ? __pfx_worker_thread+0x10/0x10 [ 281.793404][ T5889] kthread+0x7a9/0x920 [ 281.793420][ T5889] ? __pfx_kthread+0x10/0x10 [ 281.793438][ T5889] ? __pfx_worker_thread+0x10/0x10 [ 281.793453][ T5889] ? __pfx_kthread+0x10/0x10 [ 281.793469][ T5889] ? __pfx_kthread+0x10/0x10 [ 281.793487][ T5889] ? __pfx_kthread+0x10/0x10 [ 281.793503][ T5889] ? _raw_spin_unlock_irq+0x23/0x50 [ 281.793517][ T5889] ? lockdep_hardirqs_on+0x99/0x150 [ 281.793533][ T5889] ? __pfx_kthread+0x10/0x10 [ 281.793550][ T5889] ret_from_fork+0x4b/0x80 [ 281.793566][ T5889] ? __pfx_kthread+0x10/0x10 [ 281.793582][ T5889] ret_from_fork_asm+0x1a/0x30 [ 281.793602][ T5889] [ 281.793607][ T5889] ================================================================== [ 282.132690][ T5889] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 282.139940][ T5889] CPU: 1 UID: 0 PID: 5889 Comm: kworker/1:7 Not tainted 6.14.0-rc4-syzkaller-00840-g56794b5862c5 #0 [ 282.150723][ T5889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 282.160802][ T5889] Workqueue: mld mld_ifc_work [ 282.165511][ T5889] Call Trace: [ 282.168797][ T5889] [ 282.171742][ T5889] dump_stack_lvl+0x241/0x360 [ 282.176437][ T5889] ? __pfx_dump_stack_lvl+0x10/0x10 [ 282.181658][ T5889] ? __pfx__printk+0x10/0x10 [ 282.186267][ T5889] ? preempt_schedule+0xe1/0xf0 [ 282.191145][ T5889] ? vscnprintf+0x5d/0x90 [ 282.195497][ T5889] panic+0x349/0x880 [ 282.199407][ T5889] ? check_panic_on_warn+0x21/0xb0 [ 282.204545][ T5889] ? __pfx_panic+0x10/0x10 [ 282.208973][ T5889] ? _raw_spin_unlock_irqrestore+0x130/0x140 [ 282.214964][ T5889] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 282.221294][ T5889] ? print_report+0xe3/0x5b0 [ 282.225888][ T5889] check_panic_on_warn+0x86/0xb0 [ 282.230827][ T5889] ? mac802154_header_create+0x16a/0x970 [ 282.236460][ T5889] end_report+0x77/0x160 [ 282.240703][ T5889] kasan_report+0x154/0x180 [ 282.245206][ T5889] ? mac802154_header_create+0x16a/0x970 [ 282.250839][ T5889] kasan_check_range+0x282/0x290 [ 282.255774][ T5889] mac802154_header_create+0x16a/0x970 [ 282.261237][ T5889] ? __pfx_mac802154_header_create+0x10/0x10 [ 282.267221][ T5889] ? neigh_connected_output+0x1d5/0x450 [ 282.272765][ T5889] ? read_seqbegin+0x15a/0x2c0 [ 282.277523][ T5889] ? lockdep_hardirqs_on+0x99/0x150 [ 282.282720][ T5889] ? read_seqbegin+0x200/0x2c0 [ 282.287483][ T5889] ? ___neigh_create+0x1d89/0x2360 [ 282.292586][ T5889] ? __pfx_mac802154_header_create+0x10/0x10 [ 282.298566][ T5889] neigh_connected_output+0x27f/0x450 [ 282.303953][ T5889] ip6_finish_output2+0x12bc/0x17c0 [ 282.309215][ T5889] ? ip6_finish_output2+0x63b/0x17c0 [ 282.314506][ T5889] ? __pfx_ip6_finish_output2+0x10/0x10 [ 282.320062][ T5889] ? ip6_mtu+0x81/0x3f0 [ 282.324231][ T5889] ip6_finish_output+0x41e/0x840 [ 282.329177][ T5889] NF_HOOK+0x9e/0x430 [ 282.333157][ T5889] ? NF_HOOK+0xfa/0x430 [ 282.337304][ T5889] ? __pfx_NF_HOOK+0x10/0x10 [ 282.341889][ T5889] ? __pfx_dst_output+0x10/0x10 [ 282.346733][ T5889] ? icmp6_dst_alloc+0x3aa/0x420 [ 282.351663][ T5889] mld_sendpack+0x843/0xdb0 [ 282.356165][ T5889] ? __pfx_mld_newpack+0x10/0x10 [ 282.361130][ T5889] ? mld_sendpack+0x1e8/0xdb0 [ 282.365802][ T5889] ? __pfx_mld_sendpack+0x10/0x10 [ 282.370825][ T5889] mld_ifc_work+0x7d9/0xd90 [ 282.375332][ T5889] ? process_scheduled_works+0x9c6/0x18e0 [ 282.381048][ T5889] process_scheduled_works+0xabe/0x18e0 [ 282.386614][ T5889] ? __pfx_process_scheduled_works+0x10/0x10 [ 282.392597][ T5889] ? assign_work+0x364/0x3d0 [ 282.397183][ T5889] worker_thread+0x870/0xd30 [ 282.401775][ T5889] ? __kthread_parkme+0x169/0x1d0 [ 282.406799][ T5889] ? __pfx_worker_thread+0x10/0x10 [ 282.411906][ T5889] kthread+0x7a9/0x920 [ 282.415972][ T5889] ? __pfx_kthread+0x10/0x10 [ 282.420565][ T5889] ? __pfx_worker_thread+0x10/0x10 [ 282.425676][ T5889] ? __pfx_kthread+0x10/0x10 [ 282.430266][ T5889] ? __pfx_kthread+0x10/0x10 [ 282.434861][ T5889] ? __pfx_kthread+0x10/0x10 [ 282.439454][ T5889] ? _raw_spin_unlock_irq+0x23/0x50 [ 282.444652][ T5889] ? lockdep_hardirqs_on+0x99/0x150 [ 282.449850][ T5889] ? __pfx_kthread+0x10/0x10 [ 282.454439][ T5889] ret_from_fork+0x4b/0x80 [ 282.458853][ T5889] ? __pfx_kthread+0x10/0x10 [ 282.463459][ T5889] ret_from_fork_asm+0x1a/0x30 [ 282.468224][ T5889] [ 282.471529][ T5889] Kernel Offset: disabled [ 282.475846][ T5889] Rebooting in 86400 seconds..