last executing test programs: 2.351450097s ago: executing program 4 (id=2358): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0xa, 0x4, 0x2}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r4}, &(0x7f0000000040), &(0x7f0000000140)=r3}, 0x20) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000100)={'batadv0\x00', 0x0}) r6 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r6, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x1, 0x81, 0x1ff, 0x801, 0x1}, 0x1c) sendmmsg(r6, &(0x7f0000002680)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x1}], 0x1}}, {{&(0x7f0000000840)=@pptp={0x18, 0x2, {0x1, @broadcast}}, 0x80, &(0x7f0000000c40)=[{&(0x7f00000002c0)="8398f574ccd49194ed9acfb50218348b47", 0x11}, {&(0x7f00000008c0)="2e36938c45280c11beac7aaa26b77fb7022246c4ec6e5483656faa7c71be035926f5a4f6646222c0b6c48e2971e0de04f02d02e8b7cc376e07c71ee81d78b92dc100c43d817fc1d3a5bfb889fa14180131916ccb6b4d82f6f589031854a3ea6fab72a566f8757480aa5d939912699b87ab763c6dea59fe9dfe7ffa13bd6bcf8521748f1e82b3", 0x86}, {&(0x7f0000000980)="86dee0c15b5f319cdc92ab7559fd69b857b2d4058408004ef981cd73cbae46df94a8874e08406850f0c96d658da12b097680e7053c1fe91a0f45d2c38d19c9c9b5d7d7a2add4f2fba0697deb052198120533d532661d222873817a2c6d055aca577ea8f38ccd07c91f1afffa", 0x6c}, {&(0x7f0000000a00)="9d42d902568a937f5274db95334a47954bb679d29159ce821d8d97d21d2cfdfaf0d1f2400e98cd4fc5170ac5ab50e49e2ebd129d402b97cf9b74765e8a3b65a53baaa5af559f2651ff09c94cbc0e13a17073c9ac943a04b66d80815f63fe14ec354654fe273b6c0860ef9b5dc3bdb85821a04a598d95110a5a00054a9efa346bc0d9e464790de1cfe69d6c39c2", 0x8d}, {&(0x7f0000000ac0)="0e90446872063e5425f9f060c853e00b14a8b69a26cc9837e1febf47a315f64364f5500a071d606903a9a3007aad354b19ef17b08b87a9329706564cb409e9489c7eb8e5f55fa834fb34376fdb099483742a7725016468b80f11e6d1e40fde392501149040e537c7161be3d0ca4dcb4c71dc6c9f799a117a2b70b540f211a59e36dad912bc899f0e601288978acaa96cf969099db3e8d5c52c30efce1ff0b84f43e43899674b6f422707f250466ef96622a6e3aec46435e2c2679c5a595475698c1bbc", 0xc3}, {&(0x7f0000000bc0)="14f325909eb7e68bc316b9a5ff114924c133ec010cc7876f10d399b0f17bb5a7f36e2ba6b488cb18411ec8cc1dbc1890ef37fffff76aacc0baea304f0256455811d2fce9862306f9d860", 0x4a}], 0x6}}, {{&(0x7f0000000cc0)=@x25, 0x80, &(0x7f0000000d80)=[{&(0x7f0000000d40)="71df8a2686cacc31b1ae3fcdc9c84dc92a94260ceccd670ea5adf18c0cdba80f9b75ee2edfa8ad882a1a270f55a8d47440a6b2a6e8c796", 0x37}], 0x1, &(0x7f0000000dc0)=ANY=[@ANYBLOB="d0000000000000001601000003000000000a530a398061960595a1bc5b2ae2789791d8d5191548e585c097e8569b7894abe11a64bba7b902616af5dd1ace943daf14b6c2de4fdb73ba1ea5e54925a4937322d040ab4a87dad06596addbd44189ca5576ba6bff856e98b5a8821fbe4bc9c3bea14fd63a926bfe01dd669735dfe112ac661d12b3daca66680125d1012d210fcc3377906a18a6dec184d329f3846a00a48cf0ff1383f7b885366c5fd9b0b66fdcdb695de7af608aac765e81a61166f695d5ff58f66ba910dbc63542000000e8000000000000001402000002000000489a70f3765ccd1fcb59ec1a472eb964ab8de84d7e2d8d18c19b3abffce70ce1f3ad95a95aefb98d110137fcf6f6f2140e36abff75b5780bfe047c901909c399ea1b0e035fd1a8c1ed31061998770454e85f712026dc8de1e2dd3775b2e92f63986204d0c4ad9af9cbf04351ec9a67c0419124b8dcda2dcd9cb83df70f6fee5615c154b928089d9af6410fb340eae24b6892eab27aaecc6907fa50374c85b399794c6c8a983b9f2b40c8714b0c976fb61e59a9db7d18ec8579da9c52e92b79f099b09bab9a1a78d5d12a783fddd30fb052f31aacd400000098000000000000001301000000080000b2ced217d916c0892ec21d9123f149d1b7d51b7af21151fe46a30a5fcea1797d1ccdf63054efd46523315e18cfa28c9ccf0a80c7100cbe9a8101df8973d56dec77a5296c46faaad4d92c2af6fce7044b9f6e50948b3fbbe3565948cef3df7838142f8460ffe2f06dde30b0906ef2fa0bc9a5348a2a9eda729b70d4e361c5ce7f7d867e0cf3439b004800000000000000ff00000001000100b06d5a2223e51752a6946edb01e844cba0a370bf43ee7d22c1b8f94210381512b9325ba7d376a2a5b9d58b9ea7927462490c0000000000001010000000000000e201000001000000ad768d4cd1eceee78a92cfaf63c8b6100c07d15e3bbe542f1ebdeab8811cb25310436abc8b2634a37729249f4824ddba1c7ac7429746fd9895d67a6597c3c02d1b920058e00697b72e26592f63b1216d70c7d0c74b7e4aef05fc886665d03bd83cd95376b6905475816b9cfdbeae04f8980faa41cdc6275c9948226307bc888db4a3724586f1b1d44729603e14dac20359aab915ba6b2ecace3554bcfd09c3135110433b957bbd1c91574969345eb6b8029cc5705b68ca04ac990b0536c14fccab8f6e85ed95b7ab2169fa6b245ae20e4899a97c12ace7b98019af6fc4c07e962c8551e45d1e3c74e462f348d9da903b1dbd2974fe19b39a3ed6ed697fb992f51fec70b5fef4e58aaecf7220f42a396f0e1437cfdef5a5cac1b8606c67a1c0c67ffb5de61f90777c37bc57e0fa91cff23df28ed24f76d9ae5243932b99985c2a3fd014408f04d096d33502bb2e090fccc58b491eb28ae215d01babd20a00030b99eab76977e62ae5097dd25991de1019ab4c89a569d03d29226648c1560a31c917588731f49b983f36b009ab92cad919b0a6ec43fd5b0d2bc7597b5f84b7e421d1fa23373188615e1ebd09b9df2f68dbe2f49de00b9ffb842c9e16e3ea353e3f2bd709b2e70191374ba644e0df62eb46c89293ba245be54b366025dec17ea3b1022712e291413048b963091c4ef5700e041f7f5cae0353c69e823d66e449ae739ce28ba9f18497c08e827174f94f7d1483b12b6fc34f2696f708f295060c7ce0047df038b722c0466e3178a45ae4c4827e793e6e1f34a231ae92642b579d3788c8c9903664c3d822bad9e41547dccf19365c6c03555505060f2939e9a4b17dbc4352d81a0ba0716ca8a0ca0f9bc01010126a49f328cb1649a2f43653754431205c150815cc9d74b453460590e634c44d43de9b1f78f2342e15b115a06f53f7f5acb1ffcd4a95133b522188de10a62555e8a2c16eb57c78665aa7246f891b07a4b4356b53715f147df0c89bd591ee2ed74ed619d6780f5e2b7f6d0a4c9d68f0a0e93ad819acd5302d75979e3ab98481fc5bbc3dcd4ebf0cff7e0d2007261108c11f485a15d76b1fe51ee7ec71c49a01b00f6252e611bc89435a9a88a835491b28a3f13618047afb4700f17416f0e81ac57aadfa02e49fdc415f1da03c64d87bf007cf5d9c8d5ba98693a2db3d05e7d85445f13d8f4f185e17f9a84264cfd9d2ef05a6126af83adfb4d682492e14dd208cd17a21b610b06b3224080c31b05c868f0c705168839f474d05f9d531e445376f13ebe8578ba54cc7f7e6729f29425e041e571e2b2448880863176d44a97e20bd80f6cfb1572caae457fef393df14b1be40a00c3855e06181e42c00b64d9935b3f13edbd424ae8937e3398af2dfc3b74530d6070d72104e94db89199c167782a046d57ed575b901f786f0f623f19ea553f67ef36e56af1d2bbc88c7ff378eedebb6bc2965b5d3f04c8334cbd6a703d92d8819143ae8a3f3d5e99e7a670b208fe3bb37ac5b74eac632a826d0369493991ced8c908b4415e796a5693aef32d4e6800f872b0b9fe1224809d108bf86b35b7537d09b2f13e7d8ed9a6b1c3cb34ded55a03115d5ba1ed1d6bdc818503a91be240ac2b2d8d9d1f6d9649cac671674de04094adf709d26d0f5e069252cce1bcdff39a4224d1b64c807a0dcfcb97cf95b94608a5b73802a4f98319d0111f5273b630f5811db52c8985284210e8f53ef24c429899334036c2903761a8076fa7fba92c9f953a8729963dd7ee9ca7026a311fb23cbf67f00a63e6345f12a88ef0e6c2e5246a2c86a89f554180fcf07c917f48ef5b7eda8ebce1578d2e0f7511b3e33a22121109ac5c951e1151e095dc5d6db2803a1ef8d4946ce7343f3ea18cffbc1791e93505830a4173bca466089ba158ff5d82a5ade4a501465a3c57160003b9606c86a9c0377bfc6402ff642cd5988636ad78ab7acec9d2a338722145286ce769147d7491a50b666d1c832df0839555639d204c49778b61356f705d9103f9165e6d466e66dcc47ad6497bba72a14a77013f1773372657a7cc2b0e341cc924fe8613b72f554ae60df251a7bcb15ef15b30cde310f218bbdfbbd5b9153beebda7f31357af217d34ab92efd4b4b64bb31efcd7eb151df4ebf605bc3f089f4b384a72f5342f71bc888aea27ab235d4060fcbed2422f7f9f4156d4c520ca2ae1b7bd5342f01ef43884c50faa5d39645eb51f224e0fdf635494f01341a9f11e8207d1b0bff0baf619d97dbaafc5c8f018f519c084e9c69c611329c9d2cc16a512760688574cb99b08e687cd1ed6bc5a8eeee264cc2f2d051d7680b4975fbcdead133b5eb84ecc49f4fdf7213d1028a1f7316b231c8f332bd0416e90ef79968739bd37143c6639009ad5f4cb9bf31f40be52611756e0072864eee8fb735a07b2edd701da7e48ca647593e67162ecc20f41980a489925148b0727f369cee32cb06a6ad39bdce900ae9f382975f5908f86a33cadf887c15ea903da440999822781a8089312871a0fe6d4417c60137c0aa06ed0e1908baafb577451820df3f7cc42afb4273db4635fd49c28c68f16e609cf69d403ffebdc235f2afb250c614254991c4a5e3bb1d34a568ceac2c801ee410378c31793fd7f58baf08dcfb209b27e47f0ffc80ee4ef165d44f0786b5acfbc834681bee5e3c6274847ea4e04eb1e5bce1e72191486ed28c961b284921687f5892c0ac5bb98d73790ee61e53b607bc1a591b348fd1c5194c63621b52b355572323892bc84a6d2041db5ac2c5f07f3192f5477b2cdadf0b03e945142fbfad786dd5b641dbf4319b3893e48371ee39421fa6c39012ec61db6b9867d950ffcecd3a045bfce70bc29328829f07d98e65331938fc98b1b3ee6282b6d7eb09d8553f4d8dc2f19c229fa51364e7c1da76e4788d3d55d570547baf0363d7253d3a5a0b91b33faf4e510d55578907bd4ac382c21f88d11c717579afda093d69e04e12608a05c3b373616d6f14f4282e07f070a7d8c3bb3461cc81ce105437b67f76d3d0fbeb8fdbe9a51046eb59e9bc54d9c24faae3af3e501e602ca5fdd1cf9e8622482aa732d94572456407d6e51d5d64c07968790fdcb85bc43cd517a5c1c8501297bdaaabb73cde6d2ee05d95feb87e74c0a94a83f2b03c1606d0d043d693b35b44d980e36dc8efccb05ddb52515ea4ba7a623e086c2d5fe1f63b8873579743f1c36192bc75c1dbdf949970ae50e748993740d6d7cc3fad6e529dd6e2ecc098c0593ffe5e0d0d1fb361e8d0a566a23f78d16e2afddf9980ae45ec6ca24fd70843046da7bef95f02a6c35f76e30ec12b6d26113761796d1de2173f4b0b9e1da4cb7b2c5352b0a4ed8a633f17ae7d0379708b7b0b8ef4dbe4026bdd590bee2f3fb11badc6d1d43d1b7c3746566c5896bef297fbf62e02b630db0e90ade651aec23a5e454823ef3d0de0951e55b02195b3ab6cdaee4d159563a7ebcdd683129d7b49d1b0f5ab891c905050ecddf4a0e26377f716cda62ca68acfd2022f651cb3657a3df412667250ed9e8b8b4f74242545981825c1a275b536c2594678049c72c624130c23ea6425bad25a0422a6c60e9eff0b1d7dc74c4786f42bf7fb8b00043da0bc5aca019f17adcdb02df798a7dc3fc9524e867a8be8ed2ab74a2ee5d4254fb8e5a6246cd9d4cb1ce7d8d1f0133d114a63ab3137d0e5c0de125bc74f330e90f8a72a6c3448852fb10a99df52e42d82d7e4b328eb046493500d1a1702b85659b9bd183dfc2b167a8915d0c51ae56514b83e58029c4229b8ca809a1e7baa93f0ca834b3ba57d53c3863397976b3015318559e617659465b6bdba9f5cbf906fa81435719da2c07702d3bcdff5048b030e2322946c290c559d5f61a424937317b63472e3a5a890d1b7d0bb2cebecb9f575b42420a351b690b01944895c1f13aa488dc3bf589ae7e7fb9bc9302c96610033408c8d1c00a3bfeaf7a871aae36f172036bdb5c934032ab4b5d4898df9447f78fd4907debcb1dc2db39e8171ce2b5b3884a3d332f4427ab59d87939d7f4479e0c91b24ae919938b5c1586f4c2988562fd4acf568a7f8abc55477820a17377ca7c8397e023974f5f4824ee07ccb137deddc17e31236f92318f438ddbf7da4f8ce2a27e8161d96acc5c076827214f2eea91926e516fcfb44cf7c2af67e2d3dd50017dbbbacb5139a35dbc57ea33589d4e1acb2ac39c70982ef19fdd24edac20ae0338f4100927ea5796eb015ebe434cbb429d1e866406628d2d4a5b8107c2932094e306911a85ec0acc56069123d9a7c2fd4fa6c44938ec47146389a397eb4c656b468b10d6d304b8ee668a0b33f33dd4a04f08138a51c33103ae485664bc5d28e184c8a5cf5db8efa87b704eea9adaaf9b6f25c6e500d9f7ab93eeef696f370f450aa6475a7aa793d0ee4009739f20a9df4d63e0f13b6540b10c57a16123727563af229bdb4ee7fa0f14c730e0b1b741c6422047fa25121c2a5af467924a85347402a9d5d9d1fe64ecf3f67c393a3f4b0b4d04b54f0f161c9ac994773855204380cc5571ce7e2bc23e1d7f145b23bcecea84148eff43a424c4075a4d188630bacc560da983d2b9dd2fc3414d506301bc39e4ccc3e2ca9f92e8f3e7530d0494983f382d484a8691ff3526fc433ba101afc8c996b0f8ffc2246df5cf8d54353cc0189ba11d1d8f845822ce69459caee5dda8c260654cde5321e4ac55da43e4241006c995daa45fbba9271df0819d9627c0701fcf233ecc6925fb5b3a3f0a89e235f1ed696ad25e1beb8be429b0d09403cfeb71002ff5c8fa514063e1096f93a254b2981f33eb2d3a14cb382705e8529575d13f0bb5ec0dfa234757ada6d538b9472656b01c1317e7ed561262114a47fe0d7eb135d929f18d484d663dce6070c84bdcbd87fdcee28a622221ce570fbdc81d8e5022dfe1592a7119b64e2097c2ee3960826448263e92fc49b21f170e50551e7c3a87211916143920bdaf39279fefe45ea8763e9d4d96fb9a511b08923bef362a9d998d080ed399b1e48edf171901032d8484521222a31fd0b5e002e5e173479b436f4d9db5be85f7ffe356e1bd4ce916acd2798d2725ea1cf60b042d90af76bd254ff9d116ece8e3829ef85420b6bca386b0e9b91ac7358c01fc6e18b24cef7598a1a293ce95205f1597b19c2d096f066691d702fa81d8b7ca6f250cad6842a3cabba995be6e3dc3038e8bb2458b870a99e4cb1394fd92aec7969831afd844a64c2da51cfd0f838144f1cb708157331814f89053c1855e268d6fa16d812aa789409e892934334b7e89d33f8a72232bbcb0ebfe2ec9532995d0e72ee24f14a47b80ca5e6d384acd474e19a1518384d91126106103078af13d2729e86356eafb31536dc53db35a21c53ec8436dc27f7ff2701f57fb23c101b73108e9f2c3f5fb8732037395b65767272b02f889169c4f9d98fce3105792de49393d33c9f37976ddd370b5342cba1eddf4490818c238deaeda6d9a807306120fefc5daa955d08f863a37a9d97b4f353b5b8f40934572657b16b5cf322816b7fec86b245071fab22166dbdeb5562c66750da4b31920bd7f0c39956ff95157955bb3852c11da060ba6d9cd13878ccaf8fde8f6912223d5da220fa6fff338e89b77aaf5d26f744142a41844ee694e12c5c21796df350fe5dd4f987489b65348fe73959fbb822ff7f46ac866d80c18fcaa713387bc579b864b0b3b9ced764515a0dfb95f53f95f90f38a570f3a52804fc8576af59a593b92c7a8c9513ca7c8258c5c0000000000000008b010000030000007f55190bce10d567dfb8a29b238b2911936421158ee25187a24ba06093480b38bf86264d3a9d7d81f44121e02db18546ff90ceb4407f8537c385775a9541cc7f69eceece3ba68fe040a9c59dc7c8b2ffb1b5e7522168d0da8da544384e0ae0eb7d21f5ce19d6b115f03e05905db40395c8011c253b8977a945c337676e63a4b27fabbe94cd896b98257c3763e5eb256faea571f537f135b72d3b24abe886947a10f6c81ff68e347b935ff40000000000"], 0x1368}}, {{&(0x7f0000002140)=@phonet={0x23, 0x0, 0x3, 0x10}, 0x80, &(0x7f00000025c0)=[{&(0x7f00000021c0)="142011db7029e4f938a7d09ab9b7217dbb96c3fe03c9728d0b9da85d8a6e5d184c", 0x21}, {&(0x7f0000002200)="2a91882f762fbe7e", 0x8}, {&(0x7f0000002240)="71c532b83e31c0847427a60eb13941626c3104a24519ccecc137eba145f3acbaf1443efc18588e74859e7620cf5f9df22e793a4ddb7464e8a95bd1d8425cdeab5d0d5bbcea5093b8d095fc16d0cdd93284c7aadc387fad39b9052a97", 0x5c}, {&(0x7f00000022c0)="8ff88c1a0e9a5e030178e320023e3b24b0e13d78bce562aa695cd749b17cef737e515d9405b1438f4cfb92485bffa2e2da5882a848c874644f1f6b3e98cf84", 0x3f}, {&(0x7f0000002300)="5553f2d582ce3ca019ce52d83eda28a2afa54c5d68e6228a2e462c54058001c33bd03fa1b14be8514a4ae0541abe834e445b43a1c4ec33d5b3b5b9fb9fccf872e332c17195ddc6b632b0747f2a98478a90ded420a123c4e28d3e2b3115041eba3e444269336c15d7150b11ebdb09ddc964153016122b47cc0f8ddb9d99729b5e2553031e8bc5535942f87b6ced07e436b7bef661c90b47435c03c87add5b33e86d0e345c141ad5dc4e84d6d5c8d38d0403a015e864dc28cb9b127e6f9506128f04da08dd15810238c51884e551db95a9035a2be3023ebca41306ab2c4f", 0xdd}, {&(0x7f0000002400)="f6cb5b0d6d05f50abd6a92bdb4aef9a59f9831833337d06ddcbff9e145a173a90dc228ce0037eac679007f654fee8f9dab91f982b5c278013de197cad7f08f0ff5d00e1d38d68c67c37d500c3f82a2f69155a6f0b6a189eee1a8fee3eae2bfa0757fe5ba4a0aaf6a3d21195dad1e77b707b0bb2c0aba59fe19179b99efd83db880c7cf09d7cf5fe88d75c5bfac26fae6da35d376e4c7cc0a55a3bd7e95df1da7012eea59b091df687190d7ec5dba94af7f362e744c70be8b01129335230e85a0cc7bbcf92a3c9953e0046052e93b7380e5", 0xd1}, {&(0x7f0000002500)="ee9c494b0b0d03be3924445236bcdf47a8e8515072a9c3b7b1f8724394a71f21a901423a24675d78910bcdd9e70073837177c35a1a34d60bca42fd020c43a7cf7255ae51db95adef9b600c07005b828216eb076669f28fc6ba78253a54e9fa", 0x5f}, {&(0x7f0000002580)="f0f0f110a6dca4dfe61bb8ba2c5886b63b5b22401fd2ef87d2cd88b1b670c7a23364b175f93f80bed4ff8a9707e97f039d1b363da7a0c6c53b", 0x39}], 0x8, &(0x7f0000003100)=[{0x110, 0x10c, 0x9ca, "cd0bfa853dfb465b73cd31f0da74177bec5dcc2418f0fa5a8e2ebacaca40ade936b719d684c2cd19165436f8d83c182f610344d0ae46e367931e2a8b76b8562d77e240a8c4521326f03b7591bdcd6a99157ea19b5d1dee1e26920c36765607f6b1c4272c4bcb03745e561df9dfc717eea96867d2f172f0b560dd4e465c2a4c56979798c9aae7fc5a85329fd34b8075418497de613d8fb9ba205de2aeb466fd2a6b1140a0bce94732fdd6b16a75c229640fa71643e65f3eb6a378e86124cdcc0829145cc610287f72b60875f5f8b73988ea75e39d2e97425a4f61ce6c6fa17859c999e3bf2376bdacf0ce4432aeee7a637398bc1b3a2150707adb30"}, {0xb8, 0x109, 0xfffffb38, "1b283b408b8ff9a75e047d3b007348985565fcc8cb042770bd6cea5dee7d621d0b7fc7094ce2a37b8c5d0a8d264cbbfabf531ae2bbfcb9a4e1e8ff1bb9f54ea5b537873994300d34289e6cb27fac114008d70e80960b2219dc4eab732d7dd7ac9c57cce39c51eed0e6979e1113980ec902149c8ebee4beefd852c18283525926f1b53aa416bffbd6cec60c161ba6875b97c5d4f65905160eff54d88c79280d9b25be"}, {0x1010, 0x117, 0xee1, "3e0bda6fa49a077b9bcb875debcfb18e294c3ba0121c3f109dd0347e6f116bb9961d66ee8703841370eae9660fa65a9c758338d936b19e7a650c40b33179240f88857c34ce0efa8164ce1a3f312529b6da6c6af6d9656775c332ff19098382f952b2c205e01f72aab2618a5d03f23bce6ad87437eb509dd1b02173ddb2ff22e1139205bf48c821e22e1393478a90c468f23866f3e0a8f63e03622a421eb5e210f77ba6d5879590fd182faedb68f9da1fde72f9b2829811f880e601669b6e870b066767210c918688a5eabd1c61de2caf6200faedd9a7ed46c134a8010766eae677507d2bf3fb4336dd16768a5e294197c2d12883a260f31b94af9bb2f67b974f9fa85c358b9ee58c42385a746b92cd92e95b04b937bc89b1e4039e78d0dc84116c779298ca5e73d7a7359adf666c6cf0eb36f0b16efd4508ab4e4c26f5c8617bfa5731ec4033dc0a8ca6adfd9d79ab22e53af0f2f7f7730a297a12019f6fdccc2ec2ce8ec4a66e918a20f90f4188f53801c8a8babc1aa85c2095ffb9f4454d8a303845e4d963a9666a94e197536fac12b058c5b3adc22b947aea2ece68da003f43225754351b163f4274ef73d32717842c20b7e760178f375b1dace9dcdb417375436ec17d86c082b5ecd05e5518d0a416852e716eef34021503f54a43ad9a276eb51adda8d5609227aa34c3bafdb4909baed8b6bf2308785f7b8329090b3a81a09ae0a819ad830cf7e35a0fdf735244ecf7743fd2dc8cb673dad76c8803a09794fef893781b7b798936c521fb2335ab0321b237af895a49a56e42b0fa0cf3c887b10ae70a74135408ff27d99f1ed5fca0b98bc9dc1ab1ec38b5453c56d00ce92dc0aa958dfe730fd5b0d7fed150fe06186a62e1ab03b60b62be9e6920ad418c5567b630be412d184709fb0e5f4fe2c20d68127b9578de0f73ab471211787f34982c8c93c2a8439063952a60f49290daabad1930b99c90da72428df9f755216a37ee259706d3c14199e67bafdc18aaab4ce97b59111b5870a429c9825e77fae4361c4576398fd16316a94a7fdb08158c5fd5a9fa859e1364f452ec52799c0dac0b4284604c502021a80d57eb22e42a19f3994c63412aa604f3f949f67d677e58ab531981d0586532a030f6384bb4b203978eebd23a65623dae3238cc87e609acfc804ca532f3c038601cf8a1da3ba4b699b034ad48fe8fa804a3b11d54376e75a4fcee1668c1a6f325932ab1ce2362f6453279e15116af58137328a8da56626a7dab022d3f1eda5e40fc9d05d58d9d2dc24619252d044ad8679430f1d7c1cadd193f5552af72826ab521a8e48cbc9a656e881f838b36b26c0a7597c9cfd05ebe9d7a3cddd6282e1afa6b51cf81ec8d2332e0a8e1b1af2fe1d6989f70f529a3dae391cd55bcba82c30485c11df20a8aaa3dfccff23865244b4e4577b359db4759aeb629de159cde56d9e4c6bf7a902139ccc329e477db877c3f54f734c76357a05d625ac9e901ad5bf0c3579f0f4e0b95ded9c58770055b7a35957b3ae6e6db21b9b16c93a79bf88ae7e2f5f2ca3c77a45bd4370cc93b6c1fb4e44502ac14bd445079584d5acb0b868b5eb39191a67b5a6d193bc1f3f5781acdfcffb3b56fbaf6f43dc5f2fdcd90398ed89424cb0f01658b2fe2b2b79a6880cc83ad9812c95525dfcd2d2499415852d88e6dcf0fadbe6b97a408316d605fba20fb5dffb498a6c825181eac82ff45871de2736819cdd77729005be7e08d3390d898d5727cc379e38be9106722dfc876ebd2a7ffbfd8ebb143f50d63ce9acaf66f4c97d295723e22d7c990929a7cf587e178a56b45e9b6f306c8e7e27ba676509967ddbd149cfb5928f15a30b7391d2162bb04d34c710fa489d8bb6be542725185ba46b617093342b12350fe17416872237f145643fc723af663acf132bbffeddcd4356f8fd7e882e6df35835cea5d142d0cd067e7d72eb1de9cdc9a7801cffe80d55530f80fff27ae869a0c195827184ac4354b6768735185e00fff575f0a3e6bc6a51c0bd4bcfde6d7d514a578d3c99cc52487d4b680eed5137a752228e95cf68aacc2077d23636786bb70f31454844e4bac2c22178eebfa9ff970c3315759fb468a4ebe7c3854222c2e9b06bbec748c769daaff1af13b29a40e3e6b6cb82f0b1bc47ec08ab504f09948bcd550057f171830238e30d7acabf64c1bc84ce9fffd7841753ca4a8546d42a5be0ba9c070bcea365faaa2bf2d3ad0d20cdfe71bf4b9022bfafdf04cf335572e7726670677d646d839c0a1b4703e811689633b8db6b79a336e328a5521f11f42c28e1112d8d1a293b000b111b4450fc4ac5fe4669c69254097cb3f778b133866c69c255dc0c2d875647f04a4dd01730d0a1175d25caec6ff1c3143892d03f174b79a50e9f22060b96f59827818d21ee49f4f119887ade1c8d09c91fbd0682e61d5412daf74bba91c3d6883d8907ca347ae656b2e22814dfe619cdc0d8329bf91f63d536ae631906a555ec0e1c38405dee6356f3cb8f73a0eaf74553fd00856c8a77fc3bf90be78ebd32b7ff54ca9f9cbb61d340b257a7417e5bc35f9fcc5c9a3cf1b0ed406e271e15b43131bd154c82a864b3e3a9809915db32323854a164a38f5eba75e06c66002ebd2e8a190e942bbfc12f05d75c36e186eabfec38b39ce13b00559c36e2e5d067857e97e5ce9d802bd680561ab3faf5fa84cfb0b39a5a03f7ce67d05c9576ef88d08dbe30163cfa44c090e77e27b088e8c6eb24655005172244c79e7f5dcc31d4218a47e7f90afe3a6739a3dc5c755d0484742055ff807a24189ac25c6937d49afa7ca43d96d44c8dad6102b2f4a10da144d67aa871617af61068d8479e7b79866c90f2e936439bfe9564891d6add7ad762a1abdc89b591a835e0838d87e1bc2e266f44315e483cceacf6820b51b6b3af2514ee25cd3656abeca72b9597127a139fc4b21f39bbf3966007368d04c6cbfa0d77b673efe8363304137b3c70fa73c5dcd145faeee2588a362a3d769228adfc37688ed922931ff904d1770758df392a79e82ab6e8286eadcfdef59c1e770d2421c003deb9e8f970d6728761e96760f094a0b28450a78ac1f630171bfcc8368f57d55ce19589247cbb30f854d2953424e2e222385d716dbd660d9309f900f314fcd6dc66f9ed27272b786730f685b05d0fa59f64b6fbcb40125f0498febd41415ee1e555711d40b640033d1ed07bf755918f145abfa2321c0d6d9ea333fe6d3caa9523c3185d8f15a393f3bb237664606f9a23290e680f96a95f790e5ba47ec5e7461c5ac4345580d177fdddb5f37a8a3752adf5e001a13d02af9943ba76f883d160ace4ab32db677b96b599960b7c21d60b93eec43dc69999f7ef0aa011d57b1b20de46705b6cc0767213396e10d5e0b426bd4978bf4e71cc5583deae9a4d84edc987f7138255506ebd2f53b32c9cb155638d292b4c915e24ca2c17fb0f429322dd0563f8f436e97c7c207381fcf6f3bde1ee5b75b138e59bc118449bb42c1ee4df2ae5c54eac7e12f24485ffc968889394bc9af48a190da771931b2bec80352cb05939cebae399a7e2bb9a1fde3621df0d21fb926b620147377154cf6954ce40c5f4745fd6d486e3abecec6f65c29eb6e27d2cce1687f64f47605020807af8e48ff022b9888c18217babd246204f69328b83b32f00c1f2e1e43ae27ec394bf50b20b1f575af7b1a5dae727cf240d5524d449d338472160cc04b4106710d2dec381e81da465d60c7a1d8566fc6c300bda5f622c8ebd1a19c7087d64e011c00b05a24c8a7fcf5b2b28f7fb2ae118bded599fe8b1b30728b567953a242a7f269a390bd76d01517f9571aff69d026ed52f7468c7e446418e6d03a9e2b2ac2ff92e5c3cbb00ee95ba4db712c86123c4eea6071f96030e33fc6c5d088e530cfcfd9a5897637683edfaef803ed38c829ced14e5df44a9e1598ce9d9cf0ea862566d9df73beeb784b6d81d423f8c43f9f39e47a062fe51e5cd843a9486a5e5fd628acf6593497709f53db37ea67856e5d0ed7a9e73f4a71e84d8ae672604aa8f87719e5b27e0f4d07fb702061ef31b6e7629364e750ccac18976f52f347e1b262c50a7fa58975230b75cd4f4cfbfd786cb714278f6bae685a3fc7f5be31bd11b6b221741f6aa3650e43deb91b4d633586aac076db3983c8c210c5ddab24ba591e9ac8f4df68483f48e6e945c2d2ed03f96a10ca5dcfaabaac7fb099d50baa6aee7e9e04042bf484fb30204df16e340d38210ad55098633c03d1786a34af1770b7159dc7f8f06a98563945b297c5c317fa9be42fdd5c09eb3154c2fa9ac56de9bc5200ff1eb333dae1832f955fa428095594a1b7fe5876468cdac73ee5a74180816127316cb58c3a0923b972cd90ca5bf55eb2e54123e4e0122f2e52511c1a44366160a3ae7adc362021e809112c02478b5a950ab7d23836032810e397773c274b3346a0c42f96c91a6105a911c20ed80f8cb178a77756578b8bdac1c652fe06801b455c26919646f11bc1deaf7c552015ad464a2d5b9d93712e71fdfdc9754f6fd1a0cb968c2ef9773e2b238b1da0ac9af3ec15397d9bcdb25ef2aa9004d85e10275648e8dea9f0170c4752712b7a712dee3c43fb27f4df559dcc90d5c8bd362a38d164fa19406032b68307e9e65d29fb95ea36c5840c9a0be18fbe053a076b0a633f75ed542c1f032babddfa039694d60e4a478b9df898f2c7546a348bceeb09e7796483af675fa231b5396b6cb97ece6bc1982acde67079d0e98afbb2c1992acf043c5c788c23c0c027314089e4431208afbe97f818f2ceeebf84f9fcb227ad653a08c8a24b83a485fc33dc5bb6db602fae4dcfaa4ef3a25d0b4d147022e401bb820bad3fe8f5aa67c2c5294bc05b1457c42d9c71027e937b02333ffa244e982e92f9c93da8a48fe24ed2ed2e7f5cb20236881c63394791e7901f6a6dd00372a473929fafa0a7427fae3ea68e7d4515244ee5b397470430df0206842f3c30244f635cae9f8c02223456e8dd38fe43e0eaaead9d7de20270f8932e2ba3407cc3c48ac99f0dc35480f4265190f23d01d51a2e9c45970ed99eb4c580e8a56d841274134e728021f4c9131545d86898060c13bdcafce7eb6a301a9be9e882dc70936b32b98994663ca9be82814fbfcabb350ffee1986664bd7782bbc2f7ad73a1961207ce72cbd2fa76fe841e28210508bc4f1d39603ee9d75d6cc4e2db1edc383d88611b025ce457165cd0d8dedecb1743b4a1c42e911ffa25d8ba14e1448ff7bd74fb73a879a722a07b8414604141b0a92d384acb0173accca0c6e5492955cb90f8a2fbb7b32c53a99791a2e17946df8f241d1a09f6062c321c417491a494fd615b8175774ade381ff1bdb282da5052de6a9a90b74b33fe31933153b153886d1580b64539cb775a409c1b1f4ccb50da70b0dac3473bdb75b3729fb75569504e282c62177bee8825e6e50637ac63169b734eb80f76665f779196a3eb0d959ec23ede77b7e43c471d20b32185d046abd8067ea2f73e962e711d387c87bb572ad41f7485eb35c58667e92260b5c58d4149b0e059936c6a63c5c1ca68b8aaf60c0fef36b3a1e8c79d8c0813a52f4f949daba3fe218be9e8cc5d2700e6cb8ba078f6e647f0fe3dbab4dfba4d0afa9ec687a2ff6c33926bc16b76115f007e101269ef15e43501ed16851731c9d3a3410005b6fb3f4672a505a6cfb1b4e5a612045d489b112fca59f1ebb093f5e26abf5100a85526891ee679c972b32225fdaca629e880706463cd5fefc3"}, {0xd0, 0x315, 0x72, "868c1ccec37fe3427a73e7e21df462b14545d2af6673771216aec2f2b805e8eb8b67e9943aebd7aa66ae026982abe87e81230cd87faded8b1535c63eb815b3e24c2910c26f9d9048420501ebaf66448a0d7af95900ee4d11ca82449e241baea2495a331254bec32fcc138e5f2cd8d70f402142fc1922ad00b088d431cea6a4fc8db12b053117d6b8ab204f24751ba981368a555cae05e5298965a1782c62760f01a811681eb4073ba55d3ebbe174957e28a0161a253e331d9640d7"}], 0x12a8}}, {{0x0, 0x0, &(0x7f0000002640)}}], 0x5, 0x9200000000000000) bind$tipc(r6, 0x0, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r6, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x4e20, @local}}, 0x0, 0x0, 0x10, 0x0, "b20fc19dcea1a2f64cd3368960179b0a3811acf296c264b1b3fb980632bb28e0fd5bdc0e3d3c15e77d4993e70a79f1256777954e7ec11252c1f5824eccf4ee5fd8450c8ad9ce5dc6f62732c5b8b06018"}, 0xd8) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r7}, 0x10) r8 = socket$unix(0x1, 0x2, 0x0) bind$unix(r8, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r9 = socket$unix(0x1, 0x2, 0x0) connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) sendmmsg(0xffffffffffffffff, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x3ec0) connect$unix(r9, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) ppoll(&(0x7f0000000380)=[{r9, 0x4}], 0x1, 0x0, 0x0, 0x0) readv(r8, &(0x7f0000000000)=[{&(0x7f00000003c0)=""/150, 0x96}], 0x1) sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="5400000010000104000000000000000100000000", @ANYRES32=0x0, @ANYBLOB="fff00000000000002c0012800e00010069703667726574617000000018000280140007002001000000000000000000000000000208000a00", @ANYRES32=r5, @ANYBLOB="3bc8776f11124b03e2693671169ca6627789f9ee00fd0b496a8278c8fe904d8c77dcffdfe9790a436868b6d65db6d53fec348ab74f31c955ce8582908fb80a4c0901dda3deb66ee5565f2e47062585ce4bbe6acb4aec847317cc4c20000628900300000079b42e073e3a5f12f5a543fae839e839aabfef7e0eff6fc7e26fc4c74e25a24d15a92d1e0f77697c22fd7a19aec33d7fb84fd7a6ccc981e96363719e4fde457102da2fd3f770cdd1b0f7f26d5dd257ce38559946ea2d553c4d5573d5938d3b233e01a0c1990c02c75babb8e889e9b32104115ca2c453cca9300fafa0493c8b13e3e6b293d36e229d832c3a43f37d07064429fdd7c56d5b861ff666669fb7efa5f269728ae2e80f3fe0db04b49adbea596d8ca7ca706468af0924a74b99a6cf9eae1c4b31f0772a5d1b5c6f1f72245456224bda790a0c93fcc43aebe82554c809cb9064383bbd2e7f10d3c24d8c332c9aeaddff656c7a2efbd2096e6555507469e35c3f70167ce51304e4075e89722dec4dcac5d6c9f107baf2cd7493a5bf5044"], 0x54}, 0x1, 0x0, 0x0, 0x20081}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000640)=ANY=[@ANYBLOB="4c00000010000104000000100000000000000000a2d8899e7b06c12ab55f7d055a896f6d651c327fff0c356fe1f875952ff19645df3f24e5f6279d4d7d4f8ddb027c5e25814c927539c1bbe41c1545676723d8178def0e5de76fc0cb43a4c6cf68ae143f5fd6aa6e0364b606afd125326a9073b94f89f39b80aabf6a8aced5c486b2ebe1cbc0f5e551feaa385127849722d5fa30cdf1a6e3bfd42834d2f68bc3633ef2234507fa8adea807adc696b4619d051231f3965f613e91e6d5eede1246c5637115d00d15e77ee6647649aa57a2f2c4b9d8cc414d81ba93d703837bf4e0202b2e4572fa199c49d356476a026c028eac1d8cfc3fbe809a267d952a62a095469e4158f05fbd09f1f8516bd52aabc15675406d20eb5493a53801bef6402e87d0e0fa77345ef1f6fc5480ffc57191c56d5f49d285a0d87cd1a9d02c93603b30bb460a3dd7af61e2b5f8a09d46fb3df8583317dc60025ba97fad3a6a9dd20f83070438a1f12fb5668246a45ba67075f3f2704e4f215d4716121520d0a784ac24a79525f317ca17a93d9638ba33147be0c013bbf4965f25631d5223e0567bf6a91361364cd38b5248f467a6273d", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010062726964676500001c0002800c001f0007000000000000000c001e000200000000000000"], 0x4c}}, 0x0) 1.92316466s ago: executing program 2 (id=2373): recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$nl_generic(0x10, 0x3, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000540)={r4, &(0x7f0000000480), &(0x7f0000000340)=@tcp=r1}, 0x20) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000380)={r5, r3, 0x25, 0x2, @val=@tcx}, 0x1c) syz_emit_ethernet(0x3e, &(0x7f0000000bc0)=ANY=[], 0x0) syz_emit_ethernet(0x3e, &(0x7f0000000bc0)=ANY=[], 0x0) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x4, &(0x7f00000000c0)=ANY=[@ANYRES8=r0], &(0x7f0000000080)='syzkaller\x00', 0x7, 0x0, 0x0, 0x40f00, 0x6, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='sys_enter\x00', r6, 0x0, 0x6}, 0x18) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @private1}], 0x1c) shutdown(0xffffffffffffffff, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000280)={0x0, 0x0, 0x0}, &(0x7f00000013c0)=0xc) sendmmsg$unix(r7, &(0x7f0000003600)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@cred={{0x1c, 0x1, 0x2, {r8, r9, r10}}}], 0x20, 0x40844}}], 0x1, 0x1) r11 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000040)={'ip6_vti0\x00'}) gettid() 1.842477457s ago: executing program 2 (id=2374): syz_emit_ethernet(0x1b2, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000003c707bc711340100000000c60000000000f4ff9500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb}, 0x48) r1 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000000)={0x0, 0x5, 0x10}, 0xc) r2 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x80, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}]}, @CTA_TIMEOUT={0x8}, @CTA_SEQ_ADJ_REPLY={0x1c, 0x10, 0x0, 0x1, [@CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x133}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0xcd}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x5ff}]}]}, 0x80}}, 0x0) r4 = socket$kcm(0x11, 0xa, 0x300) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sock_rcvqueue_full\x00', r5}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000040)='syzkaller\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94) r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000200)='syzkaller\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1100}, 0x48) r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000200)={0x1b, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0xff, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x4, 0x5}, 0x50) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000008c0)={r0, 0xe0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000600)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2, &(0x7f0000000640)=[0x0, 0x0], &(0x7f0000000680)=[0x0, 0x0], 0x0, 0x70, &(0x7f00000006c0)=[{}], 0x8, 0x10, &(0x7f0000000700), &(0x7f0000000740), 0x8, 0xbd, 0x8, 0x8, &(0x7f0000000780)}}, 0x10) r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000900)={0x1b, 0x0, 0x0, 0xbdc, 0x0, 0xffffffffffffffff, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x1, 0x5}, 0x50) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup/syz0\x00', 0x1ff) r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000009c0)=@o_path={&(0x7f0000000980)='./file0\x00', 0x0, 0x8, r0}, 0x18) r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r12 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCETHTOOL(r12, 0x8946, &(0x7f0000000b00)={'bond0\x00', &(0x7f0000000a40)=@ethtool_pauseparam={0x13, 0x0, 0x36, 0x101}}) ioctl$sock_inet_SIOCSIFDSTADDR(r4, 0x8918, &(0x7f0000000440)={'veth1\x00', {0x2, 0x4e21, @rand_addr=0x64010101}}) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x20, &(0x7f0000000800)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r11}}, {}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r11}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000a80)={{0x1, 0xffffffffffffffff}, &(0x7f0000000a00), &(0x7f0000000a40)='%ps \x00'}, 0x20) connect$vsock_stream(r0, &(0x7f0000000400)={0x28, 0x0, 0x2710, @my=0x1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x1e, 0x1e, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x1}, [@btf_id={0x18, 0xb, 0x3, 0x0, 0x1}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @map_val={0x18, 0x9a5b68ec7a6cf8e9, 0x2, 0x0, r7, 0x0, 0x0, 0x0, 0x7}, @printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}}, @jmp={0x5, 0x0, 0x3, 0x6, 0xb, 0xffffffffffffffc0, 0x1}]}, &(0x7f0000000380)='GPL\x00', 0x36, 0x14, &(0x7f00000003c0)=""/20, 0x41100, 0x40, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x1, 0x4}, 0x8, 0x10, 0x0, 0x0, r8, r0, 0x5, &(0x7f0000000ac0)=[r9, r10, 0x1, r11, r13], &(0x7f0000000b00)=[{0x5, 0x4, 0xd, 0xb}, {0x2, 0x5, 0x8, 0x9}, {0x1, 0x3, 0x8, 0x2}, {0x5, 0x4}, {0x1, 0x5, 0x0, 0x9}], 0x10, 0xb}, 0x94) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) shutdown(r14, 0x0) 1.785814837s ago: executing program 1 (id=2375): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000001440), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000000100)={0x2c, r1, 0x1, 0x70bd28, 0x0, {}, [@ETHTOOL_A_COALESCE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}]}]}, 0x2c}}, 0x0) r2 = socket(0x10, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=@ipv6_newaddr={0x40, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_LOCAL={0x14, 0x2, @local}, @IFA_CACHEINFO={0x14, 0x6, {0x40000000, 0xfffff001}}]}, 0x40}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r3, @fallback=0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffe}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x23}]}, 0x0, 0xfffffffe, 0x0, 0x0, 0x727c45cd4283345, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000007c0)='skb_copy_datagram_iovec\x00', r4}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r6, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0) recvmsg$unix(r5, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdc8}, 0x0) 1.487736678s ago: executing program 2 (id=2378): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x60, 0x30, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x4}}}, 0xb8}, 0x1, 0x0, 0x4000000}, 0x0) 1.407077287s ago: executing program 4 (id=2379): socket$packet(0x11, 0x2, 0x300) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000100000008000100400000000c000200700f0000000000000c00060003000000000000000a000a00272d5d29212b0000140007"], 0x6c}}, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x1, 0x0, 0x0) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000240)) r3 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c) setsockopt$XDP_UMEM_COMPLETION_RING(r3, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$XDP_RX_RING(r3, 0x11b, 0x2, &(0x7f0000000280), 0x4) setsockopt$XDP_UMEM_FILL_RING(r3, 0x11b, 0x5, &(0x7f0000000340)=0x8000, 0x4) unshare(0x6a040000) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='rxrpc_conn\x00', r5, 0x0, 0x2}, 0x18) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000400)={'batadv_slave_1\x00', 0x0}) bind$xdp(r3, &(0x7f0000000100)={0x2c, 0x0, r6}, 0x10) r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) setsockopt$IP_VS_SO_SET_DELDEST(0xffffffffffffffff, 0x11e, 0x488, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r9 = socket(0x840000000002, 0x3, 0xff) setsockopt$SO_TIMESTAMPING(r9, 0x1, 0x41, &(0x7f0000000140)=0x8, 0x4) setsockopt$SO_BINDTODEVICE(r9, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10) sendmmsg$inet(r9, &(0x7f0000000380)=[{{&(0x7f00000001c0)={0x2, 0x4e20, @broadcast}, 0x10, &(0x7f0000000180)=[{&(0x7f0000000200)="a90500040000746400009e150451160200000064c6", 0x15}, {&(0x7f0000000000)="17460081ba60ccbb9d000000000000", 0xf}, {&(0x7f0000000540)="45752532d7953b58fc5bd45db706e608fcbca6a1d2bc3f65b6e6ab32fdefe51e5d0183ea3643f2a41a55fc901dcb4435bb956a6b07306ee25da714086e85d3406d4ca7e4f3d31ad2b2e5fd3907f48d089c77ad32a8eb618117917f93f0f8113e8afa8370473da9469f86111bde2bdcb1d9e26a6316b9e39b65cec1d18346ee0c52e35c58bdf9c4fcd4c91598ee89daab1dae07c621047f67a709052b0c6b814aca3026eef13ea4718efa748401a095b02b2e58adc9617fe7ba9733991db52cada5dd65f6d6cbe4dfc96008effde2653d56039841b426439d03fcdfba148e16f334781b6dc042d72efc22b58bc09f7b7f", 0xf0}], 0x3}}], 0x1, 0x4008040) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10) ppoll(&(0x7f0000000500)=[{r7}], 0x1, 0x0, 0x0, 0x0) setsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f00000010c0)={r6, @initdev={0xac, 0x1e, 0x1, 0x0}, @private=0xa010100}, 0xc) 1.351856901s ago: executing program 2 (id=2381): r0 = socket$inet6(0xa, 0x1, 0x84) r1 = socket$nl_route(0x10, 0x3, 0x0) (async) bind$inet6(r0, &(0x7f0000ed3fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) (async) clock_gettime(0x0, &(0x7f0000000380)={0x0, 0x0}) setsockopt$sock_timeval(r1, 0x1, 0x14, &(0x7f0000000480)={r2, r3/1000+10000}, 0x10) (async) shutdown(r0, 0x0) (async) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x3, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000110b0008850000007200000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @sched_cls=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r5 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_int(r5, 0x1, 0x2a, &(0x7f0000001d00)=0x4, 0x4) (async) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r4, 0x0, 0x28, 0x0, &(0x7f0000000440)="004a1821b95df8fe4284860186dd8df3db3cde3d37cfae09ccc64b67acf8d0e9d6b8ff0000000000", 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50) (async) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) getsockopt$inet6_mreq(r0, 0x29, 0x1c, &(0x7f0000000080)={@private1, 0x0}, &(0x7f0000000140)=0x14) (async) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000200)={'syztnl1\x00', &(0x7f0000000180)={'syztnl1\x00', 0x0, 0x4, 0x10, 0x8, 0x3, 0x20, @dev={0xfe, 0x80, '\x00', 0x41}, @dev={0xfe, 0x80, '\x00', 0x34}, 0x700, 0x1, 0x5, 0x4}}) sendmsg$ETHTOOL_MSG_LINKMODES_GET(r6, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400001}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0x90, r7, 0x400, 0x70bd27, 0x25dfdbff, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_vlan\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}]}, 0x90}, 0x1, 0x0, 0x0, 0x4}, 0x4005) (async) sendto$inet6(r0, &(0x7f0000000100)="bc", 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback, 0x1}, 0x1c) 1.249189084s ago: executing program 1 (id=2382): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000780)=ANY=[@ANYBLOB="fc01000019000100000000000000000000000000000000000000ffff00000000ac14144200000000000000000000000000000000000080000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ff00000000000000000000000000000000000005000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000044010500ff010000000000000000000000000001000004d2330000000a000000000000000000000000000000000000000135000001003b00830000000500000007000000fe8000000000000000000000000000aa000004d63c0000000a000000ac1414bb00000000000000000000000002350000020007007f0000000000000004000000e0000001000000000000000000000000000004d56c00000002000000000000000000000000000000000000000000000004"], 0x1fc}}, 0x4000) 1.187352749s ago: executing program 3 (id=2384): recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$nl_generic(0x10, 0x3, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYRES32=r4, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000540)={r5, &(0x7f0000000480), &(0x7f0000000340)=@tcp=r1}, 0x20) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000380)={r6, r3, 0x25, 0x2, @val=@tcx}, 0x1c) syz_emit_ethernet(0x3e, &(0x7f0000000bc0)=ANY=[], 0x0) syz_emit_ethernet(0x3e, &(0x7f0000000bc0)=ANY=[], 0x0) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x4, &(0x7f00000000c0)=ANY=[@ANYRES8=r0], &(0x7f0000000080)='syzkaller\x00', 0x7, 0x0, 0x0, 0x40f00, 0x6, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='sys_enter\x00', r7, 0x0, 0x6}, 0x18) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @private1}], 0x1c) shutdown(0xffffffffffffffff, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000280)={0x0, 0x0, 0x0}, &(0x7f00000013c0)=0xc) sendmmsg$unix(r8, &(0x7f0000003600)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@cred={{0x1c, 0x1, 0x2, {r9, r10, r11}}}], 0x20, 0x40844}}], 0x1, 0x1) r12 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000040)={'ip6_vti0\x00'}) gettid() 1.071629327s ago: executing program 1 (id=2385): socket$inet6_tcp(0xa, 0x1, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$inet_sctp(0x2, 0x5, 0x84) r1 = syz_genetlink_get_family_id$netlbl_cipso(0x0, 0xffffffffffffffff) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="21040000000004000000010000000800"], 0x38}}, 0x4) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = socket(0x840000000002, 0x3, 0xfa) connect$inet(r3, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10) sendmmsg$inet(r3, &(0x7f0000005240), 0x4000095, 0x0) bind$alg(r3, 0x0, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000300000a48000000060a01040000000000000000020000001c000480180001800e000100625c74656f72646572000000040002800900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a"], 0x70}, 0x1, 0x0, 0x0, 0x20044054}, 0x0) listen(r2, 0x3) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10) syz_emit_ethernet(0x36, &(0x7f0000000180)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f1ea3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b2213fdc2881e1a6ec9d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232f0485a2ca9f37fc9c3d2688efcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdcdeb2af1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f925f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5c49209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378ad8f6afb0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3826ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3577], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r5}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000002340)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4509c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee5896"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94) bpf$BPF_PROG_DETACH(0x1c, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1900000004000000040000000200020000000000", @ANYRES32=0x1, @ANYBLOB="00000000000000000000000000000000001a78de000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000200"/28], 0x48) r6 = socket(0x10, 0x80003, 0x0) r7 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0xf, "0000000000000000000100000e00"}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x2000000}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e000000000000000a000000c889000001040400", @ANYRES32, @ANYBLOB, @ANYRES32=r8, @ANYRES32, @ANYBLOB="0400000000003971a19a9a976f30480b3911184903000000020000"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0xa, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800a742b164b526106e674726412ec1ec16000500000000"], 0x0, 0x7fff, 0x0, 0x0, 0x41000, 0x60, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x1ff}, 0x94) sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000000)=ANY=[@ANYRES32=r0, @ANYBLOB="81120c"], 0x37a0}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000) socket$inet_tcp(0x2, 0x1, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000190001002bbd7000fcdbdf251c2080070001fd000001000046fa0619255abfd29e9cd10298b77a61721943c949afc3fef80a51eb9e72fbae1cd6b426e7ca"], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000004) 1.071106977s ago: executing program 2 (id=2386): socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, &(0x7f0000000000)={0x2, 'veth1_to_bridge\x00', 0x200}, 0x18) setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, &(0x7f00000002c0)={0x2, 'veth1_virt_wifi\x00'}, 0x18) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000e40), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000001080)={&(0x7f0000000000)=ANY=[@ANYRES16=r1, @ANYBLOB="01000000000000000000030000005800018044000400200001000a000000000000003a000000000040120000006e7000000100000000200002000a00000000800000000000000000000200000000000000aa000000000d0001007564703a73"], 0x6c}}, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', 0x0}) socket$inet_sctp(0x2, 0x1, 0x84) sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_OIF={0x8, 0x5, r5}]}, 0x20}}, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800010009000000000000000a00000000000000080001000200000004000b"], 0x24}}, 0x0) sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000003c0)=@delnexthop={0x20, 0x69, 0x400, 0x0, 0x0, {}, [{0x8, 0x1, 0x2}]}, 0x20}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@newnexthop={0x24, 0x68, 0x1, 0x2, 0x7ffffffc, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x4}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x24008000}, 0x4000) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x4, 0x6, 0xa}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000600), r10) sendmsg$IEEE802154_ASSOCIATE_RESP(r10, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000640)={0x1c, r11, 0x1, 0x70bd26, 0x25dfdbff, {}, [@IEEE802154_ATTR_STATUS={0x5, 0x3, 0x5}]}, 0x1c}}, 0x20008000) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r8}, &(0x7f0000000200), &(0x7f0000000340)=r9}, 0x20) r12 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r12, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@newnexthop={0x24, 0x68, 0x1, 0x2, 0x7ffffffc, {}, [@NHA_GROUP={0xc, 0x2, [{0x2, 0x4}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x24008000}, 0x4000) 1.032841028s ago: executing program 3 (id=2387): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x3, 0x4, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x2}, [@call={0x85, 0x0, 0x0, 0x8}]}, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9, @void, @value=0x30010000}, 0x94) 942.429429ms ago: executing program 3 (id=2389): setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, 0x0, 0x0) accept4(0xffffffffffffffff, 0x0, 0x0, 0x80800) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a3000000000e4000000160a01000000000000000000010000010900010073797a30000000000900020073797a3000000000b80003800800014000000000a400038014000100776c616e3000000000000000000000001400010076657468305f746f5f62617461647600140001006d6163766c616e3100000000000000001400010076657468310000000000000000000000140001006772653000000000000000000000000014000100776c616e3100000000000000000000009400010076657468315f766972745f77696669001400010076657468305f746f5f626f6e6400000008000240000000064c020000180a0101000b000000000000010000000900010073797a3000000000e800038008000140000000000000014000000000cc0003801400010069703665727370616e3000000000000014000100776732000000000000000000000000001400010076657468305f6d61637674617000000014000100626f6e645f736c6176655f310000000014000100626f6e645f736c6176655f300000000014000100636169663000000000000000000000001400010070696d726567300000000000000000001400010070696d726567310000000000000000001400010076657468315f746f5f7465616d000000140001007465616d5f736c6176655f300000000008000140000000200900020073797a30000000001001038008000140000008"], 0x378}}, 0x0) 941.224663ms ago: executing program 2 (id=2390): bpf$OBJ_GET_MAP(0x7, &(0x7f0000000300)=@generic={&(0x7f0000000200)='./file0\x00', 0x0, 0x1c}, 0x18) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r1, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @empty}], 0x1c) sendto$inet6(r1, &(0x7f0000000500)="a4", 0x34000, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r0, 0x0, 0x8000) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0) r2 = socket$inet6(0xa, 0x3, 0x6) setsockopt$inet6_IPV6_DSTOPTS(r1, 0x29, 0x3b, &(0x7f0000000100)=ANY=[], 0x8) setsockopt$inet6_buf(r2, 0x29, 0x39, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) epoll_create1(0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000240)="2f0000001c0005fffffff7000d000000020000000b000000ec0091c913000180f0ffffeb46860f21244e36c3fdb9c3", 0x2f}], 0x1}, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) r3 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r3, &(0x7f0000000140)=[{0x3, 0x0, &(0x7f0000000100), 0x6, &(0x7f0000000100), 0xc}], 0x492492492492856, 0x0) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x18) ppoll(&(0x7f0000000500)=[{r4}], 0x1, 0x0, 0x0, 0x0) pselect6(0x63, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0xb9, 0x4, 0x8000000000000001}, 0x0, 0x0) socket(0x2, 0x6, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2e, 0x0, 0x0) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7e2}) ioctl$TUNATTACHFILTER(r6, 0x401054d5, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x61}, {0x6}]}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) close(0x4) 797.958936ms ago: executing program 3 (id=2392): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x11, 0x3, &(0x7f0000000800)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xfffffffe}}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94) syz_emit_ethernet(0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="0f539af21094aaaaaaaa000000000000000000000000ff0200000000000000000000000000010300907800000000607a1d790000000000000000000000000000000000000000cd1724a1ae97901c702507c6fa21929d6adc95cc02872201a42e5c3fbcd53cea34fd7663340714d982bf2b0900000049bee751fb8b9d91715483a0000000000000000000"], 0x0) socket$inet_mptcp(0x2, 0x1, 0x106) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000800)=ANY=[@ANYBLOB="140100002e00010000000000fcdbdf2503"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0) 771.140425ms ago: executing program 1 (id=2393): bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x10b8}, 0xff00) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@bloom_filter={0x1e, 0x0, 0x400007, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x0, 0xfffffffffffffffd}, 0x50) r0 = socket$kcm(0xa, 0x5, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, 0x0, &(0x7f0000000000)='syzkaller\x00'}, 0x94) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x80) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0) r2 = socket(0x40000000015, 0x5, 0x0) getsockopt(r2, 0x200000000114, 0x8, 0x0, &(0x7f0000000000)) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0x10448) socket$rxrpc(0x21, 0x2, 0xa) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r3, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000)) setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10) r4 = socket$tipc(0x1e, 0x2, 0x0) sendmsg$tipc(r4, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4010}, 0x8820) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="05000000e4ef1f00810000007f00000001"], 0x48) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) unshare(0x20000400) socket$alg(0x26, 0x5, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x50) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) close(0xffffffffffffffff) socket(0x10, 0x803, 0x0) write$cgroup_pid(r5, &(0x7f0000000000), 0x2a979d) write$tun(r5, 0x0, 0x0) 687.871186ms ago: executing program 0 (id=2394): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a3000000000e4000000160a01000000000000000000010000010900010073797a30000000000900020073797a3000000000b80003800800014000000000a400038014000100776c616e3000000000000000000000001400010076657468305f746f5f62617461647600140001006d6163766c616e3100000000000000001400010076657468310000000000000000000000140001006772653000000000000000000000000014000100776c616e3100000000000000000000009400010076657468315f766972745f77696669001400010076657468305f746f5f626f6e6400000008000240000000064c020000180a0101000b000000000000010000000900010073797a3000000000e800038008000140000000000000014000000000cc0003801400010069703665727370616e3000000000000014000100776732000000000000000000000000001400010076657468305f6d61637674617000000014000100626f6e645f736c6176655f310000000014000100626f6e645f736c6176655f300000000014000100636169663000000000000000000000001400010070696d726567300000000000000000001400010070696d726567310000000000000000001400010076657468315f746f5f7465616d000000140001007465616d5f736c6176655f300000000008000140000000200900020073797a30000000001001038008000140000008"], 0x378}}, 0x0) 622.625176ms ago: executing program 3 (id=2395): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000800000000000ca73e4d7000000282d0c3a0c0f1522"], &(0x7f0000000000)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="74010000", @ANYRES16=r2, @ANYBLOB="11060000000000000000010000000800050001000000200108803c0000801400040002000000ac1e00010000000000000000240001000000000000000000000000000000000000000000000000000300000000000000e0000080a400098028000080060001000a0000001400020020010000000000000000000000000001050003000100000028000080060001000a00000014000200ff010000000000000000000000000001050003002aea091428000080060001000a00000014000200ff010000000000000000000000000001050003000300000028020080060001000a00000014000200ff0100000000000000000000000000010500030000000000240001000000000000000000000000000000000000000000000000000000000000000000140004000200000000000000000000000000000024000300000000000000000000000000000000000000000000000000000000000000000014000200776731"], 0x174}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x1, 0x5, &(0x7f0000001140)=ANY=[@ANYBLOB="bf16000000000000b70700000100e0ff5070000028000000770000000000000095000200000000007ae9413df8ff0af5aa35339f4b382c4cad9db67dc983134d04ef2fd6fa7a9b857b72abaca100af1ba23d69883c073ec10500000000000000000000000000ac0e064c27bdfbd301150500000000000000bfdc995279d64072aacbb0595b950600009ad3bf16a461e48e955a772d4062093f4cb1c3d9532abad2085401f098eb039ae4f4103699b9e079229c1a72cb6d47cef1595e84d21951010f0274b1445a2ad6a7ad73827cccc21842599e0ae7b91f0b858b7b67aa0b28d69a74ffdea61be892f0f9ff9468e42aea53ee0cb83ff180aa18b625d1667459c7cba77cff9dc8c2772fe552fecfcd1778b08381000000c0b8e14631d521207e7423d86508416780983c2f380bc01cefe9773a9a5cd5b24aa24a561e72393c0ce2bf44825b05c1779fe74f884c2472ab45c2af60289cb199963312dd1929096c6f49d116f1612a7b97f77169fa5e8a66a372ef8e3ee7167f7d2a26fc6c3cfa4dc5860277223d6eb3460e3b10a0dc9400010000ca11d7beb5e700498b43bdadc916c01264d22d7969530633f94b257fbc5da7a96820e31044c0b0f62619c9e351996185e4015510875b774666ba5c0ba9845ad25b578d7d714ff3a85586b9b452301f5470d0e0ae5d7f82f178f0c7c9c8f44c390c8a2c5be9e24a125420912ec9a3149f87b35ef1169f05e49164a4944e7b4da2097f57020dd4f1f4f15edd7a0b1e24c6f79e1ea72a29c773f40f5bd9a6d7926c5c741f5aa85405273c7967d2c1a14efe0d5322cdcf2bc058ff9acb481926312f04008b1044e8c1c17d8c562edf69f4db96e059c49ec69a6086b5a3d24f4c7810ab5f6a9f9eb5c881883e5671bbca4614df48103ca6e408910000000000f784583b63fcd46293e1ea56bd87915783a144d41669cd2c52dbb03e2b7384f100000000000000000090bd4fa6a2d30dafd3a04d373eaf151dfbbb744f0f1ce962217b32ad159f41671f002c3a25b4efbc3b193e0954f71c7f240a7cdc5bf9be12ca0e82d2a408c8f882760331612a7c3d74386b3268e0c2a95396f6d16b8309cc192295fea2d0ce983baef6deecca6b6268b6cc965f2623bac861e31026a6aba7ebf78a614092257e3a4e52b7b1628dc33a425dce56fc939b96fbb66e131ba7651b542c86650336735d315c26bae977ff5a619b2534a5d1479e9090447aa860b81b905ded2f52ab9c741fc3a05030476b159690a811416d59f9d92c84fcbf0146be0330e1127cc4bb4e4c94d603f449279874e44113e9de94fbc14891af08e20a4701f0f8788b357815cf4ca3da2066ee6604ac6ab6ec54a111bd5b1887e74eb854010cc2dc95b06ceddfbc1b914be267fc29e6cf2301291ca8de0eed796d9e5e356861349b0fc217592e962360e714bb93a2e936f70873e773b9b6c056f28a36185bb8ecdcd3332528ab2d05be93bc69a373ac9d20fa087015481cfba74612d93104db153f89d03d6ce620f1f25be68b9cb2d225711c1b288ec6464111db1b40dbce06fd1bd887d7254476c9c70fe79be0fb7810e054b6e2205c2b4b27f13751639c581dac83889ed6eea54c798f2287c9d5345b0c49f78b9aa27a9c96ce5e43b6ca11bb6375ed390773315d19b596a60500330115bb100d0ea1511e29720d5f712eedd8e165af0c1d591fdbbd84e654b0e60c338c530a9e8ae1316a889134204f9db96e870bc1c5ffc1bdb2394d77e6c751f9d87ef42f6d53293f31ff4b60912fa0777c59db1ff74ba90026eed627e0f8ab250c8c6d51d86030e6be4a8982684c12c1c435d586ce106d0b4cd0f5fabcc5fbe30db5e715646867122ef50f767e215f92d407ad1c6575eccfe25f76aaf388008ec2217c9ba0f807edebe686b420287b6e0c6f14a48c82ec45f1aa7ac2508932d0e3a5834a1a4e20bc9bb2a802304900d6bef57bd9c081b45520e7bd491a0ef1bfec4721cc70962f4d55f01bae699cb3fe31c179f00dc79140333fa4e85ec393dd01bdc5bf79677453a30c63d1561a35c5e94e3cad80136e753052b08901965293bcf5f9de9c8019a1fdebddb255427326deea4506d2cc2949df6a5c13fbcc36cbcd0f0d35602668c3bc7c7264457f161a51"], &(0x7f0000000140)='GPL\x00'}, 0x94) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) openat$tun(0xffffffffffffff9c, 0x0, 0xc1842, 0x0) socket$can_bcm(0x1d, 0x2, 0x2) r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000f2ffffff0000000000000000850000001700000095"], &(0x7f0000000080)='GPL\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={r4, 0x0, 0x2000, 0x2000, &(0x7f0000000040)="976d9023d56482cd284a63da539706d7009be646625bd75b025352ebe557df463106baeed6c2d75549b140f143fb8bb67bfe5b308b8d05758115c7ad", &(0x7f0000000180)=""/114, 0x0, 0x0, 0xd8, 0xc4, &(0x7f0000000400)="cf2240e6919817e49555d221b4e6c6ba11c4d974ddab2318db7b52cee499399a00be4b710e9246d7bca28cc8346eb84414e45f3f4633f4acb77bf8cc38c4c16fe035905db79cdc0be634a915662c4cac58ae94706f86ea320f339c21399b5bb7607044916c63c528ab4149718d6215a9a3749113c268e49b2b9dae91ed804e5ac5d4ec7ac9c5fd67a76f9a2b06f7304f6e81221a751008e786e1edde82cf1ecb76cb4cd71cf781ea3a19b917a1e215b1a6c7ee605b32b91eaae38517fde4303d5f2b1e63e9e52ae4b197fd72de1f71801e1f9f1369d1f530", &(0x7f0000000280)="bf049fd184f7b03c21d9bcddc4eef9ebb6a0da3eb91c56454e873dd7336ccf21a1eeb8da7adf80d6e06ef46c7f36222fadaed2103c286468b3f44adee51445bd1bedf8fcc1c0b9fdc8b3829b1bf0c9d2d409cdecb12ad033e299c029331993ae9760345bf7feb91ee96b0eee19454ad3dbce5019b68c114ff1921a9b4665744c7784ac6736101a70592d83c448a84c31ec60bb901d96ea99471d823ee523318878ee704a8d9502b566cad45587cb74ea8259c1c0a926fc09499395b2db5af40bb6f4c526", 0x0, 0x8000}, 0x24) r5 = socket(0x10, 0x803, 0x0) r6 = socket(0x28, 0x803, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=@getchain={0x24, 0x66, 0x0, 0x3, 0x2000, {0x0, 0x0, 0x0, 0x0, {0x0, 0x8}, {0x0, 0xffff}}}, 0x86}}, 0x400c0) getsockname$packet(r5, &(0x7f0000000740)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000700)=0x14) sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="480000001000010400"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012800b000100697036746e6c00001800028014000300"], 0x48}}, 0x0) sendmsg$nl_route(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="9800000010000104fcffffff0000000008000000", @ANYRES32=r7, @ANYRES32=r1], 0x98}, 0x1, 0x0, 0x0, 0x40001}, 0x20004090) listen(r3, 0xfff) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r3, 0x84, 0x6e, &(0x7f0000000080)=[@in={0x2, 0x4e22, @loopback}], 0x10) unshare(0x480) bpf$TOKEN_CREATE(0x24, &(0x7f0000000400), 0x8) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r9 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r9, &(0x7f0000000540)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a066f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0effeffe809005300fff5dd00000010000100080c10000000ffffffffffff", 0x58}], 0x1) setsockopt$sock_attach_bpf(r8, 0x1, 0x2f, &(0x7f0000000400), 0xa5e) r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x1f, 0xc, &(0x7f00000001c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x1000, 0x0, 0x0, 0x0, 0x11}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) 568.54979ms ago: executing program 1 (id=2396): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000940)=ANY=[@ANYBLOB="bc0100001900010027bd700000000000e00000020000000000000000000000000000000000000000000000000000000001fe0000000000000a00000029000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000030000000000000000000000000700000000000000080000f7ffffff000000000000000000020000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffffff000000000000000000000000000000000401050000000000000000000000ffffffffffff000004d23200"], 0x1bc}}, 0x4004) 487.187542ms ago: executing program 3 (id=2397): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="3800000056000100000000f70000000007", @ANYRES32], 0x38}}, 0x0) r0 = socket(0x200000000000011, 0x2, 0x1) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7}, 0x48) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000b98cad95850000000100000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f00000000c0)=r5, 0x4) sendmsg$unix(r4, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0) bind$packet(r0, &(0x7f0000000080)={0x11, 0x800, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x8000}, 0x4) r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x43}, 0x94) bpf$TOKEN_CREATE(0x24, &(0x7f0000000300)={0x0, r6}, 0x8) unshare(0x68040200) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0xfffff000) socket$inet6(0xa, 0x3, 0x8) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)=ANY=[@ANYBLOB="200000002d00091327bd70000000000006"], 0x20}}, 0x84) r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r8, 0x5, 0xb68, 0xf5ffffff, &(0x7f0000000000)='%', 0x0, 0xd01, 0xbe02, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 403.767854ms ago: executing program 0 (id=2398): recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$nl_generic(0x10, 0x3, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYRES32=r4, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000540)={r5, &(0x7f0000000480), &(0x7f0000000340)=@tcp=r1}, 0x20) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000380)={r6, r3, 0x25, 0x2, @val=@tcx}, 0x1c) syz_emit_ethernet(0x3e, &(0x7f0000000bc0)=ANY=[], 0x0) syz_emit_ethernet(0x3e, &(0x7f0000000bc0)=ANY=[], 0x0) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x4, &(0x7f00000000c0)=ANY=[@ANYRES8=r0], &(0x7f0000000080)='syzkaller\x00', 0x7, 0x0, 0x0, 0x40f00, 0x6, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='sys_enter\x00', r7, 0x0, 0x6}, 0x18) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @private1}], 0x1c) shutdown(0xffffffffffffffff, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000280)={0x0, 0x0, 0x0}, &(0x7f00000013c0)=0xc) sendmmsg$unix(r8, &(0x7f0000003600)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@cred={{0x1c, 0x1, 0x2, {r9, r10, r11}}}], 0x20, 0x40844}}], 0x1, 0x1) r12 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000040)={'ip6_vti0\x00'}) gettid() 403.502325ms ago: executing program 4 (id=2399): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x3, 0x4, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x2}, [@call={0x85, 0x0, 0x0, 0x8}]}, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9, @void, @value=0x30020000}, 0x94) 390.195155ms ago: executing program 1 (id=2400): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000280)={0x1b, 0x0, 0x0, 0x5, 0x0, 0x1, 0xf94, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x5}, 0x50) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000300)=@o_path={&(0x7f0000000180)='./file0\x00', 0x0, 0x18}, 0x18) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'vxcan0\x00'}) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000480)='hugetlb.1GB.usage_in_bytes\x00', 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="100000008000000000100000fbffffff00000000", @ANYRES32, @ANYBLOB="b252000000fffffffffffffff700000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="04000000040000000300"/28], 0x50) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_queued\x00', 0x275a, 0x0) r1 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r1, &(0x7f0000000440), 0x10) listen(r1, 0xfffffffe) r2 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r2, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10) r3 = accept4$unix(r1, 0x0, 0x0, 0x800) recvmmsg(r3, &(0x7f0000001680)=[{{0x0, 0x0, &(0x7f0000003380)=[{&(0x7f0000000140)=""/120, 0x78}], 0x1}}], 0x1, 0x2, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) socket$vsock_stream(0x28, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000480)={'wlan0\x00', 0x0}) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000000000003700000008000300", @ANYRES32=r5, @ANYBLOB="08002600901500000800570080"], 0x2c}}, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x1, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000f000000850000002e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r9 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(r9, 0x1, 0x32, &(0x7f0000000040)=r8, 0x4) syz_genetlink_get_family_id$devlink(&(0x7f0000000300), 0xffffffffffffffff) r10 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_FRAME(r10, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32, @ANYBLOB="08002600ad1600004000330010000000080211000000080211000000080211000001000000000000010001002d1a40000b0000000000000000040003000b0000000600500000000304006c"], 0x68}}, 0x0) 354.747451ms ago: executing program 0 (id=2401): socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socket$caif_seqpacket(0x25, 0x5, 0x0) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000d0ffffff000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000400008500000001000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r0}, &(0x7f00000001c0), &(0x7f0000000100)=r2}, 0x20) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000300)={r0, 0xffffffffffffffff}, 0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x10, &(0x7f00000003c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}}]}, &(0x7f0000000140)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0xc}, 0x94) 307.680677ms ago: executing program 4 (id=2402): r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$WPAN_SECURITY_LEVEL(r0, 0x0, 0x2, &(0x7f0000000000), 0x4) (async) setsockopt$WPAN_SECURITY_LEVEL(r0, 0x0, 0x2, &(0x7f0000000000), 0x4) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) ioctl$FICLONE(r0, 0x40049409, r0) (async) ioctl$FICLONE(r0, 0x40049409, r0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$SIOCRSSL2CALL(r1, 0x89e2, &(0x7f0000000040)=@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}) ioctl$FS_IOC_SETVERSION(r1, 0x40087602, &(0x7f0000000080)=0x2e7) (async) ioctl$FS_IOC_SETVERSION(r1, 0x40087602, &(0x7f0000000080)=0x2e7) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), r0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000001c0)={0x1, 0x58, &(0x7f0000000140)}, 0x10) (async) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000001c0)={0x1, 0x58, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000340)={&(0x7f0000000200)={0x110, r2, 0x400, 0x70bd2c, 0x25dfdbfe, {}, [@ETHTOOL_A_LINKMODES_OURS={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}, @ETHTOOL_A_LINKMODES_SPEED={0x8}, @ETHTOOL_A_LINKMODES_MASTER_SLAVE_CFG={0x5, 0x7, 0x3}, @ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0x2}, @ETHTOOL_A_LINKMODES_MASTER_SLAVE_CFG={0x5, 0x7, 0x5}, @ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0x9}, @ETHTOOL_A_LINKMODES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}, @ETHTOOL_A_LINKMODES_OURS={0xbc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0xb8, 0x3, 0x0, 0x1, [{0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '.\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '/\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x80000001}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, '*,#-]%\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '$@\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x8, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, ':'}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '+/\x00'}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, '[\xd6}}{\x00'}]}, {0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '@.\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}]}]}, 0x110}, 0x1, 0x0, 0x0, 0x80}, 0x48000) socket$nl_netfilter(0x10, 0x3, 0xc) (async) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(r4, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x70, 0x2, 0x8, 0x101, 0x0, 0x0, {0x1}, [@CTA_TIMEOUT_DATA={0x2c, 0x4, 0x0, 0x1, @udp=[@CTA_TIMEOUT_UDP_REPLIED={0x8, 0x2, 0x1, 0x0, 0xb}, @CTA_TIMEOUT_UDP_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x3}, @CTA_TIMEOUT_UDP_REPLIED={0x8, 0x2, 0x1, 0x0, 0x1540000}, @CTA_TIMEOUT_UDP_REPLIED={0x8, 0x2, 0x1, 0x0, 0x8000}, @CTA_TIMEOUT_UDP_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x8d8}]}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x22eb}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_DATA={0x1c, 0x4, 0x0, 0x1, @icmpv6=[@CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x4}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0xd}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x4}]}]}, 0x70}, 0x1, 0x0, 0x0, 0xc080}, 0x12) pselect6(0x40, &(0x7f0000000500)={0x1, 0xfffffffeffffffff, 0x4000000000000, 0x1, 0x6, 0x7f, 0xd3, 0x6}, &(0x7f0000000540)={0x100000001, 0xe50, 0x8001, 0xc, 0x1, 0x3fffffffc000, 0xffffffff80000001, 0x8}, &(0x7f0000000580)={0x6, 0x8, 0x7fffffffffffffff, 0x10000, 0x0, 0x1, 0x4, 0x2}, &(0x7f00000005c0)={0x77359400}, &(0x7f0000000640)={&(0x7f0000000600)={[0xfffffffffffffaa8]}, 0x8}) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000680)='cpuacct.usage_all\x00', 0x0, 0x0) bind$inet(r5, &(0x7f00000006c0)={0x2, 0x4e23, @multicast2}, 0x10) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f0000000740), 0xffffffffffffffff) (async) r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000740), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000780)={'wpan1\x00'}) (async) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000780)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r6, &(0x7f0000000880)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000840)={&(0x7f00000007c0)={0x54, r7, 0x400, 0x70bd2c, 0x25dfdbfb, {}, [@NL802154_ATTR_SEC_LEVEL={0x2c, 0x2d, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5}, @NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5, 0x4, 0x1}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x1}, @NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x3}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_SEC_LEVEL={0xc, 0x2d, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5, 0x4, 0x1}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x20004000}, 0x40488a1) r9 = openat$cgroup_ro(r5, &(0x7f00000008c0)='blkio.bfq.io_service_time_recursive\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r9, 0x84, 0x14, &(0x7f0000000900)=@assoc_value, &(0x7f0000000940)=0x8) (async) getsockopt$inet_sctp_SCTP_MAX_BURST(r9, 0x84, 0x14, &(0x7f0000000900)=@assoc_value, &(0x7f0000000940)=0x8) socket$packet(0x11, 0x3, 0x300) setsockopt$SO_J1939_SEND_PRIO(r5, 0x6b, 0x3, &(0x7f0000000980), 0x4) r10 = accept$alg(r5, 0x0, 0x0) accept4(r10, &(0x7f00000009c0)=@l2tp, &(0x7f0000000a40)=0x80, 0x80000) sendmsg$RDMA_NLDEV_CMD_DELLINK(r9, &(0x7f0000000b40)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000b00)={&(0x7f0000000ac0)={0x30, 0x1404, 0x200, 0x70bd29, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000001}, 0x28000000) r11 = accept$alg(r5, 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r11, 0x40087602, &(0x7f0000000b80)=0x8) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000c00), r6) (async) r12 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000c00), r6) sendmsg$IEEE802154_LLSEC_LIST_DEVKEY(r6, &(0x7f0000000cc0)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000c80)={&(0x7f0000000c40)={0x14, r12, 0x200, 0x70bd26, 0x25dfdbfb, {}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x40050) (async) sendmsg$IEEE802154_LLSEC_LIST_DEVKEY(r6, &(0x7f0000000cc0)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000c80)={&(0x7f0000000c40)={0x14, r12, 0x200, 0x70bd26, 0x25dfdbfb, {}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x40050) 255.353352ms ago: executing program 0 (id=2403): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x0) 214.820395ms ago: executing program 4 (id=2404): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000780)=ANY=[@ANYBLOB="fc01000019000100000000000000000000000000000000000000ffff00000000ac14144200000000000000000000000000000000000080000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ff00000000000000000000000000000080ffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000044010500ff010000000000000000000000000001000004d2330000000a000000000000000000000000000000000000000135000001003b00830000000500000007000000fe8000000000000000000000000000aa000004d63c0000000a000000ac1414bb00000000000000000000000002350000020007007f0000000000000004000000e0000001000000000000000000000000000004d56c00000002000000000000000000000000000000000000000000000004"], 0x1fc}}, 0x4000) 146.119375ms ago: executing program 4 (id=2405): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_CMD_SHOW_LINK_STATS(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0180000000000000000001ffffffffffff8001"], 0x28}}, 0x0) (async) sendmsg$TIPC_CMD_SHOW_LINK_STATS(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0180000000000000000001ffffffffffff8001"], 0x28}}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000200000000001200000085000000230000003f0000000000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='mm_page_alloc\x00', r3}, 0x10) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000000800004"], 0x48) (async) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000000800004"], 0x48) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)) (async) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) getpeername$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000140)=@newlink={0x48, 0x10, 0x503, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, 0x21111, 0x62000}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_MACSEC_CIPHER_SUITE={0xc, 0x4, 0x80c20001000002}]}}}, @IFLA_LINK={0x8, 0x5, r5}]}, 0x48}, 0x1, 0x0, 0x0, 0x48880}, 0x0) 145.647139ms ago: executing program 0 (id=2406): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000940)=ANY=[@ANYBLOB="bc0100001900010027bd700000000000e00000020000000000000000000000000000000000000000000000000000000001fe0000000000000a00000029000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000700000000000000080000f7ffffff0000000000000000000280ffffff00000040000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffffff00000000000000000000000000000000040105"], 0x1bc}}, 0x4004) 0s ago: executing program 0 (id=2407): r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26) setsockopt$sock_int(r0, 0x1, 0x21, &(0x7f0000b4bffc)=0x8, 0x4) syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r0) recvmmsg(r0, &(0x7f0000000780), 0x3ffffffffffff81, 0x2, 0x0) (fail_nth: 100) kernel console output (not intermixed with test programs): 4_sys_sendmsg+0x10/0x10 [ 166.986847][T10049] ? rcu_is_watching+0x15/0xb0 [ 166.986867][T10049] ? trace_sys_enter+0x25/0x100 [ 166.986903][T10049] do_syscall_64+0xfa/0x3b0 [ 166.986924][T10049] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.986946][T10049] ? clear_bhb_loop+0x60/0xb0 [ 166.986970][T10049] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.986990][T10049] RIP: 0033:0x7f914258ebe9 [ 166.987009][T10049] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 166.987029][T10049] RSP: 002b:00007f91407ee038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 166.987052][T10049] RAX: ffffffffffffffda RBX: 00007f91427b5fa0 RCX: 00007f914258ebe9 [ 166.987068][T10049] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000a [ 166.987082][T10049] RBP: 00007f91407ee090 R08: 0000000000000000 R09: 0000000000000000 [ 166.987096][T10049] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 166.987108][T10049] R13: 00007f91427b6038 R14: 00007f91427b5fa0 R15: 00007ffeb5cf82c8 [ 166.987133][T10049] [ 167.421652][T10062] bridge2: entered promiscuous mode [ 167.972308][T10084] netlink: 'syz.4.1374': attribute type 29 has an invalid length. [ 167.993081][T10084] netlink: 'syz.4.1374': attribute type 29 has an invalid length. [ 168.022677][T10084] : entered promiscuous mode [ 168.106852][T10090] FAULT_INJECTION: forcing a failure. [ 168.106852][T10090] name failslab, interval 1, probability 0, space 0, times 0 [ 168.148215][T10090] CPU: 0 UID: 0 PID: 10090 Comm: syz.4.1377 Not tainted syzkaller #0 PREEMPT(full) [ 168.148246][T10090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 168.148259][T10090] Call Trace: [ 168.148266][T10090] [ 168.148275][T10090] dump_stack_lvl+0x189/0x250 [ 168.148302][T10090] ? __pfx____ratelimit+0x10/0x10 [ 168.148331][T10090] ? __pfx_dump_stack_lvl+0x10/0x10 [ 168.148353][T10090] ? __pfx__printk+0x10/0x10 [ 168.148382][T10090] ? __pfx___might_resched+0x10/0x10 [ 168.148401][T10090] ? lock_acquire+0x5f/0x360 [ 168.148431][T10090] should_fail_ex+0x414/0x560 [ 168.148471][T10090] should_failslab+0xa8/0x100 [ 168.148503][T10090] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 168.148533][T10090] ? __alloc_skb+0x112/0x2d0 [ 168.148555][T10090] __alloc_skb+0x112/0x2d0 [ 168.148575][T10090] netlink_ack+0x146/0xa50 [ 168.148605][T10090] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 168.148637][T10090] ? __netlink_lookup+0xbd/0x810 [ 168.148656][T10090] ? rcu_is_watching+0x15/0xb0 [ 168.148678][T10090] ? rcu_is_watching+0x15/0xb0 [ 168.148702][T10090] netlink_rcv_skb+0x28c/0x470 [ 168.148733][T10090] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 168.148766][T10090] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 168.148809][T10090] netlink_unicast+0x82f/0x9e0 [ 168.148843][T10090] ? __pfx_netlink_unicast+0x10/0x10 [ 168.148874][T10090] ? netlink_sendmsg+0x642/0xb30 [ 168.148892][T10090] ? skb_put+0x11b/0x210 [ 168.148913][T10090] netlink_sendmsg+0x805/0xb30 [ 168.148938][T10090] ? __pfx_netlink_sendmsg+0x10/0x10 [ 168.148959][T10090] ? aa_sock_msg_perm+0xf1/0x1d0 [ 168.148979][T10090] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 168.149002][T10090] ? __pfx_netlink_sendmsg+0x10/0x10 [ 168.149023][T10090] __sock_sendmsg+0x21c/0x270 [ 168.149053][T10090] ____sys_sendmsg+0x505/0x830 [ 168.149078][T10090] ? __pfx_____sys_sendmsg+0x10/0x10 [ 168.149106][T10090] ? import_iovec+0x74/0xa0 [ 168.149131][T10090] ___sys_sendmsg+0x21f/0x2a0 [ 168.149155][T10090] ? __pfx____sys_sendmsg+0x10/0x10 [ 168.149197][T10090] ? __fget_files+0x2a/0x420 [ 168.149215][T10090] ? __fget_files+0x3a0/0x420 [ 168.149239][T10090] __x64_sys_sendmsg+0x19b/0x260 [ 168.149263][T10090] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 168.149292][T10090] ? __pfx_ksys_write+0x10/0x10 [ 168.149322][T10090] ? rcu_is_watching+0x15/0xb0 [ 168.149345][T10090] do_syscall_64+0xfa/0x3b0 [ 168.149365][T10090] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 168.149386][T10090] ? clear_bhb_loop+0x60/0xb0 [ 168.149410][T10090] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 168.149431][T10090] RIP: 0033:0x7f73cf58ebe9 [ 168.149456][T10090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 168.149475][T10090] RSP: 002b:00007f73d04a6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 168.149499][T10090] RAX: ffffffffffffffda RBX: 00007f73cf7b5fa0 RCX: 00007f73cf58ebe9 [ 168.149515][T10090] RDX: 0000000000044080 RSI: 0000200000000040 RDI: 0000000000000003 [ 168.149529][T10090] RBP: 00007f73d04a6090 R08: 0000000000000000 R09: 0000000000000000 [ 168.149543][T10090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 168.149555][T10090] R13: 00007f73cf7b6038 R14: 00007f73cf7b5fa0 R15: 00007ffc08275468 [ 168.149579][T10090] [ 168.494499][T10091] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 168.630441][T10100] sctp: [Deprecated]: syz.3.1378 (pid 10100) Use of int in max_burst socket option. [ 168.630441][T10100] Use struct sctp_assoc_value instead [ 168.999271][T10117] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 169.094241][T10121] __nla_validate_parse: 8 callbacks suppressed [ 169.094262][T10121] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1384'. [ 169.307349][T10141] netlink: 'syz.1.1391': attribute type 3 has an invalid length. [ 169.308610][T10143] netlink: 'syz.1.1391': attribute type 3 has an invalid length. [ 169.317863][T10141] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1391'. [ 169.325632][T10143] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1391'. [ 169.464575][T10150] A link change request failed with some changes committed already. Interface ip6gretap0 may have been left with an inconsistent configuration, please check. [ 169.708761][T10172] FAULT_INJECTION: forcing a failure. [ 169.708761][T10172] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 169.722249][T10172] CPU: 1 UID: 0 PID: 10172 Comm: syz.1.1403 Not tainted syzkaller #0 PREEMPT(full) [ 169.722281][T10172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 169.722303][T10172] Call Trace: [ 169.722312][T10172] [ 169.722321][T10172] dump_stack_lvl+0x189/0x250 [ 169.722351][T10172] ? __pfx____ratelimit+0x10/0x10 [ 169.722385][T10172] ? __pfx_dump_stack_lvl+0x10/0x10 [ 169.722410][T10172] ? __pfx__printk+0x10/0x10 [ 169.722437][T10172] ? __might_fault+0xb0/0x130 [ 169.722470][T10172] ? rcu_is_watching+0x15/0xb0 [ 169.722492][T10172] should_fail_ex+0x414/0x560 [ 169.722521][T10172] _copy_from_user+0x2d/0xb0 [ 169.722546][T10172] ___sys_recvmsg+0x12e/0x510 [ 169.722573][T10172] ? __pfx____sys_recvmsg+0x10/0x10 [ 169.722598][T10172] ? __fget_files+0x2a/0x420 [ 169.722625][T10172] ? rcu_is_watching+0x15/0xb0 [ 169.722646][T10172] ? lock_release+0x4b/0x3e0 [ 169.722676][T10172] ? __might_fault+0xcc/0x130 [ 169.722706][T10172] do_recvmmsg+0x307/0x770 [ 169.722733][T10172] ? __pfx_do_recvmmsg+0x10/0x10 [ 169.722762][T10172] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 169.722791][T10172] __x64_sys_recvmmsg+0x190/0x240 [ 169.722817][T10172] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 169.722841][T10172] ? rcu_is_watching+0x15/0xb0 [ 169.722863][T10172] ? rcu_is_watching+0x15/0xb0 [ 169.722885][T10172] do_syscall_64+0xfa/0x3b0 [ 169.722905][T10172] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 169.722925][T10172] ? clear_bhb_loop+0x60/0xb0 [ 169.722949][T10172] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 169.722969][T10172] RIP: 0033:0x7f6b8d78ebe9 [ 169.722988][T10172] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 169.723007][T10172] RSP: 002b:00007f6b8b9f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 169.723030][T10172] RAX: ffffffffffffffda RBX: 00007f6b8d9b5fa0 RCX: 00007f6b8d78ebe9 [ 169.723046][T10172] RDX: 03ffffffffffff81 RSI: 0000200000000780 RDI: 0000000000000003 [ 169.723061][T10172] RBP: 00007f6b8b9f6090 R08: 0000000000000000 R09: 0000000000000000 [ 169.723075][T10172] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002 [ 169.723087][T10172] R13: 00007f6b8d9b6038 R14: 00007f6b8d9b5fa0 R15: 00007ffc5cb88178 [ 169.723111][T10172] [ 170.066694][T10178] 8021q: VLANs not supported on bond0 [ 170.220272][T10193] IPVS: set_ctl: invalid protocol: 135 172.20.20.187:20003 [ 170.484568][T10216] bridge4: entered promiscuous mode [ 170.698652][T10225] FAULT_INJECTION: forcing a failure. [ 170.698652][T10225] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 170.747325][T10225] CPU: 1 UID: 0 PID: 10225 Comm: syz.1.1425 Not tainted syzkaller #0 PREEMPT(full) [ 170.747358][T10225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 170.747372][T10225] Call Trace: [ 170.747380][T10225] [ 170.747389][T10225] dump_stack_lvl+0x189/0x250 [ 170.747420][T10225] ? __pfx____ratelimit+0x10/0x10 [ 170.747451][T10225] ? __pfx_dump_stack_lvl+0x10/0x10 [ 170.747485][T10225] ? __pfx__printk+0x10/0x10 [ 170.747512][T10225] ? __might_fault+0xb0/0x130 [ 170.747546][T10225] ? rcu_is_watching+0x15/0xb0 [ 170.747568][T10225] should_fail_ex+0x414/0x560 [ 170.747599][T10225] _copy_to_iter+0x3f5/0x16f0 [ 170.747626][T10225] ? __pfx__copy_to_iter+0x10/0x10 [ 170.747644][T10225] ? __skb_try_recv_from_queue+0x58f/0x730 [ 170.747673][T10225] ? __skb_try_recv_datagram+0x3da/0x4e0 [ 170.747702][T10225] __skb_datagram_iter+0xf8/0x990 [ 170.747727][T10225] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 170.747758][T10225] skb_copy_datagram_iter+0xc5/0x230 [ 170.747786][T10225] netlink_recvmsg+0x2ab/0xa30 [ 170.747811][T10225] ? __pfx_netlink_recvmsg+0x10/0x10 [ 170.747830][T10225] ? unwind_next_frame+0xa5/0x2390 [ 170.747856][T10225] ? unwind_next_frame+0xa5/0x2390 [ 170.747878][T10225] ? aa_sock_msg_perm+0xf1/0x1d0 [ 170.747898][T10225] ? bpf_lsm_socket_recvmsg+0x9/0x20 [ 170.747921][T10225] ? security_socket_recvmsg+0x7e/0x2e0 [ 170.747946][T10225] ? __pfx_netlink_recvmsg+0x10/0x10 [ 170.747966][T10225] sock_recvmsg_nosec+0x183/0x1c0 [ 170.747997][T10225] ____sys_recvmsg+0x3aa/0x460 [ 170.748025][T10225] ? __pfx_____sys_recvmsg+0x10/0x10 [ 170.748057][T10225] ? import_iovec+0x74/0xa0 [ 170.748082][T10225] ___sys_recvmsg+0x1b5/0x510 [ 170.748108][T10225] ? __pfx____sys_recvmsg+0x10/0x10 [ 170.748137][T10225] ? __fget_files+0x2a/0x420 [ 170.748164][T10225] ? rcu_is_watching+0x15/0xb0 [ 170.748183][T10225] ? lock_release+0x4b/0x3e0 [ 170.748213][T10225] ? __might_fault+0xcc/0x130 [ 170.748243][T10225] do_recvmmsg+0x307/0x770 [ 170.748270][T10225] ? __pfx_do_recvmmsg+0x10/0x10 [ 170.748298][T10225] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 170.748328][T10225] __x64_sys_recvmmsg+0x190/0x240 [ 170.748354][T10225] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 170.748377][T10225] ? rcu_is_watching+0x15/0xb0 [ 170.748399][T10225] ? rcu_is_watching+0x15/0xb0 [ 170.748420][T10225] do_syscall_64+0xfa/0x3b0 [ 170.748440][T10225] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 170.748467][T10225] ? clear_bhb_loop+0x60/0xb0 [ 170.748492][T10225] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 170.748512][T10225] RIP: 0033:0x7f6b8d78ebe9 [ 170.748531][T10225] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 170.748550][T10225] RSP: 002b:00007f6b8b9f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 170.748574][T10225] RAX: ffffffffffffffda RBX: 00007f6b8d9b5fa0 RCX: 00007f6b8d78ebe9 [ 170.748590][T10225] RDX: 0000000000000008 RSI: 0000200000002c00 RDI: 0000000000000003 [ 170.748603][T10225] RBP: 00007f6b8b9f6090 R08: 0000000000000000 R09: 0000000000000000 [ 170.748616][T10225] R10: 0000000040014002 R11: 0000000000000246 R12: 0000000000000002 [ 170.748629][T10225] R13: 00007f6b8d9b6038 R14: 00007f6b8d9b5fa0 R15: 00007ffc5cb88178 [ 170.748653][T10225] [ 171.250263][T10222] syzkaller0: entered promiscuous mode [ 171.256015][T10222] syzkaller0: entered allmulticast mode [ 171.274919][T10222] macsec1: entered promiscuous mode [ 171.280471][T10222] syz_tun: entered promiscuous mode [ 171.287410][T10222] syz_tun: left promiscuous mode [ 171.386367][T10263] FAULT_INJECTION: forcing a failure. [ 171.386367][T10263] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 171.405585][T10263] CPU: 1 UID: 0 PID: 10263 Comm: syz.0.1435 Not tainted syzkaller #0 PREEMPT(full) [ 171.405616][T10263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 171.405629][T10263] Call Trace: [ 171.405637][T10263] [ 171.405646][T10263] dump_stack_lvl+0x189/0x250 [ 171.405676][T10263] ? __pfx____ratelimit+0x10/0x10 [ 171.405708][T10263] ? __pfx_dump_stack_lvl+0x10/0x10 [ 171.405732][T10263] ? __pfx__printk+0x10/0x10 [ 171.405765][T10263] ? rcu_is_watching+0x15/0xb0 [ 171.405787][T10263] should_fail_ex+0x414/0x560 [ 171.405817][T10263] _copy_to_user+0x31/0xb0 [ 171.405842][T10263] simple_read_from_buffer+0xe1/0x170 [ 171.405877][T10263] proc_fail_nth_read+0x1b3/0x220 [ 171.405903][T10263] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 171.405927][T10263] ? rw_verify_area+0x2a6/0x4d0 [ 171.405954][T10263] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 171.405977][T10263] vfs_read+0x1fd/0xa30 [ 171.406003][T10263] ? fdget_pos+0x247/0x320 [ 171.406023][T10263] ? __pfx___mutex_lock+0x10/0x10 [ 171.406043][T10263] ? __pfx_vfs_read+0x10/0x10 [ 171.406074][T10263] ? __fget_files+0x3a0/0x420 [ 171.406091][T10263] ? __fget_files+0x2a/0x420 [ 171.406112][T10263] ksys_read+0x145/0x250 [ 171.406137][T10263] ? __pfx_ksys_read+0x10/0x10 [ 171.406162][T10263] ? rcu_is_watching+0x15/0xb0 [ 171.406185][T10263] ? rcu_is_watching+0x15/0xb0 [ 171.406207][T10263] do_syscall_64+0xfa/0x3b0 [ 171.406228][T10263] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 171.406249][T10263] ? clear_bhb_loop+0x60/0xb0 [ 171.406273][T10263] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 171.406293][T10263] RIP: 0033:0x7f914258d5fc [ 171.406311][T10263] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 171.406330][T10263] RSP: 002b:00007f91407ee030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 171.406354][T10263] RAX: ffffffffffffffda RBX: 00007f91427b5fa0 RCX: 00007f914258d5fc [ 171.406370][T10263] RDX: 000000000000000f RSI: 00007f91407ee0a0 RDI: 0000000000000006 [ 171.406383][T10263] RBP: 00007f91407ee090 R08: 0000000000000000 R09: 0000000000000000 [ 171.406396][T10263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 171.406409][T10263] R13: 00007f91427b6038 R14: 00007f91427b5fa0 R15: 00007ffeb5cf82c8 [ 171.406434][T10263] [ 171.849947][T10270] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 172.464691][T10311] FAULT_INJECTION: forcing a failure. [ 172.464691][T10311] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 172.485514][T10311] CPU: 1 UID: 0 PID: 10311 Comm: syz.4.1449 Not tainted syzkaller #0 PREEMPT(full) [ 172.485546][T10311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 172.485560][T10311] Call Trace: [ 172.485569][T10311] [ 172.485577][T10311] dump_stack_lvl+0x189/0x250 [ 172.485608][T10311] ? __pfx____ratelimit+0x10/0x10 [ 172.485640][T10311] ? __pfx_dump_stack_lvl+0x10/0x10 [ 172.485664][T10311] ? __pfx__printk+0x10/0x10 [ 172.485691][T10311] ? __might_fault+0xb0/0x130 [ 172.485724][T10311] ? rcu_is_watching+0x15/0xb0 [ 172.485755][T10311] should_fail_ex+0x414/0x560 [ 172.485784][T10311] _copy_from_user+0x2d/0xb0 [ 172.485809][T10311] ___sys_recvmsg+0x12e/0x510 [ 172.485836][T10311] ? __pfx____sys_recvmsg+0x10/0x10 [ 172.485862][T10311] ? __fget_files+0x2a/0x420 [ 172.485889][T10311] ? rcu_is_watching+0x15/0xb0 [ 172.485909][T10311] ? lock_release+0x4b/0x3e0 [ 172.485940][T10311] ? __might_fault+0xcc/0x130 [ 172.485971][T10311] do_recvmmsg+0x307/0x770 [ 172.485999][T10311] ? __pfx_do_recvmmsg+0x10/0x10 [ 172.486029][T10311] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 172.486059][T10311] __x64_sys_recvmmsg+0x190/0x240 [ 172.486084][T10311] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 172.486115][T10311] ? rcu_is_watching+0x15/0xb0 [ 172.486136][T10311] ? rcu_is_watching+0x15/0xb0 [ 172.486158][T10311] do_syscall_64+0xfa/0x3b0 [ 172.486177][T10311] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 172.486198][T10311] ? clear_bhb_loop+0x60/0xb0 [ 172.486222][T10311] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 172.486243][T10311] RIP: 0033:0x7f73cf58ebe9 [ 172.486262][T10311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 172.486281][T10311] RSP: 002b:00007f73d04a6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 172.486303][T10311] RAX: ffffffffffffffda RBX: 00007f73cf7b5fa0 RCX: 00007f73cf58ebe9 [ 172.486320][T10311] RDX: 03ffffffffffff81 RSI: 0000200000000780 RDI: 0000000000000003 [ 172.486334][T10311] RBP: 00007f73d04a6090 R08: 0000000000000000 R09: 0000000000000000 [ 172.486348][T10311] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002 [ 172.486361][T10311] R13: 00007f73cf7b6038 R14: 00007f73cf7b5fa0 R15: 00007ffc08275468 [ 172.486386][T10311] [ 172.779627][T10315] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1453'. [ 173.283052][T10342] FAULT_INJECTION: forcing a failure. [ 173.283052][T10342] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 173.304146][T10344] veth5: entered promiscuous mode [ 173.325332][T10342] CPU: 0 UID: 0 PID: 10342 Comm: syz.2.1465 Not tainted syzkaller #0 PREEMPT(full) [ 173.325365][T10342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 173.325380][T10342] Call Trace: [ 173.325388][T10342] [ 173.325398][T10342] dump_stack_lvl+0x189/0x250 [ 173.325428][T10342] ? __pfx____ratelimit+0x10/0x10 [ 173.325460][T10342] ? __pfx_dump_stack_lvl+0x10/0x10 [ 173.325485][T10342] ? __pfx__printk+0x10/0x10 [ 173.325512][T10342] ? __might_fault+0xb0/0x130 [ 173.325546][T10342] ? rcu_is_watching+0x15/0xb0 [ 173.325568][T10342] should_fail_ex+0x414/0x560 [ 173.325599][T10342] _copy_from_iter+0x1db/0x16f0 [ 173.325622][T10342] ? rcu_is_watching+0x15/0xb0 [ 173.325643][T10342] ? kmem_cache_alloc_node_noprof+0x217/0x3c0 [ 173.325672][T10342] ? __pfx__copy_from_iter+0x10/0x10 [ 173.325694][T10342] ? __build_skb_around+0x257/0x3e0 [ 173.325716][T10342] ? netlink_sendmsg+0x642/0xb30 [ 173.325740][T10342] ? skb_put+0x11b/0x210 [ 173.325762][T10342] netlink_sendmsg+0x6b2/0xb30 [ 173.325787][T10342] ? __pfx_netlink_sendmsg+0x10/0x10 [ 173.325807][T10342] ? aa_sock_msg_perm+0xf1/0x1d0 [ 173.325827][T10342] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 173.325850][T10342] ? __pfx_netlink_sendmsg+0x10/0x10 [ 173.325869][T10342] __sock_sendmsg+0x21c/0x270 [ 173.325900][T10342] ____sys_sendmsg+0x505/0x830 [ 173.325924][T10342] ? __pfx_____sys_sendmsg+0x10/0x10 [ 173.325951][T10342] ? import_iovec+0x74/0xa0 [ 173.325976][T10342] ___sys_sendmsg+0x21f/0x2a0 [ 173.325999][T10342] ? __pfx____sys_sendmsg+0x10/0x10 [ 173.326047][T10342] ? __fget_files+0x2a/0x420 [ 173.326065][T10342] ? __fget_files+0x3a0/0x420 [ 173.326088][T10342] __x64_sys_sendmsg+0x19b/0x260 [ 173.326113][T10342] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 173.326142][T10342] ? rcu_is_watching+0x15/0xb0 [ 173.326163][T10342] ? trace_sys_enter+0x25/0x100 [ 173.326196][T10342] do_syscall_64+0xfa/0x3b0 [ 173.326216][T10342] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 173.326236][T10342] ? clear_bhb_loop+0x60/0xb0 [ 173.326260][T10342] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 173.326280][T10342] RIP: 0033:0x7fba9d58ebe9 [ 173.326298][T10342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 173.326317][T10342] RSP: 002b:00007fba9e385038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 173.326340][T10342] RAX: ffffffffffffffda RBX: 00007fba9d7b5fa0 RCX: 00007fba9d58ebe9 [ 173.326356][T10342] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000a [ 173.326370][T10342] RBP: 00007fba9e385090 R08: 0000000000000000 R09: 0000000000000000 [ 173.326382][T10342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 173.326395][T10342] R13: 00007fba9d7b6038 R14: 00007fba9d7b5fa0 R15: 00007ffe3ee14f78 [ 173.326419][T10342] [ 174.052436][T10354] bridge2: entered promiscuous mode [ 174.218968][T10362] Unsupported ieee802154 address type: 0 [ 174.296634][T10369] netlink: 92 bytes leftover after parsing attributes in process `syz.0.1470'. [ 174.322020][T10369] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1470'. [ 174.331246][T10369] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1470'. [ 195.238724][ T55] block nbd0: Possible stuck request ffff888025120000: control (read@0,4096B). Runtime 90 seconds [ 196.678328][ T5863] Bluetooth: hci2: command 0x0406 tx timeout [ 196.680542][ T5869] Bluetooth: hci1: command 0x0406 tx timeout [ 196.690564][ T5874] Bluetooth: hci3: command 0x0406 tx timeout [ 196.691128][ T5869] Bluetooth: hci4: command 0x0401 tx timeout [ 199.720302][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 219.870249][T10373] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1477'. [ 219.878662][T10379] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1474'. [ 219.887424][T10381] netlink: 'syz.4.1478': attribute type 1 has an invalid length. [ 219.899734][T10378] (unnamed net_device) (uninitialized): option lacp_rate: invalid value (236) [ 219.961179][T10387] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1479'. [ 219.980054][T10381] 8021q: adding VLAN 0 to HW filter on device bond3 [ 220.181695][T10406] nft_compat: unsupported protocol 0 [ 220.897257][T10392] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 220.954609][T10427] veth0_to_bond: left allmulticast mode [ 220.967741][T10427] bridge1: left promiscuous mode [ 220.987624][T10427] bridge2: left promiscuous mode [ 220.993665][T10427] bridge4: left promiscuous mode [ 221.034698][T10432] netlink: 'syz.3.1490': attribute type 3 has an invalid length. [ 221.064738][T10432] netlink: 'syz.3.1490': attribute type 39 has an invalid length. [ 221.181341][T10442] netlink: 80 bytes leftover after parsing attributes in process `syz.0.1494'. [ 221.214668][T10442] bond0: (slave wlan1): Releasing backup interface [ 221.235526][T10443] bridge3: left promiscuous mode [ 221.366846][T10443] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1493'. [ 221.387648][T10442] 8021q: adding VLAN 0 to HW filter on device bond0 [ 221.422503][T10442] 8021q: adding VLAN 0 to HW filter on device team0 [ 221.456247][T10442] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 221.509949][T10443] hsr_slave_0: left promiscuous mode [ 221.517034][T10443] hsr_slave_1: left promiscuous mode [ 221.826736][T10460] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1498'. [ 221.874130][T10464] Bluetooth: MGMT ver 1.23 [ 221.884972][T10466] lo speed is unknown, defaulting to 1000 [ 221.893178][T10466] lo speed is unknown, defaulting to 1000 [ 221.900687][T10466] lo speed is unknown, defaulting to 1000 [ 221.909900][T10466] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 221.923590][T10466] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 221.945503][T10467] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1500'. [ 221.957127][T10466] lo speed is unknown, defaulting to 1000 [ 221.964818][T10467] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1500'. [ 221.974490][T10466] lo speed is unknown, defaulting to 1000 [ 222.005142][T10466] lo speed is unknown, defaulting to 1000 [ 222.015799][T10466] lo speed is unknown, defaulting to 1000 [ 222.024332][T10466] lo speed is unknown, defaulting to 1000 [ 222.080526][T10466] tipc: Started in network mode [ 222.085650][T10466] tipc: Node identity a622fea31057, cluster identity 4711 [ 222.096626][T10466] tipc: Enabled bearer , priority 0 [ 222.113398][T10466] veth0_to_bridge: entered promiscuous mode [ 222.119863][T10466] veth0_to_bridge: entered allmulticast mode [ 222.137558][T10465] tipc: Disabling bearer [ 222.172055][T10472] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 222.274893][T10477] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1504'. [ 222.659290][T10498] 8021q: adding VLAN 0 to HW filter on device bond1 [ 222.671402][T10498] bond1 (unregistering): Released all slaves [ 223.073667][T10527] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1524'. [ 223.463018][T10549] 8021q: adding VLAN 0 to HW filter on device bond3 [ 223.473530][T10549] bond3 (unregistering): Released all slaves [ 223.786809][T10571] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 224.167579][T10591] sch_fq: defrate 2 ignored. [ 224.246407][T10548] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 224.601480][T10611] lo speed is unknown, defaulting to 1000 [ 224.607668][T10611] lo speed is unknown, defaulting to 1000 [ 224.615883][T10611] lo speed is unknown, defaulting to 1000 [ 224.655807][T10611] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 224.699309][T10611] lo speed is unknown, defaulting to 1000 [ 224.708902][T10615] tipc: Started in network mode [ 224.713829][T10615] tipc: Node identity 4202499be023, cluster identity 4711 [ 224.722538][T10615] tipc: Enabled bearer , priority 0 [ 224.731028][T10611] lo speed is unknown, defaulting to 1000 [ 224.737856][T10611] lo speed is unknown, defaulting to 1000 [ 224.760849][T10615] veth0_to_bridge: entered promiscuous mode [ 224.799499][T10615] veth0_to_bridge: entered allmulticast mode [ 224.816679][T10611] lo speed is unknown, defaulting to 1000 [ 224.833468][T10611] lo speed is unknown, defaulting to 1000 [ 224.871879][T10610] tipc: Disabling bearer [ 224.941787][T10626] bridge3: entered promiscuous mode [ 225.096527][T10633] veth3: entered promiscuous mode [ 225.324542][ T55] block nbd0: Possible stuck request ffff888025120000: control (read@0,4096B). Runtime 120 seconds [ 225.356209][T10648] FAULT_INJECTION: forcing a failure. [ 225.356209][T10648] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 225.402153][T10648] CPU: 1 UID: 0 PID: 10648 Comm: syz.1.1556 Not tainted syzkaller #0 PREEMPT(full) [ 225.402184][T10648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 225.402196][T10648] Call Trace: [ 225.402204][T10648] [ 225.402213][T10648] dump_stack_lvl+0x189/0x250 [ 225.402242][T10648] ? __pfx____ratelimit+0x10/0x10 [ 225.402274][T10648] ? __pfx_dump_stack_lvl+0x10/0x10 [ 225.402299][T10648] ? __pfx__printk+0x10/0x10 [ 225.402326][T10648] ? __might_fault+0xb0/0x130 [ 225.402359][T10648] ? rcu_is_watching+0x15/0xb0 [ 225.402382][T10648] should_fail_ex+0x414/0x560 [ 225.402414][T10648] _copy_from_user+0x2d/0xb0 [ 225.402440][T10648] ___sys_recvmsg+0x12e/0x510 [ 225.402469][T10648] ? __pfx____sys_recvmsg+0x10/0x10 [ 225.402495][T10648] ? __fget_files+0x2a/0x420 [ 225.402524][T10648] ? rcu_is_watching+0x15/0xb0 [ 225.402545][T10648] ? lock_release+0x4b/0x3e0 [ 225.402578][T10648] ? __might_fault+0xcc/0x130 [ 225.402609][T10648] do_recvmmsg+0x307/0x770 [ 225.402638][T10648] ? __pfx_do_recvmmsg+0x10/0x10 [ 225.402668][T10648] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 225.402700][T10648] __x64_sys_recvmmsg+0x190/0x240 [ 225.402726][T10648] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 225.402751][T10648] ? rcu_is_watching+0x15/0xb0 [ 225.402783][T10648] ? rcu_is_watching+0x15/0xb0 [ 225.402806][T10648] do_syscall_64+0xfa/0x3b0 [ 225.402827][T10648] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 225.402849][T10648] ? clear_bhb_loop+0x60/0xb0 [ 225.402887][T10648] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 225.402909][T10648] RIP: 0033:0x7f6b8d78ebe9 [ 225.402928][T10648] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 225.402948][T10648] RSP: 002b:00007f6b8b9f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 225.402971][T10648] RAX: ffffffffffffffda RBX: 00007f6b8d9b5fa0 RCX: 00007f6b8d78ebe9 [ 225.402987][T10648] RDX: 03ffffffffffff81 RSI: 0000200000000780 RDI: 0000000000000003 [ 225.403003][T10648] RBP: 00007f6b8b9f6090 R08: 0000000000000000 R09: 0000000000000000 [ 225.403016][T10648] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002 [ 225.403029][T10648] R13: 00007f6b8d9b6038 R14: 00007f6b8d9b5fa0 R15: 00007ffc5cb88178 [ 225.403053][T10648] [ 225.990873][T10671] __nla_validate_parse: 6 callbacks suppressed [ 225.990893][T10671] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1565'. [ 226.023938][T10669] tap0: tun_chr_ioctl cmd 1074025677 [ 226.052479][T10669] tap0: linktype set to 0 [ 226.074757][T10674] bridge3: entered promiscuous mode [ 226.234930][T10686] netlink: 'syz.1.1568': attribute type 9 has an invalid length. [ 226.255932][T10686] netlink: 212160 bytes leftover after parsing attributes in process `syz.1.1568'. [ 226.406101][T10697] netlink: 84 bytes leftover after parsing attributes in process `syz.2.1573'. [ 226.444400][T10697] openvswitch: netlink: Missing key (keys=40, expected=2000) [ 226.453318][T10697] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1573'. [ 226.673849][T10721] netlink: 'syz.2.1584': attribute type 1 has an invalid length. [ 226.689921][T10720] netlink: 'syz.2.1584': attribute type 1 has an invalid length. [ 226.725539][T10727] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1584'. [ 226.805603][T10727] bond1: (slave gretap1): making interface the new active one [ 226.824657][T10727] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 226.977783][T10746] bridge5: entered promiscuous mode [ 226.983559][T10743] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 227.021995][T10733] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1587'. [ 227.271119][T10761] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1597'. [ 227.592701][T10783] netlink: 'syz.0.1605': attribute type 2 has an invalid length. [ 227.603055][T10783] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1605'. [ 227.748652][T10792] bridge4: entered promiscuous mode [ 227.831384][T10798] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1610'. [ 227.860592][T10799] FAULT_INJECTION: forcing a failure. [ 227.860592][T10799] name failslab, interval 1, probability 0, space 0, times 0 [ 227.882935][T10799] CPU: 0 UID: 0 PID: 10799 Comm: syz.0.1611 Not tainted syzkaller #0 PREEMPT(full) [ 227.882967][T10799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 227.882982][T10799] Call Trace: [ 227.882990][T10799] [ 227.882998][T10799] dump_stack_lvl+0x189/0x250 [ 227.883030][T10799] ? __pfx____ratelimit+0x10/0x10 [ 227.883062][T10799] ? __pfx_dump_stack_lvl+0x10/0x10 [ 227.883087][T10799] ? __pfx__printk+0x10/0x10 [ 227.883119][T10799] ? __pfx___might_resched+0x10/0x10 [ 227.883139][T10799] ? lock_acquire+0x5f/0x360 [ 227.883171][T10799] should_fail_ex+0x414/0x560 [ 227.883201][T10799] should_failslab+0xa8/0x100 [ 227.883233][T10799] __kmalloc_cache_noprof+0x70/0x3d0 [ 227.883261][T10799] ? netlink_policy_dump_add_policy+0xc5/0x510 [ 227.883291][T10799] netlink_policy_dump_add_policy+0xc5/0x510 [ 227.883319][T10799] ? ctrl_dumppolicy_start+0x487/0x9f0 [ 227.883346][T10799] ctrl_dumppolicy_start+0x5c0/0x9f0 [ 227.883372][T10799] ? __mutex_lock+0x335/0x1350 [ 227.883391][T10799] ? __pfx_ctrl_dumppolicy_start+0x10/0x10 [ 227.883417][T10799] ? __pfx_devlink_nl_pre_doit+0x10/0x10 [ 227.883441][T10799] ? __pfx_devlink_nl_get_doit+0x10/0x10 [ 227.883465][T10799] ? __pfx_devlink_nl_post_doit+0x10/0x10 [ 227.883491][T10799] ? __pfx_devlink_nl_get_dumpit+0x10/0x10 [ 227.883521][T10799] ? __pfx___mutex_lock+0x10/0x10 [ 227.883544][T10799] ? __kasan_kmalloc+0x93/0xb0 [ 227.883577][T10799] genl_start+0x4c0/0x6c0 [ 227.883605][T10799] __netlink_dump_start+0x466/0x7e0 [ 227.883642][T10799] genl_family_rcv_msg_dumpit+0x1e7/0x2c0 [ 227.883670][T10799] ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10 [ 227.883695][T10799] ? genl_get_cmd+0x496/0x910 [ 227.883722][T10799] ? __pfx_genl_start+0x10/0x10 [ 227.883756][T10799] ? __pfx_genl_dumpit+0x10/0x10 [ 227.883779][T10799] ? __pfx_genl_done+0x10/0x10 [ 227.883807][T10799] ? stack_trace_save+0x9c/0xe0 [ 227.883835][T10799] genl_rcv_msg+0x5da/0x790 [ 227.883863][T10799] ? __pfx_genl_rcv_msg+0x10/0x10 [ 227.883886][T10799] ? __kasan_slab_alloc+0x6c/0x80 [ 227.883912][T10799] ? __pfx_ctrl_dumppolicy_start+0x10/0x10 [ 227.883936][T10799] ? __pfx_ctrl_dumppolicy+0x10/0x10 [ 227.883958][T10799] ? __pfx_ctrl_dumppolicy_done+0x10/0x10 [ 227.883982][T10799] ? __netlink_lookup+0xbd/0x810 [ 227.884002][T10799] ? rcu_is_watching+0x15/0xb0 [ 227.884028][T10799] netlink_rcv_skb+0x208/0x470 [ 227.884061][T10799] ? __pfx_genl_rcv_msg+0x10/0x10 [ 227.884086][T10799] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 227.884123][T10799] ? lock_release+0x4b/0x3e0 [ 227.884156][T10799] ? down_read+0x1ad/0x2e0 [ 227.884178][T10799] genl_rcv+0x28/0x40 [ 227.884201][T10799] netlink_unicast+0x82f/0x9e0 [ 227.884235][T10799] ? __pfx_netlink_unicast+0x10/0x10 [ 227.884264][T10799] ? netlink_sendmsg+0x642/0xb30 [ 227.884282][T10799] ? skb_put+0x11b/0x210 [ 227.884304][T10799] netlink_sendmsg+0x805/0xb30 [ 227.884329][T10799] ? __pfx_netlink_sendmsg+0x10/0x10 [ 227.884349][T10799] ? aa_sock_msg_perm+0xf1/0x1d0 [ 227.884370][T10799] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 227.884392][T10799] ? __pfx_netlink_sendmsg+0x10/0x10 [ 227.884411][T10799] __sock_sendmsg+0x21c/0x270 [ 227.884440][T10799] ____sys_sendmsg+0x505/0x830 [ 227.884466][T10799] ? __pfx_____sys_sendmsg+0x10/0x10 [ 227.884493][T10799] ? import_iovec+0x74/0xa0 [ 227.884518][T10799] ___sys_sendmsg+0x21f/0x2a0 [ 227.884541][T10799] ? __pfx____sys_sendmsg+0x10/0x10 [ 227.884584][T10799] ? __fget_files+0x2a/0x420 [ 227.884601][T10799] ? __fget_files+0x3a0/0x420 [ 227.884625][T10799] __x64_sys_sendmsg+0x19b/0x260 [ 227.884649][T10799] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 227.884678][T10799] ? rcu_is_watching+0x15/0xb0 [ 227.884699][T10799] ? trace_sys_enter+0x25/0x100 [ 227.884740][T10799] do_syscall_64+0xfa/0x3b0 [ 227.884760][T10799] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 227.884781][T10799] ? clear_bhb_loop+0x60/0xb0 [ 227.884804][T10799] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 227.884825][T10799] RIP: 0033:0x7f914258ebe9 [ 227.884843][T10799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 227.884863][T10799] RSP: 002b:00007f91407ee038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 227.884886][T10799] RAX: ffffffffffffffda RBX: 00007f91427b5fa0 RCX: 00007f914258ebe9 [ 227.884902][T10799] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000a [ 227.884916][T10799] RBP: 00007f91407ee090 R08: 0000000000000000 R09: 0000000000000000 [ 227.884930][T10799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 227.884943][T10799] R13: 00007f91427b6038 R14: 00007f91427b5fa0 R15: 00007ffeb5cf82c8 [ 227.884968][T10799] [ 228.561836][T10818] openvswitch: netlink: Unexpected mask (mask=1040, allowed=10048) [ 228.571524][T10821] netlink: 248 bytes leftover after parsing attributes in process `syz.0.1619'. [ 229.060229][T10849] netlink: 'syz.2.1629': attribute type 1 has an invalid length. [ 229.075919][T10851] bridge4: entered promiscuous mode [ 229.211722][T10857] ICMPv6: Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc. [ 229.453394][T10884] FAULT_INJECTION: forcing a failure. [ 229.453394][T10884] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 229.468318][T10884] CPU: 0 UID: 0 PID: 10884 Comm: syz.1.1639 Not tainted syzkaller #0 PREEMPT(full) [ 229.468350][T10884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 229.468364][T10884] Call Trace: [ 229.468373][T10884] [ 229.468382][T10884] dump_stack_lvl+0x189/0x250 [ 229.468413][T10884] ? __pfx____ratelimit+0x10/0x10 [ 229.468445][T10884] ? __pfx_dump_stack_lvl+0x10/0x10 [ 229.468470][T10884] ? __pfx__printk+0x10/0x10 [ 229.468497][T10884] ? __might_fault+0xb0/0x130 [ 229.468532][T10884] ? rcu_is_watching+0x15/0xb0 [ 229.468555][T10884] should_fail_ex+0x414/0x560 [ 229.468585][T10884] _copy_from_user+0x2d/0xb0 [ 229.468619][T10884] ___sys_recvmsg+0x12e/0x510 [ 229.468647][T10884] ? __pfx____sys_recvmsg+0x10/0x10 [ 229.468674][T10884] ? __fget_files+0x2a/0x420 [ 229.468702][T10884] ? rcu_is_watching+0x15/0xb0 [ 229.468723][T10884] ? lock_release+0x4b/0x3e0 [ 229.468754][T10884] ? __might_fault+0xcc/0x130 [ 229.468784][T10884] do_recvmmsg+0x307/0x770 [ 229.468812][T10884] ? __pfx_do_recvmmsg+0x10/0x10 [ 229.468843][T10884] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 229.468874][T10884] __x64_sys_recvmmsg+0x190/0x240 [ 229.468901][T10884] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 229.468924][T10884] ? rcu_is_watching+0x15/0xb0 [ 229.468947][T10884] ? rcu_is_watching+0x15/0xb0 [ 229.468968][T10884] do_syscall_64+0xfa/0x3b0 [ 229.468988][T10884] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 229.469009][T10884] ? clear_bhb_loop+0x60/0xb0 [ 229.469033][T10884] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 229.469053][T10884] RIP: 0033:0x7f6b8d78ebe9 [ 229.469072][T10884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 229.469091][T10884] RSP: 002b:00007f6b8b9f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 229.469114][T10884] RAX: ffffffffffffffda RBX: 00007f6b8d9b5fa0 RCX: 00007f6b8d78ebe9 [ 229.469130][T10884] RDX: 03ffffffffffff81 RSI: 0000200000000780 RDI: 0000000000000003 [ 229.469145][T10884] RBP: 00007f6b8b9f6090 R08: 0000000000000000 R09: 0000000000000000 [ 229.469159][T10884] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002 [ 229.469171][T10884] R13: 00007f6b8d9b6038 R14: 00007f6b8d9b5fa0 R15: 00007ffc5cb88178 [ 229.469195][T10884] [ 229.902278][T10896] bridge5: entered promiscuous mode [ 229.997665][T10894] netlink: 'syz.1.1644': attribute type 2 has an invalid length. [ 230.192119][T10911] netlink: 'syz.1.1649': attribute type 1 has an invalid length. [ 230.201623][T10911] netlink: 'syz.1.1649': attribute type 1 has an invalid length. [ 230.337114][T10904] 8021q: adding VLAN 0 to HW filter on device bond1 [ 230.354112][T10904] bond1 (unregistering): Released all slaves [ 230.509494][T10935] FAULT_INJECTION: forcing a failure. [ 230.509494][T10935] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 230.534118][T10935] CPU: 0 UID: 0 PID: 10935 Comm: syz.0.1656 Not tainted syzkaller #0 PREEMPT(full) [ 230.534148][T10935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 230.534162][T10935] Call Trace: [ 230.534170][T10935] [ 230.534179][T10935] dump_stack_lvl+0x189/0x250 [ 230.534209][T10935] ? __pfx____ratelimit+0x10/0x10 [ 230.534241][T10935] ? __pfx_dump_stack_lvl+0x10/0x10 [ 230.534265][T10935] ? __pfx__printk+0x10/0x10 [ 230.534292][T10935] ? __might_fault+0xb0/0x130 [ 230.534326][T10935] ? rcu_is_watching+0x15/0xb0 [ 230.534348][T10935] should_fail_ex+0x414/0x560 [ 230.534379][T10935] _copy_from_user+0x2d/0xb0 [ 230.534403][T10935] ___sys_recvmsg+0x12e/0x510 [ 230.534431][T10935] ? __pfx____sys_recvmsg+0x10/0x10 [ 230.534457][T10935] ? __fget_files+0x2a/0x420 [ 230.534498][T10935] ? rcu_is_watching+0x15/0xb0 [ 230.534518][T10935] ? lock_release+0x4b/0x3e0 [ 230.534549][T10935] ? __might_fault+0xcc/0x130 [ 230.534579][T10935] do_recvmmsg+0x307/0x770 [ 230.534607][T10935] ? __pfx_do_recvmmsg+0x10/0x10 [ 230.534637][T10935] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 230.534668][T10935] __x64_sys_recvmmsg+0x190/0x240 [ 230.534693][T10935] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 230.534716][T10935] ? rcu_is_watching+0x15/0xb0 [ 230.534739][T10935] ? rcu_is_watching+0x15/0xb0 [ 230.534761][T10935] do_syscall_64+0xfa/0x3b0 [ 230.534782][T10935] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 230.534803][T10935] ? clear_bhb_loop+0x60/0xb0 [ 230.534826][T10935] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 230.534847][T10935] RIP: 0033:0x7f914258ebe9 [ 230.534864][T10935] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 230.534883][T10935] RSP: 002b:00007f91407ee038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 230.534907][T10935] RAX: ffffffffffffffda RBX: 00007f91427b5fa0 RCX: 00007f914258ebe9 [ 230.534923][T10935] RDX: 03ffffffffffff81 RSI: 0000200000000780 RDI: 0000000000000003 [ 230.534937][T10935] RBP: 00007f91407ee090 R08: 0000000000000000 R09: 0000000000000000 [ 230.534951][T10935] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002 [ 230.534963][T10935] R13: 00007f91427b6038 R14: 00007f91427b5fa0 R15: 00007ffeb5cf82c8 [ 230.534987][T10935] [ 230.885990][T10948] netlink: 'syz.2.1660': attribute type 2 has an invalid length. [ 230.949051][T10957] netlink: 'syz.0.1663': attribute type 1 has an invalid length. [ 230.989336][T10957] 8021q: adding VLAN 0 to HW filter on device bond3 [ 231.040437][T10957] 8021q: adding VLAN 0 to HW filter on device bond3 [ 231.047584][T10957] bond3: (slave vxcan3): The slave device specified does not support setting the MAC address [ 231.079952][T10957] bond3: (slave vxcan3): Error -95 calling set_mac_address [ 231.091027][T10972] netlink: zone id is out of range [ 231.096428][T10972] netlink: zone id is out of range [ 231.102085][T10972] netlink: zone id is out of range [ 231.117751][T10972] netlink: zone id is out of range [ 231.138194][T10972] netlink: zone id is out of range [ 231.158810][T10972] netlink: zone id is out of range [ 231.163977][T10972] netlink: zone id is out of range [ 231.200653][T10972] netlink: zone id is out of range [ 231.237726][T10969] veth5: entered promiscuous mode [ 231.265932][T10963] bond0: entered promiscuous mode [ 231.270873][T10990] netlink: 'syz.3.1674': attribute type 1 has an invalid length. [ 231.285749][T10963] bond_slave_0: entered promiscuous mode [ 231.291784][T10963] bond_slave_1: entered promiscuous mode [ 231.297897][T10963] batadv0: entered promiscuous mode [ 231.304948][T10963] bond0: left promiscuous mode [ 231.309986][T10963] bond_slave_0: left promiscuous mode [ 231.315562][T10963] bond_slave_1: left promiscuous mode [ 231.321228][T10963] batadv0: left promiscuous mode [ 231.342901][T10985] __nla_validate_parse: 6 callbacks suppressed [ 231.342924][T10985] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1672'. [ 231.390997][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 231.407015][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 231.511684][T11005] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 231.573853][T10999] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1675'. [ 231.765131][T11020] bridge4: entered promiscuous mode [ 231.885568][T11028] FAULT_INJECTION: forcing a failure. [ 231.885568][T11028] name failslab, interval 1, probability 0, space 0, times 0 [ 231.902464][T11028] CPU: 1 UID: 0 PID: 11028 Comm: syz.3.1687 Not tainted syzkaller #0 PREEMPT(full) [ 231.902497][T11028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 231.902509][T11028] Call Trace: [ 231.902518][T11028] [ 231.902526][T11028] dump_stack_lvl+0x189/0x250 [ 231.902554][T11028] ? __pfx____ratelimit+0x10/0x10 [ 231.902576][T11028] ? __pfx_dump_stack_lvl+0x10/0x10 [ 231.902593][T11028] ? __pfx__printk+0x10/0x10 [ 231.902623][T11028] ? __pfx___might_resched+0x10/0x10 [ 231.902637][T11028] ? lock_acquire+0x5f/0x360 [ 231.902660][T11028] should_fail_ex+0x414/0x560 [ 231.902682][T11028] should_failslab+0xa8/0x100 [ 231.902705][T11028] __kmalloc_node_track_caller_noprof+0xcc/0x4e0 [ 231.902727][T11028] ? add_policy+0x35e/0x6d0 [ 231.902747][T11028] ? add_policy+0x35e/0x6d0 [ 231.902763][T11028] krealloc_noprof+0x124/0x340 [ 231.902785][T11028] add_policy+0x35e/0x6d0 [ 231.902806][T11028] netlink_policy_dump_add_policy+0x72/0x510 [ 231.902829][T11028] ctrl_dumppolicy_start+0x5c0/0x9f0 [ 231.902853][T11028] ? __mutex_lock+0x335/0x1350 [ 231.902866][T11028] ? __pfx_ctrl_dumppolicy_start+0x10/0x10 [ 231.902884][T11028] ? __pfx_devlink_nl_pre_doit_port_optional+0x10/0x10 [ 231.902902][T11028] ? __pfx_devlink_nl_health_reporter_test_doit+0x10/0x10 [ 231.902920][T11028] ? __pfx_devlink_nl_post_doit+0x10/0x10 [ 231.902944][T11028] ? __pfx___mutex_lock+0x10/0x10 [ 231.902961][T11028] ? __kasan_kmalloc+0x93/0xb0 [ 231.902985][T11028] genl_start+0x4c0/0x6c0 [ 231.903006][T11028] __netlink_dump_start+0x466/0x7e0 [ 231.903032][T11028] genl_family_rcv_msg_dumpit+0x1e7/0x2c0 [ 231.903052][T11028] ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10 [ 231.903070][T11028] ? genl_get_cmd+0x496/0x910 [ 231.903088][T11028] ? __pfx_genl_start+0x10/0x10 [ 231.903104][T11028] ? __pfx_genl_dumpit+0x10/0x10 [ 231.903120][T11028] ? __pfx_genl_done+0x10/0x10 [ 231.903139][T11028] ? stack_trace_save+0x9c/0xe0 [ 231.903160][T11028] genl_rcv_msg+0x5da/0x790 [ 231.903180][T11028] ? __pfx_genl_rcv_msg+0x10/0x10 [ 231.903196][T11028] ? __kasan_slab_alloc+0x6c/0x80 [ 231.903214][T11028] ? __pfx_ctrl_dumppolicy_start+0x10/0x10 [ 231.903230][T11028] ? __pfx_ctrl_dumppolicy+0x10/0x10 [ 231.903246][T11028] ? __pfx_ctrl_dumppolicy_done+0x10/0x10 [ 231.903263][T11028] ? __netlink_lookup+0xbd/0x810 [ 231.903276][T11028] ? rcu_is_watching+0x15/0xb0 [ 231.903294][T11028] netlink_rcv_skb+0x208/0x470 [ 231.903317][T11028] ? __pfx_genl_rcv_msg+0x10/0x10 [ 231.903335][T11028] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 231.903372][T11028] ? lock_release+0x4b/0x3e0 [ 231.903404][T11028] ? down_read+0x1ad/0x2e0 [ 231.903426][T11028] genl_rcv+0x28/0x40 [ 231.903449][T11028] netlink_unicast+0x82f/0x9e0 [ 231.903483][T11028] ? __pfx_netlink_unicast+0x10/0x10 [ 231.903516][T11028] ? netlink_sendmsg+0x642/0xb30 [ 231.903528][T11028] ? skb_put+0x11b/0x210 [ 231.903543][T11028] netlink_sendmsg+0x805/0xb30 [ 231.903561][T11028] ? __pfx_netlink_sendmsg+0x10/0x10 [ 231.903583][T11028] ? aa_sock_msg_perm+0xf1/0x1d0 [ 231.903597][T11028] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 231.903619][T11028] ? __pfx_netlink_sendmsg+0x10/0x10 [ 231.903633][T11028] __sock_sendmsg+0x21c/0x270 [ 231.903660][T11028] ____sys_sendmsg+0x505/0x830 [ 231.903677][T11028] ? __pfx_____sys_sendmsg+0x10/0x10 [ 231.903699][T11028] ? import_iovec+0x74/0xa0 [ 231.903717][T11028] ___sys_sendmsg+0x21f/0x2a0 [ 231.903733][T11028] ? __pfx____sys_sendmsg+0x10/0x10 [ 231.903763][T11028] ? __fget_files+0x2a/0x420 [ 231.903776][T11028] ? __fget_files+0x3a0/0x420 [ 231.903792][T11028] __x64_sys_sendmsg+0x19b/0x260 [ 231.903808][T11028] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 231.903831][T11028] ? rcu_is_watching+0x15/0xb0 [ 231.903846][T11028] ? trace_sys_enter+0x25/0x100 [ 231.903871][T11028] do_syscall_64+0xfa/0x3b0 [ 231.903885][T11028] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 231.903900][T11028] ? clear_bhb_loop+0x60/0xb0 [ 231.903916][T11028] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 231.903931][T11028] RIP: 0033:0x7f7c3338ebe9 [ 231.903944][T11028] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 231.903957][T11028] RSP: 002b:00007f7c34112038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 231.903974][T11028] RAX: ffffffffffffffda RBX: 00007f7c335b5fa0 RCX: 00007f7c3338ebe9 [ 231.903985][T11028] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000a [ 231.903995][T11028] RBP: 00007f7c34112090 R08: 0000000000000000 R09: 0000000000000000 [ 231.904004][T11028] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 231.904013][T11028] R13: 00007f7c335b6038 R14: 00007f7c335b5fa0 R15: 00007fff9d6cfca8 [ 231.904031][T11028] [ 232.679949][T11059] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1696'. [ 232.771866][T11065] FAULT_INJECTION: forcing a failure. [ 232.771866][T11065] name failslab, interval 1, probability 0, space 0, times 0 [ 232.817381][T11065] CPU: 0 UID: 0 PID: 11065 Comm: syz.4.1698 Not tainted syzkaller #0 PREEMPT(full) [ 232.817411][T11065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 232.817424][T11065] Call Trace: [ 232.817433][T11065] [ 232.817442][T11065] dump_stack_lvl+0x189/0x250 [ 232.817471][T11065] ? __pfx____ratelimit+0x10/0x10 [ 232.817503][T11065] ? __pfx_dump_stack_lvl+0x10/0x10 [ 232.817528][T11065] ? __pfx__printk+0x10/0x10 [ 232.817557][T11065] ? fs_reclaim_acquire+0x7d/0x100 [ 232.817589][T11065] ? rcu_is_watching+0x15/0xb0 [ 232.817609][T11065] ? __pfx___might_resched+0x10/0x10 [ 232.817628][T11065] ? lock_acquire+0x5f/0x360 [ 232.817659][T11065] should_fail_ex+0x414/0x560 [ 232.817689][T11065] should_failslab+0xa8/0x100 [ 232.817720][T11065] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 232.817748][T11065] ? __alloc_skb+0x112/0x2d0 [ 232.817767][T11065] __alloc_skb+0x112/0x2d0 [ 232.817787][T11065] netlink_sendmsg+0x5c6/0xb30 [ 232.817811][T11065] ? __pfx_netlink_sendmsg+0x10/0x10 [ 232.817831][T11065] ? aa_sock_msg_perm+0xf1/0x1d0 [ 232.817851][T11065] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 232.817873][T11065] ? __pfx_netlink_sendmsg+0x10/0x10 [ 232.817892][T11065] __sock_sendmsg+0x21c/0x270 [ 232.817921][T11065] ____sys_sendmsg+0x505/0x830 [ 232.817946][T11065] ? __pfx_____sys_sendmsg+0x10/0x10 [ 232.817972][T11065] ? import_iovec+0x74/0xa0 [ 232.817997][T11065] ___sys_sendmsg+0x21f/0x2a0 [ 232.818034][T11065] ? __pfx____sys_sendmsg+0x10/0x10 [ 232.818074][T11065] ? __fget_files+0x2a/0x420 [ 232.818092][T11065] ? __fget_files+0x3a0/0x420 [ 232.818118][T11065] __x64_sys_sendmsg+0x19b/0x260 [ 232.818141][T11065] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 232.818169][T11065] ? __pfx_ksys_write+0x10/0x10 [ 232.818195][T11065] ? rcu_is_watching+0x15/0xb0 [ 232.818224][T11065] ? rcu_is_watching+0x15/0xb0 [ 232.818245][T11065] do_syscall_64+0xfa/0x3b0 [ 232.818266][T11065] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 232.818287][T11065] ? clear_bhb_loop+0x60/0xb0 [ 232.818322][T11065] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 232.818341][T11065] RIP: 0033:0x7f73cf58ebe9 [ 232.818359][T11065] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 232.818378][T11065] RSP: 002b:00007f73d04a6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 232.818401][T11065] RAX: ffffffffffffffda RBX: 00007f73cf7b5fa0 RCX: 00007f73cf58ebe9 [ 232.818415][T11065] RDX: 0000000004000000 RSI: 00002000000020c0 RDI: 0000000000000005 [ 232.818427][T11065] RBP: 00007f73d04a6090 R08: 0000000000000000 R09: 0000000000000000 [ 232.818440][T11065] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 232.818452][T11065] R13: 00007f73cf7b6038 R14: 00007f73cf7b5fa0 R15: 00007ffc08275468 [ 232.818474][T11065] [ 233.191845][T11067] lo speed is unknown, defaulting to 1000 [ 233.277407][T11078] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 233.456359][T11092] sysfs: cannot create duplicate filename '/class/ieee80211/!å' [ 233.464466][T11092] CPU: 0 UID: 0 PID: 11092 Comm: syz.1.1706 Not tainted syzkaller #0 PREEMPT(full) [ 233.464502][T11092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 233.464516][T11092] Call Trace: [ 233.464524][T11092] [ 233.464533][T11092] dump_stack_lvl+0x189/0x250 [ 233.464563][T11092] ? __pfx_dump_stack_lvl+0x10/0x10 [ 233.464587][T11092] ? __pfx__printk+0x10/0x10 [ 233.464613][T11092] ? kernfs_root+0x1c/0x230 [ 233.464638][T11092] ? kernfs_path_from_node+0x2f/0x290 [ 233.464661][T11092] ? kernfs_path_from_node+0x250/0x290 [ 233.464682][T11092] ? kernfs_path_from_node+0x2f/0x290 [ 233.464706][T11092] sysfs_warn_dup+0x8e/0xa0 [ 233.464726][T11092] sysfs_do_create_link_sd+0xc0/0x110 [ 233.464750][T11092] device_add_class_symlinks+0x1cf/0x240 [ 233.464774][T11092] device_add+0x475/0xb50 [ 233.464797][T11092] wiphy_register+0x1ba6/0x28d0 [ 233.464838][T11092] ? __pfx_wiphy_register+0x10/0x10 [ 233.464868][T11092] ? minstrel_ht_alloc+0x6dd/0x7e0 [ 233.464897][T11092] ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0 [ 233.464924][T11092] ieee80211_register_hw+0x3425/0x4080 [ 233.464958][T11092] ? ieee80211_register_hw+0x1481/0x4080 [ 233.464988][T11092] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 233.465015][T11092] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 233.465050][T11092] ? __hrtimer_setup+0x187/0x210 [ 233.465069][T11092] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 233.465102][T11092] mac80211_hwsim_new_radio+0x2f0e/0x5340 [ 233.465146][T11092] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 233.465172][T11092] ? trace_kmalloc+0x1f/0xd0 [ 233.465198][T11092] ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0 [ 233.465227][T11092] ? kstrndup+0xbf/0x160 [ 233.465291][T11092] hwsim_new_radio_nl+0xea4/0x1b10 [ 233.465321][T11092] ? __pfx___nla_validate_parse+0x10/0x10 [ 233.465361][T11092] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 233.465396][T11092] ? __nla_parse+0x40/0x60 [ 233.465446][T11092] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 233.465484][T11092] genl_family_rcv_msg_doit+0x212/0x300 [ 233.465515][T11092] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 233.465548][T11092] ? bpf_lsm_capable+0x9/0x20 [ 233.465583][T11092] ? security_capable+0x7e/0x2e0 [ 233.465617][T11092] genl_rcv_msg+0x60e/0x790 [ 233.465645][T11092] ? __pfx_genl_rcv_msg+0x10/0x10 [ 233.465668][T11092] ? __kasan_slab_alloc+0x6c/0x80 [ 233.465695][T11092] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 233.465729][T11092] ? __netlink_lookup+0xbd/0x810 [ 233.465748][T11092] ? rcu_is_watching+0x15/0xb0 [ 233.465774][T11092] netlink_rcv_skb+0x208/0x470 [ 233.465806][T11092] ? __pfx_genl_rcv_msg+0x10/0x10 [ 233.465832][T11092] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 233.465870][T11092] ? lock_release+0x4b/0x3e0 [ 233.465903][T11092] ? down_read+0x1ad/0x2e0 [ 233.465924][T11092] genl_rcv+0x28/0x40 [ 233.465947][T11092] netlink_unicast+0x82f/0x9e0 [ 233.465980][T11092] ? __pfx_netlink_unicast+0x10/0x10 [ 233.466010][T11092] ? netlink_sendmsg+0x642/0xb30 [ 233.466027][T11092] ? skb_put+0x11b/0x210 [ 233.466049][T11092] netlink_sendmsg+0x805/0xb30 [ 233.466074][T11092] ? __pfx_netlink_sendmsg+0x10/0x10 [ 233.466094][T11092] ? futex_unqueue+0x22/0x240 [ 233.466117][T11092] ? aa_sock_msg_perm+0xf1/0x1d0 [ 233.466136][T11092] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 233.466157][T11092] ? __pfx_netlink_sendmsg+0x10/0x10 [ 233.466175][T11092] __sock_sendmsg+0x21c/0x270 [ 233.466202][T11092] ____sys_sendmsg+0x505/0x830 [ 233.466227][T11092] ? __pfx_____sys_sendmsg+0x10/0x10 [ 233.466304][T11092] ? import_iovec+0x74/0xa0 [ 233.466326][T11092] ___sys_sendmsg+0x21f/0x2a0 [ 233.466344][T11092] ? __pfx____sys_sendmsg+0x10/0x10 [ 233.466369][T11092] ? futex_wait+0x285/0x360 [ 233.466416][T11092] ? __fget_files+0x2a/0x420 [ 233.466434][T11092] ? __fget_files+0x3a0/0x420 [ 233.466456][T11092] __x64_sys_sendmsg+0x19b/0x260 [ 233.466480][T11092] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 233.466507][T11092] ? rcu_is_watching+0x15/0xb0 [ 233.466529][T11092] ? rcu_is_watching+0x15/0xb0 [ 233.466550][T11092] do_syscall_64+0xfa/0x3b0 [ 233.466570][T11092] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 233.466590][T11092] ? clear_bhb_loop+0x60/0xb0 [ 233.466613][T11092] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 233.466632][T11092] RIP: 0033:0x7f6b8d78ebe9 [ 233.466654][T11092] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 233.466673][T11092] RSP: 002b:00007f6b8b9f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 233.466695][T11092] RAX: ffffffffffffffda RBX: 00007f6b8d9b5fa0 RCX: 00007f6b8d78ebe9 [ 233.466712][T11092] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000005 [ 233.466725][T11092] RBP: 00007f6b8d811e19 R08: 0000000000000000 R09: 0000000000000000 [ 233.466739][T11092] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 233.466752][T11092] R13: 00007f6b8d9b6038 R14: 00007f6b8d9b5fa0 R15: 00007ffc5cb88178 [ 233.466777][T11092] [ 233.997207][T11100] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1709'. [ 234.045525][T11101] lo speed is unknown, defaulting to 1000 [ 234.322074][T11112] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1711'. [ 234.348023][T11101] macsec0: entered promiscuous mode [ 234.385693][T11101] syzkaller0: entered promiscuous mode [ 234.403386][T11101] syzkaller0: left promiscuous mode [ 234.816481][T11135] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 235.176733][T11150] net_ratelimit: 20 callbacks suppressed [ 235.176756][T11150] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 235.983831][T11181] FAULT_INJECTION: forcing a failure. [ 235.983831][T11181] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 236.013190][T11181] CPU: 1 UID: 0 PID: 11181 Comm: syz.0.1730 Not tainted syzkaller #0 PREEMPT(full) [ 236.013222][T11181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 236.013236][T11181] Call Trace: [ 236.013244][T11181] [ 236.013252][T11181] dump_stack_lvl+0x189/0x250 [ 236.013285][T11181] ? __pfx____ratelimit+0x10/0x10 [ 236.013326][T11181] ? __pfx_dump_stack_lvl+0x10/0x10 [ 236.013351][T11181] ? __pfx__printk+0x10/0x10 [ 236.013379][T11181] ? __might_fault+0xb0/0x130 [ 236.013412][T11181] ? rcu_is_watching+0x15/0xb0 [ 236.013434][T11181] should_fail_ex+0x414/0x560 [ 236.013469][T11181] _copy_from_iter+0x1db/0x16f0 [ 236.013492][T11181] ? rcu_is_watching+0x15/0xb0 [ 236.013512][T11181] ? kmem_cache_alloc_node_noprof+0x217/0x3c0 [ 236.013542][T11181] ? __pfx__copy_from_iter+0x10/0x10 [ 236.013562][T11181] ? __build_skb_around+0x257/0x3e0 [ 236.013583][T11181] ? netlink_sendmsg+0x642/0xb30 [ 236.013601][T11181] ? skb_put+0x11b/0x210 [ 236.013622][T11181] netlink_sendmsg+0x6b2/0xb30 [ 236.013647][T11181] ? __pfx_netlink_sendmsg+0x10/0x10 [ 236.013668][T11181] ? aa_sock_msg_perm+0xf1/0x1d0 [ 236.013688][T11181] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 236.013711][T11181] ? __pfx_netlink_sendmsg+0x10/0x10 [ 236.013730][T11181] __sock_sendmsg+0x21c/0x270 [ 236.013761][T11181] ____sys_sendmsg+0x505/0x830 [ 236.013786][T11181] ? __pfx_____sys_sendmsg+0x10/0x10 [ 236.013814][T11181] ? import_iovec+0x74/0xa0 [ 236.013839][T11181] ___sys_sendmsg+0x21f/0x2a0 [ 236.013862][T11181] ? __pfx____sys_sendmsg+0x10/0x10 [ 236.013903][T11181] ? __fget_files+0x2a/0x420 [ 236.013921][T11181] ? __fget_files+0x3a0/0x420 [ 236.013944][T11181] __x64_sys_sendmsg+0x19b/0x260 [ 236.013969][T11181] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 236.013996][T11181] ? __pfx_ksys_write+0x10/0x10 [ 236.014022][T11181] ? rcu_is_watching+0x15/0xb0 [ 236.014044][T11181] ? rcu_is_watching+0x15/0xb0 [ 236.014064][T11181] do_syscall_64+0xfa/0x3b0 [ 236.014084][T11181] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 236.014111][T11181] ? clear_bhb_loop+0x60/0xb0 [ 236.014135][T11181] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 236.014154][T11181] RIP: 0033:0x7f914258ebe9 [ 236.014172][T11181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 236.014190][T11181] RSP: 002b:00007f91407ee038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 236.014212][T11181] RAX: ffffffffffffffda RBX: 00007f91427b5fa0 RCX: 00007f914258ebe9 [ 236.014228][T11181] RDX: 0000000004000000 RSI: 00002000000020c0 RDI: 0000000000000005 [ 236.014242][T11181] RBP: 00007f91407ee090 R08: 0000000000000000 R09: 0000000000000000 [ 236.014256][T11181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 236.014269][T11181] R13: 00007f91427b6038 R14: 00007f91427b5fa0 R15: 00007ffeb5cf82c8 [ 236.014293][T11181] [ 236.304354][T11184] bridge6: entered promiscuous mode [ 236.694684][T11198] lo speed is unknown, defaulting to 1000 [ 236.749021][T11200] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1733'. [ 236.900014][T11200] lo speed is unknown, defaulting to 1000 [ 237.022197][T11206] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1735'. [ 237.730715][T11207] syzkaller1: entered promiscuous mode [ 237.741483][T11233] netlink: 'syz.0.1738': attribute type 13 has an invalid length. [ 237.746517][T11207] syzkaller1: entered allmulticast mode [ 237.776770][T11233] netlink: 'syz.0.1738': attribute type 17 has an invalid length. [ 238.020300][T11233] 8021q: adding VLAN 0 to HW filter on device bond0 [ 238.033855][T11233] 8021q: adding VLAN 0 to HW filter on device team0 [ 238.070165][T11233] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 238.161431][T11239] lo speed is unknown, defaulting to 1000 [ 238.183140][T11251] lo speed is unknown, defaulting to 1000 [ 238.404625][T11265] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1748'. [ 238.542166][T11270] IPVS: set_ctl: invalid protocol: 59 0.0.0.0:20002 [ 239.352567][T11295] lo speed is unknown, defaulting to 1000 [ 239.418188][T11312] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1763'. [ 239.841929][T11334] lo speed is unknown, defaulting to 1000 [ 239.961978][T11346] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1777'. [ 240.218404][T11295] syzkaller1: entered promiscuous mode [ 240.223927][T11295] syzkaller1: entered allmulticast mode [ 240.429144][T11383] IPVS: set_ctl: invalid protocol: 4 0.0.0.0:20004 [ 240.796568][T11382] bridge7: entered promiscuous mode [ 240.854623][T11386] lo speed is unknown, defaulting to 1000 [ 241.111616][T11418] netlink: 'syz.1.1800': attribute type 1 has an invalid length. [ 241.186855][T11425] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1801'. [ 241.203376][T11418] 8021q: adding VLAN 0 to HW filter on device bond4 [ 241.212574][T11424] FAULT_INJECTION: forcing a failure. [ 241.212574][T11424] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 241.225839][T11424] CPU: 1 UID: 0 PID: 11424 Comm: syz.2.1802 Not tainted syzkaller #0 PREEMPT(full) [ 241.225868][T11424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 241.225881][T11424] Call Trace: [ 241.225889][T11424] [ 241.225897][T11424] dump_stack_lvl+0x189/0x250 [ 241.225928][T11424] ? __pfx____ratelimit+0x10/0x10 [ 241.225968][T11424] ? __pfx_dump_stack_lvl+0x10/0x10 [ 241.225992][T11424] ? __pfx__printk+0x10/0x10 [ 241.226019][T11424] ? __might_fault+0xb0/0x130 [ 241.226052][T11424] ? rcu_is_watching+0x15/0xb0 [ 241.226074][T11424] should_fail_ex+0x414/0x560 [ 241.226104][T11424] _copy_from_user+0x2d/0xb0 [ 241.226128][T11424] ___sys_recvmsg+0x12e/0x510 [ 241.226154][T11424] ? __pfx____sys_recvmsg+0x10/0x10 [ 241.226180][T11424] ? __fget_files+0x2a/0x420 [ 241.226207][T11424] ? rcu_is_watching+0x15/0xb0 [ 241.226228][T11424] ? lock_release+0x4b/0x3e0 [ 241.226258][T11424] ? __might_fault+0xcc/0x130 [ 241.226287][T11424] do_recvmmsg+0x307/0x770 [ 241.226315][T11424] ? __pfx_do_recvmmsg+0x10/0x10 [ 241.226345][T11424] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 241.226375][T11424] __x64_sys_recvmmsg+0x190/0x240 [ 241.226400][T11424] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 241.226423][T11424] ? rcu_is_watching+0x15/0xb0 [ 241.226446][T11424] ? rcu_is_watching+0x15/0xb0 [ 241.226467][T11424] do_syscall_64+0xfa/0x3b0 [ 241.226487][T11424] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 241.226508][T11424] ? clear_bhb_loop+0x60/0xb0 [ 241.226531][T11424] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 241.226551][T11424] RIP: 0033:0x7fba9d58ebe9 [ 241.226569][T11424] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 241.226587][T11424] RSP: 002b:00007fba9e385038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 241.226610][T11424] RAX: ffffffffffffffda RBX: 00007fba9d7b5fa0 RCX: 00007fba9d58ebe9 [ 241.226625][T11424] RDX: 03ffffffffffff81 RSI: 0000200000000780 RDI: 0000000000000003 [ 241.226639][T11424] RBP: 00007fba9e385090 R08: 0000000000000000 R09: 0000000000000000 [ 241.226652][T11424] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002 [ 241.226664][T11424] R13: 00007fba9d7b6038 R14: 00007fba9d7b5fa0 R15: 00007ffe3ee14f78 [ 241.226688][T11424] [ 241.460981][T11425] lo speed is unknown, defaulting to 1000 [ 241.578555][T11436] netlink: 156 bytes leftover after parsing attributes in process `syz.4.1806'. [ 241.679767][T11445] netlink: 256 bytes leftover after parsing attributes in process `syz.0.1809'. [ 241.812213][T11454] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1812'. [ 241.846434][T11458] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1814'. [ 241.863906][T11460] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1815'. [ 241.864680][T11458] FAULT_INJECTION: forcing a failure. [ 241.864680][T11458] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 241.954086][T11458] CPU: 0 UID: 0 PID: 11458 Comm: syz.4.1814 Not tainted syzkaller #0 PREEMPT(full) [ 241.954117][T11458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 241.954130][T11458] Call Trace: [ 241.954138][T11458] [ 241.954146][T11458] dump_stack_lvl+0x189/0x250 [ 241.954176][T11458] ? __pfx____ratelimit+0x10/0x10 [ 241.954208][T11458] ? __pfx_dump_stack_lvl+0x10/0x10 [ 241.954233][T11458] ? __pfx__printk+0x10/0x10 [ 241.954265][T11458] ? rcu_is_watching+0x15/0xb0 [ 241.954287][T11458] should_fail_ex+0x414/0x560 [ 241.954317][T11458] _copy_to_user+0x31/0xb0 [ 241.954340][T11458] simple_read_from_buffer+0xe1/0x170 [ 241.954373][T11458] proc_fail_nth_read+0x1b3/0x220 [ 241.954398][T11458] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 241.954423][T11458] ? rw_verify_area+0x2a6/0x4d0 [ 241.954449][T11458] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 241.954473][T11458] vfs_read+0x1fd/0xa30 [ 241.954499][T11458] ? fdget_pos+0x247/0x320 [ 241.954519][T11458] ? __pfx___mutex_lock+0x10/0x10 [ 241.954539][T11458] ? __pfx_vfs_read+0x10/0x10 [ 241.954569][T11458] ? __fget_files+0x3a0/0x420 [ 241.954586][T11458] ? __fget_files+0x2a/0x420 [ 241.954609][T11458] ksys_read+0x145/0x250 [ 241.954635][T11458] ? __pfx_ksys_read+0x10/0x10 [ 241.954661][T11458] ? rcu_is_watching+0x15/0xb0 [ 241.954684][T11458] ? rcu_is_watching+0x15/0xb0 [ 241.954705][T11458] do_syscall_64+0xfa/0x3b0 [ 241.954725][T11458] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 241.954746][T11458] ? clear_bhb_loop+0x60/0xb0 [ 241.954769][T11458] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 241.954799][T11458] RIP: 0033:0x7f73cf58d5fc [ 241.954817][T11458] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 241.954836][T11458] RSP: 002b:00007f73d04a6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 241.954859][T11458] RAX: ffffffffffffffda RBX: 00007f73cf7b5fa0 RCX: 00007f73cf58d5fc [ 241.954875][T11458] RDX: 000000000000000f RSI: 00007f73d04a60a0 RDI: 0000000000000004 [ 241.954898][T11458] RBP: 00007f73d04a6090 R08: 0000000000000000 R09: 0000000000000000 [ 241.954912][T11458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 241.954924][T11458] R13: 00007f73cf7b6038 R14: 00007f73cf7b5fa0 R15: 00007ffc08275468 [ 241.954948][T11458] [ 242.352181][T11483] FAULT_INJECTION: forcing a failure. [ 242.352181][T11483] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 242.396372][T11483] CPU: 0 UID: 0 PID: 11483 Comm: syz.1.1824 Not tainted syzkaller #0 PREEMPT(full) [ 242.396401][T11483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 242.396416][T11483] Call Trace: [ 242.396423][T11483] [ 242.396433][T11483] dump_stack_lvl+0x189/0x250 [ 242.396461][T11483] ? __pfx____ratelimit+0x10/0x10 [ 242.396493][T11483] ? __pfx_dump_stack_lvl+0x10/0x10 [ 242.396530][T11483] ? __pfx__printk+0x10/0x10 [ 242.396556][T11483] ? __might_fault+0xb0/0x130 [ 242.396588][T11483] ? rcu_is_watching+0x15/0xb0 [ 242.396610][T11483] should_fail_ex+0x414/0x560 [ 242.396639][T11483] _copy_from_user+0x2d/0xb0 [ 242.396664][T11483] ___sys_recvmsg+0x12e/0x510 [ 242.396690][T11483] ? __pfx____sys_recvmsg+0x10/0x10 [ 242.396716][T11483] ? __fget_files+0x2a/0x420 [ 242.396743][T11483] ? rcu_is_watching+0x15/0xb0 [ 242.396762][T11483] ? lock_release+0x4b/0x3e0 [ 242.396793][T11483] ? __might_fault+0xcc/0x130 [ 242.396821][T11483] do_recvmmsg+0x307/0x770 [ 242.396848][T11483] ? __pfx_do_recvmmsg+0x10/0x10 [ 242.396880][T11483] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 242.396909][T11483] __x64_sys_recvmmsg+0x190/0x240 [ 242.396934][T11483] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 242.396957][T11483] ? rcu_is_watching+0x15/0xb0 [ 242.396979][T11483] ? rcu_is_watching+0x15/0xb0 [ 242.397000][T11483] do_syscall_64+0xfa/0x3b0 [ 242.397020][T11483] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 242.397040][T11483] ? clear_bhb_loop+0x60/0xb0 [ 242.397063][T11483] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 242.397083][T11483] RIP: 0033:0x7f6b8d78ebe9 [ 242.397102][T11483] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 242.397119][T11483] RSP: 002b:00007f6b8b9f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 242.397142][T11483] RAX: ffffffffffffffda RBX: 00007f6b8d9b5fa0 RCX: 00007f6b8d78ebe9 [ 242.397158][T11483] RDX: 03ffffffffffff81 RSI: 0000200000000780 RDI: 0000000000000003 [ 242.397172][T11483] RBP: 00007f6b8b9f6090 R08: 0000000000000000 R09: 0000000000000000 [ 242.397185][T11483] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002 [ 242.397197][T11483] R13: 00007f6b8d9b6038 R14: 00007f6b8d9b5fa0 R15: 00007ffc5cb88178 [ 242.397221][T11483] [ 242.670673][T11497] sctp: [Deprecated]: syz.1.1828 (pid 11497) Use of struct sctp_assoc_value in delayed_ack socket option. [ 242.670673][T11497] Use struct sctp_sack_info instead [ 242.775646][T11504] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1829'. [ 243.000185][T11511] lo speed is unknown, defaulting to 1000 [ 243.206640][T11531] netlink: 'syz.4.1838': attribute type 13 has an invalid length. [ 243.217003][T11531] netlink: 'syz.4.1838': attribute type 17 has an invalid length. [ 243.392355][T11536] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1838'. [ 243.669522][T11531] 8021q: adding VLAN 0 to HW filter on device bond0 [ 243.698005][T11541] nbd: nbd1 already in use [ 243.704837][T11531] 8021q: adding VLAN 0 to HW filter on device team0 [ 243.713238][T11541] block nbd1: NBD_DISCONNECT [ 243.717894][T11541] block nbd1: Send disconnect failed -32 [ 243.726090][T11541] block nbd1: shutting down sockets [ 243.750087][T11531] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 243.756341][T11543] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1842'. [ 243.857344][T11543] (unnamed net_device) (uninitialized): option lacp_active: invalid value (5) [ 243.942471][T11533] lo speed is unknown, defaulting to 1000 [ 243.987201][T11558] (unnamed net_device) (uninitialized): option ad_user_port_key: mode dependency failed, not supported in mode balance-xor(2) [ 244.012618][T11556] (unnamed net_device) (uninitialized): option ad_user_port_key: mode dependency failed, not supported in mode balance-xor(2) [ 244.048208][T11556] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1846'. [ 244.065350][T11556] chnl_net:caif_netlink_parms(): no params data found [ 244.584159][T11591] FAULT_INJECTION: forcing a failure. [ 244.584159][T11591] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 244.603071][T11591] CPU: 1 UID: 0 PID: 11591 Comm: syz.4.1857 Not tainted syzkaller #0 PREEMPT(full) [ 244.603103][T11591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 244.603116][T11591] Call Trace: [ 244.603125][T11591] [ 244.603134][T11591] dump_stack_lvl+0x189/0x250 [ 244.603163][T11591] ? __pfx____ratelimit+0x10/0x10 [ 244.603195][T11591] ? __pfx_dump_stack_lvl+0x10/0x10 [ 244.603219][T11591] ? __pfx__printk+0x10/0x10 [ 244.603246][T11591] ? __might_fault+0xb0/0x130 [ 244.603279][T11591] ? rcu_is_watching+0x15/0xb0 [ 244.603302][T11591] should_fail_ex+0x414/0x560 [ 244.603333][T11591] _copy_from_user+0x2d/0xb0 [ 244.603366][T11591] ___sys_recvmsg+0x12e/0x510 [ 244.603394][T11591] ? __pfx____sys_recvmsg+0x10/0x10 [ 244.603420][T11591] ? __fget_files+0x2a/0x420 [ 244.603447][T11591] ? rcu_is_watching+0x15/0xb0 [ 244.603467][T11591] ? lock_release+0x4b/0x3e0 [ 244.603498][T11591] ? __might_fault+0xcc/0x130 [ 244.603527][T11591] do_recvmmsg+0x307/0x770 [ 244.603554][T11591] ? __pfx_do_recvmmsg+0x10/0x10 [ 244.603589][T11591] ? lock_acquire+0x5f/0x360 [ 244.603622][T11591] __x64_sys_recvmmsg+0x190/0x240 [ 244.603646][T11591] ? lock_release+0x4b/0x3e0 [ 244.603677][T11591] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 244.603701][T11591] ? rcu_is_watching+0x15/0xb0 [ 244.603721][T11591] ? trace_sys_enter+0x25/0x100 [ 244.603756][T11591] do_syscall_64+0xfa/0x3b0 [ 244.603777][T11591] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 244.603798][T11591] ? clear_bhb_loop+0x60/0xb0 [ 244.603822][T11591] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 244.603843][T11591] RIP: 0033:0x7f73cf58ebe9 [ 244.603862][T11591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 244.603881][T11591] RSP: 002b:00007f73d04a6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 244.603904][T11591] RAX: ffffffffffffffda RBX: 00007f73cf7b5fa0 RCX: 00007f73cf58ebe9 [ 244.603920][T11591] RDX: 03ffffffffffff81 RSI: 0000200000000780 RDI: 0000000000000003 [ 244.603935][T11591] RBP: 00007f73d04a6090 R08: 0000000000000000 R09: 0000000000000000 [ 244.603948][T11591] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002 [ 244.603961][T11591] R13: 00007f73cf7b6038 R14: 00007f73cf7b5fa0 R15: 00007ffc08275468 [ 244.603985][T11591] [ 245.306907][T11620] lo speed is unknown, defaulting to 1000 [ 245.353673][T11622] bridge5: entered promiscuous mode [ 245.364001][T11626] FAULT_INJECTION: forcing a failure. [ 245.364001][T11626] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 245.383254][T11626] CPU: 1 UID: 0 PID: 11626 Comm: syz.2.1870 Not tainted syzkaller #0 PREEMPT(full) [ 245.383293][T11626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 245.383305][T11626] Call Trace: [ 245.383313][T11626] [ 245.383321][T11626] dump_stack_lvl+0x189/0x250 [ 245.383352][T11626] ? __pfx____ratelimit+0x10/0x10 [ 245.383383][T11626] ? __pfx_dump_stack_lvl+0x10/0x10 [ 245.383408][T11626] ? __pfx__printk+0x10/0x10 [ 245.383434][T11626] ? __might_fault+0xb0/0x130 [ 245.383469][T11626] ? rcu_is_watching+0x15/0xb0 [ 245.383491][T11626] should_fail_ex+0x414/0x560 [ 245.383521][T11626] _copy_from_user+0x2d/0xb0 [ 245.383547][T11626] ___sys_recvmsg+0x12e/0x510 [ 245.383573][T11626] ? __pfx____sys_recvmsg+0x10/0x10 [ 245.383599][T11626] ? __fget_files+0x2a/0x420 [ 245.383627][T11626] ? rcu_is_watching+0x15/0xb0 [ 245.383648][T11626] ? lock_release+0x4b/0x3e0 [ 245.383677][T11626] ? __might_fault+0xcc/0x130 [ 245.383705][T11626] do_recvmmsg+0x307/0x770 [ 245.383730][T11626] ? __pfx_do_recvmmsg+0x10/0x10 [ 245.383760][T11626] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 245.383790][T11626] __x64_sys_recvmmsg+0x190/0x240 [ 245.383815][T11626] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 245.383837][T11626] ? rcu_is_watching+0x15/0xb0 [ 245.383860][T11626] ? rcu_is_watching+0x15/0xb0 [ 245.383882][T11626] do_syscall_64+0xfa/0x3b0 [ 245.383903][T11626] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 245.383924][T11626] ? clear_bhb_loop+0x60/0xb0 [ 245.383948][T11626] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 245.383969][T11626] RIP: 0033:0x7fba9d58ebe9 [ 245.383988][T11626] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 245.384007][T11626] RSP: 002b:00007fba9e385038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 245.384030][T11626] RAX: ffffffffffffffda RBX: 00007fba9d7b5fa0 RCX: 00007fba9d58ebe9 [ 245.384047][T11626] RDX: 03ffffffffffff81 RSI: 0000200000000780 RDI: 0000000000000003 [ 245.384061][T11626] RBP: 00007fba9e385090 R08: 0000000000000000 R09: 0000000000000000 [ 245.384074][T11626] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002 [ 245.384086][T11626] R13: 00007fba9d7b6038 R14: 00007fba9d7b5fa0 R15: 00007ffe3ee14f78 [ 245.384111][T11626] [ 246.019599][T11658] bridge5: entered promiscuous mode [ 246.033632][T11659] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1882'. [ 246.066469][T11661] Can't find ip_set type hash:ip$mec [ 246.143063][T11668] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1886'. [ 246.233180][T11670] FAULT_INJECTION: forcing a failure. [ 246.233180][T11670] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 246.262438][T11675] netlink: 'syz.3.1888': attribute type 1 has an invalid length. [ 246.289653][T11670] CPU: 0 UID: 0 PID: 11670 Comm: syz.0.1887 Not tainted syzkaller #0 PREEMPT(full) [ 246.289686][T11670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 246.289700][T11670] Call Trace: [ 246.289708][T11670] [ 246.289717][T11670] dump_stack_lvl+0x189/0x250 [ 246.289747][T11670] ? __pfx____ratelimit+0x10/0x10 [ 246.289778][T11670] ? __pfx_dump_stack_lvl+0x10/0x10 [ 246.289803][T11670] ? __pfx__printk+0x10/0x10 [ 246.289830][T11670] ? __might_fault+0xb0/0x130 [ 246.289863][T11670] ? rcu_is_watching+0x15/0xb0 [ 246.289885][T11670] should_fail_ex+0x414/0x560 [ 246.289916][T11670] _copy_from_user+0x2d/0xb0 [ 246.289940][T11670] ___sys_recvmsg+0x12e/0x510 [ 246.289967][T11670] ? __pfx____sys_recvmsg+0x10/0x10 [ 246.289992][T11670] ? __fget_files+0x2a/0x420 [ 246.290019][T11670] ? rcu_is_watching+0x15/0xb0 [ 246.290039][T11670] ? lock_release+0x4b/0x3e0 [ 246.290068][T11670] ? __might_fault+0xcc/0x130 [ 246.290096][T11670] do_recvmmsg+0x307/0x770 [ 246.290128][T11670] ? __pfx_do_recvmmsg+0x10/0x10 [ 246.290162][T11670] ? lock_acquire+0x5f/0x360 [ 246.290195][T11670] __x64_sys_recvmmsg+0x190/0x240 [ 246.290217][T11670] ? lock_release+0x4b/0x3e0 [ 246.290247][T11670] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 246.290270][T11670] ? rcu_is_watching+0x15/0xb0 [ 246.290289][T11670] ? trace_sys_enter+0x25/0x100 [ 246.290324][T11670] do_syscall_64+0xfa/0x3b0 [ 246.290344][T11670] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 246.290364][T11670] ? clear_bhb_loop+0x60/0xb0 [ 246.290388][T11670] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 246.290409][T11670] RIP: 0033:0x7f914258ebe9 [ 246.290427][T11670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 246.290446][T11670] RSP: 002b:00007f91407ee038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 246.290478][T11670] RAX: ffffffffffffffda RBX: 00007f91427b5fa0 RCX: 00007f914258ebe9 [ 246.290494][T11670] RDX: 03ffffffffffff81 RSI: 0000200000000780 RDI: 0000000000000003 [ 246.290509][T11670] RBP: 00007f91407ee090 R08: 0000000000000000 R09: 0000000000000000 [ 246.290522][T11670] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002 [ 246.290534][T11670] R13: 00007f91427b6038 R14: 00007f91427b5fa0 R15: 00007ffeb5cf82c8 [ 246.290558][T11670] [ 246.989624][T11715] FAULT_INJECTION: forcing a failure. [ 246.989624][T11715] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 247.011163][T11716] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1899'. [ 247.018207][T11715] CPU: 0 UID: 0 PID: 11715 Comm: syz.2.1902 Not tainted syzkaller #0 PREEMPT(full) [ 247.018244][T11715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 247.018261][T11715] Call Trace: [ 247.018270][T11715] [ 247.018280][T11715] dump_stack_lvl+0x189/0x250 [ 247.018321][T11715] ? __pfx____ratelimit+0x10/0x10 [ 247.018370][T11715] ? __pfx_dump_stack_lvl+0x10/0x10 [ 247.018398][T11715] ? __pfx__printk+0x10/0x10 [ 247.018428][T11715] ? __might_fault+0xb0/0x130 [ 247.018465][T11715] ? rcu_is_watching+0x15/0xb0 [ 247.018498][T11715] should_fail_ex+0x414/0x560 [ 247.018533][T11715] _copy_from_user+0x2d/0xb0 [ 247.018561][T11715] ___sys_recvmsg+0x12e/0x510 [ 247.018591][T11715] ? __pfx____sys_recvmsg+0x10/0x10 [ 247.018620][T11715] ? __fget_files+0x2a/0x420 [ 247.018651][T11715] ? rcu_is_watching+0x15/0xb0 [ 247.018673][T11715] ? lock_release+0x4b/0x3e0 [ 247.018709][T11715] ? __might_fault+0xcc/0x130 [ 247.018743][T11715] do_recvmmsg+0x307/0x770 [ 247.018773][T11715] ? __pfx_do_recvmmsg+0x10/0x10 [ 247.018806][T11715] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 247.018840][T11715] __x64_sys_recvmmsg+0x190/0x240 [ 247.018869][T11715] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 247.018899][T11715] ? rcu_is_watching+0x15/0xb0 [ 247.018923][T11715] do_syscall_64+0xfa/0x3b0 [ 247.018946][T11715] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 247.018969][T11715] ? clear_bhb_loop+0x60/0xb0 [ 247.018996][T11715] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 247.019018][T11715] RIP: 0033:0x7fba9d58ebe9 [ 247.019039][T11715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 247.019061][T11715] RSP: 002b:00007fba9e364038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 247.019087][T11715] RAX: ffffffffffffffda RBX: 00007fba9d7b6090 RCX: 00007fba9d58ebe9 [ 247.019105][T11715] RDX: 03ffffffffffff81 RSI: 0000200000000780 RDI: 0000000000000003 [ 247.019122][T11715] RBP: 00007fba9e364090 R08: 0000000000000000 R09: 0000000000000000 [ 247.019138][T11715] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002 [ 247.019153][T11715] R13: 00007fba9d7b6128 R14: 00007fba9d7b6090 R15: 00007ffe3ee14f78 [ 247.019181][T11715] [ 247.214581][T11721] netlink: 'syz.1.1899': attribute type 4 has an invalid length. [ 247.335678][ T3494] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 247.378708][ T3494] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 247.387483][ T3494] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 247.413804][T11705] netlink: 'syz.1.1899': attribute type 4 has an invalid length. [ 247.433134][ T3494] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 248.287596][T11789] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 248.502032][T11792] netlink: 'syz.4.1927': attribute type 29 has an invalid length. [ 248.518690][T11792] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1927'. [ 248.615424][T11795] bridge6: entered promiscuous mode [ 248.765175][T11805] tipc: Enabling of bearer rejected, failed to enable media [ 248.791479][T11799] netlink: 'syz.3.1930': attribute type 1 has an invalid length. [ 248.831304][T11799] bond1: entered promiscuous mode [ 248.838886][T11799] bond1: entered allmulticast mode [ 248.856980][T11799] 8021q: adding VLAN 0 to HW filter on device bond1 [ 248.870605][T11813] netlink: 'syz.0.1936': attribute type 1 has an invalid length. [ 248.904708][T11813] 8021q: adding VLAN 0 to HW filter on device bond4 [ 248.943653][T11813] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1936'. [ 248.976696][T11820] lo speed is unknown, defaulting to 1000 [ 249.042963][T11824] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1942'. [ 249.081466][T11824] syz_tun: entered promiscuous mode [ 249.086935][T11824] macvtap1: entered promiscuous mode [ 249.123030][T11824] macvtap1: entered allmulticast mode [ 249.124713][T11825] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1942'. [ 249.135685][T11824] syz_tun: entered allmulticast mode [ 249.216120][T11825] syz_tun: left allmulticast mode [ 249.234938][T11825] syz_tun: left promiscuous mode [ 249.253888][T11841] bridge5: entered promiscuous mode [ 249.562261][T11868] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1955'. [ 249.680512][T11874] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 249.713619][T11879] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1959'. [ 249.716790][T11874] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1957'. [ 249.759969][T11884] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1961'. [ 250.289030][T11924] ieee802154 phy0 wpan0: encryption failed: -22 [ 250.961719][T11964] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1993'. [ 251.043697][T11973] netlink: 'syz.3.1996': attribute type 1 has an invalid length. [ 251.055155][T11973] netlink: 'syz.3.1996': attribute type 3 has an invalid length. [ 251.360722][T12004] batadv_slave_0: entered promiscuous mode [ 251.367979][T12004] batadv_slave_0: left promiscuous mode [ 252.038454][ T5184] Bluetooth: hci4: command 0x0401 tx timeout [ 252.965022][T12108] macsec1: entered promiscuous mode [ 252.970734][T12108] team0: entered promiscuous mode [ 252.976888][T12108] team_slave_0: entered promiscuous mode [ 252.983146][T12108] team_slave_1: entered promiscuous mode [ 253.070584][T12135] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 253.082722][T12135] __nla_validate_parse: 7 callbacks suppressed [ 253.082743][T12135] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2052'. [ 253.229286][T12150] netlink: 'syz.3.2057': attribute type 11 has an invalid length. [ 253.237356][T12150] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2057'. [ 253.253932][T12150] openvswitch: netlink: Missing valid actions attribute. [ 253.262798][T12150] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 253.351264][T12158] FAULT_INJECTION: forcing a failure. [ 253.351264][T12158] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 253.402034][T12158] CPU: 0 UID: 0 PID: 12158 Comm: syz.1.2060 Not tainted syzkaller #0 PREEMPT(full) [ 253.402068][T12158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 253.402082][T12158] Call Trace: [ 253.402091][T12158] [ 253.402100][T12158] dump_stack_lvl+0x189/0x250 [ 253.402130][T12158] ? __pfx____ratelimit+0x10/0x10 [ 253.402167][T12158] ? __pfx_dump_stack_lvl+0x10/0x10 [ 253.402192][T12158] ? __pfx__printk+0x10/0x10 [ 253.402218][T12158] ? __might_fault+0xb0/0x130 [ 253.402252][T12158] ? rcu_is_watching+0x15/0xb0 [ 253.402274][T12158] should_fail_ex+0x414/0x560 [ 253.402304][T12158] _copy_from_user+0x2d/0xb0 [ 253.402329][T12158] ___sys_recvmsg+0x12e/0x510 [ 253.402356][T12158] ? __pfx____sys_recvmsg+0x10/0x10 [ 253.402382][T12158] ? __fget_files+0x2a/0x420 [ 253.402410][T12158] ? rcu_is_watching+0x15/0xb0 [ 253.402431][T12158] ? lock_release+0x4b/0x3e0 [ 253.402462][T12158] ? __might_fault+0xcc/0x130 [ 253.402491][T12158] do_recvmmsg+0x307/0x770 [ 253.402519][T12158] ? __pfx_do_recvmmsg+0x10/0x10 [ 253.402549][T12158] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 253.402580][T12158] __x64_sys_recvmmsg+0x190/0x240 [ 253.402605][T12158] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 253.402633][T12158] ? rcu_is_watching+0x15/0xb0 [ 253.402656][T12158] do_syscall_64+0xfa/0x3b0 [ 253.402676][T12158] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 253.402697][T12158] ? clear_bhb_loop+0x60/0xb0 [ 253.402720][T12158] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 253.402740][T12158] RIP: 0033:0x7f6b8d78ebe9 [ 253.402758][T12158] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 253.402777][T12158] RSP: 002b:00007f6b8b9f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 253.402800][T12158] RAX: ffffffffffffffda RBX: 00007f6b8d9b5fa0 RCX: 00007f6b8d78ebe9 [ 253.402816][T12158] RDX: 03ffffffffffff81 RSI: 0000200000000780 RDI: 0000000000000003 [ 253.402830][T12158] RBP: 00007f6b8b9f6090 R08: 0000000000000000 R09: 0000000000000000 [ 253.402843][T12158] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002 [ 253.402856][T12158] R13: 00007f6b8d9b6038 R14: 00007f6b8d9b5fa0 R15: 00007ffc5cb88178 [ 253.402880][T12158] [ 253.754819][T12166] netlink: 'syz.2.2062': attribute type 12 has an invalid length. [ 253.762735][T12166] netlink: 9472 bytes leftover after parsing attributes in process `syz.2.2062'. [ 254.324268][T12178] lo speed is unknown, defaulting to 1000 [ 254.454483][T12194] FAULT_INJECTION: forcing a failure. [ 254.454483][T12194] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 254.471489][T12193] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2071'. [ 254.472745][T12194] CPU: 1 UID: 0 PID: 12194 Comm: syz.3.2074 Not tainted syzkaller #0 PREEMPT(full) [ 254.472778][T12194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 254.472794][T12194] Call Trace: [ 254.472803][T12194] [ 254.472813][T12194] dump_stack_lvl+0x189/0x250 [ 254.472847][T12194] ? __pfx____ratelimit+0x10/0x10 [ 254.472883][T12194] ? __pfx_dump_stack_lvl+0x10/0x10 [ 254.472909][T12194] ? __pfx__printk+0x10/0x10 [ 254.472940][T12194] ? __might_fault+0xb0/0x130 [ 254.472978][T12194] ? rcu_is_watching+0x15/0xb0 [ 254.473004][T12194] should_fail_ex+0x414/0x560 [ 254.473040][T12194] _copy_from_user+0x2d/0xb0 [ 254.473069][T12194] ___sys_recvmsg+0x12e/0x510 [ 254.473101][T12194] ? __pfx____sys_recvmsg+0x10/0x10 [ 254.473131][T12194] ? __fget_files+0x2a/0x420 [ 254.473161][T12194] ? rcu_is_watching+0x15/0xb0 [ 254.473184][T12194] ? lock_release+0x4b/0x3e0 [ 254.473218][T12194] ? __might_fault+0xcc/0x130 [ 254.473252][T12194] do_recvmmsg+0x307/0x770 [ 254.473282][T12194] ? __pfx_do_recvmmsg+0x10/0x10 [ 254.473316][T12194] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 254.473350][T12194] __x64_sys_recvmmsg+0x190/0x240 [ 254.473379][T12194] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 254.473405][T12194] ? rcu_is_watching+0x15/0xb0 [ 254.473430][T12194] ? rcu_is_watching+0x15/0xb0 [ 254.473454][T12194] do_syscall_64+0xfa/0x3b0 [ 254.473478][T12194] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 254.473502][T12194] ? clear_bhb_loop+0x60/0xb0 [ 254.473528][T12194] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 254.473551][T12194] RIP: 0033:0x7f7c3338ebe9 [ 254.473571][T12194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 254.473593][T12194] RSP: 002b:00007f7c34112038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 254.473618][T12194] RAX: ffffffffffffffda RBX: 00007f7c335b5fa0 RCX: 00007f7c3338ebe9 [ 254.473636][T12194] RDX: 03ffffffffffff81 RSI: 0000200000000780 RDI: 0000000000000003 [ 254.473667][T12194] RBP: 00007f7c34112090 R08: 0000000000000000 R09: 0000000000000000 [ 254.473681][T12194] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002 [ 254.473696][T12194] R13: 00007f7c335b6038 R14: 00007f7c335b5fa0 R15: 00007fff9d6cfca8 [ 254.473724][T12194] [ 254.727440][T12206] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 254.754361][T12206] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2077'. [ 255.073953][T12232] 8021q: adding VLAN 0 to HW filter on device bond2 [ 255.083421][T12232] bridge0: port 3(bond2) entered blocking state [ 255.090731][T12232] bridge0: port 3(bond2) entered disabled state [ 255.097569][T12232] bond2: entered allmulticast mode [ 255.107023][T12232] bond2: entered promiscuous mode [ 255.405841][ T55] block nbd0: Possible stuck request ffff888025120000: control (read@0,4096B). Runtime 150 seconds [ 255.477640][T12261] lo speed is unknown, defaulting to 1000 [ 255.523618][T12261] netlink: 'syz.1.2096': attribute type 16 has an invalid length. [ 255.532043][T12261] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2096'. [ 255.773243][T12281] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2102'. [ 255.804420][T12291] netlink: 154912 bytes leftover after parsing attributes in process `syz.4.2104'. [ 255.829124][T12281] netlink: 'syz.1.2102': attribute type 10 has an invalid length. [ 255.941279][T12301] FAULT_INJECTION: forcing a failure. [ 255.941279][T12301] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 255.977207][T12303] tipc: Enabling of bearer rejected, failed to enable media [ 255.994037][T12301] CPU: 1 UID: 0 PID: 12301 Comm: syz.0.2107 Not tainted syzkaller #0 PREEMPT(full) [ 255.994069][T12301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 255.994084][T12301] Call Trace: [ 255.994092][T12301] [ 255.994100][T12301] dump_stack_lvl+0x189/0x250 [ 255.994132][T12301] ? __pfx____ratelimit+0x10/0x10 [ 255.994163][T12301] ? __pfx_dump_stack_lvl+0x10/0x10 [ 255.994188][T12301] ? __pfx__printk+0x10/0x10 [ 255.994215][T12301] ? __might_fault+0xb0/0x130 [ 255.994249][T12301] ? rcu_is_watching+0x15/0xb0 [ 255.994271][T12301] should_fail_ex+0x414/0x560 [ 255.994301][T12301] _copy_from_user+0x2d/0xb0 [ 255.994325][T12301] ___sys_recvmsg+0x12e/0x510 [ 255.994352][T12301] ? __pfx____sys_recvmsg+0x10/0x10 [ 255.994378][T12301] ? __fget_files+0x2a/0x420 [ 255.994405][T12301] ? rcu_is_watching+0x15/0xb0 [ 255.994425][T12301] ? lock_release+0x4b/0x3e0 [ 255.994456][T12301] ? __might_fault+0xcc/0x130 [ 255.994485][T12301] do_recvmmsg+0x307/0x770 [ 255.994512][T12301] ? __pfx_do_recvmmsg+0x10/0x10 [ 255.994542][T12301] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 255.994572][T12301] __x64_sys_recvmmsg+0x190/0x240 [ 255.994597][T12301] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 255.994620][T12301] ? rcu_is_watching+0x15/0xb0 [ 255.994643][T12301] ? rcu_is_watching+0x15/0xb0 [ 255.994664][T12301] do_syscall_64+0xfa/0x3b0 [ 255.994684][T12301] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 255.994711][T12301] ? clear_bhb_loop+0x60/0xb0 [ 255.994734][T12301] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 255.994754][T12301] RIP: 0033:0x7f914258ebe9 [ 255.994772][T12301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 255.994790][T12301] RSP: 002b:00007f91407ee038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 255.994814][T12301] RAX: ffffffffffffffda RBX: 00007f91427b5fa0 RCX: 00007f914258ebe9 [ 255.994830][T12301] RDX: 03ffffffffffff81 RSI: 0000200000000780 RDI: 0000000000000003 [ 255.994845][T12301] RBP: 00007f91407ee090 R08: 0000000000000000 R09: 0000000000000000 [ 255.994858][T12301] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002 [ 255.994870][T12301] R13: 00007f91427b6038 R14: 00007f91427b5fa0 R15: 00007ffeb5cf82c8 [ 255.994894][T12301] [ 256.297003][T12311] sch_tbf: burst 4398 is lower than device lo mtu (11337746) ! [ 256.309929][T12309] netlink: 56 bytes leftover after parsing attributes in process `syz.4.2112'. [ 256.311559][T12311] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2109'. [ 256.563889][T12329] netlink: 'syz.1.2118': attribute type 1 has an invalid length. [ 256.587212][T12329] netlink: 'syz.1.2118': attribute type 1 has an invalid length. [ 256.818680][T12329] 8021q: adding VLAN 0 to HW filter on device bond5 [ 256.870953][T12331] 8021q: adding VLAN 0 to HW filter on device bond5 [ 256.885360][T12331] bond5: (slave vxcan3): The slave device specified does not support setting the MAC address [ 256.899901][T12331] bond5: (slave vxcan3): Error -95 calling set_mac_address [ 257.343124][T12358] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 257.386816][T12359] lo speed is unknown, defaulting to 1000 [ 257.486228][T12370] bond0: (slave batadv0): Releasing backup interface [ 257.506309][T12370] bridge_slave_0: left promiscuous mode [ 257.527298][T12370] bridge0: port 1(bridge_slave_0) entered disabled state [ 257.537551][T12359] netlink: 'syz.0.2126': attribute type 1 has an invalid length. [ 257.548930][T12370] bridge_slave_1: left allmulticast mode [ 257.554749][T12370] bridge_slave_1: left promiscuous mode [ 257.561125][T12370] bridge0: port 2(bridge_slave_1) entered disabled state [ 257.572283][T12370] bond0: (slave bond_slave_0): Releasing backup interface [ 257.581999][T12370] bond0: (slave bond_slave_1): Releasing backup interface [ 257.591182][T12370] team_slave_0: left promiscuous mode [ 257.597907][T12370] team0: Port device team_slave_0 removed [ 257.606137][T12370] team_slave_1: left promiscuous mode [ 257.613284][T12370] team0: Port device team_slave_1 removed [ 257.620261][T12370] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 257.628593][T12370] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 257.637804][T12370] bond1: (slave gretap1): Releasing active interface [ 257.649052][T12370] bond2: left allmulticast mode [ 257.653966][T12370] bond2: left promiscuous mode [ 257.659318][T12370] bridge0: port 3(bond2) entered disabled state [ 257.755350][T12376] A link change request failed with some changes committed already. Interface bond1 may have been left with an inconsistent configuration, please check. [ 257.965931][T12396] FAULT_INJECTION: forcing a failure. [ 257.965931][T12396] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 257.998906][T12396] CPU: 1 UID: 0 PID: 12396 Comm: syz.3.2138 Not tainted syzkaller #0 PREEMPT(full) [ 257.998937][T12396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 257.998951][T12396] Call Trace: [ 257.998958][T12396] [ 257.998967][T12396] dump_stack_lvl+0x189/0x250 [ 257.998999][T12396] ? __pfx____ratelimit+0x10/0x10 [ 257.999031][T12396] ? __pfx_dump_stack_lvl+0x10/0x10 [ 257.999055][T12396] ? __pfx__printk+0x10/0x10 [ 257.999082][T12396] ? __might_fault+0xb0/0x130 [ 257.999115][T12396] ? rcu_is_watching+0x15/0xb0 [ 257.999137][T12396] should_fail_ex+0x414/0x560 [ 257.999167][T12396] _copy_from_user+0x2d/0xb0 [ 257.999192][T12396] ___sys_recvmsg+0x12e/0x510 [ 257.999219][T12396] ? __pfx____sys_recvmsg+0x10/0x10 [ 257.999245][T12396] ? __fget_files+0x2a/0x420 [ 257.999272][T12396] ? rcu_is_watching+0x15/0xb0 [ 257.999292][T12396] ? lock_release+0x4b/0x3e0 [ 257.999323][T12396] ? __might_fault+0xcc/0x130 [ 257.999352][T12396] do_recvmmsg+0x307/0x770 [ 257.999388][T12396] ? __pfx_do_recvmmsg+0x10/0x10 [ 257.999418][T12396] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 257.999448][T12396] __x64_sys_recvmmsg+0x190/0x240 [ 257.999474][T12396] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 257.999497][T12396] ? rcu_is_watching+0x15/0xb0 [ 257.999519][T12396] ? rcu_is_watching+0x15/0xb0 [ 257.999541][T12396] do_syscall_64+0xfa/0x3b0 [ 257.999559][T12396] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 257.999580][T12396] ? clear_bhb_loop+0x60/0xb0 [ 257.999602][T12396] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 257.999623][T12396] RIP: 0033:0x7f7c3338ebe9 [ 257.999642][T12396] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 257.999660][T12396] RSP: 002b:00007f7c34112038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 257.999682][T12396] RAX: ffffffffffffffda RBX: 00007f7c335b5fa0 RCX: 00007f7c3338ebe9 [ 257.999697][T12396] RDX: 03ffffffffffff81 RSI: 0000200000000780 RDI: 0000000000000003 [ 257.999712][T12396] RBP: 00007f7c34112090 R08: 0000000000000000 R09: 0000000000000000 [ 257.999725][T12396] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002 [ 257.999737][T12396] R13: 00007f7c335b6038 R14: 00007f7c335b5fa0 R15: 00007fff9d6cfca8 [ 257.999760][T12396] [ 258.016205][T12399] netlink: 'syz.4.2137': attribute type 8 has an invalid length. [ 258.135585][T12402] __nla_validate_parse: 6 callbacks suppressed [ 258.135607][T12402] netlink: 128 bytes leftover after parsing attributes in process `syz.4.2137'. [ 258.234723][T12406] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2140'. [ 258.245036][T12407] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2139'. [ 258.263388][T12402] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2137'. [ 258.291454][T12404] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 258.319096][T12399] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2137'. [ 258.774769][T12447] FAULT_INJECTION: forcing a failure. [ 258.774769][T12447] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 258.808518][T12447] CPU: 1 UID: 0 PID: 12447 Comm: syz.0.2150 Not tainted syzkaller #0 PREEMPT(full) [ 258.808557][T12447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 258.808570][T12447] Call Trace: [ 258.808578][T12447] [ 258.808587][T12447] dump_stack_lvl+0x189/0x250 [ 258.808618][T12447] ? __pfx____ratelimit+0x10/0x10 [ 258.808649][T12447] ? __pfx_dump_stack_lvl+0x10/0x10 [ 258.808674][T12447] ? __pfx__printk+0x10/0x10 [ 258.808700][T12447] ? __might_fault+0xb0/0x130 [ 258.808733][T12447] ? rcu_is_watching+0x15/0xb0 [ 258.808755][T12447] should_fail_ex+0x414/0x560 [ 258.808786][T12447] _copy_from_user+0x2d/0xb0 [ 258.808810][T12447] ___sys_recvmsg+0x12e/0x510 [ 258.808837][T12447] ? __pfx____sys_recvmsg+0x10/0x10 [ 258.808863][T12447] ? __fget_files+0x2a/0x420 [ 258.808891][T12447] ? rcu_is_watching+0x15/0xb0 [ 258.808911][T12447] ? lock_release+0x4b/0x3e0 [ 258.808942][T12447] ? __might_fault+0xcc/0x130 [ 258.808971][T12447] do_recvmmsg+0x307/0x770 [ 258.808999][T12447] ? __pfx_do_recvmmsg+0x10/0x10 [ 258.809030][T12447] ? trace_irq_disable+0x37/0x110 [ 258.809066][T12447] __x64_sys_recvmmsg+0x190/0x240 [ 258.809091][T12447] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 258.809121][T12447] do_syscall_64+0xfa/0x3b0 [ 258.809140][T12447] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 258.809161][T12447] ? clear_bhb_loop+0x60/0xb0 [ 258.809184][T12447] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 258.809204][T12447] RIP: 0033:0x7f914258ebe9 [ 258.809222][T12447] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 258.809242][T12447] RSP: 002b:00007f91407ee038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 258.809264][T12447] RAX: ffffffffffffffda RBX: 00007f91427b5fa0 RCX: 00007f914258ebe9 [ 258.809280][T12447] RDX: 03ffffffffffff81 RSI: 0000200000000780 RDI: 0000000000000003 [ 258.809295][T12447] RBP: 00007f91407ee090 R08: 0000000000000000 R09: 0000000000000000 [ 258.809309][T12447] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002 [ 258.809322][T12447] R13: 00007f91427b6038 R14: 00007f91427b5fa0 R15: 00007ffeb5cf82c8 [ 258.809346][T12447] [ 259.222072][T12466] IPVS: Scheduler module ip_vs_sip not found [ 259.353954][T12483] IPVS: Error connecting to the multicast addr [ 259.515777][T12492] netlink: 200 bytes leftover after parsing attributes in process `syz.1.2166'. [ 259.982867][T12511] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 260.088494][T12517] (unnamed net_device) (uninitialized): up delay (1024) is not a multiple of miimon (100), value rounded to 1000 ms [ 260.100892][T12517] (unnamed net_device) (uninitialized): down delay (4) is not a multiple of miimon (100), value rounded to 0 ms [ 260.306023][T12536] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2178'. [ 260.372516][T12536] lo speed is unknown, defaulting to 1000 [ 260.593654][T12559] raw_sendmsg: syz.4.2184 forgot to set AF_INET. Fix it! [ 260.620591][T12560] netlink: 'syz.0.2185': attribute type 3 has an invalid length. [ 260.636061][T12566] tipc: Enabled bearer , priority 0 [ 260.645827][T12559] tipc: Enabling of bearer rejected, already enabled [ 260.771706][T12559] tipc: Disabling bearer [ 260.866789][T12580] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 260.931227][T12584] netlink: 'syz.3.2192': attribute type 1 has an invalid length. [ 261.089244][T12592] 8021q: adding VLAN 0 to HW filter on device bond3 [ 261.124236][T12592] bond2: (slave bond3): making interface the new active one [ 261.138042][T12592] bond2: (slave bond3): Enslaving as an active interface with an up link [ 261.161431][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.229419][T12602] FAULT_INJECTION: forcing a failure. [ 261.229419][T12602] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 261.235839][T12584] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2192'. [ 261.242899][T12602] CPU: 1 UID: 0 PID: 12602 Comm: syz.2.2197 Not tainted syzkaller #0 PREEMPT(full) [ 261.242931][T12602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 261.242948][T12602] Call Trace: [ 261.242957][T12602] [ 261.242967][T12602] dump_stack_lvl+0x189/0x250 [ 261.243003][T12602] ? __pfx____ratelimit+0x10/0x10 [ 261.243038][T12602] ? __pfx_dump_stack_lvl+0x10/0x10 [ 261.243067][T12602] ? __pfx__printk+0x10/0x10 [ 261.243097][T12602] ? __might_fault+0xb0/0x130 [ 261.243134][T12602] ? rcu_is_watching+0x15/0xb0 [ 261.243161][T12602] should_fail_ex+0x414/0x560 [ 261.243194][T12602] _copy_from_user+0x2d/0xb0 [ 261.243224][T12602] ___sys_recvmsg+0x12e/0x510 [ 261.243254][T12602] ? __pfx____sys_recvmsg+0x10/0x10 [ 261.243283][T12602] ? __fget_files+0x2a/0x420 [ 261.243316][T12602] ? rcu_is_watching+0x15/0xb0 [ 261.243338][T12602] ? lock_release+0x4b/0x3e0 [ 261.243383][T12602] ? __might_fault+0xcc/0x130 [ 261.243417][T12602] do_recvmmsg+0x307/0x770 [ 261.243448][T12602] ? __pfx_do_recvmmsg+0x10/0x10 [ 261.243491][T12602] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 261.243526][T12602] __x64_sys_recvmmsg+0x190/0x240 [ 261.243555][T12602] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 261.243581][T12602] ? rcu_is_watching+0x15/0xb0 [ 261.243607][T12602] ? rcu_is_watching+0x15/0xb0 [ 261.243631][T12602] do_syscall_64+0xfa/0x3b0 [ 261.243654][T12602] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 261.243677][T12602] ? clear_bhb_loop+0x60/0xb0 [ 261.243704][T12602] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 261.243728][T12602] RIP: 0033:0x7fba9d58ebe9 [ 261.243748][T12602] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 261.243771][T12602] RSP: 002b:00007fba9e385038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 261.243798][T12602] RAX: ffffffffffffffda RBX: 00007fba9d7b5fa0 RCX: 00007fba9d58ebe9 [ 261.243821][T12602] RDX: 03ffffffffffff81 RSI: 0000200000000780 RDI: 0000000000000003 [ 261.243838][T12602] RBP: 00007fba9e385090 R08: 0000000000000000 R09: 0000000000000000 [ 261.243854][T12602] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002 [ 261.243867][T12602] R13: 00007fba9d7b6038 R14: 00007fba9d7b5fa0 R15: 00007ffe3ee14f78 [ 261.243895][T12602] [ 261.287474][T12605] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 261.498925][T12584] 8021q: adding VLAN 0 to HW filter on device bond2 [ 261.530535][T12616] netlink: 'syz.1.2202': attribute type 11 has an invalid length. [ 261.591719][T12621] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth0_to_bridge, syncid = 0, id = 0 [ 261.695379][T12628] netlink: 92 bytes leftover after parsing attributes in process `syz.1.2208'. [ 261.711961][T12628] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2208'. [ 261.810813][T12639] FAULT_INJECTION: forcing a failure. [ 261.810813][T12639] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 261.826756][T12639] CPU: 1 UID: 0 PID: 12639 Comm: syz.4.2211 Not tainted syzkaller #0 PREEMPT(full) [ 261.826789][T12639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 261.826803][T12639] Call Trace: [ 261.826811][T12639] [ 261.826821][T12639] dump_stack_lvl+0x189/0x250 [ 261.826874][T12639] ? __pfx____ratelimit+0x10/0x10 [ 261.826905][T12639] ? __pfx_dump_stack_lvl+0x10/0x10 [ 261.826930][T12639] ? __pfx__printk+0x10/0x10 [ 261.826957][T12639] ? __might_fault+0xb0/0x130 [ 261.826990][T12639] ? rcu_is_watching+0x15/0xb0 [ 261.827013][T12639] should_fail_ex+0x414/0x560 [ 261.827053][T12639] _copy_from_user+0x2d/0xb0 [ 261.827077][T12639] ___sys_recvmsg+0x12e/0x510 [ 261.827104][T12639] ? __pfx____sys_recvmsg+0x10/0x10 [ 261.827130][T12639] ? __fget_files+0x2a/0x420 [ 261.827165][T12639] ? rcu_is_watching+0x15/0xb0 [ 261.827190][T12639] ? lock_release+0x4b/0x3e0 [ 261.827220][T12639] ? __might_fault+0xcc/0x130 [ 261.827249][T12639] do_recvmmsg+0x307/0x770 [ 261.827278][T12639] ? __pfx_do_recvmmsg+0x10/0x10 [ 261.827317][T12639] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 261.827350][T12639] __x64_sys_recvmmsg+0x190/0x240 [ 261.827376][T12639] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 261.827399][T12639] ? rcu_is_watching+0x15/0xb0 [ 261.827423][T12639] ? rcu_is_watching+0x15/0xb0 [ 261.827445][T12639] do_syscall_64+0xfa/0x3b0 [ 261.827466][T12639] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 261.827487][T12639] ? clear_bhb_loop+0x60/0xb0 [ 261.827510][T12639] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 261.827530][T12639] RIP: 0033:0x7f73cf58ebe9 [ 261.827547][T12639] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 261.827566][T12639] RSP: 002b:00007f73d04a6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 261.827589][T12639] RAX: ffffffffffffffda RBX: 00007f73cf7b5fa0 RCX: 00007f73cf58ebe9 [ 261.827604][T12639] RDX: 03ffffffffffff81 RSI: 0000200000000780 RDI: 0000000000000003 [ 261.827619][T12639] RBP: 00007f73d04a6090 R08: 0000000000000000 R09: 0000000000000000 [ 261.827632][T12639] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002 [ 261.827644][T12639] R13: 00007f73cf7b6038 R14: 00007f73cf7b5fa0 R15: 00007ffc08275468 [ 261.827669][T12639] [ 262.080768][T12644] netlink: 'syz.3.2213': attribute type 1 has an invalid length. [ 262.157573][T12651] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0) [ 262.157868][ T3494] bond0: (slave bond_slave_0): interface is now down [ 262.176949][T12651] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0) [ 262.187662][T12651] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0) [ 262.219953][ T3494] bond0: (slave bond_slave_1): interface is now down [ 262.226728][ T3494] bond0: (slave batadv0): interface is now down [ 262.233853][ T3494] bond0: now running without any active interface! [ 262.320562][T12664] netlink: 'syz.3.2219': attribute type 13 has an invalid length. [ 262.344979][T12665] lo speed is unknown, defaulting to 1000 [ 262.607554][T12681] FAULT_INJECTION: forcing a failure. [ 262.607554][T12681] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 262.628871][T12681] CPU: 1 UID: 0 PID: 12681 Comm: syz.1.2224 Not tainted syzkaller #0 PREEMPT(full) [ 262.628904][T12681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 262.628918][T12681] Call Trace: [ 262.628926][T12681] [ 262.628934][T12681] dump_stack_lvl+0x189/0x250 [ 262.628966][T12681] ? __pfx____ratelimit+0x10/0x10 [ 262.629005][T12681] ? __pfx_dump_stack_lvl+0x10/0x10 [ 262.629030][T12681] ? __pfx__printk+0x10/0x10 [ 262.629057][T12681] ? __might_fault+0xb0/0x130 [ 262.629090][T12681] ? rcu_is_watching+0x15/0xb0 [ 262.629112][T12681] should_fail_ex+0x414/0x560 [ 262.629142][T12681] _copy_from_user+0x2d/0xb0 [ 262.629167][T12681] ___sys_recvmsg+0x12e/0x510 [ 262.629194][T12681] ? __pfx____sys_recvmsg+0x10/0x10 [ 262.629220][T12681] ? __fget_files+0x2a/0x420 [ 262.629247][T12681] ? rcu_is_watching+0x15/0xb0 [ 262.629269][T12681] ? lock_release+0x4b/0x3e0 [ 262.629299][T12681] ? __might_fault+0xcc/0x130 [ 262.629328][T12681] do_recvmmsg+0x307/0x770 [ 262.629356][T12681] ? __pfx_do_recvmmsg+0x10/0x10 [ 262.629387][T12681] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 262.629418][T12681] __x64_sys_recvmmsg+0x190/0x240 [ 262.629443][T12681] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 262.629470][T12681] ? rcu_is_watching+0x15/0xb0 [ 262.629492][T12681] do_syscall_64+0xfa/0x3b0 [ 262.629512][T12681] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 262.629532][T12681] ? clear_bhb_loop+0x60/0xb0 [ 262.629556][T12681] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 262.629576][T12681] RIP: 0033:0x7f6b8d78ebe9 [ 262.629595][T12681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 262.629614][T12681] RSP: 002b:00007f6b8b9f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 262.629637][T12681] RAX: ffffffffffffffda RBX: 00007f6b8d9b5fa0 RCX: 00007f6b8d78ebe9 [ 262.629653][T12681] RDX: 03ffffffffffff81 RSI: 0000200000000780 RDI: 0000000000000003 [ 262.629668][T12681] RBP: 00007f6b8b9f6090 R08: 0000000000000000 R09: 0000000000000000 [ 262.629681][T12681] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002 [ 262.629694][T12681] R13: 00007f6b8d9b6038 R14: 00007f6b8d9b5fa0 R15: 00007ffc5cb88178 [ 262.629719][T12681] [ 262.894391][T12686] sch_tbf: burst 4398 is lower than device lo mtu (11337746) ! [ 263.455393][T12730] netlink: 'syz.2.2241': attribute type 12 has an invalid length. [ 263.507532][T12731] __nla_validate_parse: 3 callbacks suppressed [ 263.507552][T12731] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2241'. [ 263.610910][T12732] lo speed is unknown, defaulting to 1000 [ 263.833192][T12753] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2247'. [ 263.843222][T12753] netlink: 260 bytes leftover after parsing attributes in process `syz.2.2247'. [ 264.060439][T12767] tipc: Started in network mode [ 264.065470][T12767] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 264.075365][T12767] tipc: Enabling of bearer rejected, failed to enable media [ 264.441994][T12772] netlink: zone id is out of range [ 264.446701][T12777] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 264.450529][T12772] netlink: zone id is out of range [ 264.587721][T12772] netlink: set zone limit has 4 unknown bytes [ 264.594517][T12780] netlink: del zone limit has 4 unknown bytes [ 264.843943][T12800] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2262'. [ 264.857526][T12799] FAULT_INJECTION: forcing a failure. [ 264.857526][T12799] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 264.873745][T12800] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2262'. [ 264.883654][T12799] CPU: 0 UID: 0 PID: 12799 Comm: syz.4.2265 Not tainted syzkaller #0 PREEMPT(full) [ 264.883685][T12799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 264.883698][T12799] Call Trace: [ 264.883705][T12799] [ 264.883714][T12799] dump_stack_lvl+0x189/0x250 [ 264.883756][T12799] ? __pfx____ratelimit+0x10/0x10 [ 264.883788][T12799] ? __pfx_dump_stack_lvl+0x10/0x10 [ 264.883812][T12799] ? __pfx__printk+0x10/0x10 [ 264.883840][T12799] ? __might_fault+0xb0/0x130 [ 264.883873][T12799] ? rcu_is_watching+0x15/0xb0 [ 264.883895][T12799] should_fail_ex+0x414/0x560 [ 264.883925][T12799] _copy_from_user+0x2d/0xb0 [ 264.883950][T12799] ___sys_recvmsg+0x12e/0x510 [ 264.883982][T12799] ? __pfx____sys_recvmsg+0x10/0x10 [ 264.884005][T12799] ? __fget_files+0x2a/0x420 [ 264.884032][T12799] ? rcu_is_watching+0x15/0xb0 [ 264.884053][T12799] ? lock_release+0x4b/0x3e0 [ 264.884083][T12799] ? __might_fault+0xcc/0x130 [ 264.884114][T12799] do_recvmmsg+0x307/0x770 [ 264.884143][T12799] ? __pfx_do_recvmmsg+0x10/0x10 [ 264.884172][T12799] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 264.884203][T12799] __x64_sys_recvmmsg+0x190/0x240 [ 264.884230][T12799] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 264.884252][T12799] ? rcu_is_watching+0x15/0xb0 [ 264.884275][T12799] ? rcu_is_watching+0x15/0xb0 [ 264.884297][T12799] do_syscall_64+0xfa/0x3b0 [ 264.884317][T12799] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 264.884337][T12799] ? clear_bhb_loop+0x60/0xb0 [ 264.884361][T12799] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 264.884382][T12799] RIP: 0033:0x7f73cf58ebe9 [ 264.884400][T12799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 264.884419][T12799] RSP: 002b:00007f73d04a6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 264.884442][T12799] RAX: ffffffffffffffda RBX: 00007f73cf7b5fa0 RCX: 00007f73cf58ebe9 [ 264.884458][T12799] RDX: 03ffffffffffff81 RSI: 0000200000000780 RDI: 0000000000000003 [ 264.884472][T12799] RBP: 00007f73d04a6090 R08: 0000000000000000 R09: 0000000000000000 [ 264.884486][T12799] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002 [ 264.884499][T12799] R13: 00007f73cf7b6038 R14: 00007f73cf7b5fa0 R15: 00007ffc08275468 [ 264.884524][T12799] [ 265.326438][T12824] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma? [ 265.501550][T12833] netlink: 288 bytes leftover after parsing attributes in process `syz.2.2275'. [ 266.072327][T12855] IPVS: stopping backup sync thread 12856 ... [ 266.078197][T12856] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_to_bridge, syncid = 512, id = 0 [ 266.194358][T12862] lo speed is unknown, defaulting to 1000 [ 266.661924][T12890] ieee802154 phy0 wpan0: encryption failed: -22 [ 266.723554][T12894] 8021q: adding VLAN 0 to HW filter on device bond5 [ 266.750137][T12894] bond0: (slave bond5): Enslaving as an active interface with an up link [ 266.931957][T12909] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2301'. [ 267.251530][T12934] netlink: zone id is out of range [ 267.276374][T12934] netlink: zone id is out of range [ 267.316105][T12940] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.2315'. [ 267.401312][T12941] netlink: del zone limit has 4 unknown bytes [ 267.412475][T12934] netlink: set zone limit has 4 unknown bytes [ 267.471017][T12948] tipc: Enabled bearer , priority 0 [ 267.488817][T12948] syzkaller0: entered promiscuous mode [ 267.505022][T12948] syzkaller0: entered allmulticast mode [ 267.529896][T12948] tipc: Resetting bearer [ 267.572473][T12947] tipc: Resetting bearer [ 267.596177][T12947] tipc: Disabling bearer [ 267.678042][T12965] syz_tun: entered allmulticast mode [ 267.685701][T12967] FAULT_INJECTION: forcing a failure. [ 267.685701][T12967] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 267.700973][T12971] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2328'. [ 267.706946][T12965] dvmrp8: entered allmulticast mode [ 267.717890][T12967] CPU: 1 UID: 0 PID: 12967 Comm: syz.0.2329 Not tainted syzkaller #0 PREEMPT(full) [ 267.717920][T12967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 267.717934][T12967] Call Trace: [ 267.717942][T12967] [ 267.717951][T12967] dump_stack_lvl+0x189/0x250 [ 267.717981][T12967] ? __pfx____ratelimit+0x10/0x10 [ 267.718013][T12967] ? __pfx_dump_stack_lvl+0x10/0x10 [ 267.718038][T12967] ? __pfx__printk+0x10/0x10 [ 267.718066][T12967] ? __might_fault+0xb0/0x130 [ 267.718102][T12967] ? rcu_is_watching+0x15/0xb0 [ 267.718124][T12967] should_fail_ex+0x414/0x560 [ 267.718153][T12967] _copy_from_user+0x2d/0xb0 [ 267.718177][T12967] ___sys_recvmsg+0x12e/0x510 [ 267.718204][T12967] ? __pfx____sys_recvmsg+0x10/0x10 [ 267.718230][T12967] ? __fget_files+0x2a/0x420 [ 267.718257][T12967] ? rcu_is_watching+0x15/0xb0 [ 267.718277][T12967] ? lock_release+0x4b/0x3e0 [ 267.718307][T12967] ? __might_fault+0xcc/0x130 [ 267.718336][T12967] do_recvmmsg+0x307/0x770 [ 267.718363][T12967] ? __pfx_do_recvmmsg+0x10/0x10 [ 267.718392][T12967] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 267.718421][T12967] __x64_sys_recvmmsg+0x190/0x240 [ 267.718447][T12967] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 267.718469][T12967] ? rcu_is_watching+0x15/0xb0 [ 267.718490][T12967] ? rcu_is_watching+0x15/0xb0 [ 267.718523][T12967] do_syscall_64+0xfa/0x3b0 [ 267.718543][T12967] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 267.718564][T12967] ? clear_bhb_loop+0x60/0xb0 [ 267.718587][T12967] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 267.718607][T12967] RIP: 0033:0x7f914258ebe9 [ 267.718626][T12967] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 267.718645][T12967] RSP: 002b:00007f91407ee038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 267.718668][T12967] RAX: ffffffffffffffda RBX: 00007f91427b5fa0 RCX: 00007f914258ebe9 [ 267.718684][T12967] RDX: 03ffffffffffff81 RSI: 0000200000000780 RDI: 0000000000000003 [ 267.718698][T12967] RBP: 00007f91407ee090 R08: 0000000000000000 R09: 0000000000000000 [ 267.718712][T12967] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002 [ 267.718724][T12967] R13: 00007f91427b6038 R14: 00007f91427b5fa0 R15: 00007ffeb5cf82c8 [ 267.718748][T12967] [ 267.946128][T12971] netlink: 260 bytes leftover after parsing attributes in process `syz.1.2328'. [ 268.074306][T12979] lo speed is unknown, defaulting to 1000 [ 268.243018][T12996] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 268.483037][T12964] syz_tun: left allmulticast mode [ 268.495508][T12964] dvmrp8: left allmulticast mode [ 268.796529][T13043] lo speed is unknown, defaulting to 1000 [ 268.809475][T13045] __nla_validate_parse: 3 callbacks suppressed [ 268.809494][T13045] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2352'. [ 269.141208][T13064] batman_adv: batadv0: Adding interface: ip6gretap1 [ 269.147866][T13064] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 269.174402][T13066] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2358'. [ 269.187772][T13064] batman_adv: batadv0: Interface activated: ip6gretap1 [ 269.213812][T13068] vxcan1: entered allmulticast mode [ 269.231350][T13068] vxcan1: left allmulticast mode [ 269.300337][T13072] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2365'. [ 269.316412][T13072] netlink: 260 bytes leftover after parsing attributes in process `syz.1.2365'. [ 270.054214][T13112] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2379'. [ 270.054279][T13114] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2380'. [ 270.093972][T13114] netlink: 260 bytes leftover after parsing attributes in process `syz.0.2380'. [ 270.113215][T13112] nbd: socks must be embedded in a SOCK_ITEM attr [ 270.222504][T13124] tipc: Enabled bearer , priority 0 [ 270.246669][T13124] tipc: Disabling bearer [ 270.284442][T13112] lo speed is unknown, defaulting to 1000 [ 270.362786][T13136] IPVS: stopping backup sync thread 13137 ... [ 270.363492][T13137] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_to_bridge, syncid = 512, id = 0 [ 270.452297][T13145] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2389'. [ 270.476661][T13145] netlink: 260 bytes leftover after parsing attributes in process `syz.3.2389'. [ 270.600312][T13151] netlink: 256 bytes leftover after parsing attributes in process `syz.3.2392'. [ 271.027173][T13171] lo speed is unknown, defaulting to 1000 [ 271.392740][T13201] FAULT_INJECTION: forcing a failure. [ 271.392740][T13201] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 271.406007][ C0] ================================================================== [ 271.406032][ C0] BUG: KASAN: slab-use-after-free in rose_timer_expiry+0x471/0x4b0 [ 271.406075][ C0] Read of size 2 at addr ffff88805550c02a by task syz.0.2407/13201 [ 271.406096][ C0] [ 271.406110][ C0] CPU: 0 UID: 0 PID: 13201 Comm: syz.0.2407 Not tainted syzkaller #0 PREEMPT(full) [ 271.406137][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 271.406151][ C0] Call Trace: [ 271.406160][ C0] [ 271.406169][ C0] dump_stack_lvl+0x189/0x250 [ 271.406198][ C0] ? rcu_is_watching+0x15/0xb0 [ 271.406236][ C0] ? __pfx_dump_stack_lvl+0x10/0x10 [ 271.406263][ C0] ? rcu_is_watching+0x15/0xb0 [ 271.406284][ C0] ? lock_release+0x4b/0x3e0 [ 271.406321][ C0] ? __virt_addr_valid+0x1c8/0x5c0 [ 271.406350][ C0] ? __virt_addr_valid+0x4a5/0x5c0 [ 271.406380][ C0] print_report+0xca/0x240 [ 271.406401][ C0] ? rose_timer_expiry+0x471/0x4b0 [ 271.406432][ C0] kasan_report+0x118/0x150 [ 271.406464][ C0] ? rose_timer_expiry+0x471/0x4b0 [ 271.406501][ C0] rose_timer_expiry+0x471/0x4b0 [ 271.406534][ C0] call_timer_fn+0x17e/0x5f0 [ 271.406565][ C0] ? __pfx_rose_timer_expiry+0x10/0x10 [ 271.406596][ C0] ? call_timer_fn+0xbe/0x5f0 [ 271.406628][ C0] ? __pfx_call_timer_fn+0x10/0x10 [ 271.406664][ C0] ? rcu_is_watching+0x15/0xb0 [ 271.406686][ C0] ? __pfx_rose_timer_expiry+0x10/0x10 [ 271.406719][ C0] __run_timer_base+0x61a/0x860 [ 271.406748][ C0] ? ktime_get+0x3e/0x1f0 [ 271.406779][ C0] ? __pfx___run_timer_base+0x10/0x10 [ 271.406808][ C0] ? seqcount_lockdep_reader_access+0x15f/0x1c0 [ 271.406844][ C0] run_timer_softirq+0xb7/0x180 [ 271.406874][ C0] handle_softirqs+0x283/0x870 [ 271.406898][ C0] ? __irq_exit_rcu+0xca/0x1f0 [ 271.406923][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 271.406948][ C0] ? irqtime_account_irq+0xb6/0x1c0 [ 271.406978][ C0] __irq_exit_rcu+0xca/0x1f0 [ 271.407000][ C0] ? __pfx___irq_exit_rcu+0x10/0x10 [ 271.407027][ C0] irq_exit_rcu+0x9/0x30 [ 271.407046][ C0] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 271.407080][ C0] [ 271.407087][ C0] [ 271.407096][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 271.407120][ C0] RIP: 0010:console_flush_all+0x7f7/0xc40 [ 271.407150][ C0] Code: 48 21 c3 0f 85 e9 01 00 00 e8 15 49 1f 00 48 8b 5c 24 20 4d 85 f6 75 07 e8 06 49 1f 00 eb 06 e8 ff 48 1f 00 fb 48 8b 44 24 28 <42> 80 3c 20 00 74 08 48 89 df e8 ba b4 82 00 48 8b 1b 48 8b 44 24 [ 271.407171][ C0] RSP: 0018:ffffc9001b0c7580 EFLAGS: 00000293 [ 271.407191][ C0] RAX: 1ffffffff1d367ef RBX: ffffffff8e9b3f78 RCX: ffff8880268f3c00 [ 271.407234][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 271.407248][ C0] RBP: ffffc9001b0c76d0 R08: ffffffff8fa38537 R09: 1ffffffff1f470a6 [ 271.407266][ C0] R10: dffffc0000000000 R11: fffffbfff1f470a7 R12: dffffc0000000000 [ 271.407283][ C0] R13: 0000000000000001 R14: 0000000000000200 R15: ffffffff8e9b3f20 [ 271.407313][ C0] ? console_flush_all+0x13a/0xc40 [ 271.407345][ C0] ? __pfx_console_flush_all+0x10/0x10 [ 271.407371][ C0] ? lock_acquire+0x5f/0x360 [ 271.407404][ C0] ? __scm_recv_common+0x49a/0x610 [ 271.407439][ C0] ? is_printk_cpu_sync_owner+0x32/0x40 [ 271.407473][ C0] console_unlock+0xc4/0x270 [ 271.407498][ C0] ? __pfx_console_unlock+0x10/0x10 [ 271.407524][ C0] ? is_printk_cpu_sync_owner+0x32/0x40 [ 271.407556][ C0] vprintk_emit+0x5b7/0x7a0 [ 271.407581][ C0] ? __pfx_vprintk_emit+0x10/0x10 [ 271.407610][ C0] ? __pfx_netlink_recvmsg+0x10/0x10 [ 271.407637][ C0] _printk+0xcf/0x120 [ 271.407666][ C0] ? __pfx____ratelimit+0x10/0x10 [ 271.407701][ C0] ? __pfx__printk+0x10/0x10 [ 271.407730][ C0] ? __might_fault+0xb0/0x130 [ 271.407760][ C0] ? lock_acquire+0x5f/0x360 [ 271.407795][ C0] ? rcu_is_watching+0x15/0xb0 [ 271.407819][ C0] should_fail_ex+0x3f5/0x560 [ 271.407851][ C0] _copy_from_user+0x2d/0xb0 [ 271.407878][ C0] ___sys_recvmsg+0x12e/0x510 [ 271.407908][ C0] ? __pfx____sys_recvmsg+0x10/0x10 [ 271.407936][ C0] ? __fget_files+0x2a/0x420 [ 271.407965][ C0] ? rcu_is_watching+0x15/0xb0 [ 271.407987][ C0] ? lock_release+0x4b/0x3e0 [ 271.408019][ C0] ? __might_fault+0xcc/0x130 [ 271.408051][ C0] do_recvmmsg+0x307/0x770 [ 271.408085][ C0] ? __pfx_do_recvmmsg+0x10/0x10 [ 271.408116][ C0] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 271.408147][ C0] __x64_sys_recvmmsg+0x190/0x240 [ 271.408174][ C0] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 271.408199][ C0] ? rcu_is_watching+0x15/0xb0 [ 271.408231][ C0] ? rcu_is_watching+0x15/0xb0 [ 271.408256][ C0] do_syscall_64+0xfa/0x3b0 [ 271.408278][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 271.408300][ C0] ? clear_bhb_loop+0x60/0xb0 [ 271.408325][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 271.408347][ C0] RIP: 0033:0x7f914258ebe9 [ 271.408368][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 271.408387][ C0] RSP: 002b:00007f91407ee038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 271.408411][ C0] RAX: ffffffffffffffda RBX: 00007f91427b5fa0 RCX: 00007f914258ebe9 [ 271.408427][ C0] RDX: 03ffffffffffff81 RSI: 0000200000000780 RDI: 0000000000000003 [ 271.408442][ C0] RBP: 00007f91407ee090 R08: 0000000000000000 R09: 0000000000000000 [ 271.408456][ C0] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000003 [ 271.408469][ C0] R13: 00007f91427b6038 R14: 00007f91427b5fa0 R15: 00007ffeb5cf82c8 [ 271.408494][ C0] [ 271.408502][ C0] [ 271.408509][ C0] Allocated by task 12: [ 271.408520][ C0] kasan_save_track+0x3e/0x80 [ 271.408548][ C0] __kasan_kmalloc+0x93/0xb0 [ 271.408575][ C0] __kmalloc_cache_noprof+0x230/0x3d0 [ 271.408605][ C0] batadv_forw_packet_alloc+0x1e9/0x390 [ 271.408629][ C0] batadv_iv_ogm_queue_add+0x85f/0xd30 [ 271.408659][ C0] batadv_iv_ogm_schedule+0xb48/0xf00 [ 271.408689][ C0] batadv_iv_send_outstanding_bat_ogm_packet+0x6c6/0x7e0 [ 271.408723][ C0] process_scheduled_works+0xae1/0x17b0 [ 271.408742][ C0] worker_thread+0x8a0/0xda0 [ 271.408761][ C0] kthread+0x70e/0x8a0 [ 271.408785][ C0] ret_from_fork+0x3f9/0x770 [ 271.408804][ C0] ret_from_fork_asm+0x1a/0x30 [ 271.408832][ C0] [ 271.408838][ C0] Freed by task 3494: [ 271.408849][ C0] kasan_save_track+0x3e/0x80 [ 271.408874][ C0] kasan_save_free_info+0x46/0x50 [ 271.408895][ C0] __kasan_slab_free+0x5b/0x80 [ 271.408922][ C0] kfree+0x18e/0x440 [ 271.408947][ C0] process_scheduled_works+0xae1/0x17b0 [ 271.408966][ C0] worker_thread+0x8a0/0xda0 [ 271.408986][ C0] kthread+0x70e/0x8a0 [ 271.409011][ C0] ret_from_fork+0x3f9/0x770 [ 271.409030][ C0] ret_from_fork_asm+0x1a/0x30 [ 271.409059][ C0] [ 271.409064][ C0] Last potentially related work creation: [ 271.409073][ C0] kasan_save_stack+0x3e/0x60 [ 271.409098][ C0] kasan_record_aux_stack+0xbd/0xd0 [ 271.409120][ C0] insert_work+0x3d/0x330 [ 271.409150][ C0] __queue_work+0xbaf/0xfb0 [ 271.409171][ C0] call_timer_fn+0x17e/0x5f0 [ 271.409201][ C0] __run_timer_base+0x646/0x860 [ 271.409236][ C0] run_timer_softirq+0xb7/0x180 [ 271.409264][ C0] handle_softirqs+0x283/0x870 [ 271.409284][ C0] __irq_exit_rcu+0xca/0x1f0 [ 271.409303][ C0] irq_exit_rcu+0x9/0x30 [ 271.409321][ C0] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 271.409353][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 271.409375][ C0] [ 271.409381][ C0] The buggy address belongs to the object at ffff88805550c000 [ 271.409381][ C0] which belongs to the cache kmalloc-512 of size 512 [ 271.409400][ C0] The buggy address is located 42 bytes inside of [ 271.409400][ C0] freed 512-byte region [ffff88805550c000, ffff88805550c200) [ 271.409422][ C0] [ 271.409428][ C0] The buggy address belongs to the physical page: [ 271.409448][ C0] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5550c [ 271.409473][ C0] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 271.409493][ C0] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 271.409523][ C0] page_type: f5(slab) [ 271.409544][ C0] raw: 00fff00000000040 ffff88801a441c80 dead000000000100 dead000000000122 [ 271.409564][ C0] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 271.409587][ C0] head: 00fff00000000040 ffff88801a441c80 dead000000000100 dead000000000122 [ 271.409607][ C0] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 271.409628][ C0] head: 00fff00000000002 ffffea0001554301 00000000ffffffff 00000000ffffffff [ 271.409649][ C0] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 271.409662][ C0] page dumped because: kasan: bad access detected [ 271.409678][ C0] page_owner tracks the page as allocated [ 271.409688][ C0] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5859, tgid 5859 (syz-executor), ts 75115778929, free_ts 27205122034 [ 271.409728][ C0] post_alloc_hook+0x240/0x2a0 [ 271.409758][ C0] get_page_from_freelist+0x21e4/0x22c0 [ 271.409779][ C0] __alloc_frozen_pages_noprof+0x181/0x370 [ 271.409800][ C0] alloc_pages_mpol+0x232/0x4a0 [ 271.409829][ C0] allocate_slab+0x8a/0x370 [ 271.409849][ C0] ___slab_alloc+0xbeb/0x1410 [ 271.409881][ C0] __kmalloc_noprof+0x305/0x4f0 [ 271.409908][ C0] fib6_info_alloc+0x30/0xf0 [ 271.409932][ C0] ip6_route_info_create+0x142/0x860 [ 271.409960][ C0] ip6_route_add+0x49/0x1b0 [ 271.409986][ C0] addrconf_add_dev+0x24f/0x340 [ 271.410011][ C0] inet6_addr_add+0x1a1/0xc00 [ 271.410032][ C0] inet6_rtm_newaddr+0x93d/0xd20 [ 271.410062][ C0] rtnetlink_rcv_msg+0x7cc/0xb70 [ 271.410104][ C0] netlink_rcv_skb+0x208/0x470 [ 271.410135][ C0] netlink_unicast+0x82f/0x9e0 [ 271.410164][ C0] page last free pid 1 tgid 1 stack trace: [ 271.410176][ C0] __free_frozen_pages+0xbc4/0xd30 [ 271.410207][ C0] free_contig_range+0x1bd/0x4a0 [ 271.410236][ C0] destroy_args+0x64/0x4a0 [ 271.410261][ C0] debug_vm_pgtable+0x39f/0x3b0 [ 271.410280][ C0] do_one_initcall+0x233/0x820 [ 271.410307][ C0] do_initcall_level+0x104/0x190 [ 271.410335][ C0] do_initcalls+0x59/0xa0 [ 271.410360][ C0] kernel_init_freeable+0x334/0x4b0 [ 271.410388][ C0] kernel_init+0x1d/0x1d0 [ 271.410411][ C0] ret_from_fork+0x3f9/0x770 [ 271.410430][ C0] ret_from_fork_asm+0x1a/0x30 [ 271.410459][ C0] [ 271.410466][ C0] Memory state around the buggy address: [ 271.410479][ C0] ffff88805550bf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 271.410496][ C0] ffff88805550bf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 271.410512][ C0] >ffff88805550c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 271.410525][ C0] ^ [ 271.410538][ C0] ffff88805550c080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 271.410553][ C0] ffff88805550c100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 271.410566][ C0] ================================================================== [ 271.410623][ C0] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 271.410640][ C0] CPU: 0 UID: 0 PID: 13201 Comm: syz.0.2407 Not tainted syzkaller #0 PREEMPT(full) [ 271.410666][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 271.410681][ C0] Call Trace: [ 271.410691][ C0] [ 271.410700][ C0] dump_stack_lvl+0x99/0x250 [ 271.410728][ C0] ? __asan_memcpy+0x40/0x70 [ 271.410754][ C0] ? __pfx_dump_stack_lvl+0x10/0x10 [ 271.410782][ C0] ? __pfx__printk+0x10/0x10 [ 271.410820][ C0] vpanic+0x281/0x750 [ 271.410848][ C0] ? __pfx_vpanic+0x10/0x10 [ 271.410874][ C0] ? rcu_is_watching+0x15/0xb0 [ 271.410903][ C0] panic+0xb9/0xc0 [ 271.410928][ C0] ? __pfx_panic+0x10/0x10 [ 271.410954][ C0] ? _raw_spin_unlock_irqrestore+0xa8/0x110 [ 271.410987][ C0] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 271.411025][ C0] ? rose_timer_expiry+0x471/0x4b0 [ 271.411056][ C0] check_panic_on_warn+0x89/0xb0 [ 271.411087][ C0] ? rose_timer_expiry+0x471/0x4b0 [ 271.411118][ C0] end_report+0x78/0x160 [ 271.411149][ C0] kasan_report+0x129/0x150 [ 271.411182][ C0] ? rose_timer_expiry+0x471/0x4b0 [ 271.411225][ C0] rose_timer_expiry+0x471/0x4b0 [ 271.411259][ C0] call_timer_fn+0x17e/0x5f0 [ 271.411292][ C0] ? __pfx_rose_timer_expiry+0x10/0x10 [ 271.411323][ C0] ? call_timer_fn+0xbe/0x5f0 [ 271.411355][ C0] ? __pfx_call_timer_fn+0x10/0x10 [ 271.411393][ C0] ? rcu_is_watching+0x15/0xb0 [ 271.411415][ C0] ? __pfx_rose_timer_expiry+0x10/0x10 [ 271.411449][ C0] __run_timer_base+0x61a/0x860 [ 271.411478][ C0] ? ktime_get+0x3e/0x1f0 [ 271.411511][ C0] ? __pfx___run_timer_base+0x10/0x10 [ 271.411539][ C0] ? seqcount_lockdep_reader_access+0x15f/0x1c0 [ 271.411577][ C0] run_timer_softirq+0xb7/0x180 [ 271.411608][ C0] handle_softirqs+0x283/0x870 [ 271.411632][ C0] ? __irq_exit_rcu+0xca/0x1f0 [ 271.411657][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 271.411683][ C0] ? irqtime_account_irq+0xb6/0x1c0 [ 271.411714][ C0] __irq_exit_rcu+0xca/0x1f0 [ 271.411736][ C0] ? __pfx___irq_exit_rcu+0x10/0x10 [ 271.411763][ C0] irq_exit_rcu+0x9/0x30 [ 271.411784][ C0] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 271.411817][ C0] [ 271.411825][ C0] [ 271.411834][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 271.411858][ C0] RIP: 0010:console_flush_all+0x7f7/0xc40 [ 271.411887][ C0] Code: 48 21 c3 0f 85 e9 01 00 00 e8 15 49 1f 00 48 8b 5c 24 20 4d 85 f6 75 07 e8 06 49 1f 00 eb 06 e8 ff 48 1f 00 fb 48 8b 44 24 28 <42> 80 3c 20 00 74 08 48 89 df e8 ba b4 82 00 48 8b 1b 48 8b 44 24 [ 271.411908][ C0] RSP: 0018:ffffc9001b0c7580 EFLAGS: 00000293 [ 271.411929][ C0] RAX: 1ffffffff1d367ef RBX: ffffffff8e9b3f78 RCX: ffff8880268f3c00 [ 271.411948][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 271.411961][ C0] RBP: ffffc9001b0c76d0 R08: ffffffff8fa38537 R09: 1ffffffff1f470a6 [ 271.411979][ C0] R10: dffffc0000000000 R11: fffffbfff1f470a7 R12: dffffc0000000000 [ 271.411997][ C0] R13: 0000000000000001 R14: 0000000000000200 R15: ffffffff8e9b3f20 [ 271.412025][ C0] ? console_flush_all+0x13a/0xc40 [ 271.412057][ C0] ? __pfx_console_flush_all+0x10/0x10 [ 271.412083][ C0] ? lock_acquire+0x5f/0x360 [ 271.412115][ C0] ? __scm_recv_common+0x49a/0x610 [ 271.412149][ C0] ? is_printk_cpu_sync_owner+0x32/0x40 [ 271.412183][ C0] console_unlock+0xc4/0x270 [ 271.412207][ C0] ? __pfx_console_unlock+0x10/0x10 [ 271.412249][ C0] ? is_printk_cpu_sync_owner+0x32/0x40 [ 271.412282][ C0] vprintk_emit+0x5b7/0x7a0 [ 271.412308][ C0] ? __pfx_vprintk_emit+0x10/0x10 [ 271.412337][ C0] ? __pfx_netlink_recvmsg+0x10/0x10 [ 271.412363][ C0] _printk+0xcf/0x120 [ 271.412393][ C0] ? __pfx____ratelimit+0x10/0x10 [ 271.412426][ C0] ? __pfx__printk+0x10/0x10 [ 271.412455][ C0] ? __might_fault+0xb0/0x130 [ 271.412486][ C0] ? lock_acquire+0x5f/0x360 [ 271.412522][ C0] ? rcu_is_watching+0x15/0xb0 [ 271.412545][ C0] should_fail_ex+0x3f5/0x560 [ 271.412578][ C0] _copy_from_user+0x2d/0xb0 [ 271.412604][ C0] ___sys_recvmsg+0x12e/0x510 [ 271.412633][ C0] ? __pfx____sys_recvmsg+0x10/0x10 [ 271.412661][ C0] ? __fget_files+0x2a/0x420 [ 271.412691][ C0] ? rcu_is_watching+0x15/0xb0 [ 271.412714][ C0] ? lock_release+0x4b/0x3e0 [ 271.412747][ C0] ? __might_fault+0xcc/0x130 [ 271.412780][ C0] do_recvmmsg+0x307/0x770 [ 271.412809][ C0] ? __pfx_do_recvmmsg+0x10/0x10 [ 271.412841][ C0] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 271.412871][ C0] __x64_sys_recvmmsg+0x190/0x240 [ 271.412899][ C0] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 271.412924][ C0] ? rcu_is_watching+0x15/0xb0 [ 271.412950][ C0] ? rcu_is_watching+0x15/0xb0 [ 271.412974][ C0] do_syscall_64+0xfa/0x3b0 [ 271.412996][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 271.413019][ C0] ? clear_bhb_loop+0x60/0xb0 [ 271.413045][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 271.413070][ C0] RIP: 0033:0x7f914258ebe9 [ 271.413094][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 271.413115][ C0] RSP: 002b:00007f91407ee038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 271.413139][ C0] RAX: ffffffffffffffda RBX: 00007f91427b5fa0 RCX: 00007f914258ebe9 [ 271.413157][ C0] RDX: 03ffffffffffff81 RSI: 0000200000000780 RDI: 0000000000000003 [ 271.413174][ C0] RBP: 00007f91407ee090 R08: 0000000000000000 R09: 0000000000000000 [ 271.413189][ C0] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000003 [ 271.413203][ C0] R13: 00007f91427b6038 R14: 00007f91427b5fa0 R15: 00007ffeb5cf82c8 [ 271.413237][ C0] [ 271.413558][ C0] Kernel Offset: disabled