last executing test programs: 3.136803963s ago: executing program 3 (id=5477): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x1, 0x0, 0x2}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x48, 0x3, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0xffff}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x2}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_TYPE={0x8, 0x7, 'nat\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x90}, 0x1, 0x0, 0x0, 0x2000c091}, 0x800) 2.93988423s ago: executing program 3 (id=5481): r0 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'veth0_macvtap\x00', 0x0}) socket(0x10, 0x3, 0x0) r2 = socket(0x400000000010, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=@newqdisc={0x70, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xfffbffff, {0x0, 0x0, 0x0, r1, {0x0, 0x8}, {0xffff, 0xffff}, {0xc, 0xfff3}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x1c, 0x2, [@TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x8001}]}]}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8}]}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x1, 0x6, 0x5, 0x4, 0x0, 0x8, 0xa5b4}}, {0x4}}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x40001}, 0x10) 2.774263566s ago: executing program 3 (id=5483): sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x40018) r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000080)={0x0, {{0xa, 0x4e21, 0x6, @mcast2}}, {{0xa, 0x4e24, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xfffffffc}}}, 0x108) syz_emit_ethernet(0x46, &(0x7f0000000540)={@multicast, @remote, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x10, 0x11, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], {0x0, 0xe22, 0x10, 0x0, @gue={{0x2}}}}}}}}, 0x0) 2.628582317s ago: executing program 3 (id=5485): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=@newqdisc={0x54, 0x24, 0xd0f, 0x70bd27, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0x4}, {0xffff, 0xffff}, {0x0, 0xb}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x24, 0x2, {{0x0, 0x0, 0x0, 0x386561e9}, [@TCA_NETEM_DELAY_DIST={0x6, 0xd, "85de"}]}}}]}, 0x54}, 0x1, 0x0, 0x0, 0x40000}, 0x8080) 2.310843517s ago: executing program 3 (id=5486): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000001c0)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000280)={0x2, 0x3, 0x0, 0x3, 0xc, 0x0, 0x700, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x4e24, 0x6, @loopback, 0x4}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0xb4, 0x5, 0xfe}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x100, @dev}}]}, 0x60}, 0x1, 0x7}, 0x10) 2.167827343s ago: executing program 3 (id=5487): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000700)=@updpolicy={0x1bc, 0x19, 0x1, 0x70bd25, 0x1, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x1000, 0x0, 0x5, 0x0, 0x5, 0x0, 0x5}, {0x0, 0x0, 0x800}, 0x200, 0x0, 0x1, 0x0, 0x1}, [@tmpl={0x104, 0x5, [{{@in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x0, 0x33}, 0x0, @in=@rand_addr=0x64010100, 0x34ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2040}, {{@in=@loopback, 0x2000, 0x2b}, 0x2, @in6=@dev}, {{@in=@loopback, 0x0, 0x6c}, 0x0, @in=@broadcast}, {{@in6=@rand_addr=' \x01\x00', 0x4d2, 0x6c}, 0x0, @in6=@loopback, 0x34ff, 0x1, 0x0, 0x0, 0xc, 0x0, 0x708f}]}]}, 0x1bc}, 0x1, 0x0, 0x0, 0x1}, 0x4000) 1.17982483s ago: executing program 4 (id=5499): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r0) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)={0x20, r1, 0x9c3fa077fa966179, 0x0, 0x25dfdbfe, {{0x7e}, {@void, @val={0xc, 0x99, {0x7, 0x17}}}}}, 0x20}, 0x1, 0x0, 0x0, 0x8004800}, 0x8) 894.531495ms ago: executing program 2 (id=5503): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x70, 0x2, 0x6, 0x1, 0x6000000, 0x0, {0x7}, [@IPSET_ATTR_TYPENAME={0xe, 0x3, 'bitmap:ip\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x2}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x28, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP_TO={0x18, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0xfffffffffffffe07, 0x2, 0x1, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xa010102}}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x70}}, 0x0) 894.422443ms ago: executing program 1 (id=5504): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@RTM_NEWMDB={0x38, 0x54, 0x1, 0x70bd2b, 0x2, {0x7, r1}, [@MDBA_SET_ENTRY={0x20, 0x1, {r1, 0x1, 0x2, 0x0, {@ip4=@loopback}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x22004804}, 0x80c0) syz_emit_ethernet(0xde, &(0x7f00000003c0)={@random="e33110495bfd", @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cb653e", 0xa8, 0x3a, 0xff, @dev, @local, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @rand_addr=' \x01\x00', @private1, [{0x4, 0x10, "9595f429ae08a565c9a41d413270a44d2e6f790a3872d50bb14d25344dc5b3a281f175f5ee04aab21301b94d966c72c15a143c69205625466855101cf44d89d9f6ee47d77c0d4e53e34b67c542fc6f6f6c60139c43b78286f5bb8f4f11d164af24e2633a45bf4ed944b0ef6a7b7167f73cf54e78686ac09402659c29eb0c"}]}}}}}}, 0x0) 853.575958ms ago: executing program 4 (id=5505): syz_emit_ethernet(0x16, &(0x7f00000002c0)={@remote, @random="866f195cb110", @val={@val={0x88a8, 0x3, 0x0, 0x3}, {0x8100, 0x3, 0x1, 0x3}}, {@generic={0x8906}}}, 0x0) 763.353263ms ago: executing program 2 (id=5507): syz_emit_ethernet(0xfdef, &(0x7f0000000100)=ANY=[], 0x0) 733.033181ms ago: executing program 0 (id=5508): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000080)={@dev={0xfe, 0x80, '\x00', 0x1d}, 0x200000, 0x0, 0xff, 0x1, 0x80}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000040)={@private2={0xfc, 0x2, '\x00', 0x1}, 0x200000, 0x2, 0x0, 0x0, 0x46, 0x1}, 0x20) 707.136798ms ago: executing program 4 (id=5509): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), r0) sendmsg$ETHTOOL_MSG_CHANNELS_SET(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000680)={0x34, r1, 0x1, 0x170bd2c, 0x25dfdbfe, {}, [@ETHTOOL_A_CHANNELS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bond\x00'}]}, @ETHTOOL_A_CHANNELS_TX_COUNT={0x8, 0x7, 0xf}]}, 0x34}, 0x1, 0x0, 0x0, 0x86}, 0x40040) 643.30915ms ago: executing program 1 (id=5510): r0 = socket(0x10, 0x803, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_channels={0x3d, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, 0x9}}) 633.842005ms ago: executing program 2 (id=5511): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000090900010073797a31000000002c000000030a01020000000000000000010000000900030001000080000000000900010073797a31000000002c000000090a01020000000000000000010000000c00024000000000000000010900010073797a310000000028000000000a05000000000000000000010000080900010073797a3100000000080002"], 0xc8}}, 0x0) 595.201076ms ago: executing program 0 (id=5512): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000ec0)={'batadv0\x00', 0x0}) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000008c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="030300400000fedbdf250c00000008000300", @ANYRES32=r1], 0x1c}, 0x1, 0x0, 0x0, 0x8050}, 0x4000) syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r0) 482.73646ms ago: executing program 4 (id=5513): r0 = socket$inet_icmp(0x2, 0x2, 0x1) ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000f00)={'bridge_slave_1\x00', {0x2, 0x4e24, @multicast1}}) 482.607972ms ago: executing program 1 (id=5514): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="380000001800010000000000000000000a000000000000000000000008000400", @ANYRES32, @ANYBLOB="06001500060000000c0016"], 0x38}, 0x1, 0x0, 0x0, 0x11}, 0x10) 452.017335ms ago: executing program 0 (id=5515): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4400000010000304000000000100000000007400", @ANYRES32=r1, @ANYBLOB="0000000000000000240012800b00010062726964676500001400028006002700000f"], 0x44}, 0x1, 0x0, 0x0, 0x40800}, 0x0) 444.640164ms ago: executing program 2 (id=5516): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48) bpf$BPF_PROG_DETACH(0x8, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r1}, &(0x7f00000006c0), &(0x7f0000000700)=r0}, 0x20) poll(&(0x7f0000000000), 0x20000000000000b5, 0x9) 357.452742ms ago: executing program 4 (id=5517): r0 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r0, &(0x7f0000000140)={0x28, 0x0, 0x2710, @local}, 0x10) listen(r0, 0x2) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10) r2 = accept4(r0, 0x0, 0x0, 0x0) sendto(r2, 0x0, 0x0, 0x11, 0x0, 0x0) 294.910735ms ago: executing program 1 (id=5518): r0 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) connect$can_bcm(r0, &(0x7f00000000c0)={0x1d, r1}, 0x10) sendmsg$can_bcm(r0, &(0x7f0000000440)={0x0, 0x34, &(0x7f0000000240)={&(0x7f0000000040)={0x1, 0x840, 0x800, {0x0, 0x2710}, {0x77359400}, {}, 0x1, @can={{0x3, 0x1, 0x1, 0x1}, 0x3, 0x2, 0x0, 0x0, "5e3dba8ae862e81c"}}, 0x80}, 0x1, 0x0, 0x0, 0x8004}, 0x0) 294.773611ms ago: executing program 2 (id=5519): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000002fc0)=ANY=[@ANYBLOB="7a0af8ff75257078bfa100000000000007010000f8ffffffb702000005000000bf130000000000008500000006000000b700000000000000950000ff00000000b2595285faa6ead0169191d54f8196217fc560e2fc91f6da4dad4fdc2eb1b5986fc4a3f611a7c8edd3aa5d6ee7ab10b1a297cf52866651ddd73f30f2382f6cda4bfdd45be583823c0f09621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000000db453620ce72d75946c2b638d91dbef661962239c77edf2d34b12cd48a1b20fb7dd8432619f2c50d77bc0ea9b0af58e6fff4942eb613eff289026d5045ef76d7d864409eb2dc9518a09f4886afc26abba34635d0e8b598a51bc742135a6e1d33fe226c944bc76be40d435aa8b5208ff0df2db761014b1b999a12df6bee431a668135b8214afa5827b56a8074bf1e6cf5d84b35a3a3a4c66824fe12dbe20fcf50a194185b9e2d8b815fedb0d982936156be3cdda66fb977aef7c9cb92428ef25d9bf665bd60024c09e9eed544126fabe4cb8d826e1ec03cc492f5cad6227c94fea467aea7fa8b58abc37056433edf43fba5566a3e022034ac81fd48f9b7314ffa730017fbd37fdb23bc26992529402a520ef67e246415a6a8ca9d4aa797a95ca3314ded0d8a24abd57e042888a9141ab4e6c6b939aaefc248791464970c43120211b9bc82a85cd2fc18f535c7986c2d52ba62f74f00000000008000000000000000000000000040000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) close(0x3) socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000040)=r1, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002500)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112b0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01ac69398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc786b409ac930c90ff90f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d85893f229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ef6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b6214912a517810200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09e3187a10d905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5de0900000000000000cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367638cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e1217c1342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c67df4c6505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734837ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a6d072034cecc457776c5fa1f33b0203c07052c6bc314b0ac5c63bc2083c9cda0b7480e0b17854ffcc76176ce266bc698f7921b8afe798a7a5ed33ab0374455ee368fda99a0e681bf9426831b193395cb01a7332a50aac841cb7d48a1768a7640a9820631ba775a2d4f12e8e717eaaa2a6d14fee0c15f36c203dbc7c06128bec84231d43e152ef19ce027436fb4ebb9fce431b913f4817597a6f53d1626f9d1cb7b36fb18ac19547a9b20ede70c81a75686cea85dcd34408128da7cab045541bc6b9a0a79f63f2e7646356e04b977c9f47467537015240b974184be9c54b7c628ae4d97ebdb06070344468994afbaac71e5ffac2c61d9af66f9de2760a38e968a781528531c1c936a02065be48f1eee77be878873206d65bd0b1241fab9139abd7f40febe81fed3684e6b59273da01f1743c6a5df300ec59c65e8174fc2d95a62ca7b937289ad14107333007eab833a5849eb19f18ae41743dfb949377e"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0x146, 0x60000000, &(0x7f0000000100)="b9ff03076844268cb89e14f008004be0ffff00124000632f77fbacf01416ac141416830c05114d2f87e5940c05ab440c13f2325f1a39010702038da18da125181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c) 266.785404ms ago: executing program 0 (id=5520): syz_emit_ethernet(0xfdef, &(0x7f0000000100)=ANY=[], 0x0) 236.061771ms ago: executing program 1 (id=5521): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a40)={{0x14, 0x10, 0x4}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x54, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x1c}, @NFTA_SET_ID={0x8}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x40}, @NFTA_SET_OBJ_TYPE={0x8, 0xf, 0x1, 0x0, 0x6}, @NFTA_SET_POLICY={0x8, 0x8, 0x1, 0x0, 0x1}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x9c}}, 0x4000000) 182.687685ms ago: executing program 4 (id=5522): socket$igmp(0x2, 0x3, 0x2) r0 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r0, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000200)="580000001400192340834b80040d8c56", 0x10}], 0x1) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, 0x0) r3 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) listen(r0, 0x0) socket$vsock_stream(0x28, 0x1, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x1, 0x803, 0x0) getsockname$packet(r5, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000030400000006000000005dcc0300", @ANYRES32=r6, @ANYBLOB="71e79fd800000000140012800c0001006d616376746170001400028008000500", @ANYRES32=r7], 0x3c}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=@newtfilter={0x34, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, r6, {}, {0xf, 0x1}, {0xa, 0x1}}, [@filter_kind_options=@f_route={{0xa}, {0x4}}]}, 0x34}, 0x1, 0xf0ffffffffffff, 0x0, 0x60001d0}, 0x2000c8c4) 155.958885ms ago: executing program 0 (id=5523): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a44000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40000000010800034000000014480000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000001c0003801800008008000340000000020c0004400000000000000c7f14000000110001"], 0xb4}}, 0x40) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETSETELEM(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001040)=ANY=[@ANYBLOB="4c0000000d0a010800000000000000000a0000010900020073797a31000000000900010073797a3100000000200003"], 0x4c}, 0x1, 0x0, 0x0, 0x4000805}, 0x8000) 57.336757ms ago: executing program 1 (id=5524): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, 0x0, 0x0}, 0x94) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000640)={r1}, 0x4) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r3, 0xffffffffffffffff, 0x2000000}, 0xc) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 735.212µs ago: executing program 0 (id=5525): r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) connect$llc(r0, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @multicast}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) pselect6(0x40, &(0x7f0000000100)={0x6, 0x0, 0x5, 0xfffffffffffffffe, 0x800, 0x400000000, 0x8000000100000, 0x10000000000}, 0x0, &(0x7f0000000000)={0x1f, 0x0, 0x9, 0x1, 0xf, 0x0, 0x6a9, 0x43}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0) 0s ago: executing program 2 (id=5526): r0 = syz_genetlink_get_family_id$nl802154(&(0x7f00000003c0), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f00000001c0)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_NEW_SEC_KEY(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080)={0x50, r0, 0x5eae78d9c54e9d3f, 0x0, 0x25dfdbfe, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_SEC_KEY={0x34, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_BYTES={0x14, 0x4, "f9b4e353eeb51df81555dd419f665910"}, @NL802154_KEY_ATTR_ID={0x14, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x825e08a}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x2}]}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x7}]}]}, 0x50}}, 0x0) kernel console output (not intermixed with test programs): tlink_sendmsg+0x10/0x10 [ 580.239894][T23645] ? aa_sock_msg_perm+0xf1/0x1b0 [ 580.239918][T23645] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 580.239944][T23645] ____sys_sendmsg+0x972/0x9f0 [ 580.239978][T23645] ? __pfx_____sys_sendmsg+0x10/0x10 [ 580.240008][T23645] ? import_iovec+0x73/0xa0 [ 580.240036][T23645] ___sys_sendmsg+0x2a5/0x360 [ 580.240056][T23645] ? __lock_acquire+0x6b5/0x2cf0 [ 580.240079][T23645] ? __pfx____sys_sendmsg+0x10/0x10 [ 580.240132][T23645] ? __fget_files+0x2a/0x420 [ 580.240153][T23645] ? __fget_files+0x3a0/0x420 [ 580.240181][T23645] __x64_sys_sendmsg+0x1bd/0x2a0 [ 580.240206][T23645] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 580.240237][T23645] ? __pfx_ksys_write+0x10/0x10 [ 580.240269][T23645] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 580.240289][T23645] do_syscall_64+0x15f/0xf80 [ 580.240309][T23645] ? trace_irq_disable+0x3b/0x140 [ 580.240334][T23645] ? clear_bhb_loop+0x40/0x90 [ 580.240357][T23645] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 580.240375][T23645] RIP: 0033:0x7f609339cdd9 [ 580.240393][T23645] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 580.240407][T23645] RSP: 002b:00007f60915f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 580.240426][T23645] RAX: ffffffffffffffda RBX: 00007f6093616090 RCX: 00007f609339cdd9 [ 580.240440][T23645] RDX: 0000000000040000 RSI: 0000200000000280 RDI: 0000000000000006 [ 580.240452][T23645] RBP: 00007f60915f6090 R08: 0000000000000000 R09: 0000000000000000 [ 580.240464][T23645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 580.240475][T23645] R13: 00007f6093616128 R14: 00007f6093616090 R15: 00007ffe92813ff8 [ 580.240505][T23645] [ 580.291006][T23644] syzkaller0: entered promiscuous mode [ 580.518026][T23644] syzkaller0: entered allmulticast mode [ 580.531544][T23651] FAULT_INJECTION: forcing a failure. [ 580.531544][T23651] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 580.564243][T23651] CPU: 1 UID: 0 PID: 23651 Comm: syz.4.4803 Not tainted syzkaller #0 PREEMPT(full) [ 580.564269][T23651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 580.564281][T23651] Call Trace: [ 580.564288][T23651] [ 580.564296][T23651] dump_stack_lvl+0xe8/0x150 [ 580.564322][T23651] should_fail_ex+0x412/0x560 [ 580.564350][T23651] _copy_to_iter+0x1e4/0x17d0 [ 580.564372][T23651] ? lockdep_hardirqs_on+0x7a/0x110 [ 580.564396][T23651] ? __skb_try_recv_datagram+0x3d4/0x4d0 [ 580.564424][T23651] ? __pfx_sk_busy_loop_end+0x10/0x10 [ 580.564443][T23651] ? __pfx__copy_to_iter+0x10/0x10 [ 580.564468][T23651] ? skb_recv_datagram+0x145/0x190 [ 580.564497][T23651] raw_recvmsg+0x1e1/0x5c0 [ 580.564519][T23651] ? __pfx_raw_recvmsg+0x10/0x10 [ 580.564537][T23651] ? aa_sock_msg_perm+0xf1/0x1b0 [ 580.564561][T23651] ? bpf_lsm_socket_recvmsg+0x9/0x20 [ 580.564583][T23651] ? security_socket_recvmsg+0x7e/0x2c0 [ 580.564610][T23651] ? __pfx_raw_recvmsg+0x10/0x10 [ 580.564628][T23651] sock_recvmsg+0x172/0x1b0 [ 580.564658][T23651] sock_read_iter+0x251/0x320 [ 580.564683][T23651] ? __pfx_sock_read_iter+0x10/0x10 [ 580.564725][T23651] ? bpf_lsm_file_permission+0x9/0x20 [ 580.564750][T23651] ? security_file_permission+0x75/0x260 [ 580.564776][T23651] vfs_read+0x582/0xa70 [ 580.564809][T23651] ? __pfx_vfs_read+0x10/0x10 [ 580.564842][T23651] ? __fget_files+0x2a/0x420 [ 580.564870][T23651] ksys_read+0x150/0x270 [ 580.564895][T23651] ? __pfx_ksys_read+0x10/0x10 [ 580.564927][T23651] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 580.564944][T23651] do_syscall_64+0x15f/0xf80 [ 580.564962][T23651] ? trace_irq_disable+0x3b/0x140 [ 580.564986][T23651] ? clear_bhb_loop+0x40/0x90 [ 580.565006][T23651] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 580.565024][T23651] RIP: 0033:0x7f609339cdd9 [ 580.565041][T23651] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 580.565055][T23651] RSP: 002b:00007f609418d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 580.565074][T23651] RAX: ffffffffffffffda RBX: 00007f6093615fa0 RCX: 00007f609339cdd9 [ 580.565087][T23651] RDX: 00000000000000e8 RSI: 0000200000002340 RDI: 0000000000000003 [ 580.565098][T23651] RBP: 00007f609418d090 R08: 0000000000000000 R09: 0000000000000000 [ 580.565109][T23651] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 580.565120][T23651] R13: 00007f6093616038 R14: 00007f6093615fa0 R15: 00007ffe92813ff8 [ 580.565149][T23651] [ 584.007837][T23682] workqueue: Failed to create a rescuer kthread for wq "bond25": -EINTR [ 584.177659][T23708] __nla_validate_parse: 3 callbacks suppressed [ 584.177681][T23708] netlink: 36 bytes leftover after parsing attributes in process `syz.3.4815'. [ 584.522308][T23723] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 584.624608][T23732] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4825'. [ 584.755224][T23737] syzkaller0: entered promiscuous mode [ 584.760949][T23737] syzkaller0: entered allmulticast mode [ 584.804971][T23747] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4829'. [ 584.887729][T23750] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4828'. [ 587.336409][T23756] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4830'. [ 587.512850][T23762] netlink: 'syz.2.4833': attribute type 39 has an invalid length. [ 587.535180][T23763] netlink: 48 bytes leftover after parsing attributes in process `syz.0.4832'. [ 587.572891][T23763] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4832'. [ 587.587027][T23770] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4833'. [ 587.678933][T23774] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4836'. [ 587.936457][T23789] netlink: 260 bytes leftover after parsing attributes in process `syz.4.4840'. [ 588.251074][T23816] FAULT_INJECTION: forcing a failure. [ 588.251074][T23816] name failslab, interval 1, probability 0, space 0, times 0 [ 588.280653][T23816] CPU: 1 UID: 0 PID: 23816 Comm: syz.1.4850 Not tainted syzkaller #0 PREEMPT(full) [ 588.280678][T23816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 588.280689][T23816] Call Trace: [ 588.280696][T23816] [ 588.280706][T23816] dump_stack_lvl+0xe8/0x150 [ 588.280732][T23816] should_fail_ex+0x412/0x560 [ 588.280762][T23816] should_failslab+0xa8/0x100 [ 588.280790][T23816] kmem_cache_alloc_node_noprof+0x8f/0x690 [ 588.280818][T23816] ? __alloc_skb+0x1d0/0x7d0 [ 588.280837][T23816] ? __local_bh_enable_ip+0xd0/0x130 [ 588.280867][T23816] __alloc_skb+0x1d0/0x7d0 [ 588.280892][T23816] __pskb_copy_fclone+0xa9/0x1120 [ 588.280918][T23816] ? __tipc_sendmsg+0x33b/0x2bc0 [ 588.280935][T23816] ? tipc_sendmsg+0x55/0x70 [ 588.280953][T23816] ? ____sys_sendmsg+0x972/0x9f0 [ 588.280982][T23816] ? __sys_sendmmsg+0x27c/0x4e0 [ 588.281003][T23816] ? __x64_sys_sendmmsg+0xa0/0xc0 [ 588.281024][T23816] ? do_syscall_64+0x15f/0xf80 [ 588.281043][T23816] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 588.281067][T23816] tipc_msg_reassemble+0x10b/0x3b0 [ 588.281096][T23816] tipc_mcast_xmit+0x254/0x19e0 [ 588.281124][T23816] ? __might_fault+0xaf/0x130 [ 588.281146][T23816] ? __pfx_tipc_mcast_xmit+0x10/0x10 [ 588.281166][T23816] ? _copy_from_iter+0x2d3/0x1670 [ 588.281191][T23816] ? rcu_is_watching+0x15/0xb0 [ 588.281219][T23816] ? __pfx__copy_from_iter+0x10/0x10 [ 588.281248][T23816] ? tipc_msg_build+0x40d/0xf00 [ 588.281274][T23816] ? tipc_msg_build+0x482/0xf00 [ 588.281303][T23816] ? net_generic+0x1e/0x240 [ 588.281330][T23816] ? net_generic+0x1e/0x240 [ 588.281346][T23816] ? net_generic+0x1e/0x240 [ 588.281366][T23816] ? tipc_group_bc_cong+0x15f/0x210 [ 588.281391][T23816] tipc_send_group_bcast+0x80d/0xad0 [ 588.281427][T23816] ? __pfx_tipc_send_group_bcast+0x10/0x10 [ 588.281459][T23816] ? __pfx_woken_wake_function+0x10/0x10 [ 588.281486][T23816] ? __lock_acquire+0x6b5/0x2cf0 [ 588.281514][T23816] __tipc_sendmsg+0x33b/0x2bc0 [ 588.281549][T23816] ? __pfx___tipc_sendmsg+0x10/0x10 [ 588.281570][T23816] ? aa_label_sk_perm+0x532/0x6e0 [ 588.281597][T23816] ? count_memcg_event_mm+0x21/0x260 [ 588.281620][T23816] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 588.281649][T23816] ? handle_mm_fault+0x275c/0x3170 [ 588.281676][T23816] ? __lock_acquire+0x6b5/0x2cf0 [ 588.281701][T23816] ? handle_mm_fault+0xee/0x3170 [ 588.281748][T23816] ? tipc_sendmsg+0x47/0x70 [ 588.281770][T23816] ? __local_bh_enable_ip+0xd0/0x130 [ 588.281793][T23816] tipc_sendmsg+0x55/0x70 [ 588.281814][T23816] ____sys_sendmsg+0x972/0x9f0 [ 588.281835][T23816] ? irqentry_exit+0x218/0x730 [ 588.281853][T23816] ? trace_irq_disable+0x3b/0x140 [ 588.281886][T23816] ? __pfx_____sys_sendmsg+0x10/0x10 [ 588.281925][T23816] ? import_iovec+0x73/0xa0 [ 588.281951][T23816] ___sys_sendmsg+0x2a5/0x360 [ 588.281971][T23816] ? __lock_acquire+0x6b5/0x2cf0 [ 588.282006][T23816] ? __pfx____sys_sendmsg+0x10/0x10 [ 588.282035][T23816] ? kstrtouint+0x6e/0xe0 [ 588.282081][T23816] ? __fget_files+0x2a/0x420 [ 588.282103][T23816] ? __fget_files+0x3a0/0x420 [ 588.282135][T23816] __sys_sendmmsg+0x27c/0x4e0 [ 588.282161][T23816] ? __pfx___sys_sendmmsg+0x10/0x10 [ 588.282181][T23816] ? __mutex_unlock_slowpath+0x1be/0x6f0 [ 588.282226][T23816] ? ksys_write+0x242/0x270 [ 588.282254][T23816] ? __pfx_ksys_write+0x10/0x10 [ 588.282283][T23816] __x64_sys_sendmmsg+0xa0/0xc0 [ 588.282306][T23816] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 588.282326][T23816] do_syscall_64+0x15f/0xf80 [ 588.282345][T23816] ? trace_irq_disable+0x3b/0x140 [ 588.282368][T23816] ? clear_bhb_loop+0x40/0x90 [ 588.282390][T23816] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 588.282407][T23816] RIP: 0033:0x7f7e0039cdd9 [ 588.282424][T23816] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 588.282441][T23816] RSP: 002b:00007f7e012bf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 588.282460][T23816] RAX: ffffffffffffffda RBX: 00007f7e00616090 RCX: 00007f7e0039cdd9 [ 588.282473][T23816] RDX: 0000000000000063 RSI: 00002000000030c0 RDI: 0000000000000003 [ 588.282483][T23816] RBP: 00007f7e012bf090 R08: 0000000000000000 R09: 0000000000000000 [ 588.282494][T23816] R10: 9200000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 588.282505][T23816] R13: 00007f7e00616128 R14: 00007f7e00616090 R15: 00007fffa849dab8 [ 588.282536][T23816] [ 588.726455][T23820] workqueue: name exceeds WQ_NAME_LEN. Truncating to: . ΁ *] [ 588.918358][ T1035] batadv2: left promiscuous mode [ 589.059380][T23833] FAULT_INJECTION: forcing a failure. [ 589.059380][T23833] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 589.105956][T23833] CPU: 0 UID: 0 PID: 23833 Comm: syz.0.4856 Not tainted syzkaller #0 PREEMPT(full) [ 589.105981][T23833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 589.105993][T23833] Call Trace: [ 589.106001][T23833] [ 589.106010][T23833] dump_stack_lvl+0xe8/0x150 [ 589.106037][T23833] should_fail_ex+0x412/0x560 [ 589.106066][T23833] _copy_to_user+0x31/0xb0 [ 589.106094][T23833] simple_read_from_buffer+0xe1/0x170 [ 589.106122][T23833] proc_fail_nth_read+0x1bb/0x230 [ 589.106149][T23833] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 589.106176][T23833] ? rw_verify_area+0x2a6/0x4d0 [ 589.106200][T23833] ? __fget_files+0x2a/0x420 [ 589.106225][T23833] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 589.106250][T23833] vfs_read+0x20c/0xa70 [ 589.106280][T23833] ? __pfx___mutex_lock+0x10/0x10 [ 589.106304][T23833] ? __pfx_vfs_read+0x10/0x10 [ 589.106330][T23833] ? __fget_files+0x2a/0x420 [ 589.106356][T23833] ? __fget_files+0x3a0/0x420 [ 589.106377][T23833] ? __fget_files+0x2a/0x420 [ 589.106407][T23833] ksys_read+0x150/0x270 [ 589.106434][T23833] ? __pfx_ksys_read+0x10/0x10 [ 589.106468][T23833] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 589.106488][T23833] do_syscall_64+0x15f/0xf80 [ 589.106508][T23833] ? trace_irq_disable+0x3b/0x140 [ 589.106534][T23833] ? clear_bhb_loop+0x40/0x90 [ 589.106557][T23833] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 589.106575][T23833] RIP: 0033:0x7f9ff095d60e [ 589.106593][T23833] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 589.106609][T23833] RSP: 002b:00007f9ff18c9fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 589.106630][T23833] RAX: ffffffffffffffda RBX: 00007f9ff18ca6c0 RCX: 00007f9ff095d60e [ 589.106641][T23833] RDX: 000000000000000f RSI: 00007f9ff18ca0a0 RDI: 0000000000000005 [ 589.106651][T23833] RBP: 00007f9ff18ca090 R08: 0000000000000000 R09: 0000000000000000 [ 589.106661][T23833] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 589.106671][T23833] R13: 00007f9ff0c16038 R14: 00007f9ff0c15fa0 R15: 00007fffd6c38a88 [ 589.106702][T23833] [ 589.328211][T23838] __nla_validate_parse: 3 callbacks suppressed [ 589.328231][T23838] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4857'. [ 589.343508][T23838] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4857'. [ 589.762605][T23857] netlink: 104 bytes leftover after parsing attributes in process `syz.1.4865'. [ 589.809270][T23857] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 589.810180][T23860] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4866'. [ 589.845345][T23860] unsupported nlmsg_type 40 [ 589.854614][T23860] netlink: 60 bytes leftover after parsing attributes in process `syz.3.4866'. [ 589.882899][T23844] netlink: 'syz.0.4859': attribute type 1 has an invalid length. [ 590.279051][T23877] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 590.345671][T23878] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 590.455395][T23877] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 590.475001][T23880] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 590.478599][T23877] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 590.568807][T23880] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 590.657087][T23880] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 590.690389][T23880] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 591.673511][T23930] syzkaller0: entered promiscuous mode [ 591.679401][T23930] syzkaller0: entered allmulticast mode [ 591.835152][T23939] netlink: 200 bytes leftover after parsing attributes in process `syz.1.4892'. [ 591.867154][T23939] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4892'. [ 592.077861][T23945] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4893'. [ 594.747436][T23956] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4897'. [ 594.857802][T23964] FAULT_INJECTION: forcing a failure. [ 594.857802][T23964] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 594.872129][T23949] workqueue: Failed to create a rescuer kthread for wq "bond27": -EINTR [ 594.877510][T23964] CPU: 0 UID: 0 PID: 23964 Comm: syz.0.4898 Not tainted syzkaller #0 PREEMPT(full) [ 594.877536][T23964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 594.877548][T23964] Call Trace: [ 594.877556][T23964] [ 594.877564][T23964] dump_stack_lvl+0xe8/0x150 [ 594.877590][T23964] should_fail_ex+0x412/0x560 [ 594.877607][T23964] _copy_from_user+0x2d/0xb0 [ 594.877622][T23964] kstrtouint_from_user+0xd6/0x180 [ 594.877644][T23964] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 594.877678][T23964] proc_fail_nth_write+0x8e/0x210 [ 594.877699][T23964] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 594.877727][T23964] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 594.877749][T23964] vfs_write+0x29a/0xb90 [ 594.877790][T23964] ? __pfx_vfs_write+0x10/0x10 [ 594.877815][T23964] ? __fget_files+0x2a/0x420 [ 594.877838][T23964] ? __fget_files+0x3a0/0x420 [ 594.877857][T23964] ? __fget_files+0x2a/0x420 [ 594.877886][T23964] ksys_write+0x150/0x270 [ 594.877914][T23964] ? __pfx_ksys_write+0x10/0x10 [ 594.877948][T23964] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 594.877969][T23964] do_syscall_64+0x15f/0xf80 [ 594.877990][T23964] ? trace_irq_disable+0x3b/0x140 [ 594.878016][T23964] ? clear_bhb_loop+0x40/0x90 [ 594.878038][T23964] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 594.878054][T23964] RIP: 0033:0x7f9ff095d60e [ 594.878071][T23964] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 594.878086][T23964] RSP: 002b:00007f9ff18c9fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 594.878104][T23964] RAX: ffffffffffffffda RBX: 00007f9ff18ca6c0 RCX: 00007f9ff095d60e [ 594.878116][T23964] RDX: 0000000000000001 RSI: 00007f9ff18ca0a0 RDI: 0000000000000004 [ 594.878126][T23964] RBP: 00007f9ff18ca090 R08: 0000000000000000 R09: 0000000000000000 [ 594.878136][T23964] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 594.878146][T23964] R13: 00007f9ff0c16038 R14: 00007f9ff0c15fa0 R15: 00007fffd6c38a88 [ 594.878174][T23964] [ 595.234455][T23975] netlink: 44 bytes leftover after parsing attributes in process `syz.4.4901'. [ 595.357349][T23984] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4904'. [ 595.748597][T23999] syzkaller0: entered promiscuous mode [ 595.754977][T23999] syzkaller0: entered allmulticast mode [ 596.407995][T24011] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4912'. [ 599.223441][T24004] workqueue: Failed to create a rescuer kthread for wq "bond16": -EINTR [ 599.339895][T24030] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4918'. [ 599.752636][T24054] netlink: 'syz.2.4925': attribute type 13 has an invalid length. [ 599.779002][T24054] netlink: 'syz.2.4925': attribute type 17 has an invalid length. [ 599.961614][T24058] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4925'. [ 600.770767][T24078] FAULT_INJECTION: forcing a failure. [ 600.770767][T24078] name failslab, interval 1, probability 0, space 0, times 0 [ 600.793750][T24082] FAULT_INJECTION: forcing a failure. [ 600.793750][T24082] name failslab, interval 1, probability 0, space 0, times 0 [ 600.816385][T24078] CPU: 0 UID: 0 PID: 24078 Comm: syz.0.4932 Not tainted syzkaller #0 PREEMPT(full) [ 600.816436][T24078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 600.816459][T24078] Call Trace: [ 600.816474][T24078] [ 600.816483][T24078] dump_stack_lvl+0xe8/0x150 [ 600.816512][T24078] should_fail_ex+0x412/0x560 [ 600.816541][T24078] should_failslab+0xa8/0x100 [ 600.816568][T24078] ? skb_clone+0x212/0x3a0 [ 600.816592][T24078] kmem_cache_alloc_noprof+0x87/0x650 [ 600.816620][T24078] ? __netlink_lookup+0xc6/0x8b0 [ 600.816643][T24078] skb_clone+0x212/0x3a0 [ 600.816667][T24078] __netlink_deliver_tap+0x404/0x850 [ 600.816698][T24078] ? netlink_deliver_tap+0x2e/0x1b0 [ 600.816721][T24078] netlink_deliver_tap+0x19c/0x1b0 [ 600.816746][T24078] netlink_unicast+0x730/0x8e0 [ 600.816775][T24078] netlink_sendmsg+0x813/0xb40 [ 600.816805][T24078] ? __pfx_netlink_sendmsg+0x10/0x10 [ 600.816828][T24078] ? aa_sock_msg_perm+0xf1/0x1b0 [ 600.816849][T24078] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 600.816876][T24078] ____sys_sendmsg+0x972/0x9f0 [ 600.816900][T24078] ? __might_fault+0xaf/0x130 [ 600.816928][T24078] ? __pfx_____sys_sendmsg+0x10/0x10 [ 600.816956][T24078] ? import_iovec+0x73/0xa0 [ 600.816985][T24078] ___sys_sendmsg+0x2a5/0x360 [ 600.817006][T24078] ? __lock_acquire+0x6b5/0x2cf0 [ 600.817031][T24078] ? __pfx____sys_sendmsg+0x10/0x10 [ 600.817080][T24078] ? __fget_files+0x2a/0x420 [ 600.817100][T24078] ? __fget_files+0x3a0/0x420 [ 600.817129][T24078] __x64_sys_sendmsg+0x1bd/0x2a0 [ 600.817153][T24078] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 600.817184][T24078] ? __pfx_ksys_write+0x10/0x10 [ 600.817215][T24078] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 600.817236][T24078] do_syscall_64+0x15f/0xf80 [ 600.817256][T24078] ? trace_irq_disable+0x3b/0x140 [ 600.817282][T24078] ? clear_bhb_loop+0x40/0x90 [ 600.817305][T24078] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 600.817323][T24078] RIP: 0033:0x7f9ff099cdd9 [ 600.817342][T24078] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 600.817358][T24078] RSP: 002b:00007f9ff18ca028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 600.817378][T24078] RAX: ffffffffffffffda RBX: 00007f9ff0c15fa0 RCX: 00007f9ff099cdd9 [ 600.817392][T24078] RDX: 0000000020008000 RSI: 0000200000000640 RDI: 0000000000000003 [ 600.817404][T24078] RBP: 00007f9ff18ca090 R08: 0000000000000000 R09: 0000000000000000 [ 600.817415][T24078] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 600.817426][T24078] R13: 00007f9ff0c16038 R14: 00007f9ff0c15fa0 R15: 00007fffd6c38a88 [ 600.817457][T24078] [ 600.825451][T24082] CPU: 1 UID: 0 PID: 24082 Comm: syz.3.4933 Not tainted syzkaller #0 PREEMPT(full) [ 600.825479][T24082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 600.825491][T24082] Call Trace: [ 600.825499][T24082] [ 600.825507][T24082] dump_stack_lvl+0xe8/0x150 [ 600.825534][T24082] should_fail_ex+0x412/0x560 [ 600.825562][T24082] should_failslab+0xa8/0x100 [ 600.825590][T24082] __kmalloc_node_track_caller_noprof+0xeb/0x7b0 [ 600.825618][T24082] ? xfrm_add_sa+0x2956/0x4230 [ 600.825648][T24082] kmemdup_noprof+0x2b/0x70 [ 600.825668][T24082] xfrm_add_sa+0x2956/0x4230 [ 600.825704][T24082] ? __pfx_xfrm_add_sa+0x10/0x10 [ 600.825729][T24082] ? apparmor_capable+0x126/0x170 [ 600.825760][T24082] ? __nla_parse+0x40/0x60 [ 600.825787][T24082] xfrm_user_rcv_msg+0x7ae/0xc40 [ 600.825818][T24082] ? __pfx_xfrm_user_rcv_msg+0x10/0x10 [ 600.825874][T24082] ? __pfx___mutex_trylock_common+0x10/0x10 [ 600.825901][T24082] ? rcu_is_watching+0x15/0xb0 [ 600.825923][T24082] ? trace_contention_end+0x3d/0x140 [ 600.825947][T24082] ? __mutex_lock+0x319/0x1550 [ 600.825975][T24082] netlink_rcv_skb+0x232/0x4b0 [ 600.825996][T24082] ? __pfx_xfrm_user_rcv_msg+0x10/0x10 [ 600.826023][T24082] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 600.826058][T24082] ? netlink_deliver_tap+0x2e/0x1b0 [ 600.826078][T24082] ? netlink_deliver_tap+0x2e/0x1b0 [ 600.826101][T24082] xfrm_netlink_rcv+0x79/0x90 [ 600.826125][T24082] netlink_unicast+0x75c/0x8e0 [ 600.826154][T24082] netlink_sendmsg+0x813/0xb40 [ 600.826184][T24082] ? __pfx_netlink_sendmsg+0x10/0x10 [ 600.826208][T24082] ? aa_sock_msg_perm+0xf1/0x1b0 [ 600.826239][T24082] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 600.826267][T24082] ____sys_sendmsg+0x972/0x9f0 [ 600.826289][T24082] ? __might_fault+0xaf/0x130 [ 600.826317][T24082] ? __pfx_____sys_sendmsg+0x10/0x10 [ 600.826347][T24082] ? import_iovec+0x73/0xa0 [ 600.826375][T24082] ___sys_sendmsg+0x2a5/0x360 [ 600.826396][T24082] ? __lock_acquire+0x6b5/0x2cf0 [ 600.826418][T24082] ? __pfx____sys_sendmsg+0x10/0x10 [ 600.826474][T24082] ? __fget_files+0x2a/0x420 [ 600.826492][T24082] ? __fget_files+0x3a0/0x420 [ 600.826523][T24082] __x64_sys_sendmsg+0x1bd/0x2a0 [ 600.826546][T24082] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 600.826578][T24082] ? __pfx_ksys_write+0x10/0x10 [ 600.826610][T24082] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 600.826630][T24082] do_syscall_64+0x15f/0xf80 [ 600.826649][T24082] ? trace_irq_disable+0x3b/0x140 [ 600.826674][T24082] ? clear_bhb_loop+0x40/0x90 [ 600.826696][T24082] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 600.826714][T24082] RIP: 0033:0x7f47b0f9cdd9 [ 600.826732][T24082] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 600.826746][T24082] RSP: 002b:00007f47b1d7f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 600.826765][T24082] RAX: ffffffffffffffda RBX: 00007f47b1215fa0 RCX: 00007f47b0f9cdd9 [ 600.826778][T24082] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000006 [ 600.826790][T24082] RBP: 00007f47b1d7f090 R08: 0000000000000000 R09: 0000000000000000 [ 600.826801][T24082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 600.826812][T24082] R13: 00007f47b1216038 R14: 00007f47b1215fa0 R15: 00007ffe925d0d68 [ 600.826842][T24082] [ 601.970813][T24073] workqueue: Failed to create a rescuer kthread for wq "bond27": -EINTR [ 602.053082][ T13] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 602.126214][ T13] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 602.159980][ T13] netdevsim netdevsim2 netdevsim1: unset [1, 1] type 2 family 0 port 20004 - 0 [ 602.171459][ T13] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 602.181179][ T13] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 602.190908][ T13] netdevsim netdevsim2 netdevsim2: unset [1, 1] type 2 family 0 port 20004 - 0 [ 602.248962][ T13] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 602.266430][ T13] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 602.277242][ T13] netdevsim netdevsim2 netdevsim3: unset [1, 1] type 2 family 0 port 20004 - 0 [ 602.427928][T24108] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4941'. [ 602.470278][T24107] netlink: 176 bytes leftover after parsing attributes in process `syz.3.4941'. [ 602.534768][T24115] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4942'. [ 602.685290][T24121] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4944'. [ 603.074504][T24142] FAULT_INJECTION: forcing a failure. [ 603.074504][T24142] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 603.149442][T24145] netlink: 104 bytes leftover after parsing attributes in process `syz.3.4950'. [ 603.153641][T24142] CPU: 1 UID: 0 PID: 24142 Comm: syz.0.4949 Not tainted syzkaller #0 PREEMPT(full) [ 603.153668][T24142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 603.153680][T24142] Call Trace: [ 603.153687][T24142] [ 603.153695][T24142] dump_stack_lvl+0xe8/0x150 [ 603.153722][T24142] should_fail_ex+0x412/0x560 [ 603.153749][T24142] _copy_from_iter+0x1d3/0x1670 [ 603.153775][T24142] ? rcu_is_watching+0x15/0xb0 [ 603.153802][T24142] ? __pfx__copy_from_iter+0x10/0x10 [ 603.153834][T24142] ? netlink_sendmsg+0x650/0xb40 [ 603.153854][T24142] ? skb_put+0x11b/0x210 [ 603.153878][T24142] netlink_sendmsg+0x6c0/0xb40 [ 603.153906][T24142] ? __pfx_netlink_sendmsg+0x10/0x10 [ 603.153930][T24142] ? aa_sock_msg_perm+0xf1/0x1b0 [ 603.153954][T24142] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 603.153980][T24142] ____sys_sendmsg+0x972/0x9f0 [ 603.154010][T24142] ? __pfx_____sys_sendmsg+0x10/0x10 [ 603.154040][T24142] ? import_iovec+0x73/0xa0 [ 603.154074][T24142] ___sys_sendmsg+0x2a5/0x360 [ 603.154094][T24142] ? __lock_acquire+0x6b5/0x2cf0 [ 603.154116][T24142] ? __pfx____sys_sendmsg+0x10/0x10 [ 603.154169][T24142] ? __fget_files+0x2a/0x420 [ 603.154189][T24142] ? __fget_files+0x3a0/0x420 [ 603.154218][T24142] __x64_sys_sendmsg+0x1bd/0x2a0 [ 603.154242][T24142] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 603.154272][T24142] ? __pfx_ksys_write+0x10/0x10 [ 603.154305][T24142] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 603.154323][T24142] do_syscall_64+0x15f/0xf80 [ 603.154342][T24142] ? trace_irq_disable+0x3b/0x140 [ 603.154367][T24142] ? clear_bhb_loop+0x40/0x90 [ 603.154388][T24142] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 603.154406][T24142] RIP: 0033:0x7f9ff099cdd9 [ 603.154423][T24142] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 603.154437][T24142] RSP: 002b:00007f9ff18a9028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 603.154457][T24142] RAX: ffffffffffffffda RBX: 00007f9ff0c16090 RCX: 00007f9ff099cdd9 [ 603.154470][T24142] RDX: 0000000000040000 RSI: 0000200000000280 RDI: 0000000000000006 [ 603.154482][T24142] RBP: 00007f9ff18a9090 R08: 0000000000000000 R09: 0000000000000000 [ 603.154494][T24142] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 603.154504][T24142] R13: 00007f9ff0c16128 R14: 00007f9ff0c16090 R15: 00007fffd6c38a88 [ 603.154532][T24142] [ 603.576239][T24162] netlink: 'syz.2.4955': attribute type 39 has an invalid length. [ 603.788377][T24172] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4957'. [ 603.835303][T24176] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4958'. [ 603.845712][T24176] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4958'. [ 603.960188][T24184] FAULT_INJECTION: forcing a failure. [ 603.960188][T24184] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 604.007663][T24184] CPU: 0 UID: 0 PID: 24184 Comm: syz.3.4961 Not tainted syzkaller #0 PREEMPT(full) [ 604.007690][T24184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 604.007701][T24184] Call Trace: [ 604.007709][T24184] [ 604.007717][T24184] dump_stack_lvl+0xe8/0x150 [ 604.007744][T24184] should_fail_ex+0x412/0x560 [ 604.007771][T24184] _copy_from_user+0x2d/0xb0 [ 604.007796][T24184] ___sys_sendmsg+0x1c6/0x360 [ 604.007820][T24184] ? __lock_acquire+0x6b5/0x2cf0 [ 604.007845][T24184] ? __pfx____sys_sendmsg+0x10/0x10 [ 604.007908][T24184] ? __fget_files+0x2a/0x420 [ 604.007929][T24184] ? __fget_files+0x3a0/0x420 [ 604.007960][T24184] __x64_sys_sendmsg+0x1bd/0x2a0 [ 604.007984][T24184] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 604.008014][T24184] ? __pfx_ksys_write+0x10/0x10 [ 604.008047][T24184] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 604.008068][T24184] do_syscall_64+0x15f/0xf80 [ 604.008088][T24184] ? trace_irq_disable+0x3b/0x140 [ 604.008115][T24184] ? clear_bhb_loop+0x40/0x90 [ 604.008135][T24184] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 604.008152][T24184] RIP: 0033:0x7f47b0f9cdd9 [ 604.008169][T24184] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 604.008183][T24184] RSP: 002b:00007f47b1d7f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 604.008201][T24184] RAX: ffffffffffffffda RBX: 00007f47b1215fa0 RCX: 00007f47b0f9cdd9 [ 604.008214][T24184] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003 [ 604.008226][T24184] RBP: 00007f47b1d7f090 R08: 0000000000000000 R09: 0000000000000000 [ 604.008237][T24184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 604.008248][T24184] R13: 00007f47b1216038 R14: 00007f47b1215fa0 R15: 00007ffe925d0d68 [ 604.008274][T24184] [ 604.371689][T24199] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4966'. [ 604.720518][T24212] netlink: 'syz.3.4971': attribute type 1 has an invalid length. [ 604.740200][T24212] netlink: 'syz.3.4971': attribute type 4 has an invalid length. [ 605.109226][T24223] netlink: 'syz.0.4974': attribute type 1 has an invalid length. [ 605.117997][T24223] netlink: 'syz.0.4974': attribute type 2 has an invalid length. [ 605.130909][T24223] netlink: 'syz.0.4974': attribute type 3 has an invalid length. [ 605.563681][T24237] FAULT_INJECTION: forcing a failure. [ 605.563681][T24237] name failslab, interval 1, probability 0, space 0, times 0 [ 605.577775][T24237] CPU: 0 UID: 0 PID: 24237 Comm: syz.4.4979 Not tainted syzkaller #0 PREEMPT(full) [ 605.577801][T24237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 605.577813][T24237] Call Trace: [ 605.577822][T24237] [ 605.577830][T24237] dump_stack_lvl+0xe8/0x150 [ 605.577857][T24237] should_fail_ex+0x412/0x560 [ 605.577884][T24237] should_failslab+0xa8/0x100 [ 605.577914][T24237] __kmalloc_cache_noprof+0x88/0x660 [ 605.577945][T24237] ? nf_tables_newchain+0xf8a/0x2890 [ 605.577977][T24237] nf_tables_newchain+0xf8a/0x2890 [ 605.578019][T24237] ? __pfx_nf_tables_newchain+0x10/0x10 [ 605.578074][T24237] ? nfnl_pernet+0x23/0x240 [ 605.578094][T24237] ? nfnl_pernet+0x23/0x240 [ 605.578121][T24237] ? __nla_parse+0x40/0x60 [ 605.578153][T24237] nfnetlink_rcv+0x123e/0x27b0 [ 605.578204][T24237] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 605.578239][T24237] ? ref_tracker_free+0x693/0x840 [ 605.578288][T24237] ? __netlink_deliver_tap+0x807/0x850 [ 605.578317][T24237] ? netlink_deliver_tap+0x2e/0x1b0 [ 605.578337][T24237] ? netlink_deliver_tap+0x2e/0x1b0 [ 605.578363][T24237] netlink_unicast+0x75c/0x8e0 [ 605.578392][T24237] netlink_sendmsg+0x813/0xb40 [ 605.578424][T24237] ? __pfx_netlink_sendmsg+0x10/0x10 [ 605.578449][T24237] ? aa_sock_msg_perm+0xf1/0x1b0 [ 605.578474][T24237] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 605.578502][T24237] ____sys_sendmsg+0x972/0x9f0 [ 605.578524][T24237] ? __might_fault+0xaf/0x130 [ 605.578552][T24237] ? __pfx_____sys_sendmsg+0x10/0x10 [ 605.578584][T24237] ? import_iovec+0x73/0xa0 [ 605.578613][T24237] ___sys_sendmsg+0x2a5/0x360 [ 605.578634][T24237] ? __lock_acquire+0x6b5/0x2cf0 [ 605.578659][T24237] ? __pfx____sys_sendmsg+0x10/0x10 [ 605.578717][T24237] ? __fget_files+0x2a/0x420 [ 605.578738][T24237] ? __fget_files+0x3a0/0x420 [ 605.578770][T24237] __x64_sys_sendmsg+0x1bd/0x2a0 [ 605.578796][T24237] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 605.578829][T24237] ? __pfx_ksys_write+0x10/0x10 [ 605.578863][T24237] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 605.578884][T24237] do_syscall_64+0x15f/0xf80 [ 605.578904][T24237] ? trace_irq_disable+0x3b/0x140 [ 605.578929][T24237] ? clear_bhb_loop+0x40/0x90 [ 605.578952][T24237] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 605.578968][T24237] RIP: 0033:0x7f609339cdd9 [ 605.578985][T24237] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 605.579001][T24237] RSP: 002b:00007f609418d028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 605.579020][T24237] RAX: ffffffffffffffda RBX: 00007f6093615fa0 RCX: 00007f609339cdd9 [ 605.579033][T24237] RDX: 0000000000040000 RSI: 00002000000000c0 RDI: 0000000000000006 [ 605.579045][T24237] RBP: 00007f609418d090 R08: 0000000000000000 R09: 0000000000000000 [ 605.579056][T24237] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 605.579067][T24237] R13: 00007f6093616038 R14: 00007f6093615fa0 R15: 00007ffe92813ff8 [ 605.579097][T24237] [ 605.950073][T24241] FAULT_INJECTION: forcing a failure. [ 605.950073][T24241] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 605.965104][T24241] CPU: 0 UID: 0 PID: 24241 Comm: syz.2.4981 Not tainted syzkaller #0 PREEMPT(full) [ 605.965137][T24241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 605.965148][T24241] Call Trace: [ 605.965156][T24241] [ 605.965165][T24241] dump_stack_lvl+0xe8/0x150 [ 605.965193][T24241] should_fail_ex+0x412/0x560 [ 605.965221][T24241] prepare_alloc_pages+0x22a/0x650 [ 605.965256][T24241] __alloc_frozen_pages_noprof+0x12f/0x380 [ 605.965288][T24241] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 605.965319][T24241] ? __pfx_policy_nodemask+0x10/0x10 [ 605.965347][T24241] ? do_raw_spin_lock+0x12b/0x2f0 [ 605.965379][T24241] alloc_pages_mpol+0x235/0x490 [ 605.965408][T24241] alloc_pages_noprof+0xac/0x2a0 [ 605.965435][T24241] __pmd_alloc+0x3a/0x5c0 [ 605.965458][T24241] handle_mm_fault+0xe96/0x3170 [ 605.965491][T24241] ? handle_mm_fault+0xee/0x3170 [ 605.965518][T24241] ? __pfx_handle_mm_fault+0x10/0x10 [ 605.965549][T24241] ? __lock_acquire+0x6b5/0x2cf0 [ 605.965572][T24241] ? lock_mm_and_find_vma+0xa7/0x340 [ 605.965601][T24241] do_user_addr_fault+0x75b/0x1340 [ 605.965638][T24241] exc_page_fault+0x6a/0xc0 [ 605.965658][T24241] asm_exc_page_fault+0x26/0x30 [ 605.965674][T24241] RIP: 0010:__put_user_4+0xd/0x20 [ 605.965693][T24241] Code: 66 89 01 31 c9 0f 01 ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 [ 605.965708][T24241] RSP: 0018:ffffc900067cf798 EFLAGS: 00050206 [ 605.965725][T24241] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000200000000300 [ 605.965737][T24241] RDX: 0000000000000000 RSI: ffffffff8e216f96 RDI: ffffffff8c28aa60 [ 605.965749][T24241] RBP: ffffc900067cf910 R08: ffffffff82185f4f R09: ffff8880780158f8 [ 605.965760][T24241] R10: dffffc0000000000 R11: fffffbfff20612bf R12: 0000000000000000 [ 605.965771][T24241] R13: ffffffff8fffb328 R14: dffffc0000000000 R15: 1ffff92000cf9ef8 [ 605.965792][T24241] ? __might_fault+0xaf/0x130 [ 605.965822][T24241] sk_ioctl+0x3f8/0x6d0 [ 605.965842][T24241] ? __kernel_text_address+0xd/0x30 [ 605.965866][T24241] ? __pfx_sk_ioctl+0x10/0x10 [ 605.965895][T24241] ? stack_trace_save+0xa9/0x100 [ 605.965920][T24241] ? __pfx_stack_trace_save+0x10/0x10 [ 605.965943][T24241] ? kasan_save_free_info+0x46/0x50 [ 605.965968][T24241] ? stack_depot_save_flags+0x33/0x810 [ 605.965994][T24241] inet6_ioctl+0x231/0x2e0 [ 605.966021][T24241] ? __pfx_inet6_ioctl+0x10/0x10 [ 605.966044][T24241] ? kasan_save_free_info+0x46/0x50 [ 605.966063][T24241] ? __kasan_slab_free+0x5c/0x80 [ 605.966086][T24241] ? kfree+0x1c5/0x640 [ 605.966105][T24241] ? tomoyo_path_number_perm+0x501/0x630 [ 605.966133][T24241] ? security_file_ioctl+0xc3/0x2a0 [ 605.966150][T24241] ? __se_sys_ioctl+0x47/0x170 [ 605.966173][T24241] ? do_syscall_64+0x15f/0xf80 [ 605.966192][T24241] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 605.966225][T24241] sock_do_ioctl+0x101/0x320 [ 605.966251][T24241] ? __pfx_sock_do_ioctl+0x10/0x10 [ 605.966285][T24241] sock_ioctl+0x5c6/0x7f0 [ 605.966305][T24241] ? kasan_quarantine_put+0xbb/0x1f0 [ 605.966324][T24241] ? __pfx_sock_ioctl+0x10/0x10 [ 605.966349][T24241] ? tomoyo_path_number_perm+0x219/0x630 [ 605.966366][T24241] ? tomoyo_path_number_perm+0x219/0x630 [ 605.966381][T24241] ? __pfx_sock_ioctl+0x10/0x10 [ 605.966403][T24241] do_vfs_ioctl+0xf5b/0x1530 [ 605.966426][T24241] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 605.966458][T24241] ? __mutex_unlock_slowpath+0x1be/0x6f0 [ 605.966492][T24241] ? __fget_files+0x2a/0x420 [ 605.966511][T24241] ? __fget_files+0x2a/0x420 [ 605.966527][T24241] ? __fget_files+0x3a0/0x420 [ 605.966543][T24241] ? __fget_files+0x2a/0x420 [ 605.966564][T24241] ? bpf_lsm_file_ioctl+0x9/0x20 [ 605.966590][T24241] __se_sys_ioctl+0x82/0x170 [ 605.966614][T24241] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 605.966631][T24241] do_syscall_64+0x15f/0xf80 [ 605.966649][T24241] ? trace_irq_disable+0x3b/0x140 [ 605.966673][T24241] ? clear_bhb_loop+0x40/0x90 [ 605.966694][T24241] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 605.966709][T24241] RIP: 0033:0x7ff53e19cdd9 [ 605.966723][T24241] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 605.966735][T24241] RSP: 002b:00007ff53f103028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 605.966757][T24241] RAX: ffffffffffffffda RBX: 00007ff53e415fa0 RCX: 00007ff53e19cdd9 [ 605.966767][T24241] RDX: 0000200000000300 RSI: 000000000000541b RDI: 0000000000000003 [ 605.966777][T24241] RBP: 00007ff53f103090 R08: 0000000000000000 R09: 0000000000000000 [ 605.966786][T24241] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 605.966795][T24241] R13: 00007ff53e416038 R14: 00007ff53e415fa0 R15: 00007fff6745a258 [ 605.966819][T24241] [ 606.705724][T24256] __nla_validate_parse: 1 callbacks suppressed [ 606.705744][T24256] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4986'. [ 606.872244][T24261] syzkaller0: entered promiscuous mode [ 606.881087][T24261] syzkaller0: entered allmulticast mode [ 609.414658][T24269] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 609.432890][T24270] dvmrp0: left allmulticast mode [ 609.632057][T24279] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4992'. [ 609.642261][T24279] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4992'. [ 609.657260][T24283] netlink: 'syz.1.4994': attribute type 1 has an invalid length. [ 609.821411][T24283] bond21: entered promiscuous mode [ 609.856125][T24283] 8021q: adding VLAN 0 to HW filter on device bond21 [ 609.967850][T24301] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4994'. [ 610.289313][T24287] syzkaller1: entered allmulticast mode [ 610.425960][T24319] netlink: 'syz.3.5000': attribute type 83 has an invalid length. [ 612.024227][T24382] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5013'. [ 612.083539][T24384] sch_tbf: burst 0 is lower than device sit0 mtu (1480) ! [ 612.084560][T24382] netlink: 36 bytes leftover after parsing attributes in process `syz.0.5013'. [ 612.155915][T24390] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5013'. [ 612.225977][T24394] netlink: 72 bytes leftover after parsing attributes in process `syz.0.5013'. [ 612.247469][T24394] netlink: 64 bytes leftover after parsing attributes in process `syz.0.5013'. [ 612.594805][T24393] netlink: 65173 bytes leftover after parsing attributes in process `syz.4.5015'. [ 612.793439][T24406] netlink: 'syz.2.5019': attribute type 3 has an invalid length. [ 612.838478][T24406] netlink: 224 bytes leftover after parsing attributes in process `syz.2.5019'. [ 613.044782][T24415] netlink: 'syz.3.5022': attribute type 39 has an invalid length. [ 613.082883][T24415] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5022'. [ 613.483846][T24438] veth1_to_batadv: entered allmulticast mode [ 614.777415][T24485] netlink: 204 bytes leftover after parsing attributes in process `syz.2.5042'. [ 614.795938][T24485] netlink: 84 bytes leftover after parsing attributes in process `syz.2.5042'. [ 615.220715][ T5645] block nbd13: Receive control failed (result -32) [ 615.883700][T24527] FAULT_INJECTION: forcing a failure. [ 615.883700][T24527] name failslab, interval 1, probability 0, space 0, times 0 [ 615.897196][T24527] CPU: 1 UID: 0 PID: 24527 Comm: syz.1.5052 Not tainted syzkaller #0 PREEMPT(full) [ 615.897220][T24527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 615.897232][T24527] Call Trace: [ 615.897240][T24527] [ 615.897248][T24527] dump_stack_lvl+0xe8/0x150 [ 615.897275][T24527] should_fail_ex+0x412/0x560 [ 615.897303][T24527] should_failslab+0xa8/0x100 [ 615.897332][T24527] kmem_cache_alloc_bulk_noprof+0x8c/0x7c0 [ 615.897363][T24527] ? pfn_valid+0x125/0x4c0 [ 615.897386][T24527] ? pfn_valid+0x125/0x4c0 [ 615.897412][T24527] bpf_test_run_xdp_live+0x179c/0x1cf0 [ 615.897453][T24527] ? bpf_test_run_xdp_live+0x438/0x1cf0 [ 615.897492][T24527] ? __pfx_bpf_test_run_xdp_live+0x10/0x10 [ 615.897536][T24527] ? 0xffffffffa0205108 [ 615.897557][T24527] ? 0xffffffffa0205148 [ 615.897605][T24527] ? __pfx_xdp_test_run_init_page+0x10/0x10 [ 615.897638][T24527] ? _copy_from_user+0x94/0xb0 [ 615.897669][T24527] ? bpf_test_init+0x113/0x150 [ 615.897698][T24527] ? xdp_convert_md_to_buff+0x5b/0x330 [ 615.897723][T24527] bpf_prog_test_run_xdp+0x81c/0x1160 [ 615.897765][T24527] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 615.897793][T24527] ? __fget_files+0x2a/0x420 [ 615.897820][T24527] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 615.897843][T24527] bpf_prog_test_run+0x2c7/0x340 [ 615.897867][T24527] __sys_bpf+0x643/0x950 [ 615.897895][T24527] ? __pfx___sys_bpf+0x10/0x10 [ 615.897936][T24527] ? ksys_write+0x242/0x270 [ 615.897963][T24527] ? __pfx_ksys_write+0x10/0x10 [ 615.897996][T24527] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 615.898016][T24527] __x64_sys_bpf+0x7c/0x90 [ 615.898041][T24527] do_syscall_64+0x15f/0xf80 [ 615.898061][T24527] ? trace_irq_disable+0x3b/0x140 [ 615.898086][T24527] ? clear_bhb_loop+0x40/0x90 [ 615.898109][T24527] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 615.898126][T24527] RIP: 0033:0x7f7e0039cdd9 [ 615.898148][T24527] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 615.898163][T24527] RSP: 002b:00007f7e012e0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 615.898182][T24527] RAX: ffffffffffffffda RBX: 00007f7e00615fa0 RCX: 00007f7e0039cdd9 [ 615.898194][T24527] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a [ 615.898206][T24527] RBP: 00007f7e012e0090 R08: 0000000000000000 R09: 0000000000000000 [ 615.898216][T24527] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 615.898226][T24527] R13: 00007f7e00616038 R14: 00007f7e00615fa0 R15: 00007fffa849dab8 [ 615.898257][T24527] [ 616.670572][T24544] netlink: 'syz.2.5058': attribute type 1 has an invalid length. [ 616.700154][T24544] netlink: 'syz.2.5058': attribute type 4 has an invalid length. [ 616.839373][T24550] netlink: 'syz.3.5061': attribute type 7 has an invalid length. [ 616.989162][T24561] sctp: [Deprecated]: syz.3.5064 (pid 24561) Use of struct sctp_assoc_value in delayed_ack socket option. [ 616.989162][T24561] Use struct sctp_sack_info instead [ 617.045109][T24561] openvswitch: netlink: Unexpected mask (mask=201040, allowed=10048) [ 617.156076][T24571] __nla_validate_parse: 4 callbacks suppressed [ 617.156092][T24571] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5068'. [ 617.181030][T24571] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5068'. [ 617.207108][T24571] netlink: 'syz.3.5068': attribute type 13 has an invalid length. [ 617.434647][T24588] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5074'. [ 617.854361][T24600] FAULT_INJECTION: forcing a failure. [ 617.854361][T24600] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 617.887915][T24600] CPU: 1 UID: 0 PID: 24600 Comm: syz.4.5076 Not tainted syzkaller #0 PREEMPT(full) [ 617.887943][T24600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 617.887954][T24600] Call Trace: [ 617.887961][T24600] [ 617.887970][T24600] dump_stack_lvl+0xe8/0x150 [ 617.887997][T24600] should_fail_ex+0x412/0x560 [ 617.888024][T24600] _copy_to_user+0x31/0xb0 [ 617.888051][T24600] bpf_test_finish+0x22c/0x6b0 [ 617.888079][T24600] ? __pfx_xdp_test_run_init_page+0x10/0x10 [ 617.888104][T24600] ? __pfx_bpf_test_finish+0x10/0x10 [ 617.888132][T24600] ? _copy_from_user+0x94/0xb0 [ 617.888156][T24600] ? bpf_test_init+0x113/0x150 [ 617.888179][T24600] bpf_prog_test_run_xdp+0x8fa/0x1160 [ 617.888218][T24600] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 617.888244][T24600] ? __fget_files+0x2a/0x420 [ 617.888271][T24600] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 617.888300][T24600] bpf_prog_test_run+0x2c7/0x340 [ 617.888323][T24600] __sys_bpf+0x643/0x950 [ 617.888352][T24600] ? __pfx___sys_bpf+0x10/0x10 [ 617.888392][T24600] ? ksys_write+0x242/0x270 [ 617.888420][T24600] ? __pfx_ksys_write+0x10/0x10 [ 617.888451][T24600] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 617.888472][T24600] __x64_sys_bpf+0x7c/0x90 [ 617.888498][T24600] do_syscall_64+0x15f/0xf80 [ 617.888518][T24600] ? trace_irq_disable+0x3b/0x140 [ 617.888544][T24600] ? clear_bhb_loop+0x40/0x90 [ 617.888568][T24600] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 617.888586][T24600] RIP: 0033:0x7f609339cdd9 [ 617.888604][T24600] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 617.888620][T24600] RSP: 002b:00007f609418d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 617.888640][T24600] RAX: ffffffffffffffda RBX: 00007f6093615fa0 RCX: 00007f609339cdd9 [ 617.888653][T24600] RDX: 0000000000000050 RSI: 0000200000000000 RDI: 000000000000000a [ 617.888665][T24600] RBP: 00007f609418d090 R08: 0000000000000000 R09: 0000000000000000 [ 617.888677][T24600] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 617.888687][T24600] R13: 00007f6093616038 R14: 00007f6093615fa0 R15: 00007ffe92813ff8 [ 617.888718][T24600] [ 618.231078][T24586] dvmrp0: entered allmulticast mode [ 618.379365][T24609] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5078'. [ 618.615150][T24623] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5081'. [ 618.625071][T24624] syz.1.5083: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 618.626012][T24623] netlink: 36 bytes leftover after parsing attributes in process `syz.4.5081'. [ 618.718588][T24624] CPU: 0 UID: 0 PID: 24624 Comm: syz.1.5083 Not tainted syzkaller #0 PREEMPT(full) [ 618.718618][T24624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 618.718631][T24624] Call Trace: [ 618.718640][T24624] [ 618.718650][T24624] dump_stack_lvl+0xe8/0x150 [ 618.718679][T24624] warn_alloc+0x249/0x340 [ 618.718713][T24624] ? stack_trace_save+0xa9/0x100 [ 618.718747][T24624] ? __pfx_warn_alloc+0x10/0x10 [ 618.718782][T24624] ? kasan_save_track+0x4f/0x80 [ 618.718807][T24624] ? kasan_save_track+0x3e/0x80 [ 618.718831][T24624] ? __kasan_kmalloc+0x93/0xb0 [ 618.718858][T24624] ? __kmalloc_cache_noprof+0x31c/0x660 [ 618.718885][T24624] ? xskq_create+0x56/0x170 [ 618.718904][T24624] ? xsk_setsockopt+0x54c/0x990 [ 618.718932][T24624] ? do_sock_setsockopt+0x17c/0x1b0 [ 618.718955][T24624] ? __x64_sys_setsockopt+0x13d/0x1b0 [ 618.718976][T24624] ? do_syscall_64+0x15f/0xf80 [ 618.719000][T24624] __vmalloc_node_range_noprof+0x132/0x1750 [ 618.719057][T24624] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 618.719091][T24624] ? __kasan_kmalloc+0x93/0xb0 [ 618.719126][T24624] vmalloc_user_noprof+0xad/0xe0 [ 618.719155][T24624] ? xskq_create+0xbf/0x170 [ 618.719185][T24624] xskq_create+0xbf/0x170 [ 618.719209][T24624] xsk_init_queue+0x8a/0xe0 [ 618.719243][T24624] xsk_setsockopt+0x54c/0x990 [ 618.719277][T24624] ? __pfx_xsk_setsockopt+0x10/0x10 [ 618.719307][T24624] ? __pfx_aa_sk_perm+0x10/0x10 [ 618.719334][T24624] ? aa_sock_opt_perm+0xff/0x1a0 [ 618.719361][T24624] ? bpf_lsm_socket_setsockopt+0x9/0x20 [ 618.719389][T24624] ? __pfx_xsk_setsockopt+0x10/0x10 [ 618.719420][T24624] do_sock_setsockopt+0x17c/0x1b0 [ 618.719449][T24624] __x64_sys_setsockopt+0x13d/0x1b0 [ 618.719476][T24624] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 618.719499][T24624] do_syscall_64+0x15f/0xf80 [ 618.719521][T24624] ? trace_irq_disable+0x3b/0x140 [ 618.719551][T24624] ? clear_bhb_loop+0x40/0x90 [ 618.719578][T24624] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 618.719599][T24624] RIP: 0033:0x7f7e0039cdd9 [ 618.719618][T24624] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 618.719636][T24624] RSP: 002b:00007f7e012e0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 618.719658][T24624] RAX: ffffffffffffffda RBX: 00007f7e00615fa0 RCX: 00007f7e0039cdd9 [ 618.719674][T24624] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000004 [ 618.719687][T24624] RBP: 00007f7e00432d69 R08: 0000000000000004 R09: 0000000000000000 [ 618.719700][T24624] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 618.719713][T24624] R13: 00007f7e00616038 R14: 00007f7e00615fa0 R15: 00007fffa849dab8 [ 618.719747][T24624] [ 618.719771][T24624] Mem-Info: [ 618.943507][T24638] FAULT_INJECTION: forcing a failure. [ 618.943507][T24638] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 618.976299][T24624] active_anon:6046 inactive_anon:5 isolated_anon:0 [ 618.976299][T24624] active_file:3613 inactive_file:40325 isolated_file:0 [ 618.976299][T24624] unevictable:768 dirty:366 writeback:0 [ 618.976299][T24624] slab_reclaimable:12486 slab_unreclaimable:143037 [ 618.976299][T24624] mapped:30035 shmem:1292 pagetables:1575 [ 618.976299][T24624] sec_pagetables:0 bounce:0 [ 618.976299][T24624] kernel_misc_reclaimable:0 [ 618.976299][T24624] free:1261843 free_pcp:24885 free_cma:0 [ 619.003092][T24638] CPU: 1 UID: 0 PID: 24638 Comm: syz.2.5085 Not tainted syzkaller #0 PREEMPT(full) [ 619.003118][T24638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 619.003130][T24638] Call Trace: [ 619.003138][T24638] [ 619.003145][T24638] dump_stack_lvl+0xe8/0x150 [ 619.003171][T24638] should_fail_ex+0x412/0x560 [ 619.003199][T24638] _copy_from_user+0x2d/0xb0 [ 619.003224][T24638] __copy_msghdr+0x3c5/0x5b0 [ 619.003250][T24638] ___sys_sendmsg+0x213/0x360 [ 619.003270][T24638] ? __lock_acquire+0x6b5/0x2cf0 [ 619.003294][T24638] ? __pfx____sys_sendmsg+0x10/0x10 [ 619.003320][T24638] ? kstrtouint+0x6e/0xe0 [ 619.003366][T24638] ? __fget_files+0x2a/0x420 [ 619.003385][T24638] ? __fget_files+0x3a0/0x420 [ 619.003415][T24638] __sys_sendmmsg+0x27c/0x4e0 [ 619.003442][T24638] ? __pfx___sys_sendmmsg+0x10/0x10 [ 619.003462][T24638] ? __mutex_unlock_slowpath+0x1be/0x6f0 [ 619.003506][T24638] ? ksys_write+0x242/0x270 [ 619.003532][T24638] ? __pfx_ksys_write+0x10/0x10 [ 619.003562][T24638] __x64_sys_sendmmsg+0xa0/0xc0 [ 619.003584][T24638] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 619.003602][T24638] do_syscall_64+0x15f/0xf80 [ 619.003620][T24638] ? trace_irq_disable+0x3b/0x140 [ 619.003645][T24638] ? clear_bhb_loop+0x40/0x90 [ 619.003667][T24638] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 619.003684][T24638] RIP: 0033:0x7ff53e19cdd9 [ 619.003700][T24638] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 619.003715][T24638] RSP: 002b:00007ff53f0e2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 619.003734][T24638] RAX: ffffffffffffffda RBX: 00007ff53e416090 RCX: 00007ff53e19cdd9 [ 619.003747][T24638] RDX: 0000000000000001 RSI: 0000200000000440 RDI: 0000000000000007 [ 619.003758][T24638] RBP: 00007ff53f0e2090 R08: 0000000000000000 R09: 0000000000000000 [ 619.003770][T24638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 619.003780][T24638] R13: 00007ff53e416128 R14: 00007ff53e416090 R15: 00007fff6745a258 [ 619.003808][T24638] [ 619.262516][T24624] Node 0 active_anon:24284kB inactive_anon:20kB active_file:14452kB inactive_file:161096kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:124240kB dirty:1464kB writeback:0kB shmem:3632kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:16648kB pagetables:6184kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 619.300376][T24624] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:116kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 619.339383][T24624] Node 0 DMA free:15344kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB [ 619.393282][T24624] lowmem_reserve[]: 0 2492 2493 2493 2493 [ 619.416600][T24624] Node 0 DMA32 free:1145812kB boost:0kB min:34188kB low:42732kB high:51276kB reserved_highatomic:0KB free_highatomic:0KB active_anon:24084kB inactive_anon:20kB active_file:14452kB inactive_file:161096kB unevictable:1536kB writepending:1464kB zspages:0kB present:3129332kB managed:2552716kB mlocked:0kB bounce:0kB free_pcp:38188kB local_pcp:19432kB free_cma:0kB [ 619.474226][T24624] lowmem_reserve[]: 0 0 0 0 0 [ 619.479619][T24624] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:672kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 619.512673][T24624] lowmem_reserve[]: 0 0 0 0 0 [ 619.518165][T24624] Node 1 Normal free:3886216kB boost:0kB min:55704kB low:69628kB high:83552kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:62112kB local_pcp:32564kB free_cma:0kB [ 619.551898][T24624] lowmem_reserve[]: 0 0 0 0 0 [ 619.559475][T24624] Node 0 DMA: 0*4kB 2*8kB (U) 2*16kB (U) 2*32kB (U) 2*64kB (U) 2*128kB (U) 2*256kB (U) 2*512kB (U) 3*1024kB (U) 3*2048kB (UM) 1*4096kB (M) = 15344kB [ 619.575644][T24624] Node 0 DMA32: 8115*4kB (UME) 4401*8kB (UME) 2852*16kB (UME) 610*32kB (UME) 360*64kB (UM) 652*128kB (UM) 625*256kB (UM) 408*512kB (UM) 221*1024kB (U) 138*2048kB (UME) 7*4096kB (U) = 1145812kB [ 619.595420][T24624] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 619.607379][T24624] Node 1 Normal: 3*4kB (U) 6*8kB (UM) 8*16kB (UM) 4*32kB (UM) 10*64kB (UM) 8*128kB (UM) 7*256kB (UM) 5*512kB (UM) 5*1024kB (UM) 6*2048kB (U) 943*4096kB (UM) = 3886268kB [ 619.630803][T24654] FAULT_INJECTION: forcing a failure. [ 619.630803][T24654] name failslab, interval 1, probability 0, space 0, times 0 [ 619.651107][T24624] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 619.661371][T24654] CPU: 0 UID: 0 PID: 24654 Comm: syz.4.5092 Not tainted syzkaller #0 PREEMPT(full) [ 619.661394][T24654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 619.661406][T24654] Call Trace: [ 619.661413][T24654] [ 619.661421][T24654] dump_stack_lvl+0xe8/0x150 [ 619.661449][T24654] should_fail_ex+0x412/0x560 [ 619.661478][T24654] should_failslab+0xa8/0x100 [ 619.661507][T24654] __kmalloc_cache_noprof+0x88/0x660 [ 619.661532][T24654] ? ip_set_pernet+0x23/0x240 [ 619.661558][T24654] ? ip_set_create+0x391/0x1a40 [ 619.661588][T24654] ip_set_create+0x391/0x1a40 [ 619.661620][T24654] ? trace_contention_end+0x3d/0x140 [ 619.661650][T24654] ? __pfx_ip_set_create+0x10/0x10 [ 619.661712][T24654] nfnetlink_rcv_msg+0xc03/0x12c0 [ 619.661732][T24654] ? unwind_get_return_address+0x4d/0x90 [ 619.661756][T24654] ? nfnetlink_rcv_msg+0x22a/0x12c0 [ 619.661793][T24654] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 619.661857][T24654] netlink_rcv_skb+0x232/0x4b0 [ 619.661882][T24654] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 619.661904][T24654] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 619.661941][T24654] ? bpf_lsm_capable+0x9/0x20 [ 619.661959][T24654] ? security_capable+0x7e/0x2c0 [ 619.661988][T24654] nfnetlink_rcv+0x2c0/0x27b0 [ 619.662016][T24654] ? __local_bh_enable_ip+0xd0/0x130 [ 619.662034][T24654] ? lockdep_hardirqs_on+0x7a/0x110 [ 619.662054][T24654] ? __dev_queue_xmit+0x2b6/0x3950 [ 619.662077][T24654] ? __local_bh_enable_ip+0xd0/0x130 [ 619.662094][T24654] ? __dev_queue_xmit+0x2b6/0x3950 [ 619.662116][T24654] ? __dev_queue_xmit+0x1fe5/0x3950 [ 619.662138][T24654] ? __x64_sys_sendmsg+0x1bd/0x2a0 [ 619.662175][T24654] ? __dev_queue_xmit+0x2b6/0x3950 [ 619.662204][T24654] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 619.662228][T24654] ? __pfx___dev_queue_xmit+0x10/0x10 [ 619.662259][T24654] ? ref_tracker_free+0x693/0x840 [ 619.662283][T24654] ? __pfx_ref_tracker_free+0x10/0x10 [ 619.662322][T24654] ? skb_clone+0x246/0x3a0 [ 619.662349][T24654] ? __netlink_deliver_tap+0x807/0x850 [ 619.662369][T24654] ? netlink_deliver_tap+0x2e/0x1b0 [ 619.662395][T24654] ? netlink_deliver_tap+0x2e/0x1b0 [ 619.662416][T24654] ? netlink_deliver_tap+0x2e/0x1b0 [ 619.662443][T24654] netlink_unicast+0x75c/0x8e0 [ 619.662474][T24654] netlink_sendmsg+0x813/0xb40 [ 619.662504][T24654] ? __pfx_netlink_sendmsg+0x10/0x10 [ 619.662529][T24654] ? aa_sock_msg_perm+0xf1/0x1b0 [ 619.662554][T24654] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 619.662581][T24654] ____sys_sendmsg+0x972/0x9f0 [ 619.662604][T24654] ? __might_fault+0xaf/0x130 [ 619.662632][T24654] ? __pfx_____sys_sendmsg+0x10/0x10 [ 619.662665][T24654] ? import_iovec+0x73/0xa0 [ 619.662693][T24654] ___sys_sendmsg+0x2a5/0x360 [ 619.662714][T24654] ? __lock_acquire+0x6b5/0x2cf0 [ 619.662738][T24654] ? __pfx____sys_sendmsg+0x10/0x10 [ 619.662796][T24654] ? __fget_files+0x2a/0x420 [ 619.662817][T24654] ? __fget_files+0x3a0/0x420 [ 619.662849][T24654] __x64_sys_sendmsg+0x1bd/0x2a0 [ 619.662876][T24654] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 619.662910][T24654] ? __pfx_ksys_write+0x10/0x10 [ 619.662944][T24654] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 619.662964][T24654] do_syscall_64+0x15f/0xf80 [ 619.662984][T24654] ? trace_irq_disable+0x3b/0x140 [ 619.663010][T24654] ? clear_bhb_loop+0x40/0x90 [ 619.663033][T24654] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 619.663052][T24654] RIP: 0033:0x7f609339cdd9 [ 619.663070][T24654] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 619.663087][T24654] RSP: 002b:00007f609418d028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 619.663107][T24654] RAX: ffffffffffffffda RBX: 00007f6093615fa0 RCX: 00007f609339cdd9 [ 619.663121][T24654] RDX: 0000000000000080 RSI: 0000200000000040 RDI: 0000000000000003 [ 619.663134][T24654] RBP: 00007f609418d090 R08: 0000000000000000 R09: 0000000000000000 [ 619.663145][T24654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 619.663156][T24654] R13: 00007f6093616038 R14: 00007f6093615fa0 R15: 00007ffe92813ff8 [ 619.663194][T24654] [ 620.059319][T24624] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 620.069982][T24624] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 620.079644][T24624] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 620.088997][T24624] 45228 total pagecache pages [ 620.093784][T24624] 0 pages in swap cache [ 620.097975][T24624] Free swap = 124996kB [ 620.102135][T24624] Total swap = 124996kB [ 620.106308][T24624] 2097051 pages RAM [ 620.110330][T24624] 0 pages HighMem/MovableOnly [ 620.115012][T24624] 427089 pages reserved [ 620.119237][T24624] 0 pages cma reserved [ 620.577666][T24676] netlink: 'syz.2.5101': attribute type 39 has an invalid length. [ 620.707672][T24676] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5101'. [ 621.070710][T24696] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5107'. [ 621.099044][T24696] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5107'. [ 621.572933][T24728] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5116'. [ 621.579692][T24733] netlink: 'syz.4.5118': attribute type 39 has an invalid length. [ 621.774079][T24746] netlink: 'syz.3.5120': attribute type 39 has an invalid length. [ 622.264226][T24771] __nla_validate_parse: 2 callbacks suppressed [ 622.264245][T24771] netlink: 40 bytes leftover after parsing attributes in process `syz.0.5129'. [ 622.289329][T24771] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5129'. [ 622.433335][T24775] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5131'. [ 622.454104][T24775] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5131'. [ 622.477942][T24781] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 622.546186][T24781] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 622.634637][T24781] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 622.673148][T24781] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 622.700127][T24791] netlink: 36 bytes leftover after parsing attributes in process `syz.4.5137'. [ 622.744695][T24791] netlink: 36 bytes leftover after parsing attributes in process `syz.4.5137'. [ 622.759017][T24791] netlink: 36 bytes leftover after parsing attributes in process `syz.4.5137'. [ 622.770388][T24791] netlink: 36 bytes leftover after parsing attributes in process `syz.4.5137'. [ 622.783003][T24791] netlink: 36 bytes leftover after parsing attributes in process `syz.4.5137'. [ 622.792931][T24791] netlink: 36 bytes leftover after parsing attributes in process `syz.4.5137'. [ 623.676200][T24838] netlink: zone id is out of range [ 623.694510][T24837] netlink: zone id is out of range [ 623.854090][T24844] syzkaller0: entered promiscuous mode [ 623.873074][T24844] syzkaller0: entered allmulticast mode [ 624.010483][T24849] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 624.104722][T24849] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 624.194117][T24849] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 624.206391][T24849] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 624.269017][T24869] netlink: 'syz.4.5161': attribute type 1 has an invalid length. [ 624.284544][T24869] netlink: 'syz.4.5161': attribute type 4 has an invalid length. [ 624.839261][T24892] FAULT_INJECTION: forcing a failure. [ 624.839261][T24892] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 624.881501][T24892] CPU: 1 UID: 0 PID: 24892 Comm: syz.3.5171 Not tainted syzkaller #0 PREEMPT(full) [ 624.881529][T24892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 624.881540][T24892] Call Trace: [ 624.881548][T24892] [ 624.881556][T24892] dump_stack_lvl+0xe8/0x150 [ 624.881584][T24892] should_fail_ex+0x412/0x560 [ 624.881612][T24892] prepare_alloc_pages+0x22a/0x650 [ 624.881653][T24892] __alloc_frozen_pages_noprof+0x12f/0x380 [ 624.881684][T24892] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 624.881715][T24892] ? __pfx_policy_nodemask+0x10/0x10 [ 624.881742][T24892] ? do_raw_spin_lock+0x12b/0x2f0 [ 624.881771][T24892] alloc_pages_mpol+0x235/0x490 [ 624.881801][T24892] alloc_pages_noprof+0xac/0x2a0 [ 624.881827][T24892] __pmd_alloc+0x3a/0x5c0 [ 624.881852][T24892] handle_mm_fault+0xe96/0x3170 [ 624.881887][T24892] ? handle_mm_fault+0xee/0x3170 [ 624.881913][T24892] ? __pfx_handle_mm_fault+0x10/0x10 [ 624.881947][T24892] ? __lock_acquire+0x6b5/0x2cf0 [ 624.881970][T24892] ? lock_mm_and_find_vma+0xa7/0x340 [ 624.881998][T24892] do_user_addr_fault+0x75b/0x1340 [ 624.882034][T24892] exc_page_fault+0x6a/0xc0 [ 624.882056][T24892] asm_exc_page_fault+0x26/0x30 [ 624.882073][T24892] RIP: 0010:rep_movs_alternative+0xf/0x90 [ 624.882099][T24892] Code: c4 10 e9 54 54 04 00 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 2e [ 624.882115][T24892] RSP: 0018:ffffc90006aefad8 EFLAGS: 00050202 [ 624.882132][T24892] RAX: 00007ffffffff001 RBX: 0000000000000004 RCX: 0000000000000004 [ 624.882144][T24892] RDX: 0000000000000001 RSI: 0000200000000bc0 RDI: ffffc90006aefb80 [ 624.882156][T24892] RBP: ffffc90006aefe10 R08: 0000000000000003 R09: 0000000000000004 [ 624.882168][T24892] R10: dffffc0000000000 R11: fffff52000d5df70 R12: 0000000000000310 [ 624.882181][T24892] R13: 0000200000000bc0 R14: ffffc90006aefb80 R15: 0000200000000bc0 [ 624.882211][T24892] _copy_from_user+0x7a/0xb0 [ 624.882238][T24892] do_ipv6_setsockopt+0x25c/0x3150 [ 624.882261][T24892] ? get_pid_task+0x20/0x1f0 [ 624.882293][T24892] ? __pfx_do_ipv6_setsockopt+0x10/0x10 [ 624.882315][T24892] ? get_pid_task+0x20/0x1f0 [ 624.882337][T24892] ? get_pid_task+0x20/0x1f0 [ 624.882357][T24892] ? get_pid_task+0x20/0x1f0 [ 624.882411][T24892] ? aa_sk_perm+0x6d5/0x900 [ 624.882436][T24892] ? fd_install+0x94/0x3d0 [ 624.882458][T24892] ? __pfx_aa_sk_perm+0x10/0x10 [ 624.882482][T24892] ? aa_sock_opt_perm+0xff/0x1a0 [ 624.882508][T24892] ipv6_setsockopt+0x59/0x170 [ 624.882528][T24892] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 624.882554][T24892] do_sock_setsockopt+0x17c/0x1b0 [ 624.882582][T24892] __x64_sys_setsockopt+0x13d/0x1b0 [ 624.882607][T24892] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 624.882633][T24892] do_syscall_64+0x15f/0xf80 [ 624.882651][T24892] ? trace_irq_disable+0x3b/0x140 [ 624.882677][T24892] ? clear_bhb_loop+0x40/0x90 [ 624.882699][T24892] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 624.882717][T24892] RIP: 0033:0x7f47b0f9cdd9 [ 624.882734][T24892] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 624.882749][T24892] RSP: 002b:00007f47b1d7f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 624.882767][T24892] RAX: ffffffffffffffda RBX: 00007f47b1215fa0 RCX: 00007f47b0f9cdd9 [ 624.882780][T24892] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003 [ 624.882791][T24892] RBP: 00007f47b1d7f090 R08: 0000000000000310 R09: 0000000000000000 [ 624.882803][T24892] R10: 0000200000000bc0 R11: 0000000000000246 R12: 0000000000000001 [ 624.882815][T24892] R13: 00007f47b1216038 R14: 00007f47b1215fa0 R15: 00007ffe925d0d68 [ 624.882846][T24892] [ 625.500072][T24914] tipc: Enabled bearer , priority 0 [ 625.511796][T24914] syzkaller0: mtu greater than device maximum [ 625.541939][T24911] tipc: Disabling bearer [ 625.798294][T24920] syzkaller0: entered promiscuous mode [ 625.814001][T24920] syzkaller0: entered allmulticast mode [ 625.878958][ T29] audit: type=1804 audit(1777564361.978:6): pid=24937 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.5185" name="/newroot/1026/cgroup.controllers" dev="tmpfs" ino=5271 res=1 errno=0 [ 625.909787][ T29] audit: type=1800 audit(1777564361.998:7): pid=24937 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.5185" name="cgroup.controllers" dev="tmpfs" ino=5271 res=0 errno=0 [ 625.945863][T24940] FAULT_INJECTION: forcing a failure. [ 625.945863][T24940] name failslab, interval 1, probability 0, space 0, times 0 [ 625.958875][T24940] CPU: 1 UID: 0 PID: 24940 Comm: syz.4.5186 Not tainted syzkaller #0 PREEMPT(full) [ 625.958900][T24940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 625.958911][T24940] Call Trace: [ 625.958919][T24940] [ 625.958927][T24940] dump_stack_lvl+0xe8/0x150 [ 625.958954][T24940] should_fail_ex+0x412/0x560 [ 625.958982][T24940] should_failslab+0xa8/0x100 [ 625.959010][T24940] __kmalloc_node_track_caller_noprof+0xeb/0x7b0 [ 625.959038][T24940] ? xfrm_add_sa+0x2956/0x4230 [ 625.959070][T24940] kmemdup_noprof+0x2b/0x70 [ 625.959091][T24940] xfrm_add_sa+0x2956/0x4230 [ 625.959125][T24940] ? __pfx_xfrm_add_sa+0x10/0x10 [ 625.959146][T24940] ? apparmor_capable+0x126/0x170 [ 625.959177][T24940] ? __nla_parse+0x40/0x60 [ 625.959204][T24940] xfrm_user_rcv_msg+0x7ae/0xc40 [ 625.959234][T24940] ? __pfx_xfrm_user_rcv_msg+0x10/0x10 [ 625.959292][T24940] ? __pfx___mutex_trylock_common+0x10/0x10 [ 625.959320][T24940] ? rcu_is_watching+0x15/0xb0 [ 625.959342][T24940] ? trace_contention_end+0x3d/0x140 [ 625.959364][T24940] ? __mutex_lock+0x319/0x1550 [ 625.959392][T24940] netlink_rcv_skb+0x232/0x4b0 [ 625.959416][T24940] ? __pfx_xfrm_user_rcv_msg+0x10/0x10 [ 625.959441][T24940] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 625.959479][T24940] ? netlink_deliver_tap+0x2e/0x1b0 [ 625.959501][T24940] ? netlink_deliver_tap+0x2e/0x1b0 [ 625.959525][T24940] xfrm_netlink_rcv+0x79/0x90 [ 625.959550][T24940] netlink_unicast+0x75c/0x8e0 [ 625.959576][T24940] netlink_sendmsg+0x813/0xb40 [ 625.959604][T24940] ? __pfx_netlink_sendmsg+0x10/0x10 [ 625.959627][T24940] ? aa_sock_msg_perm+0xf1/0x1b0 [ 625.959651][T24940] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 625.959676][T24940] ____sys_sendmsg+0x972/0x9f0 [ 625.959698][T24940] ? __might_fault+0xaf/0x130 [ 625.959725][T24940] ? __pfx_____sys_sendmsg+0x10/0x10 [ 625.959753][T24940] ? import_iovec+0x73/0xa0 [ 625.959779][T24940] ___sys_sendmsg+0x2a5/0x360 [ 625.959799][T24940] ? __lock_acquire+0x6b5/0x2cf0 [ 625.959829][T24940] ? __pfx____sys_sendmsg+0x10/0x10 [ 625.959884][T24940] ? __fget_files+0x2a/0x420 [ 625.959904][T24940] ? __fget_files+0x3a0/0x420 [ 625.959932][T24940] __x64_sys_sendmsg+0x1bd/0x2a0 [ 625.959957][T24940] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 625.959988][T24940] ? __pfx_ksys_write+0x10/0x10 [ 625.960018][T24940] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 625.960037][T24940] do_syscall_64+0x15f/0xf80 [ 625.960055][T24940] ? trace_irq_disable+0x3b/0x140 [ 625.960081][T24940] ? clear_bhb_loop+0x40/0x90 [ 625.960103][T24940] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 625.960120][T24940] RIP: 0033:0x7f609339cdd9 [ 625.960138][T24940] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 625.960152][T24940] RSP: 002b:00007f609418d028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 625.960172][T24940] RAX: ffffffffffffffda RBX: 00007f6093615fa0 RCX: 00007f609339cdd9 [ 625.960184][T24940] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000006 [ 625.960193][T24940] RBP: 00007f609418d090 R08: 0000000000000000 R09: 0000000000000000 [ 625.960204][T24940] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 625.960214][T24940] R13: 00007f6093616038 R14: 00007f6093615fa0 R15: 00007ffe92813ff8 [ 625.960243][T24940] [ 625.991369][ T29] audit: type=1800 audit(1777564361.998:8): pid=24937 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.5185" name="cgroup.controllers" dev="tmpfs" ino=5271 res=0 errno=0 [ 626.342843][ T29] audit: type=1804 audit(1777564362.008:9): pid=24937 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.5185" name="/newroot/1026/cgroup.controllers" dev="tmpfs" ino=5271 res=1 errno=0 [ 627.539657][ T5645] Bluetooth: hci1: command 0x0406 tx timeout [ 627.539722][T24909] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 627.553074][T24909] Bluetooth: hci1: Error when powering off device on rfkill (-110) [ 628.391981][T24909] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 628.398169][T24909] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 628.445666][T24909] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 628.468544][T24909] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 628.529053][T24909] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 628.541989][T24909] Bluetooth: hci4: Error when powering off device on rfkill (-4) [ 629.784498][T24995] netlink: 'syz.4.5199': attribute type 83 has an invalid length. [ 629.927891][T25002] __nla_validate_parse: 80 callbacks suppressed [ 629.927913][T25002] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5201'. [ 629.928662][T25001] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 630.447780][T25022] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5205'. [ 630.497537][T25022] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5205'. [ 630.745107][T25051] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5205'. [ 631.109093][T25066] SET target dimension over the limit! [ 631.674962][T25093] FAULT_INJECTION: forcing a failure. [ 631.674962][T25093] name failslab, interval 1, probability 0, space 0, times 0 [ 631.711539][T25093] CPU: 0 UID: 0 PID: 25093 Comm: syz.4.5223 Not tainted syzkaller #0 PREEMPT(full) [ 631.711568][T25093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 631.711580][T25093] Call Trace: [ 631.711588][T25093] [ 631.711596][T25093] dump_stack_lvl+0xe8/0x150 [ 631.711624][T25093] should_fail_ex+0x412/0x560 [ 631.711653][T25093] should_failslab+0xa8/0x100 [ 631.711680][T25093] ? __pmd_alloc+0xc1/0x5c0 [ 631.711703][T25093] kmem_cache_alloc_noprof+0x87/0x650 [ 631.711737][T25093] __pmd_alloc+0xc1/0x5c0 [ 631.711763][T25093] handle_mm_fault+0xe96/0x3170 [ 631.711801][T25093] ? handle_mm_fault+0xee/0x3170 [ 631.711830][T25093] ? __pfx_handle_mm_fault+0x10/0x10 [ 631.711867][T25093] ? __lock_acquire+0x6b5/0x2cf0 [ 631.711892][T25093] ? lock_mm_and_find_vma+0xa7/0x340 [ 631.711921][T25093] do_user_addr_fault+0x75b/0x1340 [ 631.711958][T25093] exc_page_fault+0x6a/0xc0 [ 631.711981][T25093] asm_exc_page_fault+0x26/0x30 [ 631.712000][T25093] RIP: 0010:__put_user_4+0xd/0x20 [ 631.712022][T25093] Code: 66 89 01 31 c9 0f 01 ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 [ 631.712038][T25093] RSP: 0018:ffffc9000dfdf798 EFLAGS: 00050206 [ 631.712056][T25093] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000200000000300 [ 631.712067][T25093] RDX: 0000000000000000 RSI: ffffffff8e216f96 RDI: ffffffff8c28aa60 [ 631.712079][T25093] RBP: ffffc9000dfdf910 R08: ffffffff82185f4f R09: ffff8880206cb438 [ 631.712092][T25093] R10: dffffc0000000000 R11: fffffbfff20612bf R12: 0000000000000000 [ 631.712104][T25093] R13: ffffffff8fffb328 R14: dffffc0000000000 R15: 1ffff92001bfbef8 [ 631.712125][T25093] ? __might_fault+0xaf/0x130 [ 631.712153][T25093] sk_ioctl+0x3f8/0x6d0 [ 631.712172][T25093] ? __kernel_text_address+0xd/0x30 [ 631.712198][T25093] ? __pfx_sk_ioctl+0x10/0x10 [ 631.712230][T25093] ? stack_trace_save+0xa9/0x100 [ 631.712256][T25093] ? __pfx_stack_trace_save+0x10/0x10 [ 631.712279][T25093] ? kasan_save_free_info+0x46/0x50 [ 631.712303][T25093] ? stack_depot_save_flags+0x33/0x810 [ 631.712336][T25093] inet6_ioctl+0x231/0x2e0 [ 631.712363][T25093] ? __pfx_inet6_ioctl+0x10/0x10 [ 631.712386][T25093] ? kasan_save_free_info+0x46/0x50 [ 631.712405][T25093] ? __kasan_slab_free+0x5c/0x80 [ 631.712428][T25093] ? kfree+0x1c5/0x640 [ 631.712447][T25093] ? tomoyo_path_number_perm+0x501/0x630 [ 631.712466][T25093] ? security_file_ioctl+0xc3/0x2a0 [ 631.712483][T25093] ? __se_sys_ioctl+0x47/0x170 [ 631.712508][T25093] ? do_syscall_64+0x15f/0xf80 [ 631.712526][T25093] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 631.712560][T25093] sock_do_ioctl+0x101/0x320 [ 631.712592][T25093] ? __pfx_sock_do_ioctl+0x10/0x10 [ 631.712635][T25093] sock_ioctl+0x5c6/0x7f0 [ 631.712660][T25093] ? kasan_quarantine_put+0xbb/0x1f0 [ 631.712683][T25093] ? __pfx_sock_ioctl+0x10/0x10 [ 631.712714][T25093] ? tomoyo_path_number_perm+0x219/0x630 [ 631.712736][T25093] ? tomoyo_path_number_perm+0x219/0x630 [ 631.712755][T25093] ? __pfx_sock_ioctl+0x10/0x10 [ 631.712782][T25093] do_vfs_ioctl+0xf5b/0x1530 [ 631.712811][T25093] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 631.712850][T25093] ? __mutex_unlock_slowpath+0x1be/0x6f0 [ 631.712893][T25093] ? __fget_files+0x2a/0x420 [ 631.712918][T25093] ? __fget_files+0x2a/0x420 [ 631.712938][T25093] ? __fget_files+0x3a0/0x420 [ 631.712958][T25093] ? __fget_files+0x2a/0x420 [ 631.712982][T25093] ? bpf_lsm_file_ioctl+0x9/0x20 [ 631.713012][T25093] __se_sys_ioctl+0x82/0x170 [ 631.713037][T25093] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 631.713057][T25093] do_syscall_64+0x15f/0xf80 [ 631.713076][T25093] ? trace_irq_disable+0x3b/0x140 [ 631.713102][T25093] ? clear_bhb_loop+0x40/0x90 [ 631.713125][T25093] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 631.713143][T25093] RIP: 0033:0x7f609339cdd9 [ 631.713160][T25093] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 631.713175][T25093] RSP: 002b:00007f609418d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 631.713193][T25093] RAX: ffffffffffffffda RBX: 00007f6093615fa0 RCX: 00007f609339cdd9 [ 631.713207][T25093] RDX: 0000200000000300 RSI: 000000000000541b RDI: 0000000000000003 [ 631.713219][T25093] RBP: 00007f609418d090 R08: 0000000000000000 R09: 0000000000000000 [ 631.713230][T25093] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 631.713241][T25093] R13: 00007f6093616038 R14: 00007f6093615fa0 R15: 00007ffe92813ff8 [ 631.713273][T25093] [ 632.282476][T25095] netlink: 16186 bytes leftover after parsing attributes in process `syz.4.5224'. [ 632.283790][T25098] skbuff: bad partial csum: csum=65535/2 headroom=4 headlen=65543 [ 632.407210][T25103] xt_TPROXY: Can be used only with -p tcp or -p udp [ 632.601369][T25113] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5230'. [ 632.610456][T25113] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5230'. [ 632.886571][T25123] openvswitch: netlink: EtherType 0 is less than min 600 [ 632.918689][T25126] FAULT_INJECTION: forcing a failure. [ 632.918689][T25126] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 632.956366][T25126] CPU: 0 UID: 0 PID: 25126 Comm: syz.1.5235 Not tainted syzkaller #0 PREEMPT(full) [ 632.956391][T25126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 632.956403][T25126] Call Trace: [ 632.956411][T25126] [ 632.956419][T25126] dump_stack_lvl+0xe8/0x150 [ 632.956445][T25126] should_fail_ex+0x412/0x560 [ 632.956474][T25126] _copy_from_user+0x2d/0xb0 [ 632.956500][T25126] bpf_test_init+0xd8/0x150 [ 632.956526][T25126] bpf_prog_test_run_xdp+0x529/0x1160 [ 632.956563][T25126] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 632.956591][T25126] ? __fget_files+0x2a/0x420 [ 632.956621][T25126] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 632.956640][T25126] bpf_prog_test_run+0x2c7/0x340 [ 632.956661][T25126] __sys_bpf+0x643/0x950 [ 632.956688][T25126] ? __pfx___sys_bpf+0x10/0x10 [ 632.956725][T25126] ? ksys_write+0x242/0x270 [ 632.956757][T25126] ? __pfx_ksys_write+0x10/0x10 [ 632.956786][T25126] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 632.956807][T25126] __x64_sys_bpf+0x7c/0x90 [ 632.956834][T25126] do_syscall_64+0x15f/0xf80 [ 632.956857][T25126] ? clear_bhb_loop+0x40/0x90 [ 632.956879][T25126] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 632.956898][T25126] RIP: 0033:0x7f7e0039cdd9 [ 632.956916][T25126] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 632.956931][T25126] RSP: 002b:00007f7e012e0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 632.956951][T25126] RAX: ffffffffffffffda RBX: 00007f7e00615fa0 RCX: 00007f7e0039cdd9 [ 632.956963][T25126] RDX: 0000000000000050 RSI: 0000200000000000 RDI: 000000000000000a [ 632.956975][T25126] RBP: 00007f7e012e0090 R08: 0000000000000000 R09: 0000000000000000 [ 632.956987][T25126] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 632.956998][T25126] R13: 00007f7e00616038 R14: 00007f7e00615fa0 R15: 00007fffa849dab8 [ 632.957028][T25126] [ 633.444414][T25139] FAULT_INJECTION: forcing a failure. [ 633.444414][T25139] name failslab, interval 1, probability 0, space 0, times 0 [ 633.466939][T25139] CPU: 0 UID: 0 PID: 25139 Comm: syz.1.5238 Not tainted syzkaller #0 PREEMPT(full) [ 633.466961][T25139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 633.466971][T25139] Call Trace: [ 633.466978][T25139] [ 633.466985][T25139] dump_stack_lvl+0xe8/0x150 [ 633.467007][T25139] should_fail_ex+0x412/0x560 [ 633.467030][T25139] should_failslab+0xa8/0x100 [ 633.467053][T25139] ? skb_clone+0x212/0x3a0 [ 633.467073][T25139] kmem_cache_alloc_noprof+0x87/0x650 [ 633.467099][T25139] skb_clone+0x212/0x3a0 [ 633.467121][T25139] __netlink_deliver_tap+0x404/0x850 [ 633.467148][T25139] ? netlink_deliver_tap+0x2e/0x1b0 [ 633.467167][T25139] netlink_deliver_tap+0x19c/0x1b0 [ 633.467186][T25139] netlink_sendskb+0x68/0x140 [ 633.467204][T25139] netlink_rcv_skb+0x2b6/0x4b0 [ 633.467221][T25139] ? __pfx_genl_rcv_msg+0x10/0x10 [ 633.467244][T25139] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 633.467274][T25139] ? down_read+0x270/0x2e0 [ 633.467291][T25139] ? genl_rcv+0xd/0x40 [ 633.467319][T25139] genl_rcv+0x28/0x40 [ 633.467338][T25139] netlink_unicast+0x75c/0x8e0 [ 633.467363][T25139] netlink_sendmsg+0x813/0xb40 [ 633.467388][T25139] ? __pfx_netlink_sendmsg+0x10/0x10 [ 633.467408][T25139] ? aa_sock_msg_perm+0xf1/0x1b0 [ 633.467430][T25139] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 633.467453][T25139] ____sys_sendmsg+0x972/0x9f0 [ 633.467472][T25139] ? __might_fault+0xaf/0x130 [ 633.467496][T25139] ? __pfx_____sys_sendmsg+0x10/0x10 [ 633.467522][T25139] ? import_iovec+0x73/0xa0 [ 633.467545][T25139] ___sys_sendmsg+0x2a5/0x360 [ 633.467563][T25139] ? __lock_acquire+0x6b5/0x2cf0 [ 633.467582][T25139] ? __pfx____sys_sendmsg+0x10/0x10 [ 633.467630][T25139] ? __fget_files+0x2a/0x420 [ 633.467647][T25139] ? __fget_files+0x3a0/0x420 [ 633.467672][T25139] __x64_sys_sendmsg+0x1bd/0x2a0 [ 633.467694][T25139] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 633.467720][T25139] ? __pfx_ksys_write+0x10/0x10 [ 633.467748][T25139] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 633.467765][T25139] do_syscall_64+0x15f/0xf80 [ 633.467781][T25139] ? trace_irq_disable+0x3b/0x140 [ 633.467802][T25139] ? clear_bhb_loop+0x40/0x90 [ 633.467821][T25139] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 633.467836][T25139] RIP: 0033:0x7f7e0039cdd9 [ 633.467850][T25139] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 633.467863][T25139] RSP: 002b:00007f7e012e0028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 633.467880][T25139] RAX: ffffffffffffffda RBX: 00007f7e00615fa0 RCX: 00007f7e0039cdd9 [ 633.467891][T25139] RDX: 0000000020008000 RSI: 0000200000000640 RDI: 0000000000000003 [ 633.467902][T25139] RBP: 00007f7e012e0090 R08: 0000000000000000 R09: 0000000000000000 [ 633.467911][T25139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 633.467920][T25139] R13: 00007f7e00616038 R14: 00007f7e00615fa0 R15: 00007fffa849dab8 [ 633.467945][T25139] [ 633.824753][T25145] FAULT_INJECTION: forcing a failure. [ 633.824753][T25145] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 633.896931][T25145] CPU: 1 UID: 0 PID: 25145 Comm: syz.3.5240 Not tainted syzkaller #0 PREEMPT(full) [ 633.896959][T25145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 633.896971][T25145] Call Trace: [ 633.896979][T25145] [ 633.896988][T25145] dump_stack_lvl+0xe8/0x150 [ 633.897021][T25145] should_fail_ex+0x412/0x560 [ 633.897049][T25145] _copy_from_iter+0x1d3/0x1670 [ 633.897076][T25145] ? rcu_is_watching+0x15/0xb0 [ 633.897105][T25145] ? __pfx__copy_from_iter+0x10/0x10 [ 633.897136][T25145] ? netlink_sendmsg+0x650/0xb40 [ 633.897157][T25145] ? skb_put+0x11b/0x210 [ 633.897182][T25145] netlink_sendmsg+0x6c0/0xb40 [ 633.897213][T25145] ? __pfx_netlink_sendmsg+0x10/0x10 [ 633.897239][T25145] ? aa_sock_msg_perm+0xf1/0x1b0 [ 633.897263][T25145] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 633.897290][T25145] ____sys_sendmsg+0x972/0x9f0 [ 633.897312][T25145] ? __might_fault+0xaf/0x130 [ 633.897342][T25145] ? __pfx_____sys_sendmsg+0x10/0x10 [ 633.897373][T25145] ? import_iovec+0x73/0xa0 [ 633.897401][T25145] ___sys_sendmsg+0x2a5/0x360 [ 633.897423][T25145] ? __lock_acquire+0x6b5/0x2cf0 [ 633.897447][T25145] ? __pfx____sys_sendmsg+0x10/0x10 [ 633.897505][T25145] ? __fget_files+0x2a/0x420 [ 633.897526][T25145] ? __fget_files+0x3a0/0x420 [ 633.897553][T25145] __x64_sys_sendmsg+0x1bd/0x2a0 [ 633.897577][T25145] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 633.897607][T25145] ? __pfx_ksys_write+0x10/0x10 [ 633.897637][T25145] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 633.897655][T25145] do_syscall_64+0x15f/0xf80 [ 633.897675][T25145] ? trace_irq_disable+0x3b/0x140 [ 633.897699][T25145] ? clear_bhb_loop+0x40/0x90 [ 633.897722][T25145] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 633.897739][T25145] RIP: 0033:0x7f47b0f9cdd9 [ 633.897755][T25145] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 633.897770][T25145] RSP: 002b:00007f47b1d7f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 633.897789][T25145] RAX: ffffffffffffffda RBX: 00007f47b1215fa0 RCX: 00007f47b0f9cdd9 [ 633.897803][T25145] RDX: 0000000000000000 RSI: 0000200000000480 RDI: 0000000000000004 [ 633.897814][T25145] RBP: 00007f47b1d7f090 R08: 0000000000000000 R09: 0000000000000000 [ 633.897825][T25145] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 633.897836][T25145] R13: 00007f47b1216038 R14: 00007f47b1215fa0 R15: 00007ffe925d0d68 [ 633.897864][T25145] [ 634.244230][T25155] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5244'. [ 634.264587][T25156] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5245'. [ 634.274137][T25156] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5245'. [ 634.314796][T25160] netlink: 'syz.3.5246': attribute type 83 has an invalid length. [ 634.404343][T25162] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 634.578087][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 634.588964][ C0] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 635.070464][T25193] IPVS: Scheduler module ip_vs_sip not found [ 635.224998][T25199] netlink: 'syz.0.5256': attribute type 1 has an invalid length. [ 635.400028][T25208] netlink: 'syz.0.5257': attribute type 83 has an invalid length. [ 635.471816][T25212] FAULT_INJECTION: forcing a failure. [ 635.471816][T25212] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 635.540241][T25212] CPU: 1 UID: 0 PID: 25212 Comm: syz.4.5258 Not tainted syzkaller #0 PREEMPT(full) [ 635.540268][T25212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 635.540280][T25212] Call Trace: [ 635.540287][T25212] [ 635.540295][T25212] dump_stack_lvl+0xe8/0x150 [ 635.540322][T25212] should_fail_ex+0x412/0x560 [ 635.540350][T25212] _copy_from_iter+0x1d3/0x1670 [ 635.540378][T25212] ? rcu_is_watching+0x15/0xb0 [ 635.540406][T25212] ? __pfx__copy_from_iter+0x10/0x10 [ 635.540437][T25212] ? netlink_sendmsg+0x650/0xb40 [ 635.540458][T25212] ? skb_put+0x11b/0x210 [ 635.540483][T25212] netlink_sendmsg+0x6c0/0xb40 [ 635.540514][T25212] ? __pfx_netlink_sendmsg+0x10/0x10 [ 635.540537][T25212] ? aa_sock_msg_perm+0xf1/0x1b0 [ 635.540561][T25212] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 635.540585][T25212] ____sys_sendmsg+0x972/0x9f0 [ 635.540608][T25212] ? __might_fault+0xaf/0x130 [ 635.540637][T25212] ? __pfx_____sys_sendmsg+0x10/0x10 [ 635.540669][T25212] ? import_iovec+0x73/0xa0 [ 635.540697][T25212] ___sys_sendmsg+0x2a5/0x360 [ 635.540719][T25212] ? __lock_acquire+0x6b5/0x2cf0 [ 635.540742][T25212] ? __pfx____sys_sendmsg+0x10/0x10 [ 635.540797][T25212] ? __fget_files+0x2a/0x420 [ 635.540819][T25212] ? __fget_files+0x3a0/0x420 [ 635.540849][T25212] __x64_sys_sendmsg+0x1bd/0x2a0 [ 635.540875][T25212] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 635.540907][T25212] ? rcu_is_watching+0x15/0xb0 [ 635.540937][T25212] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 635.540958][T25212] do_syscall_64+0x15f/0xf80 [ 635.540978][T25212] ? trace_irq_disable+0x3b/0x140 [ 635.541004][T25212] ? clear_bhb_loop+0x40/0x90 [ 635.541030][T25212] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 635.541049][T25212] RIP: 0033:0x7f609339cdd9 [ 635.541066][T25212] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 635.541082][T25212] RSP: 002b:00007f609418d028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 635.541108][T25212] RAX: ffffffffffffffda RBX: 00007f6093615fa0 RCX: 00007f609339cdd9 [ 635.541122][T25212] RDX: 0000000000000000 RSI: 000020000000d040 RDI: 0000000000000003 [ 635.541134][T25212] RBP: 00007f609418d090 R08: 0000000000000000 R09: 0000000000000000 [ 635.541146][T25212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 635.541157][T25212] R13: 00007f6093616038 R14: 00007f6093615fa0 R15: 00007ffe92813ff8 [ 635.541185][T25212] [ 636.116230][T25238] netlink: 'syz.1.5262': attribute type 1 has an invalid length. [ 636.325571][T25244] workqueue: Failed to create a rescuer kthread for wq "bond23": -EINTR [ 636.874478][ T5634] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 636.897547][ T5634] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 636.912324][ T5634] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 636.920506][ T5634] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 636.934884][ T5634] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 636.981030][ T5645] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 636.994209][ T5645] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 637.002991][ T5645] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 637.014437][ T5645] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 637.024945][ T5645] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 637.415667][T25292] __nla_validate_parse: 3 callbacks suppressed [ 637.415688][T25292] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5274'. [ 638.973561][T25277] bridge0: port 1(bridge_slave_0) entered blocking state [ 638.981268][T25277] bridge0: port 1(bridge_slave_0) entered disabled state [ 639.003137][T25277] bridge_slave_0: entered allmulticast mode [ 639.027311][T25277] bridge_slave_0: entered promiscuous mode [ 639.053643][T25277] bridge0: port 2(bridge_slave_1) entered blocking state [ 639.072607][T25277] bridge0: port 2(bridge_slave_1) entered disabled state [ 639.092108][T25277] bridge_slave_1: entered allmulticast mode [ 639.118487][T25277] bridge_slave_1: entered promiscuous mode [ 639.154285][ T5645] Bluetooth: hci5: command tx timeout [ 639.286363][T25277] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 639.448329][T25277] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 639.512585][T25277] team0: Port device team_slave_0 added [ 639.521442][T25277] team0: Port device team_slave_1 added [ 639.553405][T25277] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 639.560535][T25277] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 639.594836][T25277] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 639.607450][T25277] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 639.614416][T25277] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 639.641174][T25277] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 639.684070][T25277] hsr_slave_0: entered promiscuous mode [ 639.690527][T25277] hsr_slave_1: entered promiscuous mode [ 639.700698][ C1] ip6_tunnel: ip6tnl2 xmit: Local address not yet configured! [ 639.711944][T25277] debugfs: 'hsr0' already exists in 'hsr' [ 639.717765][T25277] Cannot create hsr debugfs directory [ 640.249984][T25277] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 640.261217][T25277] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0 [ 640.272196][T25277] netdevsim netdevsim0 eth3 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0 [ 640.456936][T25277] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 640.470058][T25277] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0 [ 640.481882][T25277] netdevsim netdevsim0 eth2 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0 [ 640.564858][T25277] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 640.575214][T25277] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0 [ 640.585647][T25277] netdevsim netdevsim0 eth1 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0 [ 640.655529][T25277] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 640.665528][T25277] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 256 - 0 [ 640.675674][T25277] netdevsim netdevsim0 eth0 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0 [ 640.835534][T25277] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 640.844879][T25277] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 640.853157][T25277] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 640.862774][T25277] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 640.871143][T25277] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 640.880696][T25277] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 640.890508][T25277] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 640.899867][T25277] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 640.966145][T25277] 8021q: adding VLAN 0 to HW filter on device bond0 [ 640.993107][T25277] 8021q: adding VLAN 0 to HW filter on device team0 [ 641.005574][ T5975] bridge0: port 1(bridge_slave_0) entered blocking state [ 641.012809][ T5975] bridge0: port 1(bridge_slave_0) entered forwarding state [ 641.028440][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 641.035559][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 641.217580][ T5645] Bluetooth: hci5: command tx timeout [ 641.331994][T25277] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 641.373785][T25277] veth0_vlan: entered promiscuous mode [ 641.385976][T25277] veth1_vlan: entered promiscuous mode [ 641.413124][T25277] veth0_macvtap: entered promiscuous mode [ 641.422967][T25277] veth1_macvtap: entered promiscuous mode [ 641.445696][T25277] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 641.460585][T25277] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 641.475767][ T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 641.485411][ T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 641.499579][ T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 641.508878][ T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 641.588678][ T5975] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 641.602683][ T5975] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 641.630106][ T1035] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 641.638186][ T1035] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 641.700928][T25386] netlink: 116 bytes leftover after parsing attributes in process `syz.0.5267'. [ 643.297147][ T5645] Bluetooth: hci5: command tx timeout [ 645.377196][ T5645] Bluetooth: hci5: command tx timeout [ 649.938080][ C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 654.285704][T25393] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5295'. [ 654.312121][T25399] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5299'. [ 654.313517][T25393] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5295'. [ 654.346251][T25400] xt_ipcomp: unknown flags 1D [ 654.670478][ T5634] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 654.683976][ T5634] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 654.695936][ T5634] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 654.713184][ T5634] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 654.727611][ T5634] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 655.258640][T25436] netlink: 68 bytes leftover after parsing attributes in process `syz.0.5306'. [ 655.274739][T25436] netlink: 68 bytes leftover after parsing attributes in process `syz.0.5306'. [ 655.812624][T25449] netlink: 'syz.3.5309': attribute type 1 has an invalid length. [ 655.824342][T25449] netlink: 216 bytes leftover after parsing attributes in process `syz.3.5309'. [ 655.904357][T25455] netlink: 32 bytes leftover after parsing attributes in process `syz.0.5310'. [ 655.921067][T25456] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5311'. [ 655.947867][T25456] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5311'. [ 655.974865][ T29] audit: type=1804 audit(1777564392.068:10): pid=25455 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.5310" name="/newroot/4/cgroup.controllers" dev="tmpfs" ino=39 res=1 errno=0 [ 656.011755][ T29] audit: type=1800 audit(1777564392.068:11): pid=25455 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.5310" name="cgroup.controllers" dev="tmpfs" ino=39 res=0 errno=0 [ 656.200570][T25414] bridge0: port 1(bridge_slave_0) entered blocking state [ 656.228216][T25414] bridge0: port 1(bridge_slave_0) entered disabled state [ 656.237966][T25414] bridge_slave_0: entered allmulticast mode [ 656.270765][T25414] bridge_slave_0: entered promiscuous mode [ 656.289715][T25414] bridge0: port 2(bridge_slave_1) entered blocking state [ 656.304252][T25414] bridge0: port 2(bridge_slave_1) entered disabled state [ 656.337600][T25414] bridge_slave_1: entered allmulticast mode [ 656.361560][T25414] bridge_slave_1: entered promiscuous mode [ 656.445856][T25478] netlink: 'syz.0.5320': attribute type 2 has an invalid length. [ 656.454305][T25478] tipc: Started in network mode [ 656.465956][T25478] tipc: Node identity 1340008, cluster identity 4711 [ 656.484794][T25478] tipc: Node number set to 20185096 [ 656.502212][T25482] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5318'. [ 656.530997][T25414] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 656.555113][T25414] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 656.653049][T25414] team0: Port device team_slave_0 added [ 656.671127][T25414] team0: Port device team_slave_1 added [ 656.753528][T25414] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 656.762051][T25414] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 656.796589][T25414] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 656.817328][ T5645] Bluetooth: hci1: command tx timeout [ 656.884755][T25414] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 656.894660][T25414] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 656.946510][T25414] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 657.421921][T25508] bond28: option packets_per_slave: mode dependency failed, not supported in mode balance-tlb(5) [ 657.451090][T25508] bond28 (unregistering): Released all slaves [ 657.584919][T25414] hsr_slave_0: entered promiscuous mode [ 657.628327][T25414] hsr_slave_1: entered promiscuous mode [ 657.646949][T25414] debugfs: 'hsr0' already exists in 'hsr' [ 657.658659][T25414] Cannot create hsr debugfs directory [ 657.953063][T25524] netlink: 'syz.0.5331': attribute type 39 has an invalid length. [ 658.002748][T25414] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 658.015252][T25414] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 1] type 1 family 0 port 4352 - 0 [ 658.027458][T25414] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 658.040634][T25414] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 658.213352][T25414] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 658.230248][T25414] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 1] type 1 family 0 port 4352 - 0 [ 658.260206][T25414] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 658.281198][T25414] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 658.642869][T25414] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 658.666792][T25414] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 1] type 1 family 0 port 4352 - 0 [ 658.690832][T25414] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 658.721735][T25414] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 658.774151][T25548] hsr0: entered promiscuous mode [ 658.789156][T25551] hsr0: left promiscuous mode [ 658.795781][T25554] hsr_slave_0: left promiscuous mode [ 658.829222][T25554] hsr_slave_1: left promiscuous mode [ 658.897681][ T5645] Bluetooth: hci1: command tx timeout [ 658.924658][T25414] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 658.938333][T25414] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 1] type 1 family 0 port 4352 - 0 [ 658.949686][T25414] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 658.960877][T25414] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 659.413847][T25414] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 659.540862][T25601] __nla_validate_parse: 8 callbacks suppressed [ 659.540882][T25601] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5352'. [ 659.991606][T25414] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 660.029923][T25414] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 660.039277][T25616] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5353'. [ 660.109226][T25414] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 660.150555][T25414] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 660.273281][T25414] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 660.321353][T25414] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 660.378733][T25414] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 660.848389][T25665] FAULT_INJECTION: forcing a failure. [ 660.848389][T25665] name failslab, interval 1, probability 0, space 0, times 0 [ 660.903294][T25665] CPU: 0 UID: 0 PID: 25665 Comm: syz.0.5363 Not tainted syzkaller #0 PREEMPT(full) [ 660.903321][T25665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 660.903331][T25665] Call Trace: [ 660.903338][T25665] [ 660.903346][T25665] dump_stack_lvl+0xe8/0x150 [ 660.903372][T25665] should_fail_ex+0x412/0x560 [ 660.903398][T25665] should_failslab+0xa8/0x100 [ 660.903424][T25665] ? __pmd_alloc+0xc1/0x5c0 [ 660.903446][T25665] kmem_cache_alloc_noprof+0x87/0x650 [ 660.903477][T25665] __pmd_alloc+0xc1/0x5c0 [ 660.903500][T25665] handle_mm_fault+0xe96/0x3170 [ 660.903535][T25665] ? handle_mm_fault+0xee/0x3170 [ 660.903563][T25665] ? __pfx_handle_mm_fault+0x10/0x10 [ 660.903595][T25665] ? __lock_acquire+0x6b5/0x2cf0 [ 660.903618][T25665] ? lock_mm_and_find_vma+0xa7/0x340 [ 660.903646][T25665] do_user_addr_fault+0x75b/0x1340 [ 660.903679][T25665] exc_page_fault+0x6a/0xc0 [ 660.903702][T25665] asm_exc_page_fault+0x26/0x30 [ 660.903720][T25665] RIP: 0010:rep_movs_alternative+0xf/0x90 [ 660.903744][T25665] Code: c4 10 e9 54 54 04 00 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 2e [ 660.903759][T25665] RSP: 0018:ffffc900065efad8 EFLAGS: 00050202 [ 660.903776][T25665] RAX: 00007ffffffff001 RBX: 0000000000000004 RCX: 0000000000000004 [ 660.903788][T25665] RDX: 0000000000000001 RSI: 0000200000000bc0 RDI: ffffc900065efb80 [ 660.903799][T25665] RBP: ffffc900065efe10 R08: 0000000000000003 R09: 0000000000000004 [ 660.903811][T25665] R10: dffffc0000000000 R11: fffff52000cbdf70 R12: 0000000000000310 [ 660.903823][T25665] R13: 0000200000000bc0 R14: ffffc900065efb80 R15: 0000200000000bc0 [ 660.903853][T25665] _copy_from_user+0x7a/0xb0 [ 660.903880][T25665] do_ipv6_setsockopt+0x25c/0x3150 [ 660.903903][T25665] ? get_pid_task+0x20/0x1f0 [ 660.903934][T25665] ? __pfx_do_ipv6_setsockopt+0x10/0x10 [ 660.903956][T25665] ? get_pid_task+0x20/0x1f0 [ 660.903978][T25665] ? get_pid_task+0x20/0x1f0 [ 660.903998][T25665] ? get_pid_task+0x20/0x1f0 [ 660.904053][T25665] ? aa_sk_perm+0x6d5/0x900 [ 660.904080][T25665] ? fd_install+0x94/0x3d0 [ 660.904102][T25665] ? __pfx_aa_sk_perm+0x10/0x10 [ 660.904127][T25665] ? aa_sock_opt_perm+0xff/0x1a0 [ 660.904153][T25665] ipv6_setsockopt+0x59/0x170 [ 660.904173][T25665] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 660.904199][T25665] do_sock_setsockopt+0x17c/0x1b0 [ 660.904226][T25665] __x64_sys_setsockopt+0x13d/0x1b0 [ 660.904257][T25665] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 660.904278][T25665] do_syscall_64+0x15f/0xf80 [ 660.904297][T25665] ? trace_irq_disable+0x3b/0x140 [ 660.904323][T25665] ? clear_bhb_loop+0x40/0x90 [ 660.904346][T25665] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 660.904364][T25665] RIP: 0033:0x7fd6a9b9cdd9 [ 660.904380][T25665] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 660.904396][T25665] RSP: 002b:00007fd6aaadc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 660.904413][T25665] RAX: ffffffffffffffda RBX: 00007fd6a9e15fa0 RCX: 00007fd6a9b9cdd9 [ 660.904425][T25665] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003 [ 660.904435][T25665] RBP: 00007fd6aaadc090 R08: 0000000000000310 R09: 0000000000000000 [ 660.904447][T25665] R10: 0000200000000bc0 R11: 0000000000000246 R12: 0000000000000001 [ 660.904459][T25665] R13: 00007fd6a9e16038 R14: 00007fd6a9e15fa0 R15: 00007ffe8ca70548 [ 660.904490][T25665] [ 660.917309][T25414] 8021q: adding VLAN 0 to HW filter on device bond0 [ 660.986883][ T5645] Bluetooth: hci1: command tx timeout [ 661.010629][T25414] 8021q: adding VLAN 0 to HW filter on device team0 [ 661.304406][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 661.311615][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 661.363575][ T6933] bridge0: port 2(bridge_slave_1) entered blocking state [ 661.370807][ T6933] bridge0: port 2(bridge_slave_1) entered forwarding state [ 661.415259][T25674] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5367'. [ 661.709730][T25684] tipc: Enabled bearer , priority 0 [ 661.745672][T25684] xt_hashlimit: size too large, truncated to 1048576 [ 661.783428][T25687] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 661.807879][T25691] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5372'. [ 661.873958][T25687] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 661.957875][T25687] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 661.990013][T25687] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 662.049532][T25698] netlink: 32 bytes leftover after parsing attributes in process `syz.4.5374'. [ 662.168317][T25683] tipc: Disabling bearer [ 662.438496][T25414] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 662.587888][T25414] veth0_vlan: entered promiscuous mode [ 662.632496][T25414] veth1_vlan: entered promiscuous mode [ 662.731909][T25414] veth0_macvtap: entered promiscuous mode [ 662.763960][T25414] veth1_macvtap: entered promiscuous mode [ 662.815076][T25414] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 662.864109][T25414] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 662.912976][ T1107] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 662.951134][T25725] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5382'. [ 662.966220][T25725] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5382'. [ 662.981861][ T1107] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 663.026362][ T1107] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 663.057604][ T5645] Bluetooth: hci1: command tx timeout [ 663.086814][ T1107] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 663.316031][T25730] netlink: 32 bytes leftover after parsing attributes in process `syz.2.5384'. [ 663.442556][ T5975] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 663.472558][ T5975] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 663.585289][ T1107] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 663.609811][ T1107] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 663.648119][T25740] netlink: 44 bytes leftover after parsing attributes in process `syz.4.5386'. [ 663.665862][T25740] netlink: 104 bytes leftover after parsing attributes in process `syz.4.5386'. [ 663.804833][T25742] ipt_REJECT: TCP_RESET invalid for non-tcp [ 663.918253][T25748] tipc: Enabled bearer , priority 0 [ 663.963127][T25748] syzkaller0: entered promiscuous mode [ 663.988447][T25748] syzkaller0: entered allmulticast mode [ 664.044341][T25748] tipc: Resetting bearer [ 664.137916][T25753] netlink: 'syz.0.5391': attribute type 1 has an invalid length. [ 664.156934][T25753] netlink: 'syz.0.5391': attribute type 4 has an invalid length. [ 664.195340][ T5634] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 664.213567][ T5634] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 664.222305][ T5634] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 664.235562][ T5634] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 664.245018][ T5634] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 664.629691][T25741] tipc: Resetting bearer [ 664.671688][T25741] tipc: Disabling bearer [ 664.820857][T25767] tipc: Started in network mode [ 664.826002][T25767] tipc: Node identity 16ac26771a67, cluster identity 4711 [ 664.834538][T25767] tipc: Enabled bearer , priority 0 [ 664.869666][T25767] tipc: Disabling bearer [ 665.381180][ T7755] IPVS: starting estimator thread 0... [ 665.476760][T25794] IPVS: using max 30 ests per chain, 72000 per kthread [ 665.784439][T25799] syzkaller0: entered promiscuous mode [ 665.808080][T25799] syzkaller0: entered allmulticast mode [ 666.338618][ T5645] Bluetooth: hci4: command tx timeout [ 667.064551][T25848] __nla_validate_parse: 1 callbacks suppressed [ 667.064570][T25848] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5402'. [ 668.441881][ T5645] Bluetooth: hci4: command tx timeout [ 669.480016][T25853] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5404'. [ 669.489978][T25853] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 669.647860][T25847] netlink: 'syz.0.5403': attribute type 12 has an invalid length. [ 669.660596][T25754] bridge0: port 1(bridge_slave_0) entered blocking state [ 669.676390][T25754] bridge0: port 1(bridge_slave_0) entered disabled state [ 669.687797][T25754] bridge_slave_0: entered allmulticast mode [ 669.695858][T25754] bridge_slave_0: entered promiscuous mode [ 669.720938][T25754] bridge0: port 2(bridge_slave_1) entered blocking state [ 669.736552][T25754] bridge0: port 2(bridge_slave_1) entered disabled state [ 669.752088][T25754] bridge_slave_1: entered allmulticast mode [ 669.774024][T25754] bridge_slave_1: entered promiscuous mode [ 669.790373][T25856] netlink: 'syz.0.5405': attribute type 2 has an invalid length. [ 669.812134][T25856] netlink: 'syz.0.5405': attribute type 11 has an invalid length. [ 669.833436][T25856] netlink: 132 bytes leftover after parsing attributes in process `syz.0.5405'. [ 669.844407][T25754] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 669.857967][T25754] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 669.873554][T25861] netlink: 30 bytes leftover after parsing attributes in process `syz.3.5407'. [ 669.934971][T25754] team0: Port device team_slave_0 added [ 669.983237][T25754] team0: Port device team_slave_1 added [ 670.035071][T25861] dvmrp0: left allmulticast mode [ 670.053527][T25754] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 670.059729][T25869] FAULT_INJECTION: forcing a failure. [ 670.059729][T25869] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 670.067123][T25754] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 670.081060][T25869] CPU: 0 UID: 0 PID: 25869 Comm: syz.1.5409 Not tainted syzkaller #0 PREEMPT(full) [ 670.081086][T25869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 670.081097][T25869] Call Trace: [ 670.081105][T25869] [ 670.081113][T25869] dump_stack_lvl+0xe8/0x150 [ 670.081138][T25869] should_fail_ex+0x412/0x560 [ 670.081170][T25869] _copy_from_user+0x2d/0xb0 [ 670.081194][T25869] bpf_test_init+0xd8/0x150 [ 670.081221][T25869] bpf_prog_test_run_xdp+0x529/0x1160 [ 670.081255][T25869] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 670.081282][T25869] ? __fget_files+0x2a/0x420 [ 670.081306][T25869] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 670.081329][T25869] bpf_prog_test_run+0x2c7/0x340 [ 670.081350][T25869] __sys_bpf+0x643/0x950 [ 670.081378][T25869] ? __pfx___sys_bpf+0x10/0x10 [ 670.081415][T25869] ? ksys_write+0x242/0x270 [ 670.081441][T25869] ? __pfx_ksys_write+0x10/0x10 [ 670.081469][T25869] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 670.081488][T25869] __x64_sys_bpf+0x7c/0x90 [ 670.081512][T25869] do_syscall_64+0x15f/0xf80 [ 670.081531][T25869] ? trace_irq_disable+0x3b/0x140 [ 670.081556][T25869] ? clear_bhb_loop+0x40/0x90 [ 670.081577][T25869] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 670.081595][T25869] RIP: 0033:0x7f81f059cdd9 [ 670.081612][T25869] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 670.081627][T25869] RSP: 002b:00007f81ee7f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 670.081653][T25869] RAX: ffffffffffffffda RBX: 00007f81f0815fa0 RCX: 00007f81f059cdd9 [ 670.081666][T25869] RDX: 0000000000000050 RSI: 0000200000000000 RDI: 000000000000000a [ 670.081677][T25869] RBP: 00007f81ee7f6090 R08: 0000000000000000 R09: 0000000000000000 [ 670.081689][T25869] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 670.081699][T25869] R13: 00007f81f0816038 R14: 00007f81f0815fa0 R15: 00007fff24864ee8 [ 670.081727][T25869] [ 670.300719][T25754] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 670.314612][T25754] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 670.321740][T25754] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 670.368041][T25754] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 670.499270][ T5645] Bluetooth: hci4: command tx timeout [ 670.534613][T25754] hsr_slave_0: entered promiscuous mode [ 670.543748][T25754] hsr_slave_1: entered promiscuous mode [ 670.663379][T25885] netlink: 48 bytes leftover after parsing attributes in process `syz.1.5415'. [ 670.809005][T25892] v: renamed from vlan0 (while UP) [ 670.832835][T25893] netlink: 'syz.3.5418': attribute type 1 has an invalid length. [ 670.908269][T25754] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 670.980657][T25900] tipc: Cannot configure node identity twice [ 671.101811][T25754] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 671.161373][T25909] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5427'. [ 671.170930][T25909] netlink: 'syz.0.5427': attribute type 1 has an invalid length. [ 671.180729][T25909] netlink: 'syz.0.5427': attribute type 1 has an invalid length. [ 671.193652][T25907] xt_hashlimit: size too large, truncated to 1048576 [ 671.200388][T25909] netlink: 'syz.0.5427': attribute type 1 has an invalid length. [ 671.200410][T25909] netlink: 'syz.0.5427': attribute type 1 has an invalid length. [ 671.200423][T25909] netlink: 'syz.0.5427': attribute type 1 has an invalid length. [ 671.200439][T25909] netlink: 25 bytes leftover after parsing attributes in process `syz.0.5427'. [ 671.216449][T25909] vlan2: entered allmulticast mode [ 671.263012][T25909] veth0_to_bond: entered allmulticast mode [ 671.294936][T25754] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 671.494540][T25754] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 671.725500][T25930] xt_l2tp: v2 sid > 0xffff: 8388608 [ 672.059389][T25754] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 672.078981][T25754] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 672.097714][T25754] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 672.129310][T25754] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 672.154961][T25754] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 672.300973][T25754] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 672.326225][T25754] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 672.397854][T25754] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 672.561150][T25754] 8021q: adding VLAN 0 to HW filter on device bond0 [ 672.577190][ T5645] Bluetooth: hci4: command tx timeout [ 672.608608][T25754] 8021q: adding VLAN 0 to HW filter on device team0 [ 672.650179][ T1107] bridge0: port 1(bridge_slave_0) entered blocking state [ 672.657445][ T1107] bridge0: port 1(bridge_slave_0) entered forwarding state [ 672.690246][ T6933] bridge0: port 2(bridge_slave_1) entered blocking state [ 672.697487][ T6933] bridge0: port 2(bridge_slave_1) entered forwarding state [ 672.817831][T25982] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5457'. [ 673.014934][T25986] macvlan2: entered promiscuous mode [ 673.035528][T25986] macvlan2: entered allmulticast mode [ 673.060878][T25986] bond3: (slave macvlan2): Opening slave failed [ 673.855322][T25754] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 673.909439][T26025] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5470'. [ 674.475124][T25754] veth0_vlan: entered promiscuous mode [ 674.543276][T25754] veth1_vlan: entered promiscuous mode [ 674.645257][T25754] veth0_macvtap: entered promiscuous mode [ 674.701443][T25754] veth1_macvtap: entered promiscuous mode [ 674.723981][T25754] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 674.771107][T25754] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 674.826245][ T1107] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 674.847064][ T1107] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 674.881987][ T1107] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 674.906888][ T1107] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 675.255311][ T1107] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 675.291707][ T1107] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 675.448522][ T5975] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 675.476548][ T5975] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 676.041795][ T5634] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 676.057724][ T5634] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 676.070576][ T5634] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 676.078740][ T5634] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 676.088940][ T5634] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 676.833707][T26109] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5503'. [ 677.307797][T26136] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5515'. [ 677.560112][T26152] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5522'. [ 677.616995][T26155] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5522'. [ 677.642287][T26152] syz_tun: entered promiscuous mode [ 677.683547][T26152] macvtap1: entered promiscuous mode [ 677.705429][T26152] macvtap1: entered allmulticast mode [ 677.729652][T26158] [ 677.731255][T26152] syz_tun: entered allmulticast mode [ 677.733659][T26158] ============================= [ 677.743343][T26158] WARNING: suspicious RCU usage [ 677.748735][T26158] syzkaller #0 Not tainted [ 677.753182][T26158] ----------------------------- [ 677.758277][T26158] kernel/events/callchain.c:163 suspicious rcu_dereference_check() usage! [ 677.766921][T26158] [ 677.766921][T26158] other info that might help us debug this: [ 677.766921][T26158] [ 677.778567][T26158] [ 677.778567][T26158] rcu_scheduler_active = 2, debug_locks = 1 [ 677.786760][T26158] 1 lock held by syz.1.5524/26158: [ 677.791887][T26158] #0: ffffffff8e95cf58 (rcu_tasks_trace_srcu_struct){....}-{0:0}, at: rcu_read_lock_trace+0x25/0x110 [ 677.803101][T26158] SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 677.803101][T26158] stack backtrace: [ 677.809067][T26158] CPU: 1 UID: 0 PID: 26158 Comm: syz.1.5524 Not tainted syzkaller #0 PREEMPT(full) [ 677.809093][T26158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 677.809106][T26158] Call Trace: [ 677.809115][T26158] [ 677.809124][T26158] dump_stack_lvl+0xe8/0x150 [ 677.809152][T26158] lockdep_rcu_suspicious+0x13f/0x1d0 [ 677.809185][T26158] get_callchain_entry+0x2b6/0x3c0 [ 677.809213][T26158] get_perf_callchain+0xd5/0x880 [ 677.809243][T26158] ? __pfx_get_perf_callchain+0x10/0x10 [ 677.809271][T26158] ? futex_unqueue+0x22/0x240 [ 677.809299][T26158] ? futex_unqueue+0x22/0x240 [ 677.809318][T26158] ? futex_unqueue+0x22/0x240 [ 677.809346][T26158] __bpf_get_stack+0x445/0xab0 [ 677.809379][T26158] ? __pfx___bpf_get_stack+0x10/0x10 [ 677.809407][T26158] ? __lock_acquire+0x6b5/0x2cf0 [ 677.809433][T26158] bpf_get_stack+0x33/0x50 [ 677.809454][T26158] ? bpf_prog_aa1f08ea8b241262+0x46/0x4e [ 677.809475][T26158] bpf_get_stack_raw_tp+0x1a9/0x220 [ 677.809511][T26158] bpf_prog_aa1f08ea8b241262+0x46/0x4e [ 677.809533][T26158] bpf_prog_run_pin_on_cpu+0x142/0x470 [ 677.809568][T26158] bpf_prog_test_run_syscall+0x318/0x4c0 [ 677.809599][T26158] ? __pfx_bpf_prog_test_run_syscall+0x10/0x10 [ 677.809626][T26158] ? __fget_files+0x2a/0x420 [ 677.809656][T26158] ? __pfx_bpf_prog_test_run_syscall+0x10/0x10 [ 677.809685][T26158] bpf_prog_test_run+0x2c7/0x340 [ 677.809711][T26158] __sys_bpf+0x643/0x950 [ 677.809745][T26158] ? __pfx___sys_bpf+0x10/0x10 [ 677.809799][T26158] ? rcu_is_watching+0x15/0xb0 [ 677.809830][T26158] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 677.809854][T26158] __x64_sys_bpf+0x7c/0x90 [ 677.809884][T26158] do_syscall_64+0x15f/0xf80 [ 677.809908][T26158] ? trace_irq_disable+0x3b/0x140 [ 677.809939][T26158] ? clear_bhb_loop+0x40/0x90 [ 677.809965][T26158] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 677.809987][T26158] RIP: 0033:0x7f81f059cdd9 [ 677.810008][T26158] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 677.810025][T26158] RSP: 002b:00007f81ee7f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 677.810046][T26158] RAX: ffffffffffffffda RBX: 00007f81f0815fa0 RCX: 00007f81f059cdd9 [ 677.810060][T26158] RDX: 000000000000000c RSI: 00002000000004c0 RDI: 000000000000000a [ 677.810073][T26158] RBP: 00007f81f0632d69 R08: 0000000000000000 R09: 0000000000000000 [ 677.810086][T26158] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 677.810099][T26158] R13: 00007f81f0816038 R14: 00007f81f0815fa0 R15: 00007fff24864ee8 [ 677.810133][T26158] [ 678.338652][T26155] syz_tun: left allmulticast mode [ 678.344139][ T5645] Bluetooth: hci0: command tx timeout [ 678.401562][T26155] syz_tun: left promiscuous mode [ 678.959676][ T3331] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 679.234340][ T3331] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 679.347933][ T3331] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 679.432154][ T3331] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 679.613681][ T3331] bridge_slave_1: left allmulticast mode [ 679.623811][ T3331] bridge_slave_1: left promiscuous mode [ 679.632918][ T3331] bridge0: port 2(bridge_slave_1) entered disabled state [ 679.646920][ T3331] bridge_slave_0: left allmulticast mode [ 679.654119][ T3331] bridge_slave_0: left promiscuous mode [ 679.660710][ T3331] bridge0: port 1(bridge_slave_0) entered disabled state [ 679.998815][ T3331] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 680.011220][ T3331] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 680.024150][ T3331] bond0 (unregistering): Released all slaves [ 680.039511][ T3331] bond1 (unregistering): Released all slaves [ 680.053229][ T3331] bond2 (unregistering): Released all slaves [ 680.066530][ T3331] bond3 (unregistering): Released all slaves [ 680.085288][ T5292] 8021q: adding VLAN 0 to HW filter on device eth1 [ 680.144143][ T3331] tipc: Left network mode [ 680.470663][ T3331] hsr_slave_0: left promiscuous mode [ 680.477912][ T3331] hsr_slave_1: left promiscuous mode [ 680.485128][ T3331] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 680.495403][ T3331] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 680.513879][ T3331] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 680.522368][ T3331] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 680.554642][ T3331] veth1_macvtap: left promiscuous mode [ 680.563060][ T3331] veth0_macvtap: left promiscuous mode [ 680.569286][ T3331] veth1_vlan: left promiscuous mode [ 680.574794][ T3331] veth0_vlan: left promiscuous mode [ 680.770668][ T3331] team0 (unregistering): Port device team_slave_1 removed [ 680.790521][ T3331] team0 (unregistering): Port device team_slave_0 removed [ 680.885919][ T5292] 8021q: adding VLAN 0 to HW filter on device eth2 [ 681.301833][ T3331] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 681.332275][ T5292] 8021q: adding VLAN 0 to HW filter on device eth3 [ 681.436052][ T3331] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 681.495017][ T3331] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 681.558855][ T3331] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 681.814326][ T3331] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 681.832319][ T5292] 8021q: adding VLAN 0 to HW filter on device eth4 [ 681.914197][ T3331] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 682.025195][ T3331] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 682.100830][ T3331] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 682.269951][ T5292] 8021q: adding VLAN 0 to HW filter on device eth5 [ 682.310317][ T3331] bridge_slave_1: left allmulticast mode [ 682.316077][ T3331] bridge_slave_1: left promiscuous mode [ 682.324456][ T3331] bridge0: port 2(bridge_slave_1) entered disabled state [ 682.341713][ T3331] bridge_slave_0: left allmulticast mode [ 682.347975][ T3331] bridge_slave_0: left promiscuous mode [ 682.354398][ T3331] bridge0: port 1(bridge_slave_0) entered disabled state [ 682.369027][ T3331] bridge_slave_1: left allmulticast mode [ 682.374688][ T3331] bridge_slave_1: left promiscuous mode [ 682.380711][ T3331] bridge0: port 2(bridge_slave_1) entered disabled state [ 682.395039][ T3331] bridge_slave_0: left allmulticast mode [ 682.401330][ T3331] bridge_slave_0: left promiscuous mode [ 682.407174][ T3331] bridge0: port 1(bridge_slave_0) entered disabled state [ 682.520186][ T3331] bond0 (unregistering): Released all slaves [ 682.684630][ T3331] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 682.696161][ T3331] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 682.708928][ T3331] bond0 (unregistering): Released all slaves [ 682.841220][ T3331] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 682.852124][ T3331] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 682.862930][ T3331] bond0 (unregistering): Released all slaves [ 683.009823][ T3331] tipc: Left network mode [ 683.401098][ T5292] 8021q: adding VLAN 0 to HW filter on device eth6 [ 683.456296][ T3331] hsr_slave_0: left promiscuous mode [ 683.474014][ T3331] hsr_slave_1: left promiscuous mode [ 683.482442][ T3331] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 683.490323][ T3331] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 683.499133][ T3331] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 683.506571][ T3331] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 683.522452][ T3331] hsr_slave_0: left promiscuous mode [ 683.537106][ T3331] hsr_slave_1: left promiscuous mode [ 683.543289][ T3331] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 683.551710][ T3331] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 683.560487][ T3331] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 683.569681][ T3331] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 683.599774][ T3331] veth1_macvtap: left promiscuous mode [ 683.605439][ T3331] veth0_macvtap: left promiscuous mode [ 683.611772][ T3331] veth1_vlan: left promiscuous mode [ 683.617742][ T3331] veth0_vlan: left promiscuous mode [ 683.624313][ T3331] veth1_macvtap: left promiscuous mode [ 683.634655][ T3331] veth0_macvtap: left promiscuous mode [ 683.641430][ T3331] veth1_vlan: left promiscuous mode [ 683.647210][ T3331] veth0_vlan: left promiscuous mode [ 684.053812][ T3331] team0 (unregistering): Port device team_slave_1 removed [ 684.068960][ T3331] team0 (unregistering): Port device team_slave_0 removed [ 684.306586][ T3331] team0 (unregistering): Port device team_slave_1 removed [ 684.329572][ T3331] team0 (unregistering): Port device team_slave_0 removed [ 684.422344][ T5292] 8021q: adding VLAN 0 to HW filter on device eth7 [ 684.940086][ T3331] IPVS: stop unused estimator thread 0... [ 685.013975][ T5292] 8021q: adding VLAN 0 to HW filter on device eth8 [ 685.345270][ T5292] 8021q: adding VLAN 0 to HW filter on device eth9 [ 685.685040][ T5292] 8021q: adding VLAN 0 to HW filter on device eth10 [ 686.120504][ T5292] 8021q: adding VLAN 0 to HW filter on device eth11 [ 686.450358][ T5292] 8021q: adding VLAN 0 to HW filter on device eth12