last executing test programs: 1.800350253s ago: executing program 2 (id=7695): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f600000085000000430000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb709}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r0, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.785821498s ago: executing program 2 (id=7696): socket$inet6_mptcp(0xa, 0x1, 0x106) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xd, 0x0, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1) sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010028bd7000fedbdf2502000000"], 0x14}, 0x1, 0x0, 0x0, 0x4040}, 0x8000) r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0) socket(0x0, 0x40c, 0x3) r4 = socket(0x10, 0x3, 0x0) r5 = socket(0x11, 0x3, 0x0) r6 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x4e20, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}, &(0x7f0000000180)=0x10) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r6, 0x84, 0x25, &(0x7f0000001500)={r7, @in6={{0xa, 0x4e20, 0x8, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x9}}, 0x5}, 0x90) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@deltaction={0x24, 0x31, 0x3, 0x70bd26, 0x25dfdbfc, {}, [@TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x1, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7}}]}]}, 0x24}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCGETPRL(r5, 0x89f4, &(0x7f0000000700)={'sit0\x00', 0x0}) r9 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="3c00000010000104000000000000000000000000419dbfbf9057ccc75840502be6d2447878e3886604888041536e05989c9e133bc1369000245fbf13248858f8dc4ba27e903ee10ae1cde2407d6a83884ba83cfc47a7e490a723d0b282f8817274a65adc793550c39f4b2099411cbb08ecc34fff9db90a04232d92b3ca8eb11e8fd8fb27efdf", @ANYRES32=0x0, @ANYBLOB="004200000200020008000500", @ANYRES32=0x0, @ANYBLOB="140012800b0001006c6f7770616e000004000280"], 0x3c}}, 0x4000) ioctl$FS_IOC_MEASURE_VERITY(r3, 0xc0046686, &(0x7f00000002c0)={0x2, 0xf1, "c93ab28373202875a1fd35642d927f3c2e5b98caca457f097ab5c1eff65cb177e1358ef47d2b3df45ae72f488cb4c615da2fe7fc7b56efcec557a53173aa368a204238956baa0f860793963d3201fc9521111883935bf1ea87ebd8ca1fc2e2317b3851f45a20324ace5fa188ced7264f1de9e189d834fc0fe67f2f113bff07c993cf050ecb19fa03acc4e7341a8581822f3251794f599f01b4a725ee84595ca6d97462eb30ebef2a81edd805d3642831ec10cf62e4b8eb3ccbe123b43a4d7923609623161709e8391a0294b0282c14833b3720d1e309e21366252f4d06c589df8b84258c9610ccd13f9a9c6405c7f1eeab"}) r10 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r10, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000001a40)=ANY=[@ANYBLOB="5801000010000100030000000000000000000000000000ac1414bb0000000000000000000000000000000000000000000000001600"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc0100000000000000000000000000000400000033000000ac1414bb00000000000000000000000000000000000000000000000000000000030000000000000004000000000000005700000000000000fdffffffffffffff000000000000010000000000000000007b00000000000000000080000000000000200000000000000000000000000000000000005cfd00000000000000000000000000000a000000aa0000000000000048000100686d61632873686131290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020001700010000002bbd70002bbd70002bbd700026bd700004"], 0x158}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) setsockopt$SO_BINDTODEVICE_wg(r10, 0x1, 0x19, &(0x7f00000000c0)='wg1\x00', 0x4) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000240)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=@newqdisc={0x54, 0x24, 0x1, 0x4, 0x0, {0x60, 0x0, 0x0, r11, {}, {0xffff, 0xffff}, {0xfff2, 0xfff2}}, [@TCA_STAB={0x30, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x6, 0x5, 0x2, 0xffffffff, 0x0, 0xfffffff5, 0x5, 0x5}}, {0xe, 0x2, [0x3d00, 0xa7d, 0xdded, 0xd, 0x78]}}]}]}, 0x54}}, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x89f1, &(0x7f0000010640)={'tunl0\x00', &(0x7f00000001c0)=@ethtool_cmd={0x42, 0x0, 0x0, 0x0, 0xf8, 0x0, 0xfc, 0xfe, 0x0, 0x4, 0x0, 0x0, 0x0, 0xff, 0xff, 0x45, [0x0, 0x89ff]}}) 1.459014596s ago: executing program 3 (id=7702): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0xd}, 0x18) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff) r3 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$ETHTOOL_MSG_STRSET_GET(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x20, r2, 0xe985e4df3848afb5, 0x20, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}]}, 0x20}}, 0x0) 1.376424556s ago: executing program 4 (id=7703): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000000)={0x500, 0xffffffff, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="020300000e000000000000000000000005000600000000000a"], 0x70}}, 0x0) 1.371216969s ago: executing program 3 (id=7704): r0 = socket$inet6(0xa, 0x2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14) setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14) r3 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'lo\x00', 0x0}) setsockopt$inet6_mreq(r2, 0x29, 0x1c, &(0x7f00000001c0)={@remote, r4}, 0x14) sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000001b00)={0x18, 0x2d, 0x1, 0x70bd26, 0x25dfdbec, {0x4}, [@nested={0x4, 0xe}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000) r5 = socket(0x10, 0x803, 0x0) sendmsg$SMC_PNETID_GET(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0) getsockname$packet(r5, 0x0, &(0x7f00000000c0)) sendmsg$nl_route(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="440000001000370400000000ffffffff1f000000", @ANYRES32, @ANYBLOB="0b12050000000000240012800b00010069703667726500001400028008000100", @ANYRES32, @ANYBLOB="08000c0000ff"], 0x44}, 0x1, 0x0, 0x0, 0x48800}, 0x4000010) sendmmsg$inet(r0, &(0x7f0000000bc0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000000)}}], 0x1, 0x24000800) r6 = socket(0x10, 0x3, 0x0) r7 = accept4$inet(r5, &(0x7f0000000080)={0x2, 0x0, @remote}, &(0x7f0000000100)=0x10, 0x80000) setsockopt$inet_int(r7, 0x0, 0x31, &(0x7f0000000280)=0xbd, 0x4) r8 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$inet6(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_tcp_int(r5, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x10, &(0x7f0000000400)=0x5, 0x4) setsockopt$SO_BINDTODEVICE(r7, 0x1, 0x19, &(0x7f0000000340)='pim6reg\x00', 0x10) sendto$inet6(0xffffffffffffffff, &(0x7f00000000c0)="e9", 0x1, 0x20008045, &(0x7f00000001c0)={0xa, 0x2, 0x1000, @empty}, 0x1c) setsockopt$packet_int(r8, 0x107, 0x13, 0x0, 0x0) sendmsg$nl_route(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=@RTM_GETMDB={0x18, 0x56, 0xd23}, 0x18}}, 0x0) r9 = socket$nl_generic(0x10, 0x3, 0x10) sendto$inet6(r5, &(0x7f0000000540)="085c235fd568ca9f8be5233b1d6fb77877da99e5189c328eecc776322930c6350c8f7a3132e5919f650b4af74fa8d136801091136e9b6cbd48300052c8c4fc605f9487958d683a9cac87e2c26e1075151f8a9f8cfc55afe480ff0b55dc1106eea93dba6ecd17cab933f0793ac8956ac1f35c43d052d95fd2946282ca148a1a995f2159a5393e46371ec5433e7b35de857f571cc81674d243f8084ea434a06d1a1da0b966297608c813ed53f8a377a33b8d22c4973186385a0ca69d98358e936e7cb3c1864cc97a1647c2", 0xca, 0x4000800, 0x0, 0x0) sendmsg$nl_generic(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=ANY=[@ANYBLOB="340000003e000701feffffff00000000017c0000040042800c0001800600060080f21d66a04b12f215a543f50f0a000010000280"], 0x34}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r6) 1.347197863s ago: executing program 4 (id=7705): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) recvmmsg(r0, &(0x7f00000041c0)=[{{0x0, 0x0, &(0x7f0000000b40)}, 0x8}, {{0x0, 0x0, &(0x7f0000000d40)=[{&(0x7f0000000c80)=""/103, 0x67}], 0x1}, 0x8f02}], 0x2, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000007080)=[{{0x0, 0x0, 0x0}}], 0x1, 0x48800) 1.259649948s ago: executing program 4 (id=7707): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2) sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) close(r4) r5 = socket$unix(0x1, 0x1, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x40000012}, 0x48) sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xfffffffd, 0x6}, [@TCA_NETEM_LATENCY64={0xc, 0xa, 0x6}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001080)={&(0x7f0000001100)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r7, {}, {0x2, 0xb}, {0xa, 0xd}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0xd20d, 0xc8, 0x3}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4008000}, 0x4008000) ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r8, 0x5452, &(0x7f0000000000)=0xffffffffffffffff) sendmmsg$unix(r8, &(0x7f00000bd000), 0x318, 0x3ec0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10010, r8, 0xdebb7000) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000e00), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000e40)={'wlan0\x00', 0x0}) r12 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_int(r12, 0x6, 0x2e, &(0x7f0000000000)=0xffffffff, 0x4) sendmsg$NL80211_CMD_GET_SCAN(r9, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000380)={0x1c, r10, 0xf21, 0x0, 0x0, {{}, {@val={0x8, 0x3, r11}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x20000015}, 0x44000) 1.214983405s ago: executing program 1 (id=7708): socket$kcm(0x2, 0x6, 0x84) (async) r0 = socket$unix(0x1, 0x1, 0x0) (async) pipe(&(0x7f00000000c0)) socket$inet6_tcp(0xa, 0x1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) socket$nl_route(0x10, 0x3, 0x0) (async) socket$inet6_udp(0xa, 0x2, 0x0) (async) openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async) socket$inet(0x2, 0x2, 0x1) socket$nl_route(0x10, 0x3, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) (async) socket$nl_route(0x10, 0x3, 0x0) (async) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') socket$tipc(0x1e, 0x2, 0x0) (async) socket$tipc(0x1e, 0x2, 0x0) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)) (async) r2 = socket$packet(0x11, 0x3, 0x300) (async) socket$inet6_udp(0xa, 0x2, 0x0) (async) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000009a40)={&(0x7f0000000500)=ANY=[@ANYRESHEX=r2, @ANYRES16=r3], 0xc4}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000380)={'bridge_slave_0\x00'}) (async) r4 = socket$alg(0x26, 0x5, 0x0) r5 = accept4(r4, 0x0, 0x0, 0x0) sendto$unix(r5, &(0x7f0000000440)="36d9a32e92c131d730b1abaedb51eb66fd2d5b1f7eda4f0e859fdaf294bad70673813533d8bf1c6a77b65a7afdc01b29e73571071a68d5def5d7df839810da130b9348f4d9d407eb478d5bfb298c552a498271af70914e14ba9476fd2a0e47984c25ea20afab3064a748add27a7149e9c4705475bda2ecec9ec30214f28c5e16fd3f50f604f20232c534409e52bff64fc6ca0f5e254083aec2794b7216e002e87caf3d0fa7d04ff9e3b03e81595a04979594ff6ea888bf13de8e8f74c6178e31e47593732ae1a501ad3641d423195a788efdb643f50a8c8b9794a62f7b8dfa0fa7da9d391b92ce2a7f9fe0f9d584a3775f", 0x703d59595f6742a8, 0x800, 0x0, 0x0) (async) sendmsg$802154_raw(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)}, 0x1, 0x0, 0x0, 0x8002040}, 0x30008080) (async) getsockopt$WPAN_SECURITY_LEVEL(r5, 0x0, 0x2, &(0x7f0000000140), &(0x7f0000000180)=0x4) socket$inet_mptcp(0x2, 0x1, 0x106) (async) getsockopt$inet_int(r1, 0x0, 0x32, 0x0, &(0x7f0000000040)) 1.094691083s ago: executing program 1 (id=7710): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000000c0)={0x3, 0x1000}, 0x4) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000240)=@req3={0x5, 0xffffffff, 0x1002, 0x1, 0x7ff, 0xf84, 0x3}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@deltaction={0x24, 0x31, 0x3, 0x70bd26, 0x25dfdbfc, {}, [@TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x1, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7}}]}]}, 0x24}}, 0x0) 708.868131ms ago: executing program 0 (id=7712): socket$nl_netfilter(0x10, 0x3, 0xc) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x45) r0 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000200)="ad00"/16, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r0) recvmmsg(r0, &(0x7f0000002440), 0x3ffffffffffff67, 0x0, 0x0) 689.999974ms ago: executing program 2 (id=7713): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-asm\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x800) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c0000000200", @ANYRES32=r1, @ANYBLOB], 0x1c}}, 0x20000080) ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r1, 0x8008f512, &(0x7f0000000000)) socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="18020000fbffffff000000000300000085000000bc0000009500000000000000fb3b3af98472db8366fc4bdddafba8b70793b93dea0e28fc48acd252d2588642b24427b692270f92402609e327924564047d3648ae"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800000}, 0x94) ioctl$SIOCPNADDRESOURCE(0xffffffffffffffff, 0x89e0, &(0x7f00000002c0)=0x3ef) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000780)={0x2c, 0x3e, 0x107, 0x70bd2d, 0x25dfdbfc, {0x4, 0x7c}, [@typed={0x4}, @nested={0x14, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}, @typed={0x8, 0x9, 0x0, 0x0, @pid}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20040000}, 0x44000) 605.457899ms ago: executing program 0 (id=7714): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x40082, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000300)=0xfffffffb) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) sendfile(r2, r0, &(0x7f00000000c0)=0xe2d, 0x6) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[], 0x50}, 0x1, 0x0, 0x0, 0x800c081}, 0x0) r4 = socket$kcm(0x10, 0x7, 0x0) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000004c0)="d800000018009f064e81f744db4cb904021d0800fd02fe02e8fe50a10a001100250000000c600e41b0000900ac0008032500000004000b000a00ff150048035c3b61c1d67f6f94007134cf6efb8000a007a290457f01a7cee4090000001fb791643a5ee4ce1b14d6d930dfe1d9d31afe7c9f8775730d16a4683f5ae24e25ccca9e00360db79826835d3a71d95667daffffff5ce3bb9ad809d5e1cace81ed", 0x9e}, {&(0x7f0000000180)="50c552f1e0ce851e3598d16c959c959961acc0e29c1c3a15e437dcc80fc869726b03679e5d823c8a29528c4fc2205daedafa5224dbe080d3787d", 0x3a}], 0x2}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="75e302dffff9fa3e440000001000010400"/28, @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b00010062726964676500001400028006002700070000000500290006000000"], 0x44}}, 0x0) 604.562209ms ago: executing program 2 (id=7715): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=@newtaction={0x64, 0x30, 0x1, 0xfff0, 0x0, {}, [{0x50, 0x1, [@m_mpls={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0x0, 0x0, 0x30000001}, 0x1}}]}, {0x4, 0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0) 564.450826ms ago: executing program 1 (id=7716): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000100)=ANY=[], 0x32600) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000040)={{0x2, 0x4000, @multicast2}, {}, 0x0, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 'ip6gre0\x00'}) 535.777382ms ago: executing program 3 (id=7717): r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) getpeername(r0, 0x0, &(0x7f00000009c0)) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmmsg$inet6(r1, &(0x7f0000002fc0)=[{{&(0x7f0000000340)={0xa, 0x4e23, 0xfffffff9, @dev={0xfe, 0x80, '\x00', 0x36}, 0x9}, 0x1c, &(0x7f00000004c0)=[{&(0x7f00000005c0)="05", 0x1}], 0x1}}, {{&(0x7f0000000500)={0xa, 0x4e22, 0x0, @remote, 0x40}, 0x1c, &(0x7f0000000b00)=[{&(0x7f00000006c0)="02", 0x1}], 0x1}}], 0x2, 0x24000045) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000001680)={0x0, 0x0, &(0x7f0000001640)={&(0x7f0000001700)=ANY=[@ANYBLOB="540200001600010000000000fedbdf25ff0100000000000000000000000000010a0101010000000000000000000000004e2200004e2300000a00200021000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="fc0000000000000000000000000000000000000033000000e0000002000000000000000000000000060000000000000019d000000000000009000000000000000000000000000000000000000000000008000000000000000000000000000000ff030000100000000300000000000000ffffffff00000000ffffff7f000000000900000000000000000000007f000000070000002bbd7000000000000200013f000000000000000001000000060000002c001300200100000000000000000000000000010000000000000000000000020000001c00040003004e204e210000fe"], 0x254}}, 0x0) shutdown(r1, 0x1) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000001600)={0x0, 0x8, 0x2000, 0x5, 0x0, 0x5}, 0x14) r3 = socket$nl_crypto(0x10, 0x3, 0x15) sendmsg$nl_crypto(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=@alg={0xe8, 0x10, 0x1, 0x70bd3d, 0x25dfdbfd, {{'xts(twofish)\x00'}, '\x00', '\x00', 0x400, 0x2400}, [{0x8, 0x1, 0x9}]}, 0xe8}, 0x1, 0x0, 0x0, 0x8041}, 0x20008090) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r4, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYRESOCT=r4], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) r6 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r6, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) getsockname$packet(r6, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route_sched(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x5820a61ca228659, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0x9}, {0xffff, 0xffff}, {0x0, 0x7}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x6, 0x2}}}}]}, 0x44}}, 0x800) ioctl$sock_netrom_SIOCADDRT(r6, 0x890b, &(0x7f00000003c0)={0x1, @null, @bpq0, 0x39ea, 'syz0\x00', @bcast, 0x1, 0x6, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast, @bcast, @default, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}) r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x2000000, 0x12, r8, 0x0) r9 = bpf$MAP_CREATE(0x0, &(0x7f0000001380)=@base={0x12, 0x4, 0x8, 0x1}, 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0xe, 0xe, &(0x7f0000001440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000001800000000000000000000000000000095"], &(0x7f0000000200)='syzkaller\x00', 0x6}, 0x94) pselect6(0x40, &(0x7f0000000140)={0x5, 0x6, 0x8, 0x8, 0x0, 0x2, 0x0, 0x9}, &(0x7f0000000380)={0x9, 0x2, 0x7fff, 0x22c, 0x5, 0x1000000, 0xa9e, 0x7}, &(0x7f00000001c0)={0x7, 0xd, 0x81, 0xa1, 0x3, 0x7, 0x1, 0xffff}, &(0x7f0000000200)={0x77359400}, &(0x7f00000004c0)={&(0x7f0000000240)={[0xc6]}, 0xfffffffffffffd50}) sendmsg$NFT_BATCH(r5, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000a00)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_CT_DIRECTION={0x5, 0x3, 0x773568b9b38b679a}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0xf}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0x80}, 0x1, 0x0, 0x0, 0x4008091}, 0x24000000) r10 = socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000640)=ANY=[@ANYBLOB="9feb010018000000000000003400000034000000060000000400000000000013020000000000000000000001050000018000000000000000010000850200000000000000010000000000000400000000da"], 0x0, 0x52}, 0x20) bind$inet6(r1, &(0x7f00000002c0)={0xa, 0x4e20, 0x8000, @loopback}, 0x1c) sendmsg$nl_route(r10, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="28000000120001032cbd7000fbdbdf2507"], 0x28}}, 0x0) 472.240724ms ago: executing program 0 (id=7718): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b70300000000002085"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x13, 0x12, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0xffd0, 0x0, 0x0, 0x0, 0x4000000}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x4000000}, @generic={0x66, 0x8, 0x0, 0x0, 0xff000000}, @initr0={0x18, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x200}, @exit, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}, {0x85, 0x0, 0x0, 0xb4}}]}, 0x0, 0x2, 0x0, 0x0, 0x0, 0x8}, 0x94) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r4, 0x84, 0x12, &(0x7f0000000080)=0x7, 0x4) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000000), 0x0) sendto$inet6(r4, &(0x7f0000000500)="a4", 0x1, 0x2000c851, 0x0, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) pipe(&(0x7f0000000040)={0xffffffffffffffff}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x1, 0x6a, &(0x7f0000000340)=ANY=[@ANYRESOCT=r2, @ANYRES64=r3], 0x0, 0xf7fffffe, 0x0, 0x0, 0x0, 0xe}, 0x94) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x0, 0x0, &(0x7f00000002c0)='GPL\x00', 0xdf64, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, 0x25, r6, 0x8, &(0x7f0000000580)={0x8, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) r7 = socket$alg(0x26, 0x5, 0x0) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x24}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x9}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xcc}}, 0x0) bind$alg(r7, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r9 = accept4(r7, 0x0, 0x0, 0x800) sendmmsg$alg(r9, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x2, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r10, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r11, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=@newqdisc={0x74, 0x24, 0x3fe3aa0262d8c783, 0x4, 0x25dfdbfe, {0x0, 0x0, 0x0, r12, {0x0, 0xfff2}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x44, 0x2, [@TCA_CAKE_OVERHEAD={0x8, 0x6, 0x58}, @TCA_CAKE_WASH={0x8}, @TCA_CAKE_RAW={0x8}, @TCA_CAKE_RAW={0x8, 0xc, 0x1}, @TCA_CAKE_MEMORY={0x8, 0xa, 0x5}, @TCA_CAKE_RAW={0x8, 0xc, 0x1}, @TCA_CAKE_ACK_FILTER={0x8}, @TCA_CAKE_ATM={0x8}]}}]}, 0x74}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[], 0x28}, 0x1, 0x0, 0x0, 0x11}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) 471.891498ms ago: executing program 1 (id=7719): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb709}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r0, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 469.741608ms ago: executing program 4 (id=7720): r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000004c0)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(aes-aesni)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r2 = accept4(r1, 0x0, 0x0, 0x800) sendmmsg$alg(r2, &(0x7f0000003fc0)=[{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)="aef9449408", 0x5}, {&(0x7f0000000240)='b', 0x1}], 0x2, 0x0, 0x0, 0x20040011}], 0x1, 0x40800) r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), r2) sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(r2, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10900}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0xb4, r3, 0x100, 0x70bd27, 0x25dfdbff, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x9}, {0x6, 0x16, 0xffff}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0x8001}, {0x8, 0xb, 0x4}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x200}, {0x6, 0x16, 0x3}, {0x5, 0x12, 0x1}, {0x6, 0x11, 0x1}, {0x8, 0xb, 0x69}}]}, 0xb4}, 0x1, 0x0, 0x0, 0x4000001}, 0x41) getsockname$netrom(r0, &(0x7f00000002c0)={{0x3, @null}, [@remote, @remote, @remote, @default, @bcast, @remote, @null, @rose]}, &(0x7f0000000340)=0x48) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000180)=ANY=[@ANYRES32=r0, @ANYRES32, @ANYBLOB="4cf3cad950f020a319000000", @ANYRES32=0x0, @ANYRES64=0x0], 0x20) 456.134358ms ago: executing program 2 (id=7721): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="4801000010004b0402000000000000007a000000", @ANYRES32=0x0, @ANYBLOB="0000000018100200280012800a000100767863616e000000180002", @ANYRES32=0x0, @ANYBLOB="0000000000400000080004000200000005002200d2000000c0001a80200002"], 0x148}}, 0x80) 400.049802ms ago: executing program 1 (id=7722): r0 = socket(0x10, 0x3, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f0000000240)={0x3, {{0x2, 0xffff, @multicast1}}}, 0x88) setsockopt$inet_group_source_req(r1, 0x0, 0x2f, &(0x7f0000000300)={0x6, {{0x2, 0x0, @multicast2=0xe0000001}}, {{0x2, 0x4e21, @local}}}, 0x108) setsockopt$inet_udp_int(r1, 0x11, 0x66, &(0x7f0000000000)=0x6, 0x4) sendmsg$nl_route(r0, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=@ipv6_newnexthop={0x24, 0x68, 0x1, 0x0, 0x0, {}, [@NHA_ENCAP_TYPE={0x6, 0x7, 0x8}, @NHA_FDB={0x4}]}, 0x24}}, 0x0) 387.109397ms ago: executing program 4 (id=7723): unshare(0x22020600) r0 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r0, &(0x7f0000000440), 0x10) listen(r0, 0x6d5) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10) socket$vsock_stream(0x28, 0x1, 0x0) close(0x3) 386.715181ms ago: executing program 0 (id=7724): r0 = socket$inet6(0xa, 0x802, 0x0) getsockopt$inet6_opts(r0, 0x29, 0x39, 0x0, &(0x7f00000004c0)) r1 = socket$kcm(0x2d, 0x2, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='jbd2_update_log_tail\x00', r2, 0x0, 0xd}, 0x18) ioctl$sock_ifreq(r1, 0x8935, &(0x7f0000000040)={'xfrm0\x00', @ifru_settings={0x9, 0x3, @te1=&(0x7f0000000000)={0x6, 0x200, 0xf, 0x8}}}) close(r1) 386.158218ms ago: executing program 3 (id=7725): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="fc010000190001000000000010000000ac1414bb000000000000000000000000ac1414bb00000000000000000000000000000000ffff00000a00806000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000000000000900000000000000080000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000800000000000000000000000000000000000000000000000010000030000000044010500ac1414aa0000000000000000000000000000000032000000"], 0x1fc}}, 0x20004040) 283.792465ms ago: executing program 0 (id=7726): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[], 0x32600) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0) unshare(0x4000400) r1 = socket$rds(0x15, 0x5, 0x0) bind$rds(r1, &(0x7f0000000840)={0x2, 0xa00, @loopback}, 0x10) 282.758993ms ago: executing program 3 (id=7727): r0 = socket$inet6(0xa, 0x2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14) setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000000)={@dev}, 0x14) r3 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000240)={'lo\x00', 0x0}) setsockopt$inet6_mreq(r2, 0x29, 0x1c, &(0x7f00000001c0)={@remote, r4}, 0x14) sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000001b00)={0x18, 0x2d, 0x1, 0x70bd26, 0x25dfdbec, {0x4}, [@nested={0x4, 0xe}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000) r5 = socket(0x10, 0x803, 0x0) sendmsg$SMC_PNETID_GET(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0) getsockname$packet(r5, 0x0, &(0x7f00000000c0)) sendmsg$nl_route(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="440000001000370400000000ffffffff1f000000", @ANYRES32, @ANYBLOB="0b12050000000000240012800b00010069703667726500001400028008000100", @ANYRES32, @ANYBLOB="08000c0000ff"], 0x44}, 0x1, 0x0, 0x0, 0x48800}, 0x4000010) sendmmsg$inet(r0, &(0x7f0000000bc0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000000)}}], 0x1, 0x24000800) r6 = socket(0x10, 0x3, 0x0) r7 = accept4$inet(r5, &(0x7f0000000080)={0x2, 0x0, @remote}, &(0x7f0000000100)=0x10, 0x80000) setsockopt$inet_int(r7, 0x0, 0x31, &(0x7f0000000280)=0xbd, 0x4) r8 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$inet6(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_tcp_int(r5, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x10, &(0x7f0000000400)=0x5, 0x4) setsockopt$SO_BINDTODEVICE(r7, 0x1, 0x19, &(0x7f0000000340)='pim6reg\x00', 0x10) sendto$inet6(0xffffffffffffffff, &(0x7f00000000c0)="e9", 0x1, 0x20008045, &(0x7f00000001c0)={0xa, 0x2, 0x1000, @empty}, 0x1c) setsockopt$packet_int(r8, 0x107, 0x13, 0x0, 0x0) sendmsg$nl_route(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=@RTM_GETMDB={0x18, 0x56, 0xd23}, 0x18}}, 0x0) r9 = socket$nl_generic(0x10, 0x3, 0x10) sendto$inet6(r5, &(0x7f0000000540)="085c235fd568ca9f8be5233b1d6fb77877da99e5189c328eecc776322930c6350c8f7a3132e5919f650b4af74fa8d136801091136e9b6cbd48300052c8c4fc605f9487958d683a9cac87e2c26e1075151f8a9f8cfc55afe480ff0b55dc1106eea93dba6ecd17cab933f0793ac8956ac1f35c43d052d95fd2946282ca148a1a995f2159a5393e46371ec5433e7b35de857f571cc81674d243f8084ea434a06d1a1da0b966297608c813ed53f8a377a33b8d22c4973186385a0ca69d98358e936e7cb3c1864cc97a1647c2", 0xca, 0x4000800, 0x0, 0x0) sendmsg$nl_generic(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=ANY=[@ANYBLOB="340000003e000701feffffff00000000017c0000040042800c0001800600060080f21d66a04b12f215a543f50f0a000010000280"], 0x34}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r6) 247.409625ms ago: executing program 4 (id=7728): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xb, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r1, 0x2000012, 0xe, 0x0, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xb}, 0x50) 220.120743ms ago: executing program 1 (id=7729): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000380), 0xa2f01, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r2 = socket$kcm(0x2, 0xa, 0x2) r3 = socket$inet6_udp(0xa, 0x2, 0x0) bind$inet6(r3, &(0x7f0000000500)={0xa, 0x4e20, 0xffffffff, @mcast2, 0x4}, 0x2f) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000000)="8a", 0x440) r5 = accept4(r4, 0x0, 0x0, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x7bff, &(0x7f0000000180)={&(0x7f0000000140)=@delqdisc={0xfffffffffffffc9b}, 0x49d32d254ae22f79}}, 0x0) getsockopt$sock_buf(r5, 0x1, 0x1a, 0x0, &(0x7f0000000340)) setsockopt$bt_l2cap_L2CAP_OPTIONS(r5, 0x6, 0x1, &(0x7f0000000000)={0x4, 0xfff9, 0xa4fd, 0x5, 0xc, 0x9, 0x8}, 0xc) write$tun(r1, &(0x7f0000000200)=ANY=[@ANYBLOB="0a000000bbbbbbbbbbbbaaaaaaaaaabb86dd6d002000000111ff00000000000000000000000000000000ff0200000000000000000000000000014f194e20"], 0x4b) getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, 0xffffffffffffffff, &(0x7f0000000040)=0x4) 219.73307ms ago: executing program 0 (id=7730): r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = syz_init_net_socket$ax25(0x3, 0x2, 0x0) bind$ax25(r2, &(0x7f0000000100)={{0x3, @default, 0x1}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @bcast, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null]}, 0x12) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0x10) ioctl$sock_netdev_private(r3, 0x8914, &(0x7f0000000000)) r4 = syz_init_net_socket$ax25(0x3, 0x2, 0xcc) setsockopt$ax25_SO_BINDTODEVICE(r4, 0x101, 0x19, &(0x7f00000001c0)=@bpq0, 0x10) ioctl$sock_netrom_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000000)={0x0, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bpq0, 0x1, 'syz1\x00', @default, 0x1, 0x0, [@null, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default]}) ioctl$sock_netdev_private(r0, 0x8914, &(0x7f0000000000)) 217.549515ms ago: executing program 2 (id=7731): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x4c02}) socket$inet6_sctp(0xa, 0x5, 0x84) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0e00000004000000080000000b"], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002300000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='contention_end\x00', r2, 0xe4}, 0x18) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r3) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10) sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @match={{0xa}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_MATCH_NAME={0x8, 0x1, 'u32\x00'}]}}}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x74}}, 0x10) r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r5, 0xc004743e, 0x110e22fff6) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000000)=ANY=[@ANYBLOB="1802"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$TUNGETVNETLE(r3, 0x4010744d, &(0x7f0000000180)) readv(r0, &(0x7f0000000080)=[{&(0x7f0000000280)=""/160, 0xa0}, {0x0}, {&(0x7f0000002140)=""/4096, 0x1000}], 0x3) r6 = socket$kcm(0x2, 0xa, 0x2) ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, &(0x7f0000000100)=0x730) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000000)={'syzkaller1\x00', @link_local}) 0s ago: executing program 3 (id=7732): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb709}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r0, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) kernel console output (not intermixed with test programs): after parsing attributes in process `syz.0.6911'. [ 811.837044][T29664] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6915'. [ 811.849770][T29664] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6915'. [ 811.861764][T29669] netlink: 16 bytes leftover after parsing attributes in process `syz.0.6911'. [ 811.926259][T29670] netlink: 1041 bytes leftover after parsing attributes in process `syz.4.6915'. [ 811.936365][T29669] openvswitch: netlink: Flow actions attr not present in new flow. [ 811.968020][T29662] netlink: 'syz.2.6913': attribute type 32 has an invalid length. [ 812.316615][T29700] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6924'. [ 812.428778][T29697] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6926'. [ 812.452018][T29709] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6924'. [ 812.647486][T29716] netlink: 36 bytes leftover after parsing attributes in process `syz.2.6931'. [ 812.651123][T29704] lo speed is unknown, defaulting to 1000 [ 812.809424][T29722] syzkaller0: entered promiscuous mode [ 812.861557][T29722] syzkaller0: entered allmulticast mode [ 813.067250][T29725] syzkaller1: entered allmulticast mode [ 813.352077][T29741] FAULT_INJECTION: forcing a failure. [ 813.352077][T29741] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 813.391204][T29741] CPU: 0 UID: 0 PID: 29741 Comm: syz.3.6939 Not tainted syzkaller #0 PREEMPT(full) [ 813.391233][T29741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 813.391246][T29741] Call Trace: [ 813.391254][T29741] [ 813.391263][T29741] dump_stack_lvl+0x189/0x250 [ 813.391292][T29741] ? __pfx____ratelimit+0x10/0x10 [ 813.391321][T29741] ? __pfx_dump_stack_lvl+0x10/0x10 [ 813.391345][T29741] ? __pfx__printk+0x10/0x10 [ 813.391370][T29741] ? __might_fault+0xb0/0x130 [ 813.391401][T29741] ? rcu_is_watching+0x15/0xb0 [ 813.391423][T29741] should_fail_ex+0x414/0x560 [ 813.391451][T29741] _copy_from_user+0x2d/0xb0 [ 813.391474][T29741] xsk_setsockopt+0x339/0x8d0 [ 813.391502][T29741] ? __pfx_xsk_setsockopt+0x10/0x10 [ 813.391528][T29741] ? __pfx_aa_sk_perm+0x10/0x10 [ 813.391557][T29741] ? lock_release+0x4b/0x3e0 [ 813.391585][T29741] ? aa_sock_opt_perm+0xff/0x1b0 [ 813.391605][T29741] ? bpf_lsm_socket_setsockopt+0x9/0x20 [ 813.391627][T29741] ? __pfx_xsk_setsockopt+0x10/0x10 [ 813.391653][T29741] do_sock_setsockopt+0x179/0x1b0 [ 813.391677][T29741] __x64_sys_setsockopt+0x13f/0x1b0 [ 813.391699][T29741] do_syscall_64+0xfa/0x3b0 [ 813.391718][T29741] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 813.391738][T29741] ? clear_bhb_loop+0x60/0xb0 [ 813.391761][T29741] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 813.391798][T29741] RIP: 0033:0x7feba938ebe9 [ 813.391816][T29741] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 813.391836][T29741] RSP: 002b:00007febaa2e2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 813.391878][T29741] RAX: ffffffffffffffda RBX: 00007feba95b5fa0 RCX: 00007feba938ebe9 [ 813.391895][T29741] RDX: 0000000000000003 RSI: 000000000000011b RDI: 0000000000000003 [ 813.391908][T29741] RBP: 00007febaa2e2090 R08: 0000000000000004 R09: 0000000000000000 [ 813.391922][T29741] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000001 [ 813.391936][T29741] R13: 00007feba95b6038 R14: 00007feba95b5fa0 R15: 00007ffc893bbd28 [ 813.391962][T29741] [ 813.943831][T29762] netlink: 20 bytes leftover after parsing attributes in process `syz.4.6944'. [ 814.061077][T29765] mac80211_hwsim hwsim8 syzkaller0: left promiscuous mode [ 814.084937][T29765] mac80211_hwsim hwsim8 syzkaller0: left allmulticast mode [ 814.562702][T29779] sch_tbf: burst 0 is lower than device veth1_virt_wifi mtu (1514) ! [ 815.020439][T29804] FAULT_INJECTION: forcing a failure. [ 815.020439][T29804] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 815.071513][T29804] CPU: 1 UID: 0 PID: 29804 Comm: syz.0.6965 Not tainted syzkaller #0 PREEMPT(full) [ 815.071543][T29804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 815.071555][T29804] Call Trace: [ 815.071563][T29804] [ 815.071572][T29804] dump_stack_lvl+0x189/0x250 [ 815.071600][T29804] ? __pfx____ratelimit+0x10/0x10 [ 815.071628][T29804] ? __pfx_dump_stack_lvl+0x10/0x10 [ 815.071651][T29804] ? __pfx__printk+0x10/0x10 [ 815.071676][T29804] ? __might_fault+0xb0/0x130 [ 815.071703][T29804] ? bpf_trace_run2+0x322/0x4b0 [ 815.071728][T29804] ? rcu_is_watching+0x15/0xb0 [ 815.071749][T29804] should_fail_ex+0x414/0x560 [ 815.071795][T29804] _copy_from_user+0x2d/0xb0 [ 815.071820][T29804] kstrtouint_from_user+0xc4/0x170 [ 815.071853][T29804] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 815.071900][T29804] ? vfs_write+0x211/0xb30 [ 815.071925][T29804] ? rcu_is_watching+0x15/0xb0 [ 815.071948][T29804] proc_fail_nth_write+0x88/0x200 [ 815.071972][T29804] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 815.071994][T29804] ? security_file_permission+0x75/0x290 [ 815.072022][T29804] ? preempt_count_add+0x91/0x1a0 [ 815.072056][T29804] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 815.072080][T29804] vfs_write+0x27e/0xb30 [ 815.072113][T29804] ? __pfx_vfs_write+0x10/0x10 [ 815.072145][T29804] ? __fget_files+0x3a0/0x420 [ 815.072163][T29804] ? __fget_files+0x2a/0x420 [ 815.072186][T29804] ksys_write+0x145/0x250 [ 815.072213][T29804] ? __fget_files+0x3a0/0x420 [ 815.072232][T29804] ? __pfx_ksys_write+0x10/0x10 [ 815.072262][T29804] ? rcu_is_watching+0x15/0xb0 [ 815.072285][T29804] do_syscall_64+0xfa/0x3b0 [ 815.072305][T29804] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 815.072327][T29804] ? clear_bhb_loop+0x60/0xb0 [ 815.072351][T29804] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 815.072372][T29804] RIP: 0033:0x7f88d0d8d69f [ 815.072391][T29804] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 815.072411][T29804] RSP: 002b:00007f88d1b45030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 815.072434][T29804] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f88d0d8d69f [ 815.072450][T29804] RDX: 0000000000000001 RSI: 00007f88d1b450a0 RDI: 0000000000000006 [ 815.072464][T29804] RBP: 00007f88d1b45090 R08: 0000000000000000 R09: 0000000000000000 [ 815.072478][T29804] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 815.072490][T29804] R13: 00007f88d0fb6038 R14: 00007f88d0fb5fa0 R15: 00007fff1b875758 [ 815.072517][T29804] [ 815.572003][T29820] syzkaller1: entered allmulticast mode [ 815.701816][T29823] veth65: left promiscuous mode [ 815.973836][T29836] netlink: 'syz.2.6975': attribute type 1 has an invalid length. [ 816.389583][T29857] openvswitch: netlink: Unexpected mask (mask=240, allowed=10048) [ 816.765365][T29874] 8021q: adding VLAN 0 to HW filter on device bond49 [ 816.848924][T29874] can: request_module (can-proto-0) failed. [ 816.863116][T29889] FAULT_INJECTION: forcing a failure. [ 816.863116][T29889] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 816.902857][T29889] CPU: 0 UID: 0 PID: 29889 Comm: syz.3.6995 Not tainted syzkaller #0 PREEMPT(full) [ 816.902885][T29889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 816.902898][T29889] Call Trace: [ 816.902905][T29889] [ 816.902914][T29889] dump_stack_lvl+0x189/0x250 [ 816.902945][T29889] ? __pfx____ratelimit+0x10/0x10 [ 816.902987][T29889] ? __pfx_dump_stack_lvl+0x10/0x10 [ 816.903012][T29889] ? __pfx__printk+0x10/0x10 [ 816.903043][T29889] ? rcu_is_watching+0x15/0xb0 [ 816.903067][T29889] should_fail_ex+0x414/0x560 [ 816.903096][T29889] _copy_to_user+0x31/0xb0 [ 816.903122][T29889] simple_read_from_buffer+0xe1/0x170 [ 816.903154][T29889] proc_fail_nth_read+0x1b3/0x220 [ 816.903180][T29889] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 816.903206][T29889] ? rw_verify_area+0x2a6/0x4d0 [ 816.903231][T29889] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 816.903256][T29889] vfs_read+0x1fd/0xa30 [ 816.903281][T29889] ? fdget_pos+0x247/0x320 [ 816.903302][T29889] ? __pfx___mutex_lock+0x10/0x10 [ 816.903334][T29889] ? __pfx_vfs_read+0x10/0x10 [ 816.903364][T29889] ? __fget_files+0x3a0/0x420 [ 816.903381][T29889] ? __fget_files+0x2a/0x420 [ 816.903404][T29889] ksys_read+0x145/0x250 [ 816.903432][T29889] ? __pfx_ksys_read+0x10/0x10 [ 816.903462][T29889] ? rcu_is_watching+0x15/0xb0 [ 816.903484][T29889] do_syscall_64+0xfa/0x3b0 [ 816.903504][T29889] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 816.903525][T29889] ? clear_bhb_loop+0x60/0xb0 [ 816.903548][T29889] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 816.903569][T29889] RIP: 0033:0x7feba938d5fc [ 816.903588][T29889] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 816.903608][T29889] RSP: 002b:00007febaa2e2030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 816.903631][T29889] RAX: ffffffffffffffda RBX: 00007feba95b5fa0 RCX: 00007feba938d5fc [ 816.903647][T29889] RDX: 000000000000000f RSI: 00007febaa2e20a0 RDI: 0000000000000005 [ 816.903662][T29889] RBP: 00007febaa2e2090 R08: 0000000000000000 R09: 0000000000000000 [ 816.903676][T29889] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000001 [ 816.903689][T29889] R13: 00007feba95b6038 R14: 00007feba95b5fa0 R15: 00007ffc893bbd28 [ 816.903714][T29889] [ 817.248825][T29887] veth67: entered promiscuous mode [ 817.606257][T29916] netlink: 'syz.4.7007': attribute type 3 has an invalid length. [ 817.651967][T29928] __nla_validate_parse: 11 callbacks suppressed [ 817.651989][T29928] netlink: 16 bytes leftover after parsing attributes in process `syz.2.7008'. [ 817.934660][T29924] netlink: 16 bytes leftover after parsing attributes in process `syz.2.7008'. [ 817.943992][T29924] openvswitch: netlink: Flow actions attr not present in new flow. [ 818.234795][T29953] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7016'. [ 818.280920][T29955] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 818.289186][T29955] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 818.299713][T29955] bond0: (slave batadv0): Releasing backup interface [ 818.531510][T29960] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7018'. [ 818.607664][T29960] tipc: Enabling of bearer rejected, failed to enable media [ 818.641280][T29964] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7020'. [ 818.661834][T29964] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7020'. [ 818.681370][T29964] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7020'. [ 818.690392][T29964] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7020'. [ 818.725644][T29964] netlink: 1041 bytes leftover after parsing attributes in process `syz.2.7020'. [ 818.911994][T29974] tipc: Resetting bearer [ 818.928382][T29974] syzkaller0: left promiscuous mode [ 818.941338][T29974] syzkaller0: left allmulticast mode [ 819.122230][T29969] lo speed is unknown, defaulting to 1000 [ 819.485133][T29997] bond0: default FDB implementation only supports local addresses [ 819.495160][T29997] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7034'. [ 819.507361][T29997] 8021q: VLANs not supported on gre0 [ 819.998160][T30022] 8021q: adding VLAN 0 to HW filter on device bond52 [ 820.053469][T30022] FAULT_INJECTION: forcing a failure. [ 820.053469][T30022] name failslab, interval 1, probability 0, space 0, times 0 [ 820.088471][T30022] CPU: 0 UID: 0 PID: 30022 Comm: syz.2.7045 Not tainted syzkaller #0 PREEMPT(full) [ 820.088504][T30022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 820.088519][T30022] Call Trace: [ 820.088528][T30022] [ 820.088538][T30022] dump_stack_lvl+0x189/0x250 [ 820.088569][T30022] ? __pfx____ratelimit+0x10/0x10 [ 820.088601][T30022] ? __pfx_dump_stack_lvl+0x10/0x10 [ 820.088626][T30022] ? __pfx__printk+0x10/0x10 [ 820.088671][T30022] ? __pfx___might_resched+0x10/0x10 [ 820.088691][T30022] ? lock_acquire+0x5f/0x360 [ 820.088723][T30022] should_fail_ex+0x414/0x560 [ 820.088753][T30022] should_failslab+0xa8/0x100 [ 820.088803][T30022] kmem_cache_alloc_lru_noprof+0x78/0x3d0 [ 820.088830][T30022] ? __d_alloc+0x36/0x7a0 [ 820.088852][T30022] __d_alloc+0x36/0x7a0 [ 820.088874][T30022] d_alloc_parallel+0xe5/0x15e0 [ 820.088896][T30022] ? unwind_next_frame+0xa5/0x2390 [ 820.088921][T30022] ? __asan_memset+0x22/0x50 [ 820.088943][T30022] ? number+0xd18/0xf60 [ 820.088967][T30022] ? number+0x41/0xf60 [ 820.088990][T30022] ? __pfx_d_alloc_parallel+0x10/0x10 [ 820.089011][T30022] ? __d_lookup+0x66/0x780 [ 820.089030][T30022] ? rcu_is_watching+0x15/0xb0 [ 820.089051][T30022] ? __raw_spin_lock_init+0x45/0x100 [ 820.089094][T30022] ? __init_waitqueue_head+0xa9/0x150 [ 820.089122][T30022] __lookup_slow+0x116/0x3d0 [ 820.089147][T30022] ? __pfx___lookup_slow+0x10/0x10 [ 820.089176][T30022] ? d_lookup+0x8a/0xa0 [ 820.089199][T30022] ? lookup_noperm+0x112/0x220 [ 820.089223][T30022] simple_start_creating+0xfd/0x1e0 [ 820.089244][T30022] ? __pfx_simple_start_creating+0x10/0x10 [ 820.089270][T30022] start_creating+0x10f/0x180 [ 820.089312][T30022] __debugfs_create_file+0x79/0x4f0 [ 820.089342][T30022] debugfs_create_file_full+0x3f/0x60 [ 820.089372][T30022] ref_tracker_dir_debugfs+0x14e/0x270 [ 820.089401][T30022] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 820.089443][T30022] ? rcu_is_watching+0x15/0xb0 [ 820.089461][T30022] ? alloc_netdev_mqs+0xa3/0x11b0 [ 820.089485][T30022] ? trace_kmalloc+0x1f/0xd0 [ 820.089511][T30022] ? __raw_spin_lock_init+0x45/0x100 [ 820.089535][T30022] alloc_netdev_mqs+0x26f/0x11b0 [ 820.089560][T30022] ? __pfx_veth_setup+0x10/0x10 [ 820.089609][T30022] rtnl_create_link+0x31f/0xd10 [ 820.089640][T30022] veth_newlink+0x291/0xa50 [ 820.089670][T30022] ? __pfx_veth_newlink+0x10/0x10 [ 820.089698][T30022] ? alloc_netdev_mqs+0xc7c/0x11b0 [ 820.089722][T30022] ? rtnl_create_link+0x31f/0xd10 [ 820.089747][T30022] ? rtnl_newlink_create+0x25c/0xb00 [ 820.089768][T30022] ? rtnl_newlink+0x16d6/0x1c70 [ 820.089804][T30022] ? rtnetlink_rcv_msg+0x7cc/0xb70 [ 820.089833][T30022] ? netlink_rcv_skb+0x208/0x470 [ 820.089863][T30022] ? netlink_unicast+0x82f/0x9e0 [ 820.089888][T30022] ? netlink_sendmsg+0x805/0xb30 [ 820.089913][T30022] ? __sock_sendmsg+0x219/0x270 [ 820.089935][T30022] ? __x64_sys_sendmsg+0x19b/0x260 [ 820.089952][T30022] ? do_syscall_64+0xfa/0x3b0 [ 820.089992][T30022] ? validate_linkmsg+0x765/0x950 [ 820.090017][T30022] ? __pfx_veth_newlink+0x10/0x10 [ 820.090042][T30022] rtnl_newlink_create+0x30d/0xb00 [ 820.090064][T30022] ? __pfx_rtnl_newlink_create+0x10/0x10 [ 820.090083][T30022] ? __pfx___mutex_lock+0x10/0x10 [ 820.090114][T30022] ? ns_capable+0x8a/0xf0 [ 820.090132][T30022] rtnl_newlink+0x16d6/0x1c70 [ 820.090165][T30022] ? __pfx_rtnl_newlink+0x10/0x10 [ 820.090190][T30022] ? lock_release+0x4b/0x3e0 [ 820.090213][T30022] ? post_alloc_hook+0x240/0x2a0 [ 820.090236][T30022] ? get_page_from_freelist+0x21e4/0x22c0 [ 820.090253][T30022] ? rcu_read_lock_held+0xa/0x50 [ 820.090272][T30022] ? __update_page_owner_handle+0x5a/0x570 [ 820.090295][T30022] ? __update_page_owner_handle+0x51a/0x570 [ 820.090342][T30022] ? kernel_text_address+0xa5/0xe0 [ 820.090366][T30022] ? __kernel_text_address+0xd/0x40 [ 820.090389][T30022] ? unwind_get_return_address+0x4d/0x90 [ 820.090413][T30022] ? rtnetlink_rcv_msg+0x1ab/0xb70 [ 820.090440][T30022] ? lock_release+0x4b/0x3e0 [ 820.090463][T30022] ? bpf_lsm_capable+0x9/0x20 [ 820.090487][T30022] ? security_capable+0x7e/0x2e0 [ 820.090514][T30022] ? __pfx_rtnl_newlink+0x10/0x10 [ 820.090540][T30022] rtnetlink_rcv_msg+0x7cc/0xb70 [ 820.090568][T30022] ? rtnetlink_rcv_msg+0x1ab/0xb70 [ 820.090592][T30022] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 820.090618][T30022] ? __netlink_lookup+0xbd/0x810 [ 820.090632][T30022] ? rcu_is_watching+0x15/0xb0 [ 820.090650][T30022] ? rcu_is_watching+0x15/0xb0 [ 820.090669][T30022] netlink_rcv_skb+0x208/0x470 [ 820.090694][T30022] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 820.090720][T30022] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 820.090756][T30022] netlink_unicast+0x82f/0x9e0 [ 820.090793][T30022] ? __pfx_netlink_unicast+0x10/0x10 [ 820.090821][T30022] ? netlink_sendmsg+0x642/0xb30 [ 820.090851][T30022] ? skb_put+0x11b/0x210 [ 820.090873][T30022] netlink_sendmsg+0x805/0xb30 [ 820.090910][T30022] ? __pfx_netlink_sendmsg+0x10/0x10 [ 820.090943][T30022] ? aa_sock_msg_perm+0xf1/0x1d0 [ 820.090963][T30022] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 820.090985][T30022] ? __pfx_netlink_sendmsg+0x10/0x10 [ 820.091017][T30022] __sock_sendmsg+0x219/0x270 [ 820.091045][T30022] ____sys_sendmsg+0x505/0x830 [ 820.091067][T30022] ? __pfx_____sys_sendmsg+0x10/0x10 [ 820.091089][T30022] ? import_iovec+0x74/0xa0 [ 820.091110][T30022] ___sys_sendmsg+0x21f/0x2a0 [ 820.091129][T30022] ? __pfx____sys_sendmsg+0x10/0x10 [ 820.091162][T30022] ? __fget_files+0x2a/0x420 [ 820.091176][T30022] ? __fget_files+0x3a0/0x420 [ 820.091195][T30022] __x64_sys_sendmsg+0x19b/0x260 [ 820.091214][T30022] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 820.091236][T30022] ? __pfx_ksys_write+0x10/0x10 [ 820.091257][T30022] ? rcu_is_watching+0x15/0xb0 [ 820.091276][T30022] ? rcu_is_watching+0x15/0xb0 [ 820.091293][T30022] do_syscall_64+0xfa/0x3b0 [ 820.091309][T30022] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 820.091336][T30022] ? clear_bhb_loop+0x60/0xb0 [ 820.091354][T30022] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 820.091369][T30022] RIP: 0033:0x7f0922f8ebe9 [ 820.091384][T30022] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 820.091399][T30022] RSP: 002b:00007f0923ddc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 820.091417][T30022] RAX: ffffffffffffffda RBX: 00007f09231b5fa0 RCX: 00007f0922f8ebe9 [ 820.091429][T30022] RDX: 0000000000008000 RSI: 0000200000000280 RDI: 0000000000000005 [ 820.091440][T30022] RBP: 00007f0923ddc090 R08: 0000000000000000 R09: 0000000000000000 [ 820.091450][T30022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 820.091459][T30022] R13: 00007f09231b6038 R14: 00007f09231b5fa0 R15: 00007ffec9dca378 [ 820.091478][T30022] [ 820.803850][T30038] netlink: 'syz.4.7049': attribute type 1 has an invalid length. [ 820.845242][T30022] veth79: entered promiscuous mode [ 820.861016][T30022] bond52: (slave veth79): Enslaving as an active interface with an up link [ 821.243224][T30060] openvswitch: netlink: Unexpected mask (mask=240, allowed=10048) [ 821.353384][T30065] IPVS: set_ctl: invalid protocol: 0 224.0.0.1:20000 [ 821.598677][T30084] FAULT_INJECTION: forcing a failure. [ 821.598677][T30084] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 821.675187][T30084] CPU: 0 UID: 0 PID: 30084 Comm: syz.1.7068 Not tainted syzkaller #0 PREEMPT(full) [ 821.675218][T30084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 821.675232][T30084] Call Trace: [ 821.675240][T30084] [ 821.675250][T30084] dump_stack_lvl+0x189/0x250 [ 821.675281][T30084] ? __pfx____ratelimit+0x10/0x10 [ 821.675312][T30084] ? __pfx_dump_stack_lvl+0x10/0x10 [ 821.675338][T30084] ? __pfx__printk+0x10/0x10 [ 821.675371][T30084] ? rcu_is_watching+0x15/0xb0 [ 821.675395][T30084] should_fail_ex+0x414/0x560 [ 821.675425][T30084] _copy_from_user+0x2d/0xb0 [ 821.675450][T30084] bpf_vlog_reverse_ubuf+0xc8/0x410 [ 821.675484][T30084] bpf_vlog_finalize+0x158/0x400 [ 821.675515][T30084] btf_new_fd+0x481/0xc90 [ 821.675539][T30084] ? apparmor_capable+0x137/0x1b0 [ 821.675569][T30084] ? __pfx_btf_new_fd+0x10/0x10 [ 821.675593][T30084] ? bpf_token_put+0x143/0x160 [ 821.675621][T30084] ? bpf_btf_load+0x126/0x190 [ 821.675660][T30084] __sys_bpf+0x406/0x870 [ 821.675688][T30084] ? __pfx___sys_bpf+0x10/0x10 [ 821.675721][T30084] ? ksys_write+0x22a/0x250 [ 821.675749][T30084] ? __pfx_ksys_write+0x10/0x10 [ 821.675780][T30084] __x64_sys_bpf+0x7c/0x90 [ 821.675805][T30084] do_syscall_64+0xfa/0x3b0 [ 821.675824][T30084] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 821.675844][T30084] ? clear_bhb_loop+0x60/0xb0 [ 821.675868][T30084] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 821.675889][T30084] RIP: 0033:0x7f156f18ebe9 [ 821.675907][T30084] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 821.675926][T30084] RSP: 002b:00007f1570017038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 821.675950][T30084] RAX: ffffffffffffffda RBX: 00007f156f3b5fa0 RCX: 00007f156f18ebe9 [ 821.675966][T30084] RDX: 0000000000000028 RSI: 0000200000000140 RDI: 0000000000000012 [ 821.675981][T30084] RBP: 00007f1570017090 R08: 0000000000000000 R09: 0000000000000000 [ 821.675995][T30084] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 821.676008][T30084] R13: 00007f156f3b6038 R14: 00007f156f3b5fa0 R15: 00007ffe3b857f88 [ 821.676034][T30084] [ 821.903239][T30093] gtp0: entered promiscuous mode [ 822.049091][T30097] vlan0: entered promiscuous mode [ 822.054471][T30097] vlan0: entered allmulticast mode [ 822.063249][T30097] veth0_vlan: entered allmulticast mode [ 822.123340][T30099] vlan4: left promiscuous mode [ 822.128214][T30099] bond50: left promiscuous mode [ 822.141013][T30099] vlan4: left allmulticast mode [ 822.159380][T30099] bond50: left allmulticast mode [ 822.657906][T30140] netlink: 'syz.3.7085': attribute type 9 has an invalid length. [ 822.731357][T30142] netlink: 'syz.1.7084': attribute type 1 has an invalid length. [ 823.150643][T30157] __nla_validate_parse: 9 callbacks suppressed [ 823.150663][T30157] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7090'. [ 823.272812][T30157] netlink: 16 bytes leftover after parsing attributes in process `syz.2.7090'. [ 823.294684][T30157] openvswitch: netlink: Flow actions attr not present in new flow. [ 823.656017][T30179] netlink: 20 bytes leftover after parsing attributes in process `syz.1.7097'. [ 823.688664][T30179] tipc: Enabling of bearer rejected, already enabled [ 823.711331][T30179] syzkaller0: entered promiscuous mode [ 823.724636][T30179] syzkaller0: entered allmulticast mode [ 823.982017][T30191] netlink: 596 bytes leftover after parsing attributes in process `syz.3.7102'. [ 824.111711][T30196] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.7103'. [ 824.123175][T30196] netlink: 16 bytes leftover after parsing attributes in process `syz.1.7103'. [ 824.132768][T30196] netlink: 16 bytes leftover after parsing attributes in process `syz.1.7103'. [ 824.440708][T30218] tap0: tun_chr_ioctl cmd 1074025677 [ 824.466942][T30218] tap0: linktype set to 776 [ 824.844870][T30244] netlink: 324 bytes leftover after parsing attributes in process `syz.0.7121'. [ 825.100551][T30255] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7126'. [ 825.125601][T30255] 8021q: adding VLAN 0 to HW filter on device bond63 [ 825.134480][T30255] FAULT_INJECTION: forcing a failure. [ 825.134480][T30255] name failslab, interval 1, probability 0, space 0, times 0 [ 825.148362][T30255] CPU: 0 UID: 0 PID: 30255 Comm: syz.1.7126 Not tainted syzkaller #0 PREEMPT(full) [ 825.148392][T30255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 825.148406][T30255] Call Trace: [ 825.148414][T30255] [ 825.148423][T30255] dump_stack_lvl+0x189/0x250 [ 825.148454][T30255] ? __pfx____ratelimit+0x10/0x10 [ 825.148486][T30255] ? __pfx_dump_stack_lvl+0x10/0x10 [ 825.148511][T30255] ? __pfx__printk+0x10/0x10 [ 825.148541][T30255] ? fs_reclaim_acquire+0x7d/0x100 [ 825.148584][T30255] ? rcu_is_watching+0x15/0xb0 [ 825.148604][T30255] ? __pfx___might_resched+0x10/0x10 [ 825.148622][T30255] ? lock_acquire+0x5f/0x360 [ 825.148652][T30255] should_fail_ex+0x414/0x560 [ 825.148699][T30255] ? __pfx_debugfs_alloc_inode+0x10/0x10 [ 825.148731][T30255] should_failslab+0xa8/0x100 [ 825.148762][T30255] ? __pfx_debugfs_alloc_inode+0x10/0x10 [ 825.148793][T30255] kmem_cache_alloc_lru_noprof+0x78/0x3d0 [ 825.148823][T30255] ? alloc_inode+0x6a/0x1b0 [ 825.148851][T30255] ? __pfx_simple_start_creating+0x10/0x10 [ 825.148873][T30255] ? __pfx_debugfs_alloc_inode+0x10/0x10 [ 825.148904][T30255] alloc_inode+0x6a/0x1b0 [ 825.148935][T30255] new_inode+0x22/0x170 [ 825.148967][T30255] __debugfs_create_file+0x14d/0x4f0 [ 825.149002][T30255] debugfs_create_file_full+0x3f/0x60 [ 825.149035][T30255] ref_tracker_dir_debugfs+0x14e/0x270 [ 825.149084][T30255] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 825.149130][T30255] ? rcu_is_watching+0x15/0xb0 [ 825.149162][T30255] ? alloc_netdev_mqs+0xa3/0x11b0 [ 825.149189][T30255] ? trace_kmalloc+0x1f/0xd0 [ 825.149219][T30255] ? __raw_spin_lock_init+0x45/0x100 [ 825.149246][T30255] alloc_netdev_mqs+0x26f/0x11b0 [ 825.149272][T30255] ? __pfx_veth_setup+0x10/0x10 [ 825.149307][T30255] rtnl_create_link+0x31f/0xd10 [ 825.149343][T30255] veth_newlink+0x291/0xa50 [ 825.149373][T30255] ? __pfx_veth_newlink+0x10/0x10 [ 825.149403][T30255] ? alloc_netdev_mqs+0xc7c/0x11b0 [ 825.149429][T30255] ? rtnl_create_link+0x31f/0xd10 [ 825.149454][T30255] ? rtnl_newlink_create+0x25c/0xb00 [ 825.149476][T30255] ? rtnl_newlink+0x16d6/0x1c70 [ 825.149507][T30255] ? rtnetlink_rcv_msg+0x7cc/0xb70 [ 825.149538][T30255] ? netlink_rcv_skb+0x208/0x470 [ 825.149568][T30255] ? netlink_unicast+0x82f/0x9e0 [ 825.149596][T30255] ? netlink_sendmsg+0x805/0xb30 [ 825.149627][T30255] ? __sock_sendmsg+0x219/0x270 [ 825.149655][T30255] ? __x64_sys_sendmsg+0x19b/0x260 [ 825.149677][T30255] ? do_syscall_64+0xfa/0x3b0 [ 825.149730][T30255] ? validate_linkmsg+0x765/0x950 [ 825.149763][T30255] ? __pfx_veth_newlink+0x10/0x10 [ 825.149795][T30255] rtnl_newlink_create+0x30d/0xb00 [ 825.149824][T30255] ? __pfx_rtnl_newlink_create+0x10/0x10 [ 825.149849][T30255] ? __pfx___mutex_lock+0x10/0x10 [ 825.149888][T30255] ? ns_capable+0x8a/0xf0 [ 825.149912][T30255] rtnl_newlink+0x16d6/0x1c70 [ 825.149954][T30255] ? __pfx_rtnl_newlink+0x10/0x10 [ 825.149986][T30255] ? rcu_is_watching+0x15/0xb0 [ 825.150007][T30255] ? lock_release+0x4b/0x3e0 [ 825.150037][T30255] ? lock_release+0x4b/0x3e0 [ 825.150105][T30255] ? kernel_text_address+0xa5/0xe0 [ 825.150137][T30255] ? __kernel_text_address+0xd/0x40 [ 825.150173][T30255] ? unwind_get_return_address+0x4d/0x90 [ 825.150204][T30255] ? rtnetlink_rcv_msg+0x1ab/0xb70 [ 825.150239][T30255] ? lock_release+0x4b/0x3e0 [ 825.150269][T30255] ? bpf_lsm_capable+0x9/0x20 [ 825.150298][T30255] ? security_capable+0x7e/0x2e0 [ 825.150344][T30255] ? __pfx_rtnl_newlink+0x10/0x10 [ 825.150374][T30255] rtnetlink_rcv_msg+0x7cc/0xb70 [ 825.150408][T30255] ? rtnetlink_rcv_msg+0x1ab/0xb70 [ 825.150439][T30255] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 825.150471][T30255] ? __netlink_lookup+0xbd/0x810 [ 825.150489][T30255] ? rcu_is_watching+0x15/0xb0 [ 825.150511][T30255] ? rcu_is_watching+0x15/0xb0 [ 825.150536][T30255] netlink_rcv_skb+0x208/0x470 [ 825.150568][T30255] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 825.150601][T30255] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 825.150644][T30255] netlink_unicast+0x82f/0x9e0 [ 825.150678][T30255] ? __pfx_netlink_unicast+0x10/0x10 [ 825.150707][T30255] ? netlink_sendmsg+0x642/0xb30 [ 825.150738][T30255] ? skb_put+0x11b/0x210 [ 825.150760][T30255] netlink_sendmsg+0x805/0xb30 [ 825.150796][T30255] ? __pfx_netlink_sendmsg+0x10/0x10 [ 825.150829][T30255] ? aa_sock_msg_perm+0xf1/0x1d0 [ 825.150849][T30255] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 825.150872][T30255] ? __pfx_netlink_sendmsg+0x10/0x10 [ 825.150905][T30255] __sock_sendmsg+0x219/0x270 [ 825.150933][T30255] ____sys_sendmsg+0x505/0x830 [ 825.150959][T30255] ? __pfx_____sys_sendmsg+0x10/0x10 [ 825.150992][T30255] ? import_iovec+0x74/0xa0 [ 825.151018][T30255] ___sys_sendmsg+0x21f/0x2a0 [ 825.151042][T30255] ? __pfx____sys_sendmsg+0x10/0x10 [ 825.151085][T30255] ? __fget_files+0x2a/0x420 [ 825.151103][T30255] ? __fget_files+0x3a0/0x420 [ 825.151127][T30255] __x64_sys_sendmsg+0x19b/0x260 [ 825.151160][T30255] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 825.151189][T30255] ? __pfx_ksys_write+0x10/0x10 [ 825.151215][T30255] ? rcu_is_watching+0x15/0xb0 [ 825.151239][T30255] ? rcu_is_watching+0x15/0xb0 [ 825.151261][T30255] do_syscall_64+0xfa/0x3b0 [ 825.151281][T30255] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 825.151302][T30255] ? clear_bhb_loop+0x60/0xb0 [ 825.151326][T30255] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 825.151347][T30255] RIP: 0033:0x7f156f18ebe9 [ 825.151366][T30255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 825.151385][T30255] RSP: 002b:00007f1570017038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 825.151409][T30255] RAX: ffffffffffffffda RBX: 00007f156f3b5fa0 RCX: 00007f156f18ebe9 [ 825.151426][T30255] RDX: 0000000000008000 RSI: 0000200000000280 RDI: 0000000000000005 [ 825.151440][T30255] RBP: 00007f1570017090 R08: 0000000000000000 R09: 0000000000000000 [ 825.151454][T30255] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 825.151467][T30255] R13: 00007f156f3b6038 R14: 00007f156f3b5fa0 R15: 00007ffe3b857f88 [ 825.151492][T30255] [ 825.772097][T30255] debugfs: out of free dentries, can not create file 'netdev@ffff88805cc7c610' [ 825.833443][T30255] veth65: entered promiscuous mode [ 825.842922][T30255] bond63: (slave veth65): Enslaving as an active interface with an up link [ 826.181734][T30263] syzkaller1: entered allmulticast mode [ 826.292799][T30273] bond30: (slave erspan0): Releasing active interface [ 826.332064][T30273] !: left allmulticast mode [ 826.349909][T30273] !: left promiscuous mode [ 826.379207][T30273] bridge0: port 4(0!) entered disabled state [ 826.444568][T30273] bridge_slave_0: left allmulticast mode [ 826.470898][T30273] bridge_slave_0: left promiscuous mode [ 826.483844][T30273] bridge0: port 1(bridge_slave_0) entered disabled state [ 826.537552][T30273] bridge_slave_1: left allmulticast mode [ 826.567826][T30273] bridge_slave_1: left promiscuous mode [ 826.584582][T30273] bridge0: port 2(bridge_slave_1) entered disabled state [ 826.607867][T30273] veth0_to_bond: left allmulticast mode [ 826.626047][T30273] veth0_to_bond: left promiscuous mode [ 826.646333][T30273] bridge22: port 2(veth0_to_bond) entered disabled state [ 826.698778][T30273] bond0: (slave bond_slave_0): Releasing backup interface [ 826.721807][T30273] bond_slave_0: left promiscuous mode [ 826.733519][T30273] bond_slave_0: left allmulticast mode [ 826.742304][T30273] bond0: (slave bond_slave_1): Releasing backup interface [ 826.753883][T30273] bond_slave_1: left promiscuous mode [ 826.759451][T30273] bond_slave_1: left allmulticast mode [ 826.773221][T30289] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 826.782991][T30273] bond0: (slave batadv_slave_0): Releasing backup interface [ 826.822453][T30273] batadv_slave_0: left promiscuous mode [ 826.828168][T30273] batadv_slave_0: left allmulticast mode [ 826.836200][T30273] bond9: (slave wlan0): Releasing active interface [ 826.845985][T30273] veth3: left allmulticast mode [ 826.861071][T30273] veth3: left promiscuous mode [ 826.870612][T30273] bridge1: port 1(veth3) entered disabled state [ 826.888709][T30273] vlan2: left allmulticast mode [ 826.894014][T30273] vlan2: left promiscuous mode [ 826.899034][T30273] veth1: left promiscuous mode [ 826.904585][T30273] bridge1: port 2(vlan2) entered disabled state [ 826.914117][T30273] veth5: left allmulticast mode [ 826.921148][T30273] veth5: left promiscuous mode [ 826.926205][T30273] bridge2: port 1(veth5) entered disabled state [ 826.942303][T30273] veth7: left allmulticast mode [ 826.947396][T30273] veth7: left promiscuous mode [ 826.953195][T30273] bridge3: port 1(veth7) entered disabled state [ 826.963451][T30273] batadv1: left allmulticast mode [ 826.968604][T30273] batadv1: left promiscuous mode [ 826.974892][T30273] bridge0: port 3(batadv1) entered disabled state [ 826.983263][T30273] veth9: left allmulticast mode [ 826.988157][T30273] veth9: left promiscuous mode [ 826.994206][T30273] bridge4: port 1(veth9) entered disabled state [ 827.003326][T30273] veth11: left allmulticast mode [ 827.008362][T30273] veth11: left promiscuous mode [ 827.014384][T30273] bridge5: port 1(veth11) entered disabled state [ 827.024402][T30273] veth13: left allmulticast mode [ 827.029471][T30273] veth13: left promiscuous mode [ 827.034627][T30273] bridge6: port 1(veth13) entered disabled state [ 827.063414][T30273] veth15: left allmulticast mode [ 827.068480][T30273] veth15: left promiscuous mode [ 827.081362][T30273] bridge7: port 1(veth15) entered disabled state [ 827.103465][T30273] veth17: left allmulticast mode [ 827.108471][T30273] veth17: left promiscuous mode [ 827.121590][T30273] bridge8: port 1(veth17) entered disabled state [ 827.190122][T30273] bond5: (slave geneve2): Releasing active interface [ 827.209354][T30273] veth19: left allmulticast mode [ 827.214567][T30273] veth19: left promiscuous mode [ 827.219730][T30273] bridge9: port 1(veth19) entered disabled state [ 827.229163][T30273] veth21: left allmulticast mode [ 827.234379][T30273] veth21: left promiscuous mode [ 827.239536][T30273] bridge10: port 1(veth21) entered disabled state [ 827.250138][T30273] bond8: (slave gretap2): Releasing active interface [ 827.256959][T30273] bond8: (slave gretap2): the permanent HWaddr of slave - be:c1:4c:da:81:ee - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts [ 827.274774][T30273] bond8: (slave gretap3): making interface the new active one [ 827.289027][T30273] bond8: (slave gretap3): Releasing active interface [ 827.297778][T30273] bond10: (slave batadv2): Releasing active interface [ 827.306419][T30273] bond11: (slave batadv3): Releasing active interface [ 827.315200][T30273] bond12: (slave veth23): Releasing active interface [ 827.324161][T30273] bond14: (slave veth27): Releasing active interface [ 827.333259][T30273] bond15: (slave veth29): Releasing active interface [ 827.342420][T30273] bond16: (slave veth31): Releasing active interface [ 827.350184][T30273] macvlan3: left allmulticast mode [ 827.356251][T30273] macvlan3: left promiscuous mode [ 827.362102][T30273] bridge0: port 5(macvlan3) entered disabled state [ 827.371283][T30273] bond17: (slave veth33): Releasing active interface [ 827.379330][T30273] veth35: left allmulticast mode [ 827.384992][T30273] veth35: left promiscuous mode [ 827.390093][T30273] bridge11: port 1(veth35) entered disabled state [ 827.403965][T30273] veth37: left allmulticast mode [ 827.408973][T30273] veth37: left promiscuous mode [ 827.414536][T30273] bridge12: port 1(veth37) entered disabled state [ 827.427442][T30273] veth39: left allmulticast mode [ 827.432980][T30273] veth39: left promiscuous mode [ 827.438226][T30273] bridge13: port 1(veth39) entered disabled state [ 827.449404][T30273] veth41: left allmulticast mode [ 827.455985][T30273] veth41: left promiscuous mode [ 827.462000][T30273] bridge14: port 1(veth41) entered disabled state [ 827.473697][T30273] bond18: (slave batadv4): Releasing active interface [ 827.482552][T30273] bond19: (slave batadv5): Releasing active interface [ 827.491024][T30273] bond20: (slave batadv6): Releasing active interface [ 827.499663][T30273] bond21: (slave veth45): Releasing backup interface [ 827.509181][T30273] veth47: left allmulticast mode [ 827.514564][T30273] veth47: left promiscuous mode [ 827.519649][T30273] bridge16: port 1(veth47) entered disabled state [ 827.529215][T30273] bond22: (slave batadv7): Releasing active interface [ 827.538560][T30273] bond23: (slave batadv8): Releasing active interface [ 827.548598][T30273] bond24: (slave batadv9): Releasing active interface [ 827.558312][T30273] bond25: (slave veth49): Releasing backup interface [ 827.568433][T30273] bond26: (slave batadv10): Releasing active interface [ 827.576831][T30273] veth51: left allmulticast mode [ 827.581932][T30273] veth51: left promiscuous mode [ 827.587390][T30273] bridge17: port 1(veth51) entered disabled state [ 827.599538][T30273] bond27: (slave batadv11): Releasing active interface [ 827.609141][T30273] bond31: (slave batadv13): Releasing active interface [ 827.617990][T30273] bond32: (slave batadv14): Releasing active interface [ 827.626277][T30273] veth53: left allmulticast mode [ 827.632552][T30273] veth53: left promiscuous mode [ 827.637637][T30273] bridge19: port 1(veth53) entered disabled state [ 827.646640][T30273] veth55: left allmulticast mode [ 827.652099][T30273] veth55: left promiscuous mode [ 827.657176][T30273] bridge20: port 1(veth55) entered disabled state [ 827.666138][T30273] veth57: left allmulticast mode [ 827.671253][T30273] veth57: left promiscuous mode [ 827.676336][T30273] bridge21: port 1(veth57) entered disabled state [ 827.686659][T30273] veth59: left allmulticast mode [ 827.691721][T30273] veth59: left promiscuous mode [ 827.696810][T30273] bridge22: port 1(veth59) entered disabled state [ 827.710373][T30273] bond36: (slave batadv15): Releasing active interface [ 827.719326][T30273] bond37: (slave batadv16): Releasing active interface [ 827.728076][T30273] bond38: (slave batadv17): Releasing active interface [ 827.738194][T30273] bond39: (slave batadv18): Releasing active interface [ 827.792233][T30273] bond40: (slave batadv19): Releasing active interface [ 827.812861][T30273] bond41: (slave batadv20): Releasing active interface [ 827.832945][T30273] bond42: (slave batadv21): Releasing active interface [ 827.851854][T30273] bond43: (slave batadv22): Releasing active interface [ 827.860444][T30273] bond44: (slave batadv23): Releasing active interface [ 827.873620][T30273] bond46: (slave veth63): Releasing backup interface [ 827.883016][T30278] syzkaller0: entered promiscuous mode [ 827.890707][T30278] syzkaller0: entered allmulticast mode [ 827.967749][T30302] netlink: 'syz.2.7139': attribute type 4 has an invalid length. [ 827.997289][T30302] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7139'. [ 828.198623][T30314] netlink: 248 bytes leftover after parsing attributes in process `syz.1.7146'. [ 828.372678][T30327] FAULT_INJECTION: forcing a failure. [ 828.372678][T30327] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 828.393176][T30321] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7147'. [ 828.402350][T30327] CPU: 0 UID: 0 PID: 30327 Comm: syz.0.7150 Not tainted syzkaller #0 PREEMPT(full) [ 828.402382][T30327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 828.402397][T30327] Call Trace: [ 828.402405][T30327] [ 828.402415][T30327] dump_stack_lvl+0x189/0x250 [ 828.402446][T30327] ? __pfx____ratelimit+0x10/0x10 [ 828.402478][T30327] ? __pfx_dump_stack_lvl+0x10/0x10 [ 828.402504][T30327] ? __pfx__printk+0x10/0x10 [ 828.402532][T30327] ? __might_fault+0xb0/0x130 [ 828.402566][T30327] ? rcu_is_watching+0x15/0xb0 [ 828.402589][T30327] should_fail_ex+0x414/0x560 [ 828.402620][T30327] _copy_from_user+0x2d/0xb0 [ 828.402646][T30327] ___sys_sendmsg+0x158/0x2a0 [ 828.402670][T30327] ? __pfx____sys_sendmsg+0x10/0x10 [ 828.402696][T30327] ? irqentry_exit+0x74/0x90 [ 828.402726][T30327] ? exc_page_fault+0x9f/0xf0 [ 828.402772][T30327] ? __fget_files+0x2a/0x420 [ 828.402791][T30327] ? __fget_files+0x3a0/0x420 [ 828.402816][T30327] __x64_sys_sendmsg+0x19b/0x260 [ 828.402841][T30327] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 828.402872][T30327] ? rcu_is_watching+0x15/0xb0 [ 828.402892][T30327] ? trace_sys_enter+0x25/0x100 [ 828.402929][T30327] do_syscall_64+0xfa/0x3b0 [ 828.402948][T30327] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 828.402970][T30327] ? clear_bhb_loop+0x60/0xb0 [ 828.403011][T30327] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 828.403031][T30327] RIP: 0033:0x7f88d0d8ebe9 [ 828.403048][T30327] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 828.403066][T30327] RSP: 002b:00007f88d1b45038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 828.403088][T30327] RAX: ffffffffffffffda RBX: 00007f88d0fb5fa0 RCX: 00007f88d0d8ebe9 [ 828.403102][T30327] RDX: 0000000000000004 RSI: 0000200000000240 RDI: 0000000000000003 [ 828.403114][T30327] RBP: 00007f88d1b45090 R08: 0000000000000000 R09: 0000000000000000 [ 828.403127][T30327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 828.403144][T30327] R13: 00007f88d0fb6038 R14: 00007f88d0fb5fa0 R15: 00007fff1b875758 [ 828.403168][T30327] [ 828.811387][T30339] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7154'. [ 828.820405][T30339] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7154'. [ 828.834027][T30339] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7154'. [ 828.851186][T30339] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7154'. [ 828.873476][T30339] netlink: 1041 bytes leftover after parsing attributes in process `syz.3.7154'. [ 829.128882][T30353] netlink: 32 bytes leftover after parsing attributes in process `syz.0.7159'. [ 829.165717][T30356] syzkaller1: entered allmulticast mode [ 829.333353][T30366] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7163'. [ 829.369214][T30368] netlink: 'syz.3.7164': attribute type 7 has an invalid length. [ 829.378039][T30368] netlink: 'syz.3.7164': attribute type 8 has an invalid length. [ 829.391846][T30368] netlink: 'syz.3.7164': attribute type 15 has an invalid length. [ 829.435278][T30368] netlink: 'syz.3.7164': attribute type 1 has an invalid length. [ 829.443553][T30368] netlink: 208 bytes leftover after parsing attributes in process `syz.3.7164'. [ 829.457150][T30370] openvswitch: netlink: Unexpected mask (mask=240, allowed=10048) [ 829.564155][T30375] tipc: Enabling of bearer rejected, already enabled [ 830.206475][T30411] (unnamed net_device) (uninitialized): option all_slaves_active: invalid value (7) [ 830.414625][T30422] veth77: left promiscuous mode [ 830.461196][T30422] veth79: left promiscuous mode [ 830.503887][T30426] tipc: Resetting bearer [ 830.533744][T30426] syzkaller0: left promiscuous mode [ 830.539032][T30426] syzkaller0: left allmulticast mode [ 830.585182][T30426] veth65: left promiscuous mode [ 830.855961][T30450] syzkaller1: entered allmulticast mode [ 831.022583][T30460] FAULT_INJECTION: forcing a failure. [ 831.022583][T30460] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 831.071257][T30460] CPU: 0 UID: 0 PID: 30460 Comm: syz.2.7196 Not tainted syzkaller #0 PREEMPT(full) [ 831.071288][T30460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 831.071302][T30460] Call Trace: [ 831.071311][T30460] [ 831.071321][T30460] dump_stack_lvl+0x189/0x250 [ 831.071356][T30460] ? __pfx____ratelimit+0x10/0x10 [ 831.071385][T30460] ? __pfx_dump_stack_lvl+0x10/0x10 [ 831.071411][T30460] ? __pfx__printk+0x10/0x10 [ 831.071438][T30460] ? __might_fault+0xb0/0x130 [ 831.071468][T30460] ? lock_acquire+0x5f/0x360 [ 831.071500][T30460] ? rcu_is_watching+0x15/0xb0 [ 831.071523][T30460] should_fail_ex+0x414/0x560 [ 831.071552][T30460] _copy_to_user+0x31/0xb0 [ 831.071577][T30460] bpf_vlog_reverse_ubuf+0x29f/0x410 [ 831.071611][T30460] bpf_vlog_finalize+0x158/0x400 [ 831.071641][T30460] btf_new_fd+0x481/0xc90 [ 831.071664][T30460] ? apparmor_capable+0x137/0x1b0 [ 831.071692][T30460] ? __pfx_btf_new_fd+0x10/0x10 [ 831.071716][T30460] ? bpf_token_put+0x143/0x160 [ 831.071751][T30460] ? bpf_btf_load+0x126/0x190 [ 831.071782][T30460] __sys_bpf+0x406/0x870 [ 831.071829][T30460] ? __pfx___sys_bpf+0x10/0x10 [ 831.071863][T30460] ? ksys_write+0x22a/0x250 [ 831.071893][T30460] ? __pfx_ksys_write+0x10/0x10 [ 831.071926][T30460] __x64_sys_bpf+0x7c/0x90 [ 831.071952][T30460] do_syscall_64+0xfa/0x3b0 [ 831.071972][T30460] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 831.072000][T30460] ? clear_bhb_loop+0x60/0xb0 [ 831.072024][T30460] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 831.072046][T30460] RIP: 0033:0x7f0922f8ebe9 [ 831.072063][T30460] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 831.072080][T30460] RSP: 002b:00007f0923ddc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 831.072104][T30460] RAX: ffffffffffffffda RBX: 00007f09231b5fa0 RCX: 00007f0922f8ebe9 [ 831.072120][T30460] RDX: 0000000000000028 RSI: 0000200000000140 RDI: 0000000000000012 [ 831.072134][T30460] RBP: 00007f0923ddc090 R08: 0000000000000000 R09: 0000000000000000 [ 831.072148][T30460] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 831.072161][T30460] R13: 00007f09231b6038 R14: 00007f09231b5fa0 R15: 00007ffec9dca378 [ 831.072187][T30460] [ 831.938765][T30482] FAULT_INJECTION: forcing a failure. [ 831.938765][T30482] name failslab, interval 1, probability 0, space 0, times 0 [ 831.973134][T30482] CPU: 0 UID: 0 PID: 30482 Comm: syz.0.7206 Not tainted syzkaller #0 PREEMPT(full) [ 831.973165][T30482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 831.973179][T30482] Call Trace: [ 831.973187][T30482] [ 831.973196][T30482] dump_stack_lvl+0x189/0x250 [ 831.973225][T30482] ? __pfx____ratelimit+0x10/0x10 [ 831.973256][T30482] ? __pfx_dump_stack_lvl+0x10/0x10 [ 831.973282][T30482] ? __pfx__printk+0x10/0x10 [ 831.973314][T30482] ? __pfx___might_resched+0x10/0x10 [ 831.973335][T30482] ? lock_acquire+0x5f/0x360 [ 831.973367][T30482] should_fail_ex+0x414/0x560 [ 831.973394][T30482] should_failslab+0xa8/0x100 [ 831.973426][T30482] __kmalloc_noprof+0xcb/0x4f0 [ 831.973453][T30482] ? rcu_is_watching+0x15/0xb0 [ 831.973472][T30482] ? fib_nl2rule+0x2f5/0x19f0 [ 831.973496][T30482] fib_nl2rule+0x2f5/0x19f0 [ 831.973515][T30482] ? rcu_is_watching+0x15/0xb0 [ 831.973540][T30482] ? __pfx_fib_nl2rule+0x10/0x10 [ 831.973562][T30482] ? __nla_parse+0x40/0x60 [ 831.973594][T30482] fib_delrule+0x2e0/0x1e00 [ 831.973618][T30482] ? unwind_next_frame+0xa5/0x2390 [ 831.973644][T30482] ? is_bpf_text_address+0x26/0x2b0 [ 831.973684][T30482] ? rcu_is_watching+0x15/0xb0 [ 831.973706][T30482] ? rcu_is_watching+0x15/0xb0 [ 831.973726][T30482] ? lock_release+0x4b/0x3e0 [ 831.973755][T30482] ? lock_release+0x4b/0x3e0 [ 831.973788][T30482] ? __pfx_fib_delrule+0x10/0x10 [ 831.973807][T30482] ? is_bpf_text_address+0x26/0x2b0 [ 831.973851][T30482] ? rcu_is_watching+0x15/0xb0 [ 831.973871][T30482] ? lock_release+0x4b/0x3e0 [ 831.973900][T30482] ? bpf_lsm_capable+0x9/0x20 [ 831.973929][T30482] ? security_capable+0x7e/0x2e0 [ 831.973963][T30482] ? __pfx_fib_nl_delrule+0x10/0x10 [ 831.973985][T30482] rtnetlink_rcv_msg+0x7cc/0xb70 [ 831.974019][T30482] ? rtnetlink_rcv_msg+0x1ab/0xb70 [ 831.974050][T30482] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 831.974082][T30482] ? __netlink_lookup+0xbd/0x810 [ 831.974101][T30482] ? rcu_is_watching+0x15/0xb0 [ 831.974123][T30482] ? rcu_is_watching+0x15/0xb0 [ 831.974147][T30482] netlink_rcv_skb+0x208/0x470 [ 831.974179][T30482] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 831.974212][T30482] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 831.974255][T30482] netlink_unicast+0x82f/0x9e0 [ 831.974289][T30482] ? __pfx_netlink_unicast+0x10/0x10 [ 831.974319][T30482] ? netlink_sendmsg+0x642/0xb30 [ 831.974349][T30482] ? skb_put+0x11b/0x210 [ 831.974372][T30482] netlink_sendmsg+0x805/0xb30 [ 831.974410][T30482] ? __pfx_netlink_sendmsg+0x10/0x10 [ 831.974445][T30482] ? aa_sock_msg_perm+0xf1/0x1d0 [ 831.974465][T30482] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 831.974488][T30482] ? __pfx_netlink_sendmsg+0x10/0x10 [ 831.974521][T30482] __sock_sendmsg+0x219/0x270 [ 831.974550][T30482] ____sys_sendmsg+0x505/0x830 [ 831.974576][T30482] ? __pfx_____sys_sendmsg+0x10/0x10 [ 831.974603][T30482] ? import_iovec+0x74/0xa0 [ 831.974629][T30482] ___sys_sendmsg+0x21f/0x2a0 [ 831.974653][T30482] ? __pfx____sys_sendmsg+0x10/0x10 [ 831.974702][T30482] ? __fget_files+0x2a/0x420 [ 831.974721][T30482] ? __fget_files+0x3a0/0x420 [ 831.974745][T30482] __x64_sys_sendmsg+0x19b/0x260 [ 831.974769][T30482] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 831.974798][T30482] ? __pfx_ksys_write+0x10/0x10 [ 831.974825][T30482] ? rcu_is_watching+0x15/0xb0 [ 831.974849][T30482] ? rcu_is_watching+0x15/0xb0 [ 831.974871][T30482] do_syscall_64+0xfa/0x3b0 [ 831.974891][T30482] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 831.974913][T30482] ? clear_bhb_loop+0x60/0xb0 [ 831.974937][T30482] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 831.974958][T30482] RIP: 0033:0x7f88d0d8ebe9 [ 831.974977][T30482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 831.974996][T30482] RSP: 002b:00007f88d1b45038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 831.975019][T30482] RAX: ffffffffffffffda RBX: 00007f88d0fb5fa0 RCX: 00007f88d0d8ebe9 [ 831.975035][T30482] RDX: 0000000000000000 RSI: 0000200000000600 RDI: 0000000000000003 [ 831.975049][T30482] RBP: 00007f88d1b45090 R08: 0000000000000000 R09: 0000000000000000 [ 831.975063][T30482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 831.975076][T30482] R13: 00007f88d0fb6038 R14: 00007f88d0fb5fa0 R15: 00007fff1b875758 [ 831.975102][T30482] [ 832.532484][T30490] bond0: entered promiscuous mode [ 832.568875][T30490] bond0: left promiscuous mode [ 832.791107][T30497] syzkaller1: entered allmulticast mode [ 833.131064][T30505] tipc: Enabled bearer , priority 0 [ 833.162445][T30510] syzkaller0: entered promiscuous mode [ 833.167976][T30510] syzkaller0: entered allmulticast mode [ 833.205866][T30493] lo speed is unknown, defaulting to 1000 [ 833.215581][T30504] tipc: Resetting bearer [ 833.250169][T30516] netlink: 'syz.1.7211': attribute type 13 has an invalid length. [ 833.263055][T30504] tipc: Disabling bearer [ 833.263963][T30516] netlink: 'syz.1.7211': attribute type 17 has an invalid length. [ 833.594314][T30516] 8021q: adding VLAN 0 to HW filter on device bond0 [ 833.608690][T30516] 8021q: adding VLAN 0 to HW filter on device team0 [ 833.639298][T30516] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 833.676494][T30520] syzkaller1: entered allmulticast mode [ 833.982395][T30528] IPVS: set_ctl: invalid protocol: 59 127.0.0.1:20000 [ 834.215980][T30540] FAULT_INJECTION: forcing a failure. [ 834.215980][T30540] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 834.281200][T30540] CPU: 0 UID: 0 PID: 30540 Comm: syz.4.7226 Not tainted syzkaller #0 PREEMPT(full) [ 834.281231][T30540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 834.281245][T30540] Call Trace: [ 834.281254][T30540] [ 834.281263][T30540] dump_stack_lvl+0x189/0x250 [ 834.281294][T30540] ? __pfx____ratelimit+0x10/0x10 [ 834.281327][T30540] ? __pfx_dump_stack_lvl+0x10/0x10 [ 834.281352][T30540] ? __pfx__printk+0x10/0x10 [ 834.281380][T30540] ? __might_fault+0xb0/0x130 [ 834.281415][T30540] ? rcu_is_watching+0x15/0xb0 [ 834.281438][T30540] should_fail_ex+0x414/0x560 [ 834.281468][T30540] _copy_from_user+0x2d/0xb0 [ 834.281490][T30540] ___sys_sendmsg+0x158/0x2a0 [ 834.281514][T30540] ? __pfx____sys_sendmsg+0x10/0x10 [ 834.281557][T30540] ? __fget_files+0x2a/0x420 [ 834.281575][T30540] ? __fget_files+0x3a0/0x420 [ 834.281599][T30540] __x64_sys_sendmsg+0x19b/0x260 [ 834.281624][T30540] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 834.281653][T30540] ? __pfx_ksys_write+0x10/0x10 [ 834.281677][T30540] ? rcu_is_watching+0x15/0xb0 [ 834.281707][T30540] ? rcu_is_watching+0x15/0xb0 [ 834.281727][T30540] do_syscall_64+0xfa/0x3b0 [ 834.281746][T30540] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 834.281764][T30540] ? clear_bhb_loop+0x60/0xb0 [ 834.281786][T30540] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 834.281806][T30540] RIP: 0033:0x7ff89778ebe9 [ 834.281825][T30540] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 834.281845][T30540] RSP: 002b:00007ff898571038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 834.281867][T30540] RAX: ffffffffffffffda RBX: 00007ff8979b5fa0 RCX: 00007ff89778ebe9 [ 834.281884][T30540] RDX: 0000000000000040 RSI: 0000200000000380 RDI: 0000000000000004 [ 834.281898][T30540] RBP: 00007ff898571090 R08: 0000000000000000 R09: 0000000000000000 [ 834.281913][T30540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 834.281926][T30540] R13: 00007ff8979b6038 R14: 00007ff8979b5fa0 R15: 00007ffd0a7e4fa8 [ 834.281952][T30540] [ 834.347169][T30546] sit0: entered promiscuous mode [ 834.511627][T30550] netlink: 'syz.0.7232': attribute type 1 has an invalid length. [ 834.529878][T30553] __nla_validate_parse: 14 callbacks suppressed [ 834.529900][T30553] netlink: 24 bytes leftover after parsing attributes in process `syz.4.7233'. [ 834.553901][T30546] netlink: 'syz.3.7230': attribute type 1 has an invalid length. [ 834.608002][T30546] netlink: 1 bytes leftover after parsing attributes in process `syz.3.7230'. [ 834.707693][T30558] bond51: (slave geneve3): making interface the new active one [ 834.721762][T30558] bond51: (slave geneve3): Enslaving as an active interface with an up link [ 834.758362][T30568] netlink: 'syz.4.7238': attribute type 1 has an invalid length. [ 834.766994][T30568] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7238'. [ 834.770975][ T37] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 20000 - 0 [ 834.798908][T30568] FAULT_INJECTION: forcing a failure. [ 834.798908][T30568] name failslab, interval 1, probability 0, space 0, times 0 [ 834.812750][ T37] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 20000 - 0 [ 834.821216][ T37] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 20000 - 0 [ 834.821467][T30568] CPU: 1 UID: 0 PID: 30568 Comm: syz.4.7238 Not tainted syzkaller #0 PREEMPT(full) [ 834.821496][T30568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 834.821511][T30568] Call Trace: [ 834.821519][T30568] [ 834.821528][T30568] dump_stack_lvl+0x189/0x250 [ 834.821562][T30568] ? __pfx____ratelimit+0x10/0x10 [ 834.821595][T30568] ? __pfx_dump_stack_lvl+0x10/0x10 [ 834.821621][T30568] ? __pfx__printk+0x10/0x10 [ 834.821652][T30568] ? genl_family_rcv_msg_doit+0x267/0x300 [ 834.821679][T30568] ? __pfx___might_resched+0x10/0x10 [ 834.821702][T30568] ? lock_acquire+0x5f/0x360 [ 834.821735][T30568] should_fail_ex+0x414/0x560 [ 834.821768][T30568] should_failslab+0xa8/0x100 [ 834.821825][T30568] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 834.821860][T30568] ? __alloc_skb+0x112/0x2d0 [ 834.821886][T30568] __alloc_skb+0x112/0x2d0 [ 834.821911][T30568] netlink_ack+0x146/0xa50 [ 834.821943][T30568] ? __pfx_genl_rcv_msg+0x10/0x10 [ 834.821970][T30568] ? __kasan_slab_alloc+0x6c/0x80 [ 834.822005][T30568] ? __netlink_lookup+0xbd/0x810 [ 834.822026][T30568] ? rcu_is_watching+0x15/0xb0 [ 834.822058][T30568] netlink_rcv_skb+0x28c/0x470 [ 834.822092][T30568] ? __pfx_genl_rcv_msg+0x10/0x10 [ 834.822123][T30568] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 834.822165][T30568] ? lock_release+0x4b/0x3e0 [ 834.822204][T30568] ? down_read+0x1ad/0x2e0 [ 834.822228][T30568] genl_rcv+0x28/0x40 [ 834.822254][T30568] netlink_unicast+0x82f/0x9e0 [ 834.822293][T30568] ? __pfx_netlink_unicast+0x10/0x10 [ 834.822327][T30568] ? netlink_sendmsg+0x642/0xb30 [ 834.822363][T30568] ? skb_put+0x11b/0x210 [ 834.822388][T30568] netlink_sendmsg+0x805/0xb30 [ 834.822496][T30568] ? __pfx_netlink_sendmsg+0x10/0x10 [ 834.822535][T30568] ? aa_sock_msg_perm+0xf1/0x1d0 [ 834.822561][T30568] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 834.822588][T30568] ? __pfx_netlink_sendmsg+0x10/0x10 [ 834.822625][T30568] __sock_sendmsg+0x219/0x270 [ 834.822661][T30568] ____sys_sendmsg+0x505/0x830 [ 834.822689][T30568] ? __pfx_____sys_sendmsg+0x10/0x10 [ 834.822722][T30568] ? import_iovec+0x74/0xa0 [ 834.822753][T30568] ___sys_sendmsg+0x21f/0x2a0 [ 834.822782][T30568] ? __pfx____sys_sendmsg+0x10/0x10 [ 834.822832][T30568] ? __fget_files+0x2a/0x420 [ 834.822852][T30568] ? __fget_files+0x3a0/0x420 [ 834.822880][T30568] __x64_sys_sendmsg+0x19b/0x260 [ 834.822908][T30568] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 834.822942][T30568] ? __pfx_ksys_write+0x10/0x10 [ 834.822983][T30568] ? rcu_is_watching+0x15/0xb0 [ 834.823009][T30568] ? rcu_is_watching+0x15/0xb0 [ 834.823044][T30568] do_syscall_64+0xfa/0x3b0 [ 834.823064][T30568] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 834.823086][T30568] ? clear_bhb_loop+0x60/0xb0 [ 834.823112][T30568] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 834.823133][T30568] RIP: 0033:0x7ff89778ebe9 [ 834.823151][T30568] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 834.823173][T30568] RSP: 002b:00007ff898571038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 834.823198][T30568] RAX: ffffffffffffffda RBX: 00007ff8979b5fa0 RCX: 00007ff89778ebe9 [ 834.823215][T30568] RDX: 0000000000000040 RSI: 0000200000000100 RDI: 0000000000000003 [ 834.823230][T30568] RBP: 00007ff898571090 R08: 0000000000000000 R09: 0000000000000000 [ 834.823243][T30568] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 834.823258][T30568] R13: 00007ff8979b6038 R14: 00007ff8979b5fa0 R15: 00007ffd0a7e4fa8 [ 834.823284][T30568] [ 834.872969][T30570] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7239'. [ 834.911149][ T37] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 20000 - 0 [ 834.939399][T30571] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7239'. [ 835.263291][T30577] netlink: 24 bytes leftover after parsing attributes in process `syz.3.7242'. [ 835.368055][T30581] syzkaller1: entered allmulticast mode [ 835.690231][ T124] block nbd2: Possible stuck request ffff888024f65080: control (read@0,1024B). Runtime 30 seconds [ 835.701188][ T124] block nbd2: Possible stuck request ffff888024f65240: control (read@1024,1024B). Runtime 30 seconds [ 835.712409][ T124] block nbd2: Possible stuck request ffff888024f65400: control (read@2048,1024B). Runtime 30 seconds [ 835.723511][ T124] block nbd2: Possible stuck request ffff888024f655c0: control (read@3072,1024B). Runtime 30 seconds [ 835.779789][T30576] lo speed is unknown, defaulting to 1000 [ 835.902782][T30607] netlink: 256 bytes leftover after parsing attributes in process `syz.3.7252'. [ 835.932575][T30607] netlink: 48 bytes leftover after parsing attributes in process `syz.3.7252'. [ 835.949316][T30607] pimreg: left allmulticast mode [ 836.099253][T30614] tipc: Enabled bearer , priority 0 [ 836.106946][T30614] syzkaller0: entered promiscuous mode [ 836.114225][T30614] syzkaller0: entered allmulticast mode [ 836.136474][T30614] tipc: Resetting bearer [ 836.183016][T30613] tipc: Resetting bearer [ 836.243340][T30613] tipc: Disabling bearer [ 836.381266][T30628] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7260'. [ 836.411609][T30630] netlink: 'syz.2.7262': attribute type 7 has an invalid length. [ 836.627478][T30641] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7263'. [ 837.107451][T30641] veth39: left allmulticast mode [ 837.119243][T30641] veth39: left promiscuous mode [ 837.131241][T30641] bridge0: port 1(veth39) entered disabled state [ 837.454026][T30665] (unnamed net_device) (uninitialized): option lacp_rate: mode dependency failed, not supported in mode balance-tlb(5) [ 837.467282][T30667] FAULT_INJECTION: forcing a failure. [ 837.467282][T30667] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 837.497791][T30667] CPU: 1 UID: 0 PID: 30667 Comm: syz.4.7274 Not tainted syzkaller #0 PREEMPT(full) [ 837.497822][T30667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 837.497835][T30667] Call Trace: [ 837.497844][T30667] [ 837.497853][T30667] dump_stack_lvl+0x189/0x250 [ 837.497902][T30667] ? __pfx____ratelimit+0x10/0x10 [ 837.497935][T30667] ? __pfx_dump_stack_lvl+0x10/0x10 [ 837.497960][T30667] ? __pfx__printk+0x10/0x10 [ 837.497994][T30667] ? rcu_is_watching+0x15/0xb0 [ 837.498018][T30667] should_fail_ex+0x414/0x560 [ 837.498049][T30667] _copy_to_user+0x31/0xb0 [ 837.498075][T30667] simple_read_from_buffer+0xe1/0x170 [ 837.498109][T30667] proc_fail_nth_read+0x1b3/0x220 [ 837.498134][T30667] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 837.498159][T30667] ? rw_verify_area+0x2a6/0x4d0 [ 837.498186][T30667] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 837.498211][T30667] vfs_read+0x1fd/0xa30 [ 837.498237][T30667] ? fdget_pos+0x247/0x320 [ 837.498258][T30667] ? __pfx___mutex_lock+0x10/0x10 [ 837.498291][T30667] ? __pfx_vfs_read+0x10/0x10 [ 837.498322][T30667] ? __fget_files+0x3a0/0x420 [ 837.498339][T30667] ? __fget_files+0x2a/0x420 [ 837.498363][T30667] ksys_read+0x145/0x250 [ 837.498393][T30667] ? __pfx_ksys_read+0x10/0x10 [ 837.498424][T30667] ? rcu_is_watching+0x15/0xb0 [ 837.498447][T30667] do_syscall_64+0xfa/0x3b0 [ 837.498475][T30667] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 837.498498][T30667] ? clear_bhb_loop+0x60/0xb0 [ 837.498522][T30667] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 837.498544][T30667] RIP: 0033:0x7ff89778d5fc [ 837.498562][T30667] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 837.498582][T30667] RSP: 002b:00007ff898571030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 837.498606][T30667] RAX: ffffffffffffffda RBX: 00007ff8979b5fa0 RCX: 00007ff89778d5fc [ 837.498623][T30667] RDX: 000000000000000f RSI: 00007ff8985710a0 RDI: 0000000000000003 [ 837.498637][T30667] RBP: 00007ff898571090 R08: 0000000000000000 R09: 0000000000000000 [ 837.498651][T30667] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 837.498663][T30667] R13: 00007ff8979b6038 R14: 00007ff8979b5fa0 R15: 00007ffd0a7e4fa8 [ 837.498690][T30667] [ 837.741880][T30671] 8021q: adding VLAN 0 to HW filter on device bond58 [ 837.880314][T30671] veth71: entered promiscuous mode [ 837.893076][T30671] bond58: (slave veth71): Enslaving as an active interface with an up link [ 838.013833][T30688] netlink: zone id is out of range [ 838.026821][T30685] tipc: Enabling of bearer rejected, failed to enable media [ 838.097262][T30688] netlink: zone id is out of range [ 838.098461][T30691] netlink: del zone limit has 4 unknown bytes [ 838.238016][T30688] netlink: set zone limit has 4 unknown bytes [ 839.254551][T16676] udevd[16676]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory [ 839.286087][T14685] udevd[14685]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory [ 839.471558][T30760] bridge0: the hash_elasticity option has been deprecated and is always 16 [ 839.480949][T30760] bridge0: entered allmulticast mode [ 839.486463][T30762] tipc: Enabling of bearer rejected, already enabled [ 839.731735][T30781] __nla_validate_parse: 11 callbacks suppressed [ 839.731758][T30781] netlink: 36 bytes leftover after parsing attributes in process `syz.1.7307'. [ 839.797939][T30781] netlink: 16 bytes leftover after parsing attributes in process `syz.1.7307'. [ 839.845756][T30781] openvswitch: netlink: Flow actions attr not present in new flow. [ 839.974834][T30794] gtp0: entered promiscuous mode [ 839.984720][T30794] gtp0: entered allmulticast mode [ 840.019125][T30797] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7312'. [ 840.093298][T30789] lo speed is unknown, defaulting to 1000 [ 840.161696][ T55] block nbd0: Possible stuck request ffff888024ef0000: control (read@0,1024B). Runtime 570 seconds [ 840.173025][ T55] block nbd0: Possible stuck request ffff888024ef01c0: control (read@1024,1024B). Runtime 570 seconds [ 840.184850][ T55] block nbd0: Possible stuck request ffff888024ef0380: control (read@2048,1024B). Runtime 570 seconds [ 840.198611][ T55] block nbd0: Possible stuck request ffff888024ef0540: control (read@3072,1024B). Runtime 570 seconds [ 840.422770][T30816] netlink: 'syz.3.7319': attribute type 1 has an invalid length. [ 840.444271][T30816] netlink: 'syz.3.7319': attribute type 6 has an invalid length. [ 840.452777][T30816] netlink: 'syz.3.7319': attribute type 3 has an invalid length. [ 840.670933][T30811] lo speed is unknown, defaulting to 1000 [ 840.886342][T30829] netlink: 36 bytes leftover after parsing attributes in process `syz.2.7322'. [ 840.911859][T30833] netlink: 'syz.0.7325': attribute type 1 has an invalid length. [ 840.936736][T30833] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7325'. [ 840.980556][T30828] netlink: 16 bytes leftover after parsing attributes in process `syz.2.7322'. [ 840.989942][T30828] openvswitch: netlink: Flow actions attr not present in new flow. [ 841.098860][T30840] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7328'. [ 841.118432][T30841] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7327'. [ 841.131124][T30840] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7328'. [ 841.158646][T30840] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7328'. [ 841.288815][T30841] 8021q: adding VLAN 0 to HW filter on device bond52 [ 841.455053][T30847] veth73: entered promiscuous mode [ 841.464095][T30847] bond52: (slave veth73): Enslaving as an active interface with an up link [ 841.744280][T30876] FAULT_INJECTION: forcing a failure. [ 841.744280][T30876] name failslab, interval 1, probability 0, space 0, times 0 [ 841.796566][T30876] CPU: 0 UID: 0 PID: 30876 Comm: syz.3.7340 Not tainted syzkaller #0 PREEMPT(full) [ 841.796597][T30876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 841.796611][T30876] Call Trace: [ 841.796619][T30876] [ 841.796629][T30876] dump_stack_lvl+0x189/0x250 [ 841.796667][T30876] ? __pfx____ratelimit+0x10/0x10 [ 841.796695][T30876] ? __pfx_dump_stack_lvl+0x10/0x10 [ 841.796718][T30876] ? __pfx__printk+0x10/0x10 [ 841.796744][T30876] ? __might_fault+0xcc/0x130 [ 841.796772][T30876] ? __pfx___might_resched+0x10/0x10 [ 841.796792][T30876] ? lock_acquire+0x5f/0x360 [ 841.796821][T30876] should_fail_ex+0x414/0x560 [ 841.796849][T30876] should_failslab+0xa8/0x100 [ 841.796894][T30876] kmem_cache_alloc_noprof+0x73/0x3c0 [ 841.796921][T30876] ? skb_clone+0x212/0x3a0 [ 841.796947][T30876] skb_clone+0x212/0x3a0 [ 841.796972][T30876] pfkey_sendmsg+0x44b/0x1090 [ 841.796991][T30876] ? mntput_no_expire+0xb9/0x9d0 [ 841.797020][T30876] ? unwind_next_frame+0xa5/0x2390 [ 841.797046][T30876] ? rcu_is_watching+0x15/0xb0 [ 841.797067][T30876] ? __pfx_pfkey_sendmsg+0x10/0x10 [ 841.797101][T30876] ? aa_sock_msg_perm+0xf1/0x1d0 [ 841.797122][T30876] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 841.797152][T30876] ? __pfx_pfkey_sendmsg+0x10/0x10 [ 841.797173][T30876] __sock_sendmsg+0x219/0x270 [ 841.797203][T30876] ____sys_sendmsg+0x505/0x830 [ 841.797228][T30876] ? __pfx_____sys_sendmsg+0x10/0x10 [ 841.797256][T30876] ? import_iovec+0x74/0xa0 [ 841.797282][T30876] ___sys_sendmsg+0x21f/0x2a0 [ 841.797306][T30876] ? __pfx____sys_sendmsg+0x10/0x10 [ 841.797349][T30876] ? __fget_files+0x2a/0x420 [ 841.797367][T30876] ? __fget_files+0x3a0/0x420 [ 841.797390][T30876] __x64_sys_sendmsg+0x19b/0x260 [ 841.797415][T30876] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 841.797443][T30876] ? __pfx_ksys_write+0x10/0x10 [ 841.797472][T30876] ? rcu_is_watching+0x15/0xb0 [ 841.797494][T30876] ? rcu_is_watching+0x15/0xb0 [ 841.797517][T30876] do_syscall_64+0xfa/0x3b0 [ 841.797537][T30876] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 841.797558][T30876] ? clear_bhb_loop+0x60/0xb0 [ 841.797581][T30876] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 841.797602][T30876] RIP: 0033:0x7feba938ebe9 [ 841.797621][T30876] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 841.797640][T30876] RSP: 002b:00007febaa2e2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 841.797662][T30876] RAX: ffffffffffffffda RBX: 00007feba95b5fa0 RCX: 00007feba938ebe9 [ 841.797678][T30876] RDX: 0000000000000000 RSI: 00002000005f5000 RDI: 0000000000000003 [ 841.797692][T30876] RBP: 00007febaa2e2090 R08: 0000000000000000 R09: 0000000000000000 [ 841.797706][T30876] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 841.797719][T30876] R13: 00007feba95b6038 R14: 00007feba95b5fa0 R15: 00007ffc893bbd28 [ 841.797744][T30876] [ 841.990210][T30879] netlink: 'syz.0.7339': attribute type 10 has an invalid length. [ 842.015531][T30892] netlink: 'syz.1.7342': attribute type 1 has an invalid length. [ 842.040983][T30879] macvlan0: entered promiscuous mode [ 842.111526][T30879] bond0: (slave macvlan0): Enslaving as an active interface with an up link [ 842.153922][T30894] bond64: (slave ip6gretap2): Enslaving as a backup interface with an up link [ 842.203502][T30892] veth69: entered promiscuous mode [ 842.217993][T30892] bond64: (slave veth69): Enslaving as a backup interface with a down link [ 842.259477][ T3468] bond64: Warning: No 802.3ad response from the link partner for any adapters in the bond [ 842.299659][T30894] 8021q: adding VLAN 0 to HW filter on device bond64 [ 842.322383][T30901] macvtap1: entered promiscuous mode [ 842.327913][T30901] !: entered promiscuous mode [ 842.337259][T30901] macvtap1: entered allmulticast mode [ 842.343211][T30901] !: entered allmulticast mode [ 842.391051][ T37] bond64: Warning: No 802.3ad response from the link partner for any adapters in the bond [ 842.895190][T30903] lo speed is unknown, defaulting to 1000 [ 843.250390][T30906] lo speed is unknown, defaulting to 1000 [ 843.593250][T30965] syzkaller1: entered promiscuous mode [ 843.604720][T30965] syzkaller1: entered allmulticast mode [ 843.655765][T30968] FAULT_INJECTION: forcing a failure. [ 843.655765][T30968] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 843.714922][T30968] CPU: 1 UID: 0 PID: 30968 Comm: syz.3.7366 Not tainted syzkaller #0 PREEMPT(full) [ 843.714949][T30968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 843.714962][T30968] Call Trace: [ 843.714969][T30968] [ 843.714977][T30968] dump_stack_lvl+0x189/0x250 [ 843.715004][T30968] ? __pfx____ratelimit+0x10/0x10 [ 843.715031][T30968] ? __pfx_dump_stack_lvl+0x10/0x10 [ 843.715053][T30968] ? __pfx__printk+0x10/0x10 [ 843.715091][T30968] ? rcu_is_watching+0x15/0xb0 [ 843.715128][T30968] should_fail_ex+0x414/0x560 [ 843.715169][T30968] _copy_from_user+0x2d/0xb0 [ 843.715191][T30968] alg_setkey+0xb8/0x190 [ 843.715214][T30968] alg_setsockopt+0x3da/0x4a0 [ 843.715235][T30968] ? __pfx_alg_setsockopt+0x10/0x10 [ 843.715257][T30968] do_sock_setsockopt+0x179/0x1b0 [ 843.715278][T30968] __x64_sys_setsockopt+0x13f/0x1b0 [ 843.715299][T30968] do_syscall_64+0xfa/0x3b0 [ 843.715316][T30968] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 843.715336][T30968] ? clear_bhb_loop+0x60/0xb0 [ 843.715356][T30968] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 843.715392][T30968] RIP: 0033:0x7feba938ebe9 [ 843.715409][T30968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 843.715426][T30968] RSP: 002b:00007febaa2e2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 843.715448][T30968] RAX: ffffffffffffffda RBX: 00007feba95b5fa0 RCX: 00007feba938ebe9 [ 843.715462][T30968] RDX: 0000000000000001 RSI: 0000000000000117 RDI: 0000000000000003 [ 843.715474][T30968] RBP: 00007febaa2e2090 R08: 0000000000000011 R09: 0000000000000000 [ 843.715488][T30968] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001 [ 843.715500][T30968] R13: 00007feba95b6038 R14: 00007feba95b5fa0 R15: 00007ffc893bbd28 [ 843.715523][T30968] [ 844.175852][T30975] gtp0: left promiscuous mode [ 844.180601][T30975] gtp0: left allmulticast mode [ 844.198460][T30977] can: request_module (can-proto-0) failed. [ 844.210023][T30985] netlink: 'syz.2.7371': attribute type 2 has an invalid length. [ 844.254473][T30988] netlink: 'syz.2.7371': attribute type 2 has an invalid length. [ 844.535045][T30997] syzkaller1: entered promiscuous mode [ 844.540564][T30997] syzkaller1: entered allmulticast mode [ 844.677770][T31003] netlink: 'syz.1.7375': attribute type 10 has an invalid length. [ 844.743868][T31003] team0: Port device geneve0 added [ 844.767570][ T12] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 844.781988][ T12] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 844.822191][ T12] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 844.844364][ T12] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 844.873184][T31015] __nla_validate_parse: 19 callbacks suppressed [ 844.873204][T31015] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7378'. [ 844.985910][T31020] FAULT_INJECTION: forcing a failure. [ 844.985910][T31020] name failslab, interval 1, probability 0, space 0, times 0 [ 845.019685][T31020] CPU: 1 UID: 0 PID: 31020 Comm: syz.1.7380 Not tainted syzkaller #0 PREEMPT(full) [ 845.019717][T31020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 845.019732][T31020] Call Trace: [ 845.019742][T31020] [ 845.019752][T31020] dump_stack_lvl+0x189/0x250 [ 845.019784][T31020] ? __pfx____ratelimit+0x10/0x10 [ 845.019819][T31020] ? __pfx_dump_stack_lvl+0x10/0x10 [ 845.019843][T31020] ? __pfx__printk+0x10/0x10 [ 845.019871][T31020] ? read_seqbegin+0x1ac/0x250 [ 845.019898][T31020] ? __pfx___might_resched+0x10/0x10 [ 845.019925][T31020] ? lock_acquire+0x5f/0x360 [ 845.019957][T31020] should_fail_ex+0x414/0x560 [ 845.019988][T31020] should_failslab+0xa8/0x100 [ 845.020019][T31020] __kmalloc_noprof+0xcb/0x4f0 [ 845.020047][T31020] ? tomoyo_encode+0x28b/0x550 [ 845.020070][T31020] tomoyo_encode+0x28b/0x550 [ 845.020093][T31020] tomoyo_realpath_from_path+0x58d/0x5d0 [ 845.020121][T31020] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 845.020150][T31020] tomoyo_path_number_perm+0x1e8/0x5a0 [ 845.020178][T31020] ? lock_release+0x4b/0x3e0 [ 845.020208][T31020] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 845.020239][T31020] ? rcu_is_watching+0x15/0xb0 [ 845.020260][T31020] ? lock_release+0x4b/0x3e0 [ 845.020288][T31020] ? vfs_write+0x956/0xb30 [ 845.020318][T31020] ? __mutex_unlock_slowpath+0x1a1/0x740 [ 845.020360][T31020] ? lock_release+0x4b/0x3e0 [ 845.020393][T31020] ? __fget_files+0x2a/0x420 [ 845.020410][T31020] ? __fget_files+0x3a0/0x420 [ 845.020428][T31020] ? __fget_files+0x2a/0x420 [ 845.020448][T31020] security_file_ioctl+0xcb/0x2d0 [ 845.020477][T31020] __se_sys_ioctl+0x47/0x170 [ 845.020503][T31020] do_syscall_64+0xfa/0x3b0 [ 845.020523][T31020] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 845.020544][T31020] ? clear_bhb_loop+0x60/0xb0 [ 845.020568][T31020] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 845.020589][T31020] RIP: 0033:0x7f156f18ebe9 [ 845.020606][T31020] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 845.020626][T31020] RSP: 002b:00007f156fff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 845.020648][T31020] RAX: ffffffffffffffda RBX: 00007f156f3b6090 RCX: 00007f156f18ebe9 [ 845.020663][T31020] RDX: 0000200000000100 RSI: 000000004004743c RDI: 0000000000000005 [ 845.020676][T31020] RBP: 00007f156fff6090 R08: 0000000000000000 R09: 0000000000000000 [ 845.020690][T31020] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 845.020703][T31020] R13: 00007f156f3b6128 R14: 00007f156f3b6090 R15: 00007ffe3b857f88 [ 845.020727][T31020] [ 845.340941][T31020] ERROR: Out of memory at tomoyo_realpath_from_path. [ 845.456137][T31017] lo speed is unknown, defaulting to 1000 [ 845.815193][T31038] netlink: 16 bytes leftover after parsing attributes in process `syz.1.7384'. [ 846.612755][T31098] openvswitch: netlink: Unexpected mask (mask=240, allowed=10048) [ 846.614214][T31095] syzkaller1: entered allmulticast mode [ 846.660116][T31100] netlink: 324 bytes leftover after parsing attributes in process `syz.0.7404'. [ 846.892895][T31107] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7406'. [ 846.997657][T31107] macvlan3: left allmulticast mode [ 847.003699][T31107] macvlan3: left promiscuous mode [ 847.019898][T31107] bridge0: port 2(macvlan3) entered disabled state [ 847.029093][T31107] macvlan2: left allmulticast mode [ 847.034485][T31107] macvlan2: left promiscuous mode [ 847.039774][T31107] bridge0: port 1(macvlan2) entered disabled state [ 847.082691][T31110] netlink: 1041 bytes leftover after parsing attributes in process `syz.0.7407'. [ 847.095359][T31107] bridge0 (unregistering): left allmulticast mode [ 847.208139][T31109] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7407'. [ 847.218178][T31109] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7407'. [ 847.431384][T31122] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7413'. [ 847.483781][T31122] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7413'. [ 847.532900][T31129] netlink: 324 bytes leftover after parsing attributes in process `syz.4.7416'. [ 847.629313][T31131] tipc: New replicast peer: 0.0.0.0 [ 847.645563][T31131] tipc: Enabled bearer , priority 10 [ 847.674700][T31131] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00aa [ 847.712055][T31131] netlink: 'syz.0.7417': attribute type 1 has an invalid length. [ 848.038096][T31157] bridge_slave_1: left allmulticast mode [ 848.049259][T31157] bridge_slave_1: left promiscuous mode [ 848.055833][T31157] bridge0: port 2(bridge_slave_1) entered disabled state [ 848.082511][T31157] bridge_slave_0: left allmulticast mode [ 848.088371][T31157] bridge_slave_0: left promiscuous mode [ 848.094602][T31157] bridge0: port 1(bridge_slave_0) entered disabled state [ 848.672206][T31193] netlink: 'syz.3.7438': attribute type 1 has an invalid length. [ 848.698975][T31197] FAULT_INJECTION: forcing a failure. [ 848.698975][T31197] name failslab, interval 1, probability 0, space 0, times 0 [ 848.741325][T31197] CPU: 0 UID: 0 PID: 31197 Comm: syz.2.7439 Not tainted syzkaller #0 PREEMPT(full) [ 848.741357][T31197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 848.741369][T31197] Call Trace: [ 848.741377][T31197] [ 848.741388][T31197] dump_stack_lvl+0x189/0x250 [ 848.741417][T31197] ? __pfx____ratelimit+0x10/0x10 [ 848.741446][T31197] ? __pfx_dump_stack_lvl+0x10/0x10 [ 848.741468][T31197] ? __pfx__printk+0x10/0x10 [ 848.741495][T31197] ? fs_reclaim_acquire+0x7d/0x100 [ 848.741523][T31197] ? rcu_is_watching+0x15/0xb0 [ 848.741542][T31197] ? __pfx___might_resched+0x10/0x10 [ 848.741558][T31197] ? lock_acquire+0x5f/0x360 [ 848.741586][T31197] should_fail_ex+0x414/0x560 [ 848.741613][T31197] should_failslab+0xa8/0x100 [ 848.741651][T31197] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 848.741677][T31197] ? __alloc_skb+0x112/0x2d0 [ 848.741696][T31197] __alloc_skb+0x112/0x2d0 [ 848.741714][T31197] netlink_sendmsg+0x5c6/0xb30 [ 848.741747][T31197] ? __pfx_netlink_sendmsg+0x10/0x10 [ 848.741778][T31197] ? aa_sock_msg_perm+0xf1/0x1d0 [ 848.741813][T31197] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 848.741834][T31197] ? __pfx_netlink_sendmsg+0x10/0x10 [ 848.741863][T31197] __sock_sendmsg+0x219/0x270 [ 848.741889][T31197] ____sys_sendmsg+0x505/0x830 [ 848.741912][T31197] ? __pfx_____sys_sendmsg+0x10/0x10 [ 848.741937][T31197] ? import_iovec+0x74/0xa0 [ 848.741960][T31197] ___sys_sendmsg+0x21f/0x2a0 [ 848.741981][T31197] ? __pfx____sys_sendmsg+0x10/0x10 [ 848.742019][T31197] ? __fget_files+0x2a/0x420 [ 848.742035][T31197] ? __fget_files+0x3a0/0x420 [ 848.742056][T31197] __x64_sys_sendmsg+0x19b/0x260 [ 848.742078][T31197] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 848.742111][T31197] ? __pfx_ksys_write+0x10/0x10 [ 848.742135][T31197] ? rcu_is_watching+0x15/0xb0 [ 848.742157][T31197] ? rcu_is_watching+0x15/0xb0 [ 848.742176][T31197] do_syscall_64+0xfa/0x3b0 [ 848.742200][T31197] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 848.742219][T31197] ? clear_bhb_loop+0x60/0xb0 [ 848.742241][T31197] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 848.742259][T31197] RIP: 0033:0x7f0922f8ebe9 [ 848.742279][T31197] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 848.742298][T31197] RSP: 002b:00007f0923ddc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 848.742320][T31197] RAX: ffffffffffffffda RBX: 00007f09231b5fa0 RCX: 00007f0922f8ebe9 [ 848.742335][T31197] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003 [ 848.742348][T31197] RBP: 00007f0923ddc090 R08: 0000000000000000 R09: 0000000000000000 [ 848.742361][T31197] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 848.742374][T31197] R13: 00007f09231b6038 R14: 00007f09231b5fa0 R15: 00007ffec9dca378 [ 848.742398][T31197] [ 849.169762][T31213] openvswitch: netlink: Unexpected mask (mask=240, allowed=10048) [ 849.437241][T31229] FAULT_INJECTION: forcing a failure. [ 849.437241][T31229] name failslab, interval 1, probability 0, space 0, times 0 [ 849.480988][T31229] CPU: 0 UID: 0 PID: 31229 Comm: syz.1.7451 Not tainted syzkaller #0 PREEMPT(full) [ 849.481019][T31229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 849.481032][T31229] Call Trace: [ 849.481040][T31229] [ 849.481049][T31229] dump_stack_lvl+0x189/0x250 [ 849.481078][T31229] ? __pfx____ratelimit+0x10/0x10 [ 849.481106][T31229] ? __pfx_dump_stack_lvl+0x10/0x10 [ 849.481129][T31229] ? __pfx__printk+0x10/0x10 [ 849.481159][T31229] ? __pfx___might_resched+0x10/0x10 [ 849.481179][T31229] ? lock_acquire+0x5f/0x360 [ 849.481208][T31229] should_fail_ex+0x414/0x560 [ 849.481237][T31229] should_failslab+0xa8/0x100 [ 849.481267][T31229] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 849.481294][T31229] ? __alloc_skb+0x112/0x2d0 [ 849.481314][T31229] __alloc_skb+0x112/0x2d0 [ 849.481333][T31229] netlink_ack+0x146/0xa50 [ 849.481363][T31229] ? rcu_is_watching+0x15/0xb0 [ 849.481383][T31229] ? trace_contention_end+0x39/0x120 [ 849.481409][T31229] netlink_rcv_skb+0x28c/0x470 [ 849.481438][T31229] ? __pfx_xfrm_user_rcv_msg+0x10/0x10 [ 849.481464][T31229] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 849.481500][T31229] ? lock_release+0x4b/0x3e0 [ 849.481528][T31229] ? netlink_deliver_tap+0x2e/0x1b0 [ 849.481559][T31229] xfrm_netlink_rcv+0x79/0x90 [ 849.481590][T31229] netlink_unicast+0x82f/0x9e0 [ 849.481621][T31229] ? __pfx_netlink_unicast+0x10/0x10 [ 849.481648][T31229] ? netlink_sendmsg+0x642/0xb30 [ 849.481677][T31229] ? skb_put+0x11b/0x210 [ 849.481697][T31229] netlink_sendmsg+0x805/0xb30 [ 849.481731][T31229] ? __pfx_netlink_sendmsg+0x10/0x10 [ 849.481762][T31229] ? aa_sock_msg_perm+0xf1/0x1d0 [ 849.481781][T31229] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 849.481820][T31229] ? __pfx_netlink_sendmsg+0x10/0x10 [ 849.481852][T31229] __sock_sendmsg+0x219/0x270 [ 849.481881][T31229] ____sys_sendmsg+0x505/0x830 [ 849.481907][T31229] ? __pfx_____sys_sendmsg+0x10/0x10 [ 849.481935][T31229] ? import_iovec+0x74/0xa0 [ 849.481961][T31229] ___sys_sendmsg+0x21f/0x2a0 [ 849.481985][T31229] ? __pfx____sys_sendmsg+0x10/0x10 [ 849.482029][T31229] ? __fget_files+0x2a/0x420 [ 849.482048][T31229] ? __fget_files+0x3a0/0x420 [ 849.482072][T31229] __x64_sys_sendmsg+0x19b/0x260 [ 849.482097][T31229] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 849.482126][T31229] ? __pfx_ksys_write+0x10/0x10 [ 849.482158][T31229] ? rcu_is_watching+0x15/0xb0 [ 849.482180][T31229] do_syscall_64+0xfa/0x3b0 [ 849.482201][T31229] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 849.482222][T31229] ? clear_bhb_loop+0x60/0xb0 [ 849.482247][T31229] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 849.482268][T31229] RIP: 0033:0x7f156f18ebe9 [ 849.482287][T31229] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 849.482307][T31229] RSP: 002b:00007f1570017038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 849.482331][T31229] RAX: ffffffffffffffda RBX: 00007f156f3b5fa0 RCX: 00007f156f18ebe9 [ 849.482348][T31229] RDX: 0000000020004040 RSI: 0000200000000480 RDI: 0000000000000003 [ 849.482362][T31229] RBP: 00007f1570017090 R08: 0000000000000000 R09: 0000000000000000 [ 849.482376][T31229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 849.482389][T31229] R13: 00007f156f3b6038 R14: 00007f156f3b5fa0 R15: 00007ffe3b857f88 [ 849.482414][T31229] [ 849.980984][T31224] lo speed is unknown, defaulting to 1000 [ 850.628955][T31267] openvswitch: netlink: Unexpected mask (mask=240, allowed=10048) [ 850.650727][T31269] __nla_validate_parse: 10 callbacks suppressed [ 850.650749][T31269] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7461'. [ 850.709251][T31268] syzkaller1: entered allmulticast mode [ 850.901140][T31278] FAULT_INJECTION: forcing a failure. [ 850.901140][T31278] name failslab, interval 1, probability 0, space 0, times 0 [ 850.955443][T31278] CPU: 1 UID: 0 PID: 31278 Comm: syz.2.7465 Not tainted syzkaller #0 PREEMPT(full) [ 850.955475][T31278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 850.955489][T31278] Call Trace: [ 850.955497][T31278] [ 850.955506][T31278] dump_stack_lvl+0x189/0x250 [ 850.955538][T31278] ? __pfx____ratelimit+0x10/0x10 [ 850.955569][T31278] ? __pfx_dump_stack_lvl+0x10/0x10 [ 850.955593][T31278] ? __pfx__printk+0x10/0x10 [ 850.955623][T31278] ? fs_reclaim_acquire+0x7d/0x100 [ 850.955656][T31278] ? rcu_is_watching+0x15/0xb0 [ 850.955676][T31278] ? __pfx___might_resched+0x10/0x10 [ 850.955695][T31278] ? lock_acquire+0x5f/0x360 [ 850.955727][T31278] should_fail_ex+0x414/0x560 [ 850.955758][T31278] should_failslab+0xa8/0x100 [ 850.955789][T31278] __kmalloc_cache_noprof+0x70/0x3d0 [ 850.955817][T31278] ? call_usermodehelper_setup+0x8e/0x270 [ 850.955854][T31278] ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0 [ 850.955887][T31278] call_usermodehelper_setup+0x8e/0x270 [ 850.955918][T31278] ? __pfx_free_modprobe_argv+0x10/0x10 [ 850.955952][T31278] __request_module+0x39f/0x5e0 [ 850.955987][T31278] ? __pfx___request_module+0x10/0x10 [ 850.956019][T31278] ? rcu_is_watching+0x15/0xb0 [ 850.956039][T31278] ? lock_acquire+0x5f/0x360 [ 850.956072][T31278] ? lock_release+0x4b/0x3e0 [ 850.956106][T31278] __xfrm_init_state+0x852/0x13f0 [ 850.956132][T31278] ? __xfrm_init_state+0x7ef/0x13f0 [ 850.956160][T31278] xfrm_init_state+0x18/0xa0 [ 850.956183][T31278] pfkey_add+0x1d38/0x2e00 [ 850.956214][T31278] ? __pfx_pfkey_add+0x10/0x10 [ 850.956232][T31278] ? kmem_cache_free+0x18f/0x400 [ 850.956274][T31278] pfkey_sendmsg+0xbfe/0x1090 [ 850.956293][T31278] ? mntput_no_expire+0xb9/0x9d0 [ 850.956328][T31278] ? __pfx_pfkey_sendmsg+0x10/0x10 [ 850.956363][T31278] ? aa_sock_msg_perm+0xf1/0x1d0 [ 850.956383][T31278] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 850.956406][T31278] ? __pfx_pfkey_sendmsg+0x10/0x10 [ 850.956427][T31278] __sock_sendmsg+0x219/0x270 [ 850.956456][T31278] ____sys_sendmsg+0x505/0x830 [ 850.956481][T31278] ? __pfx_____sys_sendmsg+0x10/0x10 [ 850.956518][T31278] ? import_iovec+0x74/0xa0 [ 850.956542][T31278] ___sys_sendmsg+0x21f/0x2a0 [ 850.956564][T31278] ? __pfx____sys_sendmsg+0x10/0x10 [ 850.956603][T31278] ? __fget_files+0x2a/0x420 [ 850.956620][T31278] ? __fget_files+0x3a0/0x420 [ 850.956642][T31278] __x64_sys_sendmsg+0x19b/0x260 [ 850.956664][T31278] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 850.956691][T31278] ? __pfx_ksys_write+0x10/0x10 [ 850.956715][T31278] ? rcu_is_watching+0x15/0xb0 [ 850.956737][T31278] ? rcu_is_watching+0x15/0xb0 [ 850.956757][T31278] do_syscall_64+0xfa/0x3b0 [ 850.956776][T31278] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 850.956796][T31278] ? clear_bhb_loop+0x60/0xb0 [ 850.956818][T31278] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 850.956837][T31278] RIP: 0033:0x7f0922f8ebe9 [ 850.956854][T31278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 850.956871][T31278] RSP: 002b:00007f0923ddc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 850.956893][T31278] RAX: ffffffffffffffda RBX: 00007f09231b5fa0 RCX: 00007f0922f8ebe9 [ 850.956908][T31278] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 850.956921][T31278] RBP: 00007f0923ddc090 R08: 0000000000000000 R09: 0000000000000000 [ 850.956933][T31278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 850.956945][T31278] R13: 00007f09231b6038 R14: 00007f09231b5fa0 R15: 00007ffec9dca378 [ 850.956969][T31278] [ 852.614627][T31294] veth69: left promiscuous mode [ 852.654898][T31306] syzkaller1: entered allmulticast mode [ 852.709164][T12119] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 852.754272][T12119] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 852.800893][T12119] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 852.833641][T31337] netlink: 32 bytes leftover after parsing attributes in process `syz.1.7480'. [ 852.842647][T12119] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 853.012429][T31348] netlink: 27 bytes leftover after parsing attributes in process `syz.4.7485'. [ 853.142300][T31357] FAULT_INJECTION: forcing a failure. [ 853.142300][T31357] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 853.160897][T31357] CPU: 0 UID: 0 PID: 31357 Comm: syz.3.7483 Not tainted syzkaller #0 PREEMPT(full) [ 853.160926][T31357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 853.160938][T31357] Call Trace: [ 853.160945][T31357] [ 853.160953][T31357] dump_stack_lvl+0x189/0x250 [ 853.160980][T31357] ? __pfx____ratelimit+0x10/0x10 [ 853.161008][T31357] ? __pfx_dump_stack_lvl+0x10/0x10 [ 853.161031][T31357] ? __pfx__printk+0x10/0x10 [ 853.161062][T31357] ? rcu_is_watching+0x15/0xb0 [ 853.161083][T31357] should_fail_ex+0x414/0x560 [ 853.161120][T31357] _copy_to_user+0x31/0xb0 [ 853.161143][T31357] simple_read_from_buffer+0xe1/0x170 [ 853.161175][T31357] proc_fail_nth_read+0x1b3/0x220 [ 853.161198][T31357] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 853.161222][T31357] ? rw_verify_area+0x2a6/0x4d0 [ 853.161247][T31357] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 853.161269][T31357] vfs_read+0x1fd/0xa30 [ 853.161293][T31357] ? fdget_pos+0x247/0x320 [ 853.161313][T31357] ? __pfx___mutex_lock+0x10/0x10 [ 853.161343][T31357] ? __pfx_vfs_read+0x10/0x10 [ 853.161372][T31357] ? __fget_files+0x3a0/0x420 [ 853.161389][T31357] ? __fget_files+0x2a/0x420 [ 853.161410][T31357] ksys_read+0x145/0x250 [ 853.161436][T31357] ? __pfx_ksys_read+0x10/0x10 [ 853.161459][T31357] ? fput+0xa0/0xd0 [ 853.161479][T31357] ? rcu_is_watching+0x15/0xb0 [ 853.161499][T31357] do_syscall_64+0xfa/0x3b0 [ 853.161517][T31357] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 853.161537][T31357] ? clear_bhb_loop+0x60/0xb0 [ 853.161559][T31357] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 853.161578][T31357] RIP: 0033:0x7feba938d5fc [ 853.161595][T31357] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 853.161613][T31357] RSP: 002b:00007febaa2e2030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 853.161633][T31357] RAX: ffffffffffffffda RBX: 00007feba95b5fa0 RCX: 00007feba938d5fc [ 853.161649][T31357] RDX: 000000000000000f RSI: 00007febaa2e20a0 RDI: 0000000000000004 [ 853.161661][T31357] RBP: 00007febaa2e2090 R08: 0000000000000000 R09: 0000000000000000 [ 853.161673][T31357] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001 [ 853.161684][T31357] R13: 00007feba95b6038 R14: 00007feba95b5fa0 R15: 00007ffc893bbd28 [ 853.161708][T31357] [ 853.432079][T31360] netlink: 324 bytes leftover after parsing attributes in process `syz.4.7489'. [ 853.518926][T31370] netlink: 24 bytes leftover after parsing attributes in process `syz.2.7490'. [ 853.662011][T31373] netlink: 28 bytes leftover after parsing attributes in process `syz.4.7493'. [ 853.696369][T31373] netlink: 28 bytes leftover after parsing attributes in process `syz.4.7493'. [ 853.721735][T31373] netlink: 28 bytes leftover after parsing attributes in process `syz.4.7493'. [ 853.731361][T31373] netlink: 28 bytes leftover after parsing attributes in process `syz.4.7493'. [ 853.812152][T31383] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7496'. [ 853.846800][T31383] macvtap0: entered promiscuous mode [ 853.859237][T31383] !: entered promiscuous mode [ 853.869481][T31383] macvtap0: entered allmulticast mode [ 853.885491][T31383] !: entered allmulticast mode [ 854.442892][T31414] syzkaller1: entered allmulticast mode [ 854.656079][T31437] openvswitch: netlink: Unexpected mask (mask=240, allowed=10048) [ 854.732433][T31441] netlink: 'syz.1.7518': attribute type 30 has an invalid length. [ 854.826472][T31441] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0) [ 854.901046][T31441] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255 [ 855.358988][T31468] FAULT_INJECTION: forcing a failure. [ 855.358988][T31468] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 855.401599][T31468] CPU: 0 UID: 0 PID: 31468 Comm: syz.3.7529 Not tainted syzkaller #0 PREEMPT(full) [ 855.401626][T31468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 855.401638][T31468] Call Trace: [ 855.401645][T31468] [ 855.401653][T31468] dump_stack_lvl+0x189/0x250 [ 855.401680][T31468] ? __pfx____ratelimit+0x10/0x10 [ 855.401708][T31468] ? __pfx_dump_stack_lvl+0x10/0x10 [ 855.401729][T31468] ? __pfx__printk+0x10/0x10 [ 855.401752][T31468] ? __might_fault+0xb0/0x130 [ 855.401781][T31468] ? rcu_is_watching+0x15/0xb0 [ 855.401820][T31468] should_fail_ex+0x414/0x560 [ 855.401851][T31468] _copy_from_user+0x2d/0xb0 [ 855.401876][T31468] ___sys_sendmsg+0x158/0x2a0 [ 855.401901][T31468] ? __pfx____sys_sendmsg+0x10/0x10 [ 855.401945][T31468] ? __fget_files+0x2a/0x420 [ 855.401973][T31468] ? __fget_files+0x3a0/0x420 [ 855.401993][T31468] __x64_sys_sendmsg+0x19b/0x260 [ 855.402014][T31468] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 855.402038][T31468] ? __pfx_ksys_write+0x10/0x10 [ 855.402061][T31468] ? rcu_is_watching+0x15/0xb0 [ 855.402080][T31468] ? rcu_is_watching+0x15/0xb0 [ 855.402098][T31468] do_syscall_64+0xfa/0x3b0 [ 855.402115][T31468] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 855.402133][T31468] ? clear_bhb_loop+0x60/0xb0 [ 855.402153][T31468] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 855.402170][T31468] RIP: 0033:0x7feba938ebe9 [ 855.402186][T31468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 855.402202][T31468] RSP: 002b:00007febaa2e2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 855.402223][T31468] RAX: ffffffffffffffda RBX: 00007feba95b5fa0 RCX: 00007feba938ebe9 [ 855.402237][T31468] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003 [ 855.402248][T31468] RBP: 00007febaa2e2090 R08: 0000000000000000 R09: 0000000000000000 [ 855.402260][T31468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 855.402271][T31468] R13: 00007feba95b6038 R14: 00007feba95b5fa0 R15: 00007ffc893bbd28 [ 855.402292][T31468] [ 855.703645][T31475] __nla_validate_parse: 6 callbacks suppressed [ 855.703666][T31475] netlink: 324 bytes leftover after parsing attributes in process `syz.0.7532'. [ 855.725723][T31477] FAULT_INJECTION: forcing a failure. [ 855.725723][T31477] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 855.778968][T31477] CPU: 1 UID: 0 PID: 31477 Comm: syz.1.7533 Not tainted syzkaller #0 PREEMPT(full) [ 855.778997][T31477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 855.779010][T31477] Call Trace: [ 855.779018][T31477] [ 855.779027][T31477] dump_stack_lvl+0x189/0x250 [ 855.779054][T31477] ? __pfx____ratelimit+0x10/0x10 [ 855.779081][T31477] ? __pfx_dump_stack_lvl+0x10/0x10 [ 855.779102][T31477] ? __pfx__printk+0x10/0x10 [ 855.779133][T31477] ? __might_fault+0xb0/0x130 [ 855.779163][T31477] ? rcu_is_watching+0x15/0xb0 [ 855.779183][T31477] should_fail_ex+0x414/0x560 [ 855.779209][T31477] _copy_from_iter+0x1db/0x16f0 [ 855.779229][T31477] ? rcu_is_watching+0x15/0xb0 [ 855.779247][T31477] ? kmem_cache_alloc_node_noprof+0x217/0x3c0 [ 855.779274][T31477] ? __pfx__copy_from_iter+0x10/0x10 [ 855.779292][T31477] ? __build_skb_around+0x257/0x3e0 [ 855.779322][T31477] ? netlink_sendmsg+0x642/0xb30 [ 855.779349][T31477] ? skb_put+0x11b/0x210 [ 855.779368][T31477] netlink_sendmsg+0x6b2/0xb30 [ 855.779400][T31477] ? __pfx_netlink_sendmsg+0x10/0x10 [ 855.779429][T31477] ? aa_sock_msg_perm+0xf1/0x1d0 [ 855.779447][T31477] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 855.779467][T31477] ? __pfx_netlink_sendmsg+0x10/0x10 [ 855.779495][T31477] __sock_sendmsg+0x219/0x270 [ 855.779520][T31477] ____sys_sendmsg+0x505/0x830 [ 855.779542][T31477] ? __pfx_____sys_sendmsg+0x10/0x10 [ 855.779565][T31477] ? import_iovec+0x74/0xa0 [ 855.779587][T31477] ___sys_sendmsg+0x21f/0x2a0 [ 855.779607][T31477] ? __pfx____sys_sendmsg+0x10/0x10 [ 855.779644][T31477] ? __fget_files+0x2a/0x420 [ 855.779660][T31477] ? __fget_files+0x3a0/0x420 [ 855.779681][T31477] __x64_sys_sendmsg+0x19b/0x260 [ 855.779701][T31477] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 855.779725][T31477] ? __pfx_ksys_write+0x10/0x10 [ 855.779748][T31477] ? rcu_is_watching+0x15/0xb0 [ 855.779768][T31477] ? rcu_is_watching+0x15/0xb0 [ 855.779787][T31477] do_syscall_64+0xfa/0x3b0 [ 855.779804][T31477] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 855.779822][T31477] ? clear_bhb_loop+0x60/0xb0 [ 855.779843][T31477] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 855.779861][T31477] RIP: 0033:0x7f156f18ebe9 [ 855.779877][T31477] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 855.779894][T31477] RSP: 002b:00007f1570017038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 855.779913][T31477] RAX: ffffffffffffffda RBX: 00007f156f3b5fa0 RCX: 00007f156f18ebe9 [ 855.779927][T31477] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003 [ 855.779939][T31477] RBP: 00007f1570017090 R08: 0000000000000000 R09: 0000000000000000 [ 855.779951][T31477] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 855.779962][T31477] R13: 00007f156f3b6038 R14: 00007f156f3b5fa0 R15: 00007ffe3b857f88 [ 855.779984][T31477] [ 856.098001][T31483] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7535'. [ 856.228393][T31488] netlink: 'syz.0.7539': attribute type 1 has an invalid length. [ 856.299894][T31486] netlink: 1041 bytes leftover after parsing attributes in process `syz.3.7538'. [ 856.315216][T31489] veth71: entered promiscuous mode [ 856.331157][T31490] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7538'. [ 856.366474][T31490] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7538'. [ 856.423132][T31495] netlink: 316 bytes leftover after parsing attributes in process `syz.0.7541'. [ 856.563804][T31507] FAULT_INJECTION: forcing a failure. [ 856.563804][T31507] name failslab, interval 1, probability 0, space 0, times 0 [ 856.584238][T31507] CPU: 0 UID: 0 PID: 31507 Comm: syz.3.7545 Not tainted syzkaller #0 PREEMPT(full) [ 856.584268][T31507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 856.584282][T31507] Call Trace: [ 856.584290][T31507] [ 856.584299][T31507] dump_stack_lvl+0x189/0x250 [ 856.584328][T31507] ? __pfx____ratelimit+0x10/0x10 [ 856.584356][T31507] ? __pfx_dump_stack_lvl+0x10/0x10 [ 856.584379][T31507] ? __pfx__printk+0x10/0x10 [ 856.584407][T31507] ? fs_reclaim_acquire+0x7d/0x100 [ 856.584437][T31507] ? rcu_is_watching+0x15/0xb0 [ 856.584456][T31507] ? __pfx___might_resched+0x10/0x10 [ 856.584474][T31507] ? lock_acquire+0x5f/0x360 [ 856.584504][T31507] should_fail_ex+0x414/0x560 [ 856.584532][T31507] should_failslab+0xa8/0x100 [ 856.584561][T31507] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 856.584588][T31507] ? __alloc_skb+0x112/0x2d0 [ 856.584609][T31507] __alloc_skb+0x112/0x2d0 [ 856.584628][T31507] nbd_genl_status+0xfa/0x530 [ 856.584657][T31507] ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0 [ 856.584682][T31507] ? genl_family_rcv_msg_attrs_parse+0x212/0x2a0 [ 856.584711][T31507] genl_family_rcv_msg_doit+0x212/0x300 [ 856.584739][T31507] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 856.584770][T31507] ? stack_trace_save+0x9c/0xe0 [ 856.584816][T31507] genl_rcv_msg+0x60e/0x790 [ 856.584843][T31507] ? __pfx_genl_rcv_msg+0x10/0x10 [ 856.584865][T31507] ? do_raw_spin_lock+0x121/0x290 [ 856.584887][T31507] ? __pfx_nbd_genl_status+0x10/0x10 [ 856.584935][T31507] ? __netlink_lookup+0xbd/0x810 [ 856.584952][T31507] ? rcu_is_watching+0x15/0xb0 [ 856.584978][T31507] netlink_rcv_skb+0x208/0x470 [ 856.585010][T31507] ? __pfx_genl_rcv_msg+0x10/0x10 [ 856.585035][T31507] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 856.585072][T31507] ? lock_release+0x4b/0x3e0 [ 856.585104][T31507] ? down_read+0x1ad/0x2e0 [ 856.585127][T31507] genl_rcv+0x28/0x40 [ 856.585148][T31507] netlink_unicast+0x82f/0x9e0 [ 856.585181][T31507] ? __pfx_netlink_unicast+0x10/0x10 [ 856.585211][T31507] ? netlink_sendmsg+0x642/0xb30 [ 856.585245][T31507] netlink_sendmsg+0x805/0xb30 [ 856.585285][T31507] ? __pfx_netlink_sendmsg+0x10/0x10 [ 856.585319][T31507] ? aa_sock_msg_perm+0xf1/0x1d0 [ 856.585339][T31507] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 856.585362][T31507] ? __pfx_netlink_sendmsg+0x10/0x10 [ 856.585393][T31507] __sock_sendmsg+0x219/0x270 [ 856.585423][T31507] ____sys_sendmsg+0x505/0x830 [ 856.585448][T31507] ? __pfx_____sys_sendmsg+0x10/0x10 [ 856.585468][T31507] ? __might_fault+0xb0/0x130 [ 856.585502][T31507] ? import_iovec+0x74/0xa0 [ 856.585527][T31507] ___sys_sendmsg+0x21f/0x2a0 [ 856.585550][T31507] ? __pfx____sys_sendmsg+0x10/0x10 [ 856.585591][T31507] ? __fget_files+0x2a/0x420 [ 856.585609][T31507] ? __fget_files+0x3a0/0x420 [ 856.585633][T31507] __x64_sys_sendmsg+0x19b/0x260 [ 856.585657][T31507] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 856.585685][T31507] ? __pfx_ksys_write+0x10/0x10 [ 856.585711][T31507] ? rcu_is_watching+0x15/0xb0 [ 856.585734][T31507] ? rcu_is_watching+0x15/0xb0 [ 856.585756][T31507] do_syscall_64+0xfa/0x3b0 [ 856.585775][T31507] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 856.585796][T31507] ? clear_bhb_loop+0x60/0xb0 [ 856.585827][T31507] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 856.585847][T31507] RIP: 0033:0x7feba938ebe9 [ 856.585865][T31507] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 856.585884][T31507] RSP: 002b:00007febaa2e2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 856.585908][T31507] RAX: ffffffffffffffda RBX: 00007feba95b5fa0 RCX: 00007feba938ebe9 [ 856.585924][T31507] RDX: 0000000000008090 RSI: 0000200000000780 RDI: 0000000000000004 [ 856.585938][T31507] RBP: 00007febaa2e2090 R08: 0000000000000000 R09: 0000000000000000 [ 856.585952][T31507] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 856.585977][T31507] R13: 00007feba95b6038 R14: 00007feba95b5fa0 R15: 00007ffc893bbd28 [ 856.586001][T31507] [ 857.113575][T31514] netlink: 324 bytes leftover after parsing attributes in process `syz.0.7549'. [ 857.632011][T31536] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7554'. [ 857.814570][T31543] netlink: 28 bytes leftover after parsing attributes in process `syz.4.7557'. [ 858.102927][T31553] netlink: 'syz.4.7560': attribute type 1 has an invalid length. [ 858.135395][T31553] 8021q: adding VLAN 0 to HW filter on device bond51 [ 858.153736][T31556] netlink: 316 bytes leftover after parsing attributes in process `syz.1.7561'. [ 858.250618][T31563] openvswitch: netlink: Unexpected mask (mask=240, allowed=10048) [ 859.628086][T31624] IPVS: fo: UDP 224.0.0.2:0 - no destination available [ 859.667981][T31629] veth67: entered promiscuous mode [ 860.018644][T31655] openvswitch: netlink: Unexpected mask (mask=240, allowed=10048) [ 860.029244][T31657] netlink: 'syz.2.7597': attribute type 10 has an invalid length. [ 860.686801][T31692] tipc: Enabling of bearer rejected, already enabled [ 860.873561][T31707] __nla_validate_parse: 7 callbacks suppressed [ 860.873583][T31707] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7614'. [ 860.893673][T31707] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7614'. [ 860.953612][T31710] openvswitch: netlink: Missing key (keys=40, expected=2000) [ 861.081220][T31722] syzkaller1: entered allmulticast mode [ 861.927127][T31742] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma? [ 862.083908][T31753] FAULT_INJECTION: forcing a failure. [ 862.083908][T31753] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 862.153502][T31757] netlink: 'syz.3.7627': attribute type 11 has an invalid length. [ 862.169905][T31753] CPU: 1 UID: 0 PID: 31753 Comm: syz.2.7628 Not tainted syzkaller #0 PREEMPT(full) [ 862.169935][T31753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 862.169948][T31753] Call Trace: [ 862.169956][T31753] [ 862.169965][T31753] dump_stack_lvl+0x189/0x250 [ 862.169993][T31753] ? __pfx____ratelimit+0x10/0x10 [ 862.170022][T31753] ? __pfx_dump_stack_lvl+0x10/0x10 [ 862.170045][T31753] ? __pfx__printk+0x10/0x10 [ 862.170070][T31753] ? __might_fault+0xb0/0x130 [ 862.170097][T31753] ? lock_acquire+0x5f/0x360 [ 862.170127][T31753] ? rcu_is_watching+0x15/0xb0 [ 862.170148][T31753] should_fail_ex+0x414/0x560 [ 862.170177][T31753] _copy_to_user+0x31/0xb0 [ 862.170201][T31753] bpf_vlog_reverse_ubuf+0x29f/0x410 [ 862.170232][T31753] bpf_vlog_finalize+0x1cd/0x400 [ 862.170261][T31753] btf_new_fd+0x481/0xc90 [ 862.170282][T31753] ? apparmor_capable+0x137/0x1b0 [ 862.170309][T31753] ? __pfx_btf_new_fd+0x10/0x10 [ 862.170331][T31753] ? bpf_token_put+0x143/0x160 [ 862.170358][T31753] ? bpf_btf_load+0x126/0x190 [ 862.170386][T31753] __sys_bpf+0x406/0x870 [ 862.170412][T31753] ? __pfx___sys_bpf+0x10/0x10 [ 862.170454][T31753] ? ksys_write+0x22a/0x250 [ 862.170479][T31753] ? __pfx_ksys_write+0x10/0x10 [ 862.170506][T31753] __x64_sys_bpf+0x7c/0x90 [ 862.170528][T31753] do_syscall_64+0xfa/0x3b0 [ 862.170545][T31753] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 862.170563][T31753] ? clear_bhb_loop+0x60/0xb0 [ 862.170583][T31753] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 862.170601][T31753] RIP: 0033:0x7f0922f8ebe9 [ 862.170617][T31753] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 862.170634][T31753] RSP: 002b:00007f0923ddc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 862.170661][T31753] RAX: ffffffffffffffda RBX: 00007f09231b5fa0 RCX: 00007f0922f8ebe9 [ 862.170674][T31753] RDX: 0000000000000028 RSI: 0000200000000140 RDI: 0000000000000012 [ 862.170686][T31753] RBP: 00007f0923ddc090 R08: 0000000000000000 R09: 0000000000000000 [ 862.170697][T31753] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 862.170709][T31753] R13: 00007f09231b6038 R14: 00007f09231b5fa0 R15: 00007ffec9dca378 [ 862.170731][T31753] [ 862.187298][T31757] netlink: 44 bytes leftover after parsing attributes in process `syz.3.7627'. [ 862.680911][T31775] netlink: 324 bytes leftover after parsing attributes in process `syz.0.7633'. [ 862.975029][T31793] FAULT_INJECTION: forcing a failure. [ 862.975029][T31793] name failslab, interval 1, probability 0, space 0, times 0 [ 862.989713][T31793] CPU: 0 UID: 0 PID: 31793 Comm: syz.2.7639 Not tainted syzkaller #0 PREEMPT(full) [ 862.989739][T31793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 862.989751][T31793] Call Trace: [ 862.989759][T31793] [ 862.989767][T31793] dump_stack_lvl+0x189/0x250 [ 862.989792][T31793] ? __pfx____ratelimit+0x10/0x10 [ 862.989820][T31793] ? __pfx_dump_stack_lvl+0x10/0x10 [ 862.989841][T31793] ? __pfx__printk+0x10/0x10 [ 862.989868][T31793] ? fs_reclaim_acquire+0x7d/0x100 [ 862.989896][T31793] ? rcu_is_watching+0x15/0xb0 [ 862.989914][T31793] ? __pfx___might_resched+0x10/0x10 [ 862.989931][T31793] ? lock_acquire+0x5f/0x360 [ 862.989958][T31793] should_fail_ex+0x414/0x560 [ 862.989984][T31793] should_failslab+0xa8/0x100 [ 862.990011][T31793] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 862.990036][T31793] ? __alloc_skb+0x112/0x2d0 [ 862.990051][T31793] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 862.990080][T31793] __alloc_skb+0x112/0x2d0 [ 862.990098][T31793] pfkey_sendmsg+0x1dd/0x1090 [ 862.990115][T31793] ? mntput_no_expire+0xb9/0x9d0 [ 862.990139][T31793] ? rcu_is_watching+0x15/0xb0 [ 862.990156][T31793] ? __pfx___might_resched+0x10/0x10 [ 862.990172][T31793] ? unwind_next_frame+0xa5/0x2390 [ 862.990194][T31793] ? rcu_is_watching+0x15/0xb0 [ 862.990212][T31793] ? __pfx_pfkey_sendmsg+0x10/0x10 [ 862.990229][T31793] ? rcu_is_watching+0x15/0xb0 [ 862.990249][T31793] ? aa_sk_perm+0x81e/0x950 [ 862.990277][T31793] ? __pfx_aa_sk_perm+0x10/0x10 [ 862.990301][T31793] ? tomoyo_socket_sendmsg_permission+0x1e1/0x300 [ 862.990324][T31793] ? aa_sock_msg_perm+0xf1/0x1d0 [ 862.990347][T31793] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 862.990367][T31793] ? __pfx_pfkey_sendmsg+0x10/0x10 [ 862.990384][T31793] __sock_sendmsg+0x219/0x270 [ 862.990410][T31793] ____sys_sendmsg+0x505/0x830 [ 862.990431][T31793] ? __pfx_____sys_sendmsg+0x10/0x10 [ 862.990455][T31793] ? import_iovec+0x74/0xa0 [ 862.990478][T31793] ___sys_sendmsg+0x21f/0x2a0 [ 862.990498][T31793] ? __pfx____sys_sendmsg+0x10/0x10 [ 862.990535][T31793] ? __fget_files+0x2a/0x420 [ 862.990551][T31793] ? __fget_files+0x3a0/0x420 [ 862.990571][T31793] __x64_sys_sendmsg+0x19b/0x260 [ 862.990592][T31793] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 862.990616][T31793] ? __pfx_ksys_write+0x10/0x10 [ 862.990639][T31793] ? rcu_is_watching+0x15/0xb0 [ 862.990659][T31793] ? rcu_is_watching+0x15/0xb0 [ 862.990678][T31793] do_syscall_64+0xfa/0x3b0 [ 862.990695][T31793] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 862.990713][T31793] ? clear_bhb_loop+0x60/0xb0 [ 862.990734][T31793] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 862.990757][T31793] RIP: 0033:0x7f0922f8ebe9 [ 862.990773][T31793] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 862.990789][T31793] RSP: 002b:00007f0923ddc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 862.990808][T31793] RAX: ffffffffffffffda RBX: 00007f09231b5fa0 RCX: 00007f0922f8ebe9 [ 862.990822][T31793] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 862.990834][T31793] RBP: 00007f0923ddc090 R08: 0000000000000000 R09: 0000000000000000 [ 862.990845][T31793] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 862.990856][T31793] R13: 00007f09231b6038 R14: 00007f09231b5fa0 R15: 00007ffec9dca378 [ 862.990876][T31793] [ 863.113123][T31781] netlink: 16 bytes leftover after parsing attributes in process `syz.1.7635'. [ 863.334391][T31781] openvswitch: netlink: Flow actions attr not present in new flow. [ 863.596543][T31814] FAULT_INJECTION: forcing a failure. [ 863.596543][T31814] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 863.612788][T31816] netlink: 28 bytes leftover after parsing attributes in process `syz.4.7647'. [ 863.627990][T31816] netlink: 28 bytes leftover after parsing attributes in process `syz.4.7647'. [ 863.653498][T31814] CPU: 1 UID: 0 PID: 31814 Comm: syz.0.7646 Not tainted syzkaller #0 PREEMPT(full) [ 863.653528][T31814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 863.653541][T31814] Call Trace: [ 863.653549][T31814] [ 863.653558][T31814] dump_stack_lvl+0x189/0x250 [ 863.653588][T31814] ? __pfx____ratelimit+0x10/0x10 [ 863.653616][T31814] ? __pfx_dump_stack_lvl+0x10/0x10 [ 863.653638][T31814] ? __pfx__printk+0x10/0x10 [ 863.653664][T31814] ? __might_fault+0xb0/0x130 [ 863.653695][T31814] ? rcu_is_watching+0x15/0xb0 [ 863.653716][T31814] should_fail_ex+0x414/0x560 [ 863.653768][T31814] _copy_from_user+0x2d/0xb0 [ 863.653793][T31814] btf_new_fd+0x33a/0xc90 [ 863.653815][T31814] ? apparmor_capable+0x137/0x1b0 [ 863.653846][T31814] ? __pfx_btf_new_fd+0x10/0x10 [ 863.653869][T31814] ? bpf_token_put+0x143/0x160 [ 863.653898][T31814] ? bpf_btf_load+0x126/0x190 [ 863.653928][T31814] __sys_bpf+0x406/0x870 [ 863.653956][T31814] ? __pfx___sys_bpf+0x10/0x10 [ 863.653990][T31814] ? ksys_write+0x22a/0x250 [ 863.654018][T31814] ? __pfx_ksys_write+0x10/0x10 [ 863.654043][T31814] ? rcu_is_watching+0x15/0xb0 [ 863.654068][T31814] __x64_sys_bpf+0x7c/0x90 [ 863.654093][T31814] do_syscall_64+0xfa/0x3b0 [ 863.654111][T31814] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 863.654132][T31814] ? clear_bhb_loop+0x60/0xb0 [ 863.654156][T31814] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 863.654176][T31814] RIP: 0033:0x7f88d0d8ebe9 [ 863.654194][T31814] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 863.654213][T31814] RSP: 002b:00007f88d1b45038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 863.654236][T31814] RAX: ffffffffffffffda RBX: 00007f88d0fb5fa0 RCX: 00007f88d0d8ebe9 [ 863.654251][T31814] RDX: 0000000000000028 RSI: 0000200000000400 RDI: 0000000000000012 [ 863.654265][T31814] RBP: 00007f88d1b45090 R08: 0000000000000000 R09: 0000000000000000 [ 863.654278][T31814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 863.654291][T31814] R13: 00007f88d0fb6038 R14: 00007f88d0fb5fa0 R15: 00007fff1b875758 [ 863.654323][T31814] [ 863.654833][T31818] vlan3: entered allmulticast mode [ 863.875809][T31818] bridge_slave_0: entered allmulticast mode [ 863.902016][T31816] netlink: 28 bytes leftover after parsing attributes in process `syz.4.7647'. [ 863.911648][T31816] netlink: 28 bytes leftover after parsing attributes in process `syz.4.7647'. [ 864.033695][T31830] FAULT_INJECTION: forcing a failure. [ 864.033695][T31830] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 864.054117][T31830] CPU: 0 UID: 0 PID: 31830 Comm: syz.1.7652 Not tainted syzkaller #0 PREEMPT(full) [ 864.054147][T31830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 864.054160][T31830] Call Trace: [ 864.054168][T31830] [ 864.054177][T31830] dump_stack_lvl+0x189/0x250 [ 864.054206][T31830] ? __pfx____ratelimit+0x10/0x10 [ 864.054235][T31830] ? __pfx_dump_stack_lvl+0x10/0x10 [ 864.054258][T31830] ? __pfx__printk+0x10/0x10 [ 864.054283][T31830] ? __might_fault+0xb0/0x130 [ 864.054315][T31830] ? rcu_is_watching+0x15/0xb0 [ 864.054337][T31830] should_fail_ex+0x414/0x560 [ 864.054365][T31830] _copy_from_iter+0x1db/0x16f0 [ 864.054387][T31830] ? rcu_is_watching+0x15/0xb0 [ 864.054410][T31830] ? kmem_cache_alloc_node_noprof+0x217/0x3c0 [ 864.054438][T31830] ? __pfx__copy_from_iter+0x10/0x10 [ 864.054476][T31830] ? __build_skb_around+0x257/0x3e0 [ 864.054510][T31830] ? netlink_sendmsg+0x642/0xb30 [ 864.054552][T31830] ? skb_put+0x11b/0x210 [ 864.054574][T31830] netlink_sendmsg+0x6b2/0xb30 [ 864.054612][T31830] ? __pfx_netlink_sendmsg+0x10/0x10 [ 864.054662][T31830] ? aa_sock_msg_perm+0xf1/0x1d0 [ 864.054690][T31830] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 864.054713][T31830] ? __pfx_netlink_sendmsg+0x10/0x10 [ 864.054745][T31830] __sock_sendmsg+0x219/0x270 [ 864.054774][T31830] ____sys_sendmsg+0x505/0x830 [ 864.054799][T31830] ? __pfx_____sys_sendmsg+0x10/0x10 [ 864.054826][T31830] ? import_iovec+0x74/0xa0 [ 864.054851][T31830] ___sys_sendmsg+0x21f/0x2a0 [ 864.054873][T31830] ? __pfx____sys_sendmsg+0x10/0x10 [ 864.054917][T31830] ? __fget_files+0x2a/0x420 [ 864.054935][T31830] ? __fget_files+0x3a0/0x420 [ 864.054958][T31830] __x64_sys_sendmsg+0x19b/0x260 [ 864.054982][T31830] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 864.055011][T31830] ? __pfx_ksys_write+0x10/0x10 [ 864.055037][T31830] ? rcu_is_watching+0x15/0xb0 [ 864.055060][T31830] ? rcu_is_watching+0x15/0xb0 [ 864.055094][T31830] do_syscall_64+0xfa/0x3b0 [ 864.055134][T31830] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 864.055156][T31830] ? clear_bhb_loop+0x60/0xb0 [ 864.055180][T31830] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 864.055201][T31830] RIP: 0033:0x7f156f18ebe9 [ 864.055220][T31830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 864.055240][T31830] RSP: 002b:00007f1570017038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 864.055263][T31830] RAX: ffffffffffffffda RBX: 00007f156f3b5fa0 RCX: 00007f156f18ebe9 [ 864.055279][T31830] RDX: 0000000020048084 RSI: 0000200000000000 RDI: 0000000000000003 [ 864.055294][T31830] RBP: 00007f1570017090 R08: 0000000000000000 R09: 0000000000000000 [ 864.055308][T31830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 864.055321][T31830] R13: 00007f156f3b6038 R14: 00007f156f3b5fa0 R15: 00007ffe3b857f88 [ 864.055347][T31830] [ 864.409497][T31836] tipc: Enabling of bearer rejected, already enabled [ 864.419700][T31836] syzkaller0: entered promiscuous mode [ 864.425613][T31836] syzkaller0: entered allmulticast mode [ 864.514202][T31836] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7655'. [ 864.680620][T31847] sit0: left promiscuous mode [ 864.691863][T31847] vlan0: left promiscuous mode [ 864.703257][T31847] vlan0: left allmulticast mode [ 864.708179][T31847] veth0_vlan: left allmulticast mode [ 864.772416][T31847] veth71: left promiscuous mode [ 864.856044][T31847] !: left allmulticast mode [ 864.870902][T31847] !: left promiscuous mode [ 864.896071][T31866] sctp: [Deprecated]: syz.0.7664 (pid 31866) Use of struct sctp_assoc_value in delayed_ack socket option. [ 864.896071][T31866] Use struct sctp_sack_info instead [ 864.917070][T31847] macvtap1: left promiscuous mode [ 864.968568][T31869] openvswitch: netlink: Unexpected mask (mask=240, allowed=10048) [ 864.981909][T31847] macvtap1: left allmulticast mode [ 865.047747][T31866] workqueue: name exceeds WQ_NAME_LEN. Truncating to: žÀ^–>º>ùMv^µâ侦¸ÑKc'A¥»– [ 865.210462][T31861] mac80211_hwsim hwsim7 wlan0: entered promiscuous mode [ 865.293097][T31861] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 865.500595][T31902] openvswitch: netlink: Unexpected mask (mask=240, allowed=10048) [ 865.765930][ T124] block nbd2: Possible stuck request ffff888024f65080: control (read@0,1024B). Runtime 60 seconds [ 865.777107][ T124] block nbd2: Possible stuck request ffff888024f65240: control (read@1024,1024B). Runtime 60 seconds [ 865.788492][ T124] block nbd2: Possible stuck request ffff888024f65400: control (read@2048,1024B). Runtime 60 seconds [ 865.799689][ T124] block nbd2: Possible stuck request ffff888024f655c0: control (read@3072,1024B). Runtime 60 seconds [ 866.014452][T31932] __nla_validate_parse: 12 callbacks suppressed [ 866.014473][T31932] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7687'. [ 866.311877][T31939] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7690'. [ 866.328117][T31939] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7690'. [ 866.371999][T31939] ip6tnl2: entered promiscuous mode [ 866.407266][T31939] ip6tnl2: entered allmulticast mode [ 866.459493][T31944] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7692'. [ 866.653706][T31944] 8021q: adding VLAN 0 to HW filter on device bond52 [ 866.743977][T31953] veth69: entered promiscuous mode [ 866.768104][T31965] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7696'. [ 866.771451][T31953] bond52: (slave veth69): Enslaving as an active interface with an up link [ 867.238027][T31988] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7704'. [ 867.253665][T32000] FAULT_INJECTION: forcing a failure. [ 867.253665][T32000] name failslab, interval 1, probability 0, space 0, times 0 [ 867.267013][T31988] openvswitch: netlink: Flow actions attr not present in new flow. [ 867.276596][T31987] tipc: Enabling of bearer rejected, already enabled [ 867.286160][T32000] CPU: 1 UID: 0 PID: 32000 Comm: syz.0.7709 Not tainted syzkaller #0 PREEMPT(full) [ 867.286206][T32000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 867.286220][T32000] Call Trace: [ 867.286228][T32000] [ 867.286239][T32000] dump_stack_lvl+0x189/0x250 [ 867.286268][T32000] ? __pfx____ratelimit+0x10/0x10 [ 867.286300][T32000] ? __pfx_dump_stack_lvl+0x10/0x10 [ 867.286324][T32000] ? __pfx__printk+0x10/0x10 [ 867.286356][T32000] ? __pfx___might_resched+0x10/0x10 [ 867.286375][T32000] ? lock_acquire+0x5f/0x360 [ 867.286407][T32000] should_fail_ex+0x414/0x560 [ 867.286436][T32000] should_failslab+0xa8/0x100 [ 867.286468][T32000] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 867.286497][T32000] ? __pfx_stack_trace_save+0x10/0x10 [ 867.286522][T32000] ? __alloc_skb+0x112/0x2d0 [ 867.286543][T32000] __alloc_skb+0x112/0x2d0 [ 867.286564][T32000] netlink_ack+0x146/0xa50 [ 867.286603][T32000] ? kasan_save_track+0x3e/0x80 [ 867.286625][T32000] ? __kasan_slab_alloc+0x6c/0x80 [ 867.286649][T32000] ? kmem_cache_alloc_node_noprof+0x1bb/0x3c0 [ 867.286677][T32000] ? __netlink_lookup+0xbd/0x810 [ 867.286694][T32000] ? rcu_is_watching+0x15/0xb0 [ 867.286718][T32000] netlink_rcv_skb+0x28c/0x470 [ 867.286747][T32000] ? __pfx_genl_rcv_msg+0x10/0x10 [ 867.286770][T32000] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 867.286805][T32000] ? lock_release+0x4b/0x3e0 [ 867.286835][T32000] ? down_read+0x1ad/0x2e0 [ 867.286855][T32000] genl_rcv+0x28/0x40 [ 867.286874][T32000] netlink_unicast+0x82f/0x9e0 [ 867.286905][T32000] ? __pfx_netlink_unicast+0x10/0x10 [ 867.286932][T32000] ? netlink_sendmsg+0x642/0xb30 [ 867.286960][T32000] ? skb_put+0x11b/0x210 [ 867.286980][T32000] netlink_sendmsg+0x805/0xb30 [ 867.287014][T32000] ? __pfx_netlink_sendmsg+0x10/0x10 [ 867.287056][T32000] ? aa_sock_msg_perm+0xf1/0x1d0 [ 867.287075][T32000] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 867.287097][T32000] ? __pfx_netlink_sendmsg+0x10/0x10 [ 867.287127][T32000] __sock_sendmsg+0x219/0x270 [ 867.287154][T32000] ____sys_sendmsg+0x505/0x830 [ 867.287182][T32000] ? __pfx_____sys_sendmsg+0x10/0x10 [ 867.287207][T32000] ? import_iovec+0x74/0xa0 [ 867.287232][T32000] ___sys_sendmsg+0x21f/0x2a0 [ 867.287253][T32000] ? __pfx____sys_sendmsg+0x10/0x10 [ 867.287293][T32000] ? __fget_files+0x2a/0x420 [ 867.287310][T32000] ? __fget_files+0x3a0/0x420 [ 867.287332][T32000] __x64_sys_sendmsg+0x19b/0x260 [ 867.287355][T32000] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 867.287381][T32000] ? __pfx_ksys_write+0x10/0x10 [ 867.287410][T32000] ? rcu_is_watching+0x15/0xb0 [ 867.287431][T32000] do_syscall_64+0xfa/0x3b0 [ 867.287449][T32000] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 867.287469][T32000] ? clear_bhb_loop+0x60/0xb0 [ 867.287491][T32000] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 867.287510][T32000] RIP: 0033:0x7f88d0d8ebe9 [ 867.287528][T32000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 867.287545][T32000] RSP: 002b:00007f88d1b24038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 867.287566][T32000] RAX: ffffffffffffffda RBX: 00007f88d0fb6090 RCX: 00007f88d0d8ebe9 [ 867.287581][T32000] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003 [ 867.287593][T32000] RBP: 00007f88d1b24090 R08: 0000000000000000 R09: 0000000000000000 [ 867.287606][T32000] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 867.287618][T32000] R13: 00007f88d0fb6128 R14: 00007f88d0fb6090 R15: 00007fff1b875758 [ 867.287641][T32000] [ 867.288651][T31987] mac80211_hwsim hwsim11 syzkaller0: entered promiscuous mode [ 867.644852][T31987] mac80211_hwsim hwsim11 syzkaller0: entered allmulticast mode [ 867.713443][T32015] openvswitch: netlink: Unexpected mask (mask=240, allowed=10048) [ 867.720256][T31987] tipc: Resetting bearer [ 867.879400][T32023] netlink: 268 bytes leftover after parsing attributes in process `syz.3.7717'. [ 867.944761][T32023] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7717'. [ 867.976811][T32032] netlink: 256 bytes leftover after parsing attributes in process `syz.2.7721'. [ 868.034687][T32032] netlink: 20 bytes leftover after parsing attributes in process `syz.2.7721'. [ 868.251599][T32049] openvswitch: netlink: Flow actions attr not present in new flow. [ 868.327912][ T31] INFO: task udevd:14174 blocked for more than 143 seconds. [ 868.344525][T32057] sctp: [Deprecated]: syz.1.7729 (pid 32057) Use of int in max_burst socket option. [ 868.344525][T32057] Use struct sctp_assoc_value instead [ 868.369745][ T31] Not tainted syzkaller #0 [ 868.379872][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 868.396888][ T31] task:udevd state:D stack:22760 pid:14174 tgid:14174 ppid:5230 task_flags:0x400140 flags:0x00004006 [ 868.440637][ T31] Call Trace: [ 868.447461][ T31] [ 868.454221][ T31] __schedule+0x1798/0x4cc0 [ 868.464406][ T31] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 868.482373][ T31] ? __pfx___schedule+0x10/0x10 [ 868.492959][ T31] ? do_raw_spin_lock+0x121/0x290 [ 868.503028][ T31] ? schedule+0x91/0x360 [ 868.516061][ T31] ? rcu_is_watching+0x15/0xb0 [ 868.529699][ T31] ? rcu_is_watching+0x15/0xb0 [ 868.540402][ T31] ? lock_release+0x4b/0x3e0 [ 868.550839][ T31] schedule+0x165/0x360 [ 868.559600][ T31] io_schedule+0x80/0xd0 [ 868.569907][ T31] folio_wait_bit_common+0x6b0/0xb90 [ 868.582299][ T31] ? lock_release+0x4b/0x3e0 [ 868.589836][ T31] ? __pfx_folio_wait_bit_common+0x10/0x10 [ 868.595863][ T31] ? __pfx_wake_page_function+0x10/0x10 [ 868.603358][ T31] ? __filemap_get_folio+0x760/0xaf0 [ 868.609371][ T31] ? do_read_cache_folio+0x4e9/0x590 [ 868.614992][ T31] do_read_cache_folio+0x1aa/0x590 [ 868.620258][ T31] ? __pfx_blkdev_read_folio+0x10/0x10 [ 868.626070][ T31] read_part_sector+0xb6/0x2b0 [ 868.631050][ T31] adfspart_check_POWERTEC+0x8c/0xf30 [ 868.636698][ T31] ? __pfx_adfspart_check_ICS+0x10/0x10 [ 868.642466][ T31] ? __pfx_adfspart_check_POWERTEC+0x10/0x10 [ 868.648741][ T31] bdev_disk_changed+0x75f/0x14b0 [ 868.654080][ T31] ? __pfx_bdev_disk_changed+0x10/0x10 [ 868.659801][ T31] ? wait_on_inode+0xc0/0x230 [ 868.664754][ T31] blkdev_get_whole+0x380/0x510 [ 868.669931][ T31] bdev_open+0x31e/0xd30 [ 868.674600][ T31] blkdev_open+0x3a8/0x510 [ 868.679169][ T31] ? __pfx_blkdev_open+0x10/0x10 [ 868.684405][ T31] do_dentry_open+0x950/0x13f0 [ 868.689310][ T31] vfs_open+0x3b/0x340 [ 868.693763][ T31] ? path_openat+0x2ecd/0x3830 [ 868.698814][ T31] path_openat+0x2ee5/0x3830 [ 868.703675][ T31] ? arch_stack_walk+0xfc/0x150 [ 868.708691][ T31] ? stack_depot_save_flags+0x40/0x860 [ 868.714520][ T31] ? __pfx_path_openat+0x10/0x10 [ 868.719721][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 868.728811][ T31] do_filp_open+0x1fa/0x410 [ 868.733636][ T31] ? __pfx_do_filp_open+0x10/0x10 [ 868.738831][ T31] ? _raw_spin_unlock+0x28/0x50 [ 868.744045][ T31] ? alloc_fd+0x64c/0x6c0 [ 868.748531][ T31] do_sys_openat2+0x121/0x1c0 [ 868.753365][ T31] ? __pfx___x64_sys_recvmsg+0x10/0x10 [ 868.759080][ T31] ? __pfx_do_sys_openat2+0x10/0x10 [ 868.764599][ T31] ? rcu_is_watching+0x15/0xb0 [ 868.769649][ T31] __x64_sys_openat+0x138/0x170 [ 868.774665][ T31] do_syscall_64+0xfa/0x3b0 [ 868.779292][ T31] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 868.819970][ T31] ? clear_bhb_loop+0x60/0xb0 [ 868.830668][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 868.843556][ T31] RIP: 0033:0x7fb930aa7407 [ 868.852399][ T31] RSP: 002b:00007ffe17ad8020 EFLAGS: 00000202 ORIG_RAX: 0000000000000101 [ 868.869698][ T31] RAX: ffffffffffffffda RBX: 00007fb931169880 RCX: 00007fb930aa7407 [ 868.887046][ T31] RDX: 00000000000a0800 RSI: 000056389c258010 RDI: ffffffffffffff9c [ 868.904332][ T31] RBP: 000056389c248910 R08: 0000000000000000 R09: 0000000000000000 [ 868.921128][ T31] R10: 0000000000000000 R11: 0000000000000202 R12: 000056389c26cbc0 [ 868.937942][ T31] R13: 000056389c256190 R14: 0000000000000000 R15: 000056389c26cbc0 [ 868.946179][ T31] [ 868.949398][ T31] INFO: lockdep is turned off. [ 868.954524][ T31] NMI backtrace for cpu 1 [ 868.954543][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) [ 868.954567][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 868.954581][ T31] Call Trace: [ 868.954589][ T31] [ 868.954599][ T31] dump_stack_lvl+0x189/0x250 [ 868.954631][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 868.954657][ T31] ? __pfx__printk+0x10/0x10 [ 868.954693][ T31] nmi_cpu_backtrace+0x39e/0x3d0 [ 868.954721][ T31] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 868.954748][ T31] ? __pfx__printk+0x10/0x10 [ 868.954779][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 868.954813][ T31] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 868.954841][ T31] watchdog+0xf93/0xfe0 [ 868.954872][ T31] ? watchdog+0x1de/0xfe0 [ 868.954903][ T31] kthread+0x70e/0x8a0 [ 868.954937][ T31] ? __pfx_watchdog+0x10/0x10 [ 868.954965][ T31] ? __pfx_kthread+0x10/0x10 [ 868.954995][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 868.955023][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 868.955052][ T31] ? __pfx_kthread+0x10/0x10 [ 868.955077][ T31] ret_from_fork+0x3f9/0x770 [ 868.955099][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 868.955123][ T31] ? __switch_to_asm+0x39/0x70 [ 868.955149][ T31] ? __switch_to_asm+0x33/0x70 [ 868.955176][ T31] ? __pfx_kthread+0x10/0x10 [ 868.955202][ T31] ret_from_fork_asm+0x1a/0x30 [ 868.955249][ T31] [ 868.955257][ T31] Sending NMI from CPU 1 to CPUs 0: [ 869.101936][ C0] NMI backtrace for cpu 0 [ 869.101955][ C0] CPU: 0 UID: 0 PID: 5843 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 869.101976][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 869.101988][ C0] RIP: 0010:entry_SYSRETQ_unsafe_stack+0xa/0xd [ 869.102012][ C0] Code: 89 c7 eb 08 48 89 c7 48 0f ba ef 3f 48 81 cf 00 08 00 00 48 81 cf 00 10 00 00 0f 22 df 58 5f 5c 0f 01 f8 0f 00 2d 77 fe ff ff <48> 0f 07 cc 90 90 90 56 48 8b 74 24 08 48 89 7c 24 08 52 51 50 41 [ 869.102029][ C0] RSP: 0018:00007fff4ae57db8 EFLAGS: 00000046 [ 869.102046][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f2c429c1463 [ 869.102058][ C0] RDX: 00007fff4ae57dd0 RSI: 0000000000000000 RDI: 0000000000000000 [ 869.102070][ C0] RBP: 0000000000000000 R08: 00000000138f9431 R09: 7fffffffffffffff [ 869.102084][ C0] R10: 0000000000000000 R11: 0000000000000202 R12: 00007fff4ae58220 [ 869.102096][ C0] R13: 0000000000000004 R14: 00007fff4ae57e0c R15: 00007fff4ae57ea0 [ 869.102109][ C0] FS: 0000555565a2a500(0000) GS:ffff888125c1a000(0000) knlGS:ffff888125c1a000 [ 869.102126][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 869.102139][ C0] CR2: 0000001b32c22ff8 CR3: 000000004679e000 CR4: 00000000003526f0 [ 869.102159][ C0] Call Trace: [ 869.104951][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 869.234087][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) [ 869.243200][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 869.253266][ T31] Call Trace: [ 869.256544][ T31] [ 869.259475][ T31] dump_stack_lvl+0x99/0x250 [ 869.264077][ T31] ? __asan_memcpy+0x40/0x70 [ 869.268677][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 869.273897][ T31] ? __pfx__printk+0x10/0x10 [ 869.278502][ T31] vpanic+0x281/0x750 [ 869.282489][ T31] ? __pfx_vpanic+0x10/0x10 [ 869.287085][ T31] ? preempt_schedule+0xae/0xc0 [ 869.291951][ T31] ? preempt_schedule_common+0x83/0xd0 [ 869.297425][ T31] panic+0xb9/0xc0 [ 869.301149][ T31] ? __pfx_panic+0x10/0x10 [ 869.305598][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 869.310980][ T31] ? nmi_trigger_cpumask_backtrace+0x2bb/0x300 [ 869.317151][ T31] watchdog+0xfd2/0xfe0 [ 869.321317][ T31] ? watchdog+0x1de/0xfe0 [ 869.325662][ T31] kthread+0x70e/0x8a0 [ 869.329740][ T31] ? __pfx_watchdog+0x10/0x10 [ 869.334425][ T31] ? __pfx_kthread+0x10/0x10 [ 869.339020][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 869.344227][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 869.349544][ T31] ? __pfx_kthread+0x10/0x10 [ 869.354151][ T31] ret_from_fork+0x3f9/0x770 [ 869.358751][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 869.363912][ T31] ? __switch_to_asm+0x39/0x70 [ 869.368694][ T31] ? __switch_to_asm+0x33/0x70 [ 869.373473][ T31] ? __pfx_kthread+0x10/0x10 [ 869.378078][ T31] ret_from_fork_asm+0x1a/0x30 [ 869.382870][ T31] [ 869.386228][ T31] Kernel Offset: disabled [ 869.390555][ T31] Rebooting in 86400 seconds..