Extracting prog: 24m50.296649531s
Minimizing prog: 43m56.654240185s
Simplifying prog options: 11m15.068818666s
Extracting C: 2m48.56622892s
Simplifying C: 0s


66 programs, timeouts [6m0s]
extracting reproducer from 66 programs
testing a last program of every proc
single: executing 16 programs separately with timeout 6m0s
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$inet6-socket$inet6-setsockopt$IP6T_SO_SET_REPLACE-bind$inet6-socket$inet6_sctp-unshare-socket$nl_netfilter-sendmsg$NFT_BATCH-sendmsg$NFT_BATCH-openat$ppp-ioctl$PPPIOCNEWUNIT-setsockopt-setsockopt$inet_sctp6_SCTP_AUTH_CHUNK-socket$inet6_mptcp-socket$inet6_mptcp-sendmsg$inet-openat$cgroup_ro-bind$inet6-setsockopt$inet6_int-setsockopt$inet_sctp6_SCTP_AUTH_CHUNK-setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD-sendto$inet6
detailed listing:
executing program 0:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x14e24}, 0x1c)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
unshare(0x2040400)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_TYPE={0x5}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8}, @NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xb}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x8c}}, 0x0)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, 0x0)
setsockopt(r2, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r2, 0x84, 0x15, &(0x7f00000000c0), 0x1)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
sendmsg$inet(r5, &(0x7f00000007c0)={&(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10, &(0x7f0000000680)=[{&(0x7f0000000180)="494bb2ba6ba7793430397353d0c4d0e02b6c7cba68101bf83b7336c634401f4f148114db5062b12ed778ccc65ff01f6846266cf64cf2c215b0798aba356a3fc9866e82f7465aba4be32f5cdeaf25ff24042b408330bd2bf909a5727c4716e3609f8e90d4947f50a566f1029b7093623cfc1cbd48083ecd96aa3afd8f138126d7496e54e8151ab501c0ba05cbbd5fc1639e43e8e457653320204ac69a7063c22feb44", 0xa2}, {&(0x7f0000000240)="2c603f758d88aa2368599ba886ea18f38bef3d406b3f508c75b69beacd", 0x1d}, {&(0x7f0000000300)="b533f3fc61506f14f7feb0c2e58f8422716459a8d4e7b8ca1b6ef7beb86ae4a63a2d9d24b50d8b3fdecf57a32df55c6dd125e0f1aa687eedb936bdb5290432c5b08e", 0x42}, {&(0x7f0000000380)="ee6bf94a321fa570b829c291f2c44390850d113b52bdeaefe8e84159e6fca64090aa250af98f5b45de9dad6d63861565772e02c2b38ebaa616c7daeab713a6456f3a79414c6330b194aef4bfd81cc3935b63db0a92", 0x55}, {&(0x7f0000000400)="9b7756666ec71740a5d75a947b71e8752d8668c80ac7028a6f9580b65576dfd548ef9752db63200b8443945fb9cf7423ffdf50a3328f1e06e0d32605499026285366e3af7380d54d6c3a6bfb39283e9172b9f40be5826d7b69fd0caa36813c2900b9c9d551f1c1feb0fc75b4e99013a7c5ee0b953328f52fc72f89564f74fce2fe37c5c69b88a3", 0x87}, {&(0x7f0000000540)="6a6b4ff347e7a97c5cf7e498d3f50e58ce2d56d1e2438579f5e92d3b5558b902cee3878c418814a8ce65265b082c299326f0f050dff6f051b0325c56ac31528fc607e1b062df56c5d414517362bb69ee1d2810252066a5cfc0f4bb05a3353ba94e7fa06aaa98457534082f23e71d18f3700fe496aee36cff556ef4095636e72b27aceabe1684420387715eaa3b4d06d9177ae390f3fd507de819f7e240ce51ce869f1f9c9c4bcb95", 0xa8}, {&(0x7f0000000600)="8cdcaac5b9aed329403df71b45390aee15bf7ae590f925294dbc67ab84230fa97d2647c9b4504f5cd8b7ce66063945b14b746f16d9906ee6339df97109f8966cfc2cbe8dc37e9b8c32ff688fdb09c196f3e3fbfb858f4bb9eeb7e4c7569cf8e6bcd369adda0b2c", 0x67}], 0x7, &(0x7f0000000740)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @broadcast}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x8}}, @ip_retopts={{0x24, 0x0, 0x7, {[@rr={0x7, 0xf, 0x3e, [@loopback, @local, @local]}, @lsrr={0x83, 0x3, 0x95}]}}}], 0x60}, 0x20004005)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev, 0xa9}, 0x1c)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x4c, &(0x7f0000000000)=0x2000000, 0x4)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r2, 0x84, 0x15, &(0x7f0000000040)={0xa}, 0x1)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
sendto$inet6(r2, &(0x7f0000000500)="a4", 0x34000, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$kcm-socket$nl_generic-syz_genetlink_get_family_id$nl80211-ioctl$sock_SIOCGIFINDEX_80211-sendmsg$NL80211_CMD_SET_INTERFACE-socket$inet6_udplite-sendmsg$NL80211_CMD_START_AP-ioctl$F2FS_IOC_MOVE_RANGE-bpf$PROG_LOAD_XDP-socketpair
detailed listing:
executing program 0:
socket$kcm(0x29, 0x0, 0x0) (async)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) (async, rerun: 32)
socket$inet6_udplite(0xa, 0x2, 0x88) (async, rerun: 32)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)={0xdc, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x72, 0xe, {{{}, {0x7fff}, @device_b, @device_b}, 0x0, @default, 0x0, @val={0x0, 0x6, @default_ibss_ssid}, @val, @val={0x3, 0x1}, @void, @void, @val={0x5, 0x3}, @void, @val={0x2a, 0x1}, @void, @val={0x2d, 0x1a}, @val={0x72, 0x6}, @val={0x71, 0x7}, @val={0x76, 0x6}}}, @NL80211_ATTR_FTM_RESPONDER={0x34, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_LCI={0x2c, 0x2, "506bf32eb852528d39c470b33bbe7e3d8f5de025a4c8ef0a394dc55acea37303ae84d860d0398e1a"}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}]}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0xdc}}, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f00000000c0)={0xffffffffffffffff, 0x7ff, 0x9, 0x5})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x12, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="00620118000000000095000000000800"/32], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x65, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socketpair(0xf, 0x6, 0x101, &(0x7f0000000000))

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_netfilter-sendmsg$kcm-sendmsg$NFT_BATCH-setsockopt$inet6_group_source_req-syz_init_net_socket$rose-ioctl$SIOCRSSCAUSE-sendmsg$NFT_BATCH-socket$inet_tcp-setsockopt$inet_tcp_int-bind$inet-ioctl$sock_rose_SIOCDELRT-connect$inet-sendto$inet-socket$nl_route-sendmsg$nl_route-recvmmsg-mkdirat$cgroup_root-openat$cgroup_root-openat$cgroup_ro-socket$inet6_sctp-bpf$ITER_CREATE-getsockopt$inet_sctp_SCTP_RESET_STREAMS-syz_init_net_socket$nl_generic-syz_genetlink_get_family_id$nbd-sendmsg$NBD_CMD_RECONFIGURE-socket$packet-getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY
detailed listing:
executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x4}, 0x80, 0x0}, 0x0)
sendmsg$NFT_BATCH(r0, 0x0, 0x4004805)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, 0x0, 0x0)
r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$SIOCRSSCAUSE(r1, 0x89e1, &(0x7f0000000980)=0x1)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x2, &(0x7f00000000c0)=0x81, 0x4)
bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10)
ioctl$sock_rose_SIOCDELRT(r1, 0x890c, &(0x7f0000000740)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x2}, 0xfeff, @bcast, @rose={'rose', 0x0}, 0x3, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]})
connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r2, &(0x7f0000000480)="fbbf0b5044e308cb7bd572aa2b42e9678bcf30eff9f3aed14dc94a114bd2b45956aebe2b108a87e865501a5f9e0383611afdd3f8bac3d5cfd7772a3ab48d0ba4b600731e357e38716c449fae7c28548a4f2105f44b8fd9b33041270ae01f1a405e3f650fc3b0926d481c364fca00000000000000006d3a3ede9fc738b8d86209c060161d5ddb5fcf3d09001117cdb9d055aa2d89fe3458720724853a876448d4a1fe9ef0569ad98a05ab5df763923b4e2c576e00000000000000000000000000000000002090666159e3075f7244cf4ec3d7814c0c934f44e200219e6dd7bc23397d5f2f2c76a5baddd0fd8c340362691ef226f7a0ac51b74b6be5ed6737948514cd466943d08eeb3895b80499da2b209da4f3ec5e3744ce3e863b0e04d0ec2f39edf50b6e08c4b47e448a35414763d687fbe3792ee15c5b9791310a346472723c100bf77a310b0ced8004b5ac6d48c40439f512e8ef34a53d65f55563f68136a577736ca5f6f66e01ef4ec2cdc8db34f6de50713adaa3f70189958263fddc1314f8a28ccdef6e1390c5fbaeadc3035d019f0dc75de307de6c0d010000000000000027083d1d5b4b013c503b863b560688d94de886b6dc73d5da2dfeff4bed1a49a975a6c8dbb480e4415ddca5657a5a8e3b111015499e952bb5e8d8f60de3d688df7802c6e8b27b31fac4e199038b79a3999920e634a5af162a9581b0e6647e410700246548234acacf9cb43ab332a37bbc926c39897395c974fda31536be523bf4260300730ae6136fecae5f0fa6ab2df8d98128b24589e3bbe5230e07dc5e0d65cc397e3f8204d48e59e8e294a6d7008ba8fba28cd5009fe1a7c569ce740078bf1c7389a6ba0f89257f0eac417aac0d2d89b05ee5dafa2f1d936c87264d077b2c0d5abdbc64ce943f895dd4c2e9dd7393543d89b00dc6b3a25045d4ec932366c67dfad087fa8dc104644828440bdf67dd97ebccb3bd", 0xfffffea5, 0xc000, 0x0, 0xfffffcef)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newlink={0x54, 0x10, 0x403, 0x4004, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x80, 0x2000}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'bond0\x00'}, @IFLA_ADDRESS={0xa, 0x1, @random="0105d6b315f4"}, @IFLA_IFALIAS={0x14, 0x14, 'veth1_to_hsr\x00'}]}, 0x54}}, 0x0)
recvmmsg(r2, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000003140)=[{&(0x7f0000000e00)=""/4096, 0x1000}], 0x1}}, {{0x0, 0x0, 0x0}, 0x20}], 0x2, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r5 = openat$cgroup_ro(r4, 0x0, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0x8)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r5, 0x84, 0x77, &(0x7f00000001c0)={<r6=>0x0, 0x8, 0x2, [0x7, 0x5]}, &(0x7f0000000240)=0xc)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NBD_CMD_RECONFIGURE(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r8, @ANYBLOB="8101cdc2eedfc68c4f703b2c1a2384733558e1fad1bed6db5b75f402368b503fb37b135c860422b5e08f8b7ea4ee21080fc8eb09800000000000f772aa6799031d833434068501f09a25f77d7528890c2e9f088fd1e5e8ae1a4d9916249adebf634512235fdfafad8a0ce768d200229bcde0bbba43969f85b273a0f9f9f4a808e7dc6767db93b3e210054f097f23a86bab288eedeec0a537af5d5eec8008a421dc7bc02ab74caefc"], 0x1c}}, 0x0)
socket$packet(0x11, 0x3, 0x300)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r5, 0x84, 0x18, &(0x7f0000000280)={r6, 0x5}, 0x0)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route-sendmsg$nl_route-socket$nl_netfilter-sendmsg$NFT_BATCH
detailed listing:
executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}, @IFLA_MASTER={0x8, 0x3}]}, 0x40}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x70, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x48, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @log={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_LOG_PREFIX={0xe, 0x2, 0x1, 0x0, 'syzkaller\x00'}, @NFTA_LOG_LEVEL={0x8, 0x5, 0x1, 0x0, 0x8}]}}}, {0x1c, 0x1, 0x0, 0x1, @hash={{0x9}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_HASH_TYPE={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xe4}}, 0x0)

program crashed: WARNING in print_bfs_bug
single: successfully extracted reproducer
found reproducer with 4 syscalls
minimizing guilty program
testing program (duration=6m48.282008121s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route-sendmsg$nl_route-socket$nl_netfilter
detailed listing:
executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}, @IFLA_MASTER={0x8, 0x3}]}, 0x40}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

program crashed: WARNING in print_bfs_bug
testing program (duration=6m48.282008121s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route-sendmsg$nl_route
detailed listing:
executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}, @IFLA_MASTER={0x8, 0x3}]}, 0x40}}, 0x0)

program crashed: WARNING in print_bfs_bug
testing program (duration=6m48.282008121s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route
detailed listing:
executing program 0:
socket$nl_route(0x10, 0x3, 0x0)

program did not crash
testing program (duration=6m48.282008121s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): sendmsg$nl_route
detailed listing:
executing program 0:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}, @IFLA_MASTER={0x8, 0x3}]}, 0x40}}, 0x0)

program did not crash
testing program (duration=6m48.282008121s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route-sendmsg$nl_route
detailed listing:
executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x0)

program did not crash
testing program (duration=6m48.282008121s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route-sendmsg$nl_route
detailed listing:
executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)

program did not crash
testing program (duration=6m48.282008121s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route-sendmsg$nl_route
detailed listing:
executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)

program did not crash
extracting C reproducer
testing compiled C program (duration=6m48.282008121s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route-sendmsg$nl_route
program crashed: BUG: MAX_LOCKDEP_KEYS too low!
a never seen crash title: BUG: MAX_LOCKDEP_KEYS too low!, ignore
simplifying guilty program options
testing program (duration=6m48.282008121s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route-sendmsg$nl_route
detailed listing:
executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}, @IFLA_MASTER={0x8, 0x3}]}, 0x40}}, 0x0)

program crashed: BUG: MAX_LOCKDEP_KEYS too low!
a never seen crash title: BUG: MAX_LOCKDEP_KEYS too low!, ignore
testing program (duration=6m48.282008121s, {Threaded:true Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$nl_route-sendmsg$nl_route
detailed listing:
executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}, @IFLA_MASTER={0x8, 0x3}]}, 0x40}}, 0x0)

program did not crash
reproducing took 1h22m50.585950152s
repro crashed as (corrupted=false):
Increase LOCKDEP_CIRCULAR_QUEUE_BITS to avoid this warning:
------------[ cut here ]------------
lockdep bfs error:-1
WARNING: CPU: 0 PID: 24474 at kernel/locking/lockdep.c:2090 print_bfs_bug+0x29/0x50 kernel/locking/lockdep.c:2090
Modules linked in:
CPU: 0 UID: 0 PID: 24474 Comm: syz.2.5944 Not tainted 6.12.0-rc3-syzkaller-00185-g9efc44fb2dba #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
RIP: 0010:print_bfs_bug+0x29/0x50 kernel/locking/lockdep.c:2090
Code: 90 55 53 89 fb e8 17 48 48 03 89 c5 e8 80 15 ff ff 85 ed 74 19 83 fb ff 74 1b 90 48 c7 c7 80 e2 0a 8c 89 de e8 d8 ea e4 ff 90 <0f> 0b 90 90 5b 5d c3 cc cc cc cc 48 c7 c7 20 e2 0a 8c e8 60 90 52
RSP: 0018:ffffc90003e36488 EFLAGS: 00010046
RAX: 696e5ab044ea6400 RBX: 00000000ffffffff RCX: ffff888024dc5a00
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 0000000000000001 R08: ffffffff8155e402 R09: 1ffff110170c519a
R10: dffffc0000000000 R11: ffffed10170c519b R12: dffffc0000000001
R13: ffffffff96c567f8 R14: ffffffff93c94ee0 R15: ffffffff96c85fe8
FS:  00007fcb1a3116c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffd12061648 CR3: 000000001f73c000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 check_irq_usage kernel/locking/lockdep.c:2829 [inline]
 check_prev_add kernel/locking/lockdep.c:3165 [inline]
 check_prevs_add kernel/locking/lockdep.c:3280 [inline]
 validate_chain+0x4809/0x5920 kernel/locking/lockdep.c:3904
 __lock_acquire+0x1384/0x2050 kernel/locking/lockdep.c:5202
 lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825
 do_write_seqcount_begin_nested include/linux/seqlock.h:454 [inline]
 do_write_seqcount_begin include/linux/seqlock.h:480 [inline]
 psi_account_irqtime+0x34a/0x830 kernel/sched/psi.c:1026
 __schedule+0x984/0x4b30 kernel/sched/core.c:6676
 preempt_schedule_irq+0xfb/0x1c0 kernel/sched/core.c:7004
 irqentry_exit+0x5e/0x90 kernel/entry/common.c:354
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:lock_acquire+0x264/0x550 kernel/locking/lockdep.c:5829
Code: 2b 00 74 08 4c 89 f7 e8 da 42 8e 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25
RSP: 0018:ffffc90003e36e00 EFLAGS: 00000206
RAX: 0000000000000001 RBX: 1ffff920007c6dcc RCX: 696e5ab044ea6400
RDX: dffffc0000000000 RSI: ffffffff8c0adc40 RDI: ffffffff8c610120
RBP: ffffc90003e36f50 R08: ffffffff96b68b5f R09: 1ffffffff2d6d16b
R10: dffffc0000000000 R11: fffffbfff2d6d16c R12: 1ffff920007c6dc8
R13: dffffc0000000000 R14: ffffc90003e36e60 R15: 0000000000000246
 touch_wq_lockdep_map+0xc7/0x170 kernel/workqueue.c:3880
 __flush_workqueue+0x14f/0x1600 kernel/workqueue.c:3922
 drain_workqueue+0xc9/0x3a0 kernel/workqueue.c:4086
 destroy_workqueue+0xba/0xc40 kernel/workqueue.c:5830
 wg_newlink+0x50d/0x640 drivers/net/wireguard/device.c:390
 rtnl_newlink_create net/core/rtnetlink.c:3539 [inline]
 __rtnl_newlink net/core/rtnetlink.c:3759 [inline]
 rtnl_newlink+0x1591/0x20a0 net/core/rtnetlink.c:3772
 rtnetlink_rcv_msg+0x73f/0xcf0 net/core/rtnetlink.c:6675
 netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2551
 netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]
 netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1357
 netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1901
 sock_sendmsg_nosec net/socket.c:729 [inline]
 __sock_sendmsg+0x221/0x270 net/socket.c:744
 ____sys_sendmsg+0x52a/0x7e0 net/socket.c:2607
 ___sys_sendmsg net/socket.c:2661 [inline]
 __sys_sendmsg+0x292/0x380 net/socket.c:2690
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fcb1957e719
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fcb1a311038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007fcb19735f80 RCX: 00007fcb1957e719
RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
RBP: 00007fcb195f12be R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 00007fcb19735f80 R15: 00007ffddf306a38
 </TASK>
----------------
Code disassembly (best guess):
   0:	2b 00                	sub    (%rax),%eax
   2:	74 08                	je     0xc
   4:	4c 89 f7             	mov    %r14,%rdi
   7:	e8 da 42 8e 00       	call   0x8e42e6
   c:	f6 44 24 61 02       	testb  $0x2,0x61(%rsp)
  11:	0f 85 85 01 00 00    	jne    0x19c
  17:	41 f7 c7 00 02 00 00 	test   $0x200,%r15d
  1e:	74 01                	je     0x21
  20:	fb                   	sti
  21:	48 c7 44 24 40 0e 36 	movq   $0x45e0360e,0x40(%rsp)
  28:	e0 45
* 2a:	4b c7 44 25 00 00 00 	movq   $0x0,0x0(%r13,%r12,1) <-- trapping instruction
  31:	00 00
  33:	43 c7 44 25 09 00 00 	movl   $0x0,0x9(%r13,%r12,1)
  3a:	00 00
  3c:	43                   	rex.XB
  3d:	c7                   	.byte 0xc7
  3e:	44                   	rex.R
  3f:	25                   	.byte 0x25

final repro crashed as (corrupted=false):
Increase LOCKDEP_CIRCULAR_QUEUE_BITS to avoid this warning:
------------[ cut here ]------------
lockdep bfs error:-1
WARNING: CPU: 0 PID: 24474 at kernel/locking/lockdep.c:2090 print_bfs_bug+0x29/0x50 kernel/locking/lockdep.c:2090
Modules linked in:
CPU: 0 UID: 0 PID: 24474 Comm: syz.2.5944 Not tainted 6.12.0-rc3-syzkaller-00185-g9efc44fb2dba #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
RIP: 0010:print_bfs_bug+0x29/0x50 kernel/locking/lockdep.c:2090
Code: 90 55 53 89 fb e8 17 48 48 03 89 c5 e8 80 15 ff ff 85 ed 74 19 83 fb ff 74 1b 90 48 c7 c7 80 e2 0a 8c 89 de e8 d8 ea e4 ff 90 <0f> 0b 90 90 5b 5d c3 cc cc cc cc 48 c7 c7 20 e2 0a 8c e8 60 90 52
RSP: 0018:ffffc90003e36488 EFLAGS: 00010046
RAX: 696e5ab044ea6400 RBX: 00000000ffffffff RCX: ffff888024dc5a00
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 0000000000000001 R08: ffffffff8155e402 R09: 1ffff110170c519a
R10: dffffc0000000000 R11: ffffed10170c519b R12: dffffc0000000001
R13: ffffffff96c567f8 R14: ffffffff93c94ee0 R15: ffffffff96c85fe8
FS:  00007fcb1a3116c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffd12061648 CR3: 000000001f73c000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 check_irq_usage kernel/locking/lockdep.c:2829 [inline]
 check_prev_add kernel/locking/lockdep.c:3165 [inline]
 check_prevs_add kernel/locking/lockdep.c:3280 [inline]
 validate_chain+0x4809/0x5920 kernel/locking/lockdep.c:3904
 __lock_acquire+0x1384/0x2050 kernel/locking/lockdep.c:5202
 lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825
 do_write_seqcount_begin_nested include/linux/seqlock.h:454 [inline]
 do_write_seqcount_begin include/linux/seqlock.h:480 [inline]
 psi_account_irqtime+0x34a/0x830 kernel/sched/psi.c:1026
 __schedule+0x984/0x4b30 kernel/sched/core.c:6676
 preempt_schedule_irq+0xfb/0x1c0 kernel/sched/core.c:7004
 irqentry_exit+0x5e/0x90 kernel/entry/common.c:354
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:lock_acquire+0x264/0x550 kernel/locking/lockdep.c:5829
Code: 2b 00 74 08 4c 89 f7 e8 da 42 8e 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25
RSP: 0018:ffffc90003e36e00 EFLAGS: 00000206
RAX: 0000000000000001 RBX: 1ffff920007c6dcc RCX: 696e5ab044ea6400
RDX: dffffc0000000000 RSI: ffffffff8c0adc40 RDI: ffffffff8c610120
RBP: ffffc90003e36f50 R08: ffffffff96b68b5f R09: 1ffffffff2d6d16b
R10: dffffc0000000000 R11: fffffbfff2d6d16c R12: 1ffff920007c6dc8
R13: dffffc0000000000 R14: ffffc90003e36e60 R15: 0000000000000246
 touch_wq_lockdep_map+0xc7/0x170 kernel/workqueue.c:3880
 __flush_workqueue+0x14f/0x1600 kernel/workqueue.c:3922
 drain_workqueue+0xc9/0x3a0 kernel/workqueue.c:4086
 destroy_workqueue+0xba/0xc40 kernel/workqueue.c:5830
 wg_newlink+0x50d/0x640 drivers/net/wireguard/device.c:390
 rtnl_newlink_create net/core/rtnetlink.c:3539 [inline]
 __rtnl_newlink net/core/rtnetlink.c:3759 [inline]
 rtnl_newlink+0x1591/0x20a0 net/core/rtnetlink.c:3772
 rtnetlink_rcv_msg+0x73f/0xcf0 net/core/rtnetlink.c:6675
 netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2551
 netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]
 netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1357
 netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1901
 sock_sendmsg_nosec net/socket.c:729 [inline]
 __sock_sendmsg+0x221/0x270 net/socket.c:744
 ____sys_sendmsg+0x52a/0x7e0 net/socket.c:2607
 ___sys_sendmsg net/socket.c:2661 [inline]
 __sys_sendmsg+0x292/0x380 net/socket.c:2690
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fcb1957e719
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fcb1a311038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007fcb19735f80 RCX: 00007fcb1957e719
RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
RBP: 00007fcb195f12be R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 00007fcb19735f80 R15: 00007ffddf306a38
 </TASK>
----------------
Code disassembly (best guess):
   0:	2b 00                	sub    (%rax),%eax
   2:	74 08                	je     0xc
   4:	4c 89 f7             	mov    %r14,%rdi
   7:	e8 da 42 8e 00       	call   0x8e42e6
   c:	f6 44 24 61 02       	testb  $0x2,0x61(%rsp)
  11:	0f 85 85 01 00 00    	jne    0x19c
  17:	41 f7 c7 00 02 00 00 	test   $0x200,%r15d
  1e:	74 01                	je     0x21
  20:	fb                   	sti
  21:	48 c7 44 24 40 0e 36 	movq   $0x45e0360e,0x40(%rsp)
  28:	e0 45
* 2a:	4b c7 44 25 00 00 00 	movq   $0x0,0x0(%r13,%r12,1) <-- trapping instruction
  31:	00 00
  33:	43 c7 44 25 09 00 00 	movl   $0x0,0x9(%r13,%r12,1)
  3a:	00 00
  3c:	43                   	rex.XB
  3d:	c7                   	.byte 0xc7
  3e:	44                   	rex.R
  3f:	25                   	.byte 0x25