last executing test programs:

3.076392391s ago: executing program 4 (id=14706):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmsg$inet(r0, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000140)="be38", 0xffe7}], 0x1, &(0x7f0000000080)=ANY=[@ANYBLOB="1c000000000000000000000308000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaac14140000000b001400000000000000000000000700000007038b0100000000"], 0x38}, 0x0)

2.927194442s ago: executing program 4 (id=14708):
sendmsg$NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16, @ANYBLOB="01002bbd7000fedbdf25070000000a0004007770616e30000000080001"], 0x40}}, 0x8084)
r0 = socket(0x11, 0x3, 0x0)
setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f00000003c0)=0x7f, 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r2}, 0x14)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x2000e8, 0x4)
sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f00000095c0)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="0201140080ff18000e3580009f000114600000060600ac141414e0000003808a8972bd0b72e4a139697dd206"], 0xdd12}, {&(0x7f0000000080)=ANY=[], 0x10}, {&(0x7f00000001c0)={0x1b0, 0x10, 0x100, 0x70bd25, 0x25dfdbfd, "", [@nested={0x19d, 0xb8, 0x0, 0x1, [@generic="027c297b38b56dadffcfe4061d15fc1bb0e8f55729655bc2a141d07240e2660ae13b4140bb2de6b0c92a32c3d479225f726844263fe160d10bea26e2cba3cd2ab56bf506856d9880c43a1b1b28c5f3750278fdcbbc5d7e9255cc085e82dedc5500c9a61e7f16ea49dc3bbc3cf1756b3b5191dc489ac87a", @nested={0x4, 0xa8}, @nested={0x4, 0xa}, @typed={0x4, 0x43}, @generic="e2bfdf7de8c777961f6b62c00b6b390527a5d534328ac8047127bc9c897c6d7914919ae2795b369b66f31b6fb37b1785fad23519bc62d1d4d9fe612fda800dc3a040679febea52dbf4c967591b77742567ed079e402828669ee8bcd6c20e355f3298d82c98a47672bd5903f6b79caaeb267d444d672c6ac847a998cc18f231e70fb2f3f258fa5f495830b098f22533424444f94f1e64d145a90db68aed2b13d9fa5bd05e2d4efe4572653d59d7a812f28ccfb2ade317bfa2df8aa0840f68f0d60072954e1dcbbf42079c080c", @generic="8df85fe7c7252e8c244fb2f1f9603f40192a058f83ab4d85462132004e10e6a62707d66ea9d642a14a054a1fa5e6638ccb8602374204381cd09bb73bd6ff1be1aaa178837c36abb524de"]}]}, 0x1b0}, {&(0x7f0000001040)=ANY=[], 0x12c4}, {&(0x7f0000004840)=ANY=[], 0xe58}], 0x5, 0x0, 0x0, 0x4040814}, 0x0)
sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f0000000100)=@pppoe={0x18, 0x0, {0x2, @random="d605f92aee7b", 'geneve1\x00'}}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000180)}], 0x1, &(0x7f0000000380)=[{0xc8, 0x111, 0x7, "f2ac103fbf18008a2e4fdc9607a9aadb4c49f7c59f25a11d8f66b506ed2423d9caa2e65a4a9f14e878397070aebda597170f3468d409f62b054a4e37eb98cd6d1867571868f76841e5dd868d525bdaecc35215991cf536da4d0e3882e0ac0c1ec77d07571cb541cdc340ce6291a77f5ae8d99664ad991c01734eab520252dc0120a71db42c480ae5f11a68892622bcc46fe629713e043afeea41a9c17861b8afa8d263eec9eeb755a1e0a9df9ac7bb4bcad357"}, {0x58, 0x112, 0x2, "393c74cd188d7d2496afb1ce139acdd4a130260f3411920dd3c084978705b1933f610981dd49ed266feb9ef45017d51cae7e8c0d46e9d4f208aefcd487c173dcb060631692"}], 0x120}, 0x200000c1)
r3 = socket(0xa, 0x801, 0x0)
getsockopt(r3, 0x0, 0x40, &(0x7f0000000000)=""/84, &(0x7f00000000c0)=0x54)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)=ANY=[@ANYBLOB="180100002000010000000000fcdbdf2506"], 0x118}], 0x1, 0x0, 0x0, 0x20008001}, 0x0)
sendmsg$NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16, @ANYBLOB="01002bbd7000fedbdf25070000000a0004007770616e30000000080001"], 0x40}}, 0x8084) (async)
socket(0x11, 0x3, 0x0) (async)
setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f00000003c0)=0x7f, 0x4) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000005c0)={'gre0\x00'}) (async)
bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r2}, 0x14) (async)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x2000e8, 0x4) (async)
sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f00000095c0)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="0201140080ff18000e3580009f000114600000060600ac141414e0000003808a8972bd0b72e4a139697dd206"], 0xdd12}, {&(0x7f0000000080)=ANY=[], 0x10}, {&(0x7f00000001c0)={0x1b0, 0x10, 0x100, 0x70bd25, 0x25dfdbfd, "", [@nested={0x19d, 0xb8, 0x0, 0x1, [@generic="027c297b38b56dadffcfe4061d15fc1bb0e8f55729655bc2a141d07240e2660ae13b4140bb2de6b0c92a32c3d479225f726844263fe160d10bea26e2cba3cd2ab56bf506856d9880c43a1b1b28c5f3750278fdcbbc5d7e9255cc085e82dedc5500c9a61e7f16ea49dc3bbc3cf1756b3b5191dc489ac87a", @nested={0x4, 0xa8}, @nested={0x4, 0xa}, @typed={0x4, 0x43}, @generic="e2bfdf7de8c777961f6b62c00b6b390527a5d534328ac8047127bc9c897c6d7914919ae2795b369b66f31b6fb37b1785fad23519bc62d1d4d9fe612fda800dc3a040679febea52dbf4c967591b77742567ed079e402828669ee8bcd6c20e355f3298d82c98a47672bd5903f6b79caaeb267d444d672c6ac847a998cc18f231e70fb2f3f258fa5f495830b098f22533424444f94f1e64d145a90db68aed2b13d9fa5bd05e2d4efe4572653d59d7a812f28ccfb2ade317bfa2df8aa0840f68f0d60072954e1dcbbf42079c080c", @generic="8df85fe7c7252e8c244fb2f1f9603f40192a058f83ab4d85462132004e10e6a62707d66ea9d642a14a054a1fa5e6638ccb8602374204381cd09bb73bd6ff1be1aaa178837c36abb524de"]}]}, 0x1b0}, {&(0x7f0000001040)=ANY=[], 0x12c4}, {&(0x7f0000004840)=ANY=[], 0xe58}], 0x5, 0x0, 0x0, 0x4040814}, 0x0) (async)
sendmsg$kcm(r0, &(0x7f00000004c0)={&(0x7f0000000100)=@pppoe={0x18, 0x0, {0x2, @random="d605f92aee7b", 'geneve1\x00'}}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000180)}], 0x1, &(0x7f0000000380)=[{0xc8, 0x111, 0x7, "f2ac103fbf18008a2e4fdc9607a9aadb4c49f7c59f25a11d8f66b506ed2423d9caa2e65a4a9f14e878397070aebda597170f3468d409f62b054a4e37eb98cd6d1867571868f76841e5dd868d525bdaecc35215991cf536da4d0e3882e0ac0c1ec77d07571cb541cdc340ce6291a77f5ae8d99664ad991c01734eab520252dc0120a71db42c480ae5f11a68892622bcc46fe629713e043afeea41a9c17861b8afa8d263eec9eeb755a1e0a9df9ac7bb4bcad357"}, {0x58, 0x112, 0x2, "393c74cd188d7d2496afb1ce139acdd4a130260f3411920dd3c084978705b1933f610981dd49ed266feb9ef45017d51cae7e8c0d46e9d4f208aefcd487c173dcb060631692"}], 0x120}, 0x200000c1) (async)
socket(0xa, 0x801, 0x0) (async)
getsockopt(r3, 0x0, 0x40, &(0x7f0000000000)=""/84, &(0x7f00000000c0)=0x54) (async)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) (async)
sendmsg$netlink(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)=ANY=[@ANYBLOB="180100002000010000000000fcdbdf2506"], 0x118}], 0x1, 0x0, 0x0, 0x20008001}, 0x0) (async)

2.448155719s ago: executing program 4 (id=14714):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', <r1=>0x0})
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r0, 0x8982, &(0x7f0000000000)={0x0, 'bridge0\x00', {0x3}, 0x4da})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x2c, &(0x7f0000000000)=0x80000001, 0x4)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0))
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), r5)
bpf$PROG_LOAD(0x5, 0x0, 0xbc3aa03602d558be)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, 0x0, &(0x7f0000000080), 0x619}, 0x38)
bpf$MAP_CREATE(0x0, &(0x7f0000004440)=@bloom_filter={0x1e, 0x0, 0x1f, 0x0, 0x1005}, 0x48)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x7, 0x17, &(0x7f00000007c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r7}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x6, 0x0, 0xb}, {0x65}}, [@printk={@lld, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x4, 0x1, 0x4, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xffffffff}, {0x15}}], {{0x7, 0x1, 0x5, 0x3}, {0x5, 0x0, 0xb, 0x3}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$NL802154_CMD_NEW_SEC_KEY(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000016c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="3f9d00018000000000000800000008000300", @ANYRES32, @ANYBLOB="2000308014000400359f6ef711e727"], 0x3c}, 0x1, 0x0, 0x0, 0x24000000}, 0x2004c0c4)
sendmsg$IPCTNL_MSG_EXP_DELETE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)={0x38, 0x2, 0x2, 0x5, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @broadcast}}}]}]}, 0x38}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="440000001800010031bd7000fcdbdf250a000000ff02ff000001000008000400", @ANYRES32=r1, @ANYBLOB="0600150007000000180016803656e5f84aaba788000000006000045a02580700"], 0x44}}, 0x0)

2.392144256s ago: executing program 3 (id=14715):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r1)
sendmsg$NLBL_CIPSOV4_C_ADD(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)={0x40, r2, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x2}, @NLBL_CIPSOV4_A_TAGLST={0x1c, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x1}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x2}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x3}]}, 0x40}}, 0x0)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000240), r1)
sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r1, &(0x7f0000000500)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000004c0)={&(0x7f0000000380)={0x124, r3, 0x200, 0x70bd29, 0x25dfdbfb, {}, [@NL802154_ATTR_SEC_LEVEL={0x34, 0x2d, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x2}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x8}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x3}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x3}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x4}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x5}]}, @NL802154_ATTR_SEC_LEVEL={0xc, 0x2d, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x3}]}, @NL802154_ATTR_SEC_LEVEL={0x4c, 0x2d, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x6}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x2}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x8}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x6}, @NL802154_SECLEVEL_ATTR_FRAME={0x8}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x6}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x3}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x4}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_SEC_LEVEL={0x2c, 0x2d, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x9}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x5}, @NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x6}]}, @NL802154_ATTR_SEC_LEVEL={0x4c, 0x2d, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5, 0x4, 0x1}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x4}, @NL802154_SECLEVEL_ATTR_FRAME={0x8}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x2}, @NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5}, @NL802154_SECLEVEL_ATTR_FRAME={0x8}, @NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x5}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x6}]}]}, 0x124}, 0x1, 0x0, 0x0, 0x80c0}, 0x810)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)={0x114, 0x36, 0x1, 0x0, 0x0, "", [@nested={0x102, 0x0, 0x0, 0x1, [@typed={0xc, 0x11, 0x0, 0x0, @u64=0x20}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@private0={0xfc, 0x0, '\x00', 0x1}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e8823f9f3cb639cfb05bc48c26c0a26237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf1374875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd"]}]}, 0x114}], 0x1, 0x0, 0x0, 0x2000000}, 0x0)

2.129746113s ago: executing program 1 (id=14718):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)=ANY=[@ANYBLOB="280400001600e5632bbd7000fedbdf25fc010000000000000000000000000000ac1414aa0000000000000000000000004e230fff4e2300050200808021000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="fe800000000000000000000000000035000004d432000000ac1414bb000000000000000000000000050000000000000002000000000000000004000000000000070000000000000007000000000000006cee0000000000000700000000000000ff030000000000000100000001"], 0x428}}, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=ANY=[@ANYBLOB="f800000016008502000000000000000020010000000000000000000000000002a600000200"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb0000000032"], 0xf8}}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=ANY=[], 0x134}}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x4098884, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c)
sendto$inet6(r1, &(0x7f0000000040), 0x3000, 0x0, 0x0, 0x0)
r2 = socket(0xa, 0x3, 0xff)
sendmsg$inet6(r2, &(0x7f0000000080)={&(0x7f0000000140)={0xa, 0xa, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}}, 0x1c, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1400000000000000290000000b00000000000014000000008b0536a4585e7a44f6765659d2ee2c3a2f522a8943516672854664c5ba4927d30e40702d304bbd1897070eaa4ae35700fe"], 0x18}, 0x922bac8556bda5ce)

2.022941193s ago: executing program 3 (id=14719):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
getsockopt$rose(r0, 0x104, 0x4, 0x0, &(0x7f0000000080))
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f0000000100))
ioctl$PPPIOCSACTIVE(r4, 0x40107446, &(0x7f0000000080)={0x2, &(0x7f00000000c0)=[{0x40, 0x8, 0xfe, 0x9}, {0x6, 0x0, 0x0, 0x8eb6}]})
write$ppp(r4, &(0x7f0000000440)='\x00\x00', 0x2)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)=@newqdisc={0x38, 0x24, 0xd0f, 0xfffffffd, 0x25dfdbfe, {0x60, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_pie={{0x8}, {0xc, 0x2, [@TCA_PIE_TUPDATE={0x8, 0x8, 0xffffffff}]}}]}, 0x38}}, 0x0)

1.994040974s ago: executing program 4 (id=14720):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newqdisc={0x5c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x9, 0x1}, {0x4}, {0xe, 0xd}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x401}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x2, 0x0, 0x8, 0x1}}, {0x6, 0x1b, [0x0]}}]}, @TCA_INGRESS_BLOCK={0x8}]}, 0x5c}, 0x1, 0x0, 0x0, 0x90}, 0x4000c00)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x24000084)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
r8 = socket$netlink(0x10, 0x3, 0x0)
r9 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000140)=@newqdisc={0x30, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r10, {0x4}, {0xffff, 0xffff}, {0xffff, 0x6}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x4005c}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000640)=@newqdisc={0x3c, 0x28, 0x4ee4e6a52ff56541, 0x5001, 0xfffffdfb, {0x0, 0x0, 0x0, r7, {0x4}, {0xffff, 0xffff}, {0x0, 0x1}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x2, [@TCA_FQ_PIE_FLOWS={0x8, 0x2, 0xcebc}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x400dc}, 0x4000080)

1.993103565s ago: executing program 0 (id=14721):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r3=>0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd7000fcdbdf250200000008000100", @ANYRES32=r3], 0x1c}}, 0x840)
syz_emit_ethernet(0x5a, &(0x7f0000000180)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0xe, 0x4, 0x0, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x6, 0x0, @private=0xa010102, @local, {[@generic={0x7, 0xf, "0476bc4b4c9e3e260cbfad9904"}, @timestamp_addr={0x44, 0x14, 0xb, 0x1, 0x0, [{@multicast1}, {@multicast1}]}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0)
sendmsg$IPSET_CMD_FLUSH(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x4)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0000000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000001007d60b7030000010000006a0a00fe00000000850000000d000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000000000639100000000000000000000ff7f0000292f17cee19d0001000000000000000000cb04fcbb0ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fb484510bef2e4852f5c2fe6faaf75e5cc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5d053bdec75dca3772be2c9d2d29db3d36dd015c7bd3f15aa6aadbeab2a01685108e61aa000000000000000000000000008b798b4f7458d1863cc67d4c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f1c6edc76609073909826151e2b42bf0ed0c8cef3ba2a730a00c87c493db845b10e9468bda6f82881eb8c9cfa72b08eecc972a3fd2c46f3c1cde71a19d1a2982492abaa96665372831210e00d2bfea3bf97ff8836d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000100), 0x237}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r5, 0x1f00, 0xf, 0x2f, &(0x7f00000007c0)="9f44948721919580684010a49e66", 0x0, 0x7ff, 0x0, 0xb1, 0xfffffd85, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39"}, 0x23)
r6 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000180)={r5, 0x0, 0x30, 0xc, @void}, 0x10)
bpf$ITER_CREATE(0x21, &(0x7f0000000100)={r6}, 0x8)
r7 = accept4(r4, 0x0, 0x0, 0x800)
sendmmsg$alg(r7, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3", 0x8}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
write$nci(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="400404"], 0x7)

1.867380744s ago: executing program 1 (id=14723):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB="1400000016000107000000000000000002"], 0xec0}, 0x1, 0x0, 0x0, 0xc4}, 0x854)

1.433548815s ago: executing program 1 (id=14724):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000000)={&(0x7f0000003fc0)={0x2, 0x4e21, @local}, 0x10, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="4c000000000000000000000007000000861effffffff"], 0x50}, 0x40)

1.363468102s ago: executing program 0 (id=14725):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000180)={r0, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f00000002c0)='./cgroup/cgroup.procs\x00', &(0x7f0000000300)=[0x0], 0x0, 0x0, 0x1}}, 0x40)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
r2 = socket$phonet_pipe(0x23, 0x5, 0x2)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x11, r2, 0x3fcb7000)

1.299713636s ago: executing program 3 (id=14726):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c00000015000100000000ec001fb6330f70000008000100", @ANYRESHEX], 0x1c}, 0x1, 0x0, 0x0, 0x48081}, 0x0) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0) (async, rerun: 32)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r3=>0x0}) (rerun: 32)
sendmsg$NL80211_CMD_GET_MPATH(r1, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)={0x70, r2, 0x8, 0x70bd2a, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x4, 0x52}}}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @broadcast}, @NL80211_ATTR_MAC={0xa}]}, 0x70}, 0x1, 0x0, 0x0, 0x10}, 0x4000814) (async)
r4 = socket$nl_route(0x10, 0x3, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000200)={'vxcan1\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="240000001800010000000000000000001d01000008000a00", @ANYRES32=r5, @ANYBLOB='\b\x00T\x00', @ANYRES32=r5, @ANYBLOB], 0x24}}, 0x0)

1.219107952s ago: executing program 0 (id=14727):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000001000000000000000000ddff970001001000000095"], &(0x7f0000000000)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
r0 = socket$inet_icmp(0x2, 0x2, 0x1) (async)
r1 = socket$alg(0x26, 0x5, 0x0) (async)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000060a09040000000000000000020000000900020073797a32000000000900010073797a300000000070000000080a01010000000000000000020000000900010073797a30000000000900020073797a32000000002c00058008000140000000000800024000000000080001400000000608000140000000f9080001400000005c080009"], 0xc4}}, 0x0) (async)
bind$alg(r1, &(0x7f0000000540)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha384)\x00'}, 0x58) (async)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0)
r3 = accept4(r1, 0x0, 0x0, 0x800)
write$nbd(r3, &(0x7f0000000400)=ANY=[], 0xb4) (async)
getsockopt$inet_mreqn(r0, 0x0, 0x62, 0x0, &(0x7f0000000780)) (async)
pipe(&(0x7f0000000140)={<r4=>0xffffffffffffffff})
sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(r4, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x5c, 0x0, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x1}}, {@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x3}}]}, 0x5c}}, 0x40005)

1.198902065s ago: executing program 1 (id=14728):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000000b00010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={{0x14, 0x10, 0x1, 0x0, 0xffffffff}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @flow_offload={{0x11}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}}}, {0x14, 0x1, 0x0, 0x1, @limit={{0xa}, @val={0x4}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x94}, 0x1, 0x0, 0x0, 0x6000094}, 0x80)

1.196053676s ago: executing program 2 (id=14729):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)={0x28, 0x37, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @uid}, @nested={0xf, 0x1, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @u32=0xfffffffe}, @generic='c$9']}]}, 0x28}], 0x1}, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))

1.180234007s ago: executing program 4 (id=14730):
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r2, &(0x7f0000000100)={0x0, 0x33, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="010000000700000000003900000008000300", @ANYRES8=r1, @ANYBLOB="db00", @ANYRES32=r4, @ANYRESDEC=r3], 0x40}}, 0x0)

1.054793664s ago: executing program 3 (id=14731):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, &(0x7f0000000040)=""/247, 0x26, 0xf7, 0x1}, 0x20)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000280)='GPL\x00', 0x5, 0xe2, &(0x7f00000002c0)=""/226, 0x0, 0x0, '\x00', 0x0, 0x25, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x2}, 0x80)
ioctl$XFS_IOC_PATH_TO_FSHANDLE(r2, 0xc0385868, &(0x7f0000000600)={<r3=>r0, &(0x7f0000000400)='flow_offload\x00', 0x40040, &(0x7f0000000440)={@align=0x3, {0x9, 0x4, 0x3, 0x4}}, 0xff, &(0x7f0000000480)={@_ha_fsid}, &(0x7f00000005c0)=0x2})
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=r3, @ANYBLOB='\b\x00'/20, @ANYRES32=0x0, @ANYRES32=r1, @ANYBLOB="0100"/28], 0x50)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @flow_offload={{0x11}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}, 0x1, 0x0, 0x0, 0x2000094}, 0x4000800)
r4 = socket$unix(0x1, 0x1, 0x0)
getsockname(0xffffffffffffffff, &(0x7f0000000d00)=@xdp, &(0x7f0000000c80)=0x80)
socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8b05, &(0x7f0000000880)={'wlan0\x00'})

1.043323495s ago: executing program 2 (id=14732):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=@newtaction={0x68, 0x30, 0x1, 0x0, 0x0, {}, [{0x54, 0x1, [@m_ife={0x50, 0x1, 0x0, 0x0, {{0x8}, {0x28, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}, @TCA_IFE_METALST={0x8, 0x6, [@IFE_META_PRIO={0x4, 0x2, @void}]}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x68}, 0x1, 0xef}, 0x0)

948.319644ms ago: executing program 0 (id=14733):
r0 = accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040)=0xe, 0xc00)
setsockopt$bt_BT_CHANNEL_POLICY(r0, 0x112, 0xa, &(0x7f0000000080)=0x5, 0x4)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_OPTIONS(r1, 0x11, 0x1, &(0x7f00000000c0)=""/1, &(0x7f0000000100)=0x1)
ioctl$F2FS_IOC_SET_COMPRESS_OPTION(r0, 0x4002f516, &(0x7f0000000140)={0xfa})
bind$bt_l2cap(r0, &(0x7f0000000180)={0x1f, 0x5, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x7fff}, 0xe)
syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
r2 = socket$qrtr(0x2a, 0x2, 0x0)
ioctl$sock_qrtr_TIOCINQ(r2, 0x541b, &(0x7f00000001c0))
r3 = accept4$rose(0xffffffffffffffff, &(0x7f0000000200)=@full={0xb, @dev, @netrom, 0x0, [@default, @null, @default, @remote, @remote, @default]}, &(0x7f0000000240)=0x40, 0x80000)
ioctl$sock_rose_SIOCDELRT(r3, 0x890c, &(0x7f0000000280)={@dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x3, @bcast, @netrom={'nr', 0x0}, 0x7, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bcast, @default]})
shutdown(r3, 0x1)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_mtu(r4, 0x0, 0xa, &(0x7f0000000300), 0x4)
ioctl$XFS_IOC_FSGETXATTRA(0xffffffffffffffff, 0x801c582d, &(0x7f0000000340))
getsockopt$rose(r3, 0x104, 0x4, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$F2FS_IOC_SET_PIN_FILE(r2, 0x4004f50d, &(0x7f0000000400)=0x1)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000440)={<r6=>0x0, 0xc, 0xe7}, &(0x7f0000000480)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000500)={r6, 0x2c, &(0x7f00000004c0)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x3c}}, @in6={0xa, 0x4e23, 0x100, @remote, 0x8}]}, &(0x7f0000000540)=0x10)
bind$qrtr(r2, &(0x7f0000000580)={0x2a, 0xffffffffffffffff, 0x4001}, 0xc)
r7 = accept4(r3, &(0x7f00000005c0)=@in6={0xa, 0x0, 0x0, @private2}, &(0x7f0000000640)=0x80, 0x40000)
sendmsg$NFULNL_MSG_CONFIG(r7, &(0x7f0000000740)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x40, 0x1, 0x4, 0x5, 0x0, 0x0, {0x1, 0x0, 0x8}, [@NFULA_CFG_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x6}, @NFULA_CFG_MODE={0xa, 0x2, {0x40}}, @NFULA_CFG_NLBUFSIZ={0x8, 0x3, 0x1, 0x0, 0xff}, @NFULA_CFG_FLAGS={0x6, 0x6, 0x1, 0x0, 0x5}, @NFULA_CFG_NLBUFSIZ={0x8, 0x3, 0x1, 0x0, 0x3cb}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000)
sendmsg$IPCTNL_MSG_EXP_GET_STATS_CPU(r2, &(0x7f0000000840)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000800)={&(0x7f00000007c0)={0x14, 0x3, 0x2, 0x301, 0x0, 0x0, {0x1, 0x0, 0x7}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x804)
ioctl(r5, 0x80000000, &(0x7f0000000880)="9f198f4b81d8c5a3b19eb6dfab48567b6441d78bfb4a0bf228735982b20598fcb8c62876b27676973b02c177bc437069fbbc6ee875df21fe788b6a74bfc31f1c513509e0f725e6c6a9d0ffeb3b274674fa1eb005f479cdce07282095a01b7814cee2b917bd4d77a8076e8eee2c2eaab7efcc7827ce91e2219433836560d1ef093ae5c0bb4b428b32da47ee0d37c2f62a5f213c7c027ebbaadbfbd8426a80966912b6cbd1753d63435c03d53fa84046a897b148521b5985c81250cfe96e56d06472a7f2cf82b81aa351ea7c6c58a59f4d8bf1bb834671f1ed85e1fcdff344d54bad09d57645246d43419e95b4ed37f05a46c33e4b51da23245889242a27de91abf60ae5d1a4715c87f0fc00aa59288850bc512be15380ced1366e84d7e07ce93bf3df40de49b7746d98bc2d50a213088a4dad8d70b40222eba4e38e0b0c3b6558ed7d03a86c5fcc62b31ca18d939f65c6486573ee20318d1825843974adaea9196d6aae06eb7f48f809e73c9e8e852419fb625f7125b65de5f0aab3edea26862a726471697a95315d30f1f1debab4e5bfa66310b76fd306a384a21f17dea534d7a7ee7f5fa0ea9b7afd36948cc6de483b39b9bf207c50512f44f7cdff7322ab9ec995f26e5153ab4802ffeec0599c6caf09a992c266ab152b63a63e0e5d190a71d7c95c874ef60c915828e956f0c9e0fcf6c31c38fe081c7a27be7e98b27e63e256e392a82e936abe817adb1285314d0382ac7c19e18e584fa19f397f7fd2250a7c844b653466abbfcadbc8dfc1434d6e625ad1df3d379054ed125b6e9e599d09a5f99cd7a7dd0079420029075abb9bdcd5fba7f7d0eb66a2b66447a6ae828405e0d7b0f5c6e5d53fb6db64e4bd03290e5a44f5aa50f772716c6369efa42681dddf23d912e89c4d98e8b2216f315a9082e7e14de6499c94aae99b66b0a1dad137f5b04307dd5599af73838e5a3e241a2ff557f373d96db9a3a21dcc35a73ff2161ef3d17c6ef3f8599dd3e5f92e1dda9a6a42bcc0003474407c86644e9249a6a695ca64dd04f1ddf07351b376d15343699214465f0509a0e88c316a54d78632f3b3c2949176624b797efcfd26d9f826fa939f36ae02b35c7c0f51634a695595bfaa747cffd2fc31a9391d0c91241e20b1fb380791d7265331a0c7babc24978ffb7838d11603aa7bd2f383c649a58fb4e3cde344edb2ca025803662a50e5ec6692e6bacd4b682c72579fb70fa0ce37d341560bb9037594b60cad3ab34561a63f1ded9b233e62c5640a2d99b40c02acb1ce8a6d948e140a87f27c76bd2dab96b37e00ea8aba4615ff48c78a29f94f07a0199c699f64396b6dbe34adf83c08e73e8799a45ddff32166c38adfbc5abacc59ed797e64f732cbd9e90350c0cf20b4484dffdbab37563291a5316d641e0378084d0aa582d4b10b9562939268911b052beb571273e64aa1849d1f21be31321fc26bad72e211e1c79190704bfc71498596f08f850e8701aefc5f7bfd11bde6d6059f693d37e2aae727944f782b69aa2f90f77b58c05687e3b7ac5a8a1eaa85059486be9471cf1e1f25a290711c78c708710bc75f8c72811d8984d2de79b08132efe93f62d4afd9c17b14f7d8368f72f4414fc5a171ed6a215481e776197588af15a278bf7a6176f219521c88085366a0b656c727453b6c1484caf3a57d17e94673887aa7e15aa5acb8b5ad0e31d77cd40c80f14d5e65490eab249a9992b54032f599cc8f4faed66693d227f3cf60813ca9391153904c948064c19b24c0f229b0362f2f4cc2f4d3ebdd7a40981d05f8d4affefe4ead5f294abb08e621eda7b6363520434b864d54044426bbeb5765712535e15e7eee5005da202e6355452a8f241f01324c460fbb76ee78e5e04ca4068c7d9a69cd1b3cd488d79be602eefcbdee98230bc1b8c56027cc44ddc4def531b8f847485325e7326a99a39e8d98f671ed0304aafd0d8f26de9998d53628e20517f29a5ebb61a6ab0b6ab53103695bae93a63d87cd334813bd53f449a1323e0d18aa8edb49d57e0cf1c40cd6e3d2ade21a84833a0c15f7066e6d88301ef5620450d9594347f24a871803576cbcaf000e5015628caa51d4fa001a585e4ddef35c804fe334efceb1733b70c06cdb00d20d320b34a6a6e1a5571b73e03858526b89dd2e3719b907090ad334a4056a926d0c99ed4c679db2e6cb9708efb6de5ef58ff4bdcfc5a12b796ebac7ce0678461232ca13af60c376211cdec4247e242565dfd7711fddde839c424d1b20e64aff4f1c0fda8740eca1cc4769ea6a2e4f940a02e8daf0357fa80267e4c5eb659bf61114f424a6b92a6407aec3fb09ef9bffe27b08dd938ab9840e3e223d1596e7f40eb80bb75bd7959e0c8ed39fb92d5d6c148a3e8a21964723ba2ccb6aad7e674cb843a19e69224c19f49e3193547ef25b99b653254be2c77e961490f24066aace7695f33918bc17f7cc0b032cfa2fa34b21f4509fdb04fe98bbf64e8202cf78c367a27222c8a2af5144a38c8d8d49742e6672c389d25bebe24dbadce66685b5703bb2fc65a8defa14acb5c288e1b336410f411819de99c602fbf576bba38948949e28858d895f144f02df028ceec2d6d8c84edb032402f1100aa280a05f483e164f161606a16c9fd257881fc85cb9034ff723cb0dd8d5ee4ccb160372d08c1bf64a4038091d3bbbccfd06ab0b80d7bd0167374ad58324a87b6ae2cff25e5f34c68e069b0910dfd0c840852c9b22f5e28bfb9b35a52029f3d27394666f86bc1c592903236196e34e0d84e1f80f47725d5d7e703ce8e7bd48334b5f37d532e217e9cd87ba58d049f056a475ae29c8778e8dd48e888d97d41dbda3d775b85efe99fef9b49b8e27a83846ac794942cba302b6d07f4d00fd11782d5d35679963711b211181f746c3df70e3e8bc276417847b18748b8b55a8f0d0459cc4b91af59e6236505f567ba688ea9afcfc10cf1af0673bf11e7868c2792dc5c33d50c2f8cac2a8e5fb5910a9cbe39668251561d8b89baa9f2c444d205b73a9dd2abcc4cdc64b715c911017757587d517631ff228aeeb10863ffe08cebf67353bb7ce7911f91ed034314afa36479aca9748a6f47183849aa56678bae6ee636d0b8da14d826cf431a70a76bde60dcbbf1adc7ed19dd650265c12dd1397168c517468a7e475e3686f717294e2a111224fe20f5b40c4cee1fa64d5654de38aceff94c7b2c3bfaf6b9d45df45e4652d72294c76772ee6bb6aad89383fbc246fccf27377e3f7c133f0bafa711eb623492b6dcb8ec9bc1856ccb4d765a743288b5d07f779ae67cbc152f2ae68c5a311c0e79d509ff1b44998ea842ba0ff3180a421a5904a7e129f92b4cfde6341400b71ca726950cade0b6df9291ba9842c6b95ad3150450b7ce78e29d75c9c92ed2b1a701f5ea0b29d7804085bb275abeeb13b7783ca8e1fc27c714389390bcd8767e30f69153d44bd3be7d1e61f0f356ffc2758a46c18e9063daf99d4b0bc6d192686c1baf52b55fd0686bcec5573184e92d55997d61d4f4e5eb8cc9b67941bfb4f53e38958207328bb33e5d0a6bc481707498d8c31b101b99ff9947000ffdf752db4530e84c162d4b9a23b66397b84660e58ffe5beb2e6feeb021494b1ac9ad6a0737d50d46b872b691f906e2a365a05746b7d77cd0364fb9e303f9a3c91be788c18e1017ca6a277de594e268036f55d772f7e8a75c6584fb2e397e439c62f26dab8ebcd1eda8d4ab6a149844f2b643e51849e27a7d1ea2e4f268e0aab12ef480bdc7896ed78aa220062a79e62e7f23addfc600ce418baa83bda3b58ba08f151779bd5747fdb5e39b3e3ad34a8b1748f0195a9d2a666003d88fe90b7e1781fde3ae0bec0ca827ac2bed85a3901f5098d75992f9fe4b2f023c451f7197d658b8dc319aa70faf51078fd49c952da669ce9bab6891f4127998521da031901f1b67e5fa21425d4d8a6723c24933ad779b9c56490225e9c250ee441aed4e371af386b73d91819c23c8383d43b2971a78ebf31ec2dc5f2b87b50fd0ed28f02e0bf19fc1796bb5f86284329ca802aa36fa1dfa1025a1776c92e6a61274af79405c51a5b8ae959ca01ecf53e0a1d91201c78835396a6ab5e4501d14f7da65b43f66de287887df26ab6718d02841cdb666f525618d369e3700f9cdf75e453555506288a03fac59ab0acd6cd0441265e67f9b93972f6994066befeedfdcb67b38b98e9f17f00cb07122271440baa8128ab6066a58b74e7120e06d6fe6150e8afb6d593e235a8e5b88e3f964f6827cdada98e28543cc83b9d75ff19b88ce940d3025da7ed04ccca209e5d86e5d56df3c022293660b3a6b747803ebedee322d6f944f64493df4c254a1789f123146bfe9b295789fdcb40cc71ef36118be13ca1d79105c28a0f84d0b61d122ca30c30f4a236be29d72146a522ed1188e2e3225ef12ba24f160c5555699c382c03230362b030108a2c28b48acf177ce7ebe0411fb242ccb64f24c713f77fcacd2d3b6f0e15867a507356f305f4bf6d1b6d2c33c3b617f82ecae231b56b6016b113becf327ad58bfc850233784f0f7704257fe7d80a972d29e0142ae1675f404c49a39e14eb02b7fc2843049ff3afe30c9f9431398cd3be50aeb167ec7eff86b1f9ffc4f786129dc7cec03108f19da7f93f8b42622567b1807accd79eaf1c505d536b7096757bb3d136ef99759cc7055dc46dd3fdaaa29b49159a9364781103b8809dbb7d10fa39ffd208797bc42eca7a15e7666217198fe217c1e4ea3d6ce54689882a06f4b1f7a2ac45c50eeff845abb1c4e6330da32775a736c35acaf7c5b7fb1f08b698c8a55c147a9d78b405c1471145d2d74622e049f69f02cda39153006bbf1c6b9059d08ce83c518c06b0fa1aca3b0dfe10f645934c8becaf657be7b14437ac5e6726b8d8cfcd3d492b348f80133b08c7c7809ba55710ec8d4351fc6c43309d78f82610b17c76bbd640ac61129cc74afa58e2709984b1c0f609a920700f24b00da0fc251468811b4b5c8d9c6627dd53194c8d3a28cbc985cbb99d7374fd80b1a1ca1f21ebf2716618056e1b3d5b1ed323210d65a55137bba088be384a686feefba80b0841d48982a6737ee8021ad1856a33e68e1c357aee320a03c51ae23cb4140ba642e41fe0fc815f3d869dd373c9fe095159e5a6790fe6ad4c7f2a811eb7a75536da87284ded0ada08b5a39a1ef501fa8f0d383c61a0e88f3ef7e45c7c436d019dacde14376c74bcdaa3dee1a860f3fc961b5b9b6d0c08aa18dc9e26fa2faf35cf1f1cb492300e9c7603c99567959e890a75cfe52523a6e5646092a4179db9f8d70bc7ce0c9abba4c039e74d844f4fbac5dd5fd5448ab2550a798e4d0bd56080d232e3f078b7b4b577c58d9d42e86725982af0f7993686ab733fb024f610cdefd889c02aff42d5db30a299f4e558bb38f74801ff1d52cd7745bb64e1fa33bf25d90a8ee856d6ae4f6bcbd8de9aa87bce675cb7f23b7600a6f92fe101dec90c7dd1ad5cdc6683e0cfb1fd05a6259fda7bbd26bcb1f77eab9eb09ad90943093e79bc2390d43fefabadb2aa4397541c6249f17ff021bcb2651cddc03541559b06fc348fdf41b5dd65175ab80cccc3de5b869080c39ff922aae0a1212d670cae54a5f338c7a0617bfc00efc48e620d2e3d535c45c75378ecfb06622dffe89d1d2e662e668a4a829dd7aca6ab71d877eee3dbd8200167d0d93d4df8c0a4a669efdfa98b51c69b26d09063502444ca5b0ae656c5667e6edc271c309d2909c449a0508dde71f9bd34e2")
r8 = accept4$inet(r7, 0x0, &(0x7f0000001880), 0x80800)
getsockopt$inet_mreqsrc(r8, 0x0, 0x25, &(0x7f00000018c0)={@private, @rand_addr, @broadcast}, &(0x7f0000001900)=0xc)
socket$inet(0x2, 0x0, 0x2)
accept(r2, &(0x7f0000001940)=@can, &(0x7f00000019c0)=0x80)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r7, 0x84, 0xf, &(0x7f0000001a00)={r6, @in6={{0xa, 0x4e24, 0x93, @private1={0xfc, 0x1, '\x00', 0x1}}}, 0x6, 0xab3, 0x7, 0x461, 0x3}, &(0x7f0000001ac0)=0x98)

921.163675ms ago: executing program 1 (id=14734):
r0 = socket$kcm(0xa, 0x2, 0x3a)
sendmsg$kcm(r0, &(0x7f0000000440)={&(0x7f0000000000)=@pppoe={0x18, 0x0, {0x0, @remote, 'macvlan1\x00'}}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000780)="80005b020eaa4da2", 0x8}], 0x1, 0x0, 0x0, 0x900}, 0x0) (async)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000005c0), 0xffffffffffffffff) (async)
r3 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000080), r1)
sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x3c, r3, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'ip6gretap0\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @mcast1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000810}, 0x404c041)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000040), r4)
sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="410000000000000001000603000014000300060afc04090300f006e8ffff00000001080007003a3a0909140002"], 0x44}, 0x1, 0x1000000}, 0x0) (async)
sendmsg$NLBL_UNLABEL_C_STATICLISTDEF(r1, &(0x7f0000000400)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x78, r5, 0x200, 0x70bd2b, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @local}, @NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @remote}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @empty}, @NLBL_UNLABEL_A_SECCTX={0x2e, 0x7, 'system_u:object_r:audisp_remote_exec_t:s0\x00'}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}]}, 0x78}, 0x1, 0x0, 0x0, 0x24004000}, 0x4000080) (async)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000280)={'wpan1\x00', <r6=>0x0})
sendmsg$NL802154_CMD_SET_CHANNEL(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000002c0)={0x2c, r2, 0xa11, 0x70bd28, 0x25dfdbfe, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r6}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x1}, @NL802154_ATTR_PAGE={0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8040}, 0x48814) (async)
r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="180100003500010000000000fcdbdf250701f2800c0018000bac0f0000000000140001000000000000000000ff7f00000150fb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126236cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe0900fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be08004500ac1414bb0000000000e500000000da96808eadaaae4e2f1ed7d58e6ebfbbca5151"], 0x118}], 0x1, 0x0, 0x0, 0x1}, 0x0)

920.206312ms ago: executing program 3 (id=14735):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r3=>0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd7000fcdbdf250200000008000100", @ANYRES32=r3], 0x1c}}, 0x840)
syz_emit_ethernet(0x5a, &(0x7f0000000180)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0xe, 0x4, 0x0, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x6, 0x0, @private=0xa010102, @local, {[@generic={0x7, 0xf, "0476bc4b4c9e3e260cbfad9904"}, @timestamp_addr={0x44, 0x14, 0xb, 0x1, 0x0, [{@multicast1}, {@multicast1}]}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0)
sendmsg$IPSET_CMD_FLUSH(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x4)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0000000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000001007d60b7030000010000006a0a00fe00000000850000000d000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000000000639100000000000000000000ff7f0000292f17cee19d0001000000000000000000cb04fcbb0ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fb484510bef2e4852f5c2fe6faaf75e5cc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5d053bdec75dca3772be2c9d2d29db3d36dd015c7bd3f15aa6aadbeab2a01685108e61aa000000000000000000000000008b798b4f7458d1863cc67d4c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f1c6edc76609073909826151e2b42bf0ed0c8cef3ba2a730a00c87c493db845b10e9468bda6f82881eb8c9cfa72b08eecc972a3fd2c46f3c1cde71a19d1a2982492abaa96665372831210e00d2bfea3bf97ff8836d000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000100), 0x237}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r5, 0x1f00, 0xf, 0x2f, &(0x7f00000007c0)="9f44948721919580684010a49e66", 0x0, 0x7ff, 0x0, 0xb1, 0xfffffd85, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39"}, 0x23)
r6 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000180)={r5, 0x0, 0x30, 0xc, @void}, 0x10)
bpf$ITER_CREATE(0x21, &(0x7f0000000100)={r6}, 0x8)
r7 = accept4(r4, 0x0, 0x0, 0x800)
sendmmsg$alg(r7, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3", 0x8}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
write$nci(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="400404"], 0x7)

831.007865ms ago: executing program 4 (id=14736):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_int(r1, 0x29, 0x1a, &(0x7f0000000100)=0x8001, 0x4)
bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e22, 0xffff, @loopback, 0x9}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000000480)=[{{&(0x7f0000000040)={0xa, 0x4e23, 0xb, @loopback, 0x1}, 0x1c, &(0x7f0000000380)=[{&(0x7f0000000140)='2', 0x1}], 0x1}}], 0x1, 0x8000)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4e23, 0x100002, @ipv4={'\x00', '\xff\xff', @empty}, 0x1e}, 0x1c)
sendmmsg$inet6(r2, &(0x7f0000000680)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0xab, @loopback, 0x8}, 0x1c, &(0x7f0000000780)=[{&(0x7f0000000900)='2', 0x1}], 0x1}}], 0x1, 0x20000014)
r3 = socket$netlink(0x10, 0x3, 0x4)
writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560a84476080ffe00600000001590000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073f97a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000000c08000640ffffff000800034000000008400000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000001400038010000080c0989b4d78080003400000000004000180140000001000010000000000000000"], 0xd4}}, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r6=>0x0})
r7 = socket$inet6(0xa, 0x3, 0x84)
setsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f0000000280)={{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@empty, 0x0, 0x59, 0x4e23, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x100000002, 0xfffffffffffffff6, 0x2000000, 0x6, 0x8}, {0x7, 0x0, 0x4}, 0x932, 0x0, 0x1, 0x0, 0x3}, {{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x4d4, 0x6c}, 0xa, @in=@empty, 0x2, 0x4, 0x0, 0x0, 0xfffffffc, 0x8, 0x4}}, 0xe8)
connect$inet6(r7, &(0x7f0000000000)={0xa, 0x4e23, 0x8, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="050000000000200000000600000008000300", @ANYRES32=r6, @ANYBLOB="0800050004030000"], 0x24}}, 0x48000)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="05002ebd7000000000000800000008000300", @ANYRESDEC=0x0], 0x2c}, 0x1, 0x0, 0x0, 0x10804}, 0x24000801)
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r8, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(r7, 0x6612)
connect$inet6(r8, &(0x7f0000000080)={0xa, 0x4e21, 0x49a, @loopback, 0x3}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xa, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x19}, 0x94)
syz_emit_ethernet(0x46, &(0x7f0000000240)=ANY=[@ANYBLOB="0180c2000000bbbbbbbbbbbb86dd6000000000101100fe8000000000000000000000000000aaff02000000000000000000000000000140000e2200109078c240000100000500"], 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="3000000020000103000000000000001e02000000000000001c80000014001100536f6e643000"/48], 0x30}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000850)
sendmsg$NL80211_CMD_REGISTER_BEACONS(r9, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)=ANY=[], 0x28}, 0x1, 0x0, 0x0, 0x4008004}, 0x8000)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$unix(0x1, 0x5, 0x0)

771.573234ms ago: executing program 2 (id=14737):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000180)={r0, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f00000002c0)='./cgroup/cgroup.procs\x00', &(0x7f0000000300)=[0x0], 0x0, 0x0, 0x1}}, 0x40)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
r2 = socket$phonet_pipe(0x23, 0x5, 0x2)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x11, r2, 0x3fcb7000)

628.749703ms ago: executing program 2 (id=14738):
socket(0x10, 0x80002, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r0 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000380)={'syzkaller0\x00'})
close(0xffffffffffffffff)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, 0x0, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, r2, {0x0, 0xd}, {0xffff, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x14, 0x2, [@TCA_FQ_CODEL_CE_THRESHOLD={0x8, 0x7, 0xfffffff9}, @TCA_FQ_CODEL_CE_THRESHOLD_MASK={0x5, 0xb, 0x11}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4890)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000100)=0x4207, 0x4)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'syzkaller0\x00', <r4=>0x0})
sendto$packet(r3, &(0x7f00000002c0)="05031411d3fc220000004788031c09102c28", 0xfdef, 0x4, &(0x7f0000000140)={0x11, 0x86dd, r4, 0x1, 0x0, 0x6, @multicast}, 0x14)

551.678921ms ago: executing program 1 (id=14739):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000003c0), 0xffffffffffffffff)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r2, &(0x7f0000000440), 0x10)
listen(r2, 0x0)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_tcp(0xa, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0)
accept4$vsock_stream(r2, &(0x7f0000000880)={0x28, 0x0, 0x2711}, 0x10, 0x80000)
shutdown(r3, 0x1)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan0\x00', <r4=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000000c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100fdffffff000000001e00000008000300", @ANYRES32=r4, @ANYBLOB="40002f800c0002"], 0x5c}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r5)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r7=>0x0})
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000180)={0x1c, r6, 0x303, 0x4000, 0x25dfdbfb, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4c0c0}, 0x4000)

480.121647ms ago: executing program 0 (id=14740):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newqdisc={0x5c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x9, 0x1}, {0x4}, {0xe, 0xd}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x401}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x2, 0x0, 0x8, 0x1}}, {0x6, 0x1b, [0x0]}}]}, @TCA_INGRESS_BLOCK={0x8}]}, 0x5c}, 0x1, 0x0, 0x0, 0x90}, 0x4000c00)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x24000084)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
r8 = socket$netlink(0x10, 0x3, 0x0)
r9 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000140)=@newqdisc={0x30, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r10, {0x4}, {0xffff, 0xffff}, {0xffff, 0x6}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x4005c}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000640)=@newqdisc={0x3c, 0x28, 0x4ee4e6a52ff56541, 0x5001, 0xfffffdfb, {0x0, 0x0, 0x0, r7, {0x4}, {0xffff, 0xffff}, {0x0, 0x1}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x2, [@TCA_FQ_PIE_FLOWS={0x8, 0x2, 0xcebc}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x400dc}, 0x4000080)

231.422794ms ago: executing program 2 (id=14741):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000000)=@newtaction={0x70, 0x30, 0xb, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_skbedit={0x58, 0x1, 0x0, 0x0, {{0xc}, {0x48, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_MARK={0x8, 0x3}, @TCA_SKBEDIT_PTYPE={0x6, 0x4}, @TCA_SKBEDIT_PARMS={0x18}]}, {0x4}, {0xc, 0xa, {0xe4ffffff}}, {0xc, 0x9, {0xf5}}}}]}]}, 0x70}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b70000008100003bbfa30000000000000703000003feffff720af0fff8ffffff71a4f0ff0000000071105400000000001d400500000000004704000001ed00000f030000000000006f440000000000006b0a00fe000000007303000000000000b500feff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050cdcfc92f5daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646c0200000000000000020000e35208b0bb0d2cd829e654400e2438ec649dc76128610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda82fc9c4d7ecc7a803bf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714f62ba7a54f0c33d39000d0bfed3a6a59ff616236fd8f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06fa2e04cfe0649226c697d9e8eaade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00023ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf9bf04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff4e2c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88f15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40fc5d2f55ff07c53147de202ce517b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661061173f359e9052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff26b61aac8aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e26534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336dfaa6d5d164301190bc2d4c04087729033342045804a28082abc3b4762302a271722fb515f31e0dd115a292f1e68481a62cd15ea5460a29c60b1058fb7aa9bf4ee3cbe11b03711a15d730646b72d074dab1e8c429339f3460d324c17a4a8bfc7d7eab45bef00664d6dc8230000065937f36f6490eb033b1ce0d4922701cb42aa86ee11cd5950b58ebffffae2aba1a21410e6cb3835bc2c19c9dacbb5f836d1c0de069c20c55fa567859aca8be3afdc3a14779e9181a382831580eac154d314974d209c00896548b04f80d68da1c7ecdfea1e05d0f442b81c4f2a38ae1f43688aff1d3eb14112da5d5289bedeeff7093a12faf47f55bd7ffc82893600042e761ec18de4cd287e176befc4af4063e5f091f8a50cbf02ad70682c0131d616ff6d999fc6fba6e9d4a3fc4e6430aca493d38db18ef4b2d46a22c1dc14910a49126684e453d30ea51dc537a0c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48)

120.969176ms ago: executing program 0 (id=14742):
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_VID_CMD(r0, 0x8982, &(0x7f0000000000))
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=@ipv4_newrule={0x1c, 0x21, 0x1, 0x0, 0x0, {0x2, 0x0, 0x14}}, 0x1c}}, 0x0)

73.738887ms ago: executing program 3 (id=14743):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f00000002c0)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x24004855}, 0x20000000)

0s ago: executing program 2 (id=14744):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000000b00010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0xa00}}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @flow_offload={{0x11}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}}}, {0x14, 0x1, 0x0, 0x1, @limit={{0xa}, @val={0x4}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x94}, 0x1, 0x0, 0x0, 0x6000094}, 0x80)

kernel console output (not intermixed with test programs):

pfx___kernfs_new_node+0x10/0x10
[ 1193.798035][T11169]  ? kernfs_root+0x1c/0x230
[ 1193.798069][T11169]  ? kernfs_root+0x1c/0x230
[ 1193.798097][T11169]  ? kernfs_root+0x1c/0x230
[ 1193.798130][T11169]  kernfs_new_node+0x102/0x210
[ 1193.798166][T11169]  kernfs_create_link+0xa7/0x200
[ 1193.798193][T11169]  sysfs_do_create_link_sd+0x83/0x110
[ 1193.798224][T11169]  device_add_class_symlinks+0xb6/0x240
[ 1193.798255][T11169]  device_add+0x475/0xb70
[ 1193.798283][T11169]  tty_register_device_attr+0x422/0x950
[ 1193.798306][T11169]  ? rfcomm_dev_ioctl+0x1675/0x21d0
[ 1193.798338][T11169]  ? __pfx___mutex_lock+0x10/0x10
[ 1193.798367][T11169]  ? __pfx_tty_register_device_attr+0x10/0x10
[ 1193.798401][T11169]  ? tty_port_register_device+0x5a/0x100
[ 1193.798427][T11169]  rfcomm_dev_ioctl+0x1b73/0x21d0
[ 1193.798462][T11169]  ? kasan_quarantine_put+0xbb/0x1f0
[ 1193.798490][T11169]  ? __pfx_rfcomm_dev_ioctl+0x10/0x10
[ 1193.798524][T11169]  ? tomoyo_path_number_perm+0x219/0x630
[ 1193.798552][T11169]  ? tomoyo_path_number_perm+0x219/0x630
[ 1193.798587][T11169]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1193.798617][T11169]  sock_do_ioctl+0x101/0x320
[ 1193.798646][T11169]  ? __pfx_sock_do_ioctl+0x10/0x10
[ 1193.798667][T11169]  ? __mutex_unlock_slowpath+0x1be/0x6f0
[ 1193.798713][T11169]  sock_ioctl+0x5c6/0x7f0
[ 1193.798739][T11169]  ? __pfx_sock_ioctl+0x10/0x10
[ 1193.798762][T11169]  ? __fget_files+0x2a/0x420
[ 1193.798795][T11169]  ? __fget_files+0x3a0/0x420
[ 1193.798819][T11169]  ? __fget_files+0x2a/0x420
[ 1193.798847][T11169]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1193.798870][T11169]  ? __pfx_sock_ioctl+0x10/0x10
[ 1193.798892][T11169]  __se_sys_ioctl+0xfc/0x170
[ 1193.798910][T11169]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1193.798932][T11169]  do_syscall_64+0x15f/0xf80
[ 1193.798957][T11169]  ? trace_irq_disable+0x3b/0x140
[ 1193.798979][T11169]  ? clear_bhb_loop+0x40/0x90
[ 1193.799006][T11169]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1193.799027][T11169] RIP: 0033:0x7f67e9f9c819
[ 1193.799053][T11169] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1193.799072][T11169] RSP: 002b:00007f67eaeb6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1193.799095][T11169] RAX: ffffffffffffffda RBX: 00007f67ea215fa0 RCX: 00007f67e9f9c819
[ 1193.799111][T11169] RDX: 0000200000000100 RSI: 00000000400452c8 RDI: 0000000000000004
[ 1193.799125][T11169] RBP: 00007f67eaeb6090 R08: 0000000000000000 R09: 0000000000000000
[ 1193.799139][T11169] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1193.799151][T11169] R13: 00007f67ea216038 R14: 00007f67ea215fa0 R15: 00007ffdb8d5c408
[ 1193.799188][T11169]  </TASK>
[ 1193.817678][T11133] lo speed is unknown, defaulting to 1000
[ 1194.146095][T11176] netlink: 512 bytes leftover after parsing attributes in process `syz.3.13772'.
[ 1194.159633][T11174] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[ 1194.370773][T11187] netlink: 'syz.2.13775': attribute type 1 has an invalid length.
[ 1194.379374][T11187] netlink: 224 bytes leftover after parsing attributes in process `syz.2.13775'.
[ 1194.446191][T11191] Cannot find del_set index 4 as target
[ 1194.669393][T11198] netlink: 20 bytes leftover after parsing attributes in process `syz.2.13778'.
[ 1194.699630][T11198] tipc: Invalid UDP bearer configuration
[ 1194.699700][T11198] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[ 1194.885218][T11203] netlink: 'syz.4.13781': attribute type 3 has an invalid length.
[ 1195.014712][T11213] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13785'.
[ 1195.115806][T11214] syzkaller0: entered promiscuous mode
[ 1195.139568][T11214] syzkaller0: entered allmulticast mode
[ 1195.191633][T11221] netlink: 'syz.3.13789': attribute type 13 has an invalid length.
[ 1195.407246][T11231] netlink: 'syz.0.13791': attribute type 11 has an invalid length.
[ 1195.438470][T11231] netlink: 'syz.0.13791': attribute type 11 has an invalid length.
[ 1195.678290][T11241] syzkaller0: entered promiscuous mode
[ 1195.685770][T11241] syzkaller0: entered allmulticast mode
[ 1195.844756][T11252] tipc: Invalid UDP bearer configuration
[ 1195.844812][T11252] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[ 1195.993808][T11259] FAULT_INJECTION: forcing a failure.
[ 1195.993808][T11259] name failslab, interval 1, probability 0, space 0, times 0
[ 1196.031049][T11259] CPU: 0 UID: 0 PID: 11259 Comm: syz.1.13802 Not tainted syzkaller #0 PREEMPT(full) 
[ 1196.031080][T11259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1196.031093][T11259] Call Trace:
[ 1196.031102][T11259]  <TASK>
[ 1196.031112][T11259]  dump_stack_lvl+0xe8/0x150
[ 1196.031148][T11259]  should_fail_ex+0x412/0x560
[ 1196.031182][T11259]  should_failslab+0xa8/0x100
[ 1196.031207][T11259]  __kmalloc_node_track_caller_noprof+0xeb/0x7b0
[ 1196.031240][T11259]  ? __kernfs_new_node+0xaa/0x970
[ 1196.031274][T11259]  kstrdup+0x42/0x100
[ 1196.031305][T11259]  __kernfs_new_node+0xaa/0x970
[ 1196.031341][T11259]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1196.031370][T11259]  ? kernfs_root+0x1c/0x230
[ 1196.031404][T11259]  ? kernfs_root+0x1c/0x230
[ 1196.031430][T11259]  ? kernfs_root+0x1c/0x230
[ 1196.031462][T11259]  kernfs_new_node+0x102/0x210
[ 1196.031494][T11259]  kernfs_create_link+0xa7/0x200
[ 1196.031522][T11259]  sysfs_do_create_link_sd+0x83/0x110
[ 1196.031552][T11259]  device_add_class_symlinks+0x1cf/0x240
[ 1196.031583][T11259]  device_add+0x475/0xb70
[ 1196.031614][T11259]  tty_register_device_attr+0x422/0x950
[ 1196.031635][T11259]  ? rfcomm_dev_ioctl+0x1675/0x21d0
[ 1196.031666][T11259]  ? __pfx___mutex_lock+0x10/0x10
[ 1196.031693][T11259]  ? __pfx_tty_register_device_attr+0x10/0x10
[ 1196.031730][T11259]  ? tty_port_register_device+0x5a/0x100
[ 1196.031754][T11259]  rfcomm_dev_ioctl+0x1b73/0x21d0
[ 1196.031789][T11259]  ? kasan_quarantine_put+0xbb/0x1f0
[ 1196.031818][T11259]  ? __pfx_rfcomm_dev_ioctl+0x10/0x10
[ 1196.031851][T11259]  ? tomoyo_path_number_perm+0x219/0x630
[ 1196.031878][T11259]  ? tomoyo_path_number_perm+0x219/0x630
[ 1196.031911][T11259]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1196.031949][T11259]  sock_do_ioctl+0x101/0x320
[ 1196.031976][T11259]  ? __pfx_sock_do_ioctl+0x10/0x10
[ 1196.031996][T11259]  ? __mutex_unlock_slowpath+0x1be/0x6f0
[ 1196.032039][T11259]  sock_ioctl+0x5c6/0x7f0
[ 1196.032063][T11259]  ? __pfx_sock_ioctl+0x10/0x10
[ 1196.032084][T11259]  ? __fget_files+0x2a/0x420
[ 1196.032107][T11259]  ? __fget_files+0x3a0/0x420
[ 1196.032130][T11259]  ? __fget_files+0x2a/0x420
[ 1196.032158][T11259]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1196.032179][T11259]  ? __pfx_sock_ioctl+0x10/0x10
[ 1196.032200][T11259]  __se_sys_ioctl+0xfc/0x170
[ 1196.032218][T11259]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1196.032240][T11259]  do_syscall_64+0x15f/0xf80
[ 1196.032266][T11259]  ? clear_bhb_loop+0x40/0x90
[ 1196.032289][T11259]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1196.032309][T11259] RIP: 0033:0x7fab5979c819
[ 1196.032330][T11259] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1196.032348][T11259] RSP: 002b:00007fab5a743028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1196.032371][T11259] RAX: ffffffffffffffda RBX: 00007fab59a15fa0 RCX: 00007fab5979c819
[ 1196.032387][T11259] RDX: 0000200000000100 RSI: 00000000400452c8 RDI: 0000000000000004
[ 1196.032400][T11259] RBP: 00007fab5a743090 R08: 0000000000000000 R09: 0000000000000000
[ 1196.032413][T11259] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1196.032425][T11259] R13: 00007fab59a16038 R14: 00007fab59a15fa0 R15: 00007ffeb45b99f8
[ 1196.032459][T11259]  </TASK>
[ 1196.117094][T11267] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1196.374148][T11271] veth1_virt_wifi: Caught tx_queue_len zero misconfig
[ 1196.507676][    C1] lec0: NETDEV WATCHDOG: CPU: 1: transmit queue 0 timed out 5760 ms
[ 1196.515801][    C1] lec:lec_tx_timeout: lec0
[ 1196.643109][T11285] Cannot find add_set index 3 as target
[ 1196.706589][T11287] netlink: 'syz.0.13817': attribute type 10 has an invalid length.
[ 1197.032978][T11304] __nla_validate_parse: 6 callbacks suppressed
[ 1197.033000][T11304] netlink: 8 bytes leftover after parsing attributes in process `syz.4.13821'.
[ 1197.080416][T11308] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1197.103072][T11304] netlink: 20 bytes leftover after parsing attributes in process `syz.4.13821'.
[ 1197.248402][T11310] netlink: 8 bytes leftover after parsing attributes in process `syz.4.13821'.
[ 1197.259432][T11314] veth1_virt_wifi: Caught tx_queue_len zero misconfig
[ 1197.268297][T11310] netlink: 24 bytes leftover after parsing attributes in process `syz.4.13821'.
[ 1197.284802][T11310] netlink: 8 bytes leftover after parsing attributes in process `syz.4.13821'.
[ 1197.295789][T11310] netlink: 24 bytes leftover after parsing attributes in process `syz.4.13821'.
[ 1197.576032][T11331] netlink: 16 bytes leftover after parsing attributes in process `syz.3.13832'.
[ 1197.752369][T11339] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1197.754415][T11335] syzkaller1: entered promiscuous mode
[ 1197.794122][T11335] syzkaller1: entered allmulticast mode
[ 1197.880100][T11341] netlink: 'syz.4.13837': attribute type 1 has an invalid length.
[ 1197.962382][T11349] netlink: 'syz.2.13839': attribute type 15 has an invalid length.
[ 1198.064873][T11353] netlink: 'syz.4.13840': attribute type 21 has an invalid length.
[ 1198.079378][T11353] netlink: 156 bytes leftover after parsing attributes in process `syz.4.13840'.
[ 1198.241574][T11360] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.13842'.
[ 1198.461790][T11370] netlink: zone id is out of range
[ 1198.467163][T11370] netlink: zone id is out of range
[ 1198.473628][T11370] netlink: zone id is out of range
[ 1198.478986][T11370] netlink: zone id is out of range
[ 1198.480781][T11324] dvmrp8: entered allmulticast mode
[ 1198.484206][T11370] netlink: zone id is out of range
[ 1198.495847][T11370] netlink: zone id is out of range
[ 1198.502392][T11320] lo speed is unknown, defaulting to 1000
[ 1198.519622][T11370] netlink: zone id is out of range
[ 1198.535375][T11370] netlink: 256 bytes leftover after parsing attributes in process `syz.1.13846'.
[ 1198.877154][T11387] syzkaller1: entered promiscuous mode
[ 1198.882879][T11387] syzkaller1: entered allmulticast mode
[ 1199.542585][T11414] FAULT_INJECTION: forcing a failure.
[ 1199.542585][T11414] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1199.573735][T11414] CPU: 1 UID: 0 PID: 11414 Comm: syz.1.13864 Not tainted syzkaller #0 PREEMPT(full) 
[ 1199.573775][T11414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1199.573787][T11414] Call Trace:
[ 1199.573796][T11414]  <TASK>
[ 1199.573805][T11414]  dump_stack_lvl+0xe8/0x150
[ 1199.573841][T11414]  should_fail_ex+0x412/0x560
[ 1199.573875][T11414]  _copy_from_user+0x2d/0xb0
[ 1199.573898][T11414]  ___sys_recvmsg+0x175/0x590
[ 1199.573925][T11414]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1199.573953][T11414]  ? ktime_get_ts64+0xa9/0x410
[ 1199.574010][T11414]  do_recvmmsg+0x334/0x800
[ 1199.574039][T11414]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1199.574074][T11414]  ? _copy_from_user+0x94/0xb0
[ 1199.574112][T11414]  __x64_sys_recvmmsg+0x1b7/0x250
[ 1199.574138][T11414]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1199.574169][T11414]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1199.574191][T11414]  do_syscall_64+0x15f/0xf80
[ 1199.574217][T11414]  ? trace_irq_disable+0x3b/0x140
[ 1199.574240][T11414]  ? clear_bhb_loop+0x40/0x90
[ 1199.574266][T11414]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1199.574287][T11414] RIP: 0033:0x7fab5979c819
[ 1199.574308][T11414] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1199.574326][T11414] RSP: 002b:00007fab5a743028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1199.574350][T11414] RAX: ffffffffffffffda RBX: 00007fab59a15fa0 RCX: 00007fab5979c819
[ 1199.574367][T11414] RDX: 0400000000000ec0 RSI: 0000200000002ec0 RDI: 0000000000000003
[ 1199.574381][T11414] RBP: 00007fab5a743090 R08: 00002000000001c0 R09: 0000000000000000
[ 1199.574395][T11414] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002
[ 1199.574408][T11414] R13: 00007fab59a16038 R14: 00007fab59a15fa0 R15: 00007ffeb45b99f8
[ 1199.574444][T11414]  </TASK>
[ 1199.902625][T11420] : left allmulticast mode
[ 1199.917411][ T1156] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1199.938945][ T1156] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1199.962076][T11418] tipc: Invalid UDP bearer configuration
[ 1199.962119][T11418] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[ 1199.992642][ T1156] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1200.005700][ T1156] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1200.020632][T11427] syzkaller1: entered promiscuous mode
[ 1200.026704][T11427] syzkaller1: entered allmulticast mode
[ 1200.092159][T11436] FAULT_INJECTION: forcing a failure.
[ 1200.092159][T11436] name failslab, interval 1, probability 0, space 0, times 0
[ 1200.106030][T11436] CPU: 1 UID: 0 PID: 11436 Comm: syz.2.13870 Not tainted syzkaller #0 PREEMPT(full) 
[ 1200.106058][T11436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1200.106071][T11436] Call Trace:
[ 1200.106080][T11436]  <TASK>
[ 1200.106088][T11436]  dump_stack_lvl+0xe8/0x150
[ 1200.106123][T11436]  should_fail_ex+0x412/0x560
[ 1200.106157][T11436]  should_failslab+0xa8/0x100
[ 1200.106178][T11436]  ? __kernfs_new_node+0xea/0x970
[ 1200.106206][T11436]  kmem_cache_alloc_noprof+0x87/0x650
[ 1200.106246][T11436]  __kernfs_new_node+0xea/0x970
[ 1200.106280][T11436]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1200.106309][T11436]  ? kernfs_root+0x1c/0x230
[ 1200.106342][T11436]  ? kernfs_root+0x1c/0x230
[ 1200.106369][T11436]  ? kernfs_root+0x1c/0x230
[ 1200.106402][T11436]  kernfs_new_node+0x102/0x210
[ 1200.106435][T11436]  kernfs_create_link+0xa7/0x200
[ 1200.106462][T11436]  sysfs_do_create_link_sd+0x83/0x110
[ 1200.106492][T11436]  device_add_class_symlinks+0x1cf/0x240
[ 1200.106523][T11436]  device_add+0x475/0xb70
[ 1200.106551][T11436]  tty_register_device_attr+0x422/0x950
[ 1200.106573][T11436]  ? rfcomm_dev_ioctl+0x1675/0x21d0
[ 1200.106603][T11436]  ? __pfx___mutex_lock+0x10/0x10
[ 1200.106632][T11436]  ? __pfx_tty_register_device_attr+0x10/0x10
[ 1200.106668][T11436]  ? tty_port_register_device+0x5a/0x100
[ 1200.106695][T11436]  rfcomm_dev_ioctl+0x1b73/0x21d0
[ 1200.106732][T11436]  ? kasan_quarantine_put+0xbb/0x1f0
[ 1200.106762][T11436]  ? __pfx_rfcomm_dev_ioctl+0x10/0x10
[ 1200.106798][T11436]  ? tomoyo_path_number_perm+0x219/0x630
[ 1200.106828][T11436]  ? tomoyo_path_number_perm+0x219/0x630
[ 1200.106864][T11436]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1200.106904][T11436]  sock_do_ioctl+0x101/0x320
[ 1200.106938][T11436]  ? __pfx_sock_do_ioctl+0x10/0x10
[ 1200.106959][T11436]  ? __mutex_unlock_slowpath+0x1be/0x6f0
[ 1200.107006][T11436]  sock_ioctl+0x5c6/0x7f0
[ 1200.107033][T11436]  ? __pfx_sock_ioctl+0x10/0x10
[ 1200.107056][T11436]  ? __fget_files+0x2a/0x420
[ 1200.107082][T11436]  ? __fget_files+0x3a0/0x420
[ 1200.107106][T11436]  ? __fget_files+0x2a/0x420
[ 1200.107135][T11436]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1200.107157][T11436]  ? __pfx_sock_ioctl+0x10/0x10
[ 1200.107180][T11436]  __se_sys_ioctl+0xfc/0x170
[ 1200.107201][T11436]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1200.107224][T11436]  do_syscall_64+0x15f/0xf80
[ 1200.107249][T11436]  ? trace_irq_disable+0x3b/0x140
[ 1200.107272][T11436]  ? clear_bhb_loop+0x40/0x90
[ 1200.107299][T11436]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1200.107321][T11436] RIP: 0033:0x7f67e9f9c819
[ 1200.107342][T11436] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1200.107362][T11436] RSP: 002b:00007f67eaeb6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1200.107384][T11436] RAX: ffffffffffffffda RBX: 00007f67ea215fa0 RCX: 00007f67e9f9c819
[ 1200.107399][T11436] RDX: 0000200000000100 RSI: 00000000400452c8 RDI: 0000000000000004
[ 1200.107413][T11436] RBP: 00007f67eaeb6090 R08: 0000000000000000 R09: 0000000000000000
[ 1200.107426][T11436] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1200.107440][T11436] R13: 00007f67ea216038 R14: 00007f67ea215fa0 R15: 00007ffdb8d5c408
[ 1200.107477][T11436]  </TASK>
[ 1200.423718][T11428] tipc: Invalid UDP bearer configuration
[ 1200.423775][T11428] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[ 1201.292775][T11451] dvmrp8: entered allmulticast mode
[ 1201.515556][T11450] lo speed is unknown, defaulting to 1000
[ 1201.929628][T11460] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1202.131590][T11473] syzkaller1: entered promiscuous mode
[ 1202.159115][T11473] syzkaller1: entered allmulticast mode
[ 1202.229480][T11453] lo speed is unknown, defaulting to 1000
[ 1202.492234][T11486] net_ratelimit: 1 callbacks suppressed
[ 1202.492256][T11486] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1202.749882][   T29] audit: type=1107 audit(1776918492.713:6): pid=11495 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='|×¥1 Kþlßk¼áMc³¶ªmå"Íœµë£P0öcëß—h\^ØzÇû6Æ„x	{…Þä#bØ÷}ÒÀYwÞ�¬…:‰²ÿ±&Ÿ‹„Â×öÈêÓÔ°W™¶môtT®ARcçåcòŒBÍ£¤¯ºuÃÓëÈ<1¼L÷¬*£ê¼–bñEDùãW6o⚎²”¾û¦ß>ÇÍãE¢r0šÕ�ÑÍ8së½OŽþ»‹Ì: '
[ 1202.806530][T11503] 8021q: VLANs not supported on ip6tnl0
[ 1202.812875][T11496] 8021q: VLANs not supported on ip6tnl0
[ 1203.053153][T11515] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[ 1203.346182][T11527] netlink: 'syz.3.13899': attribute type 64 has an invalid length.
[ 1203.363207][T11524] syzkaller1: entered promiscuous mode
[ 1203.403422][T11524] syzkaller1: entered allmulticast mode
[ 1203.627427][T11537] __nla_validate_parse: 6 callbacks suppressed
[ 1203.627451][T11537] netlink: 196 bytes leftover after parsing attributes in process `syz.4.13901'.
[ 1203.660299][T11537] netlink: 196 bytes leftover after parsing attributes in process `syz.4.13901'.
[ 1203.684151][T11537] netlink: 19 bytes leftover after parsing attributes in process `syz.4.13901'.
[ 1203.747992][T11542] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13902'.
[ 1203.920634][T11547] netlink: 8 bytes leftover after parsing attributes in process `syz.4.13904'.
[ 1203.973663][T11547] netlink: 'syz.4.13904': attribute type 3 has an invalid length.
[ 1204.000092][T11547] netlink: 'syz.4.13904': attribute type 3 has an invalid length.
[ 1204.233815][T11562] netlink: 'syz.3.13907': attribute type 1 has an invalid length.
[ 1204.245427][T11561] netlink: 'syz.3.13907': attribute type 1 has an invalid length.
[ 1204.316403][T11562] workqueue: Failed to create a rescuer kthread for wq "bond16": -EINTR
[ 1204.318585][T11526] lo speed is unknown, defaulting to 1000
[ 1204.849280][T11585] FAULT_INJECTION: forcing a failure.
[ 1204.849280][T11585] name failslab, interval 1, probability 0, space 0, times 0
[ 1204.870342][T11585] CPU: 0 UID: 0 PID: 11585 Comm: syz.1.13912 Not tainted syzkaller #0 PREEMPT(full) 
[ 1204.870375][T11585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1204.870388][T11585] Call Trace:
[ 1204.870397][T11585]  <TASK>
[ 1204.870406][T11585]  dump_stack_lvl+0xe8/0x150
[ 1204.870443][T11585]  should_fail_ex+0x412/0x560
[ 1204.870478][T11585]  should_failslab+0xa8/0x100
[ 1204.870500][T11585]  ? __kernfs_new_node+0xea/0x970
[ 1204.870528][T11585]  kmem_cache_alloc_noprof+0x87/0x650
[ 1204.870572][T11585]  __kernfs_new_node+0xea/0x970
[ 1204.870606][T11585]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1204.870636][T11585]  ? kernfs_root+0x1c/0x230
[ 1204.870669][T11585]  ? kernfs_root+0x1c/0x230
[ 1204.870696][T11585]  ? kernfs_root+0x1c/0x230
[ 1204.870720][T11585]  ? kernfs_root+0x1c/0x230
[ 1204.870754][T11585]  kernfs_new_node+0x102/0x210
[ 1204.870788][T11585]  __kernfs_create_file+0x4b/0x2e0
[ 1204.870815][T11585]  sysfs_add_file_mode_ns+0x238/0x300
[ 1204.870849][T11585]  sysfs_merge_group+0x183/0x320
[ 1204.870881][T11585]  ? __pfx_sysfs_merge_group+0x10/0x10
[ 1204.870920][T11585]  ? kobject_put+0x516/0x560
[ 1204.870956][T11585]  dpm_sysfs_add+0xd2/0x270
[ 1204.870987][T11585]  device_add+0x4d8/0xb70
[ 1204.871018][T11585]  tty_register_device_attr+0x422/0x950
[ 1204.871041][T11585]  ? rfcomm_dev_ioctl+0x1675/0x21d0
[ 1204.871073][T11585]  ? __pfx___mutex_lock+0x10/0x10
[ 1204.871101][T11585]  ? __pfx_tty_register_device_attr+0x10/0x10
[ 1204.871138][T11585]  ? tty_port_register_device+0x5a/0x100
[ 1204.871164][T11585]  rfcomm_dev_ioctl+0x1b73/0x21d0
[ 1204.871200][T11585]  ? kasan_quarantine_put+0xbb/0x1f0
[ 1204.871230][T11585]  ? __pfx_rfcomm_dev_ioctl+0x10/0x10
[ 1204.871262][T11585]  ? tomoyo_path_number_perm+0x219/0x630
[ 1204.871289][T11585]  ? tomoyo_path_number_perm+0x219/0x630
[ 1204.871323][T11585]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1204.871354][T11585]  sock_do_ioctl+0x101/0x320
[ 1204.871381][T11585]  ? __pfx_sock_do_ioctl+0x10/0x10
[ 1204.871401][T11585]  ? __mutex_unlock_slowpath+0x1be/0x6f0
[ 1204.871447][T11585]  sock_ioctl+0x5c6/0x7f0
[ 1204.871472][T11585]  ? __pfx_sock_ioctl+0x10/0x10
[ 1204.871495][T11585]  ? __fget_files+0x2a/0x420
[ 1204.871519][T11585]  ? __fget_files+0x3a0/0x420
[ 1204.871542][T11585]  ? __fget_files+0x2a/0x420
[ 1204.871571][T11585]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1204.871593][T11585]  ? __pfx_sock_ioctl+0x10/0x10
[ 1204.871615][T11585]  __se_sys_ioctl+0xfc/0x170
[ 1204.871635][T11585]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1204.871656][T11585]  do_syscall_64+0x15f/0xf80
[ 1204.871681][T11585]  ? trace_irq_disable+0x3b/0x140
[ 1204.871704][T11585]  ? clear_bhb_loop+0x40/0x90
[ 1204.871731][T11585]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1204.871752][T11585] RIP: 0033:0x7fab5979c819
[ 1204.871773][T11585] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1204.871791][T11585] RSP: 002b:00007fab5a743028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1204.871814][T11585] RAX: ffffffffffffffda RBX: 00007fab59a15fa0 RCX: 00007fab5979c819
[ 1204.871829][T11585] RDX: 0000200000000100 RSI: 00000000400452c8 RDI: 0000000000000004
[ 1204.871843][T11585] RBP: 00007fab5a743090 R08: 0000000000000000 R09: 0000000000000000
[ 1204.871855][T11585] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1204.871867][T11585] R13: 00007fab59a16038 R14: 00007fab59a15fa0 R15: 00007ffeb45b99f8
[ 1204.871911][T11585]  </TASK>
[ 1205.460543][T11596] ref_tracker: memory allocation failure, unreliable refcount tracker.
[ 1205.613998][T11590] syzkaller1: entered promiscuous mode
[ 1205.629346][T11590] syzkaller1: entered allmulticast mode
[ 1206.181485][T11630] netlink: 8 bytes leftover after parsing attributes in process `syz.2.13927'.
[ 1206.341276][T11635] xt_policy: output policy not valid in PREROUTING and INPUT
[ 1206.701534][T11659] netlink: 'syz.2.13937': attribute type 10 has an invalid length.
[ 1206.782316][T11667] netlink: 'syz.2.13937': attribute type 10 has an invalid length.
[ 1206.817316][T11669] syzkaller1: entered promiscuous mode
[ 1206.823143][T11669] syzkaller1: entered allmulticast mode
[ 1207.241667][T11682] syzkaller0: entered promiscuous mode
[ 1207.256759][T11682] syzkaller0: entered allmulticast mode
[ 1207.291461][T11683] tc action pedit offset must be on 32 bit boundaries
[ 1207.300899][T11683] tc action pedit offset must be on 32 bit boundaries
[ 1207.307787][T11683] tc action pedit offset must be on 32 bit boundaries
[ 1207.314611][T11683] tc action pedit offset must be on 32 bit boundaries
[ 1207.321452][T11683] tc action pedit offset must be on 32 bit boundaries
[ 1207.328324][T11683] tc action pedit offset must be on 32 bit boundaries
[ 1207.335117][T11683] tc action pedit offset must be on 32 bit boundaries
[ 1207.341964][T11683] tc action pedit offset must be on 32 bit boundaries
[ 1207.349191][T11683] tc action pedit offset must be on 32 bit boundaries
[ 1207.355943][T11683] tc action pedit offset must be on 32 bit boundaries
[ 1207.362847][T11683] 0: reclassify loop, rule prio 0, protocol 800
[ 1207.369282][T11682] 0: reclassify loop, rule prio 0, protocol 800
[ 1207.692640][T11705] netlink: 196 bytes leftover after parsing attributes in process `syz.2.13949'.
[ 1207.736251][T11705] netlink: 196 bytes leftover after parsing attributes in process `syz.2.13949'.
[ 1207.751816][T11709] IPVS: set_ctl: invalid protocol: 1 0.0.0.0:20003
[ 1207.764419][T11705] netlink: 19 bytes leftover after parsing attributes in process `syz.2.13949'.
[ 1207.822971][T11714] tipc: Enabling of bearer <ib:gretap0> rejected, already enabled
[ 1207.878840][T11709] netlink: 4 bytes leftover after parsing attributes in process `syz.3.13950'.
[ 1208.092444][T11709] bond16: option lacp_active: mode dependency failed, not supported in mode balance-rr(0)
[ 1208.117133][T11709] bond16 (unregistering): Released all slaves
[ 1208.493218][T11746] FAULT_INJECTION: forcing a failure.
[ 1208.493218][T11746] name failslab, interval 1, probability 0, space 0, times 0
[ 1208.547761][T11746] CPU: 1 UID: 0 PID: 11746 Comm: syz.0.13960 Not tainted syzkaller #0 PREEMPT(full) 
[ 1208.547791][T11746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1208.547804][T11746] Call Trace:
[ 1208.547812][T11746]  <TASK>
[ 1208.547821][T11746]  dump_stack_lvl+0xe8/0x150
[ 1208.547866][T11746]  should_fail_ex+0x412/0x560
[ 1208.547901][T11746]  should_failslab+0xa8/0x100
[ 1208.547923][T11746]  ? __kernfs_new_node+0xea/0x970
[ 1208.547953][T11746]  kmem_cache_alloc_noprof+0x87/0x650
[ 1208.547994][T11746]  __kernfs_new_node+0xea/0x970
[ 1208.548029][T11746]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1208.548058][T11746]  ? kernfs_root+0x1c/0x230
[ 1208.548092][T11746]  ? kernfs_root+0x1c/0x230
[ 1208.548118][T11746]  ? kernfs_root+0x1c/0x230
[ 1208.548142][T11746]  ? kernfs_root+0x1c/0x230
[ 1208.548175][T11746]  kernfs_new_node+0x102/0x210
[ 1208.548211][T11746]  __kernfs_create_file+0x4b/0x2e0
[ 1208.548238][T11746]  sysfs_add_file_mode_ns+0x238/0x300
[ 1208.548272][T11746]  sysfs_merge_group+0x183/0x320
[ 1208.548304][T11746]  ? __pfx_sysfs_merge_group+0x10/0x10
[ 1208.548332][T11746]  ? kobject_put+0x516/0x560
[ 1208.548368][T11746]  dpm_sysfs_add+0xd2/0x270
[ 1208.548399][T11746]  device_add+0x4d8/0xb70
[ 1208.548431][T11746]  tty_register_device_attr+0x422/0x950
[ 1208.548454][T11746]  ? rfcomm_dev_ioctl+0x1675/0x21d0
[ 1208.548491][T11746]  ? __pfx___mutex_lock+0x10/0x10
[ 1208.548520][T11746]  ? __pfx_tty_register_device_attr+0x10/0x10
[ 1208.548557][T11746]  ? tty_port_register_device+0x5a/0x100
[ 1208.548583][T11746]  rfcomm_dev_ioctl+0x1b73/0x21d0
[ 1208.548619][T11746]  ? kasan_quarantine_put+0xbb/0x1f0
[ 1208.548648][T11746]  ? __pfx_rfcomm_dev_ioctl+0x10/0x10
[ 1208.548684][T11746]  ? tomoyo_path_number_perm+0x219/0x630
[ 1208.548712][T11746]  ? tomoyo_path_number_perm+0x219/0x630
[ 1208.548747][T11746]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1208.548779][T11746]  sock_do_ioctl+0x101/0x320
[ 1208.548807][T11746]  ? __pfx_sock_do_ioctl+0x10/0x10
[ 1208.548837][T11746]  ? __mutex_unlock_slowpath+0x1be/0x6f0
[ 1208.548883][T11746]  sock_ioctl+0x5c6/0x7f0
[ 1208.548908][T11746]  ? __pfx_sock_ioctl+0x10/0x10
[ 1208.548931][T11746]  ? __fget_files+0x2a/0x420
[ 1208.548957][T11746]  ? __fget_files+0x3a0/0x420
[ 1208.548981][T11746]  ? __fget_files+0x2a/0x420
[ 1208.549011][T11746]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1208.549034][T11746]  ? __pfx_sock_ioctl+0x10/0x10
[ 1208.549057][T11746]  __se_sys_ioctl+0xfc/0x170
[ 1208.549078][T11746]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1208.549101][T11746]  do_syscall_64+0x15f/0xf80
[ 1208.549127][T11746]  ? trace_irq_disable+0x3b/0x140
[ 1208.549150][T11746]  ? clear_bhb_loop+0x40/0x90
[ 1208.549177][T11746]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1208.549197][T11746] RIP: 0033:0x7f343ef9c819
[ 1208.549219][T11746] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1208.549238][T11746] RSP: 002b:00007f343feb6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1208.549261][T11746] RAX: ffffffffffffffda RBX: 00007f343f215fa0 RCX: 00007f343ef9c819
[ 1208.549277][T11746] RDX: 0000200000000100 RSI: 00000000400452c8 RDI: 0000000000000005
[ 1208.549291][T11746] RBP: 00007f343feb6090 R08: 0000000000000000 R09: 0000000000000000
[ 1208.549305][T11746] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1208.549317][T11746] R13: 00007f343f216038 R14: 00007f343f215fa0 R15: 00007ffd67151f18
[ 1208.549355][T11746]  </TASK>
[ 1209.408143][T11774] mac80211_hwsim hwsim9 syzkaller0: entered promiscuous mode
[ 1209.485822][T11778] netlink: 'syz.0.13969': attribute type 1 has an invalid length.
[ 1209.504131][T11778] __nla_validate_parse: 2 callbacks suppressed
[ 1209.504153][T11778] netlink: 224 bytes leftover after parsing attributes in process `syz.0.13969'.
[ 1209.664192][T11789] tipc: Bearer <udp:syz1>: already 2 bearers with priority 10
[ 1209.692851][T11789] tipc: Bearer <udp:syz1>: trying with adjusted priority
[ 1209.724483][T11789] tipc: Enabling of bearer <udp:syz1> rejected, max 3 bearers permitted
[ 1209.742261][T11800] netlink: 220 bytes leftover after parsing attributes in process `syz.2.13975'.
[ 1209.753292][T11805] netlink: zone id is out of range
[ 1209.770948][T11802] netlink: zone id is out of range
[ 1209.801859][T11805] netlink: zone id is out of range
[ 1209.822813][T11802] netlink: zone id is out of range
[ 1209.832937][T11805] netlink: zone id is out of range
[ 1209.839427][T11805] netlink: zone id is out of range
[ 1209.844793][T11805] netlink: zone id is out of range
[ 1209.852258][T11794] bond16 (unregistering): Released all slaves
[ 1209.852473][T11805] netlink: zone id is out of range
[ 1209.866015][T11805] netlink: zone id is out of range
[ 1209.867853][T11802] netlink: zone id is out of range
[ 1209.930819][T11808] netlink: 20 bytes leftover after parsing attributes in process `syz.1.13978'.
[ 1209.967957][T11807] netlink: 'syz.1.13978': attribute type 2 has an invalid length.
[ 1209.990623][T11807] netlink: 'syz.1.13978': attribute type 1 has an invalid length.
[ 1210.067225][T11807] bond25: entered promiscuous mode
[ 1210.079220][T11807] 8021q: adding VLAN 0 to HW filter on device bond25
[ 1210.102003][T11808] bond25: (slave ipvlan11): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[ 1210.115597][T11808] bond25: (slave ipvlan11): The slave device specified does not support setting the MAC address
[ 1210.126418][T11808] bond25: (slave ipvlan11): Setting fail_over_mac to active for active-backup mode
[ 1210.169360][T11820] tipc: Resetting bearer <ib:gretap0>
[ 1210.220206][T11825] netlink: 24 bytes leftover after parsing attributes in process `syz.2.13980'.
[ 1210.321352][T11820] 
: entered allmulticast mode
[ 1210.339026][T11820] ip6gre3: entered allmulticast mode
[ 1210.346171][T11820] bond14: entered allmulticast mode
[ 1210.357001][T11820] veth32: entered allmulticast mode
[ 1210.369355][T11820] veth33: entered allmulticast mode
[ 1210.390177][T11820] macsec2: entered allmulticast mode
[ 1210.417748][T11820] bond15: entered allmulticast mode
[ 1210.563946][T11835] syzkaller1: entered promiscuous mode
[ 1210.572231][T11835] syzkaller1: entered allmulticast mode
[ 1210.666872][T11843] vlan0: left promiscuous mode
[ 1210.672672][T11843] vlan0: entered allmulticast mode
[ 1210.679448][T11843] xfrm0: entered allmulticast mode
[ 1210.685022][T11843] ipip2: entered allmulticast mode
[ 1210.701818][T11843] veth30: entered allmulticast mode
[ 1210.713981][T11843] veth31: entered allmulticast mode
[ 1210.726341][T11843] veth32: entered allmulticast mode
[ 1210.734559][T11843] veth33: entered allmulticast mode
[ 1210.765886][T11843] bond25: left promiscuous mode
[ 1210.775352][T11843] bond25: entered allmulticast mode
[ 1210.932652][T11853] netlink: 512 bytes leftover after parsing attributes in process `syz.0.13992'.
[ 1210.983263][T11861] FAULT_INJECTION: forcing a failure.
[ 1210.983263][T11861] name failslab, interval 1, probability 0, space 0, times 0
[ 1211.032183][T11861] CPU: 0 UID: 0 PID: 11861 Comm: syz.1.13993 Not tainted syzkaller #0 PREEMPT(full) 
[ 1211.032216][T11861] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1211.032229][T11861] Call Trace:
[ 1211.032238][T11861]  <TASK>
[ 1211.032248][T11861]  dump_stack_lvl+0xe8/0x150
[ 1211.032287][T11861]  should_fail_ex+0x412/0x560
[ 1211.032323][T11861]  should_failslab+0xa8/0x100
[ 1211.032347][T11861]  __kmalloc_noprof+0xe8/0x760
[ 1211.032378][T11861]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1211.032417][T11861]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1211.032448][T11861]  ? tomoyo_domain+0xd7/0x130
[ 1211.032479][T11861]  ? tomoyo_path_number_perm+0x219/0x630
[ 1211.032501][T11861]  tomoyo_path_number_perm+0x246/0x630
[ 1211.032526][T11861]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1211.032555][T11861]  ? __lock_acquire+0x6b5/0x2cf0
[ 1211.032595][T11861]  ? __mutex_unlock_slowpath+0x1be/0x6f0
[ 1211.032641][T11861]  ? __fget_files+0x2a/0x420
[ 1211.032666][T11861]  ? __fget_files+0x2a/0x420
[ 1211.032687][T11861]  ? __fget_files+0x3a0/0x420
[ 1211.032708][T11861]  ? __fget_files+0x2a/0x420
[ 1211.032734][T11861]  security_file_ioctl+0xc3/0x2a0
[ 1211.032757][T11861]  __se_sys_ioctl+0x47/0x170
[ 1211.032774][T11861]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1211.032795][T11861]  do_syscall_64+0x15f/0xf80
[ 1211.032816][T11861]  ? trace_irq_disable+0x3b/0x140
[ 1211.032836][T11861]  ? clear_bhb_loop+0x40/0x90
[ 1211.032858][T11861]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1211.032875][T11861] RIP: 0033:0x7fab5979c819
[ 1211.032894][T11861] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1211.032911][T11861] RSP: 002b:00007fab5a743028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1211.032932][T11861] RAX: ffffffffffffffda RBX: 00007fab59a15fa0 RCX: 00007fab5979c819
[ 1211.032956][T11861] RDX: 00002000000002c0 RSI: 00000000000089f1 RDI: 0000000000000003
[ 1211.032969][T11861] RBP: 00007fab5a743090 R08: 0000000000000000 R09: 0000000000000000
[ 1211.032982][T11861] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1211.032995][T11861] R13: 00007fab59a16038 R14: 00007fab59a15fa0 R15: 00007ffeb45b99f8
[ 1211.033033][T11861]  </TASK>
[ 1211.033043][T11861] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1211.281418][T11814] lo speed is unknown, defaulting to 1000
[ 1211.299029][T11869] netlink: 16 bytes leftover after parsing attributes in process `syz.0.13995'.
[ 1211.574419][T11877] tipc: Enabling of bearer <ib:gretap0> rejected, max 3 bearers permitted
[ 1211.693170][T11884] netlink: 'syz.0.14004': attribute type 5 has an invalid length.
[ 1211.868510][T11893] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1212.091069][T11903] netlink: 788 bytes leftover after parsing attributes in process `syz.2.14009'.
[ 1212.224704][T11910] tipc: Failed to remove unknown binding: 66,0,0/4269801488:1020903167/1020903168
[ 1212.254424][T11910] tipc: Failed to remove unknown binding: 66,0,0/4269801488:1020903167/1020903168
[ 1212.264261][T11907] bridge24: entered promiscuous mode
[ 1212.278299][T11907] bridge24: entered allmulticast mode
[ 1212.301223][T11907] team0: Port device bridge24 added
[ 1212.771697][T11928] bond20: (slave bond_slave_1): Device is not bonding slave
[ 1212.780909][T11928] bond20: option active_slave: invalid value (bond_slave_1)
[ 1212.795053][T11928] bond20 (unregistering): Released all slaves
[ 1212.842136][T11935] netlink: 196 bytes leftover after parsing attributes in process `syz.1.14016'.
[ 1212.854889][T11935] netlink: 196 bytes leftover after parsing attributes in process `syz.1.14016'.
[ 1212.869209][T11935] netlink: 19 bytes leftover after parsing attributes in process `syz.1.14016'.
[ 1213.073247][T11946] netlink: 'syz.2.14020': attribute type 20 has an invalid length.
[ 1213.102325][T11950] FAULT_INJECTION: forcing a failure.
[ 1213.102325][T11950] name failslab, interval 1, probability 0, space 0, times 0
[ 1213.127578][T11946] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1213.136135][T11950] CPU: 1 UID: 0 PID: 11950 Comm: syz.0.14022 Not tainted syzkaller #0 PREEMPT(full) 
[ 1213.136164][T11950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1213.136178][T11950] Call Trace:
[ 1213.136188][T11950]  <TASK>
[ 1213.136197][T11950]  dump_stack_lvl+0xe8/0x150
[ 1213.136234][T11950]  should_fail_ex+0x412/0x560
[ 1213.136269][T11950]  should_failslab+0xa8/0x100
[ 1213.136294][T11950]  __kmalloc_node_track_caller_noprof+0xeb/0x7b0
[ 1213.136328][T11950]  ? __kernfs_new_node+0xaa/0x970
[ 1213.136363][T11950]  kstrdup+0x42/0x100
[ 1213.136394][T11950]  __kernfs_new_node+0xaa/0x970
[ 1213.136421][T11950]  ? format_decode+0x5a3/0xe10
[ 1213.136445][T11950]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1213.136472][T11950]  ? kernfs_root+0x1c/0x230
[ 1213.136504][T11950]  ? kernfs_root+0x1c/0x230
[ 1213.136539][T11950]  ? kernfs_root+0x1c/0x230
[ 1213.136562][T11950]  ? kernfs_root+0x1c/0x230
[ 1213.136595][T11950]  kernfs_new_node+0x102/0x210
[ 1213.136629][T11950]  kernfs_create_link+0xa7/0x200
[ 1213.136656][T11950]  sysfs_do_create_link_sd+0x83/0x110
[ 1213.136685][T11950]  device_create_sys_dev_entry+0x122/0x190
[ 1213.136712][T11950]  ? __pfx_device_create_sys_dev_entry+0x10/0x10
[ 1213.136745][T11950]  ? device_create_file+0xf4/0x1b0
[ 1213.136771][T11950]  device_add+0x733/0xb70
[ 1213.136800][T11950]  tty_register_device_attr+0x422/0x950
[ 1213.136822][T11950]  ? rfcomm_dev_ioctl+0x1675/0x21d0
[ 1213.136853][T11950]  ? __pfx___mutex_lock+0x10/0x10
[ 1213.136880][T11950]  ? __pfx_tty_register_device_attr+0x10/0x10
[ 1213.136917][T11950]  ? tty_port_register_device+0x5a/0x100
[ 1213.136944][T11950]  rfcomm_dev_ioctl+0x1b73/0x21d0
[ 1213.136978][T11950]  ? kasan_quarantine_put+0xbb/0x1f0
[ 1213.137007][T11950]  ? __pfx_rfcomm_dev_ioctl+0x10/0x10
[ 1213.137085][T11950]  ? tomoyo_path_number_perm+0x219/0x630
[ 1213.137113][T11950]  ? tomoyo_path_number_perm+0x219/0x630
[ 1213.137147][T11950]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1213.137174][T11950]  sock_do_ioctl+0x101/0x320
[ 1213.137200][T11950]  ? __pfx_sock_do_ioctl+0x10/0x10
[ 1213.137221][T11950]  ? __mutex_unlock_slowpath+0x1be/0x6f0
[ 1213.137265][T11950]  sock_ioctl+0x5c6/0x7f0
[ 1213.137290][T11950]  ? __pfx_sock_ioctl+0x10/0x10
[ 1213.137313][T11950]  ? __fget_files+0x2a/0x420
[ 1213.137338][T11950]  ? __fget_files+0x3a0/0x420
[ 1213.137362][T11950]  ? __fget_files+0x2a/0x420
[ 1213.137392][T11950]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1213.137415][T11950]  ? __pfx_sock_ioctl+0x10/0x10
[ 1213.137437][T11950]  __se_sys_ioctl+0xfc/0x170
[ 1213.137458][T11950]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1213.137482][T11950]  do_syscall_64+0x15f/0xf80
[ 1213.137506][T11950]  ? trace_irq_disable+0x3b/0x140
[ 1213.137537][T11950]  ? clear_bhb_loop+0x40/0x90
[ 1213.137563][T11950]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1213.137584][T11950] RIP: 0033:0x7f343ef9c819
[ 1213.137605][T11950] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1213.137623][T11950] RSP: 002b:00007f343feb6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1213.137646][T11950] RAX: ffffffffffffffda RBX: 00007f343f215fa0 RCX: 00007f343ef9c819
[ 1213.137661][T11950] RDX: 0000200000000100 RSI: 00000000400452c8 RDI: 0000000000000004
[ 1213.137675][T11950] RBP: 00007f343feb6090 R08: 0000000000000000 R09: 0000000000000000
[ 1213.137687][T11950] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1213.137699][T11950] R13: 00007f343f216038 R14: 00007f343f215fa0 R15: 00007ffd67151f18
[ 1213.137734][T11950]  </TASK>
[ 1213.622809][T11924] lo speed is unknown, defaulting to 1000
[ 1213.633937][T11960] netlink: 'syz.0.14026': attribute type 1 has an invalid length.
[ 1213.651664][T11958] team_slave_0: entered promiscuous mode
[ 1213.686758][T11960] bond16: entered promiscuous mode
[ 1213.692496][T11960] 8021q: adding VLAN 0 to HW filter on device bond16
[ 1213.832614][T11971] FAULT_INJECTION: forcing a failure.
[ 1213.832614][T11971] name failslab, interval 1, probability 0, space 0, times 0
[ 1213.847221][T11971] CPU: 1 UID: 0 PID: 11971 Comm: syz.2.14030 Not tainted syzkaller #0 PREEMPT(full) 
[ 1213.847251][T11971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1213.847265][T11971] Call Trace:
[ 1213.847275][T11971]  <TASK>
[ 1213.847284][T11971]  dump_stack_lvl+0xe8/0x150
[ 1213.847321][T11971]  should_fail_ex+0x412/0x560
[ 1213.847357][T11971]  should_failslab+0xa8/0x100
[ 1213.847382][T11971]  __kmalloc_cache_noprof+0x88/0x660
[ 1213.847412][T11971]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1213.847442][T11971]  ? __xdp_reg_mem_model+0x1e3/0x5d0
[ 1213.847469][T11971]  __xdp_reg_mem_model+0x1e3/0x5d0
[ 1213.847503][T11971]  ? __pfx___xdp_reg_mem_model+0x10/0x10
[ 1213.847545][T11971]  ? page_pool_create_percpu+0x7f9/0xb80
[ 1213.847585][T11971]  xdp_reg_mem_model+0x22/0x40
[ 1213.847616][T11971]  bpf_test_run_xdp_live+0x295/0x1cf0
[ 1213.847655][T11971]  ? bpf_dispatcher_change_prog+0xae0/0xd70
[ 1213.847702][T11971]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 1213.847730][T11971]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[ 1213.847785][T11971]  ? 0xffffffffa02016cc
[ 1213.847803][T11971]  ? 0xffffffffa020174c
[ 1213.847820][T11971]  ? 0xffffffffa0201788
[ 1213.847838][T11971]  ? 0xffffffffa02017c8
[ 1213.847856][T11971]  ? 0xffffffffa02019d4
[ 1213.847874][T11971]  ? 0xffffffffa0201a10
[ 1213.847891][T11971]  ? 0xffffffffa0202b0c
[ 1213.847909][T11971]  ? 0xffffffffa0202be4
[ 1213.847952][T11971]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[ 1213.847985][T11971]  ? _copy_from_user+0x94/0xb0
[ 1213.848006][T11971]  ? bpf_test_init+0x113/0x150
[ 1213.848033][T11971]  ? xdp_convert_md_to_buff+0x5b/0x330
[ 1213.848067][T11971]  bpf_prog_test_run_xdp+0x81c/0x1160
[ 1213.848114][T11971]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[ 1213.848151][T11971]  ? __fget_files+0x2a/0x420
[ 1213.848183][T11971]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[ 1213.848213][T11971]  bpf_prog_test_run+0x2c7/0x340
[ 1213.848242][T11971]  __sys_bpf+0x643/0x950
[ 1213.848267][T11971]  ? __pfx___sys_bpf+0x10/0x10
[ 1213.848308][T11971]  ? ksys_write+0x242/0x270
[ 1213.848340][T11971]  ? __pfx_ksys_write+0x10/0x10
[ 1213.848376][T11971]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1213.848398][T11971]  __x64_sys_bpf+0x7c/0x90
[ 1213.848420][T11971]  do_syscall_64+0x15f/0xf80
[ 1213.848444][T11971]  ? trace_irq_disable+0x3b/0x140
[ 1213.848468][T11971]  ? clear_bhb_loop+0x40/0x90
[ 1213.848493][T11971]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1213.848514][T11971] RIP: 0033:0x7f67e9f9c819
[ 1213.848534][T11971] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1213.848551][T11971] RSP: 002b:00007f67eaeb6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1213.848583][T11971] RAX: ffffffffffffffda RBX: 00007f67ea215fa0 RCX: 00007f67e9f9c819
[ 1213.848598][T11971] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a
[ 1213.848612][T11971] RBP: 00007f67eaeb6090 R08: 0000000000000000 R09: 0000000000000000
[ 1213.848626][T11971] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1213.848639][T11971] R13: 00007f67ea216038 R14: 00007f67ea215fa0 R15: 00007ffdb8d5c408
[ 1213.848674][T11971]  </TASK>
[ 1214.185749][T11960] bond16: (slave bridge25): making interface the new active one
[ 1214.194252][T11960] bridge25: entered promiscuous mode
[ 1214.204829][T11960] bond16: (slave bridge25): Enslaving as an active interface with an up link
[ 1214.324172][T11976] FAULT_INJECTION: forcing a failure.
[ 1214.324172][T11976] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1214.386509][T11976] CPU: 1 UID: 0 PID: 11976 Comm: syz.4.14032 Not tainted syzkaller #0 PREEMPT(full) 
[ 1214.386539][T11976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1214.386551][T11976] Call Trace:
[ 1214.386560][T11976]  <TASK>
[ 1214.386570][T11976]  dump_stack_lvl+0xe8/0x150
[ 1214.386605][T11976]  should_fail_ex+0x412/0x560
[ 1214.386635][T11976]  _copy_from_iter+0x1d3/0x1670
[ 1214.386666][T11976]  ? rcu_is_watching+0x15/0xb0
[ 1214.386699][T11976]  ? __pfx__copy_from_iter+0x10/0x10
[ 1214.386734][T11976]  ? netlink_sendmsg+0x650/0xb40
[ 1214.386760][T11976]  ? skb_put+0x11b/0x210
[ 1214.386801][T11976]  netlink_sendmsg+0x6c0/0xb40
[ 1214.386837][T11976]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1214.386867][T11976]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1214.386893][T11976]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1214.386925][T11976]  ____sys_sendmsg+0x972/0x9f0
[ 1214.386951][T11976]  ? __might_fault+0xaf/0x130
[ 1214.386981][T11976]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1214.387018][T11976]  ? import_iovec+0x73/0xa0
[ 1214.387039][T11976]  ___sys_sendmsg+0x2a5/0x360
[ 1214.387070][T11976]  ? __lock_acquire+0x6b5/0x2cf0
[ 1214.387098][T11976]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1214.387159][T11976]  ? __fget_files+0x2a/0x420
[ 1214.387179][T11976]  ? __fget_files+0x3a0/0x420
[ 1214.387211][T11976]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1214.387241][T11976]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1214.387280][T11976]  ? __pfx_ksys_write+0x10/0x10
[ 1214.387306][T11976]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1214.387336][T11976]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1214.387357][T11976]  do_syscall_64+0x15f/0xf80
[ 1214.387379][T11976]  ? trace_irq_disable+0x3b/0x140
[ 1214.387397][T11976]  ? clear_bhb_loop+0x40/0x90
[ 1214.387417][T11976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1214.387433][T11976] RIP: 0033:0x7f2dc259c819
[ 1214.387451][T11976] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1214.387466][T11976] RSP: 002b:00007f2dc34f5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1214.387485][T11976] RAX: ffffffffffffffda RBX: 00007f2dc2815fa0 RCX: 00007f2dc259c819
[ 1214.387498][T11976] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000004
[ 1214.387512][T11976] RBP: 00007f2dc34f5090 R08: 0000000000000000 R09: 0000000000000000
[ 1214.387523][T11976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1214.387534][T11976] R13: 00007f2dc2816038 R14: 00007f2dc2815fa0 R15: 00007ffdd573a9d8
[ 1214.387568][T11976]  </TASK>
[ 1214.702464][T11980] __nla_validate_parse: 3 callbacks suppressed
[ 1214.702486][T11980] netlink: 4 bytes leftover after parsing attributes in process `syz.0.14033'.
[ 1214.725670][T11980] netlink: 4 bytes leftover after parsing attributes in process `syz.0.14033'.
[ 1214.736014][T11980] netlink: 4 bytes leftover after parsing attributes in process `syz.0.14033'.
[ 1214.854485][T11984] xt_hashlimit: invalid interval
[ 1215.112060][T11998] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.14041'.
[ 1215.411730][T12013] FAULT_INJECTION: forcing a failure.
[ 1215.411730][T12013] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1215.425511][T12009] tipc: Resetting bearer <ib:gretap0>
[ 1215.432911][T12013] CPU: 1 UID: 0 PID: 12013 Comm: syz.3.14047 Not tainted syzkaller #0 PREEMPT(full) 
[ 1215.432941][T12013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1215.432954][T12013] Call Trace:
[ 1215.432964][T12013]  <TASK>
[ 1215.432973][T12013]  dump_stack_lvl+0xe8/0x150
[ 1215.433009][T12013]  should_fail_ex+0x412/0x560
[ 1215.433044][T12013]  _copy_to_user+0x31/0xb0
[ 1215.433068][T12013]  simple_read_from_buffer+0xe1/0x170
[ 1215.433100][T12013]  proc_fail_nth_read+0x1bb/0x230
[ 1215.433130][T12013]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1215.433160][T12013]  ? rw_verify_area+0x2a6/0x4d0
[ 1215.433188][T12013]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1215.433217][T12013]  vfs_read+0x20c/0xa70
[ 1215.433250][T12013]  ? __pfx___mutex_lock+0x10/0x10
[ 1215.433278][T12013]  ? __pfx_vfs_read+0x10/0x10
[ 1215.433308][T12013]  ? __fget_files+0x2a/0x420
[ 1215.433340][T12013]  ? __fget_files+0x3a0/0x420
[ 1215.433364][T12013]  ? __fget_files+0x2a/0x420
[ 1215.433401][T12013]  ksys_read+0x150/0x270
[ 1215.433439][T12013]  ? __pfx_ksys_read+0x10/0x10
[ 1215.433478][T12013]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1215.433500][T12013]  do_syscall_64+0x15f/0xf80
[ 1215.433525][T12013]  ? trace_irq_disable+0x3b/0x140
[ 1215.433549][T12013]  ? clear_bhb_loop+0x40/0x90
[ 1215.433576][T12013]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1215.433597][T12013] RIP: 0033:0x7f4867f5d04e
[ 1215.433618][T12013] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1215.433636][T12013] RSP: 002b:00007f4868f15fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1215.433660][T12013] RAX: ffffffffffffffda RBX: 00007f4868f166c0 RCX: 00007f4867f5d04e
[ 1215.433675][T12013] RDX: 000000000000000f RSI: 00007f4868f160a0 RDI: 0000000000000005
[ 1215.433689][T12013] RBP: 00007f4868f16090 R08: 0000000000000000 R09: 0000000000000000
[ 1215.433703][T12013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1215.433715][T12013] R13: 00007f4868216038 R14: 00007f4868215fa0 R15: 00007fff81cacb88
[ 1215.433762][T12013]  </TASK>
[ 1215.800491][T12009] : entered allmulticast mode
[ 1215.811332][T12009] bond19: entered allmulticast mode
[ 1215.817438][T12009] veth24: entered allmulticast mode
[ 1215.825007][T12009] veth25: entered allmulticast mode
[ 1215.831472][T12009] bridge24: entered allmulticast mode
[ 1215.837356][T12009] veth26: entered allmulticast mode
[ 1215.843914][T12009] veth27: entered allmulticast mode
[ 1215.860908][ T1156] netdevsim netdevsim4 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1215.872718][ T1156] netdevsim netdevsim4 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1215.893885][T12031] netlink: 12 bytes leftover after parsing attributes in process `syz.2.14052'.
[ 1215.984035][ T1156] netdevsim netdevsim4 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1216.025091][ T1156] netdevsim netdevsim4 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1216.203458][T12031] veth31: entered allmulticast mode
[ 1216.374524][T12029] syzkaller1: entered promiscuous mode
[ 1216.380956][T12029] syzkaller1: entered allmulticast mode
[ 1216.410325][T12033] bond16 (unregistering): Released all slaves
[ 1216.616727][T12046] netlink: 4 bytes leftover after parsing attributes in process `syz.1.14056'.
[ 1216.753754][T12059] netlink: 44 bytes leftover after parsing attributes in process `syz.3.14059'.
[ 1216.775925][T12054] FAULT_INJECTION: forcing a failure.
[ 1216.775925][T12054] name failslab, interval 1, probability 0, space 0, times 0
[ 1216.801619][T12054] CPU: 1 UID: 0 PID: 12054 Comm: syz.4.14060 Not tainted syzkaller #0 PREEMPT(full) 
[ 1216.801650][T12054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1216.801663][T12054] Call Trace:
[ 1216.801673][T12054]  <TASK>
[ 1216.801682][T12054]  dump_stack_lvl+0xe8/0x150
[ 1216.801717][T12054]  should_fail_ex+0x412/0x560
[ 1216.801752][T12054]  should_failslab+0xa8/0x100
[ 1216.801776][T12054]  __kmalloc_cache_noprof+0x88/0x660
[ 1216.801808][T12054]  ? cdev_alloc+0x4c/0xc0
[ 1216.801845][T12054]  cdev_alloc+0x4c/0xc0
[ 1216.801867][T12054]  tty_register_device_attr+0x625/0x950
[ 1216.801889][T12054]  ? rfcomm_dev_ioctl+0x1675/0x21d0
[ 1216.801921][T12054]  ? __pfx___mutex_lock+0x10/0x10
[ 1216.801950][T12054]  ? __pfx_tty_register_device_attr+0x10/0x10
[ 1216.801988][T12054]  ? tty_port_register_device+0x5a/0x100
[ 1216.802015][T12054]  rfcomm_dev_ioctl+0x1b73/0x21d0
[ 1216.802050][T12054]  ? kasan_quarantine_put+0xbb/0x1f0
[ 1216.802080][T12054]  ? __pfx_rfcomm_dev_ioctl+0x10/0x10
[ 1216.802117][T12054]  ? tomoyo_path_number_perm+0x219/0x630
[ 1216.802145][T12054]  ? tomoyo_path_number_perm+0x219/0x630
[ 1216.802180][T12054]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1216.802211][T12054]  sock_do_ioctl+0x101/0x320
[ 1216.802240][T12054]  ? __pfx_sock_do_ioctl+0x10/0x10
[ 1216.802261][T12054]  ? __mutex_unlock_slowpath+0x1be/0x6f0
[ 1216.802314][T12054]  sock_ioctl+0x5c6/0x7f0
[ 1216.802340][T12054]  ? __pfx_sock_ioctl+0x10/0x10
[ 1216.802364][T12054]  ? __fget_files+0x2a/0x420
[ 1216.802387][T12054]  ? __fget_files+0x3a0/0x420
[ 1216.802411][T12054]  ? __fget_files+0x2a/0x420
[ 1216.802440][T12054]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1216.802462][T12054]  ? __pfx_sock_ioctl+0x10/0x10
[ 1216.802506][T12054]  __se_sys_ioctl+0xfc/0x170
[ 1216.802528][T12054]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1216.802551][T12054]  do_syscall_64+0x15f/0xf80
[ 1216.802577][T12054]  ? trace_irq_disable+0x3b/0x140
[ 1216.802600][T12054]  ? clear_bhb_loop+0x40/0x90
[ 1216.802627][T12054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1216.802648][T12054] RIP: 0033:0x7f2dc259c819
[ 1216.802668][T12054] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1216.802687][T12054] RSP: 002b:00007f2dc34f5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1216.802711][T12054] RAX: ffffffffffffffda RBX: 00007f2dc2815fa0 RCX: 00007f2dc259c819
[ 1216.802727][T12054] RDX: 0000200000000100 RSI: 00000000400452c8 RDI: 0000000000000005
[ 1216.802741][T12054] RBP: 00007f2dc34f5090 R08: 0000000000000000 R09: 0000000000000000
[ 1216.802754][T12054] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1216.802767][T12054] R13: 00007f2dc2816038 R14: 00007f2dc2815fa0 R15: 00007ffdd573a9d8
[ 1216.802803][T12054]  </TASK>
[ 1217.831757][T12096] FAULT_INJECTION: forcing a failure.
[ 1217.831757][T12096] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1217.847171][T12096] CPU: 1 UID: 0 PID: 12096 Comm: syz.2.14072 Not tainted syzkaller #0 PREEMPT(full) 
[ 1217.847199][T12096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1217.847211][T12096] Call Trace:
[ 1217.847220][T12096]  <TASK>
[ 1217.847229][T12096]  dump_stack_lvl+0xe8/0x150
[ 1217.847266][T12096]  should_fail_ex+0x412/0x560
[ 1217.847298][T12096]  _copy_from_iter+0x1d3/0x1670
[ 1217.847332][T12096]  ? rcu_is_watching+0x15/0xb0
[ 1217.847375][T12096]  ? __pfx__copy_from_iter+0x10/0x10
[ 1217.847413][T12096]  ? __alloc_skb+0x4e5/0x7d0
[ 1217.847438][T12096]  ? skb_put+0x11b/0x210
[ 1217.847469][T12096]  pfkey_sendmsg+0x265/0x1120
[ 1217.847488][T12096]  ? unwind_next_frame+0xa6/0x2550
[ 1217.847538][T12096]  ? __pfx_pfkey_sendmsg+0x10/0x10
[ 1217.847563][T12096]  ? aa_sk_perm+0x6d5/0x900
[ 1217.847599][T12096]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1217.847621][T12096]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[ 1217.847657][T12096]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1217.847685][T12096]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1217.847720][T12096]  ____sys_sendmsg+0x972/0x9f0
[ 1217.847749][T12096]  ? __might_fault+0xaf/0x130
[ 1217.847783][T12096]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1217.847830][T12096]  ? import_iovec+0x73/0xa0
[ 1217.847855][T12096]  ___sys_sendmsg+0x2a5/0x360
[ 1217.847882][T12096]  ? __lock_acquire+0x6b5/0x2cf0
[ 1217.847913][T12096]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1217.847981][T12096]  ? __fget_files+0x2a/0x420
[ 1217.848005][T12096]  ? __fget_files+0x3a0/0x420
[ 1217.848040][T12096]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1217.848072][T12096]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1217.848112][T12096]  ? __pfx_ksys_write+0x10/0x10
[ 1217.848150][T12096]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1217.848172][T12096]  do_syscall_64+0x15f/0xf80
[ 1217.848196][T12096]  ? trace_irq_disable+0x3b/0x140
[ 1217.848218][T12096]  ? clear_bhb_loop+0x40/0x90
[ 1217.848243][T12096]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1217.848263][T12096] RIP: 0033:0x7f67e9f9c819
[ 1217.848283][T12096] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1217.848300][T12096] RSP: 002b:00007f67eaeb6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1217.848324][T12096] RAX: ffffffffffffffda RBX: 00007f67ea215fa0 RCX: 00007f67e9f9c819
[ 1217.848338][T12096] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[ 1217.848351][T12096] RBP: 00007f67eaeb6090 R08: 0000000000000000 R09: 0000000000000000
[ 1217.848364][T12096] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1217.848376][T12096] R13: 00007f67ea216038 R14: 00007f67ea215fa0 R15: 00007ffdb8d5c408
[ 1217.848409][T12096]  </TASK>
[ 1218.123114][T12097] netlink: 12 bytes leftover after parsing attributes in process `syz.1.14068'.
[ 1218.155068][T12085] bond26: Unable to set up delay as MII monitoring is disabled
[ 1218.167225][T12085] bond26 (unregistering): Released all slaves
[ 1218.196750][T12056] lo speed is unknown, defaulting to 1000
[ 1218.197110][T12088] syzkaller1: entered promiscuous mode
[ 1218.209074][T12088] syzkaller1: entered allmulticast mode
[ 1218.576461][T12118] netlink: 4 bytes leftover after parsing attributes in process `syz.3.14079'.
[ 1219.113635][T12135] syzkaller1: entered promiscuous mode
[ 1219.120378][T12135] syzkaller1: entered allmulticast mode
[ 1219.278940][T12139] netlink: 8 bytes leftover after parsing attributes in process `syz.2.14087'.
[ 1219.288326][T12139] tipc: Invalid UDP bearer configuration
[ 1219.288384][T12139] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[ 1219.419499][T12146] netlink: 'syz.3.14090': attribute type 12 has an invalid length.
[ 1219.438211][T12146] netlink: 'syz.3.14090': attribute type 11 has an invalid length.
[ 1219.496077][T12111] lo speed is unknown, defaulting to 1000
[ 1219.543575][T12149] FAULT_INJECTION: forcing a failure.
[ 1219.543575][T12149] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1219.587268][T12149] CPU: 1 UID: 0 PID: 12149 Comm: syz.2.14091 Not tainted syzkaller #0 PREEMPT(full) 
[ 1219.587299][T12149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1219.587312][T12149] Call Trace:
[ 1219.587321][T12149]  <TASK>
[ 1219.587331][T12149]  dump_stack_lvl+0xe8/0x150
[ 1219.587367][T12149]  should_fail_ex+0x412/0x560
[ 1219.587403][T12149]  _copy_to_user+0x31/0xb0
[ 1219.587429][T12149]  simple_read_from_buffer+0xe1/0x170
[ 1219.587473][T12149]  proc_fail_nth_read+0x1bb/0x230
[ 1219.587509][T12149]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1219.587541][T12149]  ? rw_verify_area+0x2a6/0x4d0
[ 1219.587569][T12149]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1219.587599][T12149]  vfs_read+0x20c/0xa70
[ 1219.587634][T12149]  ? __pfx___mutex_lock+0x10/0x10
[ 1219.587662][T12149]  ? __pfx_vfs_read+0x10/0x10
[ 1219.587692][T12149]  ? __fget_files+0x2a/0x420
[ 1219.587722][T12149]  ? __fget_files+0x3a0/0x420
[ 1219.587745][T12149]  ? __fget_files+0x2a/0x420
[ 1219.587780][T12149]  ksys_read+0x150/0x270
[ 1219.587812][T12149]  ? __pfx_ksys_read+0x10/0x10
[ 1219.587850][T12149]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1219.587872][T12149]  do_syscall_64+0x15f/0xf80
[ 1219.587896][T12149]  ? trace_irq_disable+0x3b/0x140
[ 1219.587918][T12149]  ? clear_bhb_loop+0x40/0x90
[ 1219.587946][T12149]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1219.587966][T12149] RIP: 0033:0x7f67e9f5d04e
[ 1219.587987][T12149] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1219.588006][T12149] RSP: 002b:00007f67eaeb5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1219.588029][T12149] RAX: ffffffffffffffda RBX: 00007f67eaeb66c0 RCX: 00007f67e9f5d04e
[ 1219.588045][T12149] RDX: 000000000000000f RSI: 00007f67eaeb60a0 RDI: 0000000000000004
[ 1219.588058][T12149] RBP: 00007f67eaeb6090 R08: 0000000000000000 R09: 0000000000000000
[ 1219.588072][T12149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1219.588085][T12149] R13: 00007f67ea216038 R14: 00007f67ea215fa0 R15: 00007ffdb8d5c408
[ 1219.588122][T12149]  </TASK>
[ 1219.837943][T12153] syzkaller0: entered promiscuous mode
[ 1219.847235][T12153] syzkaller0: entered allmulticast mode
[ 1220.311538][T12169] __nla_validate_parse: 2 callbacks suppressed
[ 1220.311561][T12169] netlink: 4 bytes leftover after parsing attributes in process `syz.2.14097'.
[ 1220.704080][T12186] netlink: 212336 bytes leftover after parsing attributes in process `syz.0.14102'.
[ 1220.750798][T12187] netlink: 212336 bytes leftover after parsing attributes in process `syz.0.14102'.
[ 1220.766063][T12182] syzkaller1: entered promiscuous mode
[ 1220.782530][T12182] syzkaller1: entered allmulticast mode
[ 1220.802863][T12191] FAULT_INJECTION: forcing a failure.
[ 1220.802863][T12191] name failslab, interval 1, probability 0, space 0, times 0
[ 1220.820466][T12191] CPU: 0 UID: 0 PID: 12191 Comm: syz.2.14104 Not tainted syzkaller #0 PREEMPT(full) 
[ 1220.820497][T12191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1220.820510][T12191] Call Trace:
[ 1220.820520][T12191]  <TASK>
[ 1220.820530][T12191]  dump_stack_lvl+0xe8/0x150
[ 1220.820565][T12191]  should_fail_ex+0x412/0x560
[ 1220.820602][T12191]  should_failslab+0xa8/0x100
[ 1220.820628][T12191]  kmem_cache_alloc_node_noprof+0x8f/0x690
[ 1220.820660][T12191]  ? __alloc_skb+0x1d0/0x7d0
[ 1220.820686][T12191]  ? __local_bh_enable_ip+0xd0/0x130
[ 1220.820729][T12191]  __alloc_skb+0x1d0/0x7d0
[ 1220.820763][T12191]  unicast_flush_resp+0x2a/0x170
[ 1220.820789][T12191]  pfkey_flush+0x15b/0x360
[ 1220.820815][T12191]  ? __pfx_pfkey_flush+0x10/0x10
[ 1220.820853][T12191]  pfkey_sendmsg+0xc56/0x1120
[ 1220.820893][T12191]  ? __pfx_pfkey_sendmsg+0x10/0x10
[ 1220.820945][T12191]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1220.820974][T12191]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1220.821010][T12191]  ____sys_sendmsg+0x972/0x9f0
[ 1220.821040][T12191]  ? __might_fault+0xaf/0x130
[ 1220.821075][T12191]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1220.821115][T12191]  ? import_iovec+0x73/0xa0
[ 1220.821141][T12191]  ___sys_sendmsg+0x2a5/0x360
[ 1220.821169][T12191]  ? __lock_acquire+0x6b5/0x2cf0
[ 1220.821201][T12191]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1220.821274][T12191]  ? __fget_files+0x2a/0x420
[ 1220.821299][T12191]  ? __fget_files+0x3a0/0x420
[ 1220.821337][T12191]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1220.821371][T12191]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1220.821412][T12191]  ? __pfx_ksys_write+0x10/0x10
[ 1220.821451][T12191]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1220.821475][T12191]  do_syscall_64+0x15f/0xf80
[ 1220.821498][T12191]  ? trace_irq_disable+0x3b/0x140
[ 1220.821521][T12191]  ? clear_bhb_loop+0x40/0x90
[ 1220.821547][T12191]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1220.821566][T12191] RIP: 0033:0x7f67e9f9c819
[ 1220.821587][T12191] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1220.821603][T12191] RSP: 002b:00007f67eaeb6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1220.821626][T12191] RAX: ffffffffffffffda RBX: 00007f67ea215fa0 RCX: 00007f67e9f9c819
[ 1220.821641][T12191] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[ 1220.821655][T12191] RBP: 00007f67eaeb6090 R08: 0000000000000000 R09: 0000000000000000
[ 1220.821669][T12191] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1220.821681][T12191] R13: 00007f67ea216038 R14: 00007f67ea215fa0 R15: 00007ffdb8d5c408
[ 1220.821723][T12191]  </TASK>
[ 1221.256890][T12198] netlink: 'syz.0.14106': attribute type 1 has an invalid length.
[ 1221.266043][T12198] netlink: 224 bytes leftover after parsing attributes in process `syz.0.14106'.
[ 1221.414647][T12206] veth1_virt_wifi: Caught tx_queue_len zero misconfig
[ 1221.485064][T12206] syzkaller0: entered promiscuous mode
[ 1221.503556][T12206] syzkaller0: entered allmulticast mode
[ 1221.539033][T12210] netlink: 'syz.3.14110': attribute type 1 has an invalid length.
[ 1221.620727][T12212] netlink: 12 bytes leftover after parsing attributes in process `syz.0.14111'.
[ 1221.631534][T12212] netlink: 12 bytes leftover after parsing attributes in process `syz.0.14111'.
[ 1222.034892][T12237] syzkaller1: entered promiscuous mode
[ 1222.047147][T12237] syzkaller1: entered allmulticast mode
[ 1222.214304][T12241] FAULT_INJECTION: forcing a failure.
[ 1222.214304][T12241] name failslab, interval 1, probability 0, space 0, times 0
[ 1222.229619][T12241] CPU: 1 UID: 0 PID: 12241 Comm: syz.2.14122 Not tainted syzkaller #0 PREEMPT(full) 
[ 1222.229649][T12241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1222.229662][T12241] Call Trace:
[ 1222.229671][T12241]  <TASK>
[ 1222.229681][T12241]  dump_stack_lvl+0xe8/0x150
[ 1222.229719][T12241]  should_fail_ex+0x412/0x560
[ 1222.229756][T12241]  should_failslab+0xa8/0x100
[ 1222.229788][T12241]  ? skb_clone+0x212/0x3a0
[ 1222.229809][T12241]  kmem_cache_alloc_noprof+0x87/0x650
[ 1222.229848][T12241]  skb_clone+0x212/0x3a0
[ 1222.229864][T12241]  ? netlink_broadcast_filtered+0x5ea/0xeb0
[ 1222.229897][T12241]  netlink_broadcast_filtered+0x5f8/0xeb0
[ 1222.229946][T12241]  netlink_broadcast+0x37/0x50
[ 1222.229976][T12241]  kobject_uevent_net_broadcast+0x378/0x560
[ 1222.230016][T12241]  kobject_uevent_env+0x55c/0x9e0
[ 1222.230056][T12241]  tty_register_device_attr+0x573/0x950
[ 1222.230076][T12241]  ? rfcomm_dev_ioctl+0x1675/0x21d0
[ 1222.230110][T12241]  ? __pfx_tty_register_device_attr+0x10/0x10
[ 1222.230148][T12241]  ? tty_port_register_device+0x5a/0x100
[ 1222.230175][T12241]  rfcomm_dev_ioctl+0x1b73/0x21d0
[ 1222.230213][T12241]  ? kasan_quarantine_put+0xbb/0x1f0
[ 1222.230243][T12241]  ? __pfx_rfcomm_dev_ioctl+0x10/0x10
[ 1222.230281][T12241]  ? tomoyo_path_number_perm+0x219/0x630
[ 1222.230309][T12241]  ? tomoyo_path_number_perm+0x219/0x630
[ 1222.230346][T12241]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1222.230377][T12241]  sock_do_ioctl+0x101/0x320
[ 1222.230405][T12241]  ? __pfx_sock_do_ioctl+0x10/0x10
[ 1222.230427][T12241]  ? __mutex_unlock_slowpath+0x1be/0x6f0
[ 1222.230477][T12241]  sock_ioctl+0x5c6/0x7f0
[ 1222.230504][T12241]  ? __pfx_sock_ioctl+0x10/0x10
[ 1222.230527][T12241]  ? __fget_files+0x2a/0x420
[ 1222.230553][T12241]  ? __fget_files+0x3a0/0x420
[ 1222.230578][T12241]  ? __fget_files+0x2a/0x420
[ 1222.230609][T12241]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1222.230633][T12241]  ? __pfx_sock_ioctl+0x10/0x10
[ 1222.230656][T12241]  __se_sys_ioctl+0xfc/0x170
[ 1222.230677][T12241]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1222.230701][T12241]  do_syscall_64+0x15f/0xf80
[ 1222.230726][T12241]  ? trace_irq_disable+0x3b/0x140
[ 1222.230749][T12241]  ? clear_bhb_loop+0x40/0x90
[ 1222.230785][T12241]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1222.230806][T12241] RIP: 0033:0x7f67e9f9c819
[ 1222.230828][T12241] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1222.230846][T12241] RSP: 002b:00007f67eaeb6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1222.230870][T12241] RAX: ffffffffffffffda RBX: 00007f67ea215fa0 RCX: 00007f67e9f9c819
[ 1222.230885][T12241] RDX: 0000200000000100 RSI: 00000000400452c8 RDI: 0000000000000004
[ 1222.230899][T12241] RBP: 00007f67eaeb6090 R08: 0000000000000000 R09: 0000000000000000
[ 1222.230913][T12241] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1222.230925][T12241] R13: 00007f67ea216038 R14: 00007f67ea215fa0 R15: 00007ffdb8d5c408
[ 1222.230970][T12241]  </TASK>
[ 1222.703121][T12243] x_tables: unsorted entry at hook 3
[ 1222.731582][T12243] netlink: 40 bytes leftover after parsing attributes in process `syz.4.14124'.
[ 1222.781832][T12247] mac80211_hwsim hwsim9 syzkaller0: left promiscuous mode
[ 1223.184223][T12257] netlink: 244 bytes leftover after parsing attributes in process `syz.3.14129'.
[ 1223.545009][T12273] FAULT_INJECTION: forcing a failure.
[ 1223.545009][T12273] name failslab, interval 1, probability 0, space 0, times 0
[ 1223.575461][T12273] CPU: 1 UID: 0 PID: 12273 Comm: syz.0.14135 Not tainted syzkaller #0 PREEMPT(full) 
[ 1223.575493][T12273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1223.575507][T12273] Call Trace:
[ 1223.575516][T12273]  <TASK>
[ 1223.575525][T12273]  dump_stack_lvl+0xe8/0x150
[ 1223.575563][T12273]  should_fail_ex+0x412/0x560
[ 1223.575600][T12273]  should_failslab+0xa8/0x100
[ 1223.575623][T12273]  ? __kernfs_new_node+0xea/0x970
[ 1223.575653][T12273]  kmem_cache_alloc_noprof+0x87/0x650
[ 1223.575701][T12273]  __kernfs_new_node+0xea/0x970
[ 1223.575737][T12273]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1223.575766][T12273]  ? kernfs_root+0x1c/0x230
[ 1223.575799][T12273]  ? kernfs_root+0x1c/0x230
[ 1223.575825][T12273]  ? kernfs_root+0x1c/0x230
[ 1223.575848][T12273]  ? kernfs_root+0x1c/0x230
[ 1223.575880][T12273]  kernfs_new_node+0x102/0x210
[ 1223.575915][T12273]  __kernfs_create_file+0x4b/0x2e0
[ 1223.575941][T12273]  sysfs_add_file_mode_ns+0x238/0x300
[ 1223.575975][T12273]  sysfs_create_file_ns+0x12b/0x1b0
[ 1223.576004][T12273]  ? __pfx_sysfs_create_file_ns+0x10/0x10
[ 1223.576031][T12273]  ? rfcomm_reparent_device+0xad/0x470
[ 1223.576061][T12273]  ? device_create_file+0xf4/0x1b0
[ 1223.576089][T12273]  rfcomm_dev_ioctl+0x1c0c/0x21d0
[ 1223.576127][T12273]  ? kasan_quarantine_put+0xbb/0x1f0
[ 1223.576156][T12273]  ? __pfx_rfcomm_dev_ioctl+0x10/0x10
[ 1223.576192][T12273]  ? tomoyo_path_number_perm+0x219/0x630
[ 1223.576220][T12273]  ? tomoyo_path_number_perm+0x219/0x630
[ 1223.576256][T12273]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1223.576288][T12273]  sock_do_ioctl+0x101/0x320
[ 1223.576317][T12273]  ? __pfx_sock_do_ioctl+0x10/0x10
[ 1223.576338][T12273]  ? __mutex_unlock_slowpath+0x1be/0x6f0
[ 1223.576386][T12273]  sock_ioctl+0x5c6/0x7f0
[ 1223.576413][T12273]  ? __pfx_sock_ioctl+0x10/0x10
[ 1223.576436][T12273]  ? __fget_files+0x2a/0x420
[ 1223.576462][T12273]  ? __fget_files+0x3a0/0x420
[ 1223.576486][T12273]  ? __fget_files+0x2a/0x420
[ 1223.576516][T12273]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1223.576540][T12273]  ? __pfx_sock_ioctl+0x10/0x10
[ 1223.576563][T12273]  __se_sys_ioctl+0xfc/0x170
[ 1223.576584][T12273]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1223.576608][T12273]  do_syscall_64+0x15f/0xf80
[ 1223.576633][T12273]  ? trace_irq_disable+0x3b/0x140
[ 1223.576657][T12273]  ? clear_bhb_loop+0x40/0x90
[ 1223.576691][T12273]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1223.576712][T12273] RIP: 0033:0x7f343ef9c819
[ 1223.576734][T12273] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1223.576753][T12273] RSP: 002b:00007f343feb6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1223.576777][T12273] RAX: ffffffffffffffda RBX: 00007f343f215fa0 RCX: 00007f343ef9c819
[ 1223.576793][T12273] RDX: 0000200000000100 RSI: 00000000400452c8 RDI: 0000000000000004
[ 1223.576807][T12273] RBP: 00007f343feb6090 R08: 0000000000000000 R09: 0000000000000000
[ 1223.576820][T12273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1223.576833][T12273] R13: 00007f343f216038 R14: 00007f343f215fa0 R15: 00007ffd67151f18
[ 1223.576869][T12273]  </TASK>
[ 1223.576879][T12273] Bluetooth: Failed to create address attribute
[ 1223.821914][T12278] syzkaller1: entered promiscuous mode
[ 1223.986406][T12278] syzkaller1: entered allmulticast mode
[ 1224.010333][T12255] lo speed is unknown, defaulting to 1000
[ 1224.045183][T12281] h: entered promiscuous mode
[ 1224.084472][T12285] netlink: 116 bytes leftover after parsing attributes in process `syz.3.14139'.
[ 1224.894953][T12316] netlink: 65039 bytes leftover after parsing attributes in process `syz.1.14148'.
[ 1224.996234][T12319] net_ratelimit: 277 callbacks suppressed
[ 1224.996257][T12319] openvswitch: netlink: Message has 5 unknown bytes.
[ 1225.148566][T12326] syzkaller1: entered promiscuous mode
[ 1225.185614][T12326] syzkaller1: entered allmulticast mode
[ 1225.842180][T12348] __nla_validate_parse: 1 callbacks suppressed
[ 1225.842206][T12348] netlink: 16215 bytes leftover after parsing attributes in process `syz.4.14158'.
[ 1225.868221][T12346] netlink: 16215 bytes leftover after parsing attributes in process `syz.4.14158'.
[ 1226.138989][T12361] syzkaller1: entered promiscuous mode
[ 1226.164128][T12361] syzkaller1: entered allmulticast mode
[ 1226.266486][T12367] netlink: 512 bytes leftover after parsing attributes in process `syz.1.14165'.
[ 1226.756016][ T2123] IPVS: ip_vs_send_async error -19
[ 1227.112579][T12400] syzkaller1: entered promiscuous mode
[ 1227.136354][T12400] syzkaller1: entered allmulticast mode
[ 1227.176844][T12405] netlink: 512 bytes leftover after parsing attributes in process `syz.4.14181'.
[ 1227.516279][T12419] tipc: Enabling of bearer <ib:gretap0> rejected, already enabled
[ 1228.075175][T12443] netlink: 52 bytes leftover after parsing attributes in process `syz.3.14195'.
[ 1228.227853][T12449] netlink: 12 bytes leftover after parsing attributes in process `syz.4.14198'.
[ 1228.252054][T12450] netlink: 12 bytes leftover after parsing attributes in process `syz.4.14198'.
[ 1228.453257][T12447] syzkaller1: entered promiscuous mode
[ 1228.460310][T12447] syzkaller1: entered allmulticast mode
[ 1228.721214][T12462] tipc: Enabling of bearer <ib:gretap0> rejected, already enabled
[ 1228.776955][T12467] smc: net device team0 applied user defined pnetid SYZ2
[ 1228.847118][T12471] netlink: 512 bytes leftover after parsing attributes in process `syz.0.14206'.
[ 1229.273789][T12494] netlink: 'syz.1.14212': attribute type 7 has an invalid length.
[ 1229.285063][T12496] lo: Caught tx_queue_len zero misconfig
[ 1229.292571][T12494] netlink: 'syz.1.14212': attribute type 8 has an invalid length.
[ 1229.304225][T12496] netlink: 8 bytes leftover after parsing attributes in process `syz.3.14213'.
[ 1229.321246][T12496] veth1: Caught tx_queue_len zero misconfig
[ 1229.410740][T12488] syzkaller1: entered promiscuous mode
[ 1229.425050][T12488] syzkaller1: entered allmulticast mode
[ 1229.840143][T12506] tipc: Enabling of bearer <ib:gretap0> rejected, max 3 bearers permitted
[ 1229.858389][T12509] sit0: Caught tx_queue_len zero misconfig
[ 1229.972713][T12518] netlink: 8 bytes leftover after parsing attributes in process `syz.2.14220'.
[ 1230.123835][T12523] Cannot find set identified by id 65534 to match
[ 1230.511454][T12545] bond13: option mode: unable to set because the bond device has slaves
[ 1230.556178][T12546] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[ 1230.700912][T12554] netlink: 'syz.3.14230': attribute type 1 has an invalid length.
[ 1230.765495][T12551] veth31: entered promiscuous mode
[ 1230.787935][T12551] veth31: entered allmulticast mode
[ 1230.992216][T12554] 8021q: adding VLAN 0 to HW filter on device bond16
[ 1231.022062][T12558] tipc: Enabling of bearer <ib:gretap0> rejected, max 3 bearers permitted
[ 1231.049463][T12569] __nla_validate_parse: 4 callbacks suppressed
[ 1231.049487][T12569] netlink: 148 bytes leftover after parsing attributes in process `syz.2.14234'.
[ 1231.140916][T12565] bond16: (slave geneve5): making interface the new active one
[ 1231.173654][T12565] bond16: (slave geneve5): Enslaving as an active interface with an up link
[ 1231.262107][T12561] virt_wifi0: entered promiscuous mode
[ 1231.781433][T12588] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14243'.
[ 1231.832150][T12588] vlan3: entered promiscuous mode
[ 1231.837399][T12588] bridge0: entered promiscuous mode
[ 1231.945052][T12600] netlink: 148 bytes leftover after parsing attributes in process `syz.4.14247'.
[ 1232.378862][T12618] mac80211_hwsim hwsim7 wlan1: Caught tx_queue_len zero misconfig
[ 1232.399145][T12614] netlink: 'syz.3.14253': attribute type 4 has an invalid length.
[ 1232.598494][T12627] netlink: 148 bytes leftover after parsing attributes in process `syz.3.14260'.
[ 1232.903387][T12640] netlink: 4 bytes leftover after parsing attributes in process `syz.1.14262'.
[ 1232.941987][T12640] openvswitch: netlink: nsh attribute has 4 unknown bytes.
[ 1232.984191][T12639] netlink: 4 bytes leftover after parsing attributes in process `syz.0.14265'.
[ 1233.081265][T12639] batman_adv: batadv0: Removing interface: ipvlan0
[ 1233.148655][T12639] batman_adv: batadv0: Removing interface: ipvlan5
[ 1233.208161][T12639] batman_adv: batadv0: Removing interface: ipvlan8
[ 1233.245088][T12639] batman_adv: batadv0: Removing interface: ipvlan9
[ 1233.567225][T12662] netlink: 4 bytes leftover after parsing attributes in process `syz.4.14273'.
[ 1233.570515][T12664] netlink: 60 bytes leftover after parsing attributes in process `syz.3.14274'.
[ 1233.616036][T12662] macsec1: entered promiscuous mode
[ 1233.647845][T12662] bridge0: entered promiscuous mode
[ 1233.666771][T12662] macsec1: entered allmulticast mode
[ 1233.710500][T12662] bridge0: port 1(macsec1) entered blocking state
[ 1233.762716][T12662] bridge0: port 1(macsec1) entered disabled state
[ 1233.829806][T12662] bridge0: left promiscuous mode
[ 1233.925183][T12676] mac80211_hwsim hwsim10 wlan0: entered promiscuous mode
[ 1233.956776][T12676] mac80211_hwsim hwsim10 wlan0: left allmulticast mode
[ 1233.970136][T12680] netlink: 32 bytes leftover after parsing attributes in process `syz.1.14281'.
[ 1233.980051][T12677] sit0: Caught tx_queue_len zero misconfig
[ 1234.233502][T12688] netlink: 7064 bytes leftover after parsing attributes in process `syz.3.14285'.
[ 1234.244530][T12692] syzkaller1: entered promiscuous mode
[ 1234.257742][T12692] syzkaller1: entered allmulticast mode
[ 1234.275142][T12688] openvswitch: netlink: Missing key (keys=40, expected=10000000)
[ 1234.286530][T12692] FAULT_INJECTION: forcing a failure.
[ 1234.286530][T12692] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1234.307025][T12695] syzkaller1: entered promiscuous mode
[ 1234.320675][T12695] syzkaller1: entered allmulticast mode
[ 1234.324987][T12692] CPU: 1 UID: 0 PID: 12692 Comm: syz.1.14286 Not tainted syzkaller #0 PREEMPT(full) 
[ 1234.325015][T12692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1234.325027][T12692] Call Trace:
[ 1234.325036][T12692]  <TASK>
[ 1234.325045][T12692]  dump_stack_lvl+0xe8/0x150
[ 1234.325077][T12692]  should_fail_ex+0x412/0x560
[ 1234.325109][T12692]  _copy_from_iter+0x1d3/0x1670
[ 1234.325143][T12692]  ? __lock_acquire+0x6b5/0x2cf0
[ 1234.325172][T12692]  ? __pfx__copy_from_iter+0x10/0x10
[ 1234.325206][T12692]  ? __lock_acquire+0x6b5/0x2cf0
[ 1234.325236][T12692]  tun_get_user+0x275/0x3ed0
[ 1234.325271][T12692]  ? aa_file_perm+0x192/0x15e0
[ 1234.325302][T12692]  ? aa_file_perm+0x50e/0x15e0
[ 1234.325328][T12692]  ? __pfx_tun_get_user+0x10/0x10
[ 1234.325352][T12692]  ? __lock_acquire+0x6b5/0x2cf0
[ 1234.325378][T12692]  ? kstrtoull+0x12f/0x1d0
[ 1234.325411][T12692]  ? ref_tracker_alloc+0x35c/0x4c0
[ 1234.325447][T12692]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1234.325476][T12692]  ? tun_get+0x1c/0x2f0
[ 1234.325498][T12692]  ? tun_get+0x1c/0x2f0
[ 1234.325525][T12692]  ? tun_get+0x1c/0x2f0
[ 1234.325546][T12692]  ? tun_get+0x1c/0x2f0
[ 1234.325580][T12692]  tun_chr_write_iter+0x113/0x200
[ 1234.325605][T12692]  vfs_write+0x61d/0xb90
[ 1234.325641][T12692]  ? __pfx_vfs_write+0x10/0x10
[ 1234.325678][T12692]  ? __fget_files+0x2a/0x420
[ 1234.325710][T12692]  ksys_write+0x150/0x270
[ 1234.325739][T12692]  ? __pfx_ksys_write+0x10/0x10
[ 1234.325774][T12692]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1234.325794][T12692]  do_syscall_64+0x15f/0xf80
[ 1234.325818][T12692]  ? trace_irq_disable+0x3b/0x140
[ 1234.325838][T12692]  ? clear_bhb_loop+0x40/0x90
[ 1234.325861][T12692]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1234.325879][T12692] RIP: 0033:0x7fab5979c819
[ 1234.325898][T12692] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1234.325914][T12692] RSP: 002b:00007fab5a743028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1234.325935][T12692] RAX: ffffffffffffffda RBX: 00007fab59a15fa0 RCX: 00007fab5979c819
[ 1234.325949][T12692] RDX: 0000000000000fce RSI: 0000200000000840 RDI: 0000000000000003
[ 1234.325961][T12692] RBP: 00007fab5a743090 R08: 0000000000000000 R09: 0000000000000000
[ 1234.325973][T12692] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1234.325984][T12692] R13: 00007fab59a16038 R14: 00007fab59a15fa0 R15: 00007ffeb45b99f8
[ 1234.326015][T12692]  </TASK>
[ 1234.981521][T12708] can: request_module (can-proto-0) failed.
[ 1235.167329][T12722] pim6reg: entered allmulticast mode
[ 1235.191500][T12729] pim6reg: left allmulticast mode
[ 1235.714867][T12740] bond20: option all_slaves_active: invalid value (31)
[ 1235.724935][T12740] bond20 (unregistering): Released all slaves
[ 1235.781348][T12750] team0 (uninitialized): Failed to send options change via netlink (err -105)
[ 1235.911554][T12750] team0: entered promiscuous mode
[ 1235.937694][T12750] team0: entered allmulticast mode
[ 1236.153443][T12768] netlink: 'syz.2.14306': attribute type 1 has an invalid length.
[ 1236.194517][T12763] __nla_validate_parse: 8 callbacks suppressed
[ 1236.194541][T12763] netlink: 196 bytes leftover after parsing attributes in process `syz.4.14307'.
[ 1236.221773][T12763] netlink: 196 bytes leftover after parsing attributes in process `syz.4.14307'.
[ 1236.233054][T12763] netlink: 19 bytes leftover after parsing attributes in process `syz.4.14307'.
[ 1236.318787][T12768] bond16: entered promiscuous mode
[ 1236.351871][T12768] 8021q: adding VLAN 0 to HW filter on device bond16
[ 1236.466091][T12774] 8021q: adding VLAN 0 to HW filter on device bond16
[ 1236.489984][T12774] bond16: (slave vti0): The slave device specified does not support setting the MAC address
[ 1236.519440][T12774] bond16: (slave vti0): Setting fail_over_mac to active for active-backup mode
[ 1236.565789][T12774] bond16: (slave vti0): making interface the new active one
[ 1236.598170][T12774] vti0: entered promiscuous mode
[ 1236.626860][T12774] bond16: (slave vti0): Enslaving as an active interface with an up link
[ 1237.798292][T12827] lec:lec_atm_close: lec0: Shut down!
[ 1237.834040][T12833] netlink: 48 bytes leftover after parsing attributes in process `syz.3.14331'.
[ 1237.855300][T12835] netlink: 'syz.2.14332': attribute type 1 has an invalid length.
[ 1237.869154][T12835] netlink: 168 bytes leftover after parsing attributes in process `syz.2.14332'.
[ 1238.190672][T12845] mac80211_hwsim hwsim9 syzkaller0: entered promiscuous mode
[ 1238.230826][T12858] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.14338'.
[ 1238.395120][T12863] netlink: 65039 bytes leftover after parsing attributes in process `syz.3.14340'.
[ 1239.001666][T12898] tipc: Bearer <udp:syz1>: already 2 bearers with priority 10
[ 1239.021244][T12898] tipc: Bearer <udp:syz1>: trying with adjusted priority
[ 1239.035697][T12898] tipc: Enabling of bearer <udp:syz1> rejected, max 3 bearers permitted
[ 1239.071095][T12902] netlink: 4 bytes leftover after parsing attributes in process `syz.2.14348'.
[ 1239.088670][T12902] netlink: 176 bytes leftover after parsing attributes in process `syz.2.14348'.
[ 1239.135814][T12902] netlink: 'syz.2.14348': attribute type 5 has an invalid length.
[ 1239.234792][T12907] netlink: 'syz.1.14350': attribute type 1 has an invalid length.
[ 1239.401502][ T1300] clip:clip_start_xmit: skb_dst(skb) == NULL
[ 1239.597703][T12922] delete_channel: no stack
[ 1239.612007][T12922] syzkaller1: entered promiscuous mode
[ 1239.627682][T12922] syzkaller1: entered allmulticast mode
[ 1240.200484][T12958] netlink: 'syz.3.14365': attribute type 7 has an invalid length.
[ 1240.210475][T12958] netlink: 'syz.3.14365': attribute type 8 has an invalid length.
[ 1240.292143][T12960] netlink: 76 bytes leftover after parsing attributes in process `syz.1.14366'.
[ 1241.058131][T12986] syzkaller0: entered promiscuous mode
[ 1241.073821][T12986] syzkaller0: entered allmulticast mode
[ 1243.476223][    C1] lec0: NETDEV WATCHDOG: CPU: 1: transmit queue 0 timed out 5670 ms
[ 1243.484432][    C1] lec:lec_tx_timeout: lec0
[ 1243.490691][    C1] lec:lec_start_xmit: lec0:No lecd attached
[ 1246.252003][T13038] __nla_validate_parse: 7 callbacks suppressed
[ 1246.252028][T13038] netlink: 76 bytes leftover after parsing attributes in process `syz.1.14387'.
[ 1246.345429][T13042] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1246.605212][T13057] netlink: 132 bytes leftover after parsing attributes in process `syz.3.14394'.
[ 1247.180047][T13059] netdevsim netdevsim4 netdevsim0: Unsupported IPsec algorithm - please use rfc4106(gcm(aes))
[ 1247.198259][T13087] netlink: 'syz.1.14398': attribute type 1 has an invalid length.
[ 1247.226508][T13087] netlink: 96 bytes leftover after parsing attributes in process `syz.1.14398'.
[ 1247.257633][T13087] netlink: 'syz.1.14398': attribute type 1 has an invalid length.
[ 1247.275960][T13087] netlink: 'syz.1.14398': attribute type 8 has an invalid length.
[ 1247.297142][T13087] netlink: 606 bytes leftover after parsing attributes in process `syz.1.14398'.
[ 1247.318712][T13087] netlink: 1 bytes leftover after parsing attributes in process `syz.1.14398'.
[ 1248.507600][    C1] lec0: NETDEV WATCHDOG: CPU: 1: transmit queue 0 timed out 5020 ms
[ 1248.515812][    C1] lec:lec_tx_timeout: lec0
[ 1249.977980][T13089] netlink: 92 bytes leftover after parsing attributes in process `syz.1.14399'.
[ 1250.094944][T13089] netlink: 8 bytes leftover after parsing attributes in process `syz.1.14399'.
[ 1250.178965][T13089] netlink: 'syz.1.14399': attribute type 1 has an invalid length.
[ 1250.210421][T13102] netlink: 8 bytes leftover after parsing attributes in process `syz.1.14399'.
[ 1250.277718][T13089] netlink: 4 bytes leftover after parsing attributes in process `syz.1.14399'.
[ 1250.329199][T13102] netlink: 'syz.1.14399': attribute type 1 has an invalid length.
[ 1250.359478][T13102] netlink: 4 bytes leftover after parsing attributes in process `syz.1.14399'.
[ 1251.203828][T13132] syzkaller0: entered promiscuous mode
[ 1251.226418][T13132] syzkaller0: entered allmulticast mode
[ 1254.189879][T22428] lec:lec_start_xmit: lec0:No lecd attached
[ 1256.478293][T13158] syzkaller1: entered promiscuous mode
[ 1256.497603][T13158] syzkaller1: entered allmulticast mode
[ 1256.892561][T13197] __nla_validate_parse: 1 callbacks suppressed
[ 1256.892583][T13197] netlink: 76 bytes leftover after parsing attributes in process `syz.3.14426'.
[ 1256.985754][T13201] team_slave_0: left promiscuous mode
[ 1257.016674][T13201] ;: entered allmulticast mode
[ 1257.039670][T13201] vcan0: entered allmulticast mode
[ 1257.065775][T13201] vcan1: entered allmulticast mode
[ 1257.122618][T13201] mac80211_hwsim hwsim83 wlan10: entered allmulticast mode
[ 1257.143571][T13207] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1257.168223][T13201] veth34: entered allmulticast mode
[ 1257.177448][T13201] veth35: entered allmulticast mode
[ 1257.184035][T13201] macsec1: entered allmulticast mode
[ 1257.190484][T13201] team0: left promiscuous mode
[ 1257.195620][T13201] vxlan0: entered allmulticast mode
[ 1257.438442][T13209] syzkaller0: entered promiscuous mode
[ 1257.450739][T13221] netlink: 260 bytes leftover after parsing attributes in process `syz.2.14432'.
[ 1257.452514][T13209] syzkaller0: entered allmulticast mode
[ 1259.467960][    C1] lec0: NETDEV WATCHDOG: CPU: 1: transmit queue 0 timed out 5280 ms
[ 1259.476315][    C1] lec:lec_tx_timeout: lec0
[ 1262.243620][T13248] tipc: Enabled bearer <udp:syz2>, priority 10
[ 1262.288898][T13248] netlink: 8 bytes leftover after parsing attributes in process `syz.3.14440'.
[ 1262.342641][T13250] FAULT_INJECTION: forcing a failure.
[ 1262.342641][T13250] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1262.365484][T13250] CPU: 0 UID: 0 PID: 13250 Comm: syz.0.14443 Not tainted syzkaller #0 PREEMPT(full) 
[ 1262.365516][T13250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1262.365529][T13250] Call Trace:
[ 1262.365539][T13250]  <TASK>
[ 1262.365548][T13250]  dump_stack_lvl+0xe8/0x150
[ 1262.365583][T13250]  should_fail_ex+0x412/0x560
[ 1262.365618][T13250]  _copy_from_user+0x2d/0xb0
[ 1262.365641][T13250]  ___sys_sendmsg+0x1c6/0x360
[ 1262.365670][T13250]  ? __lock_acquire+0x6b5/0x2cf0
[ 1262.365701][T13250]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1262.365768][T13250]  ? __fget_files+0x2a/0x420
[ 1262.365792][T13250]  ? __fget_files+0x3a0/0x420
[ 1262.365827][T13250]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1262.365859][T13250]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1262.365898][T13250]  ? __pfx_ksys_write+0x10/0x10
[ 1262.365937][T13250]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1262.365959][T13250]  do_syscall_64+0x15f/0xf80
[ 1262.365983][T13250]  ? trace_irq_disable+0x3b/0x140
[ 1262.366004][T13250]  ? clear_bhb_loop+0x40/0x90
[ 1262.366029][T13250]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1262.366048][T13250] RIP: 0033:0x7f343ef9c819
[ 1262.366068][T13250] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1262.366085][T13250] RSP: 002b:00007f343feb6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1262.366107][T13250] RAX: ffffffffffffffda RBX: 00007f343f215fa0 RCX: 00007f343ef9c819
[ 1262.366122][T13250] RDX: 0000000000000000 RSI: 0000200000000400 RDI: 0000000000000005
[ 1262.366135][T13250] RBP: 00007f343feb6090 R08: 0000000000000000 R09: 0000000000000000
[ 1262.366147][T13250] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1262.366159][T13250] R13: 00007f343f216038 R14: 00007f343f215fa0 R15: 00007ffd67151f18
[ 1262.366192][T13250]  </TASK>
[ 1262.964909][T13260] netlink: 76 bytes leftover after parsing attributes in process `syz.0.14447'.
[ 1264.031656][T13295] FAULT_INJECTION: forcing a failure.
[ 1264.031656][T13295] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1264.114026][T13295] CPU: 0 UID: 0 PID: 13295 Comm: syz.4.14456 Not tainted syzkaller #0 PREEMPT(full) 
[ 1264.114057][T13295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1264.114070][T13295] Call Trace:
[ 1264.114078][T13295]  <TASK>
[ 1264.114088][T13295]  dump_stack_lvl+0xe8/0x150
[ 1264.114124][T13295]  should_fail_ex+0x412/0x560
[ 1264.114161][T13295]  _copy_from_user+0x2d/0xb0
[ 1264.114185][T13295]  __copy_msghdr+0x3c5/0x5b0
[ 1264.114221][T13295]  ___sys_sendmsg+0x213/0x360
[ 1264.114251][T13295]  ? __lock_acquire+0x6b5/0x2cf0
[ 1264.114291][T13295]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1264.114361][T13295]  ? __fget_files+0x2a/0x420
[ 1264.114388][T13295]  ? __fget_files+0x3a0/0x420
[ 1264.114425][T13295]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1264.114459][T13295]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1264.114501][T13295]  ? __pfx_ksys_write+0x10/0x10
[ 1264.114543][T13295]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1264.114566][T13295]  do_syscall_64+0x15f/0xf80
[ 1264.114591][T13295]  ? trace_irq_disable+0x3b/0x140
[ 1264.114615][T13295]  ? clear_bhb_loop+0x40/0x90
[ 1264.114642][T13295]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1264.114661][T13295] RIP: 0033:0x7f2dc259c819
[ 1264.114682][T13295] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1264.114699][T13295] RSP: 002b:00007f2dc34f5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1264.114723][T13295] RAX: ffffffffffffffda RBX: 00007f2dc2815fa0 RCX: 00007f2dc259c819
[ 1264.114738][T13295] RDX: 0000000000000000 RSI: 0000200000000400 RDI: 0000000000000005
[ 1264.114751][T13295] RBP: 00007f2dc34f5090 R08: 0000000000000000 R09: 0000000000000000
[ 1264.114765][T13295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1264.114779][T13295] R13: 00007f2dc2816038 R14: 00007f2dc2815fa0 R15: 00007ffdd573a9d8
[ 1264.114814][T13295]  </TASK>
[ 1265.824613][T13346] FAULT_INJECTION: forcing a failure.
[ 1265.824613][T13346] name failslab, interval 1, probability 0, space 0, times 0
[ 1265.860393][T13346] CPU: 1 UID: 0 PID: 13346 Comm: syz.1.14476 Not tainted syzkaller #0 PREEMPT(full) 
[ 1265.860425][T13346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1265.860438][T13346] Call Trace:
[ 1265.860446][T13346]  <TASK>
[ 1265.860456][T13346]  dump_stack_lvl+0xe8/0x150
[ 1265.860494][T13346]  should_fail_ex+0x412/0x560
[ 1265.860529][T13346]  should_failslab+0xa8/0x100
[ 1265.860554][T13346]  __kmalloc_noprof+0xe8/0x760
[ 1265.860589][T13346]  ? security_sk_alloc+0x52/0x360
[ 1265.860614][T13346]  security_sk_alloc+0x52/0x360
[ 1265.860639][T13346]  sk_prot_alloc+0x101/0x210
[ 1265.860666][T13346]  ? sk_alloc+0x27/0x390
[ 1265.860697][T13346]  sk_alloc+0x3a/0x390
[ 1265.860730][T13346]  bpf_prog_test_run_skb+0x415/0x2350
[ 1265.860761][T13346]  ? __fget_files+0x2a/0x420
[ 1265.860791][T13346]  ? bpf_prog_test_run_skb+0x241/0x2350
[ 1265.860827][T13346]  ? __fget_files+0x2a/0x420
[ 1265.860856][T13346]  ? __fget_files+0x2a/0x420
[ 1265.860879][T13346]  ? __fget_files+0x3a0/0x420
[ 1265.860903][T13346]  ? __fget_files+0x2a/0x420
[ 1265.860935][T13346]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 1265.860965][T13346]  bpf_prog_test_run+0x2c7/0x340
[ 1265.860995][T13346]  __sys_bpf+0x643/0x950
[ 1265.861020][T13346]  ? __pfx___sys_bpf+0x10/0x10
[ 1265.861071][T13346]  ? ksys_write+0x242/0x270
[ 1265.861105][T13346]  ? __pfx_ksys_write+0x10/0x10
[ 1265.861140][T13346]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1265.861164][T13346]  __x64_sys_bpf+0x7c/0x90
[ 1265.861185][T13346]  do_syscall_64+0x15f/0xf80
[ 1265.861211][T13346]  ? trace_irq_disable+0x3b/0x140
[ 1265.861233][T13346]  ? clear_bhb_loop+0x40/0x90
[ 1265.861258][T13346]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1265.861279][T13346] RIP: 0033:0x7fab5979c819
[ 1265.861299][T13346] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1265.861317][T13346] RSP: 002b:00007fab5a743028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1265.861340][T13346] RAX: ffffffffffffffda RBX: 00007fab59a15fa0 RCX: 00007fab5979c819
[ 1265.861356][T13346] RDX: 0000000000000023 RSI: 0000200000000240 RDI: 000000000000000a
[ 1265.861370][T13346] RBP: 00007fab5a743090 R08: 0000000000000000 R09: 0000000000000000
[ 1265.861383][T13346] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1265.861396][T13346] R13: 00007fab59a16038 R14: 00007fab59a15fa0 R15: 00007ffeb45b99f8
[ 1265.861431][T13346]  </TASK>
[ 1266.425301][T13338] lo speed is unknown, defaulting to 1000
[ 1266.586696][T13357] netlink: 196 bytes leftover after parsing attributes in process `syz.4.14481'.
[ 1266.617837][T13357] netlink: 196 bytes leftover after parsing attributes in process `syz.4.14481'.
[ 1266.627227][T13357] netlink: 19 bytes leftover after parsing attributes in process `syz.4.14481'.
[ 1266.756700][T13363] netlink: 40 bytes leftover after parsing attributes in process `syz.0.14484'.
[ 1267.201264][T13382] netlink: 284 bytes leftover after parsing attributes in process `syz.1.14489'.
[ 1267.475316][T13396] netlink: 24 bytes leftover after parsing attributes in process `syz.0.14492'.
[ 1267.806530][T13407] netlink: 4 bytes leftover after parsing attributes in process `syz.1.14496'.
[ 1267.856519][T13416] veth0: entered promiscuous mode
[ 1267.917398][T13407] veth0 (unregistering): left promiscuous mode
[ 1268.225144][T13430] FAULT_INJECTION: forcing a failure.
[ 1268.225144][T13430] name failslab, interval 1, probability 0, space 0, times 0
[ 1268.284176][T13430] CPU: 0 UID: 0 PID: 13430 Comm: syz.2.14501 Not tainted syzkaller #0 PREEMPT(full) 
[ 1268.284209][T13430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1268.284223][T13430] Call Trace:
[ 1268.284232][T13430]  <TASK>
[ 1268.284241][T13430]  dump_stack_lvl+0xe8/0x150
[ 1268.284278][T13430]  should_fail_ex+0x412/0x560
[ 1268.284314][T13430]  should_failslab+0xa8/0x100
[ 1268.284343][T13430]  __kmalloc_cache_node_noprof+0x8a/0x6b0
[ 1268.284376][T13430]  ? trace_kmalloc+0x2a/0xf0
[ 1268.284402][T13430]  ? page_pool_create_percpu+0x76/0xb80
[ 1268.284433][T13430]  page_pool_create_percpu+0x76/0xb80
[ 1268.284459][T13430]  ? __kvmalloc_node_noprof+0x393/0x8a0
[ 1268.284485][T13430]  bpf_test_run_xdp_live+0x23d/0x1cf0
[ 1268.284525][T13430]  ? bpf_dispatcher_change_prog+0xae0/0xd70
[ 1268.284572][T13430]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 1268.284600][T13430]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[ 1268.284656][T13430]  ? 0xffffffffa02016cc
[ 1268.284674][T13430]  ? 0xffffffffa020174c
[ 1268.284691][T13430]  ? 0xffffffffa0201788
[ 1268.284710][T13430]  ? 0xffffffffa02017c8
[ 1268.284727][T13430]  ? 0xffffffffa02019d4
[ 1268.284745][T13430]  ? 0xffffffffa0201a10
[ 1268.284762][T13430]  ? 0xffffffffa0202b0c
[ 1268.284780][T13430]  ? 0xffffffffa0202c08
[ 1268.284823][T13430]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[ 1268.284856][T13430]  ? _copy_from_user+0x94/0xb0
[ 1268.284879][T13430]  ? bpf_test_init+0x113/0x150
[ 1268.284905][T13430]  ? xdp_convert_md_to_buff+0x5b/0x330
[ 1268.284939][T13430]  bpf_prog_test_run_xdp+0x81c/0x1160
[ 1268.284986][T13430]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[ 1268.285032][T13430]  ? __fget_files+0x2a/0x420
[ 1268.285064][T13430]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[ 1268.285096][T13430]  bpf_prog_test_run+0x2c7/0x340
[ 1268.285124][T13430]  __sys_bpf+0x643/0x950
[ 1268.285150][T13430]  ? __pfx___sys_bpf+0x10/0x10
[ 1268.285191][T13430]  ? ksys_write+0x242/0x270
[ 1268.285224][T13430]  ? __pfx_ksys_write+0x10/0x10
[ 1268.285258][T13430]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1268.285282][T13430]  __x64_sys_bpf+0x7c/0x90
[ 1268.285304][T13430]  do_syscall_64+0x15f/0xf80
[ 1268.285330][T13430]  ? trace_irq_disable+0x3b/0x140
[ 1268.285351][T13430]  ? clear_bhb_loop+0x40/0x90
[ 1268.285378][T13430]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1268.285399][T13430] RIP: 0033:0x7f67e9f9c819
[ 1268.285419][T13430] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1268.285438][T13430] RSP: 002b:00007f67eaeb6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1268.285461][T13430] RAX: ffffffffffffffda RBX: 00007f67ea215fa0 RCX: 00007f67e9f9c819
[ 1268.285477][T13430] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[ 1268.285490][T13430] RBP: 00007f67eaeb6090 R08: 0000000000000000 R09: 0000000000000000
[ 1268.285511][T13430] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1268.285524][T13430] R13: 00007f67ea216038 R14: 00007f67ea215fa0 R15: 00007ffdb8d5c408
[ 1268.285560][T13430]  </TASK>
[ 1269.074436][T13451] FAULT_INJECTION: forcing a failure.
[ 1269.074436][T13451] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1269.103269][T13451] CPU: 1 UID: 0 PID: 13451 Comm: syz.3.14510 Not tainted syzkaller #0 PREEMPT(full) 
[ 1269.103301][T13451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1269.103313][T13451] Call Trace:
[ 1269.103322][T13451]  <TASK>
[ 1269.103332][T13451]  dump_stack_lvl+0xe8/0x150
[ 1269.103370][T13451]  should_fail_ex+0x412/0x560
[ 1269.103411][T13451]  _copy_from_user+0x2d/0xb0
[ 1269.103435][T13451]  ___sys_sendmsg+0x1c6/0x360
[ 1269.103466][T13451]  ? __lock_acquire+0x6b5/0x2cf0
[ 1269.103498][T13451]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1269.103566][T13451]  ? __fget_files+0x2a/0x420
[ 1269.103592][T13451]  ? __fget_files+0x3a0/0x420
[ 1269.103628][T13451]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1269.103660][T13451]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1269.103699][T13451]  ? __pfx_ksys_write+0x10/0x10
[ 1269.103739][T13451]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1269.103761][T13451]  do_syscall_64+0x15f/0xf80
[ 1269.103787][T13451]  ? trace_irq_disable+0x3b/0x140
[ 1269.103810][T13451]  ? clear_bhb_loop+0x40/0x90
[ 1269.103837][T13451]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1269.103857][T13451] RIP: 0033:0x7f4867f9c819
[ 1269.103879][T13451] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1269.103896][T13451] RSP: 002b:00007f4868f16028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1269.103919][T13451] RAX: ffffffffffffffda RBX: 00007f4868215fa0 RCX: 00007f4867f9c819
[ 1269.103934][T13451] RDX: 922bac8556bda5ce RSI: 0000200000000080 RDI: 0000000000000003
[ 1269.103950][T13451] RBP: 00007f4868f16090 R08: 0000000000000000 R09: 0000000000000000
[ 1269.103963][T13451] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1269.103976][T13451] R13: 00007f4868216038 R14: 00007f4868215fa0 R15: 00007fff81cacb88
[ 1269.104011][T13451]  </TASK>
[ 1269.306447][T13454] IPv6: sit4: Disabled Multicast RS
[ 1269.550555][T13456] netlink: 8 bytes leftover after parsing attributes in process `syz.1.14512'.
[ 1269.569735][T13465] x_tables: ip_tables: CLASSIFY target: used from hooks PREROUTING, but only usable from FORWARD/OUTPUT/POSTROUTING
[ 1269.618027][T13466] x_tables: ip_tables: CLASSIFY target: used from hooks PREROUTING, but only usable from FORWARD/OUTPUT/POSTROUTING
[ 1269.736129][T13469] FAULT_INJECTION: forcing a failure.
[ 1269.736129][T13469] name failslab, interval 1, probability 0, space 0, times 0
[ 1269.760648][T13469] CPU: 1 UID: 0 PID: 13469 Comm: syz.2.14518 Not tainted syzkaller #0 PREEMPT(full) 
[ 1269.760685][T13469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1269.760698][T13469] Call Trace:
[ 1269.760708][T13469]  <TASK>
[ 1269.760717][T13469]  dump_stack_lvl+0xe8/0x150
[ 1269.760753][T13469]  should_fail_ex+0x412/0x560
[ 1269.760789][T13469]  should_failslab+0xa8/0x100
[ 1269.760814][T13469]  __kvmalloc_node_noprof+0x178/0x8a0
[ 1269.760834][T13469]  ? page_pool_create_percpu+0x2dd/0xb80
[ 1269.760860][T13469]  ? page_pool_create_percpu+0xaf/0xb80
[ 1269.760888][T13469]  page_pool_create_percpu+0x2dd/0xb80
[ 1269.760913][T13469]  ? __kvmalloc_node_noprof+0x393/0x8a0
[ 1269.760938][T13469]  bpf_test_run_xdp_live+0x23d/0x1cf0
[ 1269.760977][T13469]  ? bpf_dispatcher_change_prog+0xae0/0xd70
[ 1269.761030][T13469]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 1269.761057][T13469]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[ 1269.761108][T13469]  ? 0xffffffffa02016cc
[ 1269.761126][T13469]  ? 0xffffffffa020174c
[ 1269.761142][T13469]  ? 0xffffffffa0201788
[ 1269.761159][T13469]  ? 0xffffffffa02017c8
[ 1269.761176][T13469]  ? 0xffffffffa02019d4
[ 1269.761194][T13469]  ? 0xffffffffa0201a10
[ 1269.761211][T13469]  ? 0xffffffffa0202b0c
[ 1269.761228][T13469]  ? 0xffffffffa0202c54
[ 1269.761268][T13469]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[ 1269.761300][T13469]  ? _copy_from_user+0x94/0xb0
[ 1269.761321][T13469]  ? bpf_test_init+0x113/0x150
[ 1269.761345][T13469]  ? xdp_convert_md_to_buff+0x5b/0x330
[ 1269.761376][T13469]  bpf_prog_test_run_xdp+0x81c/0x1160
[ 1269.761420][T13469]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[ 1269.761453][T13469]  ? __fget_files+0x2a/0x420
[ 1269.761482][T13469]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[ 1269.761512][T13469]  bpf_prog_test_run+0x2c7/0x340
[ 1269.761540][T13469]  __sys_bpf+0x643/0x950
[ 1269.761562][T13469]  ? __pfx___sys_bpf+0x10/0x10
[ 1269.761600][T13469]  ? ksys_write+0x242/0x270
[ 1269.761632][T13469]  ? __pfx_ksys_write+0x10/0x10
[ 1269.761666][T13469]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1269.761690][T13469]  __x64_sys_bpf+0x7c/0x90
[ 1269.761710][T13469]  do_syscall_64+0x15f/0xf80
[ 1269.761735][T13469]  ? trace_irq_disable+0x3b/0x140
[ 1269.761756][T13469]  ? clear_bhb_loop+0x40/0x90
[ 1269.761781][T13469]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1269.761801][T13469] RIP: 0033:0x7f67e9f9c819
[ 1269.761821][T13469] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1269.761838][T13469] RSP: 002b:00007f67eaeb6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1269.761863][T13469] RAX: ffffffffffffffda RBX: 00007f67ea215fa0 RCX: 00007f67e9f9c819
[ 1269.761878][T13469] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[ 1269.761891][T13469] RBP: 00007f67eaeb6090 R08: 0000000000000000 R09: 0000000000000000
[ 1269.761904][T13469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1269.761916][T13469] R13: 00007f67ea216038 R14: 00007f67ea215fa0 R15: 00007ffdb8d5c408
[ 1269.761971][T13469]  </TASK>
[ 1269.764803][T13469] page_pool_create_percpu() gave up with errno -12
[ 1270.919458][T13500] netlink: 12 bytes leftover after parsing attributes in process `syz.4.14530'.
[ 1270.979800][T13502] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1271.239005][T13516] veth0_to_team: entered promiscuous mode
[ 1271.286002][T13516] veth0_to_team: left allmulticast mode
[ 1271.316418][T13517] netlink: 4 bytes leftover after parsing attributes in process `syz.4.14535'.
[ 1271.326350][T13512] netlink: 8 bytes leftover after parsing attributes in process `syz.3.14537'.
[ 1271.366480][T13523] sctp: [Deprecated]: syz.4.14535 (pid 13523) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1271.366480][T13523] Use struct sctp_sack_info instead
[ 1271.417144][T13517] smc: removing net device team0 with user defined pnetid SYZ2
[ 1271.595655][T13528] openvswitch: netlink: ct_state flags 010000e0 unsupported
[ 1271.793899][T13517] team0 (unregistering): Port device bridge13 removed
[ 1271.841829][T13517] team0 (unregistering): Port device bridge16 removed
[ 1271.862202][T13517] team0 (unregistering): Port device bridge18 removed
[ 1271.881003][T13517] team0 (unregistering): Port device bridge19 removed
[ 1271.900961][T13517] team0 (unregistering): Port device bridge20 removed
[ 1271.921711][T13517] team0 (unregistering): Port device bridge22 removed
[ 1271.955102][T13512] netlink: 'syz.3.14537': attribute type 1 has an invalid length.
[ 1272.107445][T13515] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1272.696017][T13563] FAULT_INJECTION: forcing a failure.
[ 1272.696017][T13563] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1272.708357][T13562] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14547'.
[ 1272.735186][T13563] CPU: 0 UID: 0 PID: 13563 Comm: syz.4.14548 Not tainted syzkaller #0 PREEMPT(full) 
[ 1272.735217][T13563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1272.735230][T13563] Call Trace:
[ 1272.735248][T13563]  <TASK>
[ 1272.735258][T13563]  dump_stack_lvl+0xe8/0x150
[ 1272.735292][T13563]  should_fail_ex+0x412/0x560
[ 1272.735327][T13563]  _copy_to_user+0x31/0xb0
[ 1272.735351][T13563]  simple_read_from_buffer+0xe1/0x170
[ 1272.735383][T13563]  proc_fail_nth_read+0x1bb/0x230
[ 1272.735416][T13563]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1272.735449][T13563]  ? rw_verify_area+0x2a6/0x4d0
[ 1272.735478][T13563]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1272.735509][T13563]  vfs_read+0x20c/0xa70
[ 1272.735545][T13563]  ? __pfx___mutex_lock+0x10/0x10
[ 1272.735575][T13563]  ? __pfx_vfs_read+0x10/0x10
[ 1272.735607][T13563]  ? __fget_files+0x2a/0x420
[ 1272.735639][T13563]  ? __fget_files+0x3a0/0x420
[ 1272.735664][T13563]  ? __fget_files+0x2a/0x420
[ 1272.735701][T13563]  ksys_read+0x150/0x270
[ 1272.735735][T13563]  ? __pfx_ksys_read+0x10/0x10
[ 1272.735775][T13563]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1272.735800][T13563]  do_syscall_64+0x15f/0xf80
[ 1272.735830][T13563]  ? trace_irq_disable+0x3b/0x140
[ 1272.735855][T13563]  ? clear_bhb_loop+0x40/0x90
[ 1272.735881][T13563]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1272.735903][T13563] RIP: 0033:0x7f2dc255d04e
[ 1272.735925][T13563] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1272.735944][T13563] RSP: 002b:00007f2dc34f4fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1272.735968][T13563] RAX: ffffffffffffffda RBX: 00007f2dc34f56c0 RCX: 00007f2dc255d04e
[ 1272.735984][T13563] RDX: 000000000000000f RSI: 00007f2dc34f50a0 RDI: 0000000000000004
[ 1272.735996][T13563] RBP: 00007f2dc34f5090 R08: 0000000000000000 R09: 0000000000000000
[ 1272.736009][T13563] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1272.736021][T13563] R13: 00007f2dc2816038 R14: 00007f2dc2815fa0 R15: 00007ffdd573a9d8
[ 1272.736058][T13563]  </TASK>
[ 1272.748705][T13562] macvlan0: left allmulticast mode
[ 1272.968618][T13562] netlink: 'syz.0.14547': attribute type 1 has an invalid length.
[ 1272.980873][T13567] "syz.2.14550" (13567) uses obsolete ecb(arc4) skcipher
[ 1273.000445][T13568] netlink: 16 bytes leftover after parsing attributes in process `syz.4.14549'.
[ 1273.016369][T13562] netlink: 'syz.0.14547': attribute type 2 has an invalid length.
[ 1273.592588][T13589] syzkaller1: entered promiscuous mode
[ 1273.599244][T13589] syzkaller1: entered allmulticast mode
[ 1273.706322][T13594] netlink: 512 bytes leftover after parsing attributes in process `syz.3.14558'.
[ 1273.783163][T13593] netlink: 4 bytes leftover after parsing attributes in process `syz.1.14554'.
[ 1274.397142][T13627] netlink: 16 bytes leftover after parsing attributes in process `syz.2.14569'.
[ 1274.417641][T13627] netlink: 'syz.2.14569': attribute type 3 has an invalid length.
[ 1274.459773][T13627] netlink: 20 bytes leftover after parsing attributes in process `syz.2.14569'.
[ 1274.558333][T13638] netlink: 512 bytes leftover after parsing attributes in process `syz.4.14571'.
[ 1274.786904][T13641] netlink: 256 bytes leftover after parsing attributes in process `syz.3.14572'.
[ 1274.812999][T13641] netlink: 'syz.3.14572': attribute type 9 has an invalid length.
[ 1275.331541][T13679] netlink: 12 bytes leftover after parsing attributes in process `syz.4.14583'.
[ 1275.396128][T13684] netlink: 16 bytes leftover after parsing attributes in process `syz.2.14584'.
[ 1275.416497][T13684] netlink: 'syz.2.14584': attribute type 1 has an invalid length.
[ 1275.470344][ T5828] block nbd3: Receive control failed (result -107)
[ 1275.923874][T13705] netlink: 'syz.2.14593': attribute type 3 has an invalid length.
[ 1276.096689][T13712] FAULT_INJECTION: forcing a failure.
[ 1276.096689][T13712] name failslab, interval 1, probability 0, space 0, times 0
[ 1276.127581][T13712] CPU: 0 UID: 0 PID: 13712 Comm: syz.4.14595 Not tainted syzkaller #0 PREEMPT(full) 
[ 1276.127613][T13712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1276.127627][T13712] Call Trace:
[ 1276.127636][T13712]  <TASK>
[ 1276.127645][T13712]  dump_stack_lvl+0xe8/0x150
[ 1276.127683][T13712]  should_fail_ex+0x412/0x560
[ 1276.127720][T13712]  should_failslab+0xa8/0x100
[ 1276.127746][T13712]  __kmalloc_cache_noprof+0x88/0x660
[ 1276.127776][T13712]  ? netlink_lookup+0x30/0x200
[ 1276.127804][T13712]  ? genl_family_rcv_msg_attrs_parse+0xe9/0x2f0
[ 1276.127829][T13712]  ? genl_start+0x1c9/0x6c0
[ 1276.127860][T13712]  genl_start+0x1c9/0x6c0
[ 1276.127883][T13712]  ? netlink_lookup+0x30/0x200
[ 1276.127918][T13712]  __netlink_dump_start+0x469/0x7e0
[ 1276.127956][T13712]  genl_family_rcv_msg_dumpit+0x213/0x310
[ 1276.127995][T13712]  ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10
[ 1276.128027][T13712]  ? __pfx_genl_start+0x10/0x10
[ 1276.128048][T13712]  ? __pfx_genl_dumpit+0x10/0x10
[ 1276.128070][T13712]  ? __pfx_genl_done+0x10/0x10
[ 1276.128097][T13712]  ? bpf_lsm_capable+0x9/0x20
[ 1276.128121][T13712]  ? security_capable+0x7e/0x2c0
[ 1276.128153][T13712]  genl_rcv_msg+0x5e8/0x7a0
[ 1276.128183][T13712]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1276.128206][T13712]  ? __pfx_batadv_bla_backbone_dump+0x10/0x10
[ 1276.128254][T13712]  netlink_rcv_skb+0x232/0x4b0
[ 1276.128283][T13712]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1276.128309][T13712]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1276.128356][T13712]  ? down_read+0x270/0x2e0
[ 1276.128383][T13712]  ? genl_rcv+0xd/0x40
[ 1276.128407][T13712]  genl_rcv+0x28/0x40
[ 1276.128430][T13712]  netlink_unicast+0x75c/0x8e0
[ 1276.128468][T13712]  netlink_sendmsg+0x813/0xb40
[ 1276.128514][T13712]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1276.128548][T13712]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1276.128578][T13712]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1276.128613][T13712]  ____sys_sendmsg+0x972/0x9f0
[ 1276.128646][T13712]  ? __might_fault+0xaf/0x130
[ 1276.128681][T13712]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1276.128723][T13712]  ? import_iovec+0x73/0xa0
[ 1276.128750][T13712]  ___sys_sendmsg+0x2a5/0x360
[ 1276.128779][T13712]  ? __lock_acquire+0x6b5/0x2cf0
[ 1276.128809][T13712]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1276.128881][T13712]  ? __fget_files+0x2a/0x420
[ 1276.128906][T13712]  ? __fget_files+0x3a0/0x420
[ 1276.128945][T13712]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1276.128980][T13712]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1276.129032][T13712]  ? __pfx_ksys_write+0x10/0x10
[ 1276.129074][T13712]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1276.129098][T13712]  do_syscall_64+0x15f/0xf80
[ 1276.129123][T13712]  ? trace_irq_disable+0x3b/0x140
[ 1276.129146][T13712]  ? clear_bhb_loop+0x40/0x90
[ 1276.129172][T13712]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1276.129193][T13712] RIP: 0033:0x7f2dc259c819
[ 1276.129214][T13712] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1276.129233][T13712] RSP: 002b:00007f2dc34f5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1276.129256][T13712] RAX: ffffffffffffffda RBX: 00007f2dc2815fa0 RCX: 00007f2dc259c819
[ 1276.129272][T13712] RDX: 0000000000004000 RSI: 0000200000000040 RDI: 0000000000000003
[ 1276.129286][T13712] RBP: 00007f2dc34f5090 R08: 0000000000000000 R09: 0000000000000000
[ 1276.129299][T13712] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1276.129312][T13712] R13: 00007f2dc2816038 R14: 00007f2dc2815fa0 R15: 00007ffdd573a9d8
[ 1276.129349][T13712]  </TASK>
[ 1276.558321][T13720] FAULT_INJECTION: forcing a failure.
[ 1276.558321][T13720] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1276.575620][T13720] CPU: 1 UID: 0 PID: 13720 Comm: syz.4.14599 Not tainted syzkaller #0 PREEMPT(full) 
[ 1276.575652][T13720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1276.575665][T13720] Call Trace:
[ 1276.575674][T13720]  <TASK>
[ 1276.575683][T13720]  dump_stack_lvl+0xe8/0x150
[ 1276.575720][T13720]  should_fail_ex+0x412/0x560
[ 1276.575754][T13720]  _copy_from_user+0x2d/0xb0
[ 1276.575778][T13720]  sctp_setsockopt+0x1c4/0x12c0
[ 1276.575806][T13720]  ? sock_common_setsockopt+0x36/0xc0
[ 1276.575832][T13720]  ? __pfx_sock_common_setsockopt+0x10/0x10
[ 1276.575867][T13720]  do_sock_setsockopt+0x17c/0x1b0
[ 1276.575902][T13720]  __x64_sys_setsockopt+0x13d/0x1b0
[ 1276.575934][T13720]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1276.575957][T13720]  do_syscall_64+0x15f/0xf80
[ 1276.575982][T13720]  ? trace_irq_disable+0x3b/0x140
[ 1276.576005][T13720]  ? clear_bhb_loop+0x40/0x90
[ 1276.576031][T13720]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1276.576053][T13720] RIP: 0033:0x7f2dc259c819
[ 1276.576072][T13720] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1276.576090][T13720] RSP: 002b:00007f2dc34f5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1276.576114][T13720] RAX: ffffffffffffffda RBX: 00007f2dc2815fa0 RCX: 00007f2dc259c819
[ 1276.576131][T13720] RDX: 0000000000000017 RSI: 0000000000000084 RDI: 0000000000000003
[ 1276.576144][T13720] RBP: 00007f2dc34f5090 R08: 0000000000000063 R09: 0000000000000000
[ 1276.576157][T13720] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000001
[ 1276.576171][T13720] R13: 00007f2dc2816038 R14: 00007f2dc2815fa0 R15: 00007ffdd573a9d8
[ 1276.576215][T13720]  </TASK>
[ 1276.802944][T13715] sctp: [Deprecated]: syz.3.14597 (pid 13715) Use of int in maxseg socket option.
[ 1276.802944][T13715] Use struct sctp_assoc_value instead
[ 1276.821114][T13715] x_tables: duplicate underflow at hook 2
[ 1278.312146][T13727] __nla_validate_parse: 1 callbacks suppressed
[ 1278.312169][T13727] netlink: 104 bytes leftover after parsing attributes in process `syz.4.14602'.
[ 1278.430684][T13731] lo speed is unknown, defaulting to 1000
[ 1278.466635][T13762] netlink: 'syz.3.14611': attribute type 13 has an invalid length.
[ 1278.519441][T13762] erspan0: refused to change device tx_queue_len
[ 1278.542018][T13762] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[ 1278.880271][T13771] netlink: 64 bytes leftover after parsing attributes in process `syz.4.14615'.
[ 1278.912602][T13771] netlink: 64 bytes leftover after parsing attributes in process `syz.4.14615'.
[ 1279.120378][T13782] netlink: 8 bytes leftover after parsing attributes in process `syz.1.14616'.
[ 1279.158856][T13786] netlink: 'syz.4.14619': attribute type 1 has an invalid length.
[ 1279.209920][T13786] netlink: 224 bytes leftover after parsing attributes in process `syz.4.14619'.
[ 1279.763855][T13802] netlink: 28 bytes leftover after parsing attributes in process `syz.4.14624'.
[ 1279.795210][T13802] bridge0: left allmulticast mode
[ 1279.913962][T13807] netlink: 'syz.1.14627': attribute type 13 has an invalid length.
[ 1279.960099][T13807] gretap0: refused to change device tx_queue_len
[ 1279.976499][T13807] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[ 1280.062440][T13816] netlink: 16 bytes leftover after parsing attributes in process `syz.4.14631'.
[ 1280.214533][T13820] Cannot find del_set index 4 as target
[ 1280.605734][T13829] netlink: 'syz.1.14637': attribute type 12 has an invalid length.
[ 1280.665149][T13839] netlink: 12 bytes leftover after parsing attributes in process `syz.2.14641'.
[ 1280.786695][T13845] netlink: 12 bytes leftover after parsing attributes in process `syz.1.14637'.
[ 1280.824533][T13829] bond26: option primary_reselect: invalid value (255)
[ 1280.879555][T13829] bond26 (unregistering): Released all slaves
[ 1280.962365][T13833] syzkaller1: entered promiscuous mode
[ 1280.975415][T13833] syzkaller1: entered allmulticast mode
[ 1281.001071][T13855] netlink: 'syz.2.14641': attribute type 2 has an invalid length.
[ 1281.018454][T13839] netlink: 12 bytes leftover after parsing attributes in process `syz.2.14641'.
[ 1281.124231][T13850] netlink: 'syz.2.14641': attribute type 4 has an invalid length.
[ 1281.145152][T13860] netlink: 'syz.0.14646': attribute type 1 has an invalid length.
[ 1281.322180][T13862] netlink: 'syz.4.14647': attribute type 29 has an invalid length.
[ 1281.360445][T13864] FAULT_INJECTION: forcing a failure.
[ 1281.360445][T13864] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1281.385716][T13862] netlink: 'syz.4.14647': attribute type 29 has an invalid length.
[ 1281.409865][T13864] CPU: 0 UID: 0 PID: 13864 Comm: syz.0.14648 Not tainted syzkaller #0 PREEMPT(full) 
[ 1281.409896][T13864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1281.409910][T13864] Call Trace:
[ 1281.409918][T13864]  <TASK>
[ 1281.409928][T13864]  dump_stack_lvl+0xe8/0x150
[ 1281.409965][T13864]  should_fail_ex+0x412/0x560
[ 1281.410000][T13864]  _copy_from_user+0x2d/0xb0
[ 1281.410024][T13864]  __sys_sendto+0x2b0/0x710
[ 1281.410057][T13864]  ? __pfx___sys_sendto+0x10/0x10
[ 1281.410083][T13864]  ? __mutex_unlock_slowpath+0x1be/0x6f0
[ 1281.410135][T13864]  ? __fget_files+0x3a0/0x420
[ 1281.410173][T13864]  ? ksys_write+0x242/0x270
[ 1281.410207][T13864]  ? __pfx_ksys_write+0x10/0x10
[ 1281.410243][T13864]  __x64_sys_sendto+0xde/0x100
[ 1281.410273][T13864]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1281.410296][T13864]  do_syscall_64+0x15f/0xf80
[ 1281.410322][T13864]  ? trace_irq_disable+0x3b/0x140
[ 1281.410345][T13864]  ? clear_bhb_loop+0x40/0x90
[ 1281.410371][T13864]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1281.410391][T13864] RIP: 0033:0x7f343ef9c819
[ 1281.410412][T13864] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1281.410430][T13864] RSP: 002b:00007f343feb6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 1281.410453][T13864] RAX: ffffffffffffffda RBX: 00007f343f215fa0 RCX: 00007f343ef9c819
[ 1281.410469][T13864] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[ 1281.410481][T13864] RBP: 00007f343feb6090 R08: 00002000000001c0 R09: 000000000000001c
[ 1281.410495][T13864] R10: 0000000020008045 R11: 0000000000000246 R12: 0000000000000001
[ 1281.410509][T13864] R13: 00007f343f216038 R14: 00007f343f215fa0 R15: 00007ffd67151f18
[ 1281.410550][T13864]  </TASK>
[ 1281.825092][T13870] syzkaller0: entered promiscuous mode
[ 1281.846290][T13875] openvswitch: netlink: Tunnel attr 78 out of range max 16
[ 1281.849007][T13870] syzkaller0: entered allmulticast mode
[ 1281.984290][T13875] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1282.095165][T13882] netlink: 'syz.0.14655': attribute type 1 has an invalid length.
[ 1282.214404][T13875] syzkaller0: entered promiscuous mode
[ 1282.245417][T13875] syzkaller0: entered allmulticast mode
[ 1282.271161][ T2123] IPVS: ip_vs_send_async error -19
[ 1282.287120][T13875] tipc: Resetting bearer <eth:syzkaller0>
[ 1282.354413][T13888] xt_CT: No such helper "pptp"
[ 1282.690205][ T1156] tipc: Resetting bearer <eth:syzkaller0>
[ 1282.747050][T13882] vlan3: entered promiscuous mode
[ 1282.826687][T13906] workqueue: Failed to create a rescuer kthread for wq "bond26": -EINTR
[ 1282.830308][T13874] tipc: Resetting bearer <eth:syzkaller0>
[ 1286.675549][T13874] tipc: Disabling bearer <eth:syzkaller0>
[ 1286.699519][T13914] virt_wifi0: left promiscuous mode
[ 1286.718533][T13914] bond16: entered allmulticast mode
[ 1286.725903][T13914] geneve5: entered allmulticast mode
[ 1286.751617][T13914] ipvlan10: entered allmulticast mode
[ 1286.769074][T13914] ipvlan11: entered allmulticast mode
[ 1286.798383][T13918] syzkaller1: entered promiscuous mode
[ 1286.804073][T13918] syzkaller1: entered allmulticast mode
[ 1287.111593][T13922] syzkaller0: entered promiscuous mode
[ 1287.128921][T13922] syzkaller0: entered allmulticast mode
[ 1287.183197][T13931] __nla_validate_parse: 3 callbacks suppressed
[ 1287.183223][T13931] netlink: 4 bytes leftover after parsing attributes in process `syz.1.14668'.
[ 1287.300740][T13931] openvswitch: netlink: Flow actions attr not present in new flow.
[ 1287.412306][T13939] Cannot find del_set index 4 as target
[ 1287.619236][T13946] netlink: 48 bytes leftover after parsing attributes in process `syz.2.14673'.
[ 1287.889987][T13963] netlink: 'syz.0.14675': attribute type 11 has an invalid length.
[ 1287.921427][T13963] netlink: 228 bytes leftover after parsing attributes in process `syz.0.14675'.
[ 1291.871464][T13967] syzkaller1: entered promiscuous mode
[ 1291.877333][T13967] syzkaller1: entered allmulticast mode
[ 1292.310098][T13987] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[ 1292.334972][T13996] netlink: 32 bytes leftover after parsing attributes in process `syz.0.14686'.
[ 1292.351456][T13987] tipc: Enabling of bearer <eth:syzkaller0> rejected, max 3 bearers permitted
[ 1292.401196][T13997] netlink: 'syz.1.14687': attribute type 13 has an invalid length.
[ 1292.412692][T13987] syzkaller0: entered promiscuous mode
[ 1292.446773][T13987] syzkaller0: entered allmulticast mode
[ 1292.866130][T14015] netlink: 'syz.2.14691': attribute type 1 has an invalid length.
[ 1292.874367][T14015] netlink: 224 bytes leftover after parsing attributes in process `syz.2.14691'.
[ 1292.885885][T14013] netlink: 4 bytes leftover after parsing attributes in process `syz.0.14690'.
[ 1292.971918][T14013] team0: left promiscuous mode
[ 1292.973013][T14017] netlink: 'syz.4.14692': attribute type 35 has an invalid length.
[ 1292.984848][T14013] team_slave_0: left promiscuous mode
[ 1292.985109][T14013] ±ÿ: left promiscuous mode
[ 1292.985298][T14013] bridge3: left promiscuous mode
[ 1292.985446][T14013] bridge4: left promiscuous mode
[ 1292.985592][T14013] bridge6: left promiscuous mode
[ 1292.985742][T14013] bridge7: left promiscuous mode
[ 1292.985891][T14013] bridge8: left promiscuous mode
[ 1293.033181][T14013] bridge9: left promiscuous mode
[ 1293.040528][T14013] bridge10: left promiscuous mode
[ 1293.045900][T14013] bridge11: left promiscuous mode
[ 1293.071993][T14013] bridge12: left promiscuous mode
[ 1293.082142][T14013] bridge13: left promiscuous mode
[ 1293.092260][T14013] bridge14: left promiscuous mode
[ 1293.101060][T14013] bridge15: left promiscuous mode
[ 1293.119179][T14013] bridge16: left promiscuous mode
[ 1293.136025][T14013] bridge17: left promiscuous mode
[ 1293.164721][T14013] bridge20: left promiscuous mode
[ 1293.182101][T14013] bridge0: port 3(team0) entered disabled state
[ 1293.210972][T14013] bridge_slave_0: left promiscuous mode
[ 1293.216946][T14013] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1293.618817][T14042] netlink: 224 bytes leftover after parsing attributes in process `syz.0.14700'.
[ 1293.663179][T14042] tipc: Resetting bearer <ib:gretap0>
[ 1293.750685][T14042] tipc: Resetting bearer <eth:xfrm0>
[ 1293.810325][T14058] netlink: 512 bytes leftover after parsing attributes in process `syz.4.14703'.
[ 1293.836747][T14059] netlink: 'syz.2.14704': attribute type 13 has an invalid length.
[ 1294.124709][T14063] ksmbd: Daemon and kernel module version mismatch. ksmbd: 124, kernel module: 1. User-space ksmbd should terminate.
[ 1294.191607][T14064] ksmbd: Daemon and kernel module version mismatch. ksmbd: 124, kernel module: 1. User-space ksmbd should terminate.
[ 1294.425729][T14076] netlink: 260 bytes leftover after parsing attributes in process `syz.4.14708'.
[ 1294.855955][T14097] netlink: 'syz.3.14715': attribute type 1 has an invalid length.
[ 1294.882922][T14097] netlink: 224 bytes leftover after parsing attributes in process `syz.3.14715'.
[ 1295.045924][T14102] netlink: 512 bytes leftover after parsing attributes in process `syz.2.14716'.
[ 1295.241678][T14109] netlink: 'syz.4.14720': attribute type 13 has an invalid length.
[ 1295.258738][T14109] netlink: 'syz.4.14720': attribute type 27 has an invalid length.
[ 1296.007283][T14137] netlink: 16 bytes leftover after parsing attributes in process `syz.0.14727'.
[ 1296.328656][T14160] netlink: 'syz.1.14734': attribute type 1 has an invalid length.
[ 1296.355642][T14160] netlink: 228 bytes leftover after parsing attributes in process `syz.1.14734'.
[ 1296.720293][T14176] netlink: 'syz.0.14740': attribute type 13 has an invalid length.
[ 1296.739085][T14176] netlink: 'syz.0.14740': attribute type 27 has an invalid length.
[ 1297.047477][T14181] 
[ 1297.049874][T14181] ======================================================
[ 1297.056969][T14181] WARNING: possible circular locking dependency detected
[ 1297.064101][T14181] syzkaller #0 Not tainted
[ 1297.068527][T14181] ------------------------------------------------------
[ 1297.075543][T14181] syz.0.14742/14181 is trying to acquire lock:
[ 1297.081706][T14181] ffffffff8ea84780 (fs_reclaim){+.+.}-{0:0}, at: prepare_alloc_pages+0x152/0x650
[ 1297.090872][T14181] 
[ 1297.090872][T14181] but task is already holding lock:
[ 1297.098240][T14181] ffff888053a0c078 (&mm->mmap_lock){++++}-{4:4}, at: lock_mm_and_find_vma+0x36/0x340
[ 1297.107748][T14181] 
[ 1297.107748][T14181] which lock already depends on the new lock.
[ 1297.107748][T14181] 
[ 1297.118252][T14181] 
[ 1297.118252][T14181] the existing dependency chain (in reverse order) is:
[ 1297.127268][T14181] 
[ 1297.127268][T14181] -> #7 (&mm->mmap_lock){++++}-{4:4}:
[ 1297.134840][T14181]        __might_fault+0xcb/0x130
[ 1297.139977][T14181]        _copy_from_iter+0x100/0x1670
[ 1297.145376][T14181]        tcp_sendmsg_locked+0x2121/0x5450
[ 1297.151113][T14181]        tcp_sendmsg+0x2f/0x50
[ 1297.156063][T14181]        sock_write_iter+0x406/0x4f0
[ 1297.161353][T14181]        vfs_write+0x61d/0xb90
[ 1297.166133][T14181]        ksys_write+0x150/0x270
[ 1297.170998][T14181]        do_syscall_64+0x15f/0xf80
[ 1297.176116][T14181]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1297.182534][T14181] 
[ 1297.182534][T14181] -> #6 (sk_lock-AF_INET){+.+.}-{0:0}:
[ 1297.190191][T14181]        lock_sock_nested+0x41/0x100
[ 1297.195571][T14181]        inet_shutdown+0x6a/0x390
[ 1297.200598][T14181]        nbd_mark_nsock_dead+0x2e9/0x560
[ 1297.206237][T14181]        recv_work+0x1c2e/0x1d40
[ 1297.211177][T14181]        process_scheduled_works+0xb5d/0x1860
[ 1297.217256][T14181]        worker_thread+0xa53/0xfc0
[ 1297.222377][T14181]        kthread+0x388/0x470
[ 1297.226972][T14181]        ret_from_fork+0x514/0xb70
[ 1297.232095][T14181]        ret_from_fork_asm+0x1a/0x30
[ 1297.237405][T14181] 
[ 1297.237405][T14181] -> #5 (&nsock->tx_lock){+.+.}-{4:4}:
[ 1297.245062][T14181]        __mutex_lock+0x1a3/0x1550
[ 1297.250297][T14181]        nbd_queue_rq+0x37b/0x1100
[ 1297.255538][T14181]        blk_mq_dispatch_rq_list+0xa70/0x1910
[ 1297.261609][T14181]        __blk_mq_sched_dispatch_requests+0xdcc/0x1600
[ 1297.268463][T14181]        blk_mq_sched_dispatch_requests+0xd7/0x190
[ 1297.274968][T14181]        blk_mq_run_hw_queue+0x348/0x4f0
[ 1297.280612][T14181]        blk_mq_dispatch_list+0xd16/0xe10
[ 1297.286335][T14181]        blk_mq_flush_plug_list+0x48d/0x570
[ 1297.292239][T14181]        __blk_flush_plug+0x3ed/0x4d0
[ 1297.297710][T14181]        __submit_bio+0x28d/0x580
[ 1297.302746][T14181]        submit_bio_noacct_nocheck+0x2f4/0xa40
[ 1297.308914][T14181]        block_read_full_folio+0x599/0x830
[ 1297.314748][T14181]        filemap_read_folio+0x137/0x3b0
[ 1297.320387][T14181]        do_read_cache_folio+0x358/0x590
[ 1297.326110][T14181]        read_part_sector+0xb6/0x2b0
[ 1297.331416][T14181]        adfspart_check_ICS+0xb1/0x960
[ 1297.336903][T14181]        bdev_disk_changed+0x817/0x1770
[ 1297.342466][T14181]        blkdev_get_whole+0x380/0x510
[ 1297.347850][T14181]        bdev_open+0x31e/0xd30
[ 1297.352612][T14181]        blkdev_open+0x470/0x610
[ 1297.357560][T14181]        do_dentry_open+0x785/0x14e0
[ 1297.362859][T14181]        vfs_open+0x3b/0x340
[ 1297.367454][T14181]        path_openat+0x2e08/0x3860
[ 1297.372577][T14181]        do_file_open+0x23e/0x4a0
[ 1297.377613][T14181]        do_sys_openat2+0x113/0x200
[ 1297.382910][T14181]        __x64_sys_openat+0x138/0x170
[ 1297.388299][T14181]        do_syscall_64+0x15f/0xf80
[ 1297.393424][T14181]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1297.399935][T14181] 
[ 1297.399935][T14181] -> #4 (&cmd->lock){+.+.}-{4:4}:
[ 1297.407172][T14181]        __mutex_lock+0x1a3/0x1550
[ 1297.412381][T14181]        nbd_queue_rq+0xc6/0x1100
[ 1297.417585][T14181]        blk_mq_dispatch_rq_list+0xa70/0x1910
[ 1297.424178][T14181]        __blk_mq_sched_dispatch_requests+0xdcc/0x1600
[ 1297.431029][T14181]        blk_mq_sched_dispatch_requests+0xd7/0x190
[ 1297.437974][T14181]        blk_mq_run_hw_queue+0x348/0x4f0
[ 1297.443629][T14181]        blk_mq_dispatch_list+0xd16/0xe10
[ 1297.449349][T14181]        blk_mq_flush_plug_list+0x48d/0x570
[ 1297.455270][T14181]        __blk_flush_plug+0x3ed/0x4d0
[ 1297.460647][T14181]        __submit_bio+0x28d/0x580
[ 1297.465757][T14181]        submit_bio_noacct_nocheck+0x2f4/0xa40
[ 1297.472036][T14181]        block_read_full_folio+0x599/0x830
[ 1297.477936][T14181]        filemap_read_folio+0x137/0x3b0
[ 1297.483494][T14181]        do_read_cache_folio+0x358/0x590
[ 1297.489132][T14181]        read_part_sector+0xb6/0x2b0
[ 1297.494518][T14181]        adfspart_check_ICS+0xb1/0x960
[ 1297.499984][T14181]        bdev_disk_changed+0x817/0x1770
[ 1297.505531][T14181]        blkdev_get_whole+0x380/0x510
[ 1297.510991][T14181]        bdev_open+0x31e/0xd30
[ 1297.515758][T14181]        blkdev_open+0x470/0x610
[ 1297.520719][T14181]        do_dentry_open+0x785/0x14e0
[ 1297.526018][T14181]        vfs_open+0x3b/0x340
[ 1297.530617][T14181]        path_openat+0x2e08/0x3860
[ 1297.535740][T14181]        do_file_open+0x23e/0x4a0
[ 1297.540778][T14181]        do_sys_openat2+0x113/0x200
[ 1297.545990][T14181]        __x64_sys_openat+0x138/0x170
[ 1297.551369][T14181]        do_syscall_64+0x15f/0xf80
[ 1297.556490][T14181]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1297.562916][T14181] 
[ 1297.562916][T14181] -> #3 (set->srcu){.+.+}-{0:0}:
[ 1297.570228][T14181]        __synchronize_srcu+0xca/0x300
[ 1297.575784][T14181]        elevator_switch+0x1e8/0x7a0
[ 1297.581072][T14181]        elevator_change+0x2cc/0x450
[ 1297.586362][T14181]        elevator_set_default+0x36c/0x430
[ 1297.592084][T14181]        blk_register_queue+0x3e9/0x4e0
[ 1297.597660][T14181]        __add_disk+0x677/0xd50
[ 1297.602518][T14181]        add_disk_fwnode+0xfb/0x480
[ 1297.607767][T14181]        nbd_dev_add+0x72c/0xb50
[ 1297.612768][T14181]        nbd_init+0x168/0x1f0
[ 1297.617468][T14181]        do_one_initcall+0x250/0x870
[ 1297.622791][T14181]        do_initcall_level+0x104/0x190
[ 1297.628267][T14181]        do_initcalls+0x59/0xa0
[ 1297.633130][T14181]        kernel_init_freeable+0x2a6/0x3e0
[ 1297.638947][T14181]        kernel_init+0x1d/0x1d0
[ 1297.643805][T14181]        ret_from_fork+0x514/0xb70
[ 1297.648927][T14181]        ret_from_fork_asm+0x1a/0x30
[ 1297.654231][T14181] 
[ 1297.654231][T14181] -> #2 (&q->elevator_lock){+.+.}-{4:4}:
[ 1297.662061][T14181]        __mutex_lock+0x1a3/0x1550
[ 1297.667188][T14181]        elevator_change+0x1b3/0x450
[ 1297.672480][T14181]        elevator_set_none+0xb5/0x140
[ 1297.677858][T14181]        blk_mq_update_nr_hw_queues+0x5e7/0x1a60
[ 1297.684205][T14181]        nbd_start_device+0x17f/0xb10
[ 1297.689602][T14181]        nbd_genl_connect+0x165b/0x1cf0
[ 1297.695157][T14181]        genl_family_rcv_msg_doit+0x22a/0x330
[ 1297.701232][T14181]        genl_rcv_msg+0x61c/0x7a0
[ 1297.706261][T14181]        netlink_rcv_skb+0x232/0x4b0
[ 1297.711558][T14181]        genl_rcv+0x28/0x40
[ 1297.716066][T14181]        netlink_unicast+0x75c/0x8e0
[ 1297.721357][T14181]        netlink_sendmsg+0x813/0xb40
[ 1297.726658][T14181]        ____sys_sendmsg+0x972/0x9f0
[ 1297.731955][T14181]        ___sys_sendmsg+0x2a5/0x360
[ 1297.737161][T14181]        __x64_sys_sendmsg+0x1bd/0x2a0
[ 1297.742659][T14181]        do_syscall_64+0x15f/0xf80
[ 1297.747786][T14181]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1297.754200][T14181] 
[ 1297.754200][T14181] -> #1 (&q->q_usage_counter(io)#52){++++}-{0:0}:
[ 1297.762813][T14181]        blk_alloc_queue+0x546/0x680
[ 1297.768121][T14181]        __blk_mq_alloc_disk+0x197/0x390
[ 1297.773782][T14181]        nbd_dev_add+0x499/0xb50
[ 1297.778914][T14181]        nbd_init+0x168/0x1f0
[ 1297.783620][T14181]        do_one_initcall+0x250/0x870
[ 1297.788925][T14181]        do_initcall_level+0x104/0x190
[ 1297.794425][T14181]        do_initcalls+0x59/0xa0
[ 1297.799380][T14181]        kernel_init_freeable+0x2a6/0x3e0
[ 1297.805122][T14181]        kernel_init+0x1d/0x1d0
[ 1297.809982][T14181]        ret_from_fork+0x514/0xb70
[ 1297.815110][T14181]        ret_from_fork_asm+0x1a/0x30
[ 1297.820406][T14181] 
[ 1297.820406][T14181] -> #0 (fs_reclaim){+.+.}-{0:0}:
[ 1297.827629][T14181]        __lock_acquire+0x15a5/0x2cf0
[ 1297.833491][T14181]        lock_acquire+0x106/0x350
[ 1297.838701][T14181]        fs_reclaim_acquire+0x71/0x100
[ 1297.844164][T14181]        prepare_alloc_pages+0x152/0x650
[ 1297.849798][T14181]        __alloc_frozen_pages_noprof+0x12f/0x380
[ 1297.856132][T14181]        alloc_pages_mpol+0x232/0x4a0
[ 1297.861527][T14181]        alloc_pages_noprof+0xa8/0x1a0
[ 1297.867161][T14181]        __pud_alloc+0x3a/0x460
[ 1297.872026][T14181]        handle_mm_fault+0x2040/0x3310
[ 1297.877495][T14181]        do_user_addr_fault+0x75b/0x1340
[ 1297.883146][T14181]        exc_page_fault+0x6a/0xc0
[ 1297.888184][T14181]        asm_exc_page_fault+0x26/0x30
[ 1297.894011][T14181]        rep_movs_alternative+0x30/0x90
[ 1297.899573][T14181]        _copy_from_user+0x7a/0xb0
[ 1297.904784][T14181]        vlan_ioctl_handler+0xbd/0x630
[ 1297.910256][T14181]        sock_ioctl+0x668/0x7f0
[ 1297.915116][T14181]        __se_sys_ioctl+0xfc/0x170
[ 1297.920231][T14181]        do_syscall_64+0x15f/0xf80
[ 1297.925352][T14181]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1297.931778][T14181] 
[ 1297.931778][T14181] other info that might help us debug this:
[ 1297.931778][T14181] 
[ 1297.942021][T14181] Chain exists of:
[ 1297.942021][T14181]   fs_reclaim --> sk_lock-AF_INET --> &mm->mmap_lock
[ 1297.942021][T14181] 
[ 1297.954581][T14181]  Possible unsafe locking scenario:
[ 1297.954581][T14181] 
[ 1297.962142][T14181]        CPU0                    CPU1
[ 1297.967535][T14181]        ----                    ----
[ 1297.972915][T14181]   rlock(&mm->mmap_lock);
[ 1297.977345][T14181]                                lock(sk_lock-AF_INET);
[ 1297.984297][T14181]                                lock(&mm->mmap_lock);
[ 1297.991197][T14181]   lock(fs_reclaim);
[ 1297.995196][T14181] 
[ 1297.995196][T14181]  *** DEADLOCK ***
[ 1297.995196][T14181] 
[ 1298.003693][T14181] 2 locks held by syz.0.14742/14181:
[ 1298.008989][T14181]  #0: ffffffff8fdafea0 (vlan_ioctl_mutex){+.+.}-{4:4}, at: sock_ioctl+0x641/0x7f0
[ 1298.018424][T14181]  #1: ffff888053a0c078 (&mm->mmap_lock){++++}-{4:4}, at: lock_mm_and_find_vma+0x36/0x340
[ 1298.028367][T14181] 
[ 1298.028367][T14181] stack backtrace:
[ 1298.034280][T14181] CPU: 0 UID: 0 PID: 14181 Comm: syz.0.14742 Not tainted syzkaller #0 PREEMPT(full) 
[ 1298.034301][T14181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1298.034312][T14181] Call Trace:
[ 1298.034322][T14181]  <TASK>
[ 1298.034331][T14181]  dump_stack_lvl+0xe8/0x150
[ 1298.034356][T14181]  print_circular_bug+0x2e1/0x300
[ 1298.034384][T14181]  check_noncircular+0x12e/0x150
[ 1298.034412][T14181]  __lock_acquire+0x15a5/0x2cf0
[ 1298.034436][T14181]  ? __lock_acquire+0x6b5/0x2cf0
[ 1298.034460][T14181]  ? __lock_acquire+0x6b5/0x2cf0
[ 1298.034483][T14181]  ? prepare_alloc_pages+0x152/0x650
[ 1298.034498][T14181]  lock_acquire+0x106/0x350
[ 1298.034519][T14181]  ? prepare_alloc_pages+0x152/0x650
[ 1298.034536][T14181]  ? unwind_next_frame+0xa6/0x2550
[ 1298.034554][T14181]  fs_reclaim_acquire+0x71/0x100
[ 1298.034569][T14181]  ? prepare_alloc_pages+0x152/0x650
[ 1298.034584][T14181]  prepare_alloc_pages+0x152/0x650
[ 1298.034602][T14181]  __alloc_frozen_pages_noprof+0x12f/0x380
[ 1298.034622][T14181]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1298.034642][T14181]  ? __pfx_policy_nodemask+0x10/0x10
[ 1298.034657][T14181]  ? is_bpf_text_address+0x26/0x2b0
[ 1298.034678][T14181]  ? kernel_text_address+0xa5/0xe0
[ 1298.034700][T14181]  alloc_pages_mpol+0x232/0x4a0
[ 1298.034719][T14181]  alloc_pages_noprof+0xa8/0x1a0
[ 1298.034737][T14181]  __pud_alloc+0x3a/0x460
[ 1298.034759][T14181]  handle_mm_fault+0x2040/0x3310
[ 1298.034782][T14181]  ? mt_find+0x186/0x630
[ 1298.034804][T14181]  ? __pfx_mt_find+0x10/0x10
[ 1298.034825][T14181]  ? handle_mm_fault+0xee/0x3310
[ 1298.034849][T14181]  ? __pfx_handle_mm_fault+0x10/0x10
[ 1298.034874][T14181]  ? __lock_acquire+0x6b5/0x2cf0
[ 1298.034897][T14181]  ? lock_mm_and_find_vma+0xa7/0x340
[ 1298.034922][T14181]  do_user_addr_fault+0x75b/0x1340
[ 1298.034958][T14181]  exc_page_fault+0x6a/0xc0
[ 1298.034979][T14181]  asm_exc_page_fault+0x26/0x30
[ 1298.034995][T14181] RIP: 0010:rep_movs_alternative+0x30/0x90
[ 1298.035022][T14181] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08
[ 1298.035038][T14181] RSP: 0018:ffffc90004507c98 EFLAGS: 00050206
[ 1298.035054][T14181] RAX: 00007ffffffff001 RBX: 0000000000000038 RCX: 0000000000000038
[ 1298.035067][T14181] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffc90004507d00
[ 1298.035079][T14181] RBP: ffffc90004507db0 R08: ffffc90004507d37 R09: 1ffff920008a0fa6
[ 1298.035091][T14181] R10: dffffc0000000000 R11: fffff520008a0fa7 R12: dffffc0000000000
[ 1298.035104][T14181] R13: ffffffff9a9becc0 R14: ffffc90004507d00 R15: 0000200000000000
[ 1298.035124][T14181]  _copy_from_user+0x7a/0xb0
[ 1298.035141][T14181]  vlan_ioctl_handler+0xbd/0x630
[ 1298.035165][T14181]  ? __pfx___mutex_lock+0x10/0x10
[ 1298.035187][T14181]  ? __pfx_vlan_ioctl_handler+0x10/0x10
[ 1298.035208][T14181]  ? do_futex+0x333/0x420
[ 1298.035236][T14181]  ? __pfx_vlan_ioctl_handler+0x10/0x10
[ 1298.035257][T14181]  sock_ioctl+0x668/0x7f0
[ 1298.035276][T14181]  ? __pfx_sock_ioctl+0x10/0x10
[ 1298.035292][T14181]  ? __fget_files+0x2a/0x420
[ 1298.035313][T14181]  ? __fget_files+0x3a0/0x420
[ 1298.035332][T14181]  ? __fget_files+0x2a/0x420
[ 1298.035353][T14181]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1298.035370][T14181]  ? __pfx_sock_ioctl+0x10/0x10
[ 1298.035387][T14181]  __se_sys_ioctl+0xfc/0x170
[ 1298.035402][T14181]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1298.035419][T14181]  do_syscall_64+0x15f/0xf80
[ 1298.035440][T14181]  ? trace_irq_disable+0x3b/0x140
[ 1298.035457][T14181]  ? clear_bhb_loop+0x40/0x90
[ 1298.035476][T14181]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1298.035492][T14181] RIP: 0033:0x7f343ef9c819
[ 1298.035507][T14181] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1298.035522][T14181] RSP: 002b:00007f343feb6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1298.035538][T14181] RAX: ffffffffffffffda RBX: 00007f343f215fa0 RCX: 00007f343ef9c819
[ 1298.035551][T14181] RDX: 0000200000000000 RSI: 0000000000008982 RDI: 0000000000000004
[ 1298.035562][T14181] RBP: 00007f343f032c91 R08: 0000000000000000 R09: 0000000000000000
[ 1298.035573][T14181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1298.035583][T14181] R13: 00007f343f216038 R14: 00007f343f215fa0 R15: 00007ffd67151f18
[ 1298.035602][T14181]  </TASK>
SYZFAIL: failed to send rpc
fd=3 want=952 sent=0 n=-1 (errno 32: Broken pipe)
[ 1300.833459][ T1300] lec:lec_start_xmit: lec0:No lecd attached
[ 1300.840429][ T1300] clip:clip_start_xmit: skb_dst(skb) == NULL
[ 1306.507594][    C1] lec0: NETDEV WATCHDOG: CPU: 1: transmit queue 0 timed out 5670 ms
[ 1306.515649][    C1] lec:lec_tx_timeout: lec0