last executing test programs:

6.382341803s ago: executing program 1 (id=14363):
r0 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000080)={<r1=>0x0, 0x4}, &(0x7f0000000180)=0x8)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000280)={r1, 0x7, 0x2}, &(0x7f00000002c0)=0x8)
bind$inet6(r0, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x20000808, &(0x7f00000001c0)={0xa, 0x4e20, 0x8, @loopback}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x3d10, 0x4)
r2 = socket(0x1d, 0x80802, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r3=>0x0})
bind$can_j1939(r2, &(0x7f0000000380)={0x1d, r3, 0x1, {0x0, 0xff, 0x3}, 0xfe}, 0x18)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$can_bcm(0x1d, 0x2, 0x2)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="9feb010018000000000000004000000040000000020000000000000000000009040000000000000000000001050000000800000000000000000000030000000002000000020000001200"/83], 0x0, 0x5a}, 0x28)
connect$can_bcm(r5, &(0x7f0000000140), 0x10)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
r7 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000000)={'vxcan0\x00'})
r8 = socket(0x23, 0xa, 0x6)
r9 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r9, 0x0, &(0x7f00000000c0))
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r10)
bind$can_j1939(r8, &(0x7f0000000380)={0x1d, 0x0, 0x1, {0x0, 0x0, 0x1}, 0xfd}, 0x18)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f0000000100)={'vxcan0\x00', <r11=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=@getchain={0x24, 0x11, 0x1, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r11, {0x8}, {0x7, 0xf}, {0x0, 0xe}}}, 0x24}, 0x1, 0x0, 0x0, 0x44060}, 0x98)

5.573920383s ago: executing program 1 (id=14368):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={0x0}, 0x1, 0x0, 0x0, 0x4008890}, 0x40)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61127800000000006113500000000000bf200000000000000400000008ffffffbd03010000000000cf000000000000006916770000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d4301000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9755ba08554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a6538b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c51231422bb8fab4d4d897db2c544c0ec50b8eac8c63d2b1cd06a39702bd547f5ebaa6954f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564b8f8a621483fb2a5ff221e0d831d64759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d8b570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91f0eb18e21dfdab3c84ec11377fbbfd1e0000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)
bind$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10)
accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000780), 0x100800)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x800)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x28040041, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x20008004)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000040)=0x1982, 0x4)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x20000015)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
r0 = socket$kcm(0x1e, 0x5, 0x0)
sendmsg$kcm(r0, 0x0, 0x20000800)
socket$nl_route(0x10, 0x3, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x10, 0x4, 0x0, 0x0, 0x5, 0x0, 0x0, 0x41100, 0x66, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r2, 0x0, 0x60, &(0x7f0000000000)={'filter\x00', 0x7, 0x4, 0x3e0, 0x110, 0x110, 0x210, 0x2f8, 0x2f8, 0x2f8, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac, @mac=@remote, @loopback, @local, 0x1, 0x1}}}, {{@uncond, 0xc0, 0x100}, @unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "716ebd2e1aa0cc683e62f312359594df00da56317f76121697127951fdba"}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE0={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x430)

5.265231715s ago: executing program 1 (id=14374):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x200000, @empty, 0x4}, 0x1c)
listen(r0, 0x5)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, 0x0, 0x0)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

4.243743894s ago: executing program 2 (id=14378):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @local}, 0x10)
sendmsg$SMC_PNETID_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4040}, 0x40008080)
recvmmsg(r0, &(0x7f0000002c80)=[{{&(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @local}}, 0x80, &(0x7f0000000580)=[{&(0x7f0000000440)=""/210, 0xd2}, {&(0x7f0000000540)=""/46, 0x2e}], 0x2, &(0x7f00000005c0)=""/34, 0x22}, 0x168}, {{&(0x7f0000000640)=@nl, 0x80, &(0x7f0000002880)=[{&(0x7f00000006c0)=""/100, 0x64}, {&(0x7f0000000740)}, {&(0x7f0000000780)=""/145, 0x91}, {&(0x7f0000001880)=""/4096, 0x1000}], 0x4, &(0x7f00000028c0)}, 0xad}, {{0x0, 0x0, &(0x7f0000002c40)=[{&(0x7f0000002980)=""/85, 0x55}, {&(0x7f0000002a00)=""/75, 0x4b}, {&(0x7f0000002a80)=""/223, 0xdf}, {&(0x7f0000002b80)=""/152, 0x98}], 0x4}, 0xe100}], 0x3, 0x40000002, &(0x7f0000002d40)={0x77359400})

4.228422626s ago: executing program 3 (id=14379):
unshare(0x400)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000000c0)={0x0, @in={{0x2, 0x4e23, @empty}}, 0x0, 0x2002, 0x40000002, 0x4, 0xa17433da3c5d6980, 0x2, 0x81}, 0x9c)
socket(0xa, 0x3, 0x87)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x66, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x880}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="3800000056000100000000f70000000007020000", @ANYRES32, @ANYBLOB="200001"], 0x38}}, 0x0)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000009c0), r1)
sendmsg$NLBL_MGMT_C_REMOVE(r1, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000a00)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010025bd70ffffdbdf2502000000050001"], 0x1c}, 0x1, 0x0, 0x0, 0x8405d22596f37403}, 0x4054)

4.155103623s ago: executing program 1 (id=14381):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtaction={0x70, 0x30, 0x0, 0x0, 0x0, {0x9}, [{0x5c, 0x1, [@m_sample={0x58, 0x20, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x2}, @TCA_SAMPLE_RATE={0x8}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x0, 0x0, 0x0, 0x0, 0x80000}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x7}}}}]}]}, 0x70}}, 0x20040000) (async, rerun: 64)
r0 = socket$nl_route(0x10, 0x3, 0x0) (rerun: 64)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)={0x38, 0x1403, 0xc23, 0x70bd2a, 0x25dfdbff, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth0_to_bond\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x48845}, 0xc000) (async)
r2 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f0000000240)={0x0, 0x5}, &(0x7f0000000280)=0x8) (async)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r3)
sendmsg$NLBL_CIPSOV4_C_ADD(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000140)={0x44, r4, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_MLSLVLLST={0x1c}, @NLBL_CIPSOV4_A_MLSCATLST={0x4, 0xc, 0x0, 0x1, [{0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x6}, @NLBL_CIPSOV4_A_MLSCATREM={0x8}]}]}]}, 0x44}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r0, @ANYBLOB="08000100", @ANYRES32=r5], 0x90}}, 0x0)

3.955823292s ago: executing program 3 (id=14382):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000a80)=ANY=[@ANYBLOB="4400000010000104000002000000000000000000", @ANYRES32=0x0, @ANYBLOB="0380000000000000140012800b0001006970766c616e00000400028008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES16=0x0, @ANYBLOB="8a8a4fa517c38144d6be99e036d7f5ab536449898098b33a9540df2fe0904f5c3665"], 0x44}, 0x1, 0x0, 0x0, 0x240008c4}, 0x4054)

3.824852283s ago: executing program 3 (id=14384):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={0x0}, 0x1, 0x0, 0x0, 0x4008890}, 0x40)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61127800000000006113500000000000bf200000000000000400000008ffffffbd03010000000000cf000000000000006916770000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d4301000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9755ba08554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a6538b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c51231422bb8fab4d4d897db2c544c0ec50b8eac8c63d2b1cd06a39702bd547f5ebaa6954f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564b8f8a621483fb2a5ff221e0d831d64759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d8b570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91f0eb18e21dfdab3c84ec11377fbbfd1e0000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)
bind$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10)
accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000780), 0x100800)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x800)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x28040041, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x20008004)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000040)=0x1982, 0x4)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x20000015)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
r0 = socket$kcm(0x1e, 0x5, 0x0)
sendmsg$kcm(r0, 0x0, 0x20000800)
socket$nl_route(0x10, 0x3, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x10, 0x4, 0x0, 0x0, 0x5, 0x0, 0x0, 0x41100, 0x66, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r2, 0x0, 0x60, &(0x7f0000000000)={'filter\x00', 0x7, 0x4, 0x3e0, 0x110, 0x110, 0x210, 0x2f8, 0x2f8, 0x2f8, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac, @mac=@remote, @loopback, @local, 0x1, 0x1}}}, {{@uncond, 0xc0, 0x100}, @unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "716ebd2e1aa0cc683e62f312359594df00da56317f76121697127951fdba"}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE0={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x430)

3.801238539s ago: executing program 2 (id=14386):
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xa, 0x3, 0x4, 0x8}, 0x50)
r0 = socket$netlink(0x10, 0x3, 0x0)
writev(r0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xd, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4106(gcm(aes))\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f00000009c0), 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x7, 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
syz_emit_ethernet(0x72, &(0x7f0000000440)={@multicast, @random="fd137b07daa7", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "02adf7", 0x3c, 0x3a, 0x0, @ipv4={'\x00', '\xff\xff', @private}, @mcast2, {[], @time_exceed={0x3, 0x1, 0x0, 0x0, '\x00', {0x0, 0x6, "fd9063", 0x0, 0x2f, 0x0, @mcast1, @loopback={0x0, 0xffffac1414aa}, [], "8d0022eb00000000d9dedb35"}}}}}}}, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x1a, &(0x7f0000000100)=0x8001, 0x4)
bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e23, 0xa, @empty, 0x9}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000000480)=[{{&(0x7f0000000040)={0xa, 0x4e23, 0xb, @loopback, 0x1}, 0x1c, &(0x7f0000000380)=[{&(0x7f0000000140)='2', 0x1}], 0x1}}], 0x1, 0x8000)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4e23, 0x100002, @ipv4={'\x00', '\xff\xff', @local}, 0xffff}, 0x1c)
sendmmsg$inet6(r2, &(0x7f0000000680)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0xab, @loopback, 0x8}, 0xfc27, &(0x7f0000000780)=[{&(0x7f0000000900)='2', 0x1}], 0x1}}], 0x1, 0x20000014)
shutdown(r2, 0x1)

3.691444812s ago: executing program 1 (id=14387):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000540)={'vlan0\x00', &(0x7f0000000000)=@ethtool_sfeatures={0x3b, 0x2, [{0x8}, {0xfffffffd, 0x80003}]}})
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f00000002c0)={0x8400001e}, 0x10)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_mptcp_buf(r2, 0x11c, 0x2, 0x0, &(0x7f0000000000))
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000140)={'syztnl1\x00', &(0x7f00000000c0)={'ip6tnl0\x00', 0x0, 0x29, 0x7, 0x8, 0x2, 0x42, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @mcast2, 0x40, 0x1, 0xf, 0x92}})
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newtaction={0x70, 0x30, 0x871a15abc695f20d, 0x0, 0x25dfdbfc, {}, [{0x5c, 0x1, [@m_sample={0x58, 0x1, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PARMS={0x18, 0x2, {0x9, 0x4000000, 0xffffffffffffffff, 0x0, 0x1}}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x7}]}, {0x4}, {0xfffffffffffffd80}, {0xc, 0x8, {0x2, 0x3}}}}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$NL80211_CMD_SET_WIPHY(r4, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="9d7d5867f27d7481bf6f5392c25a5e", @ANYRES16=0x0, @ANYBLOB="000229bd7000fddbdf250200000014002580060002000300000006000200a1050000"], 0x28}, 0x1, 0x0, 0x0, 0x10000001}, 0x40)
sendmsg$nl_route_sched(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=@deltaction={0xa0, 0x31, 0x411, 0x70bd26, 0x25dfdbfb, {}, [@TCA_ACT_TAB={0x4}, @TCA_ACT_TAB={0x88, 0x1, [{0xc, 0x5, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0xc, 0x3, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}, {0xc, 0x16, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x2}}, {0xc, 0x806, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7f}}, {0xc, 0x0, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}, {0x10, 0x19, 0x0, 0x0, @TCA_ACT_KIND={0xa, 0x1, 'pedit\x00'}}, {0x10, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0xc, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}, {0xc, 0x1f, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}, {0x10, 0x1f, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}]}]}, 0xa0}, 0x1, 0x0, 0x0, 0x8005}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r5 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/net\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x16, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000180000002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x22, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r6)
ioctl$IOCTL_GET_NCIDEV_IDX(r5, 0x0, &(0x7f00000000c0)=<r8=>0x0)
r9 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
listen(r9, 0xc)
connect$x25(r9, &(0x7f0000000180), 0x12)
sendmsg$NFC_CMD_DEV_UP(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYBLOB="010426bd7000f8dbdf250200000008000100", @ANYRES32=r8], 0x1c}}, 0x4008054)
write$nci(r5, &(0x7f0000000240)=ANY=[@ANYBLOB='p\x00\t'], 0xc)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
socket(0x1e, 0x4, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="120000007f000000040000000200000000000000", @ANYRES32, @ANYBLOB="000000000000000000009239f67b", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r11}, &(0x7f0000000080), &(0x7f0000000380)=r10}, 0x20)

3.66789437s ago: executing program 4 (id=14388):
r0 = socket$kcm(0xa, 0x3, 0x3a)
sendmsg$kcm(r0, &(0x7f00000031c0)={&(0x7f0000000280)=@l2tp6={0xa, 0x0, 0x0, @mcast1}, 0x80, &(0x7f0000004340)=[{&(0x7f0000000e00)="5c6817db84aafc4ba93b3b7b773c1f7c014e2a2c2192542afa9748dcd0a777e403000000290d970e2f9a1d8f527923b0f362103e5bbeda2dca0d9d2b1e5238329691753f1860286f1aaa0786ba5cb644966e7b7566d2960bab4c5ba6da8e730af484c4850e243e0e95803437dfd6b95b5d3ffbb5d9fb8bc5b2358837f79985f063bfb4e982bdbd79b6aff84a010d1a97960158de81236aa66640e348b98794dd9ca277d910243cf4d9c6d38979d81faac0930900"/200, 0xc8}, {&(0x7f0000000f00)="9eb8a2c0e241fb0402ac67d48d04ecbc724648d79b443d283855fdba1e1dc6283591a8a07eb1436788b6b641ed5ea90be62fc7499c9b017d2e73973395411b7efb244a226ba0ae7657c57101711c5aa138abd03dec1e0899824e678aced03a92fec128f69d27d84ee2ff2e4ad3a3db73f406c4aec4ba5a715bf5abce312346bb7d7345e8df1fc10fa733c98030cb193341700961aa2ccb9f0f029190a1d34386c53e7017cf0fe0275d2d6f9531b12f12e29b903ffd774272360efe35269a1835d8f3e07382952f4fd47c9025f538c0bf576243026ed3d16af515d4e31055e765380602c4b42cb4e178350c5f387bdf01ff822a6a26b4cbd04523921adb0bddfd4c657e626ffa46f0a565ee807b56f98d90a48858679c0e5cada93389b479e4547690951c952e877d4139aaddd84d8b01dd791eff7b2c20cad352b1", 0x13b}, {&(0x7f0000001cc0)="b5640aae1e407af01eecff9e22e152a958b96c15ffd051d17c6c712f21a8abb26b561e7af56b164829c35642692c102092e1f43782559cb76acaa20f83d5e807ad43b8e153ccdf10b894d755e849d01bc937c19203d32e33610f090c9d9e0d5972ac64142f8f4b71f27cc89c43c9697697b53fee3e5f94497031ff2e460d2c011d0db5a289bde09ac884de124e62b5b6921c326a85bc8791473d2828d1e28b5f20e286b061c4dadef878b72e6095841189db4da6e671677ca72a3c1b69c2ec25d3ce00000000000000006494e8109c9ac6ab28db3c65c78c067856bdd51479d9a70cb70f61d174fb23c65e8b46b913796911739a545339ad546ffb3cc017cc0135c0ff04fd8b89a4c69a2abd4303faa480f4ec59a17bb07a8da9a7b7ce1a2bf5388aadce36071bff945c281d03e8d41338d5cbbd80ab84a726f5d1c395e67c74f8261cb83b9aac0fee3f9ac8bce811a4331264a8773fc1f7c9aa246295027d248754b80a2923d35e8016ea876a3b080cd7441d1b76cd566988", 0x179}, {&(0x7f00000009c0)="a484d15488fb016289fa4e2b0b25648e7abf5a74ab5e75516b79103a9b0711dd70d5a141294998c249dda70370b7f076f3ec132111d4866784da73cd0f18993549e7b185584053fb7b48d2b271af8a14858473eb1edd82f3f4cd1150bee83bf4f624d8f873ec45fe60bb431221e35526a58313e39813e83be21f2834bbf6fc621f6d9894eb03b4c8690635c5ce509de10000000000000004d8d8550dc3763f779ad276b6f32236b8534ab6701184dac56e1af78c6013715d94b4d6cd59821581983f7e3b6c5369cda3f0bc763bdda2ec97d4542041be5568230b1a9b24e1d5efff9226066adcdfd53abc7078ff74aca53708cb4e62ed16414c00642e4e8a5e46ecb45698771e76ebe52f890261989b622cc2086dbfa3d360d105242c48d5ee4da002d828a0094df8343822", 0x12b}], 0x4, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000002900000004"], 0x18}, 0x8080)
sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000000100)=@l2tp6={0xa, 0x0, 0x2, @remote}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000180)='S\x00', 0x5a0}], 0x1, 0x0, 0x0, 0x900}, 0x0)

3.624315678s ago: executing program 3 (id=14389):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
syz_open_procfs$namespace(0x0, &(0x7f0000000100)='ns/net\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x22d00, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x110e22fff6)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x8000, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000080)={'wg0\x00', <r2=>0x0})
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000740)={&(0x7f0000000840)=@newchain={0xb8, 0x64, 0xd5f6080c42e54ded, 0x70bd25, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0xf, 0x5}, {0x0, 0x10}, {0xe, 0x7}}, [@TCA_CHAIN={0x8, 0xb, 0x2}, @filter_kind_options=@f_bpf={{0x8}, {0x70, 0x2, [@TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_OPS={{0x6, 0x4, 0x4}, {0x24, 0x5, [{0x3, 0x1, 0x23, 0x5}, {0x3ff, 0x7, 0xd, 0x8309}, {0x906b, 0x4, 0x9}, {0x9, 0x3, 0x81, 0x8}]}}, @TCA_BPF_FD={0x8}, @TCA_BPF_OPS={{0x6, 0x4, 0x2}, {0x14, 0x5, [{0x5da, 0xfb, 0x7f, 0xfffffff8}, {0x8, 0x6, 0xa}]}}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x4}, @TCA_BPF_FLAGS={0x8}]}}, @TCA_RATE={0x6, 0x5, {0x5, 0x7}}, @filter_kind_options=@f_fw={{0x7}, {0x4}}]}, 0xb8}, 0x1, 0x0, 0x0, 0x40010}, 0x2004c844)
socket$inet_sctp(0x2, 0x5, 0x84)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000f40), r3)
sendto$inet6(r0, &(0x7f0000000100)="b8", 0xffe0, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)

3.569298975s ago: executing program 2 (id=14390):
socket$kcm(0x10, 0x2, 0x10)
sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000280)=ANY=[@ANYRES16=0x0, @ANYBLOB="df4800000000000000000c"], 0x20}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
socket$inet6_sctp(0xa, 0x801, 0x84)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000200)="03a6839c576a2fe4253f844295321d2af6a98fdb271876", 0x17}], 0x1}, 0x10)
syz_emit_ethernet(0x46, &(0x7f00000000c0)={@local, @random="7f0a00030011", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x4, 0x0, 0x12, 0x0, 0x2802, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @loopback, @initdev={0xac, 0x1e, 0x1, 0x0}}, "000022ebffff0000"}}}}}, 0x0)
r0 = socket(0x1, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f0000000400"], 0x50)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r1, 0x0, &(0x7f00000000c0)=@tcp6=r0}, 0x20)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r2, 0x2)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000940)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8943, &(0x7f0000000100)={'syz_tun\x00', @random="e80300502800"})
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5", 0x4)
r4 = accept4(r3, 0x0, 0x0, 0x800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000600)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x18, 0x6, 0xff, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x2}]}}}}}}}}, 0x0)

3.554657852s ago: executing program 4 (id=14391):
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0b0000008000000001"], 0x50)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0xca02})
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000080)={0x0, 'syzkaller0\x00', {0x4}, 0xb5})
r2 = socket$netlink(0x10, 0x3, 0x14)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})
preadv(r0, &(0x7f0000000340)=[{&(0x7f0000000000)=""/30, 0x16}], 0x26, 0x8, 0x2) (fail_nth: 3)

3.455623875s ago: executing program 2 (id=14392):
unshare(0x400)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000000c0)={0x0, @in={{0x2, 0x4e23, @empty}}, 0x0, 0x2002, 0x40000002, 0x4, 0xa17433da3c5d6980, 0x2, 0x81}, 0x9c)
socket(0xa, 0x3, 0x87)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x66, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x880}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="3800000056000100000000f70000000007020000", @ANYRES32, @ANYBLOB="200001"], 0x38}}, 0x0)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000009c0), r1)
sendmsg$NLBL_MGMT_C_REMOVE(r1, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000a00)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010025bd70ffffdbdf2502000000050001"], 0x1c}, 0x1, 0x0, 0x0, 0x8405d22596f37403}, 0x4054)

3.159612153s ago: executing program 4 (id=14393):
r0 = socket$kcm(0xa, 0x2, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x80002, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000001480)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x2}}}]}, 0x38}}, 0x0)
r7 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@getchain={0x24, 0x66, 0x1, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, r8, {0xe, 0x7}, {0x2, 0xfff1}, {0xfff2}}}, 0x24}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r11=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r11, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x5, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, r11, {0x0, 0xd}, {0xffff, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x14, 0x2, [@TCA_FQ_CODEL_CE_THRESHOLD={0x8, 0x7, 0xfffffff9}, @TCA_FQ_CODEL_CE_THRESHOLD_MASK={0x5, 0xb, 0x11}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4890)
r12 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={<r13=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000200)={'wlan0\x00', <r14=>0x0})
sendmsg$nl_route(r12, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@newlink={0x68, 0x10, 0xffffffffffffffff, 0x70bd25, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x42, 0x2021}, [@IFLA_LINKINFO={0x40, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x30, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MACADDR_MODE={0x8, 0x3, 0x3}, @IFLA_MACVLAN_MODE={0x8, 0x1, 0x10}, @IFLA_MACVLAN_MACADDR_DATA={0x1c, 0x5, 0x0, 0x1, [{0xa, 0x4, @local}, {0xa, 0x4, @local}]}]}}}, @IFLA_LINK={0x8, 0x5, r14}]}, 0x68}, 0x1, 0x0, 0x0, 0x1}, 0x8000002)
sendmsg$ETHTOOL_MSG_FEATURES_GET(r9, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x50, 0x0, 0x2, 0x70bd2b, 0x25dfdbfc, {}, [@HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_virt_wifi\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r14}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_vlan\x00'}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010102, 0x4e21, 0x3, 'lc\x00', 0x5, 0x8, 0x77}, {@remote, 0x4e20, 0x2, 0xcd}}, 0x44)
sendmsg$sock(r0, &(0x7f00000000c0)={&(0x7f0000000580)=@in6={0x2, 0x4e21, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)

3.011731164s ago: executing program 4 (id=14395):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}, 0x3}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x8, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000080)=ANY=[], 0x10448)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r2, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000200)={&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, &(0x7f0000000100)=0x40)
r3 = socket$xdp(0x2c, 0x3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000000c0)={'ip6gre0\x00', &(0x7f0000000040)={'syztnl2\x00', <r4=>0x0, 0x29, 0x8, 0x1, 0x0, 0x20, @mcast1, @local, 0x8000, 0x20, 0xde59, 0x4}})
sendmsg$xdp(r3, &(0x7f00000005c0)={&(0x7f0000000140)={0x2c, 0xc, r4, 0x19}, 0x10, &(0x7f0000000580)=[{&(0x7f0000000240)="3d6bd65fde955c089237f878d38bbb2285b2656bac0def924907e303c721004d7251c885d8d44cc43685c8a4f5646b8e730b6711dd6d0d7a2a6b9c1d1ee8f6", 0x3f}, {&(0x7f00000002c0)="12dc0a97df833d39a0ecc66ab67897c548021e581d2a58e5f5076545a3997fc8f10fe2d67ed27bb86bc586733171b4c399182e435bb88bcc2fd50aa9b6ae0c0149cdf82e29d1268143eb8a1ba19ada2b46d111ad86afd2e69c11710878bcf4e60a448c824762e85605a0b6b6e8080f4b2768aff807291caded95494195b95c6f7a4cb3e195e3", 0x86}, {&(0x7f0000000380)="c87eae8ca6a8fd2f4148f01a2e6d1717af6ac93c3b68e107cedbe9b88d428e2b833821e125f930103e5723c2b04c9a8ffe583840479fb9e2d922d793ff4562a1b03667973e50c2a30ccbe93f9dec75c70cfa861bae90719e40c87be29d9a0487d6f414a74d2e578d29389c19290ad08b9327ecb6a520254a30a2c9e6c1981aa19cda29beb595837ec76e32a6", 0x8c}, {&(0x7f0000000440)="91b15a2ccaa5272106a6d236f5b18f5494deab054abc23550d8e1e0b975c32f8a6e74cb7151dfc62ce7bf16b756edd4279adf16993f1423428cdc8097674565ccc0e5e8337094d", 0x47}], 0x4, 0x0, 0x0, 0x80}, 0x8000)
connect$bt_l2cap(r0, &(0x7f0000000680)={0x1f, 0x20, @none}, 0xe)

2.931663682s ago: executing program 0 (id=14396):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @local}, 0x10)
sendmsg$SMC_PNETID_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4040}, 0x40008080)
recvmmsg(r0, &(0x7f0000002c80)=[{{&(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @local}}, 0x80, &(0x7f0000000580)=[{&(0x7f0000000440)=""/210, 0xd2}, {&(0x7f0000000540)=""/46, 0x2e}], 0x2, &(0x7f00000005c0)=""/34, 0x22}, 0x168}, {{&(0x7f0000000640)=@nl, 0x80, &(0x7f0000002880)=[{&(0x7f00000006c0)=""/100, 0x64}, {&(0x7f0000000740)}, {&(0x7f0000000780)=""/145, 0x91}, {&(0x7f0000001880)=""/4096, 0x1000}], 0x4, &(0x7f00000028c0)}, 0xad}, {{0x0, 0x0, 0x0}, 0xe100}], 0x3, 0x40000002, &(0x7f0000002d40)={0x77359400})

2.138469063s ago: executing program 4 (id=14397):
syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000000001db90b78aa66aca9c38921d297338205fe0b0f5d431178c3481b1c440026282af6e4e0a14adff9f99f974f2eb2c36409ac4c1fd7ce45f6a27c53ff3168bee4d43fda4b6469bdacfd880091d1c610b37c930717597cd5e7372df716b3b759fb57"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
sendmmsg$inet(r1, &(0x7f0000007300)=[{{0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f0000000140)='@', 0x1}, {&(0x7f00000007c0)='y', 0x1}, {&(0x7f0000000340)="b9", 0x1}, {&(0x7f0000000940)="99", 0x1}, {&(0x7f00000008c0)='z', 0x1}, {&(0x7f00000009c0)='~', 0x1}, {&(0x7f00000002c0)='x', 0x1}, {&(0x7f0000000440)="06", 0x1}, {&(0x7f0000000580)='k', 0x1}, {&(0x7f00000006c0)="1d", 0x1}, {&(0x7f0000000800)='a', 0x1}, {&(0x7f0000000280)='$', 0x1}], 0xc}}, {{0x0, 0x0, &(0x7f00000035c0)=[{&(0x7f0000001040)="fc", 0x1}, {&(0x7f0000001080)="c9", 0x1}, {&(0x7f0000000480)='-', 0x1}, {&(0x7f0000002240)='R', 0x1}, {&(0x7f00000033c0)="c4", 0x1}], 0x5}}], 0x2, 0x4000000)
sendmmsg$inet(r1, &(0x7f00000054c0)=[{{0x0, 0x0, &(0x7f0000000d00)=[{&(0x7f0000000380)="ad261c938c", 0x5}], 0x1}}], 0x1, 0x8004)
setsockopt$sock_int(r1, 0x1, 0x20, &(0x7f0000000000)=0x7fffffff, 0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="600000000606010800000000000000000900000114000780080011400000008b05001500450000000500010006000000050005000200000005000400020000000900020073797a300000000011000300686173683a6970"], 0x60}, 0x1, 0x0, 0x0, 0x4000004}, 0x0)
r3 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002380)={r0, 0x0, 0x2d, 0x0, @val=@netfilter={0x2, 0x4, 0x600, 0x1}}, 0x20)
bpf$LINK_DETACH(0x22, &(0x7f0000000100)=r3, 0x4)
recvmsg(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f00000003c0)=@hci, 0x80, &(0x7f0000000100)}, 0x1f00)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
bpf$LINK_DETACH(0x22, &(0x7f0000000140)=r3, 0x4)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$packet_int(r3, 0x107, 0x14, &(0x7f0000000300), 0x4)
r5 = socket(0x25, 0xa, 0x4)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0xbc}}, 0x0)
socket(0xb, 0x4, 0x4)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), r4)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000079a0480000000000610448000147416c19be417e"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x1, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x94)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010027bd7000ffdbdf25090000000540000000180001801400020073797a5f74756e000000000000000000"], 0x34}, 0x1, 0x0, 0x0, 0x20009815}, 0x4040084)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="340000003e00070127bd700000000000017c00000400fc800c000180", @ANYRES32=0x0, @ANYBLOB="08000280725eb81b6a115383722404f07345876118bc62080007008a83040009000000000000003c027a657beb7a381f", @ANYRES32=0x0, @ANYBLOB], 0x34}, 0x1, 0x0, 0x0, 0xc020}, 0x4040)

2.111485476s ago: executing program 0 (id=14398):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfe1b)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="600000000206010800000000000000000000000005000400000000000900020073797a31000000001400078008001240000000000500140008000000050005000a000000050001000600000011000300686173683a69702c706f7274"], 0x60}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x2000c011)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x10002)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000c80)=ANY=[@ANYBLOB="5c000000090601080000000000000000070000000900020073797a3100000000050001000700000034000780"], 0x5c}, 0x1, 0x0, 0x0, 0x10000042}, 0x90)
sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, 0x3, 0x6, 0xb83, 0x0, 0x0, {0x1, 0x0, 0x3}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x800)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r0, 0x2)
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
r5 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={r3, r4, 0x5, 0x0, @void}, 0x10)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000002c0)='GPL\x00'}, 0x94)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000240)={r5, r3, 0x4, r6}, 0x10)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f0000000940)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5", 0x4)
r8 = accept4(r7, 0x0, 0x0, 0x800)
sendmmsg$alg(r8, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443", 0x67}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)

2.060457656s ago: executing program 0 (id=14399):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={0x0}, 0x1, 0x0, 0x0, 0x4008890}, 0x40)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61127800000000006113500000000000bf200000000000000400000008ffffffbd03010000000000cf000000000000006916770000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d4301000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9755ba08554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a6538b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c51231422bb8fab4d4d897db2c544c0ec50b8eac8c63d2b1cd06a39702bd547f5ebaa6954f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564b8f8a621483fb2a5ff221e0d831d64759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d8b570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91f0eb18e21dfdab3c84ec11377fbbfd1e0000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)
bind$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10)
accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000780), 0x100800)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x800)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x28040041, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x20008004)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000040)=0x1982, 0x4)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x20000015)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
r0 = socket$kcm(0x1e, 0x5, 0x0)
sendmsg$kcm(r0, 0x0, 0x20000800)
socket$nl_route(0x10, 0x3, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x10, 0x4, 0x0, 0x0, 0x5, 0x0, 0x0, 0x41100, 0x66, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r2, 0x0, 0x60, &(0x7f0000000000)={'filter\x00', 0x7, 0x4, 0x3e0, 0x110, 0x110, 0x210, 0x2f8, 0x2f8, 0x2f8, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac, @mac=@remote, @loopback, @local, 0x1, 0x1}}}, {{@uncond, 0xc0, 0x100}, @unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "716ebd2e1aa0cc683e62f312359594df00da56317f76121697127951fdba"}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE0={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x430)

615.708392ms ago: executing program 1 (id=14400):
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xa, 0x3, 0x4, 0x8}, 0x50)
r0 = socket$netlink(0x10, 0x3, 0x0)
writev(r0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xd, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4106(gcm(aes))\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f00000009c0), 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x7, &(0x7f00000000c0), 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
syz_emit_ethernet(0x72, &(0x7f0000000440)={@multicast, @random="fd137b07daa7", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "02adf7", 0x3c, 0x3a, 0x0, @ipv4={'\x00', '\xff\xff', @private}, @mcast2, {[], @time_exceed={0x3, 0x1, 0x0, 0x0, '\x00', {0x0, 0x6, "fd9063", 0x0, 0x2f, 0x0, @mcast1, @loopback={0x0, 0xffffac1414aa}, [], "8d0022eb00000000d9dedb35"}}}}}}}, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x1a, &(0x7f0000000100)=0x8001, 0x4)
bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e23, 0xa, @empty, 0x9}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000000480)=[{{&(0x7f0000000040)={0xa, 0x4e23, 0xb, @loopback, 0x1}, 0x1c, &(0x7f0000000380)=[{&(0x7f0000000140)='2', 0x1}], 0x1}}], 0x1, 0x8000)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4e23, 0x100002, @ipv4={'\x00', '\xff\xff', @local}, 0xffff}, 0x1c)
sendmmsg$inet6(r2, &(0x7f0000000680)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0xab, @loopback, 0x8}, 0xfc27, &(0x7f0000000780)=[{&(0x7f0000000900)='2', 0x1}], 0x1}}], 0x1, 0x20000014)
shutdown(r2, 0x1)

578.514617ms ago: executing program 2 (id=14401):
r0 = socket$kcm(0xa, 0x3, 0x3a)
sendmsg$kcm(r0, &(0x7f00000031c0)={&(0x7f0000000280)=@l2tp6={0xa, 0x0, 0x0, @mcast1}, 0x80, &(0x7f0000004340)=[{&(0x7f0000000e00)="5c6817db84aafc4ba93b3b7b773c1f7c014e2a2c2192542afa9748dcd0a777e403000000290d970e2f9a1d8f527923b0f362103e5bbeda2dca0d9d2b1e5238329691753f1860286f1aaa0786ba5cb644966e7b7566d2960bab4c5ba6da8e730af484c4850e243e0e95803437dfd6b95b5d3ffbb5d9fb8bc5b2358837f79985f063bfb4e982bdbd79b6aff84a010d1a97960158de81236aa66640e348b98794dd9ca277d910243cf4d9c6d38979d81faac0930900"/200, 0xc8}, {&(0x7f0000000f00)="9eb8a2c0e241fb0402ac67d48d04ecbc724648d79b443d283855fdba1e1dc6283591a8a07eb1436788b6b641ed5ea90be62fc7499c9b017d2e73973395411b7efb244a226ba0ae7657c57101711c5aa138abd03dec1e0899824e678aced03a92fec128f69d27d84ee2ff2e4ad3a3db73f406c4aec4ba5a715bf5abce312346bb7d7345e8df1fc10fa733c98030cb193341700961aa2ccb9f0f029190a1d34386c53e7017cf0fe0275d2d6f9531b12f12e29b903ffd774272360efe35269a1835d8f3e07382952f4fd47c9025f538c0bf576243026ed3d16af515d4e31055e765380602c4b42cb4e178350c5f387bdf01ff822a6a26b4cbd04523921adb0bddfd4c657e626ffa46f0a565ee807b56f98d90a48858679c0e5cada93389b479e4547690951c952e877d4139aaddd84d8b01dd791eff7b2c20cad352b1", 0x13b}, {&(0x7f0000001cc0)="b5640aae1e407af01eecff9e22e152a958b96c15ffd051d17c6c712f21a8abb26b561e7af56b164829c35642692c102092e1f43782559cb76acaa20f83d5e807ad43b8e153ccdf10b894d755e849d01bc937c19203d32e33610f090c9d9e0d5972ac64142f8f4b71f27cc89c43c9697697b53fee3e5f94497031ff2e460d2c011d0db5a289bde09ac884de124e62b5b6921c326a85bc8791473d2828d1e28b5f20e286b061c4dadef878b72e6095841189db4da6e671677ca72a3c1b69c2ec25d3ce00000000000000006494e8109c9ac6ab28db3c65c78c067856bdd51479d9a70cb70f61d174fb23c65e8b46b913796911739a545339ad546ffb3cc017cc0135c0ff04fd8b89a4c69a2abd4303faa480f4ec59a17bb07a8da9a7b7ce1a2bf5388aadce36071bff945c281d03e8d41338d5cbbd80ab84a726f5d1c395e67c74f8261cb83b9aac0fee3f9ac8bce811a4331264a8773fc1f7c9aa246295027d248754b80a2923d35e8016ea876a3b080cd7441d1b76cd566988", 0x179}, {&(0x7f00000009c0)="a484d15488fb016289fa4e2b0b25648e7abf5a74ab5e75516b79103a9b0711dd70d5a141294998c249dda70370b7f076f3ec132111d4866784da73cd0f18993549e7b185584053fb7b48d2b271af8a14858473eb1edd82f3f4cd1150bee83bf4f624d8f873ec45fe60bb431221e35526a58313e39813e83be21f2834bbf6fc621f6d9894eb03b4c8690635c5ce509de10000000000000004d8d8550dc3763f779ad276b6f32236b8534ab6701184dac56e1af78c6013715d94b4d6cd59821581983f7e3b6c5369cda3f0bc763bdda2ec97d4542041be5568230b1a9b24e1d5efff9226066adcdfd53abc7078ff74aca53708cb4e62ed16414c00642e4e8a5e46ecb45698771e76ebe52f890261989b622cc2086dbfa3d360d105242c48d5ee4da002d828a0094df8343822", 0x12b}], 0x4, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000002900000004"], 0x18}, 0x8080)
sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000000100)=@l2tp6={0xa, 0x0, 0x2, @remote}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000180)='S\x00', 0x5a0}], 0x1, 0x0, 0x0, 0x900}, 0x0)

577.93487ms ago: executing program 0 (id=14402):
r0 = socket$kcm(0xa, 0x2, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x5, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, r3, {0x0, 0xd}, {0xffff, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x14, 0x2, [@TCA_FQ_CODEL_CE_THRESHOLD={0x8, 0x7, 0xfffffff9}, @TCA_FQ_CODEL_CE_THRESHOLD_MASK={0x5, 0xb, 0x11}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4890)
r4 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={<r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000200)={'wlan0\x00', <r6=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@newlink={0x68, 0x10, 0xffffffffffffffff, 0x70bd25, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x42, 0x2021}, [@IFLA_LINKINFO={0x40, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x30, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MACADDR_MODE={0x8, 0x3, 0x3}, @IFLA_MACVLAN_MODE={0x8, 0x1, 0x10}, @IFLA_MACVLAN_MACADDR_DATA={0x1c, 0x5, 0x0, 0x1, [{0xa, 0x4, @local}, {0xa, 0x4, @local}]}]}}}, @IFLA_LINK={0x8, 0x5, r6}]}, 0x68}, 0x1, 0x0, 0x0, 0x1}, 0x8000002)
sendmsg$ETHTOOL_MSG_FEATURES_GET(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x50, 0x0, 0x2, 0x70bd2b, 0x25dfdbfc, {}, [@HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_virt_wifi\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_vlan\x00'}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010102, 0x4e21, 0x3, 'lc\x00', 0x5, 0x8, 0x77}, {@remote, 0x4e20, 0x2, 0xcd}}, 0x44)
sendmsg$sock(r0, &(0x7f00000000c0)={&(0x7f0000000580)=@in6={0x2, 0x4e21, 0xf000000, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)

577.561818ms ago: executing program 3 (id=14403):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x42}}}]}, 0x38}}, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$kcm(0x11, 0x3, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r6)
r7 = socket(0x400000000010, 0x3, 0x0)
r8 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000700)=@newtfilter={0x88c, 0x2c, 0xd3f, 0x70b524, 0x25dfdbfc, {0x0, 0x0, 0x0, r9, {0xfff3, 0xffe0}, {}, {0x7, 0xfff2}}, [@filter_kind_options=@f_flow={{0x9}, {0x85c, 0x2, [@TCA_FLOW_KEYS={0x8, 0x1, 0x18d0b}, @TCA_FLOW_POLICE={0x848, 0xa, 0x0, 0x1, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x81, 0x4, 0x9, 0x2, 0x2, 0x1ff, 0x4, 0x4, 0x92, 0xd, 0x11f4, 0xf, 0x101, 0x0, 0xfffffffe, 0x4, 0x7f, 0x9, 0x7, 0x3597, 0x80, 0xc, 0x0, 0x6, 0x1000f290, 0x8e3, 0x6, 0x20a, 0x0, 0xfffffff3, 0x2b, 0x4, 0x4, 0x7, 0x6, 0xffff8001, 0x80, 0x479, 0x7, 0x1, 0x1, 0x4050732b, 0x8, 0xf5c8, 0x5e, 0x4, 0xf0, 0x7, 0x946, 0x5, 0x8001, 0xffff, 0x4, 0xbf2, 0x10001, 0xfffffffd, 0x8, 0xfffffffd, 0x8001, 0x6, 0x1, 0x7fffffff, 0x80, 0x7a, 0x1, 0x7, 0x5, 0x0, 0x9, 0x1, 0x7, 0x1e8, 0x4, 0xc31, 0x8, 0x20000000, 0x80000000, 0x1, 0x9, 0x5, 0x5, 0x80000000, 0x3e64, 0x5, 0x816, 0x6, 0xfffffff6, 0x4, 0x10, 0x9, 0x8, 0xd, 0x2, 0x2, 0x2941, 0x1000, 0x8, 0xff, 0x4, 0x9, 0xf6e2, 0x8, 0x6, 0x4, 0x1, 0x3, 0xb9, 0x2ee, 0x444, 0x2, 0x9, 0xb966, 0xb2000, 0x33, 0x9a6d, 0x9, 0x8, 0x200, 0xc, 0x5, 0x89, 0x8, 0x100e, 0x528, 0x4, 0x3, 0x8, 0x3, 0x0, 0x6, 0xbfe8, 0x5, 0x8, 0x3, 0x6, 0x4, 0x4e8d, 0x2, 0x8e, 0xffffff42, 0x5, 0xe, 0x1, 0x6, 0xe, 0x2, 0x4, 0x3, 0x6, 0x1, 0x5, 0x9, 0xffffffff, 0x7, 0x5, 0x160000, 0x9, 0x8, 0x1640, 0x6, 0x6, 0x0, 0x6b7, 0x2, 0xedd9, 0xfff, 0x8, 0x7fffffff, 0x8, 0x1, 0x2, 0x3, 0x8, 0x3, 0x0, 0x3, 0x200034, 0x9, 0x3, 0x2, 0xffffcd43, 0x7, 0x8, 0x486, 0x1, 0xffff, 0x5ca0, 0x3, 0x1000, 0x4, 0x7, 0x8, 0x5, 0x7, 0xfffffffd, 0x7, 0x8, 0xffffffff, 0x22, 0x9, 0x2, 0xfe800000, 0x3, 0x1e, 0x3, 0x8, 0xa1, 0x81, 0x5, 0x1, 0x2, 0x4, 0x7ff, 0xf43, 0x3, 0x8, 0x3, 0x3, 0x4, 0x100000, 0x9, 0x66c, 0x7fc, 0x3, 0x0, 0x10001, 0x5, 0x0, 0x81, 0x2, 0x9, 0x2823, 0x8, 0xffffffff, 0x0, 0xffffffff, 0x8001, 0x0, 0x9, 0xd, 0x1, 0x9, 0x5, 0xc, 0xc79, 0x80000001, 0x200, 0xede5, 0x3, 0x3, 0x0, 0x3, 0x7, 0x8, 0x8, 0x8]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x1, 0x10000000, 0x7, 0x7, 0x7, {0x4, 0x1, 0xfe00, 0xfe42, 0x4, 0x7}, {0x17, 0x2, 0xcb, 0x1, 0x800, 0x8002}, 0x7, 0xa6, 0x3}}, @TCA_POLICE_RATE={0x404, 0x2, [0x5, 0x4, 0x40000000, 0x6, 0xfffffff1, 0x796, 0x5, 0xd2c1, 0x7ff, 0x20, 0x6, 0x9, 0x101, 0x5, 0x2, 0x9, 0xc, 0x800, 0x695, 0x401, 0x2, 0x7, 0x1000, 0x343d41f0, 0x4, 0x3, 0x3, 0x3, 0xc94, 0xa0, 0x1, 0x5, 0x81a, 0x1666, 0x80c, 0xb, 0xce3a, 0x21f1, 0x81, 0x5f82, 0x5ff, 0x3, 0xed, 0x4, 0x81, 0x401, 0x1, 0x5fb2, 0x8, 0xfffffe01, 0xc, 0x6, 0x2, 0x0, 0x6, 0x1, 0xffffffff, 0xb1e5, 0x0, 0x8, 0x4, 0x1, 0x0, 0x3, 0x9, 0x3, 0x1, 0xc24, 0x2, 0x5, 0x1f, 0x7, 0x0, 0x4, 0x3, 0x2, 0x4d, 0xffffffff, 0x4, 0x1, 0x6, 0x40, 0x1, 0x3, 0x2, 0x5, 0x1ff, 0x101, 0x8, 0xf48, 0x9, 0xffffffff, 0x200, 0x5, 0x76, 0x6, 0x3, 0x8000, 0x6, 0x9, 0x80000000, 0x6, 0x8001, 0xbe39, 0x7b7, 0x5, 0x7ff, 0xb, 0x4, 0x1, 0x8, 0x9, 0xb, 0x6, 0xdfcf, 0x0, 0x442ff558, 0xb481, 0x6, 0x3, 0x4, 0xe, 0x10000, 0x0, 0x31fe, 0xfffff2c1, 0xb, 0x3, 0x6, 0x7b, 0x21d, 0x6, 0xc, 0x10, 0xf91, 0x0, 0x62e, 0x2, 0xfffffffc, 0x5d8, 0x4, 0x5, 0x7, 0x5, 0x3, 0x7, 0x9, 0x5, 0xfffffff7, 0x0, 0x2, 0x80000000, 0x400009, 0x5, 0x8, 0x3, 0x0, 0x200, 0xdff, 0x7, 0x9, 0x223ec3e9, 0xdaa, 0x0, 0x101, 0x1000, 0x4, 0x8, 0x8, 0x13, 0xb, 0x4, 0xfffffffb, 0x491, 0xfffffffb, 0xfffffff9, 0x9c, 0x3, 0x1, 0x4005, 0x5, 0x8001, 0x6, 0x10001, 0x1, 0x3, 0xffff, 0x4, 0x38, 0x401, 0x2, 0x10, 0x3, 0x3, 0xbd, 0x9, 0x4, 0x5, 0x81, 0x81, 0x3, 0x202, 0x5, 0x9, 0x81, 0x6, 0x8, 0x79, 0x6, 0x8, 0xffffffff, 0xea58, 0x29dc6e7b, 0x53ad, 0x7, 0xd77, 0xfb, 0x8, 0x5, 0x0, 0x0, 0x12, 0x4e, 0xf, 0xbb4f, 0x7, 0xe4, 0xbcba, 0x80, 0x8, 0xc6, 0x0, 0x81, 0x10000, 0x70, 0xffffffff, 0x4, 0x80, 0x8, 0x3ff, 0xffffffff, 0x5, 0x7, 0x6, 0x5, 0x8001, 0x6ab0, 0x401, 0x40000007, 0xd, 0x81, 0x7, 0x5, 0xf417, 0x6, 0x5]}]}, @TCA_FLOW_MODE={0x8, 0x2, 0x1}]}}]}, 0x88c}, 0x1, 0x0, 0x0, 0x4008848}, 0xc884)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$kcm(r5, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x7, r10, 0x4000003e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000280)="19", 0x1}], 0x1}, 0x4) (fail_nth: 2)

577.282372ms ago: executing program 4 (id=14404):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x1, &(0x7f0000000480)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], &(0x7f00000004c0)='GPL\x00', 0x4, 0x5, &(0x7f0000000500)=""/5, 0x40f00, 0x2f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7429}, 0x23)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @empty}], 0x1c)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000000080), 0x1)
sendto$inet6(r0, &(0x7f0000000040)='l', 0x1, 0x0, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000000700)="e2", 0x1, 0x40000, 0x0, 0x0)

458.118742ms ago: executing program 2 (id=14405):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001c40)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000005000000030000000100000f05000000000000000100000005000000004f0030"], &(0x7f00000006c0)=""/262, 0x35, 0x106, 0x9}, 0x28)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x42}}}]}, 0x38}}, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$kcm(0x11, 0x3, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r6)
r7 = bpf$ITER_CREATE(0x21, &(0x7f00000001c0), 0x8)
r8 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r8, &(0x7f0000000180)=@file={0x1}, 0x6e)
listen(r8, 0x0)
r9 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r9, &(0x7f0000000200)=@file={0x1}, 0x6e)
connect$unix(r9, &(0x7f0000000080)=@file={0x1}, 0x6e)
close(0x3)
syz_genetlink_get_family_id$gtp(&(0x7f0000000140), r7)
r10 = socket(0x400000000010, 0x3, 0x0)
r11 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r12=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000700)=@newtfilter={0x88c, 0x2c, 0xd3f, 0x70b524, 0x25dfdbfc, {0x0, 0x0, 0x0, r12, {0xfff3, 0xffe0}, {}, {0x7, 0xfff2}}, [@filter_kind_options=@f_flow={{0x9}, {0x85c, 0x2, [@TCA_FLOW_KEYS={0x8, 0x1, 0x18d0b}, @TCA_FLOW_POLICE={0x848, 0xa, 0x0, 0x1, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x81, 0x4, 0x9, 0x2, 0x2, 0x1ff, 0x4, 0x4, 0x92, 0xd, 0x11f4, 0xf, 0x101, 0x0, 0xfffffffe, 0x4, 0x7f, 0x9, 0x7, 0x3597, 0x80, 0xc, 0x0, 0x6, 0x1000f290, 0x8e3, 0x6, 0x20a, 0x0, 0xfffffff3, 0x2b, 0x4, 0x4, 0x7, 0x6, 0xffff8001, 0x80, 0x479, 0x7, 0x1, 0x1, 0x4050732b, 0x8, 0xf5c8, 0x5e, 0x4, 0xf0, 0x7, 0x946, 0x5, 0x8001, 0xffff, 0x4, 0xbf2, 0x10001, 0xfffffffd, 0x8, 0xfffffffd, 0x8001, 0x6, 0x1, 0x7fffffff, 0x80, 0x7a, 0x1, 0x7, 0x5, 0x0, 0x9, 0x1, 0x7, 0x1e8, 0x4, 0xc31, 0x8, 0x20000000, 0x80000000, 0x1, 0x9, 0x5, 0x5, 0x80000000, 0x3e64, 0x5, 0x816, 0x6, 0xfffffff6, 0x4, 0x10, 0x9, 0x9, 0xd, 0x2, 0x2, 0x2941, 0x1000, 0x8, 0xff, 0x4, 0x9, 0xf6e2, 0x8, 0x6, 0x4, 0x1, 0x3, 0xb9, 0x2ee, 0x444, 0x2, 0x9, 0xb966, 0xb2000, 0x33, 0x9a6d, 0x9, 0x8, 0x200, 0xc, 0x5, 0x89, 0x8, 0x100e, 0x528, 0x4, 0x3, 0x8, 0x3, 0x0, 0x6, 0xbfe8, 0x5, 0x8, 0x3, 0x6, 0x4, 0x4e8d, 0x2, 0x8e, 0xffffff42, 0x5, 0xe, 0x1, 0x6, 0xe, 0x2, 0x4, 0x3, 0x6, 0x1, 0x5, 0x9, 0xffffffff, 0x7, 0x5, 0x160000, 0x9, 0x8, 0x1640, 0x6, 0x6, 0x0, 0x6b7, 0x2, 0xedd9, 0xfff, 0x8, 0x7fffffff, 0x8, 0x1, 0x2, 0x3, 0x8, 0x3, 0x0, 0x3, 0xfffffffe, 0x9, 0x3, 0x2, 0xffffcd43, 0x7, 0x8, 0x486, 0x1, 0xffff, 0x5ca0, 0x3, 0x1000, 0x4, 0x7, 0x8, 0x5, 0x7, 0xfffffffd, 0x7, 0x8, 0xffffffff, 0x22, 0x9, 0x2, 0xfe800000, 0x3, 0x1e, 0x3, 0x8, 0xa1, 0x81, 0x5, 0x1, 0x2, 0x4, 0x7ff, 0xf43, 0x3, 0x8, 0x3, 0x3, 0x4, 0x100000, 0x9, 0x66c, 0x7fc, 0x3, 0x0, 0x10001, 0x5, 0x2, 0x81, 0x2, 0x9, 0x2823, 0x8, 0xffffffff, 0x0, 0xffffffff, 0x8001, 0x0, 0x9, 0xd, 0x1, 0x9, 0x5, 0xc, 0xc79, 0x80000001, 0x200, 0xede5, 0x3, 0x3, 0x0, 0x3, 0x7, 0x8, 0x8, 0x8]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x1, 0x10000000, 0x7, 0x7, 0x7, {0x4, 0x1, 0xfe00, 0xfe42, 0x4, 0x7}, {0x17, 0x2, 0xcb, 0x1, 0x800, 0x8002}, 0x7, 0xa6, 0x3}}, @TCA_POLICE_RATE={0x404, 0x2, [0x5, 0x4, 0x40000000, 0x6, 0xfffffff1, 0x796, 0x5, 0xd2c1, 0x7ff, 0x20, 0x6, 0x9, 0x101, 0x5, 0x2, 0x9, 0xc, 0x800, 0x695, 0x401, 0x2, 0x7, 0x1000, 0x343d41f0, 0x4, 0x3, 0x3, 0x3, 0xc94, 0xa0, 0x1, 0x5, 0x81a, 0x1666, 0x80c, 0xb, 0xce3a, 0x21f1, 0x81, 0x5f82, 0x5ff, 0x3, 0xed, 0x4, 0x81, 0x401, 0x1, 0x5fb2, 0x8, 0xfffffe01, 0xc, 0x6, 0x2, 0x0, 0x6, 0x1, 0xffffffff, 0xb1e5, 0x0, 0x8, 0x4, 0x1, 0x0, 0x3, 0x9, 0x3, 0x1, 0xc24, 0x2, 0x5, 0x1f, 0x7, 0x0, 0x4, 0x3, 0x2, 0x4d, 0xffffffff, 0x4, 0x1, 0x6, 0x40, 0x1, 0x3, 0x2, 0x5, 0x1ff, 0x101, 0x8, 0xf48, 0x9, 0xffffffff, 0x200, 0x5, 0x76, 0x6, 0x3, 0x8000, 0x6, 0x9, 0x80000000, 0x6, 0x8001, 0xbe39, 0x7b7, 0x5, 0x7ff, 0xb, 0x4, 0x1, 0x8, 0x9, 0xb, 0x6, 0xdfcf, 0x0, 0x442ff558, 0xb481, 0x9, 0x3, 0x4, 0xe, 0x10000, 0x0, 0x31fe, 0xfffff2c1, 0xb, 0x3, 0x6, 0x7b, 0x21d, 0x6, 0xc, 0x10, 0xf91, 0x0, 0x62e, 0x2, 0xfffffffc, 0x5d8, 0x4, 0x5, 0x7, 0xe, 0x3, 0x7, 0x9, 0x5, 0xfffffff7, 0x0, 0x2, 0x80000000, 0x400009, 0x5, 0x8, 0x3, 0x0, 0x200, 0xdff, 0x7, 0x9, 0x223ec3e9, 0xdaa, 0x0, 0x101, 0x1000, 0x4, 0x8, 0x8, 0x13, 0xb, 0x4, 0xfffffffb, 0x491, 0xfffffffb, 0xfffffff9, 0x9c, 0x3, 0x1, 0x4005, 0x5, 0x8001, 0x6, 0x10001, 0x1, 0x3, 0xffff, 0x4, 0x38, 0x401, 0x2, 0x10, 0x3, 0x3, 0xbd, 0x9, 0x4, 0x5, 0x81, 0x81, 0x3, 0x202, 0x5, 0x9, 0x81, 0x6, 0x8, 0x79, 0x6, 0x8, 0xffffffff, 0xea58, 0x29dc6e7b, 0x53ad, 0x7, 0xd77, 0xfb, 0x8, 0x5, 0x0, 0x0, 0x12, 0x4e, 0xf, 0xbb4f, 0x7, 0xe4, 0xbcba, 0x80, 0x8, 0xc6, 0x0, 0x81, 0x10000, 0x70, 0xffffffff, 0x4, 0x80, 0x8, 0x3ff, 0xffffffff, 0x5, 0x7, 0x6, 0x5, 0x8001, 0x6ab0, 0x401, 0x40000007, 0xa, 0x81, 0x7, 0x5, 0xf417, 0x6, 0x5]}]}, @TCA_FLOW_MODE={0x8, 0x2, 0x1}]}}]}, 0x88c}, 0x1, 0x0, 0x0, 0x4008848}, 0xc884)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r13=>0x0})
sendmsg$kcm(r5, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x7, r13, 0x4000003e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000280)="19", 0x1}], 0x1}, 0x4)

166.689738ms ago: executing program 3 (id=14406):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
ioctl$SIOCGSTAMPNS(r0, 0x8907, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000000f0000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000be000000b70000000300000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b}, 0x42) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000000f0000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000be000000b70000000300000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b}, 0x42)
r2 = socket(0xa, 0x5, 0x0)
sendmsg$inet(r2, &(0x7f0000000300)={&(0x7f0000000180)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000240)="01", 0x1}], 0x1}, 0xc2f1788970f1e6ef)
socket$inet6_sctp(0xa, 0x5, 0x84) (async)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f0000000000)={0x1, [0x0]}, &(0x7f0000000080)=0x8) (async)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r4=>0x0]}, &(0x7f0000000080)=0x8)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, &(0x7f0000000480)={r4, @in={{0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x9, 0x80}, &(0x7f0000000100)=0x90)
setsockopt$TIPC_MCAST_BROADCAST(r2, 0x10f, 0x85)
setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f00000000c0)={0x1d, @dev={0xac, 0x14, 0x14, 0xa}, 0x4e22, 0x4, 'none\x00', 0x14, 0x0, 0x60}, 0x2c)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000c80)={r1, 0x2000012, 0x10ff, 0x0, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0x7ffe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$XFS_IOC_SCRUBV_METADATA(r3, 0xc0285840, &(0x7f00000002c0)={0x9, 0xfffff6c8, 0x8, 0x0, 0xf, 0x4, 0x0, &(0x7f0000000280)=[{0x4, 0xfe, 0x2}, {0x28, 0x101, 0xb4e}, {0x18, 0x101, 0x9}, {0x17, 0x1ff, 0x8}]})
socket$nl_route(0x10, 0x3, 0x0) (async)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'syz_tun\x00', <r6=>0x0})
ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x8914, &(0x7f0000000080)={'veth0_to_hsr\x00', 0x1000})
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newlink={0x44, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x5475d, 0xfd6f}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r6}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x44}, 0x1, 0x0, 0x0, 0x28001}, 0x8000002) (async)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newlink={0x44, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x5475d, 0xfd6f}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r6}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x44}, 0x1, 0x0, 0x0, 0x28001}, 0x8000002)

158.13149ms ago: executing program 0 (id=14407):
r0 = socket$inet(0x2, 0x3, 0x0)
setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @remote}, 0xc)
syz_emit_ethernet(0x36, &(0x7f0000000000)={@link_local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x64, 0x0, 0x2, 0x2, 0x0, @empty, @multicast2}, @timestamp_reply={0x11, 0x0, 0x0, 0xe000, 0x2, 0x2, 0x200000}}}}}, 0x0)

0s ago: executing program 0 (id=14408):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @local}, 0x10)
sendmsg$SMC_PNETID_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4040}, 0x40008080)
recvmmsg(r0, &(0x7f0000002c80)=[{{&(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @local}}, 0x80, &(0x7f0000000580)=[{&(0x7f0000000440)=""/210, 0xd2}, {&(0x7f0000000540)=""/46, 0x2e}], 0x2, &(0x7f00000005c0)=""/34, 0x22}, 0x168}, {{&(0x7f0000000640)=@nl, 0x80, &(0x7f0000002880)=[{&(0x7f00000006c0)=""/100, 0x64}, {&(0x7f0000000740)}, {&(0x7f0000000780)=""/145, 0x91}, {&(0x7f0000001880)=""/4096, 0x1000}], 0x4, &(0x7f00000028c0)}, 0xad}, {{0x0, 0x0, 0x0}, 0xe100}], 0x3, 0x40000002, &(0x7f0000002d40)={0x77359400})

kernel console output (not intermixed with test programs):

'.
[ 1414.179728][T14758] netlink: 'syz.4.13266': attribute type 2 has an invalid length.
[ 1414.504429][T14781] netlink: 48 bytes leftover after parsing attributes in process `syz.3.13273'.
[ 1414.689764][T14796] netlink: 220 bytes leftover after parsing attributes in process `syz.3.13277'.
[ 1414.700666][T14796] netlink: 220 bytes leftover after parsing attributes in process `syz.3.13277'.
[ 1414.710629][T14796] netlink: 56 bytes leftover after parsing attributes in process `syz.3.13277'.
[ 1415.005480][T14810] netlink: 36 bytes leftover after parsing attributes in process `syz.4.13284'.
[ 1415.056975][T14812] FAULT_INJECTION: forcing a failure.
[ 1415.056975][T14812] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1415.100983][T14812] CPU: 0 UID: 0 PID: 14812 Comm: syz.1.13285 Not tainted syzkaller #0 PREEMPT(full) 
[ 1415.101007][T14812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1415.101016][T14812] Call Trace:
[ 1415.101023][T14812]  <TASK>
[ 1415.101031][T14812]  dump_stack_lvl+0xe8/0x150
[ 1415.101056][T14812]  should_fail_ex+0x412/0x560
[ 1415.101080][T14812]  _copy_from_user+0x2d/0xb0
[ 1415.101103][T14812]  ___sys_sendmsg+0x1c6/0x360
[ 1415.101119][T14812]  ? __lock_acquire+0x6b5/0x2cf0
[ 1415.101140][T14812]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1415.101154][T14812]  ? __lock_acquire+0x6b5/0x2cf0
[ 1415.101175][T14812]  ? kstrtouint+0x6e/0xe0
[ 1415.101232][T14812]  __sys_sendmmsg+0x27c/0x4e0
[ 1415.101254][T14812]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1415.101268][T14812]  ? __mutex_unlock_slowpath+0x1be/0x6f0
[ 1415.101315][T14812]  ? ksys_write+0x242/0x270
[ 1415.101338][T14812]  ? __pfx_ksys_write+0x10/0x10
[ 1415.101365][T14812]  __x64_sys_sendmmsg+0xa0/0xc0
[ 1415.101381][T14812]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1415.101398][T14812]  do_syscall_64+0x15f/0xf80
[ 1415.101420][T14812]  ? trace_irq_disable+0x3b/0x140
[ 1415.101442][T14812]  ? clear_bhb_loop+0x40/0x90
[ 1415.101462][T14812]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1415.101477][T14812] RIP: 0033:0x7f2a1919ce59
[ 1415.101493][T14812] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1415.101507][T14812] RSP: 002b:00007f2a19fa1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1415.101524][T14812] RAX: ffffffffffffffda RBX: 00007f2a19415fa0 RCX: 00007f2a1919ce59
[ 1415.101536][T14812] RDX: 0000000000000002 RSI: 0000200000001480 RDI: 0000000000000003
[ 1415.101546][T14812] RBP: 00007f2a19fa1090 R08: 0000000000000000 R09: 0000000000000000
[ 1415.101556][T14812] R10: 00000000200080fc R11: 0000000000000246 R12: 0000000000000002
[ 1415.101566][T14812] R13: 00007f2a19416038 R14: 00007f2a19415fa0 R15: 00007ffcb4fa7a18
[ 1415.101595][T14812]  </TASK>
[ 1415.522662][T14833] ip6gre1: entered promiscuous mode
[ 1415.529358][T14833] ip6gre1: entered allmulticast mode
[ 1415.538413][ T1125] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1415.555386][ T1125] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1415.565181][   T29] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1415.934356][T14862] FAULT_INJECTION: forcing a failure.
[ 1415.934356][T14862] name failslab, interval 1, probability 0, space 0, times 0
[ 1415.948266][T14862] CPU: 0 UID: 0 PID: 14862 Comm: syz.4.13304 Not tainted syzkaller #0 PREEMPT(full) 
[ 1415.948291][T14862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1415.948301][T14862] Call Trace:
[ 1415.948309][T14862]  <TASK>
[ 1415.948316][T14862]  dump_stack_lvl+0xe8/0x150
[ 1415.948343][T14862]  should_fail_ex+0x412/0x560
[ 1415.948370][T14862]  should_failslab+0xa8/0x100
[ 1415.948392][T14862]  ? skb_clone+0x212/0x3a0
[ 1415.948409][T14862]  kmem_cache_alloc_noprof+0x87/0x650
[ 1415.948440][T14862]  ? __netlink_lookup+0xc6/0x8b0
[ 1415.948461][T14862]  skb_clone+0x212/0x3a0
[ 1415.948479][T14862]  __netlink_deliver_tap+0x404/0x850
[ 1415.948505][T14862]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1415.948522][T14862]  netlink_deliver_tap+0x19c/0x1b0
[ 1415.948542][T14862]  netlink_unicast+0x730/0x8e0
[ 1415.948573][T14862]  netlink_sendmsg+0x813/0xb40
[ 1415.948597][T14862]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1415.948616][T14862]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1415.948637][T14862]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1415.948662][T14862]  ____sys_sendmsg+0x972/0x9f0
[ 1415.948677][T14862]  ? __might_fault+0xaf/0x130
[ 1415.948704][T14862]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1415.948730][T14862]  ? import_iovec+0x73/0xa0
[ 1415.948754][T14862]  ___sys_sendmsg+0x2a5/0x360
[ 1415.948769][T14862]  ? __lock_acquire+0x6b5/0x2cf0
[ 1415.948789][T14862]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1415.948837][T14862]  ? __fget_files+0x2a/0x420
[ 1415.948855][T14862]  ? __fget_files+0x3a0/0x420
[ 1415.948883][T14862]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1415.948902][T14862]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1415.948927][T14862]  ? __pfx_ksys_write+0x10/0x10
[ 1415.948959][T14862]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1415.948976][T14862]  do_syscall_64+0x15f/0xf80
[ 1415.948998][T14862]  ? trace_irq_disable+0x3b/0x140
[ 1415.949019][T14862]  ? clear_bhb_loop+0x40/0x90
[ 1415.949038][T14862]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1415.949054][T14862] RIP: 0033:0x7f42bf19ce59
[ 1415.949071][T14862] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1415.949084][T14862] RSP: 002b:00007f42bffc6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1415.949099][T14862] RAX: ffffffffffffffda RBX: 00007f42bf415fa0 RCX: 00007f42bf19ce59
[ 1415.949110][T14862] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[ 1415.949120][T14862] RBP: 00007f42bffc6090 R08: 0000000000000000 R09: 0000000000000000
[ 1415.949129][T14862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1415.949138][T14862] R13: 00007f42bf416038 R14: 00007f42bf415fa0 R15: 00007ffdb361bb68
[ 1415.949167][T14862]  </TASK>
[ 1416.213403][  T807] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1416.221548][  T807] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1416.819990][T14898] sctp: [Deprecated]: syz.0.13315 (pid 14898) Use of int in max_burst socket option.
[ 1416.819990][T14898] Use struct sctp_assoc_value instead
[ 1417.371102][T14936] netlink: 'syz.1.13332': attribute type 1 has an invalid length.
[ 1417.384493][T14938] bridge3: entered allmulticast mode
[ 1417.411121][T14936] bond1: entered promiscuous mode
[ 1417.417477][T14936] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1417.700409][T14953] tunl0: entered allmulticast mode
[ 1417.881394][T14962] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1417.918031][T14962] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1418.615450][T14989] sctp: [Deprecated]: syz.0.13345 (pid 14989) Use of int in max_burst socket option.
[ 1418.615450][T14989] Use struct sctp_assoc_value instead
[ 1418.871419][T14970] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[ 1419.053514][T15004] FAULT_INJECTION: forcing a failure.
[ 1419.053514][T15004] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1419.053710][T15001] __nla_validate_parse: 15 callbacks suppressed
[ 1419.053724][T15001] netlink: 68 bytes leftover after parsing attributes in process `syz.1.13352'.
[ 1419.068320][T15004] CPU: 0 UID: 0 PID: 15004 Comm: syz.3.13353 Not tainted syzkaller #0 PREEMPT(full) 
[ 1419.068344][T15004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1419.068353][T15004] Call Trace:
[ 1419.068360][T15004]  <TASK>
[ 1419.068367][T15004]  dump_stack_lvl+0xe8/0x150
[ 1419.068392][T15004]  should_fail_ex+0x412/0x560
[ 1419.068419][T15004]  _copy_from_iter+0x1d3/0x1670
[ 1419.068445][T15004]  ? rcu_is_watching+0x15/0xb0
[ 1419.068469][T15004]  ? __pfx__copy_from_iter+0x10/0x10
[ 1419.068496][T15004]  ? netlink_sendmsg+0x650/0xb40
[ 1419.068512][T15004]  ? skb_put+0x11b/0x210
[ 1419.068538][T15004]  netlink_sendmsg+0x6c0/0xb40
[ 1419.068562][T15004]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1419.068581][T15004]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1419.068603][T15004]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1419.068626][T15004]  ____sys_sendmsg+0x972/0x9f0
[ 1419.068643][T15004]  ? __might_fault+0xaf/0x130
[ 1419.068669][T15004]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1419.068693][T15004]  ? import_iovec+0x73/0xa0
[ 1419.068718][T15004]  ___sys_sendmsg+0x2a5/0x360
[ 1419.068740][T15004]  ? __lock_acquire+0x6b5/0x2cf0
[ 1419.068762][T15004]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1419.068810][T15004]  ? __fget_files+0x2a/0x420
[ 1419.068828][T15004]  ? __fget_files+0x3a0/0x420
[ 1419.068855][T15004]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1419.068874][T15004]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1419.068898][T15004]  ? __pfx_ksys_write+0x10/0x10
[ 1419.068927][T15004]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1419.068945][T15004]  do_syscall_64+0x15f/0xf80
[ 1419.068967][T15004]  ? trace_irq_disable+0x3b/0x140
[ 1419.068989][T15004]  ? clear_bhb_loop+0x40/0x90
[ 1419.069009][T15004]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1419.069024][T15004] RIP: 0033:0x7f48c839ce59
[ 1419.069041][T15004] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1419.069054][T15004] RSP: 002b:00007f48c932e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1419.069071][T15004] RAX: ffffffffffffffda RBX: 00007f48c8615fa0 RCX: 00007f48c839ce59
[ 1419.069082][T15004] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[ 1419.069091][T15004] RBP: 00007f48c932e090 R08: 0000000000000000 R09: 0000000000000000
[ 1419.069101][T15004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1419.069110][T15004] R13: 00007f48c8616038 R14: 00007f48c8615fa0 R15: 00007ffddedd3908
[ 1419.069139][T15004]  </TASK>
[ 1419.655069][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1419.708974][T15029] syzkaller0: entered promiscuous mode
[ 1419.719774][T15029] syzkaller0: entered allmulticast mode
[ 1419.721020][T15033] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4.
[ 1419.727517][T15031] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[ 1419.969621][T15042] netlink: 16 bytes leftover after parsing attributes in process `syz.4.13368'.
[ 1420.022982][T15043] sctp: [Deprecated]: syz.2.13367 (pid 15043) Use of int in max_burst socket option.
[ 1420.022982][T15043] Use struct sctp_assoc_value instead
[ 1420.039079][T15045] netlink: 16 bytes leftover after parsing attributes in process `syz.4.13368'.
[ 1420.067393][T15045] bond4: entered promiscuous mode
[ 1420.072925][T15045] 8021q: adding VLAN 0 to HW filter on device bond4
[ 1420.080892][T15045] bridge0: port 3(bond4) entered blocking state
[ 1420.087750][T15045] bridge0: port 3(bond4) entered disabled state
[ 1420.094224][T15045] bond4: entered allmulticast mode
[ 1420.102628][T15045] bridge0: port 3(bond4) entered blocking state
[ 1420.109112][T15045] bridge0: port 3(bond4) entered forwarding state
[ 1420.353657][T15051] netlink: 8 bytes leftover after parsing attributes in process `syz.0.13370'.
[ 1420.363281][T15051] netlink: 12 bytes leftover after parsing attributes in process `syz.0.13370'.
[ 1420.402015][T15051] netlink: 8 bytes leftover after parsing attributes in process `syz.0.13370'.
[ 1420.411255][T15051] netlink: 12 bytes leftover after parsing attributes in process `syz.0.13370'.
[ 1420.555799][ T6024] bridge0: port 3(bond4) entered disabled state
[ 1420.661042][T15063] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4.
[ 1421.520488][T15111] sctp: [Deprecated]: syz.0.13390 (pid 15111) Use of int in max_burst socket option.
[ 1421.520488][T15111] Use struct sctp_assoc_value instead
[ 1421.876175][T15131] openvswitch: netlink: Key type 29 is not supported
[ 1421.906972][T15135] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13404'.
[ 1421.916859][T15135] netlink: 12 bytes leftover after parsing attributes in process `syz.3.13404'.
[ 1421.967125][T15135] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13404'.
[ 1422.186647][T15152] 5�: entered promiscuous mode
[ 1422.371392][T15157] vlan0: entered promiscuous mode
[ 1422.496325][T15160] tap0: tun_chr_ioctl cmd 1074025677
[ 1422.502220][T15160] tap0: linktype set to 768
[ 1423.330555][T15180] virt_wifi0: entered allmulticast mode
[ 1423.361355][T15178] syzkaller0: entered promiscuous mode
[ 1423.375539][T15178] syzkaller0: entered allmulticast mode
[ 1423.412063][T15170] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1423.474009][T15169] tipc: Resetting bearer <eth:syzkaller0>
[ 1423.546796][T15169] tipc: Disabling bearer <eth:syzkaller0>
[ 1423.657734][ T1717] Bluetooth: hci0: command 0x0405 tx timeout
[ 1423.682888][T15208] sctp: [Deprecated]: syz.3.13419 (pid 15208) Use of int in max_burst socket option.
[ 1423.682888][T15208] Use struct sctp_assoc_value instead
[ 1423.825843][T15209] tunl0: Caught tx_queue_len zero misconfig
[ 1425.004797][T15255] __nla_validate_parse: 12 callbacks suppressed
[ 1425.004815][T15255] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13434'.
[ 1425.230855][T15264] netlink: 'syz.2.13438': attribute type 6 has an invalid length.
[ 1425.245542][T15264] netlink: 32 bytes leftover after parsing attributes in process `syz.2.13438'.
[ 1425.519547][T15271] sctp: [Deprecated]: syz.0.13440 (pid 15271) Use of int in max_burst socket option.
[ 1425.519547][T15271] Use struct sctp_assoc_value instead
[ 1425.673414][T15279] syzkaller0: entered promiscuous mode
[ 1425.685175][T15279] syzkaller0: entered allmulticast mode
[ 1425.745434][ T5637] Bluetooth: hci0: command 0x0405 tx timeout
[ 1426.021377][T15298] netlink: 48 bytes leftover after parsing attributes in process `syz.1.13447'.
[ 1426.259210][T15307] --map-set only usable from mangle table
[ 1426.562857][T15295] syzkaller0: entered promiscuous mode
[ 1426.584088][T15295] syzkaller0: entered allmulticast mode
[ 1426.671495][T15321] syzkaller1: entered promiscuous mode
[ 1426.682727][T15321] syzkaller1: entered allmulticast mode
[ 1427.104008][T15338] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4.
[ 1427.396408][T15343] netlink: 48 bytes leftover after parsing attributes in process `syz.2.13461'.
[ 1427.754338][T15347] sctp: [Deprecated]: syz.2.13462 (pid 15347) Use of int in max_burst socket option.
[ 1427.754338][T15347] Use struct sctp_assoc_value instead
[ 1428.702497][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1430.684603][T15367] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4.
[ 1430.906907][T15387] netlink: 36 bytes leftover after parsing attributes in process `syz.0.13475'.
[ 1431.484396][T15411] netlink: 'syz.2.13482': attribute type 10 has an invalid length.
[ 1431.501984][T15411] netlink: 12 bytes leftover after parsing attributes in process `syz.2.13482'.
[ 1431.595988][T15416] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4.
[ 1431.891724][T15430] xt_socket: unknown flags 0x50
[ 1432.201762][T15457] netlink: 32 bytes leftover after parsing attributes in process `syz.1.13500'.
[ 1432.203337][T15458] netlink: 8 bytes leftover after parsing attributes in process `syz.2.13501'.
[ 1432.248130][T15458] tipc: Started in network mode
[ 1432.271651][T15458] tipc: Node identity a2661e9e01cb, cluster identity 4711
[ 1432.289513][T15458] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1432.300371][T15461] syzkaller0: entered promiscuous mode
[ 1432.306582][T15461] syzkaller0: entered allmulticast mode
[ 1432.356250][T15458] tipc: Resetting bearer <eth:syzkaller0>
[ 1432.371736][T15455] tipc: Resetting bearer <eth:syzkaller0>
[ 1432.396977][T15465] xt_socket: unknown flags 0x50
[ 1432.434571][T15455] tipc: Disabling bearer <eth:syzkaller0>
[ 1432.478496][T15471] syzkaller0: entered promiscuous mode
[ 1432.490174][T15471] syzkaller0: entered allmulticast mode
[ 1432.810428][T15484] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1432.895631][T15494] netlink: 'syz.2.13510': attribute type 1 has an invalid length.
[ 1432.912324][T15484] syzkaller0: entered promiscuous mode
[ 1432.918443][T15484] syzkaller0: entered allmulticast mode
[ 1432.924035][T15494] netlink: 248 bytes leftover after parsing attributes in process `syz.2.13510'.
[ 1432.926654][T15484] tipc: Resetting bearer <eth:syzkaller0>
[ 1433.078708][T15504] FAULT_INJECTION: forcing a failure.
[ 1433.078708][T15504] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1433.092568][T15483] tipc: Resetting bearer <eth:syzkaller0>
[ 1433.114801][T15504] CPU: 1 UID: 0 PID: 15504 Comm: syz.4.13517 Not tainted syzkaller #0 PREEMPT(full) 
[ 1433.114829][T15504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1433.114839][T15504] Call Trace:
[ 1433.114846][T15504]  <TASK>
[ 1433.114854][T15504]  dump_stack_lvl+0xe8/0x150
[ 1433.114881][T15504]  should_fail_ex+0x412/0x560
[ 1433.114917][T15504]  _copy_from_user+0x2d/0xb0
[ 1433.114940][T15504]  ___sys_sendmsg+0x1c6/0x360
[ 1433.114957][T15504]  ? __lock_acquire+0x6b5/0x2cf0
[ 1433.114980][T15504]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1433.115028][T15504]  ? __fget_files+0x2a/0x420
[ 1433.115047][T15504]  ? __fget_files+0x3a0/0x420
[ 1433.115076][T15504]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1433.115095][T15504]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1433.115121][T15504]  ? __pfx_ksys_write+0x10/0x10
[ 1433.115152][T15504]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1433.115170][T15504]  do_syscall_64+0x15f/0xf80
[ 1433.115192][T15504]  ? trace_irq_disable+0x3b/0x140
[ 1433.115215][T15504]  ? clear_bhb_loop+0x40/0x90
[ 1433.115235][T15504]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1433.115251][T15504] RIP: 0033:0x7f42bf19ce59
[ 1433.115267][T15504] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1433.115281][T15504] RSP: 002b:00007f42bffc6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1433.115298][T15504] RAX: ffffffffffffffda RBX: 00007f42bf415fa0 RCX: 00007f42bf19ce59
[ 1433.115310][T15504] RDX: 0000000020040890 RSI: 0000200000002ac0 RDI: 0000000000000003
[ 1433.115320][T15504] RBP: 00007f42bffc6090 R08: 0000000000000000 R09: 0000000000000000
[ 1433.115329][T15504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1433.115339][T15504] R13: 00007f42bf416038 R14: 00007f42bf415fa0 R15: 00007ffdb361bb68
[ 1433.115367][T15504]  </TASK>
[ 1433.420645][T15514] vxcan0: tx address claim with different name
[ 1433.678603][T15520] FAULT_INJECTION: forcing a failure.
[ 1433.678603][T15520] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1433.693050][T15520] CPU: 0 UID: 0 PID: 15520 Comm: syz.0.13521 Not tainted syzkaller #0 PREEMPT(full) 
[ 1433.693075][T15520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1433.693086][T15520] Call Trace:
[ 1433.693093][T15520]  <TASK>
[ 1433.693100][T15520]  dump_stack_lvl+0xe8/0x150
[ 1433.693125][T15520]  should_fail_ex+0x412/0x560
[ 1433.693156][T15520]  _copy_from_iter+0x1d3/0x1670
[ 1433.693181][T15520]  ? rcu_is_watching+0x15/0xb0
[ 1433.693204][T15520]  ? __pfx__copy_from_iter+0x10/0x10
[ 1433.693229][T15520]  ? netlink_sendmsg+0x650/0xb40
[ 1433.693245][T15520]  ? skb_put+0x11b/0x210
[ 1433.693270][T15520]  netlink_sendmsg+0x6c0/0xb40
[ 1433.693295][T15520]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1433.693314][T15520]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1433.693336][T15520]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1433.693361][T15520]  ____sys_sendmsg+0x972/0x9f0
[ 1433.693378][T15520]  ? __might_fault+0xaf/0x130
[ 1433.693405][T15520]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1433.693430][T15520]  ? import_iovec+0x73/0xa0
[ 1433.693457][T15520]  ___sys_sendmsg+0x2a5/0x360
[ 1433.693472][T15520]  ? __lock_acquire+0x6b5/0x2cf0
[ 1433.693494][T15520]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1433.693546][T15520]  ? __fget_files+0x2a/0x420
[ 1433.693564][T15520]  ? __fget_files+0x3a0/0x420
[ 1433.693593][T15520]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1433.693612][T15520]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1433.693638][T15520]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1433.693664][T15520]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1433.693681][T15520]  do_syscall_64+0x15f/0xf80
[ 1433.693703][T15520]  ? trace_irq_disable+0x3b/0x140
[ 1433.693726][T15520]  ? clear_bhb_loop+0x40/0x90
[ 1433.693746][T15520]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1433.693762][T15520] RIP: 0033:0x7fdce2f9ce59
[ 1433.693779][T15520] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1433.693793][T15520] RSP: 002b:00007fdce3f26028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1433.693839][T15520] RAX: ffffffffffffffda RBX: 00007fdce3215fa0 RCX: 00007fdce2f9ce59
[ 1433.693851][T15520] RDX: 0000000000000800 RSI: 0000200000000080 RDI: 0000000000000003
[ 1433.693861][T15520] RBP: 00007fdce3f26090 R08: 0000000000000000 R09: 0000000000000000
[ 1433.693870][T15520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1433.693879][T15520] R13: 00007fdce3216038 R14: 00007fdce3215fa0 R15: 00007fffcb0c6298
[ 1433.693905][T15520]  </TASK>
[ 1436.996412][T15483] tipc: Disabling bearer <eth:syzkaller0>
[ 1437.022177][ T5855] tipc: Node number set to 2746031774
[ 1437.407713][T15549] : renamed from veth0_to_bond
[ 1437.615678][T15561] netlink: 60 bytes leftover after parsing attributes in process `syz.2.13530'.
[ 1438.266587][T15587] netlink: 24 bytes leftover after parsing attributes in process `syz.0.13535'.
[ 1438.282707][T15586] syzkaller0: entered promiscuous mode
[ 1438.302290][T15586] syzkaller0: entered allmulticast mode
[ 1439.001693][T15618] FAULT_INJECTION: forcing a failure.
[ 1439.001693][T15618] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1439.037940][T15618] CPU: 1 UID: 0 PID: 15618 Comm: syz.1.13542 Not tainted syzkaller #0 PREEMPT(full) 
[ 1439.037964][T15618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1439.037975][T15618] Call Trace:
[ 1439.037982][T15618]  <TASK>
[ 1439.037990][T15618]  dump_stack_lvl+0xe8/0x150
[ 1439.038016][T15618]  should_fail_ex+0x412/0x560
[ 1439.038042][T15618]  _copy_from_user+0x2d/0xb0
[ 1439.038066][T15618]  ___sys_sendmsg+0x1c6/0x360
[ 1439.038083][T15618]  ? __lock_acquire+0x6b5/0x2cf0
[ 1439.038104][T15618]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1439.038119][T15618]  ? __lock_acquire+0x6b5/0x2cf0
[ 1439.038141][T15618]  ? kstrtouint+0x6e/0xe0
[ 1439.038198][T15618]  __sys_sendmmsg+0x27c/0x4e0
[ 1439.038228][T15618]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1439.038242][T15618]  ? __mutex_unlock_slowpath+0x1be/0x6f0
[ 1439.038290][T15618]  ? ksys_write+0x242/0x270
[ 1439.038314][T15618]  ? __pfx_ksys_write+0x10/0x10
[ 1439.038343][T15618]  __x64_sys_sendmmsg+0xa0/0xc0
[ 1439.038360][T15618]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1439.038377][T15618]  do_syscall_64+0x15f/0xf80
[ 1439.038406][T15618]  ? trace_irq_disable+0x3b/0x140
[ 1439.038428][T15618]  ? clear_bhb_loop+0x40/0x90
[ 1439.038449][T15618]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1439.038464][T15618] RIP: 0033:0x7f2a1919ce59
[ 1439.038480][T15618] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1439.038493][T15618] RSP: 002b:00007f2a19fa1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1439.038511][T15618] RAX: ffffffffffffffda RBX: 00007f2a19415fa0 RCX: 00007f2a1919ce59
[ 1439.038522][T15618] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000003
[ 1439.038533][T15618] RBP: 00007f2a19fa1090 R08: 0000000000000000 R09: 0000000000000000
[ 1439.038542][T15618] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1439.038551][T15618] R13: 00007f2a19416038 R14: 00007f2a19415fa0 R15: 00007ffcb4fa7a18
[ 1439.038580][T15618]  </TASK>
[ 1439.364562][T15627] netlink: 8 bytes leftover after parsing attributes in process `syz.1.13546'.
[ 1439.404024][T15627] netlink: 'syz.1.13546': attribute type 29 has an invalid length.
[ 1439.430177][T15627] netlink: 8 bytes leftover after parsing attributes in process `syz.1.13546'.
[ 1439.447059][T15627] netlink: 8 bytes leftover after parsing attributes in process `syz.1.13546'.
[ 1439.460041][T15627] netlink: 'syz.1.13546': attribute type 29 has an invalid length.
[ 1439.468522][T15627] netlink: 8 bytes leftover after parsing attributes in process `syz.1.13546'.
[ 1439.599106][T15638] openvswitch: netlink: IP tunnel dst address not specified
[ 1439.619282][T15638] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1439.811701][T15645] xt_hashlimit: size too large, truncated to 1048576
[ 1440.388833][T15662] netlink: 8 bytes leftover after parsing attributes in process `syz.0.13551'.
[ 1440.673180][T15662] netlink: 'syz.0.13551': attribute type 2 has an invalid length.
[ 1440.746289][T15662] netlink: 'syz.0.13551': attribute type 2 has an invalid length.
[ 1440.785105][T15666] macsec1: entered promiscuous mode
[ 1440.949866][T15681] netlink: 'syz.3.13555': attribute type 13 has an invalid length.
[ 1440.989686][T15681] netlink: 'syz.3.13555': attribute type 17 has an invalid length.
[ 1441.080378][T15684] netlink: 208240 bytes leftover after parsing attributes in process `syz.4.13556'.
[ 1441.167113][T15686] netlink: 4 bytes leftover after parsing attributes in process `syz.3.13555'.
[ 1441.297977][T15679] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1441.305662][T15679] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1441.357896][T15690] netlink: 'syz.4.13557': attribute type 1 has an invalid length.
[ 1441.685749][T15679] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1441.715891][T15679] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1442.290996][T15681] 8021q: adding VLAN 0 to HW filter on device team0
[ 1442.306653][T15681] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1442.332154][T15681] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1442.339332][T15681] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1442.350906][T15681] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1442.358031][T15681] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1442.382724][T15681] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1442.401965][T15681] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1442.429918][T15681] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[ 1442.530448][ T1125] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 2560 - 0
[ 1442.552834][ T1125] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1442.571378][ T1125] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 2560 - 0
[ 1442.591095][ T1125] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1442.601110][T15704] FAULT_INJECTION: forcing a failure.
[ 1442.601110][T15704] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1442.611103][ T1125] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 2560 - 0
[ 1442.632627][T15704] CPU: 0 UID: 0 PID: 15704 Comm: syz.1.13561 Not tainted syzkaller #0 PREEMPT(full) 
[ 1442.632650][T15704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1442.632661][T15704] Call Trace:
[ 1442.632668][T15704]  <TASK>
[ 1442.632675][T15704]  dump_stack_lvl+0xe8/0x150
[ 1442.632701][T15704]  should_fail_ex+0x412/0x560
[ 1442.632728][T15704]  _copy_to_user+0x31/0xb0
[ 1442.632751][T15704]  simple_read_from_buffer+0xe1/0x170
[ 1442.632774][T15704]  proc_fail_nth_read+0x1bb/0x230
[ 1442.632797][T15704]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1442.632819][T15704]  ? rw_verify_area+0x2a6/0x4d0
[ 1442.632840][T15704]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1442.632861][T15704]  vfs_read+0x20c/0xa70
[ 1442.632887][T15704]  ? __pfx___mutex_lock+0x10/0x10
[ 1442.632904][T15704]  ? __pfx_vfs_read+0x10/0x10
[ 1442.632927][T15704]  ? __fget_files+0x2a/0x420
[ 1442.632949][T15704]  ? __fget_files+0x3a0/0x420
[ 1442.632967][T15704]  ? __fget_files+0x2a/0x420
[ 1442.632993][T15704]  ksys_read+0x150/0x270
[ 1442.633017][T15704]  ? __pfx_ksys_read+0x10/0x10
[ 1442.633046][T15704]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1442.633065][T15704]  do_syscall_64+0x15f/0xf80
[ 1442.633086][T15704]  ? trace_irq_disable+0x3b/0x140
[ 1442.633108][T15704]  ? clear_bhb_loop+0x40/0x90
[ 1442.633127][T15704]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1442.633142][T15704] RIP: 0033:0x7f2a1915d68e
[ 1442.633158][T15704] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1442.633172][T15704] RSP: 002b:00007f2a19fa0fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1442.633189][T15704] RAX: ffffffffffffffda RBX: 00007f2a19fa16c0 RCX: 00007f2a1915d68e
[ 1442.633200][T15704] RDX: 000000000000000f RSI: 00007f2a19fa10a0 RDI: 000000000000000b
[ 1442.633210][T15704] RBP: 00007f2a19fa1090 R08: 0000000000000000 R09: 0000000000000000
[ 1442.633220][T15704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1442.633229][T15704] R13: 00007f2a19416038 R14: 00007f2a19415fa0 R15: 00007ffcb4fa7a18
[ 1442.633257][T15704]  </TASK>
[ 1442.843299][ T1125] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1442.884037][ T1125] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 2560 - 0
[ 1442.893091][ T1125] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1442.925898][T15710] netlink: 'syz.4.13564': attribute type 1 has an invalid length.
[ 1443.043383][T15710] 8021q: adding VLAN 0 to HW filter on device bond5
[ 1443.076611][T15714] bond5: (slave veth0_to_bond): Enslaving as an active interface with an up link
[ 1443.106898][T15716] macvlan3: entered promiscuous mode
[ 1443.115303][T15716] macvlan3: entered allmulticast mode
[ 1443.126971][T15716] bond5: entered promiscuous mode
[ 1443.132184][T15716] veth0_to_bond: entered promiscuous mode
[ 1443.139864][T15716] 8021q: adding VLAN 0 to HW filter on device macvlan3
[ 1443.162427][T15716] bond5: left promiscuous mode
[ 1443.176702][T15716] veth0_to_bond: left promiscuous mode
[ 1443.212243][T15719] netlink: 32 bytes leftover after parsing attributes in process `syz.3.13569'.
[ 1443.346993][T15736] netlink: 28 bytes leftover after parsing attributes in process `syz.4.13573'.
[ 1443.639428][T15755] lo: Caught tx_queue_len zero misconfig
[ 1443.646795][T15755] sch_tbf: burst 19872 is lower than device lo mtu (32783) !
[ 1443.727801][T15763] FAULT_INJECTION: forcing a failure.
[ 1443.727801][T15763] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1443.741930][T15763] CPU: 0 UID: 0 PID: 15763 Comm: syz.3.13579 Not tainted syzkaller #0 PREEMPT(full) 
[ 1443.741953][T15763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1443.741964][T15763] Call Trace:
[ 1443.741971][T15763]  <TASK>
[ 1443.741979][T15763]  dump_stack_lvl+0xe8/0x150
[ 1443.742005][T15763]  should_fail_ex+0x412/0x560
[ 1443.742032][T15763]  _copy_from_user+0x2d/0xb0
[ 1443.742056][T15763]  ___sys_sendmsg+0x1c6/0x360
[ 1443.742079][T15763]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1443.742094][T15763]  ? __lock_acquire+0x6b5/0x2cf0
[ 1443.742158][T15763]  __sys_sendmmsg+0x27c/0x4e0
[ 1443.742180][T15763]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1443.742195][T15763]  ? __mutex_unlock_slowpath+0x1be/0x6f0
[ 1443.742245][T15763]  ? ksys_write+0x242/0x270
[ 1443.742268][T15763]  ? __pfx_ksys_write+0x10/0x10
[ 1443.742295][T15763]  __x64_sys_sendmmsg+0xa0/0xc0
[ 1443.742311][T15763]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1443.742326][T15763]  do_syscall_64+0x15f/0xf80
[ 1443.742347][T15763]  ? trace_irq_disable+0x3b/0x140
[ 1443.742369][T15763]  ? clear_bhb_loop+0x40/0x90
[ 1443.742389][T15763]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1443.742405][T15763] RIP: 0033:0x7f48c839ce59
[ 1443.742421][T15763] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1443.742434][T15763] RSP: 002b:00007f48c930d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1443.742467][T15763] RAX: ffffffffffffffda RBX: 00007f48c8616090 RCX: 00007f48c839ce59
[ 1443.742478][T15763] RDX: 04000000000001cd RSI: 0000200000005280 RDI: 0000000000000004
[ 1443.742488][T15763] RBP: 00007f48c930d090 R08: 0000000000000000 R09: 0000000000000000
[ 1443.742498][T15763] R10: 000000001008c811 R11: 0000000000000246 R12: 0000000000000002
[ 1443.742507][T15763] R13: 00007f48c8616128 R14: 00007f48c8616090 R15: 00007ffddedd3908
[ 1443.742533][T15763]  </TASK>
[ 1444.055235][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1444.067760][T15770] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 32, id = 0
[ 1444.181514][T15776] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13586'.
[ 1444.190693][T15776] netlink: 4 bytes leftover after parsing attributes in process `syz.3.13586'.
[ 1444.234733][T15778] FAULT_INJECTION: forcing a failure.
[ 1444.234733][T15778] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1444.258260][T15778] CPU: 0 UID: 0 PID: 15778 Comm: syz.4.13587 Not tainted syzkaller #0 PREEMPT(full) 
[ 1444.258282][T15778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1444.258293][T15778] Call Trace:
[ 1444.258300][T15778]  <TASK>
[ 1444.258308][T15778]  dump_stack_lvl+0xe8/0x150
[ 1444.258333][T15778]  should_fail_ex+0x412/0x560
[ 1444.258359][T15778]  _copy_from_user+0x2d/0xb0
[ 1444.258382][T15778]  ___sys_sendmsg+0x1c6/0x360
[ 1444.258404][T15778]  ? __lock_acquire+0x6b5/0x2cf0
[ 1444.258424][T15778]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1444.258443][T15778]  ? kstrtouint+0x6e/0xe0
[ 1444.258485][T15778]  ? __fget_files+0x2a/0x420
[ 1444.258503][T15778]  ? __fget_files+0x3a0/0x420
[ 1444.258530][T15778]  __sys_sendmmsg+0x27c/0x4e0
[ 1444.258551][T15778]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1444.258564][T15778]  ? __mutex_unlock_slowpath+0x1be/0x6f0
[ 1444.258608][T15778]  ? ksys_write+0x242/0x270
[ 1444.258631][T15778]  ? __pfx_ksys_write+0x10/0x10
[ 1444.258658][T15778]  __x64_sys_sendmmsg+0xa0/0xc0
[ 1444.258674][T15778]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1444.258692][T15778]  do_syscall_64+0x15f/0xf80
[ 1444.258712][T15778]  ? trace_irq_disable+0x3b/0x140
[ 1444.258734][T15778]  ? clear_bhb_loop+0x40/0x90
[ 1444.258754][T15778]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1444.258769][T15778] RIP: 0033:0x7f42bf19ce59
[ 1444.258784][T15778] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1444.258797][T15778] RSP: 002b:00007f42bffc6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1444.258818][T15778] RAX: ffffffffffffffda RBX: 00007f42bf415fa0 RCX: 00007f42bf19ce59
[ 1444.258828][T15778] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000003
[ 1444.258838][T15778] RBP: 00007f42bffc6090 R08: 0000000000000000 R09: 0000000000000000
[ 1444.258848][T15778] R10: 00000000000000e0 R11: 0000000000000246 R12: 0000000000000001
[ 1444.258857][T15778] R13: 00007f42bf416038 R14: 00007f42bf415fa0 R15: 00007ffdb361bb68
[ 1444.258884][T15778]  </TASK>
[ 1444.534920][T15776] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13586'.
[ 1444.543950][T15776] netlink: 4 bytes leftover after parsing attributes in process `syz.3.13586'.
[ 1444.548761][ T7858] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1444.659394][ T7858] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1444.668534][ T7858] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1444.707006][ T7858] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1444.733356][T15792] netlink: 104 bytes leftover after parsing attributes in process `syz.1.13593'.
[ 1445.211568][T15815] netlink: 8 bytes leftover after parsing attributes in process `syz.1.13601'.
[ 1445.660136][T15836] netlink: 32 bytes leftover after parsing attributes in process `syz.1.13604'.
[ 1445.811351][T15841] netlink: 'syz.2.13608': attribute type 1 has an invalid length.
[ 1446.365362][T15861] netlink: 8 bytes leftover after parsing attributes in process `syz.2.13616'.
[ 1446.377519][ T5637] Bluetooth: hci0: link tx timeout
[ 1446.384766][ T5637] Bluetooth: hci0: killing stalled connection 10:aa:aa:aa:aa:aa
[ 1446.615264][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1447.036997][T15877] bond0: Caught tx_queue_len zero misconfig
[ 1447.067502][T15877] netlink: 'syz.4.13621': attribute type 13 has an invalid length.
[ 1447.092978][T15877] bond0: option fail_over_mac: unable to set because the bond device has slaves
[ 1447.463752][ T1717] Bluetooth: hci0: link tx timeout
[ 1447.469572][ T1717] Bluetooth: hci0: killing stalled connection 10:aa:aa:aa:aa:aa
[ 1448.231369][T15906] __nla_validate_parse: 2 callbacks suppressed
[ 1448.231387][T15906] netlink: 8 bytes leftover after parsing attributes in process `syz.2.13629'.
[ 1448.391666][T15911] bond0: option arp_validate: invalid value (55553)
[ 1448.455157][ T1717] Bluetooth: hci0: command 0x0405 tx timeout
[ 1449.032194][T15940] vxcan0: tx drop: invalid da for name 0x0000000000000010
[ 1449.070720][T15940] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13640'.
[ 1449.368769][T15957] FAULT_INJECTION: forcing a failure.
[ 1449.368769][T15957] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1449.444981][T15957] CPU: 1 UID: 0 PID: 15957 Comm: syz.3.13643 Not tainted syzkaller #0 PREEMPT(full) 
[ 1449.445004][T15957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1449.445013][T15957] Call Trace:
[ 1449.445020][T15957]  <TASK>
[ 1449.445028][T15957]  dump_stack_lvl+0xe8/0x150
[ 1449.445053][T15957]  should_fail_ex+0x412/0x560
[ 1449.445079][T15957]  _copy_from_user+0x2d/0xb0
[ 1449.445102][T15957]  __copy_msghdr+0x3c5/0x5b0
[ 1449.445123][T15957]  ___sys_sendmsg+0x213/0x360
[ 1449.445138][T15957]  ? __lock_acquire+0x6b5/0x2cf0
[ 1449.445160][T15957]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1449.445211][T15957]  ? __fget_files+0x2a/0x420
[ 1449.445229][T15957]  ? __fget_files+0x3a0/0x420
[ 1449.445257][T15957]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1449.445276][T15957]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1449.445301][T15957]  ? __pfx_ksys_write+0x10/0x10
[ 1449.445330][T15957]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1449.445356][T15957]  do_syscall_64+0x15f/0xf80
[ 1449.445378][T15957]  ? trace_irq_disable+0x3b/0x140
[ 1449.445401][T15957]  ? clear_bhb_loop+0x40/0x90
[ 1449.445421][T15957]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1449.445436][T15957] RIP: 0033:0x7f48c839ce59
[ 1449.445453][T15957] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1449.445466][T15957] RSP: 002b:00007f48c932e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1449.445484][T15957] RAX: ffffffffffffffda RBX: 00007f48c8615fa0 RCX: 00007f48c839ce59
[ 1449.445495][T15957] RDX: 0000000004000880 RSI: 0000200000002900 RDI: 0000000000000007
[ 1449.445505][T15957] RBP: 00007f48c932e090 R08: 0000000000000000 R09: 0000000000000000
[ 1449.445515][T15957] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1449.445525][T15957] R13: 00007f48c8616038 R14: 00007f48c8615fa0 R15: 00007ffddedd3908
[ 1449.445554][T15957]  </TASK>
[ 1449.792187][T15969] netlink: 40 bytes leftover after parsing attributes in process `syz.4.13646'.
[ 1449.809316][T15971] netlink: 32 bytes leftover after parsing attributes in process `syz.2.13644'.
[ 1450.296942][T15983] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13648'.
[ 1451.016979][ T1717] Bluetooth: hci0: command 0x0405 tx timeout
[ 1451.146172][T15989] Bluetooth: hci3: Opcode 0x0401 failed: -4
[ 1451.355235][T16024] netlink: 36 bytes leftover after parsing attributes in process `syz.3.13660'.
[ 1451.389028][T16024] syzkaller1: entered promiscuous mode
[ 1451.418757][T16024] syzkaller1: entered allmulticast mode
[ 1451.753321][T16057] netlink: 32 bytes leftover after parsing attributes in process `syz.1.13659'.
[ 1452.334599][T16072] FAULT_INJECTION: forcing a failure.
[ 1452.334599][T16072] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1452.353384][T16072] CPU: 1 UID: 0 PID: 16072 Comm: syz.1.13669 Not tainted syzkaller #0 PREEMPT(full) 
[ 1452.353409][T16072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1452.353418][T16072] Call Trace:
[ 1452.353426][T16072]  <TASK>
[ 1452.353434][T16072]  dump_stack_lvl+0xe8/0x150
[ 1452.353461][T16072]  should_fail_ex+0x412/0x560
[ 1452.353488][T16072]  _copy_from_user+0x2d/0xb0
[ 1452.353513][T16072]  kstrtouint_from_user+0xd6/0x180
[ 1452.353536][T16072]  ? __pfx_kstrtouint_from_user+0x10/0x10
[ 1452.353572][T16072]  proc_fail_nth_write+0x8e/0x210
[ 1452.353594][T16072]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1452.353618][T16072]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1452.353640][T16072]  vfs_write+0x29a/0xb90
[ 1452.353670][T16072]  ? __pfx_vfs_write+0x10/0x10
[ 1452.353694][T16072]  ? __fget_files+0x2a/0x420
[ 1452.353719][T16072]  ? __fget_files+0x3a0/0x420
[ 1452.353737][T16072]  ? __fget_files+0x2a/0x420
[ 1452.353766][T16072]  ksys_write+0x150/0x270
[ 1452.353792][T16072]  ? __pfx_ksys_write+0x10/0x10
[ 1452.353822][T16072]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1452.353841][T16072]  do_syscall_64+0x15f/0xf80
[ 1452.353862][T16072]  ? trace_irq_disable+0x3b/0x140
[ 1452.353886][T16072]  ? clear_bhb_loop+0x40/0x90
[ 1452.353907][T16072]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1452.353923][T16072] RIP: 0033:0x7f2a1915d68e
[ 1452.353941][T16072] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1452.353955][T16072] RSP: 002b:00007f2a19fa0fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1452.353974][T16072] RAX: ffffffffffffffda RBX: 00007f2a19fa16c0 RCX: 00007f2a1915d68e
[ 1452.353986][T16072] RDX: 0000000000000001 RSI: 00007f2a19fa10a0 RDI: 0000000000000006
[ 1452.353997][T16072] RBP: 00007f2a19fa1090 R08: 0000000000000000 R09: 0000000000000000
[ 1452.354007][T16072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1452.354018][T16072] R13: 00007f2a19416038 R14: 00007f2a19415fa0 R15: 00007ffcb4fa7a18
[ 1452.354052][T16072]  </TASK>
[ 1452.665139][ T5637] Bluetooth: hci3: command 0x040f tx timeout
[ 1452.928993][T16084] syzkaller0: entered promiscuous mode
[ 1452.953965][T16084] syzkaller0: entered allmulticast mode
[ 1453.225288][T16099] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4.
[ 1453.318604][T16105] FAULT_INJECTION: forcing a failure.
[ 1453.318604][T16105] name failslab, interval 1, probability 0, space 0, times 0
[ 1453.357221][T16105] CPU: 0 UID: 0 PID: 16105 Comm: syz.0.13678 Not tainted syzkaller #0 PREEMPT(full) 
[ 1453.357245][T16105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1453.357256][T16105] Call Trace:
[ 1453.357263][T16105]  <TASK>
[ 1453.357271][T16105]  dump_stack_lvl+0xe8/0x150
[ 1453.357296][T16105]  should_fail_ex+0x412/0x560
[ 1453.357323][T16105]  should_failslab+0xa8/0x100
[ 1453.357348][T16105]  kmem_cache_alloc_node_noprof+0x8f/0x690
[ 1453.357372][T16105]  ? __alloc_skb+0x1d0/0x7d0
[ 1453.357393][T16105]  ? __local_bh_enable_ip+0xd0/0x130
[ 1453.357415][T16105]  __alloc_skb+0x1d0/0x7d0
[ 1453.357435][T16105]  ? look_up_lock_class+0x57/0x110
[ 1453.357462][T16105]  alloc_skb_with_frags+0xc8/0x760
[ 1453.357495][T16105]  ? __lock_acquire+0x6b5/0x2cf0
[ 1453.357520][T16105]  sock_alloc_send_pskb+0x878/0x990
[ 1453.357557][T16105]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[ 1453.357579][T16105]  ? j1939_sk_sendmsg+0x5f7/0x1380
[ 1453.357695][T16105]  ? __local_bh_enable_ip+0xd0/0x130
[ 1453.357716][T16105]  j1939_sk_sendmsg+0x6da/0x1380
[ 1453.357736][T16105]  ? aa_sk_perm+0x6d5/0x900
[ 1453.357772][T16105]  ? __pfx_j1939_sk_sendmsg+0x10/0x10
[ 1453.357791][T16105]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1453.357814][T16105]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1453.357839][T16105]  ____sys_sendmsg+0x972/0x9f0
[ 1453.357864][T16105]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1453.357891][T16105]  ? import_iovec+0x73/0xa0
[ 1453.357917][T16105]  ___sys_sendmsg+0x2a5/0x360
[ 1453.357933][T16105]  ? __lock_acquire+0x6b5/0x2cf0
[ 1453.357954][T16105]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1453.358002][T16105]  ? __fget_files+0x2a/0x420
[ 1453.358020][T16105]  ? __fget_files+0x3a0/0x420
[ 1453.358045][T16105]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1453.358063][T16105]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1453.358088][T16105]  ? __pfx_ksys_write+0x10/0x10
[ 1453.358118][T16105]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1453.358136][T16105]  do_syscall_64+0x15f/0xf80
[ 1453.358157][T16105]  ? trace_irq_disable+0x3b/0x140
[ 1453.358179][T16105]  ? clear_bhb_loop+0x40/0x90
[ 1453.358198][T16105]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1453.358212][T16105] RIP: 0033:0x7fdce2f9ce59
[ 1453.358229][T16105] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1453.358242][T16105] RSP: 002b:00007fdce3f26028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1453.358258][T16105] RAX: ffffffffffffffda RBX: 00007fdce3215fa0 RCX: 00007fdce2f9ce59
[ 1453.358267][T16105] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003
[ 1453.358276][T16105] RBP: 00007fdce3f26090 R08: 0000000000000000 R09: 0000000000000000
[ 1453.358285][T16105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1453.358294][T16105] R13: 00007fdce3216038 R14: 00007fdce3215fa0 R15: 00007fffcb0c6298
[ 1453.358323][T16105]  </TASK>
[ 1454.041189][T16127] netlink: 8 bytes leftover after parsing attributes in process `syz.0.13682'.
[ 1454.331773][T16145] syzkaller0: entered promiscuous mode
[ 1454.332672][T16148] netlink: 32 bytes leftover after parsing attributes in process `syz.2.13679'.
[ 1454.355311][T16145] syzkaller0: entered allmulticast mode
[ 1454.750317][T16156] syzkaller0: entered promiscuous mode
[ 1454.780470][T16156] syzkaller0: entered allmulticast mode
[ 1454.783774][T16162] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4.
[ 1455.081259][T16172] netlink: 20 bytes leftover after parsing attributes in process `syz.2.13693'.
[ 1455.190735][T16179] xt_hashlimit: size too large, truncated to 1048576
[ 1455.281912][T16177] netlink: 12 bytes leftover after parsing attributes in process `syz.3.13686'.
[ 1455.295653][T16177] netlink: 'syz.3.13686': attribute type 10 has an invalid length.
[ 1455.312122][T16177] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 1455.327681][T16177] team0: Port device netdevsim1 added
[ 1455.341464][T16176] netlink: 20 bytes leftover after parsing attributes in process `syz.2.13693'.
[ 1455.386370][T16176] nbd: device at index 64 is going down
[ 1455.679618][T16198] FAULT_INJECTION: forcing a failure.
[ 1455.679618][T16198] name failslab, interval 1, probability 0, space 0, times 0
[ 1455.725933][T16198] CPU: 0 UID: 0 PID: 16198 Comm: syz.1.13698 Not tainted syzkaller #0 PREEMPT(full) 
[ 1455.725958][T16198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1455.725968][T16198] Call Trace:
[ 1455.725976][T16198]  <TASK>
[ 1455.725984][T16198]  dump_stack_lvl+0xe8/0x150
[ 1455.726013][T16198]  should_fail_ex+0x412/0x560
[ 1455.726042][T16198]  should_failslab+0xa8/0x100
[ 1455.726066][T16198]  ? skb_clone+0x212/0x3a0
[ 1455.726085][T16198]  kmem_cache_alloc_noprof+0x87/0x650
[ 1455.726105][T16198]  ? apparmor_capable+0x126/0x170
[ 1455.726129][T16198]  skb_clone+0x212/0x3a0
[ 1455.726144][T16198]  ? nfnetlink_rcv+0x4b0/0x27b0
[ 1455.726172][T16198]  nfnetlink_rcv+0x4de/0x27b0
[ 1455.726198][T16198]  ? kernel_text_address+0xa5/0xe0
[ 1455.726222][T16198]  ? __kernel_text_address+0xd/0x30
[ 1455.726246][T16198]  ? arch_stack_walk+0xfb/0x150
[ 1455.726278][T16198]  ? stack_trace_save+0xa9/0x100
[ 1455.726306][T16198]  ? __lock_acquire+0x6b5/0x2cf0
[ 1455.726330][T16198]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 1455.726373][T16198]  ? __lock_acquire+0x6b5/0x2cf0
[ 1455.726402][T16198]  ? __netlink_lookup+0xc6/0x8b0
[ 1455.726430][T16198]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1455.726447][T16198]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1455.726470][T16198]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1455.726485][T16198]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1455.726507][T16198]  netlink_unicast+0x75c/0x8e0
[ 1455.726541][T16198]  netlink_sendmsg+0x813/0xb40
[ 1455.726567][T16198]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1455.726587][T16198]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1455.726609][T16198]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1455.726635][T16198]  ____sys_sendmsg+0x972/0x9f0
[ 1455.726652][T16198]  ? __might_fault+0xaf/0x130
[ 1455.726678][T16198]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1455.726702][T16198]  ? import_iovec+0x73/0xa0
[ 1455.726728][T16198]  ___sys_sendmsg+0x2a5/0x360
[ 1455.726742][T16198]  ? __lock_acquire+0x6b5/0x2cf0
[ 1455.726762][T16198]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1455.726808][T16198]  ? __fget_files+0x2a/0x420
[ 1455.726827][T16198]  ? __fget_files+0x3a0/0x420
[ 1455.726853][T16198]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1455.726871][T16198]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1455.726896][T16198]  ? __pfx_ksys_write+0x10/0x10
[ 1455.726924][T16198]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1455.726940][T16198]  do_syscall_64+0x15f/0xf80
[ 1455.726966][T16198]  ? trace_irq_disable+0x3b/0x140
[ 1455.726988][T16198]  ? clear_bhb_loop+0x40/0x90
[ 1455.727007][T16198]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1455.727023][T16198] RIP: 0033:0x7f2a1919ce59
[ 1455.727040][T16198] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1455.727054][T16198] RSP: 002b:00007f2a19fa1028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1455.727071][T16198] RAX: ffffffffffffffda RBX: 00007f2a19415fa0 RCX: 00007f2a1919ce59
[ 1455.727082][T16198] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[ 1455.727092][T16198] RBP: 00007f2a19fa1090 R08: 0000000000000000 R09: 0000000000000000
[ 1455.727103][T16198] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1455.727112][T16198] R13: 00007f2a19416038 R14: 00007f2a19415fa0 R15: 00007ffcb4fa7a18
[ 1455.727141][T16198]  </TASK>
[ 1455.733625][T16190] udevd[16190]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[ 1456.334523][T16216] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4.
[ 1456.519201][T16190] udevd[16190]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[ 1456.567887][T16230] netlink: 8 bytes leftover after parsing attributes in process `syz.1.13706'.
[ 1456.608908][T16217] netlink: 32 bytes leftover after parsing attributes in process `syz.2.13702'.
[ 1457.213020][T16232] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1457.220549][T16232] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1457.624404][T16257] xt_socket: unknown flags 0x50
[ 1457.684673][T16232] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1457.717848][T16232] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1457.898714][ T7858] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1457.938631][ T7858] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1458.037073][T16260] netlink: 'syz.3.13711': attribute type 1 has an invalid length.
[ 1458.056459][ T7858] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1458.078656][T16267] FAULT_INJECTION: forcing a failure.
[ 1458.078656][T16267] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1458.101530][ T7858] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1458.127092][T16267] CPU: 1 UID: 0 PID: 16267 Comm: syz.0.13712 Not tainted syzkaller #0 PREEMPT(full) 
[ 1458.127116][T16267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1458.127125][T16267] Call Trace:
[ 1458.127132][T16267]  <TASK>
[ 1458.127140][T16267]  dump_stack_lvl+0xe8/0x150
[ 1458.127165][T16267]  should_fail_ex+0x412/0x560
[ 1458.127192][T16267]  _copy_from_user+0x2d/0xb0
[ 1458.127215][T16267]  ___sys_sendmsg+0x1c6/0x360
[ 1458.127231][T16267]  ? __lock_acquire+0x6b5/0x2cf0
[ 1458.127253][T16267]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1458.127303][T16267]  ? __fget_files+0x2a/0x420
[ 1458.127321][T16267]  ? __fget_files+0x3a0/0x420
[ 1458.127349][T16267]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1458.127368][T16267]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1458.127393][T16267]  ? __pfx_ksys_write+0x10/0x10
[ 1458.127424][T16267]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1458.127441][T16267]  do_syscall_64+0x15f/0xf80
[ 1458.127463][T16267]  ? trace_irq_disable+0x3b/0x140
[ 1458.127486][T16267]  ? clear_bhb_loop+0x40/0x90
[ 1458.127505][T16267]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1458.127520][T16267] RIP: 0033:0x7fdce2f9ce59
[ 1458.127537][T16267] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1458.127551][T16267] RSP: 002b:00007fdce3f26028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1458.127568][T16267] RAX: ffffffffffffffda RBX: 00007fdce3215fa0 RCX: 00007fdce2f9ce59
[ 1458.127580][T16267] RDX: 0000000000000004 RSI: 0000200000000180 RDI: 0000000000000003
[ 1458.127590][T16267] RBP: 00007fdce3f26090 R08: 0000000000000000 R09: 0000000000000000
[ 1458.127601][T16267] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1458.127610][T16267] R13: 00007fdce3216038 R14: 00007fdce3215fa0 R15: 00007fffcb0c6298
[ 1458.127638][T16267]  </TASK>
[ 1458.132325][T16260] workqueue: Failed to create a rescuer kthread for wq "bond3": -EINTR
[ 1458.689497][T16297] netlink: 12 bytes leftover after parsing attributes in process `syz.3.13721'.
[ 1458.931589][T16311] xt_socket: unknown flags 0x50
[ 1458.998071][T16319] mac80211_hwsim hwsim111 wlan0: entered promiscuous mode
[ 1459.022265][T16319] mac80211_hwsim hwsim111 wlan0: entered allmulticast mode
[ 1461.507302][T16290] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[ 1461.934757][T16385] xt_socket: unknown flags 0x50
[ 1462.025530][T16393] netlink: 4 bytes leftover after parsing attributes in process `syz.2.13745'.
[ 1462.172403][T16390] netlink: 32 bytes leftover after parsing attributes in process `syz.4.13742'.
[ 1462.225279][T16403] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[ 1462.248765][T16398] batadv_slave_0: entered promiscuous mode
[ 1462.258655][T16396] batadv_slave_0: left promiscuous mode
[ 1462.912084][T16413] FAULT_INJECTION: forcing a failure.
[ 1462.912084][T16413] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1462.926739][T16413] CPU: 1 UID: 0 PID: 16413 Comm: syz.4.13750 Not tainted syzkaller #0 PREEMPT(full) 
[ 1462.926762][T16413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1462.926772][T16413] Call Trace:
[ 1462.926779][T16413]  <TASK>
[ 1462.926785][T16413]  dump_stack_lvl+0xe8/0x150
[ 1462.926888][T16413]  should_fail_ex+0x412/0x560
[ 1462.926918][T16413]  _copy_from_user+0x2d/0xb0
[ 1462.926940][T16413]  __copy_msghdr+0x3c5/0x5b0
[ 1462.926973][T16413]  ___sys_sendmsg+0x213/0x360
[ 1462.926986][T16413]  ? __lock_acquire+0x6b5/0x2cf0
[ 1462.927007][T16413]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1462.927052][T16413]  ? __fget_files+0x2a/0x420
[ 1462.927069][T16413]  ? __fget_files+0x3a0/0x420
[ 1462.927093][T16413]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1462.927110][T16413]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1462.927134][T16413]  ? __pfx_ksys_write+0x10/0x10
[ 1462.927164][T16413]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1462.927183][T16413]  do_syscall_64+0x15f/0xf80
[ 1462.927205][T16413]  ? trace_irq_disable+0x3b/0x140
[ 1462.927227][T16413]  ? clear_bhb_loop+0x40/0x90
[ 1462.927245][T16413]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1462.927259][T16413] RIP: 0033:0x7f42bf19ce59
[ 1462.927276][T16413] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1462.927289][T16413] RSP: 002b:00007f42bffc6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1462.927306][T16413] RAX: ffffffffffffffda RBX: 00007f42bf415fa0 RCX: 00007f42bf19ce59
[ 1462.927317][T16413] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[ 1462.927326][T16413] RBP: 00007f42bffc6090 R08: 0000000000000000 R09: 0000000000000000
[ 1462.927335][T16413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1462.927345][T16413] R13: 00007f42bf416038 R14: 00007f42bf415fa0 R15: 00007ffdb361bb68
[ 1462.927370][T16413]  </TASK>
[ 1464.466350][T16428] xt_socket: unknown flags 0x50
[ 1465.891643][T16432] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4.
[ 1465.993333][T16438] x_tables: duplicate underflow at hook 1
[ 1466.174753][T16445] netlink: 32 bytes leftover after parsing attributes in process `syz.4.13759'.
[ 1466.300361][T16460] netlink: 132 bytes leftover after parsing attributes in process `syz.1.13766'.
[ 1466.374745][T16461] netlink: 60 bytes leftover after parsing attributes in process `syz.1.13766'.
[ 1466.387066][T16461] unsupported nlmsg_type 40
[ 1466.399409][T16461] netlink: 'syz.1.13766': attribute type 1 has an invalid length.
[ 1466.408133][T16461] netlink: 96 bytes leftover after parsing attributes in process `syz.1.13766'.
[ 1466.418631][T16461] netlink: 658 bytes leftover after parsing attributes in process `syz.1.13766'.
[ 1466.429094][T16461] netlink: 1 bytes leftover after parsing attributes in process `syz.1.13766'.
[ 1467.058806][T16467] xt_socket: unknown flags 0x50
[ 1467.222677][T16474] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4.
[ 1467.427452][T16489] xt_hashlimit: size too large, truncated to 1048576
[ 1467.475700][T16490] netlink: 60 bytes leftover after parsing attributes in process `syz.4.13779'.
[ 1467.657523][T16500] xt_socket: unknown flags 0x50
[ 1468.230816][T16528] netlink: 48 bytes leftover after parsing attributes in process `syz.2.13791'.
[ 1468.367625][T16536] IPVS: set_ctl: invalid protocol: 136 172.30.0.5:20005
[ 1468.406614][T16536] xt_recent: hitcount (33554435) is larger than allowed maximum (65535)
[ 1468.708355][T16552] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[ 1468.761432][T16559] netlink: 48 bytes leftover after parsing attributes in process `syz.0.13804'.
[ 1468.945983][T16567] netlink: 'syz.0.13806': attribute type 11 has an invalid length.
[ 1469.028212][T16568] sctp: [Deprecated]: syz.3.13807 (pid 16568) Use of int in max_burst socket option.
[ 1469.028212][T16568] Use struct sctp_assoc_value instead
[ 1469.632408][T16592] netlink: 48 bytes leftover after parsing attributes in process `syz.4.13816'.
[ 1469.723153][T16595] netlink: 48 bytes leftover after parsing attributes in process `syz.4.13817'.
[ 1469.859821][T16599] netlink: 4 bytes leftover after parsing attributes in process `syz.0.13815'.
[ 1470.522969][T16618] netlink: 12 bytes leftover after parsing attributes in process `syz.4.13825'.
[ 1470.559673][T16624] netlink: 'syz.2.13827': attribute type 1 has an invalid length.
[ 1470.741282][T16628] syzkaller0: entered promiscuous mode
[ 1470.754608][T16628] syzkaller0: entered allmulticast mode
[ 1470.820370][T16642] netlink: 48 bytes leftover after parsing attributes in process `syz.1.13835'.
[ 1471.449792][T16658] sctp: [Deprecated]: syz.3.13840 (pid 16658) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1471.449792][T16658] Use struct sctp_sack_info instead
[ 1471.508118][T16662] netlink: 4 bytes leftover after parsing attributes in process `syz.2.13841'.
[ 1471.551003][ T1115] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1471.563434][T16662] netlink: 4 bytes leftover after parsing attributes in process `syz.2.13841'.
[ 1471.582135][ T1115] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1471.611540][ T1115] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1471.651310][ T1115] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1472.207693][T16675] 8021q: adding VLAN 0 to HW filter on device team0
[ 1472.449790][T16675] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1472.519290][T16675] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1472.531186][T16675] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1472.549638][T16675] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1472.560828][T16675] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1472.578236][T16675] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[ 1472.598762][T16697] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[ 1472.650860][T24533] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1472.658155][T24533] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1472.702470][T24533] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1472.709764][T24533] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1473.113932][T16716] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13857'.
[ 1473.872065][   T30] audit: type=1804 audit(1779144274.722:19): pid=16740 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.13864" name="/newroot/478/memory.events" dev="tmpfs" ino=2455 res=1 errno=0
[ 1473.895568][   T30] audit: type=1800 audit(1779144274.722:20): pid=16740 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.13864" name="memory.events" dev="tmpfs" ino=2455 res=0 errno=0
[ 1474.031063][T16745] netlink: 'syz.1.13866': attribute type 16 has an invalid length.
[ 1474.039333][T16745] netlink: 'syz.1.13866': attribute type 3 has an invalid length.
[ 1474.047621][T16745] netlink: 64066 bytes leftover after parsing attributes in process `syz.1.13866'.
[ 1476.139469][T16721] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[ 1476.335665][T16757] netlink: 48 bytes leftover after parsing attributes in process `syz.3.13869'.
[ 1476.350263][T16758] netlink: 'syz.1.13870': attribute type 1 has an invalid length.
[ 1476.406374][T16758] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1476.472390][T16758] netlink: 8 bytes leftover after parsing attributes in process `syz.1.13870'.
[ 1476.472412][T16767] bond2: (slave veth9): Enslaving as an active interface with an up link
[ 1476.632735][T16776] netlink: 'syz.1.13870': attribute type 1 has an invalid length.
[ 1478.056614][T16813] netlink: 8 bytes leftover after parsing attributes in process `syz.2.13883'.
[ 1478.547897][T16829] netlink: 12 bytes leftover after parsing attributes in process `syz.3.13888'.
[ 1478.934513][T16837] bridge_slave_0: left allmulticast mode
[ 1478.963501][T16837] bridge_slave_0: left promiscuous mode
[ 1478.978044][T16837] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1479.042367][T16837] bridge_slave_1: left allmulticast mode
[ 1479.057983][T16837] bridge_slave_1: left promiscuous mode
[ 1479.071925][T16837] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1479.112606][T16837] team0: Port device team_slave_0 removed
[ 1479.162290][T16837] team0: Port device team_slave_1 removed
[ 1479.198165][T16837] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1479.212348][T16837] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1479.224772][T16837] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1479.248437][T16837] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1479.284536][T16837] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1479.320888][T16841] geneve3: entered promiscuous mode
[ 1479.449919][T24533] bridge_slave_1: left allmulticast mode
[ 1479.463348][T24533] bridge_slave_1: left promiscuous mode
[ 1479.469375][T24533] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1479.486431][T24533] bridge_slave_0: left allmulticast mode
[ 1479.492200][T24533] bridge_slave_0: left promiscuous mode
[ 1479.500413][T24533] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1479.739046][T24533] bridge0 (unregistering): left allmulticast mode
[ 1479.841280][T24533] bond1 (unregistering): Released all slaves
[ 1479.856040][T24533] bond2 (unregistering): Released all slaves
[ 1479.870442][T24533] bond3 (unregistering): Released all slaves
[ 1479.900606][T24533] bond0 (unregistering): Released all slaves
[ 1479.923190][T24533] bond4 (unregistering): (slave veth0_to_bond): Releasing backup interface
[ 1479.940226][T24533] bond4 (unregistering): Released all slaves
[ 1479.954672][T24533] bond5 (unregistering): (slave dummy0): Releasing active interface
[ 1479.965470][T24533] bond5 (unregistering): Released all slaves
[ 1479.981662][T24533] bond6 (unregistering): Released all slaves
[ 1479.998590][T24533] bond7 (unregistering): (slave lo): Releasing backup interface
[ 1480.007469][T24533] bond7 (unregistering): (slave lo): last VLAN challenged slave left bond - VLAN blocking is removed
[ 1480.022038][T24533] bond7 (unregistering): Released all slaves
[ 1480.340019][T16844] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1480.350895][T16844] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1480.381608][T24533] : left promiscuous mode
[ 1480.569734][T16844] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1480.614289][T16844] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1481.019415][T24533] tipc: Disabling bearer <udp:s>
[ 1481.036945][T24533] tipc: Left network mode
[ 1481.184921][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1481.575580][T16844] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1481.587249][T16844] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1481.768553][T16894] netlink: 32 bytes leftover after parsing attributes in process `syz.3.13909'.
[ 1481.793160][T16894] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[ 1481.814633][T16844] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1481.827832][T16844] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1482.246647][ T1115] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1482.284636][ T1115] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1482.398380][ T1115] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1482.418162][ T1115] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1482.538635][T16915] netlink: 24 bytes leftover after parsing attributes in process `syz.2.13916'.
[ 1482.624020][ T1115] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1482.645363][ T1115] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1482.827711][T16920] netlink: 207952 bytes leftover after parsing attributes in process `syz.2.13917'.
[ 1483.002502][T16921] IPVS: set_ctl: invalid protocol: 50 224.0.0.2:0
[ 1483.139329][ T1115] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1483.147850][ T1115] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1483.231483][T24533] hsr_slave_0: left promiscuous mode
[ 1483.297940][T24533] hsr_slave_1: left promiscuous mode
[ 1483.374627][T24533] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1483.410900][T24533] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1483.441437][T24533] pim6reg (unregistering): left allmulticast mode
[ 1484.058577][T24533] team0 (unregistering): Port device team_slave_1 removed
[ 1484.084614][T24533] team0 (unregistering): Port device team_slave_0 removed
[ 1484.223363][T16924] geneve4: entered promiscuous mode
[ 1484.321621][   T57] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1484.352422][   T57] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1484.395648][   T57] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1484.436806][   T57] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1484.630165][T16968] netlink: 88 bytes leftover after parsing attributes in process `syz.3.13924'.
[ 1484.691461][T16972] netlink: 260 bytes leftover after parsing attributes in process `syz.3.13924'.
[ 1484.734484][T16963] netlink: 32 bytes leftover after parsing attributes in process `syz.3.13924'.
[ 1484.928573][T24533] IPVS: stop unused estimator thread 0...
[ 1485.062334][T16984] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4.
[ 1485.073869][T16982] FAULT_INJECTION: forcing a failure.
[ 1485.073869][T16982] name failslab, interval 1, probability 0, space 0, times 0
[ 1485.086590][T16982] CPU: 1 UID: 0 PID: 16982 Comm: syz.0.13931 Not tainted syzkaller #0 PREEMPT(full) 
[ 1485.086612][T16982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1485.086622][T16982] Call Trace:
[ 1485.086630][T16982]  <TASK>
[ 1485.086637][T16982]  dump_stack_lvl+0xe8/0x150
[ 1485.086663][T16982]  should_fail_ex+0x412/0x560
[ 1485.086695][T16982]  should_failslab+0xa8/0x100
[ 1485.086720][T16982]  ? skb_clone+0x212/0x3a0
[ 1485.086756][T16982]  kmem_cache_alloc_noprof+0x87/0x650
[ 1485.086779][T16982]  ? __bpf_redirect+0xcb4/0x12a0
[ 1485.086806][T16982]  skb_clone+0x212/0x3a0
[ 1485.086825][T16982]  bpf_clone_redirect+0x16a/0x4b0
[ 1485.086845][T16982]  ? preempt_schedule_common+0x82/0xd0
[ 1485.086866][T16982]  ? bpf_test_run+0x1d1/0x830
[ 1485.086889][T16982]  ? bpf_test_run+0x1d1/0x830
[ 1485.086905][T16982]  bpf_prog_c03e980fa1fae53b+0x22/0x2a
[ 1485.086922][T16982]  bpf_test_run+0x354/0x830
[ 1485.086959][T16982]  ? __pfx_bpf_test_run+0x10/0x10
[ 1485.086984][T16982]  ? csum_partial+0x239/0x2c0
[ 1485.087005][T16982]  ? skb_checksum+0x7c0/0x8c0
[ 1485.087028][T16982]  ? skb_dst_set+0x72/0x140
[ 1485.087047][T16982]  bpf_prog_test_run_skb+0xe2c/0x2260
[ 1485.087084][T16982]  ? __fget_files+0x3a0/0x420
[ 1485.087103][T16982]  ? __fget_files+0x2a/0x420
[ 1485.087125][T16982]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 1485.087143][T16982]  bpf_prog_test_run+0x2c7/0x340
[ 1485.087164][T16982]  __sys_bpf+0x643/0x950
[ 1485.087188][T16982]  ? __pfx___sys_bpf+0x10/0x10
[ 1485.087228][T16982]  ? ksys_write+0x242/0x270
[ 1485.087252][T16982]  ? __pfx_ksys_write+0x10/0x10
[ 1485.087279][T16982]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1485.087297][T16982]  __x64_sys_bpf+0x7c/0x90
[ 1485.087319][T16982]  do_syscall_64+0x15f/0xf80
[ 1485.087341][T16982]  ? trace_irq_disable+0x3b/0x140
[ 1485.087364][T16982]  ? clear_bhb_loop+0x40/0x90
[ 1485.087384][T16982]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1485.087400][T16982] RIP: 0033:0x7fdce2f9ce59
[ 1485.087416][T16982] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1485.087430][T16982] RSP: 002b:00007fdce3f26028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1485.087448][T16982] RAX: ffffffffffffffda RBX: 00007fdce3215fa0 RCX: 00007fdce2f9ce59
[ 1485.087460][T16982] RDX: 0000000000000050 RSI: 00002000000005c0 RDI: 000000000000000a
[ 1485.087469][T16982] RBP: 00007fdce3f26090 R08: 0000000000000000 R09: 0000000000000000
[ 1485.087479][T16982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1485.087489][T16982] R13: 00007fdce3216038 R14: 00007fdce3215fa0 R15: 00007fffcb0c6298
[ 1485.087518][T16982]  </TASK>
[ 1485.134612][T16986] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1485.420208][T24533] team0: left allmulticast mode
[ 1485.430897][T24533] bridge0: port 1(team0) entered disabled state
[ 1485.530436][T17000] netlink: 4 bytes leftover after parsing attributes in process `syz.3.13934'.
[ 1485.626811][T17005] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[ 1485.898699][T17020] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4.
[ 1485.951217][T17024] xt_socket: unknown flags 0x50
[ 1486.247212][T24533] bond5 (unregistering): (slave geneve2): Releasing active interface
[ 1486.383763][T24533] team0: Port device bridge1 removed
[ 1486.657037][T24533] bond0 (unregistering): Released all slaves
[ 1486.683110][T24533] bond1 (unregistering): Released all slaves
[ 1486.719117][T24533] bond2 (unregistering): Released all slaves
[ 1486.744623][T24533] bond3 (unregistering): Released all slaves
[ 1486.787381][T24533] bond4 (unregistering): (slave dummy0): Releasing active interface
[ 1486.829536][T24533] bond4 (unregistering): Released all slaves
[ 1486.853549][T24533] bond5 (unregistering): Released all slaves
[ 1487.012520][T17022] veth0: entered promiscuous mode
[ 1487.042078][T17029] veth0: left promiscuous mode
[ 1487.165728][T24533] : left promiscuous mode
[ 1487.219456][T17042] netlink: 'syz.4.13948': attribute type 4 has an invalid length.
[ 1487.276196][T17044] netlink: 'syz.4.13948': attribute type 4 has an invalid length.
[ 1487.376814][T24533] tipc: Left network mode
[ 1487.378666][T17042] netlink: 24 bytes leftover after parsing attributes in process `syz.4.13948'.
[ 1487.429910][T24533] IPVS: stopping backup sync thread 3795 ...
[ 1487.798680][T17060] syzkaller0: entered promiscuous mode
[ 1487.804373][T17060] syzkaller0: entered allmulticast mode
[ 1488.164437][T17064] FAULT_INJECTION: forcing a failure.
[ 1488.164437][T17064] name failslab, interval 1, probability 0, space 0, times 0
[ 1488.166567][T17065] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4.
[ 1488.214034][T17064] CPU: 1 UID: 0 PID: 17064 Comm: syz.1.13956 Not tainted syzkaller #0 PREEMPT(full) 
[ 1488.214060][T17064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1488.214071][T17064] Call Trace:
[ 1488.214079][T17064]  <TASK>
[ 1488.214086][T17064]  dump_stack_lvl+0xe8/0x150
[ 1488.214113][T17064]  should_fail_ex+0x412/0x560
[ 1488.214140][T17064]  should_failslab+0xa8/0x100
[ 1488.214166][T17064]  kmem_cache_alloc_node_noprof+0x8f/0x690
[ 1488.214189][T17064]  ? __alloc_skb+0x186/0x7d0
[ 1488.214211][T17064]  ? __alloc_skb+0x1d0/0x7d0
[ 1488.214230][T17064]  ? __local_bh_enable_ip+0xd0/0x130
[ 1488.214252][T17064]  __alloc_skb+0x1d0/0x7d0
[ 1488.214279][T17064]  netlink_sendmsg+0x5d4/0xb40
[ 1488.214306][T17064]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1488.214325][T17064]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1488.214347][T17064]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1488.214373][T17064]  ____sys_sendmsg+0x972/0x9f0
[ 1488.214389][T17064]  ? __might_fault+0xaf/0x130
[ 1488.214415][T17064]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1488.214441][T17064]  ? import_iovec+0x73/0xa0
[ 1488.214467][T17064]  ___sys_sendmsg+0x2a5/0x360
[ 1488.214482][T17064]  ? __lock_acquire+0x6b5/0x2cf0
[ 1488.214504][T17064]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1488.214555][T17064]  ? __fget_files+0x2a/0x420
[ 1488.214573][T17064]  ? __fget_files+0x3a0/0x420
[ 1488.214602][T17064]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1488.214621][T17064]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1488.214646][T17064]  ? __pfx_ksys_write+0x10/0x10
[ 1488.214676][T17064]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1488.214693][T17064]  do_syscall_64+0x15f/0xf80
[ 1488.214715][T17064]  ? trace_irq_disable+0x3b/0x140
[ 1488.214746][T17064]  ? clear_bhb_loop+0x40/0x90
[ 1488.214766][T17064]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1488.214781][T17064] RIP: 0033:0x7f2a1919ce59
[ 1488.214797][T17064] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1488.214809][T17064] RSP: 002b:00007f2a19fa1028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1488.214825][T17064] RAX: ffffffffffffffda RBX: 00007f2a19415fa0 RCX: 00007f2a1919ce59
[ 1488.214836][T17064] RDX: 0000000000000000 RSI: 0000200000000400 RDI: 0000000000000003
[ 1488.214846][T17064] RBP: 00007f2a19fa1090 R08: 0000000000000000 R09: 0000000000000000
[ 1488.214856][T17064] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1488.214865][T17064] R13: 00007f2a19416038 R14: 00007f2a19415fa0 R15: 00007ffcb4fa7a18
[ 1488.214894][T17064]  </TASK>
[ 1488.745391][T24533] hsr_slave_0: left promiscuous mode
[ 1488.811261][T24533] hsr_slave_1: left promiscuous mode
[ 1488.877878][T24533] veth1_macvtap: left promiscuous mode
[ 1488.883586][T24533] veth0_macvtap: left promiscuous mode
[ 1488.889591][T24533] veth1_vlan: left promiscuous mode
[ 1488.896072][T24533] veth0_vlan: left promiscuous mode
[ 1489.404672][ T6014] smc: removing ib device syz0
[ 1489.542638][T17004] Set syz1 is full, maxelem 65536 reached
[ 1489.817437][ T6014] smbdirect: ib_dev[syz0] removed
[ 1489.898678][T17083] syzkaller0: entered promiscuous mode
[ 1489.928480][T17083] syzkaller0: entered allmulticast mode
[ 1489.953342][T17104] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13964'.
[ 1490.007385][T17088] geneve2: entered promiscuous mode
[ 1490.175290][T17112] netlink: 16 bytes leftover after parsing attributes in process `syz.4.13966'.
[ 1490.490493][   T30] audit: type=1800 audit(1779144291.332:21): pid=17102 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.13965" name="memory.events" dev="tmpfs" ino=2367 res=0 errno=0
[ 1495.181499][ T7858] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1495.189890][ T7858] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1495.254140][T17128] xt_socket: unknown flags 0x50
[ 1495.288630][T17096] syzkaller0: entered promiscuous mode
[ 1495.303970][T17096] syzkaller0: entered allmulticast mode
[ 1495.414433][T17135] FAULT_INJECTION: forcing a failure.
[ 1495.414433][T17135] name failslab, interval 1, probability 0, space 0, times 0
[ 1495.446150][T17135] CPU: 1 UID: 0 PID: 17135 Comm: syz.0.13975 Not tainted syzkaller #0 PREEMPT(full) 
[ 1495.446174][T17135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1495.446185][T17135] Call Trace:
[ 1495.446192][T17135]  <TASK>
[ 1495.446200][T17135]  dump_stack_lvl+0xe8/0x150
[ 1495.446225][T17135]  should_fail_ex+0x412/0x560
[ 1495.446249][T17135]  should_failslab+0xa8/0x100
[ 1495.446268][T17135]  ? skb_ext_add+0x148/0x8f0
[ 1495.446291][T17135]  kmem_cache_alloc_noprof+0x87/0x650
[ 1495.446322][T17135]  skb_ext_add+0x148/0x8f0
[ 1495.446346][T17135]  ? __local_bh_enable_ip+0xd0/0x130
[ 1495.446367][T17135]  j1939_sk_sendmsg+0x6f3/0x1380
[ 1495.446389][T17135]  ? aa_sk_perm+0x6d5/0x900
[ 1495.446419][T17135]  ? __pfx_j1939_sk_sendmsg+0x10/0x10
[ 1495.446436][T17135]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1495.446457][T17135]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1495.446481][T17135]  ____sys_sendmsg+0x972/0x9f0
[ 1495.446505][T17135]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1495.446529][T17135]  ? import_iovec+0x73/0xa0
[ 1495.446556][T17135]  ___sys_sendmsg+0x2a5/0x360
[ 1495.446571][T17135]  ? __lock_acquire+0x6b5/0x2cf0
[ 1495.446592][T17135]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1495.446639][T17135]  ? __fget_files+0x2a/0x420
[ 1495.446656][T17135]  ? __fget_files+0x3a0/0x420
[ 1495.446685][T17135]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1495.446701][T17135]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1495.446723][T17135]  ? __pfx_ksys_write+0x10/0x10
[ 1495.446753][T17135]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1495.446781][T17135]  do_syscall_64+0x15f/0xf80
[ 1495.446802][T17135]  ? trace_irq_disable+0x3b/0x140
[ 1495.446824][T17135]  ? clear_bhb_loop+0x40/0x90
[ 1495.446841][T17135]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1495.446855][T17135] RIP: 0033:0x7fdce2f9ce59
[ 1495.446871][T17135] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1495.446884][T17135] RSP: 002b:00007fdce3f26028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1495.446901][T17135] RAX: ffffffffffffffda RBX: 00007fdce3215fa0 RCX: 00007fdce2f9ce59
[ 1495.446912][T17135] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003
[ 1495.446921][T17135] RBP: 00007fdce3f26090 R08: 0000000000000000 R09: 0000000000000000
[ 1495.446937][T17135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1495.446946][T17135] R13: 00007fdce3216038 R14: 00007fdce3215fa0 R15: 00007fffcb0c6298
[ 1495.446975][T17135]  </TASK>
[ 1498.920749][ T7858] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1498.929229][ T7858] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1499.076059][T17140] geneve3: entered promiscuous mode
[ 1499.124525][T24533] IPVS: stop unused estimator thread 0...
[ 1499.246697][T17153] syzkaller1: entered promiscuous mode
[ 1499.255892][T17153] syzkaller1: entered allmulticast mode
[ 1499.273810][T17157] syzkaller0: entered promiscuous mode
[ 1499.293373][T17157] syzkaller0: entered allmulticast mode
[ 1499.664377][T17178] xt_socket: unknown flags 0x50
[ 1500.503935][T17189] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4.
[ 1503.619421][T17200] geneve3: entered promiscuous mode
[ 1503.673117][ T6014] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1503.700583][ T6014] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1503.808841][ T6014] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1503.836007][ T6014] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1503.921305][T17214] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1504.402033][T17236] xt_socket: unknown flags 0x50
[ 1504.419204][T17225] netlink: 32 bytes leftover after parsing attributes in process `syz.0.14002'.
[ 1504.473520][T17225] netlink: 16 bytes leftover after parsing attributes in process `syz.0.14002'.
[ 1504.678754][T17249] Cannot find set identified by id 65534 to match
[ 1504.855068][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1504.873790][T17263] netlink: 12 bytes leftover after parsing attributes in process `syz.1.14018'.
[ 1504.920872][T17267] xt_socket: unknown flags 0x50
[ 1504.940177][T17263] nbd: nbd1 already in use
[ 1504.952311][T17263] block nbd1: NBD_DISCONNECT
[ 1504.954159][T17269] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4.
[ 1504.958893][T17263] block nbd1: Send disconnect failed -32
[ 1504.997420][T17263] block nbd1: Send disconnect failed -32
[ 1505.005081][T17263] block nbd1: shutting down sockets
[ 1505.368300][T17287] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1505.382206][T17290] netlink: 'syz.1.14027': attribute type 10 has an invalid length.
[ 1505.413784][T17290] netlink: 228 bytes leftover after parsing attributes in process `syz.1.14027'.
[ 1505.433398][T17293] Cannot find set identified by id 65534 to match
[ 1505.526218][T17296] xt_hashlimit: size too large, truncated to 1048576
[ 1505.736733][T17305] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4.
[ 1505.920083][T17314] netlink: 36 bytes leftover after parsing attributes in process `syz.3.14033'.
[ 1505.951344][ T6012] dvmrp8: left allmulticast mode
[ 1505.986264][T17316] netlink: 16 bytes leftover after parsing attributes in process `syz.0.14036'.
[ 1506.341003][T17322] FAULT_INJECTION: forcing a failure.
[ 1506.341003][T17322] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1506.354390][T17322] CPU: 1 UID: 0 PID: 17322 Comm: syz.1.14038 Not tainted syzkaller #0 PREEMPT(full) 
[ 1506.354413][T17322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1506.354422][T17322] Call Trace:
[ 1506.354429][T17322]  <TASK>
[ 1506.354439][T17322]  dump_stack_lvl+0xe8/0x150
[ 1506.354463][T17322]  should_fail_ex+0x412/0x560
[ 1506.354489][T17322]  _copy_from_user+0x2d/0xb0
[ 1506.354511][T17322]  ___sys_sendmsg+0x1c6/0x360
[ 1506.354528][T17322]  ? __lock_acquire+0x6b5/0x2cf0
[ 1506.354550][T17322]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1506.354596][T17322]  ? __fget_files+0x2a/0x420
[ 1506.354615][T17322]  ? __fget_files+0x3a0/0x420
[ 1506.354642][T17322]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1506.354660][T17322]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1506.354684][T17322]  ? __pfx_ksys_write+0x10/0x10
[ 1506.354714][T17322]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1506.354732][T17322]  do_syscall_64+0x15f/0xf80
[ 1506.354755][T17322]  ? trace_irq_disable+0x3b/0x140
[ 1506.354778][T17322]  ? clear_bhb_loop+0x40/0x90
[ 1506.354802][T17322]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1506.354818][T17322] RIP: 0033:0x7f2a1919ce59
[ 1506.354833][T17322] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1506.354846][T17322] RSP: 002b:00007f2a19fa1028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1506.354862][T17322] RAX: ffffffffffffffda RBX: 00007f2a19415fa0 RCX: 00007f2a1919ce59
[ 1506.354873][T17322] RDX: 0000000020008000 RSI: 00002000000001c0 RDI: 0000000000000003
[ 1506.354882][T17322] RBP: 00007f2a19fa1090 R08: 0000000000000000 R09: 0000000000000000
[ 1506.354892][T17322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1506.354901][T17322] R13: 00007f2a19416038 R14: 00007f2a19415fa0 R15: 00007ffcb4fa7a18
[ 1506.354929][T17322]  </TASK>
[ 1506.597218][T17324] netlink: 28 bytes leftover after parsing attributes in process `syz.1.14039'.
[ 1506.607399][ T6012] bond1 (unregistering): (slave ip6gretap1): Releasing active interface
[ 1506.836298][T17333] netlink: 28 bytes leftover after parsing attributes in process `syz.4.14041'.
[ 1506.868164][ T6012] bond3 (unregistering): (slave gretap1): Releasing active interface
[ 1506.965971][ T6012] bond6 (unregistering): (slave geneve3): Releasing active interface
[ 1507.079403][ T6012] bond3 (unregistering): (slave bridge3): Releasing active interface
[ 1507.349301][ T6012] team0: Port device bridge9 removed
[ 1507.389349][ T6012] bond8 (unregistering): (slave bridge10): Releasing active interface
[ 1507.635289][ T6012] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1507.646694][ T6012] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1507.658162][ T6012] bond0 (unregistering): Released all slaves
[ 1507.674192][ T6012] team0: Port device macvlan3 removed
[ 1507.684215][ T6012] bond1 (unregistering): Released all slaves
[ 1507.698661][ T6012] bond2 (unregistering): Released all slaves
[ 1507.718758][ T6012] bond3 (unregistering): Released all slaves
[ 1507.732966][ T6012] bond4 (unregistering): Released all slaves
[ 1507.750103][ T6012] bond5 (unregistering): Released all slaves
[ 1507.770679][ T6012] bond6 (unregistering): Released all slaves
[ 1507.784186][ T6012] bond7 (unregistering): Released all slaves
[ 1507.798060][ T6012] bond8 (unregistering): Released all slaves
[ 1507.816068][ T6012] bond9 (unregistering): Released all slaves
[ 1507.837418][ T6012] bond10 (unregistering): Released all slaves
[ 1507.871653][T17328] hm�3)��: entered promiscuous mode
[ 1508.010082][T17340] syzkaller0: entered promiscuous mode
[ 1508.031208][T17340] syzkaller0: entered allmulticast mode
[ 1508.068739][T17344] xt_hashlimit: size too large, truncated to 1048576
[ 1508.078348][T17346] netlink: 56 bytes leftover after parsing attributes in process `syz.3.14043'.
[ 1508.521586][ T6012] : left promiscuous mode
[ 1508.620119][ T6012] tipc: Disabling bearer <udp:syz2>
[ 1508.631331][ T6012] tipc: Left network mode
[ 1508.677356][ T6012] IPVS: stopping backup sync thread 19921 ...
[ 1508.770498][T17373] netlink: 4 bytes leftover after parsing attributes in process `syz.4.14049'.
[ 1509.008386][T17380] block nbd1: server does not support multiple connections per device.
[ 1509.070170][T17380] block nbd1: shutting down sockets
[ 1509.273531][T17397] FAULT_INJECTION: forcing a failure.
[ 1509.273531][T17397] name failslab, interval 1, probability 0, space 0, times 0
[ 1509.318553][T17397] CPU: 1 UID: 0 PID: 17397 Comm: syz.3.14055 Not tainted syzkaller #0 PREEMPT(full) 
[ 1509.318577][T17397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1509.318587][T17397] Call Trace:
[ 1509.318594][T17397]  <TASK>
[ 1509.318602][T17397]  dump_stack_lvl+0xe8/0x150
[ 1509.318629][T17397]  should_fail_ex+0x412/0x560
[ 1509.318654][T17397]  should_failslab+0xa8/0x100
[ 1509.318678][T17397]  kmem_cache_alloc_node_noprof+0x8f/0x690
[ 1509.318699][T17397]  ? __alloc_skb+0x186/0x7d0
[ 1509.318720][T17397]  ? __alloc_skb+0x1d0/0x7d0
[ 1509.318738][T17397]  ? __local_bh_enable_ip+0xd0/0x130
[ 1509.318759][T17397]  __alloc_skb+0x1d0/0x7d0
[ 1509.318779][T17397]  ? __might_fault+0xaf/0x130
[ 1509.318801][T17397]  alloc_skb_with_frags+0xc8/0x760
[ 1509.318835][T17397]  sock_alloc_send_pskb+0x878/0x990
[ 1509.318857][T17397]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1509.318887][T17397]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[ 1509.318909][T17397]  ? packet_cached_dev_get+0x1c/0x2b0
[ 1509.318928][T17397]  ? packet_cached_dev_get+0x1c/0x2b0
[ 1509.318953][T17397]  packet_sendmsg+0x315a/0x4fb0
[ 1509.318993][T17397]  ? unwind_next_frame+0xa6/0x2550
[ 1509.319033][T17397]  ? __pfx_packet_sendmsg+0x10/0x10
[ 1509.319047][T17397]  ? aa_sk_perm+0x6d5/0x900
[ 1509.319073][T17397]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1509.319089][T17397]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[ 1509.319116][T17397]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1509.319141][T17397]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1509.319165][T17397]  ____sys_sendmsg+0x972/0x9f0
[ 1509.319182][T17397]  ? __might_fault+0xaf/0x130
[ 1509.319205][T17397]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1509.319229][T17397]  ? import_iovec+0x73/0xa0
[ 1509.319262][T17397]  ___sys_sendmsg+0x2a5/0x360
[ 1509.319278][T17397]  ? __lock_acquire+0x6b5/0x2cf0
[ 1509.319299][T17397]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1509.319343][T17397]  ? __fget_files+0x2a/0x420
[ 1509.319360][T17397]  ? __fget_files+0x3a0/0x420
[ 1509.319385][T17397]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1509.319403][T17397]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1509.319426][T17397]  ? __pfx_ksys_write+0x10/0x10
[ 1509.319455][T17397]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1509.319471][T17397]  do_syscall_64+0x15f/0xf80
[ 1509.319492][T17397]  ? trace_irq_disable+0x3b/0x140
[ 1509.319513][T17397]  ? clear_bhb_loop+0x40/0x90
[ 1509.319531][T17397]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1509.319545][T17397] RIP: 0033:0x7f48c839ce59
[ 1509.319561][T17397] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1509.319575][T17397] RSP: 002b:00007f48c932e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1509.319593][T17397] RAX: ffffffffffffffda RBX: 00007f48c8615fa0 RCX: 00007f48c839ce59
[ 1509.319604][T17397] RDX: 0000000020040890 RSI: 0000200000002ac0 RDI: 0000000000000003
[ 1509.319615][T17397] RBP: 00007f48c932e090 R08: 0000000000000000 R09: 0000000000000000
[ 1509.319625][T17397] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1509.319635][T17397] R13: 00007f48c8616038 R14: 00007f48c8615fa0 R15: 00007ffddedd3908
[ 1509.319659][T17397]  </TASK>
[ 1509.870363][T17404] __nla_validate_parse: 1 callbacks suppressed
[ 1509.870381][T17404] netlink: 4 bytes leftover after parsing attributes in process `syz.3.14057'.
[ 1510.033783][T17406] xt_hashlimit: size too large, truncated to 1048576
[ 1510.187437][T17414] FAULT_INJECTION: forcing a failure.
[ 1510.187437][T17414] name failslab, interval 1, probability 0, space 0, times 0
[ 1510.206350][T17414] CPU: 0 UID: 0 PID: 17414 Comm: syz.2.14059 Not tainted syzkaller #0 PREEMPT(full) 
[ 1510.206372][T17414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1510.206380][T17414] Call Trace:
[ 1510.206387][T17414]  <TASK>
[ 1510.206395][T17414]  dump_stack_lvl+0xe8/0x150
[ 1510.206418][T17414]  should_fail_ex+0x412/0x560
[ 1510.206444][T17414]  should_failslab+0xa8/0x100
[ 1510.206468][T17414]  __kvmalloc_node_noprof+0x178/0x8a0
[ 1510.206491][T17414]  ? alloc_netdev_mqs+0xa8/0x1210
[ 1510.206518][T17414]  alloc_netdev_mqs+0xa8/0x1210
[ 1510.206533][T17414]  ? __pfx_xfrmi_dev_setup+0x10/0x10
[ 1510.206644][T17414]  rtnl_create_link+0x31f/0xd70
[ 1510.206669][T17414]  rtnl_newlink_create+0x277/0xb70
[ 1510.206684][T17414]  ? __pfx___nla_validate_parse+0x10/0x10
[ 1510.206715][T17414]  ? __pfx_rtnl_newlink_create+0x10/0x10
[ 1510.206733][T17414]  ? __pfx___mutex_lock+0x10/0x10
[ 1510.206771][T17414]  ? ns_capable+0x89/0xe0
[ 1510.206789][T17414]  rtnl_newlink+0x166a/0x1bb0
[ 1510.206823][T17414]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1510.206849][T17414]  ? __lock_acquire+0x6b5/0x2cf0
[ 1510.206868][T17414]  ? __lock_acquire+0x6b5/0x2cf0
[ 1510.206894][T17414]  ? unwind_next_frame+0xa6/0x2550
[ 1510.206916][T17414]  ? unwind_next_frame+0xa6/0x2550
[ 1510.206937][T17414]  ? is_bpf_text_address+0x26/0x2b0
[ 1510.206963][T17414]  ? is_bpf_text_address+0x26/0x2b0
[ 1510.206984][T17414]  ? __lock_acquire+0x6b5/0x2cf0
[ 1510.207003][T17414]  ? kernel_text_address+0xa5/0xe0
[ 1510.207024][T17414]  ? __kernel_text_address+0xd/0x30
[ 1510.207043][T17414]  ? unwind_get_return_address+0x4d/0x90
[ 1510.207061][T17414]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1510.207083][T17414]  ? arch_stack_walk+0xfb/0x150
[ 1510.207112][T17414]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[ 1510.207148][T17414]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1510.207167][T17414]  rtnetlink_rcv_msg+0x7d5/0xbe0
[ 1510.207185][T17414]  ? kmem_cache_alloc_node_noprof+0x384/0x690
[ 1510.207203][T17414]  ? netlink_sendmsg+0x5d4/0xb40
[ 1510.207220][T17414]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[ 1510.207239][T17414]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1510.207259][T17414]  ? __lock_acquire+0x6b5/0x2cf0
[ 1510.207287][T17414]  netlink_rcv_skb+0x232/0x4b0
[ 1510.207303][T17414]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1510.207323][T17414]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1510.207350][T17414]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1510.207365][T17414]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1510.207384][T17414]  netlink_unicast+0x75c/0x8e0
[ 1510.207417][T17414]  netlink_sendmsg+0x813/0xb40
[ 1510.207442][T17414]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1510.207463][T17414]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1510.207485][T17414]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1510.207507][T17414]  ____sys_sendmsg+0x972/0x9f0
[ 1510.207523][T17414]  ? __might_fault+0xaf/0x130
[ 1510.207546][T17414]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1510.207569][T17414]  ? import_iovec+0x73/0xa0
[ 1510.207593][T17414]  ___sys_sendmsg+0x2a5/0x360
[ 1510.207608][T17414]  ? __lock_acquire+0x6b5/0x2cf0
[ 1510.207629][T17414]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1510.207678][T17414]  ? __fget_files+0x2a/0x420
[ 1510.207696][T17414]  ? __fget_files+0x3a0/0x420
[ 1510.207722][T17414]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1510.207752][T17414]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1510.207779][T17414]  ? __pfx_ksys_write+0x10/0x10
[ 1510.207811][T17414]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1510.207829][T17414]  do_syscall_64+0x15f/0xf80
[ 1510.207852][T17414]  ? trace_irq_disable+0x3b/0x140
[ 1510.207874][T17414]  ? clear_bhb_loop+0x40/0x90
[ 1510.207894][T17414]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1510.207910][T17414] RIP: 0033:0x7f838999ce59
[ 1510.207927][T17414] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1510.207941][T17414] RSP: 002b:00007f838a7e7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1510.207959][T17414] RAX: ffffffffffffffda RBX: 00007f8389c15fa0 RCX: 00007f838999ce59
[ 1510.207971][T17414] RDX: 0000000000000800 RSI: 0000200000000080 RDI: 0000000000000003
[ 1510.207981][T17414] RBP: 00007f838a7e7090 R08: 0000000000000000 R09: 0000000000000000
[ 1510.207991][T17414] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1510.208001][T17414] R13: 00007f8389c16038 R14: 00007f8389c15fa0 R15: 00007fff14fddeb8
[ 1510.208032][T17414]  </TASK>
[ 1511.007246][T17425] syzkaller0: entered promiscuous mode
[ 1511.013003][T17425] syzkaller0: entered allmulticast mode
[ 1511.073906][T17428] netlink: 32 bytes leftover after parsing attributes in process `syz.4.14064'.
[ 1515.283529][ T6012] hsr_slave_0: left promiscuous mode
[ 1515.298438][ T6012] hsr_slave_1: left promiscuous mode
[ 1515.304714][ T6012] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1515.325721][ T6012] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1515.341788][ T6012] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1515.357325][ T6012] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1515.379446][ T6012] batman_adv: batadv0: Interface deactivated: ipvlan3
[ 1515.402891][ T6012] batman_adv: batadv0: Removing interface: ipvlan3
[ 1515.476279][ T6012] virt_wifi0: left allmulticast mode
[ 1515.484117][ T6012] veth1_macvtap: left promiscuous mode
[ 1515.497910][ T6012] veth0_macvtap: left promiscuous mode
[ 1515.510877][ T6012] veth1_vlan: left promiscuous mode
[ 1515.516559][ T6012] veth0_vlan: left promiscuous mode
[ 1515.551608][T17503] xt_socket: unknown flags 0x50
[ 1515.648863][T17506] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[ 1516.144108][ T6012] team0 (unregistering): Port device team_slave_1 removed
[ 1516.179419][ T6012] team0 (unregistering): Port device team_slave_0 removed
[ 1516.548701][T17522] netlink: 16 bytes leftover after parsing attributes in process `syz.0.14092'.
[ 1516.675936][T17529] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4.
[ 1517.072677][T17554] netlink: 44 bytes leftover after parsing attributes in process `syz.2.14103'.
[ 1517.607594][ T6012] IPVS: stop unused estimator thread 0...
[ 1517.648575][T17576] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4.
[ 1517.717051][T17578] syzkaller0: entered promiscuous mode
[ 1517.722595][T17578] syzkaller0: entered allmulticast mode
[ 1517.898107][T17584] netlink: 44 bytes leftover after parsing attributes in process `syz.2.14113'.
[ 1517.990490][T17585] netlink: 4 bytes leftover after parsing attributes in process `syz.2.14113'.
[ 1518.002045][T17585] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1519.777036][T17539] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[ 1519.994241][T17593] netlink: 'syz.3.14116': attribute type 1 has an invalid length.
[ 1520.008467][T17588] netlink: 4 bytes leftover after parsing attributes in process `syz.1.14115'.
[ 1520.021816][T17588] openvswitch: netlink: Invalid VLAN frame
[ 1520.050842][T17593] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1520.210634][T17605] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4.
[ 1520.301954][T17607] xt_socket: unknown flags 0x50
[ 1520.469201][T17593] bond3: (slave veth0_to_bond): Enslaving as an active interface with an up link
[ 1520.534084][T17603] macvlan2: entered promiscuous mode
[ 1520.540037][T17603] macvlan2: entered allmulticast mode
[ 1520.546774][T17603] bond3: entered promiscuous mode
[ 1520.551908][T17603] veth0_to_bond: entered promiscuous mode
[ 1520.559462][T17603] 8021q: adding VLAN 0 to HW filter on device macvlan2
[ 1520.568977][T17603] bond3: left promiscuous mode
[ 1520.573864][T17603] veth0_to_bond: left promiscuous mode
[ 1520.961867][T17639] netlink: 8 bytes leftover after parsing attributes in process `syz.3.14128'.
[ 1520.972096][T17639] netlink: 4 bytes leftover after parsing attributes in process `syz.3.14128'.
[ 1520.982434][T17639] netlink: 8 bytes leftover after parsing attributes in process `syz.3.14128'.
[ 1520.992116][T17639] netlink: 4 bytes leftover after parsing attributes in process `syz.3.14128'.
[ 1521.071622][T17648] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4.
[ 1521.075264][T17643] syzkaller0: entered promiscuous mode
[ 1521.086026][T17643] syzkaller0: entered allmulticast mode
[ 1521.123090][T17643] netlink: 76 bytes leftover after parsing attributes in process `syz.1.14130'.
[ 1521.201490][T17655] xt_socket: unknown flags 0x50
[ 1523.857680][T17631] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[ 1524.035289][T17669] netlink: 4 bytes leftover after parsing attributes in process `syz.1.14135'.
[ 1524.223397][T17680] vxcan0: tx address claim with different name
[ 1524.243974][T17681] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4.
[ 1524.267813][T17683] netlink: 'syz.2.14145': attribute type 1 has an invalid length.
[ 1524.337220][T17683] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1524.403283][T17683] netlink: 28 bytes leftover after parsing attributes in process `syz.2.14145'.
[ 1524.416702][T17683] bond3: entered promiscuous mode
[ 1524.421989][T17683] bond3: entered allmulticast mode
[ 1524.588819][T17695] xt_socket: unknown flags 0x50
[ 1524.641595][T17683] bond3: (slave dummy0): making interface the new active one
[ 1524.649720][T17683] dummy0: entered promiscuous mode
[ 1524.657447][T17683] dummy0: entered allmulticast mode
[ 1524.690479][T17683] bond3: (slave dummy0): Enslaving as an active interface with an up link
[ 1526.658623][T17731] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4.
[ 1527.816215][T17698] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[ 1528.068133][T17743] xt_socket: unknown flags 0x50
[ 1528.070300][T17746] team_slave_1: Caught tx_queue_len zero misconfig
[ 1528.083258][T17745] syzkaller0: entered promiscuous mode
[ 1528.093818][T17745] syzkaller0: entered allmulticast mode
[ 1528.214106][T17755] netlink: 8 bytes leftover after parsing attributes in process `syz.3.14166'.
[ 1528.270646][T17762] netlink: 108 bytes leftover after parsing attributes in process `syz.2.14167'.
[ 1528.508496][T17773] IPVS: set_ctl: invalid protocol: 44 172.20.20.187:20003
[ 1528.550743][T17771] x_tables: duplicate underflow at hook 1
[ 1528.664052][T17782] xt_socket: unknown flags 0x50
[ 1528.701448][T17779] syzkaller0: entered promiscuous mode
[ 1528.707580][T17779] syzkaller0: entered allmulticast mode
[ 1528.876750][T17797] netlink: 9 bytes leftover after parsing attributes in process `syz.1.14181'.
[ 1528.898473][T17797] netlink: 9 bytes leftover after parsing attributes in process `syz.1.14181'.
[ 1529.901397][T17821] xt_hashlimit: size too large, truncated to 1048576
[ 1532.878728][T17853] IPVS: set_ctl: invalid protocol: 59 100.1.1.0:20000
[ 1532.901863][T17855] syzkaller0: entered promiscuous mode
[ 1532.909837][T17855] syzkaller0: entered allmulticast mode
[ 1533.357097][T17875] IPv6: syztnl2: Disabled Multicast RS
[ 1533.561234][T17856] nbd1: detected capacity change from 0 to 63
[ 1533.571835][T17861] block nbd0: NBD_DISCONNECT
[ 1533.581074][T17861] block nbd0: Send disconnect failed -32
[ 1533.595490][T17861] block nbd0: shutting down sockets
[ 1533.622013][ T1717] block nbd1: Receive control failed (result -104)
[ 1533.651854][   T57] bridge_slave_1: left promiscuous mode
[ 1533.668492][   T57] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1533.868517][   T57] batman_adv: 
60�X���: Interface deactivated: vlan0
[ 1533.918875][   T57] bond2 (unregistering): (slave ip6gre2): Releasing backup interface
[ 1533.927751][   T57] ip6gre2 (unregistering): left promiscuous mode
[ 1534.099241][T17906] netlink: 'syz.2.14206': attribute type 1 has an invalid length.
[ 1534.267137][   T57] batman_adv: 
60�X���: Removing interface: vlan0
[ 1534.993395][   T57] bond0 (unregistering): (slave 
4
5��): Releasing backup interface
[ 1535.003826][   T57] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1535.014243][   T57] bond0 (unregistering): Released all slaves
[ 1535.024595][   T57] bond1 (unregistering): Released all slaves
[ 1535.040092][   T57] bond2 (unregistering): Released all slaves
[ 1535.054589][   T57] bond3 (unregistering): (slave veth5): Releasing active interface
[ 1535.063642][   T57] bond3 (unregistering): Released all slaves
[ 1535.079070][   T57] bond4 (unregistering): Released all slaves
[ 1535.099788][   T57] bond5 (unregistering): (slave veth0_to_bond): Releasing active interface
[ 1535.110185][   T57] bond5 (unregistering): Released all slaves
[ 1535.123881][   T57] bond6 (unregistering): Released all slaves
[ 1535.228951][T17918] bond0: entered allmulticast mode
[ 1535.236583][T17918] bond_slave_0: entered allmulticast mode
[ 1535.261301][T17918] bond_slave_1: entered allmulticast mode
[ 1535.537727][   T57] : left promiscuous mode
[ 1535.566951][T17936] syzkaller0: entered promiscuous mode
[ 1535.578583][T17936] syzkaller0: entered allmulticast mode
[ 1535.618483][   T57] tipc: Disabling bearer <udp:syz2>
[ 1535.628144][   T57] tipc: Left network mode
[ 1535.866961][T17949] netlink: 'syz.2.14213': attribute type 1 has an invalid length.
[ 1536.034107][T17949] netlink: 44 bytes leftover after parsing attributes in process `syz.2.14213'.
[ 1536.111186][T17955] bond4: (slave bridge4): making interface the new active one
[ 1536.160346][T17955] bond4: (slave bridge4): Enslaving as an active interface with an up link
[ 1536.208131][T17949] bond4: entered promiscuous mode
[ 1536.223260][T17949] bridge4: entered promiscuous mode
[ 1536.255400][T17949] bond4: entered allmulticast mode
[ 1536.264247][T17949] bridge4: entered allmulticast mode
[ 1536.271584][T17949] 8021q: adding VLAN 0 to HW filter on device bond4
[ 1536.355180][T17973] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[ 1536.374068][T17981] IPVS: set_ctl: invalid protocol: 43 100.1.1.0:20004
[ 1536.593090][T17984] netlink: 'syz.2.14223': attribute type 1 has an invalid length.
[ 1537.108735][T18012] FAULT_INJECTION: forcing a failure.
[ 1537.108735][T18012] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1537.130723][T18012] CPU: 0 UID: 0 PID: 18012 Comm: syz.4.14229 Not tainted syzkaller #0 PREEMPT(full) 
[ 1537.130745][T18012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1537.130755][T18012] Call Trace:
[ 1537.130763][T18012]  <TASK>
[ 1537.130771][T18012]  dump_stack_lvl+0xe8/0x150
[ 1537.130806][T18012]  should_fail_ex+0x412/0x560
[ 1537.130833][T18012]  _copy_from_iter+0x1d3/0x1670
[ 1537.130859][T18012]  ? rcu_is_watching+0x15/0xb0
[ 1537.130884][T18012]  ? __pfx__copy_from_iter+0x10/0x10
[ 1537.130906][T18012]  ? netlink_sendmsg+0x650/0xb40
[ 1537.130922][T18012]  ? skb_put+0x11b/0x210
[ 1537.130948][T18012]  netlink_sendmsg+0x6c0/0xb40
[ 1537.130972][T18012]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1537.130992][T18012]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1537.131015][T18012]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1537.131038][T18012]  ____sys_sendmsg+0x972/0x9f0
[ 1537.131054][T18012]  ? __might_fault+0xaf/0x130
[ 1537.131080][T18012]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1537.131100][T18012]  ? import_iovec+0x73/0xa0
[ 1537.131123][T18012]  ___sys_sendmsg+0x2a5/0x360
[ 1537.131137][T18012]  ? __lock_acquire+0x6b5/0x2cf0
[ 1537.131159][T18012]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1537.131208][T18012]  ? __fget_files+0x2a/0x420
[ 1537.131225][T18012]  ? __fget_files+0x3a0/0x420
[ 1537.131250][T18012]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1537.131268][T18012]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1537.131291][T18012]  ? __pfx_ksys_write+0x10/0x10
[ 1537.131321][T18012]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1537.131337][T18012]  do_syscall_64+0x15f/0xf80
[ 1537.131359][T18012]  ? trace_irq_disable+0x3b/0x140
[ 1537.131382][T18012]  ? clear_bhb_loop+0x40/0x90
[ 1537.131401][T18012]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1537.131417][T18012] RIP: 0033:0x7f42bf19ce59
[ 1537.131433][T18012] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1537.131447][T18012] RSP: 002b:00007f42bffc6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1537.131465][T18012] RAX: ffffffffffffffda RBX: 00007f42bf415fa0 RCX: 00007f42bf19ce59
[ 1537.131476][T18012] RDX: 0000000000000004 RSI: 0000200000000180 RDI: 0000000000000003
[ 1537.131486][T18012] RBP: 00007f42bffc6090 R08: 0000000000000000 R09: 0000000000000000
[ 1537.131496][T18012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1537.131506][T18012] R13: 00007f42bf416038 R14: 00007f42bf415fa0 R15: 00007ffdb361bb68
[ 1537.131538][T18012]  </TASK>
[ 1537.505543][T17984] bond3: (slave dummy0): Releasing active interface
[ 1537.551960][T17984] dummy0: left promiscuous mode
[ 1537.574658][T17984] dummy0: left allmulticast mode
[ 1537.631671][T17984] bridge_slave_0: left allmulticast mode
[ 1537.659951][T17984] bridge_slave_0: left promiscuous mode
[ 1537.688520][T17984] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1537.719274][T17984] bridge_slave_1: left allmulticast mode
[ 1537.726486][T17984] bridge_slave_1: left promiscuous mode
[ 1537.748469][T17984] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1537.781401][T17984] bond2: (slave veth0_to_bond): Releasing backup interface
[ 1537.804372][T17984] bond0: (slave bond_slave_0): Releasing backup interface
[ 1537.832597][T17984] bond0: (slave bond_slave_1): Releasing backup interface
[ 1537.861295][T17984] team0: Port device team_slave_0 removed
[ 1537.876533][T17984] team0: Port device team_slave_1 removed
[ 1537.890991][T17984] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1537.911410][T17984] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1538.178875][T18057] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4.
[ 1538.746191][   T57] hsr_slave_0: left promiscuous mode
[ 1538.758645][   T57] hsr_slave_1: left promiscuous mode
[ 1538.765372][   T57] batman_adv: 
60�X���: Interface deactivated: batadv_slave_0
[ 1538.773356][   T57] batman_adv: 
60�X���: Removing interface: batadv_slave_0
[ 1538.786697][   T57] batman_adv: 
60�X���: Interface deactivated: batadv_slave_1
[ 1538.816237][   T57] batman_adv: 
60�X���: Removing interface: batadv_slave_1
[ 1538.833465][   T57] batman_adv: 
60�X���: Removing interface: ipvlan0
[ 1539.894279][   T57] team_slave_1 (unregistering): left promiscuous mode
[ 1539.912486][   T57] team0 (unregistering): Port device team_slave_1 removed
[ 1540.026662][   T57] team_slave_0 (unregistering): left promiscuous mode
[ 1540.067986][   T57] team0 (unregistering): Port device team_slave_0 removed
[ 1540.117256][T18139] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4.
[ 1540.752563][T18164] netlink: 8 bytes leftover after parsing attributes in process `syz.3.14256'.
[ 1540.951732][T18172] netlink: 27 bytes leftover after parsing attributes in process `syz.2.14257'.
[ 1541.030326][T18181] xt_l2tp: unknown flags: 51
[ 1541.184031][   T57] IPVS: stop unused estimator thread 0...
[ 1541.392878][T18198] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4.
[ 1541.876751][T18231] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4.
[ 1541.995679][T18226] syzkaller0: entered promiscuous mode
[ 1542.019462][T18226] syzkaller0: entered allmulticast mode
[ 1545.321582][T18263] netlink: 28 bytes leftover after parsing attributes in process `syz.0.14282'.
[ 1545.355110][T18263] netlink: 28 bytes leftover after parsing attributes in process `syz.0.14282'.
[ 1545.374460][T18263] netlink: 12 bytes leftover after parsing attributes in process `syz.0.14282'.
[ 1545.514288][T18271] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4.
[ 1545.920682][T18313] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4.
[ 1546.042127][T18311] bond3: option miimon: invalid value (18446744073709551607)
[ 1546.050317][T18311] bond3: option miimon: allowed values 0 - 2147483647
[ 1546.060672][T18311] bond3 (unregistering): Released all slaves
[ 1546.124438][ T1717] block nbd0: Receive control failed (result -32)
[ 1546.248719][T18330] FAULT_INJECTION: forcing a failure.
[ 1546.248719][T18330] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1546.262232][T18330] CPU: 0 UID: 0 PID: 18330 Comm: syz.2.14308 Not tainted syzkaller #0 PREEMPT(full) 
[ 1546.262255][T18330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1546.262266][T18330] Call Trace:
[ 1546.262273][T18330]  <TASK>
[ 1546.262280][T18330]  dump_stack_lvl+0xe8/0x150
[ 1546.262307][T18330]  should_fail_ex+0x412/0x560
[ 1546.262330][T18330]  _copy_to_user+0x31/0xb0
[ 1546.262346][T18330]  simple_read_from_buffer+0xe1/0x170
[ 1546.262369][T18330]  proc_fail_nth_read+0x1bb/0x230
[ 1546.262384][T18330]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1546.262398][T18330]  ? rw_verify_area+0x2a6/0x4d0
[ 1546.262411][T18330]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1546.262423][T18330]  vfs_read+0x20c/0xa70
[ 1546.262438][T18330]  ? __pfx___mutex_lock+0x10/0x10
[ 1546.262449][T18330]  ? __pfx_vfs_read+0x10/0x10
[ 1546.262462][T18330]  ? __fget_files+0x2a/0x420
[ 1546.262476][T18330]  ? __fget_files+0x3a0/0x420
[ 1546.262485][T18330]  ? __fget_files+0x2a/0x420
[ 1546.262501][T18330]  ksys_read+0x150/0x270
[ 1546.262514][T18330]  ? __pfx_ksys_read+0x10/0x10
[ 1546.262531][T18330]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1546.262542][T18330]  do_syscall_64+0x15f/0xf80
[ 1546.262555][T18330]  ? trace_irq_disable+0x3b/0x140
[ 1546.262569][T18330]  ? clear_bhb_loop+0x40/0x90
[ 1546.262581][T18330]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1546.262590][T18330] RIP: 0033:0x7f838995d68e
[ 1546.262601][T18330] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1546.262609][T18330] RSP: 002b:00007f838a7e6fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1546.262620][T18330] RAX: ffffffffffffffda RBX: 00007f838a7e76c0 RCX: 00007f838995d68e
[ 1546.262627][T18330] RDX: 000000000000000f RSI: 00007f838a7e70a0 RDI: 0000000000000005
[ 1546.262633][T18330] RBP: 00007f838a7e7090 R08: 0000000000000000 R09: 0000000000000000
[ 1546.262638][T18330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1546.262644][T18330] R13: 00007f8389c16038 R14: 00007f8389c15fa0 R15: 00007fff14fddeb8
[ 1546.262660][T18330]  </TASK>
[ 1546.600846][T18337] netlink: 'syz.2.14309': attribute type 3 has an invalid length.
[ 1546.608834][T18337] netlink: 'syz.2.14309': attribute type 1 has an invalid length.
[ 1546.618175][T18337] netlink: 224 bytes leftover after parsing attributes in process `syz.2.14309'.
[ 1546.628459][T18337] NCSI netlink: No device for ifindex 0
[ 1546.699881][T18341] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4.
[ 1547.189252][T18375] syzkaller0: entered promiscuous mode
[ 1547.196981][T18375] syzkaller0: entered allmulticast mode
[ 1547.386528][T18382] netlink: 24 bytes leftover after parsing attributes in process `syz.1.14327'.
[ 1547.473667][T18384] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4.
[ 1547.654132][T18393] xt_socket: unknown flags 0x50
[ 1547.866621][T18406] netlink: 48 bytes leftover after parsing attributes in process `syz.0.14335'.
[ 1548.089000][T18420] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4.
[ 1548.468738][T18430] can: request_module (can-proto-0) failed.
[ 1548.475794][T18432] netlink: 24 bytes leftover after parsing attributes in process `syz.1.14345'.
[ 1548.486688][T18432] netlink: 24 bytes leftover after parsing attributes in process `syz.1.14345'.
[ 1548.500843][T18430] netlink: 12 bytes leftover after parsing attributes in process `syz.1.14345'.
[ 1548.745121][T18440] netlink: 48 bytes leftover after parsing attributes in process `syz.2.14347'.
[ 1549.196374][T18461] netlink: 'syz.3.14356': attribute type 13 has an invalid length.
[ 1549.720570][T18476] xt_CT: No such helper "snmp_trap"
[ 1549.883089][T18489] netlink: 'syz.0.14361': attribute type 21 has an invalid length.
[ 1550.584731][T18514] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1550.933225][T18533] __nla_validate_parse: 7 callbacks suppressed
[ 1550.933340][T18533] netlink: 48 bytes leftover after parsing attributes in process `syz.2.14373'.
[ 1550.937661][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1551.777965][T18546] FAULT_INJECTION: forcing a failure.
[ 1551.777965][T18546] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1551.791346][T18546] CPU: 0 UID: 0 PID: 18546 Comm: syz.4.14377 Not tainted syzkaller #0 PREEMPT(full) 
[ 1551.791375][T18546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1551.791385][T18546] Call Trace:
[ 1551.791393][T18546]  <TASK>
[ 1551.791401][T18546]  dump_stack_lvl+0xe8/0x150
[ 1551.791427][T18546]  should_fail_ex+0x412/0x560
[ 1551.791454][T18546]  _copy_from_user+0x2d/0xb0
[ 1551.791478][T18546]  ___sys_sendmsg+0x1c6/0x360
[ 1551.791495][T18546]  ? __lock_acquire+0x6b5/0x2cf0
[ 1551.791518][T18546]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1551.791569][T18546]  ? __fget_files+0x2a/0x420
[ 1551.791587][T18546]  ? __fget_files+0x3a0/0x420
[ 1551.791616][T18546]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1551.791635][T18546]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1551.791661][T18546]  ? __pfx_ksys_write+0x10/0x10
[ 1551.791692][T18546]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1551.791709][T18546]  do_syscall_64+0x15f/0xf80
[ 1551.791731][T18546]  ? trace_irq_disable+0x3b/0x140
[ 1551.791754][T18546]  ? clear_bhb_loop+0x40/0x90
[ 1551.791774][T18546]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1551.791790][T18546] RIP: 0033:0x7f42bf19ce59
[ 1551.791806][T18546] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1551.791820][T18546] RSP: 002b:00007f42bffc6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1551.791838][T18546] RAX: ffffffffffffffda RBX: 00007f42bf415fa0 RCX: 00007f42bf19ce59
[ 1551.791850][T18546] RDX: 0000000020000000 RSI: 00002000000001c0 RDI: 0000000000000003
[ 1551.791860][T18546] RBP: 00007f42bffc6090 R08: 0000000000000000 R09: 0000000000000000
[ 1551.791870][T18546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1551.791880][T18546] R13: 00007f42bf416038 R14: 00007f42bf415fa0 R15: 00007ffdb361bb68
[ 1551.791908][T18546]  </TASK>
[ 1552.066613][T18550] FAULT_INJECTION: forcing a failure.
[ 1552.066613][T18550] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1552.081134][T18550] CPU: 0 UID: 0 PID: 18550 Comm: syz.4.14380 Not tainted syzkaller #0 PREEMPT(full) 
[ 1552.081157][T18550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1552.081168][T18550] Call Trace:
[ 1552.081175][T18550]  <TASK>
[ 1552.081182][T18550]  dump_stack_lvl+0xe8/0x150
[ 1552.081206][T18550]  should_fail_ex+0x412/0x560
[ 1552.081233][T18550]  _copy_from_user+0x2d/0xb0
[ 1552.081254][T18550]  __sys_bpf+0x229/0x950
[ 1552.081280][T18550]  ? __pfx___sys_bpf+0x10/0x10
[ 1552.081316][T18550]  ? ksys_write+0x242/0x270
[ 1552.081349][T18550]  ? __pfx_ksys_write+0x10/0x10
[ 1552.081375][T18550]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1552.081393][T18550]  __x64_sys_bpf+0x7c/0x90
[ 1552.081416][T18550]  do_syscall_64+0x15f/0xf80
[ 1552.081438][T18550]  ? trace_irq_disable+0x3b/0x140
[ 1552.081461][T18550]  ? clear_bhb_loop+0x40/0x90
[ 1552.081482][T18550]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1552.081498][T18550] RIP: 0033:0x7f42bf19ce59
[ 1552.081514][T18550] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1552.081528][T18550] RSP: 002b:00007f42bffc6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1552.081546][T18550] RAX: ffffffffffffffda RBX: 00007f42bf415fa0 RCX: 00007f42bf19ce59
[ 1552.081557][T18550] RDX: 0000000000000020 RSI: 0000200000000100 RDI: 0000000000000002
[ 1552.081568][T18550] RBP: 00007f42bffc6090 R08: 0000000000000000 R09: 0000000000000000
[ 1552.081578][T18550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1552.081588][T18550] R13: 00007f42bf416038 R14: 00007f42bf415fa0 R15: 00007ffdb361bb68
[ 1552.081617][T18550]  </TASK>
[ 1552.314354][T18553] netlink: 28 bytes leftover after parsing attributes in process `syz.1.14381'.
[ 1552.323835][T18553] netlink: 'syz.1.14381': attribute type 7 has an invalid length.
[ 1552.332725][T18553] netlink: 'syz.1.14381': attribute type 8 has an invalid length.
[ 1552.340742][T18553] netlink: 4 bytes leftover after parsing attributes in process `syz.1.14381'.
[ 1552.473785][T18563] netlink: 48 bytes leftover after parsing attributes in process `syz.4.14385'.
[ 1552.548079][T18570] netlink: 24 bytes leftover after parsing attributes in process `syz.1.14387'.
[ 1552.557488][T18570] netlink: 24 bytes leftover after parsing attributes in process `syz.1.14387'.
[ 1552.761511][T18583] FAULT_INJECTION: forcing a failure.
[ 1552.761511][T18583] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1552.777381][T18583] CPU: 1 UID: 0 PID: 18583 Comm: syz.4.14391 Not tainted syzkaller #0 PREEMPT(full) 
[ 1552.777402][T18583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1552.777409][T18583] Call Trace:
[ 1552.777414][T18583]  <TASK>
[ 1552.777420][T18583]  dump_stack_lvl+0xe8/0x150
[ 1552.777438][T18583]  should_fail_ex+0x412/0x560
[ 1552.777455][T18583]  _copy_to_iter+0x404/0x17d0
[ 1552.777476][T18583]  ? __pfx__copy_to_iter+0x10/0x10
[ 1552.777496][T18583]  tun_do_read+0x1b41/0x29a0
[ 1552.777524][T18583]  ? aa_file_perm+0x50e/0x15e0
[ 1552.777537][T18583]  ? __pfx_tun_do_read+0x10/0x10
[ 1552.777548][T18583]  ? aa_file_perm+0x192/0x15e0
[ 1552.777561][T18583]  ? tun_get+0x1c/0x2f0
[ 1552.777573][T18583]  ? tun_get+0x1c/0x2f0
[ 1552.777585][T18583]  ? __pfx_default_wake_function+0x10/0x10
[ 1552.777597][T18583]  ? tun_get+0x1c/0x2f0
[ 1552.777608][T18583]  ? tun_get+0x1c/0x2f0
[ 1552.777622][T18583]  tun_chr_read_iter+0x13b/0x260
[ 1552.777636][T18583]  do_iter_readv_writev+0x619/0x8c0
[ 1552.777652][T18583]  ? __pfx_do_iter_readv_writev+0x10/0x10
[ 1552.777673][T18583]  ? bpf_lsm_file_permission+0x9/0x20
[ 1552.777687][T18583]  ? security_file_permission+0x75/0x260
[ 1552.777700][T18583]  ? rw_verify_area+0x2a6/0x4d0
[ 1552.777714][T18583]  vfs_readv+0x288/0x840
[ 1552.777729][T18583]  ? __pfx_vfs_readv+0x10/0x10
[ 1552.777745][T18583]  ? __fget_files+0x2a/0x420
[ 1552.777758][T18583]  ? __fget_files+0x3a0/0x420
[ 1552.777775][T18583]  ? __fget_files+0x2a/0x420
[ 1552.777790][T18583]  __x64_sys_preadv+0x19f/0x2a0
[ 1552.777806][T18583]  ? __pfx___x64_sys_preadv+0x10/0x10
[ 1552.777824][T18583]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1552.777834][T18583]  do_syscall_64+0x15f/0xf80
[ 1552.777849][T18583]  ? trace_irq_disable+0x3b/0x140
[ 1552.777863][T18583]  ? clear_bhb_loop+0x40/0x90
[ 1552.777875][T18583]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1552.777884][T18583] RIP: 0033:0x7f42bf19ce59
[ 1552.777895][T18583] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1552.777903][T18583] RSP: 002b:00007f42bffc6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[ 1552.777913][T18583] RAX: ffffffffffffffda RBX: 00007f42bf415fa0 RCX: 00007f42bf19ce59
[ 1552.777920][T18583] RDX: 0000000000000026 RSI: 0000200000000340 RDI: 0000000000000003
[ 1552.777926][T18583] RBP: 00007f42bffc6090 R08: 0000000000000002 R09: 0000000000000000
[ 1552.777932][T18583] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001
[ 1552.777938][T18583] R13: 00007f42bf416038 R14: 00007f42bf415fa0 R15: 00007ffdb361bb68
[ 1552.777953][T18583]  </TASK>
[ 1554.147699][T18602] netlink: 48 bytes leftover after parsing attributes in process `syz.0.14398'.
[ 1554.288403][T18605] netlink: 16 bytes leftover after parsing attributes in process `syz.4.14397'.
[ 1555.545421][T18570] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[ 1555.697410][T18611] syzkaller0: entered promiscuous mode
[ 1555.702950][T18611] syzkaller0: entered allmulticast mode
[ 1555.712475][T18611] FAULT_INJECTION: forcing a failure.
[ 1555.712475][T18611] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1555.744976][T18611] CPU: 1 UID: 0 PID: 18611 Comm: syz.3.14403 Not tainted syzkaller #0 PREEMPT(full) 
[ 1555.744999][T18611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1555.745009][T18611] Call Trace:
[ 1555.745017][T18611]  <TASK>
[ 1555.745025][T18611]  dump_stack_lvl+0xe8/0x150
[ 1555.745050][T18611]  should_fail_ex+0x412/0x560
[ 1555.745076][T18611]  _copy_from_user+0x2d/0xb0
[ 1555.745099][T18611]  __copy_msghdr+0x3c5/0x5b0
[ 1555.745121][T18611]  ___sys_sendmsg+0x213/0x360
[ 1555.745136][T18611]  ? __lock_acquire+0x6b5/0x2cf0
[ 1555.745158][T18611]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1555.745208][T18611]  ? __fget_files+0x2a/0x420
[ 1555.745226][T18611]  ? __fget_files+0x3a0/0x420
[ 1555.745254][T18611]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1555.745272][T18611]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1555.745297][T18611]  ? __pfx_ksys_write+0x10/0x10
[ 1555.745326][T18611]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1555.745342][T18611]  do_syscall_64+0x15f/0xf80
[ 1555.745363][T18611]  ? trace_irq_disable+0x3b/0x140
[ 1555.745386][T18611]  ? clear_bhb_loop+0x40/0x90
[ 1555.745405][T18611]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1555.745421][T18611] RIP: 0033:0x7f48c839ce59
[ 1555.745437][T18611] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1555.745449][T18611] RSP: 002b:00007f48c932e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1555.745465][T18611] RAX: ffffffffffffffda RBX: 00007f48c8615fa0 RCX: 00007f48c839ce59
[ 1555.745477][T18611] RDX: 0000000000000004 RSI: 00002000000000c0 RDI: 0000000000000007
[ 1555.745487][T18611] RBP: 00007f48c932e090 R08: 0000000000000000 R09: 0000000000000000
[ 1555.745495][T18611] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1555.745504][T18611] R13: 00007f48c8616038 R14: 00007f48c8615fa0 R15: 00007ffddedd3908
[ 1555.745530][T18611]  </TASK>
[ 1556.083398][T18631] IPVS: set_ctl: invalid protocol: 29 172.20.20.10:20002
[ 1556.184356][T18631] syz_tun: entered promiscuous mode
[ 1556.221826][T18631] macvtap1: entered promiscuous mode
[ 1556.269901][T18631] syz_tun: left promiscuous mode
[ 1556.346859][T18631] 
[ 1556.349225][T18631] ======================================================
[ 1556.356321][T18631] WARNING: possible circular locking dependency detected
[ 1556.363436][T18631] syzkaller #0 Not tainted
[ 1556.367909][T18631] ------------------------------------------------------
[ 1556.374990][T18631] syz.3.14406/18631 is trying to acquire lock:
[ 1556.381139][T18631] ffff88801be8d2a0 (&root->kernfs_supers_rwsem){++++}-{4:4}, at: kernfs_remove+0x35/0x80
[ 1556.391018][T18631] 
[ 1556.391018][T18631] but task is already holding lock:
[ 1556.398373][T18631] ffffffff8f38de80 (gdp_mutex){+.+.}-{4:4}, at: cleanup_glue_dir+0xc3/0x220
[ 1556.407168][T18631] 
[ 1556.407168][T18631] which lock already depends on the new lock.
[ 1556.407168][T18631] 
[ 1556.417574][T18631] 
[ 1556.417574][T18631] the existing dependency chain (in reverse order) is:
[ 1556.426583][T18631] 
[ 1556.426583][T18631] -> #11 (gdp_mutex){+.+.}-{4:4}:
[ 1556.433945][T18631]        __mutex_lock+0x1a3/0x1550
[ 1556.439068][T18631]        get_device_parent+0x16f/0x3a0
[ 1556.444533][T18631]        device_add+0x2e1/0xbb0
[ 1556.449375][T18631]        device_create+0x269/0x300
[ 1556.454475][T18631]        msr_device_create+0x33/0x50
[ 1556.459752][T18631]        cpuhp_invoke_callback+0x445/0x860
[ 1556.465554][T18631]        cpuhp_thread_fun+0x36b/0x780
[ 1556.470907][T18631]        smpboot_thread_fn+0x541/0xa50
[ 1556.476360][T18631]        kthread+0x389/0x470
[ 1556.480954][T18631]        ret_from_fork+0x514/0xb70
[ 1556.486061][T18631]        ret_from_fork_asm+0x1a/0x30
[ 1556.491336][T18631] 
[ 1556.491336][T18631] -> #10 (cpuhp_state-up){+.+.}-{0:0}:
[ 1556.498965][T18631]        cpuhp_thread_fun+0x127/0x780
[ 1556.504331][T18631]        smpboot_thread_fn+0x541/0xa50
[ 1556.509777][T18631]        kthread+0x389/0x470
[ 1556.514355][T18631]        ret_from_fork+0x514/0xb70
[ 1556.519491][T18631]        ret_from_fork_asm+0x1a/0x30
[ 1556.524785][T18631] 
[ 1556.524785][T18631] -> #9 (cpu_hotplug_lock){++++}-{0:0}:
[ 1556.532516][T18631]        cpus_read_lock+0x42/0x160
[ 1556.537618][T18631]        static_key_slow_inc+0x12/0x30
[ 1556.543062][T18631]        tcp_md5_do_add+0x1d4/0x390
[ 1556.548244][T18631]        tcp_v6_parse_md5_keys+0x562/0x680
[ 1556.554036][T18631]        do_tcp_setsockopt+0x12ec/0x2060
[ 1556.559648][T18631]        do_sock_setsockopt+0x17c/0x1b0
[ 1556.565182][T18631]        __x64_sys_setsockopt+0x13d/0x1b0
[ 1556.570885][T18631]        do_syscall_64+0x15f/0xf80
[ 1556.575984][T18631]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1556.582808][T18631] 
[ 1556.582808][T18631] -> #8 (sk_lock-AF_INET6){+.+.}-{0:0}:
[ 1556.590532][T18631]        lock_sock_nested+0x41/0x100
[ 1556.595808][T18631]        inet_shutdown+0x6a/0x390
[ 1556.600824][T18631]        nbd_mark_nsock_dead+0x2e9/0x560
[ 1556.606536][T18631]        sock_shutdown+0x15e/0x260
[ 1556.611631][T18631]        nbd_clear_sock+0x24/0x170
[ 1556.616725][T18631]        nbd_config_put+0x2dd/0x580
[ 1556.621908][T18631]        nbd_genl_connect+0x19d5/0x1cf0
[ 1556.627432][T18631]        genl_family_rcv_msg_doit+0x22a/0x330
[ 1556.633497][T18631]        genl_rcv_msg+0x61c/0x7a0
[ 1556.638502][T18631]        netlink_rcv_skb+0x232/0x4b0
[ 1556.643770][T18631]        genl_rcv+0x28/0x40
[ 1556.648256][T18631]        netlink_unicast+0x75c/0x8e0
[ 1556.653530][T18631]        netlink_sendmsg+0x813/0xb40
[ 1556.658881][T18631]        ____sys_sendmsg+0x972/0x9f0
[ 1556.664147][T18631]        ___sys_sendmsg+0x2a5/0x360
[ 1556.669327][T18631]        __x64_sys_sendmsg+0x1bd/0x2a0
[ 1556.674771][T18631]        do_syscall_64+0x15f/0xf80
[ 1556.679884][T18631]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1556.686301][T18631] 
[ 1556.686301][T18631] -> #7 (&nsock->tx_lock){+.+.}-{4:4}:
[ 1556.693948][T18631]        __mutex_lock+0x1a3/0x1550
[ 1556.699063][T18631]        nbd_queue_rq+0x37b/0x1100
[ 1556.704169][T18631]        blk_mq_dispatch_rq_list+0xa70/0x1910
[ 1556.710292][T18631]        __blk_mq_sched_dispatch_requests+0xdcc/0x1600
[ 1556.717196][T18631]        blk_mq_sched_dispatch_requests+0xd7/0x190
[ 1556.723689][T18631]        blk_mq_run_hw_queue+0x348/0x4f0
[ 1556.729310][T18631]        blk_mq_dispatch_list+0xd16/0xe10
[ 1556.735019][T18631]        blk_mq_flush_plug_list+0x48d/0x570
[ 1556.740907][T18631]        __blk_flush_plug+0x3ed/0x4d0
[ 1556.746339][T18631]        __submit_bio+0x28d/0x580
[ 1556.751427][T18631]        submit_bio_noacct_nocheck+0x2f4/0xa40
[ 1556.757582][T18631]        block_read_full_folio+0x599/0x830
[ 1556.763409][T18631]        filemap_read_folio+0x137/0x3b0
[ 1556.768948][T18631]        do_read_cache_folio+0x358/0x590
[ 1556.774572][T18631]        read_part_sector+0xb6/0x2b0
[ 1556.779844][T18631]        adfspart_check_ICS+0xb1/0x960
[ 1556.785304][T18631]        bdev_disk_changed+0x817/0x1770
[ 1556.790838][T18631]        blkdev_get_whole+0x380/0x510
[ 1556.796298][T18631]        bdev_open+0x31e/0xd30
[ 1556.801045][T18631]        blkdev_open+0x470/0x610
[ 1556.805973][T18631]        do_dentry_open+0x785/0x14e0
[ 1556.811266][T18631]        vfs_open+0x3b/0x340
[ 1556.815855][T18631]        path_openat+0x2e08/0x3860
[ 1556.820964][T18631]        do_file_open+0x23e/0x4a0
[ 1556.825979][T18631]        do_sys_openat2+0x113/0x200
[ 1556.831164][T18631]        __x64_sys_openat+0x138/0x170
[ 1556.836605][T18631]        do_syscall_64+0x15f/0xf80
[ 1556.841707][T18631]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1556.848284][T18631] 
[ 1556.848284][T18631] -> #6 (&cmd->lock){+.+.}-{4:4}:
[ 1556.855482][T18631]        __mutex_lock+0x1a3/0x1550
[ 1556.860573][T18631]        nbd_queue_rq+0xc6/0x1100
[ 1556.865577][T18631]        blk_mq_dispatch_rq_list+0xa70/0x1910
[ 1556.871633][T18631]        __blk_mq_sched_dispatch_requests+0xdcc/0x1600
[ 1556.878558][T18631]        blk_mq_sched_dispatch_requests+0xd7/0x190
[ 1556.885053][T18631]        blk_mq_run_hw_queue+0x348/0x4f0
[ 1556.890678][T18631]        blk_mq_dispatch_list+0xd16/0xe10
[ 1556.896392][T18631]        blk_mq_flush_plug_list+0x48d/0x570
[ 1556.902274][T18631]        __blk_flush_plug+0x3ed/0x4d0
[ 1556.907633][T18631]        __submit_bio+0x28d/0x580
[ 1556.912637][T18631]        submit_bio_noacct_nocheck+0x2f4/0xa40
[ 1556.918777][T18631]        block_read_full_folio+0x599/0x830
[ 1556.924566][T18631]        filemap_read_folio+0x137/0x3b0
[ 1556.930107][T18631]        do_read_cache_folio+0x358/0x590
[ 1556.936008][T18631]        read_part_sector+0xb6/0x2b0
[ 1556.941290][T18631]        adfspart_check_ICS+0xb1/0x960
[ 1556.946836][T18631]        bdev_disk_changed+0x817/0x1770
[ 1556.952377][T18631]        blkdev_get_whole+0x380/0x510
[ 1556.957741][T18631]        bdev_open+0x31e/0xd30
[ 1556.962496][T18631]        blkdev_open+0x470/0x610
[ 1556.967422][T18631]        do_dentry_open+0x785/0x14e0
[ 1556.972693][T18631]        vfs_open+0x3b/0x340
[ 1556.977266][T18631]        path_openat+0x2e08/0x3860
[ 1556.982368][T18631]        do_file_open+0x23e/0x4a0
[ 1556.987381][T18631]        do_sys_openat2+0x113/0x200
[ 1556.992562][T18631]        __x64_sys_openat+0x138/0x170
[ 1556.997916][T18631]        do_syscall_64+0x15f/0xf80
[ 1557.003022][T18631]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1557.009421][T18631] 
[ 1557.009421][T18631] -> #5 (set->srcu){.+.+}-{0:0}:
[ 1557.016527][T18631]        __synchronize_srcu+0xca/0x300
[ 1557.021974][T18631]        elevator_switch+0x1e8/0x7a0
[ 1557.027246][T18631]        elevator_change+0x2cc/0x450
[ 1557.032516][T18631]        elevator_set_default+0x36c/0x430
[ 1557.038217][T18631]        blk_register_queue+0x3e9/0x4e0
[ 1557.043743][T18631]        __add_disk+0x677/0xd50
[ 1557.048576][T18631]        add_disk_fwnode+0xfb/0x480
[ 1557.053756][T18631]        nbd_dev_add+0x72c/0xb50
[ 1557.058677][T18631]        nbd_init+0x168/0x1f0
[ 1557.063435][T18631]        do_one_initcall+0x250/0x870
[ 1557.068706][T18631]        do_initcall_level+0x104/0x190
[ 1557.074262][T18631]        do_initcalls+0x59/0xa0
[ 1557.079101][T18631]        kernel_init_freeable+0x2a6/0x3e0
[ 1557.084810][T18631]        kernel_init+0x1d/0x1d0
[ 1557.089656][T18631]        ret_from_fork+0x514/0xb70
[ 1557.094751][T18631]        ret_from_fork_asm+0x1a/0x30
[ 1557.100020][T18631] 
[ 1557.100020][T18631] -> #4 (&q->elevator_lock){+.+.}-{4:4}:
[ 1557.107907][T18631]        __mutex_lock+0x1a3/0x1550
[ 1557.113004][T18631]        elevator_change+0x1b3/0x450
[ 1557.118285][T18631]        elevator_set_none+0xb5/0x140
[ 1557.123642][T18631]        blk_mq_update_nr_hw_queues+0x5e7/0x1a60
[ 1557.130210][T18631]        nbd_start_device+0x17f/0xb10
[ 1557.135567][T18631]        nbd_genl_connect+0x165b/0x1cf0
[ 1557.141096][T18631]        genl_family_rcv_msg_doit+0x22a/0x330
[ 1557.147151][T18631]        genl_rcv_msg+0x61c/0x7a0
[ 1557.152157][T18631]        netlink_rcv_skb+0x232/0x4b0
[ 1557.157422][T18631]        genl_rcv+0x28/0x40
[ 1557.161916][T18631]        netlink_unicast+0x75c/0x8e0
[ 1557.167189][T18631]        netlink_sendmsg+0x813/0xb40
[ 1557.172455][T18631]        ____sys_sendmsg+0x972/0x9f0
[ 1557.177724][T18631]        ___sys_sendmsg+0x2a5/0x360
[ 1557.182916][T18631]        __x64_sys_sendmsg+0x1bd/0x2a0
[ 1557.188372][T18631]        do_syscall_64+0x15f/0xf80
[ 1557.193480][T18631]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1557.199977][T18631] 
[ 1557.199977][T18631] -> #3 (&q->q_usage_counter(io)#50){++++}-{0:0}:
[ 1557.208569][T18631]        blk_alloc_queue+0x546/0x680
[ 1557.213843][T18631]        __blk_mq_alloc_disk+0x197/0x390
[ 1557.219457][T18631]        nbd_dev_add+0x499/0xb50
[ 1557.224374][T18631]        nbd_init+0x168/0x1f0
[ 1557.229033][T18631]        do_one_initcall+0x250/0x870
[ 1557.234305][T18631]        do_initcall_level+0x104/0x190
[ 1557.239745][T18631]        do_initcalls+0x59/0xa0
[ 1557.244581][T18631]        kernel_init_freeable+0x2a6/0x3e0
[ 1557.250280][T18631]        kernel_init+0x1d/0x1d0
[ 1557.255111][T18631]        ret_from_fork+0x514/0xb70
[ 1557.260206][T18631]        ret_from_fork_asm+0x1a/0x30
[ 1557.265479][T18631] 
[ 1557.265479][T18631] -> #2 (fs_reclaim){+.+.}-{0:0}:
[ 1557.272670][T18631]        fs_reclaim_acquire+0x71/0x100
[ 1557.278116][T18631]        kmem_cache_alloc_lru_noprof+0x45/0x640
[ 1557.284342][T18631]        alloc_inode+0xb8/0x1b0
[ 1557.289176][T18631]        iget_locked+0x131/0x6a0
[ 1557.294096][T18631]        kernfs_get_inode+0x4f/0x780
[ 1557.299402][T18631]        kernfs_get_tree+0x5cd/0x980
[ 1557.304670][T18631]        sysfs_get_tree+0x46/0x110
[ 1557.309764][T18631]        vfs_get_tree+0x92/0x2a0
[ 1557.314692][T18631]        do_new_mount+0x341/0xd30
[ 1557.319791][T18631]        __se_sys_mount+0x31d/0x420
[ 1557.324983][T18631]        do_syscall_64+0x15f/0xf80
[ 1557.330098][T18631]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1557.336508][T18631] 
[ 1557.336508][T18631] -> #1 (&root->kernfs_rwsem){++++}-{4:4}:
[ 1557.344558][T18631]        down_write+0x96/0x200
[ 1557.349313][T18631]        kernfs_remove_by_name_ns+0x4e/0x140
[ 1557.355284][T18631]        device_links_driver_bound+0x54f/0x14e0
[ 1557.361510][T18631]        driver_bound+0xd8/0x2e0
[ 1557.366494][T18631]        really_probe+0x789/0xaf0
[ 1557.371501][T18631]        __driver_probe_device+0x1ef/0x380
[ 1557.377288][T18631]        driver_probe_device+0x4f/0x240
[ 1557.382854][T18631]        __device_attach_driver+0x279/0x430
[ 1557.388737][T18631]        bus_for_each_drv+0x258/0x2f0
[ 1557.394096][T18631]        __device_attach+0x2c5/0x450
[ 1557.399364][T18631]        device_initial_probe+0xa1/0xd0
[ 1557.404892][T18631]        bus_probe_device+0x12a/0x220
[ 1557.410253][T18631]        device_add+0x7e9/0xbb0
[ 1557.415120][T18631]        faux_device_create_with_groups+0x189/0x290
[ 1557.421762][T18631]        regulator_dummy_init+0x19/0x40
[ 1557.427334][T18631]        regulator_init+0xca/0x110
[ 1557.432436][T18631]        do_one_initcall+0x250/0x870
[ 1557.437730][T18631]        do_initcall_level+0x104/0x190
[ 1557.443188][T18631]        do_initcalls+0x59/0xa0
[ 1557.448034][T18631]        kernel_init_freeable+0x2a6/0x3e0
[ 1557.453743][T18631]        kernel_init+0x1d/0x1d0
[ 1557.458581][T18631]        ret_from_fork+0x514/0xb70
[ 1557.463678][T18631]        ret_from_fork_asm+0x1a/0x30
[ 1557.468944][T18631] 
[ 1557.468944][T18631] -> #0 (&root->kernfs_supers_rwsem){++++}-{4:4}:
[ 1557.477525][T18631]        __lock_acquire+0x15a5/0x2cf0
[ 1557.482879][T18631]        lock_acquire+0x106/0x350
[ 1557.487882][T18631]        down_read+0x47/0x2e0
[ 1557.492538][T18631]        kernfs_remove+0x35/0x80
[ 1557.497458][T18631]        __kobject_del+0xe1/0x330
[ 1557.502462][T18631]        kobject_del+0x45/0x60
[ 1557.507209][T18631]        cleanup_glue_dir+0x1a3/0x220
[ 1557.512659][T18631]        device_del+0x780/0x8f0
[ 1557.517516][T18631]        device_destroy+0xb2/0x1a0
[ 1557.522646][T18631]        macvtap_device_event+0x226/0x400
[ 1557.528449][T18631]        notifier_call_chain+0x1ad/0x3d0
[ 1557.534072][T18631]        unregister_netdevice_many_notify+0x17a5/0x22c0
[ 1557.540997][T18631]        rtnl_newlink_create+0x84b/0xb70
[ 1557.546613][T18631]        rtnl_newlink+0x166a/0x1bb0
[ 1557.551795][T18631]        rtnetlink_rcv_msg+0x7d5/0xbe0
[ 1557.557247][T18631]        netlink_rcv_skb+0x232/0x4b0
[ 1557.562528][T18631]        netlink_unicast+0x75c/0x8e0
[ 1557.567809][T18631]        netlink_sendmsg+0x813/0xb40
[ 1557.573084][T18631]        ____sys_sendmsg+0x972/0x9f0
[ 1557.578363][T18631]        ___sys_sendmsg+0x2a5/0x360
[ 1557.583991][T18631]        __x64_sys_sendmsg+0x1bd/0x2a0
[ 1557.589433][T18631]        do_syscall_64+0x15f/0xf80
[ 1557.594539][T18631]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1557.601024][T18631] 
[ 1557.601024][T18631] other info that might help us debug this:
[ 1557.601024][T18631] 
[ 1557.611234][T18631] Chain exists of:
[ 1557.611234][T18631]   &root->kernfs_supers_rwsem --> cpuhp_state-up --> gdp_mutex
[ 1557.611234][T18631] 
[ 1557.624600][T18631]  Possible unsafe locking scenario:
[ 1557.624600][T18631] 
[ 1557.632118][T18631]        CPU0                    CPU1
[ 1557.637604][T18631]        ----                    ----
[ 1557.642960][T18631]   lock(gdp_mutex);
[ 1557.646848][T18631]                                lock(cpuhp_state-up);
[ 1557.653688][T18631]                                lock(gdp_mutex);
[ 1557.660093][T18631]   rlock(&root->kernfs_supers_rwsem);
[ 1557.665633][T18631] 
[ 1557.665633][T18631]  *** DEADLOCK ***
[ 1557.665633][T18631] 
[ 1557.673855][T18631] 3 locks held by syz.3.14406/18631:
[ 1557.679129][T18631]  #0: ffffffff90315d10 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250
[ 1557.688691][T18631]  #1: ffffffff8fdd1280 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x883/0x1bb0
[ 1557.697739][T18631]  #2: ffffffff8f38de80 (gdp_mutex){+.+.}-{4:4}, at: cleanup_glue_dir+0xc3/0x220
[ 1557.706863][T18631] 
[ 1557.706863][T18631] stack backtrace:
[ 1557.712735][T18631] CPU: 0 UID: 0 PID: 18631 Comm: syz.3.14406 Not tainted syzkaller #0 PREEMPT(full) 
[ 1557.712757][T18631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1557.712765][T18631] Call Trace:
[ 1557.712772][T18631]  <TASK>
[ 1557.712780][T18631]  dump_stack_lvl+0xe8/0x150
[ 1557.712797][T18631]  print_circular_bug+0x2e1/0x300
[ 1557.712815][T18631]  check_noncircular+0x12e/0x150
[ 1557.712832][T18631]  __lock_acquire+0x15a5/0x2cf0
[ 1557.712850][T18631]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1557.712868][T18631]  ? __pfx___schedule+0x10/0x10
[ 1557.712884][T18631]  ? kernfs_remove+0x35/0x80
[ 1557.712898][T18631]  lock_acquire+0x106/0x350
[ 1557.712910][T18631]  ? kernfs_remove+0x35/0x80
[ 1557.712929][T18631]  down_read+0x47/0x2e0
[ 1557.712941][T18631]  ? kernfs_remove+0x35/0x80
[ 1557.712956][T18631]  kernfs_remove+0x35/0x80
[ 1557.712971][T18631]  __kobject_del+0xe1/0x330
[ 1557.712985][T18631]  kobject_del+0x45/0x60
[ 1557.712996][T18631]  cleanup_glue_dir+0x1a3/0x220
[ 1557.713017][T18631]  device_del+0x780/0x8f0
[ 1557.713033][T18631]  ? __pfx_device_del+0x10/0x10
[ 1557.713049][T18631]  device_destroy+0xb2/0x1a0
[ 1557.713062][T18631]  ? __pfx_device_destroy+0x10/0x10
[ 1557.713077][T18631]  ? kernfs_remove_by_name_ns+0x101/0x140
[ 1557.713094][T18631]  macvtap_device_event+0x226/0x400
[ 1557.713113][T18631]  ? __pfx_macvtap_device_event+0x10/0x10
[ 1557.713129][T18631]  ? igmp_netdev_event+0x7c/0x750
[ 1557.713147][T18631]  notifier_call_chain+0x1ad/0x3d0
[ 1557.713165][T18631]  unregister_netdevice_many_notify+0x17a5/0x22c0
[ 1557.713183][T18631]  ? unregister_netdevice_queue+0x19b/0x360
[ 1557.713196][T18631]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[ 1557.713212][T18631]  ? netdev_upper_dev_unlink+0x99/0xe0
[ 1557.713228][T18631]  ? __pfx_netdev_upper_dev_unlink+0x10/0x10
[ 1557.713244][T18631]  ? macvlan_dellink+0x3e2/0x470
[ 1557.713260][T18631]  rtnl_newlink_create+0x84b/0xb70
[ 1557.713271][T18631]  ? __pfx___nla_validate_parse+0x10/0x10
[ 1557.713292][T18631]  ? __pfx_rtnl_newlink_create+0x10/0x10
[ 1557.713304][T18631]  ? __pfx___mutex_lock+0x10/0x10
[ 1557.713318][T18631]  ? ns_capable+0x89/0xe0
[ 1557.713330][T18631]  rtnl_newlink+0x166a/0x1bb0
[ 1557.713351][T18631]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1557.713365][T18631]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1557.713390][T18631]  ? kasan_quarantine_put+0xbb/0x1f0
[ 1557.713405][T18631]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1557.713422][T18631]  ? nlmon_xmit+0xb0/0x100
[ 1557.713436][T18631]  ? kmem_cache_free+0x182/0x650
[ 1557.713456][T18631]  ? __lock_acquire+0x6b5/0x2cf0
[ 1557.713469][T18631]  ? __dev_queue_xmit+0x2b6/0x3950
[ 1557.713482][T18631]  ? __local_bh_enable_ip+0xd0/0x130
[ 1557.713494][T18631]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1557.713509][T18631]  ? __dev_queue_xmit+0x2b6/0x3950
[ 1557.713521][T18631]  ? __local_bh_enable_ip+0xd0/0x130
[ 1557.713531][T18631]  ? __dev_queue_xmit+0x2b6/0x3950
[ 1557.713545][T18631]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[ 1557.713565][T18631]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1557.713580][T18631]  rtnetlink_rcv_msg+0x7d5/0xbe0
[ 1557.713596][T18631]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[ 1557.713611][T18631]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1557.713625][T18631]  ? ref_tracker_free+0x693/0x840
[ 1557.713641][T18631]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1557.713659][T18631]  netlink_rcv_skb+0x232/0x4b0
[ 1557.713671][T18631]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1557.713686][T18631]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1557.713702][T18631]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1557.713712][T18631]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1557.713725][T18631]  netlink_unicast+0x75c/0x8e0
[ 1557.713744][T18631]  netlink_sendmsg+0x813/0xb40
[ 1557.713759][T18631]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1557.713771][T18631]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1557.713787][T18631]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1557.713804][T18631]  ____sys_sendmsg+0x972/0x9f0
[ 1557.713816][T18631]  ? __might_fault+0xaf/0x130
[ 1557.713832][T18631]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1557.713846][T18631]  ? import_iovec+0x73/0xa0
[ 1557.713863][T18631]  ___sys_sendmsg+0x2a5/0x360
[ 1557.713874][T18631]  ? __lock_acquire+0x6b5/0x2cf0
[ 1557.713887][T18631]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1557.713900][T18631]  ? futex_wake+0x4ac/0x580
[ 1557.713956][T18631]  ? __fget_files+0x2a/0x420
[ 1557.713970][T18631]  ? __fget_files+0x3a0/0x420
[ 1557.713986][T18631]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1557.713999][T18631]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1557.714018][T18631]  ? rcu_is_watching+0x15/0xb0
[ 1557.714035][T18631]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1557.714047][T18631]  do_syscall_64+0x15f/0xf80
[ 1557.714063][T18631]  ? trace_irq_disable+0x3b/0x140
[ 1557.714079][T18631]  ? clear_bhb_loop+0x40/0x90
[ 1557.714092][T18631]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1557.714104][T18631] RIP: 0033:0x7f48c839ce59
[ 1557.714117][T18631] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1557.714128][T18631] RSP: 002b:00007f48c932e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1557.714140][T18631] RAX: ffffffffffffffda RBX: 00007f48c8615fa0 RCX: 00007f48c839ce59
[ 1557.714149][T18631] RDX: 0000000008000002 RSI: 0000200000000000 RDI: 0000000000000009
[ 1557.714157][T18631] RBP: 00007f48c8432d6f R08: 0000000000000000 R09: 0000000000000000
[ 1557.714165][T18631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1557.714172][T18631] R13: 00007f48c8616038 R14: 00007f48c8615fa0 R15: 00007ffddedd3908
[ 1557.714187][T18631]  </TASK>
[ 1558.278361][T18633] syz_tun: entered promiscuous mode
[ 1558.283796][T18633] macvtap1: entered promiscuous mode
[ 1558.297031][T18633] syz_tun: left promiscuous mode
[ 1563.737086][ T4959] block nbd1: Possible stuck request ffff888043057000: control (read@0,1024B). Runtime 30 seconds
[ 1563.747822][ T4959] block nbd1: Possible stuck request ffff8880430571c0: control (read@1024,1024B). Runtime 30 seconds
[ 1563.758912][ T4959] block nbd1: Possible stuck request ffff888043057380: control (read@2048,1024B). Runtime 30 seconds
[ 1563.770032][ T4959] block nbd1: Possible stuck request ffff888043057540: control (read@3072,1024B). Runtime 30 seconds