last executing test programs:

6.325594143s ago: executing program 4 (id=3001):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r2, 0x1, 0x15, &(0x7f0000000000)=0x7b, 0x4)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r4 = socket(0x1e, 0x1, 0x0)
sendmmsg$sock(r4, &(0x7f0000000100)=[{{&(0x7f0000000180)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1000000}}], 0x2, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x5)
r6 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r6, &(0x7f0000000040)={0xa, 0xe22, 0x33, @mcast2, 0x2}, 0x1c)
writev(r5, &(0x7f0000001200)=[{&(0x7f0000000080)="580000001400add427323b472545b45602117fffffff81004e230e227f000001925aa80020007b00090080007f000001e809000000ff0000f03ac710aa7d0000ffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1)
getsockopt$inet_tcp_buf(r3, 0x6, 0x23, &(0x7f0000000040)=""/32, &(0x7f0000000080)=0x20)
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="180000001214010028bd7000fcdbdf250800568645610000"], 0x18}}, 0x20000000)
r7 = openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000040)=ANY=[@ANYBLOB='-4'], 0xc)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async)
socket$nl_rdma(0x10, 0x3, 0x14) (async)
socket$inet_udp(0x2, 0x2, 0x0) (async)
setsockopt$sock_int(r2, 0x1, 0x15, &(0x7f0000000000)=0x7b, 0x4) (async)
socket$inet_tcp(0x2, 0x1, 0x0) (async)
connect$inet6(0xffffffffffffffff, 0x0, 0x0) (async)
socket(0x1e, 0x1, 0x0) (async)
sendmmsg$sock(r4, &(0x7f0000000100)=[{{&(0x7f0000000180)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1000000}}], 0x2, 0x0) (async)
socket$netlink(0x10, 0x3, 0x5) (async)
socket$inet6(0xa, 0x2, 0x0) (async)
bind$inet6(r6, &(0x7f0000000040)={0xa, 0xe22, 0x33, @mcast2, 0x2}, 0x1c) (async)
writev(r5, &(0x7f0000001200)=[{&(0x7f0000000080)="580000001400add427323b472545b45602117fffffff81004e230e227f000001925aa80020007b00090080007f000001e809000000ff0000f03ac710aa7d0000ffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1) (async)
getsockopt$inet_tcp_buf(r3, 0x6, 0x23, &(0x7f0000000040)=""/32, &(0x7f0000000080)=0x20) (async)
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="180000001214010028bd7000fcdbdf250800568645610000"], 0x18}}, 0x20000000) (async)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0) (async)
write$cgroup_subtree(r7, &(0x7f0000000040)=ANY=[@ANYBLOB='-4'], 0xc) (async)

5.999345215s ago: executing program 4 (id=3004):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r0, 0x6, 0xa, &(0x7f0000000000)=0x200, 0x4)
r1 = socket$inet6(0xa, 0x80003, 0x6)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000000100)=0x11, 0x4)
bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6)
recvmmsg(r2, &(0x7f0000000880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=""/54, 0x36}, 0x4fb}], 0x1, 0x12020, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000096c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newtaction={0x6c, 0x30, 0x1, 0x0, 0x0, {}, [{0x58, 0x1, [@m_vlan={0x54, 0x1, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x1000}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0x0, 0x0, 0x5}, 0x2}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0)
bind$bt_l2cap(0xffffffffffffffff, &(0x7f00000002c0)={0x1f, 0x0, @any, 0xfffa}, 0xe)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000200)='ns/pid_for_children\x00')
unshare(0x6a040000)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f0000000600)=ANY=[])
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_STRSET_GET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000880)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="6e16f5f45c7f9ab0df25010000000400028004000300"], 0x1c}, 0x1, 0x0, 0x0, 0x40008d0}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="50000000090601020000000000000000020000840900020073797a31000000000500010007000000280007800c00018008000140fffffff70500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x90)
sendmsg$IPSET_CMD_LIST(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)={0x1c, 0x7, 0x6, 0x101, 0x0, 0x0, {0x2, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x2000c094)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_route(0x10, 0x3, 0x0)

3.525715603s ago: executing program 4 (id=3025):
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000008000400deef000008001b0000000000"], 0x30}}, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmsg(r2, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0xd68210}], 0x1, 0x0, 0x1f00000000000000, 0x200000}, 0x1f00)
sendmsg$tipc(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0x1}], 0x1}, 0x8000)
recvmsg(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000400)=""/248, 0xf8}], 0x1}, 0x1f60)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0200087a31d66e3db9220056bc6302208d42363716172761c59c095d244ec36eb4a9c1d0c25f9dc473a02b270a2a503923821e7a79d714981f4e7a5377aacf3f641b47118e5ac1f24cbdc30b112549ef46242c7cf165bc0f1fad5db3206b3775ae8a30983e8c135fd5779feccf3a82b525d5de729c9478"], 0x17)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000012c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r6, 0x8923, &(0x7f00000000c0)={'bond_slave_0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
sendmsg$inet(r4, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000013c0)="d080", 0xfdef}], 0x1, 0x0, 0x0, 0x800300}, 0x20000801)
r7 = accept4(r5, &(0x7f0000000200)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000000340)=0x80, 0x800)
setsockopt$RXRPC_SECURITY_KEY(r7, 0x110, 0x1, &(0x7f00000002c0)='\x00', 0x1)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f1ea3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b2213fdc2881e1a6ec9d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232f0485a2ca9f37fc9c3d2688efcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdcdeb2af1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f925f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5c49209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378ad8f6afb0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3826ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3577], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='memory.events\x00', 0x7a05, 0x1700)
pwritev(r10, &(0x7f00000004c0)=[{&(0x7f0000000200)="db", 0x1}], 0x1, 0x8040000, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000004, 0x12, r9, 0x100000000)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f000000b440)=[{{&(0x7f0000000300)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000001740)=[{&(0x7f00000006c0)='\f', 0x1}], 0x1}}], 0x1, 0x4000800)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xc, &(0x7f0000000100)=@assoc_value={<r11=>0x0}, &(0x7f0000000000)=0x8)
setsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f00000000c0)=@assoc_value={r11, 0xd}, 0x8)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r7, 0x84, 0xa, &(0x7f0000000300)={0x0, 0x3, 0x1, 0x5, 0x82, 0xb, 0x8, 0x4e9, r11}, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000780)=[{{&(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10, 0x0, 0x0, &(0x7f00000008c0)=[@ip_tos_u8={{0x0, 0x0, 0x1, 0x2}}], 0x20}}, {{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000180)="f91aba82d490761af2aee35066c28f94509d3500", 0x14}, {&(0x7f0000000380)="ad0f", 0x2}, {&(0x7f0000000440)="600fe0c45f24a0eeed954483f7e9efc0a09a7cb4a8e5af44947f3940e19102a87f2153aa70b19ed86a93f0abd06f", 0x2e}], 0x3}}, {{0x0, 0x0, &(0x7f00000012c0)=[{0x0}, {&(0x7f0000001080)="8374e5233945507d14d8c2d1a59cac681a14369316a6f556a16b2c0dab4852", 0x1f}, {&(0x7f0000000600)="054e65ebac44c4e6d6d7bb9e6f829f1ef099cb1ff49412", 0x17}, {&(0x7f0000000740)="b3369e", 0x3}, {&(0x7f0000001180)="68e104c744cec1345bd7dd1b812f58dd21fdc41b8f3602dc52811f05c48a470260d0b4d62316e47f2c02ffff", 0x2c}, {&(0x7f00000011c0)="fc7d59a7783d606fae2a1e0af0aa49b9cad13383fe9743203013bbcf1c5af22100f6819f5b1776d858a20484f31ed8f6cd0fa42eccecf6bff7f818425b8385036721b6d4a95b33b1c31c24fc7c23ffedf6c61a794cf14526c277b2d4297b3ea48d00d1b0e226e04c20ade01662a489c2ed51da4cacc53325ffe208617ae6a3ce3e1fe9ee723c9891d528e7177ef796603cc702ea059f20f7b9324f77fae3e4b2ea1ab8baac1ffa51180e30935ca0254df304649119df904df5330c256d71ea75ae2c8b63bb1d", 0xc6}], 0x6}}, {{0x0, 0x0, &(0x7f0000001840)=[{&(0x7f0000001380)="61ff198c", 0x4}], 0xe}}], 0x4, 0x48040)
setsockopt$MRT_ADD_MFC(0xffffffffffffffff, 0x0, 0xcc, 0x0, 0x0)
r12 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r12, 0x89f1, &(0x7f0000000640)={'syztnl1\x00', &(0x7f0000000480)={'ip6tnl0\x00', 0x0, 0x29, 0x82, 0x5, 0xff, 0xb, @dev={0xfe, 0x80, '\x00', 0xa}, @loopback={0xfec0ffff00000000, 0xffff8881114a4aa8}, 0x3c20, 0x1, 0xfffffffc, 0x74ec}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r8}, 0x10)

3.116962041s ago: executing program 3 (id=3027):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000cc0)=ANY=[@ANYBLOB="3c020000190001000000000000000000fc0200000000000000000000000000000000000000000000000000000000000000000003000000000a00002008000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000080ff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001d00000000000000000000000000000000000000000000000000000000000000dd020000000000000000000000000000000000000000000084010500ac14143b000000000000000000000000000004d32b00000000000000ac14140c000000000000000000000000000000000000ff00000000000000000000000000fc020000000000000000000000000000000000003200000000000000ac1414aa000000000000000000000000000000000100000000000000ffffffff0000000000000000000000000000000000000003000000003c00000002000000fc0000000000000000000000000000010000000001030000000000000000000000000000ff020000000000000000000000000001000000003c000000020000002001000000000000000000000000000000000000020000000000000003000000286a8b2700000000000000000000000000000000000000003c0000000200000000000000000000000000000000000000ffffffff0000"], 0x23c}}, 0x0)

2.979255108s ago: executing program 3 (id=3029):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0}) (async, rerun: 32)
r3 = socket$packet(0x11, 0x2, 0x300) (rerun: 32)
bind$packet(r3, &(0x7f0000000d00)={0x11, 0x1a, r2, 0x1, 0x0, 0x6, @multicast}, 0x14) (async, rerun: 64)
writev(r0, &(0x7f00000003c0)=[{&(0x7f0000000380)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fdd411efc40800040000000000000000", 0x39}], 0x1) (rerun: 64)
syz_emit_ethernet(0x36, &(0x7f0000000a40)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @dev, @void, {@ipv6={0x86dd, @generic={0x7, 0x6, '\x00\a\x00', 0x0, 0x2b, 0x0, @private1, @mcast2}}}}, 0x0) (async, rerun: 64)
r4 = socket(0x10, 0x3, 0x0) (rerun: 64)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000180)={0x4000}, 0x10) (async)
sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001200)=@newtaction={0x48, 0x5a, 0x1, 0xfffffffc, 0x25dfdbfa, {0x2}, [{0x34, 0x3, [@m_mpls={0x30, 0x8, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x2}}}}]}]}, 0x48}}, 0x8080) (async, rerun: 64)
bind$unix(r4, &(0x7f00000005c0)=@file={0x0, './file0\x00'}, 0x6e) (async, rerun: 64)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r1)
socket$inet_icmp_raw(0x2, 0x3, 0x1) (async, rerun: 32)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) (async, rerun: 32)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000200)='ns/pid_for_children\x00') (async)
unshare(0x6a040000) (async)
r6 = socket(0x8, 0x3, 0x3)
ioctl$sock_netrom_SIOCADDRT(r6, 0x6180, 0x0) (async, rerun: 64)
r7 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 64)
getpeername$inet6(r6, 0x0, 0x0) (async, rerun: 64)
sendmsg$NL80211_CMD_NEW_STATION(r4, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="04002dbd7000fddbdf25130000000c009900990000004900000005001900000000000500c200070000004c00be005c98949f766f79f3563a63b84530578acaa7fe06c4bfae2c839d1a837dff2793dc5843dac715eb11f5b3574df17f12f0e2e13e38471a753edb218ba20dde6660e4a381e181720e6177f6f48c7d0cd04ea229bd05caeacd418e5a7951b56596c248839527a225ac0d1e166a77"], 0x7c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000000) (async, rerun: 64)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[], 0x30}, 0x1, 0x0, 0x0, 0x10}, 0x2000c891) (async)
sendmsg$nl_route_sched(r7, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000440)=@delqdisc={0x15c, 0x25, 0x2, 0x70bd2d, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {0x5, 0xf}, {0x3, 0x4}, {0x0, 0x5}}, [@qdisc_kind_options=@q_pfifo={{0xa}, {0x8, 0x2, 0xd1}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x6}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x80000001}, @TCA_RATE={0x6, 0x5, {0x5, 0xdf}}, @TCA_STAB={0x104, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xa0, 0x7, 0x3, 0x4, 0x2, 0x956, 0x5, 0x4}}, {0xc, 0x2, [0x0, 0x4081, 0x1000, 0x9]}}, {{0x1c, 0x1, {0x7f, 0xb3, 0x0, 0x7, 0x0, 0x4, 0x6, 0x7}}, {0x12, 0x2, [0x4, 0x400, 0xf8, 0x6, 0x9, 0xfff9, 0x763b]}}, {{0x1c, 0x1, {0x6, 0x7, 0x8, 0x0, 0x0, 0x38f, 0x101, 0x1}}, {0x6, 0x2, [0x6]}}, {{0x1c, 0x1, {0x1, 0x1, 0x6, 0x3, 0x0, 0x5, 0x2, 0x6}}, {0x10, 0x2, [0x9, 0xfffd, 0x44, 0x7, 0x3, 0x9ccc]}}, {{0x1c, 0x1, {0xfe, 0x5, 0x101, 0x10, 0x2, 0x7, 0x2, 0x3}}, {0xa, 0x2, [0x6, 0x9, 0x6]}}, {{0x1c, 0x1, {0x5, 0x8, 0x5, 0x6, 0x1, 0x60, 0x6, 0xf}}, {0x14, 0x2, [0x2, 0x0, 0x1, 0x5, 0x3, 0xf, 0x3, 0x8]}}]}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x7f}]}, 0x15c}, 0x1, 0x0, 0x0, 0x20008845}, 0x8004)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000400)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000200000000000006040000000000f93132", 0x39}], 0x1)

2.780243078s ago: executing program 3 (id=3031):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2000004, 0x3b071, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/ipc\x00')
unshare(0x6a040000)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r1, &(0x7f00000001c0)=[{&(0x7f0000000000)="580000001400192340834b80040d8c560a067fbc45ff620500000000070058000b480400945f640094272d7061d328b92d0000000000008000f0fffeffe809000000ffd9dd00000010000100050808004149004006040800", 0x58}], 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x18, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8f, 0x0, 0x0, 0x0, 0x41da}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xfffc}, {0x85, 0x0, 0x0, 0x86}}, {{0x5, 0x0, 0x5, 0x9, 0x0, 0x1, 0x80000000}}, [@printk={@u, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8}}, @jmp={0x5, 0x0, 0x2, 0x0, 0x0, 0x6, 0xfffffffffffffff0}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0xa, 0xffe, &(0x7f0000000cc0)=""/4094, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffb}, 0x94)

2.51068083s ago: executing program 4 (id=3035):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000020900010073797a30000000002c000000030a010200000000030000000100ffff0900010073797a30000000000b00030073797a3100000000d4040000060a010400000000000000000100000008000b4000000000ac0404802c000180080001006c6f6700200002800900024073797a300000000008000340000000060800034000000002380401800c000100626974776973650028040280080003400000000808000240000000140800064000000002080006400000000064020580bb0001001d92704a203d5ecc985c4e4280e5378a36a2856959ffa601c237cc270251cf18420d11613ec98e629c7d84c655efcb2b5ecd71666675bf512cadfe09e4d05a4f60f60e007ca1cf70a5185f973cec0f1ab052acf1acf6a2df83dd88facc62c6e94a1b6368d6bda68abcaed2ee48c3d589bf2a814b728efb93401dfa1d1063200c10e56294dba0e7b780ce0f6090bd0de9f5e000c98c4b97cd985c91284c2bca23e4757407bb41fd8de797502a72e122032d4ef3160f9f7b00fd000100854e3cb6d05d310db3d528811da7f7450ebb2d62cddc6981343570b9f4ab17d75de9411dea482f508c0dce42c25c4778ebc56bb303f9f51c489eedffcb1490560ab26ab7507ec029cca3ddfe7c4f4f6d91db07cbc008636bc7bea7f96954d31da9d8a9ca043df7b409ca2864d56fc6b2a70fcc2f1a3579737bf47542dae337d5203869caff9ab95a317c25521ebf848fad8ceb87f4655ace0701dbe961e9dcaeffa37bfa2e9d127d61b8d6edc1437b46f54c061e1c9d68120ac8300e91d19c708aa9589c37de59a9f8df5546855e934599a2f31b6cb847347fc02231fec395b906e60300340d60ebe7a3f23e1aa6eec9e0150a9d16b3c25e590000002400028008000340fffffff8080003400000000908000340684dbc5808000180ffffffff6200010091de8d9ca3503f5a0a8259007bc5088ccfe97cfebb5ebb90e05d4e8a63fcbee6f14ab7eff7469cf243a6ef6e528b811dfd72af1e7e08de8fbdd4849367ea82016412fab2ccc0fb94fa63fac7fd0c6ea48c0e9ac7d1a30ecf3e70e44ed5ff00001c0002800800034080000000080003400000000308000180fffffffc080001400000000d600004804000028008000180fffffffb0d00020073797a3000000000080001802b30a3bc08000180000000000900020073797a31000000002900020073797a31000000001c0002800900020073797a31000000000900020073797a3200000000080002400000000a30010480380002800900020073797a3200000000080003400000000908000180fffffffc0800018000000007080003408000000108000340000000050b0001000bca99f460f4b0002800028008000180fffffffb0900020073797a3000000000080003400000000308000340000001ff04000100bc000100e27404a10a99dbcc4575917adc29373e2cc46e5e8f99d7a36b7c42c92713cce62084d863a11eb9c2e19fde212924e527db981a9be0c2c15f6a04a67e9e20f86e4bebd07665e2d01da200712427a5525403c1c75468f31b91a60def25f7757c9921d08b9a5b0bc6f8953efbd0416091bf2b30d9a37e789198313dd07b7b70cebff25c562434b67e9a6b70708dd84c86135ab9b0ffda2c4b2fb4a139220c101f4c0a3d58eb124346005c82dea6f0f36444b28300758475eb3d34000180090001006d65746100000000240002800800024000000002080003400000000d08000340000000090800034000000001100001800a0001006c696d69740000000900010073797a30"], 0x548}}, 0x0)

2.398025118s ago: executing program 4 (id=3037):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x4, 0xdd, 0xa}, 0x50)
close(0x3)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r1, &(0x7f0000000140), &(0x7f0000000000)=""/6, 0x2}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r2}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f00000004c0)=ANY=[@ANYBLOB="7a0a00ff00000000711043000000000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x44}, 0x94)

2.299353354s ago: executing program 1 (id=3039):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000000180)=0x1, 0x4)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r2, 0x400448ca, 0x0)
bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6)
write$bt_hci(r2, &(0x7f0000000300)=ANY=[@ANYRESOCT=0x0], 0xa)
bind$bt_hci(r2, &(0x7f00000019c0)={0x1f, 0x3, 0x2}, 0x6)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a050000000000fffffff5070000000900010073797a300000000084000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000000d08000640ffffff00080003400000000838001180090001006c61737400000000280002800c00024000000000000000090800014000000ba308000140000010000800014000003f5e980000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000006c0003806800008008000340000000025c0002800c00028008000340000000024c000280080003400000000408000180fffffffd0800f1d7fffffffd0800034000000003090002007379"], 0x164}, 0x1, 0x0, 0x0, 0x4000819}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x1b, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180200000100000000000000010000008500f100410000000500e500810000009500070000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x69)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'veth1_macvtap\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="480000001c00110c0000", @ANYRES32=r5, @ANYBLOB="800202000a000200577f00"], 0x48}}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="020008000000000001000041d280000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1e, 0x10, &(0x7f00000004c0)=ANY=[@ANYRES64=r2, @ANYRESOCT=r0, @ANYBLOB="0000000000000000b704000000000000850000001c00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_lookup, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001bc0)={r6, 0x0, 0x4000, 0x4000, &(0x7f0000001cc0)="633268f83ca3000000a2029e3815bb2fa117d8326687688b2c969fd7267d546214af00d1ca2524d00f9e4d9555f3ab381b5d44fd6bda8c509e66101d296f10c805252e7c5d48d9814f46db8f07441878734b13270fe47fba418b7358984b9a61c2bbf964a520459fd0d90590b46cf1677d580a26933b6e35aee75996b73a15a25aa8ae2f1f9bc9699a505c0dc4050ab2255fc35f508ccc52f10ac12febf28652fe36f725714868675ca2a7042ab4b26904b2f000589694f69ab0b22a5aec72c5036ce1c8974690045e4ab412a70336b4c65b2dfc8121af4143c2e10a0e5632bcd44e0b000029da424d86f298656822dae2c002e289fbfa6fe0dfb2fd57713a7684dc166c628dc45027ac174c5db54f22e409eb4e94263dbc9919f90f1af3290918b9824c3e0268b300bf69cc2eb3fc58f655439bdbe2b905", &(0x7f0000001c40)=""/76, 0x0, 0x0, 0x47, 0x50, &(0x7f0000001ac0)="9c01bd6f9a6028c80d7364240fd78867d9d62eca43c565f2c5ac65dd4a0fadceb6c65dcb07f2421e69087e0f17b4eb709e4805f2722709c46bef17c4cb9aed9fb1c342179ea349", &(0x7f0000001a40)="408fd0050dc7945b483103067eca9bd26ffbe35abf0f88a103f6893dc2b1d1cdc2195d4ae89abc04ff5fe5d2466892c81015df835a7d47be4f852161bc4015e7564b08584290fe1762f943a653008ac5", 0x1, 0x0, 0x13}, 0x22)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000100)='cubic', 0x6)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="580000000008010200000000000000000200ffff0600024022eb000005000300ffff00000900010073797a3000000000260004"], 0x58}, 0x1, 0x0, 0x0, 0x20000015}, 0x20008000)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r7, &(0x7f0000000200), 0x806000)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r9 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000006c000000160a01020000000000000000010000000900010073797a30000000000900020073797a3000000000400003802c00038004000100766c616e31000000000000000000000014000100776c616e3100000000000000000000000800014000000000080002"], 0xfc}}, 0x0)
write$tun(r8, &(0x7f0000000ac0)=ANY=[@ANYBLOB="00000000bbbbbbbbbbbbaaaaaaaaaa3088a84d008100660086dd6eb3d5f001952fff"], 0x1d7)

2.299100594s ago: executing program 4 (id=3040):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f00000000c0)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
preadv(r1, &(0x7f00000002c0)=[{&(0x7f0000001740)=""/12, 0xc}], 0x1, 0x4, 0x0)

1.723037998s ago: executing program 1 (id=3045):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x38, &(0x7f0000000280)=[@in6={0xa, 0x4e21, 0x0, @private2={0xfc, 0x2, '\x00', 0xff}}, @in6={0xa, 0x4e21, 0xf, @loopback, 0x6}]}, &(0x7f0000000180)=0x10)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x85, &(0x7f00000001c0)={r3, @in={{0x2, 0x4e24, @empty}}}, 0x90)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000340)={r3, @in={{0x2, 0xd53, @multicast1}}, 0x2, 0x3}, 0x90)
pipe(&(0x7f0000000040)={<r4=>0xffffffffffffffff})
ioctl$int_in(r4, 0x5452, &(0x7f0000000300)=0xfffffffffffffff8)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000004800000001"], 0x48)
r6 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="14f6008a000000000700000081020000f6c81b4ed64f1792eca320e97155c450b97c13f4022ec35b2025db9bb51121ba5928fe9083a1edae6ce4b5dce53065e98f80ac3558c5d381406374a41894536a1c83c2d5d056a53078"], 0x14}}, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000163522daa078", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000000000850000001b000000b7000000000000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x18)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000001c0)={r5, &(0x7f00000000c0), &(0x7f0000000140)=""/116}, 0x20)

1.67329906s ago: executing program 0 (id=3046):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32=r3, @ANYBLOB="0c00990000000000000000000800a115ffff0000080026008d03000008009f"], 0x40}, 0x1, 0xd000000, 0x0, 0x20000001}, 0x28040010)

1.423184748s ago: executing program 2 (id=3048):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x16, 0xf, &(0x7f0000000800)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0xcb}}, {{}, {0x95, 0x0, 0x0, 0x1000000}}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000200)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001}, 0x94)

1.422779814s ago: executing program 0 (id=3049):
recvmmsg(0xffffffffffffffff, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000004880)=[{0x0}, {0x0}, {&(0x7f0000004300)=""/214, 0xd6}], 0x3}, 0x4}], 0x1, 0x23, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x3, 0x0, 0x0, 0x1, 0x7}, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=ANY=[@ANYBLOB="f800000016008502000000000000000020010000000000000000000000000002a600000200"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb000000"], 0xf8}}, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
sendmsg$nl_xfrm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=ANY=[], 0x134}}, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r2, 0x84, 0x23, &(0x7f0000000040)="02000000", 0x4)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
socket$nl_netfilter(0x10, 0x3, 0xc)
bind$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x2c, 0x2}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_DELETE(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="4c0000000202810200000a300002802c0001a204000300ff01000000000000000000000000000181000000fe880000000000000000000000000101060007400000"], 0x4c}, 0x1, 0x0, 0x0, 0x804}, 0x80)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'nicvf0\x00', 0x7101})
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000100)='veno', 0x4)
sendto$inet(r1, &(0x7f0000000580)="17", 0x1d4c, 0x10048095, 0x0, 0x0)
r5 = socket(0x10, 0x3, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000240)=ANY=[@ANYRES32=0x0, @ANYRES32=0x0], 0x20)
sendmsg$nl_generic(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000003140)=ANY=[@ANYBLOB="c01800002000010a00000000000000000a0000002c01018028014880ed00a90013466820cd76bb221fbb4acd690c6a8b9c760a61eeec7793b579aefdb936d00f403d3f04637cdb9ac70e28c5dd66ddedde2d0930650e6821f9a26a4a193c1d06a3e75523f901e44fe087ae32c836c6d6ddba3af8e9a2beae8936168f9fa38c395f5cf7408df69c60bf584bee86a6312e9ce866e456c3eda6f2924082d78a2f385bdbd0c9afb54758c102bf13094645fb6aa34d424ec776691fee3d25307f61fed2752babf7c686e8a3d9b59a8343bcf4121bf5cf400a0c1070855fac565cad8968a97ce0a12a1161054d82d0a240b7dedf9ba3cc63e9d1c3b9a8402f7d5b4cafcd48928a3d4a76498900000014007c00ff01000000000000000000000000000108003d00", @ANYRES32=0x0, @ANYBLOB="08001a00", @ANYRES32, @ANYBLOB="06003800d8510000040049800400e0801a165c80f928efeadc95a00c88d81d8d36eb021f05e357ce0cc80496d946a14b733a0b75dc0e0fe7ec451e3304efabb148cf7740d92633549fc799efeffbb500bf6a3db52cb6551af05b9d13a338392b5a8a8a21422903ac79280ba0651419590f6126813018282ea112a8c697e421a55ef2aa", @ANYRES32=0x0, @ANYBLOB="0c0043001700000000000000fd11358084a64c4852ce59bc40427a1582ec7e9547999b7be18d57542e2971a2513a2b81d76f6ad9a7ceda50a48bcd2786f06ffd040009808cb297f99a3664c1952c24e42f729fc43262610d3652cef336adc19ee56c82ca3e707eb78d0148b668305d97f7ec33db8e3e9dc65e7c274e7bc24ed3a1184621df12504c07b14a737fcc8ef9009b890c6caeba9729fbfeca6b12211869a2716ea36f7399a7bd7c0f2377c94cfe62f2bcbff380ee256a7c3ec69110da7f9a6d89254f4ec5b539cbc7303ccdc6a8619996b6263165fa024adff951d4d8d2d6587b80d1c30440b0817f52c341360dc5df31f0b5639a5b96e26938d5bc55ea7bef35a4cf126c9183ac38fb34b319abe5f06082c1e8ce526cdb3066d523d12deb8697d8299c1f5edf46514913c4648f2fd1816a58beffaab5040d72e67ac75075da4c92fb2c60d17ee03c6cc004ceb9ef5abe60fe300faa63e19f5eefa54eaed41a4fa62c6a56be9ee7f691162545a8fd930f45517df0436b69efc7d5ac19e930a92ef86472205f87a61dd95dc35a6f258c8c7958a8175e8cd8dbf01f82cca2359aef93e3eb117014c231d67bc6da5248aeac9543ff47663c01581b945dd8507adb1689ac8244b010e66087ffd4c0b930f8ffc7408402d8ce7db0cfd9830cdd85aab9711919563d56d245801c371f040af5b8169de3c6fea317612f4c2317cc526e8ea8c8c1e953c791b20a1aaf4c62f6c906efa621b14e7d3e285aa55b7ef96e4feb652df2cf36e76132f396cedb9db9cf15eeaea7b13e1027ea5d1f5490e6688884e1f1df2a9853024e581c9ae87c12991f4f89aabc4020df65ac4683de032022e2d805273b2d6a62e841a74be316f2152002b87680d37f6b7faf2b24be1ebc0d7a95fc330a592d044fd05ed37465086402a1335ce622bc8526afbc6aad8bb1bc0b63bf46ff0496a8861f0ee2c990adaf568144fb15eb4492e049f762fe735ddf5d283433a9d2fb9faff70364046ed11752282c816611250cc1e14272470c12fbd96a06bd3b873da306810ed786bcdb8983bcc7acf941b819c4f59b132e6c81639b46b8ba630ae11e4751458aeaa9dc2cee291652e638a28d47ecd5e2df8830bc7267883dd7d77fe2392aa484b6dec167a1bf3e00c927b26832f5f8d67f5d1c0c935624bc6c917001dd4df77aea734fa05d4037db5b19cef7d161c5ad1e95b40dcdd369358fada0a2a04d7a99f0b93386f706aa3213c1c4428b8461062b29683b29e56748a65154e9c33eafd6dac22c2ef4f55c4ca8e4a6c0007b31305254a27425066fec4b41e11c8357bf67ce8e2a0facb1b26e1b19543cd5f075cc81b0873ec57bc7edf9a9fb8ae35d3a3ace676225b40a421e645301f304221763ecab8baa7515839ca7f29e9e646af9a1ff1fe8031b5b36a8f2d6d70ae3f514f1c2972df04bb4924373d39301c8708bdf1376d3be64f3614c183c5b5cf95edaf20d2e59ec124eb11526a7f2d28546b31566e161ff39233762c0e4b505f246454f3e27f8dbbedf1610464944ea873600ed8e95fa00d291fa3b1d9cb257ca29710f473ce1de492602202f23ab8102ec101110145fbafc73f41a830decc8fc46a9f8925e091fec25f87a69fa23f63621533da3e4f97d2ad78c1886b6783e46e2923fbc424bb010e5d586e5fce6f5191c161aac64eec1c3afb12b2c6b2047c9c9db9d6beeb10de8b1d8ed9b857c3c7e7c3b59e374c6a7407ef247c178147b3a0f82f8588b74ddbab03d4c78915750c463f68bc8f40f8e4ba87169bf6377c54d21d5a62cb0dcf466daa235ad887f5d2af2d8dd827047847190afa82fb866744bbfd38952705530e699270b1f13dc0b53fdc2de61de45ab153fd017274bb3b4b4c8b9fa2279dc3a6940e072e9fe87bc86011dcc0c1ab07b97868b0f51ff6208df234a2f5a10f896478a4c5d46ffbafaa810b45bb82368d0085f78e959d1b0f26dd7cff09a40d0d12285b1ccf203ef25f3a1cb5fd753c6aadf2a26c1a21b6355ec2ef8d29ac0f08cd44e94f9a9f6b8558c3e5d7db20ce3a8f147c0309fb3f4b856dec934af6072bc942de440d8cd0ec1944362cb579f75a91393e3ebaf5fc807c0df8367834bb0f08ca7c698991662d8b9e9e55dba84b968d316fce6311e5257ccf69348e06a693595bb94bdaba080fb1c0c88a33557c088a51948bd4f01c5544e9fbf5a8e09ae0dff397ea8522a4349d185f9a2f0b595093b29b88b5e2007e12e6b60ae8aed88bbc198dc7709c5e9181ead6ab91a0b7df795a0e9d349c1096bb29bf2e0643a0afc2f2ac9ffe3e5002a796b025da52dce5d89a8d76499a25bb4588202c18a12107b1fb9759f904ca3363921ed36d1fb3f0af559e771b0a708e26b39f00a87cf2e8489f53a6c0ae606ea8ced1b876895c1c21ece89b1955c4d827ffd4da4b994eb2dcff368ef534b34f6a566efd9480f1b6e308947684dc4960a083d3cf52960be62cf0c0d4ce6d256ff28141c274b7dc8dac819c04d4f1155a8bb4c29a2a00535ca4ea89ce1e218146b73e2103fadcf2c2de446e6c128cbe749c5f7aaf392e764a9397e06e443cb3e44d08af9a2ce55b0ef8cf1803f2167a67d59547d522d65934fba7875301db570cc4424f629a39a7bd36333029bdb818a3739f454966af6ffe4d237d6965cc81f335d8a787450abbe7c8ddfd2f8b749594cea4df455cdfb5eb5f7b0b4f67875adafb11b61639fd0be25bbf0d19cea430058fff31b0fb0ae36a84ad6ccd17038638fe38905fc24384bc60a15058c6b6defe60ed71c7697612b084d6a2cd0b15056f593335906c82265f38c47dcc1c1043da1ce74578a1919e03df4e155396b3dea89acd39d1449f00a9e8cf5ceb0684928432d21e6b7e83c099d285c126a430767e1e718c9dcaf83ae26120ed83c95d7d16a493d16c0a01f8bc05ac987bf8e378d7c8d28c201930890773c1d6ab6440cd3ff2454f17ced7e463d9753891a56833f5f673eb138d7e7ce6666b65ea74f6f0d3cc2d86dd7940ccf108ef7f0ad3c5c7da744c1988aee2a7fa5fd1bf52698221c6ed21de5077effb9bdb50b882523fa932bd1e3efe50b630599dfaf3b13167f57db1a12caeb51278b7fbd9768da62d45b1f056aac361b2da6cc4933a9159379a4152ad66a69362e347af0d414e8716c9869511034c2a366bfb5b125cfc5720c05af7895f4e318d89e85ad02e76c0d643b77c3bbab28865823d696dc5306e1731f56c29ddd25e378749493c762d9966e34b53049a84f4da9ff286bb20ea8c6918ae6df35bd82719ab07d197afe2c87cace76d139175fcfbb8ebc49a131d484244295baca1dec61526a5f844a6950899a0bfc13417b3df9b6580e5657a0d92bab2cfaab91e1513e0cb11c0f029841bf63da801ed3171aa7c039b45675b9197924a5429feeb52a7152d4b82304ff39f2d666edf8ccbfb35d2eee45af364ba98cc978ec7f4f361c4a9fb2bf1155e059c9874c9b00113b6d85ccfbeeb3bf33435ced0c94135a00162d1a1279041fca05ddb2ac02a0a34bbb15f5aac25ac3cdcc32cbb882b6456602bd011cb665661b483b20bcb6cadaf993b3d6fe59757e9fd2b00ebc3b6adfca5bd7bc016eac63adc33f450303dfc89a025d2e3e7fa99854cd468654428c4dbf40b078b24c939882bff81d871d19383b86a5d78e3dc5f53bbf31c56c9ceb28c43179b0f9829d9fdb9c126eaeee6858de67dc6cf0f75552fad19ab1dd381dfaf963790353816b68c1e4e0938d1312746e90d5ed32c32be83f2e1890ce24bd3594b8393280937ddd35475106a0336a61ef483202ca11d58dbb4345c5d68b41e949ad32a36b86983950a12dcb29e02b31880d041805197670fc30c8d6c30f736de8cf7955dd8ae6a46d6fa0d9955056abe5ef41acc00f94f9466327fa207f1f85aac9baceb25fcde2e8f1c6c5f68a66a62a7165c29afb66a17932c892fcd6c894c54abb3f56bbf1dd5901a60b2dc2a51615e6897e894aa15678403ce35a2dd94a31d03092a92e54be81c53adfefa653c00f63a76f2d6471625df5ccfdccffb30e1c545e435c3b3fad6249246d3c2f5796514a899d87905ef0a5bd1032c4718b467dc2df510183beb72b9140cf670e82c649460d782cbf33791088756a796c48d0f7df2b856a4b3e2914c7f8e707a05ed5956473c8eeca35aeb2b96c939b5bfd874e519b9d624e5b3fde44de50c1e9ccbd2642638ab2c1de38127c4c59c5d5710d82c619b634151b0fb1bb94a357e2e38b888f8fb30934009fbee693451b343f0cd656411565e4149433383a8ee7194bdf3907f8a9136296188c74bb3fb276da9cc275101882ac5046fa42b9142efce704014b17b72d0a7b2421b5efb3a0411da62d42019bf78d6a6c5c56f3e8e5fbd0240547c6db5404f1218ab391f361a5ecb9c2cd64c32693ca8dab991688b496daada1d02b5d9cd1b9df7f1258e1a9a70e22f229078b0b33f30cb3e4021335a4392548dbf11dd0ab1c138571179412f35b4106f9bfc0c5bf57b63909a5fd8892a584569cb7b9c330417ae9468d6583f2c923060e156d4a8c69114ac5281b8104b3dcee2abe8b94b7a0551079f6bc89dfe3c521a046b70b1d2a9f1df20fda6dd84adf9e57b34b795ffd5b3dca4c62c815177744c2c21046861135e70fed347985962f5409580c263a72cfd878fe10192902948c6bab642fab9be6b9b93fe41fdea762a9c78d1631f81c4d76c3187d23a26ad0d37ba1f44114afe994c18f8404f7ed02956eeec1ab8c87b0cf8450146705817beec015783b22e6d9125179887dc74b162b2890ffbf8c3443bf732c125f7d2ba0f75d0f81198eaf12e1251e85a34ebd23087ba790d6ad8a6c4cf0c85d410fef6bf6796e9a4c25699dd8bf51063b65b46aa5ad69ed243722b5ac050672fd3ba0c2d8b5e013f403dda3c30db4ca94da891a6d90ac9cfda97c0fce5bf7ed8c0d4b309ece7bbf0f536fcce750495dca0ba52c0c2e1972763f973a28925d8846b6a941bfc9dd1e96b889112336b1530327eaaddcb78ab1db7c35c4ef54a2888f770de481f0a6ba5b827a5013b6c9c0f9e6e629d7f0f65d260ee4ad62061305ba91ec2a29c27dc22b4d07cd090a66705f062ef25f632eaa2842b36dcf2807abb94403c458d78453a5bf20bae90912372db3e4ba83e66928dad13a734ecd912cff58640e8c3b4012ab0fd32f8679875b0f46812deb0f143d8c94b2d0c8d0d9bfc7c1f5eb6609179e1e4119e6c240d8ad581233f4b2bc55c39f3e46f4516ab2b2ac271f773809718f80efc4cd4fc28ebb09d7e8429203127de4aee25cb61bef5d71a3fd7b43741bb8d0f0b530f4d06e2c92c632930c8fec4c6a2b66f43efee55b50254dac26cbefde31cef6d044ce90e61bec3affde7682a14fd8327358b09b3445cc4af0bcf125d43d458d8089176f238d4253fc0e3f7b3b72fbd88bca0973539fdcab07ca1da7027a50ae01a071e080dd04718a82dc0ef72228a84598556d2f85777e72b4227475313a779b7cbc5c80314f7358cdb1e4ab8e178ef933e7192c60304770262e4b99d476b8f42c8eb2b10ba6ba0dd51a52710ac75d49f29ff6abfd791755a88c0456513b7e47915855ddb6b5c38b5955cac22aa6f2e96a135540b2da8d22b4c83590e585185946caf2307af83e4a9fc809301cb53284407cd5ed383477e0a0a1852b0b94c1c382d5a192ac2fc705f7eb05f2655a5c0220bc2eb03b8132290d7a2a3871d4c93fb48f0521c10590f35a90b813155483a2d64a408d21bcae12b5bf8977a42c7cf6810d7b300fcfe7b780688d227dba545cdb8104fc31d873f2ca8afe8a8ee1c8bfdc13663d5f4509b836e3901e41128bd694fef92737864630545ffba4afac3acc7b49a870566f245a2a3ed34ff266ff66ef1f45ecf83f33f548746c3f2d0868a2b0fda71312475a1e601c8b71a7b9231afa40936c42f7d1e3d053dc7dbf12956654590f55b12c6c77b9d7372d9805a84d6f99040e21b9791c62dda870814a60dbf27c4a82f3979410091ef1106220f96627d8f7f189de07ca85e0dab440efe5b8fdc8d7e434ba6162f0b5df11c0bd6489945c946953a21a2d0f0e8924337f401f42f96a87c26f76e4e6623eca76b8c81aa96741b248e07cc8fccb203903da21d364640549640aff4016c83c6e2586893212706aedd30c4b2b2c9c205d1332ea492d4aad97c2646c8082b6d769b5f5d606bec26fb762adf1308325c1c2ec38e2cfa424e41513718625a7d7004a7de11f937d177eee3da060e04b4f1311957fe7897e5f43d32f4c3b4234c3afdf3b069432ac235046efbe4e243c071f06c155bbc48cdac07171b38253c0de4afea667572ebbc28894cd2f9e21992d4d696710a0250acc1a355d951146cd46883787104494c20ca9abb33b07bb3e54b8c5861a1425f4d989029844ecdde4d851e57c9d39d757f473d55e4b0f0aeff40b304d3e04f6e2e9394b1e172d7482dad0b3ca2568aa3297391d614f912a08003300f50000000400238000000008004f00", @ANYRES32, @ANYBLOB="0b055bfae918f58d7afbadef493d7e358a95c4e330bcf2a04bc03c39d71670dab91ae5b106d1c2843ce4304ea577f9d8a1a0f848d602b9800600d00023000000f9768407cc2561184d2c4fc38602f7f8b7e4d6b3bb83f9abe034d3786433df04f18ac95f6d7d3fd067778f4450b81274918a59ba3a86b640f0b2f491691fbbf30d5968d8cac55f7faa350f658846cbf96a27bd30c15510f812038d31664a2401cbc2c9e12721a435f68c7490e6f85b04973390512b4a52fe2b005b277d1a2cb4f6609b499d2b554549f538e79bb251b0fb6cba3c2bd4ee5c2a261e87f8df3edb54c1acb4056770de689c1d57b90400e280e2bc598ed974dc397766010698def2d7772b1038bb9c17e0763cb138433f1e202f1611d0039a04209f742c012cea110be51c9b094f857d693685c3b632090db81a1ed81922c1bca49c033497098432b5cac25c7d29faaac98f1299fb1dd174a79b15697edc8badb40500dbca74b1ebf60400c1808723e75eb0d3bf1d6a19c1bcd4235f17e1b00f7a41329670f7d087b53a6ec1ea26f9b87f7bbde89b7abffc784f40bf50bafb1754a0ec5cf72e9089b5d61b9740aa1c56f016dd00d7da62d26242bfc367d029cd67bcb19fef0163b26f5a6fea1270de2665889035884d5137da65ac46509dfb7cd208e92dcf60f2faf30a5e53c8a2e83b6ee7ab4bfc225320e76ea3c10f3d8d440cebb9868fcf5dc7f513157d7b8a9322b23b544ca2131d65720f9a9279715eadf1fc70e535f868a25b760d349e142202b7ad4b65b80befeef4f8c1386507a2321365931e6facedda8269229e4815e587b5fcc9ea37e3a0a58273b4376cd8eebac1bcfc597dfab36b14aa33851094d9441bae8a044afc9b7afb784bfbd08a9db6a0f26ba9dac482446a7277903c08f0c639639658e8d4e28a3147ec1ef16f645271a41e746bdcad23b9238399ff08de694cc9746e60f02c6660e7f9bc90e77b70983b5d90a2c21537512c878c1cdbc1248969b461e35ca569d572593cd7918d45c0f6de5e4a4adef3ddad9ac2fd4795d1cb54f10427f07f7eee39c1fdecd2a177fd764774524be8c9ca3e08004c00", @ANYRES32, @ANYRES32, @ANYBLOB="08001b"], 0x18c0}}, 0x0)
socket$kcm(0xf, 0x0, 0x2)
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000100)={<r7=>0x0, 0x3}, &(0x7f0000000140)=0x8)
sendmmsg$inet_sctp(r6, &(0x7f00000000c0)=[{&(0x7f0000000040)=@in={0x2, 0xb, @local}, 0x10, &(0x7f0000000700)=[{&(0x7f0000000080)="05cc14a218918fde8ed02ba20ca42980a3c191e539d2d31725cc14f5cb51ba1cf36bb77f2588d52e3c13aa763e0cfb9822c7670e0682a4b1682f", 0x3a}], 0x1, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000008400000000000000ff07000003000100200000000000000084000000020000000900000000000000018000002d49cf62277feff1e1096e1083f33f0067e162705b90ef2fb61bb697a9e0d63535d5836cbf473b8bd52f34034698f353f5b05c36f2742ec988a1952a0dd9ff77634171d0aa73f8225fac012b71175aaf89c223ff7aa37e1153a0101b53d7fef95383c5b71633020903e361d4358a46f8053c1cc978453d01eec32a529e", @ANYRES32=r7], 0x38, 0x14001}], 0x1, 0x4044040)

1.312960104s ago: executing program 1 (id=3050):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000600000070000000900010073797a300000000084000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000000d08000640ffffff00080003400000000838001180090001006c61737400000000280002800c00024000000000000000090800014000000ba308000140000010000800014000003f5e980000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000006c0003806800008008000340000000025c0002800c00028008000340000000024c0002"], 0x164}, 0x1, 0x0, 0x0, 0x4000819}, 0x0)

1.289132959s ago: executing program 2 (id=3051):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c0000001d0001000000000004086aa42d"], 0x30}}, 0x0) (async)
r1 = socket(0x1e, 0x1, 0x0) (async)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
sendmmsg$sock(r1, &(0x7f0000000100)=[{{&(0x7f0000000180)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x1}}, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1000000}}], 0x2, 0x0)

1.103372636s ago: executing program 1 (id=3052):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x7, 0xbd, 0x6a, 0x40000, 0xffffffffffffffff, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x4, 0x5, 0xa}, 0x50) (fail_nth: 2)

1.076865263s ago: executing program 2 (id=3053):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000010900010073797a30000000003c000000090a010400000000000000000700000008f40a40000000000900020073797a31000000000900010073797a300000000008000540000000050c0200000c0a01030000000000000000070000080900020073797a31000000000900010073797a3000000000e0010380dc010080080003400000000273000b802c0001800a0001006c696d69740000001c0002800c00014000000000000000030c000240000000000000000e14000180090001006c617374"], 0x290}, 0x1, 0x0, 0x0, 0x4c004}, 0x0)

1.011793322s ago: executing program 3 (id=3054):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
r2 = socket$alg(0x26, 0x5, 0x0)
sendmsg$NL80211_CMD_GET_PROTOCOL_FEATURES(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x8200000b}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x14, r1, 0x200, 0x70bd2b, 0x25dfdbfe, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x8001)
bind$alg(r2, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'ansi_cprng\x00'}, 0x58)
r3 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f00000002c0)={'team_slave_0\x00', &(0x7f0000000040)=@ethtool_stats={0x37}})
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000c80)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newqdisc={0x8c, 0x24, 0x20, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}, {0x10, 0xa}}, [@TCA_STAB={0x68, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x3, 0x8, 0xffff6fca, 0x1, 0x2, 0x1}}, {0x4}}, {{0x1c, 0x1, {0x1, 0x2, 0x1, 0x7, 0x0, 0x2, 0x3, 0x1}}, {0x6, 0x2, [0x3]}}, {{0x1c, 0x1, {0xd, 0x52, 0x0, 0x4, 0x0, 0x7, 0xd40}}, {0x4}}]}]}, 0x8c}}, 0x10)
r7 = socket$can_raw(0x1d, 0x3, 0x1)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x0)
setsockopt$CAN_RAW_FILTER(r7, 0x65, 0x1, &(0x7f0000000100)=[{{0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}], 0x8)
socket$inet_udp(0x2, 0x2, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendmmsg$inet6(r5, &(0x7f0000007a80)=[{{&(0x7f0000000080)={0xa, 0x4e26, 0x1, @local, 0x7}, 0x1c, 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="180100000000000029000000360000002f1f0000000000000748000000031002720006000000000000000500000000000000000400000000000009000000000000000200000000000000050000000000000008000000000000000800000000000000c910fc010000000000000000000000000001010200000502000940917cca5fb46da328c24b50df983eb324ac0270f35dc142dbf37128bd9961f9c95a5f9d04477a2936fcf1d8ef883ebc1277c410993c68dd1c269e80c199c0c91022c587af1d0c7c9ed1e5e5d4a38b71fab48f1d17be2865bf60873b7f76f2ab96779f5d04dd2219228e880047a61673a7140b390f2afddbb9280d7eda7ceb741d9d8d66e2b5aa46cd47cdf0992a28bba1d3ed0401fe000000000000200200000000000029000000040000008940"], 0x338}}], 0x1, 0x20000000)
socket(0x10, 0x3, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000100)=ANY=[@ANYBLOB="bbbbbbbbbbbb8a0a63cdec5908060001080006"], 0x0)
r8 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r8, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r9=>0x0})
sendto$packet(r8, &(0x7f0000000100)="f257a8ea7bc273dfaeab96850806", 0x2a, 0x0, &(0x7f0000000200)={0x11, 0x0, r9, 0x1, 0x0, 0x6, @link_local}, 0x14)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000040)={'bridge_slave_1\x00'})
r11 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="ecaa74248f620900000004000000080000000a00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b708000000000000000007020000f8ffffffb7030000080083b2330e8fedb65ee7630000b704000000000000850000000300"/72], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r12 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r12, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="2800000020000103040000000000000002141400000000000884bc4299313b304f0203324df22f00"], 0x28}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)
sendmsg$nl_route(r12, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="2800000021000100"], 0x28}}, 0x0)

883.076143ms ago: executing program 1 (id=3055):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000080)=ANY=[@ANYBLOB="00020201"], 0x18)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="2000000037000701fefffffffedbdf2504"], 0x20}, 0x1, 0x0, 0x0, 0x4048091}, 0x4000000)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
r3 = socket$tipc(0x1e, 0x5, 0x0)
r4 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000300)={0x42, 0x3}, 0x10)
bind$tipc(r3, &(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x4, 0x10000000}}, 0x10)
r5 = socket$tipc(0x1e, 0x2, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000440)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x29}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x2c, 0x0, @remote, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0)
bind$tipc(r5, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x2, {0x43, 0x4, 0x3}}, 0x4)
bind$tipc(r5, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x2}}, 0x10)
r6 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000100)={0x42, 0x2, 0x2}, 0x10)
sendmsg$tipc(r6, &(0x7f0000002340)={&(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x4, 0x4}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4080000}, 0x0)
sendto(r2, 0x0, 0x0, 0x2000, &(0x7f0000000b00)=@l2tp={0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x2}, 0x80)
sendmmsg$inet6(r0, &(0x7f0000000a80), 0x0, 0x4c851)

682.649385ms ago: executing program 3 (id=3056):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="d000000010000104ffffffffffffffff0000ffff", @ANYRES32=0x0, @ANYBLOB="08d10000000000009c00128009000100766c616e000000008c0002800c0002000e0000000c0000000600050088a80000640003800c0001007b4b00ffffffef000c000100020000f4140000000c000100bf000000000400000c00010002000300ff0100000c00010005000000090000002000010002000000080000000c00010005000000120000000c0001000200000004000000100004800c007f02dd790000a400000014000300766c616e30"], 0xd0}, 0x1, 0x0, 0x0, 0x40}, 0x0)

670.891618ms ago: executing program 0 (id=3057):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x18, 0x11, &(0x7f00000001c0)=@raw=[@call={0x85, 0x0, 0x0, 0x6d}, @alu={0x4, 0x1, 0x4, 0x7, 0x0, 0x1, 0x1}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}, @map_val={0x18, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffffffff}], &(0x7f0000000000)='syzkaller\x00', 0x90000, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000080)={0x5, 0xf, 0x9, 0x3}, 0x10, 0x0, 0xffffffffffffffff, 0x5, &(0x7f0000000280)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f00000002c0)=[{0x0, 0x3, 0x6, 0x1}, {0x0, 0x3, 0x1, 0x6}, {0x4, 0x2, 0x6, 0xb}, {0x0, 0x5, 0xb, 0x3}, {0x0, 0x3, 0xf, 0x4}], 0x10, 0x1}, 0x94)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040)={0x0, r0}, 0x8)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x4, 0xdd, 0xa}, 0x50)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2, <r3=>0xffffffffffffffff}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x11, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000000000000000000000400008500000061000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r4, 0x18000000000002a0, 0x28, 0x0, &(0x7f0000000240)="ce010000009a697f65360c5e86dd", 0x0, 0x1fe7, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x4, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c250000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r5}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000300)=@framed={{0x7a, 0xa, 0x0, 0xff00, 0x0, 0x71, 0x10, 0x43}}, &(0x7f0000000480)='syzkaller\x00'}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x2000000000000013, &(0x7f0000000400)=ANY=[@ANYBLOB="180200000000000000000000000000008500007a64000000c50000002a00000095967cfb68eb19ff7d83e7fa6013192d0e9e3cb7309b927cf2cedef0f095e02e6c381c430859276507b61a8543fd1ab078604fc0cf42165aee4d6869237ad7284b0246f7422e07e399de79efdd76617b4191b7f086eb13ad09c20043f37360314249e53d"], &(0x7f00000000c0)='syzkaller\x00', 0xfffffffc, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)

623.31349ms ago: executing program 2 (id=3058):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendfile(0xffffffffffffffff, r0, &(0x7f0000000640)=0x80000000, 0xc86)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_buf(r1, 0x29, 0x1b, &(0x7f0000000440)=""/243, &(0x7f0000000380)=0xf3)
setsockopt$SO_TIMESTAMP(r1, 0x1, 0x24, &(0x7f0000000340)=0x7e, 0x4)
listen(r1, 0x0)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000d80)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum={0x0, 0x0, 0x0, 0x13}]}}, 0x0, 0x26}, 0x20)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x9, 0x4, 0x4, 0x2, 0x80, 0x1, 0x0, '\x00', 0x0, r2, 0x1, 0x1}, 0x48)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000240)={r2, 0x20, &(0x7f0000000040)={&(0x7f0000000100)=""/193, 0xc1, 0x0, &(0x7f00000002c0)=""/111, 0x6f}}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r4=>0x0})
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_CQM(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000580)={0x2c, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CQM={0x10, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x3f000000}, @NL80211_ATTR_CQM_RSSI_THOLD={0x4}]}]}, 0x2c}}, 0x0)

553.670769ms ago: executing program 2 (id=3059):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r0, &(0x7f0000002680)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000040)="18", 0x1}], 0x1}}], 0x1, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000007940)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x33f}, 0x1, 0x0, 0x0, 0xc0d0}, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r3, &(0x7f0000000440)=@pppol2tp={0x18, 0x1, {0x0, r2, {0x2, 0x1, @multicast1}, 0xf}}, 0x26)
sendmmsg$inet(r3, &(0x7f0000005f80)=[{{0x0, 0x0, &(0x7f0000005dc0)=[{&(0x7f00000010c0)="7d5107673289eeae3f806c5c62db497a0299399ab6101c3b", 0x1}], 0x1}}], 0x4000000000001ce, 0x8040)
sendmsg$key(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="02140007060000009b00"], 0x10}}, 0x0)
close(r1)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000240)={0x0, 0xffffffff, 0x20}, 0xc)
socket$inet6_sctp(0xa, 0x801, 0x84) (async)
sendmmsg$inet6(r0, &(0x7f0000002680)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000040)="18", 0x1}], 0x1}}], 0x1, 0x0) (async)
socket$key(0xf, 0x3, 0x2) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000007940)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x33f}, 0x1, 0x0, 0x0, 0xc0d0}, 0x0) (async)
socket$inet_udp(0x2, 0x2, 0x0) (async)
socket$pppl2tp(0x18, 0x1, 0x1) (async)
connect$pppl2tp(r3, &(0x7f0000000440)=@pppol2tp={0x18, 0x1, {0x0, r2, {0x2, 0x1, @multicast1}, 0xf}}, 0x26) (async)
sendmmsg$inet(r3, &(0x7f0000005f80)=[{{0x0, 0x0, &(0x7f0000005dc0)=[{&(0x7f00000010c0)="7d5107673289eeae3f806c5c62db497a0299399ab6101c3b", 0x1}], 0x1}}], 0x4000000000001ce, 0x8040) (async)
sendmsg$key(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="02140007060000009b00"], 0x10}}, 0x0) (async)
close(r1) (async)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000240)={0x0, 0xffffffff, 0x20}, 0xc) (async)

538.793698ms ago: executing program 3 (id=3060):
socket$pppl2tp(0x18, 0x1, 0x1)
r0 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000040}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r1=>0x0})
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES32=r1, @ANYBLOB="7440a9d146c7d0f62fe8c5391bbe9008488b7f8aa65963"], 0x1c}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TEST(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000007c0)=ANY=[], 0x38}, 0x1, 0x0, 0x0, 0x10000000}, 0x4880)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x60, 0x2, 0x6, 0x301, 0x0, 0x0, {0x5}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x0, 0x0, 0x40}, @IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x6}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x2}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x60}}, 0x4000)
syz_emit_ethernet(0x2d6, &(0x7f00000003c0)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaabb86dd6827aa2802a00601fc010000000000000000000000000001fc0200000000000000000000000000012f005a50680000002e1204098008a10afc01000000000000000000000000000000000000000000000000ffff00000000fc000000000000000000000000000001fe80000000000000000000000000000dfc020000000000000000000000000000ff02"], 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r4, 0x0)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
clock_gettime(0x5, &(0x7f0000000600))
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000300)=@raw={'raw\x00', 0x9, 0x3, 0x220, 0x0, 0xffffffff, 0xffffffff, 0x120, 0xffffffff, 0x1d0, 0xffffffff, 0xffffffff, 0x1d0, 0xffffffff, 0x3, 0x0, {[{{@ip={@broadcast, @private=0xa010102, 0x0, 0xffffffff, 'ip6_vti0\x00', 'caif0\x00', {}, {}, 0x2, 0x1, 0x4}, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x8, 0x4000, 0x6, 0x2, 'pptp\x00', 'syz1\x00', {0x7fff}}}}, {{@ip={@multicast1, @broadcast, 0xffffffff, 0xffffffff, 'caif0\x00', 'veth0_virt_wifi\x00', {0xff}, {0xff}, 0x32, 0x1, 0x36}, 0x0, 0x70, 0xb0}, @common=@unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "fb51f0f52069d37c378114554bc1e3e5a78752f61e0d49d5eddd143e2044"}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x280)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(r4, &(0x7f0000000580)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x34, r0, 0x300, 0x70bd27, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x15}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x54}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000000}, 0x884)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x18, 0x7, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000e50003000000000085100000fcffffff250000001000000007000000faffffff95"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4c}, 0x94)

455.366891ms ago: executing program 0 (id=3061):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000010005000500070000000000080009000300e4001400200040000000000000000000e1ffe000000108000a0000000000060002000100000014001f"], 0x5c}, 0x1, 0x6c}, 0x0)

374.643743ms ago: executing program 0 (id=3062):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000640)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x50)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000140)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r2, 0x0)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000180)={0x2d6}, 0x10)
write(r3, &(0x7f0000000800)="240000001a005f0400f9f40700090401800020000047d3af1ff2a2fe99a44520ca3b19b3", 0x24)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_opts(r4, 0x0, 0x14, &(0x7f0000937fed)=""/3, &(0x7f0000000080)=0x3)
ioctl$int_in(r2, 0x5452, &(0x7f0000000480)=0x7)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0xe, 0x11, &(0x7f00000007c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x6, 0x0, 0xb, 0x9, 0x0, 0x1, 0x81020000}, {0x65, 0x0, 0x0, 0xfaffff7f}}, [@map_fd={0x18, 0x3, 0x1, 0x0, r1}], {{0x7, 0x1, 0x5, 0x3}, {0x5, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

314.264754ms ago: executing program 2 (id=3063):
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=@newlink={0xbc, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x88ad6c81}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x66}}}, @IFLA_VFINFO_LIST={0x88, 0x16, 0x0, 0x1, [{0x84, 0x1, 0x0, 0x1, [@IFLA_VF_TX_RATE={0xc, 0x3, {0x7, 0x7ff}}, @IFLA_VF_TX_RATE={0xc, 0x3, {0x5, 0x6}}, @IFLA_VF_TRUST={0xc, 0x9, {0x7, 0x1}}, @IFLA_VF_TRUST={0xc, 0x9, {0xc780, 0x1}}, @IFLA_VF_SPOOFCHK={0xc, 0x4, {0xf173, 0x6}}, @IFLA_VF_LINK_STATE={0xc, 0x5, {0x0, 0x3}}, @IFLA_VF_MAC={0x28, 0x1, {0xc}}, @IFLA_VF_RATE={0x10, 0x6, {0x8, 0x8, 0x7}}]}]}]}, 0xbc}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="4400000002010102000000000000000002000000240002800c000280040001003a00000014000180080001007f000001080002"], 0x44}}, 0x0)
r3 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r3, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x1}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff})
sendmmsg$inet(r4, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0xe, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="200000000000e700000000000000"], &(0x7f0000000080)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000000}, 0x94)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x4004844)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000fbff00"/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB, @ANYRES64=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r9}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc00000000000000", @ANYRES32, @ANYBLOB="00fe0c00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[], 0x84}, 0x1, 0x0, 0x0, 0x4800}, 0x20000000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='cpuhp_exit\x00', r5, 0x0, 0x7}, 0x18)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000300)={'ip6_vti0\x00', &(0x7f0000000280)={'ip6gre0\x00', 0x0, 0x4, 0x7, 0x3, 0x6, 0x4, @private1={0xfc, 0x1, '\x00', 0x1}, @dev={0xfe, 0x80, '\x00', 0x12}, 0x20, 0x7, 0x8, 0x4}})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
r10 = socket$phonet(0x23, 0x2, 0x1)
getsockopt$sock_buf(r10, 0x1, 0xa, &(0x7f0000000b80)=""/78, &(0x7f0000000c00)=0x4e)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r1, &(0x7f0000000740)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x8008080}, 0x4000010)

163.189738ms ago: executing program 0 (id=3064):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(0xffffffffffffffff, &(0x7f00000002c0)={0xa, 0x5e22, 0x0, @local, 0x6}, 0x1c)
listen(r0, 0x0)
r2 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000440)={0x0, r1}, 0x8)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@bloom_filter={0x1e, 0x6, 0x8, 0x4, 0x1200d, 0x1, 0x2d6, '\x00', 0x0, r1, 0x3, 0x2, 0x0, 0xb, @void, @value, @value=r2}, 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1b, 0x4, 0x0, 0x8000, 0x0, r3, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0xfffffffe}, 0x50)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000400), 0x24000, 0x0)
r5 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@gettaction={0x14, 0x5a, 0xc6b747b6bf1c6b95}, 0x14}}, 0x0)
r6 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
pwritev(r6, &(0x7f0000000000)=[{&(0x7f0000000180)="10", 0x1}], 0x1, 0x2, 0x80)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x6a)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r8 = openat$cgroup_procs(r7, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0)
r9 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0)
sendfile(r9, r8, 0x0, 0xf2)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70200000000f400850000008600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r10}, 0x10)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000000bc0)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
bpf$OBJ_GET_PROG(0x7, &(0x7f00000008c0)=@generic={&(0x7f0000000600)='./file0\x00', 0x0, 0x10}, 0x18)
r11 = socket$netlink(0x10, 0x3, 0x4)
writev(r11, &(0x7f00000000c0)=[{&(0x7f0000000180)="580000001500add427323b470c45b4560a067fffffff81004e22030d00ff0028925aa8002000eaa57b00090080020efffeffe809020000ff0004f03a09000000ffffffffffffffffffffffe7ee0000000000000000020000", 0x58}], 0x1)

0s ago: executing program 1 (id=3065):
bind$l2tp(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10)
getsockname$l2tp(0xffffffffffffffff, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000000)={0x2, 'veth1_to_bridge\x00', 0x200}, 0x18)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_FDB={0x4}]}, 0x1c}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800010009000000000000000a00000000000000080001000200000004000b"], 0x24}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="1c0000006800e97800000000000000000a000000000000000400040030db918bc8ccf0be2dd96793159ba6a59ac3d6bdbeea02dc4f60f807c9b1f96d01fd76e189f2aad75bddc1cb9f51a262dd"], 0x1c}}, 0x0) (fail_nth: 2)

kernel console output (not intermixed with test programs):

55] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1850'.
[  238.666699][T11955] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1850'.
[  238.815087][T11966] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1853'.
[  239.023471][T11975] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1856'.
[  239.049463][T11975] netlink: 348 bytes leftover after parsing attributes in process `syz.4.1856'.
[  239.066804][T11976] netlink: 'syz.1.1855': attribute type 13 has an invalid length.
[  239.085150][T11976] netlink: 'syz.1.1855': attribute type 17 has an invalid length.
[  239.098644][T11975] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1856'.
[  239.108658][T11975] netlink: 348 bytes leftover after parsing attributes in process `syz.4.1856'.
[  239.232548][T11976] bridge0: port 2(bridge_slave_1) entered blocking state
[  239.239862][T11976] bridge0: port 2(bridge_slave_1) entered forwarding state
[  239.247462][T11976] bridge0: port 1(bridge_slave_0) entered blocking state
[  239.254629][T11976] bridge0: port 1(bridge_slave_0) entered forwarding state
[  239.361065][T11976] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  239.392291][T11994] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  239.669044][T11976] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  240.991456][T12062] tipc: New replicast peer: 255.255.255.83
[  240.998910][T12062] tipc: Enabled bearer <udp:£>, priority 10
[  241.116648][T12053] netlink: 'syz.1.1879': attribute type 30 has an invalid length.
[  241.543731][T12077] bond4 (unregistering): Released all slaves
[  241.601995][T12100] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  241.610678][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  241.633854][T12097] __nla_validate_parse: 4 callbacks suppressed
[  241.633870][T12097] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1892'.
[  241.728962][T12109] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1894'.
[  241.814169][T12109] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1894'.
[  241.827502][T12109] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1894'.
[  241.838359][T12109] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1894'.
[  241.865926][T12109] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1894'.
[  241.883869][T12109] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1894'.
[  241.897702][T12109] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1894'.
[  241.909621][T12109] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1894'.
[  241.920156][T12109] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1894'.
[  241.939870][T12109] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  242.135001][  T980] tipc: Node number set to 2906584239
[  242.785317][ T5826] hid-generic 0005:04F3:5508.002A: hidraw0: BLUETOOTH HID vc3.38 Device [syz0] on aa:aa:aa:aa:aa:aa
[  243.014341][T12163] FAULT_INJECTION: forcing a failure.
[  243.014341][T12163] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  243.095117][T12163] CPU: 1 UID: 0 PID: 12163 Comm: syz.2.1912 Not tainted syzkaller #0 PREEMPT(full) 
[  243.095142][T12163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  243.095152][T12163] Call Trace:
[  243.095160][T12163]  <TASK>
[  243.095168][T12163]  dump_stack_lvl+0x189/0x250
[  243.095207][T12163]  ? __pfx____ratelimit+0x10/0x10
[  243.095230][T12163]  ? __pfx_dump_stack_lvl+0x10/0x10
[  243.095253][T12163]  ? __pfx__printk+0x10/0x10
[  243.095285][T12163]  should_fail_ex+0x414/0x560
[  243.095316][T12163]  _copy_to_user+0x31/0xb0
[  243.095339][T12163]  simple_read_from_buffer+0xe1/0x170
[  243.095365][T12163]  proc_fail_nth_read+0x1b3/0x220
[  243.095388][T12163]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  243.095409][T12163]  ? rw_verify_area+0x2a6/0x4d0
[  243.095435][T12163]  ? __lock_acquire+0xab9/0xd20
[  243.095449][T12163]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  243.095469][T12163]  vfs_read+0x200/0xa30
[  243.095490][T12163]  ? fdget_pos+0x247/0x320
[  243.095508][T12163]  ? __pfx___mutex_lock+0x10/0x10
[  243.095531][T12163]  ? __pfx_vfs_read+0x10/0x10
[  243.095553][T12163]  ? __fget_files+0x2a/0x420
[  243.095570][T12163]  ? __fget_files+0x3a0/0x420
[  243.095584][T12163]  ? __fget_files+0x2a/0x420
[  243.095604][T12163]  ksys_read+0x145/0x250
[  243.095628][T12163]  ? __pfx_ksys_read+0x10/0x10
[  243.095652][T12163]  ? do_syscall_64+0xbe/0xfa0
[  243.095675][T12163]  do_syscall_64+0xfa/0xfa0
[  243.095695][T12163]  ? lockdep_hardirqs_on+0x9c/0x150
[  243.095715][T12163]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  243.095731][T12163]  ? clear_bhb_loop+0x60/0xb0
[  243.095750][T12163]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  243.095765][T12163] RIP: 0033:0x7fcefb38e0dc
[  243.095780][T12163] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  243.095795][T12163] RSP: 002b:00007fcefc2c7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  243.095815][T12163] RAX: ffffffffffffffda RBX: 00007fcefb5e5fa0 RCX: 00007fcefb38e0dc
[  243.095828][T12163] RDX: 000000000000000f RSI: 00007fcefc2c70a0 RDI: 0000000000000004
[  243.095840][T12163] RBP: 00007fcefc2c7090 R08: 0000000000000000 R09: 0000000000000000
[  243.095851][T12163] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  243.095861][T12163] R13: 00007fcefb5e6038 R14: 00007fcefb5e5fa0 R15: 00007ffe636dfb58
[  243.095895][T12163]  </TASK>
[  243.510092][T12166] syzkaller0: entered promiscuous mode
[  243.515698][T12166] syzkaller0: entered allmulticast mode
[  245.477318][ T5826] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  245.492474][   T50] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  245.506527][ T5826] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  245.521266][ T5898] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  245.728344][T12187] tipc: New replicast peer: 255.255.255.83
[  245.734442][T12187] tipc: Enabled bearer <udp:£ >, priority 10
[  246.527921][T12237] vlan0: entered promiscuous mode
[  246.865054][  T980] tipc: Node number set to 974046066
[  247.078942][T12257] __nla_validate_parse: 9 callbacks suppressed
[  247.078960][T12257] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1939'.
[  247.136911][T12257] netlink: 348 bytes leftover after parsing attributes in process `syz.0.1939'.
[  247.225414][T12257] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1939'.
[  247.315476][T12257] netlink: 348 bytes leftover after parsing attributes in process `syz.0.1939'.
[  247.326685][T12257] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1939'.
[  247.774697][T12278] syzkaller0: entered promiscuous mode
[  247.782034][T12278] syzkaller0: entered allmulticast mode
[  247.789756][T12279] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1949'.
[  247.799065][T12279] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1949'.
[  247.905704][T12280] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1946'.
[  248.249643][T12297] vlan2: entered promiscuous mode
[  248.288602][T12292] xt_CT: No such helper "snmp_trap"
[  248.461132][T12309] syz.3.1954 (12309) used obsolete PPPIOCDETACH ioctl
[  248.479839][T12303] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1954'.
[  248.571182][T12311] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1957'.
[  249.404734][T12337] ieee802154 phy0 wpan0: encryption failed: -90
[  249.680251][T12349] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  249.705950][T12349] syzkaller0: entered promiscuous mode
[  249.711459][T12349] syzkaller0: entered allmulticast mode
[  249.817436][T12349] tipc: Resetting bearer <eth:syzkaller0>
[  249.850724][T12348] tipc: Resetting bearer <eth:syzkaller0>
[  249.906778][T12348] tipc: Disabling bearer <eth:syzkaller0>
[  250.299169][ T5898] hid-generic 0005:04F3:5508.002B: hidraw0: BLUETOOTH HID vc3.38 Device [syz0] on aa:aa:aa:aa:aa:aa
[  250.468897][T12391] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  250.517662][T12395] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  250.535123][T12392] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  252.339316][T12479] __nla_validate_parse: 25 callbacks suppressed
[  252.339336][T12479] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2018'.
[  252.384965][T12479] netlink: 348 bytes leftover after parsing attributes in process `syz.2.2018'.
[  252.435014][T12479] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2018'.
[  252.453750][T12479] netlink: 348 bytes leftover after parsing attributes in process `syz.2.2018'.
[  252.468510][T12481] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2019'.
[  252.485752][T12479] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2018'.
[  252.496984][T12481] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2019'.
[  252.610074][T12486] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2021'.
[  252.706382][T12490] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2021'.
[  252.887211][T12503] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2026'.
[  254.159428][T12552] vlan2: entered promiscuous mode
[  254.410751][T12565] syzkaller1: entered promiscuous mode
[  254.425020][T12565] syzkaller1: entered allmulticast mode
[  255.155176][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  255.352548][T12599] FAULT_INJECTION: forcing a failure.
[  255.352548][T12599] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  255.393734][T12599] CPU: 1 UID: 0 PID: 12599 Comm: syz.2.2060 Not tainted syzkaller #0 PREEMPT(full) 
[  255.393760][T12599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  255.393772][T12599] Call Trace:
[  255.393780][T12599]  <TASK>
[  255.393789][T12599]  dump_stack_lvl+0x189/0x250
[  255.393827][T12599]  ? __pfx____ratelimit+0x10/0x10
[  255.393850][T12599]  ? __pfx_dump_stack_lvl+0x10/0x10
[  255.393872][T12599]  ? __pfx__printk+0x10/0x10
[  255.393890][T12599]  ? __might_fault+0xb0/0x130
[  255.393925][T12599]  should_fail_ex+0x414/0x560
[  255.393955][T12599]  _copy_from_user+0x2d/0xb0
[  255.393977][T12599]  ___sys_sendmsg+0x158/0x2a0
[  255.394000][T12599]  ? __pfx____sys_sendmsg+0x10/0x10
[  255.394054][T12599]  ? __fget_files+0x2a/0x420
[  255.394070][T12599]  ? __fget_files+0x3a0/0x420
[  255.394104][T12599]  __sys_sendmmsg+0x227/0x430
[  255.394129][T12599]  ? __pfx___sys_sendmmsg+0x10/0x10
[  255.394157][T12599]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  255.394214][T12599]  __x64_sys_sendmmsg+0xa0/0xc0
[  255.394235][T12599]  do_syscall_64+0xfa/0xfa0
[  255.394257][T12599]  ? lockdep_hardirqs_on+0x9c/0x150
[  255.394279][T12599]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.394296][T12599]  ? clear_bhb_loop+0x60/0xb0
[  255.394317][T12599]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.394334][T12599] RIP: 0033:0x7fcefb38f6c9
[  255.394350][T12599] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  255.394365][T12599] RSP: 002b:00007fcefc2c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  255.394385][T12599] RAX: ffffffffffffffda RBX: 00007fcefb5e5fa0 RCX: 00007fcefb38f6c9
[  255.394398][T12599] RDX: 0000000000000001 RSI: 00002000000000c0 RDI: 0000000000000003
[  255.394410][T12599] RBP: 00007fcefc2c7090 R08: 0000000000000000 R09: 0000000000000000
[  255.394421][T12599] R10: 0000000004044040 R11: 0000000000000246 R12: 0000000000000001
[  255.394432][T12599] R13: 00007fcefb5e6038 R14: 00007fcefb5e5fa0 R15: 00007ffe636dfb58
[  255.394464][T12599]  </TASK>
[  255.721928][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  255.778401][T12610] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  255.805157][T12610] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  255.813566][T12610] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  255.829155][T12608] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  255.879405][T12608] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  255.939101][T12608] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  255.968562][T12610] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  256.003398][T12625] netlink: 'syz.4.2069': attribute type 13 has an invalid length.
[  256.018373][T12625] netlink: 'syz.4.2069': attribute type 17 has an invalid length.
[  256.022219][T12610] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  256.078335][T12610] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  256.088382][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  257.496819][T12686] __nla_validate_parse: 14 callbacks suppressed
[  257.496838][T12686] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2094'.
[  257.567181][T12689] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2095'.
[  257.576609][T12689] netlink: 348 bytes leftover after parsing attributes in process `syz.2.2095'.
[  257.586310][T12691] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2094'.
[  257.596732][T12689] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2095'.
[  257.606267][T12689] netlink: 348 bytes leftover after parsing attributes in process `syz.2.2095'.
[  257.615983][T12689] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2095'.
[  258.037876][T12711] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2102'.
[  258.249992][T12719] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2105'.
[  258.353144][T12719] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2105'.
[  258.707458][T12746] netlink: 'syz.1.2112': attribute type 32 has an invalid length.
[  259.138126][T12766] bond3: option primary_reselect: invalid value (255)
[  259.237722][T12766] bond3 (unregistering): Released all slaves
[  260.390527][T12837] FAULT_INJECTION: forcing a failure.
[  260.390527][T12837] name failslab, interval 1, probability 0, space 0, times 0
[  260.403987][T12837] CPU: 1 UID: 0 PID: 12837 Comm: syz.0.2137 Not tainted syzkaller #0 PREEMPT(full) 
[  260.404012][T12837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  260.404023][T12837] Call Trace:
[  260.404029][T12837]  <TASK>
[  260.404037][T12837]  dump_stack_lvl+0x189/0x250
[  260.404065][T12837]  ? __pfx____ratelimit+0x10/0x10
[  260.404087][T12837]  ? __pfx_dump_stack_lvl+0x10/0x10
[  260.404110][T12837]  ? __pfx__printk+0x10/0x10
[  260.404133][T12837]  ? __pfx___might_resched+0x10/0x10
[  260.404152][T12837]  ? fs_reclaim_acquire+0x7d/0x100
[  260.404182][T12837]  should_fail_ex+0x414/0x560
[  260.404212][T12837]  should_failslab+0xa8/0x100
[  260.404230][T12837]  kmem_cache_alloc_node_noprof+0x77/0x710
[  260.404252][T12837]  ? __alloc_skb+0x112/0x2d0
[  260.404267][T12837]  ? netlink_autobind+0xdb/0x300
[  260.404287][T12837]  __alloc_skb+0x112/0x2d0
[  260.404306][T12837]  netlink_sendmsg+0x5c6/0xb30
[  260.404330][T12837]  ? __pfx_netlink_sendmsg+0x10/0x10
[  260.404348][T12837]  ? aa_sock_msg_perm+0xf1/0x1d0
[  260.404372][T12837]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  260.404387][T12837]  ? __pfx_netlink_sendmsg+0x10/0x10
[  260.404405][T12837]  __sock_sendmsg+0x21c/0x270
[  260.404429][T12837]  ____sys_sendmsg+0x505/0x830
[  260.404455][T12837]  ? __pfx_____sys_sendmsg+0x10/0x10
[  260.404482][T12837]  ? import_iovec+0x74/0xa0
[  260.404507][T12837]  ___sys_sendmsg+0x21f/0x2a0
[  260.404529][T12837]  ? __pfx____sys_sendmsg+0x10/0x10
[  260.404581][T12837]  ? __fget_files+0x2a/0x420
[  260.404597][T12837]  ? __fget_files+0x3a0/0x420
[  260.404624][T12837]  __x64_sys_sendmsg+0x19b/0x260
[  260.404646][T12837]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  260.404675][T12837]  ? __pfx_ksys_write+0x10/0x10
[  260.404701][T12837]  ? do_syscall_64+0xbe/0xfa0
[  260.404726][T12837]  do_syscall_64+0xfa/0xfa0
[  260.404746][T12837]  ? lockdep_hardirqs_on+0x9c/0x150
[  260.404769][T12837]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.404786][T12837]  ? clear_bhb_loop+0x60/0xb0
[  260.404806][T12837]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.404822][T12837] RIP: 0033:0x7fae2718f6c9
[  260.404843][T12837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  260.404856][T12837] RSP: 002b:00007fae280cc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  260.404874][T12837] RAX: ffffffffffffffda RBX: 00007fae273e5fa0 RCX: 00007fae2718f6c9
[  260.404886][T12837] RDX: 0000000000004040 RSI: 0000200000000180 RDI: 0000000000000003
[  260.404898][T12837] RBP: 00007fae280cc090 R08: 0000000000000000 R09: 0000000000000000
[  260.404908][T12837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  260.404917][T12837] R13: 00007fae273e6038 R14: 00007fae273e5fa0 R15: 00007ffc67ff4478
[  260.404948][T12837]  </TASK>
[  260.778500][T12833] netlink: 'syz.3.2135': attribute type 1 has an invalid length.
[  260.820062][T12853] net_ratelimit: 549 callbacks suppressed
[  260.820081][T12853] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  260.888260][T12840] gretap1: entered allmulticast mode
[  260.938524][T12840] bond3: (slave gretap1): making interface the new active one
[  260.949860][T12840] bond3: (slave gretap1): Enslaving as an active interface with an up link
[  261.443917][T12875] xt_CT: No such helper "snmp_trap"
[  261.833762][T12918] A link change request failed with some changes committed already. Interface veth1_to_bond may have been left with an inconsistent configuration, please check.
[  263.056031][T12971] FAULT_INJECTION: forcing a failure.
[  263.056031][T12971] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  263.095060][T12971] CPU: 0 UID: 0 PID: 12971 Comm: syz.1.2178 Not tainted syzkaller #0 PREEMPT(full) 
[  263.095085][T12971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  263.095095][T12971] Call Trace:
[  263.095103][T12971]  <TASK>
[  263.095111][T12971]  dump_stack_lvl+0x189/0x250
[  263.095139][T12971]  ? __pfx____ratelimit+0x10/0x10
[  263.095161][T12971]  ? __pfx_dump_stack_lvl+0x10/0x10
[  263.095183][T12971]  ? __pfx__printk+0x10/0x10
[  263.095200][T12971]  ? __might_fault+0xb0/0x130
[  263.095233][T12971]  should_fail_ex+0x414/0x560
[  263.095261][T12971]  _copy_from_iter+0x1de/0x1790
[  263.095285][T12971]  ? rcu_is_watching+0x15/0xb0
[  263.095308][T12971]  ? kmalloc_reserve+0xbd/0x290
[  263.095324][T12971]  ? __pfx__copy_from_iter+0x10/0x10
[  263.095344][T12971]  ? __build_skb_around+0x262/0x3f0
[  263.095371][T12971]  ? netlink_sendmsg+0x642/0xb30
[  263.095387][T12971]  ? skb_put+0x11b/0x210
[  263.095415][T12971]  netlink_sendmsg+0x6b2/0xb30
[  263.095442][T12971]  ? __pfx_netlink_sendmsg+0x10/0x10
[  263.095463][T12971]  ? aa_sock_msg_perm+0xf1/0x1d0
[  263.095490][T12971]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  263.095507][T12971]  ? __pfx_netlink_sendmsg+0x10/0x10
[  263.095524][T12971]  __sock_sendmsg+0x21c/0x270
[  263.095550][T12971]  ____sys_sendmsg+0x505/0x830
[  263.095574][T12971]  ? __pfx_____sys_sendmsg+0x10/0x10
[  263.095599][T12971]  ? import_iovec+0x74/0xa0
[  263.095620][T12971]  ___sys_sendmsg+0x21f/0x2a0
[  263.095639][T12971]  ? __pfx____sys_sendmsg+0x10/0x10
[  263.095690][T12971]  ? __fget_files+0x2a/0x420
[  263.095706][T12971]  ? __fget_files+0x3a0/0x420
[  263.095733][T12971]  __x64_sys_sendmsg+0x19b/0x260
[  263.095754][T12971]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  263.095780][T12971]  ? __pfx_ksys_write+0x10/0x10
[  263.095804][T12971]  ? do_syscall_64+0xbe/0xfa0
[  263.095830][T12971]  do_syscall_64+0xfa/0xfa0
[  263.095851][T12971]  ? lockdep_hardirqs_on+0x9c/0x150
[  263.095873][T12971]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  263.095891][T12971]  ? clear_bhb_loop+0x60/0xb0
[  263.095913][T12971]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  263.095929][T12971] RIP: 0033:0x7ff18878f6c9
[  263.095947][T12971] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  263.095963][T12971] RSP: 002b:00007ff189609038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  263.095983][T12971] RAX: ffffffffffffffda RBX: 00007ff1889e5fa0 RCX: 00007ff18878f6c9
[  263.095996][T12971] RDX: 0000000000004040 RSI: 0000200000000180 RDI: 0000000000000003
[  263.096008][T12971] RBP: 00007ff189609090 R08: 0000000000000000 R09: 0000000000000000
[  263.096019][T12971] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  263.096030][T12971] R13: 00007ff1889e6038 R14: 00007ff1889e5fa0 R15: 00007ffe89a96748
[  263.096061][T12971]  </TASK>
[  263.426319][T12975] bridge0: port 1(bridge_slave_0) entered blocking state
[  263.433538][T12975] bridge0: port 1(bridge_slave_0) entered forwarding state
[  263.472802][T12975] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  263.534192][T12973] __nla_validate_parse: 27 callbacks suppressed
[  263.534210][T12973] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2179'.
[  263.682364][T12996] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2188'.
[  263.693550][T12996] netlink: 348 bytes leftover after parsing attributes in process `syz.2.2188'.
[  263.703425][T12996] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2188'.
[  263.713305][T12996] netlink: 348 bytes leftover after parsing attributes in process `syz.2.2188'.
[  263.723971][T12996] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2188'.
[  263.828938][T13000] netlink: 16186 bytes leftover after parsing attributes in process `syz.2.2190'.
[  264.120148][T13019] netlink: 'syz.0.2194': attribute type 13 has an invalid length.
[  264.128211][T13019] netlink: 'syz.0.2194': attribute type 17 has an invalid length.
[  264.154146][T13019] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  264.201003][T13016] xt_CT: No such helper "snmp_trap"
[  264.676332][ T5826] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  265.105660][T13056] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2208'.
[  265.137724][T13056] netlink: 348 bytes leftover after parsing attributes in process `syz.2.2208'.
[  265.156128][T13056] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2208'.
[  265.659139][T13088] vlan2: entered promiscuous mode
[  265.683575][T13087] netlink: 'syz.0.2221': attribute type 1 has an invalid length.
[  265.922920][T13103] netlink: 'syz.3.2227': attribute type 1 has an invalid length.
[  265.977685][T13103] 8021q: adding VLAN 0 to HW filter on device bond4
[  266.022411][T13103] 8021q: adding VLAN 0 to HW filter on device batadv2
[  266.032374][T13103] bond4: (slave batadv2): making interface the new active one
[  266.042144][T13103] bond4: (slave batadv2): Enslaving as an active interface with an up link
[  266.257902][T13103] bond4 (unregistering): (slave batadv2): Releasing active interface
[  266.269797][T13103] bond4 (unregistering): Released all slaves
[  266.304103][T13111] vlan0: left promiscuous mode
[  266.365986][T13115] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  266.702585][T13124] team0: Device gtp0 is of different type
[  266.729165][T13133] netlink: 'syz.4.2233': attribute type 1 has an invalid length.
[  266.828023][T13137] tipc: Enabling of bearer <et‚:g> rejected, media not registered
[  266.902271][T13143] FAULT_INJECTION: forcing a failure.
[  266.902271][T13143] name failslab, interval 1, probability 0, space 0, times 0
[  266.958302][T13143] CPU: 1 UID: 0 PID: 13143 Comm: syz.2.2242 Not tainted syzkaller #0 PREEMPT(full) 
[  266.958327][T13143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  266.958337][T13143] Call Trace:
[  266.958344][T13143]  <TASK>
[  266.958351][T13143]  dump_stack_lvl+0x189/0x250
[  266.958379][T13143]  ? __pfx____ratelimit+0x10/0x10
[  266.958401][T13143]  ? __pfx_dump_stack_lvl+0x10/0x10
[  266.958423][T13143]  ? __pfx__printk+0x10/0x10
[  266.958442][T13143]  ? __pfx___might_resched+0x10/0x10
[  266.958460][T13143]  ? fs_reclaim_acquire+0x7d/0x100
[  266.958489][T13143]  should_fail_ex+0x414/0x560
[  266.958518][T13143]  should_failslab+0xa8/0x100
[  266.958537][T13143]  __kmalloc_cache_noprof+0x6f/0x6f0
[  266.958561][T13143]  ? kasan_save_track+0x4f/0x80
[  266.958582][T13143]  ? rtnl_newlink+0xfb/0x1c80
[  266.958605][T13143]  ? __kasan_save_free_info+0x46/0x50
[  266.958623][T13143]  ? __kasan_slab_free+0x5c/0x80
[  266.958643][T13143]  ? kmem_cache_free+0x19b/0x690
[  266.958669][T13143]  rtnl_newlink+0xfb/0x1c80
[  266.958691][T13143]  ? ____sys_sendmsg+0x505/0x830
[  266.958707][T13143]  ? ___sys_sendmsg+0x21f/0x2a0
[  266.958723][T13143]  ? __x64_sys_sendmsg+0x19b/0x260
[  266.958739][T13143]  ? do_syscall_64+0xfa/0xfa0
[  266.958760][T13143]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.958787][T13143]  ? __pfx_rtnl_newlink+0x10/0x10
[  266.958833][T13143]  ? kasan_quarantine_put+0xdd/0x220
[  266.958855][T13143]  ? lockdep_hardirqs_on+0x9c/0x150
[  266.958884][T13143]  ? nlmon_xmit+0xb0/0x100
[  266.958903][T13143]  ? kmem_cache_free+0x19b/0x690
[  266.958936][T13143]  ? __local_bh_enable_ip+0x12d/0x1c0
[  266.958956][T13143]  ? lockdep_hardirqs_on+0x9c/0x150
[  266.958980][T13143]  ? __local_bh_enable_ip+0x12d/0x1c0
[  266.958998][T13143]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  266.959021][T13143]  ? __dev_queue_xmit+0x284/0x3740
[  266.959042][T13143]  ? __dev_queue_xmit+0x284/0x3740
[  266.959061][T13143]  ? __dev_queue_xmit+0x1bfb/0x3740
[  266.959088][T13143]  ? __lock_acquire+0xab9/0xd20
[  266.959130][T13143]  ? __pfx_rtnl_newlink+0x10/0x10
[  266.959154][T13143]  rtnetlink_rcv_msg+0x7cf/0xb70
[  266.959182][T13143]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  266.959206][T13143]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  266.959228][T13143]  ? ref_tracker_free+0x63a/0x7d0
[  266.959246][T13143]  ? __asan_memcpy+0x40/0x70
[  266.959267][T13143]  ? __pfx_ref_tracker_free+0x10/0x10
[  266.959300][T13143]  netlink_rcv_skb+0x208/0x470
[  266.959320][T13143]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  266.959346][T13143]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  266.959374][T13143]  ? netlink_deliver_tap+0x2e/0x1b0
[  266.959399][T13143]  netlink_unicast+0x82f/0x9e0
[  266.959432][T13143]  ? __pfx_netlink_unicast+0x10/0x10
[  266.959458][T13143]  ? netlink_sendmsg+0x642/0xb30
[  266.959473][T13143]  ? skb_put+0x11b/0x210
[  266.959493][T13143]  netlink_sendmsg+0x805/0xb30
[  266.959520][T13143]  ? __pfx_netlink_sendmsg+0x10/0x10
[  266.959547][T13143]  ? aa_sock_msg_perm+0xf1/0x1d0
[  266.959573][T13143]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  266.959591][T13143]  ? __pfx_netlink_sendmsg+0x10/0x10
[  266.959609][T13143]  __sock_sendmsg+0x21c/0x270
[  266.959635][T13143]  ____sys_sendmsg+0x505/0x830
[  266.959660][T13143]  ? __pfx_____sys_sendmsg+0x10/0x10
[  266.959689][T13143]  ? import_iovec+0x74/0xa0
[  266.959714][T13143]  ___sys_sendmsg+0x21f/0x2a0
[  266.959736][T13143]  ? __pfx____sys_sendmsg+0x10/0x10
[  266.959790][T13143]  ? __fget_files+0x2a/0x420
[  266.959806][T13143]  ? __fget_files+0x3a0/0x420
[  266.959832][T13143]  __x64_sys_sendmsg+0x19b/0x260
[  266.959854][T13143]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  266.959884][T13143]  ? __pfx_ksys_write+0x10/0x10
[  266.959911][T13143]  ? do_syscall_64+0xbe/0xfa0
[  266.959937][T13143]  do_syscall_64+0xfa/0xfa0
[  266.959958][T13143]  ? lockdep_hardirqs_on+0x9c/0x150
[  266.959981][T13143]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.959998][T13143]  ? clear_bhb_loop+0x60/0xb0
[  266.960018][T13143]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.960035][T13143] RIP: 0033:0x7fcefb38f6c9
[  266.960051][T13143] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  266.960066][T13143] RSP: 002b:00007fcefc2c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  266.960085][T13143] RAX: ffffffffffffffda RBX: 00007fcefb5e5fa0 RCX: 00007fcefb38f6c9
[  266.960098][T13143] RDX: 0000000000004040 RSI: 0000200000000180 RDI: 0000000000000003
[  266.960111][T13143] RBP: 00007fcefc2c7090 R08: 0000000000000000 R09: 0000000000000000
[  266.960122][T13143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  266.960133][T13143] R13: 00007fcefb5e6038 R14: 00007fcefb5e5fa0 R15: 00007ffe636dfb58
[  266.960163][T13143]  </TASK>
[  266.961331][T13148] vlan0: entered promiscuous mode
[  267.227689][T13153] xt_CT: No such helper "snmp_trap"
[  268.803148][T13222] bridge2: entered allmulticast mode
[  269.065636][T13238] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  269.119572][T13244] __nla_validate_parse: 11 callbacks suppressed
[  269.119590][T13244] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2276'.
[  269.227744][T13244] netlink: 348 bytes leftover after parsing attributes in process `syz.2.2276'.
[  269.267166][T13244] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2276'.
[  269.320999][T13244] netlink: 348 bytes leftover after parsing attributes in process `syz.2.2276'.
[  269.362490][T13244] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2276'.
[  269.687735][T13253] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  269.776633][T13256] netlink: 'syz.1.2282': attribute type 2 has an invalid length.
[  269.896281][T13260] syzkaller0: entered promiscuous mode
[  269.901796][T13260] syzkaller0: entered allmulticast mode
[  269.982815][T13271] FAULT_INJECTION: forcing a failure.
[  269.982815][T13271] name failslab, interval 1, probability 0, space 0, times 0
[  269.995875][T13271] CPU: 1 UID: 0 PID: 13271 Comm: syz.3.2288 Not tainted syzkaller #0 PREEMPT(full) 
[  269.995900][T13271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  269.995911][T13271] Call Trace:
[  269.995919][T13271]  <TASK>
[  269.995926][T13271]  dump_stack_lvl+0x189/0x250
[  269.995955][T13271]  ? __pfx____ratelimit+0x10/0x10
[  269.995977][T13271]  ? __pfx_dump_stack_lvl+0x10/0x10
[  269.996007][T13271]  ? __pfx__printk+0x10/0x10
[  269.996028][T13271]  ? __pfx___might_resched+0x10/0x10
[  269.996047][T13271]  ? fs_reclaim_acquire+0x7d/0x100
[  269.996077][T13271]  should_fail_ex+0x414/0x560
[  269.996106][T13271]  should_failslab+0xa8/0x100
[  269.996126][T13271]  __kmalloc_cache_noprof+0x6f/0x6f0
[  269.996149][T13271]  ? __request_module+0x2b5/0x5e0
[  269.996173][T13271]  __request_module+0x2b5/0x5e0
[  269.996195][T13271]  ? rtnl_link_ops_get+0x23/0x250
[  269.996213][T13271]  ? __pfx___request_module+0x10/0x10
[  269.996243][T13271]  ? rtnl_link_ops_get+0x23/0x250
[  269.996258][T13271]  ? rtnl_link_ops_get+0x23/0x250
[  269.996276][T13271]  ? rtnl_link_ops_get+0x215/0x250
[  269.996297][T13271]  rtnl_newlink+0x65d/0x1c80
[  269.996320][T13271]  ? ____sys_sendmsg+0x505/0x830
[  269.996339][T13271]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.996366][T13271]  ? __pfx_rtnl_newlink+0x10/0x10
[  269.996412][T13271]  ? kasan_quarantine_put+0xdd/0x220
[  269.996435][T13271]  ? lockdep_hardirqs_on+0x9c/0x150
[  269.996463][T13271]  ? nlmon_xmit+0xb0/0x100
[  269.996482][T13271]  ? kmem_cache_free+0x19b/0x690
[  269.996514][T13271]  ? __local_bh_enable_ip+0x12d/0x1c0
[  269.996533][T13271]  ? lockdep_hardirqs_on+0x9c/0x150
[  269.996555][T13271]  ? __local_bh_enable_ip+0x12d/0x1c0
[  269.996573][T13271]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  269.996596][T13271]  ? __dev_queue_xmit+0x284/0x3740
[  269.996618][T13271]  ? __dev_queue_xmit+0x284/0x3740
[  269.996637][T13271]  ? __dev_queue_xmit+0x1bfb/0x3740
[  269.996665][T13271]  ? __lock_acquire+0xab9/0xd20
[  269.996708][T13271]  ? __pfx_rtnl_newlink+0x10/0x10
[  269.996731][T13271]  rtnetlink_rcv_msg+0x7cf/0xb70
[  269.996758][T13271]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  269.996782][T13271]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  269.996812][T13271]  ? __pfx_rcu_preempt_deferred_qs_irqrestore+0x10/0x10
[  269.996849][T13271]  netlink_rcv_skb+0x208/0x470
[  269.996865][T13271]  ? rcu_is_watching+0x15/0xb0
[  269.996884][T13271]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  269.996910][T13271]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  269.996938][T13271]  ? netlink_deliver_tap+0x2e/0x1b0
[  269.996963][T13271]  netlink_unicast+0x82f/0x9e0
[  269.996995][T13271]  ? __pfx_netlink_unicast+0x10/0x10
[  269.997027][T13271]  ? netlink_sendmsg+0x642/0xb30
[  269.997042][T13271]  ? skb_put+0x11b/0x210
[  269.997063][T13271]  netlink_sendmsg+0x805/0xb30
[  269.997090][T13271]  ? __pfx_netlink_sendmsg+0x10/0x10
[  269.997111][T13271]  ? aa_sock_msg_perm+0xf1/0x1d0
[  269.997137][T13271]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  269.997154][T13271]  ? __pfx_netlink_sendmsg+0x10/0x10
[  269.997173][T13271]  __sock_sendmsg+0x21c/0x270
[  269.997198][T13271]  ____sys_sendmsg+0x505/0x830
[  269.997223][T13271]  ? __pfx_____sys_sendmsg+0x10/0x10
[  269.997251][T13271]  ? import_iovec+0x74/0xa0
[  269.997276][T13271]  ___sys_sendmsg+0x21f/0x2a0
[  269.997297][T13271]  ? __pfx____sys_sendmsg+0x10/0x10
[  269.997351][T13271]  ? __fget_files+0x2a/0x420
[  269.997367][T13271]  ? __fget_files+0x3a0/0x420
[  269.997394][T13271]  __x64_sys_sendmsg+0x19b/0x260
[  269.997416][T13271]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  269.997445][T13271]  ? __pfx_ksys_write+0x10/0x10
[  269.997472][T13271]  ? do_syscall_64+0xbe/0xfa0
[  269.997498][T13271]  do_syscall_64+0xfa/0xfa0
[  269.997518][T13271]  ? lockdep_hardirqs_on+0x9c/0x150
[  269.997540][T13271]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.997558][T13271]  ? clear_bhb_loop+0x60/0xb0
[  269.997579][T13271]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.997595][T13271] RIP: 0033:0x7f8bbd98f6c9
[  269.997612][T13271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  269.997627][T13271] RSP: 002b:00007f8bbe7b4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  269.997647][T13271] RAX: ffffffffffffffda RBX: 00007f8bbdbe5fa0 RCX: 00007f8bbd98f6c9
[  269.997661][T13271] RDX: 0000000000004040 RSI: 0000200000000180 RDI: 0000000000000003
[  269.997672][T13271] RBP: 00007f8bbe7b4090 R08: 0000000000000000 R09: 0000000000000000
[  269.997683][T13271] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  269.997694][T13271] R13: 00007f8bbdbe6038 R14: 00007f8bbdbe5fa0 R15: 00007ffd70a1ce08
[  269.997725][T13271]  </TASK>
[  270.524605][T13267] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2285'.
[  270.534494][T13267] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2285'.
[  270.547680][T13267] tipc: Invalid UDP bearer configuration
[  270.547744][T13267] tipc: Enabling of bearer <udp:sy{±> rejected, failed to enable media
[  270.689208][T13283] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2290'.
[  270.726035][T13283] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2290'.
[  270.817187][T13290] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2290'.
[  270.829577][T13287] netlink: 'syz.3.2293': attribute type 8 has an invalid length.
[  270.841553][T13287] netlink: 'syz.3.2293': attribute type 9 has an invalid length.
[  270.844545][T13295] netlink: 'syz.0.2295': attribute type 10 has an invalid length.
[  270.859422][T13287] netlink: 'syz.3.2293': attribute type 10 has an invalid length.
[  270.878880][T13287] netlink: 'syz.3.2293': attribute type 11 has an invalid length.
[  270.966251][T13300] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  270.974663][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  271.294449][T13328] mac80211_hwsim hwsim6 wlan0: entered promiscuous mode
[  271.303598][T13328] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check.
[  271.347399][T13325] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  271.376509][T13334] syzkaller0: entered promiscuous mode
[  271.399752][T13334] syzkaller0: entered allmulticast mode
[  271.407697][T13338] netlink: 'syz.2.2311': attribute type 1 has an invalid length.
[  271.456032][T13338] 8021q: adding VLAN 0 to HW filter on device bond2
[  271.497064][T13338] 8021q: adding VLAN 0 to HW filter on device batadv1
[  271.507828][T13338] bond2: (slave batadv1): making interface the new active one
[  271.517893][T13338] bond2: (slave batadv1): Enslaving as an active interface with an up link
[  271.541919][T13325] tipc: Resetting bearer <eth:syzkaller0>
[  271.647955][T13338] bond2 (unregistering): (slave batadv1): Releasing active interface
[  271.658446][T13338] bond2 (unregistering): Released all slaves
[  271.675059][T13324] tipc: Resetting bearer <eth:syzkaller0>
[  271.689675][T13324] tipc: Disabling bearer <eth:syzkaller0>
[  271.781579][T13357] IPVS: sync thread started: state = BACKUP, mcast_ifn = batadv0, syncid = 4, id = 0
[  271.852603][T13354] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  272.302400][T13391] netlink: 'syz.1.2326': attribute type 1 has an invalid length.
[  272.303638][T13392] netlink: 'syz.0.2328': attribute type 1 has an invalid length.
[  272.339874][T13391] 8021q: adding VLAN 0 to HW filter on device bond4
[  272.379604][T13392] bond4: entered promiscuous mode
[  272.388692][T13392] 8021q: adding VLAN 0 to HW filter on device bond4
[  272.419614][T13391] 8021q: adding VLAN 0 to HW filter on device batadv1
[  272.437064][T13392] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  272.444385][T13392] IPv6: NLM_F_CREATE should be set when creating new route
[  272.451724][T13392] IPv6: NLM_F_CREATE should be set when creating new route
[  272.473170][T13391] bond4: (slave batadv1): making interface the new active one
[  272.485163][T13391] bond4: (slave batadv1): Enslaving as an active interface with an up link
[  272.494402][T13392] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  272.527706][T13399] 8021q: adding VLAN 0 to HW filter on device bond4
[  272.536002][T13399] bond4: (slave wireguard0): The slave device specified does not support setting the MAC address
[  272.547858][T13399] bond4: (slave wireguard0): Setting fail_over_mac to active for active-backup mode
[  272.568585][T13399] bond4: (slave wireguard0): making interface the new active one
[  272.576741][T13399] wireguard0: entered promiscuous mode
[  272.583999][T13399] bond4: (slave wireguard0): Enslaving as an active interface with an up link
[  272.706166][T13402] bond4 (unregistering): (slave batadv1): Releasing active interface
[  272.718918][T13402] bond4 (unregistering): Released all slaves
[  272.784012][T13392] bond4: (slave wireguard1): The slave device specified does not support setting the MAC address
[  272.826828][T13392] bond4: (slave wireguard1): Enslaving as a backup interface with an up link
[  272.855592][T13411] netlink: 'syz.4.2331': attribute type 6 has an invalid length.
[  273.381225][T13445] FAULT_INJECTION: forcing a failure.
[  273.381225][T13445] name failslab, interval 1, probability 0, space 0, times 0
[  273.393958][T13445] CPU: 0 UID: 0 PID: 13445 Comm: syz.1.2343 Not tainted syzkaller #0 PREEMPT(full) 
[  273.393982][T13445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  273.393992][T13445] Call Trace:
[  273.393999][T13445]  <TASK>
[  273.394006][T13445]  dump_stack_lvl+0x189/0x250
[  273.394034][T13445]  ? __pfx____ratelimit+0x10/0x10
[  273.394056][T13445]  ? __pfx_dump_stack_lvl+0x10/0x10
[  273.394076][T13445]  ? __pfx__printk+0x10/0x10
[  273.394094][T13445]  ? __switchdev_handle_port_attr_set+0x257/0x2d0
[  273.394117][T13445]  ? __pfx_dsa_user_port_attr_set+0x10/0x10
[  273.394138][T13445]  ? __pfx_dsa_user_dev_check+0x10/0x10
[  273.394155][T13445]  ? __pfx___switchdev_handle_port_attr_set+0x10/0x10
[  273.394184][T13445]  should_fail_ex+0x414/0x560
[  273.394214][T13445]  should_failslab+0xa8/0x100
[  273.394234][T13445]  __kmalloc_noprof+0xcb/0x7f0
[  273.394256][T13445]  ? switchdev_deferred_enqueue+0x2d/0x240
[  273.394280][T13445]  ? atomic_notifier_call_chain+0x26/0x180
[  273.394302][T13445]  ? __pfx_switchdev_port_attr_set_deferred+0x10/0x10
[  273.394325][T13445]  switchdev_deferred_enqueue+0x2d/0x240
[  273.394353][T13445]  br_switchdev_set_port_flag+0x244/0x360
[  273.394382][T13445]  ? __pfx_br_switchdev_set_port_flag+0x10/0x10
[  273.394417][T13445]  ? __mutex_lock+0x335/0x1350
[  273.394444][T13445]  ? __lock_acquire+0xab9/0xd20
[  273.394465][T13445]  br_setport+0xab3/0x1670
[  273.394490][T13445]  ? __pfx_br_setport+0x10/0x10
[  273.394507][T13445]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  273.394540][T13445]  br_port_slave_changelink+0x12f/0x150
[  273.394564][T13445]  rtnl_newlink+0x1a01/0x1c80
[  273.394588][T13445]  ? ____sys_sendmsg+0x505/0x830
[  273.394611][T13445]  ? rtnl_newlink+0x8f1/0x1c80
[  273.394638][T13445]  ? __pfx_rtnl_newlink+0x10/0x10
[  273.394684][T13445]  ? kasan_quarantine_put+0xdd/0x220
[  273.394706][T13445]  ? lockdep_hardirqs_on+0x9c/0x150
[  273.394734][T13445]  ? nlmon_xmit+0xb0/0x100
[  273.394760][T13445]  ? kmem_cache_free+0x19b/0x690
[  273.394791][T13445]  ? __local_bh_enable_ip+0x12d/0x1c0
[  273.394810][T13445]  ? lockdep_hardirqs_on+0x9c/0x150
[  273.394836][T13445]  ? __local_bh_enable_ip+0x12d/0x1c0
[  273.394854][T13445]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  273.394873][T13445]  ? __dev_queue_xmit+0x284/0x3740
[  273.394895][T13445]  ? __dev_queue_xmit+0x284/0x3740
[  273.394914][T13445]  ? __dev_queue_xmit+0x1bfb/0x3740
[  273.394942][T13445]  ? __lock_acquire+0xab9/0xd20
[  273.394982][T13445]  ? __pfx_rtnl_newlink+0x10/0x10
[  273.395004][T13445]  rtnetlink_rcv_msg+0x7cf/0xb70
[  273.395032][T13445]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  273.395054][T13445]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  273.395075][T13445]  ? ref_tracker_free+0x63a/0x7d0
[  273.395093][T13445]  ? __asan_memcpy+0x40/0x70
[  273.395113][T13445]  ? __pfx_ref_tracker_free+0x10/0x10
[  273.395140][T13445]  netlink_rcv_skb+0x208/0x470
[  273.395159][T13445]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  273.395184][T13445]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  273.395212][T13445]  ? netlink_deliver_tap+0x2e/0x1b0
[  273.395235][T13445]  netlink_unicast+0x82f/0x9e0
[  273.395266][T13445]  ? __pfx_netlink_unicast+0x10/0x10
[  273.395291][T13445]  ? netlink_sendmsg+0x642/0xb30
[  273.395306][T13445]  ? skb_put+0x11b/0x210
[  273.395327][T13445]  netlink_sendmsg+0x805/0xb30
[  273.395355][T13445]  ? __pfx_netlink_sendmsg+0x10/0x10
[  273.395377][T13445]  ? aa_sock_msg_perm+0xf1/0x1d0
[  273.395402][T13445]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  273.395419][T13445]  ? __pfx_netlink_sendmsg+0x10/0x10
[  273.395437][T13445]  __sock_sendmsg+0x21c/0x270
[  273.395463][T13445]  ____sys_sendmsg+0x505/0x830
[  273.395487][T13445]  ? __pfx_____sys_sendmsg+0x10/0x10
[  273.395514][T13445]  ? import_iovec+0x74/0xa0
[  273.395539][T13445]  ___sys_sendmsg+0x21f/0x2a0
[  273.395560][T13445]  ? __pfx____sys_sendmsg+0x10/0x10
[  273.395614][T13445]  ? __fget_files+0x2a/0x420
[  273.395630][T13445]  ? __fget_files+0x3a0/0x420
[  273.395657][T13445]  __x64_sys_sendmsg+0x19b/0x260
[  273.395679][T13445]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  273.395708][T13445]  ? __pfx_ksys_write+0x10/0x10
[  273.395736][T13445]  ? do_syscall_64+0xbe/0xfa0
[  273.395770][T13445]  do_syscall_64+0xfa/0xfa0
[  273.395791][T13445]  ? lockdep_hardirqs_on+0x9c/0x150
[  273.395812][T13445]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  273.395830][T13445]  ? clear_bhb_loop+0x60/0xb0
[  273.395850][T13445]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  273.395867][T13445] RIP: 0033:0x7ff18878f6c9
[  273.395883][T13445] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  273.395899][T13445] RSP: 002b:00007ff189609038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  273.395918][T13445] RAX: ffffffffffffffda RBX: 00007ff1889e5fa0 RCX: 00007ff18878f6c9
[  273.395931][T13445] RDX: 0000000000004040 RSI: 0000200000000180 RDI: 0000000000000003
[  273.395942][T13445] RBP: 00007ff189609090 R08: 0000000000000000 R09: 0000000000000000
[  273.395953][T13445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  273.395963][T13445] R13: 00007ff1889e6038 R14: 00007ff1889e5fa0 R15: 00007ffe89a96748
[  273.395994][T13445]  </TASK>
[  274.335518][ T5898] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  274.685173][T13479] bond4: entered promiscuous mode
[  274.690483][T13479] bond4: entered allmulticast mode
[  274.697292][T13479] 8021q: adding VLAN 0 to HW filter on device bond4
[  274.755076][T13487] 8021q: adding VLAN 0 to HW filter on device bond4
[  274.771442][T13492] 8021q: adding VLAN 0 to HW filter on device batadv3
[  274.774120][T13494] SET target dimension over the limit!
[  274.796634][T13487] __nla_validate_parse: 19 callbacks suppressed
[  274.796654][T13487] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2359'.
[  274.816496][T13492] bond4: (slave batadv3): making interface the new active one
[  274.826571][T13492] bond4: (slave batadv3): Enslaving as an active interface with an up link
[  274.862440][T13496] netlink: 72 bytes leftover after parsing attributes in process `syz.0.2361'.
[  275.042214][T13487] bond4 (unregistering): (slave batadv3): Releasing active interface
[  275.053743][T13487] bond4 (unregistering): Released all slaves
[  275.315857][ T5148] Bluetooth: hci4: command 0x0405 tx timeout
[  275.483114][T13525] FAULT_INJECTION: forcing a failure.
[  275.483114][T13525] name failslab, interval 1, probability 0, space 0, times 0
[  275.505087][T13525] CPU: 0 UID: 0 PID: 13525 Comm: syz.0.2369 Not tainted syzkaller #0 PREEMPT(full) 
[  275.505113][T13525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  275.505124][T13525] Call Trace:
[  275.505132][T13525]  <TASK>
[  275.505139][T13525]  dump_stack_lvl+0x189/0x250
[  275.505167][T13525]  ? __pfx____ratelimit+0x10/0x10
[  275.505190][T13525]  ? __pfx_dump_stack_lvl+0x10/0x10
[  275.505213][T13525]  ? __pfx__printk+0x10/0x10
[  275.505236][T13525]  ? __lock_acquire+0xab9/0xd20
[  275.505269][T13525]  should_fail_ex+0x414/0x560
[  275.505302][T13525]  should_failslab+0xa8/0x100
[  275.505323][T13525]  kmem_cache_alloc_noprof+0x74/0x6e0
[  275.505347][T13525]  ? skb_clone+0x212/0x3a0
[  275.505372][T13525]  skb_clone+0x212/0x3a0
[  275.505395][T13525]  __netlink_deliver_tap+0x404/0x850
[  275.505426][T13525]  ? netlink_deliver_tap+0x2e/0x1b0
[  275.505445][T13525]  netlink_deliver_tap+0x19c/0x1b0
[  275.505465][T13525]  netlink_unicast+0x7fa/0x9e0
[  275.505498][T13525]  ? __pfx_netlink_unicast+0x10/0x10
[  275.505524][T13525]  ? netlink_sendmsg+0x642/0xb30
[  275.505539][T13525]  ? skb_put+0x11b/0x210
[  275.505558][T13525]  netlink_sendmsg+0x805/0xb30
[  275.505583][T13525]  ? __pfx_netlink_sendmsg+0x10/0x10
[  275.505604][T13525]  ? aa_sock_msg_perm+0xf1/0x1d0
[  275.505631][T13525]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  275.505647][T13525]  ? __pfx_netlink_sendmsg+0x10/0x10
[  275.505666][T13525]  __sock_sendmsg+0x21c/0x270
[  275.505693][T13525]  ____sys_sendmsg+0x505/0x830
[  275.505718][T13525]  ? __pfx_____sys_sendmsg+0x10/0x10
[  275.505747][T13525]  ? import_iovec+0x74/0xa0
[  275.505773][T13525]  ___sys_sendmsg+0x21f/0x2a0
[  275.505794][T13525]  ? __pfx____sys_sendmsg+0x10/0x10
[  275.505851][T13525]  ? __fget_files+0x2a/0x420
[  275.505867][T13525]  ? __fget_files+0x3a0/0x420
[  275.505895][T13525]  __x64_sys_sendmsg+0x19b/0x260
[  275.505917][T13525]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  275.505947][T13525]  ? __pfx_ksys_write+0x10/0x10
[  275.505974][T13525]  ? do_syscall_64+0xbe/0xfa0
[  275.506001][T13525]  do_syscall_64+0xfa/0xfa0
[  275.506022][T13525]  ? lockdep_hardirqs_on+0x9c/0x150
[  275.506044][T13525]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  275.506062][T13525]  ? clear_bhb_loop+0x60/0xb0
[  275.506083][T13525]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  275.506101][T13525] RIP: 0033:0x7fae2718f6c9
[  275.506117][T13525] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  275.506133][T13525] RSP: 002b:00007fae280cc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  275.506153][T13525] RAX: ffffffffffffffda RBX: 00007fae273e5fa0 RCX: 00007fae2718f6c9
[  275.506166][T13525] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003
[  275.506178][T13525] RBP: 00007fae280cc090 R08: 0000000000000000 R09: 0000000000000000
[  275.506189][T13525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  275.506200][T13525] R13: 00007fae273e6038 R14: 00007fae273e5fa0 R15: 00007ffc67ff4478
[  275.506232][T13525]  </TASK>
[  275.506368][T13525] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2369'.
[  275.845367][T13525] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2369'.
[  275.854749][T13525] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2369'.
[  275.934800][T13525] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2369'.
[  275.949829][T13525] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2369'.
[  275.969562][T13525] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2369'.
[  275.982469][T13525] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2369'.
[  275.992616][T13525] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2369'.
[  276.019864][T13525] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  276.043433][T13532] vlan1: entered promiscuous mode
[  276.103488][T13545] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  276.132686][T13543] validate_nla: 3 callbacks suppressed
[  276.132704][T13543] netlink: 'syz.3.2376': attribute type 83 has an invalid length.
[  276.300266][T13553] IPVS: set_ctl: invalid protocol: 60 224.0.0.2:20002
[  276.385392][T13561] netlink: 'syz.1.2383': attribute type 8 has an invalid length.
[  276.403346][T13561] netlink: 'syz.1.2383': attribute type 9 has an invalid length.
[  276.440194][T13561] netlink: 'syz.1.2383': attribute type 10 has an invalid length.
[  276.463874][T13561] netlink: 'syz.1.2383': attribute type 11 has an invalid length.
[  276.473326][T13569] vlan2: entered promiscuous mode
[  276.594076][T13576] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  276.602660][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  276.796264][T13580] FAULT_INJECTION: forcing a failure.
[  276.796264][T13580] name failslab, interval 1, probability 0, space 0, times 0
[  276.830453][T13580] CPU: 1 UID: 0 PID: 13580 Comm: syz.1.2390 Not tainted syzkaller #0 PREEMPT(full) 
[  276.830479][T13580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  276.830489][T13580] Call Trace:
[  276.830497][T13580]  <TASK>
[  276.830505][T13580]  dump_stack_lvl+0x189/0x250
[  276.830533][T13580]  ? __pfx____ratelimit+0x10/0x10
[  276.830555][T13580]  ? __pfx_dump_stack_lvl+0x10/0x10
[  276.830579][T13580]  ? __pfx__printk+0x10/0x10
[  276.830602][T13580]  ? __pfx___might_resched+0x10/0x10
[  276.830620][T13580]  ? fs_reclaim_acquire+0x7d/0x100
[  276.830649][T13580]  should_fail_ex+0x414/0x560
[  276.830679][T13580]  should_failslab+0xa8/0x100
[  276.830699][T13580]  kmem_cache_alloc_node_noprof+0x77/0x710
[  276.830723][T13580]  ? __alloc_skb+0x112/0x2d0
[  276.830738][T13580]  ? netlink_autobind+0xdb/0x300
[  276.830761][T13580]  __alloc_skb+0x112/0x2d0
[  276.830781][T13580]  netlink_sendmsg+0x5c6/0xb30
[  276.830808][T13580]  ? __pfx_netlink_sendmsg+0x10/0x10
[  276.830829][T13580]  ? aa_sock_msg_perm+0xf1/0x1d0
[  276.830857][T13580]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  276.830875][T13580]  ? __pfx_netlink_sendmsg+0x10/0x10
[  276.830893][T13580]  __sock_sendmsg+0x21c/0x270
[  276.830919][T13580]  ____sys_sendmsg+0x505/0x830
[  276.830944][T13580]  ? __pfx_____sys_sendmsg+0x10/0x10
[  276.830972][T13580]  ? import_iovec+0x74/0xa0
[  276.830997][T13580]  ___sys_sendmsg+0x21f/0x2a0
[  276.831018][T13580]  ? __pfx____sys_sendmsg+0x10/0x10
[  276.831071][T13580]  ? __fget_files+0x2a/0x420
[  276.831088][T13580]  ? __fget_files+0x3a0/0x420
[  276.831115][T13580]  __x64_sys_sendmsg+0x19b/0x260
[  276.831137][T13580]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  276.831165][T13580]  ? __pfx_ksys_write+0x10/0x10
[  276.831191][T13580]  ? do_syscall_64+0xbe/0xfa0
[  276.831217][T13580]  do_syscall_64+0xfa/0xfa0
[  276.831238][T13580]  ? lockdep_hardirqs_on+0x9c/0x150
[  276.831261][T13580]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.831278][T13580]  ? clear_bhb_loop+0x60/0xb0
[  276.831299][T13580]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.831316][T13580] RIP: 0033:0x7ff18878f6c9
[  276.831333][T13580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  276.831348][T13580] RSP: 002b:00007ff189609038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  276.831367][T13580] RAX: ffffffffffffffda RBX: 00007ff1889e5fa0 RCX: 00007ff18878f6c9
[  276.831381][T13580] RDX: 0000000000000000 RSI: 00002000000006c0 RDI: 0000000000000003
[  276.831392][T13580] RBP: 00007ff189609090 R08: 0000000000000000 R09: 0000000000000000
[  276.831403][T13580] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  276.831414][T13580] R13: 00007ff1889e6038 R14: 00007ff1889e5fa0 R15: 00007ffe89a96748
[  276.831451][T13580]  </TASK>
[  277.430934][T13593] ip6tnl0: Caught tx_queue_len zero misconfig
[  277.483575][T13596] FAULT_INJECTION: forcing a failure.
[  277.483575][T13596] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  277.497985][T13596] CPU: 1 UID: 0 PID: 13596 Comm: syz.2.2396 Not tainted syzkaller #0 PREEMPT(full) 
[  277.498009][T13596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  277.498020][T13596] Call Trace:
[  277.498026][T13596]  <TASK>
[  277.498034][T13596]  dump_stack_lvl+0x189/0x250
[  277.498062][T13596]  ? __pfx____ratelimit+0x10/0x10
[  277.498082][T13596]  ? __pfx_dump_stack_lvl+0x10/0x10
[  277.498102][T13596]  ? __pfx__printk+0x10/0x10
[  277.498131][T13596]  should_fail_ex+0x414/0x560
[  277.498158][T13596]  _copy_to_user+0x31/0xb0
[  277.498177][T13596]  simple_read_from_buffer+0xe1/0x170
[  277.498202][T13596]  proc_fail_nth_read+0x1b3/0x220
[  277.498222][T13596]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  277.498240][T13596]  ? rw_verify_area+0x2a6/0x4d0
[  277.498258][T13596]  ? __lock_acquire+0xab9/0xd20
[  277.498269][T13596]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  277.498287][T13596]  vfs_read+0x200/0xa30
[  277.498304][T13596]  ? fdget_pos+0x247/0x320
[  277.498321][T13596]  ? __pfx___mutex_lock+0x10/0x10
[  277.498343][T13596]  ? __pfx_vfs_read+0x10/0x10
[  277.498362][T13596]  ? __fget_files+0x2a/0x420
[  277.498378][T13596]  ? __fget_files+0x3a0/0x420
[  277.498397][T13596]  ? __fget_files+0x2a/0x420
[  277.498415][T13596]  ksys_read+0x145/0x250
[  277.498435][T13596]  ? __pfx_ksys_read+0x10/0x10
[  277.498456][T13596]  ? do_syscall_64+0xbe/0xfa0
[  277.498480][T13596]  do_syscall_64+0xfa/0xfa0
[  277.498496][T13596]  ? lockdep_hardirqs_on+0x9c/0x150
[  277.498514][T13596]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  277.498527][T13596]  ? clear_bhb_loop+0x60/0xb0
[  277.498543][T13596]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  277.498556][T13596] RIP: 0033:0x7fcefb38e0dc
[  277.498569][T13596] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  277.498582][T13596] RSP: 002b:00007fcefc2c7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  277.498598][T13596] RAX: ffffffffffffffda RBX: 00007fcefb5e5fa0 RCX: 00007fcefb38e0dc
[  277.498608][T13596] RDX: 000000000000000f RSI: 00007fcefc2c70a0 RDI: 0000000000000004
[  277.498616][T13596] RBP: 00007fcefc2c7090 R08: 0000000000000000 R09: 0000000000000000
[  277.498624][T13596] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  277.498632][T13596] R13: 00007fcefb5e6038 R14: 00007fcefb5e5fa0 R15: 00007ffe636dfb58
[  277.498655][T13596]  </TASK>
[  277.876397][T13604] netlink: 'syz.3.2400': attribute type 1 has an invalid length.
[  277.884178][T13604] nbd: error processing sock list
[  278.156477][T13626] netlink: 'syz.0.2405': attribute type 1 has an invalid length.
[  278.287635][T13626] 8021q: adding VLAN 0 to HW filter on device bond5
[  278.322653][T13642] sctp: [Deprecated]: syz.3.2411 (pid 13642) Use of int in max_burst socket option.
[  278.322653][T13642] Use struct sctp_assoc_value instead
[  278.373651][T13633] 8021q: adding VLAN 0 to HW filter on device batadv1
[  278.384367][T13633] bond5: (slave batadv1): making interface the new active one
[  278.393524][T13633] bond5: (slave batadv1): Enslaving as an active interface with an up link
[  278.557848][T13637] bond5 (unregistering): (slave batadv1): Releasing active interface
[  278.568037][T13637] bond5 (unregistering): Released all slaves
[  278.589932][T13647] vlan2: entered promiscuous mode
[  278.590216][T13652] sctp: [Deprecated]: syz.3.2414 (pid 13652) Use of int in max_burst socket option.
[  278.590216][T13652] Use struct sctp_assoc_value instead
[  279.440254][T13699] xt_recent: Unsupported userspace flags (000000b1)
[  280.009129][T13735] __nla_validate_parse: 45 callbacks suppressed
[  280.009150][T13735] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2433'.
[  280.379581][T13746] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2438'.
[  280.555304][T13757] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2442'.
[  280.755354][ T5148] Bluetooth: hci4: command 0x0405 tx timeout
[  280.892611][T13769] netlink: 'syz.4.2445': attribute type 13 has an invalid length.
[  280.901041][T13769] netlink: 'syz.4.2445': attribute type 17 has an invalid length.
[  280.912012][T13770] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2443'.
[  280.923664][T13771] netlink: 'syz.1.2446': attribute type 13 has an invalid length.
[  281.012539][T13771] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  281.090415][T13769] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  281.491352][T13788] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2453'.
[  281.523402][T13788] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2453'.
[  281.835401][T13791] bond4: (slave bond_slave_1): Device is not our slave
[  281.842302][T13791] bond4: option active_slave: invalid value (bond_slave_1)
[  281.859907][T13791] bond4 (unregistering): Released all slaves
[  282.052322][T13825] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2462'.
[  282.061904][T13825] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2462'.
[  282.074214][T13825] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2462'.
[  282.084286][T13825] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2462'.
[  282.404232][T13841] bond2: option tlb_dynamic_lb: mode dependency failed, not supported in mode balance-rr(0)
[  282.442676][T13841] bond2 (unregistering): Released all slaves
[  283.077757][T13866] bond5: entered promiscuous mode
[  283.096949][T13866] 8021q: adding VLAN 0 to HW filter on device bond5
[  283.420033][T13889] FAULT_INJECTION: forcing a failure.
[  283.420033][T13889] name failslab, interval 1, probability 0, space 0, times 0
[  283.441078][T13889] CPU: 1 UID: 0 PID: 13889 Comm: syz.1.2482 Not tainted syzkaller #0 PREEMPT(full) 
[  283.441102][T13889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  283.441112][T13889] Call Trace:
[  283.441119][T13889]  <TASK>
[  283.441127][T13889]  dump_stack_lvl+0x189/0x250
[  283.441155][T13889]  ? __pfx____ratelimit+0x10/0x10
[  283.441177][T13889]  ? __pfx_dump_stack_lvl+0x10/0x10
[  283.441197][T13889]  ? __pfx__printk+0x10/0x10
[  283.441219][T13889]  ? __pfx___might_resched+0x10/0x10
[  283.441235][T13889]  ? fs_reclaim_acquire+0x7d/0x100
[  283.441265][T13889]  should_fail_ex+0x414/0x560
[  283.441295][T13889]  should_failslab+0xa8/0x100
[  283.441313][T13889]  kmem_cache_alloc_node_noprof+0x77/0x710
[  283.441336][T13889]  ? __alloc_skb+0x112/0x2d0
[  283.441350][T13889]  ? rtnl_prop_list_size+0x1ba/0x1e0
[  283.441378][T13889]  __alloc_skb+0x112/0x2d0
[  283.441398][T13889]  rtmsg_ifinfo_build_skb+0x84/0x260
[  283.441429][T13889]  rtmsg_ifinfo+0x8c/0x1a0
[  283.441458][T13889]  netif_state_change+0x29e/0x3a0
[  283.441481][T13889]  ? lockdep_rtnl_is_held+0x26/0x40
[  283.441503][T13889]  ? __pfx_netif_state_change+0x10/0x10
[  283.441533][T13889]  ? dev_change_xdp_fd+0x1da/0x220
[  283.441557][T13889]  do_setlink+0x35de/0x41c0
[  283.441578][T13889]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  283.441612][T13889]  ? __pfx_do_setlink+0x10/0x10
[  283.441630][T13889]  ? stack_trace_save+0x9c/0xe0
[  283.441649][T13889]  ? __pfx_stack_trace_save+0x10/0x10
[  283.441681][T13889]  ? __lock_acquire+0xab9/0xd20
[  283.441707][T13889]  ? __mutex_trylock_common+0x153/0x260
[  283.441731][T13889]  ? __pfx___mutex_trylock_common+0x10/0x10
[  283.441756][T13889]  ? rcu_is_watching+0x15/0xb0
[  283.441776][T13889]  ? trace_contention_end+0x39/0x120
[  283.441797][T13889]  ? __mutex_lock+0x335/0x1350
[  283.441833][T13889]  ? rtnl_newlink+0x8e9/0x1c80
[  283.441869][T13889]  ? __pfx___mutex_lock+0x10/0x10
[  283.441905][T13889]  ? ns_capable+0x8a/0xf0
[  283.441926][T13889]  ? rtnl_link_get_net_capable+0x16a/0x350
[  283.441947][T13889]  rtnl_newlink+0x14ad/0x1c80
[  283.441970][T13889]  ? ____sys_sendmsg+0x505/0x830
[  283.442000][T13889]  ? __pfx_rtnl_newlink+0x10/0x10
[  283.442047][T13889]  ? kasan_quarantine_put+0xdd/0x220
[  283.442070][T13889]  ? lockdep_hardirqs_on+0x9c/0x150
[  283.442099][T13889]  ? nlmon_xmit+0xb0/0x100
[  283.442118][T13889]  ? kmem_cache_free+0x19b/0x690
[  283.442150][T13889]  ? __local_bh_enable_ip+0x12d/0x1c0
[  283.442169][T13889]  ? lockdep_hardirqs_on+0x9c/0x150
[  283.442192][T13889]  ? __local_bh_enable_ip+0x12d/0x1c0
[  283.442210][T13889]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  283.442233][T13889]  ? __dev_queue_xmit+0x284/0x3740
[  283.442256][T13889]  ? __dev_queue_xmit+0x284/0x3740
[  283.442275][T13889]  ? __dev_queue_xmit+0x1bfb/0x3740
[  283.442304][T13889]  ? __lock_acquire+0xab9/0xd20
[  283.442346][T13889]  ? __pfx_rtnl_newlink+0x10/0x10
[  283.442370][T13889]  rtnetlink_rcv_msg+0x7cf/0xb70
[  283.442398][T13889]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  283.442422][T13889]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  283.442444][T13889]  ? ref_tracker_free+0x63a/0x7d0
[  283.442462][T13889]  ? __asan_memcpy+0x40/0x70
[  283.442482][T13889]  ? __pfx_ref_tracker_free+0x10/0x10
[  283.442507][T13889]  netlink_rcv_skb+0x208/0x470
[  283.442524][T13889]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  283.442550][T13889]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  283.442579][T13889]  ? netlink_deliver_tap+0x2e/0x1b0
[  283.442604][T13889]  netlink_unicast+0x82f/0x9e0
[  283.442634][T13889]  ? __pfx_netlink_unicast+0x10/0x10
[  283.442659][T13889]  ? netlink_sendmsg+0x642/0xb30
[  283.442674][T13889]  ? skb_put+0x11b/0x210
[  283.442694][T13889]  netlink_sendmsg+0x805/0xb30
[  283.442722][T13889]  ? __pfx_netlink_sendmsg+0x10/0x10
[  283.442743][T13889]  ? aa_sock_msg_perm+0xf1/0x1d0
[  283.442770][T13889]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  283.442788][T13889]  ? __pfx_netlink_sendmsg+0x10/0x10
[  283.442806][T13889]  __sock_sendmsg+0x21c/0x270
[  283.442832][T13889]  ____sys_sendmsg+0x505/0x830
[  283.442856][T13889]  ? __pfx_____sys_sendmsg+0x10/0x10
[  283.442891][T13889]  ? import_iovec+0x74/0xa0
[  283.442915][T13889]  ___sys_sendmsg+0x21f/0x2a0
[  283.442936][T13889]  ? __pfx____sys_sendmsg+0x10/0x10
[  283.442992][T13889]  ? __fget_files+0x2a/0x420
[  283.443006][T13889]  ? __fget_files+0x3a0/0x420
[  283.443031][T13889]  __x64_sys_sendmsg+0x19b/0x260
[  283.443052][T13889]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  283.443080][T13889]  ? __pfx_ksys_write+0x10/0x10
[  283.443104][T13889]  ? do_syscall_64+0xbe/0xfa0
[  283.443128][T13889]  do_syscall_64+0xfa/0xfa0
[  283.443148][T13889]  ? lockdep_hardirqs_on+0x9c/0x150
[  283.443169][T13889]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.443185][T13889]  ? clear_bhb_loop+0x60/0xb0
[  283.443205][T13889]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.443219][T13889] RIP: 0033:0x7ff18878f6c9
[  283.443236][T13889] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  283.443251][T13889] RSP: 002b:00007ff189609038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  283.443271][T13889] RAX: ffffffffffffffda RBX: 00007ff1889e5fa0 RCX: 00007ff18878f6c9
[  283.443284][T13889] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003
[  283.443295][T13889] RBP: 00007ff189609090 R08: 0000000000000000 R09: 0000000000000000
[  283.443306][T13889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  283.443317][T13889] R13: 00007ff1889e6038 R14: 00007ff1889e5fa0 R15: 00007ffe89a96748
[  283.443348][T13889]  </TASK>
[  283.977000][ T5826] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  284.117039][T13889] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  284.464553][T13910] validate_nla: 1 callbacks suppressed
[  284.464571][T13910] netlink: 'syz.1.2485': attribute type 2 has an invalid length.
[  284.477981][T13910] netlink: 'syz.1.2485': attribute type 1 has an invalid length.
[  284.970441][T13947] netlink: 'syz.0.2495': attribute type 4 has an invalid length.
[  285.022024][T13951] netlink: 'syz.0.2495': attribute type 4 has an invalid length.
[  285.547251][T13972] __nla_validate_parse: 114 callbacks suppressed
[  285.547270][T13972] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2505'.
[  285.621050][T13978] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2505'.
[  285.636883][T13974] netlink: 'syz.3.2504': attribute type 8 has an invalid length.
[  285.644737][T13974] netlink: 'syz.3.2504': attribute type 9 has an invalid length.
[  285.667139][T13974] netlink: 'syz.3.2504': attribute type 10 has an invalid length.
[  285.706026][T13974] netlink: 'syz.3.2504': attribute type 11 has an invalid length.
[  285.739891][T13974] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2504'.
[  285.864291][T13985] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2507'.
[  286.561983][T14004] hsr0: entered allmulticast mode
[  286.567530][T14004] hsr_slave_0: entered allmulticast mode
[  286.573216][T14004] hsr_slave_1: entered allmulticast mode
[  286.630837][T14004] hsr_slave_0: left promiscuous mode
[  286.660289][T14004] hsr_slave_1: left promiscuous mode
[  286.710657][T14004] hsr0 (unregistering): left allmulticast mode
[  287.032100][T14030] netlink: 'syz.0.2521': attribute type 8 has an invalid length.
[  287.045023][T14030] netlink: 'syz.0.2521': attribute type 9 has an invalid length.
[  287.060066][T14030] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2521'.
[  287.467570][T14058] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2529'.
[  287.517764][T14058] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2529'.
[  287.699722][T14061] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  287.708340][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  287.945963][T14081] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  287.954406][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  288.567120][T14105] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  288.576482][T14105] syzkaller0: entered promiscuous mode
[  288.582142][T14105] syzkaller0: entered allmulticast mode
[  288.888684][T14107] tipc: Resetting bearer <eth:syzkaller0>
[  288.899647][T14110] bond0: Caught tx_queue_len zero misconfig
[  289.093644][T14104] tipc: Resetting bearer <eth:syzkaller0>
[  289.111193][T14104] tipc: Disabling bearer <eth:syzkaller0>
[  289.752745][T14144] af_packet: tpacket_rcv: packet too big, clamped from 2 to 4294967272. macoff=96
[  289.890818][T14150] validate_nla: 2 callbacks suppressed
[  289.890836][T14150] netlink: 'syz.0.2559': attribute type 8 has an invalid length.
[  289.904338][T14150] netlink: 'syz.0.2559': attribute type 9 has an invalid length.
[  289.914539][T14150] netlink: 'syz.0.2559': attribute type 10 has an invalid length.
[  289.942960][T14150] netlink: 'syz.0.2559': attribute type 11 has an invalid length.
[  289.996157][T14150] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2559'.
[  290.378513][T14172] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  290.387050][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  290.554401][T14174] xt_CT: No such helper "snmp_trap"
[  290.791770][T14189] netlink: 56 bytes leftover after parsing attributes in process `syz.3.2573'.
[  290.869753][T14192] netlink: 356 bytes leftover after parsing attributes in process `syz.3.2573'.
[  291.253473][T14204] x_tables: duplicate underflow at hook 3
[  291.381847][T14212] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2583'.
[  291.426805][T14216] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2585'.
[  291.436621][T14216] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2585'.
[  291.731582][T14235] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2590'.
[  291.922881][T14239] netlink: 91 bytes leftover after parsing attributes in process `syz.0.2592'.
[  292.640652][T14262] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  292.649289][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  293.462029][T14280] netlink: 56 bytes leftover after parsing attributes in process `syz.4.2606'.
[  293.504126][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  293.554230][T14282] netlink: 356 bytes leftover after parsing attributes in process `syz.4.2606'.
[  293.780531][T14284] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  293.854515][T14287] syzkaller0: entered promiscuous mode
[  293.860554][T14287] syzkaller0: entered allmulticast mode
[  293.922000][T14284] tipc: Resetting bearer <eth:syzkaller0>
[  293.962989][T14283] tipc: Resetting bearer <eth:syzkaller0>
[  294.004561][T14283] tipc: Disabling bearer <eth:syzkaller0>
[  294.309380][T14303] FAULT_INJECTION: forcing a failure.
[  294.309380][T14303] name failslab, interval 1, probability 0, space 0, times 0
[  294.344583][T14303] CPU: 0 UID: 0 PID: 14303 Comm: syz.0.2613 Not tainted syzkaller #0 PREEMPT(full) 
[  294.344609][T14303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  294.344620][T14303] Call Trace:
[  294.344629][T14303]  <TASK>
[  294.344638][T14303]  dump_stack_lvl+0x189/0x250
[  294.344667][T14303]  ? __pfx____ratelimit+0x10/0x10
[  294.344694][T14303]  ? __pfx_dump_stack_lvl+0x10/0x10
[  294.344717][T14303]  ? __pfx__printk+0x10/0x10
[  294.344738][T14303]  ? __pfx___might_resched+0x10/0x10
[  294.344757][T14303]  ? fs_reclaim_acquire+0x7d/0x100
[  294.344787][T14303]  should_fail_ex+0x414/0x560
[  294.344823][T14303]  should_failslab+0xa8/0x100
[  294.344840][T14303]  __kmalloc_cache_noprof+0x6f/0x6f0
[  294.344861][T14303]  ? __request_module+0x2b5/0x5e0
[  294.344883][T14303]  __request_module+0x2b5/0x5e0
[  294.344900][T14303]  ? rtnl_link_ops_get+0x23/0x250
[  294.344916][T14303]  ? __pfx___request_module+0x10/0x10
[  294.344939][T14303]  ? rtnl_link_ops_get+0x23/0x250
[  294.344952][T14303]  ? rtnl_link_ops_get+0x23/0x250
[  294.344968][T14303]  ? rtnl_link_ops_get+0x215/0x250
[  294.344986][T14303]  rtnl_newlink+0x65d/0x1c80
[  294.345009][T14303]  ? ____sys_sendmsg+0x505/0x830
[  294.345028][T14303]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.345053][T14303]  ? __pfx_rtnl_newlink+0x10/0x10
[  294.345096][T14303]  ? kasan_quarantine_put+0xdd/0x220
[  294.345119][T14303]  ? lockdep_hardirqs_on+0x9c/0x150
[  294.345143][T14303]  ? nlmon_xmit+0xb0/0x100
[  294.345161][T14303]  ? kmem_cache_free+0x19b/0x690
[  294.345190][T14303]  ? __local_bh_enable_ip+0x12d/0x1c0
[  294.345210][T14303]  ? lockdep_hardirqs_on+0x9c/0x150
[  294.345233][T14303]  ? __local_bh_enable_ip+0x12d/0x1c0
[  294.345250][T14303]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  294.345272][T14303]  ? __dev_queue_xmit+0x284/0x3740
[  294.345294][T14303]  ? __dev_queue_xmit+0x284/0x3740
[  294.345314][T14303]  ? __dev_queue_xmit+0x1bfb/0x3740
[  294.345342][T14303]  ? __lock_acquire+0xab9/0xd20
[  294.345383][T14303]  ? __pfx_rtnl_newlink+0x10/0x10
[  294.345407][T14303]  rtnetlink_rcv_msg+0x7cf/0xb70
[  294.345435][T14303]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  294.345459][T14303]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  294.345480][T14303]  ? ref_tracker_free+0x63a/0x7d0
[  294.345498][T14303]  ? __asan_memcpy+0x40/0x70
[  294.345519][T14303]  ? __pfx_ref_tracker_free+0x10/0x10
[  294.345546][T14303]  netlink_rcv_skb+0x208/0x470
[  294.345565][T14303]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  294.345591][T14303]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  294.345619][T14303]  ? netlink_deliver_tap+0x2e/0x1b0
[  294.345642][T14303]  netlink_unicast+0x82f/0x9e0
[  294.345671][T14303]  ? __pfx_netlink_unicast+0x10/0x10
[  294.345693][T14303]  ? netlink_sendmsg+0x642/0xb30
[  294.345706][T14303]  ? skb_put+0x11b/0x210
[  294.345725][T14303]  netlink_sendmsg+0x805/0xb30
[  294.345751][T14303]  ? __pfx_netlink_sendmsg+0x10/0x10
[  294.345771][T14303]  ? aa_sock_msg_perm+0xf1/0x1d0
[  294.345797][T14303]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  294.345822][T14303]  ? __pfx_netlink_sendmsg+0x10/0x10
[  294.345837][T14303]  __sock_sendmsg+0x21c/0x270
[  294.345860][T14303]  ____sys_sendmsg+0x505/0x830
[  294.345883][T14303]  ? __pfx_____sys_sendmsg+0x10/0x10
[  294.345906][T14303]  ? import_iovec+0x74/0xa0
[  294.345928][T14303]  ___sys_sendmsg+0x21f/0x2a0
[  294.345949][T14303]  ? __pfx____sys_sendmsg+0x10/0x10
[  294.345996][T14303]  ? __fget_files+0x2a/0x420
[  294.346010][T14303]  ? __fget_files+0x3a0/0x420
[  294.346034][T14303]  __x64_sys_sendmsg+0x19b/0x260
[  294.346054][T14303]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  294.346082][T14303]  ? __pfx_ksys_write+0x10/0x10
[  294.346107][T14303]  ? do_syscall_64+0xbe/0xfa0
[  294.346133][T14303]  do_syscall_64+0xfa/0xfa0
[  294.346152][T14303]  ? lockdep_hardirqs_on+0x9c/0x150
[  294.346173][T14303]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.346190][T14303]  ? clear_bhb_loop+0x60/0xb0
[  294.346210][T14303]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.346228][T14303] RIP: 0033:0x7fae2718f6c9
[  294.346245][T14303] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  294.346260][T14303] RSP: 002b:00007fae280cc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  294.346280][T14303] RAX: ffffffffffffffda RBX: 00007fae273e5fa0 RCX: 00007fae2718f6c9
[  294.346293][T14303] RDX: 0000000000004040 RSI: 0000200000000180 RDI: 0000000000000003
[  294.346304][T14303] RBP: 00007fae280cc090 R08: 0000000000000000 R09: 0000000000000000
[  294.346315][T14303] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  294.346326][T14303] R13: 00007fae273e6038 R14: 00007fae273e5fa0 R15: 00007ffc67ff4478
[  294.346357][T14303]  </TASK>
[  295.067737][T14310] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2615'.
[  295.094737][T14308] openvswitch: netlink: Message has 6 unknown bytes.
[  295.102793][T14308] openvswitch: netlink: Message has 6 unknown bytes.
[  295.121985][T14308] openvswitch: netlink: Message has 6 unknown bytes.
[  295.140028][T14308] openvswitch: netlink: Message has 6 unknown bytes.
[  295.157570][T14308] openvswitch: netlink: Message has 6 unknown bytes.
[  295.171917][T14308] openvswitch: netlink: Message has 6 unknown bytes.
[  295.179461][T14308] openvswitch: netlink: Message has 6 unknown bytes.
[  295.187127][T14308] openvswitch: netlink: Message has 6 unknown bytes.
[  295.194593][T14308] openvswitch: netlink: Message has 6 unknown bytes.
[  295.218194][T14307] veth0_to_bridge: entered promiscuous mode
[  296.069667][T14373] __nla_validate_parse: 39 callbacks suppressed
[  296.069687][T14373] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2640'.
[  296.121439][T14375] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2641'.
[  296.250481][T14386] netlink: 'syz.1.2645': attribute type 1 has an invalid length.
[  296.372001][T14386] 8021q: adding VLAN 0 to HW filter on device bond5
[  296.451889][T14386] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2645'.
[  296.485021][T14404] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2649'.
[  296.536435][T14394] 8021q: adding VLAN 0 to HW filter on device batadv2
[  296.550585][T14394] bond5: (slave batadv2): making interface the new active one
[  296.566594][T14394] bond5: (slave batadv2): Enslaving as an active interface with an up link
[  296.592462][T14402] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2649'.
[  296.702245][T14414] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2652'.
[  296.712018][T14414] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2652'.
[  296.768947][T14386] bond5 (unregistering): (slave batadv2): Releasing active interface
[  296.779335][T14386] bond5 (unregistering): Released all slaves
[  296.799464][T14418] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2654'.
[  296.809227][T14418] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2654'.
[  296.823419][T14418] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2654'.
[  297.209183][T14444] netlink: 'syz.1.2662': attribute type 3 has an invalid length.
[  297.629442][T14452] lo speed is unknown, defaulting to 1000
[  297.639410][T14452] lo speed is unknown, defaulting to 1000
[  297.646261][T14454] block nbd1: Unsupported socket: should be TCP or UNIX.
[  297.658456][T14452] lo speed is unknown, defaulting to 1000
[  297.792625][T14460] netlink: 'syz.3.2666': attribute type 1 has an invalid length.
[  297.894713][T14460] 8021q: adding VLAN 0 to HW filter on device bond4
[  297.952494][T14464] 8021q: adding VLAN 0 to HW filter on device batadv4
[  298.014171][T14464] bond4: (slave batadv4): making interface the new active one
[  298.029602][T14452] infiniband syz2: set active
[  298.036928][T14452] infiniband syz2: added lo
[  298.048900][T14464] bond4: (slave batadv4): Enslaving as an active interface with an up link
[  298.121101][T14452] RDS/IB: syz2: added
[  298.127059][T14465] vlan2: entered promiscuous mode
[  298.148483][T14452] smc: adding ib device syz2 with port count 1
[  298.177363][T14452] smc:    ib device syz2 port 1 has no pnetid
[  298.373049][T14466] bond4 (unregistering): (slave batadv4): Releasing active interface
[  298.384323][T14466] bond4 (unregistering): Released all slaves
[  298.412536][  T980] lo speed is unknown, defaulting to 1000
[  298.611618][   T43] lo speed is unknown, defaulting to 1000
[  298.621839][T14452] lo speed is unknown, defaulting to 1000
[  298.874725][T14494] netlink: 'syz.2.2676': attribute type 8 has an invalid length.
[  298.894976][T14494] netlink: 'syz.2.2676': attribute type 9 has an invalid length.
[  298.917468][T14494] netlink: 'syz.2.2676': attribute type 10 has an invalid length.
[  298.946157][T14494] netlink: 'syz.2.2676': attribute type 11 has an invalid length.
[  299.252858][T14452] lo speed is unknown, defaulting to 1000
[  299.469334][T14511] netlink: 'syz.2.2683': attribute type 1 has an invalid length.
[  299.516496][T14511] 8021q: adding VLAN 0 to HW filter on device bond2
[  299.559718][T14511] 8021q: adding VLAN 0 to HW filter on device batadv2
[  299.587364][T14511] bond2: (slave batadv2): making interface the new active one
[  299.612002][T14511] bond2: (slave batadv2): Enslaving as an active interface with an up link
[  300.004446][T14513] bond2 (unregistering): (slave batadv2): Releasing active interface
[  300.014714][T14513] bond2 (unregistering): Released all slaves
[  300.037617][T14527] vlan2: entered promiscuous mode
[  300.059641][T14452] lo speed is unknown, defaulting to 1000
[  300.092159][T14531] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  300.110184][T14531] syzkaller0: entered promiscuous mode
[  300.126360][T14531] syzkaller0: entered allmulticast mode
[  300.157869][T14530] tipc: Resetting bearer <eth:syzkaller0>
[  300.237581][T14530] tipc: Disabling bearer <eth:syzkaller0>
[  300.477554][T14452] lo speed is unknown, defaulting to 1000
[  300.566833][T14551] tunl0: Caught tx_queue_len zero misconfig
[  300.745894][T14452] lo speed is unknown, defaulting to 1000
[  300.811952][T14555] netlink: 'syz.4.2697': attribute type 13 has an invalid length.
[  300.820044][T14555] netlink: 'syz.4.2697': attribute type 17 has an invalid length.
[  300.839525][T14555] net_ratelimit: 25 callbacks suppressed
[  300.839534][T14555] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  301.189303][T14452] lo speed is unknown, defaulting to 1000
[  301.271983][T14567] netlink: 'syz.2.2702': attribute type 1 has an invalid length.
[  301.352628][T14567] 8021q: adding VLAN 0 to HW filter on device bond2
[  301.420641][T14570] 8021q: adding VLAN 0 to HW filter on device batadv3
[  301.489434][T14570] bond2: (slave batadv3): making interface the new active one
[  301.500019][T14570] bond2: (slave batadv3): Enslaving as an active interface with an up link
[  301.515115][T14452] lo speed is unknown, defaulting to 1000
[  301.551326][T14574] netlink: 'syz.4.2703': attribute type 8 has an invalid length.
[  301.562255][T14574] netlink: 'syz.4.2703': attribute type 9 has an invalid length.
[  301.572452][T14567] __nla_validate_parse: 30 callbacks suppressed
[  301.572471][T14567] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2702'.
[  301.589832][T14574] netlink: 'syz.4.2703': attribute type 10 has an invalid length.
[  301.608212][T14574] netlink: 'syz.4.2703': attribute type 11 has an invalid length.
[  301.623807][T14574] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2703'.
[  302.041974][T14567] bond2 (unregistering): (slave batadv3): Releasing active interface
[  302.098896][T14567] bond2 (unregistering): Released all slaves
[  302.335850][T14585] xt_CT: You must specify a L4 protocol and not use inversions on it
[  302.515234][ T5828] Bluetooth: hci4: command 0x0405 tx timeout
[  302.736193][T14595] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2710'.
[  302.736527][T14594] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2711'.
[  303.079049][ T5898] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  303.311947][ T5828] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  303.323353][ T5828] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  303.333664][ T5828] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  303.347427][ T5828] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  303.359955][ T5828] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  303.417281][T14609] netlink: 'syz.2.2716': attribute type 1 has an invalid length.
[  303.474621][T14609] 8021q: adding VLAN 0 to HW filter on device bond2
[  303.489603][T14611] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2717'.
[  303.499443][T14611] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2717'.
[  303.510010][T14611] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2717'.
[  303.519692][T14611] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2717'.
[  303.529165][T14611] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2717'.
[  303.541597][T14611] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2717'.
[  303.557641][T14611] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  303.609204][T14613] 8021q: adding VLAN 0 to HW filter on device batadv4
[  303.623060][T14613] bond2: (slave batadv4): making interface the new active one
[  303.634803][T14613] bond2: (slave batadv4): Enslaving as an active interface with an up link
[  303.645888][  T980] lo speed is unknown, defaulting to 1000
[  303.786183][T14609] bond2 (unregistering): (slave batadv4): Releasing active interface
[  303.797697][T14609] bond2 (unregistering): Released all slaves
[  303.853138][T14606] lo speed is unknown, defaulting to 1000
[  304.474976][T14655] netlink: 'syz.4.2733': attribute type 1 has an invalid length.
[  304.500890][T14655] 8021q: adding VLAN 0 to HW filter on device bond3
[  304.528755][T14655] 8021q: adding VLAN 0 to HW filter on device batadv1
[  304.540347][T14655] bond3: (slave batadv1): making interface the new active one
[  304.549774][T14655] bond3: (slave batadv1): Enslaving as an active interface with an up link
[  304.699309][T14655] bond3 (unregistering): (slave batadv1): Releasing active interface
[  304.712237][T14655] bond3 (unregistering): Released all slaves
[  304.877634][T14606] chnl_net:caif_netlink_parms(): no params data found
[  305.045985][T14606] bridge0: port 1(bridge_slave_0) entered blocking state
[  305.053409][T14606] bridge0: port 1(bridge_slave_0) entered disabled state
[  305.072527][T14606] bridge_slave_0: entered allmulticast mode
[  305.096057][T14606] bridge_slave_0: entered promiscuous mode
[  305.130078][T14606] bridge0: port 2(bridge_slave_1) entered blocking state
[  305.137837][T14606] bridge0: port 2(bridge_slave_1) entered disabled state
[  305.145269][T14606] bridge_slave_1: entered allmulticast mode
[  305.152555][T14606] bridge_slave_1: entered promiscuous mode
[  305.194137][T14685] vlan1: entered promiscuous mode
[  305.222716][T14606] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  305.239510][T14606] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  305.324240][T14606] team0: Port device team_slave_0 added
[  305.346595][T14606] team0: Port device team_slave_1 added
[  305.410950][T14691] 8021q: VLANs not supported on caif0
[  305.419001][T14606] batman_adv: batadv0: Adding interface: batadv_slave_0
[  305.426218][T14606] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  305.454293][T14606] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  305.468004][T14693] syzkaller0: entered promiscuous mode
[  305.473746][T14693] syzkaller0: entered allmulticast mode
[  305.497220][T14606] batman_adv: batadv0: Adding interface: batadv_slave_1
[  305.504206][T14606] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  305.533477][T14606] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  305.696007][T14606] hsr_slave_0: entered promiscuous mode
[  305.702854][T14606] hsr_slave_1: entered promiscuous mode
[  305.709781][T14606] debugfs: 'hsr0' already exists in 'hsr'
[  305.717516][T14606] Cannot create hsr debugfs directory
[  306.104073][T14709] bond4: option resend_igmp: invalid value (2878)
[  306.111288][T14709] bond4: option resend_igmp: allowed values 0 - 255
[  306.121272][T14715] netlink: 'syz.4.2748': attribute type 13 has an invalid length.
[  306.140453][T14715] netlink: 'syz.4.2748': attribute type 17 has an invalid length.
[  306.163489][T14709] bond4 (unregistering): Released all slaves
[  306.212943][T14715] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  306.248754][T14719] lo speed is unknown, defaulting to 1000
[  306.258274][T14718] netlink: 'syz.2.2750': attribute type 8 has an invalid length.
[  306.287056][T14718] netlink: 'syz.2.2750': attribute type 9 has an invalid length.
[  306.337479][T14718] netlink: 'syz.2.2750': attribute type 10 has an invalid length.
[  306.391076][T14718] netlink: 'syz.2.2750': attribute type 11 has an invalid length.
[  306.410220][T14606] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  306.627387][T14606] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  306.789076][T14606] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  307.080585][T14606] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  307.142308][T14749] __nla_validate_parse: 18 callbacks suppressed
[  307.142326][T14749] netlink: 108 bytes leftover after parsing attributes in process `syz.3.2759'.
[  307.161133][T14749] netlink: 108 bytes leftover after parsing attributes in process `syz.3.2759'.
[  307.213062][T14748] lo speed is unknown, defaulting to 1000
[  307.266082][T14751] xt_CT: No such helper "snmp_trap"
[  307.512857][T14606] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  307.709546][T14606] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  307.736723][T14773] workqueue: Failed to create a rescuer kthread for wq "nfc4_nci_cmd_wq": -EINTR
[  307.770027][T14606] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  307.931011][T14606] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  308.221246][T14606] 8021q: adding VLAN 0 to HW filter on device bond0
[  308.256813][T14801] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2769'.
[  308.270261][T14606] 8021q: adding VLAN 0 to HW filter on device team0
[  308.311134][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  308.318417][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  308.342907][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  308.350135][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  308.601380][T14606] 8021q: adding VLAN 0 to HW filter on device batadv0
[  308.658901][T14814] Bluetooth: MGMT ver 1.23
[  308.706470][T14606] veth0_vlan: entered promiscuous mode
[  308.734672][T14606] veth1_vlan: entered promiscuous mode
[  308.808061][T14606] veth0_macvtap: entered promiscuous mode
[  308.826964][T14822] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2775'.
[  308.837721][T14822] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2775'.
[  308.847870][T14822] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2775'.
[  308.880476][T14606] veth1_macvtap: entered promiscuous mode
[  308.919501][T14606] batman_adv: batadv0: Interface activated: batadv_slave_0
[  308.931069][T14830] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2778'.
[  308.959769][T14830] netlink: 348 bytes leftover after parsing attributes in process `syz.4.2778'.
[  308.981786][T14606] batman_adv: batadv0: Interface activated: batadv_slave_1
[  308.993614][T14830] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2778'.
[  309.015485][ T1342] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  309.023291][T14830] netlink: 348 bytes leftover after parsing attributes in process `syz.4.2778'.
[  309.036599][ T1342] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  309.061596][ T1342] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  309.071710][ T1342] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  309.163237][T14843] batadv_slave_1: entered promiscuous mode
[  309.190869][T14846] xt_CT: You must specify a L4 protocol and not use inversions on it
[  309.286961][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  309.329845][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  309.351625][T14842] batadv_slave_1: left promiscuous mode
[  309.430688][ T1342] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  309.458781][ T1342] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  309.681934][T14866] vlan0: entered promiscuous mode
[  310.036022][T14882] lo speed is unknown, defaulting to 1000
[  310.563881][ T5148] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  310.575733][ T5148] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  310.594669][ T5148] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  310.625944][ T5148] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  310.634268][ T5148] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  310.774705][T14905] lo speed is unknown, defaulting to 1000
[  310.936502][T14919] vlan2: entered promiscuous mode
[  311.750013][T14951] lo speed is unknown, defaulting to 1000
[  311.810975][T14905] chnl_net:caif_netlink_parms(): no params data found
[  312.006785][T14962] xt_CT: No such helper "snmp_trap"
[  312.150994][T14905] bridge0: port 1(bridge_slave_0) entered blocking state
[  312.160367][T14905] bridge0: port 1(bridge_slave_0) entered disabled state
[  312.168265][T14905] bridge_slave_0: entered allmulticast mode
[  312.176846][T14905] bridge_slave_0: entered promiscuous mode
[  312.188699][T14971] netlink: 'syz.1.2826': attribute type 12 has an invalid length.
[  312.198491][T14905] bridge0: port 2(bridge_slave_1) entered blocking state
[  312.209406][T14905] bridge0: port 2(bridge_slave_1) entered disabled state
[  312.226713][T14905] bridge_slave_1: entered allmulticast mode
[  312.235500][T14905] bridge_slave_1: entered promiscuous mode
[  312.468207][T14905] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  312.504610][T14905] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  312.662612][   T65] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0x6
[  312.675879][ T5148] Bluetooth: hci2: command tx timeout
[  312.682833][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  312.711701][T14905] team0: Port device team_slave_0 added
[  312.750964][T14905] team0: Port device team_slave_1 added
[  312.762152][T14992] __nla_validate_parse: 3 callbacks suppressed
[  312.762169][T14992] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2832'.
[  312.937248][T14905] batman_adv: batadv0: Adding interface: batadv_slave_0
[  312.944241][T14905] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  312.963680][T15002] netlink: 165 bytes leftover after parsing attributes in process `syz.3.2833'.
[  313.026648][T14905] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  313.039290][T14905] batman_adv: batadv0: Adding interface: batadv_slave_1
[  313.046349][T14905] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  313.072775][T14905] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  313.144705][T14905] hsr_slave_0: entered promiscuous mode
[  313.157589][T14905] hsr_slave_1: entered promiscuous mode
[  313.172769][T14905] debugfs: 'hsr0' already exists in 'hsr'
[  313.187126][T14905] Cannot create hsr debugfs directory
[  313.370604][T14905] netdevsim netdevsim2 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  313.381219][T14905] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  313.470876][T14905] netdevsim netdevsim2 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  313.551939][T15019] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2839'.
[  313.567852][T14905] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  313.580104][T15020] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2840'.
[  313.663274][T14905] netdevsim netdevsim2 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  313.681031][T14905] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  313.736370][T14905] netdevsim netdevsim2 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  313.757914][T14905] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  313.896509][T15038] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2846'.
[  313.905811][T15038] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2846'.
[  313.966321][T15034] lo speed is unknown, defaulting to 1000
[  314.023271][T14905] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  314.052861][T14905] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  314.100363][T14905] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  314.141776][T15045] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2849'.
[  314.143394][T14905] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  314.269659][T15049] netlink: 56 bytes leftover after parsing attributes in process `syz.1.2850'.
[  314.315296][T15054] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  314.332349][T15060] netlink: 356 bytes leftover after parsing attributes in process `syz.1.2850'.
[  314.363611][T15054] sit0: entered promiscuous mode
[  314.381670][T15054] netlink: 'syz.0.2851': attribute type 1 has an invalid length.
[  314.390081][T15054] netlink: 1 bytes leftover after parsing attributes in process `syz.0.2851'.
[  314.533036][T14905] 8021q: adding VLAN 0 to HW filter on device bond0
[  314.755127][ T5148] Bluetooth: hci2: command tx timeout
[  314.854010][T14905] 8021q: adding VLAN 0 to HW filter on device team0
[  314.967772][ T7664] bridge0: port 1(bridge_slave_0) entered blocking state
[  314.974981][ T7664] bridge0: port 1(bridge_slave_0) entered forwarding state
[  315.007435][T15080] netlink: 'syz.0.2860': attribute type 2 has an invalid length.
[  315.031743][T15080] Bluetooth: MGMT ver 1.23
[  315.042431][ T7664] bridge0: port 2(bridge_slave_1) entered blocking state
[  315.049614][ T7664] bridge0: port 2(bridge_slave_1) entered forwarding state
[  315.213668][T15087] netlink: 'syz.1.2862': attribute type 1 has an invalid length.
[  315.336039][T15087] 8021q: adding VLAN 0 to HW filter on device bond5
[  315.424391][T15090] 8021q: adding VLAN 0 to HW filter on device batadv3
[  315.433565][T15090] bond5: (slave batadv3): making interface the new active one
[  315.442657][T15090] bond5: (slave batadv3): Enslaving as an active interface with an up link
[  315.803971][T15092] bond5 (unregistering): (slave batadv3): Releasing active interface
[  315.829169][T15092] bond5 (unregistering): Released all slaves
[  316.126838][T14905] 8021q: adding VLAN 0 to HW filter on device batadv0
[  316.205652][T15119] veth0: entered promiscuous mode
[  316.392939][T15134] netlink: 'syz.4.2879': attribute type 1 has an invalid length.
[  316.501047][T15134] 8021q: adding VLAN 0 to HW filter on device bond3
[  316.572108][T15139] 8021q: adding VLAN 0 to HW filter on device batadv2
[  316.581524][T15139] bond3: (slave batadv2): making interface the new active one
[  316.592968][T15139] bond3: (slave batadv2): Enslaving as an active interface with an up link
[  316.745236][T15145] bond3 (unregistering): (slave batadv2): Releasing active interface
[  316.760907][T15145] bond3 (unregistering): Released all slaves
[  316.796637][T15128] lo speed is unknown, defaulting to 1000
[  316.835325][ T5148] Bluetooth: hci2: command tx timeout
[  316.858113][T14905] veth0_vlan: entered promiscuous mode
[  316.880015][T14905] veth1_vlan: entered promiscuous mode
[  317.040339][T14905] veth0_macvtap: entered promiscuous mode
[  317.055987][T14905] veth1_macvtap: entered promiscuous mode
[  317.107222][T14905] batman_adv: batadv0: Interface activated: batadv_slave_0
[  317.132321][T15138] lo speed is unknown, defaulting to 1000
[  317.203579][T14905] batman_adv: batadv0: Interface activated: batadv_slave_1
[  317.413714][ T7665] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  317.443515][ T7665] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  317.454481][ T7665] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  317.473157][ T7665] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  317.648002][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  317.666428][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  317.720701][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  317.729210][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  317.788906][T15161] vlan2: entered promiscuous mode
[  318.126989][T15163] netlink: 'syz.2.2795': attribute type 13 has an invalid length.
[  318.136049][T15163] netlink: 'syz.2.2795': attribute type 17 has an invalid length.
[  318.361372][T15163] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  318.421564][T15173] netlink: 'syz.4.2890': attribute type 21 has an invalid length.
[  318.429989][T15173] __nla_validate_parse: 14 callbacks suppressed
[  318.430005][T15173] netlink: 128 bytes leftover after parsing attributes in process `syz.4.2890'.
[  318.481399][T15175] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2891'.
[  318.497718][T15173] netlink: 'syz.4.2890': attribute type 4 has an invalid length.
[  318.507303][T15173] netlink: 'syz.4.2890': attribute type 5 has an invalid length.
[  318.531363][T15173] netlink: 3 bytes leftover after parsing attributes in process `syz.4.2890'.
[  318.604941][T15166] lo speed is unknown, defaulting to 1000
[  318.642976][T15181] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2891'.
[  318.701261][T15184] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2893'.
[  318.917057][ T5148] Bluetooth: hci2: command tx timeout
[  320.084013][T15226] pim6reg: entered allmulticast mode
[  320.225423][T15235] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2904'.
[  320.258501][T15233] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  320.374513][T15232] tipc: Disabling bearer <eth:syzkaller0>
[  320.624692][T15247] lo speed is unknown, defaulting to 1000
[  320.644195][T15252] netlink: 'syz.1.2909': attribute type 1 has an invalid length.
[  320.701526][T15252] 8021q: adding VLAN 0 to HW filter on device bond5
[  320.779678][T15252] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2909'.
[  320.798574][T15262] 8021q: adding VLAN 0 to HW filter on device batadv4
[  320.830879][T15262] bond5: (slave batadv4): making interface the new active one
[  320.867147][T15262] bond5: (slave batadv4): Enslaving as an active interface with an up link
[  320.996677][ T5148] Bluetooth: hci2: command tx timeout
[  321.062212][T15252] bond5 (unregistering): (slave batadv4): Releasing active interface
[  321.073237][T15252] bond5 (unregistering): Released all slaves
[  321.091025][T15257] wg1 speed is unknown, defaulting to 1000
[  321.111022][T15257] wg1 speed is unknown, defaulting to 1000
[  321.167045][T15257] wg1 speed is unknown, defaulting to 1000
[  321.192338][T15257] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  321.200021][T15274] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2916'.
[  321.231441][T15257] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  321.322016][T15283] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2917'.
[  321.331111][T15283] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2917'.
[  321.422613][T15257] wg1 speed is unknown, defaulting to 1000
[  321.483113][T15257] wg1 speed is unknown, defaulting to 1000
[  321.506776][T15257] wg1 speed is unknown, defaulting to 1000
[  321.514389][T15257] wg1 speed is unknown, defaulting to 1000
[  321.541398][T15257] wg1 speed is unknown, defaulting to 1000
[  321.573000][T15257] wg1 speed is unknown, defaulting to 1000
[  321.587888][T15257] wg1 speed is unknown, defaulting to 1000
[  321.622131][T15257] wg1 speed is unknown, defaulting to 1000
[  321.657460][T15257] wg1 speed is unknown, defaulting to 1000
[  321.685766][T15293] lo speed is unknown, defaulting to 1000
[  321.873702][T15312] netlink: 'syz.4.2927': attribute type 1 has an invalid length.
[  322.019485][T15312] 8021q: adding VLAN 0 to HW filter on device bond3
[  322.124254][T15318] 8021q: adding VLAN 0 to HW filter on device batadv3
[  322.155841][T15318] bond3: (slave batadv3): making interface the new active one
[  322.168256][T15318] bond3: (slave batadv3): Enslaving as an active interface with an up link
[  322.253847][T15328] syzkaller1: entered promiscuous mode
[  322.261970][T15328] syzkaller1: entered allmulticast mode
[  322.283078][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  322.419213][T15341] xt_CT: No such helper "snmp_trap"
[  322.945783][T15361] vlan2: entered promiscuous mode
[  323.366354][T15384] bond_slave_0: entered promiscuous mode
[  323.372106][T15384] bond_slave_1: entered promiscuous mode
[  323.380637][T15384] vlan2: entered promiscuous mode
[  323.386601][T15384] bond0: entered promiscuous mode
[  323.431559][T15389] vlan0: entered promiscuous mode
[  323.724237][T15398] bond1 (unregistering): Released all slaves
[  323.784563][T15401] __nla_validate_parse: 7 callbacks suppressed
[  323.784579][T15401] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2954'.
[  323.789895][T15405] FAULT_INJECTION: forcing a failure.
[  323.789895][T15405] name failslab, interval 1, probability 0, space 0, times 0
[  323.813472][T15405] CPU: 1 UID: 0 PID: 15405 Comm: syz.1.2955 Not tainted syzkaller #0 PREEMPT(full) 
[  323.813496][T15405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  323.813521][T15405] Call Trace:
[  323.813528][T15405]  <TASK>
[  323.813535][T15405]  dump_stack_lvl+0x189/0x250
[  323.813563][T15405]  ? __pfx____ratelimit+0x10/0x10
[  323.813585][T15405]  ? __pfx_dump_stack_lvl+0x10/0x10
[  323.813608][T15405]  ? __pfx__printk+0x10/0x10
[  323.813641][T15405]  should_fail_ex+0x414/0x560
[  323.813670][T15405]  should_failslab+0xa8/0x100
[  323.813690][T15405]  __kmalloc_cache_noprof+0x6f/0x6f0
[  323.813711][T15405]  ? __sctp_v6_cmp_addr+0x1dc/0x510
[  323.813731][T15405]  ? sctp_v6_cmp_addr+0x15/0xd0
[  323.813751][T15405]  ? sctp_add_bind_addr+0x8c/0x370
[  323.813778][T15405]  sctp_add_bind_addr+0x8c/0x370
[  323.813802][T15405]  sctp_copy_local_addr_list+0x30b/0x4e0
[  323.813827][T15405]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[  323.813848][T15405]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  323.813870][T15405]  ? sctp_v6_is_any+0x64/0x80
[  323.813893][T15405]  ? sctp_copy_one_addr+0x93/0x360
[  323.813916][T15405]  sctp_bind_addr_copy+0xb3/0x3c0
[  323.813937][T15405]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  323.813958][T15405]  sctp_connect_new_asoc+0x2e0/0x690
[  323.813978][T15405]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  323.813992][T15405]  ? __local_bh_enable_ip+0x12d/0x1c0
[  323.814027][T15405]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  323.814045][T15405]  ? security_sctp_bind_connect+0x7e/0x2e0
[  323.814068][T15405]  sctp_sendmsg+0x155c/0x2810
[  323.814096][T15405]  ? __pfx_sctp_sendmsg+0x10/0x10
[  323.814117][T15405]  ? aa_sk_perm+0x81e/0x950
[  323.814137][T15405]  ? __lock_acquire+0xab9/0xd20
[  323.814155][T15405]  ? __pfx_aa_sk_perm+0x10/0x10
[  323.814179][T15405]  ? sock_rps_record_flow+0x19/0x410
[  323.814198][T15405]  ? inet_sendmsg+0x2f4/0x370
[  323.814218][T15405]  __sock_sendmsg+0x19c/0x270
[  323.814243][T15405]  ____sys_sendmsg+0x52d/0x830
[  323.814266][T15405]  ? __pfx_____sys_sendmsg+0x10/0x10
[  323.814294][T15405]  ? import_iovec+0x74/0xa0
[  323.814319][T15405]  ___sys_sendmsg+0x21f/0x2a0
[  323.814339][T15405]  ? __pfx____sys_sendmsg+0x10/0x10
[  323.814389][T15405]  ? __fget_files+0x2a/0x420
[  323.814403][T15405]  ? __fget_files+0x3a0/0x420
[  323.814429][T15405]  __sys_sendmmsg+0x227/0x430
[  323.814453][T15405]  ? __pfx___sys_sendmmsg+0x10/0x10
[  323.814481][T15405]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  323.814524][T15405]  ? ksys_write+0x22a/0x250
[  323.814550][T15405]  ? __pfx_ksys_write+0x10/0x10
[  323.814578][T15405]  __x64_sys_sendmmsg+0xa0/0xc0
[  323.814600][T15405]  do_syscall_64+0xfa/0xfa0
[  323.814621][T15405]  ? lockdep_hardirqs_on+0x9c/0x150
[  323.814643][T15405]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.814661][T15405]  ? clear_bhb_loop+0x60/0xb0
[  323.814682][T15405]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.814700][T15405] RIP: 0033:0x7ff18878f6c9
[  323.814716][T15405] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  323.814731][T15405] RSP: 002b:00007ff189609038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  323.814751][T15405] RAX: ffffffffffffffda RBX: 00007ff1889e5fa0 RCX: 00007ff18878f6c9
[  323.814764][T15405] RDX: 0000000000000001 RSI: 0000200000000a80 RDI: 0000000000000003
[  323.814775][T15405] RBP: 00007ff189609090 R08: 0000000000000000 R09: 0000000000000000
[  323.814787][T15405] R10: 000000000004c851 R11: 0000000000000246 R12: 0000000000000001
[  323.814798][T15405] R13: 00007ff1889e6038 R14: 00007ff1889e5fa0 R15: 00007ffe89a96748
[  323.814828][T15405]  </TASK>
[  323.817290][T15401] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2954'.
[  323.837605][T15403] vlan2: entered promiscuous mode
[  323.980918][T15414] netlink: 56 bytes leftover after parsing attributes in process `syz.1.2958'.
[  324.014388][T15403] vlan2: entered allmulticast mode
[  324.079121][T15415] netlink: 356 bytes leftover after parsing attributes in process `syz.1.2958'.
[  324.084020][T15403] hsr_slave_1: entered allmulticast mode
[  324.142841][ T5828] Bluetooth: hci2: command 0x0405 tx timeout
[  324.274418][T15408] lo speed is unknown, defaulting to 1000
[  324.680986][T15408] wg1 speed is unknown, defaulting to 1000
[  325.667394][T15464] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2977'.
[  325.723597][T15464] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check.
[  325.809962][T15467] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  326.056059][T15475] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2980'.
[  326.297198][T15485] netlink: 200 bytes leftover after parsing attributes in process `syz.1.2975'.
[  326.432854][T15489] netlink: 'syz.4.2986': attribute type 13 has an invalid length.
[  326.448407][T15489] netlink: 'syz.4.2986': attribute type 17 has an invalid length.
[  326.464292][T15489] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  326.544486][T15494] netlink: 732 bytes leftover after parsing attributes in process `syz.0.2988'.
[  326.572943][T15494] netlink: 732 bytes leftover after parsing attributes in process `syz.0.2988'.
[  326.610784][T15494] netlink: 732 bytes leftover after parsing attributes in process `syz.0.2988'.
[  326.624795][T15489] lo speed is unknown, defaulting to 1000
[  326.818531][T15501] xt_bpf: check failed: parse error
[  326.946236][T15503] veth1_to_hsr: entered promiscuous mode
[  326.953000][T15503] macvtap1: entered promiscuous mode
[  326.966089][T15503] macvtap1: entered allmulticast mode
[  327.001984][T15503] veth1_to_hsr: entered allmulticast mode
[  327.054617][T15505] bridge3: entered promiscuous mode
[  327.071121][T15505] bridge3: entered allmulticast mode
[  327.095624][T15500] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  327.334310][T15489] wg1 speed is unknown, defaulting to 1000
[  327.341568][T15506] lo speed is unknown, defaulting to 1000
[  327.713676][T15520] netlink: 'syz.3.2997': attribute type 1 has an invalid length.
[  327.803900][T15523] netlink: 'syz.1.2998': attribute type 8 has an invalid length.
[  327.834994][T15523] netlink: 'syz.1.2998': attribute type 9 has an invalid length.
[  327.842756][T15523] netlink: 'syz.1.2998': attribute type 10 has an invalid length.
[  327.901776][T15520] 8021q: adding VLAN 0 to HW filter on device bond4
[  327.909043][T15523] netlink: 'syz.1.2998': attribute type 11 has an invalid length.
[  327.998805][T15526] 8021q: adding VLAN 0 to HW filter on device batadv5
[  328.009357][T15526] bond4: (slave batadv5): making interface the new active one
[  328.020917][T15526] bond4: (slave batadv5): Enslaving as an active interface with an up link
[  328.033665][T15506] wg1 speed is unknown, defaulting to 1000
[  328.829531][T15546] lo speed is unknown, defaulting to 1000
[  329.591964][T15546] wg1 speed is unknown, defaulting to 1000
[  330.023107][T15588] FAULT_INJECTION: forcing a failure.
[  330.023107][T15588] name failslab, interval 1, probability 0, space 0, times 0
[  330.044697][T15588] CPU: 0 UID: 0 PID: 15588 Comm: syz.1.3020 Not tainted syzkaller #0 PREEMPT(full) 
[  330.044726][T15588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  330.044737][T15588] Call Trace:
[  330.044744][T15588]  <TASK>
[  330.044753][T15588]  dump_stack_lvl+0x189/0x250
[  330.044781][T15588]  ? __pfx____ratelimit+0x10/0x10
[  330.044807][T15588]  ? __pfx_dump_stack_lvl+0x10/0x10
[  330.044827][T15588]  ? __pfx__printk+0x10/0x10
[  330.044856][T15588]  should_fail_ex+0x414/0x560
[  330.044883][T15588]  should_failslab+0xa8/0x100
[  330.044902][T15588]  __kmalloc_cache_noprof+0x6f/0x6f0
[  330.044924][T15588]  ? __sctp_v6_cmp_addr+0x1dc/0x510
[  330.044945][T15588]  ? sctp_v6_cmp_addr+0x15/0xd0
[  330.044965][T15588]  ? sctp_add_bind_addr+0x8c/0x370
[  330.044992][T15588]  sctp_add_bind_addr+0x8c/0x370
[  330.045017][T15588]  sctp_copy_local_addr_list+0x30b/0x4e0
[  330.045040][T15588]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[  330.045060][T15588]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  330.045084][T15588]  ? sctp_v6_is_any+0x64/0x80
[  330.045106][T15588]  ? sctp_copy_one_addr+0x93/0x360
[  330.045130][T15588]  sctp_bind_addr_copy+0xb3/0x3c0
[  330.045151][T15588]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  330.045175][T15588]  sctp_connect_new_asoc+0x2e0/0x690
[  330.045195][T15588]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  330.045208][T15588]  ? __local_bh_enable_ip+0x12d/0x1c0
[  330.045231][T15588]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  330.045249][T15588]  ? security_sctp_bind_connect+0x7e/0x2e0
[  330.045270][T15588]  sctp_sendmsg+0x155c/0x2810
[  330.045294][T15588]  ? __pfx_sctp_sendmsg+0x10/0x10
[  330.045312][T15588]  ? aa_sk_perm+0x81e/0x950
[  330.045333][T15588]  ? __lock_acquire+0xab9/0xd20
[  330.045353][T15588]  ? __pfx_aa_sk_perm+0x10/0x10
[  330.045378][T15588]  ? sock_rps_record_flow+0x19/0x410
[  330.045395][T15588]  ? inet_sendmsg+0x2f4/0x370
[  330.045415][T15588]  __sock_sendmsg+0x19c/0x270
[  330.045440][T15588]  ____sys_sendmsg+0x52d/0x830
[  330.045473][T15588]  ? __pfx_____sys_sendmsg+0x10/0x10
[  330.045499][T15588]  ? import_iovec+0x74/0xa0
[  330.045522][T15588]  ___sys_sendmsg+0x21f/0x2a0
[  330.045543][T15588]  ? __pfx____sys_sendmsg+0x10/0x10
[  330.045594][T15588]  ? __fget_files+0x2a/0x420
[  330.045608][T15588]  ? __fget_files+0x3a0/0x420
[  330.045632][T15588]  __sys_sendmmsg+0x227/0x430
[  330.045655][T15588]  ? __pfx___sys_sendmmsg+0x10/0x10
[  330.045682][T15588]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  330.045722][T15588]  ? ksys_write+0x22a/0x250
[  330.045749][T15588]  ? __pfx_ksys_write+0x10/0x10
[  330.045774][T15588]  __x64_sys_sendmmsg+0xa0/0xc0
[  330.045794][T15588]  do_syscall_64+0xfa/0xfa0
[  330.045814][T15588]  ? lockdep_hardirqs_on+0x9c/0x150
[  330.045834][T15588]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  330.045851][T15588]  ? clear_bhb_loop+0x60/0xb0
[  330.045870][T15588]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  330.045887][T15588] RIP: 0033:0x7ff18878f6c9
[  330.045904][T15588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  330.045917][T15588] RSP: 002b:00007ff189609038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  330.045936][T15588] RAX: ffffffffffffffda RBX: 00007ff1889e5fa0 RCX: 00007ff18878f6c9
[  330.045949][T15588] RDX: 0000000000000001 RSI: 0000200000000a80 RDI: 0000000000000003
[  330.045960][T15588] RBP: 00007ff189609090 R08: 0000000000000000 R09: 0000000000000000
[  330.045970][T15588] R10: 000000000004c851 R11: 0000000000000246 R12: 0000000000000002
[  330.045980][T15588] R13: 00007ff1889e6038 R14: 00007ff1889e5fa0 R15: 00007ffe89a96748
[  330.046011][T15588]  </TASK>
[  330.648315][T15595] __nla_validate_parse: 4 callbacks suppressed
[  330.648335][T15595] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3022'.
[  330.840121][T15602] netlink: 56 bytes leftover after parsing attributes in process `syz.1.3024'.
[  330.940016][T15599] netlink: 356 bytes leftover after parsing attributes in process `syz.1.3024'.
[  330.987276][T15608] 
€Â: renamed from bond_slave_0
[  331.097051][   T30] audit: type=1800 audit(1762284994.864:2): pid=15608 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.3025" name="memory.events" dev="tmpfs" ino=3034 res=0 errno=0
[  331.324432][T15620] netlink: 'syz.3.3029': attribute type 4 has an invalid length.
[  331.665587][T15628] vlan2: entered promiscuous mode
[  331.820821][T15632] netlink: 'syz.2.3034': attribute type 1 has an invalid length.
[  331.859059][T15632] netlink: 'syz.2.3034': attribute type 1 has an invalid length.
[  331.878730][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  331.976269][T15644] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3039'.
[  332.010315][T15639] lo speed is unknown, defaulting to 1000
[  332.055145][T15650] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3039'.
[  332.545845][T15639] wg1 speed is unknown, defaulting to 1000
[  333.015904][ T5828] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  333.016176][T15674] netlink: 56 bytes leftover after parsing attributes in process `syz.0.3049'.
[  333.042368][ T5828] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  333.054508][ T5828] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  333.055114][T15677] netlink: 72 bytes leftover after parsing attributes in process `syz.1.3050'.
[  333.064320][ T5828] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  333.079884][ T5828] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  333.177461][T15684] FAULT_INJECTION: forcing a failure.
[  333.177461][T15684] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  333.196961][T15674] netlink: 356 bytes leftover after parsing attributes in process `syz.0.3049'.
[  333.239196][T15686] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3053'.
[  333.255315][T15684] CPU: 1 UID: 0 PID: 15684 Comm: syz.1.3052 Not tainted syzkaller #0 PREEMPT(full) 
[  333.255339][T15684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  333.255350][T15684] Call Trace:
[  333.255364][T15684]  <TASK>
[  333.255372][T15684]  dump_stack_lvl+0x189/0x250
[  333.255399][T15684]  ? lockdep_hardirqs_on+0x9c/0x150
[  333.255423][T15684]  ? __pfx_dump_stack_lvl+0x10/0x10
[  333.255453][T15684]  ? dump_stack+0x9/0x20
[  333.255480][T15684]  should_fail_ex+0x414/0x560
[  333.255509][T15684]  _copy_to_user+0x31/0xb0
[  333.255532][T15684]  simple_read_from_buffer+0xe1/0x170
[  333.255562][T15684]  proc_fail_nth_read+0x1b3/0x220
[  333.255586][T15684]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  333.255611][T15684]  ? rw_verify_area+0x2a6/0x4d0
[  333.255632][T15684]  ? __lock_acquire+0xab9/0xd20
[  333.255647][T15684]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  333.255670][T15684]  vfs_read+0x200/0xa30
[  333.255691][T15684]  ? fdget_pos+0x247/0x320
[  333.255712][T15684]  ? __pfx___mutex_lock+0x10/0x10
[  333.255736][T15684]  ? __pfx_vfs_read+0x10/0x10
[  333.255760][T15684]  ? __fget_files+0x2a/0x420
[  333.255781][T15684]  ? __fget_files+0x3a0/0x420
[  333.255796][T15684]  ? __fget_files+0x2a/0x420
[  333.255822][T15684]  ksys_read+0x145/0x250
[  333.255846][T15684]  ? __pfx_ksys_read+0x10/0x10
[  333.255873][T15684]  ? do_syscall_64+0xbe/0xfa0
[  333.255899][T15684]  do_syscall_64+0xfa/0xfa0
[  333.255920][T15684]  ? lockdep_hardirqs_on+0x9c/0x150
[  333.255941][T15684]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  333.255958][T15684]  ? clear_bhb_loop+0x60/0xb0
[  333.255979][T15684]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  333.255996][T15684] RIP: 0033:0x7ff18878e0dc
[  333.256013][T15684] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  333.256027][T15684] RSP: 002b:00007ff189609030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  333.256047][T15684] RAX: ffffffffffffffda RBX: 00007ff1889e5fa0 RCX: 00007ff18878e0dc
[  333.256060][T15684] RDX: 000000000000000f RSI: 00007ff1896090a0 RDI: 0000000000000003
[  333.256071][T15684] RBP: 00007ff189609090 R08: 0000000000000000 R09: 0000000000000000
[  333.256082][T15684] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  333.256092][T15684] R13: 00007ff1889e6038 R14: 00007ff1889e5fa0 R15: 00007ffe89a96748
[  333.256123][T15684]  </TASK>
[  333.297177][T15686] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3053'.
[  333.540938][T15673] lo speed is unknown, defaulting to 1000
[  334.047785][T15714] netlink: 'syz.2.3063': attribute type 1 has an invalid length.
[  334.061736][T15673] wg1 speed is unknown, defaulting to 1000
[  334.069664][T15714] tipc: Can't bind to reserved service type 1
[  334.396026][T15722] FAULT_INJECTION: forcing a failure.
[  334.396026][T15722] name failslab, interval 1, probability 0, space 0, times 0
[  334.414139][T15722] CPU: 1 UID: 0 PID: 15722 Comm: syz.1.3065 Not tainted syzkaller #0 PREEMPT(full) 
[  334.414164][T15722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  334.414174][T15722] Call Trace:
[  334.414180][T15722]  <TASK>
[  334.414188][T15722]  dump_stack_lvl+0x189/0x250
[  334.414217][T15722]  ? __pfx____ratelimit+0x10/0x10
[  334.414239][T15722]  ? __pfx_dump_stack_lvl+0x10/0x10
[  334.414262][T15722]  ? __pfx__printk+0x10/0x10
[  334.414284][T15722]  ? __pfx___might_resched+0x10/0x10
[  334.414302][T15722]  ? fs_reclaim_acquire+0x7d/0x100
[  334.414331][T15722]  should_fail_ex+0x414/0x560
[  334.414360][T15722]  should_failslab+0xa8/0x100
[  334.414379][T15722]  kmem_cache_alloc_node_noprof+0x77/0x710
[  334.414402][T15722]  ? __alloc_skb+0x112/0x2d0
[  334.414418][T15722]  ? netlink_autobind+0xdb/0x300
[  334.414440][T15722]  __alloc_skb+0x112/0x2d0
[  334.414459][T15722]  netlink_sendmsg+0x5c6/0xb30
[  334.414486][T15722]  ? __pfx_netlink_sendmsg+0x10/0x10
[  334.414505][T15722]  ? aa_sock_msg_perm+0xf1/0x1d0
[  334.414531][T15722]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  334.414548][T15722]  ? __pfx_netlink_sendmsg+0x10/0x10
[  334.414567][T15722]  __sock_sendmsg+0x21c/0x270
[  334.414593][T15722]  ____sys_sendmsg+0x505/0x830
[  334.414616][T15722]  ? __pfx_____sys_sendmsg+0x10/0x10
[  334.414644][T15722]  ? import_iovec+0x74/0xa0
[  334.414670][T15722]  ___sys_sendmsg+0x21f/0x2a0
[  334.414691][T15722]  ? __pfx____sys_sendmsg+0x10/0x10
[  334.414744][T15722]  ? __fget_files+0x2a/0x420
[  334.414760][T15722]  ? __fget_files+0x3a0/0x420
[  334.414787][T15722]  __x64_sys_sendmsg+0x19b/0x260
[  334.414810][T15722]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  334.414834][T15722]  ? __pfx_ksys_write+0x10/0x10
[  334.414860][T15722]  ? do_syscall_64+0xbe/0xfa0
[  334.414884][T15722]  do_syscall_64+0xfa/0xfa0
[  334.414904][T15722]  ? lockdep_hardirqs_on+0x9c/0x150
[  334.414925][T15722]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.414942][T15722]  ? clear_bhb_loop+0x60/0xb0
[  334.414962][T15722]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.414978][T15722] RIP: 0033:0x7ff18878f6c9
[  334.414994][T15722] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  334.415010][T15722] RSP: 002b:00007ff189609038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  334.415029][T15722] RAX: ffffffffffffffda RBX: 00007ff1889e5fa0 RCX: 00007ff18878f6c9
[  334.415042][T15722] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[  334.415054][T15722] RBP: 00007ff189609090 R08: 0000000000000000 R09: 0000000000000000
[  334.415064][T15722] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  334.415072][T15722] R13: 00007ff1889e6038 R14: 00007ff1889e5fa0 R15: 00007ffe89a96748
[  334.415097][T15722]  </TASK>
[  334.725156][   T31] INFO: task kworker/0:1H:1078 blocked for more than 143 seconds.
[  334.743350][   T31]       Not tainted syzkaller #0
[  334.763318][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  334.793138][   T31] task:kworker/0:1H    state:D stack:26120 pid:1078  tgid:1078  ppid:2      task_flags:0x4208060 flags:0x00080000
[  334.829023][   T31] Workqueue: kblockd blk_mq_requeue_work
[  334.834736][   T31] Call Trace:
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  334.844987][   T31]  <TASK>
[  334.847972][   T31]  __schedule+0x1798/0x4cc0
[  334.862790][   T31]  ? do_raw_spin_lock+0x121/0x290
[  334.917190][   T31]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  334.922630][   T31]  ? __pfx___schedule+0x10/0x10
[  334.997234][   T31]  ? schedule+0x91/0x360
[  335.001553][   T31]  schedule+0x165/0x360
[  335.026282][   T31]  schedule_timeout+0x12b/0x270
[  335.031207][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  335.054983][   T31]  ? __pfx_process_timeout+0x10/0x10
[  335.060352][   T31]  ? prepare_to_wait_event+0x437/0x480
[  335.076091][   T31]  nbd_queue_rq+0x662/0xf10
[  335.080663][   T31]  ? __pfx_nbd_queue_rq+0x10/0x10
[  335.094876][   T31]  ? __pfx_autoremove_wake_function+0x10/0x10
[  335.101108][   T31]  blk_mq_dispatch_rq_list+0x4c0/0x1900
[  335.106785][   T31]  ? sbitmap_find_bit+0x47f/0x520
[  335.111846][   T31]  ? __pfx_blk_mq_dispatch_rq_list+0x10/0x10
[  335.118082][   T31]  ? __blk_mq_alloc_driver_tag+0x2e7/0x6e0
[  335.123921][   T31]  __blk_mq_sched_dispatch_requests+0xda4/0x1570
[  335.130675][   T31]  ? __pfx___blk_mq_sched_dispatch_requests+0x10/0x10
[  335.138431][   T31]  ? blk_mq_run_hw_queue+0x31f/0x4f0
[  335.143755][   T31]  blk_mq_sched_dispatch_requests+0xd7/0x190
[  335.155138][ T5148] Bluetooth: hci1: command tx timeout
[  335.178868][   T31]  ? blk_mq_run_hw_queue+0x31f/0x4f0
[  335.184215][   T31]  blk_mq_run_hw_queue+0x348/0x4f0
[  335.216902][   T31]  blk_mq_run_hw_queues+0x33e/0x430
[  335.222160][   T31]  ? __pfx_blk_mq_run_hw_queues+0x10/0x10
[  335.246383][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  335.251637][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  335.284866][   T31]  blk_mq_requeue_work+0x717/0x760
[  335.290055][   T31]  ? __pfx_blk_mq_requeue_work+0x10/0x10
[  335.299141][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  335.304384][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  335.310358][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  335.316337][   T31]  process_scheduled_works+0xae1/0x17b0
[  335.321930][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  335.328003][   T31]  worker_thread+0x8a0/0xda0
[  335.332611][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  335.339078][   T31]  ? __kthread_parkme+0x7b/0x200
[  335.344045][   T31]  kthread+0x711/0x8a0
[  335.348225][   T31]  ? __pfx_worker_thread+0x10/0x10
[  335.353350][   T31]  ? __pfx_kthread+0x10/0x10
[  335.358143][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  335.363361][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  335.368607][   T31]  ? __pfx_kthread+0x10/0x10
[  335.373207][   T31]  ret_from_fork+0x4bc/0x870
[  335.377892][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  335.383396][   T31]  ? __switch_to_asm+0x39/0x70
[  335.388226][   T31]  ? __switch_to_asm+0x33/0x70
[  335.392997][   T31]  ? __pfx_kthread+0x10/0x10
[  335.397861][   T31]  ret_from_fork_asm+0x1a/0x30
[  335.402661][   T31]  </TASK>
[  335.406228][   T31] INFO: task udevd:5835 blocked for more than 144 seconds.
[  335.413439][   T31]       Not tainted syzkaller #0
[  335.422283][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  335.431481][   T31] task:udevd           state:D stack:22728 pid:5835  tgid:5835  ppid:5197   task_flags:0x400140 flags:0x00080001
[  335.463028][   T31] Call Trace:
[  335.466622][   T31]  <TASK>
[  335.469569][   T31]  __schedule+0x1798/0x4cc0
[  335.474083][   T31]  ? blk_mq_flush_plug_list+0x41f/0x550
[  335.480167][   T31]  ? __pfx_blk_mq_flush_plug_list+0x10/0x10
[  335.486561][   T31]  ? __lock_acquire+0xab9/0xd20
[  335.491440][   T31]  ? __pfx___schedule+0x10/0x10
[  335.496405][   T31]  ? schedule+0x91/0x360
[  335.501179][   T31]  schedule+0x165/0x360
[  335.505373][   T31]  schedule_timeout+0x12b/0x270
[  335.510225][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  335.515746][   T31]  ? __pfx_process_timeout+0x10/0x10
[  335.521061][   T31]  ? prepare_to_wait_event+0x437/0x480
[  335.526647][   T31]  nbd_queue_rq+0x662/0xf10
[  335.531193][   T31]  ? __pfx_nbd_queue_rq+0x10/0x10
[  335.536324][   T31]  ? __pfx_autoremove_wake_function+0x10/0x10
[  335.542405][   T31]  blk_mq_dispatch_rq_list+0x4c0/0x1900
[  335.548017][   T31]  ? sbitmap_find_bit+0x47f/0x520
[  335.553491][   T31]  ? __pfx_blk_mq_dispatch_rq_list+0x10/0x10
[  335.559648][   T31]  ? __blk_mq_alloc_driver_tag+0x2e7/0x6e0
[  335.565528][   T31]  __blk_mq_sched_dispatch_requests+0xda4/0x1570
[  335.572008][   T31]  ? __pfx___blk_mq_sched_dispatch_requests+0x10/0x10
[  335.578963][   T31]  ? blk_mq_run_hw_queue+0x31f/0x4f0
[  335.584305][   T31]  blk_mq_sched_dispatch_requests+0xd7/0x190
[  335.590737][   T31]  ? blk_mq_run_hw_queue+0x31f/0x4f0
[  335.596152][   T31]  blk_mq_run_hw_queue+0x348/0x4f0
[  335.601298][   T31]  blk_mq_dispatch_list+0xd0c/0xe00
[  335.606943][   T31]  ? bdev_count_inflight+0x1cf/0x210
[  335.612262][   T31]  ? blk_mq_dispatch_list+0x1a0/0xe00
[  335.617869][   T31]  ? __pfx_blk_mq_dispatch_list+0x10/0x10
[  335.623619][   T31]  ? rcu_is_watching+0x15/0xb0
[  335.628435][   T31]  blk_mq_flush_plug_list+0x469/0x550
[  335.633914][   T31]  ? blk_add_rq_to_plug+0x300/0x450
[  335.639328][   T31]  ? blk_mq_submit_bio+0x1a65/0x25b0
[  335.644636][   T31]  ? __pfx_blk_mq_flush_plug_list+0x10/0x10
[  335.650611][   T31]  __blk_flush_plug+0x3d3/0x4b0
[  335.655519][   T31]  ? __pfx___blk_flush_plug+0x10/0x10
[  335.660907][   T31]  __submit_bio+0x2d3/0x5a0
[  335.665456][   T31]  ? __pfx___submit_bio+0x10/0x10
[  335.670488][   T31]  ? blk_cgroup_bio_start+0x59d/0x640
[  335.675987][   T31]  submit_bio_noacct_nocheck+0x2fb/0xa50
[  335.681636][   T31]  ? bio_associate_blkg+0x6d/0x230
[  335.686810][   T31]  ? __pfx_submit_bio_noacct_nocheck+0x10/0x10
[  335.693360][   T31]  ? submit_bio_noacct+0xe0c/0x1b80
[  335.698660][   T31]  block_read_full_folio+0x599/0x830
[  335.703976][   T31]  ? __pfx_blkdev_get_block+0x10/0x10
[  335.709432][   T31]  filemap_read_folio+0x117/0x380
[  335.714466][   T31]  ? __pfx_blkdev_read_folio+0x10/0x10
[  335.721460][   T31]  ? __pfx_filemap_read_folio+0x10/0x10
[  335.727524][   T31]  ? filemap_add_folio+0x35f/0x540
[  335.732662][   T31]  do_read_cache_folio+0x350/0x590
[  335.737870][   T31]  ? __pfx_blkdev_read_folio+0x10/0x10
[  335.743341][   T31]  read_part_sector+0xb6/0x2b0
[  335.748237][   T31]  adfspart_check_ICS+0xa4/0xa50
[  335.753189][   T31]  ? snprintf+0xda/0x120
[  335.757553][   T31]  ? __pfx_adfspart_check_ICS+0x10/0x10
[  335.763131][   T31]  bdev_disk_changed+0x75f/0x14b0
[  335.768234][   T31]  ? __pfx_bdev_disk_changed+0x10/0x10
[  335.773703][   T31]  ? wait_on_inode+0xc0/0x230
[  335.778458][   T31]  blkdev_get_whole+0x380/0x510
[  335.783334][   T31]  bdev_open+0x31e/0xd30
[  335.787654][   T31]  blkdev_open+0x457/0x600
[  335.792076][   T31]  ? __pfx_blkdev_open+0x10/0x10
[  335.797788][   T31]  do_dentry_open+0x953/0x13f0
[  335.802617][   T31]  vfs_open+0x3b/0x340
[  335.806753][   T31]  ? path_openat+0x2ecd/0x3830
[  335.811542][   T31]  path_openat+0x2ee5/0x3830
[  335.816251][   T31]  ? __pfx_path_openat+0x10/0x10
[  335.821223][   T31]  do_filp_open+0x1fa/0x410
[  335.825803][   T31]  ? __lock_acquire+0xab9/0xd20
[  335.830668][   T31]  ? __pfx_do_filp_open+0x10/0x10
[  335.835851][   T31]  ? _raw_spin_unlock+0x28/0x50
[  335.840713][   T31]  ? alloc_fd+0x64c/0x6c0
[  335.845131][   T31]  do_sys_openat2+0x121/0x1c0
[  335.849816][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[  335.855137][   T31]  __x64_sys_openat+0x138/0x170
[  335.859997][   T31]  do_syscall_64+0xfa/0xfa0
[  335.864488][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.870585][   T31]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  335.879257][   T31]  ? clear_bhb_loop+0x60/0xb0
[  335.884198][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.890245][   T31] RIP: 0033:0x7f6fed4a7407
[  335.895527][   T31] RSP: 002b:00007ffddf749860 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
[  335.903964][   T31] RAX: ffffffffffffffda RBX: 00007f6fedca7880 RCX: 00007f6fed4a7407
[  335.912164][   T31] RDX: 00000000000a0800 RSI: 000055f6fd5ab8e0 RDI: ffffffffffffff9c
[  335.921634][   T31] RBP: 000055f6fd583910 R08: 0000000000000000 R09: 0000000000000000
[  335.929684][   T31] R10: 0000000000000000 R11: 0000000000000202 R12: 000055f6fd59d320
[  335.937844][   T31] R13: 000055f6fd591190 R14: 0000000000000000 R15: 000055f6fd59d320
[  335.945937][   T31]  </TASK>
[  335.972307][   T31] 
[  335.972307][   T31] Showing all locks held in the system:
[  335.980271][   T31] 2 locks held by kworker/0:0/9:
[  335.989905][   T31]  #0: ffff88801a055948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  336.001907][   T31]  #1: ffffc900000e7ba0 (free_ipc_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  336.013423][   T31] 1 lock held by khungtaskd/31:
[  336.030619][   T31]  #0: ffffffff8df3d2e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  336.055569][   T31] 4 locks held by kworker/u8:2/36:
[  336.060721][   T31]  #0: ffff88801aedf148 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  336.095975][   T31]  #1: ffffc90000ac7ba0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  336.115052][   T31]  #2: ffffffff8f2be5b0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x820
[  336.124438][   T31]  #3: ffffffff8df42c40 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  336.155158][   T31] 4 locks held by kworker/0:1H/1078:
[  336.160500][   T31]  #0: ffff88801d6f1148 ((wq_completion)kblockd){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  336.184959][   T31]  #1: ffffc9000378fba0 ((work_completion)(&(&q->requeue_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  336.214900][   T31]  #2: ffff888142f33b10 (set->srcu){.+.+}-{0:0}, at: blk_mq_run_hw_queue+0x31f/0x4f0
[  336.224469][   T31]  #3: ffff888024be51f8 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xc8/0xf10
[  336.254878][   T31] 6 locks held by kworker/u8:7/1342:
[  336.261294][   T31] 2 locks held by getty/5586:
[  336.278362][   T31]  #0: ffff888033ac50a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  336.294973][   T31]  #1: ffffc900036bb2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  336.316072][   T31] 3 locks held by kworker/0:3/5826:
[  336.321313][   T31] 3 locks held by udevd/5835:
[  336.334891][   T31]  #0: ffff888143383358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xd30
[  336.344202][   T31]  #1: ffff888142f33b10 (set->srcu){.+.+}-{0:0}, at: blk_mq_run_hw_queue+0x31f/0x4f0
[  336.354234][   T31]  #2: ffff888024be53b8 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xc8/0xf10
[  336.364704][   T31] 2 locks held by syz-executor/5837:
[  336.374475][   T31]  #0: ffff88803260cdc8 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x510
[  336.384550][   T31]  #1: ffff88803260c0b8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330
[  336.394269][   T31] 4 locks held by syz-executor/5838:
[  336.399705][   T31]  #0: ffff8880320c8dc8 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x510
[  336.410004][   T31]  #1: ffff8880320c80b8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330
[  336.419812][   T31]  #2: ffffffff8f4353e8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x230
[  336.429917][   T31]  #3: ffff888077f5b338 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x70/0x680
[  336.439492][   T31] 2 locks held by syz-executor/14606:
[  336.444930][   T31]  #0: ffffffff8f2cb548 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3e/0x1c0
[  336.453996][   T31]  #1: ffffffff8df42d78 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x3b9/0x730
[  336.464962][   T31] 3 locks held by syz.2.3063/15713:
[  336.470169][   T31]  #0: ffff88802e564dc8 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x510
[  336.481501][   T31]  #1: ffff88802e5640b8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330
[  336.491273][   T31]  #2: ffffffff8f4353e8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x230
[  336.501741][   T31] 
[  336.510641][   T31] =============================================
[  336.510641][   T31] 
[  336.520016][   T31] NMI backtrace for cpu 1
[  336.520034][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  336.520051][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  336.520061][   T31] Call Trace:
[  336.520068][   T31]  <TASK>
[  336.520076][   T31]  dump_stack_lvl+0x189/0x250
[  336.520114][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  336.520136][   T31]  ? __pfx__printk+0x10/0x10
[  336.520165][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[  336.520186][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  336.520206][   T31]  ? __pfx__printk+0x10/0x10
[  336.520227][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  336.520254][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  336.520275][   T31]  watchdog+0xf60/0xfa0
[  336.520297][   T31]  ? watchdog+0x1e2/0xfa0
[  336.520320][   T31]  kthread+0x711/0x8a0
[  336.520345][   T31]  ? __pfx_watchdog+0x10/0x10
[  336.520361][   T31]  ? __pfx_kthread+0x10/0x10
[  336.520383][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  336.520404][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  336.520423][   T31]  ? __pfx_kthread+0x10/0x10
[  336.520445][   T31]  ret_from_fork+0x4bc/0x870
[  336.520466][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  336.520489][   T31]  ? __switch_to_asm+0x39/0x70
[  336.520503][   T31]  ? __switch_to_asm+0x33/0x70
[  336.520516][   T31]  ? __pfx_kthread+0x10/0x10
[  336.520539][   T31]  ret_from_fork_asm+0x1a/0x30
[  336.520568][   T31]  </TASK>
[  336.520575][   T31] Sending NMI from CPU 1 to CPUs 0:
[  336.666916][    C0] NMI backtrace for cpu 0
[  336.666934][    C0] CPU: 0 UID: 0 PID: 15673 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  336.666952][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  336.666962][    C0] RIP: 0010:check_preemption_disabled+0x17/0x120
[  336.666990][    C0] Code: 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 55 41 57 41 56 53 48 83 ec 10 65 48 8b 05 de a4 27 07 48 89 44 24 08 <65> 8b 05 e6 a4 27 07 65 8b 0d db a4 27 07 f7 c1 ff ff ff 7f 74 23
[  336.667004][    C0] RSP: 0018:ffffc9000bcf77b0 EFLAGS: 00000282
[  336.667019][    C0] RAX: a8522d8e68b76100 RBX: 0000000000000001 RCX: 0000000000000000
[  336.667031][    C0] RDX: ffff888079fc9e40 RSI: ffffffff8bbf05c0 RDI: ffffffff8bbf0580
[  336.667043][    C0] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff822f147e
[  336.667053][    C0] R10: 000000000000000c R11: ffffffff81ac2d30 R12: ffffea00009d8b80
[  336.667064][    C0] R13: 0000000000000000 R14: ffffffff822f147e R15: 0000004e62e9310d
[  336.667075][    C0] FS:  0000000000000000(0000) GS:ffff88812613d000(0000) knlGS:0000000000000000
[  336.667088][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  336.667099][    C0] CR2: 000055d816ed3000 CR3: 000000000dd38000 CR4: 00000000003526f0
[  336.667114][    C0] Call Trace:
[  336.667120][    C0]  <TASK>
[  336.667126][    C0]  ? do_group_exit+0x21c/0x2d0
[  336.667148][    C0]  ? __update_page_owner_free_handle+0x2e/0x470
[  336.667170][    C0]  rcu_is_watching+0x15/0xb0
[  336.667187][    C0]  ? __update_page_owner_free_handle+0x2e/0x470
[  336.667208][    C0]  __update_page_owner_free_handle+0x68/0x470
[  336.667233][    C0]  __reset_page_owner+0x85/0x1f0
[  336.667255][    C0]  __free_frozen_pages+0xbc4/0xd30
[  336.667280][    C0]  vfree+0x25a/0x400
[  336.667300][    C0]  ? __pfx_kcov_close+0x10/0x10
[  336.667316][    C0]  kcov_close+0x28/0x50
[  336.667329][    C0]  __fput+0x44c/0xa70
[  336.667351][    C0]  task_work_run+0x1d4/0x260
[  336.667374][    C0]  ? __pfx_task_work_run+0x10/0x10
[  336.667395][    C0]  ? do_exit+0x6b0/0x2300
[  336.667412][    C0]  ? kmem_cache_free+0x19b/0x690
[  336.667436][    C0]  do_exit+0x6b5/0x2300
[  336.667457][    C0]  ? do_raw_spin_lock+0x121/0x290
[  336.667478][    C0]  ? __pfx_do_exit+0x10/0x10
[  336.667504][    C0]  do_group_exit+0x21c/0x2d0
[  336.667523][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  336.667544][    C0]  get_signal+0x1285/0x1340
[  336.667569][    C0]  arch_do_signal_or_restart+0xa0/0x790
[  336.667593][    C0]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  336.667623][    C0]  ? exit_to_user_mode_loop+0x40/0x130
[  336.667640][    C0]  exit_to_user_mode_loop+0x72/0x130
[  336.667655][    C0]  do_syscall_64+0x2bd/0xfa0
[  336.667674][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  336.667693][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.667708][    C0]  ? clear_bhb_loop+0x60/0xb0
[  336.667725][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.667740][    C0] RIP: 0033:0x7f077d38f2cb
[  336.667753][    C0] Code: Unable to access opcode bytes at 0x7f077d38f2a1.
[  336.667762][    C0] RSP: 002b:00007ffdee581430 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  336.667778][    C0] RAX: 0000000000000000 RBX: 00007f077d5e5f40 RCX: 00007f077d38f2cb
[  336.667789][    C0] RDX: 00007ffdee5814b0 RSI: 00000000400454ca RDI: 00000000000000c8
[  336.667799][    C0] RBP: 00007f077d5e67b8 R08: 0000000000000000 R09: 0000000000000000
[  336.667810][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000008
[  336.667825][    C0] R13: 0000000000000003 R14: 00007ffdee581818 R15: 0000000000000000
[  336.667844][    C0]  </TASK>
[  337.322750][   T36] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.425410][   T36] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.489597][   T36] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.559385][   T36] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.697134][   T36] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.761514][   T36] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.817446][   T36] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.891314][   T36] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  338.020734][   T36] bridge_slave_1: left allmulticast mode
[  338.026883][   T36] bridge_slave_1: left promiscuous mode
[  338.033800][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  338.052927][   T36] bridge_slave_0: left allmulticast mode
[  338.058847][   T36] bridge_slave_0: left promiscuous mode
[  338.064537][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  338.077273][   T36] bridge_slave_1: left allmulticast mode
[  338.082927][   T36] bridge_slave_1: left promiscuous mode
[  338.089925][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  338.100833][   T36] bridge_slave_0: left allmulticast mode
[  338.106899][   T36] bridge_slave_0: left promiscuous mode
[  338.112597][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  338.480444][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  338.492133][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  338.502990][   T36] bond0 (unregistering): Released all slaves
[  338.857003][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  338.866259][   T36] bond_slave_0: left promiscuous mode
[  338.873628][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  338.883013][   T36] bond_slave_1: left promiscuous mode
[  338.889775][   T36] bond0 (unregistering): Released all slaves
[  339.460355][   T36] hsr_slave_0: left promiscuous mode
[  339.466864][   T36] hsr_slave_1: left promiscuous mode
[  339.473121][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  339.481482][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  339.495620][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  339.503015][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  339.515871][   T36] hsr_slave_0: left promiscuous mode
[  339.521828][   T36] hsr_slave_1: left promiscuous mode
[  339.527868][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  339.535344][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  339.543873][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  339.551443][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  339.584441][   T36] veth1_macvtap: left promiscuous mode
[  339.591043][   T36] veth0_macvtap: left promiscuous mode
[  339.598516][   T36] veth1_vlan: left promiscuous mode
[  339.607290][   T36] veth1_to_hsr: left allmulticast mode
[  339.612906][   T36] veth1_to_hsr: left promiscuous mode
[  339.618480][   T36] veth1_macvtap: left promiscuous mode
[  339.624009][   T36] veth0_macvtap: left promiscuous mode
[  339.629930][   T36] veth1_vlan: left promiscuous mode
[  340.130594][   T36] team0 (unregistering): Port device team_slave_1 removed
[  340.169650][   T36] team0 (unregistering): Port device team_slave_0 removed
[  340.890705][   T36] team0 (unregistering): Port device team_slave_1 removed
[  340.930383][   T36] team0 (unregistering): Port device team_slave_0 removed
[  341.478406][ T5898] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  341.844753][   T36] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 2816 - 0
[  341.856827][   T36] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  341.923314][   T36] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 2816 - 0
[  341.933946][   T36] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  341.999370][   T36] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 2816 - 0
[  342.009925][   T36] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  342.070845][   T36] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 2816 - 0
[  342.081413][   T36] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  342.190455][   T36] batadv1: left allmulticast mode
[  342.203107][   T36] batadv1: left promiscuous mode
[  342.208699][   T36] bridge0: port 4(batadv1) entered disabled state
[  342.217714][   T36] bond1: left allmulticast mode
[  342.222620][   T36] bond1: left promiscuous mode
[  342.228203][   T36] bridge0: port 3(bond1) entered disabled state
[  342.236199][   T36] bridge_slave_1: left allmulticast mode
[  342.241843][   T36] bridge_slave_1: left promiscuous mode
[  342.248297][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  342.256929][   T36] bridge_slave_0: left allmulticast mode
[  342.262573][   T36] bridge_slave_0: left promiscuous mode
[  342.268403][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  342.461114][   T36] bond3 (unregistering): (slave gretap1): Releasing active interface
[  342.515071][   T36] dvmrp0 (unregistering): left allmulticast mode
[  342.902768][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  342.911951][   T36] bond_slave_0: left promiscuous mode
[  342.920149][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  342.929295][   T36] bond_slave_1: left promiscuous mode
[  342.936408][   T36] bond0 (unregistering): Released all slaves
[  343.039482][   T36] bond1 (unregistering): Released all slaves
[  343.140444][   T36] bond2 (unregistering): Released all slaves
[  343.152961][   T36] bond3 (unregistering): Released all slaves
[  343.273316][   T36] bond4 (unregistering): (slave batadv5): Releasing active interface
[  343.283535][   T36] bond4 (unregistering): Released all slaves
[  343.321540][    T9] wg1 speed is unknown, defaulting to 1000
[  343.327827][    T9] syz0: Port: 1 Link DOWN
[  343.413857][   T36] tipc: Disabling bearer <udp:£ >
[  343.422902][   T36] tipc: Left network mode
[  343.959807][   T36] dummy0: left promiscuous mode
[  343.965833][   T36] team0: left promiscuous mode
[  343.970627][   T36] team_slave_0: left promiscuous mode
[  343.976323][   T36] team_slave_1: left promiscuous mode
[  343.984400][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  343.992008][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  344.000085][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  344.007986][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  344.018554][   T36] veth1_vlan: left promiscuous mode
[  344.441653][   T36] team0 (unregistering): Port device team_slave_1 removed
[  344.481540][   T36] team0 (unregistering): Port device team_slave_0 removed