last executing test programs:

3m32.206597503s ago: executing program 0 (id=1047):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x275a, 0x0)
socket$kcm(0x10, 0x2, 0x4)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x80800)
close(0x4)
close(r2)
writev(r0, &(0x7f0000000400)=[{&(0x7f00000002c0)="a609a89c9edd34187123b5adceb3968557f4e107445a53c0815c9636d00f896d1e8cd8de77a79f1e3e2c53ddf1bb9f8ac5cb5257ff4e8b960026bc4244c4b09179a97dffdf02563e23546d3e78f944e7e2fee2a00b6313048fe354223318badb21d8c086669c5f7772f4a6d90d0997babdf79f7d557e055b3e6f2e4f41ec06a39a57b9ccc00bbca22395e41f9e9652af665f0e1603fb85d4799d54d44c706ff8df9bb805b182a1260b5936ae44f649b5e2fdca240984dcd0033ec28aeaaa686608", 0xc1}], 0x1)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=@newqdisc={0x68, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x12, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x3c, 0x2, [@TCA_TBF_PBURST={0x8, 0x7, 0xe66}, @TCA_TBF_PARMS={0x28, 0x1, {{0xa, 0x2, 0xffff, 0x7, 0xcc, 0x3}, {0x0, 0x1, 0x7, 0x8, 0x7f, 0x9}, 0xa6, 0x7, 0x1bb6}}, @TCA_TBF_BURST={0x8, 0x6, 0x7f}]}}]}, 0x68}, 0x1, 0x0, 0x0, 0x48000}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70b921, 0x80000, {0x0, 0x0, 0x0, r7, {0x0, 0xa}, {0x6, 0xb}, {0x9, 0xa}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x5, 0x7f, 0x7ff, 0x1a8}}}}]}, 0x48}}, 0x44000)
r8 = socket$netlink(0x10, 0x3, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0xfffffffd, {0x0, 0x0, 0x0, r10, {0xb, 0xd}, {}, {0x8}}}, 0x24}}, 0x40004)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x1}, 0x8)

3m31.904240554s ago: executing program 0 (id=1053):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r1, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@newlink={0x60, 0x10, 0xffffff1f, 0x0, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x24008}, [@IFLA_LINKINFO={0x38, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x28, 0x2, 0x0, 0x1, [@IFLA_GENEVE_REMOTE6={0x14, 0x7, @loopback}, @IFLA_GENEVE_TTL={0x5, 0x3, 0x8}, @IFLA_GENEVE_UDP_ZERO_CSUM6_RX={0x5, 0xa, 0x1}]}}}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x60}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

3m31.747961689s ago: executing program 0 (id=1055):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)={0x18, r1, 0x1, 0x0, 0xffffffff, {{}, {@void, @void}}, [@NL80211_ATTR_TX_RATES={0x4, 0x10d}]}, 0x18}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x200000000000011, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="400000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001400128009000100626f6e6400000000040002800c00c0d7c2140100bbbbbbbbbbbb0000"], 0x40}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r5=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="3c00000010000104000000000300000000000000", @ANYRES32=r5, @ANYBLOB="0002000000000000090000000b00010062726964676500000c0002800600270001000000591990e0f8c906d161379cd18c6965646d82f4a2707453d0b2df1db644c77038a2b1fabac65a14"], 0x3c}}, 0x0)

3m31.199754801s ago: executing program 0 (id=1061):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x8)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000000)={<r2=>r0, 0x7, 0x3, 0x1ff})
ioctl$SIOCAX25OPTRT(r2, 0x89e7, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0) (async)
syz_init_net_socket$ax25(0x3, 0x2, 0x8) (async)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000000)={r0, 0x7, 0x3, 0x1ff}) (async)
ioctl$SIOCAX25OPTRT(r2, 0x89e7, 0x0) (async)

3m31.011128701s ago: executing program 0 (id=1067):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
ioctl$BTRFS_IOC_SCRUB_PROGRESS(r0, 0xc400941d, &(0x7f0000000400)={<r2=>0x0, 0x9, 0x40, 0x1})
ioctl$BTRFS_IOC_SCRUB_PROGRESS(r1, 0xc400941d, &(0x7f0000000800)={r2, 0xfffffffffffffff7, 0x5, 0x1})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="98000000", @ANYRES16, @ANYBLOB="2da52abd7000fbdbdf2503000000080001000000"], 0x98}, 0x1, 0x0, 0x0, 0x4008040}, 0x4000)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="68000000100001002fbd7000fddbdf2500000000", @ANYRES32=0x0, @ANYBLOB="0201000000000000140003006e657464657673696d3000000000000034001680300001802c000c80140001"], 0x68}}, 0x24040800)
r3 = socket$inet(0x2, 0x2, 0x1)
setsockopt$inet_int(r3, 0x0, 0xf, &(0x7f0000000000)=0xfffffffc, 0x4)
bind$inet(r3, &(0x7f0000000300)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000e80)=ANY=[@ANYBLOB="b40500000000000061107a0000000000070000000000000095000044c51cb05200000000008ef3a960a080406dee7b83fe63afe8b0ba84dfbf4d2758f39602b5a8b6d6a0da46e5e4878057e43acf9d2457b5bd451ddc28a4d7f38da84e44ea72c7c7fc08cacd88abf1d63c85d98dd4f95eb30ae722f6ec83f9332c88d6de56dec585d98f09c03c3ecb29732284bd8539ed4b844eed8340d9f6db0cb60200000087ad14d45ce0b33785fb4cc1e014734133907b009ec7c9bda01c25edec69771acead61e0e7"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000180)={r4, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000340)='./cgroup/cgroup.procs\x00', &(0x7f00000002c0)=[0x45c], 0x0, 0x0, 0x100000, 0x1}}, 0x40)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000001c0)={'tunl0\x00', &(0x7f0000000380)={'gretap0\x00', 0x0, 0x7, 0x48, 0x7, 0x0, {{0xa, 0x4, 0x1, 0x3, 0x28, 0x64, 0x0, 0x8, 0x29, 0x0, @dev={0xac, 0x14, 0x14, 0xc}, @private=0xa010101, {[@cipso={0x86, 0xa, 0x0, [{0x5, 0x4, "749d"}]}, @cipso={0x86, 0xa, 0x2, [{0x1, 0x4, "b3ce"}]}]}}}}})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETLINK(r5, 0x400454cd, 0x305)
socket$nl_route(0x10, 0x3, 0x0) (async)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) (async)
ioctl$BTRFS_IOC_SCRUB_PROGRESS(r0, 0xc400941d, &(0x7f0000000400)={0x0, 0x9, 0x40, 0x1}) (async)
ioctl$BTRFS_IOC_SCRUB_PROGRESS(r1, 0xc400941d, &(0x7f0000000800)={r2, 0xfffffffffffffff7, 0x5, 0x1}) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="98000000", @ANYRES16, @ANYBLOB="2da52abd7000fbdbdf2503000000080001000000"], 0x98}, 0x1, 0x0, 0x0, 0x4008040}, 0x4000) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="68000000100001002fbd7000fddbdf2500000000", @ANYRES32=0x0, @ANYBLOB="0201000000000000140003006e657464657673696d3000000000000034001680300001802c000c80140001"], 0x68}}, 0x24040800) (async)
socket$inet(0x2, 0x2, 0x1) (async)
setsockopt$inet_int(r3, 0x0, 0xf, &(0x7f0000000000)=0xfffffffc, 0x4) (async)
bind$inet(r3, &(0x7f0000000300)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) (async)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000e80)=ANY=[@ANYBLOB="b40500000000000061107a0000000000070000000000000095000044c51cb05200000000008ef3a960a080406dee7b83fe63afe8b0ba84dfbf4d2758f39602b5a8b6d6a0da46e5e4878057e43acf9d2457b5bd451ddc28a4d7f38da84e44ea72c7c7fc08cacd88abf1d63c85d98dd4f95eb30ae722f6ec83f9332c88d6de56dec585d98f09c03c3ecb29732284bd8539ed4b844eed8340d9f6db0cb60200000087ad14d45ce0b33785fb4cc1e014734133907b009ec7c9bda01c25edec69771acead61e0e7"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000180)={r4, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000340)='./cgroup/cgroup.procs\x00', &(0x7f00000002c0)=[0x45c], 0x0, 0x0, 0x100000, 0x1}}, 0x40) (async)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000001c0)={'tunl0\x00', &(0x7f0000000380)={'gretap0\x00', 0x0, 0x7, 0x48, 0x7, 0x0, {{0xa, 0x4, 0x1, 0x3, 0x28, 0x64, 0x0, 0x8, 0x29, 0x0, @dev={0xac, 0x14, 0x14, 0xc}, @private=0xa010101, {[@cipso={0x86, 0xa, 0x0, [{0x5, 0x4, "749d"}]}, @cipso={0x86, 0xa, 0x2, [{0x1, 0x4, "b3ce"}]}]}}}}}) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$TUNSETLINK(r5, 0x400454cd, 0x305) (async)

3m30.057372469s ago: executing program 0 (id=1081):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000240)={&(0x7f0000000140)=@mpls_getroute={0x34, 0x1a, 0x20, 0x70bd29, 0x25dfdbff, {0x1c, 0x80, 0x14, 0x2f, 0xfe, 0x2, 0x0, 0x2, 0x2000}, [@RTA_DST={0x8, 0x1, {0x3, 0x0, 0x1}}, @RTA_TTL_PROPAGATE={0x5, 0x1a, 0x4}, @RTA_OIF={0x8, 0x4, r1}]}, 0x34}, 0x1, 0x0, 0x0, 0x40080}, 0x58094)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r4)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="f5af24bd7000000000000e00000008000300", @ANYRES32], 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000300)=@newlink={0x48, 0x10, 0x503, 0x70bd2a, 0x4, {0x0, 0x0, 0x0, 0x0, 0x38018, 0x201a0}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_BROADCAST={0xa, 0x2, @remote}]}, 0x48}}, 0x800)
unshare(0x20000400)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000008c0)=ANY=[@ANYBLOB="1400000026000900010008008120000006000000"], 0x14}, 0x1, 0x0, 0x0, 0x404c005}, 0x4000040)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
r7 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r7, 0x89f1, &(0x7f0000000200)={'erspan0\x00', &(0x7f0000000440)={'gre0\x00', <r8=>r1, 0x80, 0x8000, 0x8, 0x4, {{0xd, 0x4, 0x2, 0x18, 0x34, 0x66, 0x0, 0x2, 0x4, 0x0, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@noop, @rr={0x7, 0xf, 0xd, [@broadcast, @private=0xa010101, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @timestamp_addr={0x44, 0xc, 0xd, 0x1, 0x9, [{@rand_addr=0x64010102, 0x4}]}, @end]}}}}})
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000002c0)={'team0\x00', <r9=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000540)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)=@getnexthop={0x30, 0x6a, 0x300, 0x70bd27, 0x25dfdbfe, {}, [@NHA_OIF={0x8, 0x5, r8}, @NHA_OIF={0x8, 0x5, r9}, @NHA_OIF={0x8, 0x5, r1}]}, 0x30}, 0x1, 0x0, 0x0, 0x10}, 0x20000001)
syz_emit_ethernet(0x5e, &(0x7f0000000380)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd60ff00f500280600fe8000000000000000000000000000aafe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="a002faff8f7900001d12000000000000000000000000000000040000240700000000000000f65d6eb19d8454f2dc27273bf21a988bb9295dda8ed8bd6b4b4129a917a014257f6ad9ad817f4aa86317275e52"], 0x0)

3m13.037640315s ago: executing program 32 (id=1081):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000240)={&(0x7f0000000140)=@mpls_getroute={0x34, 0x1a, 0x20, 0x70bd29, 0x25dfdbff, {0x1c, 0x80, 0x14, 0x2f, 0xfe, 0x2, 0x0, 0x2, 0x2000}, [@RTA_DST={0x8, 0x1, {0x3, 0x0, 0x1}}, @RTA_TTL_PROPAGATE={0x5, 0x1a, 0x4}, @RTA_OIF={0x8, 0x4, r1}]}, 0x34}, 0x1, 0x0, 0x0, 0x40080}, 0x58094)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r4)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="f5af24bd7000000000000e00000008000300", @ANYRES32], 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000300)=@newlink={0x48, 0x10, 0x503, 0x70bd2a, 0x4, {0x0, 0x0, 0x0, 0x0, 0x38018, 0x201a0}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_BROADCAST={0xa, 0x2, @remote}]}, 0x48}}, 0x800)
unshare(0x20000400)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000008c0)=ANY=[@ANYBLOB="1400000026000900010008008120000006000000"], 0x14}, 0x1, 0x0, 0x0, 0x404c005}, 0x4000040)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
r7 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r7, 0x89f1, &(0x7f0000000200)={'erspan0\x00', &(0x7f0000000440)={'gre0\x00', <r8=>r1, 0x80, 0x8000, 0x8, 0x4, {{0xd, 0x4, 0x2, 0x18, 0x34, 0x66, 0x0, 0x2, 0x4, 0x0, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@noop, @rr={0x7, 0xf, 0xd, [@broadcast, @private=0xa010101, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @timestamp_addr={0x44, 0xc, 0xd, 0x1, 0x9, [{@rand_addr=0x64010102, 0x4}]}, @end]}}}}})
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000002c0)={'team0\x00', <r9=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000540)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)=@getnexthop={0x30, 0x6a, 0x300, 0x70bd27, 0x25dfdbfe, {}, [@NHA_OIF={0x8, 0x5, r8}, @NHA_OIF={0x8, 0x5, r9}, @NHA_OIF={0x8, 0x5, r1}]}, 0x30}, 0x1, 0x0, 0x0, 0x10}, 0x20000001)
syz_emit_ethernet(0x5e, &(0x7f0000000380)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd60ff00f500280600fe8000000000000000000000000000aafe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="a002faff8f7900001d12000000000000000000000000000000040000240700000000000000f65d6eb19d8454f2dc27273bf21a988bb9295dda8ed8bd6b4b4129a917a014257f6ad9ad817f4aa86317275e52"], 0x0)

2m33.884434394s ago: executing program 4 (id=2034):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x7, 0x6, 0x801, 0x0, 0x0, {0xa, 0x0, 0x7}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4c085}, 0x20000000)
recvmsg(r0, &(0x7f0000003200)={0x0, 0x0, &(0x7f00000030c0)}, 0x20)

2m33.804296151s ago: executing program 4 (id=2037):
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000000)="1400000010003507d25a806f8c6394f90324fc60", 0x14}], 0x1}, 0x0)
recvmsg(r0, &(0x7f0000004300)={0x0, 0x0, 0x0}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000027c0)=[{&(0x7f0000000500)=""/4096, 0x1000}], 0x1}, 0x10100)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000580)="d8000000140081054e81f782db44b904021d080225000000040000a118000200fcffffff00000e1208000f0100810401a80016ea1f", 0x35}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000580)="d8000000140081054e81f782db44b9040a", 0x11}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000580)=ANY=[], 0xfe33)

2m33.703463349s ago: executing program 4 (id=2039):
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907a56675f37538ec86dd6317ce22667f1100db5b686158bbcfe8875a65969ff57b03000000000000000000000000ac1414aa"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x84, 0x64, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200"], 0xcfa4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r1 = socket$kcm(0xa, 0x922000000003, 0x11)
recvmsg$kcm(r1, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x10000)

2m32.822792591s ago: executing program 4 (id=2052):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x20, 0x15, 0x1, 0x70bd26, 0x25dfdbff, {0x5}, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0x6}]}, 0x20}, 0x1, 0x0, 0x0, 0x4048854}, 0x40010)

2m32.715945417s ago: executing program 4 (id=2053):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000240)={0x2, 0x4e20, @multicast1}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001a00)=ANY=[@ANYBLOB="18000000030000000000000026d0000095002b000000000093adff012255f674412d02000000880b5f04596a5e99fce658be2f200c699223886d8be4b50000005ab527ee3697f98125f30e6326996a3cfee33025a30b45bdcf2c69d105e5e55a1d273683623f1a5dc6e3c7e20eb7a98ecf3bd2cf898e924abe26ac296f660e69ba982fd76e00dcff7f0000ca6b78ad833488cfe4109eaf009eddcf21f5c63cde2f00150200000001000000520a0000151d010000000100bf00000000cc587424363da52001a3cdf2000000db74596fd72c002a60c1bc7dc8c38b7d2e13c50424b9dd1145d03ff45f70685c6bd9ff41c69b7de406e89dcbb7677e65a88a8407a9e7f9c0e91028b0856eb1ed9474480737a55ebb0bd701f7fb21135c6172eba7eb8a341f07e5a2d1e88b3cfc22df01e4bac9d97328fa2a82b5e8741e02056d93a433f50479387467824262852c7939db5672d07cdbe8e14abf56497e5d56dbe37551b870b2851c3f0a1a9ebfcba105a6ccdd01b0f04edb256c0200000073f6db43661bd7f0e2536ffbfe5ca31b4083145531458b7d1e341c6b351ebc5223f54d6bec93f4ef088e5d1be2515226988d664709ff03f1aa3dc7f1580ace9bf2afd28d0700000000000000d6eb372713255012e028cb2654d493a0b43bf21375709f348f5eda2967199cc936859a538100070000000000dc10e13ef227f627a40000ad1fa253d33fa74f172d3407ae4e1e347c0c6ef9dd2b6bb700000000000000000c586272c3f4d79bc36315745cb149f3cb385e6add14652003c7cdd3324f07d134d3a6c718bbd1aafe1140cff0be4c6f8df084c5e9734ae30aa9af030025f01ab03a9b1074407136bc506031f0916a39d3057d55183612b39e73ae8e6dc30356886a831836469e2051d937eb85f3f2d5ae2c1dca476b97419a3b76ed62409d004d7fbe362145d19605d760df4c5124ca325d374b371867a79b35c6617fc3327191fbf514573f0e30d1d60be2168fffc2f3dccd599a2cb77f124e22f87673675805494db821f39b50d938d5fd8c6b2a3a324c257bc9110971b749ccd74089ed6b86f81ca3ba47d8f71d290ed1b1a11f7a67125170c88c3b6a50692cc0064fc6bbd312536ac15016c85c6332226401b110da9c786eeca22debc99335587b54c13c3107008fa069af8223b38ced735c2d906551004d8dc10d88738488da01ffa4add56474573c964a270000f2f16625c0c10200000000c7a5ca60fdad159f2e44171f39638410020000004825d081f2d987f05c534187738655d7dc958f2046fa0c1619a6554b82d9c162eb61ca74f1ffdaccf0ea5f06e0fca8b27ff3983ab74fd3d560700a1fab44e77e312b3b129e000302d613916c9bcf9f0000fac73a5b6bfb27f88dba816020be760f7b45e001efada8000000000000fdaf4660402f7b3b79a433e08074ea2462974a00040000eb01352638f56dae0249d15ba8767259658878b7492cfbacde9b57cf4de00788adce638190f3570e0b4c80ef682df22201270955afb6008846557ee3bc09fda6dbb6550d597300eb82a184c96ffde5a30e5433e866665b98ca2002c804c22ff2634b7bfbf5c0d586cda5b45fd00dede1e88a4d41dee7cc76d7a23d06acb1d2d4c58faea84158bb440df2a694f4cdcaa4f65c22efffffffffffdd00000000d503d79986958115ae07b70f991430b7fb475d77b869ee02000000000000000000001ffff0ef89b2a68d2b05c995445d8a7700bcdfbec74fb2dd163e863315e84498dfb52bb93f6c9084659ce777ddac563c8596c2b1d8180289a61faa95a82bf1cfb7f2fd7252e9322abe282c33445d443a67467893b9bf0d1c8130ae6b226900000635376413c29f7c6f7b7e29b9a0c64e68328661f0c06e21f7d7dc22174ea4447a6f60edef3a4168d40200fbc71104512efe8e5d7d934aa289b4bd2b870000000000000000000007000000002000000000009b777883a02f0593dfc4cb4114b9f9cf4ad155110cc6ace2b322ac31bfa27847c799c8009a1ea5b98e525e6383ad7fd9795170e7b11e247603c2ff49a11459c7f606d729d3979676bffb3049166bb84a0f061991bd57c2566c10c282352aba05b6164ef876915a3f2491e4793e590dcc71de10da96366c1e992c0068c940dd4422c9882d3aa0f8a797b8fea6efcfb5276b7679f15559edaa977504cc0b2f777acb907ebf5fc14add71d0bca37405ded69b77ab4a3d7487fd04000000de17e1e13b93669b79556abb722d9c085b189b5fd1f30e8dc813f608830b110001732135e8e7262f290000923bfb6b41ff3792cee2fc37eee739c3e36a4bc80112968ec0d8902eced1fe552018014a463abbbf7ccd6a92a5734e3ebfca9b6e88e031f31de2183652e77c164c646a1cfd3710aa4205d8d4d4f974133ccb1e49feb42664eccd809c0ba8917eda87489e8946d5c8156197bcb66fd5606c63e3389ee9e8552381646365066ef9a36a449c96485c22ad1aa423b7b89efbc6cd54000bb0ea5f4f1e8773144fb6ac9a44d43593d77e66aa7ed7f3d4e7b211590c738888d02b2dbb0b2ba73ec72e1d8d7360a128499dd19e1e7b9b0671f4f58515b45ecb9964f3c4ddb8234391d514f8d996d8d6dd7f8fadfee2d7a0035638ce27c2936cb04b30a0eb0cde0000000000000040000000ec3c12ecee8fc3a40000000000000000e215b00ce2570b930723cbadb4033d1b8aaa2cfb3fb89e4a6e89737fd6232218a9e0c099d1eb59d60b3cca089785642f327139bc4394fb6d547a9b3c22599e780c1da7433fb47615d372e3fffe9703e37d5c87d513165278650738efcc04d27b766cf7f60066edd292f6c8a2174f391ed164bb1816819ceb3e378e776d422bc946cd9501accebeac3a5b31d8abc68ae537cd44a04e6bc21c35a7beab2610c51e593676bf635a20f597f4631b91454d182f826071f5210bd6d93173589929b23801e63c2266fde13b5a04b8d48be057c752bc415a756ea9b4d34156c4f73dd5e5924ef101a5fcdaf37c7ba2c4a9de9b000000000000000000000000000000a73b862e4b63c245616b522345587d0ee65a6902bdd0abd941e8aba37510b222ae544f395edd1b92ad53fc68f08ea00edc5e10d768836169dd296d56b306e8b75778c37571792a6c3d8b02ef378ebd59422cdd008bef6f80a80a68641ea5ed4f1126bb676098c10bf663eb3fb8c839364d28fd046dc64b35f9c3397ce6f4ad357b0000000000090000000088c7a8e2638f650a6f04a6f33a090f59414d6ebcbc687e66d600000000bd0a58ea6d36fc2cf9b9a71c137a2a22adb1006f371d4faf47285fd66fe0389afb96854bb360edcdf11b4ff6dd578bba93e949d240cde9b5836cb46032484dc19c93db7b6e5afa10547c78e76a3111557346e52566df196fd630561bb908fff4d2e19562aabd43742a26a43799f8636fa04ceb40c9e4ca1cfbbc7b949cd245a3ee118fd0d4f639444539af8766028d4ac4d4c548e290199e0dacbb4f6796b39bf32934d941ba2f88e3ebd0cf8e24f99eca86e4ca9b2cd2b54044a7fc4631572a6378a32df288785f146275c1f548e2a0c1016744e05f9de5044373d7650125027547eefe7b2d8c8871bb65395fae99d8456883705bfdfb00001854b2e5efa8aaf25827d659f592b1575281ec125de7fb91cd81d91dcb19f5cdf1e1e2b4a8a1389753a09110538689e38e07fb2dc72bd4fd11d7bc16aac5d85c6101bb722895248e463a5fb45ce0e564e90cb19d5993b471687ae4165e29cf2f58082115f5f8569896eedfd798733223e6d6584997510c374912ab798bd4af4654c01bb2c411bc36468ddd62b4eba5cfc8953526e0e5b1359797956152d0098ce47c62c3fe5a23219389622b7f65bf03527d25c3941b9cf1ffeedf6d99082bb57ea871c12213cc40900f83033bc18c529171fae324c315bc6ce358831d0230412212acfd5fc8d5cb0d028cf568e8bb40e27befe2ff01f7c6674a4d86d900633ea36641e0a781ea0ea7f2d928b8b22e2f97dd13348927375baea6863bef4acf4299096ada5cdd2a0eaafaa760a79d102d1e0c0000000000000000007926653b8d79ce16a432f124786a0bc3c5b7d196822492ae1ccf91aeac16406ad6f9cd3d96d57fceba8360ae49f73351814c9c2972f11064aaf3739d9100f9c0e4d0cb17d50c82e305ba7d62cf1cc6da26e34982a8c74dd8122cf5b5e7c34fd2712a0cef05e4d8ec7dd363219676bd9b19943185b132eb35a695e208dfa5cecdb1d6425c8879063c0f11bd64291a4209ee6dc1d9e9010013f6148c603e6a335e298efd6ab5cccc47a2c568c6afec54f8251bd840752addf200371361c9eedf05ed98585cf6d99e9e56055064bda2d373369761238c278147cd0eb7799f6b9c9fcaa3fd282154994f5b25420c86db9b6401e885de1c615a719a1c83e8fbbb181282dbaf3313a4e4a4877e9f37607e2cd6da0cf6371ec06a75f5a4206b2418ad8897ae149085d63f01f22eca44033234b3930b4d5da756669a1d59d69e7de54abf439988ed7ec33c2d0a901bb0985a24878984d8a4340fa9a356d100926fb5f2ef9976366a61b8cc2bcb1c072b0e9c564852388e1edff10d75b3832792e471cc15b40380f94d834243080158603fbc9134d6983c540525447478984611c0d9666941bfc0a30db47a8828b6e5c51aee2094599b4ce52795750e1764f1657ca8c5633c71287239dddf5c651496f7bbd148c937f083d2e4e0197dbc6ff0649c749707b17399b1d7efad23abb8b40b38704737e15662ae4913a4a001cd3b71c7af75b5ffad9780650c800a40ca80ddc41987919142fd28dbf22db5f4c435415a03455e1d55d1783ccef97d7e4655cf839d06f06e137bbe462a03b3100231914b19739dd57b4f12d026ad0c7fd3"], &(0x7f00002bf000)='GPL\x00', 0x4, 0x436, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffc95}, 0x48)
r2 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000180)={r0, r1})
sendmmsg$inet(r2, &(0x7f0000001500)=[{{0x0, 0x100000019, &(0x7f0000000b00)=[{&(0x7f00000002c0)="89", 0x34000}, {0x0}], 0x2, &(0x7f0000000e40)=ANY=[], 0xd0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x40)
recvmmsg(r2, &(0x7f0000000940)=[{{0x0, 0x0, 0x0}, 0x6}], 0x1, 0x40000000, 0x0)

2m31.863774589s ago: executing program 4 (id=2057):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x30000, &(0x7f0000000000)={&(0x7f0000000080)={0x18, 0x26, 0x1, 0x7fffd, 0x1000, {0x4}, [@nested={0x4, 0x1}]}, 0x18}, 0x1, 0x0, 0x0, 0x400c801}, 0x4008090)

2m16.823640422s ago: executing program 33 (id=2057):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x30000, &(0x7f0000000000)={&(0x7f0000000080)={0x18, 0x26, 0x1, 0x7fffd, 0x1000, {0x4}, [@nested={0x4, 0x1}]}, 0x18}, 0x1, 0x0, 0x0, 0x400c801}, 0x4008090)

1m55.343814824s ago: executing program 3 (id=2733):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x48, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x1c, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @dup_ipv4={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0x17}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x70}, 0x1, 0x0, 0x0, 0x4008091}, 0x24000000)

1m55.207914051s ago: executing program 3 (id=2734):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x24000088, &(0x7f00000001c0)={0xa, 0x4e20, 0x8, @loopback, 0xfffffffe}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000200)=0x3fd0, 0x4)

1m55.133426943s ago: executing program 3 (id=2735):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000000)=[@in={0x2, 0x4e22, @empty}], 0x10)
listen(r1, 0x3)
sendmsg$inet6(r0, &(0x7f0000001dc0)={&(0x7f0000000840)={0xa, 0x4e22, 0x7, @loopback, 0x2}, 0x1c, &(0x7f0000001d40)=[{&(0x7f0000000880)="fa", 0x1}], 0x1}, 0x85)
r2 = socket$inet(0xa, 0x801, 0x84)
listen(r2, 0xfffffffd)
r3 = socket$inet(0xa, 0x801, 0x84)
listen(r3, 0xfffffffd)
r4 = socket$inet(0xa, 0x801, 0x84)
listen(r4, 0x8)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
listen(r5, 0xfff)
r6 = socket$netlink(0x10, 0x3, 0x4)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
listen(r7, 0x3)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r6)
writev(r6, &(0x7f0000000000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560a84476080ffe00600000000590000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x40b}], 0x1)

1m54.709138367s ago: executing program 3 (id=2741):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x5, @local, 0x7}, 0x1c)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @empty, 0x4000006}, 0x1c)

1m53.768164549s ago: executing program 3 (id=2761):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0x18, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000100000000000000010000180100002020702500000000002020207b1af8ff00000000bfa10000000000000701000078ffffffb702000088000000b7030000000800008500000010000000b7080000000000007b8af8ff00000000b7080000001000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r1, 0x0, 0x10, 0x70, &(0x7f00000006c0)="0000000005000000", &(0x7f0000000700)=""/8, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

1m53.756961308s ago: executing program 3 (id=2762):
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x70, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x3b, 0xe, {{{}, {}, @broadcast, @broadcast}, 0x0, @default, 0x1, @void, @void, @void, @void, @val={0x6, 0x2, 0x6}, @void, @void, @void, @val={0x3c, 0x4, {0x1, 0xf, 0xa1, 0x4}}, @void, @void, @val={0x71, 0x7, {0x0, 0x4, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xb2, 0x60}}, @void}}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_P2P_OPPPS={0x5, 0xa3, 0x1}]}, 0x70}, 0x1, 0x0, 0x0, 0x84}, 0x0)

2.564420673s ago: executing program 1 (id=4328):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x7c}, 0x1, 0xf5ffffff}, 0x0)

2.476185059s ago: executing program 1 (id=4331):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000280), r0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f00000000c0)='veth0_virt_wifi\x00', 0x10)
sendto$inet(r4, 0x0, 0x0, 0x804, &(0x7f0000000080)={0x2, 0x4e22, @multicast1}, 0x10)
recvmmsg(r4, &(0x7f0000002400)=[{{0x0, 0x0, 0x0}, 0x7}], 0x1, 0x20, 0x0)
r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r3)
sendmsg$IEEE802154_LLSEC_ADD_DEV(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x3c, r5, 0x852dd6c070cd7e4d, 0xfffffffc, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x3c}, 0x4, 0x700000000000000, 0x0, 0x20084090}, 0x4010)
ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000080)={'wpan4\x00', <r6=>0x0})
sendmsg$NL802154_CMD_SET_MAX_FRAME_RETRIES(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000006c0)=ANY=[@ANYBLOB="cfbcb6b2", @ANYRES16=r1, @ANYBLOB="01002ebd7000fddbdf250f00000008000300", @ANYRES32=r6, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x40010}, 0x8000)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r8)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="01000000000000000000037400062c00070073797352656d5f753a6f626a6563745f723a756465765f68656c7065725f657865635f743a7330000800020000000000080007002609090914000600626f6e64300000000000000000000000080003"], 0x78}, 0x1, 0xffffffff00000003}, 0x0)
sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r7, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x38, r9, 0x4, 0x70bd2d, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @empty}]}, 0x38}, 0x1, 0x0, 0x0, 0x200cc054}, 0x20000000)

2.384041866s ago: executing program 2 (id=4332):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r1, @ANYBLOB="01030003000000001c0012000c000100626f6e64000000000c0002000800010002"], 0x3c}}, 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f0000000580)=ANY=[@ANYBLOB="18020000000000020000000000000000850000001700000095"], &(0x7f00000005c0)='GPL\x00', 0xfffffffe}, 0x94)
r3 = socket(0x10, 0x803, 0x8)
sendmsg$IPVS_CMD_SET_INFO(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x2d}, 0x1, 0x0, 0x0, 0x8801}, 0x8000)
getsockname$packet(r3, &(0x7f0000000600)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000900)={r2, r4, 0x25, 0x0, @val=@netkit}, 0x1c)
r5 = socket(0x2a, 0x2, 0x0)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0)
getsockname$packet(r5, &(0x7f0000000200)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000080)=@newtfilter={0x2c, 0x2c, 0xd27, 0x70bd29, 0x0, {0x0, 0x0, 0x0, r6, {0xfffa, 0x2}, {0xd}, {0xe, 0x10}}, [@TCA_RATE={0x6, 0x5, {0x80, 0x1}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4008000}, 0x20004810)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = epoll_create1(0x0)
r9 = socket$phonet_pipe(0x23, 0x5, 0x2)
epoll_pwait(r8, &(0x7f0000000300)=[{}], 0x1, 0x1ff, 0x0, 0x0)
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(r10, 0x6, 0x1f, &(0x7f0000000100)="0817b984558c9db4d1c1e379ce093a756f", 0x11)
epoll_pwait(r8, &(0x7f0000000480)=[{}], 0x1, 0xffffffff, 0x0, 0x0)
r11 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_udp_encap(r11, 0x11, 0x64, &(0x7f0000000100)=0x1, 0x4)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r9, &(0x7f00000011c0)={0x9})
r12 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NFC_CMD_DEP_LINK_UP(r7, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000204}, 0xc, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r12, @ANYBLOB="000425bd7000ffdbdf250401000005000a000000000005000a000000000008000400000000001a596b7e716ec7b58ebb4b24d98e9764ff0be3c9003b1d5ff7eca20db1583f3a7bbd20c9b9ac8db90e8678dc13efc3cc8e550a7dbf9dead22f947a7f578a88e7a75c3561b490d4fe9689e3d666fdbf7208e8e0992898ec985b28598022603e06e5b162d2665f528013e76c1fd07be8a262852c016769adb6effabba64ecc063c3aa80f4a1522a8df0d6059539782af6d769586d01960415f233469ca0cbfd94dd660ec18655ff9531853395038b8d95b0c7924d2026d0280aff872ba6c6c8f3e9c5ace17d7f07a41a52a54cb3897fd5880d9066e450b18cafac46c921f417516b42f5870d22fe957e6808b"], 0x2c}, 0x1, 0x0, 0x0, 0x40800}, 0x0)
r13 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r13, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.964488423s ago: executing program 2 (id=4337):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="4801000042000100fffffffffddbdf250200000004003880100001800c00c8000200000000000000200104801c01"], 0x148}, 0x1, 0x0, 0x0, 0x8800}, 0x4040)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r1, 0x1, 0x4c, &(0x7f0000000000), 0x4)
recvmsg$unix(r1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x2000)
ioctl$sock_inet6_SIOCADDRT(r2, 0x890b, 0x0)
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f0000000240)=0x1)
r3 = socket$kcm(0x2d, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x10, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000580)="d8001c00180081064e81f782db44fd56170d12a0b9b545c7", 0x18}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x89e2, &(0x7f0000000040))
ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x89e3, &(0x7f0000000180)={r3, r4})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r6 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$sock(r6, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x18, 0x1, 0x4f, 0x3}}], 0x18}, 0x0)
r7 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r9 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r10, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd25, 0x6, {0x0, 0x0, 0x0, r10, {0x19, 0x1}, {0xd}, {0x8, 0x4}}, [@filter_kind_options=@f_flow={{0x9}, {0x11, 0x2, [@TCA_FLOW_KEYS={0x3c, 0x1, 0x17996}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000}, 0x8000)
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r7, 0x84, 0x1a, 0x0, 0x0)
ioctl$TUNSETLINK(r5, 0x400454cd, 0x1)

1.524664303s ago: executing program 1 (id=4343):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c0000002c00010122bd7005fcffffff0a"], 0x1c}, 0x1, 0x0, 0x0, 0x4050957}, 0x0)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x1, 0x3}, 0x4)
sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000480)={&(0x7f00000005c0)=ANY=[@ANYBLOB="9cd49d43294b8b4079cc7bf0d99db15e3a06bf339a2c72fde490fedba8992dde11fd6b2542870ef6d8781ea1841bf106cf52cf7be6141d6c8c370588239318d141f0e882543752e3a39fc5bbacc236607dcc6b4ead28", @ANYRES16=0x0, @ANYBLOB="000228bd7000fcdbdf25090000001c00018008000800600a0000080009007e000000080008000800000008000600030000000800040005f1ffff"], 0x40}, 0x1, 0x0, 0x0, 0x880}, 0x8000)
r2 = socket$inet(0x2, 0x4000000805, 0x0)
sendmmsg(r2, &(0x7f0000000e40)=[{{&(0x7f0000000000)=@l2tp={0x2, 0x0, @local}, 0x80, &(0x7f0000000300)=[{&(0x7f00000000c0)="ae", 0x1}], 0x1}}], 0x1, 0x0)
getsockopt$inet_mreqsrc(r2, 0x0, 0xe, 0x0, &(0x7f0000000040))
getsockopt$packet_int(r0, 0x107, 0x15, 0x0, &(0x7f0000001600))
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r6, &(0x7f0000000200), 0x806000)
ioctl$FS_IOC_RESVSP(r6, 0x40305829, &(0x7f0000000740)={0x0, 0x2, 0x0, 0x20b7ee})
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2, 0x13, r5, 0x7ca8e000)
writev(r6, &(0x7f0000000080)=[{0x0}], 0x1)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r7, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f0000000100)='hybla', 0x5)
setsockopt$RDS_CONG_MONITOR(r5, 0x114, 0x6, &(0x7f00000003c0), 0x4)
sendmmsg$inet(r7, &(0x7f0000000bc0)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000002c0)="985e44efeabe001cabcf3d8673c3a254a9a2d3197970cb347b70a243bf77139a94bc3ae91684aaf7b7dff691deb8f8aef2d915fb3a0794a9a9b431a819bca6122c350637808dde804a048fd8696e524b2934126c443ce93d82e931eb9918e6c0827686e59209d2e02c9210fd8048f04ad6c42200fd9232f5aa6a361816bf21afb8473a064f1988536d4b5888807b3aaafaf59f53121782a0a9370dc0feae13c8c2a1dcc8a3122aaa3dcd5b9247a915378e6492e5b94073dcdc87e7c794fb262a7e9ee0b9432f74331c6e9412ac6557c54c6efb56380326f7e23af8b3f0dcd4692e618426371ab8e869190fbdff20aae57a7c55e14ed27c51b72ccda401917097", 0x100}], 0x1}}, {{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000800)="cc5a4dbac0affd0a979c63ea8352d608a51fc8625318716ddf62b7752be4540c4ac7d344c53a3ad28313abc2437b60b03c0e587cafcf9a435bf90c618351f70a828238fdf90bc5d36c7d614b82552649954e0185662defd28f78449f073bad544f586136c5076a6f0f1b6fc9adf80557eb44db1b41824e9ef104c95e999766bbf27d74ad5d8fa63210cde65d384dd3e87c1fedaec3144d1ee66a0eb0750363e346cb930dae6109df6b9955bf8af119b5c9a866", 0xb3}], 0x1}}], 0x2, 0x2090)
sendto$inet(r7, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYRES32=r5, @ANYRES32=0x0, @ANYRESOCT=r0], 0x38}}, 0x4000)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETQUEUE(r4, 0x400454d9, &(0x7f0000000200)={'caif0\x00', 0x400})
ioctl$TUNGETIFF(r5, 0x800454d2, &(0x7f0000000b40)={'hsr0\x00'})
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a3000000000540003"], 0xa8}}, 0x0)

1.187857638s ago: executing program 6 (id=4347):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r1)
sendmsg$NFC_CMD_DEP_LINK_UP(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002abd7000fbdbdf250400000006000a0001000000080001006b9838"], 0x24}, 0x1, 0x0, 0x0, 0x40080c0}, 0x8000) (async, rerun: 32)
r3 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) (rerun: 32)
ioctl$IOCTL_GET_NCIDEV_IDX(r3, 0x0, &(0x7f00000000c0)=<r4=>0x0) (async)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r5)
sendmsg$NFC_CMD_DEV_UP(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001ac0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="010023010000340200000200000008000100", @ANYRES32=r4], 0x1c}}, 0x0)
sendmsg$NFC_CMD_ENABLE_SE(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f00000001c0)={0x3c, r2, 0x100, 0x70bd27, 0x25dfdbfd, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r4}, @NFC_ATTR_SE_INDEX={0x8, 0x15, 0x2}, @NFC_ATTR_SE_INDEX={0x8}, @NFC_ATTR_SE_INDEX={0x8, 0x15, 0xc0}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8054}, 0xc004) (async)
r7 = socket$packet(0x11, 0x3, 0x300)
sendmmsg(r7, &(0x7f0000000440), 0x0, 0x0) (async)
syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff) (async)
sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000440)=ANY=[], 0x18}, 0x1, 0x0, 0x0, 0x20004000}, 0x0)

1.009987941s ago: executing program 2 (id=4350):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000d00)=[{{&(0x7f0000000000)={0x2, 0x4e24, @empty}, 0x10, 0x0}}], 0x1, 0x20000080)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x28, r2, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}}, 0x0) (fail_nth: 6)

1.009111038s ago: executing program 6 (id=4351):
r0 = socket(0x10, 0x80002, 0x0)
r1 = socket(0x2, 0x3, 0xff)
setsockopt$sock_int(r1, 0x1, 0x29, &(0x7f0000000000)=0x97b, 0x4) (async)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000100)=0x6422, 0x4) (async)
socket$inet_icmp_raw(0x2, 0x3, 0x1) (async)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0xfb5, 0xfffffffe}, 0x10) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="180000001600156f"], 0x18}}, 0x8080)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) (async)
close(0x4) (async)
syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/ipc\x00') (async)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r3, &(0x7f00000001c0)='g', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1c9ae7fffe9a6f34}, 0x2}, 0x1c) (async)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$inet6_buf(r4, 0x29, 0x11, 0x0, &(0x7f00000001c0)) (async)
shutdown(r3, 0x1)
r5 = socket$igmp(0x2, 0x3, 0x2)
getsockopt$IPT_SO_GET_INFO(r5, 0x0, 0x40, &(0x7f00000000c0)={'security\x00', 0x0, [0x7fffffff, 0x4, 0x700000, 0x7, 0x7]}, &(0x7f0000000000)=0x54) (async)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) (async)
connect$inet(r1, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10) (async)
sendmsg$key(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001c40)=ANY=[], 0x18}}, 0x4020) (async)
sendmsg$nl_route(r0, &(0x7f0000002180)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000020c0)=ANY=[@ANYBLOB="3c0000001900010000100000000000001d01010015000200000000000000000089543896f10eee1e0200000008000e00", @ANYRES32=0x0, @ANYBLOB="080100000000f800"], 0x3c}}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18, 0x68000000}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000100)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x4e23, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, 0x2000000}}, 0x80, 0x0, 0x0, &(0x7f0000000180)=ANY=[], 0x18, 0x68000000}, 0x815) (async)
r6 = socket$kcm(0x21, 0x2, 0xa)
sendmsg$kcm(r6, &(0x7f0000000080)={&(0x7f0000000100)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x4e22, 0x0, @private2}}, 0x80, 0x0, 0x0, &(0x7f0000000180)=ANY=[], 0x18, 0x68000000}, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84) (async)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000000200)={0x0, @in6={{0xa, 0x4e21, 0x6c, @mcast2, 0x8}}}, &(0x7f0000000140)=0x84)

913.048392ms ago: executing program 5 (id=4352):
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_GET(r1, 0x0, 0x20008000)
sendmsg$nl_route(r0, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc000)
r2 = socket(0x10, 0x3, 0x0)
getsockname$packet(r2, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=@newtaction={0xb4, 0x30, 0xffff, 0x0, 0x0, {}, [{0xa0, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x1, 0x0, 0x0, 0x1000000, 0x0, {}, {}, 0x80003}}]]}, {0x4}, {0xc}, {0xc}}}, @m_gact={0x30, 0x2, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0xb4}, 0x1, 0x0, 0x0, 0x20000004}, 0x800)

876.897878ms ago: executing program 6 (id=4353):
r0 = socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000731139000000000020000000000000009500200000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
getsockopt$inet_int(r1, 0x0, 0x1a, 0x0, &(0x7f0000002540))
recvmsg(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)=[{0x0}], 0x1}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000740)=@getqdisc={0x24, 0x26, 0x10, 0x70bd2a, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x1, 0x5}, {0x10, 0xd}, {0x3, 0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000001}, 0x20044081)
r2 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000ec0)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd29, 0x0, {0x60, 0x0, 0x0, r4, {0x0, 0x8}, {0xffff, 0xffff}}, [@TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xe, 0x4, 0x7, 0x4, 0x2, 0x2cf, 0x8d2, 0x1}}, {0x6, 0x2, [0xffff]}}]}, @qdisc_kind_options=@q_bfifo={{0xa}, {0x8, 0x2, 0x401}}]}, 0x60}, 0x1, 0x0, 0x0, 0x80d1}, 0x34008098)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r5, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000000c0))
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r6, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@newlink={0x60, 0x10, 0xffffff1f, 0x0, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x24008}, [@IFLA_LINKINFO={0x38, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x28, 0x2, 0x0, 0x1, [@IFLA_GENEVE_REMOTE6={0x14, 0x7, @loopback}, @IFLA_GENEVE_TTL={0x5, 0x3, 0x8}, @IFLA_GENEVE_UDP_ZERO_CSUM6_RX={0x5, 0xa, 0x1}]}}}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x60}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

544.133168ms ago: executing program 5 (id=4354):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3800000056000100000000000000000007020000", @ANYRES32, @ANYBLOB="200001"], 0x38}}, 0x0)
setsockopt$MRT6_ADD_MFC_PROXY(r1, 0x29, 0xd2, &(0x7f0000000100)={{0xa, 0x4e22, 0x81, @private0, 0x5}, {0xa, 0x4e21, 0xce3, @mcast1, 0x3}, 0x1, {[0x61, 0x200, 0x5, 0xf09b, 0xd4, 0x2, 0x0, 0xb297]}}, 0x5c)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newlink={0x44, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x4}}}, @IFLA_ADDRESS={0xa}]}, 0x44}}, 0x0)

543.888352ms ago: executing program 2 (id=4355):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x6)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r1)
sendmsg$NLBL_CIPSOV4_C_LIST(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x1c, r2, 0x201, 0x70bd28, 0x25dfdbfb, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}]}, 0x1c}}, 0x4040000)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r3, &(0x7f0000000480)={0x2, 0x4e23, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x4}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x1, 0x4, 0x0, 0xfffffffffffffff8, 0x0, 0x6}, {0x0, 0x0, 0x400000003, 0xfffffffffffffffc}, 0xfffffffc, 0x0, 0x1, 0x0, 0x3}, {{@in6=@loopback, 0x4, 0x32}, 0x0, @in=@multicast1, 0x0, 0x0, 0x0, 0xb7, 0x2, 0xfffffffe}}, 0xe8)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x1c)

539.545373ms ago: executing program 1 (id=4356):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)={0x14, 0x2e, 0x1, 0x0, 0x25dfdbff, "", [@nested={0x4, 0xf2}]}, 0x14}], 0x1, 0x0, 0x0, 0x400c445}, 0xe00)

487.838313ms ago: executing program 2 (id=4357):
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_PKTINFO(r0, 0x10e, 0xc, &(0x7f0000000040)=0x8, 0x4)
sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)=ANY=[@ANYBLOB="2800000012000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00', @ANYRES32=r0], 0x28}}, 0x802)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xa, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0x3ffffffe}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @func={0x85, 0x0, 0x1, 0x0, 0x4}, @generic={0x66, 0x8}, @initr0, @exit, @generic={0x4, 0x9, 0x8, 0x5ef, 0x8}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x8}, 0x94)

482.213736ms ago: executing program 5 (id=4358):
bind$alg(0xffffffffffffffff, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(serpent))\x00'}, 0x58)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000480)="b19ccccf84f531d9ec214627c11430", 0xf)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
sendmmsg$alg(0xffffffffffffffff, &(0x7f00000009c0)=[{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000240)}], 0x1, 0x0, 0x0, 0x20000000}], 0x1, 0x24000040)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000004c80)=[{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000940)="1beb41ea4ea9ca354f167d9eaee7dc35eca218b865688d79fe31cbe00d190c853bfe6a22bd7dec0023aa0e038d07000040e37e00f7dd3afafdbc70e1b5928033df5e82fd76f31e8b29a0f05c2cef56f56cd0330dc984004f220b7dcb23a05d530df65691cf6a3cceb7a97c673856f552ded9530b52fe6d1e662090d2802233ec1adca9eaab9dd6f04b2717ed1552cf46dc28cd3fbf1ec1eaedd80d1da838a00a1e229ce16d2c1a411be06f715e8b6aa7552800d5", 0xb4}, {&(0x7f0000000b00)="2112f3980a4c0902dcb1918da23fb18a9d89c4f0793b7c45b722417a6401d606e033776833d550074c2b667b4e127ea79880d00aeee8d16ca6f011603c22355681cd2e9d0d8a2fea2e9b525389d2e7b95aa129fef95245bffd1ccc58bb9ca56a50cd0b4da05e78cc4aef1e9157a66caefb0ba968710bfbc7baabaa3b06bf6e5fe4fe8ebcbc81a4dbda4b1b65ea2d852cda4881d7ceda7dcbef58471a951ca1851b50dd9276e0ab06fa0e23d023766294c911bff4e6d33acdd316322f4d5a1a4eb5ae51e511f2923f3318d83b9b438b20e0560a4834edb911911c7b557e37e94f6f0a2f1d291ae3049df23212a4b50eeb9c9a0901e8", 0xf5}], 0x2, 0x0, 0x0, 0x4004090}, {0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000540)="d21e61c0af08368aedabcf6e445f1ca30a2f37d1f6d14042afeb21e49b0da7fd9f", 0x21}, {&(0x7f0000000c00)}, {&(0x7f0000000cc0)="a659d6cd13b743c3883fa66b26998868e129449c58fe04d445f9c63392ec1473c4e34a11a18e0fa2c3ff1fefe4200a23a2befe7c334b021bbad3522f8f3f36083d885cb29fa1829ff0caa3eb06fcfa1cc00d19092f9d6d93590fd4671bce11ec7b2f3912c5fe0804a2647a4de1f6d804e2da914136a7a4b169f152ec6af9204c3465d58e410029e4f28574ebfef1ac2fc1d17d5133793c9e9fbe4889c2a1427cb84332f6d4dad0f47d084b27c6c5afe46d605c7c33fa61fee2bdf78c16167904fab9a81bbb8a0ee73a56e9a67549a2701def6cc0224db8d147e08f15ec7d", 0xde}], 0x3, 0x0, 0x0, 0x1}, {0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000e40)="c4ae7c0462b7d5d0f701a4979574ff8a5d74bf45c9e878972a42062f9b70e92f76ed2c49e2e8a043016efca580e1e24cbf53ef2fdb0d3810e8359c20b3938b1cb8574e51adc3cac209dd1c3b0fa44d9ca5ffbccfd9", 0x55}, {&(0x7f0000000fc0)}], 0x2, 0x0, 0x0, 0x84090}], 0x3, 0x4004000)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
bind$alg(0xffffffffffffffff, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-aes-aesni\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

384.144973ms ago: executing program 2 (id=4359):
bpf$MAP_CREATE(0x700000000000000, &(0x7f0000000900)=ANY=[@ANYBLOB="1d000000040000000200000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000920000000000000000987a4292f0c18a9312b0552b303a007698998e70a1711bb63b687d971e8bcd331a45e512a7187503ce19edc7ba2c8d328bee9c94547b38af3c9701fe20a3548b9f85700aa9d8320c8efb0947dc64215e4bcf972904f2293f2e086b35745b665c81143d12adf3855680b6531fe59d72c357023694651d7ea44bd60ad77c97ba05124199ca71177769eaf7", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0100000005"], 0x48)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a64000000030a0fdb00000000000000000a0000050900030073797a30000000000900010073797a310000000014000480080002403cb140bb080001400000000308000540000000001c0008800c00014000000000000001ff0c000240000000000000ae6014000000110001"], 0x8c}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x1, &(0x7f0000000600)=@gcm_256={{0x304}, "ed649d8448419757", "b6350d4c214f323d45da5d661422e41f69fe1ff928fe123f5c26fa5d841b634f", "a2487b83", "15f11f930b93194a"}, 0x38)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000009b00)={0x0}, 0x1, 0x0, 0x0, 0x4000850}, 0x24044010)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002a00)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0xf}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0xf}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFT_MSG_NEWSET={0x14, 0x9, 0xa, 0x3, 0x0, 0x0, {0x3, 0x0, 0x3}}], {0x14}}, 0x8c}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f00000002c0)={0xa002a014})
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r4 = accept4(r3, 0x0, 0x0, 0x800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
write$tun(r0, &(0x7f0000000280)={@val={0x6f01, 0x800}, @val={0x1, 0x0, 0x27, 0x0, 0x27}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0xfd5e, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffff20, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0xb, 0x0, 0x700, 0x0, 0x18, {[@window={0x9, 0xfffffffffffffec4}, @timestamp={0x5, 0x2, 0xffffff07}, @generic={0x0, 0x2, "d588380003c1"}]}}}}}}, 0xfd6c)
r5 = socket$kcm(0x2b, 0x1, 0x0)
sendmsg$inet(r5, &(0x7f00000009c0)={&(0x7f00000000c0)={0x2, 0x4001, @empty}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x20040818)
sendmsg$sock(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000100)}, {&(0x7f0000000140)="ce15fc9dc237ed5b37773a15b2f2615b0230a3a9b6c91152f98c3caf10287eefb05882c5bd51f04ff7e6c1f67c42c528244c3436e3d42cd667901a878ce7a4ebb5c55bd9c6f14079c1afebfbd8107a4a469b59ae1543bdc3085d6a10876755db8093b3648759b3643c1fc36c3f7ad5790a3b13c2b3928b3372f1390443528ce335b7feb42e48c06d5f95be7f5312e2b62dc2b4dc91e85af0b45a4e72b23b6905a982c856", 0xa4}, {&(0x7f0000000240)="fe07e4acc9f13f0502562401c3f04e2513c79749675cd17df8bf02b914", 0x1d}, {&(0x7f00000001c0)}], 0x4, &(0x7f0000000080)=[@timestamping={{0x14, 0x1, 0x25, 0x302}}], 0x18}, 0x4000081)

382.120134ms ago: executing program 6 (id=4360):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000280)={'wlan0\x00', <r2=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x40008000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[], 0xa0}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x2c}}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f0000000000), 0x4000000000001f2, 0x0)
sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x30, r1, 0x1, 0x70bd29, 0x25dfdb7b, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6}]}, 0x30}, 0x1, 0x0, 0x0, 0x24000850}, 0x0)

321.607318ms ago: executing program 1 (id=4361):
unshare(0xa020480)
unshare(0x6020400)
unshare(0x8040080)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x79, 0x10, 0x9f}, [@ldst={0x7}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x22e, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
unshare(0x22020600)
unshare(0x2a020400)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x7, 0x0, 0x0, 0x10}}, &(0x7f0000000040)='GPL\x00', 0x2, 0x92, &(0x7f0000000240)=""/146}, 0x94)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)=ANY=[], 0x10448)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f00006b7000/0x14000)=nil, 0x14000, 0x4, 0x1010, r2, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000680)={0x60, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME={0x44, 0x33, @beacon={{{0x0, 0x0, 0x8, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1}, {0x522}, @broadcast, @device_a, @initial, {0x9, 0x10}}, 0x0, @default, 0x9460, @void, @val, @void, @void, @val={0x6, 0x2, 0x6a8}, @val={0x5, 0x3, {0x95, 0x1a, 0x4}}, @void, @val={0x2a, 0x1, {0x1}}, @val={0x3c, 0x4, {0x0, 0x2b, 0xe87902788b29ffd, 0x1}}, @void, @void, @void, @val={0x76, 0x6, {0x1, 0x5, 0x37, 0x4}}}}]}, 0x60}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

272.589563ms ago: executing program 5 (id=4362):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000003c0)={'ip6gretap0\x00', <r3=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000200)={r1, r3, 0x25, 0x0, @val=@tcx}, 0x1c)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=@delchain={0x34, 0x65, 0x2, 0x70bd25, 0x25dfdbff, {0x0, 0x0, 0x0, r3, {0xfff3, 0xffe0}, {0x1, 0xffe0}, {0xc, 0x4}}, [@TCA_RATE={0x6, 0x5, {0x0, 0x6}}, @TCA_RATE={0x6, 0x5, {0x7, 0x7}}]}, 0x34}, 0x1, 0x0, 0x0, 0x4}, 0x8004)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000002c0)=ANY=[@ANYBLOB="70000000100001002abd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="ad46af2c88c09140686e818e5b64657663696d30002000000000080004000e0472aca8d503b925fadb6bfe8cc80fe1b0a051c2f2e66b2a60641b064e95c9d0f08e405498687cc67d21c64e1ede998e2d96db9bf30dcd3c3d6177e559cb16278c27c2789f7aa6fa46cd2b7cf77d9d52497936419788e885c1dd71da9384dfde480bae07c6fe776891db6dd62c29287194ec32067018794707b109454b739f1b88984c015cc6714e5751d354264a493ae3ef29c525a78ba09b69f1396fee77a600ddc1ad4b37ccf912265643f2419781299d4003"], 0x70}, 0x1, 0x0, 0x0, 0x4048000}, 0x800)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r4, 0x8947, &(0x7f00000000c0)={'bond0\x00', 0x10001})
socket$nl_route(0x10, 0x3, 0x0)

272.1923ms ago: executing program 6 (id=4363):
r0 = socket$kcm(0x2, 0x3, 0x84)
sendmsg$inet(r0, &(0x7f00000000c0)={&(0x7f0000000040)={0x2, 0x0, @dev}, 0x10, &(0x7f0000000240)=[{0x0, 0xb00}], 0x1}, 0x20040000)

92.134203ms ago: executing program 6 (id=4364):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 32)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) (rerun: 32)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) (async)
r2 = socket$nl_route(0x10, 0x3, 0x0) (async)
r3 = socket$nl_route(0x10, 0x3, 0x0) (async)
writev(0xffffffffffffffff, 0x0, 0x0) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
close(0x3)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000004700)={'team0\x00', <r6=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r4, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f00000047c0)={0x60, r5, 0x405, 0x70bd27, 0x25dfdbfe, {}, [{{0x8, 0x1, r6}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000401}, 0x44084)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x12, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18020000000000000000000000000000850000003900000095"], &(0x7f00000003c0)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x4) (async, rerun: 64)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x16, 0xfffffff7, 0x98, 0x6, 0x40204, 0x1, 0x46e, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x5}, 0x50) (async, rerun: 64)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000980)=@bpf_tracing={0x1a, 0x6, &(0x7f0000000780)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x3}, @alu={0x7, 0x1, 0x1, 0x7, 0x5, 0x50, 0xfffffffffffffff0}, @call={0x85, 0x0, 0x0, 0x53}, @map_fd={0x18, 0x2, 0x1, 0x0, r7}, @call={0x85, 0x0, 0x0, 0x40067}], &(0x7f00000002c0)='GPL\x00', 0x7, 0xa2, &(0x7f0000000840)=""/162, 0x40f00, 0x9, '\x00', 0x0, 0x1a, 0xffffffffffffffff, 0x8, &(0x7f0000000340)={0x4, 0x3}, 0x8, 0x10, &(0x7f0000000440)={0x1, 0x4, 0xe4, 0x6}, 0x10, 0x48a5, r0, 0x6, &(0x7f00000005c0), &(0x7f0000000900)=[{0x5, 0x4, 0x9}, {0x3, 0x3, 0x7, 0x9}, {0x5, 0x1, 0x10, 0xb}, {0x0, 0x5, 0x3, 0x5}, {0x3, 0x2, 0x10, 0xb}, {0x1, 0x1, 0x0, 0xc}], 0x10, 0x3}, 0x94) (async)
sendmsg$nl_route(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@bridge_delneigh={0x28, 0x1d, 0x1, 0x70bd2a, 0x25dfdbfb, {0xa, 0x0, 0x0, 0x0, 0x8, 0x8, 0x9}, [@NDA_DST_MAC={0xa, 0x1, @broadcast}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000045}, 0x0) (async)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000006c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r9, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x10}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x8}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084) (async)
socket$unix(0x1, 0x1, 0x0)
socket$kcm(0x11, 0x3, 0x0)
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r10)
socket$inet_tcp(0x2, 0x1, 0x0) (async, rerun: 32)
ioctl$SIOCSIFHWADDR(r10, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) (rerun: 32)

91.408192ms ago: executing program 5 (id=4365):
sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)=@in={0x2, 0x4e24, @broadcast}, 0x10, &(0x7f0000000100)=[{&(0x7f0000000200)="14ebad0823be3aef3d754e6fd0d716d2cd4600e265f12f138104e140cf095fe84dd0baafb94de001c61f256bee4c9b0612ed59f5aae133aa608ac67a8ad2678b1a8407035f4bec93720d8295ceb241f6b40975f1eebedbb1b5795c0906cc6d25312fed47", 0x64}, {&(0x7f0000000380)="1168dc8f9499f74116d7b5074670d306d50760fd47b07c662ea18019c36de75dd2f8a3c0c7f789b2ac0f3c1af3218498efc2ee83851050471b319c5798dc897de985a325426a4f17073e431bb0e96caf864d453d2516b23f0f9d2e2c736af07b4a47e74d35e24be2d3baeecb6d8487c3e9831a70a825e8571e5171f62b1b803f317c4da934029278da20f08e9bcff60b94feb4c5d27c23b4d1cdffbb84e3ee74730b599e", 0xa4}, {&(0x7f0000000500)="da32e2e37c01e730d3462fd3700c079498e826a7849f671d857cc74f339173dae4319dd847229057305542d55bf92f450a5f74f2815bf802a50454e1da8e1181fa50deffdb6fb69afd93b2d7354c0cd9d9ae0f2c4b2518aa096f204badf0b0236626e9809a4c9ed3e663924ececca89684622245947dbb4976827f3258764f35be5a82daa79b14356b49fe254ca82d2fdb4fa5be02c309c5d6bca98388fd85e9", 0xa0}, {&(0x7f0000000080)="c29418390afeaf20740dc9903b6a985111beca0820f7f4383e1677", 0x1b}], 0x4, &(0x7f00000005c0)=[@sndrcv={0x30, 0x84, 0x1, {0x5, 0x3, 0x1, 0x8, 0x939c, 0x5, 0x6, 0x8000}}, @dstaddrv6={0x20, 0x84, 0x8, @mcast2}, @dstaddrv6={0x20, 0x84, 0x8, @mcast2}, @authinfo={0x18, 0x84, 0x6, {0xabe}}, @dstaddrv4={0x18, 0x84, 0x7, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0xa0, 0x20000000}, 0x80)
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000680)={<r1=>0x0, @in6={{0xa, 0x4e24, 0x7, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x6}}, 0x0, 0x2, 0x2, 0x3, 0x1}, &(0x7f0000000280)=0x98)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f00000002c0)={0xe, 0xd, 0x8004, 0x5, 0x5, 0x2, 0x6, 0x4, r1}, &(0x7f0000000440)=0x20)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x47)
setsockopt$inet_tcp_int(r2, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r2, &(0x7f0000000300)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r2, &(0x7f0000000740)="5e000d001b71ecab36c7f263c06bddc65b99fb63499dd5c8ef68ff53e24127f1a538594685e48943f26ed6e8d84b02464cc13dd7cc64d3a5a334a763cad337436ce16682040000000000000041579f9e3959de3e9f8005da735613f1fc390f61811b62d69ee340f9f79e873b463b442399d8f632fd469049daa8994b59ebbeefa4859b11599cc05188d9a9f46af90a8264052857cffe0fb0e528cc079e26ab9a2f2094fafe18763cbc7ae174a9bf4b0bebf592861d", 0xb5, 0x40000, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000340)=[@timestamp, @window={0x3, 0x6, 0x7}, @mss={0x2, 0x7}, @window={0x3, 0x0, 0x4}, @timestamp, @timestamp, @window={0x3, 0x1000}, @mss={0x2, 0x738}], 0x8)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r2, &(0x7f00000004c0)='<', 0x381, 0x805, 0x0, 0x0)

56.102437ms ago: executing program 1 (id=4366):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2400}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gtp={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GTP_CREATE_SOCKETS={0x5}]}}}, @IFLA_MASTER={0x8, 0x3}]}, 0x40}}, 0x4000000)

0s ago: executing program 5 (id=4367):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x16}, 0x90)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_udp(0x2, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
socket$rds(0x15, 0x5, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_netprio_ifpriomap(r0, &(0x7f0000000040), 0x2, 0x0)
write$cgroup_netprio_ifpriomap(r1, &(0x7f0000000080)=ANY=[@ANYRES16=r1], 0xa)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r4=>0x0]}, &(0x7f0000000240)=0x8)
setsockopt$inet_sctp6_SCTP_CONTEXT(r3, 0x84, 0x83, &(0x7f0000000000)={r4, 0x2}, 0x8)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r5=>0x0})
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1000000004000000080000000500000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="001a670000000000200008000000040000000000000000000000000036779f"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008900000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r7, r5}, 0x14)
syz_emit_ethernet(0xa2, &(0x7f0000000000)={@local, @local, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, '\x00', 0x6c, 0x11, 0x0, @remote, @local, {[@fragment={0x0, 0x0, 0xf1, 0x1, 0x0, 0x5, 0x67}], {0x4e20, 0xe22, 0x64, 0x0, @wg=@response={0x2, 0x1, 0x100004, "628e0960f6d6d3f6ee6d6b84b345dccac643e7df3e526ff07833b291322d4a74", "882ed6741e7632daeaec0c95f2ad1cd6", {"8fb3d9fd3efe8e4ea8b5ec7448ddd6a3", "215990e1b896120966af96b22cf049f0"}}}}}}}}, 0x0)

kernel console output (not intermixed with test programs):

 00007f593659aeb9
[  304.430942][T15814] RDX: 0000000020048054 RSI: 0000200000000200 RDI: 0000000000000006
[  304.430953][T15814] RBP: 00007f5937518090 R08: 0000000000000000 R09: 0000000000000000
[  304.430963][T15814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  304.430973][T15814] R13: 00007f5936816038 R14: 00007f5936815fa0 R15: 00007fff2ead2a18
[  304.430997][T15814]  </TASK>
[  304.741078][T15820] FAULT_INJECTION: forcing a failure.
[  304.741078][T15820] name failslab, interval 1, probability 0, space 0, times 0
[  304.773885][T15820] CPU: 0 UID: 0 PID: 15820 Comm: syz.6.3492 Not tainted syzkaller #0 PREEMPT(full) 
[  304.773912][T15820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  304.773923][T15820] Call Trace:
[  304.773930][T15820]  <TASK>
[  304.773937][T15820]  dump_stack_lvl+0xe8/0x150
[  304.773965][T15820]  should_fail_ex+0x412/0x560
[  304.773990][T15820]  should_failslab+0xa8/0x100
[  304.774011][T15820]  kmem_cache_alloc_node_noprof+0x8b/0x6f0
[  304.774038][T15820]  ? __alloc_skb+0x1d7/0x390
[  304.774056][T15820]  ? __local_bh_enable_ip+0xd0/0x130
[  304.774073][T15820]  ? __alloc_skb+0x193/0x390
[  304.774093][T15820]  __alloc_skb+0x1d7/0x390
[  304.774116][T15820]  netlink_ack+0x146/0xa50
[  304.774133][T15820]  ? __pfx_genl_rcv_msg+0x10/0x10
[  304.774171][T15820]  netlink_rcv_skb+0x2b6/0x4b0
[  304.774190][T15820]  ? __pfx_genl_rcv_msg+0x10/0x10
[  304.774212][T15820]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  304.774226][T15820]  ? genl_rcv+0x19/0x40
[  304.774263][T15820]  ? down_read+0x272/0x2e0
[  304.774280][T15820]  ? genl_rcv+0xd/0x40
[  304.774302][T15820]  genl_rcv+0x28/0x40
[  304.774320][T15820]  netlink_unicast+0x80f/0x9b0
[  304.774352][T15820]  ? __pfx_netlink_unicast+0x10/0x10
[  304.774374][T15820]  ? __alloc_skb+0x193/0x390
[  304.774393][T15820]  ? netlink_sendmsg+0x650/0xb40
[  304.774409][T15820]  ? skb_put+0x11b/0x210
[  304.774433][T15820]  netlink_sendmsg+0x813/0xb40
[  304.774460][T15820]  ? __pfx_netlink_sendmsg+0x10/0x10
[  304.774489][T15820]  ? aa_sock_msg_perm+0xf1/0x1b0
[  304.774511][T15820]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  304.774531][T15820]  ? __pfx_netlink_sendmsg+0x10/0x10
[  304.774548][T15820]  ____sys_sendmsg+0xa68/0xad0
[  304.774568][T15820]  ? __might_fault+0xaf/0x130
[  304.774598][T15820]  ? __pfx_____sys_sendmsg+0x10/0x10
[  304.774628][T15820]  ? import_iovec+0x73/0xa0
[  304.774655][T15820]  ___sys_sendmsg+0x2a5/0x360
[  304.774675][T15820]  ? __lock_acquire+0x6b5/0x2cf0
[  304.774702][T15820]  ? __pfx____sys_sendmsg+0x10/0x10
[  304.774759][T15820]  ? __fget_files+0x2a/0x420
[  304.774777][T15820]  ? __fget_files+0x3a0/0x420
[  304.774806][T15820]  __x64_sys_sendmsg+0x1bd/0x2a0
[  304.774830][T15820]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  304.774862][T15820]  ? __pfx_ksys_write+0x10/0x10
[  304.774897][T15820]  do_syscall_64+0xe2/0xf80
[  304.774915][T15820]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  304.774931][T15820]  ? trace_irq_disable+0x37/0x100
[  304.774948][T15820]  ? clear_bhb_loop+0x60/0xb0
[  304.774968][T15820]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  304.774985][T15820] RIP: 0033:0x7f593659aeb9
[  304.775001][T15820] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  304.775016][T15820] RSP: 002b:00007f5937518028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  304.775034][T15820] RAX: ffffffffffffffda RBX: 00007f5936815fa0 RCX: 00007f593659aeb9
[  304.775048][T15820] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000005
[  304.775059][T15820] RBP: 00007f5937518090 R08: 0000000000000000 R09: 0000000000000000
[  304.775070][T15820] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  304.775079][T15820] R13: 00007f5936816038 R14: 00007f5936815fa0 R15: 00007fff2ead2a18
[  304.775110][T15820]  </TASK>
[  305.240771][T15833] team0: No ports can be present during mode change
[  305.256808][T15833] netlink: 'syz.1.3497': attribute type 10 has an invalid length.
[  305.801361][T15862] __nla_validate_parse: 15 callbacks suppressed
[  305.801380][T15862] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3505'.
[  305.945597][T15864] netlink: 7 bytes leftover after parsing attributes in process `syz.5.3506'.
[  306.025418][T15870] team0: No ports can be present during mode change
[  306.032829][T15870] netlink: 'syz.5.3508': attribute type 10 has an invalid length.
[  306.152187][T15876] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3511'.
[  306.417821][T15893] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3519'.
[  306.772777][T15916] FAULT_INJECTION: forcing a failure.
[  306.772777][T15916] name failslab, interval 1, probability 0, space 0, times 0
[  306.785785][T15916] CPU: 0 UID: 0 PID: 15916 Comm: syz.1.3527 Not tainted syzkaller #0 PREEMPT(full) 
[  306.785800][T15916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  306.785807][T15916] Call Trace:
[  306.785813][T15916]  <TASK>
[  306.785820][T15916]  dump_stack_lvl+0xe8/0x150
[  306.785847][T15916]  should_fail_ex+0x412/0x560
[  306.785871][T15916]  should_failslab+0xa8/0x100
[  306.785891][T15916]  kmem_cache_alloc_node_noprof+0x8b/0x6f0
[  306.785915][T15916]  ? __alloc_skb+0x1d7/0x390
[  306.785935][T15916]  ? __local_bh_enable_ip+0xd0/0x130
[  306.785945][T15916]  ? __alloc_skb+0x193/0x390
[  306.785956][T15916]  __alloc_skb+0x1d7/0x390
[  306.785969][T15916]  netlink_ack+0x146/0xa50
[  306.785978][T15916]  ? __pfx_genl_rcv_msg+0x10/0x10
[  306.785991][T15916]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  306.786005][T15916]  ? __pfx_nl80211_post_doit+0x10/0x10
[  306.786025][T15916]  netlink_rcv_skb+0x2b6/0x4b0
[  306.786035][T15916]  ? __pfx_genl_rcv_msg+0x10/0x10
[  306.786048][T15916]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  306.786057][T15916]  ? genl_rcv+0x19/0x40
[  306.786077][T15916]  ? down_read+0x272/0x2e0
[  306.786087][T15916]  ? genl_rcv+0xd/0x40
[  306.786100][T15916]  genl_rcv+0x28/0x40
[  306.786111][T15916]  netlink_unicast+0x80f/0x9b0
[  306.786131][T15916]  ? __pfx_netlink_unicast+0x10/0x10
[  306.786144][T15916]  ? __alloc_skb+0x193/0x390
[  306.786156][T15916]  ? netlink_sendmsg+0x650/0xb40
[  306.786165][T15916]  ? skb_put+0x11b/0x210
[  306.786180][T15916]  netlink_sendmsg+0x813/0xb40
[  306.786195][T15916]  ? __pfx_netlink_sendmsg+0x10/0x10
[  306.786207][T15916]  ? aa_sock_msg_perm+0xf1/0x1b0
[  306.786220][T15916]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  306.786232][T15916]  ? __pfx_netlink_sendmsg+0x10/0x10
[  306.786242][T15916]  ____sys_sendmsg+0xa68/0xad0
[  306.786254][T15916]  ? __might_fault+0xaf/0x130
[  306.786272][T15916]  ? __pfx_____sys_sendmsg+0x10/0x10
[  306.786289][T15916]  ? import_iovec+0x73/0xa0
[  306.786306][T15916]  ___sys_sendmsg+0x2a5/0x360
[  306.786318][T15916]  ? __lock_acquire+0x6b5/0x2cf0
[  306.786334][T15916]  ? __pfx____sys_sendmsg+0x10/0x10
[  306.786364][T15916]  ? __fget_files+0x2a/0x420
[  306.786375][T15916]  ? __fget_files+0x3a0/0x420
[  306.786390][T15916]  __x64_sys_sendmsg+0x1bd/0x2a0
[  306.786405][T15916]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  306.786422][T15916]  ? __pfx_ksys_write+0x10/0x10
[  306.786444][T15916]  do_syscall_64+0xe2/0xf80
[  306.786454][T15916]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  306.786463][T15916]  ? trace_irq_disable+0x37/0x100
[  306.786472][T15916]  ? clear_bhb_loop+0x60/0xb0
[  306.786484][T15916]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  306.786493][T15916] RIP: 0033:0x7f439c19aeb9
[  306.786503][T15916] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  306.786516][T15916] RSP: 002b:00007f439cf93028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  306.786534][T15916] RAX: ffffffffffffffda RBX: 00007f439c415fa0 RCX: 00007f439c19aeb9
[  306.786545][T15916] RDX: 00000000000448d0 RSI: 0000200000000240 RDI: 0000000000000003
[  306.786554][T15916] RBP: 00007f439cf93090 R08: 0000000000000000 R09: 0000000000000000
[  306.786565][T15916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  306.786573][T15916] R13: 00007f439c416038 R14: 00007f439c415fa0 R15: 00007ffc8c0b4f68
[  306.786591][T15916]  </TASK>
[  307.157857][T15918] FAULT_INJECTION: forcing a failure.
[  307.157857][T15918] name failslab, interval 1, probability 0, space 0, times 0
[  307.171735][T15918] CPU: 0 UID: 0 PID: 15918 Comm: syz.1.3528 Not tainted syzkaller #0 PREEMPT(full) 
[  307.171757][T15918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  307.171767][T15918] Call Trace:
[  307.171774][T15918]  <TASK>
[  307.171781][T15918]  dump_stack_lvl+0xe8/0x150
[  307.171805][T15918]  should_fail_ex+0x412/0x560
[  307.171830][T15918]  should_failslab+0xa8/0x100
[  307.171851][T15918]  __kmalloc_cache_noprof+0x83/0x6e0
[  307.171869][T15918]  ? __lock_acquire+0x6b5/0x2cf0
[  307.171888][T15918]  ? rtnl_newlink+0x136/0x1be0
[  307.171909][T15918]  rtnl_newlink+0x136/0x1be0
[  307.171928][T15918]  ? unwind_next_frame+0xa5/0x23c0
[  307.171953][T15918]  ? __pfx_rtnl_newlink+0x10/0x10
[  307.171973][T15918]  ? __lock_acquire+0x6b5/0x2cf0
[  307.171999][T15918]  ? __lock_acquire+0x6b5/0x2cf0
[  307.172023][T15918]  ? __lock_acquire+0x6b5/0x2cf0
[  307.172052][T15918]  ? unwind_next_frame+0xa5/0x23c0
[  307.172077][T15918]  ? unwind_next_frame+0xa5/0x23c0
[  307.172096][T15918]  ? is_bpf_text_address+0x26/0x2b0
[  307.172125][T15918]  ? __lock_acquire+0x6b5/0x2cf0
[  307.172157][T15918]  ? is_bpf_text_address+0x292/0x2b0
[  307.172173][T15918]  ? is_bpf_text_address+0x26/0x2b0
[  307.172194][T15918]  ? kernel_text_address+0xa5/0xe0
[  307.172214][T15918]  ? __kernel_text_address+0xd/0x30
[  307.172232][T15918]  ? unwind_get_return_address+0x4d/0x90
[  307.172256][T15918]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[  307.172287][T15918]  ? __pfx_rtnl_newlink+0x10/0x10
[  307.172304][T15918]  rtnetlink_rcv_msg+0x7d5/0xbe0
[  307.172326][T15918]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[  307.172343][T15918]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  307.172362][T15918]  ? __lock_acquire+0x6b5/0x2cf0
[  307.172397][T15918]  netlink_rcv_skb+0x232/0x4b0
[  307.172416][T15918]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  307.172436][T15918]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  307.172463][T15918]  ? netlink_deliver_tap+0x2e/0x1b0
[  307.172488][T15918]  netlink_unicast+0x80f/0x9b0
[  307.172519][T15918]  ? __pfx_netlink_unicast+0x10/0x10
[  307.172540][T15918]  ? __alloc_skb+0x193/0x390
[  307.172559][T15918]  ? netlink_sendmsg+0x650/0xb40
[  307.172575][T15918]  ? skb_put+0x11b/0x210
[  307.172596][T15918]  netlink_sendmsg+0x813/0xb40
[  307.172623][T15918]  ? __pfx_netlink_sendmsg+0x10/0x10
[  307.172645][T15918]  ? aa_sock_msg_perm+0xf1/0x1b0
[  307.172667][T15918]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  307.172687][T15918]  ? __pfx_netlink_sendmsg+0x10/0x10
[  307.172703][T15918]  ____sys_sendmsg+0xa68/0xad0
[  307.172724][T15918]  ? __might_fault+0xaf/0x130
[  307.172752][T15918]  ? __pfx_____sys_sendmsg+0x10/0x10
[  307.172782][T15918]  ? import_iovec+0x73/0xa0
[  307.172808][T15918]  ___sys_sendmsg+0x2a5/0x360
[  307.172827][T15918]  ? __lock_acquire+0x6b5/0x2cf0
[  307.172851][T15918]  ? __pfx____sys_sendmsg+0x10/0x10
[  307.172904][T15918]  ? __fget_files+0x2a/0x420
[  307.172920][T15918]  ? __fget_files+0x3a0/0x420
[  307.172945][T15918]  __x64_sys_sendmsg+0x1bd/0x2a0
[  307.172971][T15918]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  307.173003][T15918]  ? __pfx_ksys_write+0x10/0x10
[  307.173036][T15918]  do_syscall_64+0xe2/0xf80
[  307.173054][T15918]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.173070][T15918]  ? trace_irq_disable+0x37/0x100
[  307.173086][T15918]  ? clear_bhb_loop+0x60/0xb0
[  307.173106][T15918]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.173123][T15918] RIP: 0033:0x7f439c19aeb9
[  307.173140][T15918] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  307.173161][T15918] RSP: 002b:00007f439cf93028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  307.173181][T15918] RAX: ffffffffffffffda RBX: 00007f439c415fa0 RCX: 00007f439c19aeb9
[  307.173194][T15918] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000006
[  307.173204][T15918] RBP: 00007f439cf93090 R08: 0000000000000000 R09: 0000000000000000
[  307.173214][T15918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  307.173224][T15918] R13: 00007f439c416038 R14: 00007f439c415fa0 R15: 00007ffc8c0b4f68
[  307.173254][T15918]  </TASK>
[  307.656578][T15920] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3529'.
[  307.681217][T15927] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3532'.
[  307.798184][T15932] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  307.815219][T15932] syzkaller0: entered promiscuous mode
[  307.820718][T15932] syzkaller0: entered allmulticast mode
[  307.841178][T15932] tipc: Resetting bearer <eth:syzkaller0>
[  307.885866][T15930] tipc: Resetting bearer <eth:syzkaller0>
[  307.910994][T15930] tipc: Disabling bearer <eth:syzkaller0>
[  308.004008][T15947] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3540'.
[  308.006688][T15948] netlink: 'syz.5.3539': attribute type 1 has an invalid length.
[  308.013768][T15949] FAULT_INJECTION: forcing a failure.
[  308.013768][T15949] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  308.026594][T15948] netlink: 32 bytes leftover after parsing attributes in process `syz.5.3539'.
[  308.073441][T15949] CPU: 1 UID: 0 PID: 15949 Comm: syz.2.3537 Not tainted syzkaller #0 PREEMPT(full) 
[  308.073466][T15949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  308.073476][T15949] Call Trace:
[  308.073483][T15949]  <TASK>
[  308.073490][T15949]  dump_stack_lvl+0xe8/0x150
[  308.073515][T15949]  should_fail_ex+0x412/0x560
[  308.073538][T15949]  _copy_from_user+0x2d/0xb0
[  308.073561][T15949]  kstrtouint_from_user+0xd6/0x180
[  308.073584][T15949]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  308.073618][T15949]  proc_fail_nth_write+0x8e/0x210
[  308.073639][T15949]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  308.073666][T15949]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  308.073690][T15949]  vfs_write+0x29a/0xb90
[  308.073721][T15949]  ? __pfx_vfs_write+0x10/0x10
[  308.073743][T15949]  ? __fget_files+0x2a/0x420
[  308.073765][T15949]  ? __fget_files+0x3a0/0x420
[  308.073780][T15949]  ? __fget_files+0x2a/0x420
[  308.073804][T15949]  ksys_write+0x150/0x270
[  308.073825][T15949]  ? __pfx_ksys_write+0x10/0x10
[  308.073855][T15949]  do_syscall_64+0xe2/0xf80
[  308.073872][T15949]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  308.073888][T15949]  ? trace_irq_disable+0x37/0x100
[  308.073905][T15949]  ? clear_bhb_loop+0x60/0xb0
[  308.073924][T15949]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  308.073937][T15949] RIP: 0033:0x7f877975b78e
[  308.073953][T15949] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  308.073968][T15949] RSP: 002b:00007f87779abfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  308.073986][T15949] RAX: ffffffffffffffda RBX: 00007f87779ac6c0 RCX: 00007f877975b78e
[  308.073998][T15949] RDX: 0000000000000001 RSI: 00007f87779ac0a0 RDI: 0000000000000006
[  308.074009][T15949] RBP: 00007f87779ac090 R08: 0000000000000000 R09: 0000000000000000
[  308.074019][T15949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  308.074029][T15949] R13: 00007f8779a16218 R14: 00007f8779a16180 R15: 00007ffca6f8e5a8
[  308.074067][T15949]  </TASK>
[  308.318676][T15955] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  308.381136][T15959] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3540'.
[  308.750314][T15976] netlink: 'syz.1.3550': attribute type 1 has an invalid length.
[  308.774225][T15976] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3550'.
[  308.809716][T15981] FAULT_INJECTION: forcing a failure.
[  308.809716][T15981] name failslab, interval 1, probability 0, space 0, times 0
[  308.823937][T15981] CPU: 1 UID: 0 PID: 15981 Comm: syz.1.3552 Not tainted syzkaller #0 PREEMPT(full) 
[  308.823954][T15981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  308.823960][T15981] Call Trace:
[  308.823965][T15981]  <TASK>
[  308.823970][T15981]  dump_stack_lvl+0xe8/0x150
[  308.823988][T15981]  should_fail_ex+0x412/0x560
[  308.824003][T15981]  should_failslab+0xa8/0x100
[  308.824023][T15981]  kmem_cache_alloc_node_noprof+0x8b/0x6f0
[  308.824046][T15981]  ? __alloc_skb+0x1d7/0x390
[  308.824063][T15981]  ? __local_bh_enable_ip+0xd0/0x130
[  308.824079][T15981]  ? __alloc_skb+0x193/0x390
[  308.824097][T15981]  __alloc_skb+0x1d7/0x390
[  308.824120][T15981]  wireless_send_event+0x513/0xbd0
[  308.824139][T15981]  ? __pfx_wireless_send_event+0x10/0x10
[  308.824155][T15981]  ioctl_standard_iw_point+0x9ce/0xd90
[  308.824175][T15981]  ? __pfx_cfg80211_wext_siwencode+0x10/0x10
[  308.824186][T15981]  ? __pfx_ioctl_standard_iw_point+0x10/0x10
[  308.824198][T15981]  ? __pfx___mutex_lock+0x10/0x10
[  308.824214][T15981]  ? __pfx_cfg80211_wext_siwencode+0x10/0x10
[  308.824224][T15981]  ioctl_standard_call+0xaf/0x1b0
[  308.824237][T15981]  ? __pfx_cfg80211_wext_siwencode+0x10/0x10
[  308.824247][T15981]  wext_ioctl_dispatch+0xee/0x410
[  308.824257][T15981]  ? __pfx_ioctl_standard_call+0x10/0x10
[  308.824270][T15981]  wext_handle_ioctl+0x10f/0x1d0
[  308.824283][T15981]  ? __pfx_wext_handle_ioctl+0x10/0x10
[  308.824293][T15981]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  308.824312][T15981]  sock_ioctl+0x159/0x7f0
[  308.824328][T15981]  ? __pfx_sock_ioctl+0x10/0x10
[  308.824343][T15981]  ? __fget_files+0x2a/0x420
[  308.824354][T15981]  ? __fget_files+0x3a0/0x420
[  308.824364][T15981]  ? __fget_files+0x2a/0x420
[  308.824376][T15981]  ? bpf_lsm_file_ioctl+0x9/0x20
[  308.824388][T15981]  ? __pfx_sock_ioctl+0x10/0x10
[  308.824403][T15981]  __se_sys_ioctl+0xfc/0x170
[  308.824418][T15981]  do_syscall_64+0xe2/0xf80
[  308.824429][T15981]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  308.824437][T15981]  ? trace_irq_disable+0x37/0x100
[  308.824447][T15981]  ? clear_bhb_loop+0x60/0xb0
[  308.824458][T15981]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  308.824468][T15981] RIP: 0033:0x7f439c19aeb9
[  308.824478][T15981] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  308.824486][T15981] RSP: 002b:00007f439cf93028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  308.824498][T15981] RAX: ffffffffffffffda RBX: 00007f439c415fa0 RCX: 00007f439c19aeb9
[  308.824505][T15981] RDX: 0000200000000040 RSI: 0000000000008b2a RDI: 0000000000000003
[  308.824511][T15981] RBP: 00007f439cf93090 R08: 0000000000000000 R09: 0000000000000000
[  308.824517][T15981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  308.824523][T15981] R13: 00007f439c416038 R14: 00007f439c415fa0 R15: 00007ffc8c0b4f68
[  308.824538][T15981]  </TASK>
[  309.314329][T15999] FAULT_INJECTION: forcing a failure.
[  309.314329][T15999] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  309.327776][T15999] CPU: 0 UID: 0 PID: 15999 Comm: syz.5.3559 Not tainted syzkaller #0 PREEMPT(full) 
[  309.327801][T15999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  309.327812][T15999] Call Trace:
[  309.327818][T15999]  <TASK>
[  309.327826][T15999]  dump_stack_lvl+0xe8/0x150
[  309.327852][T15999]  should_fail_ex+0x412/0x560
[  309.327878][T15999]  _copy_from_iter+0x1d3/0x1670
[  309.327903][T15999]  ? trace_kmem_cache_alloc+0x1f/0xb0
[  309.327930][T15999]  ? __pfx__copy_from_iter+0x10/0x10
[  309.327962][T15999]  ? __build_skb_around+0x22d/0x3c0
[  309.327985][T15999]  ? __alloc_skb+0x193/0x390
[  309.328003][T15999]  ? netlink_sendmsg+0x650/0xb40
[  309.328020][T15999]  ? skb_put+0x11b/0x210
[  309.328042][T15999]  netlink_sendmsg+0x6c0/0xb40
[  309.328068][T15999]  ? __pfx_netlink_sendmsg+0x10/0x10
[  309.328089][T15999]  ? aa_sock_msg_perm+0xf1/0x1b0
[  309.328110][T15999]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  309.328130][T15999]  ? __pfx_netlink_sendmsg+0x10/0x10
[  309.328146][T15999]  ____sys_sendmsg+0xa68/0xad0
[  309.328166][T15999]  ? __might_fault+0xaf/0x130
[  309.328194][T15999]  ? __pfx_____sys_sendmsg+0x10/0x10
[  309.328223][T15999]  ? import_iovec+0x73/0xa0
[  309.328249][T15999]  ___sys_sendmsg+0x2a5/0x360
[  309.328268][T15999]  ? __lock_acquire+0x6b5/0x2cf0
[  309.328293][T15999]  ? __pfx____sys_sendmsg+0x10/0x10
[  309.328338][T15999]  ? __fget_files+0x2a/0x420
[  309.328356][T15999]  ? __fget_files+0x3a0/0x420
[  309.328379][T15999]  __x64_sys_sendmsg+0x1bd/0x2a0
[  309.328401][T15999]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  309.328428][T15999]  ? __pfx_ksys_write+0x10/0x10
[  309.328459][T15999]  do_syscall_64+0xe2/0xf80
[  309.328480][T15999]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  309.328495][T15999]  ? trace_irq_disable+0x37/0x100
[  309.328507][T15999]  ? clear_bhb_loop+0x60/0xb0
[  309.328519][T15999]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  309.328528][T15999] RIP: 0033:0x7f68c1d9aeb9
[  309.328539][T15999] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  309.328547][T15999] RSP: 002b:00007f68c2c5f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  309.328558][T15999] RAX: ffffffffffffffda RBX: 00007f68c2015fa0 RCX: 00007f68c1d9aeb9
[  309.328565][T15999] RDX: 0000000020048054 RSI: 0000200000000200 RDI: 0000000000000006
[  309.328571][T15999] RBP: 00007f68c2c5f090 R08: 0000000000000000 R09: 0000000000000000
[  309.328577][T15999] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  309.328583][T15999] R13: 00007f68c2016038 R14: 00007f68c2015fa0 R15: 00007ffc03c77968
[  309.328598][T15999]  </TASK>
[  310.825086][T16058] __nla_validate_parse: 9 callbacks suppressed
[  310.825106][T16058] netlink: 248 bytes leftover after parsing attributes in process `syz.2.3582'.
[  310.841239][T16058] netlink: 52 bytes leftover after parsing attributes in process `syz.2.3582'.
[  310.854437][T16058] netlink: 'syz.2.3582': attribute type 1 has an invalid length.
[  310.862306][T16058] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  311.009391][T16069] netlink: 80 bytes leftover after parsing attributes in process `syz.2.3587'.
[  311.232156][T16083] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3592'.
[  311.249983][T16083] tipc: Failed to remove unknown binding: 66,0,0/870507879:3638996132/3638996133
[  311.260686][T16083] tipc: Failed to remove unknown binding: 66,0,0/870507879:3638996132/3638996133
[  311.343999][T16087] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  311.399263][T16091] FAULT_INJECTION: forcing a failure.
[  311.399263][T16091] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  311.413931][T16091] CPU: 0 UID: 0 PID: 16091 Comm: syz.1.3596 Not tainted syzkaller #0 PREEMPT(full) 
[  311.413954][T16091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  311.413964][T16091] Call Trace:
[  311.413970][T16091]  <TASK>
[  311.413977][T16091]  dump_stack_lvl+0xe8/0x150
[  311.414001][T16091]  should_fail_ex+0x412/0x560
[  311.414022][T16091]  _copy_from_iter+0x1d3/0x1670
[  311.414045][T16091]  ? trace_kmem_cache_alloc+0x1f/0xb0
[  311.414068][T16091]  ? __pfx__copy_from_iter+0x10/0x10
[  311.414083][T16091]  ? __build_skb_around+0x22d/0x3c0
[  311.414099][T16091]  ? __alloc_skb+0x193/0x390
[  311.414113][T16091]  ? netlink_sendmsg+0x650/0xb40
[  311.414127][T16091]  ? skb_put+0x11b/0x210
[  311.414146][T16091]  netlink_sendmsg+0x6c0/0xb40
[  311.414166][T16091]  ? __pfx_netlink_sendmsg+0x10/0x10
[  311.414182][T16091]  ? aa_sock_msg_perm+0xf1/0x1b0
[  311.414198][T16091]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  311.414214][T16091]  ? __pfx_netlink_sendmsg+0x10/0x10
[  311.414227][T16091]  ____sys_sendmsg+0xa68/0xad0
[  311.414243][T16091]  ? __might_fault+0xaf/0x130
[  311.414265][T16091]  ? __pfx_____sys_sendmsg+0x10/0x10
[  311.414287][T16091]  ? import_iovec+0x73/0xa0
[  311.414307][T16091]  ___sys_sendmsg+0x2a5/0x360
[  311.414322][T16091]  ? __lock_acquire+0x6b5/0x2cf0
[  311.414342][T16091]  ? __pfx____sys_sendmsg+0x10/0x10
[  311.414382][T16091]  ? __fget_files+0x2a/0x420
[  311.414395][T16091]  ? __fget_files+0x3a0/0x420
[  311.414416][T16091]  __x64_sys_sendmsg+0x1bd/0x2a0
[  311.414433][T16091]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  311.414457][T16091]  ? __pfx_ksys_write+0x10/0x10
[  311.414483][T16091]  do_syscall_64+0xe2/0xf80
[  311.414497][T16091]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.414509][T16091]  ? trace_irq_disable+0x37/0x100
[  311.414522][T16091]  ? clear_bhb_loop+0x60/0xb0
[  311.414536][T16091]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.414548][T16091] RIP: 0033:0x7f439c19aeb9
[  311.414560][T16091] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  311.414577][T16091] RSP: 002b:00007f439cf93028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  311.414592][T16091] RAX: ffffffffffffffda RBX: 00007f439c415fa0 RCX: 00007f439c19aeb9
[  311.414602][T16091] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 0000000000000004
[  311.414610][T16091] RBP: 00007f439cf93090 R08: 0000000000000000 R09: 0000000000000000
[  311.414618][T16091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  311.414626][T16091] R13: 00007f439c416038 R14: 00007f439c415fa0 R15: 00007ffc8c0b4f68
[  311.414647][T16091]  </TASK>
[  311.892253][T16112] openvswitch: netlink: IP tunnel dst address not specified
[  311.921046][T16114] netlink: 'syz.1.3602': attribute type 13 has an invalid length.
[  311.929713][T16114] netlink: 'syz.1.3602': attribute type 17 has an invalid length.
[  311.986728][T16114] 8021q: adding VLAN 0 to HW filter on device team0
[  311.997695][T16114] 8021q: adding VLAN 0 to HW filter on device batadv0
[  312.027138][T16114] batman_adv: batadv0: Interface activated: batadv_slave_0
[  312.036622][T16114] batman_adv: batadv0: Interface activated: batadv_slave_1
[  312.047835][T16118] netlink: 'syz.5.3605': attribute type 21 has an invalid length.
[  312.048839][T16114] veth1_vlan: left promiscuous mode
[  312.062414][T16114] veth0_vlan: left promiscuous mode
[  312.068604][T16114] veth0_vlan: entered promiscuous mode
[  312.076621][T16114] veth1_vlan: entered promiscuous mode
[  312.087419][T16114] veth1_macvtap: left promiscuous mode
[  312.095513][T16114] veth0_macvtap: left promiscuous mode
[  312.102207][T16114] veth0_macvtap: entered promiscuous mode
[  312.122076][T16114] veth1_macvtap: entered promiscuous mode
[  312.135107][T16114] netdevsim netdevsim1 netdevsim0: left promiscuous mode
[  312.163528][T16114] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check.
[  312.277288][T16118] netlink: 132 bytes leftover after parsing attributes in process `syz.5.3605'.
[  312.288158][ T7880] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  312.297638][ T7880] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  312.306740][ T7880] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  312.316037][ T7880] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  312.790289][T16142] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3612'.
[  313.093978][T16149] openvswitch: netlink: IP tunnel dst address not specified
[  313.168281][T16151] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3616'.
[  313.358415][T16161] FAULT_INJECTION: forcing a failure.
[  313.358415][T16161] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  313.397619][T16161] CPU: 1 UID: 0 PID: 16161 Comm: syz.1.3620 Not tainted syzkaller #0 PREEMPT(full) 
[  313.397644][T16161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  313.397655][T16161] Call Trace:
[  313.397662][T16161]  <TASK>
[  313.397670][T16161]  dump_stack_lvl+0xe8/0x150
[  313.397696][T16161]  should_fail_ex+0x412/0x560
[  313.397722][T16161]  _copy_from_user+0x2d/0xb0
[  313.397746][T16161]  do_tcp_setsockopt+0x4f3/0x2060
[  313.397770][T16161]  ? __pfx_do_tcp_setsockopt+0x10/0x10
[  313.397791][T16161]  ? __pfx_aa_sk_perm+0x10/0x10
[  313.397812][T16161]  ? __fget_files+0x2a/0x420
[  313.397829][T16161]  ? aa_sock_opt_perm+0xff/0x1a0
[  313.397851][T16161]  ? sock_common_setsockopt+0x36/0xc0
[  313.397868][T16161]  ? tcp_setsockopt+0x3d/0xe0
[  313.397883][T16161]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  313.397904][T16161]  do_sock_setsockopt+0x17c/0x1b0
[  313.397929][T16161]  __x64_sys_setsockopt+0x13d/0x1b0
[  313.397955][T16161]  do_syscall_64+0xe2/0xf80
[  313.397978][T16161]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  313.397994][T16161]  ? trace_irq_disable+0x37/0x100
[  313.398011][T16161]  ? clear_bhb_loop+0x60/0xb0
[  313.398031][T16161]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  313.398048][T16161] RIP: 0033:0x7f439c19aeb9
[  313.398064][T16161] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  313.398078][T16161] RSP: 002b:00007f439cf93028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  313.398097][T16161] RAX: ffffffffffffffda RBX: 00007f439c415fa0 RCX: 00007f439c19aeb9
[  313.398109][T16161] RDX: 0000000000000013 RSI: 0000000000000006 RDI: 0000000000000003
[  313.398120][T16161] RBP: 00007f439cf93090 R08: 0000000000000004 R09: 0000000000000000
[  313.398130][T16161] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000001
[  313.398141][T16161] R13: 00007f439c416038 R14: 00007f439c415fa0 R15: 00007ffc8c0b4f68
[  313.398170][T16161]  </TASK>
[  313.672678][T16170] netlink: 'syz.1.3623': attribute type 18 has an invalid length.
[  314.323034][T16196] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3628'.
[  314.545369][T16207] bond1: option arp_interval: mode dependency failed, not supported in mode 802.3ad(4)
[  314.556619][T16207] bond1 (unregistering): Released all slaves
[  314.765088][T16212] netlink: 68 bytes leftover after parsing attributes in process `syz.6.3634'.
[  314.912637][T16220] team0: No ports can be present during mode change
[  314.920618][T16220] netlink: 'syz.1.3636': attribute type 10 has an invalid length.
[  315.185802][T16231] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3640'.
[  315.404572][T16244] FAULT_INJECTION: forcing a failure.
[  315.404572][T16244] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  315.426702][T16244] CPU: 1 UID: 0 PID: 16244 Comm: syz.5.3646 Not tainted syzkaller #0 PREEMPT(full) 
[  315.426726][T16244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  315.426735][T16244] Call Trace:
[  315.426740][T16244]  <TASK>
[  315.426747][T16244]  dump_stack_lvl+0xe8/0x150
[  315.426768][T16244]  should_fail_ex+0x412/0x560
[  315.426787][T16244]  _copy_from_user+0x2d/0xb0
[  315.426807][T16244]  __sys_bpf+0x229/0x920
[  315.426822][T16244]  ? __pfx___sys_bpf+0x10/0x10
[  315.426845][T16244]  ? ksys_write+0x242/0x270
[  315.426864][T16244]  ? __pfx_ksys_write+0x10/0x10
[  315.426886][T16244]  __x64_sys_bpf+0x7c/0x90
[  315.426904][T16244]  do_syscall_64+0xe2/0xf80
[  315.426918][T16244]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  315.426930][T16244]  ? trace_irq_disable+0x37/0x100
[  315.426942][T16244]  ? clear_bhb_loop+0x60/0xb0
[  315.426957][T16244]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  315.426969][T16244] RIP: 0033:0x7f68c1d9aeb9
[  315.426982][T16244] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  315.426993][T16244] RSP: 002b:00007f68c2c5f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  315.427007][T16244] RAX: ffffffffffffffda RBX: 00007f68c2015fa0 RCX: 00007f68c1d9aeb9
[  315.427017][T16244] RDX: 000000000000004c RSI: 0000200000000640 RDI: 000000000000000a
[  315.427025][T16244] RBP: 00007f68c2c5f090 R08: 0000000000000000 R09: 0000000000000000
[  315.427033][T16244] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  315.427040][T16244] R13: 00007f68c2016038 R14: 00007f68c2015fa0 R15: 00007ffc03c77968
[  315.427061][T16244]  </TASK>
[  315.497176][T16248] openvswitch: netlink: IP tunnel dst address not specified
[  315.604022][T16249] syzkaller0: entered promiscuous mode
[  315.610527][T16249] syzkaller0: entered allmulticast mode
[  315.819658][T16259] team0: No ports can be present during mode change
[  315.832391][T16259] FAULT_INJECTION: forcing a failure.
[  315.832391][T16259] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  315.834027][ T5837] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  315.846054][T16259] CPU: 1 UID: 0 PID: 16259 Comm: syz.1.3652 Not tainted syzkaller #0 PREEMPT(full) 
[  315.846076][T16259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  315.846087][T16259] Call Trace:
[  315.846094][T16259]  <TASK>
[  315.846100][T16259]  dump_stack_lvl+0xe8/0x150
[  315.846127][T16259]  should_fail_ex+0x412/0x560
[  315.846152][T16259]  _copy_to_user+0x31/0xb0
[  315.846176][T16259]  simple_read_from_buffer+0xe1/0x170
[  315.846200][T16259]  proc_fail_nth_read+0x1bb/0x230
[  315.846225][T16259]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  315.846250][T16259]  ? rw_verify_area+0x2a6/0x4d0
[  315.846270][T16259]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  315.846293][T16259]  vfs_read+0x20c/0xa70
[  315.846312][T16259]  ? fdget_pos+0x246/0x320
[  315.846334][T16259]  ? __pfx___mutex_lock+0x10/0x10
[  315.846353][T16259]  ? __pfx_vfs_read+0x10/0x10
[  315.846375][T16259]  ? __fget_files+0x2a/0x420
[  315.846397][T16259]  ? __fget_files+0x3a0/0x420
[  315.846413][T16259]  ? __fget_files+0x2a/0x420
[  315.846439][T16259]  ksys_read+0x150/0x270
[  315.846463][T16259]  ? __pfx_ksys_read+0x10/0x10
[  315.846494][T16259]  do_syscall_64+0xe2/0xf80
[  315.846511][T16259]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  315.846526][T16259]  ? trace_irq_disable+0x37/0x100
[  315.846542][T16259]  ? clear_bhb_loop+0x60/0xb0
[  315.846562][T16259]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  315.846577][T16259] RIP: 0033:0x7f439c15b78e
[  315.846593][T16259] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  315.846607][T16259] RSP: 002b:00007f439cf92fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  315.846624][T16259] RAX: ffffffffffffffda RBX: 00007f439cf936c0 RCX: 00007f439c15b78e
[  315.846637][T16259] RDX: 000000000000000f RSI: 00007f439cf930a0 RDI: 0000000000000006
[  315.846647][T16259] RBP: 00007f439cf93090 R08: 0000000000000000 R09: 0000000000000000
[  315.846657][T16259] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  315.846667][T16259] R13: 00007f439c416038 R14: 00007f439c415fa0 R15: 00007ffc8c0b4f68
[  315.846695][T16259]  </TASK>
[  316.064047][T16270] __nla_validate_parse: 3 callbacks suppressed
[  316.064066][T16270] netlink: 212368 bytes leftover after parsing attributes in process `syz.5.3656'.
[  316.105007][ T5837] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  316.121808][ T5837] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  316.132568][ T5837] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  316.141651][ T5837] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  316.183718][T16276] openvswitch: netlink: Missing key (keys=40, expected=10000000)
[  316.200314][ T5827] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  316.213673][ T5827] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  316.221085][ T5827] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  316.237711][ T5827] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  316.237905][T16274] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3658'.
[  316.256491][T16274] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3658'.
[  316.269318][T16274] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3658'.
[  316.278629][ T5827] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  316.343261][T16274] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3658'.
[  316.352390][T16260] geneve1 speed is unknown, defaulting to 1000
[  316.494818][T16288] FAULT_INJECTION: forcing a failure.
[  316.494818][T16288] name failslab, interval 1, probability 0, space 0, times 0
[  316.523432][T16288] CPU: 1 UID: 0 PID: 16288 Comm: syz.1.3661 Not tainted syzkaller #0 PREEMPT(full) 
[  316.523457][T16288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  316.523466][T16288] Call Trace:
[  316.523474][T16288]  <TASK>
[  316.523481][T16288]  dump_stack_lvl+0xe8/0x150
[  316.523508][T16288]  should_fail_ex+0x412/0x560
[  316.523533][T16288]  should_failslab+0xa8/0x100
[  316.523557][T16288]  __kmalloc_noprof+0xde/0x7e0
[  316.523576][T16288]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  316.523598][T16288]  ? rcu_is_watching+0x15/0xb0
[  316.523624][T16288]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  316.523653][T16288]  genl_family_rcv_msg_doit+0xd9/0x330
[  316.523674][T16288]  ? __asan_memcpy+0x40/0x70
[  316.523699][T16288]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  316.523724][T16288]  ? apparmor_capable+0x137/0x1a0
[  316.523746][T16288]  ? bpf_lsm_capable+0x9/0x20
[  316.523763][T16288]  ? security_capable+0x7e/0x2c0
[  316.523786][T16288]  genl_rcv_msg+0x61c/0x7a0
[  316.523811][T16288]  ? __pfx_genl_rcv_msg+0x10/0x10
[  316.523827][T16288]  ? __pfx_nl802154_pre_doit+0x10/0x10
[  316.523842][T16288]  ? __pfx_nl802154_add_llsec_key+0x10/0x10
[  316.523860][T16288]  ? __pfx_nl802154_post_doit+0x10/0x10
[  316.523890][T16288]  netlink_rcv_skb+0x232/0x4b0
[  316.523909][T16288]  ? __pfx_genl_rcv_msg+0x10/0x10
[  316.523929][T16288]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  316.523942][T16288]  ? genl_rcv+0x19/0x40
[  316.523976][T16288]  ? down_read+0x272/0x2e0
[  316.524000][T16288]  ? genl_rcv+0xd/0x40
[  316.524021][T16288]  genl_rcv+0x28/0x40
[  316.524039][T16288]  netlink_unicast+0x80f/0x9b0
[  316.524069][T16288]  ? __pfx_netlink_unicast+0x10/0x10
[  316.524091][T16288]  ? __alloc_skb+0x193/0x390
[  316.524111][T16288]  ? netlink_sendmsg+0x650/0xb40
[  316.524125][T16288]  ? skb_put+0x11b/0x210
[  316.524145][T16288]  netlink_sendmsg+0x813/0xb40
[  316.524171][T16288]  ? __pfx_netlink_sendmsg+0x10/0x10
[  316.524192][T16288]  ? aa_sock_msg_perm+0xf1/0x1b0
[  316.524212][T16288]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  316.524229][T16288]  ? __pfx_netlink_sendmsg+0x10/0x10
[  316.524244][T16288]  ____sys_sendmsg+0xa68/0xad0
[  316.524265][T16288]  ? __might_fault+0xaf/0x130
[  316.524293][T16288]  ? __pfx_____sys_sendmsg+0x10/0x10
[  316.524324][T16288]  ? import_iovec+0x73/0xa0
[  316.524351][T16288]  ___sys_sendmsg+0x2a5/0x360
[  316.524370][T16288]  ? __lock_acquire+0x6b5/0x2cf0
[  316.524398][T16288]  ? __pfx____sys_sendmsg+0x10/0x10
[  316.524455][T16288]  ? __fget_files+0x2a/0x420
[  316.524472][T16288]  ? __fget_files+0x3a0/0x420
[  316.524500][T16288]  __x64_sys_sendmsg+0x1bd/0x2a0
[  316.524525][T16288]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  316.524557][T16288]  ? __pfx_ksys_write+0x10/0x10
[  316.524591][T16288]  do_syscall_64+0xe2/0xf80
[  316.524609][T16288]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.524626][T16288]  ? trace_irq_disable+0x37/0x100
[  316.524642][T16288]  ? clear_bhb_loop+0x60/0xb0
[  316.524662][T16288]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.524679][T16288] RIP: 0033:0x7f439c19aeb9
[  316.524696][T16288] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  316.524710][T16288] RSP: 002b:00007f439cf93028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  316.524729][T16288] RAX: ffffffffffffffda RBX: 00007f439c415fa0 RCX: 00007f439c19aeb9
[  316.524741][T16288] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 0000000000000004
[  316.524751][T16288] RBP: 00007f439cf93090 R08: 0000000000000000 R09: 0000000000000000
[  316.524761][T16288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  316.524771][T16288] R13: 00007f439c416038 R14: 00007f439c415fa0 R15: 00007ffc8c0b4f68
[  316.524800][T16288]  </TASK>
[  317.010432][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  317.030692][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  317.257510][T16310] macsec0: entered promiscuous mode
[  317.262762][T16310] macsec0: entered allmulticast mode
[  317.274917][T16260] chnl_net:caif_netlink_parms(): no params data found
[  317.286172][T16310] veth1_macvtap: entered allmulticast mode
[  317.292378][T16310] macsec0: left promiscuous mode
[  317.298256][T16310] macsec0: left allmulticast mode
[  317.303780][T16310] veth1_macvtap: left allmulticast mode
[  317.392165][T16260] bridge0: port 1(bridge_slave_0) entered blocking state
[  317.399772][T16260] bridge0: port 1(bridge_slave_0) entered disabled state
[  317.419026][T16260] bridge_slave_0: entered allmulticast mode
[  317.427577][T16260] bridge_slave_0: entered promiscuous mode
[  317.437267][T16260] bridge0: port 2(bridge_slave_1) entered blocking state
[  317.445066][T16260] bridge0: port 2(bridge_slave_1) entered disabled state
[  317.452757][T16260] bridge_slave_1: entered allmulticast mode
[  317.463982][T16260] bridge_slave_1: entered promiscuous mode
[  317.509162][T16260] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  317.522718][T16260] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  317.554099][T16260] team0: Port device team_slave_0 added
[  317.561759][T16260] team0: Port device team_slave_1 added
[  317.587225][T16260] batman_adv: batadv0: Adding interface: batadv_slave_0
[  317.594472][T16260] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  317.620994][T16260] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  317.633364][T16260] batman_adv: batadv0: Adding interface: batadv_slave_1
[  317.640314][T16260] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  317.667921][T16260] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  317.707518][T16260] hsr_slave_0: entered promiscuous mode
[  317.713985][T16260] hsr_slave_1: entered promiscuous mode
[  317.720052][T16260] debugfs: 'hsr0' already exists in 'hsr'
[  317.726721][T16260] Cannot create hsr debugfs directory
[  318.128650][T16331] netlink: 212328 bytes leftover after parsing attributes in process `syz.1.3676'.
[  318.140408][T16331] netlink: Unknown conntrack attr (type=2304, max=9)
[  318.356304][T16340] openvswitch: netlink: IP tunnel dst address not specified
[  318.373055][ T5837] Bluetooth: hci4: command tx timeout
[  318.380285][T16343] FAULT_INJECTION: forcing a failure.
[  318.380285][T16343] name failslab, interval 1, probability 0, space 0, times 0
[  318.410885][T16343] CPU: 1 UID: 0 PID: 16343 Comm: syz.6.3681 Not tainted syzkaller #0 PREEMPT(full) 
[  318.410910][T16343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  318.410921][T16343] Call Trace:
[  318.410928][T16343]  <TASK>
[  318.410935][T16343]  dump_stack_lvl+0xe8/0x150
[  318.410962][T16343]  should_fail_ex+0x412/0x560
[  318.410988][T16343]  should_failslab+0xa8/0x100
[  318.411016][T16343]  __kmalloc_noprof+0xde/0x7e0
[  318.411033][T16343]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  318.411060][T16343]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  318.411088][T16343]  genl_family_rcv_msg_doit+0xd9/0x330
[  318.411114][T16343]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  318.411143][T16343]  ? apparmor_capable+0x137/0x1a0
[  318.411169][T16343]  ? bpf_lsm_capable+0x9/0x20
[  318.411188][T16343]  ? security_capable+0x7e/0x2c0
[  318.411215][T16343]  genl_rcv_msg+0x61c/0x7a0
[  318.411241][T16343]  ? __pfx_genl_rcv_msg+0x10/0x10
[  318.411259][T16343]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  318.411279][T16343]  ? __pfx_nl80211_reload_regdb+0x10/0x10
[  318.411294][T16343]  ? __pfx_nl80211_post_doit+0x10/0x10
[  318.411328][T16343]  netlink_rcv_skb+0x232/0x4b0
[  318.411346][T16343]  ? __pfx_genl_rcv_msg+0x10/0x10
[  318.411367][T16343]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  318.411382][T16343]  ? genl_rcv+0x19/0x40
[  318.411415][T16343]  ? down_read+0x272/0x2e0
[  318.411432][T16343]  ? genl_rcv+0xd/0x40
[  318.411452][T16343]  genl_rcv+0x28/0x40
[  318.411469][T16343]  netlink_unicast+0x80f/0x9b0
[  318.411501][T16343]  ? __pfx_netlink_unicast+0x10/0x10
[  318.411522][T16343]  ? __alloc_skb+0x193/0x390
[  318.411542][T16343]  ? netlink_sendmsg+0x650/0xb40
[  318.411558][T16343]  ? skb_put+0x11b/0x210
[  318.411581][T16343]  netlink_sendmsg+0x813/0xb40
[  318.411608][T16343]  ? __pfx_netlink_sendmsg+0x10/0x10
[  318.411629][T16343]  ? aa_sock_msg_perm+0xf1/0x1b0
[  318.411651][T16343]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  318.411670][T16343]  ? __pfx_netlink_sendmsg+0x10/0x10
[  318.411687][T16343]  ____sys_sendmsg+0xa68/0xad0
[  318.411708][T16343]  ? __might_fault+0xaf/0x130
[  318.411736][T16343]  ? __pfx_____sys_sendmsg+0x10/0x10
[  318.411766][T16343]  ? import_iovec+0x73/0xa0
[  318.411792][T16343]  ___sys_sendmsg+0x2a5/0x360
[  318.411812][T16343]  ? __lock_acquire+0x6b5/0x2cf0
[  318.411839][T16343]  ? __pfx____sys_sendmsg+0x10/0x10
[  318.411895][T16343]  ? __fget_files+0x2a/0x420
[  318.411912][T16343]  ? __fget_files+0x3a0/0x420
[  318.411940][T16343]  __x64_sys_sendmsg+0x1bd/0x2a0
[  318.411964][T16343]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  318.411994][T16343]  ? __pfx_ksys_write+0x10/0x10
[  318.412038][T16343]  do_syscall_64+0xe2/0xf80
[  318.412056][T16343]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  318.412072][T16343]  ? trace_irq_disable+0x37/0x100
[  318.412089][T16343]  ? clear_bhb_loop+0x60/0xb0
[  318.412108][T16343]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  318.412123][T16343] RIP: 0033:0x7f593659aeb9
[  318.412139][T16343] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  318.412152][T16343] RSP: 002b:00007f5937518028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  318.412171][T16343] RAX: ffffffffffffffda RBX: 00007f5936815fa0 RCX: 00007f593659aeb9
[  318.412183][T16343] RDX: 0000000020008004 RSI: 00002000000006c0 RDI: 0000000000000003
[  318.412194][T16343] RBP: 00007f5937518090 R08: 0000000000000000 R09: 0000000000000000
[  318.412205][T16343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  318.412215][T16343] R13: 00007f5936816038 R14: 00007f5936815fa0 R15: 00007fff2ead2a18
[  318.412244][T16343]  </TASK>
[  318.984373][T16363] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3686'.
[  319.007997][T16365] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3687'.
[  319.209311][T16371] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3689'.
[  319.220466][T16371] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3689'.
[  319.331504][T16382] syzkaller0: entered promiscuous mode
[  319.337105][T16382] syzkaller0: entered allmulticast mode
[  319.357327][T16381] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  319.364479][T16382] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  319.380138][T16382] tipc: Resetting bearer <eth:syzkaller0>
[  319.386464][T16382] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  319.394936][T16382] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  319.405218][T16380] tipc: Resetting bearer <eth:syzkaller0>
[  319.422549][T16380] tipc: Disabling bearer <eth:syzkaller0>
[  319.587116][T16390] netlink: ct family unspecified
[  319.974558][T16416] FAULT_INJECTION: forcing a failure.
[  319.974558][T16416] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  319.987901][T16416] CPU: 1 UID: 0 PID: 16416 Comm: syz.5.3704 Not tainted syzkaller #0 PREEMPT(full) 
[  319.987931][T16416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  319.987941][T16416] Call Trace:
[  319.987948][T16416]  <TASK>
[  319.987955][T16416]  dump_stack_lvl+0xe8/0x150
[  319.987980][T16416]  should_fail_ex+0x412/0x560
[  319.988005][T16416]  _copy_from_user+0x2d/0xb0
[  319.988028][T16416]  ___sys_sendmsg+0x1c6/0x360
[  319.988047][T16416]  ? __lock_acquire+0x6b5/0x2cf0
[  319.988072][T16416]  ? __pfx____sys_sendmsg+0x10/0x10
[  319.988123][T16416]  ? __fget_files+0x2a/0x420
[  319.988139][T16416]  ? __fget_files+0x3a0/0x420
[  319.988166][T16416]  __x64_sys_sendmsg+0x1bd/0x2a0
[  319.988188][T16416]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  319.988217][T16416]  ? __pfx_ksys_write+0x10/0x10
[  319.988248][T16416]  do_syscall_64+0xe2/0xf80
[  319.988265][T16416]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  319.988281][T16416]  ? trace_irq_disable+0x37/0x100
[  319.988296][T16416]  ? clear_bhb_loop+0x60/0xb0
[  319.988314][T16416]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  319.988329][T16416] RIP: 0033:0x7f68c1d9aeb9
[  319.988344][T16416] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  319.988356][T16416] RSP: 002b:00007f68c2c5f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  319.988371][T16416] RAX: ffffffffffffffda RBX: 00007f68c2015fa0 RCX: 00007f68c1d9aeb9
[  319.988381][T16416] RDX: 0000000000000840 RSI: 0000200000000180 RDI: 0000000000000005
[  319.988390][T16416] RBP: 00007f68c2c5f090 R08: 0000000000000000 R09: 0000000000000000
[  319.988399][T16416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  319.988407][T16416] R13: 00007f68c2016038 R14: 00007f68c2015fa0 R15: 00007ffc03c77968
[  319.988431][T16416]  </TASK>
[  320.236717][T16405] bond0 (unregistering): (slave geneve3): Releasing backup interface
[  320.246907][T16405] bond0 (unregistering): Released all slaves
[  320.443334][ T5837] Bluetooth: hci4: command tx timeout
[  320.632699][ T7880] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  320.641227][ T7880] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  320.657698][T16440] netlink: 'syz.2.3713': attribute type 21 has an invalid length.
[  321.009323][T16448] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  321.096540][T16464] FAULT_INJECTION: forcing a failure.
[  321.096540][T16464] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  321.120048][T16464] CPU: 0 UID: 0 PID: 16464 Comm: syz.6.3719 Not tainted syzkaller #0 PREEMPT(full) 
[  321.120074][T16464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  321.120084][T16464] Call Trace:
[  321.120091][T16464]  <TASK>
[  321.120100][T16464]  dump_stack_lvl+0xe8/0x150
[  321.120126][T16464]  should_fail_ex+0x412/0x560
[  321.120151][T16464]  _copy_from_iter+0x1d3/0x1670
[  321.120179][T16464]  ? trace_kmem_cache_alloc+0x1f/0xb0
[  321.120206][T16464]  ? __pfx__copy_from_iter+0x10/0x10
[  321.120229][T16464]  ? __build_skb_around+0x22d/0x3c0
[  321.120251][T16464]  ? __alloc_skb+0x193/0x390
[  321.120270][T16464]  ? netlink_sendmsg+0x650/0xb40
[  321.120288][T16464]  ? skb_put+0x11b/0x210
[  321.120311][T16464]  netlink_sendmsg+0x6c0/0xb40
[  321.120338][T16464]  ? __pfx_netlink_sendmsg+0x10/0x10
[  321.120357][T16464]  ? aa_sock_msg_perm+0xf1/0x1b0
[  321.120378][T16464]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  321.120398][T16464]  ? __pfx_netlink_sendmsg+0x10/0x10
[  321.120415][T16464]  ____sys_sendmsg+0xa68/0xad0
[  321.120436][T16464]  ? __might_fault+0xaf/0x130
[  321.120463][T16464]  ? __pfx_____sys_sendmsg+0x10/0x10
[  321.120499][T16464]  ? import_iovec+0x73/0xa0
[  321.120526][T16464]  ___sys_sendmsg+0x2a5/0x360
[  321.120545][T16464]  ? __lock_acquire+0x6b5/0x2cf0
[  321.120570][T16464]  ? __pfx____sys_sendmsg+0x10/0x10
[  321.120625][T16464]  ? __fget_files+0x2a/0x420
[  321.120642][T16464]  ? __fget_files+0x3a0/0x420
[  321.120673][T16464]  __x64_sys_sendmsg+0x1bd/0x2a0
[  321.120698][T16464]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  321.120728][T16464]  ? __pfx_ksys_write+0x10/0x10
[  321.120761][T16464]  do_syscall_64+0xe2/0xf80
[  321.120779][T16464]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  321.120795][T16464]  ? trace_irq_disable+0x37/0x100
[  321.120811][T16464]  ? clear_bhb_loop+0x60/0xb0
[  321.120830][T16464]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  321.120847][T16464] RIP: 0033:0x7f593659aeb9
[  321.120864][T16464] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  321.120878][T16464] RSP: 002b:00007f5937518028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  321.120896][T16464] RAX: ffffffffffffffda RBX: 00007f5936815fa0 RCX: 00007f593659aeb9
[  321.120909][T16464] RDX: 0000000004000000 RSI: 00002000000001c0 RDI: 0000000000000003
[  321.120921][T16464] RBP: 00007f5937518090 R08: 0000000000000000 R09: 0000000000000000
[  321.120931][T16464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  321.120941][T16464] R13: 00007f5936816038 R14: 00007f5936815fa0 R15: 00007fff2ead2a18
[  321.120970][T16464]  </TASK>
[  321.477032][T16468] __nla_validate_parse: 14 callbacks suppressed
[  321.477050][T16468] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3720'.
[  321.512676][T16472] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3722'.
[  321.601504][T16479] netlink: 104 bytes leftover after parsing attributes in process `syz.2.3725'.
[  321.703623][T16489] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3728'.
[  321.715390][T16489] hsr_slave_0: left promiscuous mode
[  321.721496][T16489] hsr_slave_1: left promiscuous mode
[  321.818573][T16492] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3729'.
[  321.832043][T16492] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3729'.
[  321.843936][T16492] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3729'.
[  321.853491][T16492] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3729'.
[  322.007426][T16504] netlink: 348 bytes leftover after parsing attributes in process `syz.5.3733'.
[  322.018950][T16504] netlink: 348 bytes leftover after parsing attributes in process `syz.5.3733'.
[  322.029150][T16507] netlink: 'syz.2.3735': attribute type 1 has an invalid length.
[  322.062037][T16507] 8021q: adding VLAN 0 to HW filter on device bond0
[  322.097682][T16507] bond0: (slave veth5): Enslaving as an active interface with a down link
[  322.118156][T16507] vlan4: entered allmulticast mode
[  322.125877][T16507] veth1: entered allmulticast mode
[  322.143745][T16507] bond0: (slave vlan4): Opening slave failed
[  322.200733][T16513] FAULT_INJECTION: forcing a failure.
[  322.200733][T16513] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  322.214701][T16513] CPU: 1 UID: 0 PID: 16513 Comm: syz.5.3737 Not tainted syzkaller #0 PREEMPT(full) 
[  322.214726][T16513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  322.214736][T16513] Call Trace:
[  322.214744][T16513]  <TASK>
[  322.214752][T16513]  dump_stack_lvl+0xe8/0x150
[  322.214775][T16513]  should_fail_ex+0x412/0x560
[  322.214799][T16513]  _copy_from_user+0x2d/0xb0
[  322.214823][T16513]  kstrtouint_from_user+0xd6/0x180
[  322.214848][T16513]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  322.214881][T16513]  proc_fail_nth_write+0x8e/0x210
[  322.214904][T16513]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  322.214926][T16513]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  322.214946][T16513]  vfs_write+0x29a/0xb90
[  322.214975][T16513]  ? __pfx_vfs_write+0x10/0x10
[  322.214996][T16513]  ? __fget_files+0x2a/0x420
[  322.215017][T16513]  ? __fget_files+0x3a0/0x420
[  322.215032][T16513]  ? __fget_files+0x2a/0x420
[  322.215060][T16513]  ksys_write+0x150/0x270
[  322.215084][T16513]  ? __pfx_ksys_write+0x10/0x10
[  322.215118][T16513]  do_syscall_64+0xe2/0xf80
[  322.215137][T16513]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  322.215154][T16513]  ? clear_bhb_loop+0x60/0xb0
[  322.215174][T16513]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  322.215191][T16513] RIP: 0033:0x7f68c1d5b78e
[  322.215208][T16513] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  322.215222][T16513] RSP: 002b:00007f68c2c5efe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  322.215241][T16513] RAX: ffffffffffffffda RBX: 00007f68c2c5f6c0 RCX: 00007f68c1d5b78e
[  322.215260][T16513] RDX: 0000000000000001 RSI: 00007f68c2c5f0a0 RDI: 0000000000000004
[  322.215271][T16513] RBP: 00007f68c2c5f090 R08: 0000000000000000 R09: 0000000000000000
[  322.215281][T16513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  322.215291][T16513] R13: 00007f68c2016038 R14: 00007f68c2015fa0 R15: 00007ffc03c77968
[  322.215321][T16513]  </TASK>
[  322.523252][ T5837] Bluetooth: hci4: command tx timeout
[  322.639550][T16526] team0: No ports can be present during mode change
[  322.675486][T16526] netlink: 'syz.1.3744': attribute type 10 has an invalid length.
[  323.002280][T16552] FAULT_INJECTION: forcing a failure.
[  323.002280][T16552] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  323.017385][T16552] CPU: 0 UID: 0 PID: 16552 Comm: syz.2.3756 Not tainted syzkaller #0 PREEMPT(full) 
[  323.017412][T16552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  323.017423][T16552] Call Trace:
[  323.017431][T16552]  <TASK>
[  323.017439][T16552]  dump_stack_lvl+0xe8/0x150
[  323.017466][T16552]  should_fail_ex+0x412/0x560
[  323.017491][T16552]  _copy_from_iter+0x1d3/0x1670
[  323.017518][T16552]  ? trace_kmem_cache_alloc+0x1f/0xb0
[  323.017544][T16552]  ? __pfx__copy_from_iter+0x10/0x10
[  323.017576][T16552]  ? __build_skb_around+0x22d/0x3c0
[  323.017597][T16552]  ? __alloc_skb+0x193/0x390
[  323.017616][T16552]  ? netlink_sendmsg+0x650/0xb40
[  323.017633][T16552]  ? skb_put+0x11b/0x210
[  323.017655][T16552]  netlink_sendmsg+0x6c0/0xb40
[  323.017680][T16552]  ? __pfx_netlink_sendmsg+0x10/0x10
[  323.017698][T16552]  ? aa_sock_msg_perm+0xf1/0x1b0
[  323.017719][T16552]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  323.017738][T16552]  ? __pfx_netlink_sendmsg+0x10/0x10
[  323.017753][T16552]  ____sys_sendmsg+0xa68/0xad0
[  323.017772][T16552]  ? __might_fault+0xaf/0x130
[  323.017795][T16552]  ? __pfx_____sys_sendmsg+0x10/0x10
[  323.017822][T16552]  ? import_iovec+0x73/0xa0
[  323.017845][T16552]  ___sys_sendmsg+0x2a5/0x360
[  323.017865][T16552]  ? __lock_acquire+0x6b5/0x2cf0
[  323.017890][T16552]  ? __pfx____sys_sendmsg+0x10/0x10
[  323.017944][T16552]  ? __fget_files+0x2a/0x420
[  323.017962][T16552]  ? __fget_files+0x3a0/0x420
[  323.017988][T16552]  __x64_sys_sendmsg+0x1bd/0x2a0
[  323.018009][T16552]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  323.018039][T16552]  ? __pfx_ksys_write+0x10/0x10
[  323.018079][T16552]  do_syscall_64+0xe2/0xf80
[  323.018098][T16552]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.018114][T16552]  ? trace_irq_disable+0x37/0x100
[  323.018130][T16552]  ? clear_bhb_loop+0x60/0xb0
[  323.018151][T16552]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.018168][T16552] RIP: 0033:0x7f877979aeb9
[  323.018184][T16552] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  323.018199][T16552] RSP: 002b:00007f87779ee028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  323.018218][T16552] RAX: ffffffffffffffda RBX: 00007f8779a15fa0 RCX: 00007f877979aeb9
[  323.018231][T16552] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000004
[  323.018242][T16552] RBP: 00007f87779ee090 R08: 0000000000000000 R09: 0000000000000000
[  323.018253][T16552] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  323.018263][T16552] R13: 00007f8779a16038 R14: 00007f8779a15fa0 R15: 00007ffca6f8e5a8
[  323.018295][T16552]  </TASK>
[  323.488432][T16565] netlink: 'syz.2.3761': attribute type 1 has an invalid length.
[  324.529490][T16599] netlink: 'syz.2.3771': attribute type 1 has an invalid length.
[  324.613346][ T5837] Bluetooth: hci4: command tx timeout
[  324.908329][T16623] netdevsim netdevsim5 netdevsim0: entered promiscuous mode
[  324.927443][T16623] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  325.506495][T16653] x_tables: duplicate underflow at hook 2
[  325.714421][T16663] netlink: 'syz.6.3797': attribute type 1 has an invalid length.
[  325.722717][T16663] netlink: 'syz.6.3797': attribute type 2 has an invalid length.
[  327.614655][T16698] __nla_validate_parse: 79 callbacks suppressed
[  327.614674][T16698] netlink: 44 bytes leftover after parsing attributes in process `syz.5.3810'.
[  327.884400][T16716] netlink: 'syz.5.3819': attribute type 3 has an invalid length.
[  327.921672][T16721] netlink: 'syz.2.3820': attribute type 1 has an invalid length.
[  328.202473][T16740] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3828'.
[  328.216623][T16740] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3828'.
[  328.315459][T16742] netlink: 11 bytes leftover after parsing attributes in process `syz.2.3829'.
[  328.428875][T16748] lo: Caught tx_queue_len zero misconfig
[  328.493514][T16750] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  328.567941][T16753] bond1: peer notification delay (1164) is not a multiple of miimon (100), value rounded to 1100 ms
[  328.584324][T16753] bond1: entered promiscuous mode
[  328.589429][T16753] bond1: entered allmulticast mode
[  328.595123][T16753] 8021q: adding VLAN 0 to HW filter on device bond1
[  328.700798][T16758] FAULT_INJECTION: forcing a failure.
[  328.700798][T16758] name failslab, interval 1, probability 0, space 0, times 0
[  328.714936][T16758] CPU: 0 UID: 0 PID: 16758 Comm: syz.6.3836 Not tainted syzkaller #0 PREEMPT(full) 
[  328.714962][T16758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  328.714973][T16758] Call Trace:
[  328.714979][T16758]  <TASK>
[  328.714985][T16758]  dump_stack_lvl+0xe8/0x150
[  328.715008][T16758]  should_fail_ex+0x412/0x560
[  328.715037][T16758]  should_failslab+0xa8/0x100
[  328.715055][T16758]  kmem_cache_alloc_node_noprof+0x8b/0x6f0
[  328.715080][T16758]  ? __alloc_skb+0x1d7/0x390
[  328.715098][T16758]  ? __local_bh_enable_ip+0xd0/0x130
[  328.715115][T16758]  ? __alloc_skb+0x193/0x390
[  328.715133][T16758]  __alloc_skb+0x1d7/0x390
[  328.715153][T16758]  netlink_ack+0x146/0xa50
[  328.715167][T16758]  ? __pfx_genl_rcv_msg+0x10/0x10
[  328.715184][T16758]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  328.715205][T16758]  ? __pfx_nl80211_post_doit+0x10/0x10
[  328.715237][T16758]  netlink_rcv_skb+0x2b6/0x4b0
[  328.715255][T16758]  ? __pfx_genl_rcv_msg+0x10/0x10
[  328.715284][T16758]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  328.715298][T16758]  ? genl_rcv+0x19/0x40
[  328.715331][T16758]  ? down_read+0x272/0x2e0
[  328.715347][T16758]  ? genl_rcv+0xd/0x40
[  328.715366][T16758]  genl_rcv+0x28/0x40
[  328.715383][T16758]  netlink_unicast+0x80f/0x9b0
[  328.715413][T16758]  ? __pfx_netlink_unicast+0x10/0x10
[  328.715434][T16758]  ? __alloc_skb+0x193/0x390
[  328.715453][T16758]  ? netlink_sendmsg+0x650/0xb40
[  328.715467][T16758]  ? skb_put+0x11b/0x210
[  328.715481][T16758]  netlink_sendmsg+0x813/0xb40
[  328.715496][T16758]  ? __pfx_netlink_sendmsg+0x10/0x10
[  328.715508][T16758]  ? aa_sock_msg_perm+0xf1/0x1b0
[  328.715522][T16758]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  328.715534][T16758]  ? __pfx_netlink_sendmsg+0x10/0x10
[  328.715543][T16758]  ____sys_sendmsg+0xa68/0xad0
[  328.715558][T16758]  ? __might_fault+0xaf/0x130
[  328.715577][T16758]  ? __pfx_____sys_sendmsg+0x10/0x10
[  328.715594][T16758]  ? import_iovec+0x73/0xa0
[  328.715611][T16758]  ___sys_sendmsg+0x2a5/0x360
[  328.715623][T16758]  ? __lock_acquire+0x6b5/0x2cf0
[  328.715640][T16758]  ? __pfx____sys_sendmsg+0x10/0x10
[  328.715671][T16758]  ? __fget_files+0x2a/0x420
[  328.715681][T16758]  ? __fget_files+0x3a0/0x420
[  328.715697][T16758]  __x64_sys_sendmsg+0x1bd/0x2a0
[  328.715711][T16758]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  328.715729][T16758]  ? __pfx_ksys_write+0x10/0x10
[  328.715750][T16758]  do_syscall_64+0xe2/0xf80
[  328.715761][T16758]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  328.715770][T16758]  ? trace_irq_disable+0x37/0x100
[  328.715781][T16758]  ? clear_bhb_loop+0x60/0xb0
[  328.715793][T16758]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  328.715802][T16758] RIP: 0033:0x7f593659aeb9
[  328.715813][T16758] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  328.715821][T16758] RSP: 002b:00007f5937518028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  328.715832][T16758] RAX: ffffffffffffffda RBX: 00007f5936815fa0 RCX: 00007f593659aeb9
[  328.715839][T16758] RDX: 0000000004000000 RSI: 00002000000001c0 RDI: 0000000000000003
[  328.715846][T16758] RBP: 00007f5937518090 R08: 0000000000000000 R09: 0000000000000000
[  328.715851][T16758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  328.715857][T16758] R13: 00007f5936816038 R14: 00007f5936815fa0 R15: 00007fff2ead2a18
[  328.715873][T16758]  </TASK>
[  329.122730][T16762] netlink: 32 bytes leftover after parsing attributes in process `syz.5.3838'.
[  329.208807][T16766] tipc: Started in network mode
[  329.213803][T16766] tipc: Node identity ac14140f, cluster identity 4711
[  329.222615][T16766] tipc: New replicast peer: 255.255.255.255
[  329.229600][T16766] tipc: Enabled bearer <udp:syz2>, priority 10
[  329.237989][T16766] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3839'.
[  329.693904][T16801] FAULT_INJECTION: forcing a failure.
[  329.693904][T16801] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  329.707345][T16801] CPU: 0 UID: 0 PID: 16801 Comm: syz.2.3852 Not tainted syzkaller #0 PREEMPT(full) 
[  329.707370][T16801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  329.707380][T16801] Call Trace:
[  329.707387][T16801]  <TASK>
[  329.707394][T16801]  dump_stack_lvl+0xe8/0x150
[  329.707417][T16801]  should_fail_ex+0x412/0x560
[  329.707432][T16801]  _copy_to_user+0x31/0xb0
[  329.707450][T16801]  simple_read_from_buffer+0xe1/0x170
[  329.707464][T16801]  proc_fail_nth_read+0x1bb/0x230
[  329.707481][T16801]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  329.707497][T16801]  ? rw_verify_area+0x2a6/0x4d0
[  329.707511][T16801]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  329.707526][T16801]  vfs_read+0x20c/0xa70
[  329.707539][T16801]  ? fdget_pos+0x246/0x320
[  329.707553][T16801]  ? __pfx___mutex_lock+0x10/0x10
[  329.707566][T16801]  ? __pfx_vfs_read+0x10/0x10
[  329.707580][T16801]  ? __fget_files+0x2a/0x420
[  329.707593][T16801]  ? __fget_files+0x3a0/0x420
[  329.707602][T16801]  ? __fget_files+0x2a/0x420
[  329.707617][T16801]  ksys_read+0x150/0x270
[  329.707632][T16801]  ? __pfx_ksys_read+0x10/0x10
[  329.707652][T16801]  do_syscall_64+0xe2/0xf80
[  329.707670][T16801]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  329.707679][T16801]  ? trace_irq_disable+0x37/0x100
[  329.707690][T16801]  ? clear_bhb_loop+0x60/0xb0
[  329.707709][T16801]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  329.707724][T16801] RIP: 0033:0x7f877975b78e
[  329.707739][T16801] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  329.707754][T16801] RSP: 002b:00007f87779edfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  329.707771][T16801] RAX: ffffffffffffffda RBX: 00007f87779ee6c0 RCX: 00007f877975b78e
[  329.707779][T16801] RDX: 000000000000000f RSI: 00007f87779ee0a0 RDI: 0000000000000005
[  329.707785][T16801] RBP: 00007f87779ee090 R08: 0000000000000000 R09: 0000000000000000
[  329.707791][T16801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  329.707797][T16801] R13: 00007f8779a16038 R14: 00007f8779a15fa0 R15: 00007ffca6f8e5a8
[  329.707813][T16801]  </TASK>
[  330.218590][T16810] netlink: 'syz.6.3854': attribute type 3 has an invalid length.
[  330.365574][   T10] tipc: Node number set to 2886997007
[  330.711720][T16833] netlink: 7 bytes leftover after parsing attributes in process `syz.1.3864'.
[  330.837081][T16842] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3868'.
[  331.043833][T16860] netlink: 52 bytes leftover after parsing attributes in process `syz.2.3873'.
[  331.058901][T16861] netlink: 'syz.5.3875': attribute type 13 has an invalid length.
[  331.144337][T16863] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3876'.
[  331.715888][T16886] A link change request failed with some changes committed already. Interface wg2 may have been left with an inconsistent configuration, please check.
[  332.193398][T16871] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  332.199816][T16871] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  332.441595][T16909] xt_limit: Overflow, try lower: 271964/0
[  332.689143][T16922] __nla_validate_parse: 10 callbacks suppressed
[  332.689163][T16922] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3898'.
[  332.850535][T16934] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3903'.
[  332.878647][T16936] netlink: 80 bytes leftover after parsing attributes in process `syz.1.3901'.
[  332.920818][T16936] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3901'.
[  332.961306][T16941] FAULT_INJECTION: forcing a failure.
[  332.961306][T16941] name failslab, interval 1, probability 0, space 0, times 0
[  332.996886][T16941] CPU: 1 UID: 0 PID: 16941 Comm: syz.6.3905 Not tainted syzkaller #0 PREEMPT(full) 
[  332.996912][T16941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  332.996922][T16941] Call Trace:
[  332.996930][T16941]  <TASK>
[  332.996936][T16941]  dump_stack_lvl+0xe8/0x150
[  332.996962][T16941]  should_fail_ex+0x412/0x560
[  332.996988][T16941]  should_failslab+0xa8/0x100
[  332.997008][T16941]  __kmalloc_cache_noprof+0x83/0x6e0
[  332.997028][T16941]  ? sctp_add_bind_addr+0x8c/0x370
[  332.997051][T16941]  sctp_add_bind_addr+0x8c/0x370
[  332.997074][T16941]  sctp_copy_local_addr_list+0x314/0x4f0
[  332.997096][T16941]  ? sctp_copy_local_addr_list+0xa4/0x4f0
[  332.997114][T16941]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  332.997134][T16941]  ? sctp_v6_is_any+0x64/0x80
[  332.997153][T16941]  ? sctp_copy_one_addr+0x93/0x360
[  332.997175][T16941]  sctp_bind_addr_copy+0xb3/0x3c0
[  332.997193][T16941]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  332.997221][T16941]  sctp_connect_new_asoc+0x2ff/0x6b0
[  332.997245][T16941]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  332.997272][T16941]  ? __local_bh_enable_ip+0xd0/0x130
[  332.997287][T16941]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  332.997305][T16941]  ? security_sctp_bind_connect+0x7e/0x2c0
[  332.997326][T16941]  sctp_sendmsg+0x1528/0x2c10
[  332.997369][T16941]  ? __pfx_sctp_sendmsg+0x10/0x10
[  332.997386][T16941]  ? aa_sk_perm+0x15a/0x960
[  332.997407][T16941]  ? aa_sk_perm+0x82d/0x960
[  332.997430][T16941]  ? __might_fault+0xaf/0x130
[  332.997464][T16941]  ? __pfx_aa_sk_perm+0x10/0x10
[  332.997487][T16941]  ? sock_rps_record_flow+0x19/0x400
[  332.997512][T16941]  ? inet_sendmsg+0x2f4/0x370
[  332.997539][T16941]  __sys_sendto+0x627/0x7a0
[  332.997565][T16941]  ? __pfx___sys_sendto+0x10/0x10
[  332.997582][T16941]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  332.997614][T16941]  ? __fget_files+0x3a0/0x420
[  332.997644][T16941]  ? ksys_write+0x242/0x270
[  332.997670][T16941]  ? __pfx_ksys_write+0x10/0x10
[  332.997697][T16941]  __x64_sys_sendto+0xde/0x100
[  332.997721][T16941]  do_syscall_64+0xe2/0xf80
[  332.997739][T16941]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  332.997755][T16941]  ? trace_irq_disable+0x37/0x100
[  332.997772][T16941]  ? clear_bhb_loop+0x60/0xb0
[  332.997792][T16941]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  332.997808][T16941] RIP: 0033:0x7f593659aeb9
[  332.997825][T16941] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  332.997839][T16941] RSP: 002b:00007f5937518028 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  332.997858][T16941] RAX: ffffffffffffffda RBX: 00007f5936815fa0 RCX: 00007f593659aeb9
[  332.997871][T16941] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000003
[  332.997880][T16941] RBP: 00007f5937518090 R08: 0000200000000080 R09: 000000000000001c
[  332.997891][T16941] R10: 0000000000000051 R11: 0000000000000246 R12: 0000000000000002
[  332.997901][T16941] R13: 00007f5936816038 R14: 00007f5936815fa0 R15: 00007fff2ead2a18
[  332.997928][T16941]  </TASK>
[  333.529752][T16959] netlink: 164 bytes leftover after parsing attributes in process `syz.5.3912'.
[  333.753606][T16979] netlink: 'syz.5.3918': attribute type 1 has an invalid length.
[  333.777175][T16979] 8021q: adding VLAN 0 to HW filter on device bond2
[  333.786733][T16978] netlink: 52 bytes leftover after parsing attributes in process `syz.1.3917'.
[  333.799644][T16978] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  334.021402][T16989] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3923'.
[  334.037652][T16989] xfrm1: entered promiscuous mode
[  334.043039][T16989] xfrm1: entered allmulticast mode
[  334.061941][T16989] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3923'.
[  334.289778][T17005] openvswitch: netlink: IP tunnel dst address not specified
[  334.304276][T17003] netlink: 'syz.5.3929': attribute type 30 has an invalid length.
[  335.778705][T17037] FAULT_INJECTION: forcing a failure.
[  335.778705][T17037] name failslab, interval 1, probability 0, space 0, times 0
[  335.819077][T17037] CPU: 0 UID: 0 PID: 17037 Comm: syz.6.3940 Not tainted syzkaller #0 PREEMPT(full) 
[  335.819102][T17037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  335.819112][T17037] Call Trace:
[  335.819119][T17037]  <TASK>
[  335.819127][T17037]  dump_stack_lvl+0xe8/0x150
[  335.819153][T17037]  should_fail_ex+0x412/0x560
[  335.819178][T17037]  should_failslab+0xa8/0x100
[  335.819201][T17037]  kmem_cache_alloc_node_noprof+0x8b/0x6f0
[  335.819226][T17037]  ? __alloc_skb+0x1d7/0x390
[  335.819243][T17037]  ? __local_bh_enable_ip+0xd0/0x130
[  335.819258][T17037]  ? __alloc_skb+0x193/0x390
[  335.819275][T17037]  __alloc_skb+0x1d7/0x390
[  335.819295][T17037]  netlink_ack+0x146/0xa50
[  335.819313][T17037]  ? rcu_is_watching+0x15/0xb0
[  335.819331][T17037]  ? trace_contention_end+0x39/0x100
[  335.819358][T17037]  netlink_rcv_skb+0x2b6/0x4b0
[  335.819377][T17037]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  335.819396][T17037]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  335.819427][T17037]  ? netlink_deliver_tap+0x2e/0x1b0
[  335.819444][T17037]  ? netlink_deliver_tap+0x2e/0x1b0
[  335.819464][T17037]  xfrm_netlink_rcv+0x79/0x90
[  335.819485][T17037]  netlink_unicast+0x80f/0x9b0
[  335.819518][T17037]  ? __pfx_netlink_unicast+0x10/0x10
[  335.819539][T17037]  ? __alloc_skb+0x193/0x390
[  335.819557][T17037]  ? netlink_sendmsg+0x650/0xb40
[  335.819572][T17037]  ? skb_put+0x11b/0x210
[  335.819593][T17037]  netlink_sendmsg+0x813/0xb40
[  335.819619][T17037]  ? __pfx_netlink_sendmsg+0x10/0x10
[  335.819639][T17037]  ? aa_sock_msg_perm+0xf1/0x1b0
[  335.819659][T17037]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  335.819678][T17037]  ? __pfx_netlink_sendmsg+0x10/0x10
[  335.819693][T17037]  ____sys_sendmsg+0xa68/0xad0
[  335.819713][T17037]  ? __might_fault+0xaf/0x130
[  335.819739][T17037]  ? __pfx_____sys_sendmsg+0x10/0x10
[  335.819766][T17037]  ? import_iovec+0x73/0xa0
[  335.819791][T17037]  ___sys_sendmsg+0x2a5/0x360
[  335.819809][T17037]  ? __lock_acquire+0x6b5/0x2cf0
[  335.819832][T17037]  ? __pfx____sys_sendmsg+0x10/0x10
[  335.819882][T17037]  ? __fget_files+0x2a/0x420
[  335.819897][T17037]  ? __fget_files+0x3a0/0x420
[  335.819922][T17037]  __x64_sys_sendmsg+0x1bd/0x2a0
[  335.819973][T17037]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  335.820003][T17037]  ? __pfx_ksys_write+0x10/0x10
[  335.820036][T17037]  do_syscall_64+0xe2/0xf80
[  335.820053][T17037]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.820068][T17037]  ? trace_irq_disable+0x37/0x100
[  335.820083][T17037]  ? clear_bhb_loop+0x60/0xb0
[  335.820103][T17037]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.820119][T17037] RIP: 0033:0x7f593659aeb9
[  335.820136][T17037] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  335.820151][T17037] RSP: 002b:00007f5937518028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  335.820170][T17037] RAX: ffffffffffffffda RBX: 00007f5936815fa0 RCX: 00007f593659aeb9
[  335.820182][T17037] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000004
[  335.820197][T17037] RBP: 00007f5937518090 R08: 0000000000000000 R09: 0000000000000000
[  335.820207][T17037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  335.820216][T17037] R13: 00007f5936816038 R14: 00007f5936815fa0 R15: 00007fff2ead2a18
[  335.820246][T17037]  </TASK>
[  336.372030][T17046] netlink: 64 bytes leftover after parsing attributes in process `syz.1.3945'.
[  337.076904][T17061] syzkaller0: entered promiscuous mode
[  337.092770][T17061] syzkaller0: entered allmulticast mode
[  337.537907][T17067] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3951'.
[  340.449218][T17110] netlink: 'syz.1.3966': attribute type 6 has an invalid length.
[  340.899897][T17118] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  340.964691][T17115] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  340.972696][T17116] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  340.993490][T17115] __nla_validate_parse: 1 callbacks suppressed
[  340.993507][T17115] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3968'.
[  341.434179][T17138] FAULT_INJECTION: forcing a failure.
[  341.434179][T17138] name failslab, interval 1, probability 0, space 0, times 0
[  341.456645][T17138] CPU: 0 UID: 0 PID: 17138 Comm: syz.2.3977 Not tainted syzkaller #0 PREEMPT(full) 
[  341.456669][T17138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  341.456677][T17138] Call Trace:
[  341.456683][T17138]  <TASK>
[  341.456691][T17138]  dump_stack_lvl+0xe8/0x150
[  341.456719][T17138]  should_fail_ex+0x412/0x560
[  341.456741][T17138]  should_failslab+0xa8/0x100
[  341.456762][T17138]  __kvmalloc_node_noprof+0x166/0x8d0
[  341.456781][T17138]  ? alloc_netdev_mqs+0xa6/0x11b0
[  341.456810][T17138]  alloc_netdev_mqs+0xa6/0x11b0
[  341.456828][T17138]  ? __pfx_ip6erspan_tap_setup+0x10/0x10
[  341.456845][T17138]  rtnl_create_link+0x31f/0xd70
[  341.456862][T17138]  rtnl_newlink_create+0x277/0xb70
[  341.456883][T17138]  ? __pfx___nla_validate_parse+0x10/0x10
[  341.456913][T17138]  ? __pfx_rtnl_newlink_create+0x10/0x10
[  341.456938][T17138]  ? __pfx___mutex_lock+0x10/0x10
[  341.456956][T17138]  ? ns_capable+0x89/0xe0
[  341.456967][T17138]  rtnl_newlink+0x1666/0x1be0
[  341.456987][T17138]  ? __pfx_rtnl_newlink+0x10/0x10
[  341.456999][T17138]  ? __lock_acquire+0x6b5/0x2cf0
[  341.457017][T17138]  ? __lock_acquire+0x6b5/0x2cf0
[  341.457032][T17138]  ? __lock_acquire+0x6b5/0x2cf0
[  341.457050][T17138]  ? unwind_next_frame+0xa5/0x23c0
[  341.457065][T17138]  ? unwind_next_frame+0xa5/0x23c0
[  341.457077][T17138]  ? is_bpf_text_address+0x26/0x2b0
[  341.457095][T17138]  ? __lock_acquire+0x6b5/0x2cf0
[  341.457110][T17138]  ? is_bpf_text_address+0x292/0x2b0
[  341.457120][T17138]  ? is_bpf_text_address+0x26/0x2b0
[  341.457132][T17138]  ? kernel_text_address+0xa5/0xe0
[  341.457145][T17138]  ? __kernel_text_address+0xd/0x30
[  341.457156][T17138]  ? unwind_get_return_address+0x4d/0x90
[  341.457171][T17138]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[  341.457189][T17138]  ? __pfx_rtnl_newlink+0x10/0x10
[  341.457200][T17138]  rtnetlink_rcv_msg+0x7d5/0xbe0
[  341.457213][T17138]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[  341.457224][T17138]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  341.457235][T17138]  ? __lock_acquire+0x6b5/0x2cf0
[  341.457255][T17138]  netlink_rcv_skb+0x232/0x4b0
[  341.457267][T17138]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  341.457279][T17138]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  341.457294][T17138]  ? netlink_deliver_tap+0x2e/0x1b0
[  341.457308][T17138]  netlink_unicast+0x80f/0x9b0
[  341.457328][T17138]  ? __pfx_netlink_unicast+0x10/0x10
[  341.457342][T17138]  ? __alloc_skb+0x193/0x390
[  341.457354][T17138]  ? netlink_sendmsg+0x650/0xb40
[  341.457363][T17138]  ? skb_put+0x11b/0x210
[  341.457376][T17138]  netlink_sendmsg+0x813/0xb40
[  341.457399][T17138]  ? __pfx_netlink_sendmsg+0x10/0x10
[  341.457411][T17138]  ? aa_sock_msg_perm+0xf1/0x1b0
[  341.457430][T17138]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  341.457443][T17138]  ? __pfx_netlink_sendmsg+0x10/0x10
[  341.457452][T17138]  ____sys_sendmsg+0xa68/0xad0
[  341.457466][T17138]  ? __might_fault+0xaf/0x130
[  341.457483][T17138]  ? __pfx_____sys_sendmsg+0x10/0x10
[  341.457501][T17138]  ? import_iovec+0x73/0xa0
[  341.457519][T17138]  ___sys_sendmsg+0x2a5/0x360
[  341.457531][T17138]  ? __lock_acquire+0x6b5/0x2cf0
[  341.457546][T17138]  ? __pfx____sys_sendmsg+0x10/0x10
[  341.457578][T17138]  ? __fget_files+0x2a/0x420
[  341.457588][T17138]  ? __fget_files+0x3a0/0x420
[  341.457604][T17138]  __x64_sys_sendmsg+0x1bd/0x2a0
[  341.457619][T17138]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  341.457637][T17138]  ? __pfx_ksys_write+0x10/0x10
[  341.457659][T17138]  do_syscall_64+0xe2/0xf80
[  341.457671][T17138]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.457680][T17138]  ? trace_irq_disable+0x37/0x100
[  341.457689][T17138]  ? clear_bhb_loop+0x60/0xb0
[  341.457701][T17138]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.457710][T17138] RIP: 0033:0x7f877979aeb9
[  341.457721][T17138] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  341.457730][T17138] RSP: 002b:00007f87779ee028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  341.457742][T17138] RAX: ffffffffffffffda RBX: 00007f8779a15fa0 RCX: 00007f877979aeb9
[  341.457749][T17138] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  341.457755][T17138] RBP: 00007f87779ee090 R08: 0000000000000000 R09: 0000000000000000
[  341.457761][T17138] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  341.457766][T17138] R13: 00007f8779a16038 R14: 00007f8779a15fa0 R15: 00007ffca6f8e5a8
[  341.457782][T17138]  </TASK>
[  341.904180][T17142] FAULT_INJECTION: forcing a failure.
[  341.904180][T17142] name failslab, interval 1, probability 0, space 0, times 0
[  341.920712][T17142] CPU: 1 UID: 0 PID: 17142 Comm: syz.6.3976 Not tainted syzkaller #0 PREEMPT(full) 
[  341.920737][T17142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  341.920747][T17142] Call Trace:
[  341.920754][T17142]  <TASK>
[  341.920762][T17142]  dump_stack_lvl+0xe8/0x150
[  341.920788][T17142]  should_fail_ex+0x412/0x560
[  341.920814][T17142]  should_failslab+0xa8/0x100
[  341.920836][T17142]  __kmalloc_noprof+0xde/0x7e0
[  341.920852][T17142]  ? rcu_is_watching+0x15/0xb0
[  341.920869][T17142]  ? security_sk_alloc+0x52/0x360
[  341.920897][T17142]  security_sk_alloc+0x52/0x360
[  341.920922][T17142]  sk_prot_alloc+0x101/0x210
[  341.920942][T17142]  ? sk_alloc+0x27/0x390
[  341.920963][T17142]  sk_alloc+0x3a/0x390
[  341.920986][T17142]  __netlink_create+0x65/0x260
[  341.921005][T17142]  ? __pfx_genl_release+0x10/0x10
[  341.921026][T17142]  netlink_create+0x3ca/0x590
[  341.921045][T17142]  ? __pfx_genl_unbind+0x10/0x10
[  341.921067][T17142]  ? __pfx_genl_bind+0x10/0x10
[  341.921089][T17142]  __sock_create+0x4b2/0x9d0
[  341.921117][T17142]  __sys_socket+0xd6/0x1b0
[  341.921138][T17142]  __x64_sys_socket+0x7a/0x90
[  341.921158][T17142]  do_syscall_64+0xe2/0xf80
[  341.921176][T17142]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.921193][T17142]  ? trace_irq_disable+0x37/0x100
[  341.921210][T17142]  ? clear_bhb_loop+0x60/0xb0
[  341.921229][T17142]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.921246][T17142] RIP: 0033:0x7f593659c747
[  341.921262][T17142] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  341.921277][T17142] RSP: 002b:00007f59374d4f98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029
[  341.921295][T17142] RAX: ffffffffffffffda RBX: 00007f5936816180 RCX: 00007f593659c747
[  341.921308][T17142] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  341.921319][T17142] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000
[  341.921330][T17142] R10: 00002000000000c0 R11: 0000000000000286 R12: 0000000000000001
[  341.921340][T17142] R13: 00007f5936816218 R14: 00007f5936816180 R15: 00007fff2ead2a18
[  341.921369][T17142]  </TASK>
[  342.257041][T17153] netlink: 32 bytes leftover after parsing attributes in process `syz.6.3981'.
[  342.358255][T17159] netlink: 76 bytes leftover after parsing attributes in process `syz.5.3980'.
[  342.467661][T17164] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3984'.
[  342.742581][T17176] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3990'.
[  342.785966][T17178] netlink: 'syz.1.3991': attribute type 2 has an invalid length.
[  342.795626][T17178] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3991'.
[  342.806542][T17179] netlink: 'syz.1.3991': attribute type 2 has an invalid length.
[  342.815173][T17179] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3991'.
[  342.920388][T17187] netlink: 'syz.1.3994': attribute type 11 has an invalid length.
[  342.939577][T17187] netlink: 64 bytes leftover after parsing attributes in process `syz.1.3994'.
[  343.116226][T17197] nbd: must specify at least one socket
[  343.160008][T17199] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3999'.
[  343.171574][T17199] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3999'.
[  343.328263][T17210] FAULT_INJECTION: forcing a failure.
[  343.328263][T17210] name failslab, interval 1, probability 0, space 0, times 0
[  343.343331][T17210] CPU: 1 UID: 0 PID: 17210 Comm: syz.2.4003 Not tainted syzkaller #0 PREEMPT(full) 
[  343.343358][T17210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  343.343369][T17210] Call Trace:
[  343.343376][T17210]  <TASK>
[  343.343384][T17210]  dump_stack_lvl+0xe8/0x150
[  343.343410][T17210]  should_fail_ex+0x412/0x560
[  343.343435][T17210]  should_failslab+0xa8/0x100
[  343.343467][T17210]  __kmalloc_noprof+0xde/0x7e0
[  343.343485][T17210]  ? tomoyo_encode+0x28b/0x550
[  343.343511][T17210]  tomoyo_encode+0x28b/0x550
[  343.343535][T17210]  tomoyo_realpath_from_path+0x58d/0x5d0
[  343.343555][T17210]  ? tomoyo_domain+0xd7/0x130
[  343.343575][T17210]  ? tomoyo_path_number_perm+0x219/0x630
[  343.343589][T17210]  tomoyo_path_number_perm+0x246/0x630
[  343.343605][T17210]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  343.343621][T17210]  ? sb_end_write+0xe9/0x1c0
[  343.343638][T17210]  ? vfs_write+0x9bc/0xb90
[  343.343683][T17210]  ? ksys_write+0x1fc/0x270
[  343.343707][T17210]  security_file_ioctl+0xc3/0x2a0
[  343.343724][T17210]  __se_sys_ioctl+0x47/0x170
[  343.343745][T17210]  do_syscall_64+0xe2/0xf80
[  343.343761][T17210]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  343.343775][T17210]  ? trace_irq_disable+0x37/0x100
[  343.343790][T17210]  ? clear_bhb_loop+0x60/0xb0
[  343.343808][T17210]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  343.343823][T17210] RIP: 0033:0x7f877979aeb9
[  343.343838][T17210] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  343.343850][T17210] RSP: 002b:00007f87779ee028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  343.343867][T17210] RAX: ffffffffffffffda RBX: 00007f8779a15fa0 RCX: 00007f877979aeb9
[  343.343878][T17210] RDX: 0000200000000040 RSI: 0000000000008b04 RDI: 0000000000000005
[  343.343888][T17210] RBP: 00007f87779ee090 R08: 0000000000000000 R09: 0000000000000000
[  343.343897][T17210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  343.343906][T17210] R13: 00007f8779a16038 R14: 00007f8779a15fa0 R15: 00007ffca6f8e5a8
[  343.343931][T17210]  </TASK>
[  343.343949][T17210] ERROR: Out of memory at tomoyo_realpath_from_path.
[  344.001278][T17245] nftables ruleset with unbound chain
[  344.164436][T17257] ipt_ECN: cannot use operation on non-tcp rule
[  344.480920][T17282] netlink: 'syz.5.4029': attribute type 1 has an invalid length.
[  344.515674][T17282] bond4: (slave gretap2): making interface the new active one
[  344.524967][T17282] bond4: (slave gretap2): Enslaving as an active interface with an up link
[  344.697532][T17294] openvswitch: netlink: IP tunnel dst address not specified
[  344.769097][T17297] netlink: 'syz.5.4033': attribute type 1 has an invalid length.
[  344.796602][T17297] 8021q: adding VLAN 0 to HW filter on device bond5
[  345.991553][T17362] syzkaller0: entered promiscuous mode
[  346.003040][T17362] syzkaller0: entered allmulticast mode
[  346.014037][T17362] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  346.087872][T17372] __nla_validate_parse: 12 callbacks suppressed
[  346.087893][T17372] netlink: 164 bytes leftover after parsing attributes in process `syz.2.4063'.
[  346.108685][T17373] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4062'.
[  346.141523][T17373] 8021q: adding VLAN 0 to HW filter on device bond6
[  346.243537][T17378] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4065'.
[  346.336305][T17373] bond6 (unregistering): Released all slaves
[  346.386873][T17383] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  346.532432][T17391] netlink: 'syz.1.4070': attribute type 12 has an invalid length.
[  346.672388][T17401] netlink: 104 bytes leftover after parsing attributes in process `syz.2.4073'.
[  346.838762][T17411] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4078'.
[  346.904429][T17418] lo: Caught tx_queue_len zero misconfig
[  346.914653][T17418] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4080'.
[  347.015187][T17422] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4080'.
[  347.024758][T17422] ip6tnl0: Caught tx_queue_len zero misconfig
[  347.055429][T17418] netlink: 'syz.5.4080': attribute type 8 has an invalid length.
[  347.071580][T17381] FAULT_INJECTION: forcing a failure.
[  347.071580][T17381] name fail_futex, interval 1, probability 0, space 0, times 1
[  347.103410][T17381] CPU: 0 UID: 0 PID: 17381 Comm: syz.6.4066 Not tainted syzkaller #0 PREEMPT(full) 
[  347.103436][T17381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  347.103446][T17381] Call Trace:
[  347.103453][T17381]  <TASK>
[  347.103461][T17381]  dump_stack_lvl+0xe8/0x150
[  347.103488][T17381]  should_fail_ex+0x412/0x560
[  347.103513][T17381]  get_futex_key+0x92a/0x1690
[  347.103545][T17381]  ? __pfx_get_futex_key+0x10/0x10
[  347.103577][T17381]  ? __pfx___mutex_trylock_common+0x10/0x10
[  347.103601][T17381]  futex_wake+0x114/0x580
[  347.103622][T17381]  ? __pfx_futex_wake+0x10/0x10
[  347.103641][T17381]  ? exit_mm_release+0x1a/0x30
[  347.103662][T17381]  do_futex+0x395/0x420
[  347.103689][T17381]  ? __might_fault+0xaf/0x130
[  347.103715][T17381]  ? __pfx_do_futex+0x10/0x10
[  347.103740][T17381]  ? __might_fault+0xaf/0x130
[  347.103764][T17381]  mm_release+0x103/0x290
[  347.103783][T17381]  exit_mm+0x51/0x220
[  347.103800][T17381]  ? unwind_deferred_task_exit+0x67/0xa0
[  347.103826][T17381]  do_exit+0x62e/0x2310
[  347.103850][T17381]  ? cgroup1_freezing+0x20/0x350
[  347.103874][T17381]  ? __pfx_do_exit+0x10/0x10
[  347.103894][T17381]  ? cgroup1_freezing+0x20/0x350
[  347.103915][T17381]  ? cgroup1_freezing+0x20/0x350
[  347.103949][T17381]  do_group_exit+0x21b/0x2d0
[  347.103966][T17381]  ? _raw_spin_unlock_irq+0x23/0x50
[  347.103984][T17381]  get_signal+0x1284/0x1330
[  347.104022][T17381]  arch_do_signal_or_restart+0xbc/0x830
[  347.104046][T17381]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  347.104069][T17381]  ? ksys_write+0x242/0x270
[  347.104097][T17381]  exit_to_user_mode_loop+0x86/0x480
[  347.104118][T17381]  ? rcu_is_watching+0x15/0xb0
[  347.104136][T17381]  do_syscall_64+0x2b7/0xf80
[  347.104152][T17381]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  347.104168][T17381]  ? trace_irq_disable+0x37/0x100
[  347.104182][T17381]  ? clear_bhb_loop+0x60/0xb0
[  347.104200][T17381]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  347.104215][T17381] RIP: 0033:0x7f593659aeb9
[  347.104229][T17381] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  347.104241][T17381] RSP: 002b:00007f59374f7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  347.104259][T17381] RAX: fffffffffffffe00 RBX: 00007f5936816090 RCX: 00007f593659aeb9
[  347.104271][T17381] RDX: 0000000000000001 RSI: 00002000000020c0 RDI: 0000000000000004
[  347.104281][T17381] RBP: 00007f59374f7090 R08: 0000000000000000 R09: 0000000000000000
[  347.104293][T17381] R10: 0000000000000811 R11: 0000000000000246 R12: 0000000000000001
[  347.104303][T17381] R13: 00007f5936816128 R14: 00007f5936816090 R15: 00007fff2ead2a18
[  347.104331][T17381]  </TASK>
[  347.397192][T17425] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4082'.
[  348.050839][T17468] netlink: 7 bytes leftover after parsing attributes in process `syz.2.4091'.
[  348.164920][T17471] netlink: 56 bytes leftover after parsing attributes in process `syz.1.4093'.
[  348.358572][T17480] FAULT_INJECTION: forcing a failure.
[  348.358572][T17480] name failslab, interval 1, probability 0, space 0, times 0
[  348.374566][T17480] CPU: 0 UID: 0 PID: 17480 Comm: syz.6.4097 Not tainted syzkaller #0 PREEMPT(full) 
[  348.374591][T17480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  348.374601][T17480] Call Trace:
[  348.374608][T17480]  <TASK>
[  348.374615][T17480]  dump_stack_lvl+0xe8/0x150
[  348.374643][T17480]  should_fail_ex+0x412/0x560
[  348.374663][T17480]  should_failslab+0xa8/0x100
[  348.374676][T17480]  kmem_cache_alloc_lru_noprof+0x8c/0x6c0
[  348.374692][T17480]  ? simple_start_creating+0xcc/0x110
[  348.374704][T17480]  ? alloc_inode+0x6a/0x1b0
[  348.374721][T17480]  ? __pfx_debugfs_alloc_inode+0x10/0x10
[  348.374741][T17480]  alloc_inode+0x6a/0x1b0
[  348.374759][T17480]  new_inode+0x22/0x170
[  348.374780][T17480]  __debugfs_create_file+0xb8/0x400
[  348.374808][T17480]  debugfs_create_file_full+0x3f/0x60
[  348.374822][T17480]  ref_tracker_dir_debugfs+0x197/0x360
[  348.374835][T17480]  ? __pfx_ref_tracker_dir_debugfs+0x10/0x10
[  348.374862][T17480]  ? trace_kmalloc+0x1f/0xb0
[  348.374869][T17480]  ? __kvmalloc_node_noprof+0x5ba/0x8d0
[  348.374882][T17480]  ? __raw_spin_lock_init+0x45/0x100
[  348.374895][T17480]  alloc_netdev_mqs+0x272/0x11b0
[  348.374910][T17480]  ? __pfx_ip6erspan_tap_setup+0x10/0x10
[  348.374928][T17480]  rtnl_create_link+0x31f/0xd70
[  348.374941][T17480]  rtnl_newlink_create+0x277/0xb70
[  348.374954][T17480]  ? __pfx___nla_validate_parse+0x10/0x10
[  348.374973][T17480]  ? __pfx_rtnl_newlink_create+0x10/0x10
[  348.374988][T17480]  ? __pfx___mutex_lock+0x10/0x10
[  348.375004][T17480]  ? ns_capable+0x89/0xe0
[  348.375015][T17480]  rtnl_newlink+0x1666/0x1be0
[  348.375040][T17480]  ? __pfx_rtnl_newlink+0x10/0x10
[  348.375052][T17480]  ? __lock_acquire+0x6b5/0x2cf0
[  348.375074][T17480]  ? __lock_acquire+0x6b5/0x2cf0
[  348.375088][T17480]  ? __lock_acquire+0x6b5/0x2cf0
[  348.375106][T17480]  ? unwind_next_frame+0xa5/0x23c0
[  348.375121][T17480]  ? unwind_next_frame+0xa5/0x23c0
[  348.375132][T17480]  ? is_bpf_text_address+0x26/0x2b0
[  348.375150][T17480]  ? __lock_acquire+0x6b5/0x2cf0
[  348.375165][T17480]  ? is_bpf_text_address+0x292/0x2b0
[  348.375175][T17480]  ? is_bpf_text_address+0x26/0x2b0
[  348.375188][T17480]  ? kernel_text_address+0xa5/0xe0
[  348.375200][T17480]  ? __kernel_text_address+0xd/0x30
[  348.375211][T17480]  ? unwind_get_return_address+0x4d/0x90
[  348.375226][T17480]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[  348.375244][T17480]  ? __pfx_rtnl_newlink+0x10/0x10
[  348.375255][T17480]  rtnetlink_rcv_msg+0x7d5/0xbe0
[  348.375268][T17480]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[  348.375279][T17480]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  348.375290][T17480]  ? __lock_acquire+0x6b5/0x2cf0
[  348.375311][T17480]  netlink_rcv_skb+0x232/0x4b0
[  348.375322][T17480]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  348.375334][T17480]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  348.375350][T17480]  ? netlink_deliver_tap+0x2e/0x1b0
[  348.375364][T17480]  netlink_unicast+0x80f/0x9b0
[  348.375383][T17480]  ? __pfx_netlink_unicast+0x10/0x10
[  348.375397][T17480]  ? __alloc_skb+0x193/0x390
[  348.375410][T17480]  ? netlink_sendmsg+0x650/0xb40
[  348.375419][T17480]  ? skb_put+0x11b/0x210
[  348.375432][T17480]  netlink_sendmsg+0x813/0xb40
[  348.375447][T17480]  ? __pfx_netlink_sendmsg+0x10/0x10
[  348.375459][T17480]  ? aa_sock_msg_perm+0xf1/0x1b0
[  348.375472][T17480]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  348.375484][T17480]  ? __pfx_netlink_sendmsg+0x10/0x10
[  348.375497][T17480]  ____sys_sendmsg+0xa68/0xad0
[  348.375511][T17480]  ? __might_fault+0xaf/0x130
[  348.375529][T17480]  ? __pfx_____sys_sendmsg+0x10/0x10
[  348.375550][T17480]  ? import_iovec+0x73/0xa0
[  348.375567][T17480]  ___sys_sendmsg+0x2a5/0x360
[  348.375579][T17480]  ? __lock_acquire+0x6b5/0x2cf0
[  348.375595][T17480]  ? __pfx____sys_sendmsg+0x10/0x10
[  348.375626][T17480]  ? __fget_files+0x2a/0x420
[  348.375637][T17480]  ? __fget_files+0x3a0/0x420
[  348.375653][T17480]  __x64_sys_sendmsg+0x1bd/0x2a0
[  348.375667][T17480]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  348.375692][T17480]  ? __pfx_ksys_write+0x10/0x10
[  348.375725][T17480]  do_syscall_64+0xe2/0xf80
[  348.375743][T17480]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  348.375754][T17480]  ? trace_irq_disable+0x37/0x100
[  348.375763][T17480]  ? clear_bhb_loop+0x60/0xb0
[  348.375776][T17480]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  348.375787][T17480] RIP: 0033:0x7f593659aeb9
[  348.375798][T17480] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  348.375806][T17480] RSP: 002b:00007f5937518028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  348.375823][T17480] RAX: ffffffffffffffda RBX: 00007f5936815fa0 RCX: 00007f593659aeb9
[  348.375835][T17480] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  348.375845][T17480] RBP: 00007f5937518090 R08: 0000000000000000 R09: 0000000000000000
[  348.375855][T17480] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  348.375866][T17480] R13: 00007f5936816038 R14: 00007f5936815fa0 R15: 00007fff2ead2a18
[  348.375890][T17480]  </TASK>
[  348.375916][T17480] debugfs: out of free dentries, can not create file 'netdev@ffff88804be92618'
[  348.937525][T17489] smc: net device wlan0 applied user defined pnetid SYZ0
[  349.499800][T17522] netlink: 'syz.1.4114': attribute type 1 has an invalid length.
[  349.976740][T17540] FAULT_INJECTION: forcing a failure.
[  349.976740][T17540] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  349.993038][T17540] CPU: 1 UID: 0 PID: 17540 Comm: syz.2.4120 Not tainted syzkaller #0 PREEMPT(full) 
[  349.993065][T17540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  349.993075][T17540] Call Trace:
[  349.993083][T17540]  <TASK>
[  349.993091][T17540]  dump_stack_lvl+0xe8/0x150
[  349.993118][T17540]  should_fail_ex+0x412/0x560
[  349.993144][T17540]  _copy_from_iter+0x1d3/0x1670
[  349.993171][T17540]  ? trace_kmem_cache_alloc+0x1f/0xb0
[  349.993198][T17540]  ? __pfx__copy_from_iter+0x10/0x10
[  349.993219][T17540]  ? __build_skb_around+0x22d/0x3c0
[  349.993241][T17540]  ? __alloc_skb+0x193/0x390
[  349.993259][T17540]  ? netlink_sendmsg+0x650/0xb40
[  349.993277][T17540]  ? skb_put+0x11b/0x210
[  349.993299][T17540]  netlink_sendmsg+0x6c0/0xb40
[  349.993326][T17540]  ? __pfx_netlink_sendmsg+0x10/0x10
[  349.993347][T17540]  ? aa_sock_msg_perm+0xf1/0x1b0
[  349.993369][T17540]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  349.993389][T17540]  ? __pfx_netlink_sendmsg+0x10/0x10
[  349.993412][T17540]  ____sys_sendmsg+0xa68/0xad0
[  349.993432][T17540]  ? __might_fault+0xaf/0x130
[  349.993458][T17540]  ? __pfx_____sys_sendmsg+0x10/0x10
[  349.993484][T17540]  ? import_iovec+0x73/0xa0
[  349.993507][T17540]  ___sys_sendmsg+0x2a5/0x360
[  349.993524][T17540]  ? __lock_acquire+0x6b5/0x2cf0
[  349.993548][T17540]  ? __pfx____sys_sendmsg+0x10/0x10
[  349.993597][T17540]  ? __fget_files+0x2a/0x420
[  349.993612][T17540]  ? __fget_files+0x3a0/0x420
[  349.993627][T17540]  __x64_sys_sendmsg+0x1bd/0x2a0
[  349.993642][T17540]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  349.993659][T17540]  ? __pfx_ksys_write+0x10/0x10
[  349.993680][T17540]  do_syscall_64+0xe2/0xf80
[  349.993691][T17540]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.993701][T17540]  ? trace_irq_disable+0x37/0x100
[  349.993710][T17540]  ? clear_bhb_loop+0x60/0xb0
[  349.993722][T17540]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.993731][T17540] RIP: 0033:0x7f877979aeb9
[  349.993742][T17540] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  349.993750][T17540] RSP: 002b:00007f87779ee028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  349.993761][T17540] RAX: ffffffffffffffda RBX: 00007f8779a15fa0 RCX: 00007f877979aeb9
[  349.993768][T17540] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003
[  349.993774][T17540] RBP: 00007f87779ee090 R08: 0000000000000000 R09: 0000000000000000
[  349.993780][T17540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  349.993785][T17540] R13: 00007f8779a16038 R14: 00007f8779a15fa0 R15: 00007ffca6f8e5a8
[  349.993800][T17540]  </TASK>
[  350.559977][T17558] netlink: ct family unspecified
[  351.208433][T17571] __nla_validate_parse: 8 callbacks suppressed
[  351.208456][T17571] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4133'.
[  351.458873][T17578] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4136'.
[  351.669457][T17586] syzkaller0: entered promiscuous mode
[  351.681463][T17586] syzkaller0: entered allmulticast mode
[  352.007077][T17606] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4145'.
[  352.158340][T17612] netlink: 60 bytes leftover after parsing attributes in process `syz.5.4147'.
[  352.183773][T17612] netlink: 60 bytes leftover after parsing attributes in process `syz.5.4147'.
[  352.562147][T17635] syzkaller0: entered promiscuous mode
[  352.571352][T17634] xt_SECMARK: invalid mode: 9
[  352.576500][T17635] syzkaller0: entered allmulticast mode
[  352.784638][T17642] syzkaller0: entered promiscuous mode
[  352.790235][T17642] syzkaller0: entered allmulticast mode
[  353.168023][T17656] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4162'.
[  354.879488][T17649] erspan0: entered promiscuous mode
[  354.884959][T17649] erspan0: entered allmulticast mode
[  354.955197][T17662] FAULT_INJECTION: forcing a failure.
[  354.955197][T17662] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  354.987773][T17662] CPU: 1 UID: 0 PID: 17662 Comm: syz.1.4167 Not tainted syzkaller #0 PREEMPT(full) 
[  354.987799][T17662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  354.987810][T17662] Call Trace:
[  354.987817][T17662]  <TASK>
[  354.987825][T17662]  dump_stack_lvl+0xe8/0x150
[  354.987852][T17662]  should_fail_ex+0x412/0x560
[  354.987877][T17662]  _copy_from_iter+0x1d3/0x1670
[  354.987906][T17662]  ? trace_kmem_cache_alloc+0x1f/0xb0
[  354.987930][T17662]  ? __pfx__copy_from_iter+0x10/0x10
[  354.987951][T17662]  ? __build_skb_around+0x22d/0x3c0
[  354.987974][T17662]  ? __alloc_skb+0x193/0x390
[  354.987991][T17662]  ? netlink_sendmsg+0x650/0xb40
[  354.988005][T17662]  ? skb_put+0x11b/0x210
[  354.988024][T17662]  netlink_sendmsg+0x6c0/0xb40
[  354.988048][T17662]  ? __pfx_netlink_sendmsg+0x10/0x10
[  354.988079][T17662]  ? aa_sock_msg_perm+0xf1/0x1b0
[  354.988100][T17662]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  354.988117][T17662]  ? __pfx_netlink_sendmsg+0x10/0x10
[  354.988133][T17662]  ____sys_sendmsg+0xa68/0xad0
[  354.988154][T17662]  ? __might_fault+0xaf/0x130
[  354.988180][T17662]  ? __pfx_____sys_sendmsg+0x10/0x10
[  354.988204][T17662]  ? import_iovec+0x73/0xa0
[  354.988227][T17662]  ___sys_sendmsg+0x2a5/0x360
[  354.988246][T17662]  ? __lock_acquire+0x6b5/0x2cf0
[  354.988270][T17662]  ? __pfx____sys_sendmsg+0x10/0x10
[  354.988319][T17662]  ? __fget_files+0x2a/0x420
[  354.988336][T17662]  ? __fget_files+0x3a0/0x420
[  354.988362][T17662]  __x64_sys_sendmsg+0x1bd/0x2a0
[  354.988387][T17662]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  354.988417][T17662]  ? __pfx_ksys_write+0x10/0x10
[  354.988450][T17662]  do_syscall_64+0xe2/0xf80
[  354.988467][T17662]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  354.988482][T17662]  ? trace_irq_disable+0x37/0x100
[  354.988498][T17662]  ? clear_bhb_loop+0x60/0xb0
[  354.988517][T17662]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  354.988534][T17662] RIP: 0033:0x7f439c19aeb9
[  354.988550][T17662] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  354.988563][T17662] RSP: 002b:00007f439cf93028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  354.988582][T17662] RAX: ffffffffffffffda RBX: 00007f439c415fa0 RCX: 00007f439c19aeb9
[  354.988595][T17662] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003
[  354.988605][T17662] RBP: 00007f439cf93090 R08: 0000000000000000 R09: 0000000000000000
[  354.988616][T17662] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  354.988626][T17662] R13: 00007f439c416038 R14: 00007f439c415fa0 R15: 00007ffc8c0b4f68
[  354.988654][T17662]  </TASK>
[  355.350947][T17669] netlink: 'syz.6.4172': attribute type 1 has an invalid length.
[  355.400633][T17669] 8021q: adding VLAN 0 to HW filter on device bond2
[  355.422076][T17669] bond2: (slave geneve2): making interface the new active one
[  355.431266][T17669] bond2: (slave geneve2): Enslaving as an active interface with an up link
[  355.440196][ T7782] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  355.462053][ T7782] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  355.519931][T17673] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4171'.
[  355.542285][ T7782] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  355.607915][ T7782] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  355.772879][T17692] netlink: 'syz.2.4179': attribute type 10 has an invalid length.
[  356.646685][T17741] FAULT_INJECTION: forcing a failure.
[  356.646685][T17741] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  356.662203][T17741] CPU: 1 UID: 0 PID: 17741 Comm: syz.6.4196 Not tainted syzkaller #0 PREEMPT(full) 
[  356.662230][T17741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  356.662240][T17741] Call Trace:
[  356.662247][T17741]  <TASK>
[  356.662255][T17741]  dump_stack_lvl+0xe8/0x150
[  356.662283][T17741]  should_fail_ex+0x412/0x560
[  356.662308][T17741]  _copy_from_user+0x2d/0xb0
[  356.662333][T17741]  kstrtouint_from_user+0xd6/0x180
[  356.662356][T17741]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  356.662394][T17741]  proc_fail_nth_write+0x8e/0x210
[  356.662418][T17741]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  356.662446][T17741]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  356.662471][T17741]  vfs_write+0x29a/0xb90
[  356.662502][T17741]  ? __pfx_vfs_write+0x10/0x10
[  356.662526][T17741]  ? __fget_files+0x2a/0x420
[  356.662549][T17741]  ? __fget_files+0x3a0/0x420
[  356.662565][T17741]  ? __fget_files+0x2a/0x420
[  356.662592][T17741]  ksys_write+0x150/0x270
[  356.662616][T17741]  ? __pfx_ksys_write+0x10/0x10
[  356.662650][T17741]  do_syscall_64+0xe2/0xf80
[  356.662668][T17741]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.662684][T17741]  ? trace_irq_disable+0x37/0x100
[  356.662702][T17741]  ? clear_bhb_loop+0x60/0xb0
[  356.662723][T17741]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.662739][T17741] RIP: 0033:0x7f593655b78e
[  356.662755][T17741] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  356.662770][T17741] RSP: 002b:00007f5937517fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  356.662788][T17741] RAX: ffffffffffffffda RBX: 00007f59375186c0 RCX: 00007f593655b78e
[  356.662801][T17741] RDX: 0000000000000001 RSI: 00007f59375180a0 RDI: 0000000000000004
[  356.662812][T17741] RBP: 00007f5937518090 R08: 0000000000000000 R09: 0000000000000000
[  356.662822][T17741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  356.662832][T17741] R13: 00007f5936816038 R14: 00007f5936815fa0 R15: 00007fff2ead2a18
[  356.662861][T17741]  </TASK>
[  357.060365][T17752] bridge_slave_0: Caught tx_queue_len zero misconfig
[  357.181335][T17757] IPVS: set_ctl: invalid protocol: 41 0.0.0.0:20001
[  357.190997][T17757] syzkaller0: left promiscuous mode
[  357.197769][T17757] syzkaller0: left allmulticast mode
[  357.206092][T17757] tipc: Resetting bearer <eth:syzkaller0>
[  357.208663][T17761] netlink: 24 bytes leftover after parsing attributes in process `syz.6.4204'.
[  357.226504][T17757] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4205'.
[  357.336341][T17768] netlink: 'syz.1.4208': attribute type 1 has an invalid length.
[  357.607104][T17791] netlink: 7 bytes leftover after parsing attributes in process `syz.5.4215'.
[  357.706492][T17797] syzkaller0: entered promiscuous mode
[  357.716073][T17797] syzkaller0: entered allmulticast mode
[  357.936556][T17806] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.4222'.
[  358.126688][T17815] netlink: 212328 bytes leftover after parsing attributes in process `syz.5.4226'.
[  358.325192][T17829] openvswitch: netlink: IP tunnel dst address not specified
[  358.501509][T17842] netlink: 104 bytes leftover after parsing attributes in process `syz.6.4232'.
[  358.564611][T17845] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  358.690851][T17847] syzkaller0: entered promiscuous mode
[  358.696821][T17847] syzkaller0: entered allmulticast mode
[  360.384396][T17872] netlink: 'syz.5.4240': attribute type 10 has an invalid length.
[  361.376495][T17870] sch_fq: defrate 0 ignored.
[  361.686944][T17885] openvswitch: netlink: IP tunnel dst address not specified
[  361.901541][T17901] netlink: 'syz.2.4252': attribute type 4 has an invalid length.
[  361.929296][T17901] netlink: 'syz.2.4252': attribute type 4 has an invalid length.
[  362.338570][T17926] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4261'.
[  362.359017][T17925] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4261'.
[  362.435472][T17931] ieee802154 phy0 wpan0: encryption failed: -22
[  362.444874][T17931] netlink: 'syz.2.4263': attribute type 1 has an invalid length.
[  362.469773][T17931] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4263'.
[  362.589943][T17939] FAULT_INJECTION: forcing a failure.
[  362.589943][T17939] name failslab, interval 1, probability 0, space 0, times 0
[  362.607693][T17939] CPU: 1 UID: 0 PID: 17939 Comm: syz.1.4267 Not tainted syzkaller #0 PREEMPT(full) 
[  362.607726][T17939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  362.607743][T17939] Call Trace:
[  362.607751][T17939]  <TASK>
[  362.607760][T17939]  dump_stack_lvl+0xe8/0x150
[  362.607793][T17939]  should_fail_ex+0x412/0x560
[  362.607821][T17939]  should_failslab+0xa8/0x100
[  362.607845][T17939]  __kmalloc_cache_noprof+0x83/0x6e0
[  362.607864][T17939]  ? sctp_add_bind_addr+0x8c/0x370
[  362.607888][T17939]  sctp_add_bind_addr+0x8c/0x370
[  362.607909][T17939]  sctp_copy_local_addr_list+0x314/0x4f0
[  362.607931][T17939]  ? sctp_copy_local_addr_list+0xa4/0x4f0
[  362.607948][T17939]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  362.607966][T17939]  ? sctp_v6_is_any+0x64/0x80
[  362.607988][T17939]  ? sctp_copy_one_addr+0x93/0x360
[  362.608009][T17939]  sctp_bind_addr_copy+0xb3/0x3c0
[  362.608028][T17939]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  362.608056][T17939]  sctp_connect_new_asoc+0x2ff/0x6b0
[  362.608080][T17939]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  362.608107][T17939]  ? __local_bh_enable_ip+0xd0/0x130
[  362.608122][T17939]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  362.608140][T17939]  ? security_sctp_bind_connect+0x7e/0x2c0
[  362.608162][T17939]  sctp_sendmsg+0x1528/0x2c10
[  362.608196][T17939]  ? __pfx_sctp_sendmsg+0x10/0x10
[  362.608214][T17939]  ? aa_sk_perm+0x15a/0x960
[  362.608236][T17939]  ? aa_sk_perm+0x82d/0x960
[  362.608253][T17939]  ? __might_fault+0xaf/0x130
[  362.608284][T17939]  ? __pfx_aa_sk_perm+0x10/0x10
[  362.608306][T17939]  ? sock_rps_record_flow+0x19/0x400
[  362.608333][T17939]  ? inet_sendmsg+0x2f4/0x370
[  362.608358][T17939]  __sys_sendto+0x627/0x7a0
[  362.608383][T17939]  ? __pfx___sys_sendto+0x10/0x10
[  362.608400][T17939]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  362.608441][T17939]  ? __fget_files+0x3a0/0x420
[  362.608472][T17939]  ? ksys_write+0x242/0x270
[  362.608499][T17939]  ? __pfx_ksys_write+0x10/0x10
[  362.608526][T17939]  __x64_sys_sendto+0xde/0x100
[  362.608550][T17939]  do_syscall_64+0xe2/0xf80
[  362.608565][T17939]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  362.608581][T17939]  ? trace_irq_disable+0x37/0x100
[  362.608595][T17939]  ? clear_bhb_loop+0x60/0xb0
[  362.608613][T17939]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  362.608635][T17939] RIP: 0033:0x7f439c19aeb9
[  362.608653][T17939] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  362.608666][T17939] RSP: 002b:00007f439cf93028 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  362.608682][T17939] RAX: ffffffffffffffda RBX: 00007f439c415fa0 RCX: 00007f439c19aeb9
[  362.608692][T17939] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000003
[  362.608701][T17939] RBP: 00007f439cf93090 R08: 0000200000000080 R09: 000000000000001c
[  362.608710][T17939] R10: 0000000000000051 R11: 0000000000000246 R12: 0000000000000002
[  362.608719][T17939] R13: 00007f439c416038 R14: 00007f439c415fa0 R15: 00007ffc8c0b4f68
[  362.608753][T17939]  </TASK>
[  363.200545][T17951] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4271'.
[  363.222476][T17954] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4271'.
[  363.593321][T17967] netlink: 104 bytes leftover after parsing attributes in process `syz.1.4277'.
[  363.929581][T17980] xt_CT: You must specify a L4 protocol and not use inversions on it
[  363.943055][T17985] netlink: 212368 bytes leftover after parsing attributes in process `syz.5.4284'.
[  364.179977][T17992] delete_channel: no stack
[  364.656819][T18017] netlink: 104 bytes leftover after parsing attributes in process `syz.1.4295'.
[  364.670057][T18020] openvswitch: netlink: IP tunnel dst address not specified
[  364.702512][T18019] netdevsim netdevsim5 netdevsim0: IPsec offload requires 128 bit authentication
[  364.912134][T18030] syzkaller1: entered promiscuous mode
[  364.918934][T18030] syzkaller1: entered allmulticast mode
[  364.947644][   T30] audit: type=1107 audit(1770346083.509:3): pid=18031 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='C�KJNgV� �LY���)��'
[  364.983717][T18032] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4302'.
[  365.169010][T18042] netlink: 'syz.5.4305': attribute type 1 has an invalid length.
[  365.200713][T18042] 8021q: adding VLAN 0 to HW filter on device bond6
[  365.433926][T18053] openvswitch: netlink: IP tunnel dst address not specified
[  366.005971][T18074] openvswitch: netlink: VXLAN extension message has 4 unknown bytes.
[  366.191612][T18078] openvswitch: netlink: IP tunnel dst address not specified
[  366.395146][T18087] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4321'.
[  366.893651][T18113] netlink: 'syz.2.4332': attribute type 1 has an invalid length.
[  366.943691][T18113] bond2: entered promiscuous mode
[  366.966712][T18113] bond2: entered allmulticast mode
[  366.972522][T18113] 8021q: adding VLAN 0 to HW filter on device bond2
[  366.980154][T18120] team0: No ports can be present during mode change
[  366.989195][T18120] FAULT_INJECTION: forcing a failure.
[  366.989195][T18120] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  367.002666][T18120] CPU: 1 UID: 0 PID: 18120 Comm: syz.6.4334 Not tainted syzkaller #0 PREEMPT(full) 
[  367.002690][T18120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  367.002701][T18120] Call Trace:
[  367.002714][T18120]  <TASK>
[  367.002721][T18120]  dump_stack_lvl+0xe8/0x150
[  367.002751][T18120]  should_fail_ex+0x412/0x560
[  367.002778][T18120]  _copy_from_user+0x2d/0xb0
[  367.002802][T18120]  ___sys_sendmsg+0x1c6/0x360
[  367.002825][T18120]  ? __lock_acquire+0x6b5/0x2cf0
[  367.002850][T18120]  ? __pfx____sys_sendmsg+0x10/0x10
[  367.002911][T18120]  ? __fget_files+0x2a/0x420
[  367.002930][T18120]  ? __fget_files+0x3a0/0x420
[  367.002956][T18120]  __x64_sys_sendmsg+0x1bd/0x2a0
[  367.002979][T18120]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  367.003006][T18120]  ? __pfx_ksys_write+0x10/0x10
[  367.003041][T18120]  do_syscall_64+0xe2/0xf80
[  367.003060][T18120]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.003077][T18120]  ? trace_irq_disable+0x37/0x100
[  367.003102][T18120]  ? clear_bhb_loop+0x60/0xb0
[  367.003123][T18120]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.003139][T18120] RIP: 0033:0x7f593659aeb9
[  367.003156][T18120] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  367.003171][T18120] RSP: 002b:00007f5937518028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  367.003190][T18120] RAX: ffffffffffffffda RBX: 00007f5936815fa0 RCX: 00007f593659aeb9
[  367.003202][T18120] RDX: 0000000000000800 RSI: 0000200000000600 RDI: 0000000000000006
[  367.003214][T18120] RBP: 00007f5937518090 R08: 0000000000000000 R09: 0000000000000000
[  367.003224][T18120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  367.003235][T18120] R13: 00007f5936816038 R14: 00007f5936815fa0 R15: 00007fff2ead2a18
[  367.003263][T18120]  </TASK>
[  367.327345][T18129] netlink: 'syz.2.4337': attribute type 1 has an invalid length.
[  367.350558][T18129] __nla_validate_parse: 4 callbacks suppressed
[  367.350574][T18129] netlink: 280 bytes leftover after parsing attributes in process `syz.2.4337'.
[  367.424814][T18133] netlink: 32 bytes leftover after parsing attributes in process `syz.6.4339'.
[  367.461758][T18134] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4337'.
[  367.521123][T18136] FAULT_INJECTION: forcing a failure.
[  367.521123][T18136] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  367.539938][T18136] CPU: 0 UID: 0 PID: 18136 Comm: syz.6.4340 Not tainted syzkaller #0 PREEMPT(full) 
[  367.539963][T18136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  367.539972][T18136] Call Trace:
[  367.539980][T18136]  <TASK>
[  367.539987][T18136]  dump_stack_lvl+0xe8/0x150
[  367.540011][T18136]  should_fail_ex+0x412/0x560
[  367.540033][T18136]  _copy_from_user+0x2d/0xb0
[  367.540054][T18136]  ____sys_sendmsg+0x334/0xad0
[  367.540081][T18136]  ? __pfx_____sys_sendmsg+0x10/0x10
[  367.540108][T18136]  ? import_iovec+0x73/0xa0
[  367.540134][T18136]  ___sys_sendmsg+0x2a5/0x360
[  367.540152][T18136]  ? __lock_acquire+0x6b5/0x2cf0
[  367.540174][T18136]  ? __pfx____sys_sendmsg+0x10/0x10
[  367.540224][T18136]  ? __fget_files+0x2a/0x420
[  367.540240][T18136]  ? __fget_files+0x3a0/0x420
[  367.540263][T18136]  __x64_sys_sendmsg+0x1bd/0x2a0
[  367.540284][T18136]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  367.540311][T18136]  ? __pfx_ksys_write+0x10/0x10
[  367.540342][T18136]  do_syscall_64+0xe2/0xf80
[  367.540359][T18136]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.540376][T18136]  ? trace_irq_disable+0x37/0x100
[  367.540392][T18136]  ? clear_bhb_loop+0x60/0xb0
[  367.540410][T18136]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.540424][T18136] RIP: 0033:0x7f593659aeb9
[  367.540440][T18136] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  367.540454][T18136] RSP: 002b:00007f5937518028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  367.540473][T18136] RAX: ffffffffffffffda RBX: 00007f5936815fa0 RCX: 00007f593659aeb9
[  367.540484][T18136] RDX: 922bac8556bdad8e RSI: 0000200000000080 RDI: 0000000000000003
[  367.540494][T18136] RBP: 00007f5937518090 R08: 0000000000000000 R09: 0000000000000000
[  367.540503][T18136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  367.540512][T18136] R13: 00007f5936816038 R14: 00007f5936815fa0 R15: 00007fff2ead2a18
[  367.540538][T18136]  </TASK>
[  367.837026][T18142] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4343'.
[  367.864891][T18144] netlink: 'syz.5.4344': attribute type 15 has an invalid length.
[  367.891560][T18144] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4344'.
[  367.945737][T18144] netlink: 'syz.5.4344': attribute type 15 has an invalid length.
[  367.946435][ T7776] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 2816 - 0
[  367.973770][T18144] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4344'.
[  367.974415][ T7776] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 2816 - 0
[  367.991701][ T7776] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 2816 - 0
[  368.002640][ T7776] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 2816 - 0
[  368.138249][T18153] netlink: 'syz.6.4347': attribute type 10 has an invalid length.
[  368.153805][T18153] netlink: 'syz.6.4347': attribute type 10 has an invalid length.
[  368.162500][T18153] netlink: 'syz.6.4347': attribute type 10 has an invalid length.
[  368.186386][T18153] netlink: 'syz.6.4347': attribute type 10 has an invalid length.
[  368.202080][T18154] workqueue: Failed to create a rescuer kthread for wq "nfc3_nci_tx_wq": -EINTR
[  368.388120][T18178] FAULT_INJECTION: forcing a failure.
[  368.388120][T18178] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  368.418882][T18178] CPU: 1 UID: 0 PID: 18178 Comm: syz.2.4350 Not tainted syzkaller #0 PREEMPT(full) 
[  368.418907][T18178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  368.418917][T18178] Call Trace:
[  368.418930][T18178]  <TASK>
[  368.418938][T18178]  dump_stack_lvl+0xe8/0x150
[  368.418964][T18178]  should_fail_ex+0x412/0x560
[  368.418987][T18178]  _copy_to_user+0x31/0xb0
[  368.419012][T18178]  simple_read_from_buffer+0xe1/0x170
[  368.419033][T18178]  proc_fail_nth_read+0x1bb/0x230
[  368.419058][T18178]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  368.419082][T18178]  ? rw_verify_area+0x2a6/0x4d0
[  368.419106][T18178]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  368.419129][T18178]  vfs_read+0x20c/0xa70
[  368.419149][T18178]  ? fdget_pos+0x246/0x320
[  368.419170][T18178]  ? __pfx___mutex_lock+0x10/0x10
[  368.419190][T18178]  ? __pfx_vfs_read+0x10/0x10
[  368.419212][T18178]  ? __fget_files+0x2a/0x420
[  368.419232][T18178]  ? __fget_files+0x3a0/0x420
[  368.419248][T18178]  ? __fget_files+0x2a/0x420
[  368.419273][T18178]  ksys_read+0x150/0x270
[  368.419296][T18178]  ? __pfx_ksys_read+0x10/0x10
[  368.419329][T18178]  do_syscall_64+0xe2/0xf80
[  368.419347][T18178]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  368.419363][T18178]  ? trace_irq_disable+0x37/0x100
[  368.419380][T18178]  ? clear_bhb_loop+0x60/0xb0
[  368.419400][T18178]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  368.419415][T18178] RIP: 0033:0x7f877975b78e
[  368.419434][T18178] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  368.419449][T18178] RSP: 002b:00007f87779ccfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  368.419467][T18178] RAX: ffffffffffffffda RBX: 00007f87779cd6c0 RCX: 00007f877975b78e
[  368.419479][T18178] RDX: 000000000000000f RSI: 00007f87779cd0a0 RDI: 0000000000000005
[  368.419489][T18178] RBP: 00007f87779cd090 R08: 0000000000000000 R09: 0000000000000000
[  368.419499][T18178] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  368.419509][T18178] R13: 00007f8779a16128 R14: 00007f8779a16090 R15: 00007ffca6f8e5a8
[  368.419541][T18178]  </TASK>
[  368.679942][T18181] netlink: 'syz.6.4353': attribute type 1 has an invalid length.
[  369.085380][T18202] netlink: 80 bytes leftover after parsing attributes in process `syz.5.4362'.
[  369.409356][T18224] netlink: 348 bytes leftover after parsing attributes in process `syz.1.4368'.
[  369.461538][T18224] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4368'.
[  369.548063][T18224] netlink: 104 bytes leftover after parsing attributes in process `syz.1.4368'.
[  371.404183][   T31] INFO: task syz.4.2057:12253 blocked for more than 143 seconds.
[  371.413239][   T31]       Not tainted syzkaller #0
[  371.418719][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  371.430041][   T31] task:syz.4.2057      state:D stack:27376 pid:12253 tgid:12252 ppid:5832   task_flags:0x400140 flags:0x00080002
[  371.442424][   T31] Call Trace:
[  371.446098][   T31]  <TASK>
[  371.449213][   T31]  __schedule+0x14ea/0x5050
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=-1 (errno 104: Connection reset by peer)
[  371.454323][   T31]  ? __pfx___schedule+0x10/0x10
[  371.460350][   T31]  ? schedule+0x90/0x360
[  371.465745][   T31]  schedule+0x164/0x360
[  371.470225][   T31]  schedule_preempt_disabled+0x13/0x30
[  371.476542][   T31]  __mutex_lock+0x7fe/0x1300
[  371.481440][   T31]  ? __x64_sys_sendmsg+0x1bd/0x2a0
[  371.487216][   T31]  ? __mutex_lock+0x5ac/0x1300
[  371.492208][   T31]  ? nfsd_nl_version_set_doit+0xcd/0x7a0
[  371.498202][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  371.503586][   T31]  ? irqentry_exit+0x59c/0x620
[  371.508404][   T31]  nfsd_nl_version_set_doit+0xcd/0x7a0
[  371.514208][   T31]  ? __pfx_nfsd_nl_version_set_doit+0x10/0x10
[  371.520327][   T31]  ? __pfx_nfsd_nl_version_set_doit+0x10/0x10
[  371.526659][   T31]  genl_family_rcv_msg_doit+0x22a/0x330
[  371.583084][   T31]  ? __asan_memcpy+0x40/0x70
[  371.588093][   T31]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  371.623005][   T31]  ? bpf_lsm_capable+0x9/0x20
[  371.627841][   T31]  ? security_capable+0x7e/0x2c0
[  371.632829][   T31]  genl_rcv_msg+0x61c/0x7a0
[  371.673160][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[  371.678335][   T31]  ? __pfx_nfsd_nl_version_set_doit+0x10/0x10
[  371.703117][   T31]  netlink_rcv_skb+0x232/0x4b0
[  371.707961][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[  371.713582][   T31]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  371.718928][   T31]  ? genl_rcv+0x19/0x40
[  371.724308][   T31]  ? down_read+0x272/0x2e0
[  371.728783][   T31]  ? genl_rcv+0xd/0x40
[  371.732893][   T31]  genl_rcv+0x28/0x40
[  371.738144][   T31]  netlink_unicast+0x80f/0x9b0
[  371.743534][   T31]  ? __pfx_netlink_unicast+0x10/0x10
[  371.748990][   T31]  ? __alloc_skb+0x193/0x390
[  371.758944][   T31]  ? netlink_sendmsg+0x650/0xb40
[  371.766705][   T31]  ? skb_put+0x11b/0x210
[  371.771178][   T31]  netlink_sendmsg+0x813/0xb40
[  371.776577][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  371.782083][   T31]  ? aa_sock_msg_perm+0xf1/0x1b0
[  371.788317][   T31]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  371.794214][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  371.799994][   T31]  ____sys_sendmsg+0xa68/0xad0
[  371.805230][   T31]  ? __might_fault+0xaf/0x130
[  371.809953][   T31]  ? __pfx_____sys_sendmsg+0x10/0x10
[  371.816370][   T31]  ? import_iovec+0x73/0xa0
[  371.821033][   T31]  ___sys_sendmsg+0x2a5/0x360
[  371.826417][   T31]  ? __lock_acquire+0x6b5/0x2cf0
[  371.831395][   T31]  ? __pfx____sys_sendmsg+0x10/0x10
[  371.853107][   T31]  ? futex_wait+0x29a/0x380
[  371.857940][   T31]  ? __fget_files+0x2a/0x420
[  371.862581][   T31]  ? __fget_files+0x3a0/0x420
[  371.883104][   T31]  __x64_sys_sendmsg+0x1bd/0x2a0
[  371.888311][   T31]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  371.920384][   T31]  ? rcu_is_watching+0x15/0xb0
[  371.925903][   T31]  do_syscall_64+0xe2/0xf80
[  371.930614][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  371.937174][   T31]  ? trace_irq_disable+0x37/0x100
[  371.942564][   T31]  ? clear_bhb_loop+0x60/0xb0
[  371.947658][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  371.953676][   T31] RIP: 0033:0x7f972399aeb9
[  371.958199][   T31] RSP: 002b:00007f9724859028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  371.967370][   T31] RAX: ffffffffffffffda RBX: 00007f9723c15fa0 RCX: 00007f972399aeb9
[  371.976416][   T31] RDX: 0000000004008090 RSI: 0000200000000140 RDI: 0000000000000003
[  371.985099][   T31] RBP: 00007f9723a08c1f R08: 0000000000000000 R09: 0000000000000000
[  371.993618][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  372.001741][   T31] R13: 00007f9723c16038 R14: 00007f9723c15fa0 R15: 00007ffcbe1f8b88
[  372.010637][   T31]  </TASK>
[  372.014106][   T31] 
[  372.014106][   T31] Showing all locks held in the system:
[  372.021899][   T31] 4 locks held by kworker/0:1/10:
[  372.027956][   T31] 1 lock held by khungtaskd/31:
[  372.043489][   T31]  #0: ffffffff8e55a360 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  372.054751][   T31] 2 locks held by getty/5581:
[  372.060347][   T31]  #0: ffff88803068e0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  372.070849][   T31]  #1: ffffc900036bb2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x45c/0x13c0
[  372.081670][   T31] 1 lock held by syz-executor/5826:
[  372.101579][   T31]  #0: ffffffff8e560c78 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x38d/0x770
[  372.113798][   T31] 2 locks held by kworker/0:5/5939:
[  372.119031][   T31]  #0: ffff88813fe55948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9d4/0x17a0
[  372.131023][   T31]  #1: ffffc90004d3fbc0 (free_ipc_work){+.+.}-{0:0}, at: process_scheduled_works+0xa0f/0x17a0
[  372.141961][   T31] 4 locks held by kworker/u8:15/7766:
[  372.147712][   T31]  #0: ffff8880b873a918 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  372.158428][   T31]  #1: ffff8880b8724588 (psi_seq){-.-.}-{0:0}, at: psi_task_switch+0x53/0x880
[  372.167599][   T31]  #2: ffff8880b87260d8 (&base->lock){-.-.}-{2:2}, at: __mod_timer+0x1ae/0xf30
[  372.177208][   T31]  #3: ffffffff9a265b18 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_object_activate+0x83/0x580
[  372.187601][   T31] 2 locks held by syz.0.1081/9653:
[  372.192724][   T31]  #0: ffffffff8fa1a230 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  372.201069][   T31]  #1: ffffffff8e8793e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0x141/0x16c0
[  372.212318][   T31] 2 locks held by syz.4.2057/12253:
[  372.217804][   T31]  #0: ffffffff8fa1a230 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  372.226171][   T31]  #1: ffffffff8e8793e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_version_set_doit+0xcd/0x7a0
[  372.236722][   T31] 7 locks held by syz-executor/13939:
[  372.242108][   T31]  #0: ffff888033356420 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x227/0xb90
[  372.251298][   T31]  #1: ffff888033942488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1de/0x540
[  372.261296][   T31]  #2: ffff888026a5c0f8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x231/0x540
[  372.271990][   T31]  #3: ffffffff8f2225c8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd7/0x370
[  372.283128][   T31]  #4: ffff88807e4ee0e8 (&dev->mutex){....}-{4:4}, at: device_release_driver_internal+0xb6/0x860
[  372.294411][   T31]  #5: ffff88807e4ef250 (&devlink->lock_key#5){+.+.}-{4:4}, at: nsim_drv_remove+0x50/0x170
[  372.305787][   T31]  #6: ffffffff8e560b40 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580
[  372.318155][   T31] 4 locks held by syz-executor/16260:
[  372.324448][   T31]  #0: ffff888033356420 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x227/0xb90
[  372.333851][   T31]  #1: ffff888071fd7c88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1de/0x540
[  372.344426][   T31]  #2: ffff888026a5c0f8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x231/0x540
[  372.359881][   T31]  #3: ffffffff8f2225c8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd7/0x370
[  372.391756][   T31] 
[  372.413674][   T31] =============================================
[  372.413674][   T31] 
[  372.422396][   T31] NMI backtrace for cpu 0
[  372.422423][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  372.422453][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  372.422469][   T31] Call Trace:
[  372.422481][   T31]  <TASK>
[  372.422492][   T31]  dump_stack_lvl+0xe8/0x150
[  372.422521][   T31]  nmi_cpu_backtrace+0x274/0x2d0
[  372.422544][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  372.422568][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  372.422594][   T31]  sys_info+0x135/0x170
[  372.422611][   T31]  watchdog+0xf90/0xfe0
[  372.422633][   T31]  ? watchdog+0x209/0xfe0
[  372.422654][   T31]  kthread+0x726/0x8b0
[  372.422675][   T31]  ? __pfx_watchdog+0x10/0x10
[  372.422690][   T31]  ? __pfx_kthread+0x10/0x10
[  372.422708][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  372.422722][   T31]  ? __pfx_kthread+0x10/0x10
[  372.422739][   T31]  ret_from_fork+0x51b/0xa40
[  372.422756][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  372.422769][   T31]  ? __switch_to+0xc82/0x1410
[  372.422792][   T31]  ? __pfx_kthread+0x10/0x10
[  372.422809][   T31]  ret_from_fork_asm+0x1a/0x30
[  372.422842][   T31]  </TASK>
[  372.422848][   T31] Sending NMI from CPU 0 to CPUs 1:
[  372.564153][    C1] NMI backtrace for cpu 1
[  372.564179][    C1] CPU: 1 UID: 0 PID: 10288 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  372.564199][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  372.564214][    C1] RIP: 0010:unwind_next_frame+0x528/0x23c0
[  372.564242][    C1] Code: 4c 89 f8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df 0f b6 04 08 84 c0 75 27 49 63 07 4c 01 f8 49 8d 4f 04 4c 39 e0 48 0f 46 e9 <49> 8d 47 fc 48 0f 47 d8 4d 0f 46 ef 48 39 dd 76 a2 e9 76 fd ff ff
[  372.564256][    C1] RSP: 0018:ffffc900025af798 EFLAGS: 00000287
[  372.564271][    C1] RAX: ffffffff8b969088 RBX: ffffffff907659e4 RCX: ffffffff907659e8
[  372.564284][    C1] RDX: ffffffff907659e4 RSI: ffffffff912931ac RDI: ffffffff8c0739a0
[  372.564295][    C1] RBP: ffffffff907659e8 R08: 0000000000000001 R09: ffffffff8e55a360
[  372.564306][    C1] R10: ffffc900025af8b8 R11: ffffffff81afb170 R12: ffffffff8b969161
[  372.564317][    C1] R13: ffffffff907659e4 R14: ffffc900025af868 R15: ffffffff907659e4
[  372.564328][    C1] FS:  0000000000000000(0000) GS:ffff8881257f5000(0000) knlGS:0000000000000000
[  372.564341][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  372.564352][    C1] CR2: 00007f5937347e20 CR3: 000000000e346000 CR4: 00000000003526f0
[  372.564376][    C1] Call Trace:
[  372.564384][    C1]  <TASK>
[  372.564395][    C1]  ? unwind_next_frame+0xa5/0x23c0
[  372.564412][    C1]  ? do_syscall_64+0xe2/0xf80
[  372.564431][    C1]  ? do_syscall_64+0xe2/0xf80
[  372.564447][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  372.564467][    C1]  arch_stack_walk+0x11b/0x150
[  372.564486][    C1]  ? do_syscall_64+0xe2/0xf80
[  372.564502][    C1]  stack_trace_save+0xa9/0x100
[  372.564519][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  372.564540][    C1]  save_stack+0x122/0x230
[  372.564562][    C1]  ? __pfx_save_stack+0x10/0x10
[  372.564579][    C1]  ? __free_frozen_pages+0xbf8/0xd70
[  372.564595][    C1]  ? vfree+0x25a/0x400
[  372.564614][    C1]  ? kcov_close+0x28/0x50
[  372.564630][    C1]  ? __fput+0x44f/0xa70
[  372.564646][    C1]  ? task_work_run+0x1d9/0x270
[  372.564662][    C1]  ? do_exit+0x69b/0x2310
[  372.564678][    C1]  ? do_group_exit+0x21b/0x2d0
[  372.564694][    C1]  ? __x64_sys_exit_group+0x3f/0x40
[  372.564710][    C1]  ? x64_sys_call+0x2210/0x2210
[  372.564729][    C1]  ? do_syscall_64+0xe2/0xf80
[  372.564750][    C1]  __reset_page_owner+0x71/0x1f0
[  372.564770][    C1]  __free_frozen_pages+0xbf8/0xd70
[  372.564788][    C1]  vfree+0x25a/0x400
[  372.564807][    C1]  ? __pfx_kcov_close+0x10/0x10
[  372.564822][    C1]  kcov_close+0x28/0x50
[  372.564835][    C1]  __fput+0x44f/0xa70
[  372.564856][    C1]  task_work_run+0x1d9/0x270
[  372.564874][    C1]  ? __pfx_task_work_run+0x10/0x10
[  372.564891][    C1]  ? kmem_cache_free+0x195/0x610
[  372.564906][    C1]  ? do_exit+0x696/0x2310
[  372.564924][    C1]  do_exit+0x69b/0x2310
[  372.564943][    C1]  ? __pfx_do_exit+0x10/0x10
[  372.564955][    C1]  ? do_raw_spin_lock+0x12b/0x2f0
[  372.564977][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  372.564994][    C1]  do_group_exit+0x21b/0x2d0
[  372.565013][    C1]  __x64_sys_exit_group+0x3f/0x40
[  372.565030][    C1]  x64_sys_call+0x2210/0x2210
[  372.565047][    C1]  do_syscall_64+0xe2/0xf80
[  372.565062][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.565077][    C1]  ? trace_irq_disable+0x37/0x100
[  372.565093][    C1]  ? clear_bhb_loop+0x60/0xb0
[  372.565110][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.565124][    C1] RIP: 0033:0x7f68c1d9aeb9
[  372.565138][    C1] Code: Unable to access opcode bytes at 0x7f68c1d9ae8f.
[  372.565147][    C1] RSP: 002b:00007ffc03c77bb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  372.565163][    C1] RAX: ffffffffffffffda RBX: 00007f68c1e0abc4 RCX: 00007f68c1d9aeb9
[  372.565174][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000043
[  372.565183][    C1] RBP: 00007f68c1e0abd6 R08: 0000000000000000 R09: 00000000000927c0
[  372.565194][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006
[  372.565203][    C1] R13: 00000000000927c0 R14: 000000000005a5f2 R15: 00007ffc03c77d60
[  372.565222][    C1]  </TASK>
[  372.985499][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  372.993116][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  373.002585][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  373.012803][   T31] Call Trace:
[  373.016086][   T31]  <TASK>
[  373.019061][   T31]  vpanic+0x1e0/0x670
[  373.023053][   T31]  panic+0xc5/0xd0
[  373.026803][   T31]  ? __pfx_panic+0x10/0x10
[  373.031260][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  373.036809][   T31]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[  373.043809][   T31]  watchdog+0xfda/0xfe0
[  373.048084][   T31]  ? watchdog+0x209/0xfe0
[  373.052436][   T31]  kthread+0x726/0x8b0
[  373.056802][   T31]  ? __pfx_watchdog+0x10/0x10
[  373.061756][   T31]  ? __pfx_kthread+0x10/0x10
[  373.067408][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  373.072793][   T31]  ? __pfx_kthread+0x10/0x10
[  373.077626][   T31]  ret_from_fork+0x51b/0xa40
[  373.082440][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  373.087840][   T31]  ? __switch_to+0xc82/0x1410
[  373.092707][   T31]  ? __pfx_kthread+0x10/0x10
[  373.097560][   T31]  ret_from_fork_asm+0x1a/0x30
[  373.102928][   T31]  </TASK>
[  373.107053][   T31] Kernel Offset: disabled
[  373.111565][   T31] Rebooting in 86400 seconds..