last executing test programs:

5.933152391s ago: executing program 1 (id=3007):
r0 = socket(0x11, 0x3, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000100)=0x891, 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'gre0\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r2}, 0x14)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4)
sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000440)=ANY=[@ANYBLOB="02017d29012918000e3580009f0001140000002f0600ac141414e0000003808a8972bd0b72e41082b1a3d2061fd7fdfe4b88942a31f48597e36e039b1c599db6e466749c2d4c8303a0f7fbda34fb8825f80200e3c0aba61f6304a80512ffffca88faca"], 0xdd12}], 0x1}, 0x0)

5.626837828s ago: executing program 1 (id=3008):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffe}}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='sys_exit\x00', r0}, 0x18)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000480)=ANY=[@ANYRES32=0x0, @ANYRES32, @ANYRES32=0x0, @ANYBLOB="ad0106"], 0x20)

5.455419148s ago: executing program 1 (id=3012):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), r0)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000ac0)={'wpan0\x00', <r2=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_KEY(r0, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000080)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd7000fcdbdf251800000008000300", @ANYRES32=r2, @ANYBLOB="400030803c000180080001000000000030"], 0x5c}, 0x1, 0x3000000}, 0x20000000)

5.217430937s ago: executing program 1 (id=3014):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1_to_bridge\x00', <r1=>0x0})
syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x38, 0x0, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}]}, 0x38}}, 0x0)
sendmsg$NL802154_CMD_NEW_SEC_KEY(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r5=>0x0]}, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r3, 0x84, 0xa, &(0x7f0000000840)={0x24e, 0x8, 0x1, 0x5, 0x1, 0x4, 0xc, 0x7, r5}, 0x20)
pipe(&(0x7f0000000040)={<r6=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@bloom_filter={0x1e, 0x9, 0x5, 0x4, 0x1048, r6, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x5, 0x1, 0x1}, 0x50)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
setsockopt$TIPC_DEST_DROPPABLE(r7, 0x10f, 0x81, &(0x7f0000000080), 0x4)
sendmmsg$inet(r7, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0)
close(r8)
r9 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000007940)={0x0, 0x0, 0x0}, 0x0)
connect$bt_l2cap(r9, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r11 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r11, 0x400448c8, &(0x7f0000000280)={r9, r9, 0xc, 0x1, &(0x7f0000000340)='\x00', 0x9, 0x1, 0x16c0, 0x9, 0x9, 0x1, 0x1, 'syz1\x00'})
r12 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=@mpls_delroute={0xcc, 0x19, 0x1, 0x70bd2a, 0x25dfdbfc, {0x1c, 0x10, 0x10, 0x4, 0x0, 0x0, 0xfe, 0x4, 0x400}, [@RTA_DST={0x8, 0x1, {0x4, 0x0, 0x1}}, @RTA_VIA={0x14, 0x12, {0x6, "82020ec2a5c3fd36fe811cf27b6e"}}, @RTA_OIF={0x8, 0x4, r1}, @RTA_NEWDST={0x84, 0x13, [{0x101, 0x0, 0x1}, {0x7}, {0x7fc, 0x0, 0x1}, {0x2a, 0x0, 0x1}, {0x6, 0x0, 0x1}, {0x40a1}, {0x9}, {0x80000, 0x0, 0x1}, {0x1ff}, {0x6, 0x0, 0x1}, {0x9}, {0x5}, {0xf7fff, 0x0, 0x1}, {0xa0}, {0xffffb}, {0x9, 0x0, 0x1}, {0x6}, {0x2, 0x0, 0x1}, {0xfd3, 0x0, 0x1}, {0x8}, {0x9, 0x0, 0x1}, {0x25}, {0x9}, {}, {0xb}, {0x9, 0x0, 0x1}, {0x124, 0x0, 0x1}, {0x3}, {0xb2dd, 0x0, 0x1}, {0xa, 0x0, 0x1}, {0x2}, {0x3}]}, @RTA_TTL_PROPAGATE={0x5, 0x1a, 0x6}]}, 0xcc}}, 0x80)
sendmsg$nl_route(r12, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800dd8d000000000000000002001000fe0400010000002008001e0002000000b4ad62b7cdd566d8f3dd7859dcf9bc368228edbe66d2335638043a42329d6c339e6f850e86a8f9a3457ad907a6544a33d9a04a4e80196ffca8383c654973415c7b5c827bb408d0173e204c51645ee8e53e969b591e93506a350323a1deaa1f658df11335f89cdec9ee13012d60b2fca6531d5aed517c8fff96446b1d34a624bbd5d0956fc671a9f1260d4ae1fa7d11c8946cfe86a9acede487791526259a32d1dd877ffd79b4c372b0335984951bf925c4ba6a18ebb6fc14590917276a141128ce"], 0x24}, 0x1, 0x0, 0x0, 0x4a044}, 0x4010)

4.209557155s ago: executing program 1 (id=3020):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x48, 0x83, 0x0, 0x80000001}, {0x6, 0x5, 0x0, 0xfffffc}]}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x7fffffff, 0x0, 0x1}, 0x48)
bind$inet(r1, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0xa73}}}]}, 0x38}}, 0x24000098)
sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000001300)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, r5, {0x0, 0x7}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ENC_IP_TTL_MASK={0x5, 0x53, 0xc}, @TCA_FLOWER_KEY_ENC_IP_TTL={0x5}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x804}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000f00), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_SET(r6, &(0x7f000000b100)={0x0, 0x0, &(0x7f000000b0c0)={&(0x7f000000af00)={0x58, r7, 0x1, 0x70bd26, 0x25dfdbff, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5}}]}, 0x58}, 0x1, 0x0, 0x0, 0x64000840}, 0x804)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r1, &(0x7f0000000000), 0x0, 0x4050)

3.60145069s ago: executing program 1 (id=3025):
socket$packet(0x11, 0x2, 0x300)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, 0x0, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000000)=0xffffffc3, 0x4)
sendmmsg(r0, &(0x7f0000001500)=[{{&(0x7f0000000180)=@l2tp6={0xa, 0x500, 0x80000, @remote, 0x0, 0x3}, 0x80, 0x0}, 0x5b4}, {{&(0x7f0000000040)=@l2tp6={0xa, 0x0, 0x7080000, @ipv4={'\x00', '\xff\xff', @loopback}, 0x7, 0x1}, 0x80, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0801000000001200290000", @ANYRES64=r0], 0x108}}], 0x2, 0xc040)

2.281439349s ago: executing program 2 (id=3032):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffe}}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='sys_exit\x00', r0}, 0x18)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000480)=ANY=[@ANYRES32=0x0, @ANYRES32, @ANYRES32=0x0, @ANYBLOB="ad0106"], 0x20)

2.062952466s ago: executing program 2 (id=3034):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)=ANY=[@ANYBLOB="640100001900010000000000040000001d0100001500040001fff880fe02000031171e44b2b50e8f040000001e010600f800fd0000ec058cdecf0fa4f69652b23bf9968d372a0ddfe196faa30f83514813d0527685407bc8366e2838397d6abc25357799ac708b65efffdb10e1376a4f6d4ab9949102000036dbf30bf928c37695658578feb8f3cce47f43a42919c288f7d5430ffc0226139916866a978312dd970e64629d7cd799c5e08b64de41458eb8951a54a7cf29a810823e869f5c087d15d9d3bae1c089701f970f8e7ce853654222f07959e7cdcfcf27332cb82016ccd91be54e588f6ea7b5c35a62c0ceaa4e90b29c3edc16f20db3d7fb4d6236232de07ccd7d7301f46a287dd296abe9baba499721311e1597853a2d0c7e1e64f827d31e6917175792398e0edaa900000000000000000002c900c08ac1d7b606000000000000000000000000000008000900", @ANYRES32, @ANYBLOB="080005"], 0x164}}, 0x0)

2.009949533s ago: executing program 2 (id=3035):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})
r1 = socket(0x10, 0x80002, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x60880, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xf7ffffff, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0x65}, {0x8}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40901}, 0x0)
r9 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r9, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @remote, 0x6}]}, &(0x7f00000001c0)=0x10)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r9, 0x84, 0x83, &(0x7f0000000000)=@assoc_value, &(0x7f00000004c0)=0x8)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r6, 0x84009422, &(0x7f0000000380)={0x0, 0x0, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct}, {0x0, @struct}})
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x58, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x270}, 0x1, 0x0, 0x0, 0x8000000}, 0x4)

1.898705427s ago: executing program 3 (id=3037):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x8b06, &(0x7f0000000140)={'wlan1\x00', @random="0100000000eb"}) (async)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000001c40)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af9cc9e5ef6bda9df2c3af36effff9af2551ce935b0f327cb3f011a2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7511d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1525320e716660000000000b02b001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d3294000000000000000000000000000000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10738d3c9f7a98eccb26f7e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe977076ce7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d1a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1c77a211bfa02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc084075ad10727522934a87a4ddcdb112754ca5bdec0ead14b6c0f19a4b126bbe0c2b8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcb1a47a87baf63e4edf11c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c158ae8f44bfbfa7c2730302b66a99f66705b71e6205e7cbf36435e1eabb9a63fcd604d5cc27e1317ad94cf438d7187a2fe4e06fa6cbf84ef1efa82cb2c4af6bd1370616cdbe2b98fd89b79824ba089df1f81e6fcef073059f5f1d6a221d791839d7826ed1759c2153532c393fd1bd7be2e7f5abf2f0800000000ea46c07adee10d0f2bc85cf37182256e4fd8f56942726efc07180eaa5421d697665c8bacd39cdb392e6153af80bc1a69e3bfab032e78c9a96eab13be845a0d44ef2a4ab414ac2e4802a3b5d3aa2a4a4fc259206d97d0cc1602d6b45ff414c53fc9f5f68438f0423e168a97923ca0464b40b2f797841fb2bb2e5ad9feff37220ab7c34f4c382c247e7735adb55c209f7c0f8880733dbd3f5a095cc6a2"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000006c0)={r4, 0x0, 0x0, 0xfffffffffffffd0e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x50)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, &(0x7f0000000240)=@ccm_128={{0x303}, "44be51ced4880d9c", "ee0fa6bb69c140552d1598fdaa6c329a", "bb9f5bd1", "6b2db25d2d1b977d"}, 0x28) (async)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wlan0\x00'}) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1f, 0x15, 0x0, &(0x7f0000000000)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2000}, 0x94) (async)
r5 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kfree\x00', r6}, 0x18) (async)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000340)={<r7=>0x0, 0xed, "f86492273cd1fec9d3d768256d7ac787e680449fccf38b2ef7c0522c0204bac9f985c601c6923fb34b679585f8d8fb6caf5152bab333172e149767d5a1d1d125f5f1c809cea8f7492707705d6657011a81852362af2b8f9aea12adb84f7796eeb314f07ba543881202772bc10807b0d5bf2c9f06305f35ff289a0921c35ed16eea895297bc5aae518a62c0fec51ba2fb6bac0d48e7d72ce0316020d3bbac44ce69949d5a0e116e040897cdffce73a3168c8a86fb362196efbce4c0519a103ecc827f87aa12761b2512d20e1927acbd216799e1e234baae1c4f544f0a2af113dcb8fb8dcd69cc30a2389e31c47a"}, &(0x7f0000000040)=0xf5)
setsockopt$inet_sctp_SCTP_SET_PEER_PRIMARY_ADDR(r1, 0x84, 0x5, &(0x7f0000000440)={r7, @in6={{0xa, 0x4e24, 0x6, @private1, 0x200}}}, 0x84) (async)
close(r5)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)

1.716597202s ago: executing program 3 (id=3038):
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r1)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)={0x1c, r2, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x4000054)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x18000000}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)={0xe8, r2, 0x300, 0x70bd2a, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x1, 0x1a}}}}, [@mon_options, @NL80211_ATTR_4ADDR={0x5}, @NL80211_ATTR_4ADDR={0x5, 0x53, 0x1}, @NL80211_ATTR_MESH_ID={0xa}, @mon_options=[@NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "81b3d4a803074632d5b7291e91294eb9b76292467d738689"}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @device_b}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "101dc76fc95a172b077c6dcd8ba0b8c2091047a6db6d84d2"}], @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}, @mon_options=[@NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @broadcast}, @NL80211_ATTR_MNTR_FLAGS={0x18, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_FCSFAIL={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}]}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @device_b}], @NL80211_ATTR_MESH_ID={0xa}]}, 0xe8}, 0x1, 0x0, 0x0, 0x800}, 0x4000000)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faa7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497dad64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6fba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd2310801570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb414c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000a0cc2b89ce1525748ce167cbabb881f060599a6a59f645edca1d5c24b2f6b8c997a8f3e1b7679984a566d98d4d31198ee4c5ea7be0d99cf89bba4a6fd0bec12e7792bec3c5038e13b1982f80cdecd07f8908a983a7c9fb81c2ba7f7e87c991f30e50d1b3bbe4cf2a2f5d4571b6568ada51bc121c9139d2a8e0638c84066b1759081802"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x3, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x60000}, {{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3, 0x9, 0x0, 0x1, 0x600}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xd, 0x9, 0x0, 0x0, 0xffffff13}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x7, 0x9}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffdff}, {}, {}, {0x4, 0x0, 0x7}, {0x18, 0x2, 0x2, 0x0, r4}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x5, 0x1, 0x7, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r5 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r5, 0x0, 0xd2, &(0x7f0000000000)={@remote, @multicast1, 0x4, "d30f388c52647612d91de4353d68b0fa00", 0x0, 0x0, 0x4000000, 0x8}, 0x3c)
setsockopt$MRT_ADD_MFC(r5, 0x0, 0xcc, &(0x7f0000000280)={@broadcast, @multicast1, 0x0, "7ea97ddb2ac127ffa5b7216fe75ebaa2855a422a8bf8ec7caf003751804500", 0x0, 0x0, 0x4, 0xfffffffe}, 0x3c)
setsockopt$MRT_ADD_MFC(r5, 0x0, 0xcc, &(0x7f0000000200)={@empty, @private, 0x0, "606b177019716ea6ff1f4d7ed79c31e2e0f1da00000000230000002000", 0x3e1f}, 0x3c)
setsockopt$MRT_ADD_MFC(r5, 0x0, 0xcc, &(0x7f0000000180)={@private=0xa010102, @multicast2, 0x0, "941621a61c5815f4678d8fd403f2f30229a88d74d71fd55708016d20fd419884", 0x0, 0x1}, 0x3c)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r7, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r7, &(0x7f0000000000)={&(0x7f00000002c0)={0x2, 0x0, @private=0xa010100}, 0x10, 0x0, 0x0, &(0x7f0000000080)=[@cswp={0x58, 0x114, 0x7, {{0x1, 0x3}, &(0x7f0000000140)=0x4, 0x0, 0x2, 0x3ff, 0x7, 0x8000000000000000, 0x19, 0x2}}, @mask_fadd={0x58, 0x114, 0x8, {{0xfffffff4, 0x5}, 0x0, 0x0, 0x1c4f, 0x5, 0x8, 0x8, 0x13, 0x1}}], 0xb0}, 0x0)
r8 = syz_genetlink_get_family_id$netlbl_cipso(0x0, r6)
sendmsg$NLBL_CIPSOV4_C_ADD(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000000)=ANY=[@ANYBLOB="84010000", @ANYRES16=r8, @ANYBLOB="010000000000000000000100000004000480080002000100000008000100000000000400088058010c8054000b800800090000fffe00080009000000000008000a000000000008000a00000002"], 0x184}}, 0x0)

1.483935164s ago: executing program 4 (id=3040):
socket$netlink(0x10, 0x3, 0xf)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=@newtaction={0x14, 0x30, 0xffff, 0x70bd27}, 0x14}, 0x1, 0x0, 0x0, 0x20040000}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000700)={0x0, 0x4f, &(0x7f00000006c0)={&(0x7f0000000440)=@deltaction={0x14, 0x31, 0x101}, 0x14}}, 0x0)

1.482620674s ago: executing program 0 (id=3041):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x2000000, 0x12, r1, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000100)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
getsockopt$IP_VS_SO_GET_SERVICES(r1, 0x0, 0x482, &(0x7f00000001c0)=""/204, &(0x7f0000000100)=0xcc)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'syz_tun\x00'})
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x12}}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000040000000030a01020000000000000000010000090900030073797a320000000014000480080002400000000008000140000000000900010073797a300000000050000000060a010400000000000000000100000008000b40000000000900010073797a300000000028000480240001800b000100736f636b65740000140002800800014000000001080002400000001714"], 0xd8}}, 0x4000040)

1.350669072s ago: executing program 0 (id=3042):
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_FLAG_CMD(r0, 0x8982, &(0x7f0000000040)={0x7, 'gretap0\x00', {0x3}, 0x765}) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x6, 0x5, &(0x7f0000000380)=ANY=[@ANYBLOB="180000000000000000000000000000006110080000000010000000000000000095000000000000000a7f231802005ca3b8e01e8c2863b02656a5b9cd35cda802000000000000001ff21b2e157dd1"], &(0x7f0000000100)='GPL\x00'}, 0x90) (async)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$l2tp6(0xa, 0x2, 0x73)
sendto$l2tp6(r2, &(0x7f0000000180)="20a30d23", 0x4, 0x20048850, &(0x7f0000000100)={0xa, 0x0, 0x3, @mcast1, 0x3, 0x4}, 0x20) (async)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r3) (async)
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=<r5=>0x0)
sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r5], 0xfd45}}, 0x0)
write$nci(r1, &(0x7f0000000540)=ANY=[@ANYBLOB="7105040902020728a853679e238a574366cb440484b907eb0101f8506d2d217aad30798448f03cbeb8f73b35f240079e3c5c64d6a172912100d5e6a45fd062005a5f046a89d8676d84938851b989b4e0b740e56cf1ca161794"], 0x12)
r6 = socket$nl_route(0x10, 0x3, 0x0) (async)
r7 = socket$can_j1939(0x1d, 0x2, 0x7)
getsockopt$SO_J1939_PROMISC(r7, 0x6b, 0x2, 0x0, &(0x7f0000000500))
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=@newtaction={0x18, 0x31, 0x10b, 0x0, 0x0, {}, [{0x4}]}, 0x18}}, 0x0) (async)
close(0x3) (async)
connect$netrom(0xffffffffffffffff, &(0x7f0000000300)={{0x6, @rose, 0x1}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default]}, 0x48)
r8 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r8, 0x0, &(0x7f00000000c0)=<r9=>0x0) (async)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
write$cgroup_pid(r11, &(0x7f0000000000), 0x2a979d) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0xe, 0x4, 0x4, 0xc, 0x0, 0xffffffffffffffff, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x50) (async)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, r11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$FICLONERANGE(r6, 0x4020940d, &(0x7f00000002c0)={{r12}, 0x1, 0x6, 0x10000}) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='mmap_lock_acquire_returned\x00', r12}, 0x10) (async)
r13 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r10)
sendmsg$NFC_CMD_DEV_UP(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x1c, r13, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r9}]}, 0x1c}}, 0x0)

1.280392632s ago: executing program 4 (id=3043):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000a40)={0x14, r4, 0x301, 0x0, 0x25dfdbfc, {0x24}}, 0x14}}, 0x2000ffa1)
sendmsg$IPVS_CMD_GET_CONFIG(0xffffffffffffffff, 0x0, 0x800)
socket$key(0xf, 0x3, 0x2)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_generic(r2, 0x0, 0xc000)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000100)={'wlan0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$can_raw(0x1d, 0x3, 0x1)
epoll_create(0xf)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$ETHTOOL_MSG_FEATURES_GET(r0, 0x0, 0x40800)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

1.186333405s ago: executing program 3 (id=3044):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}}, 0x4044004)
recvmmsg(r0, &(0x7f00000004c0)=[{{0x0, 0x0, 0x0}, 0x8}, {{0x0, 0x0, 0x0}, 0x10003}, {{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f0000000240)=""/180, 0xb4}, {&(0x7f0000000780)=""/260, 0x104}, {&(0x7f0000000000)=""/32, 0x20}, {&(0x7f0000002900)=""/4114, 0x1012}, {&(0x7f00000017c0)=""/220, 0xdc}, {&(0x7f0000000f40)=""/218, 0xda}, {&(0x7f00000005c0)=""/146, 0x92}, {&(0x7f00000008c0)=""/234, 0xea}, {&(0x7f0000000400)=""/123, 0x7b}], 0x9}, 0x80000002}], 0x4, 0x0, 0x0)
sendmsg$MPTCP_PM_CMD_ANNOUNCE(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x300, 0x70bd2a, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x89}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8040}, 0x400c041)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_NAME_TYPE_CMD(r0, 0x8982, &(0x7f0000000140)={0x6, 'batadv0\x00', {0x800}, 0x9})

1.090812374s ago: executing program 0 (id=3045):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000780), r1)
getsockname$packet(r1, &(0x7f0000000300)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000480)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="4400000010000104001007fb5c360dff9fe30000", @ANYRES32=r2, @ANYBLOB="0100000000000000240012000c000100627269646765000e140002000800070005"], 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x0)
r3 = socket(0x10, 0x803, 0x8)
sendmsg$IPVS_CMD_SET_INFO(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x2d}, 0x1, 0x0, 0x0, 0x8801}, 0x8000)
r4 = socket(0x0, 0x6, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1, 0x0, 0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x801, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x3}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_XFRM_DREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_XFRM_DIR={0x5, 0x3, 0x1}]}}}]}]}], {0x14}}, 0xe0}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
getsockname$packet(r3, &(0x7f0000000600)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001cc0)=ANY=[@ANYBLOB="3c0000001000030500000000fcffffff00000000", @ANYRES32=0x0, @ANYBLOB="21000000000000001400128009000100626f6e64000000000400028008000a00", @ANYRES32=r6], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x4000)

1.09023692s ago: executing program 4 (id=3046):
mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x8, 0x32, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x19, &(0x7f00000005c0)=ANY=[@ANYBLOB="180000068b000000000000002000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000500008500000086000000bf0900000000000055090100000000009500000000000000bd0a0600000000001500f8ff0020000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000010000008500000006000000bf91000000000000b702000003000000850000002a000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x3, 0x1001, &(0x7f0000001cc0)=""/4097, 0x41100, 0x2f}, 0x94)

1.000317157s ago: executing program 4 (id=3047):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
socket$netlink(0x10, 0x3, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faa7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497dad64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6fba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd2310801570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb414c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000a0cc2b89ce1525748ce167cbabb881f060599a6a59f645edca1d5c24b2f6b8c997a8f3e1b7679984a566d98d4d31198ee4c5ea7be0d99cf89bba4a6fd0bec12e7792bec3c5038e13b1982f80cdecd07f8908a983a7c9fb81c2ba7f7e87c991f30e50d1b3bbe4cf2a2f5d4571b6568ada51bc121c9139d2a8e0638c84066b1759081802"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r3}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000280), r0)
sendmsg$IPVS_CMD_GET_DEST(r0, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000700)={0x11c, r4, 0x200, 0x70bd28, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x7}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x9}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xffff}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7}, @IPVS_CMD_ATTR_DAEMON={0x7c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e23}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @private1={0xfc, 0x1, '\x00', 0x1}}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e23}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x3}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @remote}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'veth0_to_batadv\x00'}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'pim6reg\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}]}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x2}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xc}, @IPVS_CMD_ATTR_SERVICE={0x50, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@local}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x1}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x84}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@multicast1}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@private0={0xfc, 0x0, '\x00', 0x1}}]}]}, 0x11c}, 0x1, 0x0, 0x0, 0x1}, 0x20000000)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0xf, 0x4, 0x4, 0xb}, 0x50)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000600), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_GET(r6, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000001f0000540000000e0001"], 0x34}}, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)={@map=r5, 0xffffffffffffffff, 0x7}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x8, 0x0, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x6, 0x20000000ec071, 0xffffffffffffffff, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = socket$l2tp(0x2, 0x2, 0x73)
bind$inet(r8, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x10)
sendmmsg$inet(r8, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NFC_CMD_GET_TARGET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
syz_genetlink_get_family_id$nfc(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r10, @ANYBLOB="1f003300d00000000802110000010802110000"], 0x3c}}, 0x10)

951.01835ms ago: executing program 2 (id=3048):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) (async)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r2, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
r3 = socket$inet(0x2, 0x3, 0x8)
accept$inet(r3, &(0x7f0000000180), &(0x7f00000001c0)=0x10)
bpf$BPF_PROG_DETACH(0x1c, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x18, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800"/15], &(0x7f0000000000)='syzkaller\x00'}, 0x94) (async)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x18, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800"/15], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
bpf$LINK_DETACH(0x22, &(0x7f0000000600), 0x4) (async)
bpf$LINK_DETACH(0x22, &(0x7f0000000600), 0x4)
r5 = socket$netlink(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TYPE(r5, &(0x7f0000002a40)={0x0, 0x0, &(0x7f0000002a00)={&(0x7f00000029c0)=ANY=[@ANYBLOB="140000000d0603"], 0x14}}, 0x0) (async)
sendmsg$IPSET_CMD_TYPE(r5, &(0x7f0000002a40)={0x0, 0x0, &(0x7f0000002a00)={&(0x7f00000029c0)=ANY=[@ANYBLOB="140000000d0603"], 0x14}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r5)
socket$kcm(0x10, 0x2, 0x0) (async)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f00000002c0)={0x0, 0x6000, &(0x7f0000000080)=[{&(0x7f0000000300)="2e00000010008108090f9becdb4cb92e0a4831371400000069bd6efb2502eaf60d000100020400bf050005001201", 0x67}], 0x1}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="640000000206010800000000000000000000000006000000080011400000000005001500020000000500010006000000050005000a00000005000400000000000900020073797a300000000016000300686173683a6e65742c306f72742c6e6574000000b5c8a2a76eb34b88a90139dd04566e5d3397c92ed7cab8cb5e3e27e3a0e5607619b7052e"], 0x64}}, 0x0)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)=ANY=[@ANYRES64=r0], 0x114}], 0x0, 0x0, 0x0, 0x20008051}, 0x20008000) (async)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)=ANY=[@ANYRES64=r0], 0x114}], 0x0, 0x0, 0x0, 0x20008051}, 0x20008000)

671.057581ms ago: executing program 3 (id=3049):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000010000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000116608ffff0000100018000000000000000000000000000a009500000000000000360a020000000001180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0xa, 0xff5c, &(0x7f0000000340)=""/222, 0x0, 0x8}, 0x78)

670.250827ms ago: executing program 0 (id=3050):
r0 = socket(0x1e, 0x5, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req={0x8, 0x2, 0xa000, 0x3}, 0x10)
listen(r0, 0x0) (async)
listen(r0, 0x0)
r1 = socket(0x1e, 0x805, 0x0)
sendmsg$tipc(r1, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f00000000c0)=@req3={0x80000000, 0x0, 0x2}, 0x1c)
accept4$nfc_llcp(r0, 0x0, 0x0, 0x0) (async)
accept4$nfc_llcp(r0, 0x0, 0x0, 0x0)
sendmsg$tipc(r1, &(0x7f0000000640)={&(0x7f0000000300), 0x10, 0x0, 0x0, 0x0, 0x0, 0x4000080}, 0x0)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48801}, 0x20040000)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) (async)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
socket$kcm(0x2, 0xa, 0x2) (async)
r3 = socket$kcm(0x2, 0xa, 0x2)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYRESHEX=r4, @ANYRES32, @ANYBLOB='\b\x00\t\x00&I'], 0x24}}, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0) (async)
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000580), 0xffffffffffffffff)
sendmsg$TIPC_NL_NET_SET(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000a40)={0x1fc, r5, 0x0, 0x70bd26, 0x25dfdbfe, {}, [@TIPC_NLA_PUBL={0x34, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xa84a}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x6}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x3}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x2}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xfffffffb}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x8000}]}, @TIPC_NLA_BEARER={0xac, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x6}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3ff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @broadcast}}, {0x14, 0x2, @in={0x2, 0x4e24, @multicast2}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @remote}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0xb471, @mcast2, 0x4f}}}}, @TIPC_NLA_BEARER_NAME={0x15, 0x1, @l2={'ib', 0x3a, 'veth0_macvtap\x00'}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}, @TIPC_NLA_MON={0x1c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xff}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x81c000}]}, @TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xe}]}, @TIPC_NLA_NODE={0xe0, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY={0x47, 0x4, {'gcm(aes)\x00', 0x1f, "21f2d68771b809b6088e9108bf807914b525dff6ff67a5223d91a0152f7f15"}}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_KEY={0x48, 0x4, {'gcm(aes)\x00', 0x20, "18157056914a0528b64c8b3d412f2f8552a52937610ab28c0977d5d90db8e0e8"}}, @TIPC_NLA_NODE_KEY={0x3e, 0x4, {'gcm(aes)\x00', 0x16, "8d1d8488ec996a432898e2b107e1c88bcf5fba77ce39"}}]}]}, 0x1fc}, 0x1, 0x0, 0x0, 0x8000000}, 0x40880) (async)
sendmsg$TIPC_NL_NET_SET(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000a40)={0x1fc, r5, 0x0, 0x70bd26, 0x25dfdbfe, {}, [@TIPC_NLA_PUBL={0x34, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xa84a}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x6}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x3}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x2}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xfffffffb}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x8000}]}, @TIPC_NLA_BEARER={0xac, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x6}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3ff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @broadcast}}, {0x14, 0x2, @in={0x2, 0x4e24, @multicast2}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @remote}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0xb471, @mcast2, 0x4f}}}}, @TIPC_NLA_BEARER_NAME={0x15, 0x1, @l2={'ib', 0x3a, 'veth0_macvtap\x00'}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}, @TIPC_NLA_MON={0x1c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xff}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x81c000}]}, @TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xe}]}, @TIPC_NLA_NODE={0xe0, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY={0x47, 0x4, {'gcm(aes)\x00', 0x1f, "21f2d68771b809b6088e9108bf807914b525dff6ff67a5223d91a0152f7f15"}}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_KEY={0x48, 0x4, {'gcm(aes)\x00', 0x20, "18157056914a0528b64c8b3d412f2f8552a52937610ab28c0977d5d90db8e0e8"}}, @TIPC_NLA_NODE_KEY={0x3e, 0x4, {'gcm(aes)\x00', 0x16, "8d1d8488ec996a432898e2b107e1c88bcf5fba77ce39"}}]}]}, 0x1fc}, 0x1, 0x0, 0x0, 0x8000000}, 0x40880)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, &(0x7f00000003c0)=0x2, 0x4) (async)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, &(0x7f00000003c0)=0x2, 0x4)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x525000, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000280)={'syzkaller1\x00', @link_local})
write$tun(r2, &(0x7f0000000080)={@val={0x0, 0x6003}, @void, @eth={@broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x4000, 0x0, 0xfc, 0x2f, 0x0, @remote, @multicast1}, {0xa000, 0x6558, 0xc, 0x0, @gue={{0x1, 0x0, 0x1, 0x9, 0x0, @void}}}}}}}}, 0x32) (async)
write$tun(r2, &(0x7f0000000080)={@val={0x0, 0x6003}, @void, @eth={@broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x4000, 0x0, 0xfc, 0x2f, 0x0, @remote, @multicast1}, {0xa000, 0x6558, 0xc, 0x0, @gue={{0x1, 0x0, 0x1, 0x9, 0x0, @void}}}}}}}}, 0x32)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x8, &(0x7f0000000080)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x7, 0x6a, 0xa, 0xff00}, [@call={0xc}, @exit, @map_fd, @jmp]}, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001780)={0x6, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}, [@alu={0x4, 0x1, 0xb, 0x0, 0x0, 0x8, 0x10}]}, &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)

596.252363ms ago: executing program 2 (id=3051):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$nl_audit(0x10, 0x3, 0x9)
recvmmsg(r1, &(0x7f00000002c0), 0x220, 0x100, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x200000010, &(0x7f0000000000)=0xb, 0x4)
sendto$unix(0xffffffffffffffff, &(0x7f0000000240)="0014", 0x2, 0x4040081, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
r2 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000003c0)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r2, 0xc, &(0x7f00000000c0)={0x0, 0x1}, 0x8}, 0x94)
recvfrom$unix(0xffffffffffffffff, 0x0, 0x0, 0x10102, 0x0, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x3, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
sendmsg$AUDIT_USER_TTY(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)={0x10, 0x464, 0x2, 0x70bd2a, 0x25dfdbff}, 0x10}, 0x1, 0x0, 0x0, 0x8880}, 0x8040)
socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f84811feff005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r3, 0x0, 0x0)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, 0x0, 0x0)

430.141434ms ago: executing program 3 (id=3052):
r0 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$netlink(0x10, 0x3, 0xf)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f00000003c0)=0x101, 0x4)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="340000001000ffff27bd7000fedbdf2500000000f7c3e03ae15be7653ccd8e943a3d", @ANYRES32=0x0, @ANYBLOB="100a0500231a0500140012800b000100627269646765000004000280"], 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x20040040)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)={0x1c, 0x1, 0x1, 0x3, 0x0, 0x0, {0x2, 0x0, 0x6}, [@CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000004}, 0x800)

340.161023ms ago: executing program 4 (id=3053):
recvmmsg(0xffffffffffffffff, &(0x7f0000004380), 0x0, 0xc0000000, &(0x7f0000004580)={0x77359400})
r0 = socket$inet6(0xa, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2ccf3766}, 0x48)
socket$key(0xf, 0x3, 0x2)
socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000180)={{{@in=@private, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@local, 0x0, 0x6c}, 0x0, @in6=@loopback, 0x0, 0x0, 0x0, 0x4}}, 0xe8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xf5ffffff, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)

262.779453ms ago: executing program 0 (id=3054):
r0 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$netlink(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000003c00)=ANY=[@ANYBLOB="e00000001000090500c63703b60000000000d00008004300ff030000a90000002b0e13e735a3184f123d6da2f1acfac0ee2dd2b184b27d08000000337c000441bf852c8986626691b01b5f44e4ce28715f2828"], 0xe0}], 0x1}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_inet_udp_SIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000140))
r3 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SEG6_CMD_SETHMAC(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, r3, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x48090}, 0x0)
sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, r3, 0x100, 0x70bd2c, 0x25dfdbfd, {}, [@SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x2}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x2}, @SEG6_ATTR_SECRET={0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x90}, 0x4001)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e20, @local}, 0x10)
syz_emit_ethernet(0x3a, &(0x7f0000000480)={@multicast, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback, @multicast1}, {0x0, 0x4e20, 0x18, 0x0, @wg=@data={0x4, 0x1, 0x1}}}}}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=@newtaction={0x50, 0x30, 0x1, 0x2, 0x0, {}, [{0x3c, 0x1, [@m_mpls={0x38, 0x1, 0x0, 0x0, {{0x9}, {0xc, 0x2, 0x0, 0x1, [@TCA_MPLS_LABEL={0x8, 0x5, 0xffffffff}]}, {0x4, 0x4}, {0xc}, {0xc}}}]}]}, 0x50}}, 0x0)

245.233487ms ago: executing program 2 (id=3055):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=@newqdisc={0x48, 0x24, 0x5820a61ca228651, 0x0, 0x2, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x7fffffff, 0x1}}]}}]}, 0x48}}, 0x8d0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)=@newtfilter={0xd8, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0xc}, {0xfff2}, {0xfff1, 0x3d}}, [@filter_kind_options=@f_bpf={{0x8}, {0xac, 0x2, [@TCA_BPF_ACT={0x4c}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}]}}]}, 0xd8}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0xb, &(0x7f0000000100)=@framed={{0x18, 0x8, 0x0, 0x0, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_idx_val={0x18, 0x1de9dbd9a648ee72, 0x6, 0x0, 0x9, 0x0, 0x0, 0x0, 0x3}, @jmp={0x5, 0x0, 0x1, 0x6, 0x9, 0xfffffffffffffffc, 0x1}, @initr0={0x18, 0x0, 0x0, 0x0, 0x1000}, @exit, @exit, @call={0x85, 0x0, 0x0, 0x4b}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0x3c, 0x0, 0x41100, 0x38}, 0x94)

152.32271ms ago: executing program 3 (id=3056):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1234}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0, r0}, &(0x7f0000000300), &(0x7f0000000340)='%-010d \x00'}, 0x1c)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000380)={r0, r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x10, &(0x7f0000000480)=@framed={{}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1234}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa0)
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r2, r2}, &(0x7f0000000600), &(0x7f0000000640)=r1}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x8, &(0x7f0000000740)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90ff}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x3, 0xf, &(0x7f0000000900)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa0)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x3, 0x7, &(0x7f0000000a80)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}]}, &(0x7f0000000ac0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x3, 0xc, &(0x7f0000000bc0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1234}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}]}, &(0x7f0000000c40)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa0)

94.552964ms ago: executing program 4 (id=3057):
r0 = epoll_create1(0x0)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f00000001c0)={0xa, 0x4e25, 0x0, @loopback, 0x18}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000180), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4) (async)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "87ee8ac6c46dad33", "2607080d7f4fcf00fd4ef2dece6c7c58", "122000"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000680)=@gcm_128={{0x303}, "2000a200009400", "c0b6c5b29ca2b838d41ac2fc7ddf972d", "e9be1eae", "bb10000000000001"}, 0x28)
writev(r1, &(0x7f0000000600)=[{&(0x7f0000000200)='f', 0x1}], 0x1)
recvfrom$inet6(r1, &(0x7f0000000300)=""/3, 0x3, 0x40000041, 0x0, 0x11)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0))
syz_init_net_socket$llc(0x1a, 0x801, 0x0)
r2 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)) (async)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) (async)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2, 0x3, 0xfffffffffffffffd, 0x400000, 0x0, 0xffffffffffffff1b, 0x10000000368}, 0x0, &(0x7f0000000240)={0x3ff, 0x0, 0x0, 0x1, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) (async)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2, 0x3, 0xfffffffffffffffd, 0x400000, 0x0, 0xffffffffffffff1b, 0x10000000368}, 0x0, &(0x7f0000000240)={0x3ff, 0x0, 0x0, 0x1, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000500000001801000020786c3100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000005000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000500000001801000020786c3100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000005000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r6}, 0x10)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000100)={0x20000014})
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000001400791048000000000069001c000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x8, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0xa3}, 0x21) (async)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000001400791048000000000069001c000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x8, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0xa3}, 0x21)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'rose0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'rose0\x00'})
r7 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x18, 0xf, &(0x7f0000001540)=ANY=[@ANYBLOB="1803000000000020000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000014000000b5020000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b70200000000000085000000c5000000b70000000000000095"], &(0x7f0000000200)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)

0s ago: executing program 0 (id=3058):
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b7000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x40000000000, 0x3, 0x4, 0x0, 0x0, 0x3}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
close(0x4)

kernel console output (not intermixed with test programs):

[T13141]  ? __might_fault+0xb0/0x130
[  315.797082][T13141]  should_fail_ex+0x414/0x560
[  315.797112][T13141]  _copy_from_user+0x2d/0xb0
[  315.797136][T13141]  ___sys_sendmsg+0x158/0x2a0
[  315.797161][T13141]  ? __pfx____sys_sendmsg+0x10/0x10
[  315.797224][T13141]  ? __fget_files+0x2a/0x420
[  315.797239][T13141]  ? __fget_files+0x3a0/0x420
[  315.797268][T13141]  __sys_sendmmsg+0x227/0x430
[  315.797296][T13141]  ? __pfx___sys_sendmmsg+0x10/0x10
[  315.797314][T13141]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  315.797365][T13141]  ? ksys_write+0x22a/0x250
[  315.797393][T13141]  ? __pfx_ksys_write+0x10/0x10
[  315.797415][T13141]  ? rcu_is_watching+0x15/0xb0
[  315.797443][T13141]  __x64_sys_sendmmsg+0xa0/0xc0
[  315.797466][T13141]  do_syscall_64+0xfa/0x3b0
[  315.797484][T13141]  ? lockdep_hardirqs_on+0x9c/0x150
[  315.797502][T13141]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  315.797518][T13141]  ? clear_bhb_loop+0x60/0xb0
[  315.797540][T13141]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  315.797557][T13141] RIP: 0033:0x7f2e9bb8ebe9
[  315.797580][T13141] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  315.797595][T13141] RSP: 002b:00007f2e9c939038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  315.797615][T13141] RAX: ffffffffffffffda RBX: 00007f2e9bdc5fa0 RCX: 00007f2e9bb8ebe9
[  315.797629][T13141] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000003
[  315.797641][T13141] RBP: 00007f2e9c939090 R08: 0000000000000000 R09: 0000000000000000
[  315.797652][T13141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  315.797664][T13141] R13: 00007f2e9bdc6038 R14: 00007f2e9bdc5fa0 R15: 00007fff57c18fd8
[  315.797697][T13141]  </TASK>
[  316.375062][T13166] netlink: 64 bytes leftover after parsing attributes in process `syz.1.2066'.
[  316.450571][T13168] ÿÿÿÿÿÿ: renamed from vlan1
[  316.489086][T13160] netlink: 124 bytes leftover after parsing attributes in process `syz.0.2063'.
[  316.632713][T13178] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2069'.
[  316.765177][T13188] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  316.775965][T13185] netlink: 277 bytes leftover after parsing attributes in process `syz.2.2072'.
[  316.849833][T13192] ip6_vti0: left promiscuous mode
[  316.855090][T13192] ip6_vti0: left allmulticast mode
[  316.889484][T13192] bridge2: left allmulticast mode
[  316.917108][T13192] gretap1: left promiscuous mode
[  316.952091][ T6333] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  316.971367][ T6333] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  317.003199][ T6333] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  317.016810][ T6333] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  317.361048][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  317.691267][T13228] FAULT_INJECTION: forcing a failure.
[  317.691267][T13228] name failslab, interval 1, probability 0, space 0, times 0
[  317.714528][T13228] CPU: 0 UID: 0 PID: 13228 Comm: syz.2.2086 Not tainted syzkaller #0 PREEMPT(full) 
[  317.714557][T13228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  317.714569][T13228] Call Trace:
[  317.714577][T13228]  <TASK>
[  317.714586][T13228]  dump_stack_lvl+0x189/0x250
[  317.714616][T13228]  ? __pfx____ratelimit+0x10/0x10
[  317.714636][T13228]  ? __pfx_dump_stack_lvl+0x10/0x10
[  317.714660][T13228]  ? __pfx__printk+0x10/0x10
[  317.714694][T13228]  ? __pfx___might_resched+0x10/0x10
[  317.714711][T13228]  ? fs_reclaim_acquire+0x7d/0x100
[  317.714762][T13228]  should_fail_ex+0x414/0x560
[  317.714793][T13228]  should_failslab+0xa8/0x100
[  317.714822][T13228]  __kmalloc_cache_noprof+0x70/0x3d0
[  317.714847][T13228]  ? sctp_transport_new+0x7e/0x640
[  317.714870][T13228]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  317.714905][T13228]  sctp_transport_new+0x7e/0x640
[  317.714934][T13228]  sctp_assoc_add_peer+0x260/0x13b0
[  317.714960][T13228]  ? sctp_bind_addr_copy+0x380/0x3c0
[  317.714998][T13228]  sctp_connect_new_asoc+0x30a/0x690
[  317.715025][T13228]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  317.715054][T13228]  ? __local_bh_enable_ip+0x12d/0x1c0
[  317.715083][T13228]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  317.715106][T13228]  ? security_sctp_bind_connect+0x7e/0x2e0
[  317.715136][T13228]  sctp_sendmsg+0x155c/0x2810
[  317.715173][T13228]  ? __pfx_sctp_sendmsg+0x10/0x10
[  317.715200][T13228]  ? aa_sk_perm+0x81e/0x950
[  317.715234][T13228]  ? __pfx_aa_sk_perm+0x10/0x10
[  317.715267][T13228]  ? sock_rps_record_flow+0x19/0x410
[  317.715297][T13228]  ? inet_sendmsg+0x2f4/0x370
[  317.715328][T13228]  __sock_sendmsg+0x19c/0x270
[  317.715361][T13228]  __sys_sendto+0x3bd/0x520
[  317.715385][T13228]  ? __pfx___sys_sendto+0x10/0x10
[  317.715402][T13228]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  317.715439][T13228]  ? __fget_files+0x3a0/0x420
[  317.715470][T13228]  ? ksys_write+0x22a/0x250
[  317.715497][T13228]  ? __pfx_ksys_write+0x10/0x10
[  317.715520][T13228]  ? rcu_is_watching+0x15/0xb0
[  317.715546][T13228]  __x64_sys_sendto+0xde/0x100
[  317.715571][T13228]  do_syscall_64+0xfa/0x3b0
[  317.715590][T13228]  ? lockdep_hardirqs_on+0x9c/0x150
[  317.715609][T13228]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.715628][T13228]  ? clear_bhb_loop+0x60/0xb0
[  317.715652][T13228]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.715671][T13228] RIP: 0033:0x7f077fd8ebe9
[  317.715689][T13228] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  317.715705][T13228] RSP: 002b:00007f0780cb8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  317.715728][T13228] RAX: ffffffffffffffda RBX: 00007f077ffc5fa0 RCX: 00007f077fd8ebe9
[  317.715748][T13228] RDX: 0000000000000001 RSI: 00002000000000c0 RDI: 0000000000000004
[  317.715761][T13228] RBP: 00007f0780cb8090 R08: 0000200000000280 R09: 0000000000000010
[  317.715773][T13228] R10: 00000000000000c1 R11: 0000000000000246 R12: 0000000000000002
[  317.715785][T13228] R13: 00007f077ffc6038 R14: 00007f077ffc5fa0 R15: 00007ffe605e6be8
[  317.715819][T13228]  </TASK>
[  318.050415][T13231] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2085'.
[  318.312443][ T6326] nci: nci_add_new_protocol: the target found does not have the desired protocol
[  318.560928][T13255] pim6reg1: entered promiscuous mode
[  318.566281][T13255] pim6reg1: entered allmulticast mode
[  319.035003][T13271] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2100'.
[  319.183479][T13272] lo speed is unknown, defaulting to 1000
[  320.067207][T13297] __nla_validate_parse: 1 callbacks suppressed
[  320.067230][T13297] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2105'.
[  320.105834][T13304] netlink: 248 bytes leftover after parsing attributes in process `syz.2.2107'.
[  320.614293][T13337] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2117'.
[  320.964884][T13349] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2119'.
[  321.056560][T13343] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2119'.
[  321.335302][T13356] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2123'.
[  321.357316][T13356] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  321.622406][T13367] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2126'.
[  321.636788][T13367] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  321.644109][T13367] IPv6: NLM_F_CREATE should be set when creating new route
[  321.963652][T13385] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2129'.
[  322.127863][T13385] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2129'.
[  322.661159][T13417] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2139'.
[  323.333167][ T5925] hid-generic 0005:16C0:0009.002A: unknown main item tag 0x0
[  323.352388][ T5925] hid-generic 0005:16C0:0009.002A: hidraw0: BLUETOOTH HID v0.09 Device [syz1] on aa:aa:aa:aa:aa:aa
[  323.963330][T13472] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  323.973122][T13479] netlink: 'syz.2.2159': attribute type 4 has an invalid length.
[  323.985715][T13472] syzkaller0: entered promiscuous mode
[  323.996094][T13472] syzkaller0: entered allmulticast mode
[  324.178171][T13482] syz_tun: entered allmulticast mode
[  324.257919][T13482] dvmrp8: entered allmulticast mode
[  324.302363][T13490] netlink: 'syz.1.2166': attribute type 4 has an invalid length.
[  324.336776][T13494] syz_tun: left allmulticast mode
[  324.346854][T13494] dvmrp8: left allmulticast mode
[  324.450911][T13482] netlink: 'syz.3.2163': attribute type 23 has an invalid length.
[  324.834172][ T5925] hid-generic 0005:16C0:0009.002B: unknown main item tag 0x0
[  324.850670][ T5925] hid-generic 0005:16C0:0009.002B: hidraw0: BLUETOOTH HID v0.09 Device [syz1] on aa:aa:aa:aa:aa:aa
[  325.377078][T13536] vlan0: entered promiscuous mode
[  325.534214][T13545] __nla_validate_parse: 6 callbacks suppressed
[  325.534236][T13545] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2182'.
[  325.754600][T13545] nbd: socks must be embedded in a SOCK_ITEM attr
[  326.583076][T13587] netlink: 'syz.2.2190': attribute type 25 has an invalid length.
[  326.649085][T13587] netlink: 'syz.2.2190': attribute type 7 has an invalid length.
[  326.697700][T13589] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2193'.
[  326.711808][T13589] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2193'.
[  326.739113][T13589] tipc: Invalid UDP bearer configuration
[  326.739187][T13589] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  326.822214][T13596] FAULT_INJECTION: forcing a failure.
[  326.822214][T13596] name failslab, interval 1, probability 0, space 0, times 0
[  326.869165][T13596] CPU: 0 UID: 0 PID: 13596 Comm: syz.4.2194 Not tainted syzkaller #0 PREEMPT(full) 
[  326.869195][T13596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  326.869208][T13596] Call Trace:
[  326.869217][T13596]  <TASK>
[  326.869226][T13596]  dump_stack_lvl+0x189/0x250
[  326.869255][T13596]  ? __pfx____ratelimit+0x10/0x10
[  326.869276][T13596]  ? __pfx_dump_stack_lvl+0x10/0x10
[  326.869299][T13596]  ? __pfx__printk+0x10/0x10
[  326.869332][T13596]  ? __pfx___might_resched+0x10/0x10
[  326.869357][T13596]  should_fail_ex+0x414/0x560
[  326.869389][T13596]  should_failslab+0xa8/0x100
[  326.869417][T13596]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  326.869441][T13596]  ? __alloc_skb+0x112/0x2d0
[  326.869465][T13596]  __alloc_skb+0x112/0x2d0
[  326.869489][T13596]  netlink_sendmsg+0x5c6/0xb30
[  326.869520][T13596]  ? __pfx_netlink_sendmsg+0x10/0x10
[  326.869542][T13596]  ? aa_sock_msg_perm+0xf1/0x1d0
[  326.869563][T13596]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  326.869583][T13596]  ? __pfx_netlink_sendmsg+0x10/0x10
[  326.869600][T13596]  __sock_sendmsg+0x21c/0x270
[  326.869630][T13596]  ____sys_sendmsg+0x505/0x830
[  326.869659][T13596]  ? __pfx_____sys_sendmsg+0x10/0x10
[  326.869699][T13596]  ? import_iovec+0x74/0xa0
[  326.869726][T13596]  ___sys_sendmsg+0x21f/0x2a0
[  326.869751][T13596]  ? __pfx____sys_sendmsg+0x10/0x10
[  326.869817][T13596]  ? __fget_files+0x2a/0x420
[  326.869834][T13596]  ? __fget_files+0x3a0/0x420
[  326.869863][T13596]  __x64_sys_sendmsg+0x19b/0x260
[  326.869889][T13596]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  326.869934][T13596]  ? __pfx_ksys_write+0x10/0x10
[  326.869957][T13596]  ? rcu_is_watching+0x15/0xb0
[  326.869982][T13596]  ? do_syscall_64+0xbe/0x3b0
[  326.870007][T13596]  do_syscall_64+0xfa/0x3b0
[  326.870026][T13596]  ? lockdep_hardirqs_on+0x9c/0x150
[  326.870045][T13596]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.870065][T13596]  ? clear_bhb_loop+0x60/0xb0
[  326.870089][T13596]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.870107][T13596] RIP: 0033:0x7fce49d8ebe9
[  326.870124][T13596] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  326.870140][T13596] RSP: 002b:00007fce4ac60038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  326.870167][T13596] RAX: ffffffffffffffda RBX: 00007fce49fc5fa0 RCX: 00007fce49d8ebe9
[  326.870180][T13596] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 000000000000000a
[  326.870191][T13596] RBP: 00007fce4ac60090 R08: 0000000000000000 R09: 0000000000000000
[  326.870203][T13596] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  326.870214][T13596] R13: 00007fce49fc6038 R14: 00007fce49fc5fa0 R15: 00007ffe59170508
[  326.870245][T13596]  </TASK>
[  327.350368][T13598] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2195'.
[  327.798731][T13612] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2200'.
[  327.941978][T13621] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2203'.
[  328.065695][T13626] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  328.170122][   T36] tipc: Subscription rejected, illegal request
[  328.532647][T13654] netlink: 165 bytes leftover after parsing attributes in process `syz.0.2214'.
[  328.606884][T13659] netlink: 'syz.2.2213': attribute type 13 has an invalid length.
[  328.617448][T13659] netlink: 'syz.2.2213': attribute type 17 has an invalid length.
[  328.685599][T13659] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  328.917353][T13666] lo speed is unknown, defaulting to 1000
[  328.992231][T13662] lo speed is unknown, defaulting to 1000
[  329.025114][T13670] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2217'.
[  329.131314][T13672] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2217'.
[  329.460596][T13670] hsr_slave_1 (unregistering): left promiscuous mode
[  329.504252][T13671] veth0: entered promiscuous mode
[  329.619131][T13689] workqueue: Failed to create a rescuer kthread for wq "nfc3_nci_cmd_wq": -EINTR
[  329.624388][T13672] veth0 (unregistering): left promiscuous mode
[  329.796888][T13696] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2220'.
[  329.828548][T13670] pim6reg: entered allmulticast mode
[  329.854624][T13696] team0: entered promiscuous mode
[  329.860308][T13696] team_slave_0: entered promiscuous mode
[  329.866479][T13696] team_slave_1: entered promiscuous mode
[  329.874656][T13696] bond0: entered promiscuous mode
[  329.880091][T13696] bond_slave_0: entered promiscuous mode
[  329.887533][T13696] debugfs: 'hsr2' already exists in 'hsr'
[  329.893857][T13696] Cannot create hsr debugfs directory
[  329.899612][T13696] hsr2: Slave A (team0) is not up; please bring it up to get a fully working HSR network
[  329.910605][T13696] hsr2: Slave B (bond0) is not up; please bring it up to get a fully working HSR network
[  329.921902][T13696] 8021q: adding VLAN 0 to HW filter on device hsr2
[  330.171125][T13710] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  330.185907][T13710] bridge0: port 2(bridge_slave_1) entered disabled state
[  330.193602][T13710] bridge0: port 1(bridge_slave_0) entered disabled state
[  330.453063][T13721] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  330.463820][T13721] syzkaller0: entered promiscuous mode
[  330.469565][T13721] syzkaller0: entered allmulticast mode
[  330.804038][T13737] __nla_validate_parse: 1 callbacks suppressed
[  330.804060][T13737] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2235'.
[  331.137775][T13751] bridge0: entered promiscuous mode
[  331.143751][T13751] macvtap1: entered allmulticast mode
[  331.149633][T13751] bridge0: entered allmulticast mode
[  331.156595][T13751] bridge0: port 3(macvtap1) entered blocking state
[  331.170961][T13751] bridge0: port 3(macvtap1) entered disabled state
[  331.182574][T13751] bridge0: left allmulticast mode
[  331.191028][T13751] bridge0: left promiscuous mode
[  331.224994][T13753] netlink: 'syz.0.2241': attribute type 1 has an invalid length.
[  331.313126][T13757] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2242'.
[  331.441854][T13761] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2244'.
[  331.682451][T13774] netlink: 84 bytes leftover after parsing attributes in process `syz.3.2248'.
[  332.543756][T13805] lo speed is unknown, defaulting to 1000
[  332.865189][T13817] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2265'.
[  332.876981][T13816] FAULT_INJECTION: forcing a failure.
[  332.876981][T13816] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  332.926518][T13816] CPU: 0 UID: 0 PID: 13816 Comm: syz.4.2264 Not tainted syzkaller #0 PREEMPT(full) 
[  332.926548][T13816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  332.926560][T13816] Call Trace:
[  332.926568][T13816]  <TASK>
[  332.926576][T13816]  dump_stack_lvl+0x189/0x250
[  332.926607][T13816]  ? __pfx____ratelimit+0x10/0x10
[  332.926626][T13816]  ? __pfx_dump_stack_lvl+0x10/0x10
[  332.926648][T13816]  ? __pfx__printk+0x10/0x10
[  332.926678][T13816]  ? fs_reclaim_acquire+0x7d/0x100
[  332.926718][T13816]  should_fail_ex+0x414/0x560
[  332.926749][T13816]  prepare_alloc_pages+0x213/0x610
[  332.926778][T13816]  __alloc_frozen_pages_noprof+0x123/0x370
[  332.926803][T13816]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  332.926834][T13816]  ? policy_nodemask+0x27c/0x720
[  332.926868][T13816]  alloc_pages_mpol+0x232/0x4a0
[  332.926901][T13816]  vma_alloc_folio_noprof+0xe4/0x200
[  332.926932][T13816]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  332.926975][T13816]  folio_prealloc+0x30/0x180
[  332.927004][T13816]  do_wp_page+0x1231/0x5800
[  332.927055][T13816]  ? __pfx_do_wp_page+0x10/0x10
[  332.927076][T13816]  ? do_raw_spin_lock+0x121/0x290
[  332.927103][T13816]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  332.927139][T13816]  __handle_mm_fault+0x1033/0x5440
[  332.927184][T13816]  ? __pfx___handle_mm_fault+0x10/0x10
[  332.927226][T13816]  ? follow_page_pte+0xd03/0x13e0
[  332.927265][T13816]  handle_mm_fault+0x40a/0x8e0
[  332.927303][T13816]  __get_user_pages+0x1699/0x2ce0
[  332.927323][T13816]  ? __lock_acquire+0xab9/0xd20
[  332.927458][T13816]  __gup_longterm_locked+0xde9/0x1660
[  332.927499][T13816]  ? sanity_check_pinned_pages+0x1241/0x1300
[  332.927526][T13816]  ? gup_fast_fallback+0x195f/0x2010
[  332.927554][T13816]  gup_fast_fallback+0x1e6a/0x2010
[  332.927619][T13816]  ? __pfx_gup_fast_fallback+0x10/0x10
[  332.927641][T13816]  ? kasan_save_track+0x4f/0x80
[  332.927661][T13816]  ? kasan_save_track+0x3e/0x80
[  332.927679][T13816]  ? __kasan_kmalloc+0x93/0xb0
[  332.927701][T13816]  ? sock_kmalloc+0xd6/0x160
[  332.927720][T13816]  ? af_alg_get_rsgl+0x236/0x810
[  332.927739][T13816]  ? skcipher_recvmsg+0x3c0/0x11c0
[  332.927759][T13816]  ? ____sys_recvmsg+0x1c9/0x460
[  332.927778][T13816]  ? ___sys_recvmsg+0x1b5/0x510
[  332.927796][T13816]  ? __x64_sys_recvmsg+0x198/0x260
[  332.927822][T13816]  ? pin_user_pages_fast+0x4d/0xb0
[  332.927849][T13816]  iov_iter_extract_pages+0x35a/0x5e0
[  332.927883][T13816]  extract_iter_to_sg+0xe46/0x24e0
[  332.927922][T13816]  ? __pfx_extract_iter_to_sg+0x10/0x10
[  332.927959][T13816]  ? rcu_is_watching+0x15/0xb0
[  332.927979][T13816]  ? trace_kmalloc+0x1f/0xd0
[  332.928001][T13816]  ? __kmalloc_noprof+0x29b/0x4f0
[  332.928033][T13816]  ? __asan_memset+0x22/0x50
[  332.928057][T13816]  af_alg_get_rsgl+0x436/0x810
[  332.928097][T13816]  skcipher_recvmsg+0x3c0/0x11c0
[  332.928125][T13816]  ? aa_sk_perm+0x81e/0x950
[  332.928164][T13816]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  332.928194][T13816]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  332.928214][T13816]  ? security_socket_recvmsg+0x7e/0x2e0
[  332.928236][T13816]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  332.928261][T13816]  sock_recvmsg+0x22c/0x270
[  332.928292][T13816]  ____sys_recvmsg+0x1c9/0x460
[  332.928326][T13816]  ? __pfx_____sys_recvmsg+0x10/0x10
[  332.928368][T13816]  ? import_iovec+0x74/0xa0
[  332.928404][T13816]  ___sys_recvmsg+0x1b5/0x510
[  332.928434][T13816]  ? __pfx____sys_recvmsg+0x10/0x10
[  332.928489][T13816]  ? __fget_files+0x3a0/0x420
[  332.928521][T13816]  __x64_sys_recvmsg+0x198/0x260
[  332.928547][T13816]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  332.928582][T13816]  ? __pfx_ksys_write+0x10/0x10
[  332.928604][T13816]  ? rcu_is_watching+0x15/0xb0
[  332.928629][T13816]  ? do_syscall_64+0xbe/0x3b0
[  332.928652][T13816]  do_syscall_64+0xfa/0x3b0
[  332.928666][T13816]  ? lockdep_hardirqs_on+0x9c/0x150
[  332.928684][T13816]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  332.928703][T13816]  ? clear_bhb_loop+0x60/0xb0
[  332.928729][T13816]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  332.928747][T13816] RIP: 0033:0x7fce49d8ebe9
[  332.928766][T13816] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  332.928783][T13816] RSP: 002b:00007fce4ac60038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  332.928804][T13816] RAX: ffffffffffffffda RBX: 00007fce49fc5fa0 RCX: 00007fce49d8ebe9
[  332.928818][T13816] RDX: 0000000000000000 RSI: 00002000000005c0 RDI: 000000000000000a
[  332.928831][T13816] RBP: 00007fce4ac60090 R08: 0000000000000000 R09: 0000000000000000
[  332.928843][T13816] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  332.928854][T13816] R13: 00007fce49fc6038 R14: 00007fce49fc5fa0 R15: 00007ffe59170508
[  332.928889][T13816]  </TASK>
[  333.550307][T13825] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2267'.
[  334.386450][T13858] netlink: 'syz.3.2278': attribute type 64 has an invalid length.
[  334.505774][T13861] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2279'.
[  334.552087][T13864] lo speed is unknown, defaulting to 1000
[  334.598666][T13867] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2282'.
[  334.934373][T13877] IPVS: stopping backup sync thread 13881 ...
[  334.934840][T13881] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_to_bridge, syncid = 512, id = 0
[  335.205829][T13895] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2290'.
[  335.266666][T13899] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2290'.
[  335.368966][ T5983] hid-generic 0005:16C0:0009.002C: unknown main item tag 0x0
[  335.397082][ T5983] hid-generic 0005:16C0:0009.002C: hidraw0: BLUETOOTH HID v0.09 Device [syz1] on aa:aa:aa:aa:aa:aa
[  335.506949][T13909] delete_channel: no stack
[  335.845456][T13921] __nla_validate_parse: 2 callbacks suppressed
[  335.845478][T13921] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2301'.
[  335.863657][T13921] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2301'.
[  335.950679][T13921] bond2: entered promiscuous mode
[  335.955884][T13921] bond2: entered allmulticast mode
[  335.962646][T13921] 8021q: adding VLAN 0 to HW filter on device bond2
[  336.138112][T13921] lo speed is unknown, defaulting to 1000
[  336.240270][T13934] netlink: 332 bytes leftover after parsing attributes in process `syz.1.2304'.
[  336.249802][T13934] netlink: 104 bytes leftover after parsing attributes in process `syz.1.2304'.
[  336.296617][T13934] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2304'.
[  336.349239][T13944] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2305'.
[  336.726489][T13956] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2309'.
[  337.043871][T13969] FAULT_INJECTION: forcing a failure.
[  337.043871][T13969] name failslab, interval 1, probability 0, space 0, times 0
[  337.080036][T13969] CPU: 1 UID: 0 PID: 13969 Comm: syz.0.2313 Not tainted syzkaller #0 PREEMPT(full) 
[  337.080066][T13969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  337.080078][T13969] Call Trace:
[  337.080087][T13969]  <TASK>
[  337.080096][T13969]  dump_stack_lvl+0x189/0x250
[  337.080124][T13969]  ? __pfx____ratelimit+0x10/0x10
[  337.080145][T13969]  ? __pfx_dump_stack_lvl+0x10/0x10
[  337.080168][T13969]  ? __pfx__printk+0x10/0x10
[  337.080198][T13969]  ? __pfx___might_resched+0x10/0x10
[  337.080216][T13969]  ? fs_reclaim_acquire+0x7d/0x100
[  337.080251][T13969]  should_fail_ex+0x414/0x560
[  337.080283][T13969]  should_failslab+0xa8/0x100
[  337.080447][T13969]  kmem_cache_alloc_noprof+0x73/0x3c0
[  337.080472][T13969]  ? radix_tree_node_alloc+0x7e/0x3a0
[  337.080494][T13969]  radix_tree_node_alloc+0x7e/0x3a0
[  337.080521][T13969]  idr_get_free+0x2b3/0xa70
[  337.080563][T13969]  idr_alloc_u32+0x159/0x2d0
[  337.080576][T13969]  ? __kasan_kmalloc+0x93/0xb0
[  337.080607][T13969]  ? __pfx_idr_alloc_u32+0x10/0x10
[  337.080638][T13969]  ? tcf_exts_init_ex+0x449/0x750
[  337.080678][T13969]  basic_change+0x3c6/0xd80
[  337.080706][T13969]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  337.080740][T13969]  ? __pfx_basic_change+0x10/0x10
[  337.080792][T13969]  tc_new_tfilter+0xdc7/0x15b0
[  337.080848][T13969]  ? __pfx_tc_new_tfilter+0x10/0x10
[  337.080912][T13969]  ? __pfx_tc_new_tfilter+0x10/0x10
[  337.080932][T13969]  rtnetlink_rcv_msg+0x7cf/0xb70
[  337.080950][T13969]  ? __lock_acquire+0xab9/0xd20
[  337.080979][T13969]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  337.081004][T13969]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  337.081049][T13969]  netlink_rcv_skb+0x208/0x470
[  337.081065][T13969]  ? __lock_acquire+0xab9/0xd20
[  337.081092][T13969]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  337.081112][T13969]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  337.081145][T13969]  ? netlink_deliver_tap+0x2e/0x1b0
[  337.081173][T13969]  netlink_unicast+0x82c/0x9e0
[  337.081212][T13969]  ? __pfx_netlink_unicast+0x10/0x10
[  337.081241][T13969]  ? netlink_sendmsg+0x642/0xb30
[  337.081258][T13969]  ? skb_put+0x11b/0x210
[  337.081283][T13969]  netlink_sendmsg+0x805/0xb30
[  337.081327][T13969]  ? __pfx_netlink_sendmsg+0x10/0x10
[  337.081351][T13969]  ? aa_sock_msg_perm+0xf1/0x1d0
[  337.081372][T13969]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  337.081392][T13969]  ? __pfx_netlink_sendmsg+0x10/0x10
[  337.081413][T13969]  __sock_sendmsg+0x21c/0x270
[  337.081444][T13969]  ____sys_sendmsg+0x52d/0x830
[  337.081474][T13969]  ? __pfx_____sys_sendmsg+0x10/0x10
[  337.081507][T13969]  ? import_iovec+0x74/0xa0
[  337.081535][T13969]  ___sys_sendmsg+0x21f/0x2a0
[  337.081559][T13969]  ? __pfx____sys_sendmsg+0x10/0x10
[  337.081635][T13969]  ? __might_fault+0xb0/0x130
[  337.081667][T13969]  __sys_sendmmsg+0x227/0x430
[  337.081696][T13969]  ? __pfx___sys_sendmmsg+0x10/0x10
[  337.081715][T13969]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  337.081767][T13969]  ? ksys_write+0x22a/0x250
[  337.081796][T13969]  ? __pfx_ksys_write+0x10/0x10
[  337.081817][T13969]  ? rcu_is_watching+0x15/0xb0
[  337.081844][T13969]  __x64_sys_sendmmsg+0xa0/0xc0
[  337.081869][T13969]  do_syscall_64+0xfa/0x3b0
[  337.081888][T13969]  ? lockdep_hardirqs_on+0x9c/0x150
[  337.081906][T13969]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.081924][T13969]  ? clear_bhb_loop+0x60/0xb0
[  337.081948][T13969]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.081966][T13969] RIP: 0033:0x7f2e9bb8ebe9
[  337.081984][T13969] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  337.082001][T13969] RSP: 002b:00007f2e9c939038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  337.082023][T13969] RAX: ffffffffffffffda RBX: 00007f2e9bdc5fa0 RCX: 00007f2e9bb8ebe9
[  337.082037][T13969] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000004
[  337.082050][T13969] RBP: 00007f2e9c939090 R08: 0000000000000000 R09: 0000000000000000
[  337.082062][T13969] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  337.082073][T13969] R13: 00007f2e9bdc6038 R14: 00007f2e9bdc5fa0 R15: 00007fff57c18fd8
[  337.082108][T13969]  </TASK>
[  338.054799][T14010] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2319'.
[  338.075613][ T5925] hid-generic 0005:16C0:0009.002D: unknown main item tag 0x0
[  338.117074][ T5925] hid-generic 0005:16C0:0009.002D: hidraw0: BLUETOOTH HID v0.09 Device [syz1] on aa:aa:aa:aa:aa:aa
[  338.130119][T14012] netlink: 'syz.0.2322': attribute type 1 has an invalid length.
[  338.246433][T14019] netlink: 'syz.2.2324': attribute type 1 has an invalid length.
[  338.248262][T14015] bond3: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  338.266849][T14015] bond3: (slave ipvlan2): The slave device specified does not support setting the MAC address
[  338.277430][T14015] bond3: (slave ipvlan2): Setting fail_over_mac to active for active-backup mode
[  338.350859][T14016] vlan1: entered promiscuous mode
[  338.405402][T14019] 8021q: adding VLAN 0 to HW filter on device bond5
[  338.493270][T14026] bond5: (slave veth7): Enslaving as an active interface with a down link
[  338.590889][T14019] 8021q: adding VLAN 0 to HW filter on device batadv2
[  338.613852][T14019] bond5: (slave batadv2): dev_set_mac_address on slave failed! ALB mode requires that the base driver support setting the hw address also when the network device's interface is open
[  338.652952][T14029] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2327'.
[  338.816757][T14040] netlink: 'syz.3.2331': attribute type 13 has an invalid length.
[  338.843721][   T78] nci: nci_add_new_protocol: the target found does not have the desired protocol
[  338.852901][T14044] FAULT_INJECTION: forcing a failure.
[  338.852901][T14044] name failslab, interval 1, probability 0, space 0, times 0
[  338.866399][T14044] CPU: 0 UID: 0 PID: 14044 Comm: syz.1.2333 Not tainted syzkaller #0 PREEMPT(full) 
[  338.866434][T14044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  338.866446][T14044] Call Trace:
[  338.866454][T14044]  <TASK>
[  338.866462][T14044]  dump_stack_lvl+0x189/0x250
[  338.866492][T14044]  ? __pfx____ratelimit+0x10/0x10
[  338.866512][T14044]  ? __pfx_dump_stack_lvl+0x10/0x10
[  338.866542][T14044]  ? __pfx__printk+0x10/0x10
[  338.866596][T14044]  should_fail_ex+0x414/0x560
[  338.866629][T14044]  should_failslab+0xa8/0x100
[  338.866658][T14044]  __kmalloc_cache_noprof+0x70/0x3d0
[  338.866684][T14044]  ? sctp_add_bind_addr+0x8c/0x370
[  338.866718][T14044]  sctp_add_bind_addr+0x8c/0x370
[  338.866752][T14044]  sctp_copy_local_addr_list+0x30b/0x4e0
[  338.866785][T14044]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[  338.866814][T14044]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  338.866848][T14044]  ? sctp_v4_is_any+0x35/0x60
[  338.866867][T14044]  ? sctp_copy_one_addr+0x93/0x360
[  338.866900][T14044]  sctp_bind_addr_copy+0xb3/0x3c0
[  338.866930][T14044]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  338.866960][T14044]  sctp_connect_new_asoc+0x2e0/0x690
[  338.866987][T14044]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  338.867007][T14044]  ? __local_bh_enable_ip+0x12d/0x1c0
[  338.867036][T14044]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  338.867058][T14044]  ? security_sctp_bind_connect+0x7e/0x2e0
[  338.867087][T14044]  sctp_sendmsg+0x155c/0x2810
[  338.867125][T14044]  ? __pfx_sctp_sendmsg+0x10/0x10
[  338.867151][T14044]  ? aa_sk_perm+0x81e/0x950
[  338.867186][T14044]  ? __pfx_aa_sk_perm+0x10/0x10
[  338.867218][T14044]  ? sock_rps_record_flow+0x19/0x410
[  338.867248][T14044]  ? inet_sendmsg+0x2f4/0x370
[  338.867278][T14044]  __sock_sendmsg+0x19c/0x270
[  338.867309][T14044]  ____sys_sendmsg+0x52d/0x830
[  338.867338][T14044]  ? __pfx_____sys_sendmsg+0x10/0x10
[  338.867372][T14044]  ? import_iovec+0x74/0xa0
[  338.867400][T14044]  ___sys_sendmsg+0x21f/0x2a0
[  338.867426][T14044]  ? __pfx____sys_sendmsg+0x10/0x10
[  338.867494][T14044]  ? __fget_files+0x2a/0x420
[  338.867510][T14044]  ? __fget_files+0x3a0/0x420
[  338.867549][T14044]  __sys_sendmmsg+0x227/0x430
[  338.867582][T14044]  ? __pfx___sys_sendmmsg+0x10/0x10
[  338.867601][T14044]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  338.867653][T14044]  ? ksys_write+0x22a/0x250
[  338.867679][T14044]  ? __pfx_ksys_write+0x10/0x10
[  338.867700][T14044]  ? rcu_is_watching+0x15/0xb0
[  338.867727][T14044]  __x64_sys_sendmmsg+0xa0/0xc0
[  338.867749][T14044]  do_syscall_64+0xfa/0x3b0
[  338.867767][T14044]  ? lockdep_hardirqs_on+0x9c/0x150
[  338.867786][T14044]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.867804][T14044]  ? clear_bhb_loop+0x60/0xb0
[  338.867828][T14044]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.867846][T14044] RIP: 0033:0x7fce4a38ebe9
[  338.867865][T14044] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  338.867881][T14044] RSP: 002b:00007fce4b2a9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  338.867901][T14044] RAX: ffffffffffffffda RBX: 00007fce4a5c5fa0 RCX: 00007fce4a38ebe9
[  338.867914][T14044] RDX: 0000000000000001 RSI: 0000200000000880 RDI: 0000000000000004
[  338.867927][T14044] RBP: 00007fce4b2a9090 R08: 0000000000000000 R09: 0000000000000000
[  338.867938][T14044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  338.867949][T14044] R13: 00007fce4a5c6038 R14: 00007fce4a5c5fa0 R15: 00007ffd17895168
[  338.867989][T14044]  </TASK>
[  339.223449][T14040] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2331'.
[  339.253499][T14040] (unnamed net_device) (uninitialized): option fail_over_mac: invalid value (6)
[  339.454430][T14056] bridge4: the hash_elasticity option has been deprecated and is always 16
[  339.488808][ T5925] hid-generic 0005:16C0:0009.002E: unknown main item tag 0x0
[  339.506879][ T5925] hid-generic 0005:16C0:0009.002E: hidraw0: BLUETOOTH HID v0.09 Device [syz1] on aa:aa:aa:aa:aa:aa
[  340.490271][T14106] FAULT_INJECTION: forcing a failure.
[  340.490271][T14106] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  340.503758][T14106] CPU: 1 UID: 0 PID: 14106 Comm: syz.1.2352 Not tainted syzkaller #0 PREEMPT(full) 
[  340.503786][T14106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  340.503797][T14106] Call Trace:
[  340.503805][T14106]  <TASK>
[  340.503813][T14106]  dump_stack_lvl+0x189/0x250
[  340.503843][T14106]  ? __pfx____ratelimit+0x10/0x10
[  340.503864][T14106]  ? __pfx_dump_stack_lvl+0x10/0x10
[  340.503886][T14106]  ? __pfx__printk+0x10/0x10
[  340.503913][T14106]  ? __might_fault+0xb0/0x130
[  340.503951][T14106]  should_fail_ex+0x414/0x560
[  340.503982][T14106]  _copy_from_user+0x2d/0xb0
[  340.504006][T14106]  ___sys_recvmsg+0x12e/0x510
[  340.504036][T14106]  ? __pfx____sys_recvmsg+0x10/0x10
[  340.504095][T14106]  ? __might_fault+0xb0/0x130
[  340.504125][T14106]  do_recvmmsg+0x307/0x770
[  340.504157][T14106]  ? __pfx_do_recvmmsg+0x10/0x10
[  340.504193][T14106]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  340.504235][T14106]  __x64_sys_recvmmsg+0x190/0x240
[  340.504261][T14106]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  340.504281][T14106]  ? rcu_is_watching+0x15/0xb0
[  340.504305][T14106]  ? do_syscall_64+0xbe/0x3b0
[  340.504330][T14106]  do_syscall_64+0xfa/0x3b0
[  340.504348][T14106]  ? lockdep_hardirqs_on+0x9c/0x150
[  340.504366][T14106]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.504384][T14106]  ? clear_bhb_loop+0x60/0xb0
[  340.504407][T14106]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.504424][T14106] RIP: 0033:0x7fce4a38ebe9
[  340.504443][T14106] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  340.504459][T14106] RSP: 002b:00007fce4b2a9038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  340.504480][T14106] RAX: ffffffffffffffda RBX: 00007fce4a5c5fa0 RCX: 00007fce4a38ebe9
[  340.504494][T14106] RDX: 0000000000000004 RSI: 00002000000004c0 RDI: 0000000000000003
[  340.504506][T14106] RBP: 00007fce4b2a9090 R08: 0000000000000000 R09: 0000000000000000
[  340.504518][T14106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  340.504529][T14106] R13: 00007fce4a5c6038 R14: 00007fce4a5c5fa0 R15: 00007ffd17895168
[  340.504573][T14106]  </TASK>
[  340.943681][T14114] __nla_validate_parse: 4 callbacks suppressed
[  340.943704][T14114] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2354'.
[  341.456818][T14133] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2361'.
[  341.566993][T14138] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2363'.
[  342.013043][T14150] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2367'.
[  342.042333][T14142] netlink: 'syz.2.2364': attribute type 21 has an invalid length.
[  342.077215][T14142] ipvlan0: entered promiscuous mode
[  342.084568][T14142] bridge0: port 3(ipvlan0) entered blocking state
[  342.091466][T14142] bridge0: port 3(ipvlan0) entered disabled state
[  342.100483][T14142] ipvlan0: entered allmulticast mode
[  342.109460][T14142] ipvlan0: left allmulticast mode
[  342.175004][T14152] syzkaller0: entered promiscuous mode
[  342.189461][T14152] syzkaller0: entered allmulticast mode
[  342.477446][T14170] lo speed is unknown, defaulting to 1000
[  342.575347][   T49] nci: nci_add_new_protocol: the target found does not have the desired protocol
[  342.932918][T14170] netlink: 'syz.0.2376': attribute type 13 has an invalid length.
[  342.943038][T14170] netlink: 'syz.0.2376': attribute type 17 has an invalid length.
[  342.962822][T14170] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  343.585329][T14212] syzkaller0: entered promiscuous mode
[  343.627721][T14212] syzkaller0: entered allmulticast mode
[  343.699179][T14219] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2391'.
[  343.714901][T14218] ip6_vti0: left promiscuous mode
[  343.740144][T14218] ip6_vti0: left allmulticast mode
[  343.761971][T14218] veth0_to_bridge: left promiscuous mode
[  343.798988][T14218] veth0_to_bridge: left allmulticast mode
[  343.832864][T14218] ip6tnl2: left promiscuous mode
[  343.854783][T14218] ip6tnl2: left allmulticast mode
[  343.860902][T14218] geneve2: left promiscuous mode
[  343.876237][T14218] bridge2: left allmulticast mode
[  343.883043][T14218] hsr2: left allmulticast mode
[  343.922309][T14218] bond0: left allmulticast mode
[  343.938010][T14218] bond_slave_0: left allmulticast mode
[  343.956958][T14218] erspan0: left allmulticast mode
[  343.983105][T14218] veth5: left promiscuous mode
[  343.997547][ T5925] hid-generic 0005:16C0:0009.002F: unknown main item tag 0x0
[  344.014862][ T5925] hid-generic 0005:16C0:0009.002F: hidraw0: BLUETOOTH HID v0.09 Device [syz1] on aa:aa:aa:aa:aa:aa
[  344.046225][T14218] bond2: left promiscuous mode
[  344.067986][T14218] bond2: left allmulticast mode
[  344.199748][T14242] netlink: 152 bytes leftover after parsing attributes in process `syz.0.2400'.
[  344.229958][T14242] netlink: 152 bytes leftover after parsing attributes in process `syz.0.2400'.
[  344.384605][T14251] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2403'.
[  344.403959][T14251] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2403'.
[  344.416147][T14249] lo speed is unknown, defaulting to 1000
[  344.654475][T14259] lo speed is unknown, defaulting to 1000
[  344.811425][T14271] netlink: 'syz.2.2410': attribute type 1 has an invalid length.
[  344.833348][T14271] netlink: 2 bytes leftover after parsing attributes in process `syz.2.2410'.
[  345.019773][T14279] syzkaller0: entered promiscuous mode
[  345.025384][T14279] syzkaller0: entered allmulticast mode
[  345.117759][T14282] netlink: 'syz.2.2413': attribute type 25 has an invalid length.
[  345.125808][T14282] netlink: 'syz.2.2413': attribute type 7 has an invalid length.
[  345.461853][T14292] FAULT_INJECTION: forcing a failure.
[  345.461853][T14292] name failslab, interval 1, probability 0, space 0, times 0
[  345.517808][T14292] CPU: 1 UID: 0 PID: 14292 Comm: syz.2.2418 Not tainted syzkaller #0 PREEMPT(full) 
[  345.517837][T14292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  345.517849][T14292] Call Trace:
[  345.517857][T14292]  <TASK>
[  345.517865][T14292]  dump_stack_lvl+0x189/0x250
[  345.517895][T14292]  ? __pfx____ratelimit+0x10/0x10
[  345.517916][T14292]  ? __pfx_dump_stack_lvl+0x10/0x10
[  345.517938][T14292]  ? __pfx__printk+0x10/0x10
[  345.517978][T14292]  should_fail_ex+0x414/0x560
[  345.518009][T14292]  should_failslab+0xa8/0x100
[  345.518039][T14292]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  345.518066][T14292]  ? __alloc_skb+0x112/0x2d0
[  345.518091][T14292]  __alloc_skb+0x112/0x2d0
[  345.518116][T14292]  _sctp_make_chunk+0x5e/0x430
[  345.518143][T14292]  sctp_make_init+0x58b/0xd30
[  345.518186][T14292]  ? __pfx_sctp_make_init+0x10/0x10
[  345.518217][T14292]  ? arch_stack_walk+0xfc/0x150
[  345.518256][T14292]  ? stack_trace_save+0x9c/0xe0
[  345.518282][T14292]  sctp_sf_do_prm_asoc+0xd2/0x3f0
[  345.518312][T14292]  sctp_do_sm+0x1e4/0x5a20
[  345.518336][T14292]  ? __pfx_sctp_pname+0x10/0x10
[  345.518365][T14292]  ? kasan_save_track+0x3e/0x80
[  345.518388][T14292]  ? sctp_stream_init_ext+0x57/0x180
[  345.518412][T14292]  ? sctp_sendmsg_to_asoc+0x12fd/0x1810
[  345.518432][T14292]  ? sctp_sendmsg+0x1941/0x2810
[  345.518451][T14292]  ? __sock_sendmsg+0x19c/0x270
[  345.518474][T14292]  ? __sys_sendto+0x3bd/0x520
[  345.518491][T14292]  ? do_syscall_64+0xfa/0x3b0
[  345.518510][T14292]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  345.518541][T14292]  ? __pfx_sctp_do_sm+0x10/0x10
[  345.518615][T14292]  ? __sk_mem_raise_allocated+0x7ef/0x11a0
[  345.518640][T14292]  ? __kasan_kmalloc+0x93/0xb0
[  345.518675][T14292]  sctp_primitive_ASSOCIATE+0x95/0xc0
[  345.518704][T14292]  sctp_sendmsg_to_asoc+0x102d/0x1810
[  345.518724][T14292]  ? __asan_memcpy+0x40/0x70
[  345.518755][T14292]  ? sctp_assoc_add_peer+0xcfa/0x13b0
[  345.518796][T14292]  ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10
[  345.518819][T14292]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  345.518839][T14292]  ? __local_bh_enable_ip+0x12d/0x1c0
[  345.518868][T14292]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  345.518890][T14292]  ? security_sctp_bind_connect+0x7e/0x2e0
[  345.518919][T14292]  sctp_sendmsg+0x1941/0x2810
[  345.518956][T14292]  ? __pfx_sctp_sendmsg+0x10/0x10
[  345.518983][T14292]  ? aa_sk_perm+0x81e/0x950
[  345.519017][T14292]  ? __pfx_aa_sk_perm+0x10/0x10
[  345.519050][T14292]  ? sock_rps_record_flow+0x19/0x410
[  345.519081][T14292]  ? inet_sendmsg+0x2f4/0x370
[  345.519112][T14292]  __sock_sendmsg+0x19c/0x270
[  345.519142][T14292]  __sys_sendto+0x3bd/0x520
[  345.519165][T14292]  ? __pfx___sys_sendto+0x10/0x10
[  345.519181][T14292]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  345.519217][T14292]  ? __fget_files+0x3a0/0x420
[  345.519249][T14292]  ? ksys_write+0x22a/0x250
[  345.519277][T14292]  ? __pfx_ksys_write+0x10/0x10
[  345.519298][T14292]  ? rcu_is_watching+0x15/0xb0
[  345.519325][T14292]  __x64_sys_sendto+0xde/0x100
[  345.519349][T14292]  do_syscall_64+0xfa/0x3b0
[  345.519367][T14292]  ? lockdep_hardirqs_on+0x9c/0x150
[  345.519386][T14292]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  345.519404][T14292]  ? clear_bhb_loop+0x60/0xb0
[  345.519429][T14292]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  345.519447][T14292] RIP: 0033:0x7f077fd8ebe9
[  345.519465][T14292] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  345.519481][T14292] RSP: 002b:00007f0780cb8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  345.519503][T14292] RAX: ffffffffffffffda RBX: 00007f077ffc5fa0 RCX: 00007f077fd8ebe9
[  345.519517][T14292] RDX: 0000000000000001 RSI: 00002000000000c0 RDI: 0000000000000004
[  345.519529][T14292] RBP: 00007f0780cb8090 R08: 0000200000000280 R09: 0000000000000010
[  345.519549][T14292] R10: 00000000000000c1 R11: 0000000000000246 R12: 0000000000000002
[  345.519561][T14292] R13: 00007f077ffc6038 R14: 00007f077ffc5fa0 R15: 00007ffe605e6be8
[  345.519595][T14292]  </TASK>
[  346.161861][T14306] syzkaller0: entered promiscuous mode
[  346.167472][T14306] syzkaller0: entered allmulticast mode
[  346.489117][T14321] netlink: 'syz.1.2430': attribute type 1 has an invalid length.
[  346.566629][T14321] 8021q: adding VLAN 0 to HW filter on device bond3
[  346.682148][T14326] bond3: (slave veth3): Enslaving as an active interface with a down link
[  346.740714][T14321] 8021q: adding VLAN 0 to HW filter on device batadv1
[  346.803865][T14321] bond3: (slave batadv1): dev_set_mac_address on slave failed! ALB mode requires that the base driver support setting the hw address also when the network device's interface is open
[  347.283372][T14352] netlink: 'syz.3.2438': attribute type 7 has an invalid length.
[  347.500127][T14352] : entered promiscuous mode
[  347.606953][T14362] syzkaller0: entered promiscuous mode
[  347.629395][T14362] syzkaller0: entered allmulticast mode
[  347.656023][T14355] syzkaller0: entered promiscuous mode
[  347.693603][T14355] syzkaller0: entered allmulticast mode
[  348.173402][   T36] nci: nci_add_new_protocol: the target found does not have the desired protocol
[  348.254324][T14388] __nla_validate_parse: 3 callbacks suppressed
[  348.254345][T14388] netlink: 7 bytes leftover after parsing attributes in process `syz.1.2444'.
[  348.723848][T14412] syzkaller0: entered promiscuous mode
[  348.792527][T14412] syzkaller0: entered allmulticast mode
[  349.102861][T14419] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2450'.
[  349.175620][T14419] mac80211_hwsim hwsim11 wlan1: entered promiscuous mode
[  349.211626][T14419] mac80211_hwsim hwsim11 wlan1: left promiscuous mode
[  350.292567][T14464] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2465'.
[  350.413152][T14471] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2464'.
[  350.770351][T14464] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2465'.
[  351.026570][T14478] 8021q: adding VLAN 0 to HW filter on device bond6
[  351.100316][T14478] bond5: (slave bond6): Enslaving as an active interface with an up link
[  351.131532][T14464] 8021q: adding VLAN 0 to HW filter on device bond5
[  351.304279][T14492] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2469'.
[  352.000822][T14529] netlink: 'syz.2.2482': attribute type 4 has an invalid length.
[  352.064049][T14526] IPVS: persistence engine module ip_vs_pe_ not found
[  352.134006][T14526] syzkaller1: entered promiscuous mode
[  352.140366][T14526] syzkaller1: entered allmulticast mode
[  352.172184][T14526] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2481'.
[  353.521890][T14578] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[  353.548557][T14584] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2496'.
[  353.609041][T14586] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2497'.
[  353.677181][T14584] netlink: 'syz.1.2496': attribute type 1 has an invalid length.
[  354.846260][T14621] netlink: 248 bytes leftover after parsing attributes in process `syz.0.2509'.
[  355.100988][T14636] vlan1: entered promiscuous mode
[  355.108014][    C1] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  355.280852][T14643] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2514'.
[  355.326364][T14643] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2514'.
[  355.485052][T14648] lo speed is unknown, defaulting to 1000
[  355.586285][T14652] netlink: 'syz.0.2517': attribute type 10 has an invalid length.
[  355.820802][T14663] netlink: 'syz.2.2523': attribute type 1 has an invalid length.
[  355.825765][T14664] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2521'.
[  355.884036][T14668] netlink: 3 bytes leftover after parsing attributes in process `syz.2.2523'.
[  355.973060][T14663] bond6: entered promiscuous mode
[  356.006270][T14663] 8021q: adding VLAN 0 to HW filter on device bond6
[  356.153490][T14668] batadv2: entered promiscuous mode
[  356.184064][T14668] batadv2: entered allmulticast mode
[  356.246707][T14676] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2523'.
[  356.289450][T14668] 8021q: adding VLAN 0 to HW filter on device batadv2
[  356.325188][T14668] bond6: (slave batadv2): making interface the new active one
[  356.403904][T14668] bond6: (slave batadv2): Enslaving as an active interface with an up link
[  356.679900][T14692] netlink: 165 bytes leftover after parsing attributes in process `syz.3.2529'.
[  356.798413][T14695] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2530'.
[  356.855787][T14701] FAULT_INJECTION: forcing a failure.
[  356.855787][T14701] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  356.871287][T14701] CPU: 0 UID: 0 PID: 14701 Comm: syz.3.2533 Not tainted syzkaller #0 PREEMPT(full) 
[  356.871327][T14701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  356.871339][T14701] Call Trace:
[  356.871349][T14701]  <TASK>
[  356.871358][T14701]  dump_stack_lvl+0x189/0x250
[  356.871386][T14701]  ? __pfx____ratelimit+0x10/0x10
[  356.871406][T14701]  ? __pfx_dump_stack_lvl+0x10/0x10
[  356.871429][T14701]  ? __pfx__printk+0x10/0x10
[  356.871456][T14701]  ? __might_fault+0xb0/0x130
[  356.871495][T14701]  should_fail_ex+0x414/0x560
[  356.871526][T14701]  _copy_from_user+0x2d/0xb0
[  356.871551][T14701]  __sys_bpf+0x1ed/0x870
[  356.871579][T14701]  ? __pfx___sys_bpf+0x10/0x10
[  356.871617][T14701]  ? ksys_write+0x22a/0x250
[  356.871644][T14701]  ? __pfx_ksys_write+0x10/0x10
[  356.871673][T14701]  __x64_sys_bpf+0x7c/0x90
[  356.871695][T14701]  do_syscall_64+0xfa/0x3b0
[  356.871712][T14701]  ? lockdep_hardirqs_on+0x9c/0x150
[  356.871729][T14701]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.871746][T14701]  ? clear_bhb_loop+0x60/0xb0
[  356.871767][T14701]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.871785][T14701] RIP: 0033:0x7f9ccf78ebe9
[  356.871802][T14701] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  356.871819][T14701] RSP: 002b:00007f9cd06da038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  356.871839][T14701] RAX: ffffffffffffffda RBX: 00007f9ccf9c5fa0 RCX: 00007f9ccf78ebe9
[  356.871853][T14701] RDX: 0000000000000080 RSI: 0000200000000600 RDI: 0000000000000005
[  356.871865][T14701] RBP: 00007f9cd06da090 R08: 0000000000000000 R09: 0000000000000000
[  356.871877][T14701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  356.871889][T14701] R13: 00007f9ccf9c6038 R14: 00007f9ccf9c5fa0 R15: 00007fff4f446828
[  356.871920][T14701]  </TASK>
[  357.179091][T14708] netlink: 'syz.4.2536': attribute type 1 has an invalid length.
[  359.221520][T14787] __nla_validate_parse: 8 callbacks suppressed
[  359.221541][T14787] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2564'.
[  359.362201][T14780] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  359.379885][T14780] bond_slave_0: left promiscuous mode
[  359.390677][T14780] bond0 (unregistering): Released all slaves
[  359.395280][T14799] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2568'.
[  359.408602][T14799] openvswitch: netlink: Flow actions attr not present in new flow.
[  360.026629][T14830] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input6
[  360.058839][ T6333] nci: nci_add_new_protocol: the target found does not have the desired protocol
[  360.581716][T14848] batman_adv: batadv0: Adding interface: ip6gretap1
[  360.588736][T14848] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  360.614968][T14848] batman_adv: batadv0: Interface activated: ip6gretap1
[  360.645916][T14848] geneve3: entered promiscuous mode
[  360.792350][T14852] netlink: 'syz.0.2585': attribute type 1 has an invalid length.
[  360.825175][T14852] netlink: 208 bytes leftover after parsing attributes in process `syz.0.2585'.
[  361.054633][T14864] syzkaller0: entered promiscuous mode
[  361.068353][T14864] syzkaller0: entered allmulticast mode
[  361.133314][T14855] netlink: 'syz.3.2586': attribute type 10 has an invalid length.
[  361.162754][T14869] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2590'.
[  361.236039][T14869] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2590'.
[  362.027162][T14888] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2598'.
[  362.164400][T14897] netlink: 'syz.1.2599': attribute type 4 has an invalid length.
[  362.497855][T14911] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input7
[  362.760091][T14923] netlink: 96 bytes leftover after parsing attributes in process `syz.0.2610'.
[  362.774806][T14924] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2611'.
[  362.830166][T14923] vlan1: entered allmulticast mode
[  362.844725][T14923] gretap0: entered allmulticast mode
[  363.516760][T14958] lo speed is unknown, defaulting to 1000
[  363.666271][T14960] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2633'.
[  363.721207][T14967] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2633'.
[  363.768381][T14964] syzkaller0: entered promiscuous mode
[  363.798839][T14964] syzkaller0: entered allmulticast mode
[  363.900702][T14973] FAULT_INJECTION: forcing a failure.
[  363.900702][T14973] name failslab, interval 1, probability 0, space 0, times 0
[  363.937150][T14973] CPU: 1 UID: 0 PID: 14973 Comm: syz.2.2626 Not tainted syzkaller #0 PREEMPT(full) 
[  363.937178][T14973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  363.937190][T14973] Call Trace:
[  363.937198][T14973]  <TASK>
[  363.937207][T14973]  dump_stack_lvl+0x189/0x250
[  363.937237][T14973]  ? __pfx____ratelimit+0x10/0x10
[  363.937258][T14973]  ? __pfx_dump_stack_lvl+0x10/0x10
[  363.937280][T14973]  ? __pfx__printk+0x10/0x10
[  363.937310][T14973]  ? __pfx___might_resched+0x10/0x10
[  363.937329][T14973]  ? fs_reclaim_acquire+0x7d/0x100
[  363.937364][T14973]  should_fail_ex+0x414/0x560
[  363.937396][T14973]  should_failslab+0xa8/0x100
[  363.937426][T14973]  kmem_cache_alloc_noprof+0x73/0x3c0
[  363.937450][T14973]  ? radix_tree_node_alloc+0x7e/0x3a0
[  363.937474][T14973]  radix_tree_node_alloc+0x7e/0x3a0
[  363.937500][T14973]  idr_get_free+0x2b3/0xa70
[  363.937545][T14973]  idr_alloc_u32+0x159/0x2d0
[  363.937566][T14973]  ? __kasan_kmalloc+0x93/0xb0
[  363.937595][T14973]  ? __pfx_idr_alloc_u32+0x10/0x10
[  363.937623][T14973]  ? tcf_exts_init_ex+0x449/0x750
[  363.937651][T14973]  basic_change+0x3c6/0xd80
[  363.937677][T14973]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  363.937710][T14973]  ? __pfx_basic_change+0x10/0x10
[  363.937761][T14973]  tc_new_tfilter+0xdc7/0x15b0
[  363.937818][T14973]  ? __pfx_tc_new_tfilter+0x10/0x10
[  363.937836][T14973]  ? __dev_queue_xmit+0x1d79/0x3b50
[  363.937901][T14973]  ? __pfx_tc_new_tfilter+0x10/0x10
[  363.937921][T14973]  rtnetlink_rcv_msg+0x7cf/0xb70
[  363.937945][T14973]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  363.937963][T14973]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  363.937978][T14973]  ? ref_tracker_free+0x63a/0x7d0
[  363.938005][T14973]  ? __asan_memcpy+0x40/0x70
[  363.938034][T14973]  ? __pfx_ref_tracker_free+0x10/0x10
[  363.938059][T14973]  ? __skb_clone+0x63/0x7a0
[  363.938093][T14973]  netlink_rcv_skb+0x208/0x470
[  363.938115][T14973]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  363.938133][T14973]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  363.938164][T14973]  ? netlink_deliver_tap+0x2e/0x1b0
[  363.938190][T14973]  netlink_unicast+0x82c/0x9e0
[  363.938225][T14973]  ? __pfx_netlink_unicast+0x10/0x10
[  363.938250][T14973]  ? netlink_sendmsg+0x642/0xb30
[  363.938264][T14973]  ? skb_put+0x11b/0x210
[  363.938286][T14973]  netlink_sendmsg+0x805/0xb30
[  363.938315][T14973]  ? __pfx_netlink_sendmsg+0x10/0x10
[  363.938339][T14973]  ? aa_sock_msg_perm+0xf1/0x1d0
[  363.938358][T14973]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  363.938376][T14973]  ? __pfx_netlink_sendmsg+0x10/0x10
[  363.938395][T14973]  __sock_sendmsg+0x21c/0x270
[  363.938424][T14973]  ____sys_sendmsg+0x52d/0x830
[  363.938452][T14973]  ? __pfx_____sys_sendmsg+0x10/0x10
[  363.938482][T14973]  ? import_iovec+0x74/0xa0
[  363.938507][T14973]  ___sys_sendmsg+0x21f/0x2a0
[  363.938531][T14973]  ? __pfx____sys_sendmsg+0x10/0x10
[  363.938603][T14973]  ? __might_fault+0xb0/0x130
[  363.938633][T14973]  __sys_sendmmsg+0x227/0x430
[  363.938661][T14973]  ? __pfx___sys_sendmmsg+0x10/0x10
[  363.938679][T14973]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  363.938726][T14973]  ? ksys_write+0x22a/0x250
[  363.938752][T14973]  ? __pfx_ksys_write+0x10/0x10
[  363.938771][T14973]  ? rcu_is_watching+0x15/0xb0
[  363.938800][T14973]  __x64_sys_sendmmsg+0xa0/0xc0
[  363.938823][T14973]  do_syscall_64+0xfa/0x3b0
[  363.938842][T14973]  ? lockdep_hardirqs_on+0x9c/0x150
[  363.938860][T14973]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  363.938878][T14973]  ? clear_bhb_loop+0x60/0xb0
[  363.938901][T14973]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  363.938919][T14973] RIP: 0033:0x7f077fd8ebe9
[  363.938937][T14973] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  363.938952][T14973] RSP: 002b:00007f0780cb8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  363.938974][T14973] RAX: ffffffffffffffda RBX: 00007f077ffc5fa0 RCX: 00007f077fd8ebe9
[  363.938988][T14973] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000004
[  363.939001][T14973] RBP: 00007f0780cb8090 R08: 0000000000000000 R09: 0000000000000000
[  363.939013][T14973] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  363.939033][T14973] R13: 00007f077ffc6038 R14: 00007f077ffc5fa0 R15: 00007ffe605e6be8
[  363.939065][T14973]  </TASK>
[  364.726674][T14991] netlink: 'syz.2.2631': attribute type 1 has an invalid length.
[  364.787314][T14991] 8021q: adding VLAN 0 to HW filter on device bond7
[  364.826081][T14993] 8021q: adding VLAN 0 to HW filter on device bond7
[  364.837505][T14993] bond7: (slave vxcan3): The slave device specified does not support setting the MAC address
[  364.850535][T14993] bond7: (slave vxcan3): Error -95 calling set_mac_address
[  364.956068][T14991] bond7: (slave bridge3): Enslaving as an active interface with a down link
[  365.434014][T15020] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  365.559018][T15026] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2645'.
[  365.585492][T15026] IPv6: Can't replace route, no match found
[  365.704560][T15034] netlink: 'syz.4.2648': attribute type 3 has an invalid length.
[  365.738207][T15034] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.2648'.
[  365.924043][T15048] openvswitch: netlink: VXLAN extension message has 1 unknown bytes.
[  366.129815][T15061] netlink: 16182 bytes leftover after parsing attributes in process `syz.4.2659'.
[  366.166767][ T5983] hid-generic 0005:16C0:0009.0030: unknown main item tag 0x0
[  366.186202][ T5983] hid-generic 0005:16C0:0009.0030: hidraw0: BLUETOOTH HID v0.09 Device [syz1] on aa:aa:aa:aa:aa:aa
[  366.244201][T15065] wg1: entered promiscuous mode
[  366.249419][T15065] wg1: entered allmulticast mode
[  366.502171][T15077] IPVS: sed: SCTP 172.20.20.187:0 - no destination available
[  366.950581][T15093] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  366.982108][T15093] tipc: Resetting bearer <eth:syzkaller0>
[  367.018965][T15094] geneve3: entered promiscuous mode
[  367.027181][ T6326] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  367.047843][ T6326] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  367.084220][ T6326] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  367.156758][T15091] tipc: Disabling bearer <eth:syzkaller0>
[  367.193960][   T49] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  367.286785][T15105] FAULT_INJECTION: forcing a failure.
[  367.286785][T15105] name failslab, interval 1, probability 0, space 0, times 0
[  367.333305][T15105] CPU: 1 UID: 0 PID: 15105 Comm: syz.3.2674 Not tainted syzkaller #0 PREEMPT(full) 
[  367.333334][T15105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  367.333346][T15105] Call Trace:
[  367.333355][T15105]  <TASK>
[  367.333364][T15105]  dump_stack_lvl+0x189/0x250
[  367.333393][T15105]  ? __pfx____ratelimit+0x10/0x10
[  367.333413][T15105]  ? __pfx_dump_stack_lvl+0x10/0x10
[  367.333437][T15105]  ? __pfx__printk+0x10/0x10
[  367.333468][T15105]  ? __pfx___might_resched+0x10/0x10
[  367.333486][T15105]  ? fs_reclaim_acquire+0x7d/0x100
[  367.333521][T15105]  should_fail_ex+0x414/0x560
[  367.333552][T15105]  should_failslab+0xa8/0x100
[  367.333582][T15105]  kmem_cache_alloc_noprof+0x73/0x3c0
[  367.333607][T15105]  ? __kernfs_new_node+0xd7/0x7e0
[  367.333634][T15105]  __kernfs_new_node+0xd7/0x7e0
[  367.333656][T15105]  ? __lock_acquire+0xab9/0xd20
[  367.333692][T15105]  ? __pfx___kernfs_new_node+0x10/0x10
[  367.333713][T15105]  ? kernfs_root+0x1c/0x230
[  367.333742][T15105]  ? kernfs_root+0x1c/0x230
[  367.333762][T15105]  ? kernfs_root+0x1c/0x230
[  367.333779][T15105]  ? kernfs_root+0x1c/0x230
[  367.333805][T15105]  kernfs_new_node+0x102/0x210
[  367.333835][T15105]  __kernfs_create_file+0x4b/0x2e0
[  367.333865][T15105]  sysfs_add_file_mode_ns+0x238/0x300
[  367.333903][T15105]  internal_create_group+0x66d/0x1110
[  367.333944][T15105]  ? __pfx_internal_create_group+0x10/0x10
[  367.334002][T15105]  sysfs_create_groups+0x59/0x120
[  367.334027][T15105]  device_add_attrs+0x1c4/0x5a0
[  367.334055][T15105]  ? __pfx_device_add_attrs+0x10/0x10
[  367.334072][T15105]  ? kobject_put+0x43f/0x480
[  367.334107][T15105]  ? device_add_class_symlinks+0x21f/0x240
[  367.334132][T15105]  device_add+0x496/0xb50
[  367.334150][T15105]  ? device_initialize+0x24b/0x440
[  367.334174][T15105]  wakeup_source_sysfs_add+0x1af/0x280
[  367.334202][T15105]  wakeup_source_register+0x18a/0x380
[  367.334227][T15105]  ep_insert+0xff3/0x19e0
[  367.334272][T15105]  ? __pfx_ep_insert+0x10/0x10
[  367.334314][T15105]  ? bpf_lsm_capable+0x9/0x20
[  367.334357][T15105]  do_epoll_ctl+0x7f4/0xe80
[  367.334394][T15105]  __x64_sys_epoll_ctl+0x163/0x1a0
[  367.334425][T15105]  ? __pfx___x64_sys_epoll_ctl+0x10/0x10
[  367.334449][T15105]  ? rcu_is_watching+0x15/0xb0
[  367.334475][T15105]  ? do_syscall_64+0xbe/0x3b0
[  367.334500][T15105]  do_syscall_64+0xfa/0x3b0
[  367.334518][T15105]  ? lockdep_hardirqs_on+0x9c/0x150
[  367.334536][T15105]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.334555][T15105]  ? clear_bhb_loop+0x60/0xb0
[  367.334578][T15105]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.334596][T15105] RIP: 0033:0x7f9ccf78ebe9
[  367.334613][T15105] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  367.334628][T15105] RSP: 002b:00007f9cd06da038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  367.334650][T15105] RAX: ffffffffffffffda RBX: 00007f9ccf9c5fa0 RCX: 00007f9ccf78ebe9
[  367.334663][T15105] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000005
[  367.334674][T15105] RBP: 00007f9cd06da090 R08: 0000000000000000 R09: 0000000000000000
[  367.334685][T15105] R10: 0000200000000200 R11: 0000000000000246 R12: 0000000000000002
[  367.334696][T15105] R13: 00007f9ccf9c6038 R14: 00007f9ccf9c5fa0 R15: 00007fff4f446828
[  367.334728][T15105]  </TASK>
[  367.787512][T15117] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2677'.
[  368.565385][T15149] lo speed is unknown, defaulting to 1000
[  369.234784][T15163] netlink: 'syz.3.2688': attribute type 21 has an invalid length.
[  369.288249][T15162] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  369.317738][T15162] syzkaller0: entered promiscuous mode
[  369.331482][T15162] syzkaller0: entered allmulticast mode
[  369.399271][T15161] tipc: Resetting bearer <eth:syzkaller0>
[  369.499694][T15161] tipc: Disabling bearer <eth:syzkaller0>
[  369.660438][T15179] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2693'.
[  369.741849][T15179] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2693'.
[  370.342143][T15201] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2699'.
[  370.382854][T15201] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2699'.
[  370.502446][T15201] bridge4: the hash_elasticity option has been deprecated and is always 16
[  370.840818][T15215] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  370.880569][T15215] syzkaller0: entered promiscuous mode
[  370.889151][T15215] syzkaller0: entered allmulticast mode
[  370.997032][T15213] tipc: Resetting bearer <eth:syzkaller0>
[  371.064449][ T5963] hid-generic 0005:16C0:0009.0031: unknown main item tag 0x0
[  371.101558][ T5963] hid-generic 0005:16C0:0009.0031: hidraw0: BLUETOOTH HID v0.09 Device [syz1] on aa:aa:aa:aa:aa:aa
[  371.114743][T15213] tipc: Disabling bearer <eth:syzkaller0>
[  371.331607][T15233] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2710'.
[  371.345083][T15232] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2710'.
[  371.454440][T15240] syzkaller0: entered promiscuous mode
[  371.488231][T15240] syzkaller0: entered allmulticast mode
[  371.505957][T15243] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2714'.
[  371.521040][T15243] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2714'.
[  371.557001][T15243] FAULT_INJECTION: forcing a failure.
[  371.557001][T15243] name failslab, interval 1, probability 0, space 0, times 0
[  371.580758][T15243] CPU: 1 UID: 0 PID: 15243 Comm: syz.1.2714 Not tainted syzkaller #0 PREEMPT(full) 
[  371.580785][T15243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  371.580797][T15243] Call Trace:
[  371.580805][T15243]  <TASK>
[  371.580813][T15243]  dump_stack_lvl+0x189/0x250
[  371.580842][T15243]  ? __pfx____ratelimit+0x10/0x10
[  371.580863][T15243]  ? __pfx_dump_stack_lvl+0x10/0x10
[  371.580885][T15243]  ? __pfx__printk+0x10/0x10
[  371.580911][T15243]  ? __mutex_trylock_common+0x153/0x260
[  371.580937][T15243]  ? __pfx___mutex_trylock_common+0x10/0x10
[  371.580963][T15243]  should_fail_ex+0x414/0x560
[  371.580994][T15243]  should_failslab+0xa8/0x100
[  371.581022][T15243]  __kmalloc_cache_noprof+0x70/0x3d0
[  371.581047][T15243]  ? __hw_addr_add_ex+0x1f4/0x770
[  371.581075][T15243]  __hw_addr_add_ex+0x1f4/0x770
[  371.581106][T15243]  dev_addr_init+0x14f/0x230
[  371.581134][T15243]  ? __pfx_dev_addr_init+0x10/0x10
[  371.581174][T15243]  alloc_netdev_mqs+0x2ae/0x11b0
[  371.581197][T15243]  ? __pfx_hsr_dev_setup+0x10/0x10
[  371.581239][T15243]  rtnl_create_link+0x31f/0xd10
[  371.581274][T15243]  rtnl_newlink_create+0x25c/0xb00
[  371.581303][T15243]  ? __mutex_lock+0x5bb/0x1350
[  371.581331][T15243]  ? __pfx_rtnl_newlink_create+0x10/0x10
[  371.581357][T15243]  ? __pfx___mutex_lock+0x10/0x10
[  371.581389][T15243]  ? ns_capable+0x8a/0xf0
[  371.581414][T15243]  rtnl_newlink+0x16d6/0x1c70
[  371.581453][T15243]  ? __pfx_rtnl_newlink+0x10/0x10
[  371.581481][T15243]  ? is_bpf_text_address+0x26/0x2b0
[  371.581519][T15243]  ? __lock_acquire+0xab9/0xd20
[  371.581562][T15243]  ? __lock_acquire+0xab9/0xd20
[  371.581612][T15243]  ? is_bpf_text_address+0x26/0x2b0
[  371.581644][T15243]  ? is_bpf_text_address+0x292/0x2b0
[  371.581668][T15243]  ? is_bpf_text_address+0x26/0x2b0
[  371.581704][T15243]  ? __lock_acquire+0xab9/0xd20
[  371.581766][T15243]  ? __pfx_rtnl_newlink+0x10/0x10
[  371.581784][T15243]  rtnetlink_rcv_msg+0x7cf/0xb70
[  371.581800][T15243]  ? __lock_acquire+0xab9/0xd20
[  371.581827][T15243]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  371.581842][T15243]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  371.581881][T15243]  netlink_rcv_skb+0x208/0x470
[  371.581897][T15243]  ? __lock_acquire+0xab9/0xd20
[  371.581920][T15243]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  371.581937][T15243]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  371.581957][T15243]  ? netlink_deliver_tap+0x2e/0x1b0
[  371.581981][T15243]  netlink_unicast+0x82c/0x9e0
[  371.582013][T15243]  ? __pfx_netlink_unicast+0x10/0x10
[  371.582034][T15243]  ? netlink_sendmsg+0x642/0xb30
[  371.582044][T15243]  ? skb_put+0x11b/0x210
[  371.582058][T15243]  netlink_sendmsg+0x805/0xb30
[  371.582076][T15243]  ? __pfx_netlink_sendmsg+0x10/0x10
[  371.582090][T15243]  ? aa_sock_msg_perm+0xf1/0x1d0
[  371.582102][T15243]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  371.582114][T15243]  ? __pfx_netlink_sendmsg+0x10/0x10
[  371.582126][T15243]  __sock_sendmsg+0x21c/0x270
[  371.582145][T15243]  ____sys_sendmsg+0x505/0x830
[  371.582162][T15243]  ? __pfx_____sys_sendmsg+0x10/0x10
[  371.582181][T15243]  ? import_iovec+0x74/0xa0
[  371.582197][T15243]  ___sys_sendmsg+0x21f/0x2a0
[  371.582218][T15243]  ? __pfx____sys_sendmsg+0x10/0x10
[  371.582256][T15243]  ? __fget_files+0x2a/0x420
[  371.582266][T15243]  ? __fget_files+0x3a0/0x420
[  371.582283][T15243]  __x64_sys_sendmsg+0x19b/0x260
[  371.582298][T15243]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  371.582318][T15243]  ? __pfx_ksys_write+0x10/0x10
[  371.582330][T15243]  ? rcu_is_watching+0x15/0xb0
[  371.582346][T15243]  ? do_syscall_64+0xbe/0x3b0
[  371.582360][T15243]  do_syscall_64+0xfa/0x3b0
[  371.582371][T15243]  ? lockdep_hardirqs_on+0x9c/0x150
[  371.582382][T15243]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  371.582393][T15243]  ? clear_bhb_loop+0x60/0xb0
[  371.582407][T15243]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  371.582418][T15243] RIP: 0033:0x7fce4a38ebe9
[  371.582429][T15243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  371.582439][T15243] RSP: 002b:00007fce4b2a9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  371.582453][T15243] RAX: ffffffffffffffda RBX: 00007fce4a5c5fa0 RCX: 00007fce4a38ebe9
[  371.582462][T15243] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 000000000000000c
[  371.582469][T15243] RBP: 00007fce4b2a9090 R08: 0000000000000000 R09: 0000000000000000
[  371.582476][T15243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  371.582483][T15243] R13: 00007fce4a5c6038 R14: 00007fce4a5c5fa0 R15: 00007ffd17895168
[  371.582502][T15243]  </TASK>
[  372.460277][T15269] FAULT_INJECTION: forcing a failure.
[  372.460277][T15269] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  372.473811][T15269] CPU: 1 UID: 0 PID: 15269 Comm: syz.4.2720 Not tainted syzkaller #0 PREEMPT(full) 
[  372.473840][T15269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  372.473851][T15269] Call Trace:
[  372.473859][T15269]  <TASK>
[  372.473867][T15269]  dump_stack_lvl+0x189/0x250
[  372.473895][T15269]  ? __pfx____ratelimit+0x10/0x10
[  372.473914][T15269]  ? __pfx_dump_stack_lvl+0x10/0x10
[  372.473955][T15269]  ? __pfx__printk+0x10/0x10
[  372.473999][T15269]  should_fail_ex+0x414/0x560
[  372.474090][T15269]  _copy_to_user+0x31/0xb0
[  372.474116][T15269]  simple_read_from_buffer+0xe1/0x170
[  372.474146][T15269]  proc_fail_nth_read+0x1b3/0x220
[  372.474171][T15269]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  372.474195][T15269]  ? rw_verify_area+0x2a6/0x4d0
[  372.474240][T15269]  ? __lock_acquire+0xab9/0xd20
[  372.474264][T15269]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  372.474285][T15269]  vfs_read+0x1fd/0xa30
[  372.474307][T15269]  ? fdget_pos+0x247/0x320
[  372.474327][T15269]  ? __pfx___mutex_lock+0x10/0x10
[  372.474347][T15269]  ? __pfx_vfs_read+0x10/0x10
[  372.474372][T15269]  ? __fget_files+0x2a/0x420
[  372.474393][T15269]  ? __fget_files+0x3a0/0x420
[  372.474408][T15269]  ? __fget_files+0x2a/0x420
[  372.474435][T15269]  ksys_read+0x145/0x250
[  372.474460][T15269]  ? __pfx_ksys_read+0x10/0x10
[  372.474480][T15269]  ? rcu_is_watching+0x15/0xb0
[  372.474504][T15269]  ? do_syscall_64+0xbe/0x3b0
[  372.474527][T15269]  do_syscall_64+0xfa/0x3b0
[  372.474543][T15269]  ? lockdep_hardirqs_on+0x9c/0x150
[  372.474560][T15269]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.474578][T15269]  ? clear_bhb_loop+0x60/0xb0
[  372.474600][T15269]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.474617][T15269] RIP: 0033:0x7fce49d8d5fc
[  372.474635][T15269] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  372.474650][T15269] RSP: 002b:00007fce4ac60030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  372.474671][T15269] RAX: ffffffffffffffda RBX: 00007fce49fc5fa0 RCX: 00007fce49d8d5fc
[  372.474684][T15269] RDX: 000000000000000f RSI: 00007fce4ac600a0 RDI: 000000000000000a
[  372.474696][T15269] RBP: 00007fce4ac60090 R08: 0000000000000000 R09: 0000000000000000
[  372.474708][T15269] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  372.474717][T15269] R13: 00007fce49fc6038 R14: 00007fce49fc5fa0 R15: 00007ffe59170508
[  372.474750][T15269]  </TASK>
[  372.753018][T15270] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2719'.
[  372.874213][T15267] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2719'.
[  372.968026][T15279] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2721'.
[  373.068314][T15279] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2721'.
[  373.153423][ T5963] hid-generic 0005:16C0:0009.0032: unknown main item tag 0x0
[  373.169492][ T5963] hid-generic 0005:16C0:0009.0032: hidraw0: BLUETOOTH HID v0.09 Device [syz1] on aa:aa:aa:aa:aa:aa
[  373.766954][T15298] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not our slave
[  373.792220][T15298] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1)
[  373.814906][T15300] FAULT_INJECTION: forcing a failure.
[  373.814906][T15300] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  373.842954][T15298] netlink: 'syz.2.2728': attribute type 4 has an invalid length.
[  373.871598][T15300] CPU: 1 UID: 0 PID: 15300 Comm: syz.4.2730 Not tainted syzkaller #0 PREEMPT(full) 
[  373.871627][T15300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  373.871639][T15300] Call Trace:
[  373.871648][T15300]  <TASK>
[  373.871657][T15300]  dump_stack_lvl+0x189/0x250
[  373.871686][T15300]  ? __pfx____ratelimit+0x10/0x10
[  373.871707][T15300]  ? __pfx_dump_stack_lvl+0x10/0x10
[  373.871731][T15300]  ? __pfx__printk+0x10/0x10
[  373.871757][T15300]  ? __might_fault+0xb0/0x130
[  373.871795][T15300]  should_fail_ex+0x414/0x560
[  373.871827][T15300]  _copy_from_user+0x2d/0xb0
[  373.871851][T15300]  generic_map_update_batch+0x572/0x7f0
[  373.871888][T15300]  ? __pfx_generic_map_update_batch+0x10/0x10
[  373.871909][T15300]  ? __fget_files+0x2a/0x420
[  373.871936][T15300]  ? __pfx_generic_map_update_batch+0x10/0x10
[  373.871956][T15300]  bpf_map_do_batch+0x369/0x5f0
[  373.871999][T15300]  __sys_bpf+0x6af/0x870
[  373.872026][T15300]  ? __pfx___sys_bpf+0x10/0x10
[  373.872066][T15300]  ? ksys_write+0x22a/0x250
[  373.872094][T15300]  ? __pfx_ksys_write+0x10/0x10
[  373.872116][T15300]  ? rcu_is_watching+0x15/0xb0
[  373.872144][T15300]  __x64_sys_bpf+0x7c/0x90
[  373.872167][T15300]  do_syscall_64+0xfa/0x3b0
[  373.872186][T15300]  ? lockdep_hardirqs_on+0x9c/0x150
[  373.872206][T15300]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  373.872223][T15300]  ? clear_bhb_loop+0x60/0xb0
[  373.872248][T15300]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  373.872266][T15300] RIP: 0033:0x7fce49d8ebe9
[  373.872283][T15300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  373.872300][T15300] RSP: 002b:00007fce4ac60038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  373.872322][T15300] RAX: ffffffffffffffda RBX: 00007fce49fc5fa0 RCX: 00007fce49d8ebe9
[  373.872336][T15300] RDX: 0000000000000038 RSI: 0000200000000200 RDI: 000000000000001a
[  373.872349][T15300] RBP: 00007fce4ac60090 R08: 0000000000000000 R09: 0000000000000000
[  373.872361][T15300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  373.872373][T15300] R13: 00007fce49fc6038 R14: 00007fce49fc5fa0 R15: 00007ffe59170508
[  373.872406][T15300]  </TASK>
[  374.102610][T15304] batman_adv: batadv0: Interface deactivated: ip6gretap1
[  374.927427][T15335] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  374.962755][T15335] syzkaller0: entered promiscuous mode
[  375.002252][T15335] syzkaller0: entered allmulticast mode
[  375.127183][T15335] tipc: Resetting bearer <eth:syzkaller0>
[  375.135954][T15332] tipc: Resetting bearer <eth:syzkaller0>
[  375.195703][T15332] tipc: Disabling bearer <eth:syzkaller0>
[  376.295165][T15359] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2748'.
[  376.755720][ T5963] hid-generic 0005:16C0:0009.0033: unknown main item tag 0x0
[  376.765618][ T5963] hid-generic 0005:16C0:0009.0033: hidraw0: BLUETOOTH HID v0.09 Device [syz1] on aa:aa:aa:aa:aa:aa
[  377.253456][T15397] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2758'.
[  377.276796][T15397] netlink: 'syz.0.2758': attribute type 12 has an invalid length.
[  377.285178][T15397] netlink: 9472 bytes leftover after parsing attributes in process `syz.0.2758'.
[  377.389705][T15404] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2760'.
[  378.418283][T15433] FAULT_INJECTION: forcing a failure.
[  378.418283][T15433] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  378.431846][T15433] CPU: 1 UID: 0 PID: 15433 Comm: syz.2.2771 Not tainted syzkaller #0 PREEMPT(full) 
[  378.431874][T15433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  378.431885][T15433] Call Trace:
[  378.431903][T15433]  <TASK>
[  378.431910][T15433]  dump_stack_lvl+0x189/0x250
[  378.431937][T15433]  ? __pfx____ratelimit+0x10/0x10
[  378.431955][T15433]  ? __pfx_dump_stack_lvl+0x10/0x10
[  378.431976][T15433]  ? __pfx__printk+0x10/0x10
[  378.432000][T15433]  ? __might_fault+0xb0/0x130
[  378.432036][T15433]  should_fail_ex+0x414/0x560
[  378.432066][T15433]  _copy_from_iter+0x1de/0x1790
[  378.432094][T15433]  ? rcu_is_watching+0x15/0xb0
[  378.432114][T15433]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  378.432141][T15433]  ? __pfx__copy_from_iter+0x10/0x10
[  378.432163][T15433]  ? __build_skb_around+0x257/0x3e0
[  378.432187][T15433]  ? netlink_sendmsg+0x642/0xb30
[  378.432204][T15433]  ? skb_put+0x11b/0x210
[  378.432227][T15433]  netlink_sendmsg+0x6b2/0xb30
[  378.432258][T15433]  ? __pfx_netlink_sendmsg+0x10/0x10
[  378.432282][T15433]  ? aa_sock_msg_perm+0xf1/0x1d0
[  378.432302][T15433]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  378.432323][T15433]  ? __pfx_netlink_sendmsg+0x10/0x10
[  378.432343][T15433]  __sock_sendmsg+0x21c/0x270
[  378.432374][T15433]  ____sys_sendmsg+0x505/0x830
[  378.432402][T15433]  ? __pfx_____sys_sendmsg+0x10/0x10
[  378.432435][T15433]  ? import_iovec+0x74/0xa0
[  378.432461][T15433]  ___sys_sendmsg+0x21f/0x2a0
[  378.432487][T15433]  ? __pfx____sys_sendmsg+0x10/0x10
[  378.432550][T15433]  ? __fget_files+0x2a/0x420
[  378.432566][T15433]  ? __fget_files+0x3a0/0x420
[  378.432595][T15433]  __x64_sys_sendmsg+0x19b/0x260
[  378.432620][T15433]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  378.432654][T15433]  ? __pfx_ksys_write+0x10/0x10
[  378.432676][T15433]  ? rcu_is_watching+0x15/0xb0
[  378.432701][T15433]  ? do_syscall_64+0xbe/0x3b0
[  378.432726][T15433]  do_syscall_64+0xfa/0x3b0
[  378.432744][T15433]  ? lockdep_hardirqs_on+0x9c/0x150
[  378.432762][T15433]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  378.432780][T15433]  ? clear_bhb_loop+0x60/0xb0
[  378.432803][T15433]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  378.432821][T15433] RIP: 0033:0x7f077fd8ebe9
[  378.432838][T15433] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  378.432855][T15433] RSP: 002b:00007f0780cb8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  378.432875][T15433] RAX: ffffffffffffffda RBX: 00007f077ffc5fa0 RCX: 00007f077fd8ebe9
[  378.432889][T15433] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 000000000000000b
[  378.432909][T15433] RBP: 00007f0780cb8090 R08: 0000000000000000 R09: 0000000000000000
[  378.432921][T15433] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  378.432932][T15433] R13: 00007f077ffc6038 R14: 00007f077ffc5fa0 R15: 00007ffe605e6be8
[  378.432964][T15433]  </TASK>
[  378.900726][T15437] FAULT_INJECTION: forcing a failure.
[  378.900726][T15437] name failslab, interval 1, probability 0, space 0, times 0
[  378.915692][T15442] netlink: 'syz.0.2774': attribute type 10 has an invalid length.
[  378.952366][T15437] CPU: 0 UID: 0 PID: 15437 Comm: syz.1.2773 Not tainted syzkaller #0 PREEMPT(full) 
[  378.952396][T15437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  378.952409][T15437] Call Trace:
[  378.952417][T15437]  <TASK>
[  378.952425][T15437]  dump_stack_lvl+0x189/0x250
[  378.952453][T15437]  ? __pfx____ratelimit+0x10/0x10
[  378.952474][T15437]  ? __pfx_dump_stack_lvl+0x10/0x10
[  378.952497][T15437]  ? __pfx__printk+0x10/0x10
[  378.952526][T15437]  ? __pfx___might_resched+0x10/0x10
[  378.952545][T15437]  ? fs_reclaim_acquire+0x7d/0x100
[  378.952579][T15437]  should_fail_ex+0x414/0x560
[  378.952611][T15437]  should_failslab+0xa8/0x100
[  378.952640][T15437]  __kmalloc_node_track_caller_noprof+0xcc/0x4e0
[  378.952666][T15437]  ? alloc_vfsmnt+0xeb/0x430
[  378.952697][T15437]  kstrdup+0x42/0x100
[  378.952721][T15437]  alloc_vfsmnt+0xeb/0x430
[  378.952747][T15437]  clone_mnt+0x67/0xae0
[  378.952770][T15437]  ? do_raw_spin_unlock+0x122/0x240
[  378.952799][T15437]  copy_tree+0x3d4/0x930
[  378.952841][T15437]  copy_mnt_ns+0x179/0x880
[  378.952866][T15437]  ? rcu_is_watching+0x15/0xb0
[  378.952889][T15437]  ? create_new_namespaces+0x31/0x720
[  378.952923][T15437]  create_new_namespaces+0xd1/0x720
[  378.952956][T15437]  ? bpf_lsm_capable+0x9/0x20
[  378.952980][T15437]  ? security_capable+0x7e/0x2e0
[  378.953017][T15437]  unshare_nsproxy_namespaces+0x11c/0x170
[  378.953041][T15437]  ksys_unshare+0x4c8/0x8c0
[  378.953073][T15437]  ? __pfx_ksys_unshare+0x10/0x10
[  378.953097][T15437]  ? __pfx_ksys_write+0x10/0x10
[  378.953119][T15437]  ? rcu_is_watching+0x15/0xb0
[  378.953158][T15437]  __x64_sys_unshare+0x38/0x50
[  378.953181][T15437]  do_syscall_64+0xfa/0x3b0
[  378.953200][T15437]  ? lockdep_hardirqs_on+0x9c/0x150
[  378.953218][T15437]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  378.953237][T15437]  ? clear_bhb_loop+0x60/0xb0
[  378.953261][T15437]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  378.953280][T15437] RIP: 0033:0x7fce4a38ebe9
[  378.953298][T15437] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  378.953314][T15437] RSP: 002b:00007fce4b2a9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  378.953335][T15437] RAX: ffffffffffffffda RBX: 00007fce4a5c5fa0 RCX: 00007fce4a38ebe9
[  378.953349][T15437] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000026020400
[  378.953360][T15437] RBP: 00007fce4b2a9090 R08: 0000000000000000 R09: 0000000000000000
[  378.953371][T15437] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  378.953387][T15437] R13: 00007fce4a5c6038 R14: 00007fce4a5c5fa0 R15: 00007ffd17895168
[  378.953422][T15437]  </TASK>
[  379.058798][T15442] 8021q: adding VLAN 0 to HW filter on device batadv0
[  379.231467][T15447] netlink: 'syz.0.2774': attribute type 10 has an invalid length.
[  379.249758][T15447] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2774'.
[  379.268433][T15442] batadv0: entered promiscuous mode
[  379.317246][T15442] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  379.365425][ T5925] hid-generic 0005:16C0:0009.0034: unknown main item tag 0x0
[  379.374170][T15447] batadv0: entered allmulticast mode
[  379.385730][ T5925] hid-generic 0005:16C0:0009.0034: hidraw0: BLUETOOTH HID v0.09 Device [syz1] on aa:aa:aa:aa:aa:aa
[  379.441148][T15447] bond0: (slave batadv0): Releasing backup interface
[  379.483073][T15447] bridge0: port 3(batadv0) entered blocking state
[  379.506592][T15447] bridge0: port 3(batadv0) entered disabled state
[  379.820925][ T6333] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  379.831046][ T6333] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  380.846968][T15495] netlink: 128 bytes leftover after parsing attributes in process `syz.2.2791'.
[  381.024720][T15500] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2793'.
[  381.239749][T15507] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2795'.
[  381.284411][T15507] netlink: 'syz.1.2795': attribute type 12 has an invalid length.
[  381.292582][T15507] netlink: 9472 bytes leftover after parsing attributes in process `syz.1.2795'.
[  382.049894][T15531] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  382.057813][T15531] syzkaller0: entered promiscuous mode
[  382.068085][T15531] syzkaller0: entered allmulticast mode
[  382.105217][T15531] tipc: Resetting bearer <eth:syzkaller0>
[  382.218186][T15530] tipc: Resetting bearer <eth:syzkaller0>
[  382.307502][T15530] tipc: Disabling bearer <eth:syzkaller0>
[  382.421506][T15541] netlink: 264 bytes leftover after parsing attributes in process `syz.3.2808'.
[  382.499632][T15548] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2809'.
[  382.904706][T15566] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  382.930582][T15566] netlink: 'syz.3.2815': attribute type 25 has an invalid length.
[  382.941844][T15566] netlink: 'syz.3.2815': attribute type 7 has an invalid length.
[  383.370874][T15572] vlan0: entered promiscuous mode
[  383.440726][T15582] netlink: 'syz.2.2824': attribute type 2 has an invalid length.
[  383.869759][T15611] FAULT_INJECTION: forcing a failure.
[  383.869759][T15611] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  383.896512][T15611] CPU: 0 UID: 0 PID: 15611 Comm: syz.0.2830 Not tainted syzkaller #0 PREEMPT(full) 
[  383.896543][T15611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  383.896555][T15611] Call Trace:
[  383.896564][T15611]  <TASK>
[  383.896573][T15611]  dump_stack_lvl+0x189/0x250
[  383.896603][T15611]  ? __pfx____ratelimit+0x10/0x10
[  383.896623][T15611]  ? __pfx_dump_stack_lvl+0x10/0x10
[  383.896647][T15611]  ? __pfx__printk+0x10/0x10
[  383.896674][T15611]  ? __might_fault+0xb0/0x130
[  383.896712][T15611]  should_fail_ex+0x414/0x560
[  383.896745][T15611]  _copy_from_user+0x2d/0xb0
[  383.896771][T15611]  generic_map_update_batch+0x572/0x7f0
[  383.896806][T15611]  ? __pfx_generic_map_update_batch+0x10/0x10
[  383.896827][T15611]  ? __fget_files+0x2a/0x420
[  383.896853][T15611]  ? __pfx_generic_map_update_batch+0x10/0x10
[  383.896873][T15611]  bpf_map_do_batch+0x369/0x5f0
[  383.896904][T15611]  __sys_bpf+0x6af/0x870
[  383.896930][T15611]  ? __pfx___sys_bpf+0x10/0x10
[  383.896970][T15611]  ? ksys_write+0x22a/0x250
[  383.896997][T15611]  ? __pfx_ksys_write+0x10/0x10
[  383.897019][T15611]  ? rcu_is_watching+0x15/0xb0
[  383.897048][T15611]  __x64_sys_bpf+0x7c/0x90
[  383.897071][T15611]  do_syscall_64+0xfa/0x3b0
[  383.897091][T15611]  ? lockdep_hardirqs_on+0x9c/0x150
[  383.897110][T15611]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  383.897129][T15611]  ? clear_bhb_loop+0x60/0xb0
[  383.897162][T15611]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  383.897180][T15611] RIP: 0033:0x7f2e9bb8ebe9
[  383.897200][T15611] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  383.897217][T15611] RSP: 002b:00007f2e9c939038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  383.897239][T15611] RAX: ffffffffffffffda RBX: 00007f2e9bdc5fa0 RCX: 00007f2e9bb8ebe9
[  383.897254][T15611] RDX: 0000000000000038 RSI: 0000200000000240 RDI: 000000000000001a
[  383.897267][T15611] RBP: 00007f2e9c939090 R08: 0000000000000000 R09: 0000000000000000
[  383.897279][T15611] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  383.897291][T15611] R13: 00007f2e9bdc6038 R14: 00007f2e9bdc5fa0 R15: 00007fff57c18fd8
[  383.897324][T15611]  </TASK>
[  384.811899][T15640] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2843'.
[  385.391707][T15656] netlink: 248 bytes leftover after parsing attributes in process `syz.3.2849'.
[  385.550174][T15660] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2850'.
[  385.595985][T15666] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2851'.
[  385.597488][ T5875] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  385.616476][ T5875] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  385.625138][ T5875] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  385.635671][ T5875] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  385.643816][ T5875] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  385.653498][T15666] netlink: 76 bytes leftover after parsing attributes in process `syz.1.2851'.
[  385.937714][T15659] lo speed is unknown, defaulting to 1000
[  386.344245][T15688] netlink: 'syz.3.2857': attribute type 12 has an invalid length.
[  386.518193][T15659] chnl_net:caif_netlink_parms(): no params data found
[  386.708994][T15659] bridge0: port 1(bridge_slave_0) entered blocking state
[  386.716688][T15659] bridge0: port 1(bridge_slave_0) entered disabled state
[  386.724454][T15659] bridge_slave_0: entered allmulticast mode
[  386.733862][T15659] bridge_slave_0: entered promiscuous mode
[  386.746900][T15659] bridge0: port 2(bridge_slave_1) entered blocking state
[  386.755592][T15659] bridge0: port 2(bridge_slave_1) entered disabled state
[  386.804546][T15659] bridge_slave_1: entered allmulticast mode
[  386.823982][T15659] bridge_slave_1: entered promiscuous mode
[  386.913464][T15710] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2863'.
[  386.923676][T15712] netlink: 'syz.0.2864': attribute type 10 has an invalid length.
[  386.942714][T15659] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  386.973925][T15708] vlan1: entered promiscuous mode
[  387.009189][T15659] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  387.142234][T15659] team0: Port device team_slave_0 added
[  387.174884][T15659] team0: Port device team_slave_1 added
[  387.424253][T15719] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2866'.
[  387.446479][T15659] batman_adv: batadv0: Adding interface: batadv_slave_0
[  387.476614][T15659] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  387.545067][T15659] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  387.584818][T15659] batman_adv: batadv0: Adding interface: batadv_slave_1
[  387.604536][T15659] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  387.653237][T15659] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  387.670349][ T5865] Bluetooth: hci1: command tx timeout
[  387.792459][T15743] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2873'.
[  387.807202][T15734] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  387.820082][T15743] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2873'.
[  387.841348][T15739] syzkaller0: entered promiscuous mode
[  387.859334][T15739] syzkaller0: entered allmulticast mode
[  387.886333][T15659] hsr_slave_0: entered promiscuous mode
[  387.894919][T15659] hsr_slave_1: entered promiscuous mode
[  387.904071][T15659] debugfs: 'hsr0' already exists in 'hsr'
[  387.911830][T15659] Cannot create hsr debugfs directory
[  387.929888][T15743] team0: entered promiscuous mode
[  387.942459][T15743] team_slave_0: entered promiscuous mode
[  387.953902][T15743] team_slave_1: entered promiscuous mode
[  387.964924][T15743] team0: left promiscuous mode
[  387.969962][T15743] team_slave_0: left promiscuous mode
[  387.975612][T15743] team_slave_1: left promiscuous mode
[  387.994933][T15734] tipc: Resetting bearer <eth:syzkaller0>
[  388.075103][T15733] tipc: Resetting bearer <eth:syzkaller0>
[  388.103459][T15733] tipc: Disabling bearer <eth:syzkaller0>
[  388.516679][T15659] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  388.644147][T15764] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2881'.
[  388.739422][T15659] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  388.742803][T15769] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2883'.
[  388.846677][T15659] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  388.992648][T15659] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  389.048588][T15781] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  389.048988][T15775] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2886'.
[  389.057253][T15781] syzkaller0: entered promiscuous mode
[  389.101662][T15781] syzkaller0: entered allmulticast mode
[  389.160959][T15782] netlink: 'syz.3.2886': attribute type 4 has an invalid length.
[  389.161776][T15790] tipc: Resetting bearer <eth:syzkaller0>
[  389.194082][T15785] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2888'.
[  389.206965][   T78] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  389.241221][   T78] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  389.276537][   T78] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  389.285096][   T78] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  389.302239][T15775] lo speed is unknown, defaulting to 1000
[  389.343290][T15779] tipc: Resetting bearer <eth:syzkaller0>
[  389.384132][T15779] tipc: Disabling bearer <eth:syzkaller0>
[  389.687209][T15659] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  389.757972][ T5865] Bluetooth: hci1: command tx timeout
[  389.759311][T15659] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  389.962260][T15659] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  390.028123][T15659] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  390.245990][T15828] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  390.266983][T15828] syzkaller0: entered promiscuous mode
[  390.291588][T15828] syzkaller0: entered allmulticast mode
[  390.319823][T15828] tipc: Resetting bearer <eth:syzkaller0>
[  390.350489][T15827] tipc: Resetting bearer <eth:syzkaller0>
[  390.404845][T15827] tipc: Disabling bearer <eth:syzkaller0>
[  390.578719][T15659] 8021q: adding VLAN 0 to HW filter on device bond0
[  390.624165][T15659] 8021q: adding VLAN 0 to HW filter on device team0
[  390.655125][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[  390.662601][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[  390.732517][   T78] bridge0: port 2(bridge_slave_1) entered blocking state
[  390.739804][   T78] bridge0: port 2(bridge_slave_1) entered forwarding state
[  391.243869][T15849] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input8
[  391.402055][T15861] netlink: 664 bytes leftover after parsing attributes in process `syz.1.2909'.
[  391.430963][T15861] netlink: 664 bytes leftover after parsing attributes in process `syz.1.2909'.
[  391.625855][T15867] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2911'.
[  391.642641][T15659] 8021q: adding VLAN 0 to HW filter on device batadv0
[  391.661103][T15867] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2911'.
[  391.833987][ T5865] Bluetooth: hci1: command tx timeout
[  391.866873][T15881] netlink: 'syz.1.2912': attribute type 5 has an invalid length.
[  392.020906][T15889] FAULT_INJECTION: forcing a failure.
[  392.020906][T15889] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  392.056670][T15889] CPU: 0 UID: 0 PID: 15889 Comm: syz.0.2916 Not tainted syzkaller #0 PREEMPT(full) 
[  392.056701][T15889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  392.056715][T15889] Call Trace:
[  392.056723][T15889]  <TASK>
[  392.056732][T15889]  dump_stack_lvl+0x189/0x250
[  392.056762][T15889]  ? __pfx____ratelimit+0x10/0x10
[  392.056783][T15889]  ? __pfx_dump_stack_lvl+0x10/0x10
[  392.056806][T15889]  ? __pfx__printk+0x10/0x10
[  392.056843][T15889]  ? __might_fault+0xb0/0x130
[  392.056883][T15889]  should_fail_ex+0x414/0x560
[  392.056915][T15889]  _copy_to_iter+0x1de/0x1790
[  392.056940][T15889]  ? _copy_to_iter+0x1e1/0x1790
[  392.056961][T15889]  ? rep_movs_alternative+0x4a/0x90
[  392.056989][T15889]  ? _copy_to_iter+0x24f/0x1790
[  392.057006][T15889]  ? __pfx__copy_to_iter+0x10/0x10
[  392.057045][T15889]  __skb_datagram_iter+0xf8/0x990
[  392.057068][T15889]  ? __lock_acquire+0xab9/0xd20
[  392.057097][T15889]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  392.057134][T15889]  __skb_datagram_iter+0x6f3/0x990
[  392.057160][T15889]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  392.057197][T15889]  skb_copy_datagram_iter+0xc5/0x230
[  392.057227][T15889]  tipc_recvmsg+0x7a1/0x13c0
[  392.057267][T15889]  ? __pfx_tipc_recvmsg+0x10/0x10
[  392.057297][T15889]  ? aa_sock_msg_perm+0xf1/0x1d0
[  392.057319][T15889]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  392.057339][T15889]  ? security_socket_recvmsg+0x7e/0x2e0
[  392.057362][T15889]  ? __pfx_tipc_recvmsg+0x10/0x10
[  392.057382][T15889]  sock_recvmsg+0x22c/0x270
[  392.057415][T15889]  ____sys_recvmsg+0x1c9/0x460
[  392.057451][T15889]  ? __pfx_____sys_recvmsg+0x10/0x10
[  392.057493][T15889]  ? import_iovec+0x74/0xa0
[  392.057521][T15889]  ___sys_recvmsg+0x1b5/0x510
[  392.057556][T15889]  ? __pfx____sys_recvmsg+0x10/0x10
[  392.057607][T15889]  ? __fget_files+0x3a0/0x420
[  392.057640][T15889]  __x64_sys_recvmsg+0x198/0x260
[  392.057667][T15889]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  392.057702][T15889]  ? __pfx_ksys_write+0x10/0x10
[  392.057724][T15889]  ? rcu_is_watching+0x15/0xb0
[  392.057750][T15889]  ? do_syscall_64+0xbe/0x3b0
[  392.057775][T15889]  do_syscall_64+0xfa/0x3b0
[  392.057793][T15889]  ? lockdep_hardirqs_on+0x9c/0x150
[  392.057811][T15889]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  392.057840][T15889]  ? clear_bhb_loop+0x60/0xb0
[  392.057863][T15889]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  392.057882][T15889] RIP: 0033:0x7f2e9bb8ebe9
[  392.057901][T15889] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  392.057918][T15889] RSP: 002b:00007f2e99df6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  392.057941][T15889] RAX: ffffffffffffffda RBX: 00007f2e9bdc6090 RCX: 00007f2e9bb8ebe9
[  392.057956][T15889] RDX: 0000000000010021 RSI: 0000200000000300 RDI: 0000000000000006
[  392.057969][T15889] RBP: 00007f2e99df6090 R08: 0000000000000000 R09: 0000000000000000
[  392.057981][T15889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  392.057993][T15889] R13: 00007f2e9bdc6128 R14: 00007f2e9bdc6090 R15: 00007fff57c18fd8
[  392.058028][T15889]  </TASK>
[  392.567100][T15659] veth0_vlan: entered promiscuous mode
[  392.581688][T15659] veth1_vlan: entered promiscuous mode
[  392.662492][T15659] veth0_macvtap: entered promiscuous mode
[  392.683872][T15659] veth1_macvtap: entered promiscuous mode
[  392.759754][T15659] batman_adv: batadv0: Interface activated: batadv_slave_0
[  392.822379][T15659] batman_adv: batadv0: Interface activated: batadv_slave_1
[  392.895922][   T78] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  392.919853][   T78] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  392.948564][   T78] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  392.957330][   T78] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  393.315645][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  393.429504][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  393.462154][T15927] __nla_validate_parse: 1 callbacks suppressed
[  393.462177][T15927] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2928'.
[  393.478799][T15931] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2930'.
[  393.511986][T15927] netlink: 4768 bytes leftover after parsing attributes in process `syz.1.2928'.
[  393.539330][T15927] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2928'.
[  393.593491][ T1149] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  393.606833][T15930] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2929'.
[  393.626272][ T1149] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  393.781455][T15944] netlink: 360 bytes leftover after parsing attributes in process `syz.2.2933'.
[  393.879269][T15946] netlink: 'syz.1.2934': attribute type 1 has an invalid length.
[  393.905133][T15948] netlink: 'syz.3.2935': attribute type 32 has an invalid length.
[  393.917770][T15948] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2935'.
[  393.926968][ T5865] Bluetooth: hci1: command tx timeout
[  394.216445][T15946] 8021q: adding VLAN 0 to HW filter on device bond0
[  394.729367][T15983] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2942'.
[  394.741226][T15980] lo speed is unknown, defaulting to 1000
[  394.771580][T15983] ip6_vti0: entered promiscuous mode
[  394.777109][T15983] ip6_vti0: entered allmulticast mode
[  395.392333][T15990] xt_time: unknown flags 0xf4
[  395.591118][T15992] lo speed is unknown, defaulting to 1000
[  395.834475][T15970] lec:lec_atm_close: lec0: Shut down!
[  395.869531][ T5875] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  395.890005][ T5875] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  395.903380][ T5875] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  395.926126][ T5875] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  395.944575][ T5875] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  396.198525][T16001] lo speed is unknown, defaulting to 1000
[  396.920749][T16036] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2956'.
[  396.972216][T16026] lo speed is unknown, defaulting to 1000
[  397.209031][T16001] chnl_net:caif_netlink_parms(): no params data found
[  397.500059][T16049] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  397.533033][T16046] syzkaller0: entered promiscuous mode
[  397.545672][T16046] syzkaller0: entered allmulticast mode
[  397.639342][T16046] tipc: Resetting bearer <eth:syzkaller0>
[  397.753944][T16045] tipc: Resetting bearer <eth:syzkaller0>
[  397.786012][T16045] tipc: Disabling bearer <eth:syzkaller0>
[  397.996831][ T5875] Bluetooth: hci5: command tx timeout
[  398.034232][T16001] bridge0: port 1(bridge_slave_0) entered blocking state
[  398.042008][T16001] bridge0: port 1(bridge_slave_0) entered disabled state
[  398.049390][T16001] bridge_slave_0: entered allmulticast mode
[  398.066914][T16001] bridge_slave_0: entered promiscuous mode
[  398.091668][T16001] bridge0: port 2(bridge_slave_1) entered blocking state
[  398.099034][T16001] bridge0: port 2(bridge_slave_1) entered disabled state
[  398.106301][T16001] bridge_slave_1: entered allmulticast mode
[  398.119900][T16001] bridge_slave_1: entered promiscuous mode
[  398.179600][T16066] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2960'.
[  398.452445][ T5963] hid-generic 0005:16C0:0009.0035: unknown main item tag 0x0
[  398.464505][ T5963] hid-generic 0005:16C0:0009.0035: hidraw0: BLUETOOTH HID v0.09 Device [syz1] on aa:aa:aa:aa:aa:aa
[  398.816720][T16001] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  398.857901][T16001] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  398.868912][T16084] __nla_validate_parse: 1 callbacks suppressed
[  398.868936][T16084] netlink: 165 bytes leftover after parsing attributes in process `syz.1.2964'.
[  399.097424][T16001] team0: Port device team_slave_0 added
[  399.127112][T16001] team0: Port device team_slave_1 added
[  399.142818][T16088] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2966'.
[  399.311343][T16001] batman_adv: batadv0: Adding interface: batadv_slave_0
[  399.318516][T16001] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  399.374171][T16001] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  399.434140][T16001] batman_adv: batadv0: Adding interface: batadv_slave_1
[  399.458929][T16001] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  399.520909][T16001] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  399.574967][T16105] netlink: 'syz.4.2972': attribute type 1 has an invalid length.
[  399.735447][T16001] hsr_slave_0: entered promiscuous mode
[  399.779115][T16001] hsr_slave_1: entered promiscuous mode
[  399.785652][T16115] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2973'.
[  399.786010][T16001] debugfs: 'hsr0' already exists in 'hsr'
[  399.838357][T16001] Cannot create hsr debugfs directory
[  399.846001][T16123] netlink: 388 bytes leftover after parsing attributes in process `syz.4.2973'.
[  399.916904][T16109] ip6_vti0: left promiscuous mode
[  399.937982][T16109] ip6_vti0: left allmulticast mode
[  399.961401][T16117] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2969'.
[  400.070916][ T5875] Bluetooth: hci5: command tx timeout
[  400.140545][T16129] FAULT_INJECTION: forcing a failure.
[  400.140545][T16129] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  400.182958][T16129] CPU: 1 UID: 0 PID: 16129 Comm: syz.2.2977 Not tainted syzkaller #0 PREEMPT(full) 
[  400.182989][T16129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  400.183000][T16129] Call Trace:
[  400.183008][T16129]  <TASK>
[  400.183017][T16129]  dump_stack_lvl+0x189/0x250
[  400.183046][T16129]  ? __pfx____ratelimit+0x10/0x10
[  400.183067][T16129]  ? __pfx_dump_stack_lvl+0x10/0x10
[  400.183091][T16129]  ? __pfx__printk+0x10/0x10
[  400.183118][T16129]  ? __might_fault+0xb0/0x130
[  400.183153][T16129]  should_fail_ex+0x414/0x560
[  400.183180][T16129]  _copy_from_user+0x2d/0xb0
[  400.183202][T16129]  ___sys_sendmsg+0x158/0x2a0
[  400.183227][T16129]  ? __pfx____sys_sendmsg+0x10/0x10
[  400.183288][T16129]  ? __fget_files+0x2a/0x420
[  400.183304][T16129]  ? __fget_files+0x3a0/0x420
[  400.183334][T16129]  __x64_sys_sendmsg+0x19b/0x260
[  400.183358][T16129]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  400.183386][T16129]  ? __pfx_ksys_write+0x10/0x10
[  400.183409][T16129]  ? rcu_is_watching+0x15/0xb0
[  400.183435][T16129]  ? do_syscall_64+0xbe/0x3b0
[  400.183461][T16129]  do_syscall_64+0xfa/0x3b0
[  400.183480][T16129]  ? lockdep_hardirqs_on+0x9c/0x150
[  400.183498][T16129]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  400.183518][T16129]  ? clear_bhb_loop+0x60/0xb0
[  400.183542][T16129]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  400.183560][T16129] RIP: 0033:0x7f077fd8ebe9
[  400.183579][T16129] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  400.183597][T16129] RSP: 002b:00007f0780cb8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  400.183620][T16129] RAX: ffffffffffffffda RBX: 00007f077ffc5fa0 RCX: 00007f077fd8ebe9
[  400.183634][T16129] RDX: 0000000020040814 RSI: 0000200000000040 RDI: 0000000000000005
[  400.183647][T16129] RBP: 00007f0780cb8090 R08: 0000000000000000 R09: 0000000000000000
[  400.183659][T16129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  400.183670][T16129] R13: 00007f077ffc6038 R14: 00007f077ffc5fa0 R15: 00007ffe605e6be8
[  400.183704][T16129]  </TASK>
[  400.489310][T16138] netlink: 'syz.1.2979': attribute type 46 has an invalid length.
[  400.595845][T16138] bridge7: entered promiscuous mode
[  400.895709][T16147] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2983'.
[  400.928016][T16147] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2983'.
[  400.965865][T16001] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  400.999404][T16147] FAULT_INJECTION: forcing a failure.
[  400.999404][T16147] name failslab, interval 1, probability 0, space 0, times 0
[  401.030322][T16147] CPU: 0 UID: 0 PID: 16147 Comm: syz.0.2983 Not tainted syzkaller #0 PREEMPT(full) 
[  401.030355][T16147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  401.030368][T16147] Call Trace:
[  401.030377][T16147]  <TASK>
[  401.030386][T16147]  dump_stack_lvl+0x189/0x250
[  401.030416][T16147]  ? __pfx____ratelimit+0x10/0x10
[  401.030436][T16147]  ? __pfx_dump_stack_lvl+0x10/0x10
[  401.030459][T16147]  ? __pfx__printk+0x10/0x10
[  401.030494][T16147]  ? __pfx___might_resched+0x10/0x10
[  401.030511][T16147]  ? fs_reclaim_acquire+0x7d/0x100
[  401.030543][T16147]  should_fail_ex+0x414/0x560
[  401.030572][T16147]  ? alloc_netdev_mqs+0xa46/0x11b0
[  401.030593][T16147]  should_failslab+0xa8/0x100
[  401.030621][T16147]  __kvmalloc_node_noprof+0x161/0x5f0
[  401.030648][T16147]  ? alloc_netdev_mqs+0xa46/0x11b0
[  401.030677][T16147]  alloc_netdev_mqs+0xa46/0x11b0
[  401.030709][T16147]  rtnl_create_link+0x31f/0xd10
[  401.030743][T16147]  rtnl_newlink_create+0x25c/0xb00
[  401.030771][T16147]  ? __mutex_lock+0x5bb/0x1350
[  401.030809][T16147]  ? __pfx_rtnl_newlink_create+0x10/0x10
[  401.030834][T16147]  ? __pfx___mutex_lock+0x10/0x10
[  401.030865][T16147]  ? ns_capable+0x8a/0xf0
[  401.030890][T16147]  rtnl_newlink+0x16d6/0x1c70
[  401.030931][T16147]  ? __pfx_rtnl_newlink+0x10/0x10
[  401.030960][T16147]  ? is_bpf_text_address+0x26/0x2b0
[  401.030997][T16147]  ? __lock_acquire+0xab9/0xd20
[  401.031039][T16147]  ? __lock_acquire+0xab9/0xd20
[  401.031092][T16147]  ? is_bpf_text_address+0x26/0x2b0
[  401.031125][T16147]  ? is_bpf_text_address+0x292/0x2b0
[  401.031150][T16147]  ? is_bpf_text_address+0x26/0x2b0
[  401.031185][T16147]  ? __lock_acquire+0xab9/0xd20
[  401.031241][T16147]  ? __pfx_rtnl_newlink+0x10/0x10
[  401.031258][T16147]  rtnetlink_rcv_msg+0x7cf/0xb70
[  401.031274][T16147]  ? __lock_acquire+0xab9/0xd20
[  401.031302][T16147]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  401.031325][T16147]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  401.031363][T16147]  netlink_rcv_skb+0x208/0x470
[  401.031380][T16147]  ? __lock_acquire+0xab9/0xd20
[  401.031406][T16147]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  401.031425][T16147]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  401.031456][T16147]  ? netlink_deliver_tap+0x2e/0x1b0
[  401.031483][T16147]  netlink_unicast+0x82c/0x9e0
[  401.031521][T16147]  ? __pfx_netlink_unicast+0x10/0x10
[  401.031548][T16147]  ? netlink_sendmsg+0x642/0xb30
[  401.031565][T16147]  ? skb_put+0x11b/0x210
[  401.031588][T16147]  netlink_sendmsg+0x805/0xb30
[  401.031618][T16147]  ? __pfx_netlink_sendmsg+0x10/0x10
[  401.031641][T16147]  ? aa_sock_msg_perm+0xf1/0x1d0
[  401.031663][T16147]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  401.031684][T16147]  ? __pfx_netlink_sendmsg+0x10/0x10
[  401.031704][T16147]  __sock_sendmsg+0x21c/0x270
[  401.031733][T16147]  ____sys_sendmsg+0x505/0x830
[  401.031762][T16147]  ? __pfx_____sys_sendmsg+0x10/0x10
[  401.031806][T16147]  ? import_iovec+0x74/0xa0
[  401.031832][T16147]  ___sys_sendmsg+0x21f/0x2a0
[  401.031858][T16147]  ? __pfx____sys_sendmsg+0x10/0x10
[  401.031921][T16147]  ? __fget_files+0x2a/0x420
[  401.031935][T16147]  ? __fget_files+0x3a0/0x420
[  401.031964][T16147]  __x64_sys_sendmsg+0x19b/0x260
[  401.031990][T16147]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  401.032024][T16147]  ? __pfx_ksys_write+0x10/0x10
[  401.032046][T16147]  ? rcu_is_watching+0x15/0xb0
[  401.032073][T16147]  ? do_syscall_64+0xbe/0x3b0
[  401.032100][T16147]  do_syscall_64+0xfa/0x3b0
[  401.032118][T16147]  ? lockdep_hardirqs_on+0x9c/0x150
[  401.032137][T16147]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.032157][T16147]  ? clear_bhb_loop+0x60/0xb0
[  401.032180][T16147]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.032198][T16147] RIP: 0033:0x7f2e9bb8ebe9
[  401.032218][T16147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  401.032237][T16147] RSP: 002b:00007f2e9c939038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  401.032260][T16147] RAX: ffffffffffffffda RBX: 00007f2e9bdc5fa0 RCX: 00007f2e9bb8ebe9
[  401.032275][T16147] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 000000000000000c
[  401.032288][T16147] RBP: 00007f2e9c939090 R08: 0000000000000000 R09: 0000000000000000
[  401.032299][T16147] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  401.032311][T16147] R13: 00007f2e9bdc6038 R14: 00007f2e9bdc5fa0 R15: 00007fff57c18fd8
[  401.032346][T16147]  </TASK>
[  401.545150][T16001] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  401.620306][T16155] syzkaller1: entered promiscuous mode
[  401.639675][T16155] syzkaller1: entered allmulticast mode
[  401.678144][T16001] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  401.846721][T16001] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  402.062181][T16174] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  402.080200][T16174] syzkaller0: entered promiscuous mode
[  402.089838][T16174] syzkaller0: entered allmulticast mode
[  402.151588][ T5875] Bluetooth: hci5: command tx timeout
[  402.197763][T16174] tipc: Resetting bearer <eth:syzkaller0>
[  402.216156][T16173] tipc: Resetting bearer <eth:syzkaller0>
[  402.241667][T16173] tipc: Disabling bearer <eth:syzkaller0>
[  402.283593][T16181] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  402.298593][T16181] syzkaller0: entered promiscuous mode
[  402.305459][T16181] syzkaller0: entered allmulticast mode
[  402.427381][T16183] tipc: Resetting bearer <eth:syzkaller0>
[  402.439182][T16001] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  402.471511][T16001] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  402.496333][T16180] tipc: Resetting bearer <eth:syzkaller0>
[  402.516394][T16180] tipc: Disabling bearer <eth:syzkaller0>
[  402.540801][T16001] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  402.592258][T16001] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  403.083963][T16001] 8021q: adding VLAN 0 to HW filter on device bond0
[  403.146278][T16001] 8021q: adding VLAN 0 to HW filter on device team0
[  403.180843][ T6329] bridge0: port 1(bridge_slave_0) entered blocking state
[  403.188194][ T6329] bridge0: port 1(bridge_slave_0) entered forwarding state
[  403.230398][ T6329] bridge0: port 2(bridge_slave_1) entered blocking state
[  403.237724][ T6329] bridge0: port 2(bridge_slave_1) entered forwarding state
[  403.274855][T16218] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3004'.
[  403.860430][T16001] 8021q: adding VLAN 0 to HW filter on device batadv0
[  403.966318][T16239] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3010'.
[  404.057068][T16001] veth0_vlan: entered promiscuous mode
[  404.105118][T16001] veth1_vlan: entered promiscuous mode
[  404.232979][ T5875] Bluetooth: hci5: command tx timeout
[  404.245723][T16001] veth0_macvtap: entered promiscuous mode
[  404.458582][T16001] veth1_macvtap: entered promiscuous mode
[  404.480484][ T5925] hid-generic 0005:16C0:0009.0036: unknown main item tag 0x0
[  404.548597][ T5925] hid-generic 0005:16C0:0009.0036: hidraw0: BLUETOOTH HID v0.09 Device [syz1] on aa:aa:aa:aa:aa:aa
[  404.579079][T16001] batman_adv: batadv0: Interface activated: batadv_slave_0
[  404.606523][T16001] batman_adv: batadv0: Interface activated: batadv_slave_1
[  404.693974][   T78] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  404.720373][T16266] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3016'.
[  404.745650][T16267] FAULT_INJECTION: forcing a failure.
[  404.745650][T16267] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  404.760241][T16267] CPU: 0 UID: 0 PID: 16267 Comm: syz.0.3018 Not tainted syzkaller #0 PREEMPT(full) 
[  404.760268][T16267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  404.760280][T16267] Call Trace:
[  404.760288][T16267]  <TASK>
[  404.760297][T16267]  dump_stack_lvl+0x189/0x250
[  404.760327][T16267]  ? __pfx____ratelimit+0x10/0x10
[  404.760348][T16267]  ? __pfx_dump_stack_lvl+0x10/0x10
[  404.760371][T16267]  ? __pfx__printk+0x10/0x10
[  404.760415][T16267]  should_fail_ex+0x414/0x560
[  404.760447][T16267]  strncpy_from_user+0x36/0x290
[  404.760477][T16267]  strncpy_from_user_nofault+0x72/0x150
[  404.760504][T16267]  bpf_probe_read_user_str+0x2a/0x70
[  404.760527][T16267]  bpf_prog_6b580a040d917d79+0x3e/0x49
[  404.760547][T16267]  bpf_trace_run10+0x2e1/0x500
[  404.760569][T16267]  ? is_bpf_text_address+0x26/0x2b0
[  404.760598][T16267]  ? bpf_trace_run10+0x1f2/0x500
[  404.760624][T16267]  ? __pfx_bpf_trace_run10+0x10/0x10
[  404.760651][T16267]  ? alloc_vfsmnt+0x171/0x430
[  404.760680][T16267]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  404.760701][T16267]  ? arch_stack_walk+0xfc/0x150
[  404.760735][T16267]  __bpf_trace_percpu_alloc_percpu+0x364/0x400
[  404.760772][T16267]  ? alloc_vfsmnt+0x171/0x430
[  404.760796][T16267]  ? __pfx___bpf_trace_percpu_alloc_percpu+0x10/0x10
[  404.760822][T16267]  ? __mutex_trylock_common+0x153/0x260
[  404.760842][T16267]  ? alloc_vfsmnt+0x171/0x430
[  404.760865][T16267]  ? alloc_vfsmnt+0x171/0x430
[  404.760886][T16267]  ? __pfx___mutex_trylock_common+0x10/0x10
[  404.760907][T16267]  ? kasan_save_track+0x4f/0x80
[  404.760935][T16267]  ? rcu_is_watching+0x15/0xb0
[  404.760977][T16267]  ? pcpu_alloc_noprof+0xd4d/0x16b0
[  404.761011][T16267]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  404.761039][T16267]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  404.761057][T16267]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  404.761086][T16267]  ? lockdep_hardirqs_on+0x9c/0x150
[  404.761108][T16267]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  404.761135][T16267]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  404.761168][T16267]  ? alloc_vfsmnt+0x171/0x430
[  404.761190][T16267]  pcpu_alloc_noprof+0x1534/0x16b0
[  404.761241][T16267]  alloc_vfsmnt+0x171/0x430
[  404.761268][T16267]  clone_mnt+0x67/0xae0
[  404.761291][T16267]  ? do_raw_spin_unlock+0x122/0x240
[  404.761320][T16267]  copy_tree+0x3d4/0x930
[  404.761360][T16267]  copy_mnt_ns+0x179/0x880
[  404.761385][T16267]  ? rcu_is_watching+0x15/0xb0
[  404.761408][T16267]  ? create_new_namespaces+0x31/0x720
[  404.761443][T16267]  create_new_namespaces+0xd1/0x720
[  404.761476][T16267]  ? bpf_lsm_capable+0x9/0x20
[  404.761500][T16267]  ? security_capable+0x7e/0x2e0
[  404.761536][T16267]  unshare_nsproxy_namespaces+0x11c/0x170
[  404.761560][T16267]  ksys_unshare+0x4c8/0x8c0
[  404.761591][T16267]  ? __pfx_ksys_unshare+0x10/0x10
[  404.761615][T16267]  ? __pfx_ksys_write+0x10/0x10
[  404.761638][T16267]  ? rcu_is_watching+0x15/0xb0
[  404.761669][T16267]  __x64_sys_unshare+0x38/0x50
[  404.761692][T16267]  do_syscall_64+0xfa/0x3b0
[  404.761710][T16267]  ? lockdep_hardirqs_on+0x9c/0x150
[  404.761728][T16267]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  404.761747][T16267]  ? clear_bhb_loop+0x60/0xb0
[  404.761772][T16267]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  404.761790][T16267] RIP: 0033:0x7f2e9bb8ebe9
[  404.761808][T16267] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  404.761824][T16267] RSP: 002b:00007f2e9c939038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  404.761845][T16267] RAX: ffffffffffffffda RBX: 00007f2e9bdc5fa0 RCX: 00007f2e9bb8ebe9
[  404.761860][T16267] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000026020400
[  404.761872][T16267] RBP: 00007f2e9c939090 R08: 0000000000000000 R09: 0000000000000000
[  404.761885][T16267] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  404.761897][T16267] R13: 00007f2e9bdc6038 R14: 00007f2e9bdc5fa0 R15: 00007fff57c18fd8
[  404.761931][T16267]  </TASK>
[  405.175704][T16257] netlink: 'syz.4.3016': attribute type 1 has an invalid length.
[  405.183684][T16257] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3016'.
[  405.247811][   T78] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  405.297466][   T78] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  405.366418][   T78] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  405.409952][T16270] lo speed is unknown, defaulting to 1000
[  405.417002][   T78] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  405.497648][   T78] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  405.631145][ T6324] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  405.641272][ T6324] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  405.731070][T16285] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.3023'.
[  406.120523][T16295] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2941'.
[  406.199905][T16297] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3024'.
[  406.406829][T16291] netlink: 'syz.0.3024': attribute type 10 has an invalid length.
[  406.543804][ T5947] hid-generic 0005:16C0:0009.0037: unknown main item tag 0x0
[  406.684337][ T5947] hid-generic 0005:16C0:0009.0037: hidraw0: BLUETOOTH HID v0.09 Device [syz1] on aa:aa:aa:aa:aa:aa
[  407.322144][ T5865] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  407.332666][ T5865] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  407.342718][ T5865] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  407.353439][ T5865] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  407.364105][ T5865] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  407.414615][T16321] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3034'.
[  407.461336][T16319] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  407.469477][T16319] IPv6: NLM_F_CREATE should be set when creating new route
[  407.501915][T16311] lo speed is unknown, defaulting to 1000
[  407.632522][T16324] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3035'.
[  408.145124][T16311] chnl_net:caif_netlink_parms(): no params data found
[  408.189023][   T49] nci: nci_rf_intf_activated_ntf_packet: unsupported activation_rf_tech_and_mode 0x7
[  408.220196][T16348] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  408.487441][T16364] netlink: 'syz.0.3045': attribute type 7 has an invalid length.
[  408.493184][T16311] bridge0: port 1(bridge_slave_0) entered blocking state
[  408.505032][T16311] bridge0: port 1(bridge_slave_0) entered disabled state
[  408.513542][T16311] bridge_slave_0: entered allmulticast mode
[  408.521708][T16311] bridge_slave_0: entered promiscuous mode
[  408.531423][T16311] bridge0: port 2(bridge_slave_1) entered blocking state
[  408.538684][T16311] bridge0: port 2(bridge_slave_1) entered disabled state
[  408.545969][T16311] bridge_slave_1: entered allmulticast mode
[  408.549878][T16364] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3045'.
[  408.570102][T16311] bridge_slave_1: entered promiscuous mode
[  408.794091][T16311] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  408.902495][T16311] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  409.046630][T16382] netlink: 'syz.2.3051': attribute type 10 has an invalid length.
[  409.050155][T16311] team0: Port device team_slave_0 added
[  409.084262][T16311] team0: Port device team_slave_1 added
[  409.120547][T16388] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3052'.
[  409.290956][T16397] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3055'.
[  409.351337][T16311] batman_adv: batadv0: Adding interface: batadv_slave_0
[  409.374024][T16311] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  409.403383][T16311] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  409.434653][ T5875] Bluetooth: hci2: command tx timeout
[  409.482080][T16311] batman_adv: batadv0: Adding interface: batadv_slave_1
[  409.502356][T16311] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  409.508543][    C1] ------------[ cut here ]------------
[  409.534217][    C1] ODEBUG: free active (active state 0) object: ffff888058bc8c90 object type: timer_list hint: rose_t0timer_expiry+0x0/0x350
[  409.541261][T16311] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  409.547676][    C1] WARNING: CPU: 1 PID: 16401 at lib/debugobjects.c:615 debug_print_object+0x16b/0x1e0
[  409.567356][    C1] Modules linked in:
[  409.568331][T16397] netlink: 92 bytes leftover after parsing attributes in process `syz.2.3055'.
[  409.571667][    C1] CPU: 1 UID: 0 PID: 16401 Comm: syz.3.3056 Not tainted syzkaller #0 PREEMPT(full) 
[  409.571706][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  409.600191][    C1] RIP: 0010:debug_print_object+0x16b/0x1e0
[  409.606056][    C1] Code: 4c 89 ff e8 c7 d1 52 fd 4d 8b 0f 48 c7 c7 a0 41 e3 8b 48 8b 34 24 4c 89 ea 89 e9 4d 89 f0 41 54 e8 aa ff b2 fc 48 83 c4 08 90 <0f> 0b 90 90 ff 05 d7 79 d3 0a 48 83 c4 08 5b 41 5c 41 5d 41 5e 41
[  409.625926][    C1] RSP: 0018:ffffc90000a08a10 EFLAGS: 00010292
[  409.632072][    C1] RAX: 550ef567d999cd00 RBX: dffffc0000000000 RCX: ffff88802e408000
[  409.640118][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000002
[  409.648168][    C1] RBP: 0000000000000000 R08: ffffffff8fa39337 R09: 1ffffffff1f47266
[  409.656186][    C1] R10: dffffc0000000000 R11: fffffbfff1f47267 R12: ffffffff8a6d31c0
[  409.664237][    C1] R13: ffffffff8be34320 R14: ffff888058bc8c90 R15: ffffffff8b8cdfa0
[  409.672283][    C1] FS:  0000000000000000(0000) GS:ffff888125d14000(0000) knlGS:0000000000000000
[  409.681371][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  409.688025][    C1] CR2: 0000200000f5dfe4 CR3: 00000000773e4000 CR4: 00000000003526f0
[  409.696035][    C1] Call Trace:
[  409.699381][    C1]  <IRQ>
[  409.702255][    C1]  debug_check_no_obj_freed+0x3a2/0x470
[  409.708065][    C1]  ? do_raw_spin_lock+0x121/0x290
[  409.713142][    C1]  ? rose_timer_expiry+0x4cb/0x600
[  409.718431][    C1]  kfree+0x112/0x440
[  409.722362][    C1]  rose_timer_expiry+0x4cb/0x600
[  409.727331][    C1]  call_timer_fn+0x17e/0x5f0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  409.731987][    C1]  ? __pfx_rose_timer_expiry+0x10/0x10
[  409.737471][    C1]  ? call_timer_fn+0xbe/0x5f0
[  409.742208][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[  409.747378][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  409.752649][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  409.757926][    C1]  ? __pfx_rose_timer_expiry+0x10/0x10
[  409.763425][    C1]  __run_timer_base+0x61a/0x860
[  409.768345][    C1]  ? ktime_get+0x3e/0x1f0
[  409.772721][    C1]  ? __pfx___run_timer_base+0x10/0x10
[  409.778180][    C1]  ? seqcount_lockdep_reader_access+0x15f/0x1c0
[  409.784474][    C1]  run_timer_softirq+0xb7/0x180
[  409.789400][    C1]  handle_softirqs+0x283/0x870
[  409.794370][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  409.799315][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  409.804683][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  409.809979][    C1]  __irq_exit_rcu+0xca/0x1f0
[  409.814616][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  409.819980][    C1]  irq_exit_rcu+0x9/0x30
[  409.824263][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  409.830061][    C1]  </IRQ>
[  409.833015][    C1]  <TASK>
[  409.835976][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  409.842176][    C1] RIP: 0010:lock_is_held_type+0x137/0x190
[  409.848070][    C1] Code: 01 75 44 48 c7 04 24 00 00 00 00 9c 8f 04 24 f7 04 24 00 02 00 00 75 4c 41 f7 c4 00 02 00 00 74 01 fb 65 48 8b 05 f9 83 26 07 <48> 3b 44 24 08 75 43 89 d8 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f
[  409.867940][    C1] RSP: 0018:ffffc9000e3ef2d0 EFLAGS: 00000206
[  409.874046][    C1] RAX: 550ef567d999cd00 RBX: 0000000000000001 RCX: 550ef567d999cd00
[  409.882097][    C1] RDX: 0000000000000000 RSI: ffffffff8dba8a8b RDI: ffffffff8be33800
[  409.890482][    C1] RBP: 00000000ffffffff R08: 0000000000000000 R09: ffffffff822e4a67
[  409.898522][    C1] R10: dffffc0000000000 R11: fffff9400030bd99 R12: 0000000000000246
[  409.906627][    C1] R13: ffff88802e408000 R14: ffffffff8e139ee0 R15: 0000000000000001
[  409.914703][    C1]  ? page_table_check_clear+0x187/0x700
[  409.920352][    C1]  page_ext_lookup+0xe7/0x180
[  409.925071][    C1]  ? page_table_check_clear+0x187/0x700
[  409.930711][    C1]  page_table_check_clear+0x278/0x700
[  409.936122][    C1]  ? vm_normal_page+0xb7/0x210
[  409.940965][    C1]  unmap_page_range+0x3445/0x4370
[  409.946095][    C1]  ? __pfx_unmap_page_range+0x10/0x10
[  409.951546][    C1]  ? mas_find+0xb0e/0xd30
[  409.955910][    C1]  ? unmap_vmas+0x144/0x580
[  409.960494][    C1]  unmap_vmas+0x399/0x580
[  409.964869][    C1]  ? __pfx_unmap_vmas+0x10/0x10
[  409.969852][    C1]  exit_mmap+0x248/0xb50
[  409.974155][    C1]  ? uprobe_clear_state+0x20f/0x290
[  409.979426][    C1]  ? __pfx_exit_mmap+0x10/0x10
[  409.984231][    C1]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  409.990122][    C1]  ? __pfx_exit_aio+0x10/0x10
[  409.994847][    C1]  ? uprobe_clear_state+0x274/0x290
[  410.000121][    C1]  __mmput+0x118/0x420
[  410.004224][    C1]  exit_mm+0x1da/0x2c0
[  410.008365][    C1]  ? __pfx_exit_mm+0x10/0x10
[  410.012993][    C1]  ? rcu_is_watching+0x15/0xb0
[  410.017832][    C1]  do_exit+0x648/0x2300
[  410.022034][    C1]  ? do_raw_spin_lock+0x121/0x290
[  410.027104][    C1]  ? __pfx_do_exit+0x10/0x10
[  410.033068][    C1]  do_group_exit+0x21c/0x2d0
[  410.037819][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  410.043055][    C1]  get_signal+0x1286/0x1340
[  410.047644][    C1]  arch_do_signal_or_restart+0x9a/0x750
[  410.053329][    C1]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  410.059608][    C1]  ? exit_to_user_mode_loop+0x40/0x110
[  410.065119][    C1]  exit_to_user_mode_loop+0x75/0x110
[  410.070579][    C1]  do_syscall_64+0x2bd/0x3b0
[  410.075203][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  410.080495][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  410.086597][    C1]  ? clear_bhb_loop+0x60/0xb0
[  410.091359][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  410.097285][    C1] RIP: 0033:0x7fd9d878ebe9
[  410.101777][    C1] Code: Unable to access opcode bytes at 0x7fd9d878ebbf.
[  410.108853][    C1] RSP: 002b:00007fd9d95890e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  410.117313][    C1] RAX: 0000000000000001 RBX: 00007fd9d89c5fa8 RCX: 00007fd9d878ebe9
[  410.125466][    C1] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fd9d89c5fac
[  410.133657][    C1] RBP: 00007fd9d89c5fa0 R08: 7fffffffffffffff R09: 0000000000000000
[  410.141712][    C1] R10: 000000000000000a R11: 0000000000000246 R12: 0000000000000000
[  410.149756][    C1] R13: 00007fd9d89c6038 R14: 00007ffd4a148800 R15: 00007ffd4a1488e8
[  410.157813][    C1]  </TASK>
[  410.160883][    C1] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  410.168282][    C1] CPU: 1 UID: 0 PID: 16401 Comm: syz.3.3056 Not tainted syzkaller #0 PREEMPT(full) 
[  410.177773][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  410.187869][    C1] Call Trace:
[  410.191173][    C1]  <IRQ>
[  410.194043][    C1]  dump_stack_lvl+0x99/0x250
[  410.198753][    C1]  ? __asan_memcpy+0x40/0x70
[  410.203376][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  410.208600][    C1]  ? __pfx__printk+0x10/0x10
[  410.213239][    C1]  vpanic+0x281/0x750
[  410.217276][    C1]  ? __pfx__printk+0x10/0x10
[  410.221989][    C1]  ? __pfx_vpanic+0x10/0x10
[  410.226520][    C1]  ? is_bpf_text_address+0x292/0x2b0
[  410.231855][    C1]  panic+0xb9/0xc0
[  410.235616][    C1]  ? __pfx_panic+0x10/0x10
[  410.240089][    C1]  __warn+0x31b/0x4b0
[  410.244099][    C1]  ? debug_print_object+0x16b/0x1e0
[  410.249425][    C1]  ? debug_print_object+0x16b/0x1e0
[  410.254654][    C1]  report_bug+0x2be/0x4f0
[  410.259003][    C1]  ? debug_print_object+0x16b/0x1e0
[  410.264227][    C1]  ? debug_print_object+0x16b/0x1e0
[  410.269454][    C1]  ? debug_print_object+0x16d/0x1e0
[  410.274680][    C1]  handle_bug+0x84/0x160
[  410.278953][    C1]  exc_invalid_op+0x1a/0x50
[  410.283481][    C1]  asm_exc_invalid_op+0x1a/0x20
[  410.288464][    C1] RIP: 0010:debug_print_object+0x16b/0x1e0
[  410.294306][    C1] Code: 4c 89 ff e8 c7 d1 52 fd 4d 8b 0f 48 c7 c7 a0 41 e3 8b 48 8b 34 24 4c 89 ea 89 e9 4d 89 f0 41 54 e8 aa ff b2 fc 48 83 c4 08 90 <0f> 0b 90 90 ff 05 d7 79 d3 0a 48 83 c4 08 5b 41 5c 41 5d 41 5e 41
[  410.314119][    C1] RSP: 0018:ffffc90000a08a10 EFLAGS: 00010292
[  410.320252][    C1] RAX: 550ef567d999cd00 RBX: dffffc0000000000 RCX: ffff88802e408000
[  410.328261][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000002
[  410.336271][    C1] RBP: 0000000000000000 R08: ffffffff8fa39337 R09: 1ffffffff1f47266
[  410.344267][    C1] R10: dffffc0000000000 R11: fffffbfff1f47267 R12: ffffffff8a6d31c0
[  410.352258][    C1] R13: ffffffff8be34320 R14: ffff888058bc8c90 R15: ffffffff8b8cdfa0
[  410.360325][    C1]  ? __pfx_rose_t0timer_expiry+0x10/0x10
[  410.366039][    C1]  debug_check_no_obj_freed+0x3a2/0x470
[  410.371626][    C1]  ? do_raw_spin_lock+0x121/0x290
[  410.376677][    C1]  ? rose_timer_expiry+0x4cb/0x600
[  410.381895][    C1]  kfree+0x112/0x440
[  410.385805][    C1]  rose_timer_expiry+0x4cb/0x600
[  410.390838][    C1]  call_timer_fn+0x17e/0x5f0
[  410.395434][    C1]  ? __pfx_rose_timer_expiry+0x10/0x10
[  410.400899][    C1]  ? call_timer_fn+0xbe/0x5f0
[  410.405585][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[  410.410746][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  410.415954][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  410.421165][    C1]  ? __pfx_rose_timer_expiry+0x10/0x10
[  410.426694][    C1]  __run_timer_base+0x61a/0x860
[  410.431553][    C1]  ? ktime_get+0x3e/0x1f0
[  410.435896][    C1]  ? __pfx___run_timer_base+0x10/0x10
[  410.441274][    C1]  ? seqcount_lockdep_reader_access+0x15f/0x1c0
[  410.447532][    C1]  run_timer_softirq+0xb7/0x180
[  410.452418][    C1]  handle_softirqs+0x283/0x870
[  410.457190][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  410.461961][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  410.467273][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  410.472500][    C1]  __irq_exit_rcu+0xca/0x1f0
[  410.477096][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  410.482308][    C1]  irq_exit_rcu+0x9/0x30
[  410.486551][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  410.492193][    C1]  </IRQ>
[  410.495214][    C1]  <TASK>
[  410.498151][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  410.504136][    C1] RIP: 0010:lock_is_held_type+0x137/0x190
[  410.509879][    C1] Code: 01 75 44 48 c7 04 24 00 00 00 00 9c 8f 04 24 f7 04 24 00 02 00 00 75 4c 41 f7 c4 00 02 00 00 74 01 fb 65 48 8b 05 f9 83 26 07 <48> 3b 44 24 08 75 43 89 d8 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f
[  410.529578][    C1] RSP: 0018:ffffc9000e3ef2d0 EFLAGS: 00000206
[  410.535673][    C1] RAX: 550ef567d999cd00 RBX: 0000000000000001 RCX: 550ef567d999cd00
[  410.543830][    C1] RDX: 0000000000000000 RSI: ffffffff8dba8a8b RDI: ffffffff8be33800
[  410.551813][    C1] RBP: 00000000ffffffff R08: 0000000000000000 R09: ffffffff822e4a67
[  410.559783][    C1] R10: dffffc0000000000 R11: fffff9400030bd99 R12: 0000000000000246
[  410.567762][    C1] R13: ffff88802e408000 R14: ffffffff8e139ee0 R15: 0000000000000001
[  410.575755][    C1]  ? page_table_check_clear+0x187/0x700
[  410.581328][    C1]  page_ext_lookup+0xe7/0x180
[  410.586013][    C1]  ? page_table_check_clear+0x187/0x700
[  410.591732][    C1]  page_table_check_clear+0x278/0x700
[  410.597109][    C1]  ? vm_normal_page+0xb7/0x210
[  410.601967][    C1]  unmap_page_range+0x3445/0x4370
[  410.607042][    C1]  ? __pfx_unmap_page_range+0x10/0x10
[  410.612421][    C1]  ? mas_find+0xb0e/0xd30
[  410.616762][    C1]  ? unmap_vmas+0x144/0x580
[  410.621377][    C1]  unmap_vmas+0x399/0x580
[  410.625724][    C1]  ? __pfx_unmap_vmas+0x10/0x10
[  410.630598][    C1]  exit_mmap+0x248/0xb50
[  410.634845][    C1]  ? uprobe_clear_state+0x20f/0x290
[  410.640057][    C1]  ? __pfx_exit_mmap+0x10/0x10
[  410.644825][    C1]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  410.650483][    C1]  ? __pfx_exit_aio+0x10/0x10
[  410.655175][    C1]  ? uprobe_clear_state+0x274/0x290
[  410.660381][    C1]  __mmput+0x118/0x420
[  410.664452][    C1]  exit_mm+0x1da/0x2c0
[  410.668529][    C1]  ? __pfx_exit_mm+0x10/0x10
[  410.673126][    C1]  ? rcu_is_watching+0x15/0xb0
[  410.677914][    C1]  do_exit+0x648/0x2300
[  410.682168][    C1]  ? do_raw_spin_lock+0x121/0x290
[  410.687283][    C1]  ? __pfx_do_exit+0x10/0x10
[  410.691889][    C1]  do_group_exit+0x21c/0x2d0
[  410.696483][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  410.701699][    C1]  get_signal+0x1286/0x1340
[  410.706224][    C1]  arch_do_signal_or_restart+0x9a/0x750
[  410.711865][    C1]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  410.718042][    C1]  ? exit_to_user_mode_loop+0x40/0x110
[  410.723513][    C1]  exit_to_user_mode_loop+0x75/0x110
[  410.728802][    C1]  do_syscall_64+0x2bd/0x3b0
[  410.733432][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  410.738716][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  410.744784][    C1]  ? clear_bhb_loop+0x60/0xb0
[  410.749555][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  410.755460][    C1] RIP: 0033:0x7fd9d878ebe9
[  410.759879][    C1] Code: Unable to access opcode bytes at 0x7fd9d878ebbf.
[  410.766896][    C1] RSP: 002b:00007fd9d95890e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  410.775399][    C1] RAX: 0000000000000001 RBX: 00007fd9d89c5fa8 RCX: 00007fd9d878ebe9
[  410.783431][    C1] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fd9d89c5fac
[  410.791664][    C1] RBP: 00007fd9d89c5fa0 R08: 7fffffffffffffff R09: 0000000000000000
[  410.799743][    C1] R10: 000000000000000a R11: 0000000000000246 R12: 0000000000000000
[  410.807721][    C1] R13: 00007fd9d89c6038 R14: 00007ffd4a148800 R15: 00007ffd4a1488e8
[  410.815799][    C1]  </TASK>
[  410.819317][    C1] Kernel Offset: disabled
[  410.823741][    C1] Rebooting in 86400 seconds..