last executing test programs:

5m58.694963845s ago: executing program 2 (id=1593):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
close(0x3)
bind$alg(r1, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(cast6)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
accept4(r1, 0x0, 0x0, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x800, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x3e8, 0x0, 0xfffffffffffffd25)

5m58.516874067s ago: executing program 2 (id=1596):
socket$packet(0x11, 0x2, 0x300)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
sendto$inet6(r1, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
sendto$inet6(r1, &(0x7f0000000080)='D', 0x1, 0x4014, 0x0, 0x0)
shutdown(r1, 0x1)
splice(r1, 0x0, r0, 0x0, 0x7ffff000, 0x0)

5m58.130801935s ago: executing program 2 (id=1602):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x2, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x207)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x4000)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000005f80)=@newtfilter={0x90, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {}, {0x8}}, [@filter_kind_options=@f_flow={{0x9}, {0x58, 0x2, [@TCA_FLOW_ACT={0x54, 0x9, 0x0, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x1ff, 0x0, 0x20000001, 0x4, 0x2}, 0x1, r3}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}}, @TCA_CHAIN={0x8, 0xb, 0x9}]}, 0x90}}, 0x0)

5m57.988577413s ago: executing program 2 (id=1606):
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, 0x0}, 0x0)
r0 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r0, &(0x7f0000000040)={0x2a, 0x1}, 0xc)
r1 = socket$qrtr(0x2a, 0x2, 0x0)
recvmmsg(r0, &(0x7f0000000ac0)=[{{0x0, 0xff2c, 0x0}, 0x1}], 0x40, 0x2, 0x0)
connect$qrtr(r1, &(0x7f0000000040)={0x2a, 0x1, 0x4000}, 0xc)
writev(r1, &(0x7f0000000340)=[{&(0x7f0000000080)='~', 0x1}], 0x1)
writev(r0, &(0x7f0000000540)=[{&(0x7f0000000140)='Q', 0x1}], 0x1)

5m57.758813701s ago: executing program 2 (id=1611):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f00000002c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x4000800)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=@delchain={0x24, 0x66, 0xf31, 0xf7fffffb, 0x3, {0x0, 0x0, 0x0, r3, {0x0, 0xfff2}, {0x0, 0xffff}, {0x9, 0xfff2}}}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)

5m57.207674778s ago: executing program 2 (id=1621):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x5}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001300)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r3, {0xa, 0x9}, {}, {0xc, 0x8}}, [@filter_kind_options=@f_flow={{0x9}, {0x14, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_KEYS={0x8, 0x1, 0x18934}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x60000080}, 0x20000000)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@gettfilter={0x24, 0x2e, 0x1, 0x70bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x9}, {0x0, 0xfff1}, {0xa, 0xe}}}, 0x24}}, 0x0)

5m56.678962686s ago: executing program 32 (id=1621):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x5}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001300)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r3, {0xa, 0x9}, {}, {0xc, 0x8}}, [@filter_kind_options=@f_flow={{0x9}, {0x14, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_KEYS={0x8, 0x1, 0x18934}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x60000080}, 0x20000000)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@gettfilter={0x24, 0x2e, 0x1, 0x70bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x9}, {0x0, 0xfff1}, {0xa, 0xe}}}, 0x24}}, 0x0)

2.480652079s ago: executing program 1 (id=7057):
r0 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000100), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c020000", @ANYRES16=r0, @ANYBLOB="010000000000000000000100000014000200776731ffffffef000000000000000000f40108807000008048000980280000f8060001000a20000014000200fe8000000000000000000000000000aa05000300000000001c000080060001000200000908000200e00000010500030000000000240001"], 0x21c}, 0x1, 0x0, 0x0, 0x20040010}, 0x4008804)

2.480231265s ago: executing program 4 (id=7059):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)={{0x14}, [@NFT_MSG_NEWRULE={0x70, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x44, 0x4, 0x0, 0x1, [{0x40, 0x1, 0x0, 0x1, @byteorder={{0xe}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_BYTEORDER_OP={0x8}, @NFTA_BYTEORDER_SREG={0x8}, @NFTA_BYTEORDER_DREG={0x8}, @NFTA_BYTEORDER_LEN={0x8}, @NFTA_BYTEORDER_SIZE={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x98}}, 0x0)
r1 = socket(0x11, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="2c0000002100010000000000000000000a00004000000000000000000500160000000000080017"], 0x2c}}, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=ANY=[@ANYBLOB="120000005400012c000000000000000007"], 0x18}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bridge_slave_1\x00', <r4=>0x0})
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x3)
syz_emit_ethernet(0xe3, &(0x7f0000000300)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0xd5, 0x65, 0x0, 0xf, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0xe53}, {"cb2998a56a0f21744c3a442f139715f314d2773b86869fa69b4b093081947c53122a4445c49be09cad075be7bb7c837a0dbc3155d8901351114693c7e5e59c3be3ad97a2833f6937091251a0f80d0000000000008f79ae1cf9ccee7a4b7eaf497fb3d8243cd252b6ec1cedca059e6dac6c75a012385f9c1926e28753250798c7f4000c79d8b436c9d8b45aa16c9540c4f3b431c0309c8ae64fc88774f9f15fe7f3295cc414979bb093064b7902"}}}}}}, 0x0)
bind$packet(r1, &(0x7f0000000080)={0x11, 0x1a, r4, 0x1, 0x1, 0x6, @multicast}, 0x14)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8481f0000005e140604000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)

2.334781641s ago: executing program 1 (id=7062):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="4400000010003b1500"/20, @ANYRES32=0x0, @ANYBLOB="662700000000000024001280090001007866726d0000000014000280040003"], 0x44}}, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[], 0xe8}}, 0x0) (async)
r1 = socket(0x10, 0x3, 0x0) (async, rerun: 32)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) (rerun: 32)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async, rerun: 64)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x14, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000200)={r5, &(0x7f0000000040)="f0", &(0x7f0000000080)=""/13}, 0x20) (async)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r4) (async)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000340)={'wpan0\x00', <r8=>0x0})
sendmsg$IEEE802154_LLSEC_ADD_DEV(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x38, r6, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r8}]}, 0x38}, 0x4, 0x700000000000000}, 0x4048004) (async)
sendmsg$IEEE802154_LLSEC_LIST_DEVKEY(r3, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x14, r6, 0x8, 0x70bd25, 0x25dfdbfe, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000001}, 0x20020000) (async, rerun: 64)
r9 = openat$cgroup_procs(r2, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0) (rerun: 64)
pread64(r9, &(0x7f0000000740)=""/4096, 0x1000, 0x7) (async)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000080)={0x10003, 0x0, 0xd7c7, 0xffff7ff9}, 0x10) (async)
ioctl(0xffffffffffffffff, 0x8, &(0x7f0000000180)="a08c3c47e39d73ee10c7e8916c300258da2ce29c6c75fe93818a562e6378febfcb18a8a69f319612c5b2b1d312d334ba71b3f0b678cbc1f00aa231528f195c287e52c136e911fb") (async, rerun: 64)
write(r1, &(0x7f00000000c0)="240000001e005f0214fffffffffffff8070000001d0000050000000008000900ecffffff", 0x24) (rerun: 64)

2.134735229s ago: executing program 1 (id=7066):
r0 = socket$key(0xf, 0x3, 0x2)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$BTRFS_IOC_BALANCE_CTL(r0, 0x40049421, 0x2)
connect$inet6(0xffffffffffffffff, &(0x7f0000000300)={0xa, 0x4e23, 0x5, @mcast1, 0x101}, 0x1c)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000080)='rpc_clnt_new\x00', 0xffffffffffffffff, 0x0, 0xb9b}, 0x18)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'macsec0\x00', <r4=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="2c00000010000100"/20, @ANYRES32=r4, @ANYBLOB="84110000044000000a00010042bbbabbbbbb0000"], 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x0)

2.034784222s ago: executing program 4 (id=7069):
syz_emit_ethernet(0x2a, &(0x7f00000002c0)=ANY=[@ANYBLOB="563c9a138ff858af9022070090780000000100"/41], 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x5, 0x0)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000100)=0x40)
unshare(0x6a040000)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c0000005e00679a3601ffc4910710007e570966f4366ec9d4"], 0x1c}, 0x1, 0x0, 0x0, 0x4004}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000240), r1)
r6 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25GSUBSCRIP(r6, 0x89e0, 0x0)
sendmsg$DEVLINK_CMD_SB_OCC_SNAPSHOT(r4, &(0x7f0000000540)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000500)={&(0x7f00000006c0)=ANY=[@ANYBLOB="652001008e3d4373594bf677b56d2ec8a8e77c3890c8e1dcc5c6618b05161496868d98c4296dba0529fbcab6e8759f122a19f740715fe9f2a94b2973e300000000", @ANYRES16=r5, @ANYBLOB="010025bd7000fbdbdf251b0000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008000b00ff070000080001007063690011000200303030303a30303a31302e300000000008000b00f5ffffff080001007063690011000200303030303a30303a31302e300000000008000b0005000000080001007063690011000200303030303a30303a31302e300000000008000b00ff0f00000e0001006e657464657673696d0000000f0002006e657464657673696d30000008000b00ff0000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008000b00080000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008000b0009000000"], 0x120}, 0x1, 0x0, 0x0, 0x51}, 0x48080)
r7 = socket$kcm(0x29, 0x0, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="30000000100001007e40144e00000000000000001798673736768d98abc3e732c56bfba7865292f23e8bb223bfd5078cbc42431df76a51445275d479a5ba88f3ab74c52f5e2a8f99c19b4a5b9ec69e2bc22ec1d1fc3d3062e6665642992a5425b5640ac7ff764a014c4b24a6b67cc5982cf6d3fb85edbbf413aa28c2a838389ea00b62", @ANYRES8=r7, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRESOCT=r0, @ANYBLOB="08001b"], 0x30}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
r8 = socket$inet6_sctp(0xa, 0x801, 0x84)
socket(0x2, 0x80805, 0x0)
r9 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r9, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r9, 0x84, 0x6f, &(0x7f0000000200)={<r10=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r9, 0x84, 0x7a, &(0x7f0000000340)={r10, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
setsockopt(r8, 0x84, 0x80, &(0x7f0000000080)="1a4f30d089f5bd5b", 0x8)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r8, 0x84, 0x5, &(0x7f00000000c0)={0x0, @in6={{0xa, 0x4e21, 0x8, @remote, 0x1000}}}, 0x84)
recvmmsg$unix(r1, &(0x7f0000002380)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
r11 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r11, &(0x7f0000d84000)={0xa, 0x2, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0x9}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r11, 0x6, 0xd, &(0x7f0000000000)='vegas\x00', 0x6)
sendto$inet6(r11, &(0x7f00000000c0)="04", 0x1, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2, 0x6}, 0x1c)

1.875573022s ago: executing program 1 (id=7072):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0207e80702"], 0x10}}, 0x40044)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_int(r2, &(0x7f0000000080)='hugetlb.1GB.rsvd.limit_in_bytes\x00', 0x2, 0x0)
writev(r3, &(0x7f0000000a40)=[{&(0x7f00000007c0)='e', 0x1}], 0x1)
r4 = socket$inet6(0xa, 0x3, 0x1)
setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000280)={{{@in6=@ipv4={'\x00', '\xff\xff', @multicast2}, @in6=@remote, 0x0, 0x56, 0x2, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0xdffffffffffffffb, 0x2000000, 0xfffffffffffffffe}, {0x7, 0x0, 0x4}, 0x1, 0x0, 0x1}, {{@in=@empty, 0x0, 0x2b}, 0xa, @in=@dev={0xac, 0x14, 0x14, 0x13}, 0x3507, 0x4, 0x0, 0x0, 0xffffffff, 0x0, 0x4}}, 0xe8)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xff}}}, 0x1c)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000011c0)=@newtaction={0x98, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x84, 0x1, [@m_tunnel_key={0x80, 0x1, 0x0, 0x0, {{0xf}, {0x50, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c}, @TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @ipv4={'\x00', '\xff\xff', @private}}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @remote}, @TCA_TUNNEL_KEY_ENC_KEY_ID={0x6}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x98}}, 0x0)

1.796356734s ago: executing program 5 (id=7074):
r0 = socket(0x11, 0xa, 0x87)
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth0_to_bridge\x00', <r1=>0x0})
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz1\x00', 0x200002, 0x0)
r3 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
r4 = accept4$x25(r0, &(0x7f0000000100)={0x9, @remote}, &(0x7f0000000140)=0x12, 0x800)
ioctl$sock_x25_SIOCDELRT(r4, 0x890c, &(0x7f0000000180)={@null, 0x9, 'wg0\x00'})
sendmsg$inet(r3, &(0x7f00000013c0)={0x0, 0x0, 0x0}, 0x0)
openat$cgroup_subtree(r2, &(0x7f00000000c0), 0x2, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000000)={@private1={0xfc, 0x1, '\x00', 0x1}, 0x40, r1})
ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x8936, &(0x7f0000000000))

1.430727388s ago: executing program 0 (id=7076):
socket(0x10, 0x3, 0x0)
socket$packet(0x11, 0x3, 0x300)
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, 0x0, 0x0)
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$kcm(r0, &(0x7f0000001900)={0x0, 0x0, 0x0}, 0x20040000)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0xe, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="180400000000000000000000000000007110a0000000000095"], &(0x7f0000000000)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0xf}, 0x90)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0xfc, 0x0}, 0x30004001)
r1 = socket$kcm(0x10, 0x3, 0x10)
r2 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r2, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x4001, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x15}}}, 0x80, 0x0}, 0x20000001)
sendmsg$kcm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="1400000023000b6c8cfffdfccabb00f90429fc60", 0x14}], 0x1}, 0x20044080)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r5, &(0x7f0000000180)={0x10, 0x0, 0x25dfdc03, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f0000000000), 0x4)
sendmsg$NFT_MSG_GETRULE(r4, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000200)={&(0x7f0000000340)={0x14, 0x7, 0xa, 0x301, 0x0, 0x0, {0x0, 0x0, 0x9}}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x4000c020)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000840), r5)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x13101}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x3c}}, 0x0)

1.411209558s ago: executing program 3 (id=7077):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r0, &(0x7f0000002c00)=[{{0x0, 0x900, 0x0}, 0x200101}, {{0x0, 0x0, 0x0}, 0x2044}, {{0x0, 0x0, 0x0}, 0xffffffff}, {{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000800)=""/213, 0xd5}, {&(0x7f0000000900)=""/242, 0xf2}, {&(0x7f0000002e00)=""/4095, 0x1021}, {&(0x7f0000000340)=""/240, 0xf0}], 0x4}, 0x101}, {{0x0, 0x0, 0x0}, 0xd}, {{0x0, 0x0, 0x0}, 0x409}, {{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000540)=""/129, 0x82}, {&(0x7f0000001900)=""/229, 0xe5}, {&(0x7f0000001a00)=""/4109, 0x100d}, {&(0x7f0000006080)=""/4076, 0xfec}, {&(0x7f0000000240)=""/112, 0x70}, {&(0x7f0000000600)=""/135, 0x71}], 0x6}, 0x3}, {{0x0, 0x0, 0x0}, 0xa}], 0x8, 0x40010020, 0x0)

1.377715028s ago: executing program 5 (id=7078):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=@newtaction={0x88, 0x30, 0xb, 0x0, 0x0, {}, [{0x74, 0x1, [@m_ct={0x70, 0x1, 0x0, 0x0, {{0x7}, {0x48, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x0, 0x0, 0xfc}}, @TCA_CT_NAT_IPV6_MIN={0x14, 0xb, @private1}, @TCA_CT_NAT_PORT_MIN={0x6}, @TCA_CT_ACTION={0x6, 0x3, 0x19}, @TCA_CT_NAT_PORT_MAX={0x6}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x88}}, 0x0)

1.178928938s ago: executing program 5 (id=7079):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FD_FRAMES(r1, 0x65, 0x8, &(0x7f0000000000), 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18020000f9ffffff0000000000000000850000004100000095000000000000003d789ade838a5adf0c21f97a9d6f55528c474cb385573d9fd2aff88c497a5d0ab93dbb1df77098cacd277206f0902cf2c1d66e1ef4fe6deeaf8739f048bff4c9d61b5c334ef7384130fd875789e46307b8f29c46149360bea59a42011aabc5001093a06d23b6cf4f033c6000c3ab63ee036fe7023574b86c8964c32f955d410083f7567735a2ca0100000000000000c644e801f17579bac767236f2b3addb04f55cee250cb376879ae14b9e1ab98703bc7db41925c55b0a4141ae3c08d264831d0f6365469c35621850000f6ff0000000000000000000000000000000000317dc59df6de3bfd0d7f785ff1e9606c84574e4b80937ae83516d820278c4c3fda817aeb17be0cca599b7c4bf6350dcb747508404034d9478ff88e1cbfe43f46a1a5d9239e393f2bb309160118a787cb0c64b606ffe744f79c1bba0ca081302b0f04e377f1b6a3646cbe934ef6ad95d4f160a9dcc9550f9777ca5d2daa2b239547f27a221d2eefb2c40ffe95c97ce091b7c2a8c0471b9124af726edb5a3b9aba486b93cb5ea7fff68f53401f8e826d5afbb98ed8b015dc328a507d15260a18a79110e68f1d43dad73121b60ec43e98e3f522b61a4f8fc0ba0257e8fd5ac428b986c49c76395b5a51c2c75d8c1453771915705bd0925cf573b0a9c01d8e552fe288d3c0433cbe801747f335448deb0e7164f6df7d3554bc66ff51352f912d76519aa6290fe7e72402000000e85552c5c049dde27c5294dc77c8a4490492a6deb8108c14ac9a261e2d990f65ea36f217783759c06e37c3a2f3b0b3c3893700152cdca1a4a045b3645b827c989b6a42f3a19d7df9b6c176a209afe66b38ab5a44bffc22ff89f0f03345e2f83f38b01df7ad086b462aad68f9fdf167f53fac61f511bf206de4eaf6d3eabde1bbe1077c3df5ff031bb8e9fc7f562c68e71db1dc7e61eb73a7b068ed9782ab069743d99dfe6209bd936d3e706df924e7043c5a66b730b6c64b6df44ad36788bd93ac57fd67baf927ec64f9ba759e7d4ed9bcf1a33ca39864d3bde66ad03a491ddfd17a3189ad7340ef90306e8dca300131219a55bbbd21289cf14fe40ef8fad89488df3503a766a8edf43bf816f4a5f0d8b1a0c183575a1589994054af2338e49a18186b94de6151107353eccd2817a075f9c4da88c31af5af5c981c6d72edb4df8b352a7d339e903a81b3c4eb51d8a286d0505cf8ee7c0daba3c2beb61865ee571a16cfb00e99088c8236964c798972daa234a0f055e33ea334d85a01d6f53da316813ea458430671b5eb59007a3e0a359aeb67a512576c942d187e5e9a905b18a303303e05266ecd0ab77f0ef4ae42d4c8d21c65fcedc6876ff461de2e2fa8c262b489edf06065535cb58820cfc9d3c1a93976d085a70000"], &(0x7f0000000240)='syzkaller\x00', 0x4, 0xff0, &(0x7f000062b000)=""/4080, 0x0, 0x0, '\x00', 0x0, @xdp}, 0x3d)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0xa0001f98, 0x15, 0x0, &(0x7f0000000280)="4c1b84bdac37f4451b20a3066494677ee389d422a1", 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000008c0)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000000)={0x58, r3, 0x1, 0x0, 0x0, {{}, {@void, @val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x6}, @mon_options=[@NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "31329eae551326051c0ecba1df0ef9cc9415b343831f26fe"}, @NL80211_ATTR_MNTR_FLAGS={0xc, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}]}]]}, 0x58}}, 0x0)

1.178594491s ago: executing program 0 (id=7080):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001700)=ANY=[@ANYBLOB="1800000024000103000000000000000001008c000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r0, &(0x7f00000003c0)=[{{0x0, 0xfa0f, &(0x7f0000000240)=[{&(0x7f0000002740)=""/4090, 0xffa}, {&(0x7f0000000300)=""/130, 0x82}], 0x2}}, {{0x0, 0x0, 0x0}, 0x5}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000680)=""/96, 0x60}, {&(0x7f0000000700)=""/104, 0x68}, {&(0x7f0000001740)=""/4080, 0xff0}, {&(0x7f0000004740)=""/4083, 0xff3}], 0x4}, 0x8}], 0x3, 0x2, 0x0)

1.162095956s ago: executing program 3 (id=7081):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETCHAIN(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="2c000000040a01040600000000000000020000020900010073797a"], 0x2c}, 0x1, 0x0, 0x0, 0x8080}, 0x4004000) (fail_nth: 4)

1.161784524s ago: executing program 4 (id=7082):
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c0000005e00679a3601ffc4910700004f78d4c1a0731cccff"], 0x1c}}, 0x0)
recvmmsg$unix(r0, &(0x7f0000002380)=[{{0x0, 0x4000000, &(0x7f0000001340)=[{&(0x7f00000002c0)=""/4096, 0xecc}], 0x1, 0x0, 0xc80e}}], 0x8, 0x0, 0x0)

625.578967ms ago: executing program 0 (id=7083):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='htcp\x00', 0x5)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000600)=@newtaction={0x9c, 0x30, 0xb, 0x0, 0x0, {}, [{0x88, 0x1, [@m_ct={0x84, 0x1, 0x0, 0x0, {{0x7}, {0x5c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x7c}, @TCA_CT_NAT_IPV6_MAX={0x14, 0xc, @dev}, @TCA_CT_NAT_IPV6_MIN={0x14, 0xb, @dev}, @TCA_CT_NAT_PORT_MIN={0x6}, @TCA_CT_NAT_PORT_MAX={0x6}, @TCA_CT_ACTION={0x6}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x9c}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000480)=ANY=[@ANYBLOB=' ', @ANYRES16=r4], 0x20}, 0x1, 0x0, 0x0, 0x840}, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000001300), r2)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r2, 0x0, 0x10004800)
sendto$inet(r0, &(0x7f0000000580)="17", 0xfdef, 0x10008095, 0x0, 0x0)

575.579617ms ago: executing program 1 (id=7084):
openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x13, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000001900ff00000000001851000020"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x10001}, 0x94)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0xe, 0x0, 0x0, 0x2, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xa30}, 0x94)
ioctl$sock_SIOCBRADDBR(r1, 0x89a0, &(0x7f00000002c0)='ip6_vti0\x00')
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000340)={0x0, r2}, 0x8)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r5 = accept4(r4, 0x0, 0x0, 0x800)
sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3}], 0x1, 0x40800)
recvmsg(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r6, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r7, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

575.282695ms ago: executing program 5 (id=7085):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r1 = socket(0x2, 0x3, 0x100000001)
r2 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="8000000000010104000000090000000002000000240001801400018008000100e0c6000108000200e00000010c000280050001000000000024000280140001800800010000000000080002007f0000010c00028005000100000000000800074000000000080003400000100e14000f80050001"], 0x80}}, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
r4 = socket(0x2a, 0x2, 0x0)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0)
getsockname$packet(r4, &(0x7f0000000200)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}, {0x0, 0xb}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0xfffa, 0x2}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x8035}]}}]}, 0x3c}}, 0x24000000)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0)
setsockopt(r1, 0xff, 0x1, &(0x7f0000000100)='O', 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x10, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x0, 0x1, 0x21}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe}, 0x90)
bind$alg(0xffffffffffffffff, &(0x7f0000000200)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-sse2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
r7 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmmsg$alg(r7, &(0x7f00000040c0)=[{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000280)="816154c6e71d9c750363f342744911ca45e32f393e977df3b37b8f315e8271e2", 0x20}, {&(0x7f0000002780)="1412db33722627433eac166190a979b24a252d244af8b27292b4576fc3b3806e0347778024e08aeabd5095bcb6435b0784bc039c894fdbad65262479b27ec7824d174849499dfdd7339b8a7aa1af2aa9354c0987bfc33778c11962190161c89b", 0x60}], 0x2, &(0x7f0000000540)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x40088d5}], 0x1, 0x40)
recvmmsg(r7, &(0x7f0000000980)=[{{0x0, 0x0, 0x0}, 0x7fff}, {{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000840)=""/116, 0x74}, {&(0x7f00000003c0)=""/129, 0x81}], 0x2}, 0x9}], 0x2, 0x10000, 0x0)
syz_emit_ethernet(0x3e, &(0x7f00000007c0)={@link_local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010100, @local}, @time_exceeded={0x3, 0x1, 0x0, 0x3, 0x0, 0x3f18, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @empty}}}}}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_MSG_GETSETELEM(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000009b80)=ANY=[@ANYBLOB="3000000029d81cac45115710000000000a0000010400b40d0900010073797a31000000000900020073797a3200000000"], 0x30}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000)
close(r7)

575.191368ms ago: executing program 4 (id=7086):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x20, 0x52, 0x1, 0x0, 0x0, {0xa}, [@typed={0xc, 0x2, 0x0, 0x0, @u64}]}, 0x20}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETCHAIN(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c000000040a01040600000000000000020000020900010073797a", @ANYRESDEC=r1], 0x2c}, 0x1, 0x0, 0x0, 0x8080}, 0x4004000)

485.642542ms ago: executing program 3 (id=7087):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETCHAIN(r0, &(0x7f00000003c0)={0x0, 0x20, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="2c000000040a01040600000000000000020000020900010073797a"], 0x2c}, 0x1, 0x0, 0x0, 0x8080}, 0x4004000)

436.976324ms ago: executing program 3 (id=7088):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c0000005e00679a3601ffc4910700004f78d4c1a0731cccff"], 0x1c}}, 0x0)
r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000200)={0xa4, r0, 0x800, 0x70bd2d, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_DAEMON={0x18, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}, @IPVS_CMD_ATTR_DEST={0x64, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e20}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x1}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x6}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@dev={0xfe, 0x80, '\x00', 0x30}}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@loopback}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x4}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0xc}, @IPVS_DEST_ATTR_TUN_TYPE={0x5}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x7f}]}, @IPVS_CMD_ATTR_SERVICE={0x14, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'fo\x00'}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x2c}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x48000}, 0x0)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000002380)=[{{0x0, 0x4000000, &(0x7f0000001340)=[{&(0x7f00000002c0)=""/4096, 0xecc}], 0x1}}], 0x8, 0x0, 0x0)

389.508436ms ago: executing program 0 (id=7089):
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f00000000c0)=0x1)
ioctl$PPPIOCSMAXCID(0xffffffffffffffff, 0x40047451, &(0x7f0000000300)=0x3)
ioctl$PPPIOCSFLAGS1(0xffffffffffffffff, 0x40047459, &(0x7f0000000100)=0x2000004)
r0 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000500)={0x0, 0x0, 0x6, 0x0, '\x00', [{0x2, 0x3, 0xffffffff, 0x1, 0xb}, {0x10, 0xa2, 0xff, 0xfffffffffffffff7, 0x2, 0x5}], ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00']})
pwritev(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f00000004c0)="00214717a7070000273e030600710a5e31163ceb9d04", 0x16}], 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="050000000000000073116f00000000008510ffff02000000850000000000000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)

294.995251ms ago: executing program 4 (id=7090):
r0 = socket$kcm(0x10, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000000)={'c', ' *:* ', 'w\x00'}, 0x8)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000006800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4044800)
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00110010008188e6b62aa73f72cc9f0ba1f8483d0000005e140602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0)

294.841134ms ago: executing program 3 (id=7091):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000001c0)=@newlink={0x78, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, [@IFLA_LINKINFO={0x50, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x40, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_EGRESS_QOS={0x34, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x1ff}}, @IFLA_VLAN_QOS_MAPPING={0x7, 0x1, {0x7f}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xffff}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x1ff}}]}]}}}, @IFLA_LINK={0x8}]}, 0x78}}, 0x0)

215.359697ms ago: executing program 1 (id=7092):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
accept(r0, &(0x7f0000000640)=@pppol2tp={0x18, 0x1, {0x0, <r2=>0xffffffffffffffff, {0x2, 0x0, @empty}}}, &(0x7f0000000280)=0x80)
bind$unix(r2, &(0x7f0000000840)=@abs={0x1, 0x0, 0x4e24}, 0x6e)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000040}, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)={0x118, 0x2e, 0x1, 0x0, 0x25dfdbfc, "", [@nested={0x106, 0xf2, 0x0, 0x1, [@typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac08}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x16}}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f", @typed={0x4, 0xe9}]}]}, 0x118}], 0x1, 0x0, 0x0, 0x1}, 0x0)
recvmsg(r5, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000540)="de145ab4123c4dbf1c934b76d432b6e7c2ea59d162c2e1f63bc554562e94e73ad87d095c423e8472758a48b35f87f23dbf614ec91bfaf48aac546df1d9c2e7c1d6f01bd97a737a7b66927fdd3189b62bfe7e7f", 0x53}, {&(0x7f0000000740)="d6155a7cac6340b074a9c2768f2482b18d0a5f872d59e74908e09338a4de75e90ae19d4e97baf56d86661a37325022bad37cbf9f9147a6fbf39af555cc225a940747f6a816ec4d1e7925fce09b01882791f06da3448a041d649a7bac97164ce59d9ad33dfe4be30c2f097b047816f58306f38d2e5cdb48a69cd2c9f194f51ae0cc68de853e7241220213923840815a14fc933b3c48a38d7af63f19ca277c8c07a1695fa8d05c172f3f9eac4e571c8059c9943d775329e503d5baedc2059548ec2ce0a1c1c6e64d63b59abda88851a48faf4160735c03012a3e7a", 0xda}], 0x2}, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, 0x7, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0x3}, [@IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x7d5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x8004}, 0x10)
setsockopt$sock_attach_bpf(r5, 0x1, 0xd, &(0x7f00000000c0), 0x4)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r4, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0xb}})
r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x6, 0xf, &(0x7f0000000900)=@ringbuf={{0x18, 0x7}, {{0x18, 0x1, 0x1, 0x0, r9}, {}, {}, {0x85, 0x0, 0x0, 0x64}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r11 = socket$unix(0x1, 0x1, 0x0)
r12 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r13=>0x0})
sendmsg$nl_route_sched(r12, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r13, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xfffffffd, 0x6}, [@TCA_NETEM_LATENCY64={0xc, 0xa, 0x3}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)

202.929971ms ago: executing program 5 (id=7093):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x6, 0xe, &(0x7f0000002300)=ANY=[@ANYBLOB="b702000000001700bfa300000000000007030000f0ffffff720af0ff1100000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000000000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd844a954b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129da487130d5f24bf901115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4b9535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024a0041b1df65b3e1b9bf115646d14ce53d13d0ccacda1efc5f9094fa737c28b994a8512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4fdc4b4861004eefbc17f54f82a804d4a69bf9bc5fa77ee2922bd165a5a68488e010030166565a097b103b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f940b6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c2d7f22b0d22772c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d366501753a7ac7fedb8d34f5bc381604fcd46105c457e7dd13cab6692422a47e9ffe2d4a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c9585638c2153a6eee01738b0c10671f4f559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670100be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c160119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d300e4d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d0000002000000001c800000000000000000000000928ee53595a779d243a48cea769470424d28804c024ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d74bf0a305790c9d644735efbf3411718d6ee7aebf9ef40662d7836d252c566f5ee934c679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da2022f23daec61854f640f701db0276652f6c031578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada209bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6155e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2f085185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bcdb7c89739f5d81e750d50517a59a3ad09e8802e8f4f535447cc0facd5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5b473332f2011e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d3fcd116bce9c764c714c9402c21d181aae59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755367fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf00000048d2570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749e1338636555009edf66be445d6975d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab0043ebf7c79a953e023f74afad591821610b857e8717764b633b21cb32f09f4db033e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c1960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000000000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd5c17d5486b0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dff7aa46e820a74f9530bdcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fdca4e9eda0072f6df342f3e7071e28ef6806bc8e139c49b91c76b0d3958f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7194d1eb3de6a5f99f301f89c2ee627e949cdd22000026a9960503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640000cd9e7f2e236ef5f1e3a94b108eb9750b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a2050000c375c705c798e0e208e4a5259d0bda526b462af45a6e9a84aebe025c8a7f65819f397574db7ab01bd2b3e3cd28c5aec50f8edfe39a00bafd688a7eea04efdeed96f67012bc3f795edb68b5dec80ad31a858eb756c815e7695d00000000000000000000000000000000000000000000000000007ccf0ce549d97510f7f8765408bb702f0000006d4754d98b7064cf31a681421994e1f307f0ab4ff2e33d3c88fea5d218a276b77adfee7c8fb145783ee1f8cf632c2604eab3a62a28611da1cae5ce60003111ce5c96a1d6e45ee144ffa3dcca32a33f8f0ce2995b7b7aa0bce228cbf37412e1bdebae06edb51a134301b4627d4927287daf9dcae6720334862f3a18094f1edd9e3503379815dcfbbc8141f6e1bbb0901ae91357677fd9d2bb00d4f17fb441c2dfa2b424bf46ae299d68ac27792cdac2f09e99f4ab5546ba1e5ad6a329f24e73a9c38eec34bd4dcc1609f6150e2de72f6599a2310c3841f4bb7f39cabc82c9fdfff5587ed4fa84090635fa3445c4cc54478b2f98320944ac7cb1c4e414556f7b0b763a00a84327cec7e11b3470f0384b27bbfdd8b2472497e7fe8c5df7e0a00641872472efa21c9ad3979e642dcc85c17ca8e084aa9689b83426e2fdaa01f500000000000000000000f9fd84fa991466ff749afe900d02281b2bb60d458340c4f68ec34835760ceca945bf181a000000c000000000b4a76515564ae189de7c1765f0ff68a0388ca8dd2aa831d0e01f0d7ce74401a58cef60e63e97a50c18de54121ce66380224ab7b9c0d4710f2347bad2c9b3e41cc738c1092728687f33e5cdb077223dc82c2137b4e3ba6791a2cd764e654f904c9505b7c5e3b2897072e747534952dcda50cde3e4deb6ebf85a04c3e415112b01eed6515c845a8a20519cd21787d560e9d8283fa8ff0c17b63ba06577c26678ff45420a1f85df47dbfc44e534f71aae5693fb5df61c5096219091ce0cd8e1e2e79bf9d37779e52007c66a00e6ded1499ed3892ed1544d1577906b52e16c734d4aec07dd15faa768c97298be87dd34ce704ffe3da8b46708cf972de4f31c0705ac933db80bdcfcb35c0d4620d4ec270ff7c9ce1b78994dd2b28b9d1c5c469d4c1a61781dce2f1b54d6138bd3f7df9e9ca613bec407c1b8d1bd0c7cb9d76eebf2f17c"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040)}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000780)="b9ff03076003008c9c18ed0f6fd2", 0x0, 0xfe6, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c0000005e00679a3601ffc4910700004f78d4c1a0731cccff"], 0x1c}}, 0x0)
recvmmsg$unix(r1, &(0x7f0000002380)=[{{0x0, 0x4000000, &(0x7f0000001340)=[{&(0x7f00000002c0)=""/4096, 0xecc}], 0x1}}], 0x8, 0x0, 0x0)

139.136154ms ago: executing program 0 (id=7094):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r0, &(0x7f0000002c00)=[{{0x0, 0x0, 0x0}, 0x200101}, {{0x0, 0x0, 0x0}, 0x2044}, {{0x0, 0x0, 0x0}, 0xffffffff}, {{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000800)=""/213, 0xd5}, {&(0x7f0000000900)=""/242, 0xf2}, {&(0x7f0000002e00)=""/4095, 0xfff}, {0x0}], 0x4}, 0x101}, {{0x0, 0x0, 0x0}, 0xd}, {{0x0, 0x0, 0x0}, 0x409}, {{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000540)=""/129, 0x81}, {&(0x7f0000001900)=""/229, 0xe5}, {&(0x7f0000001a00)=""/4109, 0x100d}, {&(0x7f0000006080)=""/4076, 0xfec}, {&(0x7f0000000240)=""/112, 0x70}], 0x5}, 0x3}, {{0x0, 0x0, 0x0}, 0xa}], 0x8, 0x40010020, 0x0)

123.889067ms ago: executing program 3 (id=7095):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18200000000900000000001c0000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)

45.562922ms ago: executing program 4 (id=7096):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=@newtaction={0x88, 0x30, 0xb, 0x0, 0x0, {}, [{0x74, 0x1, [@m_ct={0x70, 0x1, 0x0, 0x0, {{0x7}, {0x48, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x0, 0x0, 0x500}}, @TCA_CT_NAT_IPV6_MIN={0x14, 0xb, @private1}, @TCA_CT_NAT_PORT_MIN={0x6}, @TCA_CT_ACTION={0x6, 0x3, 0x19}, @TCA_CT_NAT_PORT_MAX={0x6}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x88}}, 0x0)

14.378006ms ago: executing program 5 (id=7097):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001700)=ANY=[@ANYBLOB="1800000024000103000000000000000001008c000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r0, &(0x7f00000003c0)=[{{0x0, 0x40000, &(0x7f0000000240)=[{&(0x7f0000002740)=""/4090, 0xffa}, {&(0x7f0000000300)=""/130, 0x82}], 0x2}}, {{0x0, 0x0, 0x0}, 0x5}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000680)=""/96, 0x60}, {&(0x7f0000000700)=""/104, 0x68}, {&(0x7f0000001740)=""/4080, 0xff0}, {&(0x7f0000004740)=""/4083, 0xff3}], 0x4}, 0x8}], 0x3, 0x2, 0x0)

0s ago: executing program 0 (id=7098):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="440000001100a7cc5a8100ae541d002007000000", @ANYRES32, @ANYBLOB="00000a00100000001c001a80080002802d00ff0408000200f4"], 0x44}}, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0e000000040000000800000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES8=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r4, r1, 0x25, 0x2, @void}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{r3, <r5=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000500)=r4}, 0x20)
syz_emit_ethernet(0x36, &(0x7f0000000440)=ANY=[], 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, 0x0, {0xe, 0x3}, {0x6}, {0x4, 0x10}}}, 0x24}}, 0x40004)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000380)={'vxcan1\x00', <r7=>0x0})
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x7, 0x0, 0xfffffffffffffffd, &(0x7f0000000200)='syzkaller\x00', 0x81, 0x0, &(0x7f0000000340), 0x41000, 0x28, '\x00', r7, @fallback=0x25, r8, 0x8, &(0x7f00000003c0)={0x7, 0x1}, 0x8, 0x10, &(0x7f0000000400)={0x3, 0x0, 0x4, 0xee}, 0x10, 0xffffffffffffffff, r4, 0x6, &(0x7f0000000440)=[r5, r2, r5, r5, r2], &(0x7f0000000480)=[{0x3, 0x1, 0x9, 0x1}, {0x2, 0x1, 0x1, 0x8}, {0x0, 0x3, 0x3, 0xa}, {0x3, 0x3, 0x5, 0x7}, {0x5, 0x2, 0x7, 0xc}, {0x3, 0x5, 0x9, 0xb}], 0x10, 0x4}, 0x94)
sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="340000003e000900000000000008000003000000040004001c000180180010"], 0x34}}, 0x84)

kernel console output (not intermixed with test programs):

ctp_bind_connect+0x7e/0x2e0
[  480.511091][T22952]  sctp_sendmsg+0x155c/0x2810
[  480.511140][T22952]  ? __pfx_sctp_sendmsg+0x10/0x10
[  480.511179][T22952]  ? aa_sk_perm+0x81e/0x950
[  480.511219][T22952]  ? __pfx_aa_sk_perm+0x10/0x10
[  480.511265][T22952]  ? sock_rps_record_flow+0x19/0x410
[  480.511297][T22952]  ? inet_sendmsg+0x2f4/0x370
[  480.511329][T22952]  __sock_sendmsg+0x19c/0x270
[  480.511363][T22952]  ____sys_sendmsg+0x52d/0x830
[  480.511392][T22952]  ? __pfx_____sys_sendmsg+0x10/0x10
[  480.511428][T22952]  ? import_iovec+0x74/0xa0
[  480.511458][T22952]  ___sys_sendmsg+0x21f/0x2a0
[  480.511485][T22952]  ? __pfx____sys_sendmsg+0x10/0x10
[  480.511552][T22952]  ? __fget_files+0x2a/0x420
[  480.511590][T22952]  ? __fget_files+0x3a0/0x420
[  480.511637][T22952]  __sys_sendmmsg+0x227/0x430
[  480.511668][T22952]  ? __pfx___sys_sendmmsg+0x10/0x10
[  480.511688][T22952]  ? __mutex_unlock_slowpath+0x1a1/0x760
[  480.511754][T22952]  ? ksys_write+0x22a/0x250
[  480.511798][T22952]  ? __pfx_ksys_write+0x10/0x10
[  480.511824][T22952]  ? rcu_is_watching+0x15/0xb0
[  480.511855][T22952]  __x64_sys_sendmmsg+0xa0/0xc0
[  480.511890][T22952]  do_syscall_64+0xfa/0x3b0
[  480.511942][T22952]  ? lockdep_hardirqs_on+0x9c/0x150
[  480.511970][T22952]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  480.512005][T22952]  ? clear_bhb_loop+0x60/0xb0
[  480.512030][T22952]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  480.512050][T22952] RIP: 0033:0x7f851ef8ebe9
[  480.512069][T22952] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  480.512086][T22952] RSP: 002b:00007f851fe25038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  480.512107][T22952] RAX: ffffffffffffffda RBX: 00007f851f1b5fa0 RCX: 00007f851ef8ebe9
[  480.512122][T22952] RDX: 0000000000000001 RSI: 0000200000000780 RDI: 0000000000000003
[  480.512135][T22952] RBP: 00007f851fe25090 R08: 0000000000000000 R09: 0000000000000000
[  480.512148][T22952] R10: 0000000020048041 R11: 0000000000000246 R12: 0000000000000002
[  480.512160][T22952] R13: 00007f851f1b6038 R14: 00007f851f1b5fa0 R15: 00007ffca0fab3c8
[  480.512195][T22952]  </TASK>
[  480.645870][T22951] netlink: 224 bytes leftover after parsing attributes in process `syz.0.6011'.
[  481.023941][T22957] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  481.069196][T22957] FAULT_INJECTION: forcing a failure.
[  481.069196][T22957] name failslab, interval 1, probability 0, space 0, times 0
[  481.122909][T22957] CPU: 1 UID: 0 PID: 22957 Comm: syz.1.6015 Not tainted syzkaller #0 PREEMPT(full) 
[  481.122940][T22957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  481.122955][T22957] Call Trace:
[  481.122963][T22957]  <TASK>
[  481.122973][T22957]  dump_stack_lvl+0x189/0x250
[  481.123005][T22957]  ? __pfx____ratelimit+0x10/0x10
[  481.123035][T22957]  ? __pfx_dump_stack_lvl+0x10/0x10
[  481.123060][T22957]  ? __pfx__printk+0x10/0x10
[  481.123093][T22957]  ? __pfx___might_resched+0x10/0x10
[  481.123114][T22957]  ? fs_reclaim_acquire+0x7d/0x100
[  481.123154][T22957]  should_fail_ex+0x414/0x560
[  481.123197][T22957]  should_failslab+0xa8/0x100
[  481.123229][T22957]  __kmalloc_node_noprof+0xd1/0x4e0
[  481.123256][T22957]  ? qdisc_alloc+0x97/0xaa0
[  481.123289][T22957]  qdisc_alloc+0x97/0xaa0
[  481.123328][T22957]  qdisc_create_dflt+0x8e/0x4e0
[  481.123360][T22957]  dev_activate+0x378/0x1150
[  481.123402][T22957]  __dev_open+0x69c/0x880
[  481.123436][T22957]  ? __pfx___dev_open+0x10/0x10
[  481.123481][T22957]  __dev_change_flags+0x1ea/0x6d0
[  481.123508][T22957]  ? __pfx___dev_change_flags+0x10/0x10
[  481.123529][T22957]  ? full_name_hash+0x92/0xe0
[  481.123556][T22957]  netif_change_flags+0x88/0x1a0
[  481.123582][T22957]  dev_change_flags+0x130/0x260
[  481.123635][T22957]  dev_ioctl+0x7b4/0x1150
[  481.123671][T22957]  sock_do_ioctl+0x22c/0x300
[  481.123701][T22957]  ? __pfx_sock_do_ioctl+0x10/0x10
[  481.123725][T22957]  ? __lock_acquire+0xab9/0xd20
[  481.123774][T22957]  sock_ioctl+0x576/0x790
[  481.123803][T22957]  ? __pfx_sock_ioctl+0x10/0x10
[  481.123830][T22957]  ? __fget_files+0x2a/0x420
[  481.123861][T22957]  ? __fget_files+0x3a0/0x420
[  481.123904][T22957]  ? __fget_files+0x2a/0x420
[  481.123938][T22957]  ? bpf_lsm_file_ioctl+0x9/0x20
[  481.123963][T22957]  ? __pfx_sock_ioctl+0x10/0x10
[  481.123988][T22957]  __se_sys_ioctl+0xfc/0x170
[  481.124016][T22957]  do_syscall_64+0xfa/0x3b0
[  481.124044][T22957]  ? lockdep_hardirqs_on+0x9c/0x150
[  481.124071][T22957]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  481.124091][T22957]  ? clear_bhb_loop+0x60/0xb0
[  481.124116][T22957]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  481.124136][T22957] RIP: 0033:0x7fa07798ebe9
[  481.124154][T22957] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  481.124172][T22957] RSP: 002b:00007fa07882e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  481.124193][T22957] RAX: ffffffffffffffda RBX: 00007fa077bb5fa0 RCX: 00007fa07798ebe9
[  481.124208][T22957] RDX: 0000200000002280 RSI: 0000000000008914 RDI: 0000000000000004
[  481.124221][T22957] RBP: 00007fa07882e090 R08: 0000000000000000 R09: 0000000000000000
[  481.124234][T22957] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  481.124246][T22957] R13: 00007fa077bb6038 R14: 00007fa077bb5fa0 R15: 00007ffe329fb438
[  481.124278][T22957]  </TASK>
[  481.124290][T22957] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  481.341143][T22969] FAULT_INJECTION: forcing a failure.
[  481.341143][T22969] name failslab, interval 1, probability 0, space 0, times 0
[  481.401623][T22957] syzkaller0: entered promiscuous mode
[  481.401650][T22957] syzkaller0: entered allmulticast mode
[  481.463751][T22969] CPU: 0 UID: 0 PID: 22969 Comm: syz.3.6020 Not tainted syzkaller #0 PREEMPT(full) 
[  481.463780][T22969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  481.463792][T22969] Call Trace:
[  481.463801][T22969]  <TASK>
[  481.463810][T22969]  dump_stack_lvl+0x189/0x250
[  481.463839][T22969]  ? __pfx____ratelimit+0x10/0x10
[  481.463869][T22969]  ? __pfx_dump_stack_lvl+0x10/0x10
[  481.463894][T22969]  ? __pfx__printk+0x10/0x10
[  481.463925][T22969]  ? __lock_acquire+0xab9/0xd20
[  481.463965][T22969]  should_fail_ex+0x414/0x560
[  481.464000][T22969]  should_failslab+0xa8/0x100
[  481.464034][T22969]  kmem_cache_alloc_noprof+0x73/0x3c0
[  481.464063][T22969]  ? skb_clone+0x212/0x3a0
[  481.464089][T22969]  skb_clone+0x212/0x3a0
[  481.464115][T22969]  __netlink_deliver_tap+0x404/0x850
[  481.464159][T22969]  ? netlink_deliver_tap+0x2e/0x1b0
[  481.464190][T22969]  netlink_deliver_tap+0x19c/0x1b0
[  481.464228][T22969]  netlink_unicast+0x7fa/0x9e0
[  481.464264][T22969]  ? __pfx_netlink_unicast+0x10/0x10
[  481.464293][T22969]  ? netlink_sendmsg+0x642/0xb30
[  481.464320][T22969]  ? skb_put+0x11b/0x210
[  481.464355][T22969]  netlink_sendmsg+0x805/0xb30
[  481.464394][T22969]  ? __pfx_netlink_sendmsg+0x10/0x10
[  481.464427][T22969]  ? aa_sock_msg_perm+0xf1/0x1d0
[  481.464462][T22969]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  481.464484][T22969]  ? __pfx_netlink_sendmsg+0x10/0x10
[  481.464515][T22969]  __sock_sendmsg+0x219/0x270
[  481.464545][T22969]  ____sys_sendmsg+0x505/0x830
[  481.464576][T22969]  ? __pfx_____sys_sendmsg+0x10/0x10
[  481.464608][T22969]  ? import_iovec+0x74/0xa0
[  481.464635][T22969]  ___sys_sendmsg+0x21f/0x2a0
[  481.464658][T22969]  ? __pfx____sys_sendmsg+0x10/0x10
[  481.464719][T22969]  ? __fget_files+0x2a/0x420
[  481.464749][T22969]  ? __fget_files+0x3a0/0x420
[  481.464792][T22969]  __x64_sys_sendmsg+0x19b/0x260
[  481.464816][T22969]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  481.464849][T22969]  ? __pfx_ksys_write+0x10/0x10
[  481.464873][T22969]  ? rcu_is_watching+0x15/0xb0
[  481.464898][T22969]  ? do_syscall_64+0xbe/0x3b0
[  481.464932][T22969]  do_syscall_64+0xfa/0x3b0
[  481.464959][T22969]  ? lockdep_hardirqs_on+0x9c/0x150
[  481.464986][T22969]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  481.465006][T22969]  ? clear_bhb_loop+0x60/0xb0
[  481.465031][T22969]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  481.465051][T22969] RIP: 0033:0x7f026278ebe9
[  481.465069][T22969] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  481.465087][T22969] RSP: 002b:00007f02635ed038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  481.465108][T22969] RAX: ffffffffffffffda RBX: 00007f02629b5fa0 RCX: 00007f026278ebe9
[  481.465124][T22969] RDX: 0000000000000854 RSI: 0000200000000080 RDI: 0000000000000003
[  481.465136][T22969] RBP: 00007f02635ed090 R08: 0000000000000000 R09: 0000000000000000
[  481.465149][T22969] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  481.465161][T22969] R13: 00007f02629b6038 R14: 00007f02629b5fa0 R15: 00007fffa8ddf138
[  481.465201][T22969]  </TASK>
[  481.465740][T22956] tipc: Resetting bearer <eth:syzkaller0>
[  481.846156][T22956] tipc: Disabling bearer <eth:syzkaller0>
[  482.060903][T22984] veth47: entered allmulticast mode
[  482.066809][T22988] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6024'.
[  482.127584][T22988] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6024'.
[  482.475987][T23012] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  482.501197][T23012] syzkaller0: entered promiscuous mode
[  482.506710][T23012] syzkaller0: entered allmulticast mode
[  482.557165][T23017] FAULT_INJECTION: forcing a failure.
[  482.557165][T23017] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  482.571111][T23017] CPU: 1 UID: 0 PID: 23017 Comm: syz.3.6036 Not tainted syzkaller #0 PREEMPT(full) 
[  482.571139][T23017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  482.571153][T23017] Call Trace:
[  482.571161][T23017]  <TASK>
[  482.571170][T23017]  dump_stack_lvl+0x189/0x250
[  482.571200][T23017]  ? __pfx____ratelimit+0x10/0x10
[  482.571228][T23017]  ? __pfx_dump_stack_lvl+0x10/0x10
[  482.571253][T23017]  ? __pfx__printk+0x10/0x10
[  482.571281][T23017]  ? __might_fault+0xb0/0x130
[  482.571330][T23017]  should_fail_ex+0x414/0x560
[  482.571362][T23017]  _copy_from_user+0x2d/0xb0
[  482.571387][T23017]  ___sys_sendmsg+0x158/0x2a0
[  482.571412][T23017]  ? __pfx____sys_sendmsg+0x10/0x10
[  482.571470][T23017]  ? __fget_files+0x2a/0x420
[  482.571500][T23017]  ? __fget_files+0x3a0/0x420
[  482.571541][T23017]  __x64_sys_sendmsg+0x19b/0x260
[  482.571565][T23017]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  482.571596][T23017]  ? __pfx_ksys_write+0x10/0x10
[  482.571621][T23017]  ? rcu_is_watching+0x15/0xb0
[  482.571647][T23017]  ? do_syscall_64+0xbe/0x3b0
[  482.571680][T23017]  do_syscall_64+0xfa/0x3b0
[  482.571707][T23017]  ? lockdep_hardirqs_on+0x9c/0x150
[  482.571733][T23017]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  482.571755][T23017]  ? clear_bhb_loop+0x60/0xb0
[  482.571780][T23017]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  482.571799][T23017] RIP: 0033:0x7f026278ebe9
[  482.571818][T23017] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  482.571835][T23017] RSP: 002b:00007f02635ed038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  482.571856][T23017] RAX: ffffffffffffffda RBX: 00007f02629b5fa0 RCX: 00007f026278ebe9
[  482.571871][T23017] RDX: 0000000004000004 RSI: 0000200000000080 RDI: 0000000000000003
[  482.571884][T23017] RBP: 00007f02635ed090 R08: 0000000000000000 R09: 0000000000000000
[  482.571896][T23017] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  482.571908][T23017] R13: 00007f02629b6038 R14: 00007f02629b5fa0 R15: 00007fffa8ddf138
[  482.571940][T23017]  </TASK>
[  482.832199][T23011] tipc: Resetting bearer <eth:syzkaller0>
[  482.925915][T23011] tipc: Disabling bearer <eth:syzkaller0>
[  483.086239][T23029] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.6043'.
[  483.096240][T23029] netlink: zone id is out of range
[  483.101547][T23029] netlink: zone id is out of range
[  483.107124][T23029] netlink: zone id is out of range
[  483.115743][T23029] netlink: zone id is out of range
[  483.121102][T23029] netlink: zone id is out of range
[  483.126232][T23029] netlink: zone id is out of range
[  483.140698][T23029] netlink: zone id is out of range
[  483.157905][T23029] netlink: zone id is out of range
[  483.165130][T23029] netlink: zone id is out of range
[  483.181139][T23029] netlink: zone id is out of range
[  483.217833][T23039] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6045'.
[  483.576150][T23060] FAULT_INJECTION: forcing a failure.
[  483.576150][T23060] name failslab, interval 1, probability 0, space 0, times 0
[  483.612575][T23060] CPU: 1 UID: 0 PID: 23060 Comm: syz.5.6051 Not tainted syzkaller #0 PREEMPT(full) 
[  483.612604][T23060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  483.612616][T23060] Call Trace:
[  483.612625][T23060]  <TASK>
[  483.612634][T23060]  dump_stack_lvl+0x189/0x250
[  483.612661][T23060]  ? __pfx____ratelimit+0x10/0x10
[  483.612689][T23060]  ? __pfx_dump_stack_lvl+0x10/0x10
[  483.612711][T23060]  ? __pfx__printk+0x10/0x10
[  483.612743][T23060]  ? __pfx___might_resched+0x10/0x10
[  483.612766][T23060]  should_fail_ex+0x414/0x560
[  483.612796][T23060]  should_failslab+0xa8/0x100
[  483.612825][T23060]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  483.612852][T23060]  ? __alloc_skb+0x112/0x2d0
[  483.612885][T23060]  __alloc_skb+0x112/0x2d0
[  483.612916][T23060]  netlink_sendmsg+0x5c6/0xb30
[  483.612954][T23060]  ? __pfx_netlink_sendmsg+0x10/0x10
[  483.612985][T23060]  ? aa_sock_msg_perm+0xf1/0x1d0
[  483.613017][T23060]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  483.613038][T23060]  ? __pfx_netlink_sendmsg+0x10/0x10
[  483.613067][T23060]  __sock_sendmsg+0x219/0x270
[  483.613095][T23060]  ____sys_sendmsg+0x505/0x830
[  483.613119][T23060]  ? __pfx_____sys_sendmsg+0x10/0x10
[  483.613148][T23060]  ? import_iovec+0x74/0xa0
[  483.613173][T23060]  ___sys_sendmsg+0x21f/0x2a0
[  483.613195][T23060]  ? __pfx____sys_sendmsg+0x10/0x10
[  483.613255][T23060]  ? __fget_files+0x2a/0x420
[  483.613283][T23060]  ? __fget_files+0x3a0/0x420
[  483.613322][T23060]  __x64_sys_sendmsg+0x19b/0x260
[  483.613344][T23060]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  483.613373][T23060]  ? __pfx_ksys_write+0x10/0x10
[  483.613396][T23060]  ? rcu_is_watching+0x15/0xb0
[  483.613420][T23060]  ? do_syscall_64+0xbe/0x3b0
[  483.613452][T23060]  do_syscall_64+0xfa/0x3b0
[  483.613477][T23060]  ? lockdep_hardirqs_on+0x9c/0x150
[  483.613503][T23060]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  483.613521][T23060]  ? clear_bhb_loop+0x60/0xb0
[  483.613544][T23060]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  483.613563][T23060] RIP: 0033:0x7f851ef8ebe9
[  483.613585][T23060] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  483.613601][T23060] RSP: 002b:00007f851fe25038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  483.613621][T23060] RAX: ffffffffffffffda RBX: 00007f851f1b5fa0 RCX: 00007f851ef8ebe9
[  483.613635][T23060] RDX: 0000000004000004 RSI: 0000200000000080 RDI: 0000000000000003
[  483.613648][T23060] RBP: 00007f851fe25090 R08: 0000000000000000 R09: 0000000000000000
[  483.613660][T23060] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  483.613671][T23060] R13: 00007f851f1b6038 R14: 00007f851f1b5fa0 R15: 00007ffca0fab3c8
[  483.613702][T23060]  </TASK>
[  484.181104][T23071] veth37: entered allmulticast mode
[  484.325408][T23081] FAULT_INJECTION: forcing a failure.
[  484.325408][T23081] name failslab, interval 1, probability 0, space 0, times 0
[  484.341754][T23081] CPU: 0 UID: 0 PID: 23081 Comm: syz.5.6059 Not tainted syzkaller #0 PREEMPT(full) 
[  484.341784][T23081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  484.341799][T23081] Call Trace:
[  484.341808][T23081]  <TASK>
[  484.341818][T23081]  dump_stack_lvl+0x189/0x250
[  484.341850][T23081]  ? __pfx____ratelimit+0x10/0x10
[  484.341895][T23081]  ? __pfx_dump_stack_lvl+0x10/0x10
[  484.341929][T23081]  ? __pfx__printk+0x10/0x10
[  484.341974][T23081]  ? __pfx___might_resched+0x10/0x10
[  484.341993][T23081]  ? fs_reclaim_acquire+0x7d/0x100
[  484.342038][T23081]  should_fail_ex+0x414/0x560
[  484.342068][T23081]  should_failslab+0xa8/0x100
[  484.342096][T23081]  __kmalloc_noprof+0xcb/0x4f0
[  484.342120][T23081]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  484.342149][T23081]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  484.342179][T23081]  genl_family_rcv_msg_doit+0xb8/0x300
[  484.342207][T23081]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  484.342237][T23081]  ? apparmor_capable+0x137/0x1b0
[  484.342262][T23081]  ? bpf_lsm_capable+0x9/0x20
[  484.342287][T23081]  ? security_capable+0x7e/0x2e0
[  484.342321][T23081]  genl_rcv_msg+0x60e/0x790
[  484.342347][T23081]  ? __pfx_genl_rcv_msg+0x10/0x10
[  484.342367][T23081]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  484.342385][T23081]  ? __pfx_nl80211_trigger_scan+0x10/0x10
[  484.342408][T23081]  ? __pfx_nl80211_post_doit+0x10/0x10
[  484.342429][T23081]  ? __asan_memcpy+0x40/0x70
[  484.342451][T23081]  ? __pfx_ref_tracker_free+0x10/0x10
[  484.342485][T23081]  netlink_rcv_skb+0x205/0x470
[  484.342510][T23081]  ? __lock_acquire+0xab9/0xd20
[  484.342537][T23081]  ? __pfx_genl_rcv_msg+0x10/0x10
[  484.342563][T23081]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  484.342608][T23081]  ? down_read+0x1ad/0x2e0
[  484.342639][T23081]  genl_rcv+0x28/0x40
[  484.342658][T23081]  netlink_unicast+0x82c/0x9e0
[  484.342690][T23081]  ? __pfx_netlink_unicast+0x10/0x10
[  484.342734][T23081]  ? netlink_sendmsg+0x642/0xb30
[  484.342761][T23081]  ? skb_put+0x11b/0x210
[  484.342795][T23081]  netlink_sendmsg+0x805/0xb30
[  484.342834][T23081]  ? __pfx_netlink_sendmsg+0x10/0x10
[  484.342867][T23081]  ? aa_sock_msg_perm+0xf1/0x1d0
[  484.342900][T23081]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  484.342954][T23081]  ? __pfx_netlink_sendmsg+0x10/0x10
[  484.342983][T23081]  __sock_sendmsg+0x219/0x270
[  484.343011][T23081]  ____sys_sendmsg+0x505/0x830
[  484.343037][T23081]  ? __pfx_____sys_sendmsg+0x10/0x10
[  484.343066][T23081]  ? import_iovec+0x74/0xa0
[  484.343092][T23081]  ___sys_sendmsg+0x21f/0x2a0
[  484.343114][T23081]  ? __pfx____sys_sendmsg+0x10/0x10
[  484.343171][T23081]  ? __fget_files+0x2a/0x420
[  484.343199][T23081]  ? __fget_files+0x3a0/0x420
[  484.343238][T23081]  __x64_sys_sendmsg+0x19b/0x260
[  484.343262][T23081]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  484.343291][T23081]  ? __pfx_ksys_write+0x10/0x10
[  484.343313][T23081]  ? rcu_is_watching+0x15/0xb0
[  484.343338][T23081]  ? do_syscall_64+0xbe/0x3b0
[  484.343370][T23081]  do_syscall_64+0xfa/0x3b0
[  484.343396][T23081]  ? lockdep_hardirqs_on+0x9c/0x150
[  484.343421][T23081]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  484.343439][T23081]  ? clear_bhb_loop+0x60/0xb0
[  484.343463][T23081]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  484.343481][T23081] RIP: 0033:0x7f851ef8ebe9
[  484.343500][T23081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  484.343516][T23081] RSP: 002b:00007f851fe25038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  484.343536][T23081] RAX: ffffffffffffffda RBX: 00007f851f1b5fa0 RCX: 00007f851ef8ebe9
[  484.343551][T23081] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000005
[  484.343563][T23081] RBP: 00007f851fe25090 R08: 0000000000000000 R09: 0000000000000000
[  484.343575][T23081] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  484.343587][T23081] R13: 00007f851f1b6038 R14: 00007f851f1b5fa0 R15: 00007ffca0fab3c8
[  484.343618][T23081]  </TASK>
[  484.868129][T23091] netlink: 'syz.5.6063': attribute type 10 has an invalid length.
[  484.896126][T23091] team0: Device veth1_macvtap failed to register rx_handler
[  485.184040][T23105] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6070'.
[  485.196571][T23105] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6070'.
[  485.469985][T23125] netlink: 'syz.3.6075': attribute type 1 has an invalid length.
[  485.634791][T23125] 8021q: adding VLAN 0 to HW filter on device bond10
[  485.816854][T23132] bond10: (slave wlan0): Enslaving as an active interface with a down link
[  485.882450][T23137] vlan1: entered allmulticast mode
[  485.888575][T23137] bond10: (slave vlan1): Opening slave failed
[  485.927254][T23144] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6082'.
[  486.835657][T23185] netlink: 'syz.0.6092': attribute type 10 has an invalid length.
[  486.868070][T23185] team0: Device veth1_macvtap failed to register rx_handler
[  487.039019][T23194] dvmrp0: left allmulticast mode
[  487.225167][T23192] nbd: socks must be embedded in a SOCK_ITEM attr
[  487.439483][T23208] netlink: 164 bytes leftover after parsing attributes in process `syz.3.6101'.
[  487.509793][T23212] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  487.527386][T23212] syzkaller0: entered promiscuous mode
[  487.549516][T23212] syzkaller0: entered allmulticast mode
[  487.601624][T23211] tipc: Resetting bearer <eth:syzkaller0>
[  487.644883][T23211] tipc: Disabling bearer <eth:syzkaller0>
[  488.132341][T23236] netlink: 16 bytes leftover after parsing attributes in process `syz.3.6113'.
[  488.305206][T23246] netem: change failed
[  488.574824][T23254] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  488.584858][T23258] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6121'.
[  488.641235][T23258] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6121'.
[  489.163620][T23283] 0: renamed from dummy0
[  489.360837][T23303] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6132'.
[  489.369113][T23308] netlink: 'syz.1.6134': attribute type 10 has an invalid length.
[  489.393303][T23303] netlink: 224 bytes leftover after parsing attributes in process `syz.3.6132'.
[  489.413471][T23308] team0: Device veth1_macvtap failed to register rx_handler
[  489.439396][T23303] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6132'.
[  489.565728][T23313] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  489.730650][T23326] netlink: 'syz.5.6140': attribute type 1 has an invalid length.
[  489.816895][T23326] 8021q: adding VLAN 0 to HW filter on device bond18
[  489.859139][T23332] 8021q: adding VLAN 0 to HW filter on device bond18
[  489.867411][T23332] bond18: (slave vxcan9): The slave device specified does not support setting the MAC address
[  489.879910][T23332] bond18: (slave vxcan9): Error -95 calling set_mac_address
[  489.981713][T23332] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6140'.
[  490.014031][T23326] veth39: entered promiscuous mode
[  490.033184][T23332] 8021q: adding VLAN 0 to HW filter on device bond18
[  490.151215][T23348] netlink: 16 bytes leftover after parsing attributes in process `syz.0.6146'.
[  490.207794][T23322] infiniband syz!: set down
[  490.229340][T23322] infiniband syz!: added team_slave_0
[  490.287829][T23355] netlink: 68 bytes leftover after parsing attributes in process `syz.5.6149'.
[  490.315006][T23322] RDS/IB: syz!: added
[  490.331857][T23322] smc: adding ib device syz! with port count 1
[  490.338210][T23322] smc:    ib device syz! port 1 has pnetid 
[  490.375287][T23355] block nbd5: NBD_DISCONNECT
[  490.381774][T23355] block nbd5: Send disconnect failed -32
[  490.402024][T23358] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  490.556004][T23360] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  490.815350][T23370] net_ratelimit: 12 callbacks suppressed
[  490.815371][T23370] netlink: zone id is out of range
[  490.843861][T23370] netlink: zone id is out of range
[  490.864775][T23370] netlink: zone id is out of range
[  490.876106][T23374] netlink: del zone limit has 4 unknown bytes
[  490.890216][T23370] netlink: zone id is out of range
[  490.908470][T23370] netlink: zone id is out of range
[  490.925914][T23370] netlink: get zone limit has 8 unknown bytes
[  491.284539][T23397] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  491.294019][T23392] syzkaller0: entered promiscuous mode
[  491.299777][T23392] syzkaller0: entered allmulticast mode
[  491.339946][T23392] tipc: Resetting bearer <eth:syzkaller0>
[  491.380005][T23391] tipc: Resetting bearer <eth:syzkaller0>
[  491.441083][T23391] tipc: Disabling bearer <eth:syzkaller0>
[  491.926857][T23419] netlink: zone id is out of range
[  491.946147][T23419] netlink: zone id is out of range
[  491.959541][T23419] netlink: zone id is out of range
[  492.276300][T23434] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  492.315125][T23434] syzkaller0: entered promiscuous mode
[  492.333364][T23434] syzkaller0: entered allmulticast mode
[  492.365142][T23434] tipc: Resetting bearer <eth:syzkaller0>
[  492.385732][T23432] tipc: Resetting bearer <eth:syzkaller0>
[  492.417645][T23432] tipc: Disabling bearer <eth:syzkaller0>
[  492.771076][T23453] netlink: 'syz.3.6183': attribute type 1 has an invalid length.
[  492.912096][T23453] 8021q: adding VLAN 0 to HW filter on device bond11
[  493.034659][T23455] 8021q: adding VLAN 0 to HW filter on device bond11
[  493.049612][T23455] bond11: (slave vxcan1): The slave device specified does not support setting the MAC address
[  493.067437][T23453] __nla_validate_parse: 3 callbacks suppressed
[  493.067459][T23453] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6183'.
[  493.071551][T23455] bond11: (slave vxcan1): Error -95 calling set_mac_address
[  493.191910][T23456] veth33: entered promiscuous mode
[  493.200927][T23453] 8021q: adding VLAN 0 to HW filter on device bond11
[  493.308502][T23471] FAULT_INJECTION: forcing a failure.
[  493.308502][T23471] name failslab, interval 1, probability 0, space 0, times 0
[  493.328262][T23472] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6186'.
[  493.352616][T23471] CPU: 0 UID: 0 PID: 23471 Comm: syz.3.6188 Not tainted syzkaller #0 PREEMPT(full) 
[  493.352643][T23471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  493.352655][T23471] Call Trace:
[  493.352662][T23471]  <TASK>
[  493.352671][T23471]  dump_stack_lvl+0x189/0x250
[  493.352707][T23471]  ? __pfx____ratelimit+0x10/0x10
[  493.352734][T23471]  ? __pfx_dump_stack_lvl+0x10/0x10
[  493.352757][T23471]  ? __pfx__printk+0x10/0x10
[  493.352798][T23471]  should_fail_ex+0x414/0x560
[  493.352829][T23471]  should_failslab+0xa8/0x100
[  493.352859][T23471]  __kmalloc_cache_noprof+0x70/0x3d0
[  493.352885][T23471]  ? sctp_add_bind_addr+0x8c/0x370
[  493.352914][T23471]  sctp_add_bind_addr+0x8c/0x370
[  493.352943][T23471]  sctp_copy_local_addr_list+0x30b/0x4e0
[  493.352971][T23471]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[  493.352996][T23471]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  493.353022][T23471]  ? sctp_v6_is_any+0x64/0x80
[  493.353051][T23471]  ? sctp_copy_one_addr+0x93/0x360
[  493.353079][T23471]  sctp_bind_addr_copy+0xb3/0x3c0
[  493.353105][T23471]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  493.353131][T23471]  sctp_connect_new_asoc+0x2e0/0x690
[  493.353164][T23471]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  493.353190][T23471]  ? __local_bh_enable_ip+0x12d/0x1c0
[  493.353218][T23471]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  493.353241][T23471]  ? security_sctp_bind_connect+0x7e/0x2e0
[  493.353269][T23471]  sctp_sendmsg+0x155c/0x2810
[  493.353309][T23471]  ? __pfx_sctp_sendmsg+0x10/0x10
[  493.353347][T23471]  ? aa_sk_perm+0x81e/0x950
[  493.353379][T23471]  ? __pfx_aa_sk_perm+0x10/0x10
[  493.353410][T23471]  ? sock_rps_record_flow+0x19/0x410
[  493.353437][T23471]  ? inet_sendmsg+0x2f4/0x370
[  493.353463][T23471]  __sock_sendmsg+0x19c/0x270
[  493.353491][T23471]  ____sys_sendmsg+0x52d/0x830
[  493.353516][T23471]  ? __pfx_____sys_sendmsg+0x10/0x10
[  493.353545][T23471]  ? import_iovec+0x74/0xa0
[  493.353572][T23471]  ___sys_sendmsg+0x21f/0x2a0
[  493.353598][T23471]  ? __pfx____sys_sendmsg+0x10/0x10
[  493.353657][T23471]  ? __fget_files+0x2a/0x420
[  493.353685][T23471]  ? __fget_files+0x3a0/0x420
[  493.353725][T23471]  __sys_sendmmsg+0x227/0x430
[  493.353751][T23471]  ? __pfx___sys_sendmmsg+0x10/0x10
[  493.353768][T23471]  ? __mutex_unlock_slowpath+0x1a1/0x760
[  493.353823][T23471]  ? ksys_write+0x22a/0x250
[  493.353851][T23471]  ? __pfx_ksys_write+0x10/0x10
[  493.353874][T23471]  ? rcu_is_watching+0x15/0xb0
[  493.353901][T23471]  __x64_sys_sendmmsg+0xa0/0xc0
[  493.353922][T23471]  do_syscall_64+0xfa/0x3b0
[  493.353948][T23471]  ? lockdep_hardirqs_on+0x9c/0x150
[  493.353973][T23471]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  493.353992][T23471]  ? clear_bhb_loop+0x60/0xb0
[  493.354016][T23471]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  493.354035][T23471] RIP: 0033:0x7f026278ebe9
[  493.354052][T23471] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  493.354069][T23471] RSP: 002b:00007f02635ed038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  493.354089][T23471] RAX: ffffffffffffffda RBX: 00007f02629b5fa0 RCX: 00007f026278ebe9
[  493.354103][T23471] RDX: 0000000000000001 RSI: 0000200000000780 RDI: 0000000000000003
[  493.354115][T23471] RBP: 00007f02635ed090 R08: 0000000000000000 R09: 0000000000000000
[  493.354127][T23471] R10: 0000000020048041 R11: 0000000000000246 R12: 0000000000000002
[  493.354138][T23471] R13: 00007f02629b6038 R14: 00007f02629b5fa0 R15: 00007fffa8ddf138
[  493.354170][T23471]  </TASK>
[  493.722819][ T5870] Bluetooth: hci1: command 0x0406 tx timeout
[  493.879974][T23481] netlink: 16 bytes leftover after parsing attributes in process `syz.0.6192'.
[  493.965020][T23478] veth41: entered allmulticast mode
[  493.975679][T23488] netlink: 88 bytes leftover after parsing attributes in process `syz.0.6195'.
[  494.087817][T23494] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.6197'.
[  494.375452][T23515] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  494.390577][T23515] syzkaller0: entered promiscuous mode
[  494.396856][T23515] syzkaller0: entered allmulticast mode
[  494.452764][T23512] tipc: Resetting bearer <eth:syzkaller0>
[  494.480738][T23520] netlink: 'syz.3.6207': attribute type 1 has an invalid length.
[  494.503140][T23512] tipc: Disabling bearer <eth:syzkaller0>
[  494.581457][T23520] 8021q: adding VLAN 0 to HW filter on device bond12
[  494.617688][T23520] netlink: 28 bytes leftover after parsing attributes in process `syz.3.6207'.
[  494.684493][T23524] 8021q: adding VLAN 0 to HW filter on device bond12
[  494.692140][T23524] bond12: (slave vxcan1): The slave device specified does not support setting the MAC address
[  494.709857][T23524] bond12: (slave vxcan1): Error -95 calling set_mac_address
[  494.775437][T23520] 8021q: adding VLAN 0 to HW filter on device bond12
[  494.813171][T23536] netlink: 88 bytes leftover after parsing attributes in process `syz.4.6210'.
[  495.037613][   T55] block nbd0: Possible stuck request ffff88802532e000: control (read@0,1024B). Runtime 270 seconds
[  495.048668][   T55] block nbd0: Possible stuck request ffff88802532e1c0: control (read@1024,1024B). Runtime 270 seconds
[  495.060045][   T55] block nbd0: Possible stuck request ffff88802532e380: control (read@2048,1024B). Runtime 270 seconds
[  495.071130][   T55] block nbd0: Possible stuck request ffff88802532e540: control (read@3072,1024B). Runtime 270 seconds
[  495.327616][T23572] netlink: 20 bytes leftover after parsing attributes in process `syz.0.6226'.
[  495.544293][T23586] netlink: 60 bytes leftover after parsing attributes in process `syz.0.6230'.
[  495.553925][T23589] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6229'.
[  496.506378][T23644] net_ratelimit: 11 callbacks suppressed
[  496.506403][T23644] netlink: zone id is out of range
[  496.528713][T23644] netlink: del zone limit has 4 unknown bytes
[  496.903781][T23672] FAULT_INJECTION: forcing a failure.
[  496.903781][T23672] name failslab, interval 1, probability 0, space 0, times 0
[  496.917343][T23672] CPU: 1 UID: 0 PID: 23672 Comm: syz.1.6256 Not tainted syzkaller #0 PREEMPT(full) 
[  496.917372][T23672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  496.917387][T23672] Call Trace:
[  496.917397][T23672]  <TASK>
[  496.917407][T23672]  dump_stack_lvl+0x189/0x250
[  496.917441][T23672]  ? __pfx____ratelimit+0x10/0x10
[  496.917471][T23672]  ? __pfx_dump_stack_lvl+0x10/0x10
[  496.917499][T23672]  ? __pfx__printk+0x10/0x10
[  496.917555][T23672]  should_fail_ex+0x414/0x560
[  496.917585][T23672]  should_failslab+0xa8/0x100
[  496.917613][T23672]  __kmalloc_cache_noprof+0x70/0x3d0
[  496.917638][T23672]  ? sctp_add_bind_addr+0x8c/0x370
[  496.917667][T23672]  sctp_add_bind_addr+0x8c/0x370
[  496.917694][T23672]  sctp_copy_local_addr_list+0x30b/0x4e0
[  496.917723][T23672]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[  496.917754][T23672]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  496.917780][T23672]  ? sctp_v6_is_any+0x64/0x80
[  496.917806][T23672]  ? sctp_copy_one_addr+0x93/0x360
[  496.917833][T23672]  sctp_bind_addr_copy+0xb3/0x3c0
[  496.917859][T23672]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  496.917884][T23672]  sctp_connect_new_asoc+0x2e0/0x690
[  496.917917][T23672]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  496.917945][T23672]  ? __local_bh_enable_ip+0x12d/0x1c0
[  496.917972][T23672]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  496.917994][T23672]  ? security_sctp_bind_connect+0x7e/0x2e0
[  496.918024][T23672]  sctp_sendmsg+0x155c/0x2810
[  496.918065][T23672]  ? __pfx_sctp_sendmsg+0x10/0x10
[  496.918097][T23672]  ? aa_sk_perm+0x81e/0x950
[  496.918130][T23672]  ? __pfx_aa_sk_perm+0x10/0x10
[  496.918159][T23672]  ? sock_rps_record_flow+0x19/0x410
[  496.918184][T23672]  ? inet_sendmsg+0x2f4/0x370
[  496.918210][T23672]  __sock_sendmsg+0x19c/0x270
[  496.918237][T23672]  ____sys_sendmsg+0x52d/0x830
[  496.918263][T23672]  ? __pfx_____sys_sendmsg+0x10/0x10
[  496.918296][T23672]  ? import_iovec+0x74/0xa0
[  496.918322][T23672]  ___sys_sendmsg+0x21f/0x2a0
[  496.918344][T23672]  ? __pfx____sys_sendmsg+0x10/0x10
[  496.918401][T23672]  ? __fget_files+0x2a/0x420
[  496.918430][T23672]  ? __fget_files+0x3a0/0x420
[  496.918468][T23672]  __sys_sendmmsg+0x227/0x430
[  496.918494][T23672]  ? __pfx___sys_sendmmsg+0x10/0x10
[  496.918511][T23672]  ? __mutex_unlock_slowpath+0x1a1/0x760
[  496.918567][T23672]  ? ksys_write+0x22a/0x250
[  496.918595][T23672]  ? __pfx_ksys_write+0x10/0x10
[  496.918617][T23672]  ? rcu_is_watching+0x15/0xb0
[  496.918643][T23672]  __x64_sys_sendmmsg+0xa0/0xc0
[  496.918665][T23672]  do_syscall_64+0xfa/0x3b0
[  496.918691][T23672]  ? lockdep_hardirqs_on+0x9c/0x150
[  496.918715][T23672]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  496.918734][T23672]  ? clear_bhb_loop+0x60/0xb0
[  496.918765][T23672]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  496.918784][T23672] RIP: 0033:0x7fa07798ebe9
[  496.918802][T23672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  496.918819][T23672] RSP: 002b:00007fa07882e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  496.918840][T23672] RAX: ffffffffffffffda RBX: 00007fa077bb5fa0 RCX: 00007fa07798ebe9
[  496.918855][T23672] RDX: 0000000000000001 RSI: 0000200000000780 RDI: 0000000000000003
[  496.918867][T23672] RBP: 00007fa07882e090 R08: 0000000000000000 R09: 0000000000000000
[  496.918879][T23672] R10: 0000000020048041 R11: 0000000000000246 R12: 0000000000000002
[  496.918891][T23672] R13: 00007fa077bb6038 R14: 00007fa077bb5fa0 R15: 00007ffe329fb438
[  496.918922][T23672]  </TASK>
[  496.980340][   T55] block nbd1: Possible stuck request ffff888025407000: control (read@0,1024B). Runtime 270 seconds
[  497.273780][   T55] block nbd1: Possible stuck request ffff8880254071c0: control (read@1024,1024B). Runtime 270 seconds
[  497.284832][   T55] block nbd1: Possible stuck request ffff888025407380: control (read@2048,1024B). Runtime 270 seconds
[  497.300347][   T55] block nbd1: Possible stuck request ffff888025407540: control (read@3072,1024B). Runtime 270 seconds
[  497.716533][T23699] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  497.750995][T23699] sch_tbf: burst 127 is lower than device syzkaller0 mtu (313) !
[  498.705163][T23739] __nla_validate_parse: 5 callbacks suppressed
[  498.705181][T23739] netlink: 88 bytes leftover after parsing attributes in process `syz.1.6280'.
[  498.943480][T23746] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6282'.
[  499.061148][T23752] netlink: 'syz.5.6284': attribute type 1 has an invalid length.
[  499.081462][T23752] netlink: 228 bytes leftover after parsing attributes in process `syz.5.6284'.
[  499.086933][T23746] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6282'.
[  499.120019][T23752] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6284'.
[  499.470448][T23771] netlink: 88 bytes leftover after parsing attributes in process `syz.4.6291'.
[  499.726560][T23782] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  499.746069][T23784] netlink: 'syz.5.6298': attribute type 4 has an invalid length.
[  499.894692][T23793] netlink: 'syz.5.6300': attribute type 10 has an invalid length.
[  500.014370][T23799] netlink: 'syz.5.6304': attribute type 10 has an invalid length.
[  500.023651][T23799] team0: Device veth1_macvtap failed to register rx_handler
[  500.235956][T23810] FAULT_INJECTION: forcing a failure.
[  500.235956][T23810] name failslab, interval 1, probability 0, space 0, times 0
[  500.269536][T23810] CPU: 0 UID: 0 PID: 23810 Comm: syz.5.6308 Not tainted syzkaller #0 PREEMPT(full) 
[  500.269566][T23810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  500.269579][T23810] Call Trace:
[  500.269588][T23810]  <TASK>
[  500.269597][T23810]  dump_stack_lvl+0x189/0x250
[  500.269627][T23810]  ? __pfx____ratelimit+0x10/0x10
[  500.269655][T23810]  ? __pfx_dump_stack_lvl+0x10/0x10
[  500.269680][T23810]  ? __pfx__printk+0x10/0x10
[  500.269732][T23810]  should_fail_ex+0x414/0x560
[  500.269765][T23810]  should_failslab+0xa8/0x100
[  500.269797][T23810]  __kmalloc_cache_noprof+0x70/0x3d0
[  500.269825][T23810]  ? sctp_add_bind_addr+0x8c/0x370
[  500.269856][T23810]  sctp_add_bind_addr+0x8c/0x370
[  500.269887][T23810]  sctp_copy_local_addr_list+0x30b/0x4e0
[  500.269917][T23810]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[  500.269944][T23810]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  500.269973][T23810]  ? sctp_v6_is_any+0x64/0x80
[  500.270003][T23810]  ? sctp_copy_one_addr+0x93/0x360
[  500.270033][T23810]  sctp_bind_addr_copy+0xb3/0x3c0
[  500.270061][T23810]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  500.270088][T23810]  sctp_connect_new_asoc+0x2e0/0x690
[  500.270123][T23810]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  500.270153][T23810]  ? __local_bh_enable_ip+0x12d/0x1c0
[  500.270181][T23810]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  500.270205][T23810]  ? security_sctp_bind_connect+0x7e/0x2e0
[  500.270235][T23810]  sctp_sendmsg+0x155c/0x2810
[  500.270279][T23810]  ? __pfx_sctp_sendmsg+0x10/0x10
[  500.270314][T23810]  ? aa_sk_perm+0x81e/0x950
[  500.270349][T23810]  ? __pfx_aa_sk_perm+0x10/0x10
[  500.270382][T23810]  ? sock_rps_record_flow+0x19/0x410
[  500.270411][T23810]  ? inet_sendmsg+0x2f4/0x370
[  500.270439][T23810]  __sock_sendmsg+0x19c/0x270
[  500.270470][T23810]  ____sys_sendmsg+0x52d/0x830
[  500.270498][T23810]  ? __pfx_____sys_sendmsg+0x10/0x10
[  500.270529][T23810]  ? import_iovec+0x74/0xa0
[  500.270556][T23810]  ___sys_sendmsg+0x21f/0x2a0
[  500.270580][T23810]  ? __pfx____sys_sendmsg+0x10/0x10
[  500.270642][T23810]  ? __fget_files+0x2a/0x420
[  500.270671][T23810]  ? __fget_files+0x3a0/0x420
[  500.270720][T23810]  __sys_sendmmsg+0x227/0x430
[  500.270748][T23810]  ? __pfx___sys_sendmmsg+0x10/0x10
[  500.270766][T23810]  ? __mutex_unlock_slowpath+0x1a1/0x760
[  500.270826][T23810]  ? ksys_write+0x22a/0x250
[  500.270856][T23810]  ? __pfx_ksys_write+0x10/0x10
[  500.270880][T23810]  ? rcu_is_watching+0x15/0xb0
[  500.270908][T23810]  __x64_sys_sendmmsg+0xa0/0xc0
[  500.270932][T23810]  do_syscall_64+0xfa/0x3b0
[  500.270960][T23810]  ? lockdep_hardirqs_on+0x9c/0x150
[  500.270986][T23810]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  500.271006][T23810]  ? clear_bhb_loop+0x60/0xb0
[  500.271032][T23810]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  500.271051][T23810] RIP: 0033:0x7f851ef8ebe9
[  500.271070][T23810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  500.271089][T23810] RSP: 002b:00007f851fe25038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  500.271111][T23810] RAX: ffffffffffffffda RBX: 00007f851f1b5fa0 RCX: 00007f851ef8ebe9
[  500.271126][T23810] RDX: 0000000000000001 RSI: 0000200000000780 RDI: 0000000000000003
[  500.271139][T23810] RBP: 00007f851fe25090 R08: 0000000000000000 R09: 0000000000000000
[  500.271151][T23810] R10: 0000000020048041 R11: 0000000000000246 R12: 0000000000000002
[  500.271164][T23810] R13: 00007f851f1b6038 R14: 00007f851f1b5fa0 R15: 00007ffca0fab3c8
[  500.271197][T23810]  </TASK>
[  500.999714][T23836] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6319'.
[  501.023623][T23836] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6319'.
[  501.037132][T23836] netlink: 'syz.3.6319': attribute type 11 has an invalid length.
[  501.178266][T23850] sctp: [Deprecated]: syz.3.6325 (pid 23850) Use of struct sctp_assoc_value in delayed_ack socket option.
[  501.178266][T23850] Use struct sctp_sack_info instead
[  501.211402][T23850] sctp: [Deprecated]: syz.3.6325 (pid 23850) Use of struct sctp_assoc_value in delayed_ack socket option.
[  501.211402][T23850] Use struct sctp_sack_info instead
[  501.428765][ T1304] lec:lec_start_xmit: lec0:No lecd attached
[  501.607102][T23876] netlink: 36 bytes leftover after parsing attributes in process `syz.1.6334'.
[  501.957402][ T1167] ip6_tunnel: ip6tnl3 xmit: Local address not yet configured!
[  501.957625][T23891] ip6_tunnel: ip6tnl3 xmit: Local address not yet configured!
[  502.350105][T23912] netlink: zone id is out of range
[  502.355265][T23912] netlink: zone id is out of range
[  502.403421][T23912] netlink: zone id is out of range
[  502.408644][T23912] netlink: zone id is out of range
[  502.414135][T23912] netlink: zone id is out of range
[  502.420039][T23912] netlink: zone id is out of range
[  502.425471][T23912] netlink: zone id is out of range
[  502.430873][T23912] netlink: zone id is out of range
[  502.441485][T23919] sock: sock_set_timeout: `syz.0.6349' (pid 23919) tries to set negative timeout
[  502.454312][T23912] netlink: zone id is out of range
[  502.657336][T23928] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6355'.
[  502.856298][T23939] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  502.885693][T23939] syzkaller0: entered promiscuous mode
[  502.896509][T23939] syzkaller0: entered allmulticast mode
[  502.955250][T23939] tipc: Resetting bearer <eth:syzkaller0>
[  502.964522][T23936] tipc: Resetting bearer <eth:syzkaller0>
[  502.982233][T23936] tipc: Disabling bearer <eth:syzkaller0>
[  504.008412][T24001] veth1_to_bond: entered allmulticast mode
[  504.041587][T24001] __nla_validate_parse: 4 callbacks suppressed
[  504.041608][T24001] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6380'.
[  504.107242][T24005] netlink: 212408 bytes leftover after parsing attributes in process `syz.4.6381'.
[  504.155878][T24001] veth1_to_bond (unregistering): left allmulticast mode
[  504.363093][T24014] bond10 (unregistering): Released all slaves
[  504.437713][T24016] veth0_to_bond: entered allmulticast mode
[  504.484382][T24021] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6386'.
[  504.587902][T24021] hsr_slave_0 (unregistering): left promiscuous mode
[  504.651591][T24024] IPVS: Unknown mcast interface: vcan0
[  504.664663][T24029] FAULT_INJECTION: forcing a failure.
[  504.664663][T24029] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  504.677935][T24029] CPU: 0 UID: 0 PID: 24029 Comm: syz.5.6389 Not tainted syzkaller #0 PREEMPT(full) 
[  504.677957][T24029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  504.677967][T24029] Call Trace:
[  504.677974][T24029]  <TASK>
[  504.677980][T24029]  dump_stack_lvl+0x189/0x250
[  504.678003][T24029]  ? __pfx____ratelimit+0x10/0x10
[  504.678025][T24029]  ? __pfx_dump_stack_lvl+0x10/0x10
[  504.678044][T24029]  ? __pfx__printk+0x10/0x10
[  504.678070][T24029]  ? __might_fault+0xb0/0x130
[  504.678114][T24029]  should_fail_ex+0x414/0x560
[  504.678149][T24029]  _copy_from_iter+0x1db/0x16f0
[  504.678174][T24029]  ? rcu_is_watching+0x15/0xb0
[  504.678191][T24029]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  504.678214][T24029]  ? __pfx__copy_from_iter+0x10/0x10
[  504.678230][T24029]  ? __build_skb_around+0x257/0x3e0
[  504.678256][T24029]  ? netlink_sendmsg+0x642/0xb30
[  504.678278][T24029]  ? skb_put+0x11b/0x210
[  504.678304][T24029]  netlink_sendmsg+0x6b2/0xb30
[  504.678341][T24029]  ? __pfx_netlink_sendmsg+0x10/0x10
[  504.678384][T24029]  ? aa_sock_msg_perm+0xf1/0x1d0
[  504.678410][T24029]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  504.678428][T24029]  ? __pfx_netlink_sendmsg+0x10/0x10
[  504.678451][T24029]  __sock_sendmsg+0x219/0x270
[  504.678474][T24029]  ____sys_sendmsg+0x505/0x830
[  504.678495][T24029]  ? __pfx_____sys_sendmsg+0x10/0x10
[  504.678518][T24029]  ? import_iovec+0x74/0xa0
[  504.678539][T24029]  ___sys_sendmsg+0x21f/0x2a0
[  504.678557][T24029]  ? __pfx____sys_sendmsg+0x10/0x10
[  504.678613][T24029]  ? __fget_files+0x2a/0x420
[  504.678636][T24029]  ? __fget_files+0x3a0/0x420
[  504.678680][T24029]  __x64_sys_sendmsg+0x19b/0x260
[  504.678706][T24029]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  504.678740][T24029]  ? __pfx_ksys_write+0x10/0x10
[  504.678770][T24029]  ? do_syscall_64+0xbe/0x3b0
[  504.678795][T24029]  do_syscall_64+0xfa/0x3b0
[  504.678816][T24029]  ? lockdep_hardirqs_on+0x9c/0x150
[  504.678837][T24029]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  504.678853][T24029]  ? clear_bhb_loop+0x60/0xb0
[  504.678872][T24029]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  504.678887][T24029] RIP: 0033:0x7f851ef8ebe9
[  504.678901][T24029] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  504.678937][T24029] RSP: 002b:00007f851fe25038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  504.678960][T24029] RAX: ffffffffffffffda RBX: 00007f851f1b5fa0 RCX: 00007f851ef8ebe9
[  504.678995][T24029] RDX: 0000000020040000 RSI: 0000200000000380 RDI: 0000000000000003
[  504.679011][T24029] RBP: 00007f851fe25090 R08: 0000000000000000 R09: 0000000000000000
[  504.679021][T24029] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  504.679030][T24029] R13: 00007f851f1b6038 R14: 00007f851f1b5fa0 R15: 00007ffca0fab3c8
[  504.679055][T24029]  </TASK>
[  505.149914][T24041] veth35: entered allmulticast mode
[  505.170746][T24048] netlink: 68 bytes leftover after parsing attributes in process `syz.1.6395'.
[  505.657679][T24075] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.6402'.
[  505.749786][T24080] 8021q: VLANs not supported on gre0
[  506.140207][    C1] ip6_tunnel: ip6tnl3 xmit: Local address not yet configured!
[  506.221057][T24095] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6407'.
[  506.295232][T24104] netlink: 32 bytes leftover after parsing attributes in process `syz.1.6410'.
[  506.456239][T24113] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.6413'.
[  506.626901][T24121] xt_time: invalid argument - start or stop time greater than 23:59:59
[  506.688860][T24125] netlink: 68 bytes leftover after parsing attributes in process `syz.1.6417'.
[  506.779340][    C1] lec0: NETDEV WATCHDOG: CPU: 1: transmit queue 0 timed out 5350 ms
[  506.787402][    C1] lec:lec_tx_timeout: lec0
[  507.175852][T24132] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6420'.
[  507.187982][T24137] veth25: entered allmulticast mode
[  507.280258][T24140] netlink: 'syz.0.6422': attribute type 1 has an invalid length.
[  507.333319][T24140] 8021q: adding VLAN 0 to HW filter on device bond15
[  507.374214][T24140] 8021q: adding VLAN 0 to HW filter on device bond15
[  507.382280][T24140] bond15: (slave vxcan3): The slave device specified does not support setting the MAC address
[  507.408840][T24140] bond15: (slave vxcan3): Error -95 calling set_mac_address
[  507.588138][T24147] veth27: entered promiscuous mode
[  507.597350][T24150] 8021q: adding VLAN 0 to HW filter on device bond15
[  507.794725][T24162] net_ratelimit: 56 callbacks suppressed
[  507.794747][T24162] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  508.333087][T24192] netlink: 'syz.0.6437': attribute type 1 has an invalid length.
[  508.488921][   T12] nci: nci_add_new_protocol: the target found does not have the desired protocol
[  509.056227][T24212] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  509.244476][T24216] __nla_validate_parse: 4 callbacks suppressed
[  509.244494][T24216] netlink: 68 bytes leftover after parsing attributes in process `syz.1.6442'.
[  509.449127][T24223] veth37: entered allmulticast mode
[  509.606054][T24238] openvswitch: netlink: IPv4 tun info is not correct
[  509.865382][T24260] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6455'.
[  509.890684][T24260] bridge_slave_0: default FDB implementation only supports local addresses
[  510.816286][T24303] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6468'.
[  510.825820][T24303] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6468'.
[  511.032566][T24309] netlink: 68 bytes leftover after parsing attributes in process `syz.1.6470'.
[  511.260842][T24319] netlink: 212404 bytes leftover after parsing attributes in process `syz.4.6473'.
[  511.393538][T24328] netlink: 212316 bytes leftover after parsing attributes in process `syz.0.6476'.
[  511.585328][T24336] FAULT_INJECTION: forcing a failure.
[  511.585328][T24336] name failslab, interval 1, probability 0, space 0, times 0
[  511.604629][T24336] CPU: 0 UID: 0 PID: 24336 Comm: syz.5.6481 Not tainted syzkaller #0 PREEMPT(full) 
[  511.604656][T24336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  511.604677][T24336] Call Trace:
[  511.604685][T24336]  <TASK>
[  511.604693][T24336]  dump_stack_lvl+0x189/0x250
[  511.604722][T24336]  ? __pfx____ratelimit+0x10/0x10
[  511.604748][T24336]  ? __pfx_dump_stack_lvl+0x10/0x10
[  511.604771][T24336]  ? __pfx__printk+0x10/0x10
[  511.604812][T24336]  should_fail_ex+0x414/0x560
[  511.604841][T24336]  should_failslab+0xa8/0x100
[  511.604871][T24336]  __kmalloc_cache_noprof+0x70/0x3d0
[  511.604897][T24336]  ? sctp_add_bind_addr+0x8c/0x370
[  511.604925][T24336]  sctp_add_bind_addr+0x8c/0x370
[  511.604954][T24336]  sctp_copy_local_addr_list+0x30b/0x4e0
[  511.604982][T24336]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[  511.605005][T24336]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  511.605031][T24336]  ? sctp_v6_is_any+0x64/0x80
[  511.605059][T24336]  ? sctp_copy_one_addr+0x93/0x360
[  511.605086][T24336]  sctp_bind_addr_copy+0xb3/0x3c0
[  511.605111][T24336]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  511.605136][T24336]  sctp_connect_new_asoc+0x2e0/0x690
[  511.605169][T24336]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  511.605197][T24336]  ? __local_bh_enable_ip+0x12d/0x1c0
[  511.605224][T24336]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  511.605247][T24336]  ? security_sctp_bind_connect+0x7e/0x2e0
[  511.605276][T24336]  sctp_sendmsg+0x155c/0x2810
[  511.605317][T24336]  ? __pfx_sctp_sendmsg+0x10/0x10
[  511.605353][T24336]  ? irqentry_exit+0x74/0x90
[  511.605389][T24336]  ? sock_rps_record_flow+0x19/0x410
[  511.605415][T24336]  ? inet_sendmsg+0x2f4/0x370
[  511.605440][T24336]  __sock_sendmsg+0x19c/0x270
[  511.605467][T24336]  ____sys_sendmsg+0x52d/0x830
[  511.605493][T24336]  ? __pfx_____sys_sendmsg+0x10/0x10
[  511.605522][T24336]  ? import_iovec+0x74/0xa0
[  511.605549][T24336]  ___sys_sendmsg+0x21f/0x2a0
[  511.605572][T24336]  ? __pfx____sys_sendmsg+0x10/0x10
[  511.605633][T24336]  ? __fget_files+0x2a/0x420
[  511.605668][T24336]  ? __fget_files+0x3a0/0x420
[  511.605708][T24336]  __sys_sendmmsg+0x227/0x430
[  511.605734][T24336]  ? __pfx___sys_sendmmsg+0x10/0x10
[  511.605752][T24336]  ? __mutex_unlock_slowpath+0x1a1/0x760
[  511.605807][T24336]  ? ksys_write+0x22a/0x250
[  511.605835][T24336]  ? __pfx_ksys_write+0x10/0x10
[  511.605858][T24336]  ? rcu_is_watching+0x15/0xb0
[  511.605885][T24336]  __x64_sys_sendmmsg+0xa0/0xc0
[  511.605907][T24336]  do_syscall_64+0xfa/0x3b0
[  511.605933][T24336]  ? lockdep_hardirqs_on+0x9c/0x150
[  511.605959][T24336]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  511.605978][T24336]  ? clear_bhb_loop+0x60/0xb0
[  511.606001][T24336]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  511.606020][T24336] RIP: 0033:0x7f851ef8ebe9
[  511.606037][T24336] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  511.606055][T24336] RSP: 002b:00007f851fe25038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  511.606075][T24336] RAX: ffffffffffffffda RBX: 00007f851f1b5fa0 RCX: 00007f851ef8ebe9
[  511.606090][T24336] RDX: 0000000000000001 RSI: 0000200000000780 RDI: 0000000000000003
[  511.606102][T24336] RBP: 00007f851fe25090 R08: 0000000000000000 R09: 0000000000000000
[  511.606114][T24336] R10: 0000000020048041 R11: 0000000000000246 R12: 0000000000000002
[  511.606127][T24336] R13: 00007f851f1b6038 R14: 00007f851f1b5fa0 R15: 00007ffca0fab3c8
[  511.606159][T24336]  </TASK>
[  512.240592][T24357] netlink: 32 bytes leftover after parsing attributes in process `syz.1.6487'.
[  512.294183][T24360] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6487'.
[  512.442605][T24365] netlink: 60 bytes leftover after parsing attributes in process `syz.4.6489'.
[  512.479552][T24374] IPVS: sync thread started: state = BACKUP, mcast_ifn = caif0, syncid = 4, id = 0
[  512.550154][T24381] netlink: zone id is out of range
[  512.555417][T24381] netlink: zone id is out of range
[  512.564544][T24381] netlink: zone id is out of range
[  512.574356][T24381] netlink: zone id is out of range
[  512.606757][T24381] netlink: zone id is out of range
[  512.615234][T24381] netlink: get zone limit has 8 unknown bytes
[  512.894090][T24403] netlink: 'syz.5.6502': attribute type 32 has an invalid length.
[  512.916386][T24403] (unnamed net_device) (uninitialized): option coupled_control: invalid value (2)
[  513.283699][T24430] openvswitch: netlink: IP tunnel attribute has 8 unknown bytes.
[  513.623845][T24446] netlink: 'syz.1.6515': attribute type 11 has an invalid length.
[  514.428369][T24489] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  514.608244][T24508] netlink: 'syz.5.6537': attribute type 4 has an invalid length.
[  514.651355][T24508] netlink: 'syz.5.6537': attribute type 4 has an invalid length.
[  514.723102][T24508] __nla_validate_parse: 7 callbacks suppressed
[  514.723122][T24508] netlink: 44 bytes leftover after parsing attributes in process `syz.5.6537'.
[  514.859552][    C1] ip6_tunnel: ip6tnl3 xmit: Local address not yet configured!
[  514.894532][T24520] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6540'.
[  514.969619][T24520] netlink: 60 bytes leftover after parsing attributes in process `syz.1.6540'.
[  515.168075][T24537] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6544'.
[  515.209425][T24537] netlink: 16 bytes leftover after parsing attributes in process `syz.4.6544'.
[  515.394779][T24554] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6549'.
[  515.577670][T24563] netlink: 'syz.1.6552': attribute type 24 has an invalid length.
[  515.732121][T24575] netlink: 1 bytes leftover after parsing attributes in process `syz.1.6555'.
[  516.455017][T24585] netlink: zone id is out of range
[  516.465862][T24585] netlink: zone id is out of range
[  516.472833][T24585] netlink: zone id is out of range
[  516.478834][T24585] netlink: del zone limit has 4 unknown bytes
[  516.493994][T24586] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6559'.
[  516.509995][T24590] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6561'.
[  516.719197][T24602] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6565'.
[  517.004119][T24626] netlink: 'syz.0.6569': attribute type 7 has an invalid length.
[  517.011944][T24626] netlink: 'syz.0.6569': attribute type 8 has an invalid length.
[  517.866675][T24647] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  517.871976][   T13] nci: nci_add_new_protocol: the target found does not have the desired protocol
[  517.877521][T24646] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  519.977835][T24764] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  520.373049][T24781] openvswitch: netlink: IP tunnel attribute has 8 unknown bytes.
[  520.876908][T24787] __nla_validate_parse: 9 callbacks suppressed
[  520.876930][T24787] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6620'.
[  520.902734][T24793] FAULT_INJECTION: forcing a failure.
[  520.902734][T24793] name failslab, interval 1, probability 0, space 0, times 0
[  520.930428][T24793] CPU: 1 UID: 0 PID: 24793 Comm: syz.5.6622 Not tainted syzkaller #0 PREEMPT(full) 
[  520.930456][T24793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  520.930469][T24793] Call Trace:
[  520.930477][T24793]  <TASK>
[  520.930486][T24793]  dump_stack_lvl+0x189/0x250
[  520.930515][T24793]  ? __pfx____ratelimit+0x10/0x10
[  520.930544][T24793]  ? __pfx_dump_stack_lvl+0x10/0x10
[  520.930569][T24793]  ? __pfx__printk+0x10/0x10
[  520.930611][T24793]  ? __pfx___might_resched+0x10/0x10
[  520.930636][T24793]  should_fail_ex+0x414/0x560
[  520.930668][T24793]  should_failslab+0xa8/0x100
[  520.930699][T24793]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  520.930728][T24793]  ? __alloc_skb+0x112/0x2d0
[  520.930756][T24793]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  520.930798][T24793]  __alloc_skb+0x112/0x2d0
[  520.930848][T24793]  pfkey_sendmsg+0x1dd/0x1090
[  520.930898][T24793]  ? __pfx___might_resched+0x10/0x10
[  520.930914][T24793]  ? __lock_acquire+0xab9/0xd20
[  520.930948][T24793]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  520.930984][T24793]  ? aa_sk_perm+0x81e/0x950
[  520.931016][T24793]  ? __pfx_aa_sk_perm+0x10/0x10
[  520.931041][T24793]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x300
[  520.931067][T24793]  ? aa_sock_msg_perm+0xf1/0x1d0
[  520.931098][T24793]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  520.931119][T24793]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  520.931149][T24793]  __sock_sendmsg+0x219/0x270
[  520.931176][T24793]  ____sys_sendmsg+0x505/0x830
[  520.931205][T24793]  ? __pfx_____sys_sendmsg+0x10/0x10
[  520.931234][T24793]  ? import_iovec+0x74/0xa0
[  520.931259][T24793]  ___sys_sendmsg+0x21f/0x2a0
[  520.931281][T24793]  ? __pfx____sys_sendmsg+0x10/0x10
[  520.931336][T24793]  ? __fget_files+0x2a/0x420
[  520.931363][T24793]  ? __fget_files+0x3a0/0x420
[  520.931402][T24793]  __x64_sys_sendmsg+0x19b/0x260
[  520.931424][T24793]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  520.931454][T24793]  ? __pfx_ksys_write+0x10/0x10
[  520.931476][T24793]  ? rcu_is_watching+0x15/0xb0
[  520.931501][T24793]  ? do_syscall_64+0xbe/0x3b0
[  520.931532][T24793]  do_syscall_64+0xfa/0x3b0
[  520.931557][T24793]  ? lockdep_hardirqs_on+0x9c/0x150
[  520.931582][T24793]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  520.931606][T24793]  ? clear_bhb_loop+0x60/0xb0
[  520.931630][T24793]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  520.931648][T24793] RIP: 0033:0x7f851ef8ebe9
[  520.931666][T24793] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  520.931682][T24793] RSP: 002b:00007f851fe25038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  520.931702][T24793] RAX: ffffffffffffffda RBX: 00007f851f1b5fa0 RCX: 00007f851ef8ebe9
[  520.931716][T24793] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  520.931729][T24793] RBP: 00007f851fe25090 R08: 0000000000000000 R09: 0000000000000000
[  520.931741][T24793] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  520.931752][T24793] R13: 00007f851f1b6038 R14: 00007f851f1b5fa0 R15: 00007ffca0fab3c8
[  520.931782][T24793]  </TASK>
[  521.276568][T24797] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6624'.
[  521.365221][T24805] netlink: 'syz.0.6624': attribute type 1 has an invalid length.
[  521.396940][T24800] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6626'.
[  521.402177][T24805] netlink: 244 bytes leftover after parsing attributes in process `syz.0.6624'.
[  521.743487][T24832] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6635'.
[  521.762720][T24832] netlink: 24 bytes leftover after parsing attributes in process `syz.1.6635'.
[  521.894312][T24844] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6640'.
[  521.918640][T24846] openvswitch: netlink: IP tunnel attribute has 8 unknown bytes.
[  522.611493][T24870] netlink: 40 bytes leftover after parsing attributes in process `syz.0.6646'.
[  522.808480][T24878] FAULT_INJECTION: forcing a failure.
[  522.808480][T24878] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  522.857667][T24878] CPU: 0 UID: 0 PID: 24878 Comm: syz.4.6652 Not tainted syzkaller #0 PREEMPT(full) 
[  522.857709][T24878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  522.857724][T24878] Call Trace:
[  522.857733][T24878]  <TASK>
[  522.857743][T24878]  dump_stack_lvl+0x189/0x250
[  522.857775][T24878]  ? __pfx____ratelimit+0x10/0x10
[  522.857806][T24878]  ? __pfx_dump_stack_lvl+0x10/0x10
[  522.857833][T24878]  ? __pfx__printk+0x10/0x10
[  522.857865][T24878]  ? __might_fault+0xb0/0x130
[  522.857910][T24878]  should_fail_ex+0x414/0x560
[  522.857946][T24878]  _copy_from_iter+0x1db/0x16f0
[  522.857973][T24878]  ? rcu_is_watching+0x15/0xb0
[  522.857998][T24878]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  522.858031][T24878]  ? __pfx__copy_from_iter+0x10/0x10
[  522.858056][T24878]  ? __build_skb_around+0x257/0x3e0
[  522.858095][T24878]  ? skb_put+0x11b/0x210
[  522.858133][T24878]  pfkey_sendmsg+0x230/0x1090
[  522.858175][T24878]  ? __pfx___might_resched+0x10/0x10
[  522.858194][T24878]  ? __lock_acquire+0xab9/0xd20
[  522.858245][T24878]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  522.858285][T24878]  ? aa_sk_perm+0x81e/0x950
[  522.858322][T24878]  ? __pfx_aa_sk_perm+0x10/0x10
[  522.858350][T24878]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x300
[  522.858379][T24878]  ? aa_sock_msg_perm+0xf1/0x1d0
[  522.858414][T24878]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  522.858439][T24878]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  522.858483][T24878]  __sock_sendmsg+0x219/0x270
[  522.858513][T24878]  ____sys_sendmsg+0x505/0x830
[  522.858540][T24878]  ? __pfx_____sys_sendmsg+0x10/0x10
[  522.858570][T24878]  ? import_iovec+0x74/0xa0
[  522.858596][T24878]  ___sys_sendmsg+0x21f/0x2a0
[  522.858619][T24878]  ? __pfx____sys_sendmsg+0x10/0x10
[  522.858685][T24878]  ? __fget_files+0x2a/0x420
[  522.858715][T24878]  ? __fget_files+0x3a0/0x420
[  522.858756][T24878]  __x64_sys_sendmsg+0x19b/0x260
[  522.858780][T24878]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  522.858811][T24878]  ? __pfx_ksys_write+0x10/0x10
[  522.858835][T24878]  ? rcu_is_watching+0x15/0xb0
[  522.858859][T24878]  ? do_syscall_64+0xbe/0x3b0
[  522.858892][T24878]  do_syscall_64+0xfa/0x3b0
[  522.858919][T24878]  ? lockdep_hardirqs_on+0x9c/0x150
[  522.858946][T24878]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  522.858966][T24878]  ? clear_bhb_loop+0x60/0xb0
[  522.858989][T24878]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  522.859009][T24878] RIP: 0033:0x7f974338ebe9
[  522.859027][T24878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  522.859044][T24878] RSP: 002b:00007f9744209038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  522.859065][T24878] RAX: ffffffffffffffda RBX: 00007f97435b5fa0 RCX: 00007f974338ebe9
[  522.859080][T24878] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  522.859092][T24878] RBP: 00007f9744209090 R08: 0000000000000000 R09: 0000000000000000
[  522.859104][T24878] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  522.859117][T24878] R13: 00007f97435b6038 R14: 00007f97435b5fa0 R15: 00007fffecabd698
[  522.859149][T24878]  </TASK>
[  523.246441][T24889] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  523.271266][T24889] syzkaller0: entered promiscuous mode
[  523.288937][T24889] syzkaller0: entered allmulticast mode
[  523.354839][T24894] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  523.373914][T24894] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  523.415389][T24889] tipc: Resetting bearer <eth:syzkaller0>
[  523.428704][T24892] PF_CAN: dropped non conform CAN skbuff: dev type 65534, len 34
[  523.521941][T24906] openvswitch: netlink: IP tunnel attribute has 8 unknown bytes.
[  523.544222][T24903] tipc: Resetting bearer <eth:syzkaller0>
[  523.564965][T24903] tipc: Disabling bearer <eth:syzkaller0>
[  523.605361][T24908] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  523.613831][T24908] syzkaller0: entered promiscuous mode
[  523.622058][T24908] syzkaller0: entered allmulticast mode
[  523.795491][T24917] tipc: Resetting bearer <eth:syzkaller0>
[  523.868392][T24924] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  523.972351][T24907] tipc: Resetting bearer <eth:syzkaller0>
[  524.021027][T24907] tipc: Disabling bearer <eth:syzkaller0>
[  524.103498][T24932] openvswitch: netlink: IPv4 tunnel dst address is zero
[  524.144438][T24935] FAULT_INJECTION: forcing a failure.
[  524.144438][T24935] name failslab, interval 1, probability 0, space 0, times 0
[  524.184018][T24935] CPU: 0 UID: 0 PID: 24935 Comm: syz.1.6672 Not tainted syzkaller #0 PREEMPT(full) 
[  524.184046][T24935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  524.184058][T24935] Call Trace:
[  524.184066][T24935]  <TASK>
[  524.184075][T24935]  dump_stack_lvl+0x189/0x250
[  524.184103][T24935]  ? __pfx____ratelimit+0x10/0x10
[  524.184129][T24935]  ? __pfx_dump_stack_lvl+0x10/0x10
[  524.184152][T24935]  ? __pfx__printk+0x10/0x10
[  524.184185][T24935]  ? __pfx___might_resched+0x10/0x10
[  524.184203][T24935]  ? fs_reclaim_acquire+0x7d/0x100
[  524.184237][T24935]  should_fail_ex+0x414/0x560
[  524.184274][T24935]  should_failslab+0xa8/0x100
[  524.184304][T24935]  kmem_cache_alloc_noprof+0x73/0x3c0
[  524.184330][T24935]  ? skb_clone+0x212/0x3a0
[  524.184356][T24935]  skb_clone+0x212/0x3a0
[  524.184379][T24935]  pfkey_sendmsg+0x44b/0x1090
[  524.184416][T24935]  ? __lock_acquire+0xab9/0xd20
[  524.184451][T24935]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  524.184506][T24935]  ? aa_sock_msg_perm+0xf1/0x1d0
[  524.184538][T24935]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  524.184558][T24935]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  524.184588][T24935]  __sock_sendmsg+0x219/0x270
[  524.184615][T24935]  ____sys_sendmsg+0x505/0x830
[  524.184641][T24935]  ? __pfx_____sys_sendmsg+0x10/0x10
[  524.184670][T24935]  ? import_iovec+0x74/0xa0
[  524.184695][T24935]  ___sys_sendmsg+0x21f/0x2a0
[  524.184717][T24935]  ? __pfx____sys_sendmsg+0x10/0x10
[  524.184774][T24935]  ? __fget_files+0x2a/0x420
[  524.184803][T24935]  ? __fget_files+0x3a0/0x420
[  524.184842][T24935]  __x64_sys_sendmsg+0x19b/0x260
[  524.184866][T24935]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  524.184895][T24935]  ? __pfx_ksys_write+0x10/0x10
[  524.184918][T24935]  ? rcu_is_watching+0x15/0xb0
[  524.184943][T24935]  ? do_syscall_64+0xbe/0x3b0
[  524.184974][T24935]  do_syscall_64+0xfa/0x3b0
[  524.184999][T24935]  ? lockdep_hardirqs_on+0x9c/0x150
[  524.185025][T24935]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  524.185043][T24935]  ? clear_bhb_loop+0x60/0xb0
[  524.185066][T24935]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  524.185084][T24935] RIP: 0033:0x7fa07798ebe9
[  524.185101][T24935] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  524.185117][T24935] RSP: 002b:00007fa07882e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  524.185137][T24935] RAX: ffffffffffffffda RBX: 00007fa077bb5fa0 RCX: 00007fa07798ebe9
[  524.185151][T24935] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  524.185163][T24935] RBP: 00007fa07882e090 R08: 0000000000000000 R09: 0000000000000000
[  524.185175][T24935] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  524.185186][T24935] R13: 00007fa077bb6038 R14: 00007fa077bb5fa0 R15: 00007ffe329fb438
[  524.185217][T24935]  </TASK>
[  524.282598][T24939] xt_time: invalid argument - start or stop time greater than 23:59:59
[  524.431032][T24946] netlink: 36 bytes leftover after parsing attributes in process `syz.1.6675'.
[  524.493193][T24946] netlink: 24 bytes leftover after parsing attributes in process `syz.1.6675'.
[  524.869459][T24968] netlink: 'syz.1.6680': attribute type 12 has an invalid length.
[  525.106071][   T55] block nbd0: Possible stuck request ffff88802532e000: control (read@0,1024B). Runtime 300 seconds
[  525.117881][   T55] block nbd0: Possible stuck request ffff88802532e1c0: control (read@1024,1024B). Runtime 300 seconds
[  525.119411][T24937] delete_channel: no stack
[  525.129801][   T55] block nbd0: Possible stuck request ffff88802532e380: control (read@2048,1024B). Runtime 300 seconds
[  525.144969][   T55] block nbd0: Possible stuck request ffff88802532e540: control (read@3072,1024B). Runtime 300 seconds
[  525.562979][T25000] openvswitch: netlink: IPv4 tun info is not correct
[  525.968746][T25035] netlink: 'syz.3.6706': attribute type 1 has an invalid length.
[  525.977205][T25035] __nla_validate_parse: 1 callbacks suppressed
[  525.977224][T25035] netlink: 244 bytes leftover after parsing attributes in process `syz.3.6706'.
[  526.005837][T25034] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  526.022904][T25034] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6707'.
[  526.074179][T25041] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6706'.
[  526.419890][T25063] netlink: 36 bytes leftover after parsing attributes in process `syz.5.6717'.
[  526.430344][T25064] openvswitch: netlink: nsh attr 0 has unexpected len 1 expected 0
[  526.440543][T25064] netlink: 16 bytes leftover after parsing attributes in process `syz.4.6716'.
[  526.528655][T25068] netlink: zone id is out of range
[  526.560508][T25068] netlink: del zone limit has 4 unknown bytes
[  526.578797][T25070] netlink: 'syz.1.6718': attribute type 15 has an invalid length.
[  526.602708][T25070] netlink: 24 bytes leftover after parsing attributes in process `syz.1.6718'.
[  526.773930][T25082] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.6724'.
[  526.800565][T25082] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6724'.
[  526.912389][T25091] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6729'.
[  526.941389][T25094] netlink: 44 bytes leftover after parsing attributes in process `syz.0.6730'.
[  526.953314][T25091] openvswitch: netlink: Flow actions attr not present in new flow.
[  527.107036][T25103] netlink: zone id is out of range
[  527.114540][T25108] FAULT_INJECTION: forcing a failure.
[  527.114540][T25108] name failslab, interval 1, probability 0, space 0, times 0
[  527.132325][T25103] netlink: del zone limit has 4 unknown bytes
[  527.138729][T25108] CPU: 0 UID: 0 PID: 25108 Comm: syz.0.6734 Not tainted syzkaller #0 PREEMPT(full) 
[  527.138754][T25108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  527.138767][T25108] Call Trace:
[  527.138775][T25108]  <TASK>
[  527.138784][T25108]  dump_stack_lvl+0x189/0x250
[  527.138812][T25108]  ? __pfx____ratelimit+0x10/0x10
[  527.138839][T25108]  ? __pfx_dump_stack_lvl+0x10/0x10
[  527.138861][T25108]  ? __pfx__printk+0x10/0x10
[  527.138894][T25108]  ? __pfx___might_resched+0x10/0x10
[  527.138911][T25108]  ? fs_reclaim_acquire+0x7d/0x100
[  527.138946][T25108]  should_fail_ex+0x414/0x560
[  527.138976][T25108]  should_failslab+0xa8/0x100
[  527.139005][T25108]  __kmalloc_noprof+0xcb/0x4f0
[  527.139029][T25108]  ? pfkey_add+0xf65/0x2e00
[  527.139063][T25108]  pfkey_add+0xf65/0x2e00
[  527.139111][T25108]  ? __pfx_pfkey_add+0x10/0x10
[  527.139137][T25108]  ? kmem_cache_free+0x18f/0x400
[  527.139176][T25108]  pfkey_sendmsg+0xbfe/0x1090
[  527.139220][T25108]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  527.139284][T25108]  ? aa_sock_msg_perm+0xf1/0x1d0
[  527.139315][T25108]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  527.139336][T25108]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  527.139364][T25108]  __sock_sendmsg+0x219/0x270
[  527.139392][T25108]  ____sys_sendmsg+0x505/0x830
[  527.139417][T25108]  ? __pfx_____sys_sendmsg+0x10/0x10
[  527.139445][T25108]  ? import_iovec+0x74/0xa0
[  527.139470][T25108]  ___sys_sendmsg+0x21f/0x2a0
[  527.139491][T25108]  ? __pfx____sys_sendmsg+0x10/0x10
[  527.139547][T25108]  ? __fget_files+0x2a/0x420
[  527.139573][T25108]  ? __fget_files+0x3a0/0x420
[  527.139611][T25108]  __x64_sys_sendmsg+0x19b/0x260
[  527.139633][T25108]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  527.139662][T25108]  ? __pfx_ksys_write+0x10/0x10
[  527.139685][T25108]  ? rcu_is_watching+0x15/0xb0
[  527.139708][T25108]  ? do_syscall_64+0xbe/0x3b0
[  527.139740][T25108]  do_syscall_64+0xfa/0x3b0
[  527.139765][T25108]  ? lockdep_hardirqs_on+0x9c/0x150
[  527.139791][T25108]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  527.139810][T25108]  ? clear_bhb_loop+0x60/0xb0
[  527.139834][T25108]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  527.139852][T25108] RIP: 0033:0x7ff55dd8ebe9
[  527.139871][T25108] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  527.139888][T25108] RSP: 002b:00007ff55ebc6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  527.139907][T25108] RAX: ffffffffffffffda RBX: 00007ff55dfb5fa0 RCX: 00007ff55dd8ebe9
[  527.139922][T25108] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  527.139933][T25108] RBP: 00007ff55ebc6090 R08: 0000000000000000 R09: 0000000000000000
[  527.139946][T25108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  527.139957][T25108] R13: 00007ff55dfb6038 R14: 00007ff55dfb5fa0 R15: 00007ffc3d09d0a8
[  527.139988][T25108]  </TASK>
[  527.659585][   T55] block nbd1: Possible stuck request ffff888025407000: control (read@0,1024B). Runtime 300 seconds
[  527.670375][   T55] block nbd1: Possible stuck request ffff8880254071c0: control (read@1024,1024B). Runtime 300 seconds
[  527.685996][   T55] block nbd1: Possible stuck request ffff888025407380: control (read@2048,1024B). Runtime 300 seconds
[  527.698169][   T55] block nbd1: Possible stuck request ffff888025407540: control (read@3072,1024B). Runtime 300 seconds
[  527.921026][T25139] openvswitch: netlink: IP tunnel attribute has 8 unknown bytes.
[  527.998907][T25145] openvswitch: netlink: IPv4 tun info is not correct
[  528.245536][T25158] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  529.196660][T25215] "syz.4.6771" (25215) uses obsolete ecb(arc4) skcipher
[  529.577643][T25243] 8021q: VLANs not supported on gre0
[  529.658915][T25254] FAULT_INJECTION: forcing a failure.
[  529.658915][T25254] name failslab, interval 1, probability 0, space 0, times 0
[  529.713608][T25254] CPU: 1 UID: 0 PID: 25254 Comm: syz.0.6782 Not tainted syzkaller #0 PREEMPT(full) 
[  529.713640][T25254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  529.713654][T25254] Call Trace:
[  529.713664][T25254]  <TASK>
[  529.713674][T25254]  dump_stack_lvl+0x189/0x250
[  529.713707][T25254]  ? __pfx____ratelimit+0x10/0x10
[  529.713738][T25254]  ? __pfx_dump_stack_lvl+0x10/0x10
[  529.713764][T25254]  ? __pfx__printk+0x10/0x10
[  529.713802][T25254]  ? __pfx___might_resched+0x10/0x10
[  529.713823][T25254]  ? fs_reclaim_acquire+0x7d/0x100
[  529.713863][T25254]  should_fail_ex+0x414/0x560
[  529.713897][T25254]  should_failslab+0xa8/0x100
[  529.713931][T25254]  __kmalloc_cache_noprof+0x70/0x3d0
[  529.713960][T25254]  ? pfkey_add+0x1b18/0x2e00
[  529.713999][T25254]  pfkey_add+0x1b18/0x2e00
[  529.714061][T25254]  ? __pfx_pfkey_add+0x10/0x10
[  529.714092][T25254]  ? kmem_cache_free+0x18f/0x400
[  529.714136][T25254]  pfkey_sendmsg+0xbfe/0x1090
[  529.714186][T25254]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  529.714246][T25254]  ? aa_sock_msg_perm+0xf1/0x1d0
[  529.714282][T25254]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  529.714305][T25254]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  529.714339][T25254]  __sock_sendmsg+0x219/0x270
[  529.714371][T25254]  ____sys_sendmsg+0x505/0x830
[  529.714399][T25254]  ? __pfx_____sys_sendmsg+0x10/0x10
[  529.714432][T25254]  ? import_iovec+0x74/0xa0
[  529.714462][T25254]  ___sys_sendmsg+0x21f/0x2a0
[  529.714488][T25254]  ? __pfx____sys_sendmsg+0x10/0x10
[  529.714556][T25254]  ? __fget_files+0x2a/0x420
[  529.714589][T25254]  ? __fget_files+0x3a0/0x420
[  529.714634][T25254]  __x64_sys_sendmsg+0x19b/0x260
[  529.714660][T25254]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  529.714695][T25254]  ? __pfx_ksys_write+0x10/0x10
[  529.714723][T25254]  ? rcu_is_watching+0x15/0xb0
[  529.714752][T25254]  ? do_syscall_64+0xbe/0x3b0
[  529.714789][T25254]  do_syscall_64+0xfa/0x3b0
[  529.714819][T25254]  ? lockdep_hardirqs_on+0x9c/0x150
[  529.714848][T25254]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  529.714871][T25254]  ? clear_bhb_loop+0x60/0xb0
[  529.714897][T25254]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  529.714918][T25254] RIP: 0033:0x7ff55dd8ebe9
[  529.714938][T25254] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  529.714957][T25254] RSP: 002b:00007ff55ebc6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  529.714980][T25254] RAX: ffffffffffffffda RBX: 00007ff55dfb5fa0 RCX: 00007ff55dd8ebe9
[  529.714995][T25254] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  529.715009][T25254] RBP: 00007ff55ebc6090 R08: 0000000000000000 R09: 0000000000000000
[  529.715029][T25254] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  529.715043][T25254] R13: 00007ff55dfb6038 R14: 00007ff55dfb5fa0 R15: 00007ffc3d09d0a8
[  529.715077][T25254]  </TASK>
[  530.595011][T25293] net_ratelimit: 2 callbacks suppressed
[  530.595031][T25293] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  530.827112][T25308] veth49: entered allmulticast mode
[  530.990908][T25319] FAULT_INJECTION: forcing a failure.
[  530.990908][T25319] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  530.994977][T25320] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  531.022694][T25319] CPU: 0 UID: 0 PID: 25319 Comm: syz.1.6803 Not tainted syzkaller #0 PREEMPT(full) 
[  531.022722][T25319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  531.022734][T25319] Call Trace:
[  531.022743][T25319]  <TASK>
[  531.022752][T25319]  dump_stack_lvl+0x189/0x250
[  531.022781][T25319]  ? __pfx____ratelimit+0x10/0x10
[  531.022810][T25319]  ? __pfx_dump_stack_lvl+0x10/0x10
[  531.022834][T25319]  ? __pfx__printk+0x10/0x10
[  531.022864][T25319]  ? fs_reclaim_acquire+0x7d/0x100
[  531.022905][T25319]  should_fail_ex+0x414/0x560
[  531.022938][T25319]  prepare_alloc_pages+0x213/0x610
[  531.022966][T25319]  __alloc_frozen_pages_noprof+0x123/0x370
[  531.022992][T25319]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  531.023023][T25319]  ? policy_nodemask+0x27c/0x720
[  531.023047][T25319]  ? __lock_acquire+0xab9/0xd20
[  531.023081][T25319]  alloc_pages_mpol+0x232/0x4a0
[  531.023116][T25319]  vma_alloc_folio_noprof+0xe4/0x200
[  531.023149][T25319]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  531.023191][T25319]  folio_prealloc+0x30/0x180
[  531.023222][T25319]  __handle_mm_fault+0x2ab9/0x5440
[  531.023271][T25319]  ? __pfx___handle_mm_fault+0x10/0x10
[  531.023318][T25319]  ? find_vma+0xe7/0x160
[  531.023343][T25319]  ? __pfx_find_vma+0x10/0x10
[  531.023371][T25319]  handle_mm_fault+0x40a/0x8e0
[  531.023409][T25319]  do_user_addr_fault+0x764/0x1390
[  531.023458][T25319]  exc_page_fault+0x76/0xf0
[  531.023488][T25319]  asm_exc_page_fault+0x26/0x30
[  531.023507][T25319] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  531.023529][T25319] Code: 0a 04 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[  531.023547][T25319] RSP: 0018:ffffc9001accf4f8 EFLAGS: 00050206
[  531.023565][T25319] RAX: ffffffff84c56c01 RBX: ffff88807b184000 RCX: 00000000000005dc
[  531.023581][T25319] RDX: 0000000000000000 RSI: ffff88807b1848c0 RDI: 0000200000003000
[  531.023595][T25319] RBP: ffffc9001accf650 R08: ffff88807b184e9b R09: 1ffff1100f6309d3
[  531.023610][T25319] R10: dffffc0000000000 R11: ffffed100f6309d4 R12: dffffc0000000000
[  531.023625][T25319] R13: 0000000000000000 R14: 00007ffffffff000 R15: 0000000000000e9c
[  531.023654][T25319]  ? _copy_to_iter+0x3d1/0x16f0
[  531.023681][T25319]  _copy_to_iter+0x484/0x16f0
[  531.023714][T25319]  ? __pfx__copy_to_iter+0x10/0x10
[  531.023731][T25319]  ? __skb_try_recv_from_queue+0x58f/0x730
[  531.023762][T25319]  ? __skb_try_recv_datagram+0x3da/0x4e0
[  531.023792][T25319]  __skb_datagram_iter+0xf8/0x990
[  531.023817][T25319]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  531.023851][T25319]  skb_copy_datagram_iter+0xc5/0x230
[  531.023889][T25319]  netlink_recvmsg+0x2ab/0xa30
[  531.023927][T25319]  ? __pfx_netlink_recvmsg+0x10/0x10
[  531.023960][T25319]  ? __lock_acquire+0xab9/0xd20
[  531.023986][T25319]  ? aa_sock_msg_perm+0xf1/0x1d0
[  531.024017][T25319]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  531.024037][T25319]  ? security_socket_recvmsg+0x7e/0x2e0
[  531.024059][T25319]  ? __pfx_netlink_recvmsg+0x10/0x10
[  531.024088][T25319]  sock_recvmsg+0x229/0x270
[  531.024116][T25319]  ____sys_recvmsg+0x1c9/0x460
[  531.024146][T25319]  ? __pfx_____sys_recvmsg+0x10/0x10
[  531.024183][T25319]  ? import_iovec+0x74/0xa0
[  531.024208][T25319]  ___sys_recvmsg+0x1b5/0x510
[  531.024234][T25319]  ? __pfx____sys_recvmsg+0x10/0x10
[  531.024280][T25319]  ? __fget_files+0x3a0/0x420
[  531.024319][T25319]  do_recvmmsg+0x307/0x770
[  531.024349][T25319]  ? __pfx_do_recvmmsg+0x10/0x10
[  531.024382][T25319]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  531.024428][T25319]  __x64_sys_recvmmsg+0x190/0x240
[  531.024452][T25319]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  531.024499][T25319]  ? do_syscall_64+0xbe/0x3b0
[  531.024533][T25319]  do_syscall_64+0xfa/0x3b0
[  531.024560][T25319]  ? lockdep_hardirqs_on+0x9c/0x150
[  531.024587][T25319]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  531.024607][T25319]  ? clear_bhb_loop+0x60/0xb0
[  531.024631][T25319]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  531.024658][T25319] RIP: 0033:0x7fa07798ebe9
[  531.024675][T25319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  531.024693][T25319] RSP: 002b:00007fa07882e038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  531.024713][T25319] RAX: ffffffffffffffda RBX: 00007fa077bb5fa0 RCX: 00007fa07798ebe9
[  531.024727][T25319] RDX: 0000000000000003 RSI: 00002000000003c0 RDI: 0000000000000003
[  531.024740][T25319] RBP: 00007fa07882e090 R08: 0000000000000000 R09: 0000000000000000
[  531.024753][T25319] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  531.024765][T25319] R13: 00007fa077bb6038 R14: 00007fa077bb5fa0 R15: 00007ffe329fb438
[  531.024797][T25319]  </TASK>
[  531.526973][T25326] __nla_validate_parse: 6 callbacks suppressed
[  531.526995][T25326] netlink: 68 bytes leftover after parsing attributes in process `syz.5.6807'.
[  532.112165][T25360] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6818'.
[  532.139928][    C1] ip6_tunnel: ip6tnl3 xmit: Local address not yet configured!
[  532.207261][T25365] netlink: 520 bytes leftover after parsing attributes in process `syz.1.6820'.
[  532.423261][T25375] netlink: 'syz.1.6824': attribute type 1 has an invalid length.
[  532.432114][T25375] netlink: 224 bytes leftover after parsing attributes in process `syz.1.6824'.
[  532.904898][T25393] vlan4: entered promiscuous mode
[  532.969489][T25393] bridge0: entered promiscuous mode
[  533.143985][T25407] openvswitch: netlink: IP tunnel attribute has 8 unknown bytes.
[  533.496507][T25420] veth29: entered allmulticast mode
[  533.614881][T25429] netlink: zone id is out of range
[  533.643543][T25429] netlink: del zone limit has 4 unknown bytes
[  533.831221][T25444] openvswitch: netlink: VXLAN extension 173 out of range max 1
[  533.925760][T25449] netlink: 'syz.4.6855': attribute type 1 has an invalid length.
[  534.014162][T25449] 8021q: adding VLAN 0 to HW filter on device bond10
[  534.048542][T25449] 8021q: adding VLAN 0 to HW filter on device bond10
[  534.056257][T25449] bond10: (slave vxcan1): The slave device specified does not support setting the MAC address
[  534.071434][T25449] bond10: (slave vxcan1): Error -95 calling set_mac_address
[  534.129128][T25460] veth37: entered promiscuous mode
[  534.146376][T25460] bond10: (slave veth37): Enslaving as an active interface with a down link
[  534.275468][T25468] FAULT_INJECTION: forcing a failure.
[  534.275468][T25468] name failslab, interval 1, probability 0, space 0, times 0
[  534.289513][T25465] netlink: 52 bytes leftover after parsing attributes in process `syz.1.6860'.
[  534.338082][T25468] CPU: 0 UID: 0 PID: 25468 Comm: syz.5.6862 Not tainted syzkaller #0 PREEMPT(full) 
[  534.338127][T25468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  534.338147][T25468] Call Trace:
[  534.338156][T25468]  <TASK>
[  534.338166][T25468]  dump_stack_lvl+0x189/0x250
[  534.338196][T25468]  ? __pfx____ratelimit+0x10/0x10
[  534.338224][T25468]  ? __pfx_dump_stack_lvl+0x10/0x10
[  534.338249][T25468]  ? __pfx__printk+0x10/0x10
[  534.338273][T25468]  ? trace_contention_end+0x39/0x120
[  534.338312][T25468]  should_fail_ex+0x414/0x560
[  534.338344][T25468]  should_failslab+0xa8/0x100
[  534.338375][T25468]  kmem_cache_alloc_noprof+0x73/0x3c0
[  534.338402][T25468]  ? skb_clone+0x212/0x3a0
[  534.338428][T25468]  skb_clone+0x212/0x3a0
[  534.338454][T25468]  __netlink_deliver_tap+0x404/0x850
[  534.338505][T25468]  ? netlink_deliver_tap+0x2e/0x1b0
[  534.338534][T25468]  netlink_deliver_tap+0x19c/0x1b0
[  534.338562][T25468]  netlink_dump+0x92b/0xe90
[  534.338601][T25468]  ? __pfx_netlink_dump+0x10/0x10
[  534.338658][T25468]  netlink_recvmsg+0x676/0xa30
[  534.338695][T25468]  ? __pfx_netlink_recvmsg+0x10/0x10
[  534.338727][T25468]  ? __lock_acquire+0xab9/0xd20
[  534.338753][T25468]  ? aa_sock_msg_perm+0xf1/0x1d0
[  534.338784][T25468]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  534.338804][T25468]  ? security_socket_recvmsg+0x7e/0x2e0
[  534.338826][T25468]  ? __pfx_netlink_recvmsg+0x10/0x10
[  534.338854][T25468]  sock_recvmsg+0x229/0x270
[  534.338882][T25468]  ____sys_recvmsg+0x1c9/0x460
[  534.338912][T25468]  ? __pfx_____sys_recvmsg+0x10/0x10
[  534.338949][T25468]  ? import_iovec+0x74/0xa0
[  534.338974][T25468]  ___sys_recvmsg+0x1b5/0x510
[  534.339000][T25468]  ? __pfx____sys_recvmsg+0x10/0x10
[  534.339046][T25468]  ? __fget_files+0x3a0/0x420
[  534.339086][T25468]  do_recvmmsg+0x307/0x770
[  534.339120][T25468]  ? __pfx_do_recvmmsg+0x10/0x10
[  534.339152][T25468]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  534.339198][T25468]  __x64_sys_recvmmsg+0x190/0x240
[  534.339221][T25468]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  534.339240][T25468]  ? rcu_is_watching+0x15/0xb0
[  534.339264][T25468]  ? do_syscall_64+0xbe/0x3b0
[  534.339294][T25468]  do_syscall_64+0xfa/0x3b0
[  534.339319][T25468]  ? lockdep_hardirqs_on+0x9c/0x150
[  534.339342][T25468]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  534.339361][T25468]  ? clear_bhb_loop+0x60/0xb0
[  534.339384][T25468]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  534.339402][T25468] RIP: 0033:0x7f851ef8ebe9
[  534.339420][T25468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  534.339437][T25468] RSP: 002b:00007f851fe25038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  534.339456][T25468] RAX: ffffffffffffffda RBX: 00007f851f1b5fa0 RCX: 00007f851ef8ebe9
[  534.339470][T25468] RDX: 0000000000000003 RSI: 00002000000003c0 RDI: 0000000000000003
[  534.339482][T25468] RBP: 00007f851fe25090 R08: 0000000000000000 R09: 0000000000000000
[  534.339494][T25468] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  534.339504][T25468] R13: 00007f851f1b6038 R14: 00007f851f1b5fa0 R15: 00007ffca0fab3c8
[  534.339534][T25468]  </TASK>
[  534.376480][T25472] veth0_to_team: entered promiscuous mode
[  534.686194][T25472] veth0_to_team: entered allmulticast mode
[  534.719908][T25479] netlink: 88 bytes leftover after parsing attributes in process `syz.3.6867'.
[  534.968496][T25499] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  535.136675][T25505] veth21: left allmulticast mode
[  535.155659][T25505] veth23: left allmulticast mode
[  535.176739][T25505] veth25: left allmulticast mode
[  535.224503][T25505] gtp0: left allmulticast mode
[  535.244851][T25505] veth27: left allmulticast mode
[  535.267213][T25505] veth35: left allmulticast mode
[  535.274559][T25505] veth37: left allmulticast mode
[  535.284316][T25519] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6882'.
[  535.547768][T25533] netlink: 44 bytes leftover after parsing attributes in process `syz.3.6884'.
[  535.577378][T25524] netlink: 44 bytes leftover after parsing attributes in process `syz.3.6884'.
[  535.639245][T25540] netlink: 216 bytes leftover after parsing attributes in process `syz.5.6891'.
[  535.846872][T25553] delete_channel: no stack
[  536.137663][T25572] netlink: zone id is out of range
[  536.150763][T25572] netlink: del zone limit has 4 unknown bytes
[  536.269208][T25582] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  536.332137][T25586] FAULT_INJECTION: forcing a failure.
[  536.332137][T25586] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  536.345752][T25586] CPU: 0 UID: 0 PID: 25586 Comm: syz.4.6912 Not tainted syzkaller #0 PREEMPT(full) 
[  536.345778][T25586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  536.345790][T25586] Call Trace:
[  536.345798][T25586]  <TASK>
[  536.345806][T25586]  dump_stack_lvl+0x189/0x250
[  536.345835][T25586]  ? __pfx____ratelimit+0x10/0x10
[  536.345862][T25586]  ? __pfx_dump_stack_lvl+0x10/0x10
[  536.345885][T25586]  ? __pfx__printk+0x10/0x10
[  536.345911][T25586]  ? __might_fault+0xb0/0x130
[  536.345949][T25586]  should_fail_ex+0x414/0x560
[  536.345997][T25586]  _copy_from_iter+0x1db/0x16f0
[  536.346022][T25586]  ? rcu_is_watching+0x15/0xb0
[  536.346044][T25586]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  536.346074][T25586]  ? __pfx__copy_from_iter+0x10/0x10
[  536.346096][T25586]  ? __build_skb_around+0x257/0x3e0
[  536.346130][T25586]  ? netlink_sendmsg+0x642/0xb30
[  536.346157][T25586]  ? skb_put+0x11b/0x210
[  536.346191][T25586]  netlink_sendmsg+0x6b2/0xb30
[  536.346230][T25586]  ? __pfx_netlink_sendmsg+0x10/0x10
[  536.346264][T25586]  ? aa_sock_msg_perm+0xf1/0x1d0
[  536.346297][T25586]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  536.346319][T25586]  ? __pfx_netlink_sendmsg+0x10/0x10
[  536.346350][T25586]  __sock_sendmsg+0x219/0x270
[  536.346396][T25586]  ____sys_sendmsg+0x505/0x830
[  536.346437][T25586]  ? __pfx_____sys_sendmsg+0x10/0x10
[  536.346472][T25586]  ? import_iovec+0x74/0xa0
[  536.346501][T25586]  ___sys_sendmsg+0x21f/0x2a0
[  536.346527][T25586]  ? __pfx____sys_sendmsg+0x10/0x10
[  536.346592][T25586]  ? __fget_files+0x2a/0x420
[  536.346626][T25586]  ? __fget_files+0x3a0/0x420
[  536.346670][T25586]  __x64_sys_sendmsg+0x19b/0x260
[  536.346697][T25586]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  536.346731][T25586]  ? __pfx_ksys_write+0x10/0x10
[  536.346759][T25586]  ? rcu_is_watching+0x15/0xb0
[  536.346786][T25586]  ? do_syscall_64+0xbe/0x3b0
[  536.346823][T25586]  do_syscall_64+0xfa/0x3b0
[  536.346853][T25586]  ? lockdep_hardirqs_on+0x9c/0x150
[  536.346883][T25586]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  536.346905][T25586]  ? clear_bhb_loop+0x60/0xb0
[  536.346933][T25586]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  536.346955][T25586] RIP: 0033:0x7f974338ebe9
[  536.346975][T25586] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  536.346995][T25586] RSP: 002b:00007f9744209038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  536.347019][T25586] RAX: ffffffffffffffda RBX: 00007f97435b5fa0 RCX: 00007f974338ebe9
[  536.347036][T25586] RDX: 0000000000000010 RSI: 0000200000000240 RDI: 0000000000000003
[  536.347051][T25586] RBP: 00007f9744209090 R08: 0000000000000000 R09: 0000000000000000
[  536.347065][T25586] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  536.347079][T25586] R13: 00007f97435b6038 R14: 00007f97435b5fa0 R15: 00007fffecabd698
[  536.347115][T25586]  </TASK>
[  536.740324][T25591] bond1: (slave veth0_to_bond): Releasing active interface
[  536.764491][T25591] bond6: (slave wlan0): Releasing backup interface
[  536.771143][T25591] bond6: (slave wlan0): the permanent HWaddr of slave - 08:02:11:00:00:00 - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[  536.814041][T25591] bond1: (slave veth3): Releasing active interface
[  536.821182][T25591] bond1: (slave veth3): the permanent HWaddr of slave - 42:a4:30:24:7c:f2 - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[  536.848325][T25591] bond1: (slave veth5): Releasing active interface
[  536.861840][T25603] netlink: 'syz.3.6915': attribute type 10 has an invalid length.
[  536.893087][T25591] bond2: (slave bond3): Releasing backup interface
[  536.929749][T25591] bond5: (slave veth11): Releasing active interface
[  536.955904][T25591] bond6: (slave vlan2): Releasing backup interface
[  536.982121][T25591] veth1: left promiscuous mode
[  537.045357][T25591] bond10: (slave vlan3): Releasing active interface
[  537.077996][T25591] bond12: (slave bond13): Releasing backup interface
[  537.087009][T25591] bond12: (slave bond13): the permanent HWaddr of slave - 62:a2:6b:c2:b4:2e - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[  537.105055][T25591] bond12: (slave gretap1): making interface the new active one
[  537.125073][T25591] bond12: (slave gretap1): Releasing backup interface
[  537.151843][T25591] bond14: (slave veth29): Releasing backup interface
[  537.174313][T25591] bond16: (slave veth35): Releasing active interface
[  537.201023][T25593] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode
[  537.252028][T25603] mac80211_hwsim hwsim5 wlan1: left allmulticast mode
[  537.304246][T25603] 8021q: adding VLAN 0 to HW filter on device bond0
[  537.357808][T25615] __nla_validate_parse: 5 callbacks suppressed
[  537.357827][T25615] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6918'.
[  537.357914][T25603] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  537.367490][T25615] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6918'.
[  537.412366][T25617] netlink: 212376 bytes leftover after parsing attributes in process `syz.4.6919'.
[  537.423189][T25608] bond10: (slave wlan0): Releasing active interface
[  537.464314][T25608] bond0: (slave wlan1): Releasing backup interface
[  537.492454][T25608] ip6erspan0: left promiscuous mode
[  537.514680][T25608] gretap1: left promiscuous mode
[  537.528376][T25608] veth13: left promiscuous mode
[  537.535037][T25608] veth15: left promiscuous mode
[  537.541348][T25608] veth17: left promiscuous mode
[  537.546434][T25608] veth19: left promiscuous mode
[  537.553865][T25608] gtp0: left promiscuous mode
[  537.565549][T25608] veth29: left promiscuous mode
[  537.575345][T25608] bond8: (slave veth29): Releasing active interface
[  537.592585][T25621] netlink: zone id is out of range
[  537.597919][T25608] veth31: left promiscuous mode
[  537.598909][T25621] netlink: del zone limit has 4 unknown bytes
[  537.611021][T25608] bond9: (slave veth31): Releasing active interface
[  537.636774][T25608] veth33: left promiscuous mode
[  537.649229][T25591] 8021q: VLANs not supported on gre0
[  537.761757][T25625] FAULT_INJECTION: forcing a failure.
[  537.761757][T25625] name failslab, interval 1, probability 0, space 0, times 0
[  537.849586][T25625] CPU: 0 UID: 0 PID: 25625 Comm: syz.1.6923 Not tainted syzkaller #0 PREEMPT(full) 
[  537.849615][T25625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  537.849628][T25625] Call Trace:
[  537.849636][T25625]  <TASK>
[  537.849645][T25625]  dump_stack_lvl+0x189/0x250
[  537.849673][T25625]  ? __pfx____ratelimit+0x10/0x10
[  537.849699][T25625]  ? __pfx_dump_stack_lvl+0x10/0x10
[  537.849722][T25625]  ? __pfx__printk+0x10/0x10
[  537.849752][T25625]  ? __pfx___might_resched+0x10/0x10
[  537.849771][T25625]  ? fs_reclaim_acquire+0x7d/0x100
[  537.849806][T25625]  should_fail_ex+0x414/0x560
[  537.849836][T25625]  should_failslab+0xa8/0x100
[  537.849865][T25625]  __kmalloc_node_noprof+0xd1/0x4e0
[  537.849891][T25625]  ? __pfx___up_read+0x10/0x10
[  537.849909][T25625]  ? crypto_create_tfm_node+0x83/0x3f0
[  537.849942][T25625]  crypto_create_tfm_node+0x83/0x3f0
[  537.849974][T25625]  crypto_spawn_tfm2+0x5c/0x90
[  537.849996][T25625]  crypto_authenc_init_tfm+0x69/0x1c0
[  537.850020][T25625]  crypto_create_tfm_node+0x18c/0x3f0
[  537.850052][T25625]  crypto_spawn_tfm2+0x5c/0x90
[  537.850072][T25625]  aead_init_geniv+0x169/0x240
[  537.850102][T25625]  crypto_create_tfm_node+0x18c/0x3f0
[  537.850134][T25625]  crypto_alloc_tfm_node+0x172/0x3f0
[  537.850170][T25625]  esp6_init_state+0x5b6/0x1140
[  537.850197][T25625]  ? pfkey_sendmsg+0xbfe/0x1090
[  537.850222][T25625]  ? __sock_sendmsg+0x219/0x270
[  537.850246][T25625]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  537.850278][T25625]  ? __pfx_esp6_init_state+0x10/0x10
[  537.850326][T25625]  ? xfrm_state_get_afinfo+0x2e/0x1b0
[  537.850363][T25625]  ? __xfrm_init_state+0x7ef/0x13f0
[  537.850390][T25625]  __xfrm_init_state+0xa76/0x13f0
[  537.850411][T25625]  ? __xfrm_init_state+0x7ef/0x13f0
[  537.850438][T25625]  xfrm_init_state+0x18/0xa0
[  537.850456][T25625]  pfkey_add+0x1d38/0x2e00
[  537.850504][T25625]  ? __pfx_pfkey_add+0x10/0x10
[  537.850530][T25625]  ? kmem_cache_free+0x18f/0x400
[  537.850568][T25625]  pfkey_sendmsg+0xbfe/0x1090
[  537.850612][T25625]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  537.850666][T25625]  ? aa_sock_msg_perm+0xf1/0x1d0
[  537.850696][T25625]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  537.850717][T25625]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  537.850746][T25625]  __sock_sendmsg+0x219/0x270
[  537.850773][T25625]  ____sys_sendmsg+0x505/0x830
[  537.850798][T25625]  ? __pfx_____sys_sendmsg+0x10/0x10
[  537.850827][T25625]  ? import_iovec+0x74/0xa0
[  537.850869][T25625]  ___sys_sendmsg+0x21f/0x2a0
[  537.850892][T25625]  ? __pfx____sys_sendmsg+0x10/0x10
[  537.850951][T25625]  ? __fget_files+0x2a/0x420
[  537.850981][T25625]  ? __fget_files+0x3a0/0x420
[  537.851022][T25625]  __x64_sys_sendmsg+0x19b/0x260
[  537.851046][T25625]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  537.851077][T25625]  ? __pfx_ksys_write+0x10/0x10
[  537.851102][T25625]  ? rcu_is_watching+0x15/0xb0
[  537.851128][T25625]  ? do_syscall_64+0xbe/0x3b0
[  537.851161][T25625]  do_syscall_64+0xfa/0x3b0
[  537.851187][T25625]  ? lockdep_hardirqs_on+0x9c/0x150
[  537.851214][T25625]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  537.851234][T25625]  ? clear_bhb_loop+0x60/0xb0
[  537.851258][T25625]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  537.851284][T25625] RIP: 0033:0x7fa07798ebe9
[  537.851313][T25625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  537.851330][T25625] RSP: 002b:00007fa07882e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  537.851349][T25625] RAX: ffffffffffffffda RBX: 00007fa077bb5fa0 RCX: 00007fa07798ebe9
[  537.851363][T25625] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  537.851375][T25625] RBP: 00007fa07882e090 R08: 0000000000000000 R09: 0000000000000000
[  537.851387][T25625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  537.851398][T25625] R13: 00007fa077bb6038 R14: 00007fa077bb5fa0 R15: 00007ffe329fb438
[  537.851429][T25625]  </TASK>
[  537.868295][T25632] sctp: [Deprecated]: syz.4.6926 (pid 25632) Use of int in max_burst socket option.
[  537.868295][T25632] Use struct sctp_assoc_value instead
[  538.304355][T25643] netlink: 'syz.5.6927': attribute type 11 has an invalid length.
[  538.312610][T25643] netlink: 'syz.5.6927': attribute type 11 has an invalid length.
[  538.322727][T25643] netlink: 224 bytes leftover after parsing attributes in process `syz.5.6927'.
[  538.619656][T25666] netlink: zone id is out of range
[  538.643556][T25666] netlink: del zone limit has 4 unknown bytes
[  538.816192][T25680] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6939'.
[  538.898181][T25686] FAULT_INJECTION: forcing a failure.
[  538.898181][T25686] name failslab, interval 1, probability 0, space 0, times 0
[  538.935937][T25686] CPU: 1 UID: 0 PID: 25686 Comm: syz.1.6942 Not tainted syzkaller #0 PREEMPT(full) 
[  538.935969][T25686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  538.935983][T25686] Call Trace:
[  538.935992][T25686]  <TASK>
[  538.936002][T25686]  dump_stack_lvl+0x189/0x250
[  538.936034][T25686]  ? __pfx____ratelimit+0x10/0x10
[  538.936065][T25686]  ? __pfx_dump_stack_lvl+0x10/0x10
[  538.936091][T25686]  ? __pfx__printk+0x10/0x10
[  538.936128][T25686]  ? __pfx___might_resched+0x10/0x10
[  538.936148][T25686]  ? fs_reclaim_acquire+0x7d/0x100
[  538.936188][T25686]  should_fail_ex+0x414/0x560
[  538.936222][T25686]  should_failslab+0xa8/0x100
[  538.936255][T25686]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  538.936286][T25686]  ? __alloc_skb+0x112/0x2d0
[  538.936328][T25686]  __alloc_skb+0x112/0x2d0
[  538.936425][T25686]  netlink_ack+0x146/0xa50
[  538.936454][T25686]  ? __pfx_genl_rcv_msg+0x10/0x10
[  538.936499][T25686]  netlink_rcv_skb+0x28c/0x470
[  538.936528][T25686]  ? __lock_acquire+0xab9/0xd20
[  538.936561][T25686]  ? __pfx_genl_rcv_msg+0x10/0x10
[  538.936588][T25686]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  538.936643][T25686]  ? down_read+0x1ad/0x2e0
[  538.936680][T25686]  genl_rcv+0x28/0x40
[  538.936702][T25686]  netlink_unicast+0x82c/0x9e0
[  538.936742][T25686]  ? __pfx_netlink_unicast+0x10/0x10
[  538.936774][T25686]  ? netlink_sendmsg+0x642/0xb30
[  538.936803][T25686]  ? skb_put+0x11b/0x210
[  538.936841][T25686]  netlink_sendmsg+0x805/0xb30
[  538.936885][T25686]  ? __pfx_netlink_sendmsg+0x10/0x10
[  538.936927][T25686]  ? aa_sock_msg_perm+0xf1/0x1d0
[  538.936965][T25686]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  538.936989][T25686]  ? __pfx_netlink_sendmsg+0x10/0x10
[  538.937022][T25686]  __sock_sendmsg+0x219/0x270
[  538.937055][T25686]  ____sys_sendmsg+0x505/0x830
[  538.937086][T25686]  ? __pfx_____sys_sendmsg+0x10/0x10
[  538.937120][T25686]  ? import_iovec+0x74/0xa0
[  538.937150][T25686]  ___sys_sendmsg+0x21f/0x2a0
[  538.937176][T25686]  ? __pfx____sys_sendmsg+0x10/0x10
[  538.937243][T25686]  ? __fget_files+0x2a/0x420
[  538.937275][T25686]  ? __fget_files+0x3a0/0x420
[  538.937321][T25686]  __x64_sys_sendmsg+0x19b/0x260
[  538.937348][T25686]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  538.937383][T25686]  ? __pfx_ksys_write+0x10/0x10
[  538.937410][T25686]  ? rcu_is_watching+0x15/0xb0
[  538.937439][T25686]  ? do_syscall_64+0xbe/0x3b0
[  538.937476][T25686]  do_syscall_64+0xfa/0x3b0
[  538.937516][T25686]  ? lockdep_hardirqs_on+0x9c/0x150
[  538.937542][T25686]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  538.937571][T25686]  ? clear_bhb_loop+0x60/0xb0
[  538.937595][T25686]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  538.937613][T25686] RIP: 0033:0x7fa07798ebe9
[  538.937631][T25686] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  538.937647][T25686] RSP: 002b:00007fa07882e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  538.937668][T25686] RAX: ffffffffffffffda RBX: 00007fa077bb5fa0 RCX: 00007fa07798ebe9
[  538.937682][T25686] RDX: 0000000000000080 RSI: 0000200000002ec0 RDI: 0000000000000004
[  538.937694][T25686] RBP: 00007fa07882e090 R08: 0000000000000000 R09: 0000000000000000
[  538.937706][T25686] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  538.937717][T25686] R13: 00007fa077bb6038 R14: 00007fa077bb5fa0 R15: 00007ffe329fb438
[  538.937748][T25686]  </TASK>
[  539.406033][T25699] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  539.839663][T25725] netlink: 'syz.5.6954': attribute type 24 has an invalid length.
[  540.018774][   T49] nci: nci_ntf_packet: unknown ntf opcode 0x206
[  540.853381][T25782] FAULT_INJECTION: forcing a failure.
[  540.853381][T25782] name failslab, interval 1, probability 0, space 0, times 0
[  540.877249][T25782] CPU: 1 UID: 0 PID: 25782 Comm: syz.5.6973 Not tainted syzkaller #0 PREEMPT(full) 
[  540.877279][T25782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  540.877294][T25782] Call Trace:
[  540.877303][T25782]  <TASK>
[  540.877313][T25782]  dump_stack_lvl+0x189/0x250
[  540.877346][T25782]  ? __pfx____ratelimit+0x10/0x10
[  540.877377][T25782]  ? __pfx_dump_stack_lvl+0x10/0x10
[  540.877404][T25782]  ? __pfx__printk+0x10/0x10
[  540.877432][T25782]  ? trace_contention_end+0x39/0x120
[  540.877475][T25782]  should_fail_ex+0x414/0x560
[  540.877510][T25782]  should_failslab+0xa8/0x100
[  540.877553][T25782]  kmem_cache_alloc_noprof+0x73/0x3c0
[  540.877580][T25782]  ? skb_clone+0x212/0x3a0
[  540.877606][T25782]  skb_clone+0x212/0x3a0
[  540.877632][T25782]  __netlink_deliver_tap+0x404/0x850
[  540.877674][T25782]  ? netlink_deliver_tap+0x2e/0x1b0
[  540.877705][T25782]  netlink_deliver_tap+0x19c/0x1b0
[  540.877735][T25782]  netlink_dump+0x92b/0xe90
[  540.877794][T25782]  ? __pfx_netlink_dump+0x10/0x10
[  540.877846][T25782]  netlink_recvmsg+0x676/0xa30
[  540.877883][T25782]  ? __pfx_netlink_recvmsg+0x10/0x10
[  540.877915][T25782]  ? __lock_acquire+0xab9/0xd20
[  540.877941][T25782]  ? aa_sock_msg_perm+0xf1/0x1d0
[  540.877972][T25782]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  540.877994][T25782]  ? __pfx_netlink_recvmsg+0x10/0x10
[  540.878023][T25782]  sock_recvmsg_nosec+0x186/0x1c0
[  540.878052][T25782]  ____sys_recvmsg+0x3aa/0x460
[  540.878081][T25782]  ? __pfx_____sys_recvmsg+0x10/0x10
[  540.878135][T25782]  ? import_iovec+0x74/0xa0
[  540.878161][T25782]  ___sys_recvmsg+0x1b5/0x510
[  540.878189][T25782]  ? __pfx____sys_recvmsg+0x10/0x10
[  540.878245][T25782]  ? __might_fault+0xb0/0x130
[  540.878277][T25782]  do_recvmmsg+0x307/0x770
[  540.878308][T25782]  ? __pfx_do_recvmmsg+0x10/0x10
[  540.878343][T25782]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  540.878392][T25782]  __x64_sys_recvmmsg+0x190/0x240
[  540.878418][T25782]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  540.878438][T25782]  ? rcu_is_watching+0x15/0xb0
[  540.878464][T25782]  ? do_syscall_64+0xbe/0x3b0
[  540.878497][T25782]  do_syscall_64+0xfa/0x3b0
[  540.878524][T25782]  ? lockdep_hardirqs_on+0x9c/0x150
[  540.878550][T25782]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  540.878570][T25782]  ? clear_bhb_loop+0x60/0xb0
[  540.878596][T25782]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  540.878615][T25782] RIP: 0033:0x7f851ef8ebe9
[  540.878633][T25782] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  540.878651][T25782] RSP: 002b:00007f851fe25038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  540.878672][T25782] RAX: ffffffffffffffda RBX: 00007f851f1b5fa0 RCX: 00007f851ef8ebe9
[  540.878687][T25782] RDX: 0000000000000003 RSI: 00002000000003c0 RDI: 0000000000000003
[  540.878700][T25782] RBP: 00007f851fe25090 R08: 0000000000000000 R09: 0000000000000000
[  540.878713][T25782] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002
[  540.878725][T25782] R13: 00007f851f1b6038 R14: 00007f851f1b5fa0 R15: 00007ffca0fab3c8
[  540.878757][T25782]  </TASK>
[  541.415143][T25796] netlink: zone id is out of range
[  541.436210][T25796] netlink: del zone limit has 4 unknown bytes
[  541.501640][T25810] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  541.809464][T25830] FAULT_INJECTION: forcing a failure.
[  541.809464][T25830] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  541.831050][T25830] CPU: 1 UID: 0 PID: 25830 Comm: syz.5.6989 Not tainted syzkaller #0 PREEMPT(full) 
[  541.831077][T25830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  541.831089][T25830] Call Trace:
[  541.831096][T25830]  <TASK>
[  541.831105][T25830]  dump_stack_lvl+0x189/0x250
[  541.831132][T25830]  ? __pfx____ratelimit+0x10/0x10
[  541.831158][T25830]  ? __pfx_dump_stack_lvl+0x10/0x10
[  541.831181][T25830]  ? __pfx__printk+0x10/0x10
[  541.831208][T25830]  ? __might_fault+0xb0/0x130
[  541.831245][T25830]  should_fail_ex+0x414/0x560
[  541.831275][T25830]  _copy_from_user+0x2d/0xb0
[  541.831299][T25830]  ___sys_recvmsg+0x12e/0x510
[  541.831325][T25830]  ? __pfx____sys_recvmsg+0x10/0x10
[  541.831375][T25830]  ? __might_fault+0xb0/0x130
[  541.831404][T25830]  do_recvmmsg+0x307/0x770
[  541.831432][T25830]  ? __pfx_do_recvmmsg+0x10/0x10
[  541.831465][T25830]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  541.831510][T25830]  __x64_sys_recvmmsg+0x190/0x240
[  541.831533][T25830]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  541.831552][T25830]  ? rcu_is_watching+0x15/0xb0
[  541.831577][T25830]  ? do_syscall_64+0xbe/0x3b0
[  541.831608][T25830]  do_syscall_64+0xfa/0x3b0
[  541.831633][T25830]  ? lockdep_hardirqs_on+0x9c/0x150
[  541.831657][T25830]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  541.831676][T25830]  ? clear_bhb_loop+0x60/0xb0
[  541.831698][T25830]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  541.831717][T25830] RIP: 0033:0x7f851ef8ebe9
[  541.831734][T25830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  541.831751][T25830] RSP: 002b:00007f851fe25038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  541.831771][T25830] RAX: ffffffffffffffda RBX: 00007f851f1b5fa0 RCX: 00007f851ef8ebe9
[  541.831786][T25830] RDX: 0000000000000003 RSI: 00002000000003c0 RDI: 0000000000000003
[  541.831798][T25830] RBP: 00007f851fe25090 R08: 0000000000000000 R09: 0000000000000000
[  541.831809][T25830] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002
[  541.831821][T25830] R13: 00007f851f1b6038 R14: 00007f851f1b5fa0 R15: 00007ffca0fab3c8
[  541.831852][T25830]  </TASK>
[  542.295316][T25844] netlink: 44 bytes leftover after parsing attributes in process `syz.4.6995'.
[  542.326727][T25840] netlink: 44 bytes leftover after parsing attributes in process `syz.4.6995'.
[  542.528195][T25853] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  542.812847][T25865] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  542.844973][T25868] FAULT_INJECTION: forcing a failure.
[  542.844973][T25868] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  542.898775][T25868] CPU: 0 UID: 0 PID: 25868 Comm: syz.4.7004 Not tainted syzkaller #0 PREEMPT(full) 
[  542.898805][T25868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  542.898819][T25868] Call Trace:
[  542.898833][T25868]  <TASK>
[  542.898843][T25868]  dump_stack_lvl+0x189/0x250
[  542.898872][T25868]  ? __pfx____ratelimit+0x10/0x10
[  542.898907][T25868]  ? __pfx_dump_stack_lvl+0x10/0x10
[  542.898931][T25868]  ? __pfx__printk+0x10/0x10
[  542.898960][T25868]  ? __might_fault+0xb0/0x130
[  542.898998][T25868]  should_fail_ex+0x414/0x560
[  542.899034][T25868]  _copy_to_iter+0x575/0x16f0
[  542.899066][T25868]  ? __pfx__copy_to_iter+0x10/0x10
[  542.899084][T25868]  ? __skb_try_recv_from_queue+0x58f/0x730
[  542.899113][T25868]  ? __skb_try_recv_datagram+0x3da/0x4e0
[  542.899142][T25868]  __skb_datagram_iter+0xf8/0x990
[  542.899165][T25868]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  542.899197][T25868]  skb_copy_datagram_iter+0xc5/0x230
[  542.899224][T25868]  netlink_recvmsg+0x2ab/0xa30
[  542.899263][T25868]  ? __pfx_netlink_recvmsg+0x10/0x10
[  542.899296][T25868]  ? __lock_acquire+0xab9/0xd20
[  542.899324][T25868]  ? aa_sock_msg_perm+0xf1/0x1d0
[  542.899356][T25868]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  542.899380][T25868]  ? __pfx_netlink_recvmsg+0x10/0x10
[  542.899410][T25868]  sock_recvmsg_nosec+0x186/0x1c0
[  542.899440][T25868]  ____sys_recvmsg+0x3aa/0x460
[  542.899471][T25868]  ? __pfx_____sys_recvmsg+0x10/0x10
[  542.899508][T25868]  ? import_iovec+0x74/0xa0
[  542.899540][T25868]  ___sys_recvmsg+0x1b5/0x510
[  542.899567][T25868]  ? __pfx____sys_recvmsg+0x10/0x10
[  542.899618][T25868]  ? __might_fault+0xb0/0x130
[  542.899649][T25868]  do_recvmmsg+0x307/0x770
[  542.899680][T25868]  ? __pfx_do_recvmmsg+0x10/0x10
[  542.899714][T25868]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  542.899762][T25868]  __x64_sys_recvmmsg+0x190/0x240
[  542.899786][T25868]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  542.899805][T25868]  ? rcu_is_watching+0x15/0xb0
[  542.899836][T25868]  ? do_syscall_64+0xbe/0x3b0
[  542.899868][T25868]  do_syscall_64+0xfa/0x3b0
[  542.899895][T25868]  ? lockdep_hardirqs_on+0x9c/0x150
[  542.899921][T25868]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  542.899941][T25868]  ? clear_bhb_loop+0x60/0xb0
[  542.899965][T25868]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  542.899984][T25868] RIP: 0033:0x7f974338ebe9
[  542.900002][T25868] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  542.900020][T25868] RSP: 002b:00007f9744209038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  542.900041][T25868] RAX: ffffffffffffffda RBX: 00007f97435b5fa0 RCX: 00007f974338ebe9
[  542.900056][T25868] RDX: 0000000000000003 RSI: 00002000000003c0 RDI: 0000000000000003
[  542.900068][T25868] RBP: 00007f9744209090 R08: 0000000000000000 R09: 0000000000000000
[  542.900081][T25868] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002
[  542.900093][T25868] R13: 00007f97435b6038 R14: 00007f97435b5fa0 R15: 00007fffecabd698
[  542.900125][T25868]  </TASK>
[  543.465283][T25883] !€ÿÿÿ: renamed from bond_slave_0
[  543.602209][T25896] netlink: 44 bytes leftover after parsing attributes in process `syz.5.7011'.
[  543.621630][T25886] netlink: 44 bytes leftover after parsing attributes in process `syz.5.7011'.
[  543.656594][T25899] syzkaller0: entered promiscuous mode
[  543.679384][T25899] syzkaller0: entered allmulticast mode
[  543.818816][T25908] netlink: 64138 bytes leftover after parsing attributes in process `syz.3.7017'.
[  543.821196][T25906] syzkaller1: entered promiscuous mode
[  543.838002][T25906] syzkaller1: entered allmulticast mode
[  543.907124][T25916] netlink: 'syz.0.7020': attribute type 1 has an invalid length.
[  544.106783][T25922] veth39: entered allmulticast mode
[  544.138119][T25926] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  544.312640][T25933] syzkaller1: entered promiscuous mode
[  544.318157][T25933] syzkaller1: entered allmulticast mode
[  544.567179][T25948] netlink: 44 bytes leftover after parsing attributes in process `syz.4.7029'.
[  544.729079][T25953] FAULT_INJECTION: forcing a failure.
[  544.729079][T25953] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  544.819733][T25953] CPU: 1 UID: 0 PID: 25953 Comm: syz.3.7035 Not tainted syzkaller #0 PREEMPT(full) 
[  544.819762][T25953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  544.819774][T25953] Call Trace:
[  544.819782][T25953]  <TASK>
[  544.819791][T25953]  dump_stack_lvl+0x189/0x250
[  544.819820][T25953]  ? __pfx____ratelimit+0x10/0x10
[  544.819846][T25953]  ? __pfx_dump_stack_lvl+0x10/0x10
[  544.819869][T25953]  ? __pfx__printk+0x10/0x10
[  544.819896][T25953]  ? __might_fault+0xb0/0x130
[  544.819934][T25953]  should_fail_ex+0x414/0x560
[  544.819963][T25953]  _copy_from_user+0x2d/0xb0
[  544.819987][T25953]  ___sys_recvmsg+0x12e/0x510
[  544.820014][T25953]  ? __pfx____sys_recvmsg+0x10/0x10
[  544.820065][T25953]  ? __might_fault+0xb0/0x130
[  544.820094][T25953]  do_recvmmsg+0x307/0x770
[  544.820124][T25953]  ? __pfx_do_recvmmsg+0x10/0x10
[  544.820156][T25953]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  544.820201][T25953]  __x64_sys_recvmmsg+0x190/0x240
[  544.820225][T25953]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  544.820244][T25953]  ? rcu_is_watching+0x15/0xb0
[  544.820268][T25953]  ? do_syscall_64+0xbe/0x3b0
[  544.820299][T25953]  do_syscall_64+0xfa/0x3b0
[  544.820324][T25953]  ? lockdep_hardirqs_on+0x9c/0x150
[  544.820349][T25953]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  544.820368][T25953]  ? clear_bhb_loop+0x60/0xb0
[  544.820392][T25953]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  544.820410][T25953] RIP: 0033:0x7f026278ebe9
[  544.820427][T25953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  544.820444][T25953] RSP: 002b:00007f02635ed038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  544.820464][T25953] RAX: ffffffffffffffda RBX: 00007f02629b5fa0 RCX: 00007f026278ebe9
[  544.820478][T25953] RDX: 0000000000000008 RSI: 0000200000002c00 RDI: 0000000000000003
[  544.820490][T25953] RBP: 00007f02635ed090 R08: 0000000000000000 R09: 0000000000000000
[  544.820501][T25953] R10: 0000000040010020 R11: 0000000000000246 R12: 0000000000000001
[  544.820513][T25953] R13: 00007f02629b6038 R14: 00007f02629b5fa0 R15: 00007fffa8ddf138
[  544.820543][T25953]  </TASK>
[  545.078539][T25962] FAULT_INJECTION: forcing a failure.
[  545.078539][T25962] name failslab, interval 1, probability 0, space 0, times 0
[  545.108489][T25962] CPU: 1 UID: 0 PID: 25962 Comm: syz.1.7039 Not tainted syzkaller #0 PREEMPT(full) 
[  545.108520][T25962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  545.108534][T25962] Call Trace:
[  545.108544][T25962]  <TASK>
[  545.108554][T25962]  dump_stack_lvl+0x189/0x250
[  545.108586][T25962]  ? __pfx____ratelimit+0x10/0x10
[  545.108616][T25962]  ? __pfx_dump_stack_lvl+0x10/0x10
[  545.108643][T25962]  ? __pfx__printk+0x10/0x10
[  545.108671][T25962]  ? netlink_broadcast_filtered+0x1216/0x12c0
[  545.108708][T25962]  ? nla_put+0xd0/0x150
[  545.108732][T25962]  should_fail_ex+0x414/0x560
[  545.108766][T25962]  should_failslab+0xa8/0x100
[  545.108800][T25962]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  545.108833][T25962]  ? __lock_acquire+0xab9/0xd20
[  545.108863][T25962]  ? __alloc_skb+0x112/0x2d0
[  545.108900][T25962]  __alloc_skb+0x112/0x2d0
[  545.108935][T25962]  __pfkey_xfrm_state2msg+0x495/0x3d30
[  545.108979][T25962]  ? net_generic+0x1e/0x240
[  545.109015][T25962]  pfkey_send_notify+0x1b0/0xdf0
[  545.109045][T25962]  ? km_state_notify+0x25/0x1f0
[  545.109068][T25962]  ? __pfx_pfkey_send_notify+0x10/0x10
[  545.109097][T25962]  km_state_notify+0x10d/0x1f0
[  545.109123][T25962]  pfkey_add+0x2000/0x2e00
[  545.109181][T25962]  ? __pfx_pfkey_add+0x10/0x10
[  545.109212][T25962]  ? kmem_cache_free+0x18f/0x400
[  545.109260][T25962]  pfkey_sendmsg+0xbfe/0x1090
[  545.109313][T25962]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  545.109376][T25962]  ? aa_sock_msg_perm+0xf1/0x1d0
[  545.109482][T25962]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  545.109521][T25962]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  545.109557][T25962]  __sock_sendmsg+0x219/0x270
[  545.109590][T25962]  ____sys_sendmsg+0x505/0x830
[  545.109620][T25962]  ? __pfx_____sys_sendmsg+0x10/0x10
[  545.109652][T25962]  ? import_iovec+0x74/0xa0
[  545.109682][T25962]  ___sys_sendmsg+0x21f/0x2a0
[  545.109707][T25962]  ? __pfx____sys_sendmsg+0x10/0x10
[  545.109773][T25962]  ? __fget_files+0x2a/0x420
[  545.109806][T25962]  ? __fget_files+0x3a0/0x420
[  545.109852][T25962]  __x64_sys_sendmsg+0x19b/0x260
[  545.109878][T25962]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  545.109913][T25962]  ? __pfx_ksys_write+0x10/0x10
[  545.109941][T25962]  ? rcu_is_watching+0x15/0xb0
[  545.109970][T25962]  ? do_syscall_64+0xbe/0x3b0
[  545.110007][T25962]  do_syscall_64+0xfa/0x3b0
[  545.110037][T25962]  ? lockdep_hardirqs_on+0x9c/0x150
[  545.110063][T25962]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  545.110085][T25962]  ? clear_bhb_loop+0x60/0xb0
[  545.110111][T25962]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  545.110133][T25962] RIP: 0033:0x7fa07798ebe9
[  545.110154][T25962] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  545.110174][T25962] RSP: 002b:00007fa07882e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  545.110197][T25962] RAX: ffffffffffffffda RBX: 00007fa077bb5fa0 RCX: 00007fa07798ebe9
[  545.110214][T25962] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  545.110229][T25962] RBP: 00007fa07882e090 R08: 0000000000000000 R09: 0000000000000000
[  545.110243][T25962] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  545.110257][T25962] R13: 00007fa077bb6038 R14: 00007fa077bb5fa0 R15: 00007ffe329fb438
[  545.110293][T25962]  </TASK>
[  545.123221][T25955] netlink: 60 bytes leftover after parsing attributes in process `syz.5.7036'.
[  545.457146][T25960] veth31: entered allmulticast mode
[  545.791546][T25991] netlink: 44 bytes leftover after parsing attributes in process `syz.1.7048'.
[  545.816220][T25989] netlink: 44 bytes leftover after parsing attributes in process `syz.1.7048'.
[  546.013002][T26000] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7053'.
[  546.163211][T26000] netlink: 64 bytes leftover after parsing attributes in process `syz.5.7053'.
[  546.174528][T26007] bridge10: the hash_elasticity option has been deprecated and is always 16
[  546.310227][T26013] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  546.375926][T26016] veth43: entered allmulticast mode
[  546.752936][T26040] netlink: 44 bytes leftover after parsing attributes in process `syz.3.7065'.
[  546.994166][T26054] netlink: 'syz.1.7072': attribute type 7 has an invalid length.
[  547.436211][T26067] ip6erspan1: entered promiscuous mode
[  547.674734][T26085] FAULT_INJECTION: forcing a failure.
[  547.674734][T26085] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  547.696932][T26085] CPU: 1 UID: 0 PID: 26085 Comm: syz.3.7081 Not tainted syzkaller #0 PREEMPT(full) 
[  547.696964][T26085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  547.696978][T26085] Call Trace:
[  547.696989][T26085]  <TASK>
[  547.696999][T26085]  dump_stack_lvl+0x189/0x250
[  547.697033][T26085]  ? __pfx____ratelimit+0x10/0x10
[  547.697065][T26085]  ? __pfx_dump_stack_lvl+0x10/0x10
[  547.697093][T26085]  ? __pfx__printk+0x10/0x10
[  547.697124][T26085]  ? __might_fault+0xb0/0x130
[  547.697168][T26085]  should_fail_ex+0x414/0x560
[  547.697204][T26085]  _copy_from_iter+0x1db/0x16f0
[  547.697231][T26085]  ? rcu_is_watching+0x15/0xb0
[  547.697256][T26085]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  547.697289][T26085]  ? __pfx__copy_from_iter+0x10/0x10
[  547.697313][T26085]  ? __build_skb_around+0x257/0x3e0
[  547.697352][T26085]  ? netlink_sendmsg+0x642/0xb30
[  547.697389][T26085]  ? skb_put+0x11b/0x210
[  547.697427][T26085]  netlink_sendmsg+0x6b2/0xb30
[  547.697483][T26085]  ? __pfx_netlink_sendmsg+0x10/0x10
[  547.697519][T26085]  ? aa_sock_msg_perm+0xf1/0x1d0
[  547.697554][T26085]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  547.697577][T26085]  ? __pfx_netlink_sendmsg+0x10/0x10
[  547.697610][T26085]  __sock_sendmsg+0x219/0x270
[  547.697641][T26085]  ____sys_sendmsg+0x505/0x830
[  547.697670][T26085]  ? __pfx_____sys_sendmsg+0x10/0x10
[  547.697712][T26085]  ? import_iovec+0x74/0xa0
[  547.697739][T26085]  ___sys_sendmsg+0x21f/0x2a0
[  547.697762][T26085]  ? __pfx____sys_sendmsg+0x10/0x10
[  547.697820][T26085]  ? __fget_files+0x2a/0x420
[  547.697850][T26085]  ? __fget_files+0x3a0/0x420
[  547.697891][T26085]  __x64_sys_sendmsg+0x19b/0x260
[  547.697915][T26085]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  547.697963][T26085]  ? __pfx_ksys_write+0x10/0x10
[  547.697990][T26085]  ? rcu_is_watching+0x15/0xb0
[  547.698016][T26085]  ? do_syscall_64+0xbe/0x3b0
[  547.698066][T26085]  do_syscall_64+0xfa/0x3b0
[  547.698093][T26085]  ? lockdep_hardirqs_on+0x9c/0x150
[  547.698119][T26085]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  547.698139][T26085]  ? clear_bhb_loop+0x60/0xb0
[  547.698183][T26085]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  547.698204][T26085] RIP: 0033:0x7f026278ebe9
[  547.698222][T26085] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  547.698242][T26085] RSP: 002b:00007f02635ed038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  547.698265][T26085] RAX: ffffffffffffffda RBX: 00007f02629b5fa0 RCX: 00007f026278ebe9
[  547.698281][T26085] RDX: 0000000004004000 RSI: 00002000000003c0 RDI: 0000000000000003
[  547.698295][T26085] RBP: 00007f02635ed090 R08: 0000000000000000 R09: 0000000000000000
[  547.698309][T26085] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  547.698321][T26085] R13: 00007f02629b6038 R14: 00007f02629b5fa0 R15: 00007fffa8ddf138
[  547.698372][T26085]  </TASK>
[  548.161562][T26098] netlink: 'syz.5.7085': attribute type 1 has an invalid length.
[  548.759048][T26122] ------------[ cut here ]------------
[  548.765530][T26122] wlan1: Failed check-sdata-in-driver check, flags: 0x0
[  548.802674][T26122] WARNING: CPU: 1 PID: 26122 at net/mac80211/driver-ops.c:366 drv_unassign_vif_chanctx+0x50b/0x7e0
[  548.814636][T26122] Modules linked in:
[  548.818952][T26122] CPU: 1 UID: 0 PID: 26122 Comm: syz.1.7092 Not tainted syzkaller #0 PREEMPT(full) 
[  548.828782][T26122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  548.839297][T26122] RIP: 0010:drv_unassign_vif_chanctx+0x50b/0x7e0
[  548.845666][T26122] Code: 8d 8d b8 09 00 00 48 85 c0 48 0f 44 f1 43 0f b6 04 3e 84 c0 0f 85 6b 02 00 00 8b 55 00 48 c7 c7 00 23 b0 8c e8 86 aa 9b f6 90 <0f> 0b 90 90 e9 ee fc ff ff e8 77 0c d8 f6 90 0f 0b 90 42 80 7c 3d
[  548.856698][T26132] netlink: 'syz.1.7092': attribute type 1 has an invalid length.
[  548.866499][T26122] RSP: 0018:ffffc9001bc47050 EFLAGS: 00010246
[  548.880128][T26122] RAX: ea351abb9a506300 RBX: 0000000000000000 RCX: 0000000000080000
[  548.888132][T26122] RDX: ffffc9000c07a000 RSI: 0000000000006bae RDI: 0000000000006baf
[  548.896861][T26122] RBP: ffff888054525728 R08: 0000000000000003 R09: 0000000000000004
[  548.900925][T26132] __nla_validate_parse: 10 callbacks suppressed
[  548.900944][T26132] netlink: 228 bytes leftover after parsing attributes in process `syz.1.7092'.
[  548.907486][T26122] R10: dffffc0000000000 R11: fffffbfff1bfa1ec R12: ffff8880545269d0
[  548.929152][T26122] R13: ffff888054524d80 R14: 1ffff1100a8a4ae5 R15: dffffc0000000000
[  548.937600][T26122] FS:  00007fa07882e6c0(0000) GS:ffff888125d1b000(0000) knlGS:0000000000000000
[  548.946991][T26122] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  548.954022][T26122] CR2: 00007fa07880cf98 CR3: 000000007fee8000 CR4: 00000000003526f0
[  548.962425][T26129] openvswitch: netlink: IPv4 tun info is not correct
[  548.969613][T26122] Call Trace:
[  548.972947][T26122]  <TASK>
[  548.975929][T26122]  ieee80211_assign_link_chanctx+0x1ec/0xd70
[  548.982035][T26122]  __ieee80211_link_release_channel+0x33b/0x4a0
[  548.988326][T26122]  ieee80211_if_change_type+0x14c/0x990
[  548.994222][T26122]  ieee80211_change_iface+0xd5/0x510
[  548.999602][T26122]  cfg80211_change_iface+0x792/0xef0
[  549.004944][T26122]  nl80211_set_interface+0x773/0xaa0
[  549.010320][T26122]  ? __pfx_nl80211_set_interface+0x10/0x10
[  549.016171][T26122]  ? nl80211_pre_doit+0x4fb/0x930
[  549.021668][T26122]  genl_family_rcv_msg_doit+0x215/0x300
[  549.027255][T26122]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  549.033605][T26122]  ? bpf_lsm_capable+0x9/0x20
[  549.038315][T26122]  ? security_capable+0x7e/0x2e0
[  549.043391][T26122]  genl_rcv_msg+0x60e/0x790
[  549.047925][T26122]  ? __pfx_genl_rcv_msg+0x10/0x10
[  549.053361][T26122]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  549.058762][T26122]  ? __pfx_nl80211_set_interface+0x10/0x10
[  549.064648][T26122]  ? __pfx_nl80211_post_doit+0x10/0x10
[  549.070183][T26122]  netlink_rcv_skb+0x205/0x470
[  549.074989][T26122]  ? __lock_acquire+0xab9/0xd20
[  549.080241][T26122]  ? __pfx_genl_rcv_msg+0x10/0x10
[  549.085299][T26122]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  549.090669][T26122]  ? down_read+0x1ad/0x2e0
[  549.095126][T26122]  genl_rcv+0x28/0x40
[  549.099142][T26122]  netlink_unicast+0x82c/0x9e0
[  549.104038][T26122]  ? __pfx_netlink_unicast+0x10/0x10
[  549.109707][T26122]  ? netlink_sendmsg+0x642/0xb30
[  549.114676][T26122]  ? skb_put+0x11b/0x210
[  549.118960][T26122]  netlink_sendmsg+0x805/0xb30
[  549.123837][T26122]  ? __pfx_netlink_sendmsg+0x10/0x10
[  549.129162][T26122]  ? aa_sock_msg_perm+0xf1/0x1d0
[  549.134178][T26122]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  549.139869][T26122]  ? __pfx_netlink_sendmsg+0x10/0x10
[  549.145200][T26122]  __sock_sendmsg+0x219/0x270
[  549.149962][T26122]  ____sys_sendmsg+0x505/0x830
[  549.154795][T26122]  ? __pfx_____sys_sendmsg+0x10/0x10
[  549.160203][T26122]  ? import_iovec+0x74/0xa0
[  549.164799][T26122]  ___sys_sendmsg+0x21f/0x2a0
[  549.169947][T26122]  ? __pfx____sys_sendmsg+0x10/0x10
[  549.175236][T26122]  ? __fget_files+0x2a/0x420
[  549.179941][T26122]  ? __fget_files+0x3a0/0x420
[  549.184678][T26122]  __x64_sys_sendmsg+0x19b/0x260
[  549.189720][T26122]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  549.195223][T26122]  ? rcu_is_watching+0x15/0xb0
[  549.200410][T26122]  ? do_syscall_64+0xbe/0x3b0
[  549.205137][T26122]  do_syscall_64+0xfa/0x3b0
[  549.209732][T26122]  ? lockdep_hardirqs_on+0x9c/0x150
[  549.214992][T26122]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  549.221516][T26122]  ? clear_bhb_loop+0x60/0xb0
[  549.226228][T26122]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  549.232365][T26122] RIP: 0033:0x7fa07798ebe9
[  549.236786][T26122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  549.244473][T26142] netlink: 'syz.1.7092': attribute type 10 has an invalid length.
[  549.256482][T26122] RSP: 002b:00007fa07882e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  549.256518][T26122] RAX: ffffffffffffffda RBX: 00007fa077bb5fa0 RCX: 00007fa07798ebe9
[  549.256537][T26122] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000003
[  549.256553][T26122] RBP: 00007fa077a11e19 R08: 0000000000000000 R09: 0000000000000000
[  549.256570][T26122] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  549.256586][T26122] R13: 00007fa077bb6038 R14: 00007fa077bb5fa0 R15: 00007ffe329fb438
[  549.256625][T26122]  </TASK>
[  549.256639][T26122] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  549.256656][T26122] CPU: 1 UID: 0 PID: 26122 Comm: syz.1.7092 Not tainted syzkaller #0 PREEMPT(full) 
[  549.256682][T26122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  549.256699][T26122] Call Trace:
[  549.256709][T26122]  <TASK>
[  549.256720][T26122]  dump_stack_lvl+0x99/0x250
[  549.256753][T26122]  ? __asan_memcpy+0x40/0x70
[  549.256781][T26122]  ? __pfx_dump_stack_lvl+0x10/0x10
[  549.256811][T26122]  ? __pfx__printk+0x10/0x10
[  549.256860][T26122]  vpanic+0x281/0x750
[  549.256888][T26122]  ? __pfx__printk+0x10/0x10
[  549.256920][T26122]  ? __pfx_vpanic+0x10/0x10
[  549.256949][T26122]  ? is_bpf_text_address+0x292/0x2b0
[  549.257039][T26122]  panic+0xb9/0xc0
[  549.257069][T26122]  ? __pfx_panic+0x10/0x10
[  549.257123][T26122]  __warn+0x31b/0x4b0
[  549.257153][T26122]  ? drv_unassign_vif_chanctx+0x50b/0x7e0
[  549.257191][T26122]  ? drv_unassign_vif_chanctx+0x50b/0x7e0
[  549.257227][T26122]  report_bug+0x2be/0x4f0
[  549.257258][T26122]  ? drv_unassign_vif_chanctx+0x50b/0x7e0
[  549.257295][T26122]  ? drv_unassign_vif_chanctx+0x50b/0x7e0
[  549.257329][T26122]  ? drv_unassign_vif_chanctx+0x50d/0x7e0
[  549.257365][T26122]  handle_bug+0x84/0x160
[  549.257391][T26122]  exc_invalid_op+0x1a/0x50
[  549.257417][T26122]  asm_exc_invalid_op+0x1a/0x20
[  549.257444][T26122] RIP: 0010:drv_unassign_vif_chanctx+0x50b/0x7e0
[  549.257480][T26122] Code: 8d 8d b8 09 00 00 48 85 c0 48 0f 44 f1 43 0f b6 04 3e 84 c0 0f 85 6b 02 00 00 8b 55 00 48 c7 c7 00 23 b0 8c e8 86 aa 9b f6 90 <0f> 0b 90 90 e9 ee fc ff ff e8 77 0c d8 f6 90 0f 0b 90 42 80 7c 3d
[  549.257504][T26122] RSP: 0018:ffffc9001bc47050 EFLAGS: 00010246
[  549.257529][T26122] RAX: ea351abb9a506300 RBX: 0000000000000000 RCX: 0000000000080000
[  549.257549][T26122] RDX: ffffc9000c07a000 RSI: 0000000000006bae RDI: 0000000000006baf
[  549.257578][T26122] RBP: ffff888054525728 R08: 0000000000000003 R09: 0000000000000004
[  549.257594][T26122] R10: dffffc0000000000 R11: fffffbfff1bfa1ec R12: ffff8880545269d0
[  549.257613][T26122] R13: ffff888054524d80 R14: 1ffff1100a8a4ae5 R15: dffffc0000000000
[  549.257661][T26122]  ieee80211_assign_link_chanctx+0x1ec/0xd70
[  549.257713][T26122]  __ieee80211_link_release_channel+0x33b/0x4a0
[  549.257757][T26122]  ieee80211_if_change_type+0x14c/0x990
[  549.257800][T26122]  ieee80211_change_iface+0xd5/0x510
[  549.257837][T26122]  cfg80211_change_iface+0x792/0xef0
[  549.257876][T26122]  nl80211_set_interface+0x773/0xaa0
[  549.257917][T26122]  ? __pfx_nl80211_set_interface+0x10/0x10
[  549.257949][T26122]  ? nl80211_pre_doit+0x4fb/0x930
[  549.257990][T26122]  genl_family_rcv_msg_doit+0x215/0x300
[  549.258028][T26122]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  549.258072][T26122]  ? bpf_lsm_capable+0x9/0x20
[  549.258105][T26122]  ? security_capable+0x7e/0x2e0
[  549.258149][T26122]  genl_rcv_msg+0x60e/0x790
[  549.258184][T26122]  ? __pfx_genl_rcv_msg+0x10/0x10
[  549.258209][T26122]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  549.258234][T26122]  ? __pfx_nl80211_set_interface+0x10/0x10
[  549.258259][T26122]  ? __pfx_nl80211_post_doit+0x10/0x10
[  549.258302][T26122]  netlink_rcv_skb+0x205/0x470
[  549.258335][T26122]  ? __lock_acquire+0xab9/0xd20
[  549.258371][T26122]  ? __pfx_genl_rcv_msg+0x10/0x10
[  549.258401][T26122]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  549.258470][T26122]  ? down_read+0x1ad/0x2e0
[  549.258554][T26122]  genl_rcv+0x28/0x40
[  549.258578][T26122]  netlink_unicast+0x82c/0x9e0
[  549.258618][T26122]  ? __pfx_netlink_unicast+0x10/0x10
[  549.258650][T26122]  ? netlink_sendmsg+0x642/0xb30
[  549.258681][T26122]  ? skb_put+0x11b/0x210
[  549.258721][T26122]  netlink_sendmsg+0x805/0xb30
[  549.258765][T26122]  ? __pfx_netlink_sendmsg+0x10/0x10
[  549.258803][T26122]  ? aa_sock_msg_perm+0xf1/0x1d0
[  549.258842][T26122]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  549.258867][T26122]  ? __pfx_netlink_sendmsg+0x10/0x10
[  549.258903][T26122]  __sock_sendmsg+0x219/0x270
[  549.258936][T26122]  ____sys_sendmsg+0x505/0x830
[  549.258966][T26122]  ? __pfx_____sys_sendmsg+0x10/0x10
[  549.259006][T26122]  ? import_iovec+0x74/0xa0
[  549.259035][T26122]  ___sys_sendmsg+0x21f/0x2a0
[  549.259061][T26122]  ? __pfx____sys_sendmsg+0x10/0x10
[  549.259124][T26122]  ? __fget_files+0x2a/0x420
[  549.259157][T26122]  ? __fget_files+0x3a0/0x420
[  549.259204][T26122]  __x64_sys_sendmsg+0x19b/0x260
[  549.259230][T26122]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  549.259269][T26122]  ? rcu_is_watching+0x15/0xb0
[  549.259299][T26122]  ? do_syscall_64+0xbe/0x3b0
[  549.259337][T26122]  do_syscall_64+0xfa/0x3b0
[  549.259367][T26122]  ? lockdep_hardirqs_on+0x9c/0x150
[  549.259397][T26122]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  549.259420][T26122]  ? clear_bhb_loop+0x60/0xb0
[  549.259449][T26122]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  549.259470][T26122] RIP: 0033:0x7fa07798ebe9
[  549.259491][T26122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  549.259510][T26122] RSP: 002b:00007fa07882e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  549.259534][T26122] RAX: ffffffffffffffda RBX: 00007fa077bb5fa0 RCX: 00007fa07798ebe9
[  549.259552][T26122] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000003
[  549.259567][T26122] RBP: 00007fa077a11e19 R08: 0000000000000000 R09: 0000000000000000
[  549.259582][T26122] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  549.259596][T26122] R13: 00007fa077bb6038 R14: 00007fa077bb5fa0 R15: 00007ffe329fb438
[  549.259633][T26122]  </TASK>
[  549.265043][T26122] Kernel Offset: disabled