last executing test programs:

25.429488378s ago: executing program 3 (id=2173):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94)
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000180)=r1, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000004000)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014751c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a0c93d47018c12e7ba8188a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab188dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b4896c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e547f7ad33850d9feccd0111a2e3700845dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005202000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a12489c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af14915f29b719f54926fc32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86ae826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa520000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da357f9e93ce055019c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c672b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981fd9086e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2826b47ad8ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b478abc5b196dd5308cb20c4e2a0bd702651bb39f10523102dcd8ece692159028f314e0d6bfa400475c6699fdc40efe0948e3cef7419a7f113134e5ee20fd87c4521ccfbd32d6f147f743d30866bdd86ca8bf0c7bcc475f4ed53517aaa51f1c151d859a7f0b53abd332c84bdad313e82ac3777a6f7f649ff8a25f6dfe09cb29213896b49a825257bf143e9fa3bbd47009e66fe5705b3ef2b40a182e408c680727d64e00e1ce508f8fd64ac6c84ccc28fc333067de63b9bb5daaa12ce60ee3779ded79651be69d2a413cd948a873dd7ad7017b150828cf100d3df8537f22aff58343c9ee966fceb594bbe10b911427f76a25a219be2f85287b7f83d323a30991067ad1369792166062085ff20c5fb9f6e4f78dd09c7d2d6ca3c8a5d0d26ccbe576f44a1bc94194817"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0xfffffd1f}, 0x1b)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xe80, 0x6002, &(0x7f0000000640)="b9ff03076844268cb89e14f088a847e0ffff200000000002000aac14140ce0", 0x0, 0x11, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x48)

25.238480495s ago: executing program 3 (id=2178):
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x50)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r0, 0x3e8, 0xf, 0x0, &(0x7f0000000000)="c1df07000000d30a298ee68886dd87", 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)

25.107594619s ago: executing program 3 (id=2181):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002380)={r0, 0x0, 0x2d, 0x0, @val=@netfilter={0x2, 0x4, 0xfffffe71, 0x1}}, 0x20)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0x34, 0x10000000, &(0x7f0000000100)="b9ff03006044238cb89e14f0892f1bffffff00004000632f77fbac14140be934a0a662079f4b4d2f87e50aca6aab845013f288a81a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000, 0x0, 0x6}, 0x2c)

25.011890532s ago: executing program 3 (id=2185):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x4, &(0x7f0000000440)=@framed={{0x18, 0x5, 0x0, 0x0, 0x40000}, [@call={0x85, 0x0, 0x0, 0x5}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000080)=r0, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000b40)=ANY=[@ANYBLOB="b702000009000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2e6405000000000065060400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000002c3f2cc2b7956244cef7baf48e6d2885a09a87507ebfc75b5b0f4e4309ebcdac5f7a860c008cbdd3b4c3b7f28754860c9c781f6410457253e89ad528d985636a86ec0f68f59cd1159a2c2e85d726859a919cc9548a349980d1ccdce27f94bc074c27f81078545c146a0857153b7b8f00034debae58a4ab415b0d7ff0575cc272cd3d7e8d974927676468ff2d86e0ffac94792ed9cf6b40b3cf252a47c05ae8a70d57cc3e067d1867b54d24e20000000000000020009ebf84d3b042d6e432cd080e3b57239f0127473e6ba922aff649609d40b47ec331ccba3cf96f9483ff19a6471bf5abc742d9cbcfb964b11b31034694a6aad86cf08a6c7b2235dc99de9aa3e6b77c7a2877261ed32da90864987f30926c9013eec3b86836ae50447aa5a79f40c235000000453302712c3d8fc4e2b61adb0695e800000000d4f4e91f0000002c33df424d1bafe5725c8a404724f8a4f1cda7997b65954f74097560b91da309b887af2485c2d9ab09b523000000000000000bf7b2ff4602aec1eea200000064881c5630521a08e051374cf05c921a06fb7818000000009dc8d95e0e5b365d10e1004dae58b3b5b89709b0ff47b200000000004000cbef88811dc8c1b27ac7d9a6bb70f60eb9c01dd2fc79b85e4d961498f3a80131d21d856177a2189f45d011ef1da5c6d57bb8fd387ccea9c3899a914e47e82f040000009d81003f927355408f87264797d3fa970949793b94329d580500d1f91c0d22587e05a61e3d8576ca168e88d7a9af95b04a37c27bfffab9abbb31fa8c0080258cfa6d3f166e695f3c56490aeef464d9965d70a50f1282619344f223548e750339643adac1322c87ca253ff2fb1882760d6feab16bacdf83c11816dbe959ebc5ec479c8319f73e2249eab0486b110702a481d3b51976a52303056e800b4ae5acc2dfae60ab958e9f3ef9b4aaa4e8d6166f636a65eb1d672bf2000000cda8462cc9b16624998be65683321e970000000009b8e20762c1bf4a3eb6769f2b23e842bacd9c685edea0ffa3e975424f8ede49e61a4de808a38ba3512d64dc71867df4eee3f1ff791cf7c9862f98b45852e4b2f78721b978a2df2f2a29a387c6f0576b36038f819286eca99a6a434811cf2a117d775fe986a49fb82cf5f15972d5ab18f1045384501adabb20f7b0e15ff47f1744e2341b59034959a1289ba6e243668e6735305707e3de7652bfc5b60c76deff43a1d6fd6a4180ab723735abbeffe7f2ec3a0bb86f9eddfc0f3d1d503d7a54b49e1ae6c5aa620d27e91aa0aa0ed6fcacfc91fbb4c256409e54daefbb107c381fa729ff5f3907d93430da178d685d7730f5e129438a5214f722096d2986334c2576bef69145d3fbd78a9059e454474f92e65828b018174a9f4738b8c71fbdeac26ab95e02f9a847182766964976b1fccdb9f35721e43e33883cf16ed1343fb7429eb395123b0a4262b7023c22039b9002589a378ed4c6267965af78b861bd025312538cec97966b8973d4e299d9802264d06e40ae118e1d242d1128dcedeb44030df12ef68f78215d65f96eb55db8cbcb060008000d988374f85451a694ffe38a1d03916ff10dc82b31c98d42e1a1bda1290de1a499a5a385b31112a48ba3e6d6849914c1788a7aca37177cc341fff44fec5c5e0abae01c439a1b0311e074e81ae9993b5b3459553e4ece78d4c1501c70f5d81e0725d5b273755c0000000000000000aa4234ff82182952a76233d18e7d49638aeb04e7a9e9e7eafb7c255372795d2d192a0a33cab0f5bf2e93e0544fcdf2df2bc6ce96e5a11993d54f97a23754ac828674dbb93c0ad345715be4a13678b01edf76d8a923655800a2c88cce004505ab45d8f5f88aa887bbce5c18970428516f6099bdbb2cd7a2356397f1a0a23e662e2a6c4834400cbaa41c3c574e6e6aefb7a68da5ec1ae49f968bbe0e0bf9878516f553639f5b4828e92019b61f5874be1c7cdd9482df50bc24a8a1fa10d291390eb84e26a2e8dbeaa45604b05a116c1210a7540bf81005044273f5a8ffc538db289350eb248e483bd8920efcf30a798c2b636243e0a37262ca47dfeefa753ba528f7ba77e825051ce69b4475d7d714ba0c636e6ae9f710411d30ef424aeaabe057c7df6ff8f767bcd9012e1047c686f5ccb76ab3a5df53cbc22ba7ea8f6a8e220bb4d83de1e4dc19d6c1be841503850803bc2c2d5e0e34270a7f1cca0c6c53a8e5f891f7a793a70da62d6d88fbb90d220acc687931b42d6be83ab870da3c0a567f5e65ec0457f4ad2a4ec0b671b36388afd5520a8483a4b11f7d02a409315f0f9e59f47668d68a74838d6976e12fd45200014041dffacbf60892ec8bd7560686f137a806d3dfaba900b47cac62f828342fff009adb5b2251461a1b9d6ba625b8fe04e69a1a4be2696f0000000086e172932e03000000000000005942e1b9d6dc28ab8e19e1111dd893e801015642faf21eef40d6e7de3ef62c4bc5ff17e7aeb2841098f845d1cc9ec4eee79c298fb0ba939b13707044e2e9cc0d350438c1c8c6bb9a38c6ac5ca0d9cf1f3d6915f25cb26edfc28b3079b97df32601240e454db103fb0c4a143673a3f160d3a7b83ecd0509ce9eba0c7bf7843799b1b56a234f9eaab8a3f14f1472bb6aaeb8ac9ee4054605558ab31f339f6a4caf2ee2fd01f34dca3300000000000000000000000000000000f59f8e6e00000000c44130098d833a24000000000095e6f945ba9a941cef5e70b8c152321e24b5b29bcf374dcf5a29a35d76e6e2bf8df95462690a4fc9ec8129e92b6ebb4b40a992a75d3c595426ae40d0bfc87db24d856359079b29b3c374d081c300b2cfaa596d24e800ef8e2201f2fb7a9946f89f9f31f7cbd603fd7f8898c70b5c65f2e28f22e1a79a6af3a54861b07f124642e98389557affbdede09b5566a4a1ee73b20846810030a754acddcdafe3ceeeebc0b5f2fedfe7d198e3067f3dbac9441a9ab8409cbbb7e15b9ae3944097de34de2001c8533a3766e6e4c4c4702ccb932a27a3962814cd6aa8fc684beeaa3932efae3a9052be8eec1e95f6ad8d41dd34829503ba4b66e27154cb6e34aa13450522df1723130b6fe347c93f00e40e293c98d849a33f773c743728992f40faccd5c23130a1c6bfd6fc661bca1598137ddd1090ded672f5a48a40cab3f640c8241a364cbdd3f188eec7da7bccafbd5bf28a46f0eecc6b550471b0b0770c6a5a411c0e0b19e15a461e7c6833ba936e214b013f2819ec6572a43b5cd32b11d7e4f8dcf8f7820a17b7b2ee6178a03351dd25091e46bfd82a3979b9cad109fd6217cd52aa81bdabd50826a674bd16b8f7e6aed12a305366599f5f029a7b24558c027518c669760500002f1c19d16a6f391906000000cc0bbbfb8c698ecc137d96711100e0108d3bd2afed0b279ebf0527552a9331e646c424b14ffbb815622bfd2f635855bed1b164d0a56bd104be069854111c5b26ec3c652b5f0a6b9676dae987ec23456ba05a4dfb15321ef6b76e7e547a688c67ab531cfc784c9f940d9fb0464a6cce635e14b80dc5c1c64e75e6bd5355d84f8df272f18f58c570e7afd83ee77f157c146aa747b728969aeb4aba1d8f9de1b3fb8ab6ea50e884c2ea98e6400bf0c5ae2887cd1da0e57ccfdf5eca2b455247efcc13102846c0a85f20c80007c0ce6efce627b95b8ad3003385de97101678fb2163ecea6e70a77a6fbc089e31a5ccece932229b8f79faa6863d6857c3d9a9710f9f8ad16eeb8342278f311cbc226498028234d21466892983378fe64acbb44f694cd78e43c74aa75505cb1c91b189f8f89f233a05f5cd4e173a373178557843dd705268f74a9e5429945503195aefd6706b584d8408c9652b3fe68500747f7ee8375fa559c3ad195d3795df1a8364cd13acc3256ee4634c73eeb6954d0fcf09ab84df0b8900e0c6fea2ccb600ae7a4b128cae19df160e7c207b89132d1d5bdc9ffc79f0549b82df521817651d5fead5128205b92ccdccc69407ab556217af277af911dbd456dfc43dd061b6c91485dcc208cf0b3d0bf851de413f5de5ec015e296914afab6411109355e027ce04990d9aae251b9deb11b7db45b9f15b7b55d8fdbedd9e6cf891205694f02be8b9ea8ecd41308a0e1b93ae3435bfa88b440b1f701b4d0fc49c82193f27f8023b630ea97edbf3bf421a0a1a2b4ac7bb30bcd1cdd172c0df37408fd6827bb03e8742fc1c7a2befd1299928c5f79e846a8dc7ca648d960a759e6711b69776896a9656d59af6d44bc5348229fa84ae78af8421a22c4b4c17a3d24a4a0104000000000000d77cc4eef51c2b417c8c7458ddd7dd9d1a863bf0a9e1a30a19020490038017a5c7e474c83302a2c2b5c976dacf3dda7191c757f208000000000000005f7ed983f65723fbb36b9b51abb0dbcd335700000000000000000000000000000086666201251aa4f139d0485ffcf89f01639fd1579a3802f720a0215c720a97071f5065a23642a58275dbca444b00e2e5835185d5d5b2796eb0fe32cf3b0633f58ecc7648c3c6efe82f93a3008052416512eea30ea9472e0b456a652883c0907323cf03be193a05008cdef7a98a1671a1918df310dc4bfd61c3db4819ab1c57b348a8ff1ed36364a20fe846f1cd086058d139ce528425b31c5d08b433562ffb318c1285011f9b78b2401989384311101e452f54661ecdb2514a6ae50dbdd422de0f0f8c670000000000390be79688f80c47314cb1b14afcaa5d23f9032e0ec51f45f447d6a7c798fcf7e60e2180e289410801e4f03a0e140f388f25b92da1025d8409e171a2336ed71cca86eb4658fe06df286e0e20276b0618eeffd05774f15686cd9d3182ca2fec863875f305fed6baf48a594db12582a38cfdffffffffffffff0cf8d920517835fe7d09cfcb624f6931f1cc6f6b71f58de9ddc38e0c43992f6bc57a718d0cfd197b5324b4e05ef1caa96db3ae1f2f2e5791faba2ebbe1a6faf21f2748fb1fb6743c3ca8af4e6b02518c9b7fdc1b5721eb1c3ed98db25536f74ac7861afc94544e52dcb5c60460a05802e3b437ac977bfa26b887a2443e8d559c58187f004eb82b07937df6e96f77ed551926bec4e0188fae10a35d1c5f1768ac6be829bea46f1babc3d74adc31ca71bdab9079e4288881b434484eadde9da6b81802842abd462d546c59d87acc014f81d3414759bda12d2a2c6bc1bfa807bd3101eb227184a61107b6d0618e2a3b842671e084ac3f0ff94dc48b51601247318ab4d1c5106458000000000008000000000000cfee0107e6c2fe8639d926829fdbbd86bf591a8c3c235d8939af9d923f648165881a6c29997234406400b3b1c321cc158dbe17123eace30000000000009ea77cb4d3ca892600000000796de6ae4ae40bdf9a6e8c5dc29562262af9cd54e8e3ecc7e3c8cba0ecc791683496c4e5c1a5729714d9f9031f49b400cd2667b4ea6df54809615a4f973f93e6ccec72f16ff998e29ed99df733680a9d5cea57f99cc139b6ea9014f3000000000000000000000000000000000000feeab45a4046a622b0dceb413e4e39b7317e92cbed46b41ab5115bfb542c933783d750852dfdc6656aaf15e10615a88821f2f1bc53969b52d6852755e7681ad5beda80b38ccd34116b99f50b4fdd967b3f20f260455412b67563e40e323bde9d673fceda0ad6981565c8a183d928903b4f4472dde41b6dcd75314c31e704dfcb222c8359fe88944f852242270c932abfaeece0843d708f5cd25b2a63ae1e79723c1c3c013836b47da0a35d0f34c070000000000000422ae2c148d444dd437a7d2f5e575009bc2d17a199802409329dae8baa58d3de63ad45328a9d4dc1ace543dfe11913c6c6413f8f7a15657d012fea460bb4656a20df1ba26932b0ef49f8ea88d7b4c1289314ba789661640f1b5d7cbae103fa95b0035f1e8e866307d4796eab0992704f9e00be4b1af8dfa9e94ad74e607ea9d7d7a95ed5a15429426abbed8d2c657018305c6f9e5159a5453f958991a908ff4cb2e8cbccb1d3c8daf754e4b01b2edd023e5bfdf293bd28fc1f8885f6edd5a715df4d180247feb08e9e2e5126c48be6098e711f0d86de5d76fdccae34eef9197c32ab4e6fcb52eb9ce18fdb621a75913a97254d783778203ec0bd1a8859683e1d01da4e81fb73bb3b358340a0310bf5ae17b917208da607fd7b125cf99fd3e9056f5184df7570ede94b736ae354b5b8ae2cc473b455f2f86d47c69027676bf1141f316b0f278f1692406572ee82766f8e5ff1cfec2a7a6cab7d0f2582a877c9bd4ca81089373f738d02e6bb4d3df30ac0f041e51ad36e1ff140812baf54b80635cc80963c8f69fa4506f7a30c99d3e538cc0aeafcad86ead38ed949aa3c204aea50e5e0039f01b82595b7dc921a8acc1f76340f060cc9a3acad3451c17dc9b5ca5d10a0cb1708592d1900a046f33761d50895febd9fd58cb132989766cf7c252daac259576ec218e3857e6fa97fe445d1fab51d87302a4bb28a4cfe462ee4849cc6832650188ca187d85509d8beccf9d9cf752368985804195b9fd2faf1aff8248f3981bd55cbbf514cd8365fee72cc7af053e5388ceadadb967ef735181df6a90cab13f58f6d563c9ab4ad37297aecffd8446cb2b14ec36a99af8393e3760d5970ba1debdcbccd54012c559ee2797ff962328aa6a252c0756e396ce4d52937546675203bdf1d6b120acac576523f8b1daa922188bf61536312f90dba92fb380c3c6fb5f9883a2c4dd99a1bac9b7cb25ff2ef9bd58ff97ddfdd2d4bcc371ee82245b57cd91a7fa3479cd339f54a5c42"], &(0x7f0000000340)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r2, 0x20e, 0xe40, 0xfd000004, &(0x7f00000004c0)="b9180bb76003070c009e40f086dd1fff310000003c0020010010ac14142ee0080001c699da153f0ae0e6e380f60115f683317585d7473be0ab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b333c20c9ec0c222d644bdcb178c1cc53d6960fbb842d6a33dfcde3a1e1848135214baf139753866cadcbe3ce52505e992818cc452bee339d9ab076f484020eaa348a21d7911e4c44905256ec2cc54cca47a198b00c10aff62a4bed43a2ebcad92743fb22c593f28fd4bb7c703cde9cae0569d4c8d9a823f2c12863f7a6c0cf88ed22aae4f6f084508833b61429a25773eedf63dd9f33d430f2a0a30a7761db16fe0f743b95ded898c28aac1256ce2751b3d738899b8b19d9052b7f13ff94", 0x0, 0x31, 0x6000000000000000, 0xfffffffffffffe7e, 0x1d4}, 0x28)

24.889387626s ago: executing program 3 (id=2186):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000080000000000001000000097000100ffffffff95"], &(0x7f00000000c0)='syzkaller\x00', 0x7}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000791048000000000061042c000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x1, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffd8b, 0xffffffffffffffff}, 0x48)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, 0x0, 0x0)
syz_emit_ethernet(0x76, &(0x7f0000000ac0)={@random="09c9849d490f", @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "ced920", 0x40, 0x3a, 0x0, @remote, @mcast2, {[], @time_exceed={0x3, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "b3a21a", 0x0, 0x0, 0x0, @dev, @private0, [@dstopts={0x84}], "83098ece0f967fda"}}}}}}}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x0, 0x0)
write$tun(r1, &(0x7f0000000100)={@void, @val={0x2, 0x80, 0x3, 0x50, 0x8, 0x5}, @ipv4=@icmp={{0x2f, 0x4, 0x0, 0x5, 0xc4, 0x67, 0x0, 0x9, 0x1, 0x0, @broadcast, @loopback, {[@rr={0x7, 0x23, 0x1f, [@loopback, @empty, @multicast1, @multicast2, @multicast1, @dev={0xac, 0x14, 0x14, 0x36}, @rand_addr=0x64010102, @empty]}, @timestamp_prespec={0x44, 0x2c, 0xf0, 0x3, 0x4, [{@loopback, 0x700}, {@multicast1, 0x4}, {@local, 0x6}, {@private=0xa010102, 0x816b}, {@loopback, 0x2}]}, @timestamp={0x44, 0x8, 0x1d, 0x0, 0x7, [0x4]}, @timestamp={0x44, 0x8, 0xc6, 0x0, 0x0, [0x4]}, @timestamp_prespec={0x44, 0x34, 0x2b, 0x3, 0xd, [{@dev={0xac, 0x14, 0x14, 0x3f}, 0x1ff}, {@loopback, 0x7}, {@empty, 0xffffffff}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0xe8a}, {@multicast2, 0x1}, {@multicast1, 0x5}]}, @lsrr={0x83, 0x13, 0xb3, [@remote, @remote, @empty, @broadcast]}]}}, @info_reply={0x10, 0x0, 0x0, 0x2831, 0x1db}}}, 0xce)

24.856805718s ago: executing program 3 (id=2188):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$kcm(0xa, 0x2, 0x88)
sendmsg$inet(r1, &(0x7f0000000000)={&(0x7f0000001340)={0x2, 0x2, @multicast2}, 0x10, 0x0}, 0x8000)
sendmsg$inet(r1, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0xa92e338440b7f238)
sendmsg$nl_generic(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000240)={0x14, 0x26, 0x1, 0xf0bd26, 0x25dfdbfc, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x4000d}, 0x20048000)

16.968974213s ago: executing program 0 (id=2337):
socket(0x10, 0x803, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010700000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r1}, 0x18)
socket$vsock_stream(0x28, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000180)={r4, 0x0, 0xfffffffffffffffe}, 0x10)
sendmsg$nl_route(r2, 0x0, 0x0)
r5 = syz_genetlink_get_family_id$fou(0x0, 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r2, &(0x7f0000001440)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000003c0)={&(0x7f0000000280)={0x28, r5, 0x2, 0x70bd27, 0x25dfdbff, {}, [@FOU_ATTR_LOCAL_V6={0x14, 0x7, @ipv4={'\x00', '\xff\xff', @remote}}]}, 0x28}, 0x1, 0x0, 0x0, 0x200440c0}, 0x4004801)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r6 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
connect$bt_rfcomm(r6, &(0x7f0000000040)={0x1f, @any, 0x2}, 0xa)
r7 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
connect$bt_rfcomm(r7, &(0x7f00000001c0)={0x1f, @none, 0x1}, 0xa)
r8 = socket(0x2, 0x80805, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000200)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
r10 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000980)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0x1c, &(0x7f00000002c0)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0xfffff7dd}, {{0x18, 0x1, 0x1, 0x0, r10}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa, 0xa00}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x0, 0x1}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff8, 0x110}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffdff}, {}, {}, {0x7, 0x0, 0xc}, {0x18, 0x2, 0x2, 0x0, r9}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000001b00)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xa, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000}, 0x94)
getsockopt$inet_sctp_SCTP_MAX_BURST(r8, 0x84, 0xd, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)

15.882043314s ago: executing program 0 (id=2348):
r0 = socket$kcm(0x11, 0x200000000000002, 0x300)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000030c0)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcff7ffa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67e6ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4510555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cace339f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d000000009682e24b92533ac2a997d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f18215523167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3037ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cb8846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966f08294cd6f496e5dee734fe7da3770845cf442d488afd80e170000000000000000000000000000000000000000000000000000052007563885a1105000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb9aaa57a8abef8b64237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2c09000000bfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07000000ef060cd4403a099f32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbcbf2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00a40e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2add58ffb25f339297729a7a51810134d3dfbf71f651600eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47547f164391c673b6079e65d7295eed164ca63e4ea26d65f6b3ce0f6591d80dfb8f386bb74b5589829b6b067903000000000000003d9950d48c774eaa35b24fce696af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c80c57ed04dbc574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981179186e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff559973c3a"], &(0x7f0000000340)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0xf, 0x0, &(0x7f0000000640)="b9ff03076844268cb89e14f088a847", 0x0, 0x71, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
recvmsg$kcm(r0, &(0x7f0000000bc0)={0x0, 0x0, 0x0}, 0x40)
recvmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)

15.706975596s ago: executing program 0 (id=2352):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x30, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@NFTA_RULE_EXPRESSIONS={0x4}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x58}}, 0x0)

15.622789236s ago: executing program 0 (id=2354):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=@base={0xb, 0x5, 0x10001, 0xa, 0x1, 0xffffffffffffffff, 0x3}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x55, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000210000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000680)={{r0}, &(0x7f0000000600), &(0x7f0000000640)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r2}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x26, 0xa, 0x0, 0x0, 0x0, 0x61, 0x10, 0x2c}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x80)

15.566595068s ago: executing program 0 (id=2355):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000002500010125bd7000fbff3e8c371200000800030047"], 0x1c}, 0x1, 0x0, 0x0, 0x4048957}, 0x28040) (fail_nth: 2)

15.498166855s ago: executing program 0 (id=2356):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
sendmmsg(r2, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40840)
write(r1, &(0x7f00000000c0)="29000000140005b7ff000051915f95eb01010003a606a40e07fff024bb000000000000000040000000", 0x29)
sendmsg$nl_generic(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000240)={0x14, 0x26, 0x1, 0xf0bd26, 0x25dfdbfc, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x4000d}, 0x20048000)

9.77132404s ago: executing program 32 (id=2188):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$kcm(0xa, 0x2, 0x88)
sendmsg$inet(r1, &(0x7f0000000000)={&(0x7f0000001340)={0x2, 0x2, @multicast2}, 0x10, 0x0}, 0x8000)
sendmsg$inet(r1, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0xa92e338440b7f238)
sendmsg$nl_generic(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000240)={0x14, 0x26, 0x1, 0xf0bd26, 0x25dfdbfc, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x4000d}, 0x20048000)

5.536687789s ago: executing program 4 (id=2481):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000009c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x76a9bba1a690db0f, 0x0, 0x0, {0xa, 0x0, 0x2005}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x3cb140bb}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x3}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x68}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
r1 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r1, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r1, &(0x7f0000000000)={&(0x7f00000007c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1, 0x4, 0xffffffff}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000780)="f4000900062b2c25fe80000000000000dc8b850f238466cc00007a000000ad6e911b51818462b400", 0x28}], 0x1}, 0x0)

5.450593217s ago: executing program 4 (id=2483):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r0, 0x1, 0x10, &(0x7f0000000040), 0x4)
sendmsg(r0, &(0x7f0000000c00)={0x0, 0x0, 0x0}, 0x10)
r1 = socket$kcm(0x10, 0x100000000002, 0x4)
sendmsg$kcm(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000200)="39000000140081ae00002c000500015601618575e285af0180000000171300883795c04a31ba377a1b2cc32b38d3740000ffffffffff", 0x36}], 0x1, 0x0, 0x0, 0xc00e}, 0x0)

5.370844383s ago: executing program 4 (id=2484):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x4ea3, 0x0, @loopback, 0x3}, 0x1c)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x9511, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0xfff2}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e23, 0xfffffffe, @local, 0xc}, 0x1c)

5.279951034s ago: executing program 4 (id=2485):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000ff0f000003"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r3}, &(0x7f0000000280), &(0x7f0000000240)=r0}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000000082c2500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f00000000c0)=r4, 0x4)
sendmsg$inet(r2, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)

5.206835904s ago: executing program 4 (id=2486):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000380)={{{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @in6=@ipv4={'\x00', '\xff\xff', @loopback}, 0x4e24, 0x0, 0x4e20, 0x4, 0x2, 0x1a0, 0x180, 0x5c}, {0x4, 0xb9b9, 0x8, 0x10000, 0x1000, 0x8, 0x16, 0x4000}, {0x5, 0x9, 0x3c}, 0x2, 0x6e6bbb, 0x0, 0x790741177e19070d, 0x7, 0x1}, {{@in=@broadcast, 0x4d2, 0x70}, 0x2, @in6=@local, 0x3501, 0x4, 0x2, 0x8, 0xc, 0x2, 0x3}}, 0xe8)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58)
r2 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'sit0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000004c0)={'bond0\x00', <r6=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c0000001000010029bd30000900000000000000", @ANYRES32=r6, @ANYBLOB="33800400128801001c00128009000100626f6e64000000000c0002800800120000500090"], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000)
sendmsg$nl_route(r2, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="380000006800010000000000000000000a000000000000000600", @ANYRES32=r3], 0x38}}, 0x0)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r7, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
setsockopt$bt_BT_FLUSHABLE(r2, 0x112, 0x8, &(0x7f0000000180)=0x5, 0x4)
write(r7, &(0x7f0000000000)="0c000000010001", 0x7)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r8 = accept4(r1, 0x0, 0x0, 0x800)
sendmsg$OSF_MSG_REMOVE(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000d40)=ANY=[@ANYBLOB="68020000010503000000000000000000030000075402010000000000040000000006feff0800270073797a3000000000000000000000000000000000000000000000000000000000342efc98edda6c80931ab42c143b974299d37374550c11721d0f196b8fee6af6c2753cb2fda57536cf1f266108c2f4a09fb99853abcab03bd6a4e9d795f179ea0900008001000000142f000009000400010000000600000001000100020000000000000068023402000000000104000007000700020000000700000008004dffffff7f000001000001010f0001000000040000000800d00103000000000000000d000a0003000000030000000700020000000000e20c0000100000000000000000000000ffffff7f02000000060000000400010000000000040000000200010003000000040000000300040000000000b50000000500a17a020000007f000000030006000300000000100000008009000100000006000000010405000000000008000000b2b40900000000000100000009000400010000000f000000ff01090000000000060000000400010001000000050000000600f600020000000000000000000000000000000300fa000900010001000000000000200600040001000000030000000400020003000000060000000104020003000000030000000200b5fd0300000007000000030008000100000004000000f3ff030003000000060000000600fdff02000000090000000a0001000000000000000000480f0600030000000600000001000008010000000300000009006b0800000000020000000000910002000000b35d00000700070000000000060000000900000201000000278d0000d5bfde0c931ecec856578a7a2cf49053fb40afae61b140c8b4a2f64c3c28164c2f90b207ec9fefccccd29440e52876d3d86cecaab5009d4b39ee77fed889220e3bd800e91a8d2599fd73bc26d148ea81d4ae8e898a2eaa837409a25bada005290cdb632fefdc8d3275b6926a32e6e444566acdbdf1c6f5b24340e3e61f362aeae8f42057eff8f28139841b54dec1ab084c2693e4c563e9"], 0x268}, 0x1, 0x0, 0x0, 0x20000000}, 0x804)
recvmmsg(r8, &(0x7f0000000a40)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000240)=""/59, 0x3b}, {&(0x7f0000000140)=""/50, 0x32}], 0x2}, 0x2}], 0x1, 0x40000140, 0x0)
r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r11=>0xffffffffffffffff})
r12 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="12000000050000000800000002"], 0x50)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1900000004000000040000006637cf2c00000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000e5001000000000000000000000000000000000800085b108358675b2c2a07fea9da173e4ea5d992b531545b642165012f73d1cb0bbb567f36eefb3b50dc36566f652969af2158904df0e32be13fa42d168b6fe3bbc3a0205c8769c5b38d7b7bab163b3c657427b179b9c766f62cdaba447a72bd32f1c104c43f7e7fa2dbd83c8318ebb43fac931ce3b1621afeaec55e51c7ac7b7e6b67f668277c7ddda1b01efb71021ebd26325943711f134f9afcb734fc10daaee81dc81f112547ddd4cbd0d23b1c97a177967c18d85916c"], 0x48)
setsockopt$inet_buf(r8, 0x0, 0x10, &(0x7f0000000000)="170000000200020000ffbe8c5ee17688140032000103000aff3f000057fc5ad90200bb6a88003cd6c9db0000db15000200ff01800a0000ebfc0607bdff59100ac45761547a681f009cee4a5acba400001fb700674f00c88ebbf9315033bf79ac2dfc061f15003901dee2ffffffffe9000000000000000062068f5ee50c08af9b1c568302ffff02ff03310800ab0840024f0298e9e90539062a80e605007f71174ab498a30b3e5a1b47b63a6323ded2aa084cd36276a3a5f7", 0xb8)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r12}, &(0x7f0000000340), &(0x7f0000000100)=r11}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000080)={r12, &(0x7f0000000300), 0x0}, 0x20)
sendmsg$NFT_BATCH(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000c80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a03000000000000000000010000000900030073797a32000000000900010073797a30000000004c000000060a01040000000000000000010000052400048020000180080001006e617400140002800800054000000017080001400000000408000b40000000000900010073797a30"], 0xc0}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xb, 0x17, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000080000000000000000d00000018110000c911fb8e5f734f44b5c23c88d6ea5af4f85ec4d9882183f84b06026be93b7fe403d43890f17c2f674ef118812a505e3ad0189f954144459951d49da0a81569e3bdd74be2f9cc2f", @ANYRES32=r9, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bf090000000000006609010000000000060000000b000000180100002020702500000000002020207b9af8ff00000000ad91ffff0000000037010000f8ffffffb702000008000000b70300000400000056000000060000002c93000000000000b50300000100000085000000f2000000b7000000000000009500000000000000"], &(0x7f0000000780)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd6f}, 0x94)

5.084829658s ago: executing program 4 (id=2488):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$netlink(0x10, 0x3, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r3}, 0x10)
sendmsg$NFT_BATCH(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000c00)={&(0x7f00000004c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_DELOBJ={0x14, 0x14, 0xa, 0x301, 0x0, 0x0, {0x7, 0x0, 0x8}}, @NFT_MSG_DELSET={0x24, 0xb, 0xa, 0x3, 0x0, 0x0, {0x3, 0x0, 0x5}, [@NFTA_SET_OBJ_TYPE={0x8, 0xf, 0x1, 0x0, 0xa}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x3b}]}, @NFT_MSG_NEWFLOWTABLE={0x58, 0x16, 0xa, 0x3, 0x0, 0x0, {0x2, 0x0, 0xa}, [@NFTA_FLOWTABLE_HOOK={0x2c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'wlan0\x00'}]}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x2}]}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0xb8}, 0x1, 0x0, 0x0, 0x4000000}, 0x80)
r4 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r5 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r5, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r5, 0x1, 0x21, &(0x7f0000000000)=0xfffffffe, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r5, 0x10e, 0x4, &(0x7f0000000480)=0x17fe, 0x4)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f0000000040)=@raw={'raw\x00', 0x3c1, 0x3, 0x388, 0x1c8, 0xc8, 0x8, 0x1c8, 0x5803, 0x2b8, 0x2e8, 0x2e8, 0x2b8, 0x2e8, 0x3, 0x0, {[{{@uncond, 0x0, 0x190, 0x1c8, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@string={{0xc0}, {0x6, 0x300, 'bm\x00', "cfcaf80c672f61cd17ae5119b5135c2aee0500000000000000ecef50c3234e082555f67222476147864fa03182f5cf11d8c348cbd06d7d4e252c3394fed47bf78c70f607b0178fa5ea3350ebc989f1f34a214e67442ce98bbaa8e0f7323a4ca0a7be6c60c527bac2b500", 0x0, 0x3}}, @common=@inet=@set2={{0x28}, {{0xfffe, 0x5, 0x4}}}]}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0x3, 0x6, 0x7}, {0x3, 0x3, 0x6}, {0x1, 0x1, 0x2}, 0x3, 0x29b}}}, {{@uncond, 0x0, 0xd0, 0xf0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@TRACE={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3e8)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r7, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000680)=ANY=[@ANYBLOB="4c0000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c00128009000100766c616e000000000c000280060001000000000008000500", @ANYRES32, @ANYBLOB="08003f0086fc"], 0x4c}, 0x1, 0xba01, 0x0, 0x4004001}, 0x20044890)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x94)
r10 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r9}, 0x18)
r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r11, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r12, @ANYBLOB="010000000000000000000100000008000100400000000c000200700f0000000000000c00060003000000000000000a000a00272d5d29212b0000140007"], 0x6c}}, 0x0)
r13 = socket$kcm(0x2, 0xa, 0x2)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r10, 0x84, 0x1d, &(0x7f00000001c0)={0x1, [0x0]}, &(0x7f0000000280)=0x8)
ioctl$SIOCSIFHWADDR(r13, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000027c0)=ANY=[@ANYBLOB="000086dd0000120000000000000064d6892b0f9a11"], 0xfd0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)

1.046431278s ago: executing program 5 (id=2545):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000440)=ANY=[@ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x40841}, 0x2000c010)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000100)={0x1c, 0x2, 0x3, 0x101, 0x0, 0x0, {0x4, 0x0, 0x4a}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x2a}}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48841}, 0x2000c010)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r2, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c0000000203030100000000000000000400000a"], 0x1c}, 0x1, 0x0, 0x0, 0x40841}, 0x2000c010)

1.045972106s ago: executing program 2 (id=2546):
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffefffff6, 0x20031, 0xffffffffffffffff, 0xdaa2d000)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[], 0x8c}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={0xffffffffffffffff, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="220000000400000010000000"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={r1, <r2=>0xffffffffffffffff}, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x40, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x2c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x8014}, 0x40c0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x10, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000643237007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007041af64090aac40d6600000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r4, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x48, &(0x7f0000000940)=ANY=[@ANYBLOB="88ff0000"], 0x20)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0xf, &(0x7f0000000400)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffc}, {{0x18, 0x1, 0x1, 0x0, r6}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r7, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f00000001c0)=r7, 0x4)
sendmsg$kcm(r5, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000200)="d8000000210081044e81f782db44b9040200000000806c01000015000a001800feffffff09000d2000000401a80018000a000e4006000000036010fab94dcf5c0468c1d67f6f94007134cf6ee062e1c547cbc7225e6756cfb39b0590b4800089e408e8d8ef52b49816277cf4090000001fb791643a5ee4ce1b14d6d930dfe1d9db22fe7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e00360db701000000eafad95667e006dcdf969b3ef35ce3bb9ad809d561cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d939acd92637429397f632838", 0xd8}], 0x1}, 0x0)

1.021923055s ago: executing program 5 (id=2547):
connect$inet6(0xffffffffffffffff, &(0x7f0000000200)={0xa, 0x4ea3, 0x0, @loopback, 0x3}, 0x1c)
bind$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x4e23, 0xfffffffe, @local, 0xc}, 0x1c)

968.284416ms ago: executing program 1 (id=2548):
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x8}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b702000000070000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000be000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c460880000000080000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000340), 0x10}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000c80)={r1, 0x2000012, 0x8ff, 0xb8, &(0x7f00000004c0)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0x7ffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

885.681692ms ago: executing program 5 (id=2549):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
close(r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000200)={'syzkaller0\x00', @link_local})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x14, 0x3c, 0x301, 0x70bd25, 0xfffffffc, {0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x200448d3}, 0x48030)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="7bedcb5d07081196f37538e486dd6372ce22667f2b00dbf6e97158cf474fec87891f6d76745b686158bbcfe8875afdef00010000000029"], 0x66)

787.410917ms ago: executing program 2 (id=2551):
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000000)="1400000010003507d25a", 0xa}], 0x1}, 0x200a4800)
recvmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000004c0)=""/4135, 0x1027}], 0x1}, 0x42)
r1 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r1, 0x107, 0xf, &(0x7f0000000000), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000012c0)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000ffffffff7a0af0fff8ffff5979a4f0ff00000000b7060000ffffffff2d6405000000000065040400014741001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000004000095000000000000006623848adf1dc9a764ab51a064e0ff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b01ddaa52e8756ad60a07d6f27c125e16d02409819180179714ed0a6e1f0f755d8583da60f27c162dbba0706002ac9170f50f2568836077b7f711a18ebf608d87b885297b6a79819782748b376358c33c9f53bfd989b1ca58949a54d5827df14feecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b77aafa63b9dd5fa5c53e9c37251709f1ff7f0000f07bf7f53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd7e43fe1ca8345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1777b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d08428353b1c358ebe73af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d99000000110000fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cece48c38126247b27113ad4c7915c8f82c333a7b350802f0311807010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d637d406160ffaffffffb4e0bde6749aa52c408b74251914c5ff01000000000000b69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000013887ad6d2d440fedce51a3aa57b00ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc36d5aa23bff8cce0600fcff00000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68fd36a03353a55e68ec7c01bd5a2028a8fc107007f3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f942cc750399d90296171fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2b44925129677b7b3d2f8e7792c7827862eae80134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2e20ab1f05fc44ae9ae094c1b81d3ef947692b44d2afb09c7498d357836f03e8a7c392e535694a3ead2de11e6b1781e2a018c0ada7bc7f0eb2d678f23c07ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f60033fc32f68ea86a2df1e76fe27dfdff1cf9194849c4cc0da9533e5983693e526a7dc0d8728f3b573ca4427bdb44df9341e9b8050e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9247b51d92e0993af4beaf1f3f47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2402045cae150a7016f1a90716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed88631be6411f9927fe9f83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c277648475002e2c62681bd07331422a6e47bbd40857d52c4894944fae5c500000000000000ff00000000de784314b8fd419216b48d0f353c11ae185749fa9ac7dfa16bc5c23a23f74b17a7f1b2d799480f33faa3537a910d6ca02f48b0e69beb1119f106ea59195dbc72e17a5dc8c3d131d82f067e29dc39665dff39fb6347b374aaaf6e65efde3fc6202bf29ccfcb08caf18d668a462493aa82e76affba9c9af31d1c23237aa6eccfadfaf794bb1004c07b21ac6ed77718098b2f722bd05fea3561b86b2838a8de5b4f91d6aba95dc9f4464a024be4d0d8d04f5023e7e19e503624d39a43c7b310de519b4073f300022fee47803989b7e916254e0fb9e1c8b07d8a4b8b692a75a32e6ed2caeaa7c258c47fe6143cd9e90b801eff78cd4e402374e0e4ca07b7f17254e3d2f0a2a1bac6fde8a15e3ef3588065524d41966fb3915e804c53201efee751ec294584d23d9008bdf046f55c030ab941a0b87234a30900000000000068133c76770d5e7dabcc48d47685404cc540535ed70df75c24660d85f9c9a245185c7da217d1c3743db85db67b9b8a8f00af02367429f6f0b53c169c4356751bf68745dbde055e1722ae256ae53ae637a1431855d16dfa91d82a021a4b2dbb50bf6d59fdd0c9bc84cd7d544de2523b6ce8aaeb94bfba75079f7455204ccca02bd389d8409b2effe9b88e301ac4fe28752386a0678a3f54b2bdf56f927ddd6b0ac98b2b505f668597455ada51ba95ab852b49373a11ff31dcd82474b51498f65e0601bcdd23acb4c01bcd2f3e1ad378d14c07d923087d3518369710b70ffb0b523dc4f00f275c381fe1c091e478b04d5e4a9f75b4072acb005a83c25625ab7a351a68977177e27a1bf11211"], 0x0}, 0x94)
sendmsg$kcm(r1, &(0x7f00000000c0)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x5}, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)="2703022b590241c90000002f1eafbcf706e105000000894f000f1102ee1680ca82973d2bd4b8bf4a8291a14b8a34f90186cee844000000080000000019b0fb0bba", 0x41}, {&(0x7f0000000440)="63f805d7649496db72959832930469edc7b7d050139bf7ada33cc9e37eed1153ecb716cdb8981cd819af0b33254465cc904b7b31789d65c0e0d3333ce2ef36205dd154e363bcadf8f2ea93f45503c6d9fd8dfe5a638cfeb9f79c930a4d18260e5a08ffd35ed8371cff78119319b2b62c7cd9378c73ae90c801681f55ef26cb0000000000000000", 0x87}, {&(0x7f0000000280)="fe112162c63e6da8bc8432294ef18af53cc330a62a2c7035246635093ba4d30fcf19a90804f04a10939db8f4e13069cda6d167bf1b68c94d8d694d6ad1a4d51a715975560ad48770706eb1b88d021e1119f2eb75275cfe77f862368649be0f7aff5e7826729816e3d3e7986d9434f891c71ca6e4210c6757083cfd8e732048c504f28b6d309fc129ed8eb5a82e224eb648f90134d1d315977c6ea360a7fece4baa3dd7dcc970759f29df0e86469e954e2b050e87b203ca27a2a519b7555c3b73f2681d49442d9647ff5ea64110cc5020fdeafe53a7d8be70f3260816bc376bcdc5352771fa55d9733e27730ec7103520e8359c78edd21ee6c68feb3685a55722f5da09ffe8ba9f05081a8d214156376f99906245f2f390ad717979d98f0574f8c5b52dcc2fa494f461be6c2560ddbaafb80c5b4583cbe56d24f14ab78fd718947077ea736251c7b8eee267267534c84daa6f095e94bfb85986a03ddea362cc7e6682884e710727c1163cd4f336c13b844605b7a815fe39e43bd0d2e414410a82958455b8a6bd9194c631d66295675fed64c04107a595c421111a3af6e9fadab5c9", 0x1a1}, {&(0x7f0000000180)="6fe4dd9eeba3271dc700b581440284", 0xfe69}], 0x4}, 0x0)

773.479936ms ago: executing program 1 (id=2552):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000800), r0)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x2c, r1, 0xa5456c2fe1cd7aeb, 0x70bd2b, 0x25dfdbfc, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy0\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}]}, 0x2c}, 0x7ffffffe, 0x0, 0x0, 0x4000010}, 0x40882)

687.062559ms ago: executing program 5 (id=2553):
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r0, &(0x7f00000001c0)={&(0x7f0000000100)=@phonet={0x23, 0x8, 0x0, 0x14}, 0x80, &(0x7f00000004c0)=[{&(0x7f00000005c0)="270502001c0014000600002fb96dbcf7bae105000700810005004305", 0x1c}, {0x0}], 0x2}, 0x20000800)

679.548838ms ago: executing program 2 (id=2554):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_BEACONS(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="3816ca9ab66a83423433eac3d8c8336ff3386d846aa1730e38028b1f16d114a951b3c972e703a3a85b979dde78c2d8249bc3b1a5"], 0x1c}, 0x1, 0x0, 0x0, 0x24000800}, 0x4000)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r1, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r2, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

554.13928ms ago: executing program 1 (id=2555):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x18, 0x0, 0x1, 0x301, 0x0, 0x0, {0x0, 0x0, 0xa}, [@CTA_TUPLE_REPLY={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000040)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000120000007f00000001"], 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000000)={r1, 0x0, 0x0}, 0x10)

438.046457ms ago: executing program 33 (id=2356):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
sendmmsg(r2, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40840)
write(r1, &(0x7f00000000c0)="29000000140005b7ff000051915f95eb01010003a606a40e07fff024bb000000000000000040000000", 0x29)
sendmsg$nl_generic(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000240)={0x14, 0x26, 0x1, 0xf0bd26, 0x25dfdbfc, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x4000d}, 0x20048000)

397.702885ms ago: executing program 2 (id=2557):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c000000020303010000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x40841}, 0x2000c010)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000100)={0x1c, 0x2, 0x3, 0x101, 0x0, 0x0, {0x4, 0x0, 0x4a}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x2a}}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48841}, 0x2000c010)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r2, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c0000000203030100000000000000000400000a"], 0x1c}, 0x1, 0x0, 0x0, 0x40841}, 0x2000c010)

397.278488ms ago: executing program 5 (id=2558):
socket$inet_mptcp(0x2, 0x1, 0x106)
unshare(0x20000400)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x58)
unshare(0x22020600)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r2 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r2, 0x1, 0x2c, &(0x7f0000000180)=0x80000004, 0x4)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000bc0), r3)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000200)={'vxcan0\x00', <r5=>0x0})
connect$can_bcm(r1, &(0x7f0000000240)={0x1d, r5}, 0x10)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r3, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000040)=ANY=[@ANYBLOB="3ce07a153005206255a38b9c628f4b48b8200000", @ANYRES16=r4, @ANYBLOB="19022dbd7000fbdbdf252e00000005002b00000000000c0005000201aaaaaaaaaaaa0a0001007770616e3000000006000600ffff0000"], 0x3c}, 0x1, 0x0, 0x0, 0x4004880}, 0x4040)
r6 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00', 0x0, 0x0, 0x1, 0x1}, 0x21)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x33, &(0x7f0000000000)={0x0, 0x0}, 0x10)
write$cgroup_subtree(r1, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000100)="6507060082762422f9a30250a90def79e5ddb933b83b8f8f1a0daad170478560f60eb8dc258ded60aee45b04b15db386", 0x30)
r7 = accept$alg(r0, 0x0, 0x0)
recvmsg(r7, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x8dff)
r8 = socket$inet_mptcp(0x2, 0x1, 0x106)
r9 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000680)={'bridge0\x00', <r10=>0x0})
sendmsg$nl_route(r9, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="5800000055003d07000000000001000007000000", @ANYRES32=r10, @ANYBLOB="20000280", @ANYRES32=r9, @ANYBLOB="0000000000000000000000000a0000000000000000000014200001", @ANYRESOCT=r2], 0x58}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
socket$inet_icmp(0x2, 0x2, 0x1)
getsockopt$inet_mptcp_buf(r8, 0x11c, 0x4, 0x0, 0x0)

385.583967ms ago: executing program 1 (id=2559):
connect$inet6(0xffffffffffffffff, &(0x7f0000000200)={0xa, 0x4ea3, 0x0, @loopback, 0x3}, 0x1c)
bind$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x4e23, 0xfffffffe, @local, 0xc}, 0x1c)

161.792154ms ago: executing program 1 (id=2560):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB="0203000313"], 0x98}, 0x1, 0x7}, 0x8890)

160.421876ms ago: executing program 2 (id=2561):
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x8}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b702000000070000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000be000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/676], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000340), 0x10}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000c80)={r1, 0x2000012, 0x8ff, 0xb8, &(0x7f00000004c0)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0x7ffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

693.421µs ago: executing program 2 (id=2562):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r1, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r1, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x34, 0x24, 0xf0b, 0x70bd2e, 0x0, {0x0, 0x0, 0x12, r2, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x4b}}]}, 0x34}}, 0x4000010)
r3 = socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r4=>0xffffffffffffffff})
recvmsg$unix(r4, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
setsockopt$sock_attach_bpf(r3, 0x84, 0x64, &(0x7f0000000000), 0x10)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040)=0xffffffffffffffff, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xb, 0x5, &(0x7f00000004c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x800}, [@map_idx_val={0x18, 0x5, 0x6, 0x0, 0xd}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x52, '\x00', 0x0, @fallback=0x17, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x7, 0x8, 0xb, 0xcd, 0x8320, 0x1, 0xfffffffd, '\x00', r2, 0xffffffffffffffff, 0x0, 0x5, 0x4, 0x0, @value=r5}, 0x50)

381.989µs ago: executing program 5 (id=2563):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000200)={'syzkaller0\x00', @link_local})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x14, 0x3c, 0x301, 0x70bd25, 0xfffffffc, {0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x200448d3}, 0x48030)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="7bedcb5d07081196f37538e486dd6372ce22667f2b00dbf6e97158cf474fec87891f6d76745b686158bbcfe8875afdef00010000000029"], 0x66)

0s ago: executing program 1 (id=2564):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000140), 0x2, 0x0)
write$cgroup_freezer_state(r0, &(0x7f0000000040)='FROZEN\x00', 0x7)
socket(0x10, 0x80003, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000900)=@nat={'nat\x00', 0x1b, 0x5, 0x580, 0x0, 0x2a0, 0xffffffff, 0x2a0, 0x1f8, 0x538, 0x538, 0xffffffff, 0x538, 0x538, 0x5, &(0x7f0000000340), {[{{@ip={@multicast2, @loopback, 0xffffffff, 0x0, 'veth1_to_bridge\x00', 'bridge0\x00', {}, {0xff}, 0x62, 0x1, 0x28}, 0x0, 0x1c0, 0x1f8, 0x0, {}, [@common=@inet=@hashlimit2={{0x150}, {'hsr0\x00', {0x4, 0x497d, 0x1, 0x8001, 0x10, 0x3, 0x0, 0x20, 0x80}, {0x43d}}}]}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x1a, @broadcast, @local, @gre_key=0x6, @icmp_id=0x68}}}}, {{@uncond, 0x0, 0x70, 0xa8}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x1, @remote, @loopback, @gre_key=0x4, @icmp_id=0x64}}}}, {{@uncond, 0x0, 0x158, 0x190, 0x0, {}, [@common=@unspec=@conntrack1={{0xb8}, {{@ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', [0x0, 0xff000000, 0xff000000, 0xffffff00], @ipv4=@remote, [0xffffffff, 0x0, 0x0, 0xff], @ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, [0xffffff00, 0xff, 0xff0001fe, 0xff000000], @ipv6=@empty, [0x0, 0xffffffff, 0x0, 0xffffffff], 0xffff, 0x6, 0x2, 0x4e20, 0x4e24, 0x4e22, 0x4e20, 0x600, 0x2000}, 0x81, 0x2}}, @common=@ah={{0x30}, {[0xae, 0x7]}}]}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x0, @broadcast, @multicast2, @gre_key=0xf573, @port=0x4e22}}}}, {{@ip={@dev={0xac, 0x14, 0x14, 0x12}, @remote, 0xff000000, 0xffffffff, 'rose0\x00', 'vcan0\x00', {}, {0xff}, 0x6c, 0x2, 0x41}, 0x0, 0x70, 0xb8}, @unspec=@DNAT1={0x48, 'DNAT\x00', 0x1, {0x0, @ipv4=@multicast1, @ipv6=@remote, @port=0x4e23, @gre_key=0x835}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x5e0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x3, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='contention_end\x00', r1}, 0x18)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001900)={&(0x7f00000000c0)=ANY=[@ANYBLOB], 0x0, 0x28, 0x0, 0x1, 0x8}, 0x28)
socket$tipc(0x1e, 0x2, 0x0)
ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r2, 0x80089419, &(0x7f0000000200))
socket$xdp(0x2c, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r4, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x1, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x3a, &(0x7f0000000280)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local, {[@noop]}}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0xfffe}}}}}}, 0x0)

kernel console output (not intermixed with test programs):

 forwarding state
[  121.724246][ T7012] syzkaller0: entered promiscuous mode
[  121.735769][ T7012] syzkaller0: entered allmulticast mode
[  122.102638][ T7040] netlink: 20 bytes leftover after parsing attributes in process `syz.3.330'.
[  122.117612][ T7038] gretap0: entered promiscuous mode
[  122.126180][ T7038] vlan2: entered promiscuous mode
[  122.284734][ T7048] netlink: 48 bytes leftover after parsing attributes in process `syz.1.339'.
[  122.293943][ T7048] netlink: 12 bytes leftover after parsing attributes in process `syz.1.339'.
[  122.303148][ T7048] netlink: 48 bytes leftover after parsing attributes in process `syz.1.339'.
[  122.367630][ T7050] FAULT_INJECTION: forcing a failure.
[  122.367630][ T7050] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  122.381353][ T7050] CPU: 1 UID: 0 PID: 7050 Comm: syz.3.340 Not tainted syzkaller #0 PREEMPT(full) 
[  122.381378][ T7050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  122.381388][ T7050] Call Trace:
[  122.381395][ T7050]  <TASK>
[  122.381403][ T7050]  dump_stack_lvl+0xe8/0x150
[  122.381440][ T7050]  should_fail_ex+0x414/0x560
[  122.381471][ T7050]  _copy_to_user+0x31/0xb0
[  122.381494][ T7050]  simple_read_from_buffer+0xe1/0x170
[  122.381520][ T7050]  proc_fail_nth_read+0x1b3/0x220
[  122.381542][ T7050]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  122.381564][ T7050]  ? rw_verify_area+0x2a6/0x4d0
[  122.381588][ T7050]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  122.381608][ T7050]  vfs_read+0x200/0xa30
[  122.381623][ T7050]  ? fdget_pos+0x247/0x320
[  122.381647][ T7050]  ? __pfx___mutex_lock+0x10/0x10
[  122.381668][ T7050]  ? __pfx_vfs_read+0x10/0x10
[  122.381687][ T7050]  ? __fget_files+0x2a/0x420
[  122.381711][ T7050]  ? __fget_files+0x3a0/0x420
[  122.381730][ T7050]  ? __fget_files+0x2a/0x420
[  122.381760][ T7050]  ksys_read+0x145/0x250
[  122.381779][ T7050]  ? __pfx_ksys_read+0x10/0x10
[  122.381808][ T7050]  do_syscall_64+0xec/0xf80
[  122.381827][ T7050]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.381843][ T7050]  ? trace_irq_disable+0x37/0x100
[  122.381864][ T7050]  ? clear_bhb_loop+0x60/0xb0
[  122.381885][ T7050]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.381908][ T7050] RIP: 0033:0x7ff1ffd8e15c
[  122.381929][ T7050] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  122.381943][ T7050] RSP: 002b:00007ff200b6d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  122.381965][ T7050] RAX: ffffffffffffffda RBX: 00007ff1fffe5fa0 RCX: 00007ff1ffd8e15c
[  122.381978][ T7050] RDX: 000000000000000f RSI: 00007ff200b6d0a0 RDI: 0000000000000004
[  122.381988][ T7050] RBP: 00007ff200b6d090 R08: 0000000000000000 R09: 0000000000000000
[  122.381999][ T7050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  122.382009][ T7050] R13: 00007ff1fffe6038 R14: 00007ff1fffe5fa0 R15: 00007ffdde86e098
[  122.382041][ T7050]  </TASK>
[  122.834041][ T7058] syzkaller0: entered promiscuous mode
[  122.841201][ T7058] syzkaller0: entered allmulticast mode
[  122.882105][ T7062] netlink: 48 bytes leftover after parsing attributes in process `syz.3.346'.
[  122.921686][ T7062] netlink: 40 bytes leftover after parsing attributes in process `syz.3.346'.
[  123.168513][ T7074] netlink: ct family unspecified
[  123.174095][ T7074] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  123.606405][ T7095] syzkaller0: entered promiscuous mode
[  123.618848][ T7095] syzkaller0: entered allmulticast mode
[  123.828379][ T7111] tap0: tun_chr_ioctl cmd 2147767507
[  123.835781][ T7108] FAULT_INJECTION: forcing a failure.
[  123.835781][ T7108] name failslab, interval 1, probability 0, space 0, times 0
[  123.848533][ T7108] CPU: 0 UID: 0 PID: 7108 Comm: syz.3.364 Not tainted syzkaller #0 PREEMPT(full) 
[  123.848556][ T7108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  123.848566][ T7108] Call Trace:
[  123.848573][ T7108]  <TASK>
[  123.848580][ T7108]  dump_stack_lvl+0xe8/0x150
[  123.848604][ T7108]  should_fail_ex+0x414/0x560
[  123.848635][ T7108]  should_failslab+0xa8/0x100
[  123.848656][ T7108]  kmem_cache_alloc_noprof+0x88/0x710
[  123.848680][ T7108]  ? skb_clone+0x212/0x3a0
[  123.848705][ T7108]  skb_clone+0x212/0x3a0
[  123.848730][ T7108]  bpf_clone_redirect+0x16a/0x4b0
[  123.848756][ T7108]  ? bpf_test_run+0x192/0x7d0
[  123.848778][ T7108]  bpf_prog_9299a0b1a05450b6+0x5f/0x68
[  123.848798][ T7108]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  123.848821][ T7108]  ? arch_stack_walk+0xfc/0x150
[  123.848847][ T7108]  ? ktime_get+0x45/0x200
[  123.848878][ T7108]  ? seqcount_lockdep_reader_access+0xa9/0x100
[  123.848901][ T7108]  ? lockdep_hardirqs_on+0x7b/0x110
[  123.848917][ T7108]  ? ktime_get+0x45/0x200
[  123.848934][ T7108]  ? seqcount_lockdep_reader_access+0xea/0x100
[  123.848961][ T7108]  ? bpf_test_timer_continue+0x10d/0x320
[  123.848985][ T7108]  bpf_test_run+0x313/0x7d0
[  123.849024][ T7108]  ? __pfx_bpf_test_run+0x10/0x10
[  123.849053][ T7108]  ? csum_partial+0x239/0x2c0
[  123.849083][ T7108]  ? convert___skb_to_skb+0x3d/0x5b0
[  123.849106][ T7108]  bpf_prog_test_run_skb+0xd67/0x1d50
[  123.849140][ T7108]  ? __fget_files+0x2a/0x420
[  123.849160][ T7108]  ? __fget_files+0x3a0/0x420
[  123.849178][ T7108]  ? __fget_files+0x2a/0x420
[  123.849202][ T7108]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  123.849224][ T7108]  bpf_prog_test_run+0x2c7/0x340
[  123.849251][ T7108]  __sys_bpf+0x562/0x860
[  123.849274][ T7108]  ? __pfx___sys_bpf+0x10/0x10
[  123.849307][ T7108]  ? ksys_write+0x22a/0x250
[  123.849326][ T7108]  ? __pfx_ksys_write+0x10/0x10
[  123.849347][ T7108]  __x64_sys_bpf+0x7c/0x90
[  123.849369][ T7108]  do_syscall_64+0xec/0xf80
[  123.849384][ T7108]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.849399][ T7108]  ? trace_irq_disable+0x37/0x100
[  123.849418][ T7108]  ? clear_bhb_loop+0x60/0xb0
[  123.849437][ T7108]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.849453][ T7108] RIP: 0033:0x7ff1ffd8f749
[  123.849473][ T7108] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.849486][ T7108] RSP: 002b:00007ff200b6d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  123.849513][ T7108] RAX: ffffffffffffffda RBX: 00007ff1fffe5fa0 RCX: 00007ff1ffd8f749
[  123.849526][ T7108] RDX: 0000000000000050 RSI: 0000200000000080 RDI: 000000000000000a
[  123.849537][ T7108] RBP: 00007ff200b6d090 R08: 0000000000000000 R09: 0000000000000000
[  123.849547][ T7108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  123.849557][ T7108] R13: 00007ff1fffe6038 R14: 00007ff1fffe5fa0 R15: 00007ffdde86e098
[  123.849587][ T7108]  </TASK>
[  125.251881][ T7156] netlink: 20 bytes leftover after parsing attributes in process `syz.3.376'.
[  125.252814][ T7149] netlink: 24 bytes leftover after parsing attributes in process `syz.4.374'.
[  125.651215][ T7172] netlink: 8 bytes leftover after parsing attributes in process `syz.3.383'.
[  125.900642][ T7194] nbd: must specify at least one socket
[  125.915765][ T7184] bridge0: port 2(bridge_slave_1) entered disabled state
[  125.924379][ T7184] bridge0: port 1(bridge_slave_0) entered disabled state
[  126.050142][ T7184] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  126.065249][ T7184] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  126.247952][ T3019] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  126.270467][ T3019] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  126.313839][ T7173] delete_channel: no stack
[  126.345245][ T3019] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  126.370760][ T3019] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  126.462797][ T7210] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.537180][ T7211] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  126.569250][ T7216] __nla_validate_parse: 154 callbacks suppressed
[  126.569271][ T7216] netlink: 48 bytes leftover after parsing attributes in process `syz.2.391'.
[  126.622133][ T7216] netlink: 12 bytes leftover after parsing attributes in process `syz.2.391'.
[  126.636049][ T7210] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.659081][ T7216] netlink: 48 bytes leftover after parsing attributes in process `syz.2.391'.
[  126.745503][ T7210] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.878243][ T7234] FAULT_INJECTION: forcing a failure.
[  126.878243][ T7234] name failslab, interval 1, probability 0, space 0, times 0
[  126.891767][ T7234] CPU: 0 UID: 0 PID: 7234 Comm: syz.1.402 Not tainted syzkaller #0 PREEMPT(full) 
[  126.891792][ T7234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  126.891802][ T7234] Call Trace:
[  126.891809][ T7234]  <TASK>
[  126.891817][ T7234]  dump_stack_lvl+0xe8/0x150
[  126.891845][ T7234]  should_fail_ex+0x414/0x560
[  126.891876][ T7234]  should_failslab+0xa8/0x100
[  126.891899][ T7234]  kmem_cache_alloc_noprof+0x88/0x710
[  126.891925][ T7234]  ? skb_clone+0x212/0x3a0
[  126.891956][ T7234]  skb_clone+0x212/0x3a0
[  126.891981][ T7234]  bpf_clone_redirect+0x16a/0x4b0
[  126.892007][ T7234]  ? bpf_test_run+0x192/0x7d0
[  126.892028][ T7234]  bpf_prog_9299a0b1a05450b6+0x5f/0x68
[  126.892045][ T7234]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  126.892066][ T7234]  ? arch_stack_walk+0xfc/0x150
[  126.892092][ T7234]  ? ktime_get+0x45/0x200
[  126.892127][ T7234]  ? seqcount_lockdep_reader_access+0xa9/0x100
[  126.892150][ T7234]  ? lockdep_hardirqs_on+0x7b/0x110
[  126.892169][ T7234]  ? ktime_get+0x45/0x200
[  126.892189][ T7234]  ? seqcount_lockdep_reader_access+0xea/0x100
[  126.892224][ T7234]  ? bpf_test_timer_continue+0x10d/0x320
[  126.892250][ T7234]  bpf_test_run+0x313/0x7d0
[  126.892292][ T7234]  ? __pfx_bpf_test_run+0x10/0x10
[  126.892331][ T7234]  ? __kasan_krealloc+0xeb/0x110
[  126.892350][ T7234]  ? eth_type_trans+0x35e/0x6d0
[  126.892386][ T7234]  bpf_prog_test_run_skb+0xd67/0x1d50
[  126.892421][ T7234]  ? __fget_files+0x2a/0x420
[  126.892441][ T7234]  ? __fget_files+0x3a0/0x420
[  126.892460][ T7234]  ? __fget_files+0x2a/0x420
[  126.892484][ T7234]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  126.892507][ T7234]  bpf_prog_test_run+0x2c7/0x340
[  126.892534][ T7234]  __sys_bpf+0x562/0x860
[  126.892558][ T7234]  ? __pfx___sys_bpf+0x10/0x10
[  126.892595][ T7234]  ? ksys_write+0x22a/0x250
[  126.892614][ T7234]  ? __pfx_ksys_write+0x10/0x10
[  126.892639][ T7234]  __x64_sys_bpf+0x7c/0x90
[  126.892660][ T7234]  do_syscall_64+0xec/0xf80
[  126.892679][ T7234]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.892694][ T7234]  ? trace_irq_disable+0x37/0x100
[  126.892713][ T7234]  ? clear_bhb_loop+0x60/0xb0
[  126.892733][ T7234]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.892748][ T7234] RIP: 0033:0x7f0ccad8f749
[  126.892764][ T7234] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  126.892777][ T7234] RSP: 002b:00007f0ccbcb7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  126.892797][ T7234] RAX: ffffffffffffffda RBX: 00007f0ccafe5fa0 RCX: 00007f0ccad8f749
[  126.892810][ T7234] RDX: 0000000000000050 RSI: 0000200000000080 RDI: 000000000000000a
[  126.892820][ T7234] RBP: 00007f0ccbcb7090 R08: 0000000000000000 R09: 0000000000000000
[  126.892831][ T7234] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  126.892841][ T7234] R13: 00007f0ccafe6038 R14: 00007f0ccafe5fa0 R15: 00007fffb5f5f938
[  126.892882][ T7234]  </TASK>
[  127.223618][ T7237] vlan3: entered allmulticast mode
[  127.283131][ T7238] syzkaller0: entered promiscuous mode
[  127.288871][ T7238] syzkaller0: entered allmulticast mode
[  127.304696][ T7210] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  127.421038][ T7243] netlink: 4 bytes leftover after parsing attributes in process `syz.3.404'.
[  127.488523][ T7246] netlink: 16 bytes leftover after parsing attributes in process `syz.2.406'.
[  127.615475][  T462] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  127.670111][ T6392] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  127.717285][ T7261] netlink: 24 bytes leftover after parsing attributes in process `syz.3.410'.
[  127.733872][ T6392] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  127.742633][ T7259] netlink: 8 bytes leftover after parsing attributes in process `syz.2.420'.
[  127.771244][ T6392] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  127.862446][ T7265] Cannot find del_set index 2 as target
[  127.963667][ T5832] Bluetooth: hci4: link tx timeout
[  127.966047][ T7268] netlink: 'syz.1.413': attribute type 16 has an invalid length.
[  127.969174][ T5832] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  127.986508][ T7268] netlink: 'syz.1.413': attribute type 17 has an invalid length.
[  128.061434][ T7268] 8021q: adding VLAN 0 to HW filter on device bond0
[  128.073926][ T7268] 8021q: adding VLAN 0 to HW filter on device team0
[  128.084876][ T7268] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  128.170884][ T7276] bridge0: port 3(bond0) entered disabled state
[  128.177480][ T7276] bridge0: port 2(bridge_slave_1) entered disabled state
[  128.186372][ T7276] bridge0: port 1(bridge_slave_0) entered disabled state
[  128.292724][ T7285] xt_hashlimit: max too large, truncated to 1048576
[  128.318393][ T7285] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  128.383602][ T7285] netlink: 40 bytes leftover after parsing attributes in process `syz.0.421'.
[  128.430569][ T7285] netlink: 'syz.0.421': attribute type 4 has an invalid length.
[  128.565628][ T7293] netlink: 176 bytes leftover after parsing attributes in process `syz.4.427'.
[  128.701485][ T7302] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[  129.790704][ T7373] netlink: 4 bytes leftover after parsing attributes in process `syz.4.449'.
[  130.043787][ T7373] bridge_slave_1: left allmulticast mode
[  130.052602][ T5832] Bluetooth: hci4: command 0x0405 tx timeout
[  130.160687][ T7373] bridge_slave_1: left promiscuous mode
[  130.176958][ T7373] bridge0: port 2(bridge_slave_1) entered disabled state
[  130.221535][ T7373] bridge_slave_0: left promiscuous mode
[  130.227725][ T7373] bridge0: port 1(bridge_slave_0) entered disabled state
[  130.427033][ T7394] vlan2: entered promiscuous mode
[  130.641277][ T7411] openvswitch: netlink: Tunnel attr 0 has unexpected len 4 expected 8
[  131.188134][ T7439] netlink: 'syz.0.470': attribute type 11 has an invalid length.
[  131.200150][ T7437] syzkaller0: entered promiscuous mode
[  131.216588][ T7437] syzkaller0: entered allmulticast mode
[  131.268942][ T7443] Cannot find del_set index 2 as target
[  131.436926][ T7452] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  131.464975][ T7452] batman_adv: batadv0: Removing interface: batadv_slave_0
[  131.476681][ T7452] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  131.484337][ T7452] batman_adv: batadv0: Removing interface: batadv_slave_1
[  131.557190][ T7454] tipc: Failed to obtain node identity
[  131.571400][ T7454] tipc: Enabling of bearer <ib:caif0> rejected, failed to enable media
[  131.591812][ T7454] __nla_validate_parse: 1 callbacks suppressed
[  131.591830][ T7454] netlink: 40 bytes leftover after parsing attributes in process `syz.0.476'.
[  132.029312][ T7487] netlink: 'syz.4.482': attribute type 3 has an invalid length.
[  132.139106][ T7493] netlink: 'syz.2.484': attribute type 11 has an invalid length.
[  132.712291][ T7529] netlink: 4 bytes leftover after parsing attributes in process `syz.2.495'.
[  132.822004][ T5915] IPVS: starting estimator thread 0...
[  132.960437][ T7537] IPVS: using max 33 ests per chain, 79200 per kthread
[  132.985573][ T7535] xt_HMARK: spi-set and port-set can't be combined
[  133.030883][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  133.037274][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  133.165161][ T7544] netlink: 176 bytes leftover after parsing attributes in process `syz.0.499'.
[  133.278809][ T7556] netlink: 'syz.4.503': attribute type 2 has an invalid length.
[  133.328675][ T7556] : entered promiscuous mode
[  133.504997][ T7569] vlan2: entered promiscuous mode
[  133.517137][ T7571] netlink: 48 bytes leftover after parsing attributes in process `syz.3.510'.
[  133.576126][ T7571] netlink: 12 bytes leftover after parsing attributes in process `syz.3.510'.
[  133.603705][ T7571] netlink: 48 bytes leftover after parsing attributes in process `syz.3.510'.
[  133.614472][ T7576] FAULT_INJECTION: forcing a failure.
[  133.614472][ T7576] name failslab, interval 1, probability 0, space 0, times 0
[  133.647321][ T7576] CPU: 1 UID: 0 PID: 7576 Comm: syz.1.512 Not tainted syzkaller #0 PREEMPT(full) 
[  133.647346][ T7576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  133.647355][ T7576] Call Trace:
[  133.647362][ T7576]  <TASK>
[  133.647370][ T7576]  dump_stack_lvl+0xe8/0x150
[  133.647394][ T7576]  should_fail_ex+0x414/0x560
[  133.647424][ T7576]  should_failslab+0xa8/0x100
[  133.647446][ T7576]  __kmalloc_noprof+0xdf/0x800
[  133.647461][ T7576]  ? kfree+0x4d/0x660
[  133.647479][ T7576]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  133.647505][ T7576]  tomoyo_realpath_from_path+0xe3/0x5d0
[  133.647525][ T7576]  ? tomoyo_domain+0xd8/0x130
[  133.647550][ T7576]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  133.647568][ T7576]  tomoyo_path_number_perm+0x1e8/0x5a0
[  133.647590][ T7576]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  133.647606][ T7576]  ? __lock_acquire+0x6b6/0x2cf0
[  133.647639][ T7576]  ? __mutex_unlock_slowpath+0x1a1/0x730
[  133.647681][ T7576]  ? __fget_files+0x2a/0x420
[  133.647705][ T7576]  ? __fget_files+0x2a/0x420
[  133.647723][ T7576]  ? __fget_files+0x3a0/0x420
[  133.647742][ T7576]  ? __fget_files+0x2a/0x420
[  133.647787][ T7576]  security_file_ioctl+0xcb/0x2d0
[  133.647807][ T7576]  __se_sys_ioctl+0x47/0x170
[  133.647834][ T7576]  do_syscall_64+0xec/0xf80
[  133.647854][ T7576]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.647874][ T7576]  ? trace_irq_disable+0x37/0x100
[  133.647894][ T7576]  ? clear_bhb_loop+0x60/0xb0
[  133.647914][ T7576]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.647932][ T7576] RIP: 0033:0x7f0ccad8f749
[  133.647948][ T7576] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  133.647962][ T7576] RSP: 002b:00007f0ccbcb7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  133.647982][ T7576] RAX: ffffffffffffffda RBX: 00007f0ccafe5fa0 RCX: 00007f0ccad8f749
[  133.647995][ T7576] RDX: 00002000000010c0 RSI: 00000000000089b0 RDI: 0000000000000003
[  133.648006][ T7576] RBP: 00007f0ccbcb7090 R08: 0000000000000000 R09: 0000000000000000
[  133.648017][ T7576] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  133.648027][ T7576] R13: 00007f0ccafe6038 R14: 00007f0ccafe5fa0 R15: 00007fffb5f5f938
[  133.648058][ T7576]  </TASK>
[  133.648147][ T7576] ERROR: Out of memory at tomoyo_realpath_from_path.
[  134.092850][ T7598] FAULT_INJECTION: forcing a failure.
[  134.092850][ T7598] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  134.139160][ T7598] CPU: 1 UID: 0 PID: 7598 Comm: syz.4.519 Not tainted syzkaller #0 PREEMPT(full) 
[  134.139183][ T7598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  134.139193][ T7598] Call Trace:
[  134.139200][ T7598]  <TASK>
[  134.139208][ T7598]  dump_stack_lvl+0xe8/0x150
[  134.139233][ T7598]  should_fail_ex+0x414/0x560
[  134.139260][ T7598]  _copy_from_user+0x2d/0xb0
[  134.139281][ T7598]  kstrtouint_from_user+0xc4/0x170
[  134.139301][ T7598]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  134.139333][ T7598]  proc_fail_nth_write+0x88/0x200
[  134.139351][ T7598]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  134.139372][ T7598]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  134.139390][ T7598]  vfs_write+0x27e/0xb30
[  134.139426][ T7598]  ? __pfx_vfs_write+0x10/0x10
[  134.139445][ T7598]  ? __fget_files+0x2a/0x420
[  134.139467][ T7598]  ? __fget_files+0x3a0/0x420
[  134.139485][ T7598]  ? __fget_files+0x2a/0x420
[  134.139512][ T7598]  ksys_write+0x145/0x250
[  134.139532][ T7598]  ? __pfx_ksys_write+0x10/0x10
[  134.139557][ T7598]  do_syscall_64+0xec/0xf80
[  134.139577][ T7598]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.139592][ T7598]  ? trace_irq_disable+0x37/0x100
[  134.139610][ T7598]  ? clear_bhb_loop+0x60/0xb0
[  134.139630][ T7598]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.139645][ T7598] RIP: 0033:0x7fbfdeb8e1ff
[  134.139660][ T7598] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  134.139673][ T7598] RSP: 002b:00007fbfdcdf6030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  134.139692][ T7598] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fbfdeb8e1ff
[  134.139708][ T7598] RDX: 0000000000000001 RSI: 00007fbfdcdf60a0 RDI: 0000000000000004
[  134.139718][ T7598] RBP: 00007fbfdcdf6090 R08: 0000000000000000 R09: 0000000000000000
[  134.139729][ T7598] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  134.139739][ T7598] R13: 00007fbfdede6038 R14: 00007fbfdede5fa0 R15: 00007ffdd03a3f28
[  134.139770][ T7598]  </TASK>
[  134.364337][ T7603] netlink: 'syz.2.522': attribute type 11 has an invalid length.
[  134.425044][ T7605] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  134.607501][ T7605] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  134.683054][ T7605] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  134.784589][ T7605] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  134.941241][ T6392] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  134.975918][ T7642] FAULT_INJECTION: forcing a failure.
[  134.975918][ T7642] name failslab, interval 1, probability 0, space 0, times 0
[  134.988914][ T7642] CPU: 0 UID: 0 PID: 7642 Comm: syz.0.534 Not tainted syzkaller #0 PREEMPT(full) 
[  134.988942][ T7642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  134.988953][ T7642] Call Trace:
[  134.988960][ T7642]  <TASK>
[  134.988968][ T7642]  dump_stack_lvl+0xe8/0x150
[  134.988996][ T7642]  should_fail_ex+0x414/0x560
[  134.989027][ T7642]  should_failslab+0xa8/0x100
[  134.989050][ T7642]  kmem_cache_alloc_noprof+0x88/0x710
[  134.989076][ T7642]  ? skb_clone+0x212/0x3a0
[  134.989102][ T7642]  skb_clone+0x212/0x3a0
[  134.989125][ T7642]  bpf_clone_redirect+0x16a/0x4b0
[  134.989150][ T7642]  ? bpf_test_run+0x192/0x7d0
[  134.989172][ T7642]  bpf_prog_9299a0b1a05450b6+0x5f/0x68
[  134.989196][ T7642]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  134.989218][ T7642]  ? arch_stack_walk+0xfc/0x150
[  134.989246][ T7642]  ? ktime_get+0x45/0x200
[  134.989282][ T7642]  ? seqcount_lockdep_reader_access+0xa9/0x100
[  134.989315][ T7642]  ? lockdep_hardirqs_on+0x7b/0x110
[  134.989334][ T7642]  ? ktime_get+0x45/0x200
[  134.989354][ T7642]  ? seqcount_lockdep_reader_access+0xea/0x100
[  134.989382][ T7642]  ? bpf_test_timer_continue+0x10d/0x320
[  134.989407][ T7642]  bpf_test_run+0x313/0x7d0
[  134.989452][ T7642]  ? __pfx_bpf_test_run+0x10/0x10
[  134.989486][ T7642]  ? csum_partial+0x239/0x2c0
[  134.989519][ T7642]  ? convert___skb_to_skb+0x3d/0x5b0
[  134.989542][ T7642]  bpf_prog_test_run_skb+0xd67/0x1d50
[  134.989575][ T7642]  ? __fget_files+0x2a/0x420
[  134.989593][ T7642]  ? __fget_files+0x3a0/0x420
[  134.989611][ T7642]  ? __fget_files+0x2a/0x420
[  134.989633][ T7642]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  134.989655][ T7642]  bpf_prog_test_run+0x2c7/0x340
[  134.989682][ T7642]  __sys_bpf+0x562/0x860
[  134.989705][ T7642]  ? __pfx___sys_bpf+0x10/0x10
[  134.989744][ T7642]  ? ksys_write+0x22a/0x250
[  134.989762][ T7642]  ? __pfx_ksys_write+0x10/0x10
[  134.989786][ T7642]  __x64_sys_bpf+0x7c/0x90
[  134.989804][ T7642]  do_syscall_64+0xec/0xf80
[  134.989822][ T7642]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.989835][ T7642]  ? trace_irq_disable+0x37/0x100
[  134.989854][ T7642]  ? clear_bhb_loop+0x60/0xb0
[  134.989875][ T7642]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.989890][ T7642] RIP: 0033:0x7f527f98f749
[  134.989905][ T7642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  134.989918][ T7642] RSP: 002b:00007f52807e0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  134.989938][ T7642] RAX: ffffffffffffffda RBX: 00007f527fbe5fa0 RCX: 00007f527f98f749
[  134.989951][ T7642] RDX: 0000000000000050 RSI: 0000200000000080 RDI: 000000000000000a
[  134.989962][ T7642] RBP: 00007f52807e0090 R08: 0000000000000000 R09: 0000000000000000
[  134.989972][ T7642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  134.989983][ T7642] R13: 00007f527fbe6038 R14: 00007f527fbe5fa0 R15: 00007ffdf8dbd2d8
[  134.990011][ T7642]  </TASK>
[  135.334702][ T1095] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  135.383005][ T7646] netlink: 48 bytes leftover after parsing attributes in process `syz.2.535'.
[  135.420039][ T1095] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  135.478507][ T1095] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  135.572628][ T7656] netlink: 76 bytes leftover after parsing attributes in process `syz.1.540'.
[  135.893444][ T7674] syzkaller1: tun_chr_ioctl cmd 1074025677
[  135.927091][ T7674] syzkaller1: linktype set to 778
[  136.162396][ T7688] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  136.407410][ T7688] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  136.578462][ T7688] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  136.758293][ T7716] vlan0: entered promiscuous mode
[  136.835298][ T7688] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.009637][ T7729] netlink: 'syz.2.560': attribute type 10 has an invalid length.
[  137.042411][ T7729] bond0: left allmulticast mode
[  137.047310][ T7729] bond_slave_0: left allmulticast mode
[  137.071635][ T7729] bond_slave_1: left allmulticast mode
[  137.077291][ T7729] team0: left allmulticast mode
[  137.104376][ T7729] team_slave_0: left allmulticast mode
[  137.115071][ T7729] team_slave_1: left allmulticast mode
[  137.130517][ T7729] bond0: left promiscuous mode
[  137.141042][ T7729] bond_slave_0: left promiscuous mode
[  137.161042][ T7729] bond_slave_1: left promiscuous mode
[  137.166684][ T7729] team0: left promiscuous mode
[  137.183076][ T7729] team_slave_0: left promiscuous mode
[  137.188632][ T7737] netlink: 20 bytes leftover after parsing attributes in process `syz.1.561'.
[  137.198102][ T7729] team_slave_1: left promiscuous mode
[  137.206306][ T7729] bridge0: port 3(bond0) entered disabled state
[  137.222600][ T7729] team0: Device bond0 is already an upper device of the team interface
[  137.308380][   T30] audit: type=1107 audit(1768753453.690:2): pid=7742 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  137.474691][ T7759] Cannot find del_set index 2 as target
[  137.865093][ T7773] syzkaller0: entered promiscuous mode
[  137.876461][ T7773] syzkaller0: entered allmulticast mode
[  137.896970][ T7773] tipc: Started in network mode
[  137.918629][ T7773] tipc: Node identity 5a900be80aa7, cluster identity 4711
[  137.926693][ T7773] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  137.937968][ T7778] netlink: 24 bytes leftover after parsing attributes in process `syz.2.579'.
[  137.995153][ T7772] tipc: Resetting bearer <eth:syzkaller0>
[  138.043465][ T7772] tipc: Disabling bearer <eth:syzkaller0>
[  138.133172][ T7783] nbd: must specify at least one socket
[  138.213917][ T7793] netlink: 16 bytes leftover after parsing attributes in process `syz.0.584'.
[  138.228631][ T7795] netlink: 48 bytes leftover after parsing attributes in process `syz.2.585'.
[  138.461600][ T7809] netlink: 4 bytes leftover after parsing attributes in process `syz.0.591'.
[  138.486102][ T7811] batadv1: entered promiscuous mode
[  138.824250][ T7820] syzkaller0: entered promiscuous mode
[  138.830596][ T7820] syzkaller0: entered allmulticast mode
[  139.287625][ T7836] netlink: 'syz.4.601': attribute type 2 has an invalid length.
[  139.483551][ T6056] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  139.498609][ T7848] netlink: 48 bytes leftover after parsing attributes in process `syz.4.606'.
[  139.571565][  T462] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  139.603116][  T462] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  139.621641][  T462] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  139.932996][ T7867] vlan3: entered promiscuous mode
[  140.154895][ T7878] netlink: 48 bytes leftover after parsing attributes in process `syz.1.615'.
[  140.197375][ T7878] netlink: 12 bytes leftover after parsing attributes in process `syz.1.615'.
[  140.247564][ T7878] netlink: 48 bytes leftover after parsing attributes in process `syz.1.615'.
[  140.362471][ T6098] IPVS: starting estimator thread 0...
[  140.401001][ T7882] netlink: 12 bytes leftover after parsing attributes in process `syz.0.616'.
[  140.461369][ T7884] IPVS: using max 36 ests per chain, 86400 per kthread
[  140.633321][ T7898] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  140.672772][ T7895] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.792977][ T7895] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.849976][ T7893] syzkaller1: entered promiscuous mode
[  140.864769][ T7893] syzkaller1: entered allmulticast mode
[  140.881666][  T462] IPVS: stop unused estimator thread 0...
[  140.903444][ T7895] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.990918][ T7895] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.258403][ T7925] vlan0: entered allmulticast mode
[  141.826670][ T7955] syzkaller0: entered promiscuous mode
[  141.834342][ T7955] syzkaller0: entered allmulticast mode
[  141.847001][ T7955] tipc: Started in network mode
[  141.853982][ T7955] tipc: Node identity d238c30f0e9d, cluster identity 4711
[  141.863229][ T7955] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  141.875149][ T7952] tipc: Resetting bearer <eth:syzkaller0>
[  141.918762][ T7952] tipc: Disabling bearer <eth:syzkaller0>
[  141.931583][ T7959] nbd: must specify at least one socket
[  141.939157][ T7958] block nbd1: not configured, cannot reconfigure
[  142.338398][ T7980] __nla_validate_parse: 11 callbacks suppressed
[  142.338417][ T7980] netlink: 20 bytes leftover after parsing attributes in process `syz.4.649'.
[  142.773716][ T8001] netlink: 12 bytes leftover after parsing attributes in process `syz.2.659'.
[  143.236573][ T8018] syzkaller0: entered promiscuous mode
[  143.242326][ T8018] syzkaller0: entered allmulticast mode
[  143.588260][ T6101] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  143.612889][ T8032] netlink: 'syz.4.671': attribute type 1 has an invalid length.
[  143.626447][ T6392] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  143.649634][ T8037] netlink: 24 bytes leftover after parsing attributes in process `syz.0.673'.
[  143.663227][ T8035] netlink: 'syz.2.672': attribute type 9 has an invalid length.
[  143.698884][ T6101] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  143.710033][ T8035] netlink: 8 bytes leftover after parsing attributes in process `syz.2.672'.
[  143.752552][ T6101] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  143.999704][ T8049] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  144.228409][ T8072] netlink: 48 bytes leftover after parsing attributes in process `syz.3.681'.
[  144.239907][ T8072] netlink: 12 bytes leftover after parsing attributes in process `syz.3.681'.
[  144.262623][ T8072] netlink: 48 bytes leftover after parsing attributes in process `syz.3.681'.
[  144.415810][ T8084] syzkaller0: entered promiscuous mode
[  144.424710][ T8084] syzkaller0: entered allmulticast mode
[  144.429130][ T8087] netlink: 4 bytes leftover after parsing attributes in process `syz.3.685'.
[  144.557225][ T8089] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  144.575520][ T8089] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  144.815747][ T8082] netlink: 152 bytes leftover after parsing attributes in process `syz.3.685'.
[  144.871475][ T8099] netlink: 'syz.2.691': attribute type 21 has an invalid length.
[  144.897650][ T8099] netlink: 156 bytes leftover after parsing attributes in process `syz.2.691'.
[  144.934822][ T5147] Bluetooth: hci4: command 0x0405 tx timeout
[  145.177670][ T8109] syzkaller1: entered promiscuous mode
[  145.183383][ T8109] syzkaller1: entered allmulticast mode
[  145.194059][ T8109] af_packet: tpacket_rcv: packet too big, clamped from 64993 to 3952. macoff=96
[  145.315189][ T8115] syzkaller1: entered promiscuous mode
[  145.320927][ T8115] syzkaller1: entered allmulticast mode
[  145.745560][ T8136] nbd: must specify at least one socket
[  145.747289][ T8140] vlan2: entered allmulticast mode
[  145.910621][ T8148] xt_bpf: check failed: parse error
[  145.926929][ T8139] veth1_macvtap: left promiscuous mode
[  146.036740][ T8139] veth0_virt_wifi: renamed from macsec0
[  146.347547][ T8173] netlink: 'syz.0.720': attribute type 1 has an invalid length.
[  146.397112][ T8173] netlink: 'syz.0.720': attribute type 2 has an invalid length.
[  146.405996][ T8173] netlink: 'syz.0.720': attribute type 1 has an invalid length.
[  146.737478][ T8187] nbd: must specify at least one socket
[  146.883872][ T8190] syzkaller0: entered promiscuous mode
[  146.889533][ T8190] syzkaller0: entered allmulticast mode
[  146.901909][ T8190] tipc: Started in network mode
[  146.907292][ T8190] tipc: Node identity ae502868d8c4, cluster identity 4711
[  146.916177][ T8190] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  146.934019][ T8189] tipc: Resetting bearer <eth:syzkaller0>
[  146.977385][ T8189] tipc: Disabling bearer <eth:syzkaller0>
[  147.247750][ T8213] sctp: [Deprecated]: syz.0.730 (pid 8213) Use of struct sctp_assoc_value in delayed_ack socket option.
[  147.247750][ T8213] Use struct sctp_sack_info instead
[  147.269999][ T8212] netlink: 'syz.4.732': attribute type 1 has an invalid length.
[  147.535734][ T8212] 8021q: adding VLAN 0 to HW filter on device bond2
[  147.558058][ T8215] bond2: (slave ip6gretap1): making interface the new active one
[  147.568033][ T8215] bond2: (slave ip6gretap1): Enslaving as an active interface with an up link
[  147.597693][ T8218] veth5: entered promiscuous mode
[  147.607142][ T8218] bond2: (slave veth5): Enslaving as an active interface with a down link
[  147.618636][ T8219] syzkaller1: tun_chr_ioctl cmd 1074025677
[  147.625108][ T8219] syzkaller1: linktype set to 778
[  147.632051][ T8220] erspan0: entered allmulticast mode
[  147.652158][ T8220] bond2: (slave erspan0): Enslaving as an active interface with an up link
[  147.679313][ T8223] bond2: (slave vlan0): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  147.842393][ T8226] __nla_validate_parse: 9 callbacks suppressed
[  147.842411][ T8226] netlink: 16 bytes leftover after parsing attributes in process `syz.2.734'.
[  148.136314][ T8238] netlink: 'syz.2.738': attribute type 32 has an invalid length.
[  148.150468][ T8238] netlink: 20 bytes leftover after parsing attributes in process `syz.2.738'.
[  148.180619][ T8238] bond0: option coupled_control: mode dependency failed, not supported in mode balance-rr(0)
[  148.565235][ T8254] netlink: 176 bytes leftover after parsing attributes in process `syz.2.744'.
[  148.620751][ T8264] netlink: 'syz.1.750': attribute type 9 has an invalid length.
[  148.628444][ T8264] netlink: 8 bytes leftover after parsing attributes in process `syz.1.750'.
[  148.732365][ T8268] netlink: 8 bytes leftover after parsing attributes in process `syz.4.751'.
[  148.987451][   T49] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  148.997075][ T8271] netlink: 12 bytes leftover after parsing attributes in process `syz.4.751'.
[  149.042228][ T8279] vlan2: entered promiscuous mode
[  149.119810][   T49] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  149.170741][   T49] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  149.226195][   T49] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  149.237057][ T8286] netlink: 20 bytes leftover after parsing attributes in process `syz.2.756'.
[  149.398293][ T8285] netlink: 16 bytes leftover after parsing attributes in process `syz.1.757'.
[  149.517944][ T5915] IPVS: starting estimator thread 0...
[  149.620590][ T8295] IPVS: using max 34 ests per chain, 81600 per kthread
[  149.628999][ T8297] netlink: 20 bytes leftover after parsing attributes in process `syz.0.758'.
[  149.790189][ T8307] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  149.931816][ T8302] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  149.982847][ T8316] No such timeout policy "syz1"
[  150.028808][ T8302] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.258497][ T8302] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.345094][ T8302] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.348975][ T3019] IPVS: stop unused estimator thread 0...
[  150.478183][ T8339] vlan3: entered promiscuous mode
[  150.576094][ T8341] netlink: 20 bytes leftover after parsing attributes in process `syz.0.771'.
[  150.770161][   T49] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  150.802794][ T6392] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  150.860223][ T6392] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  150.988220][ T6094] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  151.382641][ T8377] netlink: 'syz.0.780': attribute type 13 has an invalid length.
[  151.486587][ T8380] syzkaller1: entered promiscuous mode
[  151.494082][ T8380] syzkaller1: entered allmulticast mode
[  152.084921][ T8411] xt_bpf: check failed: parse error
[  153.006518][ T8445] syzkaller0: entered promiscuous mode
[  153.035064][ T8445] syzkaller0: entered allmulticast mode
[  153.056402][ T8449] FAULT_INJECTION: forcing a failure.
[  153.056402][ T8449] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  153.071630][ T8445] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  153.074444][ T8449] CPU: 0 UID: 0 PID: 8449 Comm: syz.0.806 Not tainted syzkaller #0 PREEMPT(full) 
[  153.074469][ T8449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  153.074480][ T8449] Call Trace:
[  153.074488][ T8449]  <TASK>
[  153.074496][ T8449]  dump_stack_lvl+0xe8/0x150
[  153.074523][ T8449]  should_fail_ex+0x414/0x560
[  153.074554][ T8449]  _copy_to_user+0x31/0xb0
[  153.074578][ T8449]  simple_read_from_buffer+0xe1/0x170
[  153.074603][ T8449]  proc_fail_nth_read+0x1b3/0x220
[  153.074624][ T8449]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  153.074653][ T8449]  ? rw_verify_area+0x2a6/0x4d0
[  153.074677][ T8449]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  153.074695][ T8449]  vfs_read+0x200/0xa30
[  153.074710][ T8449]  ? fdget_pos+0x247/0x320
[  153.074735][ T8449]  ? __pfx___mutex_lock+0x10/0x10
[  153.074756][ T8449]  ? __pfx_vfs_read+0x10/0x10
[  153.074773][ T8449]  ? __fget_files+0x2a/0x420
[  153.074796][ T8449]  ? __fget_files+0x3a0/0x420
[  153.074814][ T8449]  ? __fget_files+0x2a/0x420
[  153.074841][ T8449]  ksys_read+0x145/0x250
[  153.074860][ T8449]  ? __pfx_ksys_read+0x10/0x10
[  153.074885][ T8449]  do_syscall_64+0xec/0xf80
[  153.074905][ T8449]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.074920][ T8449]  ? trace_irq_disable+0x37/0x100
[  153.074941][ T8449]  ? clear_bhb_loop+0x60/0xb0
[  153.074961][ T8449]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.074976][ T8449] RIP: 0033:0x7f527f98e15c
[  153.074993][ T8449] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  153.075007][ T8449] RSP: 002b:00007f52807e0030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  153.075027][ T8449] RAX: ffffffffffffffda RBX: 00007f527fbe5fa0 RCX: 00007f527f98e15c
[  153.075039][ T8449] RDX: 000000000000000f RSI: 00007f52807e00a0 RDI: 0000000000000004
[  153.075050][ T8449] RBP: 00007f52807e0090 R08: 0000000000000000 R09: 0000000000000000
[  153.075061][ T8449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  153.075070][ T8449] R13: 00007f527fbe6038 R14: 00007f527fbe5fa0 R15: 00007ffdf8dbd2d8
[  153.075099][ T8449]  </TASK>
[  153.440998][ T8444] tipc: Resetting bearer <eth:syzkaller0>
[  153.483406][ T8444] tipc: Disabling bearer <eth:syzkaller0>
[  153.522521][ T8472] __nla_validate_parse: 6 callbacks suppressed
[  153.522539][ T8472] netlink: 24 bytes leftover after parsing attributes in process `syz.1.813'.
[  153.693969][ T8475] nbd: must specify at least one socket
[  153.702011][ T8499] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.818'.
[  153.719781][ T8497] Cannot find del_set index 2 as target
[  153.975923][ T8508] netlink: 16 bytes leftover after parsing attributes in process `syz.4.820'.
[  154.058310][ T8511] netlink: 4 bytes leftover after parsing attributes in process `syz.3.821'.
[  154.780296][ T8543] netlink: 'syz.0.830': attribute type 9 has an invalid length.
[  154.792940][ T8543] netlink: 8 bytes leftover after parsing attributes in process `syz.0.830'.
[  154.842673][ T8538] netlink: 176 bytes leftover after parsing attributes in process `syz.4.829'.
[  155.167131][ T8553] netlink: 20 bytes leftover after parsing attributes in process `syz.0.832'.
[  155.240768][ T8565] netlink: 'syz.4.835': attribute type 2 has an invalid length.
[  155.329719][ T8548] netlink: 'syz.1.831': attribute type 2 has an invalid length.
[  155.401752][ T8571] netlink: 24 bytes leftover after parsing attributes in process `syz.4.836'.
[  155.737799][ T8585] xt_CT: You must specify a L4 protocol and not use inversions on it
[  156.078573][ T8594] raw_sendmsg: syz.0.840 forgot to set AF_INET. Fix it!
[  156.340851][ T8615] netlink: 4 bytes leftover after parsing attributes in process `syz.0.848'.
[  156.421960][ T8615] netlink: 'syz.0.848': attribute type 3 has an invalid length.
[  156.462205][ T8615] netlink: 'syz.0.848': attribute type 1 has an invalid length.
[  156.505976][ T8615] erspan0: entered promiscuous mode
[  156.604995][ T8626] netlink: 12 bytes leftover after parsing attributes in process `syz.0.848'.
[  156.696834][ T8631] 8021q: adding VLAN 0 to HW filter on device bond0
[  156.713350][ T8631] bond0: (slave rose0): Enslaving as an active interface with an up link
[  156.770100][ T8635] FAULT_INJECTION: forcing a failure.
[  156.770100][ T8635] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  156.877606][ T8635] CPU: 1 UID: 0 PID: 8635 Comm: syz.1.854 Not tainted syzkaller #0 PREEMPT(full) 
[  156.877632][ T8635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  156.877642][ T8635] Call Trace:
[  156.877649][ T8635]  <TASK>
[  156.877656][ T8635]  dump_stack_lvl+0xe8/0x150
[  156.877683][ T8635]  should_fail_ex+0x414/0x560
[  156.877713][ T8635]  _copy_from_user+0x2d/0xb0
[  156.877735][ T8635]  ___sys_sendmsg+0x158/0x2a0
[  156.877758][ T8635]  ? __pfx____sys_sendmsg+0x10/0x10
[  156.877811][ T8635]  ? __fget_files+0x2a/0x420
[  156.877829][ T8635]  ? __fget_files+0x3a0/0x420
[  156.877858][ T8635]  __x64_sys_sendmsg+0x19b/0x260
[  156.877881][ T8635]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  156.877910][ T8635]  ? __pfx_ksys_write+0x10/0x10
[  156.877937][ T8635]  do_syscall_64+0xec/0xf80
[  156.877956][ T8635]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.877971][ T8635]  ? trace_irq_disable+0x37/0x100
[  156.878001][ T8635]  ? clear_bhb_loop+0x60/0xb0
[  156.878021][ T8635]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.878037][ T8635] RIP: 0033:0x7f0ccad8f749
[  156.878053][ T8635] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.878067][ T8635] RSP: 002b:00007f0ccbcb7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  156.878086][ T8635] RAX: ffffffffffffffda RBX: 00007f0ccafe5fa0 RCX: 00007f0ccad8f749
[  156.878099][ T8635] RDX: 0000000000040882 RSI: 0000200000000140 RDI: 0000000000000004
[  156.878110][ T8635] RBP: 00007f0ccbcb7090 R08: 0000000000000000 R09: 0000000000000000
[  156.878121][ T8635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  156.878131][ T8635] R13: 00007f0ccafe6038 R14: 00007f0ccafe5fa0 R15: 00007fffb5f5f938
[  156.878160][ T8635]  </TASK>
[  157.068180][ T8626] netlink: 'syz.0.848': attribute type 5 has an invalid length.
[  157.571475][ T8660] netlink: 'syz.1.862': attribute type 2 has an invalid length.
[  157.579780][ T8655] syzkaller1: entered promiscuous mode
[  157.590710][ T8655] syzkaller1: entered allmulticast mode
[  158.090746][ T8682] macsec0: entered promiscuous mode
[  158.096394][ T8682] macsec0: entered allmulticast mode
[  158.625889][ T8716] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[  158.767248][ T8725] __nla_validate_parse: 3 callbacks suppressed
[  158.767261][ T8725] netlink: 48 bytes leftover after parsing attributes in process `syz.0.885'.
[  158.854022][ T8729] netlink: 24 bytes leftover after parsing attributes in process `syz.2.886'.
[  159.013997][ T8738] nbd: must specify at least one socket
[  159.121865][ T8740] netlink: 20 bytes leftover after parsing attributes in process `syz.4.889'.
[  159.156203][ T8750] netlink: 8 bytes leftover after parsing attributes in process `syz.0.890'.
[  159.662380][ T8773] Cannot find del_set index 2 as target
[  159.780284][ T8768] netlink: 20 bytes leftover after parsing attributes in process `syz.3.895'.
[  160.031926][ T8786] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.077798][ T8788] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  160.134455][ T8782] syzkaller0: entered promiscuous mode
[  160.170198][ T8782] syzkaller0: entered allmulticast mode
[  160.202752][ T8791] bridge0: entered allmulticast mode
[  160.216197][ T8786] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.269392][ T8797] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  160.343384][ T8796] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.432354][ T8786] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.589358][ T8809] syzkaller0: entered promiscuous mode
[  162.597423][ T8809] syzkaller0: entered allmulticast mode
[  162.715795][ T8816] netlink: 'syz.3.916': attribute type 29 has an invalid length.
[  162.725771][ T8796] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.753693][ T8786] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.839480][ T8796] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.870121][ T8825] netlink: 'syz.1.921': attribute type 2 has an invalid length.
[  162.885766][ T8827] netlink: 4 bytes leftover after parsing attributes in process `syz.0.920'.
[  162.897836][ T8825] netlink: 164 bytes leftover after parsing attributes in process `syz.1.921'.
[  162.942840][ T8796] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.033710][ T1095] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  163.066883][   T13] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  163.123988][   T13] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  163.155378][   T13] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  163.317449][   T13] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  163.364756][   T13] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  163.413375][ T1131] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  163.430560][ T1131] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  163.511561][ T8855] netlink: 4 bytes leftover after parsing attributes in process `syz.1.933'.
[  164.116511][ T8901] netlink: 8 bytes leftover after parsing attributes in process `syz.0.954'.
[  164.138127][ T8901] netlink: 8 bytes leftover after parsing attributes in process `syz.0.954'.
[  164.920683][ T8953] sch_fq: defrate 1280 ignored.
[  165.452452][ T8972] netlink: 'syz.4.988': attribute type 146 has an invalid length.
[  165.561627][ T8976] netlink: 176 bytes leftover after parsing attributes in process `syz.2.990'.
[  165.615946][ T8982] openvswitch: netlink: Missing key (keys=40, expected=200000)
[  165.716769][ T8988] syzkaller0: entered promiscuous mode
[  165.724904][ T8988] syzkaller0: entered allmulticast mode
[  166.642222][ T9058] netlink: 'syz.3.1026': attribute type 2 has an invalid length.
[  166.658803][ T9058] tipc: Started in network mode
[  166.666761][ T9058] tipc: Node identity 1340008, cluster identity 4711
[  166.674075][ T9058] tipc: Node number set to 20185096
[  166.720454][ T9062] sch_fq: defrate 1280 ignored.
[  166.800128][ T9065] batadv1: entered promiscuous mode
[  167.567231][ T9094] netlink: 4560 bytes leftover after parsing attributes in process `syz.1.1043'.
[  167.603746][ T9094] netlink: 4560 bytes leftover after parsing attributes in process `syz.1.1043'.
[  167.769416][ T9099] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1046'.
[  168.340592][ T9148] netlink: 'syz.4.1068': attribute type 10 has an invalid length.
[  168.566988][ T9162] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1077'.
[  169.118015][ T9198] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1091'.
[  169.155273][ T9199] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1091'.
[  169.207177][ T9198] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1091'.
[  169.540088][ T9226] netlink: 'syz.1.1105': attribute type 3 has an invalid length.
[  169.936938][ T9250] netlink: 100 bytes leftover after parsing attributes in process `syz.0.1115'.
[  170.477767][ T9272] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1126'.
[  170.836917][ T9285] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1132'.
[  171.036301][ T9295] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1136'.
[  171.040152][ T9293] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1132'.
[  171.145711][ T9296] openvswitch: netlink: Unexpected mask (mask=20240, allowed=10048)
[  171.938341][ T9322] netlink: 'syz.4.1149': attribute type 10 has an invalid length.
[  172.636563][ T9337] netlink: zone id is out of range
[  172.641961][ T9337] netlink: zone id is out of range
[  172.658045][ T9337] netlink: set zone limit has 8 unknown bytes
[  173.786035][ T9412] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1194'.
[  173.808061][ T9412] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1194'.
[  173.853698][ T9412] netlink: 'syz.1.1194': attribute type 4 has an invalid length.
[  175.298290][ T9516] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1243'.
[  175.308676][ T9516] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1243'.
[  175.318851][ T9516] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1243'.
[  176.227786][ T9548] tc_dump_action: action bad kind
[  176.741236][ T9588] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1277'.
[  176.857590][ T9596] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1281'.
[  177.187572][ T9620] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1293'.
[  177.419912][ T9635] openvswitch: netlink: Key 22 has unexpected len 2 expected 4
[  177.520540][ T9647] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1305'.
[  177.938052][ T9674] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1318'.
[  178.708198][ T9726] netlink: 'syz.0.1341': attribute type 10 has an invalid length.
[  179.159392][ T9756] netlink: 'syz.4.1359': attribute type 1 has an invalid length.
[  179.185883][ T9756] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  179.810841][ T9804] netlink: 'syz.2.1383': attribute type 10 has an invalid length.
[  180.519577][ T9860] IPv6: NLM_F_CREATE should be specified when creating new route
[  180.551214][ T9860] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  180.559062][ T9860] IPv6: NLM_F_CREATE should be set when creating new route
[  180.971130][ T9895] netlink: 'syz.3.1425': attribute type 10 has an invalid length.
[  181.551711][ T9928] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1438'.
[  181.763549][ T9941] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  181.994160][ T9961] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1453'.
[  182.270780][ T9976] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1460'.
[  182.596051][T10000] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1474'.
[  182.601737][T10004] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  182.624827][T10000] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1474'.
[  182.651607][T10000] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1474'.
[  182.660697][T10006] netlink: 'syz.0.1475': attribute type 10 has an invalid length.
[  182.677121][T10000] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1474'.
[  183.113719][T10040] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1492'.
[  183.392354][T10062] warning: `syz.0.1502' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  183.566329][T10077] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1509'.
[  183.698985][T10087] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1509'.
[  183.745844][T10087] openvswitch: netlink: Unexpected mask (mask=20240, allowed=10048)
[  184.453054][T10122] netlink: 'syz.3.1531': attribute type 1 has an invalid length.
[  184.460956][T10122] netlink: 'syz.3.1531': attribute type 4 has an invalid length.
[  186.668923][T10288] netlink: 'syz.2.1613': attribute type 10 has an invalid length.
[  186.798206][T10298] __nla_validate_parse: 9 callbacks suppressed
[  186.798224][T10298] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1619'.
[  186.857224][T10303] netlink: 'syz.1.1620': attribute type 1 has an invalid length.
[  186.886817][T10303] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  187.065713][T10318] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1627'.
[  187.076452][T10318] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1627'.
[  187.087187][T10319] netlink: 'syz.3.1629': attribute type 10 has an invalid length.
[  187.321760][T10338] netlink: 'syz.1.1636': attribute type 1 has an invalid length.
[  187.341678][T10338] netlink: 'syz.1.1636': attribute type 2 has an invalid length.
[  187.371768][T10338] netlink: 'syz.1.1636': attribute type 1 has an invalid length.
[  187.379567][T10338] netlink: 'syz.1.1636': attribute type 3 has an invalid length.
[  187.869089][T10370] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1653'.
[  188.029024][T10384] netlink: 'syz.4.1660': attribute type 10 has an invalid length.
[  188.544763][T10418] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1677'.
[  188.785981][T10433] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  189.314318][T10471] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1703'.
[  189.359180][T10478] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1707'.
[  189.392358][T10478] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1707'.
[  189.584481][T10494] netlink: 7 bytes leftover after parsing attributes in process `syz.3.1715'.
[  189.619618][T10494] netlink: 7 bytes leftover after parsing attributes in process `syz.3.1715'.
[  189.803135][T10508] validate_nla: 2 callbacks suppressed
[  189.803153][T10508] netlink: 'syz.3.1721': attribute type 1 has an invalid length.
[  189.844835][T10508] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  190.991603][T10560] netlink: 'syz.0.1745': attribute type 1 has an invalid length.
[  190.999611][T10560] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  191.888436][T10526] __nla_validate_parse: 3 callbacks suppressed
[  191.888453][T10526] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1727'.
[  192.029659][T10598] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1759'.
[  192.062142][T10601] netlink: 'syz.1.1763': attribute type 10 has an invalid length.
[  192.129589][T10605] netlink: 'syz.3.1767': attribute type 1 has an invalid length.
[  192.138426][T10605] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  192.316565][T10618] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1772'.
[  192.334897][T10621] openvswitch: netlink: ct_state flags 010000e0 unsupported
[  192.671226][T10646] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1785'.
[  192.817728][T10660] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1786'.
[  192.915219][T10668] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1794'.
[  192.925815][T10668] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1794'.
[  192.935303][T10668] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1794'.
[  193.018198][T10674] netlink: 'syz.3.1797': attribute type 9 has an invalid length.
[  193.026903][T10674] netlink: 'syz.3.1797': attribute type 11 has an invalid length.
[  193.039827][T10674] netlink: 'syz.3.1797': attribute type 12 has an invalid length.
[  193.049272][T10674] netlink: 210020 bytes leftover after parsing attributes in process `syz.3.1797'.
[  193.061989][T10674] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1797'.
[  193.871058][T10729] batadv0: mtu less than device minimum
[  194.464363][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  194.472067][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  195.194406][T10789] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  195.631221][T10815] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  197.223618][T10857] __nla_validate_parse: 10 callbacks suppressed
[  197.223638][T10857] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1875'.
[  198.335002][T10912] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1897'.
[  198.622787][T10927] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  198.655654][T10932] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1907'.
[  198.804244][T10930] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1909'.
[  198.890107][T10944] netlink: 'syz.3.1913': attribute type 10 has an invalid length.
[  199.265272][T10966] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1922'.
[  199.293477][T10966] netlink: 'syz.3.1922': attribute type 3 has an invalid length.
[  199.312758][T10966] netlink: 'syz.3.1922': attribute type 1 has an invalid length.
[  199.472964][T10979] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1928'.
[  200.860286][T11070] netlink: 'syz.4.1970': attribute type 10 has an invalid length.
[  200.946915][T11078] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  201.037076][T11085] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1977'.
[  201.138750][T11090] netlink: 'syz.2.1980': attribute type 11 has an invalid length.
[  201.154978][T11090] netlink: 'syz.2.1980': attribute type 23 has an invalid length.
[  201.163400][T11090] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1980'.
[  201.187180][T11092] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.1981'.
[  201.219504][T11090] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.269020][T11099] vlan0: entered allmulticast mode
[  201.291035][T11099] bridge_slave_0: entered allmulticast mode
[  201.302429][T11101] netlink: 'syz.3.1985': attribute type 10 has an invalid length.
[  201.355039][T11090] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.452460][T11090] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.524256][T11090] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.633598][ T1095] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  201.652583][ T5147] Bluetooth: hci1: command 0x0406 tx timeout
[  201.652666][ T5836] Bluetooth: hci2: command 0x0406 tx timeout
[  201.665456][ T5835] Bluetooth: hci3: command 0x0406 tx timeout
[  201.677575][T11124] netlink: 212408 bytes leftover after parsing attributes in process `syz.4.1997'.
[  201.708980][ T1095] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  201.759776][   T49] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  201.801544][ T1095] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  202.322487][T11170] netlink: 'syz.4.2017': attribute type 21 has an invalid length.
[  202.340846][T11170] __nla_validate_parse: 1 callbacks suppressed
[  202.340867][T11170] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2017'.
[  202.436804][T11180] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2021'.
[  203.210635][T11222] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2042'.
[  203.242185][T11222] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2042'.
[  203.292543][T11222] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2042'.
[  203.439129][T11240] netlink: 104 bytes leftover after parsing attributes in process `syz.4.2048'.
[  203.551082][T11237] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2049'.
[  203.582949][T11248] netlink: 'syz.3.2052': attribute type 12 has an invalid length.
[  203.980907][T11270] netlink: 52 bytes leftover after parsing attributes in process `syz.0.2058'.
[  203.991105][T11270] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2058'.
[  204.965707][T11297] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.2069'.
[  206.066029][T11286] erspan0: entered promiscuous mode
[  206.278211][T11350] Cannot find del_set index 2 as target
[  206.488387][T11363] netlink: 'syz.3.2100': attribute type 1 has an invalid length.
[  206.525925][T11369] erspan0: entered promiscuous mode
[  206.722160][T11379] syzkaller1: entered promiscuous mode
[  206.727698][T11379] syzkaller1: entered allmulticast mode
[  206.879391][T11389] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  207.006171][T11398] batadv0: mtu less than device minimum
[  207.054446][T11398] bridge_slave_1: left allmulticast mode
[  207.064340][T11398] bridge_slave_1: left promiscuous mode
[  207.079128][T11398] bridge0: port 2(bridge_slave_1) entered disabled state
[  207.140519][T11398] bridge_slave_0: left promiscuous mode
[  207.156590][T11398] bridge0: port 1(bridge_slave_0) entered disabled state
[  207.673254][T11425] syzkaller0: entered promiscuous mode
[  207.679011][T11425] syzkaller0: entered allmulticast mode
[  207.775771][T11435] FAULT_INJECTION: forcing a failure.
[  207.775771][T11435] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  207.793741][T11435] CPU: 0 UID: 0 PID: 11435 Comm: syz.4.2130 Not tainted syzkaller #0 PREEMPT(full) 
[  207.793765][T11435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  207.793775][T11435] Call Trace:
[  207.793782][T11435]  <TASK>
[  207.793789][T11435]  dump_stack_lvl+0xe8/0x150
[  207.793814][T11435]  should_fail_ex+0x414/0x560
[  207.793842][T11435]  _copy_from_user+0x2d/0xb0
[  207.793862][T11435]  ___sys_sendmsg+0x158/0x2a0
[  207.793884][T11435]  ? __pfx____sys_sendmsg+0x10/0x10
[  207.793931][T11435]  ? __fget_files+0x2a/0x420
[  207.793949][T11435]  ? __fget_files+0x3a0/0x420
[  207.793975][T11435]  __x64_sys_sendmsg+0x19b/0x260
[  207.793996][T11435]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  207.794022][T11435]  ? __pfx_ksys_write+0x10/0x10
[  207.794045][T11435]  do_syscall_64+0xec/0xf80
[  207.794065][T11435]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.794078][T11435]  ? trace_irq_disable+0x37/0x100
[  207.794097][T11435]  ? clear_bhb_loop+0x60/0xb0
[  207.794116][T11435]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.794130][T11435] RIP: 0033:0x7fbfdeb8f749
[  207.794145][T11435] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  207.794159][T11435] RSP: 002b:00007fbfdcdf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  207.794177][T11435] RAX: ffffffffffffffda RBX: 00007fbfdede5fa0 RCX: 00007fbfdeb8f749
[  207.794190][T11435] RDX: a92e338440b7f238 RSI: 0000200000000140 RDI: 0000000000000003
[  207.794201][T11435] RBP: 00007fbfdcdf6090 R08: 0000000000000000 R09: 0000000000000000
[  207.794212][T11435] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  207.794221][T11435] R13: 00007fbfdede6038 R14: 00007fbfdede5fa0 R15: 00007ffdd03a3f28
[  207.794248][T11435]  </TASK>
[  208.015840][T11440] netlink: 'syz.1.2131': attribute type 146 has an invalid length.
[  208.094957][T11443] __nla_validate_parse: 8 callbacks suppressed
[  208.094977][T11443] netlink: 212408 bytes leftover after parsing attributes in process `syz.4.2133'.
[  208.846466][T11492] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2155'.
[  210.591021][T11516] FAULT_INJECTION: forcing a failure.
[  210.591021][T11516] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  210.627182][T11519] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2166'.
[  210.641677][T11516] CPU: 1 UID: 0 PID: 11516 Comm: syz.3.2165 Not tainted syzkaller #0 PREEMPT(full) 
[  210.641703][T11516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  210.641714][T11516] Call Trace:
[  210.641722][T11516]  <TASK>
[  210.641729][T11516]  dump_stack_lvl+0xe8/0x150
[  210.641757][T11516]  should_fail_ex+0x414/0x560
[  210.641788][T11516]  _copy_from_user+0x2d/0xb0
[  210.641809][T11516]  sk_setsockopt+0x27f/0x2dc0
[  210.641833][T11516]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  210.641854][T11516]  ? get_pid_task+0x20/0x1f0
[  210.641876][T11516]  ? __pfx_sk_setsockopt+0x10/0x10
[  210.641901][T11516]  ? __lock_acquire+0x6b6/0x2cf0
[  210.641934][T11516]  ? __mutex_unlock_slowpath+0x1a1/0x730
[  210.641962][T11516]  udp_lib_setsockopt+0xec/0x970
[  210.641985][T11516]  ? __pfx_udp_lib_setsockopt+0x10/0x10
[  210.642006][T11516]  ? __fget_files+0x2a/0x420
[  210.642026][T11516]  ? aa_sock_opt_perm+0xff/0x1a0
[  210.642049][T11516]  udp_setsockopt+0x77/0xc0
[  210.642066][T11516]  ? __pfx_udp_push_pending_frames+0x10/0x10
[  210.642088][T11516]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  210.642107][T11516]  do_sock_setsockopt+0x17c/0x1b0
[  210.642132][T11516]  __x64_sys_setsockopt+0x13f/0x1b0
[  210.642158][T11516]  do_syscall_64+0xec/0xf80
[  210.642177][T11516]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.642194][T11516]  ? trace_irq_disable+0x37/0x100
[  210.642214][T11516]  ? clear_bhb_loop+0x60/0xb0
[  210.642235][T11516]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.642252][T11516] RIP: 0033:0x7ff1ffd8f749
[  210.642268][T11516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  210.642282][T11516] RSP: 002b:00007ff200b6d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  210.642302][T11516] RAX: ffffffffffffffda RBX: 00007ff1fffe5fa0 RCX: 00007ff1ffd8f749
[  210.642315][T11516] RDX: 000000000000003e RSI: 0000000000000001 RDI: 0000000000000004
[  210.642327][T11516] RBP: 00007ff200b6d090 R08: 0000000000000161 R09: 0000000000000000
[  210.642338][T11516] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[  210.642350][T11516] R13: 00007ff1fffe6038 R14: 00007ff1fffe5fa0 R15: 00007ffdde86e098
[  210.642379][T11516]  </TASK>
[  210.649438][T11522] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2168'.
[  210.712661][T11527] syzkaller0: entered promiscuous mode
[  210.890005][T11527] syzkaller0: entered allmulticast mode
[  211.295194][T11561] netlink: 'syz.0.2183': attribute type 15 has an invalid length.
[  211.305365][T11561] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2183'.
[  211.331030][T11562] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2184'.
[  211.844332][T11593] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2196'.
[  212.270400][T11623] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2209'.
[  212.556195][T11638] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  213.225098][T11673] batman_adv: batadv0: Adding interface: dummy0
[  213.233227][T11673] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  213.289574][T11673] batman_adv: batadv0: Interface activated: dummy0
[  213.360704][T11679] batadv0: mtu less than device minimum
[  213.367355][T11679] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  213.379313][T11679] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  213.391573][T11679] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  213.403403][T11679] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  213.415167][T11679] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  213.427054][T11679] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  213.438850][T11679] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  213.450641][T11679] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  213.462394][T11679] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  213.510785][T11686] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2233'.
[  213.576453][T11690] FAULT_INJECTION: forcing a failure.
[  213.576453][T11690] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  213.590047][T11690] CPU: 0 UID: 0 PID: 11690 Comm: syz.2.2235 Not tainted syzkaller #0 PREEMPT(full) 
[  213.590073][T11690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  213.590084][T11690] Call Trace:
[  213.590091][T11690]  <TASK>
[  213.590099][T11690]  dump_stack_lvl+0xe8/0x150
[  213.590126][T11690]  should_fail_ex+0x414/0x560
[  213.590156][T11690]  _copy_from_user+0x2d/0xb0
[  213.590178][T11690]  ___sys_sendmsg+0x158/0x2a0
[  213.590201][T11690]  ? __pfx____sys_sendmsg+0x10/0x10
[  213.590253][T11690]  ? __fget_files+0x2a/0x420
[  213.590273][T11690]  ? __fget_files+0x3a0/0x420
[  213.590303][T11690]  __x64_sys_sendmsg+0x19b/0x260
[  213.590330][T11690]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  213.590356][T11690]  ? __pfx_ksys_write+0x10/0x10
[  213.590382][T11690]  do_syscall_64+0xec/0xf80
[  213.590401][T11690]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.590416][T11690]  ? trace_irq_disable+0x37/0x100
[  213.590435][T11690]  ? clear_bhb_loop+0x60/0xb0
[  213.590456][T11690]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.590473][T11690] RIP: 0033:0x7f0f7c58f749
[  213.590489][T11690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  213.590505][T11690] RSP: 002b:00007f0f7d40d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  213.590524][T11690] RAX: ffffffffffffffda RBX: 00007f0f7c7e5fa0 RCX: 00007f0f7c58f749
[  213.590538][T11690] RDX: 0000000020000800 RSI: 0000200000000200 RDI: 0000000000000003
[  213.590550][T11690] RBP: 00007f0f7d40d090 R08: 0000000000000000 R09: 0000000000000000
[  213.590561][T11690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  213.590572][T11690] R13: 00007f0f7c7e6038 R14: 00007f0f7c7e5fa0 R15: 00007ffd246eeeb8
[  213.590602][T11690]  </TASK>
[  213.921213][T11701] FAULT_INJECTION: forcing a failure.
[  213.921213][T11701] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  213.938195][T11701] CPU: 0 UID: 0 PID: 11701 Comm: syz.4.2240 Not tainted syzkaller #0 PREEMPT(full) 
[  213.938223][T11701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  213.938234][T11701] Call Trace:
[  213.938242][T11701]  <TASK>
[  213.938250][T11701]  dump_stack_lvl+0xe8/0x150
[  213.938276][T11701]  should_fail_ex+0x414/0x560
[  213.938307][T11701]  _copy_from_user+0x2d/0xb0
[  213.938331][T11701]  __sys_bpf+0x1e3/0x860
[  213.938357][T11701]  ? __pfx___sys_bpf+0x10/0x10
[  213.938395][T11701]  ? ksys_write+0x22a/0x250
[  213.938414][T11701]  ? __pfx_ksys_write+0x10/0x10
[  213.938437][T11701]  __x64_sys_bpf+0x7c/0x90
[  213.938459][T11701]  do_syscall_64+0xec/0xf80
[  213.938478][T11701]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.938494][T11701]  ? trace_irq_disable+0x37/0x100
[  213.938515][T11701]  ? clear_bhb_loop+0x60/0xb0
[  213.938535][T11701]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.938552][T11701] RIP: 0033:0x7fbfdeb8f749
[  213.938569][T11701] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  213.938584][T11701] RSP: 002b:00007fbfdcdf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  213.938605][T11701] RAX: ffffffffffffffda RBX: 00007fbfdede5fa0 RCX: 00007fbfdeb8f749
[  213.938618][T11701] RDX: 0000000000000050 RSI: 00002000000002c0 RDI: 000000000000000a
[  213.938630][T11701] RBP: 00007fbfdcdf6090 R08: 0000000000000000 R09: 0000000000000000
[  213.938641][T11701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  213.938652][T11701] R13: 00007fbfdede6038 R14: 00007fbfdede5fa0 R15: 00007ffdd03a3f28
[  213.938683][T11701]  </TASK>
[  214.269831][T11710] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.394489][T11710] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.494063][T11710] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.516653][T11723] netlink: 104 bytes leftover after parsing attributes in process `syz.2.2249'.
[  214.621754][T11710] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  214.759574][ T1095] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  214.799513][ T1095] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  214.854517][ T1095] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  214.863307][T11738] can: request_module (can-proto-0) failed.
[  214.888590][T11744] FAULT_INJECTION: forcing a failure.
[  214.888590][T11744] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  214.900933][   T36] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  214.913113][T11744] CPU: 0 UID: 0 PID: 11744 Comm: syz.4.2257 Not tainted syzkaller #0 PREEMPT(full) 
[  214.913146][T11744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  214.913157][T11744] Call Trace:
[  214.913164][T11744]  <TASK>
[  214.913172][T11744]  dump_stack_lvl+0xe8/0x150
[  214.913198][T11744]  should_fail_ex+0x414/0x560
[  214.913227][T11744]  _copy_from_user+0x2d/0xb0
[  214.913248][T11744]  ___sys_sendmsg+0x158/0x2a0
[  214.913271][T11744]  ? __pfx____sys_sendmsg+0x10/0x10
[  214.913322][T11744]  ? __fget_files+0x2a/0x420
[  214.913342][T11744]  ? __fget_files+0x3a0/0x420
[  214.913371][T11744]  __x64_sys_sendmsg+0x19b/0x260
[  214.913394][T11744]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  214.913421][T11744]  ? __pfx_ksys_write+0x10/0x10
[  214.913446][T11744]  do_syscall_64+0xec/0xf80
[  214.913466][T11744]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.913482][T11744]  ? trace_irq_disable+0x37/0x100
[  214.913502][T11744]  ? clear_bhb_loop+0x60/0xb0
[  214.913521][T11744]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.913537][T11744] RIP: 0033:0x7fbfdeb8f749
[  214.913552][T11744] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  214.913566][T11744] RSP: 002b:00007fbfdcdf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  214.913585][T11744] RAX: ffffffffffffffda RBX: 00007fbfdede5fa0 RCX: 00007fbfdeb8f749
[  214.913598][T11744] RDX: 0000000000040882 RSI: 0000200000000140 RDI: 0000000000000004
[  214.913610][T11744] RBP: 00007fbfdcdf6090 R08: 0000000000000000 R09: 0000000000000000
[  214.913621][T11744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  214.913631][T11744] R13: 00007fbfdede6038 R14: 00007fbfdede5fa0 R15: 00007ffdd03a3f28
[  214.913658][T11744]  </TASK>
[  215.227767][T11755] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2262'.
[  215.266489][T11753] sctp: [Deprecated]: syz.2.2263 (pid 11753) Use of struct sctp_assoc_value in delayed_ack socket option.
[  215.266489][T11753] Use struct sctp_sack_info instead
[  215.286052][T11753] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2263'.
[  215.368004][T11765] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.2268'.
[  215.463163][T11769] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  215.591484][T11769] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  215.657018][T11769] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  215.719429][T11785] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2277'.
[  215.738956][T11769] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  215.889206][ T6392] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  215.912026][T11802] FAULT_INJECTION: forcing a failure.
[  215.912026][T11802] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  215.928027][ T2962] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  215.937119][T11802] CPU: 1 UID: 0 PID: 11802 Comm: syz.0.2282 Not tainted syzkaller #0 PREEMPT(full) 
[  215.937142][T11802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  215.937153][T11802] Call Trace:
[  215.937160][T11802]  <TASK>
[  215.937167][T11802]  dump_stack_lvl+0xe8/0x150
[  215.937191][T11802]  should_fail_ex+0x414/0x560
[  215.937212][T11802]  _copy_from_user+0x2d/0xb0
[  215.937226][T11802]  __sys_bpf+0x1e3/0x860
[  215.937251][T11802]  ? __pfx___sys_bpf+0x10/0x10
[  215.937271][T11802]  ? ksys_write+0x22a/0x250
[  215.937283][T11802]  ? __pfx_ksys_write+0x10/0x10
[  215.937295][T11802]  __x64_sys_bpf+0x7c/0x90
[  215.937307][T11802]  do_syscall_64+0xec/0xf80
[  215.937319][T11802]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.937328][T11802]  ? trace_irq_disable+0x37/0x100
[  215.937341][T11802]  ? clear_bhb_loop+0x60/0xb0
[  215.937352][T11802]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.937361][T11802] RIP: 0033:0x7f527f98f749
[  215.937371][T11802] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  215.937380][T11802] RSP: 002b:00007f52807e0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  215.937392][T11802] RAX: ffffffffffffffda RBX: 00007f527fbe5fa0 RCX: 00007f527f98f749
[  215.937399][T11802] RDX: 0000000000000094 RSI: 0000200000000640 RDI: 0000000000000005
[  215.937405][T11802] RBP: 00007f52807e0090 R08: 0000000000000000 R09: 0000000000000000
[  215.937411][T11802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  215.937417][T11802] R13: 00007f527fbe6038 R14: 00007f527fbe5fa0 R15: 00007ffdf8dbd2d8
[  215.937432][T11802]  </TASK>
[  216.123345][ T1095] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  216.132197][ T1095] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  216.263519][T11809] netlink: 'syz.0.2285': attribute type 11 has an invalid length.
[  216.363054][T11817] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2289'.
[  216.411265][T11820] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2290'.
[  216.669837][T11836] FAULT_INJECTION: forcing a failure.
[  216.669837][T11836] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  216.689814][T11836] CPU: 0 UID: 0 PID: 11836 Comm: syz.4.2296 Not tainted syzkaller #0 PREEMPT(full) 
[  216.689839][T11836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  216.689849][T11836] Call Trace:
[  216.689857][T11836]  <TASK>
[  216.689864][T11836]  dump_stack_lvl+0xe8/0x150
[  216.689896][T11836]  should_fail_ex+0x414/0x560
[  216.689925][T11836]  _copy_from_user+0x2d/0xb0
[  216.689946][T11836]  ___sys_sendmsg+0x158/0x2a0
[  216.689971][T11836]  ? __pfx____sys_sendmsg+0x10/0x10
[  216.690027][T11836]  ? __fget_files+0x2a/0x420
[  216.690047][T11836]  ? __fget_files+0x3a0/0x420
[  216.690077][T11836]  __x64_sys_sendmsg+0x19b/0x260
[  216.690101][T11836]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  216.690131][T11836]  ? __pfx_ksys_write+0x10/0x10
[  216.690160][T11836]  do_syscall_64+0xec/0xf80
[  216.690181][T11836]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.690197][T11836]  ? trace_irq_disable+0x37/0x100
[  216.690217][T11836]  ? clear_bhb_loop+0x60/0xb0
[  216.690238][T11836]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.690255][T11836] RIP: 0033:0x7fbfdeb8f749
[  216.690272][T11836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  216.690287][T11836] RSP: 002b:00007fbfdcdf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  216.690307][T11836] RAX: ffffffffffffffda RBX: 00007fbfdede5fa0 RCX: 00007fbfdeb8f749
[  216.690323][T11836] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  216.690333][T11836] RBP: 00007fbfdcdf6090 R08: 0000000000000000 R09: 0000000000000000
[  216.690342][T11836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  216.690351][T11836] R13: 00007fbfdede6038 R14: 00007fbfdede5fa0 R15: 00007ffdd03a3f28
[  216.690376][T11836]  </TASK>
[  216.915017][T11840] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2299'.
[  217.097340][T11851] xt_bpf: check failed: parse error
[  217.371045][T11871] FAULT_INJECTION: forcing a failure.
[  217.371045][T11871] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  217.384955][T11871] CPU: 1 UID: 0 PID: 11871 Comm: syz.4.2310 Not tainted syzkaller #0 PREEMPT(full) 
[  217.384981][T11871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  217.384991][T11871] Call Trace:
[  217.384998][T11871]  <TASK>
[  217.385005][T11871]  dump_stack_lvl+0xe8/0x150
[  217.385032][T11871]  should_fail_ex+0x414/0x560
[  217.385062][T11871]  _copy_from_user+0x2d/0xb0
[  217.385078][T11871]  ___sys_sendmsg+0x158/0x2a0
[  217.385098][T11871]  ? __pfx____sys_sendmsg+0x10/0x10
[  217.385139][T11871]  ? __fget_files+0x2a/0x420
[  217.385154][T11871]  ? __fget_files+0x3a0/0x420
[  217.385177][T11871]  __x64_sys_sendmsg+0x19b/0x260
[  217.385195][T11871]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  217.385218][T11871]  ? __pfx_ksys_write+0x10/0x10
[  217.385239][T11871]  do_syscall_64+0xec/0xf80
[  217.385255][T11871]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.385267][T11871]  ? trace_irq_disable+0x37/0x100
[  217.385284][T11871]  ? clear_bhb_loop+0x60/0xb0
[  217.385299][T11871]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.385311][T11871] RIP: 0033:0x7fbfdeb8f749
[  217.385324][T11871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  217.385336][T11871] RSP: 002b:00007fbfdcdf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  217.385352][T11871] RAX: ffffffffffffffda RBX: 00007fbfdede5fa0 RCX: 00007fbfdeb8f749
[  217.385361][T11871] RDX: 0000000000008010 RSI: 0000200000000600 RDI: 0000000000000003
[  217.385370][T11871] RBP: 00007fbfdcdf6090 R08: 0000000000000000 R09: 0000000000000000
[  217.385378][T11871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  217.385385][T11871] R13: 00007fbfdede6038 R14: 00007fbfdede5fa0 R15: 00007ffdd03a3f28
[  217.385434][T11871]  </TASK>
[  217.614725][T11873] syzkaller0: entered allmulticast mode
[  217.646791][T11872] syzkaller0: left allmulticast mode
[  217.705038][T11877] syzkaller0: entered promiscuous mode
[  217.712678][T11877] syzkaller0: entered allmulticast mode
[  217.915342][T11894] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2319'.
[  218.412041][T11904] vlan0: entered promiscuous mode
[  218.602076][T11909] Cannot find del_set index 2 as target
[  218.693175][T11915] syzkaller0: entered promiscuous mode
[  218.698700][T11915] syzkaller0: entered allmulticast mode
[  218.826747][T11922] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2328'.
[  219.469443][T11947] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2339'.
[  220.097450][T11958] FAULT_INJECTION: forcing a failure.
[  220.097450][T11958] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  220.112781][T11958] CPU: 0 UID: 0 PID: 11958 Comm: syz.1.2344 Not tainted syzkaller #0 PREEMPT(full) 
[  220.112799][T11958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  220.112806][T11958] Call Trace:
[  220.112810][T11958]  <TASK>
[  220.112816][T11958]  dump_stack_lvl+0xe8/0x150
[  220.112834][T11958]  should_fail_ex+0x414/0x560
[  220.112852][T11958]  _copy_from_user+0x2d/0xb0
[  220.112865][T11958]  __copy_msghdr+0x3c5/0x5b0
[  220.112882][T11958]  ___sys_sendmsg+0x1a5/0x2a0
[  220.112904][T11958]  ? __pfx____sys_sendmsg+0x10/0x10
[  220.112953][T11958]  ? __fget_files+0x2a/0x420
[  220.112966][T11958]  ? __fget_files+0x3a0/0x420
[  220.112982][T11958]  __x64_sys_sendmsg+0x19b/0x260
[  220.112995][T11958]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  220.113011][T11958]  ? __pfx_ksys_write+0x10/0x10
[  220.113026][T11958]  do_syscall_64+0xec/0xf80
[  220.113038][T11958]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.113047][T11958]  ? trace_irq_disable+0x37/0x100
[  220.113060][T11958]  ? clear_bhb_loop+0x60/0xb0
[  220.113071][T11958]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.113081][T11958] RIP: 0033:0x7f0ccad8f749
[  220.113091][T11958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  220.113100][T11958] RSP: 002b:00007f0ccbcb7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  220.113112][T11958] RAX: ffffffffffffffda RBX: 00007f0ccafe5fa0 RCX: 00007f0ccad8f749
[  220.113119][T11958] RDX: 0000000024000894 RSI: 0000200000000000 RDI: 0000000000000003
[  220.113125][T11958] RBP: 00007f0ccbcb7090 R08: 0000000000000000 R09: 0000000000000000
[  220.113131][T11958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  220.113137][T11958] R13: 00007f0ccafe6038 R14: 00007f0ccafe5fa0 R15: 00007fffb5f5f938
[  220.113153][T11958]  </TASK>
[  220.507166][T11973] net_ratelimit: 11 callbacks suppressed
[  220.507179][T11973] openvswitch: netlink: Unexpected mask (mask=20440, allowed=10048)
[  220.640396][T11983] FAULT_INJECTION: forcing a failure.
[  220.640396][T11983] name failslab, interval 1, probability 0, space 0, times 0
[  220.653352][T11983] CPU: 0 UID: 0 PID: 11983 Comm: syz.4.2353 Not tainted syzkaller #0 PREEMPT(full) 
[  220.653377][T11983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  220.653388][T11983] Call Trace:
[  220.653395][T11983]  <TASK>
[  220.653402][T11983]  dump_stack_lvl+0xe8/0x150
[  220.653429][T11983]  should_fail_ex+0x414/0x560
[  220.653458][T11983]  should_failslab+0xa8/0x100
[  220.653479][T11983]  kmem_cache_alloc_node_noprof+0x8c/0x720
[  220.653502][T11983]  ? __alloc_skb+0x190/0x720
[  220.653520][T11983]  ? __alloc_skb+0x1d5/0x720
[  220.653545][T11983]  ? __local_bh_enable_ip+0xd0/0x130
[  220.653565][T11983]  ? __alloc_skb+0x190/0x720
[  220.653584][T11983]  __alloc_skb+0x1d5/0x720
[  220.653599][T11983]  ? netlink_autobind+0xdb/0x300
[  220.653621][T11983]  ? netlink_autobind+0x2c2/0x300
[  220.653648][T11983]  netlink_sendmsg+0x5c6/0xb30
[  220.653679][T11983]  ? __pfx_netlink_sendmsg+0x10/0x10
[  220.653706][T11983]  ? aa_sock_msg_perm+0xf1/0x1b0
[  220.653729][T11983]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  220.653745][T11983]  ? __pfx_netlink_sendmsg+0x10/0x10
[  220.653769][T11983]  __sock_sendmsg+0x21c/0x270
[  220.653796][T11983]  ____sys_sendmsg+0x505/0x820
[  220.653823][T11983]  ? __pfx_____sys_sendmsg+0x10/0x10
[  220.653852][T11983]  ? import_iovec+0x74/0xa0
[  220.653876][T11983]  ___sys_sendmsg+0x21f/0x2a0
[  220.653899][T11983]  ? __pfx____sys_sendmsg+0x10/0x10
[  220.653954][T11983]  ? __fget_files+0x2a/0x420
[  220.653973][T11983]  ? __fget_files+0x3a0/0x420
[  220.654003][T11983]  __x64_sys_sendmsg+0x19b/0x260
[  220.654026][T11983]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  220.654056][T11983]  ? __pfx_ksys_write+0x10/0x10
[  220.654084][T11983]  do_syscall_64+0xec/0xf80
[  220.654104][T11983]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.654186][T11983]  ? trace_irq_disable+0x37/0x100
[  220.654208][T11983]  ? clear_bhb_loop+0x60/0xb0
[  220.654227][T11983]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.654242][T11983] RIP: 0033:0x7fbfdeb8f749
[  220.654258][T11983] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  220.654272][T11983] RSP: 002b:00007fbfdcdf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  220.654290][T11983] RAX: ffffffffffffffda RBX: 00007fbfdede5fa0 RCX: 00007fbfdeb8f749
[  220.654301][T11983] RDX: 0000000004000000 RSI: 0000200000000040 RDI: 0000000000000003
[  220.654312][T11983] RBP: 00007fbfdcdf6090 R08: 0000000000000000 R09: 0000000000000000
[  220.654334][T11983] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  220.654345][T11983] R13: 00007fbfdede6038 R14: 00007fbfdede5fa0 R15: 00007ffdd03a3f28
[  220.654376][T11983]  </TASK>
[  221.343718][ T5840] Bluetooth: hci4: command 0x0405 tx timeout
[  221.743730][T12014] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2366'.
[  222.166594][T12037] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.195770][T12041] FAULT_INJECTION: forcing a failure.
[  222.195770][T12041] name failslab, interval 1, probability 0, space 0, times 0
[  222.211440][T12041] CPU: 1 UID: 0 PID: 12041 Comm: syz.4.2378 Not tainted syzkaller #0 PREEMPT(full) 
[  222.211467][T12041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  222.211478][T12041] Call Trace:
[  222.211485][T12041]  <TASK>
[  222.211493][T12041]  dump_stack_lvl+0xe8/0x150
[  222.211521][T12041]  should_fail_ex+0x414/0x560
[  222.211551][T12041]  should_failslab+0xa8/0x100
[  222.211573][T12041]  kmem_cache_alloc_node_noprof+0x8c/0x720
[  222.211597][T12041]  ? __alloc_skb+0x190/0x720
[  222.211615][T12041]  ? __alloc_skb+0x1d5/0x720
[  222.211630][T12041]  ? __local_bh_enable_ip+0xd0/0x130
[  222.211649][T12041]  ? __alloc_skb+0x190/0x720
[  222.211668][T12041]  __alloc_skb+0x1d5/0x720
[  222.211685][T12041]  ? netlink_autobind+0xdb/0x300
[  222.211706][T12041]  ? netlink_autobind+0x2c2/0x300
[  222.211732][T12041]  netlink_sendmsg+0x5c6/0xb30
[  222.211764][T12041]  ? __pfx_netlink_sendmsg+0x10/0x10
[  222.211789][T12041]  ? aa_sock_msg_perm+0xf1/0x1b0
[  222.211812][T12041]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  222.211828][T12041]  ? __pfx_netlink_sendmsg+0x10/0x10
[  222.211852][T12041]  __sock_sendmsg+0x21c/0x270
[  222.211879][T12041]  ____sys_sendmsg+0x505/0x820
[  222.211905][T12041]  ? __pfx_____sys_sendmsg+0x10/0x10
[  222.211934][T12041]  ? import_iovec+0x74/0xa0
[  222.211957][T12041]  ___sys_sendmsg+0x21f/0x2a0
[  222.211981][T12041]  ? __pfx____sys_sendmsg+0x10/0x10
[  222.212034][T12041]  ? __fget_files+0x2a/0x420
[  222.212061][T12041]  ? __fget_files+0x3a0/0x420
[  222.212090][T12041]  __x64_sys_sendmsg+0x19b/0x260
[  222.212113][T12041]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  222.212143][T12041]  ? __pfx_ksys_write+0x10/0x10
[  222.212171][T12041]  do_syscall_64+0xec/0xf80
[  222.212192][T12041]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.212207][T12041]  ? trace_irq_disable+0x37/0x100
[  222.212228][T12041]  ? clear_bhb_loop+0x60/0xb0
[  222.212248][T12041]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.212265][T12041] RIP: 0033:0x7fbfdeb8f749
[  222.212281][T12041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  222.212295][T12041] RSP: 002b:00007fbfdcdf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  222.212319][T12041] RAX: ffffffffffffffda RBX: 00007fbfdede5fa0 RCX: 00007fbfdeb8f749
[  222.212332][T12041] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  222.212344][T12041] RBP: 00007fbfdcdf6090 R08: 0000000000000000 R09: 0000000000000000
[  222.212355][T12041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  222.212366][T12041] R13: 00007fbfdede6038 R14: 00007fbfdede5fa0 R15: 00007ffdd03a3f28
[  222.212395][T12041]  </TASK>
[  222.484984][T12037] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.537037][T12049] FAULT_INJECTION: forcing a failure.
[  222.537037][T12049] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  222.550971][T12049] CPU: 0 UID: 0 PID: 12049 Comm: syz.1.2381 Not tainted syzkaller #0 PREEMPT(full) 
[  222.550995][T12049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  222.551005][T12049] Call Trace:
[  222.551012][T12049]  <TASK>
[  222.551019][T12049]  dump_stack_lvl+0xe8/0x150
[  222.551046][T12049]  should_fail_ex+0x414/0x560
[  222.551076][T12049]  _copy_to_user+0x31/0xb0
[  222.551106][T12049]  simple_read_from_buffer+0xe1/0x170
[  222.551132][T12049]  proc_fail_nth_read+0x1b3/0x220
[  222.551154][T12049]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  222.551176][T12049]  ? rw_verify_area+0x2a6/0x4d0
[  222.551200][T12049]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  222.551220][T12049]  vfs_read+0x200/0xa30
[  222.551235][T12049]  ? fdget_pos+0x247/0x320
[  222.551259][T12049]  ? __pfx___mutex_lock+0x10/0x10
[  222.551280][T12049]  ? __pfx_vfs_read+0x10/0x10
[  222.551298][T12049]  ? __fget_files+0x2a/0x420
[  222.551322][T12049]  ? __fget_files+0x3a0/0x420
[  222.551339][T12049]  ? __fget_files+0x2a/0x420
[  222.551367][T12049]  ksys_read+0x145/0x250
[  222.551386][T12049]  ? __pfx_ksys_read+0x10/0x10
[  222.551413][T12049]  do_syscall_64+0xec/0xf80
[  222.551433][T12049]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.551448][T12049]  ? trace_irq_disable+0x37/0x100
[  222.551467][T12049]  ? clear_bhb_loop+0x60/0xb0
[  222.551488][T12049]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.551504][T12049] RIP: 0033:0x7f0ccad8e15c
[  222.551521][T12049] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  222.551536][T12049] RSP: 002b:00007f0ccbcb7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  222.551553][T12049] RAX: ffffffffffffffda RBX: 00007f0ccafe5fa0 RCX: 00007f0ccad8e15c
[  222.551566][T12049] RDX: 000000000000000f RSI: 00007f0ccbcb70a0 RDI: 0000000000000005
[  222.551578][T12049] RBP: 00007f0ccbcb7090 R08: 0000000000000000 R09: 0000000000000000
[  222.551588][T12049] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[  222.551597][T12049] R13: 00007f0ccafe6038 R14: 00007f0ccafe5fa0 R15: 00007fffb5f5f938
[  222.551625][T12049]  </TASK>
[  222.558722][T12037] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.845342][T12037] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.906900][T12061] netlink: 'syz.1.2385': attribute type 1 has an invalid length.
[  222.948661][T12061] bond1: entered promiscuous mode
[  222.954381][T12061] bond1: entered allmulticast mode
[  222.967104][T12065] bond1: (slave ip6gretap1): making interface the new active one
[  222.989407][T12065] ip6gretap1: entered promiscuous mode
[  222.995859][T12065] ip6gretap1: entered allmulticast mode
[  223.002592][T12065] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  223.024457][ T2036] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  223.046230][T12061] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2385'.
[  223.060182][ T2036] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  223.074324][T12061] bond1: left promiscuous mode
[  223.079247][T12061] ip6gretap1: left promiscuous mode
[  223.084844][T12061] bond1: left allmulticast mode
[  223.092251][T12061] ip6gretap1: left allmulticast mode
[  223.098120][T12061] 8021q: adding VLAN 0 to HW filter on device bond1
[  223.131483][   T49] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  223.153863][ T2036] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  223.259571][T12079] FAULT_INJECTION: forcing a failure.
[  223.259571][T12079] name failslab, interval 1, probability 0, space 0, times 0
[  223.273293][T12079] CPU: 1 UID: 0 PID: 12079 Comm: syz.4.2392 Not tainted syzkaller #0 PREEMPT(full) 
[  223.273318][T12079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  223.273328][T12079] Call Trace:
[  223.273334][T12079]  <TASK>
[  223.273341][T12079]  dump_stack_lvl+0xe8/0x150
[  223.273367][T12079]  should_fail_ex+0x414/0x560
[  223.273396][T12079]  should_failslab+0xa8/0x100
[  223.273418][T12079]  __kmalloc_cache_noprof+0x84/0x700
[  223.273436][T12079]  ? tcp_sendmsg_fastopen+0x1de/0x5e0
[  223.273463][T12079]  tcp_sendmsg_fastopen+0x1de/0x5e0
[  223.273491][T12079]  tcp_sendmsg_locked+0x4c35/0x53a0
[  223.273519][T12079]  ? __lock_acquire+0x6b6/0x2cf0
[  223.273540][T12079]  ? __lock_acquire+0x6b6/0x2cf0
[  223.273563][T12079]  ? __lock_acquire+0x6b6/0x2cf0
[  223.273609][T12079]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  223.273644][T12079]  ? __local_bh_enable_ip+0xd0/0x130
[  223.273667][T12079]  tcp_sendmsg+0x2f/0x50
[  223.273690][T12079]  __sock_sendmsg+0x19c/0x270
[  223.273717][T12079]  ____sys_sendmsg+0x505/0x820
[  223.273743][T12079]  ? __pfx_____sys_sendmsg+0x10/0x10
[  223.273773][T12079]  ? import_iovec+0x74/0xa0
[  223.273797][T12079]  ___sys_sendmsg+0x21f/0x2a0
[  223.273820][T12079]  ? __pfx____sys_sendmsg+0x10/0x10
[  223.273876][T12079]  ? __fget_files+0x2a/0x420
[  223.273896][T12079]  ? __fget_files+0x3a0/0x420
[  223.273926][T12079]  __x64_sys_sendmsg+0x19b/0x260
[  223.273949][T12079]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  223.273979][T12079]  ? __pfx_ksys_write+0x10/0x10
[  223.274008][T12079]  do_syscall_64+0xec/0xf80
[  223.274028][T12079]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.274045][T12079]  ? trace_irq_disable+0x37/0x100
[  223.274065][T12079]  ? clear_bhb_loop+0x60/0xb0
[  223.274087][T12079]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.274103][T12079] RIP: 0033:0x7fbfdeb8f749
[  223.274119][T12079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  223.274135][T12079] RSP: 002b:00007fbfdcdf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  223.274154][T12079] RAX: ffffffffffffffda RBX: 00007fbfdede5fa0 RCX: 00007fbfdeb8f749
[  223.274167][T12079] RDX: e07e872420dfefca RSI: 0000200000000780 RDI: 0000000000000003
[  223.274180][T12079] RBP: 00007fbfdcdf6090 R08: 0000000000000000 R09: 0000000000000000
[  223.274199][T12079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  223.274209][T12079] R13: 00007fbfdede6038 R14: 00007fbfdede5fa0 R15: 00007ffdd03a3f28
[  223.274241][T12079]  </TASK>
[  223.630856][T12087] netlink: 212408 bytes leftover after parsing attributes in process `syz.4.2395'.
[  224.169536][T12114] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2406'.
[  224.178779][T12114] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2406'.
[  224.185418][T12116] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2407'.
[  224.198628][T12116] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2407'.
[  224.253768][T12116] RDS: rds_bind could not find a transport for 4004:0:20:0:c002:0:20:0, load rds_tcp or rds_rdma?
[  224.431488][T12131] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2413'.
[  224.440635][T12131] netlink: 27 bytes leftover after parsing attributes in process `syz.1.2413'.
[  224.449577][T12131] netlink: 'syz.1.2413': attribute type 6 has an invalid length.
[  224.458399][T12131] netlink: 'syz.1.2413': attribute type 5 has an invalid length.
[  224.466174][T12131] netlink: 27 bytes leftover after parsing attributes in process `syz.1.2413'.
[  224.584365][T12135] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2415'.
[  224.750270][T12145] FAULT_INJECTION: forcing a failure.
[  224.750270][T12145] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  224.763768][T12145] CPU: 1 UID: 0 PID: 12145 Comm: syz.1.2420 Not tainted syzkaller #0 PREEMPT(full) 
[  224.763800][T12145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  224.763811][T12145] Call Trace:
[  224.763819][T12145]  <TASK>
[  224.763827][T12145]  dump_stack_lvl+0xe8/0x150
[  224.763857][T12145]  should_fail_ex+0x414/0x560
[  224.763888][T12145]  _copy_from_user+0x2d/0xb0
[  224.763911][T12145]  __sys_bpf+0x1e3/0x860
[  224.763937][T12145]  ? __pfx___sys_bpf+0x10/0x10
[  224.763981][T12145]  ? ksys_write+0x22a/0x250
[  224.764001][T12145]  ? __pfx_ksys_write+0x10/0x10
[  224.764024][T12145]  __x64_sys_bpf+0x7c/0x90
[  224.764046][T12145]  do_syscall_64+0xec/0xf80
[  224.764067][T12145]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.764083][T12145]  ? trace_irq_disable+0x37/0x100
[  224.764104][T12145]  ? clear_bhb_loop+0x60/0xb0
[  224.764126][T12145]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.764143][T12145] RIP: 0033:0x7f0ccad8f749
[  224.764160][T12145] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  224.764175][T12145] RSP: 002b:00007f0ccbcb7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  224.764194][T12145] RAX: ffffffffffffffda RBX: 00007f0ccafe5fa0 RCX: 00007f0ccad8f749
[  224.764207][T12145] RDX: 0000000000000050 RSI: 00002000000002c0 RDI: 000000000000000a
[  224.764219][T12145] RBP: 00007f0ccbcb7090 R08: 0000000000000000 R09: 0000000000000000
[  224.764230][T12145] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  224.764241][T12145] R13: 00007f0ccafe6038 R14: 00007f0ccafe5fa0 R15: 00007fffb5f5f938
[  224.764270][T12145]  </TASK>
[  225.167116][T12164] FAULT_INJECTION: forcing a failure.
[  225.167116][T12164] name failslab, interval 1, probability 0, space 0, times 0
[  225.209418][T12164] CPU: 0 UID: 0 PID: 12164 Comm: syz.2.2427 Not tainted syzkaller #0 PREEMPT(full) 
[  225.209445][T12164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  225.209456][T12164] Call Trace:
[  225.209463][T12164]  <TASK>
[  225.209471][T12164]  dump_stack_lvl+0xe8/0x150
[  225.209497][T12164]  should_fail_ex+0x414/0x560
[  225.209528][T12164]  should_failslab+0xa8/0x100
[  225.209550][T12164]  kmem_cache_alloc_node_noprof+0x8c/0x720
[  225.209575][T12164]  ? __alloc_skb+0x190/0x720
[  225.209593][T12164]  ? __alloc_skb+0x1d5/0x720
[  225.209609][T12164]  ? __local_bh_enable_ip+0xd0/0x130
[  225.209629][T12164]  ? __alloc_skb+0x190/0x720
[  225.209648][T12164]  __alloc_skb+0x1d5/0x720
[  225.209666][T12164]  ? netlink_autobind+0xdb/0x300
[  225.209688][T12164]  ? netlink_autobind+0x2c2/0x300
[  225.209715][T12164]  netlink_sendmsg+0x5c6/0xb30
[  225.209757][T12164]  ? __pfx_netlink_sendmsg+0x10/0x10
[  225.209783][T12164]  ? aa_sock_msg_perm+0xf1/0x1b0
[  225.209807][T12164]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  225.209822][T12164]  ? __pfx_netlink_sendmsg+0x10/0x10
[  225.209846][T12164]  __sock_sendmsg+0x21c/0x270
[  225.209874][T12164]  ____sys_sendmsg+0x505/0x820
[  225.209901][T12164]  ? __pfx_____sys_sendmsg+0x10/0x10
[  225.209931][T12164]  ? import_iovec+0x74/0xa0
[  225.209956][T12164]  ___sys_sendmsg+0x21f/0x2a0
[  225.209978][T12164]  ? __pfx____sys_sendmsg+0x10/0x10
[  225.210035][T12164]  ? __fget_files+0x2a/0x420
[  225.210054][T12164]  ? __fget_files+0x3a0/0x420
[  225.210084][T12164]  __x64_sys_sendmsg+0x19b/0x260
[  225.210108][T12164]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  225.210138][T12164]  ? __pfx_ksys_write+0x10/0x10
[  225.210167][T12164]  do_syscall_64+0xec/0xf80
[  225.210186][T12164]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.210203][T12164]  ? trace_irq_disable+0x37/0x100
[  225.210223][T12164]  ? clear_bhb_loop+0x60/0xb0
[  225.210244][T12164]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.210261][T12164] RIP: 0033:0x7f0f7c58f749
[  225.210277][T12164] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  225.210292][T12164] RSP: 002b:00007f0f7d40d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  225.210312][T12164] RAX: ffffffffffffffda RBX: 00007f0f7c7e5fa0 RCX: 00007f0f7c58f749
[  225.210327][T12164] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000005
[  225.210337][T12164] RBP: 00007f0f7d40d090 R08: 0000000000000000 R09: 0000000000000000
[  225.210346][T12164] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  225.210355][T12164] R13: 00007f0f7c7e6038 R14: 00007f0f7c7e5fa0 R15: 00007ffd246eeeb8
[  225.210380][T12164]  </TASK>
[  225.603145][T12180] netlink: 'syz.4.2433': attribute type 10 has an invalid length.
[  225.622479][T12177] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2431'.
[  225.781481][T12188] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  226.161799][T12212] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2447'.
[  226.188136][T12214] netlink: 'syz.4.2448': attribute type 1 has an invalid length.
[  226.211627][T12217] FAULT_INJECTION: forcing a failure.
[  226.211627][T12217] name failslab, interval 1, probability 0, space 0, times 0
[  226.224492][T12217] CPU: 1 UID: 0 PID: 12217 Comm: syz.2.2449 Not tainted syzkaller #0 PREEMPT(full) 
[  226.224517][T12217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  226.224527][T12217] Call Trace:
[  226.224535][T12217]  <TASK>
[  226.224542][T12217]  dump_stack_lvl+0xe8/0x150
[  226.224567][T12217]  should_fail_ex+0x414/0x560
[  226.224594][T12217]  should_failslab+0xa8/0x100
[  226.224622][T12217]  kmem_cache_alloc_node_noprof+0x8c/0x720
[  226.224645][T12217]  ? __alloc_skb+0x190/0x720
[  226.224663][T12217]  ? __alloc_skb+0x1d5/0x720
[  226.224678][T12217]  ? __local_bh_enable_ip+0xd0/0x130
[  226.224696][T12217]  ? __alloc_skb+0x190/0x720
[  226.224715][T12217]  __alloc_skb+0x1d5/0x720
[  226.224731][T12217]  ? netlink_autobind+0xdb/0x300
[  226.224752][T12217]  ? netlink_autobind+0x2c2/0x300
[  226.224779][T12217]  netlink_sendmsg+0x5c6/0xb30
[  226.224807][T12217]  ? __pfx_netlink_sendmsg+0x10/0x10
[  226.224832][T12217]  ? aa_sock_msg_perm+0xf1/0x1b0
[  226.224854][T12217]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  226.224869][T12217]  ? __pfx_netlink_sendmsg+0x10/0x10
[  226.224892][T12217]  __sock_sendmsg+0x21c/0x270
[  226.224917][T12217]  ____sys_sendmsg+0x505/0x820
[  226.224943][T12217]  ? __pfx_____sys_sendmsg+0x10/0x10
[  226.224972][T12217]  ? import_iovec+0x74/0xa0
[  226.224995][T12217]  ___sys_sendmsg+0x21f/0x2a0
[  226.225017][T12217]  ? __pfx____sys_sendmsg+0x10/0x10
[  226.225069][T12217]  ? __fget_files+0x2a/0x420
[  226.225088][T12217]  ? __fget_files+0x3a0/0x420
[  226.225115][T12217]  __x64_sys_sendmsg+0x19b/0x260
[  226.225138][T12217]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  226.225165][T12217]  ? rcu_is_watching+0x15/0xb0
[  226.225192][T12217]  do_syscall_64+0xec/0xf80
[  226.225211][T12217]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.225227][T12217]  ? trace_irq_disable+0x37/0x100
[  226.225248][T12217]  ? clear_bhb_loop+0x60/0xb0
[  226.225268][T12217]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.225284][T12217] RIP: 0033:0x7f0f7c58f749
[  226.225300][T12217] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  226.225315][T12217] RSP: 002b:00007f0f7d40d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  226.225334][T12217] RAX: ffffffffffffffda RBX: 00007f0f7c7e5fa0 RCX: 00007f0f7c58f749
[  226.225348][T12217] RDX: 0000000020000800 RSI: 0000200000000200 RDI: 0000000000000003
[  226.225359][T12217] RBP: 00007f0f7d40d090 R08: 0000000000000000 R09: 0000000000000000
[  226.225369][T12217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  226.225379][T12217] R13: 00007f0f7c7e6038 R14: 00007f0f7c7e5fa0 R15: 00007ffd246eeeb8
[  226.225407][T12217]  </TASK>
[  226.638807][ T5840] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  226.659073][ T5840] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  226.668368][ T5840] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  226.677776][ T5840] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  226.685824][ T5840] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  226.861430][T12230] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.904427][T12236] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  226.959382][T12240] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  226.977920][T12230] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.036713][T12245] FAULT_INJECTION: forcing a failure.
[  227.036713][T12245] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  227.050193][T12245] CPU: 1 UID: 0 PID: 12245 Comm: syz.1.2460 Not tainted syzkaller #0 PREEMPT(full) 
[  227.050218][T12245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  227.050229][T12245] Call Trace:
[  227.050237][T12245]  <TASK>
[  227.050244][T12245]  dump_stack_lvl+0xe8/0x150
[  227.050271][T12245]  should_fail_ex+0x414/0x560
[  227.050301][T12245]  _copy_from_user+0x2d/0xb0
[  227.050327][T12245]  __sys_bpf+0x1e3/0x860
[  227.050351][T12245]  ? __pfx___sys_bpf+0x10/0x10
[  227.050385][T12245]  ? ksys_write+0x22a/0x250
[  227.050405][T12245]  ? __pfx_ksys_write+0x10/0x10
[  227.050429][T12245]  __x64_sys_bpf+0x7c/0x90
[  227.050450][T12245]  do_syscall_64+0xec/0xf80
[  227.050470][T12245]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  227.050486][T12245]  ? trace_irq_disable+0x37/0x100
[  227.050507][T12245]  ? clear_bhb_loop+0x60/0xb0
[  227.050527][T12245]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  227.050544][T12245] RIP: 0033:0x7f0ccad8f749
[  227.050560][T12245] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  227.050574][T12245] RSP: 002b:00007f0ccbcb7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  227.050592][T12245] RAX: ffffffffffffffda RBX: 00007f0ccafe5fa0 RCX: 00007f0ccad8f749
[  227.050606][T12245] RDX: 0000000000000050 RSI: 0000200000000080 RDI: 000000000000000a
[  227.050618][T12245] RBP: 00007f0ccbcb7090 R08: 0000000000000000 R09: 0000000000000000
[  227.050630][T12245] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  227.050640][T12245] R13: 00007f0ccafe6038 R14: 00007f0ccafe5fa0 R15: 00007fffb5f5f938
[  227.050670][T12245]  </TASK>
[  227.233774][T12230] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.308300][T12221] chnl_net:caif_netlink_parms(): no params data found
[  227.362165][T12230] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.498881][T12221] bridge0: port 1(bridge_slave_0) entered blocking state
[  227.517109][T12221] bridge0: port 1(bridge_slave_0) entered disabled state
[  227.533585][T12221] bridge_slave_0: entered allmulticast mode
[  227.546684][T12221] bridge_slave_0: entered promiscuous mode
[  227.555091][T12221] bridge0: port 2(bridge_slave_1) entered blocking state
[  227.562432][T12221] bridge0: port 2(bridge_slave_1) entered disabled state
[  227.569843][T12221] bridge_slave_1: entered allmulticast mode
[  227.580026][T12221] bridge_slave_1: entered promiscuous mode
[  227.644005][T12221] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  227.658202][T12221] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  227.753318][T12221] team0: Port device team_slave_0 added
[  227.764082][T12221] team0: Port device team_slave_1 added
[  228.773498][ T5840] Bluetooth: hci5: command tx timeout
[  229.282301][T12221] batman_adv: batadv0: Adding interface: batadv_slave_0
[  229.289307][T12221] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  229.315428][T12221] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  229.373903][T12221] batman_adv: batadv0: Adding interface: batadv_slave_1
[  229.382600][T12221] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  229.446108][T12221] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  229.459458][   T13] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  229.494154][ T3528] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  229.559768][ T3528] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  229.584718][T12221] hsr_slave_0: entered promiscuous mode
[  229.592955][T12221] hsr_slave_1: entered promiscuous mode
[  229.612032][T12221] debugfs: 'hsr0' already exists in 'hsr'
[  229.628096][T12221] Cannot create hsr debugfs directory
[  229.694632][ T3528] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  229.765289][T12297] __nla_validate_parse: 5 callbacks suppressed
[  229.765309][T12297] netlink: 212408 bytes leftover after parsing attributes in process `syz.2.2472'.
[  229.999566][T12286] lec:lec_atm_close: lec0: Shut down!
[  230.098598][T12311] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  230.140096][T12313] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  230.184600][T12311] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  230.506852][T12311] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  230.581119][T12221] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  230.606357][T12221] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  230.631377][T12311] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  230.679000][T12221] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  230.702363][T12221] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  230.850735][ T5840] Bluetooth: hci5: command tx timeout
[  230.864487][T12221] 8021q: adding VLAN 0 to HW filter on device bond0
[  230.916492][T12221] 8021q: adding VLAN 0 to HW filter on device team0
[  230.927771][T12341] netlink: 'syz.1.2482': attribute type 10 has an invalid length.
[  230.944538][ T3528] bridge0: port 1(bridge_slave_0) entered blocking state
[  230.951749][ T3528] bridge0: port 1(bridge_slave_0) entered forwarding state
[  231.056342][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  231.063578][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  231.108166][T12350] bond0: option min_links: invalid value (18446744071830523904)
[  231.118168][T12350] bond0: option min_links: allowed values 0 - 2147483647
[  231.263036][T12355] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  231.322301][T12355] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  231.336555][T12359] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2488'.
[  231.429693][T12355] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  231.523790][T12355] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  231.564545][T12221] 8021q: adding VLAN 0 to HW filter on device batadv0
[  231.652975][  T462] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  231.676127][T11907] udevd[11907]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  231.689882][ T1131] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  231.727630][  T462] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  231.753975][ T1131] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  232.003299][T12221] veth0_vlan: entered promiscuous mode
[  232.011654][T12385] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2495'.
[  232.016254][T12221] veth1_vlan: entered promiscuous mode
[  232.069088][T12221] veth0_macvtap: entered promiscuous mode
[  232.081019][T12221] veth1_macvtap: entered promiscuous mode
[  232.104660][T12221] batman_adv: batadv0: Interface activated: batadv_slave_0
[  232.114755][T12388] nbd: must specify at least one socket
[  232.128358][T12221] batman_adv: batadv0: Interface activated: batadv_slave_1
[  232.151349][ T3528] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  232.168315][ T3528] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  232.178201][ T3528] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  232.187272][ T3528] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  232.283601][   T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  232.303896][   T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  232.339360][   T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  232.348022][   T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  232.927456][T12421] netlink: 212408 bytes leftover after parsing attributes in process `syz.5.2510'.
[  232.940296][ T5840] Bluetooth: hci5: command tx timeout
[  233.228358][ T6403] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  233.267516][ T6403] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  233.296218][   T13] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  233.334126][   T13] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  233.345340][ T6403] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  233.370831][ T6403] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  233.565116][T12449] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.611621][T12453] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  233.658371][T12458] netlink: 'syz.1.2524': attribute type 1 has an invalid length.
[  233.700908][ T5887] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  233.873976][T12468] FAULT_INJECTION: forcing a failure.
[  233.873976][T12468] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  233.887700][T12468] CPU: 0 UID: 0 PID: 12468 Comm: syz.2.2529 Not tainted syzkaller #0 PREEMPT(full) 
[  233.887726][T12468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  233.887738][T12468] Call Trace:
[  233.887745][T12468]  <TASK>
[  233.887754][T12468]  dump_stack_lvl+0xe8/0x150
[  233.887780][T12468]  should_fail_ex+0x414/0x560
[  233.887825][T12468]  _copy_from_user+0x2d/0xb0
[  233.887848][T12468]  __sys_bpf+0x1e3/0x860
[  233.887873][T12468]  ? __pfx___sys_bpf+0x10/0x10
[  233.887911][T12468]  ? ksys_write+0x22a/0x250
[  233.887930][T12468]  ? __pfx_ksys_write+0x10/0x10
[  233.887954][T12468]  __x64_sys_bpf+0x7c/0x90
[  233.887975][T12468]  do_syscall_64+0xec/0xf80
[  233.887995][T12468]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.888011][T12468]  ? trace_irq_disable+0x37/0x100
[  233.888031][T12468]  ? clear_bhb_loop+0x60/0xb0
[  233.888052][T12468]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.888069][T12468] RIP: 0033:0x7f0f7c58f749
[  233.888085][T12468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  233.888101][T12468] RSP: 002b:00007f0f7d40d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  233.888121][T12468] RAX: ffffffffffffffda RBX: 00007f0f7c7e5fa0 RCX: 00007f0f7c58f749
[  233.888134][T12468] RDX: 0000000000000048 RSI: 0000200000000080 RDI: 000000000000000a
[  233.888145][T12468] RBP: 00007f0f7d40d090 R08: 0000000000000000 R09: 0000000000000000
[  233.888156][T12468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  233.888167][T12468] R13: 00007f0f7c7e6038 R14: 00007f0f7c7e5fa0 R15: 00007ffd246eeeb8
[  233.888197][T12468]  </TASK>
[  234.217225][T12449] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.592671][T12449] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.677152][T12449] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.753331][T12498] netlink: 'syz.2.2540': attribute type 10 has an invalid length.
[  234.764971][T12497] netlink: 'syz.2.2540': attribute type 10 has an invalid length.
[  234.785835][T12498] team0: Port device dummy0 added
[  234.792376][T12498] netlink: 'syz.2.2540': attribute type 10 has an invalid length.
[  234.804569][T12497] team0: Port device dummy0 removed
[  234.818040][T12497] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  234.828348][T12498] netlink: 'syz.2.2540': attribute type 10 has an invalid length.
[  234.837462][T12498] netlink: 'syz.2.2540': attribute type 10 has an invalid length.
[  234.845870][T12498] netlink: 'syz.2.2540': attribute type 10 has an invalid length.
[  234.871866][   T36] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  234.880998][T12498] netlink: 'syz.2.2540': attribute type 10 has an invalid length.
[  234.893019][T12498] netlink: 'syz.2.2540': attribute type 10 has an invalid length.
[  234.916214][   T36] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  234.947204][ T6056] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  234.985970][   T49] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  235.010556][ T5840] Bluetooth: hci5: command tx timeout
[  235.260724][ T5887] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  235.364391][T12513] netlink: 176 bytes leftover after parsing attributes in process `syz.2.2546'.
[  235.648378][ T5832] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  235.667045][ T5832] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  235.675494][ T5832] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  235.685640][ T5832] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  235.694048][ T5832] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  236.012929][T12541] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2557'.
[  236.040785][ T5840] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  236.052072][ T5840] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  236.060458][ T5840] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  236.068785][ T5840] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  236.077464][ T5840] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  236.141907][ T5887] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  236.324747][T10701] Oops: general protection fault, probably for non-canonical address 0xdffffc000000000b: 0000 [#1] SMP KASAN PTI
[  236.336708][T10701] KASAN: null-ptr-deref in range [0x0000000000000058-0x000000000000005f]
[  236.345122][T10701] CPU: 0 UID: 0 PID: 10701 Comm: kbnepd  Not tainted syzkaller #0 PREEMPT(full) 
[  236.354402][T10701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  236.364443][T10701] RIP: 0010:klist_del+0x49/0x110
[  236.369394][T10701] Code: f6 49 89 dd 49 c1 ed 03 43 80 7c 25 00 00 74 08 48 89 df e8 39 57 d6 f6 4c 8b 33 49 83 e6 fe 49 8d 7e 58 48 89 f8 48 c1 e8 03 <42> 80 3c 20 00 74 05 e8 1b 57 d6 f6 4d 8b 7e 58 4c 89 f7 e8 5f 11
[  236.388994][T10701] RSP: 0018:ffffc900055b77a8 EFLAGS: 00010202
[  236.395054][T10701] RAX: 000000000000000b RBX: ffff888056b93460 RCX: ffff888069f51e80
[  236.403015][T10701] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000058
[  236.410990][T10701] RBP: ffffc900055b78d0 R08: ffff88806bd751e3 R09: 1ffff1100d7aea3c
[  236.418967][T10701] R10: dffffc0000000000 R11: ffffed100d7aea3d R12: dffffc0000000000
[  236.426938][T10701] R13: 1ffff1100ad7268c R14: 0000000000000000 R15: ffff888069594758
[  236.434906][T10701] FS:  0000000000000000(0000) GS:ffff888125e1c000(0000) knlGS:0000000000000000
[  236.443826][T10701] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  236.450399][T10701] CR2: 000055558978f808 CR3: 000000007ec10000 CR4: 00000000003526f0
[  236.458370][T10701] Call Trace:
[  236.461645][T10701]  <TASK>
[  236.464568][T10701]  device_del+0x280/0x8e0
[  236.468895][T10701]  ? _raw_spin_unlock_irq+0x2e/0x50
[  236.474090][T10701]  ? pm_runtime_set_memalloc_noio+0x1f4/0x260
[  236.480146][T10701]  ? __pfx_device_del+0x10/0x10
[  236.484989][T10701]  ? netdev_unregister_kobject+0x344/0x450
[  236.490796][T10701]  unregister_netdevice_many_notify+0x1ddd/0x2340
[  236.497213][T10701]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  236.503978][T10701]  ? rtnl_net_dev_lock+0x36/0x2f0
[  236.509012][T10701]  ? rtnl_net_dev_lock+0x36/0x2f0
[  236.514030][T10701]  unregister_netdev+0x157/0x1f0
[  236.518976][T10701]  ? __pfx_unregister_netdev+0x10/0x10
[  236.524430][T10701]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  236.530227][T10701]  bnep_session+0x29a5/0x2bd0
[  236.534900][T10701]  ? __lock_acquire+0x6b6/0x2cf0
[  236.539836][T10701]  ? __pfx_bnep_session+0x10/0x10
[  236.544853][T10701]  ? __pfx_woken_wake_function+0x10/0x10
[  236.550481][T10701]  ? __kthread_parkme+0x7b/0x200
[  236.555409][T10701]  ? __kthread_parkme+0x1a1/0x200
[  236.560426][T10701]  kthread+0x711/0x8a0
[  236.564487][T10701]  ? __pfx_bnep_session+0x10/0x10
[  236.569513][T10701]  ? __pfx_kthread+0x10/0x10
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  236.574096][T10701]  ? _raw_spin_unlock_irq+0x23/0x50
[  236.579292][T10701]  ? __pfx_kthread+0x10/0x10
[  236.583872][T10701]  ret_from_fork+0x510/0xa50
[  236.588454][T10701]  ? __pfx_ret_from_fork+0x10/0x10
[  236.593553][T10701]  ? __switch_to+0xc9e/0x1480
[  236.598227][T10701]  ? __pfx_kthread+0x10/0x10
[  236.602845][T10701]  ret_from_fork_asm+0x1a/0x30
[  236.607636][T10701]  </TASK>
[  236.610650][T10701] Modules linked in:
[  236.616271][T10701] ---[ end trace 0000000000000000 ]---
[  236.624684][T10701] RIP: 0010:klist_del+0x49/0x110
[  236.630661][T10701] Code: f6 49 89 dd 49 c1 ed 03 43 80 7c 25 00 00 74 08 48 89 df e8 39 57 d6 f6 4c 8b 33 49 83 e6 fe 49 8d 7e 58 48 89 f8 48 c1 e8 03 <42> 80 3c 20 00 74 05 e8 1b 57 d6 f6 4d 8b 7e 58 4c 89 f7 e8 5f 11
[  236.641168][ T5894] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  236.651057][T10701] RSP: 0018:ffffc900055b77a8 EFLAGS: 00010202
[  236.659275][  T793] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  236.664696][T10701] RAX: 000000000000000b RBX: ffff888056b93460 RCX: ffff888069f51e80
[  236.681976][T10701] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000058
[  236.690006][T10701] RBP: ffffc900055b78d0 R08: ffff88806bd751e3 R09: 1ffff1100d7aea3c
[  236.699986][T10701] R10: dffffc0000000000 R11: ffffed100d7aea3d R12: dffffc0000000000
[  236.707587][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  236.709684][T10701] R13: 1ffff1100ad7268c R14: 0000000000000000 R15: ffff888069594758
[  236.725046][T10701] FS:  0000000000000000(0000) GS:ffff888125f1c000(0000) knlGS:0000000000000000
[  236.734107][T10701] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  236.741843][T10701] CR2: 00007f465d5f37b0 CR3: 000000007ec10000 CR4: 00000000003526f0
[  236.749852][T10701] Kernel panic - not syncing: Fatal exception
[  236.756271][T10701] Kernel Offset: disabled
[  236.760589][T10701] Rebooting in 86400 seconds..