last executing test programs:

4.503603294s ago: executing program 1 (id=1818):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x6, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x1}, @ldst={0x2, 0x0, 0x3}]}, &(0x7f0000000100)='GPL\x00', 0x9}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x338)
connect$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
r3 = socket(0xf, 0x5, 0xffffffff)
write(r3, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r4 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r4, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x4, &(0x7f0000000140)=ANY=[@ANYRES64=r2], &(0x7f0000000000)='GPL\x00', 0x9, 0x0, 0x0, 0x40f00}, 0x94)
bpf$OBJ_PIN_PROG(0x6, &(0x7f00000007c0)=@o_path={0x0, r6, 0x4000, r6}, 0x18)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r5, 0x84, 0x6b, &(0x7f0000000000)=[@in6={0xa, 0x4e21, 0x5, @private2, 0x9}], 0x1c)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r5, 0x84, 0x1f, &(0x7f0000000140)={0x0, @in6={{0xa, 0x4e21, 0x1641, @private2, 0xfffffff9}}, 0xfff, 0x9}, &(0x7f0000000200)=0x90)
sendmmsg$inet(r4, &(0x7f0000005240)=[{{0x0, 0x0, 0x0}, 0xfffffdef}], 0x4000095, 0x0)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r7, 0x8955, &(0x7f0000000180)={{0x2, 0x4e22, @empty}, {0x20000010304, @local}, 0x6, {0x2, 0x4e20, @rand_addr=0x64010100}})
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, 0x0)
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0xc004743e, 0x110e22fff6)
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f0000000200)={0x0, 0xffffffffffffffff, 0x5, 0x3, 0x8, 0x6})
r8 = socket(0xa, 0x1, 0x0)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r9, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f00000017c0)={0x3c, r10, 0x1, 0x70bd2c, 0x0, {}, [@NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x2}, @NBD_ATTR_SOCKETS={0x1c, 0x7, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r8}}, {0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r8}}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x55ebfcb85e78e904}, 0x4)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="2c000100", @ANYRES16=r10, @ANYBLOB="10002abd7000fedbdf25010000000c000300714b0000000000000c0008000500000000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x6000000}, 0x4004005)

4.271589889s ago: executing program 3 (id=1822):
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000200)=ANY=[@ANYBLOB="0a00001bbbbbbbbbbbbbaaaaaaaaaa2986dd6d002008001811ff204000000000000000b6850000000001ff0200000000000000000000000000014f194e200018"], 0x52)

3.506197018s ago: executing program 2 (id=1826):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x100, 0x50, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000180)={r0, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f00000002c0)='./cgroup/cgroup.procs\x00', &(0x7f0000000300)=[0x0], 0x0, 0x0, 0x20e6}}, 0x40)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d80)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021"], 0x0, 0x40, 0x0, 0x0, 0x0, 0xb4a02fe0ce239f93, '\x00', 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x59, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, r2, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r3, 0x2000000, 0xe, 0x0, &(0x7f0000000040)="630b008646dc3f0adf33c9f7b986", 0x0, 0xcf25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x80}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000004000000bfa3f300000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff1d6405000000000065040400210000000404000001e37c60b7040000000000006a0a00fe000000008500000032000000b70000000000000095000000000000000ce0de7621e5e832249c04112cf7af2b75d0d1f034b1b3fb6bd3ce8fa62c7941272ff49142d860010ab162aa2264ab67e55a00000000000000edfe0969a9ddc125b686a1e83c8790c893d713b3295dad0ea697181d1e85b64126b5d72f204754d1d4a93f24215dee354e93cfc3f50ff23f8432c72012f021c84c59a9d4c142f439d3040cfee621589fb3a2f1407c7cbed48e7026f8d52d4bca2608c79aa4a73732028f88ce07ed1075da4a2ef44e3d8b88873f0b1de87dfb6d15936ec0a27cb554def9e27396df6b7851ffa26237ea6730880f06371beb3b290b7d8629a6f0373fefa0acb60888fc14ad2b83ca03ac2aee792482ced58af4140cc4ce3efef26e00c5b2200a91cb80c6065a697d6fc8aa8b65aee0783b04cff0218ce82c9687b4474da89c474c23727555fc5e5f8ad0f2f7a261140440fce1f12cc6df312accd011d888384283092d987c40bbb46f68c2431b97906f00000000349834fa147bd5923bbd4e606708034931a8f1a89bdf77093a0000427aab8e21e1a33d3fe093547532fce6549dd648ad233e05a7b3ea178007c1c32e871ac81f287c4aabbd153390b16d1d41ee433e3aee000000000009e106d6b5289f0000000000000000000000f7bc9f46cb71f6b889d37807865e3b4e9916dd0f72c9d58ea333b90f8886dcbf5ddda0e42ca08e3303632401f2f5212b40c0e88c957fd767dbfc80b07ad668b4f6f92fb209d7c2dbac597843c8eb7bf92fe6d0bb0b72549795c2ed19e441eb69869844152ba9da0588e42cdbc5fcd245ce5e3ef0dca64931276702a312db7956f0a75eb9caa17d47a6331c7c963cbf86a845ce27c26b7136d3e7207318b1df7a6320c64f18ccd926eaeddcde8d5006d6c38db117fb1115221a66169172720ccca770bff37e59511b2606138377eda44b2f288b491ab8aae0e11a98303b0e407e0f9d21f4a3ebbd3fabf6da9a1a1f869a339fab465d8322b7280b0734fd115a19b33c8644fff71b3c62f2e1b827e2663e06a751182e968c8ab05fb1d0115d4b11d944f2c06acc023a02b7416a9a10218d21503cda13bb5df6c992e52e1c01793b728eac000058ab3b3900d279297dadc127e2f38fc60c23af2e1fefa5a83456647191ba1953d320f59aa261fe79613df6bf43884e9649691e32680d75a541c27ffe74f9d13340f2cf1c7dc2b7db01213216cd4ecfd30efe137641471987289b7e23482e026b26eacd1b97443e2ea2d1d6e31a01ee0ae7fa195a2152b2338b086423a3883f2ce3e2f84e04f4d52c985eac4b46336908599564b47db0e6aa97ee51a360f4382fd99745725d44c77d097f69d19fe86f71c38a0226d44ebe0ecbd959f14b540745cd03b8c9f02b825ba45ca85706c73115f70871db9d2a1bc2a517b39f9648123917a5db07ba4e27f961373767e1ea8f7cc558e483abef1a9923c5cfa2081e430680950b7d7c377726b557ad31fdee17ba7057741f39d29d8ab295222f96297a777bb235416e72c84afef2bdb08fb375147b028b89f15af45bc8976b91158c13c9876daa71e7db0f5a17376be39ea79ce1246c547c740e31c64e5d293e0e5a544dd166010061d6ccae46c173b8e11721e4bce22c16af00000021f80ac6c3971006db853e3c40a5417d6eac09eb0e01ac6bd4c6dacdcb1d6d2ef9c8bdea91c984022821e961236d08f8b9072ec6cb5d5a68833fd5b4e80a5ac2bc6ff323f5ce612b59ce8177956c1affcc8baf4c8b59ab959aff9a7bd81f7c7c1f1bb92ddbeed6bce8041c7f0c1c584e6ae027678ce3cfbfea938aecc3c5119c5875b7fb35dc20f5c7aaae1e276104f607a73fe501c1045873a2b1eb80e95c87f099d98028dc82bdc7ef08c871fb3061c3c5ebd613e6e5e8cf099bb6e8c0441a133c85138b36a02c47fbedf7ed1d3ce74c9ec2c676c0b2d4b5eca61dbf5769b483c2a9f6bec666dae4e81960e9bad7f17cfc3d5bcc7b7f437110ca8ffa908c12086b2227eb202a8d56e0925ba994b05c98c39de44d25932449ddf08e5377814a40877eab4440ca01b3f50d2014a61a7d32105254b424238122386424efa3a7041254f686a5faac120942287f75e8e3db569ce47b120059d774a37e11d013be50cd2cbb00f6d2a23af61ec7d30bb7dc33a92f900b6ff1d29dc61cc40b846040dbafd00c6bcfbcf700"/1664], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffffe}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=r4], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x6, 0xc, &(0x7f00000008c0)=ANY=[@ANYBLOB="1802000003ffffeb00000000000000008500000041000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x0, 0xfd6d, 0xfffffffffffffe5d, &(0x7f00000000c0)="5fd63edbfd8a4a6077fd87686f9a", 0x0, 0x700, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
r6 = socket$alg(0x26, 0x5, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x16, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000ffffffff0000000000000000180300002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000070000000850000001100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @flow_dissector=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={r7, 0x0, 0xe, 0x0, &(0x7f0000000640)="0cffffdf71c8afefeba000dee560", 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DEL(r8, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[@ANYBLOB="340000000a06010300000000000000000300000a0900090073797a300000000005000100070000000c000780080009400000b1fd"], 0x34}}, 0x40014)
bind$alg(r6, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-asm\x00'}, 0x58)
accept4(r6, 0x0, 0x0, 0x800)
r9 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r9, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r10 = socket$nl_route(0x10, 0x3, 0x0)
r11 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r11, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r11, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r11, 0x10e, 0x4, &(0x7f0000000140)=0x7, 0x4)
sendmsg$nl_route_sched(r10, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=@newtaction={0xcc, 0x30, 0xffff, 0x70bd27, 0x0, {}, [{0xb8, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x10000, 0x0, 0x0, 0x3, 0x0, {0x0, 0x2, 0x0, 0x0, 0xfffe}, {0x0, 0x0, 0x0, 0x0, 0xfffd}}}]]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}, @m_gact={0x48, 0x2, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x0, 0x0, 0x1}}]}, {0x4}, {0xc, 0x3}, {0xc}}}]}]}, 0xcc}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NFT_MSG_GETOBJ_RESET(r11, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)=ANY=[@ANYBLOB="14000000150a03"], 0x14}, 0x1, 0x0, 0x0, 0x44000}, 0x24000040)

3.276430881s ago: executing program 3 (id=1827):
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x18, 0x13, &(0x7f0000001040)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c252d00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000180100002020702500000000002020207b1ad8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000080000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x70bd2d, 0x0, {{@in6=@ipv4={'\x00', '\xff\xff', @broadcast}, @in=@private=0xa010101, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xc, 0xfffffffffffffffc, 0x3, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x407ffffffffffe, 0x800000000000002}, 0xffffffff, 0x0, 0x1, 0x0, 0x4, 0x1}, [@tmpl={0x44, 0x5, [{{@in=@private=0xa010101, 0x0, 0x32}, 0xa, @in=@local, 0x6, 0x4, 0x3}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x24008010}, 0x4000)
socket$inet6(0xa, 0x6, 0xe3)
r0 = socket$inet6(0xa, 0x3, 0x7)
setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18)
connect$inet6(r0, &(0x7f0000001940)={0xa, 0x0, 0x1000006, @private0, 0x4005}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000002200)=[{{0x0, 0xf5, 0x0}}], 0x40000000000027f, 0x0)
sendmsg$NL80211_CMD_REGISTER_BEACONS(0xffffffffffffffff, &(0x7f0000003900)={0x0, 0x0, &(0x7f00000038c0)={&(0x7f0000001500)={0x28, 0x0, 0x1, 0x70bd09, 0xa5dfdbfb, {{}, {@void, @val={0x8}, @val={0xc, 0x99, {0xb, 0x4003f}}}}}, 0x28}, 0x1, 0x0, 0x0, 0x40080a4}, 0x4000811)

3.223966637s ago: executing program 1 (id=1829):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[], 0x3c}}, 0x0)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r3, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r3, 0x0)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
r5 = accept(r3, 0x0, 0x0)
r6 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f0000002d80)=@nat={'nat\x00', 0x1b, 0x5, 0x490, 0x210, 0x0, 0xffffffff, 0x0, 0x0, 0x578, 0x578, 0xffffffff, 0x578, 0x578, 0x5, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00', [0xffffffff, 0xff, 0xffffffff], [0xffffffff, 0xff000000, 0xff, 0xff], 'batadv0\x00', 'vcan0\x00', {0x7f}, {0xff}, 0x6, 0x0, 0x7, 0x9927eb7d5669c7f1}, 0x0, 0xa8, 0xf0}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x8, @ipv4=@dev={0xac, 0x14, 0x14, 0x43}, @ipv6=@private1, @icmp_id=0x67, @gre_key=0x2}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @NETMAP={0x48, 'NETMAP\x00', 0x0, {0x13, @ipv6=@rand_addr=' \x01\x00', @ipv4=@local, @gre_key=0x9, @port=0x4e23}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x4, @ipv6=@private1, @ipv4=@broadcast, @icmp_id=0x66, @gre_key=0x3}}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, [0xff, 0xffffffff, 0xffffff00, 0xffffff00], [0xffffffff, 0xff000000, 0xff, 0xffffff00], 'vlan0\x00', 'tunl0\x00', {}, {}, 0x5e, 0x9, 0x1, 0x1}, 0x0, 0xa8, 0xf0}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x10, @ipv6=@mcast1, @ipv4=@multicast2, @port=0x4e23, @icmp_id=0x68}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4f0)
setsockopt$sock_timeval(r5, 0x1, 0x42, &(0x7f0000000300)={0x0, 0xea60}, 0x10)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0x12, 0x4, 0x4, 0xa4}, 0x50)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r7, &(0x7f0000000080), &(0x7f00000002c0)=@tcp=r5}, 0x20)
recvmsg$can_bcm(r5, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x2000)
setsockopt$SO_BINDTODEVICE_wg(r5, 0x1, 0x19, 0x0, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200), 0xffffffffffffffff)
recvfrom(r10, 0x0, 0x0, 0x110, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r10, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r12=>0x0})
sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x1c, r11, 0x701, 0x70bd2c, 0x25dfdbfc, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r12}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x20000000)
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=@newlink={0x54, 0x10, 0x403, 0x70bd2d, 0x10, {0x0, 0x0, 0x0, r12, 0xb0662}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_VLAN_PROTOCOL={0x6, 0x5, 0x88a8}, @IFLA_VLAN_EGRESS_QOS={0x10, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x81, 0x9}}]}]}}}, @IFLA_LINK={0x8, 0x5, r9}]}, 0x54}, 0x1, 0x0, 0x0, 0x2000ce01}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=@newlink={0x50, 0x10, 0xffffff1f, 0x0, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4408}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GENEVE_REMOTE6={0x14, 0x7, @loopback}]}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

2.728198348s ago: executing program 1 (id=1833):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
syz_emit_ethernet(0x3b6, &(0x7f00000003c0)={@multicast, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "12ad9a", 0x380, 0x3a, 0xff, @dev={0xfe, 0x80, '\x00', 0xa}, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x19, 0x1, '\x00'/12}, {0x18, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c41bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee96f24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000"}, {0x1f, 0xb, "17dcea46805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4610001394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f003"}, {0x21, 0x7, "000000000000000200000000000000000000000000008879e66485201a0015ca837400000000000000000000001c000000000000000000"}, {0x0, 0x14, "5e14f0e7e72d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c676d8800871a6aa54155dea2d995cb22c9924e0ad38c6967052cc7786d779b8353aac33a57d79b05613a12328f61129017fa632dbf04542188b196e213408c"}, {0x3, 0x5, "d5170000dce9674a36da018dff16e70b8ba7a514c4b7a94fe18e88605aa6be1a02a326a6bce65f"}]}}}}}}, 0x0)
r1 = socket$kcm(0x2, 0x6, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
write$tun(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="001c86dd2000100000004000000060ec97000fc83c00fe8000000000000000000000000000aaff020000000000000000000000000001"], 0xffe)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="550a0000000000006111540000000000180000000000000000"], &(0x7f0000000000)='GPL\x00'}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x18, 0x4c, &(0x7f00000003c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffb, 0x0, 0x0, 0x0, 0x9}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, 0x1}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffe}, @map_val={0x18, 0x2, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9f}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}, @jmp={0x5, 0x0, 0x6, 0x8, 0x9, 0x100, 0xffffffffffffffff}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xac9}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x274d}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9acc}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000640)='syzkaller\x00', 0x2, 0x0, 0x0, 0x40f00, 0xa, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000680)={0x2, 0xa, 0x100, 0x81}, 0x10, 0x0, 0x0, 0x8, 0x0, &(0x7f00000006c0)=[{0x2, 0x5, 0xa}, {0x4, 0x2, 0x9, 0x9}, {0x3, 0x2, 0x9, 0x2}, {0x1, 0x5, 0x10, 0x3}, {0x4, 0x2, 0xd, 0x7}, {0x0, 0x1, 0x8, 0x7}, {0x2, 0x4, 0xe, 0x8}, {0x2, 0x5, 0x5}], 0x10, 0x8001}, 0x94)

2.694994416s ago: executing program 3 (id=1834):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1400000010000100000000523e0000000000000a20000000000a01030000000000000000010000000900010073797a310000000040000000030a010200000000000000000100ffff0900030073797a320000000014000480080002400000f50008000140000000050900010073797a310000000038000000050a05000000000000000000010000050c00024000000000000000010900010073797a31000000000c000480080002"], 0xc0}, 0x1, 0x0, 0x0, 0x4040800}, 0x0)

2.401466496s ago: executing program 3 (id=1837):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0x5, &(0x7f0000000080)=@framed={{0x18, 0x2, 0x0, 0x0, 0x4d6, 0x0, 0x0, 0x0, 0x3}, [@call={0x85, 0x0, 0x0, 0x32}, @call={0x85, 0x0, 0x0, 0x11}]}, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7ffffc}, 0x94)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x80000001, '\x00', 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xa, 0x1c, &(0x7f00000105c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bc0900000000000035090100000000009500000000000000b7020000000000007b9af8ff00000000b5090b00000000007baaf0ff00000000bf8700000000000007080000fffdffffbca4000000000000a7040000f0ffffff740200001d00000018290000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7050000080000004608f0ff76000000cf4900000000000056070000000000008500000000000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x2e, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x200, 0x800, 0x6}}}}]}, 0x44}}, 0x40080)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000bc0)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000001c0)={r6, 0x0, 0xffc9, 0x0, &(0x7f0000002d40)="b3070d5b19aa16a7489474168245f80bbfa179c79d3bffb79761ab0d8e009e9b42b881f247de05b072442debf7bc0ed4b393a763a2bf3d12b851fd541f7a7169bf1fbd1640409fb8f29f118ac55c111bb188b49c7bdb0b55d9b03ef63529493d44c4617aa69a7fe28b6438a324f15e3eb21a0f5a233ee9e9071b7d746b5ee5ec93c8f26de857054995b60874a9d27726d9c069ab61a1623c8951aeaabe0e5d7538f7dbd8bd0628798f4622ee0f72d66106093500348e147e9dcee5dae63af07a6fb007e4cf9d6d6359a252aa81ec8a9caefdcb28f79094b5cab4e154a22c44bf971c039f2d566c4aec66cebca90bfe16ada4b03ffc7e90b023eec64cce3c0351597828adc485980b2aaddd930e4e424e2d0314f7fe17c3092ec5f5e54b39844e714661ac9edf447a2e3dc89f110e54528a4e22d8a86585b4601028b2bbbb4f70b7ac3b6c7129d4d0c8ce0b02c3c1f5e4128a6d315002443ac28bdb0c9d7abe3e4286ec1055688ec813b9979121e900aea3693b9c8b427bb69576362dfb258f8df59e0dbefd7034c1e887a06731e1cc25113331eab4b0d022a63107f774b4a631fa71e16e290881c25fe6af9775fd65359e2af043ec9caad726b0ce923e3c6ef9d081f967e8ef34ef0329b1c84b7bf024bda4cfda93debe4ba05de3e1728c8e22cb844c74f8d769929e6295a16bea0c50727fa33b3c10d2e53e66b20761d9fc6ef5f24b311ff8a4239f81fba4a808a08785c8cb22ac1c4a06f7b3ce232806dfb41c5aa694cf55b9872aa2c53175a76a3427dbb5c00c15ed62686a048edba6bff31ef1a84d711eddc76a4db44c880f26a79da84b9f9cfaaf909267b67a9c853ea9eb1fe586db67a98dcf37a15d5295857ee0bb4e8a4b551f2629bfc72592c0854266245b837a91f3eefbc2612ee909fa43209d02af7d3b83ec13e5dbbfe1a34a8b45ce49722a5369c3c1b8bccd5386cf57baae0d5c4a355d5a729ddce5c0be3aaafaffa497dd6b7f363b5e53f3849c7a2013e0db1ca5d2d93b0a809d1c27306883edaf11b73199275301a9d28cb3e9b267e3342fad165a13f3e44d0d53afc95f44474d5761416489612b6054c17a383a03782bf380bf347742f2845be2df988310378dad9bbf1980a4a84a5e4f10b3a28db2e7829e25640b833b0cf6675eba6601502a7ae3177860dac93726ad9adabc6d98ce30a4cb01ce01b6309982898b617f20c55510253405d93e70fbc4c9ded36bacff16e49d9f70d852c41cec96d6e4f6c44167ed6990d04e63f15fd934e6120f9189fd04e8ff4554fe23751dea387ab1ef5b0973d9510c4cbb1fe89f80d7875c16b2ff9a746f8e2b4e9dc5594712c511dea6bf63c4d9fd7114092ffdcfc16dde14359b2fda592214ad728b4e19132970be209ed98dda93c1c3abe8cffef35679b61e9ac56802bbce8509a047415a1badd9c4a359b6971d73d994e5825115fffd6f389144fdec3bb012f9f392fee8310a847192dc6ff4247a6ba44ca75ed0bc40b50767407a7d6420018b2bd1dc9ed66e11fe5c7b768ff7aae6d1ae62516a0ad980f366b6f3ea5d9e407b3e88869749b15fe400509d70256d82b2d5428b2912e648ebe7022d6f3bfc8d0c9423cba893efc65394e63a56269b7a17f69294000b0bd27902730356f238b868803b7ff4da31013ad66e22c5c7afa1b370fd2d10e0175a3bfba66d88e29fb371998424be80737bfb38db011efc5d63f0fa17efcd90a5cd2d310ab8e4ff2631dc2fc2be5404d4026fb916c1cd481dd70ea1755813574a0ec1d01b1411c7a7a69f6ac972487f9b470090c419d1c57d8641d6f4cd10b1d55ce621ed8e14f28f11b579a6408bbff9fc13cf6fb07c22770e65ed772e790844ea608e38ae48302efb09c173d8c653aaf0c6be98d9a2d166c9d318dfbb8f06b9a241ac72d68a82dbf7f3255e2cb0af5227d854a71b7d4c89fe943db9c0c19ac1dd5264bf8515b217f1de94b5da0f3a4a73f587a71bad13e447eb5ca4d76d3645d749f2ba4b46da62a7717e544cfb025b364c5d19ec6330bc6fdf161a153c61720031dfa170f0c77de03b36fa898e8f00dcb04c21db7362200fae366363f82a2d7292e0d67b72f64e227fdd91edd3c455e7341a9a9b8832631891b563a8d064955d0074a216062147414c2c8badd2c547a51734a96c215d82c68f3eeba0f9a4954e479a0534a8fd131a4b9b1d069322907c1b49e5c68b86079841b34867ae69d42f9843a9c9d290d0ea9ab4068a58e9c76588391b12420af3d9e3d8bf672f3f0ac88a8c269a9570576f6a1a5a39d63cdf7e459a620af3fe5b6fdc7576732bae1f8ab81d5294562d5e82f1273ba1f2cc1f336f2ed3b4a9901dbb3e86f3859750ef51db3601247fcd157072bc3843aedb474433c4694942f1c13356d4cfbf56d5834f9c0250044a017137ae689db25feec05600827c11955e492fb67dc2239b75d7ecc3b279901670ef2ca4d2010cf7e8f08107781b2da20d716619117191f8df96cfe9a81ef18ec0ebcc99cc3558830265d0346f9767ddb6c2fbb2495a9b8ee91f82a1bea2324ec011f45f1462aa216c209186229c233006600414628beb9738efbdad2601cac6b2b7e4c803719d6b826c44e9ae057711f067de8b0f0d1ae2a2f78936a44e2dd9e9b19244ad4b07e6cb870b594fa6f86012f699455ee86aebab98c69f332876fd820f11e982b6023325ab335a28cdceb7ce3bc4706856b4aa37b67fc1a7dc1ce4d88b277db25ebad94140b6107310a4f6e597e8895277c749687e89f0a69bf3cb1de8b459b400806fa8fc5ba4441dce50d3ff057467285e4c21cb12bac00791c3ad4f27c46c58d15de6e9cd746acd26a4fbb7da8849aa6f423dbf3974c1c4610804b5e3e46d5d6d945415e22c039481224a30cbe2b3e271b9f50297afd5df882e5b96fe31acd3e92b8fc5d0cec29915946fd0c02bc2775ad54edfb2715c9e0e197e28e0e1a6505fafec1f24d848c18afc2acb48992cab420200e06db88bc50b985932b40b16bddfdf29480fbddf106f8a5caf40d0304e45ab7c19cea65e834ef6742c413563657b8d7c27b30f85fab4fc041b50c532ea646b0755437603f1a05f87b8d67976f3ae9e729c3fb8ddb91f26d7b26f003c1a8efae40acb42360ea5144d550203e38c4e0329e6c42353b08ef1278dc529cf272b2f8e32b578f6d874fbae55f12db0081a2a6b543a418e74b121e1698eadb8f1ef214d38c403768f4df4b96b2a97c18c584b8a81f3fedd0b0653c9380bb7b42db34217a4b2e57c07de829381de337f65415f794c02192ce775e6788b4d7bf3d06f5e027b89824853b086839c75932dcf6f43c5cfe72b8d89401c8ae441f15337483e46bb09cdf6394f4be8f66415cf842f4567d114dc50f3a2c15b54e4fe65b24bc9ffabe9ce60115f309b510f5433da6fb2cc0d9ff04282b355567841a4c04ffcb47d39d5da114fc167b4e8e35437cf55e7d84b3ef27c7a0390c76643e58691d55196fbd2e3070a9308d76af61c4b43005981ef641be82f6eb80ae69a60ec4e78f99cef86f84bc9ad1101397648dfd15b51dac18cdd46c58f433772c6598364b351e1ea15e21eaa5889ad09e6400c72cb3162034838141a86338ca2f47d0f88d6c0ca13729999d0d7233c7d91bfb8359c5b3e7248f6034a57b28299f6465cddb2622a8c07c221beaa2236a04fb9d3c52e5548d0f0f4506ff8ab3d5e24be3d9d11ac02ff44a8efef9145d16ec9af4fc0cb9d5428e70c62785c9a7bb3d818f7403d2547ff80e9bcd922fe58598590d14eddda8fd07aac6776a6ce015c7dd2cc8eafbd927f7ffc8f519b327e3759e7f41ffee8d4a2121d9b9b4ceb32fd820fff7ad156c74604cab787135cc27b715aa26671fe99a5b9b2f47694f0b8183a266a90ef7c724f95c39e3725e2e54c1bfec568dbf42150ff0cf200c6b22d52ffa932443d62a61e3890cee62516fb0dec3c4d310225ee20a3f29b3dd12f3b1d09225a9a6caf3c2e467f47b92ed3888ea6d7095d8c00a78f36c64a28c2feb102a661e7e4642b8ef4eb3fce7846060873c6a64f76081eb765cd9537d2e08c8bc44d07abc3e77b8e0dd366849d63b11667f5e64b96e89b2ef5fe21b4f5425a7ddc257ddd0202e241060e641341faf01b5ae6577e399fb7714a19add131bf9a89a5d5796140ade0561952c3ff17fc2a6a76efaaa13bd1758d79aa0c85cf6d2617c028ac1f3d5e45a4dd6f0957ebe735e1971251942ebf3927db2254bd5a496eb0a77ad70ced2f70aa837319c454a73041c76c6e01da43bb891140d845528c7c5a26f0dc4dc21d592ef72a105cb3677b9a11a63678882b16aee511b40bd177ec7d3ef272ce23839920c104aafc2f46a99a313a54655bf3ed9fa1492fafb57239ba23ef9325825728ef2d878290f83ac338284b863342353eec1bd132055ebb7d79cecd490b02c8e909cc47ec408f5b8d9571055a7976f54a7ed746e7800ad1f0540ae4046e2256b3afa18f98f28b197ed80f9cdeb2795e41558afd12ae6af37c8911a14235319bca43790c3b6b7b53f63ad85fa83f8f96f5b0460da232f7c239888f352d47b2e8d475d1229afb17143e95e06f786cebdab36d8ce9d281b48562e8b9b00991d1530639a8c5df2ddf58a2c836384b25eac8bf41252fdb8f6a22a88cbe9939fdb098d53a090ecf29e1840bb3b40ee5fc4cabf1fb4014c6aca89f9a781d21a5b14adef25cb2afc83c1f2e3a68ee9994d93f211d3eda73f921911ffec1d558a5e555d8663d3464e866d4985785d621b5fb01767978ee3a7a8356ab681537d17eca71a5dc5d25ab9f182a75b68b650b1a7b0e27b70aacbfe32912bf97ab9e9360f4e6263178c4568da1aede597ffae2ee62fa22fd42e667dac1b48acb807e7083c216a5ec3541cacb8af570fbf050b8f0b93d4f532f110f430d4b08dfbb88e00a6c260a240384ac924096a9d9a17e7580c3304e16ca73f3d6903d72921bba5e4c7a6fce1cb97cf0fc137ba4a1bdcf112e423188c55152559610ed7ae1479db0998bd3cb1ed893e82ff38c958d1e7c693a74ce26254ee515939f96089ccbdc602e225b914fce6b4a6cb193de80328b6eb5d4708405cd7f076d23858ddee1e2c5a68209b0cca0b2f3384dc9c161c62d43597f291162787d0caa3af350f37e76b26e77185aa570a3ff962debd2467abc6e4a06f58753c26edab7718f17f2f57ed7d93dfea748780f57bb1270bb59c9e5f3f9bce8d3c5d2c2f3054313e7987c6e8d0771b923122bc969f7d3fc78c2f3cb04a4c6f75592070773cf2a4573e9c9bd9ac3f28226581f76fd4fd369d99e50c0e35a81617089fb496b2c9c1186fde48682e4a319e4feb7590ce561a9bc4aa1b89910c6d9b124a7b68e9f6706f82eb35e12465fdefccc3e5d8dc11264e3b5baa746ef2822c97b65e6361b26b6c51d1d54a9b1ed5da29bf7717f11abb3d59d7c3b54cd1afd0effdbb73dcb2037f6c73ae29400862877bdae935e354c7b275615192eeb904ac8f1f2d08e83a370714e205f66400a17fe4b6b864d358cbffe04a78d5baeba230956e68569ac3fcd854b639b612095e4e7e405713616d69fca80e18f13b1185f1be523ec08794d326e7c2e218ad94e954e10fa37aa5adadc6a6d6e9e238909e7329b016543ec4e7e648efac549cf156bd4b2b7b3a78cfa9ffcfe4fd5d715d11a3a3105df5a27619200843de421d840a893e94e52d70ddb7a6b06f8c675e4dec51726e41e34cd9aeb753cc8123b5b276cc6e76671821994d802e87e6b4ecc84af312bdd4d7d310e89989a0fe976fba8a48bb71655197adceb140de613d1652e9d61d54bea56573c75ace8403cc5c05e637e225327323bd9e0ac1f8bf933625f07ccd7769235a005c0c738e84225c07651220711e991534cd58c2b1f5a5cecdbfc5feed7f5feb119a064a8bc93b6e680e742c0ba33f27059ca62c192983bcb075211db531d7c4cf85ca7a4f833c01ec1bddca9e4072dc854a7db6788bac2f03a86951621c75b0b5827d3f92f9ffd20633a7d2cd55441fe9fcd1658b4f4799caf995a4cd7aa829dd2e24f40", &(0x7f0000000040), 0x3, 0x0, 0x33, 0x6f, &(0x7f0000000100)="46cc00117877b1d08f679b92d46ce23b736d0feb470f4e1d46f158db88cf3de81ac77bccb45147c5d8b3964b10d7310feec810", &(0x7f0000000240)="23c65d54f4c5b2babf5c69a185dbff810f38fd90ca899adb0f5f20000000000000005ccad8c230f11b3f1d4db7d6d15136901ae9b5630dde5ae4617eab63a73595bac8332292e02cbc98162455420f9435aa727b090260f7c68e06e1e54e2bcfe9e4210d9ba263e2000000f8a49f102874d2fe80fec28e0b84552470f43e45c508dae05d842d28101ce992cfb22754e81de7e2ba70efceb435946b644796b2ed7d909371b5094bfbce2c8861f0597561c7440814ee2ce467eb3193558b1c454e6c4ada2d4c4c0671485a7c6b5c13a498e261835b6f1ecd6f513d85eac1c619f77ea9c8b1c4f73a37c398569e780bb5b5d0856030e64da2575e2b5e072c4061c1631d5ee88067f249a3ec00343ff37914226422d33a143ec733c66ba2619c4fea5ee9ff07374ea98620e5cca892997b11bdd7c7e0ea553e207c38df29a5ae58d0ef611a1460bc5b03a63a728eff9b1ce98885a6497033d54486cc939bb92c5d292a37fe9ac2f5e7d3913612ca91dcf2d137f90aab571907673a4399680acec5cc8b5b87ecc14223c95a65c95dda1f227a9db02cca68a4a157c9da8e5dacdab0cd9d3df0f055b8a2c99f1eced693fa46525e21f651fee85f47c6f3fd6acb1e51e5542c1212508a72c7e79a7cb8eeae7aca7bba4b4d9d74c2b7c5cb111f0d716d57ae21b8abda1658abfd250e9be722c37e886d5fb073c39f", 0x2, 0x0, 0x7ffc}, 0x21)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@ipv6_newaddrlabel={0x1c, 0x48, 0x201, 0x70bd28, 0x25dfdbfd, {0xa, 0x0, 0xd0, 0x0, 0x0, 0x6}}, 0x1c}}, 0x0)
r8 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000640)=@newtfilter={0x54, 0x2c, 0xd27, 0x70bd2b, 0x2, {0x0, 0x0, 0x0, r5, {0x0, 0x2}, {}, {0x8, 0xfff3}}, [@filter_kind_options=@f_flow={{0x9}, {0x24, 0x2, [@TCA_FLOW_EMATCHES={0x20, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x14, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x10, 0x3, 0x0, 0x0, {{0x9, 0x2, 0xffff}, {0x8}}}]}, @TCA_EMATCH_TREE_HDR={0x8}]}]}}]}, 0x54}, 0x1, 0x0, 0x0, 0x200400c0}, 0x20008082)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="61122800000000006113380000000000bf1000000000000025000200091b00003d200000000000008701000000000000bc26000000000000bf67000000000000150300000ee600f0670200000300000015030000ffffffffbf050000000000000f650000000000006507f4ff02000400070700006b3128fe1f75000000000000bf540000000000000705000003001500ae430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe70305863f970eac3590ac99b798f8125f1c322c2a154a8a8d"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @sk_msg}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x15, 0x2, 0x8, 0x1, 0x20008, r8, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x1, 0x1}, 0x50)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)={0x54, 0x2, 0x6, 0x201, 0x0, 0x0, {0x0, 0x0, 0xa}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x40}]}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x54}}, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r12, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
socket$inet(0x2, 0xa, 0x4)
sendmsg$NFT_BATCH(r12, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a74000000060a090400000000000000000200000048000480100001800c0001006e6f747261636b00340001800c0001007061796c6f616400240002800800024000000000080001400000000a080003400000000508000440000000020900010073797a30000000000900020073797a32"], 0x9c}}, 0x0)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r11, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000380)={0x24, 0x0, 0x8d61ddcfedb48df, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_WANTED={0x4}, @ETHTOOL_A_FEATURES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x4040800}, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newlink={0x3c, 0x10, 0x44b, 0xfffffffc, 0x0, {0x7a}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_ROUTER={0x5, 0x16, 0x2}]}}}]}, 0x3c}}, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x2107, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)

2.365638542s ago: executing program 1 (id=1838):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x64}, 0x1, 0x0, 0x0, 0x94}, 0x24000000)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a88000000090a050000000000000000000a000004099c020073797a310000000008000a40fffffffc0900010073797a3100000000080005400000000b44001280200001800a00010071756f7461000000100002800c0001400000000000000080140001800c000100636f756e746572000400028001000180080001006c6f670008000340000001"], 0xb0}, 0x1, 0x0, 0x0, 0x4044050}, 0x40)

2.140417992s ago: executing program 0 (id=1840):
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000040)={'wlan1\x00', &(0x7f0000000080)=@ethtool_ringparam={0x11, 0x9c, 0x7b5, 0x0, 0x0, 0x7579e159, 0x0, 0xfffffdfc, 0xef4}})
r0 = socket$l2tp(0x2, 0x2, 0x73)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x44, 0x6, 0x3c8, 0x298, 0x168, 0x0, 0x0, 0x200, 0x370, 0x370, 0x370, 0x370, 0x370, 0x6, 0x0, {[{{@ip={@multicast1, @dev={0xac, 0x14, 0x14, 0x13}, 0xff, 0xff000000, 'pim6reg1\x00', 'bridge_slave_0\x00', {}, {0xff}, 0x88, 0x3}, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x298}}, {{@ip={@private=0xa010100, @local, 0x0, 0x0, 'vcan0\x00', 'veth0_virt_wifi\x00', {}, {0xff}}, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{}, {0x0, [0x0, 0x0, 0x0, 0x2, 0x4, 0x11000000]}}}}, {{@uncond, 0x0, 0x70, 0x98, 0x0, {0x20000000000000}}, @unspec=@CHECKSUM={0x28}}, {{@ip={@private=0xa010102, @multicast1, 0x0, 0xffffff00, 'syzkaller0\x00', 'bond0\x00'}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@remote, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x70, 0x98}, @ECN={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x428)

1.904671122s ago: executing program 1 (id=1841):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0x5, &(0x7f0000000080)=@framed={{0x18, 0x2, 0x0, 0x0, 0x4d6, 0x0, 0x0, 0x0, 0x3}, [@call={0x85, 0x0, 0x0, 0x32}, @call={0x85, 0x0, 0x0, 0x11}]}, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7ffffc}, 0x94)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x80000001, '\x00', 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xa, 0x1c, &(0x7f00000105c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bc0900000000000035090100000000009500000000000000b7020000000000007b9af8ff00000000b5090b00000000007baaf0ff00000000bf8700000000000007080000fffdffffbca4000000000000a7040000f0ffffff740200001d00000018290000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7050000080000004608f0ff76000000cf4900000000000056070000000000008500000000000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x2e, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x200, 0x800, 0x6}}}}]}, 0x44}}, 0x40080)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000bc0)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000001c0)={r6, 0x0, 0xffc9, 0x0, &(0x7f0000002d40)="b3070d5b19aa16a7489474168245f80bbfa179c79d3bffb79761ab0d8e009e9b42b881f247de05b072442debf7bc0ed4b393a763a2bf3d12b851fd541f7a7169bf1fbd1640409fb8f29f118ac55c111bb188b49c7bdb0b55d9b03ef63529493d44c4617aa69a7fe28b6438a324f15e3eb21a0f5a233ee9e9071b7d746b5ee5ec93c8f26de857054995b60874a9d27726d9c069ab61a1623c8951aeaabe0e5d7538f7dbd8bd0628798f4622ee0f72d66106093500348e147e9dcee5dae63af07a6fb007e4cf9d6d6359a252aa81ec8a9caefdcb28f79094b5cab4e154a22c44bf971c039f2d566c4aec66cebca90bfe16ada4b03ffc7e90b023eec64cce3c0351597828adc485980b2aaddd930e4e424e2d0314f7fe17c3092ec5f5e54b39844e714661ac9edf447a2e3dc89f110e54528a4e22d8a86585b4601028b2bbbb4f70b7ac3b6c7129d4d0c8ce0b02c3c1f5e4128a6d315002443ac28bdb0c9d7abe3e4286ec1055688ec813b9979121e900aea3693b9c8b427bb69576362dfb258f8df59e0dbefd7034c1e887a06731e1cc25113331eab4b0d022a63107f774b4a631fa71e16e290881c25fe6af9775fd65359e2af043ec9caad726b0ce923e3c6ef9d081f967e8ef34ef0329b1c84b7bf024bda4cfda93debe4ba05de3e1728c8e22cb844c74f8d769929e6295a16bea0c50727fa33b3c10d2e53e66b20761d9fc6ef5f24b311ff8a4239f81fba4a808a08785c8cb22ac1c4a06f7b3ce232806dfb41c5aa694cf55b9872aa2c53175a76a3427dbb5c00c15ed62686a048edba6bff31ef1a84d711eddc76a4db44c880f26a79da84b9f9cfaaf909267b67a9c853ea9eb1fe586db67a98dcf37a15d5295857ee0bb4e8a4b551f2629bfc72592c0854266245b837a91f3eefbc2612ee909fa43209d02af7d3b83ec13e5dbbfe1a34a8b45ce49722a5369c3c1b8bccd5386cf57baae0d5c4a355d5a729ddce5c0be3aaafaffa497dd6b7f363b5e53f3849c7a2013e0db1ca5d2d93b0a809d1c27306883edaf11b73199275301a9d28cb3e9b267e3342fad165a13f3e44d0d53afc95f44474d5761416489612b6054c17a383a03782bf380bf347742f2845be2df988310378dad9bbf1980a4a84a5e4f10b3a28db2e7829e25640b833b0cf6675eba6601502a7ae3177860dac93726ad9adabc6d98ce30a4cb01ce01b6309982898b617f20c55510253405d93e70fbc4c9ded36bacff16e49d9f70d852c41cec96d6e4f6c44167ed6990d04e63f15fd934e6120f9189fd04e8ff4554fe23751dea387ab1ef5b0973d9510c4cbb1fe89f80d7875c16b2ff9a746f8e2b4e9dc5594712c511dea6bf63c4d9fd7114092ffdcfc16dde14359b2fda592214ad728b4e19132970be209ed98dda93c1c3abe8cffef35679b61e9ac56802bbce8509a047415a1badd9c4a359b6971d73d994e5825115fffd6f389144fdec3bb012f9f392fee8310a847192dc6ff4247a6ba44ca75ed0bc40b50767407a7d6420018b2bd1dc9ed66e11fe5c7b768ff7aae6d1ae62516a0ad980f366b6f3ea5d9e407b3e88869749b15fe400509d70256d82b2d5428b2912e648ebe7022d6f3bfc8d0c9423cba893efc65394e63a56269b7a17f69294000b0bd27902730356f238b868803b7ff4da31013ad66e22c5c7afa1b370fd2d10e0175a3bfba66d88e29fb371998424be80737bfb38db011efc5d63f0fa17efcd90a5cd2d310ab8e4ff2631dc2fc2be5404d4026fb916c1cd481dd70ea1755813574a0ec1d01b1411c7a7a69f6ac972487f9b470090c419d1c57d8641d6f4cd10b1d55ce621ed8e14f28f11b579a6408bbff9fc13cf6fb07c22770e65ed772e790844ea608e38ae48302efb09c173d8c653aaf0c6be98d9a2d166c9d318dfbb8f06b9a241ac72d68a82dbf7f3255e2cb0af5227d854a71b7d4c89fe943db9c0c19ac1dd5264bf8515b217f1de94b5da0f3a4a73f587a71bad13e447eb5ca4d76d3645d749f2ba4b46da62a7717e544cfb025b364c5d19ec6330bc6fdf161a153c61720031dfa170f0c77de03b36fa898e8f00dcb04c21db7362200fae366363f82a2d7292e0d67b72f64e227fdd91edd3c455e7341a9a9b8832631891b563a8d064955d0074a216062147414c2c8badd2c547a51734a96c215d82c68f3eeba0f9a4954e479a0534a8fd131a4b9b1d069322907c1b49e5c68b86079841b34867ae69d42f9843a9c9d290d0ea9ab4068a58e9c76588391b12420af3d9e3d8bf672f3f0ac88a8c269a9570576f6a1a5a39d63cdf7e459a620af3fe5b6fdc7576732bae1f8ab81d5294562d5e82f1273ba1f2cc1f336f2ed3b4a9901dbb3e86f3859750ef51db3601247fcd157072bc3843aedb474433c4694942f1c13356d4cfbf56d5834f9c0250044a017137ae689db25feec05600827c11955e492fb67dc2239b75d7ecc3b279901670ef2ca4d2010cf7e8f08107781b2da20d716619117191f8df96cfe9a81ef18ec0ebcc99cc3558830265d0346f9767ddb6c2fbb2495a9b8ee91f82a1bea2324ec011f45f1462aa216c209186229c233006600414628beb9738efbdad2601cac6b2b7e4c803719d6b826c44e9ae057711f067de8b0f0d1ae2a2f78936a44e2dd9e9b19244ad4b07e6cb870b594fa6f86012f699455ee86aebab98c69f332876fd820f11e982b6023325ab335a28cdceb7ce3bc4706856b4aa37b67fc1a7dc1ce4d88b277db25ebad94140b6107310a4f6e597e8895277c749687e89f0a69bf3cb1de8b459b400806fa8fc5ba4441dce50d3ff057467285e4c21cb12bac00791c3ad4f27c46c58d15de6e9cd746acd26a4fbb7da8849aa6f423dbf3974c1c4610804b5e3e46d5d6d945415e22c039481224a30cbe2b3e271b9f50297afd5df882e5b96fe31acd3e92b8fc5d0cec29915946fd0c02bc2775ad54edfb2715c9e0e197e28e0e1a6505fafec1f24d848c18afc2acb48992cab420200e06db88bc50b985932b40b16bddfdf29480fbddf106f8a5caf40d0304e45ab7c19cea65e834ef6742c413563657b8d7c27b30f85fab4fc041b50c532ea646b0755437603f1a05f87b8d67976f3ae9e729c3fb8ddb91f26d7b26f003c1a8efae40acb42360ea5144d550203e38c4e0329e6c42353b08ef1278dc529cf272b2f8e32b578f6d874fbae55f12db0081a2a6b543a418e74b121e1698eadb8f1ef214d38c403768f4df4b96b2a97c18c584b8a81f3fedd0b0653c9380bb7b42db34217a4b2e57c07de829381de337f65415f794c02192ce775e6788b4d7bf3d06f5e027b89824853b086839c75932dcf6f43c5cfe72b8d89401c8ae441f15337483e46bb09cdf6394f4be8f66415cf842f4567d114dc50f3a2c15b54e4fe65b24bc9ffabe9ce60115f309b510f5433da6fb2cc0d9ff04282b355567841a4c04ffcb47d39d5da114fc167b4e8e35437cf55e7d84b3ef27c7a0390c76643e58691d55196fbd2e3070a9308d76af61c4b43005981ef641be82f6eb80ae69a60ec4e78f99cef86f84bc9ad1101397648dfd15b51dac18cdd46c58f433772c6598364b351e1ea15e21eaa5889ad09e6400c72cb3162034838141a86338ca2f47d0f88d6c0ca13729999d0d7233c7d91bfb8359c5b3e7248f6034a57b28299f6465cddb2622a8c07c221beaa2236a04fb9d3c52e5548d0f0f4506ff8ab3d5e24be3d9d11ac02ff44a8efef9145d16ec9af4fc0cb9d5428e70c62785c9a7bb3d818f7403d2547ff80e9bcd922fe58598590d14eddda8fd07aac6776a6ce015c7dd2cc8eafbd927f7ffc8f519b327e3759e7f41ffee8d4a2121d9b9b4ceb32fd820fff7ad156c74604cab787135cc27b715aa26671fe99a5b9b2f47694f0b8183a266a90ef7c724f95c39e3725e2e54c1bfec568dbf42150ff0cf200c6b22d52ffa932443d62a61e3890cee62516fb0dec3c4d310225ee20a3f29b3dd12f3b1d09225a9a6caf3c2e467f47b92ed3888ea6d7095d8c00a78f36c64a28c2feb102a661e7e4642b8ef4eb3fce7846060873c6a64f76081eb765cd9537d2e08c8bc44d07abc3e77b8e0dd366849d63b11667f5e64b96e89b2ef5fe21b4f5425a7ddc257ddd0202e241060e641341faf01b5ae6577e399fb7714a19add131bf9a89a5d5796140ade0561952c3ff17fc2a6a76efaaa13bd1758d79aa0c85cf6d2617c028ac1f3d5e45a4dd6f0957ebe735e1971251942ebf3927db2254bd5a496eb0a77ad70ced2f70aa837319c454a73041c76c6e01da43bb891140d845528c7c5a26f0dc4dc21d592ef72a105cb3677b9a11a63678882b16aee511b40bd177ec7d3ef272ce23839920c104aafc2f46a99a313a54655bf3ed9fa1492fafb57239ba23ef9325825728ef2d878290f83ac338284b863342353eec1bd132055ebb7d79cecd490b02c8e909cc47ec408f5b8d9571055a7976f54a7ed746e7800ad1f0540ae4046e2256b3afa18f98f28b197ed80f9cdeb2795e41558afd12ae6af37c8911a14235319bca43790c3b6b7b53f63ad85fa83f8f96f5b0460da232f7c239888f352d47b2e8d475d1229afb17143e95e06f786cebdab36d8ce9d281b48562e8b9b00991d1530639a8c5df2ddf58a2c836384b25eac8bf41252fdb8f6a22a88cbe9939fdb098d53a090ecf29e1840bb3b40ee5fc4cabf1fb4014c6aca89f9a781d21a5b14adef25cb2afc83c1f2e3a68ee9994d93f211d3eda73f921911ffec1d558a5e555d8663d3464e866d4985785d621b5fb01767978ee3a7a8356ab681537d17eca71a5dc5d25ab9f182a75b68b650b1a7b0e27b70aacbfe32912bf97ab9e9360f4e6263178c4568da1aede597ffae2ee62fa22fd42e667dac1b48acb807e7083c216a5ec3541cacb8af570fbf050b8f0b93d4f532f110f430d4b08dfbb88e00a6c260a240384ac924096a9d9a17e7580c3304e16ca73f3d6903d72921bba5e4c7a6fce1cb97cf0fc137ba4a1bdcf112e423188c55152559610ed7ae1479db0998bd3cb1ed893e82ff38c958d1e7c693a74ce26254ee515939f96089ccbdc602e225b914fce6b4a6cb193de80328b6eb5d4708405cd7f076d23858ddee1e2c5a68209b0cca0b2f3384dc9c161c62d43597f291162787d0caa3af350f37e76b26e77185aa570a3ff962debd2467abc6e4a06f58753c26edab7718f17f2f57ed7d93dfea748780f57bb1270bb59c9e5f3f9bce8d3c5d2c2f3054313e7987c6e8d0771b923122bc969f7d3fc78c2f3cb04a4c6f75592070773cf2a4573e9c9bd9ac3f28226581f76fd4fd369d99e50c0e35a81617089fb496b2c9c1186fde48682e4a319e4feb7590ce561a9bc4aa1b89910c6d9b124a7b68e9f6706f82eb35e12465fdefccc3e5d8dc11264e3b5baa746ef2822c97b65e6361b26b6c51d1d54a9b1ed5da29bf7717f11abb3d59d7c3b54cd1afd0effdbb73dcb2037f6c73ae29400862877bdae935e354c7b275615192eeb904ac8f1f2d08e83a370714e205f66400a17fe4b6b864d358cbffe04a78d5baeba230956e68569ac3fcd854b639b612095e4e7e405713616d69fca80e18f13b1185f1be523ec08794d326e7c2e218ad94e954e10fa37aa5adadc6a6d6e9e238909e7329b016543ec4e7e648efac549cf156bd4b2b7b3a78cfa9ffcfe4fd5d715d11a3a3105df5a27619200843de421d840a893e94e52d70ddb7a6b06f8c675e4dec51726e41e34cd9aeb753cc8123b5b276cc6e76671821994d802e87e6b4ecc84af312bdd4d7d310e89989a0fe976fba8a48bb71655197adceb140de613d1652e9d61d54bea56573c75ace8403cc5c05e637e225327323bd9e0ac1f8bf933625f07ccd7769235a005c0c738e84225c07651220711e991534cd58c2b1f5a5cecdbfc5feed7f5feb119a064a8bc93b6e680e742c0ba33f27059ca62c192983bcb075211db531d7c4cf85ca7a4f833c01ec1bddca9e4072dc854a7db6788bac2f03a86951621c75b0b5827d3f92f9ffd20633a7d2cd55441fe9fcd1658b4f4799caf995a4cd7aa829dd2e24f40", &(0x7f0000000040), 0x3, 0x0, 0x33, 0x6f, &(0x7f0000000100)="46cc00117877b1d08f679b92d46ce23b736d0feb470f4e1d46f158db88cf3de81ac77bccb45147c5d8b3964b10d7310feec810", &(0x7f0000000240)="23c65d54f4c5b2babf5c69a185dbff810f38fd90ca899adb0f5f20000000000000005ccad8c230f11b3f1d4db7d6d15136901ae9b5630dde5ae4617eab63a73595bac8332292e02cbc98162455420f9435aa727b090260f7c68e06e1e54e2bcfe9e4210d9ba263e2000000f8a49f102874d2fe80fec28e0b84552470f43e45c508dae05d842d28101ce992cfb22754e81de7e2ba70efceb435946b644796b2ed7d909371b5094bfbce2c8861f0597561c7440814ee2ce467eb3193558b1c454e6c4ada2d4c4c0671485a7c6b5c13a498e261835b6f1ecd6f513d85eac1c619f77ea9c8b1c4f73a37c398569e780bb5b5d0856030e64da2575e2b5e072c4061c1631d5ee88067f249a3ec00343ff37914226422d33a143ec733c66ba2619c4fea5ee9ff07374ea98620e5cca892997b11bdd7c7e0ea553e207c38df29a5ae58d0ef611a1460bc5b03a63a728eff9b1ce98885a6497033d54486cc939bb92c5d292a37fe9ac2f5e7d3913612ca91dcf2d137f90aab571907673a4399680acec5cc8b5b87ecc14223c95a65c95dda1f227a9db02cca68a4a157c9da8e5dacdab0cd9d3df0f055b8a2c99f1eced693fa46525e21f651fee85f47c6f3fd6acb1e51e5542c1212508a72c7e79a7cb8eeae7aca7bba4b4d9d74c2b7c5cb111f0d716d57ae21b8abda1658abfd250e9be722c37e886d5fb073c39f", 0x2, 0x0, 0x7ffc}, 0x21)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@ipv6_newaddrlabel={0x1c, 0x48, 0x201, 0x70bd28, 0x25dfdbfd, {0xa, 0x0, 0xd0, 0x0, 0x0, 0x6}}, 0x1c}}, 0x0)
r8 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000640)=@newtfilter={0x54, 0x2c, 0xd27, 0x70bd2b, 0x2, {0x0, 0x0, 0x0, r5, {0x0, 0x2}, {}, {0x8, 0xfff3}}, [@filter_kind_options=@f_flow={{0x9}, {0x24, 0x2, [@TCA_FLOW_EMATCHES={0x20, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x14, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x10, 0x3, 0x0, 0x0, {{0x9, 0x2, 0xffff}, {0x8}}}]}, @TCA_EMATCH_TREE_HDR={0x8}]}]}}]}, 0x54}, 0x1, 0x0, 0x0, 0x200400c0}, 0x20008082)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="61122800000000006113380000000000bf1000000000000025000200091b00003d200000000000008701000000000000bc26000000000000bf67000000000000150300000ee600f0670200000300000015030000ffffffffbf050000000000000f650000000000006507f4ff02000400070700006b3128fe1f75000000000000bf540000000000000705000003001500ae430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe70305863f970eac3590ac99b798f8125f1c322c2a154a8a8d"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @sk_msg}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x15, 0x2, 0x8, 0x1, 0x20008, r8, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x1, 0x1}, 0x50)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)={0x54, 0x2, 0x6, 0x201, 0x0, 0x0, {0x0, 0x0, 0xa}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x40}]}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x54}}, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r12, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
socket$inet(0x2, 0xa, 0x4)
sendmsg$NFT_BATCH(r12, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a74000000060a090400000000000000000200000048000480100001800c0001006e6f747261636b00340001800c0001007061796c6f616400240002800800024000000000080001400000000a080003400000000508000440000000020900010073797a30000000000900020073797a32"], 0x9c}}, 0x0)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r11, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000380)={0x24, 0x0, 0x8d61ddcfedb48df, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_WANTED={0x4}, @ETHTOOL_A_FEATURES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x4040800}, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newlink={0x3c, 0x10, 0x44b, 0xfffffffc, 0x0, {0x7a}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_ROUTER={0x5, 0x16, 0x2}]}}}]}, 0x3c}}, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x2107, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)

1.886781677s ago: executing program 4 (id=1842):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x80800)
r2 = epoll_create1(0x80000)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000680)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x90, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x64, 0x4, 0x0, 0x1, [{0x50, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x40, 0x2, 0x0, 0x1, [@NFTA_TARGET_INFO={0x29, 0x3, "7339f2f10455afb9fdd672bad09dfb78c7699c74e891a0c700"/37}, @NFTA_TARGET_REV={0x8}, @NFTA_TARGET_NAME={0x8, 0x1, 'LED\x00'}]}}}, {0x10, 0x1, 0x0, 0x1, @inner={{0xa}, @void}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xb8}, 0x1, 0x0, 0x0, 0x4000850}, 0x20040040)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5c0800002c0007012bbd7000000000e5087c00000c00018006000600843b000009000280040071008c0000000800e400", @ANYRES32, @ANYBLOB="2d0529800c00f800030000000000000004006080fa003b800400df00c1becb03dbe55b6c782cebd6a7bc78a21d1bc9f3c1bd441ada5266780599eaf18965bbfcc07c2037129672275c399e1e03f8a0664d807385cc4d566f230400db800400498096d9641e8b1887b25501b11ecd71313a47df368b078d7b825bff33b9eab3964d7b2394b1950c7aeaba6014fe2cd33c89fd070ce0f1f306494a44adf6609d8ad55a5080b36b05cb0b9a57833b14fcd62c0aba0ac67f03b20e87ba6f3610a5bd1d3369ae014c8036c1e596b800991698810ff706e98871c17ad581b0695476273ac6c33a7a51d4a44a5b95684befe95ef49b03458bce89d87355f35b766b242b9f98b661269bb9255d836fb4e30d0000c72ec5561adf6112ca278273b4af42597e7bfa1f5c228f13161b34517c92bc352c017afac22d14047e6fbdc61536f9e51738ea935cb2a577ec2b788433bc13a9e976cfee267f36d988b766a29632c84c94d4cf31d780ef683293d7eacfc93f248d137affcae7cffa699237ea9c74919850dc164f1483f3f352bf7dd787191705b26936e1d090526b6ac5765df318f160cc84b15b94c662cf92611c9eb0b92bfbd3512bffed96a4150d653e130625b6ae5a78da2c4b9c70c736a224b18d89222095fbc4c61bcad1eb73be9c6efaaae48f871223694999b2a925a37138be8220008180cc20e57a92076b2308003200", @ANYRES32, @ANYBLOB="040044800800c800e00000027a01f380a2b4c1dbd4f221c0a1fd468ca63ae97de147e5bc2d0313377dc17591b491acf18312bee324decf810970090c77ec4ca173b12577aeb13c354245be77050365697b3b4707060c00045e46d612b09c487d7c9c94f778c0a015ecfa70d229085252956142772f9ff5a61a9b7fbc6712f8e64566b7ade87d293b81bd3cd1b2ad2852dc1dbb07d54f5544759f0eb23131b5780de6354f0714b2c5b86323969d0b4f5bd8c4489e0e7471c6a84feb9dead9d156d060a9373c7f80f4f1ec2a87efdeceec8d99c9664ee184f112929fe92da18f26929f98233f18dcbe0c638c040061800400058012fc33716331943112df1a6d89852782e376609e4a38717148d34e9d36191fe607748ad822c89800b204bd5831c55511fc4e85d09c44ef3be8ce710d034d394057d88e12db87eb032cd30fdcb489cd5ac92a44f96b6e463971c730796efaab04ce1b42faea757fc0a50c4feef468c80d7cac7db3bfd67140c04f88892b1d19a91ac5d2bef2af704fed3f92e84f78f98e97b8460000602ca31cc4edb57168863fe0e930a6030e47048c91da29a2c691894cd27b28480642302c6816b308d3eaceb9c1404c696e8a2deb97c278ca9d9b1ea4aa17255b400acdda233dde73b32098f837494e43a67bbb722f105f5ae23d8e4c9586ac0ff8c1c6c330601a9c007659ce63c0387d6692d791abdb14b8b66d6b30e5556865a6e97922f3fddcfd1a7e2cbf30b30479b4f7b824b49b1a8e5cd1ec171c8fd41bc3b14ced446eadedd90178f121d6e4d3ae3031231f39fcad0501455538f57fc305f449144d0e4f1f642ff19c53dea5322d30d680f6efdce4f7310225fa8e8a3035d925f51090e4fa74346825d16d400b9cea013e88ea47db2efbbbe73c3ae0059974efa840d4ee88ae1f85d6ba36caa8df64cbf4c1716de586b6fce1424c8bc3a0218953ea42dc7e83bda5a4319b59d7926fe04553fe79056a397ea85f6255d093a345aaf5f3d91cdce17cc9d38493e7eb952b132dc8f7953706ea7b7ff81e88a2a87f18730ca7f6f16f2c23b85f549a8b0cce6f8f0ec61fa8ba01aa114fbd63373ae3189338aa5f585a6d454733937712eb5a4cbd810c91bf5f19e0a508db8a57bdd8000000960203"], 0x85c}, 0x1, 0x0, 0x0, 0x24048011}, 0xc000)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f00000002c0)={0x3})
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000080)={<r4=>0x0, 0x9}, &(0x7f00000000c0)=0x8)
setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000100)={r4, @in={{0x2, 0x4e21, @multicast2}}, 0x5, 0x4}, 0x90)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2000005, 0x3032, 0xffffffffffffffff, 0x0)
r5 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r5, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r5, &(0x7f0000000000)={&(0x7f0000000040)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f0000000300)=[{&(0x7f0000002640)=""/102389, 0x18ff5}], 0x1, 0x1903d}}], 0x48}, 0x0)

1.836399483s ago: executing program 0 (id=1843):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB="000086dd0000120000000000000060ec97000f982c00fe8000000000000000000000000000aaff02000000110000000000000000000104"], 0xfce)

1.648426553s ago: executing program 2 (id=1844):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) (async)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="e27d18f7", @ANYRES16, @ANYBLOB="00042abd7000fbdbdf2517000000780004800900010073797a31000000001c0007800800040001800000080004000080000008000100080000002c000780080003000e000000080004000000008008000100110000000800030002000000080001000a0000000900010073797a30000000001400078008000300720b000008000400250b00001c0009800800010000000000080001000a00000008000100020000001c00098008000200"], 0xd0}, 0x1, 0x0, 0x0, 0x4000}, 0x1)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge0\x00'})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32=r0, @ANYBLOB="0000000002000000b705000008000000850000005d00000095"], &(0x7f0000000300)='GPL\x00', 0xb, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32=r0, @ANYBLOB="0000000002000000b705000008000000850000005d00000095"], &(0x7f0000000300)='GPL\x00', 0xb, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)

1.440930674s ago: executing program 2 (id=1845):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001800)=ANY=[@ANYBLOB="180000002500010324bd7002ffdbdf25010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x4008}, 0x0)
recvmmsg(r0, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0}, 0xac}, {{0x0, 0x0, 0x0}, 0x8}, {{0x0, 0x0, &(0x7f0000001840)=[{&(0x7f0000000480)=""/77, 0x4d}, {&(0x7f0000001880)=""/4112, 0x1010}, {&(0x7f0000001680)=""/100, 0x64}, {&(0x7f0000001740)=""/72, 0x48}, {&(0x7f00000005c0)=""/48, 0x30}], 0x5}, 0xfffffffe}, {{0x0, 0x0, 0x0}, 0x8000d3a7}, {{0x0, 0x0, 0x0}, 0x7}, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000}, 0x5}, {{0x0, 0x0, 0x0}, 0xef23fe83}, {{0x0, 0x0, 0x0}, 0x10001}, {{0x0, 0x0, 0x0}, 0xd9f}], 0x9, 0x2030, 0x0)

1.319619627s ago: executing program 2 (id=1846):
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000200)=ANY=[@ANYBLOB="0a00001bbbbbbbbbbbbbaaaaaaaaaa2986dd6d002008001811ff20400000000000ffffff8d0000000001ff0200000000000000000000000000014f194e200018"], 0x52)

1.292640134s ago: executing program 4 (id=1847):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000980)=ANY=[@ANYBLOB="02030003160000002cbd7000ffdbdf2502000900080000001c00000000000000050006003c0000000a004e2400000008ff01000000000000000000000000000100000000000000000200010000000000000009fd000000c005000500000000000a004e24000000090000000000000000000000000000000006000000030000000600080009"], 0xb0}, 0x1, 0x7}, 0x500)

1.144211227s ago: executing program 4 (id=1848):
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000140)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0xa, &(0x7f0000000100)=0x100000001, 0x4)
setsockopt$sock_int(r1, 0x1, 0x21, &(0x7f0000000000)=0x8, 0x4)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x3, {0x42, 0x2, 0x1}}, 0x10)
close(0x3)

1.09800559s ago: executing program 4 (id=1849):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
syz_emit_ethernet(0x3b6, &(0x7f00000003c0)={@multicast, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "12ad9a", 0x380, 0x3a, 0xff, @dev={0xfe, 0x80, '\x00', 0xa}, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x19, 0x1, '\x00'/12}, {0x18, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c41bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee96f24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000"}, {0x1f, 0xb, "17dcea46805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4610001394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f003"}, {0x21, 0x7, "000000000000000200000000000000000000000000008879e66485201a0015ca837400000000000000000000001c000000000000000000"}, {0x0, 0x14, "5e14f0e7e72d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c676d8800871a6aa54155dea2d995cb22c9924e0ad38c6967052cc7786d779b8353aac33a57d79b05613a12328f61129017fa632dbf04542188b196e213408c"}, {0x3, 0x5, "d5170000dce9674a36da018dff16e70b8ba7a514c4b7a94fe18e88605aa6be1a02a326a6bce65f"}]}}}}}}, 0x0)
r1 = socket$kcm(0x2, 0x6, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
write$tun(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="001c86dd2000100000004000000060ec97000fc83c00fe8000000000000000000000000000aaff020000000000000000000000000001"], 0xffe)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="550a0000000000006111540000000000180000000000000000"], &(0x7f0000000000)='GPL\x00'}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x18, 0x4c, &(0x7f00000003c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffb, 0x0, 0x0, 0x0, 0x9}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, 0x1}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffe}, @map_val={0x18, 0x2, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9f}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}, @jmp={0x5, 0x0, 0x6, 0x8, 0x9, 0x100, 0xffffffffffffffff}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xac9}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x274d}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9acc}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000640)='syzkaller\x00', 0x2, 0x0, 0x0, 0x40f00, 0xa, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000680)={0x2, 0xa, 0x100, 0x81}, 0x10, 0x0, 0x0, 0x8, 0x0, &(0x7f00000006c0)=[{0x2, 0x5, 0xa}, {0x4, 0x2, 0x9, 0x9}, {0x3, 0x2, 0x9, 0x2}, {0x1, 0x5, 0x10, 0x3}, {0x4, 0x2, 0xd, 0x7}, {0x0, 0x1, 0x8, 0x7}, {0x2, 0x4, 0xe, 0x8}, {0x2, 0x5, 0x5}], 0x10, 0x8001}, 0x94)

975.610406ms ago: executing program 0 (id=1850):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'batadv_slave_0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="5000000010000104000000000604000000000000", @ANYRES32=0x0, @ANYBLOB="400d0000001200003000128008000100687372002400028008000200", @ANYRES32=r1, @ANYBLOB="08000100", @ANYRES8=r0], 0x50}, 0x1, 0x0, 0x0, 0x40010}, 0x4008044)

790.122517ms ago: executing program 3 (id=1851):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f00000000c0)={'netpci0\x00', 0x400})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
ioctl$SIOCSIFHWADDR(r0, 0x8943, &(0x7f0000002280)={'nicvf0\x00'})

769.569484ms ago: executing program 4 (id=1852):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x22, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newlink={0x60, 0x10, 0x403, 0x300, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x20, 0x2, 0x0, 0x1, [@IFLA_VLAN_FLAGS={0xc, 0x2, {0x1a, 0x1f}}, @IFLA_VLAN_ID={0x6, 0x1, 0xffc}, @IFLA_VLAN_PROTOCOL={0x6, 0x5, 0x88a8}]}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x60}, 0x1, 0x0, 0x1800000000000000}, 0x8000)

731.956959ms ago: executing program 1 (id=1853):
socket$alg(0x26, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
r3 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={r1, r2, 0x5, 0x0, @void}, 0x10)
close(0x4)
close(r3)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x6, 0x8, 0x8}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000080), 0x8000, r5}, 0x38)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB='\t\x00\x00\x00', @ANYRES16, @ANYBLOB="050000000000000000000f00000008000300", @ANYRES32=r6, @ANYBLOB="31000e0080000000080211000000ffffffffffff0802110000000000000000000000000064000100710701010101000a0800000008000c006400000008000d000000000008007e00010000000800350007000000"], 0x70}}, 0x0)
r7 = socket$nl_crypto(0x10, 0x3, 0x15)
r8 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r8, 0xc004743e, &(0x7f0000000040))
ioctl$PPPIOCSACTIVE(r8, 0x40047459, &(0x7f0000000080)={0xfffffffffffffe43, 0x0})
sendmsg$netlink(r7, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000700)=ANY=[@ANYBLOB="e000000010000b0500000000000200006f6d8864d22a3f2ffaa46c88bcbd0000002b0e13e735a3184f1b3d6da2f1acfac0ee50d2b184b27db1f302de337c0004060000000000bf852c89867f6691b01b2d44e4ff282d2d2c"], 0xe0}], 0x1}, 0x0)

603.325789ms ago: executing program 2 (id=1854):
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'lo\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001f80)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000980)=@newqdisc={0x24, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r1, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xfff2}}}, 0x24}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000000c0)={'ip6_vti0\x00', &(0x7f0000000040)={'ip6_vti0\x00', 0x0, 0x29, 0x7, 0x3, 0x6, 0x24, @local, @loopback, 0x8, 0x7, 0x80, 0xf}})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r2, 0x89f0, &(0x7f00000006c0)={'sit0\x00', &(0x7f0000000100)={'gre0\x00', 0x0, 0x8, 0x8, 0x7, 0x7, {{0x5, 0x4, 0x3, 0x2e, 0x14, 0x66, 0x0, 0xd, 0x2b, 0x0, @empty, @empty}}}})
getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f00000003c0)={{{@in6=@private1, @in=@dev}}, {{@in6=@remote}, 0x0, @in=@private}}, &(0x7f00000001c0)=0xce)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="02090000020000020000000000000000"], 0x10}}, 0x80)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'geneve0\x00'})
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0200000004000000ff07000009"], 0x50)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0d000000ff0f0000040000000600000001000000", @ANYRES32=r5], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r6, <r7=>0xffffffffffffffff}, &(0x7f0000000840), &(0x7f0000000340)=r5}, 0x20)
close(0x3)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001900)=@bridge_delneigh={0x24, 0x1e, 0x1, 0x0, 0x0, {0x7}, [@NDA_VLAN={0x6, 0x5, 0x2}]}, 0x24}}, 0x0)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x7fff, r7}, 0x38)
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff)
socket(0x2a, 0x2, 0x0)
r9 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r9, 0x0, 0x84)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x78, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x6}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x9, 0x2, 0xffffffff, 0x0, 0xfea}, 0x43e, 0x0, 0x8, 0x7, 0x200, 0x4, 0x2, 0x0, 0x8, 0x51, {0x8, 0x6, 0x3, 0x6, 0x4, 0xe}}}}]}, 0x78}}, 0x20008001)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x48844)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000580)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffec}, {}, {0x8, 0xffe0}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_CLASSID={0x8, 0x1, {0x10, 0x4}}, @TCA_FLOWER_FLAGS={0x8, 0x16, 0x9}]}}]}, 0x44}}, 0x4000)
socket$netlink(0x10, 0x3, 0x0)

600.523133ms ago: executing program 0 (id=1855):
r0 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[@ANYRESDEC=r0], 0xfe33) (async)
r1 = socket$xdp(0x2c, 0x3, 0x0)
ioctl$SIOCGSTAMPNS(r1, 0x8907, &(0x7f0000000080)) (async)
setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f00000000c0)=0x100028, 0x4)

507.984968ms ago: executing program 4 (id=1856):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@newtaction={0xcc, 0x30, 0xffff, 0xfffffffe, 0x0, {}, [{0xb8, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x5, 0x0, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x6}}}]]}, {0x4}, {0xc}, {0xc}}}, @m_gact={0x48, 0x2, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x2b9, 0xf, 0x8, 0x289, 0xe3}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0xcc}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="4c00000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c00128009000100626f6e64000000001c0002800500010004002000080020"], 0x4c}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = accept$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000200)=0x14)
setsockopt$packet_drop_memb(r1, 0x107, 0x2, &(0x7f00000002c0)={0x0, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1f}}, 0x10)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000004000000000082295"], &(0x7f0000000040)='syzkaller\x00'}, 0x94)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r3, &(0x7f0000001b80)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f0000000180)={0x38, r4, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@ETHTOOL_A_FEATURES_WANTED={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0xa05f}]}, @ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_1\x00'}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x881}, 0x8000)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x1f4, 0xd50, 0x1000000, &(0x7f0000000100)="ff412f66b0833efc8864968781", 0x0, 0x300, 0x300, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe, 0x2}, 0x50)

300.598274ms ago: executing program 0 (id=1857):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x34, 0x1, 0x4, 0x301, 0x0, 0x0, {0x2, 0x0, 0x3}, [@NFULA_CFG_CMD={0x5, 0x1, 0x4}, @NFULA_CFG_FLAGS={0x6, 0x6, 0x1, 0x0, 0x6}, @NFULA_CFG_QTHRESH={0x8, 0x5, 0x1, 0x0, 0x100}, @NFULA_CFG_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x81}]}, 0x34}, 0x1, 0x0, 0x0, 0x4001}, 0x20000004)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000040)={0x118, 0x1f, 0x1, 0x0, 0x0, "", [@nested={0x105, 0x0, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0x4}, @generic="0926b3eb9e87f8c8b3a6caa09a1a38d124a173def80bde05b592a5f49cb8056fef80a90fc8c487e1b6004db5feaf0d98b43fc34265f6f01ce7fed79fa135fe637b9fdc8c89e7777e70aecc0b9c372af84eb990d7d32d6c563a42d4889ed3925ac319f32db2703ff85c5b143715d335c94f3fd06ba27da8f5fe0788f669730c4358c2be63e25072bf9e", @typed={0x8, 0x96, 0x0, 0x0, @fd=r1}, @nested={0x59, 0x7a, 0x0, 0x1, [@typed={0x8, 0x64, 0x0, 0x0, @fd}, @generic="741194f25eec40f4e2ba2a00d51d6b66e9d985c86f6af8d238212a3fde4b46e23817e54664da29c4693e5eb2b5492c0a116d51211a8c40bf30dcd91e7d481e5a467f1ef9da", @typed={0x8, 0x108, 0x0, 0x0, @u32=0x180000}]}, @typed={0x8, 0xc3, 0x0, 0x0, @fd}]}]}, 0x118}], 0x1, 0x0, 0x0, 0x20000080}, 0x0)

64.589706ms ago: executing program 0 (id=1858):
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x94173000)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000d80)={&(0x7f0000000000)=ANY=[@ANYBLOB="9beb01031800000000000000000000008000000002"], 0x0, 0x1a}, 0x28)
r1 = socket$kcm(0xa, 0x5, 0x0)
mmap(&(0x7f0000956000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0xcffc000)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x8916, &(0x7f0000000000)={r1})

63.966598ms ago: executing program 3 (id=1859):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x2b, 0x1, 0x1)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fc00000019000100000000000000000020010000000000000000000000000000ac14141500000000000000000000000000000005000000000a00200000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000ac00000000000000ff0f00000000000000000000000000000000000000000000ffffffffffffffffffffff7f0000000000000000000000000200000000000000000a00000000000000000000008040000000000000000008000000000000000001000000000000004400050000000000000000000000000000000000000004d23c00000000000000ffffffff0000000000000000000000000000000000030000490000000000000400000000"], 0xfc}}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000000c0)=ANY=[@ANYRESOCT=r1], 0xfc}}, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0)
connect$inet6(r1, &(0x7f00000004c0)={0xa, 0x4e20, 0x3ffe, @loopback, 0x8}, 0x1c)
r4 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r4, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0xffff, 0x2, 0x10, {0x2, 0x4e24, @loopback}}, 0x80, 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x200008c0)
sendmsg$kcm(r4, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x80, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0)
r5 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r5, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0xffff, 0x2, 0x10, {0x2, 0x4e24, @loopback}}, 0x80, 0x0, 0x0, &(0x7f0000000600)=ANY=[], 0x10b8}, 0x200008c0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup/syz1\x00', 0x1ff)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000000)=@newtaction={0xa0, 0x30, 0x9, 0x0, 0x0, {}, [{0x8c, 0x1, [@m_bpf={0x88, 0x1, 0x0, 0x0, {{0x8}, {0x60, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x7}, @TCA_ACT_BPF_OPS={0x3c, 0x4, [{0x60}, {0xffe4}, {0x3}, {}, {}, {}, {0x6}]}, @TCA_ACT_BPF_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa0}, 0x1, 0x0, 0x0, 0x4894}, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
close(0x4)
syz_open_procfs$namespace(0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbee7, 0x2ceee4b3076c858, 0xffffffffffffffff, 0x215eb000)
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r8, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6)
r9 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r9, 0x400448cb, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000480)=ANY=[@ANYBLOB="9feb01001800000000000000340000003400000003000000000000000000000300000000030000000200000000200000000000000000000105000008100000000100000000000012020000000061"], 0x0, 0x4f, 0x0, 0x0, 0x1}, 0x28)
r10 = openat$cgroup_ro(r7, &(0x7f0000000240)='cgroup.controllers\x00', 0x275a, 0x0)
write$cgroup_int(r10, &(0x7f0000000200)=0x1, 0x12)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="4400000010004b0400000000000000007a000000", @ANYRES32=0x0, @ANYBLOB="c19101e7a50c43000e2c00002400128009000100626f6e64000000ef13000280080007000500000005000600"], 0x44}, 0x1, 0x0, 0x0, 0x4000080}, 0x4000824)

0s ago: executing program 2 (id=1860):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f00000001c0)=ANY=[@ANYBLOB="8c00000013000500"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000014000300766c616e3000000000000000000000000800040000"], 0x8c}, 0x1, 0x0, 0x0, 0x65580000}, 0x0)

kernel console output (not intermixed with test programs):

me: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[   94.220348][ T6526] Call Trace:
[   94.220356][ T6526]  <TASK>
[   94.220363][ T6526]  dump_stack_lvl+0xe8/0x150
[   94.220390][ T6526]  should_fail_ex+0x412/0x560
[   94.220421][ T6526]  _copy_from_iter+0x1d3/0x1670
[   94.220448][ T6526]  ? rcu_is_watching+0x15/0xb0
[   94.220475][ T6526]  ? __pfx__copy_from_iter+0x10/0x10
[   94.220536][ T6526]  ? netlink_sendmsg+0x650/0xb40
[   94.220559][ T6526]  ? skb_put+0x11b/0x210
[   94.220587][ T6526]  netlink_sendmsg+0x6c0/0xb40
[   94.220619][ T6526]  ? __pfx_netlink_sendmsg+0x10/0x10
[   94.220645][ T6526]  ? aa_sock_msg_perm+0xf1/0x1b0
[   94.220667][ T6526]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[   94.220691][ T6526]  ____sys_sendmsg+0x972/0x9f0
[   94.220714][ T6526]  ? __might_fault+0xaf/0x130
[   94.220739][ T6526]  ? __pfx_____sys_sendmsg+0x10/0x10
[   94.220770][ T6526]  ? import_iovec+0x73/0xa0
[   94.220795][ T6526]  ___sys_sendmsg+0x2a5/0x360
[   94.220818][ T6526]  ? __lock_acquire+0x6b5/0x2cf0
[   94.220841][ T6526]  ? __pfx____sys_sendmsg+0x10/0x10
[   94.220900][ T6526]  ? __fget_files+0x2a/0x420
[   94.220920][ T6526]  ? __fget_files+0x3a0/0x420
[   94.220950][ T6526]  __x64_sys_sendmsg+0x1bd/0x2a0
[   94.220977][ T6526]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   94.221011][ T6526]  ? __pfx_ksys_write+0x10/0x10
[   94.221044][ T6526]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.221064][ T6526]  do_syscall_64+0x15f/0xf80
[   94.221081][ T6526]  ? trace_irq_disable+0x3b/0x140
[   94.221106][ T6526]  ? clear_bhb_loop+0x40/0x90
[   94.221126][ T6526]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.221143][ T6526] RIP: 0033:0x7f97cc99cdd9
[   94.221159][ T6526] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   94.221173][ T6526] RSP: 002b:00007f97cd815028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   94.221191][ T6526] RAX: ffffffffffffffda RBX: 00007f97ccc15fa0 RCX: 00007f97cc99cdd9
[   94.221204][ T6526] RDX: 0000000000000000 RSI: 00002000000004c0 RDI: 0000000000000003
[   94.221214][ T6526] RBP: 00007f97cd815090 R08: 0000000000000000 R09: 0000000000000000
[   94.221224][ T6526] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   94.221235][ T6526] R13: 00007f97ccc16038 R14: 00007f97ccc15fa0 R15: 00007ffd9dca7408
[   94.221260][ T6526]  </TASK>
[   94.728348][ T6536] netlink: 'syz.2.208': attribute type 1 has an invalid length.
[   94.912234][ T6539] netlink: 8 bytes leftover after parsing attributes in process `syz.2.208'.
[   95.627936][ T6516] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[   95.710208][ T6536] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[   95.742378][ T6544] netlink: 20 bytes leftover after parsing attributes in process `syz.4.210'.
[   95.845293][ T6547] netlink: 4 bytes leftover after parsing attributes in process `syz.1.212'.
[   95.878797][ T6549] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   96.493338][ T6571] netlink: 16 bytes leftover after parsing attributes in process `syz.2.222'.
[   96.577613][ T6575] netlink: 24 bytes leftover after parsing attributes in process `syz.1.225'.
[   96.589697][ T6576] netlink: 'syz.4.224': attribute type 1 has an invalid length.
[   96.643985][ T6576] 8021q: adding VLAN 0 to HW filter on device bond2
[   96.723599][ T6579] netlink: 16 bytes leftover after parsing attributes in process `syz.1.225'.
[   96.820132][ T6581] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   96.879852][ T6580] tipc: Disabling bearer <eth:syzkaller0>
[   96.970083][ T6576] bond2: (slave geneve3): making interface the new active one
[   96.997062][ T6576] bond2: (slave geneve3): Enslaving as an active interface with an up link
[   97.130098][ T6591] netlink: 4 bytes leftover after parsing attributes in process `syz.1.230'.
[   97.169513][ T6591] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   97.228309][ T6605] netlink: 32 bytes leftover after parsing attributes in process `syz.2.231'.
[   97.250273][ T6591] batman_adv: batadv0: Removing interface: batadv_slave_1
[   97.352001][ T6611] dvmrp1: tun_chr_ioctl cmd 1074025677
[   97.361305][ T6614] netlink: 28 bytes leftover after parsing attributes in process `syz.0.235'.
[   97.376017][ T6611] dvmrp1: linktype set to 804
[   97.633394][ T6619] syzkaller1: entered promiscuous mode
[   97.661413][ T6619] syzkaller1: entered allmulticast mode
[   98.097670][ T6645] : entered promiscuous mode
[   98.199733][ T6657] : renamed from veth0_to_bond (while UP)
[   98.635963][ T6674] gre0: entered promiscuous mode
[   98.666084][   T10] IPVS: starting estimator thread 0...
[   98.666856][ T6674] gre0: entered allmulticast mode
[   98.787224][ T6681] IPVS: using max 30 ests per chain, 72000 per kthread
[   99.182330][ T6705] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[   99.251109][ T6706] syzkaller0: entered promiscuous mode
[   99.259157][ T6706] syzkaller0: entered allmulticast mode
[   99.268604][ T6709] syzkaller0: entered promiscuous mode
[   99.274162][ T6709] syzkaller0: entered allmulticast mode
[   99.504801][ T6720] __nla_validate_parse: 7 callbacks suppressed
[   99.504817][ T6720] netlink: 16 bytes leftover after parsing attributes in process `syz.2.273'.
[   99.924817][ T6738] netlink: 'syz.1.280': attribute type 4 has an invalid length.
[   99.990821][ T6738] syzkaller0: entered promiscuous mode
[  100.012961][ T6738] syzkaller0: entered allmulticast mode
[  100.073977][ T6749] xt_TPROXY: Can be used only with -p tcp or -p udp
[  100.305702][ T6757] netlink: 24 bytes leftover after parsing attributes in process `syz.0.287'.
[  100.407100][ T6752] syzkaller0: entered promiscuous mode
[  100.421487][ T6752] syzkaller0: entered allmulticast mode
[  100.442474][ T6757] netlink: 'syz.0.287': attribute type 3 has an invalid length.
[  100.568609][ T6768] SET target dimension over the limit!
[  100.715634][ T6771] netlink: 'syz.4.292': attribute type 21 has an invalid length.
[  100.747086][ T6771] netlink: 132 bytes leftover after parsing attributes in process `syz.4.292'.
[  100.845670][ T6776] netlink: 9 bytes leftover after parsing attributes in process `syz.2.294'.
[  100.855727][ T6777] FAULT_INJECTION: forcing a failure.
[  100.855727][ T6777] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  100.870982][ T6776] netlink: 9 bytes leftover after parsing attributes in process `syz.2.294'.
[  100.886413][ T6777] CPU: 0 UID: 0 PID: 6777 Comm: syz.0.295 Not tainted syzkaller #0 PREEMPT(full) 
[  100.886436][ T6777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  100.886446][ T6777] Call Trace:
[  100.886454][ T6777]  <TASK>
[  100.886461][ T6777]  dump_stack_lvl+0xe8/0x150
[  100.886487][ T6777]  should_fail_ex+0x412/0x560
[  100.886511][ T6777]  _copy_to_user+0x31/0xb0
[  100.886541][ T6777]  simple_read_from_buffer+0xe1/0x170
[  100.886565][ T6777]  proc_fail_nth_read+0x1bb/0x230
[  100.886588][ T6777]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  100.886618][ T6777]  ? rw_verify_area+0x2a6/0x4d0
[  100.886638][ T6777]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  100.886661][ T6777]  vfs_read+0x20c/0xa70
[  100.886689][ T6777]  ? __pfx___mutex_lock+0x10/0x10
[  100.886708][ T6777]  ? __pfx_vfs_read+0x10/0x10
[  100.886733][ T6777]  ? __fget_files+0x2a/0x420
[  100.886758][ T6777]  ? __fget_files+0x3a0/0x420
[  100.886777][ T6777]  ? __fget_files+0x2a/0x420
[  100.886805][ T6777]  ksys_read+0x150/0x270
[  100.886831][ T6777]  ? __pfx_ksys_read+0x10/0x10
[  100.886860][ T6777]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.886879][ T6777]  do_syscall_64+0x15f/0xf80
[  100.886896][ T6777]  ? trace_irq_disable+0x3b/0x140
[  100.886920][ T6777]  ? clear_bhb_loop+0x40/0x90
[  100.886941][ T6777]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.886958][ T6777] RIP: 0033:0x7faa2955d60e
[  100.886974][ T6777] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  100.886988][ T6777] RSP: 002b:00007faa2a3aefe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  100.887005][ T6777] RAX: ffffffffffffffda RBX: 00007faa2a3af6c0 RCX: 00007faa2955d60e
[  100.887018][ T6777] RDX: 000000000000000f RSI: 00007faa2a3af0a0 RDI: 0000000000000004
[  100.887028][ T6777] RBP: 00007faa2a3af090 R08: 0000000000000000 R09: 0000000000000000
[  100.887039][ T6777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  100.887048][ T6777] R13: 00007faa29816038 R14: 00007faa29815fa0 R15: 00007ffdc5406018
[  100.887076][ T6777]  </TASK>
[  100.898963][ T6776] IPVS: set_ctl: invalid protocol: 47 224.0.0.2:20001
[  101.204784][ T6784] netlink: 20 bytes leftover after parsing attributes in process `syz.1.297'.
[  101.312134][ T6788] xt_TPROXY: Can be used only with -p tcp or -p udp
[  101.525333][ T6801] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.305'.
[  101.548829][ T6794] syzkaller0: entered promiscuous mode
[  101.564655][ T6794] syzkaller0: entered allmulticast mode
[  101.730825][ T6809] netlink: 'syz.4.306': attribute type 9 has an invalid length.
[  101.892284][ T6809] netlink: 'syz.4.306': attribute type 3 has an invalid length.
[  101.935146][ T6809] netlink: 'syz.4.306': attribute type 3 has an invalid length.
[  102.120914][ T6812] syzkaller1: left promiscuous mode
[  102.134785][ T6812] syzkaller1: left allmulticast mode
[  102.306135][ T6816] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.499401][ T6816] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.613873][ T6827] netlink: 20 bytes leftover after parsing attributes in process `syz.2.315'.
[  102.802808][ T6816] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.862020][ T6844] netlink: 32 bytes leftover after parsing attributes in process `syz.4.321'.
[  103.029240][ T6816] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.068810][ T6852] netlink: 'syz.0.324': attribute type 1 has an invalid length.
[  103.131685][ T6846] netlink: 16 bytes leftover after parsing attributes in process `syz.3.322'.
[  103.241558][ T6852] 8021q: adding VLAN 0 to HW filter on device bond3
[  103.533474][ T6875] netlink: 'syz.4.330': attribute type 9 has an invalid length.
[  104.797406][ T6875] netlink: 'syz.4.330': attribute type 3 has an invalid length.
[  104.806039][ T6875] netlink: 'syz.4.330': attribute type 3 has an invalid length.
[  104.984892][ T3292] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  105.040015][ T6896] xt_cgroup: xt_cgroup: no path or classid specified
[  105.096339][ T3370] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  105.170422][  T770] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  105.274543][ T6907] netlink: 20 bytes leftover after parsing attributes in process `syz.2.337'.
[  105.318016][ T3370] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  105.534728][ T6919] netlink: 'syz.0.340': attribute type 1 has an invalid length.
[  105.696144][ T6907] netlink: 12 bytes leftover after parsing attributes in process `syz.2.337'.
[  105.728001][ T6919] 8021q: adding VLAN 0 to HW filter on device bond4
[  106.019324][ T6928] syzkaller0: entered promiscuous mode
[  106.057403][ T6928] syzkaller0: entered allmulticast mode
[  106.331690][ T5648] udevd[5648]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  106.364580][ T5654] udevd[5654]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  106.817449][ T6969] netlink: 8 bytes leftover after parsing attributes in process `syz.0.348'.
[  106.852729][ T6969] unsupported nla_type 216
[  107.149948][ T6983] netlink: 200 bytes leftover after parsing attributes in process `syz.4.352'.
[  107.176460][ T6983] netlink: 4 bytes leftover after parsing attributes in process `syz.4.352'.
[  107.607257][ T6996] netlink: 8 bytes leftover after parsing attributes in process `syz.2.356'.
[  107.646437][ T6998] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.654134][ T6998] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.889384][ T6998] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  107.902624][ T6998] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  108.186159][ T7036] netlink: 16 bytes leftover after parsing attributes in process `syz.4.360'.
[  108.252615][ T3292] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  108.277758][ T3292] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  108.297208][ T3292] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  108.323220][ T3292] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  108.347413][ T3292] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  108.371798][ T3292] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  108.400674][ T3292] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  108.427259][ T3292] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  108.558515][ T7041] netlink: 200 bytes leftover after parsing attributes in process `syz.3.362'.
[  108.586209][ T7041] netlink: 4 bytes leftover after parsing attributes in process `syz.3.362'.
[  108.914625][ T7053] netlink: 'syz.3.368': attribute type 32 has an invalid length.
[  108.947299][ T7053] netlink: 8 bytes leftover after parsing attributes in process `syz.3.368'.
[  109.165334][ T7053] bond1: option coupled_control: invalid value (12)
[  109.172326][   T48] tipc: Subscription rejected, illegal request
[  109.187821][ T7053] bond1 (unregistering): Released all slaves
[  109.491061][ T7077] netlink: 'syz.3.376': attribute type 1 has an invalid length.
[  109.521967][ T7077] netlink: 'syz.3.376': attribute type 1 has an invalid length.
[  109.604318][ T7080] syzkaller0: entered promiscuous mode
[  109.624293][ T7080] syzkaller0: entered allmulticast mode
[  109.715317][ T7085] geneve4: entered promiscuous mode
[  109.899890][ T7090] bond1: option lacp_rate: invalid value (128)
[  109.940942][ T7090] bond1 (unregistering): Released all slaves
[  110.070265][ T7105] netlink: 'syz.3.383': attribute type 10 has an invalid length.
[  110.154939][ T7109] SET target dimension over the limit!
[  110.175472][ T7105] team0: Port device dummy0 added
[  110.220484][ T7104] veth0: entered promiscuous mode
[  110.271218][ T7104] bond0: entered promiscuous mode
[  110.286157][ T7104] bond_slave_0: entered promiscuous mode
[  110.308692][ T7104] bond_slave_1: entered promiscuous mode
[  110.613530][ T7096] bond0: left promiscuous mode
[  110.628818][ T7096] bond_slave_0: left promiscuous mode
[  110.648787][ T7096] bond_slave_1: left promiscuous mode
[  110.664301][ T7096] veth0: left promiscuous mode
[  110.788491][ T7134] netlink: 'syz.2.395': attribute type 21 has an invalid length.
[  110.816105][ T7134] __nla_validate_parse: 7 callbacks suppressed
[  110.816121][ T7134] netlink: 168 bytes leftover after parsing attributes in process `syz.2.395'.
[  110.841234][ T7137] netlink: 'syz.1.397': attribute type 10 has an invalid length.
[  110.895431][ T7137] team0: Port device dummy0 added
[  110.902550][ T7137] netlink: 'syz.1.397': attribute type 10 has an invalid length.
[  110.930342][ T7137] team0: Port device dummy0 removed
[  110.965636][ T7137] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  111.302048][ T7154] netlink: 56 bytes leftover after parsing attributes in process `syz.4.404'.
[  111.360767][ T7156] netlink: 80 bytes leftover after parsing attributes in process `syz.3.405'.
[  111.799013][ T7175] netlink: 12 bytes leftover after parsing attributes in process `syz.4.411'.
[  112.062267][ T7186] netlink: 'syz.1.414': attribute type 9 has an invalid length.
[  112.138391][ T7183] veth3: entered allmulticast mode
[  112.169130][ T7183] bond3: (slave veth3): Enslaving as an active interface with an up link
[  112.192400][ T7186] netlink: 'syz.1.414': attribute type 3 has an invalid length.
[  112.218036][ T7186] netlink: 'syz.1.414': attribute type 3 has an invalid length.
[  112.249471][ T7188] bond3 (unregistering): (slave veth3): Releasing backup interface
[  112.293291][ T7188] bond3 (unregistering): Released all slaves
[  112.518006][ T7209] geneve2: entered promiscuous mode
[  112.889730][ T7230] netlink: 8 bytes leftover after parsing attributes in process `syz.0.428'.
[  112.937750][ T7234] netlink: 200 bytes leftover after parsing attributes in process `syz.3.429'.
[  112.960102][ T7234] netlink: 4 bytes leftover after parsing attributes in process `syz.3.429'.
[  113.047596][ T7236] netlink: 32 bytes leftover after parsing attributes in process `syz.4.430'.
[  113.316261][ T7247] netlink: 'syz.2.435': attribute type 1 has an invalid length.
[  113.333378][ T7247] netlink: 88 bytes leftover after parsing attributes in process `syz.2.435'.
[  113.343269][ T7247] netlink: 1 bytes leftover after parsing attributes in process `syz.2.435'.
[  113.355364][ T7247] netlink: 'syz.2.435': attribute type 1 has an invalid length.
[  113.743342][ T7270] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  113.751263][    T9] team_slave_0: entered promiscuous mode
[  113.758003][    T9] team_slave_1: entered promiscuous mode
[  113.797589][ T7277] raw_sendmsg: syz.4.444 forgot to set AF_INET. Fix it!
[  114.090806][ T7282] netlink: 'syz.2.449': attribute type 1 has an invalid length.
[  114.246871][ T7291] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  114.289956][ T7291] bond1: (slave vxcan3): Error -95 calling set_mac_address
[  114.415002][ T7292] vlan2: entered promiscuous mode
[  114.430555][ T7292] gretap0: entered promiscuous mode
[  114.513290][ T7282] bond1: (slave gretap1): making interface the new active one
[  114.524864][ T7282] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  114.541202][ T7300] macvlan2: entered promiscuous mode
[  114.546707][ T7300] macvlan2: entered allmulticast mode
[  115.134039][ T7321] SET target dimension over the limit!
[  115.851490][ T7352] netlink: 'syz.3.468': attribute type 32 has an invalid length.
[  115.861729][ T7352] __nla_validate_parse: 8 callbacks suppressed
[  115.861745][ T7352] netlink: 8 bytes leftover after parsing attributes in process `syz.3.468'.
[  115.933513][ T7359] netlink: 20 bytes leftover after parsing attributes in process `syz.2.470'.
[  115.970957][ T7352] bond1: option coupled_control: invalid value (12)
[  115.990559][ T7352] bond1 (unregistering): Released all slaves
[  116.216422][ T7370] geneve2: entered promiscuous mode
[  116.260500][ T3292] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  116.304920][ T3292] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  116.349967][ T3292] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  116.396747][ T3292] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  116.512489][ T7386] netlink: 8 bytes leftover after parsing attributes in process `syz.4.478'.
[  116.585524][ T7389] netlink: 'syz.3.475': attribute type 2 has an invalid length.
[  116.687785][ T7386] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.733552][ T7399] netlink: 'syz.2.481': attribute type 1 has an invalid length.
[  116.806477][ T7391] bridge0: entered allmulticast mode
[  116.820358][ T7397] pim6reg: entered allmulticast mode
[  116.896836][ T7401] pim6reg: left allmulticast mode
[  116.908033][ T7401] bridge0: left allmulticast mode
[  116.959608][ T7403] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address
[  116.970448][ T7403] bond2: (slave vxcan3): Error -95 calling set_mac_address
[  117.049948][ T7386] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.180132][ T7386] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.328799][ T7386] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.549961][ T3370] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  117.609674][ T7435] netlink: 4 bytes leftover after parsing attributes in process `syz.1.489'.
[  117.629903][ T3370] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  117.658801][ T3292] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  117.706776][  T773] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  117.775833][ T7440] netlink: 80 bytes leftover after parsing attributes in process `syz.0.492'.
[  117.861091][ T7446] tipc: Started in network mode
[  117.866231][ T7446] tipc: Node identity 4000000000000000120000400000002e, cluster identity 4711
[  117.876209][ T7446] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  117.982455][ T7453] netlink: 20 bytes leftover after parsing attributes in process `syz.0.497'.
[  118.100583][ T7458] netlink: 16 bytes leftover after parsing attributes in process `syz.0.500'.
[  118.352437][ T7466] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  118.374682][ T7463] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  118.462917][ T7473] netlink: 32 bytes leftover after parsing attributes in process `syz.2.504'.
[  118.578416][ T7476] netlink: 'syz.0.506': attribute type 32 has an invalid length.
[  118.589379][ T7476] netlink: 8 bytes leftover after parsing attributes in process `syz.0.506'.
[  118.734914][ T7484] xt_cgroup: xt_cgroup: no path or classid specified
[  118.876780][ T7476] bond5: option coupled_control: invalid value (12)
[  118.930758][ T7476] bond5 (unregistering): Released all slaves
[  118.953077][ T7493] netlink: 'syz.2.508': attribute type 9 has an invalid length.
[  119.060772][ T7494] geneve2: entered promiscuous mode
[  119.083340][ T7493] netlink: 'syz.2.508': attribute type 3 has an invalid length.
[  119.100435][ T7493] netlink: 'syz.2.508': attribute type 3 has an invalid length.
[  119.255822][ T7507] netlink: 20 bytes leftover after parsing attributes in process `syz.1.516'.
[  120.418236][ T7552] 8021q: adding VLAN 0 to HW filter on device bond0
[  120.433513][ T7552] 8021q: adding VLAN 0 to HW filter on device team0
[  120.472626][ T7552] 8021q: adding VLAN 0 to HW filter on device batadv0
[  120.548430][ T7552] batman_adv: batadv0: Interface activated: batadv_slave_0
[  120.559067][ T7552] batman_adv: batadv0: Interface activated: batadv_slave_1
[  120.573910][ T7552] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  120.584560][ T7552] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  120.600214][ T7552] veth1_vlan: left promiscuous mode
[  120.608266][ T7552] veth0_vlan: left promiscuous mode
[  120.614673][ T7552] veth0_vlan: entered promiscuous mode
[  120.623596][ T7552] veth1_vlan: entered promiscuous mode
[  120.633251][ T7552] veth1_macvtap: left promiscuous mode
[  120.643387][ T7552] veth0_macvtap: left promiscuous mode
[  120.650911][ T7552] veth0_macvtap: entered promiscuous mode
[  120.663396][ T7552] veth1_macvtap: entered promiscuous mode
[  120.690113][ T7552] 8021q: adding VLAN 0 to HW filter on device bond1
[  120.703322][ T7552] bond1: entered promiscuous mode
[  120.708604][ T7552] gretap1: entered promiscuous mode
[  120.715761][ T7552] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  120.728917][ T7552] 8021q: adding VLAN 0 to HW filter on device bond2
[  120.739285][ T7552] 8021q: adding VLAN 0 to HW filter on device eth0
[  120.749315][ T7552] 8021q: adding VLAN 0 to HW filter on device eth1
[  120.777540][ T7552] 8021q: adding VLAN 0 to HW filter on device eth2
[  120.794137][ T7552] 8021q: adding VLAN 0 to HW filter on device eth3
[  120.813672][ T7557] syzkaller1: entered promiscuous mode
[  120.819778][ T7557] syzkaller1: entered allmulticast mode
[  120.842955][  T773] bridge0: port 1(bridge_slave_0) entered blocking state
[  120.850171][  T773] bridge0: port 1(bridge_slave_0) entered forwarding state
[  120.877750][  T773] bridge0: port 2(bridge_slave_1) entered blocking state
[  120.884925][  T773] bridge0: port 2(bridge_slave_1) entered forwarding state
[  120.968099][ T3370] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  121.000911][ T3370] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  121.023620][ T3370] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  121.039004][ T3370] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  121.315578][ T7576] tipc: Started in network mode
[  121.336678][ T7576] tipc: Node identity 4000120000000000000000400000002e, cluster identity 4711
[  121.363142][ T7581] xt_cgroup: xt_cgroup: no path or classid specified
[  121.368843][ T7576] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  121.682580][ T7593] netlink: 'syz.1.539': attribute type 1 has an invalid length.
[  121.727629][ T7593] __nla_validate_parse: 2 callbacks suppressed
[  121.727647][ T7593] netlink: 88 bytes leftover after parsing attributes in process `syz.1.539'.
[  121.790677][ T7593] netlink: 1 bytes leftover after parsing attributes in process `syz.1.539'.
[  121.835265][ T7593] netlink: 'syz.1.539': attribute type 1 has an invalid length.
[  121.875484][ T7593] netlink: 634 bytes leftover after parsing attributes in process `syz.1.539'.
[  121.925956][ T7604] netlink: 'syz.0.544': attribute type 32 has an invalid length.
[  121.936877][ T7604] netlink: 8 bytes leftover after parsing attributes in process `syz.0.544'.
[  121.960903][ T7600] syz_tun: entered allmulticast mode
[  122.042862][ T7604] bond5: option coupled_control: invalid value (12)
[  122.068278][ T7604] bond5 (unregistering): Released all slaves
[  122.190480][ T7600] syz_tun: left allmulticast mode
[  122.341757][ T7618] netlink: 'syz.2.549': attribute type 1 has an invalid length.
[  122.537072][ T7629] netlink: 'syz.1.553': attribute type 83 has an invalid length.
[  122.542966][ T7618] 8021q: adding VLAN 0 to HW filter on device bond3
[  122.560119][ T7629] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  122.616652][ T7622] bond0: (slave wlan0): Error: Device can not be enslaved while up
[  122.870276][ T7638] netlink: 16 bytes leftover after parsing attributes in process `syz.0.556'.
[  122.881563][ T7625] bond3: (slave geneve3): making interface the new active one
[  122.899770][ T7625] bond3: (slave geneve3): Enslaving as an active interface with an up link
[  123.190243][ T7649] netlink: 8 bytes leftover after parsing attributes in process `syz.0.559'.
[  123.620964][ T7664] netlink: 'syz.4.565': attribute type 3 has an invalid length.
[  123.625831][ T7656] geneve4: entered promiscuous mode
[  123.645565][ T7664] netlink: 'syz.4.565': attribute type 1 has an invalid length.
[  123.661959][ T7664] netlink: 224 bytes leftover after parsing attributes in process `syz.4.565'.
[  123.718936][ T7623] netlink: 3 bytes leftover after parsing attributes in process `syz.3.551'.
[  123.745939][ T7623] netlink: 4 bytes leftover after parsing attributes in process `syz.3.551'.
[  123.767475][ T7668] netlink: 14 bytes leftover after parsing attributes in process `syz.4.565'.
[  123.873985][ T7668] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  123.899997][ T7668] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  123.912474][ T7668] bond0 (unregistering): Released all slaves
[  123.945517][ T7675] syzkaller1: left promiscuous mode
[  123.958488][ T7675] syzkaller1: left allmulticast mode
[  124.596355][ T7699] SET target dimension over the limit!
[  124.714223][ T7704] netlink: 'syz.1.576': attribute type 1 has an invalid length.
[  124.759460][ T7704] netlink: 'syz.1.576': attribute type 1 has an invalid length.
[  124.891317][ T7708] syzkaller1: entered promiscuous mode
[  124.929313][ T7708] syzkaller1: entered allmulticast mode
[  125.428025][ T7721] geneve2: entered promiscuous mode
[  125.544980][   T30] audit: type=1800 audit(1778448332.267:2): pid=7724 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.582" name="memory.events" dev="tmpfs" ino=570 res=0 errno=0
[  125.710223][ T7728] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  125.732882][ T7728] bridge0: port 2(bridge_slave_1) entered disabled state
[  125.741896][ T7728] bridge0: port 1(bridge_slave_0) entered disabled state
[  127.026537][ T7769] __nla_validate_parse: 12 callbacks suppressed
[  127.026554][ T7769] netlink: 5 bytes leftover after parsing attributes in process `syz.2.595'.
[  127.046875][ T7773] netlink: 'syz.3.597': attribute type 21 has an invalid length.
[  127.047206][ T7769] netlink: 12 bytes leftover after parsing attributes in process `syz.2.595'.
[  127.064883][ T7773] IPv6: NLM_F_CREATE should be specified when creating new route
[  127.121758][ T7773] netlink: 16 bytes leftover after parsing attributes in process `syz.3.597'.
[  127.187825][ T7773] : entered promiscuous mode
[  127.192680][ T7769] netlink: 'syz.2.595': attribute type 49 has an invalid length.
[  127.398504][ T7769] ip6gretap0: entered promiscuous mode
[  127.421180][ T7769] ip6gretap0: entered allmulticast mode
[  127.714192][ T7795] netlink: 'syz.4.605': attribute type 3 has an invalid length.
[  128.079446][ T7805] netlink: 16 bytes leftover after parsing attributes in process `syz.3.607'.
[  128.321832][ T7812] netlink: 8 bytes leftover after parsing attributes in process `syz.2.610'.
[  128.457955][ T7820] netlink: 'syz.0.612': attribute type 10 has an invalid length.
[  128.484815][ T7821] netlink: 52 bytes leftover after parsing attributes in process `syz.2.610'.
[  128.556705][ T7820] team0: Port device dummy0 added
[  128.617890][ T7828] netlink: 'syz.0.612': attribute type 10 has an invalid length.
[  128.756230][ T7828] team0: Port device dummy0 removed
[  128.856354][ T7828] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  129.209887][ T7824] nbd0: detected capacity change from 0 to 63
[  129.276907][ T4949] block nbd0: Receive control failed (result -32)
[  129.284269][ T5633] block nbd0: Receive control failed (result -32)
[  129.298404][ T7846] netlink: 16 bytes leftover after parsing attributes in process `syz.3.617'.
[  129.302271][ T5654] block nbd0: Send control failed (result -32)
[  129.315318][ T7845] netlink: 8 bytes leftover after parsing attributes in process `syz.1.614'.
[  129.324567][ T5654] block nbd0: Request send failed, requeueing
[  129.341960][ T4964] block nbd0: Dead connection, failed to find a fallback
[  129.350063][ T4964] block nbd0: shutting down sockets
[  129.356320][ T4964] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  129.366667][ T4964] Buffer I/O error on dev nbd0, logical block 0, async page read
[  129.397198][ T7847] FAULT_INJECTION: forcing a failure.
[  129.397198][ T7847] name failslab, interval 1, probability 0, space 0, times 0
[  129.417157][ T5654] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  129.459680][ T7847] CPU: 1 UID: 0 PID: 7847 Comm: syz.1.614 Not tainted syzkaller #0 PREEMPT(full) 
[  129.459706][ T7847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  129.459717][ T7847] Call Trace:
[  129.459723][ T7847]  <TASK>
[  129.459730][ T7847]  dump_stack_lvl+0xe8/0x150
[  129.459769][ T7847]  should_fail_ex+0x412/0x560
[  129.459798][ T7847]  should_failslab+0xa8/0x100
[  129.459824][ T7847]  ? skb_clone+0x212/0x3a0
[  129.459841][ T7847]  kmem_cache_alloc_noprof+0x87/0x650
[  129.459867][ T7847]  ? irqentry_exit+0x218/0x730
[  129.459888][ T7847]  skb_clone+0x212/0x3a0
[  129.459906][ T7847]  __netlink_deliver_tap+0x404/0x850
[  129.459943][ T7847]  ? netlink_deliver_tap+0x2e/0x1b0
[  129.459970][ T7847]  netlink_deliver_tap+0x19c/0x1b0
[  129.460002][ T7847]  netlink_unicast+0x730/0x8e0
[  129.460035][ T7847]  netlink_sendmsg+0x813/0xb40
[  129.460068][ T7847]  ? __pfx_netlink_sendmsg+0x10/0x10
[  129.460096][ T7847]  ? aa_sock_msg_perm+0xf1/0x1b0
[  129.460122][ T7847]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  129.460149][ T7847]  ____sys_sendmsg+0x972/0x9f0
[  129.460175][ T7847]  ? __might_fault+0xaf/0x130
[  129.460202][ T7847]  ? __pfx_____sys_sendmsg+0x10/0x10
[  129.460237][ T7847]  ? import_iovec+0x73/0xa0
[  129.460265][ T7847]  ___sys_sendmsg+0x2a5/0x360
[  129.460289][ T7847]  ? __lock_acquire+0x6b5/0x2cf0
[  129.460313][ T7847]  ? __pfx____sys_sendmsg+0x10/0x10
[  129.460372][ T7847]  ? __fget_files+0x2a/0x420
[  129.460392][ T7847]  ? __fget_files+0x3a0/0x420
[  129.460422][ T7847]  __x64_sys_sendmsg+0x1bd/0x2a0
[  129.460450][ T7847]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  129.460486][ T7847]  ? __pfx_ksys_write+0x10/0x10
[  129.460518][ T7847]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.460538][ T7847]  do_syscall_64+0x15f/0xf80
[  129.460554][ T7847]  ? trace_irq_disable+0x3b/0x140
[  129.460579][ T7847]  ? clear_bhb_loop+0x40/0x90
[  129.460600][ T7847]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.460618][ T7847] RIP: 0033:0x7f68f239cdd9
[  129.460640][ T7847] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  129.460654][ T7847] RSP: 002b:00007f68f05d5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  129.460680][ T7847] RAX: ffffffffffffffda RBX: 00007f68f2616090 RCX: 00007f68f239cdd9
[  129.460692][ T7847] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000004
[  129.460703][ T7847] RBP: 00007f68f05d5090 R08: 0000000000000000 R09: 0000000000000000
[  129.460713][ T7847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  129.460723][ T7847] R13: 00007f68f2616128 R14: 00007f68f2616090 R15: 00007fff48d86e18
[  129.460752][ T7847]  </TASK>
[  129.460771][ T7847] netlink: 4 bytes leftover after parsing attributes in process `syz.1.614'.
[  129.605673][ T5654] Buffer I/O error on dev nbd0, logical block 1, async page read
[  129.817559][ T5654] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  129.827314][ T5654] Buffer I/O error on dev nbd0, logical block 2, async page read
[  129.840995][ T7854] netlink: 'syz.0.621': attribute type 1 has an invalid length.
[  129.843231][ T5654] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  129.860019][ T5654] Buffer I/O error on dev nbd0, logical block 3, async page read
[  129.875253][ T5654] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  129.894791][ T5654] Buffer I/O error on dev nbd0, logical block 0, async page read
[  129.913372][ T5654] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  129.952967][ T5654] Buffer I/O error on dev nbd0, logical block 1, async page read
[  130.009751][ T5654] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  130.045299][ T5654] Buffer I/O error on dev nbd0, logical block 2, async page read
[  130.054347][ T5654] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  130.065373][ T5654] Buffer I/O error on dev nbd0, logical block 3, async page read
[  130.074830][ T5654] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  130.085712][ T5654] Buffer I/O error on dev nbd0, logical block 0, async page read
[  130.096254][ T5654] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  130.106489][ T5654] Buffer I/O error on dev nbd0, logical block 1, async page read
[  130.120904][ T5654] ldm_validate_partition_table(): Disk read failed.
[  130.124113][ T7864] netlink: 8 bytes leftover after parsing attributes in process `syz.4.622'.
[  130.133225][ T5654] Dev nbd0: unable to read RDB block 0
[  130.147903][ T5654]  nbd0: unable to read partition table
[  130.172180][ T5654] ldm_validate_partition_table(): Disk read failed.
[  130.183430][ T5654] Dev nbd0: unable to read RDB block 0
[  130.190688][ T7854] 8021q: adding VLAN 0 to HW filter on device bond5
[  130.211873][ T5654]  nbd0: unable to read partition table
[  130.402912][ T7854] bond5: (slave geneve3): making interface the new active one
[  130.444496][ T7854] bond5: (slave geneve3): Enslaving as an active interface with an up link
[  130.890469][ T7881] xt_TPROXY: Can be used only with -p tcp or -p udp
[  131.114618][ T7890] netlink: 'syz.2.630': attribute type 1 has an invalid length.
[  131.135301][ T7890] netlink: 'syz.2.630': attribute type 3 has an invalid length.
[  132.121293][ T7933] __nla_validate_parse: 9 callbacks suppressed
[  132.121311][ T7933] netlink: 20 bytes leftover after parsing attributes in process `syz.3.640'.
[  132.201275][ T7936] netlink: 'syz.1.641': attribute type 32 has an invalid length.
[  132.215850][ T7937] netlink: 8 bytes leftover after parsing attributes in process `syz.2.643'.
[  132.239360][ T7936] netlink: 8 bytes leftover after parsing attributes in process `syz.1.641'.
[  132.361064][ T7941] netlink: 34 bytes leftover after parsing attributes in process `syz.4.644'.
[  132.414114][ T7936] bond1: option coupled_control: invalid value (12)
[  132.474142][ T7936] bond1 (unregistering): Released all slaves
[  132.498939][ T7951] netlink: 4 bytes leftover after parsing attributes in process `syz.4.644'.
[  132.513207][ T7952] netlink: 28 bytes leftover after parsing attributes in process `syz.3.646'.
[  132.728391][ T7950] batman_adv: batadv0: Adding interface: gretap3
[  132.774955][ T1317] ieee802154 phy0 wpan0: encryption failed: -22
[  132.783904][ T1317] ieee802154 phy1 wpan1: encryption failed: -22
[  132.784622][ T3292] nci: nci_extract_activation_params_iso_dep: unsupported activation_rf_tech_and_mode 0x2
[  132.794164][ T7950] batman_adv: batadv0: The MTU of interface gretap3 is too small (1382) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1500.
[  132.826553][ T7950] batman_adv: batadv0: Interface activated: gretap3
[  133.465469][ T7972] netlink: 'syz.0.652': attribute type 1 has an invalid length.
[  133.477436][ T7973] SET target dimension over the limit!
[  133.656611][ T7976] bond7: (slave vxcan3): The slave device specified does not support setting the MAC address
[  133.715963][ T7976] bond7: (slave vxcan3): Error -95 calling set_mac_address
[  133.725984][ T7984] netlink: 8 bytes leftover after parsing attributes in process `syz.0.652'.
[  133.843165][ T7984] macvlan3: entered promiscuous mode
[  133.849254][ T7984] macvlan3: entered allmulticast mode
[  134.050348][ T7989] netlink: 20 bytes leftover after parsing attributes in process `syz.3.658'.
[  135.374168][ T8024] syzkaller1: entered promiscuous mode
[  135.410775][ T8024] syzkaller1: entered allmulticast mode
[  135.717993][ T8035] netlink: 44 bytes leftover after parsing attributes in process `syz.0.673'.
[  135.815728][ T8039] netlink: 20 bytes leftover after parsing attributes in process `syz.2.675'.
[  136.159776][ T8050] netlink: 'syz.2.679': attribute type 32 has an invalid length.
[  136.377458][ T8050] bond4: option coupled_control: invalid value (12)
[  136.400022][ T8050] bond4 (unregistering): Released all slaves
[  136.508270][ T8055] gtp1: entered promiscuous mode
[  136.522207][ T8055] gtp1: entered allmulticast mode
[  136.947884][ T8076] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  138.440790][ T8116] __nla_validate_parse: 3 callbacks suppressed
[  138.440810][ T8116] netlink: 16 bytes leftover after parsing attributes in process `syz.2.705'.
[  138.523753][ T8114] netlink: 'syz.0.704': attribute type 1 has an invalid length.
[  138.555450][ T8114] netlink: 88 bytes leftover after parsing attributes in process `syz.0.704'.
[  138.581466][ T8114] netlink: 1 bytes leftover after parsing attributes in process `syz.0.704'.
[  138.631731][ T8114] netlink: 'syz.0.704': attribute type 1 has an invalid length.
[  138.669445][ T8114] netlink: 634 bytes leftover after parsing attributes in process `syz.0.704'.
[  139.018092][ T8129] netlink: 34 bytes leftover after parsing attributes in process `syz.0.712'.
[  139.031985][ T8129] netlink: 4 bytes leftover after parsing attributes in process `syz.0.712'.
[  139.257591][ T8136] netlink: 'syz.3.713': attribute type 32 has an invalid length.
[  139.266178][ T8136] netlink: 8 bytes leftover after parsing attributes in process `syz.3.713'.
[  139.340874][ T8136] bond2: option coupled_control: invalid value (12)
[  139.360966][ T8136] bond2 (unregistering): Released all slaves
[  139.867334][ T7941] Set syz1 is full, maxelem 65536 reached
[  139.873310][ T8113] SET target dimension over the limit!
[  139.960973][ T8153] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  140.436324][ T8170] netlink: 8 bytes leftover after parsing attributes in process `syz.3.724'.
[  140.515800][ T8172] xt_TPROXY: Can be used only with -p tcp or -p udp
[  140.562471][ T8174] netlink: 36 bytes leftover after parsing attributes in process `syz.4.723'.
[  140.917744][ T8188] netlink: 8 bytes leftover after parsing attributes in process `syz.2.728'.
[  143.776405][ T8296] __nla_validate_parse: 7 callbacks suppressed
[  143.776422][ T8296] netlink: 8 bytes leftover after parsing attributes in process `syz.4.742'.
[  144.970948][ T8328] sctp: [Deprecated]: syz.3.751 (pid 8328) Use of struct sctp_assoc_value in delayed_ack socket option.
[  144.970948][ T8328] Use struct sctp_sack_info instead
[  145.234750][ T8333] xt_TPROXY: Can be used only with -p tcp or -p udp
[  145.474026][ T8337] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.834252][ T8337] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.935343][ T8337] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.294105][ T8337] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.444702][ T8237] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  146.481904][ T8237] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  146.505862][ T8237] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  146.530483][ T8237] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  146.714198][ T8366] netlink: 56 bytes leftover after parsing attributes in process `syz.2.763'.
[  147.723251][ T8376] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  148.289704][ T8382] netlink: 56 bytes leftover after parsing attributes in process `syz.4.767'.
[  149.384933][ T8133] Set syz1 is full, maxelem 65536 reached
[  149.826114][ T8399] netlink: 'syz.0.773': attribute type 1 has an invalid length.
[  149.841102][ T8401] xt_cgroup: xt_cgroup: no path or classid specified
[  149.899803][ T8399] bond8: (slave vxcan3): The slave device specified does not support setting the MAC address
[  149.911088][ T8399] bond8: (slave vxcan3): Error -95 calling set_mac_address
[  150.002008][ T8199] Set syz1 is full, maxelem 65536 reached
[  150.016975][ T8399] netlink: 8 bytes leftover after parsing attributes in process `syz.0.773'.
[  150.091567][ T8399] macvlan4: entered promiscuous mode
[  150.097163][ T8399] macvlan4: entered allmulticast mode
[  150.226847][ T8406] syzkaller0: entered promiscuous mode
[  150.245100][ T8406] syzkaller0: entered allmulticast mode
[  150.310051][ T8405] FAULT_INJECTION: forcing a failure.
[  150.310051][ T8405] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  150.367085][ T8408] netlink: 'syz.1.776': attribute type 1 has an invalid length.
[  150.378115][ T8405] CPU: 1 UID: 0 PID: 8405 Comm: syz.4.775 Not tainted syzkaller #0 PREEMPT(full) 
[  150.378140][ T8405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  150.378150][ T8405] Call Trace:
[  150.378157][ T8405]  <TASK>
[  150.378164][ T8405]  dump_stack_lvl+0xe8/0x150
[  150.378190][ T8405]  should_fail_ex+0x412/0x560
[  150.378218][ T8405]  _copy_from_user+0x2d/0xb0
[  150.378245][ T8405]  __sys_sendto+0x2b0/0x710
[  150.378272][ T8405]  ? __pfx___sys_sendto+0x10/0x10
[  150.378293][ T8405]  ? __mutex_unlock_slowpath+0x1be/0x6f0
[  150.378323][ T8405]  ? __fget_files+0x3a0/0x420
[  150.378353][ T8405]  ? ksys_write+0x242/0x270
[  150.378380][ T8405]  ? __pfx_ksys_write+0x10/0x10
[  150.378407][ T8405]  __x64_sys_sendto+0xde/0x100
[  150.378431][ T8405]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.378450][ T8405]  do_syscall_64+0x15f/0xf80
[  150.378466][ T8405]  ? trace_irq_disable+0x3b/0x140
[  150.378491][ T8405]  ? clear_bhb_loop+0x40/0x90
[  150.378511][ T8405]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.378529][ T8405] RIP: 0033:0x7f97cc99cdd9
[  150.378546][ T8405] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  150.378560][ T8405] RSP: 002b:00007f97cd815028 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  150.378578][ T8405] RAX: ffffffffffffffda RBX: 00007f97ccc15fa0 RCX: 00007f97cc99cdd9
[  150.378591][ T8405] RDX: 000000000000fce0 RSI: 00002000000002c0 RDI: 0000000000000004
[  150.378602][ T8405] RBP: 00007f97cd815090 R08: 0000200000000140 R09: 0000000000000014
[  150.378613][ T8405] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001
[  150.378624][ T8405] R13: 00007f97ccc16038 R14: 00007f97ccc15fa0 R15: 00007ffd9dca7408
[  150.378652][ T8405]  </TASK>
[  150.783127][ T8408] bond1: entered promiscuous mode
[  150.804358][ T8408] 8021q: adding VLAN 0 to HW filter on device bond1
[  150.864823][ T8411] veth5: entered promiscuous mode
[  150.871316][ T8411] veth5: entered allmulticast mode
[  150.890634][ T8411] bond1: (slave veth5): Enslaving as a backup interface with a down link
[  151.219506][ T8426] syzkaller0: entered promiscuous mode
[  151.238775][ T8426] syzkaller0: entered allmulticast mode
[  151.621708][ T8438] netlink: 34 bytes leftover after parsing attributes in process `syz.1.786'.
[  151.683187][ T8441] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  151.695408][ T8438] netlink: 4 bytes leftover after parsing attributes in process `syz.1.786'.
[  151.852007][ T8448] netlink: 'syz.2.791': attribute type 1 has an invalid length.
[  151.872758][ T8448] netlink: 88 bytes leftover after parsing attributes in process `syz.2.791'.
[  151.906032][ T8448] netlink: 1 bytes leftover after parsing attributes in process `syz.2.791'.
[  151.928566][ T8448] netlink: 'syz.2.791': attribute type 1 has an invalid length.
[  151.938257][ T8448] netlink: 634 bytes leftover after parsing attributes in process `syz.2.791'.
[  152.115702][ T8454] netlink: 'syz.3.788': attribute type 1 has an invalid length.
[  152.210573][ T8458] vlan2: entered promiscuous mode
[  152.225317][ T8458] dummy0: entered promiscuous mode
[  152.235709][ T8467] netlink: 'syz.0.796': attribute type 1 has an invalid length.
[  152.236687][ T8458] vlan2: entered allmulticast mode
[  152.265364][ T8467] netlink: 'syz.0.796': attribute type 2 has an invalid length.
[  152.266029][ T8458] dummy0: entered allmulticast mode
[  152.292398][ T8473] netlink: 20 bytes leftover after parsing attributes in process `syz.2.797'.
[  152.341397][ T8468] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address
[  152.366068][ T8475] netlink: 8 bytes leftover after parsing attributes in process `syz.3.788'.
[  152.380869][ T8468] bond2: (slave vxcan3): Error -95 calling set_mac_address
[  152.456090][ T8477] netlink: 24 bytes leftover after parsing attributes in process `syz.2.798'.
[  152.495828][ T8454] bond2: (slave gretap1): making interface the new active one
[  152.506381][ T8454] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  152.564251][ T8475] macvlan2: entered promiscuous mode
[  152.567193][ T8482] IPVS: set_ctl: invalid protocol: 51 100.1.1.2:19998
[  152.580821][ T8475] macvlan2: entered allmulticast mode
[  152.632400][ T8485] netlink: 'syz.4.800': attribute type 39 has an invalid length.
[  152.650282][ T8486] netlink: 16 bytes leftover after parsing attributes in process `syz.1.801'.
[  152.962440][ T8496] syzkaller0: entered promiscuous mode
[  152.971127][ T8496] syzkaller0: entered allmulticast mode
[  153.013710][ T8496] FAULT_INJECTION: forcing a failure.
[  153.013710][ T8496] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  153.065713][ T8496] CPU: 0 UID: 0 PID: 8496 Comm: syz.3.804 Not tainted syzkaller #0 PREEMPT(full) 
[  153.065740][ T8496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  153.065750][ T8496] Call Trace:
[  153.065757][ T8496]  <TASK>
[  153.065764][ T8496]  dump_stack_lvl+0xe8/0x150
[  153.065788][ T8496]  should_fail_ex+0x412/0x560
[  153.065815][ T8496]  _copy_from_iter+0x1d3/0x1670
[  153.065837][ T8496]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  153.065859][ T8496]  ? irqentry_exit+0x218/0x730
[  153.065882][ T8496]  ? __pfx__copy_from_iter+0x10/0x10
[  153.065903][ T8496]  ? dev_get_by_index+0x22/0x2e0
[  153.065918][ T8496]  ? dev_get_by_index+0x22/0x2e0
[  153.065937][ T8496]  packet_sendmsg+0x2e19/0x4fb0
[  153.065964][ T8496]  ? __lock_acquire+0x6b5/0x2cf0
[  153.065988][ T8496]  ? __lock_acquire+0x6b5/0x2cf0
[  153.066018][ T8496]  ? __pfx_packet_sendmsg+0x10/0x10
[  153.066034][ T8496]  ? aa_sk_perm+0x6d5/0x900
[  153.066060][ T8496]  ? __pfx_aa_sk_perm+0x10/0x10
[  153.066076][ T8496]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  153.066100][ T8496]  ? aa_sock_msg_perm+0xf1/0x1b0
[  153.066120][ T8496]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  153.066139][ T8496]  ? __pfx_packet_sendmsg+0x10/0x10
[  153.066158][ T8496]  __sys_sendto+0x672/0x710
[  153.066180][ T8496]  ? __pfx___sys_sendto+0x10/0x10
[  153.066197][ T8496]  ? __mutex_unlock_slowpath+0x1be/0x6f0
[  153.066220][ T8496]  ? __fget_files+0x3a0/0x420
[  153.066245][ T8496]  ? ksys_write+0x242/0x270
[  153.066263][ T8496]  ? __irq_exit_rcu+0xca/0x220
[  153.066280][ T8496]  ? __pfx_ksys_write+0x10/0x10
[  153.066298][ T8496]  ? handle_softirqs+0x715/0x840
[  153.066315][ T8496]  __x64_sys_sendto+0xde/0x100
[  153.066336][ T8496]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.066351][ T8496]  do_syscall_64+0x15f/0xf80
[  153.066366][ T8496]  ? clear_bhb_loop+0x40/0x90
[  153.066383][ T8496]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.066397][ T8496] RIP: 0033:0x7fd560f9cdd9
[  153.066411][ T8496] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  153.066422][ T8496] RSP: 002b:00007fd561d99028 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  153.066437][ T8496] RAX: ffffffffffffffda RBX: 00007fd561215fa0 RCX: 00007fd560f9cdd9
[  153.066447][ T8496] RDX: 000000000000fce0 RSI: 00002000000002c0 RDI: 0000000000000004
[  153.066456][ T8496] RBP: 00007fd561d99090 R08: 0000200000000140 R09: 0000000000000014
[  153.066465][ T8496] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001
[  153.066473][ T8496] R13: 00007fd561216038 R14: 00007fd561215fa0 R15: 00007ffe807addc8
[  153.066495][ T8496]  </TASK>
[  153.894476][ T8513] netlink: 'syz.4.812': attribute type 1 has an invalid length.
[  154.036850][ T8518] bond3: (slave vxcan3): The slave device specified does not support setting the MAC address
[  154.056497][ T8518] bond3: (slave vxcan3): Error -95 calling set_mac_address
[  154.092278][ T8513] bond3: (slave gretap1): making interface the new active one
[  154.104191][ T8513] bond3: (slave gretap1): Enslaving as an active interface with an up link
[  154.149508][ T8530] xt_cgroup: xt_cgroup: no path or classid specified
[  154.174976][ T8526] macvlan2: entered promiscuous mode
[  154.195330][ T8526] macvlan2: entered allmulticast mode
[  154.372532][ T8534] FAULT_INJECTION: forcing a failure.
[  154.372532][ T8534] name failslab, interval 1, probability 0, space 0, times 0
[  154.395450][ T8534] CPU: 0 UID: 0 PID: 8534 Comm: syz.3.819 Not tainted syzkaller #0 PREEMPT(full) 
[  154.395473][ T8534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  154.395482][ T8534] Call Trace:
[  154.395497][ T8534]  <TASK>
[  154.395504][ T8534]  dump_stack_lvl+0xe8/0x150
[  154.395530][ T8534]  should_fail_ex+0x412/0x560
[  154.395557][ T8534]  should_failslab+0xa8/0x100
[  154.395582][ T8534]  ? radix_tree_node_alloc+0x7e/0x3a0
[  154.395606][ T8534]  kmem_cache_alloc_noprof+0x87/0x650
[  154.395627][ T8534]  ? radix_tree_node_alloc+0x7e/0x3a0
[  154.395648][ T8534]  ? kmem_cache_alloc_noprof+0x15a/0x650
[  154.395673][ T8534]  radix_tree_node_alloc+0x7e/0x3a0
[  154.395702][ T8534]  idr_get_free+0x2b3/0xa70
[  154.395735][ T8534]  idr_alloc_u32+0x18d/0x320
[  154.395767][ T8534]  ? __pfx_idr_alloc_u32+0x10/0x10
[  154.395804][ T8534]  u32_change+0x113d/0x2640
[  154.395825][ T8534]  ? __pfx___mutex_lock+0x10/0x10
[  154.395843][ T8534]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  154.395869][ T8534]  ? __pfx_u32_change+0x10/0x10
[  154.395903][ T8534]  ? lockdep_rtnl_is_held+0x26/0x40
[  154.395918][ T8534]  ? u32_lookup_ht+0x1b7/0x1d0
[  154.395940][ T8534]  tc_new_tfilter+0xff8/0x1780
[  154.395980][ T8534]  ? __pfx_tc_new_tfilter+0x10/0x10
[  154.396011][ T8534]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[  154.396046][ T8534]  ? __pfx_tc_new_tfilter+0x10/0x10
[  154.396063][ T8534]  rtnetlink_rcv_msg+0x7d5/0xbe0
[  154.396090][ T8534]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[  154.396111][ T8534]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  154.396131][ T8534]  ? ref_tracker_free+0x693/0x840
[  154.396157][ T8534]  ? __pfx_ref_tracker_free+0x10/0x10
[  154.396188][ T8534]  netlink_rcv_skb+0x232/0x4b0
[  154.396212][ T8534]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  154.396235][ T8534]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  154.396268][ T8534]  ? netlink_deliver_tap+0x2e/0x1b0
[  154.396292][ T8534]  ? netlink_deliver_tap+0x2e/0x1b0
[  154.396319][ T8534]  netlink_unicast+0x75c/0x8e0
[  154.396349][ T8534]  netlink_sendmsg+0x813/0xb40
[  154.396381][ T8534]  ? __pfx_netlink_sendmsg+0x10/0x10
[  154.396407][ T8534]  ? aa_sock_msg_perm+0xf1/0x1b0
[  154.396431][ T8534]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  154.396457][ T8534]  ____sys_sendmsg+0x972/0x9f0
[  154.396481][ T8534]  ? __might_fault+0xaf/0x130
[  154.396515][ T8534]  ? __pfx_____sys_sendmsg+0x10/0x10
[  154.396548][ T8534]  ? import_iovec+0x73/0xa0
[  154.396575][ T8534]  ___sys_sendmsg+0x2a5/0x360
[  154.396598][ T8534]  ? __lock_acquire+0x6b5/0x2cf0
[  154.396621][ T8534]  ? __pfx____sys_sendmsg+0x10/0x10
[  154.396679][ T8534]  ? __fget_files+0x2a/0x420
[  154.396699][ T8534]  ? __fget_files+0x3a0/0x420
[  154.396727][ T8534]  __x64_sys_sendmsg+0x1bd/0x2a0
[  154.396755][ T8534]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  154.396788][ T8534]  ? __pfx_ksys_write+0x10/0x10
[  154.396809][ T8534]  ? handle_softirqs+0x715/0x840
[  154.396834][ T8534]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.396852][ T8534]  do_syscall_64+0x15f/0xf80
[  154.396870][ T8534]  ? clear_bhb_loop+0x40/0x90
[  154.396892][ T8534]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.396908][ T8534] RIP: 0033:0x7fd560f9cdd9
[  154.396925][ T8534] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  154.396938][ T8534] RSP: 002b:00007fd561d99028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  154.396957][ T8534] RAX: ffffffffffffffda RBX: 00007fd561215fa0 RCX: 00007fd560f9cdd9
[  154.396969][ T8534] RDX: 0000000024040084 RSI: 0000200000000700 RDI: 00000000000000c2
[  154.396979][ T8534] RBP: 00007fd561d99090 R08: 0000000000000000 R09: 0000000000000000
[  154.396990][ T8534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  154.396998][ T8534] R13: 00007fd561216038 R14: 00007fd561215fa0 R15: 00007ffe807addc8
[  154.397026][ T8534]  </TASK>
[  155.485517][ T8575] FAULT_INJECTION: forcing a failure.
[  155.485517][ T8575] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  155.501667][ T8575] CPU: 0 UID: 0 PID: 8575 Comm: syz.0.832 Not tainted syzkaller #0 PREEMPT(full) 
[  155.501692][ T8575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  155.501702][ T8575] Call Trace:
[  155.501709][ T8575]  <TASK>
[  155.501716][ T8575]  dump_stack_lvl+0xe8/0x150
[  155.501742][ T8575]  should_fail_ex+0x412/0x560
[  155.501770][ T8575]  _copy_from_user+0x2d/0xb0
[  155.501796][ T8575]  ___sys_sendmsg+0x1c6/0x360
[  155.501819][ T8575]  ? __lock_acquire+0x6b5/0x2cf0
[  155.501842][ T8575]  ? __pfx____sys_sendmsg+0x10/0x10
[  155.501899][ T8575]  ? __fget_files+0x2a/0x420
[  155.501920][ T8575]  ? __fget_files+0x3a0/0x420
[  155.501951][ T8575]  __x64_sys_sendmsg+0x1bd/0x2a0
[  155.501978][ T8575]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  155.502010][ T8575]  ? __pfx_ksys_write+0x10/0x10
[  155.502042][ T8575]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.502061][ T8575]  do_syscall_64+0x15f/0xf80
[  155.502078][ T8575]  ? trace_irq_disable+0x3b/0x140
[  155.502103][ T8575]  ? clear_bhb_loop+0x40/0x90
[  155.502123][ T8575]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.502140][ T8575] RIP: 0033:0x7faa2959cdd9
[  155.502157][ T8575] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  155.502169][ T8575] RSP: 002b:00007faa2a3af028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  155.502187][ T8575] RAX: ffffffffffffffda RBX: 00007faa29815fa0 RCX: 00007faa2959cdd9
[  155.502199][ T8575] RDX: 0000000000000000 RSI: 0000200000006d00 RDI: 0000000000000004
[  155.502208][ T8575] RBP: 00007faa2a3af090 R08: 0000000000000000 R09: 0000000000000000
[  155.502218][ T8575] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  155.502228][ T8575] R13: 00007faa29816038 R14: 00007faa29815fa0 R15: 00007ffdc5406018
[  155.502253][ T8575]  </TASK>
[  155.922842][ T8591] __nla_validate_parse: 9 callbacks suppressed
[  155.922860][ T8591] netlink: 32 bytes leftover after parsing attributes in process `syz.1.837'.
[  156.493712][ T8633] netlink: 'syz.1.847': attribute type 1 has an invalid length.
[  156.550396][ T8633] 8021q: adding VLAN 0 to HW filter on device bond2
[  156.664911][ T8633] bond2: (slave geneve3): making interface the new active one
[  156.690045][ T8633] bond2: (slave geneve3): Enslaving as an active interface with an up link
[  157.312358][ T8675] netlink: 36 bytes leftover after parsing attributes in process `syz.3.854'.
[  157.673238][ T8691] syzkaller1: left promiscuous mode
[  157.689910][ T8691] syzkaller1: left allmulticast mode
[  157.703369][ T8696] netlink: 'syz.4.860': attribute type 1 has an invalid length.
[  157.766782][ T8696] 8021q: adding VLAN 0 to HW filter on device bond4
[  157.998060][ T8710] netlink: 8 bytes leftover after parsing attributes in process `syz.3.863'.
[  158.050977][ T8713] FAULT_INJECTION: forcing a failure.
[  158.050977][ T8713] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  158.077093][ T8713] CPU: 1 UID: 0 PID: 8713 Comm: syz.0.864 Not tainted syzkaller #0 PREEMPT(full) 
[  158.077118][ T8713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  158.077129][ T8713] Call Trace:
[  158.077136][ T8713]  <TASK>
[  158.077143][ T8713]  dump_stack_lvl+0xe8/0x150
[  158.077169][ T8713]  should_fail_ex+0x412/0x560
[  158.077198][ T8713]  _copy_to_user+0x31/0xb0
[  158.077230][ T8713]  simple_read_from_buffer+0xe1/0x170
[  158.077257][ T8713]  proc_fail_nth_read+0x1bb/0x230
[  158.077283][ T8713]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  158.077309][ T8713]  ? rw_verify_area+0x2a6/0x4d0
[  158.077332][ T8713]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  158.077356][ T8713]  vfs_read+0x20c/0xa70
[  158.077385][ T8713]  ? __pfx___mutex_lock+0x10/0x10
[  158.077405][ T8713]  ? __pfx_vfs_read+0x10/0x10
[  158.077430][ T8713]  ? __fget_files+0x2a/0x420
[  158.077456][ T8713]  ? __fget_files+0x3a0/0x420
[  158.077476][ T8713]  ? __fget_files+0x2a/0x420
[  158.077506][ T8713]  ksys_read+0x150/0x270
[  158.077532][ T8713]  ? __pfx_ksys_read+0x10/0x10
[  158.077564][ T8713]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.077584][ T8713]  do_syscall_64+0x15f/0xf80
[  158.077601][ T8713]  ? trace_irq_disable+0x3b/0x140
[  158.077626][ T8713]  ? clear_bhb_loop+0x40/0x90
[  158.077648][ T8713]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.077666][ T8713] RIP: 0033:0x7faa2955d60e
[  158.077683][ T8713] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  158.077697][ T8713] RSP: 002b:00007faa2a3aefe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  158.077714][ T8713] RAX: ffffffffffffffda RBX: 00007faa2a3af6c0 RCX: 00007faa2955d60e
[  158.077725][ T8713] RDX: 000000000000000f RSI: 00007faa2a3af0a0 RDI: 0000000000000003
[  158.077734][ T8713] RBP: 00007faa2a3af090 R08: 0000000000000000 R09: 0000000000000000
[  158.077744][ T8713] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  158.077753][ T8713] R13: 00007faa29816038 R14: 00007faa29815fa0 R15: 00007ffdc5406018
[  158.077781][ T8713]  </TASK>
[  158.080047][ T8710] netlink: 4 bytes leftover after parsing attributes in process `syz.3.863'.
[  158.306862][ T8719] netlink: 32 bytes leftover after parsing attributes in process `syz.1.868'.
[  158.494600][ T8729] netlink: 80 bytes leftover after parsing attributes in process `syz.1.871'.
[  158.507573][ T8725] netlink: 'syz.0.869': attribute type 9 has an invalid length.
[  158.573548][ T8725] netlink: 'syz.0.869': attribute type 3 has an invalid length.
[  158.587692][ T8725] netlink: 'syz.0.869': attribute type 3 has an invalid length.
[  158.730579][ T8741] netlink: 'syz.1.875': attribute type 1 has an invalid length.
[  158.835104][ T8741] 8021q: adding VLAN 0 to HW filter on device bond3
[  159.130704][ T8758] netlink: 200 bytes leftover after parsing attributes in process `syz.3.882'.
[  159.141984][ T8758] netlink: 4 bytes leftover after parsing attributes in process `syz.3.882'.
[  159.359422][ T8770] netlink: 'syz.2.883': attribute type 3 has an invalid length.
[  159.451281][ T8775] SET target dimension over the limit!
[  159.506655][ T8772] geneve3: entered promiscuous mode
[  159.607460][ T8779] netlink: 20 bytes leftover after parsing attributes in process `syz.1.888'.
[  159.805625][ T8785] netlink: 'syz.4.891': attribute type 1 has an invalid length.
[  159.943404][ T8785] 8021q: adding VLAN 0 to HW filter on device bond5
[  160.231107][ T8803] netlink: 32 bytes leftover after parsing attributes in process `syz.3.898'.
[  160.423718][ T8807] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  160.461856][ T8804] netlink: 'syz.4.899': attribute type 1 has an invalid length.
[  160.621392][ T8813] FAULT_INJECTION: forcing a failure.
[  160.621392][ T8813] name failslab, interval 1, probability 0, space 0, times 0
[  160.675889][ T8813] CPU: 1 UID: 0 PID: 8813 Comm: syz.2.902 Not tainted syzkaller #0 PREEMPT(full) 
[  160.675915][ T8813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  160.675925][ T8813] Call Trace:
[  160.675932][ T8813]  <TASK>
[  160.675940][ T8813]  dump_stack_lvl+0xe8/0x150
[  160.675966][ T8813]  should_fail_ex+0x412/0x560
[  160.675995][ T8813]  should_failslab+0xa8/0x100
[  160.676023][ T8813]  __kmalloc_noprof+0xe8/0x760
[  160.676049][ T8813]  ? u32_change+0x1257/0x2640
[  160.676073][ T8813]  u32_change+0x1257/0x2640
[  160.676098][ T8813]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  160.676124][ T8813]  ? __pfx_u32_change+0x10/0x10
[  160.676158][ T8813]  ? lockdep_rtnl_is_held+0x26/0x40
[  160.676176][ T8813]  ? u32_lookup_ht+0x1b7/0x1d0
[  160.676199][ T8813]  tc_new_tfilter+0xff8/0x1780
[  160.676245][ T8813]  ? __pfx_tc_new_tfilter+0x10/0x10
[  160.676278][ T8813]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[  160.676316][ T8813]  ? __pfx_tc_new_tfilter+0x10/0x10
[  160.676334][ T8813]  rtnetlink_rcv_msg+0x7d5/0xbe0
[  160.676355][ T8813]  ? kmem_cache_alloc_node_noprof+0x384/0x690
[  160.676378][ T8813]  ? netlink_sendmsg+0x5d4/0xb40
[  160.676404][ T8813]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[  160.676426][ T8813]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  160.676470][ T8813]  ? __lock_acquire+0x6b5/0x2cf0
[  160.676503][ T8813]  netlink_rcv_skb+0x232/0x4b0
[  160.676528][ T8813]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  160.676552][ T8813]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  160.676589][ T8813]  ? netlink_deliver_tap+0x2e/0x1b0
[  160.676612][ T8813]  ? netlink_deliver_tap+0x2e/0x1b0
[  160.676642][ T8813]  netlink_unicast+0x75c/0x8e0
[  160.676676][ T8813]  netlink_sendmsg+0x813/0xb40
[  160.676710][ T8813]  ? __pfx_netlink_sendmsg+0x10/0x10
[  160.676739][ T8813]  ? aa_sock_msg_perm+0xf1/0x1b0
[  160.676764][ T8813]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  160.676792][ T8813]  ____sys_sendmsg+0x972/0x9f0
[  160.676817][ T8813]  ? __might_fault+0xaf/0x130
[  160.676846][ T8813]  ? __pfx_____sys_sendmsg+0x10/0x10
[  160.676885][ T8813]  ? import_iovec+0x73/0xa0
[  160.676913][ T8813]  ___sys_sendmsg+0x2a5/0x360
[  160.676938][ T8813]  ? __lock_acquire+0x6b5/0x2cf0
[  160.676961][ T8813]  ? __pfx____sys_sendmsg+0x10/0x10
[  160.677020][ T8813]  ? __fget_files+0x2a/0x420
[  160.677041][ T8813]  ? __fget_files+0x3a0/0x420
[  160.677073][ T8813]  __x64_sys_sendmsg+0x1bd/0x2a0
[  160.677101][ T8813]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  160.677137][ T8813]  ? __pfx_ksys_write+0x10/0x10
[  160.677170][ T8813]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.677189][ T8813]  do_syscall_64+0x15f/0xf80
[  160.677206][ T8813]  ? trace_irq_disable+0x3b/0x140
[  160.677231][ T8813]  ? clear_bhb_loop+0x40/0x90
[  160.677252][ T8813]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.677270][ T8813] RIP: 0033:0x7eff3bd9cdd9
[  160.677287][ T8813] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  160.677300][ T8813] RSP: 002b:00007eff39ff6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  160.677319][ T8813] RAX: ffffffffffffffda RBX: 00007eff3c015fa0 RCX: 00007eff3bd9cdd9
[  160.677332][ T8813] RDX: 0000000024040084 RSI: 0000200000000700 RDI: 00000000000000c2
[  160.677343][ T8813] RBP: 00007eff39ff6090 R08: 0000000000000000 R09: 0000000000000000
[  160.677354][ T8813] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  160.677364][ T8813] R13: 00007eff3c016038 R14: 00007eff3c015fa0 R15: 00007ffca7ee8c78
[  160.677393][ T8813]  </TASK>
[  160.728835][ T8809] bond6: (slave vxcan3): The slave device specified does not support setting the MAC address
[  161.052044][ T8833] xt_cgroup: xt_cgroup: no path or classid specified
[  161.067921][ T8834] netlink: 'syz.0.909': attribute type 1 has an invalid length.
[  161.088512][ T8809] bond6: (slave vxcan3): Error -95 calling set_mac_address
[  161.140264][ T8810] team_slave_0: left promiscuous mode
[  161.155823][ T8810] team_slave_1: left promiscuous mode
[  161.162232][ T8810] team0: entered promiscuous mode
[  161.168315][ T8810] team_slave_0: entered promiscuous mode
[  161.174199][ T8810] team_slave_1: entered promiscuous mode
[  161.185300][ T8810] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  161.248270][ T8804] macvlan3: entered promiscuous mode
[  161.263853][ T8804] macvlan3: entered allmulticast mode
[  161.332176][ T8834] 8021q: adding VLAN 0 to HW filter on device bond9
[  161.354389][ T8840] syzkaller0: entered promiscuous mode
[  161.359900][ T8840] syzkaller0: entered allmulticast mode
[  161.633309][ T8861] __nla_validate_parse: 2 callbacks suppressed
[  161.633326][ T8861] netlink: 12 bytes leftover after parsing attributes in process `syz.4.918'.
[  161.659092][ T8863] netlink: 7064 bytes leftover after parsing attributes in process `syz.0.919'.
[  161.659146][ T8863] openvswitch: netlink: EtherType 0 is less than min 600
[  161.701413][ T8861] netlink: 'syz.4.918': attribute type 1 has an invalid length.
[  161.708170][ T8865] netlink: 16 bytes leftover after parsing attributes in process `syz.0.920'.
[  161.729256][ T8861] bond7: entered promiscuous mode
[  161.734785][ T8861] 8021q: adding VLAN 0 to HW filter on device bond7
[  161.748849][ T8861] netlink: 36 bytes leftover after parsing attributes in process `syz.4.918'.
[  161.774920][ T8861] bond7: left promiscuous mode
[  161.780334][ T8861] bond7: entered allmulticast mode
[  161.805429][ T8861] bond7: (slave bridge1): making interface the new active one
[  161.812934][ T8861] bridge1: entered allmulticast mode
[  161.819033][ T8861] bond7: (slave bridge1): Enslaving as an active interface with an up link
[  162.032272][ T8875] netlink: 116 bytes leftover after parsing attributes in process `syz.4.924'.
[  162.041401][ T8874] netlink: 116 bytes leftover after parsing attributes in process `syz.4.924'.
[  162.146518][ T8884] netlink: 'syz.0.927': attribute type 1 has an invalid length.
[  162.284414][ T8895] netlink: 36 bytes leftover after parsing attributes in process `syz.4.930'.
[  162.336268][ T8899] netlink: 'syz.2.929': attribute type 1 has an invalid length.
[  162.340355][ T8884] 8021q: adding VLAN 0 to HW filter on device bond10
[  162.390268][ T8892] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input5
[  162.429859][ T8889] bond4: (slave vxcan3): The slave device specified does not support setting the MAC address
[  162.440722][ T8889] bond4: (slave vxcan3): Error -95 calling set_mac_address
[  162.485504][ T8898] netlink: 76 bytes leftover after parsing attributes in process `syz.3.925'.
[  162.526655][ T8883] netlink: 8 bytes leftover after parsing attributes in process `syz.3.925'.
[  162.538729][ T8883] netlink: 16 bytes leftover after parsing attributes in process `syz.3.925'.
[  162.563229][ T8894] macvlan3: entered promiscuous mode
[  162.568659][ T8894] macvlan3: entered allmulticast mode
[  162.966650][ T8925] xt_cgroup: xt_cgroup: no path or classid specified
[  163.070589][ T8930] geneve4: entered promiscuous mode
[  164.465431][ T8851] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  165.244638][ T9013] netlink: 'syz.4.956': attribute type 1 has an invalid length.
[  165.354368][ T9013] bond8: entered promiscuous mode
[  165.382528][ T9013] 8021q: adding VLAN 0 to HW filter on device bond8
[  165.514176][ T9026] xt_cgroup: xt_cgroup: no path or classid specified
[  165.623059][ T9013] bond8: (slave bridge2): making interface the new active one
[  165.630578][ T9013] bridge2: entered promiscuous mode
[  165.637669][ T9013] bond8: (slave bridge2): Enslaving as an active interface with an up link
[  165.644616][ T9032] netlink: 'syz.0.960': attribute type 1 has an invalid length.
[  165.795593][ T9032] 8021q: adding VLAN 0 to HW filter on device bond11
[  165.841751][ T9042] SET target dimension over the limit!
[  166.288666][ T9065] netlink: 'syz.1.968': attribute type 8 has an invalid length.
[  166.684480][ T9086] netlink: 'syz.1.972': attribute type 1 has an invalid length.
[  166.692168][ T9086] __nla_validate_parse: 19 callbacks suppressed
[  166.692187][ T9086] netlink: 88 bytes leftover after parsing attributes in process `syz.1.972'.
[  166.707368][ T9086] netlink: 1 bytes leftover after parsing attributes in process `syz.1.972'.
[  166.738769][ T9086] netlink: 'syz.1.972': attribute type 1 has an invalid length.
[  166.746467][ T9086] netlink: 634 bytes leftover after parsing attributes in process `syz.1.972'.
[  167.110861][ T9111] netlink: 4 bytes leftover after parsing attributes in process `syz.0.974'.
[  167.578021][ T9128] geneve5: entered promiscuous mode
[  167.581355][ T9132] netlink: 'syz.3.983': attribute type 1 has an invalid length.
[  167.734318][ T9132] 8021q: adding VLAN 0 to HW filter on device bond3
[  167.838273][ T9146] netlink: 4 bytes leftover after parsing attributes in process `syz.4.989'.
[  167.921001][ T9147] bond3: (slave geneve5): making interface the new active one
[  167.933460][ T9147] bond3: (slave geneve5): Enslaving as an active interface with an up link
[  168.103851][ T9159] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  168.112062][ T9159] syzkaller0: entered promiscuous mode
[  168.118244][ T9159] syzkaller0: entered allmulticast mode
[  168.131065][ T9159] tipc: Resetting bearer <eth:syzkaller0>
[  168.148962][ T9157] tipc: Resetting bearer <eth:syzkaller0>
[  168.169417][ T9157] tipc: Disabling bearer <eth:syzkaller0>
[  168.204554][ T9162] netlink: 'syz.1.994': attribute type 14 has an invalid length.
[  168.249625][ T9162] netlink: 8 bytes leftover after parsing attributes in process `syz.1.994'.
[  168.322307][ T9169] netlink: 8 bytes leftover after parsing attributes in process `syz.0.995'.
[  168.350497][ T9169] netlink: 4 bytes leftover after parsing attributes in process `syz.0.995'.
[  168.580239][ T9173] netlink: 'syz.2.997': attribute type 1 has an invalid length.
[  168.850401][ T9186] netlink: 'syz.3.1001': attribute type 1 has an invalid length.
[  168.891597][ T9186] netlink: 88 bytes leftover after parsing attributes in process `syz.3.1001'.
[  168.924790][ T9186] netlink: 1 bytes leftover after parsing attributes in process `syz.3.1001'.
[  168.938024][ T9186] netlink: 'syz.3.1001': attribute type 1 has an invalid length.
[  168.950869][ T9191] xt_TPROXY: Can be used only with -p tcp or -p udp
[  169.504088][ T9210] netlink: 'syz.4.1009': attribute type 1 has an invalid length.
[  169.625972][ T9210] 8021q: adding VLAN 0 to HW filter on device bond9
[  170.860874][ T3328] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  170.861018][   T30] audit: type=1800 audit(1778448377.577:3): pid=9240 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1021" name="memory.events" dev="tmpfs" ino=1098 res=0 errno=0
[  170.868798][ T3328] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  170.918620][ T9252] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  171.376331][ T9264] netlink: 'syz.1.1025': attribute type 1 has an invalid length.
[  171.442289][ T9264] 8021q: adding VLAN 0 to HW filter on device bond4
[  171.626619][ T9272] netlink: 'syz.3.1026': attribute type 22 has an invalid length.
[  171.692788][ T9272] netlink: 'syz.3.1026': attribute type 22 has an invalid length.
[  171.718509][ T9272] __nla_validate_parse: 5 callbacks suppressed
[  171.718535][ T9272] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1026'.
[  171.833853][ T9283] netlink: 'syz.4.1031': attribute type 1 has an invalid length.
[  171.866591][ T9283] netlink: 88 bytes leftover after parsing attributes in process `syz.4.1031'.
[  171.901291][ T9283] netlink: 1 bytes leftover after parsing attributes in process `syz.4.1031'.
[  171.940951][ T9283] netlink: 'syz.4.1031': attribute type 1 has an invalid length.
[  171.979292][ T9283] netlink: 634 bytes leftover after parsing attributes in process `syz.4.1031'.
[  173.015667][ T9300] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -4
[  173.020304][   T30] audit: type=1800 audit(1778448379.707:4): pid=9300 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1035" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[  173.063196][ T9300] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -4
[  173.072791][ T9300] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  173.101065][ T9322] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1039'.
[  173.716703][ T9348] netlink: 'syz.4.1043': attribute type 1 has an invalid length.
[  173.936194][ T9348] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1043'.
[  174.068001][ T9363] syzkaller1: entered promiscuous mode
[  174.073538][ T9363] syzkaller1: entered allmulticast mode
[  174.332194][ T9383] netlink: 'syz.0.1052': attribute type 4 has an invalid length.
[  174.344074][ T9384] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1051'.
[  174.398180][ T9383] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1052'.
[  174.570945][ T9388] team0: No ports can be present during mode change
[  174.629491][ T9388] syzkaller1: entered promiscuous mode
[  174.635003][ T9388] syzkaller1: entered allmulticast mode
[  174.896181][ T9391] netlink: 1276 bytes leftover after parsing attributes in process `syz.3.1057'.
[  175.075238][ T9407] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  175.087228][ T9407] wg2: entered allmulticast mode
[  175.118922][ T9406] tipc: Disabling bearer <eth:syzkaller0>
[  175.327322][ T9419] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1064'.
[  175.928891][ T9442] SET target dimension over the limit!
[  176.103596][ T9447] trusted_key: syz.2.1072 sent an empty control message without MSG_MORE.
[  176.210830][ T9456] FAULT_INJECTION: forcing a failure.
[  176.210830][ T9456] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  176.264634][ T9456] CPU: 1 UID: 0 PID: 9456 Comm: syz.4.1075 Not tainted syzkaller #0 PREEMPT(full) 
[  176.264660][ T9456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  176.264670][ T9456] Call Trace:
[  176.264677][ T9456]  <TASK>
[  176.264686][ T9456]  dump_stack_lvl+0xe8/0x150
[  176.264712][ T9456]  should_fail_ex+0x412/0x560
[  176.264742][ T9456]  _copy_to_user+0x31/0xb0
[  176.264770][ T9456]  simple_read_from_buffer+0xe1/0x170
[  176.264798][ T9456]  proc_fail_nth_read+0x1bb/0x230
[  176.264824][ T9456]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  176.264850][ T9456]  ? rw_verify_area+0x2a6/0x4d0
[  176.264874][ T9456]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  176.264898][ T9456]  vfs_read+0x20c/0xa70
[  176.264928][ T9456]  ? __pfx___mutex_lock+0x10/0x10
[  176.264947][ T9456]  ? __pfx_vfs_read+0x10/0x10
[  176.264973][ T9456]  ? __fget_files+0x2a/0x420
[  176.265003][ T9456]  ? __fget_files+0x3a0/0x420
[  176.265023][ T9456]  ? __fget_files+0x2a/0x420
[  176.265053][ T9456]  ksys_read+0x150/0x270
[  176.265079][ T9456]  ? __pfx_ksys_read+0x10/0x10
[  176.265112][ T9456]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.265131][ T9456]  do_syscall_64+0x15f/0xf80
[  176.265148][ T9456]  ? trace_irq_disable+0x3b/0x140
[  176.265174][ T9456]  ? clear_bhb_loop+0x40/0x90
[  176.265196][ T9456]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.265213][ T9456] RIP: 0033:0x7f97cc95d60e
[  176.265231][ T9456] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  176.265246][ T9456] RSP: 002b:00007f97cd814fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  176.265265][ T9456] RAX: ffffffffffffffda RBX: 00007f97cd8156c0 RCX: 00007f97cc95d60e
[  176.265278][ T9456] RDX: 000000000000000f RSI: 00007f97cd8150a0 RDI: 0000000000000008
[  176.265290][ T9456] RBP: 00007f97cd815090 R08: 0000000000000000 R09: 0000000000000000
[  176.265301][ T9456] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  176.265312][ T9456] R13: 00007f97ccc16038 R14: 00007f97ccc15fa0 R15: 00007ffd9dca7408
[  176.265342][ T9456]  </TASK>
[  176.881641][ T9482] smc: net device team0 applied user defined pnetid SYZ2
[  176.890836][ T9482] smc: net device team0 erased user defined pnetid SYZ2
[  177.022157][ T9473] bond11: invalid ARP target 0.0.0.0 specified for addition
[  177.030380][ T9473] bond11: option arp_ip_target: invalid value (0)
[  177.100760][ T9473] bond11 (unregistering): Released all slaves
[  177.523543][ T9518] veth0_macvtap: left promiscuous mode
[  177.727681][ T9518] veth0_macvtap: entered promiscuous mode
[  178.241952][ T9555] SET target dimension over the limit!
[  178.380770][ T9564] netlink: 'syz.2.1092': attribute type 10 has an invalid length.
[  178.420847][ T9564] team0: Port device dummy0 added
[  178.484353][ T9564] netlink: 'syz.2.1092': attribute type 10 has an invalid length.
[  178.502911][ T9564] team0: Port device dummy0 removed
[  178.513104][ T9564] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  178.685218][ T9575] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  178.703590][ T9575] tipc: Resetting bearer <eth:syzkaller0>
[  178.878235][ T9573] tipc: Disabling bearer <eth:syzkaller0>
[  179.024409][ T9590] __nla_validate_parse: 4 callbacks suppressed
[  179.024427][ T9590] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1094'.
[  179.075998][ T9593] IPVS: set_ctl: invalid protocol: 94 255.255.255.255:20002
[  179.717946][ T9621] netlink: 'syz.0.1106': attribute type 1 has an invalid length.
[  179.864361][ T9621] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1106'.
[  180.289746][ T9652] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1111'.
[  180.387532][ T9652] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1111'.
[  180.729266][ T9674] SET target dimension over the limit!
[  181.007306][ T9683] geneve4: entered promiscuous mode
[  181.459233][ T9705] vlan3: entered promiscuous mode
[  181.476167][ T9705] dummy0: entered promiscuous mode
[  181.497379][ T9705] vlan3: entered allmulticast mode
[  181.511976][ T9705] dummy0: entered allmulticast mode
[  181.947192][ T9723] netlink: 'syz.2.1132': attribute type 1 has an invalid length.
[  182.077731][ T9729] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1134'.
[  182.134372][ T9733] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1132'.
[  182.153282][ T9734] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1135'.
[  182.195905][ T9736] netlink: 34 bytes leftover after parsing attributes in process `syz.1.1137'.
[  182.241209][ T9736] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1137'.
[  182.522780][ T9749] geneve5: entered promiscuous mode
[  182.578749][ T9751] xt_TPROXY: Can be used only with -p tcp or -p udp
[  182.657294][ T9753] xt_TCPMSS: Only works on TCP SYN packets
[  182.697694][ T9757] FAULT_INJECTION: forcing a failure.
[  182.697694][ T9757] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  182.712864][ T9757] CPU: 0 UID: 0 PID: 9757 Comm: syz.4.1145 Not tainted syzkaller #0 PREEMPT(full) 
[  182.712886][ T9757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  182.712895][ T9757] Call Trace:
[  182.712901][ T9757]  <TASK>
[  182.712907][ T9757]  dump_stack_lvl+0xe8/0x150
[  182.712928][ T9757]  should_fail_ex+0x412/0x560
[  182.712951][ T9757]  _copy_to_user+0x31/0xb0
[  182.712973][ T9757]  simple_read_from_buffer+0xe1/0x170
[  182.712994][ T9757]  proc_fail_nth_read+0x1bb/0x230
[  182.713015][ T9757]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  182.713035][ T9757]  ? rw_verify_area+0x2a6/0x4d0
[  182.713054][ T9757]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  182.713073][ T9757]  vfs_read+0x20c/0xa70
[  182.713095][ T9757]  ? __pfx___mutex_lock+0x10/0x10
[  182.713110][ T9757]  ? __pfx_vfs_read+0x10/0x10
[  182.713130][ T9757]  ? __fget_files+0x2a/0x420
[  182.713150][ T9757]  ? __fget_files+0x3a0/0x420
[  182.713166][ T9757]  ? __fget_files+0x2a/0x420
[  182.713189][ T9757]  ksys_read+0x150/0x270
[  182.713210][ T9757]  ? __pfx_ksys_read+0x10/0x10
[  182.713235][ T9757]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.713250][ T9757]  do_syscall_64+0x15f/0xf80
[  182.713263][ T9757]  ? trace_irq_disable+0x3b/0x140
[  182.713284][ T9757]  ? clear_bhb_loop+0x40/0x90
[  182.713301][ T9757]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.713315][ T9757] RIP: 0033:0x7f97cc95d60e
[  182.713329][ T9757] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  182.713341][ T9757] RSP: 002b:00007f97cd814fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  182.713357][ T9757] RAX: ffffffffffffffda RBX: 00007f97cd8156c0 RCX: 00007f97cc95d60e
[  182.713367][ T9757] RDX: 000000000000000f RSI: 00007f97cd8150a0 RDI: 0000000000000004
[  182.713376][ T9757] RBP: 00007f97cd815090 R08: 0000000000000000 R09: 0000000000000000
[  182.713385][ T9757] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  182.713393][ T9757] R13: 00007f97ccc16038 R14: 00007f97ccc15fa0 R15: 00007ffd9dca7408
[  182.713416][ T9757]  </TASK>
[  183.011064][ T9759] netlink: 'syz.2.1146': attribute type 32 has an invalid length.
[  183.024421][ T9759] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1146'.
[  183.036168][ T9761] netlink: 'syz.1.1147': attribute type 5 has an invalid length.
[  183.189430][ T9773] netlink: 'syz.0.1151': attribute type 1 has an invalid length.
[  183.197267][ T9773] netlink: 'syz.0.1151': attribute type 1 has an invalid length.
[  183.237619][ T9759] bond5: option coupled_control: invalid value (12)
[  183.250334][ T9759] bond5 (unregistering): Released all slaves
[  183.422094][ T9789] netlink: 'syz.3.1155': attribute type 1 has an invalid length.
[  183.497713][ T9789] 8021q: adding VLAN 0 to HW filter on device bond5
[  183.829225][ T9800] netlink: 'syz.4.1156': attribute type 9 has an invalid length.
[  183.938860][ T9800] netlink: 'syz.4.1156': attribute type 3 has an invalid length.
[  183.967147][ T9800] netlink: 'syz.4.1156': attribute type 3 has an invalid length.
[  184.333525][ T9825] FAULT_INJECTION: forcing a failure.
[  184.333525][ T9825] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  184.348537][ T9825] CPU: 1 UID: 0 PID: 9825 Comm: syz.3.1165 Not tainted syzkaller #0 PREEMPT(full) 
[  184.348562][ T9825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  184.348574][ T9825] Call Trace:
[  184.348591][ T9825]  <TASK>
[  184.348599][ T9825]  dump_stack_lvl+0xe8/0x150
[  184.348627][ T9825]  should_fail_ex+0x412/0x560
[  184.348656][ T9825]  _copy_from_user+0x2d/0xb0
[  184.348686][ T9825]  kstrtouint_from_user+0xd6/0x180
[  184.348712][ T9825]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  184.348750][ T9825]  proc_fail_nth_write+0x8e/0x210
[  184.348774][ T9825]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  184.348804][ T9825]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  184.348829][ T9825]  vfs_write+0x29a/0xb90
[  184.348863][ T9825]  ? __pfx_vfs_write+0x10/0x10
[  184.348890][ T9825]  ? __fget_files+0x2a/0x420
[  184.348916][ T9825]  ? __fget_files+0x3a0/0x420
[  184.348936][ T9825]  ? __fget_files+0x2a/0x420
[  184.348967][ T9825]  ksys_write+0x150/0x270
[  184.348994][ T9825]  ? __pfx_ksys_write+0x10/0x10
[  184.349027][ T9825]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.349048][ T9825]  do_syscall_64+0x15f/0xf80
[  184.349065][ T9825]  ? trace_irq_disable+0x3b/0x140
[  184.349090][ T9825]  ? clear_bhb_loop+0x40/0x90
[  184.349113][ T9825]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.349131][ T9825] RIP: 0033:0x7fd560f5d60e
[  184.349148][ T9825] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  184.349163][ T9825] RSP: 002b:00007fd561d98fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  184.349182][ T9825] RAX: ffffffffffffffda RBX: 00007fd561d996c0 RCX: 00007fd560f5d60e
[  184.349195][ T9825] RDX: 0000000000000001 RSI: 00007fd561d990a0 RDI: 0000000000000007
[  184.349206][ T9825] RBP: 00007fd561d99090 R08: 0000000000000000 R09: 0000000000000000
[  184.349217][ T9825] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  184.349228][ T9825] R13: 00007fd561216038 R14: 00007fd561215fa0 R15: 00007ffe807addc8
[  184.349260][ T9825]  </TASK>
[  184.719827][ T9835] geneve4: entered promiscuous mode
[  185.014894][ T9834] __nla_validate_parse: 7 callbacks suppressed
[  185.014914][ T9834] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1168'.
[  185.064488][ T9851] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  185.073314][ T9851] IPv6: NLM_F_CREATE should be set when creating new route
[  185.080672][ T9851] IPv6: NLM_F_CREATE should be set when creating new route
[  185.096605][ T9845] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  185.328276][ T9862] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1178'.
[  185.351047][ T9864] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1180'.
[  185.549981][ T9873] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1182'.
[  185.618044][ T9873] vlan3: entered promiscuous mode
[  185.623141][ T9873] bridge0: entered promiscuous mode
[  185.655670][ T9874] syzkaller0: entered promiscuous mode
[  185.661177][ T9874] syzkaller0: entered allmulticast mode
[  185.759159][ T9887] netlink: 6024 bytes leftover after parsing attributes in process `syz.2.1188'.
[  185.920338][ T9895] netlink: 34 bytes leftover after parsing attributes in process `syz.2.1192'.
[  185.937487][ T9895] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1192'.
[  186.357863][ T9911] 8021q: adding VLAN 0 to HW filter on device team0
[  186.368207][ T9911] 8021q: adding VLAN 0 to HW filter on device batadv0
[  186.425450][ T9911] batman_adv: batadv0: Interface activated: batadv_slave_0
[  186.448922][ T9915] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1196'.
[  186.460031][ T9911] batman_adv: batadv0: Interface activated: batadv_slave_1
[  186.490741][ T9911] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  186.501120][ T9911] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  186.565135][ T9911] veth1_vlan: left promiscuous mode
[  186.577410][ T9911] veth0_vlan: left promiscuous mode
[  186.583634][ T9911] veth0_vlan: entered promiscuous mode
[  186.598099][ T9911] veth1_vlan: entered promiscuous mode
[  186.608886][ T9911] veth1_macvtap: left promiscuous mode
[  186.615556][ T9911] veth0_macvtap: left promiscuous mode
[  186.641860][ T9911] veth0_macvtap: entered promiscuous mode
[  186.649101][ T9911] veth1_macvtap: entered promiscuous mode
[  186.663348][ T9911] 8021q: adding VLAN 0 to HW filter on device bond1
[  186.670921][ T9911] geneve2: left promiscuous mode
[  186.685589][ T9911] geneve4: left promiscuous mode
[  186.692038][ T9911] veth3: left allmulticast mode
[  186.703103][ T9923] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input6
[  186.714446][ T9911] 8021q: adding VLAN 0 to HW filter on device eth0
[  186.721911][ T9925] xt_cgroup: xt_cgroup: no path or classid specified
[  186.724205][ T9911] 8021q: adding VLAN 0 to HW filter on device eth1
[  186.776895][ T9911] 8021q: adding VLAN 0 to HW filter on device eth2
[  186.822758][ T9911] 8021q: adding VLAN 0 to HW filter on device eth3
[  186.832429][ T9911] 8021q: adding VLAN 0 to HW filter on device bond0
[  186.841726][ T9929] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1202'.
[  186.843567][ T9911] 8021q: adding VLAN 0 to HW filter on device bond3
[  186.874248][ T9911] bond3: entered promiscuous mode
[  186.879638][ T9911] gretap1: entered promiscuous mode
[  186.885246][ T9911] macvlan2: left promiscuous mode
[  186.890290][ T9911] macvlan2: left allmulticast mode
[  186.895987][ T9911] bond3: entered allmulticast mode
[  186.901118][ T9911] gretap1: entered allmulticast mode
[  186.907637][ T9911] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  186.920857][ T9911] 8021q: adding VLAN 0 to HW filter on device bond6
[  186.928458][ T9911] bond6: entered promiscuous mode
[  186.935255][ T9911] macvlan3: left promiscuous mode
[  186.940319][ T9911] macvlan3: left allmulticast mode
[  186.945591][ T9911] bond6: entered allmulticast mode
[  186.951634][ T9911] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  186.959844][ T9911] bond7: left allmulticast mode
[  186.980547][ T9911] bridge1: left allmulticast mode
[  186.986908][ T9911] 8021q: adding VLAN 0 to HW filter on device bond7
[  186.995638][ T9911] bond8: left promiscuous mode
[  187.000606][ T9911] bridge2: left promiscuous mode
[  187.011181][ T9911] 8021q: adding VLAN 0 to HW filter on device bond10
[  187.019583][ T9911] mac80211_hwsim hwsim10 wlan0: entered promiscuous mode
[  187.029033][ T9911] geneve5: left promiscuous mode
[  187.043450][  T288] bridge0: port 1(bridge_slave_0) entered blocking state
[  187.050533][  T288] bridge0: port 1(bridge_slave_0) entered forwarding state
[  187.059205][  T288] bridge0: port 2(bridge_slave_1) entered blocking state
[  187.066281][  T288] bridge0: port 2(bridge_slave_1) entered forwarding state
[  187.167514][ T9913] syzkaller1: entered promiscuous mode
[  187.185536][ T9913] syzkaller1: entered allmulticast mode
[  187.237295][ T9937] netlink: 'syz.4.1203': attribute type 1 has an invalid length.
[  187.255559][ T9937] netlink: 88 bytes leftover after parsing attributes in process `syz.4.1203'.
[  187.265955][ T9937] netlink: 'syz.4.1203': attribute type 1 has an invalid length.
[  187.492419][ T9950] syzkaller0: entered promiscuous mode
[  187.510744][ T9950] syzkaller0: entered allmulticast mode
[  187.844897][ T9960] tipc: Started in network mode
[  187.849794][ T9960] tipc: Node identity 40000000000000ff000000400000002e, cluster identity 4711
[  187.858663][ T9960] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  187.999413][ T9963] netlink: 'syz.0.1213': attribute type 1 has an invalid length.
[  188.091011][ T9963] gretap4: entered allmulticast mode
[  188.101597][ T9963] bond13: (slave gretap4): making interface the new active one
[  188.110209][ T9963] bond13: (slave gretap4): Enslaving as an active interface with an up link
[  189.134211][T10006] SET target dimension over the limit!
[  189.159348][T10007] netlink: 'syz.4.1228': attribute type 1 has an invalid length.
[  189.180951][T10007] netlink: 'syz.4.1228': attribute type 1 has an invalid length.
[  189.854098][T10040] netlink: 'syz.1.1237': attribute type 1 has an invalid length.
[  189.892641][T10045] xt_cgroup: xt_cgroup: no path or classid specified
[  190.040519][T10048] rdma_op ffff888077bf59f0 conn xmit_rdma 0000000000000000
[  190.077028][T10048] __nla_validate_parse: 12 callbacks suppressed
[  190.077049][T10048] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1237'.
[  190.092272][T10048] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1237'.
[  190.102319][T10048] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1237'.
[  190.124158][T10053] netlink: 'syz.0.1242': attribute type 32 has an invalid length.
[  190.142398][T10052] netlink: 'syz.4.1241': attribute type 1 has an invalid length.
[  190.174752][T10053] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1242'.
[  190.189530][T10052] netlink: 'syz.4.1241': attribute type 49 has an invalid length.
[  190.229871][T10053] bond14: option coupled_control: invalid value (12)
[  190.260010][T10053] bond14 (unregistering): Released all slaves
[  190.567296][T10078] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1246'.
[  190.583765][T10078] netlink: 121 bytes leftover after parsing attributes in process `syz.4.1246'.
[  191.154525][T10100] netlink: 'syz.1.1252': attribute type 1 has an invalid length.
[  191.162763][T10100] netlink: 88 bytes leftover after parsing attributes in process `syz.1.1252'.
[  191.171736][T10100] netlink: 1 bytes leftover after parsing attributes in process `syz.1.1252'.
[  191.180616][T10100] netlink: 'syz.1.1252': attribute type 1 has an invalid length.
[  191.197528][ T5635] Bluetooth: hci3: command 0x0406 tx timeout
[  191.206784][ T5635] Bluetooth: hci2: command 0x0406 tx timeout
[  191.208414][T10102] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1253'.
[  191.238002][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[  191.243586][T10100] netlink: 634 bytes leftover after parsing attributes in process `syz.1.1252'.
[  193.624150][T10190] xt_TPROXY: Can be used only with -p tcp or -p udp
[  194.025195][T10209] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  194.210074][T10222] gre0: left promiscuous mode
[  194.214892][T10222] gre0: left allmulticast mode
[  194.224928][ T1317] ieee802154 phy0 wpan0: encryption failed: -22
[  194.231533][ T1317] ieee802154 phy1 wpan1: encryption failed: -22
[  194.311505][T10222] team0: left promiscuous mode
[  194.328121][T10222] team_slave_0: left promiscuous mode
[  194.341423][T10222] team_slave_1: left promiscuous mode
[  194.360992][T10222] 8021q: adding VLAN 0 to HW filter on device team0
[  194.379260][T10222] team_slave_0: entered promiscuous mode
[  194.386465][T10222] team_slave_1: entered promiscuous mode
[  194.420903][T10222] wg2: left allmulticast mode
[  194.820028][T10222] 8021q: adding VLAN 0 to HW filter on device eth0
[  194.834600][T10222] 8021q: adding VLAN 0 to HW filter on device eth1
[  194.862441][T10222] 8021q: adding VLAN 0 to HW filter on device eth2
[  194.929807][T10222] 8021q: adding VLAN 0 to HW filter on device eth3
[  194.942766][T10222] geneve2: left promiscuous mode
[  194.949901][T10222] bond1: left promiscuous mode
[  194.956117][T10222] veth5: left promiscuous mode
[  194.960892][T10222] veth5: left allmulticast mode
[  194.969619][T10222] geneve4: left promiscuous mode
[  194.975883][T10222] 8021q: adding VLAN 0 to HW filter on device bond5
[  195.135001][  T288] bond1: (slave veth5): link status definitely up, 10000 Mbps full duplex
[  195.144048][  T288] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  195.155163][  T288] bond1: active interface up!
[  195.305306][T10258] bridge1: entered promiscuous mode
[  195.310551][T10258] bridge1: entered allmulticast mode
[  195.350000][T10258] team0: Port device bridge1 added
[  197.276200][T10261] __nla_validate_parse: 5 callbacks suppressed
[  197.276222][T10261] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1293'.
[  197.300318][T10264] bridge0: port 3(team0) entered blocking state
[  197.313381][T10264] bridge0: port 3(team0) entered disabled state
[  197.334603][T10264] team0: entered allmulticast mode
[  197.370333][T10264] team_slave_0: entered allmulticast mode
[  197.387607][T10264] team_slave_1: entered allmulticast mode
[  197.415422][T10264] team0: entered promiscuous mode
[  197.420500][T10264] team_slave_0: entered promiscuous mode
[  197.426318][T10264] team_slave_1: entered promiscuous mode
[  197.447068][T10264] bridge0: port 3(team0) entered blocking state
[  197.453723][T10264] bridge0: port 3(team0) entered forwarding state
[  197.457658][T10275] netlink: 'syz.0.1298': attribute type 32 has an invalid length.
[  197.469695][T10275] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1298'.
[  197.574351][T10275] bond14: option coupled_control: invalid value (12)
[  197.583888][T10275] bond14 (unregistering): Released all slaves
[  198.217895][T10302] 8021q: adding VLAN 0 to HW filter on device bond0
[  198.250533][T10302] 8021q: adding VLAN 0 to HW filter on device team0
[  198.527003][T10317] netem: change failed
[  198.532426][T10334] netlink: 112 bytes leftover after parsing attributes in process `syz.3.1310'.
[  198.785764][T10344] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.1311'.
[  198.984668][T10348] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1314'.
[  199.280999][T10366] netlink: 'syz.3.1322': attribute type 32 has an invalid length.
[  199.289153][T10366] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1322'.
[  199.416337][T10366] bond7: option coupled_control: invalid value (12)
[  199.490283][T10366] bond7 (unregistering): Released all slaves
[  199.621312][T10386] nftables ruleset with unbound set
[  200.182047][T10402] netlink: 'syz.0.1327': attribute type 9 has an invalid length.
[  200.217937][T10400] syz.3.1331 (10400) used greatest stack depth: 17944 bytes left
[  200.231123][T10398] netlink: 'syz.0.1327': attribute type 3 has an invalid length.
[  200.263463][T10398] netlink: 'syz.0.1327': attribute type 3 has an invalid length.
[  200.411829][T10409] geneve5: entered promiscuous mode
[  200.706494][T10418] netlink: 'syz.4.1332': attribute type 58 has an invalid length.
[  200.745194][T10417] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1335'.
[  200.748190][T10418] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1332'.
[  200.807407][T10421] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1332'.
[  200.857742][T10423] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1338'.
[  201.602510][T10450] netlink: 'syz.0.1347': attribute type 21 has an invalid length.
[  201.613456][T10446] vlan3: entered promiscuous mode
[  201.618955][T10446] vlan3: entered allmulticast mode
[  201.893405][T10457] 0·: renamed from hsr0 (while UP)
[  201.943055][T10457] 0·: entered allmulticast mode
[  201.967241][T10457] hsr_slave_0: entered allmulticast mode
[  201.990721][T10457] hsr_slave_1: entered allmulticast mode
[  202.015537][T10457] A link change request failed with some changes committed already. Interface 
c0· may have been left with an inconsistent configuration, please check.
[  202.490817][T10463] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  202.750469][T10463] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  202.967732][T10487] __nla_validate_parse: 3 callbacks suppressed
[  202.967754][T10487] netlink: 207952 bytes leftover after parsing attributes in process `syz.0.1357'.
[  203.132644][T10493] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1358'.
[  203.193676][T10463] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.219086][T10484] syzkaller0: entered promiscuous mode
[  203.255287][T10484] syzkaller0: entered allmulticast mode
[  203.433469][T10500] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1361'.
[  203.450081][T10463] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.794145][ T8239] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  203.849694][T10511] SET target dimension over the limit!
[  203.863075][  T288] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  203.920120][  T288] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  203.933150][ T8239] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  203.942141][T10516] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1367'.
[  203.974135][T10515] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1367'.
[  204.040581][T10522] tipc: Started in network mode
[  204.045495][T10522] tipc: Node identity 5ad6f39841ee, cluster identity 4711
[  204.068462][T10522] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  204.155962][T10522] tipc: Disabling bearer <eth:syzkaller0>
[  204.196168][T10529] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1371'.
[  204.238485][T10533] netlink: 'syz.4.1373': attribute type 3 has an invalid length.
[  204.260209][T10531] syzkaller1: entered promiscuous mode
[  204.265871][T10531] syzkaller1: entered allmulticast mode
[  204.483119][T10541] netlink: 'syz.4.1379': attribute type 10 has an invalid length.
[  204.641704][T10548] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1378'.
[  204.862245][T10565] netlink: 'syz.2.1387': attribute type 32 has an invalid length.
[  204.896781][T10565] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1387'.
[  204.935798][T10565] bond7: option coupled_control: invalid value (12)
[  204.944017][T10565] bond7 (unregistering): Released all slaves
[  204.988028][T10564] syzkaller0: entered promiscuous mode
[  205.027982][T10564] syzkaller0: entered allmulticast mode
[  205.067642][T10571] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1386'.
[  205.091823][T10564] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1385'.
[  205.203626][T10582] FAULT_INJECTION: forcing a failure.
[  205.203626][T10582] name failslab, interval 1, probability 0, space 0, times 0
[  205.255021][T10582] CPU: 0 UID: 0 PID: 10582 Comm: syz.1.1389 Not tainted syzkaller #0 PREEMPT(full) 
[  205.255047][T10582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  205.255059][T10582] Call Trace:
[  205.255066][T10582]  <TASK>
[  205.255074][T10582]  dump_stack_lvl+0xe8/0x150
[  205.255101][T10582]  should_fail_ex+0x412/0x560
[  205.255131][T10582]  should_failslab+0xa8/0x100
[  205.255156][T10582]  ? skb_clone+0x212/0x3a0
[  205.255174][T10582]  kmem_cache_alloc_noprof+0x87/0x650
[  205.255198][T10582]  ? __netlink_lookup+0xc6/0x8b0
[  205.255228][T10582]  skb_clone+0x212/0x3a0
[  205.255248][T10582]  __netlink_deliver_tap+0x404/0x850
[  205.255285][T10582]  ? netlink_deliver_tap+0x2e/0x1b0
[  205.255311][T10582]  netlink_deliver_tap+0x19c/0x1b0
[  205.255336][T10582]  netlink_unicast+0x730/0x8e0
[  205.255366][T10582]  netlink_sendmsg+0x813/0xb40
[  205.255397][T10582]  ? __pfx_netlink_sendmsg+0x10/0x10
[  205.255422][T10582]  ? aa_sock_msg_perm+0xf1/0x1b0
[  205.255452][T10582]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  205.255479][T10582]  ____sys_sendmsg+0x972/0x9f0
[  205.255501][T10582]  ? __might_fault+0xaf/0x130
[  205.255529][T10582]  ? __pfx_____sys_sendmsg+0x10/0x10
[  205.255561][T10582]  ? import_iovec+0x73/0xa0
[  205.255588][T10582]  ___sys_sendmsg+0x2a5/0x360
[  205.255612][T10582]  ? __lock_acquire+0x6b5/0x2cf0
[  205.255636][T10582]  ? __pfx____sys_sendmsg+0x10/0x10
[  205.255696][T10582]  ? __fget_files+0x2a/0x420
[  205.255716][T10582]  ? __fget_files+0x3a0/0x420
[  205.255745][T10582]  __x64_sys_sendmsg+0x1bd/0x2a0
[  205.255772][T10582]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  205.255807][T10582]  ? __pfx_ksys_write+0x10/0x10
[  205.255837][T10582]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.255855][T10582]  do_syscall_64+0x15f/0xf80
[  205.255870][T10582]  ? trace_irq_disable+0x3b/0x140
[  205.255895][T10582]  ? clear_bhb_loop+0x40/0x90
[  205.255915][T10582]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.255932][T10582] RIP: 0033:0x7f68f239cdd9
[  205.255949][T10582] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  205.255964][T10582] RSP: 002b:00007f68f05f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  205.255982][T10582] RAX: ffffffffffffffda RBX: 00007f68f2615fa0 RCX: 00007f68f239cdd9
[  205.255994][T10582] RDX: 0000000004004050 RSI: 00002000000001c0 RDI: 0000000000000003
[  205.256005][T10582] RBP: 00007f68f05f6090 R08: 0000000000000000 R09: 0000000000000000
[  205.256016][T10582] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  205.256025][T10582] R13: 00007f68f2616038 R14: 00007f68f2615fa0 R15: 00007fff48d86e18
[  205.256053][T10582]  </TASK>
[  205.771765][T10597] xt_cgroup: xt_cgroup: no path or classid specified
[  205.813089][T10599] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  207.123202][T10670] Cannot find set identified by id 2 to match
[  207.904084][T10696] syzkaller0: entered promiscuous mode
[  207.909693][T10696] syzkaller0: entered allmulticast mode
[  208.559975][T10721] __nla_validate_parse: 8 callbacks suppressed
[  208.559995][T10721] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1424'.
[  210.499364][T10730] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1428'.
[  210.523427][T10730] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1428'.
[  210.980035][T10752] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1434'.
[  211.352624][T10765] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1438'.
[  211.710064][T10779] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1441'.
[  211.941647][T10783] netlink: 'syz.0.1446': attribute type 9 has an invalid length.
[  212.361874][T10799] bond0: (slave bond_slave_1): Releasing backup interface
[  212.464975][T10811] syzkaller1: entered allmulticast mode
[  212.802355][T10825] smbdirect: ib_dev[syz1]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000
[  212.855059][T10825] smbdirect: ib_dev[syz1]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6
[  212.871667][T10828] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  212.881583][T10828] syzkaller0: entered promiscuous mode
[  212.887084][T10828] syzkaller0: entered allmulticast mode
[  212.894725][T10825] smbdirect: ib_dev[syz1]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008
[  212.896822][T10828] tipc: Resetting bearer <eth:syzkaller0>
[  212.951189][T10827] tipc: Resetting bearer <eth:syzkaller0>
[  212.958057][T10825] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  212.979293][T10827] tipc: Disabling bearer <eth:syzkaller0>
[  213.276432][T10833] syzkaller1: left allmulticast mode
[  213.288730][T10837] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1460'.
[  213.308442][T10838] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1464'.
[  213.327945][T10838] Cannot find set identified by id 65534 to match
[  213.421486][T10841] netlink: 200 bytes leftover after parsing attributes in process `syz.1.1465'.
[  213.435956][T10841] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1465'.
[  213.924482][T10871] __nla_validate_parse: 1 callbacks suppressed
[  213.924499][T10871] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1471'.
[  213.932133][T10873] IPv6: addrconf: prefix option has invalid lifetime
[  214.182150][T10871] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1471'.
[  215.739215][T10948] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1491'.
[  216.421387][T10979] 8021q: VLANs not supported on syzkaller1
[  216.459078][T10979] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1497'.
[  216.533270][T10981] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1498'.
[  216.629749][T10984] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1499'.
[  216.694349][T10979] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1497'.
[  217.238981][T11009] sock: sock_set_timeout: `syz.4.1506' (pid 11009) tries to set negative timeout
[  217.370456][T11024] netlink: 212324 bytes leftover after parsing attributes in process `syz.0.1510'.
[  218.418813][T11061] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1518'.
[  218.598146][T11065] ip6gretap1: entered promiscuous mode
[  218.703629][T11075] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1522'.
[  218.879178][T11077] SET target dimension over the limit!
[  219.054320][T11086] syzkaller0: entered promiscuous mode
[  219.082803][T11086] syzkaller0: entered allmulticast mode
[  219.108866][T11089] netlink: 'syz.2.1524': attribute type 58 has an invalid length.
[  219.143336][T11089] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1524'.
[  219.254501][T11089] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1524'.
[  219.731624][T11106] netlink: 'syz.4.1530': attribute type 32 has an invalid length.
[  219.753466][T11106] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1530'.
[  219.783678][T11106] bond11: option coupled_control: invalid value (12)
[  219.810096][T11106] bond11 (unregistering): Released all slaves
[  219.852680][T11109] netlink: 'syz.2.1531': attribute type 1 has an invalid length.
[  220.746281][T11120] IPv6: addrconf: prefix option has invalid lifetime
[  221.913583][T11083] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  222.138178][T11131] xt_cgroup: xt_cgroup: no path or classid specified
[  222.544910][T11144] netlink: 'syz.4.1540': attribute type 9 has an invalid length.
[  222.590875][T11144] netlink: 'syz.4.1540': attribute type 3 has an invalid length.
[  222.602319][T11150] IPv6: addrconf: prefix option has invalid lifetime
[  222.614401][T11144] netlink: 'syz.4.1540': attribute type 3 has an invalid length.
[  222.646382][T11143] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1541'.
[  222.798905][T11155] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1541'.
[  223.494529][T11170] netlink: 'syz.4.1547': attribute type 1 has an invalid length.
[  223.519907][T11171] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1549'.
[  223.569456][T11173] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1550'.
[  223.578592][T11173] openvswitch: netlink: Flow actions attr not present in new flow.
[  223.685680][T11182] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1553'.
[  223.710426][ T5631] hid-generic 0005:04F3:0A11.0001: item fetching failed at offset 0/1
[  223.811591][ T5631] hid-generic 0005:04F3:0A11.0001: probe with driver hid-generic failed with error -22
[  224.009037][T11191] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  224.828491][T11221] netlink: 'syz.1.1564': attribute type 1 has an invalid length.
[  225.099409][T11227] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1567'.
[  225.207410][T11229] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1567'.
[  225.595907][T11249] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1572'.
[  226.041492][T11273] netlink: 200 bytes leftover after parsing attributes in process `syz.1.1584'.
[  226.083162][T11273] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1584'.
[  226.159197][T11279] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1582'.
[  226.188968][T11283] netlink: 34 bytes leftover after parsing attributes in process `syz.2.1586'.
[  226.298732][T11271] netlink: 7986 bytes leftover after parsing attributes in process `syz.3.1582'.
[  226.358625][T11289] netlink: 34 bytes leftover after parsing attributes in process `syz.1.1588'.
[  226.580889][T11295] xt_cgroup: xt_cgroup: no path or classid specified
[  226.900601][T11308] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1596'.
[  227.132943][  T288] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  227.194041][T11314] bridge0: port 2(bridge_slave_1) entered blocking state
[  227.203514][T11314] bridge0: port 2(bridge_slave_1) entered forwarding state
[  227.212378][T11314] bridge0: port 1(bridge_slave_0) entered blocking state
[  227.220479][T11314] bridge0: port 1(bridge_slave_0) entered forwarding state
[  227.248412][ T8239] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  227.281549][ T8239] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  227.334779][ T8239] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  227.577930][T11326] geneve6: entered promiscuous mode
[  227.779296][T11332] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  227.810850][T11332] bridge0: port 3(team0) entered disabled state
[  227.817608][T11332] bridge0: port 2(bridge_slave_1) entered disabled state
[  227.826411][T11332] bridge0: port 1(bridge_slave_0) entered disabled state
[  229.623585][T11289] Set syz1 is full, maxelem 65536 reached
[  246.105523][T11360] __nla_validate_parse: 10 callbacks suppressed
[  246.105567][T11360] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1612'.
[  246.315334][T11374] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1616'.
[  246.376887][T11377] wg1: entered allmulticast mode
[  246.430275][T11374] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  246.558800][T11381] netlink: zone id is out of range
[  246.595504][T11381] netlink: zone id is out of range
[  246.642161][T11381] netlink: zone id is out of range
[  246.660097][T11381] netlink: zone id is out of range
[  246.667369][T11381] netlink: zone id is out of range
[  246.673464][T11381] netlink: zone id is out of range
[  246.683976][T11381] netlink: zone id is out of range
[  246.699516][T11381] netlink: zone id is out of range
[  246.711368][T11381] netlink: zone id is out of range
[  246.716609][T11381] netlink: zone id is out of range
[  247.385310][T11413] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  247.415235][T11414] netlink: 'syz.2.1633': attribute type 4 has an invalid length.
[  247.487781][T11419] netlink: 'syz.2.1633': attribute type 4 has an invalid length.
[  247.629599][T11425] xt_TPROXY: Can be used only with -p tcp or -p udp
[  247.689800][T11429] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1639'.
[  247.764680][T11434] set match dimension is over the limit!
[  248.105939][T11450] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1649'.
[  248.161803][T11450] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1649'.
[  248.177097][T11452] netlink: 'syz.2.1650': attribute type 32 has an invalid length.
[  248.202568][T11450] bridge0: port 3(team0) entered blocking state
[  248.209060][T11450] bridge0: port 3(team0) entered forwarding state
[  248.215892][T11450] bridge0: port 2(bridge_slave_1) entered blocking state
[  248.223031][T11450] bridge0: port 2(bridge_slave_1) entered forwarding state
[  248.230458][T11450] bridge0: port 1(bridge_slave_0) entered blocking state
[  248.237623][T11450] bridge0: port 1(bridge_slave_0) entered forwarding state
[  248.251169][T11452] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1650'.
[  248.276964][T11454] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1651'.
[  248.316267][T11450] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1649'.
[  248.322704][T11452] bond7: option coupled_control: invalid value (12)
[  248.333885][T11452] bond7 (unregistering): Released all slaves
[  248.398815][T11450] bridge0: port 3(team0) entered disabled state
[  248.405288][T11450] bridge0: port 2(bridge_slave_1) entered disabled state
[  248.412507][T11450] bridge0: port 1(bridge_slave_0) entered disabled state
[  248.431480][T11454] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1651'.
[  248.526998][T11467] netlink: 34 bytes leftover after parsing attributes in process `syz.4.1655'.
[  248.734765][T11471] macvtap0: entered promiscuous mode
[  248.775296][T11471] macvtap0: entered allmulticast mode
[  248.791009][T11471] veth1_vlan: entered allmulticast mode
[  248.915127][T11477] macvtap1: entered promiscuous mode
[  248.924773][T11477] macvtap1: entered allmulticast mode
[  248.967245][T11484] geneve5: entered promiscuous mode
[  250.040826][T11519] netlink: 'syz.0.1675': attribute type 9 has an invalid length.
[  250.066881][T11519] netlink: 'syz.0.1675': attribute type 3 has an invalid length.
[  250.074779][T11519] netlink: 'syz.0.1675': attribute type 3 has an invalid length.
[  251.113983][T11560] bond7: (slave vxcan1): The slave device specified does not support setting the MAC address
[  251.131928][T11560] bond7: (slave vxcan1): Error -95 calling set_mac_address
[  251.189500][T11567] netem: change failed
[  251.209825][T11552] __nla_validate_parse: 8 callbacks suppressed
[  251.209845][T11552] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1685'.
[  251.336233][T11552] macvlan4: entered promiscuous mode
[  251.362464][T11552] macvlan4: entered allmulticast mode
[  251.680668][T11578] netlink: 'syz.4.1692': attribute type 7 has an invalid length.
[  251.716416][T11578] netlink: 200 bytes leftover after parsing attributes in process `syz.4.1692'.
[  251.758512][T11578] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1692'.
[  251.816436][T11585] net_ratelimit: 335 callbacks suppressed
[  251.816455][T11585] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  251.943365][T11592] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1696'.
[  252.062930][T11594] netlink: 34 bytes leftover after parsing attributes in process `syz.3.1698'.
[  252.109924][T11596] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1699'.
[  252.200813][T11594] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1698'.
[  253.184210][T11627] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1708'.
[  253.250488][T11629] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1710'.
[  253.343001][T11636] netlink: 34 bytes leftover after parsing attributes in process `syz.3.1712'.
[  253.360583][T11634] Bluetooth: MGMT ver 1.23
[  254.190537][T11675] IPv6: addrconf: prefix option has invalid lifetime
[  254.819575][T11694] netem: invalid attributes len -24
[  255.047850][T11705] sch_tbf: burst 6 is lower than device gretap0 mtu (1534) !
[  255.180758][T11705] bond0: (slave dummy0): Releasing backup interface
[  255.686782][ T1317] ieee802154 phy0 wpan0: encryption failed: -22
[  255.693250][ T1317] ieee802154 phy1 wpan1: encryption failed: -22
[  255.957794][T11738] IPv6: addrconf: prefix option has invalid lifetime
[  256.391506][T11755] __nla_validate_parse: 13 callbacks suppressed
[  256.391526][T11755] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1750'.
[  256.703731][T11747] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1747'.
[  256.761625][T11768] netlink: 34 bytes leftover after parsing attributes in process `syz.1.1755'.
[  256.774304][T11768] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1755'.
[  257.238781][T11784] IPv6: addrconf: prefix option has invalid lifetime
[  257.368482][T11793] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1754'.
[  257.723121][T11799] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1763'.
[  257.829190][T11806] syzkaller1: entered promiscuous mode
[  257.839129][T11806] syzkaller1: entered allmulticast mode
[  258.075065][T11817] syzkaller1: entered promiscuous mode
[  258.080580][T11817] syzkaller1: entered allmulticast mode
[  258.537646][T11836] IPv6: addrconf: prefix option has invalid lifetime
[  259.073008][T11860] xt_cgroup: xt_cgroup: no path or classid specified
[  259.293141][T11857] netlink: 'syz.0.1776': attribute type 58 has an invalid length.
[  259.300995][T11857] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1776'.
[  259.551839][T11881] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1784'.
[  259.844350][T11895] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  260.016958][T11900] IPv6: addrconf: prefix option has invalid lifetime
[  260.070736][T11908] netlink: 'syz.3.1792': attribute type 1 has an invalid length.
[  260.102277][T11908] bond7: entered promiscuous mode
[  260.107778][T11908] 8021q: adding VLAN 0 to HW filter on device bond7
[  260.199092][T11908] bond7: (slave bridge4): making interface the new active one
[  260.206596][T11908] bridge4: entered promiscuous mode
[  260.213197][T11908] bond7: (slave bridge4): Enslaving as an active interface with an up link
[  260.252897][T11906] netlink: 'syz.4.1790': attribute type 1 has an invalid length.
[  260.418110][T11906] bond12: (slave vxcan5): The slave device specified does not support setting the MAC address
[  260.438428][T11906] bond12: (slave vxcan5): Error -95 calling set_mac_address
[  260.526803][T11913] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1790'.
[  260.576973][T11913] macvlan5: entered promiscuous mode
[  260.614793][T11913] macvlan5: entered allmulticast mode
[  260.633758][    T9] hid-generic 0005:04F3:0A11.0002: item fetching failed at offset 0/1
[  260.642583][    T9] hid-generic 0005:04F3:0A11.0002: probe with driver hid-generic failed with error -22
[  260.769478][T11942] xt_cgroup: xt_cgroup: no path or classid specified
[  260.985697][T11952] netlink: 'syz.0.1796': attribute type 58 has an invalid length.
[  261.045880][T11952] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1796'.
[  261.096719][T11946] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  261.118953][T11946] syzkaller0: entered promiscuous mode
[  261.130569][T11946] syzkaller0: entered allmulticast mode
[  261.146482][T11955] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  261.161893][T11946] tipc: Resetting bearer <eth:syzkaller0>
[  261.182827][T11955] syzkaller0: entered promiscuous mode
[  261.191201][T11955] syzkaller0: entered allmulticast mode
[  261.205065][T11944] tipc: Resetting bearer <eth:syzkaller0>
[  261.292053][T11944] tipc: Disabling bearer <eth:syzkaller0>
[  261.318914][T11955] tipc: Resetting bearer <eth:syzkaller0>
[  261.343214][T11953] tipc: Resetting bearer <eth:syzkaller0>
[  261.422608][T11953] tipc: Disabling bearer <eth:syzkaller0>
[  261.934344][T11983] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1804'.
[  262.470645][T12006] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1809'.
[  263.331865][T12041] xt_TPROXY: Can be used only with -p tcp or -p udp
[  263.474824][T12051] netlink: 200 bytes leftover after parsing attributes in process `syz.4.1820'.
[  263.540099][T12051] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1820'.
[  264.211074][T12075] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1825'.
[  264.379393][T12067] block nbd1: server does not support multiple connections per device.
[  264.418787][T12067] block nbd1: shutting down sockets
[  264.506497][T12088] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1825'.
[  264.666526][T12094] netlink: 'syz.2.1826': attribute type 9 has an invalid length.
[  264.715490][T12094] netlink: 'syz.2.1826': attribute type 3 has an invalid length.
[  264.730014][T12100] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1828'.
[  264.746818][T12094] netlink: 'syz.2.1826': attribute type 3 has an invalid length.
[  265.149587][T12111] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1832'.
[  265.161345][T12113] IPv6: addrconf: prefix option has invalid lifetime
[  265.558983][T12131] netlink: 116 bytes leftover after parsing attributes in process `syz.1.1838'.
[  266.106960][T12151] netlink: 'syz.4.1842': attribute type 1 has an invalid length.
[  266.114780][T12151] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1842'.
[  266.252819][T12151] netlink: 'syz.4.1842': attribute type 1 has an invalid length.
[  267.400226][T12209] netlink: 'syz.4.1856': attribute type 32 has an invalid length.
[  267.408092][T12209] __nla_validate_parse: 3 callbacks suppressed
[  267.408110][T12209] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1856'.
[  267.469982][T12209] bond13: option coupled_control: invalid value (12)
[  267.488343][T12209] bond13 (unregistering): Released all slaves
[  267.592263][T12219] netlink: 'syz.0.1857': attribute type 1 has an invalid length.
[  267.634740][T12219] netlink: 248 bytes leftover after parsing attributes in process `syz.0.1857'.
[  267.862728][T12230] 
[  267.865094][T12230] ======================================================
[  267.872118][T12230] WARNING: possible circular locking dependency detected
[  267.879162][T12230] syzkaller #0 Not tainted
[  267.883587][T12230] ------------------------------------------------------
[  267.890614][T12230] syz.3.1859/12230 is trying to acquire lock:
[  267.896683][T12230] ffffffff8ea85520 (fs_reclaim){+.+.}-{0:0}, at: kmem_cache_alloc_node_noprof+0x4a/0x690
[  267.906551][T12230] 
[  267.906551][T12230] but task is already holding lock:
[  267.914010][T12230] ffff8880682c9d60 (k-sk_lock-AF_INET6){+.+.}-{0:0}, at: inet_stream_connect+0x51/0xa0
[  267.923700][T12230] 
[  267.923700][T12230] which lock already depends on the new lock.
[  267.923700][T12230] 
[  267.934199][T12230] 
[  267.934199][T12230] the existing dependency chain (in reverse order) is:
[  267.943234][T12230] 
[  267.943234][T12230] -> #7 (k-sk_lock-AF_INET6){+.+.}-{0:0}:
[  267.951163][T12230]        lock_sock_nested+0x41/0x100
[  267.956469][T12230]        mptcp_listen+0x230/0x610
[  267.961514][T12230]        __x64_sys_listen+0x1c7/0x240
[  267.961647][T12233] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1859'.
[  267.966907][T12230]        do_syscall_64+0x15f/0xf80
[  267.966934][T12230]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  267.966953][T12230] 
[  267.966953][T12230] -> #6 (sk_lock-AF_INET6){+.+.}-{0:0}:
[  267.966983][T12230]        lock_sock_nested+0x41/0x100
[  268.000366][T12230]        inet_shutdown+0x6a/0x390
[  268.005403][T12230]        nbd_mark_nsock_dead+0x2e9/0x560
[  268.011034][T12230]        sock_shutdown+0x15e/0x260
[  268.016140][T12230]        nbd_clear_sock+0x24/0x170
[  268.021246][T12230]        nbd_config_put+0x2dd/0x580
[  268.026432][T12230]        nbd_genl_connect+0x19d5/0x1cf0
[  268.031969][T12230]        genl_family_rcv_msg_doit+0x22a/0x330
[  268.038031][T12230]        genl_rcv_msg+0x61c/0x7a0
[  268.043054][T12230]        netlink_rcv_skb+0x232/0x4b0
[  268.048342][T12230]        genl_rcv+0x28/0x40
[  268.052860][T12230]        netlink_unicast+0x75c/0x8e0
[  268.058151][T12230]        netlink_sendmsg+0x813/0xb40
[  268.063442][T12230]        ____sys_sendmsg+0x972/0x9f0
[  268.068904][T12230]        ___sys_sendmsg+0x2a5/0x360
[  268.074100][T12230]        __x64_sys_sendmsg+0x1bd/0x2a0
[  268.079565][T12230]        do_syscall_64+0x15f/0xf80
[  268.084665][T12230]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.091072][T12230] 
[  268.091072][T12230] -> #5 (&nsock->tx_lock){+.+.}-{4:4}:
[  268.098717][T12230]        __mutex_lock+0x1a3/0x1550
[  268.103825][T12230]        nbd_queue_rq+0x37b/0x1100
[  268.108927][T12230]        blk_mq_dispatch_rq_list+0xa70/0x1910
[  268.114988][T12230]        __blk_mq_sched_dispatch_requests+0xdcc/0x1600
[  268.121843][T12230]        blk_mq_sched_dispatch_requests+0xd7/0x190
[  268.128342][T12230]        blk_mq_run_hw_queue+0x348/0x4f0
[  268.133972][T12230]        blk_mq_dispatch_list+0xd16/0xe10
[  268.139689][T12230]        blk_mq_flush_plug_list+0x48d/0x570
[  268.145590][T12230]        __blk_flush_plug+0x3ed/0x4d0
[  268.150957][T12230]        __submit_bio+0x28d/0x580
[  268.155973][T12230]        submit_bio_noacct_nocheck+0x2f4/0xa40
[  268.162132][T12230]        block_read_full_folio+0x599/0x830
[  268.167924][T12230]        filemap_read_folio+0x137/0x3b0
[  268.173466][T12230]        do_read_cache_folio+0x358/0x590
[  268.179095][T12230]        read_part_sector+0xb6/0x2b0
[  268.184382][T12230]        adfspart_check_ICS+0xb1/0x960
[  268.189874][T12230]        bdev_disk_changed+0x817/0x1770
[  268.195417][T12230]        blkdev_get_whole+0x380/0x510
[  268.200795][T12230]        bdev_open+0x31e/0xd30
[  268.205555][T12230]        blkdev_open+0x470/0x610
[  268.210480][T12230]        do_dentry_open+0x785/0x14e0
[  268.215797][T12230]        vfs_open+0x3b/0x340
[  268.220377][T12230]        path_openat+0x2e08/0x3860
[  268.225481][T12230]        do_file_open+0x23e/0x4a0
[  268.230498][T12230]        do_sys_openat2+0x113/0x200
[  268.235688][T12230]        __x64_sys_openat+0x138/0x170
[  268.241053][T12230]        do_syscall_64+0x15f/0xf80
[  268.246151][T12230]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.252560][T12230] 
[  268.252560][T12230] -> #4 (&cmd->lock){+.+.}-{4:4}:
[  268.259765][T12230]        __mutex_lock+0x1a3/0x1550
[  268.264867][T12230]        nbd_queue_rq+0xc6/0x1100
[  268.269886][T12230]        blk_mq_dispatch_rq_list+0xa70/0x1910
[  268.275950][T12230]        __blk_mq_sched_dispatch_requests+0xdcc/0x1600
[  268.282802][T12230]        blk_mq_sched_dispatch_requests+0xd7/0x190
[  268.289302][T12230]        blk_mq_run_hw_queue+0x348/0x4f0
[  268.294949][T12230]        blk_mq_dispatch_list+0xd16/0xe10
[  268.300675][T12230]        blk_mq_flush_plug_list+0x48d/0x570
[  268.306566][T12230]        __blk_flush_plug+0x3ed/0x4d0
[  268.311931][T12230]        __submit_bio+0x28d/0x580
[  268.316945][T12230]        submit_bio_noacct_nocheck+0x2f4/0xa40
[  268.323091][T12230]        block_read_full_folio+0x599/0x830
[  268.329074][T12230]        filemap_read_folio+0x137/0x3b0
[  268.334615][T12230]        do_read_cache_folio+0x358/0x590
[  268.340240][T12230]        read_part_sector+0xb6/0x2b0
[  268.345518][T12230]        adfspart_check_ICS+0xb1/0x960
[  268.350970][T12230]        bdev_disk_changed+0x817/0x1770
[  268.356508][T12230]        blkdev_get_whole+0x380/0x510
[  268.361875][T12230]        bdev_open+0x31e/0xd30
[  268.366630][T12230]        blkdev_open+0x470/0x610
[  268.371554][T12230]        do_dentry_open+0x785/0x14e0
[  268.376828][T12230]        vfs_open+0x3b/0x340
[  268.381404][T12230]        path_openat+0x2e08/0x3860
[  268.386509][T12230]        do_file_open+0x23e/0x4a0
[  268.391526][T12230]        do_sys_openat2+0x113/0x200
[  268.396716][T12230]        __x64_sys_openat+0x138/0x170
[  268.402075][T12230]        do_syscall_64+0x15f/0xf80
[  268.407174][T12230]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.413582][T12230] 
[  268.413582][T12230] -> #3 (set->srcu){.+.+}-{0:0}:
[  268.420698][T12230]        __synchronize_srcu+0xca/0x300
[  268.426148][T12230]        elevator_switch+0x1e8/0x7a0
[  268.431438][T12230]        elevator_change+0x2cc/0x450
[  268.436722][T12230]        elevator_set_default+0x36c/0x430
[  268.442440][T12230]        blk_register_queue+0x3e9/0x4e0
[  268.447979][T12230]        __add_disk+0x677/0xd50
[  268.452819][T12230]        add_disk_fwnode+0xfb/0x480
[  268.458005][T12230]        nbd_dev_add+0x72c/0xb50
[  268.462927][T12230]        nbd_init+0x168/0x1f0
[  268.467590][T12230]        do_one_initcall+0x250/0x870
[  268.472862][T12230]        do_initcall_level+0x104/0x190
[  268.478317][T12230]        do_initcalls+0x59/0xa0
[  268.483159][T12230]        kernel_init_freeable+0x2a6/0x3e0
[  268.488992][T12230]        kernel_init+0x1d/0x1d0
[  268.493866][T12230]        ret_from_fork+0x514/0xb70
[  268.499058][T12230]        ret_from_fork_asm+0x1a/0x30
[  268.504346][T12230] 
[  268.504346][T12230] -> #2 (&q->elevator_lock){+.+.}-{4:4}:
[  268.512163][T12230]        __mutex_lock+0x1a3/0x1550
[  268.517278][T12230]        elevator_change+0x1b3/0x450
[  268.522571][T12230]        elevator_set_none+0xb5/0x140
[  268.527948][T12230]        blk_mq_update_nr_hw_queues+0x5e7/0x1a60
[  268.534275][T12230]        nbd_start_device+0x17f/0xb10
[  268.539646][T12230]        nbd_genl_connect+0x165b/0x1cf0
[  268.545182][T12230]        genl_family_rcv_msg_doit+0x22a/0x330
[  268.551239][T12230]        genl_rcv_msg+0x61c/0x7a0
[  268.556261][T12230]        netlink_rcv_skb+0x232/0x4b0
[  268.561538][T12230]        genl_rcv+0x28/0x40
[  268.566051][T12230]        netlink_unicast+0x75c/0x8e0
[  268.571326][T12230]        netlink_sendmsg+0x813/0xb40
[  268.576605][T12230]        ____sys_sendmsg+0x972/0x9f0
[  268.581886][T12230]        ___sys_sendmsg+0x2a5/0x360
[  268.587079][T12230]        __x64_sys_sendmsg+0x1bd/0x2a0
[  268.592546][T12230]        do_syscall_64+0x15f/0xf80
[  268.597647][T12230]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.604051][T12230] 
[  268.604051][T12230] -> #1 (&q->q_usage_counter(io)#49){++++}-{0:0}:
[  268.612651][T12230]        blk_alloc_queue+0x546/0x680
[  268.617935][T12230]        __blk_mq_alloc_disk+0x197/0x390
[  268.623554][T12230]        nbd_dev_add+0x499/0xb50
[  268.628480][T12230]        nbd_init+0x168/0x1f0
[  268.633145][T12230]        do_one_initcall+0x250/0x870
[  268.638419][T12230]        do_initcall_level+0x104/0x190
[  268.643871][T12230]        do_initcalls+0x59/0xa0
[  268.648727][T12230]        kernel_init_freeable+0x2a6/0x3e0
[  268.654462][T12230]        kernel_init+0x1d/0x1d0
[  268.659320][T12230]        ret_from_fork+0x514/0xb70
[  268.664428][T12230]        ret_from_fork_asm+0x1a/0x30
[  268.669791][T12230] 
[  268.669791][T12230] -> #0 (fs_reclaim){+.+.}-{0:0}:
[  268.677010][T12230]        __lock_acquire+0x15a5/0x2cf0
[  268.682389][T12230]        lock_acquire+0x106/0x350
[  268.687416][T12230]        fs_reclaim_acquire+0x71/0x100
[  268.692886][T12230]        kmem_cache_alloc_node_noprof+0x4a/0x690
[  268.699209][T12230]        __alloc_skb+0x1d0/0x7d0
[  268.704144][T12230]        tcp_stream_alloc_skb+0x3f/0x580
[  268.709768][T12230]        tcp_connect+0x1570/0x5400
[  268.714876][T12230]        tcp_v6_connect+0x1295/0x1b10
[  268.720239][T12230]        __inet_stream_connect+0x25a/0xdd0
[  268.726035][T12230]        inet_stream_connect+0x66/0xa0
[  268.731485][T12230]        kernel_connect+0x141/0x1c0
[  268.736668][T12230]        smc_connect+0x7a5/0xd90
[  268.741684][T12230]        __sys_connect+0x312/0x450
[  268.746794][T12230]        __x64_sys_connect+0x7a/0x90
[  268.752070][T12230]        do_syscall_64+0x15f/0xf80
[  268.757170][T12230]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.763576][T12230] 
[  268.763576][T12230] other info that might help us debug this:
[  268.763576][T12230] 
[  268.773803][T12230] Chain exists of:
[  268.773803][T12230]   fs_reclaim --> sk_lock-AF_INET6 --> k-sk_lock-AF_INET6
[  268.773803][T12230] 
[  268.786753][T12230]  Possible unsafe locking scenario:
[  268.786753][T12230] 
[  268.794188][T12230]        CPU0                    CPU1
[  268.799543][T12230]        ----                    ----
[  268.804901][T12230]   lock(k-sk_lock-AF_INET6);
[  268.809665][T12230]                                lock(sk_lock-AF_INET6);
[  268.817022][T12230]                                lock(k-sk_lock-AF_INET6);
[  268.824210][T12230]   lock(fs_reclaim);
[  268.828194][T12230] 
[  268.828194][T12230]  *** DEADLOCK ***
[  268.828194][T12230] 
[  268.836328][T12230] 2 locks held by syz.3.1859/12230:
[  268.841694][T12230]  #0: ffff88807d1372e0 (sk_lock-AF_SMC){+.+.}-{0:0}, at: smc_connect+0xbd/0xd90
[  268.850901][T12230]  #1: ffff8880682c9d60 (k-sk_lock-AF_INET6){+.+.}-{0:0}, at: inet_stream_connect+0x51/0xa0
[  268.860987][T12230] 
[  268.860987][T12230] stack backtrace:
[  268.866870][T12230] CPU: 0 UID: 0 PID: 12230 Comm: syz.3.1859 Not tainted syzkaller #0 PREEMPT(full) 
[  268.866891][T12230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  268.866910][T12230] Call Trace:
[  268.866918][T12230]  <TASK>
[  268.866926][T12230]  dump_stack_lvl+0xe8/0x150
[  268.866947][T12230]  print_circular_bug+0x2e1/0x300
[  268.866971][T12230]  check_noncircular+0x12e/0x150
[  268.866993][T12230]  __lock_acquire+0x15a5/0x2cf0
[  268.867014][T12230]  ? do_raw_spin_lock+0x12b/0x2f0
[  268.867040][T12230]  ? kmem_cache_alloc_node_noprof+0x4a/0x690
[  268.867061][T12230]  lock_acquire+0x106/0x350
[  268.867076][T12230]  ? kmem_cache_alloc_node_noprof+0x4a/0x690
[  268.867103][T12230]  ? ip6_dst_check+0xe2/0x7e0
[  268.867128][T12230]  fs_reclaim_acquire+0x71/0x100
[  268.867151][T12230]  ? kmem_cache_alloc_node_noprof+0x4a/0x690
[  268.867171][T12230]  kmem_cache_alloc_node_noprof+0x4a/0x690
[  268.867193][T12230]  ? ip6_default_advmss+0x80/0x3b0
[  268.867209][T12230]  ? __alloc_skb+0x1d0/0x7d0
[  268.867232][T12230]  __alloc_skb+0x1d0/0x7d0
[  268.867254][T12230]  tcp_stream_alloc_skb+0x3f/0x580
[  268.867273][T12230]  ? __asan_memset+0x22/0x50
[  268.867293][T12230]  tcp_connect+0x1570/0x5400
[  268.867316][T12230]  ? ktime_get_with_offset+0x93/0x2d0
[  268.867344][T12230]  ? __pfx_tcp_connect+0x10/0x10
[  268.867360][T12230]  ? seqcount_lockdep_reader_access+0xa9/0x100
[  268.867385][T12230]  ? lockdep_hardirqs_on+0x7a/0x110
[  268.867409][T12230]  ? ktime_get_with_offset+0x93/0x2d0
[  268.867432][T12230]  ? seqcount_lockdep_reader_access+0xea/0x100
[  268.867459][T12230]  ? __asan_memset+0x22/0x50
[  268.867479][T12230]  ? __pfx_tcp_fastopen_defer_connect+0x10/0x10
[  268.867504][T12230]  ? inet6_hash_connect+0xeb/0x170
[  268.867523][T12230]  tcp_v6_connect+0x1295/0x1b10
[  268.867541][T12230]  ? stack_depot_save_flags+0x33/0x810
[  268.867567][T12230]  ? __pfx_tcp_v6_connect+0x10/0x10
[  268.867589][T12230]  __inet_stream_connect+0x25a/0xdd0
[  268.867608][T12230]  ? do_raw_spin_lock+0x12b/0x2f0
[  268.867629][T12230]  ? lock_sock_nested+0x6a/0x100
[  268.867647][T12230]  ? __pfx___inet_stream_connect+0x10/0x10
[  268.867665][T12230]  ? inet_stream_connect+0x51/0xa0
[  268.867681][T12230]  ? __local_bh_enable_ip+0xd0/0x130
[  268.867700][T12230]  inet_stream_connect+0x66/0xa0
[  268.867717][T12230]  kernel_connect+0x141/0x1c0
[  268.867734][T12230]  ? __pfx_kernel_connect+0x10/0x10
[  268.867749][T12230]  ? do_raw_spin_lock+0x12b/0x2f0
[  268.867774][T12230]  ? smc_connect+0xbd/0xd90
[  268.867796][T12230]  ? __local_bh_enable_ip+0xd0/0x130
[  268.867814][T12230]  smc_connect+0x7a5/0xd90
[  268.867838][T12230]  __sys_connect+0x312/0x450
[  268.867861][T12230]  ? __pfx___sys_connect+0x10/0x10
[  268.867886][T12230]  ? __pfx_kcov_ioctl+0x10/0x10
[  268.867909][T12230]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.867926][T12230]  __x64_sys_connect+0x7a/0x90
[  268.867947][T12230]  do_syscall_64+0x15f/0xf80
[  268.867961][T12230]  ? trace_irq_disable+0x3b/0x140
[  268.867984][T12230]  ? clear_bhb_loop+0x40/0x90
[  268.868002][T12230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.868018][T12230] RIP: 0033:0x7fd560f9cdd9
[  268.868033][T12230] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  268.868048][T12230] RSP: 002b:00007fd561d78028 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  268.868065][T12230] RAX: ffffffffffffffda RBX: 00007fd561216090 RCX: 00007fd560f9cdd9
[  268.868077][T12230] RDX: 000000000000001c RSI: 00002000000004c0 RDI: 0000000000000004
[  268.868088][T12230] RBP: 00007fd561032d69 R08: 0000000000000000 R09: 0000000000000000
[  268.868102][T12230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  268.868112][T12230] R13: 00007fd561216128 R14: 00007fd561216090 R15: 00007ffe807addc8
[  268.868129][T12230]  </TASK>
[  269.325912][T12238] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1860'.