last executing test programs:

1.939052608s ago: executing program 3 (id=2444):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x114, 0x2c, 0x1, 0xa00, 0x0, "", [@nested={0x102, 0x0, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}, @typed={0x14, 0x2, 0x0, 0x0, @ipv6=@loopback}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f"]}]}, 0x114}], 0x1}, 0x0)

1.837809686s ago: executing program 3 (id=2448):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000100), 0x1c)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r3, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f00000012c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x34, 0x0, "0c9e089c1b4a04000bde79f04103c458187eb46c2d996aff287154e786455261c425a7519cc275d04e6205abd307a0c4fa3838bf399ad5bd35f21907c7988d1300"}, 0xd8)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x4e24, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x2}}, 0x0, 0x0, 0x4, 0x0, "a1c1dd75a6843e10951cd4b347113e55eb499519becf7542c90bc21470e441225642855b5f2faed4a18d67efd5f2fdf98328de94410300"}, 0xd8)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r4, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r6, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r7, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100080c100000000000000000", 0x57}], 0x1)
syz_genetlink_get_family_id$tipc(&(0x7f0000000040), r7)

1.678870371s ago: executing program 4 (id=2451):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
getsockopt$packet_buf(r2, 0x107, 0x6, 0x0, &(0x7f0000000100))
write$cgroup_int(r1, &(0x7f0000000200)=0x100000000, 0x12)

1.64129739s ago: executing program 3 (id=2453):
r0 = socket$pppoe(0x18, 0x1, 0x0)
mmap(&(0x7f0000b02000/0x2000)=nil, 0x2000, 0x1000002, 0x28011, 0xffffffffffffffff, 0x0)
pselect6(0x0, 0x0, &(0x7f0000000100)={0x3, 0x2e44395, 0xe2e, 0x1, 0x5de3, 0x2, 0xfffffffffffffffe, 0x9}, 0x0, 0x0, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x41, 0x3, 0x200, 0x98, 0x0, 0x0, 0x0, 0x0, 0x168, 0x1f0, 0x1f0, 0x168, 0x1f0, 0x3, 0x0, {[{{@ip={@dev, @broadcast, 0x0, 0x0, 'wlan1\x00', 'virt_wifi0\x00', {}, {}, 0x6, 0x0, 0x4c}, 0x0, 0x70, 0x98, 0x0, {0x0, 0xffffffffa0028000}}, @common=@inet=@SYNPROXY={0x28}}, {{@ip={@rand_addr, @multicast2, 0x0, 0x0, 'vlan0\x00'}, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @link_local}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x260)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r2, 0x84, 0x6b, &(0x7f00000000c0)=[@in6={0xa, 0x0, 0x0, @local, 0x9}], 0x1c)
recvmsg(r2, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x40000103)
setsockopt(r2, 0x84, 0x7f, &(0x7f0000000040)="020000000980ffff", 0x8)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f00000001c0)={'wpan1\x00', <r4=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_KEY(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="3f9d00000000000000001700000008000300", @ANYRES32=r4, @ANYBLOB="60003080050002000000000014000400403a050c5bae9c544ef2b6d713459a7a1c000180050002000000000008000400050000000800010002000000240003"], 0x7c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
connect$pppoe(r0, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
sendmmsg(r0, &(0x7f0000001640)=[{{0x0, 0x0, 0x0}}], 0x34000, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000480)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000440)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWSET={0x6c, 0x9, 0xa, 0x3, 0x0, 0x0, {0x7, 0x0, 0x9}, [@NFTA_SET_USERDATA={0x16, 0xd, 0x1, 0x0, "5368b865fd1ddfc2e532558dacb9db2ba354"}, @NFTA_SET_DATA_TYPE={0x8, 0x6, 0x1, 0x0, 0xffffff00}, @NFTA_SET_DATA_TYPE={0x8, 0x6, 0x1, 0x0, 0xffffff00}, @NFTA_SET_TIMEOUT={0xc, 0xb, 0x1, 0x0, 0x3}, @NFTA_SET_DATA_LEN={0x8, 0x7, 0x1, 0x0, 0x25}, @NFTA_SET_EXPRESSIONS={0x10, 0x12, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, @nat={{0x8}, @void}}]}, @NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x94}, 0x1, 0x0, 0x0, 0x48040}, 0x4004084)

1.56808006s ago: executing program 1 (id=2454):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000440), r0)
sendmsg$NLBL_UNLABEL_C_STATICLISTDEF(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000240)={0x14, r1, 0xc8036ab6d6cbef07, 0x70bd28, 0xffffffa6}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x45080)

1.474909391s ago: executing program 0 (id=2456):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r0, 0x400452c8, &(0x7f0000000100))

1.463379116s ago: executing program 4 (id=2457):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000040)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xbb}], {0x95, 0x0, 0x700}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) (async)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, 0x0, 0x0) (async)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "00000100ebffffff", "2607080d7f4fcf00fd4ef2dece6c7c58", '\x00', "006e34e400"}, 0x28)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x3}, 0x8) (async)
sendto$inet6(r1, &(0x7f00000002c0)="882e", 0x2, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0xa}, 0x1c)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000080)={0x0, 0x5, 0x2}, 0x8)

1.378888001s ago: executing program 1 (id=2459):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="181800003d0007ff0f00000000000000037c000004"], 0x18}}, 0x0)

1.342243068s ago: executing program 0 (id=2460):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6}]}, 0x10)
getsockopt$sock_buf(r0, 0x1, 0x1a, &(0x7f0000001340)=""/4096, &(0x7f0000000340)=0x1000)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x42, 0x4, 0x388, 0xffffffff, 0xf8, 0xf8, 0xf8, 0xffffffff, 0xffffffff, 0x2f0, 0x2f0, 0x2f0, 0xffffffff, 0x4, 0x0, {[{{@ip={@rand_addr, @loopback, 0x0, 0x0, 'veth0_to_team\x00', 'wlan0\x00', {}, {}, 0x73}, 0x0, 0xd0, 0xf8, 0x0, {0x100000000000000}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x2, 0x0, 0x5}}, @common=@unspec=@connmark={{0x30}}]}, @REJECT={0x28}}, {{@uncond, 0x0, 0xa0, 0xc8, 0x0, {}, [@common=@ah={{0x30}}]}, @common=@inet=@SET1={0x28}}, {{@ip={@private, @loopback, 0x0, 0x0, 'batadv_slave_0\x00', 'veth1\x00'}, 0x0, 0xf0, 0x130, 0x0, {}, [@common=@osf={{0x50}, {'syz0\x00'}}, @common=@ah={{0x30}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3e8)

1.219602633s ago: executing program 1 (id=2462):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x840000000002, 0x3, 0x100)
setsockopt$WPAN_SECURITY(r1, 0x0, 0x21, 0x0, 0x0)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100fbdfd09172c182c604000000140005000000000000000000000000000000000108000200050000001400060020010000000000000000000000000001060005"], 0x4c}}, 0x0)

1.219262474s ago: executing program 4 (id=2463):
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001a00)=ANY=[@ANYBLOB="850301008b000000840000000000000095000000000000008560fc2b2062f611fc2f864ef177d634e46e8dcfe61b4fb9f600344d592fee49e176fe6ad28fbcb1f9259bfc63e9030971917e30b6f42e8f9dd6ab0ce07312a135cd363aa7e5bcef8fd0e8c7d2082584156c52ebfd69e8e13b7a8b477abc86468e11b6242133ce882f05e16b91c37b3437347f6058b4489c759783b9d4dfb55d0085a26e41201a6d8c8ced33e10048e756a40538b32bf653fa3c831a4e60599ed7a0f999d18de9984522a7cdb6fc30015633a0132c9578b7da5bd7280a5f7e28fd858ba712020b23ef8a2785b6c146c48b48ca7e232d0489661396e9303b38aa5d26d06e2e676795fd2733f95da570bab301000000ffffffff2a2792a630d8fcdc"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

1.100571095s ago: executing program 1 (id=2464):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001280)=ANY=[@ANYBLOB="380100001000010400"/20, @ANYRES32=0x0, @ANYBLOB="7ac8483e00000000140012800a00010069706f69620000000400028004011a8048000a"], 0x138}}, 0x4040050)
bind$alg(r2, &(0x7f0000000540)={0x26, 'hash\x00', 0x0, 0x0, 'poly1305-generic\x00'}, 0x58)
r4 = accept4(r2, 0x0, 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x4050030, r4, 0x73394000)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r4)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_VENDOR(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="bd838681401cc190000067f0ff0008000300", @ANYRES32=r9, @ANYBLOB="0800c300741300000800c400"], 0x30}}, 0x0)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r5, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000200)={&(0x7f00000005c0)=ANY=[@ANYBLOB='\b\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="00082bbd7000fedbdf2589000000fc041d803800008005000800fe00000005000c00130000000500060000000000050006000100000005000700f30000000c000300ff7f0000000000003800008005000a000100000005000a000000000005000c0001000000050008000d00000005000c00000000000c000200f8ffffffffffffffc0020080b4020d80540000800500040001000000050006000200000014000500050000043a3b0500990009000800040005000700020000000500060002000000140005000b9801000400456409000600060005000500070002000000200003801400030003000900ff000500934d610d810001000500040000000000ac0003800500060001000000050007000100000014000300fcff0900ac0d05000300080002007f00140005000300020003000300ffff000210005a771400030002000300f6be0200ff00d1000f000700140005000900080009000600270007000600070014000500ca76070006000d1f0600050005001c9b1400050006000300090007005900050008008c581d0001001b1606036f091b6c6c2c0924040b3e16020c162401120a02600000008000028014000500ff07670e7c09060004000001f800d0d304000100250002002a20404208493f4e0633062411530d481f530c2203461d23290d3a36fe223741170000003b0002002d4d362548151b24193d553a3d04433421461f07120828142647142f5722152c4c342334113028044f392d3f575033294f5307040e413800f000028005000700000000001000020039444d092c0a181d2150162d1400050000000100470380000300ff010700030014000300080009000100ff07010009000800fbff4900020023282600493d20213a451942194d395339483504081b0e4e2f2306013b2a4b3834402c204f3a47142b260e1f3738220d14511b47280839482d1d274110275639181c370338000000140001001b0924040248360112183660360209061400030007000000070007000900010000000900350002004622460c500d02054112293a212e3c131b21000e0219134941101521561c0e1a4b2511234f500010393c0a0948205535400000002000038005000700000000001400050000003a3a0300ff07ff0ff71a07000c000500090000000000b0010080050007004a00000078010d8034000080050007000100000005000600020000001400050009000800e40b000000000800520208000c0001001818670605023036a40002801a0001001824024805166c06481218240b48022409090604041600001b00010018503603050109044824246c186c05240160126003081200050006000100000005000700000000000500070000000000290002004a4d0b532549544531442d18183716501045333f052f48245219190b00302524411c061c2d00000014000300fcff01000002ec00000401000500080005000400020000000500070001000000780003800500040002000000360002002b12390a3e261455521a0c2a360a4b50300a501a0a0a434502501c2f381540493b1a2b1137114f40080e4e50551d3a38203b00000500040001000000120001000b16160216361806186c05240b030000050004000000000005000600010000000500040001000000040001802000038005000600020000000b00020044084a271e363d00050004000000000005000600000000000c00020000000000000000000c00020002000000000000000400040005000900000000001800008006000500ae00000005000600000000000400040048001d800c000080050008003500000038000080060005009100000005000c000100000005000b000000000005000800d300000006000500d80000000c000200ffffff7f0000000010001d800c0000800500060001000000"], 0x568}, 0x1, 0x0, 0x0, 0x20000080}, 0x1)
sendto$inet(r4, &(0x7f0000000000)='o', 0x1, 0x8041, 0x0, 0x0)
sendmsg$IPCTNL_MSG_EXP_NEW(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x44005}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="6400000000010104000000000000000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002c0002800c00028005000100480000001400018008000100ac14144008000200accf5454aa00034000020000f56f8756b476019a6878bfae9204adbcc7e7b74cb652cf451773b0"], 0x64}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x25, &(0x7f0000000000)=0x4008007a, 0x4)

1.092501406s ago: executing program 0 (id=2465):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x21, @any, 0x0, 0x1}, 0xe)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)={0x58, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_NETMASK={0x5, 0x14, 0x5}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x58}}, 0x0)
r3 = socket$pppoe(0x18, 0x1, 0x0)
ioctl$PPPOEIOCSFWD(r3, 0x40047459, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=@newtaction={0x70, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_ctinfo={0x58, 0x1, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_CTINFO_PARMS_DSCP_MASK={0x20}, @TCA_CTINFO_ACT={0x18}, @TCA_CTINFO_PARMS_DSCP_STATEMASK={0x8}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}}, 0x0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
clock_gettime(0x0, &(0x7f0000004100)={<r5=>0x0, <r6=>0x0})
recvmmsg$unix(r4, &(0x7f0000003fc0)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)=""/7, 0x7}, {&(0x7f0000000300)=""/4096, 0x1000}, {&(0x7f00000000c0)=""/16, 0x10}], 0x3, &(0x7f0000000140)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [<r7=>0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10}}], 0xd0}}, {{0x0, 0x0, &(0x7f00000013c0)=[{&(0x7f0000001300)=""/26, 0x1a}, {&(0x7f0000001340)=""/60, 0x3c}, {&(0x7f0000001400)=""/60, 0x3c}], 0x3, &(0x7f0000001400)}}, {{0x0, 0x0, &(0x7f00000039c0)=[{&(0x7f0000001440)=""/132, 0x84}, {&(0x7f0000001500)=""/101, 0x65}, {&(0x7f0000001580)=""/4096, 0x1000}, {&(0x7f0000002580)=""/194, 0xc2}, {&(0x7f0000002680)=""/4096, 0xfffffffffffffe84}, {&(0x7f0000003680)=""/187, 0xbb}, {&(0x7f0000003740)=""/214, 0xd6}, {&(0x7f0000003840)=""/72, 0x48}, {&(0x7f00000038c0)=""/252, 0xfc}], 0x9, &(0x7f0000003a80)}}, {{&(0x7f0000003ac0)=@abs, 0x6e, &(0x7f0000003d40)=[{&(0x7f0000003b40)=""/236, 0xec}, {&(0x7f0000003c40)=""/240, 0xf0}], 0x2, &(0x7f0000003d80)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x88}}, {{&(0x7f0000003e40)=@abs, 0x6e, &(0x7f0000003f00)=[{&(0x7f0000003ec0)=""/59, 0x3b}], 0x1, &(0x7f0000003f40)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x80}}], 0x5, 0x40000000, &(0x7f0000004140)={r5, r6+10000000})
openat$cgroup_ro(r7, &(0x7f0000003a80)='cpuacct.stat\x00', 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000001380), 0xa000, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) (async)
bind$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x21, @any, 0x0, 0x1}, 0xe) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)={0x58, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_NETMASK={0x5, 0x14, 0x5}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x58}}, 0x0) (async)
socket$pppoe(0x18, 0x1, 0x0) (async)
ioctl$PPPOEIOCSFWD(r3, 0x40047459, 0x0) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=@newtaction={0x70, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_ctinfo={0x58, 0x1, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_CTINFO_PARMS_DSCP_MASK={0x20}, @TCA_CTINFO_ACT={0x18}, @TCA_CTINFO_PARMS_DSCP_STATEMASK={0x8}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}}, 0x0) (async)
pipe(&(0x7f0000000040)) (async)
clock_gettime(0x0, &(0x7f0000004100)) (async)
recvmmsg$unix(r4, &(0x7f0000003fc0)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)=""/7, 0x7}, {&(0x7f0000000300)=""/4096, 0x1000}, {&(0x7f00000000c0)=""/16, 0x10}], 0x3, &(0x7f0000000140)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10}}], 0xd0}}, {{0x0, 0x0, &(0x7f00000013c0)=[{&(0x7f0000001300)=""/26, 0x1a}, {&(0x7f0000001340)=""/60, 0x3c}, {&(0x7f0000001400)=""/60, 0x3c}], 0x3, &(0x7f0000001400)}}, {{0x0, 0x0, &(0x7f00000039c0)=[{&(0x7f0000001440)=""/132, 0x84}, {&(0x7f0000001500)=""/101, 0x65}, {&(0x7f0000001580)=""/4096, 0x1000}, {&(0x7f0000002580)=""/194, 0xc2}, {&(0x7f0000002680)=""/4096, 0xfffffffffffffe84}, {&(0x7f0000003680)=""/187, 0xbb}, {&(0x7f0000003740)=""/214, 0xd6}, {&(0x7f0000003840)=""/72, 0x48}, {&(0x7f00000038c0)=""/252, 0xfc}], 0x9, &(0x7f0000003a80)}}, {{&(0x7f0000003ac0)=@abs, 0x6e, &(0x7f0000003d40)=[{&(0x7f0000003b40)=""/236, 0xec}, {&(0x7f0000003c40)=""/240, 0xf0}], 0x2, &(0x7f0000003d80)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x88}}, {{&(0x7f0000003e40)=@abs, 0x6e, &(0x7f0000003f00)=[{&(0x7f0000003ec0)=""/59, 0x3b}], 0x1, &(0x7f0000003f40)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x80}}], 0x5, 0x40000000, &(0x7f0000004140)={r5, r6+10000000}) (async)
openat$cgroup_ro(r7, &(0x7f0000003a80)='cpuacct.stat\x00', 0x0, 0x0) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000001380), 0xa000, 0x0) (async)

1.070362832s ago: executing program 4 (id=2466):
sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x3, 0x0}, 0x0)
setsockopt$inet6_IPV6_DSTOPTS(0xffffffffffffffff, 0x29, 0x3b, &(0x7f00000002c0)=ANY=[], 0x8)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x4a, 0x0, 0x0)
r0 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r0, 0x65, 0x2, &(0x7f0000000400)=0x2, 0x4)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000680)={'vxcan0\x00', <r1=>0x0})
bind$can_raw(r0, &(0x7f0000000480)={0x1d, r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000100)={'vxcan0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@getchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r4}}, 0x24}, 0x1, 0x0, 0x0, 0x20000}, 0x98)

1.069652292s ago: executing program 2 (id=2467):
syz_emit_ethernet(0x22, &(0x7f0000000140)={@random="4629e3965723", @empty, @val={@void, {0x8100, 0x2, 0x0, 0x1}}, {@can={0xc, {{0x4, 0x0, 0x1, 0x1}, 0x2, 0x0, 0x0, 0x0, "c659da3c3dc5c22b"}}}}, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040), 0x8)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305-avx2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x20000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x10, 0x3, &(0x7f0000000240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x4}, {}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffd0a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

926.659116ms ago: executing program 2 (id=2468):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000000}}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x0, @in=@broadcast, 0x0, 0x0, 0x3}]}]}, 0xfc}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000380)={0x0, 0xfdff, &(0x7f0000000340)={&(0x7f0000000640)=@migrate={0x184, 0x21, 0x1, 0x0, 0x0, {{@in6=@private2, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0xa}}, [@migrate={0x134, 0x11, [{@in=@dev={0xac, 0x14, 0x14, 0xc}, @in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in6=@private2, @in6=@local, 0xff, 0x0, 0x0, 0x3501, 0x2, 0xa}, {@in=@local, @in6=@local, @in6=@empty, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0xff, 0x2, 0x0, 0x3500, 0xa, 0x8}, {@in6=@ipv4={'\x00', '\xff\xff', @loopback}, @in6=@private2, @in=@rand_addr=0x64010102, @in6=@private2, 0x3c, 0x0, 0x0, 0x0, 0x8, 0x2}, {@in6=@ipv4={'\x00', '\xff\xff', @multicast1}, @in=@rand_addr=0x64010100, @in=@private=0xa010103, @in=@local, 0x33, 0x4, 0x0, 0x3506, 0xa, 0x8}]}]}, 0x184}}, 0x0)

888.036737ms ago: executing program 0 (id=2469):
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000040)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @local}}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000ac0)="ee", 0x1}, {0x0, 0x2}], 0x2, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000280), r3)
sendmsg$NET_DM_CMD_START(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r4, 0x1}, 0x14}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = socket$kcm(0x29, 0x2, 0x0)
r7 = socket(0x80000000000000a, 0x2, 0x0)
r8 = socket$inet6(0xa, 0x80002, 0x88)
bind$netlink(r5, &(0x7f00000004c0)={0x10, 0x0, 0x25dfdbfe, 0x4}, 0xc)
bind$inet6(r8, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$SO_ATTACH_FILTER(r8, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6, 0x7, 0x0, 0x4}]}, 0x10)
setsockopt$SO_BINDTODEVICE(r8, 0x1, 0x19, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97004d88c19e9ace00000000000000002100000002ff02000000000000000000000000000104004e200023b0"], 0x0)
setsockopt$inet6_group_source_req(r7, 0x29, 0x2a, &(0x7f0000000080)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}}}, 0x108)
setsockopt$inet6_group_source_req(r7, 0x29, 0x2f, &(0x7f0000000500)={0x0, {{0xa, 0x4e20, 0x0, @mcast1={0xff, 0x7}, 0x7}}, {{0xa, 0x2002, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xffffffff}}}, 0x108)
setsockopt$inet6_group_source_req(r7, 0x29, 0x2b, &(0x7f0000000200)={0x0, {{0xa, 0x4e21, 0xfffffffd, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0xfffffffc, @local}}}, 0x108)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@newlink={0x54, 0x10, 0x44b, 0x0, 0x0, {0x7a}, [@IFLA_LINKINFO={0x34, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x24, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_MLD_VERSION={0x5, 0x2c, 0x1}, @IFLA_BR_MCAST_QUERY_USE_IFADDR={0x5}, @IFLA_BR_MCAST_QUERIER={0x5}, @IFLA_BR_MCAST_SNOOPING={0x5, 0x17, 0x1}]}}}]}, 0x54}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYRES16=r6], 0x48)
socket$inet6(0xa, 0x80803, 0x87)
socket$inet_tcp(0x2, 0x1, 0x0)
syz_emit_ethernet(0x5e, &(0x7f0000000540)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd603000bb00282b00fc020000000000000000000000000000fe8000000000000000000000000000aa87"], 0x0)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x44040)
r10 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'bond0\x00', <r11=>0x0})
sendmsg$nl_route(r10, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=r11, @ANYBLOB="00000000e09e01001c00128009000100626f6e64000000000c00028005001100010000008d7aa6ae645b93a810dc2694f9f20f1f61a1f4a82203d4a2ec90a72fc19ae92c757a165fb7c1113d085de7f14cdc361579c74da25714ccb9003722d78a9cd2538dc7b3a95308f055a769ee5daafa7162f2e3f79b0d40ba2c5498922b854aab566b0d1c2a2d8de893329a2afbc21c6ae08c067dd14893aa9924b3c9fce312d3cf7921b3ff2587b08e1b4483dc4659f20ffac570670d0a2ae4f790965ee4dd3799e50831c914dd77586de0a754f1d6d889aa77d1cd1bd15cadc2d05b76e2e5421f92f7dfa691d6b4917f4da2e0c538335f596ccb8cb1d7c84fdaa624945b98e5780c3d1dd1b17b6eaa46ebe2e27128f1ef7a81867760d5d1936d7fcaac9758"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

747.297935ms ago: executing program 2 (id=2470):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r0, 0x400452c8, &(0x7f0000000100))

678.302142ms ago: executing program 1 (id=2471):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x4, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_emit_ethernet(0x146, &(0x7f0000000700)={@local, @multicast, @void, {@ipv4={0x800, @tipc={{0x28, 0x4, 0x3, 0x1, 0x138, 0x68, 0x0, 0x40, 0x6, 0x0, @dev={0xac, 0x14, 0x14, 0x1f}, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@cipso={0x86, 0x58, 0x0, [{0x6, 0xf, "4770ab2bd27daf71668eb35067"}, {0x0, 0x7, "ef207a965e"}, {0x2, 0x9, "82038328c15669"}, {0x1, 0x7, "c1d5bcd4e3"}, {0x2, 0x9, "5ed64404b7b55f"}, {0x0, 0x11, "b9432c2d87f76b5fe915f348900fbb"}, {0x0, 0x12, "9843a02f2b3589f944ae9d2ecaec5669"}]}, @lsrr={0x83, 0x23, 0x7c, [@loopback, @dev={0xac, 0x14, 0x14, 0x37}, @rand_addr=0x64010102, @initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast, @private=0xa010101, @multicast1, @initdev={0xac, 0x1e, 0x1, 0x0}]}, @timestamp_prespec={0x44, 0xc, 0xb4, 0x3, 0xf, [{@multicast2, 0xaeb86cc}]}, @ra={0x94, 0x4}, @noop]}}, @name_distributor={{0x98, 0x0, 0x0, 0x0, 0x0, 0xa, 0xb, 0x2, 0xec6, 0x0, 0x1, 0x1, 0x6, 0x1, 0x4e22, 0x4e21, 0x6, 0x1, 0x0, 0x0, 0x1}, [{0x3, 0x40, 0xb, 0x200, 0x80, 0x1, 0x0, 0xffffffb}, {0x0, 0x935, 0x1, 0x8, 0x5, 0x2, 0x3, 0x7}, {0x28, 0x9, 0x1, 0x0, 0x3, 0xfffffff8, 0x4, 0xb}, {0xd, 0x60ac, 0x1, 0x7, 0x5da, 0x9, 0x3, 0x9}]}}}}}, 0x0)
syz_emit_ethernet(0x32, &(0x7f0000000080)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @random="e43f6642531e", @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0xe000, 0x2, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x10, 0x0, @gue={{0x2, 0x1, 0x1, 0x10, 0x100}}}}}}}, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r2)
sendmsg$NFNL_MSG_COMPAT_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0xffffffffffffff6d, &(0x7f0000000080)={&(0x7f00000006c0)=ANY=[], 0x14}}, 0x48001)
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0xbc)
getsockname$packet(r2, &(0x7f0000000280)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000380)=0x14)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x17, 0x9, &(0x7f0000000680)=@framed={{0x18, 0x8, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x5}, [@func={0x85, 0x0, 0x1, 0x0, 0x5}, @call={0x85, 0x0, 0x0, 0xba}, @generic={0xa7}, @initr0, @exit]}, &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x5f, '\x00', 0x0, 0x13, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_REG(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)={0x20, r5, 0x103, 0x0, 0x0, {}, [@NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}, @NL80211_ATTR_REG_RULES={0x4}]}, 0x20}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=@newtfilter={0x5c, 0x2c, 0xd27, 0x1, 0x0, {0x0, 0x0, 0x0, r3, {}, {}, {0x5, 0xfff3}}, [@filter_kind_options=@f_flow={{0x9}, {0x2c, 0x2, [@TCA_FLOW_EMATCHES={0x28, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xffff}}, @TCA_EMATCH_TREE_LIST={0x1c, 0x2, 0x0, 0x1, [@TCF_EM_META={0x18, 0x1, 0x0, 0x0, {{}, [@TCA_EM_META_HDR={0xc, 0x1, {{}, {0xffff, 0x0, 0x2}}}]}}]}]}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x20008041)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000400), r0)
r8 = socket$inet6(0xa, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r8, 0x8933, &(0x7f0000000500))
r9 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r9, 0x89b1, &(0x7f0000000040)={'bond0\x00'})
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wpan1\x00', <r10=>0x0})
sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)={0x34, r7, 0x60b, 0x70bd2c, 0x25dfdbfd, {}, [@IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x5}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r10}, @IEEE802154_ATTR_LLSEC_SECLEVELS={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x2008051}, 0x8d0)

677.327134ms ago: executing program 4 (id=2472):
syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @multicast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0xffff}}}}}}, 0x0)

649.878ms ago: executing program 3 (id=2473):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000400), r0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000100)={'wpan1\x00', <r3=>0x0})
sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)={0x34, r1, 0x60b, 0x70bd2c, 0x25dfdbfd, {}, [@IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x5}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r3}, @IEEE802154_ATTR_LLSEC_SECLEVELS={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x2008051}, 0x8d0) (fail_nth: 9)

522.743548ms ago: executing program 2 (id=2474):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000180)=@bpf_lsm={0x6, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x1, @ANYBLOB="0600"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00d9729b"], 0x50)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0xd, &(0x7f0000000000)=@assoc_value, &(0x7f0000000100)=0x8)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_ro(r1, &(0x7f0000000200)='blkio.throttle.io_serviced_recursive\x00', 0x275a, 0x0)

275.934563ms ago: executing program 0 (id=2475):
socket$can_bcm(0x1d, 0x2, 0x2)
syz_emit_ethernet(0x3a, &(0x7f0000000400)={@multicast, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x2c, 0x0, 0x0, 0x32, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x18, 0x0, @wg=@data={0x4, 0xb352, 0x2}}}}}}, 0x0)

258.641708ms ago: executing program 3 (id=2476):
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2000002, 0x42073, 0xffffffffffffffff, 0x800000)

186.094912ms ago: executing program 1 (id=2477):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x80000, 0x0)
close(r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000900))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
ioctl$SIOCSIFHWADDR(r2, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x101001, 0x0)
close(r3)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @random='\x00\a\x00'})

175.948001ms ago: executing program 2 (id=2478):
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
getsockopt$inet_int(r0, 0x10d, 0xcb, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000002c0), 0xffb2)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000280)=@gcm_256={{0x304}, "3f60eb8f2777c39a", "5985e81ad0d9585bc175cbecd3f55eb699e3070cc206f3ba527c85bde06fbf19", "bc5ec28f", "b200"}, 0x38)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x4, &(0x7f0000000100)=@gcm_256={{}, "2474794233890da1", "d830005894bf527ae179a7173985202bbfb61b36f3678de8ea2d0d6616076243", "5615d9f5", "7c5cec21291a43fe"}, 0x38)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r5=>0x0})
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
r7 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r8=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, &(0x7f00000002c0)={r8, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x304, 0x0, 0x2c}, 0x9c)
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r2, 0x84, 0x1a, &(0x7f0000000400)={r8, 0x1000, "0288cf46b2f43c12aa17b4f86af6e44c8c7faeb9901c928dd45fd4aeafb9bfee7d24acff692aef806df0e64e5146d33634340bd27ff8f7aec3726b0d9d39114377755662b46c7320c19d18e1189d7d41ab2c74660c43c7f46bb1b9cb9a8b78a582cb7ddb25bfb44349394c39d9244f0d9a8cdb5bf4a4ecfb673ab452eb274940a44cc656153f887341ddd8bda2417ce371302bbbc72bfc662ba18853cfc64d4c619be54ac47b3160441148fa066f9184f9d93c4408e2e394811539c43a503af0b9bdaf9dc159d0ac1551ebf4c782e00dcfbab2ea66112722ca6fc0d8a06d714742ac8022f0248d8735607749c6f1a986b612bf1fe0b492bae49cf7dcc1a9f60b7ceac2f5e8e0afba6af25b9c288fb7384efc9728b342c3c88f46cc089df43083a7914b575202ad78040a6ccf9d36f2235172ab63a77114ccc149ed7fef68b154474c3ca25e052612177d2767eec8d3bea0b2fb99fe7c8fde3b02e8738ecdd5c29f913f647644735033a213ea88a5c4158ff55ba9ecf80dcbcd0892aafcc8c4136efa44a7474f9d915133ec3a41d41dd93a22b4674f1f8f420ff2a500dd4e2d71265c9a636e5c10b1880ffba220235c91075af18869e40293389e4ae01d397a1486ba72e2bea501a997bb2cb7b450b9db73a5af8cbebf764878410d251383e0fd72b62913618900aacd0a31679baa12ac084eab2510e22cada2c7ce70da7df2efab2213e9da12d6c934cf8371ea81189941f1a2450f5b746eefbe45d9c48fbe69a33fcb467442d02c81257c50acc0f2324238feb36da7c7d5c3747e364fc5733ac2e310adac3e3c0ebaf34b3e76615c873b349ed1660d367f2385732fb9feb0d64670f8ad8d3a8e39f5effb536a721a61424e4bcf8009d147b00850c3a4489441393cf4c5d3dc787bbcb356e4f0d0fef8477acdc39f3ffe6004bd418a735217944f918469d4c24050e027d3be9d5b8fd99e9bc2a7a635507b6241db952e99c9de5d853517481d284bcd85d823046c4614a162166686aaa168e34c0d17defd905d2839fcc5cb4733b72651ffb0679066522d9d71f13f5ef02c4b555e002ee9f67447ed9870a0414371beeac1d4e06b01ecc8e8661cccbda758df6e94bec22571d257f08e639fdf0789c0dab20d5ba59d8d23552932589b649a9c41fd1dbd1e0735dfc35beed7fb2efd353bbe4428f94c294d8202f1623ff821abb1cf0ce86c6dd972fe2986b215c8a1717f229bbe7036ffd2de98abf051021e7fc2f898479bf6c2f38da59ed22e82d6511dd7eefa966be6b4e4a09c36e8a839c4a933454ca2254645841d2bc9c65116de2b2430524711b8464a2a82e563a07b53c89b618b721e2f6bddff39eb1986841e762b643bf3ae58d4b82f220f55e9f654602fd5ecc980b50fe5095db6243cf29cd0864eecfbd7ca7fdda14be55b8a42aacb51ddfe94028daec800e04d4f0f783b46f87e248b7afece38750255a3d57b1008cbdf0e5a8087a73bca24c2cd663e130b25480f7b01e578067c4d23162880cbcd00c6903ca20f444d698bbc584632a5cda999c7d0ca0f838ae86bd004a8d1c504ac98c11be8f74b616cdc0339092df02e23ba8d0005aecb144439e12683b75fb758e72b7cd9da3e9e250deec07d8443fc12a5583ace39fbf14013459903454bcf5326b46dd12ec9c4924cda73f6622c0fe8a9a7a92a607ae3558338ff45759b515add2e031d58283ff8b8bc749d966b4e1b06d4a6d4607eb7ad7f42bd60378c6f39cfadcf35e894c97d03fe88d1a5aaaa4420a5ebc1c830dca9a99db48540afdd5af9a00490275b0446760e25ac6a6a7d89ee398e6ea028706fa7169ecb72b916dc2718ed69d784044fbd207deea201e82ccf4c556f22e9bda151ce63364a8a212204469fd8291f75cc489457ce4ed2cb7d6757f78ed0acb63ea8e9ac84928703cdd883be4412fd1cfb89ac137567bb87d98c04c308b1dfb27d389aab91e89b84ede5dffed35c9e5978e419e9b0449112c5b38cc80afc2f68d17da9535b19c64119d0c36070adfc56df180e7497398109147c2000961eb1ccb5f48cd294a114fc1bd01514839c5fa46a079800a1b7f4beed194d6402f037c1ebe80abf921d5963e763a1ca69c7ee23557fadc594b254635d336518b5e9cd3565b4eca6c2964fddf091c3ca31064c4d077270eeca636bd40dad40b2bcd77186872bd9afa1ff3306df156158bdd97d28a95bc19c22e9e8e47a171ac7463e90b3265f130974420231be1998cc0b7e07f31a58750a55d21a116f0eff1e6a5806c0c1b1a31e99781a23a87cfc59853c98ad968bf8f925c0d98082f263febc124b721f502c828f86708666e8e7854bafecaad63f0500eaa5f3c1ccfc60e0e44c631ba79bfa416a7b1192d855ef2fd84e4a99f38dd6ef8500e670dbe1a08e6ff438e4c2b01cb6455c3e2da2d59708f8e27f1da9b92d95ff84d037b7a9d11bc24eb0a3dd4c2e1cb8006f4da51996273e418f5ccfdaa98744d5196b083f9e6f0365b82e379a19b10adf82a88911a037477fad5f813f28e309efa63786973bed2babeaa2d14072b66366b5c6b13bb05e0ae516693f449f77450d4e4e0cb4bc35b83b902ba8ec1822d4ae5922b427e750afdb070eb725e8e5af1eed475263045a943c5bb09db70dfb4a05b0750a0f129045c65d4c37cfd74f8904f6a312e20a6af9aead0855ac29c36cdfd6b5a79adfcdd640179a303fce1b24916e9d56b33d56a7356c8efba5a23c4a74c615c5139b390903c12f633bf2c8903c478ff92f4d7eff85048842dd3a5b820d04b4485e9fe4a06c11336d6ec3921e01e317b9a7999fbad894fd554364bf7d9b09bd1d96a8a47761a82888f636de614a12340132e2a0246ea960d9782d05a10a17333ccc9f0e1dffbc9847450fb0eb8ce89724a9123756f84c63530e12bc851debc2089cabbf8a8a5055aa6a41136d5825a3e0ffa0b34e41a60252490432959e7035b2ae7e26fca75fe5aa55b1add42811b6561a409d397c106dc3a3ccaa7bfefbded8162e3661e18a63230da6d85fb6d9bd224bc2cf67b64ce478117e794fbc0ad6b9733ac74477d6576316484bad55c451cdc262250c67f43efa4448425e27c22db6ef7f49d5ae2887e670aff80e65863624c531069110c482e1075a8c40aa60ef0bf589d2ba98339a143ad65f1b5b8d86a6ac5d5bf7ebdf30849af053188e884affa12ce44ea7826a3c5b444e65705cd6b97e778cf0da7d4fc48238a15a73dceb8af162baef6e089cedb068b305887af214dc5a0f0356e47e4863fc540c29b98b6dbbb20b19d516f51c81a412415555a36bd9b76e0d3a2e2da2d887f913dda6cbbc7626dff4dd9e76dcfcd14808af0a7975511e828bb5d59680c407bc8c57d09bc8f651881de7dc92adeb86d59921368275140459e24c835ba396c30a3e147d8bf9d3a9ccb47e208b291888c4869d0b168a75a9f303d5a27e437c381df906777879b41212001476ab63e22af8614b6e1591bb491485305fc53ff46cfafebfda9046375576ccee5cfb51b856e391374d72d21560838168a088463efe423ef2103520867a339c0e86106f52b515e4872bdffd3df7d319bb357d0fdf978ec32c8621e955b7808fb10ae18bb74bc8dda102d61ad76f613ff3f74a79270beac0093dc351b3c1fa7c148a52ed0cf51a56f0417332065a6de3add36b39814022ad4a137339137e2ecfb663b624d8b7e8442611a7fe9e164b4e9d3e78ef0a0172521fe2464515603b82474d1cdc8f74f24875eef444db2ea781694b2fa0bfa80bf385e43e1e21d38ee332a12ec6e5a9316364b75d8a9a86f80e5b8073d52d4a1d62f6d3bdc5099ba69a63bb4dd4f5290d450bbdcd92ba514b8f1081394e308da5f65c2a472bbff2abf60f9383d3e5cccbb1d77dfcdb0807bc2d18d3d50cd031a59f9b0d07e60cdda4fa57bf039e8f8aac970243ddf783ab869b904c8155b895133da7b4e2ce7d86cc8242421ceebfd8a6f34962abe61b5b48915334ebe8e6448c723e910ecca4aa29fa728e0c85508726454e90e36fae0fb8e65c440eecde5f0ea9df3a41145eeaa914661810c67dcfa5930921cdf1b09f6e094c0628385c79115b20119c98605805b9563a2b2858bd07facd12f723a025639266c69580d8e4811b02005bb0f7e6477d975f67b045d2e96149284f17d58fe0c8126043074ddfbd0e092f74d3b17a7bd6acd15d6fa67652cd6d70480ee38b275b70f93b11dbb2b66416a686c4e4426e336ba22f25d40626c72dde9f5b2f18d4f77a6a371996f00be02f6376cf85d5bb3a4ea4fded9594b743aab2977c8fffe1799dd6027fd6ac84b30f7bbd920a96ab9a113cb0637fb0f65fabbd459e18910bfde20881105bbad665cedaa8e23b912837ee4e86a33fc9d5c3c0b163242c272b919afad54a8492c6185684b169e9e2acc76c6db361a2f44495d5be377e0c31046449e328f05d0b93d2192b0a23a8312f20142d92df832557b35ef72c7407c298f9b0a1b35333427d11379063aae59aa1781cb9b3a176f33b715d7532620a65c9f5510398e8f1677f3474bd626295045f972cc8841cbe3523e320b02d12eafcc8181424c1677018c871afb4b65d6f1e0e6ea88dd5cb86cefb2b530beb61f28cc4d87e9b43eecde0f9acab6bfcc12ebdfc0799a8301cc3c7536f988ced11567de317bbc17a2a37b2f7ae166877a11835994434eaaaf8a9e3f28f70dc0e77e45625bc1c4b8ae0f025a75389f3e80491c3871a9065db67dc266caee2cab6b1eaf8bf410bc35b56d5e56970d0c7976f02d02183519e9965d4302ac85c347b34156f7d3d14edc26cf7b531eb4ab88db405d8b446a666d2e8c804ffdd34c512257ff1c38354ff1678230f9895446dc3d01f31bc0a87bd2703db5988cca11bff12ba9e81febc2ba69100849c1aab9e8a914cb4792f0d61c915b897fa895542ae1302040dac9d5401e196d09144f5bd498d6aefb61f533f4c192477139684a6d75682d2b075353e0daeb007eafd2cafbbe24739095c37e64b88c1b74143d4fb83d2510f860e67ddaf7efb80d65c9e0c609f8bd1538fe9183120a08980651f5f775a2c3f910a3d70fc86ab5f480835f7a1f2ba5389905e4b705fe617ecd432294e181d65bb0285c77f7157e7079b11599a3b86a6330de508b0f0eb8d2814236844276fe34abf59541e6f1259e4394419c686cac00a8e79c551411ced15dda88f56a54611d5964e28762da29f69ceb7dda84eb7a729b1d1dba35542f9d35946a891eff74bc356055c07ab96a172df505285e9f46765ed6b708c4885451a72d9e31d96c25019c313365127214b6914b560655744312522da2f348406ed84f03b2131504f02e967c106937f5ca2884b26e851bcf1244acd2ee8df84a1eb7947735e11c648112f5b5fcfcf3def40ebb600365e19d6b0a6b3d6ecf96eb41f64f60dcb1e4b9c53ea67b4aa7fa13969fb2f19d5bce6793bae3a97133b8254a68b9b132058937e7e2b082ca13a3e40e0c3983f2eeb7dd6196d54aab6e44239aa579f28ff6af0b869bdeecf6033e7a3e33b3f7c9a095c5d09277eaa044cc75204e854165291aadcf07d26d904a54166c3419ed09194e769ce2b66fc298f53540f4e4b986d8f924676e834742d31783aab69a320de1894c019ce14f49ec1dcdcc06ace13cc869a5972a47ada2ddc84fdb630642a6697236f7797bf29e61e1a2c21289edac786e54807b47a21f0a857949e83c85dfff250820b0d7024e80a6ed9e56f2a6726fa0c5a722207f8d47ae0093e0525e5fef05e7ac1413cbc"}, &(0x7f00000000c0)=0x1008)
sendmsg$nl_route(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r5, 0x4001}, [@IFLA_VFINFO_LIST={0x34, 0x16, 0x0, 0x1, [{0x30, 0x1, 0x0, 0x1, [@IFLA_VF_VLAN_LIST={0x2c, 0xc, 0x0, 0x1, [{0x6, 0x1, {0x87, 0x794, 0x44, 0x8100}}, {0x14, 0x1, {0x77e9, 0x3be, 0x0, 0x8100}}]}]}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x8810}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x9, 0x4, &(0x7f0000000240)=ANY=[@ANYRES64=r2], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2a, '\x00', r5, @cgroup_sock, 0x0, 0x0, 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

164.098605ms ago: executing program 4 (id=2479):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x80000, 0x0)
close(r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000900))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r2, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x101001, 0x0)
close(r3)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random='\x00\a\x00'})

135.900747ms ago: executing program 3 (id=2480):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
socket$inet_sctp(0x2, 0x5, 0x84)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x5, 0x5, 0x9fd, 0x84, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket$alg(0x26, 0x5, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r3, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={0x0, 0x18}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="5000000010008105e9c51c000000000000000000", @ANYRES32=r4, @ANYBLOB="01000000000000002800128009000100766c616e000000001800028006000100000000000c0002000c0000000d00000008000500", @ANYRES64=r2], 0x50}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmmsg$inet(r1, &(0x7f0000004c80)=[{{&(0x7f0000000480)={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000640)=[{&(0x7f00000004c0)='iT', 0x2}], 0x1, &(0x7f0000000680)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @empty, @initdev={0xac, 0x1e, 0x1, 0x0}}}}], 0x20}}], 0x1, 0x1000)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000b40)={'wlan0\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r7, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB, @ANYRES16=r8, @ANYBLOB="00042bbd7000ffdbdf253b0000001200cd000004080004000000f9ff00040500000008009f000300000008009f0007000000050019010a0000000800a000569600000800a0000900000005001801010000000400870004008e00"], 0x60}, 0x1, 0x0, 0x0, 0x8000}, 0x4000)
sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000c00)={&(0x7f0000000040)={0x30, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_STA_FLAGS={0x8, 0x11, 0x0, 0x1, [@NL80211_STA_FLAG_ASSOCIATED={0x4}]}]}, 0x30}}, 0x4084)

25.780737ms ago: executing program 0 (id=2481):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_TDLS_OPER(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0300"/18, @ANYRES32=r2, @ANYBLOB="0c0099005dda00000400000005008a0004000000"], 0x30}}, 0x8000)
r3 = socket$rds(0x15, 0x5, 0x0)
r4 = socket(0x2b, 0x80801, 0x1)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x10000, @mcast1}, 0x1c)
connect$inet6(r4, &(0x7f0000000140)={0xa, 0x4e22, 0xffffffab, @loopback}, 0x1c)
r5 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r5, &(0x7f00000019c0)={&(0x7f0000000080)=@l2tp6={0xa, 0x0, 0x0, @dev, 0x5}, 0x80, 0x0}, 0x24004059)
close(r5)
bind$rds(r3, &(0x7f0000000080)={0x2, 0x80, @empty}, 0x10)
r6 = syz_genetlink_get_family_id$l2tp(&(0x7f00000001c0), r4)
sendmsg$L2TP_CMD_SESSION_MODIFY(r4, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000280)={&(0x7f0000001a80)=ANY=[@ANYBLOB="fcffffff3bfd72e6617b547f34ea9532cc0abf308fd914f30f0d15b69ac1e892999054390c0000a142dbc06b2e2be08a171d4bb197ad17e9731f0c0356ea5ce308b622c3d22463ecfadc676ef8fb42dade6ffefc76fdb0b62959cf020437ef21e349363e4411cdf1f97e2a90dc4a36a2fcbf1034f1c085bd886e5feb5bd9e7777eef30a320", @ANYRES16=r6, @ANYBLOB="00032abd7000fbdbdf2507000000"], 0x14}, 0x1, 0x0, 0x0, 0x20000010}, 0x2404c811)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r8, &(0x7f00000005c0), 0x10)
recvmmsg(r8, &(0x7f0000004640)=[{{0x0, 0x0, 0x0}, 0xbaca}], 0x1, 0x10002, 0x0)
sendmsg$can_bcm(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="050000007f0000000000010000000000", @ANYRES64=0x0, @ANYRES64=0x2710], 0x48}}, 0x0)
setsockopt$SO_TIMESTAMP(r8, 0x1, 0x23, &(0x7f0000000000)=0x2, 0x4)
sendmsg$nl_generic(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}}, 0x4000)
recvmmsg(r7, &(0x7f00000086c0)=[{{0x0, 0x0, 0x0}, 0x8101}, {{0x0, 0x0, 0x0}, 0x10000}, {{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, &(0x7f0000001a00)=[{&(0x7f0000000380)=""/188, 0xbc}, {&(0x7f0000000840)=""/236, 0xec}, {&(0x7f00000000c0)=""/35, 0x23}, {&(0x7f0000000440)=""/80, 0x50}, {&(0x7f0000000940)=""/4096, 0x1000}, {&(0x7f00000006c0)=""/243, 0xf3}, {&(0x7f0000000540)=""/203, 0xcb}], 0x7}, 0x80000000}], 0x3ffffffffffffd5, 0x40002160, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

0s ago: executing program 2 (id=2482):
sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x3, 0x0}, 0x0)
setsockopt$inet6_IPV6_DSTOPTS(0xffffffffffffffff, 0x29, 0x3b, &(0x7f00000002c0)=ANY=[], 0x8)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x4a, 0x0, 0x0)
r0 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r0, 0x65, 0x2, &(0x7f0000000400)=0x2, 0x4)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000680)={'vxcan0\x00', <r1=>0x0})
bind$can_raw(r0, &(0x7f0000000480)={0x1d, r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000100)={'vxcan0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@getchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r4}}, 0x24}, 0x1, 0x0, 0x0, 0x20000}, 0x98)

kernel console output (not intermixed with test programs):

x___dev_notify_flags+0x10/0x10
[  210.669030][T10304]  ? __dev_change_flags+0x515/0x6f0
[  210.669057][T10304]  ? __pfx___dev_change_flags+0x10/0x10
[  210.669079][T10304]  ? validate_linkmsg+0x828/0xa40
[  210.669094][T10304]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  210.669121][T10304]  ? __pfx_validate_linkmsg+0x10/0x10
[  210.669138][T10304]  dev_change_flags+0xf0/0x1a0
[  210.669165][T10304]  do_setlink+0xcca/0x4300
[  210.669197][T10304]  ? mark_lock+0x9a/0x360
[  210.669213][T10304]  ? __pfx_do_setlink+0x10/0x10
[  210.669232][T10304]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  210.669256][T10304]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  210.669283][T10304]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  210.669302][T10304]  ? lockdep_hardirqs_on+0x99/0x150
[  210.669327][T10304]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  210.669346][T10304]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  210.669369][T10304]  ? rcu_is_watching+0x15/0xb0
[  210.669389][T10304]  ? __mutex_lock+0xba3/0x1010
[  210.669411][T10304]  ? __mutex_lock+0x602/0x1010
[  210.669438][T10304]  ? rtnl_newlink+0xc55/0x1d30
[  210.669457][T10304]  ? __pfx___mutex_lock+0x10/0x10
[  210.669486][T10304]  ? ns_capable+0x8a/0xf0
[  210.669505][T10304]  ? rtnl_link_get_net_capable+0x168/0x340
[  210.669528][T10304]  rtnl_newlink+0x1704/0x1d30
[  210.669556][T10304]  ? __pfx_rtnl_newlink+0x10/0x10
[  210.669574][T10304]  ? __netlink_deliver_tap+0x561/0x7f0
[  210.669592][T10304]  ? __pfx_validate_chain+0x10/0x10
[  210.669607][T10304]  ? __sock_sendmsg+0x221/0x270
[  210.669625][T10304]  ? ____sys_sendmsg+0x53a/0x860
[  210.669638][T10304]  ? __sys_sendmsg+0x269/0x350
[  210.669652][T10304]  ? do_syscall_64+0xf3/0x230
[  210.669673][T10304]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.669713][T10304]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  210.669737][T10304]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  210.669766][T10304]  ? mark_lock+0x9a/0x360
[  210.669783][T10304]  ? __lock_acquire+0x1397/0x2100
[  210.669846][T10304]  ? __pfx_lock_release+0x10/0x10
[  210.669880][T10304]  ? __pfx_rtnl_newlink+0x10/0x10
[  210.669902][T10304]  rtnetlink_rcv_msg+0x791/0xcf0
[  210.669921][T10304]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  210.669947][T10304]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  210.669973][T10304]  ? ref_tracker_free+0x643/0x7e0
[  210.669994][T10304]  netlink_rcv_skb+0x206/0x480
[  210.670013][T10304]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  210.670035][T10304]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  210.670071][T10304]  ? netlink_deliver_tap+0x2e/0x1b0
[  210.670092][T10304]  netlink_unicast+0x7f6/0x990
[  210.670114][T10304]  ? __pfx_netlink_unicast+0x10/0x10
[  210.670141][T10304]  ? __virt_addr_valid+0x45f/0x530
[  210.670156][T10304]  ? __phys_addr_symbol+0x2f/0x70
[  210.670169][T10304]  ? __check_object_size+0x47a/0x730
[  210.670193][T10304]  netlink_sendmsg+0x8de/0xcb0
[  210.670219][T10304]  ? __pfx_netlink_sendmsg+0x10/0x10
[  210.670240][T10304]  ? aa_sock_msg_perm+0x91/0x160
[  210.670267][T10304]  ? __pfx_netlink_sendmsg+0x10/0x10
[  210.670302][T10304]  __sock_sendmsg+0x221/0x270
[  210.670344][T10304]  ____sys_sendmsg+0x53a/0x860
[  210.670368][T10304]  ? __pfx_____sys_sendmsg+0x10/0x10
[  210.670385][T10304]  ? __fget_files+0x2a/0x410
[  210.670411][T10304]  ? __fget_files+0x2a/0x410
[  210.670443][T10304]  __sys_sendmsg+0x269/0x350
[  210.670473][T10304]  ? __pfx___sys_sendmsg+0x10/0x10
[  210.670501][T10304]  ? do_sys_openat2+0x17a/0x1d0
[  210.670546][T10304]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  210.670572][T10304]  ? do_syscall_64+0x100/0x230
[  210.670599][T10304]  ? do_syscall_64+0xb6/0x230
[  210.670625][T10304]  do_syscall_64+0xf3/0x230
[  210.670649][T10304]  ? clear_bhb_loop+0x35/0x90
[  210.670680][T10304]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.670703][T10304] RIP: 0033:0x7fb37ed8d169
[  210.670718][T10304] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  210.670732][T10304] RSP: 002b:00007fb37fb77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  210.670750][T10304] RAX: ffffffffffffffda RBX: 00007fb37efa5fa0 RCX: 00007fb37ed8d169
[  210.670762][T10304] RDX: 0000000000000814 RSI: 00004000000000c0 RDI: 0000000000000005
[  210.670773][T10304] RBP: 00007fb37fb77090 R08: 0000000000000000 R09: 0000000000000000
[  210.670784][T10304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  210.670793][T10304] R13: 0000000000000000 R14: 00007fb37efa5fa0 R15: 00007ffea1dadac8
[  210.670817][T10304]  </TASK>
[  210.720204][T10304] netlink: 'syz.0.1712': attribute type 2 has an invalid length.
[  211.392094][T10318] __nla_validate_parse: 1 callbacks suppressed
[  211.392116][T10318] netlink: 256 bytes leftover after parsing attributes in process `syz.4.1716'.
[  211.589159][T10327] x_tables: unsorted entry at hook 1
[  211.861559][T10338] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1725'.
[  212.040358][T10347] FAULT_INJECTION: forcing a failure.
[  212.040358][T10347] name failslab, interval 1, probability 0, space 0, times 0
[  212.071483][T10347] CPU: 1 UID: 0 PID: 10347 Comm: syz.2.1730 Not tainted 6.14.0-rc6-syzkaller-00104-g5f079290e591 #0
[  212.071513][T10347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  212.071526][T10347] Call Trace:
[  212.071533][T10347]  <TASK>
[  212.071542][T10347]  dump_stack_lvl+0x241/0x360
[  212.071572][T10347]  ? __pfx_dump_stack_lvl+0x10/0x10
[  212.071596][T10347]  ? __pfx__printk+0x10/0x10
[  212.071623][T10347]  ? ref_tracker_alloc+0x332/0x490
[  212.071647][T10347]  should_fail_ex+0x40a/0x550
[  212.071683][T10347]  should_failslab+0xac/0x100
[  212.071711][T10347]  ? skb_clone+0x20c/0x390
[  212.071732][T10347]  kmem_cache_alloc_noprof+0x70/0x380
[  212.071766][T10347]  skb_clone+0x20c/0x390
[  212.071793][T10347]  __netlink_deliver_tap+0x3c4/0x7f0
[  212.071836][T10347]  ? netlink_deliver_tap+0x2e/0x1b0
[  212.071859][T10347]  netlink_deliver_tap+0x19d/0x1b0
[  212.071884][T10347]  netlink_sendskb+0x68/0x140
[  212.071907][T10347]  netlink_unicast+0x39d/0x990
[  212.071925][T10347]  ? __asan_memcpy+0x40/0x70
[  212.071954][T10347]  ? __pfx_netlink_unicast+0x10/0x10
[  212.071986][T10347]  netlink_rcv_skb+0x294/0x480
[  212.072010][T10347]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  212.072039][T10347]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  212.072087][T10347]  ? netlink_deliver_tap+0x2e/0x1b0
[  212.072113][T10347]  netlink_unicast+0x7f6/0x990
[  212.072143][T10347]  ? __pfx_netlink_unicast+0x10/0x10
[  212.072162][T10347]  ? __virt_addr_valid+0x45f/0x530
[  212.072182][T10347]  ? __phys_addr_symbol+0x2f/0x70
[  212.072200][T10347]  ? __check_object_size+0x47a/0x730
[  212.072233][T10347]  netlink_sendmsg+0x8de/0xcb0
[  212.072270][T10347]  ? __pfx_netlink_sendmsg+0x10/0x10
[  212.072299][T10347]  ? aa_sock_msg_perm+0x91/0x160
[  212.072354][T10347]  ? __pfx_netlink_sendmsg+0x10/0x10
[  212.072377][T10347]  __sock_sendmsg+0x221/0x270
[  212.072408][T10347]  ____sys_sendmsg+0x53a/0x860
[  212.072440][T10347]  ? __pfx_____sys_sendmsg+0x10/0x10
[  212.072460][T10347]  ? __fget_files+0x2a/0x410
[  212.072495][T10347]  ? __fget_files+0x2a/0x410
[  212.072535][T10347]  __sys_sendmsg+0x269/0x350
[  212.072564][T10347]  ? __pfx___sys_sendmsg+0x10/0x10
[  212.072601][T10347]  ? do_sys_openat2+0x17a/0x1d0
[  212.072661][T10347]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  212.072695][T10347]  ? do_syscall_64+0x100/0x230
[  212.072730][T10347]  ? do_syscall_64+0xb6/0x230
[  212.072764][T10347]  do_syscall_64+0xf3/0x230
[  212.072794][T10347]  ? clear_bhb_loop+0x35/0x90
[  212.072845][T10347]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.072872][T10347] RIP: 0033:0x7fc1b918d169
[  212.072890][T10347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  212.072907][T10347] RSP: 002b:00007fc1ba00b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  212.072928][T10347] RAX: ffffffffffffffda RBX: 00007fc1b93a5fa0 RCX: 00007fc1b918d169
[  212.072943][T10347] RDX: 0000000000000000 RSI: 0000400000000e00 RDI: 0000000000000003
[  212.072955][T10347] RBP: 00007fc1ba00b090 R08: 0000000000000000 R09: 0000000000000000
[  212.072967][T10347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  212.072978][T10347] R13: 0000000000000000 R14: 00007fc1b93a5fa0 R15: 00007ffe98782658
[  212.073008][T10347]  </TASK>
[  212.534059][T10359] netlink: 6 bytes leftover after parsing attributes in process `syz.3.1735'.
[  212.544419][T10359] nbd: must specify at least one socket
[  212.589447][T10364] FAULT_INJECTION: forcing a failure.
[  212.589447][T10364] name failslab, interval 1, probability 0, space 0, times 0
[  212.617523][T10364] CPU: 1 UID: 0 PID: 10364 Comm: syz.4.1736 Not tainted 6.14.0-rc6-syzkaller-00104-g5f079290e591 #0
[  212.617551][T10364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  212.617563][T10364] Call Trace:
[  212.617570][T10364]  <TASK>
[  212.617579][T10364]  dump_stack_lvl+0x241/0x360
[  212.617610][T10364]  ? __pfx_dump_stack_lvl+0x10/0x10
[  212.617633][T10364]  ? __pfx__printk+0x10/0x10
[  212.617667][T10364]  should_fail_ex+0x40a/0x550
[  212.617703][T10364]  should_failslab+0xac/0x100
[  212.617732][T10364]  kmem_cache_alloc_node_noprof+0x77/0x380
[  212.617780][T10364]  ? __alloc_skb+0x1c3/0x440
[  212.617826][T10364]  __alloc_skb+0x1c3/0x440
[  212.617864][T10364]  ? __pfx___alloc_skb+0x10/0x10
[  212.617897][T10364]  ? km_report+0x220/0x240
[  212.617918][T10364]  ? __pfx_lock_release+0x10/0x10
[  212.617955][T10364]  xfrm_alloc_compat+0x1b6/0x1710
[  212.617989][T10364]  ? xfrm_get_translator+0x19/0x240
[  212.618008][T10364]  ? __pfx_xfrm_alloc_compat+0x10/0x10
[  212.618034][T10364]  xfrm_nlmsg_multicast+0xd7/0x1f0
[  212.618070][T10364]  xfrm_send_migrate+0x466/0xa60
[  212.618116][T10364]  ? __pfx_xfrm_send_migrate+0x10/0x10
[  212.618167][T10364]  ? __local_bh_enable_ip+0x168/0x200
[  212.618192][T10364]  ? lockdep_hardirqs_on+0x99/0x150
[  212.618223][T10364]  ? __local_bh_enable_ip+0x168/0x200
[  212.618250][T10364]  ? __pfx_xfrm_send_migrate+0x10/0x10
[  212.618283][T10364]  km_migrate+0x159/0x260
[  212.618303][T10364]  ? km_migrate+0x3c/0x260
[  212.618332][T10364]  xfrm_migrate+0x20e3/0x2640
[  212.618381][T10364]  ? __pfx_xfrm_migrate+0x10/0x10
[  212.618404][T10364]  ? is_bpf_text_address+0x26/0x2a0
[  212.618444][T10364]  ? __kernel_text_address+0xd/0x40
[  212.618466][T10364]  ? unwind_get_return_address+0x4d/0x90
[  212.618516][T10364]  ? stack_trace_save+0x118/0x1d0
[  212.618571][T10364]  xfrm_do_migrate+0x9a0/0xb80
[  212.618606][T10364]  ? __pfx_xfrm_do_migrate+0x10/0x10
[  212.618677][T10364]  ? rcu_is_watching+0x15/0xb0
[  212.618711][T10364]  ? __nla_parse+0x40/0x60
[  212.618739][T10364]  xfrm_user_rcv_msg+0x975/0xc20
[  212.618766][T10364]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  212.618831][T10364]  ? __mutex_trylock_common+0x183/0x2e0
[  212.618856][T10364]  ? __pfx___might_resched+0x10/0x10
[  212.618889][T10364]  ? __pfx___mutex_trylock_common+0x10/0x10
[  212.618925][T10364]  netlink_rcv_skb+0x206/0x480
[  212.618952][T10364]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  212.618975][T10364]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  212.619032][T10364]  xfrm_netlink_rcv+0x79/0x90
[  212.619053][T10364]  netlink_unicast+0x7f6/0x990
[  212.619085][T10364]  ? __pfx_netlink_unicast+0x10/0x10
[  212.619104][T10364]  ? __virt_addr_valid+0x45f/0x530
[  212.619125][T10364]  ? __phys_addr_symbol+0x2f/0x70
[  212.619144][T10364]  ? __check_object_size+0x47a/0x730
[  212.619178][T10364]  netlink_sendmsg+0x8de/0xcb0
[  212.619217][T10364]  ? __pfx_netlink_sendmsg+0x10/0x10
[  212.619248][T10364]  ? aa_sock_msg_perm+0x91/0x160
[  212.619287][T10364]  ? __pfx_netlink_sendmsg+0x10/0x10
[  212.619311][T10364]  __sock_sendmsg+0x221/0x270
[  212.619343][T10364]  ____sys_sendmsg+0x53a/0x860
[  212.619376][T10364]  ? __pfx_____sys_sendmsg+0x10/0x10
[  212.619396][T10364]  ? __fget_files+0x2a/0x410
[  212.619432][T10364]  ? __fget_files+0x2a/0x410
[  212.619473][T10364]  __sys_sendmsg+0x269/0x350
[  212.619501][T10364]  ? __pfx___sys_sendmsg+0x10/0x10
[  212.619539][T10364]  ? do_sys_openat2+0x17a/0x1d0
[  212.619601][T10364]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  212.619635][T10364]  ? do_syscall_64+0x100/0x230
[  212.619670][T10364]  ? do_syscall_64+0xb6/0x230
[  212.619705][T10364]  do_syscall_64+0xf3/0x230
[  212.619736][T10364]  ? clear_bhb_loop+0x35/0x90
[  212.619769][T10364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.619815][T10364] RIP: 0033:0x7f29fed8d169
[  212.619833][T10364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  212.619851][T10364] RSP: 002b:00007f29ffbc2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  212.619872][T10364] RAX: ffffffffffffffda RBX: 00007f29fefa5fa0 RCX: 00007f29fed8d169
[  212.619886][T10364] RDX: 0000000000000000 RSI: 0000400000000380 RDI: 0000000000000004
[  212.619899][T10364] RBP: 00007f29ffbc2090 R08: 0000000000000000 R09: 0000000000000000
[  212.619911][T10364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  212.619922][T10364] R13: 0000000000000000 R14: 00007f29fefa5fa0 R15: 00007ffe3fef5828
[  212.619953][T10364]  </TASK>
[  213.178663][T10370] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1741'.
[  213.187699][T10370] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1741'.
[  213.225304][T10370] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  213.234193][T10370] netlink: 'syz.1.1741': attribute type 10 has an invalid length.
[  213.242501][T10370] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1741'.
[  213.280179][T10372] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input6
[  213.424481][T10386] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1742'.
[  213.544947][T10395] FAULT_INJECTION: forcing a failure.
[  213.544947][T10395] name failslab, interval 1, probability 0, space 0, times 0
[  213.557867][T10395] CPU: 1 UID: 0 PID: 10395 Comm: syz.3.1750 Not tainted 6.14.0-rc6-syzkaller-00104-g5f079290e591 #0
[  213.557895][T10395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  213.557908][T10395] Call Trace:
[  213.557914][T10395]  <TASK>
[  213.557923][T10395]  dump_stack_lvl+0x241/0x360
[  213.557954][T10395]  ? __pfx_dump_stack_lvl+0x10/0x10
[  213.557975][T10395]  ? __pfx__printk+0x10/0x10
[  213.557995][T10395]  ? __kmalloc_cache_node_noprof+0x47/0x3a0
[  213.558025][T10395]  ? __pfx___might_resched+0x10/0x10
[  213.558054][T10395]  should_fail_ex+0x40a/0x550
[  213.558087][T10395]  should_failslab+0xac/0x100
[  213.558115][T10395]  ? __get_vm_area_node+0x132/0x2d0
[  213.558144][T10395]  __kmalloc_cache_node_noprof+0x6f/0x3a0
[  213.558178][T10395]  __get_vm_area_node+0x132/0x2d0
[  213.558212][T10395]  __vmalloc_node_range_noprof+0x344/0x1380
[  213.558233][T10395]  ? bpf_check+0x228/0x1bcd0
[  213.558258][T10395]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  213.558291][T10395]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  213.558330][T10395]  ? __phys_addr+0xba/0x170
[  213.558349][T10395]  ? __kasan_kmalloc_large+0x8a/0xa0
[  213.558377][T10395]  ? rcu_is_watching+0x15/0xb0
[  213.558398][T10395]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  213.558418][T10395]  ? rcu_is_watching+0x15/0xb0
[  213.558439][T10395]  ? trace_kmalloc+0x1f/0xd0
[  213.558464][T10395]  ? __kmalloc_node_noprof+0x2ad/0x4d0
[  213.558517][T10395]  ? __kvmalloc_node_noprof+0x72/0x190
[  213.558570][T10395]  ? bpf_check+0x228/0x1bcd0
[  213.558592][T10395]  vzalloc_noprof+0x79/0x90
[  213.558612][T10395]  ? bpf_check+0x228/0x1bcd0
[  213.558635][T10395]  bpf_check+0x228/0x1bcd0
[  213.558660][T10395]  ? mark_lock+0x9a/0x360
[  213.558680][T10395]  ? __pfx_lock_acquire+0x10/0x10
[  213.558725][T10395]  ? __pfx_validate_chain+0x10/0x10
[  213.558751][T10395]  ? __pfx_validate_chain+0x10/0x10
[  213.558776][T10395]  ? __lock_acquire+0x1397/0x2100
[  213.558811][T10395]  ? validate_chain+0x11e/0x5920
[  213.558838][T10395]  ? __pfx_validate_chain+0x10/0x10
[  213.558865][T10395]  ? validate_chain+0x11e/0x5920
[  213.558891][T10395]  ? validate_chain+0x11e/0x5920
[  213.558911][T10395]  ? mark_lock+0x9a/0x360
[  213.558929][T10395]  ? __pfx_validate_chain+0x10/0x10
[  213.558960][T10395]  ? validate_chain+0x11e/0x5920
[  213.558983][T10395]  ? validate_chain+0x11e/0x5920
[  213.559009][T10395]  ? validate_chain+0x11e/0x5920
[  213.559031][T10395]  ? __pfx_validate_chain+0x10/0x10
[  213.559057][T10395]  ? validate_chain+0x11e/0x5920
[  213.559083][T10395]  ? validate_chain+0x11e/0x5920
[  213.559112][T10395]  ? validate_chain+0x11e/0x5920
[  213.559143][T10395]  ? __pfx_validate_chain+0x10/0x10
[  213.559178][T10395]  ? __pfx_validate_chain+0x10/0x10
[  213.559207][T10395]  ? __pfx_bpf_check+0x10/0x10
[  213.559229][T10395]  ? mark_lock+0x9a/0x360
[  213.559253][T10395]  ? __lock_acquire+0x1397/0x2100
[  213.559289][T10395]  ? mark_lock+0x9a/0x360
[  213.559313][T10395]  ? __lock_acquire+0x1397/0x2100
[  213.559373][T10395]  ? __pfx_lock_acquire+0x10/0x10
[  213.559404][T10395]  ? ktime_get_with_offset+0x8d/0x2a0
[  213.559431][T10395]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  213.559464][T10395]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  213.559508][T10395]  ? ktime_get_with_offset+0x8d/0x2a0
[  213.559533][T10395]  ? seqcount_lockdep_reader_access+0x157/0x220
[  213.559559][T10395]  ? lockdep_hardirqs_on+0x99/0x150
[  213.559590][T10395]  ? seqcount_lockdep_reader_access+0x1d7/0x220
[  213.559617][T10395]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  213.559653][T10395]  ? __check_object_size+0x8e/0x730
[  213.559683][T10395]  ? __asan_memset+0x23/0x50
[  213.559715][T10395]  ? bpf_obj_name_cpy+0x18a/0x1d0
[  213.559740][T10395]  bpf_prog_load+0x1664/0x20e0
[  213.559784][T10395]  ? __pfx_bpf_prog_load+0x10/0x10
[  213.559812][T10395]  ? __pfx___might_resched+0x10/0x10
[  213.559853][T10395]  ? __might_fault+0xaa/0x120
[  213.559880][T10395]  __sys_bpf+0x4ea/0x820
[  213.559909][T10395]  ? __pfx___sys_bpf+0x10/0x10
[  213.559950][T10395]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  213.559983][T10395]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  213.560013][T10395]  ? do_syscall_64+0x100/0x230
[  213.560047][T10395]  __x64_sys_bpf+0x7c/0x90
[  213.560073][T10395]  do_syscall_64+0xf3/0x230
[  213.560102][T10395]  ? clear_bhb_loop+0x35/0x90
[  213.560134][T10395]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.560161][T10395] RIP: 0033:0x7f267738d169
[  213.560178][T10395] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  213.560195][T10395] RSP: 002b:00007f267826a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  213.560215][T10395] RAX: ffffffffffffffda RBX: 00007f26775a5fa0 RCX: 00007f267738d169
[  213.560230][T10395] RDX: 0000000000000094 RSI: 0000400000000340 RDI: 0000000000000005
[  213.560242][T10395] RBP: 00007f267826a090 R08: 0000000000000000 R09: 0000000000000000
[  213.560273][T10395] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  213.560286][T10395] R13: 0000000000000000 R14: 00007f26775a5fa0 R15: 00007ffef83df9f8
[  213.560317][T10395]  </TASK>
[  214.057010][T10395] syz.3.1750: vmalloc error: size 288, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  214.072082][T10395] CPU: 0 UID: 0 PID: 10395 Comm: syz.3.1750 Not tainted 6.14.0-rc6-syzkaller-00104-g5f079290e591 #0
[  214.072108][T10395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  214.072121][T10395] Call Trace:
[  214.072129][T10395]  <TASK>
[  214.072138][T10395]  dump_stack_lvl+0x241/0x360
[  214.072167][T10395]  ? __pfx_dump_stack_lvl+0x10/0x10
[  214.072190][T10395]  ? __pfx__printk+0x10/0x10
[  214.072213][T10395]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  214.072240][T10395]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  214.072268][T10395]  warn_alloc+0x278/0x410
[  214.072294][T10395]  ? __pfx_warn_alloc+0x10/0x10
[  214.072312][T10395]  ? __kasan_kmalloc+0x23/0xb0
[  214.072337][T10395]  ? __kmalloc_cache_node_noprof+0x25d/0x3a0
[  214.072373][T10395]  ? __get_vm_area_node+0x280/0x2d0
[  214.072410][T10395]  __vmalloc_node_range_noprof+0x369/0x1380
[  214.072435][T10395]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  214.072487][T10395]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  214.072524][T10395]  ? __phys_addr+0xba/0x170
[  214.072544][T10395]  ? __kasan_kmalloc_large+0x8a/0xa0
[  214.072572][T10395]  ? rcu_is_watching+0x15/0xb0
[  214.072595][T10395]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  214.072616][T10395]  ? rcu_is_watching+0x15/0xb0
[  214.072639][T10395]  ? trace_kmalloc+0x1f/0xd0
[  214.072664][T10395]  ? __kmalloc_node_noprof+0x2ad/0x4d0
[  214.072692][T10395]  ? __kvmalloc_node_noprof+0x72/0x190
[  214.072734][T10395]  ? bpf_check+0x228/0x1bcd0
[  214.072757][T10395]  vzalloc_noprof+0x79/0x90
[  214.072777][T10395]  ? bpf_check+0x228/0x1bcd0
[  214.072799][T10395]  bpf_check+0x228/0x1bcd0
[  214.072823][T10395]  ? mark_lock+0x9a/0x360
[  214.072842][T10395]  ? __pfx_lock_acquire+0x10/0x10
[  214.072887][T10395]  ? __pfx_validate_chain+0x10/0x10
[  214.072913][T10395]  ? __pfx_validate_chain+0x10/0x10
[  214.072938][T10395]  ? __lock_acquire+0x1397/0x2100
[  214.072973][T10395]  ? validate_chain+0x11e/0x5920
[  214.073001][T10395]  ? __pfx_validate_chain+0x10/0x10
[  214.073028][T10395]  ? validate_chain+0x11e/0x5920
[  214.073053][T10395]  ? validate_chain+0x11e/0x5920
[  214.073074][T10395]  ? mark_lock+0x9a/0x360
[  214.073092][T10395]  ? __pfx_validate_chain+0x10/0x10
[  214.073130][T10395]  ? validate_chain+0x11e/0x5920
[  214.073152][T10395]  ? validate_chain+0x11e/0x5920
[  214.073178][T10395]  ? validate_chain+0x11e/0x5920
[  214.073199][T10395]  ? __pfx_validate_chain+0x10/0x10
[  214.073226][T10395]  ? validate_chain+0x11e/0x5920
[  214.073252][T10395]  ? validate_chain+0x11e/0x5920
[  214.073280][T10395]  ? validate_chain+0x11e/0x5920
[  214.073311][T10395]  ? __pfx_validate_chain+0x10/0x10
[  214.073346][T10395]  ? __pfx_validate_chain+0x10/0x10
[  214.073375][T10395]  ? __pfx_bpf_check+0x10/0x10
[  214.073397][T10395]  ? mark_lock+0x9a/0x360
[  214.073421][T10395]  ? __lock_acquire+0x1397/0x2100
[  214.073456][T10395]  ? mark_lock+0x9a/0x360
[  214.073480][T10395]  ? __lock_acquire+0x1397/0x2100
[  214.073540][T10395]  ? __pfx_lock_acquire+0x10/0x10
[  214.073572][T10395]  ? ktime_get_with_offset+0x8d/0x2a0
[  214.073598][T10395]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  214.073633][T10395]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  214.073668][T10395]  ? ktime_get_with_offset+0x8d/0x2a0
[  214.073693][T10395]  ? seqcount_lockdep_reader_access+0x157/0x220
[  214.073725][T10395]  ? lockdep_hardirqs_on+0x99/0x150
[  214.073756][T10395]  ? seqcount_lockdep_reader_access+0x1d7/0x220
[  214.073782][T10395]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  214.073819][T10395]  ? __check_object_size+0x8e/0x730
[  214.073848][T10395]  ? __asan_memset+0x23/0x50
[  214.073869][T10395]  ? bpf_obj_name_cpy+0x18a/0x1d0
[  214.073895][T10395]  bpf_prog_load+0x1664/0x20e0
[  214.073940][T10395]  ? __pfx_bpf_prog_load+0x10/0x10
[  214.073970][T10395]  ? __pfx___might_resched+0x10/0x10
[  214.074012][T10395]  ? __might_fault+0xaa/0x120
[  214.074040][T10395]  __sys_bpf+0x4ea/0x820
[  214.074071][T10395]  ? __pfx___sys_bpf+0x10/0x10
[  214.074113][T10395]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  214.074147][T10395]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  214.074179][T10395]  ? do_syscall_64+0x100/0x230
[  214.074215][T10395]  __x64_sys_bpf+0x7c/0x90
[  214.074241][T10395]  do_syscall_64+0xf3/0x230
[  214.074271][T10395]  ? clear_bhb_loop+0x35/0x90
[  214.074304][T10395]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.074332][T10395] RIP: 0033:0x7f267738d169
[  214.074351][T10395] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  214.074368][T10395] RSP: 002b:00007f267826a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  214.074390][T10395] RAX: ffffffffffffffda RBX: 00007f26775a5fa0 RCX: 00007f267738d169
[  214.074405][T10395] RDX: 0000000000000094 RSI: 0000400000000340 RDI: 0000000000000005
[  214.074417][T10395] RBP: 00007f267826a090 R08: 0000000000000000 R09: 0000000000000000
[  214.074429][T10395] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  214.074441][T10395] R13: 0000000000000000 R14: 00007f26775a5fa0 R15: 00007ffef83df9f8
[  214.074470][T10395]  </TASK>
[  214.074551][T10395] Mem-Info:
[  214.582097][T10395] active_anon:4080 inactive_anon:0 isolated_anon:0
[  214.582097][T10395]  active_file:1614 inactive_file:38356 isolated_file:0
[  214.582097][T10395]  unevictable:768 dirty:162 writeback:0
[  214.582097][T10395]  slab_reclaimable:10370 slab_unreclaimable:99792
[  214.582097][T10395]  mapped:33843 shmem:1422 pagetables:870
[  214.582097][T10395]  sec_pagetables:0 bounce:0
[  214.582097][T10395]  kernel_misc_reclaimable:0
[  214.582097][T10395]  free:1339172 free_pcp:156 free_cma:0
[  214.643624][T10395] Node 0 active_anon:16320kB inactive_anon:0kB active_file:6456kB inactive_file:153352kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:132472kB dirty:648kB writeback:0kB shmem:4152kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11276kB pagetables:3380kB sec_pagetables:0kB all_unreclaimable? no
[  214.682091][T10395] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  214.719186][T10395] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  214.778498][T10395] lowmem_reserve[]: 0 2490 2490 2490 2490
[  214.828462][T10395] Node 0 DMA32 free:1432468kB boost:0kB min:34168kB low:42708kB high:51248kB reserved_highatomic:0KB active_anon:15984kB inactive_anon:0kB active_file:6456kB inactive_file:153036kB unevictable:1536kB writepending:648kB present:3129332kB managed:2549828kB mlocked:0kB bounce:0kB free_pcp:1852kB local_pcp:1008kB free_cma:0kB
[  214.842012][T10412] sch_tbf: burst 4398 is lower than device lo mtu (39799) !
[  214.883965][T10414] netlink: 168 bytes leftover after parsing attributes in process `syz.0.1754'.
[  214.906871][T10395] lowmem_reserve[]: 0 0 0 0 0
[  214.915713][T10395] Node 0 Normal free:4kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:316kB unevictable:0kB writepending:0kB present:1048580kB managed:364kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  214.959036][T10395] lowmem_reserve[]: 0 0 0 0 0
[  214.964008][T10395] Node 1 Normal free:3908700kB boost:0kB min:55728kB low:69660kB high:83592kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  215.006761][T10414] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1754'.
[  215.018572][T10395] lowmem_reserve[]: 0 0 0 0 0
[  215.023383][T10395] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  215.049533][T10395] Node 0 DMA32: 2*4kB (ME) 12*8kB (ME) 65*16kB (UME) 146*32kB (UME) 263*64kB (UME) 64*128kB (UME) 25*256kB (UM) 14*512kB (UME) 6*1024kB (UM) 7*2048kB (UME) 334*4096kB (UM) = 1432952kB
[  215.088515][T10395] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[  215.125619][T10395] Node 1 Normal: 221*4kB (UE) 55*8kB (UME) 47*16kB (UME) 246*32kB (UME) 104*64kB (UME) 41*128kB (UME) 13*256kB (UME) 5*512kB (UM) 6*1024kB (UME) 4*2048kB (UE) 944*4096kB (M) = 3908700kB
[  215.149947][T10421] netlink: 256 bytes leftover after parsing attributes in process `syz.2.1757'.
[  215.149990][T10420] FAULT_INJECTION: forcing a failure.
[  215.149990][T10420] name failslab, interval 1, probability 0, space 0, times 0
[  215.168634][T10421] FAULT_INJECTION: forcing a failure.
[  215.168634][T10421] name failslab, interval 1, probability 0, space 0, times 0
[  215.192961][T10420] CPU: 0 UID: 0 PID: 10420 Comm: syz.4.1756 Not tainted 6.14.0-rc6-syzkaller-00104-g5f079290e591 #0
[  215.192989][T10420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  215.193002][T10420] Call Trace:
[  215.193008][T10420]  <TASK>
[  215.193017][T10420]  dump_stack_lvl+0x241/0x360
[  215.193048][T10420]  ? __pfx_dump_stack_lvl+0x10/0x10
[  215.193069][T10420]  ? __pfx__printk+0x10/0x10
[  215.193096][T10420]  ? ref_tracker_alloc+0x332/0x490
[  215.193122][T10420]  should_fail_ex+0x40a/0x550
[  215.193158][T10420]  should_failslab+0xac/0x100
[  215.193188][T10420]  ? skb_clone+0x20c/0x390
[  215.193210][T10420]  kmem_cache_alloc_noprof+0x70/0x380
[  215.193245][T10420]  skb_clone+0x20c/0x390
[  215.193272][T10420]  __netlink_deliver_tap+0x3c4/0x7f0
[  215.193311][T10420]  ? netlink_deliver_tap+0x2e/0x1b0
[  215.193334][T10420]  netlink_deliver_tap+0x19d/0x1b0
[  215.193361][T10420]  __netlink_sendskb+0x60/0xd0
[  215.193385][T10420]  netlink_dump+0x9f0/0xe10
[  215.193421][T10420]  ? __pfx_netlink_dump+0x10/0x10
[  215.193472][T10420]  ? __asan_memset+0x23/0x50
[  215.193492][T10420]  ? genl_start+0x4ae/0x6d0
[  215.193531][T10420]  __netlink_dump_start+0x5a2/0x790
[  215.193566][T10420]  genl_rcv_msg+0x894/0xec0
[  215.193607][T10420]  ? __pfx_genl_rcv_msg+0x10/0x10
[  215.193646][T10420]  ? __pfx_genl_start+0x10/0x10
[  215.193673][T10420]  ? __pfx_genl_dumpit+0x10/0x10
[  215.193701][T10420]  ? __pfx_genl_done+0x10/0x10
[  215.193751][T10420]  ? __pfx_lock_acquire+0x10/0x10
[  215.193782][T10420]  ? __pfx_ovs_flow_cmd_dump+0x10/0x10
[  215.193812][T10420]  ? __pfx___might_resched+0x10/0x10
[  215.193853][T10420]  netlink_rcv_skb+0x206/0x480
[  215.193878][T10420]  ? __pfx_genl_rcv_msg+0x10/0x10
[  215.193912][T10420]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  215.193952][T10420]  ? __netlink_deliver_tap+0x7b0/0x7f0
[  215.193995][T10420]  genl_rcv+0x28/0x40
[  215.194022][T10420]  netlink_unicast+0x7f6/0x990
[  215.194054][T10420]  ? __pfx_netlink_unicast+0x10/0x10
[  215.194073][T10420]  ? __virt_addr_valid+0x45f/0x530
[  215.194095][T10420]  ? __phys_addr_symbol+0x2f/0x70
[  215.194114][T10420]  ? __check_object_size+0x47a/0x730
[  215.194149][T10420]  netlink_sendmsg+0x8de/0xcb0
[  215.194189][T10420]  ? __pfx_netlink_sendmsg+0x10/0x10
[  215.194220][T10420]  ? aa_sock_msg_perm+0x91/0x160
[  215.194260][T10420]  ? __pfx_netlink_sendmsg+0x10/0x10
[  215.194283][T10420]  __sock_sendmsg+0x221/0x270
[  215.194316][T10420]  ____sys_sendmsg+0x53a/0x860
[  215.194348][T10420]  ? __pfx_____sys_sendmsg+0x10/0x10
[  215.194369][T10420]  ? __fget_files+0x2a/0x410
[  215.194404][T10420]  ? __fget_files+0x2a/0x410
[  215.194452][T10420]  __sys_sendmsg+0x269/0x350
[  215.194481][T10420]  ? __pfx___sys_sendmsg+0x10/0x10
[  215.194520][T10420]  ? do_sys_openat2+0x17a/0x1d0
[  215.194581][T10420]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  215.194614][T10420]  ? do_syscall_64+0x100/0x230
[  215.194649][T10420]  ? do_syscall_64+0xb6/0x230
[  215.194682][T10420]  do_syscall_64+0xf3/0x230
[  215.194713][T10420]  ? clear_bhb_loop+0x35/0x90
[  215.194746][T10420]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.194774][T10420] RIP: 0033:0x7f29fed8d169
[  215.194792][T10420] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  215.194809][T10420] RSP: 002b:00007f29ffbc2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  215.194831][T10420] RAX: ffffffffffffffda RBX: 00007f29fefa5fa0 RCX: 00007f29fed8d169
[  215.194846][T10420] RDX: 0000000000000000 RSI: 0000400000000100 RDI: 0000000000000003
[  215.194859][T10420] RBP: 00007f29ffbc2090 R08: 0000000000000000 R09: 0000000000000000
[  215.194872][T10420] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  215.194884][T10420] R13: 0000000000000000 R14: 00007f29fefa5fa0 R15: 00007ffe3fef5828
[  215.194916][T10420]  </TASK>
[  215.199585][T10395] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  215.215689][T10421] CPU: 0 UID: 0 PID: 10421 Comm: syz.2.1757 Not tainted 6.14.0-rc6-syzkaller-00104-g5f079290e591 #0
[  215.215721][T10421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  215.215734][T10421] Call Trace:
[  215.215742][T10421]  <TASK>
[  215.215751][T10421]  dump_stack_lvl+0x241/0x360
[  215.215784][T10421]  ? __pfx_dump_stack_lvl+0x10/0x10
[  215.215808][T10421]  ? __pfx__printk+0x10/0x10
[  215.215840][T10421]  ? __lock_acquire+0x1397/0x2100
[  215.215877][T10421]  should_fail_ex+0x40a/0x550
[  215.215916][T10421]  should_failslab+0xac/0x100
[  215.215948][T10421]  kmem_cache_alloc_node_noprof+0x77/0x380
[  215.215980][T10421]  ? __alloc_skb+0x1c3/0x440
[  215.216019][T10421]  __alloc_skb+0x1c3/0x440
[  215.216061][T10421]  ? __pfx___alloc_skb+0x10/0x10
[  215.216094][T10421]  ? km_report+0x220/0x240
[  215.216116][T10421]  ? __pfx_lock_release+0x10/0x10
[  215.216153][T10421]  xfrm_alloc_compat+0x1b6/0x1710
[  215.216189][T10421]  ? xfrm_get_translator+0x19/0x240
[  215.216207][T10421]  ? __pfx_xfrm_alloc_compat+0x10/0x10
[  215.216236][T10421]  xfrm_nlmsg_multicast+0xd7/0x1f0
[  215.216269][T10421]  ? xfrm_set_default+0x3e1/0x740
[  215.216295][T10421]  xfrm_set_default+0x495/0x740
[  215.216325][T10421]  xfrm_user_rcv_msg+0x975/0xc20
[  215.216354][T10421]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  215.216418][T10421]  ? __mutex_trylock_common+0x183/0x2e0
[  215.216450][T10421]  ? __pfx___might_resched+0x10/0x10
[  215.216485][T10421]  ? __pfx___mutex_trylock_common+0x10/0x10
[  215.216526][T10421]  netlink_rcv_skb+0x206/0x480
[  215.216556][T10421]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  215.216580][T10421]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  215.216640][T10421]  xfrm_netlink_rcv+0x79/0x90
[  215.216662][T10421]  netlink_unicast+0x7f6/0x990
[  215.216694][T10421]  ? __pfx_netlink_unicast+0x10/0x10
[  215.216715][T10421]  ? __virt_addr_valid+0x45f/0x530
[  215.216738][T10421]  ? __phys_addr_symbol+0x2f/0x70
[  215.216757][T10421]  ? __check_object_size+0x47a/0x730
[  215.216793][T10421]  netlink_sendmsg+0x8de/0xcb0
[  215.216835][T10421]  ? __pfx_netlink_sendmsg+0x10/0x10
[  215.216866][T10421]  ? aa_sock_msg_perm+0x91/0x160
[  215.216908][T10421]  ? __pfx_netlink_sendmsg+0x10/0x10
[  215.216932][T10421]  __sock_sendmsg+0x221/0x270
[  215.216964][T10421]  ____sys_sendmsg+0x53a/0x860
[  215.216999][T10421]  ? __pfx_____sys_sendmsg+0x10/0x10
[  215.217020][T10421]  ? __fget_files+0x2a/0x410
[  215.217057][T10421]  ? __fget_files+0x2a/0x410
[  215.217098][T10421]  __sys_sendmsg+0x269/0x350
[  215.217128][T10421]  ? __pfx___sys_sendmsg+0x10/0x10
[  215.217168][T10421]  ? do_sys_openat2+0x17a/0x1d0
[  215.217231][T10421]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  215.217266][T10421]  ? do_syscall_64+0x100/0x230
[  215.217303][T10421]  ? do_syscall_64+0xb6/0x230
[  215.217338][T10421]  do_syscall_64+0xf3/0x230
[  215.217370][T10421]  ? clear_bhb_loop+0x35/0x90
[  215.217406][T10421]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.217444][T10421] RIP: 0033:0x7fc1b918d169
[  215.217465][T10421] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  215.217483][T10421] RSP: 002b:00007fc1ba00b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  215.217506][T10421] RAX: ffffffffffffffda RBX: 00007fc1b93a5fa0 RCX: 00007fc1b918d169
[  215.217523][T10421] RDX: 0000000000000000 RSI: 0000400000001f80 RDI: 0000000000000003
[  215.217537][T10421] RBP: 00007fc1ba00b090 R08: 0000000000000000 R09: 0000000000000000
[  215.217551][T10421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  215.217564][T10421] R13: 0000000000000000 R14: 00007fc1b93a5fa0 R15: 00007ffe98782658
[  215.217599][T10421]  </TASK>
[  215.419906][T10423] netlink: set zone limit has 8 unknown bytes
[  215.946188][T10395] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  215.955738][T10395] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  215.966704][T10395] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  215.976105][T10395] 41397 total pagecache pages
[  215.980857][T10395] 0 pages in swap cache
[  215.985039][T10395] Free swap  = 124996kB
[  215.989440][T10395] Total swap = 124996kB
[  215.993612][T10395] 2097051 pages RAM
[  215.997439][T10395] 0 pages HighMem/MovableOnly
[  216.003815][T10395] 427872 pages reserved
[  216.008000][T10395] 0 pages cma reserved
[  216.304689][T10451] 8021q: VLANs not supported on caif0
[  216.347721][T10452] sch_tbf: burst 4398 is lower than device lo mtu (39799) !
[  216.375293][T10453] sch_tbf: burst 4398 is lower than device lo mtu (39799) !
[  216.489337][T10460] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1772'.
[  216.775410][T10473] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1778'.
[  216.840365][T10475] netlink: 'syz.3.1779': attribute type 2 has an invalid length.
[  217.223933][T10488] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1785'.
[  217.627631][T10510] netlink: 256 bytes leftover after parsing attributes in process `syz.3.1793'.
[  217.774558][T10516] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  218.014255][T10527] netlink: 256 bytes leftover after parsing attributes in process `syz.3.1801'.
[  218.339093][T10535] FAULT_INJECTION: forcing a failure.
[  218.339093][T10535] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  218.375808][T10535] CPU: 0 UID: 0 PID: 10535 Comm: syz.2.1805 Not tainted 6.14.0-rc6-syzkaller-00104-g5f079290e591 #0
[  218.375838][T10535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  218.375851][T10535] Call Trace:
[  218.375859][T10535]  <TASK>
[  218.375867][T10535]  dump_stack_lvl+0x241/0x360
[  218.375898][T10535]  ? __pfx_dump_stack_lvl+0x10/0x10
[  218.375919][T10535]  ? __pfx__printk+0x10/0x10
[  218.375946][T10535]  ? snprintf+0xda/0x120
[  218.375973][T10535]  should_fail_ex+0x40a/0x550
[  218.376011][T10535]  _copy_to_user+0x31/0xb0
[  218.376042][T10535]  simple_read_from_buffer+0xca/0x150
[  218.376086][T10535]  proc_fail_nth_read+0x1e9/0x250
[  218.376118][T10535]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  218.376150][T10535]  ? rw_verify_area+0x243/0x630
[  218.376171][T10535]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  218.376202][T10535]  vfs_read+0x1f8/0xb40
[  218.376224][T10535]  ? fdget_pos+0x254/0x320
[  218.376255][T10535]  ? __pfx___mutex_lock+0x10/0x10
[  218.376285][T10535]  ? __pfx_vfs_read+0x10/0x10
[  218.376303][T10535]  ? do_sys_openat2+0x17a/0x1d0
[  218.376335][T10535]  ? __fget_files+0x2a/0x410
[  218.376367][T10535]  ? __fget_files+0x395/0x410
[  218.376394][T10535]  ? __fget_files+0x2a/0x410
[  218.376432][T10535]  ksys_read+0x18f/0x2b0
[  218.376456][T10535]  ? __pfx_ksys_read+0x10/0x10
[  218.376479][T10535]  ? do_syscall_64+0x100/0x230
[  218.376520][T10535]  ? do_syscall_64+0xb6/0x230
[  218.376552][T10535]  do_syscall_64+0xf3/0x230
[  218.376582][T10535]  ? clear_bhb_loop+0x35/0x90
[  218.376612][T10535]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.376639][T10535] RIP: 0033:0x7fc1b918bb7c
[  218.376657][T10535] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  218.376674][T10535] RSP: 002b:00007fc1ba00b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  218.376695][T10535] RAX: ffffffffffffffda RBX: 00007fc1b93a5fa0 RCX: 00007fc1b918bb7c
[  218.376710][T10535] RDX: 000000000000000f RSI: 00007fc1ba00b0a0 RDI: 0000000000000004
[  218.376723][T10535] RBP: 00007fc1ba00b090 R08: 0000000000000000 R09: 0000000000000000
[  218.376735][T10535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  218.376747][T10535] R13: 0000000000000000 R14: 00007fc1b93a5fa0 R15: 00007ffe98782658
[  218.376776][T10535]  </TASK>
[  218.673368][T10540] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1808'.
[  218.715562][T10540] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1808'.
[  218.831715][T10547] netlink: 256 bytes leftover after parsing attributes in process `syz.2.1811'.
[  219.118909][T10563] netlink: 168 bytes leftover after parsing attributes in process `syz.4.1817'.
[  219.141723][T10566] netlink: 'syz.3.1818': attribute type 10 has an invalid length.
[  219.143574][T10567] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1816'.
[  219.165833][T10563] netlink: 'syz.4.1817': attribute type 1 has an invalid length.
[  219.221216][T10566] team0: Device veth0_macvtap failed to register rx_handler
[  219.221783][T10571] netlink: 'syz.3.1818': attribute type 1 has an invalid length.
[  219.236763][T10571] netlink: 'syz.3.1818': attribute type 1 has an invalid length.
[  219.392856][T10576] sch_tbf: burst 4398 is lower than device lo mtu (39799) !
[  219.523846][T10579] netlink: 'syz.2.1822': attribute type 2 has an invalid length.
[  219.536651][T10579] netlink: 'syz.2.1822': attribute type 2 has an invalid length.
[  219.549158][T10579] netlink: 'syz.2.1822': attribute type 2 has an invalid length.
[  219.557022][T10579] netlink: 'syz.2.1822': attribute type 1 has an invalid length.
[  219.583119][T10579] netlink: 'syz.2.1822': attribute type 1 has an invalid length.
[  219.849874][T10594] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  219.909288][T10594] 8021q: adding VLAN 0 to HW filter on device bond0
[  219.933180][T10594] bond0: (slave lo): Enslaving as an active interface with an up link
[  220.121003][T10608] batman_adv: batadv0: Adding interface: dummy0
[  220.127318][T10608] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active
[  220.342910][T10619] netlink: 'syz.4.1841': attribute type 11 has an invalid length.
[  220.389544][T10623] batman_adv: batadv0: Adding interface: dummy0
[  220.397607][T10623] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  220.446129][T10620] xt_CT: No such helper "netbios-ns"
[  220.448461][T10623] batman_adv: batadv0: Interface activated: dummy0
[  220.493281][T10623] batadv0: mtu less than device minimum
[  220.519934][T10623] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  220.533123][T10623] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  220.545811][T10623] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  220.558619][T10623] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  220.571020][T10623] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  220.583745][T10623] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  220.596456][T10623] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  220.609150][T10623] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  220.621714][T10623] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  221.002977][T10649] sch_tbf: burst 4398 is lower than device lo mtu (39799) !
[  221.221042][T10659] x_tables: duplicate underflow at hook 2
[  221.246665][T10663] FAULT_INJECTION: forcing a failure.
[  221.246665][T10663] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  221.287762][T10663] CPU: 1 UID: 0 PID: 10663 Comm: syz.1.1859 Not tainted 6.14.0-rc6-syzkaller-00104-g5f079290e591 #0
[  221.287790][T10663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  221.287801][T10663] Call Trace:
[  221.287808][T10663]  <TASK>
[  221.287816][T10663]  dump_stack_lvl+0x241/0x360
[  221.287845][T10663]  ? __pfx_dump_stack_lvl+0x10/0x10
[  221.287866][T10663]  ? __pfx__printk+0x10/0x10
[  221.287891][T10663]  ? snprintf+0xda/0x120
[  221.287916][T10663]  should_fail_ex+0x40a/0x550
[  221.287949][T10663]  _copy_to_user+0x31/0xb0
[  221.287977][T10663]  simple_read_from_buffer+0xca/0x150
[  221.288006][T10663]  proc_fail_nth_read+0x1e9/0x250
[  221.288043][T10663]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  221.288073][T10663]  ? rw_verify_area+0x243/0x630
[  221.288092][T10663]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  221.288121][T10663]  vfs_read+0x1f8/0xb40
[  221.288142][T10663]  ? fdget_pos+0x254/0x320
[  221.288170][T10663]  ? __pfx___mutex_lock+0x10/0x10
[  221.288199][T10663]  ? __pfx_vfs_read+0x10/0x10
[  221.288216][T10663]  ? do_sys_openat2+0x17a/0x1d0
[  221.288247][T10663]  ? __fget_files+0x2a/0x410
[  221.288275][T10663]  ? __fget_files+0x395/0x410
[  221.288301][T10663]  ? __fget_files+0x2a/0x410
[  221.288342][T10663]  ksys_read+0x18f/0x2b0
[  221.288364][T10663]  ? __pfx_ksys_read+0x10/0x10
[  221.288383][T10663]  ? do_syscall_64+0x100/0x230
[  221.288415][T10663]  ? do_syscall_64+0xb6/0x230
[  221.288444][T10663]  do_syscall_64+0xf3/0x230
[  221.288471][T10663]  ? clear_bhb_loop+0x35/0x90
[  221.288500][T10663]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.288526][T10663] RIP: 0033:0x7f164878bb7c
[  221.288543][T10663] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  221.288559][T10663] RSP: 002b:00007f1649659030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  221.288579][T10663] RAX: ffffffffffffffda RBX: 00007f16489a5fa0 RCX: 00007f164878bb7c
[  221.288592][T10663] RDX: 000000000000000f RSI: 00007f16496590a0 RDI: 0000000000000004
[  221.288604][T10663] RBP: 00007f1649659090 R08: 0000000000000000 R09: 0000000000000000
[  221.288615][T10663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  221.288626][T10663] R13: 0000000000000000 R14: 00007f16489a5fa0 R15: 00007ffee1601f58
[  221.288655][T10663]  </TASK>
[  221.709642][T10669] __nla_validate_parse: 9 callbacks suppressed
[  221.709663][T10669] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1863'.
[  221.820364][T10674] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1865'.
[  222.046649][T10687] netlink: 256 bytes leftover after parsing attributes in process `syz.3.1870'.
[  222.071673][T10688] TCP: TCP_TX_DELAY enabled
[  222.180505][T10690] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1871'.
[  222.304741][T10700] netlink: 256 bytes leftover after parsing attributes in process `syz.0.1876'.
[  222.342806][T10700] xt_TCPMSS: Only works on TCP SYN packets
[  222.356627][T10702] sch_tbf: burst 4398 is lower than device lo mtu (39799) !
[  222.535048][T10709] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1880'.
[  222.749472][T10718] FAULT_INJECTION: forcing a failure.
[  222.749472][T10718] name failslab, interval 1, probability 0, space 0, times 0
[  222.766975][T10721] netlink: 'syz.4.1884': attribute type 11 has an invalid length.
[  222.786771][T10718] CPU: 1 UID: 0 PID: 10718 Comm: syz.0.1885 Not tainted 6.14.0-rc6-syzkaller-00104-g5f079290e591 #0
[  222.786799][T10718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  222.786811][T10718] Call Trace:
[  222.786817][T10718]  <TASK>
[  222.786826][T10718]  dump_stack_lvl+0x241/0x360
[  222.786854][T10718]  ? __pfx_dump_stack_lvl+0x10/0x10
[  222.786875][T10718]  ? __pfx__printk+0x10/0x10
[  222.786896][T10718]  ? __kmalloc_cache_noprof+0x48/0x390
[  222.786924][T10718]  ? __pfx___might_resched+0x10/0x10
[  222.786953][T10718]  should_fail_ex+0x40a/0x550
[  222.786985][T10718]  should_failslab+0xac/0x100
[  222.787012][T10718]  __kmalloc_cache_noprof+0x70/0x390
[  222.787037][T10718]  ? nf_ct_tmpl_alloc+0x7e/0x220
[  222.787064][T10718]  nf_ct_tmpl_alloc+0x7e/0x220
[  222.787088][T10718]  xt_ct_tg_check+0x2cf/0xc30
[  222.787114][T10718]  ? trace_contention_end+0x3c/0x120
[  222.787138][T10718]  ? __pfx_xt_ct_tg_check+0x10/0x10
[  222.787172][T10718]  ? __mutex_unlock_slowpath+0x227/0x800
[  222.787205][T10718]  xt_check_target+0x3b9/0xa40
[  222.787235][T10718]  ? __pfx_xt_check_target+0x10/0x10
[  222.787273][T10718]  ? xt_find_target+0x1db/0x230
[  222.787302][T10718]  translate_table+0x19ea/0x2370
[  222.787357][T10718]  ? __pfx_translate_table+0x10/0x10
[  222.787388][T10718]  ? __might_fault+0xaa/0x120
[  222.787407][T10718]  ? __pfx_lock_release+0x10/0x10
[  222.787440][T10718]  ? __virt_addr_valid+0x183/0x530
[  222.787462][T10718]  ? __might_fault+0xc6/0x120
[  222.787486][T10718]  ? copy_from_sockptr_offset+0x6b/0xb0
[  222.787507][T10718]  do_ipt_set_ctl+0xe3d/0x1250
[  222.787532][T10718]  ? nf_setsockopt+0x240/0x2c0
[  222.787553][T10718]  ? do_ip_setsockopt+0x2824/0x3ae0
[  222.787582][T10718]  ? __pfx_do_ipt_set_ctl+0x10/0x10
[  222.787601][T10718]  ? rcu_is_watching+0x15/0xb0
[  222.787622][T10718]  ? trace_contention_end+0x3c/0x120
[  222.787652][T10718]  ? __mutex_unlock_slowpath+0x227/0x800
[  222.787688][T10718]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  222.787715][T10718]  ? aa_sk_perm+0x96d/0xab0
[  222.787749][T10718]  ? __pfx_aa_sk_perm+0x10/0x10
[  222.787779][T10718]  nf_setsockopt+0x295/0x2c0
[  222.787807][T10718]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  222.787834][T10718]  do_sock_setsockopt+0x3af/0x720
[  222.787858][T10718]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  222.787882][T10718]  ? __fget_files+0x395/0x410
[  222.787908][T10718]  ? __fget_files+0x2a/0x410
[  222.787943][T10718]  __x64_sys_setsockopt+0x1ee/0x280
[  222.787969][T10718]  do_syscall_64+0xf3/0x230
[  222.787997][T10718]  ? clear_bhb_loop+0x35/0x90
[  222.788026][T10718]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.788052][T10718] RIP: 0033:0x7fb37ed8d169
[  222.788069][T10718] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  222.788085][T10718] RSP: 002b:00007fb37fb77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  222.788104][T10718] RAX: ffffffffffffffda RBX: 00007fb37efa5fa0 RCX: 00007fb37ed8d169
[  222.788118][T10718] RDX: 0000000000000040 RSI: 0004000000000000 RDI: 0000000000000003
[  222.788130][T10718] RBP: 00007fb37fb77090 R08: 00000000000002b8 R09: 0000000000000000
[  222.788142][T10718] R10: 0000400000000780 R11: 0000000000000246 R12: 0000000000000002
[  222.788153][T10718] R13: 0000000000000000 R14: 00007fb37efa5fa0 R15: 00007ffea1dadac8
[  222.788186][T10718]  </TASK>
[  222.805089][T10721] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1884'.
[  224.671003][T10727] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1888'.
[  224.681160][T10736] validate_nla: 3 callbacks suppressed
[  224.681177][T10736] netlink: 'syz.0.1891': attribute type 2 has an invalid length.
[  224.845958][T10746] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1896'.
[  224.869295][T10747] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1894'.
[  225.073635][T10760] : entered promiscuous mode
[  225.090484][T10760] netlink: 'syz.4.1902': attribute type 4 has an invalid length.
[  225.107332][T10760] netlink: 'syz.4.1902': attribute type 28 has an invalid length.
[  225.115745][T10760] netlink: 'syz.4.1902': attribute type 3 has an invalid length.
[  225.164154][T10760] netlink: 'syz.4.1902': attribute type 3 has an invalid length.
[  225.285877][T10772] FAULT_INJECTION: forcing a failure.
[  225.285877][T10772] name failslab, interval 1, probability 0, space 0, times 0
[  225.298829][T10772] CPU: 0 UID: 0 PID: 10772 Comm: syz.2.1906 Not tainted 6.14.0-rc6-syzkaller-00104-g5f079290e591 #0
[  225.298856][T10772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  225.298869][T10772] Call Trace:
[  225.298877][T10772]  <TASK>
[  225.298886][T10772]  dump_stack_lvl+0x241/0x360
[  225.298917][T10772]  ? __pfx_dump_stack_lvl+0x10/0x10
[  225.298941][T10772]  ? __pfx__printk+0x10/0x10
[  225.298964][T10772]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  225.299002][T10772]  ? __pfx___might_resched+0x10/0x10
[  225.299027][T10772]  ? aa_label_sk_perm+0x4f3/0x6c0
[  225.299062][T10772]  should_fail_ex+0x40a/0x550
[  225.299098][T10772]  should_failslab+0xac/0x100
[  225.299128][T10772]  kmem_cache_alloc_node_noprof+0x77/0x380
[  225.299157][T10772]  ? __alloc_skb+0x1c3/0x440
[  225.299193][T10772]  __alloc_skb+0x1c3/0x440
[  225.299230][T10772]  ? __pfx___alloc_skb+0x10/0x10
[  225.299273][T10772]  netlink_sendmsg+0x634/0xcb0
[  225.299311][T10772]  ? __pfx_netlink_sendmsg+0x10/0x10
[  225.299340][T10772]  ? aa_sock_msg_perm+0x91/0x160
[  225.299376][T10772]  ? __pfx_netlink_sendmsg+0x10/0x10
[  225.299399][T10772]  __sock_sendmsg+0x221/0x270
[  225.299430][T10772]  ____sys_sendmsg+0x53a/0x860
[  225.299461][T10772]  ? __pfx_____sys_sendmsg+0x10/0x10
[  225.299481][T10772]  ? __fget_files+0x2a/0x410
[  225.299514][T10772]  ? __fget_files+0x2a/0x410
[  225.299553][T10772]  __sys_sendmsg+0x269/0x350
[  225.299581][T10772]  ? __pfx___sys_sendmsg+0x10/0x10
[  225.299617][T10772]  ? do_sys_openat2+0x17a/0x1d0
[  225.299673][T10772]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  225.299706][T10772]  ? do_syscall_64+0x100/0x230
[  225.299740][T10772]  ? do_syscall_64+0xb6/0x230
[  225.299774][T10772]  do_syscall_64+0xf3/0x230
[  225.299805][T10772]  ? clear_bhb_loop+0x35/0x90
[  225.299838][T10772]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.299866][T10772] RIP: 0033:0x7fc1b918d169
[  225.299883][T10772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  225.299901][T10772] RSP: 002b:00007fc1ba00b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  225.299923][T10772] RAX: ffffffffffffffda RBX: 00007fc1b93a5fa0 RCX: 00007fc1b918d169
[  225.299939][T10772] RDX: 0000000000045080 RSI: 0000400000000500 RDI: 0000000000000004
[  225.299953][T10772] RBP: 00007fc1ba00b090 R08: 0000000000000000 R09: 0000000000000000
[  225.299965][T10772] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  225.299978][T10772] R13: 0000000000000000 R14: 00007fc1b93a5fa0 R15: 00007ffe98782658
[  225.300014][T10772]  </TASK>
[  225.798293][T10789] lo: entered promiscuous mode
[  225.808172][T10788] lo: left promiscuous mode
[  225.959361][T10787] xt_cgroup: xt_cgroup: no path or classid specified
[  226.079736][T10800] FAULT_INJECTION: forcing a failure.
[  226.079736][T10800] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  226.149428][T10803] netlink: 'syz.2.1920': attribute type 2 has an invalid length.
[  226.159483][T10800] CPU: 0 UID: 0 PID: 10800 Comm: syz.3.1919 Not tainted 6.14.0-rc6-syzkaller-00104-g5f079290e591 #0
[  226.159511][T10800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  226.159523][T10800] Call Trace:
[  226.159530][T10800]  <TASK>
[  226.159539][T10800]  dump_stack_lvl+0x241/0x360
[  226.159568][T10800]  ? __pfx_dump_stack_lvl+0x10/0x10
[  226.159595][T10800]  ? __pfx__printk+0x10/0x10
[  226.159615][T10800]  ? rcu_is_watching+0x15/0xb0
[  226.159637][T10800]  ? __pfx_lock_release+0x10/0x10
[  226.159671][T10800]  ? __alloc_frozen_pages_noprof+0x350/0x710
[  226.159704][T10800]  should_fail_ex+0x40a/0x550
[  226.159738][T10800]  _copy_from_iter+0x1df/0x1c40
[  226.159777][T10800]  ? __pfx__copy_from_iter+0x10/0x10
[  226.159801][T10800]  ? tun_get_user+0x875/0x48a0
[  226.159828][T10800]  ? set_page_refcounted+0xa1/0x1e0
[  226.159857][T10800]  ? alloc_pages_noprof+0x136/0x190
[  226.159882][T10800]  ? page_copy_sane+0x46/0x260
[  226.159907][T10800]  copy_page_from_iter+0x7a/0x100
[  226.159936][T10800]  tun_get_user+0x2035/0x48a0
[  226.159961][T10800]  ? tun_get_user+0x875/0x48a0
[  226.160002][T10800]  ? __pfx_tun_get_user+0x10/0x10
[  226.160043][T10800]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  226.160064][T10800]  ? tun_get+0x1e/0x2f0
[  226.160085][T10800]  ? __pfx_lock_release+0x10/0x10
[  226.160129][T10800]  ? tun_get+0x1e/0x2f0
[  226.160150][T10800]  ? tun_get+0x27d/0x2f0
[  226.160173][T10800]  tun_chr_write_iter+0x10d/0x1f0
[  226.160199][T10800]  vfs_write+0xacf/0xd10
[  226.160225][T10800]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  226.160249][T10800]  ? __pfx_vfs_write+0x10/0x10
[  226.160267][T10800]  ? do_sys_openat2+0x17a/0x1d0
[  226.160299][T10800]  ? __fget_files+0x2a/0x410
[  226.160332][T10800]  ? __fget_files+0x2a/0x410
[  226.160370][T10800]  ksys_write+0x18f/0x2b0
[  226.160393][T10800]  ? __pfx_ksys_write+0x10/0x10
[  226.160416][T10800]  ? do_syscall_64+0x100/0x230
[  226.160449][T10800]  ? do_syscall_64+0xb6/0x230
[  226.160481][T10800]  do_syscall_64+0xf3/0x230
[  226.160510][T10800]  ? clear_bhb_loop+0x35/0x90
[  226.160541][T10800]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.160568][T10800] RIP: 0033:0x7f267738bc1f
[  226.160585][T10800] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  226.160602][T10800] RSP: 002b:00007f267826a000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  226.160623][T10800] RAX: ffffffffffffffda RBX: 00007f26775a5fa0 RCX: 00007f267738bc1f
[  226.160638][T10800] RDX: 000000000000003a RSI: 0000400000000400 RDI: 00000000000000c8
[  226.160651][T10800] RBP: 00007f267826a090 R08: 0000000000000000 R09: 0000000000000000
[  226.160671][T10800] R10: 000000000000003a R11: 0000000000000293 R12: 0000000000000001
[  226.160683][T10800] R13: 0000000000000000 R14: 00007f26775a5fa0 R15: 00007ffef83df9f8
[  226.160712][T10800]  </TASK>
[  226.606853][ T5841] Bluetooth: hci3: link tx timeout
[  226.612328][ T5841] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  226.902552][T10833] __nla_validate_parse: 7 callbacks suppressed
[  226.902573][T10833] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1930'.
[  226.925560][T10833] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1930'.
[  226.949056][T10833] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1930'.
[  227.128428][T10843] netlink: 256 bytes leftover after parsing attributes in process `syz.2.1937'.
[  227.132675][T10842] xt_l2tp: unknown flags: 18
[  227.163122][T10842] netlink: 'syz.0.1935': attribute type 2 has an invalid length.
[  227.167331][T10845] netlink: 256 bytes leftover after parsing attributes in process `syz.1.1936'.
[  227.682298][T10868] mac80211_hwsim hwsim4 syzkaller0: entered promiscuous mode
[  227.690040][T10868] mac80211_hwsim hwsim4 syzkaller0: entered allmulticast mode
[  227.739314][T10872] FAULT_INJECTION: forcing a failure.
[  227.739314][T10872] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  227.754477][T10872] CPU: 1 UID: 0 PID: 10872 Comm: syz.3.1949 Not tainted 6.14.0-rc6-syzkaller-00104-g5f079290e591 #0
[  227.754504][T10872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  227.754516][T10872] Call Trace:
[  227.754523][T10872]  <TASK>
[  227.754531][T10872]  dump_stack_lvl+0x241/0x360
[  227.754569][T10872]  ? __pfx_dump_stack_lvl+0x10/0x10
[  227.754592][T10872]  ? __pfx__printk+0x10/0x10
[  227.754617][T10872]  ? snprintf+0xda/0x120
[  227.754642][T10872]  should_fail_ex+0x40a/0x550
[  227.754678][T10872]  _copy_to_user+0x31/0xb0
[  227.754726][T10872]  simple_read_from_buffer+0xca/0x150
[  227.754758][T10872]  proc_fail_nth_read+0x1e9/0x250
[  227.754791][T10872]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  227.754825][T10872]  ? rw_verify_area+0x243/0x630
[  227.754847][T10872]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  227.754878][T10872]  vfs_read+0x1f8/0xb40
[  227.754902][T10872]  ? fdget_pos+0x254/0x320
[  227.754933][T10872]  ? __pfx___mutex_lock+0x10/0x10
[  227.754965][T10872]  ? __pfx_vfs_read+0x10/0x10
[  227.754984][T10872]  ? do_sys_openat2+0x17a/0x1d0
[  227.755018][T10872]  ? __fget_files+0x2a/0x410
[  227.755050][T10872]  ? __fget_files+0x395/0x410
[  227.755078][T10872]  ? __fget_files+0x2a/0x410
[  227.755119][T10872]  ksys_read+0x18f/0x2b0
[  227.755143][T10872]  ? __pfx_ksys_read+0x10/0x10
[  227.755166][T10872]  ? do_syscall_64+0x100/0x230
[  227.755201][T10872]  ? do_syscall_64+0xb6/0x230
[  227.755235][T10872]  do_syscall_64+0xf3/0x230
[  227.755265][T10872]  ? clear_bhb_loop+0x35/0x90
[  227.755298][T10872]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  227.755326][T10872] RIP: 0033:0x7f267738bb7c
[  227.755345][T10872] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  227.755362][T10872] RSP: 002b:00007f267826a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  227.755384][T10872] RAX: ffffffffffffffda RBX: 00007f26775a5fa0 RCX: 00007f267738bb7c
[  227.755399][T10872] RDX: 000000000000000f RSI: 00007f267826a0a0 RDI: 0000000000000006
[  227.755412][T10872] RBP: 00007f267826a090 R08: 0000000000000000 R09: 0000000000000000
[  227.755424][T10872] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  227.755436][T10872] R13: 0000000000000000 R14: 00007f26775a5fa0 R15: 00007ffef83df9f8
[  227.755467][T10872]  </TASK>
[  228.142244][T10877] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  228.185932][T10877] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  228.353563][T10889] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1956'.
[  228.530292][T10897] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1960'.
[  228.540416][T10897] net_ratelimit: 12 callbacks suppressed
[  228.540433][T10897] openvswitch: netlink: Flow actions attr not present in new flow.
[  228.679334][ T5847] Bluetooth: hci3: command 0x0405 tx timeout
[  228.836360][T10910] netlink: 'syz.3.1965': attribute type 12 has an invalid length.
[  228.905438][T10910] netlink: 256 bytes leftover after parsing attributes in process `syz.3.1965'.
[  229.162877][T10925] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1969'.
[  229.226308][T10928] 8021q: VLANs not supported on ip6_vti0
[  229.375745][T10933] ax25_connect(): syz.1.1973 uses autobind, please contact jreuter@yaina.de
[  229.547054][T10942] netlink: 'syz.1.1975': attribute type 2 has an invalid length.
[  229.567819][T10940] netlink: 256 bytes leftover after parsing attributes in process `syz.3.1976'.
[  229.759939][T10946] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  229.782349][T10946] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  229.887008][T10957] netlink: 'syz.1.1981': attribute type 9 has an invalid length.
[  230.012045][T10961] xt_CT: No such helper "pptp"
[  230.154749][T10971] FAULT_INJECTION: forcing a failure.
[  230.154749][T10971] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  230.198052][T10971] CPU: 1 UID: 0 PID: 10971 Comm: syz.2.1987 Not tainted 6.14.0-rc6-syzkaller-00104-g5f079290e591 #0
[  230.198084][T10971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  230.198097][T10971] Call Trace:
[  230.198104][T10971]  <TASK>
[  230.198113][T10971]  dump_stack_lvl+0x241/0x360
[  230.198144][T10971]  ? __pfx_dump_stack_lvl+0x10/0x10
[  230.198168][T10971]  ? __pfx__printk+0x10/0x10
[  230.198192][T10971]  ? __pfx_lock_release+0x10/0x10
[  230.198224][T10971]  ? __lock_acquire+0x1397/0x2100
[  230.198263][T10971]  should_fail_ex+0x40a/0x550
[  230.198300][T10971]  _copy_from_user+0x2d/0xb0
[  230.198333][T10971]  kstrtouint_from_user+0xc6/0x190
[  230.198360][T10971]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  230.198388][T10971]  ? __pfx_lock_acquire+0x10/0x10
[  230.198430][T10971]  proc_fail_nth_write+0xaa/0x2d0
[  230.198460][T10971]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  230.198486][T10971]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  230.198521][T10971]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  230.198550][T10971]  vfs_write+0x29f/0xd10
[  230.198575][T10971]  ? fdget_pos+0x254/0x320
[  230.198603][T10971]  ? __mutex_unlock_slowpath+0x227/0x800
[  230.198639][T10971]  ? __pfx_vfs_write+0x10/0x10
[  230.198668][T10971]  ? do_sys_openat2+0x17a/0x1d0
[  230.198701][T10971]  ? __fget_files+0x2a/0x410
[  230.198733][T10971]  ? __fget_files+0x395/0x410
[  230.198761][T10971]  ? __fget_files+0x2a/0x410
[  230.198798][T10971]  ksys_write+0x18f/0x2b0
[  230.198824][T10971]  ? __pfx_ksys_write+0x10/0x10
[  230.198847][T10971]  ? do_syscall_64+0x100/0x230
[  230.198882][T10971]  ? do_syscall_64+0xb6/0x230
[  230.198916][T10971]  do_syscall_64+0xf3/0x230
[  230.198946][T10971]  ? clear_bhb_loop+0x35/0x90
[  230.198980][T10971]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.199008][T10971] RIP: 0033:0x7fc1b918bc1f
[  230.199026][T10971] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  230.199043][T10971] RSP: 002b:00007fc1ba00b030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  230.199065][T10971] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc1b918bc1f
[  230.199079][T10971] RDX: 0000000000000001 RSI: 00007fc1ba00b0a0 RDI: 0000000000000003
[  230.199091][T10971] RBP: 00007fc1ba00b090 R08: 0000000000000000 R09: 0000000000000000
[  230.199104][T10971] R10: 0000000000000036 R11: 0000000000000293 R12: 0000000000000001
[  230.199116][T10971] R13: 0000000000000001 R14: 00007fc1b93a5fa0 R15: 00007ffe98782658
[  230.199148][T10971]  </TASK>
[  230.655033][T10983] C: renamed from lo (while UP)
[  230.673078][T10983] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  231.046568][T11013] FAULT_INJECTION: forcing a failure.
[  231.046568][T11013] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  231.067029][T11011] netlink: 'syz.4.2001': attribute type 3 has an invalid length.
[  231.075214][T11013] CPU: 0 UID: 0 PID: 11013 Comm: syz.0.2002 Not tainted 6.14.0-rc6-syzkaller-00104-g5f079290e591 #0
[  231.075242][T11013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  231.075254][T11013] Call Trace:
[  231.075261][T11013]  <TASK>
[  231.075269][T11013]  dump_stack_lvl+0x241/0x360
[  231.075299][T11013]  ? __pfx_dump_stack_lvl+0x10/0x10
[  231.075323][T11013]  ? __pfx__printk+0x10/0x10
[  231.075357][T11013]  ? __pfx_lock_release+0x10/0x10
[  231.075398][T11013]  should_fail_ex+0x40a/0x550
[  231.075434][T11013]  _copy_from_iter+0x1df/0x1c40
[  231.075460][T11013]  ? __virt_addr_valid+0x183/0x530
[  231.075482][T11013]  ? __pfx_lock_release+0x10/0x10
[  231.075519][T11013]  ? __alloc_skb+0x28f/0x440
[  231.075551][T11013]  ? __pfx__copy_from_iter+0x10/0x10
[  231.075577][T11013]  ? __virt_addr_valid+0x183/0x530
[  231.075596][T11013]  ? __virt_addr_valid+0x183/0x530
[  231.075613][T11013]  ? __virt_addr_valid+0x45f/0x530
[  231.075641][T11013]  ? __phys_addr_symbol+0x2f/0x70
[  231.075660][T11013]  ? __check_object_size+0x47a/0x730
[  231.075692][T11013]  netlink_sendmsg+0x742/0xcb0
[  231.075730][T11013]  ? __pfx_netlink_sendmsg+0x10/0x10
[  231.075759][T11013]  ? aa_sock_msg_perm+0x91/0x160
[  231.075794][T11013]  ? __pfx_netlink_sendmsg+0x10/0x10
[  231.075817][T11013]  __sock_sendmsg+0x221/0x270
[  231.075847][T11013]  ____sys_sendmsg+0x53a/0x860
[  231.075878][T11013]  ? __pfx_____sys_sendmsg+0x10/0x10
[  231.075899][T11013]  ? __fget_files+0x2a/0x410
[  231.075932][T11013]  ? __fget_files+0x2a/0x410
[  231.075971][T11013]  __sys_sendmsg+0x269/0x350
[  231.075998][T11013]  ? __pfx___sys_sendmsg+0x10/0x10
[  231.076041][T11013]  ? do_sys_openat2+0x17a/0x1d0
[  231.076091][T11013]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  231.076120][T11013]  ? do_syscall_64+0x100/0x230
[  231.076150][T11013]  ? do_syscall_64+0xb6/0x230
[  231.076179][T11013]  do_syscall_64+0xf3/0x230
[  231.076210][T11013]  ? clear_bhb_loop+0x35/0x90
[  231.076241][T11013]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.076266][T11013] RIP: 0033:0x7fb37ed8d169
[  231.076283][T11013] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  231.076298][T11013] RSP: 002b:00007fb37fb77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  231.076318][T11013] RAX: ffffffffffffffda RBX: 00007fb37efa5fa0 RCX: 00007fb37ed8d169
[  231.076332][T11013] RDX: 0000000000045080 RSI: 0000400000000500 RDI: 0000000000000004
[  231.076344][T11013] RBP: 00007fb37fb77090 R08: 0000000000000000 R09: 0000000000000000
[  231.076355][T11013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  231.076366][T11013] R13: 0000000000000000 R14: 00007fb37efa5fa0 R15: 00007ffea1dadac8
[  231.076394][T11013]  </TASK>
[  231.106379][T11011] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  231.268447][T11020] ieee802154 phy0 wpan0: encryption failed: -22
[  231.269733][T11011] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  231.375629][T11011] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  231.384423][T11011] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  231.437806][T11026] netlink: 'syz.4.2001': attribute type 11 has an invalid length.
[  231.479559][T11015] virt_wifi0: mtu less than device minimum
[  232.020809][T11047] __nla_validate_parse: 5 callbacks suppressed
[  232.020848][T11047] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2011'.
[  233.283457][T11041] mac80211_hwsim hwsim4 syzkaller0: Caught tx_queue_len zero misconfig
[  233.292386][T11043] bond0: option mode: unable to set because the bond device is up
[  233.418061][T11053] netlink: 'syz.1.2013': attribute type 2 has an invalid length.
[  233.872229][T11080] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2022'.
[  234.044977][T11084] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2024'.
[  234.073939][T11090] netlink: 256 bytes leftover after parsing attributes in process `syz.3.2025'.
[  234.240958][T11097] xt_CT: You must specify a L4 protocol and not use inversions on it
[  234.328784][T11103] netlink: 'syz.2.2030': attribute type 3 has an invalid length.
[  234.415471][T11109] openvswitch: netlink: IP tunnel dst address not specified
[  234.524801][T11115] FAULT_INJECTION: forcing a failure.
[  234.524801][T11115] name failslab, interval 1, probability 0, space 0, times 0
[  234.538624][T11115] CPU: 1 UID: 0 PID: 11115 Comm: syz.2.2033 Not tainted 6.14.0-rc6-syzkaller-00104-g5f079290e591 #0
[  234.538652][T11115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  234.538665][T11115] Call Trace:
[  234.538672][T11115]  <TASK>
[  234.538680][T11115]  dump_stack_lvl+0x241/0x360
[  234.538709][T11115]  ? __pfx_dump_stack_lvl+0x10/0x10
[  234.538731][T11115]  ? __pfx__printk+0x10/0x10
[  234.538754][T11115]  ? __kmalloc_cache_noprof+0x48/0x390
[  234.538785][T11115]  ? __pfx___might_resched+0x10/0x10
[  234.538816][T11115]  should_fail_ex+0x40a/0x550
[  234.538851][T11115]  should_failslab+0xac/0x100
[  234.538880][T11115]  __kmalloc_cache_noprof+0x70/0x390
[  234.538906][T11115]  ? call_usermodehelper_setup+0x8e/0x270
[  234.538930][T11115]  ? __kmalloc_node_track_caller_noprof+0x2a8/0x4c0
[  234.538966][T11115]  call_usermodehelper_setup+0x8e/0x270
[  234.538990][T11115]  ? __pfx_free_modprobe_argv+0x10/0x10
[  234.539014][T11115]  __request_module+0x3cd/0x640
[  234.539040][T11115]  ? __pfx___request_module+0x10/0x10
[  234.539063][T11115]  ? __pfx_lock_release+0x10/0x10
[  234.539109][T11115]  ? nf_conntrack_helper_try_module_get+0x84/0x9c0
[  234.539144][T11115]  nf_conntrack_helper_try_module_get+0x63f/0x9c0
[  234.539180][T11115]  ? nf_conntrack_helper_try_module_get+0x84/0x9c0
[  234.539215][T11115]  ? __pfx_nf_conntrack_helper_try_module_get+0x10/0x10
[  234.539248][T11115]  ? nf_ct_tmpl_alloc+0x7e/0x220
[  234.539275][T11115]  ? nf_ct_tmpl_alloc+0x12c/0x220
[  234.539301][T11115]  xt_ct_tg_check+0x68a/0xc30
[  234.539334][T11115]  ? __pfx_xt_ct_tg_check+0x10/0x10
[  234.539362][T11115]  ? __mutex_unlock_slowpath+0x227/0x800
[  234.539404][T11115]  xt_check_target+0x3b9/0xa40
[  234.539435][T11115]  ? __pfx_xt_check_target+0x10/0x10
[  234.539475][T11115]  ? xt_find_target+0x1db/0x230
[  234.539507][T11115]  translate_table+0x19ea/0x2370
[  234.539566][T11115]  ? __pfx_translate_table+0x10/0x10
[  234.539604][T11115]  ? __might_fault+0xaa/0x120
[  234.539624][T11115]  ? __pfx_lock_release+0x10/0x10
[  234.539659][T11115]  ? __virt_addr_valid+0x183/0x530
[  234.539683][T11115]  ? __might_fault+0xc6/0x120
[  234.539708][T11115]  ? copy_from_sockptr_offset+0x6b/0xb0
[  234.539731][T11115]  do_ipt_set_ctl+0xe3d/0x1250
[  234.539757][T11115]  ? nf_setsockopt+0x240/0x2c0
[  234.539780][T11115]  ? do_ip_setsockopt+0x2824/0x3ae0
[  234.539811][T11115]  ? __pfx_do_ipt_set_ctl+0x10/0x10
[  234.539833][T11115]  ? rcu_is_watching+0x15/0xb0
[  234.539856][T11115]  ? trace_contention_end+0x3c/0x120
[  234.539889][T11115]  ? __mutex_unlock_slowpath+0x227/0x800
[  234.539928][T11115]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  234.539957][T11115]  ? aa_sk_perm+0x96d/0xab0
[  234.539994][T11115]  ? __pfx_aa_sk_perm+0x10/0x10
[  234.540025][T11115]  nf_setsockopt+0x295/0x2c0
[  234.540055][T11115]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  234.540084][T11115]  do_sock_setsockopt+0x3af/0x720
[  234.540110][T11115]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  234.540137][T11115]  ? __fget_files+0x395/0x410
[  234.540166][T11115]  ? __fget_files+0x2a/0x410
[  234.540203][T11115]  __x64_sys_setsockopt+0x1ee/0x280
[  234.540231][T11115]  do_syscall_64+0xf3/0x230
[  234.540262][T11115]  ? clear_bhb_loop+0x35/0x90
[  234.540294][T11115]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.540322][T11115] RIP: 0033:0x7fc1b918d169
[  234.540352][T11115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  234.540368][T11115] RSP: 002b:00007fc1ba00b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  234.540394][T11115] RAX: ffffffffffffffda RBX: 00007fc1b93a5fa0 RCX: 00007fc1b918d169
[  234.540426][T11115] RDX: 0000000000000040 RSI: 0004000000000000 RDI: 0000000000000003
[  234.540438][T11115] RBP: 00007fc1ba00b090 R08: 00000000000002b8 R09: 0000000000000000
[  234.540450][T11115] R10: 0000400000000780 R11: 0000000000000246 R12: 0000000000000002
[  234.540463][T11115] R13: 0000000000000000 R14: 00007fc1b93a5fa0 R15: 00007ffe98782658
[  234.540492][T11115]  </TASK>
[  234.540599][T11115] xt_CT: No such helper "netbios-ns"
[  235.006846][T11119] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2035'.
[  235.017944][T11119] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2035'.
[  235.263006][T11128] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2039'.
[  235.480550][T11146] openvswitch: netlink: IP tunnel dst address not specified
[  237.217253][T11147] syz.4.2043: vmalloc error: size 16777216, failed to allocated page array size 32768, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  237.236361][T11147] CPU: 0 UID: 0 PID: 11147 Comm: syz.4.2043 Not tainted 6.14.0-rc6-syzkaller-00104-g5f079290e591 #0
[  237.236391][T11147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  237.236404][T11147] Call Trace:
[  237.236411][T11147]  <TASK>
[  237.236420][T11147]  dump_stack_lvl+0x241/0x360
[  237.236451][T11147]  ? __pfx_dump_stack_lvl+0x10/0x10
[  237.236473][T11147]  ? __pfx__printk+0x10/0x10
[  237.236500][T11147]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  237.236527][T11147]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  237.236556][T11147]  warn_alloc+0x278/0x410
[  237.236583][T11147]  ? __pfx_warn_alloc+0x10/0x10
[  237.236612][T11147]  ? xp_create_and_assign_umem+0x17b/0xc50
[  237.236640][T11147]  ? __get_vm_area_node+0x1c8/0x2d0
[  237.236671][T11147]  ? __get_vm_area_node+0x25c/0x2d0
[  237.236711][T11147]  __vmalloc_node_range_noprof+0x62f/0x1380
[  237.236733][T11147]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  237.236785][T11147]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  237.236807][T11147]  ? rcu_is_watching+0x15/0xb0
[  237.236830][T11147]  ? trace_kmalloc+0x1f/0xd0
[  237.236855][T11147]  ? __kmalloc_node_noprof+0x2ad/0x4d0
[  237.236883][T11147]  ? __kvmalloc_node_noprof+0x72/0x190
[  237.236918][T11147]  __kvmalloc_node_noprof+0x142/0x190
[  237.236986][T11147]  ? xp_create_and_assign_umem+0x17b/0xc50
[  237.237016][T11147]  xp_create_and_assign_umem+0x17b/0xc50
[  237.237059][T11147]  ? dev_get_by_index+0x23/0x2d0
[  237.237091][T11147]  xsk_bind+0x388/0xfe0
[  237.237123][T11147]  __sys_bind+0x1e4/0x290
[  237.237157][T11147]  ? __pfx___sys_bind+0x10/0x10
[  237.237208][T11147]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  237.237243][T11147]  ? do_syscall_64+0x100/0x230
[  237.237282][T11147]  __x64_sys_bind+0x7a/0x90
[  237.237314][T11147]  do_syscall_64+0xf3/0x230
[  237.237346][T11147]  ? clear_bhb_loop+0x35/0x90
[  237.237379][T11147]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.237407][T11147] RIP: 0033:0x7f29fed8d169
[  237.237425][T11147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  237.237443][T11147] RSP: 002b:00007f29ffba1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  237.237466][T11147] RAX: ffffffffffffffda RBX: 00007f29fefa6080 RCX: 00007f29fed8d169
[  237.237482][T11147] RDX: 0000000000000010 RSI: 0000400000000100 RDI: 0000000000000009
[  237.237495][T11147] RBP: 00007f29fee0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  237.237508][T11147] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  237.237520][T11147] R13: 0000000000000000 R14: 00007f29fefa6080 R15: 00007ffe3fef5828
[  237.237553][T11147]  </TASK>
[  237.237561][T11147] Mem-Info:
[  237.509028][T11147] active_anon:4878 inactive_anon:0 isolated_anon:0
[  237.509028][T11147]  active_file:1614 inactive_file:38368 isolated_file:0
[  237.509028][T11147]  unevictable:768 dirty:67 writeback:0
[  237.509028][T11147]  slab_reclaimable:10370 slab_unreclaimable:101202
[  237.509028][T11147]  mapped:29777 shmem:1397 pagetables:876
[  237.509028][T11147]  sec_pagetables:0 bounce:0
[  237.509028][T11147]  kernel_misc_reclaimable:0
[  237.509028][T11147]  free:1331146 free_pcp:651 free_cma:0
[  237.554361][T11147] Node 0 active_anon:19512kB inactive_anon:0kB active_file:6456kB inactive_file:153400kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:119108kB dirty:268kB writeback:0kB shmem:4052kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11100kB pagetables:3504kB sec_pagetables:0kB all_unreclaimable? no
[  237.598626][T11147] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  237.647244][T11147] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  237.706258][T11147] lowmem_reserve[]: 0 2490 2490 2490 2490
[  237.706378][T11170] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2051'.
[  237.712260][T11147] Node 0 DMA32 free:1403996kB boost:0kB min:34168kB low:42708kB high:51248kB reserved_highatomic:0KB active_anon:19376kB inactive_anon:0kB active_file:6456kB inactive_file:153084kB unevictable:1536kB writepending:268kB present:3129332kB managed:2549828kB mlocked:0kB bounce:0kB free_pcp:1676kB local_pcp:404kB free_cma:0kB
[  237.753702][T11147] lowmem_reserve[]: 0 0 0 0 0
[  237.759825][T11147] Node 0 Normal free:4kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:316kB unevictable:0kB writepending:0kB present:1048580kB managed:364kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  237.787297][T11147] lowmem_reserve[]: 0 0 0 0 0
[  237.792131][T11147] Node 1 Normal free:3908700kB boost:0kB min:55728kB low:69660kB high:83592kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  237.835479][T11147] lowmem_reserve[]: 0 0 0 0 0
[  237.840434][T11147] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  237.853242][T11147] Node 0 DMA32: 133*4kB (UME) 24*8kB (UME) 80*16kB (UME) 101*32kB (UME) 168*64kB (UME) 39*128kB (UM) 13*256kB (M) 6*512kB (UME) 6*1024kB (UM) 8*2048kB (UME) 331*4096kB (M) = 1405684kB
[  237.871804][T11147] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[  237.891870][T11147] Node 1 Normal: 221*4kB (UE) 55*8kB (UME) 47*16kB (UME) 246*32kB (UME) 104*64kB (UME) 41*128kB (UME) 13*256kB (UME) 5*512kB (UM) 6*1024kB (UME) 4*2048kB (UE) 944*4096kB (M) = 3908700kB
[  237.901772][T11174] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2051'.
[  237.912025][T11147] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  237.931829][T11147] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  237.941617][T11147] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  237.951783][T11147] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  237.967336][T11147] 41379 total pagecache pages
[  237.972248][T11147] 0 pages in swap cache
[  237.976445][T11147] Free swap  = 124996kB
[  237.981192][T11147] Total swap = 124996kB
[  237.985398][T11147] 2097051 pages RAM
[  237.989379][T11147] 0 pages HighMem/MovableOnly
[  237.994195][T11147] 427872 pages reserved
[  237.998449][T11147] 0 pages cma reserved
[  238.235653][T11176] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  238.451338][T11192] netlink: 188 bytes leftover after parsing attributes in process `syz.1.2059'.
[  238.483670][T11192] netlink: 'syz.1.2059': attribute type 1 has an invalid length.
[  238.515377][T11192] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2059'.
[  238.669313][    C0] Illegal XDP return value 16128 on prog  (id 269) dev vcan0, expect packet loss!
[  238.679736][T11203] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2063'.
[  238.704387][T11203] netlink: 'syz.1.2063': attribute type 3 has an invalid length.
[  238.726924][T11203] netlink: 766 bytes leftover after parsing attributes in process `syz.1.2063'.
[  239.219396][T11231] netlink: 188 bytes leftover after parsing attributes in process `syz.3.2073'.
[  239.231762][T11231] netlink: 'syz.3.2073': attribute type 1 has an invalid length.
[  239.241915][T11230] netlink: 'syz.2.2072': attribute type 29 has an invalid length.
[  239.310447][T11230] netlink: 'syz.2.2072': attribute type 29 has an invalid length.
[  239.339754][T11231] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2073'.
[  239.783633][T11259] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2078'.
[  239.799952][T11253] xt_CT: No such helper "netbios-ns"
[  239.811746][T11253] FAULT_INJECTION: forcing a failure.
[  239.811746][T11253] name failslab, interval 1, probability 0, space 0, times 0
[  239.880740][T11253] CPU: 0 UID: 0 PID: 11253 Comm: syz.0.2080 Not tainted 6.14.0-rc6-syzkaller-00104-g5f079290e591 #0
[  239.880771][T11253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  239.880794][T11253] Call Trace:
[  239.880801][T11253]  <TASK>
[  239.880810][T11253]  dump_stack_lvl+0x241/0x360
[  239.880853][T11253]  ? __pfx_dump_stack_lvl+0x10/0x10
[  239.880875][T11253]  ? __pfx__printk+0x10/0x10
[  239.880916][T11253]  ? __kmalloc_node_noprof+0xb9/0x4d0
[  239.880947][T11253]  ? __pfx___might_resched+0x10/0x10
[  239.880982][T11253]  should_fail_ex+0x40a/0x550
[  239.881019][T11253]  should_failslab+0xac/0x100
[  239.881051][T11253]  __kmalloc_node_noprof+0xe1/0x4d0
[  239.881090][T11253]  ? __kvmalloc_node_noprof+0x72/0x190
[  239.881128][T11253]  __kvmalloc_node_noprof+0x72/0x190
[  239.881161][T11253]  __nf_hook_entries_try_shrink+0x330/0x730
[  239.881198][T11253]  __nf_unregister_net_hook+0x5cf/0x800
[  239.881229][T11253]  nf_unregister_net_hooks+0xd0/0x140
[  239.881255][T11253]  nf_ct_netns_put+0x3bc/0x510
[  239.881281][T11253]  xt_ct_tg_check+0x8b2/0xc30
[  239.881334][T11253]  ? __pfx_xt_ct_tg_check+0x10/0x10
[  239.881364][T11253]  ? __mutex_unlock_slowpath+0x227/0x800
[  239.881400][T11253]  xt_check_target+0x3b9/0xa40
[  239.881434][T11253]  ? __pfx_xt_check_target+0x10/0x10
[  239.881478][T11253]  ? xt_find_target+0x1db/0x230
[  239.881513][T11253]  translate_table+0x19ea/0x2370
[  239.881579][T11253]  ? __pfx_translate_table+0x10/0x10
[  239.881612][T11253]  ? __might_fault+0xaa/0x120
[  239.881633][T11253]  ? __pfx_lock_release+0x10/0x10
[  239.881672][T11253]  ? __virt_addr_valid+0x183/0x530
[  239.881697][T11253]  ? __might_fault+0xc6/0x120
[  239.881724][T11253]  ? copy_from_sockptr_offset+0x6b/0xb0
[  239.881749][T11253]  do_ipt_set_ctl+0xe3d/0x1250
[  239.881785][T11253]  ? nf_setsockopt+0x240/0x2c0
[  239.881809][T11253]  ? do_ip_setsockopt+0x2824/0x3ae0
[  239.881843][T11253]  ? __pfx_do_ipt_set_ctl+0x10/0x10
[  239.881865][T11253]  ? rcu_is_watching+0x15/0xb0
[  239.881889][T11253]  ? trace_contention_end+0x3c/0x120
[  239.881924][T11253]  ? __mutex_unlock_slowpath+0x227/0x800
[  239.881966][T11253]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  239.882002][T11253]  ? aa_sk_perm+0x96d/0xab0
[  239.882038][T11253]  ? __pfx_aa_sk_perm+0x10/0x10
[  239.882073][T11253]  nf_setsockopt+0x295/0x2c0
[  239.882106][T11253]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  239.882135][T11253]  do_sock_setsockopt+0x3af/0x720
[  239.882162][T11253]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  239.882188][T11253]  ? __fget_files+0x395/0x410
[  239.882217][T11253]  ? __fget_files+0x2a/0x410
[  239.882258][T11253]  __x64_sys_setsockopt+0x1ee/0x280
[  239.882288][T11253]  do_syscall_64+0xf3/0x230
[  239.882318][T11253]  ? clear_bhb_loop+0x35/0x90
[  239.882348][T11253]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.882374][T11253] RIP: 0033:0x7fb37ed8d169
[  239.882391][T11253] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  239.882408][T11253] RSP: 002b:00007fb37fb77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  239.882429][T11253] RAX: ffffffffffffffda RBX: 00007fb37efa5fa0 RCX: 00007fb37ed8d169
[  239.882445][T11253] RDX: 0000000000000040 RSI: 0004000000000000 RDI: 0000000000000003
[  239.882458][T11253] RBP: 00007fb37fb77090 R08: 00000000000002b8 R09: 0000000000000000
[  239.882471][T11253] R10: 0000400000000780 R11: 0000000000000246 R12: 0000000000000002
[  239.882484][T11253] R13: 0000000000000000 R14: 00007fb37efa5fa0 R15: 00007ffea1dadac8
[  239.882517][T11253]  </TASK>
[  240.705419][T11277] bond0: option mode: unable to set because the bond device has slaves
[  240.776863][T11285] netlink: 'syz.0.2093': attribute type 11 has an invalid length.
[  240.786140][T11285] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2093'.
[  242.074789][T11353] xt_CT: No such helper "netbios-ns"
[  242.085015][T11353] FAULT_INJECTION: forcing a failure.
[  242.085015][T11353] name failslab, interval 1, probability 0, space 0, times 0
[  242.105681][T11353] CPU: 0 UID: 0 PID: 11353 Comm: syz.0.2122 Not tainted 6.14.0-rc6-syzkaller-00104-g5f079290e591 #0
[  242.105710][T11353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  242.105722][T11353] Call Trace:
[  242.105730][T11353]  <TASK>
[  242.105738][T11353]  dump_stack_lvl+0x241/0x360
[  242.105769][T11353]  ? __pfx_dump_stack_lvl+0x10/0x10
[  242.105791][T11353]  ? __pfx__printk+0x10/0x10
[  242.105815][T11353]  ? __kmalloc_node_noprof+0xb9/0x4d0
[  242.105846][T11353]  ? __pfx___might_resched+0x10/0x10
[  242.105885][T11353]  should_fail_ex+0x40a/0x550
[  242.105924][T11353]  should_failslab+0xac/0x100
[  242.105954][T11353]  __kmalloc_node_noprof+0xe1/0x4d0
[  242.105983][T11353]  ? __kvmalloc_node_noprof+0x72/0x190
[  242.106023][T11353]  __kvmalloc_node_noprof+0x72/0x190
[  242.106069][T11353]  __nf_hook_entries_try_shrink+0x330/0x730
[  242.106105][T11353]  __nf_unregister_net_hook+0x5cf/0x800
[  242.106137][T11353]  nf_unregister_net_hooks+0xd0/0x140
[  242.106163][T11353]  nf_ct_netns_put+0x3bc/0x510
[  242.106189][T11353]  xt_ct_tg_check+0x8b2/0xc30
[  242.106223][T11353]  ? __pfx_xt_ct_tg_check+0x10/0x10
[  242.106252][T11353]  ? __mutex_unlock_slowpath+0x227/0x800
[  242.106287][T11353]  xt_check_target+0x3b9/0xa40
[  242.106320][T11353]  ? __pfx_xt_check_target+0x10/0x10
[  242.106362][T11353]  ? xt_find_target+0x1db/0x230
[  242.106395][T11353]  translate_table+0x19ea/0x2370
[  242.106459][T11353]  ? __pfx_translate_table+0x10/0x10
[  242.106493][T11353]  ? __might_fault+0xaa/0x120
[  242.106513][T11353]  ? __pfx_lock_release+0x10/0x10
[  242.106550][T11353]  ? __virt_addr_valid+0x183/0x530
[  242.106575][T11353]  ? __might_fault+0xc6/0x120
[  242.106602][T11353]  ? copy_from_sockptr_offset+0x6b/0xb0
[  242.106626][T11353]  do_ipt_set_ctl+0xe3d/0x1250
[  242.106653][T11353]  ? nf_setsockopt+0x240/0x2c0
[  242.106679][T11353]  ? do_ip_setsockopt+0x2824/0x3ae0
[  242.106711][T11353]  ? __pfx_do_ipt_set_ctl+0x10/0x10
[  242.106733][T11353]  ? rcu_is_watching+0x15/0xb0
[  242.106756][T11353]  ? trace_contention_end+0x3c/0x120
[  242.106790][T11353]  ? __mutex_unlock_slowpath+0x227/0x800
[  242.106829][T11353]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  242.106857][T11353]  ? aa_sk_perm+0x96d/0xab0
[  242.106902][T11353]  ? __pfx_aa_sk_perm+0x10/0x10
[  242.106935][T11353]  nf_setsockopt+0x295/0x2c0
[  242.106966][T11353]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  242.106995][T11353]  do_sock_setsockopt+0x3af/0x720
[  242.107022][T11353]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  242.107049][T11353]  ? __fget_files+0x395/0x410
[  242.107075][T11353]  ? __fget_files+0x2a/0x410
[  242.107113][T11353]  __x64_sys_setsockopt+0x1ee/0x280
[  242.107140][T11353]  do_syscall_64+0xf3/0x230
[  242.107170][T11353]  ? clear_bhb_loop+0x35/0x90
[  242.107200][T11353]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  242.107227][T11353] RIP: 0033:0x7fb37ed8d169
[  242.107245][T11353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  242.107261][T11353] RSP: 002b:00007fb37fb77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  242.107281][T11353] RAX: ffffffffffffffda RBX: 00007fb37efa5fa0 RCX: 00007fb37ed8d169
[  242.107295][T11353] RDX: 0000000000000040 RSI: 0004000000000000 RDI: 0000000000000003
[  242.107307][T11353] RBP: 00007fb37fb77090 R08: 00000000000002b8 R09: 0000000000000000
[  242.107320][T11353] R10: 0000400000000780 R11: 0000000000000246 R12: 0000000000000002
[  242.107332][T11353] R13: 0000000000000000 R14: 00007fb37efa5fa0 R15: 00007ffea1dadac8
[  242.107364][T11353]  </TASK>
[  243.238725][T11395] netlink: 'syz.2.2135': attribute type 11 has an invalid length.
[  243.246812][T11395] __nla_validate_parse: 3 callbacks suppressed
[  243.246829][T11395] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2135'.
[  243.486726][T11405] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2138'.
[  245.042548][T11428] netlink: 168 bytes leftover after parsing attributes in process `syz.0.2147'.
[  245.096880][T11428] netlink: 'syz.0.2147': attribute type 1 has an invalid length.
[  245.164007][T11430] netlink: 165 bytes leftover after parsing attributes in process `syz.3.2150'.
[  245.278298][T11442] netlink: 'syz.1.2154': attribute type 4 has an invalid length.
[  245.314507][T11442] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2154'.
[  245.365439][T11449] netlink: 256 bytes leftover after parsing attributes in process `syz.0.2155'.
[  245.561673][T11458] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2158'.
[  245.578503][T11458] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2158'.
[  245.715846][T11468] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2162'.
[  245.835838][T11471] netlink: 168 bytes leftover after parsing attributes in process `syz.2.2163'.
[  245.852417][T11471] netlink: 'syz.2.2163': attribute type 1 has an invalid length.
[  245.999829][T11481] openvswitch: netlink: Key 32 has unexpected len 0 expected 2
[  246.010911][T11478] veth1_vlan: left promiscuous mode
[  246.037329][T11478] macvlan1: entered allmulticast mode
[  246.065500][T11481] netlink: 'syz.1.2167': attribute type 2 has an invalid length.
[  246.096667][T11478] syzkaller0: mtu less than device minimum
[  246.561887][T11517] x_tables: ip6_tables: REDIRECT target: used from hooks INPUT, but only usable from PREROUTING/OUTPUT
[  246.722828][T11522] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  246.917252][T11533] netlink: 'syz.2.2184': attribute type 11 has an invalid length.
[  246.935101][T11535] FAULT_INJECTION: forcing a failure.
[  246.935101][T11535] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  246.968616][T11535] CPU: 0 UID: 0 PID: 11535 Comm: syz.3.2185 Not tainted 6.14.0-rc6-syzkaller-00104-g5f079290e591 #0
[  246.968645][T11535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  246.968657][T11535] Call Trace:
[  246.968664][T11535]  <TASK>
[  246.968672][T11535]  dump_stack_lvl+0x241/0x360
[  246.968702][T11535]  ? __pfx_dump_stack_lvl+0x10/0x10
[  246.968725][T11535]  ? __pfx__printk+0x10/0x10
[  246.968751][T11535]  ? snprintf+0xda/0x120
[  246.968778][T11535]  should_fail_ex+0x40a/0x550
[  246.968813][T11535]  _copy_to_user+0x31/0xb0
[  246.968843][T11535]  simple_read_from_buffer+0xca/0x150
[  246.968875][T11535]  proc_fail_nth_read+0x1e9/0x250
[  246.968908][T11535]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  246.968941][T11535]  ? rw_verify_area+0x243/0x630
[  246.968961][T11535]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  246.968991][T11535]  vfs_read+0x1f8/0xb40
[  246.969012][T11535]  ? fdget_pos+0x254/0x320
[  246.969042][T11535]  ? __pfx___mutex_lock+0x10/0x10
[  246.969072][T11535]  ? __pfx_vfs_read+0x10/0x10
[  246.969096][T11535]  ? __fget_files+0x2a/0x410
[  246.969126][T11535]  ? __fget_files+0x395/0x410
[  246.969153][T11535]  ? __fget_files+0x2a/0x410
[  246.969190][T11535]  ksys_read+0x18f/0x2b0
[  246.969214][T11535]  ? __pfx_ksys_read+0x10/0x10
[  246.969234][T11535]  ? do_syscall_64+0x100/0x230
[  246.969268][T11535]  ? do_syscall_64+0xb6/0x230
[  246.969300][T11535]  do_syscall_64+0xf3/0x230
[  246.969340][T11535]  ? clear_bhb_loop+0x35/0x90
[  246.969372][T11535]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.969398][T11535] RIP: 0033:0x7f267738bb7c
[  246.969415][T11535] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  246.969431][T11535] RSP: 002b:00007f267826a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  246.969451][T11535] RAX: ffffffffffffffda RBX: 00007f26775a5fa0 RCX: 00007f267738bb7c
[  246.969466][T11535] RDX: 000000000000000f RSI: 00007f267826a0a0 RDI: 0000000000000004
[  246.969478][T11535] RBP: 00007f267826a090 R08: 0000000000000000 R09: 0000000000000000
[  246.969490][T11535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  246.969503][T11535] R13: 0000000000000000 R14: 00007f26775a5fa0 R15: 00007ffef83df9f8
[  246.969532][T11535]  </TASK>
[  247.438879][T11548] geneve2: entered promiscuous mode
[  247.456549][T11548] geneve2: entered allmulticast mode
[  247.763931][T11563] xt_CT: No such helper "netbios-ns"
[  248.399229][T11580] __nla_validate_parse: 6 callbacks suppressed
[  248.399261][T11580] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2201'.
[  249.280449][T11559] bridge0: port 3(team0) entered disabled state
[  249.293809][T11559] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  249.315464][T11564] mac80211_hwsim hwsim4 syzkaller0: left promiscuous mode
[  249.323292][T11564] mac80211_hwsim hwsim4 syzkaller0: left allmulticast mode
[  249.905566][T11606] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2208'.
[  250.143064][T11614] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2213'.
[  250.328690][T11621] netlink: 168 bytes leftover after parsing attributes in process `syz.3.2214'.
[  250.351826][T11621] netlink: 'syz.3.2214': attribute type 1 has an invalid length.
[  250.353107][T11625] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2216'.
[  250.602842][T11642] netlink: 256 bytes leftover after parsing attributes in process `syz.1.2220'.
[  250.636354][T11645] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2217'.
[  250.779999][T11650] netlink: 'syz.1.2222': attribute type 33 has an invalid length.
[  250.830276][T11652] xt_CT: You must specify a L4 protocol and not use inversions on it
[  251.567093][T11659] xt_CT: No such helper "netbios-ns"
[  251.573287][T11659] FAULT_INJECTION: forcing a failure.
[  251.573287][T11659] name failslab, interval 1, probability 0, space 0, times 0
[  251.586634][T11659] CPU: 1 UID: 0 PID: 11659 Comm: syz.3.2224 Not tainted 6.14.0-rc6-syzkaller-00104-g5f079290e591 #0
[  251.586661][T11659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  251.586673][T11659] Call Trace:
[  251.586680][T11659]  <TASK>
[  251.586688][T11659]  dump_stack_lvl+0x241/0x360
[  251.586719][T11659]  ? __pfx_dump_stack_lvl+0x10/0x10
[  251.586742][T11659]  ? __pfx__printk+0x10/0x10
[  251.586765][T11659]  ? __kmalloc_node_noprof+0xb9/0x4d0
[  251.586796][T11659]  ? __pfx___might_resched+0x10/0x10
[  251.586827][T11659]  should_fail_ex+0x40a/0x550
[  251.586864][T11659]  should_failslab+0xac/0x100
[  251.586893][T11659]  __kmalloc_node_noprof+0xe1/0x4d0
[  251.586921][T11659]  ? __kvmalloc_node_noprof+0x72/0x190
[  251.586977][T11659]  __kvmalloc_node_noprof+0x72/0x190
[  251.587012][T11659]  __nf_hook_entries_try_shrink+0x330/0x730
[  251.587051][T11659]  __nf_unregister_net_hook+0x5cf/0x800
[  251.587083][T11659]  nf_unregister_net_hooks+0xd0/0x140
[  251.587110][T11659]  nf_defrag_ipv4_disable+0x97/0xe0
[  251.587142][T11659]  nf_ct_netns_put+0x3c4/0x510
[  251.587168][T11659]  xt_ct_tg_check+0x8b2/0xc30
[  251.587205][T11659]  ? __pfx_xt_ct_tg_check+0x10/0x10
[  251.587236][T11659]  ? __mutex_unlock_slowpath+0x227/0x800
[  251.587279][T11659]  xt_check_target+0x3b9/0xa40
[  251.587313][T11659]  ? __pfx_xt_check_target+0x10/0x10
[  251.587358][T11659]  ? xt_find_target+0x1db/0x230
[  251.587392][T11659]  translate_table+0x19ea/0x2370
[  251.587471][T11659]  ? __pfx_translate_table+0x10/0x10
[  251.587503][T11659]  ? __might_fault+0xaa/0x120
[  251.587524][T11659]  ? __pfx_lock_release+0x10/0x10
[  251.587561][T11659]  ? __virt_addr_valid+0x183/0x530
[  251.587585][T11659]  ? __might_fault+0xc6/0x120
[  251.587629][T11659]  ? copy_from_sockptr_offset+0x6b/0xb0
[  251.587655][T11659]  do_ipt_set_ctl+0xe3d/0x1250
[  251.587682][T11659]  ? nf_setsockopt+0x240/0x2c0
[  251.587706][T11659]  ? do_ip_setsockopt+0x2824/0x3ae0
[  251.587737][T11659]  ? __pfx_do_ipt_set_ctl+0x10/0x10
[  251.587759][T11659]  ? rcu_is_watching+0x15/0xb0
[  251.587783][T11659]  ? trace_contention_end+0x3c/0x120
[  251.587818][T11659]  ? __mutex_unlock_slowpath+0x227/0x800
[  251.587861][T11659]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  251.587891][T11659]  ? aa_sk_perm+0x96d/0xab0
[  251.587929][T11659]  ? __pfx_aa_sk_perm+0x10/0x10
[  251.587963][T11659]  nf_setsockopt+0x295/0x2c0
[  251.587995][T11659]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  251.588026][T11659]  do_sock_setsockopt+0x3af/0x720
[  251.588054][T11659]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  251.588081][T11659]  ? __fget_files+0x395/0x410
[  251.588111][T11659]  ? __fget_files+0x2a/0x410
[  251.588151][T11659]  __x64_sys_setsockopt+0x1ee/0x280
[  251.588181][T11659]  do_syscall_64+0xf3/0x230
[  251.588212][T11659]  ? clear_bhb_loop+0x35/0x90
[  251.588246][T11659]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.588281][T11659] RIP: 0033:0x7f267738d169
[  251.588305][T11659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  251.588322][T11659] RSP: 002b:00007f267826a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  251.588344][T11659] RAX: ffffffffffffffda RBX: 00007f26775a5fa0 RCX: 00007f267738d169
[  251.588359][T11659] RDX: 0000000000000040 RSI: 0004000000000000 RDI: 0000000000000003
[  251.588372][T11659] RBP: 00007f267826a090 R08: 00000000000002b8 R09: 0000000000000000
[  251.588384][T11659] R10: 0000400000000780 R11: 0000000000000246 R12: 0000000000000002
[  251.588397][T11659] R13: 0000000000000000 R14: 00007f26775a5fa0 R15: 00007ffef83df9f8
[  251.588430][T11659]  </TASK>
[  252.829729][T11667] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2226'.
[  252.855885][T11672] netlink: 'syz.4.2229': attribute type 2 has an invalid length.
[  252.881452][T11672] netlink: 244 bytes leftover after parsing attributes in process `syz.4.2229'.
[  252.977473][T11682] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2232'.
[  253.352814][T11706] sch_tbf: burst 4398 is lower than device lo mtu (39799) !
[  253.510229][T11713] __nla_validate_parse: 1 callbacks suppressed
[  253.510257][T11713] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2242'.
[  253.679937][T11722] netlink: 'syz.0.2244': attribute type 8 has an invalid length.
[  253.763334][T11728] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2245'.
[  253.856529][T11733] netlink: 256 bytes leftover after parsing attributes in process `syz.0.2248'.
[  254.103375][T11746] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  254.321237][T11762] netlink: 168 bytes leftover after parsing attributes in process `syz.4.2258'.
[  254.344312][T11762] netlink: 'syz.4.2258': attribute type 1 has an invalid length.
[  254.567937][T11776] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  254.594576][T11767] xt_CT: No such helper "netbios-ns"
[  254.609884][T11767] FAULT_INJECTION: forcing a failure.
[  254.609884][T11767] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  254.659793][T11767] CPU: 0 UID: 0 PID: 11767 Comm: syz.0.2261 Not tainted 6.14.0-rc6-syzkaller-00104-g5f079290e591 #0
[  254.659823][T11767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  254.659836][T11767] Call Trace:
[  254.659843][T11767]  <TASK>
[  254.659851][T11767]  dump_stack_lvl+0x241/0x360
[  254.659882][T11767]  ? __pfx_dump_stack_lvl+0x10/0x10
[  254.659905][T11767]  ? __pfx__printk+0x10/0x10
[  254.659932][T11767]  ? snprintf+0xda/0x120
[  254.659959][T11767]  should_fail_ex+0x40a/0x550
[  254.659995][T11767]  _copy_to_user+0x31/0xb0
[  254.660025][T11767]  simple_read_from_buffer+0xca/0x150
[  254.660064][T11767]  proc_fail_nth_read+0x1e9/0x250
[  254.660097][T11767]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  254.660129][T11767]  ? rw_verify_area+0x243/0x630
[  254.660150][T11767]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  254.660181][T11767]  vfs_read+0x1f8/0xb40
[  254.660203][T11767]  ? fdget_pos+0x254/0x320
[  254.660235][T11767]  ? __pfx___mutex_lock+0x10/0x10
[  254.660266][T11767]  ? __pfx_vfs_read+0x10/0x10
[  254.660291][T11767]  ? __fget_files+0x2a/0x410
[  254.660323][T11767]  ? __fget_files+0x395/0x410
[  254.660351][T11767]  ? __fget_files+0x2a/0x410
[  254.660390][T11767]  ksys_read+0x18f/0x2b0
[  254.660414][T11767]  ? __pfx_ksys_read+0x10/0x10
[  254.660437][T11767]  ? do_syscall_64+0x100/0x230
[  254.660470][T11767]  ? do_syscall_64+0xb6/0x230
[  254.660503][T11767]  do_syscall_64+0xf3/0x230
[  254.660533][T11767]  ? clear_bhb_loop+0x35/0x90
[  254.660565][T11767]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.660592][T11767] RIP: 0033:0x7fb37ed8bb7c
[  254.660610][T11767] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  254.660627][T11767] RSP: 002b:00007fb37fb77030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  254.660648][T11767] RAX: ffffffffffffffda RBX: 00007fb37efa5fa0 RCX: 00007fb37ed8bb7c
[  254.660662][T11767] RDX: 000000000000000f RSI: 00007fb37fb770a0 RDI: 0000000000000004
[  254.660674][T11767] RBP: 00007fb37fb77090 R08: 0000000000000000 R09: 0000000000000000
[  254.660686][T11767] R10: 0000400000000780 R11: 0000000000000246 R12: 0000000000000002
[  254.660699][T11767] R13: 0000000000000000 R14: 00007fb37efa5fa0 R15: 00007ffea1dadac8
[  254.660730][T11767]  </TASK>
[  254.935722][T11783] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2265'.
[  254.951894][T11783] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2265'.
[  255.065812][T11787] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  255.128978][T11794] FAULT_INJECTION: forcing a failure.
[  255.128978][T11794] name failslab, interval 1, probability 0, space 0, times 0
[  255.229966][T11794] CPU: 0 UID: 0 PID: 11794 Comm: syz.3.2271 Not tainted 6.14.0-rc6-syzkaller-00104-g5f079290e591 #0
[  255.229997][T11794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  255.230009][T11794] Call Trace:
[  255.230016][T11794]  <TASK>
[  255.230025][T11794]  dump_stack_lvl+0x241/0x360
[  255.230062][T11794]  ? __pfx_dump_stack_lvl+0x10/0x10
[  255.230084][T11794]  ? __pfx__printk+0x10/0x10
[  255.230106][T11794]  ? __kmalloc_noprof+0xb5/0x4c0
[  255.230136][T11794]  ? __pfx___might_resched+0x10/0x10
[  255.230161][T11794]  ? aa_get_newest_label+0xff/0x6f0
[  255.230198][T11794]  should_fail_ex+0x40a/0x550
[  255.230233][T11794]  should_failslab+0xac/0x100
[  255.230264][T11794]  __kmalloc_noprof+0xdd/0x4c0
[  255.230291][T11794]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  255.230320][T11794]  ? apparmor_capable+0x13b/0x1b0
[  255.230348][T11794]  genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  255.230388][T11794]  genl_rcv_msg+0x80b/0xec0
[  255.230427][T11794]  ? __pfx_genl_rcv_msg+0x10/0x10
[  255.230485][T11794]  ? __pfx_lock_acquire+0x10/0x10
[  255.230516][T11794]  ? __pfx_ieee802154_llsec_add_dev+0x10/0x10
[  255.230550][T11794]  ? __pfx___might_resched+0x10/0x10
[  255.230589][T11794]  netlink_rcv_skb+0x206/0x480
[  255.230614][T11794]  ? __pfx_genl_rcv_msg+0x10/0x10
[  255.230644][T11794]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  255.230703][T11794]  genl_rcv+0x28/0x40
[  255.230729][T11794]  netlink_unicast+0x7f6/0x990
[  255.230760][T11794]  ? __pfx_netlink_unicast+0x10/0x10
[  255.230779][T11794]  ? __virt_addr_valid+0x45f/0x530
[  255.230800][T11794]  ? __phys_addr_symbol+0x2f/0x70
[  255.230818][T11794]  ? __check_object_size+0x47a/0x730
[  255.230851][T11794]  netlink_sendmsg+0x8de/0xcb0
[  255.230889][T11794]  ? __pfx_netlink_sendmsg+0x10/0x10
[  255.230920][T11794]  ? aa_sock_msg_perm+0x91/0x160
[  255.230957][T11794]  ? __pfx_netlink_sendmsg+0x10/0x10
[  255.230979][T11794]  __sock_sendmsg+0x221/0x270
[  255.231010][T11794]  ____sys_sendmsg+0x53a/0x860
[  255.231048][T11794]  ? __pfx_____sys_sendmsg+0x10/0x10
[  255.231069][T11794]  ? __fget_files+0x2a/0x410
[  255.231103][T11794]  ? __fget_files+0x2a/0x410
[  255.231143][T11794]  __sys_sendmsg+0x269/0x350
[  255.231169][T11794]  ? __pfx___sys_sendmsg+0x10/0x10
[  255.231206][T11794]  ? do_sys_openat2+0x17a/0x1d0
[  255.231265][T11794]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  255.231298][T11794]  ? do_syscall_64+0x100/0x230
[  255.231332][T11794]  ? do_syscall_64+0xb6/0x230
[  255.231364][T11794]  do_syscall_64+0xf3/0x230
[  255.231394][T11794]  ? clear_bhb_loop+0x35/0x90
[  255.231426][T11794]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.231454][T11794] RIP: 0033:0x7f267738d169
[  255.231473][T11794] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  255.231490][T11794] RSP: 002b:00007f2678249038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  255.231510][T11794] RAX: ffffffffffffffda RBX: 00007f26775a6080 RCX: 00007f267738d169
[  255.231524][T11794] RDX: 0000000000000000 RSI: 0000400000000280 RDI: 0000000000000004
[  255.231548][T11794] RBP: 00007f2678249090 R08: 0000000000000000 R09: 0000000000000000
[  255.231560][T11794] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  255.231571][T11794] R13: 0000000000000001 R14: 00007f26775a6080 R15: 00007ffef83df9f8
[  255.231600][T11794]  </TASK>
[  255.636311][T11804] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2275'.
[  255.665187][T11804] netlink: 21 bytes leftover after parsing attributes in process `syz.4.2275'.
[  255.880700][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  255.940816][T11823] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2281'.
[  256.120265][T11830] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2283'.
[  256.193976][T11839] netlink: 'syz.4.2285': attribute type 1 has an invalid length.
[  256.926343][T11882] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  257.086859][T11889] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  257.112089][T11889] netdevsim netdevsim3 netdevsim0: left promiscuous mode
[  257.222731][T11896] tipc: Enabled bearer <udp:s>, priority 10
[  257.768815][T11927] batman_adv: batadv0: Adding interface: dummy0
[  257.788257][T11927] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  257.831092][T11931] netlink: 'syz.3.2310': attribute type 1 has an invalid length.
[  257.859607][T11927] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active
[  257.872713][T11932] sch_tbf: burst 4398 is lower than device lo mtu (39799) !
[  258.140230][T11956] FAULT_INJECTION: forcing a failure.
[  258.140230][T11956] name failslab, interval 1, probability 0, space 0, times 0
[  258.211541][T11956] CPU: 0 UID: 0 PID: 11956 Comm: syz.3.2316 Not tainted 6.14.0-rc6-syzkaller-00104-g5f079290e591 #0
[  258.211570][T11956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  258.211583][T11956] Call Trace:
[  258.211599][T11956]  <TASK>
[  258.211607][T11956]  dump_stack_lvl+0x241/0x360
[  258.211638][T11956]  ? __pfx_dump_stack_lvl+0x10/0x10
[  258.211661][T11956]  ? __pfx__printk+0x10/0x10
[  258.211683][T11956]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  258.211716][T11956]  ? __pfx___might_resched+0x10/0x10
[  258.211749][T11956]  should_fail_ex+0x40a/0x550
[  258.211786][T11956]  should_failslab+0xac/0x100
[  258.211817][T11956]  kmem_cache_alloc_node_noprof+0x77/0x380
[  258.211845][T11956]  ? __alloc_skb+0x1c3/0x440
[  258.211883][T11956]  __alloc_skb+0x1c3/0x440
[  258.211919][T11956]  ? __pfx___alloc_skb+0x10/0x10
[  258.211958][T11956]  ? netlink_ack_tlv_len+0x6e/0x200
[  258.211986][T11956]  netlink_ack+0x145/0xa60
[  258.212007][T11956]  ? __pfx_lock_acquire+0x10/0x10
[  258.212038][T11956]  ? __pfx_ieee802154_llsec_add_dev+0x10/0x10
[  258.212073][T11956]  ? __pfx___might_resched+0x10/0x10
[  258.212111][T11956]  netlink_rcv_skb+0x294/0x480
[  258.212136][T11956]  ? __pfx_genl_rcv_msg+0x10/0x10
[  258.212169][T11956]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  258.212237][T11956]  genl_rcv+0x28/0x40
[  258.212264][T11956]  netlink_unicast+0x7f6/0x990
[  258.212295][T11956]  ? __pfx_netlink_unicast+0x10/0x10
[  258.212313][T11956]  ? __virt_addr_valid+0x45f/0x530
[  258.212334][T11956]  ? __phys_addr_symbol+0x2f/0x70
[  258.212352][T11956]  ? __check_object_size+0x47a/0x730
[  258.212384][T11956]  netlink_sendmsg+0x8de/0xcb0
[  258.212422][T11956]  ? __pfx_netlink_sendmsg+0x10/0x10
[  258.212452][T11956]  ? aa_sock_msg_perm+0x91/0x160
[  258.212489][T11956]  ? __pfx_netlink_sendmsg+0x10/0x10
[  258.212512][T11956]  __sock_sendmsg+0x221/0x270
[  258.212542][T11956]  ____sys_sendmsg+0x53a/0x860
[  258.212577][T11956]  ? __pfx_____sys_sendmsg+0x10/0x10
[  258.212604][T11956]  ? __fget_files+0x2a/0x410
[  258.212638][T11956]  ? __fget_files+0x2a/0x410
[  258.212678][T11956]  __sys_sendmsg+0x269/0x350
[  258.212705][T11956]  ? __pfx___sys_sendmsg+0x10/0x10
[  258.212742][T11956]  ? do_sys_openat2+0x17a/0x1d0
[  258.212801][T11956]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  258.212834][T11956]  ? do_syscall_64+0x100/0x230
[  258.212869][T11956]  ? do_syscall_64+0xb6/0x230
[  258.212902][T11956]  do_syscall_64+0xf3/0x230
[  258.212932][T11956]  ? clear_bhb_loop+0x35/0x90
[  258.212964][T11956]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  258.212991][T11956] RIP: 0033:0x7f267738d169
[  258.213009][T11956] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  258.213026][T11956] RSP: 002b:00007f2678249038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  258.213048][T11956] RAX: ffffffffffffffda RBX: 00007f26775a6080 RCX: 00007f267738d169
[  258.213063][T11956] RDX: 0000000000000000 RSI: 0000400000000280 RDI: 0000000000000004
[  258.213076][T11956] RBP: 00007f2678249090 R08: 0000000000000000 R09: 0000000000000000
[  258.213088][T11956] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  258.213099][T11956] R13: 0000000000000001 R14: 00007f26775a6080 R15: 00007ffef83df9f8
[  258.213131][T11956]  </TASK>
[  258.562059][T11965] __nla_validate_parse: 10 callbacks suppressed
[  258.562079][T11965] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2317'.
[  258.619496][T11968] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2318'.
[  258.635337][T11968] netlink: 'syz.2.2318': attribute type 7 has an invalid length.
[  258.643736][T11968] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2318'.
[  258.826920][T11977] IPVS: length: 8 != 1152
[  259.096577][T12000] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2327'.
[  259.301958][T12017] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2330'.
[  259.739875][T12041] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2337'.
[  259.824076][T12045] netlink: 'syz.3.2338': attribute type 1 has an invalid length.
[  259.855120][T12047] batman_adv: batadv0: Interface deactivated: dummy0
[  259.907825][T12045] 8021q: adding VLAN 0 to HW filter on device bond2
[  259.942443][T12049] bond2: (slave gretap1): making interface the new active one
[  259.971092][T12049] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  259.973323][T12051] netlink: 168 bytes leftover after parsing attributes in process `syz.4.2340'.
[  259.995227][T12051] netlink: 'syz.4.2340': attribute type 1 has an invalid length.
[  260.006764][T12051] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2340'.
[  260.019830][T12054] sch_tbf: burst 4398 is lower than device lo mtu (39799) !
[  260.390614][T12073] netlink: 43 bytes leftover after parsing attributes in process `syz.4.2349'.
[  260.486549][T12084] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2352'.
[  260.584992][T12088] bridge0: port 1(bridge_slave_0) entered blocking state
[  260.593348][T12088] bridge0: port 1(bridge_slave_0) entered listening state
[  260.621442][T12088] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  260.732163][T12091] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  260.764370][T12089] xt_CT: No such helper "netbios-ns"
[  260.817820][T12093] openvswitch: netlink: Flow actions attr not present in new flow.
[  260.967710][T12104] netlink: 'syz.3.2360': attribute type 11 has an invalid length.
[  261.277379][T12122] netlink: 'syz.2.2366': attribute type 2 has an invalid length.
[  261.764476][T12130] syzkaller0: entered promiscuous mode
[  261.770219][T12130] syzkaller0: entered allmulticast mode
[  263.516794][T12155] netlink: 'syz.4.2378': attribute type 2 has an invalid length.
[  263.706619][T12186] (unnamed net_device) (uninitialized): up delay (5) is not a multiple of miimon (4), value rounded to 4 ms
[  263.745306][T12191] __nla_validate_parse: 1 callbacks suppressed
[  263.745328][T12191] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2387'.
[  263.850792][T12187] Cannot find add_set index 4 as target
[  263.936930][T12199] virt_wifi0: mtu less than device minimum
[  264.072797][T12206] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2393'.
[  264.194676][T12209] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2394'.
[  264.277642][T12206] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2393'.
[  264.524161][T12215] syzkaller0: entered promiscuous mode
[  264.539852][T12215] syzkaller0: entered allmulticast mode
[  264.729107][T12235] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2398'.
[  266.222639][T12247] virt_wifi0: mtu less than device minimum
[  266.356441][T12251] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2403'.
[  266.553037][T12264] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2408'.
[  266.782604][T12271] batman_adv: batadv0: Adding interface: dummy0
[  266.800927][T12271] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  266.835203][T12271] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active
[  267.006404][T12281] virt_wifi0: mtu less than device minimum
[  267.429488][T12299] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2423'.
[  267.642253][T12298] openvswitch: netlink: Flow actions attr not present in new flow.
[  267.819339][T12311] netlink: 'syz.2.2428': attribute type 2 has an invalid length.
[  267.869344][T12314] netlink: 'syz.3.2429': attribute type 1 has an invalid length.
[  267.954308][T12320] bond3: (slave vti1): The slave device specified does not support setting the MAC address
[  267.976080][T12320] bond3: (slave vti1): Setting fail_over_mac to active for active-backup mode
[  267.990164][T12320] bond3: (slave vti1): making interface the new active one
[  267.999179][T12320] bond3: (slave vti1): Enslaving as an active interface with an up link
[  268.007616][T12321] sch_tbf: burst 4398 is lower than device lo mtu (39799) !
[  268.124090][T12327] netlink: 'syz.2.2433': attribute type 1 has an invalid length.
[  268.215461][T12334] FAULT_INJECTION: forcing a failure.
[  268.215461][T12334] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  268.235799][T12334] CPU: 0 UID: 0 PID: 12334 Comm: syz.3.2437 Not tainted 6.14.0-rc6-syzkaller-00104-g5f079290e591 #0
[  268.235828][T12334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  268.235841][T12334] Call Trace:
[  268.235848][T12334]  <TASK>
[  268.235857][T12334]  dump_stack_lvl+0x241/0x360
[  268.235888][T12334]  ? __pfx_dump_stack_lvl+0x10/0x10
[  268.235921][T12334]  ? __pfx__printk+0x10/0x10
[  268.235945][T12334]  ? __pfx_lock_release+0x10/0x10
[  268.235985][T12334]  should_fail_ex+0x40a/0x550
[  268.236022][T12334]  _copy_from_user+0x2d/0xb0
[  268.236051][T12334]  copy_msghdr_from_user+0xae/0x680
[  268.236098][T12334]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  268.236123][T12334]  ? __fget_files+0x2a/0x410
[  268.236157][T12334]  ? __fget_files+0x2a/0x410
[  268.236196][T12334]  __sys_sendmsg+0x209/0x350
[  268.236222][T12334]  ? __pfx___sys_sendmsg+0x10/0x10
[  268.236258][T12334]  ? do_sys_openat2+0x17a/0x1d0
[  268.236314][T12334]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  268.236347][T12334]  ? do_syscall_64+0x100/0x230
[  268.236381][T12334]  ? do_syscall_64+0xb6/0x230
[  268.236413][T12334]  do_syscall_64+0xf3/0x230
[  268.236443][T12334]  ? clear_bhb_loop+0x35/0x90
[  268.236475][T12334]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.236502][T12334] RIP: 0033:0x7f267738d169
[  268.236520][T12334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  268.236536][T12334] RSP: 002b:00007f267826a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  268.236557][T12334] RAX: ffffffffffffffda RBX: 00007f26775a5fa0 RCX: 00007f267738d169
[  268.236572][T12334] RDX: 0000000000000800 RSI: 0000400000000100 RDI: 0000000000000003
[  268.236584][T12334] RBP: 00007f267826a090 R08: 0000000000000000 R09: 0000000000000000
[  268.236596][T12334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  268.236608][T12334] R13: 0000000000000000 R14: 00007f26775a5fa0 R15: 00007ffef83df9f8
[  268.236637][T12334]  </TASK>
[  268.487518][T12336] netlink: 168 bytes leftover after parsing attributes in process `syz.1.2439'.
[  268.497226][T12336] netlink: 'syz.1.2439': attribute type 1 has an invalid length.
[  268.505927][T12336] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2439'.
[  268.654246][T12344] netlink: 'syz.3.2444': attribute type 11 has an invalid length.
[  268.778162][T12354] openvswitch: netlink: Flow actions attr not present in new flow.
[  268.786552][T12355] openvswitch: netlink: Flow actions attr not present in new flow.
[  269.292415][T12385] __nla_validate_parse: 1 callbacks suppressed
[  269.292436][T12385] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2461'.
[  269.333795][T12388] xt_l2tp: v2 doesn't support IP mode
[  269.521244][T12395] netlink: 'syz.0.2465': attribute type 5 has an invalid length.
[  269.552990][T12400] netlink: 'syz.0.2465': attribute type 5 has an invalid length.
[  269.629370][T12407] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2464'.
[  269.651013][T12407] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2464'.
[  269.691259][T12412] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2466'.
[  269.940385][T12420] FAULT_INJECTION: forcing a failure.
[  269.940385][T12420] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  269.964587][T12422] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2471'.
[  269.973736][T12420] CPU: 1 UID: 0 PID: 12420 Comm: syz.3.2473 Not tainted 6.14.0-rc6-syzkaller-00104-g5f079290e591 #0
[  269.973761][T12420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  269.973774][T12420] Call Trace:
[  269.973781][T12420]  <TASK>
[  269.973796][T12420]  dump_stack_lvl+0x241/0x360
[  269.973825][T12420]  ? __pfx_dump_stack_lvl+0x10/0x10
[  269.973848][T12420]  ? __pfx__printk+0x10/0x10
[  269.973872][T12420]  ? __pfx_lock_release+0x10/0x10
[  269.973902][T12420]  ? __lock_acquire+0x1397/0x2100
[  269.973940][T12420]  should_fail_ex+0x40a/0x550
[  269.973976][T12420]  _copy_from_user+0x2d/0xb0
[  269.974005][T12420]  kstrtouint_from_user+0xc6/0x190
[  269.974039][T12420]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  269.974066][T12420]  ? __pfx_lock_acquire+0x10/0x10
[  269.974108][T12420]  proc_fail_nth_write+0xaa/0x2d0
[  269.974137][T12420]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  269.974164][T12420]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  269.974199][T12420]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  269.974230][T12420]  vfs_write+0x29f/0xd10
[  269.974254][T12420]  ? fdget_pos+0x254/0x320
[  269.974282][T12420]  ? __mutex_unlock_slowpath+0x227/0x800
[  269.974317][T12420]  ? __pfx_vfs_write+0x10/0x10
[  269.974336][T12420]  ? do_sys_openat2+0x17a/0x1d0
[  269.974369][T12420]  ? __fget_files+0x2a/0x410
[  269.974400][T12420]  ? __fget_files+0x395/0x410
[  269.974428][T12420]  ? __fget_files+0x2a/0x410
[  269.974468][T12420]  ksys_write+0x18f/0x2b0
[  269.974492][T12420]  ? __pfx_ksys_write+0x10/0x10
[  269.974516][T12420]  ? do_syscall_64+0x100/0x230
[  269.974549][T12420]  ? do_syscall_64+0xb6/0x230
[  269.974582][T12420]  do_syscall_64+0xf3/0x230
[  269.974612][T12420]  ? clear_bhb_loop+0x35/0x90
[  269.974644][T12420]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.974672][T12420] RIP: 0033:0x7f267738bc1f
[  269.974689][T12420] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  269.974707][T12420] RSP: 002b:00007f267826a030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  269.974728][T12420] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f267738bc1f
[  269.974742][T12420] RDX: 0000000000000001 RSI: 00007f267826a0a0 RDI: 0000000000000003
[  269.974754][T12420] RBP: 00007f267826a090 R08: 0000000000000000 R09: 0000000000000000
[  269.974767][T12420] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  269.974779][T12420] R13: 0000000000000000 R14: 00007f26775a5fa0 R15: 00007ffef83df9f8
[  269.974853][T12420]  </TASK>
[  270.511382][T12439] ------------[ cut here ]------------
[  270.517359][T12439] WARNING: CPU: 0 PID: 12439 at net/mac80211/key.c:1162 ieee80211_free_keys+0x567/0x680
[  270.527573][T12439] Modules linked in:
[  270.531687][T12439] CPU: 0 UID: 0 PID: 12439 Comm: syz.1.2477 Not tainted 6.14.0-rc6-syzkaller-00104-g5f079290e591 #0
[  270.542581][T12439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  270.553027][T12439] RIP: 0010:ieee80211_free_keys+0x567/0x680
[  270.559373][T12439] Code: 01 00 00 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 d8 e7 3e f6 90 0f 0b 90 e9 17 fc ff ff e8 ca e7 3e f6 90 <0f> 0b 90 4c 8b 64 24 20 e9 77 fe ff ff e8 b7 e7 3e f6 e9 2d fe ff
[  270.579238][T12439] RSP: 0018:ffffc9000dabf620 EFLAGS: 00010283
[  270.585357][T12439] RAX: ffffffff8b82f746 RBX: 0000000000000001 RCX: 0000000000080000
[  270.593429][T12439] RDX: ffffc90004ec2000 RSI: 0000000000000a53 RDI: 0000000000000a54
[  270.602346][T12439] RBP: ffffc9000dabf6f0 R08: ffffffff8b82f547 R09: 1ffff92001b57e78
[  270.610542][T12439] R10: dffffc0000000000 R11: fffff52001b57e79 R12: 0000000000000002
[  270.618867][T12439] R13: ffff888031014d80 R14: 1ffff11006202d3a R15: dffffc0000000000
[  270.626883][T12439] FS:  00007f16496596c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  270.636060][T12439] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  270.642785][T12439] CR2: 0000000000000000 CR3: 0000000022b14000 CR4: 00000000003526f0
[  270.651272][T12439] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  270.659490][T12439] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  270.667489][T12439] Call Trace:
[  270.671011][T12439]  <TASK>
[  270.673971][T12439]  ? __warn+0x165/0x4d0
[  270.678158][T12439]  ? ieee80211_free_keys+0x567/0x680
[  270.683960][T12439]  ? report_bug+0x2b3/0x500
[  270.688725][T12439]  ? ieee80211_free_keys+0x567/0x680
[  270.694076][T12439]  ? handle_bug+0x60/0x90
[  270.698512][T12439]  ? exc_invalid_op+0x1a/0x50
[  270.703224][T12439]  ? asm_exc_invalid_op+0x1a/0x20
[  270.708417][T12439]  ? ieee80211_free_keys+0x367/0x680
[  270.713759][T12439]  ? ieee80211_free_keys+0x566/0x680
[  270.719219][T12439]  ? ieee80211_free_keys+0x567/0x680
[  270.724551][T12439]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  270.731239][T12439]  ? lockdep_hardirqs_on+0x99/0x150
[  270.736511][T12439]  ? __pfx_ieee80211_free_keys+0x10/0x10
[  270.742313][T12439]  ? wiphy_work_cancel+0x1f0/0x3e0
[  270.747475][T12439]  ieee80211_do_stop+0x1085/0x2380
[  270.753045][T12439]  ? __pfx_ieee80211_do_stop+0x10/0x10
[  270.758865][T12439]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  270.764815][T12439]  ? lockdep_hardirqs_on+0x99/0x150
[  270.770265][T12439]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  270.776651][T12439]  ? wiphy_work_cancel+0x1f0/0x3e0
[  270.781916][T12439]  ieee80211_stop+0x43b/0x490
[  270.786659][T12439]  ? __pfx_ieee80211_stop+0x10/0x10
[  270.792028][T12439]  __dev_close_many+0x216/0x350
[  270.796931][T12439]  ? __pfx___dev_close_many+0x10/0x10
[  270.802438][T12439]  ? dev_set_rx_mode+0x233/0x2e0
[  270.807434][T12439]  __dev_change_flags+0x30e/0x6f0
[  270.812616][T12439]  ? __pfx___dev_change_flags+0x10/0x10
[  270.818238][T12439]  ? __mutex_lock+0x397/0x1010
[  270.823254][T12439]  ? __pfx_lock_acquire+0x10/0x10
[  270.828449][T12439]  dev_change_flags+0x8b/0x1a0
[  270.833272][T12439]  dev_ifsioc+0x7c2/0xe70
[  270.837652][T12439]  ? __pfx_dev_ifsioc+0x10/0x10
[  270.843701][T12439]  ? dev_load+0x21/0x1f0
[  270.848008][T12439]  dev_ioctl+0x719/0x1340
[  270.852713][T12439]  sock_do_ioctl+0x240/0x460
[  270.854089][T12455] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2482'.
[  270.857336][T12439]  ? __pfx_sock_do_ioctl+0x10/0x10
[  270.871777][T12439]  sock_ioctl+0x626/0x8e0
[  270.876159][T12439]  ? __pfx_sock_ioctl+0x10/0x10
[  270.881159][T12439]  ? __fget_files+0x2a/0x410
[  270.885842][T12439]  ? __fget_files+0x2a/0x410
[  270.890630][T12439]  ? __pfx_sock_ioctl+0x10/0x10
[  270.895536][T12439]  __se_sys_ioctl+0xf5/0x170
[  270.900239][T12439]  do_syscall_64+0xf3/0x230
[  270.904792][T12439]  ? clear_bhb_loop+0x35/0x90
[  270.909614][T12439]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  270.915549][T12439] RIP: 0033:0x7f164878d169
[  270.920085][T12439] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  270.939841][T12439] RSP: 002b:00007f1649659038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  270.948388][T12439] RAX: ffffffffffffffda RBX: 00007f16489a5fa0 RCX: 00007f164878d169
[  270.956606][T12439] RDX: 0000400000002280 RSI: 0000000000008914 RDI: 0000000000000006
[  270.964852][T12439] RBP: 00007f164880e2a0 R08: 0000000000000000 R09: 0000000000000000
[  270.972993][T12439] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  270.981095][T12439] R13: 0000000000000000 R14: 00007f16489a5fa0 R15: 00007ffee1601f58
[  270.989207][T12439]  </TASK>
[  270.992274][T12439] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  270.999573][T12439] CPU: 0 UID: 0 PID: 12439 Comm: syz.1.2477 Not tainted 6.14.0-rc6-syzkaller-00104-g5f079290e591 #0
[  271.010356][T12439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  271.020441][T12439] Call Trace:
[  271.023724][T12439]  <TASK>
[  271.026660][T12439]  dump_stack_lvl+0x241/0x360
[  271.031349][T12439]  ? __pfx_dump_stack_lvl+0x10/0x10
[  271.036553][T12439]  ? __pfx__printk+0x10/0x10
[  271.041147][T12439]  ? _printk+0xd5/0x120
[  271.045308][T12439]  ? __init_begin+0x41000/0x41000
[  271.050350][T12439]  ? vscnprintf+0x5d/0x90
[  271.054691][T12439]  panic+0x349/0x880
[  271.058609][T12439]  ? __warn+0x174/0x4d0
[  271.062798][T12439]  ? __pfx_panic+0x10/0x10
[  271.067231][T12439]  __warn+0x344/0x4d0
[  271.071221][T12439]  ? ieee80211_free_keys+0x567/0x680
[  271.076523][T12439]  report_bug+0x2b3/0x500
[  271.080859][T12439]  ? ieee80211_free_keys+0x567/0x680
[  271.086175][T12439]  handle_bug+0x60/0x90
[  271.090340][T12439]  exc_invalid_op+0x1a/0x50
[  271.094853][T12439]  asm_exc_invalid_op+0x1a/0x20
[  271.099717][T12439] RIP: 0010:ieee80211_free_keys+0x567/0x680
[  271.105630][T12439] Code: 01 00 00 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 d8 e7 3e f6 90 0f 0b 90 e9 17 fc ff ff e8 ca e7 3e f6 90 <0f> 0b 90 4c 8b 64 24 20 e9 77 fe ff ff e8 b7 e7 3e f6 e9 2d fe ff
[  271.125331][T12439] RSP: 0018:ffffc9000dabf620 EFLAGS: 00010283
[  271.131410][T12439] RAX: ffffffff8b82f746 RBX: 0000000000000001 RCX: 0000000000080000
[  271.139416][T12439] RDX: ffffc90004ec2000 RSI: 0000000000000a53 RDI: 0000000000000a54
[  271.147394][T12439] RBP: ffffc9000dabf6f0 R08: ffffffff8b82f547 R09: 1ffff92001b57e78
[  271.155375][T12439] R10: dffffc0000000000 R11: fffff52001b57e79 R12: 0000000000000002
[  271.163355][T12439] R13: ffff888031014d80 R14: 1ffff11006202d3a R15: dffffc0000000000
[  271.171346][T12439]  ? ieee80211_free_keys+0x367/0x680
[  271.176659][T12439]  ? ieee80211_free_keys+0x566/0x680
[  271.181961][T12439]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  271.187876][T12439]  ? lockdep_hardirqs_on+0x99/0x150
[  271.193090][T12439]  ? __pfx_ieee80211_free_keys+0x10/0x10
[  271.198756][T12439]  ? wiphy_work_cancel+0x1f0/0x3e0
[  271.203893][T12439]  ieee80211_do_stop+0x1085/0x2380
[  271.209036][T12439]  ? __pfx_ieee80211_do_stop+0x10/0x10
[  271.214521][T12439]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  271.220427][T12439]  ? lockdep_hardirqs_on+0x99/0x150
[  271.225642][T12439]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  271.231987][T12439]  ? wiphy_work_cancel+0x1f0/0x3e0
[  271.237197][T12439]  ieee80211_stop+0x43b/0x490
[  271.241893][T12439]  ? __pfx_ieee80211_stop+0x10/0x10
[  271.247111][T12439]  __dev_close_many+0x216/0x350
[  271.252079][T12439]  ? __pfx___dev_close_many+0x10/0x10
[  271.257482][T12439]  ? dev_set_rx_mode+0x233/0x2e0
[  271.262448][T12439]  __dev_change_flags+0x30e/0x6f0
[  271.267497][T12439]  ? __pfx___dev_change_flags+0x10/0x10
[  271.273061][T12439]  ? __mutex_lock+0x397/0x1010
[  271.277849][T12439]  ? __pfx_lock_acquire+0x10/0x10
[  271.282898][T12439]  dev_change_flags+0x8b/0x1a0
[  271.287687][T12439]  dev_ifsioc+0x7c2/0xe70
[  271.292035][T12439]  ? __pfx_dev_ifsioc+0x10/0x10
[  271.296906][T12439]  ? dev_load+0x21/0x1f0
[  271.301177][T12439]  dev_ioctl+0x719/0x1340
[  271.305523][T12439]  sock_do_ioctl+0x240/0x460
[  271.310131][T12439]  ? __pfx_sock_do_ioctl+0x10/0x10
[  271.315276][T12439]  sock_ioctl+0x626/0x8e0
[  271.319624][T12439]  ? __pfx_sock_ioctl+0x10/0x10
[  271.324485][T12439]  ? __fget_files+0x2a/0x410
[  271.329101][T12439]  ? __fget_files+0x2a/0x410
[  271.333716][T12439]  ? __pfx_sock_ioctl+0x10/0x10
[  271.338583][T12439]  __se_sys_ioctl+0xf5/0x170
[  271.343186][T12439]  do_syscall_64+0xf3/0x230
[  271.347706][T12439]  ? clear_bhb_loop+0x35/0x90
[  271.352419][T12439]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.358335][T12439] RIP: 0033:0x7f164878d169
[  271.362764][T12439] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  271.382478][T12439] RSP: 002b:00007f1649659038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  271.390925][T12439] RAX: ffffffffffffffda RBX: 00007f16489a5fa0 RCX: 00007f164878d169
[  271.398926][T12439] RDX: 0000400000002280 RSI: 0000000000008914 RDI: 0000000000000006
[  271.406919][T12439] RBP: 00007f164880e2a0 R08: 0000000000000000 R09: 0000000000000000
[  271.415000][T12439] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  271.422988][T12439] R13: 0000000000000000 R14: 00007f16489a5fa0 R15: 00007ffee1601f58
[  271.430989][T12439]  </TASK>
[  271.434165][T12439] Kernel Offset: disabled
[  271.438565][T12439] Rebooting in 86400 seconds..