last executing test programs:

22.568415868s ago: executing program 1 (id=5749):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff3}, {0xffff, 0xffff}, {0x10, 0x3}}, [@qdisc_kind_options=@q_mq={0x7}]}, 0x2c}}, 0x20040084)
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000b00)=@newqdisc={0x24, 0x29, 0x4ee4e6a52ff56541, 0x4001, 0xfffdfdfc, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}, {0x2, 0xfff2}}}, 0x24}, 0x1, 0x0, 0x0, 0x400dc}, 0x44840)

21.42734274s ago: executing program 1 (id=5766):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x8c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x2}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x64, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x22}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}]}}}, {0x2c, 0x1, 0x0, 0x1, @cmp={{0x8}, @val={0x20, 0x2, 0x0, 0x1, [@NFTA_CMP_DATA={0xc, 0x3, 0x0, 0x1, [@NFTA_DATA_VALUE={0x5, 0x1, '&'}]}, @NFTA_CMP_SREG={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_CMP_OP={0x8, 0x2, 0x1, 0x0, 0x4}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0xf5}}, 0x100}}, 0x0)

21.30389446s ago: executing program 1 (id=5769):
syz_emit_ethernet(0xe, &(0x7f0000000040)={@multicast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1e}, @void, {@generic={0x88f5}}}, 0x0)
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_SET(r3, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x3c, r4, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x28, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3e}]}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x48c05}, 0x4040140)
splice(r2, 0x0, r1, 0x0, 0x800, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f00000002c0)=[@in={0x2, 0x4e22, @rand_addr=0x64010102}, @in6={0xa, 0x4e20, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}, 0x9}, @in={0x2, 0x4e22, @private=0xa010102}, @in={0x2, 0x4e23, @rand_addr=0x64010100}, @in={0x2, 0x4e22, @local}, @in6={0xa, 0x4e24, 0x7, @remote, 0x61}], 0xfffffffffffffe71)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$batadv(&(0x7f0000002880), 0xffffffffffffffff)
r9 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r9, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r9, 0x84, 0x17, &(0x7f0000000080)={0x0, 0x5, 0x1, "fd"}, 0x9)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000180)={'batadv0\x00', <r10=>0x0})
r11 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r11, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r11, &(0x7f0000000040)="2a000000010000", 0x7)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(0xffffffffffffffff, 0x84, 0x15, &(0x7f0000000700)={0xff}, 0x1)
sendmsg$BATADV_CMD_SET_HARDIF(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)={0x24, r8, 0x1, 0x70bd2c, 0x25dfdbfe, {}, [@BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x9}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r10}]}, 0x24}, 0x1, 0x0, 0x0, 0x4c000}, 0x40)
bind$bt_hci(r0, &(0x7f0000000740)={0x1f, 0x3, 0x3}, 0x6)
sendmsg$NLBL_MGMT_C_REMOVE(r5, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x28, r6, 0xb0e931ce976ccbf4, 0x70bd26, 0x25dfdbfd, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @remote}]}, 0x28}, 0x1, 0x0, 0x0, 0x40090}, 0x20008041)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000680)={r0, 0x0, 0xd6, 0x57, &(0x7f0000000380)="878a95ed7851af04fb6c17fd1a4a07c5958fd7a918b6cd9a60aca7cc04d539e3a0bc78ffa0bdcb6fac14c9730d8420718f9a95dad3ee91561b6ca69d8758ed4429a9362e276fbe1324ec2ca8019fe2849ca9ed1ff2a13ab95e152abdbbeb67f9ffc94a97ede5776819ed2240f9856d308ff23dc66c0d79990b98422bb0230e61ff8785c5b28dfc2210f6a500c726b9a2175570daaa0e31b7eae8f3de8b1d88c02b6b93e7cfd2a3fc0dc98422b70598f53df9c6026e5d060e9912fb87c7563af3f39b8f8d38f4bb5a951187af243269f3274764ab73c7", &(0x7f0000000480)=""/87, 0x80, 0x0, 0xdc, 0x5e, &(0x7f0000000500)="dd26db57847b0b6facf7a0eb274dd43f3ca2f6adc635d877418df7bf49b125fb1f5497d065d94e5fff7616097f06f5e327c86f83a0017182cbf0cdea7088e4c1ec774f5946ead88ae8beccdb6fa03cd9c8a060ca16a5eb56268b4ea7772793e446190dd075278f520ea3801a5f02abad2427fd6be7cedcde9e351bbafaaf3367d6cc99fdba8a2e723609b723a8a3fba01e0806c5b0d0fa78e0ffb866adbbbab02f57b801f7d375b10a27bd1d32d8ae1fb275371c2f342b1425d1ddbbca05f271cac6dced343455747a271a7ddc3b0a31b6d59e56c87724c1cac3a998", &(0x7f0000000600)="d4d6a96343165f6841f480353d300dfaf0555af610c529bf5a1c25af9808f3c9884338dd1bd9cd024af957782f4722306fac9455b5c1448fde3e769f907f905ea222051fcb83ef3ae3c817c50e0a5e3ed7db2638942c5741c99b3f0d00a5", 0x1, 0x0, 0x10}, 0x50)
syz_emit_ethernet(0xd6, &(0x7f0000000080)={@random="2182ffcb62e9", @local, @val={@val={0x88a8, 0x0, 0x1, 0x4}, {0x8100, 0x1, 0x1}}, {@mpls_mc={0x8848, {[{0xf}, {0x401}], @llc={@llc={0x7e, 0xe, "7f", "dd68d119f74d30ddc5a879b45b6f56332ab97da1cfa49d8622117e6b240781f34384a9635d71a9dbbf087f01a8a3a84cd65a48c2fe13246c0b7e2f00fe15f5c29512da1fd0139e4e8e4944002ba4c99066c3597ba7009010f46adcf9e4cafba17c1a2f86d604891098e518576d6211ec4e4c7362f6895fbc4ffee4d8b0f6492469fd647548769f0f3aca8f896ac8e49f1be92e60e411a5be02ee388eceaeab8d41de7870aa7e2d22d21a555b7801245ec9b1ae2d52"}}}}}}, &(0x7f00000010c0)={0x1, 0x1, [0xb16, 0x332, 0x3cb, 0xb47]})

21.213594377s ago: executing program 1 (id=5771):
r0 = socket$inet(0x2, 0x2, 0x1)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x12, &(0x7f00000001c0)=0x10, 0x4)
setsockopt$inet_opts(r0, 0x0, 0x4, 0x0, 0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r2, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0xb}, 0xe)
getsockopt$sock_buf(r2, 0x1, 0x1c, 0x0, &(0x7f0000000580))
sendmsg$TIPC_NL_MEDIA_SET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000000c0)={0x84, 0x0, 0x100, 0x70bd29, 0x25dfdbfd, {}, [@TIPC_NLA_SOCK={0x64, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x8e}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x6}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xff}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x4}, @TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x4}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x17a0000}]}]}, @TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x82}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x4008840}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@ipv4_newrule={0x3c, 0x20, 0x1, 0x70bd26, 0x25dfdbfb, {0x2, 0x10, 0x10, 0x0, 0x9, 0x0, 0x0, 0x6, 0x10006}, [@FRA_SRC={0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x2a}}, @FRA_FLOW={0x8, 0xb, 0x6}, @FRA_GENERIC_POLICY=@FRA_IP_PROTO={0x5, 0x16, 0x89}, @FRA_DST={0x8, 0x1, @empty}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40}, 0x4004804)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r5, &(0x7f0000000100)}, 0x20)
sendmsg$nl_route(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB='L\x00\x00\x00!'], 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x0, @rand_addr=0x64010102}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000400)="08001efbb07d586e", 0x8}], 0x1}, 0x1)
getsockopt$IP_VS_SO_GET_DESTS(r1, 0x0, 0x484, &(0x7f0000000440)=""/4096, &(0x7f0000001440)=0x1000)

21.048075211s ago: executing program 1 (id=5773):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0xffff}, 0x50)
r1 = epoll_create(0x1)
epoll_pwait(r1, &(0x7f0000000080), 0x0, 0x7, &(0x7f00000001c0), 0x8)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000004000000020000000100000c02000000000000000000000d0000000000005f"], 0x0, 0x34}, 0x20)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000100000000000000801800009500000000000000"], &(0x7f0000000000)='GPL\x00', 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x1}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000500)=@bpf_ext={0x1a, 0xf, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8792}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000180)='GPL\x00', 0x7, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, 0x3a, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x1, r3, 0x0, 0x0, 0x0, 0x10, 0x4a6}, 0x94)

20.897835425s ago: executing program 1 (id=5775):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x48241, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_SERVICES(r1, 0x0, 0x29, 0x0, &(0x7f0000000100))
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a3000"], 0x7c}}, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3400000040000701fcffffff00000100017c0000040042800c0001800600060065580000100002800c0003800800"], 0x34}}, 0xc000)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000540)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_BT_SECURITY(r3, 0x112, 0x4, &(0x7f0000000280)={0x4, 0x6}, 0x2)
connect$bt_l2cap(r3, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000012c0)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{0x1, 0x0, 0x9}, 0x8}, [{0x0, 0x0, 0x0, 0x0, 0x0, 0x67}, {}, {0x0, 0xfffffffe}, {0x0, 0x40000000}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {}, {0x0, 0x0, 0x2, 0x0, 0xfffffffc}, {}, {0x0, 0x0, 0x0, 0x4}, {0x0, 0x0, 0x0, 0x10000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x81}, {}, {}, {}, {}, {0x0, 0xfffffffd}, {}, {}, {0x15d}, {}, {}, {}, {}, {}, {}, {0x0, 0xfffffffc}, {}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1000}, {0x0, 0x0, 0x4000000}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xffff, 0x8}, {0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x6}, {0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {}, {}, {0xffffffff}, {}, {0x0, 0x0, 0xfffffffd}, {}, {}, {0x0, 0x0, 0x0, 0x81, 0x0, 0x400}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff24}, {}, {0x0, 0x0, 0x2000000}, {0x0, 0x3}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {0x0, 0x0, 0xffffffff, 0x800}, {}, {}, {}, {0x0, 0x0, 0xd}, {0xfff}, {}, {}, {}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {0x0, 0x0, 0x2, 0x0, 0x0, 0xa}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x5}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x20040804)

5.489317526s ago: executing program 2 (id=5870):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e21, @broadcast}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0xa, &(0x7f00000003c0)=0x6, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x12, &(0x7f0000000040)=0x8100, 0x4)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)

5.323709873s ago: executing program 4 (id=5873):
r0 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0xfffffeffffff7ffe, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000001340)=[{{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000003c0)=':-n6', 0x4}], 0x1}}, {{0x0, 0x0, &(0x7f0000001100)=[{&(0x7f0000000980)="54e16714", 0x4}], 0x1}}], 0x2, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000006480)={&(0x7f0000c25000/0x4000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x0, 0x65b86bb5, 0x1, 0x0}, &(0x7f00000064c0)=0x40)

5.144983422s ago: executing program 0 (id=5876):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet(r0, &(0x7f00000006c0)=[{{&(0x7f00000000c0)={0x2, 0x4e24, @remote}, 0x10, 0x0}}, {{&(0x7f0000000100)={0x2, 0x4e24, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000140)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private=0xa010101, @rand_addr=0x64010100}}}], 0x20}}], 0x2, 0x0)

5.091013316s ago: executing program 0 (id=5878):
socket(0x10, 0x3, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x7005}, 0x4)
syz_emit_ethernet(0x16, 0x0, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'syz_tun\x00', <r3=>0x0})
bind$packet(r1, &(0x7f00000006c0)={0x11, 0x0, r3, 0x1, 0xb, 0x6, @remote}, 0x14)
syz_emit_ethernet(0x5a, &(0x7f0000000580)=ANY=[], 0x0)

4.776024379s ago: executing program 0 (id=5880):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000007c0)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x48, 0x2, {{0x3, 0x4, 0x6361, 0x7, 0xffffffff, 0x40000003}, [@TCA_NETEM_RATE64={0xc, 0x8, 0x3d8d9926a7750156}, @TCA_NETEM_JITTER64={0xc, 0xb, 0x7}, @TCA_NETEM_ECN={0x8, 0x7, 0x1}, @TCA_NETEM_REORDER={0xc, 0x3, {0x8, 0x7}}]}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
r6 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r6, &(0x7f0000000240)="80", 0x1, 0x40, &(0x7f00000001c0)={0x11, 0x8100, r5, 0x1, 0xd8, 0x6, @broadcast}, 0x14)

4.540167924s ago: executing program 2 (id=5883):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
sendmsg$key(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="020a000002"], 0x10}}, 0x0)

4.506359096s ago: executing program 0 (id=5885):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000480)="b19ccccf84f531d9ec214627c11430c1", 0x20)
r1 = accept$alg(r0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000001d40)=[{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000240)="c1aba7d2bed3105cdaff99d17f904c25a4b2dfd90353f74c9a6c4ac7f1b9ef5dc9a6ab01ab25bd97636769ce45f52bd36e3674441030d967ea844028773b536ca7087e2b0102c194f6c8e248d115b7237bdbf156b61db9e65ced76ea23cea4473fb77fc37161eecd46f36c0a47990ef480", 0x71}], 0x1, 0x0, 0x0, 0x20000080}], 0x1, 0x40000)
recvmmsg(r1, &(0x7f0000000740)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000000c0)=""/112, 0x70}], 0x1}, 0x3}], 0x1, 0x102, 0x0)

4.475461307s ago: executing program 2 (id=5886):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000a40)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r2, &(0x7f0000002d80)={0x0, 0x0, &(0x7f0000002d40)={&(0x7f0000000a80)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01002dbd7000fbdbdf256600000008000300", @ANYRES32=r3, @ANYBLOB="0800b700f70000000400b980080026006c09000005001801010000"], 0x40}, 0x1, 0x0, 0x0, 0xa3f9418976ca6fb2}, 0x80)

4.372717336s ago: executing program 4 (id=5888):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)={0x40, 0x1, 0x1, 0x301, 0x0, 0x0, {0x2, 0x0, 0x7}, [@CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x45}]}, @CTA_TUPLE_REPLY={0x18, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @rand_addr=0x64010100}, {0x8, 0x2, @remote}}}]}, @CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x4}]}, 0x40}, 0x1, 0x0, 0x0, 0x4}, 0x4800)

4.288363337s ago: executing program 3 (id=5889):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0xffff, 0xe9, @dev={0xfe, 0x80, '\x00', 0x31}, 0x6}, 0x1c)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x953c, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)

4.261918987s ago: executing program 2 (id=5890):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000340)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000200)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "2a8435", 0x14, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x4, 0x5, 0xc2}}}}}}}, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)

4.148333185s ago: executing program 4 (id=5891):
r0 = socket$inet6_icmp(0xa, 0x2, 0x3a)
bind$inet6(r0, &(0x7f0000000240)={0xa, 0x2, 0x1000, @loopback}, 0x1c)
syz_emit_ethernet(0x3e, &(0x7f0000000300)={@broadcast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x1, 0x6, "fbddf0", 0x8, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @mcast2, {[], @echo_reply={0x81, 0x0, 0x0, 0x2, 0x6}}}}}}, 0x0)

4.101130285s ago: executing program 3 (id=5892):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000a00)=ANY=[@ANYBLOB="fc00000019000100000000000000000000000000000000000000ffff00000000ac1414bb00000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000660000000000f2ffffff00000000000000000000000044000500ff020000000000000000000000000001000000006c"], 0xfc}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)=@updpolicy={0xc4, 0x19, 0xfd3649826d894c67, 0x0, 0x0, {{@in6=@mcast1, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}}, [@policy_type={0xa, 0x10, {0x1}}]}, 0xc4}}, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000500)={@broadcast, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "6b88ef", 0x8, 0x3a, 0x0, @private1, @local, {[], @echo_reply}}}}}, 0x0)

4.05474543s ago: executing program 2 (id=5893):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0xffffffffffffff14, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0)
writev(r0, &(0x7f0000000380)=[{&(0x7f0000000000)="89e7ee2c7cdad9b4b47380c988ca", 0xe}, {&(0x7f0000000300)="df1ee9943c0bf07f028954a3984452d1900ca39b1ccebaf2", 0x18}], 0x2)

4.043410345s ago: executing program 4 (id=5894):
r0 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
bind$netlink(r3, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc)
getsockname$packet(r3, &(0x7f0000000600)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x40d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r4, 0x1}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x4}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40040}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x1, 0x803, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001400)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_MASTER={0x8, 0xa, r7}]}, 0x44}}, 0x0)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)

3.863848612s ago: executing program 3 (id=5895):
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0xa)
r2 = socket(0x2, 0x3, 0xff)
sendmmsg$inet(r2, &(0x7f00000055c0)=[{{&(0x7f0000000380)={0x2, 0x4e24, @loopback}, 0x10, &(0x7f0000002a00)=[{&(0x7f00000004c0)="f56f6b44f4911cb9b48346c596a44a5132d5245df5", 0x15}], 0x1}}, {{&(0x7f0000002b40)={0x2, 0x4e23, @private=0xa010100}, 0x10, &(0x7f0000004180)=[{&(0x7f0000002b80)="7ac6a354f324c36eaecaf1c406b338623f07b75776f7ebe6fee3818c264beb68f1f6e0135f597c5994d406bec81b8e737a25e0fa13062e8daf276da57aa23e34e69cc93fb4abaa4a038063f55f9d01c13b8b9e25b4648b01e17a63323c3c7d2ad81191a4aa4270787af27c1bcaf93eaa18ce2cb4db5b0fee2d1d377d48c128fe14a4605e287a587c6dfe25fc452560d7", 0x90}, {&(0x7f0000003000)="51581ad876d6e36b9ea3030eeb44a79244dff8453fad6c8a6b1940be7c27b4f854e76f849dfb870a0b8fb8a898de8db7216a0fb686f7664f44a87c878263a5a319aad3a9daf7b67c4a3eb9bc4054cafd4a033c08da83b53a9bd4239a82cdfdb466e2772f5f3017599885dee0632aab6bb708c04bbf7f910ac369cd07409afc45d19688f8a5786b40d535ea93426fa5ddcaeb47171bbafa1db25de87169956085ee8422ac11f12a7d804a13dde41d86810dc07beaec44e9a935a166451f5cd85b5e56a96f297b1111526b0bfc0fb662ed2626539a75389db9f01cdb3856eb52fccfd4f81c90467df49e8e5cab5a83a753690bd6d4f9bd3cd8e01f7474103d319995db24b64289c2898f63c220f4ae51736d0cbf977645130d58d675afbc9daa650601a5e722b1194ce4892cae308201bce53f8dafc545dd80201700b7a95283a088b5b215550f6190d5d28f74f80a7607b65d0e206f580dce0a605cfb7b064304f7b069e5b72e47ae54f50c0f36eab464571618a4f7864eba261147b100cd98b654c21f852fb1582fae6ac4ece7b7dea61d0c486c44ac2eac84c47ef34a01fb05dc01d2637a82b8043f3aeb71afce1ac743e4217738c73423af3bbb01c8bfdd9d6540bf1a67998e4106becaf6bfe6002d4f8319181df36dd51805a36d3b166eba641e12399858b92adf3b08442a4dcc665c285051b1654c3bbdba1ccf257f64a1666f3a6384202ae253835da85aac07714d41866fb9c2ecb7e92d64835b7f4c7628d297c078f1a9464994539f88ce2e4f0f49711d62152d3517dec7d6c6ffafb698404f7bdce27c5ac9e240ffcb4db2e1c8030e2f8254355ed5fb33676de63ac75fd03685f653c3ab710e6e4740239887e3eff5a89323b9b3c795b48936eae3094cc79bb59f7f91594adfb9df8f8d85ba216378a67d96019cd72af146508c5bf851f0b52363fa2979ea3e80bf4814ff4508190aace62fbd53d862d46d3fac8280a9ba1481a74f21cca98d1b1f2b732a95a5268c7f9af9a452aad3c60a90bb2bd2c3d77cbf908934430b0398e5dce0f438a5ac362ef392756c87c8ad71d98ad2bbeb7ed56243dce2cd86d09800ecac007262e15a27a86dca6083b9c87d05330766c7f7b1afeacbd43e22f429733abe6d739d7b6c0df816aa996324ccaa8bdbcbfe2407660164df09cbc37489225a6d5219c26e15483819bb5d793d56503cfde648bcedb950b844ddc5c1971b2716bf5aa8d31e68adcb0a601c81e6bd2be5ea889e8889d7185aad709e3cf443e40c38a7c848d97661fb7c00b2714a966231122e0d70d379ceb6df26d76f679eea50c69411566011257b71c833da463afbc58b19f7f671fec1db2ede1248e5710b57f311d997c25e0c08f50948def03e1becc42a7e58c5acbc31f22852bd6fc0aec26f6249de0c43c06cbf35b90789f6e2e7d7e6d13a780fb0b0ac97b4a6733a5c3ff352169f0cf50d2a78ff910842d160bfca4966b322fcc2c036afd01f4eaf8763056057eae10fcfa358a0ec43c562648aa878d292b0b50565b2408ad56b68f6f75742272775591767b11bc686e043afa1bf0fb888fcd2996962fc0ee1d7e5b0fc446e3489425c7312a4fcc6f2261b77a76236837a6bdee09f7451a9b0d58546fa143a97e8faa63a2d87e2887c04ca0ae3bcee3f099755534378d7c994b14962b0e4f4f6107e03fc22ec3dfcd3a2ce0cd08b8df3e28de508783f1c3941488e7a1e5e12fde6eb1a91e594e1a6a8fc6fa7f63bfc5ea03377fe8b9a4f532897d0cea9727e4be2d16b2952328f007caeb6103b1d67b339942fa7bb953820f787493ef7e71defea4425f6df6eff6f167be07908c274fbd0b48e9c5c4b44", 0x527}], 0x2, &(0x7f00000041c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r1, @local, @private=0xa010100}}}], 0x20}}], 0x2, 0x0)

3.714855617s ago: executing program 3 (id=5896):
r0 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
bind$netlink(r3, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc)
getsockname$packet(r3, &(0x7f0000000600)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x40d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r4, 0x1}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x1}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40040}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x1, 0x803, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001400)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_MASTER={0x8, 0xa, r7}]}, 0x44}}, 0x0)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)

3.697442947s ago: executing program 4 (id=5897):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$unix(0x1, 0x2, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010028bd7000fddbdf250700000008000300", @ANYRES32=r3, @ANYBLOB="0c009900ff070000070000001400040073797a6b616c6c6572300000000000000800050006"], 0x44}, 0x1, 0x0, 0x0, 0x81}, 0x24044884)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r4)
socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
r7 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r7, &(0x7f0000000640)="000a18000600600000eb55000000000100aa34745a1945da08e815b218b175e62e90d9c5596d3ef4ddaae57cdcf90884", 0x30, 0x4000000, &(0x7f0000000380)={0x11, 0xe56930649afa540, r6, 0x1, 0xd8, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x14)

3.621810502s ago: executing program 0 (id=5898):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$unix(0x1, 0x2, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010028bd7000fddbdf250700000008000300", @ANYRES32=r3, @ANYBLOB="0c009900ff070000070000001400040073797a6b616c6c6572300000000000000800050006"], 0x44}, 0x1, 0x0, 0x0, 0x81}, 0x24044884)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r4)
socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
r7 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r7, &(0x7f0000000640)="000a1800000d600000eb5500fe00000100aa34745a1945da08e815b218b175e62e90d9c5596d3ef4ddaae57cdcf90884", 0x30, 0x4000000, &(0x7f0000000380)={0x11, 0xe56930649afa540, r6, 0x1, 0xd8, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x14)

212.430741ms ago: executing program 3 (id=5899):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$unix(0x1, 0x2, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010028bd7000fddbdf250700000008000300", @ANYRES32=r3, @ANYBLOB="0c009900ff070000070000001400040073797a6b616c6c6572300000000000000800050006"], 0x44}, 0x1, 0x0, 0x0, 0x81}, 0x24044884)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r4)
socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
r7 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r7, &(0x7f0000000640)="000a1800000d600000eb55000000000100aa34745a1945da08e815b218b175e62e90d9c5596d3ef4ddaae57cdcf90884", 0x30, 0x4000000, &(0x7f0000000380)={0x11, 0xe56930649afa540, r6, 0x1, 0xd8, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x14)

212.166441ms ago: executing program 0 (id=5900):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000e40)={0x38, r1, 0x5, 0x70bd2c, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_USE_MFP={0x8, 0x42, 0x1}]}, 0x38}}, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, 0x0, 0x0)
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x1, [{0x2, 0x1}]}, @void, @void, @void, @void, @void, @void}, 0x2f)
nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, 0x0)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000200)=@mgmt_frame=@auth={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @val={0x10, 0x1, 0x21}}, 0x21)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=ANY=[@ANYBLOB="10000000080211000001080211000000080211000000200001000000d35d01"], 0x20)
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val, @void, @void, @void, @void, @void, @void}, 0x2e)

211.975482ms ago: executing program 4 (id=5901):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x801, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0xfffffffe}]}}}]}]}], {0x14}}, 0xd4}}, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_int(r1, 0x0, 0xc, &(0x7f0000000200)=0x10001, 0x4)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000300)={0xa, 0x4e24, 0xfffffffa, @empty, 0x8001}, 0x1c)
listen(r2, 0x0)
sendmmsg$inet(r1, &(0x7f0000002300)=[{{&(0x7f0000000000)={0x2, 0x4e24, @empty}, 0x10, 0x0}}], 0x1, 0x2000c000)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
syz_emit_ethernet(0x3a, &(0x7f0000000100)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e23, 0x18, 0x0, @wg=@data={0x4, 0xa1c, 0x1496}}}}}}, 0x0)

52.849905ms ago: executing program 2 (id=5902):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$unix(0x1, 0x2, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010028bd7000fddbdf250700000008000300", @ANYRES32=r3, @ANYBLOB="0c009900ff070000070000001400040073797a6b616c6c6572300000000000000800050006"], 0x44}, 0x1, 0x0, 0x0, 0x81}, 0x24044884)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r4)
socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
r7 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r7, &(0x7f0000000640)="000a18000600600000eb5500000b000100aa34745a1945da08e815b218b175e62e90d9c5596d3ef4ddaae57cdcf90884", 0x30, 0x4000000, &(0x7f0000000380)={0x11, 0xe56930649afa540, r6, 0x1, 0xd8, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x14)

0s ago: executing program 3 (id=5903):
socket$inet6_icmp(0xa, 0x2, 0x3a)
syz_emit_ethernet(0x3e, &(0x7f0000000300)={@broadcast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x1, 0x6, "fbddf0", 0x8, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @mcast2, {[], @echo_reply={0x81, 0x0, 0x0, 0x2, 0x6}}}}}}, 0x0)

kernel console output (not intermixed with test programs):

]  ? ref_tracker_free+0x693/0x840
[  504.722968][T20682]  ? __pfx_ref_tracker_free+0x10/0x10
[  504.723007][T20682]  ? skb_clone+0x246/0x3a0
[  504.723029][T20682]  ? __netlink_deliver_tap+0x807/0x850
[  504.723057][T20682]  ? netlink_deliver_tap+0x2e/0x1b0
[  504.723091][T20682]  ? netlink_deliver_tap+0x2e/0x1b0
[  504.723118][T20682]  ? netlink_deliver_tap+0x2e/0x1b0
[  504.723151][T20682]  netlink_unicast+0x75c/0x8e0
[  504.723188][T20682]  netlink_sendmsg+0x813/0xb40
[  504.723225][T20682]  ? __pfx_netlink_sendmsg+0x10/0x10
[  504.723257][T20682]  ? aa_sock_msg_perm+0xf1/0x1b0
[  504.723285][T20682]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  504.723314][T20682]  ____sys_sendmsg+0x972/0x9f0
[  504.723331][T20682]  ? __might_fault+0xaf/0x130
[  504.723362][T20682]  ? __pfx_____sys_sendmsg+0x10/0x10
[  504.723391][T20682]  ? import_iovec+0x73/0xa0
[  504.723418][T20682]  ___sys_sendmsg+0x2a5/0x360
[  504.723436][T20682]  ? __lock_acquire+0x6b5/0x2cf0
[  504.723462][T20682]  ? __pfx____sys_sendmsg+0x10/0x10
[  504.723518][T20682]  ? __fget_files+0x2a/0x420
[  504.723541][T20682]  ? __fget_files+0x3a0/0x420
[  504.723576][T20682]  __x64_sys_sendmsg+0x1bd/0x2a0
[  504.723604][T20682]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  504.723635][T20682]  ? __pfx_ksys_write+0x10/0x10
[  504.723673][T20682]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  504.723695][T20682]  do_syscall_64+0x174/0x580
[  504.723715][T20682]  ? trace_irq_disable+0x3b/0x140
[  504.723743][T20682]  ? clear_bhb_loop+0x40/0x90
[  504.723777][T20682]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  504.723797][T20682] RIP: 0033:0x7f54e1d9ce59
[  504.723818][T20682] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  504.723836][T20682] RSP: 002b:00007f54e2cf8028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  504.723859][T20682] RAX: ffffffffffffffda RBX: 00007f54e2015fa0 RCX: 00007f54e1d9ce59
[  504.723873][T20682] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  504.723886][T20682] RBP: 00007f54e2cf8090 R08: 0000000000000000 R09: 0000000000000000
[  504.723898][T20682] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  504.723909][T20682] R13: 00007f54e2016038 R14: 00007f54e2015fa0 R15: 00007ffec750e558
[  504.723942][T20682]  </TASK>
[  505.149588][T20688] RDS: rds_bind could not find a transport for ::ffff:10.1.1.1, load rds_tcp or rds_rdma?
[  505.564587][T20710] netlink: 516 bytes leftover after parsing attributes in process `syz.0.4462'.
[  505.613302][T20714] xt_hashlimit: size too large, truncated to 1048576
[  505.670320][T20721] FAULT_INJECTION: forcing a failure.
[  505.670320][T20721] name failslab, interval 1, probability 0, space 0, times 0
[  505.701725][T20712] bridge_slave_0: default FDB implementation only supports local addresses
[  505.751761][T20721] CPU: 0 UID: 0 PID: 20721 Comm: syz.1.4464 Not tainted syzkaller #0 PREEMPT(full) 
[  505.751790][T20721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  505.751801][T20721] Call Trace:
[  505.751809][T20721]  <TASK>
[  505.751818][T20721]  dump_stack_lvl+0xe8/0x150
[  505.751846][T20721]  should_fail_ex+0x412/0x560
[  505.751874][T20721]  should_failslab+0xa8/0x100
[  505.751892][T20721]  ? skb_clone+0x212/0x3a0
[  505.751912][T20721]  kmem_cache_alloc_noprof+0x87/0x650
[  505.751938][T20721]  ? apparmor_capable+0x126/0x170
[  505.751967][T20721]  skb_clone+0x212/0x3a0
[  505.751986][T20721]  ? nfnetlink_rcv+0x4b0/0x27b0
[  505.752014][T20721]  nfnetlink_rcv+0x4de/0x27b0
[  505.752051][T20721]  ? lockdep_hardirqs_on+0x7a/0x110
[  505.752073][T20721]  ? __local_bh_enable_ip+0xd0/0x130
[  505.752105][T20721]  ? __dev_queue_xmit+0x2b6/0x3950
[  505.752124][T20721]  ? __dev_queue_xmit+0x1fe5/0x3950
[  505.752141][T20721]  ? __x64_sys_sendmsg+0x1bd/0x2a0
[  505.752168][T20721]  ? __dev_queue_xmit+0x2b6/0x3950
[  505.752193][T20721]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  505.752235][T20721]  ? ref_tracker_free+0x693/0x840
[  505.752262][T20721]  ? __pfx_ref_tracker_free+0x10/0x10
[  505.752300][T20721]  ? skb_clone+0x246/0x3a0
[  505.752324][T20721]  ? __netlink_deliver_tap+0x807/0x850
[  505.752351][T20721]  ? netlink_deliver_tap+0x2e/0x1b0
[  505.752386][T20721]  ? netlink_deliver_tap+0x2e/0x1b0
[  505.752412][T20721]  ? netlink_deliver_tap+0x2e/0x1b0
[  505.752443][T20721]  netlink_unicast+0x75c/0x8e0
[  505.752479][T20721]  netlink_sendmsg+0x813/0xb40
[  505.752513][T20721]  ? __pfx_netlink_sendmsg+0x10/0x10
[  505.752544][T20721]  ? aa_sock_msg_perm+0xf1/0x1b0
[  505.752574][T20721]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  505.752603][T20721]  ____sys_sendmsg+0x972/0x9f0
[  505.752622][T20721]  ? __might_fault+0xaf/0x130
[  505.752652][T20721]  ? __pfx_____sys_sendmsg+0x10/0x10
[  505.752681][T20721]  ? import_iovec+0x73/0xa0
[  505.752708][T20721]  ___sys_sendmsg+0x2a5/0x360
[  505.752726][T20721]  ? __lock_acquire+0x6b5/0x2cf0
[  505.752751][T20721]  ? __pfx____sys_sendmsg+0x10/0x10
[  505.752804][T20721]  ? __fget_files+0x2a/0x420
[  505.752826][T20721]  ? __fget_files+0x3a0/0x420
[  505.752858][T20721]  __x64_sys_sendmsg+0x1bd/0x2a0
[  505.752881][T20721]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  505.752912][T20721]  ? __pfx_ksys_write+0x10/0x10
[  505.752949][T20721]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  505.752971][T20721]  do_syscall_64+0x174/0x580
[  505.752989][T20721]  ? trace_irq_disable+0x3b/0x140
[  505.753018][T20721]  ? clear_bhb_loop+0x40/0x90
[  505.753043][T20721]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  505.753063][T20721] RIP: 0033:0x7f54e1d9ce59
[  505.753082][T20721] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  505.753108][T20721] RSP: 002b:00007f54e2cf8028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  505.753131][T20721] RAX: ffffffffffffffda RBX: 00007f54e2015fa0 RCX: 00007f54e1d9ce59
[  505.753144][T20721] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  505.753157][T20721] RBP: 00007f54e2cf8090 R08: 0000000000000000 R09: 0000000000000000
[  505.753169][T20721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  505.753180][T20721] R13: 00007f54e2016038 R14: 00007f54e2015fa0 R15: 00007ffec750e558
[  505.753213][T20721]  </TASK>
[  506.187654][T20712] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4461'.
[  506.445008][T20747] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4470'.
[  506.507472][T20747] 8021q: adding VLAN 0 to HW filter on device bond26
[  506.515608][T20747] bridge0: port 5(bond26) entered blocking state
[  506.525642][T20747] bridge0: port 5(bond26) entered disabled state
[  506.532492][T20747] bond26: entered allmulticast mode
[  506.540862][T20747] bond26: entered promiscuous mode
[  506.576031][T20760] SET target dimension over the limit!
[  506.581980][T20758] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4472'.
[  506.616349][T20763] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4474'.
[  506.767122][T20758] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4472'.
[  506.832463][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  507.578311][T20820] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4491'.
[  507.681572][T20825] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4493'.
[  507.733287][T20820] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4491'.
[  507.735166][T20827] openvswitch: netlink: Unexpected mask (mask=4000040, allowed=10048)
[  507.771244][T20817] syzkaller1: entered promiscuous mode
[  507.777537][T20817] syzkaller1: entered allmulticast mode
[  508.848370][T20877] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  508.971661][T20884] xt_limit: Overflow, try lower: 271964/0
[  509.063107][T20891] FAULT_INJECTION: forcing a failure.
[  509.063107][T20891] name failslab, interval 1, probability 0, space 0, times 0
[  509.076366][T20891] CPU: 0 UID: 0 PID: 20891 Comm: syz.4.4516 Not tainted syzkaller #0 PREEMPT(full) 
[  509.076394][T20891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  509.076406][T20891] Call Trace:
[  509.076414][T20891]  <TASK>
[  509.076423][T20891]  dump_stack_lvl+0xe8/0x150
[  509.076454][T20891]  should_fail_ex+0x412/0x560
[  509.076484][T20891]  should_failslab+0xa8/0x100
[  509.076507][T20891]  __kmalloc_cache_noprof+0x88/0x660
[  509.076537][T20891]  ? nft_trans_table_add+0x56/0x430
[  509.076563][T20891]  ? __asan_memset+0x22/0x50
[  509.076591][T20891]  nft_trans_table_add+0x56/0x430
[  509.076624][T20891]  nf_tables_newtable+0xce3/0x1910
[  509.076671][T20891]  nfnetlink_rcv+0x123e/0x27b0
[  509.076739][T20891]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  509.076794][T20891]  ? ref_tracker_free+0x693/0x840
[  509.076851][T20891]  ? __netlink_deliver_tap+0x807/0x850
[  509.076891][T20891]  ? netlink_deliver_tap+0x2e/0x1b0
[  509.076919][T20891]  ? netlink_deliver_tap+0x2e/0x1b0
[  509.076954][T20891]  netlink_unicast+0x75c/0x8e0
[  509.076994][T20891]  netlink_sendmsg+0x813/0xb40
[  509.077033][T20891]  ? __pfx_netlink_sendmsg+0x10/0x10
[  509.077066][T20891]  ? aa_sock_msg_perm+0xf1/0x1b0
[  509.077098][T20891]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  509.077134][T20891]  ____sys_sendmsg+0x972/0x9f0
[  509.077155][T20891]  ? __might_fault+0xaf/0x130
[  509.077187][T20891]  ? __pfx_____sys_sendmsg+0x10/0x10
[  509.077218][T20891]  ? import_iovec+0x73/0xa0
[  509.077247][T20891]  ___sys_sendmsg+0x2a5/0x360
[  509.077265][T20891]  ? __lock_acquire+0x6b5/0x2cf0
[  509.077292][T20891]  ? __pfx____sys_sendmsg+0x10/0x10
[  509.077353][T20891]  ? __fget_files+0x2a/0x420
[  509.077378][T20891]  ? __fget_files+0x3a0/0x420
[  509.077414][T20891]  __x64_sys_sendmsg+0x1bd/0x2a0
[  509.077437][T20891]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  509.077468][T20891]  ? __pfx_ksys_write+0x10/0x10
[  509.077507][T20891]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  509.077528][T20891]  do_syscall_64+0x174/0x580
[  509.077547][T20891]  ? trace_irq_disable+0x3b/0x140
[  509.077575][T20891]  ? clear_bhb_loop+0x40/0x90
[  509.077599][T20891]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  509.077619][T20891] RIP: 0033:0x7f0ca059ce59
[  509.077639][T20891] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  509.077655][T20891] RSP: 002b:00007f0ca13c5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  509.077678][T20891] RAX: ffffffffffffffda RBX: 00007f0ca0815fa0 RCX: 00007f0ca059ce59
[  509.077692][T20891] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  509.077704][T20891] RBP: 00007f0ca13c5090 R08: 0000000000000000 R09: 0000000000000000
[  509.077717][T20891] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  509.077730][T20891] R13: 00007f0ca0816038 R14: 00007f0ca0815fa0 R15: 00007fffc99ba7f8
[  509.077766][T20891]  </TASK>
[  509.566889][T20895] nbd: socks must be embedded in a SOCK_ITEM attr
[  509.821646][T20909] netlink: 'syz.2.4525': attribute type 1 has an invalid length.
[  509.838389][T20909] __nla_validate_parse: 7 callbacks suppressed
[  509.838409][T20909] netlink: 2108 bytes leftover after parsing attributes in process `syz.2.4525'.
[  509.858921][T20909] netlink: 'syz.2.4525': attribute type 1 has an invalid length.
[  509.869609][T20909] netlink: 2108 bytes leftover after parsing attributes in process `syz.2.4525'.
[  510.020073][T20923] netlink: 'syz.4.4529': attribute type 1 has an invalid length.
[  510.079383][T20926] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4529'.
[  510.104186][T20923] 8021q: adding VLAN 0 to HW filter on device bond24
[  510.114363][T20926] bond24: up delay (136) is not a multiple of miimon (100), value rounded to 100 ms
[  510.130981][T20926] bond24: entered allmulticast mode
[  510.184193][T20923] bond24: (slave ip6gretap1): Enslaving as an active interface with an up link
[  510.200986][T20923] x_tables: duplicate underflow at hook 1
[  510.215941][   T30] audit: type=1804 audit(1780060936.079:11): pid=20934 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.4531" name="/newroot/933/cgroup.controllers" dev="tmpfs" ino=4744 res=1 errno=0
[  510.263926][   T30] audit: type=1800 audit(1780060936.079:12): pid=20934 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.4531" name="cgroup.controllers" dev="tmpfs" ino=4744 res=0 errno=0
[  510.311523][T20938] netlink: 72 bytes leftover after parsing attributes in process `syz.2.4532'.
[  510.322636][T20938] netlink: 72 bytes leftover after parsing attributes in process `syz.2.4532'.
[  510.336639][T20941] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4533'.
[  510.376910][T20941] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4533'.
[  510.610850][T20956] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  510.870191][   T30] audit: type=1107 audit(1780060936.729:13): pid=20969 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='u�{���K��F��k���9$���r.��M�.]CZRv;�U��h�z�}�V�N'9�dnAK���r5F��+t�ro!�<h��[y�@�4�ei��
[  510.870191][   T30] f��s7L�sS៽�Kf�̟MX�`s&LL'p��Ȯ"�r�Qjk^��֭\���%X;P�sɍٜ~��D���� T�-O��CL'
[  511.058217][T20981] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not security
[  511.129047][T20985] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4548'.
[  511.207924][T20985] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4548'.
[  511.319805][T20991] netlink: 'syz.1.4550': attribute type 1 has an invalid length.
[  511.850251][T21022] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not security
[  511.973988][T21026] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.4562'.
[  512.237491][T21044] 8021q: adding VLAN 0 to HW filter on device bond0
[  512.301646][T21048] nbd: must specify at least one socket
[  512.393203][T21053] IPVS: length: 51 != 8
[  512.733738][T21064] netlink: 'syz.3.4577': attribute type 1 has an invalid length.
[  512.848821][T21072] bond27: (slave ip6gre1): The slave device specified does not support setting the MAC address
[  512.860174][T21072] bond27: (slave ip6gre1): Setting fail_over_mac to active for active-backup mode
[  512.917388][T21072] bond27: (slave ip6gre1): making interface the new active one
[  512.936282][T21072] bond27: (slave ip6gre1): Enslaving as an active interface with an up link
[  512.977567][T21077] syzkaller0: entered promiscuous mode
[  512.997238][T21077] syzkaller0: entered allmulticast mode
[  513.193225][T21093] netlink: 'syz.0.4584': attribute type 5 has an invalid length.
[  513.495999][T21110] bond25: left allmulticast mode
[  513.511529][T21110] bond25: left promiscuous mode
[  513.523842][T21110] bridge0: port 9(bond25) entered disabled state
[  513.560165][T21110] bond23: left allmulticast mode
[  513.597888][T21110] bond23: left promiscuous mode
[  513.628047][T21110] bridge0: port 8(bond23) entered disabled state
[  513.663532][T21110] bond21: left allmulticast mode
[  513.670646][T21110] bond21: left promiscuous mode
[  513.697026][T21110] bridge0: port 7(bond21) entered disabled state
[  513.718652][T21110] bond18: left allmulticast mode
[  513.734096][T21110] bond18: left promiscuous mode
[  513.745682][T21110] bridge0: port 6(bond18) entered disabled state
[  513.766417][T21110] bond13: left allmulticast mode
[  513.771712][T21110] bond13: left promiscuous mode
[  513.779504][T21110] bridge0: port 5(bond13) entered disabled state
[  513.794893][T21110] bond12: left allmulticast mode
[  513.805802][T21110] bond12: left promiscuous mode
[  513.818043][T21110] bridge0: port 4(bond12) entered disabled state
[  513.839756][T21110] bond11: left allmulticast mode
[  513.851323][T21110] bond11: left promiscuous mode
[  513.859109][T21110] bridge0: port 3(bond11) entered disabled state
[  513.869444][T21110] bridge_slave_1: left allmulticast mode
[  513.883520][T21110] bridge_slave_1: left promiscuous mode
[  513.889544][T21110] bridge0: port 2(bridge_slave_1) entered disabled state
[  513.900797][T21110] bridge_slave_0: left promiscuous mode
[  513.906895][T21110] bridge0: port 1(bridge_slave_0) entered disabled state
[  514.084835][T21132] netem: incorrect ge model size
[  514.244403][T21141] FAULT_INJECTION: forcing a failure.
[  514.244403][T21141] name failslab, interval 1, probability 0, space 0, times 0
[  514.257183][T21141] CPU: 1 UID: 0 PID: 21141 Comm: syz.4.4599 Not tainted syzkaller #0 PREEMPT(full) 
[  514.257210][T21141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  514.257222][T21141] Call Trace:
[  514.257230][T21141]  <TASK>
[  514.257239][T21141]  dump_stack_lvl+0xe8/0x150
[  514.257268][T21141]  should_fail_ex+0x412/0x560
[  514.257298][T21141]  should_failslab+0xa8/0x100
[  514.257322][T21141]  kmem_cache_alloc_bulk_noprof+0x8c/0x7c0
[  514.257357][T21141]  ? pfn_valid+0x125/0x4c0
[  514.257379][T21141]  ? pfn_valid+0x125/0x4c0
[  514.257403][T21141]  bpf_test_run_xdp_live+0x179c/0x1cf0
[  514.257457][T21141]  ? bpf_test_run_xdp_live+0x438/0x1cf0
[  514.257495][T21141]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  514.257551][T21141]  ? 0xffffffffa02030d4
[  514.257601][T21141]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  514.257634][T21141]  ? _copy_from_user+0x94/0xb0
[  514.257660][T21141]  ? bpf_test_init+0x113/0x150
[  514.257686][T21141]  ? xdp_convert_md_to_buff+0x5b/0x330
[  514.257719][T21141]  bpf_prog_test_run_xdp+0x81c/0x1160
[  514.257766][T21141]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  514.257801][T21141]  ? __fget_files+0x2a/0x420
[  514.257833][T21141]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  514.257865][T21141]  bpf_prog_test_run+0x2c7/0x340
[  514.257891][T21141]  __sys_bpf+0x643/0x950
[  514.257923][T21141]  ? __pfx___sys_bpf+0x10/0x10
[  514.257970][T21141]  ? ksys_write+0x242/0x270
[  514.258011][T21141]  ? __pfx_ksys_write+0x10/0x10
[  514.258045][T21141]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  514.258068][T21141]  __x64_sys_bpf+0x7c/0x90
[  514.258097][T21141]  do_syscall_64+0x174/0x580
[  514.258117][T21141]  ? trace_irq_disable+0x3b/0x140
[  514.258144][T21141]  ? clear_bhb_loop+0x40/0x90
[  514.258167][T21141]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  514.258185][T21141] RIP: 0033:0x7f0ca059ce59
[  514.258203][T21141] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  514.258219][T21141] RSP: 002b:00007f0ca13c5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  514.258241][T21141] RAX: ffffffffffffffda RBX: 00007f0ca0815fa0 RCX: 00007f0ca059ce59
[  514.258254][T21141] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  514.258266][T21141] RBP: 00007f0ca13c5090 R08: 0000000000000000 R09: 0000000000000000
[  514.258277][T21141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  514.258288][T21141] R13: 00007f0ca0816038 R14: 00007f0ca0815fa0 R15: 00007fffc99ba7f8
[  514.258320][T21141]  </TASK>
[  515.201935][T21178] netlink: 'syz.1.4612': attribute type 2 has an invalid length.
[  515.223871][T21178] netlink: 'syz.1.4612': attribute type 8 has an invalid length.
[  515.245110][T21178] __nla_validate_parse: 7 callbacks suppressed
[  515.245132][T21178] netlink: 132 bytes leftover after parsing attributes in process `syz.1.4612'.
[  515.317388][T21184] netlink: 'syz.3.4613': attribute type 1 has an invalid length.
[  515.361000][T21188] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4610'.
[  515.378602][T21184] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  515.404561][T21188] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4610'.
[  515.616959][T21200] .`: entered promiscuous mode
[  515.627348][T21200] netdevsim netdevsim4 netdevsim1: entered promiscuous mode
[  515.646054][T21205] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4619'.
[  515.707676][T21205] team1: entered promiscuous mode
[  515.719611][T21205] team1: entered allmulticast mode
[  515.875604][T21219] FAULT_INJECTION: forcing a failure.
[  515.875604][T21219] name failslab, interval 1, probability 0, space 0, times 0
[  515.889921][T21219] CPU: 0 UID: 0 PID: 21219 Comm: syz.2.4624 Not tainted syzkaller #0 PREEMPT(full) 
[  515.889950][T21219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  515.889961][T21219] Call Trace:
[  515.889969][T21219]  <TASK>
[  515.889978][T21219]  dump_stack_lvl+0xe8/0x150
[  515.890018][T21219]  should_fail_ex+0x412/0x560
[  515.890046][T21219]  should_failslab+0xa8/0x100
[  515.890069][T21219]  __kmalloc_cache_noprof+0x88/0x660
[  515.890101][T21219]  ? nf_tables_newchain+0x1df0/0x2890
[  515.890131][T21219]  nf_tables_newchain+0x1df0/0x2890
[  515.890174][T21219]  ? __pfx_nf_tables_newchain+0x10/0x10
[  515.890221][T21219]  ? nft_trans_table_add+0x230/0x430
[  515.890249][T21219]  ? nfnl_pernet+0x23/0x240
[  515.890277][T21219]  ? nfnl_pernet+0x23/0x240
[  515.890313][T21219]  ? __nla_parse+0x40/0x60
[  515.890342][T21219]  nfnetlink_rcv+0x123e/0x27b0
[  515.890410][T21219]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  515.890452][T21219]  ? ref_tracker_free+0x693/0x840
[  515.890503][T21219]  ? __netlink_deliver_tap+0x807/0x850
[  515.890543][T21219]  ? netlink_deliver_tap+0x2e/0x1b0
[  515.890571][T21219]  ? netlink_deliver_tap+0x2e/0x1b0
[  515.890607][T21219]  netlink_unicast+0x75c/0x8e0
[  515.890648][T21219]  netlink_sendmsg+0x813/0xb40
[  515.890690][T21219]  ? __pfx_netlink_sendmsg+0x10/0x10
[  515.890725][T21219]  ? aa_sock_msg_perm+0xf1/0x1b0
[  515.890754][T21219]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  515.890786][T21219]  ____sys_sendmsg+0x972/0x9f0
[  515.890807][T21219]  ? __might_fault+0xaf/0x130
[  515.890841][T21219]  ? __pfx_____sys_sendmsg+0x10/0x10
[  515.890872][T21219]  ? import_iovec+0x73/0xa0
[  515.890902][T21219]  ___sys_sendmsg+0x2a5/0x360
[  515.890921][T21219]  ? __lock_acquire+0x6b5/0x2cf0
[  515.890949][T21219]  ? __pfx____sys_sendmsg+0x10/0x10
[  515.891019][T21219]  ? __fget_files+0x2a/0x420
[  515.891043][T21219]  ? __fget_files+0x3a0/0x420
[  515.891078][T21219]  __x64_sys_sendmsg+0x1bd/0x2a0
[  515.891102][T21219]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  515.891134][T21219]  ? __pfx_ksys_write+0x10/0x10
[  515.891174][T21219]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  515.891196][T21219]  do_syscall_64+0x174/0x580
[  515.891216][T21219]  ? trace_irq_disable+0x3b/0x140
[  515.891246][T21219]  ? clear_bhb_loop+0x40/0x90
[  515.891272][T21219]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  515.891292][T21219] RIP: 0033:0x7f7fe299ce59
[  515.891319][T21219] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  515.891336][T21219] RSP: 002b:00007f7fe3825028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  515.891359][T21219] RAX: ffffffffffffffda RBX: 00007f7fe2c15fa0 RCX: 00007f7fe299ce59
[  515.891374][T21219] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  515.891386][T21219] RBP: 00007f7fe3825090 R08: 0000000000000000 R09: 0000000000000000
[  515.891398][T21219] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  515.891410][T21219] R13: 00007f7fe2c16038 R14: 00007f7fe2c15fa0 R15: 00007ffe792555c8
[  515.891445][T21219]  </TASK>
[  516.405134][T21235] vcan0: tx drop: invalid sa for name 0x0000000000000002
[  516.854823][T21263] ieee802154 phy0 wpan0: encryption failed: -22
[  517.003508][T21268] netlink: 'syz.2.4637': attribute type 1 has an invalid length.
[  517.031211][T21273] FAULT_INJECTION: forcing a failure.
[  517.031211][T21273] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  517.052294][T21273] CPU: 0 UID: 0 PID: 21273 Comm: syz.1.4639 Not tainted syzkaller #0 PREEMPT(full) 
[  517.052324][T21273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  517.052336][T21273] Call Trace:
[  517.052345][T21273]  <TASK>
[  517.052353][T21273]  dump_stack_lvl+0xe8/0x150
[  517.052380][T21273]  should_fail_ex+0x412/0x560
[  517.052409][T21273]  _copy_to_user+0x31/0xb0
[  517.052437][T21273]  simple_read_from_buffer+0xe1/0x170
[  517.052469][T21273]  proc_fail_nth_read+0x1bb/0x230
[  517.052499][T21273]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  517.052529][T21273]  ? rw_verify_area+0x2a6/0x4d0
[  517.052557][T21273]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  517.052585][T21273]  vfs_read+0x20c/0xa70
[  517.052619][T21273]  ? __pfx___mutex_lock+0x10/0x10
[  517.052643][T21273]  ? __pfx_vfs_read+0x10/0x10
[  517.052673][T21273]  ? __fget_files+0x2a/0x420
[  517.052701][T21273]  ? __fget_files+0x3a0/0x420
[  517.052724][T21273]  ? __fget_files+0x2a/0x420
[  517.052766][T21273]  ksys_read+0x150/0x270
[  517.052796][T21273]  ? __pfx_ksys_read+0x10/0x10
[  517.052832][T21273]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  517.052855][T21273]  do_syscall_64+0x174/0x580
[  517.052873][T21273]  ? trace_irq_disable+0x3b/0x140
[  517.052901][T21273]  ? clear_bhb_loop+0x40/0x90
[  517.052924][T21273]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  517.052944][T21273] RIP: 0033:0x7f54e1d5d68e
[  517.052964][T21273] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  517.052981][T21273] RSP: 002b:00007f54e2cf7fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  517.053003][T21273] RAX: ffffffffffffffda RBX: 00007f54e2cf86c0 RCX: 00007f54e1d5d68e
[  517.053018][T21273] RDX: 000000000000000f RSI: 00007f54e2cf80a0 RDI: 0000000000000005
[  517.053029][T21273] RBP: 00007f54e2cf8090 R08: 0000000000000000 R09: 0000000000000000
[  517.053041][T21273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  517.053053][T21273] R13: 00007f54e2016038 R14: 00007f54e2015fa0 R15: 00007ffec750e558
[  517.053088][T21273]  </TASK>
[  517.055260][T21268] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  517.189362][T21278] netlink: 412 bytes leftover after parsing attributes in process `syz.3.4642'.
[  517.791846][T21300] syzkaller0: entered promiscuous mode
[  517.811688][T21300] syzkaller0: entered allmulticast mode
[  517.890649][T21304] gre1: entered promiscuous mode
[  518.707616][T21348] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  518.718238][T21358] netlink: 'syz.1.4662': attribute type 1 has an invalid length.
[  518.744474][T21358] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  518.867200][T21367] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4664'.
[  519.099130][T21377] bond27 (unregistering): Released all slaves
[  519.136335][T21387] A link change request failed with some changes committed already. Interface wg2 may have been left with an inconsistent configuration, please check.
[  519.184859][T21387] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  520.189152][T21439] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4683'.
[  520.259685][T21441] netlink: 'syz.3.4686': attribute type 1 has an invalid length.
[  520.270828][T21441] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  520.373244][T21441] veth0_macvtap: Caught tx_queue_len zero misconfig
[  520.457986][T21448] netlink: 48 bytes leftover after parsing attributes in process `syz.2.4690'.
[  520.478911][T21446] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4686'.
[  520.683175][T21457] netlink: 96 bytes leftover after parsing attributes in process `syz.0.4691'.
[  520.747326][T21457] xt_hashlimit: overflow, try lower: 3/0
[  520.912288][T21466] netlink: 'syz.0.4691': attribute type 1 has an invalid length.
[  520.953168][T21466] netlink: 'syz.0.4691': attribute type 2 has an invalid length.
[  521.009173][T21466] netlink: 'syz.0.4691': attribute type 1 has an invalid length.
[  521.038593][T21466] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4691'.
[  521.321782][T21476] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4696'.
[  521.435195][T21470] bridge: RTM_NEWNEIGH with unconfigured vlan 1 on bridge0
[  521.570071][T21481] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4701'.
[  521.614386][T21481] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4701'.
[  521.629647][T21483] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4702'.
[  521.690336][T21485] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4700'.
[  522.287803][T21513] netlink: 'syz.4.4709': attribute type 1 has an invalid length.
[  522.751186][T21530] syzkaller1: entered promiscuous mode
[  522.768841][T21530] syzkaller1: entered allmulticast mode
[  522.805746][T21538] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4714'.
[  523.290782][T21561] netlink: 'syz.0.4721': attribute type 28 has an invalid length.
[  523.344994][T21561] netlink: 'syz.0.4721': attribute type 3 has an invalid length.
[  523.651654][T21599] netlink: 'syz.3.4725': attribute type 12 has an invalid length.
[  523.802670][T21605] FAULT_INJECTION: forcing a failure.
[  523.802670][T21605] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  523.834035][T21605] CPU: 1 UID: 0 PID: 21605 Comm: syz.3.4729 Not tainted syzkaller #0 PREEMPT(full) 
[  523.834066][T21605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  523.834078][T21605] Call Trace:
[  523.834085][T21605]  <TASK>
[  523.834094][T21605]  dump_stack_lvl+0xe8/0x150
[  523.834124][T21605]  should_fail_ex+0x412/0x560
[  523.834151][T21605]  _copy_from_iter+0x1d3/0x1670
[  523.834178][T21605]  ? rcu_is_watching+0x15/0xb0
[  523.834207][T21605]  ? __pfx__copy_from_iter+0x10/0x10
[  523.834237][T21605]  ? netlink_sendmsg+0x650/0xb40
[  523.834264][T21605]  ? skb_put+0x11b/0x210
[  523.834295][T21605]  netlink_sendmsg+0x6c0/0xb40
[  523.834333][T21605]  ? __pfx_netlink_sendmsg+0x10/0x10
[  523.834365][T21605]  ? aa_sock_msg_perm+0xf1/0x1b0
[  523.834394][T21605]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  523.834423][T21605]  ____sys_sendmsg+0x972/0x9f0
[  523.834443][T21605]  ? __might_fault+0xaf/0x130
[  523.834475][T21605]  ? __pfx_____sys_sendmsg+0x10/0x10
[  523.834505][T21605]  ? import_iovec+0x73/0xa0
[  523.834532][T21605]  ___sys_sendmsg+0x2a5/0x360
[  523.834549][T21605]  ? __lock_acquire+0x6b5/0x2cf0
[  523.834574][T21605]  ? __pfx____sys_sendmsg+0x10/0x10
[  523.834631][T21605]  ? __fget_files+0x2a/0x420
[  523.834653][T21605]  ? __fget_files+0x3a0/0x420
[  523.834687][T21605]  __x64_sys_sendmsg+0x1bd/0x2a0
[  523.834709][T21605]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  523.834747][T21605]  ? __pfx_ksys_write+0x10/0x10
[  523.834783][T21605]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  523.834804][T21605]  do_syscall_64+0x174/0x580
[  523.834823][T21605]  ? trace_irq_disable+0x3b/0x140
[  523.834848][T21605]  ? clear_bhb_loop+0x40/0x90
[  523.834872][T21605]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  523.834891][T21605] RIP: 0033:0x7f4323b9ce59
[  523.834910][T21605] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  523.834926][T21605] RSP: 002b:00007f432499c028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  523.834948][T21605] RAX: ffffffffffffffda RBX: 00007f4323e15fa0 RCX: 00007f4323b9ce59
[  523.834963][T21605] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000004
[  523.834973][T21605] RBP: 00007f432499c090 R08: 0000000000000000 R09: 0000000000000000
[  523.834985][T21605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  523.834997][T21605] R13: 00007f4323e16038 R14: 00007f4323e15fa0 R15: 00007fff3a77f968
[  523.835029][T21605]  </TASK>
[  523.869238][T21600] vlan1: entered promiscuous mode
[  524.007708][T21606] can: request_module (can-proto-0) failed.
[  524.009617][T21606] openvswitch: netlink: Unexpected mask (mask=201040, allowed=10048)
[  524.122700][T21600] hsr0: entered promiscuous mode
[  524.153242][T21600] vlan1: entered allmulticast mode
[  524.161172][T21600] hsr0: entered allmulticast mode
[  524.179357][T21600] hsr_slave_0: entered allmulticast mode
[  524.187632][T21600] hsr_slave_1: entered allmulticast mode
[  524.571643][T21627] netlink: 'syz.3.4735': attribute type 1 has an invalid length.
[  524.852923][T21647] netlink: 'syz.2.4739': attribute type 4 has an invalid length.
[  524.862576][T21631] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  524.886096][T21644] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[  525.166004][T21656] FAULT_INJECTION: forcing a failure.
[  525.166004][T21656] name failslab, interval 1, probability 0, space 0, times 0
[  525.212779][T21656] CPU: 0 UID: 0 PID: 21656 Comm: syz.3.4742 Not tainted syzkaller #0 PREEMPT(full) 
[  525.212808][T21656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  525.212820][T21656] Call Trace:
[  525.212828][T21656]  <TASK>
[  525.212835][T21656]  dump_stack_lvl+0xe8/0x150
[  525.212859][T21656]  should_fail_ex+0x412/0x560
[  525.212882][T21656]  should_failslab+0xa8/0x100
[  525.212899][T21656]  __kmalloc_noprof+0xe8/0x760
[  525.212922][T21656]  ? genl_family_rcv_msg_attrs_parse+0xd0/0x2f0
[  525.212948][T21656]  genl_family_rcv_msg_attrs_parse+0xd0/0x2f0
[  525.212988][T21656]  genl_family_rcv_msg_doit+0xd9/0x330
[  525.213016][T21656]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  525.213042][T21656]  ? apparmor_capable+0x126/0x170
[  525.213061][T21656]  ? bpf_lsm_capable+0x9/0x20
[  525.213077][T21656]  ? security_capable+0x7e/0x2c0
[  525.213104][T21656]  genl_rcv_msg+0x61c/0x7a0
[  525.213128][T21656]  ? __pfx_genl_rcv_msg+0x10/0x10
[  525.213144][T21656]  ? __pfx_net_dm_nl_pre_doit+0x10/0x10
[  525.213165][T21656]  ? __pfx_net_dm_cmd_config+0x10/0x10
[  525.213185][T21656]  ? __pfx_net_dm_nl_post_doit+0x10/0x10
[  525.213220][T21656]  netlink_rcv_skb+0x232/0x4b0
[  525.213244][T21656]  ? __pfx_genl_rcv_msg+0x10/0x10
[  525.213263][T21656]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  525.213300][T21656]  ? down_read+0x270/0x2e0
[  525.213317][T21656]  ? genl_rcv+0xd/0x40
[  525.213335][T21656]  genl_rcv+0x28/0x40
[  525.213351][T21656]  netlink_unicast+0x75c/0x8e0
[  525.213382][T21656]  netlink_sendmsg+0x813/0xb40
[  525.213413][T21656]  ? __pfx_netlink_sendmsg+0x10/0x10
[  525.213439][T21656]  ? aa_sock_msg_perm+0xf1/0x1b0
[  525.213461][T21656]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  525.213485][T21656]  ____sys_sendmsg+0x972/0x9f0
[  525.213500][T21656]  ? __might_fault+0xaf/0x130
[  525.213526][T21656]  ? __pfx_____sys_sendmsg+0x10/0x10
[  525.213550][T21656]  ? import_iovec+0x73/0xa0
[  525.213572][T21656]  ___sys_sendmsg+0x2a5/0x360
[  525.213586][T21656]  ? __lock_acquire+0x6b5/0x2cf0
[  525.213607][T21656]  ? __pfx____sys_sendmsg+0x10/0x10
[  525.213655][T21656]  ? __fget_files+0x2a/0x420
[  525.213673][T21656]  ? __fget_files+0x3a0/0x420
[  525.213701][T21656]  __x64_sys_sendmsg+0x1bd/0x2a0
[  525.213720][T21656]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  525.213744][T21656]  ? __pfx_ksys_write+0x10/0x10
[  525.213775][T21656]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  525.213792][T21656]  do_syscall_64+0x174/0x580
[  525.213807][T21656]  ? trace_irq_disable+0x3b/0x140
[  525.213828][T21656]  ? clear_bhb_loop+0x40/0x90
[  525.213848][T21656]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  525.213863][T21656] RIP: 0033:0x7f4323b9ce59
[  525.213880][T21656] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  525.213893][T21656] RSP: 002b:00007f432499c028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  525.213912][T21656] RAX: ffffffffffffffda RBX: 00007f4323e15fa0 RCX: 00007f4323b9ce59
[  525.213923][T21656] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000004
[  525.213933][T21656] RBP: 00007f432499c090 R08: 0000000000000000 R09: 0000000000000000
[  525.213943][T21656] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  525.213952][T21656] R13: 00007f4323e16038 R14: 00007f4323e15fa0 R15: 00007fff3a77f968
[  525.213986][T21656]  </TASK>
[  525.796118][T21671] __nla_validate_parse: 6 callbacks suppressed
[  525.796138][T21671] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4747'.
[  525.860349][T21671] netlink: 288 bytes leftover after parsing attributes in process `syz.4.4747'.
[  526.002979][T21689] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  526.050388][T21693] netlink: 'syz.0.4752': attribute type 1 has an invalid length.
[  526.789166][T21732] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  527.075502][T21740] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4766'.
[  527.099429][T21739] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4766'.
[  527.146919][T21739] netlink: 'syz.3.4766': attribute type 7 has an invalid length.
[  527.153104][T21740] netlink: 'syz.3.4766': attribute type 7 has an invalid length.
[  527.162497][T21740] netlink: 'syz.3.4766': attribute type 8 has an invalid length.
[  527.170257][T21740] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4766'.
[  527.172429][T21739] netlink: 'syz.3.4766': attribute type 8 has an invalid length.
[  527.244883][T21739] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4766'.
[  527.689588][T21768] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4777'.
[  527.723360][T21771] netlink: 232 bytes leftover after parsing attributes in process `syz.1.4775'.
[  528.015583][T21786] netlink: 'syz.3.4783': attribute type 1 has an invalid length.
[  528.459863][T21815] macvtap0: entered allmulticast mode
[  528.465694][T21815] veth0_macvtap: entered allmulticast mode
[  530.689410][T21772] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  530.870317][T21827] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4793'.
[  530.937548][T21833] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4795'.
[  531.307020][T21851] pimreg: left allmulticast mode
[  532.019780][T21890] netlink: 1024 bytes leftover after parsing attributes in process `syz.0.4813'.
[  532.516349][T21914] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4823'.
[  532.524000][T21918] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4824'.
[  532.632379][T21924] netlink: 'syz.4.4826': attribute type 9 has an invalid length.
[  532.662655][T21916] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4822'.
[  532.717191][T21914] bond20: entered allmulticast mode
[  532.744898][T21927] veth19: entered allmulticast mode
[  532.754251][T21927] bond20: (slave veth19): Enslaving as an active interface with an up link
[  532.817276][T21924] netlink: 'syz.4.4826': attribute type 1 has an invalid length.
[  532.845040][T21924] netlink: 244 bytes leftover after parsing attributes in process `syz.4.4826'.
[  532.971875][T21937] xt_hashlimit: size too large, truncated to 1048576
[  532.979677][T21939] netlink: 'syz.2.4828': attribute type 11 has an invalid length.
[  533.036021][T21940] netlink: 'syz.0.4829': attribute type 13 has an invalid length.
[  533.717383][T21975] netlink: 'syz.2.4841': attribute type 1 has an invalid length.
[  533.753375][T21975] 8021q: adding VLAN 0 to HW filter on device bond21
[  533.760918][T21973] netlink: 'syz.3.4840': attribute type 1 has an invalid length.
[  533.769795][T21978] netlink: 'syz.1.4839': attribute type 5 has an invalid length.
[  533.769821][T21978] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4839'.
[  533.883328][T21973] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  533.919532][T21982] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4839'.
[  533.944699][T21984] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4842'.
[  534.087236][T21991] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  534.322861][T22003] netem: incorrect ge model size
[  534.328787][T22003] netem: change failed
[  534.664907][T22024] bond0: Caught tx_queue_len zero misconfig
[  534.684510][T22027] : renamed from veth1_to_team (while UP)
[  535.007600][T22040] sctp: [Deprecated]: syz.3.4864 (pid 22040) Use of struct sctp_assoc_value in delayed_ack socket option.
[  535.007600][T22040] Use struct sctp_sack_info instead
[  535.015522][T22044] netlink: 'syz.0.4866': attribute type 1 has an invalid length.
[  535.051453][T22044] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  535.159803][T22049] netlink: 'syz.3.4864': attribute type 10 has an invalid length.
[  535.250116][T22051] openvswitch: netlink: EtherType 0 is less than min 600
[  535.638790][T22065] netlink: 'syz.3.4874': attribute type 1 has an invalid length.
[  535.647571][T22063] ieee802154 phy0 wpan0: encryption failed: -22
[  535.991481][T22083] __nla_validate_parse: 9 callbacks suppressed
[  535.991502][T22083] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4880'.
[  536.016516][T22082] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4881'.
[  536.054017][T22085] openvswitch: netlink: IP tunnel dst address not specified
[  536.148938][T22083] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4880'.
[  536.186856][T22091] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4883'.
[  536.210023][T22091] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4883'.
[  536.300122][T22092] netlink: 27 bytes leftover after parsing attributes in process `syz.3.4885'.
[  536.315797][T22097] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  536.491997][T22105] FAULT_INJECTION: forcing a failure.
[  536.491997][T22105] name failslab, interval 1, probability 0, space 0, times 0
[  536.525500][T22105] CPU: 0 UID: 0 PID: 22105 Comm: syz.1.4891 Not tainted syzkaller #0 PREEMPT(full) 
[  536.525529][T22105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  536.525539][T22105] Call Trace:
[  536.525547][T22105]  <TASK>
[  536.525555][T22105]  dump_stack_lvl+0xe8/0x150
[  536.525584][T22105]  should_fail_ex+0x412/0x560
[  536.525611][T22105]  should_failslab+0xa8/0x100
[  536.525633][T22105]  __kmalloc_noprof+0xe8/0x760
[  536.525656][T22105]  ? __pfx_nft_data_init+0x10/0x10
[  536.525687][T22105]  ? nft_pernet+0x23/0x240
[  536.525709][T22105]  ? nft_set_elem_init+0xa8/0x7e0
[  536.525739][T22105]  nft_set_elem_init+0xa8/0x7e0
[  536.525776][T22105]  nf_tables_newsetelem+0x22f3/0x4340
[  536.525847][T22105]  ? __pfx_nf_tables_newsetelem+0x10/0x10
[  536.525885][T22105]  ? nla_validate_array+0xfc/0x260
[  536.525944][T22105]  ? __pfx___nla_validate_parse+0x10/0x10
[  536.525977][T22105]  ? __pfx_nf_tables_newset+0x10/0x10
[  536.526007][T22105]  ? nfnl_pernet+0x23/0x240
[  536.526035][T22105]  ? nfnl_pernet+0x23/0x240
[  536.526073][T22105]  ? __nla_parse+0x40/0x60
[  536.526103][T22105]  nfnetlink_rcv+0x123e/0x27b0
[  536.526171][T22105]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  536.526218][T22105]  ? ref_tracker_free+0x693/0x840
[  536.526277][T22105]  ? __netlink_deliver_tap+0x807/0x850
[  536.526318][T22105]  ? netlink_deliver_tap+0x2e/0x1b0
[  536.526347][T22105]  ? netlink_deliver_tap+0x2e/0x1b0
[  536.526383][T22105]  netlink_unicast+0x75c/0x8e0
[  536.526422][T22105]  netlink_sendmsg+0x813/0xb40
[  536.526461][T22105]  ? __pfx_netlink_sendmsg+0x10/0x10
[  536.526492][T22105]  ? aa_sock_msg_perm+0xf1/0x1b0
[  536.526521][T22105]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  536.526551][T22105]  ____sys_sendmsg+0x972/0x9f0
[  536.526571][T22105]  ? __might_fault+0xaf/0x130
[  536.526603][T22105]  ? __pfx_____sys_sendmsg+0x10/0x10
[  536.526634][T22105]  ? import_iovec+0x73/0xa0
[  536.526664][T22105]  ___sys_sendmsg+0x2a5/0x360
[  536.526696][T22105]  ? __lock_acquire+0x6b5/0x2cf0
[  536.526724][T22105]  ? __pfx____sys_sendmsg+0x10/0x10
[  536.526786][T22105]  ? __fget_files+0x2a/0x420
[  536.526810][T22105]  ? __fget_files+0x3a0/0x420
[  536.526845][T22105]  __x64_sys_sendmsg+0x1bd/0x2a0
[  536.526869][T22105]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  536.526899][T22105]  ? __pfx_ksys_write+0x10/0x10
[  536.526935][T22105]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  536.526956][T22105]  do_syscall_64+0x174/0x580
[  536.526976][T22105]  ? trace_irq_disable+0x3b/0x140
[  536.527004][T22105]  ? clear_bhb_loop+0x40/0x90
[  536.527029][T22105]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  536.527049][T22105] RIP: 0033:0x7f54e1d9ce59
[  536.527070][T22105] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  536.527087][T22105] RSP: 002b:00007f54e2cf8028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  536.527109][T22105] RAX: ffffffffffffffda RBX: 00007f54e2015fa0 RCX: 00007f54e1d9ce59
[  536.527124][T22105] RDX: 0000000000000040 RSI: 0000200000009b40 RDI: 0000000000000003
[  536.527136][T22105] RBP: 00007f54e2cf8090 R08: 0000000000000000 R09: 0000000000000000
[  536.527148][T22105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  536.527160][T22105] R13: 00007f54e2016038 R14: 00007f54e2015fa0 R15: 00007ffec750e558
[  536.527195][T22105]  </TASK>
[  536.986668][T22113] xt_TCPMSS: Only works on TCP SYN packets
[  537.050170][T22116] syzkaller0: entered promiscuous mode
[  537.056093][T22116] syzkaller0: entered allmulticast mode
[  537.328709][T22136] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4900'.
[  537.335866][T22140] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4900'.
[  537.348812][T22136] netlink: 48 bytes leftover after parsing attributes in process `syz.1.4900'.
[  537.617164][T22151] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4905'.
[  538.144503][T22163] validate_nla: 4 callbacks suppressed
[  538.144557][T22163] netlink: 'syz.3.4907': attribute type 3 has an invalid length.
[  538.246188][T22166] netlink: 'syz.1.4908': attribute type 1 has an invalid length.
[  541.055993][T22189] __nla_validate_parse: 2 callbacks suppressed
[  541.056018][T22189] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4914'.
[  541.124753][T22195] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4916'.
[  541.152320][T22195] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4916'.
[  541.388932][T22210] openvswitch: netlink: IP tunnel dst address not specified
[  541.509135][T22212] netlink: 'syz.3.4922': attribute type 1 has an invalid length.
[  541.531397][T22212] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  541.552754][T22215] netlink: 232 bytes leftover after parsing attributes in process `syz.4.4923'.
[  541.569967][T22220] veth0_to_bridge: entered promiscuous mode
[  541.576844][T22220] veth0_to_bridge: left promiscuous mode
[  541.585069][T22220] netlink: 'syz.0.4921': attribute type 1 has an invalid length.
[  541.664328][T22220] openvswitch: netlink: Invalid MD length 0 for MD type 0
[  541.682188][T22220] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  541.966974][T22242] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4931'.
[  542.001237][T22241] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4926'.
[  542.060778][T22242] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4931'.
[  542.070272][T22248] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4927'.
[  542.171696][T22231] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4927'.
[  542.227343][T22254] netlink: 52 bytes leftover after parsing attributes in process `syz.2.4933'.
[  542.374694][T22266] x_tables: duplicate underflow at hook 2
[  542.444913][T22269] sock: sock_set_timeout: `syz.4.4937' (pid 22269) tries to set negative timeout
[  542.564747][T22272] �x9�: renamed from bridge_slave_0
[  542.836036][T22286] openvswitch: netlink: IP tunnel TTL not specified.
[  542.910849][T22294] netlink: 'syz.0.4943': attribute type 4 has an invalid length.
[  542.968241][T22294] netlink: 'syz.0.4943': attribute type 4 has an invalid length.
[  543.096680][T22299] netlink: 'syz.3.4944': attribute type 1 has an invalid length.
[  543.125012][T22299] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  543.581111][T22333] netlink: 'syz.1.4950': attribute type 4 has an invalid length.
[  544.122377][T22357] netem: incorrect ge model size
[  544.139696][T22357] netem: change failed
[  544.441555][T22376] netlink: 'syz.2.4963': attribute type 1 has an invalid length.
[  545.220460][T22374] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  545.359924][T22373] tipc: Disabling bearer <eth:syzkaller0>
[  545.395968][T22388] netlink: 'syz.1.4966': attribute type 7 has an invalid length.
[  545.626814][T22394] netlink: 'syz.3.4968': attribute type 2 has an invalid length.
[  545.658562][T22394] netlink: 'syz.3.4968': attribute type 2 has an invalid length.
[  545.688691][T22399] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not security
[  545.855110][T22409] wg2: Caught tx_queue_len zero misconfig
[  545.962911][T22414] bond28: Unable to set up delay as MII monitoring is disabled
[  546.021076][T22414] bond28 (unregistering): Released all slaves
[  546.353598][T22419] syzkaller0: entered promiscuous mode
[  546.386204][T22429] __nla_validate_parse: 13 callbacks suppressed
[  546.386224][T22429] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4978'.
[  546.417148][T22431] netlink: 'syz.0.4979': attribute type 1 has an invalid length.
[  546.420065][T22419] syzkaller0: entered allmulticast mode
[  546.550286][T22440] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4978'.
[  547.057624][T22461] xt_CT: You must specify a L4 protocol and not use inversions on it
[  547.090034][T22464] netlink: 256 bytes leftover after parsing attributes in process `syz.0.4989'.
[  547.183382][T22466] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4990'.
[  550.147176][T22484] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4995'.
[  550.156128][T22484] netlink: 2 bytes leftover after parsing attributes in process `syz.1.4995'.
[  550.185951][T22490] netlink: 'syz.4.4996': attribute type 8 has an invalid length.
[  550.193753][T22490] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4996'.
[  550.209640][T22493] FAULT_INJECTION: forcing a failure.
[  550.209640][T22493] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  550.243618][T22493] CPU: 0 UID: 0 PID: 22493 Comm: syz.3.4997 Not tainted syzkaller #0 PREEMPT(full) 
[  550.243648][T22493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  550.243660][T22493] Call Trace:
[  550.243669][T22493]  <TASK>
[  550.243678][T22493]  dump_stack_lvl+0xe8/0x150
[  550.243708][T22493]  should_fail_ex+0x412/0x560
[  550.243736][T22493]  _copy_from_iter+0x1d3/0x1670
[  550.243763][T22493]  ? rcu_is_watching+0x15/0xb0
[  550.243795][T22493]  ? __pfx__copy_from_iter+0x10/0x10
[  550.243826][T22493]  ? netlink_sendmsg+0x650/0xb40
[  550.243865][T22493]  ? skb_put+0x11b/0x210
[  550.243899][T22493]  netlink_sendmsg+0x6c0/0xb40
[  550.243939][T22493]  ? __pfx_netlink_sendmsg+0x10/0x10
[  550.243974][T22493]  ? aa_sock_msg_perm+0xf1/0x1b0
[  550.244005][T22493]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  550.244036][T22493]  ____sys_sendmsg+0x972/0x9f0
[  550.244056][T22493]  ? __might_fault+0xaf/0x130
[  550.244090][T22493]  ? __pfx_____sys_sendmsg+0x10/0x10
[  550.244121][T22493]  ? import_iovec+0x73/0xa0
[  550.244151][T22493]  ___sys_sendmsg+0x2a5/0x360
[  550.244170][T22493]  ? __lock_acquire+0x6b5/0x2cf0
[  550.244197][T22493]  ? __pfx____sys_sendmsg+0x10/0x10
[  550.244255][T22493]  ? __fget_files+0x2a/0x420
[  550.244278][T22493]  ? __fget_files+0x3a0/0x420
[  550.244312][T22493]  __x64_sys_sendmsg+0x1bd/0x2a0
[  550.244333][T22493]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  550.244359][T22493]  ? __pfx_ksys_write+0x10/0x10
[  550.244402][T22493]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  550.244424][T22493]  do_syscall_64+0x174/0x580
[  550.244444][T22493]  ? trace_irq_disable+0x3b/0x140
[  550.244471][T22493]  ? clear_bhb_loop+0x40/0x90
[  550.244494][T22493]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  550.244514][T22493] RIP: 0033:0x7f4323b9ce59
[  550.244535][T22493] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  550.244551][T22493] RSP: 002b:00007f432499c028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  550.244573][T22493] RAX: ffffffffffffffda RBX: 00007f4323e15fa0 RCX: 00007f4323b9ce59
[  550.244587][T22493] RDX: 0000000000000040 RSI: 0000200000009b40 RDI: 0000000000000003
[  550.244599][T22493] RBP: 00007f432499c090 R08: 0000000000000000 R09: 0000000000000000
[  550.244610][T22493] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  550.244621][T22493] R13: 00007f4323e16038 R14: 00007f4323e15fa0 R15: 00007fff3a77f968
[  550.244652][T22493]  </TASK>
[  550.261476][T22497] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5000'.
[  550.525157][T22504] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4999'.
[  550.537596][T22504] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4999'.
[  550.555356][T22507] sctp: [Deprecated]: syz.3.5003 (pid 22507) Use of int in maxseg socket option.
[  550.555356][T22507] Use struct sctp_assoc_value instead
[  550.573636][T22495] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  550.580894][T22495] IPv6: NLM_F_CREATE should be set when creating new route
[  550.588254][T22495] IPv6: NLM_F_CREATE should be set when creating new route
[  550.631425][T22497] netlink: 'syz.2.5000': attribute type 3 has an invalid length.
[  550.872177][T22522] netlink: 'syz.0.5007': attribute type 1 has an invalid length.
[  550.933536][T22519] syzkaller0: entered promiscuous mode
[  550.939082][T22519] syzkaller0: entered allmulticast mode
[  551.046903][T22530] bond29: (slave bridge16): making interface the new active one
[  551.053151][T22535] netlink: 'syz.1.5012': attribute type 1 has an invalid length.
[  551.075725][T22530] bond29: (slave bridge16): Enslaving as an active interface with an up link
[  551.601688][T22559] netlink: 'syz.1.5019': attribute type 11 has an invalid length.
[  551.609571][T22559] netlink: 'syz.1.5019': attribute type 11 has an invalid length.
[  551.617413][T22559] __nla_validate_parse: 1 callbacks suppressed
[  551.617429][T22559] netlink: 224 bytes leftover after parsing attributes in process `syz.1.5019'.
[  554.586766][T22577] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5023'.
[  555.049774][T22603] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  555.368433][T22618] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5032'.
[  555.402322][T22617] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5032'.
[  555.415411][T22615] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5033'.
[  556.067073][T22651] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5044'.
[  556.139684][T22661] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  556.149001][T22656] netlink: 65011 bytes leftover after parsing attributes in process `syz.2.5044'.
[  556.314322][T22670] netem: incorrect ge model size
[  556.840751][T22707] pimreg3: entered allmulticast mode
[  557.285766][T22726] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  557.329500][T22734] netlink: 'syz.2.5068': attribute type 1 has an invalid length.
[  557.448039][T22740] syzkaller0: entered promiscuous mode
[  557.453604][T22740] syzkaller0: entered allmulticast mode
[  557.902962][T22748] syzkaller0: entered promiscuous mode
[  557.908675][T22748] syzkaller0: entered allmulticast mode
[  558.562655][T22784] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5080'.
[  558.662550][T22788] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5081'.
[  561.230431][T22795] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  561.440974][T22806] pimreg: left allmulticast mode
[  561.748056][T22815] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5090'.
[  561.784517][T22819] nbd: must specify at least one socket
[  561.799568][T22821] netlink: 'syz.0.5094': attribute type 10 has an invalid length.
[  561.808690][T22821] bond0: (slave macsec0): Error -34 calling dev_set_mtu
[  561.816770][T22819] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5093'.
[  562.059663][T22831] openvswitch: netlink: IPv4 tun info is not correct
[  562.113319][T22834] IPVS: set_ctl: invalid protocol: 0 224.0.0.2:20000
[  562.360035][T22840] sctp: [Deprecated]: syz.2.5099 (pid 22840) Use of struct sctp_assoc_value in delayed_ack socket option.
[  562.360035][T22840] Use struct sctp_sack_info instead
[  562.405923][T22839] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5100'.
[  562.414860][T22839] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5100'.
[  562.650753][T22855] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5105'.
[  563.034234][T22879] netlink: 64 bytes leftover after parsing attributes in process `syz.3.5110'.
[  563.189734][ T1315] ieee802154 phy0 wpan0: encryption failed: -22
[  563.224525][T22888] netlink: 'syz.0.5116': attribute type 1 has an invalid length.
[  563.266098][T22888] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  563.568636][T22896] xt_hashlimit: size too large, truncated to 1048576
[  563.629942][T22898] netlink: 'syz.1.5118': attribute type 21 has an invalid length.
[  563.640162][T22898] IPv6: NLM_F_CREATE should be specified when creating new route
[  563.648021][T22898] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  563.655342][T22898] IPv6: NLM_F_CREATE should be set when creating new route
[  563.662626][T22898] IPv6: NLM_F_CREATE should be set when creating new route
[  563.669877][T22898] IPv6: NLM_F_CREATE should be set when creating new route
[  563.989055][T22910] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5120'.
[  564.072611][T22914] vlan3: entered promiscuous mode
[  564.570658][T22938] netlink: 'syz.4.5132': attribute type 1 has an invalid length.
[  564.696858][T22938] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  564.723281][T22948] netlink: 44 bytes leftover after parsing attributes in process `syz.2.5135'.
[  564.766742][T22950] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5136'.
[  565.105287][T22970] vlan1: entered promiscuous mode
[  565.349831][T22978] syzkaller0: entered promiscuous mode
[  565.356427][T22978] syzkaller0: entered allmulticast mode
[  565.364784][T22976] RDS: rds_bind could not find a transport for ::ffff:172.30.0.3, load rds_tcp or rds_rdma?
[  565.391083][T22976] netlink: 14 bytes leftover after parsing attributes in process `syz.2.5144'.
[  565.503673][T22984] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5147'.
[  565.920587][T23007] smc: ib device syz2 ibport 1 erased user defined pnetid SYZ2
[  565.928971][T23007] smc: ib device syz2 ibport 2 erased user defined pnetid SYZ2
[  565.992356][T23010] vlan1: entered promiscuous mode
[  566.192945][T23014] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5159'.
[  566.212602][T23016] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5160'.
[  566.222496][T23016] netlink: 'syz.0.5160': attribute type 7 has an invalid length.
[  566.231038][T23016] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5160'.
[  566.557259][T23034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  566.576805][T23034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  566.590548][T23034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  566.603772][T23034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  566.634334][T23034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  566.660864][T23034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  566.688193][T23034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  566.715156][T23034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  566.727735][T23034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  566.743588][T23034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  566.766521][T23034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  566.778499][T23034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  566.791171][T23034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  566.806517][T23034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  566.819011][T23034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  566.833750][T23034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  566.850184][T23034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  566.862299][T23034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  566.874112][T23034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  566.890595][T23034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  566.903495][T23034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  566.924078][T23034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  566.935467][T23034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  566.946883][T23034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  566.958807][T23034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  566.970497][T23034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  566.984708][T23034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  566.997727][T23034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  567.010340][T23034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  567.025314][T23034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  567.048722][T23034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  567.060818][T23034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  567.075273][T23034] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  567.206906][T23055] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5171'.
[  567.325855][T23059] vlan0: entered promiscuous mode
[  567.330965][T23059] bridge0: entered promiscuous mode
[  567.781410][T23081] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5183'.
[  568.990412][T23145] vlan3: entered promiscuous mode
[  569.059189][T23147] __nla_validate_parse: 5 callbacks suppressed
[  569.059211][T23147] netlink: 40 bytes leftover after parsing attributes in process `syz.1.5206'.
[  569.093694][T23150] syz.3.5207 (23150) used obsolete PPPIOCDETACH ioctl
[  569.295218][T23160] netem: incorrect ge model size
[  569.301105][T23160] netem: change failed
[  569.349725][T23164] IPVS: set_ctl: invalid protocol: 0 224.0.0.2:20000
[  569.460118][T23169] syzkaller0: entered promiscuous mode
[  569.487648][T23173] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5212'.
[  569.488998][T23169] syzkaller0: entered allmulticast mode
[  569.625543][T23180] FAULT_INJECTION: forcing a failure.
[  569.625543][T23180] name failslab, interval 1, probability 0, space 0, times 0
[  569.638610][T23180] CPU: 1 UID: 0 PID: 23180 Comm: syz.3.5212 Not tainted syzkaller #0 PREEMPT(full) 
[  569.638639][T23180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  569.638652][T23180] Call Trace:
[  569.638661][T23180]  <TASK>
[  569.638670][T23180]  dump_stack_lvl+0xe8/0x150
[  569.638702][T23180]  should_fail_ex+0x412/0x560
[  569.638731][T23180]  should_failslab+0xa8/0x100
[  569.638762][T23180]  kmem_cache_alloc_node_noprof+0x8f/0x690
[  569.638793][T23180]  ? __alloc_skb+0x186/0x7d0
[  569.638821][T23180]  ? __alloc_skb+0x1d0/0x7d0
[  569.638847][T23180]  ? __local_bh_enable_ip+0xd0/0x130
[  569.638874][T23180]  __alloc_skb+0x1d0/0x7d0
[  569.638909][T23180]  netlink_sendmsg+0x5d4/0xb40
[  569.638950][T23180]  ? __pfx_netlink_sendmsg+0x10/0x10
[  569.638985][T23180]  ? aa_sock_msg_perm+0xf1/0x1b0
[  569.639017][T23180]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  569.639048][T23180]  ____sys_sendmsg+0x972/0x9f0
[  569.639069][T23180]  ? __might_fault+0xaf/0x130
[  569.639103][T23180]  ? __pfx_____sys_sendmsg+0x10/0x10
[  569.639133][T23180]  ? import_iovec+0x73/0xa0
[  569.639162][T23180]  ___sys_sendmsg+0x2a5/0x360
[  569.639181][T23180]  ? __lock_acquire+0x6b5/0x2cf0
[  569.639209][T23180]  ? __pfx____sys_sendmsg+0x10/0x10
[  569.639268][T23180]  ? __fget_files+0x2a/0x420
[  569.639292][T23180]  ? __fget_files+0x3a0/0x420
[  569.639329][T23180]  __x64_sys_sendmsg+0x1bd/0x2a0
[  569.639354][T23180]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  569.639385][T23180]  ? rcu_is_watching+0x15/0xb0
[  569.639421][T23180]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  569.639444][T23180]  do_syscall_64+0x174/0x580
[  569.639465][T23180]  ? trace_irq_disable+0x3b/0x140
[  569.639501][T23180]  ? clear_bhb_loop+0x40/0x90
[  569.639525][T23180]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  569.639546][T23180] RIP: 0033:0x7f4323b9ce59
[  569.639566][T23180] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  569.639583][T23180] RSP: 002b:00007f432497b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  569.639607][T23180] RAX: ffffffffffffffda RBX: 00007f4323e16090 RCX: 00007f4323b9ce59
[  569.639622][T23180] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000006
[  569.639635][T23180] RBP: 00007f432497b090 R08: 0000000000000000 R09: 0000000000000000
[  569.639647][T23180] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  569.639660][T23180] R13: 00007f4323e16128 R14: 00007f4323e16090 R15: 00007fff3a77f968
[  569.639695][T23180]  </TASK>
[  570.117632][T23187] netlink: 2 bytes leftover after parsing attributes in process `syz.3.5218'.
[  570.177996][T23187] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5218'.
[  570.194237][T23185] netlink: 'syz.1.5216': attribute type 1 has an invalid length.
[  570.200189][T23191] netlink: 'syz.2.5219': attribute type 3 has an invalid length.
[  570.202017][T23185] netlink: 'syz.1.5216': attribute type 2 has an invalid length.
[  570.219713][T23189] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5217'.
[  570.229393][T23185] netlink: 'syz.1.5216': attribute type 1 has an invalid length.
[  570.237162][T23185] netlink: 'syz.1.5216': attribute type 2 has an invalid length.
[  570.437404][T23204] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5223'.
[  570.475734][T23207] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5224'.
[  570.600721][T23214] : entered promiscuous mode
[  570.609692][T23214] netlink: 'syz.0.5226': attribute type 5 has an invalid length.
[  570.621404][T23214] netlink: 140 bytes leftover after parsing attributes in process `syz.0.5226'.
[  570.715541][T23221] workqueue: Failed to create a rescuer kthread for wq "bond31": -EINTR
[  570.834094][T23229] batadv_slave_1: entered promiscuous mode
[  570.864267][T23231] netem: incorrect ge model size
[  570.870040][T23231] netem: change failed
[  570.950377][T23215] batadv_slave_1: left promiscuous mode
[  571.117713][T23241] xt_hashlimit: overflow, try lower: 3/0
[  571.190236][T23248] vlan0: entered promiscuous mode
[  571.195349][T23248] hsr0: entered promiscuous mode
[  571.200618][T23248] vlan0: entered allmulticast mode
[  571.205772][T23248] hsr0: entered allmulticast mode
[  571.210832][T23248] hsr_slave_0: entered allmulticast mode
[  571.216515][T23248] hsr_slave_1: entered allmulticast mode
[  571.334086][T23256] �����
rB��: Caught tx_queue_len zero misconfig
[  571.428196][T23256] tipc: New replicast peer: 255.255.255.255
[  571.434942][T23256] tipc: Enabled bearer <udp:syz2>, priority 10
[  571.457318][T23262] netlink: 'syz.2.5242': attribute type 1 has an invalid length.
[  571.519092][T23264] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5243'.
[  571.572505][T23262] 8021q: adding VLAN 0 to HW filter on device bond23
[  571.600427][T23262] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5242'.
[  571.649345][T23262] vlan0: entered allmulticast mode
[  571.657791][T23262] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[  571.707227][T23275] sctp: [Deprecated]: syz.4.5245 (pid 23275) Use of int in maxseg socket option.
[  571.707227][T23275] Use struct sctp_assoc_value instead
[  572.542918][ T5740] tipc: Node number set to 2483056105
[  572.585174][T23322] netlink: 'syz.2.5259': attribute type 1 has an invalid length.
[  572.709166][T23328] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  573.042849][T23346] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[  573.284688][T23353] vlan1: entered promiscuous mode
[  573.303048][T23359] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  573.374049][T23363] netlink: 'syz.0.5274': attribute type 25 has an invalid length.
[  573.382270][T23363] netlink: 'syz.0.5274': attribute type 25 has an invalid length.
[  573.554507][T23362] bond31: entered promiscuous mode
[  573.719113][T23377] FAULT_INJECTION: forcing a failure.
[  573.719113][T23377] name failslab, interval 1, probability 0, space 0, times 0
[  573.737169][T23377] CPU: 0 UID: 0 PID: 23377 Comm: syz.2.5280 Not tainted syzkaller #0 PREEMPT(full) 
[  573.737201][T23377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  573.737215][T23377] Call Trace:
[  573.737225][T23377]  <TASK>
[  573.737234][T23377]  dump_stack_lvl+0xe8/0x150
[  573.737264][T23377]  should_fail_ex+0x412/0x560
[  573.737294][T23377]  should_failslab+0xa8/0x100
[  573.737317][T23377]  kmem_cache_alloc_node_noprof+0x8f/0x690
[  573.737346][T23377]  ? __alloc_skb+0x186/0x7d0
[  573.737374][T23377]  ? __alloc_skb+0x1d0/0x7d0
[  573.737399][T23377]  ? __local_bh_enable_ip+0xd0/0x130
[  573.737426][T23377]  __alloc_skb+0x1d0/0x7d0
[  573.737454][T23377]  ? netlink_ack_tlv_len+0x6c/0x210
[  573.737499][T23377]  netlink_ack+0x146/0xa50
[  573.737527][T23377]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  573.737553][T23377]  ? ref_tracker_free+0x693/0x840
[  573.737578][T23377]  ? __pfx_ref_tracker_free+0x10/0x10
[  573.737613][T23377]  netlink_rcv_skb+0x2b6/0x4b0
[  573.737644][T23377]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  573.737673][T23377]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  573.737717][T23377]  ? netlink_deliver_tap+0x2e/0x1b0
[  573.737743][T23377]  ? netlink_deliver_tap+0x2e/0x1b0
[  573.737775][T23377]  netlink_unicast+0x75c/0x8e0
[  573.737813][T23377]  netlink_sendmsg+0x813/0xb40
[  573.737850][T23377]  ? __pfx_netlink_sendmsg+0x10/0x10
[  573.737882][T23377]  ? aa_sock_msg_perm+0xf1/0x1b0
[  573.737913][T23377]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  573.737954][T23377]  ____sys_sendmsg+0x972/0x9f0
[  573.737974][T23377]  ? __might_fault+0xaf/0x130
[  573.738005][T23377]  ? __pfx_____sys_sendmsg+0x10/0x10
[  573.738034][T23377]  ? import_iovec+0x73/0xa0
[  573.738061][T23377]  ___sys_sendmsg+0x2a5/0x360
[  573.738077][T23377]  ? __lock_acquire+0x6b5/0x2cf0
[  573.738102][T23377]  ? __pfx____sys_sendmsg+0x10/0x10
[  573.738157][T23377]  ? __fget_files+0x2a/0x420
[  573.738181][T23377]  ? __fget_files+0x3a0/0x420
[  573.738216][T23377]  __x64_sys_sendmsg+0x1bd/0x2a0
[  573.738240][T23377]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  573.738270][T23377]  ? __pfx_ksys_write+0x10/0x10
[  573.738306][T23377]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  573.738328][T23377]  do_syscall_64+0x174/0x580
[  573.738347][T23377]  ? trace_irq_disable+0x3b/0x140
[  573.738374][T23377]  ? clear_bhb_loop+0x40/0x90
[  573.738398][T23377]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  573.738417][T23377] RIP: 0033:0x7f7fe299ce59
[  573.738436][T23377] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  573.738453][T23377] RSP: 002b:00007f7fe3825028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  573.738474][T23377] RAX: ffffffffffffffda RBX: 00007f7fe2c15fa0 RCX: 00007f7fe299ce59
[  573.738497][T23377] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000006
[  573.738509][T23377] RBP: 00007f7fe3825090 R08: 0000000000000000 R09: 0000000000000000
[  573.738521][T23377] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  573.738533][T23377] R13: 00007f7fe2c16038 R14: 00007f7fe2c15fa0 R15: 00007ffe792555c8
[  573.738567][T23377]  </TASK>
[  574.249995][T23379] __nla_validate_parse: 19 callbacks suppressed
[  574.250017][T23379] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5279'.
[  574.361624][T23399] nbd: socks must be embedded in a SOCK_ITEM attr
[  574.395150][T23403] netlink: 40 bytes leftover after parsing attributes in process `syz.4.5289'.
[  574.407329][T23403] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5289'.
[  574.419135][T23403] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5289'.
[  574.441152][T23406] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5286'.
[  574.453133][T23406] openvswitch: netlink: IPv4 frag type 127 is out of range max 2
[  574.503821][T23406] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5286'.
[  574.512847][T23406] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5286'.
[  574.521740][T23406] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5286'.
[  574.548387][T23409] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  574.622381][T23411] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5290'.
[  574.818204][T23418] sctp: [Deprecated]: syz.0.5293 (pid 23418) Use of struct sctp_assoc_value in delayed_ack socket option.
[  574.818204][T23418] Use struct sctp_sack_info instead
[  574.879993][T23420] bond32: (slave erspan0): Device is not bonding slave
[  574.900503][T23420] bond32: option active_slave: invalid value (erspan0)
[  574.918209][T23420] bond32 (unregistering): Released all slaves
[  575.246572][T23440] netlink: 52 bytes leftover after parsing attributes in process `syz.2.5301'.
[  575.259963][T23438] vlan3: entered promiscuous mode
[  575.271246][T23440] validate_nla: 64 callbacks suppressed
[  575.271269][T23440] netlink: 'syz.2.5301': attribute type 83 has an invalid length.
[  575.533946][T23455] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  575.897877][T23463] xt_recent: hitcount (4294901760) is larger than allowed maximum (65535)
[  576.955891][T23513] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  577.158504][T23517] netem: incorrect ge model size
[  577.170008][T23517] netem: change failed
[  577.403998][T23531] syzkaller0: entered promiscuous mode
[  577.421082][T23531] syzkaller0: entered allmulticast mode
[  577.546586][T23535] syzkaller0: entered promiscuous mode
[  577.552137][T23535] syzkaller0: entered allmulticast mode
[  578.711214][T23566] netlink: 'syz.0.5339': attribute type 1 has an invalid length.
[  581.379081][T23566] workqueue: Failed to create a rescuer kthread for wq "bond32": -EINTR
[  581.540242][T23577] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  581.826945][T23593] __nla_validate_parse: 4 callbacks suppressed
[  581.826969][T23593] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5346'.
[  581.901324][T23599] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5350'.
[  581.920024][T23597] syzkaller0: entered promiscuous mode
[  581.950895][T23597] syzkaller0: entered allmulticast mode
[  581.974155][T23601] veth0: entered promiscuous mode
[  581.982697][T23599] dvmrp0: left allmulticast mode
[  581.987843][T23599] pimreg: left allmulticast mode
[  581.991545][T23602] netlink: 'syz.3.5351': attribute type 1 has an invalid length.
[  582.004367][T23602] netlink: 184 bytes leftover after parsing attributes in process `syz.3.5351'.
[  582.051891][T23597] veth0: left promiscuous mode
[  582.101141][T23604] netlink: 'syz.2.5352': attribute type 1 has an invalid length.
[  582.197553][T23610] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode
[  582.251457][T23615] openvswitch: netlink: IP tunnel dst address not specified
[  582.504566][T23618] netlink: 'syz.2.5357': attribute type 1 has an invalid length.
[  582.556598][T23630] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5361'.
[  582.565728][T23630] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5361'.
[  582.606228][T23618] bond25: entered promiscuous mode
[  582.613261][T23618] 8021q: adding VLAN 0 to HW filter on device bond25
[  582.631229][T23634] bond25: (slave ipvlan1): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  582.643756][T23634] bond25: (slave ipvlan1): The slave device specified does not support setting the MAC address
[  582.654333][T23634] bond25: (slave ipvlan1): Setting fail_over_mac to active for active-backup mode
[  582.684379][T23632] bond25: (slave bridge19): making interface the new active one
[  582.692469][T23632] bridge19: entered promiscuous mode
[  582.711691][T23632] bond25: (slave bridge19): Enslaving as an active interface with an up link
[  582.722707][T23630] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5361'.
[  582.738300][T23630] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5361'.
[  582.889563][T23641] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  582.957989][T23643] FAULT_INJECTION: forcing a failure.
[  582.957989][T23643] name failslab, interval 1, probability 0, space 0, times 0
[  582.970638][T23643] CPU: 0 UID: 0 PID: 23643 Comm: syz.1.5365 Not tainted syzkaller #0 PREEMPT(full) 
[  582.970658][T23643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  582.970666][T23643] Call Trace:
[  582.970672][T23643]  <TASK>
[  582.970679][T23643]  dump_stack_lvl+0xe8/0x150
[  582.970699][T23643]  should_fail_ex+0x412/0x560
[  582.970731][T23643]  should_failslab+0xa8/0x100
[  582.970745][T23643]  kmem_cache_alloc_node_noprof+0x8f/0x690
[  582.970764][T23643]  ? __alloc_skb+0x186/0x7d0
[  582.970780][T23643]  ? __alloc_skb+0x1d0/0x7d0
[  582.970795][T23643]  ? __local_bh_enable_ip+0xd0/0x130
[  582.970811][T23643]  __alloc_skb+0x1d0/0x7d0
[  582.970828][T23643]  ? bpf_lsm_socket_getpeersec_dgram+0x9/0x20
[  582.970847][T23643]  netlink_sendmsg+0x5d4/0xb40
[  582.970871][T23643]  ? __pfx_netlink_sendmsg+0x10/0x10
[  582.970891][T23643]  ? aa_sock_msg_perm+0xf1/0x1b0
[  582.970910][T23643]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  582.970928][T23643]  ____sys_sendmsg+0x972/0x9f0
[  582.970940][T23643]  ? __might_fault+0xaf/0x130
[  582.970959][T23643]  ? __pfx_____sys_sendmsg+0x10/0x10
[  582.970976][T23643]  ? import_iovec+0x73/0xa0
[  582.970993][T23643]  ___sys_sendmsg+0x2a5/0x360
[  582.971004][T23643]  ? __lock_acquire+0x6b5/0x2cf0
[  582.971020][T23643]  ? __pfx____sys_sendmsg+0x10/0x10
[  582.971052][T23643]  ? __fget_files+0x2a/0x420
[  582.971066][T23643]  ? __fget_files+0x3a0/0x420
[  582.971087][T23643]  __x64_sys_sendmsg+0x1bd/0x2a0
[  582.971100][T23643]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  582.971118][T23643]  ? __pfx_ksys_write+0x10/0x10
[  582.971141][T23643]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  582.971154][T23643]  do_syscall_64+0x174/0x580
[  582.971167][T23643]  ? trace_irq_disable+0x3b/0x140
[  582.971185][T23643]  ? clear_bhb_loop+0x40/0x90
[  582.971200][T23643]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  582.971212][T23643] RIP: 0033:0x7f54e1d9ce59
[  582.971226][T23643] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  582.971237][T23643] RSP: 002b:00007f54e2cf8028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  582.971260][T23643] RAX: ffffffffffffffda RBX: 00007f54e2015fa0 RCX: 00007f54e1d9ce59
[  582.971275][T23643] RDX: 0000000000004010 RSI: 0000200000000280 RDI: 0000000000000004
[  582.971287][T23643] RBP: 00007f54e2cf8090 R08: 0000000000000000 R09: 0000000000000000
[  582.971299][T23643] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  582.971311][T23643] R13: 00007f54e2016038 R14: 00007f54e2015fa0 R15: 00007ffec750e558
[  582.971334][T23643]  </TASK>
[  582.974628][T23645] netlink: 'syz.4.5366': attribute type 1 has an invalid length.
[  583.122421][T23651] netlink: 'syz.2.5367': attribute type 1 has an invalid length.
[  583.583468][T23657] netlink: 'syz.1.5370': attribute type 1 has an invalid length.
[  583.656156][T23657] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  583.899236][T23678] veth0_virt_wifi: Caught tx_queue_len zero misconfig
[  584.120345][T23690] netlink: 'syz.0.5382': attribute type 2 has an invalid length.
[  584.192005][T23692] netlink: 'syz.2.5381': attribute type 11 has an invalid length.
[  584.339998][T23694] vlan1: entered allmulticast mode
[  584.345728][T23694] veth1_virt_wifi: entered allmulticast mode
[  584.574075][T23713] openvswitch: netlink: IPv4 tun info is not correct
[  584.827583][T23724] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5392'.
[  584.925180][T23730] netem: incorrect ge model size
[  584.935170][T23730] netem: change failed
[  584.995554][   T30] audit: type=1107 audit(1780061010.859:14): pid=23732 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='��m�Ide�Q7���FWq�lR.jT�xu����ec���������g��������7��KR�R��.y�聧Y�
[  584.995554][   T30] �\��jn޸r5�'
[  585.002883][T23734] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  585.222997][T23741] netlink: 'syz.0.5399': attribute type 1 has an invalid length.
[  585.411186][T23761] netlink: 104 bytes leftover after parsing attributes in process `syz.1.5402'.
[  585.664525][T23768] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5408'.
[  585.850353][T23774] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  585.886058][T23779] netlink: 'syz.4.5411': attribute type 7 has an invalid length.
[  585.893867][T23779] netlink: 'syz.4.5411': attribute type 8 has an invalid length.
[  586.246278][T23802] openvswitch: netlink: Flow key attr not present in new flow.
[  586.341408][T23805] C: renamed from lo
[  586.380084][T23805] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  586.603604][   T30] audit: type=1804 audit(1780061012.459:15): pid=23810 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.5423" name="/newroot/1120/cgroup.controllers" dev="tmpfs" ino=5713 res=1 errno=0
[  586.629107][   T30] audit: type=1800 audit(1780061012.459:16): pid=23810 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.5423" name="cgroup.controllers" dev="tmpfs" ino=5713 res=0 errno=0
[  587.395891][T23846] bond32: entered promiscuous mode
[  587.401946][T23846] bond32: entered allmulticast mode
[  587.415798][T23846] 8021q: adding VLAN 0 to HW filter on device bond32
[  587.497174][T23851] syzkaller1: entered allmulticast mode
[  587.528133][T23859] validate_nla: 2 callbacks suppressed
[  587.528156][T23859] netlink: 'syz.2.5443': attribute type 1 has an invalid length.
[  587.806392][T23871] FAULT_INJECTION: forcing a failure.
[  587.806392][T23871] name failslab, interval 1, probability 0, space 0, times 0
[  587.844480][T23871] CPU: 1 UID: 0 PID: 23871 Comm: syz.1.5447 Not tainted syzkaller #0 PREEMPT(full) 
[  587.844510][T23871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  587.844523][T23871] Call Trace:
[  587.844531][T23871]  <TASK>
[  587.844540][T23871]  dump_stack_lvl+0xe8/0x150
[  587.844570][T23871]  should_fail_ex+0x412/0x560
[  587.844598][T23871]  should_failslab+0xa8/0x100
[  587.844621][T23871]  kmem_cache_alloc_node_noprof+0x8f/0x690
[  587.844648][T23871]  ? __alloc_skb+0x186/0x7d0
[  587.844684][T23871]  ? __alloc_skb+0x1d0/0x7d0
[  587.844709][T23871]  ? __local_bh_enable_ip+0xd0/0x130
[  587.844736][T23871]  __alloc_skb+0x1d0/0x7d0
[  587.844764][T23871]  ? netlink_ack_tlv_len+0x6c/0x210
[  587.844796][T23871]  netlink_ack+0x146/0xa50
[  587.844821][T23871]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  587.844848][T23871]  ? ref_tracker_free+0x693/0x840
[  587.844877][T23871]  ? __pfx_ref_tracker_free+0x10/0x10
[  587.844911][T23871]  netlink_rcv_skb+0x2b6/0x4b0
[  587.844942][T23871]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  587.844971][T23871]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  587.845015][T23871]  ? netlink_deliver_tap+0x2e/0x1b0
[  587.845043][T23871]  ? netlink_deliver_tap+0x2e/0x1b0
[  587.845078][T23871]  netlink_unicast+0x75c/0x8e0
[  587.845116][T23871]  netlink_sendmsg+0x813/0xb40
[  587.845155][T23871]  ? __pfx_netlink_sendmsg+0x10/0x10
[  587.845188][T23871]  ? aa_sock_msg_perm+0xf1/0x1b0
[  587.845220][T23871]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  587.845250][T23871]  ____sys_sendmsg+0x972/0x9f0
[  587.845271][T23871]  ? __might_fault+0xaf/0x130
[  587.845303][T23871]  ? __pfx_____sys_sendmsg+0x10/0x10
[  587.845332][T23871]  ? import_iovec+0x73/0xa0
[  587.845360][T23871]  ___sys_sendmsg+0x2a5/0x360
[  587.845380][T23871]  ? __lock_acquire+0x6b5/0x2cf0
[  587.845408][T23871]  ? __pfx____sys_sendmsg+0x10/0x10
[  587.845465][T23871]  ? __fget_files+0x2a/0x420
[  587.845490][T23871]  ? __fget_files+0x3a0/0x420
[  587.845526][T23871]  __x64_sys_sendmsg+0x1bd/0x2a0
[  587.845550][T23871]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  587.845581][T23871]  ? __pfx_ksys_write+0x10/0x10
[  587.845619][T23871]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  587.845640][T23871]  do_syscall_64+0x174/0x580
[  587.845660][T23871]  ? trace_irq_disable+0x3b/0x140
[  587.845697][T23871]  ? clear_bhb_loop+0x40/0x90
[  587.845722][T23871]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  587.845742][T23871] RIP: 0033:0x7f54e1d9ce59
[  587.845762][T23871] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  587.845779][T23871] RSP: 002b:00007f54e2cf8028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  587.845802][T23871] RAX: ffffffffffffffda RBX: 00007f54e2015fa0 RCX: 00007f54e1d9ce59
[  587.845816][T23871] RDX: 0000000000004010 RSI: 0000200000000280 RDI: 0000000000000004
[  587.845834][T23871] RBP: 00007f54e2cf8090 R08: 0000000000000000 R09: 0000000000000000
[  587.845848][T23871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  587.845859][T23871] R13: 00007f54e2016038 R14: 00007f54e2015fa0 R15: 00007ffec750e558
[  587.845892][T23871]  </TASK>
[  587.904550][T23876] __nla_validate_parse: 10 callbacks suppressed
[  587.904570][T23876] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5448'.
[  588.204318][T23879] sch_tbf: burst 0 is lower than device lo mtu (81) !
[  588.342261][T23891] netlink: 'syz.2.5454': attribute type 1 has an invalid length.
[  588.347560][T23894] netlink: 'syz.3.5455': attribute type 1 has an invalid length.
[  588.539590][T23891] workqueue: Failed to create a rescuer kthread for wq "bond27": -EINTR
[  588.571891][T23906] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  588.612301][T23914] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5458'.
[  588.666171][T23896] syzkaller0: entered promiscuous mode
[  588.671728][T23896] syzkaller0: entered allmulticast mode
[  591.957070][T23937] netlink: 'syz.2.5465': attribute type 13 has an invalid length.
[  591.984921][T23940] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5468'.
[  592.193662][T23949] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  592.243274][T23954] xt_ecn: cannot match TCP bits for non-tcp packets
[  592.628159][T23972] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not security
[  592.644910][T23974] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5479'.
[  593.035484][T23976] bridge16: entered promiscuous mode
[  593.052213][T23976] bridge16: entered allmulticast mode
[  593.080990][T23998] FAULT_INJECTION: forcing a failure.
[  593.080990][T23998] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  593.130868][T23998] CPU: 1 UID: 0 PID: 23998 Comm: syz.3.5486 Not tainted syzkaller #0 PREEMPT(full) 
[  593.130901][T23998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  593.130913][T23998] Call Trace:
[  593.130922][T23998]  <TASK>
[  593.130931][T23998]  dump_stack_lvl+0xe8/0x150
[  593.130961][T23998]  should_fail_ex+0x412/0x560
[  593.130992][T23998]  _copy_from_user+0x2d/0xb0
[  593.131019][T23998]  ___sys_sendmsg+0x1c6/0x360
[  593.131040][T23998]  ? __lock_acquire+0x6b5/0x2cf0
[  593.131068][T23998]  ? __pfx____sys_sendmsg+0x10/0x10
[  593.131129][T23998]  ? __fget_files+0x2a/0x420
[  593.131153][T23998]  ? __fget_files+0x3a0/0x420
[  593.131191][T23998]  __x64_sys_sendmsg+0x1bd/0x2a0
[  593.131215][T23998]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  593.131247][T23998]  ? __pfx_ksys_write+0x10/0x10
[  593.131286][T23998]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  593.131318][T23998]  do_syscall_64+0x174/0x580
[  593.131339][T23998]  ? trace_irq_disable+0x3b/0x140
[  593.131367][T23998]  ? clear_bhb_loop+0x40/0x90
[  593.131394][T23998]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  593.131414][T23998] RIP: 0033:0x7f4323b9ce59
[  593.131434][T23998] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  593.131451][T23998] RSP: 002b:00007f432499c028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  593.131486][T23998] RAX: ffffffffffffffda RBX: 00007f4323e15fa0 RCX: 00007f4323b9ce59
[  593.131501][T23998] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000003
[  593.131514][T23998] RBP: 00007f432499c090 R08: 0000000000000000 R09: 0000000000000000
[  593.131526][T23998] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  593.131539][T23998] R13: 00007f4323e16038 R14: 00007f4323e15fa0 R15: 00007fff3a77f968
[  593.131574][T23998]  </TASK>
[  593.337094][T24005] netlink: 32 bytes leftover after parsing attributes in process `syz.4.5489'.
[  593.548509][T24012] netlink: 'syz.3.5490': attribute type 1 has an invalid length.
[  593.576477][T24013] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not security
[  593.835995][T24028] xt_connbytes: Forcing CT accounting to be enabled
[  593.983795][T24035] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5497'.
[  594.095187][T24042] netlink: 84 bytes leftover after parsing attributes in process `syz.0.5497'.
[  594.347848][T24052] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not security
[  594.495190][T24062] netlink: 'syz.4.5507': attribute type 1 has an invalid length.
[  594.511734][T24062] netlink: 224 bytes leftover after parsing attributes in process `syz.4.5507'.
[  594.528613][T24062] openvswitch: netlink: IP tunnel dst address not specified
[  594.537124][T24069] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5510'.
[  594.542904][T24067] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  594.682013][T24078] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5513'.
[  594.840116][T24088] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5516'.
[  594.854067][T24085] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5516'.
[  594.886840][T24090] tunl0: Caught tx_queue_len zero misconfig
[  594.907461][T24085] bridge20: port 1(vlan3) entered blocking state
[  594.915555][T24085] bridge20: port 1(vlan3) entered disabled state
[  594.923246][T24085] vlan3: entered allmulticast mode
[  594.928642][T24085] bridge20: entered allmulticast mode
[  594.948165][T24085] vlan3: left allmulticast mode
[  594.963657][T24085] bridge20: left allmulticast mode
[  595.045584][T24097] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5520'.
[  595.055009][T24097] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5520'.
[  595.701767][T24133] syzkaller0: entered promiscuous mode
[  595.707443][T24133] syzkaller0: entered allmulticast mode
[  595.748796][T24137] sctp: [Deprecated]: syz.3.5534 (pid 24137) Use of struct sctp_assoc_value in delayed_ack socket option.
[  595.748796][T24137] Use struct sctp_sack_info instead
[  595.780607][T24139] x_tables: ip_tables: icmp match: only valid for protocol 1
[  595.998314][T24148] syzkaller0: entered promiscuous mode
[  596.010247][T24148] syzkaller0: entered allmulticast mode
[  596.545878][T24170] netlink: 'syz.1.5545': attribute type 1 has an invalid length.
[  596.613867][T24170] 8021q: adding VLAN 0 to HW filter on device bond33
[  596.698773][T24170] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  597.033787][T24198] mac80211_hwsim hwsim3 syzkaller0: entered promiscuous mode
[  597.055539][T24198] mac80211_hwsim hwsim3 syzkaller0: entered allmulticast mode
[  597.707434][T24234] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  597.718204][T24221] syzkaller1: entered promiscuous mode
[  597.724293][T24221] syzkaller1: entered allmulticast mode
[  597.867525][T24236] netlink: 'syz.4.5568': attribute type 27 has an invalid length.
[  598.091214][T24243] syzkaller0: entered promiscuous mode
[  598.096774][T24243] syzkaller0: entered allmulticast mode
[  598.235441][T24247] netlink: 'syz.4.5572': attribute type 2 has an invalid length.
[  598.258084][T24251] netlink: Conntrack attr type has unexpected length (type=2, length=0, expected=2)
[  598.270221][T24247] netlink: 'syz.4.5572': attribute type 8 has an invalid length.
[  598.373558][T24253] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma?
[  598.518572][T24257] netlink: 'syz.1.5577': attribute type 1 has an invalid length.
[  598.527849][T24255] __nla_validate_parse: 13 callbacks suppressed
[  598.527870][T24255] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5576'.
[  598.553192][T24257] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5577'.
[  598.875452][T24264] bond33: (slave C): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  598.881280][T24274] atomic_op ffff88807e0b6998 conn xmit_atomic 0000000000000000
[  598.975413][T24264] bond33: (slave C): Enslaving as an active interface with an up link
[  599.026295][T24264] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[  599.086308][T24276] 8021q: adding VLAN 0 to HW filter on device ipvlan0
[  599.106125][T24276] bond0: (slave ipvlan0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  599.257546][T24290] syzkaller0: entered promiscuous mode
[  599.263100][T24290] syzkaller0: entered allmulticast mode
[  600.425940][T24333] FAULT_INJECTION: forcing a failure.
[  600.425940][T24333] name failslab, interval 1, probability 0, space 0, times 0
[  600.474057][T24333] CPU: 0 UID: 0 PID: 24333 Comm: syz.0.5599 Not tainted syzkaller #0 PREEMPT(full) 
[  600.474085][T24333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  600.474097][T24333] Call Trace:
[  600.474106][T24333]  <TASK>
[  600.474114][T24333]  dump_stack_lvl+0xe8/0x150
[  600.474142][T24333]  should_fail_ex+0x412/0x560
[  600.474170][T24333]  should_failslab+0xa8/0x100
[  600.474192][T24333]  __kmalloc_noprof+0xe8/0x760
[  600.474222][T24333]  ? genl_family_rcv_msg_attrs_parse+0xd0/0x2f0
[  600.474257][T24333]  genl_family_rcv_msg_attrs_parse+0xd0/0x2f0
[  600.474284][T24333]  ? kernel_text_address+0xa5/0xe0
[  600.474318][T24333]  genl_family_rcv_msg_doit+0xd9/0x330
[  600.474342][T24333]  ? __asan_memcpy+0x40/0x70
[  600.474371][T24333]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  600.474402][T24333]  ? __pfx___mutex_lock+0x10/0x10
[  600.474432][T24333]  ? __pfx_genl_get_cmd+0x10/0x10
[  600.474452][T24333]  ? stack_trace_save+0xa9/0x100
[  600.474477][T24333]  ? __pfx_tipc_nl_node_set_key+0x10/0x10
[  600.474501][T24333]  ? __lock_acquire+0x6b5/0x2cf0
[  600.474535][T24333]  genl_rcv_msg+0x61c/0x7a0
[  600.474569][T24333]  ? __pfx_genl_rcv_msg+0x10/0x10
[  600.474593][T24333]  ? __pfx_tipc_nl_node_set_key+0x10/0x10
[  600.474635][T24333]  netlink_rcv_skb+0x232/0x4b0
[  600.474665][T24333]  ? __pfx_genl_rcv_msg+0x10/0x10
[  600.474692][T24333]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  600.474741][T24333]  ? down_read+0x270/0x2e0
[  600.474762][T24333]  ? genl_rcv+0xd/0x40
[  600.474788][T24333]  genl_rcv+0x28/0x40
[  600.474809][T24333]  netlink_unicast+0x75c/0x8e0
[  600.474851][T24333]  netlink_sendmsg+0x813/0xb40
[  600.474892][T24333]  ? __pfx_netlink_sendmsg+0x10/0x10
[  600.474928][T24333]  ? aa_sock_msg_perm+0xf1/0x1b0
[  600.474961][T24333]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  600.474993][T24333]  ____sys_sendmsg+0x972/0x9f0
[  600.475015][T24333]  ? __might_fault+0xaf/0x130
[  600.475050][T24333]  ? __pfx_____sys_sendmsg+0x10/0x10
[  600.475083][T24333]  ? import_iovec+0x73/0xa0
[  600.475113][T24333]  ___sys_sendmsg+0x2a5/0x360
[  600.475133][T24333]  ? __lock_acquire+0x6b5/0x2cf0
[  600.475160][T24333]  ? __pfx____sys_sendmsg+0x10/0x10
[  600.475225][T24333]  ? __fget_files+0x2a/0x420
[  600.475249][T24333]  ? __fget_files+0x3a0/0x420
[  600.475288][T24333]  __x64_sys_sendmsg+0x1bd/0x2a0
[  600.475312][T24333]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  600.475345][T24333]  ? __pfx_ksys_write+0x10/0x10
[  600.475386][T24333]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  600.475417][T24333]  do_syscall_64+0x174/0x580
[  600.475437][T24333]  ? trace_irq_disable+0x3b/0x140
[  600.475467][T24333]  ? clear_bhb_loop+0x40/0x90
[  600.475494][T24333]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  600.475514][T24333] RIP: 0033:0x7f2f1239ce59
[  600.475534][T24333] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  600.475551][T24333] RSP: 002b:00007f2f13328028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  600.475575][T24333] RAX: ffffffffffffffda RBX: 00007f2f12615fa0 RCX: 00007f2f1239ce59
[  600.475590][T24333] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000003
[  600.475603][T24333] RBP: 00007f2f13328090 R08: 0000000000000000 R09: 0000000000000000
[  600.475617][T24333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  600.475629][T24333] R13: 00007f2f12616038 R14: 00007f2f12615fa0 R15: 00007ffcc98fa228
[  600.475664][T24333]  </TASK>
[  601.040093][T24347] syzkaller0: entered promiscuous mode
[  601.080885][T24347] syzkaller0: entered allmulticast mode
[  601.116877][T24353] netlink: 108 bytes leftover after parsing attributes in process `syz.0.5603'.
[  601.413310][T24363] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5610'.
[  601.852209][T24389] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5617'.
[  601.912379][T24389] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5617'.
[  601.965302][T24389] bridge0: port 8(veth1_to_bridge) entered blocking state
[  601.966722][T24393] netlink: 'syz.2.5620': attribute type 10 has an invalid length.
[  601.972734][T24389] bridge0: port 8(veth1_to_bridge) entered disabled state
[  601.972931][T24389] veth1_to_bridge: entered allmulticast mode
[  601.974697][T24389] veth1_to_bridge: entered promiscuous mode
[  602.020119][T24393] macsec0: entered allmulticast mode
[  602.025818][T24393] veth1_macvtap: entered allmulticast mode
[  602.038759][T24393] .`: (slave macsec0): Enslaving as an active interface with an up link
[  602.151297][T24407] xt_CT: You must specify a L4 protocol and not use inversions on it
[  602.339089][T24415] syzkaller0: entered promiscuous mode
[  602.349464][T24415] syzkaller0: entered allmulticast mode
[  602.776830][T24442] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5634'.
[  602.790878][T24441] netlink: 'syz.2.5637': attribute type 1 has an invalid length.
[  602.798754][T24441] netlink: 'syz.2.5637': attribute type 7 has an invalid length.
[  602.806517][T24441] netlink: 'syz.2.5637': attribute type 8 has an invalid length.
[  602.835988][T24441] netlink: 132 bytes leftover after parsing attributes in process `syz.2.5637'.
[  602.870955][T24447] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5635'.
[  603.035556][T24459] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5640'.
[  603.294516][T24474] netlink: 'syz.1.5645': attribute type 12 has an invalid length.
[  603.601095][T24474] bond34: option primary_reselect: invalid value (255)
[  603.615744][T24474] bond34 (unregistering): Released all slaves
[  603.754157][T24507] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5649'.
[  603.975411][T24519] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5655'.
[  604.057507][T24519] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5655'.
[  604.169320][T24532] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5657'.
[  604.259602][T24532] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5657'.
[  604.504536][T24549] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5664'.
[  604.617063][T24554] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5665'.
[  604.669158][T24557] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5667'.
[  604.919941][T24571] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5669'.
[  604.934503][T24571] dvmrp0: entered allmulticast mode
[  605.090613][T24577] netlink: 'syz.3.5672': attribute type 4 has an invalid length.
[  605.119087][T24583] FAULT_INJECTION: forcing a failure.
[  605.119087][T24583] name failslab, interval 1, probability 0, space 0, times 0
[  605.141626][T24583] CPU: 1 UID: 0 PID: 24583 Comm: syz.1.5671 Not tainted syzkaller #0 PREEMPT(full) 
[  605.141656][T24583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  605.141669][T24583] Call Trace:
[  605.141677][T24583]  <TASK>
[  605.141687][T24583]  dump_stack_lvl+0xe8/0x150
[  605.141718][T24583]  should_fail_ex+0x412/0x560
[  605.141747][T24583]  should_failslab+0xa8/0x100
[  605.141767][T24583]  ? skb_clone+0x212/0x3a0
[  605.141789][T24583]  kmem_cache_alloc_noprof+0x87/0x650
[  605.141818][T24583]  ? __netlink_lookup+0xc6/0x8b0
[  605.141851][T24583]  skb_clone+0x212/0x3a0
[  605.141877][T24583]  __netlink_deliver_tap+0x404/0x850
[  605.141920][T24583]  ? netlink_deliver_tap+0x2e/0x1b0
[  605.141951][T24583]  netlink_deliver_tap+0x19c/0x1b0
[  605.141981][T24583]  netlink_unicast+0x730/0x8e0
[  605.142021][T24583]  netlink_sendmsg+0x813/0xb40
[  605.142060][T24583]  ? __pfx_netlink_sendmsg+0x10/0x10
[  605.142092][T24583]  ? aa_sock_msg_perm+0xf1/0x1b0
[  605.142122][T24583]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  605.142151][T24583]  ____sys_sendmsg+0x972/0x9f0
[  605.142172][T24583]  ? __might_fault+0xaf/0x130
[  605.142205][T24583]  ? __pfx_____sys_sendmsg+0x10/0x10
[  605.142237][T24583]  ? import_iovec+0x73/0xa0
[  605.142266][T24583]  ___sys_sendmsg+0x2a5/0x360
[  605.142286][T24583]  ? __lock_acquire+0x6b5/0x2cf0
[  605.142313][T24583]  ? __pfx____sys_sendmsg+0x10/0x10
[  605.142376][T24583]  ? __fget_files+0x2a/0x420
[  605.142400][T24583]  ? __fget_files+0x3a0/0x420
[  605.142437][T24583]  __x64_sys_sendmsg+0x1bd/0x2a0
[  605.142472][T24583]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  605.142504][T24583]  ? __pfx_ksys_write+0x10/0x10
[  605.142543][T24583]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  605.142567][T24583]  do_syscall_64+0x174/0x580
[  605.142588][T24583]  ? trace_irq_disable+0x3b/0x140
[  605.142615][T24583]  ? clear_bhb_loop+0x40/0x90
[  605.142641][T24583]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  605.142662][T24583] RIP: 0033:0x7f54e1d9ce59
[  605.142682][T24583] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  605.142698][T24583] RSP: 002b:00007f54e2cd7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  605.142722][T24583] RAX: ffffffffffffffda RBX: 00007f54e2016090 RCX: 00007f54e1d9ce59
[  605.142737][T24583] RDX: 0000000020000000 RSI: 0000200000000580 RDI: 0000000000000005
[  605.142751][T24583] RBP: 00007f54e2cd7090 R08: 0000000000000000 R09: 0000000000000000
[  605.142763][T24583] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  605.142776][T24583] R13: 00007f54e2016128 R14: 00007f54e2016090 R15: 00007ffec750e558
[  605.142812][T24583]  </TASK>
[  605.674856][T24594] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  605.699245][T24601] FAULT_INJECTION: forcing a failure.
[  605.699245][T24601] name failslab, interval 1, probability 0, space 0, times 0
[  605.711907][T24601] CPU: 0 UID: 0 PID: 24601 Comm: syz.3.5680 Not tainted syzkaller #0 PREEMPT(full) 
[  605.711936][T24601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  605.711950][T24601] Call Trace:
[  605.711959][T24601]  <TASK>
[  605.711969][T24601]  dump_stack_lvl+0xe8/0x150
[  605.712000][T24601]  should_fail_ex+0x412/0x560
[  605.712031][T24601]  should_failslab+0xa8/0x100
[  605.712052][T24601]  __kmalloc_node_noprof+0xf0/0x7c0
[  605.712079][T24601]  ? crypto_create_tfm_node+0x83/0x3f0
[  605.712110][T24601]  crypto_create_tfm_node+0x83/0x3f0
[  605.712143][T24601]  crypto_alloc_tfm_node+0x172/0x3f0
[  605.712177][T24601]  tipc_crypto_key_init+0x143/0x870
[  605.712219][T24601]  tipc_nl_node_set_key+0x725/0x9d0
[  605.712249][T24601]  ? __pfx_tipc_nl_node_set_key+0x10/0x10
[  605.712280][T24601]  ? genl_family_rcv_msg_attrs_parse+0x20b/0x2f0
[  605.712303][T24601]  ? genl_family_rcv_msg_attrs_parse+0x265/0x2f0
[  605.712333][T24601]  genl_family_rcv_msg_doit+0x22a/0x330
[  605.712357][T24601]  ? __asan_memcpy+0x40/0x70
[  605.712387][T24601]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  605.712422][T24601]  ? __lock_acquire+0x6b5/0x2cf0
[  605.712456][T24601]  genl_rcv_msg+0x61c/0x7a0
[  605.712487][T24601]  ? __pfx_genl_rcv_msg+0x10/0x10
[  605.712508][T24601]  ? __pfx_tipc_nl_node_set_key+0x10/0x10
[  605.712548][T24601]  netlink_rcv_skb+0x232/0x4b0
[  605.712578][T24601]  ? __pfx_genl_rcv_msg+0x10/0x10
[  605.712603][T24601]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  605.712660][T24601]  ? down_read+0x270/0x2e0
[  605.712681][T24601]  ? genl_rcv+0xd/0x40
[  605.712706][T24601]  genl_rcv+0x28/0x40
[  605.712728][T24601]  netlink_unicast+0x75c/0x8e0
[  605.712769][T24601]  netlink_sendmsg+0x813/0xb40
[  605.712811][T24601]  ? __pfx_netlink_sendmsg+0x10/0x10
[  605.712845][T24601]  ? aa_sock_msg_perm+0xf1/0x1b0
[  605.712877][T24601]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  605.712909][T24601]  ____sys_sendmsg+0x972/0x9f0
[  605.712930][T24601]  ? __might_fault+0xaf/0x130
[  605.712965][T24601]  ? __pfx_____sys_sendmsg+0x10/0x10
[  605.712996][T24601]  ? import_iovec+0x73/0xa0
[  605.713027][T24601]  ___sys_sendmsg+0x2a5/0x360
[  605.713047][T24601]  ? __lock_acquire+0x6b5/0x2cf0
[  605.713074][T24601]  ? __pfx____sys_sendmsg+0x10/0x10
[  605.713135][T24601]  ? __fget_files+0x2a/0x420
[  605.713160][T24601]  ? __fget_files+0x3a0/0x420
[  605.713196][T24601]  __x64_sys_sendmsg+0x1bd/0x2a0
[  605.713220][T24601]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  605.713251][T24601]  ? __pfx_ksys_write+0x10/0x10
[  605.713290][T24601]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  605.713312][T24601]  do_syscall_64+0x174/0x580
[  605.713333][T24601]  ? trace_irq_disable+0x3b/0x140
[  605.713361][T24601]  ? clear_bhb_loop+0x40/0x90
[  605.713388][T24601]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  605.713408][T24601] RIP: 0033:0x7f4323b9ce59
[  605.713429][T24601] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  605.713446][T24601] RSP: 002b:00007f432499c028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  605.713470][T24601] RAX: ffffffffffffffda RBX: 00007f4323e15fa0 RCX: 00007f4323b9ce59
[  605.713485][T24601] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000003
[  605.713497][T24601] RBP: 00007f432499c090 R08: 0000000000000000 R09: 0000000000000000
[  605.713509][T24601] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  605.713522][T24601] R13: 00007f4323e16038 R14: 00007f4323e15fa0 R15: 00007fff3a77f968
[  605.713556][T24601]  </TASK>
[  605.731227][T24603] netlink: 'syz.2.5681': attribute type 64 has an invalid length.
[  605.955881][T24602] netlink: 'syz.4.5679': attribute type 1 has an invalid length.
[  605.960942][T24603] netlink: 5 bytes leftover after parsing attributes in process `syz.2.5681'.
[  606.710825][T24648] sctp: [Deprecated]: syz.4.5699 (pid 24648) Use of int in max_burst socket option.
[  606.710825][T24648] Use struct sctp_assoc_value instead
[  606.999977][T24669] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not security
[  607.301114][T24683] netlink: set zone limit has 4 unknown bytes
[  607.978891][T24720] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not security
[  608.049858][T24724] netdevsim netdevsim2: Firmware load for './file0/file0/..' refused, path contains '..' component
[  608.118706][T24727] syzkaller0: entered promiscuous mode
[  608.133366][T24727] syzkaller0: entered allmulticast mode
[  608.490571][T24747] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  608.943631][T24767] __nla_validate_parse: 10 callbacks suppressed
[  608.943655][T24767] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5733'.
[  608.962946][T24764] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not security
[  609.367797][T24787] FAULT_INJECTION: forcing a failure.
[  609.367797][T24787] name failslab, interval 1, probability 0, space 0, times 0
[  609.395860][T24787] CPU: 0 UID: 0 PID: 24787 Comm: syz.4.5738 Not tainted syzkaller #0 PREEMPT(full) 
[  609.395891][T24787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  609.395903][T24787] Call Trace:
[  609.395912][T24787]  <TASK>
[  609.395922][T24787]  dump_stack_lvl+0xe8/0x150
[  609.395952][T24787]  should_fail_ex+0x412/0x560
[  609.395982][T24787]  should_failslab+0xa8/0x100
[  609.396006][T24787]  kmem_cache_alloc_node_noprof+0x8f/0x690
[  609.396035][T24787]  ? __alloc_skb+0x186/0x7d0
[  609.396063][T24787]  ? __alloc_skb+0x1d0/0x7d0
[  609.396088][T24787]  ? __local_bh_enable_ip+0xd0/0x130
[  609.396115][T24787]  __alloc_skb+0x1d0/0x7d0
[  609.396149][T24787]  netlink_sendmsg+0x5d4/0xb40
[  609.396192][T24787]  ? __pfx_netlink_sendmsg+0x10/0x10
[  609.396226][T24787]  ? aa_sock_msg_perm+0xf1/0x1b0
[  609.396259][T24787]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  609.396290][T24787]  ____sys_sendmsg+0x972/0x9f0
[  609.396311][T24787]  ? __might_fault+0xaf/0x130
[  609.396345][T24787]  ? __pfx_____sys_sendmsg+0x10/0x10
[  609.396376][T24787]  ? import_iovec+0x73/0xa0
[  609.396405][T24787]  ___sys_sendmsg+0x2a5/0x360
[  609.396425][T24787]  ? __lock_acquire+0x6b5/0x2cf0
[  609.396453][T24787]  ? __pfx____sys_sendmsg+0x10/0x10
[  609.396511][T24787]  ? __fget_files+0x2a/0x420
[  609.396535][T24787]  ? __fget_files+0x3a0/0x420
[  609.396572][T24787]  __x64_sys_sendmsg+0x1bd/0x2a0
[  609.396597][T24787]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  609.396638][T24787]  ? __pfx_ksys_write+0x10/0x10
[  609.396677][T24787]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  609.396700][T24787]  do_syscall_64+0x174/0x580
[  609.396721][T24787]  ? trace_irq_disable+0x3b/0x140
[  609.396751][T24787]  ? clear_bhb_loop+0x40/0x90
[  609.396777][T24787]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  609.396798][T24787] RIP: 0033:0x7f0ca059ce59
[  609.396819][T24787] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  609.396836][T24787] RSP: 002b:00007f0ca13a4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  609.396859][T24787] RAX: ffffffffffffffda RBX: 00007f0ca0816090 RCX: 00007f0ca059ce59
[  609.396874][T24787] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000003
[  609.396887][T24787] RBP: 00007f0ca13a4090 R08: 0000000000000000 R09: 0000000000000000
[  609.396899][T24787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  609.396911][T24787] R13: 00007f0ca0816128 R14: 00007f0ca0816090 R15: 00007fffc99ba7f8
[  609.396946][T24787]  </TASK>
[  609.836978][T24794] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5740'.
[  609.881825][T24793] netlink: 44 bytes leftover after parsing attributes in process `syz.1.5741'.
[  610.016387][T24803] netlink: 32 bytes leftover after parsing attributes in process `syz.2.5742'.
[  610.245319][T24820] syzkaller0: entered promiscuous mode
[  610.250863][T24820] syzkaller0: entered allmulticast mode
[  610.552314][T24832] netlink: 140 bytes leftover after parsing attributes in process `syz.3.5747'.
[  610.561436][T24832] openvswitch: netlink: Geneve option length err (len 400, max 255).
[  610.842999][T24836] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  611.652715][T24892] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5764'.
[  611.662009][T24891] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5764'.
[  611.909946][T24902] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5768'.
[  612.024392][T24902] bond35 (unregistering): Released all slaves
[  612.057588][T24914] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5771'.
[  612.067965][T24914] IPVS: length: 4096 != 24
[  612.164969][T24916] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5772'.
[  612.245111][T24923] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  612.430925][T24932] Cannot find set identified by id 65534 to match
[  612.719995][T24955] netlink: 'syz.4.5787': attribute type 32 has an invalid length.
[  613.259976][ T5636] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  613.274318][ T5636] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  613.287316][ T5636] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  613.297713][ T5636] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  613.305850][ T5636] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  613.376299][ T5644] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  613.390182][ T5644] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  613.419368][ T5644] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  613.441635][ T5644] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  613.449441][ T5644] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  613.506878][T24976] syzkaller0: entered promiscuous mode
[  613.526105][T24976] syzkaller0: entered allmulticast mode
[  614.013871][T24988] syzkaller0: entered promiscuous mode
[  614.040299][T24988] syzkaller0: entered allmulticast mode
[  614.131131][T25007] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  614.218307][T24967] xfrm0 speed is unknown, defaulting to 1000
[  614.413553][T25014] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not security
[  614.607841][T25017] __nla_validate_parse: 7 callbacks suppressed
[  614.607864][T25017] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5804'.
[  615.729177][ T5644] Bluetooth: hci5: command tx timeout
[  617.432758][T24967] vxcan1 speed is unknown, defaulting to 1000
[  617.432886][T25018] mac80211_hwsim hwsim7 wlan1: Caught tx_queue_len zero misconfig
[  617.495355][T25025] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5804'.
[  617.599562][T25028] netlink: 'syz.2.5805': attribute type 4 has an invalid length.
[  617.627480][T25028] netlink: 240 bytes leftover after parsing attributes in process `syz.2.5805'.
[  617.729588][T25032] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5806'.
[  617.774976][T25032] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5806'.
[  617.897377][ T5644] Bluetooth: hci5: command tx timeout
[  618.158913][T25051] syzkaller0: entered promiscuous mode
[  618.165057][T25051] syzkaller0: entered allmulticast mode
[  618.173938][T25042] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5809'.
[  618.189996][T25050] syzkaller1: entered promiscuous mode
[  618.244284][T25050] syzkaller1: entered allmulticast mode
[  618.256434][T25055] syzkaller0: entered promiscuous mode
[  618.261949][T25055] syzkaller0: entered allmulticast mode
[  618.673841][T25068] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  619.968417][ T5644] Bluetooth: hci5: command tx timeout
[  621.506366][T25074] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5817'.
[  621.560690][T25074] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5817'.
[  621.647656][T25080] netlink: 'syz.3.5819': attribute type 19 has an invalid length.
[  621.656383][T25080] netlink: 220 bytes leftover after parsing attributes in process `syz.3.5819'.
[  621.712361][T24967] bridge0: port 1(bridge_slave_0) entered blocking state
[  621.719643][T24967] bridge0: port 1(bridge_slave_0) entered disabled state
[  621.728394][T24967] bridge_slave_0: entered allmulticast mode
[  621.739750][T24967] bridge_slave_0: entered promiscuous mode
[  621.761098][T24967] bridge0: port 2(bridge_slave_1) entered blocking state
[  621.772243][T25084] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5819'.
[  621.779789][T24967] bridge0: port 2(bridge_slave_1) entered disabled state
[  621.792027][T24967] bridge_slave_1: entered allmulticast mode
[  621.800114][T24967] bridge_slave_1: entered promiscuous mode
[  621.861376][T25080] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5819'.
[  621.876374][T24967] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  621.889692][T24967] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  621.941895][T24967] team0: Port device team_slave_0 added
[  621.951354][T24967] team0: Port device team_slave_1 added
[  622.010679][T24967] batman_adv: batadv0: Adding interface: batadv_slave_0
[  622.017698][T24967] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  622.035053][ T5644] Bluetooth: hci5: command tx timeout
[  622.093899][T24967] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  622.107175][T24967] batman_adv: batadv0: Adding interface: batadv_slave_1
[  622.114171][T24967] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  622.241933][T24967] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  622.295079][T25101] netlink: 'syz.2.5824': attribute type 4 has an invalid length.
[  622.324514][T25098] netlink: 'syz.2.5824': attribute type 4 has an invalid length.
[  622.417979][T24967] hsr_slave_0: entered promiscuous mode
[  622.425017][T24967] hsr_slave_1: entered promiscuous mode
[  622.586310][T25106] syzkaller0: entered promiscuous mode
[  622.591932][T25106] syzkaller0: entered allmulticast mode
[  622.606540][T25110] netlink: 'syz.4.5827': attribute type 2 has an invalid length.
[  622.614390][T25110] netlink: 'syz.4.5827': attribute type 2 has an invalid length.
[  622.647302][T25112] C: Caught tx_queue_len zero misconfig
[  622.729496][T25119] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5830'.
[  624.112304][ T5644] Bluetooth: hci5: command tx timeout
[  624.593831][ T1315] ieee802154 phy0 wpan0: encryption failed: -22
[  625.629817][T25121] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5830'.
[  625.972463][T25146] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5837'.
[  626.016629][T24967] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  626.030133][T24967] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  626.048880][T24967] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0
[  626.106786][T25147] sch_tbf: burst 12 is lower than device bridge23 mtu (1514) !
[  626.145723][T25149] netlink: 208240 bytes leftover after parsing attributes in process `syz.2.5838'.
[  626.604725][T24967] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  626.633739][T24967] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  626.644178][T24967] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0
[  626.972615][T24967] bond0: (slave netdevsim1): Releasing backup interface
[  627.037788][T24967] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  627.048540][T24967] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  627.066097][T24967] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0
[  627.281583][T25208] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5863'.
[  627.309273][T24967] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  627.344488][T24967] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  627.373031][T24967] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0
[  627.439210][T25220] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5865'.
[  627.836490][T24967] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  627.866147][T24967] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  627.891171][T24967] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  627.909228][T24967] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  627.919829][T24967] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  627.964660][T24967] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  627.980374][T24967] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  628.013897][T24967] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  628.254880][T24967] 8021q: adding VLAN 0 to HW filter on device bond0
[  628.280598][T24967] 8021q: adding VLAN 0 to HW filter on device team0
[  628.309462][ T5910] bridge0: port 1(bridge_slave_0) entered blocking state
[  628.316940][ T5910] bridge0: port 1(bridge_slave_0) entered forwarding state
[  628.340419][ T5910] bridge0: port 2(bridge_slave_1) entered blocking state
[  628.347627][ T5910] bridge0: port 2(bridge_slave_1) entered forwarding state
[  628.427401][T25268] syzkaller0: entered promiscuous mode
[  628.438586][T25268] syzkaller0: entered allmulticast mode
[  628.813130][T25286] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5886'.
[  629.244287][T25308] 8021q: adding VLAN 0 to HW filter on device bond27
[  629.257359][T25306] tipc: Started in network mode
[  629.262741][T25306] tipc: Node identity 267ddd014fb6, cluster identity 4711
[  629.270903][T25306] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  629.394461][T25306] syzkaller0: entered promiscuous mode
[  629.400154][T25306] syzkaller0: entered allmulticast mode
[  629.408663][T25306] tipc: Resetting bearer <eth:syzkaller0>
[  629.416917][T25308] netlink: 'syz.4.5894': attribute type 10 has an invalid length.
[  629.474090][T25305] tipc: Resetting bearer <eth:syzkaller0>
[  629.749538][T25328] netlink: 'syz.3.5896': attribute type 10 has an invalid length.
[  632.849427][T25305] tipc: Disabling bearer <eth:syzkaller0>
[  632.859303][T25323] bond33: option mode: unable to set because the bond device has slaves
[  632.898736][ T5732] tipc: Node number set to 1774968065
[  632.945793][T24967] 8021q: adding VLAN 0 to HW filter on device batadv0
[  633.025990][T24967] veth0_vlan: entered promiscuous mode
[  633.060271][T24967] veth1_vlan: entered promiscuous mode
[  633.098861][T25345] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  633.117318][T25348] mac80211_hwsim hwsim3 syzkaller0: left promiscuous mode
[  633.128046][T25348] mac80211_hwsim hwsim3 syzkaller0: left allmulticast mode
[  633.151567][T24967] veth0_macvtap: entered promiscuous mode
[  633.176340][T24967] veth1_macvtap: entered promiscuous mode
[  633.197783][T25351] ------------[ cut here ]------------
[  633.217713][T25345] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  633.228489][T25345] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  633.228767][T25351] hwsim_get_chanwidth(bw) > hwsim_get_chanwidth(confbw)
[  633.238614][T25351] WARNING: drivers/net/wireless/virtual/mac80211_hwsim.c:2235 at mac80211_hwsim_tx+0x1b4b/0x2620, CPU#0: syz.2.5902/25351
[  633.258391][T25351] Modules linked in:
[  633.263105][T25351] CPU: 0 UID: 0 PID: 25351 Comm: syz.2.5902 Not tainted syzkaller #0 PREEMPT(full) 
[  633.272550][T25351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  633.274409][T25345] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  633.282639][T25351] RIP: 0010:mac80211_hwsim_tx+0x1b4b/0x2620
[  633.282679][T25351] Code: c6 05 ce ad 0d 09 01 48 c7 c7 80 4e 79 8c be 5e 08 00 00 48 c7 c2 c0 5d 79 8c e8 20 80 95 fa e9 e2 f9 ff ff e8 66 48 b9 fa 90 <0f> 0b 90 48 81 c4 b0 00 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc
[  633.282699][T25351] RSP: 0018:ffffc9000561f0f8 EFLAGS: 00010283
[  633.282722][T25351] RAX: ffffffff870c6f6a RBX: 0000000000000000 RCX: 0000000000080000
[  633.282738][T25351] RDX: ffffc9000d0ea000 RSI: 0000000000000229 RDI: 000000000000022a
[  633.282754][T25351] RBP: ffff8880771f5df0 R08: ffff88807b800000 R09: 000000000000000e
[  633.282769][T25351] R10: 000000000000000d R11: 0000000000000002 R12: 0000000000000014
[  633.282783][T25351] R13: 00000000000000a0 R14: 000000000000a001 R15: 0000000000000030
[  633.282798][T25351] FS:  00007f7fe38256c0(0000) GS:ffff88812529e000(0000) knlGS:0000000000000000
[  633.282818][T25351] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  633.282832][T25351] CR2: 0000200000002280 CR3: 000000007955c000 CR4: 00000000003526f0
[  633.282854][T25351] Call Trace:
[  633.282864][T25351]  <TASK>
[  633.282898][T25351]  ieee80211_tx_frags+0x3e7/0x8c0
[  633.402883][T24967] batman_adv: batadv0: Interface activated: batadv_slave_0
[  633.405091][T25351]  ? __pfx_ieee80211_tx_frags+0x10/0x10
[  633.425928][T25351]  __ieee80211_tx+0x23f/0x570
[  633.430660][T25351]  ieee80211_tx+0x312/0x4b0
[  633.435223][T25351]  ? __pfx_ieee80211_tx+0x10/0x10
[  633.454327][T25351]  ? ieee80211_xmit+0x315/0x400
[  633.459290][T25351]  ieee80211_monitor_start_xmit+0xb46/0x1250
[  633.465337][T25351]  ? ieee80211_monitor_start_xmit+0x60d/0x1250
[  633.471565][T25351]  ? __pfx_ieee80211_monitor_start_xmit+0x10/0x10
[  633.474753][T24967] batman_adv: batadv0: Interface activated: batadv_slave_1
[  633.478043][T25351]  dev_hard_start_xmit+0x2cd/0x830
[  633.478098][T25351]  __dev_queue_xmit+0x14d9/0x3950
[  633.495453][T25351]  ? __dev_queue_xmit+0x2b6/0x3950
[  633.500635][T25351]  ? _copy_from_iter+0x21b/0x1670
[  633.505711][T25351]  ? __pfx___dev_queue_xmit+0x10/0x10
[  633.511131][T25351]  ? sock_alloc_send_pskb+0x896/0x990
[  633.516687][T25351]  ? __pfx__copy_from_iter+0x10/0x10
[  633.522053][T25351]  ? __pfx_packet_parse_headers+0x10/0x10
[  633.527831][T25351]  ? packet_xmit+0x68/0x320
[  633.532416][T25351]  packet_sendmsg+0x3c81/0x4fb0
[  633.537341][T25351]  ? futex_unqueue+0x211/0x240
[  633.542152][T25351]  ? __futex_wait+0x1fc/0x420
[  633.546885][T25351]  ? __lock_acquire+0x6b5/0x2cf0
[  633.552029][T25351]  ? __pfx_packet_sendmsg+0x10/0x10
[  633.571790][T25351]  ? aa_sk_perm+0x6d5/0x900
[  633.576403][T25351]  ? __pfx_aa_sk_perm+0x10/0x10
[  633.581314][T25351]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  633.587806][T25351]  ? aa_sock_msg_perm+0xf1/0x1b0
[  633.592819][T25351]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  633.598246][T25351]  ? __pfx_packet_sendmsg+0x10/0x10
[  633.603503][T25351]  __sys_sendto+0x672/0x710
[  633.608074][T25351]  ? __pfx___sys_sendto+0x10/0x10
[  633.613166][T25351]  ? do_futex+0x333/0x420
[  633.617635][T25351]  ? rcu_is_watching+0x15/0xb0
[  633.622457][T25351]  __x64_sys_sendto+0xde/0x100
[  633.627291][T25351]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  633.633420][T25351]  do_syscall_64+0x174/0x580
[  633.638060][T25351]  ? trace_irq_disable+0x3b/0x140
[  633.643134][T25351]  ? clear_bhb_loop+0x40/0x90
[  633.647869][T25351]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  633.653800][T25351] RIP: 0033:0x7f7fe299ce59
[  633.658258][T25351] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  633.693826][T25351] RSP: 002b:00007f7fe3825028 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  633.702331][T25351] RAX: ffffffffffffffda RBX: 00007f7fe2c15fa0 RCX: 00007f7fe299ce59
[  633.710444][T25351] RDX: 0000000000000030 RSI: 0000200000000640 RDI: 0000000000000007
[  633.718461][T25351] RBP: 00007f7fe2a32d6f R08: 0000200000000380 R09: 0000000000000014
[  633.726480][T25351] R10: 0000000004000000 R11: 0000000000000246 R12: 0000000000000000
[  633.734492][T25351] R13: 00007f7fe2c16038 R14: 00007f7fe2c15fa0 R15: 00007ffe792555c8
[  633.742641][T25351]  </TASK>
[  633.745704][T25351] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  633.753024][T25351] CPU: 0 UID: 0 PID: 25351 Comm: syz.2.5902 Not tainted syzkaller #0 PREEMPT(full) 
[  633.762433][T25351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  633.772524][T25351] Call Trace:
[  633.775809][T25351]  <TASK>
[  633.778738][T25351]  vpanic+0x56c/0xa60
[  633.782723][T25351]  ? __pfx__printk+0x10/0x10
[  633.787414][T25351]  ? __pfx_vpanic+0x10/0x10
[  633.792797][T25351]  ? is_bpf_text_address+0x292/0x2b0
[  633.798105][T25351]  ? is_bpf_text_address+0x26/0x2b0
[  633.803354][T25351]  panic+0xc5/0xd0
[  633.807103][T25351]  ? __pfx_panic+0x10/0x10
[  633.811538][T25351]  __warn+0x315/0x4c0
[  633.815528][T25351]  ? mac80211_hwsim_tx+0x1b4b/0x2620
[  633.820840][T25351]  ? mac80211_hwsim_tx+0x1b4b/0x2620
[  633.826139][T25351]  __report_bug+0x29a/0x540
[  633.830651][T25351]  ? mac80211_hwsim_tx+0x1b4b/0x2620
[  633.835932][T25351]  ? __pfx___report_bug+0x10/0x10
[  633.840949][T25351]  ? stack_trace_save+0xa9/0x100
[  633.845892][T25351]  ? __pfx_stack_trace_save+0x10/0x10
[  633.851360][T25351]  ? check_path+0x21/0x40
[  633.855689][T25351]  ? check_noncircular+0xda/0x150
[  633.860814][T25351]  ? ieee80211_encrypt_tx_skb+0x2c3/0x370
[  633.866559][T25351]  ? mac80211_hwsim_tx+0x1b4b/0x2620
[  633.871856][T25351]  report_bug+0x16a/0x220
[  633.876217][T25351]  ? mac80211_hwsim_tx+0x1b4b/0x2620
[  633.881520][T25351]  ? mac80211_hwsim_tx+0x1b4d/0x2620
[  633.886807][T25351]  handle_bug+0x9c/0x200
[  633.891063][T25351]  exc_invalid_op+0x1a/0x50
[  633.895566][T25351]  asm_exc_invalid_op+0x1a/0x20
[  633.900415][T25351] RIP: 0010:mac80211_hwsim_tx+0x1b4b/0x2620
[  633.906311][T25351] Code: c6 05 ce ad 0d 09 01 48 c7 c7 80 4e 79 8c be 5e 08 00 00 48 c7 c2 c0 5d 79 8c e8 20 80 95 fa e9 e2 f9 ff ff e8 66 48 b9 fa 90 <0f> 0b 90 48 81 c4 b0 00 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc
[  633.926011][T25351] RSP: 0018:ffffc9000561f0f8 EFLAGS: 00010283
[  633.932354][T25351] RAX: ffffffff870c6f6a RBX: 0000000000000000 RCX: 0000000000080000
[  633.940325][T25351] RDX: ffffc9000d0ea000 RSI: 0000000000000229 RDI: 000000000000022a
[  633.948380][T25351] RBP: ffff8880771f5df0 R08: ffff88807b800000 R09: 000000000000000e
[  633.956356][T25351] R10: 000000000000000d R11: 0000000000000002 R12: 0000000000000014
[  633.964419][T25351] R13: 00000000000000a0 R14: 000000000000a001 R15: 0000000000000030
[  633.972404][T25351]  ? mac80211_hwsim_tx+0x1b4a/0x2620
[  633.977700][T25351]  ? mac80211_hwsim_tx+0x1b4a/0x2620
[  633.982992][T25351]  ieee80211_tx_frags+0x3e7/0x8c0
[  633.988021][T25351]  ? __pfx_ieee80211_tx_frags+0x10/0x10
[  633.993570][T25351]  __ieee80211_tx+0x23f/0x570
[  633.998263][T25351]  ieee80211_tx+0x312/0x4b0
[  634.002773][T25351]  ? __pfx_ieee80211_tx+0x10/0x10
[  634.007812][T25351]  ? ieee80211_xmit+0x315/0x400
[  634.012954][T25351]  ieee80211_monitor_start_xmit+0xb46/0x1250
[  634.018939][T25351]  ? ieee80211_monitor_start_xmit+0x60d/0x1250
[  634.025200][T25351]  ? __pfx_ieee80211_monitor_start_xmit+0x10/0x10
[  634.031628][T25351]  dev_hard_start_xmit+0x2cd/0x830
[  634.036753][T25351]  __dev_queue_xmit+0x14d9/0x3950
[  634.041959][T25351]  ? __dev_queue_xmit+0x2b6/0x3950
[  634.047073][T25351]  ? _copy_from_iter+0x21b/0x1670
[  634.052108][T25351]  ? __pfx___dev_queue_xmit+0x10/0x10
[  634.057497][T25351]  ? sock_alloc_send_pskb+0x896/0x990
[  634.062872][T25351]  ? __pfx__copy_from_iter+0x10/0x10
[  634.068167][T25351]  ? __pfx_packet_parse_headers+0x10/0x10
[  634.073892][T25351]  ? packet_xmit+0x68/0x320
[  634.078447][T25351]  packet_sendmsg+0x3c81/0x4fb0
[  634.083332][T25351]  ? futex_unqueue+0x211/0x240
[  634.088112][T25351]  ? __futex_wait+0x1fc/0x420
[  634.092813][T25351]  ? __lock_acquire+0x6b5/0x2cf0
[  634.097761][T25351]  ? __pfx_packet_sendmsg+0x10/0x10
[  634.102957][T25351]  ? aa_sk_perm+0x6d5/0x900
[  634.107472][T25351]  ? __pfx_aa_sk_perm+0x10/0x10
[  634.112336][T25351]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  634.118803][T25351]  ? aa_sock_msg_perm+0xf1/0x1b0
[  634.123768][T25351]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  634.129061][T25351]  ? __pfx_packet_sendmsg+0x10/0x10
[  634.134349][T25351]  __sys_sendto+0x672/0x710
[  634.138862][T25351]  ? __pfx___sys_sendto+0x10/0x10
[  634.143885][T25351]  ? do_futex+0x333/0x420
[  634.148252][T25351]  ? rcu_is_watching+0x15/0xb0
[  634.153019][T25351]  __x64_sys_sendto+0xde/0x100
[  634.157870][T25351]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  634.163939][T25351]  do_syscall_64+0x174/0x580
[  634.168529][T25351]  ? trace_irq_disable+0x3b/0x140
[  634.173572][T25351]  ? clear_bhb_loop+0x40/0x90
[  634.178248][T25351]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  634.184145][T25351] RIP: 0033:0x7f7fe299ce59
[  634.188649][T25351] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  634.208258][T25351] RSP: 002b:00007f7fe3825028 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  634.216678][T25351] RAX: ffffffffffffffda RBX: 00007f7fe2c15fa0 RCX: 00007f7fe299ce59
[  634.224666][T25351] RDX: 0000000000000030 RSI: 0000200000000640 RDI: 0000000000000007
[  634.232634][T25351] RBP: 00007f7fe2a32d6f R08: 0000200000000380 R09: 0000000000000014
[  634.240620][T25351] R10: 0000000004000000 R11: 0000000000000246 R12: 0000000000000000
[  634.248637][T25351] R13: 00007f7fe2c16038 R14: 00007f7fe2c15fa0 R15: 00007ffe792555c8
[  634.256659][T25351]  </TASK>
[  634.260196][T25351] Kernel Offset: disabled
[  634.264534][T25351] Rebooting in 86400 seconds..