last executing test programs:

3.074452829s ago: executing program 4 (id=9708):
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000280)={0x0, 0x99, 0xb, 0x4, 0x5, 0x1ff, 0xfb9d, 0x9, {0x0, @in={{0x2, 0x4e22, @private=0xa010100}}, 0x81, 0x2, 0x80000001, 0x4b, 0x9}}, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c000280080001400000000014000180090001006cdbf80789f3f947dd000280080003"], 0xe4}}, 0x20050840)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1, 0x0, 0x0, 0xffffffff}, 0x0)

2.887995685s ago: executing program 0 (id=9709):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r0, 0x84, 0x83, &(0x7f00000002c0)="8a00000000000000", 0x8)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000940)={0x3, 0xc, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000000000000000000000000000850000002e000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000080)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000005c0)={r1, 0x0, 0xe, 0x0, &(0x7f00000000c0)="e0b9545dd30a3731677b2d0bfa91", 0x0, 0x27cb, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x4e, &(0x7f0000000040)=0x78, 0x4)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000500)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0xa, [@struct={0x8, 0x1, 0x0, 0xf, 0x0, 0x10005, [{0x2, 0x5, 0xa}]}, @var={0x4, 0x0, 0x0, 0xe, 0x2}]}, {0x0, [0x30, 0x0, 0x0, 0xcf, 0x0, 0x0, 0x0, 0x2e]}}, &(0x7f00000001c0)=""/257, 0x4a, 0x101, 0x6}, 0x28) (async)
r4 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000180)={&(0x7f0000000a00)=ANY=[@ANYBLOB="b0010000", @ANYRES16=r4, @ANYBLOB="000425bd7000ffdbdf25010000000800020002000000f4000c802c000b8008000a00755f000008000900b608342a08000900093ae56a08000a009a7c00000800090076f7593c54000b8008000a00ef3e000008000a0033ab000008000a00795e000008000900dfa4c565080009001cd2fd0d08000900f2457b7308000a00c9e4000008000a0058a600000800090013f9992408000a0024be000034000b8008000a00cb11000008000a00374e00000800090052e62d0808000a000c9400000800090023e51a4508000a00916500003c000b8008000a001f26000008000a0088f50000080009003b7b485508000a007456000008000900f7912a4b08000900dd84815e08000900a68f40711400048005000300010000000500030005000000080002000300000084000c801c000b8008000900a871c37508000900bc82781a0800090028400c5914000b8008000a00824d000008000a00bce4000014000b8008000a0080c7000008000a004e0e00003c000b800800090018f48900080009005ace9c01080009009528d05508000a00ce020000080009005641355708000a004f4200000800090058271c219f44220050de44c7e0ee8690d17c4b9c436c519c8338d01074b87a7f7be021f46956a3"], 0x1b0}, 0x1, 0x0, 0x0, 0x40}, 0x800)
bind$inet6(r3, &(0x7f0000000280)={0xa, 0x4e20, 0x20000003, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0xa}, 0x1c)
sendto$l2tp6(r3, 0x0, 0x0, 0x4000, &(0x7f0000000140)={0xa, 0x0, 0x4, @ipv4={'\x00', '\xff\xff', @local}, 0x9, 0xffffffff}, 0x20) (async, rerun: 32)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000580)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000004c0)={&(0x7f0000000640)={0xb4, 0x2, 0x6, 0x881, 0x0, 0x0, {0xa, 0x0, 0x6}, [@IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x64, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x2}, @IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @loopback}}, @IPSET_ATTR_NETMASK={0x5, 0x14, 0xe}, @IPSET_ATTR_NETMASK={0x5, 0x14, 0x5}, @IPSET_ATTR_PORT_TO={0x6, 0x5, 0x1, 0x0, 0x4e24}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x20}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x5a}, @IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0xdc}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x4}, @IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x57}]}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x2}]}, 0xb4}}, 0x8000) (async, rerun: 32)
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000340)=@newtaction={0x5c, 0x30, 0xffffffffffffffff, 0x0, 0x0, {}, [{0x48, 0x1, [@m_bpf={0x44, 0x1, 0x0, 0x0, {{0x8}, {0x1c, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0x1, 0x0, 0x10000000, 0xffffffff, 0x4}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x5c}}, 0x0)
ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(r1, 0x8008f513, &(0x7f0000000300))

2.78255202s ago: executing program 2 (id=9712):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0100, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'xfrm0\x00', 0x2100})
ioctl$TUNSETDEBUG(r0, 0x400454c9, 0xffffffffffffffff)
ioctl$SIOCGIFHWADDR(r0, 0x8927, &(0x7f0000000040)={'tunl0\x00'})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000a40)={r1, 0x27, 0x14, 0x0, &(0x7f0000000000)="f8ad1dcc02cb29dcc80032008100", 0x0, 0x4000, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)

2.716155529s ago: executing program 4 (id=9713):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
r1 = socket$pppoe(0x18, 0x1, 0x0)
ioctl$PPPIOCGCHAN(r1, 0x80047437, &(0x7f0000000100))
close(0x4)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000140)={<r2=>0x0}, &(0x7f0000000280)=0xc)
syz_open_procfs$namespace(r2, &(0x7f0000000080)='ns/ipc\x00')
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x9, 0x3032, 0xffffffffffffffff, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000600)={&(0x7f00000002c0)="40bd3038c0c4350da3b1d592828ad8ee3362456b1e09b6502ae014145d14463af071e05c8490bb89df4114620ff818778a4f2dac3373997e262ab7b6d8b733c136a6fa33c95c80960b6488f0f83f62e9064e25b5841082be01e28cf932283bf1c13f9ca44b73e78e", &(0x7f00000003c0)=""/230, 0x0, &(0x7f0000000540)="7be797e1debc815140d1588ab9365c42e3d5c37e1f665f403f1c5c7959ced4f343dbefeceeb29657352e2073e0b3f3cfdcb967ca639585286b63ed3f5c59358359b0a06284d86441f72d7131ae1d7e2dc3108913570fd8e3581a2cdedf19119b1979b76588a622edc2ead418c94a0438275ca2e12119d51147173714a094f54bf23eef77dfd4fd92a08f43685069bb", 0x986b, r0, 0x4}, 0x38)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newqdisc={0x5c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x9, 0xfff2}, {0xffff, 0x10}, {0xe, 0xd}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x401}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x920, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}, @TCA_INGRESS_BLOCK={0x8}]}, 0x5c}, 0x1, 0x0, 0x0, 0x90}, 0x4000c00)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
pipe(&(0x7f0000000000)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r8, 0x84, 0x71, 0x0, &(0x7f0000000100))
splice(r5, 0x0, r7, 0x0, 0x6, 0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.sectors\x00', 0x275a, 0x0)
write$cgroup_subtree(r9, &(0x7f0000000280)=ANY=[], 0x10448)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r9, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x1, 0x2, 0x11fe726f7e78fcf0}, 0x28)
close(r6)
write(r4, 0x0, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x100000d, 0x6031, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000007, 0x31, r7, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000080)=ANY=[@ANYRES32, @ANYRES32], 0x20)
clock_gettime(0x0, &(0x7f0000000640))
r10 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_sco_SCO_OPTIONS(r10, 0x11, 0x1, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="70000000020601000000000600000000000000000e0003006269746d61703a697000000005000400000000000900020073797a3000000000280007801800028014000240fc02000000008000000000000000000006000180080001400a01010205000500020000000500010006"], 0x70}}, 0x0)

2.705894697s ago: executing program 0 (id=9714):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=@newqdisc={0x68, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x12, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x3c, 0x2, [@TCA_TBF_PBURST={0x8, 0x7, 0xb86}, @TCA_TBF_PARMS={0x28, 0x1, {{0xa, 0x1, 0xffff, 0x7, 0xcc, 0x3}, {0x0, 0x1, 0x7, 0x8, 0x7f, 0xa}, 0xa6, 0x7, 0x1bb6}}, @TCA_TBF_BURST={0x8, 0x6, 0x7f}]}}]}, 0x68}, 0x1, 0x0, 0x0, 0x4048000}, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r4)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, r6, {0x0, 0xd}, {0xffff, 0xb}, {0xffff, 0x1c}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4890)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r7)
sendmsg$TIPC_CMD_ENABLE_BEARER(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000d0000000000010000000000000003410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x44081}, 0x40000)

2.502348883s ago: executing program 2 (id=9717):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0200000004000000ff07000009"], 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0d000000ff0f0000040000000600000001000000", @ANYRES32=r0], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000840), &(0x7f0000000340)=r0}, 0x20)
close(0x3)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x7fff, r2}, 0x38)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$qrtr(0x2a, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
pipe(&(0x7f0000000000)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
splice(r5, 0x0, r7, 0x0, 0xf3a, 0x0)
close(r6)
write(r4, 0x0, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r8, 0x0)
r9 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r9, 0x0, 0x40, &(0x7f0000000300)=@raw={'raw\x00', 0x9, 0x3, 0x220, 0x0, 0xffffffff, 0xffffffff, 0x120, 0xffffffff, 0x1d0, 0xffffffff, 0xffffffff, 0x1d0, 0xffffffff, 0x3, 0x0, {[{{@ip={@broadcast, @private=0xa010102, 0x0, 0xffffffff, 'ip6_vti0\x00', 'caif0\x00', {}, {}, 0x2, 0x1, 0x4}, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x8, 0x4000, 0x6, 0x2, 'pptp\x00', 'syz1\x00', {0x7fff}}}}, {{@ip={@multicast1, @broadcast, 0xffffffff, 0xffffffff, 'caif0\x00', 'veth0_virt_wifi\x00', {0xff}, {0xff}, 0x32, 0x1, 0x36}, 0x5000000, 0x70, 0xb0}, @common=@unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "fb51f0f52069d37c378114554bc1e3e5a78752f61e0d49d5eddd143e2044"}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x280)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x100000d, 0x6031, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r10 = socket$phonet_pipe(0x23, 0x5, 0x2)
getsockopt$PNPIPE_INITSTATE(r10, 0x113, 0x4, &(0x7f0000000000), &(0x7f0000000040)=0x4)
connect$qrtr(r3, &(0x7f0000000040)={0x2a, 0x1, 0xfffffffe}, 0xc)
r11 = socket$qrtr(0x2a, 0x2, 0x0)
recvmmsg(r3, &(0x7f0000000ac0)=[{{0x0, 0xff2c, 0x0}, 0x1}], 0x40, 0x2, 0x0)
ioctl$sock_inet_SIOCGIFDSTADDR(r3, 0x8917, 0x0)
r12 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000040)={'veth0_to_batadv\x00', <r13=>0x0})
sendto(r12, &(0x7f0000000600)="881607ed3b14b191db1a4a054a", 0xd, 0x4048800, &(0x7f0000000240)=@can={0x1d, r13}, 0x80)
connect$qrtr(r11, &(0x7f0000000040)={0x2a, 0x1, 0x4000}, 0xc)
writev(r11, &(0x7f0000000340)=[{&(0x7f0000000080)="fb", 0x1}], 0x1)

2.019789553s ago: executing program 0 (id=9719):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
socket$inet6(0xa, 0x80004, 0xb659)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="5c0100001000130700000000ffdbdf25e0000001000000000000000000000000ff020000000000000000020000000001000400004e2100020000000021000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="fc0280ffffff00190000000000000001000004d632000000fc020000000000000000000000000000050000000000000000000000000000000000000000000000090000000000000001000000ffffffff0000000000000000010000800000000043050000000000000400000000000000ffffffffffffff7f000100000000000001000000000000000000000000000000000000002cbd7000053500000a000400500000000000000060001200726663343130362867636d2861657329290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000080000000210466d38547aa140db9a200000000c538c7cb7a0c001c00", @ANYRES32], 0x15c}, 0x1, 0x0, 0x0, 0x880}, 0x2014)
accept4$phonet_pipe(0xffffffffffffffff, 0x0, 0x0, 0x800)

1.785032906s ago: executing program 0 (id=9720):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_MON_SET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000011"], 0x20}}, 0x0)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xfffffe84, &(0x7f0000000080)=[{&(0x7f0000000200)="2e0400001c00810ce00f80ecdb4cb9f207c804a00d000000020006fb0a0002000a0ada1b40d805481100c50083b8", 0xfec9}], 0x1, 0x0, 0x0, 0x5865}, 0x0)
ioctl$XFS_IOC_GOINGDOWN(r0, 0x8004587d, &(0x7f0000000440)=0x101)
listen(r2, 0x2)
syz_emit_ethernet(0x4e, &(0x7f0000000080)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "00fcff", 0x18, 0x6, 0x1, @dev={0xfe, 0x80, '\x00', 0x19}, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x4, '\x00\x00'}]}}}}}}}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="01000000010000004000000040"], 0x50)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000001c6a000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000002740)={{0x14}, [@NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @masq={{0x9}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_MASQ_FLAGS={0x8, 0x1, 0x1, 0x0, 0x8}]}}}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0x74}}, 0x40000d4)
bpf$MAP_LOOKUP_ELEM(0x15, &(0x7f0000000b80)={r5, 0x0, 0x0}, 0x20)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nfc(&(0x7f00000024c0), r7)
sendmsg$NFC_CMD_DEACTIVATE_TARGET(r7, &(0x7f0000002680)={0x0, 0x0, &(0x7f0000002640)={&(0x7f0000000080)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010028bd7000fedbdf251e00000008000400ffffffff08000100", @ANYBLOB="1c"], 0x34}, 0x1, 0x0, 0x0, 0xcacbc4add21c9368}, 0x4040000)
r9 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff)
r10 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_timeval(r10, 0x1, 0x15, &(0x7f0000000000)={0x77359400}, 0x10)
r11 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000400), r7)
sendmsg$NLBL_CIPSOV4_C_REMOVE(r7, &(0x7f0000000240)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000040)={&(0x7f0000000500)={0x1e4, r11, 0x100, 0x70bd2d, 0x25dfdbfb, {}, [@NLBL_CIPSOV4_A_MLSCATLST={0x1a4, 0xc, 0x0, 0x1, [{0x4c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x7a8f5a9c}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x42f3}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xf17c}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x203936f0}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6690660d}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x5e0faba5}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x46f}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4761423c}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6b831266}]}, {0x24, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x64f9}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x3e188782}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x55f7ace9}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x9f0f0a8}]}, {0x54, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x7031}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xd8d0}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x20aefc57}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x5a7a9dad}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x102fbd3b}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x529a}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x34f2dc7f}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6767432a}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x2a44}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x18fc072a}]}, {0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x37aa557}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x637d}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x2139d968}]}, {0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xe8b0}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xa696}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x4378}]}, {0x1c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x391e83b2}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x175a}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x67e65edd}]}, {0x44, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xa064}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x7a96e3c2}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x2dc2}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x3f41bd2e}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x4dfe}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x7bc9}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4b8a1d1e}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6e832231}]}, {0x34, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x263b}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x21535523}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xdab2}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4d1313ce}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xdb61}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x3e9a48e9}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x4c34}]}]}, @NLBL_CIPSOV4_A_TAGLST={0x2c, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x7}, {0x5, 0x3, 0x6}, {0x4, 0x3, 0x7}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x7}]}]}, 0x1e4}, 0x1, 0x0, 0x0, 0x4084888}, 0x20040044)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x50, 0x50, 0x4, [@var={0x2, 0x0, 0x0, 0xe, 0x4, 0x1}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x8}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x1, 0x2, 0x8001}}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x2, 0x2, 0xb}}]}, {0x0, [0x61, 0x61]}}, 0x0, 0x6c}, 0x28)
sendmsg$DEVLINK_CMD_RATE_SET(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x34, r9, 0x1, 0x70bd25, 0x25dfdbff, {}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000801}, 0x40)

1.708165418s ago: executing program 3 (id=9721):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000bc0)=@raw={'raw\x00', 0x3c1, 0x3, 0x308, 0x0, 0x4c, 0x1a, 0x0, 0x73, 0x238, 0x258, 0x258, 0x238, 0x258, 0x3, 0x0, {[{{@ipv6={@private0, @local, [], [], 'dvmrp1\x00', 'macvlan1\x00', {}, {}, 0x73}, 0x0, 0x118, 0x160, 0x0, {}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x3, 0x0, 0x7}}, @common=@unspec=@connlimit={{0x40}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x1, 0x0, 0x0, 0x0, 'syz0\x00'}}}, {{@uncond, 0x0, 0xa8, 0xd8}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{}, {0x0, 0x20}}}}], {{'\x00', 0x0, 0xa8, 0xd0, 0x0, {0x0, 0x5400}}, {0x28}}}}, 0x368)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'netdevsim0\x00', <r2=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x6, 0x9, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000c6000100250000008510000001000000950000000000000018400000020000000000000000000000950000000000000095"], &(0x7f0000000100)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', r2, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x807}, 0x94)

1.641790363s ago: executing program 1 (id=9723):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x44, 0x6, 0x3a8, 0x268, 0x268, 0x268, 0x1d0, 0x268, 0x310, 0x310, 0x310, 0x310, 0x310, 0x6, 0x0, {[{{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x1d0}}, {{@uncond, 0x0, 0x70, 0xa0, 0x40000}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @multicast2}}}, {{@ip={@multicast2, @dev={0xac, 0x14, 0x14, 0x24}, 0xffffffff, 0xff, 'veth0_to_bond\x00', 'team_slave_1\x00', {0xff}, {0xff}, 0x88, 0x1, 0x19}, 0x0, 0x70, 0x98}, @ECN={0x28, 'ECN\x00', 0x0, {0x20, 0x0, 0x2}}}, {{@ip={@rand_addr, @local, 0x0, 0x0, 'syzkaller0\x00', 'macvlan0\x00', {0xff}, {}, 0x33, 0x3, 0x1b}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00', {}, {0xff}, 0x33, 0x0, 0x15}, 0x0, 0x70, 0xa8}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0x2, 0x3}, {0xffffffffffffffff, 0x5, 0x1}, {0x0, 0x1, 0x3}, 0x1, 0x3}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x408)

1.503866141s ago: executing program 2 (id=9724):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x4c, 0x4c, 0x7, [@datasec={0x2, 0x1, 0x0, 0xf, 0x3, [{0x2, 0xfffff, 0x3}], "44942d"}, @datasec={0x0, 0x3, 0x0, 0xf, 0x1, [{0x2, 0xff, 0x9}, {0x2, 0x9944, 0x80}, {0x5, 0xfffffffc, 0xd}], "84"}]}, {0x0, [0x2e, 0x2e, 0x2e, 0x5f, 0x61]}}, &(0x7f00000014c0)=""/2, 0x6b, 0x2, 0x1}, 0x28)

1.461059767s ago: executing program 1 (id=9725):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$kcm(0xa, 0x2, 0x73)
sendmsg$inet(r1, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @empty=0xf5ff}, 0x1b, &(0x7f0000001080)=[{&(0x7f0000000040)="a72d11a15c048c0a7d63aebc5cea1f81510ff6091475aeec600831aa9d3944e60bc2ad06a619c560aa0118b28f68f1eb14549d633b4b23f179fb680716faa43414787559be90843c35ab30acad8a6740140e00721abc2eb362f7bde53b3c992d3e28ccc20ec84fdc569947047f6c09a647ee8c0a747b951e66c068ccf1af93ee9e6f9528ff79e2f989383b05a690a6bec4634b867c9446c1c644b3010e8a3514c6328323b4bbdd602b8f0dace6aea70902c4ddd2a2f2810f1348b0d0df3c1e6a5938fcfdc87e7580c6be0c6a06eca62d6f787dd16add086a21391c4c707d8b61929d1252681b84c245e0efafe2e6e73ad86a3cf59235ab0eacbb414af92ec3cdac420a064a98e8cc18bdf63f8997f96436e0fe6f06fdbf47fff353b01a861babd4a38d126bfe3e29049e6cc883e6efae6e70ef9ed124b1b09887a58c991e223b6420dca5ae238027e91b17b1707dc5c0d5f59f0ca95614f1ea1d263c1ee54dfe31ae35eb3c8e3b931dff7920c57fbba89adf2e392c1ad719b90c7ade0d38ff9792934ef1fb12f51d8e2fad12486d5883d5b1a46696fad128c6805cfb25bc6487e1e407d6b266971b09d0d864a7a550284e24b6cdc9f4ae1081a638175dffef002c76ac5558d23e41edbe68f4b4950a13aa000326dae5a857603dc5a40d6c6618a98c7b6e1eebd325ea2c14601a25658965f40864fd015d9b2fff83ee5ed3212ebd9fa429f0140f633556ac07c0c08e67a1848c9942ecc47dd4ffede9a429e9e0472be7cdbcd117e621ddf745c00a814ffff0224634472577dc0b35a9c153409f1a2bddc193b20b4d244d9cbbd59816c46000c596865f58b4e640ed4a9ab6086cede697fb113560925498da83273e679e0e28b84961eb7b9c9b4fa916590965c76b48e5d453f27a821bd2bf0946ff2413ec30f7893d1f046e18f736c40ceda26dfc4a0a62f71a3606d3f72c0a858dfd7895e2572292e11af913c6b513a141d28e501ae7c49618d104aac9abb78466a636efb88120d0eef0a501558a5aa34784a9823f2802a0bcdf318f9b436b34b42a2a7cf513f80364ad9a699d2e23eb4f3a2bbce818bd20da61882b3dac699d05dc24f29b72471b712423ace6278c43df2be7a09e815517b86d8b3ce16af3d64a575958c5fd52aac53b391f3d2a67c24c6c13ec11428b61b80a6a58cbba1790a98d190a572070f63fc0b809669895ea9865c3066b06102f6f2c7171dc7f76e1931b3e4deb569ef9d07d5f86a848f50942e93c419c3a23489f14803b08182dfd48b8d4375be6b7f805a21209c05e5927693a8834c8d5a5acbd47ed8a30a8a741d1ad77639b56b3b90c0b2023fa334befd28b2e27cbcd94b0ce7437f88ce67a925cea6d6d7e5313de6d328b1124a8b9ef83fe39ca3da97d33c60b7fd4af67d3c8fccb595a27a5bffc71e5a5b2ec966828993b0c0f83cbc55f9a7fb66a4101d5c83b77885072b6e2b2ceebe32f635509698c05089b9ff1cb1959b211e114dadb224ef2d5e7a3c55b3ac00fcdc9018577603c6301e5d4341b3d7eeb2665349d448d28d5d108f576408cbe533a6adbba18ebb2d84bb9af81108506a2f50fb56d595579000747930449fdf4ed01715ec624a0cb73636a35b9136f10b79e3d7ded09008b92e92c64e26e6b6d17f18b70b1d9813de8d2ff151c7a6a0452c660a57c33f13e2d9b88fa5f5c0505722d2e787a425e4a3e9b5efa9668e9199f5fb9fe7d5b8a57719a57df152e7f2c6a1087a2a24084f82455b65353a70559f04d5ed12defb81497ea69c1c7e69c373524770b7473c16a69c7a3648a9dd93377b89cdff61cf62512d1ee67a55ea67993937c1f55a2179bc9c8a337364cfb84d295adda1ad9700fc2f5c11cbfc1b90affb4666c6e7e23a6f7751410a5651819f29f690c6dba2b8a67e0f7f8cc377feb1854c393578994c85391ba21b3961aed477f771645571dc7d6cae72bf79c82a92a4edc3742b1398060a0a5c9e81c016b7f2ae3db529c6ff824cc28678764d8ab49d7dc68e5b0556c9e7ffb6fef442776d86fbd458741830e57f22a1f8513b92abd5b2df93a67cc560134078f0b8ecc3276e40aadef5cd579888b86b4988f396679250701f3869e7493b33692035ecd94aca5189fd0a0893ccc5bb19c0b4caca86cf90ebc2a5558f39cccb33f6773a4e425bf551fb3b6456ee1cc62fa1843a9e5539bb2d02ae6ef82533a9dbcfb562c1ab18c1f639ae7ff02083746f74a15ba2d10e4b955940a5d6f488d326a99f287c48ad463ce40367aeeff519cbad0a2d7fdbfa48bff75955467977764c2be2bd2ffa18396c46920c40c50a4037003666406d177e2cd20aee423d07169d8f611f635ba0b62b61265ff2c5548446a2423dd1038482b6852b2d9d2f90aa05d82c5e2c3d1af0c7aad72d82b3da67471af7b037bb0424a785e73f35b5a10a2ab300a195c20cd119a5390e0cd5d49c70bd80883b933e843d0d2902749dcf3c140c708a0f004b7a2f50bf311305dc01719016fcce5863815ca7951de710fcb71cd177551ff6fcd9f8bf01b93868f24c6129b6d7917125338cf62110083093fc7f862015d48450d992f2bb43e601cab19b2ea7b83962a382fc2a31fdf2358bf8a9a9e506eaa7b6eb5e7444d1ef459b24ffa51362abce902dfd84201a0e4b5a3b62757aad54fb65b83821c6bba663886de092065a565921ea3eb6781bb8ed4f4db3abcfeeb379b7e52fca790bea719918e299ab01bf5e92177d134360bf7a16a59e9d03d3dcfb0a25599237e3d41b3f0026c9402b1fb1894426303413a2cbcf7c72807ca694afa285990d07c3bca26413c9947b3b344aafc04544b8c11416e0312b028da7302e316c3966d41884b15055a49a4a0b3eac8e11f88a5615fb0af582f065d28e5a454447e9d0cfc60356439ebf7e1d0a00f5b9cc6daf2bd7195ba96b4d1a0679ff0fb1c01282c378a880f90f460889b67d76d4d0e8db6c928d113533d1d10b810303c43d8ff622c5bab7f095b96e64bf9daa48a2bdf3d9d40bac00cf1b66df61a4f7c3e21938e876f81b1179dce6a008f28eb682cae690ced0ea0d542da604d8056f2b1813ed36683c4c51aeb2650772cfb1c55d4e60604ff06344cfc271b2175a6c94defb807af240b483e24298ca73bfc743ca2ca2e77e6d5b817b3c1986601537faf59ac84c74d8bd0c068cb8e6bd03ac2dcf5793fb4a00b3c901a33aa3ee86e4f0db317b94bb8678ab26e36d305ebac4b0f7f164947148255b562dd0f87648499d45bccfb7d8c9d5624cadf8160a396e79fbcdc100058ba4606e41c02fb2cc0dc6c36196bd28acfde82a18cda2321d2d83fecd3b85380667cd1d0bc68298c6c8f10421a80c8fa86912b6c3e8ddd9d9668520d5151409e6b77f0d7730b374a68a744151bfbd123cfdf871e8c24e70d2ca3b50e84a48e0b78c1781000cfc848d43584985763a76c0ab9ba882c55e3e4aa8f2174255db38adb8350b48a77be22a869d13d183325f859b883464e5e46de5ea8a92532b9a794daaeff657cd361f7f158f8bebe36e9de1f5b9721d4263dcc9472229bc02d3f552180abfb25ca7aa36cb914d99c09fd5bb99dcab9b4e3c634d18fc7dfe84dc4425ad1e39c3e7410d49b4ea0a8a2958688c7725822f6dfc0827d19dc385e0e35a949941e4dd1aaeaab9ebe402f8c584bca7efc829f2ccfb63fd7bde1c182a67c14f9d3f033ca674e2604e89cd55a15419f956cd61a755c1b13554dae98e77be078aadfc131c9677381f1dbe6ef194eb17603a463e8b844ab46a6046e1f07d96d66de669359bff4c3d80948a4de3abb2f171a09b5d8999c379fb62244114e218c79805df7d899e5661320ee6721d652b95f09e4dfe69bd67099c73294b17ab574e0b966aa3ab44478965b9dca3cb3b9282945f24ccdd07c638ae25a84a728ca24f87ff49d718121a694be46f3616e27b1041b3c6cd24b9cf775bfc28dfbe0a009048f0599f2d5d6586cfd1e7f7fe69872d08b98f60d28e6af0d49d7f06ad71a7b5c41df261aba5de114022c7288bc265cc17909fdeadc3d7b256d7ab3b96e40f857060f16b54a6bb7248ee571f87ace5ee39eab412706cf52fa711468b21ea129c3f44bceb429fcc1a0ac2aa87b9365077dcfcfa9a1b32a0a09699197c20019a66cbd0a897feab3706c23123b888ada643d4560082033e31596b0483578968e3c9593ebd97141c228a42fc7645f92171c120aabca36657683fd7c72fcb87217f124d6fabc52f1d221d8410b47b0ad4bd944bf4085365e9b52a53911ab4ee142c5a1ebbe034c9d98c538c066f2dc0acf372eb2397dcac765055123e0ba19be22b18c886bf0f7490abe9fde91ffa62e059962bd134be8501cb5b715a744b1398e2c4c7e8afe72e189dda0654296afa1c1f99ab7d800fa40f72a758625c833b6fc7b7d42250522b456e1e7de815350c36c9cb2f4d1c9cb99109f89b456c559463f11b8b58247809b17a4ed4912bd0a47a529f1364d6dc593ea7f3eb98962078ac90e5012ee1c7b4b9ed5a8c7a9c0231b4ce425693faab64fa0f3482a04d4be2e06ee5d103694d288810a1a7f4d1e908dd82dd2016a064ece5cd67ef1dd5f4cda728fc6f1ccdd949dd8f775d862621507248ef4c83ae274969d19c7ddb02a4e8a1ab2b7aa539a442b22735ceedeefe60a1059dfaaa0979ce8d5387b5a047841fd9749b88ca91216b02d7926408a01916b7781bb7167528ccdb9a486d173437a5ba3e552c8674dff2cc9b21054e0e4f86b61b8723fca58ceef4413bffae9e9be79c5b9788f5449811ce78be9bc7a86375a670197baaef751beabcba0aa6c7c33f1cd702cb78ec39fa1f17d9da733d6abf2b80f9c51ac8f6f664b24edc53a7c9525c3016bd05c67272375fe816b2b121f2de68b885a0fd8f8b8c6c342237b632f6414a3eb3480f5f42106c5812e9bfd4e8c8dea8d08525d9aa1da7c7c2ee7ff3d31b79b211dd01e304a8ffc83a89a59f3b1e2ef5e969b6d90bea7e161066f25622fad914bff52bacd2807093dda1838b529ee57f718b374ce2841b924a42457867547a6edcb8412d85f11796742bf640b5819a9546357df778c332af5983c4373a95d9c58b52dba445eee92e6911824f0c534e7a5934d9eac9b7f6fec22002fc53a3003a3304217f567b47cd326edc5f48eb1f46bb20d1e10e72239afc9769344590cf48902aba5405b7d4baa31a912ab398a2f2d3f037614bb56a89244ece50f3a1e058d274f1e70f944eb8a305be91e561e5eb843d057a81f4deb84a6335ec81ca964cdae5f318d4e9aaea2c477cc279c00c698bcfe4b8e04c09079d8f3f5438d9d45a00f50d2f9b245c8c68eebf247e25ba8d26f8b95b21ac9ceb50c0aa2e4bdc032024db216b92f9350a90ac79341af14d3fa8ba908096e1b503341aed667bb184c672dac85fc4f335b3871c3b4e55ea219a857d2d2e135358f6b45a20b3e7de8e09b2041eb7c5084a80258fb524a983752659298a251e178b56f96bc67ae0a78ec92f92d92c9cf0edb5dcb11e739d69410ad44c8df00caa030d7d89f2ec38bd7698115c423cf3e6048793aca08ffbcdac766f1553773fa00031c1d75246e4e1eddf8948d02a3de6d67fd7329e45070f29044587f1e0db50d04e673191a63e30f96ee0d8d52738fab36a7fe2c6ab9301d401e7ca5b1f039193a580e40abbdf40c2d7e27809dec80815d37adae9fe7fb9d3a974c9fc03944d7338d000b81170be4c6792ed6b3b827194b3ae11e2acfca48498d1126aacf80f3d574256ef7f75552ff087a819e", 0x1000}, {&(0x7f00000011c0)="9d7fcf3efc6316a6a555ba8b4726d7ccaf8a060000009cfac4377876021d7131b838059f96bd206d4776368ed2a92432e5af71ad21b965f615b31105d60a4b16fa2fa1371850a1be85ffcad45b49422b2121d709014f49cf6bd1d18acc4c19e4356669a2ac3e05d5cdc6f0f485c1eb52ea8faf7e83a1468b6a491e71ae3d03cd9677e72413954feae71b5775a6e3e9fa9db9e1ed56e56bff66a7a86214d8145d878e26fa35bd55db98ecdef374d26a5d9cd0e89f3ae45be2d8e1d98ee0865fb64d6dd1e8c89608733370f12be1495d81b36dd72cc28e9c9b2c45f925b38b21818d93ce604772c21824e45793c4073eb44773f8e42c9ebb297dd5e76e856a22253c0e8a80f33b4d015c3f9c0c26bcdd6b440322a23b10d507eecead59faa166bdac1bd840211336dc0c", 0x33}], 0x2, &(0x7f00000010c0)=[@ip_tos_int={{0x14, 0x29, 0x3e}}, @ip_tos_u8={{0x38, 0x29, 0x2}}, @ip_tos_u8={{0x100000000000000}}], 0x50}, 0xff00)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a32000000002c0003800800014000000000180003801400010076657468315f00005f626f6e64000000080002400000000064000000160a0101000b000000000000010000000900020073797a32000000000900010073797a3000000000300003802c2100801400010067656e657665300000000000000000001400010076657468315f746f5f626f6e640000000800074000000003"], 0x104}}, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000080)={@mcast2, 0x300, 0x1, 0x2, 0x2, 0x6, 0xc}, 0x20)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000000)=@nat={'nat\x00', 0x670, 0x5, 0x368, 0x0, 0xb0, 0xffffffff, 0x158, 0x158, 0x2d0, 0x2d0, 0xffffffff, 0x2d0, 0x2d0, 0x5, 0x0, {[{{@ip={@rand_addr=0x64010100, @local, 0xff0000ff, 0xffffff00, 'veth1_to_bridge\x00', 'veth0_macvtap\x00', {}, {0xff}, 0x16, 0x2}, 0x0, 0x70, 0xb0, 0x48}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x2, 0x24, "d7df2f5dfb96e3780ecf6fce52b1130f3a6eaa11a8adb9163040c9b77018"}}}, {{@ip={@multicast1, @multicast2, 0xff, 0xff, 'wlan1\x00', 'erspan0\x00', {}, {0xff}, 0x5c, 0x2, 0x53}, 0x0, 0x70, 0xa8}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1, {0x2, @dev={0xac, 0x14, 0x14, 0x38}, @loopback, @gre_key=0x2, @gre_key=0x2}}}}, {{@ip={@multicast2, @broadcast, 0xff, 0x0, 'virt_wifi0\x00', 'veth1_to_bridge\x00', {}, {}, 0x0, 0x0, 0x4e}, 0x0, 0x70, 0xa8}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x4, @remote, @dev={0xac, 0x14, 0x14, 0x31}, @gre_key=0x7, @port=0x4e23}}}}, {{@ip={@loopback, @private=0xa010100, 0xff, 0x0, 'batadv_slave_1\x00', 'ip_vti0\x00', {0xff}, {0xff}, 0x6, 0x1, 0x5}, 0x0, 0x98, 0xd0, 0x0, {}, [@common=@inet=@set1={{0x28}, {{0xffffffffffffffff, 0xb, 0x2}}}]}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x10, @local, @dev={0xac, 0x14, 0x14, 0x2a}, @port=0x4e22, @gre_key=0x5}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3c8)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001300)=ANY=[@ANYRES16=r2, @ANYRESOCT=r3, @ANYBLOB="000000000000000010010c8013000c800ca3488008000000000000000800038064001d80050006000000000014000500714abbd2547de97cbbf6efb226f19bf90d0002003a"], 0x270}, 0x1, 0x0, 0x0, 0x20048014}, 0x4004040)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="600000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000400012800e00010069703665727370616e0000002c0002801400050000000000000000000000000000000002050016000200000004001200050017"], 0x60}}, 0x0)
r7 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000400), 0x200, 0x0)
pselect6(0x2000, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x300}, 0x0, &(0x7f0000000100)={0x8}, 0x0, 0x0)
sendmsg$SMC_PNETID_DEL(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x14, r5, 0xe27, 0x70bd28, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x4000)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
socket$inet_udp(0x2, 0x2, 0x0)
r8 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r8, 0x0, 0x27, &(0x7f0000000100)={@broadcast, @loopback}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x10, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x94)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPCTNL_MSG_CT_GET(r4, 0x0, 0xc000c34)
r10 = syz_genetlink_get_family_id$fou(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$FOU_CMD_GET(r9, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000003c0)={0x24, r10, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@FOU_ATTR_AF={0x5, 0x2, 0xa}, @FOU_ATTR_PORT={0x6, 0x1, 0x4e23}]}, 0x24}}, 0x800)
r11 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r11, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
sendmsg$nl_route(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="340000001000010800000000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="004004006400000008001b00000000000c002b8008000100", @ANYRES32=r11, @ANYBLOB="16f561f439a87ea08d3dec87272dc417476775b256727026f305bddc1e45fd6868dbc3b8a895a47a7c32a49f28728f2255144dc52954bdd1b695e19fb659b7c02d8dbd4334ea857fe5b26a1d44c97ebbac346ec0902583f49aeca44e3561ea03fff7a80cc89f33132ba52c78abd11220078b77cc68e0c6cbb12ee28cdb49"], 0x34}, 0x1, 0x0, 0x0, 0x5}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb010018000000000000003400000034000000060000000400000000000007000000000000000000000001050000018000000000000000010000851000000000000000020000000000000000000100da"], 0x0, 0x52, 0x0, 0x0, 0x1000}, 0x28)

1.374088899s ago: executing program 4 (id=9726):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
sendmmsg$inet(r0, &(0x7f0000004500)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000002540)=[{&(0x7f0000001540)="926d5fa8c7d0d4481b15bf9589778ecede3e6c975e8368a2d93e32643469a426556649da05f341cefdf5494b07235e23cbe9b5eabbe5549d9abf0b35bb64eb91973d086d83b2c1cb934ec76b95946ed235741c4d76393a10c7425736591326276e23529129a44e5374f1e8f6d27c690e467bedbe4acf2a9ad9d3083deffd1543507b196d719f31a1b1b8811d73c0f9b9a67a3c1e29195e17d66a1c5d1be160f3693d62a661eda5838f6f48d9fb8a134e110bcc8cbb3d119f7e02b138d429eeaa56749f034a44ff27049120f16b6caf0f3b7da958fc380f9a55c308d4edee7cb590ad7ddbf321d1234e30e9aa8b791aaf1baa199f3caded3213098c62c5c748bca5dbddf33a988e587eba99e31ae58ebed5d74f8dbf6fe6f0267e81aabc30bbb7db46d082bac2a2b8452e16ec5c188986aa265095a3184e17fd555a32e9f4380e67220f770da9495fe9cec22a2aa257dca76b7903da720f6029dbdbd4f8b8386668ec28b34464ee76ca60018ac74463d4ba39e988e9f129d31dc5fd8f5591856cb66136d6c25696e59806b0567d979005c452931f350b6c66be2d2825a5e743d55c9e9681da2840c190f10768ee939673c97121d94f9bc55dd89a35372d4f086217d46b90b308a5cee5ac7b0f702c8b2f4849dbfefbc5ab4caaf53b2b9227b1c831decc55c9f4c581c6e90165373afff1b27a13a0a2809b9a783037359907c8cbce2f4848b2c9842f367cf2e48516bfa2b63e7f20f211a9486d48e3d69fa98b16d518083e008d8d85475bb4d4523de0bd65f64af4fe7b82f90195e8c89c9d13e1c99bb993486b8613f44a3359d7ff1e9982dd5ca4e411161b2c142057fa97b5e94a071341d4afba2a76e870654c878717a5d5838637ad07c8b5fcc435f46b6ab93b0314ef7c2ac026c8661105b2b3b451556c4cf2bc17f431a4a33b6bbb69292843ccc017d1f7d600b58699bdb914ba784979eb0dba15380703e828617b14ba04961c034b7e9def394fc09108b3975d4edd0493b55fdea27ea1ede96b0c8670dbab62b74d9d2c675c042b13aeec8ce158426efdf56f280c9cece3461d47982e692f1421748d48032a09c10a33c0ac55d9d69abb0486c3690231e8b5c60d73c016175642ca65f138add98e394e434fb8c6937f7004771027e349502fa1c3cef2706ae3d23d16d09fd129eb407342b64c2f8be23af641359d991d81acf82120bbc4745fd1963c736994d6c6f83b3c89558bc19994d2b0ba9fe0a9f7922c95073f625e75573d48d9654cf7cbe9214e7df215df8c98b807ca42bd7c2299fbfaeac21b7364e3599b0576ddff67ce660e1246d193bdd09b89e15800db915a9275f27b2264722d3072a98b03680472efa5dfe8743e80a4ec3ca7710cff4c50e699390314b014db560bf6c33a84524467039d8c342e3e81ed580a93258a2d51b8962f613ef6d9f0d71eafe99c8ef34b34b0dd0bf8db50ed701053a5dcc53ff83783c80e6dae422b6f0d2b924fafadf726f398a30860f3543d8f113ee2a214bacc76f417e9a55fd53af93d91eecc4bb567dcc3bfa4eb7e8374bdb16b18026121d97b0a821a5ed42bedbfc565d4160f65320ee0c27203f480c4a7e5bbd7dcba9c97e4c89f2ba3cad795603e40e73c5dcce56a76c4a459a86a56b8cbd267e1df9486be615ebbb09920e1238dde3607af7c71fa188445f9d009c86ab121a3f120bfc8fdc3fc90d8a6fea44a430bcee84cf6a619fc0920f7e7f964dd797141ff2c3a665b10982478526f2017fdcd39731052029a4d8b5980fc06976d002768debfbe00d02cc5d001ee5653e42f0a49ab23eb0acc50a8abb8e2e7abec57b7ed84b654c7486be2a214de9b6b0eff8df49c5648accfe017ec7141f78a4db0a9343c981804ad64744e6a1740f26af76d430eb5c2a658584d5a58a355446305d97ed11268fcff0b2cefb90cf311bcc1dc74d90c95e185d0e359b51ad9b1b028c896bdccd673a5cef7dac845bee6b5e09294651508dfe69d8f32aa14ce4fa5872189376cff90b35ce72f872be68027589dfc522252d63c0a91ea9eeb8f6116c127fbb7b4a79d91b5ddf8a4cb67453bd446f869ea5cfc52524ebd296d78af5ee924b5c57b798cae585f67954f25423d43c5680de94d88e44d2578b0110a77eb5aba495b0d0b4ced5d69ffbe6456a29de4dd27d0ac25cc1216fd588dd189e0343c2fe6da06b560fc48720d1de5135954785a1ff2f6a6faa631e02023b9cbd812800c8c41ed3de1e5d2f5c7004d98038111eb2e8681ff1ba13998a28deb0498fcfe1df7705f6e58d6b9964334487b73f44ca268721d4718da0b03073fa67d0364629da1b4d14418aa943d919be08ae6dd42777744b5f2c90b49d757cd1d834ef7f3c335a91fe17fd4fe873591804ec88c3776edd5edd3db537301d2ad0ba0a43292709f5e73fbcde0bf25f0bec9d84e277c963d0b1de6b57e5428e1ed258f0f2bf6ac22b2058141c4f17df1870102d8ed9fd160129160e30273fdb810ffa6de0d10aaa748a16f0cea4309d611d0f22e04ca90c2f8d87e056572a262cfc72cc154bf87cf488f75228f0ea6d6ff8b75d3243f0b1832d1accf5d06686af41649f0d3c6ba5a4c2c5d010a3f55587392dae3d5e0b9809c94efd72f702c76c407e40603a879c9ed4481d048670a9a90e43fe9c80748c81a5b693ba97e654e261cf468caab39261fc6e48f84bcad18e6db128b03f1573af8fc7d14f9c180afd3926bd7968776b4105db9a02d7f98416f0d10ee456436d1eb6bc63ad82158dfd8e6c5b1ce66b548003dead3e68062badea01c5d660e0749abf455809ec318db0a987b8877ef135309e1908c84752ef126ac0b44efbd8b1238bbe567de542328065651a760", 0x7f5}], 0x1, &(0x7f0000002580)}}, {{&(0x7f0000002fc0)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1a}}, 0x10, 0x0}}, {{0x0, 0x0, &(0x7f0000000000)=[{0x0}], 0x1, &(0x7f0000004400)}}], 0x4, 0x24008080)

1.319973976s ago: executing program 2 (id=9727):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r1 = socket$packet(0x11, 0x2, 0x300)
socket$unix(0x1, 0x1, 0x0) (async)
r2 = socket$unix(0x1, 0x1, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) (async)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x40, 0x0) (async)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x40, 0x0)
close(r4)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r5 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xffffffed, 0x6}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r7, {0x0, 0xc}, {0xb, 0xb}, {0xa, 0xb}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x405c071}, 0x4008000)
socket$unix(0x1, 0x1, 0x0) (async)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmmsg(r1, &(0x7f00000023c0)=[{{&(0x7f0000000040)=@ll={0x11, 0x17, r10, 0x1, 0x4}, 0x80, 0x0}}], 0x1, 0x40000)
sendto$packet(r1, 0x0, 0x0, 0x4000, &(0x7f00000001c0)={0x11, 0x2, r9, 0x1, 0x6, 0x6, @random="6fc47ee92384"}, 0x14)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af0ff00000000bfa200000000000007020000d5ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000380)=ANY=[@ANYBLOB="1f000000000000000000004bc0d5af00000008"], 0x50)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000c00)=@bpf_tracing={0x1a, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}, [@call]}, &(0x7f0000000a00)='syzkaller\x00', 0x5, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, 0x1c, r11, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x13b02, r11, 0x0, 0x0, 0x0, 0x10, 0xd}, 0x94)

1.319669485s ago: executing program 3 (id=9728):
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0xe, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000003000002000000000800000091118d000000010095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x40f00, 0x27, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff9}, 0x94)

1.218122929s ago: executing program 0 (id=9729):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r1, 0x2000300, 0x70, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x101842, 0x0)
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f0000000040))
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000280), 0x40000, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="4c00000010003df600"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001400030064766d727009000000000000000000001800128008000100707070000c00028008000100", @ANYRES32=r4], 0x4c}}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket$kcm(0xf, 0x3, 0x2)
r7 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r7, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000140)={<r8=>0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x0, 0x0, @private2}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r7, 0x84, 0x73, &(0x7f0000000000)={r8, 0x1, 0x20, 0x1ff, 0x400}, 0x0)
r9 = socket$inet6_sctp(0xa, 0x5, 0x84)
r10 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r10, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r11=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r9, 0x84, 0x85, &(0x7f0000000000)={r11, @in={{0x2, 0x0, @empty}}, 0x27c0}, 0x90)
sendmsg$inet(r6, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="020b070102000000e4a17c455b3a89e0", 0x10}], 0x1}, 0x0)
r12 = socket$kcm(0xf, 0x3, 0x2)
sendmsg$inet(r12, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="020b0700fc670000e4a17c45c8d260c9", 0x33fe0}], 0x1}, 0x0)
sendmsg$inet(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000040)="020a030002000000e4a17c45c8d260c9", 0x10}], 0x1}, 0x0)
r13 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r13, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0}, 0x1, 0x0, 0x0, 0x5}, 0x0)
getsockname$packet(r13, &(0x7f0000000100)={0x11, 0x0, <r14=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYRESDEC=r14, @ANYRES8=r5, @ANYRES16=r12, @ANYRES8=r6, @ANYRES16=r12], 0x3c}}, 0x0)
ioctl$SIOCSIFMTU(r13, 0x8922, &(0x7f00000001c0)={'macvtap0\x00', 0x6})
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0xffffff1f, 0x0, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4408}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GENEVE_COLLECT_METADATA={0x4}, @IFLA_GENEVE_PORT={0x6, 0x5, 0x4e24}]}}}, @IFLA_MASTER={0x8, 0xa, r14}]}, 0x48}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

1.15444165s ago: executing program 3 (id=9730):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000300)="d8000000180081054e81f782db4cb904021d080406037c09e8fe55a10a0006400200142603600e122f00160006000400a8000600200003400700027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1, 0x0, 0x0, 0x4a0f0000}, 0x0) (fail_nth: 9)

1.099188007s ago: executing program 4 (id=9731):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000300)="d8007c00180081054e81f782db4cb904021d080406037c09e8fe55a10a0006400200142603600e122f00160006000400a8000600200003400700027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1, 0x0, 0x0, 0x4a0f0000}, 0x0)

1.03733628s ago: executing program 1 (id=9732):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x100, 0x1, 0x28}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000010000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r1}, 0xc) (async, rerun: 64)
r2 = socket$kcm(0x10, 0x2, 0x0) (rerun: 64)
write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="1b0000001800599c6d0e00009bd029ef80"], 0xfe33) (async)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000003c0)={r0, &(0x7f0000000300), 0x0}, 0x20)

896.582522ms ago: executing program 4 (id=9733):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x30, 0x30, 0x9, [@volatile={0x0, 0x0, 0x0, 0x9, 0x5}, @type_tag={0x7, 0x0, 0x0, 0x12, 0x1}, @func_proto={0x0, 0x0, 0x0, 0xd, 0x2}, @func_proto]}, {0x0, [0x30, 0x0, 0x5f, 0x5f, 0x61, 0x5f, 0x5f]}}, 0x0, 0x51, 0x0, 0x0, 0x1}, 0x28)
writev(0xffffffffffffffff, &(0x7f0000003500)=[{0x0}], 0x1)
openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000001c0)=ANY=[@ANYRESOCT, @ANYRES16=0x0], &(0x7f0000000340)='syzkaller\x00', 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd}, 0x94)
socket$inet6_sctp(0xa, 0x1, 0x84)
close(0x4)
unshare(0x6a040000)
recvfrom$netrom(0xffffffffffffffff, &(0x7f00000002c0)=""/38, 0x26, 0x30002, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r1, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
connect$inet6(r1, &(0x7f0000002140)={0xa, 0x4e25, 0x1, @mcast2, 0x7}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a3100000000090003007379"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)

829.406829ms ago: executing program 3 (id=9734):
syz_emit_ethernet(0x66, &(0x7f00000002c0)={@broadcast, @random="6487a2bed3d6", @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0x0, 0x58, 0x300, 0x0, 0x0, 0x6c, 0x0, @private=0xe000}}}}}, 0x0)

803.006107ms ago: executing program 1 (id=9735):
r0 = socket(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r1, &(0x7f00000017c0)=[{{&(0x7f0000000000)={0x2, 0x0, @rand_addr=0x640100fe}, 0x10, 0x0}}], 0x1, 0x14048011)
r2 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f00000000c0)={0x10, 0x4, 0x2, 0xa87, 0xa, 0x69, 0x9bd4, 0x81, r3}, 0x20)
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000180)={r3, 0x9}, 0x8)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a6ddf0000000000000000070000000900010073797a33000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a0500000000080005400000000d08000640ffffff400800034000000038"], 0xdc}}, 0x0)
socket$kcm(0xa, 0x2, 0x0)
r5 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r5, 0x1, 0xf, &(0x7f0000356ffc)=0xffffffffffffff40, 0x4)
r6 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r6, 0x10e, 0xc, &(0x7f0000000040)={0x4001}, 0xfea3)
sendmsg$nl_route(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c0000005e00010200"/19, @ANYRES32=0x0, @ANYBLOB="0200f7"], 0x1c}}, 0x0)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r8, 0x84, 0x7c, 0x0, 0x0)
bind$bt_hci(r7, &(0x7f0000000140)={0x1f, 0xffff, 0x3}, 0x6)
write(r7, &(0x7f00000000c0)="510003000000", 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0xd, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000001000000000000000000000081127800000000009500000700000000312a444ad1fd42c9bcb937cf92274d391754f0d596585f3e5d2ec2bff526dc16ba7daea0dffa784267f2e14acf06669c68f80e00f2"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xc}, 0x94)
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x33, &(0x7f00000a2000)={0x1, &(0x7f0000f07000)=[{0x6}]}, 0x10)
socket$inet6_sctp(0xa, 0x5, 0x84)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000001c0), r9)
sendmsg$NLBL_CIPSOV4_C_ADD(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="0100ffffffff00000000010000000800010003000000340004800500030001000000050003000000000005000300000000000500030080000000050003000000000005001300010000000800020002"], 0x58}}, 0x0)
r11 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x5, 0x80000, 0x9)

672.21391ms ago: executing program 2 (id=9736):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xb, &(0x7f0000000000)=@framed={{}, [@printk={@lld={0x18, 0x1, 0x0, 0xd0}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x9b}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

518.831839ms ago: executing program 0 (id=9737):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="02000000040000000800000001000000800000", @ANYBLOB, @ANYRES32=0x0, @ANYRES32=0x0], 0x48)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newqdisc={0x24, 0x24, 0x2, 0x60b924, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {}, {0x6, 0xb}, {0xa, 0xffe0}}}, 0x24}, 0x1, 0x0, 0x0, 0x4048060}, 0x20004080)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0xe00, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="280000002e00090027097000000041220400000008000c"], 0x28}, 0x1, 0x0, 0x0, 0x42804}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x20}, 0x94)

469.564261ms ago: executing program 3 (id=9738):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time\x00', 0x275a, 0x0)
mmap(&(0x7f0000496000/0x2000)=nil, 0x2000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
mmap(&(0x7f00004f1000/0x3000)=nil, 0x3000, 0x2000006, 0x12, 0xffffffffffffffff, 0x913e0000)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x13, r0, 0x1000)

392.626015ms ago: executing program 2 (id=9739):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000bc0)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x8, [@enum64={0x6, 0x1, 0x0, 0x13, 0x0, 0x4, [{0x4, 0xe, 0xfffffff7}]}]}, {0x0, [0x30, 0x5f, 0x0, 0x2e, 0x1e, 0x2e]}}, 0x0, 0x38, 0x0, 0x1, 0x6}, 0x28)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x48, 0x16, 0xa, 0x1, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x1c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x6}]}]}, @NFT_MSG_DELFLOWTABLE={0x24c, 0x18, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0xe8, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0xcc, 0x3, 0x0, 0x1, [{0x14, 0x1, 'ip6erspan0\x00'}, {0x14, 0x1, 'wg2\x00'}, {0x14, 0x1, 'veth0_macvtap\x00'}, {0x14, 0x1, 'bond_slave_1\x00'}, {0x14, 0x1, 'bond_slave_0\x00'}, {0x14, 0x1, 'caif0\x00'}, {0x14, 0x1, 'pimreg0\x00'}, {0x14, 0x1, 'pimreg1\x00'}, {0x14, 0x1, 'ip_vti0\x00'}, {0x64, 0x1, 'team_slave_0\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}]}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0xfffffe8b, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8, 0x1, 0x1, 0x0, 0x300}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x101}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x40, 0x3, 0x0, 0x1, [{0x14, 0x1, 'wg2\x00'}, {0x14, 0x1, 'ip_vti0\x00'}, {0x14, 0x1, 'bridge_slave_0\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0xa4, 0x3, 0x0, 0x1, [{0x14, 0x1, 'bond_slave_0\x00'}, {0x14, 0x1, 'wlan1\x00'}, {0x14, 0x1, 'veth0\x00'}, {0x14, 0x1, 'pimreg0\x00'}, {0x14, 0x1, 'veth1_macvtap\x00'}, {0x14, 0x1, 'ip6erspan0\x00'}, {0x14, 0x1, 'syzkaller0\x00'}, {0x14, 0x1, 'dvmrp0\x00'}]}]}, @NFTA_FLOWTABLE_HOOK={0x1c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x4}]}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x10}}, 0x2dc}}, 0x0)

255.91294ms ago: executing program 1 (id=9740):
socket$kcm(0xa, 0x5, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x12, 0x5, 0x8, 0x9}, 0x50)
ioctl$XFS_IOC_FSGETXATTRA(0xffffffffffffffff, 0x801c582d, &(0x7f0000000100))
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)={r1, &(0x7f0000000240), &(0x7f00000000c0)=@udp6=r0}, 0x20)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'xfrm0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=@newlink={0x34, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0xffff, r4, 0x80}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0x4}}}]}, 0x34}}, 0x0)
close(0x4)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2000002, 0x810, 0xffffffffffffffff, 0x9fad6000)
socket$kcm(0xa, 0x5, 0x0) (async)
socket$inet6(0xa, 0x2, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x12, 0x5, 0x8, 0x9}, 0x50) (async)
ioctl$XFS_IOC_FSGETXATTRA(0xffffffffffffffff, 0x801c582d, &(0x7f0000000100)) (async)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)={r1, &(0x7f0000000240), &(0x7f00000000c0)=@udp6=r0}, 0x20) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$packet(0x11, 0x3, 0x300) (async)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'xfrm0\x00'}) (async)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=@newlink={0x34, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0xffff, r4, 0x80}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0x4}}}]}, 0x34}}, 0x0) (async)
close(0x4) (async)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2000002, 0x810, 0xffffffffffffffff, 0x9fad6000) (async)

199.829422ms ago: executing program 3 (id=9741):
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x1, 0x50}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x10000000, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

178.347557ms ago: executing program 4 (id=9742):
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x8000)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, 0x0, 0x0, 0x3}, 0x94)
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'vxcan0\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@can_newroute={0x24, 0x18, 0x1, 0x0, 0x25dfdbfe, {0x1d, 0x1, 0x6}, [@CGW_SRC_IF={0x8, 0x9, r1}, @CGW_DST_IF={0x8, 0xa, r1}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000019"], 0xfe33)
accept$packet(0xffffffffffffffff, 0x0, 0x0)

0s ago: executing program 1 (id=9743):
r0 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x30, 0x0, 0x0, 0x8000}, {0x6}]}, 0x10)
getsockopt$sock_buf(r1, 0x1, 0x1a, &(0x7f0000000100)=""/2, &(0x7f0000000140)=0x2)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@ipv6_newroute={0x1c, 0x18, 0xffffffffffffffff, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0xfe, 0x0, 0xfd, 0x9}}, 0x1c}}, 0x0)
r3 = socket$inet6(0xa, 0x3, 0xff)
sendmmsg$inet6(r3, &(0x7f0000000580)=[{{&(0x7f0000000040)={0xa, 0x0, 0x0, @private1}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000180)="06d14dad91515bc88e7941335c6609d36aa2d6a821cd25a5bfdc4b5ba81d41ea69e78a7d167734e25327a369f32067b93d52896c5fca22e1551d0790fe70c16e9e7d102df54bee5ed77a29daecee01baf049291eb2e1e503f4d80c19e8098470cd7f28b09915e0082aa9b9454c3a8f49cacfa0df4e013d34deb61bf2a12815338fa0da", 0x83}, {&(0x7f0000000300)="8d2b639d693f5717bf7540f701c7478aaa4b7f4a16e45ce8b452016098a2591e1952324f3fa26e8fce5e9754bc52e36bf9e9a80db262aa0a2eb97dc7a755cf0e5b96b0fbf15131c254d04f00168043e86c6cad729a33063d95de15f368dc83baeb7f6905ba5b05e576a3317f72478133ae794a7d5f44d71a2f2899cc3b1fa7c1fa1bf3c815233b301bb4c779432912bea7f9a37b11e4a83cd177e32bfa", 0x9d}], 0x2, &(0x7f00000003c0)=[@dstopts_2292={{0xe8, 0x29, 0x4, {0x73, 0x19, '\x00', [@padn={0x1, 0x1, [0x0]}, @hao={0xc9, 0x10, @dev={0xfe, 0x80, '\x00', 0x42}}, @pad1, @ra={0x5, 0x2, 0xfffc}, @generic={0x6, 0xf, "14182af466ee04130db53636f309e1"}, @padn={0x1, 0x2, [0x0, 0x0]}, @padn={0x1, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x38, {0x0, 0xc, 0x5, 0x2, [0x4, 0x6, 0x400, 0x1, 0x9, 0xe0]}}, @generic={0xf0, 0x54, "9e30dabfb97196d6fae4c4c24355d5af472c42d6624deaac1ff0018520063c43623f4ede5e47a8ac471a77c7205ceea42dda02ec847eb815bab6c4699cf40a55c4cc84f9e2db95dba92acf4df507ac39296393ff"}]}}}, @hopopts_2292={{0x40, 0x29, 0x36, {0x32, 0x4, '\x00', [@enc_lim={0x4, 0x1, 0xb4}, @padn, @ra={0x5, 0x2, 0xff00}, @ra={0x5, 0x2, 0x8}, @ra={0x5, 0x2, 0x7fff}, @jumbo={0xc2, 0x4, 0x400}, @jumbo={0xc2, 0x4, 0x9}, @enc_lim, @padn={0x1, 0x3, [0x0, 0x0, 0x0]}]}}}], 0x128}}], 0x2, 0x0) (fail_nth: 3)
r4 = accept4(r3, 0x0, &(0x7f0000000640), 0x0)
r5 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r5, 0x0, 0x27, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r6 = socket$netlink(0x10, 0x3, 0x0)
writev(r6, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
setsockopt$inet_mreqsrc(r5, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)
recvmsg$kcm(r4, &(0x7f0000001a40)={&(0x7f0000000680)=@vsock={0x28, 0x0, 0x0, @host}, 0x80, &(0x7f0000001980)=[{&(0x7f0000000700)=""/148, 0x94}, {&(0x7f00000007c0)=""/4096, 0x1000}, {&(0x7f00000017c0)=""/74, 0x4a}, {&(0x7f0000001840)=""/29, 0x1d}, {&(0x7f0000001880)=""/173, 0xad}, {&(0x7f0000001940)=""/63, 0x3f}], 0x6, &(0x7f0000001a00)=""/5, 0x5}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@ipv6_newroute={0x30, 0x18, 0x1ef, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd}, [@RTA_GATEWAY={0x14, 0x5, @loopback={0x0, 0x2}}]}, 0x30}, 0x1, 0x11}, 0x0)
syz_80211_join_ibss(&(0x7f0000000240)='wlan1\x00', &(0x7f0000000600)=@default_ap_ssid, 0x6, 0x2)

kernel console output (not intermixed with test programs):

097.093197][ T2606]  ? genl_family_rcv_msg_attrs_parse+0x20b/0x2f0
[ 1097.093221][ T2606]  ? genl_family_rcv_msg_attrs_parse+0x265/0x2f0
[ 1097.093251][ T2606]  genl_family_rcv_msg_doit+0x22a/0x330
[ 1097.093282][ T2606]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1097.093318][ T2606]  ? bpf_lsm_capable+0x9/0x20
[ 1097.093342][ T2606]  ? security_capable+0x7e/0x2c0
[ 1097.093376][ T2606]  genl_rcv_msg+0x61c/0x7a0
[ 1097.093405][ T2606]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1097.093427][ T2606]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1097.093450][ T2606]  ? __lock_acquire+0x6b5/0x2cf0
[ 1097.093491][ T2606]  netlink_rcv_skb+0x232/0x4b0
[ 1097.093522][ T2606]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1097.093546][ T2606]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1097.093592][ T2606]  ? down_read+0x272/0x2e0
[ 1097.093612][ T2606]  ? genl_rcv+0xd/0x40
[ 1097.093634][ T2606]  genl_rcv+0x28/0x40
[ 1097.093654][ T2606]  netlink_unicast+0x80f/0x9b0
[ 1097.093689][ T2606]  ? __pfx_netlink_unicast+0x10/0x10
[ 1097.093717][ T2606]  ? netlink_sendmsg+0x650/0xb40
[ 1097.093733][ T2606]  ? skb_put+0x11b/0x210
[ 1097.093758][ T2606]  netlink_sendmsg+0x813/0xb40
[ 1097.093786][ T2606]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1097.093808][ T2606]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1097.093836][ T2606]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1097.093860][ T2606]  ____sys_sendmsg+0x972/0x9f0
[ 1097.093891][ T2606]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1097.093922][ T2606]  ? import_iovec+0x73/0xa0
[ 1097.093945][ T2606]  ___sys_sendmsg+0x2a5/0x360
[ 1097.093972][ T2606]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1097.094030][ T2606]  ? __fget_files+0x2a/0x420
[ 1097.094056][ T2606]  ? __fget_files+0x3a0/0x420
[ 1097.094093][ T2606]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1097.094119][ T2606]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1097.094150][ T2606]  ? __pfx_ksys_write+0x10/0x10
[ 1097.094183][ T2606]  do_syscall_64+0x14d/0xf80
[ 1097.094202][ T2606]  ? trace_irq_disable+0x3b/0x150
[ 1097.094228][ T2606]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1097.094247][ T2606]  ? clear_bhb_loop+0x40/0x90
[ 1097.094271][ T2606]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1097.094290][ T2606] RIP: 0033:0x7fb2f6b9c799
[ 1097.094310][ T2606] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1097.094326][ T2606] RSP: 002b:00007fb2f7aeb028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1097.094346][ T2606] RAX: ffffffffffffffda RBX: 00007fb2f6e15fa0 RCX: 00007fb2f6b9c799
[ 1097.094361][ T2606] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000004
[ 1097.094373][ T2606] RBP: 00007fb2f7aeb090 R08: 0000000000000000 R09: 0000000000000000
[ 1097.094385][ T2606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1097.094396][ T2606] R13: 00007fb2f6e16038 R14: 00007fb2f6e15fa0 R15: 00007ffdc3806b98
[ 1097.094429][ T2606]  </TASK>
[ 1097.185909][ T2612] netlink: 'syz.4.8895': attribute type 13 has an invalid length.
[ 1097.902848][ T2344] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1097.968972][ T2627] netlink: 'syz.0.8899': attribute type 4 has an invalid length.
[ 1097.998428][ T2344] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1098.069106][T19191] Bluetooth: hci3: command tx timeout
[ 1098.077361][ T2344] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1098.158308][ T2344] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1098.365159][ T2645] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8903'.
[ 1098.679695][  T107] batadv0: left promiscuous mode
[ 1098.724567][  T107] hsr_slave_0: left promiscuous mode
[ 1098.749452][  T107] hsr_slave_1: left promiscuous mode
[ 1098.759213][  T107] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1098.791058][  T107] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1098.817978][  T107] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1098.840178][  T107] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1098.888482][  T107] veth1_to_hsr: left allmulticast mode
[ 1098.894746][  T107] veth1_to_hsr: left promiscuous mode
[ 1098.900480][  T107] veth1_macvtap: left promiscuous mode
[ 1098.922361][  T107] veth0_macvtap: left promiscuous mode
[ 1098.937484][  T107] veth1_vlan: left promiscuous mode
[ 1099.445620][  T107] team0 (unregistering): Port device team_slave_1 removed
[ 1099.466449][  T107] team0 (unregistering): Port device team_slave_0 removed
[ 1099.616145][  T107] dummy0 (unregistering): left allmulticast mode
[ 1099.750413][ T2676] syzkaller0: entered promiscuous mode
[ 1099.769776][ T2676] syzkaller0: entered allmulticast mode
[ 1099.796024][ T2693] netlink: 16150 bytes leftover after parsing attributes in process `syz.3.8912'.
[ 1100.330407][ T2722] __nla_validate_parse: 1 callbacks suppressed
[ 1100.330426][ T2722] netlink: 16 bytes leftover after parsing attributes in process `syz.3.8918'.
[ 1102.759575][ T2698] virt_wifi0 speed is unknown, defaulting to 1000
[ 1102.913779][ T2726] netlink: 48 bytes leftover after parsing attributes in process `syz.3.8918'.
[ 1103.227515][ T2698] lo speed is unknown, defaulting to 1000
[ 1103.277167][ T2741] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8923'.
[ 1103.301358][ T2741] vlan0: entered promiscuous mode
[ 1103.319924][ T2741] ip6gretap0: entered promiscuous mode
[ 1103.385975][  T107] IPVS: stop unused estimator thread 0...
[ 1103.392062][ T2344] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1103.571976][ T2344] 8021q: adding VLAN 0 to HW filter on device team0
[ 1103.702274][ T2754] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1103.728210][T13076] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1103.735432][T13076] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1103.783305][T13049] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1103.802346][T13049] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1103.829329][T13076] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1103.836711][T13076] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1103.949586][ T2344] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1103.982051][ T2761] netlink: 'syz.3.8929': attribute type 4 has an invalid length.
[ 1104.364455][ T2779] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1104.442775][ T2788] netlink: 48 bytes leftover after parsing attributes in process `syz.4.8938'.
[ 1104.454754][ T2788] netlink: 245 bytes leftover after parsing attributes in process `syz.4.8938'.
[ 1104.510143][ T2792] netlink: 'syz.3.8936': attribute type 10 has an invalid length.
[ 1104.522233][ T2344] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1104.554486][ T2792] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8936'.
[ 1104.596358][ T2796] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1104.676515][ T2344] veth0_vlan: entered promiscuous mode
[ 1104.720575][ T2344] veth1_vlan: entered promiscuous mode
[ 1104.737882][ T2801] IPVS: set_ctl: invalid protocol: 137 172.20.20.187:20000
[ 1104.791644][ T2801] x_tables: ip6_tables: udplite match: only valid for protocol 136
[ 1104.836218][ T2806] bond0: entered promiscuous mode
[ 1104.854659][ T2806] batadv0: entered promiscuous mode
[ 1104.861251][ T2806] debugfs: 'hsr1' already exists in 'hsr'
[ 1104.895154][ T2806] Cannot create hsr debugfs directory
[ 1104.960652][ T2344] veth0_macvtap: entered promiscuous mode
[ 1104.966579][ T2813] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8944'.
[ 1105.057193][ T2344] veth1_macvtap: entered promiscuous mode
[ 1105.132588][ T2823] xt_nat: multiple ranges no longer supported
[ 1105.152628][ T2344] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1105.217474][ T2344] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1105.233421][ T2827] netlink: 16178 bytes leftover after parsing attributes in process `syz.4.8946'.
[ 1105.259996][T13072] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1105.298783][T13072] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1105.304327][ T2829] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8948'.
[ 1105.341690][T13072] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1105.437936][ T2838] netlink: 388 bytes leftover after parsing attributes in process `syz.0.8951'.
[ 1105.455285][T13072] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1105.494233][ T2844] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1105.516248][ T2846] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8951'.
[ 1105.656228][ T2856] netlink: 211856 bytes leftover after parsing attributes in process `syz.1.8954'.
[ 1105.737530][ T2858] virt_wifi0 speed is unknown, defaulting to 1000
[ 1105.747609][ T2858] lo speed is unknown, defaulting to 1000
[ 1105.788149][T13076] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1105.813758][T13076] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1106.127283][ T2878] openvswitch: netlink: Missing valid actions attribute.
[ 1106.144620][ T2878] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1106.206414][ T2881] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8961'.
[ 1106.255977][ T2882] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8960'.
[ 1106.258006][  T180] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1106.293147][  T180] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1106.512593][ T2888] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8963'.
[ 1107.020861][   T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1107.040466][   T51] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1107.051517][   T51] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1107.060091][   T51] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1107.062344][ T2908] netlink: 'syz.2.8970': attribute type 1 has an invalid length.
[ 1107.069257][   T51] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1107.109808][ T2908] netlink: 'syz.2.8970': attribute type 2 has an invalid length.
[ 1107.296573][ T2923] netlink: 24 bytes leftover after parsing attributes in process `syz.3.8974'.
[ 1107.394935][ T2911] virt_wifi0 speed is unknown, defaulting to 1000
[ 1107.405362][ T2911] lo speed is unknown, defaulting to 1000
[ 1107.625718][ T2933] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.8977'.
[ 1107.652402][ T2938] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[ 1107.767513][ T2944] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.8981'.
[ 1107.976110][ T2933] bridge_slave_0: left promiscuous mode
[ 1108.087169][ T2933] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1108.102593][ T2933] veth1_to_batadv: left promiscuous mode
[ 1108.112193][ T2933] veth1_to_batadv: left allmulticast mode
[ 1108.121417][ T2933] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1108.217172][ T2954] xt_nat: multiple ranges no longer supported
[ 1108.320229][ T2933] macsec1: left promiscuous mode
[ 1108.334353][ T2933] macsec1: left allmulticast mode
[ 1108.346325][ T2933] bridge1: left allmulticast mode
[ 1108.358360][ T2933] ip6gre1: left promiscuous mode
[ 1108.370457][ T2933] ip6gre1: left allmulticast mode
[ 1108.387504][ T2933] bond2: left promiscuous mode
[ 1108.399199][ T2933] bond2: left allmulticast mode
[ 1108.424459][ T2933] veth1_to_hsr: left allmulticast mode
[ 1108.430382][ T2933] macvtap1: left promiscuous mode
[ 1108.436155][ T2933] macvtap1: left allmulticast mode
[ 1108.465706][ T2933] bond0: left promiscuous mode
[ 1108.478088][ T2933] vti0: left promiscuous mode
[ 1108.506806][ T2933] bond5: left promiscuous mode
[ 1108.552653][ T2933] bond9: left promiscuous mode
[ 1108.574052][ T2933] vti1: left promiscuous mode
[ 1108.592690][ T2933] bond11: left promiscuous mode
[ 1108.601751][ T2933] bond12: left promiscuous mode
[ 1108.611058][ T2939] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1108.638179][ T2941] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -4
[ 1108.663192][ T2941] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -4
[ 1108.680321][ T2941] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[ 1108.737654][T13076] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1108.754968][T13076] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1108.791949][T13076] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1108.821407][T13076] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1108.956664][T13076] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1108.993541][T13076] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1109.014109][T13076] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1109.023019][T13076] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1109.056135][ T2958] syzkaller0: entered promiscuous mode
[ 1109.061651][ T2958] syzkaller0: entered allmulticast mode
[ 1109.193517][T19191] Bluetooth: hci1: command tx timeout
[ 1109.299088][ T2911] chnl_net:caif_netlink_parms(): no params data found
[ 1109.387404][ T2988] netlink: 24 bytes leftover after parsing attributes in process `syz.3.8997'.
[ 1109.790410][ T2911] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1109.813235][ T2911] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1109.831057][ T2911] bridge_slave_0: entered allmulticast mode
[ 1109.842842][ T2911] bridge_slave_0: entered promiscuous mode
[ 1109.898461][ T2911] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1109.941516][ T2911] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1109.961962][ T2911] bridge_slave_1: entered allmulticast mode
[ 1109.995907][ T2911] bridge_slave_1: entered promiscuous mode
[ 1110.061149][ T3013] lo: Caught tx_queue_len zero misconfig
[ 1110.081083][ T3010] virt_wifi0 speed is unknown, defaulting to 1000
[ 1110.110594][ T3018] netlink: 'syz.1.9004': attribute type 1 has an invalid length.
[ 1110.146369][ T3010] lo speed is unknown, defaulting to 1000
[ 1110.232929][ T2911] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1110.354228][ T2911] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1110.496614][ T3028] __nla_validate_parse: 7 callbacks suppressed
[ 1110.496632][ T3028] netlink: 16178 bytes leftover after parsing attributes in process `syz.2.9007'.
[ 1110.566684][ T2911] team0: Port device team_slave_0 added
[ 1110.598906][ T2911] team0: Port device team_slave_1 added
[ 1110.695995][ T3036] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1110.825554][ T2911] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1110.832556][ T2911] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1110.945514][ T2911] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1110.966086][ T2911] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1110.994743][ T2911] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1111.074029][ T2911] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1111.273409][T19191] Bluetooth: hci1: command tx timeout
[ 1111.426201][ T2911] hsr_slave_0: entered promiscuous mode
[ 1111.457615][ T2911] hsr_slave_1: entered promiscuous mode
[ 1111.486283][ T2911] debugfs: 'hsr0' already exists in 'hsr'
[ 1111.492155][ T2911] Cannot create hsr debugfs directory
[ 1111.508405][ T3053] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9015'.
[ 1111.519866][ T3053] bond0: option primary: mode dependency failed, not supported in mode balance-rr(0)
[ 1111.641744][ T3057] netlink: 20 bytes leftover after parsing attributes in process `syz.1.9017'.
[ 1111.679460][ T3057] netlink: 16 bytes leftover after parsing attributes in process `syz.1.9017'.
[ 1111.780005][ T3059] xt_CT: No such helper "netbios-ns"
[ 1111.810690][ T3062] netlink: 212368 bytes leftover after parsing attributes in process `syz.4.9019'.
[ 1111.939323][ T3070] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9020'.
[ 1111.951195][ T3069] netlink: 16 bytes leftover after parsing attributes in process `syz.4.9019'.
[ 1111.968966][ T3068] openvswitch: netlink: Missing valid actions attribute.
[ 1112.007918][ T3068] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1112.032976][ T3070] virt_wifi0 speed is unknown, defaulting to 1000
[ 1112.061732][ T3070] lo speed is unknown, defaulting to 1000
[ 1112.147734][ T2911] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1112.168011][ T2911] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1112.195107][ T3074] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9022'.
[ 1112.365131][ T3078] netlink: 'syz.2.9024': attribute type 21 has an invalid length.
[ 1112.388947][ T3078] netlink: 'syz.2.9024': attribute type 22 has an invalid length.
[ 1112.410336][ T3078] netlink: 128 bytes leftover after parsing attributes in process `syz.2.9024'.
[ 1112.426241][ T2911] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1112.439127][ T2911] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1112.585123][ T2911] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1112.611189][ T2911] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1112.812425][ T3096] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1112.890244][ T1089] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1112.900311][ T1089] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1113.024954][ T3106] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9035'.
[ 1113.041367][ T2911] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1113.057715][ T2911] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1113.222448][ T3102] netlink: 'syz.1.9033': attribute type 1 has an invalid length.
[ 1113.355310][T19191] Bluetooth: hci1: command tx timeout
[ 1113.376040][ T3113] netlink: 'syz.2.9037': attribute type 1 has an invalid length.
[ 1113.442545][ T2911] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1113.496479][ T2911] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1113.529346][ T2911] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1113.549027][ T2911] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1113.667939][ T3127] netlink: 'syz.2.9041': attribute type 1 has an invalid length.
[ 1113.964892][ T3137] FAULT_INJECTION: forcing a failure.
[ 1113.964892][ T3137] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1113.987446][ T2911] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1114.003141][ T3137] CPU: 0 UID: 0 PID: 3137 Comm: syz.1.9044 Not tainted syzkaller #0 PREEMPT(full) 
[ 1114.003166][ T3137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1114.003177][ T3137] Call Trace:
[ 1114.003184][ T3137]  <TASK>
[ 1114.003193][ T3137]  dump_stack_lvl+0xe8/0x150
[ 1114.003225][ T3137]  should_fail_ex+0x412/0x560
[ 1114.003257][ T3137]  _copy_from_user+0x2d/0xb0
[ 1114.003279][ T3137]  kstrtouint_from_user+0xd6/0x180
[ 1114.003318][ T3137]  ? __pfx_kstrtouint_from_user+0x10/0x10
[ 1114.003364][ T3137]  proc_fail_nth_write+0x8e/0x210
[ 1114.003393][ T3137]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1114.003426][ T3137]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1114.003455][ T3137]  vfs_write+0x29a/0xb90
[ 1114.003486][ T3137]  ? __pfx_vfs_write+0x10/0x10
[ 1114.003509][ T3137]  ? __fget_files+0x2a/0x420
[ 1114.003545][ T3137]  ? __fget_files+0x3a0/0x420
[ 1114.003571][ T3137]  ? __fget_files+0x2a/0x420
[ 1114.003608][ T3137]  ksys_write+0x150/0x270
[ 1114.003632][ T3137]  ? __pfx_ksys_write+0x10/0x10
[ 1114.003666][ T3137]  do_syscall_64+0x14d/0xf80
[ 1114.003686][ T3137]  ? trace_irq_disable+0x3b/0x150
[ 1114.003713][ T3137]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1114.003733][ T3137]  ? clear_bhb_loop+0x40/0x90
[ 1114.003758][ T3137]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1114.003777][ T3137] RIP: 0033:0x7fc3c1f5cfce
[ 1114.003795][ T3137] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1114.003812][ T3137] RSP: 002b:00007fc3c2e61fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1114.003833][ T3137] RAX: ffffffffffffffda RBX: 00007fc3c2e626c0 RCX: 00007fc3c1f5cfce
[ 1114.003848][ T3137] RDX: 0000000000000001 RSI: 00007fc3c2e620a0 RDI: 0000000000000003
[ 1114.003860][ T3137] RBP: 00007fc3c2e62090 R08: 0000000000000000 R09: 0000000000000000
[ 1114.003873][ T3137] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1114.003885][ T3137] R13: 00007fc3c2216038 R14: 00007fc3c2215fa0 R15: 00007ffc4a819748
[ 1114.003918][ T3137]  </TASK>
[ 1114.226792][ T2911] 8021q: adding VLAN 0 to HW filter on device team0
[ 1114.270292][ T2911] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1114.280737][ T2911] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1114.322562][  T107] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1114.330223][  T107] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1114.339827][  T107] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1114.347022][  T107] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1114.513484][ T3147] netlink: 'syz.1.9047': attribute type 2 has an invalid length.
[ 1114.525087][ T3145] erspan0: entered promiscuous mode
[ 1114.553534][ T3147] netlink: 'syz.1.9047': attribute type 8 has an invalid length.
[ 1114.799101][ T3150] netlink: 'syz.4.9048': attribute type 13 has an invalid length.
[ 1114.819105][T13053] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1114.832957][T13053] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1114.847579][ T2911] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1114.880930][ T3157] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1114.921891][ T3159] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1114.951334][ T3162] FAULT_INJECTION: forcing a failure.
[ 1114.951334][ T3162] name failslab, interval 1, probability 0, space 0, times 0
[ 1115.000180][ T2911] veth0_vlan: entered promiscuous mode
[ 1115.023981][ T2911] veth1_vlan: entered promiscuous mode
[ 1115.036127][ T3162] CPU: 1 UID: 0 PID: 3162 Comm: syz.2.9052 Not tainted syzkaller #0 PREEMPT(full) 
[ 1115.036154][ T3162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1115.036165][ T3162] Call Trace:
[ 1115.036174][ T3162]  <TASK>
[ 1115.036182][ T3162]  dump_stack_lvl+0xe8/0x150
[ 1115.036215][ T3162]  should_fail_ex+0x412/0x560
[ 1115.036246][ T3162]  should_failslab+0xa8/0x100
[ 1115.036269][ T3162]  ? skb_clone+0x212/0x3a0
[ 1115.036292][ T3162]  kmem_cache_alloc_noprof+0x87/0x650
[ 1115.036321][ T3162]  skb_clone+0x212/0x3a0
[ 1115.036342][ T3162]  ? pfkey_broadcast_one+0x7d/0x360
[ 1115.036366][ T3162]  pfkey_broadcast_one+0x9b/0x360
[ 1115.036385][ T3162]  ? pfkey_broadcast+0x208/0x3e0
[ 1115.036407][ T3162]  pfkey_broadcast+0x218/0x3e0
[ 1115.036425][ T3162]  ? pfkey_broadcast+0x48/0x3e0
[ 1115.036444][ T3162]  pfkey_send_policy_notify+0x596/0x990
[ 1115.036464][ T3162]  ? __pfx_pfkey_send_policy_notify+0x10/0x10
[ 1115.036485][ T3162]  km_policy_notify+0x121/0x200
[ 1115.036630][ T3162]  ? km_policy_notify+0x28/0x200
[ 1115.036654][ T3162]  pfkey_spdadd+0x10ba/0x1a90
[ 1115.036690][ T3162]  ? __pfx_pfkey_spdadd+0x10/0x10
[ 1115.036717][ T3162]  ? pfkey_broadcast+0x3c2/0x3e0
[ 1115.036750][ T3162]  pfkey_sendmsg+0xc56/0x1120
[ 1115.036772][ T3162]  ? __lock_acquire+0x6b5/0x2cf0
[ 1115.036811][ T3162]  ? __pfx_pfkey_sendmsg+0x10/0x10
[ 1115.036850][ T3162]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1115.036879][ T3162]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1115.036904][ T3162]  ____sys_sendmsg+0x972/0x9f0
[ 1115.036925][ T3162]  ? __lock_acquire+0x6b5/0x2cf0
[ 1115.036957][ T3162]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1115.036990][ T3162]  ? import_iovec+0x73/0xa0
[ 1115.037011][ T3162]  ___sys_sendmsg+0x2a5/0x360
[ 1115.037041][ T3162]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1115.037068][ T3162]  ? kstrtouint+0x6e/0xe0
[ 1115.037115][ T3162]  ? __fget_files+0x2a/0x420
[ 1115.037134][ T3162]  ? __fget_files+0x3a0/0x420
[ 1115.037162][ T3162]  __sys_sendmmsg+0x27c/0x4e0
[ 1115.037182][ T3162]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1115.037197][ T3162]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[ 1115.037240][ T3162]  ? ksys_write+0x242/0x270
[ 1115.037263][ T3162]  ? __pfx_ksys_write+0x10/0x10
[ 1115.037288][ T3162]  __x64_sys_sendmmsg+0xa0/0xc0
[ 1115.037311][ T3162]  do_syscall_64+0x14d/0xf80
[ 1115.037329][ T3162]  ? trace_irq_disable+0x3b/0x150
[ 1115.037355][ T3162]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1115.037374][ T3162]  ? clear_bhb_loop+0x40/0x90
[ 1115.037397][ T3162]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1115.037415][ T3162] RIP: 0033:0x7fb33319c799
[ 1115.037432][ T3162] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1115.037449][ T3162] RSP: 002b:00007fb333fe5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1115.037468][ T3162] RAX: ffffffffffffffda RBX: 00007fb333415fa0 RCX: 00007fb33319c799
[ 1115.037482][ T3162] RDX: 00000000000002c8 RSI: 00002000000000c0 RDI: 0000000000000004
[ 1115.037494][ T3162] RBP: 00007fb333fe5090 R08: 0000000000000000 R09: 0000000000000000
[ 1115.037505][ T3162] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1115.037516][ T3162] R13: 00007fb333416038 R14: 00007fb333415fa0 R15: 00007ffee1040458
[ 1115.037548][ T3162]  </TASK>
[ 1115.037756][ T3166] bond0: Unable to set up delay as MII monitoring is disabled
[ 1115.425056][T19191] Bluetooth: hci1: command tx timeout
[ 1115.590156][ T2911] veth0_macvtap: entered promiscuous mode
[ 1115.653650][ T2911] veth1_macvtap: entered promiscuous mode
[ 1115.721307][ T2911] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1115.789137][ T2911] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1115.876243][ T1089] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1115.895660][ T1089] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1115.931629][ T1089] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1116.010062][ T1089] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1116.061258][ T3182] virt_wifi0 speed is unknown, defaulting to 1000
[ 1116.115075][ T3182] lo speed is unknown, defaulting to 1000
[ 1116.328329][ T3198] __nla_validate_parse: 10 callbacks suppressed
[ 1116.328348][ T3198] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9062'.
[ 1116.363789][   T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1116.380261][ T3204] netlink: 'syz.4.9063': attribute type 4 has an invalid length.
[ 1116.398790][   T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1116.541316][ T1089] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1116.573929][ T1089] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1116.596151][T13049] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1116.606301][T13049] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1116.661728][ T3208] netlink: 'syz.3.9064': attribute type 4 has an invalid length.
[ 1116.817100][ T3210] openvswitch: netlink: Missing valid actions attribute.
[ 1116.846200][ T3210] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1116.856256][ T3213] netlink: 28 bytes leftover after parsing attributes in process `syz.3.9066'.
[ 1116.925235][ T3213] netlink: 32 bytes leftover after parsing attributes in process `syz.3.9066'.
[ 1116.947022][ T3213] netlink: 28 bytes leftover after parsing attributes in process `syz.3.9066'.
[ 1116.984651][ T3219] netlink: 'syz.3.9066': attribute type 3 has an invalid length.
[ 1116.992427][ T3219] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9066'.
[ 1117.023419][ T3214] netlink: 16178 bytes leftover after parsing attributes in process `syz.1.9067'.
[ 1117.045247][ T3213] netlink: 16 bytes leftover after parsing attributes in process `syz.3.9066'.
[ 1117.095607][ T3216] bond0: entered promiscuous mode
[ 1117.108144][ T3216] batadv0: entered promiscuous mode
[ 1117.135614][ T3216] debugfs: 'hsr1' already exists in 'hsr'
[ 1117.159496][ T3216] Cannot create hsr debugfs directory
[ 1117.387059][ T3228] FAULT_INJECTION: forcing a failure.
[ 1117.387059][ T3228] name failslab, interval 1, probability 0, space 0, times 0
[ 1117.453411][ T3228] CPU: 0 UID: 0 PID: 3228 Comm: syz.3.9071 Not tainted syzkaller #0 PREEMPT(full) 
[ 1117.453438][ T3228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1117.453449][ T3228] Call Trace:
[ 1117.453466][ T3228]  <TASK>
[ 1117.453475][ T3228]  dump_stack_lvl+0xe8/0x150
[ 1117.453508][ T3228]  should_fail_ex+0x412/0x560
[ 1117.453541][ T3228]  should_failslab+0xa8/0x100
[ 1117.453565][ T3228]  ? skb_clone+0x212/0x3a0
[ 1117.453588][ T3228]  kmem_cache_alloc_noprof+0x87/0x650
[ 1117.453608][ T3228]  ? __netlink_lookup+0xc6/0x8b0
[ 1117.453635][ T3228]  skb_clone+0x212/0x3a0
[ 1117.453661][ T3228]  __netlink_deliver_tap+0x404/0x850
[ 1117.453702][ T3228]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1117.453733][ T3228]  netlink_deliver_tap+0x19c/0x1b0
[ 1117.453763][ T3228]  netlink_unicast+0x7e3/0x9b0
[ 1117.453798][ T3228]  ? __pfx_netlink_unicast+0x10/0x10
[ 1117.453827][ T3228]  ? netlink_sendmsg+0x650/0xb40
[ 1117.453843][ T3228]  ? skb_put+0x11b/0x210
[ 1117.453867][ T3228]  netlink_sendmsg+0x813/0xb40
[ 1117.453894][ T3228]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1117.453916][ T3228]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1117.453945][ T3228]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1117.453970][ T3228]  ____sys_sendmsg+0x972/0x9f0
[ 1117.454002][ T3228]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1117.454030][ T3228]  ? import_iovec+0x73/0xa0
[ 1117.454052][ T3228]  ___sys_sendmsg+0x2a5/0x360
[ 1117.454078][ T3228]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1117.454131][ T3228]  ? __fget_files+0x2a/0x420
[ 1117.454154][ T3228]  ? __fget_files+0x3a0/0x420
[ 1117.454223][ T3228]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1117.454248][ T3228]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1117.454279][ T3228]  ? __pfx_ksys_write+0x10/0x10
[ 1117.454310][ T3228]  do_syscall_64+0x14d/0xf80
[ 1117.454328][ T3228]  ? trace_irq_disable+0x3b/0x150
[ 1117.454354][ T3228]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1117.454373][ T3228]  ? clear_bhb_loop+0x40/0x90
[ 1117.454397][ T3228]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1117.454420][ T3228] RIP: 0033:0x7ff9d1b9c799
[ 1117.454438][ T3228] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1117.454461][ T3228] RSP: 002b:00007ff9d2b2f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1117.454482][ T3228] RAX: ffffffffffffffda RBX: 00007ff9d1e15fa0 RCX: 00007ff9d1b9c799
[ 1117.454497][ T3228] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000004
[ 1117.454509][ T3228] RBP: 00007ff9d2b2f090 R08: 0000000000000000 R09: 0000000000000000
[ 1117.454521][ T3228] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1117.454532][ T3228] R13: 00007ff9d1e16038 R14: 00007ff9d1e15fa0 R15: 00007fffb323b478
[ 1117.454564][ T3228]  </TASK>
[ 1117.477137][ T3235] netlink: 'syz.2.9074': attribute type 4 has an invalid length.
[ 1117.767918][   T51] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1117.783521][   T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1117.792433][   T51] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1117.807701][   T51] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1117.817067][   T51] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1117.978673][ T3236] virt_wifi0 speed is unknown, defaulting to 1000
[ 1118.008841][ T3244] netlink: ct family unspecified
[ 1118.032596][ T3244] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1118.164280][ T3249] netlink: 32 bytes leftover after parsing attributes in process `syz.2.9079'.
[ 1118.210408][ T3256] netlink: 'syz.3.9080': attribute type 13 has an invalid length.
[ 1118.238915][ T3236] lo speed is unknown, defaulting to 1000
[ 1118.441434][ T3269] netlink: 212336 bytes leftover after parsing attributes in process `syz.2.9082'.
[ 1118.910834][ T3283] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9087'.
[ 1118.964141][ T3291] netlink: 'syz.4.9087': attribute type 13 has an invalid length.
[ 1119.314562][ T3305] netlink: 'syz.2.9093': attribute type 1 has an invalid length.
[ 1119.350480][ T3303] xfrm0: Caught tx_queue_len zero misconfig
[ 1119.405260][ T3305] bond1: entered promiscuous mode
[ 1119.410910][ T3305] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1119.521656][ T3305] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1119.544141][ T3305] bond1: (slave vti0): The slave device specified does not support setting the MAC address
[ 1119.580666][ T3305] bond1: (slave vti0): Setting fail_over_mac to active for active-backup mode
[ 1119.631491][ T3305] bond1: (slave vti0): making interface the new active one
[ 1119.652344][ T3305] vti0: entered promiscuous mode
[ 1119.697447][ T3305] bond1: (slave vti0): Enslaving as an active interface with an up link
[ 1119.913519][   T51] Bluetooth: hci2: command tx timeout
[ 1120.580065][ T3236] chnl_net:caif_netlink_parms(): no params data found
[ 1120.640177][ T3325] virt_wifi0 speed is unknown, defaulting to 1000
[ 1120.681789][ T3345] netlink: 'syz.2.9103': attribute type 10 has an invalid length.
[ 1120.698074][T13076] geneve3: left allmulticast mode
[ 1120.729655][T13076] geneve3: left promiscuous mode
[ 1120.741496][T13076] bridge3: port 1(geneve3) entered disabled state
[ 1120.926129][T13076] bond0 (unregistering): (slave vti0): Releasing backup interface
[ 1120.962367][T13076] bond9 (unregistering): (slave vti1): Releasing backup interface
[ 1121.111028][T13076] bond3 (unregistering): (slave geneve2): Releasing active interface
[ 1121.421230][T13076] bond1 (unregistering): Released all slaves
[ 1121.457986][T13076] bond2 (unregistering): Released all slaves
[ 1121.494785][T13076] bond3 (unregistering): Released all slaves
[ 1121.536047][T13076] bond0 (unregistering): Released all slaves
[ 1121.573581][T13076] bond4 (unregistering): Released all slaves
[ 1121.621195][T13076] bond5 (unregistering): Released all slaves
[ 1121.655572][T13076] bond6 (unregistering): (slave veth3): Releasing active interface
[ 1121.676464][T13076] bond6 (unregistering): Released all slaves
[ 1121.702298][T13076] bond7 (unregistering): Released all slaves
[ 1121.732806][T13076] bond8 (unregistering): Released all slaves
[ 1121.758472][T13076] bond9 (unregistering): Released all slaves
[ 1121.777292][T13076] bond10 (unregistering): Released all slaves
[ 1121.796294][T13076] bond11 (unregistering): Released all slaves
[ 1121.838402][T13076] bond12 (unregistering): Released all slaves
[ 1121.870582][T13076] bond13 (unregistering): Released all slaves
[ 1121.909503][T13076] bond14 (unregistering): Released all slaves
[ 1121.993365][   T51] Bluetooth: hci2: command tx timeout
[ 1122.048721][ T3325] lo speed is unknown, defaulting to 1000
[ 1122.117537][ T3345] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1122.125293][ T3345] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1122.204898][ T3345] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1122.212250][ T3345] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1122.219837][ T3345] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1122.227149][ T3345] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1122.258127][ T3345] bond0: (slave bridge0): Enslaving as an active interface with an up link
[ 1122.283797][ T3339] bridge_slave_1: left allmulticast mode
[ 1122.313576][ T3339] bridge_slave_1: left promiscuous mode
[ 1122.319404][ T3339] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1122.388425][ T3339] bridge_slave_0: left allmulticast mode
[ 1122.395696][ T3339] bridge_slave_0: left promiscuous mode
[ 1122.401584][ T3339] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1122.476219][ T3339] bond0: (slave bridge0): Releasing backup interface
[ 1122.684428][T13076] tipc: Left network mode
[ 1122.830812][ T3381] erspan0: entered promiscuous mode
[ 1122.922148][ T3386] __nla_validate_parse: 9 callbacks suppressed
[ 1122.922168][ T3386] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9112'.
[ 1122.969850][ T3386] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9112'.
[ 1123.090355][ T3236] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1123.099833][ T3389] netlink: 12 bytes leftover after parsing attributes in process `syz.0.9113'.
[ 1123.133339][ T3236] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1123.148556][ T3236] bridge_slave_0: entered allmulticast mode
[ 1123.206132][ T3236] bridge_slave_0: entered promiscuous mode
[ 1123.308297][ T3236] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1123.335671][ T3236] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1123.344669][ T3236] bridge_slave_1: entered allmulticast mode
[ 1123.365947][ T3236] bridge_slave_1: entered promiscuous mode
[ 1123.600112][ T3236] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1123.638469][ T3236] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1123.706504][ T3418] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9119'.
[ 1123.744955][ T3417] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9119'.
[ 1123.877845][ T3236] team0: Port device team_slave_0 added
[ 1123.911979][ T3236] team0: Port device team_slave_1 added
[ 1123.954388][ T3425] netlink: 28 bytes leftover after parsing attributes in process `syz.0.9122'.
[ 1124.006159][ T3426] netlink: 'syz.0.9122': attribute type 1 has an invalid length.
[ 1124.063328][   T51] Bluetooth: hci2: command tx timeout
[ 1124.105630][ T3236] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1124.115805][ T3236] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1124.142403][ T3236] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1124.170465][ T3425] netlink: 288 bytes leftover after parsing attributes in process `syz.0.9122'.
[ 1124.352196][ T3236] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1124.383391][ T3236] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1124.485330][ T3443] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9128'.
[ 1124.495996][ T3236] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1124.561598][  T796] IPVS: starting estimator thread 0...
[ 1124.595404][ T3451] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9129'.
[ 1124.614536][ T3451] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9129'.
[ 1124.624044][ T3448] netlink: 'syz.4.9130': attribute type 2 has an invalid length.
[ 1124.624066][ T3448] netlink: 'syz.4.9130': attribute type 8 has an invalid length.
[ 1124.683190][ T3446] IPVS: using max 41 ests per chain, 98400 per kthread
[ 1124.733338][ T3451] netlink: 'syz.2.9129': attribute type 18 has an invalid length.
[ 1124.820921][ T3439] virt_wifi0 speed is unknown, defaulting to 1000
[ 1124.832549][ T3439] lo speed is unknown, defaulting to 1000
[ 1124.939216][ T3236] hsr_slave_0: entered promiscuous mode
[ 1124.947539][ T3236] hsr_slave_1: entered promiscuous mode
[ 1124.954511][ T3236] debugfs: 'hsr0' already exists in 'hsr'
[ 1124.960526][ T3236] Cannot create hsr debugfs directory
[ 1125.806874][ T3486] ip6tnl0: Caught tx_queue_len zero misconfig
[ 1126.153292][   T51] Bluetooth: hci2: command tx timeout
[ 1126.568595][ T3506] netlink: 'syz.2.9144': attribute type 10 has an invalid length.
[ 1126.721635][ T3493] virt_wifi0 speed is unknown, defaulting to 1000
[ 1126.810657][ T3493] lo speed is unknown, defaulting to 1000
[ 1127.217702][T13076] hsr_slave_0: left promiscuous mode
[ 1127.274513][T13076] hsr_slave_1: left promiscuous mode
[ 1127.293959][T13076] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1127.323829][T13076] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1127.958968][T13076] team0 (unregistering): Port device team_slave_1 removed
[ 1128.008695][T13076] team0 (unregistering): Port device team_slave_0 removed
[ 1128.407001][ T3531] virt_wifi0 speed is unknown, defaulting to 1000
[ 1128.436944][ T3531] lo speed is unknown, defaulting to 1000
[ 1128.615050][ T3545] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1128.797166][ T3236] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1128.847156][ T3236] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1128.881279][ T3236] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1128.940675][ T3236] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1129.162442][ T3562] openvswitch: netlink: Missing key (keys=40, expected=200000)
[ 1129.195083][T13076] IPVS: stop unused estimator thread 0...
[ 1129.374990][ T3568] bond2: Unable to set up delay as MII monitoring is disabled
[ 1129.450272][ T3568] bond2 (unregistering): Released all slaves
[ 1129.561701][ T3576] syzkaller0: entered promiscuous mode
[ 1129.606488][ T3576] syzkaller0: entered allmulticast mode
[ 1129.793584][ T3585] netlink: 'syz.2.9169': attribute type 1 has an invalid length.
[ 1129.822199][ T3585] __nla_validate_parse: 10 callbacks suppressed
[ 1129.822219][ T3585] netlink: 16 bytes leftover after parsing attributes in process `syz.2.9169'.
[ 1129.927921][ T3588] netlink: 'syz.3.9170': attribute type 1 has an invalid length.
[ 1129.939276][ T3573] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1129.992509][ T3572] tipc: Resetting bearer <eth:syzkaller0>
[ 1130.067876][ T3572] tipc: Disabling bearer <eth:syzkaller0>
[ 1130.267039][ T3236] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1130.464311][ T3601] netlink: 32 bytes leftover after parsing attributes in process `syz.4.9175'.
[ 1130.474897][ T3236] 8021q: adding VLAN 0 to HW filter on device team0
[ 1130.590297][ T1089] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1130.597495][ T1089] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1130.707602][  T180] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1130.715175][  T180] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1130.821961][ T3616] x_tables: duplicate underflow at hook 1
[ 1130.969949][ T3620] virt_wifi0 speed is unknown, defaulting to 1000
[ 1131.036629][ T3620] lo speed is unknown, defaulting to 1000
[ 1131.131829][ T3630] netlink: 40 bytes leftover after parsing attributes in process `syz.2.9186'.
[ 1131.174196][ T3629] syzkaller0: entered promiscuous mode
[ 1131.191981][ T3629] syzkaller0: entered allmulticast mode
[ 1131.320601][ T3637] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9187'.
[ 1131.497495][ T3639] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9188'.
[ 1131.550442][ T3236] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1131.606596][ T3644] netlink: 'syz.2.9189': attribute type 13 has an invalid length.
[ 1132.164666][ T3236] veth0_vlan: entered promiscuous mode
[ 1132.204107][ T3236] veth1_vlan: entered promiscuous mode
[ 1132.330057][ T3236] veth0_macvtap: entered promiscuous mode
[ 1132.385793][ T3236] veth1_macvtap: entered promiscuous mode
[ 1132.451182][ T3236] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1132.507336][ T3236] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1132.650210][  T107] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1132.679907][  T107] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1132.719348][  T107] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1132.750523][  T107] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1132.795754][ T3664] netlink: 16150 bytes leftover after parsing attributes in process `syz.0.9197'.
[ 1132.934864][ T3669] netlink: 211856 bytes leftover after parsing attributes in process `syz.2.9199'.
[ 1133.054208][T13076] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1133.062159][T13076] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1133.181630][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1133.200968][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1133.230639][ T3677] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9202'.
[ 1133.382741][ T3688] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[ 1133.475279][ T3692] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9204'.
[ 1133.507596][ T3693] netlink: 'syz.1.9069': attribute type 1 has an invalid length.
[ 1133.584168][ T3694] netlink: 28 bytes leftover after parsing attributes in process `syz.1.9069'.
[ 1133.948742][T19191] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1133.960558][T19191] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1133.970166][T19191] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1133.982600][T19191] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1133.991391][T19191] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1134.043385][ T3694] gre0: entered promiscuous mode
[ 1134.054812][ T3694] gre0: entered allmulticast mode
[ 1134.132091][ T3711] x_tables: duplicate underflow at hook 1
[ 1134.328576][ T3708] virt_wifi0 speed is unknown, defaulting to 1000
[ 1134.358596][ T3708] lo speed is unknown, defaulting to 1000
[ 1134.518520][ T3721] netlink: 'syz.1.9213': attribute type 13 has an invalid length.
[ 1134.869793][ T3725] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[ 1135.224772][   T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1135.495422][   T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1135.571538][ T3754] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9220'.
[ 1135.634297][ T3756] netlink: 'syz.0.9220': attribute type 13 has an invalid length.
[ 1135.794649][ T3753] virt_wifi0 speed is unknown, defaulting to 1000
[ 1135.879070][ T3763] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9223'.
[ 1135.925206][   T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1135.939147][ T3765] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1135.968358][ T3753] lo speed is unknown, defaulting to 1000
[ 1136.076905][T19191] Bluetooth: hci4: command tx timeout
[ 1136.218844][ T3773] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9226'.
[ 1136.241915][   T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1136.759087][ T3708] chnl_net:caif_netlink_parms(): no params data found
[ 1136.870630][ T3793] x_tables: duplicate underflow at hook 1
[ 1136.951058][   T12] geneve4: left allmulticast mode
[ 1136.968201][   T12] geneve4: left promiscuous mode
[ 1136.978507][   T12] bridge2: port 1(geneve4) entered disabled state
[ 1137.014987][ T3796] netlink: 211856 bytes leftover after parsing attributes in process `syz.0.9233'.
[ 1137.608152][   T12] bond5 (unregistering): (slave vti0): Releasing backup interface
[ 1137.623181][   T12] vti0 (unregistering): left promiscuous mode
[ 1137.718757][   T12] bond2 (unregistering): (slave gretap2): Releasing active interface
[ 1137.850240][   T12] bond8 (unregistering): (slave geneve3): Releasing active interface
[ 1138.089439][   T12] .` (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1138.100952][   T12] .` (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1138.116612][   T12] .` (unregistering): Released all slaves
[ 1138.129440][   T12] bond1 (unregistering): Released all slaves
[ 1138.143892][T19191] Bluetooth: hci4: command tx timeout
[ 1138.156557][   T12] bond2 (unregistering): (slave veth3): Releasing active interface
[ 1138.170056][   T12] bond2 (unregistering): Released all slaves
[ 1138.200283][   T12] bond0 (unregistering): (slave vlan0): Removing an active aggregator
[ 1138.218373][   T12] bond0 (unregistering): (slave vlan0): Releasing backup interface
[ 1138.232584][   T12] bond0 (unregistering): Released all slaves
[ 1138.252135][   T12] bond3 (unregistering): Released all slaves
[ 1138.275327][   T12] bond4 (unregistering): Released all slaves
[ 1138.310098][   T12] bond5 (unregistering): Released all slaves
[ 1138.332333][   T12] bond6 (unregistering): Released all slaves
[ 1138.362397][   T12] bond7 (unregistering): Released all slaves
[ 1138.381449][   T12] bond8 (unregistering): Released all slaves
[ 1138.413331][   T12] bond9 (unregistering): Released all slaves
[ 1138.435621][   T12] bond10 (unregistering): Released all slaves
[ 1138.459996][   T12] bond11 (unregistering): Released all slaves
[ 1138.485278][   T12] bond12 (unregistering): Released all slaves
[ 1138.505962][   T12] bond13 (unregistering): Released all slaves
[ 1138.533534][   T12] bond14 (unregistering): Released all slaves
[ 1138.662835][ T3805] netlink: 16178 bytes leftover after parsing attributes in process `syz.0.9235'.
[ 1138.755680][   T12] tipc: Left network mode
[ 1138.842116][ T3708] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1138.863615][ T3708] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1138.870954][ T3708] bridge_slave_0: entered allmulticast mode
[ 1138.898706][ T3708] bridge_slave_0: entered promiscuous mode
[ 1138.902323][ T3815] netlink: 312 bytes leftover after parsing attributes in process `syz.4.9238'.
[ 1138.921904][ T3708] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1138.932840][ T3708] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1138.940558][ T3708] bridge_slave_1: entered allmulticast mode
[ 1138.952308][ T3708] bridge_slave_1: entered promiscuous mode
[ 1139.110355][ T3708] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1139.272689][ T3708] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1139.359599][ T3817] virt_wifi0 speed is unknown, defaulting to 1000
[ 1139.382121][ T3821] netlink: 'syz.4.9239': attribute type 13 has an invalid length.
[ 1139.433507][ T3821] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9239'.
[ 1139.502942][ T3708] team0: Port device team_slave_0 added
[ 1139.523229][ T3817] lo speed is unknown, defaulting to 1000
[ 1139.712629][ T3708] team0: Port device team_slave_1 added
[ 1139.941273][ T3708] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1139.975079][ T3708] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1140.073102][ T3708] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1140.196407][ T3708] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1140.211501][ T3708] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1140.238849][T19191] Bluetooth: hci4: command tx timeout
[ 1140.280818][ T3708] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1140.311206][ T3849] netlink: 16178 bytes leftover after parsing attributes in process `syz.1.9245'.
[ 1140.586922][ T3862] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9248'.
[ 1140.632722][ T3862] FAULT_INJECTION: forcing a failure.
[ 1140.632722][ T3862] name failslab, interval 1, probability 0, space 0, times 0
[ 1140.646379][ T3862] CPU: 0 UID: 0 PID: 3862 Comm: syz.0.9248 Not tainted syzkaller #0 PREEMPT(full) 
[ 1140.646405][ T3862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1140.646417][ T3862] Call Trace:
[ 1140.646425][ T3862]  <TASK>
[ 1140.646435][ T3862]  dump_stack_lvl+0xe8/0x150
[ 1140.646468][ T3862]  should_fail_ex+0x412/0x560
[ 1140.646501][ T3862]  should_failslab+0xa8/0x100
[ 1140.646524][ T3862]  ? __kernfs_new_node+0xe9/0x8e0
[ 1140.646553][ T3862]  kmem_cache_alloc_noprof+0x87/0x650
[ 1140.646574][ T3862]  ? kernfs_add_one+0x477/0x5c0
[ 1140.646606][ T3862]  __kernfs_new_node+0xe9/0x8e0
[ 1140.646639][ T3862]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1140.646678][ T3862]  ? kernfs_root+0x1c/0x230
[ 1140.646710][ T3862]  ? kernfs_root+0x1c/0x230
[ 1140.646735][ T3862]  ? kernfs_root+0x1c/0x230
[ 1140.646758][ T3862]  ? kernfs_root+0x1c/0x230
[ 1140.646789][ T3862]  kernfs_new_node+0x102/0x210
[ 1140.646822][ T3862]  __kernfs_create_file+0x4b/0x2e0
[ 1140.646847][ T3862]  sysfs_add_file_mode_ns+0x238/0x300
[ 1140.646880][ T3862]  sysfs_create_file_ns+0x12b/0x1b0
[ 1140.646907][ T3862]  ? __pfx_sysfs_create_file_ns+0x10/0x10
[ 1140.646935][ T3862]  ? __dev_fwnode+0x50/0x80
[ 1140.646959][ T3862]  ? device_create_file+0xf4/0x1b0
[ 1140.646984][ T3862]  device_add+0x440/0xb70
[ 1140.647012][ T3862]  device_create+0x269/0x300
[ 1140.647039][ T3862]  ? timer_init_key+0x161/0x2f0
[ 1140.647063][ T3862]  ? __pfx_device_create+0x10/0x10
[ 1140.647088][ T3862]  ? ieee80211_alloc_hw_nm+0x191d/0x1fa0
[ 1140.647119][ T3862]  mac80211_hwsim_new_radio+0x427/0x5ba0
[ 1140.647157][ T3862]  ? _printk+0xdd/0x130
[ 1140.647180][ T3862]  ? __pfx__printk+0x10/0x10
[ 1140.647198][ T3862]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1140.647225][ T3862]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1140.647248][ T3862]  ? do_trace_netlink_extack+0x80/0x200
[ 1140.647280][ T3862]  hwsim_new_radio_nl+0xf6a/0x1c00
[ 1140.647326][ T3862]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1140.647358][ T3862]  ? rcu_is_watching+0x15/0xb0
[ 1140.647385][ T3862]  ? trace_kmalloc+0x2a/0x110
[ 1140.647412][ T3862]  ? __nla_parse+0x40/0x60
[ 1140.647435][ T3862]  ? genl_family_rcv_msg_attrs_parse+0x20b/0x2f0
[ 1140.647459][ T3862]  ? genl_family_rcv_msg_attrs_parse+0x265/0x2f0
[ 1140.647491][ T3862]  genl_family_rcv_msg_doit+0x22a/0x330
[ 1140.647520][ T3862]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1140.647555][ T3862]  ? bpf_lsm_capable+0x9/0x20
[ 1140.647580][ T3862]  ? security_capable+0x7e/0x2c0
[ 1140.647613][ T3862]  genl_rcv_msg+0x61c/0x7a0
[ 1140.647642][ T3862]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1140.647665][ T3862]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1140.647696][ T3862]  ? __lock_acquire+0x6b5/0x2cf0
[ 1140.647733][ T3862]  netlink_rcv_skb+0x232/0x4b0
[ 1140.647763][ T3862]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1140.647788][ T3862]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1140.647835][ T3862]  ? down_read+0x272/0x2e0
[ 1140.647855][ T3862]  ? genl_rcv+0xd/0x40
[ 1140.647878][ T3862]  genl_rcv+0x28/0x40
[ 1140.647899][ T3862]  netlink_unicast+0x80f/0x9b0
[ 1140.647931][ T3862]  ? __pfx_netlink_unicast+0x10/0x10
[ 1140.647958][ T3862]  ? netlink_sendmsg+0x650/0xb40
[ 1140.647974][ T3862]  ? skb_put+0x11b/0x210
[ 1140.647997][ T3862]  netlink_sendmsg+0x813/0xb40
[ 1140.648026][ T3862]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1140.648048][ T3862]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1140.648077][ T3862]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1140.648102][ T3862]  ____sys_sendmsg+0x972/0x9f0
[ 1140.648134][ T3862]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1140.648164][ T3862]  ? import_iovec+0x73/0xa0
[ 1140.648188][ T3862]  ___sys_sendmsg+0x2a5/0x360
[ 1140.648215][ T3862]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1140.648273][ T3862]  ? __fget_files+0x2a/0x420
[ 1140.648300][ T3862]  ? __fget_files+0x3a0/0x420
[ 1140.648337][ T3862]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1140.648363][ T3862]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1140.648394][ T3862]  ? __pfx_ksys_write+0x10/0x10
[ 1140.648427][ T3862]  do_syscall_64+0x14d/0xf80
[ 1140.648456][ T3862]  ? trace_irq_disable+0x3b/0x150
[ 1140.648482][ T3862]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1140.648501][ T3862]  ? clear_bhb_loop+0x40/0x90
[ 1140.648525][ T3862]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1140.648544][ T3862] RIP: 0033:0x7fea80f9c799
[ 1140.648562][ T3862] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1140.648579][ T3862] RSP: 002b:00007fea81f3b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1140.648599][ T3862] RAX: ffffffffffffffda RBX: 00007fea81215fa0 RCX: 00007fea80f9c799
[ 1140.648614][ T3862] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000004
[ 1140.648626][ T3862] RBP: 00007fea81f3b090 R08: 0000000000000000 R09: 0000000000000000
[ 1140.648656][ T3862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1140.648673][ T3862] R13: 00007fea81216038 R14: 00007fea81215fa0 R15: 00007fff232e7738
[ 1140.648705][ T3862]  </TASK>
[ 1140.648928][ T3864] sctp_setsockopt_delayed_ack: 24 callbacks suppressed
[ 1140.648941][ T3864] sctp: [Deprecated]: syz.1.9249 (pid 3864) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1140.648941][ T3864] Use struct sctp_sack_info instead
[ 1141.267638][ T3708] hsr_slave_0: entered promiscuous mode
[ 1141.274994][ T3708] hsr_slave_1: entered promiscuous mode
[ 1141.281595][ T3708] debugfs: 'hsr0' already exists in 'hsr'
[ 1141.291177][ T3708] Cannot create hsr debugfs directory
[ 1141.440151][ T3873] netlink: 24 bytes leftover after parsing attributes in process `syz.1.9251'.
[ 1141.883769][ T3886] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9254'.
[ 1141.930874][ T7294] IPVS: starting estimator thread 0...
[ 1141.959371][ T3883] syzkaller1: entered promiscuous mode
[ 1141.966646][ T3883] syzkaller1: entered allmulticast mode
[ 1142.034642][ T3888] IPVS: using max 36 ests per chain, 86400 per kthread
[ 1142.154228][ T3889] netlink: 32 bytes leftover after parsing attributes in process `syz.1.9251'.
[ 1142.259542][ T3882] virt_wifi0 speed is unknown, defaulting to 1000
[ 1142.304676][T19191] Bluetooth: hci4: command tx timeout
[ 1142.379407][ T3882] lo speed is unknown, defaulting to 1000
[ 1142.572158][ T3894] macsec1: entered allmulticast mode
[ 1142.593246][ T3894] erspan0: entered allmulticast mode
[ 1142.606932][ T3894] erspan0: left allmulticast mode
[ 1142.845229][ T3900] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9258'.
[ 1143.055860][ T3904] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9259'.
[ 1143.076606][ T3904] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1143.389661][ T3914] netlink: 'syz.2.9264': attribute type 13 has an invalid length.
[ 1143.411998][ T3919] netlink: 248 bytes leftover after parsing attributes in process `syz.4.9263'.
[ 1143.559374][ T3708] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1143.649926][ T3708] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1143.679609][ T3708] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1143.718127][ T3708] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1144.145865][ T3945] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9271'.
[ 1144.173244][ T3945] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1144.440559][ T3955] netlink: 'syz.1.9273': attribute type 8 has an invalid length.
[ 1144.440559][ T3954] netlink: 'syz.1.9273': attribute type 8 has an invalid length.
[ 1144.621917][ T3708] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1144.736767][ T3964] netlink: 'syz.2.9279': attribute type 29 has an invalid length.
[ 1144.763242][ T3964] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9279'.
[ 1144.883243][   T12] hsr_slave_0: left promiscuous mode
[ 1144.889604][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1144.905037][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1144.942375][ T3977] x_tables: unsorted entry at hook 3
[ 1144.966414][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1145.005887][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1145.057426][   T12] veth1_macvtap: left promiscuous mode
[ 1145.067982][   T12] veth0_macvtap: left promiscuous mode
[ 1145.088762][   T12] veth1_vlan: left promiscuous mode
[ 1145.098809][   T12] veth0_vlan: left promiscuous mode
[ 1145.420425][ T3996] netlink: 'syz.4.9291': attribute type 2 has an invalid length.
[ 1145.436898][ T3996] netlink: 'syz.4.9291': attribute type 8 has an invalid length.
[ 1145.455003][ T3998] netlink: 312 bytes leftover after parsing attributes in process `syz.1.9292'.
[ 1145.924442][ T4008] __nla_validate_parse: 1 callbacks suppressed
[ 1145.924463][ T4008] netlink: 12 bytes leftover after parsing attributes in process `syz.0.9296'.
[ 1145.967798][ T4008] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1146.438442][ T3708] 8021q: adding VLAN 0 to HW filter on device team0
[ 1146.476752][ T4023] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9302'.
[ 1146.504689][ T4017] virt_wifi0 speed is unknown, defaulting to 1000
[ 1146.558121][ T4023] bond0: option primary: mode dependency failed, not supported in mode balance-rr(0)
[ 1146.578333][T13076] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1146.585548][T13076] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1146.618291][T13076] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1146.625568][T13076] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1146.669515][ T4017] lo speed is unknown, defaulting to 1000
[ 1147.242264][ T4050] macsec1: entered allmulticast mode
[ 1147.264439][ T4050] erspan0: entered allmulticast mode
[ 1147.341166][ T4056] FAULT_INJECTION: forcing a failure.
[ 1147.341166][ T4056] name failslab, interval 1, probability 0, space 0, times 0
[ 1147.371628][ T4050] erspan0: left allmulticast mode
[ 1147.400180][ T4056] CPU: 1 UID: 0 PID: 4056 Comm: syz.1.9313 Not tainted syzkaller #0 PREEMPT(full) 
[ 1147.400207][ T4056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1147.400219][ T4056] Call Trace:
[ 1147.400227][ T4056]  <TASK>
[ 1147.400236][ T4056]  dump_stack_lvl+0xe8/0x150
[ 1147.400268][ T4056]  should_fail_ex+0x412/0x560
[ 1147.400304][ T4056]  should_failslab+0xa8/0x100
[ 1147.400328][ T4056]  ? skb_clone+0x212/0x3a0
[ 1147.400351][ T4056]  kmem_cache_alloc_noprof+0x87/0x650
[ 1147.400380][ T4056]  skb_clone+0x212/0x3a0
[ 1147.400406][ T4056]  pfkey_sendmsg+0x4a3/0x1120
[ 1147.400429][ T4056]  ? __lock_acquire+0x6b5/0x2cf0
[ 1147.400466][ T4056]  ? __pfx_pfkey_sendmsg+0x10/0x10
[ 1147.400513][ T4056]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1147.400543][ T4056]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1147.400568][ T4056]  ____sys_sendmsg+0x972/0x9f0
[ 1147.400588][ T4056]  ? __lock_acquire+0x6b5/0x2cf0
[ 1147.400619][ T4056]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1147.400651][ T4056]  ? import_iovec+0x73/0xa0
[ 1147.400675][ T4056]  ___sys_sendmsg+0x2a5/0x360
[ 1147.400704][ T4056]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1147.400777][ T4056]  __sys_sendmmsg+0x27c/0x4e0
[ 1147.400806][ T4056]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1147.400825][ T4056]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[ 1147.400874][ T4056]  ? ksys_write+0x242/0x270
[ 1147.400898][ T4056]  ? __pfx_ksys_write+0x10/0x10
[ 1147.400926][ T4056]  __x64_sys_sendmmsg+0xa0/0xc0
[ 1147.400951][ T4056]  do_syscall_64+0x14d/0xf80
[ 1147.400970][ T4056]  ? trace_irq_disable+0x3b/0x150
[ 1147.400996][ T4056]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1147.401023][ T4056]  ? clear_bhb_loop+0x40/0x90
[ 1147.401048][ T4056]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1147.401065][ T4056] RIP: 0033:0x7f7610f9c799
[ 1147.401083][ T4056] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1147.401098][ T4056] RSP: 002b:00007f7611dbc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1147.401117][ T4056] RAX: ffffffffffffffda RBX: 00007f7611215fa0 RCX: 00007f7610f9c799
[ 1147.401131][ T4056] RDX: 00000000000002c8 RSI: 00002000000000c0 RDI: 0000000000000003
[ 1147.401144][ T4056] RBP: 00007f7611dbc090 R08: 0000000000000000 R09: 0000000000000000
[ 1147.401157][ T4056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1147.401168][ T4056] R13: 00007f7611216038 R14: 00007f7611215fa0 R15: 00007fff20e33808
[ 1147.401200][ T4056]  </TASK>
[ 1147.767648][   T12] IPVS: stop unused estimator thread 0...
[ 1147.796438][ T3708] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1147.897570][ T4059] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9314'.
[ 1147.955815][ T7299] IPVS: starting estimator thread 0...
[ 1148.005845][ T4059] virt_wifi0 speed is unknown, defaulting to 1000
[ 1148.053237][ T3708] veth0_vlan: entered promiscuous mode
[ 1148.063758][ T4065] IPVS: using max 33 ests per chain, 79200 per kthread
[ 1148.155748][ T4059] lo speed is unknown, defaulting to 1000
[ 1148.164160][ T3708] veth1_vlan: entered promiscuous mode
[ 1148.438559][ T4075] netlink: 'syz.4.9319': attribute type 11 has an invalid length.
[ 1148.445643][ T3708] veth0_macvtap: entered promiscuous mode
[ 1148.463352][ T4075] netlink: 128 bytes leftover after parsing attributes in process `syz.4.9319'.
[ 1148.568310][ T3708] veth1_macvtap: entered promiscuous mode
[ 1148.660582][ T4078] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9320'.
[ 1148.691464][ T3708] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1148.738240][ T3708] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1148.793664][   T58] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1148.813888][   T58] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1148.822655][   T58] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1149.017571][ T4089] netlink: 'syz.1.9322': attribute type 1 has an invalid length.
[ 1149.030956][   T58] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1149.201443][ T4086] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9324'.
[ 1149.241908][ T4086] netlink: 'syz.4.9324': attribute type 13 has an invalid length.
[ 1149.436438][T13076] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1149.453302][T13076] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1149.516613][ T4099] netlink: 'syz.1.9327': attribute type 2 has an invalid length.
[ 1149.565089][ T4099] netlink: 'syz.1.9327': attribute type 8 has an invalid length.
[ 1149.573149][ T4099] netlink: 132 bytes leftover after parsing attributes in process `syz.1.9327'.
[ 1149.652528][  T107] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1149.681893][  T107] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1150.093285][ T4111] xt_CT: No such helper "netbios-ns"
[ 1150.124906][ T4120] x_tables: ip_tables: DNAT.0 target: invalid size 24 (kernel) != (user) 0
[ 1150.189925][ T4123] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9337'.
[ 1150.355759][ T4130] x_tables: duplicate underflow at hook 1
[ 1150.547071][ T4136] FAULT_INJECTION: forcing a failure.
[ 1150.547071][ T4136] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1150.604121][ T4136] CPU: 0 UID: 0 PID: 4136 Comm: syz.3.9343 Not tainted syzkaller #0 PREEMPT(full) 
[ 1150.604150][ T4136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1150.604163][ T4136] Call Trace:
[ 1150.604171][ T4136]  <TASK>
[ 1150.604180][ T4136]  dump_stack_lvl+0xe8/0x150
[ 1150.604212][ T4136]  should_fail_ex+0x412/0x560
[ 1150.604244][ T4136]  _copy_from_iter+0x1d3/0x1670
[ 1150.604278][ T4136]  ? sock_alloc_send_pskb+0x896/0x990
[ 1150.604309][ T4136]  ? __pfx__copy_from_iter+0x10/0x10
[ 1150.604346][ T4136]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[ 1150.604372][ T4136]  skb_copy_datagram_from_iter+0xf5/0x710
[ 1150.604401][ T4136]  ? skb_put+0x11b/0x210
[ 1150.604424][ T4136]  tun_get_user+0xc38/0x3dd0
[ 1150.604458][ T4136]  ? aa_file_perm+0x192/0x15e0
[ 1150.604481][ T4136]  ? aa_file_perm+0x50e/0x15e0
[ 1150.604499][ T4136]  ? __pfx_tun_get_user+0x10/0x10
[ 1150.604515][ T4136]  ? aa_file_perm+0x192/0x15e0
[ 1150.604539][ T4136]  ? __lock_acquire+0x6b5/0x2cf0
[ 1150.604573][ T4136]  ? ref_tracker_alloc+0x35c/0x4c0
[ 1150.604608][ T4136]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1150.604641][ T4136]  ? tun_get+0x1c/0x2f0
[ 1150.604665][ T4136]  ? tun_get+0x1c/0x2f0
[ 1150.604682][ T4136]  ? tun_get+0x1c/0x2f0
[ 1150.604705][ T4136]  tun_chr_write_iter+0x113/0x200
[ 1150.604734][ T4136]  vfs_write+0x61d/0xb90
[ 1150.604764][ T4136]  ? __pfx_vfs_write+0x10/0x10
[ 1150.604795][ T4136]  ? __fget_files+0x2a/0x420
[ 1150.604831][ T4136]  ksys_write+0x150/0x270
[ 1150.604853][ T4136]  ? __pfx_ksys_write+0x10/0x10
[ 1150.604885][ T4136]  do_syscall_64+0x14d/0xf80
[ 1150.604905][ T4136]  ? trace_irq_disable+0x3b/0x150
[ 1150.604931][ T4136]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1150.604950][ T4136]  ? clear_bhb_loop+0x40/0x90
[ 1150.604973][ T4136]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1150.604992][ T4136] RIP: 0033:0x7f946d19c799
[ 1150.605010][ T4136] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1150.605027][ T4136] RSP: 002b:00007f946e04a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1150.605048][ T4136] RAX: ffffffffffffffda RBX: 00007f946d415fa0 RCX: 00007f946d19c799
[ 1150.605062][ T4136] RDX: 000000000000002e RSI: 0000200000001ec0 RDI: 0000000000000003
[ 1150.605074][ T4136] RBP: 00007f946e04a090 R08: 0000000000000000 R09: 0000000000000000
[ 1150.605086][ T4136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1150.605098][ T4136] R13: 00007f946d416038 R14: 00007f946d415fa0 R15: 00007fff93c6ce18
[ 1150.605128][ T4136]  </TASK>
[ 1150.871282][ T4140] syzkaller0: entered promiscuous mode
[ 1150.876892][ T4140] syzkaller0: entered allmulticast mode
[ 1151.176483][ T4145] veth1_macvtap: left promiscuous mode
[ 1151.234270][ T4145] macsec0: entered promiscuous mode
[ 1151.380074][ T4151] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9349'.
[ 1151.429241][ T4151] FAULT_INJECTION: forcing a failure.
[ 1151.429241][ T4151] name failslab, interval 1, probability 0, space 0, times 0
[ 1151.469327][ T4151] CPU: 0 UID: 0 PID: 4151 Comm: syz.3.9349 Not tainted syzkaller #0 PREEMPT(full) 
[ 1151.469353][ T4151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1151.469365][ T4151] Call Trace:
[ 1151.469373][ T4151]  <TASK>
[ 1151.469383][ T4151]  dump_stack_lvl+0xe8/0x150
[ 1151.469416][ T4151]  should_fail_ex+0x412/0x560
[ 1151.469450][ T4151]  should_failslab+0xa8/0x100
[ 1151.469477][ T4151]  __kmalloc_node_track_caller_noprof+0xeb/0x7b0
[ 1151.469503][ T4151]  ? __kernfs_new_node+0xa9/0x8e0
[ 1151.469537][ T4151]  kstrdup+0x42/0x100
[ 1151.469564][ T4151]  __kernfs_new_node+0xa9/0x8e0
[ 1151.469598][ T4151]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1151.469626][ T4151]  ? kernfs_root+0x1c/0x230
[ 1151.469657][ T4151]  ? kernfs_root+0x1c/0x230
[ 1151.469684][ T4151]  ? kernfs_root+0x1c/0x230
[ 1151.469715][ T4151]  kernfs_new_node+0x102/0x210
[ 1151.469749][ T4151]  kernfs_create_link+0xa7/0x200
[ 1151.469776][ T4151]  sysfs_do_create_link_sd+0x83/0x110
[ 1151.469805][ T4151]  device_add_class_symlinks+0x1cf/0x240
[ 1151.469834][ T4151]  device_add+0x475/0xb70
[ 1151.469862][ T4151]  device_create+0x269/0x300
[ 1151.469890][ T4151]  ? timer_init_key+0x161/0x2f0
[ 1151.469914][ T4151]  ? __pfx_device_create+0x10/0x10
[ 1151.469940][ T4151]  ? ieee80211_alloc_hw_nm+0x191d/0x1fa0
[ 1151.469974][ T4151]  mac80211_hwsim_new_radio+0x427/0x5ba0
[ 1151.470011][ T4151]  ? _printk+0xdd/0x130
[ 1151.470036][ T4151]  ? __pfx__printk+0x10/0x10
[ 1151.470057][ T4151]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1151.470090][ T4151]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1151.470113][ T4151]  ? do_trace_netlink_extack+0x80/0x200
[ 1151.470154][ T4151]  hwsim_new_radio_nl+0xf6a/0x1c00
[ 1151.470202][ T4151]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1151.470235][ T4151]  ? rcu_is_watching+0x15/0xb0
[ 1151.470263][ T4151]  ? trace_kmalloc+0x2a/0x110
[ 1151.470290][ T4151]  ? __nla_parse+0x40/0x60
[ 1151.470314][ T4151]  ? genl_family_rcv_msg_attrs_parse+0x20b/0x2f0
[ 1151.470338][ T4151]  ? genl_family_rcv_msg_attrs_parse+0x265/0x2f0
[ 1151.470370][ T4151]  genl_family_rcv_msg_doit+0x22a/0x330
[ 1151.470402][ T4151]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1151.470440][ T4151]  ? bpf_lsm_capable+0x9/0x20
[ 1151.470465][ T4151]  ? security_capable+0x7e/0x2c0
[ 1151.470498][ T4151]  genl_rcv_msg+0x61c/0x7a0
[ 1151.470528][ T4151]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1151.470550][ T4151]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1151.470570][ T4151]  ? __lock_acquire+0x6b5/0x2cf0
[ 1151.470603][ T4151]  netlink_rcv_skb+0x232/0x4b0
[ 1151.470629][ T4151]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1151.470651][ T4151]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1151.470690][ T4151]  ? down_read+0x272/0x2e0
[ 1151.470708][ T4151]  ? genl_rcv+0xd/0x40
[ 1151.470728][ T4151]  genl_rcv+0x28/0x40
[ 1151.470747][ T4151]  netlink_unicast+0x80f/0x9b0
[ 1151.470780][ T4151]  ? __pfx_netlink_unicast+0x10/0x10
[ 1151.470808][ T4151]  ? netlink_sendmsg+0x650/0xb40
[ 1151.470825][ T4151]  ? skb_put+0x11b/0x210
[ 1151.470850][ T4151]  netlink_sendmsg+0x813/0xb40
[ 1151.470879][ T4151]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1151.470901][ T4151]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1151.470931][ T4151]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1151.470955][ T4151]  ____sys_sendmsg+0x972/0x9f0
[ 1151.470987][ T4151]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1151.471020][ T4151]  ? import_iovec+0x73/0xa0
[ 1151.471045][ T4151]  ___sys_sendmsg+0x2a5/0x360
[ 1151.471074][ T4151]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1151.471133][ T4151]  ? __fget_files+0x2a/0x420
[ 1151.471169][ T4151]  ? __fget_files+0x3a0/0x420
[ 1151.471207][ T4151]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1151.471233][ T4151]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1151.471266][ T4151]  ? __pfx_ksys_write+0x10/0x10
[ 1151.471300][ T4151]  do_syscall_64+0x14d/0xf80
[ 1151.471320][ T4151]  ? trace_irq_disable+0x3b/0x150
[ 1151.471346][ T4151]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1151.471366][ T4151]  ? clear_bhb_loop+0x40/0x90
[ 1151.471390][ T4151]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1151.471409][ T4151] RIP: 0033:0x7f946d19c799
[ 1151.471428][ T4151] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1151.471445][ T4151] RSP: 002b:00007f946e04a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1151.471466][ T4151] RAX: ffffffffffffffda RBX: 00007f946d415fa0 RCX: 00007f946d19c799
[ 1151.471480][ T4151] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000004
[ 1151.471493][ T4151] RBP: 00007f946e04a090 R08: 0000000000000000 R09: 0000000000000000
[ 1151.471505][ T4151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1151.471516][ T4151] R13: 00007f946d416038 R14: 00007f946d415fa0 R15: 00007fff93c6ce18
[ 1151.471549][ T4151]  </TASK>
[ 1151.712192][ T4164] netlink: 'syz.0.9353': attribute type 15 has an invalid length.
[ 1151.751005][ T4160] netlink: 'syz.1.9352': attribute type 1 has an invalid length.
[ 1151.963228][ T4164] netlink: 128 bytes leftover after parsing attributes in process `syz.0.9353'.
[ 1151.982658][ T4160] netlink: 'syz.1.9352': attribute type 1 has an invalid length.
[ 1152.319773][ T4168] netlink: 20 bytes leftover after parsing attributes in process `syz.3.9354'.
[ 1153.063735][ T4173] netlink: 'syz.4.9355': attribute type 1 has an invalid length.
[ 1157.331404][ T4152] veth3: entered promiscuous mode
[ 1162.304826][ T4153] veth5: entered promiscuous mode
[ 1162.353889][ T4173] workqueue: Failed to create a rescuer kthread for wq "bond14": -EINTR
[ 1162.905874][ T4197] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9363'.
[ 1162.934506][ T4197] netlink: 'syz.0.9363': attribute type 13 has an invalid length.
[ 1163.012877][ T4203] x_tables: duplicate underflow at hook 1
[ 1163.085136][ T4205] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9366'.
[ 1163.144639][ T4207] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9368'.
[ 1163.237437][ T4212] netlink: 'syz.0.9369': attribute type 1 has an invalid length.
[ 1163.785359][   T10] IPVS: starting estimator thread 0...
[ 1163.809816][ T4232] virt_wifi0 speed is unknown, defaulting to 1000
[ 1163.910646][ T4232] lo speed is unknown, defaulting to 1000
[ 1163.945363][ T4237] IPVS: using max 32 ests per chain, 76800 per kthread
[ 1163.969166][ T4226] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9373'.
[ 1164.167703][ T4235] netlink: 116 bytes leftover after parsing attributes in process `syz.3.9373'.
[ 1164.261414][ T4255] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[ 1164.760097][ T4264] netlink: 136 bytes leftover after parsing attributes in process `syz.0.9382'.
[ 1165.287370][ T4279] syzkaller0: entered promiscuous mode
[ 1165.296685][ T4279] syzkaller0: entered allmulticast mode
[ 1166.042444][ T4314] netlink: 'syz.4.9396': attribute type 15 has an invalid length.
[ 1166.061423][ T4314] netlink: 12 bytes leftover after parsing attributes in process `syz.4.9396'.
[ 1166.074184][ T4314] netlink: 'syz.4.9396': attribute type 39 has an invalid length.
[ 1171.889941][ T4292] virt_wifi0 speed is unknown, defaulting to 1000
[ 1171.997707][ T4322] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1172.053903][ T4292] lo speed is unknown, defaulting to 1000
[ 1172.155110][ T4325] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9400'.
[ 1172.219532][ T4332] netlink: 'syz.0.9400': attribute type 13 has an invalid length.
[ 1172.239804][ T4331] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1172.397393][ T4335] netlink: 16178 bytes leftover after parsing attributes in process `syz.2.9403'.
[ 1172.477829][ T4339] netlink: 'syz.1.9405': attribute type 1 has an invalid length.
[ 1172.530405][ T4341] netlink: ct family unspecified
[ 1172.555324][ T4341] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1172.765453][ T4347] syzkaller0: entered promiscuous mode
[ 1172.771070][ T4347] syzkaller0: entered allmulticast mode
[ 1172.779808][ T4347] syzkaller0: left promiscuous mode
[ 1172.788323][ T4347] syzkaller0: left allmulticast mode
[ 1173.080180][ T4360] netlink: 'syz.0.9412': attribute type 4 has an invalid length.
[ 1173.152412][ T4360] IPv6: NLM_F_REPLACE set, but no existing node found!
[ 1173.451239][ T4367] netlink: 'syz.0.9413': attribute type 13 has an invalid length.
[ 1174.279963][ T4396] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9416'.
[ 1174.448418][ T4396] team1: entered promiscuous mode
[ 1174.503477][ T4396] team1: entered allmulticast mode
[ 1174.512396][ T4396] 8021q: adding VLAN 0 to HW filter on device team1
[ 1174.922542][ T4404] virt_wifi0 speed is unknown, defaulting to 1000
[ 1174.940428][ T4404] lo speed is unknown, defaulting to 1000
[ 1175.275309][ T4418] netlink: 'syz.0.9425': attribute type 4 has an invalid length.
[ 1175.368911][ T4426] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1175.595968][ T4433] hsr0: entered promiscuous mode
[ 1175.621636][ T4433] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9428'.
[ 1175.939267][ T4448] netlink: 20 bytes leftover after parsing attributes in process `syz.3.9432'.
[ 1175.985289][ T4448] netlink: 16 bytes leftover after parsing attributes in process `syz.3.9432'.
[ 1176.118533][ T4452] netlink: 'syz.4.9435': attribute type 4 has an invalid length.
[ 1176.298869][ T4462] netlink: 52 bytes leftover after parsing attributes in process `syz.3.9437'.
[ 1176.366622][ T4457] virt_wifi0 speed is unknown, defaulting to 1000
[ 1176.414488][ T4457] lo speed is unknown, defaulting to 1000
[ 1176.857766][ T4473] netlink: 16150 bytes leftover after parsing attributes in process `syz.3.9442'.
[ 1176.904404][ T4480] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[ 1177.919336][ T4519] netlink: 'syz.2.9453': attribute type 13 has an invalid length.
[ 1178.004670][ T4525] netlink: 'syz.0.9454': attribute type 6 has an invalid length.
[ 1178.083338][ T4525] netlink: 128 bytes leftover after parsing attributes in process `syz.0.9454'.
[ 1178.380867][ T4538] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9458'.
[ 1178.385940][ T4529] virt_wifi0 speed is unknown, defaulting to 1000
[ 1178.417616][ T4529] lo speed is unknown, defaulting to 1000
[ 1178.617662][ T4535] netlink: 16150 bytes leftover after parsing attributes in process `syz.3.9457'.
[ 1178.794644][ T4552] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[ 1178.884794][ T4556] netlink: 128 bytes leftover after parsing attributes in process `syz.2.9466'.
[ 1179.216586][ T4565] netlink: 'syz.3.9467': attribute type 13 has an invalid length.
[ 1179.268978][ T4565] A link change request failed with some changes committed already. Interface teql0 may have been left with an inconsistent configuration, please check.
[ 1179.323954][ T4582] netlink: 312 bytes leftover after parsing attributes in process `syz.2.9473'.
[ 1179.960947][ T4597] netlink: 16150 bytes leftover after parsing attributes in process `syz.4.9478'.
[ 1180.188959][ T4612] PF_CAN: dropped non conform CAN XL skbuff: dev type 65534, len 64993
[ 1180.214691][ T4612] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1180.222320][ T4612] IPv6: NLM_F_CREATE should be set when creating new route
[ 1180.287241][ T4615] gre0: left promiscuous mode
[ 1180.323151][ T4615] gre0: left allmulticast mode
[ 1180.444216][ T4624] FAULT_INJECTION: forcing a failure.
[ 1180.444216][ T4624] name failslab, interval 1, probability 0, space 0, times 0
[ 1180.460699][ T4615] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1180.468470][ T4615] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1180.527860][ T4624] CPU: 0 UID: 0 PID: 4624 Comm: syz.4.9488 Not tainted syzkaller #0 PREEMPT(full) 
[ 1180.527897][ T4624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1180.527909][ T4624] Call Trace:
[ 1180.527918][ T4624]  <TASK>
[ 1180.527928][ T4624]  dump_stack_lvl+0xe8/0x150
[ 1180.527961][ T4624]  should_fail_ex+0x412/0x560
[ 1180.527994][ T4624]  should_failslab+0xa8/0x100
[ 1180.528021][ T4624]  kmem_cache_alloc_node_noprof+0x8f/0x690
[ 1180.528041][ T4624]  ? kmem_cache_alloc_noprof+0x307/0x650
[ 1180.528059][ T4624]  ? ovs_flow_alloc+0x24/0x1f0
[ 1180.528171][ T4624]  ? ovs_flow_alloc+0x103/0x1f0
[ 1180.528199][ T4624]  ovs_flow_alloc+0x103/0x1f0
[ 1180.528226][ T4624]  ovs_flow_cmd_new+0x2b9/0xe80
[ 1180.528292][ T4624]  ? __pfx_ovs_flow_cmd_new+0x10/0x10
[ 1180.528379][ T4624]  ? __nla_parse+0x40/0x60
[ 1180.528402][ T4624]  ? genl_family_rcv_msg_attrs_parse+0x20b/0x2f0
[ 1180.528426][ T4624]  ? genl_family_rcv_msg_attrs_parse+0x265/0x2f0
[ 1180.528459][ T4624]  genl_family_rcv_msg_doit+0x22a/0x330
[ 1180.528490][ T4624]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1180.528527][ T4624]  ? bpf_lsm_capable+0x9/0x20
[ 1180.528551][ T4624]  ? security_capable+0x7e/0x2c0
[ 1180.528582][ T4624]  genl_rcv_msg+0x61c/0x7a0
[ 1180.528608][ T4624]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1180.528628][ T4624]  ? __pfx_ovs_flow_cmd_new+0x10/0x10
[ 1180.528657][ T4624]  ? __lock_acquire+0x6b5/0x2cf0
[ 1180.528693][ T4624]  netlink_rcv_skb+0x232/0x4b0
[ 1180.528723][ T4624]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1180.528748][ T4624]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1180.528792][ T4624]  ? down_read+0x272/0x2e0
[ 1180.528813][ T4624]  ? genl_rcv+0xd/0x40
[ 1180.528837][ T4624]  genl_rcv+0x28/0x40
[ 1180.528860][ T4624]  netlink_unicast+0x80f/0x9b0
[ 1180.528902][ T4624]  ? __pfx_netlink_unicast+0x10/0x10
[ 1180.528931][ T4624]  ? netlink_sendmsg+0x650/0xb40
[ 1180.528948][ T4624]  ? skb_put+0x11b/0x210
[ 1180.528973][ T4624]  netlink_sendmsg+0x813/0xb40
[ 1180.529001][ T4624]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1180.529024][ T4624]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1180.529054][ T4624]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1180.529079][ T4624]  ____sys_sendmsg+0x972/0x9f0
[ 1180.529112][ T4624]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1180.529144][ T4624]  ? import_iovec+0x73/0xa0
[ 1180.529170][ T4624]  ___sys_sendmsg+0x2a5/0x360
[ 1180.529198][ T4624]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1180.529257][ T4624]  ? __fget_files+0x2a/0x420
[ 1180.529283][ T4624]  ? __fget_files+0x3a0/0x420
[ 1180.529321][ T4624]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1180.529346][ T4624]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1180.529378][ T4624]  ? __pfx_ksys_write+0x10/0x10
[ 1180.529411][ T4624]  do_syscall_64+0x14d/0xf80
[ 1180.529431][ T4624]  ? trace_irq_disable+0x3b/0x150
[ 1180.529457][ T4624]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1180.529476][ T4624]  ? clear_bhb_loop+0x40/0x90
[ 1180.529507][ T4624]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1180.529526][ T4624] RIP: 0033:0x7f9ddb19c799
[ 1180.529545][ T4624] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1180.529561][ T4624] RSP: 002b:00007f9dd93f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1180.529583][ T4624] RAX: ffffffffffffffda RBX: 00007f9ddb415fa0 RCX: 00007f9ddb19c799
[ 1180.529597][ T4624] RDX: 000000000800c000 RSI: 0000200000000000 RDI: 0000000000000003
[ 1180.529610][ T4624] RBP: 00007f9dd93f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1180.529623][ T4624] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1180.529635][ T4624] R13: 00007f9ddb416038 R14: 00007f9ddb415fa0 R15: 00007ffcf6761d58
[ 1180.529665][ T4624]  </TASK>
[ 1181.372389][ T4615] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1181.522015][ T4615] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1181.878279][ T4642] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1181.894159][ T4642] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1181.917489][ T4642] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1181.940828][ T4642] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1181.949721][ T4642] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1182.034517][ T4639] syz_tun: entered promiscuous mode
[ 1182.046332][ T4639] syz_tun: entered allmulticast mode
[ 1182.052484][   T58] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1182.360300][ T4651] netlink: 211856 bytes leftover after parsing attributes in process `syz.1.9498'.
[ 1182.518796][   T58] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1182.543971][   T58] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1182.657093][ T4649] netlink: 16178 bytes leftover after parsing attributes in process `syz.0.9497'.
[ 1182.681763][   T58] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1182.796709][ T4641] virt_wifi0 speed is unknown, defaulting to 1000
[ 1182.815146][ T4662] netlink: 'syz.3.9496': attribute type 13 has an invalid length.
[ 1182.835947][ T4663] netlink: 'syz.1.9501': attribute type 6 has an invalid length.
[ 1182.861359][ T4663] netlink: 128 bytes leftover after parsing attributes in process `syz.1.9501'.
[ 1182.918526][ T4662] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1182.956956][ T4641] lo speed is unknown, defaulting to 1000
[ 1182.957820][ T4664] netlink: 16150 bytes leftover after parsing attributes in process `syz.2.9502'.
[ 1183.273517][ T4673] FAULT_INJECTION: forcing a failure.
[ 1183.273517][ T4673] name failslab, interval 1, probability 0, space 0, times 0
[ 1183.286342][ T4673] CPU: 1 UID: 0 PID: 4673 Comm: syz.2.9506 Not tainted syzkaller #0 PREEMPT(full) 
[ 1183.286368][ T4673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1183.286380][ T4673] Call Trace:
[ 1183.286389][ T4673]  <TASK>
[ 1183.286397][ T4673]  dump_stack_lvl+0xe8/0x150
[ 1183.286430][ T4673]  should_fail_ex+0x412/0x560
[ 1183.286464][ T4673]  should_failslab+0xa8/0x100
[ 1183.286488][ T4673]  ? skb_clone+0x212/0x3a0
[ 1183.286512][ T4673]  kmem_cache_alloc_noprof+0x87/0x650
[ 1183.286532][ T4673]  ? __netlink_lookup+0xc6/0x8b0
[ 1183.286560][ T4673]  skb_clone+0x212/0x3a0
[ 1183.286587][ T4673]  __netlink_deliver_tap+0x404/0x850
[ 1183.286628][ T4673]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1183.286658][ T4673]  netlink_deliver_tap+0x19c/0x1b0
[ 1183.286689][ T4673]  netlink_unicast+0x7e3/0x9b0
[ 1183.286724][ T4673]  ? __pfx_netlink_unicast+0x10/0x10
[ 1183.286752][ T4673]  ? netlink_sendmsg+0x650/0xb40
[ 1183.286768][ T4673]  ? skb_put+0x11b/0x210
[ 1183.286792][ T4673]  netlink_sendmsg+0x813/0xb40
[ 1183.286821][ T4673]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1183.286844][ T4673]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1183.286872][ T4673]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1183.286898][ T4673]  ____sys_sendmsg+0x972/0x9f0
[ 1183.286929][ T4673]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1183.286961][ T4673]  ? import_iovec+0x73/0xa0
[ 1183.286986][ T4673]  ___sys_sendmsg+0x2a5/0x360
[ 1183.287014][ T4673]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1183.287071][ T4673]  ? __fget_files+0x2a/0x420
[ 1183.287106][ T4673]  ? __fget_files+0x3a0/0x420
[ 1183.287144][ T4673]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1183.287169][ T4673]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1183.287201][ T4673]  ? __pfx_ksys_write+0x10/0x10
[ 1183.287234][ T4673]  do_syscall_64+0x14d/0xf80
[ 1183.287255][ T4673]  ? trace_irq_disable+0x3b/0x150
[ 1183.287287][ T4673]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1183.287307][ T4673]  ? clear_bhb_loop+0x40/0x90
[ 1183.287331][ T4673]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1183.287350][ T4673] RIP: 0033:0x7fb33319c799
[ 1183.287369][ T4673] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1183.287385][ T4673] RSP: 002b:00007fb333fe5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1183.287406][ T4673] RAX: ffffffffffffffda RBX: 00007fb333415fa0 RCX: 00007fb33319c799
[ 1183.287420][ T4673] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000015
[ 1183.287433][ T4673] RBP: 00007fb333fe5090 R08: 0000000000000000 R09: 0000000000000000
[ 1183.287445][ T4673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1183.287457][ T4673] R13: 00007fb333416038 R14: 00007fb333415fa0 R15: 00007ffee1040458
[ 1183.287489][ T4673]  </TASK>
[ 1184.035455][T19191] Bluetooth: hci5: command tx timeout
[ 1184.069019][ T4641] chnl_net:caif_netlink_parms(): no params data found
[ 1184.228380][ T4691] netlink: 312 bytes leftover after parsing attributes in process `syz.3.9511'.
[ 1184.252728][ T4641] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1184.292491][ T4641] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1184.337657][ T4641] bridge_slave_0: entered allmulticast mode
[ 1184.385959][ T4641] bridge_slave_0: entered promiscuous mode
[ 1184.426138][ T4641] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1184.473256][ T4641] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1184.490859][ T4641] bridge_slave_1: entered allmulticast mode
[ 1184.515058][ T4641] bridge_slave_1: entered promiscuous mode
[ 1184.559209][ T4705] FAULT_INJECTION: forcing a failure.
[ 1184.559209][ T4705] name failslab, interval 1, probability 0, space 0, times 0
[ 1184.601681][ T4707] x_tables: ip_tables: helper.0 match: invalid size 40 (kernel) != (user) 104
[ 1184.613150][ T4705] CPU: 1 UID: 0 PID: 4705 Comm: syz.3.9515 Not tainted syzkaller #0 PREEMPT(full) 
[ 1184.613177][ T4705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1184.613189][ T4705] Call Trace:
[ 1184.613197][ T4705]  <TASK>
[ 1184.613206][ T4705]  dump_stack_lvl+0xe8/0x150
[ 1184.613238][ T4705]  should_fail_ex+0x412/0x560
[ 1184.613272][ T4705]  should_failslab+0xa8/0x100
[ 1184.613295][ T4705]  ? skb_clone+0x212/0x3a0
[ 1184.613319][ T4705]  kmem_cache_alloc_noprof+0x87/0x650
[ 1184.613338][ T4705]  ? __netlink_lookup+0xc6/0x8b0
[ 1184.613366][ T4705]  skb_clone+0x212/0x3a0
[ 1184.613391][ T4705]  __netlink_deliver_tap+0x404/0x850
[ 1184.613432][ T4705]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1184.613462][ T4705]  netlink_deliver_tap+0x19c/0x1b0
[ 1184.613498][ T4705]  netlink_unicast+0x7e3/0x9b0
[ 1184.613533][ T4705]  ? __pfx_netlink_unicast+0x10/0x10
[ 1184.613562][ T4705]  ? netlink_sendmsg+0x650/0xb40
[ 1184.613578][ T4705]  ? skb_put+0x11b/0x210
[ 1184.613602][ T4705]  netlink_sendmsg+0x813/0xb40
[ 1184.613631][ T4705]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1184.613653][ T4705]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1184.613683][ T4705]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1184.613709][ T4705]  ____sys_sendmsg+0x972/0x9f0
[ 1184.613741][ T4705]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1184.613773][ T4705]  ? import_iovec+0x73/0xa0
[ 1184.613797][ T4705]  ___sys_sendmsg+0x2a5/0x360
[ 1184.613831][ T4705]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1184.613889][ T4705]  ? __fget_files+0x2a/0x420
[ 1184.613916][ T4705]  ? __fget_files+0x3a0/0x420
[ 1184.613953][ T4705]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1184.613978][ T4705]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1184.614010][ T4705]  ? __pfx_ksys_write+0x10/0x10
[ 1184.614043][ T4705]  do_syscall_64+0x14d/0xf80
[ 1184.614063][ T4705]  ? trace_irq_disable+0x3b/0x150
[ 1184.614089][ T4705]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1184.614109][ T4705]  ? clear_bhb_loop+0x40/0x90
[ 1184.614133][ T4705]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1184.614152][ T4705] RIP: 0033:0x7f946d19c799
[ 1184.614170][ T4705] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1184.614188][ T4705] RSP: 002b:00007f946e04a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1184.614208][ T4705] RAX: ffffffffffffffda RBX: 00007f946d415fa0 RCX: 00007f946d19c799
[ 1184.614223][ T4705] RDX: 0000000000000040 RSI: 0000200000009b40 RDI: 0000000000000003
[ 1184.614235][ T4705] RBP: 00007f946e04a090 R08: 0000000000000000 R09: 0000000000000000
[ 1184.614248][ T4705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1184.614260][ T4705] R13: 00007f946d416038 R14: 00007f946d415fa0 R15: 00007fff93c6ce18
[ 1184.614292][ T4705]  </TASK>
[ 1184.614389][ T4705] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9515'.
[ 1184.655595][ T4699] virt_wifi0 speed is unknown, defaulting to 1000
[ 1184.761202][ T4705] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9515'.
[ 1184.810881][ T4641] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1184.946393][ T4696] virt_wifi0 speed is unknown, defaulting to 1000
[ 1184.950115][ T4641] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1185.028334][ T4714] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9520'.
[ 1185.102641][ T4699] lo speed is unknown, defaulting to 1000
[ 1185.140483][ T4696] lo speed is unknown, defaulting to 1000
[ 1185.219757][ T4722] xt_CHECKSUM: unsupported CHECKSUM operation 68
[ 1185.267148][ T4641] team0: Port device team_slave_0 added
[ 1185.291440][ T4641] team0: Port device team_slave_1 added
[ 1185.337326][ T4711] virt_wifi0 speed is unknown, defaulting to 1000
[ 1185.367642][ T4721] netlink: 80 bytes leftover after parsing attributes in process `syz.2.9523'.
[ 1185.478067][ T4711] lo speed is unknown, defaulting to 1000
[ 1185.564768][ T4727] geneve2: entered promiscuous mode
[ 1185.570031][ T4727] geneve2: entered allmulticast mode
[ 1185.791749][   T58] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[ 1185.811031][   T58] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[ 1185.867615][ T4641] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1185.875948][ T4641] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1185.927043][ T4641] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1185.955581][ T4641] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1185.971195][ T4641] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1186.023551][ T4641] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1186.051011][ T4733] netlink: 16178 bytes leftover after parsing attributes in process `syz.2.9527'.
[ 1186.071524][   T58] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[ 1186.073268][T19191] Bluetooth: hci5: command tx timeout
[ 1186.115148][   T58] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[ 1186.204863][ T4738] netlink: 20 bytes leftover after parsing attributes in process `syz.2.9529'.
[ 1186.237326][ T4738] netlink: 16 bytes leftover after parsing attributes in process `syz.2.9529'.
[ 1186.717156][ T4641] hsr_slave_0: entered promiscuous mode
[ 1186.741044][ T4641] hsr_slave_1: entered promiscuous mode
[ 1186.759657][ T4641] debugfs: 'hsr0' already exists in 'hsr'
[ 1186.785774][ T4641] Cannot create hsr debugfs directory
[ 1186.880679][ T4758] netlink: zone id is out of range
[ 1186.900726][ T4758] netlink: zone id is out of range
[ 1186.906413][ T4758] netlink: zone id is out of range
[ 1186.925804][ T4758] netlink: zone id is out of range
[ 1186.930953][ T4758] netlink: zone id is out of range
[ 1186.965676][ T4758] netlink: zone id is out of range
[ 1186.971103][ T4758] netlink: zone id is out of range
[ 1187.027025][ T4758] netlink: zone id is out of range
[ 1187.045468][ T4758] netlink: zone id is out of range
[ 1187.061651][ T4758] netlink: zone id is out of range
[ 1187.231446][ T4764] netlink: 16178 bytes leftover after parsing attributes in process `syz.2.9538'.
[ 1187.373144][ T4771] netlink: 16150 bytes leftover after parsing attributes in process `syz.3.9539'.
[ 1187.613017][ T4641] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1187.825009][ T4641] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1187.896045][ T4791] sctp: [Deprecated]: syz.3.9547 (pid 4791) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1187.896045][ T4791] Use struct sctp_sack_info instead
[ 1187.973924][ T4791] sctp: [Deprecated]: syz.3.9547 (pid 4791) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1187.973924][ T4791] Use struct sctp_sack_info instead
[ 1188.010138][ T4793] erspan0: entered promiscuous mode
[ 1188.173197][T19191] Bluetooth: hci5: command tx timeout
[ 1188.180264][ T4793] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1188.190644][ T4793] 8021q: adding VLAN 0 to HW filter on device team0
[ 1188.276146][ T4641] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1188.339998][ T4797] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[ 1188.406774][ T4641] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1188.825637][ T4824] netlink: 'syz.1.9559': attribute type 2 has an invalid length.
[ 1189.241992][ T4840] __nla_validate_parse: 4 callbacks suppressed
[ 1189.242011][ T4840] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9564'.
[ 1189.302610][ T4641] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1189.360126][ T4641] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1189.408788][ T4641] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1189.471991][ T4641] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1189.791397][ T4852] virt_wifi0 speed is unknown, defaulting to 1000
[ 1189.885879][ T4852] lo speed is unknown, defaulting to 1000
[ 1189.947048][ T4641] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1190.170200][ T4641] 8021q: adding VLAN 0 to HW filter on device team0
[ 1190.223787][T19191] Bluetooth: hci5: command tx timeout
[ 1190.241002][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1190.248262][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1190.314055][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1190.321259][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1190.837400][ T4891] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1191.524011][ T4641] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1191.726437][ T4924] lo: Caught tx_queue_len zero misconfig
[ 1191.770854][ T4917] netlink: 'syz.0.9586': attribute type 13 has an invalid length.
[ 1191.860229][ T4928] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9589'.
[ 1191.957270][ T4931] netlink: 16150 bytes leftover after parsing attributes in process `syz.2.9590'.
[ 1192.423338][ T4947] netlink: 'syz.2.9594': attribute type 21 has an invalid length.
[ 1192.449949][ T4947] netlink: 'syz.2.9594': attribute type 4 has an invalid length.
[ 1192.503768][ T4947] netlink: 'syz.2.9594': attribute type 3 has an invalid length.
[ 1192.544698][ T4947] netlink: 132 bytes leftover after parsing attributes in process `syz.2.9594'.
[ 1192.721063][ T4949] virt_wifi0 speed is unknown, defaulting to 1000
[ 1192.735713][ T4641] veth0_vlan: entered promiscuous mode
[ 1192.795874][ T4949] lo speed is unknown, defaulting to 1000
[ 1192.816591][ T4955] ip6tnl1: entered promiscuous mode
[ 1192.867338][ T4951] virt_wifi0 speed is unknown, defaulting to 1000
[ 1192.894420][ T4641] veth1_vlan: entered promiscuous mode
[ 1192.988440][ T4951] lo speed is unknown, defaulting to 1000
[ 1193.118559][ T4958] virt_wifi0 speed is unknown, defaulting to 1000
[ 1193.301588][ T4958] lo speed is unknown, defaulting to 1000
[ 1193.995622][ T4641] veth0_macvtap: entered promiscuous mode
[ 1194.039927][ T4641] veth1_macvtap: entered promiscuous mode
[ 1194.133512][ T4641] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1194.164804][ T4641] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1194.200696][ T1089] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1194.220462][ T1089] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1194.279936][ T1089] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1194.321548][ T1089] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1194.375718][ T4974] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9601'.
[ 1194.426035][ T4974] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9601'.
[ 1194.490366][ T4974] netlink: 'syz.1.9601': attribute type 18 has an invalid length.
[ 1194.630512][T13049] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1194.673472][T13049] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1194.743008][ T4980] FAULT_INJECTION: forcing a failure.
[ 1194.743008][ T4980] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1194.770230][T13053] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1194.785466][T13053] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1194.795072][ T4980] CPU: 1 UID: 0 PID: 4980 Comm: syz.1.9604 Not tainted syzkaller #0 PREEMPT(full) 
[ 1194.795099][ T4980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1194.795111][ T4980] Call Trace:
[ 1194.795119][ T4980]  <TASK>
[ 1194.795138][ T4980]  dump_stack_lvl+0xe8/0x150
[ 1194.795172][ T4980]  should_fail_ex+0x412/0x560
[ 1194.795206][ T4980]  _copy_to_user+0x31/0xb0
[ 1194.795230][ T4980]  bpf_verifier_vlog+0x5ec/0x8f0
[ 1194.795262][ T4980]  __btf_verifier_log+0xe2/0x140
[ 1194.795329][ T4980]  ? __pfx___btf_verifier_log+0x10/0x10
[ 1194.795358][ T4980]  ? btf_parse_hdr+0x1e2/0x760
[ 1194.795380][ T4980]  btf_parse_hdr+0x2c2/0x760
[ 1194.795403][ T4980]  btf_new_fd+0x385/0xd10
[ 1194.795428][ T4980]  ? __pfx_btf_new_fd+0x10/0x10
[ 1194.795447][ T4980]  ? bpf_token_put+0x143/0x160
[ 1194.795466][ T4980]  ? bpf_btf_load+0x126/0x190
[ 1194.795485][ T4980]  __sys_bpf+0x4e5/0x950
[ 1194.795515][ T4980]  ? __pfx___sys_bpf+0x10/0x10
[ 1194.795559][ T4980]  ? ksys_write+0x242/0x270
[ 1194.795583][ T4980]  ? __pfx_ksys_write+0x10/0x10
[ 1194.795612][ T4980]  __x64_sys_bpf+0x7c/0x90
[ 1194.795638][ T4980]  do_syscall_64+0x14d/0xf80
[ 1194.795659][ T4980]  ? trace_irq_disable+0x3b/0x150
[ 1194.795686][ T4980]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1194.795706][ T4980]  ? clear_bhb_loop+0x40/0x90
[ 1194.795730][ T4980]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1194.795749][ T4980] RIP: 0033:0x7f7610f9c799
[ 1194.795768][ T4980] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1194.795785][ T4980] RSP: 002b:00007f7611dbc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1194.795806][ T4980] RAX: ffffffffffffffda RBX: 00007f7611215fa0 RCX: 00007f7610f9c799
[ 1194.795821][ T4980] RDX: 0000000000000028 RSI: 0000200000000040 RDI: 0000000000000012
[ 1194.795834][ T4980] RBP: 00007f7611dbc090 R08: 0000000000000000 R09: 0000000000000000
[ 1194.795846][ T4980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1194.795858][ T4980] R13: 00007f7611216038 R14: 00007f7611215fa0 R15: 00007fff20e33808
[ 1194.795890][ T4980]  </TASK>
[ 1195.046308][ T4978] netlink: 16150 bytes leftover after parsing attributes in process `syz.2.9603'.
[ 1195.475665][ T4995] netlink: 211856 bytes leftover after parsing attributes in process `syz.2.9608'.
[ 1195.602702][ T4998] netlink: 12 bytes leftover after parsing attributes in process `syz.4.9609'.
[ 1195.835938][ T5002] bond1 (unregistering): Released all slaves
[ 1195.865081][ T5009] netlink: 'syz.3.9613': attribute type 1 has an invalid length.
[ 1195.872852][ T5009] netlink: 248 bytes leftover after parsing attributes in process `syz.3.9613'.
[ 1196.407573][ T5023] netlink: 312 bytes leftover after parsing attributes in process `syz.3.9619'.
[ 1196.522473][ T5028] netlink: 16150 bytes leftover after parsing attributes in process `syz.4.9618'.
[ 1197.291385][ T5059] netlink: 'syz.4.9628': attribute type 4 has an invalid length.
[ 1197.335950][ T5055] virt_wifi0 speed is unknown, defaulting to 1000
[ 1197.371395][ T5061] netlink: 'syz.2.9630': attribute type 21 has an invalid length.
[ 1197.414250][ T5061] netlink: 176 bytes leftover after parsing attributes in process `syz.2.9630'.
[ 1197.472345][ T5055] lo speed is unknown, defaulting to 1000
[ 1197.703702][ T5066] netlink: 'syz.4.9631': attribute type 13 has an invalid length.
[ 1197.732907][ T5068] macsec1: entered allmulticast mode
[ 1197.760261][ T5068] erspan0: entered allmulticast mode
[ 1197.800896][ T5068] erspan0: left allmulticast mode
[ 1197.861669][ T5072] IPVS: set_ctl: invalid protocol: 43 172.30.0.2:20001
[ 1198.021543][ T5066] net_ratelimit: 9 callbacks suppressed
[ 1198.021557][ T5066] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1198.130651][ T5080] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1198.165268][ T5083] netlink: 'syz.2.9636': attribute type 1 has an invalid length.
[ 1198.219891][ T1089] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1198.258560][ T1089] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1198.286552][ T5082] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9635'.
[ 1198.312780][ T5083] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1198.406159][ T5086] bond2: (slave geneve2): making interface the new active one
[ 1198.447363][ T5086] bond2: (slave geneve2): Enslaving as an active interface with an up link
[ 1198.872252][ T5089] netlink: 'syz.2.9637': attribute type 13 has an invalid length.
[ 1198.938516][ T5089] A link change request failed with some changes committed already. Interface teql0 may have been left with an inconsistent configuration, please check.
[ 1199.470910][ T5116] __nla_validate_parse: 2 callbacks suppressed
[ 1199.470931][ T5116] netlink: 20 bytes leftover after parsing attributes in process `syz.3.9647'.
[ 1199.473913][ T5117] FAULT_INJECTION: forcing a failure.
[ 1199.473913][ T5117] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1199.523383][ T5116] netlink: 16 bytes leftover after parsing attributes in process `syz.3.9647'.
[ 1199.573221][ T5117] CPU: 0 UID: 0 PID: 5117 Comm: syz.1.9648 Not tainted syzkaller #0 PREEMPT(full) 
[ 1199.573292][ T5117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1199.573305][ T5117] Call Trace:
[ 1199.573313][ T5117]  <TASK>
[ 1199.573322][ T5117]  dump_stack_lvl+0xe8/0x150
[ 1199.573355][ T5117]  should_fail_ex+0x412/0x560
[ 1199.573386][ T5117]  _copy_to_user+0x31/0xb0
[ 1199.573408][ T5117]  bpf_verifier_vlog+0x48c/0x8f0
[ 1199.573437][ T5117]  __btf_verifier_log+0xe2/0x140
[ 1199.573465][ T5117]  ? __pfx___btf_verifier_log+0x10/0x10
[ 1199.573493][ T5117]  ? btf_parse_hdr+0x1e2/0x760
[ 1199.573515][ T5117]  btf_parse_hdr+0x2f9/0x760
[ 1199.573539][ T5117]  btf_new_fd+0x385/0xd10
[ 1199.573567][ T5117]  ? __pfx_btf_new_fd+0x10/0x10
[ 1199.573588][ T5117]  ? bpf_token_put+0x143/0x160
[ 1199.573609][ T5117]  ? bpf_btf_load+0x126/0x190
[ 1199.573631][ T5117]  __sys_bpf+0x4e5/0x950
[ 1199.573661][ T5117]  ? __pfx___sys_bpf+0x10/0x10
[ 1199.573704][ T5117]  ? ksys_write+0x242/0x270
[ 1199.573727][ T5117]  ? __pfx_ksys_write+0x10/0x10
[ 1199.573754][ T5117]  __x64_sys_bpf+0x7c/0x90
[ 1199.573779][ T5117]  do_syscall_64+0x14d/0xf80
[ 1199.573800][ T5117]  ? trace_irq_disable+0x3b/0x150
[ 1199.573826][ T5117]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1199.573845][ T5117]  ? clear_bhb_loop+0x40/0x90
[ 1199.573868][ T5117]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1199.573887][ T5117] RIP: 0033:0x7f7610f9c799
[ 1199.573905][ T5117] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1199.573923][ T5117] RSP: 002b:00007f7611dbc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1199.573942][ T5117] RAX: ffffffffffffffda RBX: 00007f7611215fa0 RCX: 00007f7610f9c799
[ 1199.573956][ T5117] RDX: 0000000000000028 RSI: 0000200000000040 RDI: 0000000000000012
[ 1199.573968][ T5117] RBP: 00007f7611dbc090 R08: 0000000000000000 R09: 0000000000000000
[ 1199.573980][ T5117] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1199.573992][ T5117] R13: 00007f7611216038 R14: 00007f7611215fa0 R15: 00007fff20e33808
[ 1199.574023][ T5117]  </TASK>
[ 1200.174750][ T5129] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1200.525207][ T5152] netlink: 'syz.3.9660': attribute type 3 has an invalid length.
[ 1200.924099][ T5171] netlink: 12 bytes leftover after parsing attributes in process `syz.4.9666'.
[ 1200.925911][ T5163] netlink: 16150 bytes leftover after parsing attributes in process `syz.3.9663'.
[ 1200.998617][ T5173] netlink: 312 bytes leftover after parsing attributes in process `syz.0.9668'.
[ 1201.025750][ T5171] netlink: 28 bytes leftover after parsing attributes in process `syz.4.9666'.
[ 1201.106262][ T5178] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9670'.
[ 1201.133741][ T5178] A link change request failed with some changes committed already. Interface gre1 may have been left with an inconsistent configuration, please check.
[ 1201.221590][ T5186] netlink: 20 bytes leftover after parsing attributes in process `syz.4.9666'.
[ 1201.319964][ T5188] netlink: 'syz.3.9671': attribute type 10 has an invalid length.
[ 1201.343347][ T5188] netlink: 2 bytes leftover after parsing attributes in process `syz.3.9671'.
[ 1201.352281][ T5188] hsr0: entered promiscuous mode
[ 1201.375457][ T5188] bridge0: port 3(hsr0) entered blocking state
[ 1201.394754][ T5188] bridge0: port 3(hsr0) entered disabled state
[ 1201.432427][ T5188] hsr0: entered allmulticast mode
[ 1201.448751][ T5188] hsr_slave_0: entered allmulticast mode
[ 1201.464892][ T5188] hsr_slave_1: entered allmulticast mode
[ 1201.498697][ T5188] bridge0: port 3(hsr0) entered blocking state
[ 1201.505095][ T5188] bridge0: port 3(hsr0) entered forwarding state
[ 1201.532846][ T5201] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1201.550847][ T5193] netlink: 16178 bytes leftover after parsing attributes in process `syz.2.9673'.
[ 1201.753596][ T5208] FAULT_INJECTION: forcing a failure.
[ 1201.753596][ T5208] name failslab, interval 1, probability 0, space 0, times 0
[ 1201.787972][ T5208] CPU: 1 UID: 0 PID: 5208 Comm: syz.3.9678 Not tainted syzkaller #0 PREEMPT(full) 
[ 1201.788000][ T5208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1201.788012][ T5208] Call Trace:
[ 1201.788020][ T5208]  <TASK>
[ 1201.788030][ T5208]  dump_stack_lvl+0xe8/0x150
[ 1201.788064][ T5208]  should_fail_ex+0x412/0x560
[ 1201.788098][ T5208]  should_failslab+0xa8/0x100
[ 1201.788126][ T5208]  __kmalloc_node_track_caller_noprof+0xeb/0x7b0
[ 1201.788151][ T5208]  ? ethnl_default_set_doit+0x595/0xad0
[ 1201.788172][ T5208]  ? __kmalloc_noprof+0x37d/0x760
[ 1201.788198][ T5208]  kmemdup_noprof+0x2b/0x70
[ 1201.788227][ T5208]  ethnl_default_set_doit+0x595/0xad0
[ 1201.788261][ T5208]  genl_family_rcv_msg_doit+0x22a/0x330
[ 1201.788289][ T5208]  ? __asan_memcpy+0x40/0x70
[ 1201.788312][ T5208]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1201.788351][ T5208]  ? bpf_lsm_capable+0x9/0x20
[ 1201.788377][ T5208]  ? security_capable+0x7e/0x2c0
[ 1201.788411][ T5208]  genl_rcv_msg+0x61c/0x7a0
[ 1201.788443][ T5208]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1201.788466][ T5208]  ? __pfx_ethnl_default_set_doit+0x10/0x10
[ 1201.788488][ T5208]  ? __lock_acquire+0x6b5/0x2cf0
[ 1201.788531][ T5208]  netlink_rcv_skb+0x232/0x4b0
[ 1201.788562][ T5208]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1201.788587][ T5208]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1201.788636][ T5208]  ? down_read+0x272/0x2e0
[ 1201.788658][ T5208]  ? genl_rcv+0xd/0x40
[ 1201.788682][ T5208]  genl_rcv+0x28/0x40
[ 1201.788704][ T5208]  netlink_unicast+0x80f/0x9b0
[ 1201.788741][ T5208]  ? __pfx_netlink_unicast+0x10/0x10
[ 1201.788770][ T5208]  ? netlink_sendmsg+0x650/0xb40
[ 1201.788787][ T5208]  ? skb_put+0x11b/0x210
[ 1201.788813][ T5208]  netlink_sendmsg+0x813/0xb40
[ 1201.788843][ T5208]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1201.788866][ T5208]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1201.788896][ T5208]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1201.788922][ T5208]  ____sys_sendmsg+0x972/0x9f0
[ 1201.788955][ T5208]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1201.788989][ T5208]  ? import_iovec+0x73/0xa0
[ 1201.789015][ T5208]  ___sys_sendmsg+0x2a5/0x360
[ 1201.789045][ T5208]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1201.789108][ T5208]  ? __fget_files+0x2a/0x420
[ 1201.789135][ T5208]  ? __fget_files+0x3a0/0x420
[ 1201.789175][ T5208]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1201.789201][ T5208]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1201.789235][ T5208]  ? __pfx_ksys_write+0x10/0x10
[ 1201.789270][ T5208]  do_syscall_64+0x14d/0xf80
[ 1201.789290][ T5208]  ? trace_irq_disable+0x3b/0x150
[ 1201.789317][ T5208]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1201.789338][ T5208]  ? clear_bhb_loop+0x40/0x90
[ 1201.789362][ T5208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1201.789381][ T5208] RIP: 0033:0x7f946d19c799
[ 1201.789401][ T5208] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1201.789418][ T5208] RSP: 002b:00007f946e04a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1201.789440][ T5208] RAX: ffffffffffffffda RBX: 00007f946d415fa0 RCX: 00007f946d19c799
[ 1201.789455][ T5208] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000015
[ 1201.789468][ T5208] RBP: 00007f946e04a090 R08: 0000000000000000 R09: 0000000000000000
[ 1201.789481][ T5208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1201.789499][ T5208] R13: 00007f946d416038 R14: 00007f946d415fa0 R15: 00007fff93c6ce18
[ 1201.789533][ T5208]  </TASK>
[ 1202.250534][ T5206] ipvlan2: entered promiscuous mode
[ 1202.299776][ T5206] ipvlan2: entered allmulticast mode
[ 1202.309804][ T5206] team0: entered allmulticast mode
[ 1202.351345][ T5206] team_slave_0: entered allmulticast mode
[ 1202.373602][ T5206] team_slave_1: entered allmulticast mode
[ 1202.425429][ T5206] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[ 1202.474455][ T5206] team0: Device ipvlan2 is already an upper device of the team interface
[ 1202.871591][ T5214] FAULT_INJECTION: forcing a failure.
[ 1202.871591][ T5214] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1202.934122][ T5214] CPU: 1 UID: 0 PID: 5214 Comm: syz.0.9681 Not tainted syzkaller #0 PREEMPT(full) 
[ 1202.934148][ T5214] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1202.934161][ T5214] Call Trace:
[ 1202.934169][ T5214]  <TASK>
[ 1202.934177][ T5214]  dump_stack_lvl+0xe8/0x150
[ 1202.934208][ T5214]  should_fail_ex+0x412/0x560
[ 1202.934240][ T5214]  _copy_from_user+0x2d/0xb0
[ 1202.934263][ T5214]  ___sys_recvmsg+0x175/0x590
[ 1202.934292][ T5214]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1202.934338][ T5214]  ? __fget_files+0x3a0/0x420
[ 1202.934383][ T5214]  do_recvmmsg+0x334/0x800
[ 1202.934413][ T5214]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1202.934447][ T5214]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1202.934487][ T5214]  __x64_sys_recvmmsg+0x198/0x250
[ 1202.934513][ T5214]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1202.934548][ T5214]  do_syscall_64+0x14d/0xf80
[ 1202.934567][ T5214]  ? trace_irq_disable+0x3b/0x150
[ 1202.934593][ T5214]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1202.934612][ T5214]  ? clear_bhb_loop+0x40/0x90
[ 1202.934636][ T5214]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1202.934655][ T5214] RIP: 0033:0x7fea80f9c799
[ 1202.934673][ T5214] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1202.934689][ T5214] RSP: 002b:00007fea81f3b028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1202.934709][ T5214] RAX: ffffffffffffffda RBX: 00007fea81215fa0 RCX: 00007fea80f9c799
[ 1202.934722][ T5214] RDX: 0000000000000001 RSI: 0000200000007340 RDI: 0000000000000004
[ 1202.934735][ T5214] RBP: 00007fea81f3b090 R08: 0000000000000000 R09: 0000000000000000
[ 1202.934747][ T5214] R10: 0000000000000040 R11: 0000000000000246 R12: 0000000000000001
[ 1202.934758][ T5214] R13: 00007fea81216038 R14: 00007fea81215fa0 R15: 00007fff232e7738
[ 1202.934789][ T5214]  </TASK>
[ 1203.043341][ T5218] netlink: 'syz.4.9682': attribute type 21 has an invalid length.
[ 1203.820791][ T5244] virt_wifi0 speed is unknown, defaulting to 1000
[ 1203.864453][ T5244] lo speed is unknown, defaulting to 1000
[ 1204.165899][ T5250] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1204.863321][T19191] Bluetooth: hci4: command tx timeout
[ 1204.886951][ T5267] __nla_validate_parse: 3 callbacks suppressed
[ 1204.886972][ T5267] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9700'.
[ 1205.015195][ T5280] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9701'.
[ 1205.036734][ T5282] FAULT_INJECTION: forcing a failure.
[ 1205.036734][ T5282] name failslab, interval 1, probability 0, space 0, times 0
[ 1205.055254][ T5282] CPU: 1 UID: 0 PID: 5282 Comm: syz.3.9704 Not tainted syzkaller #0 PREEMPT(full) 
[ 1205.055280][ T5282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1205.055292][ T5282] Call Trace:
[ 1205.055298][ T5282]  <TASK>
[ 1205.055307][ T5282]  dump_stack_lvl+0xe8/0x150
[ 1205.055334][ T5282]  should_fail_ex+0x412/0x560
[ 1205.055362][ T5282]  should_failslab+0xa8/0x100
[ 1205.055382][ T5282]  ? skb_clone+0x212/0x3a0
[ 1205.055402][ T5282]  kmem_cache_alloc_noprof+0x87/0x650
[ 1205.055418][ T5282]  ? __netlink_lookup+0xc6/0x8b0
[ 1205.055441][ T5282]  skb_clone+0x212/0x3a0
[ 1205.055462][ T5282]  __netlink_deliver_tap+0x404/0x850
[ 1205.055496][ T5282]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1205.055520][ T5282]  netlink_deliver_tap+0x19c/0x1b0
[ 1205.055544][ T5282]  netlink_unicast+0x7e3/0x9b0
[ 1205.055573][ T5282]  ? __pfx_netlink_unicast+0x10/0x10
[ 1205.055597][ T5282]  ? netlink_sendmsg+0x650/0xb40
[ 1205.055610][ T5282]  ? skb_put+0x11b/0x210
[ 1205.055630][ T5282]  netlink_sendmsg+0x813/0xb40
[ 1205.055653][ T5282]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1205.055671][ T5282]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1205.055696][ T5282]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1205.055717][ T5282]  ____sys_sendmsg+0x972/0x9f0
[ 1205.055743][ T5282]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1205.055768][ T5282]  ? import_iovec+0x73/0xa0
[ 1205.055800][ T5282]  ___sys_sendmsg+0x2a5/0x360
[ 1205.055823][ T5282]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1205.055870][ T5282]  ? __fget_files+0x2a/0x420
[ 1205.055892][ T5282]  ? __fget_files+0x3a0/0x420
[ 1205.055922][ T5282]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1205.055943][ T5282]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1205.055969][ T5282]  ? __pfx_ksys_write+0x10/0x10
[ 1205.055996][ T5282]  do_syscall_64+0x14d/0xf80
[ 1205.056013][ T5282]  ? trace_irq_disable+0x3b/0x150
[ 1205.056035][ T5282]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1205.056051][ T5282]  ? clear_bhb_loop+0x40/0x90
[ 1205.056075][ T5282]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1205.056091][ T5282] RIP: 0033:0x7f946d19c799
[ 1205.056106][ T5282] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1205.056119][ T5282] RSP: 002b:00007f946e04a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1205.056138][ T5282] RAX: ffffffffffffffda RBX: 00007f946d415fa0 RCX: 00007f946d19c799
[ 1205.056150][ T5282] RDX: 0000000000000700 RSI: 00002000000021c0 RDI: 0000000000000003
[ 1205.056160][ T5282] RBP: 00007f946e04a090 R08: 0000000000000000 R09: 0000000000000000
[ 1205.056170][ T5282] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1205.056180][ T5282] R13: 00007f946d416038 R14: 00007f946d415fa0 R15: 00007fff93c6ce18
[ 1205.056205][ T5282]  </TASK>
[ 1205.072973][ T5280] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1205.373016][ T5280] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1205.454902][ T5290] netlink: 20 bytes leftover after parsing attributes in process `syz.0.9706'.
[ 1205.474135][ T5290] netlink: 16 bytes leftover after parsing attributes in process `syz.0.9706'.
[ 1205.534908][ T5288] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9707'.
[ 1205.566714][ T5288] netlink: 'syz.3.9707': attribute type 13 has an invalid length.
[ 1205.578384][ T5292] netlink: 211856 bytes leftover after parsing attributes in process `syz.4.9708'.
[ 1206.014077][ T5310] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[ 1206.040493][ T5305] netlink: 'syz.4.9713': attribute type 13 has an invalid length.
[ 1206.068910][ T5310] syzkaller0: entered promiscuous mode
[ 1206.089730][ T5310] syzkaller0: entered allmulticast mode
[ 1206.109913][ T5311] netlink: 'syz.3.9715': attribute type 5 has an invalid length.
[ 1206.133272][ T5305] A link change request failed with some changes committed already. Interface teql0 may have been left with an inconsistent configuration, please check.
[ 1206.370199][ T5313] virt_wifi0 speed is unknown, defaulting to 1000
[ 1206.399332][ T5313] lo speed is unknown, defaulting to 1000
[ 1206.927341][ T5338] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1206.964722][ T5339] netlink: 12 bytes leftover after parsing attributes in process `syz.0.9720'.
[ 1207.044722][ T5340] SET target dimension over the limit!
[ 1207.057059][ T5339] netlink: 1010 bytes leftover after parsing attributes in process `syz.0.9720'.
[ 1207.101380][ T5339] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[ 1207.112133][ T5344] netlink: 16 bytes leftover after parsing attributes in process `syz.0.9720'.
[ 1207.184653][ T5346] netlink: 44 bytes leftover after parsing attributes in process `syz.1.9725'.
[ 1207.258141][ T5346] netlink: 'syz.1.9725': attribute type 5 has an invalid length.
[ 1207.320626][ T5353] syzkaller0: entered promiscuous mode
[ 1207.346013][ T5353] syzkaller0: entered allmulticast mode
[ 1207.497205][ T5359] netlink: 'syz.3.9730': attribute type 6 has an invalid length.
[ 1207.615238][ T5362] macvtap0: mtu less than device minimum
[ 1207.814606][ T5368] virt_wifi0 speed is unknown, defaulting to 1000
[ 1207.822852][ T5368] lo speed is unknown, defaulting to 1000
[ 1207.892911][ T5373] Bluetooth: MGMT ver 1.23
[ 1208.502277][   T12] ------------[ cut here ]------------
[ 1208.507939][   T12] conntrack cleanup blocked for 60s
[ 1208.507971][   T12] WARNING: net/netfilter/nf_conntrack_core.c:2512 at nf_conntrack_cleanup_net_list+0x234/0x340, CPU#0: kworker/u8:0/12
[ 1208.526088][   T12] Modules linked in:
[ 1208.530541][   T12] CPU: 0 UID: 0 PID: 12 Comm: kworker/u8:0 Not tainted syzkaller #0 PREEMPT(full) 
[ 1208.539926][   T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1208.552239][   T12] Workqueue: netns cleanup_net
[ 1208.557335][   T12] RIP: 0010:nf_conntrack_cleanup_net_list+0x234/0x340
[ 1208.565599][   T12] Code: 08 48 89 df e8 ed 16 65 f8 4c 8b 3b 49 39 df 74 69 e8 b0 d4 fa f7 45 31 e4 e9 8e fe ff ff e8 a3 d4 fa f7 48 8d 3d fc a7 55 06 <67> 48 0f b9 3a eb c0 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c cd fe ff
[ 1208.586268][   T12] RSP: 0018:ffffc900001178b0 EFLAGS: 00010293
[ 1208.592469][   T12] RAX: ffffffff89cacc5d RBX: ffffc90000117a50 RCX: ffff88801d2e8000
[ 1208.600645][   T12] RDX: 0000000000000000 RSI: fffffffffffffffe RDI: ffffffff90207460
[ 1208.609730][   T12] RBP: 0000000000000006 R08: ffff88805b03c003 R09: 1ffff1100b607800
[ 1208.617805][   T12] R10: dffffc0000000000 R11: ffffed100b607801 R12: 0000000000000001
[ 1208.627084][   T12] R13: dffffc0000000000 R14: 0000000100016231 R15: 0000000100016233
[ 1208.635483][   T12] FS:  0000000000000000(0000) GS:ffff888125461000(0000) knlGS:0000000000000000
[ 1208.644978][   T12] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1208.651584][   T12] CR2: 00007ffc0cdb80f8 CR3: 00000000a4420000 CR4: 00000000003526f0
[ 1208.659683][   T12] Call Trace:
[ 1208.664213][   T12]  <TASK>
[ 1208.667203][   T12]  ? __pfx_nf_conntrack_pernet_exit+0x10/0x10
[ 1208.674285][   T12]  ops_undo_list+0x52b/0x940
[ 1208.678932][   T12]  ? __pfx_ops_undo_list+0x10/0x10
[ 1208.684242][   T12]  ? idr_destroy+0x218/0x290
[ 1208.686768][ T5397] FAULT_INJECTION: forcing a failure.
[ 1208.686768][ T5397] name failslab, interval 1, probability 0, space 0, times 0
[ 1208.688962][   T12]  ? do_raw_spin_unlock+0xf5/0x210
[ 1208.707871][   T12]  cleanup_net+0x56b/0x800
[ 1208.712334][   T12]  ? __pfx_cleanup_net+0x10/0x10
[ 1208.717418][   T12]  ? process_scheduled_works+0xa8d/0x18c0
[ 1208.720672][ T5397] CPU: 1 UID: 0 PID: 5397 Comm: syz.1.9743 Not tainted syzkaller #0 PREEMPT(full) 
[ 1208.720698][ T5397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1208.720711][ T5397] Call Trace:
[ 1208.720720][ T5397]  <TASK>
[ 1208.720729][ T5397]  dump_stack_lvl+0xe8/0x150
[ 1208.720762][ T5397]  should_fail_ex+0x412/0x560
[ 1208.720798][ T5397]  should_failslab+0xa8/0x100
[ 1208.720824][ T5397]  ? dst_alloc+0x105/0x170
[ 1208.720850][ T5397]  kmem_cache_alloc_noprof+0x87/0x650
[ 1208.720874][ T5397]  ? __pfx_ip6_dst_gc+0x10/0x10
[ 1208.720998][ T5397]  dst_alloc+0x105/0x170
[ 1208.721027][ T5397]  ip6_rt_cache_alloc+0x3c3/0xa50
[ 1208.721090][ T5397]  ? __pfx_ip6_rt_cache_alloc+0x10/0x10
[ 1208.721125][ T5397]  ip6_pol_route+0x117d/0x13d0
[ 1208.721149][ T5397]  ? ip6_pol_route+0x160/0x13d0
[ 1208.721175][ T5397]  ? __pfx_ip6_pol_route+0x10/0x10
[ 1208.721203][ T5397]  ? __lock_acquire+0x6b5/0x2cf0
[ 1208.721238][ T5397]  fib6_rule_lookup+0x36b/0x730
[ 1208.721300][ T5397]  ? __pfx_ip6_pol_route_output+0x10/0x10
[ 1208.721325][ T5397]  ? __pfx_fib6_rule_lookup+0x10/0x10
[ 1208.721347][ T5397]  ? vsnprintf+0xe1a/0xee0
[ 1208.721392][ T5397]  ip6_route_output_flags+0x364/0x5d0
[ 1208.721417][ T5397]  ? ip6_route_output_flags+0x2e/0x5d0
[ 1208.721445][ T5397]  ip6_dst_lookup_tail+0x1c3/0x15a0
[ 1208.721534][ T5397]  ? __pfx_ip6_dst_lookup_tail+0x10/0x10
[ 1208.721563][ T5397]  ? txopt_get+0x79/0x3f0
[ 1208.721607][ T5397]  ? txopt_get+0x79/0x3f0
[ 1208.721623][ T5397]  ? txopt_get+0x79/0x3f0
[ 1208.721642][ T5397]  ? txopt_get+0x343/0x3f0
[ 1208.721672][ T5397]  ? __pfx_txopt_get+0x10/0x10
[ 1208.721694][ T5397]  ip6_dst_lookup_flow+0x47/0xe0
[ 1208.721726][ T5397]  rawv6_sendmsg+0xe1d/0x18e0
[ 1208.721757][ T5397]  ? __pfx_rawv6_sendmsg+0x10/0x10
[ 1208.721789][ T5397]  ? aa_sk_perm+0x6d5/0x900
[ 1208.721825][ T5397]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1208.721854][ T5397]  ? sock_rps_record_flow+0x19/0x350
[ 1208.721878][ T5397]  ? inet_sendmsg+0x2f4/0x370
[ 1208.721896][ T5397]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1208.721923][ T5397]  ____sys_sendmsg+0x80a/0x9f0
[ 1208.721954][ T5397]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1208.721985][ T5397]  ? import_iovec+0x73/0xa0
[ 1208.722010][ T5397]  ___sys_sendmsg+0x2a5/0x360
[ 1208.722038][ T5397]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1208.722065][ T5397]  ? kstrtouint+0x6e/0xe0
[ 1208.722116][ T5397]  ? __fget_files+0x2a/0x420
[ 1208.722159][ T5397]  ? __fget_files+0x3a0/0x420
[ 1208.722195][ T5397]  __sys_sendmmsg+0x27c/0x4e0
[ 1208.722223][ T5397]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1208.722243][ T5397]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[ 1208.722290][ T5397]  ? ksys_write+0x242/0x270
[ 1208.722313][ T5397]  ? __pfx_ksys_write+0x10/0x10
[ 1208.722340][ T5397]  __x64_sys_sendmmsg+0xa0/0xc0
[ 1208.722365][ T5397]  do_syscall_64+0x14d/0xf80
[ 1208.722383][ T5397]  ? trace_irq_disable+0x3b/0x150
[ 1208.722410][ T5397]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1208.722431][ T5397]  ? clear_bhb_loop+0x40/0x90
[ 1208.722454][ T5397]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1208.722473][ T5397] RIP: 0033:0x7f7610f9c799
[ 1208.722491][ T5397] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1208.722508][ T5397] RSP: 002b:00007f7611dbc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1208.722528][ T5397] RAX: ffffffffffffffda RBX: 00007f7611215fa0 RCX: 00007f7610f9c799
[ 1208.722542][ T5397] RDX: 0000000000000002 RSI: 0000200000000580 RDI: 0000000000000007
[ 1208.722554][ T5397] RBP: 00007f7611dbc090 R08: 0000000000000000 R09: 0000000000000000
[ 1208.722566][ T5397] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1208.722578][ T5397] R13: 00007f7611216038 R14: 00007f7611215fa0 R15: 00007fff20e33808
[ 1208.722609][ T5397]  </TASK>
[ 1208.734271][ T5397] netlink: 'syz.1.9743': attribute type 4 has an invalid length.
[ 1208.742968][   T12]  ? process_scheduled_works+0xa8d/0x18c0
[ 1208.850315][ T5399] IPv6: NLM_F_REPLACE set, but no existing node found!
[ 1208.852374][   T12]  process_scheduled_works+0xb6e/0x18c0
[ 1208.852435][   T12]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1209.130686][   T12]  ? assign_work+0x3d5/0x5e0
[ 1209.135414][   T12]  worker_thread+0xa53/0xfc0
[ 1209.140063][   T12]  kthread+0x388/0x470
[ 1209.144263][   T12]  ? __pfx_worker_thread+0x10/0x10
[ 1209.149416][   T12]  ? __pfx_kthread+0x10/0x10
[ 1209.154143][   T12]  ret_from_fork+0x51e/0xb90
[ 1209.158776][   T12]  ? __pfx_ret_from_fork+0x10/0x10
[ 1209.164011][   T12]  ? __switch_to+0xc7d/0x1450
[ 1209.168783][   T12]  ? __pfx_kthread+0x10/0x10
[ 1209.173479][   T12]  ret_from_fork_asm+0x1a/0x30
[ 1209.179620][   T12]  </TASK>
[ 1209.182682][   T12] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1209.189984][   T12] CPU: 0 UID: 0 PID: 12 Comm: kworker/u8:0 Not tainted syzkaller #0 PREEMPT(full) 
[ 1209.199295][   T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1209.209378][   T12] Workqueue: netns cleanup_net
[ 1209.214237][   T12] Call Trace:
[ 1209.217604][   T12]  <TASK>
[ 1209.220536][   T12]  vpanic+0x56c/0xa60
[ 1209.224532][   T12]  ? __pfx__printk+0x10/0x10
[ 1209.229132][   T12]  ? __pfx_vpanic+0x10/0x10
[ 1209.233645][   T12]  ? is_bpf_text_address+0x292/0x2b0
[ 1209.238935][   T12]  ? is_bpf_text_address+0x26/0x2b0
[ 1209.244145][   T12]  panic+0xc5/0xd0
[ 1209.247871][   T12]  ? __pfx_panic+0x10/0x10
[ 1209.252298][   T12]  ? ret_from_fork_asm+0x1a/0x30
[ 1209.257245][   T12]  __warn+0x315/0x4f0
[ 1209.261235][   T12]  ? nf_conntrack_cleanup_net_list+0x234/0x340
[ 1209.267397][   T12]  ? nf_conntrack_cleanup_net_list+0x234/0x340
[ 1209.273568][   T12]  __report_bug+0x29a/0x540
[ 1209.278179][   T12]  ? __lock_acquire+0x6b5/0x2cf0
[ 1209.283392][   T12]  ? nf_conntrack_cleanup_net_list+0x234/0x340
[ 1209.289738][   T12]  ? __pfx___report_bug+0x10/0x10
[ 1209.294954][   T12]  ? nf_conntrack_cleanup_net_list+0x13e/0x340
[ 1209.301129][   T12]  report_bug_entry+0x19a/0x290
[ 1209.306003][   T12]  ? nf_conntrack_cleanup_net_list+0x234/0x340
[ 1209.312267][   T12]  ? nf_conntrack_cleanup_net_list+0x239/0x340
[ 1209.318429][   T12]  handle_bug+0xce/0x200
[ 1209.322674][   T12]  exc_invalid_op+0x1a/0x50
[ 1209.327180][   T12]  asm_exc_invalid_op+0x1a/0x20
[ 1209.332036][   T12] RIP: 0010:nf_conntrack_cleanup_net_list+0x234/0x340
[ 1209.338996][   T12] Code: 08 48 89 df e8 ed 16 65 f8 4c 8b 3b 49 39 df 74 69 e8 b0 d4 fa f7 45 31 e4 e9 8e fe ff ff e8 a3 d4 fa f7 48 8d 3d fc a7 55 06 <67> 48 0f b9 3a eb c0 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c cd fe ff
[ 1209.358620][   T12] RSP: 0018:ffffc900001178b0 EFLAGS: 00010293
[ 1209.364695][   T12] RAX: ffffffff89cacc5d RBX: ffffc90000117a50 RCX: ffff88801d2e8000
[ 1209.372667][   T12] RDX: 0000000000000000 RSI: fffffffffffffffe RDI: ffffffff90207460
[ 1209.380643][   T12] RBP: 0000000000000006 R08: ffff88805b03c003 R09: 1ffff1100b607800
[ 1209.388627][   T12] R10: dffffc0000000000 R11: ffffed100b607801 R12: 0000000000000001
[ 1209.396614][   T12] R13: dffffc0000000000 R14: 0000000100016231 R15: 0000000100016233
[ 1209.404597][   T12]  ? nf_conntrack_cleanup_net_list+0x22d/0x340
[ 1209.410786][   T12]  ? __pfx_nf_conntrack_pernet_exit+0x10/0x10
[ 1209.416945][   T12]  ops_undo_list+0x52b/0x940
[ 1209.421552][   T12]  ? __pfx_ops_undo_list+0x10/0x10
[ 1209.426669][   T12]  ? idr_destroy+0x218/0x290
[ 1209.431282][   T12]  ? do_raw_spin_unlock+0xf5/0x210
[ 1209.436403][   T12]  cleanup_net+0x56b/0x800
[ 1209.440830][   T12]  ? __pfx_cleanup_net+0x10/0x10
[ 1209.445773][   T12]  ? process_scheduled_works+0xa8d/0x18c0
[ 1209.451504][   T12]  ? process_scheduled_works+0xa8d/0x18c0
[ 1209.457231][   T12]  process_scheduled_works+0xb6e/0x18c0
[ 1209.462816][   T12]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1209.468822][   T12]  ? assign_work+0x3d5/0x5e0
[ 1209.473441][   T12]  worker_thread+0xa53/0xfc0
[ 1209.478067][   T12]  kthread+0x388/0x470
[ 1209.482139][   T12]  ? __pfx_worker_thread+0x10/0x10
[ 1209.487258][   T12]  ? __pfx_kthread+0x10/0x10
[ 1209.491942][   T12]  ret_from_fork+0x51e/0xb90
[ 1209.496550][   T12]  ? __pfx_ret_from_fork+0x10/0x10
[ 1209.501669][   T12]  ? __switch_to+0xc7d/0x1450
[ 1209.506353][   T12]  ? __pfx_kthread+0x10/0x10
[ 1209.510944][   T12]  ret_from_fork_asm+0x1a/0x30
[ 1209.515729][   T12]  </TASK>
[ 1209.519029][   T12] Kernel Offset: disabled
[ 1209.523347][   T12] Rebooting in 86400 seconds..