last executing test programs:

2.876045405s ago: executing program 3 (id=22675):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x15}, @NFTA_CT_DREG={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x0)
sendmsg$IPCTNL_MSG_EXP_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x58, 0x1, 0x2, 0x101, 0x0, 0x0, {0xa}, [@CTA_EXPECT_ZONE={0x6}, @CTA_EXPECT_MASTER={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x58}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000710443000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e22, 0x800, @dev={0xfe, 0x80, '\x00', 0xf}, 0x7}, 0x1c)
setsockopt$inet6_int(r2, 0x29, 0x1a, 0x0, 0x0)

2.713320792s ago: executing program 3 (id=22677):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r0, &(0x7f0000001240)=[{{0x0, 0x0, &(0x7f0000001dc0)=[{&(0x7f0000000140)="91f8a9849519def28691bbc4173c3d6f357d0272b7319130feaab952ac4703cad04be68907e50e997fc26e4c91ea4feb931647fc5393de25000000000000000000", 0x41}, {&(0x7f0000000e80)="44900000000056ee66c372f3105eb186dd8062fad2d5b5bfb0ba06f274a8d026bd209da8ffa6a26e3b3f8075704a9d0ef9aff7f1", 0x34}, {&(0x7f00000003c0)="641a6a2b863c0dd898013a3f97a834ebb75a925ab48c", 0x16}, {&(0x7f00000001c0)="985e44efeabe", 0x6}], 0x4}}, {{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000b80)="f77d2b5dd5f7d74f0748cf3d2cf218d644566a14103b1c7dd35fd2951bd022f10f2dc7f4ce0d8ac5f4abaca4b97b706153756913b7dd48248b5bfb10460019248bf238743fa2aeb5bef21ce832db670920dc5e911ef2ad63e849901d1001129dbacbfd4924d7545517", 0x69}, {&(0x7f0000000d00)="31cef842d9c50636f60fc0cfdac56c75f1687f0c56287423f5eed69f11", 0x1d}], 0x2}}], 0x2, 0x2090)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendmmsg$inet(r0, &(0x7f0000004240)=[{{0x0, 0x0, &(0x7f0000001440)=[{&(0x7f00000011c0)="a2587becf7e1e085649ac6104204d09ecb05a13f146abe945049f4aed9c9a8f72403f43f534b88eb66ed092b4a78e4344ec26b04c7fb5f4fb5e9a591f786f632305fc2aa", 0x44}], 0x1}}, {{0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f0000001780)="d1ef1bb59f70ec9b719b1589c8f3d0678afd96", 0x13}, {&(0x7f00000017c0)="dad5b14f2f8f950502cf28805d8714f935c655d7ea96bc", 0x17}, {&(0x7f0000001800)="e9d7b200bf6ecf325e1a9c0dccd8c357998ad687717f392aab546e2ad010fb16c3120d5c20a62654dfa7da737faea449d323a40f6b39ce3ccea07331a90678979abfde57efde701f4c14b7897b8ef0530b2eecee7536d3c0186c646980b6c78eaf6f4d9d55d211f1d5a38fe9f95f95e72127a07b02bd5f5b3bcb265680ae107e6cf387fb56fca7ecd4e7257f1dc5a9ac14a40036a3f8675e691f6f6e9067617ffa6045157cf5b7562f68838b5e13843d24469663f76355633256edfdebaeee1320c3303b3d6a06113505045fb3ec9be769234a276ebec1707dae5cde125d22383405763a724ee1cfe93b3d4542c820725eddbe4be04ea031d732", 0xfa}, {&(0x7f0000001900)="8d70e326292a261d6ca941faf3ba88cde8f3f0ca51f1f4f3513ef8a82be6d9e2bad67c0a7a216788451d6641dcdedf7b1cc6d649900d5cd0d53094cfa788f6ee59c75b64", 0x44}], 0x4, &(0x7f0000001a40)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x2}}], 0x18}}, {{0x0, 0x0, &(0x7f0000004180)=[{&(0x7f0000002f00)="5f97b46d7adb8b68ff35da0f147fef1c6c6c60db5c1fb54496a27c9eeb14cf97ceed1ac5e9d95d093d6400f4996e3c5f73fa7edad49015f697bdc1a17f731cd7b4e404954a2fbc069f73e9fa86cab27babb16a9004571326e20d84cb662973ba616c4ba4126e45ad1a7230b6c86c600a3dd01872c0f5823fadc0eb8b73f3d98c63881cd2131d63411f51e40a122182507d2d4be44f5fdec44f415e3448ebda832a6831bbd48324e11fe96400d92fae40f4a9ed9f376c56e6c6c703fe76dac9c3b4aed05a81b2b2adadc3e2ba8fd5cfc361420e61014782eeb5a921fd042bdc9cbfff5dac3df5711d5710e1d0a11d6e637dddd79ccd700dbc4924e22f8a50f0f43b6082b706c748e6d552178aa8d5959d8a3a175bf1d2b61b363fbad94b53505fb7ac302a0dec14a19141120d958b484f6e5e6f087267680eecfc91d11295a6bbd062cb7c99299681481a9ee65f157852aa46b21936e52611dbd9a8019b7566ec79b5fe8db94259c20842af9384aaf33dfafd15bb97d051743f467399caa4ee74394664c3de94449b4597bb90787c75a468f320be5e8faa11d13b589231eca2f9f4072cd44f0a1cbc874233a71901f5e027fc301caeadbe77f76206257f006e483b6b78b9319b57399a0f736f01df368726ee362c6224aaef36cff42bf221a2e03fb153bcdc240b594b22a043adc163f9004ed1ef0f152f0d960a58a18d709236df500abd672436b916c67c7e6fe7508530fe05b040c7cbeb2645f43259f3a142583a3051ea146281b901f732ba819f84050007c5f07e3848ddb7de602171525c", 0x240}], 0x1}}], 0x3, 0x40000)

1.844823893s ago: executing program 3 (id=22688):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000940)=@newtfilter={0x150, 0x2c, 0xd27, 0x70bd25, 0xa000, {0x0, 0x0, 0x0, r4, {0xe, 0x7}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x120, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS_MASK={0x8, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x4}]}, @TCA_FLOWER_KEY_ENC_OPTS={0x1c, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x5}]}, @TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0xc, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x49}]}]}, @TCA_FLOWER_KEY_ICMPV6_TYPE_MASK={0x5}, @TCA_FLOWER_KEY_ENC_OPTS_MASK={0xd4, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0xfffffffffffffe5a, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x3000000}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0xc00}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0xfffffffffffffd75, 0x1, 0xff}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x2}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x9}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0xffffffc0, 0x1, 0x5ac}]}, @TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x2c, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x86}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x6}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x6}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x8}]}, @TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0xc, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x4}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x2c, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x5}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0x8}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x8}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x1}]}, @TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x24, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_DIR={0x5, 0x3, 0x8}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x7fffffff}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0xc, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0xb5}]}]}, @TCA_FLOWER_KEY_ARP_THA={0xa, 0x41, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x37}}, @TCA_FLOWER_KEY_TCP_SRC={0x6}, @TCA_FLOWER_KEY_ENC_IPV4_SRC={0x8, 0x1b, @local}]}}]}, 0x150}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x3, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0x7fff}}]}, 0x38}}, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x1, 0x3}, {}, {0x8, 0xfff1}}}, 0x24}}, 0x40004)
r9 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=@deltfilter={0x24, 0x2d, 0x400, 0x70bd27, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0xf, 0x6}, {0x2, 0x3}, {0xb, 0xfff2}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@newlink={0x40, 0x10, 0x300, 0x0, 0x0, {0x7a}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERY_INTVL={0xc, 0x21, 0x80}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x34041043}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00"], 0x50}}, 0x4008840)
r10 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r10, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r11 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r12=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r12, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), r8)

1.72391572s ago: executing program 3 (id=22690):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f00000001c0), 0x8)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback, 0x8}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000001140)=[{{&(0x7f0000000580)={0xa, 0x4e23, 0x1, @loopback={0x300}}, 0x1c, &(0x7f00000006c0)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x8020)

1.432574094s ago: executing program 1 (id=22698):
sendmsg$NFNL_MSG_CTHELPER_NEW(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000006c0)={0x4c, 0x0, 0x9, 0x5, 0x0, 0x0, {0x1}}, 0x4c}}, 0x800)
sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000d40)={0x14, 0x0, 0x4, 0x0, 0x25dfdbfe}, 0x14}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x1c}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0xbe8}, {&(0x7f00000007c0)=""/154, 0x8}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

1.425359094s ago: executing program 0 (id=22699):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000180)=ANY=[], 0x8)
connect$inet6(r0, &(0x7f00000004c0)={0xa, 0x0, 0x0, @empty, 0x3}, 0x1c)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="38000000031401003b8a7000fcdbdf250900020073797a32000000000800410073707700140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x810)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10)
sendto$inet6(r0, &(0x7f0000000340)="8fcab001a736113c629cb941a4ac12c3634bf2258eeef85b", 0x18, 0x4000000, 0x0, 0x0)

1.366602916s ago: executing program 1 (id=22700):
r0 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000a80)={0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000300)="66d8", 0x2}], 0x1}, 0x20000014)
sendmsg$kcm(r0, &(0x7f0000002100)={0x0, 0x0, 0x0}, 0x20004000)
r1 = socket(0x2, 0x1, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, 0x0, 0x0)
sendmsg$inet6(r1, &(0x7f0000000200)={&(0x7f0000000000)={0xa, 0x4e20, 0x80000000, @private0={0xfc, 0x0, '\x00', 0x1}, 0xd}, 0x1c, &(0x7f0000000040)=[{&(0x7f0000000ac0)="f130c74cb7bed6058cc1468fdb6fa5190bd37fc124bcfdbba873a1e752424c9ca0edde7867304da7355954d90223b8e5b103738d8c2f59e55c77b7c1d7c765be8a09329506e2242bffb66308a33424930c935775de4737e74a4a5b88d3fb2a2a0460af864e7adf57299471d1ebc7bc59407490aa24bfc2d8059c574b06a1efa3471e64c96cf991083c0b68335d6f5770b81b78a686a8fc14381776bc8f994e98392962cfceab55e8fb0af5f25a93172feda1777265862b9e68274a22585e070bb43682b14129dbf187585ea01193a086ee0613c0f57e0f0592940e609ff96b4053126ce81bfbb81e6e8828817ab124daee1ee5439d577188cb30683ab6cc03da3d798206e141ad2310412200e3b29a53d78738abbd3d0a3dd964fac511256e7469119227fb826a6e608e823e5367bba22b1c4c40792f50d61d839ac8cf5b14fd21e385fe1a4ae5726dab790790f5376145880a0d31870e073fadd50a1a627ae3d10ae45a0d4641ab7047dfe05d7f44c1d473775c8a4f4d3472a872074e0323a9a6e8571c16ec4477af8040e0a89e7acd4d277de0bc4c34ae91cb4317e79aa003351c3580d1a32b9ed5524d698f9469cf4b26aa2c0d99bca21f71ff6a1eb6eac73c1661e09cb052da52a77a7c9355aa57face6b5cf4b519366940a676a675c9f7147ccfe88f9d0323caaafe55cdb19de861a6a341f64f02a06502cb47155380d8d2124fe1884cb6ae818a0efc3bb4a4f6a3f5be1271394a4c3d70ea6fcbc63ff5e74f704fd64e4a2f284d05eb93d676275a8886d47909e9e9f21f59a9faf3e654bec4918365b223d63970b62eecc0095ff63945c04846a04ac008a7e101e41628920cd5c1cc088c9bc8853cb179c07c86b651cc09160b01e91f112e3223a91ce5aeb2ecde8cd8f7828dc681742a06e9d4ac1975e34b70d2a1ef674218a70e5d04d680bc83c3e1783465f5d4e64c0c2dac968c9114c7098a75e931db2064b9be6d2ffbadf9a6edf1e6379043eb32da102b3bccc086a05f885777aaf3801d83f9f2755e97d75585bd5641d27303e6fde581128d2256918cb23b3b41668eee1b49d711c47571ec4b38fdab5bf526db2c826d7a4984b468b3eb1ed5cbad675b42bf582d25a6003c4c2bd1a59c10fb036c4c2efbfb0f66cee554ddc436ada5e5ff17ca39c670a2cf322857721ba1d45b1fcdd573a3072fdbd73aef06a2aa6cfbf09b46d8783f2701f66ab08ce3098a939c38edafcbb893ffd74666ffc34b4dd7e835e6974978c78b807a6177a14f819adf4c4701faf3650eddae1506278f51d03f040bb83118902d31e33f4c686fd20dde6fa28de18eee0bd2e8b7e13affee49c6effeb77be69f5a08b5fabcc912389fa97a92e1a6573749f321638eaa9891ee5683b71392e9d773e5d638d8b88b9c1f98504619f33f54248a344f2185e95b9d87011a9e480df4f9bc2a888e89aaf52257ea95febcf0830aa9ed576fabc613ddc5f3be83dc2a2065ba8e3ec64f4840bd0599b92698819bb5568295114b13b770cd6360aacbe49e03d1081e87c38b7a5682e77970dc0866f1d1d28d5a3d62b627dbf7a0e7c2858f7c9185bc7a159fe5219fe73e3b978bb1614c42a8207653d551d391203d201a8ee14a066fb305afde244e0f8f6e1e1df2d1756a6c81d14b497580340a0c937e591831b3e885bc567c11d99ffa44fef161d7cd7ca448f44971b7230702af63a25bf6976db13d1dec79aec54ca64f8484fdab5bf2d40cebfb36e1bb8f2945cd84e4104076af2a0f1fc398d82b30d1897535474587c6a01ad032aa7c9d27c7d57702359cbe9945f56c3568ca3497a7305cd4fd833213ba69a90faee1c41990acb59770fb8f25e7b296f8eeedf02f8b4462cb7fed1205e9b9d066c3b6f80f18be6fd72073acc467854ff9b5554f76edcc21752ab60d4460ed517a96a05af93de64ef5b229ce7ee84f633de3a94972ea6b77ed4367b05a87277cfa28e0f81463e298c8fd8d1ee744317256419d018d1b4c86e8743627cba661aa94de3b184956dfc1ec24facddc8722a5a6684355a7ae13c25a305321b98b2f29526cac2077738425f357417e0887527edd0df011b7cd68f7a2323cfd6d74886bc362e3ace4efc84c107e25bd69765b6c95152e039023393393c1be557dd6ba60ef029de3e461ea1aa3662a84d32e0feddd111a1f2b0955c382d41d549fd345e3b5fc57c9eb138ecfb6ddb27eefddcca149b92974a6c0e8e3fe8b925f1dcf7f43854f71a504c1741bd5b05626eabd7456effe14fd11025712936154c3cd4a51e1ec81b670edbefbc11b32553f9bcd0be374d1803559b52e69589e9f813d29ae634103d768cc4e148cdca8d1a676aad0673900c19a1face57d4e1e8022303358e9e223a5feac59ffeb8aba7d55ae8f32dc0017c6b589255e46b3bef7872719ead8cc8260e43d6a33a33eebb50f9bce2a154af154ea5b0fff35873f9ae99f7fda27cfb09f114ed8e7f7d9ec39acb1722467901172731a020cba1d85e8923e3bc1a5e2164a381023a2924cc474a7db392d3672c8a19728e2534bf170e2cecdc77881a501181ccf8eacb0ba1942ce92bdbfbe927b49fd1970978b7b12cf868adad80283054852ba7445ccf33f01418a2dee42dc5d7aa1768e37a9631a371cc6048da6016c9c3cc4e6795a47301fed08c2b68749b7b54e171d1acfbe9f6469f904771b9156969ac6056bc5da542dc568f0bfa7512ef406f310b1df0ccabad68f307b362bf0f8d1b2dd1cbc9dc2ca448ab682519e38731bec797b751641c7c1b59ce0ac73a072bff2707453f8dd8d7570777d28bc76cbd3cea8e221e7a69b1097c24b253d2bea684e3ea8c733145d822ed0f130696db22d2c9b5ecf6b0f130452131db845cb2abbc9fac3f9de1752c41960e0680d266cf1e624e5fcc3a0e62e320a627fa21ee8190bad0847a333efeb561f46558f9512d0e937864ee2f716af431b29832176272dede1bca70aa0cf39fde6476e18b109d976f3a8d88eb2947e17448ede4579415e0360a9da108d9f0b4bd6f16ab81b8bc74519aafb2e6585bfc14da66c83a180a161a6edd1ad711d5346c5a6c1d4baca3c5baee969506cb44b95e83344f6c2d4f9c7682c879063f0a59404876b343fed0ad309f0af1ef285988edb976fd255a960dae73a96a76b80638ec07f557df4d5cb7521d9cdf2985eca9e1fdabe2b93de9822e235bfcab84c12bb672a8526ffc5091534bbf7e6b3368db586bad3540e6b5e862c86e989e864c29384f01dd00c81b3e1284076b8d59f7ade0439adeb6e0aa95c1ac724e878b081fd5c20ad71f60944290ae38f863d1c8e6a304716062ea661a8d12f5f3a1ca3c8216782b99493e9422ff99cd92df2320e74be8b298562e919fc1885f49d025a70b8447a00a7e710694057ac9a4bf25c6dd3c357966bd1385a56f1c964157133177c810c39e7cc9f9a11f93168e37cf8a82e1ec829c61d0d84b0a07bdda852ad3f78832b10a171644b88ff128fa2c87fb7a921aa88d7d07cb1f04d6438e03ee08d5a4562e12688a3c17ef5b7f8350cd4796806dc11ab148e9cd0e0e6b3211f5dc7bb5ec72bed1f99d2a9d3c24189858fdc43369d55751ed078e731f159b9b1f8c04438d8580cc82a57d801a19d2b51aa195e743063be42cb7423557b3953454b10f15c2cf524b642d8523e3bafca8389474349815ed85b5f5882d2d216a4e4bf4a5e5b61b083b85bd3fc07a19a6e4e21f5db3f20c885bf4eb23df3f37af17fb74c6e55279850f154d03de215489583318c7b1bc41d1f8f011c17499e4fcd3adeb38d1919e62c7ea12292dc3fac5b2c207732a5052daf0ffa8c7ccda13b09b3b6f58e758de0dad0f783785979098f3dd1c48307617189e3cf68ac31d9221d42d3cb8d9b8c63a46398c1ca9a48929d65fda2db01b1e683a72905676cc7646a53601b3f0ec7b0cb7650ea4ab94a371fd66af2afefa2bdeec119603ad55b53a47a2a23e0caa2d2956228a482d7e10f4c3f49869cdba7abaeb528053f12984908abb539daddcaae57940e4195fd226dd1b210e92fcc1b5788024f64ba87fd0668169644af6ecea85d9e64748c3ec9b8cada7275d1192fb6beef17e2ff83f12a83d211b479cb5cf0d4067230da7d6aab5091f99651a80313075a9bb0ea0506fdc145052fe99bc8351428d42a27fad9258ceac848e3d4301f14d3e04af4c13b7ac9fef442deb55f9ac098522a8618a7ce2e3cc12bb4199f1243c4eaf49cfe4d170ceaae8909fe0708589a4c10bf58cc25157aafa78fe432f834ddbeeeb394fe5e04d17d7a23e73a99b322413afe99d5abe162fc8e3907388eced9fb018bc597f38acc15e376dbff442e530da1604d65fd1b2432d3458b527aa3121419f1e610c24d2ccca4cbffbdcd335277a7faf60bcd56dd251d3fb6ee75c2e630de217cb0448d2f79cb48f6f8087721d5f8387dc9878bf7f2d97b4cc443c62e164ca67d978369c29bb6ada9713b7ee947efe4a1201c7c2dec6f29a92e1a33a07a968656b7bef09ba1ebf27d9e27ca4932edef26b4d0814a8d48786bf9a190738057fdf9117d0a4c3527a34584b4d870a7dd52955ca9c9eaf3d081fe7ee4590f4b8f1d7993994ee6883080dcb2ef04979428d6b146e39a3e7729a5cd1b27985ab663595ea89a5ff32d3cc0a8ca5f76d5ff51caf2415a8a2448b01f2814e9a9adaebd08a0d4de5e97588a04c7e8135ec55c735a04cf26315b9198ebd84c8827febcb9d3396f823feff0bf6fd1eef7dd3bd3dfb43a79ae284bcea7a57de640745c57de14c15b7521b6f8642c0667baec13d07b986bb3d01af82129baebb4e7ca918210ce93d06e02b51bd3a31d1f59a6efd29823878ce3c2b2493792545520f1a7ee87027ceb29c73167c74df35786af41e10f93a8c488710185d1b80dd5262a19aded75ed2c1de7178f3cb74613573ff5e80c95c6b2db577dc10640d3fc43a3f053a76043c0e07cda9f6d9bdeef53eacb3f260d8825e32a487cd9d884efba4aa0487f2dddaf08289f6d60c46e03304f6d84dd5d33833584283b1110f0c7df335720f412066d0a587f6627657ec2d582fbd734d5af6e031a20c20ca4a4da2bd748b9f871a81bdb11dfe59a97f2e1a522740f7b119f5f84fdef967fa3a1c922d49c2a8674b2987d7fa5c5f28fe0169963b6975677e96c3dd81d45326c64943693e8145b412f5e3d9d30dc9804b92fe33ad732e25d3390ec933489605ef697c26bbb09c37e344ada108f57153750228872684fe87e0d4a4107ed4fa67e3c69196cdf1f038c44ed52b8eacccdc7b0164d48ff11e56a3f75b715daf10a897b8ada8555418f892c4a1c9df3346eb0b20e7a2cebdf3749815f3c0d684ac816caf822f36562c57dc447167fcb346f5777abb9037c8e38a5e2ae3153b5e8e5ccbe0f93a4cfc482d76fb08d81ba50df5795a4a050da3472896fb036f54c4fe825e3631be4cd8bf5ae6948bdeaa35043e85694dfc36c7090aab88bb61988088a68b3197affd8d868daba39be772b2c57276e0140f8d4edf479b60d22a1c855e51ba3cac04611739ff64cc8cbd430a84afa5477f3fcf05c6f6010568f992ec8c770504157e1f690051cccb6d0db83f4f8324ced75fe3f9abdfef7e27225de37fc921d9197e5c94763aad9836bf800517bace5f6562c3c5ab86e4015074ad91386b87c97e1decb0fdf793bae776d30ad9527a8d531ca57ee651716100ccee62bc6c306d200221a72e2b434ab276e743097bc6e50a863d575f66e414db817059cec7d2c9dd6d3b1690325", 0x1000}, {&(0x7f0000000340)="49e2f1a02ce0154f898cdc5949894a080a43c190b253d84890a38295b5494f2c1194b9ebc615374ee724f4997ed34d7305677d29c7d811de7f0ceb9e6e59c1b45687e9cdf86ce369e784b6369c5defbee7b33c3d48ef4e349718c800fbe6c166a208efbb64de794cbc1e46494f6450e3eb973c4ceed4804f3cb6e9ce187bec676e7ec960ba51f564ccf072a2a57b51b3c07203979afb", 0x96}], 0x2, &(0x7f00000000c0)=[@dontfrag={{0x14, 0x29, 0x3e, 0xf0fe}}], 0x18}, 0x4)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000008850000007600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80)
syz_emit_ethernet(0x32, &(0x7f0000000280)={@empty, @random="ae6c13092741", @val={@val={0x88a8, 0x6}, {0x8100, 0x3, 0x1, 0x1}}, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0xa, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x15}, @multicast2, @random="8915703aed7a", @dev={0xac, 0x14, 0x14, 0x44}}}}}, &(0x7f00000002c0)={0x1, 0x3, [0x5bc, 0x558, 0x1b1, 0x77e]})
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000008c0)=@newtaction={0x70, 0x30, 0xffffffffffffffff, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_bpf={0x9c, 0x1, 0x0, 0x0, {{0x8}, {0x30, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18}, @TCA_ACT_BPF_FD={0x8, 0x5, r3}, @TCA_ACT_BPF_NAME={0xc, 0x6, './file0\x00'}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}}, 0xc0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000800)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x20, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x48}, 0x1, 0x0, 0x0, 0x4000850}, 0x850)

1.251394038s ago: executing program 2 (id=22701):
r0 = socket(0x11, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bridge_slave_1\x00', <r1=>0x0})
bind$packet(r0, &(0x7f0000000080)={0x11, 0xe8, r1, 0x1, 0x0, 0x6, @link_local}, 0x14)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00400010008188040f80ec59acbc0413a1f8481f0000005e140604000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)

1.251178354s ago: executing program 1 (id=22702):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="380000001000010400000000000e0000000000009522eb6e69395e8b978d6365dea1d7a15e18da850622a2e00d7b4892e9dbeb85582737186fd74ae552f1ed445303b7198d14f61396dc14eb65d415a0457c712662fe01e24a9a408d69d54f8b2eb401396b1530482019f6d4b02f73967ee752d5d32dcd88064d3c121bdba9ba64f5487159a756ab3340d0531b3ee6b767ac1c73b85c334e4e000000000000", @ANYRES32=0x0, @ANYBLOB="2b030000000000001800128002000100677470000c00028008000100", @ANYRES32, @ANYBLOB], 0x38}}, 0x0)

1.250524539s ago: executing program 0 (id=22703):
r0 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(r0, 0x800448d3, &(0x7f0000000000)={@any, 0x3, 0x6, 0x4, 0x4, 0xc6e, "ca2484c765d5d9e671692780df7fba60251d081320c7a6d318d71b9f4e50efc6ff319040ba48a95ee1a0686052cc75114c5ab52bfc73a8ed08c38ee98e4021e916c31adc355c5bdfb52058318f16f2aee96c7dd1fac5b0abc28d5cfe1fc0e1ab292cbe44ba46b71e75774b5158f219397a07c6a4868745065bc5b7c2d98113c2"})

1.220680556s ago: executing program 1 (id=22704):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r0, &(0x7f0000001240)=[{{0x0, 0x0, &(0x7f0000001dc0)=[{&(0x7f0000000140)="91f8a9849519def28691bbc4173c3d6f357d0272b7319130feaab952ac4703cad04be68907e50e997fc26e4c91ea4feb931647fc5393de25000000000000000000", 0x41}, {&(0x7f0000000e80)="44900000000056ee66c372f3105eb186dd8062fad2d5b5bfb0ba06f274a8d026bd209da8ffa6a26e3b3f8075704a9d0ef9aff7f1e7db24609f02d34e76992c9df9fe6888c6c9a4825c6223be6ac54536025af1dea54e527c68b0ff250261953f2da79a78104c2d9e7b16ed86b124945aa9ab7581ebd385fb61d442035db81e18c2d2462d", 0x84}], 0x2}}, {{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000b80)="f77d2b5dd5f7d74f0748cf3d2cf218d644566a14103b1c7dd35fd2951bd022f10f2dc7f4ce0d8ac5f4abaca4b97b706153756913b7dd48248b5bfb10460019248bf238743fa2aeb5bef21ce832db670920dc5e911ef2ad63e849901d1001129dbacbfd4924d7545517fd18b5d29978f32a5b5c81755cb89cc0490958ba3211eb99df5cdbbc0f9c941aaa1495893dada02d8188acd26b5afd7476413f322c8f79de769debb56343f3eded2dca93ed6641", 0xb0}, {&(0x7f0000000d00)="31cef842d9c50636f60fc0cfdac56c75f1687f0c56287423f5eed69f117e766bdbad0c2171ad6227e1173ab6efa2fcb1c420a51a0917861009000000f049c606ccab7cda1f0e3490fbe385ea382294882839a22674037b8910bd8a1420e33eb1be6f10cfb24eb7cccdf1528ef33b34ab07cdb0909a9ba9547e1e343b451d9025c4e153612d4674b9411fb4de295599abbcb388d291aa839ab0954e6a8dfc19c3c1533a11d81e03a4879bd736f1caacc2bbf1194598a652677efb930a5b6ee292c57402e0cc07a9a26ee794e46e604a9aec550d12af09f782e1f6a996f0756604847689d37ee3047e61531a8672447cb501b2560bc0e0c5fb2c9f341e", 0xfc}], 0x2}}, {{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000640)="42e013913edbeb683c44e18a52b5a2462064ddd92caaba941de80d06047dedb7eeeff3a27eacf4c416b6979d6c918608807c44d01535dbaab3b390086e4fd43c6b5931187023646d6beac2340fdc7a0d81214ac76a818f64d287311e8828dfd3e3dd67efdb129a6e52745d1540e570891f6bf411cc16a18c4d34e522a1f003498f1a03ea1f8828b6c902286c71a9bc21923972dacfa74fef6a0fd3267e599c1dd33dff5d7b28f134bda4a29962fd5daa4fc9c515a1c3ee25ace1a9948c24b277d0c9c46f948f8a3f98b1a18eff685b7296457ba31632fea4d8f8178170", 0xdd}, {&(0x7f0000000040)="7542473782798be019c27ed30b", 0xd}, {&(0x7f0000000740)="b176d469f44ff7e206a24a3a5f3a112da355134ae64fde53dc0e681885ead332aa45811c0070066fb0e5cf5a9a4965475953e2a028f7dd4a6ed8b33465fd161cd8", 0x41}], 0x3}}], 0x3, 0x2090)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

1.209303067s ago: executing program 0 (id=22705):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0)
close(r0)
vmsplice(r0, &(0x7f00000000c0)=[{&(0x7f0000000040)="b1db373a1e527b57a6330efc2212fe93dadc867908aa2881854cae8bb9e3ba05af1f78f9d9c3dfe67ad40300b8ed921a60ef596e7f88bc6aa2842a2fcaf5d90877f7e2086798df511cc3843fe91f3621bd946407e883d3ef887823ecbc2a09951facfeb34ee46187d4e58507", 0x6c}], 0x1, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_DEL_STATION(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x38, r2, 0x800, 0x70bd25, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_STA_VLAN={0x8, 0x14, r3}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x79}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x810)
syz_80211_inject_frame(&(0x7f0000000280), &(0x7f00000002c0)=@mgmt_frame=@deauth={{{0x0, 0x0, 0xc, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1}, {0x164}, @device_b, @device_b, @initial, {0x8, 0xdc}, @value=@ver_80211n={0x0, 0x7, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}}, 0x2f, @void}, 0x1e)
r4 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000340)={@multicast1, @local, <r5=>0x0}, &(0x7f0000000380)=0xc)
sendmsg$nl_route_sched(r4, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)=@deltclass={0x2c, 0x29, 0x10, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, r5, {0x0, 0x2}, {0x9, 0xffe0}, {0x7, 0xe}}, [@TCA_RATE={0x6, 0x5, {0xd, 0x3}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x10)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000480), 0x40, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000004c0)={<r6=>0xffffffffffffffff})
bind$unix(r6, &(0x7f0000000500)=@file={0x0, './file0\x00'}, 0x6e)
ioctl$XFS_IOC_START_COMMIT(r0, 0x80585882, &(0x7f0000000580)={<r7=>0xffffffffffffffff})
setsockopt$inet6_IPV6_ADDRFORM(r7, 0x29, 0x1, &(0x7f0000000600), 0x4)
r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$RDMA_NLDEV_CMD_PORT_GET(r8, &(0x7f0000000700)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x40, 0x1405, 0x200, 0x70bd2c, 0x25dfdbfd, "", [{{0x8, 0x1, 0x1}, {0x8}}, {{0x8, 0x1, 0x1}, {0x8, 0x3, 0x2}}, {{0x8, 0x1, 0x1}, {0x8, 0x3, 0x1}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4044800}, 0x4040840)
sendmsg$AUDIT_GET(r7, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x10, 0x3e8, 0x200, 0x70bd2d, 0x25dfdbfe, "", ["", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x4000001}, 0x44811)
sendmsg$NL80211_CMD_FLUSH_PMKSA(r1, &(0x7f0000000900)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000008c0)={&(0x7f0000000880)={0x28, r2, 0x800, 0x70bd26, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x9, 0x45}}}}, ["", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x200000d5}, 0x800)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000980)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_JOIN_OCB(r1, &(0x7f0000000a80)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x201008}, 0xc, &(0x7f0000000a40)={&(0x7f00000009c0)={0x48, r2, 0x8, 0x70bd26, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r9}, @val={0xc, 0x99, {0x6, 0x10}}}}, [@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x8}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x1000}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x2e}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xd}]}, 0x48}, 0x1, 0x0, 0x0, 0x8000}, 0x40)
ioctl$F2FS_IOC_WRITE_CHECKPOINT(0xffffffffffffffff, 0xf507, 0x0)
r10 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000ac0)={r7, r5, 0x25, 0xe, @void}, 0x10)
setsockopt$bt_BT_FLUSHABLE(r7, 0x112, 0x8, &(0x7f0000000b00)=0x9, 0x4)
ioctl$PPPIOCNEWUNIT(r7, 0xc004743e, &(0x7f0000000b40)=0x1)
r11 = socket$pppoe(0x18, 0x1, 0x0)
recvmmsg(r11, &(0x7f0000003a80)=[{{&(0x7f0000000b80)=@pptp, 0x80, &(0x7f0000001200)=[{&(0x7f0000000c00)=""/225, 0xe1}, {&(0x7f0000000d00)=""/106, 0x6a}, {&(0x7f0000000d80)=""/81, 0x51}, {&(0x7f0000000e00)=""/41, 0x29}, {&(0x7f0000000e40)=""/205, 0xcd}, {&(0x7f0000000f40)=""/180, 0xb4}, {&(0x7f0000001000)=""/81, 0x51}, {&(0x7f0000001080)=""/58, 0x3a}, {&(0x7f00000010c0)=""/81, 0x51}, {&(0x7f0000001140)=""/167, 0xa7}], 0xa, &(0x7f00000012c0)=""/93, 0x5d}, 0x4}, {{&(0x7f0000001340)=@isdn, 0x80, &(0x7f0000001400)=[{&(0x7f00000013c0)=""/33, 0x21}], 0x1, &(0x7f0000001440)=""/232, 0xe8}, 0x5}, {{&(0x7f0000001540)=@ethernet={0x0, @multicast}, 0x80, &(0x7f00000025c0)=[{&(0x7f00000015c0)=""/4096, 0x1000}], 0x1, &(0x7f0000002600)=""/220, 0xdc}, 0x7}, {{0x0, 0x0, &(0x7f00000037c0)=[{&(0x7f0000002700)=""/4096, 0x1000}, {&(0x7f0000003700)=""/146, 0x92}], 0x2, &(0x7f0000003800)=""/164, 0xa4}, 0x8}, {{&(0x7f00000038c0)=@rc, 0x80, &(0x7f0000003980)=[{&(0x7f0000003940)=""/4, 0x4}], 0x1, &(0x7f00000039c0)=""/176, 0xb0}, 0xfff}], 0x5, 0x40004020, &(0x7f0000003bc0)={0x77359400})
ioctl$BTRFS_IOC_QGROUP_LIMIT(r10, 0x8030942b, &(0x7f0000003c00)={0x6, {0x1, 0x1, 0x6b8, 0x1, 0x10}})
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000003cc0)={0x0, 0x2, 0x4}, 0x8)

1.122345533s ago: executing program 2 (id=22706):
sendmsg$NFNL_MSG_CTHELPER_NEW(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000006c0)={0x4c, 0x0, 0x9, 0x5, 0x0, 0x0, {0x1}}, 0x4c}}, 0x800)
sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000d40)={0x14, 0x0, 0x4, 0x0, 0x25dfdbfe}, 0x14}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x1c}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0xbe8}, {&(0x7f00000007c0)=""/154, 0x8}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) (fail_nth: 2)

920.847982ms ago: executing program 2 (id=22707):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_GET_TARGET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x4}, 0x14}}, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000380), r1)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0xfeffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0xfffffffffffffdac, &(0x7f0000000140)="5b030023e0f6f1", 0x0}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000840)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8fff0ff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000400000006a0a80fe000000008500000053000000b70000000000000095000010000000004e62011c3034fdb117168bd07ba08af339d1a1ee35fe163a255c33282044b32495ef8ab9adc67ccc945ff15d802f5132143c0a9fc7a84452569957c1002ed7d458e17f791f4798c8eb484de03312c69b3edff5be26765ba5f8f2879021c2ea53ac547a654bbd2db5356b971d83dd12742be9087a3e7b7c0efd3e38c794eb06b0b8c392904ae7dd5e4dee88518ddf12dddd4bfc6a4dd3b6beba51074229b0d4b504516c4c3e5d1aa044d8d00728141cd67bcd68f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a057826ef4e912f01a201e694e3049b8c8fe8b65d8d66bb766f7f3f918c86a702522368d9f81897133af94a5a4cff7f4d8b9d8eaf302f0b2e0c252b0000000000000000ee917bca4885bbf597a14ab6458e6272d88e0c8088f404f011289ebc5623faa1182632161e073af1d69a2e36be115be3b325ecd201d2ffb0a7fa4f5d1106560cdcf071defd0a8be3b69ce3e4f361aca75827426dde87fdf4617222674280f55e98107450c19b861299fcd9ed9d8679406419406bf0c5329bd5b4697336112b0b8756ce3574046bf611a108f8df4d1a88597840b702b6fa8edfff8faf8b8ec039bab385cac0535373bb8fab90539b1a65ddff841eb671f7faf39a43a66c5540b8762b42007c9ec43193ccf617dbf8a12b4a189edbf9fb7c42b1f435ccd4b19b53b60322af0aa66e8f448e1bd96822e6b70b62912c926dbe417cccd4f696d528fa8a3ea847f10e9b1106f3bb506f1d7fbdf801000000000000006c028eb5b5a073d0de5538ab42e171b3baae34c35987b0dda497ac3f5e97e60eaeea15c6d55badf9b86b1c000100006e60cd06c9ed24313ce607d403bb6030f800000000690db0221b1705c501f802ff59b4e683efa4b6e77e042072ec9eb8166f6e28b49a7705a1befc4d315878f88a8fb1dd679fb4c5557abae6849917dc51a89d47b728502f7e621fc0e3ba04020000c149ee6601728c750930519339b44197c22da865059b475afd96187d881e93b42a5fdfd686d8900c44c67133eeb0109dcb60dddad58037fda65885a15a42560ee3027a5ebf95254744f10fd607bc3100b94932b8d9447c42f6e21ee0e54f8be386bdc09decece910a481e648e0cb074536a25ff581d92af08a06f857311a2f14326b0b290205e91a682e00c8762cbc6b904c980eef6e6ae00f0000000000006a8194479700a02b92bec8d05eae1f24fdd7b80d3dde04c22f689594de2ebb9687219de8d73ac83823feb402a2415a9850d5f0183ec67be96dc0e4acd7acf1dfe79d6771903b76e2ae47d972651390c22d641030e1ddac018dc3116e1803af10a5f2b5f7ba58aca5bcabbbab24414a3810788e5503e4be66d683daac5f00000000000000001000ba96edb95ede0e1957c2a2754258d9fd028096cc15a8b912b494d4bbe609031ea1ca65a548941d5d16297757310d9daebd5a3dabbced3b051129cd60a37d397643324e6f0aadf978d639650000000000000000570b0acbcaa196e6b46e213a34c1a550e7c2d8cee7a278cee591f360e345d37dc9f8991a16c08d72317e42d2ac9126acd76130ef1086016697e4d51c4b42b2efc8edab88d46bc3d5d6e5a634c912bc40513643bf44cb416b3149040220aa39035ae46d16d879fc815a5cb84b0d5c8ad970128adf8dec1171e860ca54ce5d6a5aa0327bca4f49a710bf8a8399071237fe5d764e2034873c94a4f21287f3bce3eeb69e94df2e14e4ab10cc7834b304bc879b80255991dd7aac2e92c9e7c411c019d229c1f1e563152f1c5ae9cda3e808000000a0c779d624c5a2b7491b8f73e767389ecd1dee951353bb22b7caf89468871520823715cfebd04189c6c6b34bd8a6541f6bc0630000000000f94e85f5111add3a3cb5bcace95f38465402c39df835754ef33056b0e1134187822c001a25304f3e00b44675d0a25a21dc4023c642cc6f5a75c45a29ab933600acf9a2d471b73a73178cdf309e5d53311996215b44295dfddc1dd6b81132e999366e460d15d366e84da02b8afc40c47e733f804460ed8300ec34eab2ed80097bd32ff1a6143ab1476037e474ca876187c85bed4391215cd77e6a1fd6399a498b96b9b0cca93255acb08c67e50004c5af6fd5b4ce7c1ebc9202bd7b329a4d2530486d5999dd7f90ebecca37f2869135438f0540801fd7481daf9ec94b799c12e714d573e2a6331f496254f254a60c52b2026ed6a72c82cd191490fabe7b151f92e5d700f21830d613fbe490f305b3845a78817e59bf7ed36471dbca01d39e50ae2535460e1d2f2614940647233a02d5000000000000000000f70e52f0d56f6a4dcf7e57c03d4b4add0500000000000000320304d0d2b308c5ed3956eae263035d703f862224e9818a3d7ac270793a7bf2af87585293960a80ac63c54e55063bf8d24639e561253ef0caf6c58118120d8acecc0528f0d81d291009fc46401baf9c22d1c452a5b61b7a1b9adfcc17f5ad99dcdf935923185db7b14a7fa7babc1f53df70618bb73aa810b756696f26653b84cf842ae433fda59fbe312be11bb7dfecdc38c1c1f688d2724568cc396fca7c74984b7f7bd000000000000003ff3e5857fc6598c933610be374909dc8622b0722259e922f40d7862f7ea72f1754f07711de7600000000000000000000000000c4cb643e73ad8a45f0c7164484540e66e29943aa72297d831ce6c978866a55ed53130c6747f569c9c9abe724b4fc647b17401d2201e8c201e7d6ffa1fa122677f7393ed4fe8a93306f048b6703b04544e42a9cd937ef8d98ee8d878a12a627791c5c2d9fc6de65356be92fd98fdbe819686c7bd3be5bd0ce627c8357675f752c73a502d25c31c831078f098c34295bfe90e882843003841f4c0c65dc1810a50000000000000015911cb03e743c482199757d35df5b59fe0a0c5240c85498d818578e2d65c4ff4acbee037498222b1f81f3726a244da1fd6b8c195f1303bedb744045f31e1547d7bc3c3eae68b8da059a59c8c37e3639c2c4eb3d8229ac24d2ce12bc0e5db4a8202d72e64d5c5eacd0d0c0cd7a879ed967f5a2bd39ae4cf7daf7c9fa1777d54fb5920c8434163f75062c62455bf6e23817a85d"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r3, 0xfeffff, 0x113, 0x3f00f000, &(0x7f0000000700)="c45c573d395de5b2891a7d637a223920f181c2e57d71483cfb2d075a3fa67258e080a194805cdb0c26d3f7ffb1e0d9cf4fa36dcb2168b72de48ac8f93e6804f1c4d70898d0810e044d7e1778eaac5dfdcc9f1208905522025bcfdf1b6f969b094d5c022c2b7ffefde71e0627b9a2069cc1e0175c4b8860aad4b0a103c589f676b6c4e85eb3950c533b6e62c39ccf9ae9bfe54ee5887358d44f46337fbe090d7c7e55847edee8130ffd3d1e719e01a68b0e691c0d35b0b56e0b514036342fd56f08ac0083f3c2fe41a1295a3d23cf3d160d4fd90f66beba68860456ed41272e1e68d16c2564c85f5556e18784113c493d13253e14d6eb891707fba3c30d07d5ee8619e4426cafec4cf6a3723c455d09b586b248", 0x0, 0xf0, 0x0, 0x4a, 0xffffff0c}, 0x40) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r3, 0xfeffff, 0x113, 0x3f00f000, &(0x7f0000000700)="c45c573d395de5b2891a7d637a223920f181c2e57d71483cfb2d075a3fa67258e080a194805cdb0c26d3f7ffb1e0d9cf4fa36dcb2168b72de48ac8f93e6804f1c4d70898d0810e044d7e1778eaac5dfdcc9f1208905522025bcfdf1b6f969b094d5c022c2b7ffefde71e0627b9a2069cc1e0175c4b8860aad4b0a103c589f676b6c4e85eb3950c533b6e62c39ccf9ae9bfe54ee5887358d44f46337fbe090d7c7e55847edee8130ffd3d1e719e01a68b0e691c0d35b0b56e0b514036342fd56f08ac0083f3c2fe41a1295a3d23cf3d160d4fd90f66beba68860456ed41272e1e68d16c2564c85f5556e18784113c493d13253e14d6eb891707fba3c30d07d5ee8619e4426cafec4cf6a3723c455d09b586b248", 0x0, 0xf0, 0x0, 0x4a, 0xffffff0c}, 0x40)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f00000002c0)={'wpan1\x00', <r4=>0x0})
sendmsg$IEEE802154_LLSEC_SETPARAMS(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=ANY=[@ANYBLOB="131a0b53e76c8a0ba924c3b2321f7d99fb8ff27966f10ecbe8cbf2d16ca47b70f91b873e4e55df51e3703e930917ab9ba6d7c55168b958dc6a0ef3664442d15a76e8dc7989d555da63067a47f713ea3ca85c9f965779afd5d9d278c8bc02770c14e4239a35d1d55fdcd637d594d8fe37182d5ecc36d641ac190b44794a51", @ANYRES16=r2, @ANYBLOB="010029bd7000fbdbdf252500000005002a000800000008000200", @ANYRES32=r4, @ANYBLOB], 0x24}, 0x1, 0x0, 0x0, 0x8044}, 0x840)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r5) (async)
r6 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r5)
sendmsg$NLBL_MGMT_C_ADD(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14010000", @ANYRES16=r6, @ANYBLOB="cd3e0000000000000000010000000800020005000000ce00010043ecf8a077157cd8bc73e1b93314cdcbb6b9bb84e5bcdb7f9af2eacc913a7640e8332d1daa67516c7f094b740c631f175dd5d0f0a8ebd2679204020b"], 0x114}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r5) (async)
syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r5)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r7, 0x0) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r7, 0x0)
recvmsg$kcm(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)}, 0x80000000)
r8 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), r0)
sendmsg$NL802154_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r8, @ANYBLOB="010000000000000000000f200000080001"], 0x1c}, 0x1, 0x0, 0x0, 0x4004040}, 0x10) (async)
sendmsg$NL802154_CMD_NEW_INTERFACE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r8, @ANYBLOB="010000000000000000000f200000080001"], 0x1c}, 0x1, 0x0, 0x0, 0x4004040}, 0x10)

834.81959ms ago: executing program 4 (id=22708):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={0x0}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, r1, {0x0, 0xfff3}, {0xffff, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_MEMORY_LIMIT={0x8, 0x9, 0x6}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4890)
r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
close(r2)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r5 = socket$packet(0x11, 0x2, 0x300)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001840)=ANY=[@ANYBLOB="740000001000010400000006000000000000ffff", @ANYRES32=0x0, @ANYBLOB="00000000000000001c001280090001007866726d000000000c00028008000200ea000000140003007866726d30000000000000000000000024000e00"/69], 0x74}}, 0x0)
sendto$packet(r5, &(0x7f0000000440)="8374", 0x2, 0x200000c1, &(0x7f00000001c0)={0x11, 0x8100, r4, 0x1, 0x23}, 0x14)

729.831878ms ago: executing program 3 (id=22709):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200))
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_udp(0x2, 0x2, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, 0x0, 0x0)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
socket$packet(0x11, 0x3, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
socket(0xa, 0x3, 0x4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, 0x0, 0x10)

729.634644ms ago: executing program 2 (id=22710):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x88943, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000022c0)=@newtfilter={0x94, 0x2c, 0xd27, 0x170bd2b, 0x2, {0x0, 0x0, 0x0, r3, {0x0, 0x10}, {}, {0x8, 0xffe0}}, [@filter_kind_options=@f_flow={{0x9}, {0x64, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_KEYS={0x8, 0x1, 0x1e3a9}, @TCA_FLOW_ACT={0x50, 0x9, 0x0, 0x1, [@m_csum={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x1003d1, 0x3, 0x20000000, 0x6, 0x6}, 0x66}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}]}]}}]}, 0x94}, 0x1, 0x0, 0x0, 0xc804}, 0x2)
close(r1)
socket$unix(0x1, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @random="af75355d1696"})
r4 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r4, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r4, &(0x7f0000000280)={&(0x7f00000001c0)=@xdp={0x2c, 0x0, r3, 0x42}, 0x80, &(0x7f0000000cc0)=[{&(0x7f00000002c0)="27030200dc0f14000e00003c0ff000000000ff840000000200000003125ce882cbf490d908f1523f000000002d9c2740e260a09c6911cda856d5141bffc6e29a5789796eec81944d7dff184d3319ce9dfb5c1fcd66e67b91a917a67ece64299573503cbc7e27133c4e5ed68c7a9b407a275bcff3432a487ebef21275b91d386164b443c1dfdf63831812e0471639a99b97a9923e4659cd5d1e3c", 0x9a}, {&(0x7f0000002380)="76e69c0141b4626c18e58316fb1785bc79a094726e33891c6d73f43317b7de3105b7a250790f8a23088b7292aad0049477fd7b736036a2ba810a11b6e5e83b06e0c428d362a29030f3fbb8f93a957f85472c59a37fbc2dc4abf47a23fe1bbab86b3666155606864b97f7615a55989cd2e143f1a9aca24050db9efff1f1639b55a2a771ec9e91f94fb670c3f35f31c40170189010e598500aa376763444ecaf5df2a31e04eda4201194c49c48d817c9d8d50d47c014b329be33b127527fe321b097a15f48ef82a32b10e24a1b56e981b91257aeddd7fee2fe035a1a164b3906ca184ad08f294cde3dfa48743847cac62a87c2d96176a9f6b4278dc95c6c637294986fa9e3e82b504341f82bf314389b0af7c8e07cb6f5ef9bcd83993c880ef2b2aa313a124bee3deb3133338c291d698f04b796be5514c81bad54c22190acda8145b1c14c4b916e2f5c2f10a8702b90d26e0332605edbc351edcd5621cf8c0f1585b1a53879f9ad931c18b15426856dc1c800e4cce36c6c1bf880c0c40a718810ff4793eba9e39d7cd9b351905a845dd3064613cd6f75802a6bc51c1524b412a2a68e6fa4886bd13b48aa9a12a7ace6fa08ccc86cda842d2f4b564a76a9e8adad2249e0dc200a2e647d34ef0dc23dd85674cce8f8e08a6c5ea76db48ac832f2a6e7514c9ab9f7e99fb3a7ec6cbc1ab45e12d151176cd6a044572928dfd2b72e3557d037b12328f7d4388a4ff8a8e890b2cdaa61fd525dfd3d0feda9c066feff70d89e8fbaaa4ac79e0b814c7b0cb9de9b5915ee30c12c55dc302fa36f96a6b4a437e2f7bac25fb284eec70388c1d4ee9fb51483c801007a74c1806141802eb107b80a047315c048db3671e35139544988b51a23136b02151a06114cc80c05b772786a505edc6d8f74a66b126a940f06000d7abbf3224b9e1f86eb693778968b3e982f197570ffa5732524be57aba33a59cf0032ef61b52f7c2fc2cd992d616452316ee21e7361cfc527acb09f0f46bb8ef013f28d7f615b09037d26e0715d927afee6b9878adad923ce6a6114bb8d3463be786232330a028c152adb31596c77a60231d53fbb8ce73509f37100f69c9004429e904b644de72b865fdccedbc99927542df25180f5880d20590900a9e8b711c8867b67b98d48caf8259797b41284f6e52aa5177ca06a4f25a568ea3a5dd13c6711436d63b814da12b72470eb3468860e5ef86bf381babc6cec73757a1c38a8cf9887bb69045b155ed0ae6c5f2c07f3b9f02c6f02a9ee474e3a9d75e67694bb2a0f28a672a5883dc9688ca2166f914bb1cfc70685907bfa4e9693d9620969fa41ca907751335193417b468de3bab8bf0b7438abe80f494c95e017f41e9a232c52153bc58adf7cc845e770ba119756bad683ff9c701cdd34bc540d8164cf3099c011b328fc0a0445e8eb8085c8cd2fdaf22e1dea9d04454b37af3c83dd3f667f73ca9eb0c3e9bc328b536a1ae9a449b24e227bb05692b16560756d9f0cb3200df43c26d3dbed542f7bd4e3d1329c8e9f631520355ea32dfc72e59254b1687197c8374111ee1de4c1784d843aa26992280c9ec267965b8d4d6461afcd597ce636316f5c4ac8f1bec9aa16acd974798c10475e53310630a36796ab4bba263ec76008a821ee9b58861e77f1aa341b9a1bcc9e21c9eb0625297604cdf14e77040e46603597f87d00053c7aafd8130813102105463ea538990f880525cd80e12c426eda2f87a4aefe29505de1a924fad50d9b97a37418331a542333585105ca18976435917721e80f3c631f268b8517f00dc9c8da872328a27e296aa7422b290327feda241d7ea0cd81750d044969e4429197ee55e8111193aee3df3bf37961a4323ac640b0fb11b19cb4e28756defd9f2e1ef3adc3b0aeb5102399dde99e5e67ff4d18c6475440612f42274d17ebc0280f73c89e77fd9dd652edb5ea4e7ad7326dd4c69cea26b47d8314ad412f8b96f2a33a6323c1dc4050ffde22b31656c22b8a5597c3c50cbf4efa9c8d2e4200ccab35ad8badc09d8e05a7abc3dfdce491ecd682dde18f2da41bff3c2e293ddc82df8a1ca558a08b7937bd7228ed25522f41bcdfba8c01a7aa93af6e58b3912dace81ffc5f079e8a4e9d45778afa57909a8e9138abbf4ae6bdbc571d8cc0fb68755b644934fc98fdb263098afab3ffed8e80ea4e935852d9577935c0a5b03425e5e1c3327213d0068dea19165602000000076fe3ad291b73f08e5bf3cb50f60510b85f09bec5dd2118230541448370fa2d1b362ce6c2eee65909ef08bbad2e38ef2fa7d6c0bbb2fbf90e1a63b26c8e41f17b35b1e55885ac66f263d0f42a27a7823d664e3ae65909dd411f05371f21e5bbf7424d41b966e2e8891ae13c3fb700987789f79cca95807ab3068549f250caee6ab7f924afec4b6c821f82f3683d42fde5ccbfafba73c720f8481a7e4d2315e2219f4925893268649dddf696586916bb8c02a3697c38016788d4c799cbbc52043d0ebd08d74efb4619a46db86c744928a580f53ae2d5bbbc69342f722ab65b305975ab500ce7335ceb7d0f726c83a2c47eccf416fdb79f8439d2c608019ea2ef94d1fe8a7367013ae57330165228509d62fab87f04b73a76f80049f23d11a3068721414f8e45b18f4c1d56c11da71c949b35e6c5305452057f947520abbaf701c9b7cbfe623adc65a050458cb5948d1c1699b452b3d9fbba6b3bcdb537bbbf95d8267760cd943de819349966dc515babfca73d5ff3551bc56fe0f9dedb6dd5f4463a3aa652dab81a589ca4e4b0f19ee3b4b20c3986df2f72ba990b421c77b00a9b5cca5d850d607d0a46c2f1b1bbf8dc7f0cc6fea3104615a6cd698d89fca37adf4edfe4ba7c16231a9f2a89c55612e9c7031b7d56d2eb88745ba43a63a122d4d6661e83408a807f9b4519c05f01383811e9a2506c0c23618528599152f7a0481d1e576e4eba29c7725f24f649be7e5d7b9678a91e22d559ee77a1ddfe7225afa40085061c492fc4714f90e481cf494ec6d108fe0be6633d4f4785cb1c82f15190333398283ade4cb97f8104a195098a5a1c90227797fa8216d4762b6e78c60030e69f413cccf052df64a3d1bda69f6dbff49a68ef298809390f39a91e3b5b1971dac8554ed9ae24b4789ba60c145c059b1cfbf6594ed3c734bb4e1172f2e31a18659764bf324621d68b8e356ac3faee71ea97b0b78eeaa29c0f7ee1129777ef1ecd4d7f6586f8d0308709a94489951a04d7eba9793af6c929a0e91cda90457ca1c128cb6aa23f6da8f64f0d78a59f07a19515d9f607aa79c7b6c466e474e45ad85b0f2b82d470c03f7bbfb2fa68b32d4ac188d4a64f22b29c3af9f0b39bc2bb6b399e50f71968effe5b2f0d51489aca30993a67dbd80698f9a0c2ba9addffa3c3712215e63f424ebb5ebaf24fbf476f1d85493050c8be181f7f8783a34484005b58a703899ad2dff546eac853be1529fbe865a3f97643e8522956e0e361ac278e014328aea0b8d4268fd157513bd0f64f589ff8aaa0df2eb929984661031626bc661a5d3035b373177a4703a5000ef9b3ccb84b3dbaecb25ca341c5f12959d214e84b6545f47704d635765b336e4374975c2c40d5814b68b02965e517197edb553e7d3d8432544f66ce84990e7873fa2fadfaaeaa9915f907b3396b8529b03b646cf29be65784b5c08aa77521dd5064669f5ab33cc8ea168ea80949af9ee3937b2aa54250bd733c51c7c4be47c5848abf86b6f522e2a2dd4aa39693af731d70314e1d7af25c57a2dd126121bcd316118c66c18e2109a0c87714f00deaef07648e75f498eb7a8f30784376d14121a1ff34d402c5255fd2c0569624e93a796eb92980ee82ed283bb538e20dd8b02db072f897004f0e11de081cab5bedd9438c612982f1c73388ed98ae3b2d3adc6b8e70434c8992f52ab7c9488da5b67c6c003fdf530ef4172e0ccc16ff75fe6c919619c7ae513a8fcdfdb01410df94978f88b44e60b17a1984a600e04bd072fa731e19f75034d78b57f9890ab4dff68bf2928b5fc711bae0f1baeb8596e8a42f7f172125fb1da929d1f921c53f6cba0d98cd6e31b41ebf3935981b9e98524dd344b9e76b66d31f7d47869cdd3ae49e4e8c42264be751219861504ad49ab00e384e7bbf06472714829dd61e58a1784696a02eee6d9c92446392cadf4436c7eb769d1c5226164a9be70d2c2c6b71342a6d03dc0d39d224f9df8e4ed11c86a47531d5449e5364e8ca5af4c03455fa9da8b5b0d174e41bace68e515f9967d79eaaac20b2a9e773b3418ff1a10c1835bed07e6109eac8ea4f130bc70aad103356f9749195fc2745f7076b5b165ff56de0596018b8251a0bd700db48a2243fe56831cf6785d70ded595b1bf9b25f2979923176109adb8012ae650c3fcb110352b884f79aeb465817124f75cda3168ec65cdace89522c0a7061629ea0d5d0573b9aa029500d64cb5df4f440859e4944047e6967511f0f25e9a45751d296ed6b61d4f217c28672d34696fcbaad5a57fd0e063537e889df2bf9e20e6c075296a800179a23e605948dc74fcf", 0xca1}, {&(0x7f0000000440)="c91d588b87bd12b736780a766e3ebca34836bf87f46f8027511d29f92e1a4e8bd5fb5367cef57a6d8db59a972c54efc7ece9c07cb4a0921d4a2320d73ff2d3c54d7af0deecef81ce277562dde92e480b2cf42e52cc039c43fea94e730feb6f5cad427446e7357d255248ab48a0b733cc2c7541488d63b8f6d2c4f0e03ac8faecc74486b2cfb59a28d701271dc07ef9d82e0ce78bca83048caf47fedf4f4df5863a2f849b5fc6ef0b49bf7a6cb6faab2a777d", 0xb2}, {&(0x7f00000007c0)="1da19d23fdff85b98167af7726547120df65aece0cffbb361fd19ec08ddad9340531b1c05e106ea2b36a41070b0be2be119aa8c7d8444f4341cccd89faa6253e1ee49e9132d115fd9988c00b16b48669fd2863efe80b92787339069a0f79bc832754fc4c564bc7c61f70be9565f15584fd519f000000005d433935485cdc2ffa2be958749701504aefae9ac9424f870f12b651ec19cedc69367ba0093c404d4ac740bae7f612cd45bc475f1f4b47ba45ec376c3a98a06da61124f2650b53b15c87c3e6ea7734e44835fcd6d23a0d7e00"/221, 0xdd}, {&(0x7f00000009c0)="a5ca8683d601768d343ca112b53e7aa9b7692478467c2525cc9ceb426e1c40e3b29380122d838019715ede6740900e4a5b9097b6713ba207b45f64e07e8d44f24c842b84e2c5c3d4175f2c59ef949b2cfb2b1722cf08388fed3e7ff321bda9f2a0744407b6a38593ab8ff05b41a7bc10f7424c9da00d3b2dea193936dbae3b28e7f3ab2ec79d512847fce7d00e40c1e127d871123a121c8c684d714b81314f94d74e8dd61d5bff0f7a86dc7452ce6fcdb767dc9953058022e5f082d4024350a9e1d65f80844770359a06b0554bd065b79ede8b2138a0eda7a68ba7fd4240630196a25d1f5f1e15a09f55d4794bcc7f6157b9376d046f30af1ac7464b32a655976a27d8baebcb440d211d60baa353b30fc2a967c9827f4fe99c20abfdbff7b2c090ece74acb8e28", 0x127}], 0x5}, 0x8bb3a321efc01a)

635.810681ms ago: executing program 3 (id=22711):
ioctl$XFS_IOC_PATH_TO_HANDLE(0xffffffffffffffff, 0xc0385869, &(0x7f0000000300)={0xffffffffffffffff, &(0x7f0000000100)='-\x00', 0x101c82, &(0x7f0000000140)={@align=0x7, {0x8000, 0x3, 0x4, 0x6e}}, 0x6, &(0x7f0000000180)={@_ha_fsid}, &(0x7f0000000240)=0x4})
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x50)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000000))
syz_genetlink_get_family_id$batadv(0x0, r1)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r3)
syz_emit_ethernet(0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb080045"], 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
writev(r2, &(0x7f00000001c0)=[{&(0x7f0000000000)="89e7ee2c7cdad9b4b47380c988ca", 0xffbf}], 0x1)
ioctl$FIONCLEX(r0, 0x5450)

552.876726ms ago: executing program 4 (id=22712):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_mptcp_buf(r1, 0x11c, 0x3, &(0x7f0000000040), &(0x7f0000000080))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="020f0000100000000000000000000000030005000000000002004e20ffffffff0000000000000000080012000000010000000000000000000600000000000000000000000000000000000000000000000000000000000000fc020000000000000000000000000000030006000000000002000000e000000100000000000000005014cbc349fbcbb16a3f144993c090f0eb"], 0x80}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="24000000210021f32dbd7000000000000a00000d0000000002000000080018004e214e22"], 0x24}, 0x1, 0x0, 0x0, 0x2000c045}, 0x80c4)
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="580000001000010426bd7000fcffffff00000000", @ANYRES32=0x0, @ANYBLOB="00000000051002ea0200030073797a5f74756e00000000000000000021002200b50711d22364085195615727cb02a1d068d1b4b4c044411965fb5b802e000000"], 0x58}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$inet6_mptcp(0xa, 0x1, 0x106) (async)
getsockopt$inet6_mptcp_buf(r1, 0x11c, 0x3, &(0x7f0000000040), &(0x7f0000000080)) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$key(0xf, 0x3, 0x2) (async)
sendmsg$key(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="020f0000100000000000000000000000030005000000000002004e20ffffffff0000000000000000080012000000010000000000000000000600000000000000000000000000000000000000000000000000000000000000fc020000000000000000000000000000030006000000000002000000e000000100000000000000005014cbc349fbcbb16a3f144993c090f0eb"], 0x80}}, 0x0) (async)
sendmsg$nl_route(r2, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="24000000210021f32dbd7000000000000a00000d0000000002000000080018004e214e22"], 0x24}, 0x1, 0x0, 0x0, 0x2000c045}, 0x80c4) (async)
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="580000001000010426bd7000fcffffff00000000", @ANYRES32=0x0, @ANYBLOB="00000000051002ea0200030073797a5f74756e00000000000000000021002200b50711d22364085195615727cb02a1d068d1b4b4c044411965fb5b802e000000"], 0x58}, 0x1, 0x0, 0x0, 0x8000}, 0x0) (async)

482.143577ms ago: executing program 0 (id=22713):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r1=>0x0})
r2 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r2, &(0x7f0000000240)="800000800000210ee7decd7a888e", 0xe, 0x40, &(0x7f00000001c0)={0x11, 0x88a8, r1, 0x1, 0xd8, 0x6, @broadcast}, 0x14)

481.441534ms ago: executing program 2 (id=22714):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000700)={&(0x7f00000004c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16, @ANYBLOB="0100000000000000000017000000540006803c00040067636d28616573292d000000000000000000000000000000000000000000000014000000e3de3d7b4cd07ec3ee777de774fc7987cca41989140003"], 0x68}, 0x1, 0x0, 0x0, 0x4}, 0x4008014)

397.673852ms ago: executing program 4 (id=22715):
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000140)=ANY=[@ANYBLOB="61123400000000006113500000000000bf200000000000001500000008ffffffbd0301000000000095000000000000006916320000000000bf67000000000000a406000007ff0700670600000200ffb0070600000ee60000bf050000000000002e650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d4301000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9755ba08554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a6538b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c51231422bb8fab4d4d897db2c544c0ec50b8eac8c63d2b1cd06a39702bd547f5ebaa6954f01cef3c9bacec15e2e3b2bd352e93a2aadfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564b8f8a621483fb2a5ff221e0d831d64759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf736f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d8b570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91f0eb18e21dfdab3c84ec11377fbbfd1e000000000000b542a536559eed87b58edcfee83a50077ee0e8fb6e787cb3076dfeeb79f55927fef9651e176b40e64740a01944577caea4ceb9e907cec36a8429445c833b9d24d53dc91f15af1f4a1db9fa452fa3f0b812355aab5b58659ffd56034fdbb169f3e86660acdc65dc699d3e6364a80f45e54d6efcb99b41a080494f842706f3c1716d2e252bf89663393356296d89fbf95aa7966fa700b710008311d6f25e05f77d68799e671d90cb04131742790941d83ffdfa857e9e085a59a78e7a17f008ce55866fcc4de388f270a1ba675f43481bd2"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
bpf$ITER_CREATE(0x21, &(0x7f0000000580), 0x8)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000005c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x1, 0x2}, 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000540)={{r0}, &(0x7f0000000080), &(0x7f00000000c0)='%pI4   \x00'}, 0x20)

397.480023ms ago: executing program 0 (id=22716):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200))
socket$inet_udp(0x2, 0x2, 0x0)
socket$inet(0x2, 0x1, 0x0)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
socket$packet(0x11, 0x3, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="380000001800010000000000000000000a000000000000000000000008000400", @ANYRES32=r1, @ANYBLOB="060015000700fdff0c00168008000100", @ANYRES64=r0], 0x38}}, 0x10)

345.348873ms ago: executing program 2 (id=22717):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff})
socket$kcm(0x2, 0xa, 0x2)
r1 = socket(0x22, 0x2, 0x3)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB="1400000042000501"], 0x14}}, 0x40004)
recvmmsg(r2, &(0x7f0000000000)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001680)=""/4086, 0xff6}, {&(0x7f0000001580)=""/238, 0xee}], 0x2}, 0xffffffff}], 0x1, 0x2, 0x0)
ioctl$IMGETCOUNT(r1, 0x80044943, &(0x7f00000003c0))
setsockopt$inet_MCAST_MSFILTER(r1, 0x0, 0x30, &(0x7f0000000f40)=ANY=[@ANYBLOB="ffff00000000000002004e2264010102000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001500000000000000000000000000010000000400000002004e22ac1e0101000000000000009b7700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e22e0fa116c41fe6d880cc70d0000020000000a000000008c4500eb482b26c9512b1982d98945f10000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e23ac1414bb0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ee7a635e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e207f0000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c0000000000000000000000dd9c7f2d099583d6469baea3e2734de31f65ee6d45"], 0x290)
setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f00000002c0)={0xf, {{0x2, 0x4e22, @multicast2}}}, 0x88)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x0, 0x0}, 0x10)
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0x40047438, 0x8)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000500)={&(0x7f00000003c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000084"], 0x0, 0x26}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="850000002f000000620a00ff000000007500000000000000950000000000000018100000", @ANYRES32, @ANYBLOB="00000000000000000504000000a48774000000f73b858730deef"], &(0x7f0000000140)='GPL\x00', 0x2, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e}, 0x2d)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000340)={r3, 0x20, &(0x7f00000002c0)={0x0, 0x0, 0x0, &(0x7f0000001880)=""/4105, 0x1009}}, 0x10)
ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x80086601, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r4)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x2c, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_TX_RATES={0x10, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0xc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}]}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40080}, 0x20008840)
ppoll(0x0, 0x0, 0x0, &(0x7f0000000380)={[0x1ff]}, 0x8)
socket$nl_route(0x10, 0x3, 0x0)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nbd(&(0x7f0000000000), 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r9=>0xffffffffffffffff})
sendmsg$NBD_CMD_CONNECT(r7, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f00000001c0)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0100ffffffff0000000001000000100007800c00018008000100", @ANYRES32=r9, @ANYBLOB="0c0005006c010000000000000c000200ff7f000000000000400007800c00018008000100", @ANYRES32=r9, @ANYBLOB="0c00018008000100", @ANYRES32=r9], 0x7c}}, 0x20000000)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f0000000440)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {}, {0x0, @struct, <r10=>0x0}})
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="380000005500e50100000000ffdbdf2507000000", @ANYRES32, @ANYBLOB="20000100", @ANYRES32, @ANYBLOB="014dc09e03"], 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x0)
ioctl$BTRFS_IOC_GET_DEV_STATS(r0, 0xc4089434, &(0x7f0000000840)={r10, 0xffffffff, 0x0, [0x8001, 0xe, 0x58fa, 0xffffffffffffffff, 0x5], [0xd, 0x1, 0x4, 0x5, 0x3, 0x800, 0xffffffffffffffff, 0x8, 0x0, 0x3, 0x2, 0x5, 0x7, 0x800000000000, 0x7458, 0x24000000000, 0x8, 0xcf6, 0x8, 0x81, 0xfff, 0x6, 0x5, 0x0, 0x7, 0x3, 0x7, 0x2, 0x6009544c, 0x100, 0x0, 0xfffffffffffffff2, 0x33, 0x48000000000, 0x1, 0xe, 0x8, 0x4, 0x5, 0x1000, 0x0, 0xab0, 0x7, 0x5, 0xfe28, 0x1ff, 0x0, 0x1, 0xfc41, 0x1f5e, 0x8000000000000001, 0x978f, 0xe, 0x5, 0xc, 0x100000000, 0x3, 0xfffffffffffffff8, 0x1c, 0x6, 0x3516, 0xe8, 0x5, 0xffffffffffff0001, 0x9, 0xfffffffffffff1a5, 0x0, 0x8, 0x8, 0xfffffffffffff000, 0x7, 0x7000000000000000, 0x2, 0x10001, 0x6, 0x10000, 0x5e8, 0x7f, 0x2, 0x6, 0xc98f, 0x1, 0x3, 0x1d, 0x2, 0x6, 0x8, 0xd, 0x7, 0x1, 0x3ff, 0x2, 0xfffffffffffffffa, 0x80000001, 0x8000000000000001, 0x400, 0x7, 0x6, 0x8, 0x0, 0x0, 0x1000000000000, 0xfd, 0x9, 0x7, 0x7, 0x80008, 0x6, 0x1, 0x5, 0xffffffff80000000, 0x1, 0xb, 0x3, 0x3, 0x4, 0x5, 0x9, 0x4, 0x80000001, 0xfffffffffffffff9]})
sendmsg$nl_route(r11, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="2c000000527703ef1a364f76c600000e28bd70001bdc9c991c080006000000b9ea164cf4c07b3c0000080006"], 0x2c}, 0x1, 0x0, 0x0, 0x8018}, 0x40814)

304.534499ms ago: executing program 0 (id=22718):
r0 = socket(0x11, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bridge_slave_1\x00', <r1=>0x0})
bind$packet(r0, &(0x7f0000000080)={0x11, 0xe8, r1, 0x1, 0x0, 0x6, @link_local}, 0x14)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000050000000900010073797a30000000002c000000030a01010000000000000000050000000900010073797a30000000000900030073797a300000000054000000060a010400000000000000000500000408000b40000000002c0004802800018008000100667764001c000280080002400000000a080003400000000808000140000000170900010073797a3000"], 0xc8}}, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r3, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2={0xff, 0x3}}, 0x1c)
setsockopt$sock_linger(r3, 0x1, 0x3d, &(0x7f00000001c0)={0x1}, 0x8)
sendmmsg$sock(r3, &(0x7f0000003c00)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000540)="74b17a07", 0x4}], 0x1, &(0x7f0000000200)=[@txtime={{0x18, 0x1, 0x3d, 0x6}}], 0x18}}], 0x1, 0x20000000)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8481f0000005e140604000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)

304.125406ms ago: executing program 1 (id=22719):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="48000000111401000000000000fcff0008004a0001000000080003000100000008004a000100000008004b0013000000080001"], 0x48}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)

197.554869ms ago: executing program 4 (id=22720):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x40, 0x16, 0xa, 0x203, 0x0, 0x0, {0x2, 0x0, 0x8}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}]}]}], {0x14}}, 0x68}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000005c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_DELFLOWTABLE={0x2c, 0x18, 0xa, 0x101, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}]}, @NFT_MSG_DELFLOWTABLE={0x2c, 0x18, 0xa, 0x101, 0x0, 0x0, {0x2, 0x0, 0x4}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x80}}, 0x0)
r1 = socket$kcm(0x2b, 0x1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000005"], 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x8, 0x2, 0x0, 0x1}, 0x50)
ioctl$XFS_IOC_PATH_TO_FSHANDLE(r2, 0xc0385868, &(0x7f0000000780)={<r3=>r1, &(0x7f00000001c0)='[\x00', 0x100, &(0x7f0000000500)={@align=0x100, {0x6, 0x40, 0x1, 0x5}}, 0x168d, &(0x7f0000000540), &(0x7f0000000580)=0x701})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000640)=ANY=[@ANYBLOB="180000000000000000000057233b9685010000003100000000001811000043afebccb835a5b7d85ff76f5eef97980e9307b44f149d7093c5f7c4a636de1a32893f73520fef0b9c820a182ab642382e9701b764f9defce9121097c18f429aade4ac3b540229156897e7214919b038fe07face8f9aade4f2b1032f00a89d9b317efa49fe266642a16306c8d50e90c0f9b096cbaa90963fa6256a142a9571f513af57697669ce9a89ed87341758ceb63b4bdbc136612b7cc17d88b13d00"/199, @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r4, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000280)="b9ff03076804268c989e14f088a8", 0x0, 0x2, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
bpf$TOKEN_CREATE(0x24, &(0x7f00000002c0)={0x0, r0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x64, 0x6}, [@ldst={0x7}]}, &(0x7f0000000240)='syzkaller\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x4}, 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
sendmsg$inet(r1, &(0x7f00000009c0)={&(0x7f00000000c0)={0x2, 0x4001, @empty}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x20044818)
sendmsg$sock(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000100)='k', 0x1}], 0x1, &(0x7f0000000080)=[@timestamping={{0x14, 0x1, 0x25, 0x303}}], 0x18}, 0x4000081)
socket$kcm(0x2, 0x2, 0x73)

153.343988ms ago: executing program 4 (id=22721):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200))
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_udp(0x2, 0x2, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, 0x0, 0x0)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
socket$packet(0x11, 0x3, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
socket(0xa, 0x3, 0x4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, 0x0, 0x10)

118.888823ms ago: executing program 1 (id=22722):
r0 = socket$alg(0x26, 0x5, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x4e22, @broadcast}, 0x10)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=@newqdisc={0x44, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_red={{0x8}, {0x18, 0x2, [@TCA_RED_PARMS={0x14}]}}]}, 0x44}}, 0x0)
r4 = accept4(r0, 0x0, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_MSG_GETSETELEM(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000009b80)={0x30, 0xd, 0xa, 0x801, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_SET_ELEM_LIST_ELEMENTS={0x4}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xc, 0x16, &(0x7f0000000240)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000003d0301000000000095000000000000006926000000000000bf67000000000000570600000fff07006706000002000000070600000ee60000bf150000000000003d650000000000006507000002000000070700004c0000001f750000000000006154000000000000070400000400f9ffad43010000000000950000000000000005000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0xffffffffffffff28}, 0x48)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_int(r6, 0x0, 0xb, 0x0, 0x0)
sendmsg$alg(r4, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@assoc={0x18, 0x117, 0x4, 0x9}], 0x18}, 0x0)
r7 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r8, {0x0, 0xfff3}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x6, 0x7}}]}}]}, 0x48}}, 0x4c840)
sendmsg$nl_route_sched(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=@newtfilter={0x44, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r8, {0xfff3, 0xfff3}, {0x0, 0xfff3}, {0x2, 0x300}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x8847}, @TCA_FLOWER_KEY_MPLS_BOS={0x5}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x20041090}, 0x0)
sendmsg$nl_route_sched_retired(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000012100), 0xe078}}, 0x0)
recvmmsg(r4, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000001e00)=""/229, 0xe5}], 0x1}}], 0x2, 0x11, 0x0)
r9 = socket$netlink(0x10, 0x3, 0xb0fcaa6c9ba18fa6)
sendmsg$nl_route(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000180)=ANY=[@ANYBLOB="5c000000000d5187b08caa0000000000009265318d6be154eb224c33000000", @ANYRES32=0x0, @ANYBLOB="00000000000000003c0012800b00010069703667726500002c00028008000c00cc0800000800040000040000060018000900000006000f0008000000060011004e200000"], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0)

0s ago: executing program 4 (id=22723):
openat$tun(0xffffffffffffff9c, 0x0, 0xa8a00, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_freezer_state(r0, &(0x7f0000000140), 0x2, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
write$cgroup_freezer_state(r1, &(0x7f0000000040)='FROZEN\x00', 0x7)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
r2 = openat$cgroup_procs(r0, &(0x7f00000001c0)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f0000000180), 0x12)
write$cgroup_freezer_state(r1, &(0x7f0000000080)='THAWED\x00', 0x7)
r3 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r3, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @remote}, 0xc)
setsockopt$inet_msfilter(r3, 0x0, 0x29, &(0x7f00000000c0)=ANY=[@ANYBLOB="e0000002ac1414aa"], 0x1c)
r4 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r4, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @loopback}, 0xc)
syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x64, 0x0, 0x4, 0x2, 0x0, @empty, @multicast2}, @timestamp_reply={0x11, 0x0, 0x0, 0xe000, 0x2, 0x2, 0x4}}}}}, 0x0)

kernel console output (not intermixed with test programs):

0
[ 1395.162585][T31242] RBP: 00007f83975fa090 R08: 0000000000000000 R09: 0000000000000000
[ 1395.162597][T31242] R10: 00002000000002c0 R11: 0000000000000287 R12: 0000000000000001
[ 1395.162608][T31242] R13: 0000000000000036 R14: 0000200000000300 R15: 00002000000002c0
[ 1395.162637][T31242]  </TASK>
[ 1395.435859][T31245] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1395.920757][T31258] netlink: 212348 bytes leftover after parsing attributes in process `syz.4.21906'.
[ 1395.936125][T31258] netlink: Conntrack attr type has unexpected length (type=2, length=0, expected=2)
[ 1396.029488][T31261] syz_tun: entered allmulticast mode
[ 1396.051186][T31260] syz_tun: left allmulticast mode
[ 1396.138162][T31266] netlink: 20 bytes leftover after parsing attributes in process `syz.1.21909'.
[ 1396.951030][T31294] netlink: 12 bytes leftover after parsing attributes in process `syz.1.21919'.
[ 1396.994584][T31296] netlink: 244 bytes leftover after parsing attributes in process `syz.4.21920'.
[ 1397.201657][T31307] FAULT_INJECTION: forcing a failure.
[ 1397.201657][T31307] name failslab, interval 1, probability 0, space 0, times 0
[ 1397.255951][T31307] CPU: 0 UID: 0 PID: 31307 Comm: syz.3.21922 Not tainted syzkaller #0 PREEMPT(full) 
[ 1397.255979][T31307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1397.256000][T31307] Call Trace:
[ 1397.256008][T31307]  <TASK>
[ 1397.256016][T31307]  dump_stack_lvl+0xe8/0x150
[ 1397.256047][T31307]  should_fail_ex+0x412/0x560
[ 1397.256076][T31307]  should_failslab+0xa8/0x100
[ 1397.256100][T31307]  kmem_cache_alloc_node_noprof+0x8f/0x690
[ 1397.256120][T31307]  ? __alloc_skb+0x1d0/0x7d0
[ 1397.256139][T31307]  ? __local_bh_enable_ip+0xd0/0x130
[ 1397.256167][T31307]  __alloc_skb+0x1d0/0x7d0
[ 1397.256190][T31307]  ? netlink_ack_tlv_len+0x6c/0x210
[ 1397.256216][T31307]  netlink_ack+0x146/0xa50
[ 1397.256237][T31307]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1397.256253][T31307]  ? __pfx_nl80211_pre_doit+0x10/0x10
[ 1397.256273][T31307]  ? __pfx_nl80211_post_doit+0x10/0x10
[ 1397.256292][T31307]  ? __lock_acquire+0x6b5/0x2cf0
[ 1397.256326][T31307]  netlink_rcv_skb+0x2b6/0x4b0
[ 1397.256350][T31307]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1397.256370][T31307]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1397.256411][T31307]  ? down_read+0x272/0x2e0
[ 1397.256430][T31307]  ? genl_rcv+0xd/0x40
[ 1397.256449][T31307]  genl_rcv+0x28/0x40
[ 1397.256465][T31307]  netlink_unicast+0x80f/0x9b0
[ 1397.256494][T31307]  ? __pfx_netlink_unicast+0x10/0x10
[ 1397.256517][T31307]  ? netlink_sendmsg+0x650/0xb40
[ 1397.256539][T31307]  ? skb_put+0x11b/0x210
[ 1397.256567][T31307]  netlink_sendmsg+0x813/0xb40
[ 1397.256599][T31307]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1397.256627][T31307]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1397.256651][T31307]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1397.256676][T31307]  ____sys_sendmsg+0x972/0x9f0
[ 1397.256704][T31307]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1397.256732][T31307]  ? import_iovec+0x73/0xa0
[ 1397.256762][T31307]  ___sys_sendmsg+0x2a5/0x360
[ 1397.256786][T31307]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1397.256840][T31307]  ? __fget_files+0x2a/0x420
[ 1397.256864][T31307]  ? __fget_files+0x3a0/0x420
[ 1397.256898][T31307]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1397.256920][T31307]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1397.256952][T31307]  ? __pfx_ksys_write+0x10/0x10
[ 1397.256983][T31307]  do_syscall_64+0x14d/0xf80
[ 1397.257006][T31307]  ? trace_irq_disable+0x3b/0x150
[ 1397.257031][T31307]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1397.257049][T31307]  ? clear_bhb_loop+0x40/0x90
[ 1397.257071][T31307]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1397.257089][T31307] RIP: 0033:0x7f839679c799
[ 1397.257108][T31307] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1397.257124][T31307] RSP: 002b:00007f83975fa028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1397.257144][T31307] RAX: ffffffffffffffda RBX: 00007f8396a15fa0 RCX: 00007f839679c799
[ 1397.257158][T31307] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000005
[ 1397.257169][T31307] RBP: 00007f83975fa090 R08: 0000000000000000 R09: 0000000000000000
[ 1397.257181][T31307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1397.257192][T31307] R13: 00007f8396a16038 R14: 00007f8396a15fa0 R15: 00007ffd877f1ae8
[ 1397.257221][T31307]  </TASK>
[ 1397.646656][T31311] FAULT_INJECTION: forcing a failure.
[ 1397.646656][T31311] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1397.659938][T31311] CPU: 0 UID: 0 PID: 31311 Comm: syz.0.21923 Not tainted syzkaller #0 PREEMPT(full) 
[ 1397.659966][T31311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1397.659976][T31311] Call Trace:
[ 1397.659985][T31311]  <TASK>
[ 1397.659993][T31311]  dump_stack_lvl+0xe8/0x150
[ 1397.660025][T31311]  should_fail_ex+0x412/0x560
[ 1397.660054][T31311]  _copy_from_user+0x2d/0xb0
[ 1397.660082][T31311]  csum_and_copy_from_iter_full+0x491/0x1f00
[ 1397.660120][T31311]  ? bpf_lsm_capable+0x9/0x20
[ 1397.660166][T31311]  ? security_capable+0x7e/0x2c0
[ 1397.660189][T31311]  ? __pfx_csum_and_copy_from_iter_full+0x10/0x10
[ 1397.660209][T31311]  ? capable+0x88/0xe0
[ 1397.660233][T31311]  ? mm_account_pinned_pages+0xa6/0x430
[ 1397.660255][T31311]  ? __pfx_mm_account_pinned_pages+0x10/0x10
[ 1397.660278][T31311]  ip_generic_getfrag+0x149/0x2d0
[ 1397.660410][T31311]  ? __pfx_ip_generic_getfrag+0x10/0x10
[ 1397.660435][T31311]  ? skb_page_frag_refill+0x1be/0x310
[ 1397.660463][T31311]  __ip6_append_data+0x1f0b/0x3c50
[ 1397.660509][T31311]  ? __pfx_ip_generic_getfrag+0x10/0x10
[ 1397.660555][T31311]  ? __pfx___ip6_append_data+0x10/0x10
[ 1397.660579][T31311]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1397.660602][T31311]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1397.660623][T31311]  ip6_append_data+0x10f/0x280
[ 1397.660651][T31311]  ? __pfx_ip_generic_getfrag+0x10/0x10
[ 1397.660680][T31311]  udpv6_sendmsg+0xa7b/0x2560
[ 1397.660717][T31311]  ? __pfx_ip_generic_getfrag+0x10/0x10
[ 1397.660747][T31311]  ? __pfx_handle_mm_fault+0x10/0x10
[ 1397.660781][T31311]  ? __pfx_udpv6_sendmsg+0x10/0x10
[ 1397.660803][T31311]  ? __up_read+0x291/0x6b0
[ 1397.660866][T31311]  ? inet_send_prepare+0x5c/0x270
[ 1397.660890][T31311]  ? inet6_sendmsg+0xe4/0x120
[ 1397.660913][T31311]  ____sys_sendmsg+0x5c7/0x9f0
[ 1397.660939][T31311]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1397.660971][T31311]  ? import_iovec+0x73/0xa0
[ 1397.661001][T31311]  ___sys_sendmsg+0x2a5/0x360
[ 1397.661025][T31311]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1397.661090][T31311]  __sys_sendmmsg+0x27c/0x4e0
[ 1397.661115][T31311]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1397.661131][T31311]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[ 1397.661175][T31311]  ? ksys_write+0x242/0x270
[ 1397.661198][T31311]  ? __pfx_ksys_write+0x10/0x10
[ 1397.661224][T31311]  __x64_sys_sendmmsg+0xa0/0xc0
[ 1397.661244][T31311]  do_syscall_64+0x14d/0xf80
[ 1397.661261][T31311]  ? trace_irq_disable+0x3b/0x150
[ 1397.661285][T31311]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1397.661304][T31311]  ? clear_bhb_loop+0x40/0x90
[ 1397.661326][T31311]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1397.661344][T31311] RIP: 0033:0x7fb45d59c799
[ 1397.661363][T31311] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1397.661378][T31311] RSP: 002b:00007fb45e426028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1397.661397][T31311] RAX: ffffffffffffffda RBX: 00007fb45d815fa0 RCX: 00007fb45d59c799
[ 1397.661410][T31311] RDX: 0000000000000002 RSI: 0000200000000a80 RDI: 0000000000000003
[ 1397.661421][T31311] RBP: 00007fb45e426090 R08: 0000000000000000 R09: 0000000000000000
[ 1397.661432][T31311] R10: 000000000404c444 R11: 0000000000000246 R12: 0000000000000001
[ 1397.661443][T31311] R13: 00007fb45d816038 R14: 00007fb45d815fa0 R15: 00007ffe6088ce58
[ 1397.661474][T31311]  </TASK>
[ 1398.114087][T27245] hid-generic 0005:0458:0000.0006: item fetching failed at offset 0/1
[ 1398.124413][T27245] hid-generic 0005:0458:0000.0006: probe with driver hid-generic failed with error -22
[ 1398.166528][T31315] netlink: 'syz.2.21925': attribute type 10 has an invalid length.
[ 1398.360248][T20283] wlan0: Trigger new scan to find an IBSS to join
[ 1398.401378][T31316] debugfs: 'K��u�cr��K:����̥�B����|����lS��-!' already exists in 'ieee80211'
[ 1398.495909][T31325] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1398.711902][T31332] netlink: 40 bytes leftover after parsing attributes in process `syz.4.21933'.
[ 1398.780201][T31338] FAULT_INJECTION: forcing a failure.
[ 1398.780201][T31338] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1398.825168][T31338] CPU: 0 UID: 0 PID: 31338 Comm: syz.3.21934 Not tainted syzkaller #0 PREEMPT(full) 
[ 1398.825194][T31338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1398.825206][T31338] Call Trace:
[ 1398.825214][T31338]  <TASK>
[ 1398.825222][T31338]  dump_stack_lvl+0xe8/0x150
[ 1398.825251][T31338]  should_fail_ex+0x412/0x560
[ 1398.825280][T31338]  _copy_from_user+0x2d/0xb0
[ 1398.825315][T31338]  kstrtouint_from_user+0xd6/0x180
[ 1398.825341][T31338]  ? __pfx_kstrtouint_from_user+0x10/0x10
[ 1398.825381][T31338]  proc_fail_nth_write+0x8e/0x210
[ 1398.825405][T31338]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1398.825434][T31338]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1398.825460][T31338]  vfs_write+0x29a/0xb90
[ 1398.825489][T31338]  ? __pfx_vfs_write+0x10/0x10
[ 1398.825510][T31338]  ? __fget_files+0x2a/0x420
[ 1398.825539][T31338]  ? __fget_files+0x3a0/0x420
[ 1398.825561][T31338]  ? __fget_files+0x2a/0x420
[ 1398.825595][T31338]  ksys_write+0x150/0x270
[ 1398.825616][T31338]  ? __pfx_ksys_write+0x10/0x10
[ 1398.825647][T31338]  do_syscall_64+0x14d/0xf80
[ 1398.825664][T31338]  ? trace_irq_disable+0x3b/0x150
[ 1398.825689][T31338]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1398.825707][T31338]  ? clear_bhb_loop+0x40/0x90
[ 1398.825729][T31338]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1398.825746][T31338] RIP: 0033:0x7f839675cfce
[ 1398.825765][T31338] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1398.825780][T31338] RSP: 002b:00007f83975f9fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1398.825800][T31338] RAX: ffffffffffffffda RBX: 00007f83975fa6c0 RCX: 00007f839675cfce
[ 1398.825813][T31338] RDX: 0000000000000001 RSI: 00007f83975fa0a0 RDI: 0000000000000004
[ 1398.825824][T31338] RBP: 00007f83975fa090 R08: 0000000000000000 R09: 0000000000000000
[ 1398.825835][T31338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1398.825846][T31338] R13: 00007f8396a16038 R14: 00007f8396a15fa0 R15: 00007ffd877f1ae8
[ 1398.825876][T31338]  </TASK>
[ 1399.563730][T20225] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1399.620294][T31355] netlink: 'syz.3.21939': attribute type 33 has an invalid length.
[ 1400.008052][T31372] FAULT_INJECTION: forcing a failure.
[ 1400.008052][T31372] name failslab, interval 1, probability 0, space 0, times 0
[ 1400.021094][T31372] CPU: 0 UID: 0 PID: 31372 Comm: syz.1.21943 Not tainted syzkaller #0 PREEMPT(full) 
[ 1400.021122][T31372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1400.021135][T31372] Call Trace:
[ 1400.021143][T31372]  <TASK>
[ 1400.021151][T31372]  dump_stack_lvl+0xe8/0x150
[ 1400.021183][T31372]  should_fail_ex+0x412/0x560
[ 1400.021214][T31372]  should_failslab+0xa8/0x100
[ 1400.021239][T31372]  __kmalloc_noprof+0xe8/0x760
[ 1400.021261][T31372]  ? iovec_from_user+0x87/0x250
[ 1400.021292][T31372]  iovec_from_user+0x87/0x250
[ 1400.021321][T31372]  __import_iovec+0x163/0x7e0
[ 1400.021356][T31372]  import_iovec+0x73/0xa0
[ 1400.021385][T31372]  ___sys_sendmsg+0x255/0x360
[ 1400.021412][T31372]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1400.021435][T31372]  ? kstrtouint+0x6e/0xe0
[ 1400.021479][T31372]  ? __fget_files+0x2a/0x420
[ 1400.021503][T31372]  ? __fget_files+0x3a0/0x420
[ 1400.021537][T31372]  __sys_sendmmsg+0x27c/0x4e0
[ 1400.021560][T31372]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1400.021576][T31372]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[ 1400.021620][T31372]  ? ksys_write+0x242/0x270
[ 1400.021642][T31372]  ? __pfx_ksys_write+0x10/0x10
[ 1400.021665][T31372]  __x64_sys_sendmmsg+0xa0/0xc0
[ 1400.021683][T31372]  do_syscall_64+0x14d/0xf80
[ 1400.021698][T31372]  ? trace_irq_disable+0x3b/0x150
[ 1400.021722][T31372]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1400.021741][T31372]  ? clear_bhb_loop+0x40/0x90
[ 1400.021763][T31372]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1400.021781][T31372] RIP: 0033:0x7f818499c799
[ 1400.021799][T31372] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1400.021815][T31372] RSP: 002b:00007f81858f3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1400.021835][T31372] RAX: ffffffffffffffda RBX: 00007f8184c15fa0 RCX: 00007f818499c799
[ 1400.021849][T31372] RDX: 0400000000000172 RSI: 0000200000003cc0 RDI: 0000000000000003
[ 1400.021862][T31372] RBP: 00007f81858f3090 R08: 0000000000000000 R09: 0000000000000000
[ 1400.021873][T31372] R10: 0000000004001c00 R11: 0000000000000246 R12: 0000000000000001
[ 1400.021885][T31372] R13: 00007f8184c16038 R14: 00007f8184c15fa0 R15: 00007ffde1edaa48
[ 1400.021913][T31372]  </TASK>
[ 1400.278115][T31355] bond3: option broadcast_neighbor: mode dependency failed, not supported in mode balance-rr(0)
[ 1400.325014][T31355] bond3 (unregistering): Released all slaves
[ 1400.697573][T31379] netlink: 'syz.1.21946': attribute type 1 has an invalid length.
[ 1400.718473][T31379] netlink: 224 bytes leftover after parsing attributes in process `syz.1.21946'.
[ 1400.739392][T31379] NCSI netlink: No device for ifindex 0
[ 1400.796245][T31382] openvswitch: netlink: Message has 4 unknown bytes.
[ 1400.938278][T31386] syzkaller0: entered promiscuous mode
[ 1400.944088][T31386] syzkaller0: entered allmulticast mode
[ 1400.957169][T31386] FAULT_INJECTION: forcing a failure.
[ 1400.957169][T31386] name failslab, interval 1, probability 0, space 0, times 0
[ 1400.971315][T31386] CPU: 0 UID: 0 PID: 31386 Comm: syz.4.21948 Not tainted syzkaller #0 PREEMPT(full) 
[ 1400.971341][T31386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1400.971353][T31386] Call Trace:
[ 1400.971361][T31386]  <TASK>
[ 1400.971369][T31386]  dump_stack_lvl+0xe8/0x150
[ 1400.971403][T31386]  should_fail_ex+0x412/0x560
[ 1400.971435][T31386]  should_failslab+0xa8/0x100
[ 1400.971462][T31386]  kmem_cache_alloc_node_noprof+0x8f/0x690
[ 1400.971485][T31386]  ? __alloc_skb+0x1d0/0x7d0
[ 1400.971509][T31386]  ? __local_bh_enable_ip+0xd0/0x130
[ 1400.971537][T31386]  __alloc_skb+0x1d0/0x7d0
[ 1400.971567][T31386]  tipc_nl_compat_doit+0x1f9/0x650
[ 1400.971598][T31386]  ? __pfx_tipc_nl_compat_doit+0x10/0x10
[ 1400.971632][T31386]  ? bpf_lsm_capable+0x9/0x20
[ 1400.971655][T31386]  ? security_capable+0x7e/0x2c0
[ 1400.971685][T31386]  tipc_nl_compat_recv+0x8d3/0xcf0
[ 1400.971706][T31386]  ? kasan_quarantine_put+0xbb/0x1f0
[ 1400.971727][T31386]  ? __pfx_tipc_nl_compat_recv+0x10/0x10
[ 1400.971747][T31386]  ? __mutex_trylock_common+0x158/0x260
[ 1400.971778][T31386]  ? __pfx___mutex_trylock_common+0x10/0x10
[ 1400.971802][T31386]  ? __pfx___tipc_nl_bearer_enable+0x10/0x10
[ 1400.971826][T31386]  ? __pfx_tipc_nl_compat_bearer_enable+0x10/0x10
[ 1400.971901][T31386]  genl_family_rcv_msg_doit+0x22a/0x330
[ 1400.971929][T31386]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1400.971972][T31386]  genl_rcv_msg+0x61c/0x7a0
[ 1400.971997][T31386]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1400.972015][T31386]  ? __pfx_tipc_nl_compat_recv+0x10/0x10
[ 1400.972036][T31386]  ? __lock_acquire+0x6b5/0x2cf0
[ 1400.972070][T31386]  netlink_rcv_skb+0x232/0x4b0
[ 1400.972095][T31386]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1400.972115][T31386]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1400.972155][T31386]  ? down_read+0x272/0x2e0
[ 1400.972175][T31386]  ? genl_rcv+0xd/0x40
[ 1400.972194][T31386]  genl_rcv+0x28/0x40
[ 1400.972210][T31386]  netlink_unicast+0x80f/0x9b0
[ 1400.972239][T31386]  ? __pfx_netlink_unicast+0x10/0x10
[ 1400.972263][T31386]  ? netlink_sendmsg+0x650/0xb40
[ 1400.972284][T31386]  ? skb_put+0x11b/0x210
[ 1400.972314][T31386]  netlink_sendmsg+0x813/0xb40
[ 1400.972347][T31386]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1400.972373][T31386]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1400.972397][T31386]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1400.972421][T31386]  ____sys_sendmsg+0x972/0x9f0
[ 1400.972449][T31386]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1400.972477][T31386]  ? import_iovec+0x73/0xa0
[ 1400.972508][T31386]  ___sys_sendmsg+0x2a5/0x360
[ 1400.972533][T31386]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1400.972587][T31386]  ? __fget_files+0x2a/0x420
[ 1400.972613][T31386]  ? __fget_files+0x3a0/0x420
[ 1400.972649][T31386]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1400.972670][T31386]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1400.972698][T31386]  ? __pfx_ksys_write+0x10/0x10
[ 1400.972731][T31386]  do_syscall_64+0x14d/0xf80
[ 1400.972748][T31386]  ? trace_irq_disable+0x3b/0x150
[ 1400.972773][T31386]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1400.972792][T31386]  ? clear_bhb_loop+0x40/0x90
[ 1400.972814][T31386]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1400.972832][T31386] RIP: 0033:0x7f429a99c799
[ 1400.972850][T31386] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1400.972871][T31386] RSP: 002b:00007f4298bf6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1400.972891][T31386] RAX: ffffffffffffffda RBX: 00007f429ac15fa0 RCX: 00007f429a99c799
[ 1400.972904][T31386] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000006
[ 1400.972916][T31386] RBP: 00007f4298bf6090 R08: 0000000000000000 R09: 0000000000000000
[ 1400.972927][T31386] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1400.972937][T31386] R13: 00007f429ac16038 R14: 00007f429ac15fa0 R15: 00007fff902988e8
[ 1400.972968][T31386]  </TASK>
[ 1401.548258][T31390] netlink: 12 bytes leftover after parsing attributes in process `syz.1.21950'.
[ 1401.676493][T31392] netlink: 36 bytes leftover after parsing attributes in process `syz.1.21951'.
[ 1402.064737][T31401] netlink: 60 bytes leftover after parsing attributes in process `syz.1.21955'.
[ 1402.078624][T31404] netlink: 60 bytes leftover after parsing attributes in process `syz.1.21955'.
[ 1402.350424][T31418] netlink: 12 bytes leftover after parsing attributes in process `syz.0.21961'.
[ 1402.524214][T31422] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1402.800427][T10523] page_pool_release_retry() stalled pool shutdown: id 131, 1 inflight 906 sec
[ 1403.078169][T31436] netlink: 'syz.0.21966': attribute type 10 has an invalid length.
[ 1403.203917][T31440] netlink: 60 bytes leftover after parsing attributes in process `syz.0.21968'.
[ 1403.214349][T31440] netlink: 60 bytes leftover after parsing attributes in process `syz.0.21968'.
[ 1403.986045][T31464] netlink: 'syz.3.21977': attribute type 10 has an invalid length.
[ 1404.376439][T31477] netlink: 8 bytes leftover after parsing attributes in process `syz.1.21984'.
[ 1404.476459][T27556] lec:lec_start_xmit: lec0:No lecd attached
[ 1405.007874][T31503] netlink: 'syz.1.21994': attribute type 5 has an invalid length.
[ 1405.016202][T31503] netlink: 228 bytes leftover after parsing attributes in process `syz.1.21994'.
[ 1405.608701][T31519] FAULT_INJECTION: forcing a failure.
[ 1405.608701][T31519] name failslab, interval 1, probability 0, space 0, times 0
[ 1405.677970][T31519] CPU: 1 UID: 0 PID: 31519 Comm: syz.3.21997 Not tainted syzkaller #0 PREEMPT(full) 
[ 1405.677996][T31519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1405.678005][T31519] Call Trace:
[ 1405.678011][T31519]  <TASK>
[ 1405.678019][T31519]  dump_stack_lvl+0xe8/0x150
[ 1405.678049][T31519]  should_fail_ex+0x412/0x560
[ 1405.678077][T31519]  should_failslab+0xa8/0x100
[ 1405.678099][T31519]  kmem_cache_alloc_node_noprof+0x8f/0x690
[ 1405.678118][T31519]  ? __alloc_skb+0x1d0/0x7d0
[ 1405.678140][T31519]  ? __local_bh_enable_ip+0xd0/0x130
[ 1405.678167][T31519]  __alloc_skb+0x1d0/0x7d0
[ 1405.678195][T31519]  kcm_sendmsg+0x268f/0x2b60
[ 1405.678319][T31519]  ? aa_sk_perm+0x6d5/0x900
[ 1405.678374][T31519]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1405.678393][T31519]  ? __pfx_kcm_sendmsg+0x10/0x10
[ 1405.678413][T31519]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1405.678436][T31519]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1405.678464][T31519]  ____sys_sendmsg+0x972/0x9f0
[ 1405.678481][T31519]  ? __lock_acquire+0x6b5/0x2cf0
[ 1405.678510][T31519]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1405.678533][T31519]  ? import_iovec+0x73/0xa0
[ 1405.678560][T31519]  ___sys_sendmsg+0x2a5/0x360
[ 1405.678580][T31519]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1405.678600][T31519]  ? kstrtouint+0x6e/0xe0
[ 1405.678648][T31519]  ? __fget_files+0x2a/0x420
[ 1405.678669][T31519]  ? __fget_files+0x3a0/0x420
[ 1405.678699][T31519]  __sys_sendmmsg+0x27c/0x4e0
[ 1405.678720][T31519]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1405.678736][T31519]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[ 1405.678782][T31519]  ? ksys_write+0x242/0x270
[ 1405.678804][T31519]  ? __pfx_ksys_write+0x10/0x10
[ 1405.678831][T31519]  __x64_sys_sendmmsg+0xa0/0xc0
[ 1405.678850][T31519]  do_syscall_64+0x14d/0xf80
[ 1405.678870][T31519]  ? trace_irq_disable+0x3b/0x150
[ 1405.678892][T31519]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1405.678909][T31519]  ? clear_bhb_loop+0x40/0x90
[ 1405.678930][T31519]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1405.678947][T31519] RIP: 0033:0x7f839679c799
[ 1405.678966][T31519] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1405.678983][T31519] RSP: 002b:00007f83975d9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1405.679004][T31519] RAX: ffffffffffffffda RBX: 00007f8396a16090 RCX: 00007f839679c799
[ 1405.679017][T31519] RDX: 0000000000000001 RSI: 0000200000001500 RDI: 0000000000000005
[ 1405.679029][T31519] RBP: 00007f83975d9090 R08: 0000000000000000 R09: 0000000000000000
[ 1405.679041][T31519] R10: 0000000000000040 R11: 0000000000000246 R12: 0000000000000001
[ 1405.679051][T31519] R13: 00007f8396a16128 R14: 00007f8396a16090 R15: 00007ffd877f1ae8
[ 1405.679077][T31519]  </TASK>
[ 1406.259099][T31540] __nla_validate_parse: 1 callbacks suppressed
[ 1406.259118][T31540] netlink: 8 bytes leftover after parsing attributes in process `syz.4.22005'.
[ 1406.457976][T31543] FAULT_INJECTION: forcing a failure.
[ 1406.457976][T31543] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1406.522644][T31543] CPU: 0 UID: 0 PID: 31543 Comm: syz.4.22005 Not tainted syzkaller #0 PREEMPT(full) 
[ 1406.522671][T31543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1406.522683][T31543] Call Trace:
[ 1406.522690][T31543]  <TASK>
[ 1406.522698][T31543]  dump_stack_lvl+0xe8/0x150
[ 1406.522729][T31543]  should_fail_ex+0x412/0x560
[ 1406.522759][T31543]  _copy_from_user+0x2d/0xb0
[ 1406.522786][T31543]  kstrtouint_from_user+0xd6/0x180
[ 1406.522819][T31543]  ? __pfx_kstrtouint_from_user+0x10/0x10
[ 1406.522858][T31543]  proc_fail_nth_write+0x8e/0x210
[ 1406.522884][T31543]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1406.522914][T31543]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1406.522940][T31543]  vfs_write+0x29a/0xb90
[ 1406.522968][T31543]  ? __pfx_vfs_write+0x10/0x10
[ 1406.522989][T31543]  ? __fget_files+0x2a/0x420
[ 1406.523018][T31543]  ? __fget_files+0x3a0/0x420
[ 1406.523041][T31543]  ? __fget_files+0x2a/0x420
[ 1406.523074][T31543]  ksys_write+0x150/0x270
[ 1406.523097][T31543]  ? __pfx_ksys_write+0x10/0x10
[ 1406.523128][T31543]  do_syscall_64+0x14d/0xf80
[ 1406.523146][T31543]  ? trace_irq_disable+0x3b/0x150
[ 1406.523171][T31543]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1406.523189][T31543]  ? clear_bhb_loop+0x40/0x90
[ 1406.523212][T31543]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1406.523230][T31543] RIP: 0033:0x7f429a95cfce
[ 1406.523249][T31543] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1406.523264][T31543] RSP: 002b:00007f4298bb3fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1406.523283][T31543] RAX: ffffffffffffffda RBX: 00007f4298bb46c0 RCX: 00007f429a95cfce
[ 1406.523297][T31543] RDX: 0000000000000001 RSI: 00007f4298bb40a0 RDI: 0000000000000005
[ 1406.523308][T31543] RBP: 00007f4298bb4090 R08: 0000000000000000 R09: 0000000000000000
[ 1406.523318][T31543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1406.523328][T31543] R13: 00007f429ac16218 R14: 00007f429ac16180 R15: 00007fff902988e8
[ 1406.523359][T31543]  </TASK>
[ 1406.999191][T31557] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1407.327746][T31569] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1407.502758][T31574] xt_SECMARK: mode already set to 1 cannot mix with rules for mode 9
[ 1407.632926][T31577] netlink: 32 bytes leftover after parsing attributes in process `syz.2.22021'.
[ 1407.729022][T31582] FAULT_INJECTION: forcing a failure.
[ 1407.729022][T31582] name failslab, interval 1, probability 0, space 0, times 0
[ 1407.748188][T31583] FAULT_INJECTION: forcing a failure.
[ 1407.748188][T31583] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1407.791900][T31583] CPU: 0 UID: 0 PID: 31583 Comm: syz.1.22018 Not tainted syzkaller #0 PREEMPT(full) 
[ 1407.791931][T31583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1407.791942][T31583] Call Trace:
[ 1407.791950][T31583]  <TASK>
[ 1407.791959][T31583]  dump_stack_lvl+0xe8/0x150
[ 1407.791991][T31583]  should_fail_ex+0x412/0x560
[ 1407.792031][T31583]  _copy_from_iter+0x1d3/0x1670
[ 1407.792060][T31583]  ? rcu_is_watching+0x15/0xb0
[ 1407.792091][T31583]  ? __pfx__copy_from_iter+0x10/0x10
[ 1407.792121][T31583]  ? netlink_sendmsg+0x650/0xb40
[ 1407.792144][T31583]  ? skb_put+0x11b/0x210
[ 1407.792173][T31583]  netlink_sendmsg+0x6c0/0xb40
[ 1407.792205][T31583]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1407.792230][T31583]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1407.792256][T31583]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1407.792279][T31583]  ____sys_sendmsg+0x972/0x9f0
[ 1407.792305][T31583]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1407.792332][T31583]  ? import_iovec+0x73/0xa0
[ 1407.792360][T31583]  ___sys_sendmsg+0x2a5/0x360
[ 1407.792384][T31583]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1407.792432][T31583]  ? __fget_files+0x2a/0x420
[ 1407.792457][T31583]  ? __fget_files+0x3a0/0x420
[ 1407.792491][T31583]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1407.792511][T31583]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1407.792538][T31583]  ? __pfx_ksys_write+0x10/0x10
[ 1407.792569][T31583]  do_syscall_64+0x14d/0xf80
[ 1407.792586][T31583]  ? trace_irq_disable+0x3b/0x150
[ 1407.792611][T31583]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1407.792629][T31583]  ? clear_bhb_loop+0x40/0x90
[ 1407.792651][T31583]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1407.792668][T31583] RIP: 0033:0x7f818499c799
[ 1407.792688][T31583] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1407.792704][T31583] RSP: 002b:00007f81858d2028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1407.792724][T31583] RAX: ffffffffffffffda RBX: 00007f8184c16090 RCX: 00007f818499c799
[ 1407.792736][T31583] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 0000000000000004
[ 1407.792748][T31583] RBP: 00007f81858d2090 R08: 0000000000000000 R09: 0000000000000000
[ 1407.792759][T31583] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1407.792771][T31583] R13: 00007f8184c16128 R14: 00007f8184c16090 R15: 00007ffde1edaa48
[ 1407.792800][T31583]  </TASK>
[ 1407.798376][T31582] CPU: 0 UID: 0 PID: 31582 Comm: syz.4.22022 Not tainted syzkaller #0 PREEMPT(full) 
[ 1407.798407][T31582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1407.798419][T31582] Call Trace:
[ 1407.798428][T31582]  <TASK>
[ 1407.798437][T31582]  dump_stack_lvl+0xe8/0x150
[ 1407.798471][T31582]  should_fail_ex+0x412/0x560
[ 1407.798501][T31582]  should_failslab+0xa8/0x100
[ 1407.798525][T31582]  ? skb_clone+0x212/0x3a0
[ 1407.798547][T31582]  kmem_cache_alloc_noprof+0x87/0x650
[ 1407.798565][T31582]  ? __netlink_lookup+0xc6/0x8b0
[ 1407.798598][T31582]  skb_clone+0x212/0x3a0
[ 1407.798620][T31582]  __netlink_deliver_tap+0x404/0x850
[ 1407.798664][T31582]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1407.798689][T31582]  netlink_deliver_tap+0x19c/0x1b0
[ 1407.798713][T31582]  netlink_unicast+0x7e3/0x9b0
[ 1407.798743][T31582]  ? __pfx_netlink_unicast+0x10/0x10
[ 1407.798775][T31582]  ? netlink_sendmsg+0x650/0xb40
[ 1407.798796][T31582]  ? skb_put+0x11b/0x210
[ 1407.798823][T31582]  netlink_sendmsg+0x813/0xb40
[ 1407.798856][T31582]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1407.798883][T31582]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1407.798909][T31582]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1407.798933][T31582]  ____sys_sendmsg+0x972/0x9f0
[ 1407.798962][T31582]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1407.798989][T31582]  ? import_iovec+0x73/0xa0
[ 1407.799020][T31582]  ___sys_sendmsg+0x2a5/0x360
[ 1407.799043][T31582]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1407.799097][T31582]  ? __fget_files+0x2a/0x420
[ 1407.799120][T31582]  ? __fget_files+0x3a0/0x420
[ 1407.799152][T31582]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1407.799173][T31582]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1407.799199][T31582]  ? __pfx_ksys_write+0x10/0x10
[ 1407.799231][T31582]  do_syscall_64+0x14d/0xf80
[ 1407.799253][T31582]  ? trace_irq_disable+0x3b/0x150
[ 1407.799277][T31582]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1407.799294][T31582]  ? clear_bhb_loop+0x40/0x90
[ 1407.799315][T31582]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1407.799333][T31582] RIP: 0033:0x7f429a99c799
[ 1407.799352][T31582] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1407.799367][T31582] RSP: 002b:00007f4298bf6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1407.799387][T31582] RAX: ffffffffffffffda RBX: 00007f429ac15fa0 RCX: 00007f429a99c799
[ 1407.799400][T31582] RDX: 0000000000008094 RSI: 0000200000000140 RDI: 0000000000000007
[ 1407.799411][T31582] RBP: 00007f4298bf6090 R08: 0000000000000000 R09: 0000000000000000
[ 1407.799422][T31582] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1407.799433][T31582] R13: 00007f429ac16038 R14: 00007f429ac15fa0 R15: 00007fff902988e8
[ 1407.799463][T31582]  </TASK>
[ 1408.602496][T31586] vxcan1: tx drop: invalid sa for name 0x0000000000000002
[ 1408.866085][T31591] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input7
[ 1408.941633][T31589] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1409.495117][    C1] lec0: NETDEV WATCHDOG: CPU: 1: transmit queue 0 timed out 5010 ms
[ 1409.503538][    C1] lec:lec_tx_timeout: lec0
[ 1409.996273][T31618] netlink: 'syz.2.22030': attribute type 10 has an invalid length.
[ 1410.133234][T27245] IPVS: starting estimator thread 0...
[ 1410.140266][T31634] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 1410.264934][T31638] IPVS: using max 36 ests per chain, 86400 per kthread
[ 1410.570234][T31649] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1413.374734][T27245] hid-generic 0005:0458:0000.0007: item fetching failed at offset 0/1
[ 1413.391361][T27245] hid-generic 0005:0458:0000.0007: probe with driver hid-generic failed with error -22
[ 1413.429075][T31715] netlink: 244 bytes leftover after parsing attributes in process `syz.0.22048'.
[ 1413.761890][T31726] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1414.208455][T31736] netlink: 8 bytes leftover after parsing attributes in process `syz.4.22053'.
[ 1414.986448][T31758] openvswitch: netlink: Geneve option length err (len 256, max 255).
[ 1415.327766][T31771] netlink: 8 bytes leftover after parsing attributes in process `syz.1.22065'.
[ 1416.358014][T31779] netlink: 96 bytes leftover after parsing attributes in process `syz.3.22067'.
[ 1423.568314][ T1300] aoe: packet could not be sent on bond0.  consider increasing tx_queue_len
[ 1423.579446][ T1300] lec:lec_start_xmit: lec0:No lecd attached
[ 1425.797980][T31785] netlink: 12 bytes leftover after parsing attributes in process `syz.1.22071'.
[ 1425.838492][T31785] netlink: 8 bytes leftover after parsing attributes in process `syz.1.22071'.
[ 1425.867926][T31789] syz_tun: entered allmulticast mode
[ 1425.897018][T31789] x_tables: ip6_tables: MASQUERADE target: used from hooks INPUT, but only usable from POSTROUTING
[ 1425.956079][T31788] syz_tun: left allmulticast mode
[ 1426.436990][T27245] hid-generic 0005:16C0:0000.0008: item fetching failed at offset 0/1
[ 1426.462765][T27245] hid-generic 0005:16C0:0000.0008: probe with driver hid-generic failed with error -22
[ 1426.737978][T31811] FAULT_INJECTION: forcing a failure.
[ 1426.737978][T31811] name failslab, interval 1, probability 0, space 0, times 0
[ 1426.773010][T31811] CPU: 0 UID: 0 PID: 31811 Comm: syz.1.22080 Not tainted syzkaller #0 PREEMPT(full) 
[ 1426.773037][T31811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1426.773056][T31811] Call Trace:
[ 1426.773063][T31811]  <TASK>
[ 1426.773072][T31811]  dump_stack_lvl+0xe8/0x150
[ 1426.773105][T31811]  should_fail_ex+0x412/0x560
[ 1426.773135][T31811]  should_failslab+0xa8/0x100
[ 1426.773162][T31811]  __kmalloc_noprof+0xe8/0x760
[ 1426.773184][T31811]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[ 1426.773213][T31811]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[ 1426.773240][T31811]  genl_family_rcv_msg_doit+0xd9/0x330
[ 1426.773265][T31811]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1426.773291][T31811]  ? apparmor_capable+0x126/0x170
[ 1426.773321][T31811]  ? bpf_lsm_capable+0x9/0x20
[ 1426.773344][T31811]  ? security_capable+0x7e/0x2c0
[ 1426.773372][T31811]  genl_rcv_msg+0x61c/0x7a0
[ 1426.773397][T31811]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1426.773414][T31811]  ? __pfx_nl80211_pre_doit+0x10/0x10
[ 1426.773432][T31811]  ? __pfx_nl80211_start_ap+0x10/0x10
[ 1426.773451][T31811]  ? __pfx_nl80211_post_doit+0x10/0x10
[ 1426.773469][T31811]  ? __lock_acquire+0x6b5/0x2cf0
[ 1426.773502][T31811]  netlink_rcv_skb+0x232/0x4b0
[ 1426.773527][T31811]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1426.773546][T31811]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1426.773586][T31811]  ? down_read+0x272/0x2e0
[ 1426.773605][T31811]  ? genl_rcv+0xd/0x40
[ 1426.773624][T31811]  genl_rcv+0x28/0x40
[ 1426.773640][T31811]  netlink_unicast+0x80f/0x9b0
[ 1426.773669][T31811]  ? __pfx_netlink_unicast+0x10/0x10
[ 1426.773692][T31811]  ? netlink_sendmsg+0x650/0xb40
[ 1426.773714][T31811]  ? skb_put+0x11b/0x210
[ 1426.773744][T31811]  netlink_sendmsg+0x813/0xb40
[ 1426.773776][T31811]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1426.773804][T31811]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1426.773828][T31811]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1426.773853][T31811]  ____sys_sendmsg+0x972/0x9f0
[ 1426.773881][T31811]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1426.773909][T31811]  ? import_iovec+0x73/0xa0
[ 1426.773940][T31811]  ___sys_sendmsg+0x2a5/0x360
[ 1426.773964][T31811]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1426.774020][T31811]  ? __fget_files+0x2a/0x420
[ 1426.774052][T31811]  ? __fget_files+0x3a0/0x420
[ 1426.774087][T31811]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1426.774109][T31811]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1426.774137][T31811]  ? __pfx_ksys_write+0x10/0x10
[ 1426.774169][T31811]  do_syscall_64+0x14d/0xf80
[ 1426.774187][T31811]  ? trace_irq_disable+0x3b/0x150
[ 1426.774211][T31811]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1426.774230][T31811]  ? clear_bhb_loop+0x40/0x90
[ 1426.774252][T31811]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1426.774270][T31811] RIP: 0033:0x7f818499c799
[ 1426.774288][T31811] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1426.774303][T31811] RSP: 002b:00007f81858f3028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1426.774323][T31811] RAX: ffffffffffffffda RBX: 00007f8184c15fa0 RCX: 00007f818499c799
[ 1426.774336][T31811] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003
[ 1426.774348][T31811] RBP: 00007f81858f3090 R08: 0000000000000000 R09: 0000000000000000
[ 1426.774359][T31811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1426.774370][T31811] R13: 00007f8184c16038 R14: 00007f8184c15fa0 R15: 00007ffde1edaa48
[ 1426.774400][T31811]  </TASK>
[ 1427.226143][T31815] xt_connbytes: Forcing CT accounting to be enabled
[ 1427.242201][T31815] netlink: 'syz.0.22082': attribute type 10 has an invalid length.
[ 1427.488701][T31821] openvswitch: netlink: Unexpected mask (mask=200440, allowed=10048)
[ 1427.501795][T31820] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[ 1427.571521][T31822] netlink: 48 bytes leftover after parsing attributes in process `syz.1.22085'.
[ 1427.615305][T31822] netlink: 8 bytes leftover after parsing attributes in process `syz.1.22085'.
[ 1427.829125][T31822] bond2: option xmit_hash_policy: invalid value (64)
[ 1427.906211][T31822] bond2 (unregistering): Released all slaves
[ 1427.943165][T31839] syz.3.22089: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1427.964463][T31839] CPU: 0 UID: 0 PID: 31839 Comm: syz.3.22089 Not tainted syzkaller #0 PREEMPT(full) 
[ 1427.964496][T31839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1427.964511][T31839] Call Trace:
[ 1427.964520][T31839]  <TASK>
[ 1427.964530][T31839]  dump_stack_lvl+0xe8/0x150
[ 1427.964568][T31839]  warn_alloc+0x249/0x340
[ 1427.964595][T31839]  ? stack_trace_save+0xa9/0x100
[ 1427.964621][T31839]  ? __pfx_warn_alloc+0x10/0x10
[ 1427.964660][T31839]  ? kasan_save_track+0x4f/0x80
[ 1427.964682][T31839]  ? kasan_save_track+0x3e/0x80
[ 1427.964703][T31839]  ? __kasan_kmalloc+0x93/0xb0
[ 1427.964725][T31839]  ? __kmalloc_cache_noprof+0x31c/0x660
[ 1427.964746][T31839]  ? xskq_create+0x56/0x170
[ 1427.964776][T31839]  ? xsk_setsockopt+0x54c/0x990
[ 1427.964800][T31839]  ? do_sock_setsockopt+0x17c/0x1b0
[ 1427.964831][T31839]  ? __x64_sys_setsockopt+0x13d/0x1b0
[ 1427.964860][T31839]  ? do_syscall_64+0x14d/0xf80
[ 1427.964883][T31839]  __vmalloc_node_range_noprof+0x132/0x1730
[ 1427.964936][T31839]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1427.964967][T31839]  ? __kasan_kmalloc+0x93/0xb0
[ 1427.964995][T31839]  vmalloc_user_noprof+0xad/0xe0
[ 1427.965017][T31839]  ? xskq_create+0xbf/0x170
[ 1427.965046][T31839]  xskq_create+0xbf/0x170
[ 1427.965077][T31839]  xsk_init_queue+0x8a/0xe0
[ 1427.965107][T31839]  xsk_setsockopt+0x54c/0x990
[ 1427.965136][T31839]  ? __pfx_xsk_setsockopt+0x10/0x10
[ 1427.965162][T31839]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1427.965191][T31839]  ? aa_sock_opt_perm+0xff/0x1a0
[ 1427.965222][T31839]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[ 1427.965245][T31839]  ? __pfx_xsk_setsockopt+0x10/0x10
[ 1427.965273][T31839]  do_sock_setsockopt+0x17c/0x1b0
[ 1427.965309][T31839]  __x64_sys_setsockopt+0x13d/0x1b0
[ 1427.965345][T31839]  do_syscall_64+0x14d/0xf80
[ 1427.965363][T31839]  ? trace_irq_disable+0x3b/0x150
[ 1427.965396][T31839]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1427.965419][T31839]  ? clear_bhb_loop+0x40/0x90
[ 1427.965444][T31839]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1427.965465][T31839] RIP: 0033:0x7f839679c799
[ 1427.965486][T31839] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1427.965504][T31839] RSP: 002b:00007f83975fa028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1427.965528][T31839] RAX: ffffffffffffffda RBX: 00007f8396a15fa0 RCX: 00007f839679c799
[ 1427.965544][T31839] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000005
[ 1427.965554][T31839] RBP: 00007f8396832c99 R08: 0000000000000004 R09: 0000000000000000
[ 1427.965566][T31839] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1427.965579][T31839] R13: 00007f8396a16038 R14: 00007f8396a15fa0 R15: 00007ffd877f1ae8
[ 1427.965612][T31839]  </TASK>
[ 1427.965746][T31839] Mem-Info:
[ 1428.284771][T31839] active_anon:5745 inactive_anon:266 isolated_anon:0
[ 1428.284771][T31839]  active_file:3089 inactive_file:41181 isolated_file:0
[ 1428.284771][T31839]  unevictable:768 dirty:141 writeback:0
[ 1428.284771][T31839]  slab_reclaimable:13837 slab_unreclaimable:147552
[ 1428.284771][T31839]  mapped:30966 shmem:1365 pagetables:1630
[ 1428.284771][T31839]  sec_pagetables:0 bounce:0
[ 1428.284771][T31839]  kernel_misc_reclaimable:0
[ 1428.284771][T31839]  free:1260238 free_pcp:20173 free_cma:0
[ 1428.333606][T31839] Node 0 active_anon:22980kB inactive_anon:1064kB active_file:12356kB inactive_file:164528kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:46136kB dirty:564kB writeback:0kB shmem:3924kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:18184kB pagetables:6356kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1428.375902][T31839] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:196kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:77824kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:164kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1428.412543][T31839] Node 0 DMA free:11204kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:60kB local_pcp:16kB free_cma:0kB
[ 1428.444728][T31839] lowmem_reserve[]: 0 2492 2493 2493 2493
[ 1428.454421][T31839] Node 0 DMA32 free:1320508kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB free_highatomic:0KB active_anon:23060kB inactive_anon:1064kB active_file:12356kB inactive_file:164528kB unevictable:1536kB writepending:572kB zspages:0kB present:3129332kB managed:2552760kB mlocked:0kB bounce:0kB free_pcp:37744kB local_pcp:22756kB free_cma:0kB
[ 1428.490021][T31839] lowmem_reserve[]: 0 0 0 0 0
[ 1428.495144][T31839] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:880kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:4kB free_cma:0kB
[ 1428.567915][T31839] lowmem_reserve[]: 0 0 0 0 0
[ 1428.578032][T31839] Node 1 Normal free:3712784kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:196kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:39732kB local_pcp:17868kB free_cma:0kB
[ 1428.645712][T31843] netlink: 212 bytes leftover after parsing attributes in process `syz.2.22090'.
[ 1428.675917][T31839] lowmem_reserve[]: 0 0 0 0 0
[ 1428.700871][T31839] Node 0 DMA: 1*4kB (U) 0*8kB 2*16kB (U) 1*32kB (U) 2*64kB (U) 2*128kB (U) 2*256kB (U) 2*512kB (U) 3*1024kB (U) 3*2048kB (UM) 0*4096kB = 11204kB
[ 1428.724333][T31844] netlink: 'syz.2.22090': attribute type 10 has an invalid length.
[ 1428.744369][T31844] netlink: 396 bytes leftover after parsing attributes in process `syz.2.22090'.
[ 1428.776420][T31839] Node 0 DMA32: 3099*4kB (UME) 9710*8kB (UME) 2067*16kB (UME) 1990*32kB (UME) 464*64kB (UME) 119*128kB (UME) 378*256kB (UME) 457*512kB (UME) 351*1024kB (UME) 191*2048kB (UME) 2*4096kB (M) = 1321292kB
[ 1428.798956][T31839] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1428.811845][T31839] Node 1 Normal: 7*4kB (UM) 5*8kB (UM) 12*16kB (UM) 12*32kB (UM) 13*64kB (UM) 11*128kB (UM) 8*256kB (UM) 10*512kB (UM) 6*1024kB (UM) 5*2048kB (U) 900*4096kB (UM) = 3712836kB
[ 1428.832721][T31839] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1428.844427][T31839] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1428.860788][T31839] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1428.871538][T31839] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1428.881846][T31839] 45631 total pagecache pages
[ 1428.886724][T31839] 0 pages in swap cache
[ 1428.891598][T31839] Free swap  = 124996kB
[ 1428.896074][T31839] Total swap = 124996kB
[ 1428.901156][T31839] 2097051 pages RAM
[ 1428.905194][T31839] 0 pages HighMem/MovableOnly
[ 1428.913114][T31839] 427026 pages reserved
[ 1428.917475][T31839] 0 pages cma reserved
[ 1429.321034][    C1] lec0: NETDEV WATCHDOG: CPU: 1: transmit queue 0 timed out 5740 ms
[ 1429.329097][    C1] lec:lec_tx_timeout: lec0
[ 1429.847288][T31861] syzkaller0: entered promiscuous mode
[ 1429.872408][T31861] syzkaller0: entered allmulticast mode
[ 1429.902429][T31863] IPVS: Unknown mcast interface: vcan0
[ 1429.930364][T31861] FAULT_INJECTION: forcing a failure.
[ 1429.930364][T31861] name failslab, interval 1, probability 0, space 0, times 0
[ 1429.966109][T31861] CPU: 0 UID: 0 PID: 31861 Comm: syz.2.22096 Not tainted syzkaller #0 PREEMPT(full) 
[ 1429.966140][T31861] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1429.966152][T31861] Call Trace:
[ 1429.966160][T31861]  <TASK>
[ 1429.966169][T31861]  dump_stack_lvl+0xe8/0x150
[ 1429.966203][T31861]  should_fail_ex+0x412/0x560
[ 1429.966234][T31861]  should_failslab+0xa8/0x100
[ 1429.966261][T31861]  __kmalloc_cache_noprof+0x88/0x660
[ 1429.966281][T31861]  ? tipc_net+0x45/0x270
[ 1429.966301][T31861]  ? tipc_mon_create+0xc2/0x490
[ 1429.966324][T31861]  tipc_mon_create+0xc2/0x490
[ 1429.966348][T31861]  __tipc_nl_bearer_enable+0xece/0x14a0
[ 1429.966384][T31861]  ? __pfx___tipc_nl_bearer_enable+0x10/0x10
[ 1429.966408][T31861]  ? __mutex_lock+0x319/0x1300
[ 1429.966437][T31861]  ? __asan_memcpy+0x40/0x70
[ 1429.966456][T31861]  ? nla_put+0xd0/0x150
[ 1429.966485][T31861]  ? tipc_nl_compat_bearer_enable+0x457/0x600
[ 1429.966512][T31861]  ? __pfx_tipc_nl_compat_bearer_enable+0x10/0x10
[ 1429.966538][T31861]  ? __nla_parse+0x40/0x60
[ 1429.966567][T31861]  tipc_nl_compat_doit+0x407/0x650
[ 1429.966597][T31861]  ? __pfx_tipc_nl_compat_doit+0x10/0x10
[ 1429.966631][T31861]  ? bpf_lsm_capable+0x9/0x20
[ 1429.966655][T31861]  ? security_capable+0x7e/0x2c0
[ 1429.966685][T31861]  tipc_nl_compat_recv+0x8d3/0xcf0
[ 1429.966710][T31861]  ? __pfx_tipc_nl_compat_recv+0x10/0x10
[ 1429.966738][T31861]  ? __pfx___tipc_nl_bearer_enable+0x10/0x10
[ 1429.966763][T31861]  ? __pfx_tipc_nl_compat_bearer_enable+0x10/0x10
[ 1429.966804][T31861]  genl_family_rcv_msg_doit+0x22a/0x330
[ 1429.966832][T31861]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1429.966885][T31861]  genl_rcv_msg+0x61c/0x7a0
[ 1429.966911][T31861]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1429.966929][T31861]  ? __pfx_tipc_nl_compat_recv+0x10/0x10
[ 1429.966951][T31861]  ? __lock_acquire+0x6b5/0x2cf0
[ 1429.966986][T31861]  netlink_rcv_skb+0x232/0x4b0
[ 1429.967012][T31861]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1429.967031][T31861]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1429.967073][T31861]  ? down_read+0x272/0x2e0
[ 1429.967090][T31861]  ? genl_rcv+0xd/0x40
[ 1429.967109][T31861]  genl_rcv+0x28/0x40
[ 1429.967125][T31861]  netlink_unicast+0x80f/0x9b0
[ 1429.967156][T31861]  ? __pfx_netlink_unicast+0x10/0x10
[ 1429.967180][T31861]  ? netlink_sendmsg+0x650/0xb40
[ 1429.967201][T31861]  ? skb_put+0x11b/0x210
[ 1429.967231][T31861]  netlink_sendmsg+0x813/0xb40
[ 1429.967264][T31861]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1429.967291][T31861]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1429.967317][T31861]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1429.967341][T31861]  ____sys_sendmsg+0x972/0x9f0
[ 1429.967370][T31861]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1429.967397][T31861]  ? import_iovec+0x73/0xa0
[ 1429.967428][T31861]  ___sys_sendmsg+0x2a5/0x360
[ 1429.967452][T31861]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1429.967509][T31861]  ? __fget_files+0x2a/0x420
[ 1429.967534][T31861]  ? __fget_files+0x3a0/0x420
[ 1429.967569][T31861]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1429.967592][T31861]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1429.967621][T31861]  ? __pfx_ksys_write+0x10/0x10
[ 1429.967654][T31861]  do_syscall_64+0x14d/0xf80
[ 1429.967670][T31861]  ? trace_irq_disable+0x3b/0x150
[ 1429.967695][T31861]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1429.967714][T31861]  ? clear_bhb_loop+0x40/0x90
[ 1429.967738][T31861]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1429.967756][T31861] RIP: 0033:0x7f9e4d79c799
[ 1429.967774][T31861] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1429.967790][T31861] RSP: 002b:00007f9e4e5d1028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1429.967811][T31861] RAX: ffffffffffffffda RBX: 00007f9e4da15fa0 RCX: 00007f9e4d79c799
[ 1429.967825][T31861] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000006
[ 1429.967835][T31861] RBP: 00007f9e4e5d1090 R08: 0000000000000000 R09: 0000000000000000
[ 1429.967847][T31861] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1429.967857][T31861] R13: 00007f9e4da16038 R14: 00007f9e4da15fa0 R15: 00007ffedcf98d38
[ 1429.967895][T31861]  </TASK>
[ 1429.968126][T31861] tipc: Disabling bearer <eth:syzkaller0>
[ 1430.411633][T11942] hid-generic 0005:0B57:0000.0009: item fetching failed at offset 0/1
[ 1430.438459][T11942] hid-generic 0005:0B57:0000.0009: probe with driver hid-generic failed with error -22
[ 1430.811547][T31874] netlink: 8 bytes leftover after parsing attributes in process `syz.0.22101'.
[ 1431.877574][T31887] netlink: 12 bytes leftover after parsing attributes in process `syz.1.22106'.
[ 1431.997285][T31889] netlink: 'syz.1.22107': attribute type 1 has an invalid length.
[ 1432.006034][T31889] netlink: 'syz.1.22107': attribute type 3 has an invalid length.
[ 1432.014546][T31889] netlink: 172 bytes leftover after parsing attributes in process `syz.1.22107'.
[ 1432.024088][T31889] NCSI netlink: No device for ifindex 813332851
[ 1432.521124][T20283] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1433.003098][T31906] tipc: Failed to remove unknown binding: 66,0,0/0:2914807705/2914807706
[ 1433.038627][T31906] tipc: Failed to remove unknown binding: 66,0,0/0:2914807705/2914807706
[ 1433.253603][T31915] netlink: 244 bytes leftover after parsing attributes in process `syz.2.22115'.
[ 1433.694779][T31925] netlink: 16 bytes leftover after parsing attributes in process `syz.0.22118'.
[ 1433.743650][T31927] FAULT_INJECTION: forcing a failure.
[ 1433.743650][T31927] name failslab, interval 1, probability 0, space 0, times 0
[ 1433.805750][T31927] CPU: 0 UID: 0 PID: 31927 Comm: syz.4.22119 Not tainted syzkaller #0 PREEMPT(full) 
[ 1433.805777][T31927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1433.805788][T31927] Call Trace:
[ 1433.805796][T31927]  <TASK>
[ 1433.805804][T31927]  dump_stack_lvl+0xe8/0x150
[ 1433.805837][T31927]  should_fail_ex+0x412/0x560
[ 1433.805868][T31927]  should_failslab+0xa8/0x100
[ 1433.805894][T31927]  ? skb_clone+0x212/0x3a0
[ 1433.805915][T31927]  kmem_cache_alloc_noprof+0x87/0x650
[ 1433.805934][T31927]  ? __netlink_lookup+0xc6/0x8b0
[ 1433.805967][T31927]  skb_clone+0x212/0x3a0
[ 1433.805989][T31927]  __netlink_deliver_tap+0x404/0x850
[ 1433.806034][T31927]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1433.806059][T31927]  netlink_deliver_tap+0x19c/0x1b0
[ 1433.806084][T31927]  netlink_unicast+0x7e3/0x9b0
[ 1433.806113][T31927]  ? __pfx_netlink_unicast+0x10/0x10
[ 1433.806136][T31927]  ? netlink_sendmsg+0x650/0xb40
[ 1433.806157][T31927]  ? skb_put+0x11b/0x210
[ 1433.806187][T31927]  netlink_sendmsg+0x813/0xb40
[ 1433.806219][T31927]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1433.806245][T31927]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1433.806272][T31927]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1433.806297][T31927]  ____sys_sendmsg+0x972/0x9f0
[ 1433.806325][T31927]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1433.806352][T31927]  ? import_iovec+0x73/0xa0
[ 1433.806383][T31927]  ___sys_sendmsg+0x2a5/0x360
[ 1433.806407][T31927]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1433.806459][T31927]  ? __fget_files+0x2a/0x420
[ 1433.806485][T31927]  ? __fget_files+0x3a0/0x420
[ 1433.806518][T31927]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1433.806539][T31927]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1433.806568][T31927]  ? __pfx_ksys_write+0x10/0x10
[ 1433.806599][T31927]  do_syscall_64+0x14d/0xf80
[ 1433.806618][T31927]  ? trace_irq_disable+0x3b/0x150
[ 1433.806643][T31927]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1433.806661][T31927]  ? clear_bhb_loop+0x40/0x90
[ 1433.806683][T31927]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1433.806701][T31927] RIP: 0033:0x7f429a99c799
[ 1433.806719][T31927] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1433.806734][T31927] RSP: 002b:00007f4298bf6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1433.806754][T31927] RAX: ffffffffffffffda RBX: 00007f429ac15fa0 RCX: 00007f429a99c799
[ 1433.806767][T31927] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003
[ 1433.806779][T31927] RBP: 00007f4298bf6090 R08: 0000000000000000 R09: 0000000000000000
[ 1433.806791][T31927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1433.806802][T31927] R13: 00007f429ac16038 R14: 00007f429ac15fa0 R15: 00007fff902988e8
[ 1433.806833][T31927]  </TASK>
[ 1434.180287][T31936] netlink: 'syz.1.22121': attribute type 1 has an invalid length.
[ 1434.243327][T31940] openvswitch: netlink: Unexpected mask (mask=20040, allowed=10048)
[ 1434.254396][T31940] openvswitch: netlink: Unexpected mask (mask=20040, allowed=10048)
[ 1434.263030][T31940] openvswitch: netlink: Unexpected mask (mask=20040, allowed=10048)
[ 1434.273311][T31940] openvswitch: netlink: Unexpected mask (mask=20040, allowed=10048)
[ 1434.274116][T31925] can: request_module (can-proto-5) failed.
[ 1434.282459][T31940] openvswitch: netlink: Unexpected mask (mask=20040, allowed=10048)
[ 1434.282702][T31940] openvswitch: netlink: Unexpected mask (mask=20040, allowed=10048)
[ 1434.282929][T31940] openvswitch: netlink: Unexpected mask (mask=20040, allowed=10048)
[ 1434.283159][T31940] openvswitch: netlink: Unexpected mask (mask=20040, allowed=10048)
[ 1434.283384][T31940] openvswitch: netlink: Unexpected mask (mask=20040, allowed=10048)
[ 1434.283608][T31940] openvswitch: netlink: Unexpected mask (mask=20040, allowed=10048)
[ 1434.592407][T31944] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input8
[ 1435.184845][T31965] netlink: 80 bytes leftover after parsing attributes in process `syz.3.22132'.
[ 1435.284236][T31967] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1435.435856][T31971] netlink: 16 bytes leftover after parsing attributes in process `syz.3.22135'.
[ 1435.603941][T31973] can: request_module (can-proto-5) failed.
[ 1436.115441][T31994] xt_hashlimit: size too large, truncated to 1048576
[ 1436.700759][T31998] netlink: 4 bytes leftover after parsing attributes in process `syz.0.22143'.
[ 1436.732858][T31998] netlink: 'syz.0.22143': attribute type 10 has an invalid length.
[ 1436.760091][T31998] netlink: 396 bytes leftover after parsing attributes in process `syz.0.22143'.
[ 1436.857299][T32009] netlink: 'syz.0.22147': attribute type 1 has an invalid length.
[ 1436.885457][T32011] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1437.006796][T32009] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1437.101801][T32016] netlink: 16 bytes leftover after parsing attributes in process `syz.1.22148'.
[ 1437.116028][T32012] bond1: (slave veth5): Enslaving as an active interface with a down link
[ 1437.228035][T32009] 8021q: adding VLAN 0 to HW filter on device batadv2
[ 1437.237062][T32009] bond1: (slave batadv2): dev_set_mac_address on slave failed! ALB mode requires that the base driver support setting the hw address also when the network device's interface is open
[ 1437.501140][T32021] IPVS: persistence engine module ip_vs_pe_�
 not found
[ 1437.666474][T32024] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1438.742438][T32043] syzkaller0: entered promiscuous mode
[ 1438.761418][T32043] syzkaller0: entered allmulticast mode
[ 1438.789007][T32045] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1439.718516][T32057] netlink: 'syz.2.22164': attribute type 8 has an invalid length.
[ 1439.804079][T32059] netlink: 'syz.2.22165': attribute type 29 has an invalid length.
[ 1440.062384][T32063] FAULT_INJECTION: forcing a failure.
[ 1440.062384][T32063] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1440.080638][T32063] CPU: 0 UID: 0 PID: 32063 Comm: syz.2.22167 Not tainted syzkaller #0 PREEMPT(full) 
[ 1440.080665][T32063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1440.080677][T32063] Call Trace:
[ 1440.080684][T32063]  <TASK>
[ 1440.080692][T32063]  dump_stack_lvl+0xe8/0x150
[ 1440.080725][T32063]  should_fail_ex+0x412/0x560
[ 1440.080757][T32063]  _copy_to_user+0x31/0xb0
[ 1440.080778][T32063]  simple_read_from_buffer+0xe1/0x170
[ 1440.080809][T32063]  proc_fail_nth_read+0x1bb/0x230
[ 1440.080837][T32063]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1440.080865][T32063]  ? rw_verify_area+0x2a6/0x4d0
[ 1440.080884][T32063]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1440.080910][T32063]  vfs_read+0x20c/0xa70
[ 1440.080926][T32063]  ? fdget_pos+0x246/0x320
[ 1440.080955][T32063]  ? __pfx___mutex_lock+0x10/0x10
[ 1440.081018][T32063]  ? __pfx_vfs_read+0x10/0x10
[ 1440.081039][T32063]  ? __fget_files+0x2a/0x420
[ 1440.081067][T32063]  ? __fget_files+0x3a0/0x420
[ 1440.081091][T32063]  ? __fget_files+0x2a/0x420
[ 1440.081124][T32063]  ksys_read+0x150/0x270
[ 1440.081145][T32063]  ? __pfx_ksys_read+0x10/0x10
[ 1440.081174][T32063]  do_syscall_64+0x14d/0xf80
[ 1440.081192][T32063]  ? trace_irq_disable+0x3b/0x150
[ 1440.081217][T32063]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1440.081236][T32063]  ? clear_bhb_loop+0x40/0x90
[ 1440.081258][T32063]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1440.081276][T32063] RIP: 0033:0x7f9e4d75cfce
[ 1440.081294][T32063] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1440.081308][T32063] RSP: 002b:00007f9e4e5d0fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1440.081327][T32063] RAX: ffffffffffffffda RBX: 00007f9e4e5d16c0 RCX: 00007f9e4d75cfce
[ 1440.081341][T32063] RDX: 000000000000000f RSI: 00007f9e4e5d10a0 RDI: 0000000000000006
[ 1440.081352][T32063] RBP: 00007f9e4e5d1090 R08: 0000000000000000 R09: 0000000000000000
[ 1440.081364][T32063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1440.081375][T32063] R13: 00007f9e4da16038 R14: 00007f9e4da15fa0 R15: 00007ffedcf98d38
[ 1440.081404][T32063]  </TASK>
[ 1441.280948][T32086] netlink: 'syz.0.22175': attribute type 1 has an invalid length.
[ 1441.346122][T32086] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1441.469611][T32090] bond2: (slave veth7): Enslaving as an active interface with a down link
[ 1441.542186][T32086] bond2: (slave gretap1): making interface the new active one
[ 1441.576427][T32086] gretap1: entered promiscuous mode
[ 1441.591200][T32086] bond2: (slave gretap1): Enslaving as an active interface with an up link
[ 1441.638537][T32097] macvlan2: entered promiscuous mode
[ 1441.656873][T32097] macvlan2: entered allmulticast mode
[ 1441.669416][T32097] bond2: entered promiscuous mode
[ 1441.691245][T32097] 8021q: adding VLAN 0 to HW filter on device macvlan2
[ 1441.714983][T32097] bond2: (slave macvlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[ 1441.755575][T32097] bond2: left promiscuous mode
[ 1441.947111][T32104] netlink: 16 bytes leftover after parsing attributes in process `syz.4.22179'.
[ 1442.954987][T32118] netlink: 212348 bytes leftover after parsing attributes in process `syz.3.22183'.
[ 1442.980729][T32118] FAULT_INJECTION: forcing a failure.
[ 1442.980729][T32118] name failslab, interval 1, probability 0, space 0, times 0
[ 1443.042108][T32118] CPU: 1 UID: 0 PID: 32118 Comm: syz.3.22183 Not tainted syzkaller #0 PREEMPT(full) 
[ 1443.042134][T32118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1443.042146][T32118] Call Trace:
[ 1443.042154][T32118]  <TASK>
[ 1443.042162][T32118]  dump_stack_lvl+0xe8/0x150
[ 1443.042201][T32118]  should_fail_ex+0x412/0x560
[ 1443.042230][T32118]  should_failslab+0xa8/0x100
[ 1443.042263][T32118]  kmem_cache_alloc_node_noprof+0x8f/0x690
[ 1443.042284][T32118]  ? __alloc_skb+0x1d0/0x7d0
[ 1443.042309][T32118]  ? __local_bh_enable_ip+0xd0/0x130
[ 1443.042338][T32118]  __alloc_skb+0x1d0/0x7d0
[ 1443.042370][T32118]  __netdev_alloc_skb+0xc1/0x810
[ 1443.042400][T32118]  ovs_packet_cmd_execute+0x205/0xea0
[ 1443.042435][T32118]  ? __pfx_ovs_packet_cmd_execute+0x10/0x10
[ 1443.042462][T32118]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[ 1443.042491][T32118]  genl_family_rcv_msg_doit+0x22a/0x330
[ 1443.042517][T32118]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1443.042548][T32118]  ? bpf_lsm_capable+0x9/0x20
[ 1443.042572][T32118]  ? security_capable+0x7e/0x2c0
[ 1443.042602][T32118]  genl_rcv_msg+0x61c/0x7a0
[ 1443.042626][T32118]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1443.042643][T32118]  ? __pfx_ovs_packet_cmd_execute+0x10/0x10
[ 1443.042666][T32118]  ? __lock_acquire+0x6b5/0x2cf0
[ 1443.042710][T32118]  netlink_rcv_skb+0x232/0x4b0
[ 1443.042734][T32118]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1443.042754][T32118]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1443.042794][T32118]  ? down_read+0x272/0x2e0
[ 1443.042812][T32118]  ? genl_rcv+0xd/0x40
[ 1443.042831][T32118]  genl_rcv+0x28/0x40
[ 1443.042847][T32118]  netlink_unicast+0x80f/0x9b0
[ 1443.042877][T32118]  ? __pfx_netlink_unicast+0x10/0x10
[ 1443.042900][T32118]  ? netlink_sendmsg+0x650/0xb40
[ 1443.042921][T32118]  ? skb_put+0x11b/0x210
[ 1443.042949][T32118]  netlink_sendmsg+0x813/0xb40
[ 1443.042981][T32118]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1443.043008][T32118]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1443.043032][T32118]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1443.043056][T32118]  ____sys_sendmsg+0x972/0x9f0
[ 1443.043083][T32118]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1443.043110][T32118]  ? import_iovec+0x73/0xa0
[ 1443.043141][T32118]  ___sys_sendmsg+0x2a5/0x360
[ 1443.043165][T32118]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1443.043218][T32118]  ? __fget_files+0x2a/0x420
[ 1443.043250][T32118]  ? __fget_files+0x3a0/0x420
[ 1443.043285][T32118]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1443.043307][T32118]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1443.043334][T32118]  ? __pfx_ksys_write+0x10/0x10
[ 1443.043366][T32118]  do_syscall_64+0x14d/0xf80
[ 1443.043383][T32118]  ? trace_irq_disable+0x3b/0x150
[ 1443.043406][T32118]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1443.043424][T32118]  ? clear_bhb_loop+0x40/0x90
[ 1443.043446][T32118]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1443.043464][T32118] RIP: 0033:0x7f839679c799
[ 1443.043483][T32118] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1443.043498][T32118] RSP: 002b:00007f83975fa028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1443.043519][T32118] RAX: ffffffffffffffda RBX: 00007f8396a15fa0 RCX: 00007f839679c799
[ 1443.043532][T32118] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[ 1443.043543][T32118] RBP: 00007f83975fa090 R08: 0000000000000000 R09: 0000000000000000
[ 1443.043554][T32118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1443.043564][T32118] R13: 00007f8396a16038 R14: 00007f8396a15fa0 R15: 00007ffd877f1ae8
[ 1443.043594][T32118]  </TASK>
[ 1443.477903][T32128] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1443.492473][T32128] netlink: 8 bytes leftover after parsing attributes in process `syz.3.22187'.
[ 1443.520863][T28420] hid-generic 0005:0C45:0000.000A: item fetching failed at offset 0/1
[ 1443.529691][T28420] hid-generic 0005:0C45:0000.000A: probe with driver hid-generic failed with error -22
[ 1443.550598][T32124] netlink: 8 bytes leftover after parsing attributes in process `syz.1.22186'.
[ 1443.972173][T32140] netlink: 244 bytes leftover after parsing attributes in process `syz.1.22189'.
[ 1444.133238][T32146] netlink: 8 bytes leftover after parsing attributes in process `syz.0.22191'.
[ 1444.624008][T32161] netlink: 104 bytes leftover after parsing attributes in process `syz.3.22193'.
[ 1445.033089][T32175] netlink: 14 bytes leftover after parsing attributes in process `syz.3.22199'.
[ 1445.055072][T32176] netlink: 'syz.4.22200': attribute type 3 has an invalid length.
[ 1445.071844][T32176] netlink: 766 bytes leftover after parsing attributes in process `syz.4.22200'.
[ 1445.716429][T32202] netlink: 20 bytes leftover after parsing attributes in process `syz.3.22208'.
[ 1446.324453][T32216] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[ 1446.536260][T20283] net_ratelimit: 55 callbacks suppressed
[ 1446.536279][T20283] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1446.850772][T10523] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1446.897181][T32261] netlink: 'syz.1.22226': attribute type 10 has an invalid length.
[ 1446.930505][T32263] openvswitch: netlink: Key 32 has unexpected len 260 expected 2
[ 1447.112698][T32279] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1447.128556][T32281] __nla_validate_parse: 2 callbacks suppressed
[ 1447.128577][T32281] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.22235'.
[ 1447.165489][T27245] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1447.242969][T27245] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1447.331779][T32291] netlink: 'syz.2.22240': attribute type 10 has an invalid length.
[ 1447.341114][T32293] netlink: 96 bytes leftover after parsing attributes in process `syz.3.22239'.
[ 1447.371671][T32296] netlink: 212348 bytes leftover after parsing attributes in process `syz.4.22241'.
[ 1447.384551][T32291] team0: Port device netdevsim0 added
[ 1447.386602][T32296] FAULT_INJECTION: forcing a failure.
[ 1447.386602][T32296] name failslab, interval 1, probability 0, space 0, times 0
[ 1447.412903][T32298] netlink: 12 bytes leftover after parsing attributes in process `syz.0.22242'.
[ 1447.441730][T32296] CPU: 0 UID: 0 PID: 32296 Comm: syz.4.22241 Not tainted syzkaller #0 PREEMPT(full) 
[ 1447.441756][T32296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1447.441767][T32296] Call Trace:
[ 1447.441775][T32296]  <TASK>
[ 1447.441784][T32296]  dump_stack_lvl+0xe8/0x150
[ 1447.441814][T32296]  should_fail_ex+0x412/0x560
[ 1447.441843][T32296]  should_failslab+0xa8/0x100
[ 1447.441866][T32296]  kmem_cache_alloc_node_noprof+0x8f/0x690
[ 1447.441888][T32296]  ? __alloc_skb+0x1d0/0x7d0
[ 1447.441910][T32296]  ? __local_bh_enable_ip+0xd0/0x130
[ 1447.441937][T32296]  __alloc_skb+0x1d0/0x7d0
[ 1447.441975][T32296]  __netdev_alloc_skb+0xc1/0x810
[ 1447.442006][T32296]  ovs_packet_cmd_execute+0x205/0xea0
[ 1447.442035][T32296]  ? __pfx_ovs_packet_cmd_execute+0x10/0x10
[ 1447.442061][T32296]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[ 1447.442087][T32296]  genl_family_rcv_msg_doit+0x22a/0x330
[ 1447.442110][T32296]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1447.442138][T32296]  ? bpf_lsm_capable+0x9/0x20
[ 1447.442159][T32296]  ? security_capable+0x7e/0x2c0
[ 1447.442185][T32296]  genl_rcv_msg+0x61c/0x7a0
[ 1447.442206][T32296]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1447.442225][T32296]  ? __pfx_ovs_packet_cmd_execute+0x10/0x10
[ 1447.442248][T32296]  ? __lock_acquire+0x6b5/0x2cf0
[ 1447.442278][T32296]  netlink_rcv_skb+0x232/0x4b0
[ 1447.442300][T32296]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1447.442319][T32296]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1447.442358][T32296]  ? down_read+0x272/0x2e0
[ 1447.442376][T32296]  ? genl_rcv+0xd/0x40
[ 1447.442393][T32296]  genl_rcv+0x28/0x40
[ 1447.442409][T32296]  netlink_unicast+0x80f/0x9b0
[ 1447.442438][T32296]  ? __pfx_netlink_unicast+0x10/0x10
[ 1447.442459][T32296]  ? netlink_sendmsg+0x650/0xb40
[ 1447.442478][T32296]  ? skb_put+0x11b/0x210
[ 1447.442504][T32296]  netlink_sendmsg+0x813/0xb40
[ 1447.442533][T32296]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1447.442558][T32296]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1447.442581][T32296]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1447.442604][T32296]  ____sys_sendmsg+0x972/0x9f0
[ 1447.442629][T32296]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1447.442654][T32296]  ? import_iovec+0x73/0xa0
[ 1447.442684][T32296]  ___sys_sendmsg+0x2a5/0x360
[ 1447.442708][T32296]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1447.442766][T32296]  ? __fget_files+0x2a/0x420
[ 1447.442789][T32296]  ? __fget_files+0x3a0/0x420
[ 1447.442821][T32296]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1447.442843][T32296]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1447.442867][T32296]  ? __pfx_ksys_write+0x10/0x10
[ 1447.442897][T32296]  do_syscall_64+0x14d/0xf80
[ 1447.442914][T32296]  ? trace_irq_disable+0x3b/0x150
[ 1447.442939][T32296]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1447.442964][T32296]  ? clear_bhb_loop+0x40/0x90
[ 1447.442985][T32296]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1447.443003][T32296] RIP: 0033:0x7f429a99c799
[ 1447.443021][T32296] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1447.443037][T32296] RSP: 002b:00007f4298bf6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1447.443054][T32296] RAX: ffffffffffffffda RBX: 00007f429ac15fa0 RCX: 00007f429a99c799
[ 1447.443066][T32296] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[ 1447.443077][T32296] RBP: 00007f4298bf6090 R08: 0000000000000000 R09: 0000000000000000
[ 1447.443088][T32296] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1447.443098][T32296] R13: 00007f429ac16038 R14: 00007f429ac15fa0 R15: 00007fff902988e8
[ 1447.443128][T32296]  </TASK>
[ 1447.880792][T28420] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1448.027443][T20285] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1448.029259][T32325] netlink: 'syz.0.22252': attribute type 1 has an invalid length.
[ 1448.044419][T32325] netlink: 224 bytes leftover after parsing attributes in process `syz.0.22252'.
[ 1448.202472][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1448.284563][T32343] netlink: 'syz.0.22255': attribute type 6 has an invalid length.
[ 1448.291549][T27245] hid-generic 0005:0C45:0000.000B: item fetching failed at offset 0/1
[ 1448.304466][T27245] hid-generic 0005:0C45:0000.000B: probe with driver hid-generic failed with error -22
[ 1448.408239][T32349] netlink: 'syz.1.22259': attribute type 21 has an invalid length.
[ 1448.431238][T32349] netlink: 156 bytes leftover after parsing attributes in process `syz.1.22259'.
[ 1448.442172][T32351] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1448.488292][T32353] netlink: 8 bytes leftover after parsing attributes in process `syz.3.22261'.
[ 1448.608978][T32358] netlink: 'syz.1.22262': attribute type 10 has an invalid length.
[ 1448.709023][T32362] netlink: 8 bytes leftover after parsing attributes in process `syz.3.22264'.
[ 1448.823028][T32368] netlink: 211904 bytes leftover after parsing attributes in process `syz.3.22267'.
[ 1448.884556][T32372] xt_SECMARK: mode already set to 1 cannot mix with rules for mode 9
[ 1449.007101][T32381] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[ 1449.036892][T32382] netlink: 'syz.1.22273': attribute type 10 has an invalid length.
[ 1449.092883][T32386] erspan0: entered allmulticast mode
[ 1449.129321][T32386] vlan2: entered promiscuous mode
[ 1449.139106][T32386] erspan0: entered promiscuous mode
[ 1449.268013][T32401] syzkaller1: entered promiscuous mode
[ 1449.274901][T32401] syzkaller1: entered allmulticast mode
[ 1449.595462][T32426] netlink: 8 bytes leftover after parsing attributes in process `syz.4.22286'.
[ 1449.911989][T32446] netlink: 'syz.4.22294': attribute type 9 has an invalid length.
[ 1449.921119][T32446] netlink: 'syz.4.22294': attribute type 11 has an invalid length.
[ 1450.226029][T32464] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1450.552926][T32468] xt_limit: Overflow, try lower: 271964/0
[ 1450.866129][T32500] syz_tun: entered allmulticast mode
[ 1450.876443][T32497] syz_tun: left allmulticast mode
[ 1451.193780][T32525] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1451.359900][T32538] validate_nla: 3 callbacks suppressed
[ 1451.367452][T32538] netlink: 'syz.1.22326': attribute type 10 has an invalid length.
[ 1451.380917][T32538] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[ 1451.390584][T32538] team0: Device netdevsim0 failed to register rx_handler
[ 1451.892772][T32572] netlink: 'syz.3.22336': attribute type 1 has an invalid length.
[ 1453.342325][T32577] bond3: (slave veth3): Enslaving as an active interface with a down link
[ 1453.359834][T32584] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[ 1453.469491][T32600] xt_l2tp: invalid flags combination: 8
[ 1453.492580][T32600] sch_fq: defrate 53322 ignored.
[ 1453.524196][T32606] FAULT_INJECTION: forcing a failure.
[ 1453.524196][T32606] name failslab, interval 1, probability 0, space 0, times 0
[ 1453.539800][T32602] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1453.540779][T32606] CPU: 0 UID: 0 PID: 32606 Comm: syz.4.22348 Not tainted syzkaller #0 PREEMPT(full) 
[ 1453.540802][T32606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1453.540814][T32606] Call Trace:
[ 1453.540822][T32606]  <TASK>
[ 1453.540830][T32606]  dump_stack_lvl+0xe8/0x150
[ 1453.540860][T32606]  should_fail_ex+0x412/0x560
[ 1453.540888][T32606]  should_failslab+0xa8/0x100
[ 1453.540910][T32606]  ? skb_clone+0x212/0x3a0
[ 1453.540929][T32606]  kmem_cache_alloc_noprof+0x87/0x650
[ 1453.540956][T32606]  skb_clone+0x212/0x3a0
[ 1453.540978][T32606]  __netlink_deliver_tap+0x404/0x850
[ 1453.541013][T32606]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1453.541037][T32606]  netlink_deliver_tap+0x19c/0x1b0
[ 1453.541061][T32606]  netlink_sendskb+0x68/0x140
[ 1453.541084][T32606]  netlink_unicast+0x3a3/0x9b0
[ 1453.541120][T32606]  ? __pfx_netlink_unicast+0x10/0x10
[ 1453.541150][T32606]  netlink_rcv_skb+0x2b6/0x4b0
[ 1453.541173][T32606]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1453.541192][T32606]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1453.541231][T32606]  ? down_read+0x272/0x2e0
[ 1453.541249][T32606]  ? genl_rcv+0xd/0x40
[ 1453.541268][T32606]  genl_rcv+0x28/0x40
[ 1453.541283][T32606]  netlink_unicast+0x80f/0x9b0
[ 1453.541311][T32606]  ? __pfx_netlink_unicast+0x10/0x10
[ 1453.541334][T32606]  ? netlink_sendmsg+0x650/0xb40
[ 1453.541356][T32606]  ? skb_put+0x11b/0x210
[ 1453.541383][T32606]  netlink_sendmsg+0x813/0xb40
[ 1453.541414][T32606]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1453.541441][T32606]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1453.541465][T32606]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1453.541489][T32606]  ____sys_sendmsg+0x972/0x9f0
[ 1453.541517][T32606]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1453.541544][T32606]  ? import_iovec+0x73/0xa0
[ 1453.541573][T32606]  ___sys_sendmsg+0x2a5/0x360
[ 1453.541597][T32606]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1453.541649][T32606]  ? __fget_files+0x2a/0x420
[ 1453.541672][T32606]  ? __fget_files+0x3a0/0x420
[ 1453.541706][T32606]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1453.541727][T32606]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1453.541754][T32606]  ? __pfx_ksys_write+0x10/0x10
[ 1453.541785][T32606]  do_syscall_64+0x14d/0xf80
[ 1453.541802][T32606]  ? trace_irq_disable+0x3b/0x150
[ 1453.541825][T32606]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1453.541842][T32606]  ? clear_bhb_loop+0x40/0x90
[ 1453.541864][T32606]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1453.541881][T32606] RIP: 0033:0x7f429a99c799
[ 1453.541899][T32606] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1453.541914][T32606] RSP: 002b:00007f4298bf6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1453.541932][T32606] RAX: ffffffffffffffda RBX: 00007f429ac15fa0 RCX: 00007f429a99c799
[ 1453.541945][T32606] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003
[ 1453.541955][T32606] RBP: 00007f4298bf6090 R08: 0000000000000000 R09: 0000000000000000
[ 1453.541967][T32606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1453.541977][T32606] R13: 00007f429ac16038 R14: 00007f429ac15fa0 R15: 00007fff902988e8
[ 1453.542007][T32606]  </TASK>
[ 1453.931011][T20283] gretap1: left promiscuous mode
[ 1454.058383][T32634] vxcan1: tx drop: invalid sa for name 0x0000008000000002
[ 1454.063610][T27245] hid-generic 0005:15C2:0000.000C: item fetching failed at offset 0/1
[ 1454.086124][T27245] hid-generic 0005:15C2:0000.000C: probe with driver hid-generic failed with error -22
[ 1454.269494][T32645] geneve3: entered promiscuous mode
[ 1454.277938][T32645] geneve3: entered allmulticast mode
[ 1454.286582][T20225] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 19999 - 0
[ 1454.299186][T20225] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 19999 - 0
[ 1454.308598][T20225] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 19999 - 0
[ 1454.327016][T32645] tipc: Started in network mode
[ 1454.332412][T32645] tipc: Node identity d29eac2a45ba, cluster identity 4711
[ 1454.341324][T32645] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1454.349174][T20225] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 19999 - 0
[ 1454.404668][T32645] syzkaller0: entered promiscuous mode
[ 1454.410279][T32645] syzkaller0: entered allmulticast mode
[ 1454.417052][T32645] tipc: Resetting bearer <eth:syzkaller0>
[ 1454.494493][T20262] tipc: Resetting bearer <eth:syzkaller0>
[ 1454.502626][T32644] tipc: Resetting bearer <eth:syzkaller0>
[ 1456.713459][T32644] tipc: Disabling bearer <eth:syzkaller0>
[ 1456.731002][T32668] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[ 1456.760734][T10523] tipc: Node number set to 2535762986
[ 1456.873075][T32682] erspan0: entered allmulticast mode
[ 1456.921994][T32682] vlan2: entered promiscuous mode
[ 1456.929465][T32682] erspan0: entered promiscuous mode
[ 1457.020189][T32682] net_ratelimit: 978 callbacks suppressed
[ 1457.020210][T32682] openvswitch: netlink: Key type 7696 is out of range max 32
[ 1457.062710][T32696] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1457.242853][T32712] x_tables: duplicate underflow at hook 2
[ 1457.268395][   T29] audit: type=1804 audit(1773795359.165:11): pid=32710 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.22376" name="/newroot/513/cgroup.controllers" dev="tmpfs" ino=2586 res=1 errno=0
[ 1457.295956][   T29] audit: type=1800 audit(1773795359.165:12): pid=32710 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.22376" name="cgroup.controllers" dev="tmpfs" ino=2586 res=0 errno=0
[ 1457.368744][T32719] FAULT_INJECTION: forcing a failure.
[ 1457.368744][T32719] name failslab, interval 1, probability 0, space 0, times 0
[ 1457.388539][T32719] CPU: 1 UID: 0 PID: 32719 Comm: syz.0.22380 Not tainted syzkaller #0 PREEMPT(full) 
[ 1457.388565][T32719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1457.388576][T32719] Call Trace:
[ 1457.388584][T32719]  <TASK>
[ 1457.388593][T32719]  dump_stack_lvl+0xe8/0x150
[ 1457.388622][T32719]  should_fail_ex+0x412/0x560
[ 1457.388651][T32719]  should_failslab+0xa8/0x100
[ 1457.388676][T32719]  __kmalloc_noprof+0xe8/0x760
[ 1457.388697][T32719]  ? tomoyo_encode+0x28b/0x550
[ 1457.388728][T32719]  tomoyo_encode+0x28b/0x550
[ 1457.388757][T32719]  tomoyo_realpath_from_path+0x58d/0x5d0
[ 1457.388793][T32719]  ? tomoyo_path_number_perm+0x219/0x630
[ 1457.388814][T32719]  tomoyo_path_number_perm+0x246/0x630
[ 1457.388838][T32719]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1457.388862][T32719]  ? __lock_acquire+0x6b5/0x2cf0
[ 1457.388896][T32719]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[ 1457.388944][T32719]  ? __fget_files+0x2a/0x420
[ 1457.388972][T32719]  ? __fget_files+0x2a/0x420
[ 1457.388996][T32719]  ? __fget_files+0x3a0/0x420
[ 1457.389019][T32719]  ? __fget_files+0x2a/0x420
[ 1457.389047][T32719]  security_file_ioctl+0xc3/0x2a0
[ 1457.389069][T32719]  __se_sys_ioctl+0x47/0x170
[ 1457.389093][T32719]  do_syscall_64+0x14d/0xf80
[ 1457.389110][T32719]  ? trace_irq_disable+0x3b/0x150
[ 1457.389134][T32719]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1457.389153][T32719]  ? clear_bhb_loop+0x40/0x90
[ 1457.389176][T32719]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1457.389194][T32719] RIP: 0033:0x7fb45d59c799
[ 1457.389211][T32719] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1457.389227][T32719] RSP: 002b:00007fb45e426028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1457.389247][T32719] RAX: ffffffffffffffda RBX: 00007fb45d815fa0 RCX: 00007fb45d59c799
[ 1457.389260][T32719] RDX: 00002000000000c0 RSI: 00000000800448d3 RDI: 0000000000000004
[ 1457.389273][T32719] RBP: 00007fb45e426090 R08: 0000000000000000 R09: 0000000000000000
[ 1457.389284][T32719] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1457.389295][T32719] R13: 00007fb45d816038 R14: 00007fb45d815fa0 R15: 00007ffe6088ce58
[ 1457.389326][T32719]  </TASK>
[ 1457.389347][T32719] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1457.688726][T32726] sysfs: cannot create duplicate filename '/class/ieee80211/K��u�cr��K:����̥�B����|����lS��-!'
[ 1457.701673][T32726] CPU: 1 UID: 0 PID: 32726 Comm: syz.0.22383 Not tainted syzkaller #0 PREEMPT(full) 
[ 1457.701702][T32726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1457.701715][T32726] Call Trace:
[ 1457.701723][T32726]  <TASK>
[ 1457.701732][T32726]  dump_stack_lvl+0xe8/0x150
[ 1457.701767][T32726]  sysfs_warn_dup+0x8e/0xa0
[ 1457.701797][T32726]  sysfs_do_create_link_sd+0xc0/0x110
[ 1457.701827][T32726]  device_add_class_symlinks+0x1cf/0x240
[ 1457.701857][T32726]  device_add+0x475/0xb70
[ 1457.701884][T32726]  wiphy_register+0x1d73/0x2d50
[ 1457.701925][T32726]  ? __pfx_wiphy_register+0x10/0x10
[ 1457.701951][T32726]  ? __pfx_netdev_run_todo+0x10/0x10
[ 1457.701975][T32726]  ? minstrel_ht_alloc+0x6e0/0x7e0
[ 1457.702008][T32726]  ? ieee80211_init_rate_ctrl_alg+0x55d/0x5d0
[ 1457.702042][T32726]  ieee80211_register_hw+0x3562/0x4200
[ 1457.702076][T32726]  ? ieee80211_register_hw+0x1411/0x4200
[ 1457.702106][T32726]  ? __pfx_ieee80211_register_hw+0x10/0x10
[ 1457.702146][T32726]  ? __hrtimer_setup+0x181/0x200
[ 1457.702175][T32726]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[ 1457.702206][T32726]  mac80211_hwsim_new_radio+0x2f97/0x5330
[ 1457.702262][T32726]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1457.702291][T32726]  ? kstrndup+0xbf/0x160
[ 1457.702337][T32726]  hwsim_new_radio_nl+0xf35/0x1bd0
[ 1457.702387][T32726]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1457.702420][T32726]  ? rcu_is_watching+0x15/0xb0
[ 1457.702448][T32726]  ? trace_kmalloc+0x2a/0x110
[ 1457.702473][T32726]  ? __nla_parse+0x40/0x60
[ 1457.702506][T32726]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[ 1457.702536][T32726]  genl_family_rcv_msg_doit+0x22a/0x330
[ 1457.702566][T32726]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1457.702603][T32726]  ? bpf_lsm_capable+0x9/0x20
[ 1457.702635][T32726]  ? security_capable+0x7e/0x2c0
[ 1457.702668][T32726]  genl_rcv_msg+0x61c/0x7a0
[ 1457.702696][T32726]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1457.702717][T32726]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1457.702741][T32726]  ? __lock_acquire+0x6b5/0x2cf0
[ 1457.702781][T32726]  netlink_rcv_skb+0x232/0x4b0
[ 1457.702810][T32726]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1457.702833][T32726]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1457.702880][T32726]  ? down_read+0x272/0x2e0
[ 1457.702901][T32726]  ? genl_rcv+0xd/0x40
[ 1457.702924][T32726]  genl_rcv+0x28/0x40
[ 1457.702942][T32726]  netlink_unicast+0x80f/0x9b0
[ 1457.702982][T32726]  ? __pfx_netlink_unicast+0x10/0x10
[ 1457.703005][T32726]  ? __kvmalloc_node_noprof+0x393/0x8a0
[ 1457.703031][T32726]  ? netlink_sendmsg+0x650/0xb40
[ 1457.703058][T32726]  ? skb_put+0x11b/0x210
[ 1457.703093][T32726]  netlink_sendmsg+0x813/0xb40
[ 1457.703132][T32726]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1457.703164][T32726]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1457.703193][T32726]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1457.703221][T32726]  ____sys_sendmsg+0x972/0x9f0
[ 1457.703240][T32726]  ? futex_unqueue+0x211/0x240
[ 1457.703274][T32726]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1457.703306][T32726]  ? import_iovec+0x73/0xa0
[ 1457.703348][T32726]  ___sys_sendmsg+0x2a5/0x360
[ 1457.703376][T32726]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1457.703405][T32726]  ? futex_wait+0x29a/0x380
[ 1457.703459][T32726]  ? __fget_files+0x2a/0x420
[ 1457.703488][T32726]  ? __fget_files+0x3a0/0x420
[ 1457.703526][T32726]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1457.703549][T32726]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1457.703579][T32726]  ? rcu_is_watching+0x15/0xb0
[ 1457.703620][T32726]  do_syscall_64+0x14d/0xf80
[ 1457.703638][T32726]  ? trace_irq_disable+0x3b/0x150
[ 1457.703666][T32726]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1457.703691][T32726]  ? clear_bhb_loop+0x40/0x90
[ 1457.703716][T32726]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1457.703737][T32726] RIP: 0033:0x7fb45d59c799
[ 1457.703757][T32726] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1457.703776][T32726] RSP: 002b:00007fb45e426028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1457.703798][T32726] RAX: ffffffffffffffda RBX: 00007fb45d815fa0 RCX: 00007fb45d59c799
[ 1457.703814][T32726] RDX: 0000000000000010 RSI: 0000200000000100 RDI: 0000000000000003
[ 1457.703826][T32726] RBP: 00007fb45d632c99 R08: 0000000000000000 R09: 0000000000000000
[ 1457.703839][T32726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1457.703851][T32726] R13: 00007fb45d816038 R14: 00007fb45d815fa0 R15: 00007ffe6088ce58
[ 1457.703890][T32726]  </TASK>
[ 1457.704970][T32728] syzkaller1: left promiscuous mode
[ 1457.959455][T32737] netlink: 'syz.0.22385': attribute type 4 has an invalid length.
[ 1457.960189][T32728] syzkaller1: left allmulticast mode
[ 1457.999826][T32737] __nla_validate_parse: 12 callbacks suppressed
[ 1457.999846][T32737] netlink: 240 bytes leftover after parsing attributes in process `syz.0.22385'.
[ 1458.384273][T32758] netlink: 24 bytes leftover after parsing attributes in process `syz.0.22391'.
[ 1458.530990][T32766] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1458.546238][T32764] netlink: 4 bytes leftover after parsing attributes in process `syz.0.22391'.
[ 1458.629782][  T308] netlink: 212348 bytes leftover after parsing attributes in process `syz.3.22395'.
[ 1458.661175][  T308] FAULT_INJECTION: forcing a failure.
[ 1458.661175][  T308] name failslab, interval 1, probability 0, space 0, times 0
[ 1458.690511][  T308] CPU: 0 UID: 0 PID: 308 Comm: syz.3.22395 Not tainted syzkaller #0 PREEMPT(full) 
[ 1458.690538][  T308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1458.690549][  T308] Call Trace:
[ 1458.690557][  T308]  <TASK>
[ 1458.690565][  T308]  dump_stack_lvl+0xe8/0x150
[ 1458.690596][  T308]  should_fail_ex+0x412/0x560
[ 1458.690626][  T308]  should_failslab+0xa8/0x100
[ 1458.690649][  T308]  __kmalloc_noprof+0xe8/0x760
[ 1458.690669][  T308]  ? ovs_nla_copy_actions+0x68/0x3d0
[ 1458.690694][  T308]  ovs_nla_copy_actions+0x68/0x3d0
[ 1458.690721][  T308]  ovs_packet_cmd_execute+0x648/0xea0
[ 1458.690754][  T308]  ? __pfx_ovs_packet_cmd_execute+0x10/0x10
[ 1458.690782][  T308]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[ 1458.690811][  T308]  genl_family_rcv_msg_doit+0x22a/0x330
[ 1458.690844][  T308]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1458.690876][  T308]  ? bpf_lsm_capable+0x9/0x20
[ 1458.690899][  T308]  ? security_capable+0x7e/0x2c0
[ 1458.690927][  T308]  genl_rcv_msg+0x61c/0x7a0
[ 1458.690952][  T308]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1458.690970][  T308]  ? __pfx_ovs_packet_cmd_execute+0x10/0x10
[ 1458.690994][  T308]  ? __lock_acquire+0x6b5/0x2cf0
[ 1458.691028][  T308]  netlink_rcv_skb+0x232/0x4b0
[ 1458.691053][  T308]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1458.691073][  T308]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1458.691114][  T308]  ? down_read+0x272/0x2e0
[ 1458.691132][  T308]  ? genl_rcv+0xd/0x40
[ 1458.691152][  T308]  genl_rcv+0x28/0x40
[ 1458.691168][  T308]  netlink_unicast+0x80f/0x9b0
[ 1458.691199][  T308]  ? __pfx_netlink_unicast+0x10/0x10
[ 1458.691222][  T308]  ? netlink_sendmsg+0x650/0xb40
[ 1458.691244][  T308]  ? skb_put+0x11b/0x210
[ 1458.691274][  T308]  netlink_sendmsg+0x813/0xb40
[ 1458.691307][  T308]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1458.691333][  T308]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1458.691358][  T308]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1458.691382][  T308]  ____sys_sendmsg+0x972/0x9f0
[ 1458.691410][  T308]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1458.691438][  T308]  ? import_iovec+0x73/0xa0
[ 1458.691468][  T308]  ___sys_sendmsg+0x2a5/0x360
[ 1458.691492][  T308]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1458.691549][  T308]  ? __fget_files+0x2a/0x420
[ 1458.691574][  T308]  ? __fget_files+0x3a0/0x420
[ 1458.691608][  T308]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1458.691630][  T308]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1458.691658][  T308]  ? __pfx_ksys_write+0x10/0x10
[ 1458.691690][  T308]  do_syscall_64+0x14d/0xf80
[ 1458.691707][  T308]  ? trace_irq_disable+0x3b/0x150
[ 1458.691731][  T308]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1458.691751][  T308]  ? clear_bhb_loop+0x40/0x90
[ 1458.691774][  T308]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1458.691792][  T308] RIP: 0033:0x7f839679c799
[ 1458.691810][  T308] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1458.691831][  T308] RSP: 002b:00007f83975fa028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1458.691851][  T308] RAX: ffffffffffffffda RBX: 00007f8396a15fa0 RCX: 00007f839679c799
[ 1458.691865][  T308] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[ 1458.691877][  T308] RBP: 00007f83975fa090 R08: 0000000000000000 R09: 0000000000000000
[ 1458.691888][  T308] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1458.691900][  T308] R13: 00007f8396a16038 R14: 00007f8396a15fa0 R15: 00007ffd877f1ae8
[ 1458.691931][  T308]  </TASK>
[ 1459.184330][  T323] FAULT_INJECTION: forcing a failure.
[ 1459.184330][  T323] name failslab, interval 1, probability 0, space 0, times 0
[ 1459.209251][  T323] CPU: 0 UID: 0 PID: 323 Comm: syz.1.22402 Not tainted syzkaller #0 PREEMPT(full) 
[ 1459.209276][  T323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1459.209288][  T323] Call Trace:
[ 1459.209295][  T323]  <TASK>
[ 1459.209304][  T323]  dump_stack_lvl+0xe8/0x150
[ 1459.209334][  T323]  should_fail_ex+0x412/0x560
[ 1459.209363][  T323]  should_failslab+0xa8/0x100
[ 1459.209390][  T323]  __kmalloc_noprof+0xe8/0x760
[ 1459.209410][  T323]  ? tomoyo_encode+0x28b/0x550
[ 1459.209440][  T323]  tomoyo_encode+0x28b/0x550
[ 1459.209469][  T323]  tomoyo_realpath_from_path+0x58d/0x5d0
[ 1459.209503][  T323]  ? tomoyo_path_number_perm+0x219/0x630
[ 1459.209525][  T323]  tomoyo_path_number_perm+0x246/0x630
[ 1459.209548][  T323]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1459.209572][  T323]  ? __lock_acquire+0x6b5/0x2cf0
[ 1459.209617][  T323]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[ 1459.209658][  T323]  ? __fget_files+0x2a/0x420
[ 1459.209685][  T323]  ? __fget_files+0x2a/0x420
[ 1459.209708][  T323]  ? __fget_files+0x3a0/0x420
[ 1459.209732][  T323]  ? __fget_files+0x2a/0x420
[ 1459.209760][  T323]  security_file_ioctl+0xc3/0x2a0
[ 1459.209783][  T323]  __se_sys_ioctl+0x47/0x170
[ 1459.209806][  T323]  do_syscall_64+0x14d/0xf80
[ 1459.209822][  T323]  ? trace_irq_disable+0x3b/0x150
[ 1459.209846][  T323]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1459.209866][  T323]  ? clear_bhb_loop+0x40/0x90
[ 1459.209887][  T323]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1459.209905][  T323] RIP: 0033:0x7f818499c799
[ 1459.209924][  T323] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1459.209938][  T323] RSP: 002b:00007f81858f3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1459.209955][  T323] RAX: ffffffffffffffda RBX: 00007f8184c15fa0 RCX: 00007f818499c799
[ 1459.209968][  T323] RDX: 0000200000000200 RSI: 00000000400448c8 RDI: 0000000000000004
[ 1459.209978][  T323] RBP: 00007f81858f3090 R08: 0000000000000000 R09: 0000000000000000
[ 1459.209988][  T323] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1459.209998][  T323] R13: 00007f8184c16038 R14: 00007f8184c15fa0 R15: 00007ffde1edaa48
[ 1459.210024][  T323]  </TASK>
[ 1459.212561][  T327] xt_SECMARK: mode already set to 1 cannot mix with rules for mode 9
[ 1459.219572][  T323] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1459.263642][  T330] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1459.447221][T27245] hid-generic 0005:15C2:0000.000D: item fetching failed at offset 0/1
[ 1459.472114][T27245] hid-generic 0005:15C2:0000.000D: probe with driver hid-generic failed with error -22
[ 1459.484226][  T329] syzkaller0: entered promiscuous mode
[ 1459.505931][  T329] syzkaller0: entered allmulticast mode
[ 1459.631067][  T329] tipc: Resetting bearer <eth:syzkaller0>
[ 1459.668949][  T329] tipc: Disabling bearer <eth:syzkaller0>
[ 1459.823170][  T360] netlink: 8 bytes leftover after parsing attributes in process `syz.3.22415'.
[ 1459.921419][  T366] sock: sock_timestamping_bind_phc: sock not bind to device
[ 1460.056551][  T375] tipc: Failed to remove unknown binding: 66,1,1/0:1511291986/1511291988
[ 1460.132056][  T379] syzkaller1: entered promiscuous mode
[ 1460.149189][  T379] syzkaller1: entered allmulticast mode
[ 1460.245219][  T386] netlink: 36 bytes leftover after parsing attributes in process `syz.3.22426'.
[ 1460.323353][  T394] netlink: 'syz.4.22429': attribute type 24 has an invalid length.
[ 1460.473606][  T406] netlink: 12 bytes leftover after parsing attributes in process `syz.2.22432'.
[ 1460.495381][  T409] netlink: 8 bytes leftover after parsing attributes in process `syz.0.22434'.
[ 1460.508330][  T400] netlink: 12 bytes leftover after parsing attributes in process `syz.3.22431'.
[ 1460.566235][  T414] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1460.782838][  T431] syz_tun: mtu less than device minimum
[ 1460.874836][  T436] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 1460.905353][  T439] netlink: 8 bytes leftover after parsing attributes in process `syz.2.22443'.
[ 1460.978224][  T445] openvswitch: netlink: Geneve option length err (len 256, max 255).
[ 1461.113003][  T450] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1461.135863][  T452] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not security
[ 1461.206603][  T449] tipc: Disabling bearer <eth:syzkaller0>
[ 1461.256952][  T467] netlink: 'syz.1.22449': attribute type 21 has an invalid length.
[ 1461.381087][  T470] syzkaller0: entered promiscuous mode
[ 1461.445612][  T475] "syz.1.22453" (475) uses obsolete ecb(arc4) skcipher
[ 1461.540584][  T481] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1461.553126][  T483] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[ 1462.024326][  T513] FAULT_INJECTION: forcing a failure.
[ 1462.024326][  T513] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1462.038093][  T513] CPU: 0 UID: 0 PID: 513 Comm: syz.2.22469 Not tainted syzkaller #0 PREEMPT(full) 
[ 1462.038119][  T513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1462.038130][  T513] Call Trace:
[ 1462.038139][  T513]  <TASK>
[ 1462.038147][  T513]  dump_stack_lvl+0xe8/0x150
[ 1462.038177][  T513]  should_fail_ex+0x412/0x560
[ 1462.038205][  T513]  _copy_to_user+0x31/0xb0
[ 1462.038225][  T513]  hidp_sock_ioctl+0x43b/0x650
[ 1462.038250][  T513]  ? __pfx_hidp_sock_ioctl+0x10/0x10
[ 1462.038318][  T513]  ? do_vfs_ioctl+0x1166/0x1530
[ 1462.038351][  T513]  sock_do_ioctl+0x101/0x320
[ 1462.038376][  T513]  ? __pfx_sock_do_ioctl+0x10/0x10
[ 1462.038393][  T513]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[ 1462.038426][  T513]  sock_ioctl+0x5c6/0x7f0
[ 1462.038446][  T513]  ? __pfx_sock_ioctl+0x10/0x10
[ 1462.038466][  T513]  ? __fget_files+0x2a/0x420
[ 1462.038498][  T513]  ? __fget_files+0x3a0/0x420
[ 1462.038521][  T513]  ? __fget_files+0x2a/0x420
[ 1462.038549][  T513]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1462.038571][  T513]  ? __pfx_sock_ioctl+0x10/0x10
[ 1462.038591][  T513]  __se_sys_ioctl+0xfc/0x170
[ 1462.038612][  T513]  do_syscall_64+0x14d/0xf80
[ 1462.038628][  T513]  ? trace_irq_disable+0x3b/0x150
[ 1462.038651][  T513]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1462.038670][  T513]  ? clear_bhb_loop+0x40/0x90
[ 1462.038692][  T513]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1462.038710][  T513] RIP: 0033:0x7f9e4d79c799
[ 1462.038728][  T513] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1462.038743][  T513] RSP: 002b:00007f9e4e5d1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1462.038763][  T513] RAX: ffffffffffffffda RBX: 00007f9e4da15fa0 RCX: 00007f9e4d79c799
[ 1462.038776][  T513] RDX: 00002000000000c0 RSI: 00000000800448d3 RDI: 0000000000000004
[ 1462.038795][  T513] RBP: 00007f9e4e5d1090 R08: 0000000000000000 R09: 0000000000000000
[ 1462.038807][  T513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1462.038819][  T513] R13: 00007f9e4da16038 R14: 00007f9e4da15fa0 R15: 00007ffedcf98d38
[ 1462.038849][  T513]  </TASK>
[ 1462.310039][  T520] netlink: 'syz.4.22472': attribute type 10 has an invalid length.
[ 1462.336403][  T520] team0: Port device netdevsim0 added
[ 1462.417841][  T524] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1462.428807][  T524] xt_hashlimit: Unknown mode mask C4, kernel too old?
[ 1462.609320][  T541] xt_hashlimit: max too large, truncated to 1048576
[ 1462.779723][  T553] netlink: Conntrack attr type has unexpected length (type=2, length=0, expected=2)
[ 1462.829084][T10525] hid-generic 0005:0B57:0000.000E: item fetching failed at offset 0/1
[ 1462.841016][T10523] page_pool_release_retry() stalled pool shutdown: id 131, 1 inflight 966 sec
[ 1462.850611][T10525] hid-generic 0005:0B57:0000.000E: probe with driver hid-generic failed with error -22
[ 1462.945606][  T564] mac80211_hwsim hwsim92 syzkaller0: left promiscuous mode
[ 1462.953741][  T564] mac80211_hwsim hwsim92 syzkaller0: left allmulticast mode
[ 1462.961963][  T564] tipc: Resetting bearer <eth:syzkaller0>
[ 1462.998571][  T563] bridge1: port 1(veth3) entered blocking state
[ 1463.009210][  T563] bridge1: port 1(veth3) entered disabled state
[ 1463.016657][  T563] veth3: entered allmulticast mode
[ 1463.025992][  T563] veth3: entered promiscuous mode
[ 1463.033320][  T570] __nla_validate_parse: 5 callbacks suppressed
[ 1463.033340][  T570] netlink: 36 bytes leftover after parsing attributes in process `syz.0.22489'.
[ 1463.065076][  T571] bridge1: port 2(veth0_to_bond) entered blocking state
[ 1463.083783][  T571] bridge1: port 2(veth0_to_bond) entered disabled state
[ 1463.092858][  T571] veth0_to_bond: entered allmulticast mode
[ 1463.103998][  T571] veth0_to_bond: entered promiscuous mode
[ 1463.252226][  T580] xt_SECMARK: mode already set to 1 cannot mix with rules for mode 9
[ 1463.272129][  T582] netlink: 4 bytes leftover after parsing attributes in process `syz.1.22494'.
[ 1463.325032][  T583] netlink: 'syz.1.22494': attribute type 21 has an invalid length.
[ 1463.408819][  T595] netlink: 'syz.3.22500': attribute type 10 has an invalid length.
[ 1463.425093][  T583] netlink: 'syz.1.22494': attribute type 1 has an invalid length.
[ 1463.848186][  T612] netlink: 24 bytes leftover after parsing attributes in process `syz.0.22506'.
[ 1463.952088][  T612] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1463.980320][  T628] netlink: 96 bytes leftover after parsing attributes in process `syz.2.22511'.
[ 1464.254393][  T633] openvswitch: netlink: Flow key attribute not present in set flow.
[ 1464.454665][  T640] netlink: 36 bytes leftover after parsing attributes in process `syz.1.22514'.
[ 1464.457924][  T639] syzkaller1: entered promiscuous mode
[ 1464.488146][  T639] syzkaller1: entered allmulticast mode
[ 1464.748547][  T649] sch_tbf: burst 4 is lower than device syzkaller0 mtu (1500) !
[ 1464.815894][  T651] syzkaller0: entered promiscuous mode
[ 1464.833122][  T651] syzkaller0: entered allmulticast mode
[ 1464.861669][  T651] netlink: 248 bytes leftover after parsing attributes in process `syz.3.22519'.
[ 1464.891224][T31367] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1464.903423][T31367] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1464.916047][T31367] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1464.926011][T31367] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1464.934613][T31367] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1465.010778][  T659] netlink: 244 bytes leftover after parsing attributes in process `syz.2.22521'.
[ 1465.053917][  T661] netlink: 8 bytes leftover after parsing attributes in process `syz.1.22522'.
[ 1465.184746][  T661] netlink: 212048 bytes leftover after parsing attributes in process `syz.1.22522'.
[ 1465.348102][  T672] veth0: entered promiscuous mode
[ 1465.406904][  T672] netlink: 8 bytes leftover after parsing attributes in process `syz.3.22525'.
[ 1465.458354][  T676] netlink: 'syz.2.22527': attribute type 32 has an invalid length.
[ 1465.498348][T20252] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1465.525032][  T671] veth0: left promiscuous mode
[ 1465.575210][  T679] syzkaller0: entered promiscuous mode
[ 1465.580896][  T679] syzkaller0: entered allmulticast mode
[ 1465.626403][T20252] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1465.746384][  T691] Cannot find add_set index 1 as target
[ 1467.023948][ T5828] Bluetooth: hci3: command tx timeout
[ 1468.167154][T20252] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1468.283889][  T699] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1468.292358][  T699] team0: left promiscuous mode
[ 1468.297789][  T699] team_slave_0: left promiscuous mode
[ 1468.305234][  T699] team_slave_1: left promiscuous mode
[ 1468.308825][  T705] netlink: 12 bytes leftover after parsing attributes in process `syz.2.22537'.
[ 1468.313792][  T699] 8021q: adding VLAN 0 to HW filter on device team0
[ 1468.336367][  T706] netlink: 64 bytes leftover after parsing attributes in process `syz.3.22535'.
[ 1468.347377][  T699] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1468.425417][T20252] team0: Port device netdevsim0 removed
[ 1468.439741][T20252] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1468.444082][  T712] netlink: 14 bytes leftover after parsing attributes in process `syz.1.22539'.
[ 1468.577167][  T718] Cannot find add_set index 1 as target
[ 1468.675054][  T652] chnl_net:caif_netlink_parms(): no params data found
[ 1468.798537][T20257] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1468.865513][T20262] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1468.889651][T20262] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1468.937287][T20257] netdevsim netdevsim4 eth4: set [0, 0] type 1 family 0 port 8472 - 0
[ 1468.972973][  T652] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1468.980262][  T652] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1468.987543][  T652] bridge_slave_0: entered allmulticast mode
[ 1469.011159][  T652] bridge_slave_0: entered promiscuous mode
[ 1469.027708][T20252] veth0_to_bond: left allmulticast mode
[ 1469.035069][T20252] veth0_to_bond: left promiscuous mode
[ 1469.043517][T20252] bridge1: port 2(veth0_to_bond) entered disabled state
[ 1469.080420][ T5828] Bluetooth: hci3: command tx timeout
[ 1469.104422][T20252] veth3: left allmulticast mode
[ 1469.115471][T20252] veth3: left promiscuous mode
[ 1469.127826][T20252] bridge1: port 1(veth3) entered disabled state
[ 1469.322543][  T744] netlink: 8 bytes leftover after parsing attributes in process `syz.3.22546'.
[ 1469.536424][  T755] netlink: 212048 bytes leftover after parsing attributes in process `syz.3.22546'.
[ 1469.622259][  T759] netlink: 248 bytes leftover after parsing attributes in process `syz.0.22548'.
[ 1469.637055][  T759] netlink: 52 bytes leftover after parsing attributes in process `syz.0.22548'.
[ 1469.707954][T20252] bond0 (unregistering): Released all slaves
[ 1469.735908][T20252] bond1 (unregistering): Released all slaves
[ 1469.753655][  T652] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1469.762199][  T652] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1469.769568][  T652] bridge_slave_1: entered allmulticast mode
[ 1469.778880][  T652] bridge_slave_1: entered promiscuous mode
[ 1469.806578][  T744] ip6erspan1: entered promiscuous mode
[ 1469.822074][T20252] tipc: Left network mode
[ 1469.839256][T27556] lec:lec_start_xmit: lec0:No lecd attached
[ 1469.851635][  T652] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1469.866176][  T652] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1469.972266][  T652] team0: Port device team_slave_0 added
[ 1469.985488][  T652] team0: Port device team_slave_1 added
[ 1470.129891][  T652] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1470.138869][  T652] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1470.179240][  T774] netlink: 'syz.3.22553': attribute type 10 has an invalid length.
[ 1470.193857][  T652] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1470.237216][  T652] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1470.252260][  T782] netlink: 14 bytes leftover after parsing attributes in process `syz.3.22553'.
[ 1470.264144][  T652] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1470.308846][  T652] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1470.334342][  T786] Cannot find add_set index 1 as target
[ 1470.371254][  T774] team0: Device vxcan1 is of different type
[ 1470.634429][  T802] netlink: 16 bytes leftover after parsing attributes in process `syz.1.22557'.
[ 1470.804332][  T782] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1470.833165][  T782] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1470.876486][  T809] netlink: 36 bytes leftover after parsing attributes in process `syz.1.22560'.
[ 1470.889182][  T782] bond0 (unregistering): (slave wlan1): Releasing backup interface
[ 1470.908694][  T782] bond0 (unregistering): Released all slaves
[ 1471.038053][  T652] hsr_slave_0: entered promiscuous mode
[ 1471.059747][  T652] hsr_slave_1: entered promiscuous mode
[ 1471.072136][  T819] x_tables: duplicate underflow at hook 2
[ 1471.073239][  T652] debugfs: 'hsr0' already exists in 'hsr'
[ 1471.096592][  T652] Cannot create hsr debugfs directory
[ 1471.164558][ T5828] Bluetooth: hci3: command tx timeout
[ 1471.205655][  T821] netlink: 'syz.3.22562': attribute type 7 has an invalid length.
[ 1471.238952][  T823] netlink: 'syz.2.22563': attribute type 3 has an invalid length.
[ 1471.274809][  T825] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1471.490665][T20252] hsr_slave_0: left promiscuous mode
[ 1471.496820][T20252] hsr_slave_1: left promiscuous mode
[ 1471.517229][T20252] veth1_macvtap: left promiscuous mode
[ 1471.524020][T20252] veth0_macvtap: left promiscuous mode
[ 1471.532121][T20252] veth1_vlan: left promiscuous mode
[ 1471.538440][T20252] veth0_vlan: left promiscuous mode
[ 1472.208689][  T839] syzkaller1: entered promiscuous mode
[ 1472.214642][  T839] syzkaller1: entered allmulticast mode
[ 1472.492695][  T876] syzkaller0: entered promiscuous mode
[ 1472.498312][  T876] syzkaller0: entered allmulticast mode
[ 1472.544188][  T652] netdevsim netdevsim4 eth4 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1472.566675][  T879] netlink: Conntrack attr type has unexpected length (type=2, length=0, expected=2)
[ 1472.589400][  T879] FAULT_INJECTION: forcing a failure.
[ 1472.589400][  T879] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1472.605574][  T879] CPU: 0 UID: 0 PID: 879 Comm: syz.3.22576 Not tainted syzkaller #0 PREEMPT(full) 
[ 1472.605598][  T879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1472.605607][  T879] Call Trace:
[ 1472.605614][  T879]  <TASK>
[ 1472.605620][  T879]  dump_stack_lvl+0xe8/0x150
[ 1472.605645][  T879]  should_fail_ex+0x412/0x560
[ 1472.605667][  T879]  _copy_from_user+0x2d/0xb0
[ 1472.605689][  T879]  kstrtouint_from_user+0xd6/0x180
[ 1472.605708][  T879]  ? __pfx_kstrtouint_from_user+0x10/0x10
[ 1472.605737][  T879]  proc_fail_nth_write+0x8e/0x210
[ 1472.605756][  T879]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1472.605778][  T879]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1472.605797][  T879]  vfs_write+0x29a/0xb90
[ 1472.605819][  T879]  ? __pfx_vfs_write+0x10/0x10
[ 1472.605843][  T879]  ? __fget_files+0x2a/0x420
[ 1472.605865][  T879]  ? __fget_files+0x3a0/0x420
[ 1472.605901][  T879]  ? __fget_files+0x2a/0x420
[ 1472.605926][  T879]  ksys_write+0x150/0x270
[ 1472.605942][  T879]  ? __pfx_ksys_write+0x10/0x10
[ 1472.605965][  T879]  do_syscall_64+0x14d/0xf80
[ 1472.605978][  T879]  ? trace_irq_disable+0x3b/0x150
[ 1472.605997][  T879]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1472.606011][  T879]  ? clear_bhb_loop+0x40/0x90
[ 1472.606027][  T879]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1472.606040][  T879] RIP: 0033:0x7f839675cfce
[ 1472.606055][  T879] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1472.606076][  T879] RSP: 002b:00007f83975f9fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1472.606092][  T879] RAX: ffffffffffffffda RBX: 00007f83975fa6c0 RCX: 00007f839675cfce
[ 1472.606102][  T879] RDX: 0000000000000001 RSI: 00007f83975fa0a0 RDI: 0000000000000006
[ 1472.606110][  T879] RBP: 00007f83975fa090 R08: 0000000000000000 R09: 0000000000000000
[ 1472.606119][  T879] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1472.606127][  T879] R13: 00007f8396a16038 R14: 00007f8396a15fa0 R15: 00007ffd877f1ae8
[ 1472.606150][  T879]  </TASK>
[ 1472.822230][  T876] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1472.848993][T20252] IPVS: stop unused estimator thread 0...
[ 1473.007502][  T652] netdevsim netdevsim4 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1473.055782][  T875] tipc: Resetting bearer <eth:syzkaller0>
[ 1473.108662][  T875] tipc: Disabling bearer <eth:syzkaller0>
[ 1473.157392][  T652] netdevsim netdevsim4 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1473.240817][ T5828] Bluetooth: hci3: command tx timeout
[ 1473.302846][  T652] netdevsim netdevsim4 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1473.381348][  T911] FAULT_INJECTION: forcing a failure.
[ 1473.381348][  T911] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1473.396312][  T911] CPU: 1 UID: 0 PID: 911 Comm: syz.0.22581 Not tainted syzkaller #0 PREEMPT(full) 
[ 1473.396339][  T911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1473.396350][  T911] Call Trace:
[ 1473.396358][  T911]  <TASK>
[ 1473.396366][  T911]  dump_stack_lvl+0xe8/0x150
[ 1473.396396][  T911]  should_fail_ex+0x412/0x560
[ 1473.396425][  T911]  _copy_to_user+0x31/0xb0
[ 1473.396445][  T911]  simple_read_from_buffer+0xe1/0x170
[ 1473.396474][  T911]  proc_fail_nth_read+0x1bb/0x230
[ 1473.396501][  T911]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1473.396526][  T911]  ? rw_verify_area+0x2a6/0x4d0
[ 1473.396544][  T911]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1473.396566][  T911]  vfs_read+0x20c/0xa70
[ 1473.396582][  T911]  ? fdget_pos+0x246/0x320
[ 1473.396609][  T911]  ? __pfx___mutex_lock+0x10/0x10
[ 1473.396628][  T911]  ? __pfx_vfs_read+0x10/0x10
[ 1473.396648][  T911]  ? __fget_files+0x2a/0x420
[ 1473.396676][  T911]  ? __fget_files+0x3a0/0x420
[ 1473.396698][  T911]  ? __fget_files+0x2a/0x420
[ 1473.396731][  T911]  ksys_read+0x150/0x270
[ 1473.396752][  T911]  ? __pfx_ksys_read+0x10/0x10
[ 1473.396781][  T911]  do_syscall_64+0x14d/0xf80
[ 1473.396797][  T911]  ? trace_irq_disable+0x3b/0x150
[ 1473.396820][  T911]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1473.396838][  T911]  ? clear_bhb_loop+0x40/0x90
[ 1473.396859][  T911]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1473.396876][  T911] RIP: 0033:0x7fb45d55cfce
[ 1473.396894][  T911] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1473.396909][  T911] RSP: 002b:00007fb45e404fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1473.396928][  T911] RAX: ffffffffffffffda RBX: 00007fb45e4056c0 RCX: 00007fb45d55cfce
[ 1473.396941][  T911] RDX: 000000000000000f RSI: 00007fb45e4050a0 RDI: 0000000000000004
[ 1473.396952][  T911] RBP: 00007fb45e405090 R08: 0000000000000000 R09: 0000000000000000
[ 1473.396963][  T911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1473.396974][  T911] R13: 00007fb45d816128 R14: 00007fb45d816090 R15: 00007ffe6088ce58
[ 1473.397004][  T911]  </TASK>
[ 1473.624299][  T652] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1473.636531][  T652] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1473.663724][  T652] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1473.679522][  T652] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1473.733278][  T920] __nla_validate_parse: 7 callbacks suppressed
[ 1473.733296][  T920] netlink: 300 bytes leftover after parsing attributes in process `syz.0.22582'.
[ 1473.815515][  T890] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[ 1473.982492][  T943] netlink: 12 bytes leftover after parsing attributes in process `syz.0.22584'.
[ 1474.054677][  T652] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1474.123622][  T652] 8021q: adding VLAN 0 to HW filter on device team0
[ 1474.153119][  T957] netlink: 4 bytes leftover after parsing attributes in process `syz.1.22587'.
[ 1474.175951][T20257] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1474.183776][T20257] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1474.225979][  T961] openvswitch: netlink: Geneve option length err (len 256, max 255).
[ 1474.248600][T20257] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1474.255826][T20257] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1474.445353][  T979] mac80211_hwsim hwsim92 syzkaller0: entered promiscuous mode
[ 1474.454415][  T979] mac80211_hwsim hwsim92 syzkaller0: entered allmulticast mode
[ 1474.463637][  T979] tipc: Resetting bearer <eth:syzkaller0>
[ 1474.690785][T28420] hid-generic 0005:0C45:0000.000F: item fetching failed at offset 0/1
[ 1474.723859][T28420] hid-generic 0005:0C45:0000.000F: probe with driver hid-generic failed with error -22
[ 1474.796375][  T652] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1474.823760][  T999] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.22595'.
[ 1474.855015][  T999] netlink: 8 bytes leftover after parsing attributes in process `syz.1.22595'.
[ 1474.883109][  T999] netlink: 212048 bytes leftover after parsing attributes in process `syz.1.22595'.
[ 1475.228516][ T1026] netlink: 'syz.2.22598': attribute type 1 has an invalid length.
[ 1475.276569][ T1026] netlink: 228 bytes leftover after parsing attributes in process `syz.2.22598'.
[ 1475.291683][ T1026] netlink: 8 bytes leftover after parsing attributes in process `syz.2.22598'.
[ 1475.319987][    C1] lec0: NETDEV WATCHDOG: CPU: 1: transmit queue 0 timed out 5480 ms
[ 1475.328096][    C1] lec:lec_tx_timeout: lec0
[ 1475.446698][ T1036] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1475.468963][  T652] veth0_vlan: entered promiscuous mode
[ 1475.491545][ T1032] syzkaller0: entered promiscuous mode
[ 1475.510517][ T1032] syzkaller0: entered allmulticast mode
[ 1475.532559][ T1043] netlink: 'syz.2.22602': attribute type 3 has an invalid length.
[ 1475.570150][ T1043] netlink: 766 bytes leftover after parsing attributes in process `syz.2.22602'.
[ 1475.594025][  T652] veth1_vlan: entered promiscuous mode
[ 1475.609503][ T1032] tipc: Resetting bearer <eth:syzkaller0>
[ 1475.672989][ T1032] tipc: Disabling bearer <eth:syzkaller0>
[ 1475.753834][ T1053] netlink: 8 bytes leftover after parsing attributes in process `syz.0.22604'.
[ 1475.775924][  T652] veth0_macvtap: entered promiscuous mode
[ 1475.791093][  T652] veth1_macvtap: entered promiscuous mode
[ 1475.833734][  T652] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1475.903783][  T652] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1475.940553][T20262] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1475.949352][T20262] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1476.022872][T20262] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1476.060133][T20262] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1476.252820][ T1087] syzkaller1: entered promiscuous mode
[ 1476.258426][ T1087] syzkaller1: entered allmulticast mode
[ 1476.276841][T20270] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1476.293148][T20270] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1476.426506][T20270] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1476.454905][T20270] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1476.679033][ T1114] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1476.772077][ T1114] bond0 (unregistering): Released all slaves
[ 1476.917239][ T1113] tipc: Disabling bearer <eth:syzkaller0>
[ 1476.962885][ T1127] syz_tun: entered allmulticast mode
[ 1476.998728][ T1126] syz_tun: left allmulticast mode
[ 1477.061537][ T1088] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1477.086654][ T1134] syzkaller1: left promiscuous mode
[ 1477.100803][ T1134] syzkaller1: left allmulticast mode
[ 1478.249738][ T1183] mac80211_hwsim hwsim92 syzkaller0: left allmulticast mode
[ 1478.257523][ T1183] tipc: Resetting bearer <eth:syzkaller0>
[ 1478.264651][ T1211] netlink: 'syz.2.22638': attribute type 3 has an invalid length.
[ 1478.328600][ T1213] netlink: 'syz.2.22639': attribute type 1 has an invalid length.
[ 1478.377565][ T1216] nbd: must specify a device to reconfigure
[ 1478.387245][ T1216] netlink: 'syz.4.22640': attribute type 10 has an invalid length.
[ 1478.421358][ T1216] team0: Port device netdevsim0 added
[ 1478.487448][ T1223] netlink: 'syz.2.22643': attribute type 1 has an invalid length.
[ 1478.538433][ T1223] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1478.562483][ T1223] bond1: (slave geneve2): making interface the new active one
[ 1478.572194][ T1223] bond1: (slave geneve2): Enslaving as an active interface with an up link
[ 1478.581714][T20270] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[ 1478.611588][T20270] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[ 1478.665315][ T1223] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1478.725399][T20270] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[ 1478.757550][T20270] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[ 1478.823626][ T1245] netlink: 'syz.2.22650': attribute type 1 has an invalid length.
[ 1478.909317][ T1248] bond2: (slave ip6gre1): The slave device specified does not support setting the MAC address
[ 1478.921975][ T1248] bond2: (slave ip6gre1): Setting fail_over_mac to active for active-backup mode
[ 1478.936594][ T1248] bond2: (slave ip6gre1): making interface the new active one
[ 1478.946247][ T1248] bond2: (slave ip6gre1): Enslaving as an active interface with an up link
[ 1479.066398][ T1260] __nla_validate_parse: 10 callbacks suppressed
[ 1479.066424][ T1260] netlink: 8 bytes leftover after parsing attributes in process `syz.1.22653'.
[ 1479.729411][ T1304] netdevsim netdevsim2: Direct firmware load for . failed with error -2
[ 1479.749497][T10525] hid-generic 0005:0B57:0000.0010: item fetching failed at offset 0/1
[ 1479.769608][T10525] hid-generic 0005:0B57:0000.0010: probe with driver hid-generic failed with error -22
[ 1479.772387][ T1304] netdevsim netdevsim2: Falling back to sysfs fallback for: .
[ 1479.986249][ T1316] bond2: option tlb_dynamic_lb: mode dependency failed, not supported in mode balance-xor(2)
[ 1480.002073][ T1316] bond2 (unregistering): Released all slaves
[ 1480.159484][ T1335] netlink: 211792 bytes leftover after parsing attributes in process `syz.4.22678'.
[ 1480.293641][ T1343] openvswitch: netlink: Geneve option length err (len 256, max 255).
[ 1480.341569][ T1340] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[ 1480.629833][ T1358] xt_CHECKSUM: unsupported CHECKSUM operation 68
[ 1480.639435][ T1358] netlink: 20 bytes leftover after parsing attributes in process `syz.2.22687'.
[ 1480.933718][ T1361] netlink: 208 bytes leftover after parsing attributes in process `syz.3.22688'.
[ 1480.947304][ T1361] netlink: 8 bytes leftover after parsing attributes in process `syz.3.22688'.
[ 1480.957105][ T1361] netlink: 8 bytes leftover after parsing attributes in process `syz.3.22688'.
[ 1481.031908][ T1363] netlink: 'syz.4.22689': attribute type 10 has an invalid length.
[ 1481.040604][ T1363] netlink: 396 bytes leftover after parsing attributes in process `syz.4.22689'.
[ 1481.267840][ T1374] netlink: 778 bytes leftover after parsing attributes in process `syz.1.22695'.
[ 1481.473014][ T1387] netlink: 88 bytes leftover after parsing attributes in process `syz.1.22700'.
[ 1481.534272][ T1389] netlink: 24 bytes leftover after parsing attributes in process `syz.1.22702'.
[ 1481.627744][ T1395] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1481.649183][ T1397] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1481.659002][ T1399] FAULT_INJECTION: forcing a failure.
[ 1481.659002][ T1399] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1481.672902][ T1399] CPU: 0 UID: 0 PID: 1399 Comm: syz.2.22706 Not tainted syzkaller #0 PREEMPT(full) 
[ 1481.672925][ T1399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1481.672934][ T1399] Call Trace:
[ 1481.672940][ T1399]  <TASK>
[ 1481.672947][ T1399]  dump_stack_lvl+0xe8/0x150
[ 1481.672970][ T1399]  should_fail_ex+0x412/0x560
[ 1481.672988][ T1399]  _copy_from_user+0x2d/0xb0
[ 1481.673006][ T1399]  ___sys_recvmsg+0x175/0x590
[ 1481.673021][ T1399]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1481.673044][ T1399]  ? __fget_files+0x3a0/0x420
[ 1481.673065][ T1399]  do_recvmmsg+0x334/0x800
[ 1481.673080][ T1399]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1481.673096][ T1399]  ? _copy_from_user+0x94/0xb0
[ 1481.673118][ T1399]  __x64_sys_recvmmsg+0x1b7/0x250
[ 1481.673130][ T1399]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1481.673147][ T1399]  do_syscall_64+0x14d/0xf80
[ 1481.673157][ T1399]  ? trace_irq_disable+0x3b/0x150
[ 1481.673172][ T1399]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1481.673183][ T1399]  ? clear_bhb_loop+0x40/0x90
[ 1481.673196][ T1399]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1481.673211][ T1399] RIP: 0033:0x7f9e4d79c799
[ 1481.673230][ T1399] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1481.673244][ T1399] RSP: 002b:00007f9e4e5d1028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1481.673264][ T1399] RAX: ffffffffffffffda RBX: 00007f9e4da15fa0 RCX: 00007f9e4d79c799
[ 1481.673275][ T1399] RDX: 04000000000003b4 RSI: 00002000000037c0 RDI: 0000000000000003
[ 1481.673285][ T1399] RBP: 00007f9e4e5d1090 R08: 0000200000003700 R09: 0000000000000000
[ 1481.673295][ T1399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1481.673306][ T1399] R13: 00007f9e4da16038 R14: 00007f9e4da15fa0 R15: 00007ffedcf98d38
[ 1481.673326][ T1399]  </TASK>
[ 1482.124661][ T1415] syzkaller0: entered promiscuous mode
[ 1482.138392][ T1408] A link change request failed with some changes committed already. Interface xfrm0 may have been left with an inconsistent configuration, please check.
[ 1482.232970][ T1420] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1482.306173][ T1420] syzkaller0: entered promiscuous mode
[ 1482.314875][ T1420] syzkaller0: entered allmulticast mode
[ 1482.321511][ T1420] tipc: Resetting bearer <eth:syzkaller0>
[ 1482.343915][ T1419] tipc: Resetting bearer <eth:syzkaller0>
[ 1482.590531][ T1443] netlink: 'syz.0.22718': attribute type 10 has an invalid length.
[ 1482.808253][ T1447] 
[ 1482.810624][ T1447] ======================================================
[ 1482.817741][ T1447] WARNING: possible circular locking dependency detected
[ 1482.824836][ T1447] syzkaller #0 Not tainted
[ 1482.829246][ T1447] ------------------------------------------------------
[ 1482.836255][ T1447] syz.2.22717/1447 is trying to acquire lock:
[ 1482.842328][ T1447] ffff8880266318b0 (&q->elevator_lock){+.+.}-{4:4}, at: elevator_change+0x1b3/0x450
[ 1482.851818][ T1447] 
[ 1482.851818][ T1447] but task is already holding lock:
[ 1482.859256][ T1447] ffff888026631370 (&q->q_usage_counter(io)#54){++++}-{0:0}, at: elevator_change+0x198/0x450
[ 1482.869434][ T1447] 
[ 1482.869434][ T1447] which lock already depends on the new lock.
[ 1482.869434][ T1447] 
[ 1482.879834][ T1447] 
[ 1482.879834][ T1447] the existing dependency chain (in reverse order) is:
[ 1482.888869][ T1447] 
[ 1482.888869][ T1447] -> #6 (&q->q_usage_counter(io)#54){++++}-{0:0}:
[ 1482.897563][ T1447]        blk_alloc_queue+0x546/0x680
[ 1482.902986][ T1447]        __blk_mq_alloc_disk+0x197/0x390
[ 1482.908688][ T1447]        nbd_dev_add+0x499/0xb50
[ 1482.913641][ T1447]        nbd_init+0x168/0x1f0
[ 1482.918442][ T1447]        do_one_initcall+0x250/0x8d0
[ 1482.923733][ T1447]        do_initcall_level+0x104/0x190
[ 1482.929205][ T1447]        do_initcalls+0x59/0xa0
[ 1482.934069][ T1447]        kernel_init_freeable+0x2a6/0x3e0
[ 1482.939886][ T1447]        kernel_init+0x1d/0x1d0
[ 1482.944800][ T1447]        ret_from_fork+0x51e/0xb90
[ 1482.949930][ T1447]        ret_from_fork_asm+0x1a/0x30
[ 1482.955252][ T1447] 
[ 1482.955252][ T1447] -> #5 (fs_reclaim){+.+.}-{0:0}:
[ 1482.962640][ T1447]        fs_reclaim_acquire+0x71/0x100
[ 1482.968121][ T1447]        kmem_cache_alloc_node_noprof+0x4a/0x690
[ 1482.974455][ T1447]        __alloc_skb+0x1d0/0x7d0
[ 1482.979783][ T1447]        tcp_stream_alloc_skb+0x3f/0x580
[ 1482.985484][ T1447]        tcp_sendmsg_locked+0x1375/0x5490
[ 1482.991372][ T1447]        tcp_sendmsg+0x2f/0x50
[ 1482.996133][ T1447]        sock_write_iter+0x406/0x4f0
[ 1483.001519][ T1447]        vfs_write+0x61d/0xb90
[ 1483.006271][ T1447]        ksys_write+0x150/0x270
[ 1483.011107][ T1447]        do_syscall_64+0x14d/0xf80
[ 1483.016225][ T1447]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1483.022630][ T1447] 
[ 1483.022630][ T1447] -> #4 (sk_lock-AF_INET){+.+.}-{0:0}:
[ 1483.030350][ T1447]        lock_sock_nested+0x48/0x100
[ 1483.035739][ T1447]        inet_shutdown+0x6a/0x390
[ 1483.040767][ T1447]        nbd_mark_nsock_dead+0x2e9/0x560
[ 1483.046498][ T1447]        recv_work+0x1c7f/0x1d90
[ 1483.051522][ T1447]        process_scheduled_works+0xb02/0x1830
[ 1483.057585][ T1447]        worker_thread+0xa50/0xfc0
[ 1483.062716][ T1447]        kthread+0x388/0x470
[ 1483.067292][ T1447]        ret_from_fork+0x51e/0xb90
[ 1483.072395][ T1447]        ret_from_fork_asm+0x1a/0x30
[ 1483.077676][ T1447] 
[ 1483.077676][ T1447] -> #3 (&nsock->tx_lock){+.+.}-{4:4}:
[ 1483.085306][ T1447]        __mutex_lock+0x19f/0x1300
[ 1483.090409][ T1447]        nbd_queue_rq+0x37b/0x1100
[ 1483.095537][ T1447]        blk_mq_dispatch_rq_list+0xa70/0x1910
[ 1483.101971][ T1447]        __blk_mq_sched_dispatch_requests+0xdcc/0x1600
[ 1483.108932][ T1447]        blk_mq_sched_dispatch_requests+0xd7/0x190
[ 1483.115439][ T1447]        blk_mq_run_hw_queue+0x348/0x4f0
[ 1483.121159][ T1447]        blk_mq_dispatch_list+0xd16/0xe10
[ 1483.126889][ T1447]        blk_mq_flush_plug_list+0x48d/0x570
[ 1483.132779][ T1447]        __blk_flush_plug+0x3ed/0x4d0
[ 1483.138138][ T1447]        __submit_bio+0x28d/0x580
[ 1483.143153][ T1447]        submit_bio_noacct_nocheck+0x2f4/0xa70
[ 1483.149293][ T1447]        block_read_full_folio+0x599/0x830
[ 1483.155183][ T1447]        filemap_read_folio+0x137/0x3b0
[ 1483.160899][ T1447]        do_read_cache_folio+0x358/0x590
[ 1483.166521][ T1447]        read_part_sector+0xb6/0x2b0
[ 1483.171867][ T1447]        adfspart_check_ICS+0xa5/0xa40
[ 1483.177319][ T1447]        bdev_disk_changed+0x7ba/0x1550
[ 1483.182871][ T1447]        blkdev_get_whole+0x380/0x510
[ 1483.188307][ T1447]        bdev_open+0x31e/0xd30
[ 1483.193096][ T1447]        blkdev_open+0x470/0x610
[ 1483.198109][ T1447]        do_dentry_open+0x785/0x14e0
[ 1483.203388][ T1447]        vfs_open+0x3b/0x340
[ 1483.207975][ T1447]        path_openat+0x2e08/0x3860
[ 1483.213084][ T1447]        do_file_open+0x23e/0x4a0
[ 1483.218118][ T1447]        do_sys_openat2+0x113/0x200
[ 1483.223310][ T1447]        __x64_sys_openat+0x138/0x170
[ 1483.228690][ T1447]        do_syscall_64+0x14d/0xf80
[ 1483.233797][ T1447]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1483.240377][ T1447] 
[ 1483.240377][ T1447] -> #2 (&cmd->lock){+.+.}-{4:4}:
[ 1483.247613][ T1447]        __mutex_lock+0x19f/0x1300
[ 1483.252736][ T1447]        nbd_queue_rq+0xc6/0x1100
[ 1483.257757][ T1447]        blk_mq_dispatch_rq_list+0xa70/0x1910
[ 1483.263829][ T1447]        __blk_mq_sched_dispatch_requests+0xdcc/0x1600
[ 1483.270674][ T1447]        blk_mq_sched_dispatch_requests+0xd7/0x190
[ 1483.277185][ T1447]        blk_mq_run_hw_queue+0x348/0x4f0
[ 1483.282823][ T1447]        blk_mq_dispatch_list+0xd16/0xe10
[ 1483.288527][ T1447]        blk_mq_flush_plug_list+0x48d/0x570
[ 1483.294585][ T1447]        __blk_flush_plug+0x3ed/0x4d0
[ 1483.300031][ T1447]        __submit_bio+0x28d/0x580
[ 1483.305065][ T1447]        submit_bio_noacct_nocheck+0x2f4/0xa70
[ 1483.311211][ T1447]        block_read_full_folio+0x599/0x830
[ 1483.317006][ T1447]        filemap_read_folio+0x137/0x3b0
[ 1483.322538][ T1447]        do_read_cache_folio+0x358/0x590
[ 1483.328156][ T1447]        read_part_sector+0xb6/0x2b0
[ 1483.333529][ T1447]        adfspart_check_ICS+0xa5/0xa40
[ 1483.338989][ T1447]        bdev_disk_changed+0x7ba/0x1550
[ 1483.344549][ T1447]        blkdev_get_whole+0x380/0x510
[ 1483.349923][ T1447]        bdev_open+0x31e/0xd30
[ 1483.354832][ T1447]        blkdev_open+0x470/0x610
[ 1483.359796][ T1447]        do_dentry_open+0x785/0x14e0
[ 1483.365084][ T1447]        vfs_open+0x3b/0x340
[ 1483.369694][ T1447]        path_openat+0x2e08/0x3860
[ 1483.374810][ T1447]        do_file_open+0x23e/0x4a0
[ 1483.379824][ T1447]        do_sys_openat2+0x113/0x200
[ 1483.385013][ T1447]        __x64_sys_openat+0x138/0x170
[ 1483.390405][ T1447]        do_syscall_64+0x14d/0xf80
[ 1483.395521][ T1447]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1483.401956][ T1447] 
[ 1483.401956][ T1447] -> #1 (set->srcu){.+.+}-{0:0}:
[ 1483.409071][ T1447]        __synchronize_srcu+0xca/0x3e0
[ 1483.414520][ T1447]        elevator_switch+0x1e8/0x7a0
[ 1483.419796][ T1447]        elevator_change+0x2cc/0x450
[ 1483.425064][ T1447]        elevator_set_default+0x36c/0x430
[ 1483.430771][ T1447]        blk_register_queue+0x366/0x430
[ 1483.436302][ T1447]        __add_disk+0x677/0xd50
[ 1483.441175][ T1447]        add_disk_fwnode+0xfb/0x480
[ 1483.446373][ T1447]        nbd_dev_add+0x72c/0xb50
[ 1483.451313][ T1447]        nbd_init+0x168/0x1f0
[ 1483.455981][ T1447]        do_one_initcall+0x250/0x8d0
[ 1483.461289][ T1447]        do_initcall_level+0x104/0x190
[ 1483.466768][ T1447]        do_initcalls+0x59/0xa0
[ 1483.471713][ T1447]        kernel_init_freeable+0x2a6/0x3e0
[ 1483.477425][ T1447]        kernel_init+0x1d/0x1d0
[ 1483.482264][ T1447]        ret_from_fork+0x51e/0xb90
[ 1483.487379][ T1447]        ret_from_fork_asm+0x1a/0x30
[ 1483.492750][ T1447] 
[ 1483.492750][ T1447] -> #0 (&q->elevator_lock){+.+.}-{4:4}:
[ 1483.500551][ T1447]        __lock_acquire+0x15a5/0x2cf0
[ 1483.505921][ T1447]        lock_acquire+0xf0/0x2e0
[ 1483.510866][ T1447]        __mutex_lock+0x19f/0x1300
[ 1483.515968][ T1447]        elevator_change+0x1b3/0x450
[ 1483.521245][ T1447]        elevator_set_none+0xb5/0x140
[ 1483.526629][ T1447]        blk_mq_update_nr_hw_queues+0x5e7/0x1a60
[ 1483.533069][ T1447]        nbd_start_device+0x17f/0xb10
[ 1483.538461][ T1447]        nbd_genl_connect+0x165b/0x1cf0
[ 1483.544010][ T1447]        genl_family_rcv_msg_doit+0x22a/0x330
[ 1483.550076][ T1447]        genl_rcv_msg+0x61c/0x7a0
[ 1483.555097][ T1447]        netlink_rcv_skb+0x232/0x4b0
[ 1483.560373][ T1447]        genl_rcv+0x28/0x40
[ 1483.564862][ T1447]        netlink_unicast+0x80f/0x9b0
[ 1483.570165][ T1447]        netlink_sendmsg+0x813/0xb40
[ 1483.575441][ T1447]        ____sys_sendmsg+0x972/0x9f0
[ 1483.580720][ T1447]        ___sys_sendmsg+0x2a5/0x360
[ 1483.585907][ T1447]        __x64_sys_sendmsg+0x1bd/0x2a0
[ 1483.591373][ T1447]        do_syscall_64+0x14d/0xf80
[ 1483.596571][ T1447]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1483.603017][ T1447] 
[ 1483.603017][ T1447] other info that might help us debug this:
[ 1483.603017][ T1447] 
[ 1483.613250][ T1447] Chain exists of:
[ 1483.613250][ T1447]   &q->elevator_lock --> fs_reclaim --> &q->q_usage_counter(io)#54
[ 1483.613250][ T1447] 
[ 1483.626974][ T1447]  Possible unsafe locking scenario:
[ 1483.626974][ T1447] 
[ 1483.634429][ T1447]        CPU0                    CPU1
[ 1483.639778][ T1447]        ----                    ----
[ 1483.645138][ T1447]   lock(&q->q_usage_counter(io)#54);
[ 1483.650536][ T1447]                                lock(fs_reclaim);
[ 1483.657035][ T1447]                                lock(&q->q_usage_counter(io)#54);
[ 1483.664937][ T1447]   lock(&q->elevator_lock);
[ 1483.669516][ T1447] 
[ 1483.669516][ T1447]  *** DEADLOCK ***
[ 1483.669516][ T1447] 
[ 1483.677668][ T1447] 6 locks held by syz.2.22717/1447:
[ 1483.682889][ T1447]  #0: ffffffff8fc3ad30 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[ 1483.691090][ T1447]  #1: ffffffff8fc3ab48 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10b/0x7a0
[ 1483.700040][ T1447]  #2: ffff8880267961d0 (&set->update_nr_hwq_lock){++++}-{4:4}, at: blk_mq_update_nr_hw_queues+0xad/0x1a60
[ 1483.711542][ T1447]  #3: ffff8880267960d8 (&set->tag_list_lock){+.+.}-{4:4}, at: blk_mq_update_nr_hw_queues+0xc0/0x1a60
[ 1483.722500][ T1447]  #4: ffff888026631370 (&q->q_usage_counter(io)#54){++++}-{0:0}, at: elevator_change+0x198/0x450
[ 1483.733139][ T1447]  #5: ffff8880266313a8 (&q->q_usage_counter(queue)#38){+.+.}-{0:0}, at: elevator_change+0x198/0x450
[ 1483.744126][ T1447] 
[ 1483.744126][ T1447] stack backtrace:
[ 1483.750012][ T1447] CPU: 1 UID: 0 PID: 1447 Comm: syz.2.22717 Not tainted syzkaller #0 PREEMPT(full) 
[ 1483.750029][ T1447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1483.750036][ T1447] Call Trace:
[ 1483.750043][ T1447]  <TASK>
[ 1483.750050][ T1447]  dump_stack_lvl+0xe8/0x150
[ 1483.750069][ T1447]  print_circular_bug+0x2e1/0x300
[ 1483.750089][ T1447]  check_noncircular+0x12e/0x150
[ 1483.750106][ T1447]  __lock_acquire+0x15a5/0x2cf0
[ 1483.750125][ T1447]  lock_acquire+0xf0/0x2e0
[ 1483.750137][ T1447]  ? elevator_change+0x1b3/0x450
[ 1483.750150][ T1447]  __mutex_lock+0x19f/0x1300
[ 1483.750163][ T1447]  ? elevator_change+0x1b3/0x450
[ 1483.750173][ T1447]  ? rcu_is_watching+0x15/0xb0
[ 1483.750188][ T1447]  ? elevator_change+0x1b3/0x450
[ 1483.750199][ T1447]  ? __pfx___mutex_lock+0x10/0x10
[ 1483.750209][ T1447]  ? enable_work+0x17f/0x230
[ 1483.750225][ T1447]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1483.750243][ T1447]  ? __cancel_work_sync+0xf7/0x110
[ 1483.750258][ T1447]  ? blk_mq_cancel_work_sync+0xa5/0xe0
[ 1483.750270][ T1447]  elevator_change+0x1b3/0x450
[ 1483.750283][ T1447]  elevator_set_none+0xb5/0x140
[ 1483.750293][ T1447]  ? __pfx_elevator_set_none+0x10/0x10
[ 1483.750304][ T1447]  ? xa_load+0x1db/0x210
[ 1483.750316][ T1447]  blk_mq_update_nr_hw_queues+0x5e7/0x1a60
[ 1483.750332][ T1447]  ? kernfs_add_one+0x477/0x5c0
[ 1483.750349][ T1447]  ? __pfx_blk_mq_update_nr_hw_queues+0x10/0x10
[ 1483.750365][ T1447]  ? sysfs_add_file_mode_ns+0x259/0x300
[ 1483.750385][ T1447]  nbd_start_device+0x17f/0xb10
[ 1483.750403][ T1447]  ? device_create_file+0xf4/0x1b0
[ 1483.750414][ T1447]  nbd_genl_connect+0x165b/0x1cf0
[ 1483.750433][ T1447]  ? __pfx_nbd_genl_connect+0x10/0x10
[ 1483.750450][ T1447]  ? rcu_is_watching+0x15/0xb0
[ 1483.750466][ T1447]  ? __nla_parse+0x40/0x60
[ 1483.750483][ T1447]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[ 1483.750497][ T1447]  genl_family_rcv_msg_doit+0x22a/0x330
[ 1483.750510][ T1447]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1483.750524][ T1447]  ? __lock_acquire+0x6b5/0x2cf0
[ 1483.750538][ T1447]  genl_rcv_msg+0x61c/0x7a0
[ 1483.750549][ T1447]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1483.750559][ T1447]  ? __pfx_nbd_genl_connect+0x10/0x10
[ 1483.750574][ T1447]  ? __lock_acquire+0x6b5/0x2cf0
[ 1483.750589][ T1447]  netlink_rcv_skb+0x232/0x4b0
[ 1483.750603][ T1447]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1483.750614][ T1447]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1483.750631][ T1447]  ? down_read+0x272/0x2e0
[ 1483.750641][ T1447]  ? genl_rcv+0xd/0x40
[ 1483.750651][ T1447]  genl_rcv+0x28/0x40
[ 1483.750659][ T1447]  netlink_unicast+0x80f/0x9b0
[ 1483.750674][ T1447]  ? __pfx_netlink_unicast+0x10/0x10
[ 1483.750686][ T1447]  ? netlink_sendmsg+0x650/0xb40
[ 1483.750699][ T1447]  ? skb_put+0x11b/0x210
[ 1483.750716][ T1447]  netlink_sendmsg+0x813/0xb40
[ 1483.750732][ T1447]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1483.750747][ T1447]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1483.750761][ T1447]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1483.750774][ T1447]  ____sys_sendmsg+0x972/0x9f0
[ 1483.750786][ T1447]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1483.750798][ T1447]  ? import_iovec+0x73/0xa0
[ 1483.750815][ T1447]  ___sys_sendmsg+0x2a5/0x360
[ 1483.750826][ T1447]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1483.750838][ T1447]  ? futex_wake+0x4ac/0x580
[ 1483.750858][ T1447]  ? __fget_files+0x2a/0x420
[ 1483.750878][ T1447]  ? __fget_files+0x3a0/0x420
[ 1483.750895][ T1447]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1483.750905][ T1447]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1483.750917][ T1447]  ? rcu_is_watching+0x15/0xb0
[ 1483.750944][ T1447]  do_syscall_64+0x14d/0xf80
[ 1483.750960][ T1447]  ? trace_irq_disable+0x3b/0x150
[ 1483.750986][ T1447]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1483.751005][ T1447]  ? clear_bhb_loop+0x40/0x90
[ 1483.751026][ T1447]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1483.751037][ T1447] RIP: 0033:0x7f9e4d79c799
[ 1483.751049][ T1447] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1483.751059][ T1447] RSP: 002b:00007f9e4e58f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1483.751072][ T1447] RAX: ffffffffffffffda RBX: 00007f9e4da16180 RCX: 00007f9e4d79c799
[ 1483.751080][ T1447] RDX: 0000000020000000 RSI: 0000200000001ac0 RDI: 000000000000000d
[ 1483.751087][ T1447] RBP: 00007f9e4d832c99 R08: 0000000000000000 R09: 0000000000000000
[ 1483.751094][ T1447] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1483.751100][ T1447] R13: 00007f9e4da16218 R14: 00007f9e4da16180 R15: 00007ffedcf98d38
[ 1483.751112][ T1447]  </TASK>
[ 1484.189501][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1484.279398][ T5828] block nbd5: Receive control failed (result -32)
[ 1484.293302][ T5828] block nbd5: Receive control failed (result -32)
[ 1484.335119][ T1447] nbd5: detected capacity change from 0 to 63
[ 1484.354701][  T658] block nbd5: Dead connection, failed to find a fallback
[ 1484.362091][  T658] block nbd5: shutting down sockets
[ 1484.368003][  T658] blk_print_req_error: 286 callbacks suppressed
[ 1484.368038][  T658] I/O error, dev nbd5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1484.390175][  T658] buffer_io_error: 286 callbacks suppressed
[ 1484.390196][  T658] Buffer I/O error on dev nbd5, logical block 0, async page read
[ 1484.406343][  T658] I/O error, dev nbd5, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1484.416082][  T658] Buffer I/O error on dev nbd5, logical block 1, async page read
[ 1484.430689][  T658] I/O error, dev nbd5, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1484.440593][  T658] Buffer I/O error on dev nbd5, logical block 2, async page read
[ 1484.448999][  T658] I/O error, dev nbd5, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1484.459438][  T658] Buffer I/O error on dev nbd5, logical block 3, async page read
[ 1484.468188][  T658] I/O error, dev nbd5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1484.478479][  T658] Buffer I/O error on dev nbd5, logical block 0, async page read
[ 1484.486708][  T658] I/O error, dev nbd5, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1484.496737][  T658] Buffer I/O error on dev nbd5, logical block 1, async page read
[ 1484.504983][  T658] I/O error, dev nbd5, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1484.517137][  T658] Buffer I/O error on dev nbd5, logical block 2, async page read
[ 1484.530664][  T658] I/O error, dev nbd5, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1484.540239][  T658] Buffer I/O error on dev nbd5, logical block 3, async page read
[ 1484.549396][  T658] I/O error, dev nbd5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1484.559425][  T658] Buffer I/O error on dev nbd5, logical block 0, async page read
[ 1484.567887][  T658] I/O error, dev nbd5, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1484.581366][  T658] Buffer I/O error on dev nbd5, logical block 1, async page read
[ 1484.589747][  T658] ldm_validate_partition_table(): Disk read failed.
[ 1484.596841][  T658] Dev nbd5: unable to read RDB block 0
[ 1484.603143][  T658]  nbd5: unable to read partition table
[ 1484.623559][  T658] ldm_validate_partition_table(): Disk read failed.
[ 1484.631339][  T658] Dev nbd5: unable to read RDB block 0
[ 1484.637541][  T658]  nbd5: unable to read partition table
[ 1485.004273][ T1300] aoe: packet could not be sent on bond0.  consider increasing tx_queue_len
[ 1485.014160][ T1300] lec:lec_start_xmit: lec0:No lecd attached
[ 1486.354911][ T1419] tipc: Disabling bearer <eth:syzkaller0>
[ 1490.360007][    C1] lec0: NETDEV WATCHDOG: CPU: 1: transmit queue 0 timed out 5340 ms
[ 1490.368047][    C1] lec:lec_tx_timeout: lec0