last executing test programs:

3.243048602s ago: executing program 3 (id=6702):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)={0x2c, r1, 0x101, 0x70bd27, 0x80000, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_IE={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x20000044)

2.876798714s ago: executing program 3 (id=6706):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000980)=@raw={'raw\x00', 0x8, 0x3, 0x530, 0x1d8, 0xffffffff, 0xffffffff, 0x1d8, 0xffffffff, 0x460, 0xffffffff, 0xffffffff, 0x460, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'bridge0\x00'}, 0x0, 0x1b0, 0x1d8, 0x0, {}, [@common=@unspec=@helper={{0x48}, {0x0, 'amanda\x00'}}, @common=@unspec=@conntrack2={{0xc0}, {{@ipv6=@private1, [0xff000000, 0xffffffff, 0xff, 0xffffffff], @ipv6=@private1={0xfc, 0x1, '\x00', 0x1}, [0xffffff00, 0xff, 0xffffffff, 0xffffffff], @ipv6=@empty, [0xff000000, 0xff, 0xff, 0xff], @ipv6=@local, [0xffffffff, 0xff000000, 0xff000000, 0xffffff00], 0x80, 0x54, 0x3b, 0x4e20, 0x4e23, 0x4e21, 0x4e23, 0x446, 0x39a}, 0x100, 0x20}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00', {0xff}, {}, 0x0, 0x0, 0x0, 0x4b}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0xfffffffe, 0xe, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x590)
syz_emit_ethernet(0x4e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb86dd698b0f0000180600fe800000000000000000000000000039fe8000002000000000000000000000aa4e224e24", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="915c"], 0x0)

2.55155171s ago: executing program 1 (id=6708):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_tcp(0x2, 0x1, 0x0)
listen(0xffffffffffffffff, 0x6)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={0x0, 0xb8}}, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[], 0x1c}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYRESDEC], 0x0, 0x0, 0x0, 0x0, 0x0, 0x71, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffbffffd}, 0x94)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, 0x0, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x2f)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f00000000c0)='bbr', 0x3)
recvfrom$inet(r4, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
shutdown(r4, 0x1)
listen(r4, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002c80)=[{{&(0x7f0000000080)=@abs={0x1, 0x0, 0x4e23}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x4050}}], 0x1, 0x0)
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc050}, 0x0)

2.491179783s ago: executing program 0 (id=6709):
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000480)="4ce09043b6aa2ae5946f67306c7f73ed469dfcfc5e1f4d8123a4a8a7b9be82f67f89605cd9bbf7254c156b00437f753a248daf68c5ebdc4a6346d336a6502e98eae72777956d1ebeeb855fae46b3ccb9fb3d593651b95ee00afe0816b3c6e7f3cb3b18fb5198643daa6b9cafde584957dd72ba27cef6604f5df59f0bee60bca63d75a9d812eb699c2d665b7179b22027cf74", 0x92}, {&(0x7f0000000780)="8ff2f15bd0017ce4b36b6bc4335634254cffcc40c0312f5ff35991272b79d76712dc0c3cfdc0d70ce8004884e6917bed9ffee1584df7f06c7bccac71daf78bf3c68b8d5e56357654784bdbc700bceb1049", 0x51}, {&(0x7f0000000600)="5193f0b40db29d9ce06f429ed3c2c6405967f1e559f08c35f5e63ad64c2746967cca1bbeaf6206a79c42badb4fb453f294c2932cb555c80dbd2bc9694e862a5f9c1d633207a53c2f54d98c2f9e4323eac6c20c56e7607d212b210a0325f7c289d1a2552d7a3f2176a47e95bc46471fae9167768d58f22ff10ba3cc2050b1ee838ce9e4ac5a1544fec3", 0x89}, {&(0x7f0000000900)}, {&(0x7f00000000c0)}], 0x5}}], 0x1, 0x20000044)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r0, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {0x0}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

2.181579665s ago: executing program 0 (id=6713):
socket(0x400000000010, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0x6}, {0xffff, 0xffff}}}, 0x24}}, 0x24040084)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, 0x0, 0x0)
connect$inet6(r2, 0x0, 0x0)
ioctl$FS_IOC_SETFSLABEL(r2, 0x41009432, 0x0)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, 0x0, 0x0)
writev(r2, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000800)={'syzkaller0\x00'})
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nfc(&(0x7f0000000480), r5)
ioctl$IOCTL_GET_NCIDEV_IDX(r4, 0x0, &(0x7f00000000c0)=<r7=>0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r8, 0x0, 0x4084)
sendmsg$NFC_CMD_DEV_UP(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="010026bd7000fcdbdf25020000000800", @ANYRES32=r7], 0x1c}}, 0x840)
write$nci(r4, &(0x7f0000000280)=ANY=[@ANYBLOB="400404"], 0x7)
write$nci(r4, &(0x7f0000000140)=ANY=[@ANYBLOB="000501"], 0x4)

2.181140848s ago: executing program 3 (id=6714):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x3000004, 0x3032, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=@newqdisc={0x44, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, r2, {0x0, 0xc}, {0x5}, {0x2, 0xed27c9fa5277b9b7}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_BYTEMODE={0x8, 0xb, 0x1}, @TCA_FQ_PIE_ECN={0x8, 0xa, 0x1}]}}]}, 0x44}}, 0x24048000)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r4, 0x8922, &(0x7f0000000440)={'syz_tun\x00', 0x101})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), r5)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r5, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000680)={0x34, r6, 0x1, 0x170bd2c, 0x25dfdbfe, {}, [@ETHTOOL_A_CHANNELS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_1\x00'}]}, @ETHTOOL_A_CHANNELS_TX_COUNT={0x8, 0x7, 0x2}]}, 0x34}, 0x1, 0x0, 0x0, 0x86}, 0x40040)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r7, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r7, &(0x7f0000000300)={0xa, 0x1, 0xfffffffe, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2e}}}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r7, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r7, 0x11a, 0x1, &(0x7f0000000280)=@gcm_256={{0x303}, "1afc7c14d332bcc6", "a9ba0c85d68723369f51322151d9f41aaa2832bb07cc1e49ad714beac6f1ade8", "49960d8f", "bff2a81527ae4190"}, 0x38)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='freezer.state\x00', 0x275a, 0x0)
write$cgroup_int(r8, &(0x7f0000000000), 0xffffff6a)
sendfile(r7, r8, 0x0, 0x20000000002)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x16, 0x12, &(0x7f00000004c0)=ANY=[@ANYBLOB="b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500000800000085000000a500000018120000", @ANYRES32, @ANYBLOB="0000000000000000b70c000000000000000000000c000000b700000000000000"], &(0x7f0000000580)='syzkaller\x00', 0x100000, 0x3a, &(0x7f00000005c0)=""/58, 0x41000, 0x6a, '\x00', r2, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000600)={0x2, 0x3}, 0x8, 0x10, &(0x7f0000000640)={0x5, 0x1, 0x7, 0x1000}, 0x10, 0x0, 0xffffffffffffffff, 0x1, &(0x7f0000000700)=[0xffffffffffffffff, 0x1, r8], &(0x7f0000000800)=[{0x2, 0x3, 0xa, 0x7}], 0x10, 0x80000000}, 0x94)
r9 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r9, 0x84, 0x7d, 0x0, &(0x7f0000000300)=0x9b)
r10 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000300)={'bond0\x00', <r11=>0x0})
r12 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r12, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x50, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r11, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x24, 0x2, [@TCA_HHF_ADMIT_BYTES={0x8, 0x5, 0x4}, @TCA_HHF_RESET_TIMEOUT={0x8, 0x4, 0xffff85fd}, @TCA_HHF_ADMIT_BYTES={0x8, 0x5, 0x9}, @TCA_HHF_QUANTUM={0x8, 0x2, 0x8}]}}]}, 0x50}}, 0x0)
setsockopt$SO_TIMESTAMPING(r5, 0x1, 0x25, &(0x7f00000001c0)=0x8, 0x4)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2d, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @private2}}}, 0x108)

1.790519837s ago: executing program 0 (id=6718):
socket(0x10, 0x803, 0x0)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
vmsplice(r0, &(0x7f0000000380)=[{&(0x7f0000013580)='\r', 0x1}], 0x1, 0x1)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000980)={r0, 0x0, 0x27, 0xf6, &(0x7f0000000440)="89f46100487baf91449080e569194749c6ca5668e554a64c06fa1ff255191f595804a211264929", &(0x7f0000000740)=""/246, 0x5, 0x0, 0x2e, 0xf1, &(0x7f0000000840)="9c2896627934e93c44906e9ed6b3fb348d883aa1cdd640a292848b088b4076cca4a490a9904a605eccfaa6d85a48", &(0x7f0000000880)="633ad7f2911be95c2d123e0651ed06763d2fc2cd7b2feb75450d7ed1072759870d9c0366b501a39a7b93b790d9b7ec9c55eda513ecfbfbdc561e3ec9504193f1103e917bb685107b13c50c452cf4d01e72d2e7ed5ffbcb6f297b63cafdc82e878beb99ac0014ca43449e93ab30c80ce3637ffc3fdd286b7ed0f33632e482b35cd9b1e9515c7457aff905fb07af942387c69993e47a0e2ff4385254331c65a5b3f4c7300c853d61f7cf9c05b131294647697660eceb3e94b8dcd4070d96374e18542b152e19380eb806aedb1f7de9f4bcd73b4e20dd0afdb1d2494f96236134ee3b1e92f5757194b327f86b3f0c48e0c3ec", 0x2, 0x0, 0x4a}, 0x50)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000052d442fa5ba775d2000000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
r2 = socket(0x1, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f0000000540)=0x1, 0x4)
connect$inet(r3, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x200000b, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0)
sendmmsg$inet(r3, &(0x7f00000060c0)=[{{0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f0000000140)='@', 0x1}, {&(0x7f00000007c0)='y', 0x1}, {&(0x7f0000000340)="b9", 0x1}, {&(0x7f0000000940)="99", 0x1}, {&(0x7f00000008c0)='z', 0x1}, {&(0x7f00000009c0)='~', 0x1}, {&(0x7f0000000a00)='x', 0x1}, {&(0x7f0000000440)="06", 0x1}, {&(0x7f0000000580)='k', 0xffffffc6}, {&(0x7f00000006c0)="1d", 0x1}, {&(0x7f0000000800)='a', 0x1}, {&(0x7f0000000280)='$', 0x1}], 0xc}}, {{0x0, 0x0, &(0x7f00000035c0)=[{&(0x7f0000001040)="fc"}, {&(0x7f0000001080)="c9", 0x1}, {&(0x7f0000002180)='-', 0x1}, {&(0x7f0000002240)='R', 0x1}, {&(0x7f00000033c0)="c4", 0x1}], 0x5}}], 0x2, 0x4000000)
setsockopt$sock_int(r3, 0x1, 0x20, &(0x7f0000000000)=0x7fffffff, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0x61, 0x83, &(0x7f0000000080)="3e88d7fce801f475d2ce69e351a3116082c5ce45971f7253d63240f0d7cfa73b1ced103f051d6cd365e6183ecc1163fb53a89e01942475247ccdeb847f6c5ba99e58cb52d30bf37209439da0b6ffe43cc733873fe480088733dfb83121bc75ef7b", &(0x7f0000000240)=""/131, 0x2, 0x0, 0x70, 0xf9, &(0x7f00000003c0)="32abf989d7e9a012c587a4971e35d4dd95c531a89f0f99a6dd715d5d5ff4d8e5ab429a0ccf065f6a6bdf35250d8c7d4b3adcf468146ccc768866c71aa63761780ae1032646e55a8c0fb5ee86e9ad4590dccc6fae954ef3e4b73af2744dedd2b85ff516fe245df10ebd4b33e703e762ef", &(0x7f0000000500)="acdae80a14a2e89dcf68b09f335addd90cb0e071948cb9d568f75d5395f9161726d4ecde585700513064c622a59dbcf2a270adc64ab1bd606ac3dc911474e0160a7d1da846c6af314043875d41f0e91c7ce83b55bbd31ba355cda35468a0aeed7967f5161a5f7371cf34f8c72aa3385f4e61ba316a41297ddceffe6b5b23960950a2e7a76a5c5ab861d2548d80f62964ea257f2dea17d553f917fccf0cc9024fcd0d771a1cda7be77b72010621803019b8814cd330aafb8a383d44f3c9b9f389c07748bed07a148fc9f40b15c4f9cf412c9345987ced5aed28f1327250f40c74cd81fbf02e51df47db0e094d0fe47b4cf223578d67c8f1b58d", 0x5, 0x0, 0x815}, 0x50)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
writev(r4, &(0x7f0000000700)=[{&(0x7f00000000c0)="02ef667db5e53f90ddf725d589e79497ed32000192c55934a92b7b6285d5b1fb065ae78c91902eb69b165687a415b833508dc85680407417b65a83592a4e597178233649c148ab68571c3390210cbe7ea8194c25e9b37c83bb8055e08218fa6a47d9401cdffa24dd9b984cec90c7c1508f05453927e13e43ffc2f4482bd0fc", 0x4}, {&(0x7f0000000140)="1a36c585040053c08764d056a86d003cbaf5cde47e5f51052d82c19aa673d661416429534237090097b3116d403a08c07bbbe72da665341d6592092455897fe84a54e94a435e8d3810ce4899d5b04d17b099bbec7fb7f005b03bb00f6860f0cd665a14bd1b7ad319101e9beae62faa71a5f2383e963aba417592d7a84958", 0x7e}], 0x62)
ioctl$TUNGETSNDBUF(r4, 0x800454d3, &(0x7f0000000340))

1.781206978s ago: executing program 2 (id=6719):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
r1 = socket(0x2000000000000021, 0x2, 0x10000000000002)
sendmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[], 0x28, 0xe000}, 0x5}], 0x1, 0x0)
listen(r1, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r0, &(0x7f0000001640)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000b80)="f77d2b5dd5f7d74f0748cf3d2cf218d644566a14103b1c7dd35fd2951bd022f10f2dc7f4ce0d8ac5f4abaca4b97b706153756913b7dd48248b5bfb10460019248bf238743fa2aeb5bef21ce832db670920dc5e911ef2ad63e849901d1001129dbacbfd4924d7545517fd18b5d29978f32a5b5c81755cb89cc0490958ba3211eb99df5cdbbc0f9c941aaa1495893dada02d8188acd26b5afd7476413f322c8f79de769debb56343f3eded2d", 0xab}], 0x1}}, {{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000640)='B', 0x1}], 0x1}}], 0x2, 0x2090)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x1000803c, 0x0, 0x0)

1.518971829s ago: executing program 2 (id=6722):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a310000000054000000030a01020000000000000000010000000900030073797a3a0000000028000480080002400000000008000140000000051400030076657468315f6d6163767461700000000900010073797a310000000054000000050a01020000000000000000010020000c00024000000000000000010900010073797a3100000000200004801400030076657468315f6d6163767461700000000800014000000005080007006e6174"], 0xf0}, 0x1, 0x0, 0x0, 0x48000}, 0x20040080)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}}, 0x20040084)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@newqdisc={0x8c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r7, {0x4}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x4, [0x2, 0x5, 0x9, 0x7, 0xc, 0x2, 0x4, 0x2, 0xf, 0x6, 0x0, 0xb, 0x2, 0x6, 0x1, 0x4], 0x3, [0x8b, 0x101, 0x200, 0x2002, 0x1, 0x4, 0x2, 0xd06, 0xff05, 0x2, 0xb, 0x3, 0x5, 0x6, 0xd, 0x100], [0xfff1, 0x5, 0xffff, 0xfff5, 0x3, 0x8, 0x1, 0x9, 0x5, 0x2, 0xc, 0x40, 0xfffc, 0x8, 0x1]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x400dc}, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r8)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x801, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x54, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xc}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x8}, @NFTA_SET_DATA_LEN={0x8, 0x7, 0x1, 0x0, 0x31}, @NFTA_SET_DATA_TYPE={0x8}]}, @NFT_MSG_NEWSETELEM={0x78, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x4c, 0x3, 0x0, 0x1, [{0x48, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_DATA={0x3c, 0x2, 0x0, 0x1, [@NFTA_DATA_VALUE={0x35, 0x1, "299246c8790c329b9b21c709e5bde740667dacbfa315d9435694f397a882b3f08e609ceb866040a2100c9ec9eac4261c62"}]}]}]}]}, @NFT_MSG_DELTABLE={0x14, 0x2, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x8}}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x128}}, 0x0)
sendmsg$TIPC_CMD_ENABLE_BEARER(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)

1.466271256s ago: executing program 1 (id=6724):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0xfdfffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa"], 0xfdef)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x4000, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0xfc, 0x0, 0x0, 0x2}, 0x48)

1.290784437s ago: executing program 4 (id=6725):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000280)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="8c000000", @ANYRES16=r1, @ANYBLOB="050000000000000000000f00000008000300", @ANYRES32=r2, @ANYBLOB="45000e0080000000ffffffffffffffffffffffff50505050505000000000000000020000640001000100060206003c04010ba10471070000ffffffff60760605001700fa00000000080026006c09000008000c006400000008000d0005000000"], 0x8c}, 0x1, 0x0, 0x0, 0x84}, 0x0)

1.235777338s ago: executing program 1 (id=6726):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001ec0)=ANY=[@ANYBLOB="340000003e0007012bbd700000000000010180000400fc800c00018008000600", @ANYRES32=0x0, @ANYBLOB="080002"], 0x34}, 0x1, 0x0, 0x40000000000, 0xc000}, 0x4040)

1.080255487s ago: executing program 3 (id=6727):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$qrtr(0x2a, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFBRDADDR(r1, 0x891a, 0x0)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000002060108000300000000000000000000050005000a000000050001000700000005000400000000000900020073797a31000000001000039700686173683a69702c6d6163"], 0x48}}, 0x0)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_PROTOCOL_FEATURES(r2, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r3, 0x400, 0x70bd2b, 0x25dfdbfc, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4010}, 0x40000)

1.024532765s ago: executing program 1 (id=6728):
socket(0x400000000010, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0x6}, {0xffff, 0xffff}}}, 0x24}}, 0x24040084)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, 0x0, 0x0)
connect$inet6(r2, 0x0, 0x0)
ioctl$FS_IOC_SETFSLABEL(r2, 0x41009432, 0x0)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, 0x0, 0x0)
writev(r2, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000800)={'syzkaller0\x00'})
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nfc(&(0x7f0000000480), r5)
ioctl$IOCTL_GET_NCIDEV_IDX(r4, 0x0, &(0x7f00000000c0)=<r7=>0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r8, 0x0, 0x4084)
sendmsg$NFC_CMD_DEV_UP(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="010026bd7000fcdbdf25020000000800", @ANYRES32=r7], 0x1c}}, 0x840)
write$nci(r4, &(0x7f0000000280)=ANY=[@ANYBLOB="400404"], 0x7)
write$nci(r4, &(0x7f0000000140)=ANY=[@ANYBLOB="000501"], 0x4)

921.765148ms ago: executing program 4 (id=6729):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)={0x2c, r1, 0x101, 0x70bd27, 0x80000, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_IE={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x20000044)

737.315763ms ago: executing program 2 (id=6730):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x16c}}, 0x24)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x11, 0x4, 0x4, 0x5}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000157b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000240)={r2, 0xffffffffffffffff, 0x500}, 0x57) (async)
sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="2c0000002100010000000000fcdbdf2502000000000000000000000006001d"], 0x2c}}, 0x0)

725.994941ms ago: executing program 0 (id=6731):
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000080), &(0x7f00000000c0)=0xc)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000006380)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x7, @private0, 0x9}, 0x1c, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="2441385800000000a549761f00000032000100fe800800000040005933fb0000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x28}}], 0x1, 0x8044)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
close(r0)
r1 = socket(0x2, 0x80805, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000840)={0x6, 0x0, 0x0, 0x0, 0x6f, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000780)=[{0x3, 0x4, 0x1, 0x7}, {0x1, 0x2, 0xc, 0x3}], 0x10, 0x80000000}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r2=>0xffffffffffffffff})
shutdown(r2, 0x0)
recvmsg$unix(r2, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000780)=[@cred={{0x1c, 0x1, 0x2, {<r3=>0x0}}}], 0x20}, 0x0)
syz_open_procfs$namespace(r3, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={<r4=>0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x4e20, @loopback}]}, &(0x7f0000000400)=0x10)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r5=>0x0}, &(0x7f0000001080)=0x8)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="2c0000000b06050000000000000020000000000005000100070000000900020073797a3100000000040007"], 0x2c}}, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000080)={r5, 0x808000}, 0x8)
getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f00000002c0)={r5, 0x81}, &(0x7f0000000340)=0x8)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='rdma.current\x00', 0x26e1, 0x0)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r8, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r8, 0x84, 0x6f, &(0x7f0000000000)={<r9=>0x0, 0xc0, &(0x7f0000000580)=[@in={0x2, 0x4e22, @remote}, @in={0x2, 0x4e20, @loopback}, @in6={0xa, 0x4e21, 0x6, @ipv4={'\x00', '\xff\xff', @local}, 0x200}, @in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in={0x2, 0x4e24, @remote}, @in6={0xa, 0x4e23, 0x419d, @local, 0x7ff}, @in6={0xa, 0x4e22, 0x3, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, 0xe9d}, @in={0x2, 0x4e22, @broadcast}, @in6={0xa, 0x4e24, 0x9, @private2={0xfc, 0x2, '\x00', 0x1}, 0xe53}]}, &(0x7f0000000480)=0x10)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r8, 0x84, 0x19, &(0x7f0000000080)={r9, 0x100}, 0x8)
ioctl$TUNSETOFFLOAD(r7, 0x5460, 0x96b5376b91506d81)
r10 = socket$inet6_sctp(0xa, 0x5, 0x84)
r11 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r11, 0x84, 0xc, &(0x7f0000000240)=@assoc_value={<r12=>0x0}, &(0x7f0000000300)=0x8)
r13 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r13, 0x89f3, &(0x7f0000003200)={'ip6tnl0\x00', &(0x7f0000003180)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @empty}})
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r10, 0x84, 0x76, &(0x7f0000000180)={r4, 0x6}, 0x8)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r7, 0x84, 0x1f, &(0x7f0000000140)={r12, @in6={{0xa, 0x4e21, 0xd6, @mcast1, 0xfffffffc}}, 0x0, 0x8}, &(0x7f0000000200)=0x90)
socket$xdp(0x2c, 0x3, 0x0)

654.417985ms ago: executing program 1 (id=6732):
r0 = socket$pppoe(0x18, 0x1, 0x0)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000040)={0x18, 0x0, {0x1, @empty, 'ip_vti0\x00'}}, 0x1e)
connect$pppoe(r0, &(0x7f0000000080)={0x18, 0x0, {0x1, @empty, 'ip6tnl0\x00'}}, 0x1e)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
writev(r2, &(0x7f0000000840)=[{&(0x7f0000000080)="2e9b3d0007e03dd65193dfb6c575963f886411", 0x13}, {&(0x7f0000000180)="0000000500", 0x5}, {&(0x7f0000000640)="5cad", 0x2}], 0x3)

629.370139ms ago: executing program 4 (id=6733):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)={0x50, r0, 0x801, 0x400, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_KEY={0x28, 0x50, 0x0, 0x1, [@NL80211_KEY_DATA_WEP104={0x11, 0x1, "4abee33908f8eef16f162471f4"}, @NL80211_KEY_IDX={0x5, 0x2, 0x2}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac09}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x2000000}, 0x0)

545.349186ms ago: executing program 3 (id=6734):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_tcp(0x2, 0x1, 0x0)
listen(0xffffffffffffffff, 0x6)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={0x0, 0xb8}}, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[], 0x1c}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYRESDEC], 0x0, 0x0, 0x0, 0x0, 0x0, 0x71, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffbffffd}, 0x94)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, 0x0, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x2f)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f00000000c0)='bbr', 0x3)
recvfrom$inet(r4, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
shutdown(r4, 0x1)
listen(r4, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002c80)=[{{&(0x7f0000000080)=@abs={0x1, 0x0, 0x4e23}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x4050}}], 0x1, 0x0)
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}, 0x1, 0x0, 0x0, 0xc050}, 0x0)

443.188713ms ago: executing program 2 (id=6735):
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000080)="5c00000011006bec9e3be35c6e17aa31076b876c0d000000ba090000160af3653c001ac00400020208000300030001002c000000eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0000300000000000000ffffc6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x4a046)
r3 = socket$packet(0x11, 0x2, 0x300)
sendmmsg(r3, &(0x7f0000004680), 0x0, 0x800)
sendmsg$NL802154_CMD_GET_WPAN_PHY(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x14, r0, 0xb15, 0x70bd2a, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x10041}, 0x4)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmmsg$inet(r4, &(0x7f0000002c80)=[{{&(0x7f0000000000)={0x2, 0x0, @private=0xa010101}, 0x10, &(0x7f0000000380)=[{&(0x7f0000000040)="93", 0x1}], 0x1}}, {{&(0x7f0000000080)={0x2, 0x4e23, @remote}, 0x10, &(0x7f00000000c0)=[{&(0x7f00000001c0)="30acdb1d3a", 0x5}], 0x1}}, {{&(0x7f0000000140)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000640)=[{&(0x7f0000000540)="a9de932f", 0x4}], 0x1}}], 0x3, 0x46054)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x90, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x34, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @loopback=0x7f000015}, {0x8, 0x2, @multicast2}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @local}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @private}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_SEQ_ADJ_ORIG={0x1c, 0xf, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8}, @CTA_SEQADJ_OFFSET_AFTER={0x8}, @CTA_SEQADJ_OFFSET_BEFORE={0x8}]}]}, 0x90}}, 0x0)
close(r4)
syz_genetlink_get_family_id$nl802154(&(0x7f0000002f80), r1)

382.568955ms ago: executing program 4 (id=6736):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001700)={0x14, 0x25, 0x301, 0x0, 0x0, {0x1}}, 0x14}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x10, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x0, 0x1, 0x2b}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000d40)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000000005fdb2971dfa2bff372df8cdbeb318ab2bec8fc36903c0ec359ca9daf3c914019395cc154010c693709800000000000000016a85adef34bf78c76e6222337923e1bea6ef682cc4375f594425d408ccc58187feb0e3d43347f989007a7c63f6dae682acb4af936461f34a8a32a50bbbb69ec85168947b86df9f2609bf93f7a1be259621818c3c75da30000bce645451b851111dd98ac4d8da9317c2c082020e0b2d6340809000000000000008e053645cc413790faf7e229c782845b5bb774f7f154263178151ea93ff2cac4b181332c9c9a1c7d85616c8100000000000000d8300d19d585000000fc005774b56a7142047326f940e95b8489e1c5650f5c61299a295f39c88456521cffdef93e29f10f4a11f0cfbfc0ff976b20fe"], &(0x7f0000000080)='GPL\x00', 0xffffffff, 0xa8, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @fallback, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x10}, 0x94)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00'], 0x48)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x2}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000008300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000040)={0x84, @dev={0xac, 0x14, 0x14, 0xb}, 0x815, 0x3, 'none\x00', 0x1, 0x1, 0x72}, 0x2c)
setsockopt$IP_VS_SO_SET_DELDEST(r3, 0x0, 0x488, &(0x7f0000000280)={{0x84, @empty, 0x4e20, 0x3, 'lblc\x00', 0x1d, 0x2, 0x2a}, {@loopback, 0x4e20, 0x10000, 0xc24, 0x9, 0xfffffffb}}, 0x44)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00'/14], 0x22)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
r6 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x8, 0x3, 0x328, 0x190, 0xffffffff, 0xffffffff, 0x190, 0xffffffff, 0x258, 0xffffffff, 0xffffffff, 0x258, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@loopback, @private0, [0xff, 0x0, 0xff000000], [0x0, 0x0, 0x0, 0xff000000], 'wlan0\x00', 'veth0_to_team\x00', {0xff}, {}, 0x2c, 0xc7, 0x6, 0x61}, 0x0, 0x168, 0x190, 0x0, {}, [@common=@ah={{0x30}, {[0x4d6, 0x4d6], 0x8, 0xe, 0x2}}, @common=@srh1={{0x90}, {0x3a, 0x2, 0xf, 0x0, 0x9, @private1, @ipv4={'\x00', '\xff\xff', @remote}, @dev={0xfe, 0x80, '\x00', 0xd}, [0xffffffff, 0xffffff00, 0xffffffff, 0xff000000], [0xff000000, 0xff, 0xffffff00, 0xff], [0xffffffff, 0xffffffff, 0x0, 0xffffff00], 0x13a8, 0x1e8}}]}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x2, 0x4, 0x6}}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x36}}, [], [], 'erspan0\x00', 'gre0\x00'}, 0x0, 0xa8, 0xc8}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x388)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040))
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000003000000030000000020000000000000000000002000000000000000002000004680800000000000001000000000000000000000001"], 0x0, 0x4a}, 0x20)
shutdown(r5, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000000)={<r7=>0x0, 0x1c, &(0x7f0000000040)=[@in6={0xa, 0x4e20, 0x5, @private2, 0x9}]}, &(0x7f0000000080)=0x10)
r8 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_RTOINFO(r8, 0x84, 0x0, &(0x7f00000002c0)={r7, 0x4, 0x6, 0x80000001}, 0x10)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), r9)
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r11, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newtaction={0xcc, 0x30, 0xffff, 0x0, 0x0, {}, [{0xb8, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c}]]}, {0x4}, {0xc}, {0xc}}}, @m_gact={0x48, 0x2, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x0, 0x0, 0x8}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xcc}}, 0x0)
sendmsg$TIPC_NL_BEARER_ENABLE(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x38, r10, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x24, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x7, 0x2, 0x3}]}, @TIPC_NLA_BEARER_NAME={0x11, 0x1, @l2={'eth', 0x3a, 'pim6reg1\x00'}}]}]}, 0x38}}, 0x0)
bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r2, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70)
r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r13 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NLBL_CALIPSO_C_ADD(r12, &(0x7f00000007c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1001}, 0xc, &(0x7f0000000780)={&(0x7f0000000380)={0x24, r13, 0x300, 0x70bd28, 0x25dfdbfb, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x10)

297.203388ms ago: executing program 1 (id=6737):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket(0x2, 0x3, 0x6)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000100), 0x2300, 0x0)
ppoll(&(0x7f0000000140)=[{r2, 0x40}], 0x1, &(0x7f00000001c0), 0x0, 0x0)
bind$inet(r1, &(0x7f0000000080)={0x2, 0xfffa, @local}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x48800, &(0x7f0000000000)={0x2, 0x0, @broadcast}, 0x10)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f00000001c0), 0x4)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000003a80)={0x0, 0x1c, &(0x7f0000003980)=[@in6={0xa, 0x2, 0x8001, @private2, 0xffffffff}]}, &(0x7f0000003ac0)=0x10)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x6d, &(0x7f0000000080), &(0x7f00000000c0)=0x3930)

197.177975ms ago: executing program 2 (id=6738):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x48, 0x2, 0x6, 0x801, 0x0, 0x41, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}]}, 0x48}}, 0x0)

172.519267ms ago: executing program 0 (id=6739):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1400000010000000060a0b04000004000000000002000000140000eb1000010000000000007f8a5eccae4d45e80000000000000000"], 0x3c}, 0x1, 0x0, 0x0, 0x2000094}, 0x4000800)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3400000040000701fcffffff00000100017c0000040042800c0001800600060065580000100002800c00068008"], 0x34}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r0, &(0x7f0000001640)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000b80)="f77d2b5dd5f7d74f0748cf3d2cf218d644566a14103b1c7dd35fd2951bd022f10f2dc7f4ce0d8ac5f4abaca4b97b706153756913b7dd48248b5bfb10460019248bf238743fa2aeb5bef21ce832db670920dc5e911ef2ad63e849901d1001129dbacbfd4924d7545517fd18b5d29978f32a5b5c81755cb89cc0490958ba3211eb99df5cdbbc0f9c941aaa1495893dada02d8188acd26b5afd7476413f322c8f79de769debb56343f3eded2d", 0xab}], 0x1}}, {{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000640)='B', 0x1}], 0x1}}], 0x2, 0x2090)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x1000803c, 0x0, 0x0)

152.93298ms ago: executing program 4 (id=6740):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6(0xa, 0x2, 0x0)
socket(0x40000000015, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_udp(0x2, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet6(0xa, 0x3, 0x7)
bind$inet6(r0, 0x0, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
socketpair(0x1, 0x3, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
bind$packet(r1, &(0x7f00000000c0)={0x11, 0x18, r3, 0x1, 0x81}, 0x14)
setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x0, 0x0, 0xffffffff}, 0x1c) (fail_nth: 58)

148.723021ms ago: executing program 3 (id=6741):
socket(0x10, 0x803, 0x0)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
vmsplice(r0, &(0x7f0000000380)=[{&(0x7f0000013580)='\r', 0x1}], 0x1, 0x1)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000980)={r0, 0x0, 0x14, 0xf6, &(0x7f0000000440)="89f46100487baf91449080e569194749c6ca5668", &(0x7f0000000740)=""/246, 0x5, 0x0, 0x2e, 0xf1, &(0x7f0000000840)="9c2896627934e93c44906e9ed6b3fb348d883aa1cdd640a292848b088b4076cca4a490a9904a605eccfaa6d85a48", &(0x7f0000000880)="633ad7f2911be95c2d123e0651ed06763d2fc2cd7b2feb75450d7ed1072759870d9c0366b501a39a7b93b790d9b7ec9c55eda513ecfbfbdc561e3ec9504193f1103e917bb685107b13c50c452cf4d01e72d2e7ed5ffbcb6f297b63cafdc82e878beb99ac0014ca43449e93ab30c80ce3637ffc3fdd286b7ed0f33632e482b35cd9b1e9515c7457aff905fb07af942387c69993e47a0e2ff4385254331c65a5b3f4c7300c853d61f7cf9c05b131294647697660eceb3e94b8dcd4070d96374e18542b152e19380eb806aedb1f7de9f4bcd73b4e20dd0afdb1d2494f96236134ee3b1e92f5757194b327f86b3f0c48e0c3ec", 0x2, 0x0, 0x4a}, 0x50)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000052d442fa5ba775d2000000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
r2 = socket(0x1, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f0000000540)=0x1, 0x4)
connect$inet(r3, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x200000b, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0)
sendmmsg$inet(r3, &(0x7f00000060c0)=[{{0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f0000000140)='@', 0x1}, {&(0x7f00000007c0)='y', 0x1}, {&(0x7f0000000340)="b9", 0x1}, {&(0x7f0000000940)="99", 0x1}, {&(0x7f00000008c0)='z', 0x1}, {&(0x7f00000009c0)='~', 0x1}, {&(0x7f0000000a00)='x', 0x1}, {&(0x7f0000000440)="06", 0x1}, {&(0x7f0000000580)='k', 0xffffffc6}, {&(0x7f00000006c0)="1d", 0x1}, {&(0x7f0000000800)='a', 0x1}, {&(0x7f0000000280)='$', 0x1}], 0xc}}, {{0x0, 0x0, &(0x7f00000035c0)=[{&(0x7f0000001040)="fc"}, {&(0x7f0000001080)="c9", 0x1}, {&(0x7f0000002180)='-', 0x1}, {&(0x7f0000002240)='R', 0x1}, {&(0x7f00000033c0)="c4", 0x1}], 0x5}}], 0x2, 0x4000000)
setsockopt$sock_int(r3, 0x1, 0x20, &(0x7f0000000000)=0x7fffffff, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0x61, 0x83, &(0x7f0000000080)="3e88d7fce801f475d2ce69e351a3116082c5ce45971f7253d63240f0d7cfa73b1ced103f051d6cd365e6183ecc1163fb53a89e01942475247ccdeb847f6c5ba99e58cb52d30bf37209439da0b6ffe43cc733873fe480088733dfb83121bc75ef7b", &(0x7f0000000240)=""/131, 0x2, 0x0, 0x70, 0xf9, &(0x7f00000003c0)="32abf989d7e9a012c587a4971e35d4dd95c531a89f0f99a6dd715d5d5ff4d8e5ab429a0ccf065f6a6bdf35250d8c7d4b3adcf468146ccc768866c71aa63761780ae1032646e55a8c0fb5ee86e9ad4590dccc6fae954ef3e4b73af2744dedd2b85ff516fe245df10ebd4b33e703e762ef", &(0x7f0000000500)="acdae80a14a2e89dcf68b09f335addd90cb0e071948cb9d568f75d5395f9161726d4ecde585700513064c622a59dbcf2a270adc64ab1bd606ac3dc911474e0160a7d1da846c6af314043875d41f0e91c7ce83b55bbd31ba355cda35468a0aeed7967f5161a5f7371cf34f8c72aa3385f4e61ba316a41297ddceffe6b5b23960950a2e7a76a5c5ab861d2548d80f62964ea257f2dea17d553f917fccf0cc9024fcd0d771a1cda7be77b72010621803019b8814cd330aafb8a383d44f3c9b9f389c07748bed07a148fc9f40b15c4f9cf412c9345987ced5aed28f1327250f40c74cd81fbf02e51df47db0e094d0fe47b4cf223578d67c8f1b58d", 0x5, 0x0, 0x815}, 0x50)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
writev(r4, &(0x7f0000000700)=[{&(0x7f00000000c0)="02ef667db5e53f90ddf725d589e79497ed32000192c55934a92b7b6285d5b1fb065ae78c91902eb69b165687a415b833508dc85680407417b65a83592a4e597178233649c148ab68571c3390210cbe7ea8194c25e9b37c83bb8055e08218fa6a47d9401cdffa24dd9b984cec90c7c1508f05453927e13e43ffc2f4482bd0fc", 0x4}, {&(0x7f0000000140)="1a36c585040053c08764d056a86d003cbaf5cde47e5f51052d82c19aa673d661416429534237090097b3116d403a08c07bbbe72da665341d6592092455897fe84a54e94a435e8d3810ce4899d5b04d17b099bbec7fb7f005b03bb00f6860f0cd665a14bd1b7ad319101e9beae62faa71a5f2383e963aba417592d7a84958", 0x7e}], 0x62)
ioctl$TUNGETSNDBUF(r4, 0x800454d3, &(0x7f0000000340))

78.71034ms ago: executing program 2 (id=6742):
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, &(0x7f0000000040)=@framed={{0xffffffb7, 0x5, 0x0, 0x0, 0x0, 0x79, 0x10, 0xa8}, [@ldst={0x5, 0x3, 0x0, 0xa}]}, &(0x7f00000002c0)='GPL\x00', 0x5, 0xfd90, &(0x7f0000000300)=""/188, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f3, 0x10, &(0x7f0000000080), 0xfffffffffffffc79}, 0x2a) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, &(0x7f0000000040)=@framed={{0xffffffb7, 0x5, 0x0, 0x0, 0x0, 0x79, 0x10, 0xa8}, [@ldst={0x5, 0x3, 0x0, 0xa}]}, &(0x7f00000002c0)='GPL\x00', 0x5, 0xfd90, &(0x7f0000000300)=""/188, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f3, 0x10, &(0x7f0000000080), 0xfffffffffffffc79}, 0x2a)
socket$nl_route(0x10, 0x3, 0x0) (async)
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1e0000006700000008000000ad00000008680100", @ANYRES32=0x1, @ANYBLOB="8100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0300000003000000040000000500"/24, @ANYRES32, @ANYBLOB="09307d6a0e148981ad707c8109465f716c65be6e8570487e585dcd7d60c83a6c4c8361062446f4f5bc5c58562c43b38c4d557951dab95269ab90b920e96b236776d7b59f5e1c0e93280a0264ffe4767bcd"], 0x50)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="280000000002010100000000000045b80000000006fa06400000000004cbf911ccce06489b82f813"], 0x28}}, 0x0)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x18, 0x1404, 0x1, 0x70bd2c, 0x1, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x18}}, 0x20004018) (async)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x18, 0x1404, 0x1, 0x70bd2c, 0x1, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x18}}, 0x20004018)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r4)
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)={0x118, 0x2f, 0x1, 0x0, 0x25dfdbfc, "", [@nested={0x107, 0xf2, 0x0, 0x1, [@typed={0xc, 0x2, 0x0, 0x0, @u64=0xfac0a}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@mcast2}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43f9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f17", @typed={0x4, 0xe9}]}]}, 0x118}], 0x1, 0x0, 0x0, 0x1}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)={0x28, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_TX_RATES={0xc, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x4}, @NL80211_BAND_60GHZ={0x4}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x40080}, 0x2000c840) (async)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)={0x28, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_TX_RATES={0xc, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x4}, @NL80211_BAND_60GHZ={0x4}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x40080}, 0x2000c840)
sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0xc71e16e819ce1f22}, 0xc, &(0x7f0000000100)={&(0x7f00000002c0)={0xc0, r5, 0x400, 0x70bd2b, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_HT_CAPABILITY_MASK={0x1e, 0x94, {0x40, 0x3, 0x0, 0x0, {0x0, 0x6, 0x0, 0x3, 0x0, 0x1, 0x1, 0x1, 0x1}, 0x0, 0x5, 0x8}}, @NL80211_ATTR_BG_SCAN_PERIOD={0x6, 0x98, 0xfffc}, @NL80211_ATTR_BG_SCAN_PERIOD={0x6, 0x98, 0x40}, @NL80211_ATTR_BSS_SELECT={0x50, 0xe3, 0x0, 0x1, {0x4c, 0x0, [@NL80211_BSS_SELECT_ATTR_RSSI_ADJUST={0x6, 0x3, {0x6, 0x1}}, @NL80211_BSS_SELECT_ATTR_RSSI_ADJUST={0x6, 0x3, {0x5, 0x3}}, @NL80211_BSS_SELECT_ATTR_RSSI_ADJUST={0x6, 0x3, {0x0, 0x4}}, @NL80211_BSS_SELECT_ATTR_RSSI_ADJUST={0x6, 0x3, {0xe, 0x7f}}, @NL80211_BSS_SELECT_ATTR_RSSI_ADJUST={0x6, 0x3, {0x1, 0xd1}}, @NL80211_BSS_SELECT_ATTR_BAND_PREF={0x8, 0x2, 0x5}, @NL80211_BSS_SELECT_ATTR_RSSI={0x4}, @NL80211_BSS_SELECT_ATTR_RSSI_ADJUST={0x6, 0x3, {0x8, 0x8}}, @NL80211_BSS_SELECT_ATTR_BAND_PREF={0x8, 0x2, 0xfffffffb}, @NL80211_BSS_SELECT_ATTR_RSSI={0x4}]}}, @NL80211_ATTR_VHT_CAPABILITY={0x10, 0x9d, {0x8, {0xf0b7, 0x83, 0xec2a, 0x7f}}}, @NL80211_ATTR_USE_RRM={0x4}, @NL80211_ATTR_WANT_1X_4WAY_HS={0x4}, @NL80211_ATTR_DISABLE_HT={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @random="545d8fa02a7f"}, @NL80211_ATTR_PRIVACY={0x4}]}, 0xc0}, 0x1, 0x0, 0x0, 0x20000060}, 0x40800)
syz_emit_ethernet(0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c2000002aaaaaaaaaaaa08004500006000000000002f9078640101000000000024806558000000000000000010000800000086dd"], 0x0)
r8 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c00028008000140000000001400017b090001006cdbf80789f3f947dd000280080003"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newlink={0x6c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x585d}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @loopback}]}]}, @IFLA_IFNAME={0x14, 0x3, 'ipvlan1\x00'}, @IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPVLAN_MODE={0x6}]}}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x840}, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newlink={0x6c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x585d}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @loopback}]}]}, @IFLA_IFNAME={0x14, 0x3, 'ipvlan1\x00'}, @IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPVLAN_MODE={0x6}]}}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x840}, 0x0)

37.25699ms ago: executing program 0 (id=6743):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)={0x2c, r1, 0x101, 0x70bd27, 0x80000, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_IE={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x20000044)

0s ago: executing program 4 (id=6744):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f00000002c0)=0x1, 0x4)
setsockopt$inet_tcp_int(r1, 0x6, 0x22, &(0x7f0000000000)=0x1, 0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$igmp(0x2, 0x3, 0x2)
getsockopt$inet_opts(r3, 0x0, 0xc, 0x0, &(0x7f0000000780))
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYRESHEX=r1], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0xa8, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x7c, 0x4, 0x0, 0x1, [{0x78, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x68, 0x2, 0x0, 0x1, [@NFTA_TARGET_INFO={0x50, 0x3, "cd4b6abe42031763d02899c77f99ff5fe87a9d3ac869f3a860917523679a5eb46131471826390d810593448ba1ecbf4579f9cd6564e64066681fb945bfe585ab6933a6f6514a0eebad4e3537"}, @NFTA_TARGET_NAME={0xa, 0x1, 'NFLOG\x00'}, @NFTA_TARGET_REV={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0xd0}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmmsg$inet(r1, &(0x7f0000000f40)=[{{&(0x7f0000000040)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000080)='\x00', 0x1}], 0x1}}], 0x1, 0x2400c042)
bind$inet(r0, &(0x7f0000000700)={0x2, 0x4e20, @broadcast}, 0x10)
syz_emit_ethernet(0x80, &(0x7f0000000300)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c2000000080045040061000000000011907800000000000000004e244e20004d9078010000000100000065a252e7cb7a5918c004a9971a46afced2c32642b1ec9fe34818d8ccd82041b7c930713c550e74ee13c2638ac75b2a9666efd31a34fce4498df8105d8bd8e9283a00003a9becd8a70d3607ea8270d351ae12e16b560f2f8ac4ca3e745ce285f12f6e8719e7f1e7f286a68f76980aa8fb8f80d69f1fb587086447e93e55e824bb69e833bd36300b088233545a01a0e4cb58b005d161c67dcc57590ed152958e90558c55d5e11465000000008c6c342de59f50546d4b55088fb2bc75d7752e954624088bfc3e38c3b579928a635435935111663b1ad7d3b4a0f1d034eb11da8b0e62c7dba9af9a0dede61688856d8a9aa845e915c800d9eb428e49b4f3c16d6337973e3fb4a55421c4867ff51df793dc2747f47faaed"], 0x0)

kernel console output (not intermixed with test programs):

[  638.546636][T23841]  dump_stack_lvl+0xe8/0x150
[  638.546669][T23841]  should_fail_ex+0x412/0x560
[  638.546706][T23841]  _copy_from_iter+0x1d3/0x1670
[  638.546747][T23841]  ? alloc_pages_mpol+0x3c0/0x490
[  638.546783][T23841]  ? __pfx__copy_from_iter+0x10/0x10
[  638.546814][T23841]  ? alloc_pages_noprof+0x13b/0x2a0
[  638.546839][T23841]  ? skb_page_frag_refill+0x119/0x460
[  638.546893][T23841]  kcm_sendmsg+0xe4e/0x29f0
[  638.546963][T23841]  ? __pfx_kcm_sendmsg+0x10/0x10
[  638.546990][T23841]  ? aa_sock_msg_perm+0xf1/0x1b0
[  638.547021][T23841]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  638.547055][T23841]  ____sys_sendmsg+0x972/0x9f0
[  638.547086][T23841]  ? __might_fault+0xaf/0x130
[  638.547121][T23841]  ? __pfx_____sys_sendmsg+0x10/0x10
[  638.547161][T23841]  ? import_iovec+0x73/0xa0
[  638.547196][T23841]  ___sys_sendmsg+0x2a5/0x360
[  638.547230][T23841]  ? __lock_acquire+0x6b5/0x2cf0
[  638.547259][T23841]  ? __pfx____sys_sendmsg+0x10/0x10
[  638.547331][T23841]  ? __fget_files+0x2a/0x420
[  638.547357][T23841]  ? __fget_files+0x3a0/0x420
[  638.547395][T23841]  __x64_sys_sendmsg+0x1bd/0x2a0
[  638.547429][T23841]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  638.547471][T23841]  ? __pfx_ksys_write+0x10/0x10
[  638.547512][T23841]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  638.547536][T23841]  do_syscall_64+0x15f/0xf80
[  638.547565][T23841]  ? trace_irq_disable+0x3b/0x140
[  638.547596][T23841]  ? clear_bhb_loop+0x40/0x90
[  638.547624][T23841]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  638.547647][T23841] RIP: 0033:0x7fde39f9cdd9
[  638.547669][T23841] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  638.547690][T23841] RSP: 002b:00007fde381f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  638.547714][T23841] RAX: ffffffffffffffda RBX: 00007fde3a215fa0 RCX: 00007fde39f9cdd9
[  638.547730][T23841] RDX: 0000000000000000 RSI: 0000200000002080 RDI: 0000000000000003
[  638.547745][T23841] RBP: 00007fde381f6090 R08: 0000000000000000 R09: 0000000000000000
[  638.547759][T23841] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  638.547773][T23841] R13: 00007fde3a216038 R14: 00007fde3a215fa0 R15: 00007fff62e3b8c8
[  638.547810][T23841]  </TASK>
[  638.810388][T23843] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6076'.
[  638.855585][T23848] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6078'.
[  638.878851][T23848] openvswitch: netlink: Flow key attr not present in new flow.
[  638.936028][T23847] netlink: 'syz.3.6078': attribute type 20 has an invalid length.
[  638.975045][T23847] IPv6: NLM_F_CREATE should be specified when creating new route
[  639.046896][T23855] netlink: 52 bytes leftover after parsing attributes in process `syz.4.6080'.
[  639.084401][T23855] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  639.156462][   T36] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  639.581038][ T5639] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  639.599956][ T5639] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  639.609538][ T5639] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  639.622002][ T5639] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  639.633731][ T5639] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  639.702177][T23874] FAULT_INJECTION: forcing a failure.
[  639.702177][T23874] name failslab, interval 1, probability 0, space 0, times 0
[  639.769151][T23874] CPU: 1 UID: 0 PID: 23874 Comm: syz.1.6087 Not tainted syzkaller #0 PREEMPT(full) 
[  639.769185][T23874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  639.769199][T23874] Call Trace:
[  639.769208][T23874]  <TASK>
[  639.769218][T23874]  dump_stack_lvl+0xe8/0x150
[  639.769251][T23874]  should_fail_ex+0x412/0x560
[  639.769287][T23874]  should_failslab+0xa8/0x100
[  639.769321][T23874]  __kmalloc_cache_noprof+0x88/0x660
[  639.769350][T23874]  ? __sctp_v6_cmp_addr+0x1e6/0x510
[  639.769383][T23874]  ? sctp_add_bind_addr+0x8c/0x370
[  639.769419][T23874]  sctp_add_bind_addr+0x8c/0x370
[  639.769454][T23874]  sctp_copy_local_addr_list+0x314/0x4f0
[  639.769489][T23874]  ? sctp_copy_local_addr_list+0xa4/0x4f0
[  639.769520][T23874]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  639.769553][T23874]  ? sctp_v6_is_any+0x64/0x80
[  639.769607][T23874]  ? sctp_copy_one_addr+0x93/0x360
[  639.769651][T23874]  sctp_bind_addr_copy+0xb3/0x3c0
[  639.769685][T23874]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  639.769718][T23874]  sctp_connect_new_asoc+0x2ff/0x6b0
[  639.769746][T23874]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  639.769776][T23874]  ? __local_bh_enable_ip+0xd0/0x130
[  639.769796][T23874]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  639.769826][T23874]  ? security_sctp_bind_connect+0x7e/0x2c0
[  639.769855][T23874]  sctp_sendmsg+0x1528/0x2c10
[  639.769875][T23874]  ? unwind_next_frame+0xa6/0x2550
[  639.769918][T23874]  ? __pfx_sctp_sendmsg+0x10/0x10
[  639.769944][T23874]  ? aa_sk_perm+0x6d5/0x900
[  639.769982][T23874]  ? __pfx_aa_sk_perm+0x10/0x10
[  639.770013][T23874]  ? sock_rps_record_flow+0x19/0x350
[  639.770051][T23874]  ? inet_sendmsg+0x2f4/0x370
[  639.770078][T23874]  ____sys_sendmsg+0x80a/0x9f0
[  639.770118][T23874]  ? __pfx_____sys_sendmsg+0x10/0x10
[  639.770164][T23874]  ? import_iovec+0x73/0xa0
[  639.770199][T23874]  ___sys_sendmsg+0x2a5/0x360
[  639.770228][T23874]  ? __lock_acquire+0x6b5/0x2cf0
[  639.770259][T23874]  ? __pfx____sys_sendmsg+0x10/0x10
[  639.770330][T23874]  ? __fget_files+0x2a/0x420
[  639.770357][T23874]  ? __fget_files+0x3a0/0x420
[  639.770397][T23874]  __x64_sys_sendmsg+0x1bd/0x2a0
[  639.770433][T23874]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  639.770475][T23874]  ? __pfx_ksys_write+0x10/0x10
[  639.770517][T23874]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  639.770542][T23874]  do_syscall_64+0x15f/0xf80
[  639.770572][T23874]  ? trace_irq_disable+0x3b/0x140
[  639.770605][T23874]  ? clear_bhb_loop+0x40/0x90
[  639.770643][T23874]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  639.770665][T23874] RIP: 0033:0x7f7d18d9cdd9
[  639.770688][T23874] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  639.770708][T23874] RSP: 002b:00007f7d19b8b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  639.770734][T23874] RAX: ffffffffffffffda RBX: 00007f7d19015fa0 RCX: 00007f7d18d9cdd9
[  639.770750][T23874] RDX: 00000000240280d1 RSI: 0000200000002dc0 RDI: 0000000000000005
[  639.770765][T23874] RBP: 00007f7d19b8b090 R08: 0000000000000000 R09: 0000000000000000
[  639.770780][T23874] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  639.770794][T23874] R13: 00007f7d19016038 R14: 00007f7d19015fa0 R15: 00007fff32da9188
[  639.770828][T23874]  </TASK>
[  640.249931][T23883] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6089'.
[  640.476406][T23892] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6091'.
[  640.642915][T23897] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6095'.
[  640.811869][   T36] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  640.826306][   T36] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  640.955526][ T5730] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  641.159069][   T36] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  641.173136][   T36] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  641.278678][T23922] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6102'.
[  641.354755][T23924] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6102'.
[  641.403992][   T36] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  641.415403][   T36] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  641.454708][T23933] netlink: 20 bytes leftover after parsing attributes in process `syz.4.6105'.
[  641.591237][   T36] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  641.601968][T23936] FAULT_INJECTION: forcing a failure.
[  641.601968][T23936] name failslab, interval 1, probability 0, space 0, times 0
[  641.625985][   T36] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  641.635011][T23936] CPU: 0 UID: 0 PID: 23936 Comm: syz.4.6106 Not tainted syzkaller #0 PREEMPT(full) 
[  641.635042][T23936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  641.635055][T23936] Call Trace:
[  641.635063][T23936]  <TASK>
[  641.635073][T23936]  dump_stack_lvl+0xe8/0x150
[  641.635103][T23936]  should_fail_ex+0x412/0x560
[  641.635135][T23936]  should_failslab+0xa8/0x100
[  641.635167][T23936]  __kmalloc_cache_noprof+0x88/0x660
[  641.635193][T23936]  ? __sctp_v6_cmp_addr+0x1e6/0x510
[  641.635222][T23936]  ? sctp_add_bind_addr+0x8c/0x370
[  641.635255][T23936]  sctp_add_bind_addr+0x8c/0x370
[  641.635288][T23936]  sctp_copy_local_addr_list+0x314/0x4f0
[  641.635320][T23936]  ? sctp_copy_local_addr_list+0xa4/0x4f0
[  641.635348][T23936]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  641.635379][T23936]  ? sctp_v6_is_any+0x64/0x80
[  641.635408][T23936]  ? sctp_copy_one_addr+0x93/0x360
[  641.635440][T23936]  sctp_bind_addr_copy+0xb3/0x3c0
[  641.635469][T23936]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  641.635498][T23936]  sctp_connect_new_asoc+0x2ff/0x6b0
[  641.635525][T23936]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  641.635554][T23936]  ? __local_bh_enable_ip+0xd0/0x130
[  641.635574][T23936]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  641.635603][T23936]  ? security_sctp_bind_connect+0x7e/0x2c0
[  641.635629][T23936]  sctp_sendmsg+0x1528/0x2c10
[  641.635648][T23936]  ? unwind_next_frame+0xa6/0x2550
[  641.635688][T23936]  ? __pfx_sctp_sendmsg+0x10/0x10
[  641.635713][T23936]  ? aa_sk_perm+0x6d5/0x900
[  641.635747][T23936]  ? __pfx_aa_sk_perm+0x10/0x10
[  641.635775][T23936]  ? sock_rps_record_flow+0x19/0x350
[  641.635809][T23936]  ? inet_sendmsg+0x2f4/0x370
[  641.635833][T23936]  ____sys_sendmsg+0x80a/0x9f0
[  641.635879][T23936]  ? __pfx_____sys_sendmsg+0x10/0x10
[  641.635917][T23936]  ? import_iovec+0x73/0xa0
[  641.635950][T23936]  ___sys_sendmsg+0x2a5/0x360
[  641.635976][T23936]  ? __lock_acquire+0x6b5/0x2cf0
[  641.636009][T23936]  ? __pfx____sys_sendmsg+0x10/0x10
[  641.636074][T23936]  ? __fget_files+0x2a/0x420
[  641.636098][T23936]  ? __fget_files+0x3a0/0x420
[  641.636133][T23936]  __x64_sys_sendmsg+0x1bd/0x2a0
[  641.636164][T23936]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  641.636202][T23936]  ? __pfx_ksys_write+0x10/0x10
[  641.636239][T23936]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  641.636262][T23936]  do_syscall_64+0x15f/0xf80
[  641.636289][T23936]  ? trace_irq_disable+0x3b/0x140
[  641.636319][T23936]  ? clear_bhb_loop+0x40/0x90
[  641.636347][T23936]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  641.636368][T23936] RIP: 0033:0x7feeb5d9cdd9
[  641.636391][T23936] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  641.636411][T23936] RSP: 002b:00007feeb6d16028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  641.636435][T23936] RAX: ffffffffffffffda RBX: 00007feeb6015fa0 RCX: 00007feeb5d9cdd9
[  641.636452][T23936] RDX: 00000000240280d1 RSI: 0000200000002dc0 RDI: 0000000000000004
[  641.636466][T23936] RBP: 00007feeb6d16090 R08: 0000000000000000 R09: 0000000000000000
[  641.636480][T23936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  641.636493][T23936] R13: 00007feeb6016038 R14: 00007feeb6015fa0 R15: 00007ffe6ed86158
[  641.636528][T23936]  </TASK>
[  641.765935][ T5639] Bluetooth: hci3: command tx timeout
[  642.393079][ T7164] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 35093 - 0
[  642.459713][T23953] FAULT_INJECTION: forcing a failure.
[  642.459713][T23953] name failslab, interval 1, probability 0, space 0, times 0
[  642.487391][ T7169] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 35093 - 0
[  642.495660][T23953] CPU: 1 UID: 0 PID: 23953 Comm: syz.4.6114 Not tainted syzkaller #0 PREEMPT(full) 
[  642.495691][T23953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  642.495704][T23953] Call Trace:
[  642.495714][T23953]  <TASK>
[  642.495724][T23953]  dump_stack_lvl+0xe8/0x150
[  642.495757][T23953]  should_fail_ex+0x412/0x560
[  642.495793][T23953]  should_failslab+0xa8/0x100
[  642.495827][T23953]  __kmalloc_cache_noprof+0x88/0x660
[  642.495855][T23953]  ? __sctp_v6_cmp_addr+0x1e6/0x510
[  642.495891][T23953]  ? sctp_add_bind_addr+0x8c/0x370
[  642.495926][T23953]  sctp_add_bind_addr+0x8c/0x370
[  642.495961][T23953]  sctp_copy_local_addr_list+0x314/0x4f0
[  642.495994][T23953]  ? sctp_copy_local_addr_list+0xa4/0x4f0
[  642.496024][T23953]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  642.496055][T23953]  ? sctp_v6_is_any+0x64/0x80
[  642.496087][T23953]  ? sctp_copy_one_addr+0x93/0x360
[  642.496120][T23953]  sctp_bind_addr_copy+0xb3/0x3c0
[  642.496150][T23953]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  642.496180][T23953]  sctp_connect_new_asoc+0x2ff/0x6b0
[  642.496207][T23953]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  642.496237][T23953]  ? __local_bh_enable_ip+0xd0/0x130
[  642.496257][T23953]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  642.496287][T23953]  ? security_sctp_bind_connect+0x7e/0x2c0
[  642.496314][T23953]  sctp_sendmsg+0x1528/0x2c10
[  642.496335][T23953]  ? unwind_next_frame+0xa6/0x2550
[  642.496387][T23953]  ? __pfx_sctp_sendmsg+0x10/0x10
[  642.496416][T23953]  ? aa_sk_perm+0x6d5/0x900
[  642.496454][T23953]  ? __pfx_aa_sk_perm+0x10/0x10
[  642.496484][T23953]  ? __lock_acquire+0x6b5/0x2cf0
[  642.496507][T23953]  ? sock_rps_record_flow+0x19/0x350
[  642.496542][T23953]  ? inet_sendmsg+0x2f4/0x370
[  642.496566][T23953]  ____sys_sendmsg+0x80a/0x9f0
[  642.496612][T23953]  ? __pfx_____sys_sendmsg+0x10/0x10
[  642.496649][T23953]  ? import_iovec+0x73/0xa0
[  642.496682][T23953]  ___sys_sendmsg+0x2a5/0x360
[  642.496709][T23953]  ? __lock_acquire+0x6b5/0x2cf0
[  642.496735][T23953]  ? __pfx____sys_sendmsg+0x10/0x10
[  642.496799][T23953]  ? __fget_files+0x2a/0x420
[  642.496823][T23953]  ? __fget_files+0x3a0/0x420
[  642.496857][T23953]  __x64_sys_sendmsg+0x1bd/0x2a0
[  642.496888][T23953]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  642.496913][T23953]  ? sched_clock_cpu+0x74/0x440
[  642.496957][T23953]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  642.496980][T23953]  do_syscall_64+0x15f/0xf80
[  642.497010][T23953]  ? clear_bhb_loop+0x40/0x90
[  642.497035][T23953]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  642.497057][T23953] RIP: 0033:0x7feeb5d9cdd9
[  642.497077][T23953] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  642.497095][T23953] RSP: 002b:00007feeb6d16028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  642.497119][T23953] RAX: ffffffffffffffda RBX: 00007feeb6015fa0 RCX: 00007feeb5d9cdd9
[  642.497135][T23953] RDX: 00000000240280d1 RSI: 0000200000002dc0 RDI: 0000000000000005
[  642.497149][T23953] RBP: 00007feeb6d16090 R08: 0000000000000000 R09: 0000000000000000
[  642.497162][T23953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  642.497175][T23953] R13: 00007feeb6016038 R14: 00007feeb6015fa0 R15: 00007ffe6ed86158
[  642.497210][T23953]  </TASK>
[  642.853567][T23962] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6115'.
[  642.995290][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  643.046164][T23967] FAULT_INJECTION: forcing a failure.
[  643.046164][T23967] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  643.078260][ T7164] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 35093 - 0
[  643.082812][T23967] CPU: 0 UID: 0 PID: 23967 Comm: syz.4.6118 Not tainted syzkaller #0 PREEMPT(full) 
[  643.082842][T23967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  643.082855][T23967] Call Trace:
[  643.082863][T23967]  <TASK>
[  643.082873][T23967]  dump_stack_lvl+0xe8/0x150
[  643.082903][T23967]  should_fail_ex+0x412/0x560
[  643.082935][T23967]  _copy_from_iter+0x1d3/0x1670
[  643.082971][T23967]  ? alloc_pages_mpol+0x3c0/0x490
[  643.083002][T23967]  ? __pfx__copy_from_iter+0x10/0x10
[  643.083030][T23967]  ? alloc_pages_noprof+0x13b/0x2a0
[  643.083051][T23967]  ? skb_page_frag_refill+0x119/0x460
[  643.083093][T23967]  kcm_sendmsg+0xe4e/0x29f0
[  643.083156][T23967]  ? __pfx_kcm_sendmsg+0x10/0x10
[  643.083180][T23967]  ? aa_sock_msg_perm+0xf1/0x1b0
[  643.083209][T23967]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  643.083240][T23967]  ____sys_sendmsg+0x972/0x9f0
[  643.083268][T23967]  ? __might_fault+0xaf/0x130
[  643.083299][T23967]  ? __pfx_____sys_sendmsg+0x10/0x10
[  643.083337][T23967]  ? import_iovec+0x73/0xa0
[  643.083369][T23967]  ___sys_sendmsg+0x2a5/0x360
[  643.083395][T23967]  ? __lock_acquire+0x6b5/0x2cf0
[  643.083422][T23967]  ? __pfx____sys_sendmsg+0x10/0x10
[  643.083487][T23967]  ? __fget_files+0x2a/0x420
[  643.083511][T23967]  ? __fget_files+0x3a0/0x420
[  643.083551][T23967]  __x64_sys_sendmsg+0x1bd/0x2a0
[  643.083595][T23967]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  643.083632][T23967]  ? __pfx_ksys_write+0x10/0x10
[  643.083670][T23967]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  643.083691][T23967]  do_syscall_64+0x15f/0xf80
[  643.083718][T23967]  ? trace_irq_disable+0x3b/0x140
[  643.083747][T23967]  ? clear_bhb_loop+0x40/0x90
[  643.083772][T23967]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  643.083792][T23967] RIP: 0033:0x7feeb5d9cdd9
[  643.083812][T23967] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  643.083830][T23967] RSP: 002b:00007feeb6cf5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  643.083852][T23967] RAX: ffffffffffffffda RBX: 00007feeb6016090 RCX: 00007feeb5d9cdd9
[  643.083868][T23967] RDX: 0000000000000000 RSI: 0000200000002080 RDI: 0000000000000003
[  643.083881][T23967] RBP: 00007feeb6cf5090 R08: 0000000000000000 R09: 0000000000000000
[  643.083894][T23967] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  643.083907][T23967] R13: 00007feeb6016128 R14: 00007feeb6016090 R15: 00007ffe6ed86158
[  643.083941][T23967]  </TASK>
[  643.548697][ T7169] netdevsim netdevsim3 eth4: set [1, 0] type 2 family 0 port 35093 - 0
[  644.035871][ T5639] Bluetooth: hci3: command tx timeout
[  644.044687][ T5742] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  644.299673][   T36] bridge_slave_1: left promiscuous mode
[  644.313908][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  644.413068][   T36] dvmrp0: left allmulticast mode
[  645.199449][   T36] bond0 (unregistering): left promiscuous mode
[  645.217823][   T36] bond_slave_0: left promiscuous mode
[  645.223531][   T36] bond_slave_1: left promiscuous mode
[  645.238438][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  645.254456][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  645.269729][   T36] bond0 (unregistering): Released all slaves
[  645.284354][   T36] bond1 (unregistering): Released all slaves
[  645.355459][ T5287] 8021q: adding VLAN 0 to HW filter on device eth1
[  645.452452][   T36] tipc: Disabling bearer <udp:syz2>
[  645.482452][   T36] tipc: Left network mode
[  645.610827][T24032] netlink: 20 bytes leftover after parsing attributes in process `syz.0.6129'.
[  646.086327][T24046] netlink: 60 bytes leftover after parsing attributes in process `syz.0.6133'.
[  646.106595][T24046] netlink: 60 bytes leftover after parsing attributes in process `syz.0.6133'.
[  646.125576][ T5639] Bluetooth: hci3: command tx timeout
[  646.428077][T23871] bridge0: port 1(bridge_slave_0) entered blocking state
[  646.461547][T23871] bridge0: port 1(bridge_slave_0) entered disabled state
[  646.486973][T23871] bridge_slave_0: entered allmulticast mode
[  646.532787][T23871] bridge_slave_0: entered promiscuous mode
[  646.570208][T23871] bridge0: port 2(bridge_slave_1) entered blocking state
[  646.597215][T23871] bridge0: port 2(bridge_slave_1) entered disabled state
[  646.619650][T23871] bridge_slave_1: entered allmulticast mode
[  646.706041][T23871] bridge_slave_1: entered promiscuous mode
[  646.956051][T24075] netlink: 20 bytes leftover after parsing attributes in process `syz.0.6139'.
[  647.035709][T24071] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6138'.
[  647.063945][T23871] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  647.159075][T23871] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  647.494361][T23871] team0: Port device team_slave_0 added
[  647.510959][ T5287] 8021q: adding VLAN 0 to HW filter on device eth2
[  647.538779][T24090] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6142'.
[  647.579944][T23871] team0: Port device team_slave_1 added
[  647.708165][T24095] lo: Caught tx_queue_len zero misconfig
[  647.719464][T24095] netlink: 'syz.4.6144': attribute type 8 has an invalid length.
[  647.736410][T24095] sch_fq: defrate 0 ignored.
[  647.747681][   T36] team0: left promiscuous mode
[  647.752732][   T36] team_slave_0: left promiscuous mode
[  647.776484][   T36] team_slave_1: left promiscuous mode
[  647.807500][T24102] vcan0: tx address claim with dest, not broadcast
[  647.833023][   T36] hsr_slave_0: left promiscuous mode
[  647.855655][   T36] hsr_slave_1: left promiscuous mode
[  647.864621][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  647.881986][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  647.883283][T24105] FAULT_INJECTION: forcing a failure.
[  647.883283][T24105] name failslab, interval 1, probability 0, space 0, times 0
[  647.901926][T24105] CPU: 1 UID: 0 PID: 24105 Comm: syz.4.6147 Not tainted syzkaller #0 PREEMPT(full) 
[  647.901947][T24105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  647.901956][T24105] Call Trace:
[  647.901963][T24105]  <TASK>
[  647.901970][T24105]  dump_stack_lvl+0xe8/0x150
[  647.901992][T24105]  should_fail_ex+0x412/0x560
[  647.902013][T24105]  should_failslab+0xa8/0x100
[  647.902033][T24105]  ? skb_clone+0x212/0x3a0
[  647.902053][T24105]  kmem_cache_alloc_noprof+0x87/0x650
[  647.902071][T24105]  ? __bpf_redirect+0xcb4/0x12a0
[  647.902090][T24105]  skb_clone+0x212/0x3a0
[  647.902111][T24105]  bpf_clone_redirect+0x16a/0x4b0
[  647.902133][T24105]  ? bpf_test_run+0x1d1/0x830
[  647.902152][T24105]  bpf_prog_1939c40fbf65037b+0x5f/0x68
[  647.902170][T24105]  ? arch_stack_walk+0xfb/0x150
[  647.902191][T24105]  ? __pfx___schedule+0x10/0x10
[  647.902209][T24105]  ? ktime_get+0x45/0x220
[  647.902235][T24105]  ? preempt_schedule_thunk+0x16/0x30
[  647.902255][T24105]  ? preempt_schedule_common+0x82/0xd0
[  647.902273][T24105]  ? bpf_test_run+0x1d1/0x830
[  647.902292][T24105]  ? bpf_test_timer_continue+0x10c/0x320
[  647.902313][T24105]  bpf_test_run+0x354/0x830
[  647.902341][T24105]  ? __pfx_bpf_test_run+0x10/0x10
[  647.902368][T24105]  ? eth_type_trans+0x796/0x7e0
[  647.902392][T24105]  ? convert___skb_to_skb+0x3d/0x5b0
[  647.902411][T24105]  bpf_prog_test_run_skb+0xe2c/0x2260
[  647.902440][T24105]  ? __fget_files+0x3a0/0x420
[  647.902456][T24105]  ? __fget_files+0x2a/0x420
[  647.902480][T24105]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  647.902510][T24105]  bpf_prog_test_run+0x2c7/0x340
[  647.902547][T24105]  __sys_bpf+0x643/0x950
[  647.902572][T24105]  ? __pfx___sys_bpf+0x10/0x10
[  647.902600][T24105]  ? ksys_write+0x242/0x270
[  647.902620][T24105]  ? __pfx_ksys_write+0x10/0x10
[  647.902641][T24105]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  647.902660][T24105]  __x64_sys_bpf+0x7c/0x90
[  647.902691][T24105]  do_syscall_64+0x15f/0xf80
[  647.902721][T24105]  ? trace_irq_disable+0x3b/0x140
[  647.902749][T24105]  ? clear_bhb_loop+0x40/0x90
[  647.902765][T24105]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  647.902780][T24105] RIP: 0033:0x7feeb5d9cdd9
[  647.902796][T24105] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  647.902809][T24105] RSP: 002b:00007feeb6d16028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  647.902825][T24105] RAX: ffffffffffffffda RBX: 00007feeb6015fa0 RCX: 00007feeb5d9cdd9
[  647.902836][T24105] RDX: 0000000000000050 RSI: 0000200000000100 RDI: 000000000000000a
[  647.902845][T24105] RBP: 00007feeb6d16090 R08: 0000000000000000 R09: 0000000000000000
[  647.902854][T24105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  647.902863][T24105] R13: 00007feeb6016038 R14: 00007feeb6015fa0 R15: 00007ffe6ed86158
[  647.902882][T24105]  </TASK>
[  648.196236][ T5639] Bluetooth: hci3: command tx timeout
[  648.210353][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  648.218486][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  648.241144][   T36] veth1_macvtap: left promiscuous mode
[  648.246927][   T36] veth0_macvtap: left promiscuous mode
[  648.252909][   T36] veth1_vlan: left promiscuous mode
[  648.259589][   T36] veth0_vlan: left promiscuous mode
[  648.261519][T24108] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6149'.
[  648.445709][   T57] smc: removing ib device syz2
[  648.494748][   T57] smbdirect: ib_dev[syz2] removed
[  648.989823][   T36] team0 (unregistering): Port device team_slave_1 removed
[  649.043518][   T36] team0 (unregistering): Port device team_slave_0 removed
[  649.628143][T23871] batman_adv: batadv0: Adding interface: batadv_slave_0
[  649.639276][T23871] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  649.671968][T23871] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  649.685212][T24106] netlink: 16 bytes leftover after parsing attributes in process `syz.0.6148'.
[  649.842468][T23871] batman_adv: batadv0: Adding interface: batadv_slave_1
[  649.868608][T23871] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  649.982744][T23871] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  650.381033][T24131] netlink: 20 bytes leftover after parsing attributes in process `syz.4.6154'.
[  650.461897][T23871] hsr_slave_0: entered promiscuous mode
[  650.506359][T23871] hsr_slave_1: entered promiscuous mode
[  650.556804][T23871] debugfs: 'hsr0' already exists in 'hsr'
[  650.604225][T23871] Cannot create hsr debugfs directory
[  650.730894][T24137] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6158'.
[  651.244463][T24156] FAULT_INJECTION: forcing a failure.
[  651.244463][T24156] name failslab, interval 1, probability 0, space 0, times 0
[  651.257220][T24156] CPU: 1 UID: 0 PID: 24156 Comm: syz.2.6164 Not tainted syzkaller #0 PREEMPT(full) 
[  651.257250][T24156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  651.257264][T24156] Call Trace:
[  651.257274][T24156]  <TASK>
[  651.257284][T24156]  dump_stack_lvl+0xe8/0x150
[  651.257317][T24156]  should_fail_ex+0x412/0x560
[  651.257352][T24156]  should_failslab+0xa8/0x100
[  651.257384][T24156]  ? skb_clone+0x212/0x3a0
[  651.257416][T24156]  kmem_cache_alloc_noprof+0x87/0x650
[  651.257446][T24156]  ? __bpf_redirect+0x9b4/0x12a0
[  651.257478][T24156]  skb_clone+0x212/0x3a0
[  651.257514][T24156]  bpf_clone_redirect+0x16a/0x4b0
[  651.257561][T24156]  ? bpf_test_run+0x1d1/0x830
[  651.257590][T24156]  bpf_prog_885767c90d177146+0x62/0x6b
[  651.257617][T24156]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  651.257650][T24156]  ? arch_stack_walk+0xfb/0x150
[  651.257693][T24156]  ? ktime_get+0x45/0x220
[  651.257733][T24156]  ? ktime_get+0x45/0x220
[  651.257767][T24156]  ? seqcount_lockdep_reader_access+0xa9/0x100
[  651.257799][T24156]  ? lockdep_hardirqs_on+0x7a/0x110
[  651.257829][T24156]  ? ktime_get+0x45/0x220
[  651.257857][T24156]  ? seqcount_lockdep_reader_access+0xea/0x100
[  651.257889][T24156]  ? bpf_test_run+0x1d1/0x830
[  651.257921][T24156]  ? bpf_test_timer_continue+0x10c/0x320
[  651.257955][T24156]  bpf_test_run+0x354/0x830
[  651.258009][T24156]  ? __pfx_bpf_test_run+0x10/0x10
[  651.258059][T24156]  ? eth_type_trans+0x348/0x7e0
[  651.258099][T24156]  ? skb_dst_set+0x72/0x140
[  651.258131][T24156]  bpf_prog_test_run_skb+0xe2c/0x2260
[  651.258185][T24156]  ? __fget_files+0x3a0/0x420
[  651.258211][T24156]  ? __fget_files+0x2a/0x420
[  651.258243][T24156]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  651.258274][T24156]  bpf_prog_test_run+0x2c7/0x340
[  651.258302][T24156]  __sys_bpf+0x643/0x950
[  651.258338][T24156]  ? __pfx___sys_bpf+0x10/0x10
[  651.258389][T24156]  ? ksys_write+0x242/0x270
[  651.258422][T24156]  ? __pfx_ksys_write+0x10/0x10
[  651.258459][T24156]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  651.258484][T24156]  __x64_sys_bpf+0x7c/0x90
[  651.258515][T24156]  do_syscall_64+0x15f/0xf80
[  651.258552][T24156]  ? trace_irq_disable+0x3b/0x140
[  651.258584][T24156]  ? clear_bhb_loop+0x40/0x90
[  651.258613][T24156]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  651.258635][T24156] RIP: 0033:0x7f31a6b9cdd9
[  651.258657][T24156] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  651.258678][T24156] RSP: 002b:00007f31a7ac5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  651.258703][T24156] RAX: ffffffffffffffda RBX: 00007f31a6e15fa0 RCX: 00007f31a6b9cdd9
[  651.258720][T24156] RDX: 0000000000000028 RSI: 0000200000000080 RDI: 000000000000000a
[  651.258736][T24156] RBP: 00007f31a7ac5090 R08: 0000000000000000 R09: 0000000000000000
[  651.258755][T24156] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  651.258769][T24156] R13: 00007f31a6e16038 R14: 00007f31a6e15fa0 R15: 00007ffcbfa7b298
[  651.258803][T24156]  </TASK>
[  652.019611][T24164] bond7: option all_slaves_active: invalid value (222)
[  652.071560][T24164] bond7 (unregistering): Released all slaves
[  652.415638][   T36] IPVS: stop unused estimator thread 0...
[  652.556732][T23871] netdevsim netdevsim3 eth4 (unregistering): unset [1, 0] type 2 family 0 port 35093 - 0
[  652.708502][ T5287] 8021q: adding VLAN 0 to HW filter on device eth3
[  652.879110][T23871] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 35093 - 0
[  652.923287][T24195] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6175'.
[  653.062396][T23871] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 35093 - 0
[  653.117211][T24204] netlink: 16 bytes leftover after parsing attributes in process `syz.2.6178'.
[  653.282750][T23871] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 35093 - 0
[  653.377703][T24207] syzkaller0: entered promiscuous mode
[  653.400900][T24207] syzkaller0: entered allmulticast mode
[  653.960228][T24233] FAULT_INJECTION: forcing a failure.
[  653.960228][T24233] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  654.030501][T24233] CPU: 0 UID: 0 PID: 24233 Comm: syz.4.6186 Not tainted syzkaller #0 PREEMPT(full) 
[  654.030544][T24233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  654.030558][T24233] Call Trace:
[  654.030568][T24233]  <TASK>
[  654.030578][T24233]  dump_stack_lvl+0xe8/0x150
[  654.030613][T24233]  should_fail_ex+0x412/0x560
[  654.030650][T24233]  _copy_to_user+0x31/0xb0
[  654.030684][T24233]  simple_read_from_buffer+0xe1/0x170
[  654.030723][T24233]  proc_fail_nth_read+0x1bb/0x230
[  654.030755][T24233]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  654.030785][T24233]  ? rw_verify_area+0x2a6/0x4d0
[  654.030815][T24233]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  654.030845][T24233]  vfs_read+0x20c/0xa70
[  654.030881][T24233]  ? __pfx___mutex_lock+0x10/0x10
[  654.030914][T24233]  ? __pfx_vfs_read+0x10/0x10
[  654.030947][T24233]  ? __fget_files+0x2a/0x420
[  654.030978][T24233]  ? __fget_files+0x3a0/0x420
[  654.031001][T24233]  ? __fget_files+0x2a/0x420
[  654.031037][T24233]  ksys_read+0x150/0x270
[  654.031070][T24233]  ? __pfx_ksys_read+0x10/0x10
[  654.031110][T24233]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  654.031135][T24233]  do_syscall_64+0x15f/0xf80
[  654.031163][T24233]  ? trace_irq_disable+0x3b/0x140
[  654.031197][T24233]  ? clear_bhb_loop+0x40/0x90
[  654.031224][T24233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  654.031247][T24233] RIP: 0033:0x7feeb5d5d60e
[  654.031269][T24233] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  654.031289][T24233] RSP: 002b:00007feeb6d15fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  654.031315][T24233] RAX: ffffffffffffffda RBX: 00007feeb6d166c0 RCX: 00007feeb5d5d60e
[  654.031332][T24233] RDX: 000000000000000f RSI: 00007feeb6d160a0 RDI: 0000000000000004
[  654.031346][T24233] RBP: 00007feeb6d16090 R08: 0000000000000000 R09: 0000000000000000
[  654.031360][T24233] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  654.031373][T24233] R13: 00007feeb6016038 R14: 00007feeb6015fa0 R15: 00007ffe6ed86158
[  654.031407][T24233]  </TASK>
[  654.268032][T24240] FAULT_INJECTION: forcing a failure.
[  654.268032][T24240] name failslab, interval 1, probability 0, space 0, times 0
[  654.347163][T24240] CPU: 1 UID: 0 PID: 24240 Comm: syz.0.6188 Not tainted syzkaller #0 PREEMPT(full) 
[  654.347196][T24240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  654.347215][T24240] Call Trace:
[  654.347225][T24240]  <TASK>
[  654.347236][T24240]  dump_stack_lvl+0xe8/0x150
[  654.347268][T24240]  should_fail_ex+0x412/0x560
[  654.347303][T24240]  should_failslab+0xa8/0x100
[  654.347339][T24240]  kmem_cache_alloc_node_noprof+0x8f/0x690
[  654.347371][T24240]  ? __alloc_skb+0x1d0/0x7d0
[  654.347397][T24240]  ? __local_bh_enable_ip+0xd0/0x130
[  654.347426][T24240]  __alloc_skb+0x1d0/0x7d0
[  654.347460][T24240]  __ip6_append_data+0x2d3c/0x3f60
[  654.347516][T24240]  ? __pfx_raw6_getfrag+0x10/0x10
[  654.347573][T24240]  ? __pfx___ip6_append_data+0x10/0x10
[  654.347603][T24240]  ? ip6_setup_cork+0x544/0xf30
[  654.347633][T24240]  ? ip6_append_data+0x1b7/0x280
[  654.347673][T24240]  ip6_append_data+0x10f/0x280
[  654.347706][T24240]  ? __pfx_raw6_getfrag+0x10/0x10
[  654.347740][T24240]  rawv6_sendmsg+0x12d3/0x18e0
[  654.347788][T24240]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  654.347855][T24240]  ? aa_sk_perm+0x6d5/0x900
[  654.347892][T24240]  ? __pfx_aa_sk_perm+0x10/0x10
[  654.347924][T24240]  ? __fget_files+0x3a0/0x420
[  654.347949][T24240]  ? sock_rps_record_flow+0x19/0x350
[  654.347981][T24240]  ? __pfx_inet_sendmsg+0x10/0x10
[  654.348004][T24240]  ? inet_sendmsg+0x2f4/0x370
[  654.348024][T24240]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  654.348052][T24240]  ? __pfx_inet_sendmsg+0x10/0x10
[  654.348075][T24240]  __sys_sendto+0x5de/0x710
[  654.348108][T24240]  ? __pfx___sys_sendto+0x10/0x10
[  654.348134][T24240]  ? __mutex_unlock_slowpath+0x1be/0x6f0
[  654.348180][T24240]  ? __fget_files+0x3a0/0x420
[  654.348217][T24240]  ? ksys_write+0x242/0x270
[  654.348251][T24240]  ? __pfx_ksys_write+0x10/0x10
[  654.348288][T24240]  __x64_sys_sendto+0xde/0x100
[  654.348316][T24240]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  654.348340][T24240]  do_syscall_64+0x15f/0xf80
[  654.348368][T24240]  ? trace_irq_disable+0x3b/0x140
[  654.348400][T24240]  ? clear_bhb_loop+0x40/0x90
[  654.348427][T24240]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  654.348450][T24240] RIP: 0033:0x7fde39f9cdd9
[  654.348473][T24240] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  654.348492][T24240] RSP: 002b:00007fde381f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  654.348516][T24240] RAX: ffffffffffffffda RBX: 00007fde3a215fa0 RCX: 00007fde39f9cdd9
[  654.348532][T24240] RDX: 000000000000fdef RSI: 0000200000000300 RDI: 0000000000000003
[  654.348547][T24240] RBP: 00007fde381f6090 R08: 0000000000000000 R09: fffffffffffffdfd
[  654.348562][T24240] R10: 0000000000003b00 R11: 0000000000000246 R12: 0000000000000002
[  654.348576][T24240] R13: 00007fde3a216038 R14: 00007fde3a215fa0 R15: 00007fff62e3b8c8
[  654.348612][T24240]  </TASK>
[  654.724107][T24243] sctp: [Deprecated]: syz.1.6189 (pid 24243) Use of int in max_burst socket option.
[  654.724107][T24243] Use struct sctp_assoc_value instead
[  654.808395][T23871] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  654.838546][T23871] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  654.859000][T24250] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6191'.
[  654.902892][T23871] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  654.940572][T23871] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  654.951525][T23871] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  654.963053][T23871] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  655.013587][T23871] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  655.030354][T23871] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  655.329343][T24272] netlink: 208 bytes leftover after parsing attributes in process `syz.0.6196'.
[  655.434712][T24280] netlink: 20 bytes leftover after parsing attributes in process `syz.4.6199'.
[  655.459640][T23871] 8021q: adding VLAN 0 to HW filter on device bond0
[  655.510786][T23871] 8021q: adding VLAN 0 to HW filter on device team0
[  655.547476][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  655.554769][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  655.618213][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  655.625499][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  657.319160][T23871] 8021q: adding VLAN 0 to HW filter on device batadv0
[  657.428914][T24365] FAULT_INJECTION: forcing a failure.
[  657.428914][T24365] name failslab, interval 1, probability 0, space 0, times 0
[  657.441796][T24365] CPU: 1 UID: 0 PID: 24365 Comm: syz.0.6225 Not tainted syzkaller #0 PREEMPT(full) 
[  657.441826][T24365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  657.441840][T24365] Call Trace:
[  657.441850][T24365]  <TASK>
[  657.441860][T24365]  dump_stack_lvl+0xe8/0x150
[  657.441893][T24365]  should_fail_ex+0x412/0x560
[  657.441928][T24365]  should_failslab+0xa8/0x100
[  657.441962][T24365]  ? skb_clone+0x212/0x3a0
[  657.441991][T24365]  kmem_cache_alloc_noprof+0x87/0x650
[  657.442020][T24365]  ? lockdep_hardirqs_on+0x7a/0x110
[  657.442057][T24365]  skb_clone+0x212/0x3a0
[  657.442089][T24365]  bpf_clone_redirect+0x16a/0x4b0
[  657.442125][T24365]  ? bpf_test_run+0x1d1/0x830
[  657.442156][T24365]  bpf_prog_1939c40fbf65037b+0x5f/0x68
[  657.442185][T24365]  ? arch_stack_walk+0xfb/0x150
[  657.442223][T24365]  ? __pfx___schedule+0x10/0x10
[  657.442248][T24365]  ? ktime_get+0x45/0x220
[  657.442295][T24365]  ? preempt_schedule_thunk+0x16/0x30
[  657.442328][T24365]  ? preempt_schedule_common+0x82/0xd0
[  657.442355][T24365]  ? bpf_test_run+0x1d1/0x830
[  657.442387][T24365]  ? bpf_test_timer_continue+0x10c/0x320
[  657.442420][T24365]  bpf_test_run+0x354/0x830
[  657.442470][T24365]  ? __pfx_bpf_test_run+0x10/0x10
[  657.442516][T24365]  ? eth_type_trans+0x796/0x7e0
[  657.442565][T24365]  ? convert___skb_to_skb+0x3d/0x5b0
[  657.442597][T24365]  bpf_prog_test_run_skb+0xe2c/0x2260
[  657.442647][T24365]  ? __fget_files+0x3a0/0x420
[  657.442673][T24365]  ? __fget_files+0x2a/0x420
[  657.442705][T24365]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  657.442734][T24365]  bpf_prog_test_run+0x2c7/0x340
[  657.442761][T24365]  __sys_bpf+0x643/0x950
[  657.442794][T24365]  ? __pfx___sys_bpf+0x10/0x10
[  657.442844][T24365]  ? ksys_write+0x242/0x270
[  657.442877][T24365]  ? __pfx_ksys_write+0x10/0x10
[  657.442912][T24365]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  657.442937][T24365]  __x64_sys_bpf+0x7c/0x90
[  657.442967][T24365]  do_syscall_64+0x15f/0xf80
[  657.442996][T24365]  ? trace_irq_disable+0x3b/0x140
[  657.443027][T24365]  ? clear_bhb_loop+0x40/0x90
[  657.443053][T24365]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  657.443075][T24365] RIP: 0033:0x7fde39f9cdd9
[  657.443097][T24365] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  657.443117][T24365] RSP: 002b:00007fde381f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  657.443141][T24365] RAX: ffffffffffffffda RBX: 00007fde3a215fa0 RCX: 00007fde39f9cdd9
[  657.443158][T24365] RDX: 0000000000000050 RSI: 0000200000000100 RDI: 000000000000000a
[  657.443174][T24365] RBP: 00007fde381f6090 R08: 0000000000000000 R09: 0000000000000000
[  657.443188][T24365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  657.443202][T24365] R13: 00007fde3a216038 R14: 00007fde3a215fa0 R15: 00007fff62e3b8c8
[  657.443237][T24365]  </TASK>
[  657.498027][T23871] veth0_vlan: entered promiscuous mode
[  657.900040][T23871] veth1_vlan: entered promiscuous mode
[  658.020657][T23871] veth0_macvtap: entered promiscuous mode
[  658.057262][T23871] veth1_macvtap: entered promiscuous mode
[  658.151032][T23871] batman_adv: batadv0: Interface activated: batadv_slave_0
[  658.181315][T24380] syzkaller0: entered promiscuous mode
[  658.205390][T24380] syzkaller0: entered allmulticast mode
[  658.246818][T23871] batman_adv: batadv0: Interface activated: batadv_slave_1
[  658.330321][ T7169] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  658.351787][ T7169] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  658.391925][ T7169] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  658.423056][ T7169] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  658.738193][T24407] FAULT_INJECTION: forcing a failure.
[  658.738193][T24407] name failslab, interval 1, probability 0, space 0, times 0
[  658.789224][T24407] CPU: 1 UID: 0 PID: 24407 Comm: syz.2.6236 Not tainted syzkaller #0 PREEMPT(full) 
[  658.789258][T24407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  658.789272][T24407] Call Trace:
[  658.789282][T24407]  <TASK>
[  658.789293][T24407]  dump_stack_lvl+0xe8/0x150
[  658.789326][T24407]  should_fail_ex+0x412/0x560
[  658.789362][T24407]  should_failslab+0xa8/0x100
[  658.789396][T24407]  __kmalloc_cache_noprof+0x88/0x660
[  658.789444][T24407]  ? sctp_add_bind_addr+0x8c/0x370
[  658.789484][T24407]  sctp_add_bind_addr+0x8c/0x370
[  658.789520][T24407]  sctp_copy_local_addr_list+0x314/0x4f0
[  658.789555][T24407]  ? sctp_copy_local_addr_list+0xa4/0x4f0
[  658.789586][T24407]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  658.789619][T24407]  ? sctp_v6_is_any+0x64/0x80
[  658.789651][T24407]  ? sctp_copy_one_addr+0x93/0x360
[  658.789686][T24407]  sctp_bind_addr_copy+0xb3/0x3c0
[  658.789716][T24407]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  658.789749][T24407]  sctp_connect_new_asoc+0x2ff/0x6b0
[  658.789786][T24407]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  658.789819][T24407]  ? __local_bh_enable_ip+0xd0/0x130
[  658.789841][T24407]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  658.789872][T24407]  ? security_sctp_bind_connect+0x7e/0x2c0
[  658.789900][T24407]  sctp_sendmsg+0x1528/0x2c10
[  658.789922][T24407]  ? unwind_next_frame+0xa6/0x2550
[  658.789967][T24407]  ? __pfx_sctp_sendmsg+0x10/0x10
[  658.789996][T24407]  ? aa_sk_perm+0x6d5/0x900
[  658.790034][T24407]  ? __pfx_aa_sk_perm+0x10/0x10
[  658.790066][T24407]  ? sock_rps_record_flow+0x19/0x350
[  658.790105][T24407]  ? inet_sendmsg+0x2f4/0x370
[  658.790130][T24407]  ____sys_sendmsg+0x80a/0x9f0
[  658.790172][T24407]  ? __pfx_____sys_sendmsg+0x10/0x10
[  658.790213][T24407]  ? import_iovec+0x73/0xa0
[  658.790255][T24407]  ___sys_sendmsg+0x2a5/0x360
[  658.790285][T24407]  ? __lock_acquire+0x6b5/0x2cf0
[  658.790315][T24407]  ? __pfx____sys_sendmsg+0x10/0x10
[  658.790389][T24407]  ? __fget_files+0x2a/0x420
[  658.790414][T24407]  ? __fget_files+0x3a0/0x420
[  658.790454][T24407]  __x64_sys_sendmsg+0x1bd/0x2a0
[  658.790489][T24407]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  658.790530][T24407]  ? __pfx_ksys_write+0x10/0x10
[  658.790573][T24407]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  658.790598][T24407]  do_syscall_64+0x15f/0xf80
[  658.790629][T24407]  ? trace_irq_disable+0x3b/0x140
[  658.790662][T24407]  ? clear_bhb_loop+0x40/0x90
[  658.790690][T24407]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  658.790713][T24407] RIP: 0033:0x7f31a6b9cdd9
[  658.790736][T24407] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  658.790756][T24407] RSP: 002b:00007f31a7ac5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  658.790789][T24407] RAX: ffffffffffffffda RBX: 00007f31a6e15fa0 RCX: 00007f31a6b9cdd9
[  658.790807][T24407] RDX: 00000000240280d1 RSI: 0000200000002dc0 RDI: 0000000000000005
[  658.790822][T24407] RBP: 00007f31a7ac5090 R08: 0000000000000000 R09: 0000000000000000
[  658.790837][T24407] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  658.790852][T24407] R13: 00007f31a6e16038 R14: 00007f31a6e15fa0 R15: 00007ffcbfa7b298
[  658.790889][T24407]  </TASK>
[  658.800310][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  658.988301][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  659.146109][T24416] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6238'.
[  659.156211][T24416] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6238'.
[  659.377016][ T1098] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  659.385838][ T1098] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  659.656462][T24437] netlink: 788 bytes leftover after parsing attributes in process `syz.3.6082'.
[  659.913981][T24443] netlink: 40 bytes leftover after parsing attributes in process `syz.1.6248'.
[  660.123756][ T5642] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  660.140220][ T5642] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  660.158431][ T5642] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  660.168525][ T5642] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  660.181831][ T5642] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  660.408951][T24459] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6251'.
[  660.582406][T24459] macvtap1: entered promiscuous mode
[  660.587983][T24459] vlan0: entered promiscuous mode
[  660.593976][T24459] macvtap1: entered allmulticast mode
[  660.601713][T24459] vlan0: entered allmulticast mode
[  660.607412][T24459] veth0_vlan: entered allmulticast mode
[  661.186211][T24446] bridge0: port 1(bridge_slave_0) entered blocking state
[  661.193446][T24446] bridge0: port 1(bridge_slave_0) entered disabled state
[  661.200957][T24446] bridge_slave_0: entered allmulticast mode
[  661.208698][T24446] bridge_slave_0: entered promiscuous mode
[  661.217224][T24446] bridge0: port 2(bridge_slave_1) entered blocking state
[  661.224404][T24446] bridge0: port 2(bridge_slave_1) entered disabled state
[  661.233725][T24446] bridge_slave_1: entered allmulticast mode
[  661.243871][T24446] bridge_slave_1: entered promiscuous mode
[  661.277527][T24446] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  661.292424][T24446] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  661.326076][T24446] team0: Port device team_slave_0 added
[  661.334503][T24446] team0: Port device team_slave_1 added
[  661.367245][T24446] batman_adv: batadv0: Adding interface: batadv_slave_0
[  661.374266][T24446] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  661.401968][T24446] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  661.418496][T24446] batman_adv: batadv0: Adding interface: batadv_slave_1
[  661.425887][T24446] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  661.452600][T24446] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  661.503023][T24446] hsr_slave_0: entered promiscuous mode
[  661.509766][T24446] hsr_slave_1: entered promiscuous mode
[  661.516689][T24446] debugfs: 'hsr0' already exists in 'hsr'
[  661.522539][T24446] Cannot create hsr debugfs directory
[  661.672342][T24446] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  661.684140][T24446] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  661.771186][T24446] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  661.781668][T24446] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  661.878289][T24446] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  661.891271][T24446] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  661.968326][T24446] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  661.978765][T24446] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  662.275286][ T5639] Bluetooth: hci0: command tx timeout
[  663.143615][T24452] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  663.178980][T24446] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  663.227466][T24446] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  663.272646][T24446] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  663.330663][T24446] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  663.359885][T24446] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  663.384001][T24446] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  663.393383][T24488] FAULT_INJECTION: forcing a failure.
[  663.393383][T24488] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  663.409900][T24446] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  663.442214][T24446] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  663.453912][T24488] CPU: 1 UID: 0 PID: 24488 Comm: syz.2.6258 Not tainted syzkaller #0 PREEMPT(full) 
[  663.453945][T24488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  663.453959][T24488] Call Trace:
[  663.453969][T24488]  <TASK>
[  663.453979][T24488]  dump_stack_lvl+0xe8/0x150
[  663.454012][T24488]  should_fail_ex+0x412/0x560
[  663.454048][T24488]  _copy_to_user+0x31/0xb0
[  663.454082][T24488]  simple_read_from_buffer+0xe1/0x170
[  663.454116][T24488]  proc_fail_nth_read+0x1bb/0x230
[  663.454149][T24488]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  663.454182][T24488]  ? rw_verify_area+0x2a6/0x4d0
[  663.454212][T24488]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  663.454242][T24488]  vfs_read+0x20c/0xa70
[  663.454280][T24488]  ? __pfx___mutex_lock+0x10/0x10
[  663.454313][T24488]  ? __pfx_vfs_read+0x10/0x10
[  663.454346][T24488]  ? __fget_files+0x2a/0x420
[  663.454379][T24488]  ? __fget_files+0x3a0/0x420
[  663.454404][T24488]  ? __fget_files+0x2a/0x420
[  663.454441][T24488]  ksys_read+0x150/0x270
[  663.454475][T24488]  ? __pfx_ksys_read+0x10/0x10
[  663.454514][T24488]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  663.454539][T24488]  do_syscall_64+0x15f/0xf80
[  663.454570][T24488]  ? trace_irq_disable+0x3b/0x140
[  663.454603][T24488]  ? clear_bhb_loop+0x40/0x90
[  663.454631][T24488]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  663.454654][T24488] RIP: 0033:0x7f31a6b5d60e
[  663.454677][T24488] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  663.454697][T24488] RSP: 002b:00007f31a7ac4fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  663.454723][T24488] RAX: ffffffffffffffda RBX: 00007f31a7ac56c0 RCX: 00007f31a6b5d60e
[  663.454740][T24488] RDX: 000000000000000f RSI: 00007f31a7ac50a0 RDI: 0000000000000008
[  663.454768][T24488] RBP: 00007f31a7ac5090 R08: 0000000000000000 R09: 0000000000000000
[  663.454782][T24488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  663.454796][T24488] R13: 00007f31a6e16038 R14: 00007f31a6e15fa0 R15: 00007ffcbfa7b298
[  663.454833][T24488]  </TASK>
[  663.826693][T24446] 8021q: adding VLAN 0 to HW filter on device bond0
[  663.852328][T24446] 8021q: adding VLAN 0 to HW filter on device team0
[  663.872613][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  663.879983][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  663.936445][T24504] FAULT_INJECTION: forcing a failure.
[  663.936445][T24504] name failslab, interval 1, probability 0, space 0, times 0
[  663.977461][ T1048] bridge0: port 2(bridge_slave_1) entered blocking state
[  663.984807][ T1048] bridge0: port 2(bridge_slave_1) entered forwarding state
[  663.985512][T24504] CPU: 1 UID: 0 PID: 24504 Comm: syz.2.6260 Not tainted syzkaller #0 PREEMPT(full) 
[  663.985537][T24504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  663.985550][T24504] Call Trace:
[  663.985559][T24504]  <TASK>
[  663.985568][T24504]  dump_stack_lvl+0xe8/0x150
[  663.985598][T24504]  should_fail_ex+0x412/0x560
[  663.985631][T24504]  should_failslab+0xa8/0x100
[  663.985663][T24504]  __kmalloc_cache_noprof+0x88/0x660
[  663.985689][T24504]  ? __sctp_v6_cmp_addr+0x1dc/0x510
[  663.985718][T24504]  ? sctp_v6_cmp_addr+0x15/0xd0
[  663.985744][T24504]  ? sctp_add_bind_addr+0x8c/0x370
[  663.985778][T24504]  sctp_add_bind_addr+0x8c/0x370
[  663.985810][T24504]  sctp_copy_local_addr_list+0x314/0x4f0
[  663.985842][T24504]  ? sctp_copy_local_addr_list+0xa4/0x4f0
[  663.985870][T24504]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  663.985900][T24504]  ? sctp_v6_is_any+0x64/0x80
[  663.985930][T24504]  ? sctp_copy_one_addr+0x93/0x360
[  663.985961][T24504]  sctp_bind_addr_copy+0xb3/0x3c0
[  663.985990][T24504]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  663.986018][T24504]  sctp_connect_new_asoc+0x2ff/0x6b0
[  663.986044][T24504]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  663.986073][T24504]  ? __local_bh_enable_ip+0xd0/0x130
[  663.986093][T24504]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  663.986120][T24504]  ? security_sctp_bind_connect+0x7e/0x2c0
[  663.986146][T24504]  sctp_sendmsg+0x1528/0x2c10
[  663.986165][T24504]  ? unwind_next_frame+0xa6/0x2550
[  663.986205][T24504]  ? __pfx_sctp_sendmsg+0x10/0x10
[  663.986230][T24504]  ? aa_sk_perm+0x6d5/0x900
[  663.986263][T24504]  ? __pfx_aa_sk_perm+0x10/0x10
[  663.986291][T24504]  ? sock_rps_record_flow+0x19/0x350
[  663.986325][T24504]  ? inet_sendmsg+0x2f4/0x370
[  663.986349][T24504]  ____sys_sendmsg+0x80a/0x9f0
[  663.986386][T24504]  ? __pfx_____sys_sendmsg+0x10/0x10
[  663.986423][T24504]  ? import_iovec+0x73/0xa0
[  663.986464][T24504]  ___sys_sendmsg+0x2a5/0x360
[  663.986490][T24504]  ? __lock_acquire+0x6b5/0x2cf0
[  663.986517][T24504]  ? __pfx____sys_sendmsg+0x10/0x10
[  663.986581][T24504]  ? __fget_files+0x2a/0x420
[  663.986605][T24504]  ? __fget_files+0x3a0/0x420
[  663.986644][T24504]  __x64_sys_sendmsg+0x1bd/0x2a0
[  663.986675][T24504]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  663.986713][T24504]  ? __pfx_ksys_write+0x10/0x10
[  663.986751][T24504]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  663.986773][T24504]  do_syscall_64+0x15f/0xf80
[  663.986800][T24504]  ? trace_irq_disable+0x3b/0x140
[  663.986828][T24504]  ? clear_bhb_loop+0x40/0x90
[  663.986853][T24504]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  663.986874][T24504] RIP: 0033:0x7f31a6b9cdd9
[  663.986895][T24504] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  663.986913][T24504] RSP: 002b:00007f31a7ac5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  663.986935][T24504] RAX: ffffffffffffffda RBX: 00007f31a6e15fa0 RCX: 00007f31a6b9cdd9
[  663.986951][T24504] RDX: 00000000240280d1 RSI: 0000200000002dc0 RDI: 0000000000000004
[  663.986965][T24504] RBP: 00007f31a7ac5090 R08: 0000000000000000 R09: 0000000000000000
[  663.986978][T24504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  663.986991][T24504] R13: 00007f31a6e16038 R14: 00007f31a6e15fa0 R15: 00007ffcbfa7b298
[  663.987024][T24504]  </TASK>
[  664.356383][ T5639] Bluetooth: hci0: command tx timeout
[  665.468084][T24557] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6279'.
[  665.640238][T24446] 8021q: adding VLAN 0 to HW filter on device batadv0
[  665.817211][T24571] FAULT_INJECTION: forcing a failure.
[  665.817211][T24571] name failslab, interval 1, probability 0, space 0, times 0
[  665.840381][T24571] CPU: 1 UID: 0 PID: 24571 Comm: syz.0.6284 Not tainted syzkaller #0 PREEMPT(full) 
[  665.840413][T24571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  665.840427][T24571] Call Trace:
[  665.840437][T24571]  <TASK>
[  665.840447][T24571]  dump_stack_lvl+0xe8/0x150
[  665.840481][T24571]  should_fail_ex+0x412/0x560
[  665.840516][T24571]  should_failslab+0xa8/0x100
[  665.840553][T24571]  kmem_cache_alloc_node_noprof+0x8f/0x690
[  665.840586][T24571]  ? __alloc_skb+0x1d0/0x7d0
[  665.840611][T24571]  ? __local_bh_enable_ip+0xd0/0x130
[  665.840642][T24571]  __alloc_skb+0x1d0/0x7d0
[  665.840668][T24571]  ? trace_rdev_return_int+0x80/0x1f0
[  665.840713][T24571]  nl80211_send_scan_start+0x2f/0x170
[  665.840749][T24571]  nl80211_trigger_scan+0x1aee/0x1f50
[  665.840798][T24571]  genl_family_rcv_msg_doit+0x22a/0x330
[  665.840832][T24571]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  665.840872][T24571]  ? bpf_lsm_capable+0x9/0x20
[  665.840894][T24571]  ? security_capable+0x7e/0x2c0
[  665.840930][T24571]  genl_rcv_msg+0x61c/0x7a0
[  665.840961][T24571]  ? __pfx_genl_rcv_msg+0x10/0x10
[  665.840983][T24571]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  665.841008][T24571]  ? __pfx_nl80211_trigger_scan+0x10/0x10
[  665.841038][T24571]  ? __pfx_nl80211_post_doit+0x10/0x10
[  665.841066][T24571]  ? __pfx_ref_tracker_free+0x10/0x10
[  665.841110][T24571]  netlink_rcv_skb+0x232/0x4b0
[  665.841141][T24571]  ? __pfx_genl_rcv_msg+0x10/0x10
[  665.841167][T24571]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  665.841216][T24571]  ? down_read+0x270/0x2e0
[  665.841236][T24571]  ? genl_rcv+0xd/0x40
[  665.841261][T24571]  genl_rcv+0x28/0x40
[  665.841282][T24571]  netlink_unicast+0x75c/0x8e0
[  665.841324][T24571]  netlink_sendmsg+0x813/0xb40
[  665.841364][T24571]  ? __pfx_netlink_sendmsg+0x10/0x10
[  665.841399][T24571]  ? aa_sock_msg_perm+0xf1/0x1b0
[  665.841430][T24571]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  665.841464][T24571]  ____sys_sendmsg+0x972/0x9f0
[  665.841495][T24571]  ? __might_fault+0xaf/0x130
[  665.841532][T24571]  ? __pfx_____sys_sendmsg+0x10/0x10
[  665.841582][T24571]  ? import_iovec+0x73/0xa0
[  665.841625][T24571]  ___sys_sendmsg+0x2a5/0x360
[  665.841655][T24571]  ? __lock_acquire+0x6b5/0x2cf0
[  665.841698][T24571]  ? __pfx____sys_sendmsg+0x10/0x10
[  665.841787][T24571]  ? __fget_files+0x2a/0x420
[  665.841825][T24571]  ? __fget_files+0x3a0/0x420
[  665.841865][T24571]  __x64_sys_sendmsg+0x1bd/0x2a0
[  665.841905][T24571]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  665.841946][T24571]  ? __pfx_ksys_write+0x10/0x10
[  665.841987][T24571]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  665.842013][T24571]  do_syscall_64+0x15f/0xf80
[  665.842041][T24571]  ? trace_irq_disable+0x3b/0x140
[  665.842070][T24571]  ? clear_bhb_loop+0x40/0x90
[  665.842120][T24571]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  665.842146][T24571] RIP: 0033:0x7fde39f9cdd9
[  665.842169][T24571] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  665.842190][T24571] RSP: 002b:00007fde381f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  665.842216][T24571] RAX: ffffffffffffffda RBX: 00007fde3a215fa0 RCX: 00007fde39f9cdd9
[  665.842232][T24571] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000005
[  665.842245][T24571] RBP: 00007fde381f6090 R08: 0000000000000000 R09: 0000000000000000
[  665.842258][T24571] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  665.842272][T24571] R13: 00007fde3a216038 R14: 00007fde3a215fa0 R15: 00007fff62e3b8c8
[  665.842306][T24571]  </TASK>
[  665.860354][T24573] netlink: 212348 bytes leftover after parsing attributes in process `syz.2.6285'.
[  666.208827][T24593] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6288'.
[  666.435974][ T5639] Bluetooth: hci0: command tx timeout
[  666.592936][T24446] veth0_vlan: entered promiscuous mode
[  666.626708][T24446] veth1_vlan: entered promiscuous mode
[  666.723438][T24446] veth0_macvtap: entered promiscuous mode
[  666.759308][T24446] veth1_macvtap: entered promiscuous mode
[  666.805047][T24446] batman_adv: batadv0: Interface activated: batadv_slave_0
[  666.833852][T24446] batman_adv: batadv0: Interface activated: batadv_slave_1
[  666.861280][   T36] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  666.884174][   T36] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  666.894662][   T36] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  666.972762][   T36] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  667.274294][T24607] FAULT_INJECTION: forcing a failure.
[  667.274294][T24607] name failslab, interval 1, probability 0, space 0, times 0
[  667.288919][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  667.306906][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  667.320823][T24607] CPU: 1 UID: 0 PID: 24607 Comm: syz.3.6294 Not tainted syzkaller #0 PREEMPT(full) 
[  667.320855][T24607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  667.320870][T24607] Call Trace:
[  667.320880][T24607]  <TASK>
[  667.320890][T24607]  dump_stack_lvl+0xe8/0x150
[  667.320924][T24607]  should_fail_ex+0x412/0x560
[  667.320960][T24607]  should_failslab+0xa8/0x100
[  667.320996][T24607]  __kmalloc_cache_noprof+0x88/0x660
[  667.321027][T24607]  ? sctp_add_bind_addr+0x8c/0x370
[  667.321066][T24607]  sctp_add_bind_addr+0x8c/0x370
[  667.321102][T24607]  sctp_copy_local_addr_list+0x314/0x4f0
[  667.321136][T24607]  ? sctp_copy_local_addr_list+0xa4/0x4f0
[  667.321168][T24607]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  667.321200][T24607]  ? sctp_v6_is_any+0x64/0x80
[  667.321233][T24607]  ? sctp_copy_one_addr+0x93/0x360
[  667.321265][T24607]  sctp_bind_addr_copy+0xb3/0x3c0
[  667.321296][T24607]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  667.321328][T24607]  sctp_connect_new_asoc+0x2ff/0x6b0
[  667.321356][T24607]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  667.321388][T24607]  ? __local_bh_enable_ip+0xd0/0x130
[  667.321411][T24607]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  667.321441][T24607]  ? security_sctp_bind_connect+0x7e/0x2c0
[  667.321469][T24607]  sctp_sendmsg+0x1528/0x2c10
[  667.321500][T24607]  ? unwind_next_frame+0xa6/0x2550
[  667.321545][T24607]  ? __pfx_sctp_sendmsg+0x10/0x10
[  667.321571][T24607]  ? aa_sk_perm+0x6d5/0x900
[  667.321608][T24607]  ? __pfx_aa_sk_perm+0x10/0x10
[  667.321638][T24607]  ? sock_rps_record_flow+0x19/0x350
[  667.321675][T24607]  ? inet_sendmsg+0x2f4/0x370
[  667.321702][T24607]  ____sys_sendmsg+0x80a/0x9f0
[  667.321743][T24607]  ? __pfx_____sys_sendmsg+0x10/0x10
[  667.321785][T24607]  ? import_iovec+0x73/0xa0
[  667.321826][T24607]  ___sys_sendmsg+0x2a5/0x360
[  667.321856][T24607]  ? __lock_acquire+0x6b5/0x2cf0
[  667.321886][T24607]  ? __pfx____sys_sendmsg+0x10/0x10
[  667.321956][T24607]  ? __fget_files+0x2a/0x420
[  667.321983][T24607]  ? __fget_files+0x3a0/0x420
[  667.322022][T24607]  __x64_sys_sendmsg+0x1bd/0x2a0
[  667.322056][T24607]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  667.322099][T24607]  ? __pfx_ksys_write+0x10/0x10
[  667.322140][T24607]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  667.322164][T24607]  do_syscall_64+0x15f/0xf80
[  667.322193][T24607]  ? trace_irq_disable+0x3b/0x140
[  667.322224][T24607]  ? clear_bhb_loop+0x40/0x90
[  667.322251][T24607]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  667.322272][T24607] RIP: 0033:0x7f3a7a99cdd9
[  667.322293][T24607] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  667.322312][T24607] RSP: 002b:00007f3a7b840028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  667.322336][T24607] RAX: ffffffffffffffda RBX: 00007f3a7ac15fa0 RCX: 00007f3a7a99cdd9
[  667.322353][T24607] RDX: 00000000240280d1 RSI: 0000200000002dc0 RDI: 0000000000000005
[  667.322367][T24607] RBP: 00007f3a7b840090 R08: 0000000000000000 R09: 0000000000000000
[  667.322380][T24607] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  667.322393][T24607] R13: 00007f3a7ac16038 R14: 00007f3a7ac15fa0 R15: 00007ffc9a32c028
[  667.322430][T24607]  </TASK>
[  667.789349][ T7173] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  667.801154][ T7173] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  667.818549][T24617] tipc: Can't bind to reserved service type 2
[  668.062959][T24624] virt_wifi0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  668.094474][T24631] netlink: 'syz.4.6246': attribute type 1 has an invalid length.
[  668.125495][T24624] 8021q: adding VLAN 0 to HW filter on device bond1
[  668.137320][T24624] 8021q: adding VLAN 0 to HW filter on device bond2
[  668.166067][T24624] 8021q: adding VLAN 0 to HW filter on device bond3
[  668.200335][T24624] 8021q: adding VLAN 0 to HW filter on device bond4
[  668.274643][T24632] FAULT_INJECTION: forcing a failure.
[  668.274643][T24632] name failslab, interval 1, probability 0, space 0, times 0
[  668.295952][T24632] CPU: 0 UID: 0 PID: 24632 Comm: syz.3.6303 Not tainted syzkaller #0 PREEMPT(full) 
[  668.295986][T24632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  668.296000][T24632] Call Trace:
[  668.296010][T24632]  <TASK>
[  668.296020][T24632]  dump_stack_lvl+0xe8/0x150
[  668.296052][T24632]  should_fail_ex+0x412/0x560
[  668.296087][T24632]  should_failslab+0xa8/0x100
[  668.296119][T24632]  ? skb_clone+0x212/0x3a0
[  668.296150][T24632]  kmem_cache_alloc_noprof+0x87/0x650
[  668.296190][T24632]  skb_clone+0x212/0x3a0
[  668.296221][T24632]  __netlink_deliver_tap+0x404/0x850
[  668.296263][T24632]  ? netlink_deliver_tap+0x2e/0x1b0
[  668.296294][T24632]  netlink_deliver_tap+0x19c/0x1b0
[  668.296326][T24632]  netlink_sendskb+0x68/0x140
[  668.296356][T24632]  netlink_rcv_skb+0x2b6/0x4b0
[  668.296386][T24632]  ? __pfx_genl_rcv_msg+0x10/0x10
[  668.296423][T24632]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  668.296478][T24632]  ? down_read+0x270/0x2e0
[  668.296497][T24632]  ? genl_rcv+0xd/0x40
[  668.296522][T24632]  genl_rcv+0x28/0x40
[  668.296542][T24632]  netlink_unicast+0x75c/0x8e0
[  668.296583][T24632]  netlink_sendmsg+0x813/0xb40
[  668.296624][T24632]  ? __pfx_netlink_sendmsg+0x10/0x10
[  668.296658][T24632]  ? aa_sock_msg_perm+0xf1/0x1b0
[  668.296690][T24632]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  668.296724][T24632]  ____sys_sendmsg+0x972/0x9f0
[  668.296754][T24632]  ? __might_fault+0xaf/0x130
[  668.296790][T24632]  ? __pfx_____sys_sendmsg+0x10/0x10
[  668.296832][T24632]  ? import_iovec+0x73/0xa0
[  668.296867][T24632]  ___sys_sendmsg+0x2a5/0x360
[  668.296896][T24632]  ? __lock_acquire+0x6b5/0x2cf0
[  668.296926][T24632]  ? __pfx____sys_sendmsg+0x10/0x10
[  668.296999][T24632]  ? __fget_files+0x2a/0x420
[  668.297025][T24632]  ? __fget_files+0x3a0/0x420
[  668.297063][T24632]  __x64_sys_sendmsg+0x1bd/0x2a0
[  668.297097][T24632]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  668.297139][T24632]  ? __pfx_ksys_write+0x10/0x10
[  668.297180][T24632]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  668.297205][T24632]  do_syscall_64+0x15f/0xf80
[  668.297233][T24632]  ? trace_irq_disable+0x3b/0x140
[  668.297265][T24632]  ? clear_bhb_loop+0x40/0x90
[  668.297292][T24632]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  668.297315][T24632] RIP: 0033:0x7f3a7a99cdd9
[  668.297337][T24632] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  668.297356][T24632] RSP: 002b:00007f3a7b840028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  668.297380][T24632] RAX: ffffffffffffffda RBX: 00007f3a7ac15fa0 RCX: 00007f3a7a99cdd9
[  668.297406][T24632] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000005
[  668.297420][T24632] RBP: 00007f3a7b840090 R08: 0000000000000000 R09: 0000000000000000
[  668.297434][T24632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  668.297448][T24632] R13: 00007f3a7ac16038 R14: 00007f3a7ac15fa0 R15: 00007ffc9a32c028
[  668.297485][T24632]  </TASK>
[  668.628770][ T5639] Bluetooth: hci0: command tx timeout
[  668.799194][T24648] netlink: 92 bytes leftover after parsing attributes in process `syz.2.6309'.
[  669.057158][T24661] netlink: 56 bytes leftover after parsing attributes in process `syz.0.6317'.
[  669.068025][T24661] netlink: 56 bytes leftover after parsing attributes in process `syz.0.6317'.
[  669.371090][T24684] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6321'.
[  669.383046][T24684] netlink: 36 bytes leftover after parsing attributes in process `syz.2.6321'.
[  669.914404][T24715] netlink: 'syz.2.6330': attribute type 28 has an invalid length.
[  669.964198][T24715] netlink: 'syz.2.6330': attribute type 3 has an invalid length.
[  670.000957][T24715] netlink: 132 bytes leftover after parsing attributes in process `syz.2.6330'.
[  670.125351][T24724] netlink: 16 bytes leftover after parsing attributes in process `syz.4.6333'.
[  670.281795][T24736] gre0: entered promiscuous mode
[  670.287155][T24736] gre0: entered allmulticast mode
[  670.766457][T24753] tipc: Started in network mode
[  670.775839][T24756] netlink: 40 bytes leftover after parsing attributes in process `syz.1.6348'.
[  670.778892][T24753] tipc: Node identity e29e26a8d2b8, cluster identity 4711
[  670.818043][T24753] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  670.889214][T24753] tipc: Resetting bearer <eth:syzkaller0>
[  670.992834][T24765] FAULT_INJECTION: forcing a failure.
[  670.992834][T24765] name failslab, interval 1, probability 0, space 0, times 0
[  671.005599][T24765] CPU: 1 UID: 0 PID: 24765 Comm: syz.0.6351 Not tainted syzkaller #0 PREEMPT(full) 
[  671.005630][T24765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  671.005644][T24765] Call Trace:
[  671.005654][T24765]  <TASK>
[  671.005665][T24765]  dump_stack_lvl+0xe8/0x150
[  671.005697][T24765]  should_fail_ex+0x412/0x560
[  671.005739][T24765]  should_failslab+0xa8/0x100
[  671.005770][T24765]  ? skb_clone+0x212/0x3a0
[  671.005801][T24765]  kmem_cache_alloc_noprof+0x87/0x650
[  671.005831][T24765]  ? __bpf_redirect+0xcb4/0x12a0
[  671.005863][T24765]  skb_clone+0x212/0x3a0
[  671.005899][T24765]  bpf_clone_redirect+0x16a/0x4b0
[  671.005936][T24765]  ? bpf_test_run+0x1d1/0x830
[  671.005965][T24765]  bpf_prog_1939c40fbf65037b+0x5f/0x68
[  671.005992][T24765]  ? arch_stack_walk+0xfb/0x150
[  671.006026][T24765]  ? __pfx___schedule+0x10/0x10
[  671.006051][T24765]  ? ktime_get+0x45/0x220
[  671.006092][T24765]  ? preempt_schedule_thunk+0x16/0x30
[  671.006121][T24765]  ? preempt_schedule_common+0x82/0xd0
[  671.006147][T24765]  ? bpf_test_run+0x1d1/0x830
[  671.006175][T24765]  ? bpf_test_timer_continue+0x10c/0x320
[  671.006203][T24765]  bpf_test_run+0x354/0x830
[  671.006243][T24765]  ? __pfx_bpf_test_run+0x10/0x10
[  671.006280][T24765]  ? eth_type_trans+0x796/0x7e0
[  671.006311][T24765]  ? convert___skb_to_skb+0x3d/0x5b0
[  671.006338][T24765]  bpf_prog_test_run_skb+0xe2c/0x2260
[  671.006378][T24765]  ? __fget_files+0x3a0/0x420
[  671.006399][T24765]  ? __fget_files+0x2a/0x420
[  671.006426][T24765]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  671.006451][T24765]  bpf_prog_test_run+0x2c7/0x340
[  671.006474][T24765]  __sys_bpf+0x643/0x950
[  671.006503][T24765]  ? __pfx___sys_bpf+0x10/0x10
[  671.006541][T24765]  ? ksys_write+0x242/0x270
[  671.006569][T24765]  ? __pfx_ksys_write+0x10/0x10
[  671.006598][T24765]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  671.006622][T24765]  __x64_sys_bpf+0x7c/0x90
[  671.006650][T24765]  do_syscall_64+0x15f/0xf80
[  671.006677][T24765]  ? trace_irq_disable+0x3b/0x140
[  671.006717][T24765]  ? clear_bhb_loop+0x40/0x90
[  671.006740][T24765]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  671.006760][T24765] RIP: 0033:0x7fde39f9cdd9
[  671.006779][T24765] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  671.006796][T24765] RSP: 002b:00007fde381f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  671.006817][T24765] RAX: ffffffffffffffda RBX: 00007fde3a215fa0 RCX: 00007fde39f9cdd9
[  671.006831][T24765] RDX: 0000000000000050 RSI: 0000200000000100 RDI: 000000000000000a
[  671.006843][T24765] RBP: 00007fde381f6090 R08: 0000000000000000 R09: 0000000000000000
[  671.006855][T24765] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  671.006867][T24765] R13: 00007fde3a216038 R14: 00007fde3a215fa0 R15: 00007fff62e3b8c8
[  671.006895][T24765]  </TASK>
[  671.433809][T24751] tipc: Disabling bearer <eth:syzkaller0>
[  671.456361][ T5639] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  671.503490][ T5639] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  671.513010][ T5639] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  671.522105][ T5639] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  671.533443][ T5639] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  671.838007][T24781] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6357'.
[  671.850860][T24781] Cannot find set identified by id 65534 to match
[  671.879905][T24781] syzkaller1: entered promiscuous mode
[  671.886447][T24781] syzkaller1: entered allmulticast mode
[  671.896386][T24781] netlink: 'syz.3.6357': attribute type 1 has an invalid length.
[  671.958908][T24788] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6357'.
[  672.033574][T24781] 8021q: adding VLAN 0 to HW filter on device bond1
[  672.380276][T24808] netlink: 168 bytes leftover after parsing attributes in process `syz.4.6364'.
[  672.816719][T24823] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  672.832757][T24825] netlink: 'syz.1.6372': attribute type 12 has an invalid length.
[  672.952975][T24825] bond1: option primary_reselect: invalid value (255)
[  673.132304][T24825] bond1 (unregistering): Released all slaves
[  673.553059][T24847] FAULT_INJECTION: forcing a failure.
[  673.553059][T24847] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  673.566474][T24847] CPU: 0 UID: 0 PID: 24847 Comm: syz.3.6383 Not tainted syzkaller #0 PREEMPT(full) 
[  673.566504][T24847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  673.566517][T24847] Call Trace:
[  673.566526][T24847]  <TASK>
[  673.566536][T24847]  dump_stack_lvl+0xe8/0x150
[  673.566568][T24847]  should_fail_ex+0x412/0x560
[  673.566602][T24847]  _copy_to_user+0x31/0xb0
[  673.566634][T24847]  simple_read_from_buffer+0xe1/0x170
[  673.566700][T24847]  proc_fail_nth_read+0x1bb/0x230
[  673.566730][T24847]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  673.566763][T24847]  ? rw_verify_area+0x2a6/0x4d0
[  673.566791][T24847]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  673.566822][T24847]  vfs_read+0x20c/0xa70
[  673.566858][T24847]  ? __pfx___mutex_lock+0x10/0x10
[  673.566891][T24847]  ? __pfx_vfs_read+0x10/0x10
[  673.566924][T24847]  ? __fget_files+0x2a/0x420
[  673.566956][T24847]  ? __fget_files+0x3a0/0x420
[  673.566982][T24847]  ? __fget_files+0x2a/0x420
[  673.567019][T24847]  ksys_read+0x150/0x270
[  673.567053][T24847]  ? __pfx_ksys_read+0x10/0x10
[  673.567094][T24847]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  673.567119][T24847]  do_syscall_64+0x15f/0xf80
[  673.567148][T24847]  ? trace_irq_disable+0x3b/0x140
[  673.567181][T24847]  ? clear_bhb_loop+0x40/0x90
[  673.567209][T24847]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  673.567232][T24847] RIP: 0033:0x7f3a7a95d60e
[  673.567254][T24847] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  673.567274][T24847] RSP: 002b:00007f3a7b83ffe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  673.567299][T24847] RAX: ffffffffffffffda RBX: 00007f3a7b8406c0 RCX: 00007f3a7a95d60e
[  673.567315][T24847] RDX: 000000000000000f RSI: 00007f3a7b8400a0 RDI: 0000000000000007
[  673.567330][T24847] RBP: 00007f3a7b840090 R08: 0000000000000000 R09: 0000000000000000
[  673.567343][T24847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  673.567357][T24847] R13: 00007f3a7ac16038 R14: 00007f3a7ac15fa0 R15: 00007ffc9a32c028
[  673.567391][T24847]  </TASK>
[  673.794359][ T5642] Bluetooth: hci2: command tx timeout
[  673.910352][T24854] netlink: 'syz.1.6385': attribute type 1 has an invalid length.
[  674.058122][T24863] FAULT_INJECTION: forcing a failure.
[  674.058122][T24863] name failslab, interval 1, probability 0, space 0, times 0
[  674.085948][T24865] FAULT_INJECTION: forcing a failure.
[  674.085948][T24865] name failslab, interval 1, probability 0, space 0, times 0
[  674.096690][T24863] CPU: 0 UID: 0 PID: 24863 Comm: syz.0.6388 Not tainted syzkaller #0 PREEMPT(full) 
[  674.096720][T24863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  674.096733][T24863] Call Trace:
[  674.096742][T24863]  <TASK>
[  674.096751][T24863]  dump_stack_lvl+0xe8/0x150
[  674.096781][T24863]  should_fail_ex+0x412/0x560
[  674.096813][T24863]  should_failslab+0xa8/0x100
[  674.096843][T24863]  ? skb_clone+0x212/0x3a0
[  674.096871][T24863]  kmem_cache_alloc_noprof+0x87/0x650
[  674.096899][T24863]  ? __netlink_lookup+0xc6/0x8b0
[  674.096932][T24863]  skb_clone+0x212/0x3a0
[  674.096965][T24863]  __netlink_deliver_tap+0x404/0x850
[  674.097003][T24863]  ? netlink_deliver_tap+0x2e/0x1b0
[  674.097032][T24863]  netlink_deliver_tap+0x19c/0x1b0
[  674.097060][T24863]  netlink_unicast+0x730/0x8e0
[  674.097095][T24863]  netlink_sendmsg+0x813/0xb40
[  674.097131][T24863]  ? __pfx_netlink_sendmsg+0x10/0x10
[  674.097162][T24863]  ? aa_sock_msg_perm+0xf1/0x1b0
[  674.097190][T24863]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  674.097220][T24863]  ____sys_sendmsg+0x972/0x9f0
[  674.097248][T24863]  ? __might_fault+0xaf/0x130
[  674.097279][T24863]  ? __pfx_____sys_sendmsg+0x10/0x10
[  674.097315][T24863]  ? import_iovec+0x73/0xa0
[  674.097348][T24863]  ___sys_sendmsg+0x2a5/0x360
[  674.097374][T24863]  ? __lock_acquire+0x6b5/0x2cf0
[  674.097401][T24863]  ? __pfx____sys_sendmsg+0x10/0x10
[  674.097465][T24863]  ? __fget_files+0x2a/0x420
[  674.097488][T24863]  ? __fget_files+0x3a0/0x420
[  674.097523][T24863]  __x64_sys_sendmsg+0x1bd/0x2a0
[  674.097553][T24863]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  674.097590][T24863]  ? __pfx_ksys_write+0x10/0x10
[  674.097628][T24863]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  674.097657][T24863]  do_syscall_64+0x15f/0xf80
[  674.097690][T24863]  ? trace_irq_disable+0x3b/0x140
[  674.097720][T24863]  ? clear_bhb_loop+0x40/0x90
[  674.097745][T24863]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  674.097766][T24863] RIP: 0033:0x7fde39f9cdd9
[  674.097787][T24863] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  674.097804][T24863] RSP: 002b:00007fde381f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  674.097828][T24863] RAX: ffffffffffffffda RBX: 00007fde3a215fa0 RCX: 00007fde39f9cdd9
[  674.097843][T24863] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  674.097856][T24863] RBP: 00007fde381f6090 R08: 0000000000000000 R09: 0000000000000000
[  674.097868][T24863] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  674.097881][T24863] R13: 00007fde3a216038 R14: 00007fde3a215fa0 R15: 00007fff62e3b8c8
[  674.097913][T24863]  </TASK>
[  674.165918][T24854] 8021q: adding VLAN 0 to HW filter on device bond1
[  674.382750][T24858] bond1: (slave geneve2): making interface the new active one
[  674.400359][T24865] CPU: 0 UID: 0 PID: 24865 Comm: syz.3.6389 Not tainted syzkaller #0 PREEMPT(full) 
[  674.400391][T24865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  674.400404][T24865] Call Trace:
[  674.400414][T24865]  <TASK>
[  674.400424][T24865]  dump_stack_lvl+0xe8/0x150
[  674.400454][T24865]  should_fail_ex+0x412/0x560
[  674.400486][T24865]  should_failslab+0xa8/0x100
[  674.400518][T24865]  kmem_cache_alloc_node_noprof+0x8f/0x690
[  674.400548][T24865]  ? __alloc_skb+0x1d0/0x7d0
[  674.400577][T24865]  ? __local_bh_enable_ip+0xd0/0x130
[  674.400604][T24865]  __alloc_skb+0x1d0/0x7d0
[  674.400633][T24865]  __ip6_append_data+0x2d3c/0x3f60
[  674.400686][T24865]  ? __pfx_raw6_getfrag+0x10/0x10
[  674.400740][T24865]  ? __pfx___ip6_append_data+0x10/0x10
[  674.400769][T24865]  ? ip6_setup_cork+0x544/0xf30
[  674.400796][T24865]  ? ip6_append_data+0x1b7/0x280
[  674.400829][T24865]  ip6_append_data+0x10f/0x280
[  674.400861][T24865]  ? __pfx_raw6_getfrag+0x10/0x10
[  674.400895][T24865]  rawv6_sendmsg+0x12d3/0x18e0
[  674.400942][T24865]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  674.400989][T24865]  ? aa_sk_perm+0x6d5/0x900
[  674.401025][T24865]  ? __pfx_aa_sk_perm+0x10/0x10
[  674.401055][T24865]  ? __fget_files+0x3a0/0x420
[  674.401080][T24865]  ? sock_rps_record_flow+0x19/0x350
[  674.401112][T24865]  ? __pfx_inet_sendmsg+0x10/0x10
[  674.401135][T24865]  ? inet_sendmsg+0x2f4/0x370
[  674.401154][T24865]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  674.401182][T24865]  ? __pfx_inet_sendmsg+0x10/0x10
[  674.401204][T24865]  __sys_sendto+0x5de/0x710
[  674.401235][T24865]  ? __pfx___sys_sendto+0x10/0x10
[  674.401258][T24865]  ? __mutex_unlock_slowpath+0x1be/0x6f0
[  674.401304][T24865]  ? __fget_files+0x3a0/0x420
[  674.401359][T24865]  ? rcu_is_watching+0x15/0xb0
[  674.401394][T24865]  __x64_sys_sendto+0xde/0x100
[  674.401423][T24865]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  674.401448][T24865]  do_syscall_64+0x15f/0xf80
[  674.401480][T24865]  ? clear_bhb_loop+0x40/0x90
[  674.401508][T24865]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  674.401531][T24865] RIP: 0033:0x7f3a7a99cdd9
[  674.401555][T24865] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  674.401574][T24865] RSP: 002b:00007f3a7b840028 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  674.401595][T24865] RAX: ffffffffffffffda RBX: 00007f3a7ac15fa0 RCX: 00007f3a7a99cdd9
[  674.401613][T24865] RDX: 000000000000fdef RSI: 0000200000000300 RDI: 0000000000000003
[  674.401627][T24865] RBP: 00007f3a7b840090 R08: 0000000000000000 R09: fffffffffffffdfd
[  674.401640][T24865] R10: 0000000000003b00 R11: 0000000000000246 R12: 0000000000000002
[  674.401653][T24865] R13: 00007f3a7ac16038 R14: 00007f3a7ac15fa0 R15: 00007ffc9a32c028
[  674.401686][T24865]  </TASK>
[  674.695611][T24858] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  674.948907][T24767] bridge0: port 1(bridge_slave_0) entered blocking state
[  674.956287][T24767] bridge0: port 1(bridge_slave_0) entered disabled state
[  674.963609][T24767] bridge_slave_0: entered allmulticast mode
[  674.973588][T24767] bridge_slave_0: entered promiscuous mode
[  674.988516][T24767] bridge0: port 2(bridge_slave_1) entered blocking state
[  674.996147][T24767] bridge0: port 2(bridge_slave_1) entered disabled state
[  675.004048][T24767] bridge_slave_1: entered allmulticast mode
[  675.014436][T24767] bridge_slave_1: entered promiscuous mode
[  675.061264][T24767] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  675.079638][T24767] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  675.169407][T24767] team0: Port device team_slave_0 added
[  675.230428][T24767] team0: Port device team_slave_1 added
[  675.368839][T24767] batman_adv: batadv0: Adding interface: batadv_slave_0
[  675.384809][T24767] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  675.424128][T24905] netlink: 'syz.4.6402': attribute type 4 has an invalid length.
[  675.424210][T24767] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  675.448396][T24767] batman_adv: batadv0: Adding interface: batadv_slave_1
[  675.455838][T24767] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  675.484022][T24907] netlink: 'syz.4.6402': attribute type 4 has an invalid length.
[  675.484056][T24767] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  675.498350][T24911] netlink: 44 bytes leftover after parsing attributes in process `syz.3.6405'.
[  675.635610][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  675.733453][T24767] hsr_slave_0: entered promiscuous mode
[  675.740787][T24917] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6408'.
[  675.753595][T24767] hsr_slave_1: entered promiscuous mode
[  675.769696][T24767] debugfs: 'hsr0' already exists in 'hsr'
[  675.783427][T24767] Cannot create hsr debugfs directory
[  675.876715][ T5642] Bluetooth: hci2: command tx timeout
[  676.008085][T24928] netlink: 51 bytes leftover after parsing attributes in process `syz.4.6413'.
[  676.011580][T24925] xt_hashlimit: size too large, truncated to 1048576
[  676.551496][T24767] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  676.676579][T24943] netlink: 3648 bytes leftover after parsing attributes in process `syz.0.6418'.
[  676.688842][T24943] netlink: 3648 bytes leftover after parsing attributes in process `syz.0.6418'.
[  676.789998][T24767] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  677.060679][T24767] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  677.332790][T24767] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  677.354284][T24970] FAULT_INJECTION: forcing a failure.
[  677.354284][T24970] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  677.415310][T24970] CPU: 0 UID: 0 PID: 24970 Comm: syz.0.6427 Not tainted syzkaller #0 PREEMPT(full) 
[  677.415343][T24970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  677.415357][T24970] Call Trace:
[  677.415366][T24970]  <TASK>
[  677.415376][T24970]  dump_stack_lvl+0xe8/0x150
[  677.415410][T24970]  should_fail_ex+0x412/0x560
[  677.415444][T24970]  _copy_from_user+0x2d/0xb0
[  677.415477][T24970]  ___sys_sendmsg+0x1c6/0x360
[  677.415508][T24970]  ? __lock_acquire+0x6b5/0x2cf0
[  677.415538][T24970]  ? __pfx____sys_sendmsg+0x10/0x10
[  677.415606][T24970]  ? __fget_files+0x2a/0x420
[  677.415640][T24970]  ? __fget_files+0x3a0/0x420
[  677.415678][T24970]  __x64_sys_sendmsg+0x1bd/0x2a0
[  677.415712][T24970]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  677.415754][T24970]  ? __pfx_ksys_write+0x10/0x10
[  677.415794][T24970]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  677.415819][T24970]  do_syscall_64+0x15f/0xf80
[  677.415849][T24970]  ? trace_irq_disable+0x3b/0x140
[  677.415882][T24970]  ? clear_bhb_loop+0x40/0x90
[  677.415909][T24970]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  677.415932][T24970] RIP: 0033:0x7fde39f9cdd9
[  677.415955][T24970] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  677.415975][T24970] RSP: 002b:00007fde381f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  677.416000][T24970] RAX: ffffffffffffffda RBX: 00007fde3a215fa0 RCX: 00007fde39f9cdd9
[  677.416017][T24970] RDX: 0000000000040000 RSI: 00002000000000c0 RDI: 0000000000000003
[  677.416032][T24970] RBP: 00007fde381f6090 R08: 0000000000000000 R09: 0000000000000000
[  677.416046][T24970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  677.416060][T24970] R13: 00007fde3a216038 R14: 00007fde3a215fa0 R15: 00007fff62e3b8c8
[  677.416091][T24970]  </TASK>
[  677.800520][T24767] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  677.838672][T24767] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  677.848140][T24767] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  677.883301][T24767] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  677.886319][T24982] IPVS: length: 8 != 1152
[  677.899209][T24767] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  677.912795][T24767] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  677.922642][T24986] FAULT_INJECTION: forcing a failure.
[  677.922642][T24986] name failslab, interval 1, probability 0, space 0, times 0
[  677.943087][T24986] CPU: 0 UID: 0 PID: 24986 Comm: syz.3.6434 Not tainted syzkaller #0 PREEMPT(full) 
[  677.943121][T24986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  677.943135][T24986] Call Trace:
[  677.943144][T24986]  <TASK>
[  677.943155][T24986]  dump_stack_lvl+0xe8/0x150
[  677.943189][T24986]  should_fail_ex+0x412/0x560
[  677.943224][T24986]  should_failslab+0xa8/0x100
[  677.943260][T24986]  __kmalloc_cache_noprof+0x88/0x660
[  677.943295][T24986]  ? sctp_add_bind_addr+0x8c/0x370
[  677.943326][T24986]  sctp_add_bind_addr+0x8c/0x370
[  677.943356][T24986]  sctp_copy_local_addr_list+0x314/0x4f0
[  677.943391][T24986]  ? sctp_copy_local_addr_list+0xa4/0x4f0
[  677.943423][T24986]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  677.943455][T24986]  ? sctp_v6_is_any+0x64/0x80
[  677.943489][T24986]  ? sctp_copy_one_addr+0x93/0x360
[  677.943524][T24986]  sctp_bind_addr_copy+0xb3/0x3c0
[  677.943565][T24986]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  677.943596][T24986]  sctp_connect_new_asoc+0x2ff/0x6b0
[  677.943623][T24986]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  677.943652][T24986]  ? __local_bh_enable_ip+0xd0/0x130
[  677.943674][T24986]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  677.943704][T24986]  ? security_sctp_bind_connect+0x7e/0x2c0
[  677.943731][T24986]  sctp_sendmsg+0x1528/0x2c10
[  677.943753][T24986]  ? unwind_next_frame+0xa6/0x2550
[  677.943797][T24986]  ? __pfx_sctp_sendmsg+0x10/0x10
[  677.943825][T24986]  ? aa_sk_perm+0x6d5/0x900
[  677.943863][T24986]  ? __pfx_aa_sk_perm+0x10/0x10
[  677.943894][T24986]  ? sock_rps_record_flow+0x19/0x350
[  677.943931][T24986]  ? inet_sendmsg+0x2f4/0x370
[  677.943958][T24986]  ____sys_sendmsg+0x80a/0x9f0
[  677.944000][T24986]  ? __pfx_____sys_sendmsg+0x10/0x10
[  677.944042][T24986]  ? import_iovec+0x73/0xa0
[  677.944079][T24986]  ___sys_sendmsg+0x2a5/0x360
[  677.944109][T24986]  ? __lock_acquire+0x6b5/0x2cf0
[  677.944140][T24986]  ? __pfx____sys_sendmsg+0x10/0x10
[  677.944212][T24986]  ? __fget_files+0x2a/0x420
[  677.944239][T24986]  ? __fget_files+0x3a0/0x420
[  677.944278][T24986]  __x64_sys_sendmsg+0x1bd/0x2a0
[  677.944312][T24986]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  677.944355][T24986]  ? __pfx_ksys_write+0x10/0x10
[  677.944398][T24986]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  677.944423][T24986]  do_syscall_64+0x15f/0xf80
[  677.944452][T24986]  ? trace_irq_disable+0x3b/0x140
[  677.944485][T24986]  ? clear_bhb_loop+0x40/0x90
[  677.944514][T24986]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  677.944546][T24986] RIP: 0033:0x7f3a7a99cdd9
[  677.944570][T24986] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  677.944591][T24986] RSP: 002b:00007f3a7b840028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  677.944615][T24986] RAX: ffffffffffffffda RBX: 00007f3a7ac15fa0 RCX: 00007f3a7a99cdd9
[  677.944632][T24986] RDX: 00000000240280d1 RSI: 0000200000002dc0 RDI: 0000000000000004
[  677.944648][T24986] RBP: 00007f3a7b840090 R08: 0000000000000000 R09: 0000000000000000
[  677.944662][T24986] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  677.944677][T24986] R13: 00007f3a7ac16038 R14: 00007f3a7ac15fa0 R15: 00007ffc9a32c028
[  677.944714][T24986]  </TASK>
[  678.276674][ T5642] Bluetooth: hci2: command tx timeout
[  678.321330][T24767] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  678.332639][T24767] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  678.470374][T24767] 8021q: adding VLAN 0 to HW filter on device bond0
[  678.498664][T24767] 8021q: adding VLAN 0 to HW filter on device team0
[  678.514728][   T48] bridge0: port 1(bridge_slave_0) entered blocking state
[  678.522102][   T48] bridge0: port 1(bridge_slave_0) entered forwarding state
[  678.594709][T24767] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  678.606204][T24767] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  678.633114][   T48] bridge0: port 2(bridge_slave_1) entered blocking state
[  678.640462][   T48] bridge0: port 2(bridge_slave_1) entered forwarding state
[  678.810084][T25009] veth0: entered promiscuous mode
[  678.853730][T25009] A link change request failed with some changes committed already. Interface syzkaller0 may have been left with an inconsistent configuration, please check.
[  679.601096][T25041] FAULT_INJECTION: forcing a failure.
[  679.601096][T25041] name failslab, interval 1, probability 0, space 0, times 0
[  679.636401][T25041] CPU: 1 UID: 0 PID: 25041 Comm: syz.0.6452 Not tainted syzkaller #0 PREEMPT(full) 
[  679.636436][T25041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  679.636450][T25041] Call Trace:
[  679.636466][T25041]  <TASK>
[  679.636476][T25041]  dump_stack_lvl+0xe8/0x150
[  679.636509][T25041]  should_fail_ex+0x412/0x560
[  679.636554][T25041]  should_failslab+0xa8/0x100
[  679.636590][T25041]  __kmalloc_cache_noprof+0x88/0x660
[  679.636619][T25041]  ? __sctp_v6_cmp_addr+0x1dc/0x510
[  679.636651][T25041]  ? sctp_v6_cmp_addr+0x15/0xd0
[  679.636681][T25041]  ? sctp_add_bind_addr+0x8c/0x370
[  679.636718][T25041]  sctp_add_bind_addr+0x8c/0x370
[  679.636754][T25041]  sctp_copy_local_addr_list+0x314/0x4f0
[  679.636790][T25041]  ? sctp_copy_local_addr_list+0xa4/0x4f0
[  679.636821][T25041]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  679.636854][T25041]  ? sctp_v6_is_any+0x64/0x80
[  679.636886][T25041]  ? sctp_copy_one_addr+0x93/0x360
[  679.636921][T25041]  sctp_bind_addr_copy+0xb3/0x3c0
[  679.636953][T25041]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  679.636986][T25041]  sctp_connect_new_asoc+0x2ff/0x6b0
[  679.637015][T25041]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  679.637048][T25041]  ? __local_bh_enable_ip+0xd0/0x130
[  679.637070][T25041]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  679.637101][T25041]  ? security_sctp_bind_connect+0x7e/0x2c0
[  679.637128][T25041]  sctp_sendmsg+0x1528/0x2c10
[  679.637150][T25041]  ? unwind_next_frame+0xa6/0x2550
[  679.637194][T25041]  ? __pfx_sctp_sendmsg+0x10/0x10
[  679.637222][T25041]  ? aa_sk_perm+0x6d5/0x900
[  679.637260][T25041]  ? __pfx_aa_sk_perm+0x10/0x10
[  679.637289][T25041]  ? sock_rps_record_flow+0x19/0x350
[  679.637326][T25041]  ? inet_sendmsg+0x2f4/0x370
[  679.637353][T25041]  ____sys_sendmsg+0x80a/0x9f0
[  679.637395][T25041]  ? __pfx_____sys_sendmsg+0x10/0x10
[  679.637436][T25041]  ? import_iovec+0x73/0xa0
[  679.637473][T25041]  ___sys_sendmsg+0x2a5/0x360
[  679.637501][T25041]  ? __lock_acquire+0x6b5/0x2cf0
[  679.637531][T25041]  ? __pfx____sys_sendmsg+0x10/0x10
[  679.637612][T25041]  ? __fget_files+0x2a/0x420
[  679.637638][T25041]  ? __fget_files+0x3a0/0x420
[  679.637683][T25041]  __x64_sys_sendmsg+0x1bd/0x2a0
[  679.637718][T25041]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  679.637759][T25041]  ? __pfx_ksys_write+0x10/0x10
[  679.637802][T25041]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  679.637827][T25041]  do_syscall_64+0x15f/0xf80
[  679.637857][T25041]  ? trace_irq_disable+0x3b/0x140
[  679.637888][T25041]  ? clear_bhb_loop+0x40/0x90
[  679.637916][T25041]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  679.637939][T25041] RIP: 0033:0x7fde39f9cdd9
[  679.637961][T25041] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  679.637982][T25041] RSP: 002b:00007fde381f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  679.638007][T25041] RAX: ffffffffffffffda RBX: 00007fde3a215fa0 RCX: 00007fde39f9cdd9
[  679.638024][T25041] RDX: 00000000240280d1 RSI: 0000200000002dc0 RDI: 0000000000000004
[  679.638039][T25041] RBP: 00007fde381f6090 R08: 0000000000000000 R09: 0000000000000000
[  679.638053][T25041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  679.638066][T25041] R13: 00007fde3a216038 R14: 00007fde3a215fa0 R15: 00007fff62e3b8c8
[  679.638103][T25041]  </TASK>
[  679.702883][T25045] xt_hashlimit: size too large, truncated to 1048576
[  680.110310][T24767] 8021q: adding VLAN 0 to HW filter on device batadv0
[  680.292621][T24767] veth0_vlan: entered promiscuous mode
[  680.332013][T24767] veth1_vlan: entered promiscuous mode
[  680.356090][ T5642] Bluetooth: hci2: command tx timeout
[  680.397390][T25063] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6461'.
[  680.479720][T24767] veth0_macvtap: entered promiscuous mode
[  680.542459][T24767] veth1_macvtap: entered promiscuous mode
[  680.616673][T25067] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6463'.
[  680.657477][T24767] batman_adv: batadv0: Interface activated: batadv_slave_0
[  680.800926][T24767] batman_adv: batadv0: Interface activated: batadv_slave_1
[  680.844281][   T57] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  680.873824][   T57] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  680.898361][   T57] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  680.941466][   T57] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  681.271832][   T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  681.302024][   T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  681.428699][   T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  681.455332][   T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  681.680824][T25096] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6349'.
[  681.693981][T25099] netlink: 'syz.0.6476': attribute type 1 has an invalid length.
[  681.713265][T25096] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6349'.
[  681.776038][T25099] 8021q: adding VLAN 0 to HW filter on device bond1
[  681.807068][T25103] bond1: (slave geneve2): making interface the new active one
[  681.820711][T25103] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  681.903605][T25109] netlink: 40 bytes leftover after parsing attributes in process `syz.4.6479'.
[  682.243847][T25126] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6488'.
[  682.484228][T25138] FAULT_INJECTION: forcing a failure.
[  682.484228][T25138] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  682.502222][T25138] CPU: 1 UID: 0 PID: 25138 Comm: syz.3.6492 Not tainted syzkaller #0 PREEMPT(full) 
[  682.502252][T25138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  682.502267][T25138] Call Trace:
[  682.502275][T25138]  <TASK>
[  682.502288][T25138]  dump_stack_lvl+0xe8/0x150
[  682.502316][T25138]  should_fail_ex+0x412/0x560
[  682.502345][T25138]  _copy_from_user+0x2d/0xb0
[  682.502373][T25138]  ___sys_sendmsg+0x1c6/0x360
[  682.502397][T25138]  ? __lock_acquire+0x6b5/0x2cf0
[  682.502422][T25138]  ? __pfx____sys_sendmsg+0x10/0x10
[  682.502476][T25138]  ? __fget_files+0x2a/0x420
[  682.502497][T25138]  ? __fget_files+0x3a0/0x420
[  682.502526][T25138]  __x64_sys_sendmsg+0x1bd/0x2a0
[  682.502553][T25138]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  682.502596][T25138]  ? __pfx_ksys_write+0x10/0x10
[  682.502628][T25138]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  682.502648][T25138]  do_syscall_64+0x15f/0xf80
[  682.502672][T25138]  ? trace_irq_disable+0x3b/0x140
[  682.502699][T25138]  ? clear_bhb_loop+0x40/0x90
[  682.502721][T25138]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  682.502739][T25138] RIP: 0033:0x7f3a7a99cdd9
[  682.502757][T25138] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  682.502773][T25138] RSP: 002b:00007f3a7b840028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  682.502793][T25138] RAX: ffffffffffffffda RBX: 00007f3a7ac15fa0 RCX: 00007f3a7a99cdd9
[  682.502807][T25138] RDX: 0000000000000000 RSI: 00002000000006c0 RDI: 0000000000000003
[  682.502819][T25138] RBP: 00007f3a7b840090 R08: 0000000000000000 R09: 0000000000000000
[  682.502830][T25138] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  682.502841][T25138] R13: 00007f3a7ac16038 R14: 00007f3a7ac15fa0 R15: 00007ffc9a32c028
[  682.502869][T25138]  </TASK>
[  683.032545][T25156] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6501'.
[  683.078887][T25156] netlink: 'syz.1.6501': attribute type 20 has an invalid length.
[  683.109349][T25156] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6501'.
[  683.143047][   T48] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  683.157803][   T48] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  683.179096][   T48] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  683.190043][T25156] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6501'.
[  683.201968][   T48] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  683.212006][T25156] netlink: 'syz.1.6501': attribute type 20 has an invalid length.
[  683.225794][T25156] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6501'.
[  683.461284][T25172] netlink: 'syz.0.6506': attribute type 13 has an invalid length.
[  683.873195][T25190] netlink: 10 bytes leftover after parsing attributes in process `syz.2.6511'.
[  683.971922][T25183] syzkaller0: entered promiscuous mode
[  683.980069][T25183] syzkaller0: entered allmulticast mode
[  684.102207][T25202] FAULT_INJECTION: forcing a failure.
[  684.102207][T25202] name failslab, interval 1, probability 0, space 0, times 0
[  684.116618][T25202] CPU: 1 UID: 0 PID: 25202 Comm: syz.1.6517 Not tainted syzkaller #0 PREEMPT(full) 
[  684.116646][T25202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  684.116660][T25202] Call Trace:
[  684.116669][T25202]  <TASK>
[  684.116680][T25202]  dump_stack_lvl+0xe8/0x150
[  684.116714][T25202]  should_fail_ex+0x412/0x560
[  684.116744][T25202]  should_failslab+0xa8/0x100
[  684.116775][T25202]  ? skb_clone+0x212/0x3a0
[  684.116803][T25202]  kmem_cache_alloc_noprof+0x87/0x650
[  684.116830][T25202]  ? __netlink_lookup+0xc6/0x8b0
[  684.116861][T25202]  skb_clone+0x212/0x3a0
[  684.116889][T25202]  __netlink_deliver_tap+0x404/0x850
[  684.116925][T25202]  ? netlink_deliver_tap+0x2e/0x1b0
[  684.116951][T25202]  netlink_deliver_tap+0x19c/0x1b0
[  684.116978][T25202]  netlink_unicast+0x730/0x8e0
[  684.117014][T25202]  netlink_sendmsg+0x813/0xb40
[  684.117053][T25202]  ? __pfx_netlink_sendmsg+0x10/0x10
[  684.117087][T25202]  ? aa_sock_msg_perm+0xf1/0x1b0
[  684.117117][T25202]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  684.117149][T25202]  ____sys_sendmsg+0x972/0x9f0
[  684.117180][T25202]  ? __might_fault+0xaf/0x130
[  684.117214][T25202]  ? __pfx_____sys_sendmsg+0x10/0x10
[  684.117260][T25202]  ? import_iovec+0x73/0xa0
[  684.117294][T25202]  ___sys_sendmsg+0x2a5/0x360
[  684.117321][T25202]  ? __lock_acquire+0x6b5/0x2cf0
[  684.117350][T25202]  ? __pfx____sys_sendmsg+0x10/0x10
[  684.117419][T25202]  ? __fget_files+0x2a/0x420
[  684.117445][T25202]  ? __fget_files+0x3a0/0x420
[  684.117482][T25202]  __x64_sys_sendmsg+0x1bd/0x2a0
[  684.117524][T25202]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  684.117577][T25202]  ? __pfx_ksys_write+0x10/0x10
[  684.117618][T25202]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  684.117643][T25202]  do_syscall_64+0x15f/0xf80
[  684.117671][T25202]  ? trace_irq_disable+0x3b/0x140
[  684.117711][T25202]  ? clear_bhb_loop+0x40/0x90
[  684.117739][T25202]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  684.117761][T25202] RIP: 0033:0x7f7d18d9cdd9
[  684.117784][T25202] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  684.117804][T25202] RSP: 002b:00007f7d19b8b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  684.117829][T25202] RAX: ffffffffffffffda RBX: 00007f7d19015fa0 RCX: 00007f7d18d9cdd9
[  684.117846][T25202] RDX: 0000000000040000 RSI: 00002000000000c0 RDI: 0000000000000003
[  684.117860][T25202] RBP: 00007f7d19b8b090 R08: 0000000000000000 R09: 0000000000000000
[  684.117874][T25202] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  684.117888][T25202] R13: 00007f7d19016038 R14: 00007f7d19015fa0 R15: 00007fff32da9188
[  684.117924][T25202]  </TASK>
[  684.539177][T25208] netlink: 212344 bytes leftover after parsing attributes in process `syz.2.6516'.
[  685.016079][T25234] openvswitch: netlink: Flow key attr not present in new flow.
[  685.016717][T25236] FAULT_INJECTION: forcing a failure.
[  685.016717][T25236] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  685.046735][T25236] CPU: 0 UID: 0 PID: 25236 Comm: syz.3.6529 Not tainted syzkaller #0 PREEMPT(full) 
[  685.046769][T25236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  685.046783][T25236] Call Trace:
[  685.046793][T25236]  <TASK>
[  685.046803][T25236]  dump_stack_lvl+0xe8/0x150
[  685.046836][T25236]  should_fail_ex+0x412/0x560
[  685.046872][T25236]  _copy_to_user+0x31/0xb0
[  685.046906][T25236]  simple_read_from_buffer+0xe1/0x170
[  685.046940][T25236]  proc_fail_nth_read+0x1bb/0x230
[  685.046973][T25236]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  685.047005][T25236]  ? rw_verify_area+0x2a6/0x4d0
[  685.047035][T25236]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  685.047064][T25236]  vfs_read+0x20c/0xa70
[  685.047101][T25236]  ? __pfx___mutex_lock+0x10/0x10
[  685.047135][T25236]  ? __pfx_vfs_read+0x10/0x10
[  685.047168][T25236]  ? __fget_files+0x2a/0x420
[  685.047201][T25236]  ? __fget_files+0x3a0/0x420
[  685.047226][T25236]  ? __fget_files+0x2a/0x420
[  685.047264][T25236]  ksys_read+0x150/0x270
[  685.047306][T25236]  ? __pfx_ksys_read+0x10/0x10
[  685.047347][T25236]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  685.047371][T25236]  do_syscall_64+0x15f/0xf80
[  685.047401][T25236]  ? trace_irq_disable+0x3b/0x140
[  685.047433][T25236]  ? clear_bhb_loop+0x40/0x90
[  685.047461][T25236]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  685.047484][T25236] RIP: 0033:0x7f3a7a95d60e
[  685.047508][T25236] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  685.047528][T25236] RSP: 002b:00007f3a7b83ffe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  685.047554][T25236] RAX: ffffffffffffffda RBX: 00007f3a7b8406c0 RCX: 00007f3a7a95d60e
[  685.047570][T25236] RDX: 000000000000000f RSI: 00007f3a7b8400a0 RDI: 0000000000000004
[  685.047584][T25236] RBP: 00007f3a7b840090 R08: 0000000000000000 R09: 0000000000000000
[  685.047599][T25236] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  685.047613][T25236] R13: 00007f3a7ac16038 R14: 00007f3a7ac15fa0 R15: 00007ffc9a32c028
[  685.047650][T25236]  </TASK>
[  685.363264][T25240] netlink: 'syz.0.6528': attribute type 1 has an invalid length.
[  685.371314][T25240] netlink: 'syz.0.6528': attribute type 3 has an invalid length.
[  685.382697][T25240] NCSI netlink: No device for ifindex 813332851
[  685.882051][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[  687.203136][T25326] __nla_validate_parse: 9 callbacks suppressed
[  687.203162][T25326] netlink: 9 bytes leftover after parsing attributes in process `syz.3.6567'.
[  687.206170][T25329] FAULT_INJECTION: forcing a failure.
[  687.206170][T25329] name failslab, interval 1, probability 0, space 0, times 0
[  687.231390][T25329] CPU: 1 UID: 0 PID: 25329 Comm: syz.4.6569 Not tainted syzkaller #0 PREEMPT(full) 
[  687.231422][T25329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  687.231436][T25329] Call Trace:
[  687.231445][T25329]  <TASK>
[  687.231456][T25329]  dump_stack_lvl+0xe8/0x150
[  687.231533][T25329]  should_fail_ex+0x412/0x560
[  687.231570][T25329]  should_failslab+0xa8/0x100
[  687.231605][T25329]  __kmalloc_cache_noprof+0x88/0x660
[  687.231636][T25329]  ? __sctp_v6_cmp_addr+0x1dc/0x510
[  687.231666][T25329]  ? sctp_v6_cmp_addr+0x15/0xd0
[  687.231696][T25329]  ? sctp_add_bind_addr+0x8c/0x370
[  687.231734][T25329]  sctp_add_bind_addr+0x8c/0x370
[  687.231769][T25329]  sctp_copy_local_addr_list+0x314/0x4f0
[  687.231805][T25329]  ? sctp_copy_local_addr_list+0xa4/0x4f0
[  687.231836][T25329]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  687.231870][T25329]  ? sctp_v6_is_any+0x64/0x80
[  687.231903][T25329]  ? sctp_copy_one_addr+0x93/0x360
[  687.231938][T25329]  sctp_bind_addr_copy+0xb3/0x3c0
[  687.231970][T25329]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  687.232003][T25329]  sctp_connect_new_asoc+0x2ff/0x6b0
[  687.232032][T25329]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  687.232065][T25329]  ? __local_bh_enable_ip+0xd0/0x130
[  687.232086][T25329]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  687.232116][T25329]  ? security_sctp_bind_connect+0x7e/0x2c0
[  687.232145][T25329]  sctp_sendmsg+0x1528/0x2c10
[  687.232166][T25329]  ? unwind_next_frame+0xa6/0x2550
[  687.232212][T25329]  ? __pfx_sctp_sendmsg+0x10/0x10
[  687.232239][T25329]  ? aa_sk_perm+0x6d5/0x900
[  687.232277][T25329]  ? __pfx_aa_sk_perm+0x10/0x10
[  687.232308][T25329]  ? sock_rps_record_flow+0x19/0x350
[  687.232346][T25329]  ? inet_sendmsg+0x2f4/0x370
[  687.232373][T25329]  ____sys_sendmsg+0x80a/0x9f0
[  687.232415][T25329]  ? __pfx_____sys_sendmsg+0x10/0x10
[  687.232457][T25329]  ? import_iovec+0x73/0xa0
[  687.232510][T25329]  ___sys_sendmsg+0x2a5/0x360
[  687.232538][T25329]  ? __lock_acquire+0x6b5/0x2cf0
[  687.232569][T25329]  ? __pfx____sys_sendmsg+0x10/0x10
[  687.232643][T25329]  ? __fget_files+0x2a/0x420
[  687.232669][T25329]  ? __fget_files+0x3a0/0x420
[  687.232711][T25329]  __x64_sys_sendmsg+0x1bd/0x2a0
[  687.232746][T25329]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  687.232789][T25329]  ? __pfx_ksys_write+0x10/0x10
[  687.232830][T25329]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  687.232856][T25329]  do_syscall_64+0x15f/0xf80
[  687.232885][T25329]  ? trace_irq_disable+0x3b/0x140
[  687.232919][T25329]  ? clear_bhb_loop+0x40/0x90
[  687.232946][T25329]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  687.232970][T25329] RIP: 0033:0x7f5c5419cdd9
[  687.232992][T25329] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  687.233013][T25329] RSP: 002b:00007f5c5501a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  687.233038][T25329] RAX: ffffffffffffffda RBX: 00007f5c54415fa0 RCX: 00007f5c5419cdd9
[  687.233056][T25329] RDX: 00000000240280d1 RSI: 0000200000002dc0 RDI: 0000000000000005
[  687.233071][T25329] RBP: 00007f5c5501a090 R08: 0000000000000000 R09: 0000000000000000
[  687.233086][T25329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  687.233099][T25329] R13: 00007f5c54416038 R14: 00007f5c54415fa0 R15: 00007ffc50e16b18
[  687.233137][T25329]  </TASK>
[  688.300787][T25365] netlink: 80 bytes leftover after parsing attributes in process `syz.1.6585'.
[  688.340508][T25365] netlink: 80 bytes leftover after parsing attributes in process `syz.1.6585'.
[  688.538782][T25379] netlink: 520 bytes leftover after parsing attributes in process `syz.1.6591'.
[  688.638323][T25379] netlink: 40 bytes leftover after parsing attributes in process `syz.1.6591'.
[  688.664411][T25379] netlink: 36 bytes leftover after parsing attributes in process `syz.1.6591'.
[  688.746569][T25391] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6597'.
[  688.927351][T25386] syzkaller0: entered promiscuous mode
[  688.945109][T25386] syzkaller0: entered allmulticast mode
[  692.424627][T25446] netlink: 208240 bytes leftover after parsing attributes in process `syz.0.6612'.
[  692.522178][T25448] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6614'.
[  692.534738][T25446] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6612'.
[  692.583899][T25446] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6612'.
[  692.719149][   T36] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  692.739120][T25446] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6612'.
[  692.753570][   T36] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  692.764264][T25446] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6612'.
[  692.810827][   T36] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  692.810946][T25454] netlink: 'syz.1.6617': attribute type 4 has an invalid length.
[  692.833649][   T36] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  692.862314][T25458] netlink: 'syz.1.6617': attribute type 4 has an invalid length.
[  693.094563][T25442] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6612'.
[  693.851268][T25502] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6631'.
[  694.172176][T25512] netlink: 48 bytes leftover after parsing attributes in process `syz.1.6632'.
[  694.221442][T25512] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6632'.
[  694.996860][T25565] xt_hashlimit: size too large, truncated to 1048576
[  696.454793][T25631] FAULT_INJECTION: forcing a failure.
[  696.454793][T25631] name failslab, interval 1, probability 0, space 0, times 0
[  696.468927][T25631] CPU: 1 UID: 0 PID: 25631 Comm: syz.1.6668 Not tainted syzkaller #0 PREEMPT(full) 
[  696.468955][T25631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  696.468968][T25631] Call Trace:
[  696.468978][T25631]  <TASK>
[  696.468988][T25631]  dump_stack_lvl+0xe8/0x150
[  696.469021][T25631]  should_fail_ex+0x412/0x560
[  696.469056][T25631]  should_failslab+0xa8/0x100
[  696.469090][T25631]  __kmalloc_cache_noprof+0x88/0x660
[  696.469121][T25631]  ? sctp_add_bind_addr+0x8c/0x370
[  696.469177][T25631]  sctp_add_bind_addr+0x8c/0x370
[  696.469212][T25631]  sctp_copy_local_addr_list+0x314/0x4f0
[  696.469243][T25631]  ? sctp_copy_local_addr_list+0xa4/0x4f0
[  696.469269][T25631]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  696.469302][T25631]  ? sctp_v6_is_any+0x64/0x80
[  696.469336][T25631]  ? sctp_copy_one_addr+0x93/0x360
[  696.469371][T25631]  sctp_bind_addr_copy+0xb3/0x3c0
[  696.469403][T25631]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  696.469435][T25631]  sctp_connect_new_asoc+0x2ff/0x6b0
[  696.469473][T25631]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  696.469505][T25631]  ? __local_bh_enable_ip+0xd0/0x130
[  696.469528][T25631]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  696.469556][T25631]  ? security_sctp_bind_connect+0x7e/0x2c0
[  696.469582][T25631]  sctp_sendmsg+0x1528/0x2c10
[  696.469604][T25631]  ? unwind_next_frame+0xa6/0x2550
[  696.469645][T25631]  ? __pfx_sctp_sendmsg+0x10/0x10
[  696.469672][T25631]  ? aa_sk_perm+0x6d5/0x900
[  696.469710][T25631]  ? __pfx_aa_sk_perm+0x10/0x10
[  696.469741][T25631]  ? sock_rps_record_flow+0x19/0x350
[  696.469776][T25631]  ? inet_sendmsg+0x2f4/0x370
[  696.469803][T25631]  ____sys_sendmsg+0x80a/0x9f0
[  696.469842][T25631]  ? __pfx_____sys_sendmsg+0x10/0x10
[  696.469878][T25631]  ? import_iovec+0x73/0xa0
[  696.469910][T25631]  ___sys_sendmsg+0x2a5/0x360
[  696.469939][T25631]  ? __lock_acquire+0x6b5/0x2cf0
[  696.469970][T25631]  ? __pfx____sys_sendmsg+0x10/0x10
[  696.470040][T25631]  ? __fget_files+0x2a/0x420
[  696.470067][T25631]  ? __fget_files+0x3a0/0x420
[  696.470103][T25631]  __x64_sys_sendmsg+0x1bd/0x2a0
[  696.470137][T25631]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  696.470178][T25631]  ? __pfx_ksys_write+0x10/0x10
[  696.470219][T25631]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  696.470244][T25631]  do_syscall_64+0x15f/0xf80
[  696.470274][T25631]  ? trace_irq_disable+0x3b/0x140
[  696.470306][T25631]  ? clear_bhb_loop+0x40/0x90
[  696.470334][T25631]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  696.470357][T25631] RIP: 0033:0x7f7d18d9cdd9
[  696.470379][T25631] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  696.470399][T25631] RSP: 002b:00007f7d19b8b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  696.470430][T25631] RAX: ffffffffffffffda RBX: 00007f7d19015fa0 RCX: 00007f7d18d9cdd9
[  696.470447][T25631] RDX: 00000000240280d1 RSI: 0000200000002dc0 RDI: 0000000000000005
[  696.470472][T25631] RBP: 00007f7d19b8b090 R08: 0000000000000000 R09: 0000000000000000
[  696.470487][T25631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  696.470500][T25631] R13: 00007f7d19016038 R14: 00007f7d19015fa0 R15: 00007fff32da9188
[  696.470538][T25631]  </TASK>
[  697.109160][ T5637] hid-generic 0005:046D:1012.0005: item fetching failed at offset 0/1
[  697.131811][ T5637] hid-generic 0005:046D:1012.0005: probe with driver hid-generic failed with error -22
[  697.600678][T25674] __nla_validate_parse: 3 callbacks suppressed
[  697.600701][T25674] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6679'.
[  697.768569][T25680] tipc: Started in network mode
[  697.784556][T25680] tipc: Node identity fea01fadf183, cluster identity 4711
[  697.799263][T25680] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  697.834792][T25682] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6681'.
[  697.852072][T25680] syzkaller0: MTU too low for tipc bearer
[  697.872665][T25689] netlink: 'syz.1.6683': attribute type 1 has an invalid length.
[  697.890814][T25680] tipc: Disabling bearer <eth:syzkaller0>
[  698.022844][T25689] 8021q: adding VLAN 0 to HW filter on device bond2
[  698.169320][T25697] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6684'.
[  698.219956][T25699] IPv4: Oversized IP packet from 127.202.26.0
[  699.051344][T25742] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6695'.
[  699.356592][T25751] FAULT_INJECTION: forcing a failure.
[  699.356592][T25751] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  699.390904][T25751] CPU: 1 UID: 0 PID: 25751 Comm: syz.4.6700 Not tainted syzkaller #0 PREEMPT(full) 
[  699.390939][T25751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  699.390954][T25751] Call Trace:
[  699.390964][T25751]  <TASK>
[  699.390979][T25751]  dump_stack_lvl+0xe8/0x150
[  699.391013][T25751]  should_fail_ex+0x412/0x560
[  699.391049][T25751]  _copy_to_user+0x31/0xb0
[  699.391084][T25751]  simple_read_from_buffer+0xe1/0x170
[  699.391118][T25751]  proc_fail_nth_read+0x1bb/0x230
[  699.391160][T25751]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  699.391193][T25751]  ? rw_verify_area+0x2a6/0x4d0
[  699.391223][T25751]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  699.391254][T25751]  vfs_read+0x20c/0xa70
[  699.391291][T25751]  ? __pfx___mutex_lock+0x10/0x10
[  699.391324][T25751]  ? __pfx_vfs_read+0x10/0x10
[  699.391357][T25751]  ? __fget_files+0x2a/0x420
[  699.391389][T25751]  ? __fget_files+0x3a0/0x420
[  699.391415][T25751]  ? __fget_files+0x2a/0x420
[  699.391451][T25751]  ksys_read+0x150/0x270
[  699.391485][T25751]  ? __pfx_ksys_read+0x10/0x10
[  699.391514][T25751]  ? fput+0xa0/0xd0
[  699.391547][T25751]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  699.391572][T25751]  do_syscall_64+0x15f/0xf80
[  699.391602][T25751]  ? trace_irq_disable+0x3b/0x140
[  699.391634][T25751]  ? clear_bhb_loop+0x40/0x90
[  699.391661][T25751]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  699.391684][T25751] RIP: 0033:0x7f5c5415d60e
[  699.391706][T25751] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  699.391726][T25751] RSP: 002b:00007f5c55019fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  699.391750][T25751] RAX: ffffffffffffffda RBX: 00007f5c5501a6c0 RCX: 00007f5c5415d60e
[  699.391767][T25751] RDX: 000000000000000f RSI: 00007f5c5501a0a0 RDI: 0000000000000003
[  699.391781][T25751] RBP: 00007f5c5501a090 R08: 0000000000000000 R09: 0000000000000000
[  699.391796][T25751] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  699.391810][T25751] R13: 00007f5c54416038 R14: 00007f5c54415fa0 R15: 00007ffc50e16b18
[  699.391848][T25751]  </TASK>
[  699.757402][T25759] FAULT_INJECTION: forcing a failure.
[  699.757402][T25759] name failslab, interval 1, probability 0, space 0, times 0
[  699.787946][T25759] CPU: 1 UID: 0 PID: 25759 Comm: syz.2.6704 Not tainted syzkaller #0 PREEMPT(full) 
[  699.787980][T25759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  699.787994][T25759] Call Trace:
[  699.788005][T25759]  <TASK>
[  699.788015][T25759]  dump_stack_lvl+0xe8/0x150
[  699.788049][T25759]  should_fail_ex+0x412/0x560
[  699.788084][T25759]  should_failslab+0xa8/0x100
[  699.788117][T25759]  ? skb_clone+0x212/0x3a0
[  699.788159][T25759]  kmem_cache_alloc_noprof+0x87/0x650
[  699.788190][T25759]  ? __netlink_lookup+0xc6/0x8b0
[  699.788227][T25759]  skb_clone+0x212/0x3a0
[  699.788263][T25759]  __netlink_deliver_tap+0x404/0x850
[  699.788307][T25759]  ? netlink_deliver_tap+0x2e/0x1b0
[  699.788339][T25759]  netlink_deliver_tap+0x19c/0x1b0
[  699.788369][T25759]  netlink_unicast+0x730/0x8e0
[  699.788408][T25759]  netlink_sendmsg+0x813/0xb40
[  699.788449][T25759]  ? __pfx_netlink_sendmsg+0x10/0x10
[  699.788484][T25759]  ? aa_sock_msg_perm+0xf1/0x1b0
[  699.788515][T25759]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  699.788550][T25759]  ____sys_sendmsg+0x972/0x9f0
[  699.788581][T25759]  ? __might_fault+0xaf/0x130
[  699.788617][T25759]  ? __pfx_____sys_sendmsg+0x10/0x10
[  699.788659][T25759]  ? import_iovec+0x73/0xa0
[  699.788694][T25759]  ___sys_sendmsg+0x2a5/0x360
[  699.788723][T25759]  ? __lock_acquire+0x6b5/0x2cf0
[  699.788753][T25759]  ? __pfx____sys_sendmsg+0x10/0x10
[  699.788823][T25759]  ? __fget_files+0x2a/0x420
[  699.788848][T25759]  ? __fget_files+0x3a0/0x420
[  699.788886][T25759]  __x64_sys_sendmsg+0x1bd/0x2a0
[  699.788920][T25759]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  699.788962][T25759]  ? __pfx_ksys_write+0x10/0x10
[  699.789003][T25759]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  699.789029][T25759]  do_syscall_64+0x15f/0xf80
[  699.789059][T25759]  ? trace_irq_disable+0x3b/0x140
[  699.789092][T25759]  ? clear_bhb_loop+0x40/0x90
[  699.789149][T25759]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  699.789172][T25759] RIP: 0033:0x7f7e4539cdd9
[  699.789194][T25759] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  699.789213][T25759] RSP: 002b:00007f7e4627f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  699.789238][T25759] RAX: ffffffffffffffda RBX: 00007f7e45615fa0 RCX: 00007f7e4539cdd9
[  699.789254][T25759] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000004
[  699.789270][T25759] RBP: 00007f7e4627f090 R08: 0000000000000000 R09: 0000000000000000
[  699.789284][T25759] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  699.789298][T25759] R13: 00007f7e45616038 R14: 00007f7e45615fa0 R15: 00007ffd6d7a0298
[  699.789334][T25759]  </TASK>
[  700.135283][T25764] xt_hashlimit: size too large, truncated to 1048576
[  701.046617][T25809] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6720'.
[  701.303767][T25819] syzkaller0: entered promiscuous mode
[  701.338853][T25819] syzkaller0: entered allmulticast mode
[  701.547530][T25827] netlink: 16 bytes leftover after parsing attributes in process `syz.4.6725'.
[  701.560517][T25819] tipc: Started in network mode
[  701.583714][T25819] tipc: Node identity bab8948dc37e, cluster identity 4711
[  701.617161][T25819] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  701.659129][T25815] tipc: Resetting bearer <eth:syzkaller0>
[  701.728566][T25815] tipc: Disabling bearer <eth:syzkaller0>
[  702.063936][T25839] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6730'.
[  702.370376][    T9] IPVS: starting estimator thread 0...
[  702.388465][T25851] netlink: 'syz.4.6736': attribute type 2 has an invalid length.
[  702.468387][T25854] IPVS: using max 22 ests per chain, 52800 per kthread
[  702.558770][T25861] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  702.633483][T25868] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6742'.
[  702.679660][T25868] Oops: general protection fault, probably for non-canonical address 0xdffffc000000000d: 0000 [#1] SMP KASAN PTI
[  702.691634][T25868] KASAN: null-ptr-deref in range [0x0000000000000068-0x000000000000006f]
[  702.700131][T25868] CPU: 0 UID: 0 PID: 25868 Comm: syz.2.6742 Not tainted syzkaller #0 PREEMPT(full) 
[  702.709520][T25868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  702.719590][T25868] RIP: 0010:kernel_sock_shutdown+0x47/0x70
[  702.725417][T25868] Code: 53 f8 4d 8d 7e 20 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 37 61 be f8 4d 8b 3f 49 83 c7 68 4c 89 f8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ff e8 1a 61 be f8 4d 8b 1f 4c 89 f7 89
[  702.745038][T25868] RSP: 0018:ffffc9000599f0a8 EFLAGS: 00010202
[  702.751119][T25868] RAX: 000000000000000d RBX: 0000000000000002 RCX: ffff888050210000
[  702.759129][T25868] RDX: 0000000000000000 RSI: 0000000000000002 RDI: ffff888055ff7240
[  702.767118][T25868] RBP: 0000000000000002 R08: ffff88805057bdab R09: 1ffff1100a0af7b5
[  702.775105][T25868] R10: dffffc0000000000 R11: ffffed100a0af7b6 R12: dffffc0000000000
[  702.783087][T25868] R13: dffffc0000000000 R14: ffff888055ff7240 R15: 0000000000000068
[  702.791065][T25868] FS:  00007f7e4625e6c0(0000) GS:ffff88812528d000(0000) knlGS:0000000000000000
[  702.800002][T25868] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  702.806689][T25868] CR2: 000055557d4f59f8 CR3: 000000005290c000 CR4: 00000000003526f0
[  702.814672][T25868] Call Trace:
[  702.817963][T25868]  <TASK>
[  702.820901][T25868]  udp_tunnel_sock_release+0x6f/0x80
[  702.826299][T25868]  rxe_net_del+0x121/0x2e0
[  702.830728][T25868]  rxe_dellink+0x15/0x20
[  702.834977][T25868]  nldev_dellink+0x304/0x3d0
[  702.839579][T25868]  ? __pfx_nldev_dellink+0x10/0x10
[  702.845011][T25868]  ? apparmor_capable+0x126/0x170
[  702.850072][T25868]  ? bpf_lsm_capable+0x9/0x20
[  702.854754][T25868]  ? security_capable+0x7e/0x2c0
[  702.859710][T25868]  ? __pfx_nldev_dellink+0x10/0x10
[  702.864832][T25868]  rdma_nl_rcv+0x6d1/0xa10
[  702.869268][T25868]  ? __pfx_rdma_nl_rcv+0x10/0x10
[  702.874223][T25868]  ? netlink_deliver_tap+0x2e/0x1b0
[  702.879541][T25868]  ? netlink_deliver_tap+0x2e/0x1b0
[  702.884770][T25868]  netlink_unicast+0x75c/0x8e0
[  702.889572][T25868]  netlink_sendmsg+0x813/0xb40
[  702.894365][T25868]  ? __pfx_netlink_sendmsg+0x10/0x10
[  702.899698][T25868]  ? aa_sock_msg_perm+0xf1/0x1b0
[  702.904653][T25868]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  702.910212][T25868]  ____sys_sendmsg+0x972/0x9f0
[  702.914993][T25868]  ? __might_fault+0xaf/0x130
[  702.919682][T25868]  ? __pfx_____sys_sendmsg+0x10/0x10
[  702.925095][T25868]  ? import_iovec+0x73/0xa0
[  702.929639][T25868]  ___sys_sendmsg+0x2a5/0x360
[  702.934330][T25868]  ? __lock_acquire+0x6b5/0x2cf0
[  702.939283][T25868]  ? __pfx____sys_sendmsg+0x10/0x10
[  702.944498][T25868]  ? futex_wait+0x2a2/0x390
[  702.949191][T25868]  ? __fget_files+0x2a/0x420
[  702.953789][T25868]  ? __fget_files+0x3a0/0x420
[  702.958484][T25868]  __x64_sys_sendmsg+0x1bd/0x2a0
[  702.963440][T25868]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  702.968916][T25868]  ? rcu_is_watching+0x15/0xb0
[  702.973703][T25868]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  702.979777][T25868]  do_syscall_64+0x15f/0xf80
[  702.984393][T25868]  ? trace_irq_disable+0x3b/0x140
[  702.989430][T25868]  ? clear_bhb_loop+0x40/0x90
[  702.994125][T25868]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  703.000022][T25868] RIP: 0033:0x7f7e4539cdd9
[  703.004479][T25868] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  703.024360][T25868] RSP: 002b:00007f7e4625e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  703.032791][T25868] RAX: ffffffffffffffda RBX: 00007f7e45616090 RCX: 00007f7e4539cdd9
[  703.040780][T25868] RDX: 0000000020004018 RSI: 00002000000005c0 RDI: 0000000000000009
[  703.048759][T25868] RBP: 00007f7e45432d69 R08: 0000000000000000 R09: 0000000000000000
[  703.056747][T25868] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  703.064723][T25868] R13: 00007f7e45616128 R14: 00007f7e45616090 R15: 00007ffd6d7a0298
[  703.072722][T25868]  </TASK>
[  703.075752][T25868] Modules linked in:
[  703.081181][T25868] ---[ end trace 0000000000000000 ]---
[  703.094705][T25867] smc: removing ib device syz0
[  703.107124][T25867] smbdirect: ib_dev[syz0] removed
[  703.130528][T25868] RIP: 0010:kernel_sock_shutdown+0x47/0x70
[  703.150920][T25869] netlink: 'syz.2.6742': attribute type 1 has an invalid length.
[  703.152657][T25868] Code: 53 f8 4d 8d 7e 20 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 37 61 be f8 4d 8b 3f 49 83 c7 68 4c 89 f8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ff e8 1a 61 be f8 4d 8b 1f 4c 89 f7 89
[  703.171437][T25869] netlink: 228 bytes leftover after parsing attributes in process `syz.2.6742'.
[  703.190527][T25868] RSP: 0018:ffffc9000599f0a8 EFLAGS: 00010202
[  703.196967][T25868] RAX: 000000000000000d RBX: 0000000000000002 RCX: ffff888050210000
[  703.206139][T25868] RDX: 0000000000000000 RSI: 0000000000000002 RDI: ffff888055ff7240
[  703.214188][T25868] RBP: 0000000000000002 R08: ffff88805057bdab R09: 1ffff1100a0af7b5
[  703.222422][T25868] R10: dffffc0000000000 R11: ffffed100a0af7b6 R12: dffffc0000000000
[  703.227660][T25869] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6742'.
[  703.231901][T25868] R13: dffffc0000000000 R14: ffff888055ff7240 R15: 0000000000000068
[  703.260044][T25868] FS:  00007f7e4625e6c0(0000) GS:ffff88812528d000(0000) knlGS:0000000000000000
[  703.270718][T25868] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  703.277764][T25868] CR2: 0000001b30422ff8 CR3: 000000005290c000 CR4: 00000000003526f0
[  703.286622][T25868] Kernel panic - not syncing: Fatal exception
[  703.293255][T25868] Kernel Offset: disabled
[  703.297613][T25868] Rebooting in 86400 seconds..