last executing test programs:

1m6.85061268s ago: executing program 1 (id=9333):
socket$nl_crypto(0x10, 0x3, 0x15)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x42000, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x306)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000000c0)={'pim6reg1\x00', @multicast})
close(0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x38}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
syz_emit_ethernet(0x71, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd600000000000000000000000ffff0a010101ff02000000000000000000000000000108029078000000ff5f0008100000330000000000000000000000ffff00000000fc0200000000000000000000000000002900000000000000fb36ee"], 0x0)
ioctl$XFS_IOC_ATTRMULTI_BY_HANDLE(0xffffffffffffffff, 0x4048587b, &(0x7f0000001a40)={{0xffffffffffffffff, &(0x7f0000000000)='/proc/sys/net/ip]\x11tiox_control\x00'/42, 0x200, 0x0, 0x7ff, 0x0, 0x0}, 0x0, 0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=@newtaction={0x14, 0x30, 0x301, 0x0, 0xfffffffc}, 0x14}, 0x1, 0x0, 0x0, 0x80d0}, 0x1800)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="08000000040000000400000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000025000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x6, 0x14, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
getsockopt$inet_mptcp_buf(0xffffffffffffffff, 0x11c, 0x1, 0x0, &(0x7f0000001000))
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r4, 0x2000012, 0xe, 0xf0, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xc}, 0x50)

1m6.569518551s ago: executing program 1 (id=9341):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000002000)=@raw={'raw\x00', 0x8, 0x3, 0x3a0, 0x0, 0x11, 0x148, 0x0, 0x0, 0x308, 0x2a8, 0x2a8, 0x308, 0x2a8, 0x3, 0x0, {[{{@ip={@loopback, @loopback, 0xff000000, 0xff, 'syz_tun\x00', 'sit0\x00', {0xff}, {}, 0x6c, 0x1, 0x77}, 0x0, 0x190, 0x1d8, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x9, 0x0, 0x3, 0x3, 0x7, 0x0, 0xb0d452e9002af204}, {0x2}}}, @common=@unspec=@conntrack3={{0xc8}, {{@ipv4=@broadcast, [0xff, 0xff, 0x0, 0xff], @ipv6=@mcast2, [0xffffffff, 0xffffff00, 0x0, 0xffffffff], @ipv4=@empty, [0xff, 0x0, 0x0, 0xff000000], @ipv4=@multicast2, [0x0, 0x0, 0x0, 0xffffff00], 0x6, 0x6, 0x0, 0x4e23, 0x4e24, 0x4e22, 0x4e23, 0x81}, 0x0, 0x480, 0x0, 0x0, 0x0, 0x4e20}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00'}}}, {{@uncond, 0x0, 0xd0, 0x130, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@quota={{0x38}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x3, [0x2, 0x0, 0x1, 0x7, 0x2, 0x5], 0x3, 0x1}, {0xffffffffffffffff, [0x3, 0x0, 0x2, 0x7, 0x1, 0x2], 0x2}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x400) (fail_nth: 1)

1m6.133824488s ago: executing program 1 (id=9345):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000900)=@newtaction={0xa8, 0x30, 0xb, 0x5, 0x0, {}, [{0x94, 0x1, [@m_ct={0x90, 0x1, 0x0, 0x0, {{0x7}, {0x68, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x80000001, 0x0, 0x0, 0x0, 0x400}}, @TCA_CT_ACTION={0x6, 0x3, 0x19}, @TCA_CT_NAT_IPV4_MIN={0x8, 0x9, @private=0xa010102}, @TCA_CT_NAT_IPV4_MAX={0x8, 0xa, @initdev={0xac, 0x1e, 0x1, 0x0}}, @TCA_CT_LABELS={0x14, 0x7, "e142a1dc6b3a3dd0aaeb9317676b63d2"}, @TCA_CT_MARK={0x8, 0x5, 0x9}, @TCA_CT_NAT_PORT_MIN={0x6, 0xd, 0x4e24}, @TCA_CT_NAT_PORT_MAX={0x6, 0xe, 0x4e22}, @TCA_CT_MARK_MASK={0x8, 0x6, 0x8000}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0xa8}, 0x1, 0x0, 0x0, 0x8890}, 0x40)
ioctl$int_in(r0, 0x5452, &(0x7f0000000000))
connect(r0, &(0x7f0000000180)=@pppoe={0x18, 0x0, {0x0, @random="560a035741c8", 'wlan1\x00'}}, 0x80)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x1, 0x2a, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000097000000000000000000001818110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007baaf8fe00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000b5001c008200000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000bf080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000070000008200000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8a00fe00000000bfa200000000000007020000f8ffffffb703000008000000b7040000010000008500000082000000bf91000000000000b7020000010000008500000085000000b70000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0xf, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1m6.066308166s ago: executing program 1 (id=9348):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, 0x0)
unshare(0x6a040000)
socket$netlink(0x10, 0x3, 0x8000000004)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b19, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_emit_ethernet(0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c2000002aaaaaaaaaaaa08004500006000000000002f9078640101000000000024806558000000000000000010000800000086dd"], 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000020a010200000000000000000a0000060900010073797a310000000008000240000000018c000000020a010100000000000000000000000369000600e62807258a6d38caf4cb1d7a776a7a05e57912414e63207c5e61d47bb4016b21bd5593b033b0968722f2f0f4818a1a13fbb43e79d0ae674d071c0164df9d3701cc15211300766b6ebe326ada9e49cca5c2a07460e46e35eabfb48a4cd2cd83790d7e705b010000000900010073797a31000000001c000000090a030000000000000000000a00000208000c4004"], 0xf8}, 0x1, 0x0, 0x0, 0x2000c814}, 0x4000)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000004000ffff0900010073797a30000000000900020073797a3100000000140003800800014000000000"], 0x138}, 0x1, 0x0, 0x0, 0x20040855}, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c00028008000140000000001400017b090001006cdbf80789f3f947dd0002800800"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0)

1m2.632845993s ago: executing program 1 (id=9367):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000f40)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x801, 0x0, 0x0, {0x3, 0x0, 0xa}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x30, 0x16, 0xa, 0x301, 0x0, 0x0, {0x3, 0x0, 0xa}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_FLOWTABLE_HOOK={0x4}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x78}, 0x1, 0x7000000, 0x0, 0x40004}, 0x4000000)

1m2.299573902s ago: executing program 1 (id=9372):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
r1 = socket$netlink(0x10, 0x3, 0x0)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073017a31000000000800410072786500140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)

1m1.51479812s ago: executing program 3 (id=9379):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x3, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000140)={@map=0x1, r1, 0x2f, 0x8, 0xffffffffffffffff, @void, @value=0x0}, 0x20)
sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000180)=[{&(0x7f00000004c0)="99", 0x1}], 0x1}, 0x4048043)

1m1.404052316s ago: executing program 3 (id=9381):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@bridge_dellink={0x34, 0x13, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@IFLA_AF_SPEC={0x14, 0x1a, 0x0, 0x1, [@AF_INET={0x10, 0x5, 0x0, 0x1, {0xc, 0x1, 0x0, 0x1, [{0x8, 0x41}]}}]}]}, 0x34}}, 0x0)

1m1.271634507s ago: executing program 3 (id=9382):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r0, 0x89f6, &(0x7f0000000080)={'bridge0\x00', &(0x7f0000000000)=@ethtool_regs={0x4, 0x0, 0xb, "2a16561edfd2f20ab3ed4a"}})
syz_emit_ethernet(0x3a, &(0x7f0000000040)={@multicast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x41}, @val={@void}, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x64, 0x0, 0x0, 0x2, 0x0, @empty=0xb00, @multicast2}, @timestamp_reply={0x11, 0x0, 0x0, 0xe000, 0x1, 0x2, 0x1000000}}}}}, 0x0)

1m1.159879541s ago: executing program 3 (id=9385):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r0, 0x89f6, &(0x7f0000000080)={'bridge0\x00', &(0x7f0000000000)=@ethtool_regs={0x4, 0x0, 0xb, "2a16561edfd2f20ab3ed4a"}})
syz_emit_ethernet(0x5ec, &(0x7f0000000180)={@link_local, @local, @void, {@ipv6={0x86dd, @icmpv6={0x7, 0x6, "4962e0", 0x5b6, 0x3a, 0x0, @dev={0xfe, 0x80, '\x00', 0x2a}, @mcast1, {[], @ndisc_na={0x88, 0x0, 0x0, 0x3, '\x00', @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, [{0x1f, 0x1, "b13a4b87324a2a1e52"}, {0x2, 0xb2, "27a3c4b90b311cf20bb75de152c93a2c83273a9f31f2a068550552ca0e33cd2bddbc648ac5ba3317910e285243e593f6f339c6bd4687a8e22583e4a36c5bf4c0d90dd7f1ed9d1e900ba6736bac234cfeb6c2ea0fd980aa19dc2feccea846b8bf96b1516ec4791baf8b20b6eb64bf227fa440859c28863c8559efa216d08458d5a787f8bb89a42deba6ab769df16eaaff74bef0bceab7217205582c455b8df75374a8cc4c96a6e1a20a9224a7d1dbb0b83448f09c2f494aba520e58d51fbe01036034291b0a228f484e80705086f7410adf8ab8c96a990102664cc3c9861802ac2c169ca52decda24aaa280bbc976d074c78b380336267783e153f8db36963a6f7cdce04b80c69629c5da4d9112e757feb438f9ab4bea705a97b7ad04824fd79b456106f173a8f9bcbd36666a71b50ff954f3ab7e6d2226406b1a6aee3567868296bc0914d320a5380d1616c04540d5a8bc1763be3528349266bd2bc4402f6fe4798904398297c9e3c19db19e19a1b4d80b1dd2e1349294d80a18a75c27c6d9058c10279fe38fa7e299345d05e1af6c53e543be3498875f5c46c67d44bd4052de3515f3e1c60420edf1098be5b9e3e9e1c0ce80a24db50ebbec6d73859939624df237a8b86cbbe01ed1624aa70e71c9e1069c76739e9b1066db5313e9409f914058888a72dfbd5d2d24ccdebaaefb09a0b046b12ae6e11009a48e1dd55e502b07b9bc3fd4cea5df2b3a0ef7e3454928ef17e988c655d63d3e30036cbaeb606374ed12bebe7be65ea45408f66aa4815c50991a526d3df713910c9c70bc95df8a998c23c90e56c3a270722412779f6fb30eb5e1e62767ed22bf1ff5937854fc8cfc4c80d06fef511a404ac39e7e8e7a5bf20cb329352b23001ee81467bfd1e7cd929570a7979b67a925e7336bea42babdcc3f52ce6e278c71cd667dd7ca60d66f4560bd34abd2b6186b03ba322a670a3e08a01f24cd62701efd1dded7342b71a38093123c441c68649adba258d844bbb9078e77d3d13fa9413a0d73791a2b67467169fe570018cc87b61252f00557eb9e05fe49457429012f638651123947a64e7d497d9347d0c7831a9cc836eeb00f095f4fa9586e1e195f313992e316a1474d8923400492e9e51e8bbea054f2b22d6a42fea5dc28587ce8c5f017d17d82a72d896735c07f59181bbe348c58393365535225c5270035ce4783c36bff480ed9df30eb962c66edfd17e8996d86a55fabfa4135452b1c595facb2f7f7c821cd6515a15413a59dde25e0be554f7ed874e1e0218640ef15bac2a814405122a051c83d54884867a18eccc47fe47c3e1c0a357e2c5cc47b69d306497f292e7e7259d7efb891a559a7652b53e09ace7cf1d6e04aaf9d65f371d6b1406fb282ff809f1dc04517b617b761e78cda6e6a795aca97bb2cb42733ef887728ce7d8f96ae45a9c9d31af22a0b794aee216d1236cb1d31870f4cca20e0fcde826f870f4ecf28135dfb97f862c52afe3730948439f2876b28532599b4a32efa4bf9dfd2899492436dc3cb8917bbe6b5aa0c92ced180788b48ded0185fa6606922c04c5161b68a5e6d0c0e6499f5a514f98191ba4e459237c9f719735c823c2a3c47eb05277205c31fe853f304a602b80300baee616da22ab6afbca680e394f2b7ec5ac60c14b7ff7a6d444f4e45d95c321a3952c8c11004d7f2366f6fcf8eb18be47477f593189632caac2d336abbee479443c7ad0cecb5cafb6cbbda85ca654a3cf4028e4ed9a373df1f45fc8ed880d628a31e6c413b5ceaff98e6243f44d3b4f2584534d9303add1ce9e8d305a6a0e32b88afbafeb983b26af33fc08d7c97470b004546623cc0b11a21890e3c4861795d12e0e7938ae11beb736bc9a16f6c3944a40d9f655acddd92527c99cc70b6b05d4cd0d7e07f30496c0c11fd41bd1619315da4081926c709925c6360306ee484be89824012c693bebcb666d3b70f0546331475d1f08ce0c0ed371e0646675bb6fae840f8d99f70061e8e"}]}}}}}}, 0x0)

1m0.917645731s ago: executing program 3 (id=9387):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r0, 0x400448ca, 0x0)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r1, &(0x7f0000000140)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)

59.829933913s ago: executing program 3 (id=9396):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000980)=@raw={'raw\x00', 0x8, 0x3, 0x530, 0x1d8, 0xffffffff, 0xffffffff, 0x1d8, 0xffffffff, 0x460, 0xffffffff, 0xffffffff, 0x460, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'bridge0\x00'}, 0x0, 0x1b0, 0x1d8, 0x0, {}, [@common=@unspec=@helper={{0x48}, {0x0, 'amanda\x00'}}, @common=@unspec=@conntrack2={{0xc0}, {{@ipv6=@private1, [0xff000000, 0xffffffff, 0xff, 0xffffffff], @ipv6=@private1={0xfc, 0x1, '\x00', 0x1}, [0xffffff00, 0xff, 0xffffffff, 0xffffffff], @ipv6=@empty, [0xff000000, 0xff, 0xff, 0xff], @ipv6=@local, [0xffffffff, 0xff000000, 0xff000000, 0xffffff00], 0x80, 0x54, 0x3b, 0x4e20, 0x4e23, 0x4e21, 0x4e23, 0x446, 0x39a}, 0x100, 0x20}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00', {0xff}, {}, 0x0, 0x0, 0x0, 0x4b}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0xfffffffe, 0xe, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x590)
syz_emit_ethernet(0x3e, &(0x7f0000000580)={@multicast, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "108f84", 0x8, 0x3a, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @local, {[], @echo_request}}}}}, 0x0)

57.638222808s ago: executing program 2 (id=9416):
openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000400)=@raw={'raw\x00', 0x4001, 0x3, 0x390, 0x220, 0x700001b, 0x148, 0x220, 0x148, 0x2f8, 0x206, 0x240, 0x2f8, 0x240, 0x7fffffe, 0x0, {[{{@ip={@local, @rand_addr, 0x0, 0x0, 'veth1_macvtap\x00', 'bond_slave_1\x00', {0xff}, {}, 0x0, 0x1}, 0x1ea, 0x200, 0x220, 0x0, {0x390, 0x8f00}, [@common=@inet=@hashlimit2={{0x150}, {'ip6tnl0\x00', {0x5, 0x1ff, 0x1, 0x5, 0x1, 0x100, 0x1, 0x8, 0x20}, {0x8}}}, @common=@set={{0x40}, {{0x0, [0x5, 0x4, 0x7, 0x2, 0x1], 0x1, 0x6}}}]}, @unspec=@NOTRACK={0x20}}, {{@uncond, 0x0, 0xb0, 0xd8, 0x0, {}, [@common=@set={{0x40}, {{0x0, [0x1, 0x6275dd3c01ecbf44, 0x2, 0x5, 0x2], 0x4, 0x2}}}]}, @common=@unspec=@NFQUEUE3={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3f0)

57.462171428s ago: executing program 2 (id=9417):
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, 0x0, 0x0)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
r0 = socket$inet(0x2, 0x801, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)

57.005503679s ago: executing program 2 (id=9418):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r3, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000700)={0x38, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_TX_RATES={0x1c, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x18, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500]}}]}]}]}, 0x38}}, 0x4000800)

56.390698659s ago: executing program 2 (id=9420):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x200000, @empty, 0x4}, 0x1c)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x19, 0x0, 0x0)
listen(r0, 0x5)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000580)={0x0, @in6={{0xa, 0x4e20, 0x1, @empty, 0xfeff}}, 0x6, 0x0, 0x3fc, 0x4, 0x32, 0x3, 0xb4}, 0x9c)
recvmmsg(r0, &(0x7f0000002d00)=[{{0x0, 0x0, 0x0}, 0x5}], 0x40000000000028f, 0x10120, 0x0)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000002580)=[{&(0x7f0000000100)="87e09faeb4620869e33cf058a1d8baa409ea300e092261bc4ca7ed44467fd81ec921e6e4b63c52b255692707001b6f64", 0x30}, {&(0x7f0000000340)="0da236d5ee61048a499ec01174dfe4f385b3fec86ab364e5e938f875157d4e6c6d1524f91cf6a3bb418a39cadc78b9da66630187166090b0574a0c51b5aad0c3ea8a1c04a0ef86e228fdda9ec033d3af60ef95325652754bba0f6a930956bd4fabb5b9fe084cfba69fa956c3dd07d2d706adf43a2bb008d256f8f9ff60eb7621380898718755c490096215d72d15ca239089454a33a0dcbbae19db483db4aa5a04f7ef711751bafb346a7163cd4473128143b828e6a41735b9959dd262595ba6ab383733344ddf95b0cc5c869bb665fa6102085f8037a4ba82ecff523b136edc4d5318f573ac7c539e6df7396d54a41a6d27d8b123d63b6c1d9f899929cff9da999a8973761c34ce6fc175bc88db29a378c8b45fa99aedf01cdc731ad8ae76d83320d369e38bd9ba62ec3bc4e712a0ae1816fc3db207e5e3e5134826c6f7348e5077164bd67c2d7577c19f7b3184b9a1dc00b745d21615977469ea121e5ef44092bef0a7ddc63bbe2681aace14617518230ac60bd83a5dc2aa27c8d3469aa3c85ddcd58685da28549fdc9259c2208d5d3a89d87b36dd52b3cd2097e062ef3827dc22c0ad739f441fd390f2766d37b94b7f3edffd137fa59dbab7f516036b1d5f77e033f21be8eb0d5808994214be4cf468a2cac7fd7704688843e5b8d29dec6aafcec960dcf9b114ab04dbecd2ec9e4946912b041c879e347b2490729a35ff543a9ab467421a89c49d2f3306e7a354d3d3872966f3bfe15cdf47c38c4a45707a07a502480fb278538f4348264792a12ca1f5495a4a823a8d1c6b551e01d76a42866cdb7b36e316ee0546b095ce913b7bf7783702cdfa17230f933004360cb1c64413d6a6a7d6a15f36347b5ff1035279f490865a5b41ab24f71ef6bf4b62cde22e4803e2017cf69e4de4f1a54cff74092b5e64ece6158b809fab2d470393e478e8568d796abdbf7bb1a7bf5813359e981671551700e8ebfe2f3e23fbcc2b876400383de84a0f254446117bd21dd643230c6c1b5ea224bb41055207f92d8bdf85fd0114511dc2070dcb9e1a13ce9cc07df3f419fc00b8b4602d864c18a17d46a34135024255d782d29fec885db60d488097f3c29a0c5950435a3b0196604249ff0c0bba5db3d25592283bce5e42b03fd17c10058280b46cfb408e958339b56eee7fb9ebbd07c6d5d9fa14a5c372a6f1d76a5f1dff527150338e8ee0da65c76cd51681ecad1f02c886e5854fb9df60af2a8ff9737f4094c6be3ba94e530d67db869ac7fa69e634fb0e1132e3ded2ec11e6f82a85b6eae75fdbb2960bb89c818ec58042a93a68148b03413e275fccbc35c0789f9c608f805533e49cb9deb707763057061932dd3ba7127fd90c375c4144aa6fc7431522a7d1d06b0fe5c26dc19ea000e2f2a039ca785a1e98abca1abbe8190ed57c4a2f6f76d42d627e7d0206c39ca0b4a28d9c45d888f01ffcb9505ac8c5e2213316c1fa743d8a94038cc9d36dc061cae5de83f766a84bf47d1654ad37b2a2d6d2b8d5b73bded50df4a0fc2f1aefa04570e17c31c817ff1b7a686fd8ffb580aabe0844a5fb51fd8b863ff872fa2b721ec76019db36ed63c295c77dba9b3f5d3fe7df6d005ea8cea8119afe4fdab6d092428231b8e8550184cf95e6ae937d7be42144ec20c217796751e5b53d2e9752d4a6bc9a00d66522632cd949d8fc853eb745773480379a9771435d6c7e837ad44f46443631df8b675ffbabe109816ac0dd61747388609e307699579a2a2472f273aa459119461fb45db431c1e1cbcaff64ced9b6c54a17064ce0ae5efe33d0709c4ee608eeea287cedbb92b3a09fda0ef5cba276884308c6141bc9e5d7bfc9fe1f097d25e73fbb4e066720620df7792c7c2987023e396cfa53eeaaa1333335b3b628ef7bdcc5067cf020c33cbcac0ee3ba42719a3091f69e4b341be5b67b41eb82ed14dfc7789a3e86e93c4d40f3921e35b9d3b9691f91286558f60ac6b9a74b189d9bb2c29286e49c07534a3e2157c7d515c2379db328e39707094b559d133767a1290bc2fabd2c1e2bc48ba71499f770d4f92dea3465f4023d91a1b6ae12072a656479fd071d1fe72b23be1ca8127347ce86d8fcef1b35b5b30813bd8f1b31bb4748a96f9772d114546c44ab101d9d7829942cf1f5f9b5bf1551b24fa74b0ca99f36ed41c88b562dabac6b93bfac700dfcde665d21cec435cb739a29d0f6e02728a9de1d9ac3e1d24c780b29822e9141342c25f7b7aaca33c8d4e201adf75b1e1c62517a995704a61e09658a4d410b2f00575ef1b1f369fb6d22c900584cc38647deb672b981169a058476ae7c5d631e98af0f5404032f", 0x679}], 0x2}}], 0x1, 0x4)

54.175717019s ago: executing program 2 (id=9426):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x11)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25)

53.213492811s ago: executing program 2 (id=9429):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="380000000314230c2abd7000ff05df250900020073797a310000000008004100727865001400330073797a5f74756e"], 0x38}, 0x1, 0x0, 0x0, 0x48845}, 0x4000)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000004c0)={0x30, 0x1410, 0x8b7fbbc5948fecd9, 0x70bd29, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x5}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8}, @RDMA_NLDEV_ATTR_STAT_AUTO_MODE_MASK={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x20004085}, 0x10)

49.533520346s ago: executing program 4 (id=9437):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB="2000000010000104000000000000000000480000", @ANYRES32=r1, @ANYBLOB="ae"], 0x20}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$unix(0x1, 0x2, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010028bd7000fddbdf250700000008000300", @ANYRES32=r5, @ANYBLOB="0c009900ff070000700000001400040073797a6b616c6c65723000000000000008000500070000000a0018"], 0x50}, 0x1, 0x0, 0x0, 0x91}, 0x24044884)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r6)
socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
r9 = socket$packet(0x11, 0x2, 0x300)
sendto$packet(r9, 0x0, 0x0, 0x4000000, &(0x7f0000000380)={0x11, 0x8847, r8, 0x1, 0xd8, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x14)

49.266233136s ago: executing program 4 (id=9438):
socket$packet(0x11, 0x3, 0x300)
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0xd}, 0x1c)
r0 = socket(0x200000000000011, 0x2, 0xd)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'syz_tun\x00', <r1=>0x0})
bind$packet(r0, &(0x7f0000000080)={0x11, 0x800, r1, 0x1, 0x0, 0x6, @multicast}, 0x23)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000000)={'team0\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=@newlink={0x3c, 0x10, 0x1, 0xffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2a060}, [@IFLA_IFNAME={0x14, 0x3, 'syz_tun\x00'}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x3c}}, 0x8000)

48.896423078s ago: executing program 4 (id=9439):
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty, 0x20000000}}, 0x0, 0x0, 0x0, 0x0, 0xb3550aa4ba878396}, 0x9c)

47.953313092s ago: executing program 4 (id=9442):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000540)={r0, 0x0, 0x0}, 0x20)

47.884071631s ago: executing program 4 (id=9443):
r0 = socket$inet6(0xa, 0x3, 0x1)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x4ea3, 0x0, @loopback, 0x3}, 0x1c)
r1 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000019200)=@raw={'raw\x00', 0x8, 0x3, 0x4d8, 0x180, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x408, 0xffffffff, 0xffffffff, 0x408, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@loopback, @mcast2, [], [], 'veth0_macvtap\x00', 'bridge0\x00'}, 0x0, 0x158, 0x180, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@iprange={{0x68}, {@ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @ipv4=@multicast2, @ipv6=@loopback, @ipv6=@empty}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00', {0xff}, {}, 0x0, 0x0, 0x0, 0x4b}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0xfffffffe, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x538)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x9521, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0xff8a}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)

47.633071681s ago: executing program 4 (id=9444):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40841, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000002600)=ANY=[@ANYBLOB="04000000ffffffffffffaaaaaaaaaaaa8100000086dd6f6d20f4127306"], 0x12b1)

47.209162022s ago: executing program 32 (id=9372):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
r1 = socket$netlink(0x10, 0x3, 0x0)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073017a31000000000800410072786500140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)

38.13367317s ago: executing program 33 (id=9429):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="380000000314230c2abd7000ff05df250900020073797a310000000008004100727865001400330073797a5f74756e"], 0x38}, 0x1, 0x0, 0x0, 0x48845}, 0x4000)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000004c0)={0x30, 0x1410, 0x8b7fbbc5948fecd9, 0x70bd29, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x5}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8}, @RDMA_NLDEV_ATTR_STAT_AUTO_MODE_MASK={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x20004085}, 0x10)

32.437364892s ago: executing program 34 (id=9444):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40841, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000002600)=ANY=[@ANYBLOB="04000000ffffffffffffaaaaaaaaaaaa8100000086dd6f6d20f4127306"], 0x12b1)

7.250290904s ago: executing program 0 (id=9480):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000080)={0x54, r1, 0x1, 0x70bd25, 0x25dfdbff, {}, [@WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e23}, @WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @a}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg2\x00'}]}, 0x54}, 0x1, 0x0, 0x0, 0x40060040}, 0x880)

2.570693877s ago: executing program 0 (id=9481):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r0, &(0x7f0000000000)='\x00', 0x1, 0x24048845, &(0x7f0000000140)={0xa, 0x4001, 0xfffb, @loopback, 0xfffffffa}, 0x1c)

2.378519625s ago: executing program 0 (id=9482):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=ANY=[@ANYBLOB="2c0000001400b59500000000000000000a400000", @ANYRES32], 0x2c}}, 0x0)

2.231621153s ago: executing program 0 (id=9483):
r0 = socket$netlink(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vxcan1\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000340)={0x1d, r2, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18)
sendmmsg(r1, &(0x7f0000003dc0)=[{{&(0x7f0000000180)=@can, 0x80, &(0x7f0000001600)=[{&(0x7f0000000480)="de672c01ae74", 0x6}, {&(0x7f0000000600)="0a6501d3a4f74bd627e7e993e55da8fd2f66421ed1213b599ca5801d079f4b9699a8367b0b9e12f1553495c15307c34659743c6d315373a60171ffb543316d383df1dd837bf8bc2380e04830281e5111a7bdeaaf8f646644c905e9d83473b75c2bf38433feca347e1410f474ec003df72496b98353534a63b8d4d35e3da88d770118cc5e13fb04d03ce9301bbfa4a59dab47d3d20910b316e743f6528c4a38226f01f936c84f6b990be136cd82d96f8a8348ddb16c931ed4cb72c8e1030172345860bed480d092a948cb95f609fde31c56530b865ea82aa74a3d130e5f8dfc5dfb000cbb80a49353754c002b13493b56c496da0e1a75d0df462d8319b8d8b0ea5f54e2a779db036f669b640d58ec4cf32b2fed5bedcfe9b4b2e44d8246a1a371ac55050845e8f7b4e36489400029f00d7501d5382a808dce2528e692bb2cac64cab332a35fdeb3319862994917dbd7c91c5863aaeaff153ac2f426e5df6a3aaf7cdbd4fe956fe98509269d1c1889461f0ef63be7ed5f138f5feaf46416ac04497cceb6eb1189984f20b2a372ce273d709fac4e2151bade04257d7f13c04a1c1033aede733d0abf8ae4806a2375cb5c89dc05209975a71f2a1194df5997e9b85e810bd71c3bc4daa321a0cf510d579dae0d779d89c530f6ca293418375a03df6161a4277999f8d57ad8dc11f721d0c08d7cb3597494f421980c361a0b44d710b770f2947f741c6a5123a5999eab23254421bf478c13e2eff97f0b822ee3954104e6ac92fa0fa948fceaa39b252cdac2743c05d891bc1a66150392c9653413356e1c65426cfd4e64d8a316e567647413045fa339cac00f3ab7c50f97f1a0530be22e1e2c08a235d53d22ac880c4287676916befaa620d1c9852b8a44a4bc6420e0c844724685ff5068c4f5ac476cd9f35ebdb93ce73f852f99c12067e7a33b5f7a617c30ca190edd5ee46dada832125bc4ce1d5d6dd8a44f888fce599f962d27877d60381e64aa26333b0509cb5ad5e1dcf43b8e2a6f85279378f4fe0cf99acf9ec6d9d6b084c90032b45950d8dc00a18ba93577308a4d0ebcbdcf2f9d4159f3308f76ea21c3008e2c7a43049de4b36294004ea3001293f135c4ec869c9f1d587ea4df94c75ca68c38c414018b2bc6b19857f233f0a33a509339fdb2fbb22837be7448c05935506ddb6204bddcae7069fa05f6735de1ce2dab05272f9e3f145f7259424bb2a5c47ea152291defdeed4636111c7919d88cea88216f2eceade6f814bf1bc73f8e1785adeab4ca44cdac7196e19d7c9cc613ce7691aa886874183ebe11f05d9bc6f3b7c7fb5b6a7fc27b047bd3c5271bc92f489f520b538d136cc1d8a0a21cf3ddc12a59af2ceb7129dc4d367eb847257d773a861e2f6a1f775f1e5eabab27a0b307d548461c66cd34370b6e4b15fa276b63cd26b0346d1122f911d43a87a9b53b49d7f33c28f2a4699ee2cf35af1060c9e22a9fc1599d9b869c12e39fd76adfc5ed3712d6933d94f43ccc65f5426859f85271b56cdd4c5c8f0b28133d7f6ccde878b4296f4af4d3cc73b5b471cebd544e56e97a117c0f01b4bf28d9ec9976e87a4b1f51509fc5dac165598032a0ce5e9595bdfdacd458008520f12de3a41689c32088d52bbd945ba9705a351a98ad845af42d893fb31aff58031a8dfb240a79eb2bec728c7711ecdd871d9e614aba1eab00aa7cd6924d0ad2cd5e3299ffceca519e6c6b4cda1795147ad6d7979a483cc5a64755e3f3d0a7d54abc157af0fecd25cee0fe7bcb77d6f96abddb17e7926626e3a09768ae030a0893b16deb7cdf143549c1b2935edc9f237ebedff298f581598bd266c295c889d1912560306ecd740af01666a5ca25f7706879071e2e02da64ed80af07d5a0372ec3db923eccf3ed23f985260fbdb5295c3096d148b5b0f61af73472f89ee8362dbfa3442a5bf08054dd8364be151af4b516532827909a897b6b81e43dd73c65f81ae4fd5fc6682b0521cd8212ae6084c737b849201694bac313b4c2d2ddb84783e02ecf7edaf1e3d5c7cf908dfc90c96fc1fd1f846f81eb4818d6f19abc1551013cfa76e0acfc60e229a2fca6f3822cf81904704e1318a6563c278eda7aa9c47c0c8f95f35ed9d7544b53320aae389e5447e19eb3f68cc5e1f34572a80333ecef3828cecc74835859deaa9cf2d32dc6850c0f84321398a8437ee914bee7ebef0be4565e810e8bd24383e48192ae07f1651ec7a31878934bec447634950fea9c568fc624b245cfb5e13a35c6cc6ea2d46e3a3227a839f35e51f11f355a7ccfd7226d05d059f16aeb3ff1eb719aeb4351d4108fd9f43bbcba637f7c44bd5bb1a191c7f9f30091705f76b37e57777a6b31a2c47fda3fc81f607d77d73a605e0bf08fef4af6c98ce47d32783d240dc7b185bb3994a09d3b2f403abe42e10c9dfe4488979aeab9fb57fb37686927916097d6b75abd2c16af0b91f5a0264ed1fff3074cea46e714659cdbc6df11524c6fd55235d642aa2ea0e333", 0x6f4}], 0x2}}], 0x1, 0x48010)

259.33071ms ago: executing program 0 (id=9484):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@private0, 0x8000000, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000180)={@empty, 0x8000000, 0x2, 0x3, 0x0, 0x0, 0x97}, 0x20)

0s ago: executing program 0 (id=9485):
socketpair(0x1, 0x1, 0x0, 0x0)
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r2=>0x0})
connect$can_bcm(r1, &(0x7f00000000c0)={0x1d, r2}, 0x10)
sendmsg$can_bcm(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="0100000003ece1e40ad8871461ab0800", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r0, @ANYBLOB="3bf81bb9f9"], 0x20000600}, 0x1, 0x0, 0x0, 0x40000}, 0x1)
sendmsg$can_bcm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[], 0x4640}, 0x2}, 0x0)

kernel console output (not intermixed with test programs):


[ 1024.209528][T32474]  ? clear_bhb_loop+0x40/0x90
[ 1024.209551][T32474]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1024.209569][T32474] RIP: 0033:0x7f7a8bb9cdd9
[ 1024.209587][T32474] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1024.209601][T32474] RSP: 002b:00007f7a8ca12028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1024.209621][T32474] RAX: ffffffffffffffda RBX: 00007f7a8be15fa0 RCX: 00007f7a8bb9cdd9
[ 1024.209635][T32474] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[ 1024.209647][T32474] RBP: 00007f7a8ca12090 R08: 0000000000000000 R09: 0000000000000000
[ 1024.209658][T32474] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1024.209670][T32474] R13: 00007f7a8be16038 R14: 00007f7a8be15fa0 R15: 00007ffd7c72bad8
[ 1024.209701][T32474]  </TASK>
[ 1024.566077][ T1107] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[ 1024.756207][T14932] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[ 1024.893212][T32488] FAULT_INJECTION: forcing a failure.
[ 1024.893212][T32488] name failslab, interval 1, probability 0, space 0, times 0
[ 1024.905909][T32488] CPU: 1 UID: 0 PID: 32488 Comm: syz.1.8539 Not tainted syzkaller #0 PREEMPT(full) 
[ 1024.905932][T32488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1024.905942][T32488] Call Trace:
[ 1024.905949][T32488]  <TASK>
[ 1024.905957][T32488]  dump_stack_lvl+0xe8/0x150
[ 1024.905982][T32488]  should_fail_ex+0x412/0x560
[ 1024.906010][T32488]  should_failslab+0xa8/0x100
[ 1024.906037][T32488]  ? skb_clone+0x212/0x3a0
[ 1024.906060][T32488]  kmem_cache_alloc_noprof+0x87/0x650
[ 1024.906084][T32488]  ? __bpf_redirect+0x9b4/0x12a0
[ 1024.906107][T32488]  skb_clone+0x212/0x3a0
[ 1024.906132][T32488]  bpf_clone_redirect+0x16a/0x4b0
[ 1024.906156][T32488]  ? bpf_test_run+0x1d1/0x830
[ 1024.906176][T32488]  bpf_prog_170f4aa34f32f3f3+0x5f/0x68
[ 1024.906195][T32488]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1024.906220][T32488]  ? arch_stack_walk+0xfb/0x150
[ 1024.906246][T32488]  ? ktime_get+0x45/0x220
[ 1024.906279][T32488]  ? ktime_get+0x45/0x220
[ 1024.906306][T32488]  ? seqcount_lockdep_reader_access+0xa9/0x100
[ 1024.906333][T32488]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1024.906352][T32488]  ? ktime_get+0x45/0x220
[ 1024.906375][T32488]  ? seqcount_lockdep_reader_access+0xea/0x100
[ 1024.906399][T32488]  ? bpf_test_run+0x1d1/0x830
[ 1024.906422][T32488]  ? bpf_test_timer_continue+0x10c/0x320
[ 1024.906448][T32488]  bpf_test_run+0x354/0x830
[ 1024.906490][T32488]  ? __pfx_bpf_test_run+0x10/0x10
[ 1024.906528][T32488]  ? eth_type_trans+0x348/0x7e0
[ 1024.906558][T32488]  ? skb_dst_set+0x72/0x140
[ 1024.906581][T32488]  bpf_prog_test_run_skb+0xe2c/0x2260
[ 1024.906623][T32488]  ? __fget_files+0x3a0/0x420
[ 1024.906643][T32488]  ? __fget_files+0x2a/0x420
[ 1024.906668][T32488]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 1024.906697][T32488]  bpf_prog_test_run+0x2c7/0x340
[ 1024.906719][T32488]  __sys_bpf+0x643/0x950
[ 1024.906746][T32488]  ? __pfx___sys_bpf+0x10/0x10
[ 1024.906787][T32488]  ? ksys_write+0x242/0x270
[ 1024.906813][T32488]  ? __pfx_ksys_write+0x10/0x10
[ 1024.906842][T32488]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1024.906862][T32488]  __x64_sys_bpf+0x7c/0x90
[ 1024.906887][T32488]  do_syscall_64+0x15f/0xf80
[ 1024.906907][T32488]  ? trace_irq_disable+0x3b/0x140
[ 1024.906932][T32488]  ? clear_bhb_loop+0x40/0x90
[ 1024.906955][T32488]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1024.906974][T32488] RIP: 0033:0x7f7a8bb9cdd9
[ 1024.906991][T32488] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1024.907006][T32488] RSP: 002b:00007f7a8ca12028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1024.907026][T32488] RAX: ffffffffffffffda RBX: 00007f7a8be15fa0 RCX: 00007f7a8bb9cdd9
[ 1024.907039][T32488] RDX: 000000000000002c RSI: 0000200000000080 RDI: 000000000000000a
[ 1024.907051][T32488] RBP: 00007f7a8ca12090 R08: 0000000000000000 R09: 0000000000000000
[ 1024.907061][T32488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1024.907071][T32488] R13: 00007f7a8be16038 R14: 00007f7a8be15fa0 R15: 00007ffd7c72bad8
[ 1024.907099][T32488]  </TASK>
[ 1025.409417][ T5626] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1025.422551][ T5626] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1025.434784][ T5626] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1025.447279][ T5626] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1025.455317][ T5626] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1025.465863][T32493] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8542'.
[ 1025.523956][T32493] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8542'.
[ 1025.626847][T32502] syzkaller0: entered promiscuous mode
[ 1025.657332][T32502] syzkaller0: entered allmulticast mode
[ 1025.672458][T14992] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[ 1025.685268][T14992] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[ 1025.905051][T14932] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[ 1026.164888][T32525] openvswitch: netlink: IP tunnel attribute has 5 unknown bytes.
[ 1026.392816][T32533] netlink: 204 bytes leftover after parsing attributes in process `syz.1.8552'.
[ 1027.560572][ T5626] Bluetooth: hci0: command tx timeout
[ 1028.469753][T32553] ip6gre2: entered promiscuous mode
[ 1028.488692][T32553] ip6gre2: entered allmulticast mode
[ 1028.602073][T32556] netlink: 32 bytes leftover after parsing attributes in process `syz.2.8557'.
[ 1028.626088][T32556] tipc: Invalid UDP bearer configuration
[ 1028.626135][T32556] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[ 1028.858521][T32496] lo speed is unknown, defaulting to 1000
[ 1029.064539][T32579] netlink: 'syz.1.8565': attribute type 1 has an invalid length.
[ 1029.633710][    C1] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[ 1029.634803][ T5626] Bluetooth: hci0: command tx timeout
[ 1029.747820][T32611] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8577'.
[ 1029.821046][T32616] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8578'.
[ 1029.881652][T32619] netlink: 'syz.0.8579': attribute type 4 has an invalid length.
[ 1029.924541][T32619] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8579'.
[ 1029.938198][T31605] block nbd2: NBD_DISCONNECT
[ 1029.949367][T32619] netlink: 24 bytes leftover after parsing attributes in process `syz.0.8579'.
[ 1029.966530][T31605] block nbd2: Disconnected due to user request.
[ 1029.989070][T31605] block nbd2: shutting down sockets
[ 1030.251576][T32632] netlink: 'syz.3.8580': attribute type 1 has an invalid length.
[ 1030.296300][T31605] udevd[31605]: inotify_add_watch(7, /dev/nbd2, 10) failed: No such file or directory
[ 1030.439220][T32496] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1030.453798][ T5735] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[ 1030.473409][T32496] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1030.485531][T32496] bridge_slave_0: entered allmulticast mode
[ 1030.497687][T32496] bridge_slave_0: entered promiscuous mode
[ 1030.511463][T32496] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1030.523689][T32496] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1030.530994][T32496] bridge_slave_1: entered allmulticast mode
[ 1030.538934][T32496] bridge_slave_1: entered promiscuous mode
[ 1030.630484][T32496] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1030.703527][T32496] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1030.789018][T32651] netlink: 68 bytes leftover after parsing attributes in process `syz.0.8586'.
[ 1030.839125][T32496] team0: Port device team_slave_0 added
[ 1030.854510][T14946] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[ 1030.868255][T32496] team0: Port device team_slave_1 added
[ 1030.975270][T32496] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1030.982362][T32496] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1031.022738][T32496] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1031.052715][T32496] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1031.062987][T32496] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1031.099155][T32496] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1031.141359][T32661] dvmrp6: entered allmulticast mode
[ 1031.256820][T32496] hsr_slave_0: entered promiscuous mode
[ 1031.284010][T32496] hsr_slave_1: entered promiscuous mode
[ 1031.290555][T32496] debugfs: 'hsr0' already exists in 'hsr'
[ 1031.296909][T32496] Cannot create hsr debugfs directory
[ 1031.347000][T32669] netlink: 28 bytes leftover after parsing attributes in process `syz.0.8594'.
[ 1031.356973][T32669] netlink: 28 bytes leftover after parsing attributes in process `syz.0.8594'.
[ 1031.374380][T14946] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[ 1031.428582][T32671] netlink: 'syz.3.8592': attribute type 16 has an invalid length.
[ 1031.451443][T32671] netlink: 'syz.3.8592': attribute type 17 has an invalid length.
[ 1031.625602][T32671] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[ 1031.714827][ T5626] Bluetooth: hci0: command tx timeout
[ 1031.784499][T32688] netlink: 'syz.3.8599': attribute type 1 has an invalid length.
[ 1031.836919][T32692] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8599'.
[ 1031.850569][T32688] bond7: entered promiscuous mode
[ 1031.856106][T32688] 8021q: adding VLAN 0 to HW filter on device bond7
[ 1031.887303][T32688] netlink: 56 bytes leftover after parsing attributes in process `syz.3.8599'.
[ 1031.909848][T32694] syzkaller1: entered promiscuous mode
[ 1031.924997][T32694] syzkaller1: entered allmulticast mode
[ 1031.958973][T32688] bond7: (slave bridge6): making interface the new active one
[ 1031.968073][T32688] bridge6: entered promiscuous mode
[ 1031.975248][T32688] bond7: (slave bridge6): Enslaving as an active interface with an up link
[ 1032.168950][T32705] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8603'.
[ 1032.179547][T32705] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8603'.
[ 1032.273878][T14946] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[ 1032.296565][T32715] syzkaller0: entered promiscuous mode
[ 1032.302096][T32715] syzkaller0: entered allmulticast mode
[ 1032.380660][T32717] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8605'.
[ 1032.426939][T32717] 8021q: adding VLAN 0 to HW filter on device bond6
[ 1032.475330][T32722] 8021q: adding VLAN 0 to HW filter on device batadv1
[ 1032.519082][T32722] bond6: (slave batadv1): Enslaving as an active interface with an up link
[ 1032.628747][T32729] netlink: 1084 bytes leftover after parsing attributes in process `syz.3.8611'.
[ 1032.640355][T32496] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1032.653440][T32496] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 1032.663101][T32496] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1032.675195][T32496] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 1032.683234][T32496] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1032.695644][T32496] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 1032.706882][T32496] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1032.718436][T32496] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 1032.839046][T32742] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8613'.
[ 1032.846849][T32496] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1032.874707][T32496] 8021q: adding VLAN 0 to HW filter on device team0
[ 1032.888585][ T1107] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1032.895746][ T1107] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1032.948535][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1032.955756][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1033.472219][  T304] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1033.794446][ T5626] Bluetooth: hci0: command tx timeout
[ 1033.889589][T32496] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1034.141891][  T337] IPVS: Error connecting to the multicast addr
[ 1034.158682][  T341] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1034.194735][  T344] FAULT_INJECTION: forcing a failure.
[ 1034.194735][  T344] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1034.237583][  T344] CPU: 1 UID: 0 PID: 344 Comm: syz.3.8635 Not tainted syzkaller #0 PREEMPT(full) 
[ 1034.237607][  T344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1034.237618][  T344] Call Trace:
[ 1034.237626][  T344]  <TASK>
[ 1034.237634][  T344]  dump_stack_lvl+0xe8/0x150
[ 1034.237661][  T344]  should_fail_ex+0x412/0x560
[ 1034.237689][  T344]  _copy_from_user+0x2d/0xb0
[ 1034.237715][  T344]  ___sys_sendmsg+0x1c6/0x360
[ 1034.237739][  T344]  ? __lock_acquire+0x6b5/0x2cf0
[ 1034.237763][  T344]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1034.237823][  T344]  ? __fget_files+0x2a/0x420
[ 1034.237844][  T344]  ? __fget_files+0x3a0/0x420
[ 1034.237874][  T344]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1034.237899][  T344]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1034.237930][  T344]  ? __pfx_ksys_write+0x10/0x10
[ 1034.237963][  T344]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1034.237983][  T344]  do_syscall_64+0x15f/0xf80
[ 1034.238003][  T344]  ? trace_irq_disable+0x3b/0x140
[ 1034.238029][  T344]  ? clear_bhb_loop+0x40/0x90
[ 1034.238051][  T344]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1034.238070][  T344] RIP: 0033:0x7f4a40b9cdd9
[ 1034.238087][  T344] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1034.238102][  T344] RSP: 002b:00007f4a419a1028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1034.238120][  T344] RAX: ffffffffffffffda RBX: 00007f4a40e15fa0 RCX: 00007f4a40b9cdd9
[ 1034.238133][  T344] RDX: 0000000000000090 RSI: 00002000000002c0 RDI: 0000000000000003
[ 1034.238145][  T344] RBP: 00007f4a419a1090 R08: 0000000000000000 R09: 0000000000000000
[ 1034.238156][  T344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1034.238168][  T344] R13: 00007f4a40e16038 R14: 00007f4a40e15fa0 R15: 00007ffe020936d8
[ 1034.238197][  T344]  </TASK>
[ 1034.521953][  T355] netlink: 'syz.0.8638': attribute type 21 has an invalid length.
[ 1034.764588][T32496] veth0_vlan: entered promiscuous mode
[ 1034.829406][T32496] veth1_vlan: entered promiscuous mode
[ 1034.953244][T32496] veth0_macvtap: entered promiscuous mode
[ 1034.982604][T32496] veth1_macvtap: entered promiscuous mode
[ 1035.772896][T32496] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1035.809970][  T390] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check.
[ 1035.853041][  T392] __nla_validate_parse: 12 callbacks suppressed
[ 1035.853059][  T392] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8649'.
[ 1035.896397][T32496] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1035.927522][T14990] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1035.949389][  T396] netlink: 'syz.3.8650': attribute type 3 has an invalid length.
[ 1035.956492][T14990] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1035.966331][  T396] netlink: 'syz.3.8650': attribute type 1 has an invalid length.
[ 1035.966350][  T396] netlink: 232 bytes leftover after parsing attributes in process `syz.3.8650'.
[ 1036.040255][T14990] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1036.062349][T14990] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1036.395657][  T411] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8655'.
[ 1036.517759][  T420] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8657'.
[ 1036.853428][T14992] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1036.902859][T14992] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1037.116298][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1037.174231][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1037.358056][  T448] tipc: Started in network mode
[ 1037.368627][  T448] tipc: Node identity 4a4a9a57c268, cluster identity 4711
[ 1037.383100][  T448] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1037.405689][  T452] netlink: 204 bytes leftover after parsing attributes in process `syz.0.8661'.
[ 1037.439292][  T448] syzkaller0: entered promiscuous mode
[ 1037.445457][  T448] syzkaller0: entered allmulticast mode
[ 1037.455886][  T448] tipc: Resetting bearer <eth:syzkaller0>
[ 1037.487495][  T446] tipc: Resetting bearer <eth:syzkaller0>
[ 1037.810923][T16461] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1037.822015][T16461] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1037.833028][T16461] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1037.843348][T16461] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1037.852906][T16461] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1039.957331][ T5626] Bluetooth: hci5: command tx timeout
[ 1040.497797][  T446] tipc: Disabling bearer <eth:syzkaller0>
[ 1040.507415][  T460] batadv_slave_0: entered promiscuous mode
[ 1040.513243][  T460] batadv_slave_0: entered allmulticast mode
[ 1040.533158][T29334] tipc: Node number set to 2283969111
[ 1041.011228][  T456] lo speed is unknown, defaulting to 1000
[ 1041.219004][  T506] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8677'.
[ 1041.248243][  T500] netlink: 212348 bytes leftover after parsing attributes in process `syz.1.8675'.
[ 1041.274340][  T500] netlink: Unknown conntrack attr (0)
[ 1041.492706][  T505] lo speed is unknown, defaulting to 1000
[ 1041.500864][  T522] netlink: 'syz.4.8684': attribute type 21 has an invalid length.
[ 1041.538034][  T522] netlink: 156 bytes leftover after parsing attributes in process `syz.4.8684'.
[ 1041.556442][  T522] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8684'.
[ 1041.904577][ T5728] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[ 1042.034722][ T5626] Bluetooth: hci5: command tx timeout
[ 1042.199857][  T538] netlink: 44 bytes leftover after parsing attributes in process `syz.2.8688'.
[ 1042.388489][  T456] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1042.396137][  T456] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1042.397845][ T5728] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[ 1042.403352][  T456] bridge_slave_0: entered allmulticast mode
[ 1042.419684][  T456] bridge_slave_0: entered promiscuous mode
[ 1042.428489][  T456] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1042.438541][  T456] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1042.463876][  T456] bridge_slave_1: entered allmulticast mode
[ 1042.471683][  T456] bridge_slave_1: entered promiscuous mode
[ 1042.508267][  T550] netlink: 'syz.4.8692': attribute type 13 has an invalid length.
[ 1042.685826][  T456] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1042.718886][  T456] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1042.754246][    C1] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[ 1042.794013][  T555] netlink: 'syz.3.8693': attribute type 1 has an invalid length.
[ 1042.881409][  T456] team0: Port device team_slave_0 added
[ 1042.935469][  T456] team0: Port device team_slave_1 added
[ 1042.981888][  T573] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8696'.
[ 1042.982910][  T574] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8697'.
[ 1043.020123][  T456] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1043.027849][  T456] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1043.092592][  T456] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1043.140974][  T456] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1043.167937][  T456] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1043.219163][  T456] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1043.256954][  T589] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8700'.
[ 1043.405341][  T456] hsr_slave_0: entered promiscuous mode
[ 1043.416969][  T456] hsr_slave_1: entered promiscuous mode
[ 1043.417438][ T5728] ip6_tunnel: ip6gretap3 xmit: Local address not yet configured!
[ 1043.433203][  T456] debugfs: 'hsr0' already exists in 'hsr'
[ 1043.441038][  T456] Cannot create hsr debugfs directory
[ 1043.656593][  T606] netlink: 'syz.4.8706': attribute type 11 has an invalid length.
[ 1043.768121][  T186] ip6_tunnel: ip6gretap3 xmit: Local address not yet configured!
[ 1043.803000][  T602] syzkaller0: create flow: hash 3965443817 index 1
[ 1044.044358][  T601] syzkaller0: delete flow: hash 3965443817 index 1
[ 1044.055654][  T632] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8716'.
[ 1044.117237][ T5626] Bluetooth: hci5: command tx timeout
[ 1044.119193][ T5728] ip6_tunnel: ip6gretap3 xmit: Local address not yet configured!
[ 1044.901194][  T648] netlink: 24 bytes leftover after parsing attributes in process `syz.1.8718'.
[ 1045.079193][  T651] netlink: 'syz.1.8719': attribute type 11 has an invalid length.
[ 1046.203242][ T5626] Bluetooth: hci5: command tx timeout
[ 1046.421673][T14992] ip6_tunnel: ip6gretap3 xmit: Local address not yet configured!
[ 1046.440100][T14992] ip6_tunnel: ip6gretap3 xmit: Local address not yet configured!
[ 1046.559147][  T456] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1046.728889][  T456] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1047.103127][  T456] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1047.218594][  T456] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1047.235258][T14932] ip6_tunnel: ip6gretap3 xmit: Local address not yet configured!
[ 1047.258209][  T681] netlink: 'syz.2.8730': attribute type 1 has an invalid length.
[ 1047.302253][  T681] 8021q: adding VLAN 0 to HW filter on device bond8
[ 1047.319686][  T681] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8730'.
[ 1047.329056][  T681] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8730'.
[ 1047.340720][  T681] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8730'.
[ 1047.363159][  T681] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8730'.
[ 1047.541990][  T688] syzkaller0: create flow: hash 3965443817 index 1
[ 1047.581882][  T687] syzkaller0: delete flow: hash 3965443817 index 1
[ 1050.393280][  T456] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1050.403316][  T456] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 1050.411354][  T456] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1050.421579][  T456] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 1050.430197][  T456] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1050.437590][    C1] ip6_tunnel: ip6gretap3 xmit: Local address not yet configured!
[ 1050.464252][  T456] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 1050.536850][  T456] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1050.549693][  T456] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 1050.755841][T29334] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[ 1050.829290][  T456] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1050.889870][  T762] netlink: 'syz.3.8750': attribute type 1 has an invalid length.
[ 1050.892739][  T456] 8021q: adding VLAN 0 to HW filter on device team0
[ 1050.945847][  T762] bond8: entered promiscuous mode
[ 1050.951348][  T762] 8021q: adding VLAN 0 to HW filter on device bond8
[ 1050.968487][ T1107] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1050.975665][ T1107] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1050.994684][ T1107] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1051.001850][ T1107] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1051.003916][  T763] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8751'.
[ 1051.026252][T29335] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[ 1051.076489][  T762] bond8: (slave bridge7): making interface the new active one
[ 1051.084501][  T762] bridge7: entered promiscuous mode
[ 1051.090599][  T762] bond8: (slave bridge7): Enslaving as an active interface with an up link
[ 1051.217258][  T771] syzkaller0: create flow: hash 3965443817 index 1
[ 1051.266921][  T770] syzkaller0: delete flow: hash 3965443817 index 1
[ 1051.282184][  T779] FAULT_INJECTION: forcing a failure.
[ 1051.282184][  T779] name failslab, interval 1, probability 0, space 0, times 0
[ 1051.296035][  T779] CPU: 0 UID: 0 PID: 779 Comm: syz.1.8756 Not tainted syzkaller #0 PREEMPT(full) 
[ 1051.296058][  T779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1051.296070][  T779] Call Trace:
[ 1051.296078][  T779]  <TASK>
[ 1051.296087][  T779]  dump_stack_lvl+0xe8/0x150
[ 1051.296114][  T779]  should_fail_ex+0x412/0x560
[ 1051.296141][  T779]  should_failslab+0xa8/0x100
[ 1051.296167][  T779]  ? skb_clone+0x212/0x3a0
[ 1051.296191][  T779]  kmem_cache_alloc_noprof+0x87/0x650
[ 1051.296225][  T779]  skb_clone+0x212/0x3a0
[ 1051.296246][  T779]  ? netlink_trim+0x166/0x2c0
[ 1051.296269][  T779]  netlink_trim+0x17d/0x2c0
[ 1051.296291][  T779]  netlink_broadcast_filtered+0x80/0xeb0
[ 1051.296312][  T779]  ? nfnl_pernet+0x23/0x240
[ 1051.296338][  T779]  ? nfnl_pernet+0x23/0x240
[ 1051.296357][  T779]  ? nfnl_pernet+0x23/0x240
[ 1051.296384][  T779]  nlmsg_notify+0xf0/0x1a0
[ 1051.296410][  T779]  nf_tables_commit+0x924a/0xa7b0
[ 1051.296468][  T779]  ? __pfx_nf_tables_commit+0x10/0x10
[ 1051.296497][  T779]  ? __free_frozen_pages+0x749/0xd30
[ 1051.296529][  T779]  ? nf_tables_newrule+0x2590/0x28b0
[ 1051.296571][  T779]  ? __pfx_nf_tables_newrule+0x10/0x10
[ 1051.296595][  T779]  ? nfnl_pernet+0x23/0x240
[ 1051.296636][  T779]  nfnetlink_rcv+0x1c19/0x27b0
[ 1051.296690][  T779]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 1051.296764][  T779]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1051.296796][  T779]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1051.296818][  T779]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1051.296845][  T779]  netlink_unicast+0x75c/0x8e0
[ 1051.296875][  T779]  netlink_sendmsg+0x813/0xb40
[ 1051.296907][  T779]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1051.296933][  T779]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1051.296957][  T779]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1051.296983][  T779]  ____sys_sendmsg+0x972/0x9f0
[ 1051.297006][  T779]  ? __might_fault+0xaf/0x130
[ 1051.297033][  T779]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1051.297064][  T779]  ? import_iovec+0x73/0xa0
[ 1051.297093][  T779]  ___sys_sendmsg+0x2a5/0x360
[ 1051.297114][  T779]  ? __lock_acquire+0x6b5/0x2cf0
[ 1051.297138][  T779]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1051.297197][  T779]  ? __fget_files+0x2a/0x420
[ 1051.297217][  T779]  ? __fget_files+0x3a0/0x420
[ 1051.297248][  T779]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1051.297275][  T779]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1051.297307][  T779]  ? __pfx_ksys_write+0x10/0x10
[ 1051.297341][  T779]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1051.297361][  T779]  do_syscall_64+0x15f/0xf80
[ 1051.297382][  T779]  ? trace_irq_disable+0x3b/0x140
[ 1051.297408][  T779]  ? clear_bhb_loop+0x40/0x90
[ 1051.297431][  T779]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1051.297449][  T779] RIP: 0033:0x7f7a8bb9cdd9
[ 1051.297466][  T779] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1051.297481][  T779] RSP: 002b:00007f7a8ca12028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1051.297501][  T779] RAX: ffffffffffffffda RBX: 00007f7a8be15fa0 RCX: 00007f7a8bb9cdd9
[ 1051.297514][  T779] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[ 1051.297526][  T779] RBP: 00007f7a8ca12090 R08: 0000000000000000 R09: 0000000000000000
[ 1051.297538][  T779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1051.297549][  T779] R13: 00007f7a8be16038 R14: 00007f7a8be15fa0 R15: 00007ffd7c72bad8
[ 1051.297580][  T779]  </TASK>
[ 1053.908886][  T809] FAULT_INJECTION: forcing a failure.
[ 1053.908886][  T809] name failslab, interval 1, probability 0, space 0, times 0
[ 1053.943858][  T809] CPU: 1 UID: 0 PID: 809 Comm: syz.2.8769 Not tainted syzkaller #0 PREEMPT(full) 
[ 1053.943901][  T809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1053.943919][  T809] Call Trace:
[ 1053.943927][  T809]  <TASK>
[ 1053.943935][  T809]  dump_stack_lvl+0xe8/0x150
[ 1053.943961][  T809]  should_fail_ex+0x412/0x560
[ 1053.943988][  T809]  should_failslab+0xa8/0x100
[ 1053.944017][  T809]  kmem_cache_alloc_node_noprof+0x8f/0x690
[ 1053.944042][  T809]  ? __alloc_skb+0x186/0x7d0
[ 1053.944062][  T809]  ? __alloc_skb+0x1d0/0x7d0
[ 1053.944079][  T809]  ? __local_bh_enable_ip+0xd0/0x130
[ 1053.944103][  T809]  __alloc_skb+0x1d0/0x7d0
[ 1053.944128][  T809]  netlink_sendmsg+0x5d4/0xb40
[ 1053.944161][  T809]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1053.944186][  T809]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1053.944209][  T809]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1053.944237][  T809]  ____sys_sendmsg+0x972/0x9f0
[ 1053.944269][  T809]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1053.944300][  T809]  ? import_iovec+0x73/0xa0
[ 1053.944329][  T809]  ___sys_sendmsg+0x2a5/0x360
[ 1053.944351][  T809]  ? __lock_acquire+0x6b5/0x2cf0
[ 1053.944376][  T809]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1053.944439][  T809]  ? __fget_files+0x2a/0x420
[ 1053.944461][  T809]  ? __fget_files+0x3a0/0x420
[ 1053.944492][  T809]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1053.944518][  T809]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1053.944549][  T809]  ? __pfx_ksys_write+0x10/0x10
[ 1053.944580][  T809]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1053.944600][  T809]  do_syscall_64+0x15f/0xf80
[ 1053.944620][  T809]  ? trace_irq_disable+0x3b/0x140
[ 1053.944646][  T809]  ? clear_bhb_loop+0x40/0x90
[ 1053.944669][  T809]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1053.944687][  T809] RIP: 0033:0x7f502279cdd9
[ 1053.944704][  T809] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1053.944720][  T809] RSP: 002b:00007f5023716028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1053.944740][  T809] RAX: ffffffffffffffda RBX: 00007f5022a15fa0 RCX: 00007f502279cdd9
[ 1053.944753][  T809] RDX: 0000000000008880 RSI: 0000200000000140 RDI: 0000000000000003
[ 1053.944766][  T809] RBP: 00007f5023716090 R08: 0000000000000000 R09: 0000000000000000
[ 1053.944777][  T809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1053.944789][  T809] R13: 00007f5022a16038 R14: 00007f5022a15fa0 R15: 00007ffd9369b438
[ 1053.944818][  T809]  </TASK>
[ 1054.693167][  T847] netlink: 16 bytes leftover after parsing attributes in process `syz.4.8778'.
[ 1054.733230][  T456] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1054.842286][  T851] syzkaller0: create flow: hash 3965443817 index 1
[ 1054.957845][  T850] syzkaller0: delete flow: hash 3965443817 index 1
[ 1055.125290][  T827] Bluetooth: hci1: Opcode 0x0401 failed: -4
[ 1056.433653][ T5626] Bluetooth: hci1: command 0x0405 tx timeout
[ 1057.957588][  T456] veth0_vlan: entered promiscuous mode
[ 1058.010079][  T456] veth1_vlan: entered promiscuous mode
[ 1058.054337][  T874] FAULT_INJECTION: forcing a failure.
[ 1058.054337][  T874] name failslab, interval 1, probability 0, space 0, times 0
[ 1058.104806][  T874] CPU: 0 UID: 0 PID: 874 Comm: syz.2.8786 Not tainted syzkaller #0 PREEMPT(full) 
[ 1058.104832][  T874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1058.104843][  T874] Call Trace:
[ 1058.104851][  T874]  <TASK>
[ 1058.104859][  T874]  dump_stack_lvl+0xe8/0x150
[ 1058.104899][  T874]  should_fail_ex+0x412/0x560
[ 1058.104926][  T874]  should_failslab+0xa8/0x100
[ 1058.104953][  T874]  __kmalloc_cache_noprof+0x88/0x660
[ 1058.104978][  T874]  ? sctp_copy_local_addr_list+0xa4/0x4f0
[ 1058.105005][  T874]  ? sctp_add_bind_addr+0x8c/0x370
[ 1058.105031][  T874]  sctp_add_bind_addr+0x8c/0x370
[ 1058.105056][  T874]  sctp_copy_local_addr_list+0x314/0x4f0
[ 1058.105083][  T874]  ? sctp_copy_local_addr_list+0xa4/0x4f0
[ 1058.105104][  T874]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[ 1058.105126][  T874]  ? sctp_v6_is_any+0x64/0x80
[ 1058.105150][  T874]  ? sctp_copy_one_addr+0x93/0x360
[ 1058.105175][  T874]  sctp_bind_addr_copy+0xb3/0x3c0
[ 1058.105195][  T874]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[ 1058.105218][  T874]  sctp_connect_new_asoc+0x2ff/0x6b0
[ 1058.105246][  T874]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[ 1058.105282][  T874]  ? __local_bh_enable_ip+0xd0/0x130
[ 1058.105299][  T874]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[ 1058.105320][  T874]  ? security_sctp_bind_connect+0x7e/0x2c0
[ 1058.105343][  T874]  sctp_sendmsg+0x1528/0x2c10
[ 1058.105363][  T874]  ? unwind_next_frame+0xa6/0x2550
[ 1058.105397][  T874]  ? __pfx_sctp_sendmsg+0x10/0x10
[ 1058.105425][  T874]  ? aa_sk_perm+0x6d5/0x900
[ 1058.105449][  T874]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1058.105471][  T874]  ? sock_rps_record_flow+0x19/0x350
[ 1058.105497][  T874]  ? inet_sendmsg+0x2f4/0x370
[ 1058.105525][  T874]  ____sys_sendmsg+0x80a/0x9f0
[ 1058.105557][  T874]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1058.105587][  T874]  ? import_iovec+0x73/0xa0
[ 1058.105614][  T874]  ___sys_sendmsg+0x2a5/0x360
[ 1058.105633][  T874]  ? __lock_acquire+0x6b5/0x2cf0
[ 1058.105657][  T874]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1058.105713][  T874]  ? __fget_files+0x2a/0x420
[ 1058.105731][  T874]  ? __fget_files+0x3a0/0x420
[ 1058.105761][  T874]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1058.105784][  T874]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1058.105817][  T874]  ? __pfx_ksys_write+0x10/0x10
[ 1058.105848][  T874]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1058.105867][  T874]  do_syscall_64+0x15f/0xf80
[ 1058.105886][  T874]  ? trace_irq_disable+0x3b/0x140
[ 1058.105911][  T874]  ? clear_bhb_loop+0x40/0x90
[ 1058.105932][  T874]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1058.105950][  T874] RIP: 0033:0x7f502279cdd9
[ 1058.105967][  T874] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1058.105982][  T874] RSP: 002b:00007f5023716028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1058.106002][  T874] RAX: ffffffffffffffda RBX: 00007f5022a15fa0 RCX: 00007f502279cdd9
[ 1058.106015][  T874] RDX: 0000000000040040 RSI: 00002000000003c0 RDI: 0000000000000004
[ 1058.106026][  T874] RBP: 00007f5023716090 R08: 0000000000000000 R09: 0000000000000000
[ 1058.106038][  T874] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1058.106049][  T874] R13: 00007f5022a16038 R14: 00007f5022a15fa0 R15: 00007ffd9369b438
[ 1058.106078][  T874]  </TASK>
[ 1058.126746][  T456] veth0_macvtap: entered promiscuous mode
[ 1058.459136][  T456] veth1_macvtap: entered promiscuous mode
[ 1058.483723][  T456] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1058.552171][  T456] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1058.678596][ T1115] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1058.687504][ T1115] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1058.700405][ T1115] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1058.701286][  T893] syzkaller0: create flow: hash 3965443817 index 1
[ 1058.710883][ T1115] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1058.753772][    C1] ip6_tunnel: ip6gretap3 xmit: Local address not yet configured!
[ 1058.768535][  T892] syzkaller0: delete flow: hash 3965443817 index 1
[ 1059.005759][  T910] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8799'.
[ 1059.056644][  T911] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8799'.
[ 1061.188844][  T910] team1: entered promiscuous mode
[ 1061.203652][  T910] team1: entered allmulticast mode
[ 1061.217279][  T910] 8021q: adding VLAN 0 to HW filter on device team1
[ 1061.250388][  T911] team2: entered promiscuous mode
[ 1061.259048][  T911] team2: entered allmulticast mode
[ 1061.266480][  T911] 8021q: adding VLAN 0 to HW filter on device team2
[ 1061.582041][ T1125] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1061.591964][  T924] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8804'.
[ 1061.601983][ T1125] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1061.618118][  T924] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8804'.
[ 1061.630985][  T924] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8804'.
[ 1061.648804][  T924] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8804'.
[ 1061.662290][  T924] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8804'.
[ 1061.674513][  T924] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8804'.
[ 1061.685196][  T924] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8804'.
[ 1061.699314][  T924] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8804'.
[ 1061.710951][  T924] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8804'.
[ 1061.724528][  T924] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8804'.
[ 1061.741218][  T924] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1061.750055][  T924] 8021q: adding VLAN 0 to HW filter on device team0
[ 1061.760502][  T924] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1061.788264][  T924] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1061.798651][  T924] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1061.810458][  T924] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1061.821547][  T924] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1061.837256][  T924] veth1_macvtap: left promiscuous mode
[ 1061.843967][  T924] veth0_macvtap: left promiscuous mode
[ 1061.850258][  T924] veth0_macvtap: entered promiscuous mode
[ 1061.857091][  T924] veth1_macvtap: entered promiscuous mode
[ 1061.869013][  T924] mac80211_hwsim hwsim128 wlan1: entered promiscuous mode
[ 1061.877994][  T924] batman_adv: batadv0: Interface activated: macvtap1
[ 1061.888267][  T924] 8021q: adding VLAN 0 to HW filter on device eth0
[ 1061.897427][  T924] 8021q: adding VLAN 0 to HW filter on device eth1
[ 1061.905576][  T924] 8021q: adding VLAN 0 to HW filter on device eth2
[ 1061.913798][  T924] 8021q: adding VLAN 0 to HW filter on device eth3
[ 1061.922639][  T924] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1061.930095][  T924] ip6gre1: left promiscuous mode
[ 1061.935252][  T924] ip6gre1: left allmulticast mode
[ 1061.943012][  T924] ip6tnl1: left allmulticast mode
[ 1061.958109][  T924] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1061.970068][  T924] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1061.978826][  T924] 8021q: adding VLAN 0 to HW filter on device bond4
[ 1061.992955][  T924] mac80211_hwsim hwsim127 wlan0: entered promiscuous mode
[ 1062.014454][T14932] ip6_tunnel: ip6gretap3 xmit: Local address not yet configured!
[ 1062.035732][T25599] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1062.042950][T25599] bridge0: port 1(bridge_slave_0) entered listening state
[ 1062.080730][  T934] pim6reg1: entered promiscuous mode
[ 1062.086720][  T934] pim6reg1: entered allmulticast mode
[ 1062.098467][ T1107] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1062.117980][ T1107] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1062.159220][  T939] netlink: 'syz.2.8807': attribute type 11 has an invalid length.
[ 1062.230789][ T1107] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1062.253454][ T1125] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1062.271928][ T1107] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1062.295126][ T1125] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1062.297695][T29334] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[ 1062.327827][  T967] netlink: 'syz.1.8809': attribute type 1 has an invalid length.
[ 1062.341490][   T12] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[ 1062.362682][  T967] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1062.462871][  T975] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check.
[ 1062.653908][ T5735] ip6_tunnel: ip6gretap3 xmit: Local address not yet configured!
[ 1062.871455][T16461] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1062.891456][T16461] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1062.900624][T16461] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1062.912188][T16461] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1062.922995][T16461] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1063.270575][ T5735] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[ 1063.589031][  T186] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[ 1063.613102][  T186] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[ 1063.654672][ T1015] pim6reg1: entered promiscuous mode
[ 1063.669486][ T1015] pim6reg1: entered allmulticast mode
[ 1063.790441][ T1015] xfrm0: entered promiscuous mode
[ 1063.804860][ T1015] xfrm0: entered allmulticast mode
[ 1063.860937][  T991] lo speed is unknown, defaulting to 1000
[ 1064.407511][ T1057] netlink: 'syz.1.8840': attribute type 1 has an invalid length.
[ 1064.625936][ T1072] batadv0: entered promiscuous mode
[ 1064.665700][ T1072] macvlan1: entered allmulticast mode
[ 1064.671173][ T1072] batadv0: entered allmulticast mode
[ 1064.679352][ T1072] 8021q: adding VLAN 0 to HW filter on device macvlan1
[ 1064.688599][ T1072] batadv0: left allmulticast mode
[ 1064.693675][T14941] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[ 1064.701687][ T1072] batadv0: left promiscuous mode
[ 1064.994656][ T5626] Bluetooth: hci2: command tx timeout
[ 1065.181719][  T991] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1065.189296][  T991] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1065.197489][  T991] bridge_slave_0: entered allmulticast mode
[ 1065.205707][  T991] bridge_slave_0: entered promiscuous mode
[ 1065.220767][  T991] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1065.228445][  T991] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1065.237314][  T991] bridge_slave_1: entered allmulticast mode
[ 1065.245319][  T991] bridge_slave_1: entered promiscuous mode
[ 1065.309802][ T1117] netlink: 'syz.1.8853': attribute type 1 has an invalid length.
[ 1065.335629][  T991] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1065.367427][  T991] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1065.479162][  T991] team0: Port device team_slave_0 added
[ 1065.510287][  T991] team0: Port device team_slave_1 added
[ 1065.635096][  T991] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1065.654530][  T991] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1065.701080][ T1124] netlink: 'syz.1.8854': attribute type 1 has an invalid length.
[ 1065.709730][ T1124] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1065.733250][  T991] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1065.769948][  T991] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1065.784202][  T991] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1065.840864][  T991] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1065.911179][  T991] hsr_slave_0: entered promiscuous mode
[ 1065.918702][  T991] hsr_slave_1: entered promiscuous mode
[ 1065.925778][  T991] debugfs: 'hsr0' already exists in 'hsr'
[ 1065.931763][  T991] Cannot create hsr debugfs directory
[ 1066.553530][ T1135] netlink: 'syz.4.8859': attribute type 11 has an invalid length.
[ 1066.613231][ T1139] __nla_validate_parse: 87 callbacks suppressed
[ 1066.613249][ T1139] netlink: 24 bytes leftover after parsing attributes in process `syz.0.8860'.
[ 1066.665279][ T1139] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8860'.
[ 1066.718315][ T1139] bond0: (slave bond_slave_1): Releasing backup interface
[ 1066.795381][  T991] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1066.817902][  T991] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 1066.827441][  T991] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1066.858582][  T991] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 1066.879937][ T1145] netlink: 'syz.1.8863': attribute type 1 has an invalid length.
[ 1066.891901][  T991] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1066.906484][ T1145] netlink: 224 bytes leftover after parsing attributes in process `syz.1.8863'.
[ 1066.927359][  T991] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 1066.936529][  T991] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1066.950896][  T991] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 1066.972615][ T1138] netlink: 'syz.3.8861': attribute type 10 has an invalid length.
[ 1067.057819][ T1162] netlink: 76 bytes leftover after parsing attributes in process `syz.1.8867'.
[ 1067.074484][ T5626] Bluetooth: hci2: command tx timeout
[ 1067.088822][ T1162] netlink: 52 bytes leftover after parsing attributes in process `syz.1.8867'.
[ 1067.174641][ T1162] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1067.260682][  T991] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1067.301295][  T991] 8021q: adding VLAN 0 to HW filter on device team0
[ 1067.344762][  T186] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1067.351951][  T186] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1067.407948][  T186] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1067.415124][  T186] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1067.459019][ T1171] netlink: 48 bytes leftover after parsing attributes in process `syz.1.8869'.
[ 1067.722927][ T1178] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8872'.
[ 1067.754744][ T1180] netlink: 'syz.1.8873': attribute type 11 has an invalid length.
[ 1067.775334][ T1182] netlink: 'syz.0.8871': attribute type 1 has an invalid length.
[ 1067.794338][    C0] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[ 1067.804127][ T1182] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1068.016293][ T1188] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8875'.
[ 1068.070295][ T1192] netlink: 'syz.3.8876': attribute type 1 has an invalid length.
[ 1068.091518][ T1192] netlink: 224 bytes leftover after parsing attributes in process `syz.3.8876'.
[ 1068.269756][ T1197] can: request_module (can-proto-3) failed.
[ 1068.309235][ T1202] netlink: 'syz.4.8877': attribute type 11 has an invalid length.
[ 1068.398538][  T991] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1068.478064][  T991] veth0_vlan: entered promiscuous mode
[ 1068.566319][  T991] veth1_vlan: entered promiscuous mode
[ 1068.651741][ T1218] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check.
[ 1068.666269][ T1220] netlink: 'syz.0.8884': attribute type 11 has an invalid length.
[ 1068.690534][  T991] veth0_macvtap: entered promiscuous mode
[ 1068.731967][  T991] veth1_macvtap: entered promiscuous mode
[ 1068.782723][  T991] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1068.812574][  T991] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1068.859590][ T1115] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1068.872070][ T1115] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1068.897412][ T1115] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1068.922468][ T1115] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1068.927084][ T1228] netlink: 'syz.0.8888': attribute type 1 has an invalid length.
[ 1068.941796][ T1228] netlink: 224 bytes leftover after parsing attributes in process `syz.0.8888'.
[ 1069.155338][ T5626] Bluetooth: hci2: command tx timeout
[ 1069.169612][ T1240] netlink: 'syz.0.8892': attribute type 12 has an invalid length.
[ 1069.197010][ T1125] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1069.213822][ T1125] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1069.296991][ T1115] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1069.316944][ T1115] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1069.374914][ T1246] netlink: 'syz.3.8894': attribute type 4 has an invalid length.
[ 1069.424812][ T1242] syzkaller0: create flow: hash 3965443817 index 1
[ 1069.462706][ T1251] lo speed is unknown, defaulting to 1000
[ 1069.493959][ T1241] syzkaller0: delete flow: hash 3965443817 index 1
[ 1069.618440][ T1261] netlink: 'syz.3.8897': attribute type 11 has an invalid length.
[ 1069.827838][ T1270] netlink: 'syz.1.8901': attribute type 1 has an invalid length.
[ 1071.239197][ T5626] Bluetooth: hci2: command tx timeout
[ 1072.216075][ T1293] netem: change failed
[ 1072.369857][ T1302] netlink: 'syz.1.8910': attribute type 11 has an invalid length.
[ 1073.200187][ T1349] syzkaller1: entered promiscuous mode
[ 1073.209432][ T1349] syzkaller1: entered allmulticast mode
[ 1073.228437][ T1357] __nla_validate_parse: 4 callbacks suppressed
[ 1073.228525][ T1357] netlink: 48 bytes leftover after parsing attributes in process `syz.0.8931'.
[ 1073.254775][ T1355] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1073.276873][ T1354] netlink: 10 bytes leftover after parsing attributes in process `syz.2.8930'.
[ 1073.494262][ T1367] netlink: 2 bytes leftover after parsing attributes in process `syz.2.8934'.
[ 1073.506601][ T1364] vlan2: entered promiscuous mode
[ 1073.518223][ T1364] bridge0: entered promiscuous mode
[ 1073.540783][ T1364] vlan2: entered allmulticast mode
[ 1073.566431][ T1364] bridge0: entered allmulticast mode
[ 1073.727927][ T1385] netlink: 'syz.3.8938': attribute type 1 has an invalid length.
[ 1073.744103][ T1385] netlink: 224 bytes leftover after parsing attributes in process `syz.3.8938'.
[ 1073.765724][ T1388] netlink: 16 bytes leftover after parsing attributes in process `syz.1.8939'.
[ 1074.117067][    C1] ip6_tunnel: ip6gretap3 xmit: Local address not yet configured!
[ 1074.126296][ T1415] FAULT_INJECTION: forcing a failure.
[ 1074.126296][ T1415] name failslab, interval 1, probability 0, space 0, times 0
[ 1074.150106][ T1415] CPU: 0 UID: 0 PID: 1415 Comm: syz.4.8947 Not tainted syzkaller #0 PREEMPT(full) 
[ 1074.150128][ T1415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1074.150139][ T1415] Call Trace:
[ 1074.150148][ T1415]  <TASK>
[ 1074.150156][ T1415]  dump_stack_lvl+0xe8/0x150
[ 1074.150182][ T1415]  should_fail_ex+0x412/0x560
[ 1074.150210][ T1415]  should_failslab+0xa8/0x100
[ 1074.150236][ T1415]  ? skb_clone+0x212/0x3a0
[ 1074.150259][ T1415]  kmem_cache_alloc_noprof+0x87/0x650
[ 1074.150283][ T1415]  ? __netlink_lookup+0xc6/0x8b0
[ 1074.150311][ T1415]  skb_clone+0x212/0x3a0
[ 1074.150337][ T1415]  __netlink_deliver_tap+0x404/0x850
[ 1074.150369][ T1415]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1074.150398][ T1415]  netlink_deliver_tap+0x19c/0x1b0
[ 1074.150421][ T1415]  netlink_unicast+0x730/0x8e0
[ 1074.150450][ T1415]  netlink_sendmsg+0x813/0xb40
[ 1074.150481][ T1415]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1074.150506][ T1415]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1074.150531][ T1415]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1074.150557][ T1415]  ____sys_sendmsg+0x972/0x9f0
[ 1074.150578][ T1415]  ? __might_fault+0xaf/0x130
[ 1074.150612][ T1415]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1074.150643][ T1415]  ? import_iovec+0x73/0xa0
[ 1074.150672][ T1415]  ___sys_sendmsg+0x2a5/0x360
[ 1074.150693][ T1415]  ? __lock_acquire+0x6b5/0x2cf0
[ 1074.150717][ T1415]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1074.150776][ T1415]  ? __fget_files+0x2a/0x420
[ 1074.150796][ T1415]  ? __fget_files+0x3a0/0x420
[ 1074.150828][ T1415]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1074.150854][ T1415]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1074.150891][ T1415]  ? __pfx_ksys_write+0x10/0x10
[ 1074.150925][ T1415]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1074.150945][ T1415]  do_syscall_64+0x15f/0xf80
[ 1074.150966][ T1415]  ? trace_irq_disable+0x3b/0x140
[ 1074.150992][ T1415]  ? clear_bhb_loop+0x40/0x90
[ 1074.151015][ T1415]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1074.151033][ T1415] RIP: 0033:0x7fa85979cdd9
[ 1074.151050][ T1415] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1074.151065][ T1415] RSP: 002b:00007fa85a635028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1074.151085][ T1415] RAX: ffffffffffffffda RBX: 00007fa859a15fa0 RCX: 00007fa85979cdd9
[ 1074.151098][ T1415] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000003
[ 1074.151110][ T1415] RBP: 00007fa85a635090 R08: 0000000000000000 R09: 0000000000000000
[ 1074.151122][ T1415] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1074.151133][ T1415] R13: 00007fa859a16038 R14: 00007fa859a15fa0 R15: 00007ffc22c5f9c8
[ 1074.151164][ T1415]  </TASK>
[ 1074.152499][ T1415] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8947'.
[ 1074.566471][ T1430] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1074.945126][ T1444] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8950'.
[ 1075.182649][ T1452] netlink: 'syz.0.8952': attribute type 1 has an invalid length.
[ 1075.262827][ T1456] ip6gretap1: entered promiscuous mode
[ 1075.270985][ T1456] ip6gretap1: entered allmulticast mode
[ 1076.674531][    C0] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[ 1076.814781][ T1391] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[ 1076.853090][ T1482] netlink: 'syz.4.8961': attribute type 11 has an invalid length.
[ 1076.983190][ T1488] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1077.093920][ T1493] pim6reg1: entered promiscuous mode
[ 1077.113579][ T1493] pim6reg1: entered allmulticast mode
[ 1077.161398][ T1502] netlink: 44 bytes leftover after parsing attributes in process `syz.1.8968'.
[ 1077.221492][ T1506] xfrm0: entered promiscuous mode
[ 1077.227254][ T1506] xfrm0: entered allmulticast mode
[ 1077.432475][ T1523] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8976'.
[ 1077.454630][ T1525] netlink: 'syz.4.8971': attribute type 3 has an invalid length.
[ 1077.471861][ T1527] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1077.611094][ T1536] netlink: 'syz.3.8979': attribute type 8 has an invalid length.
[ 1078.107274][ T1559] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8987'.
[ 1078.177558][ T1559] team0: left allmulticast mode
[ 1078.192330][ T1559] team0: left promiscuous mode
[ 1078.218502][ T1564] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1078.351968][ T1570] __nla_validate_parse: 1 callbacks suppressed
[ 1078.351986][ T1570] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8992'.
[ 1078.406671][ T1573] netlink: 'syz.4.8994': attribute type 11 has an invalid length.
[ 1078.420225][ T1575] syzkaller1: tun_chr_ioctl cmd 1074025677
[ 1078.427542][ T1575] syzkaller1: linktype set to 825
[ 1078.609418][ T1583] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8998'.
[ 1078.774646][ T1596] dvmrp6: entered allmulticast mode
[ 1078.868894][T29335] IPVS: starting estimator thread 0...
[ 1078.877717][ T1597] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[ 1078.917267][ T1597] netlink: zone id is out of range
[ 1078.929808][ T1597] netlink: zone id is out of range
[ 1078.941630][ T1597] netlink: zone id is out of range
[ 1078.947239][ T1597] netlink: zone id is out of range
[ 1078.952501][ T1597] netlink: zone id is out of range
[ 1078.958260][ T1597] netlink: zone id is out of range
[ 1078.963764][ T1597] netlink: zone id is out of range
[ 1078.969003][ T1597] netlink: zone id is out of range
[ 1078.984633][ T1607] IPVS: using max 53 ests per chain, 127200 per kthread
[ 1079.005121][ T1609] tap0: tun_chr_ioctl cmd 1074025677
[ 1079.010762][ T1609] tap0: linktype set to 776
[ 1079.480813][ T1632] netlink: 'syz.0.9015': attribute type 1 has an invalid length.
[ 1079.497782][ T1632] netlink: 'syz.0.9015': attribute type 1 has an invalid length.
[ 1079.525862][ T1632] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9015'.
[ 1079.629954][ T1638] syzkaller1: entered promiscuous mode
[ 1079.636709][ T1641] netlink: 552 bytes leftover after parsing attributes in process `syz.4.9016'.
[ 1079.665248][ T1638] syzkaller1: entered allmulticast mode
[ 1079.677161][ T1645] xt_socket: unknown flags 0x50
[ 1079.693706][ T1638] PF_CAN: dropped non conform CAN skbuff: dev type 280, len 324
[ 1080.211480][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1080.232087][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1080.239243][ T1675] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9029'.
[ 1080.261318][ T1674] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1080.276972][ T1675] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1080.284584][ T1675] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1080.511477][ T1687] pim6reg1: entered promiscuous mode
[ 1080.526277][ T1687] pim6reg1: entered allmulticast mode
[ 1080.868069][ T1694] netlink: 'syz.0.9037': attribute type 11 has an invalid length.
[ 1080.971928][ T1697] FAULT_INJECTION: forcing a failure.
[ 1080.971928][ T1697] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1080.985244][ T1697] CPU: 1 UID: 0 PID: 1697 Comm: syz.4.9038 Not tainted syzkaller #0 PREEMPT(full) 
[ 1080.985267][ T1697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1080.985277][ T1697] Call Trace:
[ 1080.985285][ T1697]  <TASK>
[ 1080.985292][ T1697]  dump_stack_lvl+0xe8/0x150
[ 1080.985318][ T1697]  should_fail_ex+0x412/0x560
[ 1080.985346][ T1697]  _copy_from_user+0x2d/0xb0
[ 1080.985373][ T1697]  ___sys_sendmsg+0x1c6/0x360
[ 1080.985396][ T1697]  ? __lock_acquire+0x6b5/0x2cf0
[ 1080.985420][ T1697]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1080.985475][ T1697]  ? __fget_files+0x2a/0x420
[ 1080.985496][ T1697]  ? __fget_files+0x3a0/0x420
[ 1080.985527][ T1697]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1080.985553][ T1697]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1080.985586][ T1697]  ? __pfx_ksys_write+0x10/0x10
[ 1080.985619][ T1697]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1080.985639][ T1697]  do_syscall_64+0x15f/0xf80
[ 1080.985667][ T1697]  ? trace_irq_disable+0x3b/0x140
[ 1080.985692][ T1697]  ? clear_bhb_loop+0x40/0x90
[ 1080.985715][ T1697]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1080.985733][ T1697] RIP: 0033:0x7fa85979cdd9
[ 1080.985750][ T1697] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1080.985765][ T1697] RSP: 002b:00007fa85a635028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1080.985784][ T1697] RAX: ffffffffffffffda RBX: 00007fa859a15fa0 RCX: 00007fa85979cdd9
[ 1080.985798][ T1697] RDX: 0000000002000000 RSI: 0000200000000400 RDI: 0000000000000004
[ 1080.985810][ T1697] RBP: 00007fa85a635090 R08: 0000000000000000 R09: 0000000000000000
[ 1080.985822][ T1697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1080.985833][ T1697] R13: 00007fa859a16038 R14: 00007fa859a15fa0 R15: 00007ffc22c5f9c8
[ 1080.985863][ T1697]  </TASK>
[ 1081.254849][ T1702] FAULT_INJECTION: forcing a failure.
[ 1081.254849][ T1702] name failslab, interval 1, probability 0, space 0, times 0
[ 1081.287616][ T1702] CPU: 1 UID: 0 PID: 1702 Comm: syz.0.9041 Not tainted syzkaller #0 PREEMPT(full) 
[ 1081.287646][ T1702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1081.287656][ T1702] Call Trace:
[ 1081.287663][ T1702]  <TASK>
[ 1081.287671][ T1702]  dump_stack_lvl+0xe8/0x150
[ 1081.287697][ T1702]  should_fail_ex+0x412/0x560
[ 1081.287724][ T1702]  should_failslab+0xa8/0x100
[ 1081.287751][ T1702]  __kmalloc_node_track_caller_noprof+0xeb/0x7b0
[ 1081.287776][ T1702]  ? nf_ct_ext_add+0x1b6/0x460
[ 1081.287794][ T1702]  ? nf_ct_ext_add+0x1b6/0x460
[ 1081.287813][ T1702]  krealloc_node_align_noprof+0x19a/0x390
[ 1081.287843][ T1702]  nf_ct_ext_add+0x1b6/0x460
[ 1081.287866][ T1702]  ctnetlink_new_conntrack+0x12a7/0x22a0
[ 1081.287897][ T1702]  ? ctnetlink_new_conntrack+0x726/0x22a0
[ 1081.287925][ T1702]  ? rcu_is_watching+0x15/0xb0
[ 1081.287949][ T1702]  ? __pfx_ctnetlink_new_conntrack+0x10/0x10
[ 1081.287978][ T1702]  ? __mutex_lock+0x319/0x1550
[ 1081.287999][ T1702]  ? __pfx___nla_validate_parse+0x10/0x10
[ 1081.288027][ T1702]  ? unwind_next_frame+0xa6/0x2550
[ 1081.288052][ T1702]  ? is_bpf_text_address+0x26/0x2b0
[ 1081.288070][ T1702]  ? lock_acquire+0x106/0x350
[ 1081.288089][ T1702]  ? nfnetlink_rcv_msg+0xa71/0x12c0
[ 1081.288133][ T1702]  nfnetlink_rcv_msg+0xc03/0x12c0
[ 1081.288153][ T1702]  ? unwind_get_return_address+0x4d/0x90
[ 1081.288176][ T1702]  ? nfnetlink_rcv_msg+0x22a/0x12c0
[ 1081.288215][ T1702]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[ 1081.288286][ T1702]  netlink_rcv_skb+0x232/0x4b0
[ 1081.288311][ T1702]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[ 1081.288333][ T1702]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1081.288367][ T1702]  ? bpf_lsm_capable+0x9/0x20
[ 1081.288384][ T1702]  ? security_capable+0x7e/0x2c0
[ 1081.288414][ T1702]  nfnetlink_rcv+0x2c0/0x27b0
[ 1081.288444][ T1702]  ? __local_bh_enable_ip+0xd0/0x130
[ 1081.288463][ T1702]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1081.288483][ T1702]  ? __dev_queue_xmit+0x2b6/0x3950
[ 1081.288506][ T1702]  ? __local_bh_enable_ip+0xd0/0x130
[ 1081.288523][ T1702]  ? __dev_queue_xmit+0x2b6/0x3950
[ 1081.288546][ T1702]  ? __dev_queue_xmit+0x1fe5/0x3950
[ 1081.288567][ T1702]  ? __x64_sys_sendmsg+0x1bd/0x2a0
[ 1081.288598][ T1702]  ? __dev_queue_xmit+0x2b6/0x3950
[ 1081.288634][ T1702]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 1081.288661][ T1702]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 1081.288692][ T1702]  ? ref_tracker_free+0x693/0x840
[ 1081.288718][ T1702]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1081.288759][ T1702]  ? skb_clone+0x246/0x3a0
[ 1081.288786][ T1702]  ? __netlink_deliver_tap+0x807/0x850
[ 1081.288808][ T1702]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1081.288836][ T1702]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1081.288857][ T1702]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1081.288884][ T1702]  netlink_unicast+0x75c/0x8e0
[ 1081.288915][ T1702]  netlink_sendmsg+0x813/0xb40
[ 1081.288946][ T1702]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1081.288973][ T1702]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1081.288999][ T1702]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1081.289025][ T1702]  ____sys_sendmsg+0x972/0x9f0
[ 1081.289048][ T1702]  ? __might_fault+0xaf/0x130
[ 1081.289077][ T1702]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1081.289110][ T1702]  ? import_iovec+0x73/0xa0
[ 1081.289139][ T1702]  ___sys_sendmsg+0x2a5/0x360
[ 1081.289162][ T1702]  ? __lock_acquire+0x6b5/0x2cf0
[ 1081.289185][ T1702]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1081.289245][ T1702]  ? __fget_files+0x2a/0x420
[ 1081.289265][ T1702]  ? __fget_files+0x3a0/0x420
[ 1081.289299][ T1702]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1081.289325][ T1702]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1081.289358][ T1702]  ? __pfx_ksys_write+0x10/0x10
[ 1081.289392][ T1702]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1081.289411][ T1702]  do_syscall_64+0x15f/0xf80
[ 1081.289432][ T1702]  ? trace_irq_disable+0x3b/0x140
[ 1081.289456][ T1702]  ? clear_bhb_loop+0x40/0x90
[ 1081.289480][ T1702]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1081.289498][ T1702] RIP: 0033:0x7fdfe699cdd9
[ 1081.289515][ T1702] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1081.289530][ T1702] RSP: 002b:00007fdfe77b4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1081.289549][ T1702] RAX: ffffffffffffffda RBX: 00007fdfe6c15fa0 RCX: 00007fdfe699cdd9
[ 1081.289563][ T1702] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000003
[ 1081.289575][ T1702] RBP: 00007fdfe77b4090 R08: 0000000000000000 R09: 0000000000000000
[ 1081.289587][ T1702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1081.289599][ T1702] R13: 00007fdfe6c16038 R14: 00007fdfe6c15fa0 R15: 00007ffdd8faf0c8
[ 1081.289638][ T1702]  </TASK>
[ 1081.289682][ T1702] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9041'.
[ 1081.545127][ T1713] netlink: 20 bytes leftover after parsing attributes in process `syz.1.9045'.
[ 1081.984865][ T1731] netlink: 'syz.1.9051': attribute type 11 has an invalid length.
[ 1082.554779][ T1747] netlink: 24 bytes leftover after parsing attributes in process `syz.0.9058'.
[ 1082.615672][ T1747] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9058'.
[ 1082.732147][ T1764] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9061'.
[ 1083.144049][ T1783] netlink: 'syz.0.9069': attribute type 11 has an invalid length.
[ 1083.833283][ T1803] __nla_validate_parse: 5 callbacks suppressed
[ 1083.833304][ T1803] netlink: 68 bytes leftover after parsing attributes in process `syz.2.9078'.
[ 1083.947464][ T1812] net_ratelimit: 18 callbacks suppressed
[ 1083.947481][ T1812] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1083.999888][ T1803] veth3: entered allmulticast mode
[ 1084.051892][ T1817] openvswitch: netlink: VLAN attribute unexpected.
[ 1084.359910][ T1827] xt_hashlimit: max too large, truncated to 1048576
[ 1084.388321][ T1827] netlink: 36 bytes leftover after parsing attributes in process `syz.3.9084'.
[ 1084.597007][ T1848] netlink: 'syz.4.9092': attribute type 8 has an invalid length.
[ 1084.748064][ T1856] netlink: 16 bytes leftover after parsing attributes in process `syz.4.9096'.
[ 1084.799405][ T1858] xt_hl: Unknown Hop Limit match mode: 206
[ 1084.842216][ T1862] FAULT_INJECTION: forcing a failure.
[ 1084.842216][ T1862] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1084.878388][ T1862] CPU: 0 UID: 0 PID: 1862 Comm: syz.2.9098 Not tainted syzkaller #0 PREEMPT(full) 
[ 1084.878410][ T1862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1084.878420][ T1862] Call Trace:
[ 1084.878427][ T1862]  <TASK>
[ 1084.878436][ T1862]  dump_stack_lvl+0xe8/0x150
[ 1084.878461][ T1862]  should_fail_ex+0x412/0x560
[ 1084.878489][ T1862]  _copy_from_user+0x2d/0xb0
[ 1084.878524][ T1862]  ___sys_sendmsg+0x1c6/0x360
[ 1084.878547][ T1862]  ? __lock_acquire+0x6b5/0x2cf0
[ 1084.878571][ T1862]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1084.878629][ T1862]  ? __fget_files+0x2a/0x420
[ 1084.878649][ T1862]  ? __fget_files+0x3a0/0x420
[ 1084.878679][ T1862]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1084.878705][ T1862]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1084.878738][ T1862]  ? __pfx_ksys_write+0x10/0x10
[ 1084.878770][ T1862]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1084.878790][ T1862]  do_syscall_64+0x15f/0xf80
[ 1084.878811][ T1862]  ? trace_irq_disable+0x3b/0x140
[ 1084.878835][ T1862]  ? clear_bhb_loop+0x40/0x90
[ 1084.878857][ T1862]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1084.878875][ T1862] RIP: 0033:0x7f10cb39cdd9
[ 1084.878893][ T1862] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1084.878911][ T1862] RSP: 002b:00007f10cc1cb028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1084.878931][ T1862] RAX: ffffffffffffffda RBX: 00007f10cb615fa0 RCX: 00007f10cb39cdd9
[ 1084.878944][ T1862] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000003
[ 1084.878956][ T1862] RBP: 00007f10cc1cb090 R08: 0000000000000000 R09: 0000000000000000
[ 1084.878968][ T1862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1084.878978][ T1862] R13: 00007f10cb616038 R14: 00007f10cb615fa0 R15: 00007ffd4a39f888
[ 1084.879007][ T1862]  </TASK>
[ 1085.120946][ T1869] FAULT_INJECTION: forcing a failure.
[ 1085.120946][ T1869] name failslab, interval 1, probability 0, space 0, times 0
[ 1085.185983][ T1869] CPU: 1 UID: 0 PID: 1869 Comm: syz.4.9100 Not tainted syzkaller #0 PREEMPT(full) 
[ 1085.186008][ T1869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1085.186019][ T1869] Call Trace:
[ 1085.186027][ T1869]  <TASK>
[ 1085.186036][ T1869]  dump_stack_lvl+0xe8/0x150
[ 1085.186061][ T1869]  should_fail_ex+0x412/0x560
[ 1085.186090][ T1869]  should_failslab+0xa8/0x100
[ 1085.186119][ T1869]  kmem_cache_alloc_node_noprof+0x8f/0x690
[ 1085.186145][ T1869]  ? __alloc_skb+0x1d0/0x7d0
[ 1085.186164][ T1869]  ? __local_bh_enable_ip+0xd0/0x130
[ 1085.186188][ T1869]  __alloc_skb+0x1d0/0x7d0
[ 1085.186208][ T1869]  ? nlmsg_notify+0x13e/0x1a0
[ 1085.186241][ T1869]  nf_tables_commit+0x9332/0xa7b0
[ 1085.186300][ T1869]  ? __pfx_nf_tables_commit+0x10/0x10
[ 1085.186330][ T1869]  ? __free_frozen_pages+0x749/0xd30
[ 1085.186362][ T1869]  ? nf_tables_newrule+0x2590/0x28b0
[ 1085.186403][ T1869]  ? __pfx_nf_tables_newrule+0x10/0x10
[ 1085.186427][ T1869]  ? nfnl_pernet+0x23/0x240
[ 1085.186470][ T1869]  nfnetlink_rcv+0x1c19/0x27b0
[ 1085.186524][ T1869]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 1085.186562][ T1869]  ? ref_tracker_free+0x693/0x840
[ 1085.186615][ T1869]  ? __netlink_deliver_tap+0x807/0x850
[ 1085.186647][ T1869]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1085.186669][ T1869]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1085.186696][ T1869]  netlink_unicast+0x75c/0x8e0
[ 1085.186728][ T1869]  netlink_sendmsg+0x813/0xb40
[ 1085.186760][ T1869]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1085.186787][ T1869]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1085.186812][ T1869]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1085.186840][ T1869]  ____sys_sendmsg+0x972/0x9f0
[ 1085.186864][ T1869]  ? __might_fault+0xaf/0x130
[ 1085.186893][ T1869]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1085.186929][ T1869]  ? import_iovec+0x73/0xa0
[ 1085.186958][ T1869]  ___sys_sendmsg+0x2a5/0x360
[ 1085.186979][ T1869]  ? __lock_acquire+0x6b5/0x2cf0
[ 1085.187004][ T1869]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1085.187063][ T1869]  ? __fget_files+0x2a/0x420
[ 1085.187084][ T1869]  ? __fget_files+0x3a0/0x420
[ 1085.187116][ T1869]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1085.187142][ T1869]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1085.187175][ T1869]  ? __pfx_ksys_write+0x10/0x10
[ 1085.187209][ T1869]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1085.187235][ T1869]  do_syscall_64+0x15f/0xf80
[ 1085.187256][ T1869]  ? trace_irq_disable+0x3b/0x140
[ 1085.187282][ T1869]  ? clear_bhb_loop+0x40/0x90
[ 1085.187305][ T1869]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1085.187323][ T1869] RIP: 0033:0x7fa85979cdd9
[ 1085.187340][ T1869] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1085.187355][ T1869] RSP: 002b:00007fa85a635028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1085.187375][ T1869] RAX: ffffffffffffffda RBX: 00007fa859a15fa0 RCX: 00007fa85979cdd9
[ 1085.187388][ T1869] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[ 1085.187400][ T1869] RBP: 00007fa85a635090 R08: 0000000000000000 R09: 0000000000000000
[ 1085.187411][ T1869] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1085.187422][ T1869] R13: 00007fa859a16038 R14: 00007fa859a15fa0 R15: 00007ffc22c5f9c8
[ 1085.187453][ T1869]  </TASK>
[ 1085.791635][ T1871] netlink: 212348 bytes leftover after parsing attributes in process `syz.2.9101'.
[ 1085.801363][ T1874] lo speed is unknown, defaulting to 1000
[ 1085.889740][ T1871] netlink: Unknown conntrack attr (0)
[ 1086.159048][ T1894] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9108'.
[ 1086.170922][ T1896] bridge2: entered promiscuous mode
[ 1086.187957][ T1894] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9108'.
[ 1086.314954][ T1898] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9110'.
[ 1086.345745][ T1898] xt_TCPMSS: Only works on TCP SYN packets
[ 1086.521811][ T1913] FAULT_INJECTION: forcing a failure.
[ 1086.521811][ T1913] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1086.558625][ T1913] CPU: 1 UID: 0 PID: 1913 Comm: syz.1.9115 Not tainted syzkaller #0 PREEMPT(full) 
[ 1086.558650][ T1913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1086.558661][ T1913] Call Trace:
[ 1086.558669][ T1913]  <TASK>
[ 1086.558678][ T1913]  dump_stack_lvl+0xe8/0x150
[ 1086.558704][ T1913]  should_fail_ex+0x412/0x560
[ 1086.558733][ T1913]  _copy_from_user+0x2d/0xb0
[ 1086.558759][ T1913]  __sys_connect+0x156/0x450
[ 1086.558782][ T1913]  ? __pfx___sys_connect+0x10/0x10
[ 1086.558816][ T1913]  ? __pfx_ksys_write+0x10/0x10
[ 1086.558846][ T1913]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1086.558866][ T1913]  __x64_sys_connect+0x7a/0x90
[ 1086.558888][ T1913]  do_syscall_64+0x15f/0xf80
[ 1086.558909][ T1913]  ? trace_irq_disable+0x3b/0x140
[ 1086.558935][ T1913]  ? clear_bhb_loop+0x40/0x90
[ 1086.558958][ T1913]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1086.558976][ T1913] RIP: 0033:0x7f7a8bb9cdd9
[ 1086.558993][ T1913] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1086.559008][ T1913] RSP: 002b:00007f7a8ca12028 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[ 1086.559026][ T1913] RAX: ffffffffffffffda RBX: 00007f7a8be15fa0 RCX: 00007f7a8bb9cdd9
[ 1086.559038][ T1913] RDX: 000000000000000e RSI: 0000200000000240 RDI: 0000000000000004
[ 1086.559048][ T1913] RBP: 00007f7a8ca12090 R08: 0000000000000000 R09: 0000000000000000
[ 1086.559059][ T1913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1086.559069][ T1913] R13: 00007f7a8be16038 R14: 00007f7a8be15fa0 R15: 00007ffd7c72bad8
[ 1086.559108][ T1913]  </TASK>
[ 1086.776006][ T1918] netlink: 'syz.2.9119': attribute type 15 has an invalid length.
[ 1086.824403][ T1918] netlink: 24 bytes leftover after parsing attributes in process `syz.2.9119'.
[ 1086.841065][ T1919] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1086.848286][ T1919] bridge0: port 2(bridge_slave_1) entered listening state
[ 1086.855725][ T1919] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1086.862894][ T1919] bridge0: port 1(bridge_slave_0) entered listening state
[ 1086.878520][ T1910] netlink: 24 bytes leftover after parsing attributes in process `syz.3.9110'.
[ 1086.939679][ T1919] xfrm0: left promiscuous mode
[ 1086.944935][ T1919] xfrm0: left allmulticast mode
[ 1087.012758][ T1919] vlan2: left promiscuous mode
[ 1087.018501][ T1919] bridge0: left promiscuous mode
[ 1087.024948][ T1919] vlan2: left allmulticast mode
[ 1087.030203][ T1919] bridge0: left allmulticast mode
[ 1087.530847][ T1928] netlink: 16 bytes leftover after parsing attributes in process `syz.3.9110'.
[ 1088.199483][ T1973] veth1_to_bond: entered allmulticast mode
[ 1088.254257][ T1973] veth1_to_bond (unregistering): left allmulticast mode
[ 1088.342735][ T1973] bond0: (slave bond_slave_1): Releasing backup interface
[ 1088.380754][ T1979] netlink: 'syz.1.9139': attribute type 11 has an invalid length.
[ 1088.467296][ T1981] netlink: 'syz.2.9140': attribute type 9 has an invalid length.
[ 1088.499971][ T1981] bridge1: entered allmulticast mode
[ 1088.704850][ T1998] IPv6: Can't replace route, no match found
[ 1089.014957][ T2010] __nla_validate_parse: 4 callbacks suppressed
[ 1089.014976][ T2010] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9148'.
[ 1089.034812][ T2010] tunl0: Caught tx_queue_len zero misconfig
[ 1089.046260][ T2010] netlink: 65011 bytes leftover after parsing attributes in process `syz.4.9148'.
[ 1089.298428][ T2025] ip6gre1: entered promiscuous mode
[ 1089.315309][ T2025] ip6gre1: entered allmulticast mode
[ 1089.368417][ T2029] x_tables: duplicate underflow at hook 3
[ 1089.643445][ T2049] netlink: 176 bytes leftover after parsing attributes in process `syz.4.9163'.
[ 1089.707929][ T2053] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9164'.
[ 1089.718028][ T2053] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9164'.
[ 1089.896693][ T2062] xt_nfacct: accounting object `syz0' does not exist
[ 1090.131240][ T2074] netlink: 80 bytes leftover after parsing attributes in process `syz.4.9170'.
[ 1091.610838][ T1988] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[ 1091.820574][ T2095] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9175'.
[ 1091.874284][ T2098] netlink: 'syz.2.9178': attribute type 11 has an invalid length.
[ 1091.989042][ T2103] netlink: 'syz.3.9179': attribute type 11 has an invalid length.
[ 1091.998979][ T2105] FAULT_INJECTION: forcing a failure.
[ 1091.998979][ T2105] name failslab, interval 1, probability 0, space 0, times 0
[ 1092.012801][ T2105] CPU: 1 UID: 0 PID: 2105 Comm: syz.2.9180 Not tainted syzkaller #0 PREEMPT(full) 
[ 1092.012823][ T2105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1092.012835][ T2105] Call Trace:
[ 1092.012842][ T2105]  <TASK>
[ 1092.012850][ T2105]  dump_stack_lvl+0xe8/0x150
[ 1092.012876][ T2105]  should_fail_ex+0x412/0x560
[ 1092.012904][ T2105]  should_failslab+0xa8/0x100
[ 1092.012934][ T2105]  kmem_cache_alloc_node_noprof+0x8f/0x690
[ 1092.012959][ T2105]  ? __alloc_skb+0x186/0x7d0
[ 1092.012978][ T2105]  ? __alloc_skb+0x1d0/0x7d0
[ 1092.012995][ T2105]  ? __local_bh_enable_ip+0xd0/0x130
[ 1092.013017][ T2105]  __alloc_skb+0x1d0/0x7d0
[ 1092.013042][ T2105]  netlink_sendmsg+0x5d4/0xb40
[ 1092.013070][ T2105]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1092.013096][ T2105]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1092.013121][ T2105]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1092.013148][ T2105]  ____sys_sendmsg+0x972/0x9f0
[ 1092.013171][ T2105]  ? __might_fault+0xaf/0x130
[ 1092.013204][ T2105]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1092.013234][ T2105]  ? import_iovec+0x73/0xa0
[ 1092.013262][ T2105]  ___sys_sendmsg+0x2a5/0x360
[ 1092.013283][ T2105]  ? __lock_acquire+0x6b5/0x2cf0
[ 1092.013305][ T2105]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1092.013359][ T2105]  ? __fget_files+0x2a/0x420
[ 1092.013378][ T2105]  ? __fget_files+0x3a0/0x420
[ 1092.013408][ T2105]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1092.013433][ T2105]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1092.013464][ T2105]  ? __pfx_ksys_write+0x10/0x10
[ 1092.013494][ T2105]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1092.013513][ T2105]  do_syscall_64+0x15f/0xf80
[ 1092.013532][ T2105]  ? trace_irq_disable+0x3b/0x140
[ 1092.013557][ T2105]  ? clear_bhb_loop+0x40/0x90
[ 1092.013578][ T2105]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1092.013596][ T2105] RIP: 0033:0x7f10cb39cdd9
[ 1092.013613][ T2105] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1092.013629][ T2105] RSP: 002b:00007f10cc1cb028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1092.013649][ T2105] RAX: ffffffffffffffda RBX: 00007f10cb615fa0 RCX: 00007f10cb39cdd9
[ 1092.013663][ T2105] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000003
[ 1092.013675][ T2105] RBP: 00007f10cc1cb090 R08: 0000000000000000 R09: 0000000000000000
[ 1092.013687][ T2105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1092.013698][ T2105] R13: 00007f10cb616038 R14: 00007f10cb615fa0 R15: 00007ffd4a39f888
[ 1092.013726][ T2105]  </TASK>
[ 1092.523131][ T2115] syzkaller0: entered promiscuous mode
[ 1092.528977][ T2115] syzkaller0: entered allmulticast mode
[ 1092.618277][ T2121] FAULT_INJECTION: forcing a failure.
[ 1092.618277][ T2121] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1092.643912][ T2121] CPU: 1 UID: 0 PID: 2121 Comm: syz.3.9186 Not tainted syzkaller #0 PREEMPT(full) 
[ 1092.643935][ T2121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1092.643945][ T2121] Call Trace:
[ 1092.643954][ T2121]  <TASK>
[ 1092.643962][ T2121]  dump_stack_lvl+0xe8/0x150
[ 1092.643988][ T2121]  should_fail_ex+0x412/0x560
[ 1092.644017][ T2121]  _copy_to_user+0x31/0xb0
[ 1092.644044][ T2121]  simple_read_from_buffer+0xe1/0x170
[ 1092.644072][ T2121]  proc_fail_nth_read+0x1bb/0x230
[ 1092.644099][ T2121]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1092.644125][ T2121]  ? rw_verify_area+0x2a6/0x4d0
[ 1092.644149][ T2121]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1092.644172][ T2121]  vfs_read+0x20c/0xa70
[ 1092.644202][ T2121]  ? __pfx___mutex_lock+0x10/0x10
[ 1092.644225][ T2121]  ? __pfx_vfs_read+0x10/0x10
[ 1092.644252][ T2121]  ? __fget_files+0x2a/0x420
[ 1092.644278][ T2121]  ? __fget_files+0x3a0/0x420
[ 1092.644298][ T2121]  ? __fget_files+0x2a/0x420
[ 1092.644327][ T2121]  ksys_read+0x150/0x270
[ 1092.644354][ T2121]  ? __pfx_ksys_read+0x10/0x10
[ 1092.644387][ T2121]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1092.644408][ T2121]  do_syscall_64+0x15f/0xf80
[ 1092.644429][ T2121]  ? trace_irq_disable+0x3b/0x140
[ 1092.644463][ T2121]  ? clear_bhb_loop+0x40/0x90
[ 1092.644485][ T2121]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1092.644504][ T2121] RIP: 0033:0x7f4a40b5d60e
[ 1092.644521][ T2121] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1092.644537][ T2121] RSP: 002b:00007f4a419a0fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1092.644556][ T2121] RAX: ffffffffffffffda RBX: 00007f4a419a16c0 RCX: 00007f4a40b5d60e
[ 1092.644569][ T2121] RDX: 000000000000000f RSI: 00007f4a419a10a0 RDI: 0000000000000003
[ 1092.644581][ T2121] RBP: 00007f4a419a1090 R08: 0000000000000000 R09: 0000000000000000
[ 1092.644592][ T2121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1092.644603][ T2121] R13: 00007f4a40e16038 R14: 00007f4a40e15fa0 R15: 00007ffe020936d8
[ 1092.644635][ T2121]  </TASK>
[ 1093.246094][ T2135] netlink: 'syz.3.9192': attribute type 1 has an invalid length.
[ 1093.256960][ T2137] netlink: 'syz.2.9191': attribute type 11 has an invalid length.
[ 1093.409984][ T2141] bond9: (slave vxcan1): The slave device specified does not support setting the MAC address
[ 1093.425027][ T2141] bond9: (slave vxcan1): Error -95 calling set_mac_address
[ 1093.449809][ T2135] netlink: 20 bytes leftover after parsing attributes in process `syz.3.9192'.
[ 1093.499885][ T2135] bond9: (slave bridge0): Enslaving as an active interface with a down link
[ 1093.606633][ T2152] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9197'.
[ 1093.625373][ T2152] bridge_slave_0: default FDB implementation only supports local addresses
[ 1093.682219][ T2158] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9200'.
[ 1093.830802][ T2153] syzkaller0: entered promiscuous mode
[ 1093.857840][ T2153] syzkaller0: entered allmulticast mode
[ 1093.953858][    C0] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[ 1094.006006][ T2177] netlink: 'syz.2.9205': attribute type 11 has an invalid length.
[ 1094.257069][ T2195] netlink: 'syz.2.9211': attribute type 1 has an invalid length.
[ 1096.293840][ T2195] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[ 1096.398044][ T2202] ip6gretap1: entered promiscuous mode
[ 1096.448978][ T2202] ip6gretap1: entered allmulticast mode
[ 1096.481900][ T2210] netlink: 60 bytes leftover after parsing attributes in process `syz.3.9218'.
[ 1096.539623][ T2213] bond0: (slave macvlan1): Error -98 calling set_mac_address
[ 1096.578229][ T2216] netlink: 'syz.4.9219': attribute type 11 has an invalid length.
[ 1096.728932][ T2227] netlink: 108 bytes leftover after parsing attributes in process `syz.2.9224'.
[ 1096.741637][ T2229] lo: Caught tx_queue_len zero misconfig
[ 1096.877507][ T2230] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1096.885223][ T2230] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1097.025078][ T2230] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1097.042268][ T2230] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1097.062184][ T2240] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[ 1097.290579][ T2237] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check.
[ 1097.421831][ T2262] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9231'.
[ 1097.433911][ T2262] netlink: 20 bytes leftover after parsing attributes in process `syz.1.9231'.
[ 1097.434172][ T2244] syzkaller0: entered promiscuous mode
[ 1097.449989][ T2244] syzkaller0: entered allmulticast mode
[ 1097.456511][ T1115] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1097.469134][ T1115] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1097.487364][ T2263] batadv0: entered promiscuous mode
[ 1097.492674][ T2263] batadv0: entered allmulticast mode
[ 1097.599740][ T2268] netlink: 'syz.0.9235': attribute type 1 has an invalid length.
[ 1098.591111][ T2286] netlink: 'syz.4.9239': attribute type 8 has an invalid length.
[ 1099.728090][ T1115] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1099.737162][ T1115] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1099.746966][ T2260] pim6reg1: entered promiscuous mode
[ 1099.752250][ T2260] pim6reg1: entered allmulticast mode
[ 1099.776862][ T2268] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[ 1099.787305][ T2271] vlan3: entered promiscuous mode
[ 1099.803984][ T2271] geneve1: entered promiscuous mode
[ 1099.809452][ T2271] vlan3: entered allmulticast mode
[ 1099.815576][ T2271] geneve1: entered allmulticast mode
[ 1099.979984][ T2293] dvmrp6: entered allmulticast mode
[ 1099.982681][ T2298] FAULT_INJECTION: forcing a failure.
[ 1099.982681][ T2298] name failslab, interval 1, probability 0, space 0, times 0
[ 1099.999872][ T2298] CPU: 1 UID: 0 PID: 2298 Comm: syz.3.9245 Not tainted syzkaller #0 PREEMPT(full) 
[ 1099.999896][ T2298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1099.999906][ T2298] Call Trace:
[ 1099.999914][ T2298]  <TASK>
[ 1099.999922][ T2298]  dump_stack_lvl+0xe8/0x150
[ 1099.999948][ T2298]  should_fail_ex+0x412/0x560
[ 1099.999977][ T2298]  should_failslab+0xa8/0x100
[ 1100.000006][ T2298]  __kmalloc_cache_noprof+0x88/0x660
[ 1100.000037][ T2298]  ? __sctp_v6_cmp_addr+0x1dc/0x510
[ 1100.000059][ T2298]  ? sctp_v6_cmp_addr+0x15/0xd0
[ 1100.000079][ T2298]  ? sctp_add_bind_addr+0x8c/0x370
[ 1100.000105][ T2298]  sctp_add_bind_addr+0x8c/0x370
[ 1100.000131][ T2298]  sctp_copy_local_addr_list+0x314/0x4f0
[ 1100.000156][ T2298]  ? sctp_copy_local_addr_list+0xa4/0x4f0
[ 1100.000178][ T2298]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[ 1100.000201][ T2298]  ? sctp_v6_is_any+0x64/0x80
[ 1100.000225][ T2298]  ? sctp_copy_one_addr+0x93/0x360
[ 1100.000251][ T2298]  sctp_bind_addr_copy+0xb3/0x3c0
[ 1100.000274][ T2298]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[ 1100.000299][ T2298]  sctp_connect_new_asoc+0x2ff/0x6b0
[ 1100.000329][ T2298]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[ 1100.000362][ T2298]  ? __local_bh_enable_ip+0xd0/0x130
[ 1100.000384][ T2298]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[ 1100.000410][ T2298]  ? security_sctp_bind_connect+0x7e/0x2c0
[ 1100.000432][ T2298]  sctp_sendmsg+0x1528/0x2c10
[ 1100.000456][ T2298]  ? unwind_next_frame+0xa6/0x2550
[ 1100.000493][ T2298]  ? __pfx_sctp_sendmsg+0x10/0x10
[ 1100.000522][ T2298]  ? aa_sk_perm+0x6d5/0x900
[ 1100.000553][ T2298]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1100.000591][ T2298]  ? sock_rps_record_flow+0x19/0x350
[ 1100.000620][ T2298]  ? inet_sendmsg+0x2f4/0x370
[ 1100.000649][ T2298]  ____sys_sendmsg+0x80a/0x9f0
[ 1100.000682][ T2298]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1100.000716][ T2298]  ? import_iovec+0x73/0xa0
[ 1100.000743][ T2298]  ___sys_sendmsg+0x2a5/0x360
[ 1100.000765][ T2298]  ? __lock_acquire+0x6b5/0x2cf0
[ 1100.000789][ T2298]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1100.000848][ T2298]  ? __fget_files+0x2a/0x420
[ 1100.000869][ T2298]  ? __fget_files+0x3a0/0x420
[ 1100.000902][ T2298]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1100.000928][ T2298]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1100.000961][ T2298]  ? __pfx_ksys_write+0x10/0x10
[ 1100.000995][ T2298]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1100.001016][ T2298]  do_syscall_64+0x15f/0xf80
[ 1100.001042][ T2298]  ? trace_irq_disable+0x3b/0x140
[ 1100.001067][ T2298]  ? clear_bhb_loop+0x40/0x90
[ 1100.001090][ T2298]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1100.001108][ T2298] RIP: 0033:0x7f4a40b9cdd9
[ 1100.001126][ T2298] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1100.001141][ T2298] RSP: 002b:00007f4a419a1028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1100.001161][ T2298] RAX: ffffffffffffffda RBX: 00007f4a40e15fa0 RCX: 00007f4a40b9cdd9
[ 1100.001174][ T2298] RDX: 0000000000040040 RSI: 00002000000003c0 RDI: 0000000000000004
[ 1100.001187][ T2298] RBP: 00007f4a419a1090 R08: 0000000000000000 R09: 0000000000000000
[ 1100.001199][ T2298] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1100.001210][ T2298] R13: 00007f4a40e16038 R14: 00007f4a40e15fa0 R15: 00007ffe020936d8
[ 1100.001241][ T2298]  </TASK>
[ 1100.353724][    C1] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[ 1100.557193][ T2311] netlink: 24 bytes leftover after parsing attributes in process `syz.2.9249'.
[ 1100.741559][ T2311] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9249'.
[ 1100.885884][ T2317] syzkaller0: entered promiscuous mode
[ 1100.893368][ T2317] syzkaller0: entered allmulticast mode
[ 1101.830559][ T2348] netlink: 'syz.4.9260': attribute type 8 has an invalid length.
[ 1103.483411][ T2338] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9258'.
[ 1103.528797][ T2342] lo speed is unknown, defaulting to 1000
[ 1103.684323][ T2356] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9264'.
[ 1103.707682][ T2356] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9264'.
[ 1103.766395][ T2361] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9265'.
[ 1104.193693][    C1] ip6_tunnel: ip6gretap3 xmit: Local address not yet configured!
[ 1104.481254][ T2384] netlink: 284 bytes leftover after parsing attributes in process `syz.1.9271'.
[ 1104.648389][ T2390] vcan2: entered allmulticast mode
[ 1104.681222][ T2391] vcan2: entered allmulticast mode
[ 1104.689211][ T2392] openvswitch: netlink: ufid size 20 bytes exceeds the range (1, 16)
[ 1104.701217][ T2392] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[ 1104.717135][ T2388] pim6reg1: entered promiscuous mode
[ 1104.722696][ T2388] pim6reg1: entered allmulticast mode
[ 1104.841021][ T2401] netlink: 104 bytes leftover after parsing attributes in process `syz.1.9276'.
[ 1105.040712][ T2406] netlink: 16 bytes leftover after parsing attributes in process `syz.1.9278'.
[ 1105.064204][ T2406] netlink: 16 bytes leftover after parsing attributes in process `syz.1.9278'.
[ 1105.182345][ T2425] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9284'.
[ 1105.250628][ T2407] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1105.265256][ T2407] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1105.362911][ T2407] batman_adv: batadv0: Interface deactivated: macvtap1
[ 1105.495814][ T2407] mac80211_hwsim hwsim127 wlan0: left promiscuous mode
[ 1105.508563][ T1115] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1105.532594][ T1115] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1105.543643][ T2441] syzkaller1: entered promiscuous mode
[ 1105.549334][ T2441] syzkaller1: entered allmulticast mode
[ 1105.566604][ T1115] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1105.653590][ T1115] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1105.669228][ T2447] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9292'.
[ 1105.687018][ T2443] syzkaller1: entered promiscuous mode
[ 1105.692824][ T2443] syzkaller1: entered allmulticast mode
[ 1105.701087][ T2443] x_tables: arp_tables: CLASSIFY target: used from hooks INPUT, but only usable from FORWARD/OUTPUT
[ 1105.731776][ T2447] team1: entered promiscuous mode
[ 1105.742391][ T2447] team1: entered allmulticast mode
[ 1105.749734][ T2447] 8021q: adding VLAN 0 to HW filter on device team1
[ 1105.779905][ T2448] team2: entered promiscuous mode
[ 1105.785052][ T2448] team2: entered allmulticast mode
[ 1105.791022][ T2448] 8021q: adding VLAN 0 to HW filter on device team2
[ 1105.808927][ T2443] xfrm0: left promiscuous mode
[ 1105.818789][ T2443] xfrm0: left allmulticast mode
[ 1105.838677][ T2443] syzkaller1: left promiscuous mode
[ 1105.845424][ T2443] syzkaller1: left allmulticast mode
[ 1105.918458][ T2455] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[ 1105.982637][ T2446] syzkaller0: create flow: hash 3965443817 index 1
[ 1106.122169][ T2472] netlink: 'syz.2.9297': attribute type 2 has an invalid length.
[ 1106.141203][ T2445] syzkaller0: delete flow: hash 3965443817 index 1
[ 1106.400210][ T1125] nci: nci_ntf_packet: unknown ntf opcode 0x125
[ 1107.128504][ T2478] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[ 1108.599787][ T2484] __nla_validate_parse: 5 callbacks suppressed
[ 1108.599814][ T2484] netlink: 28 bytes leftover after parsing attributes in process `syz.2.9301'.
[ 1108.615212][ T2484] netlink: 32 bytes leftover after parsing attributes in process `syz.2.9301'.
[ 1108.624523][ T2484] netlink: 28 bytes leftover after parsing attributes in process `syz.2.9301'.
[ 1108.635175][ T2484] netlink: 32 bytes leftover after parsing attributes in process `syz.2.9301'.
[ 1109.542513][ T2559] netlink: 'syz.4.9324': attribute type 3 has an invalid length.
[ 1109.559151][ T2559] netlink: 'syz.4.9324': attribute type 3 has an invalid length.
[ 1109.587927][ T2559] netlink: 12 bytes leftover after parsing attributes in process `syz.4.9324'.
[ 1109.740978][ T2572] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9327'.
[ 1109.780380][ T2572] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9327'.
[ 1109.845408][ T2571] syzkaller0: create flow: hash 3965443817 index 1
[ 1109.906172][ T2585] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9330'.
[ 1109.958890][ T2566] syzkaller0: delete flow: hash 3965443817 index 1
[ 1112.245624][ T2597] pim6reg1: entered promiscuous mode
[ 1112.263674][ T2597] pim6reg1: entered allmulticast mode
[ 1112.508963][ T2617] FAULT_INJECTION: forcing a failure.
[ 1112.508963][ T2617] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1112.525955][ T2617] CPU: 1 UID: 0 PID: 2617 Comm: syz.1.9341 Not tainted syzkaller #0 PREEMPT(full) 
[ 1112.525979][ T2617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1112.525991][ T2617] Call Trace:
[ 1112.525999][ T2617]  <TASK>
[ 1112.526008][ T2617]  dump_stack_lvl+0xe8/0x150
[ 1112.526035][ T2617]  should_fail_ex+0x412/0x560
[ 1112.526064][ T2617]  _copy_from_user+0x2d/0xb0
[ 1112.526091][ T2617]  do_ipt_set_ctl+0x6a5/0xe00
[ 1112.526113][ T2617]  ? rcu_is_watching+0x15/0xb0
[ 1112.526136][ T2617]  ? trace_contention_end+0x3d/0x140
[ 1112.526162][ T2617]  ? __pfx_do_ipt_set_ctl+0x10/0x10
[ 1112.526197][ T2617]  ? __pfx_do_ip_setsockopt+0x10/0x10
[ 1112.526217][ T2617]  ? __pfx___mutex_lock+0x10/0x10
[ 1112.526241][ T2617]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1112.526268][ T2617]  ? __pfx___mutex_lock+0x10/0x10
[ 1112.526301][ T2617]  nf_setsockopt+0x26f/0x290
[ 1112.526322][ T2617]  ? __pfx_sock_common_setsockopt+0x10/0x10
[ 1112.526344][ T2617]  smc_setsockopt+0x249/0xac0
[ 1112.526373][ T2617]  ? __pfx_smc_setsockopt+0x10/0x10
[ 1112.526390][ T2617]  ? aa_sock_opt_perm+0xff/0x1a0
[ 1112.526417][ T2617]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[ 1112.526441][ T2617]  ? __pfx_smc_setsockopt+0x10/0x10
[ 1112.526463][ T2617]  do_sock_setsockopt+0x17c/0x1b0
[ 1112.526491][ T2617]  __x64_sys_setsockopt+0x13d/0x1b0
[ 1112.526516][ T2617]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1112.526537][ T2617]  do_syscall_64+0x15f/0xf80
[ 1112.526557][ T2617]  ? trace_irq_disable+0x3b/0x140
[ 1112.526583][ T2617]  ? clear_bhb_loop+0x40/0x90
[ 1112.526606][ T2617]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1112.526625][ T2617] RIP: 0033:0x7f7a8bb9cdd9
[ 1112.526642][ T2617] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1112.526658][ T2617] RSP: 002b:00007f7a8ca12028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1112.526684][ T2617] RAX: ffffffffffffffda RBX: 00007f7a8be15fa0 RCX: 00007f7a8bb9cdd9
[ 1112.526698][ T2617] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003
[ 1112.526709][ T2617] RBP: 00007f7a8ca12090 R08: 0000000000000400 R09: 0000000000000000
[ 1112.526721][ T2617] R10: 0000200000002000 R11: 0000000000000246 R12: 0000000000000001
[ 1112.526732][ T2617] R13: 00007f7a8be16038 R14: 00007f7a8be15fa0 R15: 00007ffd7c72bad8
[ 1112.526764][ T2617]  </TASK>
[ 1113.005211][ T2638] FAULT_INJECTION: forcing a failure.
[ 1113.005211][ T2638] name failslab, interval 1, probability 0, space 0, times 0
[ 1113.025095][ T2638] CPU: 0 UID: 0 PID: 2638 Comm: syz.3.9349 Not tainted syzkaller #0 PREEMPT(full) 
[ 1113.025119][ T2638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1113.025130][ T2638] Call Trace:
[ 1113.025138][ T2638]  <TASK>
[ 1113.025145][ T2638]  dump_stack_lvl+0xe8/0x150
[ 1113.025172][ T2638]  should_fail_ex+0x412/0x560
[ 1113.025204][ T2638]  should_failslab+0xa8/0x100
[ 1113.025234][ T2638]  __kmalloc_cache_noprof+0x88/0x660
[ 1113.025258][ T2638]  ? __sctp_v6_cmp_addr+0x1dc/0x510
[ 1113.025281][ T2638]  ? sctp_v6_cmp_addr+0x15/0xd0
[ 1113.025302][ T2638]  ? sctp_add_bind_addr+0x8c/0x370
[ 1113.025330][ T2638]  sctp_add_bind_addr+0x8c/0x370
[ 1113.025357][ T2638]  sctp_copy_local_addr_list+0x314/0x4f0
[ 1113.025383][ T2638]  ? sctp_copy_local_addr_list+0xa4/0x4f0
[ 1113.025405][ T2638]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[ 1113.025431][ T2638]  ? sctp_v6_is_any+0x64/0x80
[ 1113.025455][ T2638]  ? sctp_copy_one_addr+0x93/0x360
[ 1113.025479][ T2638]  sctp_bind_addr_copy+0xb3/0x3c0
[ 1113.025503][ T2638]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[ 1113.025527][ T2638]  sctp_connect_new_asoc+0x2ff/0x6b0
[ 1113.025556][ T2638]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[ 1113.025588][ T2638]  ? __local_bh_enable_ip+0xd0/0x130
[ 1113.025606][ T2638]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[ 1113.025638][ T2638]  ? security_sctp_bind_connect+0x7e/0x2c0
[ 1113.025661][ T2638]  sctp_sendmsg+0x1528/0x2c10
[ 1113.025685][ T2638]  ? unwind_next_frame+0xa6/0x2550
[ 1113.025723][ T2638]  ? __pfx_sctp_sendmsg+0x10/0x10
[ 1113.025752][ T2638]  ? aa_sk_perm+0x6d5/0x900
[ 1113.025783][ T2638]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1113.025807][ T2638]  ? sock_rps_record_flow+0x19/0x350
[ 1113.025836][ T2638]  ? inet_sendmsg+0x2f4/0x370
[ 1113.025865][ T2638]  ____sys_sendmsg+0x80a/0x9f0
[ 1113.025898][ T2638]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1113.025931][ T2638]  ? import_iovec+0x73/0xa0
[ 1113.025960][ T2638]  ___sys_sendmsg+0x2a5/0x360
[ 1113.025982][ T2638]  ? __lock_acquire+0x6b5/0x2cf0
[ 1113.026007][ T2638]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1113.026068][ T2638]  ? __fget_files+0x2a/0x420
[ 1113.026089][ T2638]  ? __fget_files+0x3a0/0x420
[ 1113.026121][ T2638]  __x64_sys_sendmsg+0x1bd/0x2a0
[ 1113.026147][ T2638]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1113.026180][ T2638]  ? __pfx_ksys_write+0x10/0x10
[ 1113.026212][ T2638]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1113.026231][ T2638]  do_syscall_64+0x15f/0xf80
[ 1113.026252][ T2638]  ? trace_irq_disable+0x3b/0x140
[ 1113.026278][ T2638]  ? clear_bhb_loop+0x40/0x90
[ 1113.026301][ T2638]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1113.026320][ T2638] RIP: 0033:0x7f4a40b9cdd9
[ 1113.026337][ T2638] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1113.026352][ T2638] RSP: 002b:00007f4a419a1028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1113.026372][ T2638] RAX: ffffffffffffffda RBX: 00007f4a40e15fa0 RCX: 00007f4a40b9cdd9
[ 1113.026385][ T2638] RDX: 0000000000040040 RSI: 00002000000003c0 RDI: 0000000000000004
[ 1113.026397][ T2638] RBP: 00007f4a419a1090 R08: 0000000000000000 R09: 0000000000000000
[ 1113.026409][ T2638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1113.026420][ T2638] R13: 00007f4a40e16038 R14: 00007f4a40e15fa0 R15: 00007ffe020936d8
[ 1113.026452][ T2638]  </TASK>
[ 1113.389956][ T2632] syzkaller0: entered promiscuous mode
[ 1113.395519][ T2632] syzkaller0: entered allmulticast mode
[ 1113.427333][ T2645] netlink: 44 bytes leftover after parsing attributes in process `syz.0.9350'.
[ 1113.470536][ T2647] netlink: 'syz.4.9352': attribute type 8 has an invalid length.
[ 1113.520630][ T2648] netlink: 212348 bytes leftover after parsing attributes in process `syz.1.9348'.
[ 1113.537130][ T2648] netlink: Unknown conntrack attr (0)
[ 1115.788501][ T2636] lo speed is unknown, defaulting to 1000
[ 1115.902177][ T2683] xt_nfacct: accounting object `syz0' does not exist
[ 1116.602714][ T2713] netdevsim netdevsim0: Direct firmware load for . failed with error -2
[ 1116.643171][ T2713] netdevsim netdevsim0: Falling back to sysfs fallback for: .
[ 1116.678232][ T2716] netlink: 16 bytes leftover after parsing attributes in process `syz.0.9368'.
[ 1116.692211][ T2715] netlink: 52 bytes leftover after parsing attributes in process `syz.2.9370'.
[ 1116.741831][ T2715] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1116.749553][ T2715] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1116.759269][ T2720] netlink: 'syz.1.9372': attribute type 4 has an invalid length.
[ 1116.876855][ T2731] bridge0: port 3(syz_tun) entered blocking state
[ 1116.884632][ T2727] lo speed is unknown, defaulting to 1000
[ 1116.893080][ T2731] bridge0: port 3(syz_tun) entered disabled state
[ 1116.906130][ T2731] syz_tun: entered allmulticast mode
[ 1116.922130][ T2731] syz_tun: entered promiscuous mode
[ 1116.994811][    C0] bridge0: port 1(bridge_slave_0) entered learning state
[ 1117.003373][    C0] bridge0: port 2(bridge_slave_1) entered learning state
[ 1117.026130][ T2727] lo speed is unknown, defaulting to 1000
[ 1117.050987][ T2727] lo speed is unknown, defaulting to 1000
[ 1117.069535][ T2741] mac80211_hwsim hwsim147 wlan1: entered allmulticast mode
[ 1117.790317][ T2727] infiniband s
z1: set down
[ 1117.795703][ T5728] lo speed is unknown, defaulting to 1000
[ 1117.807159][ T2727] infiniband s
z1: added lo
[ 1117.847179][ T2727] smbdirect: ib_dev[s
z1]: added: IB_CA max_fast_reg_page_list_len=512 device_cap_flags=0x1c001223c76 kernel_cap_flags=0x14 page_size_cap=0xfffff000
[ 1117.886910][ T2727] smbdirect: ib_dev[s
z1]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=32 max_cqe=32767 max_qp_wr=1048576 max_send_sge=32 max_recv_sge=32
[ 1117.916721][ T2773] mac80211_hwsim hwsim147 wlan1: left allmulticast mode
[ 1117.933690][ T2727] smbdirect: ib_dev[s
z1]PORT[1]: iwarp=0 ib=0 roce=1 v1=0 v2=1 core_cap_flags=0x803005
[ 1117.967193][ T2727] RDS/IB: s
z1: added
[ 1117.974058][ T2727] smc: adding ib device s
z1 with port count 1
[ 1117.980410][ T2727] smc:    ib device s
z1 port 1 has no pnetid
[ 1117.986680][T29334] lo speed is unknown, defaulting to 1000
[ 1117.997193][ T2727] lo speed is unknown, defaulting to 1000
[ 1118.326974][ T2779] bridge0: port 3(syz_tun) entered blocking state
[ 1118.350034][ T2779] bridge0: port 3(syz_tun) entered disabled state
[ 1118.366510][ T2779] syz_tun: entered allmulticast mode
[ 1118.382202][ T2779] syz_tun: entered promiscuous mode
[ 1118.506626][ T2727] lo speed is unknown, defaulting to 1000
[ 1119.157847][ T2727] lo speed is unknown, defaulting to 1000
[ 1119.259601][ T2801] xt_hashlimit: size too large, truncated to 1048576
[ 1119.374157][ T2803] syzkaller0: entered promiscuous mode
[ 1119.388777][ T2803] syzkaller0: entered allmulticast mode
[ 1119.418615][ T2803] tc action pedit offset must be on 32 bit boundaries
[ 1119.426968][ T2803] tc action pedit offset must be on 32 bit boundaries
[ 1119.433815][ T2803] tc action pedit offset must be on 32 bit boundaries
[ 1119.440602][ T2803] tc action pedit offset must be on 32 bit boundaries
[ 1119.447431][ T2803] tc action pedit offset must be on 32 bit boundaries
[ 1119.454231][ T2803] tc action pedit offset must be on 32 bit boundaries
[ 1119.461000][ T2803] tc action pedit offset must be on 32 bit boundaries
[ 1119.467817][ T2803] tc action pedit offset must be on 32 bit boundaries
[ 1119.474632][ T2803] tc action pedit offset must be on 32 bit boundaries
[ 1119.481401][ T2803] tc action pedit offset must be on 32 bit boundaries
[ 1119.488222][ T2803] 0: reclassify loop, rule prio 0, protocol 800
[ 1119.703932][ T2794] RDS: rds_bind could not find a transport for ::ffff:172.30.1.5, load rds_tcp or rds_rdma?
[ 1119.827755][ T2727] lo speed is unknown, defaulting to 1000
[ 1120.175137][T16461] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1120.190960][T16461] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1120.200212][T16461] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1120.208484][T16461] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1120.216665][T16461] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1120.353372][ T2839] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9405'.
[ 1120.467930][ T2841] netlink: 'syz.2.9406': attribute type 10 has an invalid length.
[ 1120.627528][ T2845] sctp: [Deprecated]: syz.4.9408 (pid 2845) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1120.627528][ T2845] Use struct sctp_sack_info instead
[ 1120.653138][ T2727] lo speed is unknown, defaulting to 1000
[ 1120.834026][    C0] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[ 1120.935003][ T2859] dvmrp0: entered allmulticast mode
[ 1121.367175][ T2824] lo speed is unknown, defaulting to 1000
[ 1121.428027][ T2880] xt_NFQUEUE: number of total queues is 0
[ 1122.054671][ T2727] lo speed is unknown, defaulting to 1000
[ 1122.285329][ T5626] Bluetooth: hci1: command tx timeout
[ 1124.383668][ T5626] Bluetooth: hci1: command tx timeout
[ 1124.451065][ T2900] syzkaller0: entered promiscuous mode
[ 1124.504768][ T2900] syzkaller0: entered allmulticast mode
[ 1126.454263][ T5626] Bluetooth: hci1: command tx timeout
[ 1127.454945][ T2824] lo speed is unknown, defaulting to 1000
[ 1127.562434][ T2929] netlink: 100 bytes leftover after parsing attributes in process `syz.4.9431'.
[ 1127.583957][ T2929] netlink: 40 bytes leftover after parsing attributes in process `syz.4.9431'.
[ 1127.603227][ T2929] netlink: 40 bytes leftover after parsing attributes in process `syz.4.9431'.
[ 1127.836747][ T2727] lo speed is unknown, defaulting to 1000
[ 1128.330018][ T2727] lo speed is unknown, defaulting to 1000
[ 1128.514440][ T5626] Bluetooth: hci1: command tx timeout
[ 1128.585696][ T2824] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1128.617108][ T2824] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1128.644582][ T2824] bridge_slave_0: entered allmulticast mode
[ 1128.663212][ T2824] bridge_slave_0: entered promiscuous mode
[ 1128.693061][ T2824] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1128.713363][ T2824] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1128.733110][ T2824] bridge_slave_1: entered allmulticast mode
[ 1128.747978][ T2824] bridge_slave_1: entered promiscuous mode
[ 1128.901020][ T2824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1128.951629][ T2824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1129.031134][ T2727] lo speed is unknown, defaulting to 1000
[ 1129.087479][ T2824] team0: Port device team_slave_0 added
[ 1129.116445][ T2824] team0: Port device team_slave_1 added
[ 1129.246051][ T2824] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1129.263599][ T2824] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1129.332398][ T2824] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1129.371281][ T2824] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1129.395003][ T2824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1129.479602][ T2824] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1129.611416][ T2727] lo speed is unknown, defaulting to 1000
[ 1129.752012][ T2824] hsr_slave_0: entered promiscuous mode
[ 1129.809850][ T2824] hsr_slave_1: entered promiscuous mode
[ 1129.834950][ T2824] debugfs: 'hsr0' already exists in 'hsr'
[ 1129.860917][ T2824] Cannot create hsr debugfs directory
[ 1129.881538][ T2953] syz_tun: left allmulticast mode
[ 1129.893917][ T2953] syz_tun: left promiscuous mode
[ 1129.903513][ T2953] bridge0: port 3(syz_tun) entered disabled state
[ 1129.962790][ T2953] team0: Port device syz_tun added
[ 1130.287138][ T2727] lo speed is unknown, defaulting to 1000
[ 1131.141694][ T2965] xt_hashlimit: size too large, truncated to 1048576
[ 1131.976902][T16461] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1131.990276][T16461] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1132.002540][T16461] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1132.027513][T16461] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1132.035686][T16461] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1133.830450][ T2824] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1133.866856][ T2727] lo speed is unknown, defaulting to 1000
[ 1134.120650][T16461] Bluetooth: hci3: command tx timeout
[ 1136.194844][ T5626] Bluetooth: hci3: command tx timeout
[ 1138.275291][ T2826] Bluetooth: hci3: command tx timeout
[ 1138.280760][ T5626] Bluetooth: hci4: command 0x0405 tx timeout
[ 1140.355339][T16461] Bluetooth: hci3: command tx timeout
[ 1140.992647][ T5626] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1141.008544][ T5626] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1141.022416][ T5626] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1141.031991][ T5626] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1141.040661][ T5626] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1143.074039][ T5626] Bluetooth: hci6: command tx timeout
[ 1144.753481][    C1] sched: DL replenish lagged too much
[ 1145.154243][ T5626] Bluetooth: hci6: command tx timeout
[ 1145.590994][ T2727] lo speed is unknown, defaulting to 1000
[ 1146.637192][ T2727] lo speed is unknown, defaulting to 1000
[ 1147.032694][T16461] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 1147.053125][T16461] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 1147.062070][T16461] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 1147.073805][    C0] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1147.081054][    C0] bridge0: topology change detected, propagating
[ 1147.087795][    C0] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1147.095047][    C0] bridge0: topology change detected, propagating
[ 1147.115028][T16461] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 1147.125151][T16461] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 1147.234163][ T5626] Bluetooth: hci6: command tx timeout
[ 1147.630769][ T2727] lo speed is unknown, defaulting to 1000
[ 1149.154306][ T5626] Bluetooth: hci7: command tx timeout
[ 1149.288816][ T2727] lo speed is unknown, defaulting to 1000
[ 1149.323703][ T5626] Bluetooth: hci6: command tx timeout
[ 1149.652465][ T2727] lo speed is unknown, defaulting to 1000
[ 1149.908730][ T2978] lo speed is unknown, defaulting to 1000
[ 1150.119588][ T3028] lo speed is unknown, defaulting to 1000
[ 1150.588651][ T2999] lo speed is unknown, defaulting to 1000
[ 1150.834971][ T2978] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1150.858356][ T2978] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1150.874985][ T2978] bridge_slave_0: entered allmulticast mode
[ 1150.890623][ T2978] bridge_slave_0: entered promiscuous mode
[ 1150.922909][ T2978] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1150.945290][ T2978] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1150.960326][ T2978] bridge_slave_1: entered allmulticast mode
[ 1150.977279][ T2978] bridge_slave_1: entered promiscuous mode
[ 1151.087654][ T2919] rdma_rxe: rxe_newlink: failed to add syz_tun
[ 1151.150807][ T2978] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1151.196142][ T2978] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1151.234718][ T5626] Bluetooth: hci7: command tx timeout
[ 1151.307511][ T2978] team0: Port device team_slave_0 added
[ 1151.327388][ T2978] team0: Port device team_slave_1 added
[ 1151.740008][ T2978] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1151.776974][ T2978] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1151.916327][ T2978] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1152.029858][ T2978] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1152.070915][ T2978] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1152.183908][ T2978] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1153.314131][ T5626] Bluetooth: hci7: command tx timeout
[ 1154.403352][ T3065] netlink: 24 bytes leftover after parsing attributes in process `syz.0.9465'.
[ 1154.692612][ T2919] syz_tun (unregistering): left allmulticast mode
[ 1154.700218][ T2919] syz_tun (unregistering): left promiscuous mode
[ 1154.707558][ T2919] bridge0: port 3(syz_tun) entered disabled state
[ 1154.940140][ T2969] team0: Port device syz_tun removed
[ 1155.073162][ T2978] hsr_slave_0: entered promiscuous mode
[ 1155.096557][ T2978] hsr_slave_1: entered promiscuous mode
[ 1155.116094][ T2978] debugfs: 'hsr0' already exists in 'hsr'
[ 1155.133562][ T2978] Cannot create hsr debugfs directory
[ 1155.181009][ T3071] ksmbd: Daemon and kernel module version mismatch. ksmbd: 124, kernel module: 1. User-space ksmbd should terminate.
[ 1155.365682][ T3028] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1155.374162][ T3028] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1155.381388][ T3028] bridge_slave_0: entered allmulticast mode
[ 1155.389541][ T3028] bridge_slave_0: entered promiscuous mode
[ 1155.396483][ T5626] Bluetooth: hci7: command tx timeout
[ 1155.449117][ T3028] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1155.464087][ T3028] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1155.485197][ T3028] bridge_slave_1: entered allmulticast mode
[ 1155.505559][ T3028] bridge_slave_1: entered promiscuous mode
[ 1155.732335][ T3028] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1155.840190][ T3028] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1155.991244][ T3028] team0: Port device team_slave_0 added
[ 1156.024525][ T3028] team0: Port device team_slave_1 added
[ 1156.116188][ T3028] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1156.123234][ T3028] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1156.150078][ T3028] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1156.163333][ T3028] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1156.170759][ T3028] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1156.217404][ T3028] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1156.282311][ T2999] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1156.290110][ T2999] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1156.297890][ T2999] bridge_slave_0: entered allmulticast mode
[ 1156.321627][ T2999] bridge_slave_0: entered promiscuous mode
[ 1156.352615][ T3028] hsr_slave_0: entered promiscuous mode
[ 1156.362101][ T3028] hsr_slave_1: entered promiscuous mode
[ 1156.369026][ T3028] debugfs: 'hsr0' already exists in 'hsr'
[ 1156.375918][ T3028] Cannot create hsr debugfs directory
[ 1156.381609][ T2999] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1156.392524][ T2999] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1156.400436][ T2999] bridge_slave_1: entered allmulticast mode
[ 1156.408838][ T2999] bridge_slave_1: entered promiscuous mode
[ 1156.508660][ T2999] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1156.523206][ T2999] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1156.607687][ T2999] team0: Port device team_slave_0 added
[ 1156.625855][ T2999] team0: Port device team_slave_1 added
[ 1156.692272][ T2999] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1156.699534][ T2999] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1156.726904][ T2999] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1156.765583][ T2999] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1156.772560][ T2999] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1156.809437][ T2999] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1156.901694][ T2999] hsr_slave_0: entered promiscuous mode
[ 1156.908626][ T2999] hsr_slave_1: entered promiscuous mode
[ 1156.920880][ T2999] debugfs: 'hsr0' already exists in 'hsr'
[ 1156.929649][ T2999] Cannot create hsr debugfs directory
[ 1157.367479][ T2824] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1158.817076][ T3086] lo speed is unknown, defaulting to 1000
[ 1159.258437][ T3086] lo speed is unknown, defaulting to 1000
[ 1159.354301][ T3088] dvmrp2: entered allmulticast mode
[ 1161.793743][    C0] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[ 1163.888486][ T5626] Bluetooth: hci5: command 0x0406 tx timeout
[ 1168.150634][ T2824] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1168.853982][ T1115] batman_adv: batadv1: adding TT local entry 33:33:00:00:00:01 to non-existent VLAN -1
[ 1169.438155][ T2824] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1170.559337][ T2824] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1171.542009][ T2824] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 1171.550966][ T2824] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1171.568651][ T2824] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 1171.603081][ T2824] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1171.640879][ T2824] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 1171.658806][ T2824] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1171.702333][ T2824] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 1176.581968][ T2978] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1176.644026][ T2978] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 1176.711813][ T2978] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1176.725346][ T3127] netlink: 20 bytes leftover after parsing attributes in process `syz.0.9482'.
[ 1176.763039][ T2978] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 1176.786539][ T2978] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1176.808803][ T2978] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 1176.837487][ T2978] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1176.864819][ T2978] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 1177.060110][ T3028] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1177.091058][ T3028] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 1177.130600][ T3028] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1177.167816][ T3028] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 1177.188228][ T2824] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1177.205539][ T3028] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1177.231374][ T3028] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 1177.275849][ T3028] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1177.297640][ T3028] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 1177.416691][ T2824] 8021q: adding VLAN 0 to HW filter on device team0
[ 1177.471625][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1177.479179][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1177.513195][ T2999] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1177.534332][ T2999] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 1177.542264][ T2999] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1177.561583][ T2999] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 1177.598798][  T186] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1177.605985][  T186] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1177.624641][ T2999] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1177.638319][ T2999] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 1177.660886][ T2999] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1177.679692][ T2999] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 1177.763402][ T2978] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1177.851779][ T2978] 8021q: adding VLAN 0 to HW filter on device team0
[ 1177.900691][  T186] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1177.907879][  T186] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1177.994820][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1178.002011][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1178.070691][    C0] vxcan1: j1939_tp_rxtimer: 0xffff888069ad9c00: rx timeout, send abort
[ 1178.181944][ T3028] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1178.283120][ T3028] 8021q: adding VLAN 0 to HW filter on device team0
[ 1178.348680][T14992] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1178.355891][T14992] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1178.409912][ T2999] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1178.441371][T25599] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1178.448551][T25599] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1178.579055][    C0] vxcan1: j1939_tp_rxtimer: 0xffff888069ad9c00: abort rx timeout. Force session deactivation
[ 1178.618340][ T2999] 8021q: adding VLAN 0 to HW filter on device team0
[ 1178.829267][T25596] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1178.836464][T25596] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1178.946324][T25596] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1178.953542][T25596] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1207.878612][    C1] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[ 1326.443486][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 1326.450477][    C1] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P3164/1:b..l P3161/1:b..l P5612/1:b..l P2999/1:b..l
[ 1326.462327][    C1] rcu: 	(detected by 1, t=10503 jiffies, g=219241, q=1192 ncpus=2)
[ 1326.470226][    C1] task:syz-executor    state:R  running task     stack:22336 pid:2999  tgid:2999  ppid:2998   task_flags:0x400140 flags:0x00080000
[ 1326.484832][    C1] Call Trace:
[ 1326.488122][    C1]  <TASK>
[ 1326.491062][    C1]  __schedule+0x17b4/0x5680
[ 1326.495575][    C1]  ? finish_task_switch+0x692/0xbe0
[ 1326.500955][    C1]  ? rcu_is_watching+0x15/0xb0
[ 1326.505755][    C1]  ? __pfx___schedule+0x10/0x10
[ 1326.510634][    C1]  preempt_schedule_irq+0x4d/0xa0
[ 1326.515668][    C1]  irqentry_exit+0x14f/0x730
[ 1326.520272][    C1]  ? trace_irq_disable+0x3b/0x140
[ 1326.525317][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1326.531307][    C1] RIP: 0010:memset_orig+0x25/0xb0
[ 1326.536342][    C1] Code: 90 90 90 90 90 49 89 fa 40 0f b6 ce 48 b8 01 01 01 01 01 01 01 01 48 0f af c1 41 89 f9 41 83 e1 07 75 74 48 89 d1 48 c1 e9 06 <74> 39 66 0f 1f 84 00 00 00 00 00 48 ff c9 48 89 07 48 89 47 08 48
[ 1326.555953][    C1] RSP: 0018:ffffc90005f8e630 EFLAGS: 00000246
[ 1326.562026][    C1] RAX: 0000000000000000 RBX: ffffc90005f8e758 RCX: 0000000000000000
[ 1326.570000][    C1] RDX: 0000000000000010 RSI: 0000000000000000 RDI: ffffc90005f8e758
[ 1326.577972][    C1] RBP: dffffc0000000000 R08: ffffc90005f8e767 R09: 0000000000000000
[ 1326.585950][    C1] R10: ffffc90005f8e758 R11: fffff52000bf1ced R12: ffffc90005f8eaf0
[ 1326.593924][    C1] R13: 1ffff92000bf1ce3 R14: ffffc90005f8e708 R15: ffffc90005f8e750
[ 1326.601922][    C1]  unwind_next_frame+0xf33/0x2550
[ 1326.606970][    C1]  ? unwind_next_frame+0xa6/0x2550
[ 1326.612093][    C1]  ? qlist_free_all+0x99/0x100
[ 1326.616874][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1326.623045][    C1]  arch_stack_walk+0x11b/0x150
[ 1326.627825][    C1]  ? kasan_quarantine_reduce+0x148/0x160
[ 1326.633475][    C1]  stack_trace_save+0xa9/0x100
[ 1326.638250][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[ 1326.643645][    C1]  save_stack+0x122/0x230
[ 1326.647988][    C1]  ? __pfx_save_stack+0x10/0x10
[ 1326.652846][    C1]  ? __free_frozen_pages+0xbc7/0xd30
[ 1326.658142][    C1]  ? __slab_free+0x274/0x2c0
[ 1326.662750][    C1]  ? qlist_free_all+0x99/0x100
[ 1326.667549][    C1]  __reset_page_owner+0x71/0x1f0
[ 1326.672504][    C1]  __free_frozen_pages+0xbc7/0xd30
[ 1326.677642][    C1]  __slab_free+0x274/0x2c0
[ 1326.682084][    C1]  qlist_free_all+0x99/0x100
[ 1326.686690][    C1]  kasan_quarantine_reduce+0x148/0x160
[ 1326.692165][    C1]  __kasan_slab_alloc+0x22/0x80
[ 1326.697033][    C1]  __kmalloc_node_noprof+0x498/0x7c0
[ 1326.702338][    C1]  ? qdisc_alloc+0x92/0x9e0
[ 1326.706856][    C1]  ? __kmalloc_node_noprof+0x34f/0x7c0
[ 1326.712332][    C1]  qdisc_alloc+0x92/0x9e0
[ 1326.716688][    C1]  qdisc_create_dflt+0x8e/0x4e0
[ 1326.721554][    C1]  ? dev_activate+0x35a/0x1150
[ 1326.726333][    C1]  dev_activate+0x378/0x1150
[ 1326.730954][    C1]  __dev_open+0x67a/0x830
[ 1326.735300][    C1]  ? __pfx___dev_open+0x10/0x10
[ 1326.740157][    C1]  ? __dev_change_flags+0x2b0/0x7e0
[ 1326.745370][    C1]  ? __local_bh_enable_ip+0xd0/0x130
[ 1326.750676][    C1]  __dev_change_flags+0x2fa/0x7e0
[ 1326.755721][    C1]  ? __pfx___dev_change_flags+0x10/0x10
[ 1326.761282][    C1]  ? do_setlink+0xa22/0x45a0
[ 1326.765892][    C1]  netif_change_flags+0x88/0x1a0
[ 1326.770849][    C1]  do_setlink+0xfa5/0x45a0
[ 1326.775293][    C1]  ? __pfx_do_setlink+0x10/0x10
[ 1326.780159][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[ 1326.785557][    C1]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1326.790614][    C1]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1326.796427][    C1]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1326.801642][    C1]  ? __mutex_lock+0xef8/0x1550
[ 1326.806416][    C1]  ? __pfx___nla_validate_parse+0x10/0x10
[ 1326.812157][    C1]  ? __mutex_lock+0x608/0x1550
[ 1326.816937][    C1]  ? rtnl_newlink+0x883/0x1bb0
[ 1326.821719][    C1]  ? __pfx___mutex_lock+0x10/0x10
[ 1326.826769][    C1]  ? ns_capable+0x89/0xe0
[ 1326.831111][    C1]  rtnl_newlink+0x15ad/0x1bb0
[ 1326.835812][    C1]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1326.840850][    C1]  ? __lock_acquire+0x6b5/0x2cf0
[ 1326.845808][    C1]  ? __lock_acquire+0x6b5/0x2cf0
[ 1326.850760][    C1]  ? __lock_acquire+0x6b5/0x2cf0
[ 1326.855711][    C1]  ? unwind_next_frame+0xa6/0x2550
[ 1326.860838][    C1]  ? unwind_next_frame+0xa6/0x2550
[ 1326.865965][    C1]  ? is_bpf_text_address+0x26/0x2b0
[ 1326.871183][    C1]  ? is_bpf_text_address+0x26/0x2b0
[ 1326.876397][    C1]  ? __lock_acquire+0x6b5/0x2cf0
[ 1326.881346][    C1]  ? kernel_text_address+0xa5/0xe0
[ 1326.886481][    C1]  ? __kernel_text_address+0xd/0x30
[ 1326.891693][    C1]  ? unwind_get_return_address+0x4d/0x90
[ 1326.897341][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1326.903522][    C1]  ? arch_stack_walk+0xfb/0x150
[ 1326.908399][    C1]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[ 1326.913542][    C1]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1326.918581][    C1]  rtnetlink_rcv_msg+0x7d5/0xbe0
[ 1326.923528][    C1]  ? kmem_cache_alloc_node_noprof+0x384/0x690
[ 1326.929608][    C1]  ? netlink_sendmsg+0x5d4/0xb40
[ 1326.934558][    C1]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[ 1326.939678][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1326.945149][    C1]  ? __lock_acquire+0x6b5/0x2cf0
[ 1326.950106][    C1]  netlink_rcv_skb+0x232/0x4b0
[ 1326.954883][    C1]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1326.960362][    C1]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1326.965676][    C1]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1326.970894][    C1]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1326.976117][    C1]  netlink_unicast+0x75c/0x8e0
[ 1326.980901][    C1]  netlink_sendmsg+0x813/0xb40
[ 1326.985687][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1326.990987][    C1]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 1326.995941][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1327.001243][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1327.006542][    C1]  __sys_sendto+0x672/0x710
[ 1327.011060][    C1]  ? __pfx___sys_sendto+0x10/0x10
[ 1327.016124][    C1]  ? rcu_is_watching+0x15/0xb0
[ 1327.020903][    C1]  __x64_sys_sendto+0xde/0x100
[ 1327.025680][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1327.031759][    C1]  do_syscall_64+0x15f/0xf80
[ 1327.036369][    C1]  ? clear_bhb_loop+0x40/0x90
[ 1327.041061][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1327.046961][    C1] RIP: 0033:0x7f12d535d60e
[ 1327.051384][    C1] RSP: 002b:00007ffe2e638028 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 1327.059807][    C1] RAX: ffffffffffffffda RBX: 0000555564110500 RCX: 00007f12d535d60e
[ 1327.067788][    C1] RDX: 000000000000002c RSI: 00007f12d6144670 RDI: 0000000000000003
[ 1327.075765][    C1] RBP: 0000000000000001 R08: 00007ffe2e6380a4 R09: 000000000000000c
[ 1327.083741][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
[ 1327.091714][    C1] R13: 0000000000000000 R14: 00007f12d6144670 R15: 0000000000000000
[ 1327.099710][    C1]  </TASK>
[ 1327.102735][    C1] task:syz-executor    state:R  running task     stack:21056 pid:5612  tgid:5612  ppid:5611   task_flags:0x400100 flags:0x00080800
[ 1327.116232][    C1] Call Trace:
[ 1327.119519][    C1]  <TASK>
[ 1327.122456][    C1]  __schedule+0x17b4/0x5680
[ 1327.126978][    C1]  ? __lock_acquire+0x6b5/0x2cf0
[ 1327.131931][    C1]  ? __lock_acquire+0x6b5/0x2cf0
[ 1327.136892][    C1]  ? __pfx___schedule+0x10/0x10
[ 1327.141771][    C1]  preempt_schedule_irq+0x4d/0xa0
[ 1327.146806][    C1]  irqentry_exit+0x14f/0x730
[ 1327.151406][    C1]  ? trace_irq_disable+0x3b/0x140
[ 1327.156449][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1327.162441][    C1] RIP: 0010:unwind_next_frame+0x128/0x2550
[ 1327.168263][    C1] Code: 48 c7 c2 80 a3 c9 8b e8 d6 05 2b 00 4c 89 64 24 78 48 89 5c 24 70 49 8d 5e 50 48 89 d8 48 c1 e8 03 48 89 44 24 40 80 3c 28 00 <74> 08 48 89 df e8 4e 04 ba 00 48 89 5c 24 28 48 8b 1b 48 85 db 74
[ 1327.187882][    C1] RSP: 0018:ffffc90003a27778 EFLAGS: 00000246
[ 1327.193964][    C1] RAX: 1ffff92000744f13 RBX: ffffc90003a27898 RCX: 0000000080000001
[ 1327.201943][    C1] RDX: 00000000cdf111e1 RSI: ffffffff8c28abc0 RDI: ffffffff8c28ab80
[ 1327.209917][    C1] RBP: dffffc0000000000 R08: ffffffff8176e256 R09: ffffffff8e95cd60
[ 1327.217897][    C1] R10: ffffc90003a27898 R11: ffffffff81b0d880 R12: ffffc90003a27880
[ 1327.225881][    C1] R13: 1ffff92000744f09 R14: ffffc90003a27848 R15: ffffffff8176e256
[ 1327.233859][    C1]  ? unwind_next_frame+0xa6/0x2550
[ 1327.238989][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1327.245166][    C1]  ? unwind_next_frame+0xa6/0x2550
[ 1327.250298][    C1]  ? unwind_next_frame+0xd5/0x2550
[ 1327.255437][    C1]  ? unwind_next_frame+0xa6/0x2550
[ 1327.260566][    C1]  ? kmem_cache_alloc_noprof+0x2bc/0x650
[ 1327.266213][    C1]  ? kmem_cache_alloc_noprof+0x2bc/0x650
[ 1327.271862][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1327.278033][    C1]  arch_stack_walk+0x11b/0x150
[ 1327.282814][    C1]  ? kmem_cache_alloc_noprof+0x2bc/0x650
[ 1327.288466][    C1]  stack_trace_save+0xa9/0x100
[ 1327.293245][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[ 1327.298644][    C1]  save_stack+0x122/0x230
[ 1327.302991][    C1]  ? __pfx_save_stack+0x10/0x10
[ 1327.307851][    C1]  ? __free_frozen_pages+0xbc7/0xd30
[ 1327.313146][    C1]  ? __slab_free+0x274/0x2c0
[ 1327.317750][    C1]  ? qlist_free_all+0x99/0x100
[ 1327.322533][    C1]  ? kasan_quarantine_reduce+0x148/0x160
[ 1327.328192][    C1]  ? __kasan_slab_alloc+0x22/0x80
[ 1327.333237][    C1]  ? kmem_cache_alloc_noprof+0x2bc/0x650
[ 1327.338904][    C1]  __reset_page_owner+0x71/0x1f0
[ 1327.343864][    C1]  __free_frozen_pages+0xbc7/0xd30
[ 1327.349002][    C1]  __slab_free+0x274/0x2c0
[ 1327.353447][    C1]  qlist_free_all+0x99/0x100
[ 1327.358064][    C1]  ? alloc_empty_file+0x5b/0x1d0
[ 1327.363017][    C1]  kasan_quarantine_reduce+0x148/0x160
[ 1327.368490][    C1]  __kasan_slab_alloc+0x22/0x80
[ 1327.373357][    C1]  kmem_cache_alloc_noprof+0x2bc/0x650
[ 1327.378828][    C1]  ? alloc_empty_file+0x5b/0x1d0
[ 1327.383774][    C1]  ? __pfx_alloc_file_pseudo+0x10/0x10
[ 1327.389247][    C1]  ? kmem_cache_alloc_noprof+0x15a/0x650
[ 1327.394897][    C1]  alloc_empty_file+0x5b/0x1d0
[ 1327.399680][    C1]  alloc_file_clone+0x57/0xe0
[ 1327.404372][    C1]  create_pipe_files+0x3c2/0x7e0
[ 1327.409335][    C1]  __do_pipe_flags+0x46/0x1f0
[ 1327.414035][    C1]  do_pipe2+0xaa/0x190
[ 1327.418116][    C1]  ? __pfx_do_pipe2+0x10/0x10
[ 1327.422814][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1327.428894][    C1]  __x64_sys_pipe2+0x5a/0x70
[ 1327.433508][    C1]  do_syscall_64+0x15f/0xf80
[ 1327.438115][    C1]  ? trace_irq_disable+0x3b/0x140
[ 1327.443158][    C1]  ? clear_bhb_loop+0x40/0x90
[ 1327.447855][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1327.453760][    C1] RIP: 0033:0x7f031d79be09
[ 1327.458184][    C1] RSP: 002b:00007ffdb6478448 EFLAGS: 00000246 ORIG_RAX: 0000000000000125
[ 1327.466609][    C1] RAX: ffffffffffffffda RBX: 0000555564bde750 RCX: 00007f031d79be09
[ 1327.474587][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007ffdb6478458
[ 1327.482566][    C1] RBP: 00007ffdb6478a20 R08: 0000000000000000 R09: 0000000000000000
[ 1327.490543][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdb6478580
[ 1327.498528][    C1] R13: 0000555564bdbaf0 R14: 0000555564bdea38 R15: 00007ffdb64785a0
[ 1327.506537][    C1]  </TASK>
[ 1327.509580][    C1] task:modprobe        state:R  running task     stack:23416 pid:3161  tgid:3161  ppid:25596  task_flags:0x400000 flags:0x00080000
[ 1327.523079][    C1] Call Trace:
[ 1327.526367][    C1]  <TASK>
[ 1327.529308][    C1]  __schedule+0x17b4/0x5680
[ 1327.533833][    C1]  ? finish_task_switch+0x4da/0xbe0
[ 1327.539047][    C1]  ? __lock_acquire+0x6b5/0x2cf0
[ 1327.544006][    C1]  ? __pfx___schedule+0x10/0x10
[ 1327.548882][    C1]  preempt_schedule_irq+0x4d/0xa0
[ 1327.553923][    C1]  irqentry_exit+0x14f/0x730
[ 1327.558530][    C1]  ? trace_irq_disable+0x3b/0x140
[ 1327.563586][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1327.569588][    C1] RIP: 0010:lock_acquire+0x221/0x350
[ 1327.574892][    C1] Code: ff ff ff e8 e1 74 06 0a f7 44 24 08 00 02 00 00 0f 84 3a ff ff ff 65 48 8b 05 cb 5f 97 11 48 3b 44 24 58 75 33 fb 48 83 c4 60 <5b> 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc 48 8d 3d d8 59 92
[ 1327.594504][    C1] RSP: 0018:ffffc90003bfef78 EFLAGS: 00000286
[ 1327.600594][    C1] RAX: 5ec2f9e3727cb900 RBX: 0000000000000000 RCX: 0000000000000046
[ 1327.608570][    C1] RDX: 00000000754f167e RSI: ffffffff8e218578 RDI: ffffffff8c28abe0
[ 1327.616553][    C1] RBP: ffffffff8176e256 R08: ffffffff8176e256 R09: ffffffff8e95cd60
[ 1327.624539][    C1] R10: ffffc90003bff0d8 R11: ffffffff81b0d880 R12: 0000000000000002
[ 1327.632519][    C1] R13: ffffffff8e95cd60 R14: 0000000000000000 R15: 0000000000000246
[ 1327.640505][    C1]  ? unwind_next_frame+0xa6/0x2550
[ 1327.645641][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1327.651812][    C1]  ? unwind_next_frame+0xa6/0x2550
[ 1327.656944][    C1]  ? do_dentry_open+0x384/0x14e0
[ 1327.661891][    C1]  ? unwind_next_frame+0xa6/0x2550
[ 1327.667017][    C1]  unwind_next_frame+0xc3/0x2550
[ 1327.671967][    C1]  ? unwind_next_frame+0xa6/0x2550
[ 1327.677095][    C1]  ? unwind_next_frame+0xa6/0x2550
[ 1327.682225][    C1]  ? security_file_open+0xa9/0x240
[ 1327.687346][    C1]  ? do_dentry_open+0x384/0x14e0
[ 1327.692303][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1327.698477][    C1]  arch_stack_walk+0x11b/0x150
[ 1327.703265][    C1]  ? do_dentry_open+0x384/0x14e0
[ 1327.708213][    C1]  stack_trace_save+0xa9/0x100
[ 1327.712990][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[ 1327.718387][    C1]  save_stack+0x122/0x230
[ 1327.722737][    C1]  ? __pfx_save_stack+0x10/0x10
[ 1327.727618][    C1]  ? __free_frozen_pages+0xbc7/0xd30
[ 1327.732919][    C1]  ? __slab_free+0x274/0x2c0
[ 1327.737522][    C1]  ? qlist_free_all+0x99/0x100
[ 1327.742297][    C1]  ? kasan_quarantine_reduce+0x148/0x160
[ 1327.747943][    C1]  ? __kasan_kmalloc+0x22/0xb0
[ 1327.752718][    C1]  ? __kmalloc_noprof+0x35c/0x760
[ 1327.757753][    C1]  ? tomoyo_encode+0x28b/0x550
[ 1327.762527][    C1]  ? tomoyo_realpath_from_path+0x58d/0x5d0
[ 1327.768346][    C1]  ? tomoyo_check_open_permission+0x229/0x470
[ 1327.774422][    C1]  ? security_file_open+0xa9/0x240
[ 1327.779543][    C1]  ? do_dentry_open+0x384/0x14e0
[ 1327.784499][    C1]  ? page_ext_put+0x97/0xc0
[ 1327.789023][    C1]  __reset_page_owner+0x71/0x1f0
[ 1327.793980][    C1]  __free_frozen_pages+0xbc7/0xd30
[ 1327.799113][    C1]  __slab_free+0x274/0x2c0
[ 1327.803558][    C1]  qlist_free_all+0x99/0x100
[ 1327.808163][    C1]  kasan_quarantine_reduce+0x148/0x160
[ 1327.813637][    C1]  __kasan_kmalloc+0x22/0xb0
[ 1327.818248][    C1]  __kmalloc_noprof+0x35c/0x760
[ 1327.823125][    C1]  ? tomoyo_encode+0x28b/0x550
[ 1327.827904][    C1]  ? __kmalloc_noprof+0x1b8/0x760
[ 1327.832946][    C1]  tomoyo_encode+0x28b/0x550
[ 1327.837558][    C1]  tomoyo_realpath_from_path+0x58d/0x5d0
[ 1327.843221][    C1]  tomoyo_check_open_permission+0x229/0x470
[ 1327.849129][    C1]  ? tomoyo_check_open_permission+0x1d3/0x470
[ 1327.855205][    C1]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[ 1327.861634][    C1]  ? __asan_memset+0x22/0x50
[ 1327.866285][    C1]  security_file_open+0xa9/0x240
[ 1327.871236][    C1]  do_dentry_open+0x384/0x14e0
[ 1327.876032][    C1]  ? vfs_open+0x31/0x340
[ 1327.880293][    C1]  vfs_open+0x3b/0x340
[ 1327.884373][    C1]  ? path_openat+0x2df0/0x3860
[ 1327.889152][    C1]  path_openat+0x2e08/0x3860
[ 1327.893769][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[ 1327.899164][    C1]  ? stack_depot_save_flags+0x33/0x810
[ 1327.904646][    C1]  ? __pfx_path_openat+0x10/0x10
[ 1327.909594][    C1]  ? __x64_sys_openat+0x138/0x170
[ 1327.914637][    C1]  ? __lock_acquire+0x6b5/0x2cf0
[ 1327.919595][    C1]  do_file_open+0x23e/0x4a0
[ 1327.924121][    C1]  ? __pfx_do_file_open+0x10/0x10
[ 1327.929187][    C1]  ? _raw_spin_unlock+0x28/0x50
[ 1327.934043][    C1]  ? alloc_fd+0x64b/0x6c0
[ 1327.938398][    C1]  do_sys_openat2+0x113/0x200
[ 1327.943088][    C1]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1327.948302][    C1]  ? rcu_is_watching+0x15/0xb0
[ 1327.953091][    C1]  __x64_sys_openat+0x138/0x170
[ 1327.957959][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1327.964037][    C1]  do_syscall_64+0x15f/0xf80
[ 1327.968640][    C1]  ? trace_irq_disable+0x3b/0x140
[ 1327.973680][    C1]  ? clear_bhb_loop+0x40/0x90
[ 1327.978385][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1327.984284][    C1] RIP: 0033:0x7fa5dcd310ba
[ 1327.988706][    C1] RSP: 002b:00007ffd51202cd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000101
[ 1327.997141][    C1] RAX: ffffffffffffffda RBX: 00007ffd51202d50 RCX: 00007fa5dcd310ba
[ 1328.005117][    C1] RDX: 0000000000080000 RSI: 00007ffd51202d50 RDI: 00000000ffffff9c
[ 1328.013096][    C1] RBP: 00007ffd51202d40 R08: 00007ffd51202f47 R09: 0000000000000000
[ 1328.021073][    C1] R10: 0000000000000000 R11: 0000000000000206 R12: 000000000000001b
[ 1328.029048][    C1] R13: 00007fa5dcd05050 R14: 00007ffd51202f60 R15: 0000000000000000
[ 1328.037046][    C1]  </TASK>
[ 1328.040070][    C1] task:modprobe        state:R  running task     stack:24984 pid:3164  tgid:3164  ppid:1107   task_flags:0x400000 flags:0x00080000
[ 1328.053569][    C1] Call Trace:
[ 1328.056858][    C1]  <TASK>
[ 1328.059798][    C1]  __schedule+0x17b4/0x5680
[ 1328.064315][    C1]  ? kernel_text_address+0xa5/0xe0
[ 1328.069445][    C1]  ? __kernel_text_address+0xd/0x30
[ 1328.074665][    C1]  ? __lock_acquire+0x6b5/0x2cf0
[ 1328.079628][    C1]  ? __lock_acquire+0x6b5/0x2cf0
[ 1328.084589][    C1]  ? __pfx___schedule+0x10/0x10
[ 1328.089467][    C1]  preempt_schedule_irq+0x4d/0xa0
[ 1328.094498][    C1]  irqentry_exit+0x14f/0x730
[ 1328.099099][    C1]  ? trace_irq_disable+0x3b/0x140
[ 1328.104145][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1328.110131][    C1] RIP: 0010:lock_acquire+0x221/0x350
[ 1328.115422][    C1] Code: ff ff ff e8 e1 74 06 0a f7 44 24 08 00 02 00 00 0f 84 3a ff ff ff 65 48 8b 05 cb 5f 97 11 48 3b 44 24 58 75 33 fb 48 83 c4 60 <5b> 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc 48 8d 3d d8 59 92
[ 1328.135037][    C1] RSP: 0018:ffffc90004277378 EFLAGS: 00000286
[ 1328.141109][    C1] RAX: bef586153df0fb00 RBX: 0000000000000000 RCX: 0000000000000046
[ 1328.149084][    C1] RDX: 00000000cdf111e1 RSI: ffffffff8e218578 RDI: ffffffff8c28abe0
[ 1328.157059][    C1] RBP: ffffffff8176e256 R08: ffffffff8176e256 R09: ffffffff8e95cd60
[ 1328.165043][    C1] R10: ffffc900042774d8 R11: ffffffff81b0d880 R12: 0000000000000002
[ 1328.173020][    C1] R13: ffffffff8e95cd60 R14: 0000000000000000 R15: 0000000000000246
[ 1328.180998][    C1]  ? unwind_next_frame+0xa6/0x2550
[ 1328.186125][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1328.192296][    C1]  ? unwind_next_frame+0xa6/0x2550
[ 1328.197435][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1328.203511][    C1]  ? unwind_next_frame+0xa6/0x2550
[ 1328.208632][    C1]  unwind_next_frame+0xc3/0x2550
[ 1328.213581][    C1]  ? unwind_next_frame+0xa6/0x2550
[ 1328.218705][    C1]  ? unwind_next_frame+0xa6/0x2550
[ 1328.223826][    C1]  ? do_syscall_64+0x15f/0xf80
[ 1328.228597][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1328.234674][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1328.240839][    C1]  arch_stack_walk+0x11b/0x150
[ 1328.245648][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1328.251726][    C1]  stack_trace_save+0xa9/0x100
[ 1328.256503][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[ 1328.261901][    C1]  save_stack+0x122/0x230
[ 1328.266253][    C1]  ? __pfx_save_stack+0x10/0x10
[ 1328.271119][    C1]  ? __free_frozen_pages+0xbc7/0xd30
[ 1328.276415][    C1]  ? __slab_free+0x274/0x2c0
[ 1328.281017][    C1]  ? qlist_free_all+0x99/0x100
[ 1328.285794][    C1]  ? kasan_quarantine_reduce+0x148/0x160
[ 1328.291435][    C1]  ? __kasan_slab_alloc+0x22/0x80
[ 1328.296468][    C1]  ? kmem_cache_alloc_noprof+0x2bc/0x650
[ 1328.302112][    C1]  ? alloc_empty_file+0x5b/0x1d0
[ 1328.307058][    C1]  ? path_openat+0x10f/0x3860
[ 1328.311743][    C1]  ? do_file_open+0x23e/0x4a0
[ 1328.316432][    C1]  ? do_sys_openat2+0x113/0x200
[ 1328.321299][    C1]  ? __x64_sys_openat+0x138/0x170
[ 1328.326339][    C1]  ? do_syscall_64+0x15f/0xf80
[ 1328.331117][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1328.337205][    C1]  __reset_page_owner+0x71/0x1f0
[ 1328.342167][    C1]  __free_frozen_pages+0xbc7/0xd30
[ 1328.347309][    C1]  __slab_free+0x274/0x2c0
[ 1328.351750][    C1]  qlist_free_all+0x99/0x100
[ 1328.356352][    C1]  ? alloc_empty_file+0x5b/0x1d0
[ 1328.361304][    C1]  kasan_quarantine_reduce+0x148/0x160
[ 1328.366779][    C1]  __kasan_slab_alloc+0x22/0x80
[ 1328.371647][    C1]  kmem_cache_alloc_noprof+0x2bc/0x650
[ 1328.377120][    C1]  ? alloc_empty_file+0x5b/0x1d0
[ 1328.382071][    C1]  ? kmem_cache_alloc_noprof+0x15a/0x650
[ 1328.387722][    C1]  alloc_empty_file+0x5b/0x1d0
[ 1328.392501][    C1]  path_openat+0x10f/0x3860
[ 1328.397027][    C1]  ? arch_stack_walk+0xfb/0x150
[ 1328.401918][    C1]  ? do_getname+0x2e/0x250
[ 1328.406343][    C1]  ? stack_trace_save+0xa9/0x100
[ 1328.411292][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[ 1328.416683][    C1]  ? do_getname+0x2e/0x250
[ 1328.421111][    C1]  ? stack_depot_save_flags+0x33/0x810
[ 1328.426585][    C1]  ? do_getname+0x2e/0x250
[ 1328.431012][    C1]  ? kasan_save_track+0x4f/0x80
[ 1328.435875][    C1]  ? kasan_save_track+0x3e/0x80
[ 1328.440740][    C1]  ? __kasan_slab_alloc+0x6c/0x80
[ 1328.445780][    C1]  ? __pfx_path_openat+0x10/0x10
[ 1328.450726][    C1]  ? __x64_sys_openat+0x138/0x170
[ 1328.455766][    C1]  ? __lock_acquire+0x6b5/0x2cf0
[ 1328.460726][    C1]  do_file_open+0x23e/0x4a0
[ 1328.465251][    C1]  ? __pfx_do_file_open+0x10/0x10
[ 1328.470312][    C1]  ? _raw_spin_unlock+0x28/0x50
[ 1328.475170][    C1]  ? alloc_fd+0x64b/0x6c0
[ 1328.479525][    C1]  do_sys_openat2+0x113/0x200
[ 1328.484224][    C1]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1328.489437][    C1]  ? __pfx_do_faccessat+0x10/0x10
[ 1328.494481][    C1]  __x64_sys_openat+0x138/0x170
[ 1328.499446][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1328.505534][    C1]  do_syscall_64+0x15f/0xf80
[ 1328.510142][    C1]  ? trace_irq_disable+0x3b/0x140
[ 1328.515190][    C1]  ? clear_bhb_loop+0x40/0x90
[ 1328.519886][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1328.525787][    C1] RIP: 0033:0x7f8b1ace70ba
[ 1328.530210][    C1] RSP: 002b:00007fff48757298 EFLAGS: 00000206 ORIG_RAX: 0000000000000101
[ 1328.538634][    C1] RAX: ffffffffffffffda RBX: 000055a51d224539 RCX: 00007f8b1ace70ba
[ 1328.546613][    C1] RDX: 0000000000080000 RSI: 00007f8b1acef134 RDI: 00000000ffffff9c
[ 1328.554591][    C1] RBP: 00007f8b1acfabf8 R08: 0000000000000000 R09: 000055a51d224539
[ 1328.562570][    C1] R10: 0000000000000000 R11: 0000000000000206 R12: ffffffffffffffff
[ 1328.570549][    C1] R13: 0000000000000001 R14: 00007f8b1acfa000 R15: 00007f8b1acfb700
[ 1328.578561][    C1]  </TASK>
[ 1328.581584][    C1] rcu: rcu_preempt kthread starved for 10664 jiffies! g219241 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[ 1328.592862][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 1328.602834][    C1] rcu: RCU grace-period kthread stack dump:
[ 1328.608726][    C1] task:rcu_preempt     state:R  running task     stack:27536 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00080000
[ 1328.622233][    C1] Call Trace:
[ 1328.625521][    C1]  <TASK>
[ 1328.628465][    C1]  __schedule+0x17b4/0x5680
[ 1328.632976][    C1]  ? __lock_acquire+0x6b5/0x2cf0
[ 1328.637946][    C1]  ? __pfx___schedule+0x10/0x10
[ 1328.642819][    C1]  ? schedule+0x90/0x360
[ 1328.647077][    C1]  schedule+0x164/0x360
[ 1328.651245][    C1]  schedule_timeout+0x158/0x2c0
[ 1328.656115][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[ 1328.661503][    C1]  ? __pfx_process_timeout+0x10/0x10
[ 1328.666806][    C1]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1328.672618][    C1]  ? prepare_to_swait_event+0x340/0x370
[ 1328.678185][    C1]  rcu_gp_fqs_loop+0x312/0x11d0
[ 1328.683058][    C1]  ? __pfx_rcu_watching_snap_recheck+0x10/0x10
[ 1328.689223][    C1]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[ 1328.694519][    C1]  ? _raw_spin_unlock_irq+0x2e/0x50
[ 1328.699737][    C1]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1328.705559][    C1]  rcu_gp_kthread+0x9e/0x2b0
[ 1328.710158][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1328.715362][    C1]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1328.721180][    C1]  ? __kthread_parkme+0x7a/0x1f0
[ 1328.726131][    C1]  ? __kthread_parkme+0x19c/0x1f0
[ 1328.731173][    C1]  kthread+0x388/0x470
[ 1328.735252][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1328.740454][    C1]  ? __pfx_kthread+0x10/0x10
[ 1328.745059][    C1]  ret_from_fork+0x514/0xb70
[ 1328.749659][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[ 1328.754779][    C1]  ? __switch_to+0xc79/0x1410
[ 1328.759476][    C1]  ? __pfx_kthread+0x10/0x10
[ 1328.764075][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1328.768862][    C1]  </TASK>
[ 1328.771882][    C1] rcu: Stack dump where RCU GP kthread last ran:
[ 1328.778213][    C1] Sending NMI from CPU 1 to CPUs 0:
[ 1328.783420][    C0] NMI backtrace for cpu 0
[ 1328.783437][    C0] CPU: 0 UID: 0 PID: 3231 Comm: kworker/R-bat_e Not tainted syzkaller #0 PREEMPT(full) 
[ 1328.783466][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1328.783476][    C0] Workqueue: bat_events batadv_tt_purge
[ 1328.783502][    C0] RIP: 0010:lock_release+0x7f/0x3c0
[ 1328.783520][    C0] Code: 46 07 8f 0e 00 0f 84 1c 02 00 00 65 8b 05 29 76 97 11 85 c0 0f 85 0d 02 00 00 65 4c 8b 3d 71 30 97 11 41 83 bf 8c 0b 00 00 00 <0f> 85 f7 01 00 00 49 81 3e 80 d3 fc 93 0f 84 ea 01 00 00 9c 5b fa
[ 1328.783534][    C0] RSP: 0018:ffffc90000007650 EFLAGS: 00000246
[ 1328.783546][    C0] RAX: 0000000000000000 RBX: ffffffff90d1f901 RCX: 0000000080000102
[ 1328.783557][    C0] RDX: ffffc90000007701 RSI: ffffffff8c28abc0 RDI: ffffffff8c28ab80
[ 1328.783568][    C0] RBP: dffffc0000000000 R08: ffffc90000007b90 R09: 0000000000000000
[ 1328.783579][    C0] R10: ffffc900000077d8 R11: fffff52000000efd R12: ffffc90000007ba0
[ 1328.783590][    C0] R13: ffffffff8176e256 R14: ffffffff8e95cd60 R15: ffff888032c01ec0
[ 1328.783601][    C0] FS:  0000000000000000(0000) GS:ffff888125290000(0000) knlGS:0000000000000000
[ 1328.783614][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1328.783624][    C0] CR2: 00007f8b1acbb008 CR3: 000000004f87e000 CR4: 00000000003526f0
[ 1328.783638][    C0] Call Trace:
[ 1328.783644][    C0]  <IRQ>
[ 1328.783651][    C0]  ? deref_stack_reg+0x19f/0x230
[ 1328.783672][    C0]  ? unwind_next_frame+0xa6/0x2550
[ 1328.783695][    C0]  unwind_next_frame+0x1bba/0x2550
[ 1328.783716][    C0]  ? unwind_next_frame+0xa6/0x2550
[ 1328.783733][    C0]  ? kmem_cache_alloc_noprof+0x2bc/0x650
[ 1328.783755][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1328.783777][    C0]  arch_stack_walk+0x11b/0x150
[ 1328.783798][    C0]  ? skb_ext_add+0x148/0x8f0
[ 1328.783816][    C0]  ? skb_ext_add+0x148/0x8f0
[ 1328.783833][    C0]  stack_trace_save+0xa9/0x100
[ 1328.783855][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[ 1328.783874][    C0]  ? stack_trace_save+0xa9/0x100
[ 1328.783897][    C0]  ? stack_depot_save_flags+0x33/0x810
[ 1328.783918][    C0]  kasan_save_track+0x3e/0x80
[ 1328.783937][    C0]  ? kasan_save_track+0x3e/0x80
[ 1328.783954][    C0]  ? __kasan_slab_alloc+0x6c/0x80
[ 1328.783973][    C0]  ? kmem_cache_alloc_noprof+0x2bc/0x650
[ 1328.784017][    C0]  __kasan_slab_alloc+0x6c/0x80
[ 1328.784037][    C0]  kmem_cache_alloc_noprof+0x2bc/0x650
[ 1328.784055][    C0]  ? skb_ext_add+0x148/0x8f0
[ 1328.784072][    C0]  ? kmem_cache_alloc_noprof+0x15a/0x650
[ 1328.784093][    C0]  skb_ext_add+0x148/0x8f0
[ 1328.784115][    C0]  bcm_can_tx+0x225/0x8e0
[ 1328.784138][    C0]  ? __pfx_bcm_can_tx+0x10/0x10
[ 1328.784161][    C0]  bcm_tx_timeout_handler+0x1c2/0x520
[ 1328.784185][    C0]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1328.784207][    C0]  ? __pfx_bcm_tx_timeout_handler+0x10/0x10
[ 1328.784232][    C0]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1328.784249][    C0]  ? __pfx_bcm_tx_timeout_handler+0x10/0x10
[ 1328.784268][    C0]  __hrtimer_run_queues+0x3c0/0xa20
[ 1328.784296][    C0]  hrtimer_run_softirq+0x17a/0x240
[ 1328.784318][    C0]  handle_softirqs+0x22a/0x840
[ 1328.784335][    C0]  ? do_softirq+0x76/0xd0
[ 1328.784352][    C0]  ? batadv_tt_local_purge+0x2a7/0x340
[ 1328.784373][    C0]  do_softirq+0x76/0xd0
[ 1328.784387][    C0]  </IRQ>
[ 1328.784392][    C0]  <TASK>
[ 1328.784398][    C0]  __local_bh_enable_ip+0xf8/0x130
[ 1328.784413][    C0]  batadv_tt_local_purge+0x2a7/0x340
[ 1328.784440][    C0]  batadv_tt_purge+0x35/0x9e0
[ 1328.784463][    C0]  ? process_scheduled_works+0xa70/0x1860
[ 1328.784479][    C0]  ? process_scheduled_works+0xa70/0x1860
[ 1328.784495][    C0]  process_scheduled_works+0xb5d/0x1860
[ 1328.784526][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1328.784540][    C0]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1328.784568][    C0]  rescuer_thread+0x827/0x1130
[ 1328.784591][    C0]  ? rescuer_thread+0xbb/0x1130
[ 1328.784617][    C0]  kthread+0x388/0x470
[ 1328.784635][    C0]  ? __pfx_rescuer_thread+0x10/0x10
[ 1328.784650][    C0]  ? __pfx_kthread+0x10/0x10
[ 1328.784669][    C0]  ret_from_fork+0x514/0xb70
[ 1328.784686][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[ 1328.784701][    C0]  ? __switch_to+0xc79/0x1410
[ 1328.784723][    C0]  ? __pfx_kthread+0x10/0x10
[ 1328.784742][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1328.784768][    C0]  </TASK>
[ 1332.956783][ T5626] Bluetooth: hci3: command tx timeout
[ 1334.518239][ T5626] Bluetooth: hci1: command tx timeout
[ 1334.994048][ T2826] Bluetooth: hci7: command 0x0406 tx timeout
[ 1335.000124][ T3167] Bluetooth: hci6: command tx timeout