last executing test programs:

3.927344372s ago: executing program 3 (id=3400):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xb, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r2, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001d00)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r3, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
write$cgroup_devices(r0, &(0x7f0000000500)=ANY=[@ANYBLOB="1e030800d3ff71ef288543"], 0xffdd)

1.784075473s ago: executing program 3 (id=3411):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$tipc(r1, &(0x7f0000004440)={&(0x7f0000000ec0)=@id={0x1e, 0x3, 0x0, {0x4e21}}, 0x10, 0x0}, 0x0)

1.687395414s ago: executing program 2 (id=3413):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x1}, [@printk={@llu}, @call={0x85, 0x0, 0x0, 0x5}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xbc)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r0}, 0x18)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='percpu_create_chunk\x00', r1}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0xfffffffd}, 0x50)

1.687133137s ago: executing program 3 (id=3414):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000060000000000000000000000850000009e"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x1d64, &(0x7f0000000340)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRESDEC=r0, @ANYRESDEC], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xfffffe07, 0x0, 0x0, 0xfd70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000280)={'wg2\x00'})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000000002013000000", @ANYRES32, @ANYBLOB="0200"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="04000000000000000200"/28], 0x50)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r4=>0xffffffffffffffff})
recvmsg$unix(r4, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r5=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000200)=ANY=[], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000840)={0x6, 0x1a, &(0x7f00000004c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0x8, 0x0, 0x0, 0x0, 0x3}, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0x6}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000200)='GPL\x00', 0x6, 0x98, &(0x7f0000000740)=""/152, 0x40f00, 0x10, '\x00', 0x0, 0x25, r5, 0x8, 0x0, 0x0, 0x10, &(0x7f00000002c0)={0x5, 0x1, 0x7ff, 0x7ffffffd}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000000340), &(0x7f0000000800)=[{0x0, 0x1, 0x5, 0xa}], 0x10, 0xa}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000040)={'wg2\x00', @multicast})

1.483597625s ago: executing program 1 (id=3417):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1900000004000000040000"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xe, 0x4, 0x4, 0x3}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$cgroup_devices(0xffffffffffffffff, 0x0, 0x9)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000080)=ANY=[@ANYBLOB="18020000000080000000000000000000850000000500000085000000a00000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x4, 0xc7, &(0x7f0000000140)=""/199}, 0x80)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r3, 0x0, 0xe, 0x0, &(0x7f00000008c0)="7a7fa22c2aff88df53ef2a2d280f", 0x0, 0xa00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.385318126s ago: executing program 1 (id=3419):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r1}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000080))

1.279747116s ago: executing program 2 (id=3421):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$unix(r0, &(0x7f0000001740)={0x0, 0x0, 0x0}, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x22, &(0x7f00000018c0), 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, 0x0, 0x0}, 0x94)
recvmsg(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000002d00)=""/78, 0x10}, 0x0)

1.157070594s ago: executing program 2 (id=3422):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0xfffffffd}, [@call={0x85, 0x0, 0x0, 0x75}]}, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r0}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

1.149217568s ago: executing program 1 (id=3423):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a500850000002d00000095"], 0x0, 0x2, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10)
socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$tipc(r2, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
close(r1)

1.011766817s ago: executing program 1 (id=3424):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0e000000040000000400000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000001000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b70300000000ffff850000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x8901, 0x0)
ioctl$TUNSETOFFLOAD(r2, 0xc004743e, 0x110c23003f)
write$cgroup_int(r2, &(0x7f00000002c0)=0x9, 0x12)

1.011507856s ago: executing program 2 (id=3425):
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1206"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000100)=@bpf_ext={0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x50, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x1313f, 0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000), 0x10, 0xf}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x110e22fff6)
ioctl$TUNGETVNETLE(r0, 0x4010744d, &(0x7f0000000180))

1.011329776s ago: executing program 0 (id=3426):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e00000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r1}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc"], 0x50)

990.662074ms ago: executing program 4 (id=3427):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000080)={0x2, &(0x7f0000000840)=[{0x20, 0x0, 0x0, 0xfffff038}, {0x6}]})

840.493787ms ago: executing program 1 (id=3428):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000c40)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000900)=ANY=[@ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="05"], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r3}, &(0x7f00000006c0), &(0x7f0000000700)=r2}, 0x20)
sendmsg$inet(r1, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x4040086)

719.745545ms ago: executing program 2 (id=3429):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x85)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000002540)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000070700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081383409ed2912c811ae63f03212a5331c2a4ead000000000000000000005574d074fa7e93447a88c0fbab48660aae7cdf367ef0e4538279b6113de5b94e1056f443305145c9"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb=0x1000000}, 0x48)

719.483223ms ago: executing program 4 (id=3430):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x16, 0x0, 0x4, 0xff}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0xff48, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})

719.22529ms ago: executing program 3 (id=3431):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0ffc40bffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400210000000404000001000000b7050000220000006a0a00fe00000000850000000b000000b7000000592000009500000000000000a3028cb5af6c8f5d76781dcb7729f0170720596bb3b4d821d976f5843061cc2e3afbae82d7932d192321fa3b3042f100"/172], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0xa002a0, 0x10, 0x18, &(0x7f0000000000)="5ae02efc441a80536af0d1d905c723fa", &(0x7f0000000040)=""/24, 0x6414}, 0x28)

719.0388ms ago: executing program 0 (id=3432):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x8, 0xc, 0x4, 0x1, 0xffffffffffffffff, 0xffffffff}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000980)='kfree_skb\x00', r1}, 0x18)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000580)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$tipc(r2, &(0x7f0000004440)={&(0x7f0000000ec0)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x2}}, 0x10, 0x0}, 0x0)

583.749246ms ago: executing program 1 (id=3433):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$tipc(r3, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
recvmsg(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/60, 0x3c}], 0x1}, 0x0)

506.563223ms ago: executing program 0 (id=3434):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000004000000000000000000008500000050000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='ext4_ext_remove_space_done\x00', r1}, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000002c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='ext4_ext_remove_space_done\x00', r3}, 0x10)
close(r2)

443.634752ms ago: executing program 4 (id=3435):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454da, &(0x7f00000001c0)={'bond_slave_0\x00'})
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'dvmrp1\x00', 0x1})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x1e1000, 0x0)
ioctl$TUNSETIFF(r1, 0x400454da, &(0x7f0000000140)={'bond0\x00'})
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000100)={'nicvf0\x00', 0x1432})

443.389535ms ago: executing program 3 (id=3436):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000818110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000cc0)='mmap_lock_acquire_returned\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000cc0)='mmap_lock_acquire_returned\x00', r1}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))

369.043257ms ago: executing program 0 (id=3437):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10002, 0x9, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000a00)='fib_table_lookup\x00', r1}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e01f3440cee51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cad32b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337602d3e5a815232f5e16c1b30c3a6abc85018e5ff2c91018afc9ffc2cc788bee1b47683db012469398685211dfbbae3e2ed0a50e7393bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d300006aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7af22e30d46a9d26d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977fb536a9caab37d9ac4cfc1c7b400000000000007ffc826b956ba859ac8e3c177b91bd7d5e41ff83ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d000069a16203a967c1bbe09315c29877a308bcc87dc3addb08142bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8240000e3428d2129369ee1b85af9ffffff0d0df414b315f651c8412392191fa83ee830548f11be359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92000000000f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb74d4ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905de328c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a978ee56c83a3466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342e0eaf6f330e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea95ec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf81700cd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be3827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f969369de47422604e2fc5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293b6c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b612272d40f522d8c98c879aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbe71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd46dbd61627a2e0a74b5e6aefb7eee403502734137ff47a57f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a125e3af1130d66a7b66837ae7e7123dde7404a067ad0a6a2d6bec9411b61cad4121be3c72ff3a04713042253d438e7becf8120de3895b8ce974958bde39cb8da3427a2e9e2de936431e67fed5ab5684db07de39083d8948cc4c8a2608100000000000000000000aecb8b0b7941088f971ce17427eec32a012295cc0cdd32955176b6ad5a4bb953e58ccfa9428f452cfb5a48a9fda26db3985c8be3c2f99827da074825b01c4a3a71fb59d5798100000000000000c76b05a45d2dd8c20d971e2f3e4369168f5cb83d6ff3a18733fec726034fbfa95624135bee374414b2c8c61f52357a520efd6a10aff244bc8a62ed367981fb4d5d77f7bc093958ff46527499957da4934cd4b370cf76f72dd05fa80cdfb68c836fd81be7a58532e041a87f9222f157610a4bcdc05b2a55308c8e7568b90f7a338557e816a16972aea79dff5becefa6f9c5ce6c58fb38da9e7532dc53cfdc2e789b76f7d32aca1bfea2aa62621b78dded30fc07171866bf3d552900000000a32dda61eeda1750e157c2d569b9d08f583c0ee28daec2e8bb85f3c8e91c4448096ee953def18dc73e55cb30f9cd069d8780b00eaba382f0c3ae391c30a5f1b0f36dd0c2193b791995d2890327a10d7abac76d1202f72e97f0105184d7aaaab8d3e29c9a8d263f076b55cf53c5bb9c0662a3d19a6722d7f83ae4331d3256f90af0857788b380ccc3b266c418e66d1d756d5df6423dd0cea67bc235d3776d22270fc19301ead09f156893e9"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r3}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff00124000632f77fbac14fe16e000030a07080403fe80000020006558845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x24, 0x60000000}, 0x2c)

329.780605ms ago: executing program 3 (id=3438):
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000200100000102000028"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000140)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$tipc(r3, 0x0, 0x0)
recvmsg(r2, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x0)
socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000180)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$tipc(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000040)="fb6bba8839", 0x5}], 0x1}, 0x0)
recvmsg(r4, &(0x7f0000000b00)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/60, 0x3c}], 0x1}, 0x40fd)

283.637737ms ago: executing program 4 (id=3439):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b0000000500000008040000cd00000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r2}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000680)=ANY=[@ANYBLOB="18000700000000000000000000000000611259f80fe0bd06958ee18a079cd369f2e1200000000000000000000000000027f068cebae487bc2a62c9d49d19d211b31b09e0b919acd1c398ae16b4d5eb40cd6efb1643f9c277678f1771748b141e5f97856c2e000000490b3a3b898abcd7d3d1c2414603e6fa40eaa63535de1f3a7e5c88d08f16b1e0a19aa47223c931e9795457a48bd8477140c6073c8523a7e982cd1df5e4b40ad33f6d85148fc8bd8fa9059f5569786eec27693a84227ee2ad4142e6a07ffd7dd977d9813ab6025b6bb340f35d9c22f00acb2d55ffec329d69271e31206a0800000073ac4b7feffc0795a828473a47b57573201ad1e6cc689aa952b3d949264d5ff7a9c9971ea922d956ffb3a24848a392aac35ee4a08fee8347eb23c2808a6b7a1cbab944458235f5066fff190b1098fdef249c73a3f490aeab559bd1ec5e087ea3d35e8b41ddb0334812fa2d1e5496e4b2e8289576a671749373545fd778d00cc4352aca042a64aa6b638ed63c4ce83aaf5df61fa188f144cf574508d0ff48e5c0e5276a3a86ccae1a241ab8889e3ff3ad422a3f6d28898854bc91b3b7f18b7fbdbc4d59376e03bc59464f799bf78e1d38614b5f5f0b399c145fe1e2a739f1d66095f0f43011225addfd26600da1d65a3d76b8881fc8c2aad7b94054c996d9de2debc38db516d5b4"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x80)

226.586224ms ago: executing program 4 (id=3440):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000300)='qdisc_dequeue\x00'}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000300)='qdisc_dequeue\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00"/2566], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff00fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x8, 0x60000000, 0x5f}, 0x1e)

168.16785ms ago: executing program 0 (id=3441):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x6, 0x7fe2, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r1}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})

35.554649ms ago: executing program 4 (id=3442):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x12, 0x6, 0x4, 0x2}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0xa4}, {0x6}]})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r1}, &(0x7f0000000580)=0x2, &(0x7f00000005c0)=r0}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={r1, &(0x7f0000000040)}, 0x20)

35.301372ms ago: executing program 0 (id=3443):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1}, 0xc)

0s ago: executing program 2 (id=3444):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000e00)={<r0=>0xffffffffffffffff})
sendmsg(r0, &(0x7f0000006680)={0x0, 0x0, 0x0, 0x0, &(0x7f0000004080)=[{0x1010, 0x111, 0x9, "719614c68f5e9a9c5bc2b3d5aad85bc12b0d35ab5c2a78740ee9e8717bea860b10c0f2457affa6902ae8a94c80ae1d54cef0d6747b457509944093474bd2ce261ebabe075fae4756a3f12120a3c1999ea3f86056ecc0cd523cf58628792c7f322930b88c1d4f33966d7ee17841bd6d9acde2903c59cba0fd1852d3d0fc82d50a79e32626ab411172acde45727d5abcced90ff5fb2d1c7d8ea3cbcc6a0531ab71c45fe1ed22343ca18c8578598d52aab555fbb65ea5e1edd6ec8772466c51a4f5e0bba678840c0afe7c85ee67757f2ba417c68cc1e64ff69f8c6ea3b0196d867e7871f2c74afac8a3d3d3aebbf851a24319ed147e6377244a9d2ff29eb085c4cd4c8a39c5783433dbe6d350a51c3d070e62f0be070119cc180cc8f2ee48088f4d2f85d65536eef097b12141157800d8ec781794e2de283d261a6a472c01e666a97e748911272745de55e118d878b4de184c8244348476aeffd3ae0379dbdcca477e9f0180f2d8e449dc0274ca3441b41149d7391161a9039a0e71d632847fd552d0ac1a264ea874f61b0b4c1675cb928f0b963841e10556d7e3067a720986229b7e882218af586325b6a457a3d665373b44c90cff905938222b27cae5fc7712758835ce9a557022a418bd0c5c96cdf845519903f00fd29f3da730b83597635adcbe8df22ef273996cee078c72431746f352f2bbe8508320d4cc6a2c47b1984d7a992e7a4d4b63bd5fe22c373b136814b0b1c98dad28a0a165c81a405ac66afa3fad6e55a4d641dbe991899a894744069f5b3778868ce2e2e02d881aebfc9142e449c8d2b8dd8a7ec002081de1a64b90c280ef49aad040864e07dc62773fe5d04faf6049d3921e1309c18684ae52379ef554b44a5eab6b4df233c573f0b5ba4cc5d23b1cb411083a2e82b8be56e0a2d3a342a720956bc4b10836af5397e843f1b149c99d98f0285bf9c905271e34a224c594dedf0ed87caba01a3cccd0cf5698606cfc562a4fc4efa6a10c9f0ca36a11df5719712866f56d3af6ec8e08df6bd7722877c0af3120444c1ceda33590533133ecb3891f4a70013d38ba7291a4ee890a5233e0dd1d8d24ac5944c3b99a5b4ea3754f8d1f2e3939aae65573a48db85df46c574111ba329f1deab782b5d9f20e12053a2f3cf4cde16758343ab4f7cdc27f104efec3815586b6b3db43123d9fd55bd15e46362f02d51beff4a7cd666a18dc4db9b5c2df041c6d2257827fb446f433406e674aed5e3720d1b375cdb7e184cd7b2b09814c9b02fe1374dbecf08da7c5dd661efadc4f2f5498cae4bf3c474c5217cbb848bcb1a207e94e87cc4bc75c3e348dfe210e9e272fa8cd7e02fafeeaa365955fd2e7bcc688a28f0701128468e138a60eb8d4525ffe17773f248b78bce28c713fc0d1daec8946420203d471fbe30861b9a1b487f82853965facbcb2efb0bc0ecc3878ad95b8e18f5d49f7dc29cdd45f32713656b04fd4242ac030acd0d6d844eae28f50dd5267f3b10a7185fdae8e6f4851e45a70474ea3ec1a1933cfcda0f86822af8d39cf6fe4a77dcc3dc11472cc364f46a1295220df23f5ab8b1a6e8a4bab9299ed61b8482630ba357a1bcaa6da67dd638069e48863b149eaaf85a2a196123e8cc848c8aa6c3dbd11be81df05f3b196642f7c2f872e60d77d3372f08db01ffb855b0f315db6ac8b0bcc0acc42617688894300aae34cc6c6b21c170b9e7d61904022a8e8b62d7bd03a99f43e57aff30a3d34affa4d1580bdbc5e4a3a1d555a1fc00f81e2b6d6cd1fc75e1bfe89ac07ab8482e3223999d9eb47c52345ada6f9a9c90f81c22d7ab5944fe178848f9c1da5b5244db0f5ae602da08f3d95ca2b8a813526fc515c7430cd2a428c28ef4a6c50d8fd8bd33ef6fb917649f726264e1e7a7229a68c34f2d97d6e4b67bc812918b292b1cb7289e1764c6c5648144852a953dd6a4e8397e399bd50f92e8fbe186bd9cbd397470dbccabd72936f8822e8ec2110029e539b0b198b3bf8c28bdcd0d2060b6d2fa0fde421348ad43d922e04b632ebeae5300bcb419d77538e434ed3e64efd5a77ff25048312f624a95786f824558ca5b1220265cc7a0da64f577905c84eef7742799c2cfa33b2be666f69613140a54033c36e2802704a642427a13b4f376ff0631aad9b960a6714b133ca42f5c45d278acc71c06625b3a30458d2abc80848f13f2a8fac7db0933984dd19ee6e04617cadef3ffcaf72b10871753cd8e35fd4952514c89b99bc46e724199a2f0b3d2bc487d11641fad003712d0088e0f0d2026b52fa23949e95305efc24ca4d6291602769ac01e72a6d2896241c747ac3e0a98dba22a8c1a3c96a21cf07d4a8fbfa2aa925ff3bbfc73c437042fdf86b39d17c8049ecf7882532be0bc6628345f28294443c9e84a462ed724ce9b05e6454fdd3143d05102ec0ec2891c1198ffa667f3b5f12c02556bfb98d11ee5032edd687d6f6893a86b3aeb62a9349f0ee8c4455173740ece6d9e90cf1339e6b631bf7966f2170bbf1ce0080a3bd54b1d8c037d4937e21c1d05927a1d771e0f39540ca7e085dd16d1937871841caafa2d5343c082bf0daf5570a7db7498778dc8d0df9ac381176fb05bfba6cd0fb438eca96f8a46e5578dcea95ba601b61e6aec5a1db8fc00ee7c06bf02d419526b6daa68189bae2832d7f75d828ee76a8e28bc0e8f218b5aed85e5b6114cafc652cee47fefcf907a6de1696d88fce0cf749bf5240f8d4f8b57d63f536503d863b97684c16e5abfa230c7eded005947d26c7478b9bf885335fb6c680faf1ce44ba60310208b831682198d4e8a9eb11e556217f31fad33153d3a6207df013324dfc9a11381f0fe689744925459f3eeaafec1e25c1c0934fc246d83dd1080e74e12fc6cc701a4de38154527b86336c78d33200a385be0f352f0a7d47c5546c1dc680c967ebb9965723b980d3d3e6b295be912228a89e832b806d6a7621523d2f76b0f7e23ebe4e9eed6bd4e524083005d0f423e5ca1ace6794d16f257880a02274cc95b0f0ba6638b74adb5881d115e0e5997e89866e8ad2ab22adbc2cf288bb27fb85fc7a2fec5494639e175b0bd3c6d36eda68c72b5dd18e2cbaa7b13095d5b53110e4ef5d7e2399808793a4ef0754afb33b1f483de9e7164c1d2f137d6636f2794a9294ee2c58ad9c0cb8aeab68196568d7d5acc5e862bf224440968c735533b55df5282cf5feda78d2e1e0442d57a38ffa927c71f08b66d36141ae6ad1fdf6754fa26bb4422794ffe55ce233f680c0cbdf2431c41720f8be5a62a9471f9409954b909deb3e4b9442cba39d850df92fb5d1fb55c1406c4eadf30687829ddd28088110b4ecf39a63c05a514f0a5f2f63141c5bfd3655bdc05d26c6b32588d4c225a6fba602ee62e6b6933f7f9f22779355c02af1bb396e9588b8f49009e957ab943c54bec277b5c2861705c7a9a9d243a0d8120973dc24650b5ea4d71577a4c217fca5ffbfcfcb260608a43c6c90b0379bdfd685caed3f318041f383d1309c7a668ee2a1d2f7cc6b44cc92083c6bddded5050a7a8606e20785fb671ac275657f91561ed3a9beef089e39da19265a7f4c7d75af362000eeb458dcc7183181b4923af747a9611deaaf72524011b4ff4f23bebdda3e633975874bc66657d3023a3a21fde12ceaf57f429093430b955905eb2b157d8a711d911f3b634894b1b75af6c9c6091a65a7cae198d238a6c66d4cc9462e43d0473bb6e13bfd2b595d7f405e29e18c754a19d61212d9adf91f9d5c07c2c82cbab6371e6d64fd5994ebbce8f85cbdabe387135c27165c8cdb429ea8e8cdbce5f341eef7232cfc395804d920823b8216d15712c98f3af083ac081a4799e6fcc7bfcd27649d962c8025dc8e057dcd4cd091ec02a48a0dd9c2c599b21636f9f014512ba4a3ee1800f88491f793d863d1803a66db9b46a59d5672ee8949d35af91d49317a4d1bc245ea0aaefc10b05d61640cb444996e3beb81b71f853167ce59408493483437cca265be77eaf1c96e5051c86bbbe61294037411bfec67a211f6aaa7154cb5a186d12acf7feb8cba48203da9806ff80af11d438cc2085ae9f15c427b0bf10e9e43d981a378c463c219e999f7136fcfb5c798df5f4fde3f0c3d4e13508c6b12946c7482f518b4a7f152526618f801cb6038089adea1e5eb9dc958126d24f461091b1ce40f781fc6b06add71d1e6db51b77d7d4b44b7343d349e967f4d2615d227b600a4a835dcdc6d40e1a2c9ae300e1a30d6ab1f4854225b3df73d8cca5a982d430169ccaff05daa734eaed6c8e06729061ec7a22e633b33b176daf3168b41a6a44a746cea924c60cffff8dd19fda154246782579b5f34ab9033e72efaf4761aaf2f6f53e8bc0098f6b1fb137c60b378035eaba12a55c8c7ce79cbd8cf4dc36b0dfc1d3687246bf8f830ca5366045454da61ea512afe380930f8565eaa6e2350e6b935750e769a94e13906a499f6a081f083ea35a2c7e7217ff327fc3089f71a7b2defb361891861091f7afd460caea228af80184e1e9fd206cfddd7358a2007c3809d4b95fcdbb564d2737715eed6f9dc53c3aa7cc5e90ddfadaeb90d9cbd8db5a9d6a9c3f89267162a0cca67fc28e50063fac44591e39f356c9b5800cc9d7317896a96dc304c7e18e9dbc49f2681ae89cfddab6a57d92a675841efc4c00393254076cc7b4fe577b5c8473206e01b7b9728f67d86322c325d97bfc6057e9a3780a58d5fe6a1dc01f760c4d3319e7e83f372f40805fef3f9880a0226b81f4ecc78fce33c99bd2d2c984eb332b46a946908636e0bc0d0f7c5f2167afbceb3201799c56c994d3aaf956a94050ba344dd5f3c687055fa3fde69ee22bd99edcd2d6c235642621f94915672d1bc92b8179b8c1eef3eaf9fc82c2a57b3c68f49fbad3473527fff03dbd8e8f344795d472e951224070c6053f0e6cd12a74e7e68238d19d25df73b6ee08702f778a4c229dd528426950826870304d0b5297b98367991955a83581378ed8236f29c85945acc2dd57bb2680c7bc8ce15d72b5600b9012f9dcb6ddf55cb31084308d92a28cb1678811071852e00b884840e35156e48d807d17c3bd02b5a639f6d1300606df71399cb0d2bc4d5b308fd1af934ec8e2dcacbc1855c3ea3f963a8674736e1cb071f4855eb409e129fd5f1dfa27342c9bdf51039b37dd0589e0c31c7c5ebf493f86f08457f1c1d08f881e63fc851c3ffff195e8c8eabbb5812fbd8d51aea353af9a14631cbcff86cb7e85b5fcf3daa8ce07b83a9883c26c5d40bc1255b22072c949e5088965ea3a9fe3be408e04aa224cc6b7e7ccb5a7d1bd6ee85c706184be77408a47e9dbd929a03560107f61e74d54b21f8cdb1164869b0a0640eef3027c1a4e51bba44da9ba73118c08906d074ba1f7bd3f15519fdfd08577d33e84aa26bef8ffb0cf18e185b1bb43fe7f1b69237c488a42d2ae71b482693209aaf1a007c6b70be0835760016bc3e03d5daaf59603a9487b05578c2a10600871603d4f98cb5af7854916208a9fbd28e0fbf8926a68b0bb36e96620c1a61854da7a7eaa648aad870a761a9fa568acb3e8e5f84b1f91293a689ea0d7b03aad582dda08d25f59d7e9d51ff83b3c15606f460df1c10ed59486ebf2eaf0b922ae514f3ae826f5ef674e48c0df747e795ccd1b33cd51dd5e0b4b6e94e03f7f1e4add04f9de6554668a9cabae43caf785bb55773e9c4b139b5a275c8d4df20b22e94ac73d9b3b02cede7ad16bdefc5e832dccbbcc1b5bf71bd52198f0dc4da9e"}, {0x100, 0x10d, 0x8, "ef2490da37c90a8e7ca9cd69e8ca863ba3b736609679bc14170dcac3320ea24c2b63d5c42ab237f5fd05188b8e8a79033f74f5715f44b32d68690263bd843e69d5155f4159d5b38de54c44c270b8d3db041596e8e9b1f2bd038cc4e01b900cd3e50a5bddbd58ee21b1aaece331d555ba2a38528ebff1a80dab5fb4b4afe22f0ca7ef7b128c1c52bf693f23ae3e26ac24ff6d3c97c1e8170da29e5affccc2ab681bc5b767f14c2d5307ad9709dd50e6f3c694969e30691644e9f936066c0bf072caed99a161e5555fc63659669f94c273338a725e1ffeabdafcd44097cd4bd89a8af47bb1833f90a87090"}, {0xf0, 0x103, 0x2, "b0eeb06dd8da6612e1fd71a4f92767315951767e503f73b62ba8261e3e1333fa468bfb82cddc3daaad55d46cc4dd0ce4bee00b9cbe43b0395205ebec571c11b74af22735bb91c3c97bc5e51a642e0059bf1c60bb8d95e708fea9e3c5c44388f13dd3daccd3871aec074d7b21767b6131b6abfb63b79ff380b975dd3ac45fdfbae063e4479293bdff1302e7202c3d945cb52c7750e92f94bef2500c18d10238bed186b6e7217eb20f2dc6bd677322c01134bc0ce72331b5c26da10d3af606c3af0e410434dbb13255f31b502a7baaeb72e4438270b5c5f5a88d26"}, {0x78, 0x116, 0xd, "936a8f6e0d58f449bc02f0a25f75beaf7da3fe21e135058cfc9d2c9acb4a66c5a73efbfc9ec308c6f72ab3e6a25286aab6b0c753b70ca2f122169501eed90597e7a0ef5a5fd4e088fbcf26acaeb16289b18461050159ac8b23a2ada6f4cf9b0e6d"}, {0xa8, 0x10e, 0x6, "fbf3a10319bcf8532295b1a97cba77e23573ee5340ec565a269d6108773f514c9dc638358d882cf5e9ba9eb0e203c844e4281530c165f7456eed5d4bd108b27072469b4d94a697bf73b1b5b9be45f3ff4c25bfa6b64e7c80413e89c2269449f71677b02477af84f14f4c19ba093b109f2bfafc5ba8b1b092401659ee05ea85e3b20df93727099f279326b17d5db571bb19"}, {0xce8, 0x10b, 0xb90, "fa92a3bbcfb24ec7918366e5944b4f353db224067b7c80be11fa5c456e6512e2ac02fdfd96bfd6141c73435711aca916d2d84b88b62ac4610c900a45c0ed053ad1b4c9939c7284483b56056207a096a9c93dc175866240e8c39d354bc4eb196db786e690757ca5a01ed87374089fedc96a4a154ac9a0e5f11c33e51f0954b102873b33e256a96b3e4521eca621098b154272460d008679e1601b56ce30d080314278b0ea6ca4a8ee0e9a8378568cabca4eee66b31f2e3e4aa0c6449de311e9022ea88c4f5b0e1211dd129c967337ed2b86a96630ecb303b9ad89f4857d65be5b3b6291147688a8ecab04fd87cbd33936cc83bfcc9ee30fe1111ca7c1c732131b4eaae4a67c5a244537fa636be893eba9db0cc65fc8b6d57f7d53f108f2ce4155f9ecc1650aaf5732f166ee789698e1bdce1ee6417f07749c0ac4006a1e67307d14eb0e27a217158dc9a0fa99b3ce46f9838db6b936fce843f8b9f90484e9d69b36c5daed1051ada7ae6adc314862af2134afb09a7617cf2b4ad5883ac8bfab90ba8d60aa4cb879eb8903d4d5796829928a820a598e045acdc7f6a54dac226237a16514f4b3f55514f0ce175e938d7a2a68e33dbfb7325c6e8085327e6bf88fc48647418849d1d8ba0518a97910d2652aef8503b3edbc1689502f5f395dab6d7bb4b29e4feb8a63e6bc76ced8ae929680c133a8ff01d4d37af55e7570ce6620cddd6442327d549dce27051bf3e787d9ca6aca2b26e5051d4bda81f179e299b7635860fd16ace170dfba8df31c03ef2aea06a97f017c649d5d1c764aa0858fd008c76e467a673184d2517b7f1aac377d1c9034b1812a689c01c36ecb26113ae9418c2648856c84c379c75f9e8e4fd31e134e5bcc566a9010bea20bb04a965b455b2431ad47594d2ceb9f8e2d99e771d67e69061516d5101a867b934894c37fa3fa465416a6cc134d9524cd59adee42cc2c7462db9b57f4de18b2251adb4aacfb32b04e74b33c5dd37a46f3fa3a1e59c1fa0f9c910a282ec3f5edea38b2cec2d4ec652267595c59fa5cab3dd58043e8c1b0edfbbf9fd6646cc4021244ffa92ec4d8f9711e15a3aac2e21578d7cbfc79306fbb43186260bc9e3e946ba2ff04d08a0873f61a8634f817fb5d761765b1d0c43e0dbf91eac9b09a1e68af137081c24b654c97bef58a255149611afd1673bec69d8b863ae45d771395eef93c474dc053cbc775db2ddc4fadd4fb26dab4bafce3c54d5286103c420340cdb867915c902817ff0fc1d605c2c30125908346e37718137a0b722d4ecee936b09ff84b0117eeea69772db82eea9ee426762dfc6209792687fd0e4ca2b456464f1ed1dd96c5de03f24f50ebec049c8d838e56623ef9cd2fe261e9eaca0b881d50ce2ec2f9cae97c876f46dec3a1194cf9c1bfb21bf7545f6f6f7cf65eb727c252518b81a3a620621501ef73952c795c921971d78d23582cbc3631d548ff19436847f743c48c3db6b6fdcb61343976a4563ee5b3d16afb798d76aa08434b82672abcaf74101f4c79f0ab0f7d752c9656953788c10317420c99f597c0ca5da046a7d68acc7c948ca301ceb8b838fa453a9b0aed24ce268bbd96f39bc033fa9a8755eda0bd4d72603c264b6833f1ad21becec0d46b80867a2fc17e113d3ba220df77703109d6b380df82c085da5fd3a03bb230baa5837e347e1f1bf95820caec6153f29d3e364b4a054dd0837ad0662d1da5edac20b1b5d92c5ebea5bb7cfdc33e9834d9edbd8355f2608fa94237f7f727ac7d671534cf4952829d861befdd2795e042568231bef19bb385164809ac4c4b8facfe79c46fd294c4f19d476873442b82acf4bc848856097b30e96d321b7a5f376282159c86874d524808f38ff72e648e8ef0b375a556609cf4cf06613da72da4ff3df35dd1cf3974b04be5e1e1f19869da3631f0c7f03b7eb70a3b6b8c3fb5be7ea28745ac0448e619301974d738daa53d09f2f5582efeb4b179d0b84bf5f8fd6d52528e12b06dfbb83532e38ccc8a6de131552dcbecc7c780749b638cec81fa7586a5c79d510b65bca5e35172688f35ef770765d64afbf4fa49d6a7cd9fe7882da6573b1a119758d4e1bfbcd4a7fad50c7e09b1d9cdd83c1f94aa7e40fee9ce1c7bbc65d697cffed3bdf810212ea7c7a4c9692d22bab3cab055b4068dc14e0b0d3eb88cabe57898c2d1b8fc60f29c6a608a953fa273c4e415dd894c0400c8bad80f32b551b7386b641ab479bb38ca2d65257be085020fbc9927cb94a94428254e400cabc904c5d018ea2ebd89fffa7f2f81e0997d33e53b6424e0115a3d84b2dab2c35549f4ac72af8d523a84d0a8fdb6c266138363bb45b27a6552eb7b8f188af1da5cf0d2bb745eb9bc1b3ab220b5ade16271da8ba1190b35aa5f7ae261c1f5a3346d6fd785bc5e403ef903d3945884410339544052da1e75dede97ac039a2213462df194e0ee8fba7dd14255f4d428eaf3c99c5737e2c107d36ddd9375bba978ff902c098f574e5dd04d9e20765aff265170e5b5199084ad1ccbb15de0d8814a4de761a1d9cec308767ff2ef1440a84c7504d6b133491c3ca21f2a7d978917813b4b18cfd18289d05a870f4399fc93c6ccb60a4418c815a652ac70e3e548957a594b29d885ad43b516a9bc3e246a7cd172cb9c65b84be661f4da0ad58ea67ea9464f6b11f8d6d8ab8d535686c030a796364cab526fdc5c1dc06eb5e3070a7fcc5eec9ad0b6044ea50a5c814f0a1d093e6680b2516eb044641bfac368571ff2a03f334113ff5164f0168c50134b3cf72793fc5dab563dc799abcb39b89212fa0b87b03e9d276c0b37eab516715141a314089f5cf04891686073c8c73b5362267b7805790953ef18f3eb5f39680057ecffa5ca7cf4d00fcceac05c391f1aebe0a5edefc1f01bd63567ff8e344192d04f88b024315d95d3179ab0441eda7741e6008890156e09082adcf977c62453a40820321418f10cf117344e9a85f912b677502ba24eda43eb850db774da17aa8912fea77c05dca23502f8bca46a0a4a32a9355d1db015fe7a1c9f5d54cca63fef3013e8e9c230f50db362f792541f409940da4c8803e4bed3f711967ba780116c2ffbace3efaa8d502b193ab3a0a975595e15e930847821869b7222a4f9bde886a1d23abc67264f6476450271cad4c526eebb7cdcf0091e05ca1ad42f9be1b648d4611f0b13f9e2d9e77089d631a689dc327e70f8711764a64b257bae7ae7f0004489ed52911b235e24c35266419b29f6fb206c14a202b02e4f0be3c32fcd779e2de3de422f14cb394c1345963a37dbb5e396b6a1b8114c258e946bf39913aea02cdac924e74c51cb0ffd49d70a3cdffd1c07b15e1ea8485b4ee781ecbafb5311dcc9c01058686ac799a1d869d1bbef2cd35fe6091ddfaa653e7977af937f4bf37e1f3934cfe45e1ab7bfbe87d1643057706c5f00b894b27fde0ee907d5ed1bd45f0c9057cc1cacd37a4abd065f8cc9a7e78946d6bb7557d10642c2f6f2c514f22bd0e186953dc308e78f4d2d798864662fe722a5ce60fd270f039958f78a056dbd2407282f5fe67b228a888a13a2eb3514334ebadccafd317ff2cc0b263cc3931a99fe234adfc8a90b661f3f16d107e2a183bd2e66916d884e3a4fa37a8dd7211d8e1dcac0f84078c8fbd71c7cc1e072aab5941ddf5781d67036c95c088c797fc9ec36129100a3b485015c322eec75d51ca4e0432e3b3c69bffb5c823f0b93ccfcc1d12e52eeb715450e44bb0cd4e734b6cab88201733ea02f992f0cab648b3fb583831866b3b2c200efbd96890bc131f306af4fa3d9ec89f7b13785ac25083877a38178f1c585cab32da86f01e7a493248bafdf32100831e132be981e0915dba58f054cb25dab5ac9c3e62d013cf7bd2789ee929c93b7e0a745e31ad4b977957a18d0e5d5c36eb18a0795ed77382345470aac0b0cee33de8cb9062f0a240f1b30c1163d646a1b294ab9a56db59c9521a904ca829b6c66631c2d0b19fcfe58a8b5db3f2455b5f5e3cd50ac19773fb4c5dc9a6b0dd4defe0a929c2a72fe320ab5d3c9c0a717c2316846fa0dfa039268acfd3ae5a72af6a7eeda01afd7191eedba5e09f7715e5199602c12629e1d69028eec69d67431031c062029d2748984731518950ce896ccad8bb4752f6a4487196ed66b253c2ab2d940566be256aa38abed0bbd2b979cf4a4fc86408942c18c22254029029f203a20d4b23519626b54f9805ce59b08479dd7a2d2b99b90530e35e93a8c98232b5dc3e9d3417279ac4c2f76dd61bdbd76fbae6f9f66cdb57f0410e801d918897988434cbf730f6bdb930d8252d8617928b8c1ad284abf66bbd4cbf6a57797d2b2bb3b216b0db09732c98ec1f28a8a5fbf5e744ef3695b84a161658890d8810d8552dd05e767a9a3a37dad71eae4c29a6dba5920951b263d15e9681fe822839d7214f3b05a12063337c6258345fc5e2f87f39fb255fa40c6a820018e3d1b385d02cbdae89b7cb5dc2cf48a1f1d0a34976c717ce401f7464e3669f61dcaacb3ec4018a31ec27dd238f6be06e35a0c7eb63dcd675e42b39e1043200ec792eb0159d2d85e64f8e2c3c84d55581fe71257558dd74f65e3f6f026375288b04a15679d7c863d06"}], 0x2008}, 0x4000000)

kernel console output (not intermixed with test programs):

ributes in process `syz.2.2421'.
[  306.483685][T14418] 8021q: adding VLAN 0 to HW filter on device macvlan5
[  306.493525][T14418] bond3: (slave macvlan5): Enslaving as a backup interface with a down link
[  306.570878][T14431] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  306.888299][T14446] netlink: 'syz.3.2430': attribute type 10 has an invalid length.
[  306.977811][T14458] netlink: 248 bytes leftover after parsing attributes in process `syz.1.2434'.
[  307.034124][T14458] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2434'.
[  307.034288][T14461] pimreg: left allmulticast mode
[  307.132145][T14464] netlink: 'syz.3.2436': attribute type 18 has an invalid length.
[  307.142983][T14456] aoe: error packet from 2806.99@lo; ecode=101 'no such error'
[  307.150655][T14456] aoe: error packet from 2806.99@lo; ecode=101 'no such error'
[  307.158237][T14456] aoe: error packet from 2806.99@lo; ecode=101 'no such error'
[  307.165841][T14456] aoe: error packet from 2806.99@lo; ecode=101 'no such error'
[  307.173451][T14456] aoe: error packet from 2806.99@lo; ecode=101 'no such error'
[  307.181062][T14456] aoe: error packet from 2806.99@lo; ecode=101 'no such error'
[  307.188651][T14456] aoe: error packet from 2806.99@lo; ecode=101 'no such error'
[  307.196246][T14456] aoe: error packet from 2806.99@lo; ecode=101 'no such error'
[  307.299456][T14462] lo speed is unknown, defaulting to 1000
[  307.543931][T14480] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  307.683115][T14462] lo speed is unknown, defaulting to 1000
[  308.117138][T14502] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2447'.
[  308.266581][T14509] netlink: 172 bytes leftover after parsing attributes in process `syz.4.2448'.
[  308.743628][T14539] netlink: 'syz.1.2453': attribute type 20 has an invalid length.
[  308.783313][T14542] macsec1: entered promiscuous mode
[  308.788655][T14542] team0: entered promiscuous mode
[  308.795739][T14537] netlink: 'syz.0.2457': attribute type 6 has an invalid length.
[  308.805043][T14537] netlink: 'syz.0.2457': attribute type 6 has an invalid length.
[  309.063335][T14549] pim6reg1: entered promiscuous mode
[  309.075394][T14549] pim6reg1: entered allmulticast mode
[  309.647653][T14563] bridge_slave_0: entered allmulticast mode
[  310.101788][T14583] mac80211_hwsim hwsim2 wlan0: left allmulticast mode
[  310.113370][T14583] macsec0: left allmulticast mode
[  310.133474][T14583] tipc: Resetting bearer <eth:syzkaller0>
[  310.182839][ T1111] netdevsim netdevsim1 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  310.199735][ T9501] netdevsim netdevsim1 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  310.231020][ T1111] netdevsim netdevsim1 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  310.247395][ T1111] netdevsim netdevsim1 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  310.311654][T14600] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  310.405699][T14606] FAULT_INJECTION: forcing a failure.
[  310.405699][T14606] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  310.442093][T14606] CPU: 0 UID: 0 PID: 14606 Comm: syz.1.2482 Not tainted 6.16.0-syzkaller-06574-gd9104cec3e8f #0 PREEMPT(full) 
[  310.442121][T14606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  310.442132][T14606] Call Trace:
[  310.442139][T14606]  <TASK>
[  310.442147][T14606]  dump_stack_lvl+0x189/0x250
[  310.442171][T14606]  ? __pfx____ratelimit+0x10/0x10
[  310.442197][T14606]  ? __pfx_dump_stack_lvl+0x10/0x10
[  310.442216][T14606]  ? __pfx__printk+0x10/0x10
[  310.442239][T14606]  ? __might_fault+0xb0/0x130
[  310.442277][T14606]  should_fail_ex+0x414/0x560
[  310.442310][T14606]  _copy_from_user+0x2d/0xb0
[  310.442338][T14606]  ___sys_sendmsg+0x158/0x2a0
[  310.442360][T14606]  ? __pfx____sys_sendmsg+0x10/0x10
[  310.442415][T14606]  ? __fget_files+0x2a/0x420
[  310.442432][T14606]  ? __fget_files+0x3a0/0x420
[  310.442460][T14606]  __x64_sys_sendmsg+0x19b/0x260
[  310.442482][T14606]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  310.442530][T14606]  ? __pfx_ksys_write+0x10/0x10
[  310.442554][T14606]  ? rcu_is_watching+0x15/0xb0
[  310.442588][T14606]  ? do_syscall_64+0xbe/0x3b0
[  310.442618][T14606]  do_syscall_64+0xfa/0x3b0
[  310.442645][T14606]  ? lockdep_hardirqs_on+0x9c/0x150
[  310.442671][T14606]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  310.442689][T14606]  ? clear_bhb_loop+0x60/0xb0
[  310.442711][T14606]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  310.442729][T14606] RIP: 0033:0x7fdcdb38e9a9
[  310.442746][T14606] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  310.442762][T14606] RSP: 002b:00007fdcdc2d9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  310.442783][T14606] RAX: ffffffffffffffda RBX: 00007fdcdb5b5fa0 RCX: 00007fdcdb38e9a9
[  310.442797][T14606] RDX: 000000002400c000 RSI: 00002000000003c0 RDI: 0000000000000003
[  310.442809][T14606] RBP: 00007fdcdc2d9090 R08: 0000000000000000 R09: 0000000000000000
[  310.442820][T14606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  310.442831][T14606] R13: 0000000000000000 R14: 00007fdcdb5b5fa0 R15: 00007ffdd6e76138
[  310.442860][T14606]  </TASK>
[  310.705246][T14612] ¾x9ÿ: entered allmulticast mode
[  310.761108][T14616] netlink: 'syz.4.2487': attribute type 3 has an invalid length.
[  311.033311][T14635] FAULT_INJECTION: forcing a failure.
[  311.033311][T14635] name failslab, interval 1, probability 0, space 0, times 0
[  311.051825][T14635] CPU: 1 UID: 0 PID: 14635 Comm: syz.0.2496 Not tainted 6.16.0-syzkaller-06574-gd9104cec3e8f #0 PREEMPT(full) 
[  311.051853][T14635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  311.051865][T14635] Call Trace:
[  311.051873][T14635]  <TASK>
[  311.051880][T14635]  dump_stack_lvl+0x189/0x250
[  311.051905][T14635]  ? __pfx____ratelimit+0x10/0x10
[  311.051933][T14635]  ? __pfx_dump_stack_lvl+0x10/0x10
[  311.051951][T14635]  ? __pfx__printk+0x10/0x10
[  311.051980][T14635]  ? __pfx___might_resched+0x10/0x10
[  311.052014][T14635]  should_fail_ex+0x414/0x560
[  311.052048][T14635]  should_failslab+0xa8/0x100
[  311.052068][T14635]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  311.052096][T14635]  ? __alloc_skb+0x112/0x2d0
[  311.052129][T14635]  __alloc_skb+0x112/0x2d0
[  311.052161][T14635]  netlink_sendmsg+0x5c6/0xb30
[  311.052199][T14635]  ? __pfx_netlink_sendmsg+0x10/0x10
[  311.052231][T14635]  ? aa_sock_msg_perm+0x94/0x160
[  311.052257][T14635]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  311.052278][T14635]  ? __pfx_netlink_sendmsg+0x10/0x10
[  311.052308][T14635]  __sock_sendmsg+0x219/0x270
[  311.052336][T14635]  ____sys_sendmsg+0x505/0x830
[  311.052362][T14635]  ? __pfx_____sys_sendmsg+0x10/0x10
[  311.052390][T14635]  ? import_iovec+0x74/0xa0
[  311.052419][T14635]  ___sys_sendmsg+0x21f/0x2a0
[  311.052441][T14635]  ? __pfx____sys_sendmsg+0x10/0x10
[  311.052496][T14635]  ? __fget_files+0x2a/0x420
[  311.052513][T14635]  ? __fget_files+0x3a0/0x420
[  311.052541][T14635]  __x64_sys_sendmsg+0x19b/0x260
[  311.052563][T14635]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  311.052592][T14635]  ? __pfx_ksys_write+0x10/0x10
[  311.052616][T14635]  ? rcu_is_watching+0x15/0xb0
[  311.052650][T14635]  ? do_syscall_64+0xbe/0x3b0
[  311.052681][T14635]  do_syscall_64+0xfa/0x3b0
[  311.052714][T14635]  ? lockdep_hardirqs_on+0x9c/0x150
[  311.052739][T14635]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.052758][T14635]  ? clear_bhb_loop+0x60/0xb0
[  311.052780][T14635]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.052798][T14635] RIP: 0033:0x7fc56e58e9a9
[  311.052814][T14635] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  311.052830][T14635] RSP: 002b:00007fc56f4b3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  311.052851][T14635] RAX: ffffffffffffffda RBX: 00007fc56e7b5fa0 RCX: 00007fc56e58e9a9
[  311.052864][T14635] RDX: 000000002400c000 RSI: 00002000000003c0 RDI: 0000000000000003
[  311.052876][T14635] RBP: 00007fc56f4b3090 R08: 0000000000000000 R09: 0000000000000000
[  311.052888][T14635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  311.052898][T14635] R13: 0000000000000000 R14: 00007fc56e7b5fa0 R15: 00007fff803866a8
[  311.052928][T14635]  </TASK>
[  311.528210][T14647] lo speed is unknown, defaulting to 1000
[  311.580310][T14652] __nla_validate_parse: 6 callbacks suppressed
[  311.580328][T14652] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2500'.
[  311.892758][T14647] lo speed is unknown, defaulting to 1000
[  312.018132][T14674] bridge_slave_0: left allmulticast mode
[  312.032153][T14674] macvtap2: left allmulticast mode
[  312.037532][T14674] macsec1: left allmulticast mode
[  312.058034][T14674] tipc: Resetting bearer <eth:syzkaller0>
[  312.080755][T14674] syzkaller0: left promiscuous mode
[  312.093206][T14674] syzkaller0: left allmulticast mode
[  312.102451][T14674] bridge3: left allmulticast mode
[  312.107779][T14674] geneve2: left promiscuous mode
[  312.144193][T14680] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2507'.
[  312.257945][T14680] hsr_slave_1 (unregistering): left promiscuous mode
[  312.489230][T14692] pim6reg1: entered promiscuous mode
[  312.515412][T14692] pim6reg1: entered allmulticast mode
[  312.676146][T14703] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2514'.
[  312.823297][T14706] netlink: 212084 bytes leftover after parsing attributes in process `syz.4.2516'.
[  313.161550][T14722] FAULT_INJECTION: forcing a failure.
[  313.161550][T14722] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  313.178203][T14722] CPU: 0 UID: 0 PID: 14722 Comm: syz.1.2522 Not tainted 6.16.0-syzkaller-06574-gd9104cec3e8f #0 PREEMPT(full) 
[  313.178230][T14722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  313.178242][T14722] Call Trace:
[  313.178250][T14722]  <TASK>
[  313.178258][T14722]  dump_stack_lvl+0x189/0x250
[  313.178282][T14722]  ? __pfx____ratelimit+0x10/0x10
[  313.178308][T14722]  ? __pfx_dump_stack_lvl+0x10/0x10
[  313.178328][T14722]  ? __pfx__printk+0x10/0x10
[  313.178352][T14722]  ? __might_fault+0xb0/0x130
[  313.178390][T14722]  should_fail_ex+0x414/0x560
[  313.178444][T14722]  _copy_from_iter+0x1db/0x16f0
[  313.178477][T14722]  ? rcu_is_watching+0x15/0xb0
[  313.178520][T14722]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  313.178556][T14722]  ? __pfx__copy_from_iter+0x10/0x10
[  313.178585][T14722]  ? __build_skb_around+0x257/0x3e0
[  313.178624][T14722]  ? netlink_sendmsg+0x642/0xb30
[  313.178655][T14722]  ? skb_put+0x11b/0x210
[  313.178679][T14722]  netlink_sendmsg+0x6b2/0xb30
[  313.178724][T14722]  ? __pfx_netlink_sendmsg+0x10/0x10
[  313.178761][T14722]  ? aa_sock_msg_perm+0x94/0x160
[  313.178792][T14722]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  313.178817][T14722]  ? __pfx_netlink_sendmsg+0x10/0x10
[  313.178852][T14722]  __sock_sendmsg+0x219/0x270
[  313.178884][T14722]  ____sys_sendmsg+0x505/0x830
[  313.178914][T14722]  ? __pfx_____sys_sendmsg+0x10/0x10
[  313.178952][T14722]  ? import_iovec+0x74/0xa0
[  313.178986][T14722]  ___sys_sendmsg+0x21f/0x2a0
[  313.179012][T14722]  ? __pfx____sys_sendmsg+0x10/0x10
[  313.179078][T14722]  ? __fget_files+0x2a/0x420
[  313.179099][T14722]  ? __fget_files+0x3a0/0x420
[  313.179132][T14722]  __x64_sys_sendmsg+0x19b/0x260
[  313.179158][T14722]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  313.179193][T14722]  ? __pfx_ksys_write+0x10/0x10
[  313.179221][T14722]  ? rcu_is_watching+0x15/0xb0
[  313.179260][T14722]  ? do_syscall_64+0xbe/0x3b0
[  313.179297][T14722]  do_syscall_64+0xfa/0x3b0
[  313.179327][T14722]  ? lockdep_hardirqs_on+0x9c/0x150
[  313.179357][T14722]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  313.179378][T14722]  ? clear_bhb_loop+0x60/0xb0
[  313.179405][T14722]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  313.179426][T14722] RIP: 0033:0x7fdcdb38e9a9
[  313.179444][T14722] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  313.179463][T14722] RSP: 002b:00007fdcdc2d9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  313.179495][T14722] RAX: ffffffffffffffda RBX: 00007fdcdb5b5fa0 RCX: 00007fdcdb38e9a9
[  313.179510][T14722] RDX: 000000002400c000 RSI: 00002000000003c0 RDI: 0000000000000003
[  313.179524][T14722] RBP: 00007fdcdc2d9090 R08: 0000000000000000 R09: 0000000000000000
[  313.179538][T14722] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  313.179564][T14722] R13: 0000000000000000 R14: 00007fdcdb5b5fa0 R15: 00007ffdd6e76138
[  313.179597][T14722]  </TASK>
[  314.057781][T14762] lo speed is unknown, defaulting to 1000
[  314.317975][T14762] lo speed is unknown, defaulting to 1000
[  314.503088][T14775] FAULT_INJECTION: forcing a failure.
[  314.503088][T14775] name failslab, interval 1, probability 0, space 0, times 0
[  314.531443][T14775] CPU: 0 UID: 0 PID: 14775 Comm: syz.1.2535 Not tainted 6.16.0-syzkaller-06574-gd9104cec3e8f #0 PREEMPT(full) 
[  314.531472][T14775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  314.531483][T14775] Call Trace:
[  314.531490][T14775]  <TASK>
[  314.531497][T14775]  dump_stack_lvl+0x189/0x250
[  314.531520][T14775]  ? __pfx____ratelimit+0x10/0x10
[  314.531545][T14775]  ? __pfx_dump_stack_lvl+0x10/0x10
[  314.531562][T14775]  ? __pfx__printk+0x10/0x10
[  314.531586][T14775]  ? __pfx___might_resched+0x10/0x10
[  314.531611][T14775]  ? fs_reclaim_acquire+0x7d/0x100
[  314.531634][T14775]  should_fail_ex+0x414/0x560
[  314.531667][T14775]  should_failslab+0xa8/0x100
[  314.531685][T14775]  __kmalloc_noprof+0xcb/0x4f0
[  314.531710][T14775]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  314.531737][T14775]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  314.531764][T14775]  genl_family_rcv_msg_doit+0xb8/0x300
[  314.531791][T14775]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  314.531812][T14775]  ? __pfx___mutex_lock+0x10/0x10
[  314.531837][T14775]  ? __pfx_genl_get_cmd+0x10/0x10
[  314.531854][T14775]  ? __pfx_tipc_nl_bearer_add+0x10/0x10
[  314.531887][T14775]  ? stack_trace_save+0x9c/0xe0
[  314.531912][T14775]  genl_rcv_msg+0x60e/0x790
[  314.531938][T14775]  ? __pfx_genl_rcv_msg+0x10/0x10
[  314.531956][T14775]  ? __pfx_tipc_nl_bearer_add+0x10/0x10
[  314.531997][T14775]  netlink_rcv_skb+0x205/0x470
[  314.532020][T14775]  ? __lock_acquire+0xab9/0xd20
[  314.532045][T14775]  ? __pfx_genl_rcv_msg+0x10/0x10
[  314.532066][T14775]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  314.532109][T14775]  ? down_read+0x1ad/0x2e0
[  314.532139][T14775]  genl_rcv+0x28/0x40
[  314.532156][T14775]  netlink_unicast+0x82c/0x9e0
[  314.532188][T14775]  ? __pfx_netlink_unicast+0x10/0x10
[  314.532213][T14775]  ? netlink_sendmsg+0x642/0xb30
[  314.532236][T14775]  ? skb_put+0x11b/0x210
[  314.532256][T14775]  netlink_sendmsg+0x805/0xb30
[  314.532291][T14775]  ? __pfx_netlink_sendmsg+0x10/0x10
[  314.532321][T14775]  ? aa_sock_msg_perm+0x94/0x160
[  314.532345][T14775]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  314.532365][T14775]  ? __pfx_netlink_sendmsg+0x10/0x10
[  314.532394][T14775]  __sock_sendmsg+0x219/0x270
[  314.532420][T14775]  ____sys_sendmsg+0x505/0x830
[  314.532444][T14775]  ? __pfx_____sys_sendmsg+0x10/0x10
[  314.532471][T14775]  ? import_iovec+0x74/0xa0
[  314.532508][T14775]  ___sys_sendmsg+0x21f/0x2a0
[  314.532527][T14775]  ? __pfx____sys_sendmsg+0x10/0x10
[  314.532577][T14775]  ? __fget_files+0x2a/0x420
[  314.532593][T14775]  ? __fget_files+0x3a0/0x420
[  314.532618][T14775]  __x64_sys_sendmsg+0x19b/0x260
[  314.532638][T14775]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  314.532664][T14775]  ? __pfx_ksys_write+0x10/0x10
[  314.532685][T14775]  ? rcu_is_watching+0x15/0xb0
[  314.532715][T14775]  ? do_syscall_64+0xbe/0x3b0
[  314.532743][T14775]  do_syscall_64+0xfa/0x3b0
[  314.532765][T14775]  ? lockdep_hardirqs_on+0x9c/0x150
[  314.532788][T14775]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.532803][T14775]  ? clear_bhb_loop+0x60/0xb0
[  314.532823][T14775]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.532838][T14775] RIP: 0033:0x7fdcdb38e9a9
[  314.532854][T14775] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  314.532868][T14775] RSP: 002b:00007fdcdc2d9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  314.532888][T14775] RAX: ffffffffffffffda RBX: 00007fdcdb5b5fa0 RCX: 00007fdcdb38e9a9
[  314.532899][T14775] RDX: 000000002400c000 RSI: 00002000000003c0 RDI: 0000000000000003
[  314.532910][T14775] RBP: 00007fdcdc2d9090 R08: 0000000000000000 R09: 0000000000000000
[  314.532920][T14775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  314.532930][T14775] R13: 0000000000000000 R14: 00007fdcdb5b5fa0 R15: 00007ffdd6e76138
[  314.532956][T14775]  </TASK>
[  315.096529][T14785] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2539'.
[  315.181462][T14781] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2539'.
[  315.805131][T14820] FAULT_INJECTION: forcing a failure.
[  315.805131][T14820] name failslab, interval 1, probability 0, space 0, times 0
[  315.849115][T14820] CPU: 0 UID: 0 PID: 14820 Comm: syz.3.2549 Not tainted 6.16.0-syzkaller-06574-gd9104cec3e8f #0 PREEMPT(full) 
[  315.849147][T14820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  315.849161][T14820] Call Trace:
[  315.849170][T14820]  <TASK>
[  315.849179][T14820]  dump_stack_lvl+0x189/0x250
[  315.849206][T14820]  ? __pfx____ratelimit+0x10/0x10
[  315.849238][T14820]  ? __pfx_dump_stack_lvl+0x10/0x10
[  315.849261][T14820]  ? __pfx__printk+0x10/0x10
[  315.849291][T14820]  ? __pfx___might_resched+0x10/0x10
[  315.849323][T14820]  ? fs_reclaim_acquire+0x7d/0x100
[  315.849353][T14820]  should_fail_ex+0x414/0x560
[  315.849394][T14820]  should_failslab+0xa8/0x100
[  315.849416][T14820]  __kmalloc_noprof+0xcb/0x4f0
[  315.849446][T14820]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  315.849480][T14820]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  315.849516][T14820]  genl_family_rcv_msg_doit+0xb8/0x300
[  315.849549][T14820]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  315.849576][T14820]  ? __pfx___mutex_lock+0x10/0x10
[  315.849619][T14820]  ? __pfx_genl_get_cmd+0x10/0x10
[  315.849639][T14820]  ? __pfx_tipc_nl_bearer_add+0x10/0x10
[  315.849686][T14820]  genl_rcv_msg+0x60e/0x790
[  315.849715][T14820]  ? __pfx_genl_rcv_msg+0x10/0x10
[  315.849737][T14820]  ? __pfx_tipc_nl_bearer_add+0x10/0x10
[  315.849769][T14820]  ? __asan_memcpy+0x40/0x70
[  315.849793][T14820]  ? __pfx_ref_tracker_free+0x10/0x10
[  315.849823][T14820]  netlink_rcv_skb+0x205/0x470
[  315.849860][T14820]  ? __lock_acquire+0xab9/0xd20
[  315.849887][T14820]  ? __pfx_genl_rcv_msg+0x10/0x10
[  315.849910][T14820]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  315.849958][T14820]  ? down_read+0x1ad/0x2e0
[  315.849978][T14820]  genl_rcv+0x28/0x40
[  315.850003][T14820]  netlink_unicast+0x82c/0x9e0
[  315.850037][T14820]  ? __pfx_netlink_unicast+0x10/0x10
[  315.850064][T14820]  ? netlink_sendmsg+0x642/0xb30
[  315.850090][T14820]  ? skb_put+0x11b/0x210
[  315.850111][T14820]  netlink_sendmsg+0x805/0xb30
[  315.850149][T14820]  ? __pfx_netlink_sendmsg+0x10/0x10
[  315.850181][T14820]  ? aa_sock_msg_perm+0x94/0x160
[  315.850208][T14820]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  315.850229][T14820]  ? __pfx_netlink_sendmsg+0x10/0x10
[  315.850259][T14820]  __sock_sendmsg+0x219/0x270
[  315.850287][T14820]  ____sys_sendmsg+0x505/0x830
[  315.850312][T14820]  ? __pfx_____sys_sendmsg+0x10/0x10
[  315.850342][T14820]  ? import_iovec+0x74/0xa0
[  315.850372][T14820]  ___sys_sendmsg+0x21f/0x2a0
[  315.850395][T14820]  ? __pfx____sys_sendmsg+0x10/0x10
[  315.850453][T14820]  ? __fget_files+0x2a/0x420
[  315.850470][T14820]  ? __fget_files+0x3a0/0x420
[  315.850498][T14820]  __x64_sys_sendmsg+0x19b/0x260
[  315.850521][T14820]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  315.850551][T14820]  ? __pfx_ksys_write+0x10/0x10
[  315.850575][T14820]  ? rcu_is_watching+0x15/0xb0
[  315.850610][T14820]  ? do_syscall_64+0xbe/0x3b0
[  315.850661][T14820]  do_syscall_64+0xfa/0x3b0
[  315.850688][T14820]  ? lockdep_hardirqs_on+0x9c/0x150
[  315.850716][T14820]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  315.850735][T14820]  ? clear_bhb_loop+0x60/0xb0
[  315.850760][T14820]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  315.850779][T14820] RIP: 0033:0x7f66ca78e9a9
[  315.850796][T14820] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  315.850813][T14820] RSP: 002b:00007f66cb618038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  315.850836][T14820] RAX: ffffffffffffffda RBX: 00007f66ca9b5fa0 RCX: 00007f66ca78e9a9
[  315.850851][T14820] RDX: 000000002400c000 RSI: 00002000000003c0 RDI: 0000000000000003
[  315.850863][T14820] RBP: 00007f66cb618090 R08: 0000000000000000 R09: 0000000000000000
[  315.850875][T14820] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  315.850887][T14820] R13: 0000000000000000 R14: 00007f66ca9b5fa0 R15: 00007ffd42e25be8
[  315.850919][T14820]  </TASK>
[  317.024130][T14845] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2558'.
[  317.074258][T14845] netlink: 'syz.1.2558': attribute type 7 has an invalid length.
[  317.105788][T14849] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  317.113083][T14849] IPv6: NLM_F_CREATE should be set when creating new route
[  317.120557][T14849] IPv6: NLM_F_CREATE should be set when creating new route
[  317.122874][T14845] netlink: 'syz.1.2558': attribute type 8 has an invalid length.
[  317.127797][T14849] IPv6: NLM_F_CREATE should be set when creating new route
[  317.143325][T14849] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  317.151097][T14845] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2558'.
[  317.213752][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  317.406844][T14860] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2562'.
[  317.417116][T14860] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2562'.
[  317.431864][T14860] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2562'.
[  317.450260][T14860] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2562'.
[  317.457920][T14862] FAULT_INJECTION: forcing a failure.
[  317.457920][T14862] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  317.499044][T14862] CPU: 0 UID: 0 PID: 14862 Comm: syz.1.2563 Not tainted 6.16.0-syzkaller-06574-gd9104cec3e8f #0 PREEMPT(full) 
[  317.499076][T14862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  317.499089][T14862] Call Trace:
[  317.499098][T14862]  <TASK>
[  317.499107][T14862]  dump_stack_lvl+0x189/0x250
[  317.499146][T14862]  ? __pfx____ratelimit+0x10/0x10
[  317.499178][T14862]  ? __pfx_dump_stack_lvl+0x10/0x10
[  317.499200][T14862]  ? __pfx__printk+0x10/0x10
[  317.499227][T14862]  ? __might_fault+0xb0/0x130
[  317.499273][T14862]  should_fail_ex+0x414/0x560
[  317.499313][T14862]  _copy_from_user+0x2d/0xb0
[  317.499344][T14862]  do_sock_getsockopt+0x17d/0x450
[  317.499370][T14862]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  317.499392][T14862]  ? do_syscall_64+0x20/0x3b0
[  317.499427][T14862]  ? ksys_write+0x1e1/0x250
[  317.499465][T14862]  __x64_sys_getsockopt+0x1a5/0x250
[  317.499485][T14862]  ? do_syscall_64+0x20/0x3b0
[  317.499536][T14862]  ? do_syscall_64+0x20/0x3b0
[  317.499570][T14862]  do_syscall_64+0xfa/0x3b0
[  317.499607][T14862]  ? lockdep_hardirqs_on+0x9c/0x150
[  317.499633][T14862]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.499650][T14862]  ? clear_bhb_loop+0x60/0xb0
[  317.499673][T14862]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.499698][T14862] RIP: 0033:0x7fdcdb38e9a9
[  317.499714][T14862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  317.499731][T14862] RSP: 002b:00007fdcdc2d9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  317.499751][T14862] RAX: ffffffffffffffda RBX: 00007fdcdb5b5fa0 RCX: 00007fdcdb38e9a9
[  317.499764][T14862] RDX: 0000000000000023 RSI: 0000000000000006 RDI: 0000000000000004
[  317.499776][T14862] RBP: 00007fdcdc2d9090 R08: 0000200000000040 R09: 0000000000000000
[  317.499788][T14862] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000001
[  317.499799][T14862] R13: 0000000000000000 R14: 00007fdcdb5b5fa0 R15: 00007ffdd6e76138
[  317.499829][T14862]  </TASK>
[  318.028064][T14881] ip6gre1: entered promiscuous mode
[  318.169553][T14889] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2573'.
[  318.182216][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805a49b400: Timeout. Failed to send simple message.
[  318.192572][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805a498c00: Timeout. Failed to send simple message.
[  318.202314][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805a49a400: Timeout. Failed to send simple message.
[  318.212058][    C1] vcan0: j1939_tp_rxtimer: 0xffff888033bc1400: Timeout. Failed to send simple message.
[  318.221873][    C1] vcan0: j1939_tp_rxtimer: 0xffff888033bc1800: Timeout. Failed to send simple message.
[  318.231600][    C1] vcan0: j1939_tp_rxtimer: 0xffff888033bc1c00: Timeout. Failed to send simple message.
[  318.241339][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805b3ba800: Timeout. Failed to send simple message.
[  318.251099][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805b3bb400: Timeout. Failed to send simple message.
[  318.260917][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805b3bb800: Timeout. Failed to send simple message.
[  318.270627][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805b3b8800: Timeout. Failed to send simple message.
[  318.280342][    C1] vcan0: j1939_tp_rxtimer: 0xffff888058d9c800: Timeout. Failed to send simple message.
[  318.290083][    C1] vcan0: j1939_tp_rxtimer: 0xffff888058d9c000: Timeout. Failed to send simple message.
[  318.296565][T14895] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2574'.
[  318.299794][    C1] vcan0: j1939_tp_rxtimer: 0xffff888058d9c400: Timeout. Failed to send simple message.
[  318.299851][    C1] vcan0: j1939_tp_rxtimer: 0xffff888058d9cc00: Timeout. Failed to send simple message.
[  318.299906][    C1] vcan0: j1939_tp_rxtimer: 0xffff888058d9d000: Timeout. Failed to send simple message.
[  318.299961][    C1] vcan0: j1939_tp_rxtimer: 0xffff888058d9d400: Timeout. Failed to send simple message.
[  318.300015][    C1] vcan0: j1939_tp_rxtimer: 0xffff888058d9d800: Timeout. Failed to send simple message.
[  318.300073][    C1] vcan0: j1939_tp_rxtimer: 0xffff888058d9dc00: Timeout. Failed to send simple message.
[  318.308610][    C1] vcan0: j1939_tp_rxtimer: 0xffff888058d9e000: Timeout. Failed to send simple message.
[  318.328456][T14896] FAULT_INJECTION: forcing a failure.
[  318.328456][T14896] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  318.337996][    C1] vcan0: j1939_tp_rxtimer: 0xffff888058d9e400: Timeout. Failed to send simple message.
[  318.338078][    C1] vcan0: j1939_tp_rxtimer: 0xffff888058d9e800: Timeout. Failed to send simple message.
[  318.368135][T14896] CPU: 0 UID: 0 PID: 14896 Comm: syz.0.2576 Not tainted 6.16.0-syzkaller-06574-gd9104cec3e8f #0 PREEMPT(full) 
[  318.368163][T14896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  318.368177][T14896] Call Trace:
[  318.368186][T14896]  <TASK>
[  318.368196][T14896]  dump_stack_lvl+0x189/0x250
[  318.368222][T14896]  ? __pfx____ratelimit+0x10/0x10
[  318.368254][T14896]  ? __pfx_dump_stack_lvl+0x10/0x10
[  318.368276][T14896]  ? __pfx__printk+0x10/0x10
[  318.368302][T14896]  ? __might_fault+0xb0/0x130
[  318.368351][T14896]  should_fail_ex+0x414/0x560
[  318.368390][T14896]  _copy_from_user+0x2d/0xb0
[  318.368442][T14896]  do_tcp_getsockopt+0x1dd/0x2660
[  318.368496][T14896]  ? __pfx_do_tcp_getsockopt+0x10/0x10
[  318.368535][T14896]  ? sock_common_getsockopt+0x10/0xb0
[  318.368568][T14896]  ? __pfx_css_rstat_updated+0x10/0x10
[  318.368608][T14896]  ? count_memcg_event_mm+0x21/0x260
[  318.368649][T14896]  ? count_memcg_event_mm+0x21/0x260
[  318.368687][T14896]  ? __up_read+0x280/0x680
[  318.368718][T14896]  ? __pfx___up_read+0x10/0x10
[  318.368744][T14896]  ? do_user_addr_fault+0xbc1/0x1390
[  318.368794][T14896]  ? do_user_addr_fault+0xc8a/0x1390
[  318.368842][T14896]  ? irqentry_exit+0x74/0x90
[  318.368875][T14896]  ? lockdep_hardirqs_on+0x9c/0x150
[  318.368911][T14896]  ? irqentry_exit+0x74/0x90
[  318.368948][T14896]  ? exc_page_fault+0x9f/0xf0
[  318.368999][T14896]  tcp_getsockopt+0x83/0x130
[  318.369021][T14896]  ? sock_common_getsockopt+0x10/0xb0
[  318.369049][T14896]  ? rep_movs_alternative+0xf/0x90
[  318.369076][T14896]  ? sock_common_getsockopt+0x10/0xb0
[  318.369110][T14896]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  318.369147][T14896]  do_sock_getsockopt+0x372/0x450
[  318.369177][T14896]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  318.369200][T14896]  ? do_syscall_64+0x20/0x3b0
[  318.369240][T14896]  ? ksys_write+0x1e1/0x250
[  318.369283][T14896]  __x64_sys_getsockopt+0x1a5/0x250
[  318.369306][T14896]  ? do_syscall_64+0x20/0x3b0
[  318.369346][T14896]  ? do_syscall_64+0x20/0x3b0
[  318.369386][T14896]  do_syscall_64+0xfa/0x3b0
[  318.369421][T14896]  ? lockdep_hardirqs_on+0x9c/0x150
[  318.369455][T14896]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  318.369479][T14896]  ? clear_bhb_loop+0x60/0xb0
[  318.369521][T14896]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  318.369545][T14896] RIP: 0033:0x7fc56e58e9a9
[  318.369564][T14896] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  318.369596][T14896] RSP: 002b:00007fc56f4b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  318.369621][T14896] RAX: ffffffffffffffda RBX: 00007fc56e7b5fa0 RCX: 00007fc56e58e9a9
[  318.369649][T14896] RDX: 0000000000000023 RSI: 0000000000000006 RDI: 0000000000000004
[  318.369660][T14896] RBP: 00007fc56f4b3090 R08: 0000200000000040 R09: 0000000000000000
[  318.369674][T14896] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000001
[  318.369688][T14896] R13: 0000000000000000 R14: 00007fc56e7b5fa0 R15: 00007fff803866a8
[  318.369720][T14896]  </TASK>
[  318.704153][    C1] vcan0: j1939_tp_rxtimer: 0xffff888058d9ec00: Timeout. Failed to send simple message.
[  318.713857][    C1] vcan0: j1939_tp_rxtimer: 0xffff888058d9fc00: Timeout. Failed to send simple message.
[  318.723553][    C1] vcan0: j1939_tp_rxtimer: 0xffff88804bb4a400: Timeout. Failed to send simple message.
[  318.733267][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805aa0a800: Timeout. Failed to send simple message.
[  318.742980][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805aa09c00: Timeout. Failed to send simple message.
[  318.752696][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805aa09400: Timeout. Failed to send simple message.
[  318.762389][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805aa08400: Timeout. Failed to send simple message.
[  318.772092][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805aa09000: Timeout. Failed to send simple message.
[  318.781783][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805aa08800: Timeout. Failed to send simple message.
[  318.791478][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805aa09800: Timeout. Failed to send simple message.
[  318.801194][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805aa08000: Timeout. Failed to send simple message.
[  318.810917][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805aa08c00: Timeout. Failed to send simple message.
[  318.820644][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805aa0b000: Timeout. Failed to send simple message.
[  318.830360][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805aa0ac00: Timeout. Failed to send simple message.
[  318.840074][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805aa0b400: Timeout. Failed to send simple message.
[  318.849823][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805aa0bc00: Timeout. Failed to send simple message.
[  318.859573][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805aa0b800: Timeout. Failed to send simple message.
[  318.869321][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805a59d800: Timeout. Failed to send simple message.
[  318.879062][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805a59e800: Timeout. Failed to send simple message.
[  318.888860][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805a59e400: Timeout. Failed to send simple message.
[  318.898568][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805a59e000: Timeout. Failed to send simple message.
[  318.908249][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805a59f000: Timeout. Failed to send simple message.
[  318.918015][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805a59f400: Timeout. Failed to send simple message.
[  318.927693][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805a59fc00: Timeout. Failed to send simple message.
[  318.937379][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805a59cc00: Timeout. Failed to send simple message.
[  318.947061][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805a59ec00: Timeout. Failed to send simple message.
[  318.956781][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805a59c000: Timeout. Failed to send simple message.
[  318.966506][    C1] vcan0: j1939_tp_rxtimer: 0xffff88804bf94c00: Timeout. Failed to send simple message.
[  318.976294][    C1] vcan0: j1939_tp_rxtimer: 0xffff88804bf94000: Timeout. Failed to send simple message.
[  318.985999][    C1] vcan0: j1939_tp_rxtimer: 0xffff88804bf95400: Timeout. Failed to send simple message.
[  318.995696][    C1] vcan0: j1939_tp_rxtimer: 0xffff88804bf95000: Timeout. Failed to send simple message.
[  319.005437][    C1] vcan0: j1939_tp_rxtimer: 0xffff88804bf96000: Timeout. Failed to send simple message.
[  319.015188][    C1] vcan0: j1939_tp_rxtimer: 0xffff88804bf97000: Timeout. Failed to send simple message.
[  319.024932][    C1] vcan0: j1939_tp_rxtimer: 0xffff88804bf97400: Timeout. Failed to send simple message.
[  319.034643][    C1] vcan0: j1939_tp_rxtimer: 0xffff88804a3be400: Timeout. Failed to send simple message.
[  319.044333][    C1] vcan0: j1939_tp_rxtimer: 0xffff88804a3bd400: Timeout. Failed to send simple message.
[  319.054033][    C1] vcan0: j1939_tp_rxtimer: 0xffff88804a3bfc00: Timeout. Failed to send simple message.
[  319.063775][    C1] vcan0: j1939_tp_rxtimer: 0xffff88804a3bf800: Timeout. Failed to send simple message.
[  319.073517][    C1] vcan0: j1939_tp_rxtimer: 0xffff88804a3bcc00: Timeout. Failed to send simple message.
[  319.196122][T14903] IPv6: Can't replace route, no match found
[  319.371581][T14916] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2584'.
[  319.526338][T14923] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2586'.
[  319.569551][T14933] FAULT_INJECTION: forcing a failure.
[  319.569551][T14933] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  319.581813][T14926] sctp: [Deprecated]: syz.2.2586 (pid 14926) Use of int in max_burst socket option deprecated.
[  319.581813][T14926] Use struct sctp_assoc_value instead
[  319.607924][T14933] CPU: 0 UID: 0 PID: 14933 Comm: syz.3.2589 Not tainted 6.16.0-syzkaller-06574-gd9104cec3e8f #0 PREEMPT(full) 
[  319.607952][T14933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  319.607963][T14933] Call Trace:
[  319.607970][T14933]  <TASK>
[  319.607979][T14933]  dump_stack_lvl+0x189/0x250
[  319.608002][T14933]  ? __pfx____ratelimit+0x10/0x10
[  319.608030][T14933]  ? __pfx_dump_stack_lvl+0x10/0x10
[  319.608048][T14933]  ? __pfx__printk+0x10/0x10
[  319.608074][T14933]  ? __might_fault+0xb0/0x130
[  319.608106][T14933]  should_fail_ex+0x414/0x560
[  319.608137][T14933]  _copy_from_user+0x2d/0xb0
[  319.608161][T14933]  copy_from_sockptr+0x5e/0xa0
[  319.608188][T14933]  do_tcp_getsockopt+0xc6c/0x2660
[  319.608222][T14933]  ? __pfx_do_tcp_getsockopt+0x10/0x10
[  319.608248][T14933]  ? sock_common_getsockopt+0x10/0xb0
[  319.608270][T14933]  ? __pfx_css_rstat_updated+0x10/0x10
[  319.608297][T14933]  ? count_memcg_event_mm+0x21/0x260
[  319.608328][T14933]  ? count_memcg_event_mm+0x21/0x260
[  319.608364][T14933]  ? __up_read+0x280/0x680
[  319.608404][T14933]  ? __pfx___up_read+0x10/0x10
[  319.608428][T14933]  ? do_user_addr_fault+0xbc1/0x1390
[  319.608466][T14933]  ? do_user_addr_fault+0xc8a/0x1390
[  319.608535][T14933]  tcp_getsockopt+0x83/0x130
[  319.608555][T14933]  ? sock_common_getsockopt+0x10/0xb0
[  319.608583][T14933]  ? rep_movs_alternative+0xf/0x90
[  319.608606][T14933]  ? sock_common_getsockopt+0x10/0xb0
[  319.608634][T14933]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  319.608666][T14933]  do_sock_getsockopt+0x372/0x450
[  319.608692][T14933]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  319.608713][T14933]  ? do_syscall_64+0x20/0x3b0
[  319.608747][T14933]  ? ksys_write+0x1e1/0x250
[  319.608786][T14933]  __x64_sys_getsockopt+0x1a5/0x250
[  319.608806][T14933]  ? do_syscall_64+0x20/0x3b0
[  319.608840][T14933]  ? do_syscall_64+0x20/0x3b0
[  319.608876][T14933]  do_syscall_64+0xfa/0x3b0
[  319.608906][T14933]  ? lockdep_hardirqs_on+0x9c/0x150
[  319.608948][T14933]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  319.608969][T14933]  ? clear_bhb_loop+0x60/0xb0
[  319.608997][T14933]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  319.609017][T14933] RIP: 0033:0x7f66ca78e9a9
[  319.609036][T14933] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  319.609055][T14933] RSP: 002b:00007f66cb618038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  319.609080][T14933] RAX: ffffffffffffffda RBX: 00007f66ca9b5fa0 RCX: 00007f66ca78e9a9
[  319.609096][T14933] RDX: 0000000000000023 RSI: 0000000000000006 RDI: 0000000000000004
[  319.609109][T14933] RBP: 00007f66cb618090 R08: 0000200000000040 R09: 0000000000000000
[  319.609122][T14933] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000001
[  319.609136][T14933] R13: 0000000000000000 R14: 00007f66ca9b5fa0 R15: 00007ffd42e25be8
[  319.609170][T14933]  </TASK>
[  320.081837][T14947] syzkaller0: entered promiscuous mode
[  320.087486][T14947] syzkaller0: entered allmulticast mode
[  320.124611][T14947] netlink: 'syz.0.2594': attribute type 5 has an invalid length.
[  321.853230][T15001] netlink: 'syz.2.2609': attribute type 13 has an invalid length.
[  322.113875][T15007] __nla_validate_parse: 2 callbacks suppressed
[  322.113893][T15007] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2610'.
[  322.132204][T15021] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2612'.
[  322.213857][T15021] veth1_to_hsr: entered allmulticast mode
[  322.345006][T15029] sctp: [Deprecated]: syz.4.2617 (pid 15029) Use of struct sctp_assoc_value in delayed_ack socket option.
[  322.345006][T15029] Use struct sctp_sack_info instead
[  322.393480][T15027] netlink: 72 bytes leftover after parsing attributes in process `syz.1.2616'.
[  322.564402][T15046] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2623'.
[  322.591736][T15046] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2623'.
[  322.633376][T15046] gretap0: entered promiscuous mode
[  322.654504][T15046] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2623'.
[  322.679722][T15046] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2623'.
[  322.708793][T15046] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  322.944397][T15067] netlink: 84 bytes leftover after parsing attributes in process `syz.4.2630'.
[  323.451061][T15104] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2639'.
[  323.464257][T15104] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2639'.
[  323.475780][T15104] netlink: 'syz.2.2639': attribute type 20 has an invalid length.
[  323.819745][   T44] tipc: Node number set to 688789792
[  325.459858][T15212] netlink: 'syz.2.2682': attribute type 4 has an invalid length.
[  325.508195][T15212] syz.2.2682 (15212) used obsolete PPPIOCDETACH ioctl
[  325.778139][T15233] x_tables: ip_tables: bpf.1 match: invalid size 528 (kernel) != (user) 536
[  326.410049][T15272] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  326.516295][T15281] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  326.551949][T15279] FAULT_INJECTION: forcing a failure.
[  326.551949][T15279] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  326.603825][T15279] CPU: 0 UID: 0 PID: 15279 Comm: syz.3.2711 Not tainted 6.16.0-syzkaller-06574-gd9104cec3e8f #0 PREEMPT(full) 
[  326.603855][T15279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  326.603867][T15279] Call Trace:
[  326.603875][T15279]  <TASK>
[  326.603884][T15279]  dump_stack_lvl+0x189/0x250
[  326.603909][T15279]  ? __pfx____ratelimit+0x10/0x10
[  326.603938][T15279]  ? __pfx_dump_stack_lvl+0x10/0x10
[  326.603959][T15279]  ? __pfx__printk+0x10/0x10
[  326.603984][T15279]  ? __might_fault+0xb0/0x130
[  326.604032][T15279]  should_fail_ex+0x414/0x560
[  326.604069][T15279]  _copy_from_user+0x2d/0xb0
[  326.604097][T15279]  ___sys_sendmsg+0x158/0x2a0
[  326.604122][T15279]  ? __pfx____sys_sendmsg+0x10/0x10
[  326.604182][T15279]  ? __fget_files+0x2a/0x420
[  326.604200][T15279]  ? __fget_files+0x3a0/0x420
[  326.604231][T15279]  __x64_sys_sendmsg+0x19b/0x260
[  326.604254][T15279]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  326.604297][T15279]  ? __pfx_ksys_write+0x10/0x10
[  326.604321][T15279]  ? rcu_is_watching+0x15/0xb0
[  326.604355][T15279]  ? do_syscall_64+0xbe/0x3b0
[  326.604386][T15279]  do_syscall_64+0xfa/0x3b0
[  326.604412][T15279]  ? lockdep_hardirqs_on+0x9c/0x150
[  326.604438][T15279]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.604456][T15279]  ? clear_bhb_loop+0x60/0xb0
[  326.604479][T15279]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.604496][T15279] RIP: 0033:0x7f66ca78e9a9
[  326.604512][T15279] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  326.604528][T15279] RSP: 002b:00007f66cb618038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  326.604549][T15279] RAX: ffffffffffffffda RBX: 00007f66ca9b5fa0 RCX: 00007f66ca78e9a9
[  326.604563][T15279] RDX: 0000000020044040 RSI: 00002000000000c0 RDI: 0000000000000004
[  326.604575][T15279] RBP: 00007f66cb618090 R08: 0000000000000000 R09: 0000000000000000
[  326.604587][T15279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  326.604598][T15279] R13: 0000000000000000 R14: 00007f66ca9b5fa0 R15: 00007ffd42e25be8
[  326.604646][T15279]  </TASK>
[  326.941690][T15280] nbd2: detected capacity change from 0 to 127
[  326.962711][T15284] netlink: 'syz.1.2712': attribute type 21 has an invalid length.
[  326.993624][ T5852] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  327.002182][ T5852] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  327.010368][ T5852] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  327.018403][ T5852] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  327.030467][ T5852] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  327.079803][T15287] lo speed is unknown, defaulting to 1000
[  327.228112][T15293] netlink: 'syz.1.2714': attribute type 1 has an invalid length.
[  327.363135][ T5841] block nbd2: Receive control failed (result -32)
[  327.379914][T15293] 8021q: adding VLAN 0 to HW filter on device bond4
[  327.464583][T15300] bond4: (slave ip6gretap1): making interface the new active one
[  327.485443][T15300] bond4: (slave ip6gretap1): Enslaving as an active interface with an up link
[  327.498152][T15293] erspan0: entered allmulticast mode
[  327.508091][T15293] bond4: (slave erspan0): Enslaving as an active interface with an up link
[  327.556750][T15301] veth1: entered promiscuous mode
[  327.603598][T15301] bond4: (slave veth1): Enslaving as an active interface with a down link
[  327.643367][T15287] lo speed is unknown, defaulting to 1000
[  328.172360][T15287] chnl_net:caif_netlink_parms(): no params data found
[  328.254452][T15340] __nla_validate_parse: 4 callbacks suppressed
[  328.254469][T15340] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2728'.
[  328.432308][T15287] bridge0: port 1(bridge_slave_0) entered blocking state
[  328.456414][T15287] bridge0: port 1(bridge_slave_0) entered disabled state
[  328.477719][T15287] bridge_slave_0: entered allmulticast mode
[  328.491769][T15287] bridge_slave_0: entered promiscuous mode
[  328.527594][T15287] bridge0: port 2(bridge_slave_1) entered blocking state
[  328.536367][T15287] bridge0: port 2(bridge_slave_1) entered disabled state
[  328.544272][T15287] bridge_slave_1: entered allmulticast mode
[  328.556040][T15287] bridge_slave_1: entered promiscuous mode
[  328.655712][T15359] IPVS: Error connecting to the multicast addr
[  328.682044][T15287] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  328.702660][T15364] IPVS: Error connecting to the multicast addr
[  328.714058][T15287] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  328.794190][T15287] team0: Port device team_slave_0 added
[  328.823512][T15287] team0: Port device team_slave_1 added
[  328.983381][T15287] batman_adv: batadv0: Adding interface: batadv_slave_0
[  329.004208][T15287] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  329.076305][T15287] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  329.109909][ T5841] Bluetooth: hci5: command tx timeout
[  329.120279][T15287] batman_adv: batadv0: Adding interface: batadv_slave_1
[  329.127280][T15287] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  329.205221][T15287] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  329.438389][T15287] hsr_slave_0: entered promiscuous mode
[  329.446406][T15287] hsr_slave_1: entered promiscuous mode
[  329.458597][T15287] debugfs: 'hsr0' already exists in 'hsr'
[  329.474716][T15287] Cannot create hsr debugfs directory
[  329.655616][T15407] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2749'.
[  329.701561][T15407] netlink: 84 bytes leftover after parsing attributes in process `syz.3.2749'.
[  329.731538][T15408] lo speed is unknown, defaulting to 1000
[  329.989253][T15426] nbd: socks must be embedded in a SOCK_ITEM attr
[  330.011882][T15426] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci5/hci5:200/input6
[  330.087008][T15425] syzkaller0: entered allmulticast mode
[  330.156974][T15433] netlink: 164 bytes leftover after parsing attributes in process `syz.0.2755'.
[  330.779088][T15417] syzkaller0: left allmulticast mode
[  330.983251][T15408] lo speed is unknown, defaulting to 1000
[  331.195428][ T5841] Bluetooth: hci5: command tx timeout
[  331.765021][T15287] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  332.025787][T15287] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  332.046463][T15287] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  332.071164][T15287] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  332.125688][   T30] audit: type=1800 audit(1753938874.094:4): pid=15481 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2766" name=FD44F8D7B1638CD8D8BEF0E3094BBC7E919C180A9D38F8C347C38BD8B74413E2 dev="tmpfs" ino=2716 res=0 errno=0
[  332.497365][T15287] 8021q: adding VLAN 0 to HW filter on device bond0
[  332.541354][T15287] 8021q: adding VLAN 0 to HW filter on device team0
[  332.571663][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  332.578872][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  332.603281][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  332.610475][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  332.788311][T15287] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  333.272498][ T5841] Bluetooth: hci5: command tx timeout
[  333.356512][ T9501] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  333.367674][T15287] 8021q: adding VLAN 0 to HW filter on device batadv0
[  333.376364][ T9501] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  333.707172][T15559] netlink: 'syz.1.2788': attribute type 83 has an invalid length.
[  333.885127][T15571] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2792'.
[  333.970998][T15578] netlink: 'syz.2.2793': attribute type 22 has an invalid length.
[  334.086762][T15580] IPVS: set_ctl: invalid protocol: 44 172.30.0.3:20000
[  334.121427][T15287] veth0_vlan: entered promiscuous mode
[  334.158012][T15287] veth1_vlan: entered promiscuous mode
[  334.235027][T15287] veth0_macvtap: entered promiscuous mode
[  334.261082][T15287] veth1_macvtap: entered promiscuous mode
[  334.356583][T15287] batman_adv: batadv0: Interface activated: batadv_slave_0
[  334.407593][T15287] batman_adv: batadv0: Interface activated: batadv_slave_1
[  334.438329][   T13] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  334.466867][   T13] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  334.480448][ T9504] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  334.512039][ T9504] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  334.773362][T15609] netlink: 'syz.1.2802': attribute type 66 has an invalid length.
[  334.784205][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  334.804268][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  334.842676][T15612] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2803'.
[  334.853347][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  334.870445][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  335.026569][T15620] FAULT_INJECTION: forcing a failure.
[  335.026569][T15620] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  335.052022][T15620] CPU: 1 UID: 0 PID: 15620 Comm: syz.2.2805 Not tainted 6.16.0-syzkaller-06574-gd9104cec3e8f #0 PREEMPT(full) 
[  335.052050][T15620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  335.052062][T15620] Call Trace:
[  335.052069][T15620]  <TASK>
[  335.052078][T15620]  dump_stack_lvl+0x189/0x250
[  335.052101][T15620]  ? __pfx____ratelimit+0x10/0x10
[  335.052128][T15620]  ? __pfx_dump_stack_lvl+0x10/0x10
[  335.052147][T15620]  ? __pfx__printk+0x10/0x10
[  335.052170][T15620]  ? __might_fault+0xb0/0x130
[  335.052209][T15620]  should_fail_ex+0x414/0x560
[  335.052244][T15620]  _copy_from_iter+0x1db/0x16f0
[  335.052271][T15620]  ? rcu_is_watching+0x15/0xb0
[  335.052302][T15620]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  335.052332][T15620]  ? __pfx__copy_from_iter+0x10/0x10
[  335.052356][T15620]  ? __build_skb_around+0x257/0x3e0
[  335.052389][T15620]  ? netlink_sendmsg+0x642/0xb30
[  335.052415][T15620]  ? skb_put+0x11b/0x210
[  335.052436][T15620]  netlink_sendmsg+0x6b2/0xb30
[  335.052473][T15620]  ? __pfx_netlink_sendmsg+0x10/0x10
[  335.052504][T15620]  ? aa_sock_msg_perm+0x94/0x160
[  335.052537][T15620]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  335.052558][T15620]  ? __pfx_netlink_sendmsg+0x10/0x10
[  335.052586][T15620]  __sock_sendmsg+0x219/0x270
[  335.052614][T15620]  ____sys_sendmsg+0x505/0x830
[  335.052639][T15620]  ? __pfx_____sys_sendmsg+0x10/0x10
[  335.052668][T15620]  ? import_iovec+0x74/0xa0
[  335.052698][T15620]  ___sys_sendmsg+0x21f/0x2a0
[  335.052720][T15620]  ? __pfx____sys_sendmsg+0x10/0x10
[  335.052775][T15620]  ? __fget_files+0x2a/0x420
[  335.052792][T15620]  ? __fget_files+0x3a0/0x420
[  335.052820][T15620]  __x64_sys_sendmsg+0x19b/0x260
[  335.052843][T15620]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  335.052872][T15620]  ? __pfx_ksys_write+0x10/0x10
[  335.052896][T15620]  ? rcu_is_watching+0x15/0xb0
[  335.052930][T15620]  ? do_syscall_64+0xbe/0x3b0
[  335.052961][T15620]  do_syscall_64+0xfa/0x3b0
[  335.052987][T15620]  ? lockdep_hardirqs_on+0x9c/0x150
[  335.053011][T15620]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.053030][T15620]  ? clear_bhb_loop+0x60/0xb0
[  335.053053][T15620]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.053071][T15620] RIP: 0033:0x7fe73258e9a9
[  335.053087][T15620] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  335.053103][T15620] RSP: 002b:00007fe7333c3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  335.053124][T15620] RAX: ffffffffffffffda RBX: 00007fe7327b5fa0 RCX: 00007fe73258e9a9
[  335.053138][T15620] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  335.053149][T15620] RBP: 00007fe7333c3090 R08: 0000000000000000 R09: 0000000000000000
[  335.053161][T15620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  335.053171][T15620] R13: 0000000000000000 R14: 00007fe7327b5fa0 R15: 00007fff2b6ca1b8
[  335.053201][T15620]  </TASK>
[  335.403853][ T5841] Bluetooth: hci5: command tx timeout
[  335.491828][T15630] netlink: 'syz.2.2808': attribute type 1 has an invalid length.
[  335.535900][T15630] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2808'.
[  335.545566][T15632] bridge0: failed insert local address into bridge forwarding table
[  335.562331][T15632] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2809'.
[  335.793539][T15641] block nbd4: server does not support multiple connections per device.
[  335.803276][T15641] block nbd4: shutting down sockets
[  335.911542][T15652] netlink: 256 bytes leftover after parsing attributes in process `syz.4.2817'.
[  335.924398][T15652] netlink: 56 bytes leftover after parsing attributes in process `syz.4.2817'.
[  335.975154][T15654] 8021q: adding VLAN 0 to HW filter on device ipvlan0
[  335.988591][T15657] FAULT_INJECTION: forcing a failure.
[  335.988591][T15657] name failslab, interval 1, probability 0, space 0, times 0
[  336.028541][T15657] CPU: 0 UID: 0 PID: 15657 Comm: syz.0.2818 Not tainted 6.16.0-syzkaller-06574-gd9104cec3e8f #0 PREEMPT(full) 
[  336.028572][T15657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  336.028586][T15657] Call Trace:
[  336.028594][T15657]  <TASK>
[  336.028604][T15657]  dump_stack_lvl+0x189/0x250
[  336.028631][T15657]  ? __pfx____ratelimit+0x10/0x10
[  336.028664][T15657]  ? __pfx_dump_stack_lvl+0x10/0x10
[  336.028687][T15657]  ? __pfx__printk+0x10/0x10
[  336.028717][T15657]  ? __lock_acquire+0xab9/0xd20
[  336.028759][T15657]  should_fail_ex+0x414/0x560
[  336.028801][T15657]  should_failslab+0xa8/0x100
[  336.028825][T15657]  kmem_cache_alloc_noprof+0x73/0x3c0
[  336.028857][T15657]  ? skb_clone+0x212/0x3a0
[  336.028888][T15657]  skb_clone+0x212/0x3a0
[  336.028917][T15657]  __netlink_deliver_tap+0x404/0x850
[  336.028969][T15657]  ? netlink_deliver_tap+0x2e/0x1b0
[  336.029004][T15657]  netlink_deliver_tap+0x19c/0x1b0
[  336.029038][T15657]  netlink_unicast+0x7fa/0x9e0
[  336.029078][T15657]  ? __pfx_netlink_unicast+0x10/0x10
[  336.029110][T15657]  ? netlink_sendmsg+0x642/0xb30
[  336.029140][T15657]  ? skb_put+0x11b/0x210
[  336.029164][T15657]  netlink_sendmsg+0x805/0xb30
[  336.029209][T15657]  ? __pfx_netlink_sendmsg+0x10/0x10
[  336.029247][T15657]  ? aa_sock_msg_perm+0x94/0x160
[  336.029278][T15657]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  336.029303][T15657]  ? __pfx_netlink_sendmsg+0x10/0x10
[  336.029337][T15657]  __sock_sendmsg+0x219/0x270
[  336.029369][T15657]  ____sys_sendmsg+0x505/0x830
[  336.029399][T15657]  ? __pfx_____sys_sendmsg+0x10/0x10
[  336.029440][T15657]  ? import_iovec+0x74/0xa0
[  336.029476][T15657]  ___sys_sendmsg+0x21f/0x2a0
[  336.029502][T15657]  ? __pfx____sys_sendmsg+0x10/0x10
[  336.029570][T15657]  ? __fget_files+0x2a/0x420
[  336.029601][T15657]  ? __fget_files+0x3a0/0x420
[  336.029633][T15657]  __x64_sys_sendmsg+0x19b/0x260
[  336.029667][T15657]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  336.029697][T15657]  ? __pfx_ksys_write+0x10/0x10
[  336.029721][T15657]  ? rcu_is_watching+0x15/0xb0
[  336.029756][T15657]  ? do_syscall_64+0xbe/0x3b0
[  336.029788][T15657]  do_syscall_64+0xfa/0x3b0
[  336.029814][T15657]  ? lockdep_hardirqs_on+0x9c/0x150
[  336.029840][T15657]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.029859][T15657]  ? clear_bhb_loop+0x60/0xb0
[  336.029882][T15657]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.029900][T15657] RIP: 0033:0x7fc56e58e9a9
[  336.029916][T15657] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  336.029933][T15657] RSP: 002b:00007fc56f4b3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  336.029955][T15657] RAX: ffffffffffffffda RBX: 00007fc56e7b5fa0 RCX: 00007fc56e58e9a9
[  336.029968][T15657] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  336.029980][T15657] RBP: 00007fc56f4b3090 R08: 0000000000000000 R09: 0000000000000000
[  336.029991][T15657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  336.030002][T15657] R13: 0000000000000000 R14: 00007fc56e7b5fa0 R15: 00007fff803866a8
[  336.030033][T15657]  </TASK>
[  336.614902][T15672] nbd: socks must be embedded in a SOCK_ITEM attr
[  336.811874][T15679] FAULT_INJECTION: forcing a failure.
[  336.811874][T15679] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  336.832680][T15679] CPU: 0 UID: 0 PID: 15679 Comm: syz.1.2828 Not tainted 6.16.0-syzkaller-06574-gd9104cec3e8f #0 PREEMPT(full) 
[  336.832708][T15679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  336.832719][T15679] Call Trace:
[  336.832727][T15679]  <TASK>
[  336.832735][T15679]  dump_stack_lvl+0x189/0x250
[  336.832759][T15679]  ? __pfx____ratelimit+0x10/0x10
[  336.832786][T15679]  ? __pfx_dump_stack_lvl+0x10/0x10
[  336.832806][T15679]  ? __pfx__printk+0x10/0x10
[  336.832829][T15679]  ? __might_fault+0xb0/0x130
[  336.832868][T15679]  should_fail_ex+0x414/0x560
[  336.832903][T15679]  _copy_from_user+0x2d/0xb0
[  336.832931][T15679]  kstrtouint_from_user+0xc4/0x170
[  336.832955][T15679]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  336.833008][T15679]  proc_fail_nth_write+0x88/0x200
[  336.833030][T15679]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  336.833059][T15679]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  336.833083][T15679]  vfs_write+0x27b/0xa90
[  336.833118][T15679]  ? __pfx_vfs_write+0x10/0x10
[  336.833146][T15679]  ? __fget_files+0x2a/0x420
[  336.833169][T15679]  ? __fget_files+0x3a0/0x420
[  336.833202][T15679]  ? __fget_files+0x2a/0x420
[  336.833243][T15679]  ksys_write+0x145/0x250
[  336.833272][T15679]  ? __pfx_ksys_write+0x10/0x10
[  336.833313][T15679]  ? rcu_is_watching+0x15/0xb0
[  336.833358][T15679]  ? do_syscall_64+0xbe/0x3b0
[  336.833392][T15679]  do_syscall_64+0xfa/0x3b0
[  336.833419][T15679]  ? lockdep_hardirqs_on+0x9c/0x150
[  336.833446][T15679]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.833466][T15679]  ? clear_bhb_loop+0x60/0xb0
[  336.833490][T15679]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.833509][T15679] RIP: 0033:0x7fdcdb38d45f
[  336.833526][T15679] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  336.833543][T15679] RSP: 002b:00007fdcdc2d9030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  336.833565][T15679] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fdcdb38d45f
[  336.833578][T15679] RDX: 0000000000000001 RSI: 00007fdcdc2d90a0 RDI: 0000000000000003
[  336.833591][T15679] RBP: 00007fdcdc2d9090 R08: 0000000000000000 R09: 0000000000000000
[  336.833603][T15679] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  336.833615][T15679] R13: 0000000000000000 R14: 00007fdcdb5b5fa0 R15: 00007ffdd6e76138
[  336.833647][T15679]  </TASK>
[  337.102516][T15683] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2830'.
[  337.112443][T15683] net_ratelimit: 3312 callbacks suppressed
[  337.112459][T15683] openvswitch: netlink: VXLAN extension message has 1 unknown bytes.
[  337.260565][T15692] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2833'.
[  337.261499][T15697] netlink: 248 bytes leftover after parsing attributes in process `syz.1.2835'.
[  337.308451][T15692] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2833'.
[  337.512941][T15710] (unnamed net_device) (uninitialized): Removing last ns target with arp_interval on
[  337.701055][T15721] batadv_slave_1: entered promiscuous mode
[  337.828815][T15720] batadv_slave_1: left promiscuous mode
[  337.912024][T15737] FAULT_INJECTION: forcing a failure.
[  337.912024][T15737] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  337.944126][T15737] CPU: 1 UID: 0 PID: 15737 Comm: syz.2.2844 Not tainted 6.16.0-syzkaller-06574-gd9104cec3e8f #0 PREEMPT(full) 
[  337.944154][T15737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  337.944166][T15737] Call Trace:
[  337.944174][T15737]  <TASK>
[  337.944182][T15737]  dump_stack_lvl+0x189/0x250
[  337.944207][T15737]  ? __pfx____ratelimit+0x10/0x10
[  337.944235][T15737]  ? __pfx_dump_stack_lvl+0x10/0x10
[  337.944262][T15737]  ? __pfx__printk+0x10/0x10
[  337.944286][T15737]  ? __might_fault+0xb0/0x130
[  337.944325][T15737]  should_fail_ex+0x414/0x560
[  337.944360][T15737]  _copy_from_iter+0x1db/0x16f0
[  337.944387][T15737]  ? rcu_is_watching+0x15/0xb0
[  337.944417][T15737]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  337.944447][T15737]  ? __pfx__copy_from_iter+0x10/0x10
[  337.944472][T15737]  ? __build_skb_around+0x257/0x3e0
[  337.944504][T15737]  ? netlink_sendmsg+0x642/0xb30
[  337.944530][T15737]  ? skb_put+0x11b/0x210
[  337.944550][T15737]  netlink_sendmsg+0x6b2/0xb30
[  337.944586][T15737]  ? __pfx_netlink_sendmsg+0x10/0x10
[  337.944618][T15737]  ? aa_sock_msg_perm+0x94/0x160
[  337.944645][T15737]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  337.944665][T15737]  ? __pfx_netlink_sendmsg+0x10/0x10
[  337.944694][T15737]  __sock_sendmsg+0x219/0x270
[  337.944722][T15737]  ____sys_sendmsg+0x505/0x830
[  337.944747][T15737]  ? __pfx_____sys_sendmsg+0x10/0x10
[  337.944777][T15737]  ? import_iovec+0x74/0xa0
[  337.944806][T15737]  ___sys_sendmsg+0x21f/0x2a0
[  337.944828][T15737]  ? __pfx____sys_sendmsg+0x10/0x10
[  337.944882][T15737]  ? __fget_files+0x2a/0x420
[  337.944899][T15737]  ? __fget_files+0x3a0/0x420
[  337.944928][T15737]  __x64_sys_sendmsg+0x19b/0x260
[  337.944951][T15737]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  337.944980][T15737]  ? __pfx_ksys_write+0x10/0x10
[  337.945013][T15737]  ? do_syscall_64+0xbe/0x3b0
[  337.945045][T15737]  do_syscall_64+0xfa/0x3b0
[  337.945070][T15737]  ? lockdep_hardirqs_on+0x9c/0x150
[  337.945096][T15737]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.945114][T15737]  ? clear_bhb_loop+0x60/0xb0
[  337.945137][T15737]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.945155][T15737] RIP: 0033:0x7fe73258e9a9
[  337.945171][T15737] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  337.945188][T15737] RSP: 002b:00007fe7333c3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  337.945209][T15737] RAX: ffffffffffffffda RBX: 00007fe7327b5fa0 RCX: 00007fe73258e9a9
[  337.945222][T15737] RDX: 00000000000040c0 RSI: 0000200000001480 RDI: 0000000000000004
[  337.945234][T15737] RBP: 00007fe7333c3090 R08: 0000000000000000 R09: 0000000000000000
[  337.945252][T15737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  337.945262][T15737] R13: 0000000000000000 R14: 00007fe7327b5fa0 R15: 00007fff2b6ca1b8
[  337.945292][T15737]  </TASK>
[  338.335892][T15747] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  338.392453][T15739] ÿ: renamed from bond_slave_0
[  338.801084][T15776] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  338.808607][T15776] batman_adv: batadv0: Removing interface: batadv_slave_0
[  338.826482][T15776] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  338.847289][T15776] batman_adv: batadv0: Removing interface: batadv_slave_1
[  338.897034][T15785] __nla_validate_parse: 4 callbacks suppressed
[  338.897049][T15785] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2862'.
[  339.955886][T15832] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2872'.
[  339.979531][T15833] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.2871'.
[  340.004766][T15823] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.2871'.
[  340.020869][T15837] netlink: 108 bytes leftover after parsing attributes in process `syz.1.2876'.
[  340.029535][T15822] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2872'.
[  340.037997][T15837] netlink: 108 bytes leftover after parsing attributes in process `syz.1.2876'.
[  340.080110][T15831] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.2871'.
[  340.290001][T15848] netlink: 76 bytes leftover after parsing attributes in process `syz.0.2880'.
[  340.490963][T15858] (unnamed net_device) (uninitialized): option all_slaves_active: invalid value (7)
[  340.838735][T15881] netlink: 'syz.4.2890': attribute type 10 has an invalid length.
[  340.841654][T15877] netlink: 'syz.3.2889': attribute type 2 has an invalid length.
[  340.855930][T15881] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2890'.
[  340.876351][T15881] dummy0: entered promiscuous mode
[  340.885535][T15881] bridge0: port 3(dummy0) entered blocking state
[  340.909180][T15881] bridge0: port 3(dummy0) entered disabled state
[  340.921556][T15881] dummy0: entered allmulticast mode
[  340.957981][T15881] bridge0: port 3(dummy0) entered blocking state
[  340.964530][T15881] bridge0: port 3(dummy0) entered forwarding state
[  341.023002][T15881] netlink: 'syz.4.2890': attribute type 3 has an invalid length.
[  341.049634][T15885] lo speed is unknown, defaulting to 1000
[  341.414634][T15885] lo speed is unknown, defaulting to 1000
[  341.732321][T15911] netlink: 'syz.1.2899': attribute type 6 has an invalid length.
[  341.919936][T15928] FAULT_INJECTION: forcing a failure.
[  341.919936][T15928] name failslab, interval 1, probability 0, space 0, times 0
[  341.932786][T15928] CPU: 0 UID: 0 PID: 15928 Comm: syz.3.2903 Not tainted 6.16.0-syzkaller-06574-gd9104cec3e8f #0 PREEMPT(full) 
[  341.932814][T15928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  341.932826][T15928] Call Trace:
[  341.932835][T15928]  <TASK>
[  341.932843][T15928]  dump_stack_lvl+0x189/0x250
[  341.932869][T15928]  ? __pfx____ratelimit+0x10/0x10
[  341.932922][T15928]  ? __pfx_dump_stack_lvl+0x10/0x10
[  341.932942][T15928]  ? __pfx__printk+0x10/0x10
[  341.932988][T15928]  ? __pfx___might_resched+0x10/0x10
[  341.933029][T15928]  ? fs_reclaim_acquire+0x7d/0x100
[  341.933055][T15928]  should_fail_ex+0x414/0x560
[  341.933089][T15928]  should_failslab+0xa8/0x100
[  341.933108][T15928]  __kmalloc_noprof+0xcb/0x4f0
[  341.933134][T15928]  ? nft_set_elem_expr_alloc+0x16f/0x590
[  341.933165][T15928]  nft_set_elem_expr_alloc+0x16f/0x590
[  341.933194][T15928]  ? __pfx_nft_set_elem_expr_alloc+0x10/0x10
[  341.933234][T15928]  ? nla_strcmp+0x106/0x140
[  341.933270][T15928]  ? nla_strcmp+0x106/0x140
[  341.933305][T15928]  nf_tables_newsetelem+0x1688/0x4340
[  341.933371][T15928]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  341.933395][T15928]  ? __pfx_nf_tables_newsetelem+0x10/0x10
[  341.933443][T15928]  ? nla_validate_array+0xfc/0x260
[  341.933513][T15928]  ? __pfx___nla_validate_parse+0x10/0x10
[  341.933559][T15928]  ? __lock_acquire+0xab9/0xd20
[  341.933601][T15928]  ? nfnl_pernet+0x23/0x240
[  341.933639][T15928]  ? __nla_parse+0x40/0x60
[  341.933668][T15928]  nfnetlink_rcv+0x112f/0x2520
[  341.933733][T15928]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  341.933779][T15928]  ? ref_tracker_free+0x63a/0x7d0
[  341.933835][T15928]  ? __netlink_deliver_tap+0x807/0x850
[  341.933867][T15928]  ? netlink_deliver_tap+0x2e/0x1b0
[  341.933925][T15928]  netlink_unicast+0x82c/0x9e0
[  341.933965][T15928]  ? __pfx_netlink_unicast+0x10/0x10
[  341.933996][T15928]  ? netlink_sendmsg+0x642/0xb30
[  341.934025][T15928]  ? skb_put+0x11b/0x210
[  341.934050][T15928]  netlink_sendmsg+0x805/0xb30
[  341.934093][T15928]  ? __pfx_netlink_sendmsg+0x10/0x10
[  341.934129][T15928]  ? aa_sock_msg_perm+0x94/0x160
[  341.934159][T15928]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  341.934183][T15928]  ? __pfx_netlink_sendmsg+0x10/0x10
[  341.934216][T15928]  __sock_sendmsg+0x219/0x270
[  341.934248][T15928]  ____sys_sendmsg+0x505/0x830
[  341.934277][T15928]  ? __pfx_____sys_sendmsg+0x10/0x10
[  341.934311][T15928]  ? import_iovec+0x74/0xa0
[  341.934345][T15928]  ___sys_sendmsg+0x21f/0x2a0
[  341.934370][T15928]  ? __pfx____sys_sendmsg+0x10/0x10
[  341.934446][T15928]  ? __fget_files+0x2a/0x420
[  341.934463][T15928]  ? __fget_files+0x3a0/0x420
[  341.934495][T15928]  __x64_sys_sendmsg+0x19b/0x260
[  341.934519][T15928]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  341.934551][T15928]  ? __pfx_ksys_write+0x10/0x10
[  341.934577][T15928]  ? rcu_is_watching+0x15/0xb0
[  341.934613][T15928]  ? do_syscall_64+0xbe/0x3b0
[  341.934644][T15928]  do_syscall_64+0xfa/0x3b0
[  341.934673][T15928]  ? lockdep_hardirqs_on+0x9c/0x150
[  341.934709][T15928]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.934727][T15928]  ? clear_bhb_loop+0x60/0xb0
[  341.934750][T15928]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.934768][T15928] RIP: 0033:0x7f66ca78e9a9
[  341.934785][T15928] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  341.934801][T15928] RSP: 002b:00007f66cb618038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  341.934822][T15928] RAX: ffffffffffffffda RBX: 00007f66ca9b5fa0 RCX: 00007f66ca78e9a9
[  341.934836][T15928] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  341.934847][T15928] RBP: 00007f66cb618090 R08: 0000000000000000 R09: 0000000000000000
[  341.934859][T15928] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  341.934869][T15928] R13: 0000000000000000 R14: 00007f66ca9b5fa0 R15: 00007ffd42e25be8
[  341.934906][T15928]  </TASK>
[  342.821442][T15944] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  342.862048][T15944] tipc: Resetting bearer <eth:syzkaller0>
[  342.918249][T15941] tipc: Disabling bearer <eth:syzkaller0>
[  343.049885][ T1111] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  343.059690][ T1111] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  343.098827][ T1111] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  343.121349][ T1111] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  343.188340][T15969] FAULT_INJECTION: forcing a failure.
[  343.188340][T15969] name failslab, interval 1, probability 0, space 0, times 0
[  343.234612][T15969] CPU: 1 UID: 0 PID: 15969 Comm: syz.2.2917 Not tainted 6.16.0-syzkaller-06574-gd9104cec3e8f #0 PREEMPT(full) 
[  343.234639][T15969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  343.234651][T15969] Call Trace:
[  343.234658][T15969]  <TASK>
[  343.234666][T15969]  dump_stack_lvl+0x189/0x250
[  343.234689][T15969]  ? __pfx____ratelimit+0x10/0x10
[  343.234717][T15969]  ? __pfx_dump_stack_lvl+0x10/0x10
[  343.234736][T15969]  ? __pfx__printk+0x10/0x10
[  343.234769][T15969]  ? __pfx___might_resched+0x10/0x10
[  343.234797][T15969]  ? fs_reclaim_acquire+0x7d/0x100
[  343.234822][T15969]  should_fail_ex+0x414/0x560
[  343.234857][T15969]  should_failslab+0xa8/0x100
[  343.234877][T15969]  __kmalloc_cache_noprof+0x70/0x3d0
[  343.234904][T15969]  ? nft_trans_table_add+0x56/0x430
[  343.234931][T15969]  nft_trans_table_add+0x56/0x430
[  343.234958][T15969]  nf_tables_newtable+0xce3/0x1890
[  343.234998][T15969]  nfnetlink_rcv+0x112f/0x2520
[  343.235052][T15969]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  343.235093][T15969]  ? ref_tracker_free+0x63a/0x7d0
[  343.235141][T15969]  ? __netlink_deliver_tap+0x807/0x850
[  343.235169][T15969]  ? netlink_deliver_tap+0x2e/0x1b0
[  343.235213][T15969]  netlink_unicast+0x82c/0x9e0
[  343.235246][T15969]  ? __pfx_netlink_unicast+0x10/0x10
[  343.235273][T15969]  ? netlink_sendmsg+0x642/0xb30
[  343.235299][T15969]  ? skb_put+0x11b/0x210
[  343.235320][T15969]  netlink_sendmsg+0x805/0xb30
[  343.235357][T15969]  ? __pfx_netlink_sendmsg+0x10/0x10
[  343.235388][T15969]  ? aa_sock_msg_perm+0x94/0x160
[  343.235414][T15969]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  343.235436][T15969]  ? __pfx_netlink_sendmsg+0x10/0x10
[  343.235465][T15969]  __sock_sendmsg+0x219/0x270
[  343.235493][T15969]  ____sys_sendmsg+0x505/0x830
[  343.235518][T15969]  ? __pfx_____sys_sendmsg+0x10/0x10
[  343.235547][T15969]  ? import_iovec+0x74/0xa0
[  343.235577][T15969]  ___sys_sendmsg+0x21f/0x2a0
[  343.235600][T15969]  ? __pfx____sys_sendmsg+0x10/0x10
[  343.235657][T15969]  ? __fget_files+0x2a/0x420
[  343.235674][T15969]  ? __fget_files+0x3a0/0x420
[  343.235707][T15969]  __x64_sys_sendmsg+0x19b/0x260
[  343.235728][T15969]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  343.235758][T15969]  ? __pfx_ksys_write+0x10/0x10
[  343.235788][T15969]  ? rcu_is_watching+0x15/0xb0
[  343.235822][T15969]  ? do_syscall_64+0xbe/0x3b0
[  343.235854][T15969]  do_syscall_64+0xfa/0x3b0
[  343.235880][T15969]  ? lockdep_hardirqs_on+0x9c/0x150
[  343.235906][T15969]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  343.235924][T15969]  ? clear_bhb_loop+0x60/0xb0
[  343.235947][T15969]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  343.235965][T15969] RIP: 0033:0x7fe73258e9a9
[  343.235982][T15969] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  343.235998][T15969] RSP: 002b:00007fe7333c3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  343.236019][T15969] RAX: ffffffffffffffda RBX: 00007fe7327b5fa0 RCX: 00007fe73258e9a9
[  343.236033][T15969] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  343.236044][T15969] RBP: 00007fe7333c3090 R08: 0000000000000000 R09: 0000000000000000
[  343.236055][T15969] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  343.236066][T15969] R13: 0000000000000000 R14: 00007fe7327b5fa0 R15: 00007fff2b6ca1b8
[  343.236095][T15969]  </TASK>
[  343.762702][T15978] batadv_slave_1: entered promiscuous mode
[  343.921726][T16001] __nla_validate_parse: 13 callbacks suppressed
[  343.921744][T16001] netlink: 108 bytes leftover after parsing attributes in process `syz.4.2926'.
[  343.939988][T16001] netlink: 108 bytes leftover after parsing attributes in process `syz.4.2926'.
[  343.963312][T16001] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2926'.
[  343.976017][T16004] netlink: 108 bytes leftover after parsing attributes in process `syz.4.2926'.
[  344.016077][T16004] netlink: 108 bytes leftover after parsing attributes in process `syz.4.2926'.
[  344.025901][T16004] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2926'.
[  344.167645][T16013] netlink: 56 bytes leftover after parsing attributes in process `syz.4.2930'.
[  344.202171][T16009] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2929'.
[  344.303879][T16019] FAULT_INJECTION: forcing a failure.
[  344.303879][T16019] name failslab, interval 1, probability 0, space 0, times 0
[  344.379471][T16019] CPU: 0 UID: 0 PID: 16019 Comm: syz.2.2931 Not tainted 6.16.0-syzkaller-06574-gd9104cec3e8f #0 PREEMPT(full) 
[  344.379505][T16019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  344.379519][T16019] Call Trace:
[  344.379528][T16019]  <TASK>
[  344.379537][T16019]  dump_stack_lvl+0x189/0x250
[  344.379577][T16019]  ? __pfx____ratelimit+0x10/0x10
[  344.379609][T16019]  ? __pfx_dump_stack_lvl+0x10/0x10
[  344.379643][T16019]  ? __pfx__printk+0x10/0x10
[  344.379674][T16019]  ? __pfx___might_resched+0x10/0x10
[  344.379703][T16019]  ? fs_reclaim_acquire+0x7d/0x100
[  344.379729][T16019]  should_fail_ex+0x414/0x560
[  344.379766][T16019]  should_failslab+0xa8/0x100
[  344.379795][T16019]  __kmalloc_cache_noprof+0x70/0x3d0
[  344.379824][T16019]  ? nfnetlink_rcv+0xeff/0x2520
[  344.379855][T16019]  nfnetlink_rcv+0xeff/0x2520
[  344.379915][T16019]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  344.379959][T16019]  ? ref_tracker_free+0x63a/0x7d0
[  344.380011][T16019]  ? __netlink_deliver_tap+0x807/0x850
[  344.380043][T16019]  ? netlink_deliver_tap+0x2e/0x1b0
[  344.380092][T16019]  netlink_unicast+0x82c/0x9e0
[  344.380127][T16019]  ? __pfx_netlink_unicast+0x10/0x10
[  344.380156][T16019]  ? netlink_sendmsg+0x642/0xb30
[  344.380185][T16019]  ? skb_put+0x11b/0x210
[  344.380208][T16019]  netlink_sendmsg+0x805/0xb30
[  344.380248][T16019]  ? __pfx_netlink_sendmsg+0x10/0x10
[  344.380282][T16019]  ? aa_sock_msg_perm+0x94/0x160
[  344.380311][T16019]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  344.380333][T16019]  ? __pfx_netlink_sendmsg+0x10/0x10
[  344.380365][T16019]  __sock_sendmsg+0x219/0x270
[  344.380395][T16019]  ____sys_sendmsg+0x505/0x830
[  344.380422][T16019]  ? __pfx_____sys_sendmsg+0x10/0x10
[  344.380453][T16019]  ? import_iovec+0x74/0xa0
[  344.380485][T16019]  ___sys_sendmsg+0x21f/0x2a0
[  344.380508][T16019]  ? __pfx____sys_sendmsg+0x10/0x10
[  344.380579][T16019]  ? __fget_files+0x2a/0x420
[  344.380596][T16019]  ? __fget_files+0x3a0/0x420
[  344.380633][T16019]  __x64_sys_sendmsg+0x19b/0x260
[  344.380656][T16019]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  344.380685][T16019]  ? __pfx_ksys_write+0x10/0x10
[  344.380709][T16019]  ? rcu_is_watching+0x15/0xb0
[  344.380743][T16019]  ? do_syscall_64+0xbe/0x3b0
[  344.380779][T16019]  do_syscall_64+0xfa/0x3b0
[  344.380806][T16019]  ? lockdep_hardirqs_on+0x9c/0x150
[  344.380831][T16019]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  344.380849][T16019]  ? clear_bhb_loop+0x60/0xb0
[  344.380872][T16019]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  344.380889][T16019] RIP: 0033:0x7fe73258e9a9
[  344.380906][T16019] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  344.380921][T16019] RSP: 002b:00007fe7333c3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  344.380942][T16019] RAX: ffffffffffffffda RBX: 00007fe7327b5fa0 RCX: 00007fe73258e9a9
[  344.380955][T16019] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  344.380967][T16019] RBP: 00007fe7333c3090 R08: 0000000000000000 R09: 0000000000000000
[  344.380978][T16019] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  344.380989][T16019] R13: 0000000000000000 R14: 00007fe7327b5fa0 R15: 00007fff2b6ca1b8
[  344.381019][T16019]  </TASK>
[  344.906500][ T5848] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  344.916271][ T5848] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  344.918903][T16025] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2932'.
[  344.932368][T16025] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2932'.
[  344.955980][ T5848] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  344.964656][ T5848] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  344.974479][ T5848] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  344.982062][T16030] netlink: 'syz.2.2935': attribute type 1 has an invalid length.
[  345.066317][T16022] lo speed is unknown, defaulting to 1000
[  345.427775][T16052] netlink: 'syz.3.2938': attribute type 13 has an invalid length.
[  345.437266][T16052] netlink: 'syz.3.2938': attribute type 17 has an invalid length.
[  345.577846][T16052] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  345.594527][T16022] lo speed is unknown, defaulting to 1000
[  345.728391][T16045] lo speed is unknown, defaulting to 1000
[  346.207369][T16022] chnl_net:caif_netlink_parms(): no params data found
[  346.427017][T16088] netlink: 'syz.4.2946': attribute type 1 has an invalid length.
[  346.476375][T16045] lo speed is unknown, defaulting to 1000
[  346.522335][T16088] 8021q: adding VLAN 0 to HW filter on device bond1
[  346.891384][T16022] bridge0: port 1(bridge_slave_0) entered blocking state
[  346.898812][T16022] bridge0: port 1(bridge_slave_0) entered disabled state
[  346.910002][T16022] bridge_slave_0: entered allmulticast mode
[  346.928012][T16022] bridge_slave_0: entered promiscuous mode
[  346.950573][T16022] bridge0: port 2(bridge_slave_1) entered blocking state
[  346.957816][T16022] bridge0: port 2(bridge_slave_1) entered disabled state
[  346.991902][T16022] bridge_slave_1: entered allmulticast mode
[  347.013589][T16022] bridge_slave_1: entered promiscuous mode
[  347.029780][ T5848] Bluetooth: hci1: command tx timeout
[  347.116804][T16104] lo speed is unknown, defaulting to 1000
[  347.256452][T16022] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  347.311988][T16022] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  347.502426][T16022] team0: Port device team_slave_0 added
[  347.512324][T16022] team0: Port device team_slave_1 added
[  347.631146][T16022] batman_adv: batadv0: Adding interface: batadv_slave_0
[  347.638214][T16022] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  347.666350][T16022] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  347.710734][T16022] batman_adv: batadv0: Adding interface: batadv_slave_1
[  347.717697][T16022] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  347.766682][T16022] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  347.781121][T16104] lo speed is unknown, defaulting to 1000
[  347.791376][T16127] FAULT_INJECTION: forcing a failure.
[  347.791376][T16127] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  347.812222][T16127] CPU: 1 UID: 0 PID: 16127 Comm: syz.0.2961 Not tainted 6.16.0-syzkaller-06574-gd9104cec3e8f #0 PREEMPT(full) 
[  347.812248][T16127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  347.812260][T16127] Call Trace:
[  347.812267][T16127]  <TASK>
[  347.812275][T16127]  dump_stack_lvl+0x189/0x250
[  347.812299][T16127]  ? __pfx____ratelimit+0x10/0x10
[  347.812326][T16127]  ? __pfx_dump_stack_lvl+0x10/0x10
[  347.812346][T16127]  ? __pfx__printk+0x10/0x10
[  347.812388][T16127]  should_fail_ex+0x414/0x560
[  347.812423][T16127]  _copy_to_user+0x31/0xb0
[  347.812451][T16127]  simple_read_from_buffer+0xe1/0x170
[  347.812485][T16127]  proc_fail_nth_read+0x1b3/0x220
[  347.812511][T16127]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  347.812536][T16127]  ? rw_verify_area+0x258/0x650
[  347.812579][T16127]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  347.812604][T16127]  vfs_read+0x1fd/0x980
[  347.812630][T16127]  ? fdget_pos+0x247/0x320
[  347.812654][T16127]  ? __pfx___mutex_lock+0x10/0x10
[  347.812685][T16127]  ? __pfx_vfs_read+0x10/0x10
[  347.812714][T16127]  ? __fget_files+0x2a/0x420
[  347.812738][T16127]  ? __fget_files+0x3a0/0x420
[  347.812756][T16127]  ? __fget_files+0x2a/0x420
[  347.812785][T16127]  ksys_read+0x145/0x250
[  347.812815][T16127]  ? __pfx_ksys_read+0x10/0x10
[  347.812840][T16127]  ? rcu_is_watching+0x15/0xb0
[  347.812876][T16127]  ? do_syscall_64+0xbe/0x3b0
[  347.812910][T16127]  do_syscall_64+0xfa/0x3b0
[  347.812937][T16127]  ? lockdep_hardirqs_on+0x9c/0x150
[  347.812964][T16127]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  347.812996][T16127]  ? clear_bhb_loop+0x60/0xb0
[  347.813038][T16127]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  347.813058][T16127] RIP: 0033:0x7fc56e58d3bc
[  347.813077][T16127] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  347.813096][T16127] RSP: 002b:00007fc56f4b3030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  347.813120][T16127] RAX: ffffffffffffffda RBX: 00007fc56e7b5fa0 RCX: 00007fc56e58d3bc
[  347.813136][T16127] RDX: 000000000000000f RSI: 00007fc56f4b30a0 RDI: 0000000000000004
[  347.813148][T16127] RBP: 00007fc56f4b3090 R08: 0000000000000000 R09: 0000000000000000
[  347.813161][T16127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  347.813174][T16127] R13: 0000000000000000 R14: 00007fc56e7b5fa0 R15: 00007fff803866a8
[  347.813208][T16127]  </TASK>
[  348.103728][T16022] hsr_slave_0: entered promiscuous mode
[  348.110574][T16022] hsr_slave_1: entered promiscuous mode
[  348.117942][T16022] debugfs: 'hsr0' already exists in 'hsr'
[  348.123745][T16022] Cannot create hsr debugfs directory
[  348.203334][T16134] openvswitch: netlink: Unexpected mask (mask=240, allowed=10048)
[  349.014831][T16157] lo speed is unknown, defaulting to 1000
[  349.031981][T16022] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  349.105667][T16022] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  349.116876][ T5848] Bluetooth: hci1: command tx timeout
[  349.167649][T16022] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  349.245147][T16022] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  349.297184][T16162] lo speed is unknown, defaulting to 1000
[  349.303288][T16157] lo speed is unknown, defaulting to 1000
[  349.402492][T16166] pim6reg1: entered promiscuous mode
[  349.412131][T16166] pim6reg1: entered allmulticast mode
[  349.761327][T16022] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  349.776739][T16022] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  349.803056][T16022] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  349.823383][T16162] lo speed is unknown, defaulting to 1000
[  349.823796][T16022] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  350.184126][T16186] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input7
[  350.275237][T16022] 8021q: adding VLAN 0 to HW filter on device bond0
[  350.298439][T16022] 8021q: adding VLAN 0 to HW filter on device team0
[  350.353590][ T1111] bridge0: port 1(bridge_slave_0) entered blocking state
[  350.360764][ T1111] bridge0: port 1(bridge_slave_0) entered forwarding state
[  350.397238][ T1111] bridge0: port 2(bridge_slave_1) entered blocking state
[  350.404412][ T1111] bridge0: port 2(bridge_slave_1) entered forwarding state
[  350.658502][T16192] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  350.854385][T16022] 8021q: adding VLAN 0 to HW filter on device batadv0
[  350.937186][T16022] veth0_vlan: entered promiscuous mode
[  350.974372][T16022] veth1_vlan: entered promiscuous mode
[  351.030112][T16022] veth0_macvtap: entered promiscuous mode
[  351.061162][T16022] veth1_macvtap: entered promiscuous mode
[  351.100417][T16022] batman_adv: batadv0: Interface activated: batadv_slave_0
[  351.152166][T16022] batman_adv: batadv0: Interface activated: batadv_slave_1
[  351.175250][ T9501] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  351.189497][ T5848] Bluetooth: hci1: command tx timeout
[  351.197262][ T9501] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  351.260979][ T9501] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  351.295450][ T9501] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  351.368708][T16229] __nla_validate_parse: 11 callbacks suppressed
[  351.368730][T16229] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2992'.
[  351.570132][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  351.578106][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  351.690205][ T9501] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  351.718943][ T9501] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  351.891184][T16254] netlink: 6 bytes leftover after parsing attributes in process `syz.1.2927'.
[  351.935543][T16258] netlink: 52 bytes leftover after parsing attributes in process `syz.0.3000'.
[  352.215638][T16267] cgroup: fork rejected by pids controller in /syz1
[  352.305140][T16283] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  352.317546][T16293] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input8
[  352.616290][T16386] netlink: 'syz.0.3004': attribute type 7 has an invalid length.
[  352.624144][T16386] netlink: 'syz.0.3004': attribute type 8 has an invalid length.
[  352.640518][T16386] netlink: 'syz.0.3004': attribute type 15 has an invalid length.
[  352.821380][T16394] 8021q: adding VLAN 0 to HW filter on device bond2
[  353.296934][T16409] tunl0: entered allmulticast mode
[  353.315847][ T5841] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  353.329513][ T5841] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  353.337227][ T5841] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  353.348686][ T5841] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  353.356965][ T5841] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  353.497921][T16415] lo speed is unknown, defaulting to 1000
[  353.860133][ T9504] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.067948][ T9504] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.109274][T16415] lo speed is unknown, defaulting to 1000
[  354.223068][ T9504] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.336858][T16437] netlink: 'syz.2.3020': attribute type 1 has an invalid length.
[  354.417858][ T9504] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.486994][T16441] tipc: MTU too low for tipc bearer
[  354.584378][ T5848] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  354.593015][ T5848] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  354.629991][ T5848] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  354.652400][ T5848] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  354.662761][ T5848] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  354.813882][T16415] chnl_net:caif_netlink_parms(): no params data found
[  354.834466][T16448] lo speed is unknown, defaulting to 1000
[  354.902489][T16458] netlink: 'syz.2.3026': attribute type 20 has an invalid length.
[  355.028586][T16470] netlink: 'syz.4.3028': attribute type 1 has an invalid length.
[  355.040036][T16469] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3028'.
[  355.123308][T16475] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3029'.
[  355.218385][ T9504] bridge_slave_1: left allmulticast mode
[  355.225841][ T9504] bridge_slave_1: left promiscuous mode
[  355.234034][ T9504] bridge0: port 2(bridge_slave_1) entered disabled state
[  355.247625][ T9504] bridge_slave_0: left allmulticast mode
[  355.255140][ T9504] bridge_slave_0: left promiscuous mode
[  355.264077][ T9504] bridge0: port 1(bridge_slave_0) entered disabled state
[  355.432996][ T5841] Bluetooth: hci1: command tx timeout
[  355.715300][ T9504] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  355.726678][ T9504] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  355.737851][ T9504] bond0 (unregistering): Released all slaves
[  355.784049][T16448] lo speed is unknown, defaulting to 1000
[  355.790309][T16490] bridge0: port 4(erspan0) entered blocking state
[  355.790512][T16490] bridge0: port 4(erspan0) entered disabled state
[  355.790658][T16490] erspan0: entered allmulticast mode
[  355.792623][T16490] erspan0: entered promiscuous mode
[  355.841022][T16490] bridge0: port 4(erspan0) entered blocking state
[  355.847748][T16490] bridge0: port 4(erspan0) entered forwarding state
[  355.877115][T16491] erspan0: left allmulticast mode
[  355.885526][T16491] erspan0: left promiscuous mode
[  355.892131][T16491] bridge0: port 4(erspan0) entered disabled state
[  355.904932][T16415] bridge0: port 1(bridge_slave_0) entered blocking state
[  355.923452][T16415] bridge0: port 1(bridge_slave_0) entered disabled state
[  355.931696][T16415] bridge_slave_0: entered allmulticast mode
[  355.944859][T16415] bridge_slave_0: entered promiscuous mode
[  355.955332][T16415] bridge0: port 2(bridge_slave_1) entered blocking state
[  355.974113][T16415] bridge0: port 2(bridge_slave_1) entered disabled state
[  355.990458][T16415] bridge_slave_1: entered allmulticast mode
[  355.998152][T16415] bridge_slave_1: entered promiscuous mode
[  356.250570][T16415] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  356.275108][T16415] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  356.453494][T16415] team0: Port device team_slave_0 added
[  356.474740][T16415] team0: Port device team_slave_1 added
[  356.512976][T16522] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3046'.
[  356.709736][ T5841] Bluetooth: hci2: command tx timeout
[  356.733261][T16415] batman_adv: batadv0: Adding interface: batadv_slave_0
[  356.748104][T16415] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  356.780243][T16415] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  356.812112][T16415] batman_adv: batadv0: Adding interface: batadv_slave_1
[  356.819189][T16415] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  356.871187][T16415] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  356.934687][ T9504] hsr_slave_0: left promiscuous mode
[  356.940724][ T9504] hsr_slave_1: left promiscuous mode
[  356.946559][ T9504] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  356.954471][ T9504] batman_adv: batadv0: Removing interface: batadv_slave_0
[  356.963070][ T9504] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  356.970825][ T9504] batman_adv: batadv0: Removing interface: batadv_slave_1
[  357.005828][ T9504] veth1_macvtap: left promiscuous mode
[  357.011991][ T9504] veth0_macvtap: left promiscuous mode
[  357.017695][ T9504] veth1_vlan: left promiscuous mode
[  357.024243][ T9504] veth0_vlan: left promiscuous mode
[  357.453368][ T9504] team0 (unregistering): Port device team_slave_1 removed
[  357.493653][ T9504] team0 (unregistering): Port device team_slave_0 removed
[  357.511154][ T5841] Bluetooth: hci1: command tx timeout
[  358.035694][T16415] hsr_slave_0: entered promiscuous mode
[  358.049427][T16415] hsr_slave_1: entered promiscuous mode
[  358.055943][T16415] debugfs: 'hsr0' already exists in 'hsr'
[  358.065678][T16415] Cannot create hsr debugfs directory
[  358.325137][T16448] chnl_net:caif_netlink_parms(): no params data found
[  358.413928][T16553] bridge0: port 1(bridge_slave_0) entered blocking state
[  358.421125][T16553] bridge0: port 1(bridge_slave_0) entered forwarding state
[  358.514767][T16556] ip6tnl3: entered allmulticast mode
[  358.747404][T16570] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3061'.
[  358.771741][T16566] lo speed is unknown, defaulting to 1000
[  358.793095][ T5841] Bluetooth: hci2: command tx timeout
[  358.832974][T16415] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  359.022439][T16448] bridge0: port 1(bridge_slave_0) entered blocking state
[  359.058667][T16448] bridge0: port 1(bridge_slave_0) entered disabled state
[  359.066265][T16448] bridge_slave_0: entered allmulticast mode
[  359.106197][T16448] bridge_slave_0: entered promiscuous mode
[  359.122528][T16415] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  359.157385][T16566] lo speed is unknown, defaulting to 1000
[  359.177351][T16448] bridge0: port 2(bridge_slave_1) entered blocking state
[  359.187425][T16448] bridge0: port 2(bridge_slave_1) entered disabled state
[  359.207780][T16448] bridge_slave_1: entered allmulticast mode
[  359.220593][T16448] bridge_slave_1: entered promiscuous mode
[  359.246414][T16415] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  359.370960][T16415] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  359.407562][T16448] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  359.408909][T16562] infiniband syz1: set active
[  359.463839][T16448] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  359.469401][T16562] infiniband syz1: added macvlan1
[  359.556139][T16562] RDS/IB: syz1: added
[  359.564279][T16562] smc: adding ib device syz1 with port count 1
[  359.580458][T16562] smc:    ib device syz1 port 1 has pnetid 
[  359.589298][ T5841] Bluetooth: hci1: command tx timeout
[  359.642228][T16448] team0: Port device team_slave_0 added
[  359.662326][T16448] team0: Port device team_slave_1 added
[  359.929891][T16588] lo speed is unknown, defaulting to 1000
[  360.034768][T16448] batman_adv: batadv0: Adding interface: batadv_slave_0
[  360.044809][T16448] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  360.095186][T16448] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  360.157111][T16448] batman_adv: batadv0: Adding interface: batadv_slave_1
[  360.179856][T16448] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  360.242207][T16448] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  360.300933][T16604] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3071'.
[  360.335576][T16604] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3071'.
[  360.444291][T16415] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  360.470384][T16607] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  360.471400][T16415] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  360.527036][T16448] hsr_slave_0: entered promiscuous mode
[  360.540843][T16448] hsr_slave_1: entered promiscuous mode
[  360.576541][T16448] debugfs: 'hsr0' already exists in 'hsr'
[  360.590531][T16448] Cannot create hsr debugfs directory
[  360.608685][T16415] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  360.685573][T16415] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  360.869739][ T5841] Bluetooth: hci2: command tx timeout
[  361.156958][T16415] 8021q: adding VLAN 0 to HW filter on device bond0
[  361.195761][T16415] 8021q: adding VLAN 0 to HW filter on device team0
[  361.221037][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  361.228325][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  361.252428][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  361.259662][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  361.512506][T16448] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  361.533508][T16448] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  361.560977][T16448] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  361.582824][T16448] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  361.670091][ T5841] Bluetooth: hci1: command tx timeout
[  361.700248][T16415] 8021q: adding VLAN 0 to HW filter on device batadv0
[  361.796357][T16415] veth0_vlan: entered promiscuous mode
[  361.810934][T16448] 8021q: adding VLAN 0 to HW filter on device bond0
[  361.834175][T16448] 8021q: adding VLAN 0 to HW filter on device team0
[  361.855239][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  361.862463][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  361.876930][T16415] veth1_vlan: entered promiscuous mode
[  361.894745][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  361.901914][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  361.973953][T16415] veth0_macvtap: entered promiscuous mode
[  362.007518][T16415] veth1_macvtap: entered promiscuous mode
[  362.054439][T16415] batman_adv: batadv0: Interface activated: batadv_slave_0
[  362.076293][T16415] batman_adv: batadv0: Interface activated: batadv_slave_1
[  362.119979][   T13] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  362.143386][   T13] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  362.173503][   T13] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  362.194788][   T13] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  362.340970][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  362.365054][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  362.431429][ T1104] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  362.452607][ T1104] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  362.477347][T16448] 8021q: adding VLAN 0 to HW filter on device batadv0
[  362.587449][T16448] veth0_vlan: entered promiscuous mode
[  362.608289][T16448] veth1_vlan: entered promiscuous mode
[  362.688518][T16448] veth0_macvtap: entered promiscuous mode
[  362.707944][T16448] veth1_macvtap: entered promiscuous mode
[  362.742544][T16631] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3072'.
[  362.757636][T16448] batman_adv: batadv0: Interface activated: batadv_slave_0
[  362.776544][T16448] batman_adv: batadv0: Interface activated: batadv_slave_1
[  362.788536][T16631] netlink: 'syz.3.3072': attribute type 6 has an invalid length.
[  362.798292][T16631] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3072'.
[  362.815446][ T1104] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  362.833880][ T1104] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  362.861923][ T1104] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  362.882510][ T1104] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  362.950619][ T5841] Bluetooth: hci2: command tx timeout
[  363.018421][ T3490] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  363.048269][ T3490] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  363.126352][T16635] tipc: Started in network mode
[  363.134231][T16635] tipc: Node identity f2967a078632, cluster identity 4711
[  363.142783][T16635] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  363.154938][T16635] syzkaller0: entered promiscuous mode
[  363.160894][T16635] syzkaller0: entered allmulticast mode
[  363.168930][ T1104] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  363.183833][ T1104] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  363.235433][T16635] tipc: Resetting bearer <eth:syzkaller0>
[  363.246180][T16634] tipc: Resetting bearer <eth:syzkaller0>
[  363.300794][T16634] tipc: Disabling bearer <eth:syzkaller0>
[  364.378539][T16663] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3080'.
[  364.399556][T16663] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  364.493855][T16666] IPv6: Can't replace route, no match found
[  364.501451][T16663] batman_adv: batadv0: Removing interface: batadv_slave_0
[  364.899927][T16606] lo speed is unknown, defaulting to 1000
[  364.900555][T16588] lo speed is unknown, defaulting to 1000
[  365.224993][T16671] Bluetooth: hci0: Opcode 0x0401 failed: -22
[  365.364925][T16660] lo speed is unknown, defaulting to 1000
[  366.168423][T16606] lo speed is unknown, defaulting to 1000
[  366.235159][T16660] lo speed is unknown, defaulting to 1000
[  367.269806][ T5841] Bluetooth: hci0: command tx timeout
[  368.084592][T16717] tipc: Enabled bearer <eth:syzkaller0>, priority 10
[  368.188536][T16717] tipc: Disabling bearer <eth:syzkaller0>
[  368.515733][T16727] netlink: 'syz.4.3096': attribute type 9 has an invalid length.
[  368.589621][T16727] netlink: 'syz.4.3096': attribute type 6 has an invalid length.
[  369.351968][ T5848] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  369.361230][ T5848] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  369.369515][ T5848] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  369.378333][ T5848] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  369.390093][ T5848] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  369.876065][T16744] lo speed is unknown, defaulting to 1000
[  370.462836][T16760] netlink: 56 bytes leftover after parsing attributes in process `syz.3.3104'.
[  370.514974][T16761] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3104'.
[  370.547003][T16744] lo speed is unknown, defaulting to 1000
[  370.563513][T16762] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3104'.
[  370.595297][ T9503] bridge_slave_1: left allmulticast mode
[  370.608966][ T9503] bridge_slave_1: left promiscuous mode
[  370.614786][ T9503] bridge0: port 2(bridge_slave_1) entered disabled state
[  370.651864][ T9503] bridge_slave_0: left allmulticast mode
[  370.657716][ T9503] bridge_slave_0: left promiscuous mode
[  370.673141][ T9503] bridge0: port 1(bridge_slave_0) entered disabled state
[  370.896682][T16767] FAULT_INJECTION: forcing a failure.
[  370.896682][T16767] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  370.929217][T16767] CPU: 1 UID: 0 PID: 16767 Comm: syz.2.3106 Not tainted 6.16.0-syzkaller-06574-gd9104cec3e8f #0 PREEMPT(full) 
[  370.929246][T16767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  370.929262][T16767] Call Trace:
[  370.929270][T16767]  <TASK>
[  370.929283][T16767]  dump_stack_lvl+0x189/0x250
[  370.929307][T16767]  ? __pfx____ratelimit+0x10/0x10
[  370.929335][T16767]  ? __pfx_dump_stack_lvl+0x10/0x10
[  370.929353][T16767]  ? __pfx__printk+0x10/0x10
[  370.929376][T16767]  ? __might_fault+0xb0/0x130
[  370.929414][T16767]  should_fail_ex+0x414/0x560
[  370.929447][T16767]  _copy_from_user+0x2d/0xb0
[  370.929474][T16767]  ___sys_sendmsg+0x158/0x2a0
[  370.929496][T16767]  ? __pfx____sys_sendmsg+0x10/0x10
[  370.929550][T16767]  ? __fget_files+0x2a/0x420
[  370.929566][T16767]  ? __fget_files+0x3a0/0x420
[  370.929593][T16767]  __x64_sys_sendmsg+0x19b/0x260
[  370.929615][T16767]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  370.929654][T16767]  ? __pfx_ksys_write+0x10/0x10
[  370.929675][T16767]  ? rcu_is_watching+0x15/0xb0
[  370.929705][T16767]  ? do_syscall_64+0xbe/0x3b0
[  370.929733][T16767]  do_syscall_64+0xfa/0x3b0
[  370.929755][T16767]  ? lockdep_hardirqs_on+0x9c/0x150
[  370.929778][T16767]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  370.929794][T16767]  ? clear_bhb_loop+0x60/0xb0
[  370.929814][T16767]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  370.929829][T16767] RIP: 0033:0x7fe73258e9a9
[  370.929845][T16767] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  370.929859][T16767] RSP: 002b:00007fe7333c3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  370.929878][T16767] RAX: ffffffffffffffda RBX: 00007fe7327b5fa0 RCX: 00007fe73258e9a9
[  370.929890][T16767] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  370.929900][T16767] RBP: 00007fe7333c3090 R08: 0000000000000000 R09: 0000000000000000
[  370.929910][T16767] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  370.929919][T16767] R13: 0000000000000000 R14: 00007fe7327b5fa0 R15: 00007fff2b6ca1b8
[  370.929945][T16767]  </TASK>
[  371.194578][T16769] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3107'.
[  371.430002][ T5841] Bluetooth: hci3: command tx timeout
[  371.530731][ T9503] bond3 (unregistering): (slave gretap1): Releasing active interface
[  372.153814][ T9503] bond1 (unregistering): Released all slaves
[  372.657450][ T9503] bond2 (unregistering): Released all slaves
[  372.715277][ T9503] bond3 (unregistering): Released all slaves
[  372.737563][ T9503] bond0 (unregistering): Released all slaves
[  372.990003][ T9503] tipc: Left network mode
[  373.127155][ T9503] IPVS: stopping backup sync thread 9606 ...
[  373.169139][T16791] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  373.492425][T16744] chnl_net:caif_netlink_parms(): no params data found
[  373.510126][ T5841] Bluetooth: hci3: command tx timeout
[  373.918679][T16744] bridge0: port 1(bridge_slave_0) entered blocking state
[  373.945363][T16744] bridge0: port 1(bridge_slave_0) entered disabled state
[  373.947700][T16703] Set syz1 is full, maxelem 65536 reached
[  373.960613][T16744] bridge_slave_0: entered allmulticast mode
[  373.987930][T16744] bridge_slave_0: entered promiscuous mode
[  374.021127][T16744] bridge0: port 2(bridge_slave_1) entered blocking state
[  374.028364][T16744] bridge0: port 2(bridge_slave_1) entered disabled state
[  374.053658][T16744] bridge_slave_1: entered allmulticast mode
[  374.119708][T16744] bridge_slave_1: entered promiscuous mode
[  374.160450][T16811] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.3118'.
[  374.332729][ T9503] hsr_slave_0: left promiscuous mode
[  374.342174][ T9503] hsr_slave_1: left promiscuous mode
[  374.348250][ T9503] batman_adv: batadv0: Removing interface: batadv_slave_0
[  374.369324][ T9503] batman_adv: batadv0: Removing interface: batadv_slave_1
[  374.403766][ T9503] pimreg (unregistering): left allmulticast mode
[  374.805341][ T9503] team_slave_1 (unregistering): left promiscuous mode
[  374.815084][ T9503] team0 (unregistering): Port device team_slave_1 removed
[  374.851775][ T9503] team_slave_0 (unregistering): left promiscuous mode
[  374.860479][ T9503] team0 (unregistering): Port device team_slave_0 removed
[  375.280812][T16744] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  375.294600][T16744] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  375.486473][T16744] team0: Port device team_slave_0 added
[  375.516780][T16744] team0: Port device team_slave_1 added
[  375.549746][T16832] lo speed is unknown, defaulting to 1000
[  375.589131][ T5841] Bluetooth: hci3: command tx timeout
[  375.668600][T16744] batman_adv: batadv0: Adding interface: batadv_slave_0
[  375.686807][T16744] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  375.759853][T16744] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  375.800222][T16851] dvmrp0: entered allmulticast mode
[  375.814761][T16848] bridge1: entered promiscuous mode
[  375.829985][T16848] bridge1: entered allmulticast mode
[  375.870478][T16744] batman_adv: batadv0: Adding interface: batadv_slave_1
[  375.877482][T16744] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  375.933603][T16744] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  375.976598][T16848] ip6gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[  376.008232][T16845] dvmrp0: left allmulticast mode
[  376.056018][T16832] lo speed is unknown, defaulting to 1000
[  376.125611][T16744] hsr_slave_0: entered promiscuous mode
[  376.136083][T16744] hsr_slave_1: entered promiscuous mode
[  376.144032][T16744] debugfs: 'hsr0' already exists in 'hsr'
[  376.169305][T16744] Cannot create hsr debugfs directory
[  376.266755][T16867] netlink: 16178 bytes leftover after parsing attributes in process `syz.3.3135'.
[  376.277805][T16867] netlink: 'syz.3.3135': attribute type 2 has an invalid length.
[  376.805964][T16887] lo speed is unknown, defaulting to 1000
[  376.827710][T16898] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3144'.
[  377.087622][T16905] netlink: 'syz.3.3146': attribute type 1 has an invalid length.
[  377.095597][T16905] netlink: 'syz.3.3146': attribute type 1 has an invalid length.
[  377.103451][T16905] netlink: 216 bytes leftover after parsing attributes in process `syz.3.3146'.
[  377.217031][T16887] lo speed is unknown, defaulting to 1000
[  377.552752][T16744] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  377.567580][T16923] syzkaller1: entered promiscuous mode
[  377.577578][T16923] syzkaller1: entered allmulticast mode
[  377.588845][T16744] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  377.607261][T16923] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3151'.
[  377.608179][T16924] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3151'.
[  377.632987][T16744] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  377.647261][T16744] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  377.660523][T16923] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3151'.
[  377.670121][ T5841] Bluetooth: hci3: command tx timeout
[  377.676331][T16923] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3151'.
[  377.959442][T16934] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3152'.
[  377.983719][T16933] netlink: 9 bytes leftover after parsing attributes in process `syz.3.3152'.
[  377.985459][T16744] 8021q: adding VLAN 0 to HW filter on device bond0
[  378.036080][T16934] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3152'.
[  378.046682][T16933] gretap0: entered promiscuous mode
[  378.067227][T16933] 0ªî{X¹¦: renamed from gretap0
[  378.073858][T16933] 0ªî{X¹¦: left promiscuous mode
[  378.078900][T16933] 0ªî{X¹¦: entered allmulticast mode
[  378.090390][T16933] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  378.121322][T16744] 8021q: adding VLAN 0 to HW filter on device team0
[  378.171162][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  378.178328][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  378.225441][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  378.232626][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  378.639399][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  378.747327][T16947] tipc: Started in network mode
[  378.752872][T16947] tipc: Node identity a25620f05402, cluster identity 4711
[  378.787147][T16947] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  378.823087][T16947] syzkaller0: entered promiscuous mode
[  378.842898][T16947] syzkaller0: entered allmulticast mode
[  378.936967][T16744] 8021q: adding VLAN 0 to HW filter on device batadv0
[  378.957782][T16947] tipc: Resetting bearer <eth:syzkaller0>
[  378.992958][T16957] lo speed is unknown, defaulting to 1000
[  379.010258][T16946] tipc: Resetting bearer <eth:syzkaller0>
[  379.062583][T16946] tipc: Disabling bearer <eth:syzkaller0>
[  379.085671][T16960] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  379.295687][T16969] netlink: 'syz.3.3163': attribute type 303 has an invalid length.
[  379.311158][T16957] lo speed is unknown, defaulting to 1000
[  379.317915][T16744] veth0_vlan: entered promiscuous mode
[  379.354623][T16744] veth1_vlan: entered promiscuous mode
[  379.428580][T16744] veth0_macvtap: entered promiscuous mode
[  379.466010][T16744] veth1_macvtap: entered promiscuous mode
[  379.525196][T16744] batman_adv: batadv0: Interface activated: batadv_slave_0
[  379.555849][T16978] netlink: 'syz.4.3167': attribute type 1 has an invalid length.
[  379.574263][T16744] batman_adv: batadv0: Interface activated: batadv_slave_1
[  379.632032][   T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  379.663831][   T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  379.712654][ T1104] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  379.727092][ T1104] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  380.087748][   T37] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  380.139580][   T37] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  380.216623][   T24] IPVS: starting estimator thread 0...
[  380.330472][T17004] IPVS: using max 40 ests per chain, 96000 per kthread
[  380.342073][T16995] lo speed is unknown, defaulting to 1000
[  380.385006][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  380.403157][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  380.788809][T16995] lo speed is unknown, defaulting to 1000
[  381.027681][T17022] syzkaller0: entered promiscuous mode
[  381.044038][T17022] syzkaller0: entered allmulticast mode
[  381.155732][T17026] openvswitch: netlink: IP tunnel dst address not specified
[  382.850769][T17043] bridge0: entered promiscuous mode
[  382.857868][T17043] bridge0: port 3(macvlan2) entered blocking state
[  382.865635][T17043] bridge0: port 3(macvlan2) entered disabled state
[  382.876480][T17043] macvlan2: entered allmulticast mode
[  382.882428][T17043] bridge0: entered allmulticast mode
[  382.894028][T17043] macvlan2: left allmulticast mode
[  382.904962][T17043] bridge0: left allmulticast mode
[  382.915684][T17043] bridge0: left promiscuous mode
[  384.383377][ T5848] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  384.397382][ T5848] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  384.412548][ T5848] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  384.421270][ T5848] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  384.429489][ T5848] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  384.494217][T17078] lo speed is unknown, defaulting to 1000
[  384.904351][T17078] lo speed is unknown, defaulting to 1000
[  385.005252][T17101] pim6reg1: entered promiscuous mode
[  385.023309][T17101] pim6reg1: entered allmulticast mode
[  385.177586][T17108] pim6reg1: entered promiscuous mode
[  385.198506][T17108] pim6reg1: entered allmulticast mode
[  386.133143][T17078] chnl_net:caif_netlink_parms(): no params data found
[  386.469637][ T5841] Bluetooth: hci0: command tx timeout
[  386.734051][T17078] bridge0: port 1(bridge_slave_0) entered blocking state
[  386.741954][T17078] bridge0: port 1(bridge_slave_0) entered disabled state
[  386.810084][T17078] bridge_slave_0: entered allmulticast mode
[  386.817752][T17078] bridge_slave_0: entered promiscuous mode
[  386.856386][T17078] bridge0: port 2(bridge_slave_1) entered blocking state
[  386.873509][T17078] bridge0: port 2(bridge_slave_1) entered disabled state
[  386.907442][T17078] bridge_slave_1: entered allmulticast mode
[  386.942280][T17078] bridge_slave_1: entered promiscuous mode
[  387.085581][T17078] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  387.124497][T17078] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  387.294187][T17180] pim6reg1: entered promiscuous mode
[  387.306129][T17180] pim6reg1: entered allmulticast mode
[  387.384398][T17078] team0: Port device team_slave_0 added
[  387.427902][T17078] team0: Port device team_slave_1 added
[  387.566784][T17188] pim6reg1: entered promiscuous mode
[  387.573485][T17188] pim6reg1: entered allmulticast mode
[  387.586525][T17078] batman_adv: batadv0: Adding interface: batadv_slave_0
[  387.608750][T17078] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  387.647473][T17078] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  387.662248][T17078] batman_adv: batadv0: Adding interface: batadv_slave_1
[  387.669551][T17078] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  387.697246][T17078] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  387.869606][T17205] veth0_vlan: entered allmulticast mode
[  387.919864][T17209] veth0_vlan: left promiscuous mode
[  387.929773][T17209] veth0_vlan: entered promiscuous mode
[  387.988024][T17078] hsr_slave_0: entered promiscuous mode
[  388.015758][T17078] hsr_slave_1: entered promiscuous mode
[  388.033922][T17078] debugfs: 'hsr0' already exists in 'hsr'
[  388.043320][T17078] Cannot create hsr debugfs directory
[  388.117069][T17213] pim6reg1: entered promiscuous mode
[  388.123365][T17213] pim6reg1: entered allmulticast mode
[  388.549029][ T5841] Bluetooth: hci0: command tx timeout
[  388.657463][T17243] sit0: entered allmulticast mode
[  388.754017][T17243] sit0: entered promiscuous mode
[  389.340652][T17078] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  389.394386][T17078] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  389.433570][T17078] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  389.490643][T17078] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  390.338078][T17306] pim6reg1: entered promiscuous mode
[  390.359183][T17306] pim6reg1: entered allmulticast mode
[  390.474831][T17317] pim6reg1: entered promiscuous mode
[  390.483315][T17317] pim6reg1: entered allmulticast mode
[  390.629332][ T5841] Bluetooth: hci0: command tx timeout
[  390.640817][T17078] 8021q: adding VLAN 0 to HW filter on device bond0
[  390.685762][T17078] 8021q: adding VLAN 0 to HW filter on device team0
[  390.701287][ T9504] bridge0: port 1(bridge_slave_0) entered blocking state
[  390.708443][ T9504] bridge0: port 1(bridge_slave_0) entered forwarding state
[  390.793529][ T9504] bridge0: port 2(bridge_slave_1) entered blocking state
[  390.800733][ T9504] bridge0: port 2(bridge_slave_1) entered forwarding state
[  390.813309][T17327] pim6reg1: entered promiscuous mode
[  390.818631][T17327] pim6reg1: entered allmulticast mode
[  391.021766][T17338] pim6reg1: entered promiscuous mode
[  391.027104][T17338] pim6reg1: entered allmulticast mode
[  391.137368][T17340] pim6reg1: entered promiscuous mode
[  391.150197][T17340] pim6reg1: entered allmulticast mode
[  391.541440][T17362] pim6reg1: entered promiscuous mode
[  391.558316][T17362] pim6reg1: entered allmulticast mode
[  391.574487][T17361] pim6reg1: entered promiscuous mode
[  391.581078][T17361] pim6reg1: entered allmulticast mode
[  391.602324][T17078] 8021q: adding VLAN 0 to HW filter on device batadv0
[  391.825893][T17078] veth0_vlan: entered promiscuous mode
[  391.876959][T17078] veth1_vlan: entered promiscuous mode
[  392.012028][T17078] veth0_macvtap: entered promiscuous mode
[  392.055478][T17078] veth1_macvtap: entered promiscuous mode
[  392.134668][T17078] batman_adv: batadv0: Interface activated: batadv_slave_0
[  392.172575][T17078] batman_adv: batadv0: Interface activated: batadv_slave_1
[  392.232739][T16271] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  392.255900][T16271] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  392.263597][T17395] __nla_validate_parse: 5 callbacks suppressed
[  392.263616][T17395] netlink: 312 bytes leftover after parsing attributes in process `syz.3.3330'.
[  392.283249][T16271] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  392.324602][T16271] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  392.360463][T17393] lo speed is unknown, defaulting to 1000
[  392.383377][T17396] netlink: 'syz.1.3331': attribute type 13 has an invalid length.
[  392.596604][T17393] lo speed is unknown, defaulting to 1000
[  392.714676][ T5841] Bluetooth: hci0: command tx timeout
[  392.804415][ T1104] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  392.906880][ T1104] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  393.068759][ T1104] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  393.089759][ T1104] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  393.837375][T17426] pim6reg1: entered promiscuous mode
[  393.849974][T17426] pim6reg1: entered allmulticast mode
[  397.935016][T17504] pim6reg1: entered promiscuous mode
[  397.944734][T17504] pim6reg1: entered allmulticast mode
[  399.586108][T17509] pim6reg1: entered promiscuous mode
[  399.593003][T17509] pim6reg1: entered allmulticast mode
[  401.676483][T17583] veth0_vlan: entered allmulticast mode
[  401.721565][ T9970] syz1: Port: 1 Link DOWN
[  402.288114][T17583] ªªªªªª: renamed from vlan0
[  403.653846][T17601] ÿÿÿÿÿÿ: renamed from vlan1
[  403.668264][T17606] pim6reg1: entered promiscuous mode
[  403.679273][T17606] pim6reg1: entered allmulticast mode
[  403.891894][T17616] pim6reg1: entered promiscuous mode
[  403.901155][T17616] pim6reg1: entered allmulticast mode
[  404.078251][T17621] wg2: entered promiscuous mode
[  404.106557][T17621] wg2: entered allmulticast mode
[  404.248371][T17629] pim6reg1: entered promiscuous mode
[  404.255082][T17629] pim6reg1: entered allmulticast mode
[  405.516750][T17682] 
[  405.522306][T17682] =============================
[  405.527834][T17682] WARNING: suspicious RCU usage
[  405.533360][T17682] 6.16.0-syzkaller-06574-gd9104cec3e8f #0 Not tainted
[  405.540736][T17682] -----------------------------
[  405.545594][T17682] kernel/events/callchain.c:163 suspicious rcu_dereference_check() usage!
[  405.554690][T17682] 
[  405.554690][T17682] other info that might help us debug this:
[  405.554690][T17682] 
[  405.565560][T17682] 
[  405.565560][T17682] rcu_scheduler_active = 2, debug_locks = 1
[  405.574276][T17682] 1 lock held by syz.0.3443/17682:
[  405.580404][T17682]  #0: ffffffff8e13c6c0 (rcu_read_lock_trace){....}-{0:0}, at: rcu_read_lock_trace+0x38/0x80
[  405.591375][T17682] 
[  405.591375][T17682] stack backtrace:
[  405.598221][T17682] CPU: 0 UID: 0 PID: 17682 Comm: syz.0.3443 Not tainted 6.16.0-syzkaller-06574-gd9104cec3e8f #0 PREEMPT(full) 
[  405.598246][T17682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  405.598257][T17682] Call Trace:
[  405.598264][T17682]  <TASK>
[  405.598273][T17682]  dump_stack_lvl+0x189/0x250
[  405.598299][T17682]  ? __pfx_dump_stack_lvl+0x10/0x10
[  405.598318][T17682]  ? __pfx__printk+0x10/0x10
[  405.598356][T17682]  lockdep_rcu_suspicious+0x140/0x1d0
[  405.598395][T17682]  get_callchain_entry+0x2b6/0x3c0
[  405.598416][T17682]  get_perf_callchain+0xa1/0x6b0
[  405.598440][T17682]  ? __pfx_get_perf_callchain+0x10/0x10
[  405.598474][T17682]  ? futex_unqueue+0x22/0x240
[  405.598499][T17682]  ? futex_unqueue+0x211/0x240
[  405.598521][T17682]  ? __futex_wait+0x1d1/0x3e0
[  405.598552][T17682]  ? __futex_wait+0x34f/0x3e0
[  405.598585][T17682]  __bpf_get_stack+0x3fc/0xa60
[  405.598618][T17682]  ? __pfx___bpf_get_stack+0x10/0x10
[  405.598640][T17682]  ? __lock_acquire+0xab9/0xd20
[  405.598680][T17682]  bpf_get_stack+0x33/0x50
[  405.598713][T17682]  ? bpf_prog_b8a90dd1efcc4ad9+0x46/0x4e
[  405.598735][T17682]  bpf_get_stack_raw_tp+0x1a9/0x220
[  405.598769][T17682]  bpf_prog_b8a90dd1efcc4ad9+0x46/0x4e
[  405.598791][T17682]  bpf_prog_run_pin_on_cpu+0xbc/0x150
[  405.598832][T17682]  bpf_prog_test_run_syscall+0x312/0x4b0
[  405.598871][T17682]  ? __pfx_bpf_prog_test_run_syscall+0x10/0x10
[  405.598905][T17682]  ? __fget_files+0x2a/0x420
[  405.598938][T17682]  ? __pfx_bpf_prog_test_run_syscall+0x10/0x10
[  405.598974][T17682]  bpf_prog_test_run+0x2c4/0x340
[  405.599013][T17682]  __sys_bpf+0x581/0x870
[  405.599045][T17682]  ? __pfx___sys_bpf+0x10/0x10
[  405.599099][T17682]  ? rcu_is_watching+0x15/0xb0
[  405.599148][T17682]  __x64_sys_bpf+0x7c/0x90
[  405.599178][T17682]  do_syscall_64+0xfa/0x3b0
[  405.599209][T17682]  ? lockdep_hardirqs_on+0x9c/0x150
[  405.599241][T17682]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  405.599263][T17682]  ? clear_bhb_loop+0x60/0xb0
[  405.599292][T17682]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  405.599313][T17682] RIP: 0033:0x7fc23ed8e9a9
[  405.599333][T17682] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  405.599353][T17682] RSP: 002b:00007fc23fb1d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  405.599377][T17682] RAX: ffffffffffffffda RBX: 00007fc23efb5fa0 RCX: 00007fc23ed8e9a9
[  405.599393][T17682] RDX: 000000000000000c RSI: 00002000000004c0 RDI: 000000000000000a
[  405.599408][T17682] RBP: 00007fc23ee10d69 R08: 0000000000000000 R09: 0000000000000000
[  405.599422][T17682] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  405.599435][T17682] R13: 0000000000000000 R14: 00007fc23efb5fa0 R15: 00007fffb85fe328
[  405.599471][T17682]  </TASK>